Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

Win 10, post Defender malware find

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

Win 10, post Defender malware find

Unread postby askjacob » July 4th, 2016, 5:38 am

Hi there,

I have a newish laptop that had a trial of Macafee installed, once that expired after 30 days I decided what the heck I will try out MS's Defender, and what do you know, a lot of malware had gone under the radar. I should have known better, but I thought I'd use it during the free trial, but now I am paying the price.

Anyway, Defender said it had "fixed" the problems, however after a spontaneous reboot, I now find myself a happy owner of a win 10 system that now refuses to start defender, and I don't trust it a bit.

I used to be a bug hunter back in the XP days, but Win 10 has me beat. You will see stuff in the logs from a bit of fun with Trovi search redirect a few months ago.

Please help if you can.

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 02-07-2016
Ran by Jacob (administrator) on MOBILELABMAX (04-07-2016 18:16:05)
Running from C:\Users\Jacob\Downloads
Loaded Profiles: Jacob (Available Profiles: Jacob)
Platform: Windows 10 Home Version 1511 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel Corporation) C:\Windows\SysWOW64\IntelCpHeciSvc.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(ASUSTeK) C:\Program Files (x86)\ASUS\ROG Game First III\AsusGameFirstService.exe
(Intel Corporation) C:\Windows\SysWOW64\esif_uf.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\utilities\ibtsiva.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
() C:\Program Files\CyberLink\Shared files\RichVideo64.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(Intel Corporation) C:\Windows\Temp\DPTF\esif_assist_64.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
() C:\Windows\System32\igfxTray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Flux Software LLC) C:\Users\Jacob\AppData\Local\FluxSoftware\Flux\flux.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(VMware, Inc.) C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
() C:\Program Files (x86)\EitherMouse\EitherMouse.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ROG Gaming Center\ROGGamingKey.exe
(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\NetworkUXBroker.exe
(ASUS Cloud Corporation) C:\Program Files (x86)\ASUS\WebStorage\2.2.8.559\AsusWSPanel.exe
() C:\Program Files (x86)\ASUS\WebStorage\2.2.8.559\AsusWSService.exe
(Microsoft Corporation) C:\Windows\System32\Taskmgr.exe
() C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe
(Intel(R) Corporation) C:\Program Files (x86)\Intel\Intel(R) Extreme Tuning Utility\XtuService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2397120 2016-06-15] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => "C:\WINDOWS\system32\rundll32.exe" C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [WebStorage] => C:\Program Files (x86)\ASUS\WebStorage\2.2.8.559\ASUSWSLoader.exe [62944 2016-05-04] ()
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [24105936 2016-06-14] (Dropbox, Inc.)
HKLM-x32\...\Run: [vmware-tray.exe] => C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe [104128 2015-10-18] (VMware, Inc.)
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-1000113554-1559343911-2160561676-1001\...\Run: [f.lux] => C:\Users\Jacob\AppData\Local\FluxSoftware\Flux\flux.exe [1017224 2013-10-24] (Flux Software LLC)
HKU\S-1-5-21-1000113554-1559343911-2160561676-1001\...\Run: [SpybotPostWindows10UpgradeReInstall] => "C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe"
HKU\S-1-5-21-1000113554-1559343911-2160561676-1001\...\Run: [Spybot-S&D Cleaning] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe [5915776 2016-03-21] (Safer-Networking Ltd.)
HKU\S-1-5-21-1000113554-1559343911-2160561676-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2917456 2016-06-15] (Valve Corporation)
HKU\S-1-5-21-1000113554-1559343911-2160561676-1001\...\MountPoints2: {1aebcffa-2d26-11e6-9be6-185e0f1c3f17} - "F:\TL-BootStrap.exe"
HKU\S-1-5-21-1000113554-1559343911-2160561676-1001\...\MountPoints2: {c33e669c-2d07-11e6-9be5-185e0f1c3f17} - "F:\TL-BootStrap.exe"
ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-06-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-06-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-06-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-06-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-06-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-06-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-06-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-06-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7191} => C:\Program Files (x86)\Common Files\AWS\2.2.8.559\ASUSWSShellExt64.dll [2015-04-22] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D809} => C:\Program Files (x86)\Common Files\AWS\2.2.8.559\ASUSWSShellExt64.dll [2015-04-22] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_U] -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4E} => C:\Program Files (x86)\Common Files\AWS\2.2.8.559\ASUSWSShellExt64.dll [2015-04-22] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-06-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-06-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-06-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-06-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-06-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-06-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-06-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-06-14] (Dropbox, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Heimdal.lnk [2016-06-06]
ShortcutTarget: Heimdal.lnk -> C:\Program Files (x86)\Heimdal\Client\HeimdalAgent.exe (No File)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SolidWorks 2014 Fast Start.lnk [2016-06-09]
ShortcutTarget: SolidWorks 2014 Fast Start.lnk -> C:\Windows\Installer\{4FFA60C4-9A8B-4C9E-8265-2241B266304C}\NewShortcut2_87EDF6C81D0A4B7B84F42FE0C6A9D608.exe (Flexera Software LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SolidWorks Background Downloader.lnk [2016-06-09]
ShortcutTarget: SolidWorks Background Downloader.lnk -> C:\Program Files (x86)\Common Files\SolidWorks Installation Manager\BackgroundDownloading\sldBgDwld.exe (Dassault Systèmes SolidWorks Corp.)
Startup: C:\Users\Jacob\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EitherMouse.lnk [2016-06-19]
ShortcutTarget: EitherMouse.lnk -> C:\Program Files (x86)\EitherMouse\EitherMouse.exe ()
BootExecute: autocheck autochk * sdnclean64.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 8.8.8.8 8.8.4.4 10.1.1.1
Tcpip\..\Interfaces\{f07a1244-cca8-4c31-842b-e76aab81d8dc}: [DhcpNameServer] 8.8.8.8 8.8.4.4 10.1.1.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-1000113554-1559343911-2160561676-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-1000113554-1559343911-2160561676-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.microsoft.com/isapi/redir.dl ... ar=msnhome
HKU\S-1-5-21-1000113554-1559343911-2160561676-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://follow.toshiba.ca/toshiba/id-ss
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2016-06-10] (Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2016-06-10] (Microsoft Corporation)
BHO-x32: Evernote extension -> {92EF2EAD-A7CE-4424-B0DB-499CF856608E} -> C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll [2015-05-01] (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-06-10] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-06-10] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-06-10] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-06-10] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\Jacob\AppData\Roaming\Mozilla\Firefox\Profiles\tfg0qaaa.default
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-12-29] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-12-29] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-12-29] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-12-29] (Foxit Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-04-21] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-04-21] (Intel Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2016-06-10] (Microsoft Corporation)
FF Extension: TinEye Reverse Image Search - C:\Users\Jacob\AppData\Roaming\Mozilla\Firefox\Profiles\tfg0qaaa.default\extensions\tineye@ideeinc.com.xpi [2016-06-05]
FF Extension: Ant Video Downloader - C:\Users\Jacob\AppData\Roaming\Mozilla\Firefox\Profiles\tfg0qaaa.default\extensions\anttoolbar@ant.com [2016-06-29]
FF Extension: Reddit Enhancement Suite - C:\Users\Jacob\AppData\Roaming\Mozilla\Firefox\Profiles\tfg0qaaa.default\Extensions\jid1-xUfzOsOFlzSOXg@jetpack.xpi [2016-06-04]
FF Extension: uBlock Origin - C:\Users\Jacob\AppData\Roaming\Mozilla\Firefox\Profiles\tfg0qaaa.default\Extensions\uBlock0@raymondhill.net.xpi [2016-06-24]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S2 Asus WebStorage Windows Service; C:\Program Files (x86)\ASUS\WebStorage\2.2.2.524\AsusWSWinService.exe [71168 2015-06-01] (ASUS Cloud Corporation) [File not signed]
R2 AsusGameFirstService; C:\Program Files (x86)\ASUS\ROG Game First III\AsusGameFirstService.exe [356664 2015-02-03] (ASUSTeK)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2944768 2016-06-10] (Microsoft Corporation)
S3 cplspcon; C:\Windows\system32\IntelCpHDCPSvc.exe [431088 2016-06-17] (Intel Corporation)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-06-02] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-06-02] (Dropbox, Inc.)
R2 esifsvc; C:\Windows\SysWOW64\esif_uf.exe [1385640 2015-08-17] (Intel Corporation)
S3 ESRV_SVC_WILLAMETTE; C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe [416408 2016-03-09] ()
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1163712 2016-06-15] (NVIDIA Corporation)
R2 ibtsiva; C:\Program Files (x86)\Intel\Bluetooth\utilities\ibtsiva.exe [165104 2015-08-08] (Intel Corporation)
R2 igfxCUIService2.0.0.0; C:\Windows\system32\igfxCUIService.exe [356336 2016-06-17] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [881152 2015-05-22] (Intel(R) Corporation)
R3 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [335872 2015-05-20] (Intel Corporation) [File not signed]
S2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [7680 2015-05-20] () [File not signed]
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [207648 2015-08-07] (Intel Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [268192 2016-02-08] ()
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1879488 2016-06-15] (NVIDIA Corporation)
S3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [3632576 2016-06-15] (NVIDIA Corporation)
S2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2521024 2016-06-15] (NVIDIA Corporation)
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [389896 2014-04-15] ()
S3 ROGGamingCenterService; C:\Program Files (x86)\ASUS\ROG Gaming Center\ROGGamingCenterService.exe [76032 2015-08-13] (ASUSTeK COMPUTER INC.)
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
S3 SolidWorks Licensing Service; C:\Program Files (x86)\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe [79360 2016-06-09] (SolidWorks) [File not signed]
S2 SystemUsageReportSvc_WILLAMETTE; C:\Program Files (x86)\Intel Driver Update Utility\SUR\SurSvc.exe [118424 2016-03-09] ()
S3 USER_ESRV_SVC_WILLAMETTE; C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe [416408 2016-03-09] ()
S2 VMwareHostd; C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe [12465856 2015-10-18] ()
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-10-30] (Microsoft Corporation)
R2 XTU3SERVICE; C:\Program Files (x86)\Intel\Intel(R) Extreme Tuning Utility\XtuService.exe [19192 2015-08-13] (Intel(R) Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3833248 2016-02-08] (Intel® Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 AsusSGDrv; C:\Windows\system32\DRIVERS\AsusSGDrv.sys [138744 2015-08-18] (ASUS Corporation)
R3 dptf_acpi; C:\Windows\System32\drivers\dptf_acpi.sys [55816 2015-08-17] (Intel Corporation)
R3 dptf_cpu; C:\Windows\System32\drivers\dptf_cpu.sys [53752 2015-08-17] (Intel Corporation)
R3 esif_lf; C:\Windows\system32\DRIVERS\esif_lf.sys [261624 2015-08-17] (Intel Corporation)
R3 ibtusb; C:\Windows\system32\DRIVERS\ibtusb.sys [259824 2015-08-08] (Intel Corporation)
R2 iocbios2; C:\Program Files (x86)\Intel\Intel(R) Extreme Tuning Utility\Drivers\IocDriver\64bit\iocbios2.sys [30224 2015-08-13] (Intel Corporation)
R3 MEIx64; C:\Windows\System32\drivers\TeeDriverW8x64.sys [184608 2015-07-29] (Intel Corporation)
S3 Netwtw02; C:\Windows\System32\drivers\Netwtw02.sys [7075568 2015-08-24] (Intel Corporation)
R3 Netwtw04; C:\Windows\System32\drivers\Netwtw04.sys [7135504 2016-02-27] (Intel Corporation)
R1 NFC_Driver; C:\Windows\System32\drivers\NFC_Driver.sys [53440 2015-01-06] (Titan ARC Corp.)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [26560 2016-06-15] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [56384 2016-04-14] (NVIDIA Corporation)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [887552 2015-07-15] (Realtek )
R3 RTSPER; C:\Windows\system32\DRIVERS\RtsPer.sys [753368 2015-06-15] (Realsil Semiconductor Corporation)
S3 semav6msr64; C:\WINDOWS\system32\drivers\semav6msr64.sys [21984 2016-03-09] ()
R0 vsock; C:\Windows\System32\drivers\vsock.sys [75512 2015-10-18] (VMware, Inc.)
R2 vstor2-mntapi20-shared; C:\Windows\SysWow64\drivers\vstor2-mntapi20-shared.sys [34520 2015-07-09] (VMware, Inc.)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-07-04 18:16 - 2016-07-04 18:16 - 00023298 _____ C:\Users\Jacob\Downloads\FRST.txt
2016-07-04 18:15 - 2016-07-04 18:16 - 00000000 ____D C:\FRST
2016-07-04 18:15 - 2016-07-04 18:15 - 00000194 _____ C:\Users\Jacob\Downloads\ckfiles.txt
2016-07-04 18:14 - 2016-07-04 18:15 - 02390016 _____ (Farbar) C:\Users\Jacob\Downloads\FRST64.exe
2016-07-04 18:07 - 2016-07-04 18:09 - 00468480 _____ () C:\Users\Jacob\Downloads\CKScanner.exe
2016-07-04 17:37 - 2016-07-04 17:38 - 00400276 _____ C:\WINDOWS\Minidump\070416-25625-01.dmp
2016-07-02 12:26 - 2016-07-04 12:00 - 00003550 _____ C:\WINDOWS\System32\Tasks\ASUS Live Update1
2016-07-02 09:50 - 2016-07-02 09:51 - 03471190 _____ C:\Users\Jacob\Downloads\Aquaria_update_win32.zip
2016-07-01 21:27 - 2016-07-01 21:37 - 00000000 ____D C:\Users\Jacob\Desktop\Slic3r
2016-07-01 20:27 - 2016-07-01 20:29 - 00000000 ____D C:\WINDOWS\LastGood.Tmp
2016-07-01 20:25 - 2016-06-05 11:50 - 00452678 ____R C:\WINDOWS\system32\Drivers\etc\hosts.20160701-202502.backup
2016-07-01 20:13 - 2016-06-16 06:40 - 00484008 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2016-07-01 17:44 - 2016-07-02 18:58 - 357198621 _____ C:\Users\Jacob\Downloads\Doctor_Who_S09E08_720p.[Nightsdl.Com].mkv
2016-06-30 22:22 - 2016-06-30 22:24 - 25591572 _____ C:\Users\Jacob\Downloads\0b3c019a2feeab4d1b6862df959a837c3d9718fa.zip
2016-06-29 22:36 - 2016-06-29 22:36 - 00028152 _____ C:\Users\Jacob\Downloads\Time-master.zip
2016-06-29 22:30 - 2016-06-29 22:31 - 00006201 _____ C:\Users\Jacob\Downloads\DS1307RTC-master.zip
2016-06-29 21:57 - 2016-06-29 21:58 - 00008055 _____ C:\Users\Jacob\Downloads\DS1307(2).zip
2016-06-29 15:14 - 2016-06-29 15:14 - 00007935 _____ C:\Users\Jacob\Downloads\DS1307(1).zip
2016-06-29 14:58 - 2016-06-29 14:59 - 00382603 _____ C:\Users\Jacob\Downloads\DS1307.zip
2016-06-29 12:45 - 2016-06-29 12:45 - 00000000 ____D C:\Users\Jacob\.jssc
2016-06-29 12:39 - 2016-06-29 12:39 - 00413538 _____ C:\Users\Jacob\Downloads\Fat16-master.zip
2016-06-28 17:08 - 2016-06-29 22:39 - 00000194 _____ C:\Users\Jacob\Documents\My Youtube API.txt
2016-06-28 16:56 - 2016-06-28 17:25 - 00000600 _____ C:\Users\Jacob\AppData\Local\PUTTY.RND
2016-06-28 16:55 - 2016-06-28 16:55 - 00531368 _____ (Simon Tatham) C:\Users\Jacob\Downloads\putty (1).exe
2016-06-28 16:15 - 2016-06-28 16:32 - 115404912 _____ (Microsoft Corporation) C:\Users\Jacob\Downloads\windowsxp-kb936929-sp3-x86-enu_c81472f7eeea2eca421e116cd4c03e2300ebfde4.exe.part
2016-06-27 01:44 - 2016-06-27 01:44 - 02364385 _____ C:\Users\Jacob\Downloads\1449873229419.webm
2016-06-27 01:43 - 2016-06-27 01:43 - 01232821 _____ C:\Users\Jacob\Downloads\1457927206934.webm
2016-06-26 19:08 - 2016-06-26 19:08 - 03827357 _____ C:\Users\Jacob\Downloads\The_Amazing_Gyroscopic_Cube_Gears_.zip
2016-06-26 17:09 - 2016-06-26 17:09 - 02809574 _____ C:\Users\Jacob\Downloads\Steampunk_cube_gears.zip
2016-06-26 00:11 - 2016-06-26 00:11 - 00000000 ____D C:\Users\Jacob\AppData\Local\Lazy 8 Studios
2016-06-25 23:58 - 2016-06-25 23:58 - 00000137 _____ C:\Users\Jacob\Desktop\Lone Survivor The Director's Cut.url
2016-06-25 23:58 - 2016-06-25 23:58 - 00000136 _____ C:\Users\Jacob\Desktop\Super Meat Boy.url
2016-06-25 23:57 - 2016-06-25 23:57 - 00000137 _____ C:\Users\Jacob\Desktop\Her Story.url
2016-06-25 23:57 - 2016-06-25 23:57 - 00000137 _____ C:\Users\Jacob\Desktop\Cortex Command.url
2016-06-25 23:57 - 2016-06-25 23:57 - 00000136 _____ C:\Users\Jacob\Desktop\Hammerfight.url
2016-06-25 23:57 - 2016-06-25 23:57 - 00000136 _____ C:\Users\Jacob\Desktop\Atom Zombie Smasher.url
2016-06-25 23:57 - 2016-06-25 23:57 - 00000136 _____ C:\Users\Jacob\Desktop\Amnesia The Dark Descent.url
2016-06-25 23:56 - 2016-06-25 23:56 - 00000137 _____ C:\Users\Jacob\Desktop\Superbrothers Sword & Sworcery EP.url
2016-06-25 23:56 - 2016-06-25 23:56 - 00000137 _____ C:\Users\Jacob\Desktop\80 Days.url
2016-06-25 23:56 - 2016-06-25 23:56 - 00000136 _____ C:\Users\Jacob\Desktop\VVVVVV.url
2016-06-25 23:56 - 2016-06-25 23:56 - 00000136 _____ C:\Users\Jacob\Desktop\Steel Storm Burning Retribution.url
2016-06-25 21:47 - 2016-06-25 21:47 - 00000137 _____ C:\Users\Jacob\Desktop\Read Only Memories.url
2016-06-25 21:46 - 2016-06-25 21:46 - 00000137 _____ C:\Users\Jacob\Desktop\Samorost 3.url
2016-06-25 21:46 - 2016-06-25 21:46 - 00000136 _____ C:\Users\Jacob\Desktop\Samorost 2.url
2016-06-25 21:46 - 2016-06-25 21:46 - 00000136 _____ C:\Users\Jacob\Desktop\Penumbra Overture.url
2016-06-25 21:46 - 2016-06-25 21:46 - 00000136 _____ C:\Users\Jacob\Desktop\Lugaru HD.url
2016-06-25 21:45 - 2016-06-25 21:45 - 00000136 _____ C:\Users\Jacob\Desktop\Cogs.url
2016-06-25 21:45 - 2016-06-25 21:45 - 00000135 _____ C:\Users\Jacob\Desktop\Gish.url
2016-06-25 21:44 - 2016-06-25 21:44 - 00000137 _____ C:\Users\Jacob\Desktop\Cibele.url
2016-06-25 21:44 - 2016-06-25 21:44 - 00000137 _____ C:\Users\Jacob\Desktop\Broken Age.url
2016-06-25 21:43 - 2016-06-25 21:43 - 00000136 _____ C:\Users\Jacob\Desktop\Aquaria.url
2016-06-25 21:43 - 2016-06-25 21:43 - 00000136 _____ C:\Users\Jacob\Desktop\And Yet It Moves.url
2016-06-25 21:24 - 2016-06-25 21:24 - 00000222 _____ C:\Users\Jacob\Desktop\Sorcery! Parts 1 & 2.url
2016-06-25 21:20 - 2016-06-25 21:20 - 00000221 _____ C:\Users\Jacob\Desktop\LIMBO.url
2016-06-25 21:18 - 2016-06-25 21:18 - 00000220 _____ C:\Users\Jacob\Desktop\Psychonauts.url
2016-06-25 07:22 - 2016-06-25 07:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2016-06-22 22:14 - 2016-06-22 22:14 - 00466456 _____ (Creative Labs) C:\WINDOWS\system32\wrap_oal.dll
2016-06-22 22:14 - 2016-06-22 22:14 - 00444952 _____ (Creative Labs) C:\WINDOWS\SysWOW64\wrap_oal.dll
2016-06-22 22:14 - 2016-06-22 22:14 - 00122904 _____ (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\WINDOWS\system32\OpenAL32.dll
2016-06-22 22:14 - 2016-06-22 22:14 - 00109080 _____ (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\WINDOWS\SysWOW64\OpenAL32.dll
2016-06-22 22:14 - 2016-06-22 22:14 - 00000000 ____D C:\Users\Jacob\Documents\Zaccaria_Pinball
2016-06-22 22:14 - 2016-06-22 22:14 - 00000000 ____D C:\Program Files (x86)\OpenAL
2016-06-22 21:26 - 2016-06-22 21:26 - 00000000 ____D C:\Users\Jacob\AppData\Local\2DBoy
2016-06-22 21:26 - 2016-06-22 21:26 - 00000000 ____D C:\ProgramData\2DBoy
2016-06-22 21:17 - 2016-06-22 21:17 - 00000221 _____ C:\Users\Jacob\Desktop\Crayon Physics Deluxe.url
2016-06-22 19:52 - 2016-06-22 22:28 - 00000222 _____ C:\Users\Jacob\Desktop\Zaccaria Pinball.url
2016-06-22 19:41 - 2016-06-22 19:41 - 00000221 _____ C:\Users\Jacob\Desktop\World of Goo.url
2016-06-22 19:40 - 2016-06-22 19:40 - 00000221 _____ C:\Users\Jacob\Desktop\Braid.url
2016-06-22 18:50 - 2016-06-25 23:58 - 00000000 ____D C:\Users\Jacob\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2016-06-22 18:50 - 2016-06-22 18:50 - 00000219 _____ C:\Users\Jacob\Desktop\Portal.url
2016-06-22 18:40 - 2016-06-22 18:40 - 00000000 ____D C:\Users\Jacob\AppData\Local\Steam
2016-06-22 18:40 - 2016-06-22 18:40 - 00000000 ____D C:\Users\Jacob\AppData\Local\CEF
2016-06-22 18:34 - 2016-07-04 17:41 - 00000000 ____D C:\Program Files (x86)\Steam
2016-06-22 18:34 - 2016-06-22 18:34 - 00001038 _____ C:\Users\Public\Desktop\Steam.lnk
2016-06-22 18:34 - 2016-06-22 18:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2016-06-22 18:33 - 2016-06-22 18:34 - 01380712 _____ C:\Users\Jacob\Downloads\SteamSetup.exe
2016-06-22 12:39 - 2016-06-22 12:39 - 00000000 ____D C:\Users\Jacob\AppData\Roaming\com.stateofplaygames.LuminoCity
2016-06-22 01:47 - 2016-06-22 01:47 - 01148964 _____ C:\Users\Jacob\Downloads\U8glib_Arduino-1.19.1.zip
2016-06-21 17:32 - 2016-06-21 17:32 - 00000000 ____D C:\Users\Jacob\Downloads\New folder
2016-06-21 17:29 - 2016-06-21 17:29 - 00000000 ___HD C:\OneDriveTemp
2016-06-20 23:50 - 2016-06-30 22:04 - 00000000 ____D C:\Users\Jacob\Documents\Arduino
2016-06-20 23:50 - 2016-06-29 23:00 - 00000000 ____D C:\Users\Jacob\AppData\Local\Arduino15
2016-06-20 23:50 - 2016-06-20 23:50 - 00000000 ____D C:\Users\Jacob\.oracle_jre_usage
2016-06-19 21:38 - 2016-06-19 21:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EitherMouse
2016-06-19 21:38 - 2016-06-19 21:38 - 00000000 ____D C:\Program Files (x86)\EitherMouse
2016-06-19 21:36 - 2016-06-19 21:37 - 02747904 _____ C:\Users\Jacob\Downloads\EitherMouse Setup.exe
2016-06-19 18:02 - 2016-06-19 18:02 - 00006729 _____ C:\Users\Jacob\Downloads\iNq5zmg.gifv
2016-06-17 00:23 - 2016-06-17 00:23 - 01009648 _____ C:\WINDOWS\system32\igfxSDK.exe
2016-06-17 00:23 - 2016-06-17 00:23 - 00949232 _____ (Intel Corporation) C:\WINDOWS\system32\Gfxv4_0.exe
2016-06-17 00:23 - 2016-06-17 00:23 - 00945648 _____ (Intel Corporation) C:\WINDOWS\system32\Gfxv2_0.exe
2016-06-17 00:23 - 2016-06-17 00:23 - 00519152 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiUMS64.exe
2016-06-17 00:23 - 2016-06-17 00:23 - 00449520 _____ (Intel Corporation) C:\WINDOWS\system32\GfxUIEx.exe
2016-06-17 00:23 - 2016-06-17 00:23 - 00431088 _____ (Intel Corporation) C:\WINDOWS\system32\IntelCpHDCPSvc.exe
2016-06-17 00:23 - 2016-06-17 00:23 - 00219632 _____ (Intel Corporation) C:\WINDOWS\system32\igfxext.exe
2016-06-17 00:23 - 2016-06-17 00:23 - 00215024 _____ (Intel Corporation) C:\WINDOWS\system32\DPTopologyApp.exe
2016-06-17 00:23 - 2016-06-17 00:23 - 00214512 _____ (Intel Corporation) C:\WINDOWS\system32\DPTopologyAppv2_0.exe
2016-06-17 00:23 - 2016-06-17 00:23 - 00157680 _____ (Intel Corporation) C:\WINDOWS\system32\difx64.exe
2016-06-17 00:16 - 2016-06-17 00:16 - 39861840 _____ (Intel Corporation) C:\WINDOWS\system32\igdumdim64.dll
2016-06-17 00:16 - 2016-06-17 00:16 - 34820304 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igd11dxva32.dll
2016-06-17 00:16 - 2016-06-17 00:16 - 29101592 _____ (Intel Corporation) C:\WINDOWS\system32\common_clang64.dll
2016-06-17 00:16 - 2016-06-17 00:16 - 19861528 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\common_clang32.dll
2016-06-17 00:16 - 2016-06-17 00:16 - 13618200 _____ (Intel Corporation) C:\WINDOWS\system32\ig9icd64.dll
2016-06-17 00:16 - 2016-06-17 00:16 - 11856624 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igd10iumd32.dll
2016-06-17 00:16 - 2016-06-17 00:16 - 10314776 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\ig9icd32.dll
2016-06-17 00:16 - 2016-06-17 00:16 - 06647056 _____ (Intel Corporation) C:\WINDOWS\system32\igdusc64.dll
2016-06-17 00:16 - 2016-06-17 00:16 - 05688856 _____ (Intel Corporation) C:\WINDOWS\system32\igdmcl64.dll
2016-06-17 00:16 - 2016-06-17 00:16 - 05262872 _____ (Intel Corporation) C:\WINDOWS\system32\GfxResources.dll
2016-06-17 00:16 - 2016-06-17 00:16 - 05101736 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdusc32.dll
2016-06-17 00:16 - 2016-06-17 00:16 - 04927000 _____ (Intel Corporation) C:\WINDOWS\system32\igdrcl64.dll
2016-06-17 00:16 - 2016-06-17 00:16 - 04358168 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdrcl32.dll
2016-06-17 00:16 - 2016-06-17 00:16 - 04246568 _____ (Intel Corporation) C:\WINDOWS\system32\igd12umd64.dll
2016-06-17 00:16 - 2016-06-17 00:16 - 04214056 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igd12umd32.dll
2016-06-17 00:16 - 2016-06-17 00:16 - 03971608 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdmcl32.dll
2016-06-17 00:16 - 2016-06-17 00:16 - 01896480 _____ (Intel Corporation) C:\WINDOWS\system32\igdmd64.dll
2016-06-17 00:16 - 2016-06-17 00:16 - 01816736 _____ (Intel Corporation) C:\WINDOWS\system32\iglhsip64.dll
2016-06-17 00:16 - 2016-06-17 00:16 - 01814080 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\iglhsip32.dll
2016-06-17 00:16 - 2016-06-17 00:16 - 01590808 _____ (Intel Corporation) C:\WINDOWS\system32\igfxcmjit64.dll
2016-06-17 00:16 - 2016-06-17 00:16 - 01469920 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdmd32.dll
2016-06-17 00:16 - 2016-06-17 00:16 - 01178648 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfxcmjit32.dll
2016-06-17 00:16 - 2016-06-17 00:16 - 00818898 _____ C:\WINDOWS\system32\DisplayAudiox64.cab
2016-06-17 00:16 - 2016-06-17 00:16 - 00632856 _____ (Intel Corporation) C:\WINDOWS\system32\MetroIntelGenericUIFramework.dll
2016-06-17 00:16 - 2016-06-17 00:16 - 00438808 _____ (Intel Corporation) C:\WINDOWS\system32\igdbcl64.dll
2016-06-17 00:16 - 2016-06-17 00:16 - 00416280 _____ (Intel Corporation) C:\WINDOWS\system32\IntelOpenCL64.dll
2016-06-17 00:16 - 2016-06-17 00:16 - 00390168 _____ (Intel Corporation) C:\WINDOWS\system32\igfxOSP.dll
2016-06-17 00:16 - 2016-06-17 00:16 - 00388632 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdbcl32.dll
2016-06-17 00:16 - 2016-06-17 00:16 - 00350200 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiMCComp64.dll
2016-06-17 00:16 - 2016-06-17 00:16 - 00318488 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\IntelOpenCL32.dll
2016-06-17 00:16 - 2016-06-17 00:16 - 00312320 _____ (Intel Corporation) C:\WINDOWS\system32\igd10idpp64.dll
2016-06-17 00:16 - 2016-06-17 00:16 - 00297184 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igd10idpp32.dll
2016-06-17 00:16 - 2016-06-17 00:16 - 00273432 _____ C:\WINDOWS\system32\igfxCPL.cpl
2016-06-17 00:16 - 2016-06-17 00:16 - 00266264 _____ (Intel Corporation) C:\WINDOWS\system32\igdfcl64.dll
2016-06-17 00:16 - 2016-06-17 00:16 - 00255000 _____ (Intel Corporation) C:\WINDOWS\system32\igfxDTCM.dll
2016-06-17 00:16 - 2016-06-17 00:16 - 00242176 _____ (Intel Corporation) C:\WINDOWS\system32\iglhcp64.dll
2016-06-17 00:16 - 2016-06-17 00:16 - 00225304 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdfcl32.dll
2016-06-17 00:16 - 2016-06-17 00:16 - 00223264 _____ (Intel Corporation) C:\WINDOWS\system32\igdde64.dll
2016-06-17 00:16 - 2016-06-17 00:16 - 00207896 _____ (Intel Corporation) C:\WINDOWS\system32\igfxCoIn_v4463.dll
2016-06-17 00:16 - 2016-06-17 00:16 - 00205376 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\iglhcp32.dll
2016-06-17 00:16 - 2016-06-17 00:16 - 00193048 _____ (Intel Corporation) C:\WINDOWS\system32\igdail64.dll
2016-06-17 00:16 - 2016-06-17 00:16 - 00184000 _____ (Intel Corporation) C:\WINDOWS\system32\igfxcmrt64.dll
2016-06-17 00:16 - 2016-06-17 00:16 - 00182976 _____ (Intel Corporation) C:\WINDOWS\system32\igfx11cmrt64.dll
2016-06-17 00:16 - 2016-06-17 00:16 - 00181856 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdde32.dll
2016-06-17 00:16 - 2016-06-17 00:16 - 00173592 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdail32.dll
2016-06-17 00:16 - 2016-06-17 00:16 - 00160288 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfxcmrt32.dll
2016-06-17 00:16 - 2016-06-17 00:16 - 00160288 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfx11cmrt32.dll
2016-06-17 00:16 - 2016-06-17 00:16 - 00111640 _____ ( ) C:\WINDOWS\system32\igfxSDKLibv2_0.dll
2016-06-17 00:16 - 2016-06-17 00:16 - 00103960 _____ (Khronos Group) C:\WINDOWS\SysWOW64\Intel_OpenCL_ICD32.dll
2016-06-17 00:16 - 2016-06-17 00:16 - 00103448 _____ C:\WINDOWS\system32\igfxCUIServicePS.dll
2016-06-17 00:16 - 2016-06-17 00:16 - 00100888 _____ ( ) C:\WINDOWS\system32\igfxSDKLib.dll
2016-06-17 00:16 - 2016-06-17 00:16 - 00099864 _____ (Khronos Group) C:\WINDOWS\system32\Intel_OpenCL_ICD64.dll
2016-06-17 00:16 - 2016-06-17 00:16 - 00095256 _____ ( ) C:\WINDOWS\system32\igfxDHLibv2_0.dll
2016-06-17 00:16 - 2016-06-17 00:16 - 00084504 _____ ( ) C:\WINDOWS\system32\igfxDHLib.dll
2016-06-17 00:16 - 2016-06-17 00:16 - 00056088 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfxexps32.dll
2016-06-17 00:16 - 2016-06-17 00:16 - 00055264 _____ (Intel Corporation) C:\WINDOWS\system32\igfxexps.dll
2016-06-17 00:16 - 2016-06-17 00:16 - 00029208 _____ ( ) C:\WINDOWS\system32\igfxDILibv2_0.dll
2016-06-17 00:16 - 2016-06-17 00:16 - 00029208 _____ ( ) C:\WINDOWS\system32\igfxDILib.dll
2016-06-17 00:16 - 2016-06-17 00:16 - 00027672 _____ ( ) C:\WINDOWS\system32\igfxEMLibv2_0.dll
2016-06-17 00:16 - 2016-06-17 00:16 - 00027672 _____ ( ) C:\WINDOWS\system32\igfxEMLib.dll
2016-06-17 00:16 - 2016-06-17 00:16 - 00022552 _____ ( ) C:\WINDOWS\system32\igfxLHMLibv2_0.dll
2016-06-17 00:16 - 2016-06-17 00:16 - 00022552 _____ ( ) C:\WINDOWS\system32\igfxLHMLib.dll
2016-06-17 00:16 - 2016-06-17 00:16 - 00004842 _____ C:\WINDOWS\system32\iglhxs64.vp
2016-06-16 22:01 - 2016-07-01 10:24 - 00033792 ___SH C:\Users\Jacob\Downloads\Thumbs.db
2016-06-15 11:43 - 2016-05-28 16:13 - 01401024 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2016-06-15 11:43 - 2016-05-28 16:13 - 00046784 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2016-06-15 11:43 - 2016-05-28 14:57 - 01594416 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2016-06-15 11:43 - 2016-05-28 14:57 - 01372312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2016-06-15 11:43 - 2016-05-28 14:35 - 00123392 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdlrecover.exe
2016-06-15 11:43 - 2016-05-28 14:35 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsCSP.dll
2016-06-15 11:43 - 2016-05-28 14:31 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosHostClient.dll
2016-06-15 11:43 - 2016-05-28 14:29 - 22379008 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-06-15 11:43 - 2016-05-28 14:29 - 00045568 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2016-06-15 11:43 - 2016-05-28 14:28 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2016-06-15 11:43 - 2016-05-28 14:27 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosHostClient.dll
2016-06-15 11:43 - 2016-05-28 14:27 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapsupdatetask.dll
2016-06-15 11:43 - 2016-05-28 14:26 - 00120320 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvc.dll
2016-06-15 11:43 - 2016-05-28 14:26 - 00074752 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosStorage.dll
2016-06-15 11:43 - 2016-05-28 14:24 - 00072704 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshost.dll
2016-06-15 11:43 - 2016-05-28 14:22 - 00269824 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshostcore.dll
2016-06-15 11:43 - 2016-05-28 14:22 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapsBtSvc.dll
2016-06-15 11:43 - 2016-05-28 14:22 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosStorage.dll
2016-06-15 11:43 - 2016-05-28 14:19 - 24605696 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-06-15 11:43 - 2016-05-28 14:18 - 07977472 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2016-06-15 11:43 - 2016-05-28 14:18 - 00460800 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2016-06-15 11:43 - 2016-05-28 14:17 - 00630784 _____ (Microsoft Corporation) C:\WINDOWS\system32\MessagingDataModel2.dll
2016-06-15 11:43 - 2016-05-28 14:15 - 01056256 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll
2016-06-15 11:43 - 2016-05-28 14:15 - 00853504 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2016-06-15 11:43 - 2016-05-28 14:15 - 00349696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
2016-06-15 11:43 - 2016-05-28 14:14 - 00988160 _____ (Microsoft Corporation) C:\WINDOWS\system32\NMAA.dll
2016-06-15 11:43 - 2016-05-28 14:14 - 00606208 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2016-06-15 11:43 - 2016-05-28 14:14 - 00499712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MessagingDataModel2.dll
2016-06-15 11:43 - 2016-05-28 14:13 - 00939520 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
2016-06-15 11:43 - 2016-05-28 14:12 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll
2016-06-15 11:43 - 2016-05-28 14:11 - 00784896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NMAA.dll
2016-06-15 11:43 - 2016-05-28 14:11 - 00711680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlCore.dll
2016-06-15 11:43 - 2016-05-28 14:11 - 00504320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2016-06-15 11:43 - 2016-05-28 14:08 - 06295552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2016-06-15 11:43 - 2016-05-28 14:06 - 07200256 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2016-06-15 11:43 - 2016-05-28 14:04 - 06973952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2016-06-15 11:43 - 2016-05-28 14:03 - 05205504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2016-06-15 11:43 - 2016-05-28 14:03 - 02609664 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2016-06-15 11:43 - 2016-05-28 14:00 - 01707520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActiveSyncProvider.dll
2016-06-15 11:43 - 2016-05-28 13:58 - 01996288 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncProvider.dll
2016-06-15 11:42 - 2016-05-28 16:13 - 01184960 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2016-06-15 11:42 - 2016-05-28 16:13 - 00514752 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2016-06-15 11:42 - 2016-05-28 16:13 - 00290496 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2016-06-15 11:42 - 2016-05-28 16:13 - 00092352 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2016-06-15 11:42 - 2016-05-28 15:25 - 04268880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setupapi.dll
2016-06-15 11:42 - 2016-05-28 15:23 - 00388384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ws2_32.dll
2016-06-15 11:42 - 2016-05-28 15:23 - 00312160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mswsock.dll
2016-06-15 11:42 - 2016-05-28 15:22 - 07474528 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-06-15 11:42 - 2016-05-28 15:22 - 04387680 _____ (Microsoft Corporation) C:\WINDOWS\system32\setupapi.dll
2016-06-15 11:42 - 2016-05-28 15:22 - 00428896 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2016-06-15 11:42 - 2016-05-28 15:22 - 00211296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tpm.sys
2016-06-15 11:42 - 2016-05-28 15:22 - 00118624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\partmgr.sys
2016-06-15 11:42 - 2016-05-28 15:20 - 00430312 _____ (Microsoft Corporation) C:\WINDOWS\system32\ws2_32.dll
2016-06-15 11:42 - 2016-05-28 15:18 - 00357216 _____ (Microsoft Corporation) C:\WINDOWS\system32\mswsock.dll
2016-06-15 11:42 - 2016-05-28 15:16 - 00026408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2016-06-15 11:42 - 2016-05-28 15:09 - 00501600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll
2016-06-15 11:42 - 2016-05-28 15:09 - 00170848 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkUXBroker.exe
2016-06-15 11:42 - 2016-05-28 15:09 - 00084832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupApi.dll
2016-06-15 11:42 - 2016-05-28 15:08 - 00693600 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll
2016-06-15 11:42 - 2016-05-28 15:08 - 00258912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ufx01000.sys
2016-06-15 11:42 - 2016-05-28 15:08 - 00115040 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupApi.dll
2016-06-15 11:42 - 2016-05-28 15:07 - 03675512 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2016-06-15 11:42 - 2016-05-28 15:07 - 02921880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2016-06-15 11:42 - 2016-05-28 15:07 - 01322248 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2016-06-15 11:42 - 2016-05-28 15:07 - 00957608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2016-06-15 11:42 - 2016-05-28 15:07 - 00808288 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2016-06-15 11:42 - 2016-05-28 15:07 - 00703840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2016-06-15 11:42 - 2016-05-28 15:07 - 00331616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2016-06-15 11:42 - 2016-05-28 15:06 - 22561256 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2016-06-15 11:42 - 2016-05-28 15:06 - 04074160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2016-06-15 11:42 - 2016-05-28 15:06 - 00730344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
2016-06-15 11:42 - 2016-05-28 15:06 - 00303216 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppHost.exe
2016-06-15 11:42 - 2016-05-28 15:06 - 00254656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppHost.exe
2016-06-15 11:42 - 2016-05-28 15:05 - 04515264 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2016-06-15 11:42 - 2016-05-28 15:04 - 00604928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2016-06-15 11:42 - 2016-05-28 15:04 - 00431296 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll
2016-06-15 11:42 - 2016-05-28 15:04 - 00360480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
2016-06-15 11:42 - 2016-05-28 15:04 - 00161632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2016-06-15 11:42 - 2016-05-28 15:04 - 00111064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptsslp.dll
2016-06-15 11:42 - 2016-05-28 15:04 - 00097096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptsslp.dll
2016-06-15 11:42 - 2016-05-28 15:03 - 00131248 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpapi.dll
2016-06-15 11:42 - 2016-05-28 14:58 - 01996640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2016-06-15 11:42 - 2016-05-28 14:58 - 00379232 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2016-06-15 11:42 - 2016-05-28 14:57 - 02548944 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
2016-06-15 11:42 - 2016-05-28 14:57 - 02195632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
2016-06-15 11:42 - 2016-05-28 14:57 - 00649792 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2016-06-15 11:42 - 2016-05-28 14:57 - 00636304 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2016-06-15 11:42 - 2016-05-28 14:57 - 00577376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2016-06-15 11:42 - 2016-05-28 14:57 - 00546456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2016-06-15 11:42 - 2016-05-28 14:57 - 00521664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2016-06-15 11:42 - 2016-05-28 14:57 - 00316256 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2016-06-15 11:42 - 2016-05-28 14:35 - 00031744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsdport.sys
2016-06-15 11:42 - 2016-05-28 14:31 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdlrecover.exe
2016-06-15 11:42 - 2016-05-28 14:31 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2016-06-15 11:42 - 2016-05-28 14:29 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\adhsvc.dll
2016-06-15 11:42 - 2016-05-28 14:29 - 00019456 _____ (Microsoft Corporation) C:\WINDOWS\system32\httpprxp.dll
2016-06-15 11:42 - 2016-05-28 14:28 - 00166400 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2016-06-15 11:42 - 2016-05-28 14:28 - 00090112 _____ (Microsoft Corporation) C:\WINDOWS\system32\FwRemoteSvr.dll
2016-06-15 11:42 - 2016-05-28 14:26 - 00199168 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2016-06-15 11:42 - 2016-05-28 14:26 - 00157184 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcertinst.exe
2016-06-15 11:42 - 2016-05-28 14:26 - 00145920 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmclient.exe
2016-06-15 11:42 - 2016-05-28 14:25 - 00112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthenum.sys
2016-06-15 11:42 - 2016-05-28 14:25 - 00037376 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2016-06-15 11:42 - 2016-05-28 14:24 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2016-06-15 11:42 - 2016-05-28 14:24 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Ndu.sys
2016-06-15 11:42 - 2016-05-28 14:24 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2016-06-15 11:42 - 2016-05-28 14:24 - 00091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2016-06-15 11:42 - 2016-05-28 14:24 - 00086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppCapture.dll
2016-06-15 11:42 - 2016-05-28 14:24 - 00067072 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcsvc6.dll
2016-06-15 11:42 - 2016-05-28 14:24 - 00053760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FwRemoteSvr.dll
2016-06-15 11:42 - 2016-05-28 14:23 - 00155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidclass.sys
2016-06-15 11:42 - 2016-05-28 14:23 - 00086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcsvc.dll
2016-06-15 11:42 - 2016-05-28 14:22 - 00406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2016-06-15 11:42 - 2016-05-28 14:22 - 00368640 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2016-06-15 11:42 - 2016-05-28 14:22 - 00278528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netbt.sys
2016-06-15 11:42 - 2016-05-28 14:22 - 00163328 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringservice.dll
2016-06-15 11:42 - 2016-05-28 14:22 - 00161280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2016-06-15 11:42 - 2016-05-28 14:22 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptsvc.dll
2016-06-15 11:42 - 2016-05-28 14:21 - 00550912 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2016-06-15 11:42 - 2016-05-28 14:21 - 00239104 _____ (Microsoft Corporation) C:\WINDOWS\system32\BrokerLib.dll
2016-06-15 11:42 - 2016-05-28 14:21 - 00207360 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll
2016-06-15 11:42 - 2016-05-28 14:21 - 00190464 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscsvc.dll
2016-06-15 11:42 - 2016-05-28 14:20 - 00641536 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2016-06-15 11:42 - 2016-05-28 14:20 - 00511488 _____ (Microsoft Corporation) C:\WINDOWS\system32\newdev.dll
2016-06-15 11:42 - 2016-05-28 14:20 - 00332288 _____ (Microsoft Corporation) C:\WINDOWS\system32\polstore.dll
2016-06-15 11:42 - 2016-05-28 14:20 - 00267264 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore6.dll
2016-06-15 11:42 - 2016-05-28 14:20 - 00199168 _____ (Microsoft Corporation) C:\WINDOWS\system32\GnssAdapter.dll
2016-06-15 11:42 - 2016-05-28 14:20 - 00174080 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Privacy.dll
2016-06-15 11:42 - 2016-05-28 14:20 - 00057344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcsvc6.dll
2016-06-15 11:42 - 2016-05-28 14:19 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2016-06-15 11:42 - 2016-05-28 14:19 - 00567808 _____ (Microsoft Corporation) C:\WINDOWS\system32\MBMediaManager.dll
2016-06-15 11:42 - 2016-05-28 14:19 - 00414720 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe
2016-06-15 11:42 - 2016-05-28 14:19 - 00355840 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore.dll
2016-06-15 11:42 - 2016-05-28 14:19 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcsvc.dll
2016-06-15 11:42 - 2016-05-28 14:18 - 11545088 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2016-06-15 11:42 - 2016-05-28 14:18 - 00610816 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll
2016-06-15 11:42 - 2016-05-28 14:18 - 00591360 _____ (Microsoft Corporation) C:\WINDOWS\system32\vpnike.dll
2016-06-15 11:42 - 2016-05-28 14:18 - 00392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\IPSECSVC.DLL
2016-06-15 11:42 - 2016-05-28 14:18 - 00380416 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemEventsBrokerServer.dll
2016-06-15 11:42 - 2016-05-28 14:18 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEEventDispatcher.dll
2016-06-15 11:42 - 2016-05-28 14:17 - 09918976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2016-06-15 11:42 - 2016-05-28 14:17 - 00963072 _____ (Microsoft Corporation) C:\WINDOWS\system32\iphlpsvc.dll
2016-06-15 11:42 - 2016-05-28 14:17 - 00485888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\newdev.dll
2016-06-15 11:42 - 2016-05-28 14:17 - 00415232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2016-06-15 11:42 - 2016-05-28 14:17 - 00315392 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXTaskFactory.dll
2016-06-15 11:42 - 2016-05-28 14:17 - 00278016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2016-06-15 11:42 - 2016-05-28 14:17 - 00173056 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmmigrator.dll
2016-06-15 11:42 - 2016-05-28 14:16 - 19344384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-06-15 11:42 - 2016-05-28 14:16 - 00690176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2016-06-15 11:42 - 2016-05-28 14:16 - 00684544 _____ (Microsoft Corporation) C:\WINDOWS\system32\StructuredQuery.dll
2016-06-15 11:42 - 2016-05-28 14:16 - 00592896 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppContracts.dll
2016-06-15 11:42 - 2016-05-28 14:16 - 00503808 _____ (Microsoft Corporation) C:\WINDOWS\system32\tileobjserver.dll
2016-06-15 11:42 - 2016-05-28 14:16 - 00406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2016-06-15 11:42 - 2016-05-28 14:16 - 00291328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\polstore.dll
2016-06-15 11:42 - 2016-05-28 14:16 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore6.dll
2016-06-15 11:42 - 2016-05-28 14:15 - 00794624 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2016-06-15 11:42 - 2016-05-28 14:15 - 00535040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastls.dll
2016-06-15 11:42 - 2016-05-28 14:15 - 00293888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore.dll
2016-06-15 11:42 - 2016-05-28 14:15 - 00237056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2016-06-15 11:42 - 2016-05-28 14:14 - 18674176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2016-06-15 11:42 - 2016-05-28 14:14 - 01716736 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRHInproc.dll
2016-06-15 11:42 - 2016-05-28 14:14 - 00965632 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2016-06-15 11:42 - 2016-05-28 14:14 - 00784384 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2016-06-15 11:42 - 2016-05-28 14:14 - 00219136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEEventDispatcher.dll
2016-06-15 11:42 - 2016-05-28 14:14 - 00200192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2016-06-15 11:42 - 2016-05-28 14:13 - 01387520 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2016-06-15 11:42 - 2016-05-28 14:13 - 00990208 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
2016-06-15 11:42 - 2016-05-28 14:13 - 00982016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxPackaging.dll
2016-06-15 11:42 - 2016-05-28 14:13 - 00954368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2016-06-15 11:42 - 2016-05-28 14:13 - 00587776 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2016-06-15 11:42 - 2016-05-28 14:13 - 00467456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppContracts.dll
2016-06-15 11:42 - 2016-05-28 14:13 - 00084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BTHUSB.SYS
2016-06-15 11:42 - 2016-05-28 14:12 - 00614400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2016-06-15 11:42 - 2016-05-28 14:12 - 00521728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StructuredQuery.dll
2016-06-15 11:42 - 2016-05-28 14:11 - 01445888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRHInproc.dll
2016-06-15 11:42 - 2016-05-28 14:11 - 00890368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxPackaging.dll
2016-06-15 11:42 - 2016-05-28 14:11 - 00799744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll
2016-06-15 11:42 - 2016-05-28 14:11 - 00687616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2016-06-15 11:42 - 2016-05-28 14:11 - 00128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\httpprxm.dll
2016-06-15 11:42 - 2016-05-28 14:09 - 01073152 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2016-06-15 11:42 - 2016-05-28 14:08 - 13385728 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-06-15 11:42 - 2016-05-28 14:06 - 12128256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-06-15 11:42 - 2016-05-28 14:06 - 01339904 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpsvc.dll
2016-06-15 11:42 - 2016-05-28 14:05 - 03994624 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2016-06-15 11:42 - 2016-05-28 14:05 - 03664896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2016-06-15 11:42 - 2016-05-28 14:05 - 02582016 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2016-06-15 11:42 - 2016-05-28 14:05 - 01797120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2016-06-15 11:42 - 2016-05-28 14:04 - 00555520 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncController.dll
2016-06-15 11:42 - 2016-05-28 14:04 - 00450560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncController.dll
2016-06-15 11:42 - 2016-05-28 14:03 - 05323776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2016-06-15 11:42 - 2016-05-28 14:03 - 01185280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LocationFramework.dll
2016-06-15 11:42 - 2016-05-28 14:03 - 00693760 _____ (Microsoft Corporation) C:\WINDOWS\system32\internetmail.dll
2016-06-15 11:42 - 2016-05-28 14:03 - 00417792 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2016-06-15 11:42 - 2016-05-28 14:02 - 03590144 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-06-15 11:42 - 2016-05-28 14:02 - 02061824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2016-06-15 11:42 - 2016-05-28 14:02 - 01534464 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationFramework.dll
2016-06-15 11:42 - 2016-05-28 14:02 - 00103424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
2016-06-15 11:42 - 2016-05-28 14:01 - 01799680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2016-06-15 11:42 - 2016-05-28 14:01 - 01582080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2016-06-15 11:42 - 2016-05-28 14:01 - 01500160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-06-15 11:42 - 2016-05-28 14:01 - 00111104 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2016-06-15 11:42 - 2016-05-28 14:00 - 05660160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2016-06-15 11:42 - 2016-05-28 14:00 - 03585536 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2016-06-15 11:42 - 2016-05-28 14:00 - 02635776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2016-06-15 11:42 - 2016-05-28 14:00 - 02230272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2016-06-15 11:42 - 2016-05-28 14:00 - 02168320 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2016-06-15 11:42 - 2016-05-28 14:00 - 01730560 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-06-15 11:42 - 2016-05-28 14:00 - 00162816 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll
2016-06-15 11:42 - 2016-05-28 14:00 - 00151040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll
2016-06-15 11:42 - 2016-05-28 14:00 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
2016-06-15 11:42 - 2016-05-28 13:59 - 00176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2016-06-15 11:42 - 2016-05-28 13:58 - 07832576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-06-15 11:42 - 2016-05-28 13:58 - 04896256 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-06-15 11:42 - 2016-05-28 13:58 - 02755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-06-15 11:42 - 2016-05-28 13:58 - 02066432 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2016-06-15 11:42 - 2016-05-28 13:57 - 02281472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2016-06-15 11:42 - 2016-05-28 13:55 - 01390080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2016-06-15 11:42 - 2016-05-28 13:53 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcpopkeysrv.dll
2016-06-14 18:06 - 2016-06-14 18:06 - 00001118 _____ C:\Users\Jacob\Desktop\iViewRipper.lnk
2016-06-14 18:06 - 2016-06-14 18:06 - 00000000 ____D C:\Users\Jacob\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\iViewRipper
2016-06-14 18:06 - 2016-06-14 18:06 - 00000000 ____D C:\Users\Jacob\AppData\Roaming\iViewRipper
2016-06-14 18:06 - 2016-06-14 18:06 - 00000000 ____D C:\Program Files (x86)\iViewRipper
2016-06-14 18:05 - 2016-06-14 18:06 - 04675269 _____ C:\Users\Jacob\Downloads\iViewRipper_Setup_13NOV2015.exe
2016-06-14 11:54 - 2016-06-14 11:54 - 01008990 _____ C:\Users\Jacob\Documents\FBT Declaration_2016-2017.pdf
2016-06-14 11:35 - 2016-06-14 11:52 - 00000000 ____D C:\Users\Jacob\AppData\Roaming\Foxit Software
2016-06-14 11:35 - 2016-06-14 11:35 - 00000000 ____D C:\Users\Public\Foxit Software
2016-06-14 11:34 - 2016-06-14 11:34 - 00001430 _____ C:\Users\Public\Desktop\Foxit Reader.lnk
2016-06-14 11:34 - 2016-06-14 11:34 - 00000000 ____D C:\Users\Jacob\AppData\Roaming\Foxit AgentInformation
2016-06-14 11:34 - 2016-06-14 11:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foxit Reader
2016-06-14 11:34 - 2016-06-14 11:34 - 00000000 ____D C:\ProgramData\Foxit ContentPlatform
2016-06-14 11:34 - 2016-06-14 11:34 - 00000000 ____D C:\Program Files (x86)\Foxit Software
2016-06-14 11:33 - 2016-06-14 11:33 - 43155584 _____ (Foxit Software Inc. ) C:\Users\Jacob\Downloads\FoxitReader734_enu_Setup_Prom.exe
2016-06-14 11:31 - 2016-06-14 11:31 - 00000000 ____D C:\ProgramData\Brother
2016-06-14 11:00 - 2016-06-14 11:00 - 00660122 _____ C:\Users\Jacob\Downloads\FBT Declaration_2016-2017.pdf
2016-06-12 11:21 - 2016-06-12 11:21 - 00000000 ____D C:\Users\Jacob\AppData\Roaming\MPC-HC
2016-06-12 11:15 - 2016-06-12 11:15 - 00001747 _____ C:\Users\Public\Desktop\MPC-HC x64.lnk
2016-06-12 11:15 - 2016-06-12 11:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MPC-HC x64
2016-06-12 11:15 - 2016-06-12 11:15 - 00000000 ____D C:\Program Files\MPC-HC
2016-06-12 11:13 - 2016-06-12 11:14 - 13395440 _____ (MPC-HC Team ) C:\Users\Jacob\Downloads\MPC-HC.1.7.10.x64.exe
2016-06-10 13:46 - 2016-06-16 03:34 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-06-10 11:47 - 2016-06-10 12:00 - 00000000 ____D C:\Users\Jacob\AppData\Roaming\Slic3r
2016-06-10 11:12 - 2016-06-10 11:14 - 17928050 _____ C:\Users\Jacob\Downloads\slic3r-mswin-x64-1-2-9a-stable.zip
2016-06-10 00:18 - 2016-06-10 00:18 - 00000000 ____D C:\Users\Jacob\AppData\Roaming\NVIDIA
2016-06-09 23:35 - 2016-06-20 23:15 - 00000000 ____D C:\Users\Jacob\AppData\Local\TempSWBackupDirectory
2016-06-09 23:32 - 2016-06-09 23:32 - 00000000 ____D C:\Users\Jacob\AppData\Local\SolidWorks
2016-06-09 23:12 - 2016-06-09 23:12 - 00000000 ____D C:\ProgramData\Simpoe
2016-06-09 23:11 - 2016-06-09 23:11 - 00000000 ____D C:\Users\Jacob\Documents\SolidWorksComposer
2016-06-09 23:10 - 2016-06-09 23:10 - 00000000 ____D C:\Program Files (x86)\SolidWorks Corp
2016-06-09 23:06 - 2016-06-09 23:06 - 00000000 ____D C:\Users\Jacob\AppData\Roaming\help_images_otherUI
2016-06-09 23:06 - 2016-06-09 23:06 - 00000000 _____ C:\WINDOWS\eDrawingOfficeAutomator.INI
2016-06-09 23:04 - 2016-06-09 23:04 - 00000000 ____D C:\Users\Jacob\AppData\Roaming\DassaultSystemes
2016-06-09 23:04 - 2016-06-09 23:04 - 00000000 ____D C:\Users\Jacob\AppData\Local\DassaultSystemes
2016-06-09 23:04 - 2016-06-09 23:04 - 00000000 ____D C:\ProgramData\DassaultSystemes
2016-06-09 22:55 - 2016-06-09 23:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SolidWorks 2014
2016-06-09 22:55 - 2016-06-09 22:55 - 00002743 _____ C:\Users\Public\Desktop\SolidWorks 2014 x64 Edition.lnk
2016-06-09 22:55 - 2016-06-09 22:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SolidWorks Tools 2014
2016-06-09 22:51 - 2016-06-09 23:12 - 00000000 ____D C:\Program Files\SolidWorks Corp
2016-06-09 22:51 - 2016-06-09 23:11 - 00000000 ____D C:\Program Files\Common Files\SolidWorks Shared
2016-06-09 22:51 - 2016-06-09 22:51 - 00000000 ____D C:\ProgramData\SolidWorks
2016-06-09 22:51 - 2016-06-09 22:51 - 00000000 ____D C:\Program Files\Common Files\Macrovision Shared
2016-06-09 22:50 - 2016-06-09 22:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Visual Studio 2005
2016-06-09 22:50 - 2016-06-09 22:50 - 00000000 ____D C:\ProgramData\Apple
2016-06-09 22:50 - 2016-06-09 22:50 - 00000000 ____D C:\Program Files\Microsoft Visual Studio 8
2016-06-09 22:50 - 2016-06-09 22:50 - 00000000 ____D C:\Program Files\Bonjour
2016-06-09 22:50 - 2016-06-09 22:50 - 00000000 ____D C:\Program Files (x86)\Bonjour
2016-06-09 22:49 - 2016-06-09 22:49 - 00000000 ____D C:\Program Files (x86)\MSECache
2016-06-09 22:48 - 2016-06-09 22:56 - 00000000 ____D C:\SolidWorks Data
2016-06-09 22:48 - 2016-06-09 22:48 - 00000000 ____D C:\ProgramData\FLEXnet
2016-06-09 22:47 - 2016-06-09 22:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SolidWorks Installation Manager
2016-06-09 22:46 - 2016-06-09 23:32 - 00000000 ____D C:\Users\Jacob\AppData\Roaming\SolidWorks
2016-06-09 22:46 - 2016-06-09 22:48 - 00000000 ____D C:\WINDOWS\SolidWorks
2016-06-09 22:46 - 2016-06-09 22:48 - 00000000 ____D C:\Users\Jacob\Documents\SolidWorks Downloads
2016-06-09 18:18 - 2016-06-09 18:18 - 00000000 ____D C:\Program Files (x86)\VulkanRT
2016-06-09 18:18 - 2016-05-04 12:23 - 00129824 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2016-06-09 18:18 - 2016-05-04 12:22 - 00130848 _____ C:\WINDOWS\system32\vulkan-1.dll
2016-06-09 18:18 - 2016-05-04 12:22 - 00045344 _____ C:\WINDOWS\system32\vulkaninfo.exe
2016-06-09 18:18 - 2016-05-04 12:22 - 00040224 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2016-06-09 18:16 - 2016-06-03 17:22 - 39977920 _____ C:\WINDOWS\system32\nvcompiler.dll
2016-06-09 18:16 - 2016-06-03 17:22 - 35115968 _____ C:\WINDOWS\SysWOW64\nvcompiler.dll
2016-06-09 18:16 - 2016-06-03 17:22 - 31641656 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2016-06-09 18:16 - 2016-06-03 17:22 - 25404864 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2016-06-09 18:16 - 2016-06-03 17:22 - 21812056 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2016-06-09 18:16 - 2016-06-03 17:22 - 21355464 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2016-06-09 18:16 - 2016-06-03 17:22 - 20375488 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvwgf2umx.dll
2016-06-09 18:16 - 2016-06-03 17:22 - 18151128 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2016-06-09 18:16 - 2016-06-03 17:22 - 17746664 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2016-06-09 18:16 - 2016-06-03 17:22 - 17729184 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvwgf2um.dll
2016-06-09 18:16 - 2016-06-03 17:22 - 17432544 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvd3dumx.dll
2016-06-09 18:16 - 2016-06-03 17:22 - 14462536 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvd3dum.dll
2016-06-09 18:16 - 2016-06-03 17:22 - 10643240 _____ C:\WINDOWS\system32\nvptxJitCompiler.dll
2016-06-09 18:16 - 2016-06-03 17:22 - 08733792 _____ C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll
2016-06-09 18:16 - 2016-06-03 17:22 - 02844608 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2016-06-09 18:16 - 2016-06-03 17:22 - 02470336 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2016-06-09 18:16 - 2016-06-03 17:22 - 01920960 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6436839.dll
2016-06-09 18:16 - 2016-06-03 17:22 - 01571776 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6436839.dll
2016-06-09 18:16 - 2016-06-03 17:22 - 00983488 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2016-06-09 18:16 - 2016-06-03 17:22 - 00910392 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2016-06-09 18:16 - 2016-06-03 17:22 - 00787384 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFTH264.dll
2016-06-09 18:16 - 2016-06-03 17:22 - 00769984 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2016-06-09 18:16 - 2016-06-03 17:22 - 00707520 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2016-06-09 18:16 - 2016-06-03 17:22 - 00669952 _____ C:\WINDOWS\system32\nvfatbinaryLoader.dll
