Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

Repost of Newpoptab Issue

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

Repost of Newpoptab Issue

Unread postby Wogln » December 27th, 2015, 7:54 am

I'm making this post to apparently repost my help topic. I made a second post in my topic to announce that I believe my system may be fixed, and thus alert those who would be spending their time reading through my logs to instead change their plans to deal with the new information. I did not know that attempting to make the job of staff on a website easier was apparently against the rules (Being staff on another forum, I appreciate it when others make my job easier, rather than more arduous or difficult. I will repost my logs in this post. Once again, I apologize for attempting to assist staff in their job and didn't know that helping was considered self-bumping, I will keep that in mind next time.
You do not have the required permissions to view the files attached to this post.
Wogln
Active Member
 
Posts: 13
Joined: December 26th, 2015, 12:36 am
Advertisement
Register to Remove

Re: Repost of Newpoptab Issue

Unread postby capnkrunch » December 31st, 2015, 2:00 am

Warning!
The steps presented in these posts are for this person and machine ONLY. Do not apply these steps to your own system, without the guidance of a trained malware removal helper. Doing so, may possibly damage your system, preventing it from starting.

Hello WogIn and welcome to the Malware Removal Forums :)

My name is capnkrunch and I will be helping you with your malware problems. I'm an Undergraduate trainee here, and as such my posts to you have to first be checked by a Teacher, because of this my replies to your posts may be slightly delayed. Please be patient and I'm sure we'll be able to resolve your problems.

Before we begin, please read and follow these important guidelines, so things will proceed smoothly.
  • The instructions being given are for YOUR computer and system only!
    Using these instructions on a different computer can cause damage to that computer and possibly render it inoperable!
  • You must have Administrator rights, permissions for this computer.
  • DO NOT run any other fix or removal tools unless instructed to do so.
  • DO NOT install any other software (or hardware) during the cleaning process.
  • Only post your problem at (1) one help site. Applying fixes from multiple help sites can cause problems.
  • Print each set of instructions, if possible. Your Internet connection will not be available during some fix processes.
  • Only reply to this thread, do not start another ... Please, continue responding, until I give you the "All Clean".
    Remember, absence of symptoms does mean the infection is all gone.
  • Your security programs may give warnings for some of the tools I will ask you to use. Be assured, any links I give are safe.
  • Failure to respond for 3 days, will result in your topic being closed.

Note: If you haven't done so already, please read this topic ALL USERS OF THIS FORUM MUST READ THIS FIRST where the conditions for receiving help here are explained.

Please be aware that removing Malware is a potentially hazardous undertaking. I will take care, not to knowingly suggest courses of action that might damage your computer. However it is impossible for me to foresee all interactions that may happen between the software on your computer and those we'll use to clear you of infection and I cannot guarantee the safety of your system. It is possible that we might encounter situations where the only recourse is to re-format and re-install your operating system, or to necessitate you taking your computer to a repair shop.


For your safety and protection, I would advise backing up all your important documents, personal data files and photos to a CD or DVD drive as some infections may render your computer unbootable during or before the disinfection process. The safest practice is not to backup any files with the following file extensions:
exe, .scr, .ini, .htm, .html, .php, .asp, .xml, .zip, .rar, .cab as they may be infected.

User avatar
capnkrunch
MRU Master
MRU Master
 
Posts: 793
Joined: March 20th, 2015, 6:41 pm
Location: Chicago

Re: Repost of Newpoptab Issue

Unread postby capnkrunch » December 31st, 2015, 5:35 pm

Hello WogIn :)

P2P Advisory!
IMPORTANT There are signs of one or more P2P (Peer to Peer) File Sharing Programs installed on your computer.
BitTorrent

As long as you have the P2P program(s) installed, per Forum Policy, I can offer you no further assitance.
If you choose NOT to remove the program(s)...indicate that in your next reply and this topic will be closed.

Otherwise, there are instructions for removing it in the next step.
By using any form of P2P networking to download files you can anticipate infestations of malware to occur. The P2P program
itself, may be safe but the files may not... use P2P at your own risk! Keep in mind that this practice may be the source of your current malware infestation.
Reference... citing risk factors, using P2P programs: How to Prevent the Online Invasion of Spyware and Adware

Step one...

Uninstall Programs
  • Press the Windows Key + R.
  • Enter appwiz.cpl into the text box and click OK.
  • Locate the following program:
    BitTorrent
  • Press the Uninstall or Uninstall/Change button and carefully follow any prompts to uninstall the program.
    Take care to read through any prompts completely! Some uninstallers may attempt to trick you into keeping the program.
  • Once finished reboot your computer.

Step two...

CKScanner
Please download CKScanner and save it to your Desktop.
This program should only be run once!
Make sure that CKScanner.exe is on the your desktop before running the application!

  • Right lick on the CKScanner.exe icon and select Run as administrator.
  • Click the Search For Files button.
  • When the scan is finished (the cursor hourglass disappears) click the Save List To File button.
    A text file will be created on your desktop named "ckfiles.txt"
  • Click OK at the file saved message box. Double-click on the ckfiles.txt icon on your desktop.
  • Please copy/paste the contents of ckfiles.txt in your next reply.

Step three...

LicDiag Command
  • Please copy the following text: Do NOT copy the words Code: Select all
    Code: Select all
    @Echo off
    Licensingdiag.exe -report %userprofile%\desktop\report.txt -log NUL
    Notepad.exe %userprofile%\desktop\report.txt
    del %0
  • Open Notepad... paste the copied code into the Notepad window.
  • Save the Notepad file on your desktop...as Licdiag.bat... save type as "All Files"
    Image
    Licdiag.bat <<------------- you should see this on your desktop.
  • Right-click on the Licdiag.bat file and select "Run as Administrator".
    A black CMD window will flash, you may see a message: "The operation completed successfully."
    When completed, Notepad will open a file: report.txt.
  • Please copy and paste the contents of report.txt in your next reply.

Please post each log separately to prevent it being cut off by the forum post size limiter.
Check each after you've posted it to make sure it's all present, if any log is cut off you'll have to post it in sections...

In your next reply please include:
  • Did you have any problems with the instructions?
  • Your decision about P2P programs
  • ckfiles.txt
  • report.txt
  • Are there any changes in computer behavior?
User avatar
capnkrunch
MRU Master
MRU Master
 
Posts: 793
Joined: March 20th, 2015, 6:41 pm
Location: Chicago

Re: Repost of Newpoptab Issue

Unread postby Wogln » December 31st, 2015, 10:04 pm

I get the instructions 'n stuff, yo. Also, I know what all those files are in the CKScanner stuff, I work with Starbound/Terraria assets a lot with modding, so I know those aren't risky.

CKScanner 2.5 - Additional Security Risks - These are not necessarily bad
c:\program files (x86)\steam\steamapps\common\starbound\assets\assetsunpacknew\dungeons\microdungeons\biomes\bioluminescence\crack1.json
c:\program files (x86)\steam\steamapps\common\starbound\assets\assetsunpacknew\plants\trees\jungle\stem\crackly\crackly.modularstem
c:\program files (x86)\steam\steamapps\common\team fortress 2\tf\download\materials\sprites\store\trails\crackedbeam.vmt
c:\program files (x86)\steam\steamapps\common\team fortress 2\tf\download\materials\sprites\store\trails\crackedbeam.vtf
c:\program files (x86)\steam\steamapps\common\terraria\content\images\tilecracks.xnb
c:\users\christian\plants\trees\jungle\stem\crackly\crackly.modularstem
scanner sequence 3.BD.11.MBNAX0
----- EOF -----
Wogln
Active Member
 
Posts: 13
Joined: December 26th, 2015, 12:36 am

Re: Repost of Newpoptab Issue

Unread postby Wogln » December 31st, 2015, 10:05 pm

<DiagReport>
<LicensingData>
<ToolVersion>10.0.10586.0</ToolVersion>
<LicensingStatus>SL_LICENSING_STATUS_LICENSED</LicensingStatus>
<LicensingStatusReason>0x4004F401</LicensingStatusReason>
<LocalGenuineState>SL_GEN_STATE_IS_GENUINE</LocalGenuineState>
<LocalGenuineResultP>1</LocalGenuineResultP>
<LastOnlineGenuineResult></LastOnlineGenuineResult>
<GraceTimeMinutes>0</GraceTimeMinutes>
<TotalGraceDays>0</TotalGraceDays>
<ValidityExpiration></ValidityExpiration>
<ActivePartialProductKey>8HVX7</ActivePartialProductKey>
<ActiveProductKeyPid2>00326-10000-00000-AA728</ActiveProductKeyPid2>
<OSVersion>10.0.10586.2.00010300.0.0.101</OSVersion>
<ProductName>Windows 10 Home</ProductName>
<ProcessorArchitecture>x64</ProcessorArchitecture>
<EditionId>Core</EditionId>
<BuildLab>10586.th2_release.151121-2308</BuildLab>
<TimeZone>Mountain Standard Time(GMT-07:00)</TimeZone>
<ActiveSkuId>2b1f36bb-c1cd-4306-bf5c-a0367c2d97d8</ActiveSkuId>
<ActiveSkuDescription>Windows(R) Operating System, RETAIL channel</ActiveSkuDescription>
<ProductUniquenessGroups>55c92734-d682-4d71-983e-d6ec3f16059f</ProductUniquenessGroups>
<ActiveProductKeyPKeyId>aae1191f-7f47-05b8-8319-664b3ee8c42e</ActiveProductKeyPKeyId>
<ActiveProductKeyPidEx>03612-03261-000-000000-00-1033-10586.0000-3432015</ActiveProductKeyPidEx>
<ActiveProductKeyChannel>Retail</ActiveProductKeyChannel>
<ActiveVolumeCustomerPid></ActiveVolumeCustomerPid>
<OfflineInstallationId>110323365081463943121499132525518401666061291815664878433826561</OfflineInstallationId>
<DomainJoined>false</DomainJoined>
<ComputerSid>S-1-5-21-3915831028-228235209-3607861613</ComputerSid>
<ProductLCID>1033</ProductLCID>
<UserLCID>1033</UserLCID>
<SystemLCID>1033</SystemLCID>
<CodeSigning>SIGNED_INFO_PRS_SIGNED</CodeSigning>
<ServiceAvailable>true</ServiceAvailable>
<OemMarkerVersion></OemMarkerVersion>
<OemId></OemId>
<OemTableId></OemTableId>
<Manufacturer>Hewlett-Packard</Manufacturer>
<Model>HP 15 TS Notebook PC</Model>
<InstallDate>20151209065214.000000-420</InstallDate>
</LicensingData>
<HealthCheck>
<Result>PASS</Result>
<TamperedItems></TamperedItems>
</HealthCheck>
<GenuineAuthz>
<ServerProps>&lt;?xml version=&quot;1.0&quot; encoding=&quot;utf-8&quot;?&gt;&lt;genuineAuthorization xmlns=&quot;http://www.microsoft.com/DRM/SL/GenuineAuthorization/1.0&quot;&gt;&lt;version&gt;1.0&lt;/version&gt;&lt;genuineProperties origin=&quot;sppclient&quot;&gt;&lt;properties&gt;OA3xOriginalProductId=00258-61882-33400-AAOEM;OA3xOriginalProductKey=GF8FC-MN67B-X2VH8-X2HQ6-RRFWQ;SessionId=LicensingDiag;TimeStampClient=2016-01-01T02:02:16Z&lt;/properties&gt;&lt;signatures&gt;&lt;signature name=&quot;clientLockboxKey&quot; method=&quot;rsa-sha256&quot;&gt;nDPi/V1e3+yntaetOAAfQXsQePGv4kWXj1jKn7WM0jHN0VcL0BcuGjZlegkpJU6qxDOTY2pPqNMdyVxRwUWpK1MAIiH1xo99UkDwM2ssiym3g/bn9M+7HbGieS2cEL5fUN3LAs/pP5SJ6HVFTFnL/TiwcxZH67Dd8dhy9LTzXZQ=&lt;/signature&gt;&lt;/signatures&gt;&lt;/genuineProperties&gt;&lt;/genuineAuthorization&gt;</ServerProps>
</GenuineAuthz>
</DiagReport>
Wogln
Active Member
 
Posts: 13
Joined: December 26th, 2015, 12:36 am

Re: Repost of Newpoptab Issue

Unread postby Wogln » December 31st, 2015, 10:09 pm

As for my p2p program, I removed it. Computer behavior wise, I suppose its a bit slow, but that might be because I've been updating a bunch of Steam games as of late, and Steam loves to eat my resources. One issue though is that after running my computer for a while, programs such as the Windows 10 photo/video viewer stop functioning, when I try to open a file with them, the operation times out.
Wogln
Active Member
 
Posts: 13
Joined: December 26th, 2015, 12:36 am

Re: Repost of Newpoptab Issue

Unread postby capnkrunch » January 1st, 2016, 7:41 pm

Hello WogIn :)

There's a couple minor things to take care of but first let's create a System Restore Point.

Step one...

Create a System Restore Point
  • Click on Start.
  • Type Create a restore point into the search box and select it from the results.
  • From the Available Drives list select the Windows drive. It will be the one that says (System) after it.
    • If Protection is Off, click Configure.
    • Select Turn on system protection and click OK.
  • Click on Create.
  • Type precleanup into the textbox and click Create.
  • Once it is finished click Close

Step two...

Please answer these questions:

CHR Extension: (Angry Birds) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj [2015-04-22]
CHR Extension: (Eye Dropper) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmdcmlfkchdmnmnmheododdhjedfccka [2015-04-26]

I see there two suspicious Chrome extensions related to Angry Birds and Eye Dropper - do you recognize them? Were they installed voluntarily?

Step three...

It appears that you have several items disabled with MSConfig. MSConfig is meant for temporary troubleshooting not as a permanent startup management solution so it is important that we reenable these items.

Reenable Items With MSConfig
  • Press the Windows Key + R.
  • Type msconfig.exe into the text box and click OK.
  • Check Normal startup and click OK.
  • You will be prompted to restart your computer. Click Restart.

Step four...

Uninstall Outdated Programs
  • Press the Windows Key + R.
  • Enter appwiz.cpl into the text box and click OK.
  • Locate the following programs:
    Adobe Shockwave Player 12.2
    Java 8 Update 65
  • Press the Uninstall or Uninstall/Change button and carefully follow any prompts to uninstall the program.
    • Take care to read through any prompts completely! Some uninstallers may attempt to trick you into keeping the program.
    • Do this for every program listed.
    • Don't worry if you can't find one of the programs. Just be sure to let me know in your reply.
  • Once finished reboot your computer.

Step four...

FRST Fix
  • You should still have FRST64.exe in your Downloads folder. If not please download it HERE.
  • Press the Windows Key + R.
  • Type notepad.exe into the text box and click OK.
  • A blank Notepad page should open.
    • Copy and Paste the following script into Notepad, Do not include the words Code: Select all.
    • (Click the Select all button next to Code: to select the entire script).
    Code: Select all
    CreateRestorePoint:
    CHR Extension: (YouTube) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-02]
    CHR Extension: (Chrome Web Store Payments) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-25]
    2015-12-16 00:38 - 2015-12-16 00:38 - 00000000 ____D C:\Users\Christian\AppData\LocalLow\BitTorrent
    2015-12-24 19:00 - 2015-04-25 00:14 - 00000931 _____ C:\Users\Christian\Desktop\BitTorrent.lnk
    2015-12-24 19:00 - 2015-04-25 00:14 - 00000911 _____ C:\Users\Christian\AppData\Roaming\Microsoft\Windows\Start Menu\BitTorrent.lnk
    2015-12-17 17:42 - 2015-04-25 00:12 - 00000000 ____D C:\Users\Christian\AppData\Roaming\BitTorrent
    Task: {01C06B1D-EAA2-42D9-8751-B077FA8A2819} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
    Task: {0B78DBA0-4F6A-4913-83BF-7C5F9A6559FC} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
    Task: {119806D5-FEA7-4655-95AE-25D9B20422D3} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
    Task: {370F80D5-AA62-4248-958D-906103F8757F} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
    Task: {5CF13446-A87C-42FA-90EB-0D1B9EF3F7BB} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
    Task: {5D270FB2-DF78-48F2-95DB-49DAFC1524F9} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
    Task: {5DB73794-E271-4EE8-AC1F-848F68644E0F} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
    Task: {689799A0-ABBB-4722-A78A-34C0467C6D86} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
    Task: {8BEA43CE-90AC-4B9B-8132-C2EAC3E53FBE} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
    Task: {9F9674E0-E630-4387-8C6D-14416CD6D0A6} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
    Task: {B4A44ED1-D59C-46D6-B7A9-DB20AE940CE0} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
    FirewallRules: [{EFFFAA3C-C145-469B-ACFE-D7FB97DAFC4C}] => (Allow) C:\Users\Christian\AppData\Roaming\BitTorrent\BitTorrent.exe
    FirewallRules: [{A1F47699-8A91-4271-B3A0-CE587B41E2B2}] => (Allow) C:\Users\Christian\AppData\Roaming\BitTorrent\BitTorrent.exe
    
    Folder: C:\fc036e49596f6d4f46f5b2c274
    Hosts:
    EmptyTemp:
    CMD: ipconfig /flushdns
  • Save it next to FRST64.exe as fixlist.txt.
    Important! fixlist.txt must be saved in the same directory as FRST64.exe to work.
  • Right click on FRST64.exe and select Run as administrator.
  • Press the Fix button one time only and wait.
  • When FRST finishes you will be prompted to reboot your computer. Click OK.
  • Your computer should now restart. On reboot navigate to your Downloads folder where there you should find Fixlog.txt. Copy and paste the contents in your reply.

Step five...

I see you have Malwarebytes Anti-Malware installed. I would like you to run a scan with it.

Malwarebytes Anti-Malware (MBAM) Scan
Note: you need to be connected to the internet so that MBAM can download any updates it needs to.
  • Please close all open programs and windows so that you are at your Desktop.
  • Press the Windows Key + R.
  • Type mbam.exe into the text box and click OK.
  • Allow MBAM to update if it asks you to.
  • Click Scan Now. MBAM will update its databases and proceed to scan your computer.
  • If prompted to allow a reboot please do so.
    Failing to reboot when asked can prevent MBAM from removing all the malware it finds.
  • Once the scan is finished click Save Results >> in the bottom right corner and select Copy to Clipboard. Paste the results in your next reply.
    The log file can also be found at C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\Logs. Look for the one with the current date and time.

Step six...

Fresh FRST Scan
  • You should still have FRST64.exe in your Downloads folder. If not please download it HERE.
  • Close all open programs and windows.
  • Right-click FRST64.exe and select Run as administrator.
  • Under Optional Scan check Addition.txt.
  • Press Scan button and wait while the scan finishes.
  • Once finished, two logs will open in Notepad: FRST.txt and Addition.txt. Please attach both logs in your reply.

Please post each log separately to prevent it being cut off by the forum post size limiter.
Check each after you've posted it to make sure it's all present, if any log is cut off you'll have to post it in sections...

In your next reply please include:
  • Did you have any problems with the instructions?
  • An answer to my questions
  • Fixlog.txt
  • The MBAM log
  • FRST.txt (attached)
  • Addition.txt (attached)
  • Are there any changes in computer behavior?
User avatar
capnkrunch
MRU Master
MRU Master
 
Posts: 793
Joined: March 20th, 2015, 6:41 pm
Location: Chicago

Re: Repost of Newpoptab Issue

Unread postby capnkrunch » January 3rd, 2016, 9:46 pm

It has been 48 hours since my last post.
  • Do you still need help?
  • Do you need more time?
  • Are you having problems following my instructions?
  • According to Malware Removal's latest policy, topics can be closed after 3 days without a response.
  • If you do not reply within the next 24 hours, this topic will be closed.
User avatar
capnkrunch
MRU Master
MRU Master
 
Posts: 793
Joined: March 20th, 2015, 6:41 pm
Location: Chicago

Re: Repost of Newpoptab Issue

Unread postby Wogln » January 3rd, 2016, 9:50 pm

Hey yeah can I have a bit more time? I haven't been able to get around to doing all the stuff from this, schedule has been packed for a while. Gotta love the holidays right? Sorry about the wait, I'll get on this ASAP
Wogln
Active Member
 
Posts: 13
Joined: December 26th, 2015, 12:36 am

Re: Repost of Newpoptab Issue

Unread postby capnkrunch » January 5th, 2016, 10:12 pm

Hello Wogin :)

Thanks for letting me know. Please post the requested logs when ready.

If you don't reply within 72 hours this topic will be closed without further reminders.

Thanks,
-capnkrunch
User avatar
capnkrunch
MRU Master
MRU Master
 
Posts: 793
Joined: March 20th, 2015, 6:41 pm
Location: Chicago

Re: Repost of Newpoptab Issue

Unread postby Wogln » January 8th, 2016, 8:30 pm

The extensions are alright, I'll probably erase the Angry Birds one though, haven't used it in forever.

-----------

Fix result of Farbar Recovery Scan Tool (x64) Version:25-12-2015
Ran by Christian (2016-01-08 16:29:07) Run:1
Running from C:\Users\Christian\Downloads
Loaded Profiles: Christian (Available Profiles: Christian)
Boot Mode: Normal
==============================================

fixlist content:
*****************
CreateRestorePoint:
CHR Extension: (YouTube) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-02]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-25]
2015-12-16 00:38 - 2015-12-16 00:38 - 00000000 ____D C:\Users\Christian\AppData\LocalLow\BitTorrent
2015-12-24 19:00 - 2015-04-25 00:14 - 00000931 _____ C:\Users\Christian\Desktop\BitTorrent.lnk
2015-12-24 19:00 - 2015-04-25 00:14 - 00000911 _____ C:\Users\Christian\AppData\Roaming\Microsoft\Windows\Start Menu\BitTorrent.lnk
2015-12-17 17:42 - 2015-04-25 00:12 - 00000000 ____D C:\Users\Christian\AppData\Roaming\BitTorrent
Task: {01C06B1D-EAA2-42D9-8751-B077FA8A2819} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {0B78DBA0-4F6A-4913-83BF-7C5F9A6559FC} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {119806D5-FEA7-4655-95AE-25D9B20422D3} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {370F80D5-AA62-4248-958D-906103F8757F} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {5CF13446-A87C-42FA-90EB-0D1B9EF3F7BB} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {5D270FB2-DF78-48F2-95DB-49DAFC1524F9} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {5DB73794-E271-4EE8-AC1F-848F68644E0F} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {689799A0-ABBB-4722-A78A-34C0467C6D86} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {8BEA43CE-90AC-4B9B-8132-C2EAC3E53FBE} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {9F9674E0-E630-4387-8C6D-14416CD6D0A6} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {B4A44ED1-D59C-46D6-B7A9-DB20AE940CE0} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
FirewallRules: [{EFFFAA3C-C145-469B-ACFE-D7FB97DAFC4C}] => (Allow) C:\Users\Christian\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{A1F47699-8A91-4271-B3A0-CE587B41E2B2}] => (Allow) C:\Users\Christian\AppData\Roaming\BitTorrent\BitTorrent.exe

Folder: C:\fc036e49596f6d4f46f5b2c274
Hosts:
EmptyTemp:
CMD: ipconfig /flushdns
*****************

Restore point was successfully created.
C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo => moved successfully
C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda => moved successfully
C:\Users\Christian\AppData\LocalLow\BitTorrent => moved successfully
"C:\Users\Christian\Desktop\BitTorrent.lnk" => not found.
"C:\Users\Christian\AppData\Roaming\Microsoft\Windows\Start Menu\BitTorrent.lnk" => not found.
C:\Users\Christian\AppData\Roaming\BitTorrent => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{01C06B1D-EAA2-42D9-8751-B077FA8A2819}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{01C06B1D-EAA2-42D9-8751-B077FA8A2819}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{0B78DBA0-4F6A-4913-83BF-7C5F9A6559FC}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0B78DBA0-4F6A-4913-83BF-7C5F9A6559FC}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\launchtrayprocess" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{119806D5-FEA7-4655-95AE-25D9B20422D3}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{119806D5-FEA7-4655-95AE-25D9B20422D3}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfig" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{370F80D5-AA62-4248-958D-906103F8757F}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{370F80D5-AA62-4248-958D-906103F8757F}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5CF13446-A87C-42FA-90EB-0D1B9EF3F7BB}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5CF13446-A87C-42FA-90EB-0D1B9EF3F7BB}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Time-5d" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5D270FB2-DF78-48F2-95DB-49DAFC1524F9}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5D270FB2-DF78-48F2-95DB-49DAFC1524F9}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5DB73794-E271-4EE8-AC1F-848F68644E0F}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5DB73794-E271-4EE8-AC1F-848F68644E0F}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{689799A0-ABBB-4722-A78A-34C0467C6D86}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{689799A0-ABBB-4722-A78A-34C0467C6D86}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{8BEA43CE-90AC-4B9B-8132-C2EAC3E53FBE}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8BEA43CE-90AC-4B9B-8132-C2EAC3E53FBE}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{9F9674E0-E630-4387-8C6D-14416CD6D0A6}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9F9674E0-E630-4387-8C6D-14416CD6D0A6}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Logon-5d" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B4A44ED1-D59C-46D6-B7A9-DB20AE940CE0}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B4A44ED1-D59C-46D6-B7A9-DB20AE940CE0}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxcontent" => key removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{EFFFAA3C-C145-469B-ACFE-D7FB97DAFC4C} => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{A1F47699-8A91-4271-B3A0-CE587B41E2B2} => value removed successfully

========================= Folder: C:\fc036e49596f6d4f46f5b2c274 ========================

2015-12-14 15:58 - 2015-12-14 15:58 - 140158008 _____ (Microsoft Corporation) C:\fc036e49596f6d4f46f5b2c274\MRT.exe

====== End of Folder: ======

C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

========= ipconfig /flushdns =========


Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========= End of CMD: =========

EmptyTemp: => 10.8 GB temporary data Removed.


The system needed a reboot.

==== End of Fixlog 16:36:23 ====
Wogln
Active Member
 
Posts: 13
Joined: December 26th, 2015, 12:36 am

Re: Repost of Newpoptab Issue

Unread postby Wogln » January 8th, 2016, 8:31 pm

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 1/8/2016
Scan Time: 4:45 PM
Logfile:
Administrator: Yes

Version: 2.2.0.1024
Malware Database: v2016.01.08.06
Rootkit Database: v2016.01.05.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled

OS: Windows 10
CPU: x64
File System: NTFS
User: Christian

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 358985
Time Elapsed: 35 min, 33 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 0
(No malicious items detected)

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 0
(No malicious items detected)

Files: 0
(No malicious items detected)

Physical Sectors: 0
(No malicious items detected)


(end)
Wogln
Active Member
 
Posts: 13
Joined: December 26th, 2015, 12:36 am

Re: Repost of Newpoptab Issue

Unread postby Wogln » January 8th, 2016, 8:35 pm

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:25-12-2015
Ran by Christian (administrator) on THESTATION (08-01-2016 17:28:52)
Running from C:\Users\Christian\Downloads
Loaded Profiles: Christian (Available Profiles: Christian)
Platform: Windows 10 Home Version 1511 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Softex Inc.) C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe
(Intel Corporation) C:\Windows\SysWOW64\IntelCpHeciSvc.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(Intel(R) Corporation) C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
() C:\Program Files\AVAST Software\SecureLine\VpnSvc.exe
(Tablet Driver) C:\Windows\System32\drivers\WTSrv.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
() C:\Program Files\CyberLink\Shared files\RichVideo64.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
() C:\Program Files\WindowsApps\Microsoft.Messaging_2.12.15004.0_x86__8wekyb3d8bbwe\SkypeHost.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.29.1\GoogleCrashHandler.exe
() C:\Program Files\Hewlett-Packard\SimplePass\opvapp.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.29.1\GoogleCrashHandler64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\SimplePass\ClientCore.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBroker.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBrokerDsktop.exe
(Graphic Tablet Company Shenzhen) C:\Program Files\TabletDriver\TabletDriver.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Nota Inc.) C:\Program Files (x86)\Gyazo\GyStation.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Dropbox, Inc.) C:\Users\Christian\AppData\Roaming\Dropbox\bin\Dropbox.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Don HO don.h@free.fr) C:\Program Files (x86)\Notepad++\notepad++.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8492800 2015-06-24] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1402624 2015-06-24] (Realtek Semiconductor)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM\...\Run: [SimplePass] => C:\Program Files\Hewlett-Packard\SimplePass\ClientCore.exe [3962936 2014-03-28] (Hewlett-Packard)
HKLM\...\Run: [OPBHOBroker] => C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBroker.exe [415288 2014-03-28] (Hewlett-Packard)
HKLM\...\Run: [OPBHOBrokerDesktop] => C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBrokerDsktop.exe [415288 2014-03-28] (Hewlett-Packard)
HKLM\...\Run: [TabletDriver] => C:\Program Files\TabletDriver\TabletDriver.exe [1144032 2015-04-07] (Graphic Tablet Company Shenzhen)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3944136 2015-07-17] (Synaptics Incorporated)
HKLM-x32\...\Run: [WTClient] => WTClient.exe
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [7021880 2015-12-16] (AVAST Software)
HKLM-x32\...\Run: [HPMessageService] => C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe [653576 2015-06-29] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [596528 2015-10-06] (Oracle Corporation)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [5565448 2015-11-12] (LogMeIn Inc.)
HKU\S-1-5-21-3915831028-228235209-3607861613-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3013712 2015-12-14] (Valve Corporation)
HKU\S-1-5-21-3915831028-228235209-3607861613-1001\...\Run: [EvolveClient] => C:\Program Files\Echobit\Evolve\EvolveClient.exe [3334528 2015-11-25] (Echobit LLC)
HKU\S-1-5-21-3915831028-228235209-3607861613-1001\...\Run: [Gyazo] => C:\Program Files (x86)\Gyazo\GyStation.exe [3098424 2015-08-19] (Nota Inc.)
HKU\S-1-5-21-3915831028-228235209-3607861613-1001\...\Run: [Dropbox Update] => C:\Users\Christian\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-17] (Dropbox, Inc.)
HKU\S-1-5-21-3915831028-228235209-3607861613-1001\...\Run: [Discord] => C:\Users\Christian\AppData\Local\Discord\app-0.0.283\Discord.exe [51716784 2015-11-17] (Hammer & Chisel, Inc.)
HKU\S-1-5-21-3915831028-228235209-3607861613-1001\...\Run: [Office Timeline Performance Helper] => C:\Program Files (x86)\Office Timeline\Current\OfficeTimelineStartup.exe [15424 2015-11-26] (OfficeTimeline LLC)
HKU\S-1-5-21-3915831028-228235209-3607861613-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [50385536 2015-12-29] (Skype Technologies S.A.)
HKU\S-1-5-21-3915831028-228235209-3607861613-1001\...\Policies\Explorer: [NoInternetOpenWith] 1
ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Christian\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Christian\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Christian\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Christian\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Christian\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Christian\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Christian\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Christian\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-12-16] (AVAST Software)
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\avast! SecureLine.lnk [2015-12-24]
ShortcutTarget: avast! SecureLine.lnk -> C:\Program Files\AVAST Software\SecureLine\SecureLine.exe (AVAST Software)
Startup: C:\Users\Christian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2015-12-24]
ShortcutTarget: Dropbox.lnk -> C:\Users\Christian\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 75.75.76.76 75.75.75.75
Tcpip\..\Interfaces\{0aae3238-72f2-419f-96f6-38eecf595c51}: [DhcpNameServer] 75.75.76.76 75.75.75.75
Tcpip\..\Interfaces\{15FE5F52-66BC-495B-8526-A6BCA48C5BD0}: [DhcpNameServer] 8.8.8.8
Tcpip\..\Interfaces\{90bb55df-b0e7-4adf-b23c-ff363ab600b6}: [DhcpNameServer] 192.168.42.129

Internet Explorer:
==================
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp13.msn.com
HKU\S-1-5-21-3915831028-228235209-3607861613-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.yahoo.com/?fr=yset_ie_syc_o ... orcl_hpset
HKU\S-1-5-21-3915831028-228235209-3607861613-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp13.msn.com
HKU\S-1-5-21-3915831028-228235209-3607861613-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://js.redirect.hp.com/jumpstation?b ... &tp=iehome
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3915831028-228235209-3607861613-1001 -> {51FA22EB-2A60-4614-BA3E-F905020D7A9B} URL = hxxps://search.yahoo.com/search?p={searchTerms}&fr=yset_ie_syc_oracle&type=orcl_default
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\ssv.dll [2015-11-06] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\jp2ssv.dll [2015-11-06] (Oracle Corporation)

FireFox:
========
FF ProfilePath: C:\Users\Christian\AppData\Roaming\Mozilla\Firefox\Profiles\otvhwthi.default-1446516299890
FF Plugin: @mcafee.com/MSC,version=10 -> C:\Program Files\mcafee\msc\npMcSnFFPl64.dll [No File]
FF Plugin-x32: @java.com/DTPlugin,version=11.66.2 -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\dtplugin\npDeployJava1.dll [2015-11-06] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.66.2 -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\plugin2\npjp2.dll [2015-11-06] (Oracle Corporation)
FF Plugin-x32: @mcafee.com/MSC,version=10 -> C:\Program Files (x86)\McAfee\msc\npMcSnFFPl.dll [No File]
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-04] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-04] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: BYOND -> C:\Program Files (x86)\BYOND\bin\npbyond.dll [2008-07-08] (BYOND)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npbyond.dll [2008-07-08] (BYOND)
FF Extension: Adblock Plus - C:\Users\Christian\AppData\Roaming\Mozilla\Firefox\Profiles\otvhwthi.default-1446516299890\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-12-21]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-12-17]
FF HKLM-x32\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Extension: Avast SafePrice - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2015-12-17]
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK => not found

Chrome:
=======
CHR HomePage: Default -> hxxp://pokemonsolarluna.proboards.com/index.cgi?%20%20
CHR StartupUrls: Default -> "hxxp://pokemonsolarluna.proboards.com/index.cgi?%20%20","hxxp://houmpage.com/?src=nt&ssid=1450303053&a=1024376&uuid=148d23a3-09a7-4fa3-9a33-e2ce990dfebd"
CHR Profile: C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-04-22]
CHR Extension: (Angry Birds) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj [2015-04-22]
CHR Extension: (Google Docs) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-04-22]
CHR Extension: (Google Drive) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-22]
CHR Extension: (Adblock Plus) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-01-08]
CHR Extension: (Google Search) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-31]
CHR Extension: (Avast SafePrice) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2015-10-31]
CHR Extension: (Google Sheets) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-04-22]
CHR Extension: (Google Docs Offline) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-11-17]
CHR Extension: (Avast Online Security) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-11-05]
CHR Extension: (Block Misspelled Websites) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\hkeedolkcnamlgiodhcaielanmffhlil [2015-04-22]
CHR Extension: (Eye Dropper) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmdcmlfkchdmnmnmheododdhjedfccka [2015-04-26]
CHR Extension: (Steam Theme) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\mcphcjcjgkjmbphkfjleamgkinaeebnm [2015-06-30]
CHR Extension: (Plants vs Zombies) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmcegpfdgcoclcdfkjahiimlikdpnina [2015-04-22]
CHR Extension: (Gmail) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-22]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx [2015-11-22]
CHR HKLM-x32\...\Chrome\Extension: [gihfmmedoddijgnhkgfgnkeohkpbipol] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-11-22]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [226440 2015-12-16] (AVAST Software)
R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [109520 2015-12-16] (AVAST Software)
S3 EvoSvc; C:\Program Files\Echobit\Evolve\EvoSvc.exe [1583488 2015-04-22] (Echobit LLC)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [25800 2015-09-28] (Hewlett-Packard Company)
R2 HPWMISVC; c:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe [602888 2015-06-29] (Hewlett-Packard Development Company, L.P.)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [330136 2015-11-01] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe [733696 2013-07-01] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe [822232 2013-07-01] (Intel(R) Corporation)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [417552 2015-11-12] (LogMeIn, Inc.)
R2 omniserv; C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe [88064 2014-03-28] (Softex Inc.) [File not signed]
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [389896 2014-04-14] ()
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [303360 2015-06-24] (Realtek Semiconductor)
R2 SecureLine; C:\Program Files\AVAST Software\SecureLine\VpnSvc.exe [435064 2014-10-15] ()
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [246472 2015-07-17] (Synaptics Incorporated)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-10-30] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [28656 2015-12-16] (AVAST Software)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [28144 2015-12-16] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [97648 2015-12-18] (AVAST Software)
R0 aswNdisFlt; C:\Windows\System32\DRIVERS\aswNdisFlt.sys [466400 2015-12-16] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-12-16] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65224 2015-12-16] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1055560 2015-12-16] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [451040 2015-12-18] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [155304 2015-12-16] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [273784 2015-12-16] (AVAST Software)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [91912 2013-11-12] (CyberLink)
R3 EvolveVirtualAdapter; C:\Windows\System32\drivers\evolve.sys [21656 2015-04-22] (Echobit, LLC)
R3 GPIO; C:\Windows\System32\drivers\iaiogpioe.sys [31232 2013-11-11] (Intel Corporation)
R3 Hamachi; C:\Windows\System32\drivers\Hamdrv.sys [45680 2015-08-03] (LogMeIn Inc.)
U5 iaStorA; C:\Windows\System32\Drivers\iaStorA.sys [670056 2014-07-14] (Intel Corporation)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [192216 2016-01-08] (Malwarebytes)
R0 MBI; C:\Windows\System32\drivers\MBI.sys [29464 2014-01-23] (Intel Corporation)
S3 pneteth; C:\Windows\System32\drivers\pneteth.sys [15360 2011-11-25] (June Fabrics Technology Inc.) [File not signed]
R3 RSP2STOR; C:\Windows\system32\DRIVERS\RtsP2Stor.sys [310528 2015-06-05] (Realtek Semiconductor Corp.)
R3 RTWlanE; C:\Windows\system32\DRIVERS\rtwlane.sys [4629744 2015-09-16] (Realtek Semiconductor Corporation )
S3 SmbDrv; C:\Windows\System32\drivers\Smb_driver_AMDASF.sys [32496 2014-09-17] (Synaptics Incorporated)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [42696 2015-07-17] (Synaptics Incorporated)
R3 TXEIx64; C:\Windows\System32\drivers\TXEIx64.sys [88592 2014-01-15] (Intel Corporation)
R3 vmulti; C:\Windows\System32\drivers\vmulti.sys [10752 2014-09-16] (Windows (R) Win 7 DDK provider)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)
R3 WirelessButtonDriver; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [20800 2013-07-22] (Hewlett-Packard Development Company, L.P.)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-01-08 16:29 - 2016-01-08 16:36 - 00009248 _____ C:\Users\Christian\Downloads\Fixlog.txt
2016-01-07 17:17 - 2016-01-07 17:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2016-01-05 15:29 - 2016-01-05 15:30 - 1454073644 _____ C:\Users\Christian\Downloads\jesuslord.wav
2016-01-04 18:32 - 2016-01-04 18:32 - 00000000 ____D C:\ProgramData\Office Timeline
2016-01-04 18:31 - 2016-01-04 18:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Office Timeline
2016-01-04 18:25 - 2016-01-04 18:25 - 10884144 _____ (Office Timeline LLC) C:\Users\Christian\Downloads\OfficeTimeline.exe
2016-01-04 18:25 - 2016-01-04 18:25 - 00000000 ____D C:\Program Files (x86)\Office Timeline
2016-01-04 15:21 - 2016-01-04 18:22 - 00001254 _____ C:\WINDOWS\Timeline Maker Pro
2016-01-04 15:21 - 2016-01-04 18:16 - 00000000 ____D C:\Users\Christian\Documents\My Timelines
2016-01-04 15:21 - 2016-01-04 15:21 - 00000000 ____D C:\Users\Christian\AppData\Roaming\Progeny Software Inc
2016-01-04 15:21 - 2016-01-04 15:21 - 00000000 ____D C:\Users\Christian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Timeline Maker Pro
2016-01-04 15:19 - 2016-01-04 15:21 - 21892344 _____ (Progeny Software Inc.) C:\Users\Christian\Downloads\TimelineMakerPro_3-1-99_Install.exe
2016-01-03 18:33 - 2016-01-03 18:33 - 00527423 _____ ( ) C:\Users\Christian\Downloads\Lame_v3.99.3_for_Windows.exe
2016-01-03 18:33 - 2016-01-03 18:33 - 00202295 _____ C:\Users\Christian\Downloads\libmp3lame-win-3.99.3.zip
2016-01-02 03:41 - 2016-01-02 03:41 - 00000000 ____D C:\Users\Christian\AppData\LocalLow\Hinterland
2016-01-02 03:41 - 2016-01-02 03:41 - 00000000 ____D C:\Users\Christian\AppData\Local\Hinterland
2015-12-31 17:49 - 2015-12-31 17:49 - 00000222 _____ C:\Users\Christian\Desktop\The Long Dark.url
2015-12-31 17:48 - 2015-12-31 17:49 - 00000222 _____ C:\Users\Christian\Desktop\Papers, Please.url
2015-12-31 17:43 - 2015-12-31 17:43 - 00000222 _____ C:\Users\Christian\Desktop\Fallout 4.url
2015-12-30 15:50 - 2015-12-30 18:13 - 02348859 _____ C:\Users\Christian\Downloads\Stack a' Memes.zip
2015-12-29 01:37 - 2015-12-29 02:34 - 4013373120 ____R C:\Users\Christian\Desktop\Summer Wars [Blu-Ray 1080p][Dual Audio].mkv
2015-12-27 17:31 - 2015-12-27 17:31 - 00000000 ____D C:\Users\Christian\AppData\Local\LogMeIn
2015-12-27 04:50 - 2015-12-27 04:50 - 02370560 _____ (Farbar) C:\Users\Christian\Downloads\FRST64 (1).exe
2015-12-25 22:31 - 2015-12-25 22:35 - 00050498 _____ C:\Users\Christian\Downloads\Addition.txt
2015-12-25 22:28 - 2016-01-08 17:29 - 00023041 _____ C:\Users\Christian\Downloads\FRST.txt
2015-12-25 22:28 - 2016-01-08 17:28 - 00000000 ____D C:\FRST
2015-12-25 22:27 - 2015-12-25 22:27 - 02370560 _____ (Farbar) C:\Users\Christian\Downloads\FRST64.exe
2015-12-24 18:40 - 2016-01-08 16:45 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-12-24 18:40 - 2015-12-24 18:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-12-24 18:40 - 2015-12-24 18:40 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-12-24 18:40 - 2015-12-24 18:40 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-12-24 18:40 - 2015-10-05 09:50 - 00109272 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2015-12-24 18:40 - 2015-10-05 09:50 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2015-12-24 18:40 - 2015-10-05 09:50 - 00025816 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2015-12-24 17:30 - 2015-12-24 17:30 - 00041080 _____ C:\WINDOWS\system32\Drivers\hitmanpro37.sys
2015-12-24 17:26 - 2015-12-24 18:35 - 00000000 ____D C:\ProgramData\HitmanPro
2015-12-20 18:28 - 2015-12-20 18:28 - 00000000 ____D C:\Users\Christian\AppData\Local\CustomCraftingStation
2015-12-19 15:50 - 2015-12-19 15:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2015-12-19 15:50 - 2015-12-19 15:50 - 00000000 ____D C:\Program Files\7-Zip
2015-12-17 22:18 - 2015-12-06 20:58 - 24601600 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-12-17 22:17 - 2015-12-06 21:57 - 00973664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2015-12-17 22:17 - 2015-12-06 21:55 - 01281376 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2015-12-17 22:17 - 2015-12-06 21:49 - 00412512 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifitask.exe
2015-12-17 22:17 - 2015-12-06 21:48 - 02544256 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2015-12-17 22:17 - 2015-12-06 21:48 - 02180136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2015-12-17 22:17 - 2015-12-06 21:48 - 01299504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetsrc.dll
2015-12-17 22:17 - 2015-12-06 21:48 - 01155944 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2015-12-17 22:17 - 2015-12-06 21:48 - 01118208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll
2015-12-17 22:17 - 2015-12-06 21:48 - 01092456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2015-12-17 22:17 - 2015-12-06 21:48 - 01065080 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2015-12-17 22:17 - 2015-12-06 21:48 - 01020096 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
2015-12-17 22:17 - 2015-12-06 21:48 - 00983464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2015-12-17 22:17 - 2015-12-06 21:48 - 00884256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2015-12-17 22:17 - 2015-12-06 21:48 - 00823264 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2015-12-17 22:17 - 2015-12-06 21:48 - 00794888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll
2015-12-17 22:17 - 2015-12-06 21:48 - 00696160 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll
2015-12-17 22:17 - 2015-12-06 21:48 - 00670928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfds.dll
2015-12-17 22:17 - 2015-12-06 21:48 - 00526856 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfreadwrite.dll
2015-12-17 22:17 - 2015-12-06 21:48 - 00502112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll
2015-12-17 22:17 - 2015-12-06 21:48 - 00498448 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFCaptureEngine.dll
2015-12-17 22:17 - 2015-12-06 21:48 - 00462760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfreadwrite.dll
2015-12-17 22:17 - 2015-12-06 21:48 - 00450904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFCaptureEngine.dll
2015-12-17 22:17 - 2015-12-06 21:48 - 00337840 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFPlay.dll
2015-12-17 22:17 - 2015-12-06 21:48 - 00289248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFPlay.dll
2015-12-17 22:17 - 2015-12-06 21:48 - 00245848 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2015-12-17 22:17 - 2015-12-06 21:48 - 00115040 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupApi.dll
2015-12-17 22:17 - 2015-12-06 21:48 - 00084832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupApi.dll
2015-12-17 22:17 - 2015-12-06 21:47 - 00925064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2015-12-17 22:17 - 2015-12-06 21:47 - 00898184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll
2015-12-17 22:17 - 2015-12-06 21:47 - 00716928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2015-12-17 22:17 - 2015-12-06 21:47 - 00116720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfps.dll
2015-12-17 22:17 - 2015-12-06 21:46 - 03671888 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-12-17 22:17 - 2015-12-06 21:46 - 02919320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-12-17 22:17 - 2015-12-06 21:45 - 00264544 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll
2015-12-17 22:17 - 2015-12-06 21:15 - 01035776 _____ (Microsoft Corporation) C:\WINDOWS\system32\XboxNetApiSvc.dll
2015-12-17 22:17 - 2015-12-06 21:15 - 00075776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.XboxLive.ProxyStub.dll
2015-12-17 22:17 - 2015-12-06 21:10 - 00824320 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2015-12-17 22:17 - 2015-12-06 21:09 - 00133120 _____ (Microsoft Corporation) C:\WINDOWS\system32\flvprophandler.dll
2015-12-17 22:17 - 2015-12-06 21:09 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanagerprecheck.dll
2015-12-17 22:17 - 2015-12-06 21:09 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorageUsage.dll
2015-12-17 22:17 - 2015-12-06 21:07 - 16984064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2015-12-17 22:17 - 2015-12-06 21:07 - 00134656 _____ (Microsoft Corporation) C:\WINDOWS\system32\wificonnapi.dll
2015-12-17 22:17 - 2015-12-06 21:07 - 00077312 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProvPluginEng.dll
2015-12-17 22:17 - 2015-12-06 21:06 - 00572928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2015-12-17 22:17 - 2015-12-06 21:06 - 00231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCore.dll
2015-12-17 22:17 - 2015-12-06 21:06 - 00199168 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2015-12-17 22:17 - 2015-12-06 21:05 - 00192000 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
2015-12-17 22:17 - 2015-12-06 21:05 - 00036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\BackgroundTransferHost.exe
2015-12-17 22:17 - 2015-12-06 21:04 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshost.dll
2015-12-17 22:17 - 2015-12-06 21:04 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\provtool.exe
2015-12-17 22:17 - 2015-12-06 21:03 - 13017600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2015-12-17 22:17 - 2015-12-06 21:02 - 00269824 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshostcore.dll
2015-12-17 22:17 - 2015-12-06 21:02 - 00161280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2015-12-17 22:17 - 2015-12-06 21:01 - 00543232 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2015-12-17 22:17 - 2015-12-06 21:01 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BackgroundTransferHost.exe
2015-12-17 22:17 - 2015-12-06 21:00 - 00618496 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2015-12-17 22:17 - 2015-12-06 21:00 - 00323072 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSFlacDecoder.dll
2015-12-17 22:17 - 2015-12-06 21:00 - 00210432 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll
2015-12-17 22:17 - 2015-12-06 21:00 - 00203776 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll
2015-12-17 22:17 - 2015-12-06 20:59 - 00558080 _____ (Microsoft Corporation) C:\WINDOWS\system32\MBMediaManager.dll
2015-12-17 22:17 - 2015-12-06 20:59 - 00292352 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2015-12-17 22:17 - 2015-12-06 20:59 - 00286208 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll
2015-12-17 22:17 - 2015-12-06 20:59 - 00165376 _____ (Microsoft Corporation) C:\WINDOWS\system32\provdatastore.dll
2015-12-17 22:17 - 2015-12-06 20:58 - 00459776 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2015-12-17 22:17 - 2015-12-06 20:57 - 00409088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2015-12-17 22:17 - 2015-12-06 20:57 - 00387072 _____ (Microsoft Corporation) C:\WINDOWS\system32\qdvd.dll
2015-12-17 22:17 - 2015-12-06 20:57 - 00270848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSFlacDecoder.dll
2015-12-17 22:17 - 2015-12-06 20:56 - 00607232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2015-12-17 22:17 - 2015-12-06 20:56 - 00497152 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmkvsrcsnk.dll
2015-12-17 22:17 - 2015-12-06 20:55 - 07979008 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2015-12-17 22:17 - 2015-12-06 20:55 - 00346112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
2015-12-17 22:17 - 2015-12-06 20:54 - 00850432 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2015-12-17 22:17 - 2015-12-06 20:54 - 00569856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qdvd.dll
2015-12-17 22:17 - 2015-12-06 20:53 - 19339264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-12-17 22:17 - 2015-12-06 20:53 - 00381952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmkvsrcsnk.dll
2015-12-17 22:17 - 2015-12-06 20:51 - 01318912 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2015-12-17 22:17 - 2015-12-06 20:51 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapibase.dll
2015-12-17 22:17 - 2015-12-06 20:50 - 01131520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Audio.dll
2015-12-17 22:17 - 2015-12-06 20:49 - 01105920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Audio.dll
2015-12-17 22:17 - 2015-12-06 20:48 - 06297088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2015-12-17 22:17 - 2015-12-06 20:47 - 03428864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2015-12-17 22:17 - 2015-12-06 20:45 - 02582016 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2015-12-17 22:17 - 2015-12-06 20:45 - 00900608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.dll
2015-12-17 22:17 - 2015-12-06 20:45 - 00683008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.BackgroundTransfer.dll
2015-12-17 22:17 - 2015-12-06 20:44 - 02796032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2015-12-17 22:17 - 2015-12-06 20:43 - 02598400 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2015-12-17 22:17 - 2015-12-06 20:43 - 00931328 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSMPEG2ENC.DLL
2015-12-17 22:17 - 2015-12-06 20:41 - 02061824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2015-12-17 22:17 - 2015-12-06 20:40 - 03593216 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2015-12-17 22:17 - 2015-12-06 20:40 - 01995776 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncProvider.dll
2015-12-17 22:17 - 2015-12-06 20:40 - 01706496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActiveSyncProvider.dll
2015-12-17 22:17 - 2015-12-06 20:39 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2015-12-17 22:17 - 2015-12-06 20:38 - 00871936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSMPEG2ENC.DLL
2015-12-17 22:17 - 2015-12-06 20:33 - 00375296 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDEServer.exe
2015-12-17 22:17 - 2015-12-06 20:32 - 00126464 _____ (Microsoft Corporation) C:\WINDOWS\system32\dialserver.dll
2015-12-17 18:42 - 2015-12-17 18:42 - 00001456 _____ C:\Users\Christian\AppData\Local\Adobe Save for Web 13.0 Prefs
2015-12-17 17:40 - 2015-12-24 16:58 - 00000000 ____D C:\AdwCleaner
2015-12-16 21:23 - 2015-12-16 21:23 - 00386096 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2015-12-16 21:23 - 2015-12-16 21:23 - 00043112 _____ (AVAST Software) C:\WINDOWS\avastSS.scr
2015-12-16 21:22 - 2015-12-16 21:22 - 00466400 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswNdisFlt.sys
2015-12-14 17:46 - 2015-12-14 17:46 - 00000000 ____D C:\Users\Christian\AppData\Local\Starbound Composer
2015-12-14 17:45 - 2015-12-14 17:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Starbound Composer
2015-12-14 15:58 - 2015-12-14 16:16 - 00000000 ____D C:\fc036e49596f6d4f46f5b2c274
2015-12-10 18:14 - 2015-12-10 18:14 - 00000000 ____D C:\Users\Christian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-12-10 11:36 - 2015-12-10 11:36 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2015-12-09 15:02 - 2015-12-09 15:02 - 00000000 ____D C:\Users\Christian\AppData\Local\ActiveSync
2015-12-09 15:00 - 2015-12-09 15:00 - 00000020 ___SH C:\Users\Christian\ntuser.ini
2015-12-09 06:57 - 2015-12-09 06:52 - 00000000 ___DC C:\WINDOWS\Panther
2015-12-09 06:51 - 2015-12-09 06:51 - 00000000 _SHDL C:\Users\Default\My Documents
2015-12-09 06:51 - 2015-12-09 06:51 - 00000000 _SHDL C:\Users\Default\Documents\My Videos
2015-12-09 06:51 - 2015-12-09 06:51 - 00000000 _SHDL C:\Users\Default\Documents\My Pictures
2015-12-09 06:51 - 2015-12-09 06:51 - 00000000 _SHDL C:\Users\Default\Documents\My Music
2015-12-09 06:51 - 2015-12-09 06:51 - 00000000 _SHDL C:\Users\Default User\Documents\My Videos
2015-12-09 06:51 - 2015-12-09 06:51 - 00000000 _SHDL C:\Users\Default User\Documents\My Pictures
2015-12-09 06:51 - 2015-12-09 06:51 - 00000000 _SHDL C:\Users\Default User\Documents\My Music
2015-12-09 06:51 - 2015-12-09 06:51 - 00000000 ____D C:\Windows.old
2015-12-09 06:49 - 2015-12-09 06:49 - 22572632 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 22393856 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 21125408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 18678272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 13381120 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 12125184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 11545088 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 09918976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 07476576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2015-12-09 06:49 - 2015-12-09 06:49 - 07199232 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 06572032 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanmm.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 05202944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 03993600 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 03355136 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 02843136 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 02772584 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 02756096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2015-12-09 06:49 - 2015-12-09 06:49 - 02756096 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2015-12-09 06:49 - 2015-12-09 06:49 - 02680320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 02653816 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 02647552 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 02624512 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 02444288 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 02352128 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 02280448 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 02185840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 02155008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 02152800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2015-12-09 06:49 - 2015-12-09 06:49 - 02126848 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2015-12-09 06:49 - 2015-12-09 06:49 - 02121216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 02049024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2015-12-09 06:49 - 2015-12-09 06:49 - 02001408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 01944576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 01860096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 01859448 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 01817160 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 01814528 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnidui.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 01734656 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 01717248 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 01713664 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRHInproc.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 01648640 _____ (Microsoft Corporation) C:\WINDOWS\system32\comsvcs.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 01540768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 01505280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 01467392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 01443328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRHInproc.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 01399224 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 01395200 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 01393664 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2015-12-09 06:49 - 2015-12-09 06:49 - 01387008 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 01337240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 01328128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comsvcs.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 01268736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 01268736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 01223168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 01212928 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 01139200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 01063424 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 01056256 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 01042432 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingOnlineServices.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 00988160 _____ (Microsoft Corporation) C:\WINDOWS\system32\NMAA.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 00969728 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 00957440 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 00948224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 00948224 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthManager.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 00938496 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 00912384 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgr.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 00911648 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcomp.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 00870400 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 00870400 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 00809312 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2015-12-09 06:49 - 2015-12-09 06:49 - 00803840 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 00795840 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 00793600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 00791552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 00784896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NMAA.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 00783360 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 00711680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlCore.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 00709120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingOnlineServices.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 00704352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2015-12-09 06:49 - 2015-12-09 06:49 - 00704000 _____ (Microsoft Corporation) C:\WINDOWS\system32\CellularAPI.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 00698208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimgapi.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 00697856 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToManager.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 00686592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 00675064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dcomp.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 00674816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 00647168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 00638464 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 00630632 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2015-12-09 06:49 - 2015-12-09 06:49 - 00623616 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneProviders.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 00604928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2015-12-09 06:49 - 2015-12-09 06:49 - 00604672 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 00589312 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApi.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 00586208 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 00586080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wimgapi.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 00578912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys
2015-12-09 06:49 - 2015-12-09 06:49 - 00540752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2015-12-09 06:49 - 2015-12-09 06:49 - 00538632 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWanAPI.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 00536768 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 00523776 _____ (Microsoft Corporation) C:\WINDOWS\system32\catsrvut.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 00523616 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimserv.exe
2015-12-09 06:49 - 2015-12-09 06:49 - 00517632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToManager.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 00517632 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2015-12-09 06:49 - 2015-12-09 06:49 - 00516544 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 00515584 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 00511320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 00490496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 00470528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApi.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 00465920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanconn.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 00458752 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToDevice.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 00454056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 00450560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 00440160 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2015-12-09 06:49 - 2015-12-09 06:49 - 00431232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWanAPI.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 00421888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LogonController.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 00416768 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 00415744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\catsrvut.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 00414720 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe
2015-12-09 06:49 - 2015-12-09 06:49 - 00408128 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 00405048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 00400896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2015-12-09 06:49 - 2015-12-09 06:49 - 00382464 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 00369912 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2015-12-09 06:49 - 2015-12-09 06:49 - 00366224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 00365568 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 00345600 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 00342016 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorService.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 00340480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToDevice.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 00334848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 00334736 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 00334336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.exe
2015-12-09 06:49 - 2015-12-09 06:49 - 00320000 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptngc.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 00315904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Bluetooth.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 00303104 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 00296488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 00286720 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceaccess.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 00275456 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 00264192 _____ (Nokia) C:\WINDOWS\system32\NmaDirect.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 00248832 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserMgrProxy.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 00245760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TextInputFramework.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 00241664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptngc.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 00227840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\deviceaccess.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 00220672 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2015-12-09 06:49 - 2015-12-09 06:49 - 00205824 _____ (Nokia) C:\WINDOWS\SysWOW64\NmaDirect.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 00204800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft-Windows-AppModelExecEvents.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 00182784 _____ (Microsoft Corporation) C:\WINDOWS\system32\shutdownux.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmmigrator.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 00166912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserMgrProxy.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 00163328 _____ (Microsoft Corporation) C:\WINDOWS\system32\provops.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 00162304 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringservice.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 00162304 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2015-12-09 06:49 - 2015-12-09 06:49 - 00161632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2015-12-09 06:49 - 2015-12-09 06:49 - 00160768 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 00157184 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcertinst.exe
2015-12-09 06:49 - 2015-12-09 06:49 - 00147968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rmcast.sys
2015-12-09 06:49 - 2015-12-09 06:49 - 00138240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ETWCoreUIComponentsResources.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 00138240 _____ (Microsoft Corporation) C:\WINDOWS\system32\ETWCoreUIComponentsResources.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 00133632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 00122368 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCsp.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 00119808 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvc.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 00118624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tdx.sys
2015-12-09 06:49 - 2015-12-09 06:49 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 00117248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\capimg.sys
2015-12-09 06:49 - 2015-12-09 06:49 - 00115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2015-12-09 06:49 - 2015-12-09 06:49 - 00114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinelsa.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 00110592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Microsoft-Windows-MapControls.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 00110592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft-Windows-MapControls.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 00110032 _____ (Microsoft Corporation) C:\WINDOWS\system32\EncDump.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 00108544 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputLocaleManager.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 00100864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offlinelsa.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 00095072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdstor.sys
2015-12-09 06:49 - 2015-12-09 06:49 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 00092352 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsNativeApi.V2.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 00089600 _____ (Microsoft Corporation) C:\WINDOWS\system32\NFCProvisioningPlugin.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsCSP.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 00088392 _____ (Microsoft Corporation) C:\WINDOWS\system32\remoteaudioendpoint.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzautoupdate.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 00086528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapsBtSvc.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 00086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppCapture.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 00083456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputLocaleManager.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 00080600 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwapi.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 00078336 _____ (Microsoft Corporation) C:\WINDOWS\system32\BarcodeProvisioningPlugin.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 00075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanprotdim.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 00075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditBufferTestHook.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 00074240 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssign32.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 00073728 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwancfg.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 00073360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\remoteaudioendpoint.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 00072704 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosStorage.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppCapture.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthManagerProxy.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininetlui.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininetlui.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosHostClient.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\ihvrilproxy.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 00063528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wwapi.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 00060928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssign32.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 00060928 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthTokenBrokerExt.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EditBufferTestHook.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 00058408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsNativeApi.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosStorage.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosResource.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosResource.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 00055808 _____ (Microsoft Corporation) C:\WINDOWS\system32\rilproxy.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringclient.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemovableMediaProvisioningPlugin.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wwanpref.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 00051680 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsUtilsV2.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XblAuthTokenBrokerExt.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosHostClient.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 00045568 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 00044032 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsplib.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 00043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.proxy.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 00042496 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapstoasttask.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 00041984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XblAuthManagerProxy.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 00037376 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2015-12-09 06:49 - 2015-12-09 06:49 - 00037376 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 00036352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCoreRes.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 00036352 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCoreRes.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 00035680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wimmount.sys
2015-12-09 06:49 - 2015-12-09 06:49 - 00035656 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfpmp.exe
2015-12-09 06:49 - 2015-12-09 06:49 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 00032256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 00032040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfpmp.exe
2015-12-09 06:49 - 2015-12-09 06:49 - 00030720 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringconfigsp.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe
2015-12-09 06:49 - 2015-12-09 06:49 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\WordBreakers.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapsupdatetask.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 00028160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.Provisioning.ProxyStub.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 00028160 _____ (Microsoft Corporation) C:\WINDOWS\system32\nativemap.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.proxy.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 00026408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2015-12-09 06:49 - 2015-12-09 06:49 - 00024064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WordBreakers.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 00018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\wshrm.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\IcsEntitlementHost.exe
2015-12-09 06:49 - 2015-12-09 06:49 - 00014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\dciman32.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvcProxy.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 00011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dciman32.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Microsoft-Windows-MosTrace.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft-Windows-MosTrace.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 00009728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Microsoft-Windows-MosHost.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 00009728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft-Windows-MosHost.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 00007680 _____ (Microsoft Corporation) C:\WINDOWS\system32\readingviewresources.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 00003072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlStringsRes.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 00003072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\lpk.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 00003072 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlStringsRes.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 00003072 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpk.dll
2015-12-09 06:45 - 2015-12-09 06:45 - 00008192 _____ C:\WINDOWS\system32\config\userdiff
2015-12-09 06:42 - 2016-01-08 16:37 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-12-09 06:42 - 2015-12-09 06:42 - 00000000 ____D C:\Program Files\Reference Assemblies
2015-12-09 06:42 - 2015-12-09 06:42 - 00000000 ____D C:\Program Files\MSBuild
2015-12-09 06:42 - 2015-12-09 06:42 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
2015-12-09 06:42 - 2015-12-09 06:42 - 00000000 ____D C:\Program Files (x86)\MSBuild
2015-12-09 06:42 - 2015-12-09 06:42 - 00000000 ____D C:\inetpub
2015-12-09 06:41 - 2015-10-23 18:47 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2015-12-09 06:41 - 2015-10-23 18:47 - 00103120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-12-09 06:41 - 2015-10-23 18:47 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2015-12-09 06:41 - 2015-10-23 18:46 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2015-12-09 06:41 - 2015-10-23 18:46 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2015-12-09 06:41 - 2015-10-23 18:45 - 00124624 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2015-12-09 06:25 - 2015-12-09 06:25 - 00000000 ____D C:\Users\Default\Documents\hp.system.package.metadata
2015-12-09 06:25 - 2015-12-09 06:25 - 00000000 ____D C:\Users\Default\Documents\hp.applications.package.appdata
2015-12-09 06:25 - 2015-12-09 06:25 - 00000000 ____D C:\Users\Default\AppData\Roaming\Macromedia
2015-12-09 06:25 - 2015-12-09 06:25 - 00000000 ____D C:\Users\Default User\Documents\hp.system.package.metadata
2015-12-09 06:25 - 2015-12-09 06:25 - 00000000 ____D C:\Users\Default User\Documents\hp.applications.package.appdata
2015-12-09 06:25 - 2015-12-09 06:25 - 00000000 ____D C:\Users\Default User\AppData\Roaming\Macromedia
2015-12-09 06:24 - 2015-12-24 19:01 - 00001483 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2015-12-09 06:18 - 2015-12-09 06:26 - 00000000 ____D C:\WINDOWS\system32\config\bbimigrate
2015-12-09 06:07 - 2016-01-08 15:30 - 00000000 ____D C:\Users\Christian
2015-12-09 06:07 - 2015-12-24 17:07 - 00972104 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-12-09 06:07 - 2015-12-09 06:07 - 00000000 _SHDL C:\Users\Christian\My Documents
2015-12-09 06:07 - 2015-12-09 06:07 - 00000000 _SHDL C:\Users\Christian\Documents\My Videos
2015-12-09 06:07 - 2015-12-09 06:07 - 00000000 _SHDL C:\Users\Christian\Documents\My Pictures
2015-12-09 06:07 - 2015-12-09 06:07 - 00000000 _SHDL C:\Users\Christian\Documents\My Music
2015-12-09 06:06 - 2015-12-09 06:06 - 00929278 _____ C:\WINDOWS\SysWOW64\PerfStringBackup.INI
2015-12-09 06:03 - 2015-12-09 06:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Music, Photos and Videos
2015-12-09 06:03 - 2015-12-09 06:19 - 00000000 ____D C:\Program Files\Intel
2015-12-09 06:03 - 2015-12-09 06:03 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_SynTP_01011.Wdf
2015-12-09 06:03 - 2015-12-09 06:03 - 00000000 ____D C:\WINDOWS\SysWOW64\sda
2015-12-09 06:03 - 2015-12-09 06:03 - 00000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2015-12-09 06:03 - 2015-12-09 06:03 - 00000000 ____D C:\WINDOWS\system32\SRSLabs
2015-12-09 06:03 - 2015-12-09 06:03 - 00000000 ____D C:\Program Files\Realtek
2015-12-09 06:03 - 2015-11-01 18:25 - 00072704 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.DLL
2015-12-09 06:03 - 2015-11-01 18:25 - 00069120 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.DLL
2015-12-09 06:02 - 2015-12-09 06:02 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_Smb_driver_Intel_01011.Wdf
2015-12-09 06:02 - 2015-12-09 06:02 - 00000000 ____D C:\Program Files\Synaptics
2015-12-09 06:01 - 2015-10-30 00:17 - 02718208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2015-12-09 05:58 - 2015-12-09 06:28 - 04966128 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2015-12-09 00:52 - 2015-12-09 06:17 - 00000000 ____D C:\Users\Christian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\UnH Solutions
2015-12-09 00:52 - 2015-12-09 00:52 - 00000000 ____D C:\Program Files (x86)\UnH Solutions

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-01-08 17:29 - 2015-06-17 16:18 - 00000956 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-3915831028-228235209-3607861613-1001UA.job
2016-01-08 17:26 - 2015-04-22 19:49 - 00000928 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-01-08 17:21 - 2015-04-22 20:07 - 00000000 ____D C:\Users\Christian\AppData\Roaming\Skype
2016-01-08 16:48 - 2015-04-22 19:37 - 00000000 ____D C:\Users\Christian\Documents\Youcam
2016-01-08 16:43 - 2015-04-22 23:07 - 00000000 ___RD C:\Users\Christian\Dropbox
2016-01-08 16:41 - 2015-04-22 23:03 - 00000000 ____D C:\Users\Christian\AppData\Roaming\Dropbox
2016-01-08 16:40 - 2015-04-22 19:55 - 00000000 ____D C:\Program Files (x86)\Steam
2016-01-08 16:40 - 2015-04-22 19:49 - 00000924 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-01-08 16:39 - 2015-04-22 19:33 - 00000000 __SHD C:\Users\Christian\IntelGraphicsProfiles
2016-01-08 16:37 - 2015-10-29 23:28 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2016-01-08 16:06 - 2015-05-24 18:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2016-01-08 16:06 - 2015-05-24 18:51 - 00000000 ____D C:\Program Files (x86)\Java
2016-01-08 11:15 - 2015-10-30 00:24 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-01-08 07:25 - 2015-10-30 00:24 - 00000000 ___HD C:\Program Files\WindowsApps
2016-01-08 07:19 - 2015-05-08 15:12 - 00000000 ____D C:\Users\Christian\AppData\Local\Adobe
2016-01-07 17:17 - 2015-08-23 01:24 - 00000000 ___RD C:\Program Files (x86)\Skype
2016-01-07 17:17 - 2015-04-22 20:07 - 00002640 _____ C:\Users\Public\Desktop\Skype.lnk
2016-01-07 17:17 - 2015-04-22 20:07 - 00000000 ____D C:\Users\Christian\AppData\Local\Skype
2016-01-07 17:17 - 2015-04-22 20:07 - 00000000 ____D C:\ProgramData\Skype
2016-01-06 20:01 - 2015-08-10 18:45 - 00000600 _____ C:\Users\Christian\AppData\Roaming\winscp.rnd
2016-01-06 20:01 - 2015-06-10 11:06 - 00000600 _____ C:\Users\Christian\AppData\Local\PUTTY.RND
2016-01-06 00:29 - 2015-06-17 16:18 - 00000904 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-3915831028-228235209-3607861613-1001Core.job
2016-01-06 00:04 - 2015-10-30 00:11 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-01-05 23:47 - 2015-05-21 17:58 - 00000000 ____D C:\Program Files (x86)\SAI
2016-01-05 21:35 - 2015-10-30 00:21 - 00000000 ____D C:\WINDOWS\INF
2016-01-04 18:27 - 2015-10-30 00:24 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2016-01-04 15:21 - 2015-10-29 23:28 - 00000000 ____D C:\Windows
2016-01-03 22:26 - 2015-08-30 00:53 - 00000000 ____D C:\Users\Christian\AppData\Roaming\Audacity
2016-01-02 18:40 - 2015-10-30 00:26 - 00826872 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-01-02 18:40 - 2015-10-30 00:26 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2016-01-02 03:41 - 2014-12-09 20:33 - 00000000 ____D C:\ProgramData\Package Cache
2016-01-01 05:18 - 2015-04-26 12:19 - 00000000 ____D C:\Users\Christian\AppData\Local\SBSE
2015-12-31 17:49 - 2015-04-22 20:06 - 00000000 ____D C:\Users\Christian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2015-12-31 03:04 - 2015-05-21 02:19 - 00000000 ____D C:\Users\Christian\AppData\Roaming\vlc
2015-12-29 21:38 - 2015-04-28 23:52 - 00000000 ____D C:\Users\Christian\AppData\Roaming\starcheat
2015-12-29 01:51 - 2015-04-28 21:08 - 00000000 ____D C:\Users\Christian\AppData\Roaming\TS3Client
2015-12-28 16:55 - 2015-04-25 21:28 - 00000000 ____D C:\Users\Christian\AppData\Local\LogMeIn Hamachi
2015-12-27 17:31 - 2015-04-25 20:54 - 00000000 ____D C:\ProgramData\LogMeIn
2015-12-25 23:25 - 2015-04-28 23:32 - 00000000 ____D C:\Users\Christian\Desktop\SB Tools
2015-12-24 19:01 - 2015-11-22 19:16 - 00001217 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast SafeZone Browser.lnk
2015-12-24 19:01 - 2015-11-22 15:01 - 00002018 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Internet Security.lnk
2015-12-24 19:01 - 2015-08-30 00:35 - 00001043 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity.lnk
2015-12-24 19:01 - 2015-08-10 18:40 - 00001105 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinSCP.lnk
2015-12-24 19:01 - 2015-07-29 16:52 - 00002392 _____ C:\Users\Christian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2015-12-24 19:01 - 2015-06-11 22:18 - 00001050 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIF Viewer.lnk
2015-12-24 19:01 - 2015-06-05 21:09 - 00001130 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CS6 (64 Bit).lnk
2015-12-24 19:01 - 2015-06-05 21:07 - 00001364 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Extension Manager CS6.lnk
2015-12-24 19:01 - 2015-05-22 19:32 - 00001112 _____ C:\Users\Christian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\join.me.lnk
2015-12-24 19:01 - 2015-05-21 01:55 - 00001166 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-12-24 19:01 - 2015-05-08 15:50 - 00001253 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe After Effects CS6.lnk
2015-12-24 19:01 - 2015-05-08 15:48 - 00001092 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge CS6 (64bit).lnk
2015-12-24 19:01 - 2015-05-08 15:47 - 00001534 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe ExtendScript Toolkit CS6.lnk
2015-12-24 19:01 - 2015-05-08 15:46 - 00001145 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Media Encoder CS6.lnk
2015-12-24 19:01 - 2015-05-08 15:26 - 00001008 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Help.lnk
2015-12-24 19:01 - 2015-04-26 12:19 - 00001254 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SBSE Desktop.lnk
2015-12-24 19:01 - 2015-04-25 23:22 - 00000486 _____ C:\Users\Christian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Removable Disk (G).lnk
2015-12-24 19:01 - 2015-04-22 22:27 - 00001099 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\paint.net.lnk
2015-12-24 19:01 - 2015-04-22 21:14 - 00002030 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Evolve.lnk
2015-12-24 19:00 - 2015-11-24 18:19 - 00001490 _____ C:\Users\Christian\Desktop\UNDERTALE.lnk
2015-12-24 19:00 - 2015-11-20 22:33 - 00002119 _____ C:\Users\Christian\Desktop\Nexon Launcher.lnk
2015-12-24 19:00 - 2015-10-30 00:24 - 00000000 ____D C:\WINDOWS\Resources
2015-12-24 19:00 - 2015-09-01 20:22 - 00001097 _____ C:\Users\Christian\Desktop\Notepad++.lnk
2015-12-24 19:00 - 2015-08-10 18:40 - 00001049 _____ C:\Users\Public\Desktop\WinSCP.lnk
2015-12-24 19:00 - 2015-07-25 23:49 - 00002012 _____ C:\Users\Public\Desktop\Avast Internet Security.lnk
2015-12-24 19:00 - 2015-06-05 21:15 - 00001746 _____ C:\Users\Christian\Desktop\Adobe Photoshop CS6.lnk
2015-12-24 19:00 - 2015-06-01 14:30 - 00001714 _____ C:\Users\Public\Desktop\BYOND.lnk
2015-12-24 19:00 - 2015-05-24 17:24 - 00000917 _____ C:\Users\Public\Desktop\TabletDriver.lnk
2015-12-24 19:00 - 2015-05-22 19:32 - 00001106 _____ C:\Users\Christian\Desktop\join.me.lnk
2015-12-24 19:00 - 2015-05-22 14:46 - 00000974 _____ C:\Users\Public\Desktop\Minecraft.lnk
2015-12-24 19:00 - 2015-05-21 18:08 - 00000954 _____ C:\Users\Christian\Desktop\SAI.lnk
2015-12-24 19:00 - 2015-05-21 01:55 - 00001160 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-12-24 19:00 - 2015-05-10 05:00 - 00001409 _____ C:\Users\Christian\Desktop\Dimmer.lnk
2015-12-24 19:00 - 2015-05-08 17:06 - 00001253 _____ C:\Users\Christian\Desktop\Adobe After Effects CS6.lnk
2015-12-24 19:00 - 2015-04-28 21:08 - 00001275 _____ C:\Users\Christian\Desktop\TeamSpeak 3 Client.lnk
2015-12-24 19:00 - 2015-04-26 14:36 - 00001134 _____ C:\Users\Christian\Desktop\Instant Eyedropper.lnk
2015-12-24 19:00 - 2015-04-26 12:19 - 00001248 _____ C:\Users\Public\Desktop\SBSE Desktop.lnk
2015-12-24 19:00 - 2015-04-24 19:28 - 00001052 _____ C:\Users\Public\Desktop\Gyazo.lnk
2015-12-24 19:00 - 2015-04-24 19:28 - 00001052 _____ C:\Users\Public\Desktop\Gyazo GIF.lnk
2015-12-24 19:00 - 2015-04-22 23:07 - 00001077 _____ C:\Users\Christian\Desktop\Dropbox.lnk
2015-12-24 19:00 - 2015-04-22 22:27 - 00001093 _____ C:\Users\Public\Desktop\paint.net.lnk
2015-12-24 19:00 - 2015-04-22 21:14 - 00002024 _____ C:\Users\Public\Desktop\Evolve.lnk
2015-12-24 19:00 - 2015-04-22 19:55 - 00000976 _____ C:\Users\Public\Desktop\Steam.lnk
2015-12-24 19:00 - 2015-04-22 19:50 - 00002261 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-12-24 19:00 - 2015-04-22 19:33 - 00001332 _____ C:\Users\Public\Desktop\HP Smart Friend.lnk
2015-12-24 19:00 - 2015-04-11 23:58 - 00002033 _____ C:\Users\Public\Desktop\Connected Drive.lnk
2015-12-24 19:00 - 2015-04-11 23:57 - 00001630 _____ C:\Users\Public\Desktop\Connected Photo.lnk
2015-12-24 19:00 - 2015-04-11 23:34 - 00002017 _____ C:\Users\Public\Desktop\Connected Music.lnk
2015-12-22 05:17 - 2015-10-30 00:24 - 00000000 ____D C:\WINDOWS\system32\appraiser
2015-12-22 05:17 - 2015-10-30 00:24 - 00000000 ____D C:\WINDOWS\Provisioning
2015-12-22 05:17 - 2015-10-30 00:24 - 00000000 ____D C:\WINDOWS\bcastdvr
2015-12-21 02:42 - 2015-08-11 03:31 - 00000000 ____D C:\Users\Christian\AppData\Local\DrawablesFinal
2015-12-19 15:45 - 2015-11-06 20:22 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-12-18 15:52 - 2015-07-25 23:48 - 00451040 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsp.sys
2015-12-18 15:52 - 2015-07-25 23:48 - 00097648 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswmonflt.sys
2015-12-17 18:26 - 2015-04-22 19:33 - 00000000 ____D C:\Users\Christian\AppData\Roaming\Adobe
2015-12-17 17:58 - 2015-08-16 20:21 - 00000000 ____D C:\Users\Christian\AppData\Local\CrashDumps
2015-12-17 17:51 - 2015-11-22 19:16 - 00003152 _____ C:\WINDOWS\System32\Tasks\SafeZone scheduled Autoupdate 1448244999
2015-12-16 21:23 - 2015-07-25 23:48 - 00273784 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2015-12-16 21:23 - 2015-07-25 23:48 - 00155304 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2015-12-16 21:23 - 2015-07-25 23:48 - 00093528 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2015-12-16 21:23 - 2015-07-25 23:48 - 00065224 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2015-12-16 21:23 - 2015-07-25 23:48 - 00028656 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHwid.sys
2015-12-16 21:23 - 2015-07-25 23:48 - 00004006 _____ C:\WINDOWS\System32\Tasks\avast! Emergency Update
2015-12-16 21:22 - 2015-07-25 23:48 - 01055560 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2015-12-16 21:22 - 2015-07-25 23:48 - 00028144 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2015-12-16 15:05 - 2015-04-22 19:33 - 00000000 ____D C:\Users\Christian\AppData\Local\Packages
2015-12-14 16:16 - 2015-04-28 15:16 - 00000000 ____D C:\WINDOWS\system32\MRT
2015-12-14 15:58 - 2015-04-28 15:15 - 140158008 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-12-13 23:14 - 2015-09-16 23:29 - 00000000 ___RD C:\Users\Christian\3D Objects
2015-12-10 04:54 - 2015-10-30 00:24 - 00000000 ____D C:\WINDOWS\appcompat
2015-12-09 15:21 - 2015-10-30 00:24 - 00000000 ___RD C:\WINDOWS\DevicesFlow
2015-12-09 15:10 - 2015-04-22 19:41 - 00000000 ___RD C:\Users\Christian\OneDrive
2015-12-09 15:03 - 2015-10-30 00:24 - 00000000 ___RD C:\WINDOWS\PrintDialog
2015-12-09 15:03 - 2015-10-30 00:24 - 00000000 ___RD C:\WINDOWS\MiracastView
2015-12-09 15:02 - 2015-10-30 00:24 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2015-12-09 15:01 - 2015-04-23 03:22 - 00000000 __RHD C:\Users\Public\AccountPictures
2015-12-09 15:00 - 2015-10-30 00:24 - 00000000 ____D C:\WINDOWS\rescache
2015-12-09 15:00 - 2015-07-29 16:37 - 00000451 _____ C:\WINDOWS\system32\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat
2015-12-09 06:57 - 2015-10-30 00:24 - 00028672 _____ C:\WINDOWS\system32\config\BCD-Template
2015-12-09 06:50 - 2015-10-30 00:24 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2015-12-09 06:50 - 2015-10-29 23:28 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism
2015-12-09 06:50 - 2015-10-29 23:28 - 00000000 ____D C:\WINDOWS\system32\Dism
2015-12-09 06:50 - 2015-07-29 02:16 - 00019053 _____ C:\WINDOWS\diagwrn.xml
2015-12-09 06:50 - 2015-07-29 02:16 - 00019053 _____ C:\WINDOWS\diagerr.xml
2015-12-09 06:48 - 2015-10-30 00:24 - 00000000 ____D C:\WINDOWS\Registration
2015-12-09 06:47 - 2015-10-30 00:24 - 00000000 ____D C:\WINDOWS\system32\WinBioDatabase
2015-12-09 06:43 - 2015-07-29 16:25 - 00022840 _____ C:\WINDOWS\system32\emptyregdb.dat
2015-12-09 06:43 - 2015-07-21 14:41 - 00002436 _____ C:\WINDOWS\System32\Tasks\McAfee Remediation (Prepare)
2015-12-09 06:43 - 2015-06-17 16:18 - 00003298 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskUserS-1-5-21-3915831028-228235209-3607861613-1001Core
2015-12-09 06:43 - 2015-05-21 15:48 - 00002390 _____ C:\WINDOWS\System32\Tasks\{F027A471-0E64-41F4-8515-1BC8813F0806}
2015-12-09 06:43 - 2015-04-22 19:49 - 00003440 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2015-12-09 06:43 - 2015-04-22 19:39 - 00002938 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3915831028-228235209-3607861613-1001
2015-12-09 06:42 - 2015-10-30 00:24 - 00000000 __RHD C:\Users\Public\Libraries
2015-12-09 06:42 - 2015-10-30 00:24 - 00000000 ____D C:\WINDOWS\SysWOW64\inetsrv
2015-12-09 06:42 - 2015-10-30 00:24 - 00000000 ____D C:\WINDOWS\system32\inetsrv
2015-12-09 06:42 - 2015-10-30 00:18 - 00202240 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisRtl.dll
2015-12-09 06:42 - 2015-10-30 00:18 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\admwprox.dll
2015-12-09 06:42 - 2015-10-30 00:18 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\ahadmin.dll
2015-12-09 06:42 - 2015-10-30 00:18 - 00019456 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisreset.exe
2015-12-09 06:42 - 2015-10-30 00:18 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wamregps.dll
2015-12-09 06:42 - 2015-10-30 00:18 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisrstap.dll
2015-12-09 06:42 - 2015-07-08 00:30 - 00002662 _____ C:\WINDOWS\System32\Tasks\GyazoUpdateTaskMachineDaily
2015-12-09 06:42 - 2015-06-17 16:18 - 00003570 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskUserS-1-5-21-3915831028-228235209-3607861613-1001UA
2015-12-09 06:42 - 2015-05-08 15:57 - 00002764 _____ C:\WINDOWS\System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-cj.xxxxxxxxx@live.com
2015-12-09 06:42 - 2015-04-24 19:29 - 00002522 _____ C:\WINDOWS\System32\Tasks\GyazoUpdateTaskMachine
2015-12-09 06:42 - 2015-04-22 19:49 - 00003216 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2015-12-09 06:42 - 2015-04-12 01:41 - 00002318 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3915831028-228235209-3607861613-500
2015-12-09 06:42 - 2015-04-11 23:38 - 00002530 _____ C:\WINDOWS\System32\Tasks\YCMServiceAgent
2015-12-09 06:42 - 2015-04-11 23:37 - 00002968 _____ C:\WINDOWS\System32\Tasks\avast! SL Update
2015-12-09 06:41 - 2015-10-30 00:19 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisRtl.dll
2015-12-09 06:41 - 2015-10-30 00:19 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\admwprox.dll
2015-12-09 06:41 - 2015-10-30 00:19 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ahadmin.dll
2015-12-09 06:41 - 2015-10-30 00:19 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisreset.exe
2015-12-09 06:41 - 2015-10-30 00:19 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wamregps.dll
2015-12-09 06:41 - 2015-10-30 00:19 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisrstap.dll
2015-12-09 06:41 - 2015-10-30 00:17 - 00480256 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnet.dll
2015-12-09 06:41 - 2015-10-30 00:17 - 00395264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnet.dll
2015-12-09 06:41 - 2015-10-30 00:17 - 00220160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dplayx.dll
2015-12-09 06:41 - 2015-10-30 00:17 - 00069120 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnathlp.dll
2015-12-09 06:41 - 2015-10-30 00:17 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnathlp.dll
2015-12-09 06:41 - 2015-10-30 00:17 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpwsockx.dll
2015-12-09 06:41 - 2015-10-30 00:17 - 00027648 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnsvr.exe
2015-12-09 06:41 - 2015-10-30 00:17 - 00025088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpmodemx.dll
2015-12-09 06:41 - 2015-10-30 00:17 - 00023040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnsvr.exe
2015-12-09 06:41 - 2015-10-30 00:17 - 00020992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dplaysvr.exe
2015-12-09 06:41 - 2015-10-30 00:17 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnhupnp.dll
2015-12-09 06:41 - 2015-10-30 00:17 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnhpast.dll
2015-12-09 06:41 - 2015-10-30 00:17 - 00008704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnhupnp.dll
2015-12-09 06:41 - 2015-10-30 00:17 - 00008704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnhpast.dll
2015-12-09 06:41 - 2015-10-30 00:17 - 00005632 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnlobby.dll
2015-12-09 06:41 - 2015-10-30 00:17 - 00005632 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnaddr.dll
2015-12-09 06:41 - 2015-10-30 00:17 - 00004608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnlobby.dll
2015-12-09 06:41 - 2015-10-30 00:17 - 00004608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnaddr.dll
2015-12-09 06:26 - 2015-11-20 22:33 - 00000000 ____D C:\Users\Christian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Nexon
2015-12-09 06:26 - 2015-11-17 17:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2015-12-09 06:26 - 2015-10-30 00:24 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2015-12-09 06:26 - 2015-10-29 23:28 - 00008192 ___SH C:\WINDOWS\system32\config\ELAM
2015-12-09 06:26 - 2015-07-25 03:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TEdit
2015-12-09 06:26 - 2015-07-13 21:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++
2015-12-09 06:26 - 2015-07-01 03:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SWFPlayer
2015-12-09 06:26 - 2015-06-01 14:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BYOND
2015-12-09 06:26 - 2015-05-24 17:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TabletDriver
2015-12-09 06:26 - 2015-05-22 14:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Minecraft
2015-12-09 06:26 - 2015-05-21 15:47 - 00000000 ____D C:\WINDOWS\SysWOW64\TabletPmt
2015-12-09 06:26 - 2015-05-21 15:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tablet
2015-12-09 06:26 - 2015-05-21 02:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2015-12-09 06:26 - 2015-05-08 15:50 - 00000000 ____D C:\ProgramData\regid.1986-12.com.adobe
2015-12-09 06:26 - 2015-04-28 21:08 - 00000000 ____D C:\Users\Christian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client
2015-12-09 06:26 - 2015-04-26 14:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Instant Eyedropper
2015-12-09 06:26 - 2015-04-24 19:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gyazo
2015-12-09 06:26 - 2015-04-22 22:25 - 00000000 ____D C:\Users\Christian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-12-09 06:26 - 2015-04-22 22:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-12-09 06:26 - 2015-04-22 19:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2015-12-09 06:26 - 2015-04-22 19:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-12-09 06:26 - 2015-04-11 23:38 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Communication and Chat
2015-12-09 06:26 - 2015-04-11 23:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2015-12-09 06:26 - 2014-12-09 20:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Security and Protection
2015-12-09 06:26 - 2014-12-09 20:26 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Productivity and Tools
2015-12-09 06:25 - 2015-07-10 02:05 - 00000000 ____D C:\Users\Default.migrated
2015-12-09 06:22 - 2015-10-30 00:24 - 00000000 ____D C:\WINDOWS\SysWOW64\lv-LV
2015-12-09 06:22 - 2015-10-30 00:24 - 00000000 ____D C:\WINDOWS\SysWOW64\lt-LT
2015-12-09 06:22 - 2015-10-30 00:24 - 00000000 ____D C:\WINDOWS\SysWOW64\et-EE
2015-12-09 06:22 - 2015-10-30 00:24 - 00000000 ____D C:\WINDOWS\SysWOW64\en-GB
2015-12-09 06:22 - 2015-10-30 00:24 - 00000000 ____D C:\WINDOWS\system32\spool
2015-12-09 06:22 - 2013-08-22 08:36 - 00000000 ____D C:\WINDOWS\system32\WindowsInternal.Inbox.Shared
2015-12-09 06:22 - 2013-08-22 08:36 - 00000000 ____D C:\WINDOWS\system32\WindowsInternal.Inbox.Media.Shared
2015-12-09 06:21 - 2015-10-30 00:24 - 00000000 ____D C:\WINDOWS\system32\oobe
2015-12-09 06:21 - 2015-10-30 00:24 - 00000000 ____D C:\WINDOWS\system32\NDF
2015-12-09 06:21 - 2015-10-30 00:24 - 00000000 ____D C:\WINDOWS\system32\lv-LV
2015-12-09 06:21 - 2015-10-30 00:24 - 00000000 ____D C:\WINDOWS\system32\lt-LT
2015-12-09 06:21 - 2015-10-30 00:24 - 00000000 ____D C:\WINDOWS\system32\InputMethod
2015-12-09 06:21 - 2015-10-30 00:24 - 00000000 ____D C:\WINDOWS\system32\et-EE
2015-12-09 06:21 - 2015-10-30 00:24 - 00000000 ____D C:\WINDOWS\system32\en-GB
2015-12-09 06:19 - 2015-10-30 00:24 - 00000000 ___RD C:\WINDOWS\PurchaseDialog
2015-12-09 06:19 - 2015-10-30 00:24 - 00000000 ____D C:\WINDOWS\InputMethod
2015-12-09 06:19 - 2015-10-30 00:24 - 00000000 ____D C:\ProgramData\USOPrivate
2015-12-09 06:19 - 2015-10-25 14:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech
2015-12-09 06:19 - 2015-04-11 23:39 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-12-09 06:19 - 2014-12-09 20:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP Help and Support
2015-12-09 06:19 - 2013-08-22 08:36 - 00000000 ____D C:\WINDOWS\ADFS
2015-12-09 06:17 - 2015-11-17 22:33 - 00000000 ____D C:\Users\Christian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Hammer & Chisel, Inc
2015-12-09 06:06 - 2015-10-29 23:28 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2015-12-09 05:58 - 2015-10-30 02:13 - 00000000 ____D C:\WINDOWS\ServiceProfiles
2015-12-09 05:22 - 2015-10-30 02:42 - 00000000 ___HD C:\$WINDOWS.~BT

==================== Files in the root of some directories =======

2015-08-10 18:45 - 2016-01-06 20:01 - 0000600 _____ () C:\Users\Christian\AppData\Roaming\winscp.rnd
2015-12-17 18:42 - 2015-12-17 18:42 - 0001456 _____ () C:\Users\Christian\AppData\Local\Adobe Save for Web 13.0 Prefs
2015-06-10 11:06 - 2016-01-06 20:01 - 0000600 _____ () C:\Users\Christian\AppData\Local\PUTTY.RND
2015-11-19 17:43 - 2015-11-19 17:43 - 0007606 _____ () C:\Users\Christian\AppData\Local\Resmon.ResmonCfg

==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2016-01-07 10:44

==================== End of FRST.txt ============================
Wogln
Active Member
 
Posts: 13
Joined: December 26th, 2015, 12:36 am

Re: Repost of Newpoptab Issue

Unread postby Wogln » January 8th, 2016, 8:35 pm

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:25-12-2015
Ran by Christian (administrator) on THESTATION (08-01-2016 17:28:52)
Running from C:\Users\Christian\Downloads
Loaded Profiles: Christian (Available Profiles: Christian)
Platform: Windows 10 Home Version 1511 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Softex Inc.) C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe
(Intel Corporation) C:\Windows\SysWOW64\IntelCpHeciSvc.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(Intel(R) Corporation) C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
() C:\Program Files\AVAST Software\SecureLine\VpnSvc.exe
(Tablet Driver) C:\Windows\System32\drivers\WTSrv.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
() C:\Program Files\CyberLink\Shared files\RichVideo64.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
() C:\Program Files\WindowsApps\Microsoft.Messaging_2.12.15004.0_x86__8wekyb3d8bbwe\SkypeHost.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.29.1\GoogleCrashHandler.exe
() C:\Program Files\Hewlett-Packard\SimplePass\opvapp.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.29.1\GoogleCrashHandler64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\SimplePass\ClientCore.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBroker.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBrokerDsktop.exe
(Graphic Tablet Company Shenzhen) C:\Program Files\TabletDriver\TabletDriver.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Nota Inc.) C:\Program Files (x86)\Gyazo\GyStation.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Dropbox, Inc.) C:\Users\Christian\AppData\Roaming\Dropbox\bin\Dropbox.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Don HO don.h@free.fr) C:\Program Files (x86)\Notepad++\notepad++.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8492800 2015-06-24] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1402624 2015-06-24] (Realtek Semiconductor)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM\...\Run: [SimplePass] => C:\Program Files\Hewlett-Packard\SimplePass\ClientCore.exe [3962936 2014-03-28] (Hewlett-Packard)
HKLM\...\Run: [OPBHOBroker] => C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBroker.exe [415288 2014-03-28] (Hewlett-Packard)
HKLM\...\Run: [OPBHOBrokerDesktop] => C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBrokerDsktop.exe [415288 2014-03-28] (Hewlett-Packard)
HKLM\...\Run: [TabletDriver] => C:\Program Files\TabletDriver\TabletDriver.exe [1144032 2015-04-07] (Graphic Tablet Company Shenzhen)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3944136 2015-07-17] (Synaptics Incorporated)
HKLM-x32\...\Run: [WTClient] => WTClient.exe
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [7021880 2015-12-16] (AVAST Software)
HKLM-x32\...\Run: [HPMessageService] => C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe [653576 2015-06-29] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [596528 2015-10-06] (Oracle Corporation)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [5565448 2015-11-12] (LogMeIn Inc.)
HKU\S-1-5-21-3915831028-228235209-3607861613-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3013712 2015-12-14] (Valve Corporation)
HKU\S-1-5-21-3915831028-228235209-3607861613-1001\...\Run: [EvolveClient] => C:\Program Files\Echobit\Evolve\EvolveClient.exe [3334528 2015-11-25] (Echobit LLC)
HKU\S-1-5-21-3915831028-228235209-3607861613-1001\...\Run: [Gyazo] => C:\Program Files (x86)\Gyazo\GyStation.exe [3098424 2015-08-19] (Nota Inc.)
HKU\S-1-5-21-3915831028-228235209-3607861613-1001\...\Run: [Dropbox Update] => C:\Users\Christian\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-17] (Dropbox, Inc.)
HKU\S-1-5-21-3915831028-228235209-3607861613-1001\...\Run: [Discord] => C:\Users\Christian\AppData\Local\Discord\app-0.0.283\Discord.exe [51716784 2015-11-17] (Hammer & Chisel, Inc.)
HKU\S-1-5-21-3915831028-228235209-3607861613-1001\...\Run: [Office Timeline Performance Helper] => C:\Program Files (x86)\Office Timeline\Current\OfficeTimelineStartup.exe [15424 2015-11-26] (OfficeTimeline LLC)
HKU\S-1-5-21-3915831028-228235209-3607861613-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [50385536 2015-12-29] (Skype Technologies S.A.)
HKU\S-1-5-21-3915831028-228235209-3607861613-1001\...\Policies\Explorer: [NoInternetOpenWith] 1
ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Christian\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Christian\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Christian\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Christian\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Christian\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Christian\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Christian\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Christian\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-12-16] (AVAST Software)
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\avast! SecureLine.lnk [2015-12-24]
ShortcutTarget: avast! SecureLine.lnk -> C:\Program Files\AVAST Software\SecureLine\SecureLine.exe (AVAST Software)
Startup: C:\Users\Christian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2015-12-24]
ShortcutTarget: Dropbox.lnk -> C:\Users\Christian\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 75.75.76.76 75.75.75.75
Tcpip\..\Interfaces\{0aae3238-72f2-419f-96f6-38eecf595c51}: [DhcpNameServer] 75.75.76.76 75.75.75.75
Tcpip\..\Interfaces\{15FE5F52-66BC-495B-8526-A6BCA48C5BD0}: [DhcpNameServer] 8.8.8.8
Tcpip\..\Interfaces\{90bb55df-b0e7-4adf-b23c-ff363ab600b6}: [DhcpNameServer] 192.168.42.129

Internet Explorer:
==================
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp13.msn.com
HKU\S-1-5-21-3915831028-228235209-3607861613-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.yahoo.com/?fr=yset_ie_syc_o ... orcl_hpset
HKU\S-1-5-21-3915831028-228235209-3607861613-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp13.msn.com
HKU\S-1-5-21-3915831028-228235209-3607861613-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://js.redirect.hp.com/jumpstation?b ... &tp=iehome
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3915831028-228235209-3607861613-1001 -> {51FA22EB-2A60-4614-BA3E-F905020D7A9B} URL = hxxps://search.yahoo.com/search?p={searchTerms}&fr=yset_ie_syc_oracle&type=orcl_default
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\ssv.dll [2015-11-06] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\jp2ssv.dll [2015-11-06] (Oracle Corporation)

FireFox:
========
FF ProfilePath: C:\Users\Christian\AppData\Roaming\Mozilla\Firefox\Profiles\otvhwthi.default-1446516299890
FF Plugin: @mcafee.com/MSC,version=10 -> C:\Program Files\mcafee\msc\npMcSnFFPl64.dll [No File]
FF Plugin-x32: @java.com/DTPlugin,version=11.66.2 -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\dtplugin\npDeployJava1.dll [2015-11-06] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.66.2 -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\plugin2\npjp2.dll [2015-11-06] (Oracle Corporation)
FF Plugin-x32: @mcafee.com/MSC,version=10 -> C:\Program Files (x86)\McAfee\msc\npMcSnFFPl.dll [No File]
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-04] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-04] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: BYOND -> C:\Program Files (x86)\BYOND\bin\npbyond.dll [2008-07-08] (BYOND)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npbyond.dll [2008-07-08] (BYOND)
FF Extension: Adblock Plus - C:\Users\Christian\AppData\Roaming\Mozilla\Firefox\Profiles\otvhwthi.default-1446516299890\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-12-21]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-12-17]
FF HKLM-x32\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Extension: Avast SafePrice - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2015-12-17]
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK => not found

Chrome:
=======
CHR HomePage: Default -> hxxp://pokemonsolarluna.proboards.com/index.cgi?%20%20
CHR StartupUrls: Default -> "hxxp://pokemonsolarluna.proboards.com/index.cgi?%20%20","hxxp://houmpage.com/?src=nt&ssid=1450303053&a=1024376&uuid=148d23a3-09a7-4fa3-9a33-e2ce990dfebd"
CHR Profile: C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-04-22]
CHR Extension: (Angry Birds) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj [2015-04-22]
CHR Extension: (Google Docs) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-04-22]
CHR Extension: (Google Drive) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-22]
CHR Extension: (Adblock Plus) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-01-08]
CHR Extension: (Google Search) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-31]
CHR Extension: (Avast SafePrice) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2015-10-31]
CHR Extension: (Google Sheets) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-04-22]
CHR Extension: (Google Docs Offline) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-11-17]
CHR Extension: (Avast Online Security) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-11-05]
CHR Extension: (Block Misspelled Websites) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\hkeedolkcnamlgiodhcaielanmffhlil [2015-04-22]
CHR Extension: (Eye Dropper) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmdcmlfkchdmnmnmheododdhjedfccka [2015-04-26]
CHR Extension: (Steam Theme) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\mcphcjcjgkjmbphkfjleamgkinaeebnm [2015-06-30]
CHR Extension: (Plants vs Zombies) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmcegpfdgcoclcdfkjahiimlikdpnina [2015-04-22]
CHR Extension: (Gmail) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-22]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx [2015-11-22]
CHR HKLM-x32\...\Chrome\Extension: [gihfmmedoddijgnhkgfgnkeohkpbipol] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-11-22]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [226440 2015-12-16] (AVAST Software)
R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [109520 2015-12-16] (AVAST Software)
S3 EvoSvc; C:\Program Files\Echobit\Evolve\EvoSvc.exe [1583488 2015-04-22] (Echobit LLC)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [25800 2015-09-28] (Hewlett-Packard Company)
R2 HPWMISVC; c:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe [602888 2015-06-29] (Hewlett-Packard Development Company, L.P.)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [330136 2015-11-01] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe [733696 2013-07-01] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe [822232 2013-07-01] (Intel(R) Corporation)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [417552 2015-11-12] (LogMeIn, Inc.)
R2 omniserv; C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe [88064 2014-03-28] (Softex Inc.) [File not signed]
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [389896 2014-04-14] ()
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [303360 2015-06-24] (Realtek Semiconductor)
R2 SecureLine; C:\Program Files\AVAST Software\SecureLine\VpnSvc.exe [435064 2014-10-15] ()
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [246472 2015-07-17] (Synaptics Incorporated)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-10-30] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [28656 2015-12-16] (AVAST Software)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [28144 2015-12-16] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [97648 2015-12-18] (AVAST Software)
R0 aswNdisFlt; C:\Windows\System32\DRIVERS\aswNdisFlt.sys [466400 2015-12-16] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-12-16] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65224 2015-12-16] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1055560 2015-12-16] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [451040 2015-12-18] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [155304 2015-12-16] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [273784 2015-12-16] (AVAST Software)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [91912 2013-11-12] (CyberLink)
R3 EvolveVirtualAdapter; C:\Windows\System32\drivers\evolve.sys [21656 2015-04-22] (Echobit, LLC)
R3 GPIO; C:\Windows\System32\drivers\iaiogpioe.sys [31232 2013-11-11] (Intel Corporation)
R3 Hamachi; C:\Windows\System32\drivers\Hamdrv.sys [45680 2015-08-03] (LogMeIn Inc.)
U5 iaStorA; C:\Windows\System32\Drivers\iaStorA.sys [670056 2014-07-14] (Intel Corporation)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [192216 2016-01-08] (Malwarebytes)
R0 MBI; C:\Windows\System32\drivers\MBI.sys [29464 2014-01-23] (Intel Corporation)
S3 pneteth; C:\Windows\System32\drivers\pneteth.sys [15360 2011-11-25] (June Fabrics Technology Inc.) [File not signed]
R3 RSP2STOR; C:\Windows\system32\DRIVERS\RtsP2Stor.sys [310528 2015-06-05] (Realtek Semiconductor Corp.)
R3 RTWlanE; C:\Windows\system32\DRIVERS\rtwlane.sys [4629744 2015-09-16] (Realtek Semiconductor Corporation )
S3 SmbDrv; C:\Windows\System32\drivers\Smb_driver_AMDASF.sys [32496 2014-09-17] (Synaptics Incorporated)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [42696 2015-07-17] (Synaptics Incorporated)
R3 TXEIx64; C:\Windows\System32\drivers\TXEIx64.sys [88592 2014-01-15] (Intel Corporation)
R3 vmulti; C:\Windows\System32\drivers\vmulti.sys [10752 2014-09-16] (Windows (R) Win 7 DDK provider)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)
R3 WirelessButtonDriver; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [20800 2013-07-22] (Hewlett-Packard Development Company, L.P.)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-01-08 16:29 - 2016-01-08 16:36 - 00009248 _____ C:\Users\Christian\Downloads\Fixlog.txt
2016-01-07 17:17 - 2016-01-07 17:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2016-01-05 15:29 - 2016-01-05 15:30 - 1454073644 _____ C:\Users\Christian\Downloads\jesuslord.wav
2016-01-04 18:32 - 2016-01-04 18:32 - 00000000 ____D C:\ProgramData\Office Timeline
2016-01-04 18:31 - 2016-01-04 18:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Office Timeline
2016-01-04 18:25 - 2016-01-04 18:25 - 10884144 _____ (Office Timeline LLC) C:\Users\Christian\Downloads\OfficeTimeline.exe
2016-01-04 18:25 - 2016-01-04 18:25 - 00000000 ____D C:\Program Files (x86)\Office Timeline
2016-01-04 15:21 - 2016-01-04 18:22 - 00001254 _____ C:\WINDOWS\Timeline Maker Pro
2016-01-04 15:21 - 2016-01-04 18:16 - 00000000 ____D C:\Users\Christian\Documents\My Timelines
2016-01-04 15:21 - 2016-01-04 15:21 - 00000000 ____D C:\Users\Christian\AppData\Roaming\Progeny Software Inc
2016-01-04 15:21 - 2016-01-04 15:21 - 00000000 ____D C:\Users\Christian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Timeline Maker Pro
2016-01-04 15:19 - 2016-01-04 15:21 - 21892344 _____ (Progeny Software Inc.) C:\Users\Christian\Downloads\TimelineMakerPro_3-1-99_Install.exe
2016-01-03 18:33 - 2016-01-03 18:33 - 00527423 _____ ( ) C:\Users\Christian\Downloads\Lame_v3.99.3_for_Windows.exe
2016-01-03 18:33 - 2016-01-03 18:33 - 00202295 _____ C:\Users\Christian\Downloads\libmp3lame-win-3.99.3.zip
2016-01-02 03:41 - 2016-01-02 03:41 - 00000000 ____D C:\Users\Christian\AppData\LocalLow\Hinterland
2016-01-02 03:41 - 2016-01-02 03:41 - 00000000 ____D C:\Users\Christian\AppData\Local\Hinterland
2015-12-31 17:49 - 2015-12-31 17:49 - 00000222 _____ C:\Users\Christian\Desktop\The Long Dark.url
2015-12-31 17:48 - 2015-12-31 17:49 - 00000222 _____ C:\Users\Christian\Desktop\Papers, Please.url
2015-12-31 17:43 - 2015-12-31 17:43 - 00000222 _____ C:\Users\Christian\Desktop\Fallout 4.url
2015-12-30 15:50 - 2015-12-30 18:13 - 02348859 _____ C:\Users\Christian\Downloads\Stack a' Memes.zip
2015-12-29 01:37 - 2015-12-29 02:34 - 4013373120 ____R C:\Users\Christian\Desktop\Summer Wars [Blu-Ray 1080p][Dual Audio].mkv
2015-12-27 17:31 - 2015-12-27 17:31 - 00000000 ____D C:\Users\Christian\AppData\Local\LogMeIn
2015-12-27 04:50 - 2015-12-27 04:50 - 02370560 _____ (Farbar) C:\Users\Christian\Downloads\FRST64 (1).exe
2015-12-25 22:31 - 2015-12-25 22:35 - 00050498 _____ C:\Users\Christian\Downloads\Addition.txt
2015-12-25 22:28 - 2016-01-08 17:29 - 00023041 _____ C:\Users\Christian\Downloads\FRST.txt
2015-12-25 22:28 - 2016-01-08 17:28 - 00000000 ____D C:\FRST
2015-12-25 22:27 - 2015-12-25 22:27 - 02370560 _____ (Farbar) C:\Users\Christian\Downloads\FRST64.exe
2015-12-24 18:40 - 2016-01-08 16:45 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-12-24 18:40 - 2015-12-24 18:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-12-24 18:40 - 2015-12-24 18:40 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-12-24 18:40 - 2015-12-24 18:40 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-12-24 18:40 - 2015-10-05 09:50 - 00109272 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2015-12-24 18:40 - 2015-10-05 09:50 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2015-12-24 18:40 - 2015-10-05 09:50 - 00025816 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2015-12-24 17:30 - 2015-12-24 17:30 - 00041080 _____ C:\WINDOWS\system32\Drivers\hitmanpro37.sys
2015-12-24 17:26 - 2015-12-24 18:35 - 00000000 ____D C:\ProgramData\HitmanPro
2015-12-20 18:28 - 2015-12-20 18:28 - 00000000 ____D C:\Users\Christian\AppData\Local\CustomCraftingStation
2015-12-19 15:50 - 2015-12-19 15:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2015-12-19 15:50 - 2015-12-19 15:50 - 00000000 ____D C:\Program Files\7-Zip
2015-12-17 22:18 - 2015-12-06 20:58 - 24601600 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-12-17 22:17 - 2015-12-06 21:57 - 00973664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2015-12-17 22:17 - 2015-12-06 21:55 - 01281376 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2015-12-17 22:17 - 2015-12-06 21:49 - 00412512 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifitask.exe
2015-12-17 22:17 - 2015-12-06 21:48 - 02544256 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2015-12-17 22:17 - 2015-12-06 21:48 - 02180136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2015-12-17 22:17 - 2015-12-06 21:48 - 01299504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetsrc.dll
2015-12-17 22:17 - 2015-12-06 21:48 - 01155944 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2015-12-17 22:17 - 2015-12-06 21:48 - 01118208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll
2015-12-17 22:17 - 2015-12-06 21:48 - 01092456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2015-12-17 22:17 - 2015-12-06 21:48 - 01065080 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2015-12-17 22:17 - 2015-12-06 21:48 - 01020096 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
2015-12-17 22:17 - 2015-12-06 21:48 - 00983464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2015-12-17 22:17 - 2015-12-06 21:48 - 00884256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2015-12-17 22:17 - 2015-12-06 21:48 - 00823264 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2015-12-17 22:17 - 2015-12-06 21:48 - 00794888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll
2015-12-17 22:17 - 2015-12-06 21:48 - 00696160 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll
2015-12-17 22:17 - 2015-12-06 21:48 - 00670928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfds.dll
2015-12-17 22:17 - 2015-12-06 21:48 - 00526856 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfreadwrite.dll
2015-12-17 22:17 - 2015-12-06 21:48 - 00502112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll
2015-12-17 22:17 - 2015-12-06 21:48 - 00498448 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFCaptureEngine.dll
2015-12-17 22:17 - 2015-12-06 21:48 - 00462760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfreadwrite.dll
2015-12-17 22:17 - 2015-12-06 21:48 - 00450904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFCaptureEngine.dll
2015-12-17 22:17 - 2015-12-06 21:48 - 00337840 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFPlay.dll
2015-12-17 22:17 - 2015-12-06 21:48 - 00289248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFPlay.dll
2015-12-17 22:17 - 2015-12-06 21:48 - 00245848 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2015-12-17 22:17 - 2015-12-06 21:48 - 00115040 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupApi.dll
2015-12-17 22:17 - 2015-12-06 21:48 - 00084832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupApi.dll
2015-12-17 22:17 - 2015-12-06 21:47 - 00925064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2015-12-17 22:17 - 2015-12-06 21:47 - 00898184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll
2015-12-17 22:17 - 2015-12-06 21:47 - 00716928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2015-12-17 22:17 - 2015-12-06 21:47 - 00116720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfps.dll
2015-12-17 22:17 - 2015-12-06 21:46 - 03671888 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-12-17 22:17 - 2015-12-06 21:46 - 02919320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-12-17 22:17 - 2015-12-06 21:45 - 00264544 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll
2015-12-17 22:17 - 2015-12-06 21:15 - 01035776 _____ (Microsoft Corporation) C:\WINDOWS\system32\XboxNetApiSvc.dll
2015-12-17 22:17 - 2015-12-06 21:15 - 00075776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.XboxLive.ProxyStub.dll
2015-12-17 22:17 - 2015-12-06 21:10 - 00824320 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2015-12-17 22:17 - 2015-12-06 21:09 - 00133120 _____ (Microsoft Corporation) C:\WINDOWS\system32\flvprophandler.dll
2015-12-17 22:17 - 2015-12-06 21:09 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanagerprecheck.dll
2015-12-17 22:17 - 2015-12-06 21:09 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorageUsage.dll
2015-12-17 22:17 - 2015-12-06 21:07 - 16984064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2015-12-17 22:17 - 2015-12-06 21:07 - 00134656 _____ (Microsoft Corporation) C:\WINDOWS\system32\wificonnapi.dll
2015-12-17 22:17 - 2015-12-06 21:07 - 00077312 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProvPluginEng.dll
2015-12-17 22:17 - 2015-12-06 21:06 - 00572928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2015-12-17 22:17 - 2015-12-06 21:06 - 00231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCore.dll
2015-12-17 22:17 - 2015-12-06 21:06 - 00199168 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2015-12-17 22:17 - 2015-12-06 21:05 - 00192000 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
2015-12-17 22:17 - 2015-12-06 21:05 - 00036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\BackgroundTransferHost.exe
2015-12-17 22:17 - 2015-12-06 21:04 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshost.dll
2015-12-17 22:17 - 2015-12-06 21:04 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\provtool.exe
2015-12-17 22:17 - 2015-12-06 21:03 - 13017600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2015-12-17 22:17 - 2015-12-06 21:02 - 00269824 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshostcore.dll
2015-12-17 22:17 - 2015-12-06 21:02 - 00161280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2015-12-17 22:17 - 2015-12-06 21:01 - 00543232 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2015-12-17 22:17 - 2015-12-06 21:01 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BackgroundTransferHost.exe
2015-12-17 22:17 - 2015-12-06 21:00 - 00618496 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2015-12-17 22:17 - 2015-12-06 21:00 - 00323072 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSFlacDecoder.dll
2015-12-17 22:17 - 2015-12-06 21:00 - 00210432 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll
2015-12-17 22:17 - 2015-12-06 21:00 - 00203776 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll
2015-12-17 22:17 - 2015-12-06 20:59 - 00558080 _____ (Microsoft Corporation) C:\WINDOWS\system32\MBMediaManager.dll
2015-12-17 22:17 - 2015-12-06 20:59 - 00292352 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2015-12-17 22:17 - 2015-12-06 20:59 - 00286208 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll
2015-12-17 22:17 - 2015-12-06 20:59 - 00165376 _____ (Microsoft Corporation) C:\WINDOWS\system32\provdatastore.dll
2015-12-17 22:17 - 2015-12-06 20:58 - 00459776 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2015-12-17 22:17 - 2015-12-06 20:57 - 00409088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2015-12-17 22:17 - 2015-12-06 20:57 - 00387072 _____ (Microsoft Corporation) C:\WINDOWS\system32\qdvd.dll
2015-12-17 22:17 - 2015-12-06 20:57 - 00270848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSFlacDecoder.dll
2015-12-17 22:17 - 2015-12-06 20:56 - 00607232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2015-12-17 22:17 - 2015-12-06 20:56 - 00497152 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmkvsrcsnk.dll
2015-12-17 22:17 - 2015-12-06 20:55 - 07979008 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2015-12-17 22:17 - 2015-12-06 20:55 - 00346112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
2015-12-17 22:17 - 2015-12-06 20:54 - 00850432 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2015-12-17 22:17 - 2015-12-06 20:54 - 00569856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qdvd.dll
2015-12-17 22:17 - 2015-12-06 20:53 - 19339264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-12-17 22:17 - 2015-12-06 20:53 - 00381952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmkvsrcsnk.dll
2015-12-17 22:17 - 2015-12-06 20:51 - 01318912 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2015-12-17 22:17 - 2015-12-06 20:51 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapibase.dll
2015-12-17 22:17 - 2015-12-06 20:50 - 01131520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Audio.dll
2015-12-17 22:17 - 2015-12-06 20:49 - 01105920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Audio.dll
2015-12-17 22:17 - 2015-12-06 20:48 - 06297088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2015-12-17 22:17 - 2015-12-06 20:47 - 03428864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2015-12-17 22:17 - 2015-12-06 20:45 - 02582016 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2015-12-17 22:17 - 2015-12-06 20:45 - 00900608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.dll
2015-12-17 22:17 - 2015-12-06 20:45 - 00683008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.BackgroundTransfer.dll
2015-12-17 22:17 - 2015-12-06 20:44 - 02796032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2015-12-17 22:17 - 2015-12-06 20:43 - 02598400 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2015-12-17 22:17 - 2015-12-06 20:43 - 00931328 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSMPEG2ENC.DLL
2015-12-17 22:17 - 2015-12-06 20:41 - 02061824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2015-12-17 22:17 - 2015-12-06 20:40 - 03593216 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2015-12-17 22:17 - 2015-12-06 20:40 - 01995776 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncProvider.dll
2015-12-17 22:17 - 2015-12-06 20:40 - 01706496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActiveSyncProvider.dll
2015-12-17 22:17 - 2015-12-06 20:39 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2015-12-17 22:17 - 2015-12-06 20:38 - 00871936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSMPEG2ENC.DLL
2015-12-17 22:17 - 2015-12-06 20:33 - 00375296 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDEServer.exe
2015-12-17 22:17 - 2015-12-06 20:32 - 00126464 _____ (Microsoft Corporation) C:\WINDOWS\system32\dialserver.dll
2015-12-17 18:42 - 2015-12-17 18:42 - 00001456 _____ C:\Users\Christian\AppData\Local\Adobe Save for Web 13.0 Prefs
2015-12-17 17:40 - 2015-12-24 16:58 - 00000000 ____D C:\AdwCleaner
2015-12-16 21:23 - 2015-12-16 21:23 - 00386096 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2015-12-16 21:23 - 2015-12-16 21:23 - 00043112 _____ (AVAST Software) C:\WINDOWS\avastSS.scr
2015-12-16 21:22 - 2015-12-16 21:22 - 00466400 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswNdisFlt.sys
2015-12-14 17:46 - 2015-12-14 17:46 - 00000000 ____D C:\Users\Christian\AppData\Local\Starbound Composer
2015-12-14 17:45 - 2015-12-14 17:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Starbound Composer
2015-12-14 15:58 - 2015-12-14 16:16 - 00000000 ____D C:\fc036e49596f6d4f46f5b2c274
2015-12-10 18:14 - 2015-12-10 18:14 - 00000000 ____D C:\Users\Christian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-12-10 11:36 - 2015-12-10 11:36 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2015-12-09 15:02 - 2015-12-09 15:02 - 00000000 ____D C:\Users\Christian\AppData\Local\ActiveSync
2015-12-09 15:00 - 2015-12-09 15:00 - 00000020 ___SH C:\Users\Christian\ntuser.ini
2015-12-09 06:57 - 2015-12-09 06:52 - 00000000 ___DC C:\WINDOWS\Panther
2015-12-09 06:51 - 2015-12-09 06:51 - 00000000 _SHDL C:\Users\Default\My Documents
2015-12-09 06:51 - 2015-12-09 06:51 - 00000000 _SHDL C:\Users\Default\Documents\My Videos
2015-12-09 06:51 - 2015-12-09 06:51 - 00000000 _SHDL C:\Users\Default\Documents\My Pictures
2015-12-09 06:51 - 2015-12-09 06:51 - 00000000 _SHDL C:\Users\Default\Documents\My Music
2015-12-09 06:51 - 2015-12-09 06:51 - 00000000 _SHDL C:\Users\Default User\Documents\My Videos
2015-12-09 06:51 - 2015-12-09 06:51 - 00000000 _SHDL C:\Users\Default User\Documents\My Pictures
2015-12-09 06:51 - 2015-12-09 06:51 - 00000000 _SHDL C:\Users\Default User\Documents\My Music
2015-12-09 06:51 - 2015-12-09 06:51 - 00000000 ____D C:\Windows.old
2015-12-09 06:49 - 2015-12-09 06:49 - 22572632 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 22393856 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 21125408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 18678272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 13381120 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 12125184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 11545088 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 09918976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 07476576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2015-12-09 06:49 - 2015-12-09 06:49 - 07199232 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 06572032 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanmm.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 05202944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 03993600 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 03355136 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 02843136 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 02772584 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 02756096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2015-12-09 06:49 - 2015-12-09 06:49 - 02756096 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2015-12-09 06:49 - 2015-12-09 06:49 - 02680320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 02653816 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 02647552 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 02624512 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 02444288 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 02352128 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 02280448 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 02185840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 02155008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 02152800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2015-12-09 06:49 - 2015-12-09 06:49 - 02126848 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2015-12-09 06:49 - 2015-12-09 06:49 - 02121216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 02049024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2015-12-09 06:49 - 2015-12-09 06:49 - 02001408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 01944576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 01860096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 01859448 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 01817160 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 01814528 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnidui.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 01734656 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 01717248 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 01713664 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRHInproc.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 01648640 _____ (Microsoft Corporation) C:\WINDOWS\system32\comsvcs.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 01540768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 01505280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 01467392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 01443328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRHInproc.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 01399224 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 01395200 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 01393664 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2015-12-09 06:49 - 2015-12-09 06:49 - 01387008 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 01337240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 01328128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comsvcs.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 01268736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 01268736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 01223168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 01212928 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 01139200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 01063424 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 01056256 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 01042432 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingOnlineServices.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 00988160 _____ (Microsoft Corporation) C:\WINDOWS\system32\NMAA.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 00969728 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 00957440 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 00948224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 00948224 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthManager.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 00938496 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 00912384 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgr.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 00911648 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcomp.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 00870400 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 00870400 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 00809312 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2015-12-09 06:49 - 2015-12-09 06:49 - 00803840 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 00795840 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 00793600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 00791552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 00784896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NMAA.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 00783360 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 00711680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlCore.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 00709120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingOnlineServices.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 00704352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2015-12-09 06:49 - 2015-12-09 06:49 - 00704000 _____ (Microsoft Corporation) C:\WINDOWS\system32\CellularAPI.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 00698208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimgapi.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 00697856 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToManager.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 00686592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 00675064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dcomp.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 00674816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 00647168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 00638464 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 00630632 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2015-12-09 06:49 - 2015-12-09 06:49 - 00623616 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneProviders.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 00604928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2015-12-09 06:49 - 2015-12-09 06:49 - 00604672 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 00589312 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApi.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 00586208 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 00586080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wimgapi.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 00578912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys
2015-12-09 06:49 - 2015-12-09 06:49 - 00540752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2015-12-09 06:49 - 2015-12-09 06:49 - 00538632 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWanAPI.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 00536768 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 00523776 _____ (Microsoft Corporation) C:\WINDOWS\system32\catsrvut.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 00523616 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimserv.exe
2015-12-09 06:49 - 2015-12-09 06:49 - 00517632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToManager.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 00517632 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2015-12-09 06:49 - 2015-12-09 06:49 - 00516544 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 00515584 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 00511320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 00490496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 00470528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApi.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 00465920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanconn.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 00458752 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToDevice.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 00454056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 00450560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 00440160 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2015-12-09 06:49 - 2015-12-09 06:49 - 00431232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWanAPI.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 00421888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LogonController.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 00416768 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 00415744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\catsrvut.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 00414720 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe
2015-12-09 06:49 - 2015-12-09 06:49 - 00408128 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 00405048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 00400896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2015-12-09 06:49 - 2015-12-09 06:49 - 00382464 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 00369912 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2015-12-09 06:49 - 2015-12-09 06:49 - 00366224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 00365568 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 00345600 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 00342016 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorService.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 00340480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToDevice.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 00334848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 00334736 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 00334336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.exe
2015-12-09 06:49 - 2015-12-09 06:49 - 00320000 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptngc.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 00315904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Bluetooth.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 00303104 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 00296488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 00286720 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceaccess.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 00275456 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 00264192 _____ (Nokia) C:\WINDOWS\system32\NmaDirect.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 00248832 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserMgrProxy.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 00245760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TextInputFramework.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 00241664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptngc.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 00227840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\deviceaccess.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 00220672 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2015-12-09 06:49 - 2015-12-09 06:49 - 00205824 _____ (Nokia) C:\WINDOWS\SysWOW64\NmaDirect.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 00204800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft-Windows-AppModelExecEvents.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 00182784 _____ (Microsoft Corporation) C:\WINDOWS\system32\shutdownux.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmmigrator.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 00166912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserMgrProxy.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 00163328 _____ (Microsoft Corporation) C:\WINDOWS\system32\provops.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 00162304 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringservice.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 00162304 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2015-12-09 06:49 - 2015-12-09 06:49 - 00161632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2015-12-09 06:49 - 2015-12-09 06:49 - 00160768 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 00157184 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcertinst.exe
2015-12-09 06:49 - 2015-12-09 06:49 - 00147968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rmcast.sys
2015-12-09 06:49 - 2015-12-09 06:49 - 00138240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ETWCoreUIComponentsResources.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 00138240 _____ (Microsoft Corporation) C:\WINDOWS\system32\ETWCoreUIComponentsResources.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 00133632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 00122368 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCsp.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 00119808 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvc.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 00118624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tdx.sys
2015-12-09 06:49 - 2015-12-09 06:49 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 00117248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\capimg.sys
2015-12-09 06:49 - 2015-12-09 06:49 - 00115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2015-12-09 06:49 - 2015-12-09 06:49 - 00114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinelsa.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 00110592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Microsoft-Windows-MapControls.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 00110592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft-Windows-MapControls.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 00110032 _____ (Microsoft Corporation) C:\WINDOWS\system32\EncDump.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 00108544 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputLocaleManager.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 00100864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offlinelsa.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 00095072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdstor.sys
2015-12-09 06:49 - 2015-12-09 06:49 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 00092352 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsNativeApi.V2.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 00089600 _____ (Microsoft Corporation) C:\WINDOWS\system32\NFCProvisioningPlugin.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsCSP.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 00088392 _____ (Microsoft Corporation) C:\WINDOWS\system32\remoteaudioendpoint.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzautoupdate.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 00086528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapsBtSvc.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 00086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppCapture.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 00083456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputLocaleManager.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 00080600 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwapi.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 00078336 _____ (Microsoft Corporation) C:\WINDOWS\system32\BarcodeProvisioningPlugin.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 00075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanprotdim.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 00075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditBufferTestHook.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 00074240 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssign32.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 00073728 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwancfg.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 00073360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\remoteaudioendpoint.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 00072704 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosStorage.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppCapture.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthManagerProxy.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininetlui.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininetlui.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosHostClient.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\ihvrilproxy.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 00063528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wwapi.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 00060928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssign32.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 00060928 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthTokenBrokerExt.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EditBufferTestHook.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 00058408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsNativeApi.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosStorage.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosResource.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosResource.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 00055808 _____ (Microsoft Corporation) C:\WINDOWS\system32\rilproxy.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringclient.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemovableMediaProvisioningPlugin.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wwanpref.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 00051680 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsUtilsV2.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XblAuthTokenBrokerExt.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosHostClient.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 00045568 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 00044032 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsplib.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 00043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.proxy.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 00042496 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapstoasttask.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 00041984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XblAuthManagerProxy.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 00037376 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2015-12-09 06:49 - 2015-12-09 06:49 - 00037376 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 00036352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCoreRes.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 00036352 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCoreRes.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 00035680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wimmount.sys
2015-12-09 06:49 - 2015-12-09 06:49 - 00035656 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfpmp.exe
2015-12-09 06:49 - 2015-12-09 06:49 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 00032256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 00032040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfpmp.exe
2015-12-09 06:49 - 2015-12-09 06:49 - 00030720 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringconfigsp.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe
2015-12-09 06:49 - 2015-12-09 06:49 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\WordBreakers.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapsupdatetask.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 00028160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.Provisioning.ProxyStub.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 00028160 _____ (Microsoft Corporation) C:\WINDOWS\system32\nativemap.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.proxy.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 00026408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2015-12-09 06:49 - 2015-12-09 06:49 - 00024064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WordBreakers.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 00018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\wshrm.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\IcsEntitlementHost.exe
2015-12-09 06:49 - 2015-12-09 06:49 - 00014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\dciman32.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvcProxy.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 00011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dciman32.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Microsoft-Windows-MosTrace.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft-Windows-MosTrace.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 00009728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Microsoft-Windows-MosHost.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 00009728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft-Windows-MosHost.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 00007680 _____ (Microsoft Corporation) C:\WINDOWS\system32\readingviewresources.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 00003072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlStringsRes.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 00003072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\lpk.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 00003072 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlStringsRes.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 00003072 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpk.dll
2015-12-09 06:45 - 2015-12-09 06:45 - 00008192 _____ C:\WINDOWS\system32\config\userdiff
2015-12-09 06:42 - 2016-01-08 16:37 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-12-09 06:42 - 2015-12-09 06:42 - 00000000 ____D C:\Program Files\Reference Assemblies
2015-12-09 06:42 - 2015-12-09 06:42 - 00000000 ____D C:\Program Files\MSBuild
2015-12-09 06:42 - 2015-12-09 06:42 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
2015-12-09 06:42 - 2015-12-09 06:42 - 00000000 ____D C:\Program Files (x86)\MSBuild
2015-12-09 06:42 - 2015-12-09 06:42 - 00000000 ____D C:\inetpub
2015-12-09 06:41 - 2015-10-23 18:47 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2015-12-09 06:41 - 2015-10-23 18:47 - 00103120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-12-09 06:41 - 2015-10-23 18:47 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2015-12-09 06:41 - 2015-10-23 18:46 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2015-12-09 06:41 - 2015-10-23 18:46 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2015-12-09 06:41 - 2015-10-23 18:45 - 00124624 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2015-12-09 06:25 - 2015-12-09 06:25 - 00000000 ____D C:\Users\Default\Documents\hp.system.package.metadata
2015-12-09 06:25 - 2015-12-09 06:25 - 00000000 ____D C:\Users\Default\Documents\hp.applications.package.appdata
2015-12-09 06:25 - 2015-12-09 06:25 - 00000000 ____D C:\Users\Default\AppData\Roaming\Macromedia
2015-12-09 06:25 - 2015-12-09 06:25 - 00000000 ____D C:\Users\Default User\Documents\hp.system.package.metadata
2015-12-09 06:25 - 2015-12-09 06:25 - 00000000 ____D C:\Users\Default User\Documents\hp.applications.package.appdata
2015-12-09 06:25 - 2015-12-09 06:25 - 00000000 ____D C:\Users\Default User\AppData\Roaming\Macromedia
2015-12-09 06:24 - 2015-12-24 19:01 - 00001483 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2015-12-09 06:18 - 2015-12-09 06:26 - 00000000 ____D C:\WINDOWS\system32\config\bbimigrate
2015-12-09 06:07 - 2016-01-08 15:30 - 00000000 ____D C:\Users\Christian
2015-12-09 06:07 - 2015-12-24 17:07 - 00972104 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-12-09 06:07 - 2015-12-09 06:07 - 00000000 _SHDL C:\Users\Christian\My Documents
2015-12-09 06:07 - 2015-12-09 06:07 - 00000000 _SHDL C:\Users\Christian\Documents\My Videos
2015-12-09 06:07 - 2015-12-09 06:07 - 00000000 _SHDL C:\Users\Christian\Documents\My Pictures
2015-12-09 06:07 - 2015-12-09 06:07 - 00000000 _SHDL C:\Users\Christian\Documents\My Music
2015-12-09 06:06 - 2015-12-09 06:06 - 00929278 _____ C:\WINDOWS\SysWOW64\PerfStringBackup.INI
2015-12-09 06:03 - 2015-12-09 06:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Music, Photos and Videos
2015-12-09 06:03 - 2015-12-09 06:19 - 00000000 ____D C:\Program Files\Intel
2015-12-09 06:03 - 2015-12-09 06:03 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_SynTP_01011.Wdf
2015-12-09 06:03 - 2015-12-09 06:03 - 00000000 ____D C:\WINDOWS\SysWOW64\sda
2015-12-09 06:03 - 2015-12-09 06:03 - 00000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2015-12-09 06:03 - 2015-12-09 06:03 - 00000000 ____D C:\WINDOWS\system32\SRSLabs
2015-12-09 06:03 - 2015-12-09 06:03 - 00000000 ____D C:\Program Files\Realtek
2015-12-09 06:03 - 2015-11-01 18:25 - 00072704 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.DLL
2015-12-09 06:03 - 2015-11-01 18:25 - 00069120 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.DLL
2015-12-09 06:02 - 2015-12-09 06:02 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_Smb_driver_Intel_01011.Wdf
2015-12-09 06:02 - 2015-12-09 06:02 - 00000000 ____D C:\Program Files\Synaptics
2015-12-09 06:01 - 2015-10-30 00:17 - 02718208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2015-12-09 05:58 - 2015-12-09 06:28 - 04966128 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2015-12-09 00:52 - 2015-12-09 06:17 - 00000000 ____D C:\Users\Christian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\UnH Solutions
2015-12-09 00:52 - 2015-12-09 00:52 - 00000000 ____D C:\Program Files (x86)\UnH Solutions

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-01-08 17:29 - 2015-06-17 16:18 - 00000956 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-3915831028-228235209-3607861613-1001UA.job
2016-01-08 17:26 - 2015-04-22 19:49 - 00000928 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-01-08 17:21 - 2015-04-22 20:07 - 00000000 ____D C:\Users\Christian\AppData\Roaming\Skype
2016-01-08 16:48 - 2015-04-22 19:37 - 00000000 ____D C:\Users\Christian\Documents\Youcam
2016-01-08 16:43 - 2015-04-22 23:07 - 00000000 ___RD C:\Users\Christian\Dropbox
2016-01-08 16:41 - 2015-04-22 23:03 - 00000000 ____D C:\Users\Christian\AppData\Roaming\Dropbox
2016-01-08 16:40 - 2015-04-22 19:55 - 00000000 ____D C:\Program Files (x86)\Steam
2016-01-08 16:40 - 2015-04-22 19:49 - 00000924 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-01-08 16:39 - 2015-04-22 19:33 - 00000000 __SHD C:\Users\Christian\IntelGraphicsProfiles
2016-01-08 16:37 - 2015-10-29 23:28 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2016-01-08 16:06 - 2015-05-24 18:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2016-01-08 16:06 - 2015-05-24 18:51 - 00000000 ____D C:\Program Files (x86)\Java
2016-01-08 11:15 - 2015-10-30 00:24 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-01-08 07:25 - 2015-10-30 00:24 - 00000000 ___HD C:\Program Files\WindowsApps
2016-01-08 07:19 - 2015-05-08 15:12 - 00000000 ____D C:\Users\Christian\AppData\Local\Adobe
2016-01-07 17:17 - 2015-08-23 01:24 - 00000000 ___RD C:\Program Files (x86)\Skype
2016-01-07 17:17 - 2015-04-22 20:07 - 00002640 _____ C:\Users\Public\Desktop\Skype.lnk
2016-01-07 17:17 - 2015-04-22 20:07 - 00000000 ____D C:\Users\Christian\AppData\Local\Skype
2016-01-07 17:17 - 2015-04-22 20:07 - 00000000 ____D C:\ProgramData\Skype
2016-01-06 20:01 - 2015-08-10 18:45 - 00000600 _____ C:\Users\Christian\AppData\Roaming\winscp.rnd
2016-01-06 20:01 - 2015-06-10 11:06 - 00000600 _____ C:\Users\Christian\AppData\Local\PUTTY.RND
2016-01-06 00:29 - 2015-06-17 16:18 - 00000904 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-3915831028-228235209-3607861613-1001Core.job
2016-01-06 00:04 - 2015-10-30 00:11 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-01-05 23:47 - 2015-05-21 17:58 - 00000000 ____D C:\Program Files (x86)\SAI
2016-01-05 21:35 - 2015-10-30 00:21 - 00000000 ____D C:\WINDOWS\INF
2016-01-04 18:27 - 2015-10-30 00:24 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2016-01-04 15:21 - 2015-10-29 23:28 - 00000000 ____D C:\Windows
2016-01-03 22:26 - 2015-08-30 00:53 - 00000000 ____D C:\Users\Christian\AppData\Roaming\Audacity
2016-01-02 18:40 - 2015-10-30 00:26 - 00826872 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-01-02 18:40 - 2015-10-30 00:26 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2016-01-02 03:41 - 2014-12-09 20:33 - 00000000 ____D C:\ProgramData\Package Cache
2016-01-01 05:18 - 2015-04-26 12:19 - 00000000 ____D C:\Users\Christian\AppData\Local\SBSE
2015-12-31 17:49 - 2015-04-22 20:06 - 00000000 ____D C:\Users\Christian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2015-12-31 03:04 - 2015-05-21 02:19 - 00000000 ____D C:\Users\Christian\AppData\Roaming\vlc
2015-12-29 21:38 - 2015-04-28 23:52 - 00000000 ____D C:\Users\Christian\AppData\Roaming\starcheat
2015-12-29 01:51 - 2015-04-28 21:08 - 00000000 ____D C:\Users\Christian\AppData\Roaming\TS3Client
2015-12-28 16:55 - 2015-04-25 21:28 - 00000000 ____D C:\Users\Christian\AppData\Local\LogMeIn Hamachi
2015-12-27 17:31 - 2015-04-25 20:54 - 00000000 ____D C:\ProgramData\LogMeIn
2015-12-25 23:25 - 2015-04-28 23:32 - 00000000 ____D C:\Users\Christian\Desktop\SB Tools
2015-12-24 19:01 - 2015-11-22 19:16 - 00001217 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast SafeZone Browser.lnk
2015-12-24 19:01 - 2015-11-22 15:01 - 00002018 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Internet Security.lnk
2015-12-24 19:01 - 2015-08-30 00:35 - 00001043 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity.lnk
2015-12-24 19:01 - 2015-08-10 18:40 - 00001105 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinSCP.lnk
2015-12-24 19:01 - 2015-07-29 16:52 - 00002392 _____ C:\Users\Christian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2015-12-24 19:01 - 2015-06-11 22:18 - 00001050 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIF Viewer.lnk
2015-12-24 19:01 - 2015-06-05 21:09 - 00001130 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CS6 (64 Bit).lnk
2015-12-24 19:01 - 2015-06-05 21:07 - 00001364 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Extension Manager CS6.lnk
2015-12-24 19:01 - 2015-05-22 19:32 - 00001112 _____ C:\Users\Christian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\join.me.lnk
2015-12-24 19:01 - 2015-05-21 01:55 - 00001166 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-12-24 19:01 - 2015-05-08 15:50 - 00001253 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe After Effects CS6.lnk
2015-12-24 19:01 - 2015-05-08 15:48 - 00001092 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge CS6 (64bit).lnk
2015-12-24 19:01 - 2015-05-08 15:47 - 00001534 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe ExtendScript Toolkit CS6.lnk
2015-12-24 19:01 - 2015-05-08 15:46 - 00001145 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Media Encoder CS6.lnk
2015-12-24 19:01 - 2015-05-08 15:26 - 00001008 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Help.lnk
2015-12-24 19:01 - 2015-04-26 12:19 - 00001254 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SBSE Desktop.lnk
2015-12-24 19:01 - 2015-04-25 23:22 - 00000486 _____ C:\Users\Christian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Removable Disk (G).lnk
2015-12-24 19:01 - 2015-04-22 22:27 - 00001099 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\paint.net.lnk
2015-12-24 19:01 - 2015-04-22 21:14 - 00002030 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Evolve.lnk
2015-12-24 19:00 - 2015-11-24 18:19 - 00001490 _____ C:\Users\Christian\Desktop\UNDERTALE.lnk
2015-12-24 19:00 - 2015-11-20 22:33 - 00002119 _____ C:\Users\Christian\Desktop\Nexon Launcher.lnk
2015-12-24 19:00 - 2015-10-30 00:24 - 00000000 ____D C:\WINDOWS\Resources
2015-12-24 19:00 - 2015-09-01 20:22 - 00001097 _____ C:\Users\Christian\Desktop\Notepad++.lnk
2015-12-24 19:00 - 2015-08-10 18:40 - 00001049 _____ C:\Users\Public\Desktop\WinSCP.lnk
2015-12-24 19:00 - 2015-07-25 23:49 - 00002012 _____ C:\Users\Public\Desktop\Avast Internet Security.lnk
2015-12-24 19:00 - 2015-06-05 21:15 - 00001746 _____ C:\Users\Christian\Desktop\Adobe Photoshop CS6.lnk
2015-12-24 19:00 - 2015-06-01 14:30 - 00001714 _____ C:\Users\Public\Desktop\BYOND.lnk
2015-12-24 19:00 - 2015-05-24 17:24 - 00000917 _____ C:\Users\Public\Desktop\TabletDriver.lnk
2015-12-24 19:00 - 2015-05-22 19:32 - 00001106 _____ C:\Users\Christian\Desktop\join.me.lnk
2015-12-24 19:00 - 2015-05-22 14:46 - 00000974 _____ C:\Users\Public\Desktop\Minecraft.lnk
2015-12-24 19:00 - 2015-05-21 18:08 - 00000954 _____ C:\Users\Christian\Desktop\SAI.lnk
2015-12-24 19:00 - 2015-05-21 01:55 - 00001160 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-12-24 19:00 - 2015-05-10 05:00 - 00001409 _____ C:\Users\Christian\Desktop\Dimmer.lnk
2015-12-24 19:00 - 2015-05-08 17:06 - 00001253 _____ C:\Users\Christian\Desktop\Adobe After Effects CS6.lnk
2015-12-24 19:00 - 2015-04-28 21:08 - 00001275 _____ C:\Users\Christian\Desktop\TeamSpeak 3 Client.lnk
2015-12-24 19:00 - 2015-04-26 14:36 - 00001134 _____ C:\Users\Christian\Desktop\Instant Eyedropper.lnk
2015-12-24 19:00 - 2015-04-26 12:19 - 00001248 _____ C:\Users\Public\Desktop\SBSE Desktop.lnk
2015-12-24 19:00 - 2015-04-24 19:28 - 00001052 _____ C:\Users\Public\Desktop\Gyazo.lnk
2015-12-24 19:00 - 2015-04-24 19:28 - 00001052 _____ C:\Users\Public\Desktop\Gyazo GIF.lnk
2015-12-24 19:00 - 2015-04-22 23:07 - 00001077 _____ C:\Users\Christian\Desktop\Dropbox.lnk
2015-12-24 19:00 - 2015-04-22 22:27 - 00001093 _____ C:\Users\Public\Desktop\paint.net.lnk
2015-12-24 19:00 - 2015-04-22 21:14 - 00002024 _____ C:\Users\Public\Desktop\Evolve.lnk
2015-12-24 19:00 - 2015-04-22 19:55 - 00000976 _____ C:\Users\Public\Desktop\Steam.lnk
2015-12-24 19:00 - 2015-04-22 19:50 - 00002261 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-12-24 19:00 - 2015-04-22 19:33 - 00001332 _____ C:\Users\Public\Desktop\HP Smart Friend.lnk
2015-12-24 19:00 - 2015-04-11 23:58 - 00002033 _____ C:\Users\Public\Desktop\Connected Drive.lnk
2015-12-24 19:00 - 2015-04-11 23:57 - 00001630 _____ C:\Users\Public\Desktop\Connected Photo.lnk
2015-12-24 19:00 - 2015-04-11 23:34 - 00002017 _____ C:\Users\Public\Desktop\Connected Music.lnk
2015-12-22 05:17 - 2015-10-30 00:24 - 00000000 ____D C:\WINDOWS\system32\appraiser
2015-12-22 05:17 - 2015-10-30 00:24 - 00000000 ____D C:\WINDOWS\Provisioning
2015-12-22 05:17 - 2015-10-30 00:24 - 00000000 ____D C:\WINDOWS\bcastdvr
2015-12-21 02:42 - 2015-08-11 03:31 - 00000000 ____D C:\Users\Christian\AppData\Local\DrawablesFinal
2015-12-19 15:45 - 2015-11-06 20:22 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-12-18 15:52 - 2015-07-25 23:48 - 00451040 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsp.sys
2015-12-18 15:52 - 2015-07-25 23:48 - 00097648 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswmonflt.sys
2015-12-17 18:26 - 2015-04-22 19:33 - 00000000 ____D C:\Users\Christian\AppData\Roaming\Adobe
2015-12-17 17:58 - 2015-08-16 20:21 - 00000000 ____D C:\Users\Christian\AppData\Local\CrashDumps
2015-12-17 17:51 - 2015-11-22 19:16 - 00003152 _____ C:\WINDOWS\System32\Tasks\SafeZone scheduled Autoupdate 1448244999
2015-12-16 21:23 - 2015-07-25 23:48 - 00273784 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2015-12-16 21:23 - 2015-07-25 23:48 - 00155304 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2015-12-16 21:23 - 2015-07-25 23:48 - 00093528 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2015-12-16 21:23 - 2015-07-25 23:48 - 00065224 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2015-12-16 21:23 - 2015-07-25 23:48 - 00028656 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHwid.sys
2015-12-16 21:23 - 2015-07-25 23:48 - 00004006 _____ C:\WINDOWS\System32\Tasks\avast! Emergency Update
2015-12-16 21:22 - 2015-07-25 23:48 - 01055560 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2015-12-16 21:22 - 2015-07-25 23:48 - 00028144 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2015-12-16 15:05 - 2015-04-22 19:33 - 00000000 ____D C:\Users\Christian\AppData\Local\Packages
2015-12-14 16:16 - 2015-04-28 15:16 - 00000000 ____D C:\WINDOWS\system32\MRT
2015-12-14 15:58 - 2015-04-28 15:15 - 140158008 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-12-13 23:14 - 2015-09-16 23:29 - 00000000 ___RD C:\Users\Christian\3D Objects
2015-12-10 04:54 - 2015-10-30 00:24 - 00000000 ____D C:\WINDOWS\appcompat
2015-12-09 15:21 - 2015-10-30 00:24 - 00000000 ___RD C:\WINDOWS\DevicesFlow
2015-12-09 15:10 - 2015-04-22 19:41 - 00000000 ___RD C:\Users\Christian\OneDrive
2015-12-09 15:03 - 2015-10-30 00:24 - 00000000 ___RD C:\WINDOWS\PrintDialog
2015-12-09 15:03 - 2015-10-30 00:24 - 00000000 ___RD C:\WINDOWS\MiracastView
2015-12-09 15:02 - 2015-10-30 00:24 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2015-12-09 15:01 - 2015-04-23 03:22 - 00000000 __RHD C:\Users\Public\AccountPictures
2015-12-09 15:00 - 2015-10-30 00:24 - 00000000 ____D C:\WINDOWS\rescache
2015-12-09 15:00 - 2015-07-29 16:37 - 00000451 _____ C:\WINDOWS\system32\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat
2015-12-09 06:57 - 2015-10-30 00:24 - 00028672 _____ C:\WINDOWS\system32\config\BCD-Template
2015-12-09 06:50 - 2015-10-30 00:24 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2015-12-09 06:50 - 2015-10-29 23:28 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism
2015-12-09 06:50 - 2015-10-29 23:28 - 00000000 ____D C:\WINDOWS\system32\Dism
2015-12-09 06:50 - 2015-07-29 02:16 - 00019053 _____ C:\WINDOWS\diagwrn.xml
2015-12-09 06:50 - 2015-07-29 02:16 - 00019053 _____ C:\WINDOWS\diagerr.xml
2015-12-09 06:48 - 2015-10-30 00:24 - 00000000 ____D C:\WINDOWS\Registration
2015-12-09 06:47 - 2015-10-30 00:24 - 00000000 ____D C:\WINDOWS\system32\WinBioDatabase
2015-12-09 06:43 - 2015-07-29 16:25 - 00022840 _____ C:\WINDOWS\system32\emptyregdb.dat
2015-12-09 06:43 - 2015-07-21 14:41 - 00002436 _____ C:\WINDOWS\System32\Tasks\McAfee Remediation (Prepare)
2015-12-09 06:43 - 2015-06-17 16:18 - 00003298 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskUserS-1-5-21-3915831028-228235209-3607861613-1001Core
2015-12-09 06:43 - 2015-05-21 15:48 - 00002390 _____ C:\WINDOWS\System32\Tasks\{F027A471-0E64-41F4-8515-1BC8813F0806}
2015-12-09 06:43 - 2015-04-22 19:49 - 00003440 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2015-12-09 06:43 - 2015-04-22 19:39 - 00002938 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3915831028-228235209-3607861613-1001
2015-12-09 06:42 - 2015-10-30 00:24 - 00000000 __RHD C:\Users\Public\Libraries
2015-12-09 06:42 - 2015-10-30 00:24 - 00000000 ____D C:\WINDOWS\SysWOW64\inetsrv
2015-12-09 06:42 - 2015-10-30 00:24 - 00000000 ____D C:\WINDOWS\system32\inetsrv
2015-12-09 06:42 - 2015-10-30 00:18 - 00202240 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisRtl.dll
2015-12-09 06:42 - 2015-10-30 00:18 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\admwprox.dll
2015-12-09 06:42 - 2015-10-30 00:18 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\ahadmin.dll
2015-12-09 06:42 - 2015-10-30 00:18 - 00019456 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisreset.exe
2015-12-09 06:42 - 2015-10-30 00:18 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wamregps.dll
2015-12-09 06:42 - 2015-10-30 00:18 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisrstap.dll
2015-12-09 06:42 - 2015-07-08 00:30 - 00002662 _____ C:\WINDOWS\System32\Tasks\GyazoUpdateTaskMachineDaily
2015-12-09 06:42 - 2015-06-17 16:18 - 00003570 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskUserS-1-5-21-3915831028-228235209-3607861613-1001UA
2015-12-09 06:42 - 2015-05-08 15:57 - 00002764 _____ C:\WINDOWS\System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-cj.xxxxxxxxx@live.com
2015-12-09 06:42 - 2015-04-24 19:29 - 00002522 _____ C:\WINDOWS\System32\Tasks\GyazoUpdateTaskMachine
2015-12-09 06:42 - 2015-04-22 19:49 - 00003216 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2015-12-09 06:42 - 2015-04-12 01:41 - 00002318 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3915831028-228235209-3607861613-500
2015-12-09 06:42 - 2015-04-11 23:38 - 00002530 _____ C:\WINDOWS\System32\Tasks\YCMServiceAgent
2015-12-09 06:42 - 2015-04-11 23:37 - 00002968 _____ C:\WINDOWS\System32\Tasks\avast! SL Update
2015-12-09 06:41 - 2015-10-30 00:19 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisRtl.dll
2015-12-09 06:41 - 2015-10-30 00:19 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\admwprox.dll
2015-12-09 06:41 - 2015-10-30 00:19 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ahadmin.dll
2015-12-09 06:41 - 2015-10-30 00:19 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisreset.exe
2015-12-09 06:41 - 2015-10-30 00:19 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wamregps.dll
2015-12-09 06:41 - 2015-10-30 00:19 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisrstap.dll
2015-12-09 06:41 - 2015-10-30 00:17 - 00480256 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnet.dll
2015-12-09 06:41 - 2015-10-30 00:17 - 00395264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnet.dll
2015-12-09 06:41 - 2015-10-30 00:17 - 00220160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dplayx.dll
2015-12-09 06:41 - 2015-10-30 00:17 - 00069120 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnathlp.dll
2015-12-09 06:41 - 2015-10-30 00:17 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnathlp.dll
2015-12-09 06:41 - 2015-10-30 00:17 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpwsockx.dll
2015-12-09 06:41 - 2015-10-30 00:17 - 00027648 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnsvr.exe
2015-12-09 06:41 - 2015-10-30 00:17 - 00025088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpmodemx.dll
2015-12-09 06:41 - 2015-10-30 00:17 - 00023040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnsvr.exe
2015-12-09 06:41 - 2015-10-30 00:17 - 00020992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dplaysvr.exe
2015-12-09 06:41 - 2015-10-30 00:17 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnhupnp.dll
2015-12-09 06:41 - 2015-10-30 00:17 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnhpast.dll
2015-12-09 06:41 - 2015-10-30 00:17 - 00008704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnhupnp.dll
2015-12-09 06:41 - 2015-10-30 00:17 - 00008704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnhpast.dll
2015-12-09 06:41 - 2015-10-30 00:17 - 00005632 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnlobby.dll
2015-12-09 06:41 - 2015-10-30 00:17 - 00005632 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnaddr.dll
2015-12-09 06:41 - 2015-10-30 00:17 - 00004608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnlobby.dll
2015-12-09 06:41 - 2015-10-30 00:17 - 00004608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnaddr.dll
2015-12-09 06:26 - 2015-11-20 22:33 - 00000000 ____D C:\Users\Christian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Nexon
2015-12-09 06:26 - 2015-11-17 17:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2015-12-09 06:26 - 2015-10-30 00:24 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2015-12-09 06:26 - 2015-10-29 23:28 - 00008192 ___SH C:\WINDOWS\system32\config\ELAM
2015-12-09 06:26 - 2015-07-25 03:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TEdit
2015-12-09 06:26 - 2015-07-13 21:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++
2015-12-09 06:26 - 2015-07-01 03:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SWFPlayer
2015-12-09 06:26 - 2015-06-01 14:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BYOND
2015-12-09 06:26 - 2015-05-24 17:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TabletDriver
2015-12-09 06:26 - 2015-05-22 14:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Minecraft
2015-12-09 06:26 - 2015-05-21 15:47 - 00000000 ____D C:\WINDOWS\SysWOW64\TabletPmt
2015-12-09 06:26 - 2015-05-21 15:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tablet
2015-12-09 06:26 - 2015-05-21 02:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2015-12-09 06:26 - 2015-05-08 15:50 - 00000000 ____D C:\ProgramData\regid.1986-12.com.adobe
2015-12-09 06:26 - 2015-04-28 21:08 - 00000000 ____D C:\Users\Christian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client
2015-12-09 06:26 - 2015-04-26 14:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Instant Eyedropper
2015-12-09 06:26 - 2015-04-24 19:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gyazo
2015-12-09 06:26 - 2015-04-22 22:25 - 00000000 ____D C:\Users\Christian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-12-09 06:26 - 2015-04-22 22:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-12-09 06:26 - 2015-04-22 19:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2015-12-09 06:26 - 2015-04-22 19:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-12-09 06:26 - 2015-04-11 23:38 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Communication and Chat
2015-12-09 06:26 - 2015-04-11 23:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2015-12-09 06:26 - 2014-12-09 20:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Security and Protection
2015-12-09 06:26 - 2014-12-09 20:26 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Productivity and Tools
2015-12-09 06:25 - 2015-07-10 02:05 - 00000000 ____D C:\Users\Default.migrated
2015-12-09 06:22 - 2015-10-30 00:24 - 00000000 ____D C:\WINDOWS\SysWOW64\lv-LV
2015-12-09 06:22 - 2015-10-30 00:24 - 00000000 ____D C:\WINDOWS\SysWOW64\lt-LT
2015-12-09 06:22 - 2015-10-30 00:24 - 00000000 ____D C:\WINDOWS\SysWOW64\et-EE
2015-12-09 06:22 - 2015-10-30 00:24 - 00000000 ____D C:\WINDOWS\SysWOW64\en-GB
2015-12-09 06:22 - 2015-10-30 00:24 - 00000000 ____D C:\WINDOWS\system32\spool
2015-12-09 06:22 - 2013-08-22 08:36 - 00000000 ____D C:\WINDOWS\system32\WindowsInternal.Inbox.Shared
2015-12-09 06:22 - 2013-08-22 08:36 - 00000000 ____D C:\WINDOWS\system32\WindowsInternal.Inbox.Media.Shared
2015-12-09 06:21 - 2015-10-30 00:24 - 00000000 ____D C:\WINDOWS\system32\oobe
2015-12-09 06:21 - 2015-10-30 00:24 - 00000000 ____D C:\WINDOWS\system32\NDF
2015-12-09 06:21 - 2015-10-30 00:24 - 00000000 ____D C:\WINDOWS\system32\lv-LV
2015-12-09 06:21 - 2015-10-30 00:24 - 00000000 ____D C:\WINDOWS\system32\lt-LT
2015-12-09 06:21 - 2015-10-30 00:24 - 00000000 ____D C:\WINDOWS\system32\InputMethod
2015-12-09 06:21 - 2015-10-30 00:24 - 00000000 ____D C:\WINDOWS\system32\et-EE
2015-12-09 06:21 - 2015-10-30 00:24 - 00000000 ____D C:\WINDOWS\system32\en-GB
2015-12-09 06:19 - 2015-10-30 00:24 - 00000000 ___RD C:\WINDOWS\PurchaseDialog
2015-12-09 06:19 - 2015-10-30 00:24 - 00000000 ____D C:\WINDOWS\InputMethod
2015-12-09 06:19 - 2015-10-30 00:24 - 00000000 ____D C:\ProgramData\USOPrivate
2015-12-09 06:19 - 2015-10-25 14:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech
2015-12-09 06:19 - 2015-04-11 23:39 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-12-09 06:19 - 2014-12-09 20:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP Help and Support
2015-12-09 06:19 - 2013-08-22 08:36 - 00000000 ____D C:\WINDOWS\ADFS
2015-12-09 06:17 - 2015-11-17 22:33 - 00000000 ____D C:\Users\Christian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Hammer & Chisel, Inc
2015-12-09 06:06 - 2015-10-29 23:28 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2015-12-09 05:58 - 2015-10-30 02:13 - 00000000 ____D C:\WINDOWS\ServiceProfiles
2015-12-09 05:22 - 2015-10-30 02:42 - 00000000 ___HD C:\$WINDOWS.~BT

==================== Files in the root of some directories =======

2015-08-10 18:45 - 2016-01-06 20:01 - 0000600 _____ () C:\Users\Christian\AppData\Roaming\winscp.rnd
2015-12-17 18:42 - 2015-12-17 18:42 - 0001456 _____ () C:\Users\Christian\AppData\Local\Adobe Save for Web 13.0 Prefs
2015-06-10 11:06 - 2016-01-06 20:01 - 0000600 _____ () C:\Users\Christian\AppData\Local\PUTTY.RND
2015-11-19 17:43 - 2015-11-19 17:43 - 0007606 _____ () C:\Users\Christian\AppData\Local\Resmon.ResmonCfg

==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2016-01-07 10:44

==================== End of FRST.txt ============================
Wogln
Active Member
 
Posts: 13
Joined: December 26th, 2015, 12:36 am

Re: Repost of Newpoptab Issue

Unread postby Wogln » January 8th, 2016, 8:39 pm

Additional scan result of Farbar Recovery Scan Tool (x64) Version:25-12-2015
Ran by Christian (2016-01-08 17:30:42)
Running from C:\Users\Christian\Downloads
Windows 10 Home (X64) (2015-12-09 13:52:14)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-3915831028-228235209-3607861613-500 - Administrator - Disabled)
Christian (S-1-5-21-3915831028-228235209-3607861613-1001 - Administrator - Enabled) => C:\Users\Christian
DefaultAccount (S-1-5-21-3915831028-228235209-3607861613-503 - Limited - Disabled)
Guest (S-1-5-21-3915831028-228235209-3607861613-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3915831028-228235209-3607861613-1003 - Limited - Enabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: avast! Antivirus (Enabled) {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 15.12 (x64 edition) (HKLM\...\{23170F69-40C1-2702-1512-000001000000}) (Version: 15.12.00.0 - Igor Pavlov)
Adblock Plus for IE (32-bit and 64-bit) (HKLM\...\{77588F59-3C58-4675-8EEE-998E5BC33CF4}) (Version: 1.4 - Eyeo GmbH)
Adobe After Effects CS6 (HKLM-x32\...\{4817D846-700B-474E-A31B-80892B3E92E3}) (Version: 11 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 20.0.0.204 - Adobe Systems Incorporated)
Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated)
Adobe Photoshop CS6 (HKLM-x32\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated)
Audacity 2.1.0 (HKLM-x32\...\Audacity_is1) (Version: 2.1.0 - Audacity Team)
Avast Internet Security (HKLM-x32\...\Avast) (Version: 11.1.2245 - AVAST Software)
avast! SecureLine (HKLM\...\{2CD3C92F-EDC5-4B02-9B0A-9C1D37C58EF5}_is1) (Version: 1.0.139.2 - AVAST Software)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
BYOND (HKLM-x32\...\BYOND) (Version: 507.1286 - BYOND)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{AF312B06-5C5C-468E-89B3-BE6DE2645722}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{0A4EF0E6-A912-4CDE-A7F3-6E56E7C13A2F}) (Version: 1.1.6 - Cisco Systems, Inc.)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version: - Valve)
CyberLink Media Suite 10 (HKLM-x32\...\InstallShield_{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}) (Version: 10.0.8.4420 - CyberLink Corp.)
Cyberlink PhotoDirector (HKLM-x32\...\InstallShield_{5A454EC5-217A-42a5-8CE1-2DDEC4E70E01}) (Version: 5.0.3.5715 - CyberLink Corp.)
Cyberlink PhotoDirector (Version: 5.0.3.5715 - CyberLink Corp.) Hidden
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.8.4316 - CyberLink Corp.)
CyberLink PowerBackup 2.6 (HKLM-x32\...\InstallShield_{ADD5DB49-72CF-11D8-9D75-000129760D75}) (Version: 2.6.1.0903 - CyberLink Corp.)
CyberLink PowerDirector 12 (HKLM-x32\...\InstallShield_{E1646825-D391-42A0-93AA-27FA810DA093}) (Version: 12.0.2.3324 - CyberLink Corp.)
CyberLink PowerDirector 12 (Version: 12.0.2.3324 - CyberLink Corp.) Hidden
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 5.0.5.4523 - CyberLink Corp.)
DisableMSDefender (Version: 1.0.0 - Hewlett-Packard Company) Hidden
Discord (HKU\S-1-5-21-3915831028-228235209-3607861613-1001\...\Discord) (Version: 0.0.283 - Hammer & Chisel, Inc.)
Dropbox (HKU\S-1-5-21-3915831028-228235209-3607861613-1001\...\Dropbox) (Version: 3.12.5 - Dropbox, Inc.)
Dropbox 25 GB (HKLM-x32\...\{597A58EC-42D6-4940-8739-FB94491B013C}) (Version: 0.9.0 - Dropbox, Inc.)
Energy Star (HKLM\...\{465CA2B6-98AF-4E77-BE22-A908C34BB9EC}) (Version: 1.0.9 - Hewlett-Packard Company)
Evolve (HKLM\...\{670B1B49-9FD3-4827-9B41-471EFF580AA8}) (Version: 1.8.18 - Echobit, LLC)
Fallout 4 (HKLM-x32\...\Steam App 377160) (Version: - Bethesda Game Studios)
GIF Viewer (HKLM-x32\...\GIF Viewer) (Version: - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 47.0.2526.106 - Google Inc.)
Google Update Helper (x32 Version: 1.3.29.1 - Google Inc.) Hidden
Gyazo 3.1.6 (HKLM-x32\...\{6DB8C365-E719-4BA5-9594-10DFC244D3FD}_is1) (Version: - Nota Inc.)
Hewlett-Packard ACLM.NET v1.2.2.3 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HP Documentation (HKLM-x32\...\{EA7EA537-8F93-42A2-9384-66E7F049E6B0}) (Version: 1.4.0.0 - Hewlett-Packard)
HP Registration Service (HKLM\...\{D1E8F2D7-7794-4245-B286-87ED86C1893C}) (Version: 1.2.7745.4851 - Hewlett-Packard)
HP SimplePass (HKLM-x32\...\InstallShield_{314FAD12-F785-4471-BCE8-AB506642B9A1}) (Version: 8.01.11 - Hewlett-Packard)
HP Support Solutions Framework (HKLM-x32\...\{55065080-504F-43BB-BE00-36B80D7D39A5}) (Version: 12.0.30.219 - Hewlett-Packard Company)
HP System Event Utility (HKLM-x32\...\{8B4EE87E-6D40-4C91-B5E8-0DC77DC412F1}) (Version: 1.4.1 - Hewlett-Packard Company)
HP Wireless Button Driver (HKLM-x32\...\{30B2D1D8-0A07-4B71-9553-0710C5D31E35}) (Version: 1.1.2.1 - Hewlett-Packard Company)
Inst5675 (Version: 8.01.11 - Softex Inc.) Hidden
Inst5676 (Version: 8.01.11 - Softex Inc.) Hidden
Instant Eyedropper 1.75 (HKLM-x32\...\Instant Eyedropper_is1) (Version: - )
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.4276 - Intel Corporation)
Intel(R) Sideband Fabric Device Driver (HKLM-x32\...\C5A8BC6E-723A-4C0F-96E1-C426D1A4BCA9) (Version: 1.70.305.16316 - Intel Corporation)
Intel(R) Trusted Execution Engine (HKLM\...\{176E2755-0A17-42C6-88E2-192AB2131278}) (Version: 1.0.0.1064 - Intel Corporation)
Java 8 Update 66 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218066F0}) (Version: 8.0.660.17 - Oracle Corporation)
join.me (HKU\S-1-5-21-3915831028-228235209-3607861613-1001\...\JoinMe) (Version: 1.20.0.503 - LogMeIn, Inc.)
Logitech Unifying Software 2.50 (HKLM\...\Logitech Unifying) (Version: 2.50.25 - Logitech)
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.410 - LogMeIn, Inc.)
LogMeIn Hamachi (x32 Version: 2.2.0.410 - LogMeIn, Inc.) Hidden
Malwarebytes Anti-Malware version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23026 (HKLM-x32\...\{e46eca4f-393b-40df-9f49-076faf788d83}) (Version: 14.0.23026.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026 (HKLM-x32\...\{74d0e5db-b326-4dae-a6b2-445b9de1836e}) (Version: 14.0.23026.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.60724 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Minecraft (HKLM-x32\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang)
Mozilla Firefox 43.0.1 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 43.0.1 (x86 en-US)) (Version: 43.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 42.0.0.5780 - Mozilla)
Nexon Launcher (HKLM-x32\...\Nexon Nexon Launcher) (Version: 1.3.0 - Nexon)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.8.1 - Notepad++ Team)
Office Timeline (HKLM-x32\...\{45C9E7F5-52C9-463F-9323-36FEDFBFC7B7}) (Version: 3.3.1 - Office Timeline)
paint.net (HKLM\...\{DF3A46D9-67B3-44B2-9D01-25C8BA772C8A}) (Version: 4.0.6 - dotPDN LLC)
Papers, Please (HKLM-x32\...\Steam App 239030) (Version: - 3909)
PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.9600.29082 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller All-In-One Windows Driver (HKLM-x32\...\{F7E7F0CB-AA41-4D5A-B6F2-8E6738EB063F}) (Version: 8.35.716.2014 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7535 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN Driver (HKLM-x32\...\{A5107464-AA9B-4177-8129-5FF2F42DD322}) (Version: 1.0.0.38 - REALTEK Semiconductor Corp.)
SafeZone Stable 1.46.1990.139 (x32 Version: 1.46.1990.139 - Avast Software) Hidden
Skype™ 7.17 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.17.106 - Skype Technologies S.A.)
Starbound (HKLM-x32\...\Steam App 211820) (Version: - )
Starbound Composer (HKLM-x32\...\{080132B2-6551-43ED-850A-560F649E55CE}_is1) (Version: 0.8.6 - Lourens Elzinga)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
SWF Opener (HKLM-x32\...\{01386D1F-ADE7-43B4-A4E9-312FC5BC726F}_is1) (Version: 1.3 - UnH Solutions)
SWFPlayer 2.6.2.0 (HKLM-x32\...\SWFPlayer_is1) (Version: 2.6.2.0 - Michael Faust, Alpha Interactive)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.12.95 - Synaptics Incorporated)
System Requirements Lab Detection (HKLM-x32\...\{8CD57582-4E28-4F7F-AEA6-0D860571F5DB}) (Version: 6.1.4.0 - Husdawg, LLC)
Tablet Driver V8.01 (HKLM-x32\...\TabletDriver) (Version: - )
Team Fortress 2 (HKLM-x32\...\Steam App 440) (Version: - Valve)
TeamSpeak 3 Client (HKU\S-1-5-21-3915831028-228235209-3607861613-1001\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
TEdit 3 (HKLM-x32\...\{56642CE5-5D04-4A3D-B774-754499672E39}) (Version: 3.5.14228.27 - BinaryConstruct)
Terraria (HKLM-x32\...\Steam App 105600) (Version: - Re-Logic)
The Long Dark (HKLM-x32\...\Steam App 305620) (Version: - Hinterland Studio Inc.)
Timeline Maker Pro (HKU\S-1-5-21-3915831028-228235209-3607861613-1001\...\{EBC4B47D-0C7A-418C-A960-0E5E4DB3A4D0}) (Version: 3.1.99.14 - Progeny Software Inc.)
Trove (HKLM-x32\...\Steam App 304050) (Version: - Trion Worlds)
UninstallTabletDeviceDriver (HKLM\...\{39089688-F09E-4DAD-8C80-647D3DF68630}_is1) (Version: 10.3 - Huion Animation)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
Windows Driver Package - Graphics Tablet (WinUsb) USBDevice (04/10/2014 8.33.30.0) (HKLM\...\142118DF51345EA02D2B1583E102C8FB95FD6D52) (Version: 04/10/2014 8.33.30.0 - Graphics Tablet)
WinRAR 5.21 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
WinSCP 5.7.5 (HKLM-x32\...\winscp3_is1) (Version: 5.7.5 - Martin Prikryl)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-3915831028-228235209-3607861613-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Christian\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3915831028-228235209-3607861613-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation)
CustomCLSID: HKU\S-1-5-21-3915831028-228235209-3607861613-1001_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Christian\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3915831028-228235209-3607861613-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Christian\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3915831028-228235209-3607861613-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Christian\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3915831028-228235209-3607861613-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Christian\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3915831028-228235209-3607861613-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Christian\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3915831028-228235209-3607861613-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Christian\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3915831028-228235209-3607861613-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Christian\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3915831028-228235209-3607861613-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Christian\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3915831028-228235209-3607861613-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Christian\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3915831028-228235209-3607861613-1001_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\Christian\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {03FA71AF-DB57-47E6-9E2D-3082809650EC} - System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-cj.xxxxxxxxx@live.com => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-04-04] (Adobe Systems Incorporated)
Task: {0B8D1DF8-B568-4878-B5AD-A7D32956C172} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2015-09-27] (Hewlett-Packard)
Task: {16C63084-ADF3-4F17-A543-62A74FE26DD3} - System32\Tasks\GyazoUpdateTaskMachineDaily => C:\Program Files (x86)\Gyazo\GyazoUpdate.exe [2015-08-19] ()
Task: {2D800B59-1946-4E4D-95B7-07D44C60DBBA} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-3915831028-228235209-3607861613-1001UA => C:\Users\Christian\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-17] (Dropbox, Inc.)
Task: {63DE4ABC-5433-43A8-950F-C71F83807AE8} - System32\Tasks\avast! SL Update => C:\Program Files\AVAST Software\SecureLine\SLUpdate.exe [2014-10-15] (AVAST Software)
Task: {681266FA-263A-495D-BD42-FF4D97AC1729} - System32\Tasks\McAfee Remediation (Prepare) => C:\Program Files\Common Files\AV\McAfee Anti-Virus And Anti-Spyware\upgrade.exe [2015-06-01] (McAfee, Inc.)
Task: {6EB3947D-F59F-4B7B-ACC9-7DDB1580B15D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-04-22] (Google Inc.)
Task: {7641957C-408D-4E0B-B4AA-9950F0540C15} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-3915831028-228235209-3607861613-1001Core => C:\Users\Christian\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-17] (Dropbox, Inc.)
Task: {86DA2D7E-4853-4092-BEBD-B9F40193A196} - System32\Tasks\{F027A471-0E64-41F4-8515-1BC8813F0806} => pcalua.exe -a "E:\Windows Driver\Driver for 1060PRO\Pen Tablet Setup\SETUP.EXE" -d "E:\Windows Driver\Driver for 1060PRO\Pen Tablet Setup"
Task: {9E42A2E6-FC7F-4990-A7B4-B62F09B41B8C} - System32\Tasks\YCMServiceAgent => C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe [2014-09-22] (CyberLink Corp.)
Task: {B7E21346-62FA-4F05-AD4B-073FCDE6DAFF} - System32\Tasks\SafeZone scheduled Autoupdate 1448244999 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe [2015-12-01] (Avast Software)
Task: {C83914E0-6D67-4201-A1BD-30BE9BB4F4DE} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-04-22] (Google Inc.)
Task: {CEC7D25B-5CA8-409D-BAE2-35373705253B} - System32\Tasks\GyazoUpdateTaskMachine => C:\Program Files (x86)\Gyazo\GyazoUpdate.exe [2015-08-19] ()
Task: {D1C7A0F5-7C89-4EC7-80C8-030A79803A5A} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-12-14] (Microsoft Corporation)
Task: {EE889C20-A1F3-43B7-BCF0-0DB38486E1FA} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-12-16] (AVAST Software)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-3915831028-228235209-3607861613-1001Core.job => C:\Users\Christian\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-3915831028-228235209-3607861613-1001UA.job => C:\Users\Christian\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

==================== Loaded Modules (Whitelisted) ==============

2015-10-30 00:18 - 2015-10-30 00:18 - 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2014-03-28 14:31 - 2014-03-28 14:31 - 02110464 _____ () C:\Program Files\Hewlett-Packard\SimplePass\autheng.dll
2014-03-28 14:27 - 2014-03-28 14:27 - 00021504 _____ () C:\Program Files\Hewlett-Packard\SimplePass\cryptodll.dll
2014-03-28 14:27 - 2014-03-28 14:27 - 00035328 _____ () C:\Program Files\Hewlett-Packard\SimplePass\ssplogon.dll
2014-03-28 14:27 - 2014-03-28 14:27 - 00055296 _____ () C:\Program Files\Hewlett-Packard\SimplePass\RandomPass.dll
2014-03-28 14:48 - 2014-03-28 14:48 - 00367504 _____ () C:\Program Files\Hewlett-Packard\SimplePass\mstrpwd.dll
2014-03-28 14:48 - 2014-03-28 14:48 - 00712080 _____ () C:\Program Files\Hewlett-Packard\SimplePass\GraphicalPwd.dll
2015-04-11 23:37 - 2014-10-15 15:02 - 00435064 _____ () C:\Program Files\AVAST Software\SecureLine\VpnSvc.exe
2015-04-12 00:02 - 2014-04-14 18:59 - 00389896 _____ () C:\Program Files\CyberLink\Shared files\RichVideo64.exe
2015-12-09 06:49 - 2015-12-09 06:49 - 02653816 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2015-12-09 06:49 - 2015-12-09 06:49 - 02653816 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2015-04-15 13:13 - 2015-04-15 13:13 - 00222720 _____ () C:\Program Files (x86)\Notepad++\NppShell_06.dll
2015-12-17 05:44 - 2015-12-17 05:44 - 00144384 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.12.15004.0_x86__8wekyb3d8bbwe\SkypeHost.exe
2015-12-17 22:17 - 2015-12-06 21:14 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll
2015-12-17 22:17 - 2015-12-06 21:00 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2015-12-17 22:17 - 2015-12-06 20:37 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2015-12-17 22:17 - 2015-12-06 20:33 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2015-12-17 22:17 - 2015-12-06 20:34 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2015-12-17 22:17 - 2015-12-06 20:36 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2014-03-28 14:36 - 2014-03-28 14:36 - 00065024 _____ () C:\Program Files\Hewlett-Packard\SimplePass\opvapp.exe
2015-12-16 21:23 - 2015-12-16 21:23 - 00103888 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2015-12-16 21:23 - 2015-12-16 21:23 - 00125512 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2016-01-08 15:33 - 2016-01-08 15:33 - 02821120 _____ () C:\Program Files\AVAST Software\Avast\defs\16010801\algo.dll
2015-12-16 21:23 - 2015-12-16 21:23 - 00469008 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll
2015-12-17 05:44 - 2015-12-17 05:44 - 00141312 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.12.15004.0_x86__8wekyb3d8bbwe\SkypeBackgroundTasks.dll
2015-04-22 19:57 - 2015-11-10 12:55 - 00778752 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2015-04-22 19:57 - 2015-07-03 09:12 - 04962816 _____ () C:\Program Files (x86)\Steam\v8.dll
2015-04-22 19:57 - 2015-12-14 13:01 - 02547280 _____ () C:\Program Files (x86)\Steam\video.dll
2015-04-22 19:57 - 2015-09-23 17:33 - 02549248 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll
2015-04-22 19:57 - 2015-09-23 17:33 - 00491008 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll
2015-04-22 19:57 - 2015-09-23 17:33 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll
2015-04-22 19:57 - 2015-09-23 17:33 - 00442880 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll
2015-04-22 19:57 - 2015-09-23 17:33 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll
2015-04-22 19:57 - 2015-07-03 09:12 - 01556992 _____ () C:\Program Files (x86)\Steam\icui18n.dll
2015-04-22 19:57 - 2015-07-03 09:12 - 01187840 _____ () C:\Program Files (x86)\Steam\icuuc.dll
2015-04-22 19:57 - 2015-12-14 13:01 - 00804432 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2015-07-22 19:28 - 2015-11-03 15:00 - 00201728 _____ () C:\Program Files (x86)\Steam\bin\openvr_api.dll
2015-12-05 10:21 - 2015-12-05 10:21 - 00933056 ____R () C:\Program Files (x86)\Skype\Phone\ssScreenVVS2.dll
2015-12-10 18:14 - 2015-10-30 17:59 - 00034768 _____ () C:\Users\Christian\AppData\Roaming\Dropbox\bin\_multiprocessing.pyd
2015-12-10 18:14 - 2015-10-30 18:00 - 00019408 _____ () C:\Users\Christian\AppData\Roaming\Dropbox\bin\faulthandler.pyd
2015-12-10 18:14 - 2015-12-08 14:36 - 00022848 _____ () C:\Users\Christian\AppData\Roaming\Dropbox\bin\Crypto.Random.OSRNG.winrandom.pyd
2015-12-10 18:14 - 2015-12-08 14:36 - 00023352 _____ () C:\Users\Christian\AppData\Roaming\Dropbox\bin\Crypto.Util._counter.pyd
2015-12-10 18:14 - 2015-12-08 14:36 - 00042296 _____ () C:\Users\Christian\AppData\Roaming\Dropbox\bin\Crypto.Cipher._AES.pyd
2015-12-10 18:14 - 2015-10-30 17:59 - 00116688 _____ () C:\Users\Christian\AppData\Roaming\Dropbox\bin\pywintypes27.dll
2015-12-10 18:14 - 2015-10-30 17:59 - 00093640 _____ () C:\Users\Christian\AppData\Roaming\Dropbox\bin\_ctypes.pyd
2015-12-10 18:14 - 2015-10-30 17:59 - 00018376 _____ () C:\Users\Christian\AppData\Roaming\Dropbox\bin\select.pyd
2015-12-10 18:14 - 2015-12-08 14:36 - 00019760 _____ () C:\Users\Christian\AppData\Roaming\Dropbox\bin\tornado.speedups.pyd
2015-12-10 18:14 - 2015-10-30 18:00 - 00105928 _____ () C:\Users\Christian\AppData\Roaming\Dropbox\bin\win32api.pyd
2015-12-10 18:14 - 2015-10-30 17:59 - 00392144 _____ () C:\Users\Christian\AppData\Roaming\Dropbox\bin\pythoncom27.dll
2015-12-10 18:14 - 2015-12-08 14:36 - 00381752 _____ () C:\Users\Christian\AppData\Roaming\Dropbox\bin\win32com.shell.shell.pyd
2015-12-10 18:14 - 2015-10-30 17:59 - 00692688 _____ () C:\Users\Christian\AppData\Roaming\Dropbox\bin\unicodedata.pyd
2015-12-10 18:14 - 2015-12-08 14:36 - 00020816 _____ () C:\Users\Christian\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._constant_time.pyd
2015-12-10 18:14 - 2015-10-30 18:00 - 00109520 _____ () C:\Users\Christian\AppData\Roaming\Dropbox\bin\_cffi_backend.pyd
2015-12-10 18:14 - 2015-12-08 14:36 - 01737032 _____ () C:\Users\Christian\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._openssl.pyd
2015-12-10 18:14 - 2015-12-08 14:36 - 00020808 _____ () C:\Users\Christian\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._padding.pyd
2015-12-10 18:14 - 2015-12-08 14:36 - 00020800 _____ () C:\Users\Christian\AppData\Roaming\Dropbox\bin\_cffi_python_x66cf7a7cx17a72769.pyd
2015-12-10 18:14 - 2015-12-08 14:36 - 00021840 _____ () C:\Users\Christian\AppData\Roaming\Dropbox\bin\_cffi_unicode_environ_win32_x8bf8e68bx9968e850.pyd
2015-12-10 18:14 - 2015-12-08 14:36 - 00038696 _____ () C:\Users\Christian\AppData\Roaming\Dropbox\bin\fastpath.pyd
2015-12-10 18:14 - 2015-10-30 18:00 - 00024528 _____ () C:\Users\Christian\AppData\Roaming\Dropbox\bin\win32event.pyd
2015-12-10 18:14 - 2015-10-30 18:00 - 00020936 _____ () C:\Users\Christian\AppData\Roaming\Dropbox\bin\mmapfile.pyd
2015-12-10 18:14 - 2015-10-30 18:00 - 00114640 _____ () C:\Users\Christian\AppData\Roaming\Dropbox\bin\win32security.pyd
2015-12-10 18:14 - 2015-12-08 14:36 - 00021320 _____ () C:\Users\Christian\AppData\Roaming\Dropbox\bin\_cffi_pywin_kernel32_xde9e4433x360333f0.pyd
2015-12-10 18:14 - 2015-10-30 18:00 - 00124880 _____ () C:\Users\Christian\AppData\Roaming\Dropbox\bin\win32file.pyd
2015-12-10 18:14 - 2015-10-30 18:00 - 00030160 _____ () C:\Users\Christian\AppData\Roaming\Dropbox\bin\win32pipe.pyd
2015-12-10 18:14 - 2015-10-30 18:00 - 00043472 _____ () C:\Users\Christian\AppData\Roaming\Dropbox\bin\win32process.pyd
2015-12-10 18:14 - 2015-10-30 18:00 - 00175560 _____ () C:\Users\Christian\AppData\Roaming\Dropbox\bin\win32gui.pyd
2015-12-10 18:14 - 2015-10-30 18:00 - 00028616 _____ () C:\Users\Christian\AppData\Roaming\Dropbox\bin\win32ts.pyd
2015-12-10 18:14 - 2015-10-30 18:00 - 00024016 _____ () C:\Users\Christian\AppData\Roaming\Dropbox\bin\win32clipboard.pyd
2015-12-10 18:14 - 2015-10-30 18:00 - 00048592 _____ () C:\Users\Christian\AppData\Roaming\Dropbox\bin\win32service.pyd
2015-12-10 18:14 - 2015-12-08 14:36 - 00024392 _____ () C:\Users\Christian\AppData\Roaming\Dropbox\bin\librsyncffi.compiled._librsyncffi.pyd
2015-12-10 18:14 - 2015-10-30 18:00 - 00036296 _____ () C:\Users\Christian\AppData\Roaming\Dropbox\bin\librsync.dll
2015-12-10 18:14 - 2015-10-30 18:00 - 00024016 _____ () C:\Users\Christian\AppData\Roaming\Dropbox\bin\win32profile.pyd
2015-12-10 18:14 - 2015-12-08 14:36 - 00117056 _____ () C:\Users\Christian\AppData\Roaming\Dropbox\bin\breakpad.client.windows.handler.pyd
2015-12-10 18:14 - 2015-12-08 14:36 - 00031568 _____ () C:\Users\Christian\AppData\Roaming\Dropbox\bin\enterprise_data.compiled._enterprise_data.pyd
2015-12-10 18:14 - 2015-11-04 17:04 - 00293392 _____ () C:\Users\Christian\AppData\Roaming\Dropbox\bin\EnterpriseDataAdapter.dll
2015-12-10 18:14 - 2015-12-08 14:36 - 00023376 _____ () C:\Users\Christian\AppData\Roaming\Dropbox\bin\winscreenshot.compiled._CaptureScreenshot.pyd
2015-12-10 18:14 - 2015-10-30 17:59 - 00134608 _____ () C:\Users\Christian\AppData\Roaming\Dropbox\bin\_elementtree.pyd
2015-12-10 18:14 - 2015-10-30 17:59 - 00134088 _____ () C:\Users\Christian\AppData\Roaming\Dropbox\bin\pyexpat.pyd
2015-12-10 18:14 - 2015-10-30 18:00 - 00240584 _____ () C:\Users\Christian\AppData\Roaming\Dropbox\bin\jpegtran.pyd
2015-12-10 18:14 - 2015-12-08 14:36 - 00020280 _____ () C:\Users\Christian\AppData\Roaming\Dropbox\bin\cpuid.compiled._cpuid.pyd
2015-12-10 18:14 - 2015-12-08 14:36 - 00052024 _____ () C:\Users\Christian\AppData\Roaming\Dropbox\bin\psutil._psutil_windows.pyd
2015-12-10 18:14 - 2015-12-08 14:36 - 00021304 _____ () C:\Users\Christian\AppData\Roaming\Dropbox\bin\Crypto.Util.strxor.pyd
2015-12-10 18:14 - 2015-10-30 18:00 - 00350152 _____ () C:\Users\Christian\AppData\Roaming\Dropbox\bin\winxpgui.pyd
2015-12-10 18:14 - 2015-12-08 14:36 - 00084792 _____ () C:\Users\Christian\AppData\Roaming\Dropbox\bin\dropbox_sqlite_ext.DLL
2015-12-10 18:14 - 2015-12-08 14:36 - 01826608 _____ () C:\Users\Christian\AppData\Roaming\Dropbox\bin\PyQt5.QtCore.pyd
2015-12-10 18:14 - 2015-10-30 18:00 - 00083912 _____ () C:\Users\Christian\AppData\Roaming\Dropbox\bin\sip.pyd
2015-12-10 18:14 - 2015-12-08 14:36 - 03891504 _____ () C:\Users\Christian\AppData\Roaming\Dropbox\bin\PyQt5.QtWidgets.pyd
2015-12-10 18:14 - 2015-12-08 14:36 - 01950000 _____ () C:\Users\Christian\AppData\Roaming\Dropbox\bin\PyQt5.QtGui.pyd
2015-12-10 18:14 - 2015-12-08 14:36 - 00519984 _____ () C:\Users\Christian\AppData\Roaming\Dropbox\bin\PyQt5.QtNetwork.pyd
2015-12-10 18:14 - 2015-12-08 14:36 - 00133936 _____ () C:\Users\Christian\AppData\Roaming\Dropbox\bin\PyQt5.QtWebKit.pyd
2015-12-10 18:14 - 2015-12-08 14:36 - 00225080 _____ () C:\Users\Christian\AppData\Roaming\Dropbox\bin\PyQt5.QtWebKitWidgets.pyd
2015-12-10 18:14 - 2015-12-08 14:36 - 00207672 _____ () C:\Users\Christian\AppData\Roaming\Dropbox\bin\PyQt5.QtPrintSupport.pyd
2015-12-10 18:14 - 2015-12-08 14:36 - 00024904 _____ () C:\Users\Christian\AppData\Roaming\Dropbox\bin\_cffi_wpad_proxy_win_x752e3d61xdcfdcc84.pyd
2015-12-10 18:14 - 2015-12-08 14:36 - 00486704 _____ () C:\Users\Christian\AppData\Roaming\Dropbox\bin\PyQt5.QtQuick.pyd
2015-12-10 18:14 - 2015-12-08 14:36 - 00357680 _____ () C:\Users\Christian\AppData\Roaming\Dropbox\bin\PyQt5.QtQml.pyd
2015-12-10 18:14 - 2015-10-30 18:01 - 00019920 _____ () C:\Users\Christian\AppData\Roaming\Dropbox\bin\QtQuick.2\qtquick2plugin.dll
2015-12-10 18:14 - 2015-10-30 18:00 - 00786904 _____ () C:\Users\Christian\AppData\Roaming\Dropbox\bin\QtQuick\Controls\qtquickcontrolsplugin.dll
2015-12-10 18:14 - 2015-10-30 18:00 - 00063448 _____ () C:\Users\Christian\AppData\Roaming\Dropbox\bin\QtQuick\Layouts\qquicklayoutsplugin.dll
2015-12-10 18:14 - 2015-10-30 18:00 - 00019408 _____ () C:\Users\Christian\AppData\Roaming\Dropbox\bin\QtQuick\Window.2\windowplugin.dll
2015-12-16 21:23 - 2015-12-16 21:23 - 40539648 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2015-04-22 19:57 - 2015-11-16 17:31 - 47846176 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll
2015-12-16 14:28 - 2015-12-10 20:54 - 01583432 _____ () C:\Program Files (x86)\Google\Chrome\Application\47.0.2526.106\libglesv2.dll
2015-12-16 14:28 - 2015-12-10 20:54 - 00081224 _____ () C:\Program Files (x86)\Google\Chrome\Application\47.0.2526.106\libegl.dll
2015-06-08 12:06 - 2015-06-08 12:06 - 00014336 _____ () C:\Program Files (x86)\Notepad++\plugins\NppExport.dll
2015-05-15 07:24 - 2015-05-15 07:24 - 02873856 _____ () C:\Program Files (x86)\Notepad++\plugins\NppFTP.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 06:25 - 2016-01-08 16:29 - 00000027 ____A C:\WINDOWS\system32\Drivers\etc\hosts

127.0.0.1 localhost

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3915831028-228235209-3607861613-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Hewlett-Packard Backgrounds\backgroundDefault.jpg
DNS Servers: 75.75.76.76 - 75.75.75.75
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

HKLM\...\StartupApproved\Run: => "LogMeIn GUI"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run32: => "LogMeIn Hamachi Ui"
HKLM\...\StartupApproved\Run32: => "SwitchBoard"
HKU\S-1-5-21-3915831028-228235209-3607861613-1001\...\StartupApproved\StartupFolder: => "PdaNet Desktop.lnk"
HKU\S-1-5-21-3915831028-228235209-3607861613-1001\...\StartupApproved\StartupFolder: => "Send to OneNote.lnk"
HKU\S-1-5-21-3915831028-228235209-3607861613-1001\...\StartupApproved\Run: => "EvolveClient"
HKU\S-1-5-21-3915831028-228235209-3607861613-1001\...\StartupApproved\Run: => "GoogleChromeAutoLaunch_F95133299531DA24C7CB703BC8432DCE"
HKU\S-1-5-21-3915831028-228235209-3607861613-1001\...\StartupApproved\Run: => "Dropbox Update"
HKU\S-1-5-21-3915831028-228235209-3607861613-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-3915831028-228235209-3607861613-1001\...\StartupApproved\Run: => "Discord"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{99F6F792-5D75-4575-8A29-D3E0E76D30D6}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{07BCEC03-FFAB-4BB5-A52C-F05483DF6606}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{6DEACD56-EBCF-473B-86E8-5BE68D0ED3EB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\RollerCoaster Tycoon Deluxe\RCT.EXE
FirewallRules: [{BC6CBEF4-F961-4F84-B53B-C8A098AF38E0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\RollerCoaster Tycoon Deluxe\RCT.EXE
FirewallRules: [{B1E8F556-BEE8-434A-B6C1-322C46E5AE07}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Don't Starve Together\bin\dontstarve_steam.exe
FirewallRules: [{C8857884-5FC4-4EEB-842B-324297C821A4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Don't Starve Together\bin\dontstarve_steam.exe
FirewallRules: [{DB14DB32-E45A-4CC9-B73B-9F0757223302}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{40D2D459-8DC8-40F0-8E32-F1A15D26A540}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [UDP Query User{85AF70AD-8307-402C-B879-19276C0DE062}C:\program files (x86)\steam\steamapps\common\starbound\win32\starbound_server.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\starbound\win32\starbound_server.exe
FirewallRules: [TCP Query User{D523E5E4-7055-43DF-ACBC-EBAC26B90AA8}C:\program files (x86)\steam\steamapps\common\starbound\win32\starbound_server.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\starbound\win32\starbound_server.exe
FirewallRules: [UDP Query User{D43F9E0D-E37D-4917-A055-E1023CD63457}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [TCP Query User{B519FCDE-9E89-49DF-8619-15E1B5877E8A}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [{F8E034B1-FD31-4198-8106-D2F01993BF19}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPDeviceDetection3.exe
FirewallRules: [UDP Query User{AE2C2826-6714-4C2A-8739-EBFBF1B56420}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [TCP Query User{8E303C50-7929-43DD-A75A-7F3BEC31304E}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{18459C2B-1EA1-4DE0-ADE6-549C6BA282D8}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{A928F104-4AAE-4414-9D32-6905CB6B0017}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{7BB1E938-5911-4365-93CC-C9BA32D28A54}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{549C8082-369D-48F2-A42D-EC47418A1B50}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{062E3059-B23E-44DB-869E-11BFFD2237C0}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12.exe
FirewallRules: [{82CA9E3A-63FB-484A-B5FB-7E75880B1732}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe
FirewallRules: [{932C34DC-B362-4E1B-BB10-0935AF458B19}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe
FirewallRules: [{FE42134A-507A-48E6-A85A-FEF6A726E294}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12Agent.exe
FirewallRules: [{44DEB9ED-0F0E-45C1-BFFC-9A553290903E}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12ML.exe
FirewallRules: [{A8A33981-DA61-4790-97A4-763D14366B5B}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Movie\PowerDVD.exe
FirewallRules: [{D25ECBA5-5694-4E17-A01B-17CDE2D8923A}] => (Allow) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
FirewallRules: [{6A7198D3-9CE1-4882-BBF2-7AE01F58EBAC}] => (Allow) C:\Program Files\CyberLink\PowerDirector12\PDR10.EXE
FirewallRules: [{423F066F-3653-4D84-907D-7FCFDCAD111E}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{AFF71F4B-A68F-4F6A-9AF6-DA31804D2A12}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{4D2539B5-62BC-4484-833E-CDE15B35547B}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{A0845B99-AEBC-4245-B640-977374D8F414}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{88965F4E-D4C2-4DCE-A0F2-40E7C76F4FBC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Team Fortress 2\hl2.exe
FirewallRules: [{B1368A6A-0480-40CD-80F4-5648A4232ABF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Team Fortress 2\hl2.exe
FirewallRules: [{A139EC38-E695-44FE-BD8A-BFA64005E63E}] => (Allow) C:\Program Files\Echobit\Evolve\EvoSvc.exe
FirewallRules: [{9D750CF3-2382-4D3B-AFDB-DB6655477A08}] => (Allow) C:\Program Files\Echobit\Evolve\EvolveClient.exe
FirewallRules: [{9EA94BC6-00C7-42BE-B879-AF81F7CD1FB7}] => (Allow) C:\Users\Christian\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{6728FC2A-B24A-46DE-9289-A0B2584B356A}] => (Allow) C:\Users\Christian\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{CDE3A518-02BF-4AB9-B58E-DB1EF7C71923}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{9315D8E0-6662-4B8C-8F00-D7F163AD5A92}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{6BC13FF9-BA19-4595-A5A7-9A94F5E2AC24}] => (Allow) C:\Users\Christian\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
FirewallRules: [{942CC054-D393-4B8A-8A5B-C2FCB138260E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Terraria\Terraria.exe
FirewallRules: [{F8A7FAB6-1EB7-424B-9E55-188CAD22A0FB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Terraria\Terraria.exe
FirewallRules: [{1B944E52-C971-4E4A-ACDE-1A75816B7BD5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Trove\GlyphClient.exe
FirewallRules: [{5692B719-1089-46DB-AE1B-8529BB1F333C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Trove\GlyphClient.exe
FirewallRules: [{3CCB7EBD-124D-4C94-8072-A111296993AF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Don't Starve Together\bin\dontstarve_steam.exe
FirewallRules: [{74AE377E-275D-49EB-AA46-7B7F1B92A480}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Don't Starve Together\bin\dontstarve_steam.exe
FirewallRules: [{4177192B-02B9-47A3-BCC3-00ADD2F793DD}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{44773902-A56C-46AC-B91C-AF7FBFC74BA8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\TheLongDark\tld.exe
FirewallRules: [{E2D6B8D0-F417-4659-BDAC-389C56AC658D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\TheLongDark\tld.exe
FirewallRules: [{0D701562-4075-4C6C-9FE8-1290E3A36CEC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\PapersPlease\PapersPlease.exe
FirewallRules: [{75873980-E4E6-4FA3-A4D7-03175CC277D2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\PapersPlease\PapersPlease.exe
FirewallRules: [{1FF71DB8-CBBA-4606-95B8-2CD92B76DF20}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Fallout 4\Fallout4Launcher.exe
FirewallRules: [{517E858F-3787-4139-8978-EA9CACFFD243}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Fallout 4\Fallout4Launcher.exe

==================== Restore Points =========================

24-12-2015 17:04:17 JRT Pre-Junkware Removal
31-12-2015 00:30:22 Windows Update
01-01-2016 23:45:43 precleanup
04-01-2016 18:30:55 Installed Office Timeline
08-01-2016 15:26:35 precleanup(new)

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (01/08/2016 04:37:52 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Local Hostname TheStation.local already in use; will try TheStation-2.local instead

Error: (01/08/2016 04:37:52 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: ProbeCount 0; will deregister 4 TheStation.local. Addr 10.0.0.6

Error: (01/08/2016 04:37:52 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Received from 10.0.0.6:5353 16 TheStation.local. AAAA 2601:0681:4C01:2FC7:5CC8:7577:A709:B153

Error: (01/08/2016 04:11:29 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: THESTATION)
Description: Activation of app Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI failed with error: -2144927141 See the Microsoft-Windows-TWinUI/Operational log for additional information.

Error: (01/08/2016 03:42:49 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: BITSC:\Windows\System32\bitsperf.dll8

Error: (01/08/2016 03:26:56 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.

Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol.

System Error:
Access is denied.
.

Error: (01/07/2016 11:57:54 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 7047

Error: (01/07/2016 11:57:54 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 7047

Error: (01/07/2016 11:57:54 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (01/07/2016 11:57:49 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 2188


System errors:
=============
Error: (01/08/2016 04:42:34 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: {784E29F4-5EBE-4279-9948-1E8FE941646D}

Error: (01/08/2016 04:36:35 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The User Data Access_4d835 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.

Error: (01/08/2016 04:36:35 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The User Data Storage_4d835 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.

Error: (01/08/2016 04:36:35 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Contact Data_4d835 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.

Error: (01/08/2016 04:36:35 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Sync Host_4d835 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.

Error: (01/08/2016 04:36:34 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)UnavailableUnavailable

Error: (01/08/2016 04:18:55 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: {784E29F4-5EBE-4279-9948-1E8FE941646D}

Error: (01/08/2016 04:11:37 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Sync Host_8aa8c service to connect.

Error: (01/08/2016 04:11:37 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the User Data Storage_8aa8c service to connect.

Error: (01/08/2016 04:11:29 PM) (Source: DCOM) (EventID: 10010) (User: THESTATION)
Description: CortanaUI.AppXtpp90jhw9p0njjb85kvhxpppgrqfp117.mca


CodeIntegrity:
===================================
Date: 2016-01-06 06:55:59.042
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-01-01 17:31:48.373
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

Date: 2015-12-31 03:05:17.354
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

Date: 2015-12-25 05:10:49.440
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows.old\WINDOWS\WinSxS\x86_microsoft-windows-utilman_31bf3856ad364e35_10.0.10240.16384_none_ae8b861a138d2840\Utilman.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2015-12-25 05:10:49.409
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows.old\WINDOWS\WinSxS\x86_microsoft-windows-utilman_31bf3856ad364e35_10.0.10240.16384_none_ae8b861a138d2840\Utilman.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2015-12-25 05:10:49.364
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows.old\WINDOWS\WinSxS\x86_microsoft-windows-utilman_31bf3856ad364e35_10.0.10240.16384_none_ae8b861a138d2840\Utilman.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2015-12-25 05:07:28.141
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows.old\WINDOWS\WinSxS\wow64_windows-devices-perception_31bf3856ad364e35_10.0.10240.16384_none_d7cab6266329c783\Windows.Devices.Perception.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2015-12-25 05:07:28.092
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows.old\WINDOWS\WinSxS\wow64_windows-devices-perception_31bf3856ad364e35_10.0.10240.16384_none_d7cab6266329c783\Windows.Devices.Perception.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2015-12-25 05:07:28.029
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows.old\WINDOWS\WinSxS\wow64_windows-devices-perception_31bf3856ad364e35_10.0.10240.16384_none_d7cab6266329c783\Windows.Devices.Perception.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2015-12-25 05:07:16.417
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows.old\WINDOWS\WinSxS\wow64_microsoft-xbox-gameoverlay_31bf3856ad364e35_10.0.10240.16431_none_510c5232f65d3fa4\GamePanel.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


==================== Memory info ===========================

Processor: Intel(R) Pentium(R) CPU N3540 @ 2.16GHz
Percentage of memory in use: 67%
Total physical RAM: 3982.27 MB
Available physical RAM: 1287.81 MB
Total Virtual: 7182.27 MB
Available Virtual: 4048.94 MB

==================== Drives ================================

Drive c: (Windows) (Fixed) (Total:902.82 GB) (Free:727.88 GB) NTFS
Drive d: (RECOVERY) (Fixed) (Total:26.85 GB) (Free:2.96 GB) NTFS ==>[system with boot components (obtained from drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: E85455D1)

Partition: GPT.

==================== End of Addition.txt ============================
Wogln
Active Member
 
Posts: 13
Joined: December 26th, 2015, 12:36 am
Advertisement
Register to Remove

Next

  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 126 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware