Solved AdWare on computer, I've tried everything except Windows re-install.

DeadpixeI

DeadpixeI

Posts: 53   +0
I have this Adware on my computer that sometimes redirects me to a certain website, and has 5-6 links pop up right after searching something on Google. I've tried everything, reinstalling Chrome, AdwCleaner, JRT, and an ESET one-time scan, nothing has worked. Malwarebytes (3) won't even let me start the service, as it gives me an error saying "Unable to connect the service" or something like that. I installed a previous version of Malwarebytes, and it found nothing after running a full custom-scan of the entire drive. I attached a picture of what the Adware normally looks like. These links pop up about .5 seconds after the google search results show up. The actual search results start at that video on the bottom of the image. It affects Chrome, IE, Edge, and Firefox, but surprisingly not Opera. I really don't want to have to re-install, but I'm getting slowly desperate.
 

Attachments

  • Adware in action.PNG
    Adware in action.PNG
    219.4 KB · Views: 0
Welcome aboard

Please, complete all steps listed here: https://www.techspot.com/community/...lware-removal-preliminary-instructions.58138/
Make sure, you PASTE all logs. If some log exceeds 50,000 characters post limit, split it between couple of replies.
Attached logs won't be reviewed.

Please, observe following rules:
  • Read all of my instructions very carefully. Your mistakes during cleaning process may have very serious consequences, like unbootable computer.
  • If you're stuck, or you're not sure about certain step, always ask before doing anything else.
  • Please refrain from running any tools, fixes or applying any changes to your computer other than those I suggest.
  • Never run more than one scan at a time.
  • Keep updating me regarding your computer behavior, good, or bad.
  • The cleaning process, once started, has to be completed. Even if your computer appears to act better, it may still be infected. Once the computer is totally clean, I'll certainly let you know.
  • If you leave the topic without explanation in the middle of a cleaning process, you may not be eligible to receive any more help in malware removal forum.
  • I close my topics if you have not replied in 5 days. If you need more time, simply let me know. If I closed your topic and you need it to be reopened, simply PM me.
 
BEFORE GETTING INTO IT, I tried to install an antivirus from the link you sent, but I ran into issues. I tried Avast but it failed, I can post the fail log if you want. Second, Microsoft Essentials didn't let me install because it said I had Windows Defender, and Comodo wanted to install a new browser and a bunch of other garbage, so I didn't let it. So as of now, I have no anti-virus (besides Windows Defender). The FRST log is split between replies, the Addition log is (probably) also split into separate replies.

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 08-07-2017
Ran by ChristopherAubert (administrator) on CHRISTOPHERPC (11-07-2017 12:50:46)
Running from C:\Users\Christopher\Desktop
Loaded Profiles: ChristopherAubert (Available Profiles: ChristopherAubert)
Platform: Windows 10 Pro Version 1703 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool:

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
() C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe
(Broadcom Corporation.) C:\Windows\System32\BtwRSupportService.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome Remote Desktop\59.0.3071.47\remoting_host.exe
() C:\Users\Christopher\AppData\Local\ntuserlitelist\dataup\dataup.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe
() C:\Windows\System32\PnkBstrA.exe
(Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe
(Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKServer.exe
() C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
() C:\Windows\runSW.exe
(Skype Technologies) C:\Program Files (x86)\Skype\Updater\Updater.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Realtek) C:\Windows\SwUSB.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome Remote Desktop\59.0.3071.47\remoting_host.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
() C:\Windows\System32\tprdpw64.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.MicrosoftStickyNotes_1.8.0.0_x64__8wekyb3d8bbwe\Microsoft.StickyNotes.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler64.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
() C:\Program Files (x86)\puush\puush.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvspcaps64.exe
(Spotify Ltd) C:\Users\Christopher\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OFFICE15\CSISYNCCLIENT.EXE
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office15\MSOSYNC.EXE
(Google Inc.) C:\Users\Christopher\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Christopher\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Christopher\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Christopher\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Christopher\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Christopher\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Christopher\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Christopher\AppData\Local\Google\Chrome\Application\chrome.exe
(Wondershare) C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office15\ONENOTEM.EXE
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.18.614.0_x64__kzf8qxf38zg5c\SkypeHost.exe
() C:\Users\Christopher\AppData\Local\ntuserlitelist\svcvmx\svcvmx.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
() C:\Users\Christopher\AppData\Local\ntuserlitelist\svcvmx\vmxclient.exe
() C:\Users\Christopher\AppData\Local\ntuserlitelist\svcvmx\vmxclient.exe
() C:\Users\Christopher\AppData\Local\ntuserlitelist\svcvmx\vmxclient.exe
() C:\Users\Christopher\AppData\Local\ntuserlitelist\svcvmx\vmxclient.exe
() C:\Users\Christopher\AppData\Local\ntuserlitelist\svcvmx\vmxclient.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Google Inc.) C:\Users\Christopher\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Christopher\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Christopher\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Christopher\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Christopher\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Christopher\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Christopher\AppData\Local\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Google Inc.) C:\Users\Christopher\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Christopher\AppData\Local\Google\Chrome\Application\chrome.exe

==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [629152 2017-03-18] (Microsoft Corporation)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8492800 2015-06-24] (Realtek Semiconductor)
HKLM\...\Run: [ShadowPlay] => "C:\Windows\system32\rundll32.exe" C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [322472 2015-06-23] (Intel Corporation)
HKLM-x32\...\Run: [Razer Synapse] => C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [596640 2017-04-13] (Razer Inc.)
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2087264 2014-09-11] (Wondershare)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-03-15] (Oracle Corporation)
HKLM-x32\...\Run: [cpx] => "C:\Users\Christopher\AppData\Local\ntuserlitelist\cpx\cpx.exe" -starup <==== ATTENTION
HKLM-x32\...\Run: [svcvmx] => C:\Users\Christopher\AppData\Local\ntuserlitelist\svcvmx\svcvmx.exe [884224 2017-04-21] ()
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [5885352 2017-06-29] (LogMeIn Inc.)
HKU\S-1-5-21-3319825686-2643767977-2016650390-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3062048 2017-07-06] (Valve Corporation)
HKU\S-1-5-21-3319825686-2643767977-2016650390-1001\...\Run: [puush] => C:\Program Files (x86)\puush\puush.exe [568904 2015-06-27] ()
HKU\S-1-5-21-3319825686-2643767977-2016650390-1001\...\Run: [Spotify Web Helper] => C:\Users\Christopher\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1560176 2017-06-16] (Spotify Ltd)
HKU\S-1-5-21-3319825686-2643767977-2016650390-1001\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [23819304 2017-03-21] (Google)
HKU\S-1-5-21-3319825686-2643767977-2016650390-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4299968 2016-06-22] (Disc Soft Ltd)
HKU\S-1-5-21-3319825686-2643767977-2016650390-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27716568 2017-05-04] (Skype Technologies S.A.)
HKU\S-1-5-21-3319825686-2643767977-2016650390-1001\...\Run: [Google Update] => C:\Users\Christopher\AppData\Local\Google\Update\1.3.33.5\GoogleUpdateCore.exe [601168 2017-07-10] (Google Inc.)
HKU\S-1-5-21-3319825686-2643767977-2016650390-1001\...\Run: [GoogleChromeAutoLaunch_D3EE6E7DA0645F6660E47697F62AE98F] => C:\Users\Christopher\AppData\Local\Google\Chrome\Application\chrome.exe [1197912 2017-06-22] (Google Inc.)
HKU\S-1-5-21-3319825686-2643767977-2016650390-1001\...\MountPoints2: {e3eead84-1858-11e5-825a-fcaa1445223f} - "F:\WD Drive Unlock.exe" autoplay=true
HKU\S-1-5-18\...\RunOnce: [WinResSync] => C:\Windows\system32\regsvr32.exe /s "C:\Users\Christopher\AppData\Roaming\Microsoft\Protect\1ffbdafb-e426-4797-a49b-28263145e01c.rs" <==== ATTENTION
Startup: C:\Users\Christopher\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Send to OneNote.lnk [2017-04-26]
ShortcutTarget: Send to OneNote.lnk -> C:\Program Files\Microsoft Office\Office15\ONENOTEM.EXE (Microsoft Corporation)
GroupPolicy: Restriction <==== ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

ProxyEnable: [.DEFAULT] => Proxy is enabled.
ProxyServer: [.DEFAULT] => 127.0.0.1:8003
ProxyEnable: [S-1-5-19] => Proxy is enabled.
ProxyServer: [S-1-5-19] => 127.0.0.1:8003
ProxyEnable: [S-1-5-20] => Proxy is enabled.
ProxyServer: [S-1-5-20] => 127.0.0.1:8003
ProxyServer: [S-1-5-21-3319825686-2643767977-2016650390-1001] => 127.0.0.1:8003
Hosts: 37.139.50.192 www.gstatic.com
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{032803e0-8e3d-4074-a603-13ce2fa6be1f}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{0e7e2cbf-86ca-44b6-b78b-34cd497e6b20}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{2ec9c44c-b42e-42ee-b564-0a3a66d30bda}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{401984dc-3453-4b14-8465-91d94fd40f52}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{83a64d07-af5e-4ba9-bfca-81ea87f11111}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{d69afc5f-c2e7-42a4-9c58-5c7adbe54b90}: [DhcpNameServer] 192.168.0.1

Internet Explorer:
==================
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2017-02-23] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\ssv.dll [2017-04-30] (Oracle Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2017-02-23] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\jp2ssv.dll [2017-04-30] (Oracle Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2016-05-17] (Microsoft Corporation)

FireFox:
========
FF DefaultProfile: 6wg7kf84.default
FF ProfilePath: C:\Users\Christopher\AppData\Roaming\Mozilla\Firefox\Profiles\6wg7kf84.default [2017-07-10]
FF Homepage: Mozilla\Firefox\Profiles\6wg7kf84.default -> msn.com
FF Extension: (Avira Browser Safety) - C:\Users\Christopher\AppData\Roaming\Mozilla\Firefox\Profiles\6wg7kf84.default\Extensions\abs@avira.com [2017-06-07]
FF Extension: (Chrome Store Foxified) - C:\Users\Christopher\AppData\Roaming\Mozilla\Firefox\Profiles\6wg7kf84.default\Extensions\Chrome-Store-Foxified@jetpack.xpi [2016-11-09]
FF Extension: (Twitch Now) - C:\Users\Christopher\AppData\Roaming\Mozilla\Firefox\Profiles\6wg7kf84.default\Extensions\jid1-jwVSihNsgAw5jA@jetpack.xpi [2016-10-30]
FF Extension: (FrankerFaceZ) - C:\Users\Christopher\AppData\Roaming\Mozilla\Firefox\Profiles\6wg7kf84.default\Extensions\jid1-snHdAu6px3p0jA@jetpack.xpi [2016-11-19]
FF Extension: (Adblock Plus) - C:\Users\Christopher\AppData\Roaming\Mozilla\Firefox\Profiles\6wg7kf84.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-11-23]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_26_0_0_137.dll [2017-07-11] ()
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-16] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_26_0_0_137.dll [2017-07-11] ()
FF Plugin-x32: @esn/esnlaunch,version=2.3.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll [2013-09-16] (ESN Social Software AB)
FF Plugin-x32: @java.com/DTPlugin,version=11.131.2 -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\dtplugin\npDeployJava1.dll [2017-04-30] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.131.2 -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\plugin2\npjp2.dll [2017-04-30] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-21] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-27] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-27] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-04-04] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3319825686-2643767977-2016650390-1001: @citrixonline.com/appdetectorplugin -> C:\Users\Christopher\AppData\Local\Citrix\Plugins\104\npappdetector.dll [2016-08-30] (Citrix Online)
FF Plugin HKU\S-1-5-21-3319825686-2643767977-2016650390-1001: @tools.google.com/Google Update;version=3 -> C:\Users\Christopher\AppData\Local\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-07-10] (Google Inc.)
FF Plugin HKU\S-1-5-21-3319825686-2643767977-2016650390-1001: @tools.google.com/Google Update;version=9 -> C:\Users\Christopher\AppData\Local\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-07-10] (Google Inc.)
FF Plugin HKU\S-1-5-21-3319825686-2643767977-2016650390-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Christopher\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-08-18] (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-3319825686-2643767977-2016650390-1001: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2017-06-19] ()

Chrome:
=======
CHR HomePage: Default -> hxxps://www.youtube.com/feed/subscriptions
CHR StartupUrls: Default -> "hxxp://msn.com/"
CHR Profile: C:\Users\Christopher\AppData\Local\Google\Chrome\User Data\Default [2017-07-11]
CHR Extension: (Google Translate) - C:\Users\Christopher\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2017-07-10]
CHR Extension: (Google Slides) - C:\Users\Christopher\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-07-10]
CHR Extension: (BetterTTV) - C:\Users\Christopher\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajopnjidmegmdimjlfnijceegpefgped [2017-07-10]
CHR Extension: (Google Docs) - C:\Users\Christopher\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-07-10]
CHR Extension: (Google Drive) - C:\Users\Christopher\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-07-10]
CHR Extension: (YouTube) - C:\Users\Christopher\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-07-10]
CHR Extension: (Adobe Acrobat) - C:\Users\Christopher\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-07-10]
CHR Extension: (Google Sheets) - C:\Users\Christopher\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-07-10]
CHR Extension: (Google Docs Offline) - C:\Users\Christopher\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-07-10]
CHR Extension: (AdBlock) - C:\Users\Christopher\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2017-07-10]
CHR Extension: (Kappa Everywhere - Global Twitch Emotes) - C:\Users\Christopher\AppData\Local\Google\Chrome\User Data\Default\Extensions\jafkphjeboadjffjfcigcdfdilpcacod [2017-07-10]
CHR Extension: (Auto HD For YouTube™) - C:\Users\Christopher\AppData\Local\Google\Chrome\User Data\Default\Extensions\koiaokdomkpjdgniimnkhgbilbjgpeak [2017-07-10]
CHR Extension: (Google Play) - C:\Users\Christopher\AppData\Local\Google\Chrome\User Data\Default\Extensions\komhbcfkdcgmcdoenjcjheifdiabikfi [2017-07-10]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\Christopher\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2017-07-10]
CHR Extension: (Google Play Books) - C:\Users\Christopher\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmimngoggfoobjdlefbcabngfnmieonb [2017-07-10]
CHR Extension: (Tom's Hardware - My Threads) - C:\Users\Christopher\AppData\Local\Google\Chrome\User Data\Default\Extensions\nddbmgcnelmmhlfibkmfnhnfeccaliip [2017-07-10]
CHR Extension: (Twitch Now) - C:\Users\Christopher\AppData\Local\Google\Chrome\User Data\Default\Extensions\nlmbdmpjmlijibeockamioakdpmhjnpk [2017-07-10]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Christopher\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-07-10]
CHR Extension: (Gmail) - C:\Users\Christopher\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-07-10]
CHR Extension: (Chrome Media Router) - C:\Users\Christopher\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-07-10]
CHR HKLM\...\Chrome\Extension: [ccbpbkebodcjkknkfkpmfeciinhidaeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-3319825686-2643767977-2016650390-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [ccbpbkebodcjkknkfkpmfeciinhidaeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
 
Opera:
=======
StartMenuInternet: (HKLM) OperaStable - C:\Program Files\Opera\Launcher.exe

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

"drmkpro64" => service could not be unlocked. <==== ATTENTION

R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe [936728 2013-07-03] ()
R2 BcmBtRSupport; C:\WINDOWS\system32\BtwRSupportService.exe [2297104 2015-10-12] (Broadcom Corporation.)
R2 chromoting; C:\Program Files (x86)\Google\Chrome Remote Desktop\59.0.3071.47\remoting_host.exe [71512 2017-05-09] (Google Inc.)
R2 Dataup; C:\Users\Christopher\AppData\Local\ntuserlitelist\dataup\dataup.exe [77824 2017-01-05] () [File not signed] <==== ATTENTION
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [1467072 2016-06-22] (Disc Soft Ltd)
R2 Hamachi2Svc; C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe [3418024 2017-06-29] (LogMeIn Inc.)
S2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [18856 2015-06-23] (Intel Corporation)
R2 igfxCUIService2.0.0.0; C:\Windows\system32\igfxCUIService.exe [373744 2016-11-01] (Intel Corporation)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe [419248 2016-05-27] (LogMeIn, Inc.)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [495224 2017-06-21] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [495224 2017-06-21] (NVIDIA Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [462968 2017-06-07] (NVIDIA Corporation)
R2 NvTelemetryContainer; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [450168 2017-06-21] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2168208 2017-06-15] (Electronic Arts)
R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3148184 2017-06-15] (Electronic Arts)
R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76152 2015-12-05] ()
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2015-12-03] ()
R2 Razer Chroma SDK Server; C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKServer.exe [401024 2017-06-16] (Razer Inc.)
R2 Razer Chroma SDK Service; C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe [178824 2017-06-16] (Razer Inc.)
R2 Razer Game Scanner Service; C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [189264 2016-09-24] ()
R2 RunSwUSB; C:\Windows\runSW.exe [44760 2014-12-12] ()
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [3913064 2017-07-03] (Microsoft Corporation)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [10885360 2017-05-31] (TeamViewer GmbH)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [342264 2017-03-18] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [102816 2017-06-20] (Microsoft Corporation)
S2 windowsmanagementservice; C:\Users\Christopher\AppData\Local\lqylpia\ykvvg\ct.exe [689664 2017-05-30] () [File not signed] <==== ATTENTION
S2 srcsrv; C:\Windows\src_srv\winsrcsrv.exe [X] <==== ATTENTION

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2013-07-03] ()
S3 bcbtums; C:\Windows\system32\drivers\bcbtums.sys [227144 2015-10-12] (Broadcom Corporation.)
S3 CMUSBDAC; C:\Windows\system32\DRIVERS\CMUSBDAC.sys [3778592 2015-11-26] (C-MEDIA)
S3 cpuz141; C:\Users\Christopher\AppData\Local\Temp\cpuz141\cpuz141_x64.sys [46400 2017-06-19] (CPUID) <==== ATTENTION
S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.)
R3 dtlitescsibus; C:\Windows\System32\drivers\dtlitescsibus.sys [30264 2016-07-11] (Disc Soft Ltd)
R3 dtliteusbbus; C:\Windows\System32\drivers\dtliteusbbus.sys [47672 2016-07-11] (Disc Soft Ltd)
S3 Hamachi; C:\Windows\System32\drivers\Hamdrv.sys [45680 2016-04-05] (LogMeIn Inc.)
R1 HWiNFO32; C:\WINDOWS\SysWOW64\drivers\HWiNFO64A.SYS [27552 2017-06-23] (REALiX(tm))
R1 MpKsl7ae9c57a; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{833BC728-0352-41E6-B497-2EFA0BC2D3F4}\MpKsl7ae9c57a.sys [44928 2017-07-11] (Microsoft Corporation)
R3 nvlddmkm; C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_2d81f3535ced17c6\nvlddmkm.sys [14461344 2017-06-08] (NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30328 2017-06-21] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [48248 2017-06-21] (NVIDIA Corporation)
R3 nvvhci; C:\Windows\System32\drivers\nvvhci.sys [57792 2017-06-07] (NVIDIA Corporation)
S3 ptun0901; C:\Windows\System32\drivers\ptun0901.sys [27136 2016-04-21] (The OpenVPN Project)
R0 pwdrvio; C:\Windows\System32\pwdrvio.sys [19152 2013-09-30] ()
S3 pwdspio; C:\Windows\system32\pwdspio.sys [12504 2013-09-30] ()
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [887552 2015-07-14] (Realtek )
S3 RTCore64; C:\Program Files (x86)\MSI Afterburner\RTCore64.sys [14024 2016-10-24] ()
R3 RtlWlanu; C:\Windows\System32\drivers\rtwlanu.sys [4635352 2015-07-03] (Realtek Semiconductor Corporation )
R3 rzendpt; C:\Windows\System32\drivers\rzendpt.sys [51736 2016-06-23] (Razer Inc)
R2 rzpmgrk; C:\WINDOWS\system32\drivers\rzpmgrk.sys [44144 2016-09-16] (Razer, Inc.)
R2 rzpnk; C:\WINDOWS\system32\drivers\rzpnk.sys [137840 2016-09-07] (Razer, Inc.)
S3 rzvkeyboard; C:\Windows\System32\drivers\rzvkeyboard.sys [43032 2016-04-08] (Razer Inc)
S3 SDFRd; C:\Windows\System32\drivers\SDFRd.sys [31128 2017-03-18] ()
S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.)
S3 VBAudioVACMME; C:\Windows\system32\DRIVERS\vbaudio_cable64_win7.sys [41192 2014-09-02] (Windows (R) Win 7 DDK provider)
S3 VBAudioVMVAIOMME; C:\Windows\system32\DRIVERS\vbaudio_vmvaio64_win7.sys [41192 2017-04-16] (Windows (R) Win 7 DDK provider)
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44632 2017-03-18] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [294816 2017-03-18] (Microsoft Corporation)
S3 wdm_usb; C:\Windows\system32\DRIVERS\usb2ser.sys [151184 2016-07-15] (MBB)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [121248 2017-03-18] (Microsoft Corporation)
S3 XtuAcpiDriver; C:\Windows\System32\drivers\XtuAcpiDriver.sys [63840 2015-07-10] (Intel Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-07-11 12:46 - 2017-07-11 12:46 - 00010802 _____ C:\Users\Christopher\Desktop\Avast Failing Log.txt
2017-07-11 12:45 - 2017-07-11 12:45 - 00084556 _____ C:\Users\Christopher\Desktop\Addition.txt
2017-07-11 12:44 - 2017-07-11 12:50 - 00027741 _____ C:\Users\Christopher\Desktop\FRST.txt
2017-07-11 12:39 - 2017-07-11 12:39 - 02437120 _____ (Farbar) C:\Users\Christopher\Desktop\FRST64.exe
2017-07-11 12:35 - 2017-07-11 12:35 - 00000000 ____D C:\ProgramData\Shared Space
2017-07-11 12:35 - 2017-07-11 12:35 - 00000000 ____D C:\ProgramData\Comodo Downloader
2017-07-11 12:35 - 2017-07-11 12:35 - 00000000 ____D C:\ProgramData\Comodo
2017-07-11 12:34 - 2017-07-11 12:34 - 00002259 _____ C:\Windows\epplauncher.mif
2017-07-11 10:57 - 2017-07-11 11:06 - 35612552 _____ (Adlice Software ) C:\Users\Christopher\Desktop\RogueKiller_setup_ref3.exe
2017-07-11 09:42 - 2017-07-11 09:42 - 00000000 ___HD C:\OneDriveTemp
2017-07-10 22:31 - 2017-07-10 22:31 - 00001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2017-07-10 22:31 - 2017-07-10 22:31 - 00000993 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2017-07-10 22:31 - 2017-07-10 22:31 - 00000000 ____D C:\Program Files\Mozilla Firefox
2017-07-10 22:31 - 2017-07-10 22:31 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-07-10 22:10 - 2017-07-10 22:10 - 02316744 _____ (Malwarebytes Corporation) C:\Users\Christopher\Desktop\mb-check-3.1.4.1002.exe
2017-07-10 22:10 - 2017-07-10 22:10 - 00059252 _____ C:\Users\Christopher\Desktop\mb-check-results.zip
2017-07-10 22:00 - 2017-07-10 22:00 - 00003692 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3319825686-2643767977-2016650390-1001UA
2017-07-10 22:00 - 2017-07-10 22:00 - 00003424 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3319825686-2643767977-2016650390-1001Core
2017-07-10 22:00 - 2017-07-10 22:00 - 00002503 _____ C:\Users\Christopher\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-07-10 22:00 - 2017-07-10 22:00 - 00002495 _____ C:\Users\Christopher\Desktop\Google Chrome.lnk
2017-07-10 15:12 - 2017-07-10 15:14 - 00000000 ____D C:\Users\Christopher\Desktop\3DS Stuff
2017-07-10 15:07 - 2017-03-23 10:04 - 03547136 _____ C:\Windows\system32\pwNative.exe
2017-07-10 15:06 - 2017-07-10 15:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MiniTool Partition Wizard 10
2017-07-10 15:06 - 2017-07-10 15:06 - 00000000 ____D C:\Program Files\MiniTool Partition Wizard 10
2017-07-10 15:06 - 2013-09-30 16:26 - 00019152 _____ C:\Windows\system32\pwdrvio.sys
2017-07-10 15:06 - 2013-09-30 16:26 - 00012504 _____ C:\Windows\system32\pwdspio.sys
2017-07-10 13:23 - 2017-07-10 13:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2017-07-10 13:23 - 2017-07-10 13:23 - 00000000 ____D C:\Program Files (x86)\LogMeIn Hamachi
2017-07-10 11:51 - 2017-07-10 11:51 - 65033984 _____ (Malwarebytes ) C:\Users\Christopher\Desktop\mb3-setup-consumer-3.1.2.1733-1.0.160-1.0.2251.exe
2017-07-09 00:05 - 2017-07-09 09:59 - 00000000 ____D C:\Users\Christopher\AppData\Local\llssoft
2017-07-08 23:31 - 2017-07-08 23:31 - 00000000 ____D C:\Users\Christopher\AppData\LocalLow\Smartly Dressed Games
2017-07-03 22:47 - 2017-07-03 22:47 - 00000222 _____ C:\Users\Christopher\Desktop\Watch_Dogs.url
2017-07-03 21:39 - 2017-07-03 21:39 - 00000000 ____D C:\Users\Christopher\AppData\Local\PeerDistRepub
2017-07-03 13:53 - 2017-07-03 13:54 - 00000000 ____D C:\Windows\CSC
2017-07-03 13:53 - 2017-07-03 13:53 - 00000000 __SHD C:\Windows\BitLockerDiscoveryVolumeContents
2017-07-03 13:53 - 2017-07-03 13:53 - 00000000 ___SD C:\Windows\system32\AppV
2017-07-03 13:53 - 2017-07-03 13:53 - 00000000 ____D C:\Windows\RemotePackages
2017-07-03 13:53 - 2017-07-03 13:53 - 00000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2017-07-03 13:50 - 2017-03-18 15:59 - 00034774 _____ C:\Windows\Professional.xml
2017-07-02 19:47 - 2017-07-02 19:47 - 00001111 _____ C:\Users\Public\Desktop\Vegas Pro 13.0 (64-bit).lnk
2017-07-02 19:47 - 2017-07-02 19:47 - 00000000 ____D C:\ProgramData\Sony
2017-07-02 19:47 - 2017-07-02 19:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony
2017-07-02 19:47 - 2017-07-02 19:47 - 00000000 ____D C:\Program Files\Sony
2017-07-02 19:47 - 2017-07-02 19:47 - 00000000 ____D C:\Program Files (x86)\Sony
2017-07-02 19:21 - 2017-07-02 19:21 - 00000000 ____D C:\Users\Christopher\AppData\Roaming\Sony Creative Software Inc
2017-07-01 21:11 - 2017-07-01 21:11 - 00001128 _____ C:\Users\Public\Desktop\OpenOffice 4.1.3.lnk
2017-07-01 21:11 - 2017-07-01 21:11 - 00000000 ___SD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.3
2017-07-01 21:11 - 2017-07-01 21:11 - 00000000 ____D C:\Users\Christopher\AppData\Roaming\OpenOffice
2017-07-01 21:11 - 2017-07-01 21:11 - 00000000 ____D C:\Program Files (x86)\OpenOffice 4
2017-06-30 15:12 - 2017-06-30 15:12 - 06754944 _____ (ESET spol. s r.o.) C:\Users\Christopher\Desktop\esetonlinescanner_enu.exe
2017-06-30 15:12 - 2017-06-30 15:12 - 00000000 ____D C:\Users\Christopher\AppData\Local\ESET
2017-06-30 15:07 - 2017-06-30 15:08 - 01663672 _____ (Malwarebytes) C:\Users\Christopher\Desktop\JRT.exe
2017-06-30 01:37 - 2017-06-30 01:37 - 04110280 _____ C:\Users\Christopher\Desktop\adwcleaner_6.047.exe
2017-06-29 23:44 - 2017-07-09 16:24 - 00003376 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1498797898
2017-06-29 23:44 - 2017-07-09 16:24 - 00000000 ____D C:\Program Files\Opera
2017-06-29 23:44 - 2017-06-29 23:44 - 00001166 _____ C:\Users\Public\Desktop\Opera Browser.lnk
2017-06-29 23:44 - 2017-06-29 23:44 - 00001166 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera Browser.lnk
2017-06-29 22:36 - 2017-06-29 22:36 - 00000000 ____D C:\Users\Christopher\AppData\Local\Deployment
2017-06-29 22:18 - 2017-07-09 19:29 - 00000000 ____D C:\AdwCleaner
2017-06-29 20:56 - 2017-06-20 00:08 - 00527360 _____ (Microsoft Corporation) C:\Windows\system32\aadcloudap.dll
2017-06-29 20:56 - 2017-06-20 00:08 - 00256000 _____ (Microsoft Corporation) C:\Windows\system32\domgmt.dll
2017-06-29 20:56 - 2017-06-20 00:04 - 01818624 _____ (Microsoft Corporation) C:\Windows\system32\UIAutomationCore.dll
2017-06-29 20:56 - 2017-06-20 00:02 - 03377664 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll
2017-06-29 20:56 - 2017-06-20 00:01 - 03332096 _____ (Microsoft Corporation) C:\Windows\system32\SRH.dll
2017-06-29 20:56 - 2017-06-20 00:01 - 01305088 _____ (Microsoft Corporation) C:\Windows\system32\dosvc.dll
2017-06-29 20:56 - 2017-06-20 00:00 - 02597888 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll
2017-06-29 20:56 - 2017-06-19 23:39 - 02671616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tquery.dll
2017-06-29 20:56 - 2017-06-19 23:38 - 01451008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIAutomationCore.dll
2017-06-29 20:56 - 2017-06-19 23:35 - 02679296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SRH.dll
2017-06-29 20:56 - 2017-06-19 23:35 - 02132480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssrch.dll
2017-06-29 20:55 - 2017-06-20 01:18 - 01564576 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2017-06-29 20:55 - 2017-06-20 01:16 - 01214880 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2017-06-29 20:55 - 2017-06-20 01:15 - 01147296 _____ (Microsoft Corporation) C:\Windows\system32\hvix64.exe
2017-06-29 20:55 - 2017-06-20 01:15 - 01024928 _____ (Microsoft Corporation) C:\Windows\system32\hvax64.exe
2017-06-29 20:55 - 2017-06-20 01:11 - 08318880 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2017-06-29 20:55 - 2017-06-20 01:11 - 02399728 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2017-06-29 20:55 - 2017-06-20 01:11 - 00411992 _____ (Microsoft Corporation) C:\Windows\system32\MSAudDecMFT.dll
2017-06-29 20:55 - 2017-06-20 01:09 - 02969888 _____ (Microsoft Corporation) C:\Windows\system32\CoreUIComponents.dll
2017-06-29 20:55 - 2017-06-20 01:08 - 00923048 _____ (Microsoft Corporation) C:\Windows\system32\CoreMessaging.dll
2017-06-29 20:55 - 2017-06-20 01:04 - 04847424 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2017-06-29 20:55 - 2017-06-20 01:03 - 07325584 _____ (Microsoft Corporation) C:\Windows\system32\windows.storage.dll
2017-06-29 20:55 - 2017-06-20 01:03 - 05477096 _____ (Microsoft Corporation) C:\Windows\system32\OneCoreUAPCommonProxyStub.dll
2017-06-29 20:55 - 2017-06-20 01:03 - 02444704 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2017-06-29 20:55 - 2017-06-20 01:02 - 02645688 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2017-06-29 20:55 - 2017-06-20 01:02 - 01055648 _____ (Microsoft Corporation) C:\Windows\system32\LicenseManager.dll
2017-06-29 20:55 - 2017-06-20 01:01 - 00872472 _____ (Microsoft Corporation) C:\Windows\system32\ClipSVC.dll
2017-06-29 20:55 - 2017-06-20 01:00 - 00558920 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.dll
2017-06-29 20:55 - 2017-06-20 01:00 - 00255904 _____ (Microsoft Corporation) C:\Windows\system32\AppxAllUserStore.dll
2017-06-29 20:55 - 2017-06-20 01:00 - 00142752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wcifs.sys
2017-06-29 20:55 - 2017-06-20 00:59 - 07904784 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Protection.PlayReady.dll
2017-06-29 20:55 - 2017-06-20 00:59 - 06554928 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.dll
2017-06-29 20:55 - 2017-06-20 00:59 - 01670496 _____ (Microsoft Corporation) C:\Windows\system32\winmde.dll
2017-06-29 20:55 - 2017-06-20 00:59 - 01220072 _____ (Microsoft Corporation) C:\Windows\system32\mfsvr.dll
2017-06-29 20:55 - 2017-06-20 00:59 - 01054280 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2017-06-29 20:55 - 2017-06-20 00:58 - 21352184 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2017-06-29 20:55 - 2017-06-20 00:58 - 00406072 _____ (Microsoft Corporation) C:\Windows\system32\MMDevAPI.dll
2017-06-29 20:55 - 2017-06-20 00:58 - 00371616 _____ (Microsoft Corporation) C:\Windows\system32\CloudExperienceHost.dll
2017-06-29 20:55 - 2017-06-20 00:57 - 02681760 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2017-06-29 20:55 - 2017-06-20 00:28 - 23675904 _____ (Microsoft Corporation) C:\Windows\system32\edgehtml.dll
2017-06-29 20:55 - 2017-06-20 00:17 - 03670528 _____ (Microsoft Corporation) C:\Windows\system32\win32kfull.sys
2017-06-29 20:55 - 2017-06-20 00:15 - 01839872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2017-06-29 20:55 - 2017-06-20 00:15 - 00455104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSAudDecMFT.dll
2017-06-29 20:55 - 2017-06-20 00:14 - 17364480 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.dll
2017-06-29 20:55 - 2017-06-20 00:14 - 02199552 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.Resources.dll
2017-06-29 20:55 - 2017-06-20 00:14 - 01150784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll
2017-06-29 20:55 - 2017-06-20 00:13 - 02259760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CoreUIComponents.dll
2017-06-29 20:55 - 2017-06-20 00:12 - 07931392 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll
2017-06-29 20:55 - 2017-06-20 00:12 - 00293376 _____ (Microsoft Corporation) C:\Windows\system32\MusNotification.exe
2017-06-29 20:55 - 2017-06-20 00:11 - 00518144 _____ (Microsoft Corporation) C:\Windows\system32\daxexec.dll
2017-06-29 20:55 - 2017-06-20 00:11 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2017-06-29 20:55 - 2017-06-20 00:11 - 00064512 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2017-06-29 20:55 - 2017-06-20 00:10 - 00722432 _____ (Microsoft Corporation) C:\Windows\system32\MusUpdateHandlers.dll
2017-06-29 20:55 - 2017-06-20 00:10 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\SettingsEnvironment.Desktop.dll
2017-06-29 20:55 - 2017-06-20 00:10 - 00096256 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2017-06-29 20:55 - 2017-06-20 00:09 - 23681536 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2017-06-29 20:55 - 2017-06-20 00:09 - 00427008 _____ (Microsoft Corporation) C:\Windows\system32\provengine.dll
2017-06-29 20:55 - 2017-06-20 00:09 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2017-06-29 20:55 - 2017-06-20 00:08 - 04469840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2017-06-29 20:55 - 2017-06-20 00:08 - 00646656 _____ (Microsoft Corporation) C:\Windows\system32\LockHostingFramework.dll
2017-06-29 20:55 - 2017-06-20 00:08 - 00386560 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2017-06-29 20:55 - 2017-06-20 00:08 - 00274944 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2017-06-29 20:55 - 2017-06-20 00:07 - 12786688 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2017-06-29 20:55 - 2017-06-20 00:07 - 05820984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\windows.storage.dll
2017-06-29 20:55 - 2017-06-20 00:07 - 01878016 _____ (Microsoft Corporation) C:\Windows\system32\AzureSettingSyncProvider.dll
2017-06-29 20:55 - 2017-06-20 00:07 - 01517536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2017-06-29 20:55 - 2017-06-20 00:07 - 00823296 _____ (Microsoft Corporation) C:\Windows\system32\MbaeApi.dll
2017-06-29 20:55 - 2017-06-20 00:07 - 00632832 _____ (Microsoft Corporation) C:\Windows\system32\tileobjserver.dll
2017-06-29 20:55 - 2017-06-20 00:07 - 00510976 _____ (Microsoft Corporation) C:\Windows\system32\TDLMigration.dll
2017-06-29 20:55 - 2017-06-20 00:07 - 00422400 _____ (Microsoft Corporation) C:\Windows\system32\WpAXHolder.dll
2017-06-29 20:55 - 2017-06-20 00:07 - 00411136 _____ (Microsoft Corporation) C:\Windows\system32\updatehandlers.dll
2017-06-29 20:55 - 2017-06-20 00:06 - 02165752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2017-06-29 20:55 - 2017-06-20 00:06 - 00925696 _____ (Microsoft Corporation) C:\Windows\system32\WpcWebFilter.dll
2017-06-29 20:55 - 2017-06-20 00:06 - 00847872 _____ (Microsoft Corporation) C:\Windows\system32\bisrv.dll
2017-06-29 20:55 - 2017-06-20 00:06 - 00754592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\LicenseManager.dll
2017-06-29 20:55 - 2017-06-20 00:06 - 00751104 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2017-06-29 20:55 - 2017-06-20 00:06 - 00411648 _____ (Microsoft Corporation) C:\Windows\system32\ActivationManager.dll
2017-06-29 20:55 - 2017-06-20 00:06 - 00299520 _____ (Microsoft Corporation) C:\Windows\system32\AboveLockAppHost.dll
2017-06-29 20:55 - 2017-06-20 00:05 - 04447744 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_nt.dll
2017-06-29 20:55 - 2017-06-20 00:05 - 01468416 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.desktop.dll
2017-06-29 20:55 - 2017-06-20 00:05 - 01260544 _____ (Microsoft Corporation) C:\Windows\system32\GamePanel.exe
2017-06-29 20:55 - 2017-06-20 00:05 - 00687616 _____ (Microsoft Corporation) C:\Windows\system32\LogonController.dll
2017-06-29 20:55 - 2017-06-20 00:05 - 00585216 _____ (Microsoft Corporation) C:\Windows\system32\AppReadiness.dll
2017-06-29 20:55 - 2017-06-20 00:05 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\InstallAgentUserBroker.exe
2017-06-29 20:55 - 2017-06-20 00:05 - 00406528 _____ (Microsoft Corporation) C:\Windows\system32\InputSwitch.dll
2017-06-29 20:55 - 2017-06-20 00:05 - 00374784 _____ (Microsoft Corporation) C:\Windows\system32\InstallAgent.exe
2017-06-29 20:55 - 2017-06-20 00:05 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\cldapi.dll
2017-06-29 20:55 - 2017-06-20 00:04 - 08243712 _____ (Microsoft Corporation) C:\Windows\system32\Chakra.dll
2017-06-29 20:55 - 2017-06-20 00:04 - 08211968 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2017-06-29 20:55 - 2017-06-20 00:04 - 02330520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\combase.dll
2017-06-29 20:55 - 2017-06-20 00:04 - 01177600 _____ (Microsoft Corporation) C:\Windows\system32\Unistore.dll
2017-06-29 20:55 - 2017-06-20 00:04 - 00181656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppxAllUserStore.dll
2017-06-29 20:55 - 2017-06-20 00:03 - 20372896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2017-06-29 20:55 - 2017-06-20 00:03 - 06763648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Protection.PlayReady.dll
2017-06-29 20:55 - 2017-06-20 00:03 - 05806048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.dll
2017-06-29 20:55 - 2017-06-20 00:03 - 02077184 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2017-06-29 20:55 - 2017-06-20 00:03 - 01396224 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2017-06-29 20:55 - 2017-06-20 00:02 - 03204096 _____ (Microsoft Corporation) C:\Windows\system32\Microsoft.Bluetooth.Profiles.Gatt.dll
2017-06-29 20:55 - 2017-06-20 00:02 - 02804736 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentServer.dll
2017-06-29 20:55 - 2017-06-20 00:02 - 01886208 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.onecore.dll
2017-06-29 20:55 - 2017-06-20 00:02 - 01121928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfsvr.dll
2017-06-29 20:55 - 2017-06-20 00:02 - 00988168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2017-06-29 20:55 - 2017-06-20 00:02 - 00707072 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2017-06-29 20:55 - 2017-06-20 00:02 - 00681984 _____ (Microsoft Corporation) C:\Windows\system32\usocore.dll
2017-06-29 20:55 - 2017-06-20 00:02 - 00354400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MMDevAPI.dll
2017-06-29 20:55 - 2017-06-20 00:01 - 04536320 _____ (Microsoft Corporation) C:\Windows\system32\MFMediaEngine.dll
2017-06-29 20:55 - 2017-06-20 00:01 - 04396032 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_47.dll
2017-06-29 20:55 - 2017-06-20 00:01 - 03803136 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettingsThresholdAdminFlowUI.dll
2017-06-29 20:55 - 2017-06-20 00:01 - 03307008 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2017-06-29 20:55 - 2017-06-20 00:01 - 03059200 _____ (Microsoft Corporation) C:\Windows\system32\NetworkMobileSettings.dll
2017-06-29 20:55 - 2017-06-20 00:01 - 02499584 _____ (Microsoft Corporation) C:\Windows\system32\twinui.pcshell.dll
2017-06-29 20:55 - 2017-06-20 00:01 - 01142272 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2017-06-29 20:55 - 2017-06-20 00:01 - 01076736 _____ (Microsoft Corporation) C:\Windows\system32\twinui.appcore.dll
2017-06-29 20:55 - 2017-06-20 00:00 - 05557760 _____ (Microsoft Corporation) C:\Windows\system32\dbgeng.dll
2017-06-29 20:55 - 2017-06-20 00:00 - 03057664 _____ (Microsoft Corporation) C:\Windows\system32\CertEnroll.dll
2017-06-29 20:55 - 2017-06-20 00:00 - 02649600 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll
2017-06-29 20:55 - 2017-06-20 00:00 - 02443776 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2017-06-29 20:55 - 2017-06-20 00:00 - 02171392 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Bluetooth.dll
2017-06-29 20:55 - 2017-06-20 00:00 - 01802752 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2017-06-29 20:55 - 2017-06-20 00:00 - 00986112 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2017-06-29 20:55 - 2017-06-19 23:59 - 02938880 _____ (Microsoft Corporation) C:\Windows\system32\InputService.dll
2017-06-29 20:55 - 2017-06-19 23:59 - 01674240 _____ (Microsoft Corporation) C:\Windows\system32\wpncore.dll
2017-06-29 20:55 - 2017-06-19 23:59 - 01357824 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2017-06-29 20:55 - 2017-06-19 23:59 - 00583160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CoreMessaging.dll
2017-06-29 20:55 - 2017-06-19 23:58 - 00625152 _____ (Microsoft Corporation) C:\Windows\system32\AudioEndpointBuilder.dll
2017-06-29 20:55 - 2017-06-19 23:56 - 00985600 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll
2017-06-29 20:55 - 2017-06-19 23:50 - 02957312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32kfull.sys
2017-06-29 20:55 - 2017-06-19 23:49 - 13839872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.dll
2017-06-29 20:55 - 2017-06-19 23:47 - 02199552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.Resources.dll
2017-06-29 20:55 - 2017-06-19 23:45 - 20505088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\edgehtml.dll
2017-06-29 20:55 - 2017-06-19 23:44 - 00362496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\daxexec.dll
2017-06-29 20:55 - 2017-06-19 23:43 - 06728192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll
2017-06-29 20:55 - 2017-06-19 23:43 - 00329728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webplatstorageserver.dll
2017-06-29 20:55 - 2017-06-19 23:43 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2017-06-29 20:55 - 2017-06-19 23:43 - 00080384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2017-06-29 20:55 - 2017-06-19 23:42 - 19336192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2017-06-29 20:55 - 2017-06-19 23:42 - 00338432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2017-06-29 20:55 - 2017-06-19 23:42 - 00266240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2017-06-29 20:55 - 2017-06-19 23:40 - 00636416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WpcWebFilter.dll
2017-06-29 20:55 - 2017-06-19 23:40 - 00368128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InstallAgentUserBroker.exe
2017-06-29 20:55 - 2017-06-19 23:40 - 00356864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ActivationManager.dll
2017-06-29 20:55 - 2017-06-19 23:39 - 00969728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Unistore.dll
2017-06-29 20:55 - 2017-06-19 23:38 - 01285120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dbghelp.dll
2017-06-29 20:55 - 2017-06-19 23:38 - 00663040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2017-06-29 20:55 - 2017-06-19 23:38 - 00329728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InstallAgent.exe
2017-06-29 20:55 - 2017-06-19 23:37 - 11870720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2017-06-29 20:55 - 2017-06-19 23:37 - 02859520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2017-06-29 20:55 - 2017-06-19 23:37 - 02008576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2017-06-29 20:55 - 2017-06-19 23:36 - 06291456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakra.dll
2017-06-29 20:55 - 2017-06-19 23:36 - 03667456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_47.dll
2017-06-29 20:55 - 2017-06-19 23:36 - 01248768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AzureSettingSyncProvider.dll
2017-06-29 20:55 - 2017-06-19 23:35 - 05225984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2017-06-29 20:55 - 2017-06-19 23:34 - 04559360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dbgeng.dll
2017-06-29 20:55 - 2017-06-19 23:34 - 04056576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFMediaEngine.dll
2017-06-29 20:55 - 2017-06-19 23:34 - 02750464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CertEnroll.dll
2017-06-29 20:55 - 2017-06-19 23:34 - 02298368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmcore.dll
2017-06-29 20:55 - 2017-06-19 23:34 - 02211328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InputService.dll
2017-06-29 20:55 - 2017-06-19 23:34 - 01626624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2017-06-29 20:55 - 2017-06-19 23:34 - 01492480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Bluetooth.dll
2017-06-29 20:55 - 2017-06-19 23:30 - 00089088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\olepro32.dll
2017-06-29 20:54 - 2017-06-20 01:18 - 00821664 _____ (Microsoft Corporation) C:\Windows\system32\hvloader.exe
2017-06-29 20:54 - 2017-06-20 01:18 - 00096672 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2017-06-29 20:54 - 2017-06-20 01:17 - 00629152 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2017-06-29 20:54 - 2017-06-20 01:17 - 00544160 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2017-06-29 20:54 - 2017-06-20 01:17 - 00334240 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2017-06-29 20:54 - 2017-06-20 01:17 - 00136096 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2017-06-29 20:54 - 2017-06-20 01:17 - 00034720 _____ (Microsoft Corporation) C:\Windows\system32\DeviceCensus.exe
2017-06-29 20:54 - 2017-06-20 01:16 - 00335776 _____ (Microsoft Corporation) C:\Windows\system32\dcntel.dll
2017-06-29 20:54 - 2017-06-20 01:15 - 00965024 _____ (Microsoft Corporation) C:\Windows\system32\hvloader.efi
2017-06-29 20:54 - 2017-06-20 01:15 - 00233376 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2017-06-29 20:54 - 2017-06-20 01:14 - 01065104 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2017-06-29 20:54 - 2017-06-20 01:14 - 00899824 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2017-06-29 20:54 - 2017-06-20 01:11 - 01395152 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2017-06-29 20:54 - 2017-06-20 01:11 - 01186472 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2017-06-29 20:54 - 2017-06-20 01:10 - 02327456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2017-06-29 20:54 - 2017-06-20 01:10 - 01930320 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2017-06-29 20:54 - 2017-06-20 01:10 - 00119392 _____ (Microsoft Corporation) C:\Windows\system32\dmcmnutils.dll
2017-06-29 20:54 - 2017-06-20 01:08 - 01242528 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2017-06-29 20:54 - 2017-06-20 01:06 - 01017760 _____ (Microsoft Corporation) C:\Windows\system32\SecConfig.efi
2017-06-29 20:54 - 2017-06-20 01:06 - 00279968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2017-06-29 20:54 - 2017-06-20 01:05 - 01057832 _____ (Microsoft Corporation) C:\Windows\system32\MrmCoreR.dll
2017-06-29 20:54 - 2017-06-20 01:04 - 00472728 _____ (Microsoft Corporation) C:\Windows\system32\policymanager.dll
2017-06-29 20:54 - 2017-06-20 01:03 - 00820128 _____ (Microsoft Corporation) C:\Windows\system32\WWAHost.exe
2017-06-29 20:54 - 2017-06-20 01:03 - 00179608 _____ (Microsoft Corporation) C:\Windows\system32\CloudExperienceHostUser.dll
2017-06-29 20:54 - 2017-06-20 01:03 - 00102312 _____ (Microsoft Corporation) C:\Windows\system32\CredentialUIBroker.exe
2017-06-29 20:54 - 2017-06-20 01:02 - 00426912 _____ (Microsoft Corporation) C:\Windows\system32\CloudExperienceHostCommon.dll
2017-06-29 20:54 - 2017-06-20 01:01 - 00553888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBHUB3.SYS
2017-06-29 20:54 - 2017-06-20 00:59 - 00583304 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2017-06-29 20:54 - 2017-06-20 00:59 - 00467504 _____ (Microsoft Corporation) C:\Windows\system32\MFCaptureEngine.dll
2017-06-29 20:54 - 2017-06-20 00:59 - 00094624 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2017-06-29 20:54 - 2017-06-20 00:58 - 01337344 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2017-06-29 20:54 - 2017-06-20 00:58 - 00833160 _____ (Microsoft Corporation) C:\Windows\system32\EditionUpgradeManagerObj.dll
2017-06-29 20:54 - 2017-06-20 00:58 - 00203168 _____ (Microsoft Corporation) C:\Windows\system32\CloudExperienceHostBroker.dll
2017-06-29 20:54 - 2017-06-20 00:57 - 00204192 _____ (Microsoft Corporation) C:\Windows\system32\basecsp.dll
2017-06-29 20:54 - 2017-06-20 00:34 - 00192416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aepic.dll
2017-06-29 20:54 - 2017-06-20 00:16 - 00970752 _____ (Microsoft Corporation) C:\Windows\system32\msctfuimanager.dll
2017-06-29 20:54 - 2017-06-20 00:16 - 00417280 _____ (Microsoft Corporation) C:\Windows\system32\oleacc.dll
2017-06-29 20:54 - 2017-06-20 00:15 - 01620368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2017-06-29 20:54 - 2017-06-20 00:15 - 00096136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dmcmnutils.dll
2017-06-29 20:54 - 2017-06-20 00:14 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mskssrv.sys
2017-06-29 20:54 - 2017-06-20 00:13 - 00787712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2017-06-29 20:54 - 2017-06-20 00:13 - 00216064 _____ (Microsoft Corporation) C:\Windows\system32\Microsoft.Bluetooth.Profiles.Gatt.Interface.dll
2017-06-29 20:54 - 2017-06-20 00:13 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\wwanprotdim.dll
2017-06-29 20:54 - 2017-06-20 00:13 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\WFDSConMgr.dll
2017-06-29 20:54 - 2017-06-20 00:13 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\WinBioDataModelOOBE.exe
2017-06-29 20:54 - 2017-06-20 00:12 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\DolbyMATEnc.dll
2017-06-29 20:54 - 2017-06-20 00:12 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\Windows.System.Profile.RetailInfo.dll
2017-06-29 20:54 - 2017-06-20 00:12 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bridge.sys
2017-06-29 20:54 - 2017-06-20 00:12 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hdaudbus.sys
2017-06-29 20:54 - 2017-06-20 00:11 - 00200192 _____ (Microsoft Corporation) C:\Windows\system32\ScDeviceEnum.dll
2017-06-29 20:54 - 2017-06-20 00:10 - 00778240 _____ (Microsoft Corporation) C:\Windows\system32\DolbyHrtfEnc.dll
2017-06-29 20:54 - 2017-06-20 00:10 - 00189440 _____ (Microsoft Corporation) C:\Windows\system32\BluetoothApis.dll
2017-06-29 20:54 - 2017-06-20 00:10 - 00188928 _____ (Microsoft Corporation) C:\Windows\system32\wincredui.dll
2017-06-29 20:54 - 2017-06-20 00:09 - 00555008 _____ (Microsoft Corporation) C:\Windows\system32\WFDSConMgrSvc.dll
2017-06-29 20:54 - 2017-06-20 00:09 - 00551424 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Payments.dll
2017-06-29 20:54 - 2017-06-20 00:09 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Shell.BlueLightReduction.dll
2017-06-29 20:54 - 2017-06-20 00:09 - 00406032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\policymanager.dll
2017-06-29 20:54 - 2017-06-20 00:09 - 00357888 _____ (Microsoft Corporation) C:\Windows\system32\Narrator.exe
2017-06-29 20:54 - 2017-06-20 00:09 - 00250368 _____ (Microsoft Corporation) C:\Windows\system32\SCardSvr.dll
2017-06-29 20:54 - 2017-06-20 00:09 - 00208384 _____ (Microsoft Corporation) C:\Windows\system32\psmsrv.dll
2017-06-29 20:54 - 2017-06-20 00:09 - 00205312 _____ (Microsoft Corporation) C:\Windows\system32\ClipboardServer.dll
2017-06-29 20:54 - 2017-06-20 00:09 - 00189952 _____ (Microsoft Corporation) C:\Windows\system32\certprop.dll
2017-06-29 20:54 - 2017-06-20 00:09 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sendmail.dll
2017-06-29 20:54 - 2017-06-20 00:09 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\dataclen.dll
2017-06-29 20:54 - 2017-06-20 00:08 - 00791040 _____ (Microsoft Corporation) C:\Windows\system32\certca.dll
2017-06-29 20:54 - 2017-06-20 00:08 - 00365056 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_Notifications.dll
2017-06-29 20:54 - 2017-06-20 00:08 - 00328704 _____ (Microsoft Corporation) C:\Windows\system32\PsmServiceExtHost.dll
2017-06-29 20:54 - 2017-06-20 00:08 - 00327168 _____ (Microsoft Corporation) C:\Windows\system32\WinBioDataModel.dll
2017-06-29 20:54 - 2017-06-20 00:08 - 00251392 _____ (Microsoft Corporation) C:\Windows\system32\scksp.dll
2017-06-29 20:54 - 2017-06-20 00:07 - 02475136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2017-06-29 20:54 - 2017-06-20 00:07 - 00916992 _____ (Microsoft Corporation) C:\Windows\system32\bcastdvr.exe
2017-06-29 20:54 - 2017-06-20 00:07 - 00757248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdiWiFi.sys
2017-06-29 20:54 - 2017-06-20 00:07 - 00750496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WWAHost.exe
2017-06-29 20:54 - 2017-06-20 00:07 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Internal.Bluetooth.dll
2017-06-29 20:54 - 2017-06-20 00:07 - 00621056 _____ (Microsoft Corporation) C:\Windows\system32\SndVolSSO.dll
2017-06-29 20:54 - 2017-06-20 00:07 - 00346016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CloudExperienceHostCommon.dll
2017-06-29 20:54 - 2017-06-20 00:07 - 00138656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CloudExperienceHostUser.dll
2017-06-29 20:54 - 2017-06-20 00:07 - 00129192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2017-06-29 20:54 - 2017-06-20 00:06 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\wbiosrvc.dll
2017-06-29 20:54 - 2017-06-20 00:06 - 00455680 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2017-06-29 20:54 - 2017-06-20 00:06 - 00335872 _____ (Microsoft Corporation) C:\Windows\system32\CloudDomainJoinDataModelServer.dll
2017-06-29 20:54 - 2017-06-20 00:06 - 00278944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\thumbcache.dll
2017-06-29 20:54 - 2017-06-20 00:06 - 00253440 _____ (Microsoft Corporation) C:\Windows\system32\edputil.dll
2017-06-29 20:54 - 2017-06-20 00:06 - 00045056 _____ (Microsoft Corporation) C:\Windows\system32\TokenBrokerUI.dll
2017-06-29 20:54 - 2017-06-20 00:05 - 02873344 _____ (Microsoft Corporation) C:\Windows\system32\themeui.dll
2017-06-29 20:54 - 2017-06-20 00:05 - 00873472 _____ (Microsoft Corporation) C:\Windows\system32\rasmans.dll
2017-06-29 20:54 - 2017-06-20 00:05 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\mmsys.cpl
2017-06-29 20:54 - 2017-06-20 00:05 - 00438096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.dll
2017-06-29 20:54 - 2017-06-20 00:05 - 00364032 _____ (Microsoft Corporation) C:\Windows\system32\SearchProtocolHost.exe
2017-06-29 20:54 - 2017-06-20 00:04 - 01425920 _____ (Microsoft Corporation) C:\Windows\system32\certutil.exe
2017-06-29 20:54 - 2017-06-20 00:04 - 01178528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppxPackaging.dll
2017-06-29 20:54 - 2017-06-20 00:04 - 01077496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webservices.dll
2017-06-29 20:54 - 2017-06-20 00:04 - 00899072 _____ (Microsoft Corporation) C:\Windows\system32\SmartcardCredentialProvider.dll
2017-06-29 20:54 - 2017-06-20 00:04 - 00802816 _____ (Microsoft Corporation) C:\Windows\system32\wcmsvc.dll
2017-06-29 20:54 - 2017-06-20 00:04 - 00400896 _____ (Microsoft Corporation) C:\Windows\system32\RDXTaskFactory.dll
2017-06-29 20:54 - 2017-06-20 00:04 - 00178176 _____ (Microsoft Corporation) C:\Windows\system32\EditionUpgradeHelper.dll
2017-06-29 20:54 - 2017-06-20 00:04 - 00049656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msasn1.dll
2017-06-29 20:54 - 2017-06-20 00:03 - 00864240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2017-06-29 20:54 - 2017-06-20 00:03 - 00443728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFCaptureEngine.dll
2017-06-29 20:54 - 2017-06-20 00:02 - 01194696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2017-06-29 20:54 - 2017-06-20 00:02 - 00081920 _____ (Microsoft Corporation) C:\Windows\system32\CloudDomainJoinAUG.dll
2017-06-29 20:54 - 2017-06-20 00:01 - 01713664 _____ (Microsoft Corporation) C:\Windows\system32\ActiveSyncProvider.dll
2017-06-29 20:54 - 2017-06-20 00:01 - 00809984 _____ (Microsoft Corporation) C:\Windows\system32\rasapi32.dll
2017-06-29 20:54 - 2017-06-20 00:01 - 00397312 _____ (Microsoft Corporation) C:\Windows\system32\rascustom.dll
2017-06-29 20:54 - 2017-06-20 00:01 - 00176032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\basecsp.dll
2017-06-29 20:54 - 2017-06-20 00:00 - 03139584 _____ (Microsoft Corporation) C:\Windows\system32\msftedit.dll
2017-06-29 20:54 - 2017-06-20 00:00 - 00406528 _____ (Microsoft Corporation) C:\Windows\system32\wuuhext.dll
2017-06-29 20:54 - 2017-06-19 23:57 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\omadmclient.exe
2017-06-29 20:54 - 2017-06-19 23:57 - 00138752 _____ (Microsoft Corporation) C:\Windows\system32\DMPushRouterCore.dll
2017-06-29 20:54 - 2017-06-19 23:56 - 00600064 _____ (Microsoft Corporation) C:\Windows\system32\FrameServer.dll
2017-06-29 20:54 - 2017-06-19 23:56 - 00430080 _____ (Microsoft Corporation) C:\Windows\system32\PlayToDevice.dll
2017-06-29 20:54 - 2017-06-19 23:56 - 00241152 _____ (Microsoft Corporation) C:\Windows\system32\wdmaud.drv
2017-06-29 20:54 - 2017-06-19 23:54 - 00059392 _____ (Microsoft Corporation) C:\Windows\system32\DmApiSetExtImplDesktop.dll
2017-06-29 20:54 - 2017-06-19 23:49 - 00899072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctfuimanager.dll
2017-06-29 20:54 - 2017-06-19 23:49 - 00331776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleacc.dll
2017-06-29 20:54 - 2017-06-19 23:46 - 00132096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Microsoft.Bluetooth.Profiles.Gatt.Interface.dll
2017-06-29 20:54 - 2017-06-19 23:45 - 00111104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.System.Profile.RetailInfo.dll
2017-06-29 20:54 - 2017-06-19 23:45 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2017-06-29 20:54 - 2017-06-19 23:43 - 00173568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ClipboardServer.dll
2017-06-29 20:54 - 2017-06-19 23:43 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wincredui.dll
2017-06-29 20:54 - 2017-06-19 23:43 - 00139776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\BluetoothApis.dll
2017-06-29 20:54 - 2017-06-19 23:43 - 00052224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dataclen.dll
2017-06-29 20:54 - 2017-06-19 23:42 - 00641024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certca.dll
2017-06-29 20:54 - 2017-06-19 23:42 - 00387584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Payments.dll
2017-06-29 20:54 - 2017-06-19 23:42 - 00226304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scksp.dll
2017-06-29 20:54 - 2017-06-19 23:42 - 00121856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sendmail.dll
2017-06-29 20:54 - 2017-06-19 23:41 - 00734208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcastdvr.exe
2017-06-29 20:54 - 2017-06-19 23:41 - 00646656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MbaeApi.dll
2017-06-29 20:54 - 2017-06-19 23:41 - 00601088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SndVolSSO.dll
2017-06-29 20:54 - 2017-06-19 23:41 - 00433152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Internal.Bluetooth.dll
2017-06-29 20:54 - 2017-06-19 23:41 - 00241152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecsExt.dll
2017-06-29 20:54 - 2017-06-19 23:41 - 00201216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credprovhost.dll
2017-06-29 20:54 - 2017-06-19 23:40 - 00342016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2017-06-29 20:54 - 2017-06-19 23:40 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AboveLockAppHost.dll
2017-06-29 20:54 - 2017-06-19 23:40 - 00230912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\edputil.dll
2017-06-29 20:54 - 2017-06-19 23:40 - 00038400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TokenBrokerUI.dll
2017-06-29 20:54 - 2017-06-19 23:39 - 02814464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\themeui.dll
2017-06-29 20:54 - 2017-06-19 23:39 - 00646144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mmsys.cpl
2017-06-29 20:54 - 2017-06-19 23:39 - 00471040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\VAN.dll
2017-06-29 20:54 - 2017-06-19 23:39 - 00312320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe
2017-06-29 20:54 - 2017-06-19 23:38 - 01171968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certutil.exe
2017-06-29 20:54 - 2017-06-19 23:38 - 00648192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SmartcardCredentialProvider.dll
2017-06-29 20:54 - 2017-06-19 23:36 - 07596544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2017-06-29 20:54 - 2017-06-19 23:36 - 01494528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ActiveSyncProvider.dll
2017-06-29 20:54 - 2017-06-19 23:36 - 00787456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2017-06-29 20:54 - 2017-06-19 23:35 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cldapi.dll
2017-06-29 20:54 - 2017-06-19 23:34 - 02782720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msftedit.dll
2017-06-29 20:54 - 2017-06-19 23:34 - 00760832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rasapi32.dll
2017-06-29 20:54 - 2017-06-19 23:31 - 00334848 _____ (Microsoft Corporation)
 
C:\Windows\SysWOW64\PlayToDevice.dll
2017-06-29 20:54 - 2017-06-19 23:30 - 00209920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdmaud.drv
2017-06-29 20:54 - 2017-06-19 23:30 - 00157696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2017-06-29 20:54 - 2017-06-19 23:28 - 00584192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apphelp.dll
2017-06-29 20:00 - 2017-06-29 22:04 - 00000214 _____ C:\Windows\Tasks\CreateExplorerShellUnelevatedTask.job
2017-06-29 19:59 - 2017-06-29 19:59 - 00000000 ____D C:\Windows\pss
2017-06-29 19:18 - 2017-06-29 21:07 - 00000000 ____D C:\Users\Christopher\AppData\Local\ntuserlitelist
2017-06-29 19:18 - 2017-06-29 19:18 - 00000000 ____D C:\Users\Christopher\AppData\Roaming\c
2017-06-29 19:18 - 2017-06-29 19:18 - 00000000 ____D C:\Users\Christopher\AppData\Local\lqylpia
2017-06-29 19:18 - 2017-06-29 19:18 - 00000000 ____D C:\Users\Christopher\AppData\Local\hixbhys
2017-06-29 19:16 - 2017-06-30 15:59 - 00000000 ____D C:\Program Files (x86)\KMSPico
2017-06-29 09:01 - 2017-06-29 09:01 - 00000000 ____D C:\Program Files (x86)\VulkanRT
2017-06-29 09:01 - 2017-06-07 18:55 - 06467008 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2017-06-29 09:01 - 2017-06-07 18:55 - 02479552 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2017-06-29 09:01 - 2017-06-07 18:55 - 01762936 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2017-06-29 09:01 - 2017-06-07 18:55 - 00549312 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshext.dll
2017-06-29 09:01 - 2017-06-07 18:55 - 00392312 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2017-06-29 09:01 - 2017-06-07 18:55 - 00082040 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshextr.dll
2017-06-29 09:01 - 2017-06-07 18:55 - 00069568 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2017-06-29 09:01 - 2017-06-07 07:42 - 08075477 _____ C:\Windows\system32\nvcoproc.bin
2017-06-29 09:01 - 2017-03-10 16:17 - 00536864 _____ C:\Windows\system32\vulkan-1.dll
2017-06-29 09:01 - 2017-03-10 16:17 - 00525600 _____ C:\Windows\SysWOW64\vulkan-1.dll
2017-06-29 09:01 - 2017-03-10 16:17 - 00254240 _____ C:\Windows\system32\vulkaninfo.exe
2017-06-29 09:01 - 2017-03-10 16:17 - 00233760 _____ C:\Windows\SysWOW64\vulkaninfo.exe
2017-06-29 09:00 - 2017-06-07 19:01 - 00001951 _____ C:\Windows\NvContainerRecovery.bat
2017-06-29 08:59 - 2017-06-07 20:45 - 40201664 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2017-06-29 08:59 - 2017-06-07 20:45 - 35390584 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2017-06-29 08:59 - 2017-06-07 20:45 - 35281344 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2017-06-29 08:59 - 2017-06-07 20:45 - 28624320 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2017-06-29 08:59 - 2017-06-07 20:45 - 11056272 _____ (NVIDIA Corporation) C:\Windows\system32\nvptxJitCompiler.dll
2017-06-29 08:59 - 2017-06-07 20:45 - 11028664 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2017-06-29 08:59 - 2017-06-07 20:45 - 10551256 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2017-06-29 08:59 - 2017-06-07 20:45 - 09248144 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2017-06-29 08:59 - 2017-06-07 20:45 - 09014976 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvptxJitCompiler.dll
2017-06-29 08:59 - 2017-06-07 20:45 - 08808488 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2017-06-29 08:59 - 2017-06-07 20:45 - 04115112 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2017-06-29 08:59 - 2017-06-07 20:45 - 03796928 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2017-06-29 08:59 - 2017-06-07 20:45 - 03625992 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2017-06-29 08:59 - 2017-06-07 20:45 - 03256440 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2017-06-29 08:59 - 2017-06-07 20:45 - 01988216 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6438253.dll
2017-06-29 08:59 - 2017-06-07 20:45 - 01606776 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6438253.dll
2017-06-29 08:59 - 2017-06-07 20:45 - 01278712 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncMFTH264.dll
2017-06-29 08:59 - 2017-06-07 20:45 - 01056888 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2017-06-29 08:59 - 2017-06-07 20:45 - 00995736 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncMFTH264.dll
2017-06-29 08:59 - 2017-06-07 20:45 - 00994240 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2017-06-29 08:59 - 2017-06-07 20:45 - 00964216 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2017-06-29 08:59 - 2017-06-07 20:45 - 00914880 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2017-06-29 08:59 - 2017-06-07 20:45 - 00775864 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2017-06-29 08:59 - 2017-06-07 20:45 - 00725112 _____ (NVIDIA Corporation) C:\Windows\system32\nvDecMFTMjpeg.dll
2017-06-29 08:59 - 2017-06-07 20:45 - 00688784 _____ (NVIDIA Corporation) C:\Windows\system32\nvfatbinaryLoader.dll
2017-06-29 08:59 - 2017-06-07 20:45 - 00618928 _____ (NVIDIA Corporation) C:\Windows\system32\nvmcumd.dll
2017-06-29 08:59 - 2017-06-07 20:45 - 00612088 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2017-06-29 08:59 - 2017-06-07 20:45 - 00609728 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2017-06-29 08:59 - 2017-06-07 20:45 - 00584128 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvDecMFTMjpeg.dll
2017-06-29 08:59 - 2017-06-07 20:45 - 00577728 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvfatbinaryLoader.dll
2017-06-29 08:59 - 2017-06-07 20:45 - 00499320 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2017-06-29 08:59 - 2017-06-07 20:45 - 00057792 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvhci.sys
2017-06-29 08:59 - 2017-06-07 20:45 - 00045163 _____ C:\Windows\system32\nvinfo.pb
2017-06-29 08:59 - 2017-06-07 20:45 - 00000669 _____ C:\Windows\SysWOW64\nv-vk32.json
2017-06-29 08:59 - 2017-06-07 20:45 - 00000669 _____ C:\Windows\system32\nv-vk64.json
2017-06-29 08:47 - 2015-07-14 20:57 - 00887552 _____ (Realtek ) C:\Windows\system32\Drivers\rt640x64.sys
2017-06-29 08:47 - 2015-07-14 20:57 - 00082544 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RtNicProp64.dll
2017-06-29 08:44 - 2017-06-29 08:44 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2017-06-29 08:42 - 2017-06-29 08:42 - 00001769 _____ C:\Windows\Language_trs.ini
2017-06-29 08:12 - 2017-06-21 02:07 - 00179320 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll
2017-06-29 08:12 - 2017-06-21 02:07 - 00146552 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2017-06-29 05:56 - 2017-06-29 05:56 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_ASMBSW_01_11_00.Wdf
2017-06-29 05:55 - 2017-06-29 05:55 - 00000000 ____H C:\ProgramData\DP45977C.lfl
2017-06-29 05:55 - 2017-06-29 05:55 - 00000000 ____D C:\Windows\system32\DAX2
2017-06-29 05:55 - 2017-06-29 05:55 - 00000000 ____D C:\Program Files\ASUS
2017-06-29 05:55 - 2017-06-29 05:55 - 00000000 ____D C:\Program Files (x86)\ASUS
2017-06-29 05:55 - 2013-07-03 20:32 - 00028672 _____ (ASUSTek Computer Inc.) C:\Windows\SysWOW64\AsIO.dll
2017-06-29 05:55 - 2013-07-03 20:32 - 00015232 _____ C:\Windows\SysWOW64\Drivers\AsIO.sys
2017-06-26 13:55 - 2017-06-26 14:32 - 00000000 ____D C:\ProgramData\TEMP
2017-06-26 13:55 - 2017-06-26 13:55 - 00000000 ____D C:\Users\Christopher\AppData\Roaming\Product_NU16
2017-06-26 13:55 - 2017-06-26 13:55 - 00000000 ____D C:\ProgramData\Symantec
2017-06-26 13:43 - 2017-06-26 16:55 - 00000590 ____H C:\Windows\Tasks\Norton Product InstallerIdle.job
2017-06-26 13:43 - 2017-06-26 13:43 - 00003246 _____ C:\Windows\System32\Tasks\Norton Product InstallerIdle
2017-06-23 18:55 - 2017-06-23 18:55 - 00027552 _____ (REALiX(tm)) C:\Windows\SysWOW64\Drivers\HWiNFO64A.SYS
2017-06-23 18:55 - 2017-06-23 18:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HWiNFO32
2017-06-23 18:55 - 2017-06-23 18:55 - 00000000 ____D C:\Program Files (x86)\HWiNFO32
2017-06-23 18:50 - 2017-06-23 18:50 - 00000000 ____D C:\Users\Christopher\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RivaTuner Statistics Server
2017-06-23 18:24 - 2017-06-23 18:50 - 00000000 ____D C:\Windows\SysWOW64\directx
2017-06-23 18:23 - 2017-07-02 20:08 - 00000000 ____D C:\Program Files (x86)\MSI Afterburner
2017-06-23 18:23 - 2017-06-23 18:23 - 00001159 _____ C:\Users\Christopher\Desktop\MSI Afterburner.lnk
2017-06-23 18:23 - 2017-06-23 18:23 - 00000000 ____D C:\Users\Christopher\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MSI Afterburner
2017-06-19 20:04 - 2017-06-19 20:04 - 00000222 _____ C:\Users\Christopher\Desktop\The Witcher 3 Wild Hunt.url
2017-06-19 16:18 - 2017-06-19 16:18 - 00000222 _____ C:\Users\Christopher\Desktop\Portal Stories Mel.url
2017-06-19 14:45 - 2017-06-19 14:45 - 00000222 _____ C:\Users\Christopher\Desktop\Far Cry 4.url
2017-06-19 14:45 - 2017-06-19 14:45 - 00000000 ____D C:\ProgramData\Codemasters
2017-06-16 03:06 - 2017-06-16 03:06 - 00109696 _____ (Razer Inc.) C:\Windows\system32\RzChromaSDK64.dll
2017-06-16 03:06 - 2017-06-16 03:06 - 00102016 _____ (Razer Inc.) C:\Windows\SysWOW64\RzChromaSDK.dll
2017-06-16 02:54 - 2017-06-16 02:54 - 00049288 _____ (Razer Inc.) C:\Windows\SysWOW64\RzAPIChromaSDK.dll
2017-06-16 00:16 - 2017-06-16 00:16 - 00000000 ____D C:\Users\Christopher\AppData\Roaming\NomNomGalaxy
2017-06-15 23:58 - 2017-06-15 23:58 - 00000000 ____D C:\Program Files (x86)\Microsoft XNA
2017-06-13 17:48 - 2017-06-13 17:48 - 00000000 ____D C:\Windows\PCHEALTH
2017-06-13 17:47 - 2017-06-03 05:15 - 01596600 _____ (Microsoft Corporation) C:\Windows\system32\gdi32full.dll
2017-06-13 17:47 - 2017-06-03 05:15 - 00750560 _____ (Microsoft Corporation) C:\Windows\system32\fontdrvhost.exe
2017-06-13 17:47 - 2017-06-03 05:15 - 00382368 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2017-06-13 17:47 - 2017-06-03 05:10 - 00130464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tm.sys
2017-06-13 17:47 - 2017-06-03 05:09 - 01003624 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll
2017-06-13 17:47 - 2017-06-03 05:07 - 00119712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2017-06-13 17:47 - 2017-06-03 05:00 - 00321376 _____ (Microsoft Corporation) C:\Windows\system32\capauthz.dll
2017-06-13 17:47 - 2017-06-03 05:00 - 00219040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tpm.sys
2017-06-13 17:47 - 2017-06-03 04:59 - 01409048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32full.dll
2017-06-13 17:47 - 2017-06-03 04:59 - 00626528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontdrvhost.exe
2017-06-13 17:47 - 2017-06-03 04:59 - 00311200 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2017-06-13 17:47 - 2017-06-03 04:59 - 00259400 _____ (Microsoft Corporation) C:\Windows\system32\MusNotifyIcon.exe
2017-06-13 17:47 - 2017-06-03 04:58 - 00660384 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2017-06-13 17:47 - 2017-06-03 04:58 - 00254176 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2017-06-13 17:47 - 2017-06-03 04:26 - 00266640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\capauthz.dll
2017-06-13 17:47 - 2017-06-03 04:23 - 00573856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll
2017-06-13 17:47 - 2017-06-03 04:14 - 00443392 _____ (Microsoft Corporation) C:\Windows\system32\PerceptionSimulationExtensions.dll
2017-06-13 17:47 - 2017-06-03 04:14 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\dwmredir.dll
2017-06-13 17:47 - 2017-06-03 04:14 - 00099328 _____ (Microsoft Corporation) C:\Windows\system32\utcutil.dll
2017-06-13 17:47 - 2017-06-03 04:14 - 00047104 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2017-06-13 17:47 - 2017-06-03 04:12 - 00119296 _____ (Microsoft Corporation) C:\Windows\system32\UserDataTimeUtil.dll
2017-06-13 17:47 - 2017-06-03 04:11 - 00128000 _____ (Microsoft Corporation) C:\Windows\system32\mssprxy.dll
2017-06-13 17:47 - 2017-06-03 04:11 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\musdialoghandlers.dll
2017-06-13 17:47 - 2017-06-03 04:11 - 00038912 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2017-06-13 17:47 - 2017-06-03 04:11 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\BasicRender.sys
2017-06-13 17:47 - 2017-06-03 04:11 - 00002560 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2017-06-13 17:47 - 2017-06-03 04:10 - 00102400 _____ (Microsoft Corporation) C:\Windows\system32\MusNotificationUx.exe
2017-06-13 17:47 - 2017-06-03 04:10 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\DeviceCredentialDeployment.exe
2017-06-13 17:47 - 2017-06-03 04:09 - 00271872 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Security.Authentication.Identity.Provider.dll
2017-06-13 17:47 - 2017-06-03 04:09 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\devicengccredprov.dll
2017-06-13 17:47 - 2017-06-03 04:09 - 00094720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UserDataTimeUtil.dll
2017-06-13 17:47 - 2017-06-03 04:07 - 00778240 _____ C:\Windows\system32\MBR2GPT.EXE
2017-06-13 17:47 - 2017-06-03 04:07 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\bcdboot.exe
2017-06-13 17:47 - 2017-06-03 04:07 - 00002560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2017-06-13 17:47 - 2017-06-03 04:06 - 00551936 _____ (Microsoft Corporation) C:\Windows\system32\TpmCoreProvisioning.dll
2017-06-13 17:47 - 2017-06-03 04:05 - 07336448 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Data.Pdf.dll
2017-06-13 17:47 - 2017-06-03 04:05 - 00198656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Security.Authentication.Identity.Provider.dll
2017-06-13 17:47 - 2017-06-03 04:05 - 00169984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\devicengccredprov.dll
2017-06-13 17:47 - 2017-06-03 04:04 - 00805888 _____ (Microsoft Corporation) C:\Windows\system32\ieproxy.dll
2017-06-13 17:47 - 2017-06-03 04:03 - 00467456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TpmCoreProvisioning.dll
2017-06-13 17:47 - 2017-06-03 04:01 - 06726656 _____ (Microsoft Corporation) C:\Windows\system32\mspaint.exe
2017-06-13 17:47 - 2017-06-03 04:00 - 00933376 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe
2017-06-13 17:47 - 2017-06-03 04:00 - 00358400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieproxy.dll
2017-06-13 17:47 - 2017-06-03 03:59 - 04730368 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2017-06-13 17:47 - 2017-06-03 03:59 - 02625024 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Logon.dll
2017-06-13 17:47 - 2017-06-03 03:59 - 02056192 _____ (Microsoft Corporation) C:\Windows\system32\win32kbase.sys
2017-06-13 17:47 - 2017-06-03 03:59 - 01293824 _____ (Microsoft Corporation) C:\Windows\system32\aadtb.dll
2017-06-13 17:47 - 2017-06-03 03:59 - 00975360 _____ (Microsoft Corporation) C:\Windows\HelpPane.exe
2017-06-13 17:47 - 2017-06-03 03:58 - 05961216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Data.Pdf.dll
2017-06-13 17:47 - 2017-06-03 03:58 - 02516480 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2017-06-13 17:47 - 2017-06-03 03:58 - 01888256 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2017-06-13 17:47 - 2017-06-03 03:58 - 01046016 _____ (Microsoft Corporation) C:\Windows\system32\ngcsvc.dll
2017-06-13 17:47 - 2017-06-03 03:58 - 00827392 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2017-06-13 17:47 - 2017-06-03 03:57 - 06535168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mspaint.exe
2017-06-13 17:47 - 2017-06-03 03:57 - 02829824 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2017-06-13 17:47 - 2017-06-03 03:57 - 00797184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchIndexer.exe
2017-06-13 17:47 - 2017-06-03 03:55 - 03656192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2017-06-13 17:47 - 2017-06-03 03:55 - 01019904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aadtb.dll
2017-06-13 17:47 - 2017-06-03 03:54 - 02341376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2017-06-13 17:47 - 2017-06-03 03:51 - 00064512 _____ (Microsoft Corporation) C:\Windows\bfsvc.exe

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-07-11 12:51 - 2016-04-21 18:21 - 00000000 ____D C:\Users\Christopher\AppData\Local\LogMeIn Hamachi
2017-07-11 12:50 - 2016-06-21 19:38 - 00000000 ____D C:\FRST
2017-07-11 12:50 - 2015-10-22 20:48 - 00000000 ____D C:\Users\Christopher\AppData\Roaming\Skype
2017-07-11 12:49 - 2017-05-23 16:59 - 00000000 ____D C:\ProgramData\NVIDIA
2017-07-11 12:49 - 2015-08-12 19:19 - 00000000 ___RD C:\Users\Christopher\Google Drive
2017-07-11 12:49 - 2015-06-20 22:58 - 00000000 ____D C:\Program Files (x86)\Steam
2017-07-11 12:49 - 2015-06-20 22:46 - 00000000 __RDO C:\Users\Christopher\OneDrive
2017-07-11 12:48 - 2017-05-23 17:05 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2017-07-11 12:48 - 2017-05-23 17:00 - 00000000 ____D C:\Users\Christopher
2017-07-11 12:48 - 2017-05-23 16:59 - 00000180 _____ C:\Windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2017-07-11 12:43 - 2017-05-23 16:58 - 00000000 ____D C:\Windows\system32\SleepStudy
2017-07-11 12:28 - 2017-06-07 13:43 - 00000000 ____D C:\ProgramData\AVAST Software
2017-07-11 09:48 - 2015-08-18 21:10 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2017-07-11 09:44 - 2017-05-23 17:05 - 00004572 _____ C:\Windows\System32\Tasks\Adobe Flash Player PPAPI Notifier
2017-07-11 09:44 - 2017-03-18 16:03 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2017-07-11 09:44 - 2017-03-18 16:03 - 00000000 ____D C:\Windows\system32\Macromed
2017-07-10 23:58 - 2017-03-18 16:03 - 00000000 ___HD C:\Program Files\WindowsApps
2017-07-10 23:58 - 2017-03-18 16:03 - 00000000 ____D C:\Windows\AppReadiness
2017-07-10 22:32 - 2016-11-17 20:21 - 00000000 ____D C:\Users\Christopher\AppData\LocalLow\Mozilla
2017-07-10 22:00 - 2015-06-20 22:48 - 00000000 ____D C:\Users\Christopher\AppData\Local\Google
2017-07-10 13:26 - 2017-05-23 17:08 - 01881200 _____ C:\Windows\system32\PerfStringBackup.INI
2017-07-10 13:26 - 2016-09-27 06:33 - 00000000 ____D C:\Users\Default\AppData\Local\LogMeIn Hamachi
2017-07-10 13:26 - 2016-09-27 06:33 - 00000000 ____D C:\Users\Default User\AppData\Local\LogMeIn Hamachi
2017-07-10 13:23 - 2017-06-05 02:23 - 00000169 _____ C:\Users\Christopher\BullseyeCoverageError.txt
2017-07-10 13:23 - 2017-06-05 02:22 - 00000153 _____ C:\Users\Default\BullseyeCoverageError.txt
2017-07-10 13:23 - 2016-04-21 18:20 - 00000995 _____ C:\Users\Public\Desktop\LogMeIn Hamachi.lnk
2017-07-10 13:20 - 2017-03-18 06:40 - 01048576 _____ C:\Windows\system32\config\BBI
2017-07-09 09:58 - 2016-05-03 18:57 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2017-07-09 00:01 - 2015-11-25 13:54 - 00000000 ____D C:\Users\Christopher\AppData\Local\CrashDumps
2017-07-08 00:32 - 2015-09-02 17:31 - 00000000 ____D C:\Users\Christopher\AppData\Local\Battle.net
2017-07-07 23:32 - 2015-09-02 17:31 - 00000000 ____D C:\Program Files (x86)\Battle.net
2017-07-07 23:15 - 2017-03-18 16:01 - 00000000 ____D C:\Windows\INF
2017-07-04 13:23 - 2015-12-11 20:30 - 00000000 ____D C:\Users\Christopher\AppData\Roaming\uTorrent
2017-07-04 13:00 - 2015-07-01 18:23 - 00000000 ____D C:\Users\Christopher\AppData\Roaming\vlc
2017-07-04 11:27 - 2017-02-14 21:15 - 00001040 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 12.lnk
2017-07-04 11:27 - 2017-02-14 21:15 - 00001028 _____ C:\Users\Public\Desktop\TeamViewer 12.lnk
2017-07-03 23:41 - 2015-08-01 10:08 - 00000000 ____D C:\Users\Christopher\AppData\Local\ElevatedDiagnostics
2017-07-03 23:40 - 2017-03-18 16:03 - 00000000 ____D C:\Windows\system32\NDF
2017-07-03 23:34 - 2017-05-23 16:16 - 00000000 ___DC C:\Windows\Panther
2017-07-03 21:39 - 2017-03-18 16:03 - 00000000 ____D C:\Windows\rescache
2017-07-03 13:54 - 2015-06-20 22:44 - 00000000 ____D C:\Users\Christopher\AppData\Local\Packages
2017-07-03 13:53 - 2017-03-18 16:03 - 00000000 ____D C:\Windows\SystemApps
2017-07-03 13:53 - 2017-03-18 16:03 - 00000000 ____D C:\Windows\security
2017-07-03 13:53 - 2017-03-18 16:03 - 00000000 ____D C:\Windows\schemas
2017-07-03 13:53 - 2017-03-18 16:03 - 00000000 ____D C:\Windows\PolicyDefinitions
2017-07-03 13:53 - 2017-03-18 16:03 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2017-07-03 13:50 - 2017-05-23 16:59 - 00027136 _____ (Khronos Group) C:\Windows\SysWOW64\opencl.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 02376096 _____ (Microsoft Corporation) C:\Windows\system32\Microsoft.Uev.AppAgent.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 02228128 _____ (Microsoft Corporation) C:\Windows\system32\AppVEntSubsystems64.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 02194944 _____ (Microsoft Corporation) C:\Windows\system32\Microsoft.Uev.ModernAppAgent.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 01955328 _____ (Microsoft Corporation) C:\Windows\system32\PeerDistSvc.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 01839520 _____ (Microsoft Corporation) C:\Windows\system32\AppVEntVirtualization.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 01693600 _____ (Microsoft Corporation) C:\Windows\system32\AppVIntegration.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 01624480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Microsoft.Uev.AppAgent.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 01516448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppVEntSubsystems32.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 01452960 _____ (Microsoft Corporation) C:\Windows\system32\AppVEntSubsystemController.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 01317888 _____ (Microsoft Corporation) C:\Windows\system32\srmclient.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 01200640 _____ (Microsoft Corporation) C:\Windows\system32\AgentService.exe
2017-07-03 13:50 - 2017-03-18 15:59 - 01197056 _____ (Microsoft Corporation) C:\Windows\system32\Microsoft.Uev.CommonBridge.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 01141760 _____ (Microsoft Corporation) C:\Windows\system32\ApplySettingsTemplateCatalog.exe
2017-07-03 13:50 - 2017-03-18 15:59 - 01100704 _____ (Microsoft Corporation) C:\Windows\system32\AppVPolicy.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00992672 _____ (Microsoft Corporation) C:\Windows\system32\AppVManifest.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00912896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srmclient.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00846752 _____ (Microsoft Corporation) C:\Windows\system32\AppVClient.exe
2017-07-03 13:50 - 2017-03-18 15:59 - 00844704 _____ (Microsoft Corporation) C:\Windows\system32\AppVEntStreamingManager.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00844192 _____ (Microsoft Corporation) C:\Windows\system32\AppVOrchestration.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00804864 _____ (Microsoft Corporation) C:\Windows\system32\fvewiz.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00800256 _____ (Microsoft Corporation) C:\Windows\system32\pmcsnap.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00793600 _____ (Microsoft Corporation) C:\Windows\system32\pwcreator.exe
2017-07-03 13:50 - 2017-03-18 15:59 - 00785920 _____ (Microsoft Corporation) C:\Windows\system32\cscui.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00774560 _____ (Microsoft Corporation) C:\Windows\system32\AppVReporting.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00751616 _____ (Microsoft Corporation) C:\Windows\system32\Microsoft.Uev.PrinterCustomActions.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\Microsoft.Uev.Office2013CustomActions.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00725504 _____ (Microsoft Corporation) C:\Windows\system32\cscsvc.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\PeerDistCacheProvider.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00699296 _____ (Microsoft Corporation) C:\Windows\system32\AppVCatalog.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00672672 _____ (Microsoft Corporation) C:\Windows\system32\AppVPublishing.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00664576 _____ (Microsoft Corporation) C:\Windows\system32\gpprefcl.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00662016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvgogl32.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00637440 _____ (Microsoft Corporation) C:\Windows\system32\srmscan.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00559104 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\csc.sys
2017-07-03 13:50 - 2017-03-18 15:59 - 00556032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gpprefcl.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00548864 _____ (Microsoft Corporation) C:\Windows\system32\AdmTmpl.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00546304 _____ (Microsoft Corporation) C:\Windows\system32\scrptadm.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00506784 _____ (Microsoft Corporation) C:\Windows\system32\TransportDSA.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00498688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Microsoft.Uev.Office2013CustomActions.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00473088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrptadm.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00457216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srmscan.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00448000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AdmTmpl.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00448000 _____ (Microsoft Corporation) C:\Windows\system32\appmgr.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00416256 _____ (Microsoft Corporation) C:\Windows\system32\PeerDistSh.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00413184 _____ (Microsoft Corporation) C:\Windows\system32\rdpshell.exe
2017-07-03 13:50 - 2017-03-18 15:59 - 00409600 _____ (Microsoft Corporation) C:\Windows\system32\AppIdPolicyEngineApi.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00407552 _____ (Microsoft Corporation) C:\Windows\system32\Microsoft.Uev.CscUnpinTool.exe
2017-07-03 13:50 - 2017-03-18 15:59 - 00399264 _____ (Microsoft Corporation) C:\Windows\system32\AppVScripting.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00364032 _____ (Microsoft Corporation) C:\Windows\system32\bdechangepin.exe
2017-07-03 13:50 - 2017-03-18 15:59 - 00363520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appmgr.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00345600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PeerDistSh.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\fvecpl.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00316416 _____ (Microsoft Corporation) C:\Windows\system32\rdpinit.exe
2017-07-03 13:50 - 2017-03-18 15:59 - 00312832 _____ (Microsoft Corporation) C:\Windows\system32\SrpUxNativeSnapIn.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00304640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SrpUxNativeSnapIn.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Microsoft.Uev.ConfigWrapper.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00289280 _____ (Microsoft Corporation) C:\Windows\system32\cscobj.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00287744 _____ (Microsoft Corporation) C:\Windows\system32\Microsoft.Uev.ManagedEventLogging.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00283136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppIdPolicyEngineApi.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00282112 _____ (Microsoft Corporation) C:\Windows\system32\ddputils.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00280064 _____ (Microsoft Corporation) C:\Windows\system32\srm.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srm.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00275456 _____ (Microsoft Corporation) C:\Windows\system32\srmstormod.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00264608 _____ (Microsoft Corporation) C:\Windows\system32\AppVFileSystemMetadata.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00261632 _____ (Microsoft Corporation) C:\Windows\system32\ppcsnap.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00235424 _____ (Microsoft Corporation) C:\Windows\system32\AppVShNotify.exe
2017-07-03 13:50 - 2017-03-18 15:59 - 00232352 _____ (Microsoft Corporation) C:\Windows\system32\AppVStreamMap.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00230816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mssecflt.sys
2017-07-03 13:50 - 2017-03-18 15:59 - 00229888 _____ (Microsoft Corporation) C:\Windows\system32\ddpchunk.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00224256 _____ (Microsoft Corporation) C:\Windows\system32\appvetwsharedperformance.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00224256 _____ (Microsoft Corporation)
 
C:\Windows\system32\AppvClientEventLog.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\AuditNativeSnapIn.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00222720 _____ (Microsoft Corporation) C:\Windows\system32\PeerDist.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00222208 _____ (Microsoft Corporation) C:\Windows\system32\PresentationSettings.exe
2017-07-03 13:50 - 2017-03-18 15:59 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\PeerDistCleaner.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00220672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AuditNativeSnapIn.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00219136 _____ (Microsoft Corporation) C:\Windows\system32\tspubwmi.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00219136 _____ (Microsoft Corporation) C:\Windows\system32\tscfgwmi.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00212992 _____ (Microsoft Corporation) C:\Windows\system32\Microsoft.Uev.CmUtil.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00210432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscobj.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00203672 _____ (Microsoft Corporation) C:\Windows\system32\AppVStreamingUX.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00196096 _____ (Microsoft Corporation) C:\Windows\system32\appmgmts.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00189440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srmstormod.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00186272 _____ (Microsoft Corporation) C:\Windows\system32\AppVDllSurrogate.exe
2017-07-03 13:50 - 2017-03-18 15:59 - 00184224 _____ (Microsoft Corporation) C:\Windows\system32\mavinject.exe
2017-07-03 13:50 - 2017-03-18 15:59 - 00182784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvgocl32.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00182784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PeerDist.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00181760 _____ (Microsoft Corporation) C:\Windows\system32\tssrvlic.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00181760 _____ (Microsoft Corporation) C:\Windows\system32\PeerDistWSDDiscoProv.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00173984 _____ (Microsoft Corporation) C:\Windows\system32\AppVNice.exe
2017-07-03 13:50 - 2017-03-18 15:59 - 00170496 _____ (Microsoft Corporation) C:\Windows\system32\srmshell.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appmgmts.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00162816 _____ (Microsoft Corporation) C:\Windows\system32\fveprompt.exe
2017-07-03 13:50 - 2017-03-18 15:59 - 00161696 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\AppvVemgr.sys
2017-07-03 13:50 - 2017-03-18 15:59 - 00154112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvgu1132.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00149920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mavinject.exe
2017-07-03 13:50 - 2017-03-18 15:59 - 00147439 _____ C:\Windows\SysWOW64\gpedit.msc
2017-07-03 13:50 - 2017-03-18 15:59 - 00147439 _____ C:\Windows\system32\gpedit.msc
2017-07-03 13:50 - 2017-03-18 15:59 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\AppManagementConfiguration.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00146389 _____ C:\Windows\system32\printmanagement.msc
2017-07-03 13:50 - 2017-03-18 15:59 - 00145408 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Internal.Management.SecureAssessment.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00143776 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\AppvVfs.sys
2017-07-03 13:50 - 2017-03-18 15:59 - 00143264 _____ (Microsoft Corporation) C:\Windows\system32\CscMig.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00139264 ____R (Microsoft Corporation) C:\Windows\system32\SecureAssessmentHandlers.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ddptrace.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00135168 _____ (Microsoft Corporation) C:\Windows\system32\adrclient.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00133632 _____ (Microsoft Corporation) C:\Windows\system32\appvetwclientres.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00132608 _____ (Microsoft Corporation) C:\Windows\system32\BdeHdCfg.exe
2017-07-03 13:50 - 2017-03-18 15:59 - 00129024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppManagementConfiguration.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00127904 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\AppVStrm.sys
2017-07-03 13:50 - 2017-03-18 15:59 - 00124416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srmshell.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00120458 _____ C:\Windows\system32\secpol.msc
2017-07-03 13:50 - 2017-03-18 15:59 - 00119808 _____ (Microsoft Corporation) C:\Windows\system32\IoTAssignedAccessLockFramework.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00113152 _____ (Microsoft Corporation) C:\Windows\system32\baaupdate.exe
2017-07-03 13:50 - 2017-03-18 15:59 - 00106496 _____ C:\Windows\system32\RDVGHelper.exe
2017-07-03 13:50 - 2017-03-18 15:59 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\BdeHdCfgLib.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00102400 _____ (Microsoft Corporation) C:\Windows\system32\BitLockerWizardElev.exe
2017-07-03 13:50 - 2017-03-18 15:59 - 00102400 _____ (Microsoft Corporation) C:\Windows\system32\BitLockerWizard.exe
2017-07-03 13:50 - 2017-03-18 15:59 - 00099328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adrclient.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00097792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvgumd32.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00096256 ____R (Microsoft Corporation) C:\Windows\system32\Windows.Management.SecureAssessment.CfgProvider.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00096256 _____ (Microsoft Corporation) C:\Windows\system32\AssignedAccessCsp.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00095744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpolmsg.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\auditpolmsg.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00091136 _____ C:\Windows\system32\hvsigpext.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00090112 _____ C:\Windows\system32\hvsievaluator.exe
2017-07-03 13:50 - 2017-03-18 15:59 - 00090112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srmlib.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\srmlib.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00087552 _____ (Microsoft Corporation) C:\Windows\system32\EnterpriseAppVMgmtCSP.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\rdpsign.exe
2017-07-03 13:50 - 2017-03-18 15:59 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\srmtrace.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\PackageInspector.exe
2017-07-03 13:50 - 2017-03-18 15:59 - 00082944 _____ (Microsoft Corporation) C:\Windows\system32\Microsoft.Uev.SyncController.exe
2017-07-03 13:50 - 2017-03-18 15:59 - 00080384 _____ (Microsoft Corporation) C:\Windows\system32\dggpext.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00077216 _____ (Microsoft Corporation) C:\Windows\system32\SyncAppvPublishingServer.exe
2017-07-03 13:50 - 2017-03-18 15:59 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\mssecuser.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\AuditPolicyGPInterop.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00071680 _____ (Microsoft Corporation) C:\Windows\system32\PrintBrmUi.exe
2017-07-03 13:50 - 2017-03-18 15:59 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\Microsoft.Uev.Common.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\ddp_ps.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00064512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srmtrace.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00060928 _____ (Microsoft Corporation) C:\Windows\system32\LSCSHostPolicy.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00058368 _____ (Microsoft Corporation) C:\Windows\system32\Microsoft.Uev.ModernAppCore.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AuditPolicyGPInterop.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\UevAppMonitor.exe
2017-07-03 13:50 - 2017-03-18 15:59 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\PeerDistHttpTrans.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00054272 _____ (Microsoft Corporation) C:\Windows\system32\Microsoft.Uev.CabUtil.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\windowsdefenderapplicationguardcsp.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\gpscript.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\Microsoft.Uev.EventLogMessages.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00045568 _____ (Microsoft Corporation) C:\Windows\system32\Microsoft.Uev.Office2010CustomActions.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\gpscript.exe
2017-07-03 13:50 - 2017-03-18 15:59 - 00043566 _____ C:\Windows\SysWOW64\rsop.msc
2017-07-03 13:50 - 2017-03-18 15:59 - 00043566 _____ C:\Windows\system32\rsop.msc
2017-07-03 13:50 - 2017-03-18 15:59 - 00042400 _____ (Microsoft Corporation) C:\Windows\system32\EmbeddedAppLauncherConfig.exe
2017-07-03 13:50 - 2017-03-18 15:59 - 00041472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gpscript.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\PeerDistAD.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00041376 _____ (Microsoft Corporation) C:\Windows\system32\AppVClientPS.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00040960 _____ (Microsoft Corporation) C:\Windows\system32\UevAgentPolicyGenerator.exe
2017-07-03 13:50 - 2017-03-18 15:59 - 00040864 _____ (Microsoft Corporation) C:\Windows\system32\EmbeddedAppLauncherConfig.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00040344 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\UevAgentDriver.sys
2017-07-03 13:50 - 2017-03-18 15:59 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\CIWmi.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00037888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gpscript.exe
2017-07-03 13:50 - 2017-03-18 15:59 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\rfxvmt.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Microsoft.Uev.Office2010CustomActions.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rfxvmt.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00031744 _____ (Microsoft Corporation) C:\Windows\system32\srm_ps.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00030720 _____ C:\Windows\system32\LockdownUtil.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\qwinsta.exe
2017-07-03 13:50 - 2017-03-18 15:59 - 00027648 _____ (Microsoft Corporation) C:\Windows\system32\qprocess.exe
2017-07-03 13:50 - 2017-03-18 15:59 - 00027040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppVClientPS.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00026624 _____ (Microsoft Corporation) C:\Windows\system32\lstelemetry.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00026112 _____ (Microsoft Corporation) C:\Windows\system32\msg.exe
2017-07-03 13:50 - 2017-03-18 15:59 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Win32_DeviceGuard.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\quser.exe
2017-07-03 13:50 - 2017-03-18 15:59 - 00024992 _____ (Microsoft Corporation) C:\Windows\system32\embeddedapplauncher.exe
2017-07-03 13:50 - 2017-03-18 15:59 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\qappsrv.exe
2017-07-03 13:50 - 2017-03-18 15:59 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\chgport.exe
2017-07-03 13:50 - 2017-03-18 15:59 - 00024064 _____ (Microsoft Corporation) C:\Windows\system32\tskill.exe
2017-07-03 13:50 - 2017-03-18 15:59 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\tsdiscon.exe
2017-07-03 13:50 - 2017-03-18 15:59 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\tscon.exe
2017-07-03 13:50 - 2017-03-18 15:59 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\Microsoft.Uev.Management.WmiAccess.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00023040 _____ (Microsoft Corporation) C:\Windows\system32\rwinsta.exe
2017-07-03 13:50 - 2017-03-18 15:59 - 00023040 _____ (Microsoft Corporation) C:\Windows\system32\logoff.exe
2017-07-03 13:50 - 2017-03-18 15:59 - 00023040 _____ (Microsoft Corporation) C:\Windows\system32\chglogon.exe
2017-07-03 13:50 - 2017-03-18 15:59 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\chgusr.exe
2017-07-03 13:50 - 2017-03-18 15:59 - 00021920 _____ (Microsoft Corporation) C:\Windows\system32\ScriptRunner.exe
2017-07-03 13:50 - 2017-03-18 15:59 - 00021504 _____ (Microsoft Corporation) C:\Windows\system32\Microsoft.Uev.Management.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00020992 _____ (Microsoft Corporation) C:\Windows\system32\Microsoft.Uev.ModernAppData.WinRT.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00019872 _____ (Microsoft Corporation) C:\Windows\system32\AppVTerminator.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\Microsoft.Uev.SyncCommon.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00018432 _____ (Microsoft Corporation) C:\Windows\system32\Microsoft.Uev.Common.WinRT.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00018336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppVTerminator.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\Microsoft.Uev.LocalSyncProvider.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\reset.exe
2017-07-03 13:50 - 2017-03-18 15:59 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\change.exe
2017-07-03 13:50 - 2017-03-18 15:59 - 00016896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srm_ps.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00016896 _____ (Microsoft Corporation) C:\Windows\system32\query.exe
2017-07-03 13:50 - 2017-03-18 15:59 - 00015264 _____ (Microsoft Corporation) C:\Windows\system32\AppVSentinel.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\Microsoft.Uev.ModernSync.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\UevTemplateBaselineGenerator.exe
2017-07-03 13:50 - 2017-03-18 15:59 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\Microsoft.Uev.AgentDriverEvents.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\appvetwstreamingux.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00013728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppVSentinel.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\UevTemplateConfigItemGenerator.exe
2017-07-03 13:50 - 2017-03-18 15:59 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\TSErrRedir.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\BdeSysprep.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\Microsoft.Uev.SmbSyncProvider.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00008192 _____ (Microsoft Corporation) C:\Windows\system32\Microsoft.Uev.MonitorSyncProvider.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00007680 _____ (Microsoft Corporation) C:\Windows\system32\Microsoft.Uev.SyncConditions.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00006144 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Management.SecureAssessment.Diagnostics.dll
2017-07-03 13:50 - 2017-03-18 15:56 - 00125952 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tsusbhub.sys
2017-07-03 13:50 - 2017-03-18 15:51 - 00000000 ____D C:\Windows\CbsTemp
2017-07-03 01:08 - 2017-05-23 16:58 - 00442928 _____ C:\Windows\system32\FNTCACHE.DAT
2017-07-02 20:08 - 2016-10-09 08:34 - 00000000 ____D C:\Program Files (x86)\RivaTuner Statistics Server
2017-07-02 19:47 - 2016-05-10 18:18 - 00013848 _____ C:\Windows\system32\--traceoff
2017-07-02 19:46 - 2016-05-10 18:14 - 00000000 ____D C:\Users\Christopher\AppData\Roaming\Sony
2017-07-02 00:20 - 2015-10-24 21:40 - 00000000 ____D C:\Users\Christopher\AppData\Roaming\Audacity
2017-06-29 23:47 - 2015-10-09 16:29 - 00000000 ____D C:\ProgramData\Origin
2017-06-29 23:45 - 2016-04-23 22:02 - 00000000 ____D C:\Users\Christopher\AppData\Roaming\Opera Software
2017-06-29 23:45 - 2016-04-23 22:02 - 00000000 ____D C:\Users\Christopher\AppData\Local\Opera Software
2017-06-29 23:39 - 2015-10-09 16:31 - 00000000 ____D C:\Users\Christopher\AppData\Roaming\Origin
2017-06-29 23:30 - 2016-05-23 14:36 - 00000000 ____D C:\Users\Christopher\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Hammer & Chisel, Inc
2017-06-29 23:30 - 2016-05-23 14:36 - 00000000 ____D C:\Users\Christopher\AppData\Local\Discord
2017-06-29 23:22 - 2017-03-18 16:03 - 00000000 ___SD C:\Windows\SysWOW64\F12
2017-06-29 23:22 - 2017-03-18 16:03 - 00000000 ___SD C:\Windows\system32\F12
2017-06-29 23:22 - 2017-03-18 16:03 - 00000000 ___RD C:\Windows\ImmersiveControlPanel
2017-06-29 23:22 - 2017-03-18 16:03 - 00000000 ___RD C:\Program Files\Windows Defender
2017-06-29 23:22 - 2017-03-18 16:03 - 00000000 ____D C:\Windows\system32\oobe
2017-06-29 23:22 - 2017-03-18 16:03 - 00000000 ____D C:\Windows\system32\migwiz
2017-06-29 23:22 - 2017-03-18 16:03 - 00000000 ____D C:\Windows\system32\appraiser
2017-06-29 23:22 - 2017-03-18 16:03 - 00000000 ____D C:\Windows\ShellExperiences
2017-06-29 23:22 - 2017-03-18 16:03 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2017-06-29 23:22 - 2015-07-30 19:02 - 00000000 __RHD C:\Users\Public\AccountPictures
2017-06-29 21:59 - 2016-09-21 06:17 - 00000000 ____D C:\Program Files (x86)\Opera
2017-06-29 21:59 - 2015-06-20 22:48 - 00000000 ____D C:\Program Files (x86)\Google
2017-06-29 19:43 - 2015-09-29 18:59 - 00007602 _____ C:\Users\Christopher\AppData\Local\Resmon.ResmonCfg
2017-06-29 19:26 - 2017-05-07 13:02 - 00000000 ____D C:\Users\Christopher\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Image-Line
2017-06-29 19:26 - 2017-05-07 13:02 - 00000000 ____D C:\Program Files\Image-Line
2017-06-29 19:26 - 2017-05-07 12:58 - 00000000 ____D C:\Program Files (x86)\Image-Line
2017-06-29 19:20 - 2015-06-24 12:44 - 00000000 ____D C:\Users\Christopher\AppData\Local\Ubisoft Game Launcher
2017-06-29 13:58 - 2016-11-14 19:12 - 00000000 ____D C:\Program Files (x86)\REALTEK USB Wireless LAN Driver
2017-06-29 09:01 - 2017-05-23 16:59 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2017-06-29 09:01 - 2017-03-18 16:03 - 00000000 ____D C:\Windows\Help
2017-06-29 09:01 - 2015-08-07 15:16 - 00000000 ____D C:\Temp
2017-06-29 09:00 - 2017-05-23 16:59 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2017-06-29 09:00 - 2017-05-23 16:59 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2017-06-29 08:47 - 2015-06-21 14:48 - 00000000 ____D C:\Program Files (x86)\Realtek
2017-06-29 08:44 - 2017-05-23 16:59 - 00000000 ____D C:\Program Files\Intel
2017-06-29 08:42 - 2015-08-05 23:57 - 00000000 ____D C:\ProgramData\Package Cache
2017-06-29 08:12 - 2017-05-23 17:05 - 00004308 _____ C:\Windows\System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-06-29 08:12 - 2017-05-23 17:05 - 00004000 _____ C:\Windows\System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-06-29 08:12 - 2017-05-23 17:05 - 00003994 _____ C:\Windows\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-06-29 08:12 - 2017-05-23 17:05 - 00003894 _____ C:\Windows\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-06-29 08:12 - 2017-05-23 17:05 - 00003866 _____ C:\Windows\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-06-29 08:12 - 2017-05-23 17:05 - 00003858 _____ C:\Windows\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-06-29 08:12 - 2017-05-23 17:05 - 00003696 _____ C:\Windows\System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-06-29 08:12 - 2017-05-23 17:05 - 00003654 _____ C:\Windows\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-06-29 08:12 - 2016-09-08 17:09 - 00001489 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2017-06-29 05:55 - 2017-05-23 16:59 - 00000000 ____D C:\Windows\SysWOW64\RTCOM
2017-06-27 11:13 - 2015-11-30 22:53 - 00000000 ____D C:\Program Files (x86)\Origin
2017-06-26 14:36 - 2015-08-18 21:14 - 00000000 ____D C:\Users\Christopher\AppData\LocalLow\Adobe
2017-06-25 18:43 - 2017-02-24 20:24 - 00604200 _____ C:\Windows\system32\Drivers\EasyAntiCheat.sys
2017-06-22 17:24 - 2015-06-21 22:55 - 00000000 ____D C:\Fraps
2017-06-22 16:18 - 2017-05-23 17:05 - 00003266 _____ C:\Windows\System32\Tasks\CAM
2017-06-22 16:12 - 2017-02-24 20:24 - 00000000 ____D C:\Users\Christopher\AppData\Roaming\EasyAntiCheat
2017-06-21 02:07 - 2017-05-11 20:04 - 00048248 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2017-06-21 02:07 - 2016-09-08 17:09 - 01903224 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2017-06-21 02:07 - 2016-09-08 17:09 - 01755256 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll
2017-06-21 02:07 - 2016-09-08 17:09 - 01489528 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2017-06-21 02:07 - 2016-09-08 17:09 - 01317496 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll
2017-06-21 02:07 - 2016-09-08 17:09 - 00121464 _____ C:\Windows\system32\NvRtmpStreamer64.dll
2017-06-20 16:15 - 2017-05-23 17:05 - 00003310 _____ C:\Windows\System32\Tasks\OneDrive Standalone Update Task v2
2017-06-20 16:15 - 2015-07-30 19:06 - 00002385 _____ C:\Users\Christopher\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-06-20 15:58 - 2017-01-07 12:00 - 00001951 _____ C:\Windows\NvTelemetryContainerRecovery.bat
2017-06-19 14:44 - 2017-03-02 00:24 - 00466456 _____ (Creative Labs) C:\Windows\system32\wrap_oal.dll
2017-06-19 14:44 - 2017-03-02 00:24 - 00444952 _____ (Creative Labs) C:\Windows\SysWOW64\wrap_oal.dll
2017-06-19 14:44 - 2017-03-02 00:24 - 00122904 _____ (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\Windows\system32\OpenAL32.dll
2017-06-19 14:44 - 2017-03-02 00:24 - 00109080 _____ (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\Windows\SysWOW64\OpenAL32.dll
2017-06-17 21:55 - 2015-07-26 19:45 - 00000000 ____D C:\Users\Christopher\AppData\Local\Spotify
2017-06-17 18:02 - 2015-07-26 19:44 - 00000000 ____D C:\Users\Christopher\AppData\Roaming\Spotify
2017-06-17 14:22 - 2015-08-18 21:09 - 00000000 ____D C:\Users\Christopher\AppData\Local\Adobe
2017-06-14 00:10 - 2017-05-23 17:05 - 00004386 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2017-06-13 17:53 - 2015-06-22 19:04 - 00000000 ____D C:\Windows\system32\MRT
2017-06-13 17:51 - 2015-06-22 19:04 - 133627792 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2017-06-13 17:49 - 2015-10-19 18:58 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2017-06-13 17:48 - 2013-08-22 08:25 - 00000175 _____ C:\Windows\win.ini

==================== Files in the root of some directories =======

2016-07-11 09:55 - 2016-07-11 09:55 - 0000171 _____ () C:\Users\Christopher\AppData\Roaming\burnaware.ini
2017-04-16 13:16 - 2017-05-23 21:08 - 0004502 _____ () C:\Users\Christopher\AppData\Roaming\VoiceMeeterDefault.xml
2017-05-20 13:23 - 2017-05-20 13:23 - 0001488 _____ () C:\Users\Christopher\AppData\Local\recently-used.xbel
2017-05-17 11:32 - 2017-05-17 11:32 - 0125952 _____ () C:\Users\Christopher\AppData\Local\report
2015-09-29 18:59 - 2017-06-29 19:43 - 0007602 _____ () C:\Users\Christopher\AppData\Local\Resmon.ResmonCfg
2015-12-31 19:52 - 2015-12-31 19:52 - 0008157 _____ () C:\Users\Christopher\AppData\Local\transitiontransition_ade97586d9c807608acf4758757f034d.ini
2017-03-22 20:46 - 2017-03-22 20:46 - 0000552 _____ () C:\Users\Christopher\AppData\Local\TroubleshooterConfig.json
2017-06-07 14:19 - 2017-06-07 14:19 - 0047183 _____ () C:\ProgramData\agent.1496863186.bdinstall.bin
2017-06-07 14:37 - 2017-06-07 14:37 - 0029140 _____ () C:\ProgramData\agent.1496864248.bdinstall.bin
2017-06-29 05:55 - 2017-06-29 05:55 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2017-01-07 12:00 - 2017-01-24 22:53 - 0029267 _____ () C:\ProgramData\NvTelemetryContainer.log
2017-01-07 12:00 - 2017-01-10 19:33 - 0010108 _____ () C:\ProgramData\NvTelemetryContainer.log_backup1

Some files in TEMP:
====================
2017-06-05 02:22 - 2017-06-05 02:22 - 0010520 _____ () C:\Users\Christopher\AppData\Local\Temp\BullseyeCoverage-x86-3.dll

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2017-07-08 09:23

==================== End of FRST.txt ============================
 
BEGINNING OF ADDITION.TXT

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 08-07-2017
Ran by ChristopherAubert (11-07-2017 12:51:22)
Running from C:\Users\Christopher\Desktop
Windows 10 Pro Version 1703 (X64) (2017-05-23 22:08:51)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-3319825686-2643767977-2016650390-500 - Administrator - Disabled)
ChristopherAubert (S-1-5-21-3319825686-2643767977-2016650390-1001 - Administrator - Enabled) => C:\Users\Christopher
DefaultAccount (S-1-5-21-3319825686-2643767977-2016650390-503 - Limited - Disabled)
Guest (S-1-5-21-3319825686-2643767977-2016650390-501 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-3319825686-2643767977-2016650390-1001\...\uTorrent) (Version: 3.5.0.43916 - BitTorrent Inc.)
4K Video Downloader 4.2 (HKLM-x32\...\4K Video Downloader_is1) (Version: 4.2.0.2175 - Open Media LLC)
4K YouTube to MP3 3.0 (HKLM-x32\...\4K YouTube to MP3_is1) (Version: 3.0.1.1636 - Open Media LLC)
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 17.009.20058 - Adobe Systems Incorporated)
Adobe Flash Player 26 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 26.0.0.137 - Adobe Systems Incorporated)
Adobe Flash Player 26 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 26.0.0.137 - Adobe Systems Incorporated)
Ansel (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Ansel) (Version: 382.53 - NVIDIA Corporation) Hidden
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.12 - Michael Tippach)
Audacity 2.1.1 (HKLM-x32\...\Audacity®_is1) (Version: 2.1.1 - Audacity Team)
Balabolka (HKLM-x32\...\Balabolka) (Version: 2.11.0.616 - Ilya Morozov)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.3.0 - EA Digital Illusions CE AB)
Blackboard Collaborate Launcher (HKLM-x32\...\{C4F79F84-C509-48B0-81B8-3C2FA2182406}) (Version: 1.6.0.0 - Blackboard)
BlueJ (HKLM-x32\...\{7D66971C-652B-4065-A6B1-B3EE313C254B}) (Version: 3.1.5 - BlueJ Team)
Borderlands 2 (HKLM-x32\...\Steam App 49520) (Version: - Gearbox Software)
Chrome Remote Desktop Host (HKLM-x32\...\{BAF2702F-FB88-48E4-A305-588DB8FDD834}) (Version: 59.0.3071.47 - Google Inc.)
Counter-Strike: Global Offensive (HKLM\...\Steam App 730) (Version: - Valve)
CPUID HWMonitor 1.30 (HKLM\...\CPUID HWMonitor_is1) (Version: - )
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.4.0.0192 - Disc Soft Ltd)
Elgato Game Capture HD (HKLM-x32\...\{FAC1D41C-C800-467B-8C8D-97FBF6F5BBF1}) (Version: 2.20.9.1066 - Elgato Systems GmbH)
EVGA PrecisionX 16 (HKLM-x32\...\{425A0AAA-B049-4356-A81E-E089BC5AE934}) (Version: 5.3.10 - EVGA Corporation)
Far Cry 4 (HKLM\...\Steam App 298110) (Version: - Ubisoft Montreal, Red Storm, Shanghai, Toronto, Kiev)
FL Studio 12 (HKLM-x32\...\FL Studio 12) (Version: - Image-Line)
FL Studio ASIO (HKLM-x32\...\FL Studio ASIO) (Version: - Image-Line)
Fraps (HKLM-x32\...\Fraps) (Version: - )
Game Capture HD60 Pro v1.1.0.149 (HKLM-x32\...\Software_Elgato_Game Capture HD60 Pro) (Version: 1.1.0.149 - Elgato Systems)
Game Capture HD60 v2.1.1.3 (HKLM-x32\...\Software_Elgato_Game Capture HD60) (Version: 2.1.1.3 - Elgato Systems)
GIMP 2.8.14 (HKLM\...\GIMP-2_is1) (Version: 2.8.14 - The GIMP Team)
Google Chrome (HKU\S-1-5-21-3319825686-2643767977-2016650390-1001\...\Google Chrome) (Version: 59.0.3071.115 - Google Inc.)
Google Drive (HKLM-x32\...\{A1238426-ECDF-4639-BE2F-8D12A97AE23C}) (Version: 2.34.5075.1619 - Google, Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.5 - Google Inc.) Hidden
Half-Life (HKLM\...\Steam App 70) (Version: - Valve)
Half-Life 2 (HKLM\...\Steam App 220) (Version: - Valve)
HandBrake 0.10.5 (HKLM-x32\...\HandBrake) (Version: 0.10.5 - )
HWiNFO32 Version 5.52 (HKLM-x32\...\HWiNFO32_is1) (Version: 5.52 - Martin Malík - REALiX)
Intel(R) Chipset Device Software (HKLM-x32\...\{60c073df-e736-4210-9c3a-5fc2b651cef3}) (Version: 10.1.1.7 - Intel(R) Corporation) Hidden
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4531 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 14.5.0.1081 - Intel Corporation)
Java 8 Update 131 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180131F0}) (Version: 8.0.1310.11 - Oracle Corporation)
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version: - )
Live 8.2.2 (HKLM-x32\...\Live 8.2.2) (Version: - )
LogMeIn Hamachi (HKLM-x32\...\{BE82D2D7-6CA2-43B3-8C22-CCF6405806E7}) (Version: 2.2.0.579 - LogMeIn, Inc.) Hidden
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.579 - LogMeIn, Inc.)
METAL GEAR SOLID V: THE PHANTOM PAIN (HKLM\...\Steam App 287700) (Version: - Konami Digital Entertainment)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation)
Microsoft Office Standard 2013 (HKLM\...\Office15.STANDARD) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3319825686-2643767977-2016650390-1001\...\OneDriveSetup.exe) (Version: 17.3.6917.0607 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24210 (HKLM-x32\...\{f144e08f-9cbe-4f09-9a8c-f2b858b7ee7f}) (Version: 14.0.24210.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Minecraft (HKLM-x32\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang)
MiniTool Partition Wizard Free 10.2.1 (HKLM\...\{05D996FA-ADCB-4D23-BA3C-A7C184A8FAC6}_is1) (Version: - MiniTool Solution Ltd.)
Mozilla Firefox 54.0.1 (x64 en-US) (HKLM\...\Mozilla Firefox 54.0.1 (x64 en-US)) (Version: 54.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 54.0.1 - Mozilla)
MSI Afterburner 4.3.0 (HKLM-x32\...\Afterburner) (Version: 4.3.0 - MSI Co., LTD)
Need for Speed: Hot Pursuit (HKLM-x32\...\Steam App 47870) (Version: - Criterion Games)
NextUp-ScanSoft Daniel British Voice (HKLM-x32\...\{BE916006-E144-44CF-B467-F733D0F86200}) (Version: 4.0.0 - NextUp.com)
NVIDIA GeForce Experience 3.7.0.81 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.7.0.81 - NVIDIA Corporation)
NVIDIA Graphics Driver 382.53 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 382.53 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.17.0329 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0329 - NVIDIA Corporation)
NvNodejs (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvNodejs) (Version: 3.7.0.81 - NVIDIA Corporation) Hidden
NvTelemetry (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvTelemetry) (Version: 2.6.1.0 - NVIDIA Corporation) Hidden
NvvHci (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvvHci) (Version: 2.02.0.5 - NVIDIA Corporation) Hidden
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
OpenOffice 4.1.3 (HKLM-x32\...\{EEA30AEB-8BA7-465B-85D4-098BB99733E7}) (Version: 4.13.9783 - Apache Software Foundation)
Opera Stable 46.0.2597.32 (HKLM-x32\...\Opera 46.0.2597.32) (Version: 46.0.2597.32 - Opera Software)
Origin (HKLM-x32\...\Origin) (Version: 10.4.13.6637 - Electronic Arts, Inc.)
Outils de vérification linguistique 2013 de Microsoft Office - Français (HKLM\...\{90150000-001F-040C-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Overwatch (HKLM-x32\...\Overwatch) (Version: - Blizzard Entertainment)
Overwatch Test (HKLM-x32\...\Overwatch Test) (Version: - Blizzard Entertainment)
paint.net (HKLM\...\{1F895C18-6A2F-4A9E-BBE9-246783070F37}) (Version: 4.0.16 - dotPDN LLC)
Portal 2 (HKLM\...\Steam App 620) (Version: - Valve)
Portal Stories: Mel (HKLM\...\Steam App 317400) (Version: - Prism Studios)
puush (HKLM-x32\...\{C3592426-531E-4110-911D-BFECE2CE284B}) (Version: 1.0.0.0 - Dean Herbert)
Razer Chroma SDK Core Components (HKLM-x32\...\Razer Chroma SDK) (Version: 2.2.6 - Razer Inc.)
Razer Synapse (HKLM-x32\...\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 2.20.17.413 - Razer Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.2.703.2015 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7535 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN Driver (HKLM-x32\...\{B63CCD1C-A133-4DF8-8306-DA0387231152}) (Version: 1.00.0269 - REALTEK Semiconductor Corp.)
RivaTuner Statistics Server 6.6.0 (HKLM-x32\...\RTSS) (Version: 6.6.0 - Unwinder)
Rocket League (HKLM-x32\...\Steam App 252950) (Version: - Psyonix)
RollerCoaster Tycoon 2: Triple Thrill Pack (HKLM-x32\...\Steam App 285330) (Version: - Chris Sawyer Productions)
Samsung Data Migration (HKLM-x32\...\{D4DE3DB4-7734-47E5-8D92-B80146311406}) (Version: 2.7 - Samsung)
SHIELD Streaming (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv) (Version: 7.1.0380 - NVIDIA Corporation) Hidden
Skype™ 7.36 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.36.101 - Skype Technologies S.A.)
Spotify (HKU\S-1-5-21-3319825686-2643767977-2016650390-1001\...\Spotify) (Version: 1.0.56.451.gb2f539fc - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
System Requirements Lab Detection (HKLM-x32\...\{541E382C-8DBF-44C5-BB7A-00E01526184E}) (Version: 6.1.6.0 - Husdawg, LLC)
Team Fortress 2 (HKLM-x32\...\Steam App 440) (Version: - Valve)
TeamViewer 12 (HKLM-x32\...\TeamViewer) (Version: 12.0.78716 - TeamViewer)
The Witcher 3: Wild Hunt (HKLM\...\Steam App 292030) (Version: - CD PROJEKT RED)
Trials Fusion (HKLM-x32\...\Uplay Install 297) (Version: - Ubisoft)
Twitch Leecher 1.3.5 (HKLM\...\{C7081120-8F65-46B6-85A4-3200AB1B5AAA}) (Version: 1.3.5.0 - Fake Smile Revolution) Hidden
Twitch Leecher 1.3.5 (HKLM-x32\...\{dbdcd040-9099-4490-80a2-0a617c83df14}) (Version: 1.3.5.0 - Fake Smile Revolution)
Unity Web Player (HKU\S-1-5-21-3319825686-2643767977-2016650390-1001\...\UnityWebPlayer) (Version: 5.1.3f1 - Unity Technologies ApS)
Unlocker (HKLM\...\{5993C960-4E90-4A00-A2F3-D0C4020A6992}) (Version: 1.9.2 - ajua Custom Installers)
Unturned (HKLM\...\Steam App 304930) (Version: - Smartly Dressed Games)
Uplay (HKLM-x32\...\Uplay) (Version: 2.0 - Ubisoft)
Vegas Pro 13.0 (64-bit) (HKLM\...\{D0360940-CCC6-11E3-B9C6-F04DA23A5C58}) (Version: 13.0.310 - Sony)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.1 - VideoLAN)
Vulkan Run Time Libraries 1.0.42.1 (HKLM\...\VulkanRT1.0.42.1) (Version: 1.0.42.1 - LunarG, Inc.)
Watch_Dogs (HKLM\...\Steam App 243470) (Version: - Ubisoft)
WBFS Manager 3.0 (HKLM-x32\...\WBFS Manager 3.0) (Version: 3.0 - AlexDP)
WhoCrashed 5.52 (HKLM\...\WhoCrashed_is1) (Version: - Resplendence Software Projects Sp.)
WinRAR 5.21 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
Zoo Tycoon: Complete Collection (HKLM-x32\...\Zoo Tycoon 1.0) (Version: - )

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-3319825686-2643767977-2016650390-1001_Classes\CLSID\{144DF3B2-2402-47AE-9583-5A045929A8D4}\InprocServer32 -> C:\Users\Christopher\AppData\Local\Google\Update\1.3.33.5\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3319825686-2643767977-2016650390-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Christopher\AppData\Local\Google\Update\1.3.33.5\psuser_64.dll (Google Inc.)
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2017-03-21] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2017-03-21] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2017-03-21] (Google)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers01: [Balabolka] -> {6CB83A5A-AA68-4895-9F54-175E789AE149} => C:\Program Files (x86)\Balabolka\BFileExt.dll [2013-02-28] (Ilya Morozov)
ContextMenuHandlers01: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files (x86)\Google\Drive\contextmenu64.dll [2017-03-21] (Google)
ContextMenuHandlers01: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2015-02-15] (Alexander Roshal)
ContextMenuHandlers01: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => -> No File
ContextMenuHandlers04: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files (x86)\Google\Drive\contextmenu64.dll [2017-03-21] (Google)
ContextMenuHandlers05: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers05: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2016-11-01] (Intel Corporation)
ContextMenuHandlers05: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2017-06-07] (NVIDIA Corporation)
ContextMenuHandlers06: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2015-02-15] (Alexander Roshal)
ContextMenuHandlers06: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => -> No File

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0439C61C-09AE-4FCF-B8A9-E77F11225801} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-06-21] (NVIDIA Corporation)
Task: {13F77482-382E-4DF4-87F8-51C8AB9DDAA6} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2017-06-21] (NVIDIA Corporation)
Task: {15D7EE3B-2F7F-4527-B9C9-9EC4F6A8C146} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-06-21] (NVIDIA Corporation)
Task: {261FFB30-3939-4BF8-B88E-A5AF99E1BFDB} - System32\Tasks\{8AF43355-711F-4F33-8C58-8AC18538AB0E} => Chrome.exe hxxp://ui.skype.com/ui/0/7.23.0.105/en/abandoninstall?page=tsMain
Task: {2C3A0BC2-4BE3-4AEA-943E-ADB38064527D} - \WPD\SqmUpload_S-1-5-21-3319825686-2643767977-2016650390-1001 -> No File <==== ATTENTION
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\Windows\System32\AutoWorkplace.exe
Task: {3A24B074-058C-45D2-A2D5-745B09BE0F90} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-07-11] (Adobe Systems Incorporated)
Task: {495A9FA3-E3D0-4099-B625-CB4334A7363C} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_26_0_0_137_pepper.exe [2017-07-11] (Adobe Systems Incorporated)
Task: {4AE02413-78F2-44CB-9931-0C088EC91A94} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation)
Task: {4CEC58F6-3EB4-4830-8D49-2E95D70D3F36} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-06-21] (NVIDIA Corporation)
Task: {51D0521F-713C-4007-9C9A-8784F387D450} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3319825686-2643767977-2016650390-1001Core => C:\Users\Christopher\AppData\Local\Google\Update\GoogleUpdate.exe [2017-07-10] (Google Inc.)
Task: {5B3FD6A1-6B8E-46F5-918B-ADDC70E4F05D} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-06-21] (NVIDIA Corporation)
Task: {5D6C7344-D9B9-46B9-B818-1E40D7397AE6} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-06-20] (Google Inc.)
Task: {700F79E7-5A8B-407B-B80C-CB081AEE89CD} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {83FED618-2D47-4C30-AC3D-53918C71F4C6} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {8DFA8CCC-0B53-4D74-A928-5042AD228714} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {91FDCEB4-2319-4E1A-BF4B-B2DF4FB10E7A} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {92C65BCC-3DA0-4800-A912-D7DDBEB0CA2A} - System32\Tasks\Norton Product InstallerIdle => C:\WINDOWS\SysWOW64\Adobe\Shockwave 12\SymInstallStub.exe
Task: {99372063-EF78-4BC4-8D63-E745ED7E69AC} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {A183FBE1-D5A0-48BD-BDE3-1DF1765F024D} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {A8D2A4E5-3D6D-45AE-8758-C3878F5EEB9B} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2017-06-21] (NVIDIA Corporation)
Task: {AC9D4614-1906-4DE1-8640-1BE3E17A0E72} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2017-06-21] (NVIDIA Corporation)
Task: {BD61B490-330B-43A7-AFF9-8D15094F83DE} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-06-20] (Google Inc.)
Task: {BD8CC0BC-738F-4839-812B-B6C2C0E0B79D} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3319825686-2643767977-2016650390-1001UA => C:\Users\Christopher\AppData\Local\Google\Update\GoogleUpdate.exe [2017-07-10] (Google Inc.)
Task: {C01AACBA-948B-414F-87DD-C8569E3C44F3} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {C2F838D5-1437-406D-8595-91BFBF7E5E84} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {C302CCEC-5E01-42B5-A8DE-AC4868E9957A} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {C7BE021D-441C-4F37-B0BB-D03AEBEDB677} - System32\Tasks\Opera scheduled Autoupdate 1498797898 => C:\Program Files\Opera\launcher.exe [2017-06-26] (Opera Software)
Task: {D57B6B30-2363-423E-9FA4-0A20CB4BACD6} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {D6554A72-C43D-42F0-8E80-F6B94F52FB16} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {DA8F8254-091D-4716-99A7-A7FC8F891656} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {E201DDEC-9FED-4027-99E7-086C257F70B4} - System32\Tasks\CAM => C:\Program Files (x86)\NZXT\CAM\CAM_V3.exe
Task: {EAF7B160-6AF5-44DC-9796-266BCC6151A1} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2017-06-13] (Microsoft Corporation)
Task: {EDD2C8D2-425B-41B9-AF69-438C5D84C059} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {F4E51FDC-6775-4E8B-B8AD-3CAAD6CEDF41} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-04-25] (Adobe Systems Incorporated)
Task: {FA0D4813-65D0-4FB5-92E2-39A773C19632} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-06-21] (NVIDIA Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\CreateExplorerShellUnelevatedTask.job => C:\Windows\explorer.exe
Task: C:\Windows\Tasks\Norton Product InstallerIdle.job => C:\WINDOWS\SysWOW64\Adobe\Shockwave 12\SymInstallStub.exe

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============

2017-06-29 05:55 - 2013-07-03 20:32 - 00936728 _____ () C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe
2017-01-05 17:36 - 2017-01-05 17:36 - 00077824 _____ () C:\Users\Christopher\AppData\Local\ntuserlitelist\dataup\dataup.exe
2016-09-08 17:09 - 2017-06-21 02:07 - 01267320 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
2015-12-05 10:53 - 2015-12-05 10:53 - 00076152 _____ () C:\Windows\system32\PnkBstrA.exe
2016-09-24 17:20 - 2016-09-24 17:21 - 00189264 _____ () C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
2016-11-14 19:12 - 2014-12-12 18:24 - 00044760 _____ () C:\Windows\runSW.exe
2017-03-18 15:58 - 2017-03-18 15:58 - 00138000 _____ () C:\Windows\SYSTEM32\inputhost.dll
2017-05-03 17:11 - 2017-05-03 17:11 - 00619008 ____N () C:\windows\system32\tprdpw64.exe
2017-03-18 15:58 - 2017-03-18 15:58 - 03826176 _____ () C:\Windows\System32\Windows.UI.Input.Inking.Analysis.dll
2017-04-07 15:57 - 2017-04-07 15:58 - 00381440 _____ () C:\Program Files\WindowsApps\Microsoft.MicrosoftStickyNotes_1.8.0.0_x64__8wekyb3d8bbwe\Microsoft.Notes.Upgrade.dll
2017-03-18 15:59 - 2017-03-18 21:31 - 01731072 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-06-22 10:11 - 2017-06-22 10:12 - 00054272 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11705.1001.21.0_x64__8wekyb3d8bbwe\WinStoreTasksWrapper.dll
2012-01-10 16:41 - 2015-06-27 01:13 - 00568904 _____ () C:\Program Files (x86)\puush\puush.exe
2017-02-23 08:29 - 2017-02-23 08:29 - 08909512 _____ () C:\Program Files\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2017-07-10 22:00 - 2017-06-22 22:21 - 03807064 _____ () C:\Users\Christopher\AppData\Local\Google\Chrome\Application\59.0.3071.115\libglesv2.dll
2017-07-10 22:00 - 2017-06-22 22:21 - 00100184 _____ () C:\Users\Christopher\AppData\Local\Google\Chrome\Application\59.0.3071.115\libegl.dll
2017-06-21 11:06 - 2017-06-21 11:06 - 00074752 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.18.614.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2017-06-21 11:06 - 2017-06-21 11:06 - 00203264 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.18.614.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2017-06-21 11:06 - 2017-06-21 11:06 - 43454464 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.18.614.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2017-06-21 11:06 - 2017-06-21 11:06 - 02437120 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.18.614.0_x64__kzf8qxf38zg5c\skypert.dll
2017-04-21 15:37 - 2017-04-21 15:37 - 00884224 _____ () C:\Users\Christopher\AppData\Local\ntuserlitelist\svcvmx\svcvmx.exe
2017-04-21 16:28 - 2017-04-21 16:28 - 01080832 _____ () C:\Users\Christopher\AppData\Local\ntuserlitelist\svcvmx\vmxclient.exe
2017-06-29 05:55 - 2017-07-11 12:48 - 00035984 _____ () C:\Program Files (x86)\ASUS\AXSP\1.01.02\PEbiosinterface32.dll
2017-06-29 05:55 - 2013-07-03 20:32 - 00104448 _____ () C:\Program Files (x86)\ASUS\AXSP\1.01.02\ATKEX.dll
2017-05-04 11:13 - 2017-05-04 11:13 - 00235520 _____ () C:\Users\Christopher\AppData\Local\ntuserlitelist\dataup\help_dll.dll
2017-02-07 17:47 - 2017-05-23 17:11 - 02493440 _____ () C:\Program Files (x86)\Origin\libGLESv2.dll
2016-09-08 17:09 - 2017-06-21 02:07 - 01040504 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll
2015-06-20 23:16 - 2017-05-16 20:54 - 00678176 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2015-06-20 23:16 - 2016-08-31 20:02 - 04969248 _____ () C:\Program Files (x86)\Steam\v8.dll
2015-06-20 23:16 - 2017-07-06 13:29 - 02496800 _____ () C:\Program Files (x86)\Steam\video.dll
2015-06-20 23:16 - 2016-08-31 20:02 - 01563936 _____ () C:\Program Files (x86)\Steam\icui18n.dll
2015-06-20 23:16 - 2016-08-31 20:02 - 01195296 _____ () C:\Program Files (x86)\Steam\icuuc.dll
2015-06-20 23:16 - 2016-01-27 02:49 - 02549760 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll
2015-06-20 23:16 - 2016-01-27 02:49 - 00491008 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll
2015-06-20 23:16 - 2016-01-27 02:49 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll
2015-06-20 23:16 - 2016-01-27 02:49 - 00442880 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll
2015-06-20 23:16 - 2016-01-27 02:49 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll
2015-06-20 23:16 - 2017-07-06 13:29 - 00878368 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2016-03-09 17:45 - 2016-07-04 17:17 - 00266560 _____ () C:\Program Files (x86)\Steam\openvr_api.dll
2016-10-29 12:48 - 2017-06-16 22:32 - 00120944 _____ () C:\Users\Christopher\AppData\Roaming\Spotify\SpotifyWinRT.dll
2016-09-08 17:09 - 2017-06-21 02:06 - 66837112 _____ () C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\libcef.dll
2017-06-09 11:12 - 2017-05-16 20:54 - 00678176 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.win7\SDL2.dll
2016-12-12 23:27 - 2017-07-06 12:58 - 73088800 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.win7\libcef.dll
2015-06-20 23:16 - 2017-07-06 13:29 - 00385824 _____ () C:\Program Files (x86)\Steam\steam.dll
2017-07-11 12:49 - 2017-07-11 12:49 - 00098816 ____R () C:\Users\Christopher\AppData\Local\Temp\_MEI114762\win32api.pyd
2017-07-11 12:49 - 2017-07-11 12:49 - 00110080 ____R () C:\Users\Christopher\AppData\Local\Temp\_MEI114762\pywintypes27.dll
2017-07-11 12:49 - 2017-07-11 12:49 - 00364544 ____R () C:\Users\Christopher\AppData\Local\Temp\_MEI114762\pythoncom27.dll
2017-07-11 12:49 - 2017-07-11 12:49 - 00320512 ____R () C:\Users\Christopher\AppData\Local\Temp\_MEI114762\win32com.shell.shell.pyd
2017-07-11 12:49 - 2017-07-11 12:49 - 00914432 ____R () C:\Users\Christopher\AppData\Local\Temp\_MEI114762\_hashlib.pyd
2017-07-11 12:49 - 2017-07-11 12:49 - 01176576 ____R () C:\Users\Christopher\AppData\Local\Temp\_MEI114762\wx._core_.pyd
2017-07-11 12:49 - 2017-07-11 12:49 - 00806400 ____R () C:\Users\Christopher\AppData\Local\Temp\_MEI114762\wx._gdi_.pyd
2017-07-11 12:49 - 2017-07-11 12:49 - 00816128 ____R () C:\Users\Christopher\AppData\Local\Temp\_MEI114762\wx._windows_.pyd
2017-07-11 12:49 - 2017-07-11 12:49 - 01067008 ____R () C:\Users\Christopher\AppData\Local\Temp\_MEI114762\wx._controls_.pyd
2017-07-11 12:49 - 2017-07-11 12:49 - 00733184 ____R () C:\Users\Christopher\AppData\Local\Temp\_MEI114762\wx._misc_.pyd
2017-07-11 12:49 - 2017-07-11 12:49 - 00682496 ____R () C:\Users\Christopher\AppData\Local\Temp\_MEI114762\pysqlite2._sqlite.pyd
2017-07-11 12:49 - 2017-07-11 12:49 - 00088064 ____R () C:\Users\Christopher\AppData\Local\Temp\_MEI114762\_ctypes.pyd
2017-07-11 12:49 - 2017-07-11 12:49 - 00686080 ____R () C:\Users\Christopher\AppData\Local\Temp\_MEI114762\unicodedata.pyd
2017-07-11 12:49 - 2017-07-11 12:49 - 00119808 ____R () C:\Users\Christopher\AppData\Local\Temp\_MEI114762\win32file.pyd
2017-07-11 12:49 - 2017-07-11 12:49 - 00108544 ____R () C:\Users\Christopher\AppData\Local\Temp\_MEI114762\win32security.pyd
2017-07-11 12:49 - 2017-07-11 12:49 - 00007168 ____R () C:\Users\Christopher\AppData\Local\Temp\_MEI114762\hashobjs_ext.pyd
2017-07-11 12:49 - 2017-07-11 12:49 - 00017920 ____R () C:\Users\Christopher\AppData\Local\Temp\_MEI114762\thumbnails_ext.pyd
2017-07-11 12:49 - 2017-07-11 12:49 - 00088064 ____R () C:\Users\Christopher\AppData\Local\Temp\_MEI114762\usb_ext.pyd
2017-07-11 12:49 - 2017-07-11 12:49 - 00012800 ____R () C:\Users\Christopher\AppData\Local\Temp\_MEI114762\common.time34.pyd
2017-07-11 12:49 - 2017-07-11 12:49 - 00018432 ____R () C:\Users\Christopher\AppData\Local\Temp\_MEI114762\win32event.pyd
2017-07-11 12:49 - 2017-07-11 12:49 - 00167936 ____R () C:\Users\Christopher\AppData\Local\Temp\_MEI114762\win32gui.pyd
2017-07-11 12:49 - 2017-07-11 12:49 - 00046080 ____R () C:\Users\Christopher\AppData\Local\Temp\_MEI114762\_socket.pyd
2017-07-11 12:49 - 2017-07-11 12:49 - 01303552 ____R () C:\Users\Christopher\AppData\Local\Temp\_MEI114762\_ssl.pyd
2017-07-11 12:49 - 2017-07-11 12:49 - 00128512 ____R () C:\Users\Christopher\AppData\Local\Temp\_MEI114762\_elementtree.pyd
2017-07-11 12:49 - 2017-07-11 12:49 - 00127488 ____R () C:\Users\Christopher\AppData\Local\Temp\_MEI114762\pyexpat.pyd
2017-07-11 12:49 - 2017-07-11 12:49 - 00038912 ____R () C:\Users\Christopher\AppData\Local\Temp\_MEI114762\win32inet.pyd
2017-07-11 12:49 - 2017-07-11 12:49 - 00036864 ____R () C:\Users\Christopher\AppData\Local\Temp\_MEI114762\_psutil_windows.pyd
2017-07-11 12:49 - 2017-07-11 12:49 - 00524248 ____R () C:\Users\Christopher\AppData\Local\Temp\_MEI114762\windows._lib_cacheinvalidation.pyd
2017-07-11 12:49 - 2017-07-11 12:49 - 00011264 ____R () C:\Users\Christopher\AppData\Local\Temp\_MEI114762\win32crypt.pyd
2017-07-11 12:49 - 2017-07-11 12:49 - 00123392 ____R () C:\Users\Christopher\AppData\Local\Temp\_MEI114762\wx._wizard.pyd
2017-07-11 12:49 - 2017-07-11 12:49 - 00077312 ____R () C:\Users\Christopher\AppData\Local\Temp\_MEI114762\wx._html2.pyd
2017-07-11 12:49 - 2017-07-11 12:49 - 00027648 ____R () C:\Users\Christopher\AppData\Local\Temp\_MEI114762\_multiprocessing.pyd
2017-07-11 12:49 - 2017-07-11 12:49 - 00020480 ____R () C:\Users\Christopher\AppData\Local\Temp\_MEI114762\_yappi.pyd
2017-07-11 12:49 - 2017-07-11 12:49 - 00035840 ____R () C:\Users\Christopher\AppData\Local\Temp\_MEI114762\win32process.pyd
2017-07-11 12:49 - 2017-07-11 12:49 - 00078848 ____R () C:\Users\Christopher\AppData\Local\Temp\_MEI114762\wx._animate.pyd
2017-07-11 12:49 - 2017-07-11 12:49 - 00024064 ____R () C:\Users\Christopher\AppData\Local\Temp\_MEI114762\win32pipe.pyd
2017-07-11 12:49 - 2017-07-11 12:49 - 00010240 ____R () C:\Users\Christopher\AppData\Local\Temp\_MEI114762\select.pyd
2017-07-11 12:49 - 2017-07-11 12:49 - 00025600 ____R () C:\Users\Christopher\AppData\Local\Temp\_MEI114762\win32pdh.pyd
2017-07-11 12:49 - 2017-07-11 12:49 - 00017408 ____R () C:\Users\Christopher\AppData\Local\Temp\_MEI114762\win32profile.pyd
2017-07-11 12:49 - 2017-07-11 12:49 - 00022528 ____R () C:\Users\Christopher\AppData\Local\Temp\_MEI114762\win32ts.pyd
2017-04-26 15:19 - 2017-04-26 15:19 - 02005976 ____R () C:\Program Files (x86)\Skype\Phone\skypert.dll
2015-12-25 14:11 - 2014-05-19 18:19 - 00137728 _____ () C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\CBSCreateVC.dll
2015-12-25 14:11 - 2014-09-11 19:09 - 01498112 _____ () C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\DAQExp.dll
2017-01-14 19:40 - 2017-01-14 19:40 - 53460992 _____ () C:\Users\Christopher\AppData\Local\ntuserlitelist\svcvmx\libcef.dll
2016-05-31 11:43 - 2016-05-31 11:43 - 01976832 _____ () C:\Users\Christopher\AppData\Local\ntuserlitelist\svcvmx\libglesv2.dll
2016-05-31 11:44 - 2016-05-31 11:44 - 00075264 _____ () C:\Users\Christopher\AppData\Local\ntuserlitelist\svcvmx\libegl.dll
2016-06-15 17:15 - 2016-06-15 17:15 - 17599640 _____ () C:\Users\Christopher\AppData\Local\ntuserlitelist\svcvmx\pepflashplayer.dll
2017-05-30 21:52 - 2017-05-30 21:52 - 00689664 ____N () C:\Users\Christopher\AppData\Local\lqylpia\ykvvg\ct.exe

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\TEMP:792D4CF1 [216]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

HKU\S-1-5-21-3319825686-2643767977-2016650390-1001\Software\Classes\regfile: regedit.exe "%1" <==== ATTENTION

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-3319825686-2643767977-2016650390-1001\...\sharepoint.com -> hxxps://sshc.sharepoint.com

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 08:25 - 2017-06-29 19:19 - 00000855 _____ C:\Windows\system32\Drivers\etc\hosts

37.139.50.192 www.gstatic.com

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3319825686-2643767977-2016650390-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Christopher\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\{c2983e00-66b9-4396-8f64-dbc77c5ba1e5}.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Warn)
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [UDP Query User{2A1E675F-89C7-4854-BA03-EF670C5B6208}D:\new folder\client\bin\pc\quakechampions.exe] => (Allow) D:\new folder\client\bin\pc\quakechampions.exe
FirewallRules: [TCP Query User{15CF71D8-3BE0-4926-A904-A193CCDC4AED}D:\new folder\client\bin\pc\quakechampions.exe] => (Allow) D:\new folder\client\bin\pc\quakechampions.exe
FirewallRules: [{F90F691A-C373-449D-8D89-5DA676AB1367}] => (Allow) C:\ProgramData\Ableton\Live 9 Suite\Program\Ableton Live 9 Suite.exe
FirewallRules: [{98DC6575-064F-495B-814A-A2D84AD6257A}] => (Allow) C:\ProgramData\Ableton\Live 9 Suite\Program\Ableton Live 9 Suite.exe
FirewallRules: [{28A5F6ED-F9A2-469B-8458-80C693054BD5}] => (Allow) C:\ProgramData\Ableton\Live 9 Suite\Program\Ableton Live 9 Suite.exe
FirewallRules: [{EA3F837F-DBEF-4316-A22E-7D16B5FE3CD2}] => (Allow) C:\ProgramData\Ableton\Live 9 Suite\Program\Ableton Live 9 Suite.exe
FirewallRules: [UDP Query User{0C1FC304-9CC5-4BD7-A9D9-343E090CC636}C:\program files (x86)\image-line\fl studio 12\fl64.exe] => (Allow) C:\program files (x86)\image-line\fl studio 12\fl64.exe
FirewallRules: [TCP Query User{C9D53F94-003D-451D-B78D-DA8A20A41627}C:\program files (x86)\image-line\fl studio 12\fl64.exe] => (Allow) C:\program files (x86)\image-line\fl studio 12\fl64.exe
FirewallRules: [{3715DF90-6847-4CF0-9F07-17AE3C584C4B}] => (Allow) C:\Program Files\PreSonus\Studio One 3\Studio One.exe
FirewallRules: [{F7F9132E-5069-4DC2-BCA3-71D96C3BBC26}] => (Allow) D:\SteamLibrary\steamapps\common\Half-Life\hl.exe
FirewallRules: [{F49B677C-4243-43DC-8EBB-9B9F7809B971}] => (Allow) D:\SteamLibrary\steamapps\common\Half-Life\hl.exe
FirewallRules: [{D982D364-A70D-4F4A-8712-EA5CBD90B23E}] => (Allow) D:\SteamLibrary\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [{82729186-E6B6-486E-BCFA-C7A902573DC9}] => (Allow) D:\SteamLibrary\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [{FE14138A-17CA-4DED-B99B-730FC19A0F92}] => (Allow) D:\SteamLibrary\steamapps\common\SNOW\Bin64\playSNOW.exe
FirewallRules: [{880354B2-3A20-486E-B280-6AFDF4621382}] => (Allow) D:\SteamLibrary\steamapps\common\SNOW\Bin64\playSNOW.exe
FirewallRules: [{121A3F4A-D98F-422C-B3C5-186AD3245C40}] => (Allow) D:\SteamLibrary\steamapps\common\Dirty Bomb\Binaries\Win32\ShooterGame-Win32-Shipping.exe
FirewallRules: [{EFFFDE53-2BA5-4FBD-8F14-43F845359319}] => (Allow) D:\SteamLibrary\steamapps\common\Dirty Bomb\Binaries\Win32\ShooterGame-Win32-Shipping.exe
FirewallRules: [{663CD9C4-DDE3-4D6D-831A-1B7DF0B3FB98}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{3346D216-D211-4F31-9086-E198D060015A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{BDD9AC4D-EAA0-4CB7-86AA-BB41F42AFA89}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{D7F37F6A-9E3F-467C-928A-E88A6F834AF7}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{1F6908F6-5E98-41A5-8D33-043D1F94498C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{3259CCA8-5E04-44A4-9980-80EFAF30D94F}] => (Allow) D:\SteamLibrary\steamapps\common\Metro Last Light\MetroLL.exe
FirewallRules: [{2E8B57B4-CB6E-4939-9E99-260FC0C1D686}] => (Allow) D:\SteamLibrary\steamapps\common\Metro Last Light\MetroLL.exe
FirewallRules: [{6E1D62E9-DA8E-420E-8220-EAC1D364BF11}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{B930EF0D-087C-4975-B5B9-A3F73A715884}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{7F7417A0-ED03-4FA8-A307-028776018DB6}] => (Allow) LPort=2333
FirewallRules: [{13EB4917-C673-45BF-8A17-F876343C5524}] => (Allow) LPort=9143
FirewallRules: [{17A8C530-7A47-4A02-9820-5E97709F7B24}] => (Allow) D:\SteamLibrary\steamapps\common\ShadowOfMordor\x64\ShadowOfMordor.exe
FirewallRules: [{D0928947-9125-4CC6-88D8-4F3DFD539B61}] => (Allow) D:\SteamLibrary\steamapps\common\ShadowOfMordor\x64\ShadowOfMordor.exe
FirewallRules: [{BDC0B291-24C7-4F36-A813-A710F38616B0}] => (Allow) D:\SteamLibrary\steamapps\common\MGS_TPP\mgsvtpp.exe
FirewallRules: [{BE33CFC0-31F3-4122-B428-E57C70557A4B}] => (Allow) D:\SteamLibrary\steamapps\common\MGS_TPP\mgsvtpp.exe
FirewallRules: [{C932BE1A-77E7-46A7-8545-D6729C33655A}] => (Allow) D:\SteamLibrary\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{66474EF9-EA31-4754-A86A-522A93988BC1}] => (Allow) D:\SteamLibrary\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [UDP Query User{B058FA66-AC9C-404C-8D59-1F2A87793690}D:\steamlibrary\steamapps\common\paladins\binaries\win32\paladins.exe] => (Allow) D:\steamlibrary\steamapps\common\paladins\binaries\win32\paladins.exe
FirewallRules: [TCP Query User{564EB225-B2F3-4919-B8C5-AE00BAA5F040}D:\steamlibrary\steamapps\common\paladins\binaries\win32\paladins.exe] => (Allow) D:\steamlibrary\steamapps\common\paladins\binaries\win32\paladins.exe
FirewallRules: [UDP Query User{26913D0E-2940-4F2D-9181-8B69238A7DFE}D:\steamlibrary\steamapps\common\batman arkham asylum goty\binaries\shippingpc-bmgame.exe] => (Allow) D:\steamlibrary\steamapps\common\batman arkham asylum goty\binaries\shippingpc-bmgame.exe
FirewallRules: [TCP Query User{4078A820-D3C8-4DA8-A51D-759BAACC430E}D:\steamlibrary\steamapps\common\batman arkham asylum goty\binaries\shippingpc-bmgame.exe] => (Allow) D:\steamlibrary\steamapps\common\batman arkham asylum goty\binaries\shippingpc-bmgame.exe
FirewallRules: [{37DCF281-AD72-4150-9D81-B27859055D22}] => (Allow) D:\SteamLibrary\steamapps\common\Far Cry 3\bin\FC3UpdaterSteam.exe
FirewallRules: [{F74A3F81-B456-41E0-9710-5A7348FD5FD9}] => (Allow) D:\SteamLibrary\steamapps\common\Far Cry 3\bin\FC3UpdaterSteam.exe
FirewallRules: [{8E54B50D-8315-43CC-A65A-39502702DA07}] => (Allow) D:\OriginLibrary\Battlefield 4\BF4X86WebHelper.exe
FirewallRules: [{4EA06039-D087-4863-BADD-2C8D6B628595}] => (Allow) D:\OriginLibrary\Battlefield 4\BF4X86WebHelper.exe
FirewallRules: [{99B60844-B7B6-4339-AA67-6903F4A04AD7}] => (Allow) D:\OriginLibrary\Battlefield 4\BF4WebHelper.exe
FirewallRules: [{4C05D95E-DBF4-49C2-97E0-17443D545D2C}] => (Allow) D:\OriginLibrary\Battlefield 4\BF4WebHelper.exe
FirewallRules: [UDP Query User{088580BA-72FD-4C37-99A6-51B65931CA58}C:\users\christopher\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\christopher\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [TCP Query User{4AC57403-279C-42F1-8990-CDD7A93C4FBE}C:\users\christopher\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\christopher\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [UDP Query User{49CA92ED-2167-43D3-85D5-182AD6C4462F}D:\originlibrary\battlefield 4\bf4.exe] => (Allow) D:\originlibrary\battlefield 4\bf4.exe
FirewallRules: [TCP Query User{FBFFADF6-D887-49C0-A71E-37C42AC559C5}D:\originlibrary\battlefield 4\bf4.exe] => (Allow) D:\originlibrary\battlefield 4\bf4.exe
FirewallRules: [{60EF0607-9EC8-4750-85B2-F929F896FA20}] => (Allow) C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe
FirewallRules: [{652638A2-CE8A-498B-AA8A-D6DF1F43FD47}] => (Allow) C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe
FirewallRules: [{11859F1E-FF7D-4F8E-840D-A70C8709AA16}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{B8E33AAF-4DD1-4983-B02C-657D90E64C56}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{BA4E9E94-440F-473E-869E-033F4250125A}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{4E8466B1-4112-4D54-9F78-47023ED916F3}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{DB3C75B3-93C8-41D3-875B-47D0BF52D0E8}] => (Allow) D:\UplayLibrary\Rainbow Six Siege - Open Beta\RainbowSix.exe
FirewallRules: [{4D9A1F75-650C-489D-801E-DF1CBDB8101B}] => (Allow) D:\UplayLibrary\Rainbow Six Siege - Open Beta\RainbowSix.exe
FirewallRules: [{6073E52E-25F0-49EB-B0CC-F84B17BACA5C}] => (Allow) D:\UplayLibrary\Trials Fusion\datapack\trials_fusion.exe
FirewallRules: [{E0AD8631-C380-4647-BD4C-EDC7E34BD4A2}] => (Allow) D:\UplayLibrary\Trials Fusion\datapack\trials_fusion.exe
FirewallRules: [UDP Query User{3989AB71-2E76-4DB9-8EB1-5962C8616A91}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [TCP Query User{0F4F8F65-256A-4643-AC0B-BFC3724F9CD2}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [{C2EF9424-4463-4BC2-8136-B115DC12B1C9}] => (Allow) D:\SteamLibrary\steamapps\common\Need for Speed Hot Pursuit\NFS11.exe
FirewallRules: [{4B626D8F-BD73-451E-8D98-0E561346882C}] => (Allow) D:\SteamLibrary\steamapps\common\Need for Speed Hot Pursuit\NFS11.exe
FirewallRules: [{17E22141-A76C-4D97-AEA1-0F0A9348AA86}] => (Allow) C:\Users\Christopher\AppData\Roaming\BitTorrent Sync\BTSync.exe
FirewallRules: [{065125CD-84D7-46F9-9C9C-07D345A4316C}] => (Allow) C:\Users\Christopher\AppData\Roaming\BitTorrent Sync\BTSync.exe
FirewallRules: [{8A7AF9D8-0392-45CF-9A62-6228C678BA44}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{76D9A723-3BCB-4611-9A46-557AD49D451F}] => (Allow) D:\OriginLibrary\STAR WARS Battlefront Beta\starwarsbattlefront.exe
FirewallRules: [{1AA1A482-107B-41C8-B060-4599FDCE0413}] => (Allow) D:\OriginLibrary\STAR WARS Battlefront Beta\starwarsbattlefront.exe
FirewallRules: [{11E7703D-574B-414E-B28A-7B86A47EAD29}] => (Allow) D:\SteamLibrary\steamapps\common\dont_starve\bin\dontstarve_steam.exe
FirewallRules: [{FBAE74E1-A96C-41CD-A7C8-1A260B61C8CF}] => (Allow) D:\SteamLibrary\steamapps\common\dont_starve\bin\dontstarve_steam.exe
FirewallRules: [{820B7D3A-D7D4-43D4-9297-4B5A941F0BA5}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{68713618-36C1-4313-8F7C-E35B6E3C6654}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{2AE31005-710B-4F36-8AF1-74E6DA550C3E}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{6DAA0C49-149C-46F4-B13A-5D7AFBE33E93}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{C13A6B93-7955-443A-BB66-E582D5DEC484}] => (Allow) D:\Hearthstone\Hearthstone.exe
FirewallRules: [{4C8DBC06-179A-45AC-B84B-1E26AE5091BA}] => (Allow) D:\Hearthstone\Hearthstone.exe
FirewallRules: [{11E4A933-C7AA-4805-8348-2DF502EB61CD}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{E8AF1CAC-6B84-4BC8-AA56-45BE20EF483D}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{80B3414F-1A4B-4679-B000-DBD90A1E9AE2}] => (Allow) D:\SteamLibrary\steamapps\common\Rollercoaster Tycoon 2\RCT2.EXE
FirewallRules: [{3F6D217D-9F11-482A-A445-4A322B5381E4}] => (Allow) D:\SteamLibrary\steamapps\common\Rollercoaster Tycoon 2\RCT2.EXE
FirewallRules: [{A4393425-3A97-4810-9009-4731D167A3D8}] => (Allow) D:\SteamLibrary\steamapps\common\Borderlands 2\Binaries\Win32\Borderlands2.exe
FirewallRules: [{3083B153-D348-431E-815A-7B091B24D673}] => (Allow) D:\SteamLibrary\steamapps\common\Borderlands 2\Binaries\Win32\Borderlands2.exe
FirewallRules: [{14E6CAFF-B24D-4CB1-B7CD-91504B278628}] => (Allow) D:\SteamLibrary\steamapps\common\Borderlands 2\Binaries\Win32\Launcher.exe
FirewallRules: [{CEA30274-1512-42EB-A8BE-7A99C633F56C}] => (Allow) D:\SteamLibrary\steamapps\common\Borderlands 2\Binaries\Win32\Launcher.exe
FirewallRules: [{7F190939-3B0A-4A73-9201-B59D92BFD672}] => (Allow) D:\SteamLibrary\steamapps\common\Team Fortress 2\hl2.exe
FirewallRules: [{ECC66F92-AE91-4818-836C-49E3D0945A13}] => (Allow) D:\SteamLibrary\steamapps\common\Team Fortress 2\hl2.exe
FirewallRules: [{9443E0FF-B77B-49F7-8978-81CB848CC2A4}] => (Allow) D:\SteamLibrary\steamapps\common\Far Cry 3 Blood Dragon\bin\FC3BDUpdaterSteam.exe
FirewallRules: [{E832DC4D-C30D-469B-9A27-801AA1050B45}] => (Allow) D:\SteamLibrary\steamapps\common\Far Cry 3 Blood Dragon\bin\FC3BDUpdaterSteam.exe
FirewallRules: [{7AA8A551-C73D-4336-85C5-127C4B931DE2}] => (Allow) F:\SteamLibrary\steamapps\common\mirrors edge\Binaries\MirrorsEdge.exe
FirewallRules: [{9943E1D8-2BA0-4D08-BEA3-FE3B9811BDBC}] => (Allow) F:\SteamLibrary\steamapps\common\mirrors edge\Binaries\MirrorsEdge.exe
FirewallRules: [{6DFC1FCA-FE9F-4A08-A2FD-673B7205C217}] => (Allow) F:\SteamLibrary\steamapps\common\Fallout 3\FalloutLauncher.exe
FirewallRules: [{86C800A3-F91D-4CDC-A766-C610761E0B2C}] => (Allow) F:\SteamLibrary\steamapps\common\Fallout 3\FalloutLauncher.exe
FirewallRules: [{E27BE22D-CB8F-4BA6-B171-EAF13ADF6292}] => (Allow) F:\SteamLibrary\steamapps\common\Battlefield Bad Company 2\BFBC2Game.exe
FirewallRules: [{2AFD3E77-0BC2-46B4-82E5-7BD1A977F9BC}] => (Allow) F:\SteamLibrary\steamapps\common\Battlefield Bad Company 2\BFBC2Game.exe
FirewallRules: [{67577B6B-004C-46BB-9A1B-0AA82C27B83E}] => (Allow) F:\SteamLibrary\steamapps\common\Peggle Deluxe\Peggle.exe
FirewallRules: [{5B7F6C00-6C93-4D82-9EB4-083FF817E3DC}] => (Allow) F:\SteamLibrary\steamapps\common\Peggle Deluxe\Peggle.exe
FirewallRules: [{D06C2296-2104-4EC7-9B89-8DDAD0B9CD8A}] => (Allow) F:\SteamLibrary\steamapps\common\BookWorm Deluxe\Bookworm.exe
FirewallRules: [{835EB7EB-9DEE-4819-AC59-F123B20880A0}] => (Allow) F:\SteamLibrary\steamapps\common\BookWorm Deluxe\Bookworm.exe
FirewallRules: [UDP Query User{D172D2A9-9CB3-4B78-9267-1F3ECC43B1CA}C:\users\christopher\appdata\local\popcorn time\nw.exe] => (Allow) C:\users\christopher\appdata\local\popcorn time\nw.exe
FirewallRules: [TCP Query User{1D8BDB86-6810-49F1-89B2-74A624656E2C}C:\users\christopher\appdata\local\popcorn time\nw.exe] => (Allow) C:\users\christopher\appdata\local\popcorn time\nw.exe
FirewallRules: [{A5A86D9A-91B3-4413-AC73-610076F2C0C5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dont_starve\bin\dontstarve_steam.exe
FirewallRules: [{4D11A366-307A-47E9-91AE-2416B247D52D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dont_starve\bin\dontstarve_steam.exe
FirewallRules: [{1EBE062D-A7BF-4C41-96CF-79147C05370C}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{DD11307D-4574-4C52-9BF0-EB20054D04B5}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{C833A21F-C701-4D81-A399-A86BE07A4B25}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{EA47CF39-4B9C-4F02-92AC-95349D873A30}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [TCP Query User{0308166D-2E51-4DA0-953A-70DC132BC918}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{CFD853A3-E2B7-406F-8DA2-AA3CBB3843B7}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [{4AAE0A24-3B02-4DDB-99E2-8321B3E70E40}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Far Cry 3\bin\FC3UpdaterSteam.exe
FirewallRules: [{39A9F5B6-4A0A-44C4-888C-5DE0F2853C0E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Far Cry 3\bin\FC3UpdaterSteam.exe
FirewallRules: [{41CA8AB8-69F1-4A69-9370-5AEA5CF033DE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Far Cry 3 Blood Dragon\bin\FC3BDUpdaterSteam.exe
FirewallRules: [{C8C65757-9168-4C86-92DE-B5B01A91AFFC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Far Cry 3 Blood Dragon\bin\FC3BDUpdaterSteam.exe
FirewallRules: [TCP Query User{B85201E4-EC2A-48FC-8344-2BA99405B33D}C:\users\christopher\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\christopher\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{35B58FF2-4EF3-4907-91EE-FF83BE4F486E}C:\users\christopher\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\christopher\appdata\roaming\spotify\spotify.exe
FirewallRules: [{A61E66FD-61A9-47E6-8BC3-F941F5638506}] => (Allow) D:\SteamLibrary\steamapps\common\SNOW\Bin64\playSNOW.exe
FirewallRules: [{12F92A92-65E9-4E69-B287-4C1B5DDF0D4C}] => (Allow) D:\SteamLibrary\steamapps\common\SNOW\Bin64\playSNOW.exe
FirewallRules: [TCP Query User{3E9BFCF6-2129-477C-B0A0-B2D6A7B6EC21}C:\users\christopher\appdata\local\programs\blackboard\blackboard collaborate launcher\resources\java\jre1.7.0_40\bin\javaw.exe] => (Allow) C:\users\christopher\appdata\local\programs\blackboard\blackboard collaborate launcher\resources\java\jre1.7.0_40\bin\javaw.exe
FirewallRules: [UDP Query User{D1264FAF-0EE1-4D21-A91D-EA9AF74BA14F}C:\users\christopher\appdata\local\programs\blackboard\blackboard collaborate launcher\resources\java\jre1.7.0_40\bin\javaw.exe] => (Allow) C:\users\christopher\appdata\local\programs\blackboard\blackboard collaborate launcher\resources\java\jre1.7.0_40\bin\javaw.exe
FirewallRules: [{9820F857-4138-4539-A4C4-238A25621ED0}] => (Allow) D:\SteamLibrary\steamapps\common\Warframe\Warframe.exe
FirewallRules: [{71B27C34-53AE-480D-ACFE-C554EFB92227}] => (Allow) D:\SteamLibrary\steamapps\common\Warframe\Warframe.x64.exe
FirewallRules: [{885BCD85-C809-4131-9641-6C49CC643D89}] => (Allow) D:\SteamLibrary\steamapps\common\Warframe\Warframe.exe
FirewallRules: [{3E71C019-EB33-493D-8463-9913BF0B4ED9}] => (Allow) D:\SteamLibrary\steamapps\common\Warframe\Warframe.x64.exe
FirewallRules: [{36955DBB-36CA-4A29-B28F-02F5D99D937C}] => (Allow) D:\SteamLibrary\steamapps\common\Warframe\Tools\Launcher.exe
FirewallRules: [{3D7F82D2-5081-4CF4-8BEA-256DF89825DE}] => (Allow) D:\SteamLibrary\steamapps\common\Warframe\Tools\RemoteCrashSender.exe
FirewallRules: [{0BD0518D-F05B-47CB-A27A-9747DFE8F37F}] => (Allow) D:\SteamLibrary\steamapps\common\Warframe\Warframe.exe
FirewallRules: [{95DF8893-59C8-495D-8F47-E3EC5EAF8523}] => (Allow) D:\SteamLibrary\steamapps\common\Warframe\Warframe.x64.exe
FirewallRules: [{44B2C2E4-B5A8-40D3-93CF-782E527F4CAE}] => (Allow) D:\SteamLibrary\steamapps\common\Warframe\Warframe.exe
FirewallRules: [{AEC73865-0580-4F8C-8A1C-2F3300C55D09}] => (Allow) D:\SteamLibrary\steamapps\common\Warframe\Warframe.x64.exe
FirewallRules: [{6865C144-2852-42C5-8A17-E7D96ACE7365}] => (Allow) D:\SteamLibrary\steamapps\common\Warframe\Tools\Launcher.exe
FirewallRules: [{E951BB84-A98E-446C-A49B-5481381E2BF3}] => (Allow) D:\SteamLibrary\steamapps\common\Warframe\Tools\RemoteCrashSender.exe
FirewallRules: [{65A0C97B-A3E2-46BC-A615-7E3D11124028}] => (Allow) D:\SteamLibrary\steamapps\common\dont_starve\bin\dontstarve_steam.exe
FirewallRules: [{B67AB9BE-2D80-4494-9A78-97CA75F1866D}] => (Allow) D:\SteamLibrary\steamapps\common\dont_starve\bin\dontstarve_steam.exe
FirewallRules: [{44B0614F-03BD-422C-B6FB-F68216A6B99D}] => (Allow) D:\SteamLibrary\steamapps\common\Portal 2\portal2.exe
FirewallRules: [{12E67C13-82B6-4633-B995-9CDB4FB90498}] => (Allow) D:\SteamLibrary\steamapps\common\Portal 2\portal2.exe
FirewallRules: [TCP Query User{D1AB03EE-5EEF-4B49-A338-673202210C3A}D:\overwatch\overwatch.exe] => (Allow) D:\overwatch\overwatch.exe
FirewallRules: [UDP Query User{0595CA69-FFA1-4870-B51A-B79C333F8182}D:\overwatch\overwatch.exe] => (Allow) D:\overwatch\overwatch.exe
FirewallRules: [{D1E42F74-6FC4-47F3-8F4E-23994A969A60}] => (Block) D:\overwatch\overwatch.exe
FirewallRules: [{F7EDC3FC-41FC-4917-995C-E02B8562424A}] => (Block) D:\overwatch\overwatch.exe
FirewallRules: [{A6E6DE5F-287A-4E6D-8D2D-85F04B3A17C4}] => (Allow) C:\Program Files\Sony\Vegas Pro 13.0\vegas130.exe
FirewallRules: [{89430BC3-4C10-4794-94D7-7A0EEC4CE432}] => (Allow) C:\Program Files\Sony\Vegas Pro 13.0\vegas130.exe
FirewallRules: [{7D4B91E4-4442-4649-9C18-5AC7820A90EA}] => (Allow) C:\Program Files\Sony\Vegas Pro 13.0\vegas130.exe
FirewallRules: [{BC79E3F1-2D37-42E3-B5DE-9408777C4A5E}] => (Allow) C:\Program Files\Sony\Vegas Pro 13.0\vegas130.exe
FirewallRules: [{E0346467-8A7D-4F7E-8AE4-DCA81339EABA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dark Souls Prepare to Die Edition\DATA\DARKSOULS.exe
FirewallRules: [{EDB952B1-607F-4C44-9F73-873238185156}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dark Souls Prepare to Die Edition\DATA\DARKSOULS.exe
FirewallRules: [{D376116C-2841-4730-A62A-10611C6F0CE3}] => (Allow) C:\Users\Christopher\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{74CFC9C7-406F-42A7-B0FD-CE0B30467F6F}] => (Allow) C:\Users\Christopher\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{66130DFE-D88F-4D14-84CF-E0E2409D0F04}] => (Allow) C:\Users\Christopher\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{31464897-4A83-4834-BAC5-B67A48FAF4B9}] => (Allow) C:\Users\Christopher\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{B1A29DD4-E33E-402C-8DDC-9C2208E118F1}] => (Allow) C:\Users\Christopher\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{9548C07C-DD49-4DF9-B37A-575F60883D1F}] => (Allow) C:\Users\Christopher\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [TCP Query User{CE975A22-6C97-4429-A331-5DDBFDDEAA11}D:\overwatch test\overwatch.exe] => (Allow) D:\overwatch test\overwatch.exe
FirewallRules: [UDP Query User{42BA0A37-6D50-4D78-9EE1-3C1DDB63E5CA}D:\overwatch test\overwatch.exe] => (Allow) D:\overwatch test\overwatch.exe
FirewallRules: [{95C5992B-52DE-4B02-B5C8-29A2C24A4D36}] => (Block) D:\overwatch test\overwatch.exe
FirewallRules: [{5C8310E4-B4B8-48B7-80FA-2436258B46AE}] => (Block) D:\overwatch test\overwatch.exe
FirewallRules: [TCP Query User{85A915BA-3B8B-433C-87F4-038A31764A32}C:\program files\cloud imperium games\patcher\cigpatcher.exe] => (Allow) C:\program files\cloud imperium games\patcher\cigpatcher.exe
FirewallRules: [UDP Query User{C3EB61ED-61DA-4832-9433-8F1DCE44A959}C:\program files\cloud imperium games\patcher\cigpatcher.exe] => (Allow) C:\program files\cloud imperium games\patcher\cigpatcher.exe
FirewallRules: [{3A36CE03-3F3F-4DA8-B12F-8F6C997C0336}] => (Block) C:\program files\cloud imperium games\patcher\cigpatcher.exe
FirewallRules: [{A93FB243-88D9-44AA-ADFE-8DB2E15D8DE9}] => (Block) C:\program files\cloud imperium games\patcher\cigpatcher.exe
FirewallRules: [TCP Query User{CC155594-3923-47F4-9B78-BCF2EFF4A6F5}D:\star citizen\cloud imperium games\patcher\cigpatcher.exe] => (Allow) D:\star citizen\cloud imperium games\patcher\cigpatcher.exe
FirewallRules: [UDP Query User{9E8323B7-8051-4591-A3FE-D0296738D786}D:\star citizen\cloud imperium games\patcher\cigpatcher.exe] => (Allow) D:\star citizen\cloud imperium games\patcher\cigpatcher.exe
FirewallRules: [{9E1B782E-7EA3-44E4-9B27-6A7EBDF1F788}] => (Block) D:\star citizen\cloud imperium games\patcher\cigpatcher.exe
FirewallRules: [{C71139DA-CABA-4ADE-9A67-658CD70BC4CD}] => (Block) D:\star citizen\cloud imperium games\patcher\cigpatcher.exe
FirewallRules: [TCP Query User{571E57FA-BC89-4B1F-8F4C-82CFF76A69F4}D:\star citizen\cloud imperium games\starcitizen\public\bin64\starcitizen.exe] => (Allow) D:\star citizen\cloud imperium games\starcitizen\public\bin64\starcitizen.exe
FirewallRules: [UDP Query User{2F632AA3-C834-4505-B3C3-BCAAFA1DDE4C}D:\star citizen\cloud imperium games\starcitizen\public\bin64\starcitizen.exe] => (Allow) D:\star citizen\cloud imperium games\starcitizen\public\bin64\starcitizen.exe
FirewallRules: [{62520C17-A31C-4CB7-84AD-BDC129410715}] => (Block) D:\star citizen\cloud imperium games\starcitizen\public\bin64\starcitizen.exe
FirewallRules: [{8887F747-E9D1-4EBE-AD83-AE42D8AC00B8}] => (Block) D:\star citizen\cloud imperium games\starcitizen\public\bin64\starcitizen.exe
FirewallRules: [TCP Query User{2B27379D-B8C8-4682-8F36-9D057FACE607}C:\program files (x86)\java\jre1.8.0_101\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_101\bin\javaw.exe
FirewallRules: [UDP Query User{351ECA6D-48B0-4F20-B9EA-CF9D67DDDA20}C:\program files (x86)\java\jre1.8.0_101\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_101\bin\javaw.exe
FirewallRules: [{C6C1A113-6701-4F2E-BB55-431361BBDA9B}] => (Allow) D:\SteamLibrary\steamapps\common\American Truck Simulator Demo\bin\win_x64\amtrucks.exe
FirewallRules: [{C21AD1FE-971A-4D8C-8B46-53E40BD7726C}] => (Allow) D:\SteamLibrary\steamapps\common\American Truck Simulator Demo\bin\win_x64\amtrucks.exe
FirewallRules: [{C64E8EA6-236B-4865-BD50-FEE9FDF9F8DD}] => (Allow) D:\SteamLibrary\steamapps\common\BioShock Remastered\Build\Final\Bioshock.exe
FirewallRules: [{055AEC9F-869A-4879-A65F-BA4A7D6EC804}] => (Allow) D:\SteamLibrary\steamapps\common\BioShock Remastered\Build\Final\Bioshock.exe
FirewallRules: [{51D7D0B6-A1B6-48DB-A745-A3724B5AC3FF}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{0724C89D-8E3F-4803-9A36-25CE4E00A947}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{F298898C-170E-4713-811B-AD10B890D242}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{16AC0484-7453-4A53-BD1A-635E0661C37A}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{F50776B2-C4F4-421B-AF51-49E58C60632C}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{638C01A3-4D2A-457F-A2D6-32710631A1BB}] => (Allow) C:\Program Files (x86)\Google\Chrome Remote Desktop\59.0.3071.47\remoting_host.exe
FirewallRules: [{338D91DD-F0FC-43DB-94E7-1E296E00704B}] => (Allow) D:\SteamLibrary\steamapps\common\Far Cry 4\bin\FarCry4.exe
FirewallRules: [{F20BEA3C-3B20-484A-804C-661345DE661F}] => (Allow) D:\SteamLibrary\steamapps\common\Far Cry 4\bin\FarCry4.exe
FirewallRules: [{F6C0A671-B8B0-4158-9D72-A5A71CFBCF23}] => (Allow) D:\SteamLibrary\steamapps\common\Portal Stories Mel\portal2.exe
FirewallRules: [{5BFB1072-AFF9-447A-AA40-1A65954A5BCD}] => (Allow) D:\SteamLibrary\steamapps\common\Portal Stories Mel\portal2.exe
FirewallRules: [{C485E017-AB3E-4115-9A84-269A104D20D0}] => (Allow) D:\SteamLibrary\steamapps\common\Far Cry 4\bin\IGE_WPF64.exe
FirewallRules: [{D9761522-A047-4E19-866F-0C78F860B85E}] => (Allow) D:\SteamLibrary\steamapps\common\Far Cry 4\bin\IGE_WPF64.exe
FirewallRules: [{AF69112A-CA65-4260-B8A5-9C7389275607}] => (Allow) D:\SteamLibrary\steamapps\common\The Witcher 3\bin\x64\witcher3.exe
FirewallRules: [{1E1DE3D8-E75B-465B-9337-E35E8AC0F711}] => (Allow) D:\SteamLibrary\steamapps\common\The Witcher 3\bin\x64\witcher3.exe
FirewallRules: [{F1AAB3B7-711A-4DF1-AEEA-B6DE2F1F1FCA}] => (Allow) D:\SteamLibrary\steamapps\common\ShadowOfMordor\x64\ShadowOfMordor.exe
FirewallRules: [{D0BFD3D3-403B-4DD7-B91F-69E2094CEE02}] => (Allow) D:\SteamLibrary\steamapps\common\ShadowOfMordor\x64\ShadowOfMordor.exe
FirewallRules: [{8823DE3B-827B-4169-B86E-883331E2E6CE}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{C1AC8B3F-DCFA-4ACF-B5F3-05C5790203F2}] => (Allow) D:\SteamLibrary\steamapps\common\Half-Life 2\hl2.exe
FirewallRules: [{D5A81C4A-86F6-4FFE-8E13-F0D06D53BBF1}] => (Allow) D:\SteamLibrary\steamapps\common\Half-Life 2\hl2.exe
FirewallRules: [{EFA34193-D4AA-42E1-97CB-DE3C17A2FBE6}] => (Allow) C:\Program Files\Opera\46.0.2597.32\opera.exe
FirewallRules: [TCP Query User{192DF325-576F-43C6-AEA3-49236CFE2A83}C:\users\christopher\appdata\local\google\chrome\application\chrome.exe] => (Allow) C:\users\christopher\appdata\local\google\chrome\application\chrome.exe
FirewallRules: [UDP Query User{5B1E16D5-95AA-47BA-B3EB-8C68B7B1C345}C:\users\christopher\appdata\local\google\chrome\application\chrome.exe] => (Allow) C:\users\christopher\appdata\local\google\chrome\application\chrome.exe
FirewallRules: [{110411DA-6A02-49C5-9E88-7B9D794DFC21}] => (Allow) D:\SteamLibrary\steamapps\common\LawBreakers\ShooterGame\Binaries\Win64\LawBreakers.exe
FirewallRules: [{CF722BEE-FB91-4964-B3A7-3838705018A8}] => (Allow) D:\SteamLibrary\steamapps\common\LawBreakers\ShooterGame\Binaries\Win64\LawBreakers.exe
FirewallRules: [{D43D862F-5E27-41E0-9062-FACA550DB8E8}] => (Allow) D:\SteamLibrary\steamapps\common\Watch_Dogs\bin\watch_dogs.exe
FirewallRules: [{53CD6E22-BC2F-47AB-A96A-DE8D638E20CC}] => (Allow) D:\SteamLibrary\steamapps\common\Watch_Dogs\bin\watch_dogs.exe
FirewallRules: [{0B3E5718-1B84-4830-A06A-8C84BA3AABC9}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{A6EFC243-C38A-4EB3-9BBE-245A2CCACDEA}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{1B84E479-E912-4B7E-AC66-6174954230F1}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{8FB7D49D-3C60-47D3-A958-9C7B547BDF61}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [TCP Query User{FC2FCA9F-A828-43B5-B08F-B7E43381481E}C:\users\christopher\appdata\local\google\chrome\application\chrome.exe] => (Allow) C:\users\christopher\appdata\local\google\chrome\application\chrome.exe
FirewallRules: [UDP Query User{7622717D-8EF6-4B64-9261-646F0AF48C63}C:\users\christopher\appdata\local\google\chrome\application\chrome.exe] => (Allow) C:\users\christopher\appdata\local\google\chrome\application\chrome.exe
FirewallRules: [{E0516EE1-C64C-4860-841A-71D5E3A7C309}] => (Allow) D:\SteamLibrary\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [{311C02A5-8BCA-4DD9-976C-C325495AA37A}] => (Allow) D:\SteamLibrary\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [{FBFF95DA-8566-4975-8E27-CCFD5EFFEF1A}] => (Allow) D:\SteamLibrary\steamapps\common\Unturned\Unturned_BE.exe
FirewallRules: [{77A3C484-7DC4-494F-B5B5-C9C2F27AD92A}] => (Allow) D:\SteamLibrary\steamapps\common\Unturned\Unturned_BE.exe
FirewallRules: [{49118F57-6AEC-489F-A604-E9A75CBC2BF6}] => (Allow) D:\SteamLibrary\steamapps\common\Unturned\Unturned.exe
FirewallRules: [{1CB4CF31-E926-4981-BC91-968D3E065E3F}] => (Allow) D:\SteamLibrary\steamapps\common\Unturned\Unturned.exe
FirewallRules: [{CF6552FB-09FA-4E35-BADE-E6394881F6FF}] => (Allow) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
FirewallRules: [{7BDB19E0-1DBE-4E38-8FAD-6978FD5DD8D9}] => (Allow) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
FirewallRules: [{95CD88DB-4B65-4E11-A6EC-2249E62973D7}] => (Allow) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
FirewallRules: [{FD0656E8-F212-45CD-BF9A-671F7F7EFDF4}] => (Allow) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
FirewallRules: [TCP Query User{0822C701-66D0-45BD-B729-F4F1051ABDAD}C:\users\christopher\desktop\saviine1.1b\server\saviine_server.exe] => (Allow) C:\users\christopher\desktop\saviine1.1b\server\saviine_server.exe
FirewallRules: [UDP Query User{2DF042B3-56DC-401B-A8A6-40528B0FB930}C:\users\christopher\desktop\saviine1.1b\server\saviine_server.exe] => (Allow) C:\users\christopher\desktop\saviine1.1b\server\saviine_server.exe
FirewallRules: [{778A0481-53AB-4450-8846-1B58B2B40709}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{72F66C74-D893-4CEB-94C4-0B875DCE87B0}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe

==================== Restore Points =========================

09-07-2017 17:53:06 Scheduled Checkpoint

==================== Faulty Device Manager Devices =============

Name: LogMeIn Hamachi Virtual Ethernet Adapter
Description: LogMeIn Hamachi Virtual Ethernet Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: LogMeIn Inc.
Service: Hamachi
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (07/11/2017 12:49:10 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: License Activation (slui.exe) failed with the following error code:
hr=0x803F7001
Command-line arguments:
RuleId=31e71c49-8da7-4a2f-ad92-45d98a1c79ba;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=4de7cb65-cdf1-4de9-8ae8-e3cce27b9f2c;NotificationInterval=1440;Trigger=NetworkAvailable

Error: (07/11/2017 12:49:08 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: License Activation (slui.exe) failed with the following error code:
hr=0x803F7001
Command-line arguments:
RuleId=31e71c49-8da7-4a2f-ad92-45d98a1c79ba;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=4de7cb65-cdf1-4de9-8ae8-e3cce27b9f2c;NotificationInterval=1440;Trigger=UserLogon;SessionId=1

Error: (07/11/2017 12:34:26 PM) (Source: Microsoft Security Client Setup) (EventID: 100) (User: CHRISTOPHERPC)
Description: HRESULT:0x8004FF6F
Description:You don’t need to install Microsoft Security Essentials. Your version of Windows includes an updated version of Windows Defender that provides the same level of protection as Microsoft Security Essentials, along with other significant improvements. <a>For more information on the differences and improvements, see online Help</a>. Error code:0x8004FF6F.

Error: (07/11/2017 09:42:09 AM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: License Activation (slui.exe) failed with the following error code:
hr=0x803F7001
Command-line arguments:
RuleId=31e71c49-8da7-4a2f-ad92-45d98a1c79ba;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=4de7cb65-cdf1-4de9-8ae8-e3cce27b9f2c;NotificationInterval=1440;Trigger=NetworkAvailable

Error: (07/11/2017 09:42:07 AM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: License Activation (slui.exe) failed with the following error code:
hr=0x803F7001
Command-line arguments:
RuleId=31e71c49-8da7-4a2f-ad92-45d98a1c79ba;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=4de7cb65-cdf1-4de9-8ae8-e3cce27b9f2c;NotificationInterval=1440;Trigger=UserLogon;SessionId=2

Error: (07/10/2017 03:47:49 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: CHRISTOPHERPC)
Description: Package Microsoft.Windows.ShellExperienceHost_10.0.15063.332_neutral_neutral_cw5n1h2txyewy+App was terminated because it took too long to suspend.

Error: (07/10/2017 01:24:04 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: License Activation (slui.exe) failed with the following error code:
hr=0x803F7001
Command-line arguments:
RuleId=31e71c49-8da7-4a2f-ad92-45d98a1c79ba;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=4de7cb65-cdf1-4de9-8ae8-e3cce27b9f2c;NotificationInterval=1440;Trigger=NetworkAvailable

Error: (07/10/2017 01:24:04 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: License Activation (slui.exe) failed with the following error code:
hr=0x803F7001
Command-line arguments:
RuleId=31e71c49-8da7-4a2f-ad92-45d98a1c79ba;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=4de7cb65-cdf1-4de9-8ae8-e3cce27b9f2c;NotificationInterval=1440;Trigger=NetworkAvailable

Error: (07/10/2017 01:21:15 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: License Activation (slui.exe) failed with the following error code:
hr=0x803F7001
Command-line arguments:
RuleId=31e71c49-8da7-4a2f-ad92-45d98a1c79ba;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=4de7cb65-cdf1-4de9-8ae8-e3cce27b9f2c;NotificationInterval=1440;Trigger=NetworkAvailable

Error: (07/10/2017 01:21:13 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: License Activation (slui.exe) failed with the following error code:
hr=0x800704CF
Command-line arguments:
RuleId=31e71c49-8da7-4a2f-ad92-45d98a1c79ba;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=4de7cb65-cdf1-4de9-8ae8-e3cce27b9f2c;NotificationInterval=1440;Trigger=UserLogon;SessionId=1


System errors:
=============
Error: (07/11/2017 12:48:56 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The srcsrv service failed to start due to the following error:
The system cannot find the file specified.

Error: (07/11/2017 12:48:55 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The CldFlt service failed to start due to the following error:
The request is not supported.

Error: (07/11/2017 12:48:55 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 12:20:39 PM on ‎7/‎11/‎2017 was unexpected.

Error: (07/11/2017 09:42:46 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Steam Client Service service failed to start due to the following error:
The service did not respond to the start or control request in a timely fashion.

Error: (07/11/2017 09:42:46 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Steam Client Service service to connect.

Error: (07/10/2017 11:13:31 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: The server {F3B4E234-7A68-4E43-B813-E4BA55A065F6} did not register with DCOM within the required timeout.

Error: (07/10/2017 01:24:06 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: The LogMeIn Hamachi Tunneling Engine service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.

Error: (07/10/2017 01:21:26 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Origin Web Helper Service service failed to start due to the following error:
The service did not respond to the start or control request in a timely fashion.

Error: (07/10/2017 01:21:26 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Origin Web Helper Service service to connect.

Error: (07/10/2017 01:20:56 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The srcsrv service failed to start due to the following error:
The system cannot find the file specified.


CodeIntegrity:
===================================
Date: 2017-07-11 10:19:46.030
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2017-07-10 22:29:34.578
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.

Date: 2017-07-10 21:57:13.336
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.

Date: 2017-07-10 10:15:30.538
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2017-07-09 10:34:16.450
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2017-07-04 09:53:52.431
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2017-07-03 15:37:21.066
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2017-06-30 23:53:10.161
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2017-06-30 01:27:04.258
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2017-06-29 23:29:48.152
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.


==================== Memory info ===========================

Processor: Intel(R) Core(TM) i5-4440 CPU @ 3.10GHz
Percentage of memory in use: 57%
Total physical RAM: 8135.17 MB
Available physical RAM: 3491.02 MB
Total Virtual: 13255.17 MB
Available Virtual: 7561.48 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:232.34 GB) (Free:126.15 GB) NTFS
Drive d: (WD 1TB Drive) (Fixed) (Total:930.73 GB) (Free:321.1 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 232.9 GB) (Disk ID: 0271FAE3)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=232.3 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=455 MB) - (Type=27)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: A9D08188)
Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=930.7 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=450 MB) - (Type=27)

==================== End of Addition.txt ============================
 
In Windows 10 Windows Defender is renamed Microsoft Essentials so you do have an AV program. That's all you need :)

redtarget.gif
Download RogueKiller from one of the following links and save it to your Desktop:

Link 1
Link 2
  • Close all the running programs
  • Double click on downloaded setup.exe file to install the program.
  • Click on Start Scan button.
  • Click on another Start Scan button.
  • Wait until the Status box shows Scan Finished
  • Click on Delete.
  • Wait until the Status box shows Deleting Finished.
  • Click on Report and copy/paste the content of the Notepad into your next reply.
  • RKreport.txt could also be found on your desktop.
  • If more than one log is produced post all logs.
redtarget.gif
Please download Malwarebytes to your desktop.
  • Double-click mb3-setup-consumer-{version}.exe and follow the prompts to install the program.
  • Then click Finish.
  • Once the program has fully updated, select Scan Now on the Dashboard. Or select the Threat Scan from the Scan menu.
  • If another update of the definitions is available, it will be implemented before the rest of the scanning procedure.
  • When the scan is complete, make sure that all Threats are selected, and click Remove Selected.
  • Restart your computer when prompted to do so.
  • The Scan log is available throughout History ->Application logs. Please post it contents in your next reply.
redtarget.gif
Please download AdwCleaner by Xplode and save to your Desktop.
  • Double click on AdwCleaner.exe to run the tool.
    Vista/Windows 7/8 users right-click and select Run As Administrator
  • The tool will start to update the database if one is required.
  • Click on the Scan button.
  • AdwCleaner will begin...be patient as the scan may take some time to complete.
  • After the scan has finished, click on the Logfile button.
  • A window will open which lists the logs of your scans.
  • Click on the Scan tab.
  • Double-click the most recent scan which will be at the top of the list....the log will appear.
  • Review the results...see note below
  • After reviewing the log, click on the Clean button.
  • Press OK when asked to close all programs and follow the onscreen prompts.
  • Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
  • After rebooting, a logfile report (AdwCleaner[CX].txt) will open automatically (where the largest value of X represents the most recent report).
  • To open a Cleaning log, launch AdwareClearer, click on the Logfile button, click on the Cleaning tab and double-click the log at the top of the list.
  • Copy and paste the contents of AdwCleaner[CX].txt in your next reply.
  • A copy of all logfiles are saved to C:\AdwCleaner.
-- Note: The contents of the AdwCleaner log file may be confusing. Unless you see a program name or entry that you recognize and know should not be removed, don't worry about it. If you see an entry you want to keep, return to AdwCleaner before cleaning...all detected items will be listed (and checked) in each tab. Click on and uncheck any items you want to keep.


redtarget.gif
Please download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista or Seven, right-mouse click it and select Run as Administrator.
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.
 
Some things to note: Malwarebytes just doesn't work. It brings up an error message about "Unable to connect the service" or something like that after installing. I've tried a previous version and did a full custom scan of the drive, but it found nothing. JRT didn't work either. It gave me an error that I took a screenshot of: http://puu.sh/wHf1Q/0368ce7140.jpg
Lastly, after running those scans (RogueKiller and AdwCleaner), the adware was still there.
Here I have the log files for RogueKiller and AdwCleaner:

RogueKiller V12.11.6.0 (x64) [Jul 10 2017] (Free) by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : https://forum.adlice.com
Website : http://www.adlice.com/download/roguekiller/
Blog : http://www.adlice.com

Operating System : Windows 10 (10.0.15063) 64 bits version
Started in : Normal mode
User : ChristopherAubert [Administrator]
Started from : C:\Program Files\RogueKiller\RogueKiller64.exe
Mode : Delete -- Date : 07/11/2017 16:39:11 (Duration : 00:43:53)
Switches : -refid

¤¤¤ Processes : 9 ¤¤¤
[Adw.Yelloader|Suspicious.Path|VT.Adware.Yelloader] dataup.exe(3340) -- C:\Users\Christopher\AppData\Local\ntuserlitelist\dataup\dataup.exe[-] -> Killed [TermProc]
[Adw.Yelloader] tprdpw64.exe(6792) -- C:\windows\system32\tprdpw64.exe[x] -> Killed [TermProc]
[Adw.Yelloader|Suspicious.Path|VT.HEUR:Trojan.Win32.Generic] svcvmx.exe(13940) -- C:\Users\Christopher\AppData\Local\ntuserlitelist\svcvmx\svcvmx.exe[-] -> Killed [TermProc]
[Adw.Yelloader|Suspicious.Path|VT.HEUR:Trojan.Win32.Generic] vmxclient.exe(14240) -- C:\Users\Christopher\AppData\Local\ntuserlitelist\svcvmx\vmxclient.exe[-] -> Killed [TermProc]
[Adw.Yelloader|Suspicious.Path|VT.HEUR:Trojan.Win32.Generic] vmxclient.exe(816) -- C:\Users\Christopher\AppData\Local\ntuserlitelist\svcvmx\vmxclient.exe[-] -> Killed [TermProc]
[Suspicious.Path|VT.Adware.Agent] ct.exe(5080) -- C:\Users\Christopher\AppData\Local\lqylpia\ykvvg\ct.exe[-] -> Killed [TermProc]
[Adw.Yelloader|Suspicious.Path|VT.HEUR:Trojan.Win32.Generic] vmxclient.exe(6540) -- C:\Users\Christopher\AppData\Local\ntuserlitelist\svcvmx\vmxclient.exe[-] -> Killed [TermThr]
[PUP.Gen0|VT.Adware.Yelloader] (SVC) Dataup -- C:\Users\Christopher\AppData\Local\ntuserlitelist\dataup\dataup.exe[-] -> Stopped
[PUP.Gen0|VT.Adware.Agent] (SVC) windowsmanagementservice -- C:\Users\Christopher\AppData\Local\lqylpia\ykvvg\ct.exe[-] -> Stopped

¤¤¤ Registry : 32 ¤¤¤
[PUP.DownloadAssistant] (X86) HKEY_LOCAL_MACHINE\Software\DVDVideoSoft -> Deleted
[PUP.DownloadAssistant] (X64) HKEY_USERS\S-1-5-21-3319825686-2643767977-2016650390-1001\Software\DVDVideoSoft -> Deleted
[PUP.DownloadAssistant] (X86) HKEY_USERS\S-1-5-21-3319825686-2643767977-2016650390-1001\Software\DVDVideoSoft -> Deleted
[Adw.Yelloader|Suspicious.Path] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run | cpx : "C:\Users\Christopher\AppData\Local\ntuserlitelist\cpx\cpx.exe" -starup [x] -> ERROR [5]
[Adw.Yelloader|Suspicious.Path|VT.HEUR:Trojan.Win32.Generic] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run | svcvmx : "C:\Users\Christopher\AppData\Local\ntuserlitelist\svcvmx\svcvmx.exe" -starup [-] -> ERROR [5]
[Adw.WinResSync|Suspicious.Path] (X64) HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce | WinResSync : C:\Windows\system32\regsvr32.exe /s "C:\Users\Christopher\AppData\Roaming\Microsoft\Protect\1ffbdafb-e426-4797-a49b-28263145e01c.rs" [x] -> Deleted
[Adw.WinResSync|Suspicious.Path] (X86) HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce | WinResSync : C:\Windows\system32\regsvr32.exe /s "C:\Users\Christopher\AppData\Roaming\Microsoft\Protect\1ffbdafb-e426-4797-a49b-28263145e01c.rs" [x] -> ERROR [2]
[Adw.WinResSync|Suspicious.Path] (X64) HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\RunOnce | WinResSync : C:\Windows\system32\regsvr32.exe /s "C:\Users\Christopher\AppData\Roaming\Microsoft\Protect\1ffbdafb-e426-4797-a49b-28263145e01c.rs" [x] -> ERROR [2]
[Adw.WinResSync|Suspicious.Path] (X86) HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\RunOnce | WinResSync : C:\Windows\system32\regsvr32.exe /s "C:\Users\Christopher\AppData\Roaming\Microsoft\Protect\1ffbdafb-e426-4797-a49b-28263145e01c.rs" [x] -> ERROR [2]
[PUP.Gen0|Adw.Yelloader|Suspicious.Path|VT.Adware.Yelloader] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Dataup (C:\Users\Christopher\AppData\Local\ntuserlitelist\dataup\dataup.exe) -> ERROR [5]
[PUP.BetterAds] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\srcsrv (C:\Windows\src_srv\winsrcsrv.exe) -> Deleted
[PUP.Gen0|Suspicious.Path|VT.Adware.Agent] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\windowsmanagementservice (C:\Users\Christopher\AppData\Local\lqylpia\ykvvg\ct.exe) -> ERROR [5]
[PUM.Proxy] (X64) HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyEnable : 1 -> Not selected
[PUM.Proxy] (X86) HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyEnable : 1 -> Not selected
[PUM.Proxy] (X64) HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyEnable : 1 -> Not selected
[PUM.Proxy] (X86) HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyEnable : 1 -> Not selected
[PUM.Proxy] (X64) HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyEnable : 1 -> Not selected
[PUM.Proxy] (X86) HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyEnable : 1 -> Not selected
[PUM.Proxy] (X64) HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyEnable : 1 -> Not selected
[PUM.Proxy] (X86) HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyEnable : 1 -> Not selected
[PUM.Proxy] (X64) HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyServer : 127.0.0.1:8003 -> Not selected
[PUM.Proxy] (X86) HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyServer : 127.0.0.1:8003 -> Not selected
[PUM.Proxy] (X64) HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyServer : 127.0.0.1:8003 -> Not selected
[PUM.Proxy] (X86) HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyServer : 127.0.0.1:8003 -> Not selected
[PUM.Proxy] (X64) HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyServer : 127.0.0.1:8003 -> Not selected
[PUM.Proxy] (X86) HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyServer : 127.0.0.1:8003 -> Not selected
[PUM.Proxy] (X64) HKEY_USERS\S-1-5-21-3319825686-2643767977-2016650390-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyServer : 127.0.0.1:8003 -> Not selected
[PUM.Proxy] (X86) HKEY_USERS\S-1-5-21-3319825686-2643767977-2016650390-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyServer : 127.0.0.1:8003 -> Not selected
[PUM.Proxy] (X64) HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyServer : 127.0.0.1:8003 -> Not selected
[PUM.Proxy] (X86) HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyServer : 127.0.0.1:8003 -> Not selected
[Suspicious.Path|PUP.Gen1] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | UDP Query User{D172D2A9-9CB3-4B78-9267-1F3ECC43B1CA}C:\users\christopher\appdata\local\popcorn time\nw.exe : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|Profile=Public|App=C:\users\christopher\appdata\local\popcorn time\nw.exe|Name=nw.exe|Desc=nw.exe|Defer=User| [x] -> Deleted
[Suspicious.Path|PUP.Gen1] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | TCP Query User{1D8BDB86-6810-49F1-89B2-74A624656E2C}C:\users\christopher\appdata\local\popcorn time\nw.exe : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|Profile=Public|App=C:\users\christopher\appdata\local\popcorn time\nw.exe|Name=nw.exe|Desc=nw.exe|Defer=User| [x] -> Deleted

¤¤¤ Tasks : 1 ¤¤¤
[Hj.Shortcut] \{8AF43355-711F-4F33-8C58-8AC18538AB0E} -- "c:\program files (x86)\google\chrome\application\chrome.exe" (http://ui.skype.com/ui/0/7.23.0.105/en/abandoninstall?page=tsMain) -> Deleted

¤¤¤ Files : 15 ¤¤¤
[Adw.Yelloader][] C:\Windows\System32\tprdpw64.exe -> Found
[PUP.DownloadAssistant][Folder] C:\Users\Christopher\AppData\Roaming\DVDVideoSoft -> Deleted
[PUP.DownloadAssistant][File] C:\Users\Christopher\AppData\Roaming\DVDVideoSoft\logs\app_updater.log -> Deleted
[PUP.DownloadAssistant][Folder] C:\Users\Christopher\AppData\Roaming\DVDVideoSoft\logs\FreeVideoEditor -> Deleted
[PUP.DownloadAssistant][File] C:\Users\Christopher\AppData\Roaming\DVDVideoSoft\logs\FreeVideoEditor.log -> Deleted
[PUP.DownloadAssistant][File] C:\Users\Christopher\AppData\Roaming\DVDVideoSoft\logs\FreeVideoEditor_install.txt -> Deleted
[PUP.DownloadAssistant][File] C:\Users\Christopher\AppData\Roaming\DVDVideoSoft\logs\FreeVideoEditor_uninstall.txt -> Deleted
[PUP.DownloadAssistant][File] C:\Users\Christopher\AppData\Roaming\DVDVideoSoft\logs\Uninstall.log -> Deleted
[PUP.DownloadAssistant][Folder] C:\Users\Christopher\AppData\Roaming\DVDVideoSoft\logs\updhelper -> Deleted
[PUP.DownloadAssistant][File] C:\Users\Christopher\AppData\Roaming\DVDVideoSoft\logs\updhelper.log -> Deleted
[PUP.DownloadAssistant][Folder] C:\Users\Christopher\AppData\Roaming\DVDVideoSoft\logs -> Deleted
[PUP.DownloadAssistant][File] C:\Users\Christopher\AppData\Roaming\DVDVideoSoft\Stat\cfg\versions.xml -> Deleted
[PUP.DownloadAssistant][File] C:\Users\Christopher\AppData\Roaming\DVDVideoSoft\Stat\cfg\versions.xml.lck -> Deleted
[PUP.DownloadAssistant][File] C:\Users\Christopher\AppData\Roaming\DVDVideoSoft\Stat\cfg\versions_tmp.xml.gz.lck -> Deleted
[PUP.DownloadAssistant][File] C:\Users\Christopher\AppData\Roaming\DVDVideoSoft\Stat\cfg\versions_tmp.xml.lck -> Deleted
[PUP.DownloadAssistant][Folder] C:\Users\Christopher\AppData\Roaming\DVDVideoSoft\Stat\cfg -> Deleted
[PUP.DownloadAssistant][Folder] C:\Users\Christopher\AppData\Roaming\DVDVideoSoft\Stat\logstorage -> Deleted
[PUP.DownloadAssistant][Folder] C:\Users\Christopher\AppData\Roaming\DVDVideoSoft\Stat\storage -> Deleted
[PUP.DownloadAssistant][Folder] C:\Users\Christopher\AppData\Roaming\DVDVideoSoft\Stat -> Deleted
[Tr.Gen0][File] C:\Users\Christopher\AppData\Roaming\uTorrent\updates\3.4.7_42330\utorrentie.exe -> Deleted
[Tr.Gen0][File] C:\Users\Christopher\AppData\Roaming\uTorrent\updates\3.4.8_42449\utorrentie.exe -> Deleted
[Tr.Gen0][File] C:\Users\Christopher\AppData\Roaming\uTorrent\updates\3.4.9_42923\utorrentie.exe -> Deleted
[Tr.Gen0][File] C:\Users\Christopher\AppData\Roaming\uTorrent\updates\3.4.9_42973\utorrentie.exe -> Deleted
[Tr.Gen0][File] C:\Users\Christopher\AppData\Roaming\uTorrent\updates\3.4.9_43085\utorrentie.exe -> Deleted
[Tr.Gen0][File] C:\Users\Christopher\AppData\Roaming\uTorrent\updates\3.4.9_43295\utorrentie.exe -> Deleted
[Tr.Gen0][File] C:\Users\Christopher\AppData\Roaming\uTorrent\updates\3.4.9_43388\utorrentie.exe -> Deleted
[Tr.Gen0][File] C:\Users\Christopher\AppData\Roaming\uTorrent\updates\3.5.0_43580\utorrentie.exe -> Deleted
[Tr.Gen0][File] C:\Users\Christopher\AppData\Roaming\uTorrent\updates\3.5.0_43804\utorrentie.exe -> Deleted
[Tr.Gen0][File] C:\Users\Christopher\AppData\Roaming\uTorrent\updates\3.5.0_43916\utorrentie.exe -> Deleted
[Adw.Yelloader][Folder] C:\Users\Christopher\AppData\Local\ntuserlitelist -> Removed at reboot [91]
[Adw.Yelloader][File] C:\Users\Christopher\AppData\Local\ntuserlitelist\dataup\dataup.exe -> Removed at reboot [5]
[Adw.Yelloader][File] C:\Users\Christopher\AppData\Local\ntuserlitelist\dataup\dataup.ini -> Removed at reboot [5]
[Adw.Yelloader][File] C:\Users\Christopher\AppData\Local\ntuserlitelist\dataup\dataup.Vexe -> Removed at reboot [5]
[Adw.Yelloader][File] C:\Users\Christopher\AppData\Local\ntuserlitelist\dataup\help_dll.dll -> Removed at reboot [5]
[Adw.Yelloader][File] C:\Users\Christopher\AppData\Local\ntuserlitelist\dataup\NTSVC.ocx -> Removed at reboot [5]
[Adw.Yelloader][Folder] C:\Users\Christopher\AppData\Local\ntuserlitelist\dataup -> Removed at reboot [5]
[Adw.Yelloader][File] C:\Users\Christopher\AppData\Local\ntuserlitelist\regtool\regtool.exe -> Deleted
[Adw.Yelloader][Folder] C:\Users\Christopher\AppData\Local\ntuserlitelist\regtool -> Deleted
[Adw.Yelloader][File] C:\Users\Christopher\AppData\Local\ntuserlitelist\svcvmx\cef.pak -> Removed at reboot [5]
[Adw.Yelloader][File] C:\Users\Christopher\AppData\Local\ntuserlitelist\svcvmx\cef_100_percent.pak -> Removed at reboot [5]
[Adw.Yelloader][File] C:\Users\Christopher\AppData\Local\ntuserlitelist\svcvmx\cef_200_percent.pak -> Removed at reboot [5]
[Adw.Yelloader][File] C:\Users\Christopher\AppData\Local\ntuserlitelist\svcvmx\cef_extensions.pak -> Removed at reboot [5]
[Adw.Yelloader][File] C:\Users\Christopher\AppData\Local\ntuserlitelist\svcvmx\d3dcompiler_47.dll -> Removed at reboot [5]
[Adw.Yelloader][File] C:\Users\Christopher\AppData\Local\ntuserlitelist\svcvmx\dbghelp.dll -> Removed at reboot [5]
[Adw.Yelloader][File] C:\Users\Christopher\AppData\Local\ntuserlitelist\svcvmx\debug.log -> Removed at reboot [5]
[Adw.Yelloader][File] C:\Users\Christopher\AppData\Local\ntuserlitelist\svcvmx\icudtl.dat -> Removed at reboot [5]
[Adw.Yelloader][File] C:\Users\Christopher\AppData\Local\ntuserlitelist\svcvmx\libcef.dll -> Removed at reboot [5]
[Adw.Yelloader][File] C:\Users\Christopher\AppData\Local\ntuserlitelist\svcvmx\libEGL.dll -> Removed at reboot [5]
[Adw.Yelloader][File] C:\Users\Christopher\AppData\Local\ntuserlitelist\svcvmx\libGLESv2.dll -> Removed at reboot [5]
[Adw.Yelloader][File] C:\Users\Christopher\AppData\Local\ntuserlitelist\svcvmx\locales\en-US.pak -> Removed at reboot [5]
[Adw.Yelloader][File] C:\Users\Christopher\AppData\Local\ntuserlitelist\svcvmx\locales\zh-CN.pak -> Removed at reboot [5]
[Adw.Yelloader][Folder] C:\Users\Christopher\AppData\Local\ntuserlitelist\svcvmx\locales -> Removed at reboot [5]
[Adw.Yelloader][File] C:\Users\Christopher\AppData\Local\ntuserlitelist\svcvmx\natives_blob.bin -> Removed at reboot [5]
[Adw.Yelloader][File] C:\Users\Christopher\AppData\Local\ntuserlitelist\svcvmx\pepflashplayer.dll -> Removed at reboot [5]
[Adw.Yelloader][File] C:\Users\Christopher\AppData\Local\ntuserlitelist\svcvmx\snapshot_blob.bin -> Removed at reboot [5]
[Adw.Yelloader][File] C:\Users\Christopher\AppData\Local\ntuserlitelist\svcvmx\svcvmx.exe -> Removed at reboot [5]
[Adw.Yelloader][File] C:\Users\Christopher\AppData\Local\ntuserlitelist\svcvmx\vmxclient.exe -> Removed at reboot [5]
[Adw.Yelloader][File] C:\Users\Christopher\AppData\Local\ntuserlitelist\svcvmx\widevinecdm.dll -> Removed at reboot [5]
[Adw.Yelloader][File] C:\Users\Christopher\AppData\Local\ntuserlitelist\svcvmx\widevinecdmadapter.dll -> Removed at reboot [5]
[Adw.Yelloader][Folder] C:\Users\Christopher\AppData\Local\ntuserlitelist\svcvmx -> Removed at reboot [5]
[Adw.Yelloader][Folder] C:\Users\Christopher\AppData\Local\ntuserlitelist\winscr -> Deleted
[PUP.FusionCore|PUP.Gen0][Folder] C:\Program Files (x86)\Common Files\DVDVideoSoft -> Deleted
[PUP.FusionCore|PUP.Gen0][File] C:\Program Files (x86)\Common Files\DVDVideoSoft\psvince.dll -> Deleted
[PUP.HackTool][Folder] C:\Program Files (x86)\KMSPico -> Deleted
[PUP.HackTool][Folder] C:\Program Files (x86)\KMSPico\best erning installers\06-19 -> Deleted
[PUP.HackTool][Folder] C:\Program Files (x86)\KMSPico\best erning installers\1 -> Deleted
[PUP.HackTool][Folder] C:\Program Files (x86)\KMSPico\best erning installers\2 -> Deleted
[PUP.HackTool][Folder] C:\Program Files (x86)\KMSPico\best erning installers -> Deleted

¤¤¤ WMI : 0 ¤¤¤

¤¤¤ Hosts File : 0 ¤¤¤

¤¤¤ Antirootkit : 0 (Driver: Loaded) ¤¤¤

¤¤¤ Web browsers : 1 ¤¤¤
[PUM.HomePage][Chrome:Config] Default [SecurePrefs] : homepage [https://www.youtube.com/feed/subscriptions] -> Not selected

¤¤¤ MBR Check : ¤¤¤
+++++ PhysicalDrive0: Samsung SSD 850 EVO 250GB +++++
--- User ---
[MBR] f4b75755d20b5fef39c09b18544acd4c
[BSP] c8717948efe794802220b3c57adce33b : HP|VT.Unknown MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 100 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
1 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 206848 | Size: 237916 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
2 - [XXXXXX] ACER (0x27) [VISIBLE] Offset (sectors): 487460864 | Size: 455 MB
User = LL1 ... OK
User = LL2 ... OK

+++++ PhysicalDrive1: WDC WD10EZEX-00BN5A0 +++++
--- User ---
[MBR] c01d22cec0886387410df1f4200dc62e
[BSP] bad98cd14e38413afb22ead24d6a1f6a : Windows Vista/7/8|VT.Unknown MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 350 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
1 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 718848 | Size: 953067 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
2 - [XXXXXX] ACER (0x27) [VISIBLE] Offset (sectors): 1952600064 | Size: 450 MB
User = LL1 ... OK
User = LL2 ... OK

AdwCleaner Log File:

# AdwCleaner v6.047 - Logfile created 11/07/2017 at 18:02:54
# Updated on 19/05/2017 by Malwarebytes
# Database : 2017-07-11.1 [Local]
# Operating System : Windows 10 Pro (X64)
# Username : ChristopherAubert - CHRISTOPHERPC
# Running from : C:\Users\Christopher\Desktop\AdwCleaner.exe
# Mode: Clean
# Support : https://www.malwarebytes.com/support



***** [ Services ] *****

[-] Service deleted: Dataup
[-] Service deleted: windowsmanagementservice
[-] Service deleted: drmkpro64


***** [ Folders ] *****

[-] Folder deleted: C:\Users\Christopher\AppData\Local\llssoft


***** [ Files ] *****



***** [ DLL ] *****



***** [ WMI ] *****



***** [ Shortcuts ] *****



***** [ Scheduled Tasks ] *****



***** [ Registry ] *****

[-] Key deleted: HKLM\SYSTEM\CurrentControlSet\services\dataup
[-] Key deleted: HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\Dataup
[-] Key deleted: [x64] HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\Dataup
[-] Key deleted: HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\dataup
[-] Key deleted: [x64] HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\dataup
[-] Value deleted: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [cpx]


***** [ Web browsers ] *****

[-] [C:\Users\Christopher\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Deleted: www2.delta-search.com
[-] [C:\Users\Christopher\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Deleted: aol.com
[-] [C:\Users\Christopher\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Deleted: websearch.ask.com
[-] [C:\Users\Christopher\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Deleted: ask.com
[-] [C:\Users\Christopher\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Deleted: hamachi.en.softonic.com
[-] [C:\Users\Christopher\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Deleted: flightaware.com


*************************

:: "Tracing" keys deleted
:: Winsock settings cleared

*************************

C:\AdwCleaner\AdwCleaner[C0].txt - [3989 Bytes] - [29/06/2017 22:21:41]
C:\AdwCleaner\AdwCleaner[C2].txt - [2557 Bytes] - [30/06/2017 01:44:15]
C:\AdwCleaner\AdwCleaner[C3].txt - [2109 Bytes] - [30/06/2017 01:47:59]
C:\AdwCleaner\AdwCleaner[C4].txt - [2173 Bytes] - [09/07/2017 00:03:54]
C:\AdwCleaner\AdwCleaner[C5].txt - [2386 Bytes] - [11/07/2017 17:57:17]
C:\AdwCleaner\AdwCleaner[C6].txt - [2543 Bytes] - [11/07/2017 18:02:54]
C:\AdwCleaner\AdwCleaner[S0].txt - [3729 Bytes] - [29/06/2017 22:19:51]
C:\AdwCleaner\AdwCleaner[S1].txt - [1865 Bytes] - [30/06/2017 01:39:09]
C:\AdwCleaner\AdwCleaner[S2].txt - [2732 Bytes] - [30/06/2017 01:41:41]
C:\AdwCleaner\AdwCleaner[S3].txt - [2084 Bytes] - [30/06/2017 01:47:19]
C:\AdwCleaner\AdwCleaner[S4].txt - [2158 Bytes] - [08/07/2017 23:59:18]
C:\AdwCleaner\AdwCleaner[S5].txt - [2303 Bytes] - [09/07/2017 19:29:43]
C:\AdwCleaner\AdwCleaner[S6].txt - [2371 Bytes] - [11/07/2017 17:51:51]
C:\AdwCleaner\AdwCleaner[S7].txt - [3397 Bytes] - [11/07/2017 18:00:48]

########## EOF - C:\AdwCleaner\AdwCleaner[C6].txt - [3200 Bytes] ##########

 
Re-run Farbar Recovery Scan Tool (FRST/FRST64) you ran at the very beginning of this topic.

  • Double click to run it.
  • Make sure you checkmark Addition.txt box.
  • Press Scan button.
  • Scan will create two logs, FRST.txt and Addition.txt in the same directory the tool is run. Please copy and paste them to your reply.
 
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 11-07-2017
Ran by ChristopherAubert (administrator) on CHRISTOPHERPC (11-07-2017 19:39:29)
Running from C:\Users\Christopher\Desktop
Loaded Profiles: ChristopherAubert (Available Profiles: ChristopherAubert)
Platform: Windows 10 Pro Version 1703 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool:

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
() C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome Remote Desktop\59.0.3071.47\remoting_host.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe
(Broadcom Corporation.) C:\Windows\System32\BtwRSupportService.exe
() C:\Windows\System32\PnkBstrA.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKServer.exe
(Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe
(Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe
() C:\Windows\runSW.exe
() C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Realtek) C:\Windows\SwUSB.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome Remote Desktop\59.0.3071.47\remoting_host.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler64.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
() C:\Program Files (x86)\puush\puush.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvspcaps64.exe
(Spotify Ltd) C:\Users\Christopher\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OFFICE15\CSISYNCCLIENT.EXE
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Google Inc.) C:\Users\Christopher\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Christopher\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Christopher\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Christopher\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Christopher\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Christopher\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Christopher\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Christopher\AppData\Local\Google\Chrome\Application\chrome.exe
(Wondershare) C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office15\ONENOTEM.EXE
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.18.614.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.18062.13720.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
() C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.17054.14711.0_x64__8wekyb3d8bbwe\Video.UI.exe
(Google Inc.) C:\Users\Christopher\AppData\Local\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\Taskmgr.exe
(Google Inc.) C:\Users\Christopher\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Christopher\AppData\Local\Google\Chrome\Application\chrome.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Google Inc.) C:\Users\Christopher\AppData\Local\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe

==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [629152 2017-03-18] (Microsoft Corporation)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8492800 2015-06-24] (Realtek Semiconductor)
HKLM\...\Run: [ShadowPlay] => "C:\Windows\system32\rundll32.exe" C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [322472 2015-06-23] (Intel Corporation)
HKLM-x32\...\Run: [Razer Synapse] => C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [596640 2017-04-13] (Razer Inc.)
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2087264 2014-09-11] (Wondershare)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-03-15] (Oracle Corporation)
HKLM-x32\...\Run: [cpx] => "C:\Users\Christopher\AppData\Local\ntuserlitelist\cpx\cpx.exe" -starup <==== ATTENTION
HKLM-x32\...\Run: [svcvmx] => C:\Users\Christopher\AppData\Local\ntuserlitelist\svcvmx\svcvmx.exe [884224 2017-04-21] ()
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [5885352 2017-06-29] (LogMeIn Inc.)
HKU\S-1-5-21-3319825686-2643767977-2016650390-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3062048 2017-07-06] (Valve Corporation)
HKU\S-1-5-21-3319825686-2643767977-2016650390-1001\...\Run: [puush] => C:\Program Files (x86)\puush\puush.exe [568904 2015-06-27] ()
HKU\S-1-5-21-3319825686-2643767977-2016650390-1001\...\Run: [Spotify Web Helper] => C:\Users\Christopher\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1560176 2017-06-16] (Spotify Ltd)
HKU\S-1-5-21-3319825686-2643767977-2016650390-1001\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [23819304 2017-03-21] (Google)
HKU\S-1-5-21-3319825686-2643767977-2016650390-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4299968 2016-06-22] (Disc Soft Ltd)
HKU\S-1-5-21-3319825686-2643767977-2016650390-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27716568 2017-05-04] (Skype Technologies S.A.)
HKU\S-1-5-21-3319825686-2643767977-2016650390-1001\...\Run: [Google Update] => C:\Users\Christopher\AppData\Local\Google\Update\1.3.33.5\GoogleUpdateCore.exe [601168 2017-07-10] (Google Inc.)
HKU\S-1-5-21-3319825686-2643767977-2016650390-1001\...\Run: [GoogleChromeAutoLaunch_D3EE6E7DA0645F6660E47697F62AE98F] => C:\Users\Christopher\AppData\Local\Google\Chrome\Application\chrome.exe [1197912 2017-06-22] (Google Inc.)
HKU\S-1-5-21-3319825686-2643767977-2016650390-1001\...\MountPoints2: {e3eead84-1858-11e5-825a-fcaa1445223f} - "F:\WD Drive Unlock.exe" autoplay=true
Startup: C:\Users\Christopher\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Send to OneNote.lnk [2017-04-26]
ShortcutTarget: Send to OneNote.lnk -> C:\Program Files\Microsoft Office\Office15\ONENOTEM.EXE (Microsoft Corporation)
GroupPolicy: Restriction <==== ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

ProxyEnable: [.DEFAULT] => Proxy is enabled.
ProxyServer: [.DEFAULT] => 127.0.0.1:8003
ProxyEnable: [S-1-5-19] => Proxy is enabled.
ProxyServer: [S-1-5-19] => 127.0.0.1:8003
ProxyEnable: [S-1-5-20] => Proxy is enabled.
ProxyServer: [S-1-5-20] => 127.0.0.1:8003
ProxyServer: [S-1-5-21-3319825686-2643767977-2016650390-1001] => 127.0.0.1:8003
Hosts: 37.139.50.192 www.gstatic.com
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{032803e0-8e3d-4074-a603-13ce2fa6be1f}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{0e7e2cbf-86ca-44b6-b78b-34cd497e6b20}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{2ec9c44c-b42e-42ee-b564-0a3a66d30bda}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{401984dc-3453-4b14-8465-91d94fd40f52}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{83a64d07-af5e-4ba9-bfca-81ea87f11111}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{d69afc5f-c2e7-42a4-9c58-5c7adbe54b90}: [DhcpNameServer] 192.168.0.1

Internet Explorer:
==================
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2017-02-23] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\ssv.dll [2017-04-30] (Oracle Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2017-02-23] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\jp2ssv.dll [2017-04-30] (Oracle Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2016-05-17] (Microsoft Corporation)

FireFox:
========
FF DefaultProfile: 6wg7kf84.default
FF ProfilePath: C:\Users\Christopher\AppData\Roaming\Mozilla\Firefox\Profiles\6wg7kf84.default [2017-07-10]
FF Homepage: Mozilla\Firefox\Profiles\6wg7kf84.default -> msn.com
FF Extension: (Avira Browser Safety) - C:\Users\Christopher\AppData\Roaming\Mozilla\Firefox\Profiles\6wg7kf84.default\Extensions\abs@avira.com [2017-06-07]
FF Extension: (Chrome Store Foxified) - C:\Users\Christopher\AppData\Roaming\Mozilla\Firefox\Profiles\6wg7kf84.default\Extensions\Chrome-Store-Foxified@jetpack.xpi [2016-11-09]
FF Extension: (Twitch Now) - C:\Users\Christopher\AppData\Roaming\Mozilla\Firefox\Profiles\6wg7kf84.default\Extensions\jid1-jwVSihNsgAw5jA@jetpack.xpi [2016-10-30]
FF Extension: (FrankerFaceZ) - C:\Users\Christopher\AppData\Roaming\Mozilla\Firefox\Profiles\6wg7kf84.default\Extensions\jid1-snHdAu6px3p0jA@jetpack.xpi [2016-11-19]
FF Extension: (Adblock Plus) - C:\Users\Christopher\AppData\Roaming\Mozilla\Firefox\Profiles\6wg7kf84.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-11-23]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_26_0_0_137.dll [2017-07-11] ()
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-16] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_26_0_0_137.dll [2017-07-11] ()
FF Plugin-x32: @esn/esnlaunch,version=2.3.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll [2013-09-16] (ESN Social Software AB)
FF Plugin-x32: @java.com/DTPlugin,version=11.131.2 -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\dtplugin\npDeployJava1.dll [2017-04-30] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.131.2 -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\plugin2\npjp2.dll [2017-04-30] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-21] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-27] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-27] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-04-04] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3319825686-2643767977-2016650390-1001: @citrixonline.com/appdetectorplugin -> C:\Users\Christopher\AppData\Local\Citrix\Plugins\104\npappdetector.dll [2016-08-30] (Citrix Online)
FF Plugin HKU\S-1-5-21-3319825686-2643767977-2016650390-1001: @tools.google.com/Google Update;version=3 -> C:\Users\Christopher\AppData\Local\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-07-10] (Google Inc.)
FF Plugin HKU\S-1-5-21-3319825686-2643767977-2016650390-1001: @tools.google.com/Google Update;version=9 -> C:\Users\Christopher\AppData\Local\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-07-10] (Google Inc.)
FF Plugin HKU\S-1-5-21-3319825686-2643767977-2016650390-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Christopher\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-08-18] (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-3319825686-2643767977-2016650390-1001: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2017-06-19] ()

Chrome:
=======
CHR HomePage: Default -> hxxps://www.youtube.com/feed/subscriptions
CHR StartupUrls: Default -> "hxxp://msn.com/"
CHR Profile: C:\Users\Christopher\AppData\Local\Google\Chrome\User Data\Default [2017-07-11]
CHR Extension: (Google Translate) - C:\Users\Christopher\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2017-07-10]
CHR Extension: (Google Slides) - C:\Users\Christopher\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-07-10]
CHR Extension: (BetterTTV) - C:\Users\Christopher\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajopnjidmegmdimjlfnijceegpefgped [2017-07-10]
CHR Extension: (Google Docs) - C:\Users\Christopher\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-07-10]
CHR Extension: (Google Drive) - C:\Users\Christopher\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-07-10]
CHR Extension: (YouTube) - C:\Users\Christopher\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-07-10]
CHR Extension: (Adobe Acrobat) - C:\Users\Christopher\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-07-10]
CHR Extension: (Google Sheets) - C:\Users\Christopher\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-07-10]
CHR Extension: (Google Docs Offline) - C:\Users\Christopher\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-07-10]
CHR Extension: (AdBlock) - C:\Users\Christopher\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2017-07-10]
CHR Extension: (Kappa Everywhere - Global Twitch Emotes) - C:\Users\Christopher\AppData\Local\Google\Chrome\User Data\Default\Extensions\jafkphjeboadjffjfcigcdfdilpcacod [2017-07-10]
CHR Extension: (Auto HD For YouTube™) - C:\Users\Christopher\AppData\Local\Google\Chrome\User Data\Default\Extensions\koiaokdomkpjdgniimnkhgbilbjgpeak [2017-07-10]
CHR Extension: (Google Play) - C:\Users\Christopher\AppData\Local\Google\Chrome\User Data\Default\Extensions\komhbcfkdcgmcdoenjcjheifdiabikfi [2017-07-10]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\Christopher\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2017-07-10]
CHR Extension: (Google Play Books) - C:\Users\Christopher\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmimngoggfoobjdlefbcabngfnmieonb [2017-07-10]
CHR Extension: (Tom's Hardware - My Threads) - C:\Users\Christopher\AppData\Local\Google\Chrome\User Data\Default\Extensions\nddbmgcnelmmhlfibkmfnhnfeccaliip [2017-07-10]
CHR Extension: (Twitch Now) - C:\Users\Christopher\AppData\Local\Google\Chrome\User Data\Default\Extensions\nlmbdmpjmlijibeockamioakdpmhjnpk [2017-07-10]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Christopher\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-07-10]
CHR Extension: (Gmail) - C:\Users\Christopher\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-07-10]
CHR Extension: (Chrome Media Router) - C:\Users\Christopher\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-07-10]
CHR HKLM\...\Chrome\Extension: [ccbpbkebodcjkknkfkpmfeciinhidaeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-3319825686-2643767977-2016650390-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [ccbpbkebodcjkknkfkpmfeciinhidaeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx

Opera:
=======
StartMenuInternet: (HKLM) OperaStable - C:\Program Files\Opera\Launcher.exe

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

"drmkpro64" => service could not be unlocked. <==== ATTENTION

R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe [936728 2013-07-03] ()
R2 BcmBtRSupport; C:\WINDOWS\system32\BtwRSupportService.exe [2297104 2015-10-12] (Broadcom Corporation.)
R2 chromoting; C:\Program Files (x86)\Google\Chrome Remote Desktop\59.0.3071.47\remoting_host.exe [71512 2017-05-09] (Google Inc.)
S2 Dataup; C:\Users\Christopher\AppData\Local\ntuserlitelist\dataup\dataup.exe [77824 2017-01-05] () [File not signed] <==== ATTENTION
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [1467072 2016-06-22] (Disc Soft Ltd)
R2 Hamachi2Svc; C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe [3418024 2017-06-29] (LogMeIn Inc.)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [18856 2015-06-23] (Intel Corporation)
R2 igfxCUIService2.0.0.0; C:\Windows\system32\igfxCUIService.exe [373744 2016-11-01] (Intel Corporation)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe [419248 2016-05-27] (LogMeIn, Inc.)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [495224 2017-06-21] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [495224 2017-06-21] (NVIDIA Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [462968 2017-06-07] (NVIDIA Corporation)
R2 NvTelemetryContainer; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [450168 2017-06-21] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2168208 2017-06-15] (Electronic Arts)
R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3148184 2017-06-15] (Electronic Arts)
R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76152 2015-12-05] ()
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2015-12-03] ()
R2 Razer Chroma SDK Server; C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKServer.exe [401024 2017-06-16] (Razer Inc.)
R2 Razer Chroma SDK Service; C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe [178824 2017-06-16] (Razer Inc.)
R2 Razer Game Scanner Service; C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [189264 2016-09-24] ()
R2 RunSwUSB; C:\Windows\runSW.exe [44760 2014-12-12] ()
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [3913064 2017-07-03] (Microsoft Corporation)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [10885360 2017-05-31] (TeamViewer GmbH)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [342264 2017-03-18] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [102816 2017-06-20] (Microsoft Corporation)
S2 windowsmanagementservice; C:\Users\Christopher\AppData\Local\lqylpia\ykvvg\ct.exe [689664 2017-05-30] () [File not signed] <==== ATTENTION

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2013-07-03] ()
S3 bcbtums; C:\Windows\system32\drivers\bcbtums.sys [227144 2015-10-12] (Broadcom Corporation.)
S3 CMUSBDAC; C:\Windows\system32\DRIVERS\CMUSBDAC.sys [3778592 2015-11-26] (C-MEDIA)
S3 cpuz141; C:\Users\Christopher\AppData\Local\Temp\cpuz141\cpuz141_x64.sys [46400 2017-06-19] (CPUID) <==== ATTENTION
S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.)
R3 dtlitescsibus; C:\Windows\System32\drivers\dtlitescsibus.sys [30264 2016-07-11] (Disc Soft Ltd)
R3 dtliteusbbus; C:\Windows\System32\drivers\dtliteusbbus.sys [47672 2016-07-11] (Disc Soft Ltd)
S3 Hamachi; C:\Windows\System32\drivers\Hamdrv.sys [45680 2016-04-05] (LogMeIn Inc.)
R1 HWiNFO32; C:\WINDOWS\SysWOW64\drivers\HWiNFO64A.SYS [27552 2017-06-23] (REALiX(tm))
R3 nvlddmkm; C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_2d81f3535ced17c6\nvlddmkm.sys [14461344 2017-06-08] (NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30328 2017-06-21] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [48248 2017-06-21] (NVIDIA Corporation)
R3 nvvhci; C:\Windows\System32\drivers\nvvhci.sys [57792 2017-06-07] (NVIDIA Corporation)
S3 ptun0901; C:\Windows\System32\drivers\ptun0901.sys [27136 2016-04-21] (The OpenVPN Project)
R0 pwdrvio; C:\Windows\System32\pwdrvio.sys [19152 2013-09-30] ()
S3 pwdspio; C:\Windows\system32\pwdspio.sys [12504 2013-09-30] ()
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [887552 2015-07-14] (Realtek )
S3 RTCore64; C:\Program Files (x86)\MSI Afterburner\RTCore64.sys [14024 2016-10-24] ()
R3 RtlWlanu; C:\Windows\System32\drivers\rtwlanu.sys [4635352 2015-07-03] (Realtek Semiconductor Corporation )
R3 rzendpt; C:\Windows\System32\drivers\rzendpt.sys [51736 2016-06-23] (Razer Inc)
R2 rzpmgrk; C:\WINDOWS\system32\drivers\rzpmgrk.sys [44144 2016-09-16] (Razer, Inc.)
R2 rzpnk; C:\WINDOWS\system32\drivers\rzpnk.sys [137840 2016-09-07] (Razer, Inc.)
S3 rzvkeyboard; C:\Windows\System32\drivers\rzvkeyboard.sys [43032 2016-04-08] (Razer Inc)
S3 SDFRd; C:\Windows\System32\drivers\SDFRd.sys [31128 2017-03-18] ()
S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.)
U3 TrueSight; C:\Windows\System32\drivers\TrueSight.sys [28272 2017-07-11] ()
S3 VBAudioVACMME; C:\Windows\system32\DRIVERS\vbaudio_cable64_win7.sys [41192 2014-09-02] (Windows (R) Win 7 DDK provider)
S3 VBAudioVMVAIOMME; C:\Windows\system32\DRIVERS\vbaudio_vmvaio64_win7.sys [41192 2017-04-16] (Windows (R) Win 7 DDK provider)
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44632 2017-03-18] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [294816 2017-03-18] (Microsoft Corporation)
S3 wdm_usb; C:\Windows\system32\DRIVERS\usb2ser.sys [151184 2016-07-15] (MBB)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [121248 2017-03-18] (Microsoft Corporation)
S3 XtuAcpiDriver; C:\Windows\System32\drivers\XtuAcpiDriver.sys [63840 2015-07-10] (Intel Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-07-11 19:38 - 2017-07-11 19:38 - 02435584 _____ (Farbar) C:\Users\Christopher\Desktop\FRST64.exe
2017-07-11 19:34 - 2017-07-11 19:34 - 05766464 _____ (Zemana Ltd. ) C:\Users\Christopher\Desktop\eXplorer.exe
2017-07-11 19:30 - 2017-07-11 19:30 - 00004300 _____ C:\Users\Christopher\Desktop\Rkill.txt
2017-07-11 19:28 - 2017-07-11 19:28 - 02030536 _____ (Bleeping Computer, LLC) C:\Users\Christopher\Desktop\iExplore.exe
2017-07-11 18:20 - 2017-07-11 18:20 - 00003287 _____ C:\Users\Christopher\Desktop\AdwCleaner[C6].txt
2017-07-11 18:19 - 2017-07-11 18:19 - 00000000 ____D C:\Users\Christopher\AppData\Local\llssoft
2017-07-11 18:02 - 2017-07-11 18:02 - 00003397 _____ C:\Users\Christopher\Desktop\AdwCleaner Pre-Clean Log.txt
2017-07-11 17:30 - 2017-07-11 17:30 - 00000000 ___HD C:\OneDriveTemp
2017-07-11 17:28 - 2017-07-11 17:28 - 00034028 _____ C:\Users\Christopher\Desktop\rk_1796.tmp.txt
2017-07-11 16:39 - 2017-07-11 16:39 - 00028272 _____ C:\Windows\system32\Drivers\TrueSight.sys
2017-07-11 16:38 - 2017-07-11 16:38 - 00000000 ____D C:\ProgramData\RogueKiller
2017-07-11 16:38 - 2017-07-11 16:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RogueKiller
2017-07-11 16:38 - 2017-07-11 16:38 - 00000000 ____D C:\Program Files\RogueKiller
2017-07-11 12:59 - 2017-07-07 09:00 - 00947712 _____ (Microsoft Corporation) C:\Windows\system32\HoloSI.PCShell.dll
2017-07-11 12:59 - 2017-07-07 02:27 - 01147288 _____ (Microsoft Corporation) C:\Windows\system32\hvix64.exe
2017-07-11 12:59 - 2017-07-07 02:27 - 01024928 _____ (Microsoft Corporation) C:\Windows\system32\hvax64.exe
2017-07-11 12:59 - 2017-07-07 02:27 - 00965024 _____ (Microsoft Corporation) C:\Windows\system32\hvloader.efi
2017-07-11 12:59 - 2017-07-07 02:27 - 00821664 _____ (Microsoft Corporation) C:\Windows\system32\hvloader.exe
2017-07-11 12:59 - 2017-07-07 02:27 - 00750560 _____ (Microsoft Corporation) C:\Windows\system32\fontdrvhost.exe
2017-07-11 12:59 - 2017-07-07 02:26 - 01065104 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2017-07-11 12:59 - 2017-07-07 02:25 - 00899824 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2017-07-11 12:59 - 2017-07-07 02:24 - 00117664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pdc.sys
2017-07-11 12:59 - 2017-07-07 02:23 - 02399728 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2017-07-11 12:59 - 2017-07-07 02:22 - 08318880 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2017-07-11 12:59 - 2017-07-07 02:22 - 01186464 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2017-07-11 12:59 - 2017-07-07 02:22 - 00119384 _____ (Microsoft Corporation) C:\Windows\system32\dmcmnutils.dll
2017-07-11 12:59 - 2017-07-07 02:21 - 32688336 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecsRaw.dll
2017-07-11 12:59 - 2017-07-07 02:21 - 02969880 _____ (Microsoft Corporation) C:\Windows\system32\CoreUIComponents.dll
2017-07-11 12:59 - 2017-07-07 02:20 - 02021680 _____ (Microsoft Corporation) C:\Windows\system32\wmpmde.dll
2017-07-11 12:59 - 2017-07-07 02:20 - 00923040 _____ (Microsoft Corporation) C:\Windows\system32\CoreMessaging.dll
2017-07-11 12:59 - 2017-07-07 02:20 - 00519584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2017-07-11 12:59 - 2017-07-07 02:20 - 00382368 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\clfs.sys
2017-07-11 12:59 - 2017-07-07 02:17 - 01017760 _____ (Microsoft Corporation) C:\Windows\system32\SecConfig.efi
2017-07-11 12:59 - 2017-07-07 02:15 - 02444696 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2017-07-11 12:59 - 2017-07-07 02:14 - 07325584 _____ (Microsoft Corporation) C:\Windows\system32\windows.storage.dll
2017-07-11 12:59 - 2017-07-07 02:14 - 05477088 _____ (Microsoft Corporation) C:\Windows\system32\OneCoreUAPCommonProxyStub.dll
2017-07-11 12:59 - 2017-07-07 02:14 - 01760264 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2017-07-11 12:59 - 2017-07-07 02:14 - 01171032 _____ (Microsoft Corporation) C:\Windows\system32\dcomp.dll
2017-07-11 12:59 - 2017-07-07 02:13 - 00872472 _____ (Microsoft Corporation) C:\Windows\system32\ClipSVC.dll
2017-07-11 12:59 - 2017-07-07 02:13 - 00554392 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBHUB3.SYS
2017-07-11 12:59 - 2017-07-07 02:13 - 00336320 _____ (Microsoft Corporation) C:\Windows\system32\SecurityHealthService.exe
2017-07-11 12:59 - 2017-07-07 02:13 - 00147800 _____ (Microsoft Corporation) C:\Windows\system32\Clipc.dll
2017-07-11 12:59 - 2017-07-07 02:12 - 00411040 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2017-07-11 12:59 - 2017-07-07 02:12 - 00318232 _____ (Microsoft Corporation) C:\Windows\system32\wininit.exe
2017-07-11 12:59 - 2017-07-07 02:12 - 00228256 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2017-07-11 12:59 - 2017-07-07 02:11 - 07904784 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Protection.PlayReady.dll
2017-07-11 12:59 - 2017-07-07 02:11 - 00094624 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2017-07-11 12:59 - 2017-07-07 02:10 - 21353208 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2017-07-11 12:59 - 2017-07-07 02:10 - 01670496 _____ (Microsoft Corporation) C:\Windows\system32\winmde.dll
2017-07-11 12:59 - 2017-07-07 02:10 - 01337848 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2017-07-11 12:59 - 2017-07-07 02:10 - 01325968 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2017-07-11 12:59 - 2017-07-07 02:10 - 00372128 _____ (Microsoft Corporation) C:\Windows\system32\CloudExperienceHost.dll
2017-07-11 12:59 - 2017-07-07 02:10 - 00254168 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2017-07-11 12:59 - 2017-07-07 02:09 - 00041376 _____ (Microsoft Corporation) C:\Windows\system32\wininitext.dll
2017-07-11 12:59 - 2017-07-07 02:08 - 02229152 _____ (Microsoft Corporation) C:\Windows\system32\AppVEntSubsystems64.dll
2017-07-11 12:59 - 2017-07-07 02:08 - 01854880 _____ (Microsoft Corporation) C:\Windows\system32\AppVEntVirtualization.dll
2017-07-11 12:59 - 2017-07-07 02:08 - 01693600 _____ (Microsoft Corporation) C:\Windows\system32\AppVIntegration.dll
2017-07-11 12:59 - 2017-07-07 02:08 - 01458584 _____ (Microsoft Corporation) C:\Windows\system32\AppVEntSubsystemController.dll
2017-07-11 12:59 - 2017-07-07 02:08 - 01100704 _____ (Microsoft Corporation) C:\Windows\system32\AppVPolicy.dll
2017-07-11 12:59 - 2017-07-07 02:08 - 00992672 _____ (Microsoft Corporation) C:\Windows\system32\AppVManifest.dll
2017-07-11 12:59 - 2017-07-07 02:08 - 00848280 _____ (Microsoft Corporation) C:\Windows\system32\AppVOrchestration.dll
2017-07-11 12:59 - 2017-07-07 02:08 - 00846752 _____ (Microsoft Corporation) C:\Windows\system32\AppVClient.exe
2017-07-11 12:59 - 2017-07-07 02:08 - 00844704 _____ (Microsoft Corporation) C:\Windows\system32\AppVEntStreamingManager.dll
2017-07-11 12:59 - 2017-07-07 02:08 - 00774560 _____ (Microsoft Corporation) C:\Windows\system32\AppVReporting.dll
2017-07-11 12:59 - 2017-07-07 02:08 - 00699808 _____ (Microsoft Corporation) C:\Windows\system32\AppVCatalog.dll
2017-07-11 12:59 - 2017-07-07 02:08 - 00672672 _____ (Microsoft Corporation) C:\Windows\system32\AppVPublishing.dll
2017-07-11 12:59 - 2017-07-07 02:08 - 00506776 _____ (Microsoft Corporation) C:\Windows\system32\TransportDSA.dll
2017-07-11 12:59 - 2017-07-07 02:08 - 00399264 _____ (Microsoft Corporation) C:\Windows\system32\AppVScripting.dll
2017-07-11 12:59 - 2017-07-07 02:07 - 01106848 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys
2017-07-11 12:59 - 2017-07-07 02:07 - 00058488 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2017-07-11 12:59 - 2017-07-07 01:57 - 00626528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontdrvhost.exe
2017-07-11 12:59 - 2017-07-07 01:57 - 00125344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmapi.dll
2017-07-11 12:59 - 2017-07-07 01:40 - 23677440 _____ (Microsoft Corporation) C:\Windows\system32\edgehtml.dll
2017-07-11 12:59 - 2017-07-07 01:39 - 01839872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2017-07-11 12:59 - 2017-07-07 01:39 - 00096128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dmcmnutils.dll
2017-07-11 12:59 - 2017-07-07 01:37 - 31652264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecsRaw.dll
2017-07-11 12:59 - 2017-07-07 01:37 - 02259760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CoreUIComponents.dll
2017-07-11 12:59 - 2017-07-07 01:37 - 01339352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmpmde.dll
2017-07-11 12:59 - 2017-07-07 01:31 - 05820984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\windows.storage.dll
2017-07-11 12:59 - 2017-07-07 01:31 - 01518088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2017-07-11 12:59 - 2017-07-07 01:31 - 00129184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2017-07-11 12:59 - 2017-07-07 01:30 - 02165752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2017-07-11 12:59 - 2017-07-07 01:30 - 00949920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dcomp.dll
2017-07-11 12:59 - 2017-07-07 01:30 - 00750496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WWAHost.exe
2017-07-11 12:59 - 2017-07-07 01:29 - 00349600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2017-07-11 12:59 - 2017-07-07 01:29 - 00123520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Clipc.dll
2017-07-11 12:59 - 2017-07-07 01:27 - 06759512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Protection.PlayReady.dll
2017-07-11 12:59 - 2017-07-07 01:27 - 03670016 _____ (Microsoft Corporation) C:\Windows\system32\win32kfull.sys
2017-07-11 12:59 - 2017-07-07 01:27 - 01640448 _____ (Microsoft Corporation) C:\Windows\system32\GdiPlus.dll
2017-07-11 12:59 - 2017-07-07 01:27 - 01050624 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.dll
2017-07-11 12:59 - 2017-07-07 01:27 - 00859136 _____ (Microsoft Corporation) C:\Windows\system32\uDWM.dll
2017-07-11 12:59 - 2017-07-07 01:27 - 00577024 _____ (Microsoft Corporation) C:\Windows\system32\duser.dll
2017-07-11 12:59 - 2017-07-07 01:27 - 00557568 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2017-07-11 12:59 - 2017-07-07 01:27 - 00443392 _____ (Microsoft Corporation) C:\Windows\system32\PerceptionSimulationExtensions.dll
2017-07-11 12:59 - 2017-07-07 01:27 - 00360960 _____ (Microsoft Corporation) C:\Windows\system32\ConhostV2.dll
2017-07-11 12:59 - 2017-07-07 01:26 - 20373408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2017-07-11 12:59 - 2017-07-07 01:26 - 17364992 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.dll
2017-07-11 12:59 - 2017-07-07 01:26 - 01529384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winmde.dll
2017-07-11 12:59 - 2017-07-07 01:26 - 01195240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2017-07-11 12:59 - 2017-07-07 01:26 - 00988168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2017-07-11 12:59 - 2017-07-07 01:25 - 02199552 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.Resources.dll
2017-07-11 12:59 - 2017-07-07 01:25 - 00035232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininitext.dll
2017-07-11 12:59 - 2017-07-07 01:24 - 01517472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppVEntSubsystems32.dll
2017-07-11 12:59 - 2017-07-07 01:24 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\officecsp.dll
2017-07-11 12:59 - 2017-07-07 01:23 - 00583160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CoreMessaging.dll
2017-07-11 12:59 - 2017-07-07 01:23 - 00113152 _____ (Microsoft Corporation) C:\Windows\system32\wuuhosdeployment.dll
2017-07-11 12:59 - 2017-07-07 01:23 - 00110592 _____ (Microsoft Corporation) C:\Windows\system32\Chakradiag.dll
2017-07-11 12:59 - 2017-07-07 01:23 - 00095232 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2017-07-11 12:59 - 2017-07-07 01:23 - 00029696 _____ (Microsoft Corporation) C:\Windows\system32\eapprovp.dll
2017-07-11 12:59 - 2017-07-07 01:22 - 07931392 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll
2017-07-11 12:59 - 2017-07-07 01:22 - 00520704 _____ (Microsoft Corporation) C:\Windows\system32\daxexec.dll
2017-07-11 12:59 - 2017-07-07 01:21 - 00096256 _____ (Microsoft Corporation) C:\Windows\system32\ActiveSyncCsp.dll
2017-07-11 12:59 - 2017-07-07 01:21 - 00064512 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2017-07-11 12:59 - 2017-07-07 01:20 - 23681536 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2017-07-11 12:59 - 2017-07-07 01:20 - 08331264 _____ (Microsoft Corporation) C:\Windows\system32\BingMaps.dll
2017-07-11 12:59 - 2017-07-07 01:20 - 00175616 _____ (Microsoft Corporation) C:\Windows\system32\prntvpt.dll
2017-07-11 12:59 - 2017-07-07 01:19 - 07149056 _____ (Microsoft Corporation) C:\Windows\system32\mos.dll
2017-07-11 12:59 - 2017-07-07 01:19 - 00527360 _____ (Microsoft Corporation) C:\Windows\system32\aadcloudap.dll
2017-07-11 12:59 - 2017-07-07 01:19 - 00256000 _____ (Microsoft Corporation) C:\Windows\system32\domgmt.dll
2017-07-11 12:59 - 2017-07-07 01:19 - 00165888 _____ (Microsoft Corporation) C:\Windows\system32\storewuauth.dll
2017-07-11 12:59 - 2017-07-07 01:19 - 00137216 _____ (Microsoft Corporation) C:\Windows\system32\raschap.dll
2017-07-11 12:59 - 2017-07-07 01:18 - 07336448 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Data.Pdf.dll
2017-07-11 12:59 - 2017-07-07 01:18 - 00563712 _____ (Microsoft Corporation) C:\Windows\system32\DevicePairing.dll
2017-07-11 12:59 - 2017-07-07 01:18 - 00548864 _____ (Microsoft Corporation) C:\Windows\system32\SensorService.dll
2017-07-11 12:59 - 2017-07-07 01:18 - 00353280 _____ (Microsoft Corporation) C:\Windows\system32\Wldap32.dll
2017-07-11 12:59 - 2017-07-07 01:18 - 00274944 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecsExt.dll
2017-07-11 12:59 - 2017-07-07 01:17 - 01878016 _____ (Microsoft Corporation) C:\Windows\system32\AzureSettingSyncProvider.dll
2017-07-11 12:59 - 2017-07-07 01:17 - 01260544 _____ (Microsoft Corporation) C:\Windows\system32\GamePanel.exe
2017-07-11 12:59 - 2017-07-07 01:17 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2017-07-11 12:59 - 2017-07-07 01:17 - 00588800 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2017-07-11 12:59 - 2017-07-07 01:17 - 00536064 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Internal.Management.dll
2017-07-11 12:59 - 2017-07-07 01:17 - 00422400 _____ (Microsoft Corporation) C:\Windows\system32\WpAXHolder.dll
2017-07-11 12:59 - 2017-07-07 01:17 - 00229888 _____ (Microsoft Corporation) C:\Windows\system32\SIHClient.exe
2017-07-11 12:59 - 2017-07-07 01:16 - 12786176 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2017-07-11 12:59 - 2017-07-07 01:16 - 00925696 _____ (Microsoft Corporation) C:\Windows\system32\WpcWebFilter.dll
2017-07-11 12:59 - 2017-07-07 01:16 - 00545792 _____ (Microsoft Corporation) C:\Windows\system32\winspool.drv
2017-07-11 12:59 - 2017-07-07 01:15 - 08238080 _____ (Microsoft Corporation) C:\Windows\system32\Chakra.dll
2017-07-11 12:59 - 2017-07-07 01:15 - 00922112 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2017-07-11 12:59 - 2017-07-07 01:14 - 08211968 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2017-07-11 12:59 - 2017-07-07 01:14 - 03784704 _____ (Microsoft Corporation) C:\Windows\system32\MapRouter.dll
2017-07-11 12:59 - 2017-07-07 01:14 - 02956800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32kfull.sys
2017-07-11 12:59 - 2017-07-07 01:14 - 01802240 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2017-07-11 12:59 - 2017-07-07 01:14 - 01448960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GdiPlus.dll
2017-07-11 12:59 - 2017-07-07 01:14 - 00790016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.dll
2017-07-11 12:59 - 2017-07-07 01:14 - 00570880 _____ (Microsoft Corporation) C:\Windows\system32\PhotoScreensaver.scr
2017-07-11 12:59 - 2017-07-07 01:14 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll
2017-07-11 12:59 - 2017-07-07 01:13 - 13839872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.dll
2017-07-11 12:59 - 2017-07-07 01:13 - 05892096 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2017-07-11 12:59 - 2017-07-07 01:13 - 00840192 _____ (Microsoft Corporation) C:\Windows\system32\fveapi.dll
2017-07-11 12:59 - 2017-07-07 01:12 - 04730880 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2017-07-11 12:59 - 2017-07-07 01:12 - 03307008 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2017-07-11 12:59 - 2017-07-07 01:12 - 02499584 _____ (Microsoft Corporation) C:\Windows\system32\twinui.pcshell.dll
2017-07-11 12:59 - 2017-07-07 01:12 - 02199552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.Resources.dll
2017-07-11 12:59 - 2017-07-07 01:12 - 02055168 _____ (Microsoft Corporation) C:\Windows\system32\win32kbase.sys
2017-07-11 12:59 - 2017-07-07 01:12 - 01713664 _____ (Microsoft Corporation)
 
C:\Windows\system32\ActiveSyncProvider.dll
2017-07-11 12:59 - 2017-07-07 01:12 - 01420800 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.Maps.dll
2017-07-11 12:59 - 2017-07-07 01:12 - 01305088 _____ (Microsoft Corporation) C:\Windows\system32\dosvc.dll
2017-07-11 12:59 - 2017-07-07 01:12 - 01293824 _____ (Microsoft Corporation) C:\Windows\system32\aadtb.dll
2017-07-11 12:59 - 2017-07-07 01:12 - 01142272 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2017-07-11 12:59 - 2017-07-07 01:12 - 00706560 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2017-07-11 12:59 - 2017-07-07 01:11 - 03139584 _____ (Microsoft Corporation) C:\Windows\system32\msftedit.dll
2017-07-11 12:59 - 2017-07-07 01:11 - 02829824 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2017-07-11 12:59 - 2017-07-07 01:11 - 02649600 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll
2017-07-11 12:59 - 2017-07-07 01:11 - 02177024 _____ (Microsoft Corporation) C:\Windows\system32\OpcServices.dll
2017-07-11 12:59 - 2017-07-07 01:11 - 01888256 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2017-07-11 12:59 - 2017-07-07 01:11 - 01812480 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2017-07-11 12:59 - 2017-07-07 01:11 - 00986112 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2017-07-11 12:59 - 2017-07-07 01:11 - 00406528 _____ (Microsoft Corporation) C:\Windows\system32\wuuhext.dll
2017-07-11 12:59 - 2017-07-07 01:10 - 05557760 _____ (Microsoft Corporation) C:\Windows\system32\dbgeng.dll
2017-07-11 12:59 - 2017-07-07 01:10 - 04707840 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2017-07-11 12:59 - 2017-07-07 01:10 - 02444288 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2017-07-11 12:59 - 2017-07-07 01:10 - 00079872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2017-07-11 12:59 - 2017-07-07 01:10 - 00025088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\eapprovp.dll
2017-07-11 12:59 - 2017-07-07 01:09 - 20504576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\edgehtml.dll
2017-07-11 12:59 - 2017-07-07 01:09 - 00365056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\daxexec.dll
2017-07-11 12:59 - 2017-07-07 01:08 - 00285696 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2017-07-11 12:59 - 2017-07-07 01:07 - 00430080 _____ (Microsoft Corporation) C:\Windows\system32\PlayToDevice.dll
2017-07-11 12:59 - 2017-07-07 01:07 - 00391168 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2017-07-11 12:59 - 2017-07-07 01:07 - 00272896 _____ (Microsoft Corporation) C:\Windows\system32\PlayToReceiver.dll
2017-07-11 12:59 - 2017-07-07 01:07 - 00117248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\raschap.dll
2017-07-11 12:59 - 2017-07-07 01:06 - 00412160 _____ (Microsoft Corporation) C:\Windows\system32\SensorsApi.dll
2017-07-11 12:59 - 2017-07-07 01:06 - 00241152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecsExt.dll
2017-07-11 12:59 - 2017-07-07 01:06 - 00205824 _____ (Microsoft Corporation) C:\Windows\system32\sensrsvc.dll
2017-07-11 12:59 - 2017-07-07 01:05 - 19335168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2017-07-11 12:59 - 2017-07-07 01:05 - 11870720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2017-07-11 12:59 - 2017-07-07 01:05 - 06728192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll
2017-07-11 12:59 - 2017-07-07 01:05 - 05719040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\BingMaps.dll
2017-07-11 12:59 - 2017-07-07 01:05 - 00502784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DevicePairing.dll
2017-07-11 12:59 - 2017-07-07 01:05 - 00370176 _____ (Microsoft Corporation) C:\Windows\system32\msinfo32.exe
2017-07-11 12:59 - 2017-07-07 01:05 - 00312320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Wldap32.dll
2017-07-11 12:59 - 2017-07-07 01:04 - 05961216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Data.Pdf.dll
2017-07-11 12:59 - 2017-07-07 01:04 - 01703424 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2017-07-11 12:59 - 2017-07-07 01:04 - 01403392 _____ (Microsoft Corporation) C:\Windows\system32\wdc.dll
2017-07-11 12:59 - 2017-07-07 01:04 - 01248768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AzureSettingSyncProvider.dll
2017-07-11 12:59 - 2017-07-07 01:04 - 00754176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2017-07-11 12:59 - 2017-07-07 01:04 - 00506368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2017-07-11 12:59 - 2017-07-07 01:04 - 00394240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Internal.Management.dll
2017-07-11 12:59 - 2017-07-07 01:04 - 00058368 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2017-07-11 12:59 - 2017-07-07 01:03 - 06123520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mos.dll
2017-07-11 12:59 - 2017-07-07 01:03 - 00636416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WpcWebFilter.dll
2017-07-11 12:59 - 2017-07-07 01:03 - 00446464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastls.dll
2017-07-11 12:59 - 2017-07-07 01:02 - 00952832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comdlg32.dll
2017-07-11 12:59 - 2017-07-07 01:02 - 00508416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PhotoScreensaver.scr
2017-07-11 12:59 - 2017-07-07 01:01 - 06287360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakra.dll
2017-07-11 12:59 - 2017-07-07 01:01 - 02859520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2017-07-11 12:59 - 2017-07-07 01:00 - 07596544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2017-07-11 12:59 - 2017-07-07 01:00 - 05225984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2017-07-11 12:59 - 2017-07-07 01:00 - 02588160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MapRouter.dll
2017-07-11 12:59 - 2017-07-07 01:00 - 01626624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2017-07-11 12:59 - 2017-07-07 01:00 - 01565184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2017-07-11 12:59 - 2017-07-07 01:00 - 01019904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aadtb.dll
2017-07-11 12:59 - 2017-07-07 00:59 - 04417024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll
2017-07-11 12:59 - 2017-07-07 00:59 - 03656704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2017-07-11 12:59 - 2017-07-07 00:59 - 01494016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ActiveSyncProvider.dll
2017-07-11 12:59 - 2017-07-07 00:59 - 01355264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\OpcServices.dll
2017-07-11 12:59 - 2017-07-07 00:59 - 00787456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2017-07-11 12:59 - 2017-07-07 00:58 - 04559360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dbgeng.dll
2017-07-11 12:59 - 2017-07-07 00:58 - 02782720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msftedit.dll
2017-07-11 12:59 - 2017-07-07 00:58 - 02298368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmcore.dll
2017-07-11 12:59 - 2017-07-07 00:58 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.Maps.dll
2017-07-11 12:59 - 2017-07-07 00:55 - 00342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2017-07-11 12:59 - 2017-07-07 00:55 - 00329216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SensorsApi.dll
2017-07-11 12:59 - 2017-07-07 00:53 - 01301504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdc.dll
2017-07-11 12:59 - 2017-07-07 00:53 - 00338432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msinfo32.exe
2017-07-11 12:59 - 2017-07-01 17:52 - 00031932 _____ C:\Windows\system32\edgehtmlpluginpolicy.bin
2017-07-11 12:45 - 2017-07-11 12:51 - 00081050 _____ C:\Users\Christopher\Desktop\Addition.txt
2017-07-11 12:44 - 2017-07-11 19:39 - 00026641 _____ C:\Users\Christopher\Desktop\FRST.txt
2017-07-11 12:35 - 2017-07-11 12:35 - 00000000 ____D C:\ProgramData\Shared Space
2017-07-11 12:35 - 2017-07-11 12:35 - 00000000 ____D C:\ProgramData\Comodo Downloader
2017-07-11 12:35 - 2017-07-11 12:35 - 00000000 ____D C:\ProgramData\Comodo
2017-07-11 12:34 - 2017-07-11 12:34 - 00002259 _____ C:\Windows\epplauncher.mif
2017-07-10 22:31 - 2017-07-10 22:31 - 00001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2017-07-10 22:31 - 2017-07-10 22:31 - 00000993 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2017-07-10 22:31 - 2017-07-10 22:31 - 00000000 ____D C:\Program Files\Mozilla Firefox
2017-07-10 22:31 - 2017-07-10 22:31 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-07-10 22:00 - 2017-07-10 22:00 - 00003692 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3319825686-2643767977-2016650390-1001UA
2017-07-10 22:00 - 2017-07-10 22:00 - 00003424 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3319825686-2643767977-2016650390-1001Core
2017-07-10 22:00 - 2017-07-10 22:00 - 00002503 _____ C:\Users\Christopher\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-07-10 22:00 - 2017-07-10 22:00 - 00002495 _____ C:\Users\Christopher\Desktop\Google Chrome.lnk
2017-07-10 15:12 - 2017-07-10 15:14 - 00000000 ____D C:\Users\Christopher\Desktop\3DS Stuff
2017-07-10 15:07 - 2017-03-23 10:04 - 03547136 _____ C:\Windows\system32\pwNative.exe
2017-07-10 15:06 - 2017-07-10 15:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MiniTool Partition Wizard 10
2017-07-10 15:06 - 2017-07-10 15:06 - 00000000 ____D C:\Program Files\MiniTool Partition Wizard 10
2017-07-10 15:06 - 2013-09-30 16:26 - 00019152 _____ C:\Windows\system32\pwdrvio.sys
2017-07-10 15:06 - 2013-09-30 16:26 - 00012504 _____ C:\Windows\system32\pwdspio.sys
2017-07-10 13:23 - 2017-07-10 13:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2017-07-10 13:23 - 2017-07-10 13:23 - 00000000 ____D C:\Program Files (x86)\LogMeIn Hamachi
2017-07-08 23:31 - 2017-07-08 23:31 - 00000000 ____D C:\Users\Christopher\AppData\LocalLow\Smartly Dressed Games
2017-07-03 22:47 - 2017-07-03 22:47 - 00000222 _____ C:\Users\Christopher\Desktop\Watch_Dogs.url
2017-07-03 21:39 - 2017-07-03 21:39 - 00000000 ____D C:\Users\Christopher\AppData\Local\PeerDistRepub
2017-07-03 13:53 - 2017-07-03 13:54 - 00000000 ____D C:\Windows\CSC
2017-07-03 13:53 - 2017-07-03 13:53 - 00000000 __SHD C:\Windows\BitLockerDiscoveryVolumeContents
2017-07-03 13:53 - 2017-07-03 13:53 - 00000000 ___SD C:\Windows\system32\AppV
2017-07-03 13:53 - 2017-07-03 13:53 - 00000000 ____D C:\Windows\RemotePackages
2017-07-03 13:53 - 2017-07-03 13:53 - 00000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2017-07-03 13:50 - 2017-03-18 15:59 - 00034774 _____ C:\Windows\Professional.xml
2017-07-02 19:47 - 2017-07-02 19:47 - 00001111 _____ C:\Users\Public\Desktop\Vegas Pro 13.0 (64-bit).lnk
2017-07-02 19:47 - 2017-07-02 19:47 - 00000000 ____D C:\ProgramData\Sony
2017-07-02 19:47 - 2017-07-02 19:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony
2017-07-02 19:47 - 2017-07-02 19:47 - 00000000 ____D C:\Program Files\Sony
2017-07-02 19:47 - 2017-07-02 19:47 - 00000000 ____D C:\Program Files (x86)\Sony
2017-07-02 19:21 - 2017-07-02 19:21 - 00000000 ____D C:\Users\Christopher\AppData\Roaming\Sony Creative Software Inc
2017-07-01 21:11 - 2017-07-01 21:11 - 00001128 _____ C:\Users\Public\Desktop\OpenOffice 4.1.3.lnk
2017-07-01 21:11 - 2017-07-01 21:11 - 00000000 ___SD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.3
2017-07-01 21:11 - 2017-07-01 21:11 - 00000000 ____D C:\Users\Christopher\AppData\Roaming\OpenOffice
2017-07-01 21:11 - 2017-07-01 21:11 - 00000000 ____D C:\Program Files (x86)\OpenOffice 4
2017-06-30 15:12 - 2017-06-30 15:12 - 00000000 ____D C:\Users\Christopher\AppData\Local\ESET
2017-06-29 23:44 - 2017-07-09 16:24 - 00003376 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1498797898
2017-06-29 23:44 - 2017-07-09 16:24 - 00000000 ____D C:\Program Files\Opera
2017-06-29 23:44 - 2017-06-29 23:44 - 00001166 _____ C:\Users\Public\Desktop\Opera Browser.lnk
2017-06-29 23:44 - 2017-06-29 23:44 - 00001166 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera Browser.lnk
2017-06-29 22:36 - 2017-06-29 22:36 - 00000000 ____D C:\Users\Christopher\AppData\Local\Deployment
2017-06-29 22:18 - 2017-07-11 18:02 - 00000000 ____D C:\AdwCleaner
2017-06-29 20:56 - 2017-06-20 00:04 - 01818624 _____ (Microsoft Corporation) C:\Windows\system32\UIAutomationCore.dll
2017-06-29 20:56 - 2017-06-20 00:02 - 03377664 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll
2017-06-29 20:56 - 2017-06-20 00:01 - 03332096 _____ (Microsoft Corporation) C:\Windows\system32\SRH.dll
2017-06-29 20:56 - 2017-06-20 00:00 - 02597888 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll
2017-06-29 20:56 - 2017-06-19 23:39 - 02671616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tquery.dll
2017-06-29 20:56 - 2017-06-19 23:38 - 01451008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIAutomationCore.dll
2017-06-29 20:56 - 2017-06-19 23:35 - 02679296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SRH.dll
2017-06-29 20:56 - 2017-06-19 23:35 - 02132480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssrch.dll
2017-06-29 20:55 - 2017-06-20 01:18 - 01564576 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2017-06-29 20:55 - 2017-06-20 01:16 - 01214880 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2017-06-29 20:55 - 2017-06-20 01:11 - 00411992 _____ (Microsoft Corporation) C:\Windows\system32\MSAudDecMFT.dll
2017-06-29 20:55 - 2017-06-20 01:04 - 04847424 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2017-06-29 20:55 - 2017-06-20 01:02 - 02645688 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2017-06-29 20:55 - 2017-06-20 01:02 - 01055648 _____ (Microsoft Corporation) C:\Windows\system32\LicenseManager.dll
2017-06-29 20:55 - 2017-06-20 01:00 - 00558920 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.dll
2017-06-29 20:55 - 2017-06-20 01:00 - 00255904 _____ (Microsoft Corporation) C:\Windows\system32\AppxAllUserStore.dll
2017-06-29 20:55 - 2017-06-20 01:00 - 00142752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wcifs.sys
2017-06-29 20:55 - 2017-06-20 00:59 - 06554928 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.dll
2017-06-29 20:55 - 2017-06-20 00:59 - 01220072 _____ (Microsoft Corporation) C:\Windows\system32\mfsvr.dll
2017-06-29 20:55 - 2017-06-20 00:59 - 01054280 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2017-06-29 20:55 - 2017-06-20 00:58 - 00406072 _____ (Microsoft Corporation) C:\Windows\system32\MMDevAPI.dll
2017-06-29 20:55 - 2017-06-20 00:57 - 02681760 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2017-06-29 20:55 - 2017-06-20 00:15 - 00455104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSAudDecMFT.dll
2017-06-29 20:55 - 2017-06-20 00:14 - 01150784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll
2017-06-29 20:55 - 2017-06-20 00:12 - 00293376 _____ (Microsoft Corporation) C:\Windows\system32\MusNotification.exe
2017-06-29 20:55 - 2017-06-20 00:11 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2017-06-29 20:55 - 2017-06-20 00:10 - 00722432 _____ (Microsoft Corporation) C:\Windows\system32\MusUpdateHandlers.dll
2017-06-29 20:55 - 2017-06-20 00:10 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\SettingsEnvironment.Desktop.dll
2017-06-29 20:55 - 2017-06-20 00:10 - 00096256 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2017-06-29 20:55 - 2017-06-20 00:09 - 00427008 _____ (Microsoft Corporation) C:\Windows\system32\provengine.dll
2017-06-29 20:55 - 2017-06-20 00:09 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2017-06-29 20:55 - 2017-06-20 00:08 - 04469840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2017-06-29 20:55 - 2017-06-20 00:08 - 00646656 _____ (Microsoft Corporation) C:\Windows\system32\LockHostingFramework.dll
2017-06-29 20:55 - 2017-06-20 00:08 - 00386560 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2017-06-29 20:55 - 2017-06-20 00:08 - 00274944 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2017-06-29 20:55 - 2017-06-20 00:07 - 00823296 _____ (Microsoft Corporation) C:\Windows\system32\MbaeApi.dll
2017-06-29 20:55 - 2017-06-20 00:07 - 00632832 _____ (Microsoft Corporation) C:\Windows\system32\tileobjserver.dll
2017-06-29 20:55 - 2017-06-20 00:07 - 00510976 _____ (Microsoft Corporation) C:\Windows\system32\TDLMigration.dll
2017-06-29 20:55 - 2017-06-20 00:07 - 00411136 _____ (Microsoft Corporation) C:\Windows\system32\updatehandlers.dll
2017-06-29 20:55 - 2017-06-20 00:06 - 00847872 _____ (Microsoft Corporation) C:\Windows\system32\bisrv.dll
2017-06-29 20:55 - 2017-06-20 00:06 - 00754592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\LicenseManager.dll
2017-06-29 20:55 - 2017-06-20 00:06 - 00751104 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2017-06-29 20:55 - 2017-06-20 00:06 - 00411648 _____ (Microsoft Corporation) C:\Windows\system32\ActivationManager.dll
2017-06-29 20:55 - 2017-06-20 00:06 - 00299520 _____ (Microsoft Corporation) C:\Windows\system32\AboveLockAppHost.dll
2017-06-29 20:55 - 2017-06-20 00:05 - 04447744 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_nt.dll
2017-06-29 20:55 - 2017-06-20 00:05 - 01468416 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.desktop.dll
2017-06-29 20:55 - 2017-06-20 00:05 - 00687616 _____ (Microsoft Corporation) C:\Windows\system32\LogonController.dll
2017-06-29 20:55 - 2017-06-20 00:05 - 00585216 _____ (Microsoft Corporation) C:\Windows\system32\AppReadiness.dll
2017-06-29 20:55 - 2017-06-20 00:05 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\InstallAgentUserBroker.exe
2017-06-29 20:55 - 2017-06-20 00:05 - 00406528 _____ (Microsoft Corporation) C:\Windows\system32\InputSwitch.dll
2017-06-29 20:55 - 2017-06-20 00:05 - 00374784 _____ (Microsoft Corporation) C:\Windows\system32\InstallAgent.exe
2017-06-29 20:55 - 2017-06-20 00:05 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\cldapi.dll
2017-06-29 20:55 - 2017-06-20 00:04 - 02330520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\combase.dll
2017-06-29 20:55 - 2017-06-20 00:04 - 01177600 _____ (Microsoft Corporation) C:\Windows\system32\Unistore.dll
2017-06-29 20:55 - 2017-06-20 00:04 - 00181656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppxAllUserStore.dll
2017-06-29 20:55 - 2017-06-20 00:03 - 05806048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.dll
2017-06-29 20:55 - 2017-06-20 00:03 - 02077184 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2017-06-29 20:55 - 2017-06-20 00:03 - 01396224 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2017-06-29 20:55 - 2017-06-20 00:02 - 03204096 _____ (Microsoft Corporation) C:\Windows\system32\Microsoft.Bluetooth.Profiles.Gatt.dll
2017-06-29 20:55 - 2017-06-20 00:02 - 02804736 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentServer.dll
2017-06-29 20:55 - 2017-06-20 00:02 - 01886208 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.onecore.dll
2017-06-29 20:55 - 2017-06-20 00:02 - 01121928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfsvr.dll
2017-06-29 20:55 - 2017-06-20 00:02 - 00681984 _____ (Microsoft Corporation) C:\Windows\system32\usocore.dll
2017-06-29 20:55 - 2017-06-20 00:02 - 00354400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MMDevAPI.dll
2017-06-29 20:55 - 2017-06-20 00:01 - 04536320 _____ (Microsoft Corporation) C:\Windows\system32\MFMediaEngine.dll
2017-06-29 20:55 - 2017-06-20 00:01 - 04396032 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_47.dll
2017-06-29 20:55 - 2017-06-20 00:01 - 03803136 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettingsThresholdAdminFlowUI.dll
2017-06-29 20:55 - 2017-06-20 00:01 - 03059200 _____ (Microsoft Corporation) C:\Windows\system32\NetworkMobileSettings.dll
2017-06-29 20:55 - 2017-06-20 00:01 - 01076736 _____ (Microsoft Corporation) C:\Windows\system32\twinui.appcore.dll
2017-06-29 20:55 - 2017-06-20 00:00 - 03057664 _____ (Microsoft Corporation) C:\Windows\system32\CertEnroll.dll
2017-06-29 20:55 - 2017-06-20 00:00 - 02171392 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Bluetooth.dll
2017-06-29 20:55 - 2017-06-19 23:59 - 02938880 _____ (Microsoft Corporation) C:\Windows\system32\InputService.dll
2017-06-29 20:55 - 2017-06-19 23:59 - 01674240 _____ (Microsoft Corporation) C:\Windows\system32\wpncore.dll
2017-06-29 20:55 - 2017-06-19 23:59 - 01357824 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2017-06-29 20:55 - 2017-06-19 23:58 - 00625152 _____ (Microsoft Corporation) C:\Windows\system32\AudioEndpointBuilder.dll
2017-06-29 20:55 - 2017-06-19 23:56 - 00985600 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll
2017-06-29 20:55 - 2017-06-19 23:43 - 00329728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webplatstorageserver.dll
2017-06-29 20:55 - 2017-06-19 23:43 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2017-06-29 20:55 - 2017-06-19 23:43 - 00080384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2017-06-29 20:55 - 2017-06-19 23:42 - 00338432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2017-06-29 20:55 - 2017-06-19 23:42 - 00266240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2017-06-29 20:55 - 2017-06-19 23:40 - 00368128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InstallAgentUserBroker.exe
2017-06-29 20:55 - 2017-06-19 23:40 - 00356864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ActivationManager.dll
2017-06-29 20:55 - 2017-06-19 23:39 - 00969728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Unistore.dll
2017-06-29 20:55 - 2017-06-19 23:38 - 01285120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dbghelp.dll
2017-06-29 20:55 - 2017-06-19 23:38 - 00663040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2017-06-29 20:55 - 2017-06-19 23:38 - 00329728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InstallAgent.exe
2017-06-29 20:55 - 2017-06-19 23:37 - 02008576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2017-06-29 20:55 - 2017-06-19 23:36 - 03667456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_47.dll
2017-06-29 20:55 - 2017-06-19 23:34 - 04056576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFMediaEngine.dll
2017-06-29 20:55 - 2017-06-19 23:34 - 02750464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CertEnroll.dll
2017-06-29 20:55 - 2017-06-19 23:34 - 02211328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InputService.dll
2017-06-29 20:55 - 2017-06-19 23:34 - 01492480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Bluetooth.dll
2017-06-29 20:55 - 2017-06-19 23:30 - 00089088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\olepro32.dll
2017-06-29 20:54 - 2017-06-20 01:18 - 00096672 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2017-06-29 20:54 - 2017-06-20 01:17 - 00629152 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2017-06-29 20:54 - 2017-06-20 01:17 - 00544160 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2017-06-29 20:54 - 2017-06-20 01:17 - 00334240 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2017-06-29 20:54 - 2017-06-20 01:17 - 00136096 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2017-06-29 20:54 - 2017-06-20 01:17 - 00034720 _____ (Microsoft Corporation) C:\Windows\system32\DeviceCensus.exe
2017-06-29 20:54 - 2017-06-20 01:16 - 00335776 _____ (Microsoft Corporation) C:\Windows\system32\dcntel.dll
2017-06-29 20:54 - 2017-06-20 01:15 - 00233376 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2017-06-29 20:54 - 2017-06-20 01:11 - 01395152 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2017-06-29 20:54 - 2017-06-20 01:10 - 02327456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2017-06-29 20:54 - 2017-06-20 01:10 - 01930320 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2017-06-29 20:54 - 2017-06-20 01:08 - 01242528 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2017-06-29 20:54 - 2017-06-20 01:06 - 00279968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2017-06-29 20:54 - 2017-06-20 01:05 - 01057832 _____ (Microsoft Corporation) C:\Windows\system32\MrmCoreR.dll
2017-06-29 20:54 - 2017-06-20 01:04 - 00472728 _____ (Microsoft Corporation) C:\Windows\system32\policymanager.dll
2017-06-29 20:54 - 2017-06-20 01:03 - 00820128 _____ (Microsoft Corporation) C:\Windows\system32\WWAHost.exe
2017-06-29 20:54 - 2017-06-20 01:03 - 00179608 _____ (Microsoft Corporation) C:\Windows\system32\CloudExperienceHostUser.dll
2017-06-29 20:54 - 2017-06-20 01:03 - 00102312 _____ (Microsoft Corporation) C:\Windows\system32\CredentialUIBroker.exe
2017-06-29 20:54 - 2017-06-20 01:02 - 00426912 _____ (Microsoft Corporation) C:\Windows\system32\CloudExperienceHostCommon.dll
2017-06-29 20:54 - 2017-06-20 00:59 - 00583304 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2017-06-29 20:54 - 2017-06-20 00:59 - 00467504 _____ (Microsoft Corporation) C:\Windows\system32\MFCaptureEngine.dll
2017-06-29 20:54 - 2017-06-20 00:58 - 00833160 _____ (Microsoft Corporation) C:\Windows\system32\EditionUpgradeManagerObj.dll
2017-06-29 20:54 - 2017-06-20 00:58 - 00203168 _____ (Microsoft Corporation) C:\Windows\system32\CloudExperienceHostBroker.dll
2017-06-29 20:54 - 2017-06-20 00:57 - 00204192 _____ (Microsoft Corporation) C:\Windows\system32\basecsp.dll
2017-06-29 20:54 - 2017-06-20 00:34 - 00192416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aepic.dll
2017-06-29 20:54 - 2017-06-20 00:16 - 00970752 _____ (Microsoft Corporation) C:\Windows\system32\msctfuimanager.dll
2017-06-29 20:54 - 2017-06-20 00:16 - 00417280 _____ (Microsoft Corporation) C:\Windows\system32\oleacc.dll
2017-06-29 20:54 - 2017-06-20 00:15 - 01620368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2017-06-29 20:54 - 2017-06-20 00:14 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mskssrv.sys
2017-06-29 20:54 - 2017-06-20 00:13 - 00787712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2017-06-29 20:54 - 2017-06-20 00:13 - 00216064 _____ (Microsoft Corporation) C:\Windows\system32\Microsoft.Bluetooth.Profiles.Gatt.Interface.dll
2017-06-29 20:54 - 2017-06-20 00:13 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\wwanprotdim.dll
2017-06-29 20:54 - 2017-06-20 00:13 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\WFDSConMgr.dll
2017-06-29 20:54 - 2017-06-20 00:13 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\WinBioDataModelOOBE.exe
2017-06-29 20:54 - 2017-06-20 00:12 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\DolbyMATEnc.dll
2017-06-29 20:54 - 2017-06-20 00:12 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\Windows.System.Profile.RetailInfo.dll
2017-06-29 20:54 - 2017-06-20 00:12 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bridge.sys
2017-06-29 20:54 - 2017-06-20 00:12 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hdaudbus.sys
2017-06-29 20:54 - 2017-06-20 00:11 - 00200192 _____ (Microsoft Corporation) C:\Windows\system32\ScDeviceEnum.dll
2017-06-29 20:54 - 2017-06-20 00:10 - 00778240 _____ (Microsoft Corporation) C:\Windows\system32\DolbyHrtfEnc.dll
2017-06-29 20:54 - 2017-06-20 00:10 - 00189440 _____ (Microsoft Corporation) C:\Windows\system32\BluetoothApis.dll
2017-06-29 20:54 - 2017-06-20 00:10 - 00188928 _____ (Microsoft Corporation) C:\Windows\system32\wincredui.dll
2017-06-29 20:54 - 2017-06-20 00:09 - 00555008 _____ (Microsoft Corporation) C:\Windows\system32\WFDSConMgrSvc.dll
2017-06-29 20:54 - 2017-06-20 00:09 - 00551424 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Payments.dll
2017-06-29 20:54 - 2017-06-20 00:09 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Shell.BlueLightReduction.dll
2017-06-29 20:54 - 2017-06-20 00:09 - 00406032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\policymanager.dll
2017-06-29 20:54 - 2017-06-20 00:09 - 00357888 _____ (Microsoft Corporation) C:\Windows\system32\Narrator.exe
2017-06-29 20:54 - 2017-06-20 00:09 - 00250368 _____ (Microsoft Corporation) C:\Windows\system32\SCardSvr.dll
2017-06-29 20:54 - 2017-06-20 00:09 - 00208384 _____ (Microsoft Corporation) C:\Windows\system32\psmsrv.dll
2017-06-29 20:54 - 2017-06-20 00:09 - 00205312 _____ (Microsoft Corporation) C:\Windows\system32\ClipboardServer.dll
2017-06-29 20:54 - 2017-06-20 00:09 - 00189952 _____ (Microsoft Corporation) C:\Windows\system32\certprop.dll
2017-06-29 20:54 - 2017-06-20 00:09 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sendmail.dll
2017-06-29 20:54 - 2017-06-20 00:09 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\dataclen.dll
2017-06-29 20:54 - 2017-06-20 00:08 - 00791040 _____ (Microsoft Corporation) C:\Windows\system32\certca.dll
2017-06-29 20:54 - 2017-06-20 00:08 - 00365056 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_Notifications.dll
2017-06-29 20:54 - 2017-06-20 00:08 - 00328704 _____ (Microsoft Corporation) C:\Windows\system32\PsmServiceExtHost.dll
2017-06-29 20:54 - 2017-06-20 00:08 - 00327168 _____ (Microsoft Corporation) C:\Windows\system32\WinBioDataModel.dll
2017-06-29 20:54 - 2017-06-20 00:08 - 00251392 _____ (Microsoft Corporation) C:\Windows\system32\scksp.dll
2017-06-29 20:54 - 2017-06-20 00:07 - 02475136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2017-06-29 20:54 - 2017-06-20 00:07 - 00916992 _____ (Microsoft Corporation) C:\Windows\system32\bcastdvr.exe
2017-06-29 20:54 - 2017-06-20 00:07 - 00757248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdiWiFi.sys
2017-06-29 20:54 - 2017-06-20 00:07 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Internal.Bluetooth.dll
2017-06-29 20:54 - 2017-06-20 00:07 - 00621056 _____ (Microsoft Corporation) C:\Windows\system32\SndVolSSO.dll
2017-06-29 20:54 - 2017-06-20 00:07 - 00346016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CloudExperienceHostCommon.dll
2017-06-29 20:54 - 2017-06-20 00:07 - 00138656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CloudExperienceHostUser.dll
2017-06-29 20:54 - 2017-06-20 00:06 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\wbiosrvc.dll
2017-06-29 20:54 - 2017-06-20 00:06 - 00455680 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2017-06-29 20:54 - 2017-06-20 00:06 - 00335872 _____ (Microsoft Corporation) C:\Windows\system32\CloudDomainJoinDataModelServer.dll
2017-06-29 20:54 - 2017-06-20 00:06 - 00278944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\thumbcache.dll
2017-06-29 20:54 - 2017-06-20 00:06 - 00253440 _____ (Microsoft Corporation) C:\Windows\system32\edputil.dll
2017-06-29 20:54 - 2017-06-20 00:06 - 00045056 _____ (Microsoft Corporation) C:\Windows\system32\TokenBrokerUI.dll
2017-06-29 20:54 - 2017-06-20 00:05 - 02873344 _____ (Microsoft Corporation) C:\Windows\system32\themeui.dll
2017-06-29 20:54 - 2017-06-20 00:05 - 00873472 _____ (Microsoft Corporation) C:\Windows\system32\rasmans.dll
2017-06-29 20:54 - 2017-06-20 00:05 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\mmsys.cpl
2017-06-29 20:54 - 2017-06-20 00:05 - 00438096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.dll
2017-06-29 20:54 - 2017-06-20 00:05 - 00364032 _____ (Microsoft Corporation) C:\Windows\system32\SearchProtocolHost.exe
2017-06-29 20:54 - 2017-06-20 00:04 - 01425920 _____ (Microsoft Corporation) C:\Windows\system32\certutil.exe
2017-06-29 20:54 - 2017-06-20 00:04 - 01178528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppxPackaging.dll
2017-06-29 20:54 - 2017-06-20 00:04 - 01077496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webservices.dll
2017-06-29 20:54 - 2017-06-20 00:04 - 00899072 _____ (Microsoft Corporation) C:\Windows\system32\SmartcardCredentialProvider.dll
2017-06-29 20:54 - 2017-06-20 00:04 - 00802816 _____ (Microsoft Corporation) C:\Windows\system32\wcmsvc.dll
2017-06-29 20:54 - 2017-06-20 00:04 - 00400896 _____ (Microsoft Corporation) C:\Windows\system32\RDXTaskFactory.dll
2017-06-29 20:54 - 2017-06-20 00:04 - 00178176 _____ (Microsoft Corporation) C:\Windows\system32\EditionUpgradeHelper.dll
2017-06-29 20:54 - 2017-06-20 00:04 - 00049656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msasn1.dll
2017-06-29 20:54 - 2017-06-20 00:03 - 00864240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2017-06-29 20:54 - 2017-06-20 00:03 - 00443728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFCaptureEngine.dll
2017-06-29 20:54 - 2017-06-20 00:02 - 00081920 _____ (Microsoft Corporation) C:\Windows\system32\CloudDomainJoinAUG.dll
2017-06-29 20:54 - 2017-06-20 00:01 - 00809984 _____ (Microsoft Corporation) C:\Windows\system32\rasapi32.dll
2017-06-29 20:54 - 2017-06-20 00:01 - 00397312 _____ (Microsoft Corporation) C:\Windows\system32\rascustom.dll
2017-06-29 20:54 - 2017-06-20 00:01 - 00176032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\basecsp.dll
2017-06-29 20:54 - 2017-06-19 23:57 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\omadmclient.exe
2017-06-29 20:54 - 2017-06-19 23:57 - 00138752 _____ (Microsoft Corporation) C:\Windows\system32\DMPushRouterCore.dll
2017-06-29 20:54 - 2017-06-19 23:56 - 00600064 _____ (Microsoft Corporation) C:\Windows\system32\FrameServer.dll
2017-06-29 20:54 - 2017-06-19 23:56 - 00241152 _____ (Microsoft Corporation) C:\Windows\system32\wdmaud.drv
2017-06-29 20:54 - 2017-06-19 23:54 - 00059392 _____ (Microsoft Corporation) C:\Windows\system32\DmApiSetExtImplDesktop.dll
2017-06-29 20:54 - 2017-06-19 23:49 - 00899072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctfuimanager.dll
2017-06-29 20:54 - 2017-06-19 23:49 - 00331776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleacc.dll
2017-06-29 20:54 - 2017-06-19 23:46 - 00132096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Microsoft.Bluetooth.Profiles.Gatt.Interface.dll
2017-06-29 20:54 - 2017-06-19 23:45 - 00111104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.System.Profile.RetailInfo.dll
2017-06-29 20:54 - 2017-06-19 23:45 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2017-06-29 20:54 - 2017-06-19 23:43 - 00173568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ClipboardServer.dll
2017-06-29 20:54 - 2017-06-19 23:43 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wincredui.dll
2017-06-29 20:54 - 2017-06-19 23:43 - 00139776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\BluetoothApis.dll
2017-06-29 20:54 - 2017-06-19 23:43 - 00052224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dataclen.dll
2017-06-29 20:54 - 2017-06-19 23:42 - 00641024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certca.dll
2017-06-29 20:54 - 2017-06-19 23:42 - 00387584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Payments.dll
2017-06-29 20:54 - 2017-06-19 23:42 - 00226304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scksp.dll
2017-06-29 20:54 - 2017-06-19 23:42 - 00121856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sendmail.dll
2017-06-29 20:54 - 2017-06-19 23:41 - 00734208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcastdvr.exe
2017-06-29 20:54 - 2017-06-19 23:41 - 00646656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MbaeApi.dll
2017-06-29 20:54 - 2017-06-19 23:41 - 00601088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SndVolSSO.dll
2017-06-29 20:54 - 2017-06-19 23:41 - 00433152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Internal.Bluetooth.dll
2017-06-29 20:54 - 2017-06-19 23:41 - 00201216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credprovhost.dll
2017-06-29 20:54 - 2017-06-19 23:40 - 00342016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2017-06-29 20:54 - 2017-06-19 23:40 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AboveLockAppHost.dll
2017-06-29 20:54 - 2017-06-19 23:40 - 00230912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\edputil.dll
2017-06-29 20:54 - 2017-06-19 23:40 - 00038400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TokenBrokerUI.dll
2017-06-29 20:54 - 2017-06-19 23:39 - 02814464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\themeui.dll
2017-06-29 20:54 - 2017-06-19 23:39 - 00646144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mmsys.cpl
2017-06-29 20:54 - 2017-06-19 23:39 - 00471040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\VAN.dll
2017-06-29 20:54 - 2017-06-19 23:39 - 00312320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe
2017-06-29 20:54 - 2017-06-19 23:38 - 01171968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certutil.exe
2017-06-29 20:54 - 2017-06-19 23:38 - 00648192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SmartcardCredentialProvider.dll
2017-06-29 20:54 - 2017-06-19 23:35 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cldapi.dll
2017-06-29 20:54 - 2017-06-19 23:34 - 00760832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rasapi32.dll
2017-06-29 20:54 - 2017-06-19 23:31 - 00334848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PlayToDevice.dll
2017-06-29 20:54 - 2017-06-19 23:30 - 00209920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdmaud.drv
2017-06-29 20:54 - 2017-06-19 23:30 - 00157696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2017-06-29 20:54 - 2017-06-19 23:28 - 00584192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apphelp.dll
2017-06-29 20:00 - 2017-06-29 22:04 - 00000214 _____ C:\Windows\Tasks\CreateExplorerShellUnelevatedTask.job
2017-06-29 19:59 - 2017-06-29 19:59 - 00000000 ____D C:\Windows\pss
2017-06-29 19:18 - 2017-07-11 17:35 - 00000000 ____D C:\Users\Christopher\AppData\Local\ntuserlitelist
2017-06-29 19:18 - 2017-06-29 19:18 - 00000000 ____D C:\Users\Christopher\AppData\Roaming\c
2017-06-29 19:18 - 2017-06-29 19:18 - 00000000 ____D C:\Users\Christopher\AppData\Local\lqylpia
2017-06-29 19:18 - 2017-06-29 19:18 - 00000000 ____D C:\Users\Christopher\AppData\Local\hixbhys
2017-06-29 09:01 - 2017-06-29 09:01 - 00000000 ____D C:\Program Files (x86)\VulkanRT
2017-06-29 09:01 - 2017-06-07 18:55 - 06467008 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2017-06-29 09:01 - 2017-06-07 18:55 - 02479552 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2017-06-29 09:01 - 2017-06-07 18:55 - 01762936 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2017-06-29 09:01 - 2017-06-07 18:55 - 00549312 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshext.dll
2017-06-29 09:01 - 2017-06-07 18:55 - 00392312 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2017-06-29 09:01 - 2017-06-07 18:55 - 00082040 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshextr.dll
2017-06-29 09:01 - 2017-06-07 18:55 - 00069568 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2017-06-29 09:01 - 2017-06-07 07:42 - 08075477 _____ C:\Windows\system32\nvcoproc.bin
2017-06-29 09:01 - 2017-03-10 16:17 - 00536864 _____ C:\Windows\system32\vulkan-1.dll
2017-06-29 09:01 - 2017-03-10 16:17 - 00525600 _____ C:\Windows\SysWOW64\vulkan-1.dll
2017-06-29 09:01 - 2017-03-10 16:17 - 00254240 _____ C:\Windows\system32\vulkaninfo.exe
2017-06-29 09:01 - 2017-03-10 16:17 - 00233760 _____ C:\Windows\SysWOW64\vulkaninfo.exe
2017-06-29 09:00 - 2017-06-07 19:01 - 00001951 _____ C:\Windows\NvContainerRecovery.bat
2017-06-29 08:59 - 2017-06-07 20:45 - 40201664 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2017-06-29 08:59 - 2017-06-07 20:45 - 35390584 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2017-06-29 08:59 - 2017-06-07 20:45 - 35281344 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2017-06-29 08:59 - 2017-06-07 20:45 - 28624320 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2017-06-29 08:59 - 2017-06-07 20:45 - 11056272 _____ (NVIDIA Corporation) C:\Windows\system32\nvptxJitCompiler.dll
2017-06-29 08:59 - 2017-06-07 20:45 - 11028664 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2017-06-29 08:59 - 2017-06-07 20:45 - 10551256 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2017-06-29 08:59 - 2017-06-07 20:45 - 09248144 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2017-06-29 08:59 - 2017-06-07 20:45 - 09014976 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvptxJitCompiler.dll
2017-06-29 08:59 - 2017-06-07 20:45 - 08808488 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2017-06-29 08:59 - 2017-06-07 20:45 - 04115112 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2017-06-29 08:59 - 2017-06-07 20:45 - 03796928 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2017-06-29 08:59 - 2017-06-07 20:45 - 03625992 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2017-06-29 08:59 - 2017-06-07 20:45 - 03256440 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2017-06-29 08:59 - 2017-06-07 20:45 - 01988216 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6438253.dll
2017-06-29 08:59 - 2017-06-07 20:45 - 01606776 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6438253.dll
2017-06-29 08:59 - 2017-06-07 20:45 - 01278712 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncMFTH264.dll
2017-06-29 08:59 - 2017-06-07 20:45 - 01056888 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2017-06-29 08:59 - 2017-06-07 20:45 - 00995736 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncMFTH264.dll
2017-06-29 08:59 - 2017-06-07 20:45 - 00994240 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2017-06-29 08:59 - 2017-06-07 20:45 - 00964216 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2017-06-29 08:59 - 2017-06-07 20:45 - 00914880 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2017-06-29 08:59 - 2017-06-07 20:45 - 00775864 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2017-06-29 08:59 - 2017-06-07 20:45 - 00725112 _____ (NVIDIA Corporation) C:\Windows\system32\nvDecMFTMjpeg.dll
2017-06-29 08:59 - 2017-06-07 20:45 - 00688784 _____ (NVIDIA Corporation) C:\Windows\system32\nvfatbinaryLoader.dll
2017-06-29 08:59 - 2017-06-07 20:45 - 00618928 _____ (NVIDIA Corporation) C:\Windows\system32\nvmcumd.dll
2017-06-29 08:59 - 2017-06-07 20:45 - 00612088 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2017-06-29 08:59 - 2017-06-07 20:45 - 00609728 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2017-06-29 08:59 - 2017-06-07 20:45 - 00584128 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvDecMFTMjpeg.dll
2017-06-29 08:59 - 2017-06-07 20:45 - 00577728 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvfatbinaryLoader.dll
2017-06-29 08:59 - 2017-06-07 20:45 - 00499320 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2017-06-29 08:59 - 2017-06-07 20:45 - 00057792 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvhci.sys
2017-06-29 08:59 - 2017-06-07 20:45 - 00045163 _____ C:\Windows\system32\nvinfo.pb
2017-06-29 08:59 - 2017-06-07 20:45 - 00000669 _____ C:\Windows\SysWOW64\nv-vk32.json
2017-06-29 08:59 - 2017-06-07 20:45 - 00000669 _____ C:\Windows\system32\nv-vk64.json
2017-06-29 08:47 - 2015-07-14 20:57 - 00887552 _____ (Realtek ) C:\Windows\system32\Drivers\rt640x64.sys
2017-06-29 08:47 - 2015-07-14 20:57 - 00082544 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RtNicProp64.dll
2017-06-29 08:44 - 2017-06-29 08:44 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2017-06-29 08:42 - 2017-06-29 08:42 - 00001769 _____ C:\Windows\Language_trs.ini
2017-06-29 08:12 - 2017-06-21 02:07 - 00179320 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll
2017-06-29 08:12 - 2017-06-21 02:07 - 00146552 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
 
2017-06-29 05:56 - 2017-06-29 05:56 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_ASMBSW_01_11_00.Wdf
2017-06-29 05:55 - 2017-06-29 05:55 - 00000000 ____H C:\ProgramData\DP45977C.lfl
2017-06-29 05:55 - 2017-06-29 05:55 - 00000000 ____D C:\Windows\system32\DAX2
2017-06-29 05:55 - 2017-06-29 05:55 - 00000000 ____D C:\Program Files\ASUS
2017-06-29 05:55 - 2017-06-29 05:55 - 00000000 ____D C:\Program Files (x86)\ASUS
2017-06-29 05:55 - 2013-07-03 20:32 - 00028672 _____ (ASUSTek Computer Inc.) C:\Windows\SysWOW64\AsIO.dll
2017-06-29 05:55 - 2013-07-03 20:32 - 00015232 _____ C:\Windows\SysWOW64\Drivers\AsIO.sys
2017-06-26 13:55 - 2017-06-26 14:32 - 00000000 ____D C:\ProgramData\TEMP
2017-06-26 13:55 - 2017-06-26 13:55 - 00000000 ____D C:\Users\Christopher\AppData\Roaming\Product_NU16
2017-06-26 13:55 - 2017-06-26 13:55 - 00000000 ____D C:\ProgramData\Symantec
2017-06-26 13:43 - 2017-06-26 16:55 - 00000590 ____H C:\Windows\Tasks\Norton Product InstallerIdle.job
2017-06-26 13:43 - 2017-06-26 13:43 - 00003246 _____ C:\Windows\System32\Tasks\Norton Product InstallerIdle
2017-06-23 18:55 - 2017-06-23 18:55 - 00027552 _____ (REALiX(tm)) C:\Windows\SysWOW64\Drivers\HWiNFO64A.SYS
2017-06-23 18:55 - 2017-06-23 18:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HWiNFO32
2017-06-23 18:55 - 2017-06-23 18:55 - 00000000 ____D C:\Program Files (x86)\HWiNFO32
2017-06-23 18:50 - 2017-06-23 18:50 - 00000000 ____D C:\Users\Christopher\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RivaTuner Statistics Server
2017-06-23 18:24 - 2017-06-23 18:50 - 00000000 ____D C:\Windows\SysWOW64\directx
2017-06-23 18:23 - 2017-07-02 20:08 - 00000000 ____D C:\Program Files (x86)\MSI Afterburner
2017-06-23 18:23 - 2017-06-23 18:23 - 00001159 _____ C:\Users\Christopher\Desktop\MSI Afterburner.lnk
2017-06-23 18:23 - 2017-06-23 18:23 - 00000000 ____D C:\Users\Christopher\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MSI Afterburner
2017-06-19 20:04 - 2017-06-19 20:04 - 00000222 _____ C:\Users\Christopher\Desktop\The Witcher 3 Wild Hunt.url
2017-06-19 16:18 - 2017-06-19 16:18 - 00000222 _____ C:\Users\Christopher\Desktop\Portal Stories Mel.url
2017-06-19 14:45 - 2017-06-19 14:45 - 00000222 _____ C:\Users\Christopher\Desktop\Far Cry 4.url
2017-06-19 14:45 - 2017-06-19 14:45 - 00000000 ____D C:\ProgramData\Codemasters
2017-06-16 03:06 - 2017-06-16 03:06 - 00109696 _____ (Razer Inc.) C:\Windows\system32\RzChromaSDK64.dll
2017-06-16 03:06 - 2017-06-16 03:06 - 00102016 _____ (Razer Inc.) C:\Windows\SysWOW64\RzChromaSDK.dll
2017-06-16 02:54 - 2017-06-16 02:54 - 00049288 _____ (Razer Inc.) C:\Windows\SysWOW64\RzAPIChromaSDK.dll
2017-06-16 00:16 - 2017-06-16 00:16 - 00000000 ____D C:\Users\Christopher\AppData\Roaming\NomNomGalaxy
2017-06-15 23:58 - 2017-06-15 23:58 - 00000000 ____D C:\Program Files (x86)\Microsoft XNA
2017-06-13 17:48 - 2017-06-13 17:48 - 00000000 ____D C:\Windows\PCHEALTH
2017-06-13 17:47 - 2017-07-11 17:28 - 00794112 _____ (Microsoft Corporation) C:\Windows\system32\pwcreator.exe
2017-06-13 17:47 - 2017-06-03 05:15 - 01596600 _____ (Microsoft Corporation) C:\Windows\system32\gdi32full.dll
2017-06-13 17:47 - 2017-06-03 05:15 - 00382368 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2017-06-13 17:47 - 2017-06-03 05:10 - 00130464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tm.sys
2017-06-13 17:47 - 2017-06-03 05:09 - 01003624 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll
2017-06-13 17:47 - 2017-06-03 05:07 - 00119712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2017-06-13 17:47 - 2017-06-03 05:00 - 00321376 _____ (Microsoft Corporation) C:\Windows\system32\capauthz.dll
2017-06-13 17:47 - 2017-06-03 05:00 - 00219040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tpm.sys
2017-06-13 17:47 - 2017-06-03 04:59 - 01409048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32full.dll
2017-06-13 17:47 - 2017-06-03 04:59 - 00311200 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2017-06-13 17:47 - 2017-06-03 04:59 - 00259400 _____ (Microsoft Corporation) C:\Windows\system32\MusNotifyIcon.exe
2017-06-13 17:47 - 2017-06-03 04:58 - 00660384 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2017-06-13 17:47 - 2017-06-03 04:26 - 00266640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\capauthz.dll
2017-06-13 17:47 - 2017-06-03 04:23 - 00573856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll
2017-06-13 17:47 - 2017-06-03 04:14 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\dwmredir.dll
2017-06-13 17:47 - 2017-06-03 04:14 - 00099328 _____ (Microsoft Corporation) C:\Windows\system32\utcutil.dll
2017-06-13 17:47 - 2017-06-03 04:14 - 00047104 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2017-06-13 17:47 - 2017-06-03 04:12 - 00119296 _____ (Microsoft Corporation) C:\Windows\system32\UserDataTimeUtil.dll
2017-06-13 17:47 - 2017-06-03 04:11 - 00128000 _____ (Microsoft Corporation) C:\Windows\system32\mssprxy.dll
2017-06-13 17:47 - 2017-06-03 04:11 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\musdialoghandlers.dll
2017-06-13 17:47 - 2017-06-03 04:11 - 00038912 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2017-06-13 17:47 - 2017-06-03 04:11 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\BasicRender.sys
2017-06-13 17:47 - 2017-06-03 04:11 - 00002560 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2017-06-13 17:47 - 2017-06-03 04:10 - 00102400 _____ (Microsoft Corporation) C:\Windows\system32\MusNotificationUx.exe
2017-06-13 17:47 - 2017-06-03 04:10 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\DeviceCredentialDeployment.exe
2017-06-13 17:47 - 2017-06-03 04:09 - 00271872 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Security.Authentication.Identity.Provider.dll
2017-06-13 17:47 - 2017-06-03 04:09 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\devicengccredprov.dll
2017-06-13 17:47 - 2017-06-03 04:09 - 00094720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UserDataTimeUtil.dll
2017-06-13 17:47 - 2017-06-03 04:07 - 00778240 _____ C:\Windows\system32\MBR2GPT.EXE
2017-06-13 17:47 - 2017-06-03 04:07 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\bcdboot.exe
2017-06-13 17:47 - 2017-06-03 04:07 - 00002560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2017-06-13 17:47 - 2017-06-03 04:06 - 00551936 _____ (Microsoft Corporation) C:\Windows\system32\TpmCoreProvisioning.dll
2017-06-13 17:47 - 2017-06-03 04:05 - 00198656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Security.Authentication.Identity.Provider.dll
2017-06-13 17:47 - 2017-06-03 04:05 - 00169984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\devicengccredprov.dll
2017-06-13 17:47 - 2017-06-03 04:04 - 00805888 _____ (Microsoft Corporation) C:\Windows\system32\ieproxy.dll
2017-06-13 17:47 - 2017-06-03 04:03 - 00467456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TpmCoreProvisioning.dll
2017-06-13 17:47 - 2017-06-03 04:01 - 06726656 _____ (Microsoft Corporation) C:\Windows\system32\mspaint.exe
2017-06-13 17:47 - 2017-06-03 04:00 - 00933376 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe
2017-06-13 17:47 - 2017-06-03 04:00 - 00358400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieproxy.dll
2017-06-13 17:47 - 2017-06-03 03:59 - 02625024 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Logon.dll
2017-06-13 17:47 - 2017-06-03 03:59 - 00975360 _____ (Microsoft Corporation) C:\Windows\HelpPane.exe
2017-06-13 17:47 - 2017-06-03 03:58 - 02516480 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2017-06-13 17:47 - 2017-06-03 03:58 - 01046016 _____ (Microsoft Corporation) C:\Windows\system32\ngcsvc.dll
2017-06-13 17:47 - 2017-06-03 03:58 - 00827392 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2017-06-13 17:47 - 2017-06-03 03:57 - 06535168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mspaint.exe
2017-06-13 17:47 - 2017-06-03 03:57 - 00797184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchIndexer.exe
2017-06-13 17:47 - 2017-06-03 03:54 - 02341376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2017-06-13 17:47 - 2017-06-03 03:51 - 00064512 _____ (Microsoft Corporation) C:\Windows\bfsvc.exe

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-07-11 19:39 - 2016-06-21 19:38 - 00000000 ____D C:\FRST
2017-07-11 19:26 - 2015-06-20 22:58 - 00000000 ____D C:\Program Files (x86)\Steam
2017-07-11 19:21 - 2015-10-22 20:48 - 00000000 ____D C:\Users\Christopher\AppData\Roaming\Skype
2017-07-11 18:25 - 2017-05-23 17:08 - 01935350 _____ C:\Windows\system32\PerfStringBackup.INI
2017-07-11 18:19 - 2017-05-23 17:05 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2017-07-11 18:19 - 2017-05-23 16:59 - 00000180 _____ C:\Windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2017-07-11 18:19 - 2017-05-23 16:59 - 00000000 ____D C:\ProgramData\NVIDIA
2017-07-11 18:19 - 2017-03-18 06:40 - 01048576 _____ C:\Windows\system32\config\BBI
2017-07-11 18:19 - 2016-04-21 18:21 - 00000000 ____D C:\Users\Christopher\AppData\Local\LogMeIn Hamachi
2017-07-11 18:19 - 2015-08-12 19:19 - 00000000 ___RD C:\Users\Christopher\Google Drive
2017-07-11 18:19 - 2015-06-20 22:46 - 00000000 __RDO C:\Users\Christopher\OneDrive
2017-07-11 18:18 - 2017-05-23 16:58 - 00000000 ____D C:\Windows\system32\SleepStudy
2017-07-11 18:03 - 2015-11-25 13:54 - 00000000 ____D C:\Users\Christopher\AppData\Local\CrashDumps
2017-07-11 17:43 - 2015-10-19 18:58 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2017-07-11 17:41 - 2017-03-18 16:01 - 00000000 ____D C:\Windows\INF
2017-07-11 17:36 - 2017-03-18 16:03 - 00000000 ____D C:\Windows\AppReadiness
2017-07-11 17:30 - 2015-07-30 19:02 - 00000000 __RHD C:\Users\Public\AccountPictures
2017-07-11 17:29 - 2017-05-23 16:58 - 00442928 _____ C:\Windows\system32\FNTCACHE.DAT
2017-07-11 17:29 - 2017-03-18 16:03 - 00000000 ___RD C:\Windows\ImmersiveControlPanel
2017-07-11 17:29 - 2017-03-18 16:03 - 00000000 ____D C:\Windows\system32\oobe
2017-07-11 17:29 - 2017-03-18 16:03 - 00000000 ____D C:\Windows\PolicyDefinitions
2017-07-11 17:29 - 2017-03-18 16:03 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2017-07-11 17:29 - 2017-03-18 16:03 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2017-07-11 17:28 - 2017-05-23 17:00 - 00000000 ____D C:\Users\Christopher
2017-07-11 13:03 - 2017-03-18 15:51 - 00000000 ____D C:\Windows\CbsTemp
2017-07-11 13:02 - 2015-06-22 19:04 - 00000000 ____D C:\Windows\system32\MRT
2017-07-11 13:01 - 2015-06-22 19:04 - 135225752 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2017-07-11 12:28 - 2017-06-07 13:43 - 00000000 ____D C:\ProgramData\AVAST Software
2017-07-11 09:48 - 2015-08-18 21:10 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2017-07-11 09:44 - 2017-05-23 17:05 - 00004572 _____ C:\Windows\System32\Tasks\Adobe Flash Player PPAPI Notifier
2017-07-11 09:44 - 2017-03-18 16:03 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2017-07-11 09:44 - 2017-03-18 16:03 - 00000000 ____D C:\Windows\system32\Macromed
2017-07-10 23:58 - 2017-03-18 16:03 - 00000000 ___HD C:\Program Files\WindowsApps
2017-07-10 22:32 - 2016-11-17 20:21 - 00000000 ____D C:\Users\Christopher\AppData\LocalLow\Mozilla
2017-07-10 22:00 - 2015-06-20 22:48 - 00000000 ____D C:\Users\Christopher\AppData\Local\Google
2017-07-10 13:26 - 2016-09-27 06:33 - 00000000 ____D C:\Users\Default\AppData\Local\LogMeIn Hamachi
2017-07-10 13:26 - 2016-09-27 06:33 - 00000000 ____D C:\Users\Default User\AppData\Local\LogMeIn Hamachi
2017-07-10 13:23 - 2017-06-05 02:23 - 00000169 _____ C:\Users\Christopher\BullseyeCoverageError.txt
2017-07-10 13:23 - 2017-06-05 02:22 - 00000153 _____ C:\Users\Default\BullseyeCoverageError.txt
2017-07-10 13:23 - 2016-04-21 18:20 - 00000995 _____ C:\Users\Public\Desktop\LogMeIn Hamachi.lnk
2017-07-09 09:58 - 2016-05-03 18:57 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2017-07-08 00:32 - 2015-09-02 17:31 - 00000000 ____D C:\Users\Christopher\AppData\Local\Battle.net
2017-07-07 23:32 - 2015-09-02 17:31 - 00000000 ____D C:\Program Files (x86)\Battle.net
2017-07-04 13:23 - 2015-12-11 20:30 - 00000000 ____D C:\Users\Christopher\AppData\Roaming\uTorrent
2017-07-04 13:00 - 2015-07-01 18:23 - 00000000 ____D C:\Users\Christopher\AppData\Roaming\vlc
2017-07-04 11:27 - 2017-02-14 21:15 - 00001040 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 12.lnk
2017-07-04 11:27 - 2017-02-14 21:15 - 00001028 _____ C:\Users\Public\Desktop\TeamViewer 12.lnk
2017-07-03 23:41 - 2015-08-01 10:08 - 00000000 ____D C:\Users\Christopher\AppData\Local\ElevatedDiagnostics
2017-07-03 23:40 - 2017-03-18 16:03 - 00000000 ____D C:\Windows\system32\NDF
2017-07-03 23:34 - 2017-05-23 16:16 - 00000000 ___DC C:\Windows\Panther
2017-07-03 21:39 - 2017-03-18 16:03 - 00000000 ____D C:\Windows\rescache
2017-07-03 13:54 - 2015-06-20 22:44 - 00000000 ____D C:\Users\Christopher\AppData\Local\Packages
2017-07-03 13:53 - 2017-03-18 16:03 - 00000000 ____D C:\Windows\SystemApps
2017-07-03 13:53 - 2017-03-18 16:03 - 00000000 ____D C:\Windows\security
2017-07-03 13:53 - 2017-03-18 16:03 - 00000000 ____D C:\Windows\schemas
2017-07-03 13:53 - 2017-03-18 16:03 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2017-07-03 13:50 - 2017-05-23 16:59 - 00027136 _____ (Khronos Group) C:\Windows\SysWOW64\opencl.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 02376096 _____ (Microsoft Corporation) C:\Windows\system32\Microsoft.Uev.AppAgent.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 02194944 _____ (Microsoft Corporation) C:\Windows\system32\Microsoft.Uev.ModernAppAgent.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 01955328 _____ (Microsoft Corporation) C:\Windows\system32\PeerDistSvc.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 01624480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Microsoft.Uev.AppAgent.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 01317888 _____ (Microsoft Corporation) C:\Windows\system32\srmclient.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 01200640 _____ (Microsoft Corporation) C:\Windows\system32\AgentService.exe
2017-07-03 13:50 - 2017-03-18 15:59 - 01197056 _____ (Microsoft Corporation) C:\Windows\system32\Microsoft.Uev.CommonBridge.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 01141760 _____ (Microsoft Corporation) C:\Windows\system32\ApplySettingsTemplateCatalog.exe
2017-07-03 13:50 - 2017-03-18 15:59 - 00912896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srmclient.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00804864 _____ (Microsoft Corporation) C:\Windows\system32\fvewiz.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00800256 _____ (Microsoft Corporation) C:\Windows\system32\pmcsnap.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00785920 _____ (Microsoft Corporation) C:\Windows\system32\cscui.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00751616 _____ (Microsoft Corporation) C:\Windows\system32\Microsoft.Uev.PrinterCustomActions.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\Microsoft.Uev.Office2013CustomActions.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00725504 _____ (Microsoft Corporation) C:\Windows\system32\cscsvc.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\PeerDistCacheProvider.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00664576 _____ (Microsoft Corporation) C:\Windows\system32\gpprefcl.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00662016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvgogl32.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00637440 _____ (Microsoft Corporation) C:\Windows\system32\srmscan.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00559104 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\csc.sys
2017-07-03 13:50 - 2017-03-18 15:59 - 00556032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gpprefcl.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00548864 _____ (Microsoft Corporation) C:\Windows\system32\AdmTmpl.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00546304 _____ (Microsoft Corporation) C:\Windows\system32\scrptadm.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00498688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Microsoft.Uev.Office2013CustomActions.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00473088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrptadm.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00457216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srmscan.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00448000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AdmTmpl.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00448000 _____ (Microsoft Corporation) C:\Windows\system32\appmgr.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00416256 _____ (Microsoft Corporation) C:\Windows\system32\PeerDistSh.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00413184 _____ (Microsoft Corporation) C:\Windows\system32\rdpshell.exe
2017-07-03 13:50 - 2017-03-18 15:59 - 00409600 _____ (Microsoft Corporation) C:\Windows\system32\AppIdPolicyEngineApi.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00407552 _____ (Microsoft Corporation) C:\Windows\system32\Microsoft.Uev.CscUnpinTool.exe
2017-07-03 13:50 - 2017-03-18 15:59 - 00364032 _____ (Microsoft Corporation) C:\Windows\system32\bdechangepin.exe
2017-07-03 13:50 - 2017-03-18 15:59 - 00363520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appmgr.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00345600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PeerDistSh.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\fvecpl.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00316416 _____ (Microsoft Corporation) C:\Windows\system32\rdpinit.exe
2017-07-03 13:50 - 2017-03-18 15:59 - 00312832 _____ (Microsoft Corporation) C:\Windows\system32\SrpUxNativeSnapIn.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00304640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SrpUxNativeSnapIn.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Microsoft.Uev.ConfigWrapper.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00289280 _____ (Microsoft Corporation) C:\Windows\system32\cscobj.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00287744 _____ (Microsoft Corporation) C:\Windows\system32\Microsoft.Uev.ManagedEventLogging.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00283136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppIdPolicyEngineApi.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00282112 _____ (Microsoft Corporation) C:\Windows\system32\ddputils.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00280064 _____ (Microsoft Corporation) C:\Windows\system32\srm.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srm.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00275456 _____ (Microsoft Corporation) C:\Windows\system32\srmstormod.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00264608 _____ (Microsoft Corporation) C:\Windows\system32\AppVFileSystemMetadata.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00261632 _____ (Microsoft Corporation) C:\Windows\system32\ppcsnap.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00235424 _____ (Microsoft Corporation) C:\Windows\system32\AppVShNotify.exe
2017-07-03 13:50 - 2017-03-18 15:59 - 00232352 _____ (Microsoft Corporation) C:\Windows\system32\AppVStreamMap.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00230816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mssecflt.sys
2017-07-03 13:50 - 2017-03-18 15:59 - 00229888 _____ (Microsoft Corporation) C:\Windows\system32\ddpchunk.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00224256 _____ (Microsoft Corporation) C:\Windows\system32\appvetwsharedperformance.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00224256 _____ (Microsoft Corporation) C:\Windows\system32\AppvClientEventLog.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\AuditNativeSnapIn.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00222720 _____ (Microsoft Corporation) C:\Windows\system32\PeerDist.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00222208 _____ (Microsoft Corporation) C:\Windows\system32\PresentationSettings.exe
2017-07-03 13:50 - 2017-03-18 15:59 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\PeerDistCleaner.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00220672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AuditNativeSnapIn.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00219136 _____ (Microsoft Corporation) C:\Windows\system32\tspubwmi.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00219136 _____ (Microsoft Corporation) C:\Windows\system32\tscfgwmi.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00212992 _____ (Microsoft Corporation) C:\Windows\system32\Microsoft.Uev.CmUtil.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00210432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscobj.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00203672 _____ (Microsoft Corporation) C:\Windows\system32\AppVStreamingUX.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00196096 _____ (Microsoft Corporation) C:\Windows\system32\appmgmts.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00189440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srmstormod.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00186272 _____ (Microsoft Corporation) C:\Windows\system32\AppVDllSurrogate.exe
2017-07-03 13:50 - 2017-03-18 15:59 - 00184224 _____ (Microsoft Corporation) C:\Windows\system32\mavinject.exe
2017-07-03 13:50 - 2017-03-18 15:59 - 00182784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvgocl32.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00182784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PeerDist.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00181760 _____ (Microsoft Corporation) C:\Windows\system32\tssrvlic.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00181760 _____ (Microsoft Corporation) C:\Windows\system32\PeerDistWSDDiscoProv.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00173984 _____ (Microsoft Corporation) C:\Windows\system32\AppVNice.exe
2017-07-03 13:50 - 2017-03-18 15:59 - 00170496 _____ (Microsoft Corporation) C:\Windows\system32\srmshell.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appmgmts.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00162816 _____ (Microsoft Corporation) C:\Windows\system32\fveprompt.exe
2017-07-03 13:50 - 2017-03-18 15:59 - 00161696 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\AppvVemgr.sys
2017-07-03 13:50 - 2017-03-18 15:59 - 00154112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvgu1132.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00149920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mavinject.exe
2017-07-03 13:50 - 2017-03-18 15:59 - 00147439 _____ C:\Windows\SysWOW64\gpedit.msc
2017-07-03 13:50 - 2017-03-18 15:59 - 00147439 _____ C:\Windows\system32\gpedit.msc
2017-07-03 13:50 - 2017-03-18 15:59 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\AppManagementConfiguration.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00146389 _____ C:\Windows\system32\printmanagement.msc
2017-07-03 13:50 - 2017-03-18 15:59 - 00145408 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Internal.Management.SecureAssessment.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00143776 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\AppvVfs.sys
2017-07-03 13:50 - 2017-03-18 15:59 - 00143264 _____ (Microsoft Corporation) C:\Windows\system32\CscMig.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00139264 ____R (Microsoft Corporation) C:\Windows\system32\SecureAssessmentHandlers.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ddptrace.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00135168 _____ (Microsoft Corporation) C:\Windows\system32\adrclient.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00133632 _____ (Microsoft Corporation) C:\Windows\system32\appvetwclientres.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00132608 _____ (Microsoft Corporation) C:\Windows\system32\BdeHdCfg.exe
2017-07-03 13:50 - 2017-03-18 15:59 - 00129024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppManagementConfiguration.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00127904 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\AppVStrm.sys
2017-07-03 13:50 - 2017-03-18 15:59 - 00124416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srmshell.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00120458 _____ C:\Windows\system32\secpol.msc
2017-07-03 13:50 - 2017-03-18 15:59 - 00119808 _____ (Microsoft Corporation) C:\Windows\system32\IoTAssignedAccessLockFramework.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00113152 _____ (Microsoft Corporation) C:\Windows\system32\baaupdate.exe
2017-07-03 13:50 - 2017-03-18 15:59 - 00106496 _____ C:\Windows\system32\RDVGHelper.exe
2017-07-03 13:50 - 2017-03-18 15:59 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\BdeHdCfgLib.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00102400 _____ (Microsoft Corporation) C:\Windows\system32\BitLockerWizardElev.exe
2017-07-03 13:50 - 2017-03-18 15:59 - 00102400 _____ (Microsoft Corporation) C:\Windows\system32\BitLockerWizard.exe
2017-07-03 13:50 - 2017-03-18 15:59 - 00099328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adrclient.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00097792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvgumd32.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00096256 ____R (Microsoft Corporation) C:\Windows\system32\Windows.Management.SecureAssessment.CfgProvider.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00096256 _____ (Microsoft Corporation) C:\Windows\system32\AssignedAccessCsp.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00095744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpolmsg.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\auditpolmsg.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00091136 _____ C:\Windows\system32\hvsigpext.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00090112 _____ C:\Windows\system32\hvsievaluator.exe
2017-07-03 13:50 - 2017-03-18 15:59 - 00090112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srmlib.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\srmlib.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00087552 _____ (Microsoft Corporation) C:\Windows\system32\EnterpriseAppVMgmtCSP.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\rdpsign.exe
2017-07-03 13:50 - 2017-03-18 15:59 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\srmtrace.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\PackageInspector.exe
2017-07-03 13:50 - 2017-03-18 15:59 - 00082944 _____ (Microsoft Corporation) C:\Windows\system32\Microsoft.Uev.SyncController.exe
2017-07-03 13:50 - 2017-03-18 15:59 - 00080384 _____ (Microsoft Corporation) C:\Windows\system32\dggpext.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00077216 _____ (Microsoft Corporation) C:\Windows\system32\SyncAppvPublishingServer.exe
2017-07-03 13:50 - 2017-03-18 15:59 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\mssecuser.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\AuditPolicyGPInterop.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00071680 _____ (Microsoft Corporation) C:\Windows\system32\PrintBrmUi.exe
2017-07-03 13:50 - 2017-03-18 15:59 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\Microsoft.Uev.Common.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\ddp_ps.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00064512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srmtrace.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00060928 _____ (Microsoft Corporation) C:\Windows\system32\LSCSHostPolicy.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00058368 _____ (Microsoft Corporation) C:\Windows\system32\Microsoft.Uev.ModernAppCore.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AuditPolicyGPInterop.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\UevAppMonitor.exe
2017-07-03 13:50 - 2017-03-18 15:59 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\PeerDistHttpTrans.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00054272 _____ (Microsoft Corporation) C:\Windows\system32\Microsoft.Uev.CabUtil.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\windowsdefenderapplicationguardcsp.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\gpscript.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\Microsoft.Uev.EventLogMessages.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00045568 _____ (Microsoft Corporation) C:\Windows\system32\Microsoft.Uev.Office2010CustomActions.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\gpscript.exe
2017-07-03 13:50 - 2017-03-18 15:59 - 00043566 _____ C:\Windows\SysWOW64\rsop.msc
2017-07-03 13:50 - 2017-03-18 15:59 - 00043566 _____ C:\Windows\system32\rsop.msc
2017-07-03 13:50 - 2017-03-18 15:59 - 00042400 _____ (Microsoft Corporation) C:\Windows\system32\EmbeddedAppLauncherConfig.exe
2017-07-03 13:50 - 2017-03-18 15:59 - 00041472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gpscript.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\PeerDistAD.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00041376 _____ (Microsoft Corporation) C:\Windows\system32\AppVClientPS.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00040960 _____ (Microsoft Corporation) C:\Windows\system32\UevAgentPolicyGenerator.exe
2017-07-03 13:50 - 2017-03-18 15:59 - 00040864 _____ (Microsoft Corporation) C:\Windows\system32\EmbeddedAppLauncherConfig.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00040344 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\UevAgentDriver.sys
2017-07-03 13:50 - 2017-03-18 15:59 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\CIWmi.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00037888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gpscript.exe
2017-07-03 13:50 - 2017-03-18 15:59 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\rfxvmt.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Microsoft.Uev.Office2010CustomActions.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rfxvmt.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00031744 _____ (Microsoft Corporation) C:\Windows\system32\srm_ps.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00030720 _____ C:\Windows\system32\LockdownUtil.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\qwinsta.exe
2017-07-03 13:50 - 2017-03-18 15:59 - 00027648 _____ (Microsoft Corporation) C:\Windows\system32\qprocess.exe
2017-07-03 13:50 - 2017-03-18 15:59 - 00027040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppVClientPS.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00026624 _____ (Microsoft Corporation) C:\Windows\system32\lstelemetry.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00026112 _____ (Microsoft Corporation) C:\Windows\system32\msg.exe
2017-07-03 13:50 - 2017-03-18 15:59 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Win32_DeviceGuard.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\quser.exe
2017-07-03 13:50 - 2017-03-18 15:59 - 00024992 _____ (Microsoft Corporation) C:\Windows\system32\embeddedapplauncher.exe
2017-07-03 13:50 - 2017-03-18 15:59 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\qappsrv.exe
2017-07-03 13:50 - 2017-03-18 15:59 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\chgport.exe
2017-07-03 13:50 - 2017-03-18 15:59 - 00024064 _____ (Microsoft Corporation) C:\Windows\system32\tskill.exe
2017-07-03 13:50 - 2017-03-18 15:59 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\tsdiscon.exe
2017-07-03 13:50 - 2017-03-18 15:59 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\tscon.exe
2017-07-03 13:50 - 2017-03-18 15:59 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\Microsoft.Uev.Management.WmiAccess.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00023040 _____ (Microsoft Corporation) C:\Windows\system32\rwinsta.exe
2017-07-03 13:50 - 2017-03-18 15:59 - 00023040 _____ (Microsoft Corporation) C:\Windows\system32\logoff.exe
2017-07-03 13:50 - 2017-03-18 15:59 - 00023040 _____ (Microsoft Corporation) C:\Windows\system32\chglogon.exe
2017-07-03 13:50 - 2017-03-18 15:59 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\chgusr.exe
2017-07-03 13:50 - 2017-03-18 15:59 - 00021920 _____ (Microsoft Corporation) C:\Windows\system32\ScriptRunner.exe
2017-07-03 13:50 - 2017-03-18 15:59 - 00021504 _____ (Microsoft Corporation) C:\Windows\system32\Microsoft.Uev.Management.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00020992 _____ (Microsoft Corporation) C:\Windows\system32\Microsoft.Uev.ModernAppData.WinRT.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00019872 _____ (Microsoft Corporation) C:\Windows\system32\AppVTerminator.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\Microsoft.Uev.SyncCommon.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00018432 _____ (Microsoft Corporation) C:\Windows\system32\Microsoft.Uev.Common.WinRT.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00018336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppVTerminator.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\Microsoft.Uev.LocalSyncProvider.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\reset.exe
2017-07-03 13:50 - 2017-03-18 15:59 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\change.exe
2017-07-03 13:50 - 2017-03-18 15:59 - 00016896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srm_ps.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00016896 _____ (Microsoft Corporation) C:\Windows\system32\query.exe
2017-07-03 13:50 - 2017-03-18 15:59 - 00015264 _____ (Microsoft Corporation) C:\Windows\system32\AppVSentinel.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\Microsoft.Uev.ModernSync.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\UevTemplateBaselineGenerator.exe
2017-07-03 13:50 - 2017-03-18 15:59 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\Microsoft.Uev.AgentDriverEvents.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\appvetwstreamingux.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00013728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppVSentinel.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\UevTemplateConfigItemGenerator.exe
2017-07-03 13:50 - 2017-03-18 15:59 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\TSErrRedir.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\BdeSysprep.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\Microsoft.Uev.SmbSyncProvider.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00008192 _____ (Microsoft Corporation) C:\Windows\system32\Microsoft.Uev.MonitorSyncProvider.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00007680 _____ (Microsoft Corporation) C:\Windows\system32\Microsoft.Uev.SyncConditions.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00006144 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Management.SecureAssessment.Diagnostics.dll
2017-07-03 13:50 - 2017-03-18 15:56 - 00125952 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tsusbhub.sys
2017-07-02 20:08 - 2016-10-09 08:34 - 00000000 ____D C:\Program Files (x86)\RivaTuner Statistics Server
2017-07-02 19:47 - 2016-05-10 18:18 - 00013848 _____ C:\Windows\system32\--traceoff
2017-07-02 19:46 - 2016-05-10 18:14 - 00000000 ____D C:\Users\Christopher\AppData\Roaming\Sony
2017-07-02 00:20 - 2015-10-24 21:40 - 00000000 ____D C:\Users\Christopher\AppData\Roaming\Audacity
2017-06-29 23:47 - 2015-10-09 16:29 - 00000000 ____D C:\ProgramData\Origin
2017-06-29 23:45 - 2016-04-23 22:02 - 00000000 ____D C:\Users\Christopher\AppData\Roaming\Opera Software
2017-06-29 23:45 - 2016-04-23 22:02 - 00000000 ____D C:\Users\Christopher\AppData\Local\Opera Software
2017-06-29 23:39 - 2015-10-09 16:31 - 00000000 ____D C:\Users\Christopher\AppData\Roaming\Origin
2017-06-29 23:30 - 2016-05-23 14:36 - 00000000 ____D C:\Users\Christopher\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Hammer & Chisel, Inc
2017-06-29 23:30 - 2016-05-23 14:36 - 00000000 ____D C:\Users\Christopher\AppData\Local\Discord
2017-06-29 23:22 - 2017-03-18 16:03 - 00000000 ___SD C:\Windows\SysWOW64\F12
2017-06-29 23:22 - 2017-03-18 16:03 - 00000000 ___SD C:\Windows\system32\F12
2017-06-29 23:22 - 2017-03-18 16:03 - 00000000 ___RD C:\Program Files\Windows Defender
2017-06-29 23:22 - 2017-03-18 16:03 - 00000000 ____D C:\Windows\system32\migwiz
2017-06-29 23:22 - 2017-03-18 16:03 - 00000000 ____D C:\Windows\system32\appraiser
2017-06-29 23:22 - 2017-03-18 16:03 - 00000000 ____D C:\Windows\ShellExperiences
2017-06-29 23:22 - 2017-03-18 16:03 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2017-06-29 21:59 - 2016-09-21 06:17 - 00000000 ____D C:\Program Files (x86)\Opera
2017-06-29 21:59 - 2015-06-20 22:48 - 00000000 ____D C:\Program Files (x86)\Google
2017-06-29 19:43 - 2015-09-29 18:59 - 00007602 _____ C:\Users\Christopher\AppData\Local\Resmon.ResmonCfg
2017-06-29 19:26 - 2017-05-07 13:02 - 00000000 ____D C:\Users\Christopher\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Image-Line
2017-06-29 19:26 - 2017-05-07 13:02 - 00000000 ____D C:\Program Files\Image-Line
2017-06-29 19:26 - 2017-05-07 12:58 - 00000000 ____D C:\Program Files (x86)\Image-Line
2017-06-29 19:20 - 2015-06-24 12:44 - 00000000 ____D C:\Users\Christopher\AppData\Local\Ubisoft Game Launcher
2017-06-29 13:58 - 2016-11-14 19:12 - 00000000 ____D C:\Program Files (x86)\REALTEK USB Wireless LAN Driver
2017-06-29 09:01 - 2017-05-23 16:59 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2017-06-29 09:01 - 2017-03-18 16:03 - 00000000 ____D C:\Windows\Help
2017-06-29 09:01 - 2015-08-07 15:16 - 00000000 ____D C:\Temp
2017-06-29 09:00 - 2017-05-23 16:59 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2017-06-29 09:00 - 2017-05-23 16:59 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2017-06-29 08:47 - 2015-06-21 14:48 - 00000000 ____D C:\Program Files (x86)\Realtek
2017-06-29 08:44 - 2017-05-23 16:59 - 00000000 ____D C:\Program Files\Intel
2017-06-29 08:42 - 2015-08-05 23:57 - 00000000 ____D C:\ProgramData\Package Cache
2017-06-29 08:12 - 2017-05-23 17:05 - 00004308 _____ C:\Windows\System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-06-29 08:12 - 2017-05-23 17:05 - 00004000 _____ C:\Windows\System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-06-29 08:12 - 2017-05-23 17:05 - 00003994 _____ C:\Windows\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-06-29 08:12 - 2017-05-23 17:05 - 00003894 _____ C:\Windows\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-06-29 08:12 - 2017-05-23 17:05 - 00003866 _____ C:\Windows\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-06-29 08:12 - 2017-05-23 17:05 - 00003858 _____ C:\Windows\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-06-29 08:12 - 2017-05-23 17:05 - 00003696 _____ C:\Windows\System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-06-29 08:12 - 2017-05-23 17:05 - 00003654 _____ C:\Windows\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-06-29 08:12 - 2016-09-08 17:09 - 00001489 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2017-06-29 05:55 - 2017-05-23 16:59 - 00000000 ____D C:\Windows\SysWOW64\RTCOM
2017-06-27 11:13 - 2015-11-30 22:53 - 00000000 ____D C:\Program Files (x86)\Origin
2017-06-26 14:36 - 2015-08-18 21:14 - 00000000 ____D C:\Users\Christopher\AppData\LocalLow\Adobe
2017-06-25 18:43 - 2017-02-24 20:24 - 00604200 _____ C:\Windows\system32\Drivers\EasyAntiCheat.sys
2017-06-22 17:24 - 2015-06-21 22:55 - 00000000 ____D C:\Fraps
2017-06-22 16:18 - 2017-05-23 17:05 - 00003266 _____ C:\Windows\System32\Tasks\CAM
2017-06-22 16:12 - 2017-02-24 20:24 - 00000000 ____D C:\Users\Christopher\AppData\Roaming\EasyAntiCheat
2017-06-21 02:07 - 2017-05-11 20:04 - 00048248 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2017-06-21 02:07 - 2016-09-08 17:09 - 01903224 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2017-06-21 02:07 - 2016-09-08 17:09 - 01755256 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll
2017-06-21 02:07 - 2016-09-08 17:09 - 01489528 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2017-06-21 02:07 - 2016-09-08 17:09 - 01317496 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll
2017-06-21 02:07 - 2016-09-08 17:09 - 00121464 _____ C:\Windows\system32\NvRtmpStreamer64.dll
2017-06-20 16:15 - 2017-05-23 17:05 - 00003310 _____ C:\Windows\System32\Tasks\OneDrive Standalone Update Task v2
2017-06-20 16:15 - 2015-07-30 19:06 - 00002385 _____ C:\Users\Christopher\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-06-20 15:58 - 2017-01-07 12:00 - 00001951 _____ C:\Windows\NvTelemetryContainerRecovery.bat
2017-06-19 14:44 - 2017-03-02 00:24 - 00466456 _____ (Creative Labs) C:\Windows\system32\wrap_oal.dll
2017-06-19 14:44 - 2017-03-02 00:24 - 00444952 _____ (Creative Labs) C:\Windows\SysWOW64\wrap_oal.dll
2017-06-19 14:44 - 2017-03-02 00:24 - 00122904 _____ (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\Windows\system32\OpenAL32.dll
2017-06-19 14:44 - 2017-03-02 00:24 - 00109080 _____ (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\Windows\SysWOW64\OpenAL32.dll
2017-06-17 21:55 - 2015-07-26 19:45 - 00000000 ____D C:\Users\Christopher\AppData\Local\Spotify
2017-06-17 18:02 - 2015-07-26 19:44 - 00000000 ____D C:\Users\Christopher\AppData\Roaming\Spotify
2017-06-17 14:22 - 2015-08-18 21:09 - 00000000 ____D C:\Users\Christopher\AppData\Local\Adobe
2017-06-14 00:10 - 2017-05-23 17:05 - 00004386 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2017-06-13 17:48 - 2013-08-22 08:25 - 00000175 _____ C:\Windows\win.ini

==================== Files in the root of some directories =======

2016-07-11 09:55 - 2016-07-11 09:55 - 0000171 _____ () C:\Users\Christopher\AppData\Roaming\burnaware.ini
2017-04-16 13:16 - 2017-05-23 21:08 - 0004502 _____ () C:\Users\Christopher\AppData\Roaming\VoiceMeeterDefault.xml
2017-05-20 13:23 - 2017-05-20 13:23 - 0001488 _____ () C:\Users\Christopher\AppData\Local\recently-used.xbel
2017-05-17 11:32 - 2017-05-17 11:32 - 0125952 _____ () C:\Users\Christopher\AppData\Local\report
2015-09-29 18:59 - 2017-06-29 19:43 - 0007602 _____ () C:\Users\Christopher\AppData\Local\Resmon.ResmonCfg
2015-12-31 19:52 - 2015-12-31 19:52 - 0008157 _____ () C:\Users\Christopher\AppData\Local\transitiontransition_ade97586d9c807608acf4758757f034d.ini
2017-03-22 20:46 - 2017-03-22 20:46 - 0000552 _____ () C:\Users\Christopher\AppData\Local\TroubleshooterConfig.json
2017-06-07 14:19 - 2017-06-07 14:19 - 0047183 _____ () C:\ProgramData\agent.1496863186.bdinstall.bin
2017-06-07 14:37 - 2017-06-07 14:37 - 0029140 _____ () C:\ProgramData\agent.1496864248.bdinstall.bin
2017-06-29 05:55 - 2017-06-29 05:55 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2017-01-07 12:00 - 2017-01-24 22:53 - 0029267 _____ () C:\ProgramData\NvTelemetryContainer.log
2017-01-07 12:00 - 2017-01-10 19:33 - 0010108 _____ () C:\ProgramData\NvTelemetryContainer.log_backup1

Some files in TEMP:
====================
2017-06-05 02:22 - 2017-06-05 02:22 - 0010520 _____ () C:\Users\Christopher\AppData\Local\Temp\BullseyeCoverage-x86-3.dll
2017-07-11 16:38 - 2017-06-20 01:10 - 1930320 _____ (Microsoft Corporation) C:\Users\Christopher\AppData\Local\Temp\dllnt_dump.dll

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2017-07-08 09:23

==================== End of FRST.txt ============================
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 11-07-2017
Ran by ChristopherAubert (11-07-2017 19:40:01)
Running from C:\Users\Christopher\Desktop
Windows 10 Pro Version 1703 (X64) (2017-05-23 22:08:51)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-3319825686-2643767977-2016650390-500 - Administrator - Disabled)
ChristopherAubert (S-1-5-21-3319825686-2643767977-2016650390-1001 - Administrator - Enabled) => C:\Users\Christopher
DefaultAccount (S-1-5-21-3319825686-2643767977-2016650390-503 - Limited - Disabled)
Guest (S-1-5-21-3319825686-2643767977-2016650390-501 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-3319825686-2643767977-2016650390-1001\...\uTorrent) (Version: 3.5.0.43916 - BitTorrent Inc.)
4K Video Downloader 4.2 (HKLM-x32\...\4K Video Downloader_is1) (Version: 4.2.0.2175 - Open Media LLC)
4K YouTube to MP3 3.0 (HKLM-x32\...\4K YouTube to MP3_is1) (Version: 3.0.1.1636 - Open Media LLC)
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 17.009.20058 - Adobe Systems Incorporated)
Adobe Flash Player 26 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 26.0.0.137 - Adobe Systems Incorporated)
Adobe Flash Player 26 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 26.0.0.137 - Adobe Systems Incorporated)
Ansel (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Ansel) (Version: 382.53 - NVIDIA Corporation) Hidden
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.12 - Michael Tippach)
Audacity 2.1.1 (HKLM-x32\...\Audacity®_is1) (Version: 2.1.1 - Audacity Team)
Balabolka (HKLM-x32\...\Balabolka) (Version: 2.11.0.616 - Ilya Morozov)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.3.0 - EA Digital Illusions CE AB)
Blackboard Collaborate Launcher (HKLM-x32\...\{C4F79F84-C509-48B0-81B8-3C2FA2182406}) (Version: 1.6.0.0 - Blackboard)
BlueJ (HKLM-x32\...\{7D66971C-652B-4065-A6B1-B3EE313C254B}) (Version: 3.1.5 - BlueJ Team)
Borderlands 2 (HKLM-x32\...\Steam App 49520) (Version: - Gearbox Software)
Chrome Remote Desktop Host (HKLM-x32\...\{BAF2702F-FB88-48E4-A305-588DB8FDD834}) (Version: 59.0.3071.47 - Google Inc.)
Counter-Strike: Global Offensive (HKLM\...\Steam App 730) (Version: - Valve)
CPUID HWMonitor 1.30 (HKLM\...\CPUID HWMonitor_is1) (Version: - )
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.4.0.0192 - Disc Soft Ltd)
Elgato Game Capture HD (HKLM-x32\...\{FAC1D41C-C800-467B-8C8D-97FBF6F5BBF1}) (Version: 2.20.9.1066 - Elgato Systems GmbH)
EVGA PrecisionX 16 (HKLM-x32\...\{425A0AAA-B049-4356-A81E-E089BC5AE934}) (Version: 5.3.10 - EVGA Corporation)
Far Cry 4 (HKLM\...\Steam App 298110) (Version: - Ubisoft Montreal, Red Storm, Shanghai, Toronto, Kiev)
FL Studio 12 (HKLM-x32\...\FL Studio 12) (Version: - Image-Line)
FL Studio ASIO (HKLM-x32\...\FL Studio ASIO) (Version: - Image-Line)
Fraps (HKLM-x32\...\Fraps) (Version: - )
Game Capture HD60 Pro v1.1.0.149 (HKLM-x32\...\Software_Elgato_Game Capture HD60 Pro) (Version: 1.1.0.149 - Elgato Systems)
Game Capture HD60 v2.1.1.3 (HKLM-x32\...\Software_Elgato_Game Capture HD60) (Version: 2.1.1.3 - Elgato Systems)
GIMP 2.8.14 (HKLM\...\GIMP-2_is1) (Version: 2.8.14 - The GIMP Team)
Google Chrome (HKU\S-1-5-21-3319825686-2643767977-2016650390-1001\...\Google Chrome) (Version: 59.0.3071.115 - Google Inc.)
Google Drive (HKLM-x32\...\{A1238426-ECDF-4639-BE2F-8D12A97AE23C}) (Version: 2.34.5075.1619 - Google, Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.5 - Google Inc.) Hidden
Half-Life (HKLM\...\Steam App 70) (Version: - Valve)
Half-Life 2 (HKLM\...\Steam App 220) (Version: - Valve)
HandBrake 0.10.5 (HKLM-x32\...\HandBrake) (Version: 0.10.5 - )
HWiNFO32 Version 5.52 (HKLM-x32\...\HWiNFO32_is1) (Version: 5.52 - Martin Malík - REALiX)
Intel(R) Chipset Device Software (HKLM-x32\...\{60c073df-e736-4210-9c3a-5fc2b651cef3}) (Version: 10.1.1.7 - Intel(R) Corporation) Hidden
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4531 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 14.5.0.1081 - Intel Corporation)
Java 8 Update 131 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180131F0}) (Version: 8.0.1310.11 - Oracle Corporation)
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version: - )
Live 8.2.2 (HKLM-x32\...\Live 8.2.2) (Version: - )
LogMeIn Hamachi (HKLM-x32\...\{BE82D2D7-6CA2-43B3-8C22-CCF6405806E7}) (Version: 2.2.0.579 - LogMeIn, Inc.) Hidden
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.579 - LogMeIn, Inc.)
METAL GEAR SOLID V: THE PHANTOM PAIN (HKLM\...\Steam App 287700) (Version: - Konami Digital Entertainment)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation)
Microsoft Office Standard 2013 (HKLM\...\Office15.STANDARD) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3319825686-2643767977-2016650390-1001\...\OneDriveSetup.exe) (Version: 17.3.6917.0607 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24210 (HKLM-x32\...\{f144e08f-9cbe-4f09-9a8c-f2b858b7ee7f}) (Version: 14.0.24210.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Minecraft (HKLM-x32\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang)
MiniTool Partition Wizard Free 10.2.1 (HKLM\...\{05D996FA-ADCB-4D23-BA3C-A7C184A8FAC6}_is1) (Version: - MiniTool Solution Ltd.)
Mozilla Firefox 54.0.1 (x64 en-US) (HKLM\...\Mozilla Firefox 54.0.1 (x64 en-US)) (Version: 54.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 54.0.1 - Mozilla)
MSI Afterburner 4.3.0 (HKLM-x32\...\Afterburner) (Version: 4.3.0 - MSI Co., LTD)
Need for Speed: Hot Pursuit (HKLM-x32\...\Steam App 47870) (Version: - Criterion Games)
NextUp-ScanSoft Daniel British Voice (HKLM-x32\...\{BE916006-E144-44CF-B467-F733D0F86200}) (Version: 4.0.0 - NextUp.com)
NVIDIA GeForce Experience 3.7.0.81 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.7.0.81 - NVIDIA Corporation)
NVIDIA Graphics Driver 382.53 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 382.53 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.17.0329 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0329 - NVIDIA Corporation)
NvNodejs (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvNodejs) (Version: 3.7.0.81 - NVIDIA Corporation) Hidden
NvTelemetry (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvTelemetry) (Version: 2.6.1.0 - NVIDIA Corporation) Hidden
NvvHci (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvvHci) (Version: 2.02.0.5 - NVIDIA Corporation) Hidden
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
OpenOffice 4.1.3 (HKLM-x32\...\{EEA30AEB-8BA7-465B-85D4-098BB99733E7}) (Version: 4.13.9783 - Apache Software Foundation)
Opera Stable 46.0.2597.32 (HKLM-x32\...\Opera 46.0.2597.32) (Version: 46.0.2597.32 - Opera Software)
Origin (HKLM-x32\...\Origin) (Version: 10.4.13.6637 - Electronic Arts, Inc.)
Outils de vérification linguistique 2013 de Microsoft Office - Français (HKLM\...\{90150000-001F-040C-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Overwatch (HKLM-x32\...\Overwatch) (Version: - Blizzard Entertainment)
Overwatch Test (HKLM-x32\...\Overwatch Test) (Version: - Blizzard Entertainment)
paint.net (HKLM\...\{1F895C18-6A2F-4A9E-BBE9-246783070F37}) (Version: 4.0.16 - dotPDN LLC)
Portal 2 (HKLM\...\Steam App 620) (Version: - Valve)
Portal Stories: Mel (HKLM\...\Steam App 317400) (Version: - Prism Studios)
puush (HKLM-x32\...\{C3592426-531E-4110-911D-BFECE2CE284B}) (Version: 1.0.0.0 - Dean Herbert)
Razer Chroma SDK Core Components (HKLM-x32\...\Razer Chroma SDK) (Version: 2.2.6 - Razer Inc.)
Razer Synapse (HKLM-x32\...\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 2.20.17.413 - Razer Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.2.703.2015 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7535 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN Driver (HKLM-x32\...\{B63CCD1C-A133-4DF8-8306-DA0387231152}) (Version: 1.00.0269 - REALTEK Semiconductor Corp.)
RivaTuner Statistics Server 6.6.0 (HKLM-x32\...\RTSS) (Version: 6.6.0 - Unwinder)
Rocket League (HKLM-x32\...\Steam App 252950) (Version: - Psyonix)
RogueKiller version 12.11.6.0 (HKLM\...\8B3D7924-ED89-486B-8322-E8594065D5CB_is1) (Version: 12.11.6.0 - Adlice Software)
RollerCoaster Tycoon 2: Triple Thrill Pack (HKLM-x32\...\Steam App 285330) (Version: - Chris Sawyer Productions)
Samsung Data Migration (HKLM-x32\...\{D4DE3DB4-7734-47E5-8D92-B80146311406}) (Version: 2.7 - Samsung)
SHIELD Streaming (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv) (Version: 7.1.0380 - NVIDIA Corporation) Hidden
Skype™ 7.36 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.36.101 - Skype Technologies S.A.)
Spotify (HKU\S-1-5-21-3319825686-2643767977-2016650390-1001\...\Spotify) (Version: 1.0.56.451.gb2f539fc - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
System Requirements Lab Detection (HKLM-x32\...\{541E382C-8DBF-44C5-BB7A-00E01526184E}) (Version: 6.1.6.0 - Husdawg, LLC)
Team Fortress 2 (HKLM-x32\...\Steam App 440) (Version: - Valve)
TeamViewer 12 (HKLM-x32\...\TeamViewer) (Version: 12.0.78716 - TeamViewer)
The Witcher 3: Wild Hunt (HKLM\...\Steam App 292030) (Version: - CD PROJEKT RED)
Trials Fusion (HKLM-x32\...\Uplay Install 297) (Version: - Ubisoft)
Twitch Leecher 1.3.5 (HKLM\...\{C7081120-8F65-46B6-85A4-3200AB1B5AAA}) (Version: 1.3.5.0 - Fake Smile Revolution) Hidden
Twitch Leecher 1.3.5 (HKLM-x32\...\{dbdcd040-9099-4490-80a2-0a617c83df14}) (Version: 1.3.5.0 - Fake Smile Revolution)
Unity Web Player (HKU\S-1-5-21-3319825686-2643767977-2016650390-1001\...\UnityWebPlayer) (Version: 5.1.3f1 - Unity Technologies ApS)
Unlocker (HKLM\...\{5993C960-4E90-4A00-A2F3-D0C4020A6992}) (Version: 1.9.2 - ajua Custom Installers)
Unturned (HKLM\...\Steam App 304930) (Version: - Smartly Dressed Games)
Update for Skype for Business 2015 (KB3213574) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.STANDARD_{8C2A4D8F-3020-403E-94D4-E8EC03F9E723}) (Version: - Microsoft)
Uplay (HKLM-x32\...\Uplay) (Version: 2.0 - Ubisoft)
Vegas Pro 13.0 (64-bit) (HKLM\...\{D0360940-CCC6-11E3-B9C6-F04DA23A5C58}) (Version: 13.0.310 - Sony)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.1 - VideoLAN)
Vulkan Run Time Libraries 1.0.42.1 (HKLM\...\VulkanRT1.0.42.1) (Version: 1.0.42.1 - LunarG, Inc.)
Watch_Dogs (HKLM\...\Steam App 243470) (Version: - Ubisoft)
WBFS Manager 3.0 (HKLM-x32\...\WBFS Manager 3.0) (Version: 3.0 - AlexDP)
WhoCrashed 5.52 (HKLM\...\WhoCrashed_is1) (Version: - Resplendence Software Projects Sp.)
WinRAR 5.21 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
Zoo Tycoon: Complete Collection (HKLM-x32\...\Zoo Tycoon 1.0) (Version: - )

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-3319825686-2643767977-2016650390-1001_Classes\CLSID\{144DF3B2-2402-47AE-9583-5A045929A8D4}\InprocServer32 -> C:\Users\Christopher\AppData\Local\Google\Update\1.3.33.5\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3319825686-2643767977-2016650390-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Christopher\AppData\Local\Google\Update\1.3.33.5\psuser_64.dll (Google Inc.)
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2017-03-21] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2017-03-21] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2017-03-21] (Google)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers01: [Balabolka] -> {6CB83A5A-AA68-4895-9F54-175E789AE149} => C:\Program Files (x86)\Balabolka\BFileExt.dll [2013-02-28] (Ilya Morozov)
ContextMenuHandlers01: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files (x86)\Google\Drive\contextmenu64.dll [2017-03-21] (Google)
ContextMenuHandlers01: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2015-02-15] (Alexander Roshal)
ContextMenuHandlers01: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => -> No File
ContextMenuHandlers04: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files (x86)\Google\Drive\contextmenu64.dll [2017-03-21] (Google)
ContextMenuHandlers05: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers05: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2016-11-01] (Intel Corporation)
ContextMenuHandlers05: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2017-06-07] (NVIDIA Corporation)
ContextMenuHandlers06: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2015-02-15] (Alexander Roshal)
ContextMenuHandlers06: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => -> No File

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0439C61C-09AE-4FCF-B8A9-E77F11225801} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-06-21] (NVIDIA Corporation)
Task: {13F77482-382E-4DF4-87F8-51C8AB9DDAA6} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2017-06-21] (NVIDIA Corporation)
Task: {15D7EE3B-2F7F-4527-B9C9-9EC4F6A8C146} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-06-21] (NVIDIA Corporation)
Task: {2C3A0BC2-4BE3-4AEA-943E-ADB38064527D} - \WPD\SqmUpload_S-1-5-21-3319825686-2643767977-2016650390-1001 -> No File <==== ATTENTION
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\Windows\System32\AutoWorkplace.exe
Task: {3A24B074-058C-45D2-A2D5-745B09BE0F90} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-07-11] (Adobe Systems Incorporated)
Task: {495A9FA3-E3D0-4099-B625-CB4334A7363C} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_26_0_0_137_pepper.exe [2017-07-11] (Adobe Systems Incorporated)
Task: {4AE02413-78F2-44CB-9931-0C088EC91A94} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation)
Task: {4CEC58F6-3EB4-4830-8D49-2E95D70D3F36} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-06-21] (NVIDIA Corporation)
Task: {51D0521F-713C-4007-9C9A-8784F387D450} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3319825686-2643767977-2016650390-1001Core => C:\Users\Christopher\AppData\Local\Google\Update\GoogleUpdate.exe [2017-07-10] (Google Inc.)
Task: {5B3FD6A1-6B8E-46F5-918B-ADDC70E4F05D} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-06-21] (NVIDIA Corporation)
Task: {5D6C7344-D9B9-46B9-B818-1E40D7397AE6} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-06-20] (Google Inc.)
Task: {700F79E7-5A8B-407B-B80C-CB081AEE89CD} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {83FED618-2D47-4C30-AC3D-53918C71F4C6} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {8DFA8CCC-0B53-4D74-A928-5042AD228714} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {91FDCEB4-2319-4E1A-BF4B-B2DF4FB10E7A} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {92C65BCC-3DA0-4800-A912-D7DDBEB0CA2A} - System32\Tasks\Norton Product InstallerIdle => C:\WINDOWS\SysWOW64\Adobe\Shockwave 12\SymInstallStub.exe
Task: {99372063-EF78-4BC4-8D63-E745ED7E69AC} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {A183FBE1-D5A0-48BD-BDE3-1DF1765F024D} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {A8D2A4E5-3D6D-45AE-8758-C3878F5EEB9B} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2017-06-21] (NVIDIA Corporation)
Task: {AC9D4614-1906-4DE1-8640-1BE3E17A0E72} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2017-06-21] (NVIDIA Corporation)
Task: {BD61B490-330B-43A7-AFF9-8D15094F83DE} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-06-20] (Google Inc.)
Task: {BD8CC0BC-738F-4839-812B-B6C2C0E0B79D} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3319825686-2643767977-2016650390-1001UA => C:\Users\Christopher\AppData\Local\Google\Update\GoogleUpdate.exe [2017-07-10] (Google Inc.)
Task: {C01AACBA-948B-414F-87DD-C8569E3C44F3} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {C2F838D5-1437-406D-8595-91BFBF7E5E84} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {C302CCEC-5E01-42B5-A8DE-AC4868E9957A} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {C7BE021D-441C-4F37-B0BB-D03AEBEDB677} - System32\Tasks\Opera scheduled Autoupdate 1498797898 => C:\Program Files\Opera\launcher.exe [2017-06-26] (Opera Software)
Task: {D57B6B30-2363-423E-9FA4-0A20CB4BACD6} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {D6554A72-C43D-42F0-8E80-F6B94F52FB16} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {DA8F8254-091D-4716-99A7-A7FC8F891656} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {E201DDEC-9FED-4027-99E7-086C257F70B4} - System32\Tasks\CAM => C:\Program Files (x86)\NZXT\CAM\CAM_V3.exe
Task: {EAF7B160-6AF5-44DC-9796-266BCC6151A1} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2017-07-11] (Microsoft Corporation)
Task: {EDD2C8D2-425B-41B9-AF69-438C5D84C059} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {F4E51FDC-6775-4E8B-B8AD-3CAAD6CEDF41} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-04-25] (Adobe Systems Incorporated)
Task: {FA0D4813-65D0-4FB5-92E2-39A773C19632} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-06-21] (NVIDIA Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\CreateExplorerShellUnelevatedTask.job => C:\Windows\explorer.exe
Task: C:\Windows\Tasks\Norton Product InstallerIdle.job => C:\WINDOWS\SysWOW64\Adobe\Shockwave 12\SymInstallStub.exe

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============

2016-09-08 17:09 - 2017-06-21 02:07 - 01267320 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
2017-06-29 05:55 - 2013-07-03 20:32 - 00936728 _____ () C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe
2015-12-05 10:53 - 2015-12-05 10:53 - 00076152 _____ () C:\Windows\system32\PnkBstrA.exe
2016-11-14 19:12 - 2014-12-12 18:24 - 00044760 _____ () C:\Windows\runSW.exe
2016-09-24 17:20 - 2016-09-24 17:21 - 00189264 _____ () C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
2017-03-18 15:58 - 2017-03-18 15:58 - 00138000 _____ () C:\Windows\SYSTEM32\inputhost.dll
2017-02-23 08:29 - 2017-02-23 08:29 - 08909512 _____ () C:\Program Files\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2017-03-18 15:59 - 2017-03-18 21:31 - 01731072 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2012-01-10 16:41 - 2015-06-27 01:13 - 00568904 _____ () C:\Program Files (x86)\puush\puush.exe
2017-07-10 22:00 - 2017-06-22 22:21 - 03807064 _____ () C:\Users\Christopher\AppData\Local\Google\Chrome\Application\59.0.3071.115\libglesv2.dll
2017-07-10 22:00 - 2017-06-22 22:21 - 00100184 _____ () C:\Users\Christopher\AppData\Local\Google\Chrome\Application\59.0.3071.115\libegl.dll
2017-06-21 11:06 - 2017-06-21 11:06 - 00074752 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.18.614.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2017-06-21 11:06 - 2017-06-21 11:06 - 00203264 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.18.614.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2017-06-21 11:06 - 2017-06-21 11:06 - 43454464 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.18.614.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2017-06-21 11:06 - 2017-06-21 11:06 - 02437120 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.18.614.0_x64__kzf8qxf38zg5c\skypert.dll
2017-07-10 23:56 - 2017-07-10 23:58 - 00020480 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.18062.13720.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
2017-07-10 23:56 - 2017-07-10 23:58 - 27590144 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.18062.13720.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll
2017-07-10 23:56 - 2017-07-10 23:58 - 00428032 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.18062.13720.0_x64__8wekyb3d8bbwe\Microsoft.Photos.AGM.Native.Windows.dll
2017-07-10 23:56 - 2017-07-10 23:58 - 20649984 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.18062.13720.0_x64__8wekyb3d8bbwe\PhotosApp.Windows.dll
2017-07-10 23:56 - 2017-07-10 23:58 - 02305536 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.18062.13720.0_x64__8wekyb3d8bbwe\MediaEngine.dll
2017-07-10 23:56 - 2017-07-10 23:58 - 02856448 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.18062.13720.0_x64__8wekyb3d8bbwe\AppCore.Windows.dll
2017-05-23 17:40 - 2017-05-23 17:40 - 03139496 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.18062.13720.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2017-06-15 10:36 - 2017-06-15 10:37 - 00046080 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.18062.13720.0_x64__8wekyb3d8bbwe\Microsoft.Photos.Edit.Services.dll
2016-06-03 10:08 - 2016-06-03 10:08 - 00680448 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.18062.13720.0_x64__8wekyb3d8bbwe\Microsoft.DesignCore.dll
2017-07-10 23:56 - 2017-07-10 23:58 - 01127936 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.18062.13720.0_x64__8wekyb3d8bbwe\Microsoft.RichMedia.Ink.Controls.dll
2017-05-09 13:51 - 2017-05-09 20:16 - 01062400 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.18062.13720.0_x64__8wekyb3d8bbwe\Microsoft.Sharing.dll
2017-07-07 23:12 - 2017-07-07 23:13 - 23624704 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.17054.14711.0_x64__8wekyb3d8bbwe\Video.UI.exe
2017-07-07 23:12 - 2017-07-07 23:13 - 08850944 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.17054.14711.0_x64__8wekyb3d8bbwe\EntCommon.dll
2017-07-07 23:12 - 2017-07-07 23:13 - 03140520 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.17054.14711.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2017-07-07 23:12 - 2017-07-07 23:13 - 10209280 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.17054.14711.0_x64__8wekyb3d8bbwe\EntPlat.dll
2017-06-29 05:55 - 2017-07-11 18:19 - 00035984 _____ () C:\Program Files (x86)\ASUS\AXSP\1.01.02\PEbiosinterface32.dll
2017-06-29 05:55 - 2013-07-03 20:32 - 00104448 _____ () C:\Program Files (x86)\ASUS\AXSP\1.01.02\ATKEX.dll
2017-02-07 17:47 - 2017-05-23 17:11 - 02493440 _____ () C:\Program Files (x86)\Origin\libGLESv2.dll
2016-09-08 17:09 - 2017-06-21 02:07 - 01040504 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll
2016-10-29 12:48 - 2017-06-16 22:32 - 00120944 _____ () C:\Users\Christopher\AppData\Roaming\Spotify\SpotifyWinRT.dll
2016-09-08 17:09 - 2017-06-21 02:06 - 66837112 _____ () C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\libcef.dll
2017-07-11 18:19 - 2017-07-11 18:19 - 00098816 ____R () C:\Users\Christopher\AppData\Local\Temp\_MEI132802\win32api.pyd
2017-07-11 18:19 - 2017-07-11 18:19 - 00110080 ____R () C:\Users\Christopher\AppData\Local\Temp\_MEI132802\pywintypes27.dll
2017-07-11 18:19 - 2017-07-11 18:19 - 00364544 ____R () C:\Users\Christopher\AppData\Local\Temp\_MEI132802\pythoncom27.dll
2017-07-11 18:19 - 2017-07-11 18:19 - 00320512 ____R () C:\Users\Christopher\AppData\Local\Temp\_MEI132802\win32com.shell.shell.pyd
2017-07-11 18:19 - 2017-07-11 18:19 - 00914432 ____R () C:\Users\Christopher\AppData\Local\Temp\_MEI132802\_hashlib.pyd
2017-07-11 18:19 - 2017-07-11 18:19 - 01176576 ____R () C:\Users\Christopher\AppData\Local\Temp\_MEI132802\wx._core_.pyd
2017-07-11 18:19 - 2017-07-11 18:19 - 00806400 ____R () C:\Users\Christopher\AppData\Local\Temp\_MEI132802\wx._gdi_.pyd
2017-07-11 18:19 - 2017-07-11 18:19 - 00816128 ____R () C:\Users\Christopher\AppData\Local\Temp\_MEI132802\wx._windows_.pyd
2017-07-11 18:19 - 2017-07-11 18:19 - 01067008 ____R () C:\Users\Christopher\AppData\Local\Temp\_MEI132802\wx._controls_.pyd
2017-07-11 18:19 - 2017-07-11 18:19 - 00733184 ____R () C:\Users\Christopher\AppData\Local\Temp\_MEI132802\wx._misc_.pyd
2017-07-11 18:19 - 2017-07-11 18:19 - 00682496 ____R () C:\Users\Christopher\AppData\Local\Temp\_MEI132802\pysqlite2._sqlite.pyd
2017-07-11 18:19 - 2017-07-11 18:19 - 00088064 ____R () C:\Users\Christopher\AppData\Local\Temp\_MEI132802\_ctypes.pyd
2017-07-11 18:19 - 2017-07-11 18:19 - 00686080 ____R () C:\Users\Christopher\AppData\Local\Temp\_MEI132802\unicodedata.pyd
2017-07-11 18:19 - 2017-07-11 18:19 - 00119808 ____R () C:\Users\Christopher\AppData\Local\Temp\_MEI132802\win32file.pyd
2017-07-11 18:19 - 2017-07-11 18:19 - 00108544 ____R () C:\Users\Christopher\AppData\Local\Temp\_MEI132802\win32security.pyd
2017-07-11 18:19 - 2017-07-11 18:19 - 00007168 ____R () C:\Users\Christopher\AppData\Local\Temp\_MEI132802\hashobjs_ext.pyd
2017-07-11 18:19 - 2017-07-11 18:19 - 00017920 ____R () C:\Users\Christopher\AppData\Local\Temp\_MEI132802\thumbnails_ext.pyd
2017-07-11 18:19 - 2017-07-11 18:19 - 00088064 ____R () C:\Users\Christopher\AppData\Local\Temp\_MEI132802\usb_ext.pyd
2017-07-11 18:19 - 2017-07-11 18:19 - 00012800 ____R () C:\Users\Christopher\AppData\Local\Temp\_MEI132802\common.time34.pyd
2017-07-11 18:19 - 2017-07-11 18:19 - 00018432 ____R () C:\Users\Christopher\AppData\Local\Temp\_MEI132802\win32event.pyd
2017-07-11 18:19 - 2017-07-11 18:19 - 00167936 ____R () C:\Users\Christopher\AppData\Local\Temp\_MEI132802\win32gui.pyd
2017-07-11 18:19 - 2017-07-11 18:19 - 00046080 ____R () C:\Users\Christopher\AppData\Local\Temp\_MEI132802\_socket.pyd
2017-07-11 18:19 - 2017-07-11 18:19 - 01303552 ____R () C:\Users\Christopher\AppData\Local\Temp\_MEI132802\_ssl.pyd
2017-07-11 18:19 - 2017-07-11 18:19 - 00128512 ____R () C:\Users\Christopher\AppData\Local\Temp\_MEI132802\_elementtree.pyd
2017-07-11 18:19 - 2017-07-11 18:19 - 00127488 ____R () C:\Users\Christopher\AppData\Local\Temp\_MEI132802\pyexpat.pyd
2017-07-11 18:19 - 2017-07-11 18:19 - 00038912 ____R () C:\Users\Christopher\AppData\Local\Temp\_MEI132802\win32inet.pyd
2017-07-11 18:19 - 2017-07-11 18:19 - 00036864 ____R () C:\Users\Christopher\AppData\Local\Temp\_MEI132802\_psutil_windows.pyd
2017-07-11 18:19 - 2017-07-11 18:19 - 00524248 ____R () C:\Users\Christopher\AppData\Local\Temp\_MEI132802\windows._lib_cacheinvalidation.pyd
2017-07-11 18:19 - 2017-07-11 18:19 - 00011264 ____R () C:\Users\Christopher\AppData\Local\Temp\_MEI132802\win32crypt.pyd
2017-07-11 18:19 - 2017-07-11 18:19 - 00123392 ____R () C:\Users\Christopher\AppData\Local\Temp\_MEI132802\wx._wizard.pyd
2017-07-11 18:19 - 2017-07-11 18:19 - 00077312 ____R () C:\Users\Christopher\AppData\Local\Temp\_MEI132802\wx._html2.pyd
2017-07-11 18:19 - 2017-07-11 18:19 - 00027648 ____R () C:\Users\Christopher\AppData\Local\Temp\_MEI132802\_multiprocessing.pyd
2017-07-11 18:19 - 2017-07-11 18:19 - 00020480 ____R () C:\Users\Christopher\AppData\Local\Temp\_MEI132802\_yappi.pyd
2017-07-11 18:19 - 2017-07-11 18:19 - 00035840 ____R () C:\Users\Christopher\AppData\Local\Temp\_MEI132802\win32process.pyd
2017-07-11 18:19 - 2017-07-11 18:19 - 00078848 ____R () C:\Users\Christopher\AppData\Local\Temp\_MEI132802\wx._animate.pyd
2017-07-11 18:19 - 2017-07-11 18:19 - 00024064 ____R () C:\Users\Christopher\AppData\Local\Temp\_MEI132802\win32pipe.pyd
2017-07-11 18:19 - 2017-07-11 18:19 - 00010240 ____R () C:\Users\Christopher\AppData\Local\Temp\_MEI132802\select.pyd
2017-07-11 18:19 - 2017-07-11 18:19 - 00025600 ____R () C:\Users\Christopher\AppData\Local\Temp\_MEI132802\win32pdh.pyd
2017-07-11 18:19 - 2017-07-11 18:19 - 00017408 ____R () C:\Users\Christopher\AppData\Local\Temp\_MEI132802\win32profile.pyd
2017-07-11 18:19 - 2017-07-11 18:19 - 00022528 ____R () C:\Users\Christopher\AppData\Local\Temp\_MEI132802\win32ts.pyd
2017-04-26 15:19 - 2017-04-26 15:19 - 02005976 ____R () C:\Program Files (x86)\Skype\Phone\skypert.dll
2015-12-25 14:11 - 2014-05-19 18:19 - 00137728 _____ () C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\CBSCreateVC.dll
2015-12-25 14:11 - 2014-09-11 19:09 - 01498112 _____ () C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\DAQExp.dll
2015-06-20 23:16 - 2017-05-16 20:54 - 00678176 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2015-06-20 23:16 - 2016-08-31 20:02 - 04969248 _____ () C:\Program Files (x86)\Steam\v8.dll
2015-06-20 23:16 - 2017-07-06 13:29 - 02496800 _____ () C:\Program Files (x86)\Steam\video.dll
2015-06-20 23:16 - 2016-08-31 20:02 - 01563936 _____ () C:\Program Files (x86)\Steam\icui18n.dll
2015-06-20 23:16 - 2016-08-31 20:02 - 01195296 _____ () C:\Program Files (x86)\Steam\icuuc.dll
2015-06-20 23:16 - 2016-01-27 02:49 - 00491008 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll
2015-06-20 23:16 - 2016-01-27 02:49 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll
2015-06-20 23:16 - 2016-01-27 02:49 - 00442880 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll
2015-06-20 23:16 - 2016-01-27 02:49 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll
2015-06-20 23:16 - 2016-01-27 02:49 - 02549760 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll
2015-06-20 23:16 - 2017-07-06 13:29 - 00878368 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2016-03-09 17:45 - 2016-07-04 17:17 - 00266560 _____ () C:\Program Files (x86)\Steam\openvr_api.dll
2017-06-09 11:12 - 2017-05-16 20:54 - 00678176 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.win7\SDL2.dll
2016-12-12 23:27 - 2017-07-06 12:58 - 73088800 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.win7\libcef.dll
2015-06-20 23:16 - 2017-07-06 13:29 - 00385824 _____ () C:\Program Files (x86)\Steam\steam.dll
2015-06-20 23:16 - 2015-09-24 18:52 - 00119208 _____ () C:\Program Files (x86)\Steam\winh264.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\TEMP:792D4CF1 [216]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

HKU\S-1-5-21-3319825686-2643767977-2016650390-1001\Software\Classes\regfile: regedit.exe "%1" <==== ATTENTION

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-3319825686-2643767977-2016650390-1001\...\sharepoint.com -> hxxps://sshc.sharepoint.com

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 08:25 - 2017-06-29 19:19 - 00000855 _____ C:\Windows\system32\Drivers\etc\hosts

37.139.50.192 www.gstatic.com

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3319825686-2643767977-2016650390-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Christopher\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\{c2983e00-66b9-4396-8f64-dbc77c5ba1e5}.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Warn)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==
 
==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [UDP Query User{2A1E675F-89C7-4854-BA03-EF670C5B6208}D:\new folder\client\bin\pc\quakechampions.exe] => (Allow) D:\new folder\client\bin\pc\quakechampions.exe
FirewallRules: [TCP Query User{15CF71D8-3BE0-4926-A904-A193CCDC4AED}D:\new folder\client\bin\pc\quakechampions.exe] => (Allow) D:\new folder\client\bin\pc\quakechampions.exe
FirewallRules: [{F90F691A-C373-449D-8D89-5DA676AB1367}] => (Allow) C:\ProgramData\Ableton\Live 9 Suite\Program\Ableton Live 9 Suite.exe
FirewallRules: [{98DC6575-064F-495B-814A-A2D84AD6257A}] => (Allow) C:\ProgramData\Ableton\Live 9 Suite\Program\Ableton Live 9 Suite.exe
FirewallRules: [{28A5F6ED-F9A2-469B-8458-80C693054BD5}] => (Allow) C:\ProgramData\Ableton\Live 9 Suite\Program\Ableton Live 9 Suite.exe
FirewallRules: [{EA3F837F-DBEF-4316-A22E-7D16B5FE3CD2}] => (Allow) C:\ProgramData\Ableton\Live 9 Suite\Program\Ableton Live 9 Suite.exe
FirewallRules: [UDP Query User{0C1FC304-9CC5-4BD7-A9D9-343E090CC636}C:\program files (x86)\image-line\fl studio 12\fl64.exe] => (Allow) C:\program files (x86)\image-line\fl studio 12\fl64.exe
FirewallRules: [TCP Query User{C9D53F94-003D-451D-B78D-DA8A20A41627}C:\program files (x86)\image-line\fl studio 12\fl64.exe] => (Allow) C:\program files (x86)\image-line\fl studio 12\fl64.exe
FirewallRules: [{3715DF90-6847-4CF0-9F07-17AE3C584C4B}] => (Allow) C:\Program Files\PreSonus\Studio One 3\Studio One.exe
FirewallRules: [{F7F9132E-5069-4DC2-BCA3-71D96C3BBC26}] => (Allow) D:\SteamLibrary\steamapps\common\Half-Life\hl.exe
FirewallRules: [{F49B677C-4243-43DC-8EBB-9B9F7809B971}] => (Allow) D:\SteamLibrary\steamapps\common\Half-Life\hl.exe
FirewallRules: [{D982D364-A70D-4F4A-8712-EA5CBD90B23E}] => (Allow) D:\SteamLibrary\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [{82729186-E6B6-486E-BCFA-C7A902573DC9}] => (Allow) D:\SteamLibrary\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [{FE14138A-17CA-4DED-B99B-730FC19A0F92}] => (Allow) D:\SteamLibrary\steamapps\common\SNOW\Bin64\playSNOW.exe
FirewallRules: [{880354B2-3A20-486E-B280-6AFDF4621382}] => (Allow) D:\SteamLibrary\steamapps\common\SNOW\Bin64\playSNOW.exe
FirewallRules: [{121A3F4A-D98F-422C-B3C5-186AD3245C40}] => (Allow) D:\SteamLibrary\steamapps\common\Dirty Bomb\Binaries\Win32\ShooterGame-Win32-Shipping.exe
FirewallRules: [{EFFFDE53-2BA5-4FBD-8F14-43F845359319}] => (Allow) D:\SteamLibrary\steamapps\common\Dirty Bomb\Binaries\Win32\ShooterGame-Win32-Shipping.exe
FirewallRules: [{663CD9C4-DDE3-4D6D-831A-1B7DF0B3FB98}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{3346D216-D211-4F31-9086-E198D060015A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{BDD9AC4D-EAA0-4CB7-86AA-BB41F42AFA89}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{D7F37F6A-9E3F-467C-928A-E88A6F834AF7}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{1F6908F6-5E98-41A5-8D33-043D1F94498C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{3259CCA8-5E04-44A4-9980-80EFAF30D94F}] => (Allow) D:\SteamLibrary\steamapps\common\Metro Last Light\MetroLL.exe
FirewallRules: [{2E8B57B4-CB6E-4939-9E99-260FC0C1D686}] => (Allow) D:\SteamLibrary\steamapps\common\Metro Last Light\MetroLL.exe
FirewallRules: [{6E1D62E9-DA8E-420E-8220-EAC1D364BF11}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{B930EF0D-087C-4975-B5B9-A3F73A715884}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{7F7417A0-ED03-4FA8-A307-028776018DB6}] => (Allow) LPort=2333
FirewallRules: [{13EB4917-C673-45BF-8A17-F876343C5524}] => (Allow) LPort=9143
FirewallRules: [{17A8C530-7A47-4A02-9820-5E97709F7B24}] => (Allow) D:\SteamLibrary\steamapps\common\ShadowOfMordor\x64\ShadowOfMordor.exe
FirewallRules: [{D0928947-9125-4CC6-88D8-4F3DFD539B61}] => (Allow) D:\SteamLibrary\steamapps\common\ShadowOfMordor\x64\ShadowOfMordor.exe
FirewallRules: [{BDC0B291-24C7-4F36-A813-A710F38616B0}] => (Allow) D:\SteamLibrary\steamapps\common\MGS_TPP\mgsvtpp.exe
FirewallRules: [{BE33CFC0-31F3-4122-B428-E57C70557A4B}] => (Allow) D:\SteamLibrary\steamapps\common\MGS_TPP\mgsvtpp.exe
FirewallRules: [{C932BE1A-77E7-46A7-8545-D6729C33655A}] => (Allow) D:\SteamLibrary\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{66474EF9-EA31-4754-A86A-522A93988BC1}] => (Allow) D:\SteamLibrary\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [UDP Query User{B058FA66-AC9C-404C-8D59-1F2A87793690}D:\steamlibrary\steamapps\common\paladins\binaries\win32\paladins.exe] => (Allow) D:\steamlibrary\steamapps\common\paladins\binaries\win32\paladins.exe
FirewallRules: [TCP Query User{564EB225-B2F3-4919-B8C5-AE00BAA5F040}D:\steamlibrary\steamapps\common\paladins\binaries\win32\paladins.exe] => (Allow) D:\steamlibrary\steamapps\common\paladins\binaries\win32\paladins.exe
FirewallRules: [UDP Query User{26913D0E-2940-4F2D-9181-8B69238A7DFE}D:\steamlibrary\steamapps\common\batman arkham asylum goty\binaries\shippingpc-bmgame.exe] => (Allow) D:\steamlibrary\steamapps\common\batman arkham asylum goty\binaries\shippingpc-bmgame.exe
FirewallRules: [TCP Query User{4078A820-D3C8-4DA8-A51D-759BAACC430E}D:\steamlibrary\steamapps\common\batman arkham asylum goty\binaries\shippingpc-bmgame.exe] => (Allow) D:\steamlibrary\steamapps\common\batman arkham asylum goty\binaries\shippingpc-bmgame.exe
FirewallRules: [{37DCF281-AD72-4150-9D81-B27859055D22}] => (Allow) D:\SteamLibrary\steamapps\common\Far Cry 3\bin\FC3UpdaterSteam.exe
FirewallRules: [{F74A3F81-B456-41E0-9710-5A7348FD5FD9}] => (Allow) D:\SteamLibrary\steamapps\common\Far Cry 3\bin\FC3UpdaterSteam.exe
FirewallRules: [{8E54B50D-8315-43CC-A65A-39502702DA07}] => (Allow) D:\OriginLibrary\Battlefield 4\BF4X86WebHelper.exe
FirewallRules: [{4EA06039-D087-4863-BADD-2C8D6B628595}] => (Allow) D:\OriginLibrary\Battlefield 4\BF4X86WebHelper.exe
FirewallRules: [{99B60844-B7B6-4339-AA67-6903F4A04AD7}] => (Allow) D:\OriginLibrary\Battlefield 4\BF4WebHelper.exe
FirewallRules: [{4C05D95E-DBF4-49C2-97E0-17443D545D2C}] => (Allow) D:\OriginLibrary\Battlefield 4\BF4WebHelper.exe
FirewallRules: [UDP Query User{088580BA-72FD-4C37-99A6-51B65931CA58}C:\users\christopher\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\christopher\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [TCP Query User{4AC57403-279C-42F1-8990-CDD7A93C4FBE}C:\users\christopher\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\christopher\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [UDP Query User{49CA92ED-2167-43D3-85D5-182AD6C4462F}D:\originlibrary\battlefield 4\bf4.exe] => (Allow) D:\originlibrary\battlefield 4\bf4.exe
FirewallRules: [TCP Query User{FBFFADF6-D887-49C0-A71E-37C42AC559C5}D:\originlibrary\battlefield 4\bf4.exe] => (Allow) D:\originlibrary\battlefield 4\bf4.exe
FirewallRules: [{60EF0607-9EC8-4750-85B2-F929F896FA20}] => (Allow) C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe
FirewallRules: [{652638A2-CE8A-498B-AA8A-D6DF1F43FD47}] => (Allow) C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe
FirewallRules: [{11859F1E-FF7D-4F8E-840D-A70C8709AA16}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{B8E33AAF-4DD1-4983-B02C-657D90E64C56}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{BA4E9E94-440F-473E-869E-033F4250125A}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{4E8466B1-4112-4D54-9F78-47023ED916F3}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{DB3C75B3-93C8-41D3-875B-47D0BF52D0E8}] => (Allow) D:\UplayLibrary\Rainbow Six Siege - Open Beta\RainbowSix.exe
FirewallRules: [{4D9A1F75-650C-489D-801E-DF1CBDB8101B}] => (Allow) D:\UplayLibrary\Rainbow Six Siege - Open Beta\RainbowSix.exe
FirewallRules: [{6073E52E-25F0-49EB-B0CC-F84B17BACA5C}] => (Allow) D:\UplayLibrary\Trials Fusion\datapack\trials_fusion.exe
FirewallRules: [{E0AD8631-C380-4647-BD4C-EDC7E34BD4A2}] => (Allow) D:\UplayLibrary\Trials Fusion\datapack\trials_fusion.exe
FirewallRules: [UDP Query User{3989AB71-2E76-4DB9-8EB1-5962C8616A91}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [TCP Query User{0F4F8F65-256A-4643-AC0B-BFC3724F9CD2}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [{C2EF9424-4463-4BC2-8136-B115DC12B1C9}] => (Allow) D:\SteamLibrary\steamapps\common\Need for Speed Hot Pursuit\NFS11.exe
FirewallRules: [{4B626D8F-BD73-451E-8D98-0E561346882C}] => (Allow) D:\SteamLibrary\steamapps\common\Need for Speed Hot Pursuit\NFS11.exe
FirewallRules: [{17E22141-A76C-4D97-AEA1-0F0A9348AA86}] => (Allow) C:\Users\Christopher\AppData\Roaming\BitTorrent Sync\BTSync.exe
FirewallRules: [{065125CD-84D7-46F9-9C9C-07D345A4316C}] => (Allow) C:\Users\Christopher\AppData\Roaming\BitTorrent Sync\BTSync.exe
FirewallRules: [{8A7AF9D8-0392-45CF-9A62-6228C678BA44}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{76D9A723-3BCB-4611-9A46-557AD49D451F}] => (Allow) D:\OriginLibrary\STAR WARS Battlefront Beta\starwarsbattlefront.exe
FirewallRules: [{1AA1A482-107B-41C8-B060-4599FDCE0413}] => (Allow) D:\OriginLibrary\STAR WARS Battlefront Beta\starwarsbattlefront.exe
FirewallRules: [{11E7703D-574B-414E-B28A-7B86A47EAD29}] => (Allow) D:\SteamLibrary\steamapps\common\dont_starve\bin\dontstarve_steam.exe
FirewallRules: [{FBAE74E1-A96C-41CD-A7C8-1A260B61C8CF}] => (Allow) D:\SteamLibrary\steamapps\common\dont_starve\bin\dontstarve_steam.exe
FirewallRules: [{820B7D3A-D7D4-43D4-9297-4B5A941F0BA5}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{68713618-36C1-4313-8F7C-E35B6E3C6654}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{2AE31005-710B-4F36-8AF1-74E6DA550C3E}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{6DAA0C49-149C-46F4-B13A-5D7AFBE33E93}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{C13A6B93-7955-443A-BB66-E582D5DEC484}] => (Allow) D:\Hearthstone\Hearthstone.exe
FirewallRules: [{4C8DBC06-179A-45AC-B84B-1E26AE5091BA}] => (Allow) D:\Hearthstone\Hearthstone.exe
FirewallRules: [{11E4A933-C7AA-4805-8348-2DF502EB61CD}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{E8AF1CAC-6B84-4BC8-AA56-45BE20EF483D}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{80B3414F-1A4B-4679-B000-DBD90A1E9AE2}] => (Allow) D:\SteamLibrary\steamapps\common\Rollercoaster Tycoon 2\RCT2.EXE
FirewallRules: [{3F6D217D-9F11-482A-A445-4A322B5381E4}] => (Allow) D:\SteamLibrary\steamapps\common\Rollercoaster Tycoon 2\RCT2.EXE
FirewallRules: [{A4393425-3A97-4810-9009-4731D167A3D8}] => (Allow) D:\SteamLibrary\steamapps\common\Borderlands 2\Binaries\Win32\Borderlands2.exe
FirewallRules: [{3083B153-D348-431E-815A-7B091B24D673}] => (Allow) D:\SteamLibrary\steamapps\common\Borderlands 2\Binaries\Win32\Borderlands2.exe
FirewallRules: [{14E6CAFF-B24D-4CB1-B7CD-91504B278628}] => (Allow) D:\SteamLibrary\steamapps\common\Borderlands 2\Binaries\Win32\Launcher.exe
FirewallRules: [{CEA30274-1512-42EB-A8BE-7A99C633F56C}] => (Allow) D:\SteamLibrary\steamapps\common\Borderlands 2\Binaries\Win32\Launcher.exe
FirewallRules: [{7F190939-3B0A-4A73-9201-B59D92BFD672}] => (Allow) D:\SteamLibrary\steamapps\common\Team Fortress 2\hl2.exe
FirewallRules: [{ECC66F92-AE91-4818-836C-49E3D0945A13}] => (Allow) D:\SteamLibrary\steamapps\common\Team Fortress 2\hl2.exe
FirewallRules: [{9443E0FF-B77B-49F7-8978-81CB848CC2A4}] => (Allow) D:\SteamLibrary\steamapps\common\Far Cry 3 Blood Dragon\bin\FC3BDUpdaterSteam.exe
FirewallRules: [{E832DC4D-C30D-469B-9A27-801AA1050B45}] => (Allow) D:\SteamLibrary\steamapps\common\Far Cry 3 Blood Dragon\bin\FC3BDUpdaterSteam.exe
FirewallRules: [{7AA8A551-C73D-4336-85C5-127C4B931DE2}] => (Allow) F:\SteamLibrary\steamapps\common\mirrors edge\Binaries\MirrorsEdge.exe
FirewallRules: [{9943E1D8-2BA0-4D08-BEA3-FE3B9811BDBC}] => (Allow) F:\SteamLibrary\steamapps\common\mirrors edge\Binaries\MirrorsEdge.exe
FirewallRules: [{6DFC1FCA-FE9F-4A08-A2FD-673B7205C217}] => (Allow) F:\SteamLibrary\steamapps\common\Fallout 3\FalloutLauncher.exe
FirewallRules: [{86C800A3-F91D-4CDC-A766-C610761E0B2C}] => (Allow) F:\SteamLibrary\steamapps\common\Fallout 3\FalloutLauncher.exe
FirewallRules: [{E27BE22D-CB8F-4BA6-B171-EAF13ADF6292}] => (Allow) F:\SteamLibrary\steamapps\common\Battlefield Bad Company 2\BFBC2Game.exe
FirewallRules: [{2AFD3E77-0BC2-46B4-82E5-7BD1A977F9BC}] => (Allow) F:\SteamLibrary\steamapps\common\Battlefield Bad Company 2\BFBC2Game.exe
FirewallRules: [{67577B6B-004C-46BB-9A1B-0AA82C27B83E}] => (Allow) F:\SteamLibrary\steamapps\common\Peggle Deluxe\Peggle.exe
FirewallRules: [{5B7F6C00-6C93-4D82-9EB4-083FF817E3DC}] => (Allow) F:\SteamLibrary\steamapps\common\Peggle Deluxe\Peggle.exe
FirewallRules: [{D06C2296-2104-4EC7-9B89-8DDAD0B9CD8A}] => (Allow) F:\SteamLibrary\steamapps\common\BookWorm Deluxe\Bookworm.exe
FirewallRules: [{835EB7EB-9DEE-4819-AC59-F123B20880A0}] => (Allow) F:\SteamLibrary\steamapps\common\BookWorm Deluxe\Bookworm.exe
FirewallRules: [{A5A86D9A-91B3-4413-AC73-610076F2C0C5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dont_starve\bin\dontstarve_steam.exe
FirewallRules: [{4D11A366-307A-47E9-91AE-2416B247D52D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dont_starve\bin\dontstarve_steam.exe
FirewallRules: [{1EBE062D-A7BF-4C41-96CF-79147C05370C}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{DD11307D-4574-4C52-9BF0-EB20054D04B5}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{C833A21F-C701-4D81-A399-A86BE07A4B25}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{EA47CF39-4B9C-4F02-92AC-95349D873A30}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [TCP Query User{0308166D-2E51-4DA0-953A-70DC132BC918}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{CFD853A3-E2B7-406F-8DA2-AA3CBB3843B7}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [{4AAE0A24-3B02-4DDB-99E2-8321B3E70E40}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Far Cry 3\bin\FC3UpdaterSteam.exe
FirewallRules: [{39A9F5B6-4A0A-44C4-888C-5DE0F2853C0E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Far Cry 3\bin\FC3UpdaterSteam.exe
FirewallRules: [{41CA8AB8-69F1-4A69-9370-5AEA5CF033DE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Far Cry 3 Blood Dragon\bin\FC3BDUpdaterSteam.exe
FirewallRules: [{C8C65757-9168-4C86-92DE-B5B01A91AFFC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Far Cry 3 Blood Dragon\bin\FC3BDUpdaterSteam.exe
FirewallRules: [TCP Query User{B85201E4-EC2A-48FC-8344-2BA99405B33D}C:\users\christopher\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\christopher\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{35B58FF2-4EF3-4907-91EE-FF83BE4F486E}C:\users\christopher\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\christopher\appdata\roaming\spotify\spotify.exe
FirewallRules: [{A61E66FD-61A9-47E6-8BC3-F941F5638506}] => (Allow) D:\SteamLibrary\steamapps\common\SNOW\Bin64\playSNOW.exe
FirewallRules: [{12F92A92-65E9-4E69-B287-4C1B5DDF0D4C}] => (Allow) D:\SteamLibrary\steamapps\common\SNOW\Bin64\playSNOW.exe
FirewallRules: [TCP Query User{3E9BFCF6-2129-477C-B0A0-B2D6A7B6EC21}C:\users\christopher\appdata\local\programs\blackboard\blackboard collaborate launcher\resources\java\jre1.7.0_40\bin\javaw.exe] => (Allow) C:\users\christopher\appdata\local\programs\blackboard\blackboard collaborate launcher\resources\java\jre1.7.0_40\bin\javaw.exe
FirewallRules: [UDP Query User{D1264FAF-0EE1-4D21-A91D-EA9AF74BA14F}C:\users\christopher\appdata\local\programs\blackboard\blackboard collaborate launcher\resources\java\jre1.7.0_40\bin\javaw.exe] => (Allow) C:\users\christopher\appdata\local\programs\blackboard\blackboard collaborate launcher\resources\java\jre1.7.0_40\bin\javaw.exe
FirewallRules: [{9820F857-4138-4539-A4C4-238A25621ED0}] => (Allow) D:\SteamLibrary\steamapps\common\Warframe\Warframe.exe
FirewallRules: [{71B27C34-53AE-480D-ACFE-C554EFB92227}] => (Allow) D:\SteamLibrary\steamapps\common\Warframe\Warframe.x64.exe
FirewallRules: [{885BCD85-C809-4131-9641-6C49CC643D89}] => (Allow) D:\SteamLibrary\steamapps\common\Warframe\Warframe.exe
FirewallRules: [{3E71C019-EB33-493D-8463-9913BF0B4ED9}] => (Allow) D:\SteamLibrary\steamapps\common\Warframe\Warframe.x64.exe
FirewallRules: [{36955DBB-36CA-4A29-B28F-02F5D99D937C}] => (Allow) D:\SteamLibrary\steamapps\common\Warframe\Tools\Launcher.exe
FirewallRules: [{3D7F82D2-5081-4CF4-8BEA-256DF89825DE}] => (Allow) D:\SteamLibrary\steamapps\common\Warframe\Tools\RemoteCrashSender.exe
FirewallRules: [{0BD0518D-F05B-47CB-A27A-9747DFE8F37F}] => (Allow) D:\SteamLibrary\steamapps\common\Warframe\Warframe.exe
FirewallRules: [{95DF8893-59C8-495D-8F47-E3EC5EAF8523}] => (Allow) D:\SteamLibrary\steamapps\common\Warframe\Warframe.x64.exe
FirewallRules: [{44B2C2E4-B5A8-40D3-93CF-782E527F4CAE}] => (Allow) D:\SteamLibrary\steamapps\common\Warframe\Warframe.exe
FirewallRules: [{AEC73865-0580-4F8C-8A1C-2F3300C55D09}] => (Allow) D:\SteamLibrary\steamapps\common\Warframe\Warframe.x64.exe
FirewallRules: [{6865C144-2852-42C5-8A17-E7D96ACE7365}] => (Allow) D:\SteamLibrary\steamapps\common\Warframe\Tools\Launcher.exe
FirewallRules: [{E951BB84-A98E-446C-A49B-5481381E2BF3}] => (Allow) D:\SteamLibrary\steamapps\common\Warframe\Tools\RemoteCrashSender.exe
FirewallRules: [{65A0C97B-A3E2-46BC-A615-7E3D11124028}] => (Allow) D:\SteamLibrary\steamapps\common\dont_starve\bin\dontstarve_steam.exe
FirewallRules: [{B67AB9BE-2D80-4494-9A78-97CA75F1866D}] => (Allow) D:\SteamLibrary\steamapps\common\dont_starve\bin\dontstarve_steam.exe
FirewallRules: [{44B0614F-03BD-422C-B6FB-F68216A6B99D}] => (Allow) D:\SteamLibrary\steamapps\common\Portal 2\portal2.exe
FirewallRules: [{12E67C13-82B6-4633-B995-9CDB4FB90498}] => (Allow) D:\SteamLibrary\steamapps\common\Portal 2\portal2.exe
FirewallRules: [TCP Query User{D1AB03EE-5EEF-4B49-A338-673202210C3A}D:\overwatch\overwatch.exe] => (Allow) D:\overwatch\overwatch.exe
FirewallRules: [UDP Query User{0595CA69-FFA1-4870-B51A-B79C333F8182}D:\overwatch\overwatch.exe] => (Allow) D:\overwatch\overwatch.exe
FirewallRules: [{D1E42F74-6FC4-47F3-8F4E-23994A969A60}] => (Block) D:\overwatch\overwatch.exe
FirewallRules: [{F7EDC3FC-41FC-4917-995C-E02B8562424A}] => (Block) D:\overwatch\overwatch.exe
FirewallRules: [{A6E6DE5F-287A-4E6D-8D2D-85F04B3A17C4}] => (Allow) C:\Program Files\Sony\Vegas Pro 13.0\vegas130.exe
FirewallRules: [{89430BC3-4C10-4794-94D7-7A0EEC4CE432}] => (Allow) C:\Program Files\Sony\Vegas Pro 13.0\vegas130.exe
FirewallRules: [{7D4B91E4-4442-4649-9C18-5AC7820A90EA}] => (Allow) C:\Program Files\Sony\Vegas Pro 13.0\vegas130.exe
FirewallRules: [{BC79E3F1-2D37-42E3-B5DE-9408777C4A5E}] => (Allow) C:\Program Files\Sony\Vegas Pro 13.0\vegas130.exe
FirewallRules: [{E0346467-8A7D-4F7E-8AE4-DCA81339EABA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dark Souls Prepare to Die Edition\DATA\DARKSOULS.exe
FirewallRules: [{EDB952B1-607F-4C44-9F73-873238185156}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dark Souls Prepare to Die Edition\DATA\DARKSOULS.exe
FirewallRules: [{D376116C-2841-4730-A62A-10611C6F0CE3}] => (Allow) C:\Users\Christopher\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{74CFC9C7-406F-42A7-B0FD-CE0B30467F6F}] => (Allow) C:\Users\Christopher\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{66130DFE-D88F-4D14-84CF-E0E2409D0F04}] => (Allow) C:\Users\Christopher\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{31464897-4A83-4834-BAC5-B67A48FAF4B9}] => (Allow) C:\Users\Christopher\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{B1A29DD4-E33E-402C-8DDC-9C2208E118F1}] => (Allow) C:\Users\Christopher\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{9548C07C-DD49-4DF9-B37A-575F60883D1F}] => (Allow) C:\Users\Christopher\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [TCP Query User{CE975A22-6C97-4429-A331-5DDBFDDEAA11}D:\overwatch test\overwatch.exe] => (Allow) D:\overwatch test\overwatch.exe
FirewallRules: [UDP Query User{42BA0A37-6D50-4D78-9EE1-3C1DDB63E5CA}D:\overwatch test\overwatch.exe] => (Allow) D:\overwatch test\overwatch.exe
FirewallRules: [{95C5992B-52DE-4B02-B5C8-29A2C24A4D36}] => (Block) D:\overwatch test\overwatch.exe
FirewallRules: [{5C8310E4-B4B8-48B7-80FA-2436258B46AE}] => (Block) D:\overwatch test\overwatch.exe
FirewallRules: [TCP Query User{85A915BA-3B8B-433C-87F4-038A31764A32}C:\program files\cloud imperium games\patcher\cigpatcher.exe] => (Allow) C:\program files\cloud imperium games\patcher\cigpatcher.exe
FirewallRules: [UDP Query User{C3EB61ED-61DA-4832-9433-8F1DCE44A959}C:\program files\cloud imperium games\patcher\cigpatcher.exe] => (Allow) C:\program files\cloud imperium games\patcher\cigpatcher.exe
FirewallRules: [{3A36CE03-3F3F-4DA8-B12F-8F6C997C0336}] => (Block) C:\program files\cloud imperium games\patcher\cigpatcher.exe
FirewallRules: [{A93FB243-88D9-44AA-ADFE-8DB2E15D8DE9}] => (Block) C:\program files\cloud imperium games\patcher\cigpatcher.exe
FirewallRules: [TCP Query User{CC155594-3923-47F4-9B78-BCF2EFF4A6F5}D:\star citizen\cloud imperium games\patcher\cigpatcher.exe] => (Allow) D:\star citizen\cloud imperium games\patcher\cigpatcher.exe
FirewallRules: [UDP Query User{9E8323B7-8051-4591-A3FE-D0296738D786}D:\star citizen\cloud imperium games\patcher\cigpatcher.exe] => (Allow) D:\star citizen\cloud imperium games\patcher\cigpatcher.exe
FirewallRules: [{9E1B782E-7EA3-44E4-9B27-6A7EBDF1F788}] => (Block) D:\star citizen\cloud imperium games\patcher\cigpatcher.exe
FirewallRules: [{C71139DA-CABA-4ADE-9A67-658CD70BC4CD}] => (Block) D:\star citizen\cloud imperium games\patcher\cigpatcher.exe
FirewallRules: [TCP Query User{571E57FA-BC89-4B1F-8F4C-82CFF76A69F4}D:\star citizen\cloud imperium games\starcitizen\public\bin64\starcitizen.exe] => (Allow) D:\star citizen\cloud imperium games\starcitizen\public\bin64\starcitizen.exe
FirewallRules: [UDP Query User{2F632AA3-C834-4505-B3C3-BCAAFA1DDE4C}D:\star citizen\cloud imperium games\starcitizen\public\bin64\starcitizen.exe] => (Allow) D:\star citizen\cloud imperium games\starcitizen\public\bin64\starcitizen.exe
FirewallRules: [{62520C17-A31C-4CB7-84AD-BDC129410715}] => (Block) D:\star citizen\cloud imperium games\starcitizen\public\bin64\starcitizen.exe
FirewallRules: [{8887F747-E9D1-4EBE-AD83-AE42D8AC00B8}] => (Block) D:\star citizen\cloud imperium games\starcitizen\public\bin64\starcitizen.exe
FirewallRules: [TCP Query User{2B27379D-B8C8-4682-8F36-9D057FACE607}C:\program files (x86)\java\jre1.8.0_101\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_101\bin\javaw.exe
FirewallRules: [UDP Query User{351ECA6D-48B0-4F20-B9EA-CF9D67DDDA20}C:\program files (x86)\java\jre1.8.0_101\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_101\bin\javaw.exe
FirewallRules: [{C6C1A113-6701-4F2E-BB55-431361BBDA9B}] => (Allow) D:\SteamLibrary\steamapps\common\American Truck Simulator Demo\bin\win_x64\amtrucks.exe
FirewallRules: [{C21AD1FE-971A-4D8C-8B46-53E40BD7726C}] => (Allow) D:\SteamLibrary\steamapps\common\American Truck Simulator Demo\bin\win_x64\amtrucks.exe
FirewallRules: [{C64E8EA6-236B-4865-BD50-FEE9FDF9F8DD}] => (Allow) D:\SteamLibrary\steamapps\common\BioShock Remastered\Build\Final\Bioshock.exe
FirewallRules: [{055AEC9F-869A-4879-A65F-BA4A7D6EC804}] => (Allow) D:\SteamLibrary\steamapps\common\BioShock Remastered\Build\Final\Bioshock.exe
FirewallRules: [{51D7D0B6-A1B6-48DB-A745-A3724B5AC3FF}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{0724C89D-8E3F-4803-9A36-25CE4E00A947}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{F298898C-170E-4713-811B-AD10B890D242}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{16AC0484-7453-4A53-BD1A-635E0661C37A}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{F50776B2-C4F4-421B-AF51-49E58C60632C}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{638C01A3-4D2A-457F-A2D6-32710631A1BB}] => (Allow) C:\Program Files (x86)\Google\Chrome Remote Desktop\59.0.3071.47\remoting_host.exe
FirewallRules: [{338D91DD-F0FC-43DB-94E7-1E296E00704B}] => (Allow) D:\SteamLibrary\steamapps\common\Far Cry 4\bin\FarCry4.exe
FirewallRules: [{F20BEA3C-3B20-484A-804C-661345DE661F}] => (Allow) D:\SteamLibrary\steamapps\common\Far Cry 4\bin\FarCry4.exe
FirewallRules: [{F6C0A671-B8B0-4158-9D72-A5A71CFBCF23}] => (Allow) D:\SteamLibrary\steamapps\common\Portal Stories Mel\portal2.exe
FirewallRules: [{5BFB1072-AFF9-447A-AA40-1A65954A5BCD}] => (Allow) D:\SteamLibrary\steamapps\common\Portal Stories Mel\portal2.exe
FirewallRules: [{C485E017-AB3E-4115-9A84-269A104D20D0}] => (Allow) D:\SteamLibrary\steamapps\common\Far Cry 4\bin\IGE_WPF64.exe
FirewallRules: [{D9761522-A047-4E19-866F-0C78F860B85E}] => (Allow) D:\SteamLibrary\steamapps\common\Far Cry 4\bin\IGE_WPF64.exe
FirewallRules: [{AF69112A-CA65-4260-B8A5-9C7389275607}] => (Allow) D:\SteamLibrary\steamapps\common\The Witcher 3\bin\x64\witcher3.exe
FirewallRules: [{1E1DE3D8-E75B-465B-9337-E35E8AC0F711}] => (Allow) D:\SteamLibrary\steamapps\common\The Witcher 3\bin\x64\witcher3.exe
FirewallRules: [{F1AAB3B7-711A-4DF1-AEEA-B6DE2F1F1FCA}] => (Allow) D:\SteamLibrary\steamapps\common\ShadowOfMordor\x64\ShadowOfMordor.exe
FirewallRules: [{D0BFD3D3-403B-4DD7-B91F-69E2094CEE02}] => (Allow) D:\SteamLibrary\steamapps\common\ShadowOfMordor\x64\ShadowOfMordor.exe
FirewallRules: [{8823DE3B-827B-4169-B86E-883331E2E6CE}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{C1AC8B3F-DCFA-4ACF-B5F3-05C5790203F2}] => (Allow) D:\SteamLibrary\steamapps\common\Half-Life 2\hl2.exe
FirewallRules: [{D5A81C4A-86F6-4FFE-8E13-F0D06D53BBF1}] => (Allow) D:\SteamLibrary\steamapps\common\Half-Life 2\hl2.exe
FirewallRules: [{EFA34193-D4AA-42E1-97CB-DE3C17A2FBE6}] => (Allow) C:\Program Files\Opera\46.0.2597.32\opera.exe
FirewallRules: [TCP Query User{192DF325-576F-43C6-AEA3-49236CFE2A83}C:\users\christopher\appdata\local\google\chrome\application\chrome.exe] => (Allow) C:\users\christopher\appdata\local\google\chrome\application\chrome.exe
FirewallRules: [UDP Query User{5B1E16D5-95AA-47BA-B3EB-8C68B7B1C345}C:\users\christopher\appdata\local\google\chrome\application\chrome.exe] => (Allow) C:\users\christopher\appdata\local\google\chrome\application\chrome.exe
FirewallRules: [{110411DA-6A02-49C5-9E88-7B9D794DFC21}] => (Allow) D:\SteamLibrary\steamapps\common\LawBreakers\ShooterGame\Binaries\Win64\LawBreakers.exe
FirewallRules: [{CF722BEE-FB91-4964-B3A7-3838705018A8}] => (Allow) D:\SteamLibrary\steamapps\common\LawBreakers\ShooterGame\Binaries\Win64\LawBreakers.exe
FirewallRules: [{D43D862F-5E27-41E0-9062-FACA550DB8E8}] => (Allow) D:\SteamLibrary\steamapps\common\Watch_Dogs\bin\watch_dogs.exe
FirewallRules: [{53CD6E22-BC2F-47AB-A96A-DE8D638E20CC}] => (Allow) D:\SteamLibrary\steamapps\common\Watch_Dogs\bin\watch_dogs.exe
FirewallRules: [{0B3E5718-1B84-4830-A06A-8C84BA3AABC9}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{A6EFC243-C38A-4EB3-9BBE-245A2CCACDEA}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{1B84E479-E912-4B7E-AC66-6174954230F1}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{8FB7D49D-3C60-47D3-A958-9C7B547BDF61}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [TCP Query User{FC2FCA9F-A828-43B5-B08F-B7E43381481E}C:\users\christopher\appdata\local\google\chrome\application\chrome.exe] => (Allow) C:\users\christopher\appdata\local\google\chrome\application\chrome.exe
FirewallRules: [UDP Query User{7622717D-8EF6-4B64-9261-646F0AF48C63}C:\users\christopher\appdata\local\google\chrome\application\chrome.exe] => (Allow) C:\users\christopher\appdata\local\google\chrome\application\chrome.exe
FirewallRules: [{E0516EE1-C64C-4860-841A-71D5E3A7C309}] => (Allow) D:\SteamLibrary\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [{311C02A5-8BCA-4DD9-976C-C325495AA37A}] => (Allow) D:\SteamLibrary\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [{FBFF95DA-8566-4975-8E27-CCFD5EFFEF1A}] => (Allow) D:\SteamLibrary\steamapps\common\Unturned\Unturned_BE.exe
FirewallRules: [{77A3C484-7DC4-494F-B5B5-C9C2F27AD92A}] => (Allow) D:\SteamLibrary\steamapps\common\Unturned\Unturned_BE.exe
FirewallRules: [{49118F57-6AEC-489F-A604-E9A75CBC2BF6}] => (Allow) D:\SteamLibrary\steamapps\common\Unturned\Unturned.exe
FirewallRules: [{1CB4CF31-E926-4981-BC91-968D3E065E3F}] => (Allow) D:\SteamLibrary\steamapps\common\Unturned\Unturned.exe
FirewallRules: [{CF6552FB-09FA-4E35-BADE-E6394881F6FF}] => (Allow) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
FirewallRules: [{7BDB19E0-1DBE-4E38-8FAD-6978FD5DD8D9}] => (Allow) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
FirewallRules: [{95CD88DB-4B65-4E11-A6EC-2249E62973D7}] => (Allow) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
FirewallRules: [{FD0656E8-F212-45CD-BF9A-671F7F7EFDF4}] => (Allow) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
FirewallRules: [TCP Query User{0822C701-66D0-45BD-B729-F4F1051ABDAD}C:\users\christopher\desktop\saviine1.1b\server\saviine_server.exe] => (Allow) C:\users\christopher\desktop\saviine1.1b\server\saviine_server.exe
FirewallRules: [UDP Query User{2DF042B3-56DC-401B-A8A6-40528B0FB930}C:\users\christopher\desktop\saviine1.1b\server\saviine_server.exe] => (Allow) C:\users\christopher\desktop\saviine1.1b\server\saviine_server.exe
FirewallRules: [{778A0481-53AB-4450-8846-1B58B2B40709}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{72F66C74-D893-4CEB-94C4-0B875DCE87B0}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe

==================== Restore Points =========================

09-07-2017 17:53:06 Scheduled Checkpoint

==================== Faulty Device Manager Devices =============

Name: LogMeIn Hamachi Virtual Ethernet Adapter
Description: LogMeIn Hamachi Virtual Ethernet Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: LogMeIn Inc.
Service: Hamachi
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (07/11/2017 06:19:35 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: License Activation (slui.exe) failed with the following error code:
hr=0x803F7001
Command-line arguments:
RuleId=31e71c49-8da7-4a2f-ad92-45d98a1c79ba;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=4de7cb65-cdf1-4de9-8ae8-e3cce27b9f2c;NotificationInterval=1440;Trigger=NetworkAvailable

Error: (07/11/2017 06:19:33 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: License Activation (slui.exe) failed with the following error code:
hr=0x803F7001
Command-line arguments:
RuleId=31e71c49-8da7-4a2f-ad92-45d98a1c79ba;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=4de7cb65-cdf1-4de9-8ae8-e3cce27b9f2c;NotificationInterval=1440;Trigger=UserLogon;SessionId=1

Error: (07/11/2017 06:02:46 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: ctfmon.exe, version: 10.0.15063.0, time stamp: 0xdfddf97c
Faulting module name: InputService.dll, version: 10.0.15063.447, time stamp: 0x292c0b89
Exception code: 0xc0000005
Fault offset: 0x0005d6ac
Faulting process id: 0x3610
Faulting application start time: 0x01d2fa99332651c4
Faulting application path: C:\Windows\SysWOW64\ctfmon.exe
Faulting module path: C:\Windows\system32\InputService.dll
Report Id: 81aa0915-b072-4a60-9fd8-c22efb76d242
Faulting package full name:
Faulting package-relative application ID:

Error: (07/11/2017 05:58:02 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: License Activation (slui.exe) failed with the following error code:
hr=0x803F7001
Command-line arguments:
RuleId=31e71c49-8da7-4a2f-ad92-45d98a1c79ba;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=4de7cb65-cdf1-4de9-8ae8-e3cce27b9f2c;NotificationInterval=1440;Trigger=NetworkAvailable

Error: (07/11/2017 05:58:00 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: License Activation (slui.exe) failed with the following error code:
hr=0x800704CF
Command-line arguments:
RuleId=31e71c49-8da7-4a2f-ad92-45d98a1c79ba;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=4de7cb65-cdf1-4de9-8ae8-e3cce27b9f2c;NotificationInterval=1440;Trigger=UserLogon;SessionId=1

Error: (07/11/2017 05:53:54 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: ctfmon.exe, version: 10.0.15063.0, time stamp: 0xdfddf97c
Faulting module name: InputService.dll, version: 10.0.15063.447, time stamp: 0x292c0b89
Exception code: 0xc0000005
Fault offset: 0x0005d6ac
Faulting process id: 0x215c
Faulting application start time: 0x01d2fa95563b02f1
Faulting application path: C:\Windows\SysWOW64\ctfmon.exe
Faulting module path: C:\Windows\system32\InputService.dll
Report Id: 41feda8a-5516-4842-951d-8a085cfb643c
Faulting package full name:
Faulting package-relative application ID:

Error: (07/11/2017 05:30:22 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: License Activation (slui.exe) failed with the following error code:
hr=0x803F7001
Command-line arguments:
RuleId=31e71c49-8da7-4a2f-ad92-45d98a1c79ba;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=4de7cb65-cdf1-4de9-8ae8-e3cce27b9f2c;NotificationInterval=1440;Trigger=NetworkAvailable

Error: (07/11/2017 05:30:20 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: License Activation (slui.exe) failed with the following error code:
hr=0x800704CF
Command-line arguments:
RuleId=31e71c49-8da7-4a2f-ad92-45d98a1c79ba;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=4de7cb65-cdf1-4de9-8ae8-e3cce27b9f2c;NotificationInterval=1440;Trigger=UserLogon;SessionId=1

Error: (07/11/2017 12:49:10 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: License Activation (slui.exe) failed with the following error code:
hr=0x803F7001
Command-line arguments:
RuleId=31e71c49-8da7-4a2f-ad92-45d98a1c79ba;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=4de7cb65-cdf1-4de9-8ae8-e3cce27b9f2c;NotificationInterval=1440;Trigger=NetworkAvailable

Error: (07/11/2017 12:49:08 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: License Activation (slui.exe) failed with the following error code:
hr=0x803F7001
Command-line arguments:
RuleId=31e71c49-8da7-4a2f-ad92-45d98a1c79ba;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=4de7cb65-cdf1-4de9-8ae8-e3cce27b9f2c;NotificationInterval=1440;Trigger=UserLogon;SessionId=1


System errors:
=============
Error: (07/11/2017 07:30:40 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Windows Management Service service terminated unexpectedly. It has done this 1 time(s).

Error: (07/11/2017 07:30:38 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Dataup Service service terminated unexpectedly. It has done this 1 time(s).

Error: (07/11/2017 06:19:21 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The CldFlt service failed to start due to the following error:
The request is not supported.

Error: (07/11/2017 06:03:16 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Windows Search service, but this action failed with the following error:
An instance of the service is already running.

Error: (07/11/2017 06:02:48 PM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: The ScRegSetValueExW call failed for DeleteFlag with the following error:
Access is denied.

Error: (07/11/2017 06:02:48 PM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: The ScRegSetValueExW call failed for DeleteFlag with the following error:
Access is denied.

Error: (07/11/2017 06:02:48 PM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: The ScRegSetValueExW call failed for DeleteFlag with the following error:
Access is denied.

Error: (07/11/2017 06:02:48 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Windows Management Service service terminated unexpectedly. It has done this 1 time(s).

Error: (07/11/2017 06:02:48 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Intel(R) Rapid Storage Technology service terminated unexpectedly. It has done this 1 time(s).

Error: (07/11/2017 06:02:47 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Disc Soft Lite Bus Service service terminated unexpectedly. It has done this 1 time(s).


CodeIntegrity:
===================================
Date: 2017-07-11 10:19:46.030
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2017-07-10 22:29:34.578
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.

Date: 2017-07-10 21:57:13.336
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.

Date: 2017-07-10 10:15:30.538
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2017-07-09 10:34:16.450
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2017-07-04 09:53:52.431
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2017-07-03 15:37:21.066
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2017-06-30 23:53:10.161
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2017-06-30 01:27:04.258
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2017-06-29 23:29:48.152
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.


==================== Memory info ===========================

Processor: Intel(R) Core(TM) i5-4440 CPU @ 3.10GHz
Percentage of memory in use: 49%
Total physical RAM: 8135.17 MB
Available physical RAM: 4117.14 MB
Total Virtual: 13255.17 MB
Available Virtual: 8481.52 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:232.34 GB) (Free:121.5 GB) NTFS
Drive d: (WD 1TB Drive) (Fixed) (Total:930.73 GB) (Free:321.1 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 232.9 GB) (Disk ID: 0271FAE3)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=232.3 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=455 MB) - (Type=27)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: A9D08188)
Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=930.7 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=450 MB) - (Type=27)

==================== End of Addition.txt ============================
 
Download attached fixlist.txt file and save it to the Desktop.
NOTE. It's important that both files, FRST and fixlist.txt are in the same location or the fix will not work.

NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

Run FRST(FRST64) and press the Fix button just once and wait.
The tool will make a log on the Desktop (Fixlog.txt). Please post it to your reply.
 

Attachments

  • fixlist.txt
    4.8 KB · Views: 1
Something to note, FRST64 stopped responding shortly after I pressed the "fix" button. Windows then forced me to close out without waiting for the program to recover. I then double-clicked on the FRST64 icon again, and it said that it was still fixing, then told me that it placed the log file, that of which is below.
Also this forum keeps yelling at me when I try to post something about it being spam-like. (-_-)
I attached the file because I don't think the forum will let me paste it in normally. Hope this is okay :/
 

Attachments

  • Fixlog.txt
    11.2 KB · Views: 1
Let's see if I can post it...

Fix result of Farbar Recovery Scan Tool (x64) Version: 11-07-2017
Ran by ChristopherAubert (11-07-2017 20:36:24) Run:1
Running from C:\Users\Christopher\Desktop
Loaded Profiles: ChristopherAubert (Available Profiles: ChristopherAubert)
Boot Mode: Normal
==============================================

fixlist content:
*****************
HKLM-x32\...\Run: [cpx] => "C:\Users\Christopher\AppData\Local\ntuserlitelist\cpx\cpx.exe" -starup <==== ATTENTION
C:\Users\Christopher\AppData\Local\ntuserlitelist\cpx
C:\Users\Christopher\AppData\Local\ntuserlitelist\cpx\cpx.exe
GroupPolicy: Restriction <==== ATTENTION
Hosts:
RemoveProxy:
"drmkpro64" => service could not be unlocked. <==== ATTENTION
S2 Dataup; C:\Users\Christopher\AppData\Local\ntuserlitelist\dataup\dataup.exe [77824 2017-01-05] () [File not signed] <==== ATTENTION
C:\Users\Christopher\AppData\Local\ntuserlitelist\dataup
C:\Users\Christopher\AppData\Local\ntuserlitelist\dataup\dataup.exe
S2 windowsmanagementservice; C:\Users\Christopher\AppData\Local\lqylpia\ykvvg\ct.exe [689664 2017-05-30] () [File not signed] <==== ATTENTION
C:\Users\Christopher\AppData\Local\lqylpia
C:\Users\Christopher\AppData\Local\lqylpia\ykvvg\ct.exe
S3 cpuz141; C:\Users\Christopher\AppData\Local\Temp\cpuz141\cpuz141_x64.sys [46400 2017-06-19] (CPUID) <==== ATTENTION
C:\Users\Christopher\AppData\Local\Temp\cpuz141
C:\Users\Christopher\AppData\Local\Temp\cpuz141\cpuz141_x64.sys
2017-06-29 19:18 - 2017-06-29 19:18 - 00000000 ____D C:\Users\Christopher\AppData\Local\hixbhys
2017-06-29 19:18 - 2017-06-29 19:18 - 00000000 ____D C:\Users\Christopher\AppData\Roaming\c
2016-07-11 09:55 - 2016-07-11 09:55 - 0000171 _____ () C:\Users\Christopher\AppData\Roaming\burnaware.ini
2017-04-16 13:16 - 2017-05-23 21:08 - 0004502 _____ () C:\Users\Christopher\AppData\Roaming\VoiceMeeterDefault.xml
2017-05-20 13:23 - 2017-05-20 13:23 - 0001488 _____ () C:\Users\Christopher\AppData\Local\recently-used.xbel
2017-05-17 11:32 - 2017-05-17 11:32 - 0125952 _____ () C:\Users\Christopher\AppData\Local\report
2015-09-29 18:59 - 2017-06-29 19:43 - 0007602 _____ () C:\Users\Christopher\AppData\Local\Resmon.ResmonCfg
2015-12-31 19:52 - 2015-12-31 19:52 - 0008157 _____ () C:\Users\Christopher\AppData\Local\transitiontransition_ade97586d9c807608acf4758757f034d.ini
2017-03-22 20:46 - 2017-03-22 20:46 - 0000552 _____ () C:\Users\Christopher\AppData\Local\TroubleshooterConfig.json
2017-06-07 14:19 - 2017-06-07 14:19 - 0047183 _____ () C:\ProgramData\agent.1496863186.bdinstall.bin
2017-06-07 14:37 - 2017-06-07 14:37 - 0029140 _____ () C:\ProgramData\agent.1496864248.bdinstall.bin
2017-06-29 05:55 - 2017-06-29 05:55 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2017-01-07 12:00 - 2017-01-24 22:53 - 0029267 _____ () C:\ProgramData\NvTelemetryContainer.log
2017-01-07 12:00 - 2017-01-10 19:33 - 0010108 _____ () C:\ProgramData\NvTelemetryContainer.log_backup1
2017-06-05 02:22 - 2017-06-05 02:22 - 0010520 _____ () C:\Users\Christopher\AppData\Local\Temp\BullseyeCoverage-x86-3.dll
2017-07-11 16:38 - 2017-06-20 01:10 - 1930320 _____ (Microsoft Corporation) C:\Users\Christopher\AppData\Local\Temp\dllnt_dump.dll
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers01: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => -> No File
ContextMenuHandlers05: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers06: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => -> No File
Task: {2C3A0BC2-4BE3-4AEA-943E-ADB38064527D} - \WPD\SqmUpload_S-1-5-21-3319825686-2643767977-2016650390-1001 -> No File <==== ATTENTION
Task: {700F79E7-5A8B-407B-B80C-CB081AEE89CD} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {83FED618-2D47-4C30-AC3D-53918C71F4C6} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {8DFA8CCC-0B53-4D74-A928-5042AD228714} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {91FDCEB4-2319-4E1A-BF4B-B2DF4FB10E7A} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {A183FBE1-D5A0-48BD-BDE3-1DF1765F024D} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {C01AACBA-948B-414F-87DD-C8569E3C44F3} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {C2F838D5-1437-406D-8595-91BFBF7E5E84} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {C302CCEC-5E01-42B5-A8DE-AC4868E9957A} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {D57B6B30-2363-423E-9FA4-0A20CB4BACD6} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {DA8F8254-091D-4716-99A7-A7FC8F891656} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {EDD2C8D2-425B-41B9-AF69-438C5D84C059} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
AlternateDataStreams: C:\ProgramData\TEMP:792D4CF1 [216]
HKU\S-1-5-21-3319825686-2643767977-2016650390-1001\Software\Classes\regfile: regedit.exe "%1" <==== ATTENTION


*****************

HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\cpx => value could not remove.
"C:\Users\Christopher\AppData\Local\ntuserlitelist\cpx" => not found.
"C:\Users\Christopher\AppData\Local\ntuserlitelist\cpx\cpx.exe" => not found.
C:\Windows\system32\GroupPolicy\Machine => moved successfully
C:\Windows\system32\GroupPolicy\GPT.ini => moved successfully
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

========= RemoveProxy: =========

HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyEnable => value removed successfully
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyServer => value removed successfully
HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value removed successfully
HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value removed successfully
HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyEnable => value removed successfully
HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyServer => value removed successfully
HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value removed successfully
HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value removed successfully
HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyEnable => value removed successfully
HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyServer => value removed successfully
HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value removed successfully
HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value removed successfully
HKU\S-1-5-21-3319825686-2643767977-2016650390-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyServer => value removed successfully
HKU\S-1-5-21-3319825686-2643767977-2016650390-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value removed successfully
HKU\S-1-5-21-3319825686-2643767977-2016650390-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value removed successfully


========= End of RemoveProxy: =========

"drmkpro64" => service could not be unlocked. <==== ATTENTION => Error: No automatic fix found for this entry.
Dataup => Unable to stop service.
HKLM\System\CurrentControlSet\Services\Dataup => key could not remove, key could be protected

"C:\Users\Christopher\AppData\Local\ntuserlitelist\dataup" folder move:

Could not move "C:\Users\Christopher\AppData\Local\ntuserlitelist\dataup" => Scheduled to move on reboot.

Could not move "C:\Users\Christopher\AppData\Local\ntuserlitelist\dataup\dataup.exe" => Scheduled to move on reboot.
HKLM\System\CurrentControlSet\Services\windowsmanagementservice => key could not remove, key could be protected
C:\Users\Christopher\AppData\Local\lqylpia => moved successfully
"C:\Users\Christopher\AppData\Local\lqylpia\ykvvg\ct.exe" => not found.
HKLM\System\CurrentControlSet\Services\cpuz141 => key removed successfully
cpuz141 => service removed successfully
C:\Users\Christopher\AppData\Local\Temp\cpuz141 => moved successfully
"C:\Users\Christopher\AppData\Local\Temp\cpuz141\cpuz141_x64.sys" => not found.
C:\Users\Christopher\AppData\Local\hixbhys => moved successfully
"C:\Users\Christopher\AppData\Roaming\c" => not found.
C:\Users\Christopher\AppData\Roaming\burnaware.ini => moved successfully
C:\Users\Christopher\AppData\Roaming\VoiceMeeterDefault.xml => moved successfully
C:\Users\Christopher\AppData\Local\recently-used.xbel => moved successfully
C:\Users\Christopher\AppData\Local\report => moved successfully
C:\Users\Christopher\AppData\Local\Resmon.ResmonCfg => moved successfully
C:\Users\Christopher\AppData\Local\transitiontransition_ade97586d9c807608acf4758757f034d.ini => moved successfully
C:\Users\Christopher\AppData\Local\TroubleshooterConfig.json => moved successfully
C:\ProgramData\agent.1496863186.bdinstall.bin => moved successfully
C:\ProgramData\agent.1496864248.bdinstall.bin => moved successfully
C:\ProgramData\DP45977C.lfl => moved successfully
C:\ProgramData\NvTelemetryContainer.log => moved successfully
C:\ProgramData\NvTelemetryContainer.log_backup1 => moved successfully
C:\Users\Christopher\AppData\Local\Temp\BullseyeCoverage-x86-3.dll => moved successfully
C:\Users\Christopher\AppData\Local\Temp\dllnt_dump.dll => moved successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00asw => key removed successfully
HKLM\Software\Classes\CLSID\{472083B0-C522-11CF-8763-00608CC02F24} => key not found.
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\WinRAR32 => key removed successfully
HKLM\Software\Classes\CLSID\{B41DB860-8EE4-11D2-9906-E49FADC173CA} => key not found.
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui => key removed successfully
HKLM\Software\Classes\CLSID\{3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => key not found.
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\WinRAR32 => key removed successfully
HKLM\Software\Classes\CLSID\{B41DB860-8EE4-11D2-9906-E49FADC173CA} => key not found.

Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 11-07-2017 20:36:59)

==> ATTENTION: System is not rebooted.
"C:\Users\Christopher\AppData\Local\ntuserlitelist\dataup" => Could not move
"C:\Users\Christopher\AppData\Local\ntuserlitelist\dataup\dataup.exe" => Could not move

Result of scheduled keys to remove after reboot:

HKLM\System\CurrentControlSet\Services\Dataup => key could not remove, key could be protected
HKLM\System\CurrentControlSet\Services\windowsmanagementservice => key could not remove, key could be protected

==== End of Fixlog 20:37:01 ====
 
Please re-run FRST one more time but click on "Scan" button.
Post both logs.
I need to see what malicious entries are still left there.
 
Incoming multiple Replies...
FRST.txt

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 11-07-2017
Ran by ChristopherAubert (administrator) on CHRISTOPHERPC (11-07-2017 21:10:57)
Running from C:\Users\Christopher\Desktop
Loaded Profiles: ChristopherAubert (Available Profiles: ChristopherAubert)
Platform: Windows 10 Pro Version 1703 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool:

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome Remote Desktop\59.0.3071.47\remoting_host.exe
(Broadcom Corporation.) C:\Windows\System32\BtwRSupportService.exe
() C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe
() C:\Users\Christopher\AppData\Local\ntuserlitelist\dataup\dataup.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
() C:\Windows\System32\PnkBstrA.exe
(Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe
() C:\Windows\runSW.exe
(Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKServer.exe
() C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
(Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Copyright 2017.) C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe
(Realtek) C:\Windows\SwUSB.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome Remote Desktop\59.0.3071.47\remoting_host.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
() C:\Windows\System32\tprdpw64.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler64.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvspcaps64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
() C:\Program Files (x86)\puush\puush.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Spotify Ltd) C:\Users\Christopher\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Copyright 2017.) C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OFFICE15\CSISYNCCLIENT.EXE
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Wondershare) C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office15\ONENOTEM.EXE
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.18.614.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
() C:\Users\Christopher\AppData\Local\ntuserlitelist\svcvmx\svcvmx.exe
() C:\Users\Christopher\AppData\Local\ntuserlitelist\svcvmx\vmxclient.exe
() C:\Users\Christopher\AppData\Local\ntuserlitelist\svcvmx\vmxclient.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_11705.1001.21.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.18062.13720.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
() C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.17054.14711.0_x64__8wekyb3d8bbwe\Video.UI.exe
(Google Inc.) C:\Users\Christopher\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Christopher\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Christopher\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Christopher\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Christopher\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Christopher\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Christopher\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Christopher\AppData\Local\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.MicrosoftStickyNotes_1.8.0.0_x64__8wekyb3d8bbwe\Microsoft.StickyNotes.exe
(Google Inc.) C:\Users\Christopher\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Christopher\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Christopher\AppData\Local\Google\Chrome\Application\chrome.exe
() C:\Users\Christopher\AppData\Local\ntuserlitelist\svcvmx\vmxclient.exe
(Google Inc.) C:\Users\Christopher\AppData\Local\Google\Chrome\Application\chrome.exe
() C:\Users\Christopher\AppData\Local\ntuserlitelist\svcvmx\vmxclient.exe
() C:\Users\Christopher\AppData\Local\ntuserlitelist\svcvmx\vmxclient.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe

==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [629152 2017-03-18] (Microsoft Corporation)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8492800 2015-06-24] (Realtek Semiconductor)
HKLM\...\Run: [ShadowPlay] => "C:\Windows\system32\rundll32.exe" C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [322472 2015-06-23] (Intel Corporation)
HKLM\...\Run: [ZAM] => C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe [15546512 2017-06-19] (Copyright 2017.)
HKLM-x32\...\Run: [Razer Synapse] => C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [596640 2017-04-13] (Razer Inc.)
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2087264 2014-09-11] (Wondershare)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-03-15] (Oracle Corporation)
HKLM-x32\...\Run: [cpx] => "C:\Users\Christopher\AppData\Local\ntuserlitelist\cpx\cpx.exe" -starup <==== ATTENTION
HKLM-x32\...\Run: [svcvmx] => C:\Users\Christopher\AppData\Local\ntuserlitelist\svcvmx\svcvmx.exe [884224 2017-04-21] ()
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [5885352 2017-06-29] (LogMeIn Inc.)
HKU\S-1-5-21-3319825686-2643767977-2016650390-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3062048 2017-07-06] (Valve Corporation)
HKU\S-1-5-21-3319825686-2643767977-2016650390-1001\...\Run: [puush] => C:\Program Files (x86)\puush\puush.exe [568904 2015-06-27] ()
HKU\S-1-5-21-3319825686-2643767977-2016650390-1001\...\Run: [Spotify Web Helper] => C:\Users\Christopher\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1560176 2017-06-16] (Spotify Ltd)
HKU\S-1-5-21-3319825686-2643767977-2016650390-1001\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [23819304 2017-03-21] (Google)
HKU\S-1-5-21-3319825686-2643767977-2016650390-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4299968 2016-06-22] (Disc Soft Ltd)
HKU\S-1-5-21-3319825686-2643767977-2016650390-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27716568 2017-05-04] (Skype Technologies S.A.)
HKU\S-1-5-21-3319825686-2643767977-2016650390-1001\...\Run: [Google Update] => C:\Users\Christopher\AppData\Local\Google\Update\1.3.33.5\GoogleUpdateCore.exe [601168 2017-07-10] (Google Inc.)
HKU\S-1-5-21-3319825686-2643767977-2016650390-1001\...\Run: [GoogleChromeAutoLaunch_D3EE6E7DA0645F6660E47697F62AE98F] => C:\Users\Christopher\AppData\Local\Google\Chrome\Application\chrome.exe [1197912 2017-06-22] (Google Inc.)
HKU\S-1-5-21-3319825686-2643767977-2016650390-1001\...\MountPoints2: {e3eead84-1858-11e5-825a-fcaa1445223f} - "F:\WD Drive Unlock.exe" autoplay=true
Startup: C:\Users\Christopher\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Send to OneNote.lnk [2017-04-26]
ShortcutTarget: Send to OneNote.lnk -> C:\Program Files\Microsoft Office\Office15\ONENOTEM.EXE (Microsoft Corporation)
BootExecute: autocheck autochk * bootdelete

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{032803e0-8e3d-4074-a603-13ce2fa6be1f}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{0e7e2cbf-86ca-44b6-b78b-34cd497e6b20}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{2ec9c44c-b42e-42ee-b564-0a3a66d30bda}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{401984dc-3453-4b14-8465-91d94fd40f52}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{83a64d07-af5e-4ba9-bfca-81ea87f11111}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{d69afc5f-c2e7-42a4-9c58-5c7adbe54b90}: [DhcpNameServer] 192.168.0.1

Internet Explorer:
==================
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2017-02-23] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\ssv.dll [2017-04-30] (Oracle Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2017-02-23] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\jp2ssv.dll [2017-04-30] (Oracle Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2016-05-17] (Microsoft Corporation)

FireFox:
========
FF DefaultProfile: 6wg7kf84.default
FF ProfilePath: C:\Users\Christopher\AppData\Roaming\Mozilla\Firefox\Profiles\6wg7kf84.default [2017-07-11]
FF Homepage: Mozilla\Firefox\Profiles\6wg7kf84.default -> msn.com
FF Extension: (Avira Browser Safety) - C:\Users\Christopher\AppData\Roaming\Mozilla\Firefox\Profiles\6wg7kf84.default\Extensions\abs@avira.com [2017-06-07]
FF Extension: (Chrome Store Foxified) - C:\Users\Christopher\AppData\Roaming\Mozilla\Firefox\Profiles\6wg7kf84.default\Extensions\Chrome-Store-Foxified@jetpack.xpi [2016-11-09]
FF Extension: (Twitch Now) - C:\Users\Christopher\AppData\Roaming\Mozilla\Firefox\Profiles\6wg7kf84.default\Extensions\jid1-jwVSihNsgAw5jA@jetpack.xpi [2016-10-30]
FF Extension: (FrankerFaceZ) - C:\Users\Christopher\AppData\Roaming\Mozilla\Firefox\Profiles\6wg7kf84.default\Extensions\jid1-snHdAu6px3p0jA@jetpack.xpi [2016-11-19]
FF Extension: (Adblock Plus) - C:\Users\Christopher\AppData\Roaming\Mozilla\Firefox\Profiles\6wg7kf84.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-11-23]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_26_0_0_137.dll [2017-07-11] ()
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-16] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_26_0_0_137.dll [2017-07-11] ()
FF Plugin-x32: @esn/esnlaunch,version=2.3.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll [2013-09-16] (ESN Social Software AB)
FF Plugin-x32: @java.com/DTPlugin,version=11.131.2 -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\dtplugin\npDeployJava1.dll [2017-04-30] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.131.2 -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\plugin2\npjp2.dll [2017-04-30] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-21] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-27] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-27] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-04-04] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3319825686-2643767977-2016650390-1001: @citrixonline.com/appdetectorplugin -> C:\Users\Christopher\AppData\Local\Citrix\Plugins\104\npappdetector.dll [2016-08-30] (Citrix Online)
FF Plugin HKU\S-1-5-21-3319825686-2643767977-2016650390-1001: @tools.google.com/Google Update;version=3 -> C:\Users\Christopher\AppData\Local\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-07-10] (Google Inc.)
FF Plugin HKU\S-1-5-21-3319825686-2643767977-2016650390-1001: @tools.google.com/Google Update;version=9 -> C:\Users\Christopher\AppData\Local\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-07-10] (Google Inc.)
FF Plugin HKU\S-1-5-21-3319825686-2643767977-2016650390-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Christopher\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-08-18] (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-3319825686-2643767977-2016650390-1001: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2017-06-19] ()

Chrome:
=======
CHR HomePage: Default -> hxxps://www.youtube.com/feed/subscriptions
CHR StartupUrls: Default -> "hxxp://msn.com/"
CHR Profile: C:\Users\Christopher\AppData\Local\Google\Chrome\User Data\Default [2017-07-11]
CHR Extension: (Google Translate) - C:\Users\Christopher\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2017-07-10]
CHR Extension: (Google Slides) - C:\Users\Christopher\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-07-10]
CHR Extension: (BetterTTV) - C:\Users\Christopher\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajopnjidmegmdimjlfnijceegpefgped [2017-07-10]
CHR Extension: (Google Docs) - C:\Users\Christopher\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-07-10]
CHR Extension: (Google Drive) - C:\Users\Christopher\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-07-10]
CHR Extension: (YouTube) - C:\Users\Christopher\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-07-10]
CHR Extension: (Adobe Acrobat) - C:\Users\Christopher\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-07-10]
CHR Extension: (Google Sheets) - C:\Users\Christopher\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-07-10]
CHR Extension: (Google Docs Offline) - C:\Users\Christopher\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-07-10]
CHR Extension: (AdBlock) - C:\Users\Christopher\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2017-07-10]
CHR Extension: (Kappa Everywhere - Global Twitch Emotes) - C:\Users\Christopher\AppData\Local\Google\Chrome\User Data\Default\Extensions\jafkphjeboadjffjfcigcdfdilpcacod [2017-07-10]
CHR Extension: (Auto HD For YouTube™) - C:\Users\Christopher\AppData\Local\Google\Chrome\User Data\Default\Extensions\koiaokdomkpjdgniimnkhgbilbjgpeak [2017-07-10]
CHR Extension: (Google Play) - C:\Users\Christopher\AppData\Local\Google\Chrome\User Data\Default\Extensions\komhbcfkdcgmcdoenjcjheifdiabikfi [2017-07-10]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\Christopher\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2017-07-10]
CHR Extension: (Google Play Books) - C:\Users\Christopher\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmimngoggfoobjdlefbcabngfnmieonb [2017-07-10]
CHR Extension: (Tom's Hardware - My Threads) - C:\Users\Christopher\AppData\Local\Google\Chrome\User Data\Default\Extensions\nddbmgcnelmmhlfibkmfnhnfeccaliip [2017-07-10]
CHR Extension: (Twitch Now) - C:\Users\Christopher\AppData\Local\Google\Chrome\User Data\Default\Extensions\nlmbdmpjmlijibeockamioakdpmhjnpk [2017-07-10]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Christopher\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-07-10]
CHR Extension: (Gmail) - C:\Users\Christopher\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-07-10]
CHR Extension: (Chrome Media Router) - C:\Users\Christopher\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-07-10]
CHR HKLM\...\Chrome\Extension: [ccbpbkebodcjkknkfkpmfeciinhidaeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-3319825686-2643767977-2016650390-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [ccbpbkebodcjkknkfkpmfeciinhidaeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx

Opera:
=======
StartMenuInternet: (HKLM) OperaStable - C:\Program Files\Opera\Launcher.exe

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

"drmkpro64" => service could not be unlocked. <==== ATTENTION

R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe [936728 2013-07-03] ()
R2 BcmBtRSupport; C:\WINDOWS\system32\BtwRSupportService.exe [2297104 2015-10-12] (Broadcom Corporation.)
R2 chromoting; C:\Program Files (x86)\Google\Chrome Remote Desktop\59.0.3071.47\remoting_host.exe [71512 2017-05-09] (Google Inc.)
R2 Dataup; C:\Users\Christopher\AppData\Local\ntuserlitelist\dataup\dataup.exe [77824 2017-01-05] () [File not signed] <==== ATTENTION
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [1467072 2016-06-22] (Disc Soft Ltd)
R2 Hamachi2Svc; C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe [3418024 2017-06-29] (LogMeIn Inc.)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [18856 2015-06-23] (Intel Corporation)
R2 igfxCUIService2.0.0.0; C:\Windows\system32\igfxCUIService.exe [373744 2016-11-01] (Intel Corporation)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe [419248 2016-05-27] (LogMeIn, Inc.)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [495224 2017-06-21] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [495224 2017-06-21] (NVIDIA Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [462968 2017-06-07] (NVIDIA Corporation)
R2 NvTelemetryContainer; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [450168 2017-06-21] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2168208 2017-06-15] (Electronic Arts)
R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3148184 2017-06-15] (Electronic Arts)
R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76152 2015-12-05] ()
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2015-12-03] ()
R2 Razer Chroma SDK Server; C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKServer.exe [401024 2017-06-16] (Razer Inc.)
R2 Razer Chroma SDK Service; C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe [178824 2017-06-16] (Razer Inc.)
R2 Razer Game Scanner Service; C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [189264 2016-09-24] ()
R2 RunSwUSB; C:\Windows\runSW.exe [44760 2014-12-12] ()
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [3913064 2017-07-03] (Microsoft Corporation)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [10885360 2017-05-31] (TeamViewer GmbH)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [342264 2017-03-18] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [102816 2017-06-20] (Microsoft Corporation)
R2 ZAMSvc; C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe [15546512 2017-06-19] (Copyright 2017.)
S2 windowsmanagementservice; C:\Users\Christopher\AppData\Local\lqylpia\ykvvg\ct.exe [X] <==== ATTENTION

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2013-07-03] ()
S3 bcbtums; C:\Windows\system32\drivers\bcbtums.sys [227144 2015-10-12] (Broadcom Corporation.)
S3 CMUSBDAC; C:\Windows\system32\DRIVERS\CMUSBDAC.sys [3778592 2015-11-26] (C-MEDIA)
S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.)
R3 dtlitescsibus; C:\Windows\System32\drivers\dtlitescsibus.sys [30264 2016-07-11] (Disc Soft Ltd)
R3 dtliteusbbus; C:\Windows\System32\drivers\dtliteusbbus.sys [47672 2016-07-11] (Disc Soft Ltd)
S3 Hamachi; C:\Windows\System32\drivers\Hamdrv.sys [45680 2016-04-05] (LogMeIn Inc.)
R4 hitmanpro37; C:\Windows\system32\drivers\hitmanpro37.sys [55232 2017-07-11] ()
R1 HWiNFO32; C:\WINDOWS\SysWOW64\drivers\HWiNFO64A.SYS [27552 2017-06-23] (REALiX(tm))
R1 MpKsl483e1cbc; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{B5AA26F5-8F82-4AB3-A6A6-A885F6AD211C}\MpKsl483e1cbc.sys [44928 2017-07-11] (Microsoft Corporation)
R3 nvlddmkm; C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_2d81f3535ced17c6\nvlddmkm.sys [14461344 2017-06-08] (NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30328 2017-06-21] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [48248 2017-06-21] (NVIDIA Corporation)
R3 nvvhci; C:\Windows\System32\drivers\nvvhci.sys [57792 2017-06-07] (NVIDIA Corporation)
S3 ptun0901; C:\Windows\System32\drivers\ptun0901.sys [27136 2016-04-21] (The OpenVPN Project)
R0 pwdrvio; C:\Windows\System32\pwdrvio.sys [19152 2013-09-30] ()
S3 pwdspio; C:\Windows\system32\pwdspio.sys [12504 2013-09-30] ()
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [887552 2015-07-14] (Realtek )
S3 RTCore64; C:\Program Files (x86)\MSI Afterburner\RTCore64.sys [14024 2016-10-24] ()
R3 RtlWlanu; C:\Windows\System32\drivers\rtwlanu.sys [4635352 2015-07-03] (Realtek Semiconductor Corporation )
R3 rzendpt; C:\Windows\System32\drivers\rzendpt.sys [51736 2016-06-23] (Razer Inc)
R2 rzpmgrk; C:\WINDOWS\system32\drivers\rzpmgrk.sys [44144 2016-09-16] (Razer, Inc.)
R2 rzpnk; C:\WINDOWS\system32\drivers\rzpnk.sys [137840 2016-09-07] (Razer, Inc.)
S3 rzvkeyboard; C:\Windows\System32\drivers\rzvkeyboard.sys [43032 2016-04-08] (Razer Inc)
S3 SDFRd; C:\Windows\System32\drivers\SDFRd.sys [31128 2017-03-18] ()
S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.)
U3 TrueSight; C:\Windows\System32\drivers\TrueSight.sys [28272 2017-07-11] ()
S3 VBAudioVACMME; C:\Windows\system32\DRIVERS\vbaudio_cable64_win7.sys [41192 2014-09-02] (Windows (R) Win 7 DDK provider)
S3 VBAudioVMVAIOMME; C:\Windows\system32\DRIVERS\vbaudio_vmvaio64_win7.sys [41192 2017-04-16] (Windows (R) Win 7 DDK provider)
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44632 2017-03-18] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [294816 2017-03-18] (Microsoft Corporation)
S3 wdm_usb; C:\Windows\system32\DRIVERS\usb2ser.sys [151184 2016-07-15] (MBB)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [121248 2017-03-18] (Microsoft Corporation)
S3 XtuAcpiDriver; C:\Windows\System32\drivers\XtuAcpiDriver.sys [63840 2015-07-10] (Intel Corporation)
R1 ZAM; C:\Windows\System32\drivers\zam64.sys [203680 2017-07-11] (Zemana Ltd.)
R1 ZAM_Guard; C:\Windows\System32\drivers\zamguard64.sys [203680 2017-07-11] (Zemana Ltd.)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-07-11 20:36 - 2017-07-11 20:37 - 00011467 _____ C:\Users\Christopher\Desktop\Fixlog.txt
2017-07-11 20:35 - 2017-07-11 20:35 - 00004888 _____ C:\Users\Christopher\Desktop\fixlist.txt
2017-07-11 20:21 - 2017-07-11 20:21 - 00012872 _____ (SurfRight B.V.) C:\Windows\system32\bootdelete.exe
2017-07-11 20:21 - 2017-07-11 20:21 - 00000648 _____ C:\Windows\system32\bootdelete.lst
2017-07-11 20:10 - 2017-07-11 20:10 - 00055232 _____ C:\Windows\system32\Drivers\hitmanpro37.sys
2017-07-11 20:07 - 2017-07-11 20:21 - 00000000 ____D C:\ProgramData\HitmanPro
2017-07-11 20:07 - 2017-07-11 20:09 - 11584088 _____ (SurfRight B.V.) C:\Users\Christopher\Desktop\HitmanPro_x64.exe
2017-07-11 20:04 - 2017-07-11 20:11 - 00000000 ____D C:\Users\Christopher\AppData\Local\llssoft
2017-07-11 20:02 - 2017-07-11 20:02 - 04110280 _____ C:\Users\Christopher\Desktop\AdwCleaner.exe
2017-07-11 19:59 - 2017-07-11 19:59 - 00000000 ___HD C:\OneDriveTemp
2017-07-11 19:50 - 2017-07-11 21:11 - 00323915 _____ C:\Windows\ZAM.krnl.trace
2017-07-11 19:50 - 2017-07-11 21:11 - 00082789 _____ C:\Windows\ZAM_Guard.krnl.trace
2017-07-11 19:50 - 2017-07-11 19:52 - 00000000 ____D C:\Program Files (x86)\Zemana AntiMalware
2017-07-11 19:50 - 2017-07-11 19:50 - 00203680 _____ (Zemana Ltd.) C:\Windows\system32\Drivers\zamguard64.sys
2017-07-11 19:50 - 2017-07-11 19:50 - 00203680 _____ (Zemana Ltd.) C:\Windows\system32\Drivers\zam64.sys
2017-07-11 19:50 - 2017-07-11 19:50 - 00001145 _____ C:\Users\Public\Desktop\Zemana AntiMalware.lnk
2017-07-11 19:50 - 2017-07-11 19:50 - 00000000 ____D C:\Users\Christopher\AppData\Local\Zemana
2017-07-11 19:50 - 2017-07-11 19:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zemana AntiMalware
2017-07-11 19:38 - 2017-07-11 19:38 - 02435584 _____ (Farbar) C:\Users\Christopher\Desktop\FRST64.exe
2017-07-11 19:34 - 2017-07-11 19:34 - 05766464 _____ (Zemana Ltd. ) C:\Users\Christopher\Desktop\eXplorer.exe
2017-07-11 19:30 - 2017-07-11 19:30 - 00004300 _____ C:\Users\Christopher\Desktop\Rkill.txt
2017-07-11 19:28 - 2017-07-11 19:28 - 02030536 _____ (Bleeping Computer, LLC) C:\Users\Christopher\Desktop\iExplore.exe
2017-07-11 18:20 - 2017-07-11 18:20 - 00003287 _____ C:\Users\Christopher\Desktop\AdwCleaner[C6].txt
2017-07-11 18:02 - 2017-07-11 18:02 - 00003397 _____ C:\Users\Christopher\Desktop\AdwCleaner Pre-Clean Log.txt
2017-07-11 17:28 - 2017-07-11 17:28 - 00034028 _____ C:\Users\Christopher\Desktop\rk_1796.tmp.txt
2017-07-11 16:39 - 2017-07-11 16:39 - 00028272 _____ C:\Windows\system32\Drivers\TrueSight.sys
2017-07-11 16:38 - 2017-07-11 16:38 - 00000000 ____D C:\ProgramData\RogueKiller
2017-07-11 16:38 - 2017-07-11 16:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RogueKiller
2017-07-11 16:38 - 2017-07-11 16:38 - 00000000 ____D C:\Program Files\RogueKiller
2017-07-11 12:59 - 2017-07-07 09:00 - 00947712 _____ (Microsoft Corporation) C:\Windows\system32\HoloSI.PCShell.dll
2017-07-11 12:59 - 2017-07-07 02:27 - 01147288 _____ (Microsoft Corporation) C:\Windows\system32\hvix64.exe
2017-07-11 12:59 - 2017-07-07 02:27 - 01024928 _____ (Microsoft Corporation) C:\Windows\system32\hvax64.exe
2017-07-11 12:59 - 2017-07-07 02:27 - 00965024 _____ (Microsoft Corporation) C:\Windows\system32\hvloader.efi
2017-07-11 12:59 - 2017-07-07 02:27 - 00821664 _____ (Microsoft Corporation) C:\Windows\system32\hvloader.exe
2017-07-11 12:59 - 2017-07-07 02:27 - 00750560 _____ (Microsoft Corporation) C:\Windows\system32\fontdrvhost.exe
2017-07-11 12:59 - 2017-07-07 02:26 - 01065104 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2017-07-11 12:59 - 2017-07-07 02:25 - 00899824 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2017-07-11 12:59 - 2017-07-07 02:24 - 00117664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pdc.sys
2017-07-11 12:59 - 2017-07-07 02:23 - 02399728 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2017-07-11 12:59 - 2017-07-07 02:22 - 08318880 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2017-07-11 12:59 - 2017-07-07 02:22 - 01186464 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2017-07-11 12:59 - 2017-07-07 02:22 - 00119384 _____ (Microsoft Corporation) C:\Windows\system32\dmcmnutils.dll
2017-07-11 12:59 - 2017-07-07 02:21 - 32688336 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecsRaw.dll
2017-07-11 12:59 - 2017-07-07 02:21 - 02969880 _____ (Microsoft Corporation) C:\Windows\system32\CoreUIComponents.dll
2017-07-11 12:59 - 2017-07-07 02:20 - 02021680 _____ (Microsoft Corporation) C:\Windows\system32\wmpmde.dll
2017-07-11 12:59 - 2017-07-07 02:20 - 00923040 _____ (Microsoft Corporation) C:\Windows\system32\CoreMessaging.dll
2017-07-11 12:59 - 2017-07-07 02:20 - 00519584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2017-07-11 12:59 - 2017-07-07 02:20 - 00382368 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\clfs.sys
2017-07-11 12:59 - 2017-07-07 02:17 - 01017760 _____ (Microsoft Corporation) C:\Windows\system32\SecConfig.efi
2017-07-11 12:59 - 2017-07-07 02:15 - 02444696 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2017-07-11 12:59 - 2017-07-07 02:14 - 07325584 _____ (Microsoft Corporation) C:\Windows\system32\windows.storage.dll
2017-07-11 12:59 - 2017-07-07 02:14 - 05477088 _____ (Microsoft Corporation) C:\Windows\system32\OneCoreUAPCommonProxyStub.dll
2017-07-11 12:59 - 2017-07-07 02:14 - 01760264 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2017-07-11 12:59 - 2017-07-07 02:14 - 01171032 _____ (Microsoft Corporation) C:\Windows\system32\dcomp.dll
2017-07-11 12:59 - 2017-07-07 02:13 - 00872472 _____ (Microsoft Corporation) C:\Windows\system32\ClipSVC.dll
2017-07-11 12:59 - 2017-07-07 02:13 - 00554392 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBHUB3.SYS
2017-07-11 12:59 - 2017-07-07 02:13 - 00336320 _____ (Microsoft Corporation) C:\Windows\system32\SecurityHealthService.exe
2017-07-11 12:59 - 2017-07-07 02:13 - 00147800 _____ (Microsoft Corporation) C:\Windows\system32\Clipc.dll
2017-07-11 12:59 - 2017-07-07 02:12 - 00411040 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2017-07-11 12:59 - 2017-07-07 02:12 - 00318232 _____ (Microsoft Corporation) C:\Windows\system32\wininit.exe
2017-07-11 12:59 - 2017-07-07 02:12 - 00228256 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2017-07-11 12:59 - 2017-07-07 02:11 - 07904784 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Protection.PlayReady.dll
2017-07-11 12:59 - 2017-07-07 02:11 - 00094624 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2017-07-11 12:59 - 2017-07-07 02:10 - 21353208 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2017-07-11 12:59 - 2017-07-07 02:10 - 01670496 _____ (Microsoft Corporation) C:\Windows\system32\winmde.dll
2017-07-11 12:59 - 2017-07-07 02:10 - 01337848 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2017-07-11 12:59 - 2017-07-07 02:10 - 01325968 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2017-07-11 12:59 - 2017-07-07 02:10 - 00372128 _____ (Microsoft Corporation) C:\Windows\system32\CloudExperienceHost.dll
2017-07-11 12:59 - 2017-07-07 02:10 - 00254168 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2017-07-11 12:59 - 2017-07-07 02:09 - 00041376 _____ (Microsoft Corporation) C:\Windows\system32\wininitext.dll
2017-07-11 12:59 - 2017-07-07 02:08 - 02229152 _____ (Microsoft Corporation) C:\Windows\system32\AppVEntSubsystems64.dll
2017-07-11 12:59 - 2017-07-07 02:08 - 01854880 _____ (Microsoft Corporation) C:\Windows\system32\AppVEntVirtualization.dll
2017-07-11 12:59 - 2017-07-07 02:08 - 01693600 _____ (Microsoft Corporation) C:\Windows\system32\AppVIntegration.dll
2017-07-11 12:59 - 2017-07-07 02:08 - 01458584 _____ (Microsoft Corporation) C:\Windows\system32\AppVEntSubsystemController.dll
2017-07-11 12:59 - 2017-07-07 02:08 - 01100704 _____ (Microsoft Corporation) C:\Windows\system32\AppVPolicy.dll
2017-07-11 12:59 - 2017-07-07 02:08 - 00992672 _____ (Microsoft Corporation) C:\Windows\system32\AppVManifest.dll
2017-07-11 12:59 - 2017-07-07 02:08 - 00848280 _____ (Microsoft Corporation) C:\Windows\system32\AppVOrchestration.dll
2017-07-11 12:59 - 2017-07-07 02:08 - 00846752 _____ (Microsoft Corporation) C:\Windows\system32\AppVClient.exe
2017-07-11 12:59 - 2017-07-07 02:08 - 00844704 _____ (Microsoft Corporation) C:\Windows\system32\AppVEntStreamingManager.dll
2017-07-11 12:59 - 2017-07-07 02:08 - 00774560 _____ (Microsoft Corporation) C:\Windows\system32\AppVReporting.dll
2017-07-11 12:59 - 2017-07-07 02:08 - 00699808 _____ (Microsoft Corporation) C:\Windows\system32\AppVCatalog.dll
2017-07-11 12:59 - 2017-07-07 02:08 - 00672672 _____ (Microsoft Corporation) C:\Windows\system32\AppVPublishing.dll
2017-07-11 12:59 - 2017-07-07 02:08 - 00506776 _____ (Microsoft Corporation) C:\Windows\system32\TransportDSA.dll
2017-07-11 12:59 - 2017-07-07 02:08 - 00399264 _____ (Microsoft Corporation) C:\Windows\system32\AppVScripting.dll
2017-07-11 12:59 - 2017-07-07 02:07 - 01106848 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys
2017-07-11 12:59 - 2017-07-07 02:07 - 00058488 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2017-07-11 12:59 - 2017-07-07 01:57 - 00626528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontdrvhost.exe
2017-07-11 12:59 - 2017-07-07 01:57 - 00125344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmapi.dll
2017-07-11 12:59 - 2017-07-07 01:40 - 23677440 _____ (Microsoft Corporation) C:\Windows\system32\edgehtml.dll
2017-07-11 12:59 - 2017-07-07 01:39 - 01839872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2017-07-11 12:59 - 2017-07-07 01:39 - 00096128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dmcmnutils.dll
2017-07-11 12:59 - 2017-07-07 01:37 - 31652264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecsRaw.dll
2017-07-11 12:59 - 2017-07-07 01:37 - 02259760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CoreUIComponents.dll
2017-07-11 12:59 - 2017-07-07 01:37 - 01339352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmpmde.dll
2017-07-11 12:59 - 2017-07-07 01:31 - 05820984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\windows.storage.dll
2017-07-11 12:59 - 2017-07-07 01:31 - 01518088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2017-07-11 12:59 - 2017-07-07 01:31 - 00129184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2017-07-11 12:59 - 2017-07-07 01:30 - 02165752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2017-07-11 12:59 - 2017-07-07 01:30 - 00949920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dcomp.dll
2017-07-11 12:59 - 2017-07-07 01:30 - 00750496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WWAHost.exe
2017-07-11 12:59 - 2017-07-07 01:29 - 00349600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2017-07-11 12:59 - 2017-07-07 01:29 - 00123520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Clipc.dll
2017-07-11 12:59 - 2017-07-07 01:27 - 06759512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Protection.PlayReady.dll
2017-07-11 12:59 - 2017-07-07 01:27 - 03670016 _____ (Microsoft Corporation) C:\Windows\system32\win32kfull.sys
2017-07-11 12:59 - 2017-07-07 01:27 - 01640448 _____ (Microsoft Corporation) C:\Windows\system32\GdiPlus.dll
2017-07-11 12:59 - 2017-07-07 01:27 - 01050624 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.dll
2017-07-11 12:59 - 2017-07-07 01:27 - 00859136 _____ (Microsoft Corporation) C:\Windows\system32\uDWM.dll
2017-07-11 12:59 - 2017-07-07 01:27 - 00577024 _____ (Microsoft Corporation) C:\Windows\system32\duser.dll
2017-07-11 12:59 - 2017-07-07 01:27 - 00557568 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2017-07-11 12:59 - 2017-07-07 01:27 - 00443392 _____ (Microsoft Corporation) C:\Windows\system32\PerceptionSimulationExtensions.dll
2017-07-11 12:59 - 2017-07-07 01:27 - 00360960 _____ (Microsoft Corporation) C:\Windows\system32\ConhostV2.dll
2017-07-11 12:59 - 2017-07-07 01:26 - 20373408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2017-07-11 12:59 - 2017-07-07 01:26 - 17364992 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.dll
2017-07-11 12:59 - 2017-07-07 01:26 - 01529384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winmde.dll
2017-07-11 12:59 - 2017-07-07 01:26 - 01195240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2017-07-11 12:59 - 2017-07-07 01:26 - 00988168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2017-07-11 12:59 - 2017-07-07 01:25 - 02199552 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.Resources.dll
2017-07-11 12:59 - 2017-07-07 01:25 - 00035232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininitext.dll
2017-07-11 12:59 - 2017-07-07 01:24 - 01517472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppVEntSubsystems32.dll
2017-07-11 12:59 - 2017-07-07 01:24 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\officecsp.dll
2017-07-11 12:59 - 2017-07-07 01:23 - 00583160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CoreMessaging.dll
2017-07-11 12:59 - 2017-07-07 01:23 - 00113152 _____ (Microsoft Corporation) C:\Windows\system32\wuuhosdeployment.dll
2017-07-11 12:59 - 2017-07-07 01:23 - 00110592 _____ (Microsoft Corporation) C:\Windows\system32\Chakradiag.dll
2017-07-11 12:59 - 2017-07-07 01:23 - 00095232 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2017-07-11 12:59 - 2017-07-07 01:23 - 00029696 _____ (Microsoft Corporation) C:\Windows\system32\eapprovp.dll
2017-07-11 12:59 - 2017-07-07 01:22 - 07931392 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll
2017-07-11 12:59 - 2017-07-07 01:22 - 00520704 _____ (Microsoft Corporation) C:\Windows\system32\daxexec.dll
2017-07-11 12:59 - 2017-07-07 01:21 - 00096256 _____ (Microsoft Corporation) C:\Windows\system32\ActiveSyncCsp.dll
2017-07-11 12:59 - 2017-07-07 01:21 - 00064512 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2017-07-11 12:59 - 2017-07-07 01:20 - 23681536 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
 
2017-07-11 12:59 - 2017-07-07 01:20 - 08331264 _____ (Microsoft Corporation) C:\Windows\system32\BingMaps.dll
2017-07-11 12:59 - 2017-07-07 01:20 - 00175616 _____ (Microsoft Corporation) C:\Windows\system32\prntvpt.dll
2017-07-11 12:59 - 2017-07-07 01:19 - 07149056 _____ (Microsoft Corporation) C:\Windows\system32\mos.dll
2017-07-11 12:59 - 2017-07-07 01:19 - 00527360 _____ (Microsoft Corporation) C:\Windows\system32\aadcloudap.dll
2017-07-11 12:59 - 2017-07-07 01:19 - 00256000 _____ (Microsoft Corporation) C:\Windows\system32\domgmt.dll
2017-07-11 12:59 - 2017-07-07 01:19 - 00165888 _____ (Microsoft Corporation) C:\Windows\system32\storewuauth.dll
2017-07-11 12:59 - 2017-07-07 01:19 - 00137216 _____ (Microsoft Corporation) C:\Windows\system32\raschap.dll
2017-07-11 12:59 - 2017-07-07 01:18 - 07336448 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Data.Pdf.dll
2017-07-11 12:59 - 2017-07-07 01:18 - 00563712 _____ (Microsoft Corporation) C:\Windows\system32\DevicePairing.dll
2017-07-11 12:59 - 2017-07-07 01:18 - 00548864 _____ (Microsoft Corporation) C:\Windows\system32\SensorService.dll
2017-07-11 12:59 - 2017-07-07 01:18 - 00353280 _____ (Microsoft Corporation) C:\Windows\system32\Wldap32.dll
2017-07-11 12:59 - 2017-07-07 01:18 - 00274944 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecsExt.dll
2017-07-11 12:59 - 2017-07-07 01:17 - 01878016 _____ (Microsoft Corporation) C:\Windows\system32\AzureSettingSyncProvider.dll
2017-07-11 12:59 - 2017-07-07 01:17 - 01260544 _____ (Microsoft Corporation) C:\Windows\system32\GamePanel.exe
2017-07-11 12:59 - 2017-07-07 01:17 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2017-07-11 12:59 - 2017-07-07 01:17 - 00588800 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2017-07-11 12:59 - 2017-07-07 01:17 - 00536064 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Internal.Management.dll
2017-07-11 12:59 - 2017-07-07 01:17 - 00422400 _____ (Microsoft Corporation) C:\Windows\system32\WpAXHolder.dll
2017-07-11 12:59 - 2017-07-07 01:17 - 00229888 _____ (Microsoft Corporation) C:\Windows\system32\SIHClient.exe
2017-07-11 12:59 - 2017-07-07 01:16 - 12786176 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2017-07-11 12:59 - 2017-07-07 01:16 - 00925696 _____ (Microsoft Corporation) C:\Windows\system32\WpcWebFilter.dll
2017-07-11 12:59 - 2017-07-07 01:16 - 00545792 _____ (Microsoft Corporation) C:\Windows\system32\winspool.drv
2017-07-11 12:59 - 2017-07-07 01:15 - 08238080 _____ (Microsoft Corporation) C:\Windows\system32\Chakra.dll
2017-07-11 12:59 - 2017-07-07 01:15 - 00922112 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2017-07-11 12:59 - 2017-07-07 01:14 - 08211968 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2017-07-11 12:59 - 2017-07-07 01:14 - 03784704 _____ (Microsoft Corporation) C:\Windows\system32\MapRouter.dll
2017-07-11 12:59 - 2017-07-07 01:14 - 02956800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32kfull.sys
2017-07-11 12:59 - 2017-07-07 01:14 - 01802240 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2017-07-11 12:59 - 2017-07-07 01:14 - 01448960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GdiPlus.dll
2017-07-11 12:59 - 2017-07-07 01:14 - 00790016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.dll
2017-07-11 12:59 - 2017-07-07 01:14 - 00570880 _____ (Microsoft Corporation) C:\Windows\system32\PhotoScreensaver.scr
2017-07-11 12:59 - 2017-07-07 01:14 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll
2017-07-11 12:59 - 2017-07-07 01:13 - 13839872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.dll
2017-07-11 12:59 - 2017-07-07 01:13 - 05892096 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2017-07-11 12:59 - 2017-07-07 01:13 - 00840192 _____ (Microsoft Corporation) C:\Windows\system32\fveapi.dll
2017-07-11 12:59 - 2017-07-07 01:12 - 04730880 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2017-07-11 12:59 - 2017-07-07 01:12 - 03307008 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2017-07-11 12:59 - 2017-07-07 01:12 - 02499584 _____ (Microsoft Corporation) C:\Windows\system32\twinui.pcshell.dll
2017-07-11 12:59 - 2017-07-07 01:12 - 02199552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.Resources.dll
2017-07-11 12:59 - 2017-07-07 01:12 - 02055168 _____ (Microsoft Corporation) C:\Windows\system32\win32kbase.sys
2017-07-11 12:59 - 2017-07-07 01:12 - 01713664 _____ (Microsoft Corporation) C:\Windows\system32\ActiveSyncProvider.dll
2017-07-11 12:59 - 2017-07-07 01:12 - 01420800 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.Maps.dll
2017-07-11 12:59 - 2017-07-07 01:12 - 01305088 _____ (Microsoft Corporation) C:\Windows\system32\dosvc.dll
2017-07-11 12:59 - 2017-07-07 01:12 - 01293824 _____ (Microsoft Corporation) C:\Windows\system32\aadtb.dll
2017-07-11 12:59 - 2017-07-07 01:12 - 01142272 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2017-07-11 12:59 - 2017-07-07 01:12 - 00706560 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2017-07-11 12:59 - 2017-07-07 01:11 - 03139584 _____ (Microsoft Corporation) C:\Windows\system32\msftedit.dll
2017-07-11 12:59 - 2017-07-07 01:11 - 02829824 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2017-07-11 12:59 - 2017-07-07 01:11 - 02649600 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll
2017-07-11 12:59 - 2017-07-07 01:11 - 02177024 _____ (Microsoft Corporation) C:\Windows\system32\OpcServices.dll
2017-07-11 12:59 - 2017-07-07 01:11 - 01888256 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2017-07-11 12:59 - 2017-07-07 01:11 - 01812480 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2017-07-11 12:59 - 2017-07-07 01:11 - 00986112 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2017-07-11 12:59 - 2017-07-07 01:11 - 00406528 _____ (Microsoft Corporation) C:\Windows\system32\wuuhext.dll
2017-07-11 12:59 - 2017-07-07 01:10 - 05557760 _____ (Microsoft Corporation) C:\Windows\system32\dbgeng.dll
2017-07-11 12:59 - 2017-07-07 01:10 - 04707840 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2017-07-11 12:59 - 2017-07-07 01:10 - 02444288 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2017-07-11 12:59 - 2017-07-07 01:10 - 00079872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2017-07-11 12:59 - 2017-07-07 01:10 - 00025088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\eapprovp.dll
2017-07-11 12:59 - 2017-07-07 01:09 - 20504576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\edgehtml.dll
2017-07-11 12:59 - 2017-07-07 01:09 - 00365056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\daxexec.dll
2017-07-11 12:59 - 2017-07-07 01:08 - 00285696 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2017-07-11 12:59 - 2017-07-07 01:07 - 00430080 _____ (Microsoft Corporation) C:\Windows\system32\PlayToDevice.dll
2017-07-11 12:59 - 2017-07-07 01:07 - 00391168 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2017-07-11 12:59 - 2017-07-07 01:07 - 00272896 _____ (Microsoft Corporation) C:\Windows\system32\PlayToReceiver.dll
2017-07-11 12:59 - 2017-07-07 01:07 - 00117248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\raschap.dll
2017-07-11 12:59 - 2017-07-07 01:06 - 00412160 _____ (Microsoft Corporation) C:\Windows\system32\SensorsApi.dll
2017-07-11 12:59 - 2017-07-07 01:06 - 00241152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecsExt.dll
2017-07-11 12:59 - 2017-07-07 01:06 - 00205824 _____ (Microsoft Corporation) C:\Windows\system32\sensrsvc.dll
2017-07-11 12:59 - 2017-07-07 01:05 - 19335168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2017-07-11 12:59 - 2017-07-07 01:05 - 11870720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2017-07-11 12:59 - 2017-07-07 01:05 - 06728192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll
2017-07-11 12:59 - 2017-07-07 01:05 - 05719040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\BingMaps.dll
2017-07-11 12:59 - 2017-07-07 01:05 - 00502784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DevicePairing.dll
2017-07-11 12:59 - 2017-07-07 01:05 - 00370176 _____ (Microsoft Corporation) C:\Windows\system32\msinfo32.exe
2017-07-11 12:59 - 2017-07-07 01:05 - 00312320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Wldap32.dll
2017-07-11 12:59 - 2017-07-07 01:04 - 05961216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Data.Pdf.dll
2017-07-11 12:59 - 2017-07-07 01:04 - 01703424 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2017-07-11 12:59 - 2017-07-07 01:04 - 01403392 _____ (Microsoft Corporation) C:\Windows\system32\wdc.dll
2017-07-11 12:59 - 2017-07-07 01:04 - 01248768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AzureSettingSyncProvider.dll
2017-07-11 12:59 - 2017-07-07 01:04 - 00754176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2017-07-11 12:59 - 2017-07-07 01:04 - 00506368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2017-07-11 12:59 - 2017-07-07 01:04 - 00394240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Internal.Management.dll
2017-07-11 12:59 - 2017-07-07 01:04 - 00058368 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2017-07-11 12:59 - 2017-07-07 01:03 - 06123520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mos.dll
2017-07-11 12:59 - 2017-07-07 01:03 - 00636416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WpcWebFilter.dll
2017-07-11 12:59 - 2017-07-07 01:03 - 00446464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastls.dll
2017-07-11 12:59 - 2017-07-07 01:02 - 00952832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comdlg32.dll
2017-07-11 12:59 - 2017-07-07 01:02 - 00508416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PhotoScreensaver.scr
2017-07-11 12:59 - 2017-07-07 01:01 - 06287360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakra.dll
2017-07-11 12:59 - 2017-07-07 01:01 - 02859520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2017-07-11 12:59 - 2017-07-07 01:00 - 07596544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2017-07-11 12:59 - 2017-07-07 01:00 - 05225984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2017-07-11 12:59 - 2017-07-07 01:00 - 02588160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MapRouter.dll
2017-07-11 12:59 - 2017-07-07 01:00 - 01626624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2017-07-11 12:59 - 2017-07-07 01:00 - 01565184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2017-07-11 12:59 - 2017-07-07 01:00 - 01019904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aadtb.dll
2017-07-11 12:59 - 2017-07-07 00:59 - 04417024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll
2017-07-11 12:59 - 2017-07-07 00:59 - 03656704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2017-07-11 12:59 - 2017-07-07 00:59 - 01494016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ActiveSyncProvider.dll
2017-07-11 12:59 - 2017-07-07 00:59 - 01355264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\OpcServices.dll
2017-07-11 12:59 - 2017-07-07 00:59 - 00787456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2017-07-11 12:59 - 2017-07-07 00:58 - 04559360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dbgeng.dll
2017-07-11 12:59 - 2017-07-07 00:58 - 02782720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msftedit.dll
2017-07-11 12:59 - 2017-07-07 00:58 - 02298368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmcore.dll
2017-07-11 12:59 - 2017-07-07 00:58 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.Maps.dll
2017-07-11 12:59 - 2017-07-07 00:55 - 00342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2017-07-11 12:59 - 2017-07-07 00:55 - 00329216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SensorsApi.dll
2017-07-11 12:59 - 2017-07-07 00:53 - 01301504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdc.dll
2017-07-11 12:59 - 2017-07-07 00:53 - 00338432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msinfo32.exe
2017-07-11 12:59 - 2017-07-01 17:52 - 00031932 _____ C:\Windows\system32\edgehtmlpluginpolicy.bin
2017-07-11 12:45 - 2017-07-11 19:40 - 00082164 _____ C:\Users\Christopher\Desktop\Addition.txt
2017-07-11 12:44 - 2017-07-11 21:11 - 00027571 _____ C:\Users\Christopher\Desktop\FRST.txt
2017-07-11 12:35 - 2017-07-11 12:35 - 00000000 ____D C:\ProgramData\Shared Space
2017-07-11 12:35 - 2017-07-11 12:35 - 00000000 ____D C:\ProgramData\Comodo Downloader
2017-07-11 12:35 - 2017-07-11 12:35 - 00000000 ____D C:\ProgramData\Comodo
2017-07-11 12:34 - 2017-07-11 12:34 - 00002259 _____ C:\Windows\epplauncher.mif
2017-07-10 22:31 - 2017-07-10 22:31 - 00001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2017-07-10 22:31 - 2017-07-10 22:31 - 00000993 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2017-07-10 22:31 - 2017-07-10 22:31 - 00000000 ____D C:\Program Files\Mozilla Firefox
2017-07-10 22:31 - 2017-07-10 22:31 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-07-10 22:00 - 2017-07-10 22:00 - 00003692 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3319825686-2643767977-2016650390-1001UA
2017-07-10 22:00 - 2017-07-10 22:00 - 00003424 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3319825686-2643767977-2016650390-1001Core
2017-07-10 22:00 - 2017-07-10 22:00 - 00002503 _____ C:\Users\Christopher\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-07-10 22:00 - 2017-07-10 22:00 - 00002495 _____ C:\Users\Christopher\Desktop\Google Chrome.lnk
2017-07-10 15:12 - 2017-07-10 15:14 - 00000000 ____D C:\Users\Christopher\Desktop\3DS Stuff
2017-07-10 15:07 - 2017-03-23 10:04 - 03547136 _____ C:\Windows\system32\pwNative.exe
2017-07-10 15:06 - 2017-07-10 15:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MiniTool Partition Wizard 10
2017-07-10 15:06 - 2017-07-10 15:06 - 00000000 ____D C:\Program Files\MiniTool Partition Wizard 10
2017-07-10 15:06 - 2013-09-30 16:26 - 00019152 _____ C:\Windows\system32\pwdrvio.sys
2017-07-10 15:06 - 2013-09-30 16:26 - 00012504 _____ C:\Windows\system32\pwdspio.sys
2017-07-10 13:23 - 2017-07-10 13:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2017-07-10 13:23 - 2017-07-10 13:23 - 00000000 ____D C:\Program Files (x86)\LogMeIn Hamachi
2017-07-08 23:31 - 2017-07-08 23:31 - 00000000 ____D C:\Users\Christopher\AppData\LocalLow\Smartly Dressed Games
2017-07-03 22:47 - 2017-07-03 22:47 - 00000222 _____ C:\Users\Christopher\Desktop\Watch_Dogs.url
2017-07-03 21:39 - 2017-07-03 21:39 - 00000000 ____D C:\Users\Christopher\AppData\Local\PeerDistRepub
2017-07-03 13:53 - 2017-07-03 13:54 - 00000000 ____D C:\Windows\CSC
2017-07-03 13:53 - 2017-07-03 13:53 - 00000000 __SHD C:\Windows\BitLockerDiscoveryVolumeContents
2017-07-03 13:53 - 2017-07-03 13:53 - 00000000 ___SD C:\Windows\system32\AppV
2017-07-03 13:53 - 2017-07-03 13:53 - 00000000 ____D C:\Windows\RemotePackages
2017-07-03 13:53 - 2017-07-03 13:53 - 00000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2017-07-03 13:50 - 2017-03-18 15:59 - 00034774 _____ C:\Windows\Professional.xml
2017-07-02 19:47 - 2017-07-02 19:47 - 00001111 _____ C:\Users\Public\Desktop\Vegas Pro 13.0 (64-bit).lnk
2017-07-02 19:47 - 2017-07-02 19:47 - 00000000 ____D C:\ProgramData\Sony
2017-07-02 19:47 - 2017-07-02 19:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony
2017-07-02 19:47 - 2017-07-02 19:47 - 00000000 ____D C:\Program Files\Sony
2017-07-02 19:47 - 2017-07-02 19:47 - 00000000 ____D C:\Program Files (x86)\Sony
2017-07-02 19:21 - 2017-07-02 19:21 - 00000000 ____D C:\Users\Christopher\AppData\Roaming\Sony Creative Software Inc
2017-07-01 21:11 - 2017-07-01 21:11 - 00001128 _____ C:\Users\Public\Desktop\OpenOffice 4.1.3.lnk
2017-07-01 21:11 - 2017-07-01 21:11 - 00000000 ___SD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.3
2017-07-01 21:11 - 2017-07-01 21:11 - 00000000 ____D C:\Users\Christopher\AppData\Roaming\OpenOffice
2017-07-01 21:11 - 2017-07-01 21:11 - 00000000 ____D C:\Program Files (x86)\OpenOffice 4
2017-06-30 15:12 - 2017-06-30 15:12 - 00000000 ____D C:\Users\Christopher\AppData\Local\ESET
2017-06-29 23:44 - 2017-07-09 16:24 - 00003376 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1498797898
2017-06-29 23:44 - 2017-07-09 16:24 - 00000000 ____D C:\Program Files\Opera
2017-06-29 23:44 - 2017-06-29 23:44 - 00001166 _____ C:\Users\Public\Desktop\Opera Browser.lnk
2017-06-29 23:44 - 2017-06-29 23:44 - 00001166 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera Browser.lnk
2017-06-29 22:36 - 2017-06-29 22:36 - 00000000 ____D C:\Users\Christopher\AppData\Local\Deployment
2017-06-29 22:18 - 2017-07-11 20:04 - 00000000 ____D C:\AdwCleaner
2017-06-29 20:56 - 2017-06-20 00:04 - 01818624 _____ (Microsoft Corporation) C:\Windows\system32\UIAutomationCore.dll
2017-06-29 20:56 - 2017-06-20 00:02 - 03377664 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll
2017-06-29 20:56 - 2017-06-20 00:01 - 03332096 _____ (Microsoft Corporation) C:\Windows\system32\SRH.dll
2017-06-29 20:56 - 2017-06-20 00:00 - 02597888 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll
2017-06-29 20:56 - 2017-06-19 23:39 - 02671616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tquery.dll
2017-06-29 20:56 - 2017-06-19 23:38 - 01451008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIAutomationCore.dll
2017-06-29 20:56 - 2017-06-19 23:35 - 02679296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SRH.dll
2017-06-29 20:56 - 2017-06-19 23:35 - 02132480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssrch.dll
2017-06-29 20:55 - 2017-06-20 01:18 - 01564576 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2017-06-29 20:55 - 2017-06-20 01:16 - 01214880 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2017-06-29 20:55 - 2017-06-20 01:11 - 00411992 _____ (Microsoft Corporation) C:\Windows\system32\MSAudDecMFT.dll
2017-06-29 20:55 - 2017-06-20 01:04 - 04847424 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2017-06-29 20:55 - 2017-06-20 01:02 - 02645688 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2017-06-29 20:55 - 2017-06-20 01:02 - 01055648 _____ (Microsoft Corporation) C:\Windows\system32\LicenseManager.dll
2017-06-29 20:55 - 2017-06-20 01:00 - 00558920 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.dll
2017-06-29 20:55 - 2017-06-20 01:00 - 00255904 _____ (Microsoft Corporation) C:\Windows\system32\AppxAllUserStore.dll
2017-06-29 20:55 - 2017-06-20 01:00 - 00142752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wcifs.sys
2017-06-29 20:55 - 2017-06-20 00:59 - 06554928 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.dll
2017-06-29 20:55 - 2017-06-20 00:59 - 01220072 _____ (Microsoft Corporation) C:\Windows\system32\mfsvr.dll
2017-06-29 20:55 - 2017-06-20 00:59 - 01054280 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2017-06-29 20:55 - 2017-06-20 00:58 - 00406072 _____ (Microsoft Corporation) C:\Windows\system32\MMDevAPI.dll
2017-06-29 20:55 - 2017-06-20 00:57 - 02681760 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2017-06-29 20:55 - 2017-06-20 00:15 - 00455104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSAudDecMFT.dll
2017-06-29 20:55 - 2017-06-20 00:14 - 01150784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll
2017-06-29 20:55 - 2017-06-20 00:12 - 00293376 _____ (Microsoft Corporation) C:\Windows\system32\MusNotification.exe
2017-06-29 20:55 - 2017-06-20 00:11 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2017-06-29 20:55 - 2017-06-20 00:10 - 00722432 _____ (Microsoft Corporation) C:\Windows\system32\MusUpdateHandlers.dll
2017-06-29 20:55 - 2017-06-20 00:10 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\SettingsEnvironment.Desktop.dll
2017-06-29 20:55 - 2017-06-20 00:10 - 00096256 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2017-06-29 20:55 - 2017-06-20 00:09 - 00427008 _____ (Microsoft Corporation) C:\Windows\system32\provengine.dll
2017-06-29 20:55 - 2017-06-20 00:09 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2017-06-29 20:55 - 2017-06-20 00:08 - 04469840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2017-06-29 20:55 - 2017-06-20 00:08 - 00646656 _____ (Microsoft Corporation) C:\Windows\system32\LockHostingFramework.dll
2017-06-29 20:55 - 2017-06-20 00:08 - 00386560 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2017-06-29 20:55 - 2017-06-20 00:08 - 00274944 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2017-06-29 20:55 - 2017-06-20 00:07 - 00823296 _____ (Microsoft Corporation) C:\Windows\system32\MbaeApi.dll
2017-06-29 20:55 - 2017-06-20 00:07 - 00632832 _____ (Microsoft Corporation) C:\Windows\system32\tileobjserver.dll
2017-06-29 20:55 - 2017-06-20 00:07 - 00510976 _____ (Microsoft Corporation) C:\Windows\system32\TDLMigration.dll
2017-06-29 20:55 - 2017-06-20 00:07 - 00411136 _____ (Microsoft Corporation) C:\Windows\system32\updatehandlers.dll
2017-06-29 20:55 - 2017-06-20 00:06 - 00847872 _____ (Microsoft Corporation) C:\Windows\system32\bisrv.dll
2017-06-29 20:55 - 2017-06-20 00:06 - 00754592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\LicenseManager.dll
2017-06-29 20:55 - 2017-06-20 00:06 - 00751104 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2017-06-29 20:55 - 2017-06-20 00:06 - 00411648 _____ (Microsoft Corporation) C:\Windows\system32\ActivationManager.dll
2017-06-29 20:55 - 2017-06-20 00:06 - 00299520 _____ (Microsoft Corporation) C:\Windows\system32\AboveLockAppHost.dll
2017-06-29 20:55 - 2017-06-20 00:05 - 04447744 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_nt.dll
2017-06-29 20:55 - 2017-06-20 00:05 - 01468416 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.desktop.dll
2017-06-29 20:55 - 2017-06-20 00:05 - 00687616 _____ (Microsoft Corporation) C:\Windows\system32\LogonController.dll
2017-06-29 20:55 - 2017-06-20 00:05 - 00585216 _____ (Microsoft Corporation) C:\Windows\system32\AppReadiness.dll
2017-06-29 20:55 - 2017-06-20 00:05 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\InstallAgentUserBroker.exe
2017-06-29 20:55 - 2017-06-20 00:05 - 00406528 _____ (Microsoft Corporation) C:\Windows\system32\InputSwitch.dll
2017-06-29 20:55 - 2017-06-20 00:05 - 00374784 _____ (Microsoft Corporation) C:\Windows\system32\InstallAgent.exe
2017-06-29 20:55 - 2017-06-20 00:05 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\cldapi.dll
2017-06-29 20:55 - 2017-06-20 00:04 - 02330520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\combase.dll
2017-06-29 20:55 - 2017-06-20 00:04 - 01177600 _____ (Microsoft Corporation) C:\Windows\system32\Unistore.dll
2017-06-29 20:55 - 2017-06-20 00:04 - 00181656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppxAllUserStore.dll
2017-06-29 20:55 - 2017-06-20 00:03 - 05806048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.dll
2017-06-29 20:55 - 2017-06-20 00:03 - 02077184 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2017-06-29 20:55 - 2017-06-20 00:03 - 01396224 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2017-06-29 20:55 - 2017-06-20 00:02 - 03204096 _____ (Microsoft Corporation) C:\Windows\system32\Microsoft.Bluetooth.Profiles.Gatt.dll
2017-06-29 20:55 - 2017-06-20 00:02 - 02804736 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentServer.dll
2017-06-29 20:55 - 2017-06-20 00:02 - 01886208 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.onecore.dll
2017-06-29 20:55 - 2017-06-20 00:02 - 01121928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfsvr.dll
2017-06-29 20:55 - 2017-06-20 00:02 - 00681984 _____ (Microsoft Corporation) C:\Windows\system32\usocore.dll
2017-06-29 20:55 - 2017-06-20 00:02 - 00354400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MMDevAPI.dll
2017-06-29 20:55 - 2017-06-20 00:01 - 04536320 _____ (Microsoft Corporation) C:\Windows\system32\MFMediaEngine.dll
2017-06-29 20:55 - 2017-06-20 00:01 - 04396032 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_47.dll
2017-06-29 20:55 - 2017-06-20 00:01 - 03803136 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettingsThresholdAdminFlowUI.dll
2017-06-29 20:55 - 2017-06-20 00:01 - 03059200 _____ (Microsoft Corporation) C:\Windows\system32\NetworkMobileSettings.dll
2017-06-29 20:55 - 2017-06-20 00:01 - 01076736 _____ (Microsoft Corporation) C:\Windows\system32\twinui.appcore.dll
2017-06-29 20:55 - 2017-06-20 00:00 - 03057664 _____ (Microsoft Corporation) C:\Windows\system32\CertEnroll.dll
2017-06-29 20:55 - 2017-06-20 00:00 - 02171392 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Bluetooth.dll
2017-06-29 20:55 - 2017-06-19 23:59 - 02938880 _____ (Microsoft Corporation) C:\Windows\system32\InputService.dll
2017-06-29 20:55 - 2017-06-19 23:59 - 01674240 _____ (Microsoft Corporation) C:\Windows\system32\wpncore.dll
2017-06-29 20:55 - 2017-06-19 23:59 - 01357824 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2017-06-29 20:55 - 2017-06-19 23:58 - 00625152 _____ (Microsoft Corporation) C:\Windows\system32\AudioEndpointBuilder.dll
2017-06-29 20:55 - 2017-06-19 23:56 - 00985600 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll
2017-06-29 20:55 - 2017-06-19 23:43 - 00329728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webplatstorageserver.dll
2017-06-29 20:55 - 2017-06-19 23:43 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2017-06-29 20:55 - 2017-06-19 23:43 - 00080384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2017-06-29 20:55 - 2017-06-19 23:42 - 00338432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2017-06-29 20:55 - 2017-06-19 23:42 - 00266240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2017-06-29 20:55 - 2017-06-19 23:40 - 00368128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InstallAgentUserBroker.exe
2017-06-29 20:55 - 2017-06-19 23:40 - 00356864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ActivationManager.dll
2017-06-29 20:55 - 2017-06-19 23:39 - 00969728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Unistore.dll
2017-06-29 20:55 - 2017-06-19 23:38 - 01285120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dbghelp.dll
2017-06-29 20:55 - 2017-06-19 23:38 - 00663040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2017-06-29 20:55 - 2017-06-19 23:38 - 00329728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InstallAgent.exe
2017-06-29 20:55 - 2017-06-19 23:37 - 02008576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2017-06-29 20:55 - 2017-06-19 23:36 - 03667456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_47.dll
2017-06-29 20:55 - 2017-06-19 23:34 - 04056576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFMediaEngine.dll
2017-06-29 20:55 - 2017-06-19 23:34 - 02750464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CertEnroll.dll
2017-06-29 20:55 - 2017-06-19 23:34 - 02211328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InputService.dll
2017-06-29 20:55 - 2017-06-19 23:34 - 01492480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Bluetooth.dll
2017-06-29 20:55 - 2017-06-19 23:30 - 00089088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\olepro32.dll
2017-06-29 20:54 - 2017-06-20 01:18 - 00096672 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2017-06-29 20:54 - 2017-06-20 01:17 - 00629152 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2017-06-29 20:54 - 2017-06-20 01:17 - 00544160 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2017-06-29 20:54 - 2017-06-20 01:17 - 00334240 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2017-06-29 20:54 - 2017-06-20 01:17 - 00136096 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2017-06-29 20:54 - 2017-06-20 01:17 - 00034720 _____ (Microsoft Corporation) C:\Windows\system32\DeviceCensus.exe
2017-06-29 20:54 - 2017-06-20 01:16 - 00335776 _____ (Microsoft Corporation) C:\Windows\system32\dcntel.dll
2017-06-29 20:54 - 2017-06-20 01:15 - 00233376 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2017-06-29 20:54 - 2017-06-20 01:11 - 01395152 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2017-06-29 20:54 - 2017-06-20 01:10 - 02327456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2017-06-29 20:54 - 2017-06-20 01:10 - 01930320 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2017-06-29 20:54 - 2017-06-20 01:08 - 01242528 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2017-06-29 20:54 - 2017-06-20 01:06 - 00279968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2017-06-29 20:54 - 2017-06-20 01:05 - 01057832 _____ (Microsoft Corporation) C:\Windows\system32\MrmCoreR.dll
2017-06-29 20:54 - 2017-06-20 01:04 - 00472728 _____ (Microsoft Corporation) C:\Windows\system32\policymanager.dll
2017-06-29 20:54 - 2017-06-20 01:03 - 00820128 _____ (Microsoft Corporation) C:\Windows\system32\WWAHost.exe
2017-06-29 20:54 - 2017-06-20 01:03 - 00179608 _____ (Microsoft Corporation) C:\Windows\system32\CloudExperienceHostUser.dll
2017-06-29 20:54 - 2017-06-20 01:03 - 00102312 _____ (Microsoft Corporation) C:\Windows\system32\CredentialUIBroker.exe
2017-06-29 20:54 - 2017-06-20 01:02 - 00426912 _____ (Microsoft Corporation) C:\Windows\system32\CloudExperienceHostCommon.dll
2017-06-29 20:54 - 2017-06-20 00:59 - 00583304 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2017-06-29 20:54 - 2017-06-20 00:59 - 00467504 _____ (Microsoft Corporation) C:\Windows\system32\MFCaptureEngine.dll
2017-06-29 20:54 - 2017-06-20 00:58 - 00833160 _____ (Microsoft Corporation) C:\Windows\system32\EditionUpgradeManagerObj.dll
2017-06-29 20:54 - 2017-06-20 00:58 - 00203168 _____ (Microsoft Corporation) C:\Windows\system32\CloudExperienceHostBroker.dll
2017-06-29 20:54 - 2017-06-20 00:57 - 00204192 _____ (Microsoft Corporation) C:\Windows\system32\basecsp.dll
2017-06-29 20:54 - 2017-06-20 00:34 - 00192416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aepic.dll
2017-06-29 20:54 - 2017-06-20 00:16 - 00970752 _____ (Microsoft Corporation) C:\Windows\system32\msctfuimanager.dll
2017-06-29 20:54 - 2017-06-20 00:16 - 00417280 _____ (Microsoft Corporation) C:\Windows\system32\oleacc.dll
2017-06-29 20:54 - 2017-06-20 00:15 - 01620368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2017-06-29 20:54 - 2017-06-20 00:14 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mskssrv.sys
2017-06-29 20:54 - 2017-06-20 00:13 - 00787712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2017-06-29 20:54 - 2017-06-20 00:13 - 00216064 _____ (Microsoft Corporation) C:\Windows\system32\Microsoft.Bluetooth.Profiles.Gatt.Interface.dll
2017-06-29 20:54 - 2017-06-20 00:13 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\wwanprotdim.dll
2017-06-29 20:54 - 2017-06-20 00:13 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\WFDSConMgr.dll
2017-06-29 20:54 - 2017-06-20 00:13 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\WinBioDataModelOOBE.exe
2017-06-29 20:54 - 2017-06-20 00:12 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\DolbyMATEnc.dll
2017-06-29 20:54 - 2017-06-20 00:12 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\Windows.System.Profile.RetailInfo.dll
2017-06-29 20:54 - 2017-06-20 00:12 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bridge.sys
2017-06-29 20:54 - 2017-06-20 00:12 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hdaudbus.sys
2017-06-29 20:54 - 2017-06-20 00:11 - 00200192 _____ (Microsoft Corporation) C:\Windows\system32\ScDeviceEnum.dll
2017-06-29 20:54 - 2017-06-20 00:10 - 00778240 _____ (Microsoft Corporation) C:\Windows\system32\DolbyHrtfEnc.dll
2017-06-29 20:54 - 2017-06-20 00:10 - 00189440 _____ (Microsoft Corporation) C:\Windows\system32\BluetoothApis.dll
2017-06-29 20:54 - 2017-06-20 00:10 - 00188928 _____ (Microsoft Corporation) C:\Windows\system32\wincredui.dll
2017-06-29 20:54 - 2017-06-20 00:09 - 00555008 _____ (Microsoft Corporation) C:\Windows\system32\WFDSConMgrSvc.dll
2017-06-29 20:54 - 2017-06-20 00:09 - 00551424 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Payments.dll
2017-06-29 20:54 - 2017-06-20 00:09 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Shell.BlueLightReduction.dll
2017-06-29 20:54 - 2017-06-20 00:09 - 00406032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\policymanager.dll
2017-06-29 20:54 - 2017-06-20 00:09 - 00357888 _____ (Microsoft Corporation) C:\Windows\system32\Narrator.exe
2017-06-29 20:54 - 2017-06-20 00:09 - 00250368 _____ (Microsoft Corporation) C:\Windows\system32\SCardSvr.dll
2017-06-29 20:54 - 2017-06-20 00:09 - 00208384 _____ (Microsoft Corporation) C:\Windows\system32\psmsrv.dll
2017-06-29 20:54 - 2017-06-20 00:09 - 00205312 _____ (Microsoft Corporation) C:\Windows\system32\ClipboardServer.dll
2017-06-29 20:54 - 2017-06-20 00:09 - 00189952 _____ (Microsoft Corporation) C:\Windows\system32\certprop.dll
2017-06-29 20:54 - 2017-06-20 00:09 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sendmail.dll
2017-06-29 20:54 - 2017-06-20 00:09 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\dataclen.dll
2017-06-29 20:54 - 2017-06-20 00:08 - 00791040 _____ (Microsoft Corporation) C:\Windows\system32\certca.dll
2017-06-29 20:54 - 2017-06-20 00:08 - 00365056 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_Notifications.dll
2017-06-29 20:54 - 2017-06-20 00:08 - 00328704 _____ (Microsoft Corporation) C:\Windows\system32\PsmServiceExtHost.dll
2017-06-29 20:54 - 2017-06-20 00:08 - 00327168 _____ (Microsoft Corporation) C:\Windows\system32\WinBioDataModel.dll
2017-06-29 20:54 - 2017-06-20 00:08 - 00251392 _____ (Microsoft Corporation) C:\Windows\system32\scksp.dll
2017-06-29 20:54 - 2017-06-20 00:07 - 02475136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2017-06-29 20:54 - 2017-06-20 00:07 - 00916992 _____ (Microsoft Corporation) C:\Windows\system32\bcastdvr.exe
2017-06-29 20:54 - 2017-06-20 00:07 - 00757248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdiWiFi.sys
2017-06-29 20:54 - 2017-06-20 00:07 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Internal.Bluetooth.dll
2017-06-29 20:54 - 2017-06-20 00:07 - 00621056 _____ (Microsoft Corporation) C:\Windows\system32\SndVolSSO.dll
2017-06-29 20:54 - 2017-06-20 00:07 - 00346016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CloudExperienceHostCommon.dll
2017-06-29 20:54 - 2017-06-20 00:07 - 00138656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CloudExperienceHostUser.dll
2017-06-29 20:54 - 2017-06-20 00:06 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\wbiosrvc.dll
2017-06-29 20:54 - 2017-06-20 00:06 - 00455680 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2017-06-29 20:54 - 2017-06-20 00:06 - 00335872 _____ (Microsoft Corporation) C:\Windows\system32\CloudDomainJoinDataModelServer.dll
2017-06-29 20:54 - 2017-06-20 00:06 - 00278944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\thumbcache.dll
2017-06-29 20:54 - 2017-06-20 00:06 - 00253440 _____ (Microsoft Corporation) C:\Windows\system32\edputil.dll
2017-06-29 20:54 - 2017-06-20 00:06 - 00045056 _____ (Microsoft Corporation) C:\Windows\system32\TokenBrokerUI.dll
2017-06-29 20:54 - 2017-06-20 00:05 - 02873344 _____ (Microsoft Corporation) C:\Windows\system32\themeui.dll
2017-06-29 20:54 - 2017-06-20 00:05 - 00873472 _____ (Microsoft Corporation) C:\Windows\system32\rasmans.dll
2017-06-29 20:54 - 2017-06-20 00:05 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\mmsys.cpl
2017-06-29 20:54 - 2017-06-20 00:05 - 00438096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.dll
2017-06-29 20:54 - 2017-06-20 00:05 - 00364032 _____ (Microsoft Corporation) C:\Windows\system32\SearchProtocolHost.exe
2017-06-29 20:54 - 2017-06-20 00:04 - 01425920 _____ (Microsoft Corporation) C:\Windows\system32\certutil.exe
2017-06-29 20:54 - 2017-06-20 00:04 - 01178528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppxPackaging.dll
2017-06-29 20:54 - 2017-06-20 00:04 - 01077496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webservices.dll
2017-06-29 20:54 - 2017-06-20 00:04 - 00899072 _____ (Microsoft Corporation) C:\Windows\system32\SmartcardCredentialProvider.dll
2017-06-29 20:54 - 2017-06-20 00:04 - 00802816 _____ (Microsoft Corporation) C:\Windows\system32\wcmsvc.dll
2017-06-29 20:54 - 2017-06-20 00:04 - 00400896 _____ (Microsoft Corporation) C:\Windows\system32\RDXTaskFactory.dll
2017-06-29 20:54 - 2017-06-20 00:04 - 00178176 _____ (Microsoft Corporation) C:\Windows\system32\EditionUpgradeHelper.dll
2017-06-29 20:54 - 2017-06-20 00:04 - 00049656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msasn1.dll
2017-06-29 20:54 - 2017-06-20 00:03 - 00864240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2017-06-29 20:54 - 2017-06-20 00:03 - 00443728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFCaptureEngine.dll
2017-06-29 20:54 - 2017-06-20 00:02 - 00081920 _____ (Microsoft Corporation) C:\Windows\system32\CloudDomainJoinAUG.dll
2017-06-29 20:54 - 2017-06-20 00:01 - 00809984 _____ (Microsoft Corporation) C:\Windows\system32\rasapi32.dll
2017-06-29 20:54 - 2017-06-20 00:01 - 00397312 _____ (Microsoft Corporation) C:\Windows\system32\rascustom.dll
2017-06-29 20:54 - 2017-06-20 00:01 - 00176032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\basecsp.dll
2017-06-29 20:54 - 2017-06-19 23:57 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\omadmclient.exe
2017-06-29 20:54 - 2017-06-19 23:57 - 00138752 _____ (Microsoft Corporation) C:\Windows\system32\DMPushRouterCore.dll
2017-06-29 20:54 - 2017-06-19 23:56 - 00600064 _____ (Microsoft Corporation) C:\Windows\system32\FrameServer.dll
2017-06-29 20:54 - 2017-06-19 23:56 - 00241152 _____ (Microsoft Corporation) C:\Windows\system32\wdmaud.drv
2017-06-29 20:54 - 2017-06-19 23:54 - 00059392 _____ (Microsoft Corporation) C:\Windows\system32\DmApiSetExtImplDesktop.dll
2017-06-29 20:54 - 2017-06-19 23:49 - 00899072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctfuimanager.dll
2017-06-29 20:54 - 2017-06-19 23:49 - 00331776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleacc.dll
2017-06-29 20:54 - 2017-06-19 23:46 - 00132096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Microsoft.Bluetooth.Profiles.Gatt.Interface.dll
2017-06-29 20:54 - 2017-06-19 23:45 - 00111104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.System.Profile.RetailInfo.dll
2017-06-29 20:54 - 2017-06-19 23:45 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2017-06-29 20:54 - 2017-06-19 23:43 - 00173568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ClipboardServer.dll
2017-06-29 20:54 - 2017-06-19 23:43 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wincredui.dll
2017-06-29 20:54 - 2017-06-19 23:43 - 00139776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\BluetoothApis.dll
2017-06-29 20:54 - 2017-06-19 23:43 - 00052224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dataclen.dll
2017-06-29 20:54 - 2017-06-19 23:42 - 00641024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certca.dll
2017-06-29 20:54 - 2017-06-19 23:42 - 00387584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Payments.dll
2017-06-29 20:54 - 2017-06-19 23:42 - 00226304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scksp.dll
2017-06-29 20:54 - 2017-06-19 23:42 - 00121856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sendmail.dll
2017-06-29 20:54 - 2017-06-19 23:41 - 00734208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcastdvr.exe
2017-06-29 20:54 - 2017-06-19 23:41 - 00646656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MbaeApi.dll
2017-06-29 20:54 - 2017-06-19 23:41 - 00601088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SndVolSSO.dll
2017-06-29 20:54 - 2017-06-19 23:41 - 00433152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Internal.Bluetooth.dll
2017-06-29 20:54 - 2017-06-19 23:41 - 00201216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credprovhost.dll
2017-06-29 20:54 - 2017-06-19 23:40 - 00342016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2017-06-29 20:54 - 2017-06-19 23:40 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AboveLockAppHost.dll
2017-06-29 20:54 - 2017-06-19 23:40 - 00230912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\edputil.dll
2017-06-29 20:54 - 2017-06-19 23:40 - 00038400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TokenBrokerUI.dll
2017-06-29 20:54 - 2017-06-19 23:39 - 02814464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\themeui.dll
2017-06-29 20:54 - 2017-06-19 23:39 - 00646144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mmsys.cpl
2017-06-29 20:54 - 2017-06-19 23:39 - 00471040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\VAN.dll
2017-06-29 20:54 - 2017-06-19 23:39 - 00312320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe
2017-06-29 20:54 - 2017-06-19 23:38 - 01171968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certutil.exe
2017-06-29 20:54 - 2017-06-19 23:38 - 00648192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SmartcardCredentialProvider.dll
2017-06-29 20:54 - 2017-06-19 23:35 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cldapi.dll
2017-06-29 20:54 - 2017-06-19 23:34 - 00760832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rasapi32.dll
2017-06-29 20:54 - 2017-06-19 23:31 - 00334848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PlayToDevice.dll
2017-06-29 20:54 - 2017-06-19 23:30 - 00209920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdmaud.drv
2017-06-29 20:54 - 2017-06-19 23:30 - 00157696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2017-06-29 20:54 - 2017-06-19 23:28 - 00584192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apphelp.dll
 
2017-06-29 20:00 - 2017-06-29 22:04 - 00000214 _____ C:\Windows\Tasks\CreateExplorerShellUnelevatedTask.job
2017-06-29 19:59 - 2017-06-29 19:59 - 00000000 ____D C:\Windows\pss
2017-06-29 19:18 - 2017-07-11 20:03 - 00000000 ____D C:\Users\Christopher\AppData\Local\ntuserlitelist
2017-06-29 09:01 - 2017-06-29 09:01 - 00000000 ____D C:\Program Files (x86)\VulkanRT
2017-06-29 09:01 - 2017-06-07 18:55 - 06467008 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2017-06-29 09:01 - 2017-06-07 18:55 - 02479552 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2017-06-29 09:01 - 2017-06-07 18:55 - 01762936 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2017-06-29 09:01 - 2017-06-07 18:55 - 00549312 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshext.dll
2017-06-29 09:01 - 2017-06-07 18:55 - 00392312 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2017-06-29 09:01 - 2017-06-07 18:55 - 00082040 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshextr.dll
2017-06-29 09:01 - 2017-06-07 18:55 - 00069568 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2017-06-29 09:01 - 2017-06-07 07:42 - 08075477 _____ C:\Windows\system32\nvcoproc.bin
2017-06-29 09:01 - 2017-03-10 16:17 - 00536864 _____ C:\Windows\system32\vulkan-1.dll
2017-06-29 09:01 - 2017-03-10 16:17 - 00525600 _____ C:\Windows\SysWOW64\vulkan-1.dll
2017-06-29 09:01 - 2017-03-10 16:17 - 00254240 _____ C:\Windows\system32\vulkaninfo.exe
2017-06-29 09:01 - 2017-03-10 16:17 - 00233760 _____ C:\Windows\SysWOW64\vulkaninfo.exe
2017-06-29 09:00 - 2017-06-07 19:01 - 00001951 _____ C:\Windows\NvContainerRecovery.bat
2017-06-29 08:59 - 2017-06-07 20:45 - 40201664 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2017-06-29 08:59 - 2017-06-07 20:45 - 35390584 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2017-06-29 08:59 - 2017-06-07 20:45 - 35281344 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2017-06-29 08:59 - 2017-06-07 20:45 - 28624320 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2017-06-29 08:59 - 2017-06-07 20:45 - 11056272 _____ (NVIDIA Corporation) C:\Windows\system32\nvptxJitCompiler.dll
2017-06-29 08:59 - 2017-06-07 20:45 - 11028664 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2017-06-29 08:59 - 2017-06-07 20:45 - 10551256 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2017-06-29 08:59 - 2017-06-07 20:45 - 09248144 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2017-06-29 08:59 - 2017-06-07 20:45 - 09014976 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvptxJitCompiler.dll
2017-06-29 08:59 - 2017-06-07 20:45 - 08808488 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2017-06-29 08:59 - 2017-06-07 20:45 - 04115112 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2017-06-29 08:59 - 2017-06-07 20:45 - 03796928 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2017-06-29 08:59 - 2017-06-07 20:45 - 03625992 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2017-06-29 08:59 - 2017-06-07 20:45 - 03256440 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2017-06-29 08:59 - 2017-06-07 20:45 - 01988216 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6438253.dll
2017-06-29 08:59 - 2017-06-07 20:45 - 01606776 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6438253.dll
2017-06-29 08:59 - 2017-06-07 20:45 - 01278712 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncMFTH264.dll
2017-06-29 08:59 - 2017-06-07 20:45 - 01056888 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2017-06-29 08:59 - 2017-06-07 20:45 - 00995736 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncMFTH264.dll
2017-06-29 08:59 - 2017-06-07 20:45 - 00994240 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2017-06-29 08:59 - 2017-06-07 20:45 - 00964216 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2017-06-29 08:59 - 2017-06-07 20:45 - 00914880 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2017-06-29 08:59 - 2017-06-07 20:45 - 00775864 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2017-06-29 08:59 - 2017-06-07 20:45 - 00725112 _____ (NVIDIA Corporation) C:\Windows\system32\nvDecMFTMjpeg.dll
2017-06-29 08:59 - 2017-06-07 20:45 - 00688784 _____ (NVIDIA Corporation) C:\Windows\system32\nvfatbinaryLoader.dll
2017-06-29 08:59 - 2017-06-07 20:45 - 00618928 _____ (NVIDIA Corporation) C:\Windows\system32\nvmcumd.dll
2017-06-29 08:59 - 2017-06-07 20:45 - 00612088 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2017-06-29 08:59 - 2017-06-07 20:45 - 00609728 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2017-06-29 08:59 - 2017-06-07 20:45 - 00584128 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvDecMFTMjpeg.dll
2017-06-29 08:59 - 2017-06-07 20:45 - 00577728 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvfatbinaryLoader.dll
2017-06-29 08:59 - 2017-06-07 20:45 - 00499320 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2017-06-29 08:59 - 2017-06-07 20:45 - 00057792 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvhci.sys
2017-06-29 08:59 - 2017-06-07 20:45 - 00045163 _____ C:\Windows\system32\nvinfo.pb
2017-06-29 08:59 - 2017-06-07 20:45 - 00000669 _____ C:\Windows\SysWOW64\nv-vk32.json
2017-06-29 08:59 - 2017-06-07 20:45 - 00000669 _____ C:\Windows\system32\nv-vk64.json
2017-06-29 08:47 - 2015-07-14 20:57 - 00887552 _____ (Realtek ) C:\Windows\system32\Drivers\rt640x64.sys
2017-06-29 08:47 - 2015-07-14 20:57 - 00082544 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RtNicProp64.dll
2017-06-29 08:44 - 2017-06-29 08:44 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2017-06-29 08:42 - 2017-06-29 08:42 - 00001769 _____ C:\Windows\Language_trs.ini
2017-06-29 08:12 - 2017-06-21 02:07 - 00179320 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll
2017-06-29 08:12 - 2017-06-21 02:07 - 00146552 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2017-06-29 05:56 - 2017-06-29 05:56 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_ASMBSW_01_11_00.Wdf
2017-06-29 05:55 - 2017-06-29 05:55 - 00000000 ____D C:\Windows\system32\DAX2
2017-06-29 05:55 - 2017-06-29 05:55 - 00000000 ____D C:\Program Files\ASUS
2017-06-29 05:55 - 2017-06-29 05:55 - 00000000 ____D C:\Program Files (x86)\ASUS
2017-06-29 05:55 - 2013-07-03 20:32 - 00028672 _____ (ASUSTek Computer Inc.) C:\Windows\SysWOW64\AsIO.dll
2017-06-29 05:55 - 2013-07-03 20:32 - 00015232 _____ C:\Windows\SysWOW64\Drivers\AsIO.sys
2017-06-26 13:55 - 2017-06-26 14:32 - 00000000 ____D C:\ProgramData\TEMP
2017-06-26 13:55 - 2017-06-26 13:55 - 00000000 ____D C:\Users\Christopher\AppData\Roaming\Product_NU16
2017-06-26 13:55 - 2017-06-26 13:55 - 00000000 ____D C:\ProgramData\Symantec
2017-06-26 13:43 - 2017-06-26 16:55 - 00000590 ____H C:\Windows\Tasks\Norton Product InstallerIdle.job
2017-06-26 13:43 - 2017-06-26 13:43 - 00003246 _____ C:\Windows\System32\Tasks\Norton Product InstallerIdle
2017-06-23 18:55 - 2017-06-23 18:55 - 00027552 _____ (REALiX(tm)) C:\Windows\SysWOW64\Drivers\HWiNFO64A.SYS
2017-06-23 18:55 - 2017-06-23 18:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HWiNFO32
2017-06-23 18:55 - 2017-06-23 18:55 - 00000000 ____D C:\Program Files (x86)\HWiNFO32
2017-06-23 18:50 - 2017-06-23 18:50 - 00000000 ____D C:\Users\Christopher\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RivaTuner Statistics Server
2017-06-23 18:24 - 2017-06-23 18:50 - 00000000 ____D C:\Windows\SysWOW64\directx
2017-06-23 18:23 - 2017-07-02 20:08 - 00000000 ____D C:\Program Files (x86)\MSI Afterburner
2017-06-23 18:23 - 2017-06-23 18:23 - 00001159 _____ C:\Users\Christopher\Desktop\MSI Afterburner.lnk
2017-06-23 18:23 - 2017-06-23 18:23 - 00000000 ____D C:\Users\Christopher\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MSI Afterburner
2017-06-19 20:04 - 2017-06-19 20:04 - 00000222 _____ C:\Users\Christopher\Desktop\The Witcher 3 Wild Hunt.url
2017-06-19 16:18 - 2017-06-19 16:18 - 00000222 _____ C:\Users\Christopher\Desktop\Portal Stories Mel.url
2017-06-19 14:45 - 2017-06-19 14:45 - 00000222 _____ C:\Users\Christopher\Desktop\Far Cry 4.url
2017-06-19 14:45 - 2017-06-19 14:45 - 00000000 ____D C:\ProgramData\Codemasters
2017-06-16 03:06 - 2017-06-16 03:06 - 00109696 _____ (Razer Inc.) C:\Windows\system32\RzChromaSDK64.dll
2017-06-16 03:06 - 2017-06-16 03:06 - 00102016 _____ (Razer Inc.) C:\Windows\SysWOW64\RzChromaSDK.dll
2017-06-16 02:54 - 2017-06-16 02:54 - 00049288 _____ (Razer Inc.) C:\Windows\SysWOW64\RzAPIChromaSDK.dll
2017-06-16 00:16 - 2017-06-16 00:16 - 00000000 ____D C:\Users\Christopher\AppData\Roaming\NomNomGalaxy
2017-06-15 23:58 - 2017-06-15 23:58 - 00000000 ____D C:\Program Files (x86)\Microsoft XNA
2017-06-13 17:48 - 2017-06-13 17:48 - 00000000 ____D C:\Windows\PCHEALTH
2017-06-13 17:47 - 2017-07-11 17:28 - 00794112 _____ (Microsoft Corporation) C:\Windows\system32\pwcreator.exe
2017-06-13 17:47 - 2017-06-03 05:15 - 01596600 _____ (Microsoft Corporation) C:\Windows\system32\gdi32full.dll
2017-06-13 17:47 - 2017-06-03 05:15 - 00382368 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2017-06-13 17:47 - 2017-06-03 05:10 - 00130464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tm.sys
2017-06-13 17:47 - 2017-06-03 05:09 - 01003624 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll
2017-06-13 17:47 - 2017-06-03 05:07 - 00119712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2017-06-13 17:47 - 2017-06-03 05:00 - 00321376 _____ (Microsoft Corporation) C:\Windows\system32\capauthz.dll
2017-06-13 17:47 - 2017-06-03 05:00 - 00219040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tpm.sys
2017-06-13 17:47 - 2017-06-03 04:59 - 01409048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32full.dll
2017-06-13 17:47 - 2017-06-03 04:59 - 00311200 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2017-06-13 17:47 - 2017-06-03 04:59 - 00259400 _____ (Microsoft Corporation) C:\Windows\system32\MusNotifyIcon.exe
2017-06-13 17:47 - 2017-06-03 04:58 - 00660384 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2017-06-13 17:47 - 2017-06-03 04:26 - 00266640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\capauthz.dll
2017-06-13 17:47 - 2017-06-03 04:23 - 00573856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll
2017-06-13 17:47 - 2017-06-03 04:14 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\dwmredir.dll
2017-06-13 17:47 - 2017-06-03 04:14 - 00099328 _____ (Microsoft Corporation) C:\Windows\system32\utcutil.dll
2017-06-13 17:47 - 2017-06-03 04:14 - 00047104 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2017-06-13 17:47 - 2017-06-03 04:12 - 00119296 _____ (Microsoft Corporation) C:\Windows\system32\UserDataTimeUtil.dll
2017-06-13 17:47 - 2017-06-03 04:11 - 00128000 _____ (Microsoft Corporation) C:\Windows\system32\mssprxy.dll
2017-06-13 17:47 - 2017-06-03 04:11 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\musdialoghandlers.dll
2017-06-13 17:47 - 2017-06-03 04:11 - 00038912 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2017-06-13 17:47 - 2017-06-03 04:11 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\BasicRender.sys
2017-06-13 17:47 - 2017-06-03 04:11 - 00002560 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2017-06-13 17:47 - 2017-06-03 04:10 - 00102400 _____ (Microsoft Corporation) C:\Windows\system32\MusNotificationUx.exe
2017-06-13 17:47 - 2017-06-03 04:10 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\DeviceCredentialDeployment.exe
2017-06-13 17:47 - 2017-06-03 04:09 - 00271872 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Security.Authentication.Identity.Provider.dll
2017-06-13 17:47 - 2017-06-03 04:09 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\devicengccredprov.dll
2017-06-13 17:47 - 2017-06-03 04:09 - 00094720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UserDataTimeUtil.dll
2017-06-13 17:47 - 2017-06-03 04:07 - 00778240 _____ C:\Windows\system32\MBR2GPT.EXE
2017-06-13 17:47 - 2017-06-03 04:07 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\bcdboot.exe
2017-06-13 17:47 - 2017-06-03 04:07 - 00002560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2017-06-13 17:47 - 2017-06-03 04:06 - 00551936 _____ (Microsoft Corporation) C:\Windows\system32\TpmCoreProvisioning.dll
2017-06-13 17:47 - 2017-06-03 04:05 - 00198656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Security.Authentication.Identity.Provider.dll
2017-06-13 17:47 - 2017-06-03 04:05 - 00169984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\devicengccredprov.dll
2017-06-13 17:47 - 2017-06-03 04:04 - 00805888 _____ (Microsoft Corporation) C:\Windows\system32\ieproxy.dll
2017-06-13 17:47 - 2017-06-03 04:03 - 00467456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TpmCoreProvisioning.dll
2017-06-13 17:47 - 2017-06-03 04:01 - 06726656 _____ (Microsoft Corporation) C:\Windows\system32\mspaint.exe
2017-06-13 17:47 - 2017-06-03 04:00 - 00933376 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe
2017-06-13 17:47 - 2017-06-03 04:00 - 00358400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieproxy.dll
2017-06-13 17:47 - 2017-06-03 03:59 - 02625024 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Logon.dll
2017-06-13 17:47 - 2017-06-03 03:59 - 00975360 _____ (Microsoft Corporation) C:\Windows\HelpPane.exe
2017-06-13 17:47 - 2017-06-03 03:58 - 02516480 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2017-06-13 17:47 - 2017-06-03 03:58 - 01046016 _____ (Microsoft Corporation) C:\Windows\system32\ngcsvc.dll
2017-06-13 17:47 - 2017-06-03 03:58 - 00827392 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2017-06-13 17:47 - 2017-06-03 03:57 - 06535168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mspaint.exe
2017-06-13 17:47 - 2017-06-03 03:57 - 00797184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchIndexer.exe
2017-06-13 17:47 - 2017-06-03 03:54 - 02341376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2017-06-13 17:47 - 2017-06-03 03:51 - 00064512 _____ (Microsoft Corporation) C:\Windows\bfsvc.exe

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-07-11 21:10 - 2017-05-23 16:58 - 00000000 ____D C:\Windows\system32\SleepStudy
2017-07-11 21:05 - 2015-10-22 20:48 - 00000000 ____D C:\Users\Christopher\AppData\Roaming\Skype
2017-07-11 20:37 - 2016-06-21 19:38 - 00000000 ____D C:\FRST
2017-07-11 20:36 - 2015-11-25 13:54 - 00000000 ____D C:\Users\Christopher\AppData\Local\CrashDumps
2017-07-11 20:36 - 2013-08-22 10:36 - 00000000 ___HD C:\Windows\system32\GroupPolicy
2017-07-11 20:11 - 2017-05-23 17:08 - 01989500 _____ C:\Windows\system32\PerfStringBackup.INI
2017-07-11 20:10 - 2017-03-18 16:03 - 00000000 ____D C:\Windows\AppReadiness
2017-07-11 20:05 - 2017-05-23 17:05 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2017-07-11 20:05 - 2017-05-23 16:59 - 00000180 _____ C:\Windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2017-07-11 20:05 - 2017-05-23 16:59 - 00000000 ____D C:\ProgramData\NVIDIA
2017-07-11 20:05 - 2016-04-21 18:21 - 00000000 ____D C:\Users\Christopher\AppData\Local\LogMeIn Hamachi
2017-07-11 20:05 - 2015-08-12 19:19 - 00000000 ___RD C:\Users\Christopher\Google Drive
2017-07-11 20:05 - 2015-06-20 22:58 - 00000000 ____D C:\Program Files (x86)\Steam
2017-07-11 20:05 - 2015-06-20 22:46 - 00000000 __RDO C:\Users\Christopher\OneDrive
2017-07-11 20:04 - 2017-03-18 06:40 - 01048576 _____ C:\Windows\system32\config\BBI
2017-07-11 19:58 - 2017-05-23 17:00 - 00000000 ____D C:\Users\Christopher
2017-07-11 17:43 - 2015-10-19 18:58 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2017-07-11 17:41 - 2017-03-18 16:01 - 00000000 ____D C:\Windows\INF
2017-07-11 17:30 - 2015-07-30 19:02 - 00000000 __RHD C:\Users\Public\AccountPictures
2017-07-11 17:29 - 2017-05-23 16:58 - 00442928 _____ C:\Windows\system32\FNTCACHE.DAT
2017-07-11 17:29 - 2017-03-18 16:03 - 00000000 ___RD C:\Windows\ImmersiveControlPanel
2017-07-11 17:29 - 2017-03-18 16:03 - 00000000 ____D C:\Windows\system32\oobe
2017-07-11 17:29 - 2017-03-18 16:03 - 00000000 ____D C:\Windows\PolicyDefinitions
2017-07-11 17:29 - 2017-03-18 16:03 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2017-07-11 17:29 - 2017-03-18 16:03 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2017-07-11 13:03 - 2017-03-18 15:51 - 00000000 ____D C:\Windows\CbsTemp
2017-07-11 13:02 - 2015-06-22 19:04 - 00000000 ____D C:\Windows\system32\MRT
2017-07-11 13:01 - 2015-06-22 19:04 - 135225752 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2017-07-11 12:28 - 2017-06-07 13:43 - 00000000 ____D C:\ProgramData\AVAST Software
2017-07-11 09:48 - 2015-08-18 21:10 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2017-07-11 09:44 - 2017-05-23 17:05 - 00004572 _____ C:\Windows\System32\Tasks\Adobe Flash Player PPAPI Notifier
2017-07-11 09:44 - 2017-03-18 16:03 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2017-07-11 09:44 - 2017-03-18 16:03 - 00000000 ____D C:\Windows\system32\Macromed
2017-07-10 23:58 - 2017-03-18 16:03 - 00000000 ___HD C:\Program Files\WindowsApps
2017-07-10 22:32 - 2016-11-17 20:21 - 00000000 ____D C:\Users\Christopher\AppData\LocalLow\Mozilla
2017-07-10 22:00 - 2015-06-20 22:48 - 00000000 ____D C:\Users\Christopher\AppData\Local\Google
2017-07-10 13:26 - 2016-09-27 06:33 - 00000000 ____D C:\Users\Default\AppData\Local\LogMeIn Hamachi
2017-07-10 13:26 - 2016-09-27 06:33 - 00000000 ____D C:\Users\Default User\AppData\Local\LogMeIn Hamachi
2017-07-10 13:23 - 2017-06-05 02:23 - 00000169 _____ C:\Users\Christopher\BullseyeCoverageError.txt
2017-07-10 13:23 - 2017-06-05 02:22 - 00000153 _____ C:\Users\Default\BullseyeCoverageError.txt
2017-07-10 13:23 - 2016-04-21 18:20 - 00000995 _____ C:\Users\Public\Desktop\LogMeIn Hamachi.lnk
2017-07-09 09:58 - 2016-05-03 18:57 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2017-07-08 00:32 - 2015-09-02 17:31 - 00000000 ____D C:\Users\Christopher\AppData\Local\Battle.net
2017-07-07 23:32 - 2015-09-02 17:31 - 00000000 ____D C:\Program Files (x86)\Battle.net
2017-07-04 13:23 - 2015-12-11 20:30 - 00000000 ____D C:\Users\Christopher\AppData\Roaming\uTorrent
2017-07-04 13:00 - 2015-07-01 18:23 - 00000000 ____D C:\Users\Christopher\AppData\Roaming\vlc
2017-07-04 11:27 - 2017-02-14 21:15 - 00001040 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 12.lnk
2017-07-04 11:27 - 2017-02-14 21:15 - 00001028 _____ C:\Users\Public\Desktop\TeamViewer 12.lnk
2017-07-03 23:41 - 2015-08-01 10:08 - 00000000 ____D C:\Users\Christopher\AppData\Local\ElevatedDiagnostics
2017-07-03 23:40 - 2017-03-18 16:03 - 00000000 ____D C:\Windows\system32\NDF
2017-07-03 23:34 - 2017-05-23 16:16 - 00000000 ___DC C:\Windows\Panther
2017-07-03 21:39 - 2017-03-18 16:03 - 00000000 ____D C:\Windows\rescache
2017-07-03 13:54 - 2015-06-20 22:44 - 00000000 ____D C:\Users\Christopher\AppData\Local\Packages
2017-07-03 13:53 - 2017-03-18 16:03 - 00000000 ____D C:\Windows\SystemApps
2017-07-03 13:53 - 2017-03-18 16:03 - 00000000 ____D C:\Windows\security
2017-07-03 13:53 - 2017-03-18 16:03 - 00000000 ____D C:\Windows\schemas
2017-07-03 13:53 - 2017-03-18 16:03 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2017-07-03 13:50 - 2017-05-23 16:59 - 00027136 _____ (Khronos Group) C:\Windows\SysWOW64\opencl.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 02376096 _____ (Microsoft Corporation) C:\Windows\system32\Microsoft.Uev.AppAgent.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 02194944 _____ (Microsoft Corporation) C:\Windows\system32\Microsoft.Uev.ModernAppAgent.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 01955328 _____ (Microsoft Corporation) C:\Windows\system32\PeerDistSvc.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 01624480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Microsoft.Uev.AppAgent.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 01317888 _____ (Microsoft Corporation) C:\Windows\system32\srmclient.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 01200640 _____ (Microsoft Corporation) C:\Windows\system32\AgentService.exe
2017-07-03 13:50 - 2017-03-18 15:59 - 01197056 _____ (Microsoft Corporation) C:\Windows\system32\Microsoft.Uev.CommonBridge.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 01141760 _____ (Microsoft Corporation) C:\Windows\system32\ApplySettingsTemplateCatalog.exe
2017-07-03 13:50 - 2017-03-18 15:59 - 00912896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srmclient.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00804864 _____ (Microsoft Corporation) C:\Windows\system32\fvewiz.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00800256 _____ (Microsoft Corporation) C:\Windows\system32\pmcsnap.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00785920 _____ (Microsoft Corporation) C:\Windows\system32\cscui.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00751616 _____ (Microsoft Corporation) C:\Windows\system32\Microsoft.Uev.PrinterCustomActions.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\Microsoft.Uev.Office2013CustomActions.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00725504 _____ (Microsoft Corporation) C:\Windows\system32\cscsvc.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\PeerDistCacheProvider.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00664576 _____ (Microsoft Corporation) C:\Windows\system32\gpprefcl.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00662016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvgogl32.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00637440 _____ (Microsoft Corporation) C:\Windows\system32\srmscan.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00559104 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\csc.sys
2017-07-03 13:50 - 2017-03-18 15:59 - 00556032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gpprefcl.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00548864 _____ (Microsoft Corporation) C:\Windows\system32\AdmTmpl.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00546304 _____ (Microsoft Corporation) C:\Windows\system32\scrptadm.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00498688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Microsoft.Uev.Office2013CustomActions.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00473088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrptadm.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00457216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srmscan.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00448000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AdmTmpl.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00448000 _____ (Microsoft Corporation) C:\Windows\system32\appmgr.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00416256 _____ (Microsoft Corporation) C:\Windows\system32\PeerDistSh.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00413184 _____ (Microsoft Corporation) C:\Windows\system32\rdpshell.exe
2017-07-03 13:50 - 2017-03-18 15:59 - 00409600 _____ (Microsoft Corporation) C:\Windows\system32\AppIdPolicyEngineApi.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00407552 _____ (Microsoft Corporation) C:\Windows\system32\Microsoft.Uev.CscUnpinTool.exe
2017-07-03 13:50 - 2017-03-18 15:59 - 00364032 _____ (Microsoft Corporation) C:\Windows\system32\bdechangepin.exe
2017-07-03 13:50 - 2017-03-18 15:59 - 00363520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appmgr.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00345600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PeerDistSh.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\fvecpl.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00316416 _____ (Microsoft Corporation) C:\Windows\system32\rdpinit.exe
2017-07-03 13:50 - 2017-03-18 15:59 - 00312832 _____ (Microsoft Corporation) C:\Windows\system32\SrpUxNativeSnapIn.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00304640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SrpUxNativeSnapIn.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Microsoft.Uev.ConfigWrapper.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00289280 _____ (Microsoft Corporation) C:\Windows\system32\cscobj.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00287744 _____ (Microsoft Corporation) C:\Windows\system32\Microsoft.Uev.ManagedEventLogging.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00283136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppIdPolicyEngineApi.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00282112 _____ (Microsoft Corporation) C:\Windows\system32\ddputils.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00280064 _____ (Microsoft Corporation) C:\Windows\system32\srm.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srm.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00275456 _____ (Microsoft Corporation) C:\Windows\system32\srmstormod.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00264608 _____ (Microsoft Corporation) C:\Windows\system32\AppVFileSystemMetadata.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00261632 _____ (Microsoft Corporation) C:\Windows\system32\ppcsnap.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00235424 _____ (Microsoft Corporation) C:\Windows\system32\AppVShNotify.exe
2017-07-03 13:50 - 2017-03-18 15:59 - 00232352 _____ (Microsoft Corporation) C:\Windows\system32\AppVStreamMap.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00230816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mssecflt.sys
2017-07-03 13:50 - 2017-03-18 15:59 - 00229888 _____ (Microsoft Corporation) C:\Windows\system32\ddpchunk.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00224256 _____ (Microsoft Corporation) C:\Windows\system32\appvetwsharedperformance.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00224256 _____ (Microsoft Corporation) C:\Windows\system32\AppvClientEventLog.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\AuditNativeSnapIn.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00222720 _____ (Microsoft Corporation) C:\Windows\system32\PeerDist.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00222208 _____ (Microsoft Corporation) C:\Windows\system32\PresentationSettings.exe
2017-07-03 13:50 - 2017-03-18 15:59 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\PeerDistCleaner.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00220672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AuditNativeSnapIn.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00219136 _____ (Microsoft Corporation) C:\Windows\system32\tspubwmi.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00219136 _____ (Microsoft Corporation) C:\Windows\system32\tscfgwmi.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00212992 _____ (Microsoft Corporation) C:\Windows\system32\Microsoft.Uev.CmUtil.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00210432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscobj.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00203672 _____ (Microsoft Corporation) C:\Windows\system32\AppVStreamingUX.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00196096 _____ (Microsoft Corporation) C:\Windows\system32\appmgmts.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00189440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srmstormod.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00186272 _____ (Microsoft Corporation) C:\Windows\system32\AppVDllSurrogate.exe
2017-07-03 13:50 - 2017-03-18 15:59 - 00184224 _____ (Microsoft Corporation) C:\Windows\system32\mavinject.exe
2017-07-03 13:50 - 2017-03-18 15:59 - 00182784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvgocl32.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00182784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PeerDist.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00181760 _____ (Microsoft Corporation) C:\Windows\system32\tssrvlic.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00181760 _____ (Microsoft Corporation) C:\Windows\system32\PeerDistWSDDiscoProv.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00173984 _____ (Microsoft Corporation) C:\Windows\system32\AppVNice.exe
2017-07-03 13:50 - 2017-03-18 15:59 - 00170496 _____ (Microsoft Corporation) C:\Windows\system32\srmshell.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appmgmts.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00162816 _____ (Microsoft Corporation) C:\Windows\system32\fveprompt.exe
2017-07-03 13:50 - 2017-03-18 15:59 - 00161696 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\AppvVemgr.sys
2017-07-03 13:50 - 2017-03-18 15:59 - 00154112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvgu1132.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00149920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mavinject.exe
2017-07-03 13:50 - 2017-03-18 15:59 - 00147439 _____ C:\Windows\SysWOW64\gpedit.msc
2017-07-03 13:50 - 2017-03-18 15:59 - 00147439 _____ C:\Windows\system32\gpedit.msc
2017-07-03 13:50 - 2017-03-18 15:59 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\AppManagementConfiguration.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00146389 _____ C:\Windows\system32\printmanagement.msc
2017-07-03 13:50 - 2017-03-18 15:59 - 00145408 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Internal.Management.SecureAssessment.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00143776 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\AppvVfs.sys
2017-07-03 13:50 - 2017-03-18 15:59 - 00143264 _____ (Microsoft Corporation) C:\Windows\system32\CscMig.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00139264 ____R (Microsoft Corporation)
 
C:\Windows\system32\SecureAssessmentHandlers.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ddptrace.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00135168 _____ (Microsoft Corporation) C:\Windows\system32\adrclient.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00133632 _____ (Microsoft Corporation) C:\Windows\system32\appvetwclientres.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00132608 _____ (Microsoft Corporation) C:\Windows\system32\BdeHdCfg.exe
2017-07-03 13:50 - 2017-03-18 15:59 - 00129024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppManagementConfiguration.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00127904 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\AppVStrm.sys
2017-07-03 13:50 - 2017-03-18 15:59 - 00124416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srmshell.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00120458 _____ C:\Windows\system32\secpol.msc
2017-07-03 13:50 - 2017-03-18 15:59 - 00119808 _____ (Microsoft Corporation) C:\Windows\system32\IoTAssignedAccessLockFramework.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00113152 _____ (Microsoft Corporation) C:\Windows\system32\baaupdate.exe
2017-07-03 13:50 - 2017-03-18 15:59 - 00106496 _____ C:\Windows\system32\RDVGHelper.exe
2017-07-03 13:50 - 2017-03-18 15:59 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\BdeHdCfgLib.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00102400 _____ (Microsoft Corporation) C:\Windows\system32\BitLockerWizardElev.exe
2017-07-03 13:50 - 2017-03-18 15:59 - 00102400 _____ (Microsoft Corporation) C:\Windows\system32\BitLockerWizard.exe
2017-07-03 13:50 - 2017-03-18 15:59 - 00099328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adrclient.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00097792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvgumd32.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00096256 ____R (Microsoft Corporation) C:\Windows\system32\Windows.Management.SecureAssessment.CfgProvider.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00096256 _____ (Microsoft Corporation) C:\Windows\system32\AssignedAccessCsp.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00095744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpolmsg.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\auditpolmsg.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00091136 _____ C:\Windows\system32\hvsigpext.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00090112 _____ C:\Windows\system32\hvsievaluator.exe
2017-07-03 13:50 - 2017-03-18 15:59 - 00090112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srmlib.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\srmlib.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00087552 _____ (Microsoft Corporation) C:\Windows\system32\EnterpriseAppVMgmtCSP.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\rdpsign.exe
2017-07-03 13:50 - 2017-03-18 15:59 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\srmtrace.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\PackageInspector.exe
2017-07-03 13:50 - 2017-03-18 15:59 - 00082944 _____ (Microsoft Corporation) C:\Windows\system32\Microsoft.Uev.SyncController.exe
2017-07-03 13:50 - 2017-03-18 15:59 - 00080384 _____ (Microsoft Corporation) C:\Windows\system32\dggpext.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00077216 _____ (Microsoft Corporation) C:\Windows\system32\SyncAppvPublishingServer.exe
2017-07-03 13:50 - 2017-03-18 15:59 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\mssecuser.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\AuditPolicyGPInterop.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00071680 _____ (Microsoft Corporation) C:\Windows\system32\PrintBrmUi.exe
2017-07-03 13:50 - 2017-03-18 15:59 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\Microsoft.Uev.Common.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\ddp_ps.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00064512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srmtrace.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00060928 _____ (Microsoft Corporation) C:\Windows\system32\LSCSHostPolicy.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00058368 _____ (Microsoft Corporation) C:\Windows\system32\Microsoft.Uev.ModernAppCore.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AuditPolicyGPInterop.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\UevAppMonitor.exe
2017-07-03 13:50 - 2017-03-18 15:59 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\PeerDistHttpTrans.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00054272 _____ (Microsoft Corporation) C:\Windows\system32\Microsoft.Uev.CabUtil.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\windowsdefenderapplicationguardcsp.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\gpscript.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\Microsoft.Uev.EventLogMessages.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00045568 _____ (Microsoft Corporation) C:\Windows\system32\Microsoft.Uev.Office2010CustomActions.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\gpscript.exe
2017-07-03 13:50 - 2017-03-18 15:59 - 00043566 _____ C:\Windows\SysWOW64\rsop.msc
2017-07-03 13:50 - 2017-03-18 15:59 - 00043566 _____ C:\Windows\system32\rsop.msc
2017-07-03 13:50 - 2017-03-18 15:59 - 00042400 _____ (Microsoft Corporation) C:\Windows\system32\EmbeddedAppLauncherConfig.exe
2017-07-03 13:50 - 2017-03-18 15:59 - 00041472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gpscript.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\PeerDistAD.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00041376 _____ (Microsoft Corporation) C:\Windows\system32\AppVClientPS.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00040960 _____ (Microsoft Corporation) C:\Windows\system32\UevAgentPolicyGenerator.exe
2017-07-03 13:50 - 2017-03-18 15:59 - 00040864 _____ (Microsoft Corporation) C:\Windows\system32\EmbeddedAppLauncherConfig.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00040344 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\UevAgentDriver.sys
2017-07-03 13:50 - 2017-03-18 15:59 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\CIWmi.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00037888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gpscript.exe
2017-07-03 13:50 - 2017-03-18 15:59 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\rfxvmt.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Microsoft.Uev.Office2010CustomActions.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rfxvmt.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00031744 _____ (Microsoft Corporation) C:\Windows\system32\srm_ps.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00030720 _____ C:\Windows\system32\LockdownUtil.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\qwinsta.exe
2017-07-03 13:50 - 2017-03-18 15:59 - 00027648 _____ (Microsoft Corporation) C:\Windows\system32\qprocess.exe
2017-07-03 13:50 - 2017-03-18 15:59 - 00027040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppVClientPS.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00026624 _____ (Microsoft Corporation) C:\Windows\system32\lstelemetry.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00026112 _____ (Microsoft Corporation) C:\Windows\system32\msg.exe
2017-07-03 13:50 - 2017-03-18 15:59 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Win32_DeviceGuard.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\quser.exe
2017-07-03 13:50 - 2017-03-18 15:59 - 00024992 _____ (Microsoft Corporation) C:\Windows\system32\embeddedapplauncher.exe
2017-07-03 13:50 - 2017-03-18 15:59 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\qappsrv.exe
2017-07-03 13:50 - 2017-03-18 15:59 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\chgport.exe
2017-07-03 13:50 - 2017-03-18 15:59 - 00024064 _____ (Microsoft Corporation) C:\Windows\system32\tskill.exe
2017-07-03 13:50 - 2017-03-18 15:59 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\tsdiscon.exe
2017-07-03 13:50 - 2017-03-18 15:59 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\tscon.exe
2017-07-03 13:50 - 2017-03-18 15:59 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\Microsoft.Uev.Management.WmiAccess.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00023040 _____ (Microsoft Corporation) C:\Windows\system32\rwinsta.exe
2017-07-03 13:50 - 2017-03-18 15:59 - 00023040 _____ (Microsoft Corporation) C:\Windows\system32\logoff.exe
2017-07-03 13:50 - 2017-03-18 15:59 - 00023040 _____ (Microsoft Corporation) C:\Windows\system32\chglogon.exe
2017-07-03 13:50 - 2017-03-18 15:59 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\chgusr.exe
2017-07-03 13:50 - 2017-03-18 15:59 - 00021920 _____ (Microsoft Corporation) C:\Windows\system32\ScriptRunner.exe
2017-07-03 13:50 - 2017-03-18 15:59 - 00021504 _____ (Microsoft Corporation) C:\Windows\system32\Microsoft.Uev.Management.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00020992 _____ (Microsoft Corporation) C:\Windows\system32\Microsoft.Uev.ModernAppData.WinRT.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00019872 _____ (Microsoft Corporation) C:\Windows\system32\AppVTerminator.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\Microsoft.Uev.SyncCommon.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00018432 _____ (Microsoft Corporation) C:\Windows\system32\Microsoft.Uev.Common.WinRT.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00018336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppVTerminator.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\Microsoft.Uev.LocalSyncProvider.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\reset.exe
2017-07-03 13:50 - 2017-03-18 15:59 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\change.exe
2017-07-03 13:50 - 2017-03-18 15:59 - 00016896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srm_ps.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00016896 _____ (Microsoft Corporation) C:\Windows\system32\query.exe
2017-07-03 13:50 - 2017-03-18 15:59 - 00015264 _____ (Microsoft Corporation) C:\Windows\system32\AppVSentinel.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\Microsoft.Uev.ModernSync.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\UevTemplateBaselineGenerator.exe
2017-07-03 13:50 - 2017-03-18 15:59 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\Microsoft.Uev.AgentDriverEvents.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\appvetwstreamingux.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00013728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppVSentinel.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\UevTemplateConfigItemGenerator.exe
2017-07-03 13:50 - 2017-03-18 15:59 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\TSErrRedir.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\BdeSysprep.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\Microsoft.Uev.SmbSyncProvider.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00008192 _____ (Microsoft Corporation) C:\Windows\system32\Microsoft.Uev.MonitorSyncProvider.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00007680 _____ (Microsoft Corporation) C:\Windows\system32\Microsoft.Uev.SyncConditions.dll
2017-07-03 13:50 - 2017-03-18 15:59 - 00006144 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Management.SecureAssessment.Diagnostics.dll
2017-07-03 13:50 - 2017-03-18 15:56 - 00125952 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tsusbhub.sys
2017-07-02 20:08 - 2016-10-09 08:34 - 00000000 ____D C:\Program Files (x86)\RivaTuner Statistics Server
2017-07-02 19:47 - 2016-05-10 18:18 - 00013848 _____ C:\Windows\system32\--traceoff
2017-07-02 19:46 - 2016-05-10 18:14 - 00000000 ____D C:\Users\Christopher\AppData\Roaming\Sony
2017-07-02 00:20 - 2015-10-24 21:40 - 00000000 ____D C:\Users\Christopher\AppData\Roaming\Audacity
2017-06-29 23:47 - 2015-10-09 16:29 - 00000000 ____D C:\ProgramData\Origin
2017-06-29 23:45 - 2016-04-23 22:02 - 00000000 ____D C:\Users\Christopher\AppData\Roaming\Opera Software
2017-06-29 23:45 - 2016-04-23 22:02 - 00000000 ____D C:\Users\Christopher\AppData\Local\Opera Software
2017-06-29 23:39 - 2015-10-09 16:31 - 00000000 ____D C:\Users\Christopher\AppData\Roaming\Origin
2017-06-29 23:30 - 2016-05-23 14:36 - 00000000 ____D C:\Users\Christopher\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Hammer & Chisel, Inc
2017-06-29 23:30 - 2016-05-23 14:36 - 00000000 ____D C:\Users\Christopher\AppData\Local\Discord
2017-06-29 23:22 - 2017-03-18 16:03 - 00000000 ___SD C:\Windows\SysWOW64\F12
2017-06-29 23:22 - 2017-03-18 16:03 - 00000000 ___SD C:\Windows\system32\F12
2017-06-29 23:22 - 2017-03-18 16:03 - 00000000 ___RD C:\Program Files\Windows Defender
2017-06-29 23:22 - 2017-03-18 16:03 - 00000000 ____D C:\Windows\system32\migwiz
2017-06-29 23:22 - 2017-03-18 16:03 - 00000000 ____D C:\Windows\system32\appraiser
2017-06-29 23:22 - 2017-03-18 16:03 - 00000000 ____D C:\Windows\ShellExperiences
2017-06-29 23:22 - 2017-03-18 16:03 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2017-06-29 21:59 - 2016-09-21 06:17 - 00000000 ____D C:\Program Files (x86)\Opera
2017-06-29 21:59 - 2015-06-20 22:48 - 00000000 ____D C:\Program Files (x86)\Google
2017-06-29 19:26 - 2017-05-07 13:02 - 00000000 ____D C:\Users\Christopher\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Image-Line
2017-06-29 19:26 - 2017-05-07 13:02 - 00000000 ____D C:\Program Files\Image-Line
2017-06-29 19:26 - 2017-05-07 12:58 - 00000000 ____D C:\Program Files (x86)\Image-Line
2017-06-29 19:20 - 2015-06-24 12:44 - 00000000 ____D C:\Users\Christopher\AppData\Local\Ubisoft Game Launcher
2017-06-29 13:58 - 2016-11-14 19:12 - 00000000 ____D C:\Program Files (x86)\REALTEK USB Wireless LAN Driver
2017-06-29 09:01 - 2017-05-23 16:59 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2017-06-29 09:01 - 2017-03-18 16:03 - 00000000 ____D C:\Windows\Help
2017-06-29 09:01 - 2015-08-07 15:16 - 00000000 ____D C:\Temp
2017-06-29 09:00 - 2017-05-23 16:59 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2017-06-29 09:00 - 2017-05-23 16:59 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2017-06-29 08:47 - 2015-06-21 14:48 - 00000000 ____D C:\Program Files (x86)\Realtek
2017-06-29 08:44 - 2017-05-23 16:59 - 00000000 ____D C:\Program Files\Intel
2017-06-29 08:42 - 2015-08-05 23:57 - 00000000 ____D C:\ProgramData\Package Cache
2017-06-29 08:12 - 2017-05-23 17:05 - 00004308 _____ C:\Windows\System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-06-29 08:12 - 2017-05-23 17:05 - 00004000 _____ C:\Windows\System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-06-29 08:12 - 2017-05-23 17:05 - 00003994 _____ C:\Windows\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-06-29 08:12 - 2017-05-23 17:05 - 00003894 _____ C:\Windows\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-06-29 08:12 - 2017-05-23 17:05 - 00003866 _____ C:\Windows\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-06-29 08:12 - 2017-05-23 17:05 - 00003858 _____ C:\Windows\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-06-29 08:12 - 2017-05-23 17:05 - 00003696 _____ C:\Windows\System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-06-29 08:12 - 2017-05-23 17:05 - 00003654 _____ C:\Windows\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-06-29 08:12 - 2016-09-08 17:09 - 00001489 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2017-06-29 05:55 - 2017-05-23 16:59 - 00000000 ____D C:\Windows\SysWOW64\RTCOM
2017-06-27 11:13 - 2015-11-30 22:53 - 00000000 ____D C:\Program Files (x86)\Origin
2017-06-26 14:36 - 2015-08-18 21:14 - 00000000 ____D C:\Users\Christopher\AppData\LocalLow\Adobe
2017-06-25 18:43 - 2017-02-24 20:24 - 00604200 _____ C:\Windows\system32\Drivers\EasyAntiCheat.sys
2017-06-22 17:24 - 2015-06-21 22:55 - 00000000 ____D C:\Fraps
2017-06-22 16:18 - 2017-05-23 17:05 - 00003266 _____ C:\Windows\System32\Tasks\CAM
2017-06-22 16:12 - 2017-02-24 20:24 - 00000000 ____D C:\Users\Christopher\AppData\Roaming\EasyAntiCheat
2017-06-21 02:07 - 2017-05-11 20:04 - 00048248 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2017-06-21 02:07 - 2016-09-08 17:09 - 01903224 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2017-06-21 02:07 - 2016-09-08 17:09 - 01755256 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll
2017-06-21 02:07 - 2016-09-08 17:09 - 01489528 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2017-06-21 02:07 - 2016-09-08 17:09 - 01317496 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll
2017-06-21 02:07 - 2016-09-08 17:09 - 00121464 _____ C:\Windows\system32\NvRtmpStreamer64.dll
2017-06-20 16:15 - 2017-05-23 17:05 - 00003310 _____ C:\Windows\System32\Tasks\OneDrive Standalone Update Task v2
2017-06-20 16:15 - 2015-07-30 19:06 - 00002385 _____ C:\Users\Christopher\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-06-20 15:58 - 2017-01-07 12:00 - 00001951 _____ C:\Windows\NvTelemetryContainerRecovery.bat
2017-06-19 14:44 - 2017-03-02 00:24 - 00466456 _____ (Creative Labs) C:\Windows\system32\wrap_oal.dll
2017-06-19 14:44 - 2017-03-02 00:24 - 00444952 _____ (Creative Labs) C:\Windows\SysWOW64\wrap_oal.dll
2017-06-19 14:44 - 2017-03-02 00:24 - 00122904 _____ (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\Windows\system32\OpenAL32.dll
2017-06-19 14:44 - 2017-03-02 00:24 - 00109080 _____ (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\Windows\SysWOW64\OpenAL32.dll
2017-06-17 21:55 - 2015-07-26 19:45 - 00000000 ____D C:\Users\Christopher\AppData\Local\Spotify
2017-06-17 18:02 - 2015-07-26 19:44 - 00000000 ____D C:\Users\Christopher\AppData\Roaming\Spotify
2017-06-17 14:22 - 2015-08-18 21:09 - 00000000 ____D C:\Users\Christopher\AppData\Local\Adobe
2017-06-14 00:10 - 2017-05-23 17:05 - 00004386 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2017-06-13 17:48 - 2013-08-22 08:25 - 00000175 _____ C:\Windows\win.ini

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2017-07-08 09:23

==================== End of FRST.txt ============================
 
Addition.txt

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 11-07-2017
Ran by ChristopherAubert (11-07-2017 21:11:40)
Running from C:\Users\Christopher\Desktop
Windows 10 Pro Version 1703 (X64) (2017-05-23 22:08:51)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-3319825686-2643767977-2016650390-500 - Administrator - Disabled)
ChristopherAubert (S-1-5-21-3319825686-2643767977-2016650390-1001 - Administrator - Enabled) => C:\Users\Christopher
DefaultAccount (S-1-5-21-3319825686-2643767977-2016650390-503 - Limited - Disabled)
Guest (S-1-5-21-3319825686-2643767977-2016650390-501 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-3319825686-2643767977-2016650390-1001\...\uTorrent) (Version: 3.5.0.43916 - BitTorrent Inc.)
4K Video Downloader 4.2 (HKLM-x32\...\4K Video Downloader_is1) (Version: 4.2.0.2175 - Open Media LLC)
4K YouTube to MP3 3.0 (HKLM-x32\...\4K YouTube to MP3_is1) (Version: 3.0.1.1636 - Open Media LLC)
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 17.009.20058 - Adobe Systems Incorporated)
Adobe Flash Player 26 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 26.0.0.137 - Adobe Systems Incorporated)
Adobe Flash Player 26 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 26.0.0.137 - Adobe Systems Incorporated)
Ansel (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Ansel) (Version: 382.53 - NVIDIA Corporation) Hidden
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.12 - Michael Tippach)
Audacity 2.1.1 (HKLM-x32\...\Audacity®_is1) (Version: 2.1.1 - Audacity Team)
Balabolka (HKLM-x32\...\Balabolka) (Version: 2.11.0.616 - Ilya Morozov)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.3.0 - EA Digital Illusions CE AB)
Blackboard Collaborate Launcher (HKLM-x32\...\{C4F79F84-C509-48B0-81B8-3C2FA2182406}) (Version: 1.6.0.0 - Blackboard)
BlueJ (HKLM-x32\...\{7D66971C-652B-4065-A6B1-B3EE313C254B}) (Version: 3.1.5 - BlueJ Team)
Borderlands 2 (HKLM-x32\...\Steam App 49520) (Version: - Gearbox Software)
Chrome Remote Desktop Host (HKLM-x32\...\{BAF2702F-FB88-48E4-A305-588DB8FDD834}) (Version: 59.0.3071.47 - Google Inc.)
Counter-Strike: Global Offensive (HKLM\...\Steam App 730) (Version: - Valve)
CPUID HWMonitor 1.30 (HKLM\...\CPUID HWMonitor_is1) (Version: - )
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.4.0.0192 - Disc Soft Ltd)
Elgato Game Capture HD (HKLM-x32\...\{FAC1D41C-C800-467B-8C8D-97FBF6F5BBF1}) (Version: 2.20.9.1066 - Elgato Systems GmbH)
EVGA PrecisionX 16 (HKLM-x32\...\{425A0AAA-B049-4356-A81E-E089BC5AE934}) (Version: 5.3.10 - EVGA Corporation)
Far Cry 4 (HKLM\...\Steam App 298110) (Version: - Ubisoft Montreal, Red Storm, Shanghai, Toronto, Kiev)
FL Studio 12 (HKLM-x32\...\FL Studio 12) (Version: - Image-Line)
FL Studio ASIO (HKLM-x32\...\FL Studio ASIO) (Version: - Image-Line)
Fraps (HKLM-x32\...\Fraps) (Version: - )
Game Capture HD60 Pro v1.1.0.149 (HKLM-x32\...\Software_Elgato_Game Capture HD60 Pro) (Version: 1.1.0.149 - Elgato Systems)
Game Capture HD60 v2.1.1.3 (HKLM-x32\...\Software_Elgato_Game Capture HD60) (Version: 2.1.1.3 - Elgato Systems)
GIMP 2.8.14 (HKLM\...\GIMP-2_is1) (Version: 2.8.14 - The GIMP Team)
Google Chrome (HKU\S-1-5-21-3319825686-2643767977-2016650390-1001\...\Google Chrome) (Version: 59.0.3071.115 - Google Inc.)
Google Drive (HKLM-x32\...\{A1238426-ECDF-4639-BE2F-8D12A97AE23C}) (Version: 2.34.5075.1619 - Google, Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.5 - Google Inc.) Hidden
Half-Life (HKLM\...\Steam App 70) (Version: - Valve)
Half-Life 2 (HKLM\...\Steam App 220) (Version: - Valve)
HandBrake 0.10.5 (HKLM-x32\...\HandBrake) (Version: 0.10.5 - )
HWiNFO32 Version 5.52 (HKLM-x32\...\HWiNFO32_is1) (Version: 5.52 - Martin Malík - REALiX)
Intel(R) Chipset Device Software (HKLM-x32\...\{60c073df-e736-4210-9c3a-5fc2b651cef3}) (Version: 10.1.1.7 - Intel(R) Corporation) Hidden
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4531 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 14.5.0.1081 - Intel Corporation)
Java 8 Update 131 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180131F0}) (Version: 8.0.1310.11 - Oracle Corporation)
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version: - )
Live 8.2.2 (HKLM-x32\...\Live 8.2.2) (Version: - )
LogMeIn Hamachi (HKLM-x32\...\{BE82D2D7-6CA2-43B3-8C22-CCF6405806E7}) (Version: 2.2.0.579 - LogMeIn, Inc.) Hidden
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.579 - LogMeIn, Inc.)
METAL GEAR SOLID V: THE PHANTOM PAIN (HKLM\...\Steam App 287700) (Version: - Konami Digital Entertainment)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation)
Microsoft Office Standard 2013 (HKLM\...\Office15.STANDARD) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3319825686-2643767977-2016650390-1001\...\OneDriveSetup.exe) (Version: 17.3.6917.0607 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24210 (HKLM-x32\...\{f144e08f-9cbe-4f09-9a8c-f2b858b7ee7f}) (Version: 14.0.24210.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Minecraft (HKLM-x32\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang)
MiniTool Partition Wizard Free 10.2.1 (HKLM\...\{05D996FA-ADCB-4D23-BA3C-A7C184A8FAC6}_is1) (Version: - MiniTool Solution Ltd.)
Mozilla Firefox 54.0.1 (x64 en-US) (HKLM\...\Mozilla Firefox 54.0.1 (x64 en-US)) (Version: 54.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 54.0.1 - Mozilla)
MSI Afterburner 4.3.0 (HKLM-x32\...\Afterburner) (Version: 4.3.0 - MSI Co., LTD)
Need for Speed: Hot Pursuit (HKLM-x32\...\Steam App 47870) (Version: - Criterion Games)
NextUp-ScanSoft Daniel British Voice (HKLM-x32\...\{BE916006-E144-44CF-B467-F733D0F86200}) (Version: 4.0.0 - NextUp.com)
NVIDIA GeForce Experience 3.7.0.81 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.7.0.81 - NVIDIA Corporation)
NVIDIA Graphics Driver 382.53 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 382.53 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.17.0329 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0329 - NVIDIA Corporation)
NvNodejs (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvNodejs) (Version: 3.7.0.81 - NVIDIA Corporation) Hidden
NvTelemetry (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvTelemetry) (Version: 2.6.1.0 - NVIDIA Corporation) Hidden
NvvHci (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvvHci) (Version: 2.02.0.5 - NVIDIA Corporation) Hidden
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
OpenOffice 4.1.3 (HKLM-x32\...\{EEA30AEB-8BA7-465B-85D4-098BB99733E7}) (Version: 4.13.9783 - Apache Software Foundation)
Opera Stable 46.0.2597.32 (HKLM-x32\...\Opera 46.0.2597.32) (Version: 46.0.2597.32 - Opera Software)
Origin (HKLM-x32\...\Origin) (Version: 10.4.13.6637 - Electronic Arts, Inc.)
Outils de vérification linguistique 2013 de Microsoft Office - Français (HKLM\...\{90150000-001F-040C-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Overwatch (HKLM-x32\...\Overwatch) (Version: - Blizzard Entertainment)
Overwatch Test (HKLM-x32\...\Overwatch Test) (Version: - Blizzard Entertainment)
paint.net (HKLM\...\{1F895C18-6A2F-4A9E-BBE9-246783070F37}) (Version: 4.0.16 - dotPDN LLC)
Portal 2 (HKLM\...\Steam App 620) (Version: - Valve)
Portal Stories: Mel (HKLM\...\Steam App 317400) (Version: - Prism Studios)
puush (HKLM-x32\...\{C3592426-531E-4110-911D-BFECE2CE284B}) (Version: 1.0.0.0 - Dean Herbert)
Razer Chroma SDK Core Components (HKLM-x32\...\Razer Chroma SDK) (Version: 2.2.6 - Razer Inc.)
Razer Synapse (HKLM-x32\...\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 2.20.17.413 - Razer Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.2.703.2015 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7535 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN Driver (HKLM-x32\...\{B63CCD1C-A133-4DF8-8306-DA0387231152}) (Version: 1.00.0269 - REALTEK Semiconductor Corp.)
RivaTuner Statistics Server 6.6.0 (HKLM-x32\...\RTSS) (Version: 6.6.0 - Unwinder)
Rocket League (HKLM-x32\...\Steam App 252950) (Version: - Psyonix)
RogueKiller version 12.11.6.0 (HKLM\...\8B3D7924-ED89-486B-8322-E8594065D5CB_is1) (Version: 12.11.6.0 - Adlice Software)
RollerCoaster Tycoon 2: Triple Thrill Pack (HKLM-x32\...\Steam App 285330) (Version: - Chris Sawyer Productions)
Samsung Data Migration (HKLM-x32\...\{D4DE3DB4-7734-47E5-8D92-B80146311406}) (Version: 2.7 - Samsung)
SHIELD Streaming (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv) (Version: 7.1.0380 - NVIDIA Corporation) Hidden
Skype™ 7.36 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.36.101 - Skype Technologies S.A.)
Spotify (HKU\S-1-5-21-3319825686-2643767977-2016650390-1001\...\Spotify) (Version: 1.0.56.451.gb2f539fc - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
System Requirements Lab Detection (HKLM-x32\...\{541E382C-8DBF-44C5-BB7A-00E01526184E}) (Version: 6.1.6.0 - Husdawg, LLC)
Team Fortress 2 (HKLM-x32\...\Steam App 440) (Version: - Valve)
TeamViewer 12 (HKLM-x32\...\TeamViewer) (Version: 12.0.78716 - TeamViewer)
The Witcher 3: Wild Hunt (HKLM\...\Steam App 292030) (Version: - CD PROJEKT RED)
Trials Fusion (HKLM-x32\...\Uplay Install 297) (Version: - Ubisoft)
Twitch Leecher 1.3.5 (HKLM\...\{C7081120-8F65-46B6-85A4-3200AB1B5AAA}) (Version: 1.3.5.0 - Fake Smile Revolution) Hidden
Twitch Leecher 1.3.5 (HKLM-x32\...\{dbdcd040-9099-4490-80a2-0a617c83df14}) (Version: 1.3.5.0 - Fake Smile Revolution)
Unity Web Player (HKU\S-1-5-21-3319825686-2643767977-2016650390-1001\...\UnityWebPlayer) (Version: 5.1.3f1 - Unity Technologies ApS)
Unlocker (HKLM\...\{5993C960-4E90-4A00-A2F3-D0C4020A6992}) (Version: 1.9.2 - ajua Custom Installers)
Unturned (HKLM\...\Steam App 304930) (Version: - Smartly Dressed Games)
Update for Skype for Business 2015 (KB3213574) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.STANDARD_{8C2A4D8F-3020-403E-94D4-E8EC03F9E723}) (Version: - Microsoft)
Uplay (HKLM-x32\...\Uplay) (Version: 2.0 - Ubisoft)
Vegas Pro 13.0 (64-bit) (HKLM\...\{D0360940-CCC6-11E3-B9C6-F04DA23A5C58}) (Version: 13.0.310 - Sony)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.1 - VideoLAN)
Vulkan Run Time Libraries 1.0.42.1 (HKLM\...\VulkanRT1.0.42.1) (Version: 1.0.42.1 - LunarG, Inc.)
Watch_Dogs (HKLM\...\Steam App 243470) (Version: - Ubisoft)
WBFS Manager 3.0 (HKLM-x32\...\WBFS Manager 3.0) (Version: 3.0 - AlexDP)
WhoCrashed 5.52 (HKLM\...\WhoCrashed_is1) (Version: - Resplendence Software Projects Sp.)
WinRAR 5.21 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
Zemana AntiMalware (HKLM-x32\...\{8F0CD7D1-42F3-4195-95CD-833578D45057}_is1) (Version: 2.74.0.76 - Zemana Ltd.)
Zoo Tycoon: Complete Collection (HKLM-x32\...\Zoo Tycoon 1.0) (Version: - )

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-3319825686-2643767977-2016650390-1001_Classes\CLSID\{144DF3B2-2402-47AE-9583-5A045929A8D4}\InprocServer32 -> C:\Users\Christopher\AppData\Local\Google\Update\1.3.33.5\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3319825686-2643767977-2016650390-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Christopher\AppData\Local\Google\Update\1.3.33.5\psuser_64.dll (Google Inc.)
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2017-03-21] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2017-03-21] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2017-03-21] (Google)
ContextMenuHandlers01: [2.0 Zemana AntiMalware] -> {6ABB1C11-E261-4CEA-BBB5-3836225689DD} => C:\Program Files (x86)\Zemana AntiMalware\ZAMShellExt64.dll [2017-07-11] ()
ContextMenuHandlers01: [Balabolka] -> {6CB83A5A-AA68-4895-9F54-175E789AE149} => C:\Program Files (x86)\Balabolka\BFileExt.dll [2013-02-28] (Ilya Morozov)
ContextMenuHandlers01: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files (x86)\Google\Drive\contextmenu64.dll [2017-03-21] (Google)
ContextMenuHandlers01: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2015-02-15] (Alexander Roshal)
ContextMenuHandlers04: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files (x86)\Google\Drive\contextmenu64.dll [2017-03-21] (Google)
ContextMenuHandlers05: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2016-11-01] (Intel Corporation)
ContextMenuHandlers05: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2017-06-07] (NVIDIA Corporation)
ContextMenuHandlers06: [2.0 Zemana AntiMalware] -> {6ABB1C11-E261-4CEA-BBB5-3836225689DD} => C:\Program Files (x86)\Zemana AntiMalware\ZAMShellExt64.dll [2017-07-11] ()
ContextMenuHandlers06: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2015-02-15] (Alexander Roshal)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0439C61C-09AE-4FCF-B8A9-E77F11225801} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-06-21] (NVIDIA Corporation)
Task: {13F77482-382E-4DF4-87F8-51C8AB9DDAA6} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2017-06-21] (NVIDIA Corporation)
Task: {15D7EE3B-2F7F-4527-B9C9-9EC4F6A8C146} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-06-21] (NVIDIA Corporation)
Task: {2C3A0BC2-4BE3-4AEA-943E-ADB38064527D} - \WPD\SqmUpload_S-1-5-21-3319825686-2643767977-2016650390-1001 -> No File <==== ATTENTION
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\Windows\System32\AutoWorkplace.exe
Task: {3A24B074-058C-45D2-A2D5-745B09BE0F90} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-07-11] (Adobe Systems Incorporated)
Task: {495A9FA3-E3D0-4099-B625-CB4334A7363C} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_26_0_0_137_pepper.exe [2017-07-11] (Adobe Systems Incorporated)
Task: {4AE02413-78F2-44CB-9931-0C088EC91A94} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation)
Task: {4CEC58F6-3EB4-4830-8D49-2E95D70D3F36} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-06-21] (NVIDIA Corporation)
Task: {51D0521F-713C-4007-9C9A-8784F387D450} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3319825686-2643767977-2016650390-1001Core => C:\Users\Christopher\AppData\Local\Google\Update\GoogleUpdate.exe [2017-07-10] (Google Inc.)
Task: {5B3FD6A1-6B8E-46F5-918B-ADDC70E4F05D} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-06-21] (NVIDIA Corporation)
Task: {5D6C7344-D9B9-46B9-B818-1E40D7397AE6} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-06-20] (Google Inc.)
Task: {700F79E7-5A8B-407B-B80C-CB081AEE89CD} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {83FED618-2D47-4C30-AC3D-53918C71F4C6} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {8DFA8CCC-0B53-4D74-A928-5042AD228714} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {91FDCEB4-2319-4E1A-BF4B-B2DF4FB10E7A} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {92C65BCC-3DA0-4800-A912-D7DDBEB0CA2A} - System32\Tasks\Norton Product InstallerIdle => C:\WINDOWS\SysWOW64\Adobe\Shockwave 12\SymInstallStub.exe
Task: {99372063-EF78-4BC4-8D63-E745ED7E69AC} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {A183FBE1-D5A0-48BD-BDE3-1DF1765F024D} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {A8D2A4E5-3D6D-45AE-8758-C3878F5EEB9B} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2017-06-21] (NVIDIA Corporation)
Task: {AC9D4614-1906-4DE1-8640-1BE3E17A0E72} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2017-06-21] (NVIDIA Corporation)
Task: {BD61B490-330B-43A7-AFF9-8D15094F83DE} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-06-20] (Google Inc.)
Task: {BD8CC0BC-738F-4839-812B-B6C2C0E0B79D} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3319825686-2643767977-2016650390-1001UA => C:\Users\Christopher\AppData\Local\Google\Update\GoogleUpdate.exe [2017-07-10] (Google Inc.)
Task: {C01AACBA-948B-414F-87DD-C8569E3C44F3} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {C2F838D5-1437-406D-8595-91BFBF7E5E84} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {C302CCEC-5E01-42B5-A8DE-AC4868E9957A} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {C7BE021D-441C-4F37-B0BB-D03AEBEDB677} - System32\Tasks\Opera scheduled Autoupdate 1498797898 => C:\Program Files\Opera\launcher.exe [2017-06-26] (Opera Software)
Task: {D57B6B30-2363-423E-9FA4-0A20CB4BACD6} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {D6554A72-C43D-42F0-8E80-F6B94F52FB16} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {DA8F8254-091D-4716-99A7-A7FC8F891656} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {E201DDEC-9FED-4027-99E7-086C257F70B4} - System32\Tasks\CAM => C:\Program Files (x86)\NZXT\CAM\CAM_V3.exe
Task: {EAF7B160-6AF5-44DC-9796-266BCC6151A1} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2017-07-11] (Microsoft Corporation)
Task: {EDD2C8D2-425B-41B9-AF69-438C5D84C059} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {F4E51FDC-6775-4E8B-B8AD-3CAAD6CEDF41} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-04-25] (Adobe Systems Incorporated)
Task: {FA0D4813-65D0-4FB5-92E2-39A773C19632} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-06-21] (NVIDIA Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\CreateExplorerShellUnelevatedTask.job => C:\Windows\explorer.exe
Task: C:\Windows\Tasks\Norton Product InstallerIdle.job => C:\WINDOWS\SysWOW64\Adobe\Shockwave 12\SymInstallStub.exe

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============

2017-06-29 05:55 - 2013-07-03 20:32 - 00936728 _____ () C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe
2017-01-05 17:36 - 2017-01-05 17:36 - 00077824 _____ () C:\Users\Christopher\AppData\Local\ntuserlitelist\dataup\dataup.exe
2016-09-08 17:09 - 2017-06-21 02:07 - 01267320 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
2015-12-05 10:53 - 2015-12-05 10:53 - 00076152 _____ () C:\Windows\system32\PnkBstrA.exe
2016-11-14 19:12 - 2014-12-12 18:24 - 00044760 _____ () C:\Windows\runSW.exe
2016-09-24 17:20 - 2016-09-24 17:21 - 00189264 _____ () C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
2017-03-18 15:58 - 2017-03-18 15:58 - 00138000 _____ () C:\Windows\SYSTEM32\inputhost.dll
2017-07-11 19:50 - 2017-07-11 19:50 - 00155504 _____ () C:\Program Files (x86)\Zemana AntiMalware\ZAMShellExt64.dll
2017-05-03 17:11 - 2017-05-03 17:11 - 00619008 ____N () C:\windows\system32\tprdpw64.exe
2017-03-18 15:59 - 2017-03-18 21:31 - 01731072 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2012-01-10 16:41 - 2015-06-27 01:13 - 00568904 _____ () C:\Program Files (x86)\puush\puush.exe
2017-06-21 11:06 - 2017-06-21 11:06 - 00074752 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.18.614.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2017-06-21 11:06 - 2017-06-21 11:06 - 00203264 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.18.614.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2017-06-21 11:06 - 2017-06-21 11:06 - 43454464 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.18.614.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2017-06-21 11:06 - 2017-06-21 11:06 - 02437120 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.18.614.0_x64__kzf8qxf38zg5c\skypert.dll
2017-04-21 15:37 - 2017-04-21 15:37 - 00884224 _____ () C:\Users\Christopher\AppData\Local\ntuserlitelist\svcvmx\svcvmx.exe
2017-04-21 16:28 - 2017-04-21 16:28 - 01080832 _____ () C:\Users\Christopher\AppData\Local\ntuserlitelist\svcvmx\vmxclient.exe
2017-05-23 17:40 - 2017-05-23 17:40 - 03139496 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11705.1001.21.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2017-06-22 10:11 - 2017-06-22 10:12 - 00766464 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11705.1001.21.0_x64__8wekyb3d8bbwe\WinStore.Vui.dll
2017-06-22 10:11 - 2017-06-22 10:12 - 10628608 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11705.1001.21.0_x64__8wekyb3d8bbwe\WinStore.Entertainment.Mobile.dll
2017-06-22 10:11 - 2017-06-22 10:12 - 02640384 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11705.1001.21.0_x64__8wekyb3d8bbwe\MS.Entertainment.Common.Mobile.dll
2017-07-10 23:56 - 2017-07-10 23:58 - 00020480 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.18062.13720.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
2017-07-10 23:56 - 2017-07-10 23:58 - 27590144 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.18062.13720.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll
2017-07-10 23:56 - 2017-07-10 23:58 - 00428032 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.18062.13720.0_x64__8wekyb3d8bbwe\Microsoft.Photos.AGM.Native.Windows.dll
2017-07-10 23:56 - 2017-07-10 23:58 - 20649984 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.18062.13720.0_x64__8wekyb3d8bbwe\PhotosApp.Windows.dll
2017-07-10 23:56 - 2017-07-10 23:58 - 02305536 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.18062.13720.0_x64__8wekyb3d8bbwe\MediaEngine.dll
2017-07-10 23:56 - 2017-07-10 23:58 - 02856448 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.18062.13720.0_x64__8wekyb3d8bbwe\AppCore.Windows.dll
2017-05-23 17:40 - 2017-05-23 17:40 - 03139496 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.18062.13720.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2017-06-15 10:36 - 2017-06-15 10:37 - 00046080 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.18062.13720.0_x64__8wekyb3d8bbwe\Microsoft.Photos.Edit.Services.dll
2016-06-03 10:08 - 2016-06-03 10:08 - 00680448 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.18062.13720.0_x64__8wekyb3d8bbwe\Microsoft.DesignCore.dll
2017-07-10 23:56 - 2017-07-10 23:58 - 01127936 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.18062.13720.0_x64__8wekyb3d8bbwe\Microsoft.RichMedia.Ink.Controls.dll
2017-05-09 13:51 - 2017-05-09 20:16 - 01062400 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.18062.13720.0_x64__8wekyb3d8bbwe\Microsoft.Sharing.dll
2017-07-07 23:12 - 2017-07-07 23:13 - 23624704 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.17054.14711.0_x64__8wekyb3d8bbwe\Video.UI.exe
2017-07-07 23:12 - 2017-07-07 23:13 - 08850944 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.17054.14711.0_x64__8wekyb3d8bbwe\EntCommon.dll
2017-07-07 23:12 - 2017-07-07 23:13 - 03140520 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.17054.14711.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2017-02-23 08:29 - 2017-02-23 08:29 - 08909512 _____ () C:\Program Files\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2017-07-10 22:00 - 2017-06-22 22:21 - 03807064 _____ () C:\Users\Christopher\AppData\Local\Google\Chrome\Application\59.0.3071.115\libglesv2.dll
2017-07-10 22:00 - 2017-06-22 22:21 - 00100184 _____ () C:\Users\Christopher\AppData\Local\Google\Chrome\Application\59.0.3071.115\libegl.dll
2017-03-18 15:58 - 2017-03-18 15:58 - 03826176 _____ () C:\Windows\System32\Windows.UI.Input.Inking.Analysis.dll
2017-04-07 15:57 - 2017-04-07 15:58 - 00381440 _____ () C:\Program Files\WindowsApps\Microsoft.MicrosoftStickyNotes_1.8.0.0_x64__8wekyb3d8bbwe\Microsoft.Notes.Upgrade.dll
2017-06-22 10:11 - 2017-06-22 10:12 - 00054272 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11705.1001.21.0_x64__8wekyb3d8bbwe\WinStoreTasksWrapper.dll
2017-06-29 05:55 - 2017-07-11 20:05 - 00035984 _____ () C:\Program Files (x86)\ASUS\AXSP\1.01.02\PEbiosinterface32.dll
2017-06-29 05:55 - 2013-07-03 20:32 - 00104448 _____ () C:\Program Files (x86)\ASUS\AXSP\1.01.02\ATKEX.dll
2017-05-04 11:13 - 2017-05-04 11:13 - 00235520 _____ () C:\Users\Christopher\AppData\Local\ntuserlitelist\dataup\help_dll.dll
2017-02-07 17:47 - 2017-05-23 17:11 - 02493440 _____ () C:\Program Files (x86)\Origin\libGLESv2.dll
2016-09-08 17:09 - 2017-06-21 02:07 - 01040504 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll
2016-09-08 17:09 - 2017-06-21 02:06 - 66837112 _____ () C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\libcef.dll
2015-06-20 23:16 - 2017-05-16 20:54 - 00678176 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2015-06-20 23:16 - 2017-07-06 13:29 - 02496800 _____ () C:\Program Files (x86)\Steam\video.dll
2015-06-20 23:16 - 2016-08-31 20:02 - 04969248 _____ () C:\Program Files (x86)\Steam\v8.dll
2015-06-20 23:16 - 2016-01-27 02:49 - 00491008 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll
2015-06-20 23:16 - 2016-01-27 02:49 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll
2015-06-20 23:16 - 2016-01-27 02:49 - 02549760 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll
2015-06-20 23:16 - 2016-01-27 02:49 - 00442880 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll
2015-06-20 23:16 - 2016-01-27 02:49 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll
2015-06-20 23:16 - 2016-08-31 20:02 - 01563936 _____ () C:\Program Files (x86)\Steam\icui18n.dll
2015-06-20 23:16 - 2016-08-31 20:02 - 01195296 _____ () C:\Program Files (x86)\Steam\icuuc.dll
2015-06-20 23:16 - 2017-07-06 13:29 - 00878368 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2016-03-09 17:45 - 2016-07-04 17:17 - 00266560 _____ () C:\Program Files (x86)\Steam\openvr_api.dll
2017-06-09 11:12 - 2017-05-16 20:54 - 00678176 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.win7\SDL2.dll
2016-12-12 23:27 - 2017-07-06 12:58 - 73088800 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.win7\libcef.dll
2015-06-20 23:16 - 2017-07-06 13:29 - 00385824 _____ () C:\Program Files (x86)\Steam\steam.dll
2016-10-29 12:48 - 2017-06-16 22:32 - 00120944 _____ () C:\Users\Christopher\AppData\Roaming\Spotify\SpotifyWinRT.dll
2017-07-11 20:05 - 2017-07-11 20:05 - 00098816 ____R () C:\Users\Christopher\AppData\Local\Temp\_MEI139962\win32api.pyd
2017-07-11 20:05 - 2017-07-11 20:05 - 00110080 ____R () C:\Users\Christopher\AppData\Local\Temp\_MEI139962\pywintypes27.dll
2017-07-11 20:05 - 2017-07-11 20:05 - 00364544 ____R () C:\Users\Christopher\AppData\Local\Temp\_MEI139962\pythoncom27.dll
2017-07-11 20:05 - 2017-07-11 20:05 - 00320512 ____R () C:\Users\Christopher\AppData\Local\Temp\_MEI139962\win32com.shell.shell.pyd
2017-07-11 20:05 - 2017-07-11 20:05 - 00914432 ____R () C:\Users\Christopher\AppData\Local\Temp\_MEI139962\_hashlib.pyd
2017-07-11 20:05 - 2017-07-11 20:05 - 01176576 ____R () C:\Users\Christopher\AppData\Local\Temp\_MEI139962\wx._core_.pyd
2017-07-11 20:05 - 2017-07-11 20:05 - 00806400 ____R () C:\Users\Christopher\AppData\Local\Temp\_MEI139962\wx._gdi_.pyd
2017-07-11 20:05 - 2017-07-11 20:05 - 00816128 ____R () C:\Users\Christopher\AppData\Local\Temp\_MEI139962\wx._windows_.pyd
2017-07-11 20:05 - 2017-07-11 20:05 - 01067008 ____R () C:\Users\Christopher\AppData\Local\Temp\_MEI139962\wx._controls_.pyd
2017-07-11 20:05 - 2017-07-11 20:05 - 00733184 ____R () C:\Users\Christopher\AppData\Local\Temp\_MEI139962\wx._misc_.pyd
2017-07-11 20:05 - 2017-07-11 20:05 - 00682496 ____R () C:\Users\Christopher\AppData\Local\Temp\_MEI139962\pysqlite2._sqlite.pyd
2017-07-11 20:05 - 2017-07-11 20:05 - 00088064 ____R () C:\Users\Christopher\AppData\Local\Temp\_MEI139962\_ctypes.pyd
2017-07-11 20:05 - 2017-07-11 20:05 - 00686080 ____R () C:\Users\Christopher\AppData\Local\Temp\_MEI139962\unicodedata.pyd
2017-07-11 20:05 - 2017-07-11 20:05 - 00119808 ____R () C:\Users\Christopher\AppData\Local\Temp\_MEI139962\win32file.pyd
2017-07-11 20:05 - 2017-07-11 20:05 - 00108544 ____R () C:\Users\Christopher\AppData\Local\Temp\_MEI139962\win32security.pyd
2017-07-11 20:05 - 2017-07-11 20:05 - 00007168 ____R () C:\Users\Christopher\AppData\Local\Temp\_MEI139962\hashobjs_ext.pyd
2017-07-11 20:05 - 2017-07-11 20:05 - 00017920 ____R () C:\Users\Christopher\AppData\Local\Temp\_MEI139962\thumbnails_ext.pyd
2017-07-11 20:05 - 2017-07-11 20:05 - 00088064 ____R () C:\Users\Christopher\AppData\Local\Temp\_MEI139962\usb_ext.pyd
2017-07-11 20:05 - 2017-07-11 20:05 - 00012800 ____R () C:\Users\Christopher\AppData\Local\Temp\_MEI139962\common.time34.pyd
2017-07-11 20:05 - 2017-07-11 20:05 - 00018432 ____R () C:\Users\Christopher\AppData\Local\Temp\_MEI139962\win32event.pyd
2017-07-11 20:05 - 2017-07-11 20:05 - 00167936 ____R () C:\Users\Christopher\AppData\Local\Temp\_MEI139962\win32gui.pyd
2017-07-11 20:05 - 2017-07-11 20:05 - 00046080 ____R () C:\Users\Christopher\AppData\Local\Temp\_MEI139962\_socket.pyd
2017-07-11 20:05 - 2017-07-11 20:05 - 01303552 ____R () C:\Users\Christopher\AppData\Local\Temp\_MEI139962\_ssl.pyd
2017-07-11 20:05 - 2017-07-11 20:05 - 00128512 ____R () C:\Users\Christopher\AppData\Local\Temp\_MEI139962\_elementtree.pyd
2017-07-11 20:05 - 2017-07-11 20:05 - 00127488 ____R () C:\Users\Christopher\AppData\Local\Temp\_MEI139962\pyexpat.pyd
2017-07-11 20:05 - 2017-07-11 20:05 - 00038912 ____R () C:\Users\Christopher\AppData\Local\Temp\_MEI139962\win32inet.pyd
2017-07-11 20:05 - 2017-07-11 20:05 - 00036864 ____R () C:\Users\Christopher\AppData\Local\Temp\_MEI139962\_psutil_windows.pyd
2017-07-11 20:05 - 2017-07-11 20:05 - 00524248 ____R () C:\Users\Christopher\AppData\Local\Temp\_MEI139962\windows._lib_cacheinvalidation.pyd
2017-07-11 20:05 - 2017-07-11 20:05 - 00011264 ____R () C:\Users\Christopher\AppData\Local\Temp\_MEI139962\win32crypt.pyd
2017-07-11 20:05 - 2017-07-11 20:05 - 00123392 ____R () C:\Users\Christopher\AppData\Local\Temp\_MEI139962\wx._wizard.pyd
2017-07-11 20:05 - 2017-07-11 20:05 - 00077312 ____R () C:\Users\Christopher\AppData\Local\Temp\_MEI139962\wx._html2.pyd
2017-07-11 20:05 - 2017-07-11 20:05 - 00027648 ____R () C:\Users\Christopher\AppData\Local\Temp\_MEI139962\_multiprocessing.pyd
2017-07-11 20:05 - 2017-07-11 20:05 - 00020480 ____R () C:\Users\Christopher\AppData\Local\Temp\_MEI139962\_yappi.pyd
2017-07-11 20:05 - 2017-07-11 20:05 - 00035840 ____R () C:\Users\Christopher\AppData\Local\Temp\_MEI139962\win32process.pyd
2017-07-11 20:05 - 2017-07-11 20:05 - 00078848 ____R () C:\Users\Christopher\AppData\Local\Temp\_MEI139962\wx._animate.pyd
2017-07-11 20:05 - 2017-07-11 20:05 - 00024064 ____R () C:\Users\Christopher\AppData\Local\Temp\_MEI139962\win32pipe.pyd
2017-07-11 20:05 - 2017-07-11 20:05 - 00010240 ____R () C:\Users\Christopher\AppData\Local\Temp\_MEI139962\select.pyd
2017-07-11 20:05 - 2017-07-11 20:05 - 00025600 ____R () C:\Users\Christopher\AppData\Local\Temp\_MEI139962\win32pdh.pyd
2017-07-11 20:05 - 2017-07-11 20:05 - 00017408 ____R () C:\Users\Christopher\AppData\Local\Temp\_MEI139962\win32profile.pyd
2017-07-11 20:05 - 2017-07-11 20:05 - 00022528 ____R () C:\Users\Christopher\AppData\Local\Temp\_MEI139962\win32ts.pyd
2017-04-26 15:19 - 2017-04-26 15:19 - 02005976 ____R () C:\Program Files (x86)\Skype\Phone\skypert.dll
2015-12-25 14:11 - 2014-05-19 18:19 - 00137728 _____ () C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\CBSCreateVC.dll
2015-12-25 14:11 - 2014-09-11 19:09 - 01498112 _____ () C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\DAQExp.dll
2017-01-14 19:40 - 2017-01-14 19:40 - 53460992 _____ () C:\Users\Christopher\AppData\Local\ntuserlitelist\svcvmx\libcef.dll
2017-02-23 08:29 - 2017-02-23 08:29 - 08909512 _____ () C:\Program Files (x86)\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2016-05-31 11:43 - 2016-05-31 11:43 - 01976832 _____ () C:\Users\Christopher\AppData\Local\ntuserlitelist\svcvmx\libglesv2.dll
2016-05-31 11:44 - 2016-05-31 11:44 - 00075264 _____ () C:\Users\Christopher\AppData\Local\ntuserlitelist\svcvmx\libegl.dll
2016-06-15 17:15 - 2016-06-15 17:15 - 17599640 _____ () C:\Users\Christopher\AppData\Local\ntuserlitelist\svcvmx\pepflashplayer.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\TEMP:792D4CF1 [216]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

HKU\S-1-5-21-3319825686-2643767977-2016650390-1001\Software\Classes\regfile: regedit.exe "%1" <==== ATTENTION

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-3319825686-2643767977-2016650390-1001\...\sharepoint.com -> hxxps://sshc.sharepoint.com

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 08:25 - 2017-07-11 20:36 - 00000027 _____ C:\Windows\system32\Drivers\etc\hosts

127.0.0.1 localhost
 
You must log in or register to reply here.

Similar threads

M
Virus warning popup
Replies
1
Views
542
Mark Fuller
M
midian182
Google's AI-powered search can recommend malicious sites, including scams and malware
Replies
6
Views
143
James Ryan
J
midian182
Google removes 32 malicious Chrome extensions with 75 million installs from the Web Store
Replies
9
Views
836
Daddio
Daddio

Latest posts

Back