2016-06-09 18:16 - 2016-06-03 17:22 - 00632848 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFTH264.dll
2016-06-09 18:16 - 2016-06-03 17:22 - 00565208 _____ C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll
2016-06-09 18:16 - 2016-06-03 17:22 - 00425016 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2016-06-09 18:16 - 2016-06-03 17:22 - 00379808 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2016-06-09 18:16 - 2016-06-03 17:22 - 00379448 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2016-06-09 18:16 - 2016-06-03 17:22 - 00316632 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2016-06-09 18:16 - 2016-06-03 17:22 - 00177952 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvinitx.dll
2016-06-09 18:16 - 2016-06-03 17:22 - 00155768 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvinit.dll
2016-06-09 15:14 - 2016-06-09 15:15 - 00000000 ____D C:\Users\Jacob\Downloads\WinDirStatPortable
2016-06-09 15:14 - 2016-06-09 15:14 - 00970568 _____ (PortableApps.com) C:\Users\Jacob\Downloads\WinDirStatPortable_1.1.2.80_Rev_3.paf.exe
2016-06-09 12:21 - 2016-06-09 12:21 - 00000600 _____ C:\Users\Jacob\AppData\Roaming\winscp.rnd
2016-06-09 11:19 - 2016-06-09 11:19 - 00001116 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinSCP.lnk
2016-06-09 11:19 - 2016-06-09 11:19 - 00001054 _____ C:\Users\Public\Desktop\WinSCP.lnk
2016-06-09 11:19 - 2016-06-09 11:19 - 00000000 ____D C:\Program Files (x86)\WinSCP
2016-06-09 11:15 - 2016-06-09 11:15 - 05915464 _____ (Martin Prikryl ) C:\Users\Jacob\Downloads\winscp577setup.exe
2016-06-09 11:11 - 2016-06-09 11:11 - 00531368 _____ (Simon Tatham) C:\Users\Jacob\Downloads\putty.exe
2016-06-08 20:24 - 2016-06-08 20:24 - 00002495 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word 2016.lnk
2016-06-08 20:24 - 2016-06-08 20:24 - 00002494 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint 2016.lnk
2016-06-08 20:24 - 2016-06-08 20:24 - 00002458 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access 2016.lnk
2016-06-08 20:24 - 2016-06-08 20:24 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel 2016.lnk
2016-06-08 20:24 - 2016-06-08 20:24 - 00002451 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook 2016.lnk
2016-06-08 20:24 - 2016-06-08 20:24 - 00002445 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher 2016.lnk
2016-06-08 20:24 - 2016-06-08 20:24 - 00002437 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk
2016-06-08 20:24 - 2016-06-08 20:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2016 Tools
2016-06-08 20:06 - 2016-06-08 20:06 - 00000000 ____D C:\Program Files\Microsoft Office 15
2016-06-08 20:05 - 2016-06-08 20:05 - 03479752 _____ (Microsoft Corporation) C:\Users\Jacob\Downloads\Setup.X86.en-US_O365HomePremRetail_0331860b-1af4-4ea0-93d6-d70331e93a05_TX_SG_.exe
2016-06-08 19:36 - 2016-06-08 19:37 - 00001280 _____ C:\Users\Jacob\Desktop\cmd.lnk
2016-06-08 15:45 - 2016-06-08 15:45 - 00000000 ____D C:\Users\Jacob\New folder
2016-06-08 15:36 - 2016-06-08 15:36 - 00001218 _____ C:\Users\Jacob\Desktop\DiskInternals Research.lnk
2016-06-08 15:36 - 2016-06-08 15:36 - 00000000 ____D C:\Users\Jacob\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DiskInternals
2016-06-08 15:35 - 2016-06-08 15:35 - 00000000 ____D C:\Program Files (x86)\DiskInternals
2016-06-08 15:33 - 2016-06-08 15:35 - 21402985 _____ (DiskInternals Research) C:\Users\Jacob\Downloads\Linux_Reader.exe
2016-06-08 14:12 - 2016-07-04 17:37 - 978780462 _____ C:\WINDOWS\MEMORY.DMP
2016-06-08 14:12 - 2016-07-04 17:37 - 00000000 ____D C:\WINDOWS\Minidump
2016-06-08 14:12 - 2016-06-08 14:12 - 00378868 _____ C:\WINDOWS\Minidump\060816-31453-01.dmp
2016-06-08 12:58 - 2016-06-08 12:59 - 18768896 _____ C:\Users\Jacob\Downloads\CASIO USB Driver V1.6.2.0.msi
2016-06-08 12:33 - 2016-06-08 12:35 - 15648768 _____ C:\Users\Jacob\Downloads\UniversalAdbDriverSetup.msi
2016-06-08 12:32 - 2016-06-08 12:32 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2016-06-08 12:30 - 2016-06-08 12:30 - 00000000 ____D C:\Users\Jacob\.android
2016-06-06 18:20 - 2016-06-06 18:20 - 04177016 _____ (CSIS Security Group) C:\Users\Jacob\Downloads\HeimdalSetup.exe
2016-06-06 18:20 - 2016-06-06 18:20 - 00000000 ____D C:\ProgramData\CSIS
2016-06-06 18:06 - 2016-06-06 18:08 - 24125512 _____ C:\Users\Jacob\Downloads\RogueKillerX64.exe
2016-06-06 18:02 - 2016-06-06 18:05 - 19868744 _____ C:\Users\Jacob\Downloads\RogueKiller(1).exe
2016-06-06 17:54 - 2016-06-06 17:55 - 05659224 _____ (Swearware) C:\Users\Jacob\Downloads\ComboFix.exe
2016-06-05 15:35 - 2016-06-05 15:35 - 00000000 ____D C:\Program Files\Common Files\Intel
2016-06-05 15:35 - 2016-06-05 15:35 - 00000000 ____D C:\Program Files (x86)\Cisco
2016-06-05 15:04 - 2016-07-01 20:29 - 00000716 _____ C:\Users\Public\Desktop\Intel(R) HD Graphics Control Panel.lnk
2016-06-05 15:04 - 2016-06-05 15:04 - 00000000 _____ C:\WINDOWS\system32\GfxValDisplayLog.bin
2016-06-05 14:56 - 2016-06-05 14:56 - 00000000 ____D C:\ProgramData\IntelDLM
2016-06-05 14:51 - 2016-07-01 20:20 - 00000000 ____D C:\Users\Jacob\Downloads\Intel Components
2016-06-05 14:50 - 2016-06-05 14:50 - 00000000 ____D C:\Users\Jacob\AppData\Local\Intel
2016-06-05 14:49 - 2016-07-01 20:30 - 00000000 ____D C:\WINDOWS\System32\Tasks\Intel
2016-06-05 14:49 - 2016-06-05 14:53 - 00002170 _____ C:\WINDOWS\System32\Tasks\USER_ESRV_SVC_WILLAMETTE
2016-06-05 14:49 - 2016-06-05 14:49 - 06525488 _____ (Intel) C:\Users\Jacob\Downloads\Intel Driver Update Utility Installer.exe
2016-06-05 14:49 - 2016-06-05 14:49 - 00001241 _____ C:\Users\Public\Desktop\Intel(R) Driver Update Utility 2.5.lnk
2016-06-05 14:49 - 2016-06-05 14:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel Driver Update Utility
2016-06-05 14:49 - 2016-06-05 14:49 - 00000000 ____D C:\Program Files (x86)\Intel Driver Update Utility
2016-06-05 14:49 - 2016-03-09 20:43 - 00021984 _____ C:\WINDOWS\system32\Drivers\semav6msr64.sys
2016-06-05 14:28 - 2016-07-04 14:47 - 00000000 ____D C:\Users\Jacob\AppData\Local\CrashDumps
2016-06-05 13:55 - 2016-06-05 13:55 - 00000903 _____ C:\Users\Jacob\Desktop\JRT.txt
2016-06-05 13:38 - 2016-06-06 18:08 - 00028272 _____ C:\WINDOWS\system32\Drivers\TrueSight.sys
2016-06-05 13:37 - 2016-06-05 13:53 - 00000000 ____D C:\ProgramData\RogueKiller
2016-06-05 13:30 - 2016-06-05 13:32 - 00000000 ____D C:\AdwCleaner
2016-06-05 13:29 - 2016-06-06 17:56 - 19868744 _____ C:\Users\Jacob\Downloads\RogueKiller.exe
2016-06-05 13:29 - 2016-06-05 13:29 - 03677248 _____ C:\Users\Jacob\Downloads\AdwCleaner.exe
2016-06-05 13:29 - 2016-06-05 13:29 - 01610816 _____ (Malwarebytes) C:\Users\Jacob\Downloads\JRT.exe
2016-06-05 13:28 - 2016-06-05 13:28 - 00388608 _____ (Trend Micro Inc.) C:\Users\Jacob\Downloads\HijackThis.exe
2016-06-05 12:22 - 2016-06-05 12:22 - 00000000 ____D C:\Users\Jacob\Documents\ProcAlyzer Dumps
2016-06-05 12:09 - 2016-06-05 12:09 - 00003292 _____ C:\WINDOWS\System32\Tasks\{10DF89F9-96D3-4335-A085-74D59C6064D6}
2016-06-05 11:50 - 2015-07-10 21:02 - 00000824 _____ C:\WINDOWS\system32\Drivers\etc\hosts.20160605-115035.backup
2016-06-05 11:08 - 2015-07-28 17:52 - 00821920 _____ (Safer-Networking Ltd. ) C:\Users\Public\Desktop\Post Win10 Spybot-install.exe
2016-06-05 11:03 - 2016-06-05 11:46 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2016-06-05 11:03 - 2016-06-05 11:13 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2016-06-05 11:03 - 2016-06-05 11:03 - 00001466 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2016-06-05 11:03 - 2016-06-05 11:03 - 00001454 _____ C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2016-06-05 11:03 - 2016-06-05 11:03 - 00000000 ____D C:\WINDOWS\System32\Tasks\Safer-Networking
2016-06-05 11:03 - 2016-06-05 11:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2016-06-05 11:03 - 2013-09-20 10:49 - 00021040 _____ (Safer Networking Limited) C:\WINDOWS\system32\sdnclean64.exe
2016-06-05 10:59 - 2016-06-05 11:00 - 46525608 _____ (Safer-Networking Ltd. ) C:\Users\Jacob\Downloads\spybot-2.4.exe
2016-06-05 09:57 - 2016-06-05 09:57 - 00000000 _____ C:\autoexec.bat
2016-06-05 09:47 - 2016-06-05 09:47 - 03237248 _____ (Enigma Software Group USA, LLC.) C:\Users\Jacob\Downloads\sh-remover.exe
2016-06-05 00:15 - 2016-06-06 22:21 - 00000000 ____D C:\Users\Jacob\AppData\Roaming\CDisplayEx
2016-06-05 00:13 - 2016-07-04 16:32 - 00000000 ____D C:\Users\Jacob\Downloads\Ant Videos
2016-06-05 00:13 - 2016-06-05 00:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CDisplayEx
2016-06-05 00:13 - 2016-06-05 00:13 - 00000000 ____D C:\Program Files\CDisplayEx
2016-06-05 00:12 - 2016-06-05 09:16 - 00000000 ____D C:\Users\Jacob\AppData\Local\bvyvbvyb
2016-06-04 21:42 - 2016-06-04 21:42 - 00001004 _____ C:\Users\Jacob\Desktop\WinWget.lnk
2016-06-04 21:42 - 2016-06-04 21:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinWget
2016-06-04 21:42 - 2016-06-04 21:42 - 00000000 ____D C:\Program Files (x86)\WinWget
2016-06-04 21:25 - 2016-06-04 21:25 - 00000000 ____D C:\Users\Jacob\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Flux
2016-06-04 21:25 - 2016-06-04 21:25 - 00000000 ____D C:\Users\Jacob\AppData\Local\FluxSoftware
2016-06-04 21:08 - 2016-06-04 21:08 - 00000000 ____D C:\Users\Jacob\AppData\Roaming\WinRAR
2016-06-04 21:07 - 2016-06-04 21:07 - 00000000 ____D C:\Users\Jacob\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2016-06-04 21:07 - 2016-06-04 21:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2016-06-04 21:07 - 2016-06-04 21:07 - 00000000 ____D C:\Program Files\WinRAR
2016-06-04 18:45 - 2016-06-04 18:45 - 00001078 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Arduino.lnk
2016-06-04 18:45 - 2016-06-04 18:45 - 00001066 _____ C:\Users\Public\Desktop\Arduino.lnk
2016-06-04 18:43 - 2016-06-04 18:44 - 00000000 ____D C:\Program Files (x86)\Arduino
2016-06-04 18:34 - 2016-06-05 21:12 - 00000000 ____D C:\Users\Jacob\Downloads\vwget-2.5a2-wget-1.11.4-bin
2016-06-04 18:34 - 2016-06-04 18:40 - 00000000 ____D C:\Users\Jacob\AppData\Local\Mozilla
2016-06-04 18:34 - 2016-06-04 18:34 - 00000000 ____D C:\Users\Jacob\AppData\Roaming\Mozilla
2016-06-04 18:33 - 2016-06-16 03:34 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-06-04 18:33 - 2016-06-04 18:33 - 00001234 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2016-06-04 18:33 - 2016-06-04 18:33 - 00001222 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-07-04 18:04 - 2016-06-02 15:59 - 00000938 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job
2016-07-04 17:48 - 2016-06-02 15:39 - 00000165 _____ C:\Users\Jacob\AppData\Roaming\sp_data.sys
2016-07-04 17:46 - 2016-06-02 16:01 - 00000000 ___RD C:\Users\Jacob\Dropbox
2016-07-04 17:46 - 2016-06-02 15:39 - 00000000 ____D C:\Users\Jacob\AppData\Roaming\WebStorage
2016-07-04 17:40 - 2016-06-02 22:38 - 00000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2016-07-04 17:40 - 2016-06-02 15:39 - 00000000 __SHD C:\Users\Jacob\IntelGraphicsProfiles
2016-07-04 17:39 - 2016-06-02 22:42 - 00000000 ____D C:\Users\Jacob
2016-07-04 17:39 - 2016-06-02 15:59 - 00000934 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job
2016-07-04 17:38 - 2016-04-27 16:32 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-07-04 12:00 - 2015-11-29 17:32 - 00003540 _____ C:\WINDOWS\System32\Tasks\ASUS Live Update2
2016-07-04 08:49 - 2015-10-30 17:24 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-07-03 05:23 - 2015-10-30 17:24 - 00000000 ___HD C:\Program Files\WindowsApps
2016-07-02 17:20 - 2016-06-02 22:39 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2016-07-01 22:32 - 2015-10-30 16:28 - 00524288 ___SH C:\WINDOWS\system32\config\BBI
2016-07-01 20:31 - 2015-11-29 17:19 - 00018826 _____ C:\WINDOWS\system32\results.xml
2016-07-01 20:30 - 2016-06-02 22:38 - 00000000 ____D C:\Program Files\Intel
2016-07-01 20:29 - 2016-06-02 22:38 - 00000200 _____ C:\WINDOWS\system32\{EC94D02F-D200-4428-9531-05AF7F9799CB}.bat
2016-07-01 20:29 - 2015-11-29 17:18 - 00000728 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel(R) HD Graphics Control Panel.lnk
2016-07-01 20:29 - 2015-10-30 17:21 - 00000000 ____D C:\WINDOWS\INF
2016-07-01 20:16 - 2015-11-29 17:36 - 00000000 ____D C:\ProgramData\McAfee
2016-07-01 20:13 - 2015-10-30 17:24 - 00000000 ___HD C:\WINDOWS\ELAMBKUP
2016-07-01 20:13 - 2015-10-30 16:28 - 00032768 ___SH C:\WINDOWS\system32\config\ELAM
2016-07-01 20:12 - 2015-07-10 19:05 - 00000000 ____D C:\Users\Default.migrated
2016-06-29 12:50 - 2015-08-18 22:36 - 00883432 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-06-25 07:22 - 2015-08-18 22:47 - 00000000 ____D C:\Program Files (x86)\Dropbox
2016-06-22 22:47 - 2016-06-02 15:39 - 00000000 ____D C:\Users\Jacob\AppData\Local\Packages
2016-06-22 22:14 - 2015-11-29 17:12 - 00000000 ____D C:\ProgramData\Package Cache
2016-06-22 18:37 - 2015-10-30 17:24 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-06-22 18:35 - 2015-08-18 22:47 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2016-06-22 18:16 - 2016-06-02 15:43 - 00000000 ___RD C:\Users\Jacob\OneDrive
2016-06-21 17:34 - 2016-06-02 16:36 - 00000000 ____D C:\Users\Jacob\AppData\Roaming\VMware
2016-06-21 17:30 - 2016-06-03 13:26 - 00000000 ____D C:\Users\Jacob\AppData\Local\VMware
2016-06-18 17:39 - 2015-10-30 17:24 - 00000000 ____D C:\WINDOWS\rescache
2016-06-17 08:16 - 2015-10-30 17:11 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-06-17 00:23 - 2015-09-10 17:42 - 00384496 _____ C:\WINDOWS\system32\igfxTray.exe
2016-06-17 00:23 - 2015-09-10 17:42 - 00356336 _____ (Intel Corporation) C:\WINDOWS\system32\igfxCUIService.exe
2016-06-17 00:23 - 2015-09-10 17:42 - 00337392 _____ (Intel Corporation) C:\WINDOWS\system32\igfxEM.exe
2016-06-17 00:23 - 2015-09-10 17:42 - 00284144 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\IntelCpHeciSvc.exe
2016-06-17 00:23 - 2015-09-10 17:42 - 00251376 _____ (Intel Corporation) C:\WINDOWS\system32\igfxHK.exe
2016-06-17 00:16 - 2016-06-02 22:38 - 00103960 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.DLL
2016-06-17 00:16 - 2016-06-02 22:38 - 00099864 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.DLL
2016-06-17 00:16 - 2015-09-10 17:42 - 38901264 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdumdim32.dll
2016-06-17 00:16 - 2015-09-10 17:42 - 33476304 _____ (Intel Corporation) C:\WINDOWS\system32\igd11dxva64.dll
2016-06-17 00:16 - 2015-09-10 17:42 - 15487920 _____ (Intel Corporation) C:\WINDOWS\system32\igc64.dll
2016-06-17 00:16 - 2015-09-10 17:42 - 14576720 _____ (Intel Corporation) C:\WINDOWS\system32\igd10iumd64.dll
2016-06-17 00:16 - 2015-09-10 17:42 - 13482608 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igc32.dll
2016-06-17 00:16 - 2015-09-10 17:42 - 07940608 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\igdkmd64.sys
2016-06-17 00:16 - 2015-09-10 17:42 - 02062872 _____ (Intel Corporation) C:\WINDOWS\system32\igfxLHM.dll
2016-06-17 00:16 - 2015-09-10 17:42 - 00757272 _____ (Intel Corporation) C:\WINDOWS\system32\igfxDH.dll
2016-06-17 00:16 - 2015-09-10 17:42 - 00394776 _____ (Intel Corporation) C:\WINDOWS\system32\igfxDI.dll
2016-06-16 07:53 - 2016-04-27 16:39 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-06-16 03:35 - 2016-04-27 16:29 - 00369432 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-06-16 03:31 - 2015-10-30 17:24 - 00000000 ___SD C:\WINDOWS\system32\DiagSvcs
2016-06-16 03:31 - 2015-10-30 17:24 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2016-06-16 03:31 - 2015-10-30 17:24 - 00000000 ____D C:\WINDOWS\bcastdvr
2016-06-15 17:34 - 2016-06-02 17:06 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-06-15 17:30 - 2016-06-02 18:02 - 142482544 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-06-15 06:01 - 2016-06-02 15:43 - 00112216 _____ C:\WINDOWS\system32\NvRtmpStreamer64.dll
2016-06-15 06:01 - 2015-11-29 17:21 - 01767944 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll
2016-06-15 06:01 - 2015-11-29 17:21 - 01756424 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspbridge64.dll
2016-06-15 06:01 - 2015-11-29 17:21 - 01377800 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll
2016-06-15 06:01 - 2015-11-29 17:21 - 01316184 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspbridge.dll
2016-06-15 04:33 - 2015-10-30 17:26 - 00828408 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-06-15 04:33 - 2015-10-30 17:26 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2016-06-09 22:50 - 2015-10-30 17:24 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2016-06-09 18:21 - 2015-11-29 17:21 - 00000000 ____D C:\ProgramData\NVIDIA
2016-06-08 12:21 - 2015-11-29 17:32 - 00003976 _____ C:\WINDOWS\System32\Tasks\Update Checker
2016-06-08 12:21 - 2015-08-18 22:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS
2016-06-08 12:21 - 2015-08-18 22:46 - 00000000 ____D C:\Program Files (x86)\ASUS
2016-06-05 23:13 - 2016-04-27 16:20 - 00000000 ____D C:\Program Files\Windows Journal
2016-06-05 23:13 - 2016-04-27 16:06 - 00000000 ____D C:\WINDOWS\SysWOW64\winrm
2016-06-05 23:13 - 2016-04-27 16:06 - 00000000 ____D C:\WINDOWS\SysWOW64\WCN
2016-06-05 23:13 - 2016-04-27 16:06 - 00000000 ____D C:\WINDOWS\SysWOW64\slmgr
2016-06-05 23:13 - 2016-04-27 16:06 - 00000000 ____D C:\WINDOWS\SysWOW64\Printing_Admin_Scripts
2016-06-05 23:13 - 2016-04-27 16:06 - 00000000 ____D C:\WINDOWS\system32\winrm
2016-06-05 23:13 - 2016-04-27 16:06 - 00000000 ____D C:\WINDOWS\system32\WCN
2016-06-05 23:13 - 2016-04-27 16:06 - 00000000 ____D C:\WINDOWS\system32\slmgr
2016-06-05 23:13 - 2016-04-27 16:06 - 00000000 ____D C:\WINDOWS\system32\Printing_Admin_Scripts
2016-06-05 23:13 - 2015-10-30 17:24 - 00000000 ___SD C:\WINDOWS\SysWOW64\F12
2016-06-05 23:13 - 2015-10-30 17:24 - 00000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2016-06-05 23:13 - 2015-10-30 17:24 - 00000000 ___SD C:\WINDOWS\system32\F12
2016-06-05 23:13 - 2015-10-30 17:24 - 00000000 ___SD C:\WINDOWS\system32\dsc
2016-06-05 23:13 - 2015-10-30 17:24 - 00000000 ___RD C:\WINDOWS\PurchaseDialog
2016-06-05 23:13 - 2015-10-30 17:24 - 00000000 ___RD C:\WINDOWS\MiracastView
2016-06-05 23:13 - 2015-10-30 17:24 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2016-06-05 23:13 - 2015-10-30 17:24 - 00000000 ___RD C:\WINDOWS\DevicesFlow
2016-06-05 23:13 - 2015-10-30 17:24 - 00000000 ____D C:\WINDOWS\SysWOW64\oobe
2016-06-05 23:13 - 2015-10-30 17:24 - 00000000 ____D C:\WINDOWS\SysWOW64\MUI
2016-06-05 23:13 - 2015-10-30 17:24 - 00000000 ____D C:\WINDOWS\SysWOW64\Com
2016-06-05 23:13 - 2015-10-30 17:24 - 00000000 ____D C:\WINDOWS\system32\oobe
2016-06-05 23:13 - 2015-10-30 17:24 - 00000000 ____D C:\WINDOWS\system32\MUI
2016-06-05 23:13 - 2015-10-30 17:24 - 00000000 ____D C:\WINDOWS\system32\migwiz
2016-06-05 23:13 - 2015-10-30 17:24 - 00000000 ____D C:\WINDOWS\system32\Com
2016-06-05 23:13 - 2015-10-30 17:24 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2016-06-05 23:13 - 2015-10-30 17:24 - 00000000 ____D C:\WINDOWS\IME
2016-06-05 23:13 - 2015-10-30 17:24 - 00000000 ____D C:\WINDOWS\Help
2016-06-05 23:13 - 2015-10-30 17:24 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2016-06-05 23:13 - 2015-10-30 17:24 - 00000000 ____D C:\Program Files\Windows Defender
2016-06-05 23:13 - 2015-10-30 17:24 - 00000000 ____D C:\Program Files\Common Files\System
2016-06-05 23:13 - 2015-10-30 17:24 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2016-06-05 23:13 - 2015-10-30 17:24 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2016-06-05 23:13 - 2015-10-30 16:28 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism
2016-06-05 23:13 - 2015-10-30 16:28 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2016-06-05 23:13 - 2015-10-30 16:28 - 00000000 ____D C:\WINDOWS\system32\Dism
2016-06-05 23:13 - 2015-10-30 16:28 - 00000000 ____D C:\WINDOWS\servicing
2016-06-05 15:36 - 2015-11-29 17:14 - 00000000 ____D C:\ProgramData\Intel
2016-06-05 15:35 - 2016-06-02 22:38 - 00000000 ____D C:\Program Files (x86)\Intel
2016-06-05 13:57 - 2016-06-02 15:39 - 00000000 ____D C:\Users\Jacob\AppData\Local\VirtualStore
2016-06-04 10:51 - 2016-06-02 15:57 - 13553096 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvlddmkm.sys

==================== Files in the root of some directories =======

2016-06-02 15:39 - 2016-07-04 17:48 - 0000165 _____ () C:\Users\Jacob\AppData\Roaming\sp_data.sys
2016-06-09 12:21 - 2016-06-09 12:21 - 0000600 _____ () C:\Users\Jacob\AppData\Roaming\winscp.rnd
2016-06-28 16:56 - 2016-06-28 17:25 - 0000600 _____ () C:\Users\Jacob\AppData\Local\PUTTY.RND
2016-06-02 22:39 - 2016-06-02 22:39 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

Some files in TEMP:
====================
C:\Users\Jacob\AppData\Local\Temp\dllnt_dump.dll
C:\Users\Jacob\AppData\Local\Temp\libeay32.dll
C:\Users\Jacob\AppData\Local\Temp\msvcr120.dll
C:\Users\Jacob\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2016-06-26 17:27

==================== End of FRST.txt ============================
askjacob
Active Member
 
Posts: 12
Joined: July 4th, 2016, 4:12 am
Advertisement
Register to Remove

Re: Win 10, post Defender malware find

Unread postby askjacob » July 4th, 2016, 5:41 am

part 2, part 1 exceeded limit

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 02-07-2016
Ran by Jacob (2016-07-04 18:17:04)
Running from C:\Users\Jacob\Downloads
Windows 10 Home Version 1511 (X64) (2016-06-02 12:58:52)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1000113554-1559343911-2160561676-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1000113554-1559343911-2160561676-503 - Limited - Disabled)
Guest (S-1-5-21-1000113554-1559343911-2160561676-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1000113554-1559343911-2160561676-1004 - Limited - Enabled)
Jacob (S-1-5-21-1000113554-1559343911-2160561676-1001 - Administrator - Enabled) => C:\Users\Jacob

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Up to date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

80 Days (HKLM\...\Steam App 381780) (Version: - inkle Ltd)
Amnesia: The Dark Descent (HKLM\...\Steam App 57300) (Version: - Frictional Games)
And Yet It Moves (HKLM\...\Steam App 18700) (Version: - Broken Rules)
Aquaria (HKLM\...\Steam App 24420) (Version: - Bit Blot, LLC)
Arduino (HKLM-x32\...\Arduino) (Version: 1.6.9 - Arduino LLC)
ASUS Live Update (HKLM-x32\...\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}) (Version: 3.4.1 - ASUS)
ASUS Smart Gesture (HKLM-x32\...\{4D3286A6-F6AB-498A-82A4-E4F040529F3D}) (Version: 4.0.9 - ASUS)
ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 3.13.0004 - ASUS)
ASUS USB Charger Plus (HKLM-x32\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 4.1.6 - ASUS)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0040 - ASUS)
Atom Zombie Smasher (HKLM\...\Steam App 55040) (Version: - Blendo Games)
AudioWizard (HKLM-x32\...\{57E770A2-2BAF-4CAA-BAA3-BD896E2254D3}) (Version: 1.0.0.101 - ICEpower a/s)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Braid (HKLM\...\Steam App 26800) (Version: - Number None)
Broken Age (HKLM\...\Steam App 232790) (Version: - Double Fine Productions)
CDisplayEx 1.10.29 (HKLM\...\CDisplayEx_is1) (Version: - Progdigy Software S.A.R.L.)
Cibele (HKLM\...\Steam App 408120) (Version: - Star Maid Games)
Cogs (HKLM\...\Steam App 26500) (Version: - Lazy 8 Studios)
Cortex Command (HKLM\...\Steam App 209670) (Version: - Data Realms)
Crayon Physics Deluxe (HKLM\...\Steam App 26900) (Version: - Kloonigames)
CyberLink PhotoDirector 5 (HKLM-x32\...\InstallShield_{5A454EC5-217A-42a5-8CE1-2DDEC4E70E01}) (Version: 5.0.5.6515 - CyberLink Corp.)
CyberLink PhotoDirector 5 (Version: 5.0.5.6515 - CyberLink Corp.) Hidden
CyberLink PowerDirector 12 (HKLM-x32\...\InstallShield_{E1646825-D391-42A0-93AA-27FA810DA093}) (Version: 12.0.4010.0 - CyberLink Corp.)
CyberLink PowerDirector 12 (Version: 12.0.4010.0 - CyberLink Corp.) Hidden
Device Setup (HKLM-x32\...\{8D6B05E0-F457-408C-9D13-549334D8FAE1}) (Version: 2.0.2 - ASUSTek Computer Inc.)
DiskInternals Linux Reader (HKLM-x32\...\DiskInternals Linux Reader) (Version: 2.3.0.3 - DiskInternals Research)
Dropbox (HKLM-x32\...\Dropbox) (Version: 5.4.24 - Dropbox, Inc.)
Dropbox 25 GB (HKLM-x32\...\{597A58EC-42D6-4940-8739-FB94491B013C}) (Version: 1.0.8.0 - Dropbox, Inc.)
Dropbox Update Helper (x32 Version: 1.3.43.1 - Dropbox, Inc.) Hidden
EitherMouse 0.64 (HKLM-x32\...\EitherMouse) (Version: 0.64 - Steffen Software)
Evernote v. 5.8.6 (HKLM-x32\...\{FEDC7C10-EF67-11E4-9B07-00505695D7B0}) (Version: 5.8.6.7519 - Evernote Corp.)
f.lux (HKU\S-1-5-21-1000113554-1559343911-2160561676-1001\...\Flux) (Version: - )
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 7.3.4.311 - Foxit Software Inc.)
Gish (HKLM\...\Steam App 9500) (Version: - Cryptic Sea)
Hammerfight (HKLM\...\Steam App 41100) (Version: - Konstantin Koshutin)
Her Story (HKLM\...\Steam App 368370) (Version: - Sam Barlow)
Intel(R) Chipset Device Software (x32 Version: 10.1.1.9 - Intel(R) Corporation) Hidden
Intel(R) Driver Update Utility 2.5 (x32 Version: 2.5.0.22 - Intel) Hidden
Intel(R) Dynamic Platform and Thermal Framework (HKLM-x32\...\{654EE65D-FAA4-4EA6-8C07-DC94E6A304D4}) (Version: 8.1.10603.192 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1162 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4463 - Intel Corporation)
Intel(R) Product Improvement Program (x32 Version: 2.1.27.3 - Intel) Hidden
Intel(R) Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 30.100.1519.7 - Intel Corporation)
Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{64FD4757-7186-4F12-9AA8-5EE809CAB282}) (Version: 17.1.1532.1814 - Intel Corporation)
Intel® Driver Update Utility (HKLM-x32\...\{aa1dec3b-dc4b-4db0-8c18-9157457eff1f}) (Version: 2.5.0.22 - Intel)
Intel® PROSet/Wireless Software (HKLM-x32\...\{d5572863-793c-4ec8-872a-43cccc68b948}) (Version: 18.40.0 - Intel Corporation)
Intel® Security Assist (HKLM-x32\...\{4B230374-6475-4A73-BA6E-41015E9C5013}) (Version: 1.0.0.532 - Intel Corporation)
Intel® Watchdog Timer Driver (Intel® WDT) (HKLM-x32\...\{3FD0C489-0F02-481a-A3E1-9754CD396761}) (Version: - Intel Corporation)
Intel® Watchdog Timer Driver (Intel® WDT) (HKLM-x32\...\3FD0C489-0F02-481a-A3E1-9754CD396761) (Version: - Intel Corporation)
LIMBO (HKLM\...\Steam App 48000) (Version: - Playdead)
Lone Survivor: The Director's Cut (HKLM\...\Steam App 209830) (Version: - Jasper Byrne)
Lugaru HD (HKLM\...\Steam App 25010) (Version: - Wolfire Games)
Microsoft Office 2003 Web Components (HKLM-x32\...\{90120000-00A4-0409-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Office 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 16.0.6965.2058 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23918 (HKLM-x32\...\{dab68466-3a7d-41a8-a5cf-415e3ff8ef71}) (Version: 14.0.23918.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23918 (HKLM-x32\...\{2e085fd2-a3e4-4b39-8e10-6b8d35f55244}) (Version: 14.0.23918.0 - Microsoft Corporation)
Microsoft Visual Studio 2005 Remote Debugger Light (x64) - ENU (HKLM\...\Microsoft Visual Studio 2005 Remote Debugger Light (x64) - ENU) (Version: - Microsoft Corporation)
Mozilla Firefox 47.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 47.0 (x86 en-US)) (Version: 47.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 47.0.0.5999 - Mozilla)
MPC-HC 1.7.10 (64-bit) (HKLM\...\{2ACBF1FA-F5C3-4B19-A774-B22A31F231B9}_is1) (Version: 1.7.10 - MPC-HC Team)
NVIDIA GeForce Experience 2.11.4.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.11.4.0 - NVIDIA Corporation)
NVIDIA Graphics Driver 368.39 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 368.39 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (x32 Version: 16.0.6925.1018 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (Version: 16.0.6925.1018 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (x32 Version: 16.0.6925.1018 - Microsoft Corporation) Hidden
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
Penumbra: Overture (HKLM\...\Steam App 22180) (Version: - Frictional Games)
Portal (HKLM\...\Steam App 400) (Version: - Valve)
Psychonauts (HKLM\...\Steam App 3830) (Version: - Double Fine Productions)
Read Only Memories (HKLM\...\Steam App 330820) (Version: - MidBoss, LLC.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.10143.21278 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.2.703.2015 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7599 - Realtek Semiconductor Corp.)
ROG Game First III (HKLM-x32\...\{0C6E32E1-31D9-49F1-B67F-2941994002D5}) (Version: 1.00.27 - ASUSTeK Computer Inc.)
ROG Gaming Center (HKLM-x32\...\{CC182DBF-FC67-4F79-9930-6A2682E60BDD}) (Version: 1.0.1 - ASUS)
Samorost 2 (HKLM\...\Steam App 40720) (Version: - Amanita Design)
Samorost 3 (HKLM\...\Steam App 421120) (Version: - Amanita Design)
SHIELD Streaming (Version: 7.1.0280 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.11.4.0 - NVIDIA Corporation) Hidden
SolidWorks 2014 x64 Edition SP03 (HKLM-x32\...\SolidWorks Installation Manager 20140-40300-1100-100) (Version: 22.3.0.56 - SolidWorks Corporation)
SolidWorks 2014 x64 Edition SP03 (Version: 22.130.56 - SolidWorks) Hidden
SolidWorks Composer Player 2014 SP03 x64 Edition (Version: 22.30.56 - Dassault Systemes SolidWorks) Hidden
SolidWorks eDrawings 2014 x64 Edition SP03 (Version: 14.3.107 - Dassault Systèmes SolidWorks Corp) Hidden
SolidWorks Explorer 2014 SP03 x64 Edition (Version: 22.30.56 - SolidWorks Corporation) Hidden
SolidWorks Plastics 2014 SP03 x64 Edition (Version: 22.30.56 - SolidWorks Corporation) Hidden
Sorcery! Parts 1 & 2 (HKLM\...\Steam App 411000) (Version: - inkle Ltd)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Steel Storm: Burning Retribution (HKLM\...\Steam App 96200) (Version: - Kot in Action Creative Artel)
Super Meat Boy (HKLM\...\Steam App 40800) (Version: - Team Meat)
Superbrothers: Sword & Sworcery EP (HKLM\...\Steam App 204060) (Version: - Capybara)
VMware Workstation (HKLM\...\{4B855F64-CB51-4FC3-935F-5AF7D3372BDE}) (Version: 12.0.1 - VMware, Inc.)
Vulkan Run Time Libraries 1.0.11.1 (HKLM\...\VulkanRT1.0.11.1) (Version: 1.0.11.1 - LunarG, Inc.)
VVVVVV (HKLM\...\Steam App 70300) (Version: - Terry Cavanagh)
WebStorage (HKLM-x32\...\WebStorage) (Version: 2.2.8.559 - ASUS Cloud Corporation)
Windows Driver Package - ASUS (AsusSGDrv) Mouse (08/06/2015 8.0.0.19) (HKLM\...\149F37A1996406108DA0EB71D7EBC48895119059) (Version: 08/06/2015 8.0.0.19 - ASUS)
WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 3.0.1 - ASUS)
WinRAR 5.20 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.20.0 - win.rar GmbH)
WinSCP 5.7.7 (HKLM-x32\...\winscp3_is1) (Version: 5.7.7 - Martin Prikryl)
WinWget version 0.20 beta (HKLM-x32\...\WinWget_is1) (Version: 0.20 - WinWget Team)
World of Goo (HKLM\...\Steam App 22000) (Version: - 2D BOY)
XSplit Gamecaster (HKLM-x32\...\{0E12BEC0-F2EE-43FA-AEA0-24B5E9F80167}) (Version: 2.5.1507.3011 - SplitmediaLabs)
Zaccaria Pinball (HKLM\...\Steam App 444930) (Version: - Magic Pixel Kft.)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1000113554-1559343911-2160561676-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Jacob\AppData\Local\Microsoft\OneDrive\17.3.6390.0509_1\FileCoAuth.exe (Microsoft Corporation)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {00876D94-79B2-4059-9E8E-FC0818FC06CD} - System32\Tasks\ASUS\ASUS Product Register Service => C:\Program Files (x86)\ASUS\APRP\aprp.exe [2015-05-15] (ASUSTek Computer Inc.)
Task: {08DD0904-43E7-4A62-851C-1E10B1F0B066} - System32\Tasks\ASUS Splendid ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [2015-08-26] (ASUS)
Task: {10248DA9-AE45-4D49-9CA0-DE671CBCFCAF} - System32\Tasks\ASUS Live Update2 => C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe [2016-06-03] ()
Task: {1A4765AD-4610-4F71-B6ED-992F88728E9E} - System32\Tasks\ROG Gaming Center => C:\Program Files (x86)\ASUS\ROG Gaming Center\ROGGamingKey.exe [2015-08-13] (ASUSTek Computer Inc.)
Task: {1B343378-2ECC-4830-A3C6-154D2E574A6B} - System32\Tasks\Intel\Intel Telemetry 2 => C:\Program Files\Intel\Telemetry 2.0\lrio.exe [2015-06-05] (Intel Corporation)
Task: {249CB101-837F-4913-897D-5E2A7467A444} - System32\Tasks\ATK Package 36D18D69AFC3 => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe [2015-03-11] (ASUSTek Computer Inc.)
Task: {298A4C21-DE92-4438-A5D2-8B43C67B5095} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2015-09-03] (Realtek Semiconductor)
Task: {3527C467-B677-44B3-8BF8-0C68DEEE4593} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe [2016-03-21] (Safer-Networking Ltd.)
Task: {3ACB3852-449F-45C1-935E-99A320DA52D1} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-06-10] (Microsoft Corporation)
Task: {3CBD6324-5812-46AE-86C0-90DD712A6815} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2016-06-11] (Microsoft Corporation)
Task: {4B100C36-F2E1-4156-B567-EF8C9FCF89F7} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-06-10] (Microsoft Corporation)
Task: {5951DFD1-C8F9-497E-9390-F648DA51A4EA} - System32\Tasks\RtHDVBg_ListenToDevice => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2015-09-03] (Realtek Semiconductor)
Task: {6D65893C-62BA-47B7-A307-36FBD05281E0} - System32\Tasks\USER_ESRV_SVC_WILLAMETTE => Wscript.exe //B //NoLogo "C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\task.vbs"
Task: {96DBF111-AB4D-4A89-8859-15D8DC7022E6} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [2015-05-26] (ASUSTek Computer Inc.)
Task: {9CF72F14-2B73-414E-B313-5092E9E2A6A2} - System32\Tasks\ASUS Smart Gesture Launcher => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe [2015-08-18] (AsusTek)
Task: {AD3F2BE5-66AA-486A-AE73-1AE3CBFBDD54} - System32\Tasks\ASUS Live Update1 => C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe [2016-06-03] ()
Task: {ADEAA690-A594-48E8-AD74-D0117110C6E5} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe [2016-03-21] (Safer-Networking Ltd.)
Task: {BA766FB0-83D0-4CAD-9908-326EFF744DF3} - System32\Tasks\Intel\Intel Telemetry 2 (x86) => C:\Program Files (x86)\Intel\Telemetry 2.0\lrio.exe [2016-03-17] (Intel Corporation)
Task: {BB3F02A9-B320-487D-ACD5-94828AB46621} - System32\Tasks\Update Checker => C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe [2016-06-03] ()
Task: {BE5C4A16-EA43-47A9-B395-F3F90A960D5E} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe [2014-06-27] (Safer-Networking Ltd.)
Task: {C8D22562-8839-49FE-ABA7-B8B12964880E} - System32\Tasks\ATK Package A22126881260 => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe [2015-03-11] (ASUSTek Computer Inc.)
Task: {D600C82A-4433-4357-819A-342D6C3C7BF2} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-06-02] (Dropbox, Inc.)
Task: {DF73588D-4584-487E-8FFD-0134127B8EEC} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-06-02] (Dropbox, Inc.)
Task: {E9AD3EFA-E520-40BC-8BF3-E0A5CD989E2F} - System32\Tasks\DropboxOEM => C:\Program Files (x86)\Dropbox\DropboxOEM\DropboxOEM.exe [2015-05-30] ()
Task: {FECEF549-4C32-465A-BBC0-DED2477A0C3C} - System32\Tasks\{10DF89F9-96D3-4335-A085-74D59C6064D6} => pcalua.exe -a "C:\Program Files (x86)\Spybot - Search & Destroy 2\unins000.exe"

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

Shortcut: C:\Users\Jacob\Desktop\DiskInternals Research.lnk -> hxxp://www.diskinternals.com/go/ (No File)
Shortcut: C:\Users\Jacob\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DiskInternals\Linux Reader\DiskInternals Research.lnk -> hxxp://www.diskinternals.com/go/ (No File)

==================== Loaded Modules (Whitelisted) ==============

2015-10-30 17:17 - 2015-10-30 17:17 - 00028672 _____ () C:\WINDOWS\SYSTEM32\efsext.dll
2015-10-30 17:18 - 2015-10-30 17:18 - 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2015-11-29 17:53 - 2014-04-15 12:59 - 00389896 _____ () C:\Program Files\CyberLink\Shared files\RichVideo64.exe
2016-06-03 16:24 - 2016-06-03 16:24 - 02656952 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-06-15 11:42 - 2016-05-28 13:53 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-06-15 11:43 - 2016-05-28 13:54 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-06-03 16:24 - 2016-06-03 16:24 - 02656952 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2016-06-02 23:08 - 2016-06-02 23:08 - 00959168 _____ () C:\Users\Jacob\AppData\Local\Microsoft\OneDrive\17.3.6390.0509_1\amd64\ClientTelemetry.dll
2016-04-27 16:10 - 2016-04-27 16:10 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll
2016-06-03 16:24 - 2016-06-03 16:24 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2016-06-15 11:43 - 2016-05-28 13:59 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-06-15 11:43 - 2016-05-28 13:55 - 00936960 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll
2016-06-15 11:43 - 2016-05-28 13:56 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2016-06-15 11:43 - 2016-05-28 13:53 - 00529408 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.NodeWinrtWrap.dll
2015-10-30 17:18 - 2016-04-27 16:20 - 00037888 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\dss_service\node_modules\winrt-projections\bin\Winrt_Projections.node
2015-10-30 17:18 - 2016-04-27 16:19 - 00796160 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\dss_service\node_modules\windows.web.http\bin\NodeRT_Windows_Web_Http.node
2015-10-30 17:18 - 2016-04-27 16:20 - 00961024 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\dss_service\node_modules\windows.web.http.headers\bin\NodeRT_Windows_Web_Http_Headers.node
2015-10-30 17:18 - 2016-04-27 16:19 - 00206336 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\dss_service\node_modules\windows.web.http.filters\bin\NodeRT_Windows_Web_Http_Filters.node
2015-10-30 17:18 - 2016-04-27 16:19 - 00558592 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\dss_service\node_modules\windows.storage.streams\bin\NodeRT_Windows_Storage_Streams.node
2015-10-30 17:18 - 2016-04-27 16:20 - 00397824 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\dss_service\node_modules\windows.foundation\bin\NodeRT_Windows_Foundation.node
2015-10-30 17:18 - 2016-04-27 16:19 - 00181248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\dss_service\node_modules\nodert-buffer-utils\bin\NodeRT_Buffer_Utils.node
2015-10-30 17:18 - 2016-04-27 16:19 - 00093696 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\dss_service\node_modules\windows.security.cryptography\bin\NodeRT_Windows_Security_Cryptography.node
2015-10-30 17:18 - 2016-04-27 16:19 - 00200192 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\dss_service\node_modules\windows.cortana.pal\bin\NodeRT_Windows_Cortana_PAL.node
2015-09-10 17:42 - 2016-06-17 00:23 - 00384496 _____ () C:\WINDOWS\system32\igfxTray.exe
2016-06-19 21:38 - 2016-06-19 21:38 - 01560576 _____ () C:\Program Files (x86)\EitherMouse\EitherMouse.exe
2016-05-04 15:23 - 2016-05-04 15:23 - 01382368 _____ () C:\Program Files (x86)\ASUS\WebStorage\2.2.8.559\AsusWSService.exe
2016-06-03 08:16 - 2016-06-03 08:18 - 00144384 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
2016-06-05 11:03 - 2014-05-13 12:04 - 00109400 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2016-06-05 11:03 - 2014-05-13 12:04 - 00167768 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2016-06-05 11:03 - 2014-05-13 12:04 - 00416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
2016-06-05 11:03 - 2012-08-23 10:38 - 00574840 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll
2015-10-18 18:32 - 2015-10-18 18:32 - 01301696 _____ () C:\Program Files (x86)\VMware\VMware Workstation\libxml2.dll
2016-06-02 23:08 - 2016-06-02 23:08 - 00679624 _____ () C:\Users\Jacob\AppData\Local\Microsoft\OneDrive\17.3.6390.0509_1\ClientTelemetry.dll
2015-11-29 17:21 - 2016-06-15 06:03 - 00018880 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2016-06-22 18:38 - 2016-04-30 06:10 - 00785920 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2016-06-22 18:38 - 2015-07-04 02:12 - 04962816 _____ () C:\Program Files (x86)\Steam\v8.dll
2016-06-22 18:38 - 2016-06-15 10:47 - 02387024 _____ () C:\Program Files (x86)\Steam\video.dll
2016-06-22 18:38 - 2015-07-04 02:12 - 01556992 _____ () C:\Program Files (x86)\Steam\icui18n.dll
2016-06-22 18:38 - 2015-07-04 02:12 - 01187840 _____ () C:\Program Files (x86)\Steam\icuuc.dll
2016-06-22 18:38 - 2016-02-09 09:14 - 02549760 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll
2016-06-22 18:38 - 2016-02-09 09:14 - 00491008 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll
2016-06-22 18:38 - 2016-02-09 09:14 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll
2016-06-22 18:38 - 2016-02-09 09:14 - 00442880 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll
2016-06-22 18:38 - 2016-02-09 09:14 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll
2016-06-22 18:38 - 2016-06-15 10:47 - 00829008 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2016-06-22 18:38 - 2016-02-18 08:25 - 00281088 _____ () C:\Program Files (x86)\Steam\openvr_api.dll
2016-06-02 16:00 - 2016-05-26 03:03 - 00034768 _____ () C:\Program Files (x86)\Dropbox\Client\_multiprocessing.pyd
2016-06-25 07:22 - 2016-05-26 03:03 - 00134088 _____ () C:\Program Files (x86)\Dropbox\Client\pyexpat.pyd
2016-06-25 07:22 - 2016-05-26 03:04 - 00019408 _____ () C:\Program Files (x86)\Dropbox\Client\faulthandler.pyd
2016-06-25 07:22 - 2016-05-26 03:03 - 00116688 _____ () C:\Program Files (x86)\Dropbox\Client\pywintypes27.dll
2016-06-02 16:00 - 2016-05-26 03:03 - 00093640 _____ () C:\Program Files (x86)\Dropbox\Client\_ctypes.pyd
2016-06-02 16:00 - 2016-05-26 03:03 - 00018376 _____ () C:\Program Files (x86)\Dropbox\Client\select.pyd
2016-06-02 16:00 - 2016-06-14 06:13 - 00019760 _____ () C:\Program Files (x86)\Dropbox\Client\tornado.speedups.pyd
2016-06-02 16:00 - 2016-05-26 03:05 - 00105928 _____ () C:\Program Files (x86)\Dropbox\Client\win32api.pyd
2016-06-25 07:22 - 2016-05-26 03:03 - 00392144 _____ () C:\Program Files (x86)\Dropbox\Client\pythoncom27.dll
2016-06-02 16:00 - 2016-06-14 06:13 - 00381752 _____ () C:\Program Files (x86)\Dropbox\Client\win32com.shell.shell.pyd
2016-06-02 16:00 - 2016-05-26 03:03 - 00692688 _____ () C:\Program Files (x86)\Dropbox\Client\unicodedata.pyd
2016-06-25 07:22 - 2016-06-14 06:13 - 00020816 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._constant_time.pyd
2016-06-02 16:00 - 2016-05-26 03:04 - 00123856 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_backend.pyd
2016-06-25 07:22 - 2016-06-14 06:13 - 01682760 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._openssl.pyd
2016-06-25 07:22 - 2016-06-14 06:13 - 00020808 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._padding.pyd
2016-06-02 16:00 - 2016-06-14 06:13 - 00021840 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_unicode_environ_win32_x8bf8e68bx9968e850.pyd
2016-06-25 07:22 - 2016-06-14 06:13 - 00052024 _____ () C:\Program Files (x86)\Dropbox\Client\psutil._psutil_windows.pyd
2016-06-25 07:22 - 2016-06-14 06:13 - 00038696 _____ () C:\Program Files (x86)\Dropbox\Client\fastpath.pyd
2016-06-25 07:22 - 2016-05-26 03:05 - 00020936 _____ () C:\Program Files (x86)\Dropbox\Client\mmapfile.pyd
2016-06-02 16:00 - 2016-05-26 03:05 - 00024528 _____ () C:\Program Files (x86)\Dropbox\Client\win32event.pyd
2016-06-02 16:00 - 2016-05-26 03:05 - 00114640 _____ () C:\Program Files (x86)\Dropbox\Client\win32security.pyd
2016-06-02 16:00 - 2016-05-26 03:05 - 00124880 _____ () C:\Program Files (x86)\Dropbox\Client\win32file.pyd
2016-06-02 16:00 - 2016-06-14 06:13 - 00021832 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_pywin_kernel32_x64d8f881xc8c369be.pyd
2016-06-02 16:00 - 2016-05-26 03:05 - 00024016 _____ () C:\Program Files (x86)\Dropbox\Client\win32clipboard.pyd
2016-06-02 16:00 - 2016-05-26 03:05 - 00175560 _____ () C:\Program Files (x86)\Dropbox\Client\win32gui.pyd
2016-06-02 16:00 - 2016-05-26 03:05 - 00030160 _____ () C:\Program Files (x86)\Dropbox\Client\win32pipe.pyd
2016-06-02 16:00 - 2016-05-26 03:05 - 00043472 _____ () C:\Program Files (x86)\Dropbox\Client\win32process.pyd
2016-06-02 16:00 - 2016-05-26 03:05 - 00048592 _____ () C:\Program Files (x86)\Dropbox\Client\win32service.pyd
2016-06-02 16:00 - 2016-06-14 06:13 - 00023872 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.kernel32._winffi_kernel32.pyd
2016-06-25 07:22 - 2016-06-14 06:13 - 00026456 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox.infinite.win.compiled._driverinstallation.pyd
2016-06-02 16:00 - 2016-05-26 03:05 - 00057808 _____ () C:\Program Files (x86)\Dropbox\Client\win32evtlog.pyd
2016-06-02 16:00 - 2016-05-26 03:05 - 00024016 _____ () C:\Program Files (x86)\Dropbox\Client\win32profile.pyd
2016-06-25 07:22 - 2016-06-14 06:13 - 00246592 _____ () C:\Program Files (x86)\Dropbox\Client\breakpad.client.windows.handler.pyd
2016-06-02 16:00 - 2016-05-26 03:05 - 00028616 _____ () C:\Program Files (x86)\Dropbox\Client\win32ts.pyd
2016-06-02 16:00 - 2016-06-14 06:13 - 00020800 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.iphlpapi._winffi_iphlpapi.pyd
2016-06-02 16:00 - 2016-06-14 06:13 - 00019776 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winerror._winffi_winerror.pyd
2016-06-02 16:00 - 2016-06-14 06:13 - 00020800 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.wininet._winffi_wininet.pyd
2016-06-02 16:00 - 2016-05-26 03:03 - 00134608 _____ () C:\Program Files (x86)\Dropbox\Client\_elementtree.pyd
2016-06-25 07:22 - 2016-05-26 03:04 - 00240584 _____ () C:\Program Files (x86)\Dropbox\Client\jpegtran.pyd
2016-06-25 07:22 - 2016-06-14 06:13 - 00020280 _____ () C:\Program Files (x86)\Dropbox\Client\cpuid.compiled._cpuid.pyd
2016-06-02 16:00 - 2016-06-14 06:13 - 00023376 _____ () C:\Program Files (x86)\Dropbox\Client\winscreenshot.compiled._CaptureScreenshot.pyd
2016-06-02 16:00 - 2016-05-26 03:05 - 00350152 _____ () C:\Program Files (x86)\Dropbox\Client\winxpgui.pyd
2016-06-02 16:00 - 2016-06-14 06:13 - 00022352 _____ () C:\Program Files (x86)\Dropbox\Client\winverifysignature.compiled._VerifySignature.pyd
2016-06-25 07:22 - 2016-06-14 06:13 - 00024392 _____ () C:\Program Files (x86)\Dropbox\Client\librsyncffi.compiled._librsyncffi.pyd
2016-06-25 07:22 - 2016-05-26 03:05 - 00036296 _____ () C:\Program Files (x86)\Dropbox\Client\librsync.dll
2016-06-25 07:22 - 2016-06-14 06:13 - 00031568 _____ () C:\Program Files (x86)\Dropbox\Client\enterprise_data.compiled._enterprise_data.pyd
2016-06-25 07:22 - 2016-03-12 10:46 - 00293392 _____ () C:\Program Files (x86)\Dropbox\Client\EnterpriseDataAdapter.dll
2016-06-25 07:22 - 2016-06-14 06:13 - 00084280 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_sqlite_ext.DLL
2016-06-25 07:22 - 2016-06-14 06:13 - 01826096 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtCore.pyd
2016-06-02 16:00 - 2016-05-26 03:04 - 00083912 _____ () C:\Program Files (x86)\Dropbox\Client\sip.pyd
2016-06-25 07:22 - 2016-06-14 06:13 - 03928880 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWidgets.pyd
2016-06-25 07:22 - 2016-06-14 06:13 - 01971504 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtGui.pyd
2016-06-25 07:22 - 2016-06-14 06:13 - 00531248 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtNetwork.pyd
2016-06-25 07:22 - 2016-06-14 06:13 - 00132912 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKit.pyd
2016-06-25 07:22 - 2016-06-14 06:13 - 00223544 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKitWidgets.pyd
2016-06-25 07:22 - 2016-06-14 06:13 - 00207672 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtPrintSupport.pyd
2016-06-02 16:00 - 2016-05-26 03:05 - 00060880 _____ () C:\Program Files (x86)\Dropbox\Client\win32print.pyd
2016-06-02 16:00 - 2016-06-14 06:13 - 00025928 _____ () C:\Program Files (x86)\Dropbox\Client\windisplaytoast.compiled._DisplayToast.pyd
2016-06-02 16:00 - 2016-06-14 06:13 - 00024904 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_wpad_proxy_win_x752e3d61xdcfdcc84.pyd
2016-06-25 07:22 - 2016-06-14 06:13 - 00546096 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQuick.pyd
2016-06-25 07:22 - 2016-06-14 06:13 - 00357680 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQml.pyd
2016-06-22 18:38 - 2016-06-15 05:14 - 49826080 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll
2015-08-07 19:09 - 2015-08-07 19:09 - 01243936 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2015-08-26 03:40 - 2015-08-26 03:40 - 00027648 _____ () C:\Program Files (x86)\ASUS\Splendid\DetectDisplayDC.dll
2015-08-26 03:40 - 2015-08-26 03:40 - 00124928 _____ () C:\Program Files (x86)\ASUS\Splendid\CCTAdjust.dll
2016-06-03 08:16 - 2016-06-03 08:18 - 00141312 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeBackgroundTasks.dll
2016-06-03 08:16 - 2016-06-03 08:20 - 22284800 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkyWrap.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com
IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com
IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com
IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com
IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com
IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com
IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com
IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com

There are 7908 more sites.

IE restricted site: HKU\S-1-5-21-1000113554-1559343911-2160561676-1001\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-1000113554-1559343911-2160561676-1001\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-1000113554-1559343911-2160561676-1001\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-1000113554-1559343911-2160561676-1001\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-1000113554-1559343911-2160561676-1001\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-1000113554-1559343911-2160561676-1001\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-1000113554-1559343911-2160561676-1001\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-1000113554-1559343911-2160561676-1001\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-1000113554-1559343911-2160561676-1001\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-1000113554-1559343911-2160561676-1001\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-1000113554-1559343911-2160561676-1001\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-1000113554-1559343911-2160561676-1001\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-1000113554-1559343911-2160561676-1001\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-1000113554-1559343911-2160561676-1001\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-1000113554-1559343911-2160561676-1001\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-1000113554-1559343911-2160561676-1001\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-1000113554-1559343911-2160561676-1001\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-1000113554-1559343911-2160561676-1001\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-1000113554-1559343911-2160561676-1001\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-1000113554-1559343911-2160561676-1001\...\123simsen.com -> www.123simsen.com

There are 7908 more sites.


==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2015-07-10 21:04 - 2016-07-01 20:25 - 00452958 ____R C:\WINDOWS\system32\Drivers\etc\hosts

127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 1000gratisproben.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com
127.0.0.1 www.100sexlinks.com
127.0.0.1 100sexlinks.com
127.0.0.1 10sek.com
127.0.0.1 www.10sek.com
127.0.0.1 www.1-2005-search.com
127.0.0.1 1-2005-search.com
127.0.0.1 123fporn.info
127.0.0.1 www.123fporn.info
127.0.0.1 www.123haustiereundmehr.com
127.0.0.1 123haustiereundmehr.com
127.0.0.1 123moviedownload.com
127.0.0.1 www.123moviedownload.com

There are 15541 more lines.


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1000113554-1559343911-2160561676-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Jacob\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 8.8.8.8 - 8.8.4.4
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

HKLM\...\StartupApproved\StartupFolder: => "Heimdal.lnk"
HKLM\...\StartupApproved\StartupFolder: => "SolidWorks 2014 Fast Start.lnk"
HKLM\...\StartupApproved\StartupFolder: => "SolidWorks Background Downloader.lnk"
HKU\S-1-5-21-1000113554-1559343911-2160561676-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-1000113554-1559343911-2160561676-1001\...\StartupApproved\Run: => "SpybotPostWindows10UpgradeReInstall"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{24BE7522-12FC-4E1A-BCD8-1EC9BECFBB35}] => (Allow) C:\Program Files\CyberLink\PowerDirector12\PDR10.EXE
FirewallRules: [{68225EB6-14EE-4F22-AD31-2710606EB920}] => (Allow) C:\Windows\SysWOW64\ftp.exe
FirewallRules: [{DD27DE23-9144-47B5-8956-8D4AC7083729}] => (Allow) C:\Windows\SysWOW64\ftp.exe
FirewallRules: [{B2680CE9-0A29-42AC-8F2E-DB1E7E50939F}] => (Allow) C:\Windows\system32\ftp.exe
FirewallRules: [{D5D3BDB9-5930-42AD-AF6B-FE2708E0B7B6}] => (Allow) C:\Windows\system32\ftp.exe
FirewallRules: [{C4A83968-BAE3-4E04-879D-5E314E51BA76}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{E19912B7-D3E4-43BB-8C9B-C2DD1B508348}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{2CA7EF8A-A3B6-47FE-9DB3-D7FACA7F3864}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{7695977E-6AAD-4A5D-8D30-33C7943E6E99}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{C169AC4D-9DB7-472D-AFD3-A2477223C2F3}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{A26C3882-1017-415F-A0C0-5C21D435BA62}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{16A680A8-16BB-4553-B885-D8DB05430C63}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{6BEF936D-8AB8-4E43-8D0A-D0AB0BCC9070}] => (Allow) C:\Program Files (x86)\ASUS\ROG Game First III\gameFirst3.exe
FirewallRules: [{56179076-524B-4B27-8145-3A460ED2CC6C}] => (Allow) C:\Program Files (x86)\ASUS\ROG Game First III\gameFirst3.exe
FirewallRules: [{83259501-515F-41C7-8A15-0FBBF9C392A1}] => (Allow) C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe
FirewallRules: [{F96B8697-647F-4445-B740-18FAC5FC67E5}] => (Allow) C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe
FirewallRules: [{C3346573-BE89-4B8C-BBB5-E25B6ABFA0A2}] => (Allow) C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe
FirewallRules: [{255BF8B0-C390-422D-9CDE-28A240254AB6}] => (Allow) C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe
FirewallRules: [{CFCAE2EB-88CB-4A4F-9B07-71CDD09583A4}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{8D596406-EEC2-4FBA-A50B-E5ACB1ED68D7}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{104E7109-F84E-4B3F-AC50-BE1CD1DC87B7}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [{286CE0BA-0BAE-4B2A-A36B-73D5BD88E1DC}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [{751795B0-4354-4279-89B6-3EAAFB047BA7}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{C0DA2B7E-D75A-4BAA-98D7-3E4974A8ECFD}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{CF6939E5-55B8-439D-8509-C4AD71FD6DA2}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{EB218FBD-D36D-4953-A6E2-8F54E651BB97}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{3AE042D6-C6B5-415F-9725-1FF7B7C9564E}] => (Allow) C:\Program Files\SolidWorks Corp\SolidWorks\swScheduler\DTSCoordinatorService.exe
FirewallRules: [{221A79AF-F1E4-4DB2-A12A-668D8DEE5CE4}] => (Allow) C:\Program Files\SolidWorks Corp\SolidWorks\swScheduler\DTSCoordinatorService.exe
FirewallRules: [{D94511B0-CC9D-4E3C-A665-06E4F96B0D81}] => (Allow) C:\Program Files\SolidWorks Corp\SolidWorks\photoview\photoview360.exe
FirewallRules: [{EF6A5C39-6558-418B-9F43-7E3C44CD972F}] => (Allow) C:\Program Files\SolidWorks Corp\SolidWorks\photoview\photoview360.exe
FirewallRules: [{23A7B8A1-D489-4445-AD50-2B75A70B2831}] => (Allow) C:\Program Files\SolidWorks Corp\SolidWorks\photoview\photoview360_cl.exe
FirewallRules: [{953A63ED-4130-45E7-B1F4-9C0F672892E7}] => (Allow) C:\Program Files\SolidWorks Corp\SolidWorks\photoview\photoview360_cl.exe
FirewallRules: [{3B9C1CA6-DFA7-4903-9921-7F0ADB042FD6}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{C1359E85-5CC8-4FF2-84F4-A749ECFCD1F0}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{5E82C78E-D174-40B0-82E5-40EB173375C3}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{5278E403-B100-48BF-9CE5-DB87B8500BD9}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{F0ADCABA-C88B-4A1E-BE8D-39D95E813ED8}] => (Allow) D:\SteamLibrary\steamapps\common\Portal\hl2.exe
FirewallRules: [{B8C40F27-5D70-46D9-A314-78C4FDABE68F}] => (Allow) D:\SteamLibrary\steamapps\common\Portal\hl2.exe
FirewallRules: [{35008737-F52A-4E19-BC0A-54D6AAB31A60}] => (Allow) D:\SteamLibrary\steamapps\common\Zaccaria Pinball\ZaccariaPinball.exe
FirewallRules: [{1661616F-3104-42A7-8A20-BAF9C731D59B}] => (Allow) D:\SteamLibrary\steamapps\common\Zaccaria Pinball\ZaccariaPinball.exe
FirewallRules: [{448CA2D1-4806-48D0-BF84-E7D112DCB061}] => (Allow) D:\SteamLibrary\steamapps\common\World of Goo\WorldOfGoo.exe
FirewallRules: [{E47C103E-6E43-44C8-8DD1-30ED1A284CBA}] => (Allow) D:\SteamLibrary\steamapps\common\World of Goo\WorldOfGoo.exe
FirewallRules: [{41818F5D-E7F2-422A-983D-32AB215F8541}] => (Allow) D:\SteamLibrary\steamapps\common\Braid\braid.exe
FirewallRules: [{AEE737A5-0FC4-48D0-B7B8-6604D4847467}] => (Allow) D:\SteamLibrary\steamapps\common\Braid\braid.exe
FirewallRules: [{1A31BDD2-9A51-4F69-B98F-32A52C2BA76D}] => (Allow) D:\SteamLibrary\steamapps\common\Crayon Physics Deluxe\launcher.exe
FirewallRules: [{B0C01730-6054-4AEC-AC9F-D47F9C4B3E5E}] => (Allow) D:\SteamLibrary\steamapps\common\Crayon Physics Deluxe\launcher.exe
FirewallRules: [{0DDF7BF9-5DD2-48EE-B100-DD38DE8EA3D2}] => (Allow) D:\SteamLibrary\steamapps\common\Bastion\Bastion.exe
FirewallRules: [{5B6F326F-2F55-48B1-AB15-1244E743FD02}] => (Allow) D:\SteamLibrary\steamapps\common\Bastion\Bastion.exe
FirewallRules: [{557EC1ED-CD9D-48D3-8656-E2F8CD4314CE}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
FirewallRules: [{BC6A4BF0-DC62-439F-BEA8-07056949365C}] => (Allow) D:\SteamLibrary\steamapps\common\And Yet It Moves\And Yet It Moves.exe
FirewallRules: [{E7DB3BD1-6347-4383-A84F-4BE3088F8122}] => (Allow) D:\SteamLibrary\steamapps\common\And Yet It Moves\And Yet It Moves.exe
FirewallRules: [{8256924C-42CB-4CCB-B4FF-8D726B856074}] => (Allow) D:\SteamLibrary\steamapps\common\Psychonauts\Psychonauts.exe
FirewallRules: [{C49B2A1D-9906-4F9C-85BC-5BFE51FF3815}] => (Allow) D:\SteamLibrary\steamapps\common\Psychonauts\Psychonauts.exe
FirewallRules: [{0C048CB6-1A39-46F3-AF23-7C3F36208FEC}] => (Allow) D:\SteamLibrary\steamapps\common\Limbo\limbo.exe
FirewallRules: [{C2848CE3-CE4B-4F5D-BD95-A9C220BC3E1B}] => (Allow) D:\SteamLibrary\steamapps\common\Limbo\limbo.exe
FirewallRules: [{3693CB8E-0D2F-4B54-B2D0-AD60B9A34359}] => (Allow) D:\SteamLibrary\steamapps\common\Sorcery!\Sorcery!.exe
FirewallRules: [{36D77956-E308-4E71-B45B-13AE9972177C}] => (Allow) D:\SteamLibrary\steamapps\common\Sorcery!\Sorcery!.exe
FirewallRules: [{B6173E88-93EE-4694-8AA3-B482672C72A9}] => (Allow) D:\SteamLibrary\steamapps\common\Aquaria\Aquaria.exe
FirewallRules: [{32C895CF-982B-4250-A652-3CFF77925435}] => (Allow) D:\SteamLibrary\steamapps\common\Aquaria\Aquaria.exe
FirewallRules: [{45B7BB18-8708-4DFA-B3FB-3C34563306FD}] => (Allow) D:\SteamLibrary\steamapps\common\Broken Age\BrokenAge.exe
FirewallRules: [{5051C22D-A32A-4498-8BFC-C192DF4A5560}] => (Allow) D:\SteamLibrary\steamapps\common\Broken Age\BrokenAge.exe
FirewallRules: [{26DA73BC-4C59-4C57-9DBB-B1D11302ABD1}] => (Allow) D:\SteamLibrary\steamapps\common\Cibele\Cibele\Cibele.exe
FirewallRules: [{E1B8F9CF-56B8-42E0-A0CF-AF2BAF404FA6}] => (Allow) D:\SteamLibrary\steamapps\common\Cibele\Cibele\Cibele.exe
FirewallRules: [{44B28584-0D73-4584-BBFD-D3373B0F136D}] => (Allow) D:\SteamLibrary\steamapps\common\Cogs\cogs.exe
FirewallRules: [{4010464B-2549-41DC-9413-8864DEE1D66F}] => (Allow) D:\SteamLibrary\steamapps\common\Cogs\cogs.exe
FirewallRules: [{78ACB624-DCB0-475E-82E2-465170706FA3}] => (Allow) D:\SteamLibrary\steamapps\common\Gish\gish.exe
FirewallRules: [{4DF6F686-4FB6-428C-9137-A7159B6B1436}] => (Allow) D:\SteamLibrary\steamapps\common\Gish\gish.exe
FirewallRules: [{F909613C-388E-4D72-95F6-B3F89B919292}] => (Allow) D:\SteamLibrary\steamapps\common\Lugaru HD\Lugaru.exe
FirewallRules: [{7C0CC3E8-494F-41F4-B17E-91EB6A20FBAC}] => (Allow) D:\SteamLibrary\steamapps\common\Lugaru HD\Lugaru.exe
FirewallRules: [{389EB0C2-D43C-4951-A714-5D5899B55B67}] => (Allow) D:\SteamLibrary\steamapps\common\Penumbra Overture\redist\Penumbra.exe
FirewallRules: [{30953ED9-7EE0-420C-9F67-CF1253A620B3}] => (Allow) D:\SteamLibrary\steamapps\common\Penumbra Overture\redist\Penumbra.exe
FirewallRules: [{686F74A2-9BA0-4BED-BCE5-537145EB8B19}] => (Allow) D:\SteamLibrary\steamapps\common\Samorost 2\Samorost2.exe
FirewallRules: [{6381BAD7-1C41-461D-998C-209869F7F8CF}] => (Allow) D:\SteamLibrary\steamapps\common\Samorost 2\Samorost2.exe
FirewallRules: [{82B4A709-C287-4BF3-8931-24A75FBE7D4E}] => (Allow) D:\SteamLibrary\steamapps\common\Samorost 3\Samorost3.exe
FirewallRules: [{8048E852-6C41-40AA-B60D-64EF423D6309}] => (Allow) D:\SteamLibrary\steamapps\common\Samorost 3\Samorost3.exe
FirewallRules: [{D1E3041C-0537-47F4-AB8C-555CF2921657}] => (Allow) D:\SteamLibrary\steamapps\common\Read Only Memories\ROM.exe
FirewallRules: [{658B17EB-31D2-4716-A71F-85281606A0E8}] => (Allow) D:\SteamLibrary\steamapps\common\Read Only Memories\ROM.exe
FirewallRules: [{BAA7C959-48B3-4034-873E-FB5EC9A30D35}] => (Allow) D:\SteamLibrary\steamapps\common\steelstorm\steelstorm.exe
FirewallRules: [{EE02E1CB-8D74-4F70-8422-E4699ADC9051}] => (Allow) D:\SteamLibrary\steamapps\common\steelstorm\steelstorm.exe
FirewallRules: [{62F5BA36-0BF3-405D-B922-6471BF009CB3}] => (Allow) D:\SteamLibrary\steamapps\common\steelstorm\netradiant_win32\radiant.exe
FirewallRules: [{0A7111AD-AB0D-4C37-9A60-715F89158999}] => (Allow) D:\SteamLibrary\steamapps\common\steelstorm\netradiant_win32\radiant.exe
FirewallRules: [{E1F0B57F-279E-4D5C-8652-A68AFC55505C}] => (Allow) D:\SteamLibrary\steamapps\common\80 Days\80 Days.exe
FirewallRules: [{BADDAD11-4B62-4686-99C2-2539170C48C2}] => (Allow) D:\SteamLibrary\steamapps\common\80 Days\80 Days.exe
FirewallRules: [{3C8AD5E8-F689-4D1C-9C66-47F6CE9E5A0C}] => (Allow) D:\SteamLibrary\steamapps\common\Lone Survivor\LoneSurvivor\LoneSurvivor.exe
FirewallRules: [{4FD88BD1-AD8C-4A64-BEB6-9C9AF3A13F10}] => (Allow) D:\SteamLibrary\steamapps\common\Lone Survivor\LoneSurvivor\LoneSurvivor.exe
FirewallRules: [{D47CF01F-034F-41DB-B43F-B7B2CD1924E5}] => (Allow) D:\SteamLibrary\steamapps\common\Cortex Command\Cortex Command.exe
FirewallRules: [{A5B9FE62-EE93-42B3-8339-2CBD04E20694}] => (Allow) D:\SteamLibrary\steamapps\common\Cortex Command\Cortex Command.exe
FirewallRules: [{70EFBAB2-E3E8-45F9-9597-B0293DCC7B74}] => (Allow) D:\SteamLibrary\steamapps\common\atomzombiesmasher\data\atomzombiesmasher.exe
FirewallRules: [{A53F6411-18A7-4022-A8EA-35FEADA94772}] => (Allow) D:\SteamLibrary\steamapps\common\atomzombiesmasher\data\atomzombiesmasher.exe
FirewallRules: [{7338C728-041D-46A1-8FED-298FCF8D90B2}] => (Allow) D:\SteamLibrary\steamapps\common\Super Meat Boy\SuperMeatBoy.exe
FirewallRules: [{5202E7F7-03C0-481A-8EA7-7B04ACD42F08}] => (Allow) D:\SteamLibrary\steamapps\common\Super Meat Boy\SuperMeatBoy.exe
FirewallRules: [{5F8BC044-353D-4380-9A77-D9CEFD18FDF1}] => (Allow) D:\SteamLibrary\steamapps\common\vvvvvv\VVVVVV.exe
FirewallRules: [{5F25331C-9679-4B49-818F-B5A78A2C3B13}] => (Allow) D:\SteamLibrary\steamapps\common\vvvvvv\VVVVVV.exe
FirewallRules: [{31AA7966-6A7C-44BA-9259-374579494490}] => (Allow) D:\SteamLibrary\steamapps\common\Hammerfight\Hammerfight.exe
FirewallRules: [{3211B2AE-9B95-465D-A485-2E2A9B4A94F2}] => (Allow) D:\SteamLibrary\steamapps\common\Hammerfight\Hammerfight.exe
FirewallRules: [{D27CCBFF-FC1B-402C-86C8-2FDAF6E81690}] => (Allow) D:\SteamLibrary\steamapps\common\Amnesia The Dark Descent\Amnesia.exe
FirewallRules: [{5F48685A-4013-4F86-AFC8-5ECF6CD7ED14}] => (Allow) D:\SteamLibrary\steamapps\common\Amnesia The Dark Descent\Amnesia.exe
FirewallRules: [{07325787-F071-45C3-923C-576094D16596}] => (Allow) D:\SteamLibrary\steamapps\common\Amnesia The Dark Descent\Launcher.exe
FirewallRules: [{08F46B5C-1548-41C1-8531-206DB36602E3}] => (Allow) D:\SteamLibrary\steamapps\common\Amnesia The Dark Descent\Launcher.exe
FirewallRules: [{E593F06A-6F59-487F-B6C9-407559EBF8C4}] => (Allow) D:\SteamLibrary\steamapps\common\Superbrothers Sword & Sworcery EP\swordandsworcery_pc.exe
FirewallRules: [{38EF1588-EBEA-4B63-B55C-E414E6BC9563}] => (Allow) D:\SteamLibrary\steamapps\common\Superbrothers Sword & Sworcery EP\swordandsworcery_pc.exe
FirewallRules: [{369E65A8-EC76-4E43-A113-00D295F0E3B1}] => (Allow) D:\SteamLibrary\steamapps\common\HER STORY\HerStory.exe
FirewallRules: [{45B7E9CE-42E4-41AE-9993-4785220339D9}] => (Allow) D:\SteamLibrary\steamapps\common\HER STORY\HerStory.exe
FirewallRules: [{2C373972-B3AC-47BB-BE5A-D9507CD2765A}] => (Allow) C:\Program Files\Windows Defender\MsMpEng.exe
FirewallRules: [{EE94B7ED-1352-4CA7-9E45-AAD7F6767123}] => (Allow) C:\Program Files\Windows Defender\MsMpEng.exe
FirewallRules: [{26C1DFA1-54F0-4E1F-AB74-78DCDCBA9B78}] => (Allow) C:\Program Files\Windows Defender\MsMpEng.exe
FirewallRules: [{233F595B-012B-4372-8AC3-A1AA255B816A}] => (Allow) C:\Program Files\Windows Defender\MsMpEng.exe
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service

==================== Restore Points =========================

22-06-2016 22:13:04 Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23918
22-06-2016 22:14:01 Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23918
26-06-2016 00:10:35 Installed DirectX
04-07-2016 16:41:17 Scheduled Checkpoint

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (07/04/2016 04:41:34 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.

Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol.

System Error:
Access is denied.
.

Error: (07/04/2016 02:47:51 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: SearchUI.exe, version: 10.0.10586.420, time stamp: 0x57491ba1
Faulting module name: Windows.UI.Xaml.dll, version: 10.0.10586.306, time stamp: 0x571af9f6
Exception code: 0xc000027b
Fault offset: 0x0000000000281f52
Faulting process id: 0x2204
Faulting application start time: 0xSearchUI.exe0
Faulting application path: SearchUI.exe1
Faulting module path: SearchUI.exe2
Report Id: SearchUI.exe3
Faulting package full name: SearchUI.exe4
Faulting package-relative application ID: SearchUI.exe5

Error: (07/04/2016 02:47:38 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: MOBILELABMAX)
Description: Activation of app Microsoft.Windows.Photos_8wekyb3d8bbwe!App failed with error: -2147023170 See the Microsoft-Windows-TWinUI/Operational log for additional information.

Error: (07/04/2016 02:47:32 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Microsoft.Photos.exe, version: 16.526.11240.0, time stamp: 0x574744f3
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xe0464645
Fault offset: 0x0000000000000000
Faulting process id: 0x2cbc
Faulting application start time: 0xMicrosoft.Photos.exe0
Faulting application path: Microsoft.Photos.exe1
Faulting module path: Microsoft.Photos.exe2
Report Id: Microsoft.Photos.exe3
Faulting package full name: Microsoft.Photos.exe4
Faulting package-relative application ID: Microsoft.Photos.exe5

Error: (07/03/2016 01:08:18 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: SearchUI.exe, version: 10.0.10586.420, time stamp: 0x57491ba1
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xe0464645
Fault offset: 0x0000000000000000
Faulting process id: 0x2e28
Faulting application start time: 0xSearchUI.exe0
Faulting application path: SearchUI.exe1
Faulting module path: SearchUI.exe2
Report Id: SearchUI.exe3
Faulting package full name: SearchUI.exe4
Faulting package-relative application ID: SearchUI.exe5

Error: (07/03/2016 09:06:02 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: SearchUI.exe, version: 10.0.10586.420, time stamp: 0x57491ba1
Faulting module name: Windows.UI.Xaml.dll, version: 10.0.10586.306, time stamp: 0x571af9f6
Exception code: 0xc000027b
Fault offset: 0x0000000000281f52
Faulting process id: 0x2ee4
Faulting application start time: 0xSearchUI.exe0
Faulting application path: SearchUI.exe1
Faulting module path: SearchUI.exe2
Report Id: SearchUI.exe3
Faulting package full name: SearchUI.exe4
Faulting package-relative application ID: SearchUI.exe5

Error: (07/03/2016 06:37:54 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: MOBILELABMAX)
Description: Activation of app Microsoft.WindowsMaps_8wekyb3d8bbwe!App failed with error: -2144927148 See the Microsoft-Windows-TWinUI/Operational log for additional information.

Error: (07/03/2016 06:37:41 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: MOBILELABMAX)
Description: Activation of app Microsoft.WindowsMaps_8wekyb3d8bbwe!App failed with error: -2144927148 See the Microsoft-Windows-TWinUI/Operational log for additional information.

Error: (07/03/2016 06:31:57 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: MOBILELABMAX)
Description: Activation of app Microsoft.WindowsMaps_8wekyb3d8bbwe!App failed with error: -2144927148 See the Microsoft-Windows-TWinUI/Operational log for additional information.

Error: (07/03/2016 06:26:53 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: MOBILELABMAX)
Description: Activation of app Microsoft.WindowsMaps_8wekyb3d8bbwe!App failed with error: -2144927148 See the Microsoft-Windows-TWinUI/Operational log for additional information.


System errors:
=============
Error: (07/04/2016 05:50:24 PM) (Source: DCOM) (EventID: 10016) (User: MOBILELABMAX)
Description: machine-defaultLocalActivation{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}MOBILELABMAXJacobS-1-5-21-1000113554-1559343911-2160561676-1001LocalHost (Using LRPC)Microsoft.Windows.FeatureOnDemand.InsiderHub_10.0.10586.0_neutral_neutral_cw5n1h2txyewyS-1-15-2-4016783169-893401051-2237370320-274899566-412088533-2398988950-2155762795

Error: (07/04/2016 05:46:52 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: The Intel(R) Management and Security Application Local Management Service service hung on starting.

Error: (07/04/2016 05:46:48 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)UnavailableUnavailable

Error: (07/04/2016 05:43:58 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The VMware Workstation Server service failed to start due to the following error:
%%1053 = The service did not respond to the start or control request in a timely fashion.


Error: (07/04/2016 05:43:58 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the VMwareHostd service to connect.

Error: (07/04/2016 05:43:19 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: The Delivery Optimization service hung on starting.

Error: (07/04/2016 05:40:23 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Windows Presentation Foundation Font Cache 3.0.0.0 service failed to start due to the following error:
%%1053 = The service did not respond to the start or control request in a timely fashion.


Error: (07/04/2016 05:40:07 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the FontCache3.0.0.0 service to connect.

Error: (07/04/2016 05:39:07 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The SystemUsageReportSvc_WILLAMETTE service failed to start due to the following error:
%%1053 = The service did not respond to the start or control request in a timely fashion.


Error: (07/04/2016 05:39:07 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the SystemUsageReportSvc_WILLAMETTE service to connect.


CodeIntegrity:
===================================
Date: 2016-07-02 13:31:12.777
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2016-06-22 18:36:46.227
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-06-18 03:49:06.750
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-06-16 03:37:19.500
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-06-12 11:47:50.174
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-06-09 23:33:29.210
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-06-09 15:44:01.652
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-06-08 21:31:37.293
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-06-08 20:24:37.027
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-06-06 02:44:45.047
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.


==================== Memory info ===========================

Processor: Intel(R) Core(TM) i7-6700HQ CPU @ 2.60GHz
Percentage of memory in use: 41%
Total physical RAM: 8090.55 MB
Available physical RAM: 4742.59 MB
Total Virtual: 10778.55 MB
Available Virtual: 7488.2 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:371.85 GB) (Free:142.34 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive d: (DATA) (Fixed) (Total:558.91 GB) (Free:233.39 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: D1E086BE)

Partition: GPT.

==================== End of Addition.txt ============================
askjacob
Active Member
 
Posts: 12
Joined: July 4th, 2016, 4:12 am

Re: Win 10, post Defender malware find

Unread postby askjacob » July 4th, 2016, 7:03 am

UPDATE to add behaviour: machine is not redirecting, however there is the odd bit of behaviour I can't really attribute to "just wireless". The main problem I have is the lengthy boot/post log in hdd churn, that has me concerned.
askjacob
Active Member
 
Posts: 12
Joined: July 4th, 2016, 4:12 am

Re: Win 10, post Defender malware find

Unread postby Gary R » July 4th, 2016, 5:22 pm

Bumping or Replying to Your Own Topic

May I draw your attention to the topic: ALL USERS OF THIS FORUM MUST READ THIS FIRST, which you should have read before posting for help.

The section here explains why you should not reply to or try to bump your topic.
Please submit a new log and wait for a helper to reply. Thank you for your understanding.

This topic is now closed.
User avatar
Gary R
Administrator
Administrator
 
Posts: 25888
Joined: June 28th, 2005, 11:36 am
Location: Yorkshire
Advertisement
Register to Remove


  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 118 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware