High CPU Temps Performance Issue

dee25 · Jul 10, 2017

My work space became a bazillion degrees this past spring. I couldn't get anywork done, and noticed my temps reaching 75c. I ran spybot/clamwin/symantec, added a new cpu cooler, new case fans, and a new cpu rated at 50w. Temps are around 33c currently. With the new CPU it's much easier to feel there is an issue with my system.

I see high DPC count in LatencyMon with high pagefault. In process explorer I noticed high interrupts - hardware interrupts and DPC's. I tried to update all drivers reportedly. I am suspicious of csrss.exe - client server runtime process, using much cpu/gpu processes. Once solved, I think I should be back to normal operations. A second 80mm fan will be added in the back, while the top will be enlarged to 120mm. At this time I should be seeing around 25c during idle. Let's see what happens!

SecurityCheck

Results of screen317's Security Check version 1.014 --- 12/23/15
Windows 7 Service Pack 1 x64
Internet Explorer 11
``````````````Antivirus/Firewall Check:``````````````
Windows Firewall Enabled!
Symantec Endpoint Protection
WMI entry may not exist for antivirus; attempting automatic update.
`````````Anti-malware/Other Utilities Check:`````````
MVPS Hosts File
Spybot - Search & Destroy
Java 8 Update 131
Java 7 Update 21
Java version 32-bit out of Date!
Adobe Flash Player 26.0.0.131
Mozilla Firefox (53.0)
Mozilla Thunderbird (45.7.0)
Google Chrome (59.0.3071.115)
Google Chrome (SetupMetrics...)
````````Process Check: objlist.exe by Laurent````````
Norton ccSvcHst.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: 27% Defragment your hard drive soon! (Do NOT defrag if SSD!)
````````````````````End of Log``````````````````````

dee25 · Jul 10, 2017

FRST

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 08-07-2017Ran by owner (administrator) on DEE25-PC (10-07-2017 19:38:18)
Running from C:\Users\owner\Downloads
Loaded Profiles: owner & Admin (Available Profiles: owner & Admin)
Platform: Windows 7 Ultimate Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: FRST Tutorial - How to use Farbar Recovery Scan Tool - Malware Removal Guides and Tutorials

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Logitech Inc.) C:\Program Files (x86)\Common Files\LogiShrd\LVMVFM\UMVPFSrv.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsusFanControlService\1.02.00\AsusFanControlService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe
(Code 42 Software) C:\Program Files\CrashPlan\CrashPlanService.exe
(Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(Binary Fortress Software) C:\Development\Modifications\DisplayFusion\DisplayFusionService.exe
(ArcticLine Software) C:\Development\Modifications\FileMarker.NET\FileMarkerService.exe
(Logitech Inc.) C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
(Techsoft) C:\Windows\System32\mfsyncsv.exe
(Logitech Inc.) C:\Program Files (x86)\Common Files\LogiShrd\LVMVFM\LVPrS64H.exe
(Samsung Electronics Co., Ltd.) C:\Windows\System32\RAPID\SamsungRapidSvc.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\12.1.2015.2015.105\Bin\ccSvcHst.exe
() C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\12.1.2015.2015.105\Bin64\Smc.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\12.1.2015.2015.105\Bin\ccSvcHst.exe
(ASUSTeK Computer Inc.) C:\Development\ASUS\AI Suite II\DIGI+ Power Control\PowerControlHelp.exe
(ASUSTeK Computer Inc.) C:\Development\ASUS\AI Suite II\AsRoutineController.exe
(ASUSTeK Computer Inc.) C:\Development\ASUS\AI Suite II\Remote GO!\AssistTools\WiFi GO! Server.exe
(Box, Inc.) C:\Program Files\Box\Box Sync\BoxSync.exe
(IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe
(Microsoft Corporation) C:\Program Files\Microsoft IntelliPoint\ipoint.exe
(Techsoft) C:\Cloud\MirrorFolder\mrfshl.exe
(Samsung Electronics Co., Ltd.) C:\Development\Samsung\RAPID\CacheFilter\SamsungRapidApp.exe
(ASUSTeK Computer Inc.) C:\Development\ASUS\AI Suite II\EPU\EPUHelp.exe
(ownCloud) C:\Cloud\ownCloud\owncloud.exe
(Binary Fortress Software) C:\Development\Modifications\DisplayFusion\DisplayFusion.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleIEDAV.exe
(Spotify Ltd) C:\Users\owner\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\BrYNSvc.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Apple, Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\secd.exe
(Samsung Electronics Co. Ltd.) C:\Development\Samsung\Samsung Magician\SamsungMagician.exe
(ASUSTeK Computer Inc.) C:\Development\ASUS\AI Suite II\AI Suite II.exe
(Binary Fortress Software) C:\Development\Modifications\DisplayFusion\DisplayFusionHookAppWIN6064.exe
(Binary Fortress Software) C:\Development\Modifications\DisplayFusion\DisplayFusionHookAppWIN6032.exe
() C:\Program Files\Box\Box Sync\BoxSyncMonitor.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(ASUSTeK Computer Inc.) C:\Development\ASUS\AI Suite II\Sensor\AlertHelper\AlertHelper.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe
(Sysinternals - www.sysinternals.com) C:\Development\Monitors\Process Explorer\procexp64.exe
(Microsoft Corporation) C:\Development\EMET 5.5\EMET_Service.exe
(Microsoft Corporation) C:\Development\EMET 5.5\EMET_Agent.exe
(Resplendence Software Projects Sp.) C:\Development\LatencyMon\LatMon.exe
(Advanced Micro Devices, Inc.) C:\AMD\radeon-crimson-relive-17.7.1-minimalsetup-170710_64bit\Bin64\RadeonInstaller.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\acrobat_sl.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wowreg32.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wowreg32.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wowreg32.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe

==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [BoxSync] => C:\Program Files\Box\Box Sync\BoxSync.exe [5077352 2017-06-21] (Box, Inc.)
HKLM\...\Run: [Fences] => C:\Development\Modifications\Stardock\Fences\Fences.exe [3990488 2016-09-15] (Stardock Corporation)
HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [158208 2015-12-02] (IvoSoft)
HKLM\...\Run: [IntelliPoint] => C:\Program Files\Microsoft IntelliPoint\ipoint.exe [2417032 2011-08-01] (Microsoft Corporation)
HKLM\...\Run: [CrashPlanTray] => C:\Program Files\CrashPlan\CrashPlanTray.exe [462808 2017-06-08] (Code 42 Software, Inc.)
HKLM\...\Run: [MirrorFolderShell] => C:\Cloud\MirrorFolder\mrfshl.exe [316208 2016-10-06] (Techsoft)
HKLM\...\Run: [SamsungRapidApp] => C:\Development\Samsung\RAPID\CacheFilter\SamsungRapidApp.exe [123800 2016-11-18] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [3486520 2017-06-26] (Dropbox, Inc.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [4513792 2014-05-22] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-03-15] (Oracle Corporation)
HKLM-x32\...\Run: [ASUS AiChargerPlus Execute] => C:\Program Files (x86)\InstallShield Installation Information\{E6931688-DA2B-4E16-8539-3D323D69C677}\AiChargerPlus.exe [550272 2013-01-28] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [ASUS WiFi GO! FileTransfer Execute] => C:\Development\ASUS\AI Suite II\Remote GO!\AssistTools\WiFile\WiFileTransfer.exe [1391416 2013-06-21] (ASUSTeK Computer Inc.)
HKLM-x32\...\RunOnce: [AsIORebootFlag] => [X]
HKLM-x32\...\RunOnce: [MBAP_REBOOT] => [X]
HKLM-x32\...\RunOnce: [AiChargerPlusDriver_Ins] => [X]
HKLM\...\Policies\Explorer: [NoWebServices] 1
HKLM\...\Policies\Explorer: [NoOnlinePrintsWizard] 1
HKLM\...\Policies\Explorer: [DisableLocalMachineRunOnce] 1
HKLM\...\Policies\Explorer: [NoAutorun] 1
HKLM\...\Policies\Explorer: [PreXPSP2ShellProtocolBehavior] 0
HKLM\...\Policies\Explorer: [NoInternetOpenWith] 1
HKLM\...\Policies\Explorer: [NoPublishingWizard] 1
HKU\S-1-5-21-3726862377-2586928099-1968672737-1000\...\Run: [ownCloud] => C:\Cloud\ownCloud\owncloud.exe [1991680 2017-05-08] (ownCloud)
HKU\S-1-5-21-3726862377-2586928099-1968672737-1000\...\Run: [DisplayFusion] => C:\Development\Modifications\DisplayFusion\DisplayFusion.exe [9161720 2016-12-23] (Binary Fortress Software)
HKU\S-1-5-21-3726862377-2586928099-1968672737-1000\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [23819304 2017-03-21] (Google)
HKU\S-1-5-21-3726862377-2586928099-1968672737-1000\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2017-01-17] (Apple Inc.)
HKU\S-1-5-21-3726862377-2586928099-1968672737-1000\...\Run: [iCloudDrive] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [110392 2017-01-17] (Apple Inc.)
HKU\S-1-5-21-3726862377-2586928099-1968672737-1000\...\Run: [AppleIEDAV] => C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleIEDAV.exe [1091384 2016-12-20] (Apple Inc.)
HKU\S-1-5-21-3726862377-2586928099-1968672737-1000\...\Run: [Spotify Web Helper] => C:\Users\owner\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1562224 2017-06-24] (Spotify Ltd)
HKU\S-1-5-21-3726862377-2586928099-1968672737-1000\...\Run: [ClamWin] => C:\Development\ClamWin\bin\ClamTray.exe [86016 2016-03-19] (alch)
HKU\S-1-5-21-3726862377-2586928099-1968672737-1000\...\Run: [SpybotSD TeaTimer] => C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe [2260480 2009-03-05] (Safer-Networking Ltd.)
HKU\S-1-5-21-3726862377-2586928099-1968672737-1000\...\Policies\Explorer: [NolowDiskSpaceChecks] 1
HKU\S-1-5-21-3726862377-2586928099-1968672737-1000\...\MountPoints2: {043cb6bc-54f4-11e6-aa04-806e6f6e6963} - E:\.\Bin\ASSETUP.exe
HKU\S-1-5-21-3726862377-2586928099-1968672737-1000\...\MountPoints2: {6eaac46c-e274-11e6-a4d4-ac9e174e80ba} - G:\setup.exe
HKU\S-1-5-21-3726862377-2586928099-1968672737-1000\...\MountPoints2: {bdfc58ab-0f64-11e7-a29c-ac9e174e80ba} - F:\autorun.exe
HKU\S-1-5-21-3726862377-2586928099-1968672737-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Development\Modifications\DisplayFusion\DFSSaver.scr [5295104 2016-12-23] (Binary Fortress Software)
HKU\S-1-5-21-3726862377-2586928099-1968672737-500\...\Run: [CrashPlanTray] => C:\Users\Admin\AppData\Local\Programs\CrashPlan\CrashPlanTray.exe
HKU\S-1-5-21-3726862377-2586928099-1968672737-500\...\Run: [HP Officejet Pro 8600 (NET)] => C:\Program Files\HP\HP Officejet Pro 8600\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.)
HKU\S-1-5-21-3726862377-2586928099-1968672737-500\...\Run: [ownCloud] => C:\Cloud\ownCloud\owncloud.exe [1991680 2017-05-08] (ownCloud)
HKU\S-1-5-21-3726862377-2586928099-1968672737-500\...\Run: [DisplayFusion] => C:\Development\Modifications\DisplayFusion\DisplayFusion.exe [9161720 2016-12-23] (Binary Fortress Software)
HKU\S-1-5-21-3726862377-2586928099-1968672737-500\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [23819304 2017-03-21] (Google)
HKU\S-1-5-21-3726862377-2586928099-1968672737-500\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2017-01-17] (Apple Inc.)
HKU\S-1-5-21-3726862377-2586928099-1968672737-500\...\Run: [iCloudDrive] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [110392 2017-01-17] (Apple Inc.)
HKU\S-1-5-21-3726862377-2586928099-1968672737-500\...\Run: [AppleIEDAV] => C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleIEDAV.exe [1091384 2016-12-20] (Apple Inc.)
HKU\S-1-5-21-3726862377-2586928099-1968672737-500\...\Run: [Visual Subst] => C:\Users\owner\Downloads\VSubst_1.0.6-bin\VSubst.exe [139672 2008-02-02] (NTWind Software)
HKU\S-1-5-21-3726862377-2586928099-1968672737-500\...\Run: [Pushbullet] => C:\Apps\Pushbullet\pushbullet.exe [345600 2015-07-01] (Pushbullet inc)
HKU\S-1-5-21-3726862377-2586928099-1968672737-500\...\RunOnce: [Uninstall 17.3.6915.0529] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\owner\AppData\Local\Microsoft\OneDrive\17.3.6915.0529"
HKU\S-1-5-21-3726862377-2586928099-1968672737-500\...\Policies\Explorer: [NolowDiskSpaceChecks] 1
HKU\S-1-5-21-3726862377-2586928099-1968672737-500\...\MountPoints2: {043cb6bc-54f4-11e6-aa04-806e6f6e6963} - E:\.\Bin\ASSETUP.exe
HKU\S-1-5-21-3726862377-2586928099-1968672737-500\...\MountPoints2: {6eaac46c-e274-11e6-a4d4-ac9e174e80ba} - G:\setup.exe
HKU\S-1-5-21-3726862377-2586928099-1968672737-500\...\MountPoints2: {bdfc58ab-0f64-11e7-a29c-ac9e174e80ba} - F:\autorun.exe
HKU\S-1-5-18\Control Panel\Desktop\\SCRNSAVE.EXE ->
Startup: C:\Users\owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Startup\Send to OneNote.lnk [2017-07-09]
ShortcutTarget: Send to OneNote.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation)
Startup: C:\Users\owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Startup\Send to OneNote.lnk [2017-07-09]
ShortcutTarget: Send to OneNote.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation)
BootExecute: autocheck autochk * sdnclean64.exe
GroupPolicy: Restriction <==== ATTENTION
GroupPolicyScripts: Restriction <==== ATTENTION
GroupPolicyScripts\User: Restriction <==== ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings: [ProxySettingsPerUser] 1 <==== ATTENTION (Restriction - ProxySettings)
ProxyServer: [S-1-5-21-3726862377-2586928099-1968672737-1000] => localhost:8080
ProxyServer: [S-1-5-21-3726862377-2586928099-1968672737-500] => localhost:8080
Winsock: Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL => No File
Winsock: Catalog5 09 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL => No File
Winsock: Catalog5-x64 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL => No File
Winsock: Catalog5-x64 09 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL => No File
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{0CCAD66D-C8E8-494A-9334-1E5999F70010}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{E26FC17D-2ED2-40EB-AFC0-39F1EAF45DE3}: [DhcpNameServer] 192.168.2.1

Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION
BHO: Folder Options X -> {0AE87E97-08ED-4D43-ADA3-ADD3166FC4D2} -> C:\Development\Folder Options X\FolderOptions.dll [2012-06-23] (T800 Productions)
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2017-07-06] (Microsoft Corporation)
BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer64.dll [2016-07-30] (IvoSoft)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_131\bin\ssv.dll [2017-04-25] (Oracle Corporation)
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2016-10-01] (Adobe Systems Incorporated)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\URLREDIR.DLL [2017-07-06] (Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2017-07-06] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_131\bin\jp2ssv.dll [2017-04-25] (Oracle Corporation)
BHO: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_64.dll [2016-07-30] (IvoSoft)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2016-10-01] (Adobe Systems Incorporated)
BHO: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus64.dll [2015-09-22] (Eyeo GmbH)
BHO-x32: No Name -> {0AE87E97-08ED-4D43-ADA3-ADD3166FC4D2} -> No File
BHO-x32: No Name -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> No File
BHO-x32: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer32.dll [2016-07-30] (IvoSoft)
BHO-x32: Symantec Vulnerability Protection -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\12.1.2015.2015.105\bin\IPS\IPSBHO.DLL [2012-11-03] (Symantec Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\ssv.dll [2017-04-25] (Oracle Corporation)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2016-10-01] (Adobe Systems Incorporated)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\URLREDIR.DLL [2017-07-06] (Microsoft Corporation)
BHO-x32: No Name -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> No File
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\jp2ssv.dll [2017-04-25] (Oracle Corporation)
BHO-x32: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_32.dll [2016-07-30] (IvoSoft)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2016-10-01] (Adobe Systems Incorporated)
BHO-x32: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll [2015-09-22] (Eyeo GmbH)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2016-10-01] (Adobe Systems Incorporated)
Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2016-07-30] (IvoSoft)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2016-10-01] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2016-07-30] (IvoSoft)
IE Session Restore: HKU\S-1-5-21-3726862377-2586928099-1968672737-1000 -> is enabled.
IE Session Restore: HKU\S-1-5-21-3726862377-2586928099-1968672737-500 -> is enabled.
Handler-x32: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - C:\Program Files (x86)\Belarc\BelarcAdvisor\System\BAVoilaX.dll [2016-01-04] (Belarc, Inc.)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-07-06] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-07-06] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-07-06] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-07-06] (Microsoft Corporation)

FireFox:
========
FF DefaultProfile: 8p3sqmym.default
FF ProfilePath: C:\Users\owner\AppData\Roaming\Mozilla\Firefox\Profiles\8p3sqmym.default [2017-07-04]
FF Session Restore: Mozilla\Firefox\Profiles\8p3sqmym.default -> is enabled.
FF Extension: (Classic Theme Restorer) - C:\Users\owner\AppData\Roaming\Mozilla\Firefox\Profiles\8p3sqmym.default\Extensions\ClassicThemeRestorer@ArisT2Noia4dev.xpi [2017-04-28]
FF Extension: (Expire history by days) - C:\Users\owner\AppData\Roaming\Mozilla\Firefox\Profiles\8p3sqmym.default\Extensions\expire-history-by-days@bonardo.net.xpi [2017-03-30]
FF Extension: (FoxyScrobbler) - C:\Users\owner\AppData\Roaming\Mozilla\Firefox\Profiles\8p3sqmym.default\Extensions\foxyscrobbler@baluvaithinathan.com.xpi [2017-01-29]
FF Extension: (Pin It button) - C:\Users\owner\AppData\Roaming\Mozilla\Firefox\Profiles\8p3sqmym.default\Extensions\jid1-YcMV6ngYmQRA2w@jetpack.xpi [2016-10-05]
FF Extension: (Norwell History Tools) - C:\Users\owner\AppData\Roaming\Mozilla\Firefox\Profiles\8p3sqmym.default\Extensions\norvel@history.xpi [2017-03-30]
FF Extension: (Stylish) - C:\Users\owner\AppData\Roaming\Mozilla\Firefox\Profiles\8p3sqmym.default\Extensions\{46551EC9-40F0-4e47-8E18-8E5CF550CFB8}.xpi [2016-10-13]
FF Extension: (FT DeepDark) - C:\Users\owner\AppData\Roaming\Mozilla\Firefox\Profiles\8p3sqmym.default\Extensions\{77d2ed30-4cd2-11e0-b8af-0800200c9a66} [2017-05-01]
FF Extension: (Adobe Acrobat - Create PDF) - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn [2017-04-14]
FF ProfilePath: C:\Users\owner\AppData\Roaming\Mozilla\Firefox\Profiles\lsnbf8jy.dev-edition-default [2017-07-08]
FF Session Restore: Mozilla\Firefox\Profiles\lsnbf8jy.dev-edition-default -> is enabled.
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension.15@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_26_0_0_131.dll [2017-06-17] ()
FF Plugin: @java.com/DTPlugin,version=11.131.2 -> C:\Program Files\Java\jre1.8.0_131\bin\dtplugin\npDeployJava1.dll [2017-04-25] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.131.2 -> C:\Program Files\Java\jre1.8.0_131\bin\plugin2\npjp2.dll [2017-04-25] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2015-07-29] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_26_0_0_131.dll [2017-06-17] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1224194.dll [2016-02-19] (Adobe Systems, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=11.131.2 -> C:\Windows\SysWOW64\npDeployJava1.dll [2017-04-25] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.131.2 -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\plugin2\npjp2.dll [2017-04-25] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2017-05-28] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll [2017-03-28] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2015-07-29] (Adobe Systems)
FF Plugin HKU\S-1-5-21-3726862377-2586928099-1968672737-1000: @zoom.us/ZoomVideoPlugin -> C:\Users\owner\AppData\Roaming\Zoom\bin\npzoomplugin.dll [2017-01-25] (Zoom Video Communications, Inc.)
StartMenuInternet: Firefox-E9DA97F5F10C18F - C:\Development\Firefox Developer Edition\firefox.exe

Chrome:
=======
CHR DefaultProfile: Default
CHR NewTab: Default -> Active:"chrome-extension://laookkfknpbbblfpciffpaejjkokdgca/dashboard.html"
CHR DefaultSearchURL: Default -> hxxps://search.yahoo.com/search?p={searchTerms}&fr=dss_yset_chr__PARAM__
CHR DefaultSearchKeyword: Default -> Yahoo
CHR DefaultSuggestURL: Default -> hxxps://search.yahoo.com/sugg/ie?output=fxjson&command={searchTerms}&nResults=10
CHR Session Restore: Default -> is enabled.
CHR Profile: C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default [2017-07-10]
CHR Extension: (Yahoo Web) - C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\acjpdakpjonkfmggcmanlhdakfkhloii [2017-06-12]
CHR Extension: (YouTube) - C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\adnlfjpnmidfimlkaohpidplnoimahfh [2017-04-01]
CHR Extension: (iCloud) - C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\agedgfbdadefbodjkkkcpihgcmibpcff [2017-03-29]
CHR Extension: (Material Incognito Dark Theme) - C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\ahifcnpnjgbadkjdhagpfjfkmlapfoel [2017-06-07]
CHR Extension: (Flash Video Downloader) - C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aiimdkdngfcipjohbjenkahhlhccpdbc [2017-03-29]
CHR Extension: (BetterTTV) - C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajopnjidmegmdimjlfnijceegpefgped [2017-05-01]
CHR Extension: (Xmarks Bookmark Sync) - C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajpgkpeckebdhofmmjfgcjjiiejpodla [2017-03-29]
CHR Extension: (Number google search results) - C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\amkhhpnepgonbpgjoflhpnhjjipdgmab [2017-03-29]
CHR Extension: (Hacker News Highlighter) - C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\anknmonokijobdggekbkodmmaefckoob [2017-03-29]
CHR Extension: (FastMail: Fast, reliable email) - C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aokghgbpaapgekmffmngndjffcokkdgh [2017-03-29]
CHR Extension: (Google Drive) - C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-04-01]
CHR Extension: (Agar.io) - C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\apgkgfibiebjfdkcanlcnbbenofdeoip [2017-03-29]
CHR Extension: (Hacker News Enhancement Suite) - C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\bappiabcodbpphnojdiaddhnilfnjmpm [2017-03-29]
CHR Extension: (Regex Search) - C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\bcdabfmndggphffkchfdcekcokmbnkjl [2017-04-18]
CHR Extension: (TagPro Chat Enhancer) - C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\bffcbhifhdeaaialpegkdakkfjalofom [2017-03-30]
CHR Extension: (Squirt) - C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhahfnbdgffkcobfgkamlajfkflakfdb [2017-03-29]
CHR Extension: (Pandora) - C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmcbcfbcbofmmjigbigbeplbphlcnpbi [2017-03-29]
CHR Extension: (RSS Subscription Extension) - C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmjffnfcokiodbeiamclanljnaheeoke [2017-03-29]
CHR Extension: (DevTools Theme: Zero Dark Matrix) - C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\bomhdjeadceaggdgfoefmpeafkjhegbo [2017-06-29]
CHR Extension: (Pushbullet) - C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\chlffgpmiacpedhhbkiomidkjlcfhogd [2017-06-11]
CHR Extension: (Circularhub | Flyertown) - C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmkfcfhdpleoleonofgbkloikmenpgmh [2017-03-29]
CHR Extension: (Hacker News) - C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\cocinacogklpjoldpckjijokfbpfbccm [2017-03-29]
CHR Extension: (SoundCloud) - C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\cogncpmnihfpagflekafgfhbjahhjgee [2017-03-29]
CHR Extension: (FastMail: Fast, reliable email) - C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\confeenhjpkmbceaenohemhdbecmkjjb [2017-03-29]
CHR Extension: (Google Calendar - Month of Feb 2016) - C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\coohboghlolbhgjfnghkkddfmichcgmp [2017-03-29]
CHR Extension: (Rescroller) - C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\ddehdnnhjimbggeeenghijehnpakijod [2017-03-29]
CHR Extension: (Settings - Zoho Mail (jrschneier@zoho...) - C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhcdpfihbcinbnkodaiioddfcakjmlfp [2017-03-29]
CHR Extension: (Any.do) - C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhckiafmddpbajecepaaidjckpcfempi [2017-03-29]
CHR Extension: (Tampermonkey) - C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2017-06-12]
CHR Extension: (Google Tasks (by Google)) - C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\dmglolhoplikcoamfgjgammjbgchgjdd [2017-06-11]
CHR Extension: (Dropbox for Gmail) - C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\dpdmhfocilnekecfjgimjdeckachfbec [2017-03-29]
CHR Extension: (Session Buddy) - C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\edacconmaakjimmfgnblocblbcdcpbko [2017-07-03]
CHR Extension: (Family Friendly Content | Wimp.com) - C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\eenejmncfhgcpbpcibdjikbmmdjdplcj [2017-03-29]
CHR Extension: (Adobe Acrobat) - C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-03-29]
CHR Extension: (Inbox | FastMail) - C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\efcdjebfjjchcddjnpnjnfnjnmjnanjg [2017-03-29]
CHR Extension: (Amazon.com: Online Shopping for Elect...) - C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\eicbgcfajfmpllmbdfmnnpomnnedfbop [2017-03-29]
CHR Extension: (Dark Reader) - C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\eimadpbcbfnmbkopoojfekhnkhdbieeh [2017-03-29]
CHR Extension: (TagProReplays) - C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejbnakhldlocljfcglmeibhhdnmmcodh [2017-07-08]
CHR Extension: (Google Calendar) - C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejjicmeblgpmajnghnpcppodonldlgfn [2017-04-04]
CHR Extension: (Credit One Bank - Online Account Access) - C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\eoaocfaldckngifefolijeakahehmddp [2017-03-29]
CHR Extension: (Mail - Jonathan Schneider - Outlook) - C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\epfdiklifeepcjolakkcaeolohdiadlm [2017-03-29]
CHR Extension: (Stylish - Custom themes for any website) - C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjnbnpbmkenffdnngjfgmeleoegfcffe [2017-06-06]
CHR Extension: (Frameless for Pandora) - C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\fkmaghblbebdjdijddbnegchellgjhpl [2017-06-11]
CHR Extension: (Inoreader) - C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\fmajbmdokmecmpllfhcamihghgoablgg [2017-03-29]
CHR Extension: (Craigslist Night Mode Pro (Dark Theme)) - C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\fngbbgaahhcjkpljpdcpakilkglmpacl [2017-06-07]
CHR Extension: (questions to ask a kid - Google Search) - C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbnojoilkknlllaelpglnlbgdmpallno [2017-03-29]
CHR Extension: (Google Docs Offline) - C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-04-01]
CHR Extension: (Pandora) - C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghgomfkmjbcaaejngnngnnkoclaiglig [2017-03-29]
CHR Extension: (The Camelizer) - C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghnomdcacenbmilgjigehppbamfndblo [2017-03-29]
CHR Extension: (AdBlock) - C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2017-06-28]
CHR Extension: (Pinterest) - C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\glpcdlmagpenkpdgnjmfimanpcigbbhc [2017-03-29]
CHR Extension: (Google Calendar (by Google)) - C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmbgaklkmjakoegficnlkhebmhkjfich [2017-03-29]
CHR Extension: (Save to Google Drive) - C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmbmikajjgmnabiglmofipeabaddhgne [2017-03-29]
CHR Extension: (lynda.pitt.edu | University of Pittsb...) - C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\golphkojcamlldjmdgmlbgggcfbmpkeh [2017-03-29]
CHR Extension: (Pinterest Save Button) - C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpdjojdkbbmdfjfahjcgigfpmkopogic [2017-05-01]
CHR Extension: (Pandora) - C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\hedopifcickibdddkndbpbgkddinblcg [2017-03-29]
CHR Extension: (Last.fm Scrobbler) - C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\hhinaapppaileiechjoiifaancjggfjm [2017-06-28]
CHR Extension: (StumbleUpon - StumbleUpon) - C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\hiaepnhpmapcodpadnbmoibbnpkomiok [2017-03-29]
CHR Extension: (Google Calendar - Week of Jan 17, 2016) - C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\hjjijolbaalnimjhgecicfcpdgongcjl [2017-03-29]
CHR Extension: (DRUDGE REPORT 2016®) - C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\hkhipjkkihiicjeidmhelcgodcbmcamb [2017-03-29]
CHR Extension: ((10) Dashboard | Khan Academy) - C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\hkickcolfokoemklognjnaondhjhfklf [2017-03-29]
CHR Extension: (Google Keep - notes and lists) - C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmjkmjkepdijhoojdojkdfohbdgmmhki [2017-07-06]
CHR Extension: (Deluminate) - C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\iebboopaeangfpceklajfohhbpkkfiaa [2017-03-29]
CHR Extension: (Home — Last.fm) - C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\igldfljpdcopmamgfdfhkhlcopdfehak [2017-03-29]
CHR Extension: (Google Calendar - Week of Sep 4, 2016) - C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihcfedocpphbmelecjnicohcpbekakni [2017-03-29]
CHR Extension: (Reader View) - C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\iibolhpkjjmoepndefdmdlmbpfhlgjpl [2017-03-29]
CHR Extension: (HealthVault) - C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\inbjlpdahiaalcognmaaaaablpagpldm [2017-03-29]
CHR Extension: (Tumblr) - C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\ipjpimdglbifnmadajhnhmadbcjhkghg [2017-03-29]
CHR Extension: (Change Colors) - C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\jbmkekhehjedonbhoikhhkmlapalklgn [2017-03-29]
CHR Extension: (Google Calendar - Month of Jan 2016) - C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmkmnjfbjcgdckofagjdjdhfcmkacbok [2017-03-29]
CHR Extension: (FAJN605’s Music Profile — Users at La...) - C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbbehbklmbbiliefiepmobppohmemcen [2017-03-29]
CHR Extension: (Reddit Enhancement Suite) - C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbmfpngjjgdllneeigpgjifpgocmfgmb [2017-06-24]
CHR Extension: (The Old Reader) - C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\kchpghdclfmiahcoeohigdakcppnheal [2017-03-29]
CHR Extension: (lynda.com software training & tutoria...) - C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\kjgecejkeladiocgjfpooellgekemlkl [2017-03-29]
CHR Extension: (Reddit Hide Sidebar) - C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\kmhljmlnmkpkfidhceknegheeplgmngg [2017-05-15]
CHR Extension: (Gmail) - C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\kmhopmchchfpfdcdjodmpfaaphdclmlj [2017-03-29]
CHR Extension: (Momentum) - C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\laookkfknpbbblfpciffpaejjkokdgca [2017-07-05]
CHR Extension: (Instapaper) - C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\ldjkgaaoikpmhmkelcgkgacicjfbofhh [2017-03-29]
CHR Extension: (RadioEnhancer) - C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfijnebfkjdclmcedinoknekamigckii [2017-03-29]
CHR Extension: ((2304 unread) - jonrs57 - Yahoo Mail) - C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\lgdnfbfccglimdflhnejpkjmaodkneep [2017-03-29]
CHR Extension: (reddit: the front page of the internet) - C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\lgnggepjiihbfdbedefdhcffnmhcahbm [2017-03-29]
CHR Extension: (Beautiful Weather Graphs and Maps - W...) - C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmdmldjecchmfonmgkjcgblhkblgjifo [2017-03-29]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2017-03-29]
CHR Extension: (Extensions Manager (aka Switcher)) - C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\lpleipinonnoibneeejgjnoeekmbopbc [2017-03-29]
CHR Extension: (Google Calendar - Week of Nov 22, 2015) - C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\magmckgjjbnmlghmgmaigdmjgalaaifp [2017-03-29]
CHR Extension: (Bandcamp) - C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfmgbilkpckiegnjfpgnekakjacfkjca [2017-03-29]
CHR Extension: (Google Mail Checker) - C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff [2017-03-29]
CHR Extension: (TagPro Capture the Flag) - C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\mjmjebkieapibpoconhhfjafegoagoho [2017-03-29]
CHR Extension: (Following - Twitch) - C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlkifeehhcjahpokocfjnkdgfbbkmhcl [2017-03-29]
CHR Extension: (Talk radio, podcasts and live radio o...) - C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\naogjcefgkmeimmodhgagnlaohfocljk [2017-03-29]
CHR Extension: (Save to Pocket) - C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\niloccemoadcdkdjlinkgdfekeahmflj [2017-06-30]
CHR Extension: (TagPro) - C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\njfbcnfnfebbcookhiagobahebpkiioo [2017-03-29]
CHR Extension: (Chrome Web Store Payments) - C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-03-29]
CHR Extension: (Better History) - C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\obciceimmggglbmelaidpjlmodcebijb [2017-06-06]
CHR Extension: (Job Search | one search. all jobs. In...) - C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\ocndalckaopejonmpmceadpnpdeehdpf [2017-03-29]
CHR Extension: (TagPro Capture the Flag) - C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\odpnabdeninfdenkpgcjogiecfpkkgae [2017-03-29]
CHR Extension: (Checker Plus for Gmail™) - C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\oeopbcgkkoapgobdbedcemjljbihmemj [2017-07-02]
CHR Extension: (Trello) - C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\oflhioojkbelepjlnafgmgkkjhojphcg [2017-03-29]
CHR Extension: (Stylebot) - C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\oiaejidbmkiecgbjeifoejpgmdaleoha [2017-03-29]
CHR Extension: (Drudge Retort: The Other Side of the ...) - C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\omfjcplilgeoplpnpmlbfpdmlnjjhikc [2017-03-29]
CHR Extension: (Microsoft Office Online - Word, Excel...) - C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\palennhedgekbnbmokheidadmghcncgl [2017-03-29]
CHR Extension: (Outlook.com) - C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfpeapihoiogbcmdmnibeplnikfnhoge [2017-03-29]
CHR Extension: (Chrome Media Router) - C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-06-28]
CHR Extension: (Sunrise Calendar) - C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\plbmnkaebchbgijgejjfcpfpklbnbmik [2017-03-29]
CHR Extension: (RSS Feed Reader) - C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\pnjaodmkngahhkoihejjehlcdlnohgmp [2017-07-03]
CHR HKU\S-1-5-21-3726862377-2586928099-1968672737-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\owner\AppData\Local\Google\Drive\user_default\apdfllckaahabafndbhieahigkjlhalf_live.crx [2017-03-30]
CHR HKU\S-1-5-21-3726862377-2586928099-1968672737-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCChromeExtn\WCChromeExtn.crx [2017-03-28]

Opera:
=======
OPR Extension: (Stylish) - C:\Users\owner\AppData\Roaming\Opera Software\Opera Stable\Extensions\bofnhkejmonldphklejelehlhhoecceg [2017-01-16]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2246256 2017-05-18] (Adobe Systems, Incorporated)
R2 AMD FUEL Service; C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe [344064 2015-08-04] (Advanced Micro Devices, Inc.) [File not signed]
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe [920736 2014-03-12] ()
R2 asHmComSvc; C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe [951936 2014-03-12] (ASUSTeK Computer Inc.)
R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe [149120 2012-02-17] (ASUSTeK Computer Inc.)
R2 AsusFanControlService; C:\Program Files (x86)\ASUS\AsusFanControlService\1.02.00\AsusFanControlService.exe [1632256 2014-03-12] (ASUSTeK Computer Inc.) [File not signed]
S3 BoxSyncUpdateService; C:\Program Files\Box\Box Sync\SyncUpdaterService.exe [37264 2016-07-29] (Box, Inc.)
R3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [282112 2013-09-25] (Brother Industries, Ltd.) [File not signed]
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [4411592 2017-06-23] (Microsoft Corporation)
R2 CrashPlanService; C:\Program Files\CrashPlan\CrashPlanService.exe [267736 2017-06-08] (Code 42 Software)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-09-04] (Dropbox, Inc.)
S2 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-09-04] (Dropbox, Inc.)
R2 DbxSvc; C:\Windows\system32\DbxSvc.exe [49992 2017-06-26] (Dropbox, Inc.)
R2 DisplayFusionService; C:\Development\Modifications\DisplayFusion\DisplayFusionService.exe [5098008 2016-12-23] (Binary Fortress Software)
R2 EMET_Service; C:\Development\EMET 5.5\EMET_Service.exe [33448 2016-07-25] (Microsoft Corporation)
R2 FileMarkerApplyIconService; C:\Development\Modifications\FileMarker.NET\FileMarkerService.exe [717576 2013-11-01] (ArcticLine Software)
S3 fussvc; C:\Development\Microsoft SDKs\Windows\8.1\App Certification Kit\fussvc.exe [143872 2014-10-24] (Microsoft Corporation) [File not signed]
S4 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2960672 2016-07-20] (IObit)
R2 mfsyncsv; C:\Windows\system32\mfsyncsv.exe [253744 2016-10-06] (Techsoft)
S4 PlaysService; C:\Program Files (x86)\Raptr Inc\PlaysTV\plays_service.exe [32528 2016-08-02] (Plays.tv, LLC)
S4 PSI_SVC_2; C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe [277360 2014-04-30] (arvato digital services llc)
R2 SamsungRapidSvc; C:\Windows\System32\RAPID\SamsungRapidSvc.exe [29080 2016-11-18] (Samsung Electronics Co., Ltd.)
R2 SepMasterService; C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\12.1.2015.2015.105\Bin\ccSvcHst.exe [143928 2012-11-03] (Symantec Corporation)
R3 SmcService; C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\12.1.2015.2015.105\Bin64\Smc.exe [2294112 2012-11-03] (Symantec Corporation)
S4 SNAC; C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\12.1.2015.2015.105\Bin64\snac64.exe [334288 2012-11-03] (Symantec Corporation)
S3 Te.Service; C:\Development\Microsoft SDKs\Windows\8.1\Testing\Runtimes\TAEF\Wex.Services.exe [122368 2015-02-26] (Microsoft Corporation) [File not signed]
S4 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [7500048 2016-09-20] (TeamViewer GmbH)
S4 vmware-view-usbd; C:\Program Files (x86)\VMware\VMware Horizon View Client\bin\vmware-view-usbd.exe [1978584 2014-08-13] (VMware, Inc.)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S4 WMZuneComm; C:\Apps\Zune\WMZuneComm.exe [306400 2011-08-05] (Microsoft Corporation)
S4 wsnm; C:\Program Files (x86)\VMware\VMware Horizon View Client\wsnm\wsnm.exe [528600 2014-08-29] (VMware, Inc.)
S4 ZuneNetworkSvc; C:\Apps\Zune\ZuneNss.exe [8277728 2011-08-05] (Microsoft Corporation)
S4 ZuneWlanCfgSvc; C:\Apps\Zune\ZuneWlanCfgSvc.exe [467680 2011-08-05] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 AiChargerPlus; C:\Windows\SysWow64\drivers\AiChargerPlus.sys [14848 2013-01-28] (ASUSTek Computer Inc.)
R2 AODDriver4.3; C:\Program Files\AMD\ATI.ACE\Fuel\amd64\AODDriver2.sys [59616 2014-02-11] (Advanced Micro Devices)
R0 asahci64; C:\Windows\System32\DRIVERS\asahci64.sys [49760 2012-01-06] (Asmedia Technology)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2012-08-22] ()
R0 asstor64; C:\Windows\System32\DRIVERS\asstor64.sys [83792 2015-06-17] (Asmedia Technology)
R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [14464 2011-04-11] ()
S3 ASUSFILTER; C:\Windows\SysWow64\drivers\ASUSFILTER.sys [46152 2011-09-20] (MCCI Corporation)
R1 BHDrvx64; C:\ProgramData\Symantec\Symantec Endpoint Protection\12.1.2015.2015.105\Data\Definitions\BASHDefs\20170703.001\BHDrvx64.sys [1862784 2017-05-18] (Symantec Corporation)
R1 ccSettings_{3771A34D-2132-48EA-A486-D62ECDF9D553}; C:\Windows\System32\Drivers\SEP\0C0107DF\07DF.105\x64\ccSetx64.sys [168096 2012-11-03] (Symantec Corporation)
S3 danewFltr; C:\Windows\System32\drivers\danew.sys [12032 2010-03-23] (Razer (Asia-Pacific) Pte Ltd) [File not signed]
R3 dcdbas; C:\Windows\System32\DRIVERS\dcdbas64.sys [48464 2015-06-18] (Dell Inc.)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [508032 2017-06-30] (Symantec Corporation)
S3 epmntdrv; C:\Windows\system32\epmntdrv.sys [24056 2016-01-14] ()
S3 epmntdrv; C:\Windows\SysWOW64\epmntdrv.sys [21496 2016-01-14] ()
U3 EraserUtilDrv11720; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilDrv11720.sys [158336 2017-06-30] (Symantec Corporation)
S3 EuGdiDrv; C:\Windows\system32\EuGdiDrv.sys [10848 2016-07-11] ()
S3 EuGdiDrv; C:\Windows\SysWOW64\EuGdiDrv.sys [10208 2016-07-11] ()
R1 HWiNFO32; C:\Windows\system32\drivers\HWiNFO64A.SYS [27552 2017-07-08] (REALiX(tm))
R1 IDSVia64; C:\ProgramData\Symantec\Symantec Endpoint Protection\12.1.2015.2015.105\Data\Definitions\IPSDefs\20170707.011\IDSvia64.sys [1012864 2017-05-26] (Symantec Corporation)
R3 LVPr2M64; C:\Windows\System32\DRIVERS\LVPr2M64.sys [30232 2009-04-30] ()
S3 LVPr2Mon; C:\Windows\System32\DRIVERS\LVPr2M64.sys [30232 2009-04-30] ()
R0 mrfoldr; C:\Windows\System32\drivers\mrfoldr.sys [140896 2016-10-06] (Techsoft)
R3 NAVENG; C:\ProgramData\Symantec\Symantec Endpoint Protection\12.1.2015.2015.105\Data\Definitions\VirusDefs\20170710.008\ENG64.SYS [138880 2017-05-24] (Symantec Corporation)
R3 NAVEX15; C:\ProgramData\Symantec\Symantec Endpoint Protection\12.1.2015.2015.105\Data\Definitions\VirusDefs\20170710.008\EX64.SYS [2152064 2017-05-24] (Symantec Corporation)
R3 rspLLL; C:\Windows\System32\DRIVERS\rspLLL64.sys [26368 2015-07-13] (Resplendence Software Projects Sp.)
R0 SamsungRapidDiskFltr; C:\Windows\System32\DRIVERS\SamsungRapidDiskFltr.sys [272792 2016-11-18] (Samsung Electronics Co., Ltd.)
R0 SamsungRapidFSFltr; C:\Windows\System32\DRIVERS\SamsungRapidFSFltr.sys [111512 2016-11-18] (Samsung Electronics Co., Ltd.)
R1 SRTSP; C:\Windows\System32\Drivers\SEP\0C0107DF\07DF.105\x64\SRTSP64.SYS [776352 2012-11-03] (Symantec Corporation)
R1 SRTSPX; C:\Windows\System32\Drivers\SEP\0C0107DF\07DF.105\x64\SRTSPX64.SYS [37496 2012-11-03] (Symantec Corporation)
R3 STXIIService; C:\Windows\System32\drivers\STXII.sys [2736640 2014-02-18] (C-Media Inc)
S3 SyDvCtrl; C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\12.1.2015.2015.105\Bin64\SyDvCtrl64.sys [34352 2012-11-03] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\Drivers\SEP\0C0107DF\07DF.105\x64\SYMDS64.SYS [493216 2012-11-03] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\Drivers\SEP\0C0107DF\07DF.105\x64\SYMEFA64.SYS [1133216 2012-11-03] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [177312 2016-08-10] (Symantec Corporation)
R1 SymIRON; C:\Windows\System32\Drivers\SEP\0C0107DF\07DF.105\x64\Ironx64.SYS [224416 2012-11-03] (Symantec Corporation)
R1 SYMNETS; C:\Windows\System32\Drivers\SEP\0C0107DF\07DF.105\x64\SYMNETS.SYS [432800 2012-11-03] (Symantec Corporation)
R1 SysPlant; C:\Windows\System32\Drivers\SysPlant.sys [154904 2016-08-10] (Symantec Corporation)
R1 Teefer2; C:\Windows\System32\DRIVERS\Teefer.sys [95616 2012-11-03] (Symantec Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-07-10 19:38 - 2017-07-10 19:38 - 00055260 _____ C:\Users\owner\Downloads\FRST.txt
2017-07-10 19:37 - 2017-07-10 19:38 - 00000000 ____D C:\FRST
2017-07-10 19:37 - 2017-07-10 19:37 - 00000000 ____D C:\Windows\LastGood
2017-07-10 19:36 - 2017-07-10 19:36 - 02437120 _____ (Farbar) C:\Users\owner\Downloads\frst64.exe
2017-07-10 19:35 - 2017-07-10 19:35 - 00899584 _____ C:\Users\owner\Downloads\rgsa.exe
2017-07-10 19:31 - 2017-07-10 19:31 - 00000060 _____ C:\ProgramData\SoftwareUpdateTemp.xml
2017-07-10 19:29 - 2017-07-10 19:29 - 41315000 _____ (AMD Inc.) C:\Users\owner\Downloads\radeon-crimson-relive-17.7.1-minimalsetup-170710_64bit.exe
2017-07-10 19:23 - 2017-07-10 19:23 - 00000000 ___HD C:\OneDriveTemp
2017-07-10 19:11 - 2012-12-27 02:26 - 00107552 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RTNUninst64.dll
2017-07-10 19:11 - 2012-12-27 02:26 - 00074344 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RtNicProp64.dll
2017-07-09 20:16 - 2017-07-10 18:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Utilities
2017-07-09 20:15 - 2017-07-09 20:15 - 03959288 _____ (Martin Malík - REALiX ) C:\Users\owner\Downloads\hw64_554.exe
2017-07-09 16:38 - 2017-07-09 16:38 - 00041449 _____ C:\Users\owner\Desktop\My Baseline (2017- 7- 9).ptx
2017-07-08 21:51 - 2017-07-08 21:51 - 00027552 _____ (REALiX(tm)) C:\Windows\system32\Drivers\HWiNFO64A.SYS
2017-07-04 18:38 - 2017-07-04 18:38 - 09446336 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiumd64.dll
2017-07-04 18:38 - 2017-07-04 18:38 - 00522632 _____ C:\Windows\system32\GameManager64.dll
2017-07-04 18:38 - 2017-07-04 18:38 - 00185088 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiu9p64.dll
2017-07-04 18:37 - 2017-07-04 18:37 - 15728008 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\aticaldd64.dll
2017-07-04 18:37 - 2017-07-04 18:37 - 14318984 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\aticaldd.dll
2017-07-04 18:37 - 2017-07-04 18:37 - 01032072 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atiadlxy.dll
2017-07-04 18:37 - 2017-07-04 18:37 - 01032072 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atiadlxx.dll
2017-07-04 18:37 - 2017-07-04 18:37 - 00768904 _____ (AMD) C:\Windows\system32\atieclxx.exe
2017-07-04 18:37 - 2017-07-04 18:37 - 00544136 _____ (AMD) C:\Windows\system32\atitmm64.dll
2017-07-04 18:37 - 2017-07-04 18:37 - 00543112 _____ C:\Windows\system32\dgtrayicon.exe
2017-07-04 18:37 - 2017-07-04 18:37 - 00543112 _____ (AMD) C:\Windows\system32\atiesrxx.exe
2017-07-04 18:37 - 2017-07-04 18:37 - 00537992 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Rapidfire64.dll
2017-07-04 18:37 - 2017-07-04 18:37 - 00520584 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\atikmpag.sys
2017-07-04 18:37 - 2017-07-04 18:37 - 00475016 _____ C:\Windows\system32\atieah64.exe
2017-07-04 18:37 - 2017-07-04 18:37 - 00469384 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\Rapidfire.dll
2017-07-04 18:37 - 2017-07-04 18:37 - 00458632 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atidemgy.dll
2017-07-04 18:37 - 2017-07-04 18:37 - 00402312 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atiapfxx.exe
2017-07-04 18:37 - 2017-07-04 18:37 - 00356744 _____ C:\Windows\SysWOW64\GameManager32.dll
2017-07-04 18:37 - 2017-07-04 18:37 - 00349064 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\ATIODE.exe
2017-07-04 18:37 - 2017-07-04 18:37 - 00325512 _____ C:\Windows\SysWOW64\atieah32.exe
2017-07-04 18:37 - 2017-07-04 18:37 - 00194952 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atigktxx.dll
2017-07-04 18:37 - 2017-07-04 18:37 - 00182664 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\mantle64.dll
2017-07-04 18:37 - 2017-07-04 18:37 - 00161160 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\mantleaxl64.dll
2017-07-04 18:37 - 2017-07-04 18:37 - 00142216 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\mantle32.dll
2017-07-04 18:37 - 2017-07-04 18:37 - 00126344 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\mantleaxl32.dll
2017-07-04 18:37 - 2017-07-04 18:37 - 00124808 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiglpxx.dll
2017-07-04 18:37 - 2017-07-04 18:37 - 00124808 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiglpxx.dll
2017-07-04 18:37 - 2017-07-04 18:37 - 00114056 _____ (AMD) C:\Windows\system32\atimuixx.dll
2017-07-04 18:37 - 2017-07-04 18:37 - 00078728 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\aticalrt64.dll
2017-07-04 18:37 - 2017-07-04 18:37 - 00072072 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\aticalcl64.dll
2017-07-04 18:37 - 2017-07-04 18:37 - 00068488 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\aticalrt.dll
2017-07-04 18:37 - 2017-07-04 18:37 - 00067464 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\ATIODCLI.exe
2017-07-04 18:37 - 2017-07-04 18:37 - 00065416 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\aticalcl.dll
2017-07-04 18:37 - 2017-07-04 18:37 - 00060296 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\ati2erec.dll
2017-07-04 18:37 - 2017-07-04 18:37 - 00036232 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\RapidFireServer64.dll
2017-07-04 18:37 - 2017-07-04 18:37 - 00033672 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\RapidFireServer.dll
2017-07-04 18:36 - 2017-07-04 18:36 - 59237768 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\amdocl64.dll
2017-07-04 18:36 - 2017-07-04 18:36 - 46457736 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\amdocl.dll
2017-07-04 18:36 - 2017-07-04 18:36 - 36562312 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\atikmdag.sys
2017-07-04 18:36 - 2017-07-04 18:36 - 28797832 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\amdocl12cl64.dll
2017-07-04 18:36 - 2017-07-04 18:36 - 22739336 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\amdocl12cl.dll
2017-07-04 18:36 - 2017-07-04 18:36 - 14414072 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiumd6a.dll
2017-07-04 18:36 - 2017-07-04 18:36 - 10313608 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdvlk64.dll
2017-07-04 18:36 - 2017-07-04 18:36 - 09899912 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdmantle64.dll
2017-07-04 18:36 - 2017-07-04 18:36 - 07955848 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdmantle32.dll
2017-07-04 18:36 - 2017-07-04 18:36 - 02527624 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\amfrt64.dll
2017-07-04 18:36 - 2017-07-04 18:36 - 02189704 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\amfrt32.dll
2017-07-04 18:36 - 2017-07-04 18:36 - 00855432 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\amdlvr64.dll
2017-07-04 18:36 - 2017-07-04 18:36 - 00687496 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\amdlvr32.dll
2017-07-04 18:36 - 2017-07-04 18:36 - 00505736 _____ C:\Windows\system32\amdgfxinfo64.dll
2017-07-04 18:36 - 2017-07-04 18:36 - 00351624 _____ C:\Windows\SysWOW64\amdgfxinfo32.dll
2017-07-04 18:36 - 2017-07-04 18:36 - 00305544 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\amdacpksd.sys
2017-07-04 18:36 - 2017-07-04 18:36 - 00269704 _____ C:\Windows\system32\clinfo.exe
2017-07-04 18:36 - 2017-07-04 18:36 - 00185600 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\amdhcp64.dll
2017-07-04 18:36 - 2017-07-04 18:36 - 00159112 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atisamu64.dll
2017-07-04 18:36 - 2017-07-04 18:36 - 00154152 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\amdhcp32.dll
2017-07-04 18:36 - 2017-07-04 18:36 - 00128968 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdave64.dll
2017-07-04 18:36 - 2017-07-04 18:36 - 00124808 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atisamu32.dll
2017-07-04 18:36 - 2017-07-04 18:36 - 00121240 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atimpc64.dll
2017-07-04 18:36 - 2017-07-04 18:36 - 00121240 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdpcom64.dll
2017-07-04 18:36 - 2017-07-04 18:36 - 00112520 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2017-07-04 18:36 - 2017-07-04 18:36 - 00106248 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdave32.dll
2017-07-04 18:36 - 2017-07-04 18:36 - 00103304 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2017-07-04 18:36 - 2017-07-04 18:36 - 00092840 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atimpc32.dll
2017-07-04 18:36 - 2017-07-04 18:36 - 00092840 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdpcom32.dll
2017-07-04 18:35 - 2017-07-04 18:35 - 26831240 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atioglxx.dll
2017-07-04 18:35 - 2017-07-04 18:35 - 08471432 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdvlk32.dll
2017-07-04 18:35 - 2017-07-04 18:35 - 00166280 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amduve64.dll
2017-07-04 18:35 - 2017-07-04 18:35 - 00135560 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amduve32.dll
2017-07-04 18:35 - 2017-07-04 18:35 - 00082824 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdmcl64.dll
2017-07-04 18:35 - 2017-07-04 18:35 - 00066952 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdmmcl6.dll
2017-07-04 18:35 - 2017-07-04 18:35 - 00066440 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdmcl32.dll
2017-07-04 18:35 - 2017-07-04 18:35 - 00054664 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdmmcl.dll
2017-07-04 17:59 - 2017-07-04 17:59 - 00798552 _____ C:\Windows\SysWOW64\atiapfxx.blb
2017-07-04 17:59 - 2017-07-04 17:59 - 00798552 _____ C:\Windows\system32\atiapfxx.blb
2017-07-04 17:58 - 2017-07-04 17:58 - 03437632 _____ C:\Windows\system32\atiumd6a.cap
2017-07-04 17:53 - 2017-07-04 17:53 - 03471376 _____ C:\Windows\SysWOW64\atiumdva.cap
2017-07-04 12:49 - 2017-07-04 12:51 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy
2017-07-04 12:47 - 2017-07-04 12:48 - 16409960 _____ (Safer Networking Limited ) C:\Users\owner\Downloads\spybotsd162.exe
2017-07-04 11:29 - 2017-07-04 11:29 - 00368576 _____ C:\Windows\system32\ativvaxy_el_nd.dat
2017-07-03 22:47 - 2017-07-04 12:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tools Security
2017-07-03 22:47 - 2017-07-03 22:49 - 00000000 ____D C:\Users\owner\AppData\Roaming\.clamwin
2017-07-03 22:44 - 2017-07-03 22:45 - 120690586 _____ (alch ) C:\Users\owner\Downloads\clamwin-0.99.1-setup.exe
2017-07-03 20:32 - 2017-07-03 20:32 - 00000000 _____ C:\Users\owner\AppData\Local\{32CC8840-D407-4FDF-9077-54AEE6515CAD}
2017-07-03 20:32 - 2017-07-03 20:32 - 00000000 _____ C:\Users\owner\AppData\Local\{174E6EE2-8EF7-4E5D-8F64-269686E139BA}
2017-07-03 19:57 - 2017-07-03 19:57 - 00000000 _____ C:\Users\owner\AppData\Local\{8099176B-DFD6-4218-B7FE-EE26F272B780}
2017-07-03 18:39 - 2017-07-03 18:42 - 478915776 _____ (AMD Inc.) C:\Users\owner\Downloads\non-whql-win7-64bit-radeon-software-crimson-relive-17.6.2-june13.exe
2017-07-02 21:21 - 2017-07-02 21:21 - 00000000 ____D C:\Users\owner\AppData\Roaming\AMD
2017-07-02 21:20 - 2017-07-02 21:31 - 00000000 ____D C:\Users\owner\AppData\Roaming\obs-studio
2017-07-02 21:19 - 2017-07-02 21:19 - 00000949 _____ C:\Users\Public\Desktop\OBS Studio.lnk
2017-07-02 21:19 - 2017-07-02 21:19 - 00000000 ____D C:\ProgramData\Intel
2017-07-02 21:17 - 2017-07-02 21:18 - 113245088 _____ (obsproject.com) C:\Users\owner\Downloads\OBS-Studio-19.0.3-Full-Installer.exe
2017-07-02 18:05 - 2017-07-03 18:38 - 00225000 _____ C:\Users\owner\Downloads\radeon-crimson-relive-17.6.2-minimalsetup-170613_64bit.exe
2017-07-02 14:42 - 2017-06-19 19:14 - 25731584 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2017-07-02 14:42 - 2017-06-19 19:10 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2017-07-02 14:42 - 2017-06-19 18:43 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2017-07-02 14:42 - 2017-06-19 18:21 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2017-07-02 14:42 - 2017-06-19 18:09 - 20270592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2017-07-02 14:42 - 2017-06-19 18:00 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2017-07-02 14:42 - 2017-06-19 17:50 - 15252480 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2017-07-02 14:42 - 2017-06-19 17:29 - 13664256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2017-07-02 14:42 - 2017-06-16 11:29 - 02319872 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll
2017-07-02 14:42 - 2017-06-16 11:29 - 02222080 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll
2017-07-02 14:42 - 2017-06-16 11:29 - 00778240 _____ (Microsoft Corporation) C:\Windows\system32\mssvp.dll
2017-07-02 14:42 - 2017-06-16 11:29 - 00491520 _____ (Microsoft Corporation) C:\Windows\system32\mssph.dll
2017-07-02 14:42 - 2017-06-16 11:29 - 00288256 _____ (Microsoft Corporation) C:\Windows\system32\mssphtb.dll
2017-07-02 14:42 - 2017-06-16 11:29 - 00115200 _____ (Microsoft Corporation) C:\Windows\system32\mssitlb.dll
2017-07-02 14:42 - 2017-06-16 11:29 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\mssprxy.dll
2017-07-02 14:42 - 2017-06-16 11:29 - 00075264 _____ (Microsoft Corporation) C:\Windows\system32\msscntrs.dll
2017-07-02 14:42 - 2017-06-16 11:29 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\msshooks.dll
2017-07-02 14:42 - 2017-06-16 11:13 - 00591872 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe
2017-07-02 14:42 - 2017-06-16 11:12 - 00249856 _____ (Microsoft Corporation) C:\Windows\system32\SearchProtocolHost.exe
2017-07-02 14:42 - 2017-06-16 11:11 - 01549312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tquery.dll
2017-07-02 14:42 - 2017-06-16 11:11 - 01400320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssrch.dll
2017-07-02 14:42 - 2017-06-16 11:11 - 00666624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssvp.dll
2017-07-02 14:42 - 2017-06-16 11:11 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssph.dll
2017-07-02 14:42 - 2017-06-16 11:11 - 00197120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssphtb.dll
2017-07-02 14:42 - 2017-06-16 11:11 - 00113664 _____ (Microsoft Corporation) C:\Windows\system32\SearchFilterHost.exe
2017-07-02 14:42 - 2017-06-16 11:11 - 00104448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssitlb.dll
2017-07-02 14:42 - 2017-06-16 11:11 - 00059392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscntrs.dll
2017-07-02 14:42 - 2017-06-16 11:11 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssprxy.dll
2017-07-02 14:42 - 2017-06-16 11:00 - 00427520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchIndexer.exe
2017-07-02 14:42 - 2017-06-16 11:00 - 00164352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe
2017-07-02 14:42 - 2017-06-16 10:59 - 00086528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchFilterHost.exe
2017-07-02 14:42 - 2017-06-16 10:59 - 00009728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msshooks.dll
2017-07-02 14:42 - 2017-05-21 00:24 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2017-07-02 14:42 - 2017-05-21 00:06 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2017-07-02 14:42 - 2017-05-16 11:35 - 00986856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2017-07-02 14:42 - 2017-05-16 11:35 - 00265448 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2017-07-02 14:42 - 2017-05-16 11:30 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
2017-07-02 13:49 - 2017-07-02 13:49 - 00000000 ____D C:\Program Files\ATI Technologies
2017-07-02 13:48 - 2017-07-02 13:48 - 00016896 _____ (ASUS) C:\Windows\AsTaskSched.dll
2017-07-02 13:46 - 2017-07-02 13:46 - 00000000 ____D C:\Users\owner\Downloads\AMD_Chipset_XPVistaWin7_8_V8973_V901
2017-07-02 13:46 - 2011-02-25 02:25 - 00296320 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volsnap.sys
2017-07-02 13:43 - 2017-07-02 13:43 - 05500868 _____ C:\Users\owner\Downloads\Asmedia_USB3_XPVistaWin7-8-81_VER116120.zip
2017-07-02 13:43 - 2017-07-02 13:43 - 00000000 ____D C:\Users\owner\Downloads\Asmedia_USB3_XPVistaWin7-8-81_VER116120
2017-07-02 13:41 - 2017-07-02 13:46 - 944709898 _____ C:\Users\owner\Downloads\AMD_Chipset_XPVistaWin7_8_V8973_V901.zip
2017-07-02 12:35 - 2017-07-10 19:24 - 00003012 _____ C:\Windows\System32\Tasks\MSIAfterburner
2017-06-28 10:03 - 2017-06-28 10:03 - 00000218 _____ C:\Users\owner\AppData\Local\recently-used.xbel
2017-06-26 14:33 - 2017-06-26 14:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2017-06-26 10:29 - 2017-06-26 10:29 - 00264581 _____ C:\Users\owner\Downloads\Invoice.pdf
2017-06-26 06:27 - 2017-06-26 06:27 - 00049992 _____ (Dropbox, Inc.) C:\Windows\system32\DbxSvc.exe
2017-06-26 06:27 - 2017-06-26 06:27 - 00045640 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-stable.sys
2017-06-26 06:27 - 2017-06-26 06:27 - 00045640 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-dev.sys
2017-06-26 06:27 - 2017-06-26 06:27 - 00045640 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-canary.sys
2017-06-24 21:19 - 2017-06-24 21:19 - 00941841 _____ C:\Users\owner\Downloads\Video.MOV
2017-06-24 05:17 - 2017-06-24 05:17 - 00000000 ____D C:\Users\owner\Downloads\File-Export-2017-05-25-to-2017-06-24
2017-06-24 05:16 - 2017-06-24 05:16 - 00002023 _____ C:\Users\owner\Downloads\File-Export-2017-05-25-to-2017-06-24.zip
2017-06-24 01:58 - 2017-06-24 01:58 - 00000000 ____D C:\Users\owner\Downloads\mirror folder retail
2017-06-24 01:56 - 2016-10-06 10:36 - 00253744 _____ (Techsoft) C:\Windows\system32\mfsyncsv.exe
2017-06-24 01:55 - 2017-06-24 01:55 - 04123176 _____ (Techsoft ) C:\Users\owner\Downloads\mf51r.exe
2017-06-24 01:54 - 2017-06-24 01:54 - 00001432 _____ C:\Users\owner\Desktop\mirrorfolder.xml
2017-06-22 13:08 - 2017-06-22 13:08 - 00000000 ____D C:\Users\owner\AppData\Roaming\ArcticLine
2017-06-22 13:07 - 2017-06-22 13:07 - 01630600 _____ (ArcticLine Software ) C:\Users\owner\Downloads\FileMarker.NET_Free.exe
2017-06-22 04:46 - 2017-06-22 04:46 - 00951878 _____ C:\Windows\system32\amdicdxx.dat
2017-06-17 11:20 - 2017-06-17 11:20 - 01202184 _____ (Adobe Systems Incorporated) C:\Users\owner\Downloads\flashplayer26pp_xa_install.exe
2017-06-14 10:24 - 2017-06-14 10:24 - 00000241 _____ C:\Users\owner\Downloads\download.TXT
2017-06-14 10:24 - 2017-06-14 10:24 - 00000073 _____ C:\Users\owner\Downloads\download (5).CSV
2017-06-14 00:43 - 2017-07-02 11:57 - 00000000 _____ C:\Users\owner\AppData\initdebug.nfo
2017-06-14 00:43 - 2017-06-14 00:43 - 02143832 _____ C:\Users\owner\Downloads\instsf449.exe
2017-06-14 00:20 - 2017-07-02 11:57 - 00000045 _____ C:\Windows\SysWOW64\initdebug.nfo
2017-06-14 00:18 - 2017-06-14 00:18 - 03086696 _____ C:\Users\owner\Downloads\instspeedfan452.exe
2017-06-14 00:17 - 2017-06-14 00:17 - 00000000 ____D C:\ProgramData\Dell
2017-06-14 00:17 - 2011-07-04 12:34 - 00399296 _____ (Dell Inc.) C:\Windows\SysWOW64\dchbas32.dll
2017-06-14 00:17 - 2011-07-04 12:34 - 00325568 _____ (Dell Inc.) C:\Windows\hapint.exe
2017-06-14 00:17 - 2011-07-04 12:34 - 00284608 _____ (Dell Inc.) C:\Windows\SysWOW64\dchapi32.dll
2017-06-14 00:17 - 2011-07-04 12:34 - 00284608 _____ (Dell Inc.) C:\Windows\dchcfg32.exe
2017-06-14 00:17 - 2011-07-04 12:34 - 00243648 _____ (Dell Inc.) C:\Windows\SysWOW64\dchcfl32.dll
2017-06-14 00:17 - 2011-07-04 12:34 - 00108992 _____ (Dell Inc.) C:\Windows\dcmdev64.exe
2017-06-14 00:16 - 2017-06-14 00:16 - 15105552 _____ (Dell Inc.) C:\Users\owner\Downloads\2020_Network_Driver_T13T3_WN_8.2.612.2012_A01.EXE
2017-06-13 23:52 - 2017-06-13 23:52 - 00000000 ____D C:\ProgramData\ASUS OC Profiles
2017-06-13 22:42 - 2017-07-10 19:30 - 00000000 ____D C:\AMD
2017-06-13 22:33 - 2017-06-13 22:33 - 03100584 _____ (PassMark Software ® ) C:\Users\owner\Downloads\wirelessmon_WP89BD7421.exe
2017-06-13 22:00 - 2017-06-13 22:00 - 00000000 ____D C:\Windows\system32\RAPID
2017-06-13 22:00 - 2016-11-18 19:04 - 00272792 _____ (Samsung Electronics Co., Ltd.) C:\Windows\system32\Drivers\SamsungRapidDiskFltr.sys
2017-06-13 21:56 - 2017-06-13 21:56 - 00003656 _____ C:\Windows\System32\Tasks\SSDlife
2017-06-13 21:41 - 2017-06-13 21:41 - 00003246 _____ C:\Windows\System32\Tasks\SamsungMagician
2017-06-13 21:41 - 2017-06-13 21:41 - 00000000 ____D C:\ProgramData\Samsung
2017-06-13 21:40 - 2017-06-13 21:40 - 13944028 _____ C:\Users\owner\Downloads\Samsung_Magician_Installer.zip
2017-06-13 21:40 - 2017-06-13 21:40 - 00000000 ____D C:\Users\owner\Downloads\Samsung_Magician_Installer
2017-06-13 21:37 - 2017-07-10 19:23 - 00000000 ____D C:\ProgramData\TEMP
2017-06-13 21:37 - 2017-06-13 21:37 - 00002013 _____ C:\Users\Public\Desktop\SSDlife Pro.lnk
2017-06-13 21:37 - 2017-06-13 21:37 - 00000000 ____D C:\ProgramData\Binarysense
2017-06-13 21:36 - 2017-06-13 21:36 - 04816896 _____ C:\Users\owner\Downloads\SSDlife Pro 2.5.82.msi
2017-06-13 21:28 - 2017-02-15 02:51 - 00000000 ____D C:\Users\owner\Downloads\Driver_Win8
2017-06-13 21:28 - 2017-02-15 02:50 - 00000000 ____D C:\Users\owner\Downloads\Driver_Win10
2017-06-13 21:28 - 2017-02-15 02:47 - 00000000 ____D C:\Users\owner\Downloads\Driver
2017-06-13 21:28 - 2016-12-26 03:21 - 00007986 _____ C:\Users\owner\Downloads\readme.txt
2017-06-13 21:28 - 2016-12-26 03:06 - 08301432 _____ (Asmedia Technology) C:\Users\owner\Downloads\setup.exe
2017-06-13 21:24 - 2017-06-13 21:26 - 08852071 _____ (Igor Pavlov) C:\Users\owner\Downloads\asmedia_usb3_1.16.42.1(www.station-drivers.com).exe
2017-06-13 21:19 - 2017-06-24 04:38 - 00000000 _____ C:\Windows\Path.idx
2017-06-13 21:14 - 2017-07-10 19:24 - 01048576 _____ C:\Windows\PE_Rom.dll
2017-06-13 21:14 - 2017-06-13 21:14 - 00000000 ____D C:\ProgramData\ASUS PowerControl Profiles
2017-06-13 21:00 - 2017-06-13 21:00 - 00000000 ____D C:\Program Files\ASUS
2017-06-13 21:00 - 2011-09-20 00:25 - 00046152 _____ (MCCI Corporation) C:\Windows\SysWOW64\Drivers\ASUSFILTER.sys
2017-06-13 20:50 - 2017-06-13 20:50 - 00000000 ____D C:\Users\owner\AppData\Roaming\app documents\ASUS Remote GO!
2017-06-13 20:50 - 2017-04-25 07:00 - 00908352 _____ (Oracle Corporation) C:\Windows\SysWOW64\npDeployJava1.dll
2017-06-13 20:50 - 2017-04-25 07:00 - 00826432 _____ (Oracle Corporation) C:\Windows\SysWOW64\deployJava1.dll
2017-06-13 20:50 - 2017-04-25 07:00 - 00268864 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2017-06-13 20:50 - 2017-04-25 07:00 - 00191552 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2017-06-13 20:50 - 2017-04-25 07:00 - 00191040 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2017-06-13 20:49 - 2017-06-13 20:50 - 00001691 _____ C:\Users\Public\Desktop\Remote GO!.lnk
2017-06-13 20:46 - 2017-06-13 20:46 - 00000000 _____ C:\Windows\SysWOW64\Drivers\1043_ASUSTeK_M5A99FX PRO R2.0.alu
2017-06-13 20:40 - 2013-02-20 23:40 - 00032840 _____ (NT Kernel Resources) C:\Windows\system32\Drivers\ndisrd.sys
2017-06-13 20:40 - 2011-04-11 22:03 - 00014464 _____ C:\Windows\SysWOW64\Drivers\AsUpIO.sys
2017-06-13 20:37 - 2017-06-13 20:37 - 00338500 _____ C:\Users\owner\Downloads\20120109_FWUpg1130.zip
2017-06-13 20:36 - 2017-06-02 04:10 - 00733696 _____ (Microsoft Corporation) C:\Windows\HelpPane.exe
2017-06-13 20:36 - 2017-05-21 00:28 - 00154856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2017-06-13 20:36 - 2017-05-21 00:28 - 00095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2017-06-13 20:36 - 2017-05-21 00:24 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2017-06-13 20:36 - 2017-05-21 00:24 - 01212928 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2017-06-13 20:36 - 2017-05-21 00:24 - 00730624 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2017-06-13 20:36 - 2017-05-21 00:24 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2017-06-13 20:36 - 2017-05-21 00:24 - 00463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2017-06-13 20:36 - 2017-05-21 00:24 - 00345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2017-06-13 20:36 - 2017-05-21 00:24 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2017-06-13 20:36 - 2017-05-21 00:24 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2017-06-13 20:36 - 2017-05-21 00:24 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2017-06-13 20:36 - 2017-05-21 00:24 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2017-06-13 20:36 - 2017-05-21 00:24 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2017-06-13 20:36 - 2017-05-21 00:24 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2017-06-13 20:36 - 2017-05-21 00:24 - 00123904 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
2017-06-13 20:36 - 2017-05-21 00:24 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2017-06-13 20:36 - 2017-05-21 00:24 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2017-06-13 20:36 - 2017-05-21 00:24 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2017-06-13 20:36 - 2017-05-21 00:24 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2017-06-13 20:36 - 2017-05-21 00:24 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2017-06-13 20:36 - 2017-05-21 00:24 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2017-06-13 20:36 - 2017-05-21 00:06 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2017-06-13 20:36 - 2017-05-21 00:06 - 00666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2017-06-13 20:36 - 2017-05-21 00:06 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2017-06-13 20:36 - 2017-05-21 00:06 - 00342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2017-06-13 20:36 - 2017-05-21 00:06 - 00261120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2017-06-13 20:36 - 2017-05-21 00:06 - 00254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2017-06-13 20:36 - 2017-05-21 00:06 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2017-06-13 20:36 - 2017-05-21 00:06 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2017-06-13 20:36 - 2017-05-21 00:06 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2017-06-13 20:36 - 2017-05-21 00:06 - 00141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2017-06-13 20:36 - 2017-05-21 00:06 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2017-06-13 20:36 - 2017-05-21 00:06 - 00082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcrypt.dll
2017-06-13 20:36 - 2017-05-21 00:06 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2017-06-13 20:36 - 2017-05-21 00:06 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2017-06-13 20:36 - 2017-05-21 00:06 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2017-06-13 20:36 - 2017-05-21 00:06 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2017-06-13 20:36 - 2017-05-20 23:55 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2017-06-13 20:36 - 2017-05-20 23:48 - 00291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2017-06-13 20:36 - 2017-05-20 23:48 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2017-06-13 20:36 - 2017-05-20 23:48 - 00129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2017-06-13 20:36 - 2017-05-20 23:47 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2017-06-13 20:36 - 2017-05-20 23:46 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2017-06-13 20:36 - 2017-05-20 23:42 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2017-06-13 20:36 - 2017-05-16 14:19 - 00394448 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2017-06-13 20:36 - 2017-05-16 13:35 - 00346320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2017-06-13 20:36 - 2017-05-14 16:46 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2017-06-13 20:36 - 2017-05-14 16:28 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2017-06-13 20:36 - 2017-05-14 16:27 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2017-06-13 20:36 - 2017-05-14 16:27 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2017-06-13 20:36 - 2017-05-14 16:27 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2017-06-13 20:36 - 2017-05-14 16:26 - 00576512 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2017-06-13 20:36 - 2017-05-14 16:24 - 02899456 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2017-06-13 20:36 - 2017-05-14 16:17 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2017-06-13 20:36 - 2017-05-14 16:16 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2017-06-13 20:36 - 2017-05-14 16:10 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2017-06-13 20:36 - 2017-05-14 16:10 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2017-06-13 20:36 - 2017-05-14 16:10 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2017-06-13 20:36 - 2017-05-14 16:10 - 00116224 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2017-06-13 20:36 - 2017-05-14 16:01 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2017-06-13 20:36 - 2017-05-14 15:57 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2017-06-13 20:36 - 2017-05-14 15:55 - 05975040 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2017-06-13 20:36 - 2017-05-14 15:48 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2017-06-13 20:36 - 2017-05-14 15:47 - 00087552 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2017-06-13 20:36 - 2017-05-14 15:46 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2017-06-13 20:36 - 2017-05-14 15:42 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2017-06-13 20:36 - 2017-05-14 15:41 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2017-06-13 20:36 - 2017-05-14 15:38 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2017-06-13 20:36 - 2017-05-14 15:36 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2017-06-13 20:36 - 2017-05-14 15:23 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2017-06-13 20:36 - 2017-05-14 15:23 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2017-06-13 20:36 - 2017-05-14 15:22 - 00499200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2017-06-13 20:36 - 2017-05-14 15:22 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2017-06-13 20:36 - 2017-05-14 15:22 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2017-06-13 20:36 - 2017-05-14 15:21 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2017-06-13 20:36 - 2017-05-14 15:20 - 00725504 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2017-06-13 20:36 - 2017-05-14 15:19 - 00806912 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2017-06-13 20:36 - 2017-05-14 15:18 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2017-06-13 20:36 - 2017-05-14 15:17 - 02132992 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2017-06-13 20:36 - 2017-05-14 15:16 - 02290176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2017-06-13 20:36 - 2017-05-14 15:15 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2017-06-13 20:36 - 2017-05-14 15:14 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2017-06-13 20:36 - 2017-05-14 15:11 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2017-06-13 20:36 - 2017-05-14 15:10 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2017-06-13 20:36 - 2017-05-14 15:10 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2017-06-13 20:36 - 2017-05-14 15:02 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2017-06-13 20:36 - 2017-05-14 14:57 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2017-06-13 20:36 - 2017-05-14 14:57 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2017-06-13 20:36 - 2017-05-14 14:56 - 00091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2017-06-13 20:36 - 2017-05-14 14:53 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2017-06-13 20:36 - 2017-05-14 14:52 - 03240960 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2017-06-13 20:36 - 2017-05-14 14:52 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2017-06-13 20:36 - 2017-05-14 14:50 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2017-06-13 20:36 - 2017-05-14 14:49 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2017-06-13 20:36 - 2017-05-14 14:44 - 04549120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2017-06-13 20:36 - 2017-05-14 14:42 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2017-06-13 20:36 - 2017-05-14 14:40 - 00693248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2017-06-13 20:36 - 2017-05-14 14:39 - 02057216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2017-06-13 20:36 - 2017-05-14 14:38 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2017-06-13 20:36 - 2017-05-14 14:37 - 01544704 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2017-06-13 20:36 - 2017-05-14 14:27 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2017-06-13 20:36 - 2017-05-14 14:15 - 02767872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2017-06-13 20:36 - 2017-05-14 14:11 - 01314816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2017-06-13 20:36 - 2017-05-14 14:11 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2017-06-13 20:36 - 2017-05-12 14:27 - 00631176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2017-06-13 20:36 - 2017-05-12 14:26 - 05547752 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2017-06-13 20:36 - 2017-05-12 14:26 - 00706792 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2017-06-13 20:36 - 2017-05-12 14:26 - 00382696 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2017-06-13 20:36 - 2017-05-12 14:24 - 01732864 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2017-06-13 20:36 - 2017-05-12 14:22 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2017-06-13 20:36 - 2017-05-12 14:22 - 00880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2017-06-13 20:36 - 2017-05-12 14:22 - 00806912 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2017-06-13 20:36 - 2017-05-12 14:22 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2017-06-13 20:36 - 2017-05-12 14:22 - 00419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2017-06-13 20:36 - 2017-05-12 14:22 - 00405504 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2017-06-13 20:36 - 2017-05-12 14:22 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2017-06-13 20:36 - 2017-05-12 14:22 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2017-06-13 20:36 - 2017-05-12 14:22 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2017-06-13 20:36 - 2017-05-12 14:22 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2017-06-13 20:36 - 2017-05-12 14:22 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2017-06-13 20:36 - 2017-05-12 14:22 - 00059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2017-06-13 20:36 - 2017-05-12 14:22 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2017-06-13 20:36 - 2017-05-12 14:22 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2017-06-13 20:36 - 2017-05-12 14:22 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2017-06-13 20:36 - 2017-05-12 14:22 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2017-06-13 20:36 - 2017-05-12 14:22 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2017-06-13 20:36 - 2017-05-12 14:22 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2017-06-13 20:36 - 2017-05-12 14:22 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2017-06-13 20:36 - 2017-05-12 14:22 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2017-06-13 20:36 - 2017-05-12 14:22 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2017-06-13 20:36 - 2017-05-12 14:22 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2017-06-13 20:36 - 2017-05-12 14:22 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2017-06-13 20:36 - 2017-05-12 14:22 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2017-06-13 20:36 - 2017-05-12 14:22 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2017-06-13 20:36 - 2017-05-12 14:22 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2017-06-13 20:36 - 2017-05-12 14:22 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2017-06-13 20:36 - 2017-05-12 14:22 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2017-06-13 20:36 - 2017-05-12 14:22 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2017-06-13 20:36 - 2017-05-12 14:22 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2017-06-13 20:36 - 2017-05-12 14:22 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2017-06-13 20:36 - 2017-05-12 14:22 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2017-06-13 20:36 - 2017-05-12 14:22 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2017-06-13 20:36 - 2017-05-12 14:22 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2017-06-13 20:36 - 2017-05-12 14:22 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2017-06-13 20:36 - 2017-05-12 14:22 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2017-06-13 20:36 - 2017-05-12 14:22 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2017-06-13 20:36 - 2017-05-12 14:22 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2017-06-13 20:36 - 2017-05-12 14:22 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2017-06-13 20:36 - 2017-05-12 14:22 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2017-06-13 20:36 - 2017-05-12 14:22 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2017-06-13 20:36 - 2017-05-12 14:22 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2017-06-13 20:36 - 2017-05-12 14:22 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2017-06-13 20:36 - 2017-05-12 14:22 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2017-06-13 20:36 - 2017-05-12 14:22 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2017-06-13 20:36 - 2017-05-12 14:22 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2017-06-13 20:36 - 2017-05-12 14:22 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2017-06-13 20:36 - 2017-05-12 14:22 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2017-06-13 20:36 - 2017-05-12 14:22 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2017-06-13 20:36 - 2017-05-12 14:07 - 04001000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2017-06-13 20:36 - 2017-05-12 14:07 - 03945704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2017-06-13 20:36 - 2017-05-12 14:07 - 00308456 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2017-06-13 20:36 - 2017-05-12 14:04 - 01314112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2017-06-13 20:36 - 2017-05-12 14:03 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2017-06-13 20:36 - 2017-05-12 14:03 - 00644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2017-06-13 20:36 - 2017-05-12 14:03 - 00629760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2017-06-13 20:36 - 2017-05-12 14:03 - 00313344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2017-06-13 20:36 - 2017-05-12 14:03 - 00275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2017-06-13 20:36 - 2017-05-12 14:03 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2017-06-13 20:36 - 2017-05-12 14:03 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2017-06-13 20:36 - 2017-05-12 14:03 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2017-06-13 20:36 - 2017-05-12 14:03 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2017-06-13 20:36 - 2017-05-12 14:03 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2017-06-13 20:36 - 2017-05-12 14:03 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2017-06-13 20:36 - 2017-05-12 14:03 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2017-06-13 20:36 - 2017-05-12 14:03 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2017-06-13 20:36 - 2017-05-12 14:03 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2017-06-13 20:36 - 2017-05-12 14:03 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2017-06-13 20:36 - 2017-05-12 14:03 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2017-06-13 20:36 - 2017-05-12 14:03 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2017-06-13 20:36 - 2017-05-12 14:03 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2017-06-13 20:36 - 2017-05-12 14:03 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2017-06-13 20:36 - 2017-05-12 14:03 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2017-06-13 20:36 - 2017-05-12 14:03 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2017-06-13 20:36 - 2017-05-12 14:03 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2017-06-13 20:36 - 2017-05-12 14:03 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2017-06-13 20:36 - 2017-05-12 14:03 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2017-06-13 20:36 - 2017-05-12 14:03 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2017-06-13 20:36 - 2017-05-12 14:03 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2017-06-13 20:36 - 2017-05-12 14:03 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2017-06-13 20:36 - 2017-05-12 14:03 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2017-06-13 20:36 - 2017-05-12 14:03 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2017-06-13 20:36 - 2017-05-12 14:03 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2017-06-13 20:36 - 2017-05-12 14:03 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2017-06-13 20:36 - 2017-05-12 14:03 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2017-06-13 20:36 - 2017-05-12 14:03 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2017-06-13 20:36 - 2017-05-12 14:03 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2017-06-13 20:36 - 2017-05-12 14:03 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2017-06-13 20:36 - 2017-05-12 14:03 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2017-06-13 20:36 - 2017-05-12 13:55 - 00148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2017-06-13 20:36 - 2017-05-12 13:54 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2017-06-13 20:36 - 2017-05-12 13:54 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2017-06-13 20:36 - 2017-05-12 13:52 - 03222528 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2017-06-13 20:36 - 2017-05-12 13:51 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2017-06-13 20:36 - 2017-05-12 13:50 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2017-06-13 20:36 - 2017-05-12 13:46 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2017-06-13 20:36 - 2017-05-12 13:43 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2017-06-13 20:36 - 2017-05-12 13:41 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2017-06-13 20:36 - 2017-05-12 13:41 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2017-06-13 20:36 - 2017-05-12 13:41 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2017-06-13 20:36 - 2017-05-12 13:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2017-06-13 20:36 - 2017-05-12 13:40 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2017-06-13 20:36 - 2017-05-12 13:40 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2017-06-13 20:36 - 2017-05-12 13:40 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2017-06-13 20:36 - 2017-05-12 13:40 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2017-06-13 20:36 - 2017-05-12 12:25 - 01251328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2017-06-13 20:36 - 2017-05-12 11:58 - 01648128 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2017-06-13 20:36 - 2017-05-12 11:58 - 01180160 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2017-06-13 20:36 - 2017-05-10 11:33 - 00091368 _____ (Microsoft Corporation) C:\Windows\system32\MigAutoPlay.exe
2017-06-13 20:36 - 2017-05-10 11:29 - 14183936 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2017-06-13 20:36 - 2017-05-10 11:29 - 03165184 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2017-06-13 20:36 - 2017-05-10 11:29 - 01867776 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2017-06-13 20:36 - 2017-05-10 11:29 - 00192512 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2017-06-13 20:36 - 2017-05-10 11:29 - 00098816 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2017-06-13 20:36 - 2017-05-10 11:28 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2017-06-13 20:36 - 2017-05-10 11:16 - 00091368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MigAutoPlay.exe
2017-06-13 20:36 - 2017-05-10 11:14 - 02651136 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2017-06-13 20:36 - 2017-05-10 11:13 - 00709120 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2017-06-13 20:36 - 2017-05-10 11:13 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2017-06-13 20:36 - 2017-05-10 11:13 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2017-06-13 20:36 - 2017-05-10 11:13 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2017-06-13 20:36 - 2017-05-10 11:13 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2017-06-13 20:36 - 2017-05-10 11:13 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2017-06-13 20:36 - 2017-05-10 11:12 - 12880896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2017-06-13 20:36 - 2017-05-10 11:12 - 01499648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll
2017-06-13 20:36 - 2017-05-10 11:12 - 00174080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2017-06-13 20:36 - 2017-05-10 11:00 - 00573440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2017-06-13 20:36 - 2017-05-10 11:00 - 00093696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2017-06-13 20:36 - 2017-05-10 11:00 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2017-06-13 20:36 - 2017-05-10 11:00 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2017-06-13 20:36 - 2017-05-10 10:52 - 00117248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2017-06-13 20:36 - 2017-05-09 11:30 - 00757248 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2017-06-13 20:36 - 2017-05-09 11:29 - 00970240 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2017-06-13 20:36 - 2017-05-09 11:15 - 00071680 _____ C:\Windows\system32\PrintBrmUi.exe
2017-06-13 20:36 - 2017-05-09 11:11 - 00497664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32spl.dll
2017-06-13 20:36 - 2017-05-07 11:33 - 00094440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2017-06-13 20:36 - 2017-05-07 11:29 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll
2017-06-13 20:36 - 2017-03-30 11:03 - 00046080 _____ (Microsoft Corporation) C:\Windows\system32\rundll32.exe
2017-06-13 20:36 - 2017-03-30 10:58 - 00045056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
2017-06-13 20:34 - 2013-01-28 15:58 - 00014848 _____ (ASUSTek Computer Inc.) C:\Windows\SysWOW64\Drivers\AiChargerPlus.sys
2017-06-13 20:31 - 2008-12-02 20:05 - 00184320 _____ (ASUSTeK) C:\Windows\SysWOW64\Drivers\UpdateHelper.dll
2017-06-13 20:30 - 2017-06-13 20:30 - 00000000 ____D C:\Windows\SysWOW64\Drivers\MFDLL
2017-06-13 20:30 - 2017-06-13 20:30 - 00000000 ____D C:\ProgramData\ASUS
2017-06-13 20:30 - 2008-01-04 01:34 - 00011832 ____N C:\Windows\SysWOW64\Drivers\AsInsHelp64.sys
2017-06-13 20:30 - 2008-01-04 01:34 - 00010216 ____N C:\Windows\SysWOW64\Drivers\AsInsHelp32.sys
2017-06-13 20:29 - 2017-06-13 20:29 - 00000000 ____D C:\Users\owner\Downloads\AISuiteII_XPVistaWin7-8-81_M5A99FXPROR2_V20401
2017-06-13 19:36 - 2017-06-13 19:36 - 00000000 ____D C:\Program Files (x86)\ASM106xSATA
2017-06-13 19:35 - 2017-06-13 19:35 - 00000000 ____D C:\Users\owner\Downloads\ASMEDIA_Win7_81_10-Ver3160
2017-06-13 19:30 - 2017-05-03 11:34 - 00094952 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2017-06-13 19:30 - 2017-05-03 11:29 - 01206272 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2017-06-13 19:30 - 2017-05-03 09:05 - 01555968 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2017-06-13 19:30 - 2017-05-03 09:05 - 00620544 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2017-06-13 19:30 - 2017-05-03 09:05 - 00535552 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2017-06-13 19:30 - 2017-05-03 09:05 - 00325632 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2017-06-13 19:30 - 2017-05-03 09:05 - 00311296 _____ (Microsoft Corporation) C:\Windows\system32\centel.dll
2017-06-13 19:30 - 2017-05-03 09:05 - 00217088 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2017-06-13 19:30 - 2017-05-03 09:05 - 00127488 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2017-06-13 19:30 - 2017-04-27 18:50 - 03550208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_47.dll
2017-06-13 19:30 - 2017-04-12 09:05 - 04296704 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_47.dll
2017-06-13 19:30 - 2017-03-22 22:06 - 01691136 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2017-06-13 19:19 - 2017-06-13 19:19 - 00001987 _____ C:\Users\Public\Desktop\ASUS Boot Setting 1.00.18.lnk
2017-06-13 19:19 - 2013-10-11 15:36 - 00028672 ____N (ASUSTek Computer Inc.) C:\Windows\SysWOW64\AsIO.dll
2017-06-13 19:19 - 2012-08-22 05:54 - 00015232 _____ C:\Windows\SysWOW64\Drivers\AsIO.sys
2017-06-13 19:17 - 2017-06-13 19:17 - 00003041 _____ C:\Users\owner\Desktop\ASUS PC Diagnostics.lnk
2017-06-13 19:17 - 2017-06-13 19:17 - 00000000 ____D C:\Users\owner\Downloads\ASUS_BootSetting_XPVistaWin7-8-8-1_VER10018
2017-06-13 19:16 - 2017-06-13 19:16 - 00000000 ____D C:\Users\owner\Downloads\PC_Diagnostics_XPVistaWin7_8_8-1_VER1304
2017-06-13 19:15 - 2017-06-13 19:16 - 229328829 _____ C:\Users\owner\Downloads\AISuiteII_XPVistaWin7-8-81_M5A99FXPROR2_V20401.zip
2017-06-13 19:15 - 2017-06-13 19:15 - 67927577 _____ C:\Users\owner\Downloads\PC_Diagnostics_XPVistaWin7_8_8-1_VER1304.zip
2017-06-13 19:15 - 2017-06-13 19:15 - 05531632 _____ C:\Users\owner\Downloads\ASUS_BootSetting_XPVistaWin7-8-8-1_VER10018.zip
2017-06-13 19:14 - 2017-06-13 19:14 - 05622146 _____ C:\Users\owner\Downloads\ASMEDIA_Win7_81_10-Ver3160.zip
2017-06-13 19:10 - 2017-06-13 19:10 - 00000000 ____D C:\Users\owner\Downloads\mb_utility_easytune_amd
2017-06-13 19:09 - 2017-06-13 19:09 - 56410918 _____ C:\Users\owner\Downloads\mb_utility_easytune_amd.zip
2017-06-13 00:53 - 2017-06-13 00:53 - 00504144 _____ (Microsoft Corporation) C:\Users\owner\Downloads\winsdk_web (4).exe
2017-06-13 00:21 - 2017-06-13 00:21 - 00504144 _____ (Microsoft Corporation) C:\Users\owner\Downloads\winsdk_web (3).exe
2017-06-12 23:17 - 2017-06-12 23:17 - 00000000 ____D C:\Users\owner\AppData\Roaming\app documents\WPR Files
2017-06-12 22:51 - 2017-06-12 22:51 - 00504144 _____ (Microsoft Corporation) C:\Users\owner\Downloads\winsdk_web (2).exe
2017-06-12 22:43 - 2017-06-12 22:43 - 00504144 _____ (Microsoft Corporation) C:\Users\owner\Downloads\winsdk_web (1).exe
2017-06-12 20:53 - 2017-06-12 22:41 - 00000000 ____D C:\Users\owner\AppData\Local\Windows Performance Analyzer
2017-06-12 20:53 - 2017-06-12 20:53 - 00000000 ____D C:\Users\owner\AppData\Roaming\app documents\WPA Files
2017-06-12 20:49 - 2017-06-14 01:44 - 268435456 _____ C:\kernel.etl
2017-06-12 20:48 - 2017-06-12 20:48 - 00000000 ____D C:\ProgramData\WindowsPerformanceRecorder
2017-06-12 20:47 - 2017-06-12 20:47 - 00000000 ____D C:\ProgramData\Windows App Certification Kit
2017-06-12 20:46 - 2017-06-12 20:46 - 00000000 ____D C:\Program Files (x86)\Microsoft SDKs
2017-06-12 20:41 - 2017-06-12 20:41 - 00000000 ____D C:\Program Files\Application Verifier
2017-06-12 20:25 - 2017-06-12 20:41 - 00000000 ____D C:\Program Files (x86)\Application Verifier
2017-06-12 20:25 - 2017-06-12 20:25 - 00000000 ____D C:\Program Files\Debugging Tools for Windows (x64)
2017-06-12 20:25 - 2017-06-12 20:25 - 00000000 ____D C:\Program Files\Application Verifier (x64)
2017-06-12 20:17 - 2017-06-12 20:18 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 9.0
2017-06-12 20:17 - 2017-06-12 20:17 - 00000000 ____D C:\Windows\symbols
2017-06-12 20:13 - 2017-06-12 20:13 - 00998056 _____ (Microsoft Corporation) C:\Users\owner\Downloads\sdksetup (1).exe
2017-06-12 19:57 - 2017-06-12 19:57 - 00504144 _____ (Microsoft Corporation) C:\Users\owner\Downloads\winsdk_web.exe
2017-06-12 19:42 - 2017-06-12 19:42 - 02449736 _____ (Resplendence Software Projects Sp. ) C:\Users\owner\Downloads\LatencyMon.exe
2017-06-12 19:42 - 2015-07-13 10:16 - 00026368 _____ (Resplendence Software Projects Sp.) C:\Windows\system32\Drivers\rspLLL64.sys
2017-06-12 19:36 - 2017-06-12 19:36 - 01912363 _____ C:\Users\owner\Downloads\WinMTR-v092.zip
2017-06-12 19:36 - 2017-06-12 19:36 - 00000000 ____D C:\Users\owner\Downloads\WinMTR-v092
2017-06-12 17:10 - 2017-06-12 17:10 - 00149896 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\amdihk64.dll
2017-06-12 17:10 - 2017-06-12 17:10 - 00127880 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\amdihk32.dll
2017-06-11 20:02 - 2017-06-14 05:47 - 00000000 ____D C:\Users\owner\AppData\Local\Pushbullet
2017-06-11 20:02 - 2017-06-11 20:02 - 01737872 _____ (Pushbullet Inc ) C:\Users\owner\Downloads\pushbullet_installer.exe
2017-06-11 19:35 - 2017-06-11 19:35 - 00573769 _____ C:\Users\owner\Downloads\20170531.pdf
2017-06-11 17:33 - 2017-06-11 17:41 - 00000000 ____D C:\Users\owner\aqbanking
2017-06-11 13:37 - 2017-06-11 13:37 - 00000082 _____ C:\Users\owner\Desktop\1085518324025822453.url
2017-06-10 09:41 - 2017-06-10 09:41 - 00000798 _____ C:\Users\owner\Downloads\File-Export-2017-06-09-to-2017-06-09.zip
2017-06-10 09:41 - 2017-06-10 09:41 - 00000000 ____D C:\Users\owner\Downloads\File-Export-2017-06-09-to-2017-06-09
2017-06-10 09:23 - 2017-06-10 09:23 - 00001001 _____ C:\Users\owner\Downloads\File-Export-2017-05-11-to-2017-06-10.zip
2017-06-10 09:23 - 2017-06-10 09:23 - 00000000 ____D C:\Users\owner\Downloads\File-Export-2017-05-11-to-2017-06-10

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-07-10 19:38 - 2016-10-14 02:09 - 00000000 ____D C:\Users\owner\AppData\Local\DisplayFusion
2017-07-10 19:37 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\inf
2017-07-10 19:35 - 2017-04-01 21:38 - 00000000 ____D C:\Users\owner\AppData\LocalLow\AMD
2017-07-10 19:35 - 2016-07-29 10:07 - 00000000 ____D C:\Users\owner\AppData\Local\AMD
2017-07-10 19:27 - 2009-07-14 01:13 - 00006166 _____ C:\Windows\system32\PerfStringBackup.INI
2017-07-10 19:25 - 2017-06-08 18:07 - 00007532 _____ C:\Windows\mrfldr.dat
2017-07-10 19:24 - 2016-10-13 04:03 - 00000000 ____D C:\Users\owner\AppData\Local\ClassicShell
2017-07-10 19:23 - 2017-02-28 15:13 - 00000000 ___RD C:\Users\owner\iCloudDrive
2017-07-10 19:23 - 2016-09-24 07:13 - 00000000 ____D C:\Users\owner\ownCloud
2017-07-10 19:23 - 2016-09-04 17:29 - 00000902 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job
2017-07-10 19:23 - 2016-08-09 12:48 - 00054690 __RSH C:\ProgramData\ntuser.pol
2017-07-10 19:23 - 2015-03-03 14:46 - 00000000 ___RD C:\Users\owner\Google Drive
2017-07-10 19:23 - 2015-02-13 14:33 - 00000000 ___RD C:\Users\owner\OneDrive
2017-07-10 19:23 - 2009-07-14 01:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2017-07-10 19:20 - 2009-07-14 00:45 - 00032800 _____ C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-07-10 19:20 - 2009-07-14 00:45 - 00032800 _____ C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-07-10 19:18 - 2016-12-01 08:49 - 00065536 _____ C:\Windows\system32\spu_storage.bin
2017-07-10 19:17 - 2016-09-04 17:29 - 00000906 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job
2017-07-10 19:11 - 2016-07-29 07:44 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2017-07-10 19:11 - 2016-07-29 07:44 - 00000000 ____D C:\Program Files (x86)\Realtek
2017-07-10 18:48 - 2017-06-08 18:07 - 00007532 _____ C:\Windows\mrfldr.da0
2017-07-10 18:36 - 2017-02-01 02:03 - 00000000 ____D C:\Users\owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Apps Monitors
2017-07-09 21:35 - 2016-10-18 14:42 - 00000000 ____D C:\Users\owner\AppData\Roaming\Stardock
2017-07-09 20:16 - 2016-09-24 06:59 - 00000000 ____D C:\Users\owner\AppData\Local\ownCloud
2017-07-08 22:02 - 2016-09-05 23:48 - 00000000 ____D C:\Users\Admin
2017-07-08 21:52 - 2016-10-14 04:50 - 00000000 ____D C:\Users\owner\AppData\Local\CrashDumps
2017-07-08 21:46 - 2016-09-04 14:39 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Exploit
2017-07-08 21:46 - 2008-01-01 16:44 - 00493200 _____ C:\Windows\ntbtlog.txt
2017-07-08 20:00 - 2016-09-04 14:39 - 00000000 ____D C:\ProgramData\Malwarebytes Anti-Exploit
2017-07-08 19:45 - 2016-09-05 23:51 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2017-07-08 19:02 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\system32\NDF
2017-07-08 18:54 - 2016-09-05 19:49 - 00000000 ____D C:\Users\owner\AppData\Local\ElevatedDiagnostics
2017-07-08 00:43 - 2016-11-20 10:49 - 00000000 ____D C:\Users\owner\AppData\LocalLow\Mozilla
2017-07-07 14:24 - 2016-09-04 22:37 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2017-07-06 23:27 - 2016-09-05 21:54 - 00000000 ____D C:\Users\owner\AppData\Roaming\KeePass
2017-07-06 22:28 - 2016-09-04 22:39 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2017-07-04 18:38 - 2017-04-24 21:36 - 00207760 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiuxp64.dll
2017-07-04 18:38 - 2016-07-18 18:21 - 07663888 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiumdag.dll
2017-07-04 18:38 - 2016-07-18 18:21 - 00161344 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiuxpag.dll
2017-07-04 18:38 - 2016-07-18 18:21 - 00143864 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiu9pag.dll
2017-07-04 18:37 - 2017-04-24 21:36 - 12574408 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atidxx64.dll
2017-07-04 18:37 - 2017-04-24 21:36 - 00020360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\detoured.dll
2017-07-04 18:37 - 2017-04-24 21:36 - 00020360 _____ (Microsoft Corporation) C:\Windows\system32\detoured.dll
2017-07-04 18:37 - 2016-07-18 18:21 - 13254256 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiumdva.dll
2017-07-04 18:37 - 2016-07-18 18:21 - 10444400 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atidxx32.dll
2017-07-04 18:37 - 2016-07-18 18:21 - 01654880 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\aticfx64.dll
2017-07-04 18:37 - 2016-07-18 18:21 - 01347952 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\aticfx32.dll
2017-07-04 18:37 - 2016-07-18 16:33 - 01507720 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atiadlxx.dll
2017-07-04 18:37 - 2016-07-18 16:33 - 00236424 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atig6txx.dll
2017-07-04 18:37 - 2016-07-18 16:33 - 00155528 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atig6pxx.dll
2017-07-04 18:36 - 2017-04-24 21:35 - 00915848 _____ (AMD) C:\Windows\system32\coinst_17.10.dll
2017-07-04 18:35 - 2016-07-18 17:37 - 32738184 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atio6axx.dll
2017-07-04 13:24 - 2017-02-01 06:37 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2017-07-03 22:47 - 2016-09-06 01:47 - 00000000 ___RD C:\Development
2017-07-03 22:39 - 2016-08-10 18:43 - 00000000 ____D C:\ProgramData\Symantec
2017-07-03 19:12 - 2016-10-17 03:43 - 00000000 ____D C:\Users\owner\AppData\Local\Spotify
2017-07-03 17:10 - 2016-10-17 03:43 - 00000000 ____D C:\Users\owner\AppData\Roaming\Spotify
2017-07-03 13:46 - 2016-12-24 01:16 - 00004456 _____ C:\Windows\System32\Tasks\Adobe Flash Player PPAPI Notifier
2017-07-03 13:46 - 2009-07-14 01:32 - 00000000 ____D C:\Users\owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Video Games
2017-07-03 13:09 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\rescache
2017-07-02 21:48 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\LiveKernelReports
2017-07-02 21:29 - 2016-08-03 11:08 - 00000000 ____D C:\Users\owner\AppData\Roaming\vlc
2017-07-02 20:08 - 2017-04-17 15:14 - 00000000 ____D C:\Users\owner\AppData\Roaming\app documents\Realtime Landscaping Architect 2016
2017-07-02 14:47 - 2009-07-14 00:45 - 00503280 _____ C:\Windows\system32\FNTCACHE.DAT
2017-07-02 14:36 - 2016-07-28 14:21 - 00136024 _____ C:\Users\owner\AppData\Local\GDIPFONTCACHEV1.DAT
2017-06-26 14:33 - 2016-09-04 17:29 - 00000000 ____D C:\Program Files (x86)\Dropbox
2017-06-25 10:29 - 2016-09-08 08:35 - 00000000 ____D C:\Users\owner\AppData\Local\gtk-2.0
2017-06-23 00:09 - 2016-07-28 13:57 - 00006420 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2017-06-20 04:04 - 2016-08-03 10:26 - 00000000 ____D C:\Windows\system32\MRT
2017-06-20 03:57 - 2016-08-03 10:26 - 148601744 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2017-06-18 23:48 - 2016-09-05 21:21 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-06-17 11:19 - 2016-09-05 23:51 - 00803328 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2017-06-17 11:19 - 2016-09-05 23:51 - 00144896 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2017-06-17 11:19 - 2016-09-05 23:51 - 00000000 ____D C:\Windows\system32\Macromed
2017-06-17 11:19 - 2016-07-28 13:52 - 00000000 ____D C:\Users\owner\AppData\Local\Adobe
2017-06-14 14:30 - 2016-09-04 17:23 - 00000000 ____D C:\Users\owner\AppData\Local\Dropbox
2017-06-14 06:37 - 2016-10-13 07:30 - 00000000 ____D C:\Windows\pss
2017-06-14 05:57 - 2017-02-01 02:17 - 00000000 ____D C:\Users\owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Tools Storage
2017-06-14 05:56 - 2016-09-25 07:04 - 00000000 ___RD C:\Users\owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Apps Browsers
2017-06-14 05:56 - 2016-09-25 06:45 - 00000000 ____D C:\Users\owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Cloud Storage
2017-06-14 05:08 - 2017-03-29 14:45 - 00000000 ____D C:\ProgramData\Passmark
2017-06-14 01:53 - 2016-07-29 10:04 - 00000000 ____D C:\Users\owner\AppData\Roaming\Raptr
2017-06-14 01:52 - 2009-07-14 01:08 - 00032634 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2017-06-14 01:36 - 2016-09-25 06:46 - 00000000 ___RD C:\Users\owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Tools Utilities
2017-06-13 23:01 - 2016-09-04 22:48 - 00000000 ___RD C:\Users\owner\Box Sync
2017-06-13 23:01 - 2015-02-14 21:30 - 00000000 ___RD C:\Users\owner\Dropbox
2017-06-13 22:50 - 2016-12-01 08:38 - 00000000 ____D C:\Program Files (x86)\VulkanRT
2017-06-13 22:44 - 2016-07-29 10:03 - 00000000 ____D C:\ProgramData\Package Cache
2017-06-13 21:38 - 2017-02-01 02:03 - 00000000 ____D C:\Users\owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Tools Hardware
2017-06-13 21:36 - 2017-05-15 16:22 - 00000000 ____D C:\Users\owner\AppData\Local\JxBrowser
2017-06-13 21:30 - 2016-07-29 07:49 - 00000000 ____D C:\Program Files (x86)\ASM104xUSB3
2017-06-13 21:14 - 2017-06-05 16:54 - 00000000 ___RD C:\Users\owner\Podcasts
2017-06-13 21:14 - 2016-09-04 17:31 - 00000000 ___RD C:\Users\owner\AppData\Roaming\app documents
2017-06-13 21:12 - 2016-07-28 13:53 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2017-06-13 21:12 - 2016-07-28 13:53 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2017-06-13 21:09 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\SysWOW64\migwiz
2017-06-13 21:09 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\system32\migwiz
2017-06-13 21:00 - 2016-07-28 14:35 - 00000000 ____D C:\Windows\System32\Tasks\ASUS
2017-06-13 20:57 - 2017-02-01 08:02 - 00000000 ____D C:\ProgramData\CrashPlan
2017-06-13 20:57 - 2017-02-01 08:02 - 00000000 ____D C:\Program Files\CrashPlan
2017-06-13 20:50 - 2016-07-28 13:53 - 00000000 ____D C:\Program Files (x86)\Java
2017-06-13 20:39 - 2016-07-29 07:51 - 00000000 ____D C:\Program Files (x86)\ASUS
2017-06-13 20:37 - 2016-09-13 03:06 - 00000000 ____D C:\Program Files (x86)\RSSOwl
2017-06-13 20:37 - 2015-04-18 01:42 - 00000000 ___HD C:\Users\owner\.rssowl2
2017-06-13 20:17 - 2016-08-02 04:56 - 00000000 ____D C:\Windows\system32\appraiser
2017-06-13 18:54 - 2016-07-29 07:44 - 00000000 ___HD C:\Program Files (x86)\Temp
2017-06-13 14:21 - 2017-04-15 07:08 - 00003178 _____ C:\Windows\System32\Tasks\OneDrive Standalone Update Task v2
2017-06-12 17:14 - 2017-04-24 21:36 - 00207760 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\SETB9B7.tmp
2017-06-12 17:14 - 2017-04-24 21:36 - 00020360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SETB57B.tmp
2017-06-12 17:14 - 2017-04-24 21:36 - 00020360 _____ (Microsoft Corporation) C:\Windows\system32\SETAA8C.tmp
2017-06-12 17:14 - 2016-07-18 18:21 - 07663888 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\SETAFBD.tmp
2017-06-12 17:14 - 2016-07-18 18:21 - 00161344 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\SETC11B.tmp
2017-06-12 17:14 - 2016-07-18 18:21 - 00143864 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\SETC0FA.tmp
2017-06-12 17:13 - 2017-04-24 21:36 - 12578016 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\SETAF2E.tmp
2017-06-12 17:13 - 2016-07-18 18:21 - 10448520 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\SETB341.tmp
2017-06-12 17:13 - 2016-07-18 18:21 - 01654880 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\SETBA39.tmp
2017-06-12 17:13 - 2016-07-18 18:21 - 01347952 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\SETBA6A.tmp
2017-06-12 17:13 - 2016-07-18 16:33 - 00236424 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\SETB9C9.tmp
2017-06-12 17:13 - 2016-07-18 16:33 - 00155528 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\SETC0D9.tmp
2017-06-12 17:12 - 2016-07-18 18:21 - 13254256 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\SETB089.tmp
2017-06-12 17:12 - 2016-07-18 16:33 - 01507720 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\SETA5E8.tmp
2017-06-12 17:11 - 2017-04-24 21:35 - 00915848 _____ (AMD) C:\Windows\system32\SETC30F.tmp
2017-06-12 17:10 - 2016-07-18 17:37 - 32738184 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\SETA880.tmp
2017-06-11 17:33 - 2016-07-28 12:04 - 00000000 ____D C:\Users\owner

==================== Files in the root of some directories =======

2016-09-05 21:03 - 2016-09-05 21:08 - 55736320 _____ () C:\Program Files (x86)\GUT73CA.tmp
2016-09-28 15:47 - 2017-01-11 08:02 - 0000600 _____ () C:\Users\owner\AppData\Local\PUTTY.RND
2017-06-28 10:03 - 2017-06-28 10:03 - 0000218 _____ () C:\Users\owner\AppData\Local\recently-used.xbel
2016-08-06 12:02 - 2016-08-06 15:10 - 0007613 _____ () C:\Users\owner\AppData\Local\Resmon.ResmonCfg
2017-07-03 20:32 - 2017-07-03 20:32 - 0000000 _____ () C:\Users\owner\AppData\Local\{174E6EE2-8EF7-4E5D-8F64-269686E139BA}
2017-07-03 20:32 - 2017-07-03 20:32 - 0000000 _____ () C:\Users\owner\AppData\Local\{32CC8840-D407-4FDF-9077-54AEE6515CAD}
2017-07-03 19:57 - 2017-07-03 19:57 - 0000000 _____ () C:\Users\owner\AppData\Local\{8099176B-DFD6-4218-B7FE-EE26F272B780}
2016-09-14 00:38 - 2016-09-14 00:38 - 0000057 _____ () C:\ProgramData\Ament.ini
2016-07-29 07:47 - 2016-07-29 07:47 - 0000000 _____ () C:\ProgramData\DP45977C.lfl
2017-07-10 19:31 - 2017-07-10 19:31 - 0000060 _____ () C:\ProgramData\SoftwareUpdateTemp.xml

Some files in TEMP:
====================
2017-06-13 21:36 - 2017-06-13 21:36 - 0040448 ____N () C:\Users\owner\AppData\Local\Temp\proxy_vole942868523546535949.dll
2017-06-14 00:20 - 2017-07-03 19:31 - 0192512 _____ () C:\Users\owner\AppData\Local\Temp\sfamcc00001.dll
2015-02-10 13:56 - 2015-02-10 13:56 - 0105984 _____ () C:\Users\owner\AppData\Local\Temp\sfextra.dll

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2017-07-02 00:27

==================== End of FRST.txt ============================

dee25 · Jul 10, 2017

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 08-07-2017Ran by user (administrator) on DEE25-PC (10-07-2017 19:38:18)Running from C:\Users\user\Downloads
Loaded Profiles: user & Admin (Available Profiles: user & Admin)
Platform: Windows 7 Ultimate Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: FRST Tutorial - How to use Farbar Recovery Scan Tool - Malware Removal Guides and Tutorials

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Logitech Inc.) C:\Program Files \Common Files\LogiShrd\LVMVFM\UMVPFSrv.exe
(Adobe Systems, Incorporated) C:\Program Files \Common Files\Adobe\AdobeGCClient\AGSService.exe
(Advanced Micro Devices, Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Fuel\Fuel.Service.exe
(ASUSTeK Computer Inc.) C:\Program Files \ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe
(ASUSTeK Computer Inc.) C:\Program Files \ASUS\AsusFanControlService\1.02.00\AsusFanControlService.exe
(Apple Inc.) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe
(Code 42 Software) C:\Program Files (x86)\CrashPlan\CrashPlanService.exe
(Dropbox, Inc.) C:\Windows\SysWOW64\DbxSvc.exe
(Binary Fortress Software) C:\Development\Modifications\DisplayFusion\DisplayFusionService.exe
(ArcticLine Software) C:\Development\Modifications\FileMarker.NET\FileMarkerService.exe
(Logitech Inc.) C:\Program Files (x86)\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
(Techsoft) C:\Windows\SysWOW64\mfsyncsv.exe
(Logitech Inc.) C:\Program Files \Common Files\LogiShrd\LVMVFM\LVPrS64H.exe
(Samsung Electronics Co., Ltd.) C:\Windows\SysWOW64\RAPID\SamsungRapidSvc.exe
(Symantec Corporation) C:\Program Files \Symantec\Symantec Endpoint Protection\12.1.2015.2015.105\Bin\ccSvcHst.exe
() C:\Program Files \ASUS\AXSP\1.00.19\atkexComSvc.exe
(Symantec Corporation) C:\Program Files \Symantec\Symantec Endpoint Protection\12.1.2015.2015.105\Bin64\Smc.exe
(Symantec Corporation) C:\Program Files \Symantec\Symantec Endpoint Protection\12.1.2015.2015.105\Bin\ccSvcHst.exe
(ASUSTeK Computer Inc.) C:\Development\ASUS\AI Suite II\DIGI+ Power Control\PowerControlHelp.exe
(ASUSTeK Computer Inc.) C:\Development\ASUS\AI Suite II\AsRoutineController.exe
(ASUSTeK Computer Inc.) C:\Development\ASUS\AI Suite II\Remote GO!\AssistTools\WiFi GO! Server.exe
(Box, Inc.) C:\Program Files (x86)\Box\Box Sync\BoxSync.exe
(IvoSoft) C:\Program Files (x86)\Classic Shell\ClassicStartMenu.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft IntelliPoint\ipoint.exe
(Techsoft) C:\Cloud\MirrorFolder\mrfshl.exe
(Samsung Electronics Co., Ltd.) C:\Development\Samsung\RAPID\CacheFilter\SamsungRapidApp.exe
(ASUSTeK Computer Inc.) C:\Development\ASUS\AI Suite II\EPU\EPUHelp.exe
(ownCloud) C:\Cloud\ownCloud\owncloud.exe
(Binary Fortress Software) C:\Development\Modifications\DisplayFusion\DisplayFusion.exe
(Google) C:\Program Files \Google\Drive\googledrivesync.exe
(Google) C:\Program Files \Google\Drive\googledrivesync.exe
(Apple Inc.) C:\Program Files \Common Files\Apple\Internet Services\iCloudServices.exe
(Apple Inc.) C:\Program Files \Common Files\Apple\Internet Services\iCloudDrive.exe
(Apple Inc.) C:\Program Files \Common Files\Apple\Internet Services\AppleIEDAV.exe
(Spotify Ltd) C:\Users\user\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Apple Inc.) C:\Program Files \Common Files\Apple\Apple Application Support\APSDaemon.exe
(Microsoft Corporation) C:\Program Files \Microsoft Office\root\Office16\ONENOTEM.EXE
(Dropbox, Inc.) C:\Program Files \Dropbox\Client\Dropbox.exe
(Brother Industries, Ltd.) C:\Program Files \Browny02\Brother\BrStMonW.exe
(Oracle Corporation) C:\Program Files \Common Files\Java\Java Update\jusched.exe
(Brother Industries, Ltd.) C:\Program Files \Browny02\BrYNSvc.exe
(Dropbox, Inc.) C:\Program Files \Dropbox\Client\Dropbox.exe
(Dropbox, Inc.) C:\Program Files \Dropbox\Client\Dropbox.exe
(Apple, Inc.) C:\Program Files \Common Files\Apple\Apple Application Support\secd.exe
(Samsung Electronics Co. Ltd.) C:\Development\Samsung\Samsung Magician\SamsungMagician.exe
(ASUSTeK Computer Inc.) C:\Development\ASUS\AI Suite II\AI Suite II.exe
(Binary Fortress Software) C:\Development\Modifications\DisplayFusion\DisplayFusionHookAppWIN6064.exe
(Binary Fortress Software) C:\Development\Modifications\DisplayFusion\DisplayFusionHookAppWIN6032.exe
() C:\Program Files (x86)\Box\Box Sync\BoxSyncMonitor.exe
(Microsoft Corporation) C:\Windows\system32\wbem\WmiPrvSE.exe
(ASUSTeK Computer Inc.) C:\Development\ASUS\AI Suite II\Sensor\AlertHelper\AlertHelper.exe
(Microsoft Corporation) C:\Windows\system32\wbem\WmiPrvSE.exe
(ASUSTeK Computer Inc.) C:\Program Files \ASUS\AAHM\1.00.20\aaHMSvc.exe
(Sysinternals - www.sysinternals.com) C:\Development\Monitors\Process Explorer\procexp64.exe
(Microsoft Corporation) C:\Development\EMET 5.5\EMET_Service.exe
(Microsoft Corporation) C:\Development\EMET 5.5\EMET_Agent.exe
(Resplendence Software Projects Sp.) C:\Development\LatencyMon\LatMon.exe
(Advanced Micro Devices, Inc.) C:\AMD\radeon-crimson-relive-17.7.1-minimalsetup-170710_64bit\Bin64\RadeonInstaller.exe
(Google Inc.) C:\Program Files \Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files \Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files \Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files \Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files \Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files \Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files \Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files \Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files \Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files \Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files \Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files \Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files \Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files \Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files \Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files \Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files \Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files \Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files \Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files \Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files \Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files \Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files \Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files \Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files \Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files \Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files \Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files \Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files \Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files \Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files \Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files \Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files \Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files \Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files \Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe
(Google Inc.) C:\Program Files \Google\Chrome\Application\chrome.exe
(Adobe Systems Incorporated) C:\Program Files \Adobe\Acrobat 11.0\Acrobat\acrobat_sl.exe
(Microsoft Corporation) C:\Windows\system32\wowreg32.exe
(Microsoft Corporation) C:\Windows\system32\wowreg32.exe
(Microsoft Corporation) C:\Windows\system32\wowreg32.exe
(Google Inc.) C:\Program Files \Google\Chrome\Application\chrome.exe
(AMD) C:\Windows\SysWOW64\atiesrxx.exe
(AMD) C:\Windows\SysWOW64\atieclxx.exe

==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [BoxSync] => C:\Program Files (x86)\Box\Box Sync\BoxSync.exe [5077352 2017-06-21] (Box, Inc.)
HKLM\...\Run: [Fences] => C:\Development\Modifications\Stardock\Fences\Fences.exe [3990488 2016-09-15] (Stardock Corporation)
HKLM\...\Run: [Classic Start Menu] => C:\Program Files (x86)\Classic Shell\ClassicStartMenu.exe [158208 2015-12-02] (IvoSoft)
HKLM\...\Run: [IntelliPoint] => C:\Program Files (x86)\Microsoft IntelliPoint\ipoint.exe [2417032 2011-08-01] (Microsoft Corporation)
HKLM\...\Run: [CrashPlanTray] => C:\Program Files (x86)\CrashPlan\CrashPlanTray.exe [462808 2017-06-08] (Code 42 Software, Inc.)
HKLM\...\Run: [MirrorFolderShell] => C:\Cloud\MirrorFolder\mrfshl.exe [316208 2016-10-06] (Techsoft)
HKLM\...\Run: [SamsungRapidApp] => C:\Development\Samsung\RAPID\CacheFilter\SamsungRapidApp.exe [123800 2016-11-18] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files \Dropbox\Client\Dropbox.exe [3486520 2017-06-26] (Dropbox, Inc.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files \Browny02\Brother\BrStMonW.exe [4513792 2014-05-22] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files \Common Files\Java\Java Update\jusched.exe [587288 2017-03-15] (Oracle Corporation)
HKLM-x32\...\Run: [ASUS AiChargerPlus Execute] => C:\Program Files \InstallShield Installation Information\{E6931688-DA2B-4E16-8539-3D323D69C677}\AiChargerPlus.exe [550272 2013-01-28] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [ASUS WiFi GO! FileTransfer Execute] => C:\Development\ASUS\AI Suite II\Remote GO!\AssistTools\WiFile\WiFileTransfer.exe [1391416 2013-06-21] (ASUSTeK Computer Inc.)
HKLM-x32\...\RunOnce: [AsIORebootFlag] => [X]
HKLM-x32\...\RunOnce: [MBAP_REBOOT] => [X]
HKLM-x32\...\RunOnce: [AiChargerPlusDriver_Ins] => [X]
HKLM\...\Policies\Explorer: [NoWebServices] 1
HKLM\...\Policies\Explorer: [NoOnlinePrintsWizard] 1
HKLM\...\Policies\Explorer: [DisableLocalMachineRunOnce] 1
HKLM\...\Policies\Explorer: [NoAutorun] 1
HKLM\...\Policies\Explorer: [PreXPSP2ShellProtocolBehavior] 0
HKLM\...\Policies\Explorer: [NoInternetOpenWith] 1
HKLM\...\Policies\Explorer: [NoPublishingWizard] 1
HKU\S-2-6-91-1343252309-1093874298-1923874192-0001\...\Run: [ownCloud] => C:\Cloud\ownCloud\owncloud.exe [1991680 2017-05-08] (ownCloud)
HKU\S-2-6-91-1343252309-1093874298-1923874192-0001\...\Run: [DisplayFusion] => C:\Development\Modifications\DisplayFusion\DisplayFusion.exe [9161720 2016-12-23] (Binary Fortress Software)
HKU\S-2-6-91-1343252309-1093874298-1923874192-0001\...\Run: [GoogleDriveSync] => C:\Program Files \Google\Drive\googledrivesync.exe [23819304 2017-03-21] (Google)
HKU\S-2-6-91-1343252309-1093874298-1923874192-0001\...\Run: [iCloudServices] => C:\Program Files \Common Files\Apple\Internet Services\iCloudServices.exe [67384 2017-01-17] (Apple Inc.)
HKU\S-2-6-91-1343252309-1093874298-1923874192-0001\...\Run: [iCloudDrive] => C:\Program Files \Common Files\Apple\Internet Services\iCloudDrive.exe [110392 2017-01-17] (Apple Inc.)
HKU\S-2-6-91-1343252309-1093874298-1923874192-0001\...\Run: [AppleIEDAV] => C:\Program Files \Common Files\Apple\Internet Services\AppleIEDAV.exe [1091384 2016-12-20] (Apple Inc.)
HKU\S-2-6-91-1343252309-1093874298-1923874192-0001\...\Run: [Spotify Web Helper] => C:\Users\user\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1562224 2017-06-24] (Spotify Ltd)
HKU\S-2-6-91-1343252309-1093874298-1923874192-0001\...\Run: [ClamWin] => C:\Development\ClamWin\bin\ClamTray.exe [86016 2016-03-19] (alch)
HKU\S-2-6-91-1343252309-1093874298-1923874192-0001\...\Run: [SpybotSD TeaTimer] => C:\Program Files \Spybot - Search & Destroy\TeaTimer.exe [2260480 2009-03-05] (Safer-Networking Ltd.)
HKU\S-2-6-91-1343252309-1093874298-1923874192-0001\...\Policies\Explorer: [NolowDiskSpaceChecks] 1
HKU\S-2-6-91-1343252309-1093874298-1923874192-0001\...\MountPoints2: {043cb6bc-54f4-11e6-aa04-806e6f6e6963} - E:\.\Bin\ASSETUP.exe
HKU\S-2-6-91-1343252309-1093874298-1923874192-0001\...\MountPoints2: {6eaac46c-e274-11e6-a4d4-ac9e174e80ba} - G:\setup.exe
HKU\S-2-6-91-1343252309-1093874298-1923874192-0001\...\MountPoints2: {bdfc58ab-0f64-11e7-a29c-ac9e174e80ba} - F:\autorun.exe
HKU\S-2-6-91-1343252309-1093874298-1923874192-0001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Development\Modifications\DisplayFusion\DFSSaver.scr [5295104 2016-12-23] (Binary Fortress Software)
HKU\S-2-6-91-1343252309-1093874298-1923874192-0002\...\Run: [CrashPlanTray] => C:\Users\Admin\AppData\Local\Programs\CrashPlan\CrashPlanTray.exe
HKU\S-2-6-91-1343252309-1093874298-1923874192-0002\...\Run: [HP Officejet Pro 8600 (NET)] => C:\Program Files (x86)\HP\HP Officejet Pro 8600\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.)
HKU\S-2-6-91-1343252309-1093874298-1923874192-0002\...\Run: [ownCloud] => C:\Cloud\ownCloud\owncloud.exe [1991680 2017-05-08] (ownCloud)
HKU\S-2-6-91-1343252309-1093874298-1923874192-0002\...\Run: [DisplayFusion] => C:\Development\Modifications\DisplayFusion\DisplayFusion.exe [9161720 2016-12-23] (Binary Fortress Software)
HKU\S-2-6-91-1343252309-1093874298-1923874192-0002\...\Run: [GoogleDriveSync] => C:\Program Files \Google\Drive\googledrivesync.exe [23819304 2017-03-21] (Google)
HKU\S-2-6-91-1343252309-1093874298-1923874192-0002\...\Run: [iCloudServices] => C:\Program Files \Common Files\Apple\Internet Services\iCloudServices.exe [67384 2017-01-17] (Apple Inc.)
HKU\S-2-6-91-1343252309-1093874298-1923874192-0002\...\Run: [iCloudDrive] => C:\Program Files \Common Files\Apple\Internet Services\iCloudDrive.exe [110392 2017-01-17] (Apple Inc.)
HKU\S-2-6-91-1343252309-1093874298-1923874192-0002\...\Run: [AppleIEDAV] => C:\Program Files \Common Files\Apple\Internet Services\AppleIEDAV.exe [1091384 2016-12-20] (Apple Inc.)
HKU\S-2-6-91-1343252309-1093874298-1923874192-0002\...\Run: [Visual Subst] => C:\Users\user\Downloads\VSubst_1.0.6-bin\VSubst.exe [139672 2008-02-02] (NTWind Software)
HKU\S-2-6-91-1343252309-1093874298-1923874192-0002\...\Run: [Pushbullet] => C:\Apps\Pushbullet\pushbullet.exe [345600 2015-07-01] (Pushbullet inc)
HKU\S-2-6-91-1343252309-1093874298-1923874192-0002\...\RunOnce: [Uninstall 17.3.6915.0529] => C:\Windows\SysWOW64\cmd.exe /q /c rmdir /s /q "C:\Users\user\AppData\Local\Microsoft\OneDrive\17.3.6915.0529"
HKU\S-2-6-91-1343252309-1093874298-1923874192-0002\...\Policies\Explorer: [NolowDiskSpaceChecks] 1
HKU\S-2-6-91-1343252309-1093874298-1923874192-0002\...\MountPoints2: {043cb6bc-54f4-11e6-aa04-806e6f6e6963} - E:\.\Bin\ASSETUP.exe
HKU\S-2-6-91-1343252309-1093874298-1923874192-0002\...\MountPoints2: {6eaac46c-e274-11e6-a4d4-ac9e174e80ba} - G:\setup.exe
HKU\S-2-6-91-1343252309-1093874298-1923874192-0002\...\MountPoints2: {bdfc58ab-0f64-11e7-a29c-ac9e174e80ba} - F:\autorun.exe
HKU\S-1-5-18\Control Panel\Desktop\\SCRNSAVE.EXE ->
Startup: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Startup\Send to OneNote.lnk [2017-07-09]
ShortcutTarget: Send to OneNote.lnk -> C:\Program Files \Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation)
Startup: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Startup\Send to OneNote.lnk [2017-07-09]
ShortcutTarget: Send to OneNote.lnk -> C:\Program Files \Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation)
BootExecute: autocheck autochk * sdnclean64.exe
GroupPolicy: Restriction <==== ATTENTION
GroupPolicyScripts: Restriction <==== ATTENTION
GroupPolicyScripts\User: Restriction <==== ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings: [ProxySettingsPerUser] 1 <==== ATTENTION (Restriction - ProxySettings)
ProxyServer: [S-2-6-91-1343252309-1093874298-1923874192-0001] => localhost:8080
ProxyServer: [S-2-6-91-1343252309-1093874298-1923874192-0002] => localhost:8080
Winsock: Catalog5 08 C:\Program Files \Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL => No File
Winsock: Catalog5 09 C:\Program Files \Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL => No File
Winsock: Catalog5-x64 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL => No File
Winsock: Catalog5-x64 09 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL => No File
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{0CCAD66D-C8E8-494A-9334-1E5999F70010}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{E26FC17D-2ED2-40EB-AFC0-39F1EAF45DE3}: [DhcpNameServer] 192.168.2.1

Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION
BHO: Folder Options X -> {0AE87E97-08ED-4D43-ADA3-ADD3166FC4D2} -> C:\Development\Folder Options X\FolderOptions.dll [2012-06-23] (T800 Productions)
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files \Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2017-07-06] (Microsoft Corporation)
BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files (x86)\Classic Shell\ClassicExplorer64.dll [2016-07-30] (IvoSoft)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\ssv.dll [2017-04-25] (Oracle Corporation)
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files \Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2016-10-01] (Adobe Systems Incorporated)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files \Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\URLREDIR.DLL [2017-07-06] (Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files \Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2017-07-06] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\jp2ssv.dll [2017-04-25] (Oracle Corporation)
BHO: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files (x86)\Classic Shell\ClassicIEDLL_64.dll [2016-07-30] (IvoSoft)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files \Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2016-10-01] (Adobe Systems Incorporated)
BHO: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files (x86)\Adblock Plus for IE\AdblockPlus64.dll [2015-09-22] (Eyeo GmbH)
BHO-x32: No Name -> {0AE87E97-08ED-4D43-ADA3-ADD3166FC4D2} -> No File
BHO-x32: No Name -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> No File
BHO-x32: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files (x86)\Classic Shell\ClassicExplorer32.dll [2016-07-30] (IvoSoft)
BHO-x32: Symantec Vulnerability Protection -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> C:\Program Files \Symantec\Symantec Endpoint Protection\12.1.2015.2015.105\bin\IPS\IPSBHO.DLL [2012-11-03] (Symantec Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files \Java\jre1.8.0_131\bin\ssv.dll [2017-04-25] (Oracle Corporation)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files \Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2016-10-01] (Adobe Systems Incorporated)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files \Microsoft Office\root\Office16\URLREDIR.DLL [2017-07-06] (Microsoft Corporation)
BHO-x32: No Name -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> No File
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files \Java\jre1.8.0_131\bin\jp2ssv.dll [2017-04-25] (Oracle Corporation)
BHO-x32: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files (x86)\Classic Shell\ClassicIEDLL_32.dll [2016-07-30] (IvoSoft)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files \Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2016-10-01] (Adobe Systems Incorporated)
BHO-x32: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files (x86)\Adblock Plus for IE\AdblockPlus32.dll [2015-09-22] (Eyeo GmbH)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files \Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2016-10-01] (Adobe Systems Incorporated)
Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files (x86)\Classic Shell\ClassicExplorer64.dll [2016-07-30] (IvoSoft)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files \Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2016-10-01] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files (x86)\Classic Shell\ClassicExplorer32.dll [2016-07-30] (IvoSoft)
IE Session Restore: HKU\S-2-6-91-1343252309-1093874298-1923874192-0001 -> is enabled.
IE Session Restore: HKU\S-2-6-91-1343252309-1093874298-1923874192-0002 -> is enabled.
Handler-x32: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - C:\Program Files \Belarc\BelarcAdvisor\System\BAVoilaX.dll [2016-01-04] (Belarc, Inc.)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files \Microsoft Office\root\Office16\MSOSB.DLL [2017-07-06] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files \Microsoft Office\root\Office16\MSOSB.DLL [2017-07-06] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files \Microsoft Office\root\Office16\MSOSB.DLL [2017-07-06] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files \Microsoft Office\root\Office16\MSOSB.DLL [2017-07-06] (Microsoft Corporation)

FireFox:
========
FF DefaultProfile: 8p3sqmym.default
FF ProfilePath: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\8p3sqmym.default [2017-07-04]
FF Session Restore: Mozilla\Firefox\Profiles\8p3sqmym.default -> is enabled.
FF Extension: (Classic Theme Restorer) - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\8p3sqmym.default\Extensions\ClassicThemeRestorer@ArisT2Noia4dev.xpi [2017-04-28]
FF Extension: (Expire history by days) - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\8p3sqmym.default\Extensions\expire-history-by-days@bonardo.net.xpi [2017-03-30]
FF Extension: (FoxyScrobbler) - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\8p3sqmym.default\Extensions\foxyscrobbler@baluvaithinathan.com.xpi [2017-01-29]
FF Extension: (Pin It button) - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\8p3sqmym.default\Extensions\jid1-YcMV6ngYmQRA2w@jetpack.xpi [2016-10-05]
FF Extension: (Norwell History Tools) - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\8p3sqmym.default\Extensions\norvel@history.xpi [2017-03-30]
FF Extension: (Stylish) - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\8p3sqmym.default\Extensions\{46551EC9-40F0-4e47-8E18-8E5CF550CFB8}.xpi [2016-10-13]
FF Extension: (FT DeepDark) - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\8p3sqmym.default\Extensions\{77d2ed30-4cd2-11e0-b8af-0800200c9a66} [2017-05-01]
FF Extension: (Adobe Acrobat - Create PDF) - C:\Program Files \Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn [2017-04-14]
FF ProfilePath: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\lsnbf8jy.dev-edition-default [2017-07-08]
FF Session Restore: Mozilla\Firefox\Profiles\lsnbf8jy.dev-edition-default -> is enabled.
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension.15@web2pdf.adobedotcom] - C:\Program Files \Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF64_26_0_0_131.dll [2017-06-17] ()
FF Plugin: @java.com/DTPlugin,version=11.131.2 -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\dtplugin\npDeployJava1.dll [2017-04-25] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.131.2 -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\plugin2\npjp2.dll [2017-04-25] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files \Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2015-07-29] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_26_0_0_131.dll [2017-06-17] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw_1224194.dll [2016-02-19] (Adobe Systems, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=11.131.2 -> C:\Windows\system32\npDeployJava1.dll [2017-04-25] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.131.2 -> C:\Program Files \Java\jre1.8.0_131\bin\plugin2\npjp2.dll [2017-04-25] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files \Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files \Microsoft Office\root\Office16\NPSPWRAP.DLL [2017-05-28] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files \Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files \Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files \Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll [2017-03-28] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files \Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2015-07-29] (Adobe Systems)
FF Plugin HKU\S-2-6-91-1343252309-1093874298-1923874192-0001: @zoom.us/ZoomVideoPlugin -> C:\Users\user\AppData\Roaming\Zoom\bin\npzoomplugin.dll [2017-01-25] (Zoom Video Communications, Inc.)
StartMenuInternet: Firefox-E9DA97F5F10C18F - C:\Development\Firefox Developer Edition\firefox.exe

Chrome:
=======
CHR DefaultProfile: Default
CHR NewTab: Default -> Active:"chrome-extension://laookkfknpbbblfpciffpaejjkokdgca/dashboard.html"
CHR DefaultSearchURL: Default -> hxxps://search.yahoo.com/search?p={searchTerms}&fr=dss_yset_chr__PARAM__
CHR DefaultSearchKeyword: Default -> Yahoo
CHR DefaultSuggestURL: Default -> hxxps://search.yahoo.com/sugg/ie?output=fxjson&command={searchTerms}&nResults=10
CHR Session Restore: Default -> is enabled.
CHR Profile: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default [2017-07-10]
CHR Extension: (Yahoo Web) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\acjpdakpjonkfmggcmanlhdakfkhloii [2017-06-12]
CHR Extension: (YouTube) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\adnlfjpnmidfimlkaohpidplnoimahfh [2017-04-01]
CHR Extension: (iCloud) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\agedgfbdadefbodjkkkcpihgcmibpcff [2017-03-29]
CHR Extension: (Material Incognito Dark Theme) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\ahifcnpnjgbadkjdhagpfjfkmlapfoel [2017-06-07]
CHR Extension: (Flash Video Downloader) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\aiimdkdngfcipjohbjenkahhlhccpdbc [2017-03-29]
CHR Extension: (BetterTTV) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajopnjidmegmdimjlfnijceegpefgped [2017-05-01]
CHR Extension: (Xmarks Bookmark Sync) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajpgkpeckebdhofmmjfgcjjiiejpodla [2017-03-29]
CHR Extension: (Number google search results) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\amkhhpnepgonbpgjoflhpnhjjipdgmab [2017-03-29]
CHR Extension: (Hacker News Highlighter) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\anknmonokijobdggekbkodmmaefckoob [2017-03-29]
CHR Extension: (FastMail: Fast, reliable email) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\aokghgbpaapgekmffmngndjffcokkdgh [2017-03-29]
CHR Extension: (Google Drive) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-04-01]
CHR Extension: (Agar.io) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\apgkgfibiebjfdkcanlcnbbenofdeoip [2017-03-29]
CHR Extension: (Hacker News Enhancement Suite) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\bappiabcodbpphnojdiaddhnilfnjmpm [2017-03-29]
CHR Extension: (Regex Search) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\bcdabfmndggphffkchfdcekcokmbnkjl [2017-04-18]
CHR Extension: (TagPro Chat Enhancer) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\bffcbhifhdeaaialpegkdakkfjalofom [2017-03-30]
CHR Extension: (Squirt) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhahfnbdgffkcobfgkamlajfkflakfdb [2017-03-29]
CHR Extension: (Pandora) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmcbcfbcbofmmjigbigbeplbphlcnpbi [2017-03-29]
CHR Extension: (RSS Subscription Extension) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmjffnfcokiodbeiamclanljnaheeoke [2017-03-29]
CHR Extension: (DevTools Theme: Zero Dark Matrix) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\bomhdjeadceaggdgfoefmpeafkjhegbo [2017-06-29]
CHR Extension: (Pushbullet) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\chlffgpmiacpedhhbkiomidkjlcfhogd [2017-06-11]
CHR Extension: (Circularhub | Flyertown) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmkfcfhdpleoleonofgbkloikmenpgmh [2017-03-29]
CHR Extension: (Hacker News) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\cocinacogklpjoldpckjijokfbpfbccm [2017-03-29]
CHR Extension: (SoundCloud) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\cogncpmnihfpagflekafgfhbjahhjgee [2017-03-29]
CHR Extension: (FastMail: Fast, reliable email) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\confeenhjpkmbceaenohemhdbecmkjjb [2017-03-29]
CHR Extension: (Google Calendar - Month of Feb 2016) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\coohboghlolbhgjfnghkkddfmichcgmp [2017-03-29]
CHR Extension: (Rescroller) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\ddehdnnhjimbggeeenghijehnpakijod [2017-03-29]
CHR Extension: (Settings - Zoho Mail (jrschneier@zoho...) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhcdpfihbcinbnkodaiioddfcakjmlfp [2017-03-29]
CHR Extension: (Any.do) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhckiafmddpbajecepaaidjckpcfempi [2017-03-29]
CHR Extension: (Tampermonkey) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2017-06-12]
CHR Extension: (Google Tasks (by Google)) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\dmglolhoplikcoamfgjgammjbgchgjdd [2017-06-11]
CHR Extension: (Dropbox for Gmail) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\dpdmhfocilnekecfjgimjdeckachfbec [2017-03-29]
CHR Extension: (Session Buddy) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\edacconmaakjimmfgnblocblbcdcpbko [2017-07-03]
CHR Extension: (Family Friendly Content | Wimp.com) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\eenejmncfhgcpbpcibdjikbmmdjdplcj [2017-03-29]
CHR Extension: (Adobe Acrobat) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-03-29]
CHR Extension: (Inbox | FastMail) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\efcdjebfjjchcddjnpnjnfnjnmjnanjg [2017-03-29]
CHR Extension: (Amazon.com: Online Shopping for Elect...) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\eicbgcfajfmpllmbdfmnnpomnnedfbop [2017-03-29]
CHR Extension: (Dark Reader) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\eimadpbcbfnmbkopoojfekhnkhdbieeh [2017-03-29]
CHR Extension: (TagProReplays) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejbnakhldlocljfcglmeibhhdnmmcodh [2017-07-08]
CHR Extension: (Google Calendar) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejjicmeblgpmajnghnpcppodonldlgfn [2017-04-04]
CHR Extension: (Credit One Bank - Online Account Access) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\eoaocfaldckngifefolijeakahehmddp [2017-03-29]
CHR Extension: (Mail - Outlook) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\epfdiklifeepcjolakkcaeolohdiadlm [2017-03-29]
CHR Extension: (Stylish - Custom themes for any website) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjnbnpbmkenffdnngjfgmeleoegfcffe [2017-06-06]
CHR Extension: (Frameless for Pandora) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\fkmaghblbebdjdijddbnegchellgjhpl [2017-06-11]
CHR Extension: (Inoreader) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\fmajbmdokmecmpllfhcamihghgoablgg [2017-03-29]
CHR Extension: (Craigslist Night Mode Pro (Dark Theme)) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\fngbbgaahhcjkpljpdcpakilkglmpacl [2017-06-07]
CHR Extension: (questions to ask a kid - Google Search) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbnojoilkknlllaelpglnlbgdmpallno [2017-03-29]
CHR Extension: (Google Docs Offline) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-04-01]
CHR Extension: (Pandora) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghgomfkmjbcaaejngnngnnkoclaiglig [2017-03-29]
CHR Extension: (The Camelizer) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghnomdcacenbmilgjigehppbamfndblo [2017-03-29]
CHR Extension: (AdBlock) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2017-06-28]
CHR Extension: (Pinterest) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\glpcdlmagpenkpdgnjmfimanpcigbbhc [2017-03-29]
CHR Extension: (Google Calendar (by Google)) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmbgaklkmjakoegficnlkhebmhkjfich [2017-03-29]
CHR Extension: (Save to Google Drive) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmbmikajjgmnabiglmofipeabaddhgne [2017-03-29]
CHR Extension: (lynda.pitt.edu | University of Pittsb...) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\golphkojcamlldjmdgmlbgggcfbmpkeh [2017-03-29]
CHR Extension: (Pinterest Save Button) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpdjojdkbbmdfjfahjcgigfpmkopogic [2017-05-01]
CHR Extension: (Pandora) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\hedopifcickibdddkndbpbgkddinblcg [2017-03-29]
CHR Extension: (Last.fm Scrobbler) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\hhinaapppaileiechjoiifaancjggfjm [2017-06-28]
CHR Extension: (StumbleUpon - StumbleUpon) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\hiaepnhpmapcodpadnbmoibbnpkomiok [2017-03-29]
CHR Extension: (Google Calendar - Week of Jan 17, 2016) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\hjjijolbaalnimjhgecicfcpdgongcjl [2017-03-29]
CHR Extension: (DRUDGE REPORT 2016®) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\hkhipjkkihiicjeidmhelcgodcbmcamb [2017-03-29]
CHR Extension: ((10) Dashboard | Khan Academy) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\hkickcolfokoemklognjnaondhjhfklf [2017-03-29]
CHR Extension: (Google Keep - notes and lists) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmjkmjkepdijhoojdojkdfohbdgmmhki [2017-07-06]
CHR Extension: (Deluminate) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\iebboopaeangfpceklajfohhbpkkfiaa [2017-03-29]
CHR Extension: (Home — Last.fm) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\igldfljpdcopmamgfdfhkhlcopdfehak [2017-03-29]
CHR Extension: (Google Calendar - Week of Sep 4, 2016) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihcfedocpphbmelecjnicohcpbekakni [2017-03-29]
CHR Extension: (Reader View) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\iibolhpkjjmoepndefdmdlmbpfhlgjpl [2017-03-29]
CHR Extension: (HealthVault) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\inbjlpdahiaalcognmaaaaablpagpldm [2017-03-29]
CHR Extension: (Tumblr) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\ipjpimdglbifnmadajhnhmadbcjhkghg [2017-03-29]
CHR Extension: (Change Colors) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\jbmkekhehjedonbhoikhhkmlapalklgn [2017-03-29]
CHR Extension: (Google Calendar - Month of Jan 2016) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmkmnjfbjcgdckofagjdjdhfcmkacbok [2017-03-29]
CHR Extension: (FAJN605’s Music Profile — Users at La...) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbbehbklmbbiliefiepmobppohmemcen [2017-03-29]
CHR Extension: (Reddit Enhancement Suite) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbmfpngjjgdllneeigpgjifpgocmfgmb [2017-06-24]
CHR Extension: (The Old Reader) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\kchpghdclfmiahcoeohigdakcppnheal [2017-03-29]
CHR Extension: (lynda.com software training & tutoria...) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\kjgecejkeladiocgjfpooellgekemlkl [2017-03-29]
CHR Extension: (Reddit Hide Sidebar) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\kmhljmlnmkpkfidhceknegheeplgmngg [2017-05-15]
CHR Extension: (Gmail) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\kmhopmchchfpfdcdjodmpfaaphdclmlj [2017-03-29]
CHR Extension: (Momentum) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\laookkfknpbbblfpciffpaejjkokdgca [2017-07-05]
CHR Extension: (Instapaper) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\ldjkgaaoikpmhmkelcgkgacicjfbofhh [2017-03-29]
CHR Extension: (RadioEnhancer) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfijnebfkjdclmcedinoknekamigckii [2017-03-29]
CHR Extension: ((2304 unread) - jonrs57 - Yahoo Mail) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\lgdnfbfccglimdflhnejpkjmaodkneep [2017-03-29]
CHR Extension: (reddit: the front page of the internet) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\lgnggepjiihbfdbedefdhcffnmhcahbm [2017-03-29]
CHR Extension: (Beautiful Weather Graphs and Maps - W...) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmdmldjecchmfonmgkjcgblhkblgjifo [2017-03-29]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2017-03-29]
CHR Extension: (Extensions Manager (aka Switcher)) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\lpleipinonnoibneeejgjnoeekmbopbc [2017-03-29]
CHR Extension: (Google Calendar - Week of Nov 22, 2015) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\magmckgjjbnmlghmgmaigdmjgalaaifp [2017-03-29]
CHR Extension: (Bandcamp) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfmgbilkpckiegnjfpgnekakjacfkjca [2017-03-29]
CHR Extension: (Google Mail Checker) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff [2017-03-29]
CHR Extension: (TagPro Capture the Flag) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\mjmjebkieapibpoconhhfjafegoagoho [2017-03-29]
CHR Extension: (Following - Twitch) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlkifeehhcjahpokocfjnkdgfbbkmhcl [2017-03-29]
CHR Extension: (Talk radio, podcasts and live radio o...) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\naogjcefgkmeimmodhgagnlaohfocljk [2017-03-29]
CHR Extension: (Save to Pocket) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\niloccemoadcdkdjlinkgdfekeahmflj [2017-06-30]
CHR Extension: (TagPro) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\njfbcnfnfebbcookhiagobahebpkiioo [2017-03-29]
CHR Extension: (Chrome Web Store Payments) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-03-29]
CHR Extension: (Better History) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\obciceimmggglbmelaidpjlmodcebijb [2017-06-06]
CHR Extension: (Job Search | one search. all jobs. In...) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\ocndalckaopejonmpmceadpnpdeehdpf [2017-03-29]
CHR Extension: (TagPro Capture the Flag) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\odpnabdeninfdenkpgcjogiecfpkkgae [2017-03-29]
CHR Extension: (Checker Plus for Gmail™) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\oeopbcgkkoapgobdbedcemjljbihmemj [2017-07-02]
CHR Extension: (Trello) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\oflhioojkbelepjlnafgmgkkjhojphcg [2017-03-29]
CHR Extension: (Stylebot) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\oiaejidbmkiecgbjeifoejpgmdaleoha [2017-03-29]
CHR Extension: (Drudge Retort: The Other Side of the ...) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\omfjcplilgeoplpnpmlbfpdmlnjjhikc [2017-03-29]
CHR Extension: (Microsoft Office Online - Word, Excel...) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\palennhedgekbnbmokheidadmghcncgl [2017-03-29]
CHR Extension: (Outlook.com) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfpeapihoiogbcmdmnibeplnikfnhoge [2017-03-29]
CHR Extension: (Chrome Media Router) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-06-28]
CHR Extension: (Sunrise Calendar) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\plbmnkaebchbgijgejjfcpfpklbnbmik [2017-03-29]
CHR Extension: (RSS Feed Reader) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\pnjaodmkngahhkoihejjehlcdlnohgmp [2017-07-03]
CHR HKU\S-2-6-91-1343252309-1093874298-1923874192-0001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\user\AppData\Local\Google\Drive\user_default\apdfllckaahabafndbhieahigkjlhalf_live.crx [2017-03-30]
CHR HKU\S-2-6-91-1343252309-1093874298-1923874192-0001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - C:\Program Files \Adobe\Acrobat 11.0\Acrobat\Browser\WCChromeExtn\WCChromeExtn.crx [2017-03-28]

Opera:
=======
OPR Extension: (Stylish) - C:\Users\user\AppData\Roaming\Opera Software\Opera Stable\Extensions\bofnhkejmonldphklejelehlhhoecceg [2017-01-16]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AGSService; C:\Program Files \Common Files\Adobe\AdobeGCClient\AGSService.exe [2246256 2017-05-18] (Adobe Systems, Incorporated)
R2 AMD FUEL Service; C:\Program Files (x86)\AMD\ATI.ACE\Fuel\Fuel.Service.exe [344064 2015-08-04] (Advanced Micro Devices, Inc.) [File not signed]
R2 asComSvc; C:\Program Files \ASUS\AXSP\1.00.19\atkexComSvc.exe [920736 2014-03-12] ()
R2 asHmComSvc; C:\Program Files \ASUS\AAHM\1.00.20\aaHMSvc.exe [951936 2014-03-12] (ASUSTeK Computer Inc.)
R2 AsSysCtrlService; C:\Program Files \ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe [149120 2012-02-17] (ASUSTeK Computer Inc.)
R2 AsusFanControlService; C:\Program Files \ASUS\AsusFanControlService\1.02.00\AsusFanControlService.exe [1632256 2014-03-12] (ASUSTeK Computer Inc.) [File not signed]
S3 BoxSyncUpdateService; C:\Program Files (x86)\Box\Box Sync\SyncUpdaterService.exe [37264 2016-07-29] (Box, Inc.)
R3 BrYNSvc; C:\Program Files \Browny02\BrYNSvc.exe [282112 2013-09-25] (Brother Industries, Ltd.) [File not signed]
R2 ClickToRunSvc; C:\Program Files (x86)\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [4411592 2017-06-23] (Microsoft Corporation)
R2 CrashPlanService; C:\Program Files (x86)\CrashPlan\CrashPlanService.exe [267736 2017-06-08] (Code 42 Software)
S2 dbupdate; C:\Program Files \Dropbox\Update\DropboxUpdate.exe [143144 2016-09-04] (Dropbox, Inc.)
S2 dbupdatem; C:\Program Files \Dropbox\Update\DropboxUpdate.exe [143144 2016-09-04] (Dropbox, Inc.)
R2 DbxSvc; C:\Windows\SysWOW64\DbxSvc.exe [49992 2017-06-26] (Dropbox, Inc.)
R2 DisplayFusionService; C:\Development\Modifications\DisplayFusion\DisplayFusionService.exe [5098008 2016-12-23] (Binary Fortress Software)
R2 FileMarkerApplyIconService; C:\Development\Modifications\FileMarker.NET\FileMarkerService.exe [717576 2013-11-01] (ArcticLine Software)
S3 fussvc; C:\Development\Microsoft SDKs\Windows\8.1\App Certification Kit\fussvc.exe [143872 2014-10-24] (Microsoft Corporation) [File not signed]
S4 LiveUpdateSvc; C:\Program Files \IObit\LiveUpdate\LiveUpdate.exe [2960672 2016-07-20] (IObit)
R2 mfsyncsv; C:\Windows\SysWOW64\mfsyncsv.exe [253744 2016-10-06] (Techsoft)
S4 PlaysService; C:\Program Files \Raptr Inc\PlaysTV\plays_service.exe [32528 2016-08-02] (Plays.tv, LLC)
S4 PSI_SVC_2; C:\Program Files \Common Files\Protexis\License Service\PsiService_2.exe [277360 2014-04-30] (arvato digital services llc)
R2 SamsungRapidSvc; C:\Windows\SysWOW64\RAPID\SamsungRapidSvc.exe [29080 2016-11-18] (Samsung Electronics Co., Ltd.)
R2 SepMasterService; C:\Program Files \Symantec\Symantec Endpoint Protection\12.1.2015.2015.105\Bin\ccSvcHst.exe [143928 2012-11-03] (Symantec Corporation)
R3 SmcService; C:\Program Files \Symantec\Symantec Endpoint Protection\12.1.2015.2015.105\Bin64\Smc.exe [2294112 2012-11-03] (Symantec Corporation)
S4 SNAC; C:\Program Files \Symantec\Symantec Endpoint Protection\12.1.2015.2015.105\Bin64\snac64.exe [334288 2012-11-03] (Symantec Corporation)
S3 Te.Service; C:\Development\Microsoft SDKs\Windows\8.1\Testing\Runtimes\TAEF\Wex.Services.exe [122368 2015-02-26] (Microsoft Corporation) [File not signed]
S4 TeamViewer; C:\Program Files \TeamViewer\TeamViewer_Service.exe [7500048 2016-09-20] (TeamViewer GmbH)
S4 vmware-view-usbd; C:\Program Files \VMware\VMware Horizon View Client\bin\vmware-view-usbd.exe [1978584 2014-08-13] (VMware, Inc.)
R2 WinDefend; C:\Program Files (x86)\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S4 WMZuneComm; C:\Apps\Zune\WMZuneComm.exe [306400 2011-08-05] (Microsoft Corporation)
S4 wsnm; C:\Program Files \VMware\VMware Horizon View Client\wsnm\wsnm.exe [528600 2014-08-29] (VMware, Inc.)
S4 ZuneNetworkSvc; C:\Apps\Zune\ZuneNss.exe [8277728 2011-08-05] (Microsoft Corporation)
S4 ZuneWlanCfgSvc; C:\Apps\Zune\ZuneWlanCfgSvc.exe [467680 2011-08-05] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 AiChargerPlus; C:\Windows\system32\drivers\AiChargerPlus.sys [14848 2013-01-28] (ASUSTek Computer Inc.)
R2 AODDriver4.3; C:\Program Files (x86)\AMD\ATI.ACE\Fuel\amd64\AODDriver2.sys [59616 2014-02-11] (Advanced Micro Devices)
R0 asahci64; C:\Windows\SysWOW64\DRIVERS\asahci64.sys [49760 2012-01-06] (Asmedia Technology)
R1 AsIO; C:\Windows\system32\drivers\AsIO.sys [15232 2012-08-22] ()
R0 asstor64; C:\Windows\SysWOW64\DRIVERS\asstor64.sys [83792 2015-06-17] (Asmedia Technology)
R1 AsUpIO; C:\Windows\system32\drivers\AsUpIO.sys [14464 2011-04-11] ()
S3 ASUSFILTER; C:\Windows\system32\drivers\ASUSFILTER.sys [46152 2011-09-20] (MCCI Corporation)
R1 BHDrvx64; C:\ProgramData\Symantec\Symantec Endpoint Protection\12.1.2015.2015.105\Data\Definitions\BASHDefs\20170703.001\BHDrvx64.sys [1862784 2017-05-18] (Symantec Corporation)
R1 ccSettings_{3771A34D-2132-48EA-A486-D62ECDF9D553}; C:\Windows\SysWOW64\Drivers\SEP\0C0107DF\07DF.105\x64\ccSetx64.sys [168096 2012-11-03] (Symantec Corporation)
S3 danewFltr; C:\Windows\SysWOW64\drivers\danew.sys [12032 2010-03-23] (Razer (Asia-Pacific) Pte Ltd) [File not signed]
R3 dcdbas; C:\Windows\SysWOW64\DRIVERS\dcdbas64.sys [48464 2015-06-18] (Dell Inc.)
R1 eeCtrl; C:\Program Files \Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [508032 2017-06-30] (Symantec Corporation)
S3 epmntdrv; C:\Windows\SysWOW64\epmntdrv.sys [24056 2016-01-14] ()
S3 epmntdrv; C:\Windows\system32\epmntdrv.sys [21496 2016-01-14] ()
U3 EraserUtilDrv11720; C:\Program Files \Common Files\Symantec Shared\EENGINE\EraserUtilDrv11720.sys [158336 2017-06-30] (Symantec Corporation)
S3 EuGdiDrv; C:\Windows\SysWOW64\EuGdiDrv.sys [10848 2016-07-11] ()
S3 EuGdiDrv; C:\Windows\system32\EuGdiDrv.sys [10208 2016-07-11] ()
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [27552 2017-07-08] (REALiX(tm))
R1 IDSVia64; C:\ProgramData\Symantec\Symantec Endpoint Protection\12.1.2015.2015.105\Data\Definitions\IPSDefs\20170707.011\IDSvia64.sys [1012864 2017-05-26] (Symantec Corporation)
R3 LVPr2M64; C:\Windows\SysWOW64\DRIVERS\LVPr2M64.sys [30232 2009-04-30] ()
S3 LVPr2Mon; C:\Windows\SysWOW64\DRIVERS\LVPr2M64.sys [30232 2009-04-30] ()
R0 mrfoldr; C:\Windows\SysWOW64\drivers\mrfoldr.sys [140896 2016-10-06] (Techsoft)
R3 NAVENG; C:\ProgramData\Symantec\Symantec Endpoint Protection\12.1.2015.2015.105\Data\Definitions\VirusDefs\20170710.008\ENG64.SYS [138880 2017-05-24] (Symantec Corporation)
R3 NAVEX15; C:\ProgramData\Symantec\Symantec Endpoint Protection\12.1.2015.2015.105\Data\Definitions\VirusDefs\20170710.008\EX64.SYS [2152064 2017-05-24] (Symantec Corporation)
R3 rspLLL; C:\Windows\SysWOW64\DRIVERS\rspLLL64.sys [26368 2015-07-13] (Resplendence Software Projects Sp.)
R0 SamsungRapidDiskFltr; C:\Windows\SysWOW64\DRIVERS\SamsungRapidDiskFltr.sys [272792 2016-11-18] (Samsung Electronics Co., Ltd.)
R0 SamsungRapidFSFltr; C:\Windows\SysWOW64\DRIVERS\SamsungRapidFSFltr.sys [111512 2016-11-18] (Samsung Electronics Co., Ltd.)
R1 SRTSP; C:\Windows\SysWOW64\Drivers\SEP\0C0107DF\07DF.105\x64\SRTSP64.SYS [776352 2012-11-03] (Symantec Corporation)
R1 SRTSPX; C:\Windows\SysWOW64\Drivers\SEP\0C0107DF\07DF.105\x64\SRTSPX64.SYS [37496 2012-11-03] (Symantec Corporation)
R3 STXIIService; C:\Windows\SysWOW64\drivers\STXII.sys [2736640 2014-02-18] (C-Media Inc)
S3 SyDvCtrl; C:\Program Files \Symantec\Symantec Endpoint Protection\12.1.2015.2015.105\Bin64\SyDvCtrl64.sys [34352 2012-11-03] (Symantec Corporation)
R0 SymDS; C:\Windows\SysWOW64\Drivers\SEP\0C0107DF\07DF.105\x64\SYMDS64.SYS [493216 2012-11-03] (Symantec Corporation)
R0 SymEFA; C:\Windows\SysWOW64\Drivers\SEP\0C0107DF\07DF.105\x64\SYMEFA64.SYS [1133216 2012-11-03] (Symantec Corporation)
R3 SymEvent; C:\Windows\SysWOW64\Drivers\SYMEVENT64x86.SYS [177312 2016-08-10] (Symantec Corporation)
R1 SymIRON; C:\Windows\SysWOW64\Drivers\SEP\0C0107DF\07DF.105\x64\Ironx64.SYS [224416 2012-11-03] (Symantec Corporation)
R1 SYMNETS; C:\Windows\SysWOW64\Drivers\SEP\0C0107DF\07DF.105\x64\SYMNETS.SYS [432800 2012-11-03] (Symantec Corporation)
R1 SysPlant; C:\Windows\SysWOW64\Drivers\SysPlant.sys [154904 2016-08-10] (Symantec Corporation)
R1 Teefer2; C:\Windows\SysWOW64\DRIVERS\Teefer.sys [95616 2012-11-03] (Symantec Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-07-10 19:38 - 2017-07-10 19:38 - 00055260 _____ C:\Users\user\Downloads\FRST.txt
2017-07-10 19:37 - 2017-07-10 19:38 - 00000000 ____D C:\FRST
2017-07-10 19:37 - 2017-07-10 19:37 - 00000000 ____D C:\Windows\LastGood
2017-07-10 19:36 - 2017-07-10 19:36 - 02437120 _____ (Farbar) C:\Users\user\Downloads\frst64.exe
2017-07-10 19:35 - 2017-07-10 19:35 - 00899584 _____ C:\Users\user\Downloads\rgsa.exe
2017-07-10 19:31 - 2017-07-10 19:31 - 00000060 _____ C:\ProgramData\SoftwareUpdateTemp.xml
2017-07-10 19:29 - 2017-07-10 19:29 - 41315000 _____ (AMD Inc.) C:\Users\user\Downloads\radeon-crimson-relive-17.7.1-minimalsetup-170710_64bit.exe
2017-07-10 19:23 - 2017-07-10 19:23 - 00000000 ___HD C:\OneDriveTemp
2017-07-10 19:11 - 2012-12-27 02:26 - 00107552 _____ (Realtek Semiconductor Corporation) C:\Windows\SysWOW64\RTNUninst64.dll
2017-07-10 19:11 - 2012-12-27 02:26 - 00074344 _____ (Realtek Semiconductor Corporation) C:\Windows\SysWOW64\RtNicProp64.dll
2017-07-09 20:16 - 2017-07-10 18:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Utilities
2017-07-09 20:15 - 2017-07-09 20:15 - 03959288 _____ (Martin Malík - REALiX ) C:\Users\user\Downloads\hw64_554.exe
2017-07-09 16:38 - 2017-07-09 16:38 - 00041449 _____ C:\Users\user\Desktop\My Baseline (2017- 7- 9).ptx
2017-07-08 21:51 - 2017-07-08 21:51 - 00027552 _____ (REALiX(tm)) C:\Windows\SysWOW64\Drivers\HWiNFO64A.SYS
2017-07-04 18:38 - 2017-07-04 18:38 - 09446336 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiumd64.dll
2017-07-04 18:38 - 2017-07-04 18:38 - 00522632 _____ C:\Windows\SysWOW64\GameManager64.dll

2017-07-04 18:38 - 2017-07-04 18:38 - 00185088 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiu9p64.dll2017-07-04 18:37 - 2017-07-04 18:37 - 15728008 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\aticaldd64.dll
2017-07-04 18:37 - 2017-07-04 18:37 - 14318984 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\aticaldd.dll
2017-07-04 18:37 - 2017-07-04 18:37 - 01032072 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atiadlxy.dll
2017-07-04 18:37 - 2017-07-04 18:37 - 01032072 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atiadlxx.dll
2017-07-04 18:37 - 2017-07-04 18:37 - 00768904 _____ (AMD) C:\Windows\SysWOW64\atieclxx.exe
2017-07-04 18:37 - 2017-07-04 18:37 - 00544136 _____ (AMD) C:\Windows\SysWOW64\atitmm64.dll
2017-07-04 18:37 - 2017-07-04 18:37 - 00543112 _____ C:\Windows\SysWOW64\dgtrayicon.exe
2017-07-04 18:37 - 2017-07-04 18:37 - 00543112 _____ (AMD) C:\Windows\SysWOW64\atiesrxx.exe
2017-07-04 18:37 - 2017-07-04 18:37 - 00537992 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\Rapidfire64.dll
2017-07-04 18:37 - 2017-07-04 18:37 - 00520584 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\Drivers\atikmpag.sys
2017-07-04 18:37 - 2017-07-04 18:37 - 00475016 _____ C:\Windows\SysWOW64\atieah64.exe
2017-07-04 18:37 - 2017-07-04 18:37 - 00469384 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Rapidfire.dll
2017-07-04 18:37 - 2017-07-04 18:37 - 00458632 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atidemgy.dll
2017-07-04 18:37 - 2017-07-04 18:37 - 00402312 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atiapfxx.exe
2017-07-04 18:37 - 2017-07-04 18:37 - 00356744 _____ C:\Windows\system32\GameManager32.dll
2017-07-04 18:37 - 2017-07-04 18:37 - 00349064 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\ATIODE.exe
2017-07-04 18:37 - 2017-07-04 18:37 - 00325512 _____ C:\Windows\system32\atieah32.exe
2017-07-04 18:37 - 2017-07-04 18:37 - 00194952 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atigktxx.dll
2017-07-04 18:37 - 2017-07-04 18:37 - 00182664 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\mantle64.dll
2017-07-04 18:37 - 2017-07-04 18:37 - 00161160 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\mantleaxl64.dll
2017-07-04 18:37 - 2017-07-04 18:37 - 00142216 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\mantle32.dll
2017-07-04 18:37 - 2017-07-04 18:37 - 00126344 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\mantleaxl32.dll
2017-07-04 18:37 - 2017-07-04 18:37 - 00124808 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiglpxx.dll
2017-07-04 18:37 - 2017-07-04 18:37 - 00124808 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiglpxx.dll
2017-07-04 18:37 - 2017-07-04 18:37 - 00114056 _____ (AMD) C:\Windows\SysWOW64\atimuixx.dll
2017-07-04 18:37 - 2017-07-04 18:37 - 00078728 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\aticalrt64.dll
2017-07-04 18:37 - 2017-07-04 18:37 - 00072072 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\aticalcl64.dll
2017-07-04 18:37 - 2017-07-04 18:37 - 00068488 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\aticalrt.dll
2017-07-04 18:37 - 2017-07-04 18:37 - 00067464 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\ATIODCLI.exe
2017-07-04 18:37 - 2017-07-04 18:37 - 00065416 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\aticalcl.dll
2017-07-04 18:37 - 2017-07-04 18:37 - 00060296 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\Drivers\ati2erec.dll
2017-07-04 18:37 - 2017-07-04 18:37 - 00036232 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\RapidFireServer64.dll
2017-07-04 18:37 - 2017-07-04 18:37 - 00033672 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\RapidFireServer.dll
2017-07-04 18:36 - 2017-07-04 18:36 - 59237768 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\amdocl64.dll
2017-07-04 18:36 - 2017-07-04 18:36 - 46457736 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\amdocl.dll
2017-07-04 18:36 - 2017-07-04 18:36 - 36562312 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\Drivers\atikmdag.sys
2017-07-04 18:36 - 2017-07-04 18:36 - 28797832 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\amdocl12cl64.dll
2017-07-04 18:36 - 2017-07-04 18:36 - 22739336 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\amdocl12cl.dll
2017-07-04 18:36 - 2017-07-04 18:36 - 14414072 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiumd6a.dll
2017-07-04 18:36 - 2017-07-04 18:36 - 10313608 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdvlk64.dll
2017-07-04 18:36 - 2017-07-04 18:36 - 09899912 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdmantle64.dll
2017-07-04 18:36 - 2017-07-04 18:36 - 07955848 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdmantle32.dll
2017-07-04 18:36 - 2017-07-04 18:36 - 02527624 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\amfrt64.dll
2017-07-04 18:36 - 2017-07-04 18:36 - 02189704 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\amfrt32.dll
2017-07-04 18:36 - 2017-07-04 18:36 - 00855432 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\amdlvr64.dll
2017-07-04 18:36 - 2017-07-04 18:36 - 00687496 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\amdlvr32.dll
2017-07-04 18:36 - 2017-07-04 18:36 - 00505736 _____ C:\Windows\SysWOW64\amdgfxinfo64.dll
2017-07-04 18:36 - 2017-07-04 18:36 - 00351624 _____ C:\Windows\system32\amdgfxinfo32.dll
2017-07-04 18:36 - 2017-07-04 18:36 - 00305544 _____ (Advanced Micro Devices) C:\Windows\SysWOW64\Drivers\amdacpksd.sys
2017-07-04 18:36 - 2017-07-04 18:36 - 00269704 _____ C:\Windows\SysWOW64\clinfo.exe
2017-07-04 18:36 - 2017-07-04 18:36 - 00185600 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\amdhcp64.dll
2017-07-04 18:36 - 2017-07-04 18:36 - 00159112 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atisamu64.dll
2017-07-04 18:36 - 2017-07-04 18:36 - 00154152 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\amdhcp32.dll
2017-07-04 18:36 - 2017-07-04 18:36 - 00128968 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdave64.dll
2017-07-04 18:36 - 2017-07-04 18:36 - 00124808 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atisamu32.dll
2017-07-04 18:36 - 2017-07-04 18:36 - 00121240 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atimpc64.dll
2017-07-04 18:36 - 2017-07-04 18:36 - 00121240 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdpcom64.dll
2017-07-04 18:36 - 2017-07-04 18:36 - 00112520 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2017-07-04 18:36 - 2017-07-04 18:36 - 00106248 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdave32.dll
2017-07-04 18:36 - 2017-07-04 18:36 - 00103304 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2017-07-04 18:36 - 2017-07-04 18:36 - 00092840 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atimpc32.dll
2017-07-04 18:36 - 2017-07-04 18:36 - 00092840 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdpcom32.dll
2017-07-04 18:35 - 2017-07-04 18:35 - 26831240 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atioglxx.dll
2017-07-04 18:35 - 2017-07-04 18:35 - 08471432 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdvlk32.dll
2017-07-04 18:35 - 2017-07-04 18:35 - 00166280 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amduve64.dll
2017-07-04 18:35 - 2017-07-04 18:35 - 00135560 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amduve32.dll
2017-07-04 18:35 - 2017-07-04 18:35 - 00082824 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdmcl64.dll
2017-07-04 18:35 - 2017-07-04 18:35 - 00066952 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdmmcl6.dll
2017-07-04 18:35 - 2017-07-04 18:35 - 00066440 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdmcl32.dll
2017-07-04 18:35 - 2017-07-04 18:35 - 00054664 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdmmcl.dll
2017-07-04 17:59 - 2017-07-04 17:59 - 00798552 _____ C:\Windows\system32\atiapfxx.blb
2017-07-04 17:59 - 2017-07-04 17:59 - 00798552 _____ C:\Windows\SysWOW64\atiapfxx.blb
2017-07-04 17:58 - 2017-07-04 17:58 - 03437632 _____ C:\Windows\SysWOW64\atiumd6a.cap
2017-07-04 17:53 - 2017-07-04 17:53 - 03471376 _____ C:\Windows\system32\atiumdva.cap
2017-07-04 12:49 - 2017-07-04 12:51 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy
2017-07-04 12:47 - 2017-07-04 12:48 - 16409960 _____ (Safer Networking Limited ) C:\Users\user\Downloads\spybotsd162.exe
2017-07-04 11:29 - 2017-07-04 11:29 - 00368576 _____ C:\Windows\SysWOW64\ativvaxy_el_nd.dat
2017-07-03 22:47 - 2017-07-04 12:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tools Security
2017-07-03 22:47 - 2017-07-03 22:49 - 00000000 ____D C:\Users\user\AppData\Roaming\.clamwin
2017-07-03 22:44 - 2017-07-03 22:45 - 120690586 _____ (alch ) C:\Users\user\Downloads\clamwin-0.99.1-setup.exe
2017-07-03 20:32 - 2017-07-03 20:32 - 00000000 _____ C:\Users\user\AppData\Local\{32CC8840-D407-4FDF-9077-54AEE6515CAD}
2017-07-03 20:32 - 2017-07-03 20:32 - 00000000 _____ C:\Users\user\AppData\Local\{174E6EE2-8EF7-4E5D-8F64-269686E139BA}
2017-07-03 19:57 - 2017-07-03 19:57 - 00000000 _____ C:\Users\user\AppData\Local\{8099176B-DFD6-4218-B7FE-EE26F272B780}
2017-07-03 18:39 - 2017-07-03 18:42 - 478915776 _____ (AMD Inc.) C:\Users\user\Downloads\non-whql-win7-64bit-radeon-software-crimson-relive-17.6.2-june13.exe
2017-07-02 21:21 - 2017-07-02 21:21 - 00000000 ____D C:\Users\user\AppData\Roaming\AMD
2017-07-02 21:20 - 2017-07-02 21:31 - 00000000 ____D C:\Users\user\AppData\Roaming\obs-studio
2017-07-02 21:19 - 2017-07-02 21:19 - 00000949 _____ C:\Users\Public\Desktop\OBS Studio.lnk
2017-07-02 21:19 - 2017-07-02 21:19 - 00000000 ____D C:\ProgramData\Intel
2017-07-02 21:17 - 2017-07-02 21:18 - 113245088 _____ (obsproject.com) C:\Users\user\Downloads\OBS-Studio-19.0.3-Full-Installer.exe
2017-07-02 18:05 - 2017-07-03 18:38 - 00225000 _____ C:\Users\user\Downloads\radeon-crimson-relive-17.6.2-minimalsetup-170613_64bit.exe
2017-07-02 14:42 - 2017-06-19 19:14 - 25731584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2017-07-02 14:42 - 2017-06-19 19:10 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2017-07-02 14:42 - 2017-06-19 18:43 - 00615936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2017-07-02 14:42 - 2017-06-19 18:21 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2017-07-02 14:42 - 2017-06-19 18:09 - 20270592 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2017-07-02 14:42 - 2017-06-19 18:00 - 00476160 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2017-07-02 14:42 - 2017-06-19 17:50 - 15252480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2017-07-02 14:42 - 2017-06-19 17:29 - 13664256 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2017-07-02 14:42 - 2017-06-16 11:29 - 02319872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tquery.dll
2017-07-02 14:42 - 2017-06-16 11:29 - 02222080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssrch.dll
2017-07-02 14:42 - 2017-06-16 11:29 - 00778240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssvp.dll
2017-07-02 14:42 - 2017-06-16 11:29 - 00491520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssph.dll
2017-07-02 14:42 - 2017-06-16 11:29 - 00288256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssphtb.dll
2017-07-02 14:42 - 2017-06-16 11:29 - 00115200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssitlb.dll
2017-07-02 14:42 - 2017-06-16 11:29 - 00099840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssprxy.dll
2017-07-02 14:42 - 2017-06-16 11:29 - 00075264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscntrs.dll
2017-07-02 14:42 - 2017-06-16 11:29 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msshooks.dll
2017-07-02 14:42 - 2017-06-16 11:13 - 00591872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchIndexer.exe
2017-07-02 14:42 - 2017-06-16 11:12 - 00249856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe
2017-07-02 14:42 - 2017-06-16 11:11 - 01549312 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll
2017-07-02 14:42 - 2017-06-16 11:11 - 01400320 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll
2017-07-02 14:42 - 2017-06-16 11:11 - 00666624 _____ (Microsoft Corporation) C:\Windows\system32\mssvp.dll
2017-07-02 14:42 - 2017-06-16 11:11 - 00337408 _____ (Microsoft Corporation) C:\Windows\system32\mssph.dll
2017-07-02 14:42 - 2017-06-16 11:11 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\mssphtb.dll
2017-07-02 14:42 - 2017-06-16 11:11 - 00113664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchFilterHost.exe
2017-07-02 14:42 - 2017-06-16 11:11 - 00104448 _____ (Microsoft Corporation) C:\Windows\system32\mssitlb.dll
2017-07-02 14:42 - 2017-06-16 11:11 - 00059392 _____ (Microsoft Corporation) C:\Windows\system32\msscntrs.dll
2017-07-02 14:42 - 2017-06-16 11:11 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\mssprxy.dll
2017-07-02 14:42 - 2017-06-16 11:00 - 00427520 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe
2017-07-02 14:42 - 2017-06-16 11:00 - 00164352 _____ (Microsoft Corporation) C:\Windows\system32\SearchProtocolHost.exe
2017-07-02 14:42 - 2017-06-16 10:59 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\SearchFilterHost.exe
2017-07-02 14:42 - 2017-06-16 10:59 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\msshooks.dll
2017-07-02 14:42 - 2017-05-21 00:24 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2017-07-02 14:42 - 2017-05-21 00:06 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2017-07-02 14:42 - 2017-05-16 11:35 - 00986856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Drivers\dxgkrnl.sys
2017-07-02 14:42 - 2017-05-16 11:35 - 00265448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Drivers\dxgmms1.sys
2017-07-02 14:42 - 2017-05-16 11:30 - 00144384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cdd.dll
2017-07-02 13:49 - 2017-07-02 13:49 - 00000000 ____D C:\Program Files\ATI Technologies
2017-07-02 13:48 - 2017-07-02 13:48 - 00016896 _____ (ASUS) C:\Windows\AsTaskSched.dll
2017-07-02 13:46 - 2017-07-02 13:46 - 00000000 ____D C:\Users\user\Downloads\AMD_Chipset_XPVistaWin7_8_V8973_V901
2017-07-02 13:46 - 2011-02-25 02:25 - 00296320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Drivers\volsnap.sys
2017-07-02 13:43 - 2017-07-02 13:43 - 05500868 _____ C:\Users\user\Downloads\Asmedia_USB3_XPVistaWin7-8-81_VER116120.zip
2017-07-02 13:43 - 2017-07-02 13:43 - 00000000 ____D C:\Users\user\Downloads\Asmedia_USB3_XPVistaWin7-8-81_VER116120
2017-07-02 13:41 - 2017-07-02 13:46 - 944709898 _____ C:\Users\user\Downloads\AMD_Chipset_XPVistaWin7_8_V8973_V901.zip
2017-07-02 12:35 - 2017-07-10 19:24 - 00003012 _____ C:\Windows\SysWOW64\Tasks\MSIAfterburner
2017-06-28 10:03 - 2017-06-28 10:03 - 00000218 _____ C:\Users\user\AppData\Local\recently-used.xbel
2017-06-26 14:33 - 2017-06-26 14:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2017-06-26 10:29 - 2017-06-26 10:29 - 00264581 _____ C:\Users\user\Downloads\Invoice.pdf
2017-06-26 06:27 - 2017-06-26 06:27 - 00049992 _____ (Dropbox, Inc.) C:\Windows\SysWOW64\DbxSvc.exe
2017-06-26 06:27 - 2017-06-26 06:27 - 00045640 _____ (Dropbox, Inc.) C:\Windows\SysWOW64\Drivers\dbx-stable.sys
2017-06-26 06:27 - 2017-06-26 06:27 - 00045640 _____ (Dropbox, Inc.) C:\Windows\SysWOW64\Drivers\dbx-dev.sys
2017-06-26 06:27 - 2017-06-26 06:27 - 00045640 _____ (Dropbox, Inc.) C:\Windows\SysWOW64\Drivers\dbx-canary.sys
2017-06-24 21:19 - 2017-06-24 21:19 - 00941841 _____ C:\Users\user\Downloads\Video.MOV
2017-06-24 05:17 - 2017-06-24 05:17 - 00000000 ____D C:\Users\user\Downloads\File-Export-2017-05-25-to-2017-06-24
2017-06-24 05:16 - 2017-06-24 05:16 - 00002023 _____ C:\Users\user\Downloads\File-Export-2017-05-25-to-2017-06-24.zip
2017-06-24 01:58 - 2017-06-24 01:58 - 00000000 ____D C:\Users\user\Downloads\mirror folder retail
2017-06-24 01:56 - 2016-10-06 10:36 - 00253744 _____ (Techsoft) C:\Windows\SysWOW64\mfsyncsv.exe
2017-06-24 01:55 - 2017-06-24 01:55 - 04123176 _____ (Techsoft ) C:\Users\user\Downloads\mf51r.exe
2017-06-24 01:54 - 2017-06-24 01:54 - 00001432 _____ C:\Users\user\Desktop\mirrorfolder.xml
2017-06-22 13:08 - 2017-06-22 13:08 - 00000000 ____D C:\Users\user\AppData\Roaming\ArcticLine
2017-06-22 13:07 - 2017-06-22 13:07 - 01630600 _____ (ArcticLine Software ) C:\Users\user\Downloads\FileMarker.NET_Free.exe
2017-06-22 04:46 - 2017-06-22 04:46 - 00951878 _____ C:\Windows\SysWOW64\amdicdxx.dat
2017-06-17 11:20 - 2017-06-17 11:20 - 01202184 _____ (Adobe Systems Incorporated) C:\Users\user\Downloads\flashplayer26pp_xa_install.exe
2017-06-14 10:24 - 2017-06-14 10:24 - 00000241 _____ C:\Users\user\Downloads\download.TXT
2017-06-14 10:24 - 2017-06-14 10:24 - 00000073 _____ C:\Users\user\Downloads\download (5).CSV
2017-06-14 00:43 - 2017-07-02 11:57 - 00000000 _____ C:\Users\user\AppData\initdebug.nfo
2017-06-14 00:43 - 2017-06-14 00:43 - 02143832 _____ C:\Users\user\Downloads\instsf449.exe
2017-06-14 00:20 - 2017-07-02 11:57 - 00000045 _____ C:\Windows\system32\initdebug.nfo
2017-06-14 00:18 - 2017-06-14 00:18 - 03086696 _____ C:\Users\user\Downloads\instspeedfan452.exe
2017-06-14 00:17 - 2017-06-14 00:17 - 00000000 ____D C:\ProgramData\Dell
2017-06-14 00:17 - 2011-07-04 12:34 - 00399296 _____ (Dell Inc.) C:\Windows\system32\dchbas32.dll
2017-06-14 00:17 - 2011-07-04 12:34 - 00325568 _____ (Dell Inc.) C:\Windows\hapint.exe
2017-06-14 00:17 - 2011-07-04 12:34 - 00284608 _____ (Dell Inc.) C:\Windows\system32\dchapi32.dll
2017-06-14 00:17 - 2011-07-04 12:34 - 00284608 _____ (Dell Inc.) C:\Windows\dchcfg32.exe
2017-06-14 00:17 - 2011-07-04 12:34 - 00243648 _____ (Dell Inc.) C:\Windows\system32\dchcfl32.dll
2017-06-14 00:17 - 2011-07-04 12:34 - 00108992 _____ (Dell Inc.) C:\Windows\dcmdev64.exe
2017-06-14 00:16 - 2017-06-14 00:16 - 15105552 _____ (Dell Inc.) C:\Users\user\Downloads\2020_Network_Driver_T13T3_WN_8.2.612.2012_A01.EXE
2017-06-13 23:52 - 2017-06-13 23:52 - 00000000 ____D C:\ProgramData\ASUS OC Profiles
2017-06-13 22:42 - 2017-07-10 19:30 - 00000000 ____D C:\AMD
2017-06-13 22:33 - 2017-06-13 22:33 - 03100584 _____ (PassMark Software ® ) C:\Users\user\Downloads\wirelessmon_WP89BD7421.exe
2017-06-13 22:00 - 2017-06-13 22:00 - 00000000 ____D C:\Windows\SysWOW64\RAPID
2017-06-13 22:00 - 2016-11-18 19:04 - 00272792 _____ (Samsung Electronics Co., Ltd.) C:\Windows\SysWOW64\Drivers\SamsungRapidDiskFltr.sys
2017-06-13 21:56 - 2017-06-13 21:56 - 00003656 _____ C:\Windows\SysWOW64\Tasks\SSDlife
2017-06-13 21:41 - 2017-06-13 21:41 - 00003246 _____ C:\Windows\SysWOW64\Tasks\SamsungMagician
2017-06-13 21:41 - 2017-06-13 21:41 - 00000000 ____D C:\ProgramData\Samsung
2017-06-13 21:40 - 2017-06-13 21:40 - 13944028 _____ C:\Users\user\Downloads\Samsung_Magician_Installer.zip
2017-06-13 21:40 - 2017-06-13 21:40 - 00000000 ____D C:\Users\user\Downloads\Samsung_Magician_Installer
2017-06-13 21:37 - 2017-07-10 19:23 - 00000000 ____D C:\ProgramData\TEMP
2017-06-13 21:37 - 2017-06-13 21:37 - 00002013 _____ C:\Users\Public\Desktop\SSDlife Pro.lnk
2017-06-13 21:37 - 2017-06-13 21:37 - 00000000 ____D C:\ProgramData\Binarysense
2017-06-13 21:36 - 2017-06-13 21:36 - 04816896 _____ C:\Users\user\Downloads\SSDlife Pro 2.5.82.msi
2017-06-13 21:28 - 2017-02-15 02:51 - 00000000 ____D C:\Users\user\Downloads\Driver_Win8
2017-06-13 21:28 - 2017-02-15 02:50 - 00000000 ____D C:\Users\user\Downloads\Driver_Win10
2017-06-13 21:28 - 2017-02-15 02:47 - 00000000 ____D C:\Users\user\Downloads\Driver
2017-06-13 21:28 - 2016-12-26 03:21 - 00007986 _____ C:\Users\user\Downloads\readme.txt
2017-06-13 21:28 - 2016-12-26 03:06 - 08301432 _____ (Asmedia Technology) C:\Users\user\Downloads\setup.exe
2017-06-13 21:24 - 2017-06-13 21:26 - 08852071 _____ (Igor Pavlov) C:\Users\user\Downloads\asmedia_usb3_1.16.42.1(www.station-drivers.com).exe
2017-06-13 21:19 - 2017-06-24 04:38 - 00000000 _____ C:\Windows\Path.idx
2017-06-13 21:14 - 2017-07-10 19:24 - 01048576 _____ C:\Windows\PE_Rom.dll
2017-06-13 21:14 - 2017-06-13 21:14 - 00000000 ____D C:\ProgramData\ASUS PowerControl Profiles
2017-06-13 21:00 - 2017-06-13 21:00 - 00000000 ____D C:\Program Files\ASUS
2017-06-13 21:00 - 2011-09-20 00:25 - 00046152 _____ (MCCI Corporation) C:\Windows\system32\Drivers\ASUSFILTER.sys
2017-06-13 20:50 - 2017-06-13 20:50 - 00000000 ____D C:\Users\user\AppData\Roaming\app documents\ASUS Remote GO!
2017-06-13 20:50 - 2017-04-25 07:00 - 00908352 _____ (Oracle Corporation) C:\Windows\system32\npDeployJava1.dll
2017-06-13 20:50 - 2017-04-25 07:00 - 00826432 _____ (Oracle Corporation) C:\Windows\system32\deployJava1.dll
2017-06-13 20:50 - 2017-04-25 07:00 - 00268864 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2017-06-13 20:50 - 2017-04-25 07:00 - 00191552 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2017-06-13 20:50 - 2017-04-25 07:00 - 00191040 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2017-06-13 20:49 - 2017-06-13 20:50 - 00001691 _____ C:\Users\Public\Desktop\Remote GO!.lnk
2017-06-13 20:46 - 2017-06-13 20:46 - 00000000 _____ C:\Windows\system32\Drivers\1043_ASUSTeK_M5A99FX PRO R2.0.alu
2017-06-13 20:40 - 2013-02-20 23:40 - 00032840 _____ (NT Kernel Resources) C:\Windows\SysWOW64\Drivers\ndisrd.sys
2017-06-13 20:40 - 2011-04-11 22:03 - 00014464 _____ C:\Windows\system32\Drivers\AsUpIO.sys
2017-06-13 20:37 - 2017-06-13 20:37 - 00338500 _____ C:\Users\user\Downloads\20120109_FWUpg1130.zip
2017-06-13 20:36 - 2017-06-02 04:10 - 00733696 _____ (Microsoft Corporation) C:\Windows\HelpPane.exe
2017-06-13 20:36 - 2017-05-21 00:28 - 00154856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Drivers\ksecpkg.sys
2017-06-13 20:36 - 2017-05-21 00:28 - 00095464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Drivers\ksecdd.sys
2017-06-13 20:36 - 2017-05-21 00:24 - 01460736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lsasrv.dll
2017-06-13 20:36 - 2017-05-21 00:24 - 01212928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2017-06-13 20:36 - 2017-05-21 00:24 - 00730624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2017-06-13 20:36 - 2017-05-21 00:24 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2017-06-13 20:36 - 2017-05-21 00:24 - 00463872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2017-06-13 20:36 - 2017-05-21 00:24 - 00345600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2017-06-13 20:36 - 2017-05-21 00:24 - 00316928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2017-06-13 20:36 - 2017-05-21 00:24 - 00312320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2017-06-13 20:36 - 2017-05-21 00:24 - 00210432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2017-06-13 20:36 - 2017-05-21 00:24 - 00190464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2017-06-13 20:36 - 2017-05-21 00:24 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2017-06-13 20:36 - 2017-05-21 00:24 - 00135680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2017-06-13 20:36 - 2017-05-21 00:24 - 00123904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcrypt.dll
2017-06-13 20:36 - 2017-05-21 00:24 - 00086528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2017-06-13 20:36 - 2017-05-21 00:24 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2017-06-13 20:36 - 2017-05-21 00:24 - 00043520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2017-06-13 20:36 - 2017-05-21 00:24 - 00028672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspisrv.dll
2017-06-13 20:36 - 2017-05-21 00:24 - 00028160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2017-06-13 20:36 - 2017-05-21 00:24 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2017-06-13 20:36 - 2017-05-21 00:06 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2017-06-13 20:36 - 2017-05-21 00:06 - 00666112 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2017-06-13 20:36 - 2017-05-21 00:06 - 00553472 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2017-06-13 20:36 - 2017-05-21 00:06 - 00342528 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2017-06-13 20:36 - 2017-05-21 00:06 - 00261120 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2017-06-13 20:36 - 2017-05-21 00:06 - 00254464 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2017-06-13 20:36 - 2017-05-21 00:06 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2017-06-13 20:36 - 2017-05-21 00:06 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2017-06-13 20:36 - 2017-05-21 00:06 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2017-06-13 20:36 - 2017-05-21 00:06 - 00141312 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2017-06-13 20:36 - 2017-05-21 00:06 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2017-06-13 20:36 - 2017-05-21 00:06 - 00082944 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
2017-06-13 20:36 - 2017-05-21 00:06 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2017-06-13 20:36 - 2017-05-21 00:06 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2017-06-13 20:36 - 2017-05-21 00:06 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2017-06-13 20:36 - 2017-05-21 00:06 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2017-06-13 20:36 - 2017-05-20 23:55 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2017-06-13 20:36 - 2017-05-20 23:48 - 00291328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Drivers\mrxsmb10.sys
2017-06-13 20:36 - 2017-05-20 23:48 - 00159744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Drivers\mrxsmb.sys
2017-06-13 20:36 - 2017-05-20 23:48 - 00129536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Drivers\mrxsmb20.sys
2017-06-13 20:36 - 2017-05-20 23:47 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lsass.exe
2017-06-13 20:36 - 2017-05-20 23:46 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2017-06-13 20:36 - 2017-05-20 23:42 - 00036352 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2017-06-13 20:36 - 2017-05-16 14:19 - 00394448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2017-06-13 20:36 - 2017-05-16 13:35 - 00346320 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2017-06-13 20:36 - 2017-05-14 16:46 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwcollectorres.dll
2017-06-13 20:36 - 2017-05-14 16:28 - 00066560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2017-06-13 20:36 - 2017-05-14 16:27 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2017-06-13 20:36 - 2017-05-14 16:27 - 00088064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2017-06-13 20:36 - 2017-05-14 16:27 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2017-06-13 20:36 - 2017-05-14 16:26 - 00576512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2017-06-13 20:36 - 2017-05-14 16:24 - 02899456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2017-06-13 20:36 - 2017-05-14 16:17 - 00054784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2017-06-13 20:36 - 2017-05-14 16:16 - 00034304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2017-06-13 20:36 - 2017-05-14 16:10 - 00817664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2017-06-13 20:36 - 2017-05-14 16:10 - 00814080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2017-06-13 20:36 - 2017-05-14 16:10 - 00144384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2017-06-13 20:36 - 2017-05-14 16:10 - 00116224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwcollector.exe
2017-06-13 20:36 - 2017-05-14 16:01 - 00968704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MsSpellCheckingFacility.exe
2017-06-13 20:36 - 2017-05-14 15:57 - 00489984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2017-06-13 20:36 - 2017-05-14 15:55 - 05975040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2017-06-13 20:36 - 2017-05-14 15:48 - 00077824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2017-06-13 20:36 - 2017-05-14 15:47 - 00087552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2017-06-13 20:36 - 2017-05-14 15:46 - 00107520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2017-06-13 20:36 - 2017-05-14 15:42 - 00199680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2017-06-13 20:36 - 2017-05-14 15:41 - 00092160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2017-06-13 20:36 - 2017-05-14 15:38 - 00315392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2017-06-13 20:36 - 2017-05-14 15:36 - 00152064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2017-06-13 20:36 - 2017-05-14 15:23 - 00262144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2017-06-13 20:36 - 2017-05-14 15:23 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2017-06-13 20:36 - 2017-05-14 15:22 - 00499200 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2017-06-13 20:36 - 2017-05-14 15:22 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2017-06-13 20:36 - 2017-05-14 15:22 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2017-06-13 20:36 - 2017-05-14 15:21 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2017-06-13 20:36 - 2017-05-14 15:20 - 00725504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ie4uinit.exe
2017-06-13 20:36 - 2017-05-14 15:19 - 00806912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2017-06-13 20:36 - 2017-05-14 15:18 - 01359360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2017-06-13 20:36 - 2017-05-14 15:17 - 02132992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2017-06-13 20:36 - 2017-05-14 15:16 - 02290176 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2017-06-13 20:36 - 2017-05-14 15:15 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2017-06-13 20:36 - 2017-05-14 15:14 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2017-06-13 20:36 - 2017-05-14 15:11 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2017-06-13 20:36 - 2017-05-14 15:10 - 00663552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2017-06-13 20:36 - 2017-05-14 15:10 - 00620032 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2017-06-13 20:36 - 2017-05-14 15:02 - 00416256 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2017-06-13 20:36 - 2017-05-14 14:57 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2017-06-13 20:36 - 2017-05-14 14:57 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2017-06-13 20:36 - 2017-05-14 14:56 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2017-06-13 20:36 - 2017-05-14 14:53 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2017-06-13 20:36 - 2017-05-14 14:52 - 03240960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2017-06-13 20:36 - 2017-05-14 14:52 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2017-06-13 20:36 - 2017-05-14 14:50 - 00279040 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2017-06-13 20:36 - 2017-05-14 14:49 - 00130048 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2017-06-13 20:36 - 2017-05-14 14:44 - 04549120 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2017-06-13 20:36 - 2017-05-14 14:42 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2017-06-13 20:36 - 2017-05-14 14:40 - 00693248 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2017-06-13 20:36 - 2017-05-14 14:39 - 02057216 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2017-06-13 20:36 - 2017-05-14 14:38 - 01155072 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2017-06-13 20:36 - 2017-05-14 14:37 - 01544704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2017-06-13 20:36 - 2017-05-14 14:27 - 00800768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2017-06-13 20:36 - 2017-05-14 14:15 - 02767872 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2017-06-13 20:36 - 2017-05-14 14:11 - 01314816 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2017-06-13 20:36 - 2017-05-14 14:11 - 00710144 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2017-06-13 20:36 - 2017-05-12 14:27 - 00631176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winresume.efi
2017-06-13 20:36 - 2017-05-12 14:26 - 05547752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2017-06-13 20:36 - 2017-05-12 14:26 - 00706792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winload.efi
2017-06-13 20:36 - 2017-05-12 14:26 - 00382696 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2017-06-13 20:36 - 2017-05-12 14:24 - 01732864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2017-06-13 20:36 - 2017-05-12 14:22 - 01163264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2017-06-13 20:36 - 2017-05-12 14:22 - 00880640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2017-06-13 20:36 - 2017-05-12 14:22 - 00806912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2017-06-13 20:36 - 2017-05-12 14:22 - 00503808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srcore.dll
2017-06-13 20:36 - 2017-05-12 14:22 - 00419840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2017-06-13 20:36 - 2017-05-12 14:22 - 00405504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2017-06-13 20:36 - 2017-05-12 14:22 - 00362496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow64win.dll
2017-06-13 20:36 - 2017-05-12 14:22 - 00243712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow64.dll
2017-06-13 20:36 - 2017-05-12 14:22 - 00215552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winsrv.dll
2017-06-13 20:36 - 2017-05-12 14:22 - 00100864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2017-06-13 20:36 - 2017-05-12 14:22 - 00063488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setbcdlocale.dll
2017-06-13 20:36 - 2017-05-12 14:22 - 00059904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2017-06-13 20:36 - 2017-05-12 14:22 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2017-06-13 20:36 - 2017-05-12 14:22 - 00046080 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2017-06-13 20:36 - 2017-05-12 14:22 - 00044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\csrsrv.dll
2017-06-13 20:36 - 2017-05-12 14:22 - 00041472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2017-06-13 20:36 - 2017-05-12 14:22 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidsvc.dll
2017-06-13 20:36 - 2017-05-12 14:22 - 00016384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2017-06-13 20:36 - 2017-05-12 14:22 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2017-06-13 20:36 - 2017-05-12 14:22 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow64cpu.dll
2017-06-13 20:36 - 2017-05-12 14:22 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2017-06-13 20:36 - 2017-05-12 14:22 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2017-06-13 20:36 - 2017-05-12 14:22 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2017-06-13 20:36 - 2017-05-12 14:22 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2017-06-13 20:36 - 2017-05-12 14:22 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2017-06-13 20:36 - 2017-05-12 14:22 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2017-06-13 20:36 - 2017-05-12 14:22 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2017-06-13 20:36 - 2017-05-12 14:22 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2017-06-13 20:36 - 2017-05-12 14:22 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2017-06-13 20:36 - 2017-05-12 14:22 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2017-06-13 20:36 - 2017-05-12 14:22 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2017-06-13 20:36 - 2017-05-12 14:22 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2017-06-13 20:36 - 2017-05-12 14:22 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2017-06-13 20:36 - 2017-05-12 14:22 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2017-06-13 20:36 - 2017-05-12 14:22 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2017-06-13 20:36 - 2017-05-12 14:22 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2017-06-13 20:36 - 2017-05-12 14:22 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2017-06-13 20:36 - 2017-05-12 14:22 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2017-06-13 20:36 - 2017-05-12 14:22 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2017-06-13 20:36 - 2017-05-12 14:22 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2017-06-13 20:36 - 2017-05-12 14:22 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2017-06-13 20:36 - 2017-05-12 14:22 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2017-06-13 20:36 - 2017-05-12 14:22 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2017-06-13 20:36 - 2017-05-12 14:22 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2017-06-13 20:36 - 2017-05-12 14:22 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2017-06-13 20:36 - 2017-05-12 14:22 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2017-06-13 20:36 - 2017-05-12 14:22 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2017-06-13 20:36 - 2017-05-12 14:22 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2017-06-13 20:36 - 2017-05-12 14:22 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2017-06-13 20:36 - 2017-05-12 14:07 - 04001000 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2017-06-13 20:36 - 2017-05-12 14:07 - 03945704 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2017-06-13 20:36 - 2017-05-12 14:07 - 00308456 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2017-06-13 20:36 - 2017-05-12 14:04 - 01314112 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2017-06-13 20:36 - 2017-05-12 14:03 - 01114112 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2017-06-13 20:36 - 2017-05-12 14:03 - 00644096 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2017-06-13 20:36 - 2017-05-12 14:03 - 00629760 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2017-06-13 20:36 - 2017-05-12 14:03 - 00313344 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2017-06-13 20:36 - 2017-05-12 14:03 - 00275456 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2017-06-13 20:36 - 2017-05-12 14:03 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2017-06-13 20:36 - 2017-05-12 14:03 - 00050688 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2017-06-13 20:36 - 2017-05-12 14:03 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2017-06-13 20:36 - 2017-05-12 14:03 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2017-06-13 20:36 - 2017-05-12 14:03 - 00010240 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2017-06-13 20:36 - 2017-05-12 14:03 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2017-06-13 20:36 - 2017-05-12 14:03 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2017-06-13 20:36 - 2017-05-12 14:03 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\wow32.dll
2017-06-13 20:36 - 2017-05-12 14:03 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2017-06-13 20:36 - 2017-05-12 14:03 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2017-06-13 20:36 - 2017-05-12 14:03 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2017-06-13 20:36 - 2017-05-12 14:03 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2017-06-13 20:36 - 2017-05-12 14:03 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2017-06-13 20:36 - 2017-05-12 14:03 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2017-06-13 20:36 - 2017-05-12 14:03 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2017-06-13 20:36 - 2017-05-12 14:03 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2017-06-13 20:36 - 2017-05-12 14:03 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2017-06-13 20:36 - 2017-05-12 14:03 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2017-06-13 20:36 - 2017-05-12 14:03 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2017-06-13 20:36 - 2017-05-12 14:03 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2017-06-13 20:36 - 2017-05-12 14:03 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2017-06-13 20:36 - 2017-05-12 14:03 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2017-06-13 20:36 - 2017-05-12 14:03 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2017-06-13 20:36 - 2017-05-12 14:03 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2017-06-13 20:36 - 2017-05-12 14:03 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2017-06-13 20:36 - 2017-05-12 14:03 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2017-06-13 20:36 - 2017-05-12 14:03 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2017-06-13 20:36 - 2017-05-12 14:03 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2017-06-13 20:36 - 2017-05-12 14:03 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2017-06-13 20:36 - 2017-05-12 14:03 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2017-06-13 20:36 - 2017-05-12 14:03 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2017-06-13 20:36 - 2017-05-12 13:55 - 00148480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidpolicyconverter.exe
2017-06-13 20:36 - 2017-05-12 13:54 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Drivers\appid.sys
2017-06-13 20:36 - 2017-05-12 13:54 - 00017920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidcertstorecheck.exe
2017-06-13 20:36 - 2017-05-12 13:52 - 03222528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32k.sys
2017-06-13 20:36 - 2017-05-12 13:51 - 00338432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\conhost.exe
2017-06-13 20:36 - 2017-05-12 13:50 - 00296960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rstrui.exe
2017-06-13 20:36 - 2017-05-12 13:46 - 00112640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\smss.exe
2017-06-13 20:36 - 2017-05-12 13:43 - 00034304 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2017-06-13 20:36 - 2017-05-12 13:41 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\setup16.exe
2017-06-13 20:36 - 2017-05-12 13:41 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2017-06-13 20:36 - 2017-05-12 13:41 - 00007680 _____ (Microsoft Corporation) C:\Windows\system32\instnm.exe
2017-06-13 20:36 - 2017-05-12 13:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\user.exe
2017-06-13 20:36 - 2017-05-12 13:40 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2017-06-13 20:36 - 2017-05-12 13:40 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2017-06-13 20:36 - 2017-05-12 13:40 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2017-06-13 20:36 - 2017-05-12 13:40 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2017-06-13 20:36 - 2017-05-12 12:25 - 01251328 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2017-06-13 20:36 - 2017-05-12 11:58 - 01648128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2017-06-13 20:36 - 2017-05-12 11:58 - 01180160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FntCache.dll
2017-06-13 20:36 - 2017-05-10 11:33 - 00091368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MigAutoPlay.exe
2017-06-13 20:36 - 2017-05-10 11:29 - 14183936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2017-06-13 20:36 - 2017-05-10 11:29 - 03165184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wucltux.dll
2017-06-13 20:36 - 2017-05-10 11:29 - 01867776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll
2017-06-13 20:36 - 2017-05-10 11:29 - 00192512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2017-06-13 20:36 - 2017-05-10 11:29 - 00098816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2017-06-13 20:36 - 2017-05-10 11:28 - 00091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WinSetupUI.dll
2017-06-13 20:36 - 2017-05-10 11:16 - 00091368 _____ (Microsoft Corporation) C:\Windows\system32\MigAutoPlay.exe
2017-06-13 20:36 - 2017-05-10 11:14 - 02651136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuaueng.dll
2017-06-13 20:36 - 2017-05-10 11:13 - 00709120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2017-06-13 20:36 - 2017-05-10 11:13 - 00140288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuauclt.exe
2017-06-13 20:36 - 2017-05-10 11:13 - 00037888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups2.dll
2017-06-13 20:36 - 2017-05-10 11:13 - 00037888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2017-06-13 20:36 - 2017-05-10 11:13 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2017-06-13 20:36 - 2017-05-10 11:13 - 00012288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wu.upgrade.ps.dll
2017-06-13 20:36 - 2017-05-10 11:12 - 12880896 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2017-06-13 20:36 - 2017-05-10 11:12 - 01499648 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2017-06-13 20:36 - 2017-05-10 11:12 - 00174080 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2017-06-13 20:36 - 2017-05-10 11:00 - 00573440 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2017-06-13 20:36 - 2017-05-10 11:00 - 00093696 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2017-06-13 20:36 - 2017-05-10 11:00 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2017-06-13 20:36 - 2017-05-10 11:00 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2017-06-13 20:36 - 2017-05-10 10:52 - 00117248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Drivers\tdx.sys
2017-06-13 20:36 - 2017-05-09 11:30 - 00757248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32spl.dll
2017-06-13 20:36 - 2017-05-09 11:29 - 00970240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\localspl.dll
2017-06-13 20:36 - 2017-05-09 11:15 - 00071680 _____ C:\Windows\SysWOW64\PrintBrmUi.exe
2017-06-13 20:36 - 2017-05-09 11:11 - 00497664 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2017-06-13 20:36 - 2017-05-07 11:33 - 00094440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Drivers\mountmgr.sys
2017-06-13 20:36 - 2017-05-07 11:29 - 00011264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmmsp.dll
2017-06-13 20:36 - 2017-03-30 11:03 - 00046080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
2017-06-13 20:36 - 2017-03-30 10:58 - 00045056 _____ (Microsoft Corporation) C:\Windows\system32\rundll32.exe
2017-06-13 20:34 - 2013-01-28 15:58 - 00014848 _____ (ASUSTek Computer Inc.) C:\Windows\system32\Drivers\AiChargerPlus.sys
2017-06-13 20:31 - 2008-12-02 20:05 - 00184320 _____ (ASUSTeK) C:\Windows\system32\Drivers\UpdateHelper.dll
2017-06-13 20:30 - 2017-06-13 20:30 - 00000000 ____D C:\Windows\system32\Drivers\MFDLL
2017-06-13 20:30 - 2017-06-13 20:30 - 00000000 ____D C:\ProgramData\ASUS
2017-06-13 20:30 - 2008-01-04 01:34 - 00011832 ____N C:\Windows\system32\Drivers\AsInsHelp64.sys
2017-06-13 20:30 - 2008-01-04 01:34 - 00010216 ____N C:\Windows\system32\Drivers\AsInsHelp32.sys
2017-06-13 20:29 - 2017-06-13 20:29 - 00000000 ____D C:\Users\user\Downloads\AISuiteII_XPVistaWin7-8-81_M5A99FXPROR2_V20401
2017-06-13 19:36 - 2017-06-13 19:36 - 00000000 ____D C:\Program Files (x86)\ASM106xSATA
2017-06-13 19:35 - 2017-06-13 19:35 - 00000000 ____D C:\Users\user\Downloads\ASMEDIA_Win7_81_10-Ver3160
2017-06-13 19:30 - 2017-05-03 11:34 - 00094952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CompatTelRunner.exe
2017-06-13 19:30 - 2017-05-03 11:29 - 01206272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aeinv.dll
2017-06-13 19:30 - 2017-05-03 09:05 - 01555968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appraiser.dll
2017-06-13 19:30 - 2017-05-03 09:05 - 00620544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\generaltel.dll
2017-06-13 19:30 - 2017-05-03 09:05 - 00535552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\devinv.dll
2017-06-13 19:30 - 2017-05-03 09:05 - 00325632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\invagent.dll
2017-06-13 19:30 - 2017-05-03 09:05 - 00311296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\centel.dll
2017-06-13 19:30 - 2017-05-03 09:05 - 00217088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aepic.dll
2017-06-13 19:30 - 2017-05-03 09:05 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\acmigration.dll
2017-06-13 19:30 - 2017-04-27 18:50 - 03550208 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_47.dll
2017-06-13 19:30 - 2017-04-12 09:05 - 04296704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_47.dll
2017-06-13 19:30 - 2017-03-22 22:06 - 01691136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aitstatic.exe
2017-06-13 19:19 - 2017-06-13 19:19 - 00001987 _____ C:\Users\Public\Desktop\ASUS Boot Setting 1.00.18.lnk
2017-06-13 19:19 - 2013-10-11 15:36 - 00028672 ____N (ASUSTek Computer Inc.) C:\Windows\system32\AsIO.dll
2017-06-13 19:19 - 2012-08-22 05:54 - 00015232 _____ C:\Windows\system32\Drivers\AsIO.sys
2017-06-13 19:17 - 2017-06-13 19:17 - 00003041 _____ C:\Users\user\Desktop\ASUS PC Diagnostics.lnk
2017-06-13 19:17 - 2017-06-13 19:17 - 00000000 ____D C:\Users\user\Downloads\ASUS_BootSetting_XPVistaWin7-8-8-1_VER10018
2017-06-13 19:16 - 2017-06-13 19:16 - 00000000 ____D C:\Users\user\Downloads\PC_Diagnostics_XPVistaWin7_8_8-1_VER1304
2017-06-13 19:15 - 2017-06-13 19:16 - 229328829 _____ C:\Users\user\Downloads\AISuiteII_XPVistaWin7-8-81_M5A99FXPROR2_V20401.zip
2017-06-13 19:15 - 2017-06-13 19:15 - 67927577 _____ C:\Users\user\Downloads\PC_Diagnostics_XPVistaWin7_8_8-1_VER1304.zip
2017-06-13 19:15 - 2017-06-13 19:15 - 05531632 _____ C:\Users\user\Downloads\ASUS_BootSetting_XPVistaWin7-8-8-1_VER10018.zip
2017-06-13 19:14 - 2017-06-13 19:14 - 05622146 _____ C:\Users\user\Downloads\ASMEDIA_Win7_81_10-Ver3160.zip
2017-06-13 19:10 - 2017-06-13 19:10 - 00000000 ____D C:\Users\user\Downloads\mb_utility_easytune_amd
2017-06-13 19:09 - 2017-06-13 19:09 - 56410918 _____ C:\Users\user\Downloads\mb_utility_easytune_amd.zip
2017-06-13 00:53 - 2017-06-13 00:53 - 00504144 _____ (Microsoft Corporation) C:\Users\user\Downloads\winsdk_web (4).exe
2017-06-13 00:21 - 2017-06-13 00:21 - 00504144 _____ (Microsoft Corporation) C:\Users\user\Downloads\winsdk_web (3).exe
2017-06-12 23:17 - 2017-06-12 23:17 - 00000000 ____D C:\Users\user\AppData\Roaming\app documents\WPR Files
2017-06-12 22:51 - 2017-06-12 22:51 - 00504144 _____ (Microsoft Corporation) C:\Users\user\Downloads\winsdk_web (2).exe
2017-06-12 22:43 - 2017-06-12 22:43 - 00504144 _____ (Microsoft Corporation) C:\Users\user\Downloads\winsdk_web (1).exe
2017-06-12 20:53 - 2017-06-12 22:41 - 00000000 ____D C:\Users\user\AppData\Local\Windows Performance Analyzer
2017-06-12 20:53 - 2017-06-12 20:53 - 00000000 ____D C:\Users\user\AppData\Roaming\app documents\WPA Files
2017-06-12 20:49 - 2017-06-14 01:44 - 268435456 _____ C:\kernel.etl
2017-06-12 20:48 - 2017-06-12 20:48 - 00000000 ____D C:\ProgramData\WindowsPerformanceRecorder
2017-06-12 20:47 - 2017-06-12 20:47 - 00000000 ____D C:\ProgramData\Windows App Certification Kit
2017-06-12 20:46 - 2017-06-12 20:46 - 00000000 ____D C:\Program Files (x86)\Microsoft SDKs
2017-06-12 20:41 - 2017-06-12 20:41 - 00000000 ____D C:\Program Files\Application Verifier
2017-06-12 20:25 - 2017-06-12 20:41 - 00000000 ____D C:\Program Files (x86)\Application Verifier
2017-06-12 20:25 - 2017-06-12 20:25 - 00000000 ____D C:\Program Files\Debugging Tools for Windows (x64)
2017-06-12 20:25 - 2017-06-12 20:25 - 00000000 ____D C:\Program Files\Application Verifier (x64)
2017-06-12 20:17 - 2017-06-12 20:18 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 9.0
2017-06-12 20:17 - 2017-06-12 20:17 - 00000000 ____D C:\Windows\symbols
2017-06-12 20:13 - 2017-06-12 20:13 - 00998056 _____ (Microsoft Corporation) C:\Users\user\Downloads\sdksetup (1).exe
2017-06-12 19:57 - 2017-06-12 19:57 - 00504144 _____ (Microsoft Corporation) C:\Users\user\Downloads\winsdk_web.exe
2017-06-12 19:42 - 2017-06-12 19:42 - 02449736 _____ (Resplendence Software Projects Sp. ) C:\Users\user\Downloads\LatencyMon.exe
2017-06-12 19:42 - 2015-07-13 10:16 - 00026368 _____ (Resplendence Software Projects Sp.) C:\Windows\SysWOW64\Drivers\rspLLL64.sys
2017-06-12 19:36 - 2017-06-12 19:36 - 01912363 _____ C:\Users\user\Downloads\WinMTR-v092.zip
2017-06-12 19:36 - 2017-06-12 19:36 - 00000000 ____D C:\Users\user\Downloads\WinMTR-v092
2017-06-12 17:10 - 2017-06-12 17:10 - 00149896 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\amdihk64.dll
2017-06-12 17:10 - 2017-06-12 17:10 - 00127880 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\amdihk32.dll
2017-06-11 20:02 - 2017-06-14 05:47 - 00000000 ____D C:\Users\user\AppData\Local\Pushbullet
2017-06-11 20:02 - 2017-06-11 20:02 - 01737872 _____ (Pushbullet Inc ) C:\Users\user\Downloads\pushbullet_installer.exe
2017-06-11 19:35 - 2017-06-11 19:35 - 00573769 _____ C:\Users\user\Downloads\20170531.pdf
2017-06-11 17:33 - 2017-06-11 17:41 - 00000000 ____D C:\Users\user\aqbanking
2017-06-11 13:37 - 2017-06-11 13:37 - 00000082 _____ C:\Users\user\Desktop\1085518324025822453.url
2017-06-10 09:41 - 2017-06-10 09:41 - 00000798 _____ C:\Users\user\Downloads\File-Export-2017-06-09-to-2017-06-09.zip
2017-06-10 09:41 - 2017-06-10 09:41 - 00000000 ____D C:\Users\user\Downloads\File-Export-2017-06-09-to-2017-06-09
2017-06-10 09:23 - 2017-06-10 09:23 - 00001001 _____ C:\Users\user\Downloads\File-Export-2017-05-11-to-2017-06-10.zip
2017-06-10 09:23 - 2017-06-10 09:23 - 00000000 ____D C:\Users\user\Downloads\File-Export-2017-05-11-to-2017-06-10

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-07-10 19:38 - 2016-10-14 02:09 - 00000000 ____D C:\Users\user\AppData\Local\DisplayFusion
2017-07-10 19:37 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\inf
2017-07-10 19:35 - 2017-04-01 21:38 - 00000000 ____D C:\Users\user\AppData\LocalLow\AMD
2017-07-10 19:35 - 2016-07-29 10:07 - 00000000 ____D C:\Users\user\AppData\Local\AMD
2017-07-10 19:27 - 2009-07-14 01:13 - 00006166 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2017-07-10 19:25 - 2017-06-08 18:07 - 00007532 _____ C:\Windows\mrfldr.dat
2017-07-10 19:24 - 2016-10-13 04:03 - 00000000 ____D C:\Users\user\AppData\Local\ClassicShell
2017-07-10 19:23 - 2017-02-28 15:13 - 00000000 ___RD C:\Users\user\iCloudDrive
2017-07-10 19:23 - 2016-09-24 07:13 - 00000000 ____D C:\Users\user\ownCloud
2017-07-10 19:23 - 2016-09-04 17:29 - 00000902 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job
2017-07-10 19:23 - 2016-08-09 12:48 - 00054690 __RSH C:\ProgramData\ntuser.pol
2017-07-10 19:23 - 2015-03-03 14:46 - 00000000 ___RD C:\Users\user\Google Drive
2017-07-10 19:23 - 2015-02-13 14:33 - 00000000 ___RD C:\Users\user\OneDrive
2017-07-10 19:23 - 2009-07-14 01:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2017-07-10 19:20 - 2009-07-14 00:45 - 00032800 _____ C:\Windows\SysWOW64\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-07-10 19:20 - 2009-07-14 00:45 - 00032800 _____ C:\Windows\SysWOW64\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-07-10 19:18 - 2016-12-01 08:49 - 00065536 _____ C:\Windows\SysWOW64\spu_storage.bin
2017-07-10 19:17 - 2016-09-04 17:29 - 00000906 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job
2017-07-10 19:11 - 2016-07-29 07:44 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2017-07-10 19:11 - 2016-07-29 07:44 - 00000000 ____D C:\Program Files (x86)\Realtek
2017-07-10 18:48 - 2017-06-08 18:07 - 00007532 _____ C:\Windows\mrfldr.da0
2017-07-10 18:36 - 2017-02-01 02:03 - 00000000 ____D C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Apps Monitors
2017-07-09 21:35 - 2016-10-18 14:42 - 00000000 ____D C:\Users\user\AppData\Roaming\Stardock
2017-07-09 20:16 - 2016-09-24 06:59 - 00000000 ____D C:\Users\user\AppData\Local\ownCloud
2017-07-08 22:02 - 2016-09-05 23:48 - 00000000 ____D C:\Users\Admin
2017-07-08 21:52 - 2016-10-14 04:50 - 00000000 ____D C:\Users\user\AppData\Local\CrashDumps
2017-07-08 21:46 - 2016-09-04 14:39 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Exploit
2017-07-08 21:46 - 2008-01-01 16:44 - 00493200 _____ C:\Windows\ntbtlog.txt
2017-07-08 20:00 - 2016-09-04 14:39 - 00000000 ____D C:\ProgramData\Malwarebytes Anti-Exploit
2017-07-08 19:45 - 2016-09-05 23:51 - 00000000 ____D C:\Windows\system32\Macromed
2017-07-08 19:02 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\SysWOW64\NDF
2017-07-08 18:54 - 2016-09-05 19:49 - 00000000 ____D C:\Users\user\AppData\Local\ElevatedDiagnostics
2017-07-08 00:43 - 2016-11-20 10:49 - 00000000 ____D C:\Users\user\AppData\LocalLow\Mozilla
2017-07-07 14:24 - 2016-09-04 22:37 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2017-07-06 23:27 - 2016-09-05 21:54 - 00000000 ____D C:\Users\user\AppData\Roaming\KeePass
2017-07-06 22:28 - 2016-09-04 22:39 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2017-07-04 18:38 - 2017-04-24 21:36 - 00207760 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiuxp64.dll
2017-07-04 18:38 - 2016-07-18 18:21 - 07663888 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiumdag.dll
2017-07-04 18:38 - 2016-07-18 18:21 - 00161344 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiuxpag.dll
2017-07-04 18:38 - 2016-07-18 18:21 - 00143864 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiu9pag.dll
2017-07-04 18:37 - 2017-04-24 21:36 - 12574408 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atidxx64.dll
2017-07-04 18:37 - 2017-04-24 21:36 - 00020360 _____ (Microsoft Corporation) C:\Windows\system32\detoured.dll
2017-07-04 18:37 - 2017-04-24 21:36 - 00020360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\detoured.dll
2017-07-04 18:37 - 2016-07-18 18:21 - 13254256 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiumdva.dll
2017-07-04 18:37 - 2016-07-18 18:21 - 10444400 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atidxx32.dll
2017-07-04 18:37 - 2016-07-18 18:21 - 01654880 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\aticfx64.dll
2017-07-04 18:37 - 2016-07-18 18:21 - 01347952 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\aticfx32.dll
2017-07-04 18:37 - 2016-07-18 16:33 - 01507720 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atiadlxx.dll
2017-07-04 18:37 - 2016-07-18 16:33 - 00236424 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atig6txx.dll
2017-07-04 18:37 - 2016-07-18 16:33 - 00155528 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atig6pxx.dll
2017-07-04 18:36 - 2017-04-24 21:35 - 00915848 _____ (AMD) C:\Windows\SysWOW64\coinst_17.10.dll
2017-07-04 18:35 - 2016-07-18 17:37 - 32738184 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atio6axx.dll
2017-07-04 13:24 - 2017-02-01 06:37 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2017-07-03 22:47 - 2016-09-06 01:47 - 00000000 ___RD C:\Development
2017-07-03 22:39 - 2016-08-10 18:43 - 00000000 ____D C:\ProgramData\Symantec
2017-07-03 19:12 - 2016-10-17 03:43 - 00000000 ____D C:\Users\user\AppData\Local\Spotify
2017-07-03 17:10 - 2016-10-17 03:43 - 00000000 ____D C:\Users\user\AppData\Roaming\Spotify
2017-07-03 13:46 - 2016-12-24 01:16 - 00004456 _____ C:\Windows\SysWOW64\Tasks\Adobe Flash Player PPAPI Notifier
2017-07-03 13:46 - 2009-07-14 01:32 - 00000000 ____D C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Video Games
2017-07-03 13:09 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\rescache
2017-07-02 21:48 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\LiveKernelReports
2017-07-02 21:29 - 2016-08-03 11:08 - 00000000 ____D C:\Users\user\AppData\Roaming\vlc
2017-07-02 20:08 - 2017-04-17 15:14 - 00000000 ____D C:\Users\user\AppData\Roaming\app documents\Realtime Landscaping Architect 2016
2017-07-02 14:47 - 2009-07-14 00:45 - 00503280 _____ C:\Windows\SysWOW64\FNTCACHE.DAT
2017-07-02 14:36 - 2016-07-28 14:21 - 00136024 _____ C:\Users\user\AppData\Local\GDIPFONTCACHEV1.DAT
2017-06-26 14:33 - 2016-09-04 17:29 - 00000000 ____D C:\Program Files (x86)\Dropbox
2017-06-25 10:29 - 2016-09-08 08:35 - 00000000 ____D C:\Users\user\AppData\Local\gtk-2.0
2017-06-23 00:09 - 2016-07-28 13:57 - 00006420 _____ C:\Windows\system32\PerfStringBackup.INI
2017-06-20 04:04 - 2016-08-03 10:26 - 00000000 ____D C:\Windows\SysWOW64\MRT
2017-06-20 03:57 - 2016-08-03 10:26 - 148601744 ____C (Microsoft Corporation) C:\Windows\SysWOW64\MRT.exe
2017-06-18 23:48 - 2016-09-05 21:21 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-06-17 11:19 - 2016-09-05 23:51 - 00803328 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2017-06-17 11:19 - 2016-09-05 23:51 - 00144896 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2017-06-17 11:19 - 2016-09-05 23:51 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2017-06-17 11:19 - 2016-07-28 13:52 - 00000000 ____D C:\Users\user\AppData\Local\Adobe
2017-06-14 14:30 - 2016-09-04 17:23 - 00000000 ____D C:\Users\user\AppData\Local\Dropbox
2017-06-14 06:37 - 2016-10-13 07:30 - 00000000 ____D C:\Windows\pss
2017-06-14 05:57 - 2017-02-01 02:17 - 00000000 ____D C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Tools Storage
2017-06-14 05:56 - 2016-09-25 07:04 - 00000000 ___RD C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Apps Browsers
2017-06-14 05:56 - 2016-09-25 06:45 - 00000000 ____D C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Cloud Storage
2017-06-14 05:08 - 2017-03-29 14:45 - 00000000 ____D C:\ProgramData\Passmark
2017-06-14 01:53 - 2016-07-29 10:04 - 00000000 ____D C:\Users\user\AppData\Roaming\Raptr
2017-06-14 01:52 - 2009-07-14 01:08 - 00032634 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2017-06-14 01:36 - 2016-09-25 06:46 - 00000000 ___RD C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Tools Utilities
2017-06-13 23:01 - 2016-09-04 22:48 - 00000000 ___RD C:\Users\user\Box Sync
2017-06-13 23:01 - 2015-02-14 21:30 - 00000000 ___RD C:\Users\user\Dropbox
2017-06-13 22:50 - 2016-12-01 08:38 - 00000000 ____D C:\Program Files (x86)\VulkanRT
2017-06-13 22:44 - 2016-07-29 10:03 - 00000000 ____D C:\ProgramData\Package Cache
2017-06-13 21:38 - 2017-02-01 02:03 - 00000000 ____D C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Tools Hardware
2017-06-13 21:36 - 2017-05-15 16:22 - 00000000 ____D C:\Users\user\AppData\Local\JxBrowser
2017-06-13 21:30 - 2016-07-29 07:49 - 00000000 ____D C:\Program Files (x86)\ASM104xUSB3
2017-06-13 21:14 - 2017-06-05 16:54 - 00000000 ___RD C:\Users\user\Podcasts
2017-06-13 21:14 - 2016-09-04 17:31 - 00000000 ___RD C:\Users\user\AppData\Roaming\app documents
2017-06-13 21:12 - 2016-07-28 13:53 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2017-06-13 21:12 - 2016-07-28 13:53 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2017-06-13 21:09 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\system32\migwiz
2017-06-13 21:09 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\SysWOW64\migwiz
2017-06-13 21:00 - 2016-07-28 14:35 - 00000000 ____D C:\Windows\SysWOW64\Tasks\ASUS
2017-06-13 20:57 - 2017-02-01 08:02 - 00000000 ____D C:\ProgramData\CrashPlan
2017-06-13 20:57 - 2017-02-01 08:02 - 00000000 ____D C:\Program Files\CrashPlan
2017-06-13 20:50 - 2016-07-28 13:53 - 00000000 ____D C:\Program Files (x86)\Java
2017-06-13 20:39 - 2016-07-29 07:51 - 00000000 ____D C:\Program Files (x86)\ASUS
2017-06-13 20:37 - 2016-09-13 03:06 - 00000000 ____D C:\Program Files (x86)\RSSOwl
2017-06-13 20:37 - 2015-04-18 01:42 - 00000000 ___HD C:\Users\user\.rssowl2
2017-06-13 20:17 - 2016-08-02 04:56 - 00000000 ____D C:\Windows\SysWOW64\appraiser
2017-06-13 18:54 - 2016-07-29 07:44 - 00000000 ___HD C:\Program Files (x86)\Temp
2017-06-13 14:21 - 2017-04-15 07:08 - 00003178 _____ C:\Windows\SysWOW64\Tasks\OneDrive Standalone Update Task v2
2017-06-12 17:14 - 2017-04-24 21:36 - 00207760 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\SETB9B7.tmp
2017-06-12 17:14 - 2017-04-24 21:36 - 00020360 _____ (Microsoft Corporation) C:\Windows\system32\SETB57B.tmp
2017-06-12 17:14 - 2017-04-24 21:36 - 00020360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SETAA8C.tmp
2017-06-12 17:14 - 2016-07-18 18:21 - 07663888 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\SETAFBD.tmp
2017-06-12 17:14 - 2016-07-18 18:21 - 00161344 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\SETC11B.tmp
2017-06-12 17:14 - 2016-07-18 18:21 - 00143864 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\SETC0FA.tmp
2017-06-12 17:13 - 2017-04-24 21:36 - 12578016 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\SETAF2E.tmp
2017-06-12 17:13 - 2016-07-18 18:21 - 10448520 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\SETB341.tmp
2017-06-12 17:13 - 2016-07-18 18:21 - 01654880 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\SETBA39.tmp
2017-06-12 17:13 - 2016-07-18 18:21 - 01347952 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\SETBA6A.tmp
2017-06-12 17:13 - 2016-07-18 16:33 - 00236424 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\SETB9C9.tmp
2017-06-12 17:13 - 2016-07-18 16:33 - 00155528 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\SETC0D9.tmp
2017-06-12 17:12 - 2016-07-18 18:21 - 13254256 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\SETB089.tmp
2017-06-12 17:12 - 2016-07-18 16:33 - 01507720 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\SETA5E8.tmp
2017-06-12 17:11 - 2017-04-24 21:35 - 00915848 _____ (AMD) C:\Windows\SysWOW64\SETC30F.tmp
2017-06-12 17:10 - 2016-07-18 17:37 - 32738184 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\SETA880.tmp
2017-06-11 17:33 - 2016-07-28 12:04 - 00000000 ____D C:\Users\user

==================== Files in the root of some directories =======

2016-09-05 21:03 - 2016-09-05 21:08 - 55736320 _____ () C:\Program Files (x86)\GUT73CA.tmp
2016-09-28 15:47 - 2017-01-11 08:02 - 0000600 _____ () C:\Users\user\AppData\Local\PUTTY.RND
2017-06-28 10:03 - 2017-06-28 10:03 - 0000218 _____ () C:\Users\user\AppData\Local\recently-used.xbel
2016-08-06 12:02 - 2016-08-06 15:10 - 0007613 _____ () C:\Users\user\AppData\Local\Resmon.ResmonCfg
2017-07-03 20:32 - 2017-07-03 20:32 - 0000000 _____ () C:\Users\user\AppData\Local\{174E6EE2-8EF7-4E5D-8F64-269686E139BA}
2017-07-03 20:32 - 2017-07-03 20:32 - 0000000 _____ () C:\Users\user\AppData\Local\{32CC8840-D407-4FDF-9077-54AEE6515CAD}
2017-07-03 19:57 - 2017-07-03 19:57 - 0000000 _____ () C:\Users\user\AppData\Local\{8099176B-DFD6-4218-B7FE-EE26F272B780}
2016-09-14 00:38 - 2016-09-14 00:38 - 0000057 _____ () C:\ProgramData\Ament.ini
2016-07-29 07:47 - 2016-07-29 07:47 - 0000000 _____ () C:\ProgramData\DP45977C.lfl
2017-07-10 19:31 - 2017-07-10 19:31 - 0000060 _____ () C:\ProgramData\SoftwareUpdateTemp.xml

Some files in TEMP:
====================
2017-06-13 21:36 - 2017-06-13 21:36 - 0040448 ____N () C:\Users\user\AppData\Local\Temp\proxy_vole942868523546535949.dll
2017-06-14 00:20 - 2017-07-03 19:31 - 0192512 _____ () C:\Users\user\AppData\Local\Temp\sfamcc00001.dll
2015-02-10 13:56 - 2015-02-10 13:56 - 0105984 _____ () C:\Users\user\AppData\Local\Temp\sfextra.dll

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\SysWOW64\winlogon.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\services.exe => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\rpcss.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2017-07-02 00:27

==================== End of FRST.txt

Corrine · Jul 11, 2017

Hi, Dee25. Why are you suspicious of csrss.exe? There are no signs of it in your logs.

1. There are very few reasons why Java is needed on a personal computer. See Java, The Never-Ending Saga. Because any web application can specify any vulnerable JRE installed to run attack code on your computer, if you decide to keep Java, uninstall the following:

Java 7 Update 21 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217021FF}) (Version: 7.0.210 - Oracle)
Java 8 Update 131 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180131F0}) (Version: 8.0.1310.11 - Oracle Corporation)

In the event you decide to uninstall Java completely, also uninstall Java 8 Update 131 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180131F0}) (Version: 8.0.1310.11 - Oracle Corporation). In addition, note that the next Java update is scheduled for July 18 and it will be needed to be updated.

2. Since you are using Symantec as your antivirus protection, there is no need for ClamWin Free Antivirus to be installed. I suggest you also uninstall that program.

3. Another program installed on your computer that seldom is needed is Adobe Shockwave Player. In all the years I had Windows 7, it was never installed nor needed. In the event you wish to keep it, however, please install the latest security update. The newest version12.2.9.199 is available here: Adobe - Adobe Shockwave Player. Watch for any pre-checked add-ons not needed for the update.

4. The Security Check log shows that Internet Explorer is your default browser. Yet, I have never seen a log with as many Chrome extensions installed and there are certainly a significant number of Chrome processes running. You may want to take a serious look at the installed Chrome extensions and remove those no longer used. Instructions for checking memory usage of Chrome extensions are available here: How to check memory usage of chrome extensions.

5. Disabling via MSConfig is not recommended. The reason is that when uninstalling or updating programs, the entry remains in MSConfig, leaving behind orphans, including adware or malware. It also results in programs not receiving critical security updates unless done manually. MSConfig should only be used for trouble-shooting. A custom install or WinPatrol for controlling startup items is the best way of handling unwanted startup programs. Thus, the leftover AVG and Advanced SystemCare items on your computer. Also of note, Malwaebytes Anti-Exploit is listed as installed in Program files, yet is disabled via MSConfig. If you dont wish to use the program, I suggest you Click start, type msconfig in the search box, open msconfig, click on the start up tab. Put a check mark next to Malwarebytes Anti-Exploit, reboot and then uninstall the program. If you wish to use it, merely remove from MSconfig.

6. Please do the following to run FRST:

Note: If the tool warns you about the version you're using being an outdated version please download and run the updated version.

NOTICE: This script was written specifically for this user. Running it on another machine may cause damage to your operating system

Please select the entire contents of the code box below, from the "Start::" line to "End", including both lies. Right-click and select "Copy ".

Code:

Start::
CreateRestorePoint:
CloseProcesses:
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\RunOnce: [AsIORebootFlag] => [X]
HKLM-x32\...\RunOnce: [MBAP_REBOOT] => [X]
HKLM-x32\...\RunOnce: [AiChargerPlusDriver_Ins] => [X]
Winsock: Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL => No File
Winsock: Catalog5 09 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL => No File
Winsock: Catalog5-x64 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL => No File
Winsock: Catalog5-x64 09 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL => No File 
GroupPolicy: Restriction <==== ATTENTION
GroupPolicyScripts: Restriction <==== ATTENTION
GroupPolicyScripts\User: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet  Settings: [ProxySettingsPerUser] 1 <==== ATTENTION (Restriction -  ProxySettings)
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION
BHO-x32: No Name -> {0AE87E97-08ED-4D43-ADA3-ADD3166FC4D2} -> No File
BHO-x32: No Name -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> No File
BHO-x32: No Name -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> No File
ShellIconOverlayIdentifiers: [ BoxSyncFileLocked] -> {b1fa9e01-7517-3f4c-a33f-fdd93b2efbac} => -> No File
ShellIconOverlayIdentifiers: [ BoxSyncFileLockedByOther] -> {dd83d621-d900-3610-a9d0-1c6be1df90c8} => -> No File
ShellIconOverlayIdentifiers: [ BoxSyncNotSynced] -> {b7ab37bd-fa8d-36e9-95c1-bd0047047a8f} => -> No File
ShellIconOverlayIdentifiers: [ BoxSyncProblem] -> {e04571d0-2dee-3072-ac0e-0f0d1cd77a77} => -> No File
ShellIconOverlayIdentifiers: [ BoxSyncSynced] -> {74de99c4-7ea6-3e59-b118-1a4e7bb95bf8} => -> No File
ContextMenuHandlers01: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => -> No File
ContextMenuHandlers04: [MSSE] -> {0365FE2C-F183-4091-AC82-BFC39FB75C49} => -> No File
ContextMenuHandlers04: [RecuvaShellExt] -> [CC]{435E5DF5-2510-463C-B223-BDA47006D002} => -> No File
ContextMenuHandlers06: [RecuvaShellExt] -> [CC]{435E5DF5-2510-463C-B223-BDA47006D002} => -> No File
ContextMenuHandlers06: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => -> No File
MSCONFIG\Services: AdvancedSystemCareService9 => 2
MSCONFIG\Services: avgsvc => 2
MSCONFIG\startupreg: AvgUi => "C:\Program Files (x86)\AVG\Framework\Common\avguirnx.exe" /lps=fmw
EmptyTemp:
End::

Please right-click on FRST/FRST64 to run as administrator. When the tool opens, click "yes" to the disclaimer.
Press the Fix button once and wait.
FRST will process fixlist.txt
When finished, it will produce a log fixlog.txt in the same folder/directory as FRST/FRST64.exe
Please post the log in your next reply.

Corrine · Jul 11, 2017

Dee25,

Also note that in the interim a security update has been released for Adobe Flash Player. Please see Adobe Flash Player Security Update and update for each of your installed browsers.

dee25 · Jul 11, 2017

Do you believe there is anything else I can do at this time? I took an uneducated guess about the csrss mentioned in my post, and I'm glad I do not need to reinstall my user name. Thank you this explanation into disabling via MSconfig, maintaining plugins, and security updates.

Fixlog

Fix result of Farbar Recovery Scan Tool (x64) Version: 08-07-2017
Ran by user (11-07-2017 18:18:12) Run:1
Running from C:\ProgramData\Microsoft\Windows\Start Menu\Programs\App Utilities\System Integrity
Loaded Profiles: user (Available Profiles: user & Admin)
Boot Mode: Normal
==============================================

fixlist content:
*****************

CreateRestorePoint:
CloseProcesses:
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\RunOnce: [AsIORebootFlag] => [X]
HKLM-x32\...\RunOnce: [MBAP_REBOOT] => [X]
HKLM-x32\...\RunOnce: [AiChargerPlusDriver_Ins] => [X]
Winsock: Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL => No File
Winsock: Catalog5 09 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL => No File
Winsock: Catalog5-x64 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL => No File
Winsock: Catalog5-x64 09 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL => No File
GroupPolicy: Restriction <==== ATTENTION
GroupPolicyScripts: Restriction <==== ATTENTION
GroupPolicyScripts\User: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings: [ProxySettingsPerUser] 1 <==== ATTENTION (Restriction - ProxySettings)
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION
BHO-x32: No Name -> {0AE87E97-08ED-4D43-ADA3-ADD3166FC4D2} -> No File
BHO-x32: No Name -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> No File
BHO-x32: No Name -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> No File
ShellIconOverlayIdentifiers: [ BoxSyncFileLocked] -> {b1fa9e01-7517-3f4c-a33f-fdd93b2efbac} => -> No File
ShellIconOverlayIdentifiers: [ BoxSyncFileLockedByOther] -> {dd83d621-d900-3610-a9d0-1c6be1df90c8} => -> No File
ShellIconOverlayIdentifiers: [ BoxSyncNotSynced] -> {b7ab37bd-fa8d-36e9-95c1-bd0047047a8f} => -> No File
ShellIconOverlayIdentifiers: [ BoxSyncProblem] -> {e04571d0-2dee-3072-ac0e-0f0d1cd77a77} => -> No File
ShellIconOverlayIdentifiers: [ BoxSyncSynced] -> {74de99c4-7ea6-3e59-b118-1a4e7bb95bf8} => -> No File
ContextMenuHandlers01: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => -> No File
ContextMenuHandlers04: [MSSE] -> {0365FE2C-F183-4091-AC82-BFC39FB75C49} => -> No File
ContextMenuHandlers04: [RecuvaShellExt] -> [CC]{435E5DF5-2510-463C-B223-BDA47006D002} => -> No File
ContextMenuHandlers06: [RecuvaShellExt] -> [CC]{435E5DF5-2510-463C-B223-BDA47006D002} => -> No File
ContextMenuHandlers06: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => -> No File
MSCONFIG\Services: AdvancedSystemCareService9 => 2
MSCONFIG\Services: avgsvc => 2
MSCONFIG\startupreg: AvgUi => "C:\Program Files (x86)\AVG\Framework\Common\avguirnx.exe" /lps=fmw
EmptyTemp:

*****************

Restore point was successfully created.
Processes closed successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => value removed successfully
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\RunOnce\\AsIORebootFlag => value not found.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\RunOnce\\MBAP_REBOOT => value not found.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\RunOnce\\AiChargerPlusDriver_Ins => value not found.
HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries\000000000008 => key removed successfully
HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries\000000000009 => key removed successfully
HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries64\000000000008 => key removed successfully
HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries64\000000000009 => key removed successfully
C:\Windows\system32\GroupPolicy\Machine => moved successfully
C:\Windows\system32\GroupPolicy\GPT.ini => moved successfully
C:\Windows\SysWOW64\GroupPolicy\GPT.ini => moved successfully
"C:\Windows\system32\GroupPolicy\Machine" => not found.
C:\Windows\system32\GroupPolicy\User => moved successfully
HKLM\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings: [ProxySettingsPerUser] 1 <==== ATTENTION (Restriction - ProxySettings) => Error: No automatic fix found for this entry.
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer => key removed successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0AE87E97-08ED-4D43-ADA3-ADD3166FC4D2} => key removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{0AE87E97-08ED-4D43-ADA3-ADD3166FC4D2} => key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA} => key removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA} => key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} => key removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} => key not found.
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ BoxSyncFileLocked => key not found.
HKLM\Software\Classes\CLSID\{b1fa9e01-7517-3f4c-a33f-fdd93b2efbac} => key not found.
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ BoxSyncFileLockedByOther => key not found.
HKLM\Software\Classes\CLSID\{dd83d621-d900-3610-a9d0-1c6be1df90c8} => key not found.
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ BoxSyncNotSynced => key not found.
HKLM\Software\Classes\CLSID\{b7ab37bd-fa8d-36e9-95c1-bd0047047a8f} => key not found.
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ BoxSyncProblem => key not found.
HKLM\Software\Classes\CLSID\{e04571d0-2dee-3072-ac0e-0f0d1cd77a77} => key not found.
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ BoxSyncSynced => key not found.
HKLM\Software\Classes\CLSID\{74de99c4-7ea6-3e59-b118-1a4e7bb95bf8} => key not found.
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\WinRAR32 => key removed successfully
HKLM\Software\Classes\CLSID\{B41DB860-8EE4-11D2-9906-E49FADC173CA} => key not found.
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\MSSE => key removed successfully
HKLM\Software\Classes\CLSID\{0365FE2C-F183-4091-AC82-BFC39FB75C49} => key not found.
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\RecuvaShellExt => key removed successfully
HKLM\Software\Classes\CLSID\[CC]{435E5DF5-2510-463C-B223-BDA47006D002} => key not found.
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\RecuvaShellExt => key removed successfully
HKLM\Software\Classes\CLSID\[CC]{435E5DF5-2510-463C-B223-BDA47006D002} => key not found.
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\WinRAR32 => key removed successfully
HKLM\Software\Classes\CLSID\{B41DB860-8EE4-11D2-9906-E49FADC173CA} => key not found.
HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\AdvancedSystemCareService9 => key removed successfully
HKLM\System\CurrentControlSet\Services\AdvancedSystemCareService9 => key not found.
HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\avgsvc => key removed successfully
HKLM\System\CurrentControlSet\Services\avgsvc => key not found.
HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\AvgUi => key removed successfully

=========== EmptyTemp: ==========

BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 78581613 B
Java, Flash, Steam htmlcache => 276505758 B
Windows/system/drivers => 1594238 B
Edge => 0 B
Chrome => 462669317 B
Firefox => 1399062033 B
Opera => 235552063 B

Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 0 B
Public => 0 B
ProgramData => 0 B
systemprofile => 66228 B
systemprofile32 => 66356 B
LocalService => 0 B
NetworkService => 97262 B
User => 50491620 B
Admin => 23501 B

RecycleBin => 372914 B
EmptyTemp: => 2.3 GB temporary data Removed.

================================

The system needed a reboot.

==== End of Fixlog 18:21:34 ====

Corrine · Jul 12, 2017

It may not hurt that 2.3 GB temporary data was removed. How often do you use Google Chrome? Did you take a look at the extensions installed? I've never seen anyone with 105 extensions.

jcgriff2 · Jul 12, 2017

Post #1 edited per OP.

You may want to re-run FRST.

dee25 · Jul 14, 2017

Temps are decent, I decided to overclock for more Mhz, but I'm still where I started. Doing those case fans, and re applying tim should do the trick. I reran FRST. Chrome had around 25 extensions with few enabled. These might be old uninstalled exts listed? As of now, things are running okay process wise, however many problems just started. There are a few apps not working, and some basic windows functions do not work, which leads me to believe there's more.. Winclam showed a notable mention. After running the FRST fix, I ran a scan through winclam, and noticed I was unable to move any bad files into quarantine. Its error message proclaimed write permissions in the config file are wrong, but they are all fine. The thing is this message has a ton of misspelled words; it's not a windows error message. I reinstalled WC while running as admin with the same results. Can I PM you my FRST results?

Corrine · Jul 14, 2017

No, sorry, we do not provide via PM. If you didn't check Addition.txt when running FRST a second time, please open FRST and this time check the box for Addition.txt and post the logs as a reply.

Why are you running ClamWin when you have Symantec? Two antivirus software programs can easily cause conflicts as well as unnecessarily using system resources.

dee25 · Jul 14, 2017

Ok. I turned off Symantec before using WC. I know what you are saying thought. Winclam caught a lot more on my os (maybe my Symantec installation is faulty), this is why I ran it again on my data drive; this is when I noticed a new quarantine error message, so something has changed within the past few days. Things are really bad right now. Processor is running at near zero, but the system is ridiculously laggy. I will try to get a complete FRST posted today.

dee25 · Jul 14, 2017

FRST

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 08-07-2017Ran by owner (administrator) on DEE25-PC (14-07-2017 13:07:56)
Running from C:\ProgramData\Microsoft\Windows\Start Menu\Programs\App Utilities\System Integrity
Loaded Profiles: owner (Available Profiles: owner & Admin)
Platform: Windows 7 Ultimate Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: FRST Tutorial - How to use Farbar Recovery Scan Tool - Malware Removal Guides and Tutorials

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(Logitech Inc.) C:\Program Files (x86)\Common Files\LogiShrd\LVMVFM\UMVPFSrv.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsusFanControlService\1.02.00\AsusFanControlService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe
(Code 42 Software) C:\Program Files\CrashPlan\CrashPlanService.exe
(Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(Binary Fortress Software) C:\Development\Modifications\DisplayFusion\DisplayFusionService.exe
(ArcticLine Software) C:\Development\Modifications\FileMarker.NET\FileMarkerService.exe
(Logitech Inc.) C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
(Techsoft) C:\Windows\System32\mfsyncsv.exe
(Logitech Inc.) C:\Program Files (x86)\Common Files\LogiShrd\LVMVFM\LVPrS64H.exe
(Plays.tv, LLC) C:\Program Files (x86)\Raptr Inc\PlaysTV\plays_service.exe
(arvato digital services llc) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(Samsung Electronics Co., Ltd.) C:\Windows\System32\RAPID\SamsungRapidSvc.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\12.1.2015.2015.105\Bin\ccSvcHst.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(VMware, Inc.) C:\Program Files (x86)\VMware\VMware Horizon View Client\wsnm\wsnm.exe
(VMware, Inc.) C:\Program Files (x86)\VMware\VMware Horizon View Client\bin\vmware-view-usbd.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\12.1.2015.2015.105\Bin64\Smc.exe
() C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe
(Microsoft Corporation) C:\Windows\System32\PrintIsolationHost.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\12.1.2015.2015.105\Bin\ccSvcHst.exe
(ASUSTeK Computer Inc.) C:\Development\ASUS\AI Suite II\DIGI+ Power Control\PowerControlHelp.exe
() C:\Development\MSI Afterburner\MSIAfterburner.exe
(ASUSTeK Computer Inc.) C:\Development\ASUS\AI Suite II\AsRoutineController.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
(ASUSTeK Computer Inc.) C:\Development\ASUS\AI Suite II\EPU\EPUHelp.exe
(ASUSTeK Computer Inc.) C:\Development\ASUS\AI Suite II\USB 3.0 Boost\U3BoostSvr64.exe
(REALiX) C:\Program Files (x86)\HWiNFO32\HWiNFO32.EXE
(ASUSTeK Computer Inc.) C:\Development\ASUS\AI Suite II\AI Suite II.exe
(ASUSTeK Computer Inc.) C:\Development\ASUS\AI Suite II\Sensor\AlertHelper\AlertHelper.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe
(Samsung Electronics Co. Ltd.) C:\Development\Samsung\Samsung Magician\SamsungMagician.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(ArcticLine Software) C:\Development\Modifications\FileMarker.NET\FileMarker.NET.exe

==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [BoxSync] => C:\Program Files\Box\Box Sync\BoxSync.exe [5077352 2017-06-21] (Box, Inc.)
HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [158208 2015-12-02] (IvoSoft)
HKLM\...\Run: [MirrorFolderShell] => C:\Cloud\MirrorFolder\mrfshl.exe [316208 2016-10-06] (Techsoft)
HKLM\...\Run: [Cmaudio8788] => C:\Windows\syswow64\RunDll32.exe C:\Windows\Syswow64\CmiCnfgSTXII.dll,CMICtrlWnd
HKLM\...\Run: [Zune Launcher] => C:\Apps\Zune\ZuneLauncher.exe [163552 2011-08-05] (Microsoft Corporation)
HKLM\...\Run: [SamsungRapidApp] => C:\Development\Samsung\RAPID\CacheFilter\SamsungRapidApp.exe [123800 2016-11-18] (Samsung Electronics Co., Ltd.)
HKLM\...\Run: [IntelliPoint] => C:\Program Files\Microsoft IntelliPoint\ipoint.exe [2417032 2011-08-01] (Microsoft Corporation)
HKLM\...\Run: [Fences] => C:\Development\Modifications\Stardock\Fences\Fences.exe [3990488 2016-09-15] (Stardock Corporation)
HKLM\...\Run: [CrashPlanTray] => C:\Program Files\CrashPlan\CrashPlanTray.exe [462808 2017-06-08] (Code 42 Software, Inc.)
HKLM\...\Run: [Cmaudio8788GX64] => C:\Windows\system\HsMgr64.exe [282112 2008-07-11] ()
HKLM\...\Run: [Cmaudio8788GX] => C:\Windows\syswow64\HsMgr.exe [200704 2008-07-11] ()
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-01-07] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [3486520 2017-07-12] (Dropbox, Inc.)
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [4513792 2014-05-22] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-03-15] (Oracle Corporation)
HKLM-x32\...\Run: [KeePass 2 PreLoad] => C:\Development\KeePass Password Safe 2\KeePass.exe [2867712 2017-01-09] (Dominik Reichl)
HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [139776 2014-06-16] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [ClamWin] => C:\Program Files (x86)\ClamWin\bin\ClamTray.exe [86016 2016-03-19] (alch)
HKLM-x32\...\Run: [PlaysTV] => C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv_launcher.exe [71440 2016-08-02] (Plays.tv, LLC)
HKLM-x32\...\Run: [LogitechQuickCamRibbon] => C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe [2780432 2009-05-08] ()
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1162360 2017-04-25] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe [3499640 2017-03-28] (Adobe Systems Inc.)
HKLM\...\Policies\Explorer: [NoWebServices] 1
HKLM\...\Policies\Explorer: [NoOnlinePrintsWizard] 1
HKLM\...\Policies\Explorer: [DisableLocalMachineRunOnce] 1
HKLM\...\Policies\Explorer: [NoAutorun] 1
HKLM\...\Policies\Explorer: [PreXPSP2ShellProtocolBehavior] 0
HKLM\...\Policies\Explorer: [NoInternetOpenWith] 1
HKLM\...\Policies\Explorer: [NoPublishingWizard] 1
HKU\S-1-5-21-3726862377-2586928099-1968672737-1000\...\Run: [ownCloud] => C:\Cloud\ownCloud\owncloud.exe [1991680 2017-05-08] (ownCloud)
HKU\S-1-5-21-3726862377-2586928099-1968672737-1000\...\Run: [DisplayFusion] => C:\Development\Modifications\DisplayFusion\DisplayFusion.exe [9161720 2016-12-23] (Binary Fortress Software)
HKU\S-1-5-21-3726862377-2586928099-1968672737-1000\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2017-05-09] (Apple Inc.)
HKU\S-1-5-21-3726862377-2586928099-1968672737-1000\...\Run: [iCloudDrive] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [110392 2017-05-09] (Apple Inc.)
HKU\S-1-5-21-3726862377-2586928099-1968672737-1000\...\Run: [CCleaner Monitoring] => C:\Apps\CClean\CCleaner64.exe [8461224 2015-09-16] (Piriform Ltd)
HKU\S-1-5-21-3726862377-2586928099-1968672737-1000\...\Run: [Visual Subst] => C:\Users\owner\Downloads\VSubst_1.0.6-bin\VSubst.exe [139672 2008-02-02] (NTWind Software)
HKU\S-1-5-21-3726862377-2586928099-1968672737-1000\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.)
HKU\S-1-5-21-3726862377-2586928099-1968672737-1000\...\Run: [Spotify Web Helper] => C:\Users\owner\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1562224 2017-06-24] (Spotify Ltd)
HKU\S-1-5-21-3726862377-2586928099-1968672737-1000\...\Run: [HP Officejet Pro 8600 (NET)] => C:\Program Files\HP\HP Officejet Pro 8600\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.)
HKU\S-1-5-21-3726862377-2586928099-1968672737-1000\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [67896 2017-05-09] (Apple Inc.)
HKU\S-1-5-21-3726862377-2586928099-1968672737-1000\...\Run: [Spotify] => C:\Users\owner\AppData\Roaming\Spotify\Spotify.exe [7047792 2017-06-24] (Spotify Ltd)
HKU\S-1-5-21-3726862377-2586928099-1968672737-1000\...\Policies\Explorer: [NolowDiskSpaceChecks] 1
HKU\S-1-5-21-3726862377-2586928099-1968672737-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Development\Modifications\DisplayFusion\DFSSaver.scr [5295104 2016-12-23] (Binary Fortress Software)
HKU\S-1-5-18\Control Panel\Desktop\\SCRNSAVE.EXE ->
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Startup\Monitor Ink Alerts - HP Officejet Pro 8600 (Network).lnk [2017-07-14]
ShortcutTarget: Monitor Ink Alerts - HP Officejet Pro 8600 (Network).lnk -> C:\Program Files\HP\HP Officejet Pro 8600\Bin\HPStatusBL.dll (Hewlett-Packard Co.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Startup\Send to OneNote.lnk [2017-07-14]
ShortcutTarget: Send to OneNote.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Startup\Monitor Ink Alerts - HP Officejet Pro 8600 (Network).lnk [2017-07-14]
ShortcutTarget: Monitor Ink Alerts - HP Officejet Pro 8600 (Network).lnk -> C:\Program Files\HP\HP Officejet Pro 8600\Bin\HPStatusBL.dll (Hewlett-Packard Co.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Startup\Send to OneNote.lnk [2017-07-14]
ShortcutTarget: Send to OneNote.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation)
BootExecute: autocheck autochk * sdnclean64.exe
GroupPolicy: Restriction <==== ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings: [ProxySettingsPerUser] 1 <==== ATTENTION (Restriction - ProxySettings)
ProxyServer: [S-1-5-21-3726862377-2586928099-1968672737-1000] => localhost:8080
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{0CCAD66D-C8E8-494A-9334-1E5999F70010}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{E26FC17D-2ED2-40EB-AFC0-39F1EAF45DE3}: [DhcpNameServer] 192.168.2.1

Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-3726862377-2586928099-1968672737-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2017-07-06] (Microsoft Corporation)
BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer64.dll [2016-07-30] (IvoSoft)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_131\bin\ssv.dll [2017-04-25] (Oracle Corporation)
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2016-10-01] (Adobe Systems Incorporated)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\URLREDIR.DLL [2017-07-06] (Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2017-07-06] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_131\bin\jp2ssv.dll [2017-04-25] (Oracle Corporation)
BHO: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_64.dll [2016-07-30] (IvoSoft)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2016-10-01] (Adobe Systems Incorporated)
BHO: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus64.dll [2015-09-22] (Eyeo GmbH)
BHO-x32: No Name -> {0AE87E97-08ED-4D43-ADA3-ADD3166FC4D2} -> No File
BHO-x32: No Name -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> No File
BHO-x32: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer32.dll [2016-07-30] (IvoSoft)
BHO-x32: Symantec Vulnerability Protection -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\12.1.2015.2015.105\bin\IPS\IPSBHO.DLL [2012-11-03] (Symantec Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\ssv.dll [2017-07-12] (Oracle Corporation)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2016-10-01] (Adobe Systems Incorporated)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\URLREDIR.DLL [2017-07-06] (Microsoft Corporation)
BHO-x32: No Name -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> No File
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\jp2ssv.dll [2017-07-12] (Oracle Corporation)
BHO-x32: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_32.dll [2016-07-30] (IvoSoft)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2016-10-01] (Adobe Systems Incorporated)
BHO-x32: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll [2015-09-22] (Eyeo GmbH)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2016-10-01] (Adobe Systems Incorporated)
Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2016-07-30] (IvoSoft)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2016-10-01] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2016-07-30] (IvoSoft)
IE Session Restore: HKU\S-1-5-21-3726862377-2586928099-1968672737-1000 -> is enabled.
Handler-x32: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - C:\Program Files (x86)\Belarc\BelarcAdvisor\System\BAVoilaX.dll [2016-01-04] (Belarc, Inc.)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-07-06] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-07-06] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-07-06] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-07-06] (Microsoft Corporation)

FireFox:
========
FF DefaultProfile: i2xajzsn.default
FF ProfilePath: C:\Windows\system32\config\systemprofile\AppData\Roaming\Mozilla\Firefox\Profiles\34a6e8pf.dev-edition-default [2017-07-14]
FF ProfilePath: C:\Windows\system32\config\systemprofile\AppData\Roaming\Mozilla\Firefox\Profiles\i2xajzsn.default [2017-07-12]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension.15@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: (Adobe Acrobat - Create PDF) - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn [2017-04-14]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_26_0_0_137.dll [2017-07-11] ()
FF Plugin: @java.com/DTPlugin,version=11.131.2 -> C:\Program Files\Java\jre1.8.0_131\bin\dtplugin\npDeployJava1.dll [2017-04-25] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.131.2 -> C:\Program Files\Java\jre1.8.0_131\bin\plugin2\npjp2.dll [2017-04-25] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2015-07-29] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_26_0_0_137.dll [2017-07-11] ()
FF Plugin-x32: @java.com/DTPlugin,version=10.21.2 -> C:\Windows\SysWOW64\npDeployJava1.dll [2017-06-13] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.131.2 -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\plugin2\npjp2.dll [2017-07-12] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2017-05-28] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll [2017-03-28] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2015-07-29] (Adobe Systems)
FF Plugin HKU\S-1-5-21-3726862377-2586928099-1968672737-1000: @zoom.us/ZoomVideoPlugin -> C:\Users\owner\AppData\Roaming\Zoom\bin\npzoomplugin.dll [2017-01-25] (Zoom Video Communications, Inc.)
StartMenuInternet: Firefox-E9DA97F5F10C18F - C:\Development\Firefox Developer Edition\firefox.exe

Chrome:
=======
CHR HKU\S-1-5-21-3726862377-2586928099-1968672737-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\owner\AppData\Local\Google\Drive\user_default\apdfllckaahabafndbhieahigkjlhalf_live.crx [2017-07-10]
CHR HKU\S-1-5-21-3726862377-2586928099-1968672737-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCChromeExtn\WCChromeExtn.crx [2017-03-28]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S4 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2246256 2017-05-18] (Adobe Systems, Incorporated)
R2 AMD FUEL Service; C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe [344064 2015-08-04] (Advanced Micro Devices, Inc.) [File not signed]
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe [920736 2014-03-12] ()
R2 asHmComSvc; C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe [951936 2014-03-12] (ASUSTeK Computer Inc.)
R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe [149120 2012-02-17] (ASUSTeK Computer Inc.)
R2 AsusFanControlService; C:\Program Files (x86)\ASUS\AsusFanControlService\1.02.00\AsusFanControlService.exe [1632256 2014-03-12] (ASUSTeK Computer Inc.) [File not signed]
S3 BoxSyncUpdateService; C:\Program Files\Box\Box Sync\SyncUpdaterService.exe [37264 2016-07-29] (Box, Inc.)
S3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [282112 2013-09-25] (Brother Industries, Ltd.) [File not signed]
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [4411592 2017-06-23] (Microsoft Corporation)
R2 CrashPlanService; C:\Program Files\CrashPlan\CrashPlanService.exe [267736 2017-06-08] (Code 42 Software)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-09-04] (Dropbox, Inc.)
S2 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-09-04] (Dropbox, Inc.)
R2 DbxSvc; C:\Windows\system32\DbxSvc.exe [49992 2017-07-12] (Dropbox, Inc.)
R2 DisplayFusionService; C:\Development\Modifications\DisplayFusion\DisplayFusionService.exe [5098008 2016-12-23] (Binary Fortress Software)
S2 EMET_Service; C:\Development\EMET 5.5\EMET_Service.exe [33448 2016-07-25] (Microsoft Corporation)
R2 FileMarkerApplyIconService; C:\Development\Modifications\FileMarker.NET\FileMarkerService.exe [717576 2013-11-01] (ArcticLine Software)
S3 fussvc; C:\Development\Microsoft SDKs\Windows\8.1\App Certification Kit\fussvc.exe [143872 2014-10-24] (Microsoft Corporation) [File not signed]
S4 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2960672 2016-07-20] (IObit)
S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4470736 2017-05-09] (Malwarebytes)
R2 mfsyncsv; C:\Windows\system32\mfsyncsv.exe [253744 2016-10-06] (Techsoft)
R2 PlaysService; C:\Program Files (x86)\Raptr Inc\PlaysTV\plays_service.exe [32528 2016-08-02] (Plays.tv, LLC)
R2 PSI_SVC_2; C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe [277360 2014-04-30] (arvato digital services llc)
R2 SamsungRapidSvc; C:\Windows\System32\RAPID\SamsungRapidSvc.exe [29080 2016-11-18] (Samsung Electronics Co., Ltd.)
R2 SepMasterService; C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\12.1.2015.2015.105\Bin\ccSvcHst.exe [143928 2012-11-03] (Symantec Corporation)
R3 SmcService; C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\12.1.2015.2015.105\Bin64\Smc.exe [2294112 2012-11-03] (Symantec Corporation)
S4 SNAC; C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\12.1.2015.2015.105\Bin64\snac64.exe [334288 2012-11-03] (Symantec Corporation)
S3 Te.Service; C:\Development\Microsoft SDKs\Windows\8.1\Testing\Runtimes\TAEF\Wex.Services.exe [122368 2015-02-26] (Microsoft Corporation) [File not signed]
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [7500048 2016-09-20] (TeamViewer GmbH)
R2 vmware-view-usbd; C:\Program Files (x86)\VMware\VMware Horizon View Client\bin\vmware-view-usbd.exe [1978584 2014-08-13] (VMware, Inc.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S3 WMZuneComm; C:\Apps\Zune\WMZuneComm.exe [306400 2011-08-05] (Microsoft Corporation)
R2 wsnm; C:\Program Files (x86)\VMware\VMware Horizon View Client\wsnm\wsnm.exe [528600 2014-08-29] (VMware, Inc.)
S3 ZuneNetworkSvc; C:\Apps\Zune\ZuneNss.exe [8277728 2011-08-05] (Microsoft Corporation)
S3 ZuneWlanCfgSvc; C:\Apps\Zune\ZuneWlanCfgSvc.exe [467680 2011-08-05] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AiChargerPlus; C:\Windows\SysWow64\drivers\AiChargerPlus.sys [14848 2013-01-28] (ASUSTek Computer Inc.)
R2 AODDriver4.3; C:\Program Files\AMD\ATI.ACE\Fuel\amd64\AODDriver2.sys [59616 2014-02-11] (Advanced Micro Devices)
R0 asahci64; C:\Windows\System32\DRIVERS\asahci64.sys [49760 2012-01-06] (Asmedia Technology)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2012-08-22] ()
R0 asstor64; C:\Windows\System32\DRIVERS\asstor64.sys [83792 2015-06-17] (Asmedia Technology)
R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [14464 2011-04-11] ()
S3 ASUSFILTER; C:\Windows\SysWow64\drivers\ASUSFILTER.sys [46152 2011-09-20] (MCCI Corporation)
R1 BHDrvx64; C:\ProgramData\Symantec\Symantec Endpoint Protection\12.1.2015.2015.105\Data\Definitions\BASHDefs\20170705.001\BHDrvx64.sys [1862784 2017-07-05] (Symantec Corporation)
R1 ccSettings_{3771A34D-2132-48EA-A486-D62ECDF9D553}; C:\Windows\System32\Drivers\SEP\0C0107DF\07DF.105\x64\ccSetx64.sys [168096 2012-11-03] (Symantec Corporation)
S3 danewFltr; C:\Windows\System32\drivers\danew.sys [12032 2010-03-23] (Razer (Asia-Pacific) Pte Ltd) [File not signed]
R3 dcdbas; C:\Windows\System32\DRIVERS\dcdbas64.sys [48464 2015-06-18] (Dell Inc.)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [508032 2017-06-30] (Symantec Corporation)
S3 epmntdrv; C:\Windows\system32\epmntdrv.sys [24056 2016-01-14] ()
S3 epmntdrv; C:\Windows\SysWOW64\epmntdrv.sys [21496 2016-01-14] ()
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [158336 2017-06-30] (Symantec Corporation)
S3 EuGdiDrv; C:\Windows\system32\EuGdiDrv.sys [10848 2016-07-11] ()
S3 EuGdiDrv; C:\Windows\SysWOW64\EuGdiDrv.sys [10208 2016-07-11] ()
R1 HWiNFO32; C:\Windows\system32\drivers\HWiNFO64A.SYS [27552 2017-07-11] (REALiX(tm))
R1 IDSVia64; C:\ProgramData\Symantec\Symantec Endpoint Protection\12.1.2015.2015.105\Data\Definitions\IPSDefs\20170713.011\IDSvia64.sys [1012864 2017-05-26] (Symantec Corporation)
R3 LVPr2M64; C:\Windows\System32\DRIVERS\LVPr2M64.sys [30232 2009-04-30] ()
S3 LVPr2Mon; C:\Windows\System32\DRIVERS\LVPr2M64.sys [30232 2009-04-30] ()
S3 MBAMFarflt; C:\Windows\system32\drivers\farflt.sys [101784 2017-07-14] (Malwarebytes)
S3 MBAMProtection; C:\Windows\system32\drivers\mbam.sys [45472 2017-07-14] (Malwarebytes)
R0 MBAMSwissArmy; C:\Windows\System32\drivers\MBAMSwissArmy.sys [253856 2017-07-14] (Malwarebytes)
S3 MBAMWebProtection; C:\Windows\system32\drivers\mwac.sys [84256 2017-07-14] (Malwarebytes)
R0 mrfoldr; C:\Windows\System32\drivers\mrfoldr.sys [140896 2016-10-06] (Techsoft)
R3 NAVENG; C:\ProgramData\Symantec\Symantec Endpoint Protection\12.1.2015.2015.105\Data\Definitions\VirusDefs\20170713.022\ENG64.SYS [138880 2017-05-24] (Symantec Corporation)
R3 NAVEX15; C:\ProgramData\Symantec\Symantec Endpoint Protection\12.1.2015.2015.105\Data\Definitions\VirusDefs\20170713.022\EX64.SYS [2152064 2017-05-24] (Symantec Corporation)
S3 rspLLL; C:\Windows\System32\DRIVERS\rspLLL64.sys [26368 2015-07-13] (Resplendence Software Projects Sp.)
R3 RTCore64; C:\Development\MSI Afterburner\RTCore64.sys [14024 2016-10-24] ()
R0 SamsungRapidDiskFltr; C:\Windows\System32\DRIVERS\SamsungRapidDiskFltr.sys [272792 2016-11-18] (Samsung Electronics Co., Ltd.)
R0 SamsungRapidFSFltr; C:\Windows\System32\DRIVERS\SamsungRapidFSFltr.sys [111512 2016-11-18] (Samsung Electronics Co., Ltd.)
R1 SRTSP; C:\Windows\System32\Drivers\SEP\0C0107DF\07DF.105\x64\SRTSP64.SYS [776352 2012-11-03] (Symantec Corporation)
R1 SRTSPX; C:\Windows\System32\Drivers\SEP\0C0107DF\07DF.105\x64\SRTSPX64.SYS [37496 2012-11-03] (Symantec Corporation)
R3 STXIIService; C:\Windows\System32\drivers\STXII.sys [2736640 2014-02-18] (C-Media Inc)
S3 SyDvCtrl; C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\12.1.2015.2015.105\Bin64\SyDvCtrl64.sys [34352 2012-11-03] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\Drivers\SEP\0C0107DF\07DF.105\x64\SYMDS64.SYS [493216 2012-11-03] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\Drivers\SEP\0C0107DF\07DF.105\x64\SYMEFA64.SYS [1133216 2012-11-03] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [177312 2016-08-10] (Symantec Corporation)
R1 SymIRON; C:\Windows\System32\Drivers\SEP\0C0107DF\07DF.105\x64\Ironx64.SYS [224416 2012-11-03] (Symantec Corporation)
R1 SYMNETS; C:\Windows\System32\Drivers\SEP\0C0107DF\07DF.105\x64\SYMNETS.SYS [432800 2012-11-03] (Symantec Corporation)
R1 SysPlant; C:\Windows\System32\Drivers\SysPlant.sys [154904 2016-08-10] (Symantec Corporation)
R1 Teefer2; C:\Windows\System32\DRIVERS\Teefer.sys [95616 2012-11-03] (Symantec Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-07-14 08:38 - 2017-07-14 12:26 - 00253856 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2017-07-14 08:38 - 2017-07-14 12:26 - 00045472 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2017-07-14 08:38 - 2017-07-14 08:47 - 00101784 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt.sys
2017-07-14 08:38 - 2017-07-14 08:47 - 00084256 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys
2017-07-14 08:38 - 2017-07-14 08:38 - 00188352 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMChameleon.sys
2017-07-14 08:38 - 2017-07-14 08:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2017-07-14 08:38 - 2017-07-14 08:38 - 00000000 ____D C:\ProgramData\Malwarebytes
2017-07-14 08:38 - 2017-07-14 08:38 - 00000000 ____D C:\Program Files\Malwarebytes
2017-07-14 08:38 - 2017-06-27 12:06 - 00077376 _____ C:\Windows\system32\Drivers\mbae64.sys
2017-07-14 08:37 - 2017-07-14 08:37 - 65033984 _____ (Malwarebytes ) C:\Users\owner\Downloads\mb3-setup-consumer-3.1.2.1733-1.0.160-1.0.2251.exe
2017-07-14 03:36 - 2017-07-14 03:08 - 00000027 _____ C:\Windows\system32\Drivers\etc\hosts.20170714-033605.backup
2017-07-14 03:27 - 2017-07-14 13:06 - 00054688 __RSH C:\ProgramData\ntuser.pol
2017-07-14 03:10 - 2017-07-14 03:10 - 00055552 _____ C:\ComboFix.txt
2017-07-14 02:38 - 2017-07-14 02:41 - 00000000 ____D C:\Users\owner\AppData\Roaming\.clamwin
2017-07-14 02:38 - 2017-07-14 02:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ClamWin Antivirus
2017-07-14 02:38 - 2017-07-14 02:38 - 00000000 ____D C:\ProgramData\.clamwin
2017-07-14 02:38 - 2017-07-14 02:38 - 00000000 ____D C:\Program Files (x86)\ClamWin
2017-07-14 02:23 - 2017-07-14 02:24 - 120690586 _____ (alch ) C:\Users\owner\Downloads\clamwin-0.99.1-setup (1).exe
2017-07-14 01:53 - 2017-07-14 01:53 - 00003178 _____ C:\Windows\System32\Tasks\OneDrive Standalone Update Task v2
2017-07-14 01:53 - 2017-07-14 01:53 - 00002122 _____ C:\Users\owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
2017-07-14 01:53 - 2017-07-14 01:53 - 00002104 _____ C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
2017-07-14 01:53 - 2017-07-14 01:53 - 00002104 _____ C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
2017-07-14 01:53 - 2017-07-14 01:53 - 00000000 ____D C:\Program Files (x86)\Microsoft OneDrive
2017-07-14 01:53 - 2017-07-14 01:11 - 26435280 _____ (Microsoft Corporation) C:\Users\owner\Downloads\OneDriveSetup.exe
2017-07-14 01:17 - 2017-07-14 01:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2017-07-14 00:44 - 2017-07-14 00:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PlaysTV
2017-07-12 23:46 - 2017-07-12 23:46 - 00053248 _____ C:\Windows\SysWOW64\zlib.dll
2017-07-12 23:46 - 2017-07-12 23:46 - 00000000 ____D C:\ProgramData\Foolish IT
2017-07-12 23:46 - 2017-07-12 23:46 - 00000000 ____D C:\Program Files (x86)\Foolish IT
2017-07-12 23:34 - 2017-07-12 23:34 - 00000000 ____D C:\Users\owner\Downloads\CryptoPreventSetupV8
2017-07-12 23:33 - 2017-07-12 23:33 - 00000000 ____D C:\Windows\system32\%LocalAppData%
2017-07-12 23:05 - 2017-07-13 01:31 - 00000026 _____ C:\Windows\Zone.Identifier
2017-07-12 23:05 - 2017-07-12 23:05 - 10651946 _____ C:\Users\owner\Downloads\CryptoPreventSetupV8.zip
2017-07-12 22:29 - 2017-07-12 22:29 - 00002954 _____ C:\Windows\System32\Tasks\HWiNFO
2017-07-12 22:07 - 2017-07-12 22:07 - 00000000 ____D C:\PassMark
2017-07-12 21:54 - 2017-07-12 21:54 - 00000000 ____D C:\Windows\SysWOW64\iCloud Photos
2017-07-12 21:54 - 2017-07-12 21:54 - 00000000 ____D C:\Windows\SysWOW64\(null)
2017-07-12 21:06 - 2017-07-12 21:06 - 00000000 ____D C:\Users\Default\AppData\Roaming\Adobe
2017-07-12 21:06 - 2017-07-12 21:06 - 00000000 ____D C:\Users\Default User\AppData\Roaming\Adobe
2017-07-12 20:59 - 2017-07-12 20:59 - 00000000 ____D C:\ArcticLine
2017-07-12 20:56 - 2017-07-12 20:56 - 00000084 _____ C:\Windows\SysWOW64\prime.txt
2017-07-12 20:18 - 2017-07-12 20:18 - 00000000 ___RD C:\Users\owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Work Tools
2017-07-12 20:18 - 2017-07-12 20:18 - 00000000 ___RD C:\Users\owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Tools Utilities
2017-07-12 20:18 - 2017-07-12 20:18 - 00000000 ___RD C:\Users\owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Tools Backups
2017-07-12 20:18 - 2017-07-12 20:18 - 00000000 ___RD C:\Users\owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Apps Browsers
2017-07-12 20:18 - 2017-07-12 20:18 - 00000000 ____D C:\Users\owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zip Tools
2017-07-12 20:18 - 2017-07-12 20:18 - 00000000 ____D C:\Users\owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Work Software
2017-07-12 20:18 - 2017-07-12 20:18 - 00000000 ____D C:\Users\owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Video Games
2017-07-12 20:18 - 2017-07-12 20:18 - 00000000 ____D C:\Users\owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Tools Themes
2017-07-12 20:18 - 2017-07-12 20:18 - 00000000 ____D C:\Users\owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Tools Storage
2017-07-12 20:18 - 2017-07-12 20:18 - 00000000 ____D C:\Users\owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Tools Security
2017-07-12 20:18 - 2017-07-12 20:18 - 00000000 ____D C:\Users\owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Tools Hardware
2017-07-12 20:18 - 2017-07-12 20:18 - 00000000 ____D C:\Users\owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Java
2017-07-12 20:18 - 2017-07-12 20:18 - 00000000 ____D C:\Users\owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Cloud Storage
2017-07-12 20:18 - 2017-07-12 20:18 - 00000000 ____D C:\Users\owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps
2017-07-12 20:18 - 2017-07-12 20:18 - 00000000 ____D C:\Users\owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Apps Video
2017-07-12 20:18 - 2017-07-12 20:18 - 00000000 ____D C:\Users\owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Apps Photo
2017-07-12 20:18 - 2017-07-12 20:18 - 00000000 ____D C:\Users\owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Apps Music
2017-07-12 20:18 - 2017-07-12 20:18 - 00000000 ____D C:\Users\owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Apps Academics
2017-07-12 20:18 - 2017-07-12 20:18 - 00000000 ____D C:\Users\owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\App Utilities
2017-07-12 20:18 - 2017-07-12 20:18 - 00000000 ____D C:\Users\owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AMD Radeon Settings
2017-07-12 20:06 - 2017-07-12 20:06 - 00000000 ____D C:\Users\Default\AppData\Local\Symantec
2017-07-12 20:06 - 2017-07-12 20:06 - 00000000 ____D C:\Users\Default\AppData\Local\AMD
2017-07-12 20:06 - 2017-07-12 20:06 - 00000000 ____D C:\Users\Default User\AppData\Local\Symantec
2017-07-12 20:06 - 2017-07-12 20:06 - 00000000 ____D C:\Users\Default User\AppData\Local\AMD
2017-07-12 20:04 - 2017-07-12 20:04 - 00000000 ____D C:\Users\owner\Desktop\backups
2017-07-12 19:37 - 2017-07-12 19:37 - 00051444 _____ C:\Users\owner\Desktop\service list.txt
2017-07-12 15:58 - 2017-07-12 15:58 - 00049992 _____ (Dropbox, Inc.) C:\Windows\system32\DbxSvc.exe
2017-07-12 15:58 - 2017-07-12 15:58 - 00045640 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-stable.sys
2017-07-12 15:58 - 2017-07-12 15:58 - 00045640 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-dev.sys
2017-07-12 15:58 - 2017-07-12 15:58 - 00045640 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-canary.sys
2017-07-12 01:09 - 2017-07-10 23:43 - 00000027 _____ C:\Windows\system32\Drivers\etc\hosts.20170712-010943.backup
2017-07-12 00:59 - 2017-07-12 00:57 - 00097856 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2017-07-12 00:59 - 2017-06-13 20:50 - 00866720 _____ (Oracle Corporation) C:\Windows\SysWOW64\npDeployJava1.dll
2017-07-12 00:59 - 2017-06-13 20:50 - 00788896 _____ (Oracle Corporation) C:\Windows\SysWOW64\deployJava1.dll
2017-07-12 00:55 - 2017-07-12 00:55 - 57495104 _____ (Oracle Corporation) C:\Users\owner\Downloads\jre-8u131-windows-i586.exe
2017-07-12 00:36 - 2017-07-12 00:36 - 00000000 ____D C:\Windows\System32\Tasks\Apple
2017-07-12 00:36 - 2017-07-12 00:36 - 00000000 ____D C:\Program Files (x86)\Apple Software Update
2017-07-12 00:33 - 2017-07-12 00:34 - 136668472 _____ (Apple Inc.) C:\Users\owner\Downloads\iCloudSetup.exe
2017-07-11 21:46 - 2017-07-11 21:46 - 00000000 ____D C:\Users\owner\Tracing
2017-07-11 21:36 - 2017-07-12 00:07 - 00000914 _____ C:\Users\owner\Desktop\nativesystemreply20170711.txt
2017-07-11 21:21 - 2017-07-12 00:36 - 00004324 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2017-07-11 20:08 - 2017-07-11 20:08 - 00000414 _____ C:\Users\owner\Desktop\AMD SMBus.txt
2017-07-11 19:42 - 2017-06-30 00:15 - 00394448 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2017-07-11 19:42 - 2017-06-29 23:32 - 00346312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2017-07-11 19:42 - 2017-06-29 22:57 - 02319872 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll
2017-07-11 19:42 - 2017-06-29 22:57 - 02222080 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll
2017-07-11 19:42 - 2017-06-29 22:57 - 02058240 _____ (Microsoft Corporation) C:\Windows\system32\Query.dll
2017-07-11 19:42 - 2017-06-29 22:57 - 00778240 _____ (Microsoft Corporation) C:\Windows\system32\mssvp.dll
2017-07-11 19:42 - 2017-06-29 22:57 - 00491520 _____ (Microsoft Corporation) C:\Windows\system32\mssph.dll
2017-07-11 19:42 - 2017-06-29 22:57 - 00288256 _____ (Microsoft Corporation) C:\Windows\system32\mssphtb.dll
2017-07-11 19:42 - 2017-06-29 22:57 - 00115200 _____ (Microsoft Corporation) C:\Windows\system32\mssitlb.dll
2017-07-11 19:42 - 2017-06-29 22:57 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\mssprxy.dll
2017-07-11 19:42 - 2017-06-29 22:57 - 00075264 _____ (Microsoft Corporation) C:\Windows\system32\msscntrs.dll
2017-07-11 19:42 - 2017-06-29 22:57 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\msshooks.dll
2017-07-11 19:42 - 2017-06-29 22:40 - 00591872 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe
2017-07-11 19:42 - 2017-06-29 22:40 - 00249856 _____ (Microsoft Corporation) C:\Windows\system32\SearchProtocolHost.exe
2017-07-11 19:42 - 2017-06-29 22:39 - 01549312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tquery.dll
2017-07-11 19:42 - 2017-06-29 22:39 - 00113664 _____ (Microsoft Corporation) C:\Windows\system32\SearchFilterHost.exe
2017-07-11 19:42 - 2017-06-29 22:38 - 01400320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssrch.dll
2017-07-11 19:42 - 2017-06-29 22:38 - 01363968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Query.dll
2017-07-11 19:42 - 2017-06-29 22:38 - 00666624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssvp.dll
2017-07-11 19:42 - 2017-06-29 22:38 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssph.dll
2017-07-11 19:42 - 2017-06-29 22:38 - 00197120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssphtb.dll
2017-07-11 19:42 - 2017-06-29 22:38 - 00104448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssitlb.dll
2017-07-11 19:42 - 2017-06-29 22:38 - 00059392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscntrs.dll
2017-07-11 19:42 - 2017-06-29 22:38 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssprxy.dll
2017-07-11 19:42 - 2017-06-29 22:27 - 00427520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchIndexer.exe
2017-07-11 19:42 - 2017-06-29 22:27 - 00164352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe
2017-07-11 19:42 - 2017-06-29 22:26 - 00086528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchFilterHost.exe
2017-07-11 19:42 - 2017-06-29 22:26 - 00009728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msshooks.dll
2017-07-11 19:42 - 2017-06-29 02:27 - 25734656 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2017-07-11 19:42 - 2017-06-29 02:19 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2017-07-11 19:42 - 2017-06-29 02:18 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2017-07-11 19:42 - 2017-06-29 02:04 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2017-07-11 19:42 - 2017-06-29 02:03 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2017-07-11 19:42 - 2017-06-29 02:03 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2017-07-11 19:42 - 2017-06-29 02:02 - 02899456 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2017-07-11 19:42 - 2017-06-29 02:02 - 00576512 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2017-07-11 19:42 - 2017-06-29 02:02 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2017-07-11 19:42 - 2017-06-29 01:55 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2017-07-11 19:42 - 2017-06-29 01:54 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2017-07-11 19:42 - 2017-06-29 01:51 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2017-07-11 19:42 - 2017-06-29 01:50 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2017-07-11 19:42 - 2017-06-29 01:50 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2017-07-11 19:42 - 2017-06-29 01:50 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2017-07-11 19:42 - 2017-06-29 01:50 - 00116224 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2017-07-11 19:42 - 2017-06-29 01:44 - 05975552 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2017-07-11 19:42 - 2017-06-29 01:43 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2017-07-11 19:42 - 2017-06-29 01:39 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2017-07-11 19:42 - 2017-06-29 01:35 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2017-07-11 19:42 - 2017-06-29 01:31 - 00087552 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2017-07-11 19:42 - 2017-06-29 01:31 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2017-07-11 19:42 - 2017-06-29 01:30 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2017-07-11 19:42 - 2017-06-29 01:27 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2017-07-11 19:42 - 2017-06-29 01:26 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2017-07-11 19:42 - 2017-06-29 01:23 - 20270592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2017-07-11 19:42 - 2017-06-29 01:23 - 00499200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2017-07-11 19:42 - 2017-06-29 01:23 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2017-07-11 19:42 - 2017-06-29 01:23 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2017-07-11 19:42 - 2017-06-29 01:23 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2017-07-11 19:42 - 2017-06-29 01:22 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2017-07-11 19:42 - 2017-06-29 01:22 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2017-07-11 19:42 - 2017-06-29 01:22 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2017-07-11 19:42 - 2017-06-29 01:19 - 02290176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2017-07-11 19:42 - 2017-06-29 01:17 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2017-07-11 19:42 - 2017-06-29 01:16 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2017-07-11 19:42 - 2017-06-29 01:14 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2017-07-11 19:42 - 2017-06-29 01:13 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2017-07-11 19:42 - 2017-06-29 01:13 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2017-07-11 19:42 - 2017-06-29 01:13 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2017-07-11 19:42 - 2017-06-29 01:11 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2017-07-11 19:42 - 2017-06-29 01:09 - 00806912 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2017-07-11 19:42 - 2017-06-29 01:09 - 00725504 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2017-07-11 19:42 - 2017-06-29 01:08 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2017-07-11 19:42 - 2017-06-29 01:07 - 02132992 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2017-07-11 19:42 - 2017-06-29 01:05 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2017-07-11 19:42 - 2017-06-29 01:01 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2017-07-11 19:42 - 2017-06-29 01:00 - 00091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2017-07-11 19:42 - 2017-06-29 01:00 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2017-07-11 19:42 - 2017-06-29 00:58 - 15253504 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2017-07-11 19:42 - 2017-06-29 00:58 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2017-07-11 19:42 - 2017-06-29 00:56 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2017-07-11 19:42 - 2017-06-29 00:56 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2017-07-11 19:42 - 2017-06-29 00:54 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2017-07-11 19:42 - 2017-06-29 00:53 - 03240960 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2017-07-11 19:42 - 2017-06-29 00:52 - 04549632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2017-07-11 19:42 - 2017-06-29 00:48 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2017-07-11 19:42 - 2017-06-29 00:47 - 00693248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2017-07-11 19:42 - 2017-06-29 00:46 - 02057216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2017-07-11 19:42 - 2017-06-29 00:46 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2017-07-11 19:42 - 2017-06-29 00:43 - 13663744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2017-07-11 19:42 - 2017-06-29 00:41 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2017-07-11 19:42 - 2017-06-29 00:29 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2017-07-11 19:42 - 2017-06-29 00:28 - 02767872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2017-07-11 19:42 - 2017-06-29 00:24 - 01314816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2017-07-11 19:42 - 2017-06-29 00:23 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2017-07-11 19:42 - 2017-06-22 10:58 - 03223040 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2017-07-11 19:42 - 2017-06-15 16:23 - 00753664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys
2017-07-11 19:42 - 2017-06-12 18:54 - 00370920 _____ (Microsoft Corporation) C:\Windows\system32\clfs.sys
2017-07-11 19:42 - 2017-06-12 18:54 - 00154856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2017-07-11 19:42 - 2017-06-12 18:54 - 00095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2017-07-11 19:42 - 2017-06-12 18:49 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2017-07-11 19:42 - 2017-06-12 18:49 - 01363456 _____ (Microsoft Corporation) C:\Windows\system32\wdc.dll
2017-07-11 19:42 - 2017-06-12 18:49 - 01212928 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2017-07-11 19:42 - 2017-06-12 18:49 - 00731648 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2017-07-11 19:42 - 2017-06-12 18:49 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2017-07-11 19:42 - 2017-06-12 18:49 - 00594432 _____ (Microsoft Corporation) C:\Windows\system32\wvc.dll
2017-07-11 19:42 - 2017-06-12 18:49 - 00475136 _____ (Microsoft Corporation) C:\Windows\system32\sysmon.ocx
2017-07-11 19:42 - 2017-06-12 18:49 - 00463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2017-07-11 19:42 - 2017-06-12 18:49 - 00345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2017-07-11 19:42 - 2017-06-12 18:49 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2017-07-11 19:42 - 2017-06-12 18:49 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2017-07-11 19:42 - 2017-06-12 18:49 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2017-07-11 19:42 - 2017-06-12 18:49 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2017-07-11 19:42 - 2017-06-12 18:49 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2017-07-11 19:42 - 2017-06-12 18:49 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2017-07-11 19:42 - 2017-06-12 18:49 - 00123904 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
2017-07-11 19:42 - 2017-06-12 18:49 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2017-07-11 19:42 - 2017-06-12 18:49 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2017-07-11 19:42 - 2017-06-12 18:49 - 00058880 _____ (Microsoft Corporation) C:\Windows\system32\pdhui.dll
2017-07-11 19:42 - 2017-06-12 18:49 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2017-07-11 19:42 - 2017-06-12 18:49 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2017-07-11 19:42 - 2017-06-12 18:49 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2017-07-11 19:42 - 2017-06-12 18:49 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2017-07-11 19:42 - 2017-06-12 18:29 - 01227264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdc.dll
2017-07-11 19:42 - 2017-06-12 18:29 - 00666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2017-07-11 19:42 - 2017-06-12 18:29 - 00444928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wvc.dll
2017-07-11 19:42 - 2017-06-12 18:29 - 00390144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sysmon.ocx
2017-07-11 19:42 - 2017-06-12 18:29 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2017-07-11 19:42 - 2017-06-12 18:29 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2017-07-11 19:42 - 2017-06-12 18:29 - 00082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcrypt.dll
2017-07-11 19:42 - 2017-06-12 18:29 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2017-07-11 19:42 - 2017-06-12 18:28 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2017-07-11 19:42 - 2017-06-12 18:28 - 00554496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2017-07-11 19:42 - 2017-06-12 18:28 - 00342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2017-07-11 19:42 - 2017-06-12 18:28 - 00261120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2017-07-11 19:42 - 2017-06-12 18:28 - 00254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2017-07-11 19:42 - 2017-06-12 18:28 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2017-07-11 19:42 - 2017-06-12 18:28 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2017-07-11 19:42 - 2017-06-12 18:28 - 00141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2017-07-11 19:42 - 2017-06-12 18:28 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2017-07-11 19:42 - 2017-06-12 18:28 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pdhui.dll
2017-07-11 19:42 - 2017-06-12 18:28 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2017-07-11 19:42 - 2017-06-12 18:28 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2017-07-11 19:42 - 2017-06-12 18:19 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2017-07-11 19:42 - 2017-06-12 18:14 - 00379392 _____ (Microsoft Corporation) C:\Windows\system32\msinfo32.exe
2017-07-11 19:42 - 2017-06-12 18:14 - 00172544 _____ (Microsoft Corporation) C:\Windows\system32\perfmon.exe
2017-07-11 19:42 - 2017-06-12 18:14 - 00103936 _____ (Microsoft Corporation) C:\Windows\system32\resmon.exe
2017-07-11 19:42 - 2017-06-12 18:12 - 00291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2017-07-11 19:42 - 2017-06-12 18:12 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2017-07-11 19:42 - 2017-06-12 18:12 - 00129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2017-07-11 19:42 - 2017-06-12 18:11 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2017-07-11 19:42 - 2017-06-12 18:09 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2017-07-11 19:42 - 2017-06-12 18:06 - 00303616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msinfo32.exe
2017-07-11 19:42 - 2017-06-12 18:06 - 00157184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\perfmon.exe
2017-07-11 19:42 - 2017-06-12 18:06 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\resmon.exe
2017-07-11 19:42 - 2017-06-12 18:05 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2017-07-11 19:42 - 2017-06-10 11:59 - 00313856 _____ (Microsoft Corporation) C:\Windows\system32\Wldap32.dll
2017-07-11 19:42 - 2017-06-10 11:39 - 00271360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Wldap32.dll
2017-07-11 19:42 - 2017-06-09 11:33 - 01680616 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2017-07-11 19:42 - 2017-06-06 11:30 - 01867264 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2017-07-11 19:42 - 2017-06-06 11:12 - 01499648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll
2017-07-11 19:42 - 2017-05-30 00:56 - 01895656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2017-07-11 19:42 - 2017-05-30 00:56 - 00377576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2017-07-11 19:42 - 2017-05-30 00:56 - 00287976 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2017-07-11 19:10 - 2011-06-26 02:45 - 00256000 _____ C:\Windows\PEV.exe
2017-07-11 19:10 - 2010-11-07 13:20 - 00208896 _____ C:\Windows\MBR.exe
2017-07-11 19:10 - 2009-04-20 00:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2017-07-11 19:10 - 2000-08-30 20:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2017-07-11 19:10 - 2000-08-30 20:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2017-07-11 19:10 - 2000-08-30 20:00 - 00098816 _____ C:\Windows\sed.exe
2017-07-11 19:10 - 2000-08-30 20:00 - 00080412 _____ C:\Windows\grep.exe
2017-07-11 19:10 - 2000-08-30 20:00 - 00068096 _____ C:\Windows\zip.exe
2017-07-11 19:08 - 2017-07-11 19:08 - 05659794 ____R (Swearware) C:\Users\owner\Desktop\ComboFix.exe
2017-07-11 19:04 - 2017-07-11 19:04 - 00027552 _____ (REALiX(tm)) C:\Windows\system32\Drivers\HWiNFO64A.SYS
2017-07-11 01:48 - 2017-07-11 01:48 - 00380928 _____ C:\Users\owner\Downloads\qpceb60e.exe
2017-07-10 23:27 - 2017-07-10 23:27 - 00000178 _____ C:\Users\owner\Desktop\pumpbytes.txt
2017-07-10 22:34 - 2017-07-14 03:10 - 00000000 ____D C:\Qoobox
2017-07-10 22:34 - 2017-07-10 23:44 - 00000000 ____D C:\Windows\erdnt
2017-07-10 22:30 - 2017-07-10 22:30 - 00388608 _____ (Trend Micro Inc.) C:\Users\owner\Desktop\HijackThis.exe
2017-07-10 20:08 - 2017-07-10 20:08 - 02437120 _____ (Farbar) C:\Users\owner\Downloads\FRST64 (1).exe
2017-07-10 19:49 - 2017-07-10 19:49 - 00000000 _____ C:\Users\owner\AppData\New Text Document.txt
2017-07-10 19:39 - 2017-07-10 19:39 - 00003146 _____ C:\Windows\System32\Tasks\StartCN
2017-07-10 19:39 - 2017-07-10 19:39 - 00000000 ____D C:\Program Files (x86)\AMD
2017-07-10 19:37 - 2017-07-14 13:07 - 00000000 ____D C:\FRST
2017-07-10 19:31 - 2017-07-10 19:31 - 00000060 _____ C:\ProgramData\SoftwareUpdateTemp.xml
2017-07-10 19:29 - 2017-07-10 19:29 - 41315000 _____ (AMD Inc.) C:\Users\owner\Downloads\radeon-crimson-relive-17.7.1-minimalsetup-170710_64bit.exe
2017-07-10 19:11 - 2012-12-27 02:26 - 00107552 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RTNUninst64.dll
2017-07-10 19:11 - 2012-12-27 02:26 - 00074344 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RtNicProp64.dll
2017-07-09 20:16 - 2017-07-11 02:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\App Utilities
2017-07-09 20:15 - 2017-07-09 20:15 - 03959288 _____ (Martin Malík - REALiX ) C:\Users\owner\Downloads\hw64_554.exe
2017-07-09 16:38 - 2017-07-09 16:38 - 00041449 _____ C:\Users\owner\Desktop\My Baseline (2017- 7- 9).ptx
2017-07-04 18:38 - 2017-07-04 18:38 - 09446336 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiumd64.dll
2017-07-04 18:38 - 2017-07-04 18:38 - 00522632 _____ C:\Windows\system32\GameManager64.dll
2017-07-04 18:38 - 2017-07-04 18:38 - 00185088 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiu9p64.dll
2017-07-04 18:37 - 2017-07-04 18:37 - 15728008 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\aticaldd64.dll
2017-07-04 18:37 - 2017-07-04 18:37 - 14318984 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\aticaldd.dll
2017-07-04 18:37 - 2017-07-04 18:37 - 01032072 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atiadlxy.dll
2017-07-04 18:37 - 2017-07-04 18:37 - 01032072 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atiadlxx.dll
2017-07-04 18:37 - 2017-07-04 18:37 - 00768904 _____ (AMD) C:\Windows\system32\atieclxx.exe
2017-07-04 18:37 - 2017-07-04 18:37 - 00544136 _____ (AMD) C:\Windows\system32\atitmm64.dll
2017-07-04 18:37 - 2017-07-04 18:37 - 00543112 _____ C:\Windows\system32\dgtrayicon.exe
2017-07-04 18:37 - 2017-07-04 18:37 - 00543112 _____ (AMD) C:\Windows\system32\atiesrxx.exe
2017-07-04 18:37 - 2017-07-04 18:37 - 00537992 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Rapidfire64.dll
2017-07-04 18:37 - 2017-07-04 18:37 - 00520584 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\atikmpag.sys
2017-07-04 18:37 - 2017-07-04 18:37 - 00475016 _____ C:\Windows\system32\atieah64.exe
2017-07-04 18:37 - 2017-07-04 18:37 - 00469384 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\Rapidfire.dll
2017-07-04 18:37 - 2017-07-04 18:37 - 00458632 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atidemgy.dll
2017-07-04 18:37 - 2017-07-04 18:37 - 00402312 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atiapfxx.exe
2017-07-04 18:37 - 2017-07-04 18:37 - 00356744 _____ C:\Windows\SysWOW64\GameManager32.dll
2017-07-04 18:37 - 2017-07-04 18:37 - 00349064 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\ATIODE.exe
2017-07-04 18:37 - 2017-07-04 18:37 - 00325512 _____ C:\Windows\SysWOW64\atieah32.exe
2017-07-04 18:37 - 2017-07-04 18:37 - 00194952 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atigktxx.dll
2017-07-04 18:37 - 2017-07-04 18:37 - 00182664 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\mantle64.dll
2017-07-04 18:37 - 2017-07-04 18:37 - 00161160 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\mantleaxl64.dll
2017-07-04 18:37 - 2017-07-04 18:37 - 00142216 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\mantle32.dll
2017-07-04 18:37 - 2017-07-04 18:37 - 00126344 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\mantleaxl32.dll
2017-07-04 18:37 - 2017-07-04 18:37 - 00124808 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiglpxx.dll
2017-07-04 18:37 - 2017-07-04 18:37 - 00124808 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiglpxx.dll
2017-07-04 18:37 - 2017-07-04 18:37 - 00114056 _____ (AMD) C:\Windows\system32\atimuixx.dll
2017-07-04 18:37 - 2017-07-04 18:37 - 00078728 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\aticalrt64.dll
2017-07-04 18:37 - 2017-07-04 18:37 - 00072072 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\aticalcl64.dll
2017-07-04 18:37 - 2017-07-04 18:37 - 00068488 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\aticalrt.dll
2017-07-04 18:37 - 2017-07-04 18:37 - 00067464 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\ATIODCLI.exe
2017-07-04 18:37 - 2017-07-04 18:37 - 00065416 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\aticalcl.dll
2017-07-04 18:37 - 2017-07-04 18:37 - 00060296 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\ati2erec.dll
2017-07-04 18:37 - 2017-07-04 18:37 - 00036232 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\RapidFireServer64.dll
2017-07-04 18:37 - 2017-07-04 18:37 - 00033672 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\RapidFireServer.dll
2017-07-04 18:36 - 2017-07-04 18:36 - 59237768 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\amdocl64.dll
2017-07-04 18:36 - 2017-07-04 18:36 - 46457736 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\amdocl.dll
2017-07-04 18:36 - 2017-07-04 18:36 - 36562312 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\atikmdag.sys
2017-07-04 18:36 - 2017-07-04 18:36 - 28797832 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\amdocl12cl64.dll
2017-07-04 18:36 - 2017-07-04 18:36 - 22739336 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\amdocl12cl.dll
2017-07-04 18:36 - 2017-07-04 18:36 - 14414072 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiumd6a.dll
2017-07-04 18:36 - 2017-07-04 18:36 - 10313608 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdvlk64.dll
2017-07-04 18:36 - 2017-07-04 18:36 - 09899912 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdmantle64.dll
2017-07-04 18:36 - 2017-07-04 18:36 - 07955848 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdmantle32.dll
2017-07-04 18:36 - 2017-07-04 18:36 - 02527624 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\amfrt64.dll
2017-07-04 18:36 - 2017-07-04 18:36 - 02189704 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\amfrt32.dll
2017-07-04 18:36 - 2017-07-04 18:36 - 00855432 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\amdlvr64.dll
2017-07-04 18:36 - 2017-07-04 18:36 - 00687496 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\amdlvr32.dll
2017-07-04 18:36 - 2017-07-04 18:36 - 00505736 _____ C:\Windows\system32\amdgfxinfo64.dll
2017-07-04 18:36 - 2017-07-04 18:36 - 00351624 _____ C:\Windows\SysWOW64\amdgfxinfo32.dll
2017-07-04 18:36 - 2017-07-04 18:36 - 00305544 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\amdacpksd.sys
2017-07-04 18:36 - 2017-07-04 18:36 - 00269704 _____ C:\Windows\system32\clinfo.exe
2017-07-04 18:36 - 2017-07-04 18:36 - 00185600 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\amdhcp64.dll
2017-07-04 18:36 - 2017-07-04 18:36 - 00159112 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atisamu64.dll
2017-07-04 18:36 - 2017-07-04 18:36 - 00154152 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\amdhcp32.dll
2017-07-04 18:36 - 2017-07-04 18:36 - 00128968 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdave64.dll
2017-07-04 18:36 - 2017-07-04 18:36 - 00124808 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atisamu32.dll
2017-07-04 18:36 - 2017-07-04 18:36 - 00121240 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atimpc64.dll
2017-07-04 18:36 - 2017-07-04 18:36 - 00121240 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdpcom64.dll
2017-07-04 18:36 - 2017-07-04 18:36 - 00112520 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2017-07-04 18:36 - 2017-07-04 18:36 - 00106248 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdave32.dll
2017-07-04 18:36 - 2017-07-04 18:36 - 00103304 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2017-07-04 18:36 - 2017-07-04 18:36 - 00092840 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atimpc32.dll
2017-07-04 18:36 - 2017-07-04 18:36 - 00092840 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdpcom32.dll
2017-07-04 18:35 - 2017-07-04 18:35 - 26831240 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atioglxx.dll
2017-07-04 18:35 - 2017-07-04 18:35 - 08471432 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdvlk32.dll
2017-07-04 18:35 - 2017-07-04 18:35 - 00166280 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amduve64.dll
2017-07-04 18:35 - 2017-07-04 18:35 - 00149896 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\amdihk64.dll
2017-07-04 18:35 - 2017-07-04 18:35 - 00135560 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amduve32.dll
2017-07-04 18:35 - 2017-07-04 18:35 - 00127880 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\amdihk32.dll
2017-07-04 18:35 - 2017-07-04 18:35 - 00082824 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdmcl64.dll
2017-07-04 18:35 - 2017-07-04 18:35 - 00066952 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdmmcl6.dll
2017-07-04 18:35 - 2017-07-04 18:35 - 00066440 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdmcl32.dll
2017-07-04 18:35 - 2017-07-04 18:35 - 00054664 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdmmcl.dll
2017-07-04 17:59 - 2017-07-04 17:59 - 00798552 _____ C:\Windows\SysWOW64\atiapfxx.blb
2017-07-04 17:59 - 2017-07-04 17:59 - 00798552 _____ C:\Windows\system32\atiapfxx.blb
2017-07-04 17:58 - 2017-07-04 17:58 - 03437632 _____ C:\Windows\system32\atiumd6a.cap
2017-07-04 17:53 - 2017-07-04 17:53 - 03471376 _____ C:\Windows\SysWOW64\atiumdva.cap
2017-07-04 12:49 - 2017-07-04 12:51 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy
2017-07-04 12:47 - 2017-07-04 12:48 - 16409960 _____ (Safer Networking Limited ) C:\Users\owner\Downloads\spybotsd162.exe
2017-07-04 11:29 - 2017-07-04 11:29 - 00368576 _____ C:\Windows\system32\ativvaxy_el_nd.dat
2017-07-03 22:47 - 2017-07-14 02:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tools Security
2017-07-03 22:44 - 2017-07-03 22:45 - 120690586 _____ (alch ) C:\Users\owner\Downloads\clamwin-0.99.1-setup.exe
2017-07-03 20:32 - 2017-07-03 20:32 - 00000000 _____ C:\Users\owner\AppData\Local\{32CC8840-D407-4FDF-9077-54AEE6515CAD}
2017-07-03 20:32 - 2017-07-03 20:32 - 00000000 _____ C:\Users\owner\AppData\Local\{174E6EE2-8EF7-4E5D-8F64-269686E139BA}
2017-07-03 19:57 - 2017-07-03 19:57 - 00000000 _____ C:\Users\owner\AppData\Local\{8099176B-DFD6-4218-B7FE-EE26F272B780}
2017-07-03 18:39 - 2017-07-03 18:42 - 478915776 _____ (AMD Inc.) C:\Users\owner\Downloads\non-whql-win7-64bit-radeon-software-crimson-relive-17.6.2-june13.exe
2017-07-02 21:21 - 2017-07-02 21:21 - 00000000 ____D C:\Users\owner\AppData\Roaming\AMD
2017-07-02 21:20 - 2017-07-02 21:31 - 00000000 ____D C:\Users\owner\AppData\Roaming\obs-studio
2017-07-02 21:19 - 2017-07-02 21:19 - 00000949 _____ C:\Users\Public\Desktop\OBS Studio.lnk
2017-07-02 21:19 - 2017-07-02 21:19 - 00000000 ____D C:\ProgramData\Intel
2017-07-02 21:17 - 2017-07-02 21:18 - 113245088 _____ (obsproject.com) C:\Users\owner\Downloads\OBS-Studio-19.0.3-Full-Installer.exe
2017-07-02 18:05 - 2017-07-03 18:38 - 00225000 _____ C:\Users\owner\Downloads\radeon-crimson-relive-17.6.2-minimalsetup-170613_64bit.exe
2017-07-02 14:42 - 2017-05-21 00:24 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2017-07-02 14:42 - 2017-05-21 00:06 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2017-07-02 14:42 - 2017-05-16 11:35 - 00986856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2017-07-02 14:42 - 2017-05-16 11:35 - 00265448 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2017-07-02 14:42 - 2017-05-16 11:30 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
2017-07-02 13:49 - 2017-07-02 13:49 - 00000000 ____D C:\Program Files\ATI Technologies
2017-07-02 13:48 - 2017-07-02 13:48 - 00016896 _____ (ASUS) C:\Windows\AsTaskSched.dll
2017-07-02 13:46 - 2017-07-02 13:46 - 00000000 ____D C:\Users\owner\Downloads\AMD_Chipset_XPVistaWin7_8_V8973_V901
2017-07-02 13:46 - 2011-02-25 02:25 - 00296320 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volsnap.sys
2017-07-02 13:43 - 2017-07-02 13:43 - 05500868 _____ C:\Users\owner\Downloads\Asmedia_USB3_XPVistaWin7-8-81_VER116120.zip
2017-07-02 13:43 - 2017-07-02 13:43 - 00000000 ____D C:\Users\owner\Downloads\Asmedia_USB3_XPVistaWin7-8-81_VER116120
2017-07-02 13:41 - 2017-07-02 13:46 - 944709898 _____ C:\Users\owner\Downloads\AMD_Chipset_XPVistaWin7_8_V8973_V901.zip
2017-07-02 12:35 - 2017-07-14 09:03 - 00003012 _____ C:\Windows\System32\Tasks\MSIAfterburner
2017-06-28 10:03 - 2017-06-28 10:03 - 00000218 _____ C:\Users\owner\AppData\Local\recently-used.xbel
2017-06-26 10:29 - 2017-06-26 10:29 - 00264581 _____ C:\Users\owner\Downloads\Invoice.pdf
2017-06-24 21:19 - 2017-06-24 21:19 - 00941841 _____ C:\Users\owner\Downloads\Video.MOV
2017-06-24 05:17 - 2017-07-10 19:50 - 00000000 ____D C:\Users\owner\Downloads\File-Export-2017-05-25-to-2017-06-24
2017-06-24 05:16 - 2017-06-24 05:16 - 00002023 _____ C:\Users\owner\Downloads\File-Export-2017-05-25-to-2017-06-24.zip
2017-06-24 01:58 - 2017-06-24 01:58 - 00000000 ____D C:\Users\owner\Downloads\mirror folder retail
2017-06-24 01:56 - 2016-10-06 10:36 - 00253744 _____ (Techsoft) C:\Windows\system32\mfsyncsv.exe
2017-06-24 01:55 - 2017-06-24 01:55 - 04123176 _____ (Techsoft ) C:\Users\owner\Downloads\mf51r.exe
2017-06-24 01:54 - 2017-06-24 01:54 - 00001432 _____ C:\Users\owner\Desktop\mirrorfolder.xml
2017-06-22 13:08 - 2017-06-22 13:08 - 00000000 ____D C:\Users\owner\AppData\Roaming\ArcticLine
2017-06-22 13:07 - 2017-06-22 13:07 - 01630600 _____ (ArcticLine Software ) C:\Users\owner\Downloads\FileMarker.NET_Free.exe
2017-06-22 04:46 - 2017-06-22 04:46 - 00951878 _____ C:\Windows\system32\amdicdxx.dat
2017-06-17 11:20 - 2017-06-17 11:20 - 01202184 _____ (Adobe Systems Incorporated) C:\Users\owner\Downloads\flashplayer26pp_xa_install.exe
2017-06-14 10:24 - 2017-06-14 10:24 - 00000241 _____ C:\Users\owner\Downloads\download.TXT
2017-06-14 10:24 - 2017-06-14 10:24 - 00000073 _____ C:\Users\owner\Downloads\download (5).CSV
2017-06-14 00:43 - 2017-07-02 11:57 - 00000000 _____ C:\Users\owner\AppData\initdebug.nfo
2017-06-14 00:43 - 2017-06-14 00:43 - 02143832 _____ C:\Users\owner\Downloads\instsf449.exe
2017-06-14 00:20 - 2017-07-02 11:57 - 00000045 _____ C:\Windows\SysWOW64\initdebug.nfo
2017-06-14 00:18 - 2017-06-14 00:18 - 03086696 _____ C:\Users\owner\Downloads\instspeedfan452.exe
2017-06-14 00:17 - 2017-06-14 00:17 - 00000000 ____D C:\ProgramData\Dell
2017-06-14 00:17 - 2011-07-04 12:34 - 00399296 _____ (Dell Inc.) C:\Windows\SysWOW64\dchbas32.dll
2017-06-14 00:17 - 2011-07-04 12:34 - 00325568 _____ (Dell Inc.) C:\Windows\hapint.exe
2017-06-14 00:17 - 2011-07-04 12:34 - 00284608 _____ (Dell Inc.) C:\Windows\SysWOW64\dchapi32.dll
2017-06-14 00:17 - 2011-07-04 12:34 - 00284608 _____ (Dell Inc.) C:\Windows\dchcfg32.exe
2017-06-14 00:17 - 2011-07-04 12:34 - 00243648 _____ (Dell Inc.) C:\Windows\SysWOW64\dchcfl32.dll
2017-06-14 00:17 - 2011-07-04 12:34 - 00108992 _____ (Dell Inc.) C:\Windows\dcmdev64.exe
2017-06-14 00:16 - 2017-06-14 00:16 - 15105552 _____ (Dell Inc.) C:\Users\owner\Downloads\2020_Network_Driver_T13T3_WN_8.2.612.2012_A01.EXE

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-07-14 13:07 - 2017-06-13 21:14 - 01048576 _____ C:\Windows\PE_Rom.dll
2017-07-14 13:06 - 2017-06-13 21:37 - 00000000 ____D C:\ProgramData\TEMP
2017-07-14 13:06 - 2016-09-04 17:29 - 00000902 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job
2017-07-14 13:06 - 2009-07-14 01:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2017-07-14 12:39 - 2016-10-13 07:30 - 00000000 ____D C:\Windows\pss
2017-07-14 12:36 - 2008-01-01 16:44 - 01848476 _____ C:\Windows\ntbtlog.txt
2017-07-14 12:30 - 2009-07-14 01:13 - 00006166 _____ C:\Windows\system32\PerfStringBackup.INI
2017-07-14 08:59 - 2009-07-14 00:45 - 00033632 _____ C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-07-14 08:59 - 2009-07-14 00:45 - 00033632 _____ C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-07-14 08:54 - 2017-06-13 21:19 - 00000000 _____ C:\Windows\Path.idx
2017-07-14 08:50 - 2017-06-08 18:07 - 00007532 _____ C:\Windows\mrfldr.dat
2017-07-14 08:46 - 2016-12-01 08:49 - 00065536 _____ C:\Windows\system32\spu_storage.bin
2017-07-14 08:21 - 2017-06-08 18:07 - 00007532 _____ C:\Windows\mrfldr.da0
2017-07-14 03:08 - 2009-07-13 22:34 - 00000215 _____ C:\Windows\system.ini
2017-07-14 02:38 - 2016-09-06 01:47 - 00000000 ___RD C:\Development
2017-07-14 02:17 - 2016-09-04 17:29 - 00000906 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job
2017-07-14 01:53 - 2015-02-13 14:33 - 00000000 ___RD C:\Users\owner\OneDrive
2017-07-14 01:40 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\inf
2017-07-14 01:33 - 2016-11-20 10:49 - 00000000 ____D C:\Users\owner\AppData\LocalLow\Mozilla
2017-07-14 01:17 - 2016-09-04 17:29 - 00000000 ____D C:\Program Files (x86)\Dropbox
2017-07-14 00:57 - 2017-02-28 15:13 - 00000000 ___RD C:\Users\owner\iCloudDrive
2017-07-13 10:09 - 2016-11-20 10:49 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-07-13 09:31 - 2016-10-14 04:50 - 00000000 ____D C:\Users\owner\AppData\Local\CrashDumps
2017-07-13 01:21 - 2016-09-04 22:48 - 00000000 ___RD C:\Users\owner\Box Sync
2017-07-13 01:21 - 2015-03-03 14:46 - 00000000 ___RD C:\Users\owner\Google Drive
2017-07-13 01:21 - 2015-02-14 21:30 - 00000000 ___RD C:\Users\owner\Dropbox
2017-07-13 01:11 - 2016-10-13 04:03 - 00000000 ____D C:\Users\owner\AppData\Local\ClassicShell
2017-07-13 00:46 - 2016-09-25 07:04 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apps Browsers
2017-07-12 21:54 - 2016-07-28 13:57 - 00006356 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2017-07-12 21:10 - 2016-07-28 14:35 - 00000000 ____D C:\Windows\System32\Tasks\ASUS
2017-07-12 18:34 - 2016-10-17 03:43 - 00000000 ____D C:\Users\owner\AppData\Local\Spotify
2017-07-12 18:32 - 2016-10-17 03:43 - 00000000 ____D C:\Users\owner\AppData\Roaming\Spotify
2017-07-12 18:32 - 2016-09-24 07:13 - 00000000 ____D C:\Users\owner\ownCloud
2017-07-12 18:32 - 2016-07-29 10:05 - 00000000 ____D C:\Users\owner\AppData\Roaming\PlaysTV
2017-07-12 18:29 - 2016-09-05 21:21 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-07-12 02:57 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\rescache
2017-07-12 02:00 - 2016-07-28 14:21 - 00000000 ____D C:\Users\owner\AppData\Roaming\Skype
2017-07-12 01:00 - 2016-09-25 06:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cloud Storage
2017-07-12 00:59 - 2016-07-28 13:53 - 00000000 ____D C:\Program Files (x86)\Java
2017-07-12 00:57 - 2017-06-13 20:50 - 00268864 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2017-07-12 00:41 - 2016-09-24 06:59 - 00000000 ____D C:\Users\owner\AppData\Local\ownCloud
2017-07-12 00:36 - 2016-12-24 01:16 - 00004456 _____ C:\Windows\System32\Tasks\Adobe Flash Player PPAPI Notifier
2017-07-12 00:36 - 2016-09-05 23:51 - 00803328 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2017-07-12 00:36 - 2016-09-05 23:51 - 00144896 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2017-07-12 00:36 - 2016-09-05 23:51 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2017-07-12 00:36 - 2016-09-05 23:51 - 00000000 ____D C:\Windows\system32\Macromed
2017-07-12 00:26 - 2016-09-05 21:54 - 00000000 ____D C:\Users\owner\AppData\Roaming\KeePass
2017-07-12 00:25 - 2009-07-13 23:20 - 00000000 ___HD C:\Windows\system32\GroupPolicy
2017-07-12 00:25 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\SysWOW64\GroupPolicy
2017-07-11 22:35 - 2016-12-19 03:23 - 00000000 ____D C:\Users\owner\AppData\Roaming\Notepad++
2017-07-11 21:34 - 2016-09-06 23:08 - 00000000 ____D C:\Users\owner\AppData\Roaming\1UPIndustries
2017-07-11 21:34 - 2016-09-06 23:08 - 00000000 ____D C:\ProgramData\1UPIndustries
2017-07-11 20:15 - 2016-07-29 07:44 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2017-07-11 19:57 - 2009-07-14 00:45 - 00513832 _____ C:\Windows\system32\FNTCACHE.DAT
2017-07-11 19:55 - 2016-08-03 10:26 - 00000000 ____D C:\Windows\system32\MRT
2017-07-11 19:50 - 2016-08-03 10:26 - 135225752 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2017-07-11 19:46 - 2016-07-29 07:51 - 00000000 ____D C:\Program Files (x86)\ASUS
2017-07-11 18:21 - 2016-09-21 10:50 - 00000000 ____D C:\Users\owner\AppData\LocalLow\Temp
2017-07-11 17:46 - 2016-07-28 14:21 - 00136024 _____ C:\Users\owner\AppData\Local\GDIPFONTCACHEV1.DAT
2017-07-11 03:03 - 2017-02-01 02:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tools Themes
2017-07-11 00:16 - 2016-09-11 23:14 - 00000000 ____D C:\Users\owner\AppData\Roaming\FileZilla
2017-07-10 22:57 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\system32\NDF
2017-07-10 19:38 - 2016-10-14 02:09 - 00000000 ____D C:\Users\owner\AppData\Local\DisplayFusion
2017-07-10 19:35 - 2017-04-01 21:38 - 00000000 ____D C:\Users\owner\AppData\LocalLow\AMD
2017-07-10 19:35 - 2016-07-29 10:07 - 00000000 ____D C:\Users\owner\AppData\Local\AMD
2017-07-10 19:30 - 2017-06-13 22:42 - 00000000 ____D C:\AMD
2017-07-10 19:11 - 2016-07-29 07:44 - 00000000 ____D C:\Program Files (x86)\Realtek
2017-07-09 21:35 - 2016-10-18 14:42 - 00000000 ____D C:\Users\owner\AppData\Roaming\Stardock
2017-07-08 21:46 - 2016-09-04 14:39 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Exploit
2017-07-08 20:00 - 2016-09-04 14:39 - 00000000 ____D C:\ProgramData\Malwarebytes Anti-Exploit
2017-07-08 18:54 - 2016-09-05 19:49 - 00000000 ____D C:\Users\owner\AppData\Local\ElevatedDiagnostics
2017-07-07 14:24 - 2016-09-04 22:37 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2017-07-06 22:28 - 2016-09-04 22:39 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2017-07-04 18:38 - 2017-04-24 21:36 - 00207760 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiuxp64.dll
2017-07-04 18:38 - 2016-07-18 18:21 - 07663888 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiumdag.dll
2017-07-04 18:38 - 2016-07-18 18:21 - 00161344 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiuxpag.dll
2017-07-04 18:38 - 2016-07-18 18:21 - 00143864 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiu9pag.dll
2017-07-04 18:37 - 2017-04-24 21:36 - 12574408 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atidxx64.dll
2017-07-04 18:37 - 2017-04-24 21:36 - 00020360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\detoured.dll
2017-07-04 18:37 - 2017-04-24 21:36 - 00020360 _____ (Microsoft Corporation) C:\Windows\system32\detoured.dll
2017-07-04 18:37 - 2016-07-18 18:21 - 13254256 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiumdva.dll
2017-07-04 18:37 - 2016-07-18 18:21 - 10444400 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atidxx32.dll
2017-07-04 18:37 - 2016-07-18 18:21 - 01654880 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\aticfx64.dll
2017-07-04 18:37 - 2016-07-18 18:21 - 01347952 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\aticfx32.dll
2017-07-04 18:37 - 2016-07-18 16:33 - 01507720 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atiadlxx.dll
2017-07-04 18:37 - 2016-07-18 16:33 - 00236424 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atig6txx.dll
2017-07-04 18:37 - 2016-07-18 16:33 - 00155528 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atig6pxx.dll
2017-07-04 18:36 - 2017-04-24 21:35 - 00915848 _____ (AMD) C:\Windows\system32\coinst_17.10.dll
2017-07-04 18:35 - 2016-07-18 17:37 - 32738184 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atio6axx.dll
2017-07-04 13:24 - 2017-02-01 06:37 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2017-07-04 13:23 - 2009-07-13 22:34 - 00454598 ____R C:\Windows\system32\Drivers\etc\hosts.20170710-225040.backup
2017-07-03 22:39 - 2016-08-10 18:43 - 00000000 ____D C:\ProgramData\Symantec
2017-07-03 13:46 - 2009-07-14 01:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Video Games
2017-07-02 21:48 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\LiveKernelReports
2017-07-02 21:29 - 2016-08-03 11:08 - 00000000 ____D C:\Users\owner\AppData\Roaming\vlc
2017-06-25 10:29 - 2016-09-08 08:35 - 00000000 ____D C:\Users\owner\AppData\Local\gtk-2.0
2017-06-17 11:19 - 2016-07-28 13:52 - 00000000 ____D C:\Users\owner\AppData\Local\Adobe
2017-06-14 14:30 - 2016-09-04 17:23 - 00000000 ____D C:\Users\owner\AppData\Local\Dropbox
2017-06-14 05:57 - 2017-02-01 02:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tools Storage
2017-06-14 05:08 - 2017-03-29 14:45 - 00000000 ____D C:\ProgramData\Passmark
2017-06-14 01:53 - 2016-07-29 10:04 - 00000000 ____D C:\Users\owner\AppData\Roaming\Raptr
2017-06-14 01:52 - 2009-07-14 01:08 - 00032634 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2017-06-14 01:44 - 2017-06-12 20:49 - 268435456 _____ C:\kernel.etl
2017-06-14 01:36 - 2016-09-25 06:46 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tools Utilities

==================== Files in the root of some directories =======

2016-09-05 21:03 - 2016-09-05 21:08 - 55736320 _____ () C:\Program Files (x86)\GUT73CA.tmp
2016-09-14 00:38 - 2016-09-14 00:38 - 0000057 _____ () C:\ProgramData\Ament.ini
2016-07-29 07:47 - 2016-07-29 07:47 - 0000000 _____ () C:\ProgramData\DP45977C.lfl
2017-07-10 19:31 - 2017-07-10 19:31 - 0000060 _____ () C:\ProgramData\SoftwareUpdateTemp.xml

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2017-07-12 02:50

==================== End of FRST.txt ============================

dee25 · Jul 14, 2017

Additional

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 08-07-2017Ran by owner (14-07-2017 13:08:51)
Running from C:\ProgramData\Microsoft\Windows\Start Menu\Programs\App Utilities\System Integrity
Windows 7 Ultimate Service Pack 1 (X64) (2016-07-28 16:04:23)
Boot Mode: Normal
==========================================================

==================== Accounts: =============================

Admin (S-1-5-21-3726862377-2586928099-1968672737-500 - Administrator - Disabled) => C:\Users\Admin
Gust User (S-1-5-21-3726862377-2586928099-1968672737-501 - Limited - Disabled)
owner (S-1-5-21-3726862377-2586928099-1968672737-1000 - Administrator - Enabled) => C:\Users\owner
Test (S-1-5-21-3726862377-2586928099-1968672737-1002 - Administrator - Enabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Symantec Endpoint Protection (Disabled - Up to date) {63DF5164-9100-186D-2187-8DC619EFD8BF}
AV: Malwarebytes (Disabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Malwarebytes (Disabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Symantec Endpoint Protection (Disabled - Up to date) {D8BEB080-B73A-17E3-1B37-B6B462689202}
FW: Symantec Endpoint Protection (Enabled) {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 16.02 (x64) (HKLM\...\7-Zip) (Version: 16.02 - Igor Pavlov)
Adblock Plus for IE (32-bit and 64-bit) (HKLM\...\{0F347A49-E36C-4639-8D2E-003AD408B8B2}) (Version: 1.5 - Eyeo GmbH)
Adobe Acrobat XI Pro (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-000000000006}) (Version: 11.0.20 - Adobe Systems)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 23.0.0.257 - Adobe Systems Incorporated)
Adobe Flash Player 26 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 26.0.0.137 - Adobe Systems Incorporated)
Adobe Flash Player 26 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 26.0.0.137 - Adobe Systems Incorporated)
Adobe Flash Player 26 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 26.0.0.137 - Adobe Systems Incorporated)
AI Suite II (HKLM-x32\...\{34D3688E-A737-44C5-9E2A-FF73618728E1}) (Version: 2.04.01 - ASUSTeK Computer Inc.)
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 9.0.000.8 - Advanced Micro Devices, Inc.)
Anki (HKLM-x32\...\Anki) (Version: - )
Apple Application Support (32-bit) (HKLM-x32\...\{E92BB800-BCC5-4C25-8102-AC2C3B7C7C1E}) (Version: 5.5 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{9C912B1E-06DD-43EF-BB2B-45CB2C88BAAE}) (Version: 5.5 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{52D87F32-70E4-4348-8148-C0B9F35B1314}) (Version: 2.3.0.177 - Apple Inc.)
Application Verifier (x64) (HKLM\...\{361A49FA-59B3-49FB-8C3E-08AF3EA5791A}) (Version: 4.0.917 - Microsoft Corporation)
Application Verifier x64 External Package (HKLM\...\{77F3D72C-465F-BD51-890E-CC3914B1365F}) (Version: 8.100.26936 - Microsoft) Hidden
Asmedia ASM106x SATA Host Controller Driver (HKLM-x32\...\{DF6C3726-7E53-4772-9763-E9F147769F51}) (Version: 3.1.6.0000 - Asmedia Technology)
Asmedia USB Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.16.42.1 - Asmedia Technology)
ASUS Boot Setting (HKLM-x32\...\{7AAE9187-C24F-4073-A951-36C370E7A3A5}) (Version: 1.00.18 - ASUSTeK Computer Inc.)
ASUS Essence STX II Audio Device (HKLM-x32\...\{1A01B996-F7F7-473C-9EA4-B22801713A83}) (Version: - ASUSTek Computer Inc.)
ASUS PC Diagnostics (HKLM-x32\...\{D709005F-D8DC-42A8-8435-5AE880ECAF82}) (Version: 1.3.4 - ASUSTeK Computer Inc.)
AutoHotkey 1.1.24.01 (HKLM\...\AutoHotkey) (Version: 1.1.24.01 - Lexikos)
Belarc Advisor 8.5c (HKLM-x32\...\Belarc Advisor) (Version: 8.5.3.0 - Belarc Inc.)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Box Sync (HKLM\...\{97F53AE8-A826-4D52-8776-3C9B2C3CE497}) (Version: 4.0.7828.0 - Box, Inc.)
Box Sync (HKLM-x32\...\{105b86f5-1c87-4b54-aa7d-326774504314}) (Version: 4.0.7702.0 - Box Inc.) Hidden
Brother MFL-Pro Suite MFC-L2740DW series (HKLM-x32\...\{F8ECC2FD-CE2B-4ED4-BDCC-90D0D34206FD}) (Version: 1.0.2.0 - Brother Industries, Ltd.)
Catalyst Control Center Next Localization BR (HKLM\...\{0AD642E5-E824-AA93-B974-25DF1D0065C3}) (Version: 2017.0704.1721.31196 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (HKLM\...\{94BE0AE6-CD76-9CFC-2CFB-846C7F07991B}) (Version: 2017.0704.1721.31196 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (HKLM\...\{CFD0FFAF-A6EC-D76E-6E42-D77B6CCBCF06}) (Version: 2017.0704.1721.31196 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (HKLM\...\{FFB78502-D22D-56C5-EC21-D1893029FA0E}) (Version: 2017.0704.1721.31196 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (HKLM\...\{2239F4A6-E0F6-0012-545B-D93F99366865}) (Version: 2017.0704.1721.31196 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (HKLM\...\{0271BC8D-CECB-ADEB-D228-577E00B37E7E}) (Version: 2017.0704.1721.31196 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (HKLM\...\{73571662-C11D-D713-87A7-E34DC9B0865B}) (Version: 2017.0704.1721.31196 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (HKLM\...\{112F60D3-9EAE-9172-1512-ED060C39BB0A}) (Version: 2017.0704.1721.31196 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (HKLM\...\{4E6DAA39-272A-6834-6AC0-4B76EBD9D468}) (Version: 2017.0704.1721.31196 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (HKLM\...\{88270124-6375-E407-67B7-414294DD41C0}) (Version: 2017.0704.1721.31196 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (HKLM\...\{62AF521B-448A-171C-0E37-EF1CC1717ECF}) (Version: 2017.0704.1721.31196 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (HKLM\...\{88F32161-4652-6669-32A1-EF7D82DCD1AF}) (Version: 2017.0704.1721.31196 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (HKLM\...\{8FB4D6B1-7416-BBC0-4783-C35C2583C80A}) (Version: 2017.0704.1721.31196 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (HKLM\...\{292C1718-4890-7666-729A-6005A3AD0C69}) (Version: 2017.0704.1721.31196 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (HKLM\...\{2E08CA87-F0A1-3124-3EA6-67CB20FCA1F1}) (Version: 2017.0704.1721.31196 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (HKLM\...\{B34212E6-FC87-266D-BAE5-CD7D35A75435}) (Version: 2017.0704.1721.31196 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (HKLM\...\{14A1A479-B76E-6718-CCA7-D6AC7AA62CEE}) (Version: 2017.0704.1721.31196 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (HKLM\...\{E198BEB9-7D8A-8651-B293-882F92E4661A}) (Version: 2017.0704.1721.31196 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (HKLM\...\{488CE063-B047-778C-CD25-6CAE88FE9110}) (Version: 2017.0704.1721.31196 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (HKLM\...\{433CFA98-CC3D-8A78-CB6D-57CC625469F1}) (Version: 2017.0704.1721.31196 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (HKLM\...\{FC983E65-D8D0-078E-F1D1-77E7B56FAD3C}) (Version: 2017.0704.1721.31196 - Advanced Micro Devices, Inc.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.10 - Piriform)
CDBurnerXP (HKLM\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.7.6229 - CDBurnerXP)
ClamWin Free Antivirus 0.99.1 (HKLM-x32\...\ClamWin Free Antivirus_is1) (Version: - alch)
Classic Shell (HKLM\...\{383BB30A-B4A7-4666-9A83-22CFA8640097}) (Version: 4.3.0 - IvoSoft)
Corel Graphics - Windows Shell Extension (HKLM\...\_{340C451C-F2FD-4309-B259-580FD5E44025}) (Version: 18.1.0.661 - Corel Corporation)
Corel Graphics - Windows Shell Extension (HKLM\...\{340C451C-F2FD-4309-B259-580FD5E44025}) (Version: 18.1.661 - Corel Corporation) Hidden
Corel Graphics - Windows Shell Extension 32 Bit Keys (HKLM\...\{B86D7255-2418-45F1-A36F-7E1FF617550C}) (Version: 18.1.661 - Corel Corporation) Hidden
Corel Update Manager (HKLM\...\{B8C05FFE-C36F-4F17-AD20-739E4BC65AC9}) (Version: 2.3.170 - Corel corporation) Hidden
CorelDRAW Graphics Suite X8 - Capture (x64) (HKLM\...\{1253ED86-69FD-4A7B-BDF2-96A522583A88}) (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - Common (x64) (HKLM\...\{72922AB6-F920-4C98-985D-EC90CE0918D4}) (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - Connect (x64) (HKLM\...\{9782A612-03A7-488F-A598-33558163D8F8}) (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - Custom Data (x64) (HKLM\...\{02C85FBD-87D3-4352-BF2E-AFE897CD5559}) (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - Draw (x64) (HKLM\...\{A66E09BB-9892-421D-9EB9-311D12AA5244}) (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - EN (x64) (HKLM\...\{A0845CAD-ED13-46A4-A050-5ACE4631FDEC}) (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - Filters (x64) (HKLM\...\{6E6D1438-33CC-413B-BC96-3497B1271CDD}) (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - Font Manager (x64) (HKLM\...\{5FB5FF89-0938-49D9-850B-53B78B84A7E4}) (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - IPM Content (x64) (HKLM\...\{FB081BA0-08D2-4C8C-9E55-788A90430BE3}) (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - IPM T (x64) (HKLM\...\{A040C72A-0ADC-4FB9-9DB4-19B18F6053F1}) (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - PHOTO-PAINT (x64) (HKLM\...\{04D8C47E-C0FE-4CA5-8878-91ECD9552109}) (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - Redist (x64) (HKLM\...\{50D1BD2D-6D8C-45A8-9DB5-CDAB7227DB36}) (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - Setup Files (x64) (HKLM\...\{4B3FC55D-E999-4BEC-AF29-1091E574961F}) (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - VBA (x64) (HKLM\...\{48DD8181-A983-447B-9660-A55A935CA751}) (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - VideoBrowser (x64) (HKLM\...\{81EBD8D4-9142-4D33-BF34-D99EFC1180F5}) (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - Workspaces (x64) (HKLM\...\{1D4B870D-A5A8-4B88-9520-ED8EFD545AA1}) (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - Writing Tools (x64) (HKLM\...\{23A2ABD8-8231-48AD-AD71-FF0566A7DD8F}) (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 (64-Bit) (HKLM\...\_{4B3FC55D-E999-4BEC-AF29-1091E574961F}) (Version: 18.1.0.661 - Corel Corporation)
CorelDRAW Graphics Suite X8 (HKLM\...\{AFBFA0AC-1173-4C13-B9DC-5CF211EB50DF}) (Version: 18.1 - Corel Corporation) Hidden
CPUID CPU-Z 1.69.2 (HKLM\...\CPUID CPU-Z_is1) (Version: - )
CrashPlan (HKLM\...\{82DD9B45-C8B7-4786-A733-4D76CA572AA6}) (Version: 4.8.3.15 - Code 42 Software)
Crucial Storage Executive (HKU\S-1-5-21-3726862377-2586928099-1968672737-1000\...\Crucial Storage Executive 3.43.032017.05) (Version: 3.43.032017.05 - Crucial)
CryptoPrevent (HKLM-x32\...\{5C5B24E7-4694-4049-A222-CCE7D3FAC63F}_is1) (Version: 8.0.4.2 - Foolish IT LLC)
CrystalDiskInfo 7.0.0 (HKLM-x32\...\CrystalDiskInfo_is1) (Version: 7.0.0 - Crystal Dew World)
CrystalDiskMark 5.1.0 (HKLM\...\CrystalDiskMark5_is1) (Version: 5.1.0 - Crystal Dew World)
Debugging Tools for Windows (x64) (HKLM\...\{7F2E5C3B-DBDF-469D-AD8D-F686D3B71176}) (Version: 6.11.1.404 - Microsoft Corporation)
DisplayFusion 8.1.2 (HKLM-x32\...\B076073A-5527-4f4f-B46B-B10692277DA2_is1) (Version: 8.1.2.0 - Binary Fortress Software)
Dropbox (HKLM-x32\...\Dropbox) (Version: 30.4.22 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.59.1 - Dropbox, Inc.) Hidden
EaseUS Partition Master 11.9 Trial Edition (HKLM-x32\...\EaseUS Partition Master Trial Edition_is1) (Version: - EaseUS)
EMET 5.51 (HKLM-x32\...\{A8608E0F-56B8-465C-A762-86D68FF4FC72}) (Version: 5.51 - Microsoft Corporation)
FastCheck (remove only) (HKLM-x32\...\FastCheck) (Version: - )
FileMarker.NET Free v 1.0 (HKLM\...\{A5A0E0B5-578C-43CE-B201-1C01A0388DA9}_is1) (Version: 1.0 - ArcticLine Software)
FileZilla Client 3.21.0 (HKU\S-1-5-21-3726862377-2586928099-1968672737-1000\...\FileZilla Client) (Version: 3.21.0 - Tim Kosse)
Firefox Developer Edition 55.0 (x64 en-US) (HKLM\...\Firefox Developer Edition 55.0 (x64 en-US)) (Version: 55.0 - Mozilla)
Folder Options X (HKLM\...\Folder Options X_is1) (Version: 1.6.0.0 - T800 Productions)
Fraps (HKLM-x32\...\Fraps) (Version: - )
Ghostscript GPL 8.64 (Msi Setup) (HKLM-x32\...\_{06CD45E6-FF5E-4D8E-BC01-B276A90DADF2}) (Version: 8.64 - Corel Corporation)
Ghostscript GPL 8.64 (Msi Setup) (HKLM-x32\...\{06CD45E6-FF5E-4D8E-BC01-B276A90DADF2}) (Version: 8.64 - Corel Corporation) Hidden
GnuCash 2.6.13 (HKLM-x32\...\GnuCash_is1) (Version: - GnuCash Development Team)
Google Chrome (HKLM-x32\...\{DC7D9EC9-2AD1-33A7-92CF-5F5051E62843}) (Version: 59.0.3071.115 - Google, Inc.)
Google Drive (HKLM-x32\...\{A1238426-ECDF-4639-BE2F-8D12A97AE23C}) (Version: 2.34.5075.1619 - Google, Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.5 - Google Inc.) Hidden
HD Tune Pro 5.60 (HKLM-x32\...\HD Tune Pro_is1) (Version: - EFD Software)
HP Officejet Pro 8600 Basic Device Software (HKLM\...\{791A06E2-340F-43B0-8FAB-62D151339362}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HWiNFO32 Version 5.42 (HKLM-x32\...\HWiNFO32_is1) (Version: 5.42 - Martin Malík - REALiX)
HWiNFO64 Version 5.54 (HKLM\...\HWiNFO64_is1) (Version: 5.54 - Martin Malík - REALiX)
iCloud (HKLM\...\{5B1A59DA-D1EC-4C3A-A996-DF011A0A9668}) (Version: 6.2.2.39 - Apple Inc.)
Intel(R) C++ Redistributables for Windows* on Intel(R) 64 (HKLM-x32\...\{D2437C5C-2D8C-40D2-8059-689AD7239FA3}) (Version: 11.1.048 - Intel Corporation)
Java 8 Update 131 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180131F0}) (Version: 8.0.1310.11 - Oracle Corporation)
Java 8 Update 131 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180131F0}) (Version: 8.0.1310.11 - Oracle Corporation)
KeePass Password Safe 1.32 (HKLM-x32\...\KeePass Password Safe_is1) (Version: 1.32 - Dominik Reichl)
KeePass Password Safe 2.35 (HKLM-x32\...\KeePassPasswordSafe2_is1) (Version: 2.35 - Dominik Reichl)
Kits Configuration Installer (HKLM-x32\...\{0C05DE52-2C77-D6FA-A561-D508CF5FC96E}) (Version: 10.1.15063.137 - Microsoft) Hidden
Kits Configuration Installer (HKLM-x32\...\{B74E65FD-CC47-41C5-4B89-791A3F61942D}) (Version: 8.100.25984 - Microsoft) Hidden
Last.fm Scrobbler 2.1.36 (HKLM-x32\...\LastFM_is1) (Version: - Last.fm)
LatencyMon 6.51 (HKLM\...\LatencyMon_is1) (Version: - Resplendence Software Projects Sp.)
LocalGPO (HKLM-x32\...\{4EB3D065-D437-43AC-823F-E3861B41B442}) (Version: 2.5.40.0 - Microsoft Corporation)
Logitech Webcam Software (HKLM\...\{D4DF3FD3-4467-47EF-8D4A-AF1E691E34F5}) (Version: 12.00.1280 - Logitech Inc.)
Logitech Webcam Software Driver Package (HKLM\...\lvdrivers_12.0) (Version: 12.0.1278 - Logitech Inc.)
Malwarebytes version 3.1.2.1733 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.1.2.1733 - Malwarebytes)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (HKLM-x32\...\{D1D37853-0004-3E36-A7AA-74F4EEA35F64}) (Version: 4.5.50930 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 SDK (HKLM-x32\...\{19A5926D-66E1-46FC-854D-163AA10A52D3}) (Version: 4.5.51641 - Microsoft Corporation)
Microsoft .NET Framework 4.7 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.02053 - Microsoft Corporation)
Microsoft Document Explorer 2008 (HKLM-x32\...\Microsoft Document Explorer 2008) (Version: - Microsoft Corporation)
Microsoft IntelliPoint 8.2 (HKLM\...\Microsoft IntelliPoint 8.2) (Version: 8.20.468.0 - Microsoft Corporation)
Microsoft Office 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 16.0.8229.2073 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3726862377-2586928099-1968672737-1000\...\OneDriveSetup.exe) (Version: 17.3.6917.0607 - Microsoft Corporation)
Microsoft Robocopy GUI (HKLM-x32\...\{107C666F-63C5-4263-8D40-8B9CFB5FED08}) (Version: 1.0.0 - Microsoft)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{4FFA2088-8317-3B14-93CD-4C699DB37843}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{3C3D696B-0DB7-3C6D-A356-3DB8CE541918}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24123 (HKLM-x32\...\{2cbcedbb-f38c-48a3-a3e1-6c6fd821a7f4}) (Version: 14.0.24123.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24123 (HKLM-x32\...\{206898cc-4b41-4d98-ac28-9f9ae57f91fe}) (Version: 14.0.24123.0 - Microsoft Corporation)
Microsoft Visual C++ Compilers 2008 Standard Edition - enu - x64 (HKLM\...\{965DF723-5688-359E-84D2-417CAFE644B5}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ Compilers 2008 Standard Edition - enu - x86 (HKLM-x32\...\{44D9A2CB-0692-3180-B5E2-26F4E807D067}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2015 (HKLM-x32\...\{dd8b09df-3ef8-49f1-bd1a-65278435860b}) (Version: 14.0.23217 - Microsoft Corporation)
Microsoft Windows SDK for Windows 7 (7.0) (HKLM\...\SDKSetup_7.0.7600.16385.40715) (Version: 7.0.7600.16385.40715 - Microsoft Corporation)
MirrorFolder 5.1.320.152 (Retail) (HKLM\...\ce876f80-8a31-11d4-b9d2-002018382069_is1) (Version: 5.1.320.152 - Techsoft)
Mozilla Firefox 53.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 53.0 (x86 en-US)) (Version: 53.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 55.0.0.6400 - Mozilla)
Mozilla Thunderbird 45.7.0 (x86 en-US) (HKLM-x32\...\Mozilla Thunderbird 45.7.0 (x86 en-US)) (Version: 45.7.0 - Mozilla)
Mp3 Volumer v1.3 (HKLM-x32\...\Mp3 Volumer_is1) (Version: 1.3.0.0 - Mp3 Volumer)
MSI Afterburner 4.3.0 (HKLM-x32\...\Afterburner) (Version: 4.3.0 - MSI Co., LTD)
MSI Development Tools (HKLM-x32\...\{CF3A1CA6-5E5E-B4BD-6CF1-363056816CA2}) (Version: 8.100.26898 - Microsoft Corporation) Hidden
Mumble 1.2.17 (HKLM-x32\...\{95A0093C-0C81-4D0B-BCA7-3CE11755A6BD}) (Version: 1.2.17 - Thorvald Natvig)
Notepad++ (32-bit x86) (HKLM-x32\...\Notepad++) (Version: 7.2.2 - Notepad++ Team)
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 19.0.3 - OBS Project)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.8229.2073 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.8229.2073 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.8229.2073 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0409-0000-0000000FF1CE}) (Version: 16.0.8201.2075 - Microsoft Corporation) Hidden
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
Opera 12.17 (HKLM-x32\...\Opera 12.17.1863) (Version: 12.17.1863 - Opera Software ASA)
Opera Stable 42.0.2393.517 (HKU\S-1-5-21-3726862377-2586928099-1968672737-1000\...\Opera 42.0.2393.517) (Version: 42.0.2393.517 - Opera Software)
ownCloud (HKLM-x32\...\ownCloud) (Version: 2.3.2.6928 - ownCloud)
Pandora (HKLM-x32\...\{CF73D1C4-4D78-890A-BF35-E275B96E678E}) (Version: 2.0.10 - Pandora Media, Inc) Hidden
Pandora (HKLM-x32\...\com.pandora.desktop.66F690BC77738C95E986E1B4A197193F28756A21.1) (Version: 2.0.10 - Pandora Media, Inc)
PerformanceTest v9.0 (HKLM\...\PerformanceTest 9_is1) (Version: 9.0.1011.0 - Passmark Software)
PlaysTV (HKLM-x32\...\PlaysTV) (Version: 1.12.5-r114891-release - Plays.tv, LLC)
Rainlendar2 (remove only) (HKLM-x32\...\Rainlendar2) (Version: - )
Rainmeter (HKLM-x32\...\Rainmeter) (Version: 3.3.2 r2609 - )
RAPID Mode (HKLM\...\{4B94C023-022A-4271-A1D6-744ABE74D220}) (Version: 1.0.0.97 - Samsung Electronics Co., Ltd.) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.67.1226.2012 - Realtek)
Recuva (HKLM\...\Recuva) (Version: 1.53 - Piriform)
Resource Hacker Version 4.5.30 (HKLM-x32\...\ResourceHacker_is1) (Version: - )
RivaTuner Statistics Server 6.5.0 (HKLM-x32\...\RTSS) (Version: 6.5.0 - Unwinder)
RocketDock 1.3.5 (HKLM-x32\...\RocketDock_is1) (Version: - Punk Software)
RSSOwl (HKLM-x32\...\RSSOwl) (Version: - )
Samsung Magician (HKLM-x32\...\{29AE3F9F-7158-4ca7-B1ED-28A73ECDB215}_is1) (Version: 5.0.0.790 - Samsung Electronics)
SDK Debuggers (HKLM-x32\...\{9274C832-3D8A-A294-FDE8-8B9272357098}) (Version: 8.100.26936 - Microsoft Corporation) Hidden
SDK Debuggers (HKLM-x32\...\{940B2629-5671-B98E-C28F-6F5F9EABF1DE}) (Version: 10.1.15063.137 - Microsoft Corporation) Hidden
SeaTools for Windows 1.4.0.4 (HKLM-x32\...\SeaTools for Windows) (Version: 1.4.0.4 - Seagate Technology)
Skype™ 7.26 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.26.101 - Skype Technologies S.A.)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version: - )
Spotify (HKU\S-1-5-21-3726862377-2586928099-1968672737-1000\...\Spotify) (Version: 1.0.57.474.gca9c9538 - Spotify AB)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1) (Version: 1.6.2 - Safer Networking Limited)
SSDlife Pro (HKLM-x32\...\{6F104B6D-535A-4D27-9A11-8525368AEB1F}) (Version: 2.5.82 - BinarySense Inc.)
Stardock Fences 2 (HKLM-x32\...\Stardock Fences 2) (Version: 2.13 - Stardock Software, Inc.)
swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Symantec Endpoint Protection (HKLM\...\{C2103AF2-E66C-446B-9791-9207840EC821}) (Version: 12.1.2015.2015 - Symantec Corporation)
SyncTrayzor (x64) version 1.1.16.0 (HKLM\...\{c004dcef-b848-46a5-9c30-4dbf736396fa}_is1) (Version: 1.1.16.0 - SyncTrayzor)
TeamViewer 11 (HKLM-x32\...\TeamViewer) (Version: 11.0.66695 - TeamViewer)
TeleTech SIP (HKLM-x32\...\{44F7A4BB-C5D7-4608-8460-DEA9F36475D0}) (Version: 35.7.3858 - TeleTech)
TeleTech WB Agent Monitor Client (HKLM-x32\...\TeleTech WBAgentMonitorClient) (Version: 1.0.0.0 - TeleTech)
TeleTech WB ISA (HKLM-x32\...\TeleTech ISA) (Version: 2.0.4.0 - TeleTech)
TeleTech WB Launch Sip (HKLM-x32\...\TeleTech LaunchSip) (Version: 1.0.4.0 - TeleTech)
TeleTech WB Launch VDI (HKLM-x32\...\TeleTech LaunchVDI) (Version: 1.0.4.0 - TeleTech)
TeleTech WB Launcher (HKLM-x32\...\TeleTech WBLauncher) (Version: 1.2.4.0 - TeleTech)
TeleTech WB Project Messages (HKLM-x32\...\TeleTech WBProjectMessages) (Version: 1.2.3.0 - TeleTech)
TeleTech WB URT Audio (HKLM-x32\...\TeleTech AudioURT) (Version: 1.2.7.0 - TeleTech)
TeleTech WB URT Express (HKLM-x32\...\TeleTech URTExpress) (Version: 1.2.0.0 - TeleTech)
TeleTech WB VNC (HKLM-x32\...\TeleTech WB VNC) (Version: 3.0.0.0 - TeleTech)
Todoist (HKLM-x32\...\{B1B3C79A-FFD9-4B28-A456-62B6E55E2A5C}_is1) (Version: 2.7.2.0 - Doist Ltd.)
Transmission 2.92 (14714) (x64) (HKLM\...\{E2B281FA-6236-4F0D-B710-ECDB6B60EB5E}) (Version: 2.92.0 - Transmission Project)
Vivaldi (HKU\S-1-5-21-3726862377-2586928099-1968672737-1000\...\Vivaldi) (Version: 1.8.770.50 - Vivaldi)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.4 - VideoLAN)
VMware Horizon Client (HKLM\...\{417E585F-77D0-4B0E-8C39-B1069491D56A}) (Version: 3.1.0.21879 - VMware, Inc.)
VPNSecure.me Client 2.0.9 (HKLM\...\{6C5A0307-2A93-448D-A3F2-BCEA2EFF560D}_is1) (Version: - VPNSecure.me)
Vulkan Run Time Libraries 1.0.17.0 (HKLM\...\VulkanRT1.0.17.0) (Version: 1.0.17.0 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.37.0 (HKLM\...\VulkanRT1.0.37.0) (Version: 1.0.37.0 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.39.1 (HKLM\...\VulkanRT1.0.39.1) (Version: 1.0.39.1 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.39.1 (HKLM\...\VulkanRT1.0.39.1-3) (Version: 1.0.39.1 - LunarG, Inc.)
Windows Software Development Kit - Windows 10.0.14393.33 (HKLM-x32\...\{f23f94c5-8bba-4202-85ad-c83d4402cdc1}) (Version: 10.1.14393.33 - Microsoft Corporation)
Windows Software Development Kit for Windows 8.1 (HKLM-x32\...\{ed3a6e6d-9661-4357-abe4-fcc03dc57a07}) (Version: 8.100.26936 - Microsoft Corporation)
Windows Style Builder (HKLM-x32\...\{AFDF950D-3814-4F98-B66F-8C286A69F405}) (Version: 1.5.03 - AveApps)
WinRAR 5.40 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH)
WirelessMon V4.0 (HKLM-x32\...\WirelessMon_is1) (Version: - PassMark Software ®)
WPT Redistributables (HKLM-x32\...\{64F3FB9A-9250-B2D6-00B4-50BE0358AEE8}) (Version: 8.100.26936 - Microsoft) Hidden
WPT Redistributables (HKLM-x32\...\{6704BD92-2F42-FE2F-AF4E-5C9D6666C75E}) (Version: 10.1.14393.33 - Microsoft) Hidden
WPTx64 (HKLM-x32\...\{3F61608E-AB68-04B1-82FF-95799F5D01CA}) (Version: 10.1.14393.33 - Microsoft) Hidden
WPTx64 (HKLM-x32\...\{BFF81CB5-E8C7-4184-FBB4-74ADFBC6CCCB}) (Version: 8.100.26936 - Microsoft) Hidden
Xmarks for IE (HKLM-x32\...\{41DFCF45-5ECA-41A5-9329-FFA8E0181AC5}) (Version: 127.0.190 - Xmarks)
Zoom (HKU\S-1-5-21-3726862377-2586928099-1968672737-1000\...\ZoomUMX) (Version: 4.0 - Zoom Video Communications, Inc.)
Zune (HKLM\...\Zune) (Version: 04.08.2345.00 - Microsoft Corporation)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers: [ BoxSyncFileLocked] -> {b1fa9e01-7517-3f4c-a33f-fdd93b2efbac} => -> No File
ShellIconOverlayIdentifiers: [ BoxSyncFileLockedByOther] -> {dd83d621-d900-3610-a9d0-1c6be1df90c8} => -> No File
ShellIconOverlayIdentifiers: [ BoxSyncNotSynced] -> {b7ab37bd-fa8d-36e9-95c1-bd0047047a8f} => -> No File
ShellIconOverlayIdentifiers: [ BoxSyncProblem] -> {e04571d0-2dee-3072-ac0e-0f0d1cd77a77} => -> No File
ShellIconOverlayIdentifiers: [ BoxSyncSynced] -> {74de99c4-7ea6-3e59-b118-1a4e7bb95bf8} => -> No File
ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.17.0.dll [2017-07-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.17.0.dll [2017-07-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.17.0.dll [2017-07-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.17.0.dll [2017-07-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.17.0.dll [2017-07-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.17.0.dll [2017-07-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.17.0.dll [2017-07-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.17.0.dll [2017-07-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.17.0.dll [2017-07-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.17.0.dll [2017-07-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2017-03-21] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2017-03-21] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2017-03-21] (Google)
ShellIconOverlayIdentifiers: [ OCError] -> {0960F090-F328-48A3-B746-276B1E3C3722} => C:\Cloud\ownCloud\shellext\OCOverlays_x64.dll [2017-01-25] (ownCloud Inc.)
ShellIconOverlayIdentifiers: [ OCOK] -> {0960F092-F328-48A3-B746-276B1E3C3722} => C:\Cloud\ownCloud\shellext\OCOverlays_x64.dll [2017-01-25] (ownCloud Inc.)
ShellIconOverlayIdentifiers: [ OCOKShared] -> {0960F093-F328-48A3-B746-276B1E3C3722} => C:\Cloud\ownCloud\shellext\OCOverlays_x64.dll [2017-01-25] (ownCloud Inc.)
ShellIconOverlayIdentifiers: [ OCSync] -> {0960F094-F328-48A3-B746-276B1E3C3722} => C:\Cloud\ownCloud\shellext\OCOverlays_x64.dll [2017-01-25] (ownCloud Inc.)
ShellIconOverlayIdentifiers: [ OCWarning] -> {0960F096-F328-48A3-B746-276B1E3C3722} => C:\Cloud\ownCloud\shellext\OCOverlays_x64.dll [2017-01-25] (ownCloud Inc.)
ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2016-07-30] (IvoSoft)
ShellIconOverlayIdentifiers-x32: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.17.0.dll [2017-07-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.17.0.dll [2017-07-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.17.0.dll [2017-07-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.17.0.dll [2017-07-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.17.0.dll [2017-07-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.17.0.dll [2017-07-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.17.0.dll [2017-07-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.17.0.dll [2017-07-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.17.0.dll [2017-07-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.17.0.dll [2017-07-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer32.dll [2016-07-30] (IvoSoft)
ContextMenuHandlers01: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Development\7zip\7-zip.dll [2016-05-21] (Igor Pavlov)
ContextMenuHandlers01: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat Elements\ContextMenuShim64.dll [2012-09-23] (Adobe Systems Inc.)
ContextMenuHandlers01: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Development\Notepad++\NppShell_06.dll [2016-11-27] ()
ContextMenuHandlers01: [BoxContextMenuClient] -> {61d424f1-b6db-3755-a3bd-7e2b2230c833} => C:\Windows\system32\mscoree.dll [2010-11-20] (Microsoft Corporation)
ContextMenuHandlers01: [ClamWin] -> {65713842-C410-4f44-8383-BFE01A398C90} => C:\Program Files (x86)\ClamWin\bin\ExpShell64.dll [2008-04-19] ()
ContextMenuHandlers01: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.17.0.dll [2017-07-12] (Dropbox, Inc.)
ContextMenuHandlers01: [FencesShellExt] -> {1984DD45-52CF-49cd-AB77-18F378FEA264} => C:\Development\Modifications\Stardock\Fences\FencesMenu64.dll [2016-09-15] (Stardock)
ContextMenuHandlers01: [File Marker] -> {B70B7A24-5180-4092-B3BA-6266F914C053} => C:\Development\Modifications\FileMarker.NET\FileMarkerShlExt64.dll [2013-11-01] (ArcticLine Software)
ContextMenuHandlers01: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files (x86)\Google\Drive\contextmenu64.dll [2017-03-21] (Google)
ContextMenuHandlers01: [LDVPMenu] -> {8BEEE74D-455E-4616-A97A-F6E86C317F32} => C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\12.1.2015.2015.105\Bin64\vpshell2.dll [2012-11-03] (Symantec Corporation)
ContextMenuHandlers01: [PhotoStreamsExt] -> {89D984B3-813B-406A-8298-118AFA3A22AE} => C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll [2017-05-09] (Apple Inc.)
ContextMenuHandlers01: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Development\WinRAR\rarext.dll [2016-08-15] (Alexander Roshal)
ContextMenuHandlers02: [LDVPMenu] -> {8BEEE74D-455E-4616-A97A-F6E86C317F32} => C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\12.1.2015.2015.105\Bin64\vpshell2.dll [2012-11-03] (Symantec Corporation)
ContextMenuHandlers03: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-05-09] (Malwarebytes)
ContextMenuHandlers03: [OCContextMenuHandler] -> {841A0AAD-AA11-4B50-84D9-7F8E727D77D7} => C:\Cloud\ownCloud\shellext\OCContextMenu_x64.dll [2017-01-25] (ownCloud Inc.)
ContextMenuHandlers04: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Development\7zip\7-zip.dll [2016-05-21] (Igor Pavlov)
ContextMenuHandlers04: [BoxContextMenuClient] -> {61d424f1-b6db-3755-a3bd-7e2b2230c833} => C:\Windows\system32\mscoree.dll [2010-11-20] (Microsoft Corporation)
ContextMenuHandlers04: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.17.0.dll [2017-07-12] (Dropbox, Inc.)
ContextMenuHandlers04: [FencesShellExt] -> {1984DD45-52CF-49cd-AB77-18F378FEA264} => C:\Development\Modifications\Stardock\Fences\FencesMenu64.dll [2016-09-15] (Stardock)
ContextMenuHandlers04: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files (x86)\Google\Drive\contextmenu64.dll [2017-03-21] (Google)
ContextMenuHandlers05: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files\AMD\CNext\CNext\atiacm64.dll [2017-07-04] (Advanced Micro Devices, Inc.)
ContextMenuHandlers05: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.17.0.dll [2017-07-12] (Dropbox, Inc.)
ContextMenuHandlers05: [FencesShellExt] -> {1984DD45-52CF-49cd-AB77-18F378FEA264} => C:\Development\Modifications\Stardock\Fences\FencesMenu64.dll [2016-09-15] (Stardock)
ContextMenuHandlers06: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Development\7zip\7-zip.dll [2016-05-21] (Igor Pavlov)
ContextMenuHandlers06: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat Elements\ContextMenuShim64.dll [2012-09-23] (Adobe Systems Inc.)
ContextMenuHandlers06: [ClamWin] -> {65713842-C410-4f44-8383-BFE01A398C90} => C:\Program Files (x86)\ClamWin\bin\ExpShell64.dll [2008-04-19] ()
ContextMenuHandlers06: [FencesShellExt] -> {1984DD45-52CF-49cd-AB77-18F378FEA264} => C:\Development\Modifications\Stardock\Fences\FencesMenu64.dll [2016-09-15] (Stardock)
ContextMenuHandlers06: [LDVPMenu] -> {8BEEE74D-455E-4616-A97A-F6E86C317F32} => C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\12.1.2015.2015.105\Bin64\vpshell2.dll [2012-11-03] (Symantec Corporation)
ContextMenuHandlers06: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-05-09] (Malwarebytes)
ContextMenuHandlers06: [MirrorFolder] -> {FCE43568-EE84-495e-AE64-49C9BB8C5712} => C:\Cloud\MirrorFolder\mfshlext.dll [2016-10-06] (Techsoft)
ContextMenuHandlers06: [StartMenuExt] -> {E595F05F-903F-4318-8B0A-7F633B520D2B} => C:\Windows\system32\StartMenuHelper64.dll [2016-07-30] (IvoSoft)
ContextMenuHandlers06: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Development\WinRAR\rarext.dll [2016-08-15] (Alexander Roshal)
ContextMenuHandlers1_S-1-5-21-3726862377-2586928099-1968672737-1000: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> No File
ContextMenuHandlers4_S-1-5-21-3726862377-2586928099-1968672737-1000: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> No File
ContextMenuHandlers5_S-1-5-21-3726862377-2586928099-1968672737-1000: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> No File

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {096A8DD6-8B74-4DD5-8298-BF633E624E24} - System32\Tasks\{BDF447E2-B423-4966-AF50-E7294BC82740} => pcalua.exe -a C:\Users\owner\Downloads\vcredist_x64.exe -d C:\Users\owner\Downloads
Task: {0B399BD5-5BD9-40A3-BDE1-219266451ABC} - System32\Tasks\ASUS\ASUS DigiPowerControl Help => C:\Development\ASUS\AI Suite II\DIGI+ Power Control\PowerControlHelp.exe [2013-01-14] (ASUSTeK Computer Inc.)
Task: {14AF7ED1-B64A-4B21-83C1-78EA9A43A929} - System32\Tasks\SamsungMagician => C:\Development\Samsung\Samsung Magician\SamsungMagician.exe [2016-11-23] (Samsung Electronics Co. Ltd.)
Task: {15C120F0-0ADF-44EB-B34F-45003EDAA79F} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-06-23] (Microsoft Corporation)
Task: {38632AD8-90B0-4A65-833F-B42EC6583753} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-09-04] (Dropbox, Inc.)
Task: {3D5D503A-7E05-42BC-BA97-9F84AD7ADC54} - System32\Tasks\SSDlife => C:\Development\Monitors\BinarySense\SSDlife\ssdlife.exe [2015-04-09] (Binarysense)
Task: {427B6808-518B-44A6-83E6-8A53BC0E2086} - System32\Tasks\MSIAfterburner => C:\Development\MSI Afterburner\MSIAfterburner.exe [2016-10-24] ()
Task: {4D994A38-2E27-42E4-A360-CD775CDDB553} - System32\Tasks\Opera scheduled Autoupdate 1474638353 => C:\Apps\Opera\launcher.exe [2017-01-26] (Opera Software)
Task: {4DCD3B65-3FB0-4C28-B1FE-F4759C56BC82} - System32\Tasks\CCleanerSkipUAC => C:\Apps\CClean\CCleaner.exe [2015-09-16] (Piriform Ltd)
Task: {59914E6F-A2AB-4EF5-A949-BDBD09CF1ADF} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-09-05] (Google Inc.)
Task: {67020383-249B-4FA6-9F91-43F4B6F062C9} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_26_0_0_137_pepper.exe [2017-07-12] (Adobe Systems Incorporated)
Task: {67388129-9435-4F6A-82BF-2E6BE007EAD7} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2017-07-06] ()
Task: {67E7B75C-B1A8-4F46-BDAC-04F1C5B639C4} - System32\Tasks\CorelUpdateHelperTaskCore => c:\Program Files (x86)\Corel\CUH\v2\CUH.exe [2017-05-29] (Corel Corporation)
Task: {6AF628B7-89EF-4334-AF11-BB4382B67B04} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2017-02-14] (Apple Inc.)
Task: {772F1A8E-5175-4B88-A750-C544BC314C2C} - System32\Tasks\Dropbox => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [2017-07-12] (Dropbox, Inc.)
Task: {7821E8E5-A9BA-4377-AE8E-A14F85639DD3} - System32\Tasks\Microsoft_Hardware_Launch_IPoint_exe => C:\Program Files\Microsoft IntelliPoint\IPoint.exe [2011-08-01] (Microsoft Corporation)
Task: {7E76A6E1-4D1B-4E9C-BF12-8194311E048A} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2017-07-06] ()
Task: {87DF1D5E-2F2F-4B2F-91B5-AE74E518E8FF} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-09-04] (Dropbox, Inc.)
Task: {93822EDA-6EAF-45C9-8D68-EF64ADFF3545} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-07-12] (Adobe Systems Incorporated)
Task: {973134A2-C06A-4343-8B21-3686317ED797} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-06-23] (Microsoft Corporation)
Task: {9912DC1F-9151-4667-9F97-E501EEEC4CB0} - System32\Tasks\CrystalDiskInfo => C:\Apps\CrystalDiskInfo\DiskInfo32.exe [2016-06-20] (Crystal Dew World)
Task: {9FE56F47-49FF-403C-9F19-DDC76B7167AA} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [2017-07-04] (Advanced Micro Devices, Inc.)
Task: {A1FBCEDE-A3BF-4200-99F8-00744D62F123} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2017-07-06] (Microsoft Corporation)
Task: {B6F98C2D-F697-432F-B8BE-ED31B68518E2} - System32\Tasks\ASUS\USB 3.0 Boost Service => C:\Development\ASUS\AI Suite II\USB 3.0 Boost\U3BoostSvr.exe [2011-09-09] ()
Task: {C2E95170-754D-444D-A6A7-2B3B99F4B9A0} - System32\Tasks\ASUS\ASUS AI Suite II Execute => C:\Development\ASUS\AI Suite II\AsRoutineController.exe [2012-03-13] (ASUSTeK Computer Inc.)
Task: {CA132C98-6CDF-4A09-A563-26ABE0BF8F01} - System32\Tasks\OneDrive Standalone Update Task v2 => %localappdata%\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe
Task: {D5B1119B-9AD9-4DCA-A5D6-5AD5E5D87BF3} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-09-05] (Google Inc.)
Task: {E91F3989-7B1E-4A12-9614-27688D5AFC23} - System32\Tasks\HWiNFO => C:\Program Files (x86)\HWiNFO32\HWiNFO32.EXE [2016-12-22] (REALiX)
Task: {ECF2856F-C40C-41E3-9A70-19AD64B985AF} - System32\Tasks\CrashPlan => C:\Program Files\CrashPlan\CrashPlanTray.exe [2017-06-08] (Code 42 Software, Inc.)
Task: {EE248EB0-A239-4F7D-B9BA-5C049E3ED09F} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-04-25] (Adobe Systems Incorporated)
Task: {F084045D-E845-49DE-8C98-6516FF9EF047} - System32\Tasks\{A4A608BD-01E0-4731-992B-18FA32218390} => pcalua.exe -a "H:\applications\Seagate Expansion\Setup.exe" -d "H:\applications\Seagate Expansion"
Task: {FD025CE0-B35F-440F-ADEE-F740551144EA} - System32\Tasks\AHK_shortcuts => C:\Users\owner\Documents\auto hot key\AHK_shortcuts.ahk [2017-01-08] ()

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\d249d9ddd424b688\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default

==================== Loaded Modules (Whitelisted) ==============

2015-08-04 00:25 - 2015-08-04 00:25 - 00214528 _____ () C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Container.PerformanceTuning.dll
2014-02-11 07:08 - 2014-02-11 07:08 - 00817152 _____ () C:\Program Files\AMD\ATI.ACE\Fuel\Device.dll
2014-02-11 07:08 - 2014-02-11 07:08 - 03650560 _____ () C:\Program Files\AMD\ATI.ACE\Fuel\Platform.dll
2017-06-08 18:37 - 2017-06-08 18:37 - 00014848 _____ () C:\Program Files\CrashPlan\md564.dll
2017-06-08 18:37 - 2017-06-08 18:37 - 00238592 _____ () \\?\C:\Program Files\CrashPlan\cpnative64.dll
2017-06-08 18:37 - 2017-06-08 18:37 - 00082432 _____ () \\?\C:\Program Files\CrashPlan\c42archive64.dll
2017-06-08 18:37 - 2017-06-08 18:37 - 00484864 _____ () \\?\C:\Program Files\CrashPlan\libleveldb64.dll
2017-03-20 18:23 - 2005-04-22 00:36 - 00143360 _____ () C:\Windows\system32\BrSNMP64.dll
2017-06-13 20:30 - 2014-03-12 23:11 - 00920736 _____ () C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe
2016-08-23 09:05 - 2016-08-23 09:05 - 00052400 _____ () C:\Development\FileZilla FTP Client\fzshellext_64.dll
2017-01-25 21:31 - 2017-01-25 21:31 - 00061952 _____ () C:\Cloud\ownCloud\shellext\OCUtil_x64.dll
2017-07-14 02:38 - 2008-04-19 17:35 - 00080384 _____ () C:\Program Files (x86)\ClamWin\bin\ExpShell64.dll
2016-11-27 13:55 - 2016-11-27 13:55 - 00230064 _____ () C:\Development\Notepad++\NppShell_06.dll
2016-10-24 06:03 - 2016-10-24 06:03 - 00589512 _____ () C:\Development\MSI Afterburner\MSIAfterburner.exe

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\TEMP:4FC01C57 [134]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BFE => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BITS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMSwissArmy => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MpsSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\msiserver => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SharedAccess => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vss => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BITS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMSwissArmy => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\msiserver => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SamSs => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SepMasterService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SmcService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\srv => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\srv2 => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\srvnet => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vss => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com
IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com
IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com
IE restricted site: HKU\.DEFAULT\...\00hq.com -> Pheenix - Buy this domain today. | 00HQ.com is for sale.
IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com
IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com
IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> 1-2005-search.com
IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com
IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com

There are 7936 more sites.

IE trusted site: HKU\S-1-5-21-3726862377-2586928099-1968672737-1000\...\*.geolearning.com -> hxxps://*.geolearning.com
IE trusted site: HKU\S-1-5-21-3726862377-2586928099-1968672737-1000\...\*.teletech.com -> hxxps://*.teletech.com
IE trusted site: HKU\S-1-5-21-3726862377-2586928099-1968672737-1000\...\*.ttechu.com -> hxxps://*.ttechu.com
IE trusted site: HKU\S-1-5-21-3726862377-2586928099-1968672737-1000\...\*.workbooth.com -> hxxps://*.workbooth.com
IE trusted site: HKU\S-1-5-21-3726862377-2586928099-1968672737-1000\...\teletech.com -> hxxps://teletech.com
IE trusted site: HKU\S-1-5-21-3726862377-2586928099-1968672737-1000\...\teletech.com -> hxxp://teletech.com
IE trusted site: HKU\S-1-5-21-3726862377-2586928099-1968672737-1000\...\workbooth.com -> hxxps://workbooth.com
IE trusted site: HKU\S-1-5-21-3726862377-2586928099-1968672737-1000\...\workbooth.com -> hxxp://workbooth.com
IE restricted site: HKU\S-1-5-21-3726862377-2586928099-1968672737-1000\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-3726862377-2586928099-1968672737-1000\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-3726862377-2586928099-1968672737-1000\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-3726862377-2586928099-1968672737-1000\...\00hq.com -> Pheenix - Buy this domain today. | 00HQ.com is for sale.
IE restricted site: HKU\S-1-5-21-3726862377-2586928099-1968672737-1000\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-3726862377-2586928099-1968672737-1000\...\0190-dialers.com -> 0190-dialers.com
IE restricted site: HKU\S-1-5-21-3726862377-2586928099-1968672737-1000\...\01i.info -> 01i.info
IE restricted site: HKU\S-1-5-21-3726862377-2586928099-1968672737-1000\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
IE restricted site: HKU\S-1-5-21-3726862377-2586928099-1968672737-1000\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-3726862377-2586928099-1968672737-1000\...\05p.com -> 05p.com
IE restricted site: HKU\S-1-5-21-3726862377-2586928099-1968672737-1000\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
IE restricted site: HKU\S-1-5-21-3726862377-2586928099-1968672737-1000\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
IE restricted site: HKU\S-1-5-21-3726862377-2586928099-1968672737-1000\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
IE restricted site: HKU\S-1-5-21-3726862377-2586928099-1968672737-1000\...\0calories.net -> 0calories.net
IE restricted site: HKU\S-1-5-21-3726862377-2586928099-1968672737-1000\...\0cj.net -> 0cj.net
IE restricted site: HKU\S-1-5-21-3726862377-2586928099-1968672737-1000\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-3726862377-2586928099-1968672737-1000\...\1-2005-search.com -> 1-2005-search.com
IE restricted site: HKU\S-1-5-21-3726862377-2586928099-1968672737-1000\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com
IE restricted site: HKU\S-1-5-21-3726862377-2586928099-1968672737-1000\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-3726862377-2586928099-1968672737-1000\...\1-se.com -> 1-se.com

There are 11473 more sites.

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 22:34 - 2017-07-14 03:36 - 00453718 ____R C:\Windows\system32\Drivers\etc\hosts

127.0.0.1 localhost127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 Pheenix - Buy this domain today. | 00HQ.com is for sale.
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 1000gratisproben.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com
127.0.0.1 www.100sexlinks.com
127.0.0.1 100sexlinks.com
127.0.0.1 10sek.com
127.0.0.1 www.10sek.com
127.0.0.1 1-2005-search.com
127.0.0.1 1-2005-search.com
127.0.0.1 123fporn.info
127.0.0.1 www.123fporn.info
127.0.0.1 www.123haustiereundmehr.com
127.0.0.1 123haustiereundmehr.com
127.0.0.1 123moviedownload.com
127.0.0.1 www.123moviedownload.com

There are 15598 more lines.

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3726862377-2586928099-1968672737-1000\Control Panel\Desktop\\Wallpaper -> C:\Windows\system32\config\systemprofile\AppData\Local\DisplayFusion\Wallpaper_1.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 1) (EnableLUA: 0)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

MSCONFIG\Services: pbamw_service => 2

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== Restore Points =========================

08-07-2017 21:53:16 Windows Update
08-07-2017 21:55:15 Windows Update
08-07-2017 21:57:44 Windows Update
08-07-2017 22:00:14 Windows Update
08-07-2017 22:02:43 Windows Update
08-07-2017 22:05:15 Windows Update
08-07-2017 22:07:44 Windows Update
08-07-2017 22:29:04 Windows Update
09-07-2017 17:02:02 Windows Update
09-07-2017 17:04:06 Windows Update
09-07-2017 17:06:37 Windows Update
10-07-2017 19:09:14 Removed Realtek Ethernet Controller Driver
10-07-2017 19:11:11 Installed Realtek Ethernet Controller Driver
10-07-2017 19:31:44 Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24123
10-07-2017 19:33:54 Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24123
10-07-2017 19:36:43 Device Driver Package Install: Advanced Micro Devices, Inc. Display adapters
11-07-2017 18:18:15 Restore Point Created by FRST
11-07-2017 19:45:49 Removed ASUS Product Register Program
11-07-2017 19:48:38 Windows Update
11-07-2017 20:03:02 Windows Update
11-07-2017 20:05:01 Windows Update
11-07-2017 20:07:33 Removed Ai Charger+
11-07-2017 20:10:05 Removed ASUS Update
11-07-2017 20:12:37 Removed Network iControl
11-07-2017 20:15:07 Removed Remote GO!
12-07-2017 00:36:55 Installed iCloud
14-07-2017 01:55:30 ComboFix created restore point

==================== Faulty Device Manager Devices =============

Name: ASMedia USB3.0 eXtensible Host Controller
Description: ASMedia USB3.0 eXtensible Host Controller
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: ASMedia Technology Inc
Service: asmtxhci
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Standard OpenHCD USB Host Controller
Description: Standard OpenHCD USB Host Controller
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (Standard USB Host Controller)
Service: usbohci
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: HP Officejet Pro 8600 (NET)
Description: HP Officejet Pro 8600 (NET)
Class Guid: {6bdd1fc6-810f-11d0-bec7-08002be2092f}
Manufacturer: Hewlett-Packard
Service: StillCam
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Standard OpenHCD USB Host Controller
Description: Standard OpenHCD USB Host Controller
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (Standard USB Host Controller)
Service: usbohci
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Standard Enhanced PCI to USB Host Controller
Description: Standard Enhanced PCI to USB Host Controller
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (Standard USB Host Controller)
Service: usbehci
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Standard Enhanced PCI to USB Host Controller
Description: Standard Enhanced PCI to USB Host Controller
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (Standard USB Host Controller)
Service: usbehci
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: AMD High Definition Audio Device
Description: AMD High Definition Audio Device
Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318}
Manufacturer: Advanced Micro Devices
Service: AtiHDAudioService
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Standard Enhanced PCI to USB Host Controller
Description: Standard Enhanced PCI to USB Host Controller
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (Standard USB Host Controller)
Service: usbehci
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: ASMedia USB3.0 eXtensible Host Controller
Description: ASMedia USB3.0 eXtensible Host Controller
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: ASMedia Technology Inc
Service: asmtxhci
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: High Definition Audio Device
Description: High Definition Audio Device
Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: HdAudAddService
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Standard OpenHCD USB Host Controller
Description: Standard OpenHCD USB Host Controller
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (Standard USB Host Controller)
Service: usbohci
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

==================== Event log errors: =========================

Application errors:
==================
Error: (07/14/2017 12:30:41 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT AUTHORITY)
Description: Unloading the performance counter strings for service WmiApRpl (WmiApRpl) failed. The first DWORD in the Data section contains the error code.

Error: (07/14/2017 12:30:41 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)
Description: The performance strings in the Performance registry value is corrupted when process Performance extension counter provider. The BaseIndex value from the Performance registry is the first DWORD in the Data section, LastCounter value is the second DWORD in the Data section, and LastHelp value is the third DWORD in the Data section.

Error: (07/14/2017 09:11:22 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT AUTHORITY)
Description: Unloading the performance counter strings for service WmiApRpl (WmiApRpl) failed. The first DWORD in the Data section contains the error code.

Error: (07/14/2017 09:11:22 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)
Description: The performance strings in the Performance registry value is corrupted when process Performance extension counter provider. The BaseIndex value from the Performance registry is the first DWORD in the Data section, LastCounter value is the second DWORD in the Data section, and LastHelp value is the third DWORD in the Data section.

Error: (07/14/2017 09:02:50 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program AI Suite II.exe version 2.0.0.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 12a0

Start Time: 01d2fc9f5c634588

Termination Time: 15

Application Path: C:\Development\ASUS\AI Suite II\AI Suite II.exe

Report Id: b07faac1-6894-11e7-8329-ac9e174e80ba

Error: (07/14/2017 08:52:08 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT AUTHORITY)
Description: Unloading the performance counter strings for service WmiApRpl (WmiApRpl) failed. The first DWORD in the Data section contains the error code.

Error: (07/14/2017 08:52:08 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)
Description: The performance strings in the Performance registry value is corrupted when process Performance extension counter provider. The BaseIndex value from the Performance registry is the first DWORD in the Data section, LastCounter value is the second DWORD in the Data section, and LastHelp value is the third DWORD in the Data section.

Error: (07/14/2017 08:22:49 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT AUTHORITY)
Description: Unloading the performance counter strings for service WmiApRpl (WmiApRpl) failed. The first DWORD in the Data section contains the error code.

Error: (07/14/2017 08:22:49 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)
Description: The performance strings in the Performance registry value is corrupted when process Performance extension counter provider. The BaseIndex value from the Performance registry is the first DWORD in the Data section, LastCounter value is the second DWORD in the Data section, and LastHelp value is the third DWORD in the Data section.

Error: (07/14/2017 03:32:56 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "C:\Program Files (x86)\Microsoft Visual Studio 9.0\VC\bin\ia64\pgosweep.exe".
Dependent Assembly Microsoft.VC90.CRT,processorArchitecture="ia64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8" could not be found.
Please use sxstrace.exe for detailed diagnosis.

System errors:
=============
Error: (07/14/2017 01:07:43 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID
{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}
and APPID
{344ED43D-D086-4961-86A6-1106F4ACAD9B}
to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.

Error: (07/14/2017 01:06:53 PM) (Source: Schannel) (EventID: 4103) (User: NT AUTHORITY)
Description: A fatal error occurred while creating an SSL client credential. The internal error state is 10013.

Error: (07/14/2017 01:06:53 PM) (Source: Schannel) (EventID: 4103) (User: NT AUTHORITY)
Description: A fatal error occurred while creating an SSL client credential. The internal error state is 10013.

Error: (07/14/2017 12:28:39 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The PnP-X IP Bus Enumerator service depends on the Function Discovery Provider Host service which failed to start because of the following error:
The dependency service or group failed to start.

Error: (07/14/2017 12:27:00 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error:
The dependency service or group failed to start.

Error: (07/14/2017 12:26:52 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error:
The dependency service or group failed to start.

Error: (07/14/2017 12:26:52 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error:
The dependency service or group failed to start.

Error: (07/14/2017 12:26:52 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error:
The dependency service or group failed to start.

Error: (07/14/2017 12:26:52 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error:
The dependency service or group failed to start.

Error: (07/14/2017 12:26:52 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error:
The dependency service or group failed to start.

CodeIntegrity:
===================================
Date: 2017-07-14 03:08:02.705
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2017-07-14 03:08:02.612
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2017-07-14 03:08:02.518
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2017-07-14 03:08:02.440
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2017-07-10 23:41:41.966
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2017-07-10 23:41:41.876
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2016-12-21 18:52:15.208
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\unsorted\old_documents\old_Games\Save for Rescure\toshiba\Windows\winsxs\amd64_microsoft-windows-appid_31bf3856ad364e35_6.1.7601.22280_none_b5abe389e220f951\appid.sys because the set of per-page image hashes could not be found on the system.

Date: 2016-12-21 18:52:15.102
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\unsorted\old_documents\old_Games\Save for Rescure\toshiba\Windows\winsxs\amd64_microsoft-windows-appid_31bf3856ad364e35_6.1.7601.22280_none_b5abe389e220f951\appid.sys because the set of per-page image hashes could not be found on the system.

Date: 2016-12-21 18:52:14.994
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\unsorted\old_documents\old_Games\Save for Rescure\toshiba\Windows\winsxs\amd64_microsoft-windows-appid_31bf3856ad364e35_6.1.7601.22280_none_b5abe389e220f951\appidapi.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-12-21 18:52:14.889
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\unsorted\old_documents\old_Games\Save for Rescure\toshiba\Windows\winsxs\amd64_microsoft-windows-appid_31bf3856ad364e35_6.1.7601.22280_none_b5abe389e220f951\appidapi.dll because the set of per-page image hashes could not be found on the system.

==================== Memory info ===========================

Processor: AMD FX-8320E Eight-Core Processor
Percentage of memory in use: 18%
Total physical RAM: 24475.49 MB
Available physical RAM: 19921.86 MB
Total Virtual: 48949.16 MB
Available Virtual: 44367.27 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:953.87 GB) (Free:504.7 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive d: (Data) (Fixed) (Total:5588.9 GB) (Free:4566.2 GB) NTFS
Drive e: (Repair disc Windows 7 64-bit) (CDROM) (Total:0.16 GB) (Free:0 GB) UDF

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 953.9 GB) (Disk ID: 15E75E50)
Partition 1: (Active) - (Size=953.9 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 5589 GB) (Disk ID: 04EC79D8)

Partition: GPT.

==================== End of Addition.txt ============================

Corrine · Jul 15, 2017

Why did you run ComboFix? I didn't ask you to run it because it hasn't been updated since December 2, 2016. In addition, you installed CyptoPrevent, a good program but making changes of this nature, including overclocking, tend to make it harder to determine whether the issues are malware related or something else entirely.

Please post a copy of ComboFix.txt as well as the ClamWin log.

dee25 · Jul 17, 2017

The Winclam log was lost during the uninstalls, but I did get it to run again without the error message since.

I didn't want to run ComboFix, the info I read said do not run it unless asked. Thinking I could just get an analysis ended up with the full shebang.

Combofix

Read More:

Hopefully I didn't do any real bad damage. The ridiculous lag has disappeared to note.

Just today, Total Virus picked up an issue with Explorer - attached image. Might this be the culprit at hand?

Corrine · Jul 17, 2017

Fortunately, ComboFix only removed temp files because it has tagged each and every driver on your computer as being suspicious/malware! You most definitely would have had a door stop if action had been taken on those files.

As to that one finding by Virus Total, I suspect it is a false/positive. However, it can't hurt to run an online scan with ESET:

Download and execute ESET Online Scanner (on this window, click on ESET Smart Installer to trigger the download). People accessing this URL via Internet Explorer will start the integration process of ESET Online Scanner in their browser;
Once the installation is done (it requires Admin Rights), check the following settings (two of them are under Advanced Settings, click on it to display them) :
- Enable detection of potentially unwanted applications;
- Scan archives;
- Scan for potentially unsafe applications;
- Optional : If you want to scan more drives, click on Change... and select the drives you want to include in the scan;
After you're done checking these options, click on "Start" and ESET Online Scanner will download it's virus signature database before starting the scan;
Once done, the scan will start automatically. Detections will appear at the bottom of the window. ESET Online Scanner can have an extremely long scan time that can last between 2 or 3 hours. So if you start the scan, do not interrupt it, let it complete until the end;
After the scan is finished, a summary window will appear to give you the information about the scan. Then you'll have to the option to see what threads were found and to manage the threats that were quarantined;
Click on List of found threats, it'll display every threat identified during that scan, their type and what action was taken against them. Click on Copy to clipboard to copy these results on our clipboard and post them in your next reply;
Once you're done, click on the Back button, then click on the Finish button;

High CPU Temps Performance Issue

dee25

Member

dee25

Member

dee25

Member

Corrine

Administrator,
Microsoft MVP,
Security Analyst

Corrine

Administrator,
Microsoft MVP,
Security Analyst

dee25

Member

Corrine

Administrator,
Microsoft MVP,
Security Analyst

jcgriff2

Co-Founder / Admin
BSOD Instructor/Expert
Microsoft MVP (Ret.)

dee25

Member

Corrine

Administrator,
Microsoft MVP,
Security Analyst

dee25

Member

dee25

Member

dee25

Member

Corrine

Administrator,
Microsoft MVP,
Security Analyst

dee25

Member

Corrine

Administrator,
Microsoft MVP,
Security Analyst

High CPU Temps Performance Issue

Member

Member

Member

Administrator, Microsoft MVP, Security Analyst

Administrator, Microsoft MVP, Security Analyst

Member

Administrator, Microsoft MVP, Security Analyst

Co-Founder / AdminBSOD Instructor/ExpertMicrosoft MVP (Ret.)

Member

Administrator, Microsoft MVP, Security Analyst

Member

Member

Member

Administrator, Microsoft MVP, Security Analyst

Member

Administrator, Microsoft MVP, Security Analyst

Administrator,
Microsoft MVP,
Security Analyst

Administrator,
Microsoft MVP,
Security Analyst

Administrator,
Microsoft MVP,
Security Analyst

Co-Founder / Admin
BSOD Instructor/Expert
Microsoft MVP (Ret.)

Administrator,
Microsoft MVP,
Security Analyst

Administrator,
Microsoft MVP,
Security Analyst

Administrator,
Microsoft MVP,
Security Analyst