Solved Amazon assistant aa.hta

P

postfebrile

Posts: 47   +0
Hey, newbie here. I'm trying to get rid of some adware (I think it's adware) and any other associated nastiness on my computer. Never done anything like this before.
This week I started getting these blank pop up windows called "Program files(x86)\amazon\amazon assistant\aa.hta." Last night I did a farber scan, and then I ran malwarebytes and then ccleaner. CCcleaner seemed to do the trick, but I think I should keep going. Was going to do AdwCleaner next. Can anyone help me out? I have the logs from my initial scans but maybe I should scan again and post the most recent info.
 
Here's the FRST log

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 15-03-2017
Ran by Owner (administrator) on OWNER-PC (07-04-2017 18:36:47)
Running from C:\Users\Owner\Downloads
Loaded Profiles: Owner (Available Profiles: Owner & DefaultAppPool)
Platform: Windows 10 Home Version 1607 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool:

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgrsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgcsrva.exe
() C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
() C:\Program Files (x86)\Amazon\Amazon Assistant\amazonAssistantService.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BBSvc.EXE
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgwdsvca.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgidsagenta.exe
() C:\Program Files (x86)\AVG Quick ThreatScan\qtsscand.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Sassafras Software Inc.) C:\Windows\keyacc32.exe
() C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
() C:\Program Files (x86)\Cyberlink\Shared files\RichVideo.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
(Pandora.TV) C:\Program Files (x86)\PANDORA.TV\PanService\PandoraService.exe
(AVG Secure Search) C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\40.3.7\ToolbarUpdater.exe
() C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe
(Acer Group) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgnsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgemca.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
(PandoraTV) C:\Program Files (x86)\PANDORA.TV\PanService\PanProcess.exe
(CyberLink Corp.) C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe
(CyberLink) C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\DMR\DMREngine.exe
(Google Inc.) C:\Users\Owner\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Owner\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Owner\AppData\Local\Google\Chrome\Application\chrome.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Google Inc.) C:\Users\Owner\AppData\Local\Google\Chrome\Application\chrome.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe
(Acer Corp.) C:\Program Files (x86)\TouchSettings\TouchPortalOBR.exe
(Acer Corp.) C:\Program Files (x86)\Acer\Acer TouchPortal\TouchPortalLauncher.exe
(Google Inc.) C:\Users\Owner\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Owner\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Owner\AppData\Local\Google\Chrome\Application\chrome.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Spotify Ltd) C:\Users\Owner\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Dropbox, Inc.) C:\Users\Owner\AppData\Local\Dropbox\Update\DropboxUpdate.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Spotify Ltd) C:\Users\Owner\AppData\Roaming\Spotify\Spotify.exe
(BitTorrent Inc.) C:\Users\Owner\AppData\Roaming\uTorrent\uTorrent.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.11.523\SSScheduler.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe
() C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe
(CyberLink Corp.) C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe
(CyberLink Corp.) C:\Program Files (x86)\Acer\Acer TouchPortal\Acer Touch Movie\TouchMovieService.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe
(alch) C:\Program Files (x86)\ClamWin\bin\ClamTray.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PDF Viewer Plus\pdfPro5Hook.exe
(Spotify Ltd) C:\Users\Owner\AppData\Roaming\Spotify\Spotify.exe
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgui.exe
() C:\Program Files (x86)\AVG Web TuneUp\vprot.exe
(Google Inc.) C:\Users\Owner\AppData\Local\Google\Chrome\Application\chrome.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\BrYNSvc.exe
(BitTorrent Inc.) C:\Users\Owner\AppData\Roaming\uTorrent\updates\3.4.9_43388\utorrentie.exe
(BitTorrent Inc.) C:\Users\Owner\AppData\Roaming\uTorrent\updates\3.4.9_43388\utorrentie.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avguix.exe
(BitTorrent Inc.) C:\Users\Owner\AppData\Roaming\uTorrent\updates\3.4.9_43388\utorrentie.exe
(Acer Inc.) C:\Program Files (x86)\Acer\clear.fi Client\ExtractDeviceIcon.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ink\InputPersonalization.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
(Spotify Ltd) C:\Users\Owner\AppData\Roaming\Spotify\Spotify.exe
(Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
(Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
(Spotify Ltd) C:\Users\Owner\AppData\Roaming\Spotify\Spotify.exe
(Google Inc.) C:\Users\Owner\AppData\Local\Google\Chrome\Application\chrome.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe
(Microsoft Corporation) C:\Windows\System32\DeviceCensus.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officec2rclient.exe
(Google Inc.) C:\Users\Owner\AppData\Local\Google\Update\GoogleUpdate.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officec2rclient.exe
(Microsoft Corporation) C:\Users\Owner\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe
(Microsoft Corporation) C:\Windows\System32\InstallAgent.exe
(Dropbox, Inc.) C:\Users\Owner\AppData\Local\Dropbox\Update\DropboxUpdate.exe
(Dropbox, Inc.) C:\Users\Owner\AppData\Local\Dropbox\Update\DropboxUpdate.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Microsoft Corporation) C:\Windows\System32\InstallAgentUserBroker.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
(Dropbox, Inc.) C:\Users\Owner\AppData\Local\Dropbox\Update\Install\{0D697F00-EA58-4E91-87CB-927C0950442A}\DropboxClient_23.4.18.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\reader_sl.exe
(Google Inc.) C:\Users\Owner\AppData\Local\Google\Chrome\Application\chrome.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\SeaPort.EXE
(Dropbox, Inc.) C:\Users\Owner\AppData\Local\Dropbox\Update\DropboxUpdate.exe
(Google Inc.) C:\Users\Owner\AppData\Local\Google\Chrome\Application\chrome.exe
(Dropbox, Inc.) C:\Users\Owner\AppData\Roaming\Dropbox\Client_23.4.18\Dropbox.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Corporation) C:\Windows\System32\dmclient.exe
==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11474024 2010-10-05] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2122856 2010-10-05] (Realtek Semiconductor)
HKLM\...\Run: [mwlDaemon] => C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe [349552 2010-05-26] (Egis Technology Inc.)
HKLM\...\Run: [TouchORB] => C:\Program Files (x86)\TouchSettings\TouchPortalOBR.exe [153416 2010-05-06] (Acer Corp.)
HKLM\...\Run: [TouchPortal] => C:\Program Files (x86)\Acer\Acer TouchPortal\TouchPortalLauncher.exe [436256 2010-07-08] (Acer Corp.)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [1803392 2015-11-01] (NVIDIA Corporation)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [176440 2017-01-19] (Apple Inc.)
HKLM\...\Run: [KeyAccess] => kass.exe
HKLM-x32\...\Run: [UCam_Menu] => C:\Program Files (x86)\Acer\Acer Touch Suite\YouCam\MUITransfer\MUIStartMenu.exe [222504 2009-05-20] (CyberLink Corp.)
HKLM-x32\...\Run: [SuiteTray] => C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe [337264 2010-05-26] (Egis Technology Inc.)
HKLM-x32\...\Run: [EgisUpdate] => C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe [201584 2010-03-11] (Egis Technology Inc.)
HKLM-x32\...\Run: [EgisTecPMMUpdate] => C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe [407920 2010-03-11] (Egis Technology Inc.)
HKLM-x32\...\Run: [Norton Online Backup] => C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe [1155928 2010-06-01] (Symantec Corporation)
HKLM-x32\...\Run: [Hotkey Utility] => C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe [611872 2010-08-04] ()
HKLM-x32\...\Run: [MDS_Menu] => C:\Program Files (x86)\Acer\Acer TouchPortal\MediaShow Espresso\MUITransfer\MUIStartMenu.exe [222504 2009-05-20] (CyberLink Corp.)
HKLM-x32\...\Run: [ArcadeMovieService] => C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe [124136 2010-11-05] (CyberLink Corp.)
HKLM-x32\...\Run: [TouchSuiteMovieService] => C:\Program Files (x86)\Acer\Acer TouchPortal\Acer Touch Movie\TouchMovieService.exe [124136 2010-10-29] (CyberLink Corp.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [67384 2017-01-13] (Apple Inc.)
HKLM-x32\...\Run: [ClamWin] => C:\Program Files (x86)\ClamWin\bin\ClamTray.exe [86016 2011-10-23] (alch)
HKLM-x32\...\Run: [IndexSearch] => C:\Program Files (x86)\Nuance\PaperPort\IndexSearch.exe [46368 2010-03-09] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [PaperPort PTD] => C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe [29984 2010-03-09] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [PPort12reminder] => "C:\Program Files (x86)\Nuance\PaperPort\Ereg\Ereg.exe" -r "C:\ProgramData\ScanSoft\PaperPort\12\Config\Ereg\Ereg.ini"
HKLM-x32\...\Run: [PDFHook] => C:\Program Files (x86)\Nuance\PDF Viewer Plus\pdfpro5hook.exe [636192 2010-03-05] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [PDF5 Registry Controller] => C:\Program Files (x86)\Nuance\PDF Viewer Plus\RegistryController.exe [62752 2010-03-05] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Adobe Acrobat Speed Launcher] => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe [41360 2014-09-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe [840592 2014-09-04] (Adobe Systems Inc.)
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe [240400 2016-12-06] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2015-08-06] (Apple Inc.)
HKLM-x32\...\Run: [vProt] => C:\Program Files (x86)\AVG Web TuneUp\vprot.exe [2183752 2017-03-12] ()
HKLM-x32\...\Run: [AvgUi] => C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe [240400 2016-12-06] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [143360 2012-09-06] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [3076096 2012-06-06] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2383040 2016-10-25] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2016-12-12] (Oracle Corporation)
HKU\S-1-5-21-1550112743-170410322-4251018227-1000\...\Run: [Google Update] => C:\Users\Owner\AppData\Local\Google\Update\1.3.32.7\GoogleUpdateCore.exe [601752 2016-12-17] (Google Inc.)
HKU\S-1-5-21-1550112743-170410322-4251018227-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [30877280 2014-12-11] (Skype Technologies S.A.)
HKU\S-1-5-21-1550112743-170410322-4251018227-1000\...\Run: [Spotify Web Helper] => C:\Users\Owner\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1446000 2017-03-25] (Spotify Ltd)
HKU\S-1-5-21-1550112743-170410322-4251018227-1000\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2015-08-06] (Apple Inc.)
HKU\S-1-5-21-1550112743-170410322-4251018227-1000\...\Run: [Dropbox Update] => C:\Users\Owner\AppData\Local\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-05] (Dropbox, Inc.)
HKU\S-1-5-21-1550112743-170410322-4251018227-1000\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2017-01-17] (Apple Inc.)
HKU\S-1-5-21-1550112743-170410322-4251018227-1000\...\Run: [Spotify] => C:\Users\Owner\AppData\Roaming\Spotify\Spotify.exe [7089776 2017-03-25] (Spotify Ltd)
HKU\S-1-5-21-1550112743-170410322-4251018227-1000\...\Run: [uTorrent] => C:\Users\Owner\AppData\Roaming\uTorrent\uTorrent.exe [2147520 2017-03-13] (BitTorrent Inc.)
HKU\S-1-5-21-1550112743-170410322-4251018227-1000\...\Run: [GoogleChromeAutoLaunch_721577D41E77D440C916E2687EBA0267] => C:\Users\Owner\AppData\Local\Google\Chrome\Application\chrome.exe [941912 2017-03-28] (Google Inc.)
HKU\S-1-5-21-1550112743-170410322-4251018227-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\scrnsave.scr [37376 2016-07-16] (Microsoft Corporation)
AppInit_DLLs: KATRK64.DLL => C:\WINDOWS\KATRK64.DLL [24696 2014-08-10] (Sassafras Software Inc.)
AppInit_DLLs-x32: KATRACK.DLL => C:\WINDOWS\KATRACK.DLL [19064 2014-08-10] (Sassafras Software Inc.)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-10-25] ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-10-25] ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-10-25] ()
ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Owner\AppData\Local\Microsoft\OneDrive\17.3.6798.0207\amd64\FileSyncShell64.dll [2017-03-03] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Owner\AppData\Local\Microsoft\OneDrive\17.3.6798.0207\amd64\FileSyncShell64.dll [2017-03-03] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Owner\AppData\Local\Microsoft\OneDrive\17.3.6798.0207\amd64\FileSyncShell64.dll [2017-03-03] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Owner\AppData\Roaming\Dropbox\bin\DropboxExt64.15.0.dll [2017-04-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Owner\AppData\Roaming\Dropbox\bin\DropboxExt64.15.0.dll [2017-04-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Owner\AppData\Roaming\Dropbox\bin\DropboxExt64.15.0.dll [2017-04-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Owner\AppData\Roaming\Dropbox\bin\DropboxExt64.15.0.dll [2017-04-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [egisPSDP] -> {30A0A3F6-38AC-4C53-BB8B-0D95238E25BA} => C:\Program Files (x86)\EgisTec MyWinLocker\x64\psdprotect.dll [2010-05-26] (Egis Technology Inc.)
ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Owner\AppData\Local\Microsoft\OneDrive\17.3.6798.0207\FileSyncShell.dll [2017-03-03] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Owner\AppData\Local\Microsoft\OneDrive\17.3.6798.0207\FileSyncShell.dll [2017-03-03] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Owner\AppData\Local\Microsoft\OneDrive\17.3.6798.0207\FileSyncShell.dll [2017-03-03] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Owner\AppData\Roaming\Dropbox\bin\DropboxExt.15.0.dll [2017-04-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Owner\AppData\Roaming\Dropbox\bin\DropboxExt.15.0.dll [2017-04-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Owner\AppData\Roaming\Dropbox\bin\DropboxExt.15.0.dll [2017-04-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Owner\AppData\Roaming\Dropbox\bin\DropboxExt.15.0.dll [2017-04-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [egisPSDP] -> {30A0A3F6-38AC-4C53-BB8B-0D95238E25BA} => C:\Program Files (x86)\EgisTec MyWinLocker\x86\psdprotect.dll [2010-05-26] (Egis Technology Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2017-03-27]
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.523\SSScheduler.exe (McAfee, Inc.)
Startup: C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2017-03-24]
ShortcutTarget: Dropbox.lnk -> C:\Users\Owner\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
 
==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Winsock: Catalog9 01 C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll [268832 2009-08-10] (NVIDIA)
Winsock: Catalog9 02 C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll [268832 2009-08-10] (NVIDIA)
Winsock: Catalog9 03 C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll [268832 2009-08-10] (NVIDIA)
Winsock: Catalog9 04 C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll [268832 2009-08-10] (NVIDIA)
Winsock: Catalog9 05 C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll [268832 2009-08-10] (NVIDIA)
Winsock: Catalog9 06 C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll [268832 2009-08-10] (NVIDIA)
Winsock: Catalog9 07 C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll [268832 2009-08-10] (NVIDIA)
Winsock: Catalog9 08 C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll [268832 2009-08-10] (NVIDIA)
Winsock: Catalog9-x64 01 C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp64.dll [434208 2009-08-10] (NVIDIA)
Winsock: Catalog9-x64 02 C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp64.dll [434208 2009-08-10] (NVIDIA)
Winsock: Catalog9-x64 03 C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp64.dll [434208 2009-08-10] (NVIDIA)
Winsock: Catalog9-x64 04 C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp64.dll [434208 2009-08-10] (NVIDIA)
Winsock: Catalog9-x64 05 C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp64.dll [434208 2009-08-10] (NVIDIA)
Winsock: Catalog9-x64 06 C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp64.dll [434208 2009-08-10] (NVIDIA)
Winsock: Catalog9-x64 07 C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp64.dll [434208 2009-08-10] (NVIDIA)
Winsock: Catalog9-x64 08 C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp64.dll [434208 2009-08-10] (NVIDIA)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 68.105.28.11 68.105.29.11 68.105.28.12
Tcpip\..\Interfaces\{229105c4-0d95-4edd-bf82-0b1c5f611115}: [DhcpNameServer] 192.168.15.1
Tcpip\..\Interfaces\{5afc1849-0ed4-4e5d-8cf5-722d0ee19c5b}: [DhcpNameServer] 68.105.28.11 68.105.29.11 68.105.28.12
Tcpip\..\Interfaces\{c0ee42c3-f3ce-4631-ad6b-727d6dc7d30e}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{d6dd62f6-1066-4a58-b5ff-3b4fd6574eb1}: [DhcpNameServer] 198.18.0.1 198.18.0.2

Internet Explorer:
==================
HKU\S-1-5-21-1550112743-170410322-4251018227-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://mysearch.avg.com/?cid={EAAD0F3D-5967-4EBC-BCBC-49BEF5EF0D46}&mid=10eb1ea4d2634f9f8eb648226301e3ee-46acfdd5170e5e099104e5c48c68792fb81d7679&lang=en&ds=AVG&coid=avgtbavg&cmpid=1216tb&pr=fr&d=2015-09-19 10:19:50&v=4.3.6.255&pid=wtu&sg=&sap=hp
HKU\S-1-5-21-1550112743-170410322-4251018227-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer.msn.com
URLSearchHook: HKLM-x32 - uTorrentBar Toolbar - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Users\Owner\AppData\LocalLow\uTorrentBar\prxtbuTo0.dll No File
URLSearchHook: HKU\S-1-5-21-1550112743-170410322-4251018227-1000 - uTorrentBar Toolbar - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Users\Owner\AppData\LocalLow\uTorrentBar\prxtbuTo0.dll No File
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=AARTDF&pc=MAAR&src=IE-SearchBox
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=AARTDF&pc=MAAR&src=IE-SearchBox
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=AARTDF&pc=MAAR&src=IE-SearchBox
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=AARTDF&pc=MAAR&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-1550112743-170410322-4251018227-1000 -> {5807F203-BF07-49A2-92C1-C1A17DDF0AE9} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2786678
SearchScopes: HKU\S-1-5-21-1550112743-170410322-4251018227-1000 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxps://mysearch.avg.com/search?cid={EAAD0F3D-5967-4EBC-BCBC-49BEF5EF0D46}&mid=10eb1ea4d2634f9f8eb648226301e3ee-46acfdd5170e5e099104e5c48c68792fb81d7679&lang=en&ds=AVG&coid=avgtbavg&cmpid=1216tb&pr=fr&d=2015-09-19 10:19:50&v=4.3.6.255&pid=wtu&sg=&sap=dsp&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1550112743-170410322-4251018227-1000 -> {AFDBDDAA-5D3F-42EE-B79C-185A7020515B} URL =
BHO: McAfee Phishing Filter -> {27B4851A-3207-45A2-B947-BE8AFE6163AB} -> c:\PROGRA~1\mcafee\msk\MSKAPB~1.DLL => No File
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2016-12-13] (Microsoft Corporation)
BHO: AVG Web TuneUp -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> C:\Program Files\AVG Web TuneUp\4.3.7.452\AVG Web TuneUp.dll [2017-03-12] (AVG)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2017-01-31] (Microsoft Corporation)
BHO: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll [2014-03-11] (Microsoft Corporation.)
BHO-x32: McAfee Phishing Filter -> {27B4851A-3207-45A2-B947-BE8AFE6163AB} -> c:\progra~1\mcafee\msk\mskapbho.dll => No File
BHO-x32: PlusIEEventHelper Class -> {551A852F-39A6-44A7-9C13-AFBEC9185A9D} -> C:\Program Files (x86)\Nuance\PDF Viewer Plus\Bin\PlusIEContextMenu.dll [2009-02-06] (Zeon Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\ssv.dll [2017-03-08] (Oracle Corporation)
BHO-x32: AVG Web TuneUp -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> C:\Program Files (x86)\AVG Web TuneUp\4.3.7.452\AVG Web TuneUp.dll [2017-03-12] (AVG)
BHO-x32: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2014-09-04] (Adobe Systems Incorporated)
BHO-x32: uTorrentBar Toolbar -> {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} -> C:\Users\Owner\AppData\LocalLow\uTorrentBar\prxtbuTo0.dll => No File
BHO-x32: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll [2014-03-11] (Microsoft Corporation.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\jp2ssv.dll [2017-03-08] (Oracle Corporation)
BHO-x32: SmartSelect Class -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2014-09-04] (Adobe Systems Incorporated)
BHO-x32: TBSB07898 Class -> {FCBCCB87-9224-4B8D-B117-F56D924BEB18} -> C:\Program Files (x86)\Coupons.com CouponBar\tbcore3.dll [2013-07-15] ()
Toolbar: HKLM - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll [2014-03-11] (Microsoft Corporation.)
Toolbar: HKLM-x32 - uTorrentBar Toolbar - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Users\Owner\AppData\LocalLow\uTorrentBar\prxtbuTo0.dll No File
Toolbar: HKLM-x32 - Coupons.com CouponBar - {8660E5B3-6C41-44DE-8503-98D99BBECD41} - C:\Program Files (x86)\Coupons.com CouponBar\tbcore3.dll [2013-07-15] ()
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll [2014-03-11] (Microsoft Corporation.)
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2014-09-04] (Adobe Systems Incorporated)
Toolbar: HKU\S-1-5-21-1550112743-170410322-4251018227-1000 -> No Name - {BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} - No File
DPF: HKLM-x32 {2BCDB465-81F9-41CB-832C-8037A4064446} C:\Users\Owner\AppData\Local\Temp\f5tmp\urxvpn.cab
DPF: HKLM-x32 {41EF3CD2-D8CC-4438-84B1-280BB4E77C8E} C:\Users\Owner\AppData\Local\Temp\f5tmp\f5tunsrv.cab
DPF: HKLM-x32 {45B69029-F3AB-4204-92DE-D5140C3E8E74} C:\Users\Owner\AppData\Local\Temp\f5tmp\InstallerControl.cab
DPF: HKLM-x32 {CC85ACDF-B277-486F-8C70-2C9B2ED2A4E7} C:\Users\Owner\AppData\Local\Temp\f5tmp\urxshost.cab
DPF: HKLM-x32 {E0FF21FA-B857-45C5-8621-F120A0C17FF2} C:\Users\Owner\AppData\Local\Temp\f5tmp\urxhost.cab
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2016-04-19] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\2r1qdddl.default [2017-04-02]
FF user.js: detected! => C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\2r1qdddl.default\user.js [2016-03-02]
FF DefaultSearchEngine: Mozilla\Firefox\Profiles\2r1qdddl.default -> AVG Secure Search
FF Homepage: Mozilla\Firefox\Profiles\2r1qdddl.default ->
FF Extension: (AVG Web TuneUp) - C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\2r1qdddl.default\Extensions\avg@toolbar.xpi [2017-02-10]
FF Extension: (Firefox Hotfix) - C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\2r1qdddl.default\Extensions\firefox-hotfix@mozilla.org.xpi [2016-09-28]
FF Extension: (Proxmate) - C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\2r1qdddl.default\Extensions\jid1-QpHD8URtZWJC2A@jetpack.xpi [2016-04-16]
FF Extension: (Kotaku Fix: Fox Edition) - C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\2r1qdddl.default\Extensions\jid1-WWJ8C7EpwprnbA@jetpack.xpi [2016-04-27]
FF Extension: (YouTube Unblocker) - C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\2r1qdddl.default\Extensions\youtubeunblocker@unblocker.yt [2015-12-05]
FF Extension: (Video DownloadHelper) - C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\2r1qdddl.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2017-01-19]
FF Extension: (uTorrentBar ) - C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\2r1qdddl.default\Extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} [2016-03-06] [not signed]
FF Extension: (F5 Networks Host Plugin) - C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\2r1qdddl.default\Extensions\{DBBB3167-6E81-400f-BBFD-BD8921726F52} [2013-11-25] [not signed]
FF SearchPlugin: C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\2r1qdddl.default\searchplugins\bingp.xml [2013-11-11]
FF ProfilePath: C:\Users\Owner\AppData\Roaming\AVG\Quick ThreatScan\Profiles\yhb3ibgv.default [2013-05-20]
FF HKLM-x32\...\Firefox\Extensions: [{1C43BAF1-00C2-40A8-A09E-F84CFD79546D}] - C:\Program Files (x86)\Coupons.com CouponBar\firefox\{1C43BAF1-00C2-40A8-A09E-F84CFD79546D}\Coupons.com.xpi
FF Extension: (Coupons.com CouponBar) - C:\Program Files (x86)\Coupons.com CouponBar\firefox\{1C43BAF1-00C2-40A8-A09E-F84CFD79546D}\Coupons.com.xpi [2013-07-15] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: (Adobe Acrobat - Create PDF) - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2014-10-14] [not signed]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_25_0_0_127.dll [2017-03-20] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50905.0\npctrl.dll [2017-02-10] ( Microsoft Corporation)
FF Plugin: @microsoft.com/VirtualEarth3D,version=4.0 -> C:\Program Files (x86)\Virtual Earth 3D\ [] ()
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2016-10-25] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_25_0_0_127.dll [2017-03-20] ()
FF Plugin-x32: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\40.3.7\\npsitesafety.dll [No File]
FF Plugin-x32: @java.com/DTPlugin,version=11.121.2 -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\dtplugin\npDeployJava1.dll [2017-03-08] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.121.2 -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\plugin2\npjp2.dll [2017-03-08] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50905.0\npctrl.dll [2017-02-10] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2013-07-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/VirtualEarth3D,version=4.0 -> C:\Program Files (x86)\Virtual Earth 3D\ [] ()
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-09-23] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-11-14] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-11-14] (NVIDIA Corporation)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll [2014-09-04] (Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-12-23] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2016-10-25] (Adobe Systems)
FF Plugin HKU\S-1-5-21-1550112743-170410322-4251018227-1000: @citrixonline.com/appdetectorplugin -> C:\Users\Owner\AppData\Local\Citrix\Plugins\104\npappdetector.dll [2016-01-28] (Citrix Online)
FF Plugin HKU\S-1-5-21-1550112743-170410322-4251018227-1000: @talk.google.com/GoogleTalkPlugin -> C:\Users\Owner\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll [2015-12-08] (Google)
FF Plugin HKU\S-1-5-21-1550112743-170410322-4251018227-1000: @talk.google.com/O1DPlugin -> C:\Users\Owner\AppData\Roaming\Mozilla\plugins\npo1d.dll [2015-12-08] (Google)
FF Plugin HKU\S-1-5-21-1550112743-170410322-4251018227-1000: @tools.google.com/Google Update;version=3 -> C:\Users\Owner\AppData\Local\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.)
FF Plugin HKU\S-1-5-21-1550112743-170410322-4251018227-1000: @tools.google.com/Google Update;version=9 -> C:\Users\Owner\AppData\Local\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.)
FF Plugin HKU\S-1-5-21-1550112743-170410322-4251018227-1000: CouponNetwork.com/CMDUniversalCouponPrintActivator -> C:\Users\Owner\AppData\Roaming\CATALI~1\NPBCSK~1.DLL [2013-06-07] (Catalina Marketing Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\browser\plugins\npMozCouponPrinter.dll [2013-08-02] (Coupons, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\Owner\AppData\Roaming\mozilla\plugins\npgoogletalk.dll [2015-12-08] (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\Owner\AppData\Roaming\mozilla\plugins\npo1d.dll [2015-12-08] (Google)

Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> mysearch.avg.com/?rvt=1
CHR Session Restore: Default -> is enabled.
CHR Profile: C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default [2017-04-07]
CHR Extension: (Tumblr Timestamps) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\anllaofeeadeggfpiaicgkioibfbjepe [2016-11-16]
CHR Extension: (Google Drive) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-09-25]
CHR Extension: (RescueTime for Chrome™ & ChromeOS™) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\bdakmnplckeopfghnlpocafcepegjeap [2016-11-16]
CHR Extension: (Google Cast) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\boadgeojelhgndaghljhdicfkmllpafd [2017-04-07]
CHR Extension: (AVG Secure Search) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\chfdnecihphmhljaaejmgoiahnihplgn [2016-12-14]
CHR Extension: (Adobe Acrobat) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-03-04]
CHR Extension: (ZenMate VPN - Best Cyber Security & Unblock) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdcgdnkidjaadafnichfpabhfomcebme [2017-03-15]
CHR Extension: (Google Docs Offline) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-09-28]
CHR Extension: (Unlimited Free VPN - Hola) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkojfkhlekighikafcpjkiklfbnlmeio [2017-04-06]
CHR Extension: (Timer) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\hepmlgghomccjinhcnkkikjpgkjibglj [2016-11-16]
CHR Extension: (Kindle Cloud Reader) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\icdipabjmbhpdkjaihfjoikhjjeneebd [2014-08-08]
CHR Extension: (Cisco WebEx Extension) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlhmfgmfgeifomenelglieieghnjghma [2017-03-28]
CHR Extension: (StayFocusd) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\laankejkbhbdhmipfmgcngdelahlfoji [2016-11-16]
CHR Extension: (AVG SafePrice) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\mbckjcfnjmoiinpgddefodcighgikkgn [2016-12-15]
CHR Extension: (FreeConferenceCall.com Extension) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfhjonocnlnodflomblbjnjdpllkeljo [2017-02-14]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-03-09]
CHR Extension: (Chrome Media Router) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-04-02]
CHR Profile: C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Guest Profile [2015-04-13]
CHR Profile: C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Profile 1 [2015-11-12]
CHR Extension: (Google Slides) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-11-11]
CHR Extension: (Google Docs) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2015-11-11]
CHR Extension: (Google Drive) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-11-11]
CHR Extension: (YouTube) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-11-11]
CHR Extension: (Coupons.com Toolbar) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\cnpkmcjgpcihgfnkcjapiaabbbplkcmf [2015-11-12] [UpdateUrl: hxxps://cdn1.coupons.com/ftp.coupons.com/tbinstaller/chrome_update.xml] <==== ATTENTION
CHR Extension: (Google Search) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-11]
CHR Extension: (Google Sheets) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-11-11]
CHR Extension: (XKit) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\fpfgeeomkfdefkckijiabdbogjkdaecd [2015-11-11]
CHR Extension: (Google Docs Offline) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-11-11]
CHR Extension: (Skype Click to Call) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2015-11-11]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-11-11]
CHR Extension: (Gmail) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-11-11]
CHR Profile: C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Profile 2 [2016-10-17]
CHR Extension: (Google Slides) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-10-17]
CHR Extension: (Google Docs) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aohghmighlieiainnegkcijnfilokake [2016-10-17]
CHR Extension: (Google Drive) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-10-17]
CHR Extension: (YouTube) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-10-17]
CHR Extension: (AVG Secure Search) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\chfdnecihphmhljaaejmgoiahnihplgn [2016-10-17]
CHR Extension: (Coupons.com Toolbar) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\cnpkmcjgpcihgfnkcjapiaabbbplkcmf [2016-10-17] [UpdateUrl: hxxps://cdn1.coupons.com/ftp.coupons.com/tbinstaller/chrome_update.xml] <==== ATTENTION
CHR Extension: (Google Sheets) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-10-17]
CHR Extension: (Google Docs Offline) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-10-17]
CHR Extension: (Skype) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2016-10-17]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-10-17]
CHR Extension: (Amazon Assistant for Chrome) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pbjikboenpfhbbejgkoklgkhjpfogcam [2016-10-17]
CHR Extension: (Gmail) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-10-17]
CHR Extension: (Chrome Media Router) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-10-17]
CHR Profile: C:\Users\Owner\AppData\Local\Google\Chrome\User Data\System Profile [2016-10-17]
CHR Extension: (Google Slides) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-06-06]
CHR Extension: (Google Docs) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\aohghmighlieiainnegkcijnfilokake [2015-06-06]
CHR Extension: (Google Drive) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-06-06]
CHR Extension: (YouTube) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-06-06]
CHR Extension: (Google Search) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-06-06]
CHR Extension: (Google Sheets) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-06-06]
CHR Extension: (Gmail) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-06-06]
CHR HKU\S-1-5-21-1550112743-170410322-4251018227-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [chfdnecihphmhljaaejmgoiahnihplgn] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-1550112743-170410322-4251018227-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-1550112743-170410322-4251018227-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [mbckjcfnjmoiinpgddefodcighgikkgn] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [bejbohlohkkgompgecdcbbglkpjfjgdj] - C:\Users\Owner\AppData\Local\Temp\ccex.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [cnpkmcjgpcihgfnkcjapiaabbbplkcmf] - C:\Program Files (x86)\Coupons.com CouponBar\chrome\Coupons.com.crx [2013-07-15]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - hxxps://clients2.google.com/service/update2/crx
StartMenuInternet: Google Chrome - C:\Users\Owner\AppData\Local\Google\Chrome\Application\chrome.exe

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [744640 2016-10-25] (Adobe Systems Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2227312 2017-02-27] (Adobe Systems, Incorporated)
R2 Amazon Assistant Service; C:\Program Files (x86)\Amazon\Amazon Assistant\amazonAssistantService.exe [102064 2017-02-28] ()
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-09-22] (Apple Inc.)
R2 AVG Quick ThreatScan; C:\Program Files (x86)\AVG Quick ThreatScan\qtsscand.exe [1571352 2013-05-20] ()
S3 AvgAMPS; C:\Program Files (x86)\AVG\Av\avgamps.exe [1002552 2017-03-23] (AVG Technologies CZ, s.r.o.)
R2 AVGIDSAgent; C:\Program Files (x86)\AVG\Av\avgidsagenta.exe [5334432 2017-03-23] (AVG Technologies CZ, s.r.o.)
R2 avgsvc; C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe [1146128 2016-12-06] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\Av\avgwdsvca.exe [729048 2017-03-23] (AVG Technologies CZ, s.r.o.)
R3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [266240 2012-06-05] (Brother Industries, Ltd.) [File not signed]
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [3042032 2017-01-17] (Microsoft Corporation)
R2 ForceWare Intelligent Application Manager (IAM); C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe [626208 2009-08-10] ()
R2 KeyAccess; C:\Windows\keyacc32.exe [2151544 2014-08-10] (Sassafras Software Inc.)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.11.523\McCHSvc.exe [404376 2017-03-20] (McAfee, Inc.)
S3 MWLService; C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe [305520 2010-05-26] (Egis Technology Inc.)
R2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2804568 2010-06-01] (Symantec Corporation)
R2 nSvcIp; C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe [206880 2009-08-10] ()
R2 PanService; C:\Program Files (x86)\PANDORA.TV\PanService\PandoraService.exe [625304 2016-03-19] (Pandora.TV)
R2 PDFProFiltSrvPP; C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe [144672 2010-03-09] (Nuance Communications, Inc.)
R2 RichVideo; C:\Program Files (x86)\Cyberlink\Shared files\RichVideo.exe [244904 2010-02-24] () [File not signed]
R2 vToolbarUpdater40.3.7; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\40.3.7\ToolbarUpdater.exe [1354312 2017-03-12] (AVG Secure Search)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103712 2017-03-04] (Microsoft Corporation)
R2 WtuSystemSupport; C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe [981576 2017-03-12] ()

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S0 Avgboota; C:\WINDOWS\System32\DRIVERS\avgboota.sys [21632 2016-01-07] (AVG Technologies CZ, s.r.o.)
R1 Avgdiska; C:\WINDOWS\System32\DRIVERS\avgdiska.sys [163072 2016-05-13] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\WINDOWS\System32\DRIVERS\avgidsdrivera.sys [313088 2017-02-20] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\WINDOWS\System32\DRIVERS\avgidsha.sys [267008 2016-10-05] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\WINDOWS\System32\DRIVERS\avgldx64.sys [298240 2016-11-30] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\WINDOWS\System32\DRIVERS\avgloga.sys [360736 2016-02-16] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\WINDOWS\System32\DRIVERS\avgmfx64.sys [254208 2016-09-26] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\WINDOWS\System32\DRIVERS\avgrkx64.sys [52992 2016-06-01] (AVG Technologies CZ, s.r.o.)
R0 Avguniva; C:\WINDOWS\System32\DRIVERS\avguniva.sys [77056 2016-06-20] (AVG Technologies CZ, s.r.o.)
R1 Avgwfpa; C:\WINDOWS\system32\DRIVERS\avgwfpa.sys [313096 2016-08-04] (AVG Technologies CZ, s.r.o.)
S3 f5ipfw; C:\Windows\system32\drivers\urfltv64.sys [30952 2014-04-09] (F5 Networks, Inc.)
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R3 tapipvanish; C:\WINDOWS\System32\drivers\tapipvanish.sys [45552 2016-09-22] (The OpenVPN Project)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
U3 idsvc; no ImagePath
 
==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-04-07 18:42 - 2017-04-07 18:42 - 00000000 ____D C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2017-04-07 18:36 - 2017-04-07 18:40 - 00051679 _____ C:\Users\Owner\Downloads\FRST.txt
2017-04-07 18:35 - 2017-04-07 18:36 - 00000000 ____D C:\FRST
2017-04-07 18:33 - 2017-04-07 18:34 - 02424832 _____ (Farbar) C:\Users\Owner\Downloads\FRST64.exe
2017-04-02 10:57 - 2017-04-02 10:57 - 00000000 ____D C:\Users\Owner\Downloads\Black.Sails.S04E10.720p.WEBRip.X264-DEFLATE[rarbg]
2017-04-02 10:55 - 2017-04-02 10:56 - 00159030 _____ C:\Users\Owner\Downloads\Black.Sails.S04E10.720p.WEBRip.X264-DEFLATE[rartv]-[rarbg.to].torrent
2017-03-29 21:06 - 2017-04-07 18:20 - 00000000 ____D C:\Users\Owner\AppData\LocalLow\uTorrent
2017-03-29 13:05 - 2017-03-29 13:05 - 00000000 ____D C:\Users\Owner\Downloads\FiVe Day
2017-03-29 13:04 - 2017-03-29 13:04 - 00073663 _____ C:\Users\Owner\Downloads\Five (5) Day Demand Notice for Non-payment of Rent (3).pdf
2017-03-29 13:02 - 2017-03-29 13:02 - 00073663 _____ C:\Users\Owner\Documents\Five (5) Day Demand Notice for Non-payment of Rent.pdf
2017-03-29 13:01 - 2017-03-29 13:01 - 00073663 _____ C:\Users\Owner\Downloads\Five (5) Day Demand Notice for Non-payment of Rent.pdf
2017-03-29 13:01 - 2017-03-29 13:01 - 00073663 _____ C:\Users\Owner\Downloads\Five (5) Day Demand Notice for Non-payment of Rent (2).pdf
2017-03-29 13:01 - 2017-03-29 13:01 - 00073663 _____ C:\Users\Owner\Downloads\Five (5) Day Demand Notice for Non-payment of Rent (1).pdf
2017-03-27 21:21 - 2017-03-27 21:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
2017-03-24 18:19 - 2017-03-24 18:27 - 00000000 ____D C:\Users\Owner\Downloads\Black.Sails.S04E03.XXXI.1080p.AMZN.WEBRip.DD5.1.x264-NTb[rarbg]
2017-03-24 18:18 - 2017-03-24 18:19 - 00138063 _____ C:\Users\Owner\Downloads\Black.Sails.S04E03.XXXI.1080p.AMZN.WEBRip.DD5.1.x264-NTb[rartv]-[rarbg.to].torrent
2017-03-24 15:49 - 2017-03-24 15:50 - 00180713 _____ C:\Users\Owner\Downloads\Black.Sails.S04E03.1080p.WEBRip.X264-DEFLATE[rartv]-[rarbg.to].torrent
2017-03-21 19:57 - 2017-03-21 19:57 - 00005491 _____ C:\Users\Owner\Downloads\Black.Sails.S03E04.WEBRip.x264-FUM[ettv]-[rarbg.to].torrent
2017-03-21 19:47 - 2017-03-21 21:53 - 00000000 ____D C:\Users\Owner\Downloads\Black.Sails.S03E04.1080p.WEB-DL.DD5.1.H264-QUEENS[rarbg]
2017-03-21 19:44 - 2017-03-21 19:44 - 00083096 _____ C:\Users\Owner\Downloads\Black.Sails.S03E04.1080p.WEB-DL.DD5.1.H264-QUEENS[rartv]-[rarbg.to].torrent
2017-03-20 20:58 - 2017-03-20 20:58 - 00271247 _____ C:\Users\Owner\Downloads\multifandom light scenes (unbrokencolorings).psd
2017-03-20 20:56 - 2017-03-20 20:56 - 00315227 _____ C:\Users\Owner\Downloads\teen wolf coloring #6 (unbrokencolorings).psd
2017-03-15 22:30 - 2017-03-10 01:17 - 00835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2017-03-15 22:30 - 2017-03-10 01:17 - 00177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2017-03-15 19:25 - 2017-03-04 03:57 - 00484584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2017-03-15 19:25 - 2017-03-04 03:57 - 00315744 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2017-03-15 19:25 - 2017-03-04 03:40 - 00965472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgent.dll
2017-03-15 19:25 - 2017-03-04 03:24 - 00090976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\IPMIDrv.sys
2017-03-15 19:25 - 2017-03-04 03:09 - 02206496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2017-03-15 19:25 - 2017-03-04 03:09 - 01969912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hevcdecoder.dll
2017-03-15 19:25 - 2017-03-04 03:09 - 00497416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2017-03-15 19:25 - 2017-03-04 03:08 - 00130912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storahci.sys
2017-03-15 19:25 - 2017-03-04 03:07 - 00557400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2017-03-15 19:25 - 2017-03-04 03:02 - 00184416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IPHLPAPI.DLL
2017-03-15 19:25 - 2017-03-04 02:56 - 00248992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll
2017-03-15 19:25 - 2017-03-04 02:54 - 02277288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2017-03-15 19:25 - 2017-03-04 02:54 - 00524776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2017-03-15 19:25 - 2017-03-04 02:53 - 05722320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2017-03-15 19:25 - 2017-03-04 02:53 - 02256080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2017-03-15 19:25 - 2017-03-04 02:53 - 01431232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2017-03-15 19:25 - 2017-03-04 02:53 - 00975744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2017-03-15 19:25 - 2017-03-04 02:53 - 00861024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2017-03-15 19:25 - 2017-03-04 02:53 - 00781152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2017-03-15 19:25 - 2017-03-04 02:53 - 00493912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2017-03-15 19:25 - 2017-03-04 02:53 - 00313568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanapi.dll
2017-03-15 19:25 - 2017-03-04 02:53 - 00136032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostUser.dll
2017-03-15 19:25 - 2017-03-04 02:52 - 00549088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SHCore.dll
2017-03-15 19:25 - 2017-03-04 02:52 - 00272720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wintrust.dll
2017-03-15 19:25 - 2017-03-04 02:51 - 01980768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2017-03-15 19:25 - 2017-03-04 02:51 - 00576408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2017-03-15 19:25 - 2017-03-04 02:50 - 00846560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2017-03-15 19:25 - 2017-03-04 02:47 - 20969928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2017-03-15 19:25 - 2017-03-04 02:47 - 06667528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2017-03-15 19:25 - 2017-03-04 02:47 - 04023000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2017-03-15 19:25 - 2017-03-04 02:47 - 01853224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2017-03-15 19:25 - 2017-03-04 02:47 - 01557808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2017-03-15 19:25 - 2017-03-04 02:47 - 01360456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll
2017-03-15 19:25 - 2017-03-04 02:47 - 01344448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll
2017-03-15 19:25 - 2017-03-04 02:47 - 01277856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2017-03-15 19:25 - 2017-03-04 02:47 - 01202384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2017-03-15 19:25 - 2017-03-04 02:47 - 01123912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2017-03-15 19:25 - 2017-03-04 02:47 - 00981376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetcore.dll
2017-03-15 19:25 - 2017-03-04 02:47 - 00976184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfds.dll
2017-03-15 19:25 - 2017-03-04 02:47 - 00952416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2017-03-15 19:25 - 2017-03-04 02:47 - 00530480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll
2017-03-15 19:25 - 2017-03-04 02:47 - 00352760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MMDevAPI.dll
2017-03-15 19:25 - 2017-03-04 02:47 - 00034088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CompPkgSup.dll
2017-03-15 19:25 - 2017-03-04 02:46 - 04312248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2017-03-15 19:25 - 2017-03-04 02:46 - 00321792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppHost.exe
2017-03-15 19:25 - 2017-03-04 02:45 - 00173408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\basecsp.dll
2017-03-15 19:25 - 2017-03-04 02:45 - 00112120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gpapi.dll
2017-03-15 19:25 - 2017-03-04 02:42 - 01415240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2017-03-15 19:25 - 2017-03-04 02:42 - 01260784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2017-03-15 19:25 - 2017-03-04 02:42 - 00545944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2017-03-15 19:25 - 2017-03-04 02:40 - 00306800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.MediaControl.dll
2017-03-15 19:25 - 2017-03-04 02:36 - 05685760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2017-03-15 19:25 - 2017-03-04 02:30 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll
2017-03-15 19:25 - 2017-03-04 02:24 - 00328192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2017-03-15 19:25 - 2017-03-04 02:23 - 00291840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Search.ProtocolHandler.MAPI2.dll
2017-03-15 19:25 - 2017-03-04 02:22 - 00231424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudBackupSettings.dll
2017-03-15 19:25 - 2017-03-04 02:21 - 00670208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.PointOfService.dll
2017-03-15 19:25 - 2017-03-04 02:21 - 00575488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshwfp.dll
2017-03-15 19:25 - 2017-03-04 02:21 - 00483840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.AllJoyn.dll
2017-03-15 19:25 - 2017-03-04 02:21 - 00389632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2017-03-15 19:25 - 2017-03-04 02:20 - 13873664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2017-03-15 19:25 - 2017-03-04 02:20 - 00534528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PCPTpm12.dll
2017-03-15 19:25 - 2017-03-04 02:20 - 00426496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll
2017-03-15 19:25 - 2017-03-04 02:19 - 00498688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mbsmsapi.dll
2017-03-15 19:25 - 2017-03-04 02:19 - 00414208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2017-03-15 19:25 - 2017-03-04 02:19 - 00390656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProvDataModel.dll
2017-03-15 19:25 - 2017-03-04 02:19 - 00226816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore6.dll
2017-03-15 19:25 - 2017-03-04 02:18 - 00819200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppContracts.dll
2017-03-15 19:25 - 2017-03-04 02:17 - 00297472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2017-03-15 19:25 - 2017-03-04 02:16 - 01456640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2017-03-15 19:25 - 2017-03-04 02:16 - 00858112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EmailApis.dll
2017-03-15 19:25 - 2017-03-04 02:16 - 00762880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mprddm.dll
2017-03-15 19:25 - 2017-03-04 02:16 - 00711680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2017-03-15 19:25 - 2017-03-04 02:16 - 00636928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2017-03-15 19:25 - 2017-03-04 02:15 - 01543680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmc.exe
2017-03-15 19:25 - 2017-03-04 02:15 - 00509440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2017-03-15 19:25 - 2017-03-04 02:14 - 01534464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.3D.dll
2017-03-15 19:25 - 2017-03-04 02:13 - 07626752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2017-03-15 19:25 - 2017-03-04 02:13 - 04613120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2017-03-15 19:25 - 2017-03-04 02:13 - 01228288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usercpl.dll
2017-03-15 19:25 - 2017-03-04 02:13 - 00710144 _____ (Microsoft Corporation) C:
 
\WINDOWS\SysWOW64\AppointmentApis.dll
2017-03-15 19:25 - 2017-03-04 02:13 - 00675840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.dll
2017-03-15 19:25 - 2017-03-04 02:13 - 00653312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.AccountsControl.dll
2017-03-15 19:25 - 2017-03-04 02:13 - 00497152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LogonController.dll
2017-03-15 19:25 - 2017-03-04 02:12 - 00901120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Bluetooth.dll
2017-03-15 19:25 - 2017-03-04 02:12 - 00884224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2017-03-15 19:25 - 2017-03-04 02:12 - 00589312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Sensors.dll
2017-03-15 19:25 - 2017-03-04 02:11 - 01323008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_fs.dll
2017-03-15 19:25 - 2017-03-04 02:11 - 01320448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comsvcs.dll
2017-03-15 19:25 - 2017-03-04 02:11 - 01137152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_health.dll
2017-03-15 19:25 - 2017-03-04 02:11 - 00355328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RTMediaFrame.dll
2017-03-15 19:25 - 2017-03-04 02:10 - 03307008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2017-03-15 19:25 - 2017-03-04 02:10 - 01077760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Editing.dll
2017-03-15 19:25 - 2017-03-04 02:09 - 00795648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MiracastReceiver.dll
2017-03-15 19:25 - 2017-03-04 02:09 - 00570368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clusapi.dll
2017-03-15 19:25 - 2017-03-04 02:08 - 00713216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll
2017-03-15 19:25 - 2017-03-04 02:07 - 02748928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll
2017-03-15 19:25 - 2017-03-04 02:07 - 02643456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2017-03-15 19:25 - 2017-03-04 02:07 - 00895488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Streaming.dll
2017-03-15 19:25 - 2017-03-04 02:06 - 06109184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2017-03-15 19:25 - 2017-03-04 02:06 - 05380608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2017-03-15 19:25 - 2017-03-04 02:06 - 03198464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2017-03-15 19:25 - 2017-03-04 02:06 - 02153984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\storagewmi.dll
2017-03-15 19:25 - 2017-03-04 02:05 - 07468544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2017-03-15 19:25 - 2017-03-04 02:05 - 01221120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Audio.dll
2017-03-15 19:25 - 2017-03-04 02:05 - 00545792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uReFS.dll
2017-03-15 19:25 - 2017-03-04 02:05 - 00298496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\resutils.dll
2017-03-15 19:25 - 2017-03-04 02:04 - 00640000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCRecvSrc.dll
2017-03-15 19:25 - 2017-03-04 02:03 - 02363904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapRouter.dll
2017-03-15 19:25 - 2017-03-04 02:03 - 02109952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapGeocoder.dll
2017-03-15 19:25 - 2017-03-04 02:02 - 04423680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2017-03-15 19:25 - 2017-03-04 02:02 - 02740224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2017-03-15 19:25 - 2017-03-04 02:02 - 02484736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gameux.dll
2017-03-15 19:25 - 2017-03-04 02:02 - 02138112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2017-03-15 19:25 - 2017-03-04 02:02 - 01170944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll
2017-03-15 19:25 - 2017-03-04 02:02 - 01004544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Input.Inking.dll
2017-03-15 19:25 - 2017-03-04 02:01 - 02646528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertEnroll.dll
2017-03-15 19:25 - 2017-03-04 02:01 - 01993216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2017-03-15 19:25 - 2017-03-04 02:01 - 01988096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2017-03-15 19:25 - 2017-03-04 02:01 - 01656320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Perception.dll
2017-03-15 19:25 - 2017-03-04 02:01 - 01595904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2017-03-15 19:25 - 2017-03-04 02:01 - 01571840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2017-03-15 19:25 - 2017-03-04 02:01 - 01564160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\quartz.dll
2017-03-15 19:25 - 2017-03-04 02:01 - 01556992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2017-03-15 19:25 - 2017-03-04 02:01 - 01232384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Maps.dll
2017-03-15 19:25 - 2017-03-04 02:01 - 01013248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.Http.dll
2017-03-15 19:25 - 2017-03-04 02:01 - 00827904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2017-03-15 19:25 - 2017-03-04 02:01 - 00773120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2017-03-15 19:25 - 2017-03-04 02:01 - 00620544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2017-03-15 19:25 - 2017-03-04 02:01 - 00422400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.dll
2017-03-15 19:25 - 2017-03-04 02:00 - 04557824 _____ (Microsoft) C:\WINDOWS\SysWOW64\dbgeng.dll
2017-03-15 19:25 - 2017-03-04 02:00 - 02996736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2017-03-15 19:25 - 2017-03-04 02:00 - 02483200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2017-03-15 19:25 - 2017-03-04 02:00 - 02003968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2017-03-15 19:25 - 2017-03-04 02:00 - 01883648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2017-03-15 19:25 - 2017-03-04 02:00 - 01170944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Phone.dll
2017-03-15 19:25 - 2017-03-04 02:00 - 00862208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2017-03-15 19:25 - 2017-03-04 02:00 - 00798208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2017-03-15 19:25 - 2017-03-04 02:00 - 00751104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.BackgroundTransfer.dll
2017-03-15 19:25 - 2017-03-04 02:00 - 00711680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2017-03-15 19:25 - 2017-03-04 02:00 - 00691200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2017-03-15 19:25 - 2017-03-04 02:00 - 00654336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApiPublic.dll
2017-03-15 19:25 - 2017-03-04 01:59 - 00353280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TextInputFramework.dll
2017-03-15 19:25 - 2017-03-04 01:57 - 00449024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TpmCoreProvisioning.dll
2017-03-15 19:24 - 2017-03-04 03:04 - 02048496 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2017-03-15 19:24 - 2017-03-04 02:56 - 00263472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.ApplicationData.dll
2017-03-15 19:24 - 2017-03-04 02:47 - 00640976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\evr.dll
2017-03-15 19:24 - 2017-03-04 02:47 - 00374448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFPlay.dll
2017-03-15 19:24 - 2017-03-04 02:42 - 00276832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\input.dll
2017-03-15 19:24 - 2017-03-04 02:34 - 00258560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xboxgip.sys
2017-03-15 19:24 - 2017-03-04 02:30 - 00095232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll
2017-03-15 19:24 - 2017-03-04 02:30 - 00051712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usoapi.dll
2017-03-15 19:24 - 2017-03-04 02:30 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\odbcconf.dll
2017-03-15 19:24 - 2017-03-04 02:29 - 00112640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssitlb.dll
2017-03-15 19:24 - 2017-03-04 02:29 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctfp.dll
2017-03-15 19:24 - 2017-03-04 02:29 - 00039424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XInputUap.dll
2017-03-15 19:24 - 2017-03-04 02:28 - 00224256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExSMime.dll
2017-03-15 19:24 - 2017-03-04 02:27 - 00275968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\accountaccessor.dll
2017-03-15 19:24 - 2017-03-04 02:27 - 00141824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Radios.dll
2017-03-15 19:24 - 2017-03-04 02:27 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\findnetprinters.dll
2017-03-15 19:24 - 2017-03-04 02:27 - 00045056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ddrawex.dll
2017-03-15 19:24 - 2017-03-04 02:27 - 00020992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dplaysvr.exe
2017-03-15 19:24 - 2017-03-04 02:26 - 00177664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.Diagnostics.dll
2017-03-15 19:24 - 2017-03-04 02:26 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDeviceRegistration.dll
2017-03-15 19:24 - 2017-03-04 02:26 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BcastDVRHelper.dll
2017-03-15 19:24 - 2017-03-04 02:26 - 00138240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DisplayManager.dll
2017-03-15 19:24 - 2017-03-04 02:26 - 00123904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.HostName.dll
2017-03-15 19:24 - 2017-03-04 02:26 - 00065024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Gaming.UI.GameBar.dll
2017-03-15 19:24 - 2017-03-04 02:26 - 00038912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wfdprov.dll
2017-03-15 19:24 - 2017-03-04 02:26 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netiougc.exe
2017-03-15 19:24 - 2017-03-04 02:25 - 00255488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\unimdm.tsp
2017-03-15 19:24 - 2017-03-04 02:25 - 00251904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mscandui.dll
2017-03-15 19:24 - 2017-03-04 02:25 - 00175104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiapi.dll
2017-03-15 19:24 - 2017-03-04 02:25 - 00152064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCCSEngineShared.dll
2017-03-15 19:24 - 2017-03-04 02:25 - 00136192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinRtTracing.dll
2017-03-15 19:24 - 2017-03-04 02:25 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BrowserSettingSync.dll
2017-03-15 19:24 - 2017-03-04 02:25 - 00097792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.System.SystemManagement.dll
2017-03-15 19:24 - 2017-03-04 02:25 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tbauth.dll
2017-03-15 19:24 - 2017-03-04 02:24 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scksp.dll
2017-03-15 19:24 - 2017-03-04 02:24 - 00142336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.WiFi.dll
2017-03-15 19:24 - 2017-03-04 02:24 - 00129024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.SerialCommunication.dll
2017-03-15 19:24 - 2017-03-04 02:24 - 00093184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctfui.dll
2017-03-15 19:24 - 2017-03-04 02:24 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDeviceRegistration.Ngc.dll
2017-03-15 19:24 - 2017-03-04 02:24 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.ServiceDiscovery.Dnssd.dll
2017-03-15 19:24 - 2017-03-04 02:24 - 00022016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBrokerCookies.exe
2017-03-15 19:24 - 2017-03-04 02:23 - 00531456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iprtrmgr.dll
2017-03-15 19:24 - 2017-03-04 02:23 - 00506368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.exe
2017-03-15 19:24 - 2017-03-04 02:23 - 00392192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Gaming.Input.dll
2017-03-15 19:24 - 2017-03-04 02:23 - 00374784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.LowLevel.dll
2017-03-15 19:24 - 2017-03-04 02:23 - 00334848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DavSyncProvider.dll
2017-03-15 19:24 - 2017-03-04 02:23 - 00315904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Gaming.XboxLive.Storage.dll
2017-03-15 19:24 - 2017-03-04 02:23 - 00299520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataAccountApis.dll
2017-03-15 19:24 - 2017-03-04 02:23 - 00231936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.LockScreen.dll
2017-03-15 19:24 - 2017-03-04 02:23 - 00184320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserMgrProxy.dll
2017-03-15 19:24 - 2017-03-04 02:23 - 00172032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netiohlp.dll
2017-03-15 19:24 - 2017-03-04 02:22 - 01299968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVPXENC.dll
2017-03-15 19:24 - 2017-03-04 02:22 - 00332288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
2017-03-15 19:24 - 2017-03-04 02:22 - 00265728 _____ C:\WINDOWS\SysWOW64\Windows.Perception.Stub.dll
2017-03-15 19:24 - 2017-03-04 02:22 - 00237568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncSettings.dll
2017-03-15 19:24 - 2017-03-04 02:22 - 00230912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\icm32.dll
2017-03-15 19:24 - 2017-03-04 02:22 - 00212992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cemapi.dll
2017-03-15 19:24 - 2017-03-04 02:22 - 00183296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFilterHost.exe
2017-03-15 19:24 - 2017-03-04 02:22 - 00117760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AuthBroker.dll
2017-03-15 19:24 - 2017-03-04 02:22 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DafPrintProvider.dll
2017-03-15 19:24 - 2017-03-04 02:21 - 01243136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.FaceAnalysis.dll
2017-03-15 19:24 - 2017-03-04 02:21 - 00631296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\main.cpl
2017-03-15 19:24 - 2017-03-04 02:21 - 00609280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Import.dll
2017-03-15 19:24 - 2017-03-04 02:21 - 00298496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2017-03-15 19:24 - 2017-03-04 02:21 - 00202752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.HumanInterfaceDevice.dll
2017-03-15 19:24 - 2017-03-04 02:21 - 00196608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tapi32.dll
2017-03-15 19:24 - 2017-03-04 02:21 - 00185856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Identity.Provider.dll
2017-03-15 19:24 - 2017-03-04 02:20 - 00632832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sud.dll
2017-03-15 19:24 - 2017-03-04 02:20 - 00562176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.SmartCards.dll
2017-03-15 19:24 - 2017-03-04 02:20 - 00506880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DevicePairing.dll
2017-03-15 19:24 - 2017-03-04 02:20 - 00426496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Wallet.dll
2017-03-15 19:24 - 2017-03-04 02:20 - 00424960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msutb.dll
2017-03-15 19:24 - 2017-03-04 02:20 - 00386048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.WiFiDirect.dll
2017-03-15 19:24 - 2017-03-04 02:20 - 00368128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanui.dll
2017-03-15 19:24 - 2017-03-04 02:20 - 00325120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleacc.dll
2017-03-15 19:24 - 2017-03-04 02:20 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepsync.dll
2017-03-15 19:24 - 2017-03-04 02:20 - 00271360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\deviceaccess.dll
2017-03-15 19:24 - 2017-03-04 02:20 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WwaApi.dll
2017-03-15 19:24 - 2017-03-04 02:20 - 00206336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vaultcli.dll
2017-03-15 19:24 - 2017-03-04 02:20 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Scanners.dll
2017-03-15 19:24 - 2017-03-04 02:20 - 00125952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepapi.dll
2017-03-15 19:24 - 2017-03-04 02:19 - 00714752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssvp.dll
2017-03-15 19:24 - 2017-03-04 02:19 - 00431616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\efswrt.dll
2017-03-15 19:24 - 2017-03-04 02:19 - 00318464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFolder.dll
2017-03-15 19:24 - 2017-03-04 02:19 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Picker.dll
2017-03-15 19:24 - 2017-03-04 02:19 - 00181760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tcpipcfg.dll
2017-03-15 19:24 - 2017-03-04 02:18 - 01231360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wcnwiz.dll
2017-03-15 19:24 - 2017-03-04 02:18 - 00896512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontext.dll
2017-03-15 19:24 - 2017-03-04 02:18 - 00747520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Ocr.dll
2017-03-15 19:24 - 2017-03-04 02:18 - 00567808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ChatApis.dll
2017-03-15 19:24 - 2017-03-04 02:18 - 00525824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintDialogs.dll
2017-03-15 19:24 - 2017-03-04 02:18 - 00314368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Usb.dll
2017-03-15 19:24 - 2017-03-04 02:18 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.dll
2017-03-15 19:24 - 2017-03-04 02:18 - 00254464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssphtb.dll
2017-03-15 19:24 - 2017-03-04 02:18 - 00253952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2017-03-15 19:24 - 2017-03-04 02:18 - 00140800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssph.dll
2017-03-15 19:24 - 2017-03-04 02:18 - 00074752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
2017-03-15 19:24 - 2017-03-04 02:17 - 00529920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StructuredQuery.dll
2017-03-15 19:24 - 2017-03-04 02:17 - 00238080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AboveLockAppHost.dll
2017-03-15 19:24 - 2017-03-04 02:16 - 00968704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll
2017-03-15 19:24 - 2017-03-04 02:16 - 00850432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasgcw.dll
2017-03-15 19:24 - 2017-03-04 02:16 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2017-03-15 19:24 - 2017-03-04 02:16 - 00526336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mscms.dll
2017-03-15 19:24 - 2017-03-04 02:16 - 00500224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.dll
2017-03-15 19:24 - 2017-03-04 02:16 - 00465920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppBroker.dll
2017-03-15 19:24 - 2017-03-04 02:16 - 00368128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiobj.dll
2017-03-15 19:24 - 2017-03-04 02:16 - 00288256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CryptoWinRT.dll
2017-03-15 19:24 - 2017-03-04 02:15 - 00336384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\azroleui.dll
2017-03-15 19:24 - 2017-03-04 02:15 - 00313856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2017-03-15 19:24 - 2017-03-04 02:14 - 00236032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmWmiPl.dll
2017-03-15 19:24 - 2017-03-04 02:13 - 06474752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspaint.exe
2017-03-15 19:24 - 2017-03-04 02:13 - 03733504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll
2017-03-15 19:24 - 2017-03-04 02:13 - 02458112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\themecpl.dll
2017-03-15 19:24 - 2017-03-04 02:13 - 00256512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\thumbcache.dll
2017-03-15 19:24 - 2017-03-04 02:12 - 00886272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2017-03-15 19:24 - 2017-03-04 02:12 - 00700416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.Search.dll
2017-03-15 19:24 - 2017-03-04 02:12 - 00395264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmenrollengine.dll
2017-03-15 19:24 - 2017-03-04 02:11 - 01357312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSPhotography.dll
2017-03-15 19:24 - 2017-03-04 02:10 - 00471552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.BackgroundMediaPlayback.dll
2017-03-15 19:24 - 2017-03-04 02:10 - 00300544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\regedit.exe
2017-03-15 19:24 - 2017-03-04 02:10 - 00259584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdtcuiu.dll
2017-03-15 19:24 - 2017-03-04 02:09 - 00343040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToDevice.dll
2017-03-15 19:24 - 2017-03-04 02:09 - 00123904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ProximityCommon.dll
2017-03-15 19:24 - 2017-03-04 02:07 - 01255936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2017-03-15 19:24 - 2017-03-04 02:07 - 00545280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmkvsrcsnk.dll
2017-03-15 19:24 - 2017-03-04 02:06 - 00220672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToReceiver.dll
2017-03-15 19:24 - 2017-03-04 02:06 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2017-03-15 19:24 - 2017-03-04 02:05 - 01133568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vssapi.dll
2017-03-15 19:24 - 2017-03-04 02:05 - 00458752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidprov.dll
2017-03-15 19:24 - 2017-03-04 02:05 - 00134144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ErrorDetails.dll
2017-03-15 19:24 - 2017-03-04 02:05 - 00089600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CameraCaptureUI.dll
2017-03-15 19:24 - 2017-03-04 02:04 - 00753152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imapi2fs.dll
2017-03-15 19:24 - 2017-03-04 02:04 - 00719872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_sr.dll
2017-03-15 19:24 - 2017-03-04 02:03 - 01247232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Globalization.dll
2017-03-15 19:24 - 2017-03-04 02:03 - 00409600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVSENCD.DLL
2017-03-15 19:24 - 2017-03-04 02:03 - 00400384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToManager.dll
2017-03-15 19:24 - 2017-03-04 02:03 - 00359936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mtxclu.dll
2017-03-15 19:24 - 2017-03-04 02:02 - 01709056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActiveSyncProvider.dll
2017-03-15 19:24 - 2017-03-04 02:02 - 01155072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVP9DEC.dll
2017-03-15 19:24 - 2017-03-04 02:01 - 02682880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netshell.dll
2017-03-15 19:24 - 2017-03-04 02:01 - 01293312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPDMC.exe
2017-03-15 19:24 - 2017-03-04 02:01 - 01154560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Pimstore.dll
2017-03-15 19:24 - 2017-03-04 02:01 - 00566784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ShareHost.dll
2017-03-15 19:24 - 2017-03-04 02:01 - 00560640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserLanguagesCpl.dll
2017-03-15 19:24 - 2017-03-04 02:00 - 00850944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContactApis.dll
2017-03-15 19:24 - 2017-03-04 02:00 - 00598528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.dll
2017-03-15 19:24 - 2017-03-04 02:00 - 00444416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSync.dll
2017-03-15 19:24 - 2017-03-04 02:00 - 00348160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Midi.dll
2017-03-15 19:24 - 2017-03-04 01:59 - 00206848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll
2017-03-15 19:24 - 2017-03-04 01:57 - 03106304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstsc.exe
2017-03-15 19:24 - 2017-03-04 01:57 - 00783360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TSWorkspace.dll
2017-03-15 19:24 - 2017-03-04 01:57 - 00299008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RADCUI.dll
2017-03-15 19:23 - 2017-03-04 03:19 - 02049480 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpmde.dll
2017-03-15 19:23 - 2017-03-04 03:09 - 00857440 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2017-03-15 19:23 - 2017-03-04 03:09 - 00527808 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWanAPI.dll
2017-03-15 19:23 - 2017-03-04 03:04 - 01362512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmpmde.dll
2017-03-15 19:23 - 2017-03-04 02:36 - 00126976 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssitlb.dll
2017-03-15 19:23 - 2017-03-04 02:34 - 00237568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Diagnostics.dll
2017-03-15 19:23 - 2017-03-04 02:34 - 00123904 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2017-03-15 19:23 - 2017-03-04 02:33 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Gaming.UI.GameBar.dll
2017-03-15 19:23 - 2017-03-04 02:32 - 00193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinRtTracing.dll
2017-03-15 19:23 - 2017-03-04 02:31 - 00467968 _____ (Microsoft Corporation) C:
 
\WINDOWS\system32\Windows.Gaming.XboxLive.Storage.dll
2017-03-15 19:23 - 2017-03-04 02:31 - 00149504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Core.dll
2017-03-15 19:23 - 2017-03-04 02:30 - 00206336 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFilterHost.exe
2017-03-15 19:23 - 2017-03-04 02:30 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe
2017-03-15 19:23 - 2017-03-04 02:29 - 00730112 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll
2017-03-15 19:23 - 2017-03-04 02:29 - 00126464 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblGameSaveExt.dll
2017-03-15 19:23 - 2017-03-04 02:29 - 00019968 _____ C:\WINDOWS\SysWOW64\GamePanelExternalHook.dll
2017-03-15 19:23 - 2017-03-04 02:28 - 01507840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.FaceAnalysis.dll
2017-03-15 19:23 - 2017-03-04 02:28 - 00390144 _____ (Microsoft Corporation) C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll
2017-03-15 19:23 - 2017-03-04 02:27 - 06574592 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanmm.dll
2017-03-15 19:23 - 2017-03-04 02:27 - 00778752 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
2017-03-15 19:23 - 2017-03-04 02:27 - 00549376 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2017-03-15 19:23 - 2017-03-04 02:27 - 00358912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.dll
2017-03-15 19:23 - 2017-03-04 02:27 - 00349184 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2017-03-15 19:23 - 2017-03-04 02:26 - 00561664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Wallet.dll
2017-03-15 19:23 - 2017-03-04 02:26 - 00468992 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanconn.dll
2017-03-15 19:23 - 2017-03-04 02:26 - 00409600 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanui.dll
2017-03-15 19:23 - 2017-03-04 02:26 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VCardParser.dll
2017-03-15 19:23 - 2017-03-04 02:26 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Shell.Search.UriHandler.dll
2017-03-15 19:23 - 2017-03-04 02:25 - 01388544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Cred.dll
2017-03-15 19:23 - 2017-03-04 02:25 - 00245760 _____ (Microsoft Corporation) C:\WINDOWS\system32\WwaApi.dll
2017-03-15 19:23 - 2017-03-04 02:25 - 00168448 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
2017-03-15 19:23 - 2017-03-04 02:25 - 00057344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WPDShServiceObj.dll
2017-03-15 19:23 - 2017-03-04 02:24 - 01293312 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcnwiz.dll
2017-03-15 19:23 - 2017-03-04 02:23 - 00963584 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebcamUi.dll
2017-03-15 19:23 - 2017-03-04 02:22 - 00254464 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssphtb.dll
2017-03-15 19:23 - 2017-03-04 02:18 - 00548352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ddraw.dll
2017-03-15 19:23 - 2017-03-04 02:16 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WebcamUi.dll
2017-03-15 19:23 - 2017-03-04 02:16 - 00816640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NaturalLanguage6.dll
2017-03-15 19:23 - 2017-03-04 02:16 - 00760832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appwiz.cpl
2017-03-15 19:23 - 2017-03-04 02:12 - 04596224 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsrchvw.exe
2017-03-15 19:23 - 2017-03-04 02:10 - 01555456 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPDMC.exe
2017-03-15 19:23 - 2017-03-04 02:10 - 01282048 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2017-03-15 19:23 - 2017-03-04 02:10 - 00816640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2017-03-15 19:23 - 2017-03-04 02:08 - 03405312 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2017-03-15 19:23 - 2017-03-04 02:08 - 02424320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Perception.dll
2017-03-15 19:23 - 2017-03-04 02:08 - 01266176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Input.Inking.dll
2017-03-15 19:23 - 2017-03-04 02:07 - 00903680 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2017-03-15 19:23 - 2017-03-04 02:07 - 00391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2017-03-15 19:23 - 2017-03-04 02:06 - 02538496 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2017-03-15 19:23 - 2017-03-04 02:06 - 01424896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Maps.dll
2017-03-15 19:23 - 2017-03-04 02:06 - 01369088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Phone.dll
2017-03-15 19:23 - 2017-03-04 02:05 - 03520512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsrchvw.exe
2017-03-15 19:23 - 2017-03-04 02:02 - 00580608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hgcpl.dll
2017-03-15 19:23 - 2017-03-04 01:36 - 00483840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2017-03-15 19:23 - 2017-02-21 22:17 - 00448285 _____ C:\WINDOWS\system32\ApnDatabase.xml
2017-03-15 19:22 - 2017-03-04 03:26 - 00794416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
2017-03-15 19:22 - 2017-03-04 03:24 - 02482280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2017-03-15 19:22 - 2017-03-04 03:24 - 02186896 _____ (Microsoft Corporation) C:\WINDOWS\system32\hevcdecoder.dll
2017-03-15 19:22 - 2017-03-04 03:24 - 00108384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2017-03-15 19:22 - 2017-03-04 03:23 - 02512304 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVDECOD.DLL
2017-03-15 19:22 - 2017-03-04 03:22 - 02213760 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2017-03-15 19:22 - 2017-03-04 03:18 - 01181024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2017-03-15 19:22 - 2017-03-04 03:18 - 00118624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tdx.sys
2017-03-15 19:22 - 2017-03-04 03:17 - 00409952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2017-03-15 19:22 - 2017-03-04 03:15 - 01000280 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2017-03-15 19:22 - 2017-03-04 03:10 - 00360040 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2017-03-15 19:22 - 2017-03-04 03:09 - 07220696 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2017-03-15 19:22 - 2017-03-04 03:09 - 01860288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2017-03-15 19:22 - 2017-03-04 03:09 - 01293152 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2017-03-15 19:22 - 2017-03-04 03:09 - 00396168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanapi.dll
2017-03-15 19:22 - 2017-03-04 03:06 - 01706488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2017-03-15 19:22 - 2017-03-04 03:04 - 08169536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2017-03-15 19:22 - 2017-03-04 03:04 - 01063472 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll
2017-03-15 19:22 - 2017-03-04 03:03 - 22223968 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2017-03-15 19:22 - 2017-03-04 03:03 - 04260576 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2017-03-15 19:22 - 2017-03-04 03:03 - 01989072 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2017-03-15 19:22 - 2017-03-04 03:03 - 01848072 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
2017-03-15 19:22 - 2017-03-04 03:03 - 01723560 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcMon.exe
2017-03-15 19:22 - 2017-03-04 03:03 - 01702392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2017-03-15 19:22 - 2017-03-04 03:03 - 01473048 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2017-03-15 19:22 - 2017-03-04 03:03 - 01454512 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetsrc.dll
2017-03-15 19:22 - 2017-03-04 03:03 - 01301112 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2017-03-15 19:22 - 2017-03-04 03:03 - 01071736 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll
2017-03-15 19:22 - 2017-03-04 03:03 - 01062480 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2017-03-15 19:22 - 2017-03-04 03:03 - 00811416 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFCaptureEngine.dll
2017-03-15 19:22 - 2017-03-04 03:03 - 00596040 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2017-03-15 19:22 - 2017-03-04 03:03 - 00443232 _____ (Microsoft Corporation) C:\WINDOWS\system32\MMDevAPI.dll
2017-03-15 19:22 - 2017-03-04 03:03 - 00382272 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppHost.exe
2017-03-15 19:22 - 2017-03-04 03:01 - 00137936 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuthHost.exe
2017-03-15 19:22 - 2017-03-04 02:57 - 02536288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2017-03-15 19:22 - 2017-03-04 02:57 - 00387872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpps.dll
2017-03-15 19:22 - 2017-03-04 02:39 - 00372736 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXTaskFactory.dll
2017-03-15 19:22 - 2017-03-04 02:36 - 00119296 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
2017-03-15 19:22 - 2017-03-04 02:36 - 00073728 _____ (Microsoft Corporation) C:\WINDOWS\system32\usoapi.dll
2017-03-15 19:22 - 2017-03-04 02:35 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll
2017-03-15 19:22 - 2017-03-04 02:34 - 00226304 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2017-03-15 19:22 - 2017-03-04 02:34 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2017-03-15 19:22 - 2017-03-04 02:32 - 00179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCCSEngineShared.dll
2017-03-15 19:22 - 2017-03-04 02:30 - 00535552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys
2017-03-15 19:22 - 2017-03-04 02:30 - 00418304 _____ C:\WINDOWS\system32\Windows.Perception.Stub.dll
2017-03-15 19:22 - 2017-03-04 02:29 - 00203264 _____ (Microsoft Corporation) C:\WINDOWS\system32\PimIndexMaintenance.dll
2017-03-15 19:22 - 2017-03-04 02:29 - 00082944 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshost.dll
2017-03-15 19:22 - 2017-03-04 02:28 - 00741888 _____ (Microsoft Corporation) C:\WINDOWS\system32\internetmail.dll
2017-03-15 19:22 - 2017-03-04 02:28 - 00462848 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll
2017-03-15 19:22 - 2017-03-04 02:27 - 00719872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys
2017-03-15 19:22 - 2017-03-04 02:27 - 00590336 _____ (Microsoft Corporation) C:\WINDOWS\system32\efswrt.dll
2017-03-15 19:22 - 2017-03-04 02:27 - 00292864 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2017-03-15 19:22 - 2017-03-04 02:26 - 00631296 _____ (Microsoft Corporation) C:\WINDOWS\system32\WlanMediaManager.dll
2017-03-15 19:22 - 2017-03-04 02:26 - 00366080 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFolder.dll
2017-03-15 19:22 - 2017-03-04 02:25 - 00748544 _____ (Microsoft Corporation) C:\WINDOWS\system32\ChatApis.dll
2017-03-15 19:22 - 2017-03-04 02:25 - 00579584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.UX.EapRequestHandler.dll
2017-03-15 19:22 - 2017-03-04 02:25 - 00548864 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2017-03-15 19:22 - 2017-03-04 02:24 - 00671744 _____ (Microsoft Corporation) C:\WINDOWS\system32\mbsmsapi.dll
2017-03-15 19:22 - 2017-03-04 02:23 - 01145856 _____ (Microsoft Corporation) C:\WINDOWS\system32\EmailApis.dll
2017-03-15 19:22 - 2017-03-04 02:23 - 00945152 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasgcw.dll
2017-03-15 19:22 - 2017-03-04 02:23 - 00526336 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2017-03-15 19:22 - 2017-03-04 02:23 - 00330752 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnrSvc.dll
2017-03-15 19:22 - 2017-03-04 02:21 - 06285824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2017-03-15 19:22 - 2017-03-04 02:21 - 01937920 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmc.exe
2017-03-15 19:22 - 2017-03-04 02:20 - 00611328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.dll
2017-03-15 19:22 - 2017-03-04 02:19 - 03777536 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2017-03-15 19:22 - 2017-03-04 02:19 - 01403392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Editing.dll
2017-03-15 19:22 - 2017-03-04 02:19 - 00458752 _____ (Microsoft Corporation) C:\WINDOWS\system32\RTMediaFrame.dll
2017-03-15 19:22 - 2017-03-04 02:19 - 00410112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2017-03-15 19:22 - 2017-03-04 02:18 - 01762816 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSPhotography.dll
2017-03-15 19:22 - 2017-03-04 02:17 - 07812096 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2017-03-15 19:22 - 2017-03-04 02:17 - 00864256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll
2017-03-15 19:22 - 2017-03-04 02:16 - 13441536 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2017-03-15 19:22 - 2017-03-04 02:16 - 01908224 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2017-03-15 19:22 - 2017-03-04 02:16 - 00626688 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpaceControl.dll
2017-03-15 19:22 - 2017-03-04 02:15 - 01078784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll
2017-03-15 19:22 - 2017-03-04 02:13 - 01366016 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2017-03-15 19:22 - 2017-03-04 02:13 - 01217024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Audio.dll
2017-03-15 19:22 - 2017-03-04 02:13 - 00858112 _____ (Microsoft Corporation) C:\WINDOWS\system32\mprddm.dll
2017-03-15 19:22 - 2017-03-04 02:12 - 07654912 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2017-03-15 19:22 - 2017-03-04 02:12 - 00805888 _____ (Microsoft Corporation) C:\WINDOWS\system32\FrameServer.dll
2017-03-15 19:22 - 2017-03-04 02:11 - 03441664 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapRouter.dll
2017-03-15 19:22 - 2017-03-04 02:11 - 02953216 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapGeocoder.dll
2017-03-15 19:22 - 2017-03-04 02:10 - 02852864 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2017-03-15 19:22 - 2017-03-04 02:10 - 01536000 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpeechPal.dll
2017-03-15 19:22 - 2017-03-04 02:10 - 01399296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Pimstore.dll
2017-03-15 19:22 - 2017-03-04 02:10 - 01033216 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2017-03-15 19:22 - 2017-03-04 02:10 - 00579072 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppBroker.dll
2017-03-15 19:22 - 2017-03-04 02:09 - 01359360 _____ (Microsoft Corporation) C:\WINDOWS\system32\usercpl.dll
2017-03-15 19:22 - 2017-03-04 02:09 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApiPublic.dll
2017-03-15 19:22 - 2017-03-04 02:09 - 00771072 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppointmentApis.dll
2017-03-15 19:22 - 2017-03-04 02:09 - 00765440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Sensors.dll
2017-03-15 19:22 - 2017-03-04 02:08 - 12349952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2017-03-15 19:22 - 2017-03-04 02:08 - 08076288 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2017-03-15 19:22 - 2017-03-04 02:08 - 01981440 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2017-03-15 19:22 - 2017-03-04 02:08 - 00834048 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2017-03-15 19:22 - 2017-03-04 02:08 - 00792576 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe
2017-03-15 19:22 - 2017-03-04 02:07 - 02370048 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2017-03-15 19:22 - 2017-03-04 02:07 - 01792512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wpc.dll
2017-03-15 19:22 - 2017-03-04 02:07 - 01512448 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataService.dll
2017-03-15 19:22 - 2017-03-04 02:06 - 02820096 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2017-03-15 19:22 - 2017-03-04 02:06 - 01131008 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2017-03-15 19:22 - 2017-03-04 02:06 - 01013760 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContactApis.dll
2017-03-15 19:22 - 2017-03-04 02:06 - 00842240 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntshrui.dll
2017-03-15 19:22 - 2017-03-04 02:04 - 01826816 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2017-03-15 19:22 - 2017-03-04 02:04 - 00998912 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll
2017-03-15 19:22 - 2017-03-04 02:04 - 00531456 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmCoreProvisioning.dll
2017-03-15 19:22 - 2017-03-04 02:04 - 00433152 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll
2017-03-15 19:22 - 2017-03-04 02:04 - 00340992 _____ (Microsoft Corporation) C:\WINDOWS\system32\RADCUI.dll
2017-03-15 19:22 - 2017-03-04 02:01 - 01493504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wpc.dll
2017-03-15 19:21 - 2017-03-04 02:36 - 22565376 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2017-03-15 19:21 - 2017-03-04 02:36 - 00101888 _____ (Microsoft Corporation) C:\WINDOWS\system32\DuCsps.dll
2017-03-15 19:21 - 2017-03-04 02:35 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\odbcconf.dll
2017-03-15 19:21 - 2017-03-04 02:34 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\system32\wfdprov.dll
2017-03-15 19:21 - 2017-03-04 02:33 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\unimdm.tsp
2017-03-15 19:21 - 2017-03-04 02:33 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\netiougc.exe
2017-03-15 19:21 - 2017-03-04 02:32 - 00263680 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExSMime.dll
2017-03-15 19:21 - 2017-03-04 02:32 - 00113664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.ServiceDiscovery.Dnssd.dll
2017-03-15 19:21 - 2017-03-04 02:31 - 00322048 _____ (Microsoft Corporation) C:\WINDOWS\system32\accountaccessor.dll
2017-03-15 19:21 - 2017-03-04 02:31 - 00187904 _____ (Microsoft Corporation) C:\WINDOWS\system32\VCardParser.dll
2017-03-15 19:21 - 2017-03-04 02:30 - 00127488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Credentials.UI.UserConsentVerifier.dll
2017-03-15 19:21 - 2017-03-04 02:30 - 00120320 _____ (Microsoft Corporation) C:\WINDOWS\system32\DafPrintProvider.dll
2017-03-15 19:21 - 2017-03-04 02:30 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpipreg.sys
2017-03-15 19:21 - 2017-03-04 02:29 - 01291264 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVPXENC.dll
2017-03-15 19:21 - 2017-03-04 02:29 - 00249856 _____ (Microsoft Corporation) C:\WINDOWS\system32\cemapi.dll
2017-03-15 19:21 - 2017-03-04 02:29 - 00235008 _____ (Microsoft Corporation) C:\WINDOWS\system32\tapi32.dll
2017-03-15 19:21 - 2017-03-04 02:28 - 00556544 _____ (Microsoft Corporation) C:\WINDOWS\system32\iprtrmgr.dll
2017-03-15 19:21 - 2017-03-04 02:28 - 00216576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Scanners.dll
2017-03-15 19:21 - 2017-03-04 02:27 - 00456192 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll
2017-03-15 19:21 - 2017-03-04 02:27 - 00446976 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2017-03-15 19:21 - 2017-03-04 02:27 - 00252416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Identity.Provider.dll
2017-03-15 19:21 - 2017-03-04 02:27 - 00200192 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiapi.dll
2017-03-15 19:21 - 2017-03-04 02:26 - 00383488 _____ (Microsoft Corporation) C:\WINDOWS\system32\DavSyncProvider.dll
2017-03-15 19:21 - 2017-03-04 02:26 - 00307200 _____ (Microsoft Corporation) C:\WINDOWS\system32\PrintDialogs3D.dll
2017-03-15 19:21 - 2017-03-04 02:25 - 00320000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2017-03-15 19:21 - 2017-03-04 02:25 - 00284160 _____ (Microsoft Corporation) C:\WINDOWS\system32\AboveLockAppHost.dll
2017-03-15 19:21 - 2017-03-04 02:23 - 01184256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll
2017-03-15 19:21 - 2017-03-04 02:23 - 00820224 _____ (Microsoft Corporation) C:\WINDOWS\system32\PrintRenderAPIHost.DLL
2017-03-15 19:21 - 2017-03-04 02:23 - 00583680 _____ (Microsoft Corporation) C:\WINDOWS\system32\PrintDialogs.dll
2017-03-15 19:21 - 2017-03-04 02:21 - 00809984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.Search.dll
2017-03-15 19:21 - 2017-03-04 02:20 - 01414656 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqqm.dll
2017-03-15 19:21 - 2017-03-04 02:19 - 23676416 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2017-03-15 19:21 - 2017-03-04 02:18 - 17198592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2017-03-15 19:21 - 2017-03-04 02:18 - 01189376 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdengin2.dll
2017-03-15 19:21 - 2017-03-04 02:18 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\system32\RelPost.exe
2017-03-15 19:21 - 2017-03-04 02:16 - 00870400 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmkvsrcsnk.dll
2017-03-15 19:21 - 2017-03-04 02:16 - 00100864 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpninprc.dll
2017-03-15 19:21 - 2017-03-04 02:13 - 00125952 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdshext.dll
2017-03-15 19:21 - 2017-03-04 02:12 - 00947712 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVP9DEC.dll
2017-03-15 19:21 - 2017-03-04 02:11 - 01891328 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnidui.dll
2017-03-15 19:21 - 2017-03-04 02:10 - 01917440 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncProvider.dll
2017-03-15 19:21 - 2017-03-04 02:08 - 02800128 _____ (Microsoft Corporation) C:\WINDOWS\system32\netshell.dll
2017-03-15 19:20 - 2017-03-04 03:24 - 00646688 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2017-03-15 19:20 - 2017-03-04 03:22 - 07786336 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2017-03-15 19:20 - 2017-03-04 03:15 - 00063328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dam.sys
2017-03-15 19:20 - 2017-03-04 03:10 - 02828384 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2017-03-15 19:20 - 2017-03-04 03:10 - 02189664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2017-03-15 19:20 - 2017-03-04 03:09 - 02750384 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2017-03-15 19:20 - 2017-03-04 03:09 - 01157000 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2017-03-15 19:20 - 2017-03-04 03:09 - 00681312 _____ (Microsoft Corporation) C:\WINDOWS\system32\SHCore.dll
 
2017-03-15 19:20 - 2017-03-04 03:09 - 00658784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2017-03-15 19:20 - 2017-03-04 03:09 - 00635864 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2017-03-15 19:20 - 2017-03-04 03:08 - 00450400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2017-03-15 19:20 - 2017-03-04 03:08 - 00223584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2017-03-15 19:20 - 2017-03-04 03:07 - 00432992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2017-03-15 19:20 - 2017-03-04 03:03 - 01694712 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2017-03-15 19:20 - 2017-03-04 03:03 - 00523712 _____ (Microsoft Corporation) C:\WINDOWS\system32\DMRServer.dll
2017-03-15 19:20 - 2017-03-04 02:31 - 00266240 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore6.dll
2017-03-15 19:20 - 2017-03-04 02:30 - 00635904 _____ (Microsoft Corporation) C:\WINDOWS\system32\FlightSettings.dll
2017-03-15 19:20 - 2017-03-04 02:30 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dfsc.sys
2017-03-15 19:20 - 2017-03-04 02:28 - 00912384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.SmartCards.dll
2017-03-15 19:20 - 2017-03-04 02:28 - 00587776 _____ (Microsoft Corporation) C:\WINDOWS\system32\vpnike.dll
2017-03-15 19:20 - 2017-03-04 02:27 - 00460288 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredProvDataModel.dll
2017-03-15 19:20 - 2017-03-04 02:27 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudBackupSettings.dll
2017-03-15 19:20 - 2017-03-04 02:26 - 00658432 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2017-03-15 19:20 - 2017-03-04 02:26 - 00476160 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2017-03-15 19:20 - 2017-03-04 02:26 - 00431616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Cortana.Desktop.dll
2017-03-15 19:20 - 2017-03-04 02:25 - 00425984 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2017-03-15 19:20 - 2017-03-04 02:24 - 01025536 _____ (Microsoft Corporation) C:\WINDOWS\system32\XboxNetApiSvc.dll
2017-03-15 19:20 - 2017-03-04 02:24 - 00945664 _____ (Microsoft Corporation) C:\WINDOWS\system32\iphlpsvc.dll
2017-03-15 19:20 - 2017-03-04 02:21 - 00945664 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2017-03-15 19:20 - 2017-03-04 02:21 - 00591360 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2017-03-15 19:20 - 2017-03-04 02:20 - 01280512 _____ (Microsoft Corporation) C:\WINDOWS\system32\werconcpl.dll
2017-03-15 19:20 - 2017-03-04 02:19 - 01639424 _____ (Microsoft Corporation) C:\WINDOWS\system32\comsvcs.dll
2017-03-15 19:20 - 2017-03-04 02:19 - 01589760 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtctm.dll
2017-03-15 19:20 - 2017-03-04 02:17 - 00661504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2017-03-15 19:20 - 2017-03-04 02:15 - 18362368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2017-03-15 19:20 - 2017-03-04 02:15 - 01837056 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll
2017-03-15 19:20 - 2017-03-04 02:13 - 19411968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2017-03-15 19:20 - 2017-03-04 02:13 - 00982528 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2017-03-15 19:20 - 2017-03-04 02:12 - 13085184 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2017-03-15 19:20 - 2017-03-04 02:11 - 00975872 _____ (Microsoft Corporation) C:\WINDOWS\HelpPane.exe
2017-03-15 19:20 - 2017-03-04 02:11 - 00821248 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2017-03-15 19:20 - 2017-03-04 02:11 - 00774656 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkfoldersControl.dll
2017-03-15 19:20 - 2017-03-04 02:10 - 02208768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.3D.dll
2017-03-15 19:20 - 2017-03-04 02:10 - 01275392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll
2017-03-15 19:20 - 2017-03-04 02:10 - 00971264 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2017-03-15 19:20 - 2017-03-04 02:09 - 08125952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2017-03-15 19:20 - 2017-03-04 02:09 - 01633792 _____ (Microsoft Corporation) C:\WINDOWS\system32\quartz.dll
2017-03-15 19:20 - 2017-03-04 02:08 - 01780224 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2017-03-15 19:20 - 2017-03-04 02:08 - 00540160 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll
2017-03-15 19:20 - 2017-03-04 02:07 - 12178944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2017-03-15 19:20 - 2017-03-04 02:07 - 02895872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2017-03-15 19:20 - 2017-03-04 02:07 - 02691072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2017-03-15 19:20 - 2017-03-04 02:07 - 01840640 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2017-03-15 19:20 - 2017-03-04 02:07 - 01513472 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2017-03-15 19:20 - 2017-03-04 02:07 - 01348608 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2017-03-15 19:20 - 2017-03-04 02:07 - 00909312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2017-03-15 19:20 - 2017-03-04 02:07 - 00875520 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2017-03-15 19:20 - 2017-03-04 02:07 - 00774656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.dll
2017-03-15 19:20 - 2017-03-04 02:06 - 04746752 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2017-03-15 19:20 - 2017-03-04 02:06 - 02475008 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2017-03-15 19:20 - 2017-03-04 02:06 - 02287104 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2017-03-15 19:20 - 2017-03-04 02:05 - 01328640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Http.dll
2017-03-15 19:20 - 2017-03-04 02:05 - 00924672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.dll
2017-03-15 19:20 - 2017-03-04 02:03 - 06044672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2017-03-15 19:20 - 2017-03-04 02:03 - 03666432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2017-03-15 19:19 - 2017-03-04 03:57 - 00192352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aepic.dll
2017-03-15 19:19 - 2017-03-04 03:35 - 01617760 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2017-03-15 19:19 - 2017-03-04 03:35 - 01294688 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2017-03-15 19:19 - 2017-03-04 03:35 - 00655200 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2017-03-15 19:19 - 2017-03-04 03:35 - 00565088 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2017-03-15 19:19 - 2017-03-04 03:35 - 00378720 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2017-03-15 19:19 - 2017-03-04 03:35 - 00343904 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2017-03-15 19:19 - 2017-03-04 03:35 - 00315232 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcntel.dll
2017-03-15 19:19 - 2017-03-04 03:35 - 00242528 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2017-03-15 19:19 - 2017-03-04 03:35 - 00142176 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2017-03-15 19:19 - 2017-03-04 03:35 - 00086368 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2017-03-15 19:19 - 2017-03-04 03:35 - 00038240 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2017-03-15 19:19 - 2017-03-04 03:27 - 00603488 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll
2017-03-15 19:19 - 2017-03-04 03:25 - 01117024 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgent.dll
2017-03-15 19:19 - 2017-03-04 03:24 - 01051112 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2017-03-15 19:19 - 2017-03-04 03:24 - 00894096 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2017-03-15 19:19 - 2017-03-04 03:22 - 01354312 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2017-03-15 19:19 - 2017-03-04 03:22 - 01172984 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2017-03-15 19:19 - 2017-03-04 03:21 - 02255712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2017-03-15 19:19 - 2017-03-04 03:19 - 02681200 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2017-03-15 19:19 - 2017-03-04 03:18 - 00219040 _____ (Microsoft Corporation) C:\WINDOWS\system32\IPHLPAPI.DLL
2017-03-15 19:19 - 2017-03-04 03:15 - 00404320 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinSetupUI.dll
2017-03-15 19:19 - 2017-03-04 03:13 - 00635456 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2017-03-15 19:19 - 2017-03-04 03:11 - 00328008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll
2017-03-15 19:19 - 2017-03-04 03:11 - 00266544 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2017-03-15 19:19 - 2017-03-04 03:09 - 00578392 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2017-03-15 19:19 - 2017-03-04 03:09 - 00402272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2017-03-15 19:19 - 2017-03-04 03:08 - 00509280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2017-03-15 19:19 - 2017-03-04 03:08 - 00342456 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll
2017-03-15 19:19 - 2017-03-04 03:07 - 02446704 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2017-03-15 19:19 - 2017-03-04 03:07 - 00947552 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.efi
2017-03-15 19:19 - 2017-03-04 03:07 - 00811872 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.exe
2017-03-15 19:19 - 2017-03-04 03:07 - 00682808 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2017-03-15 19:19 - 2017-03-04 03:03 - 04674360 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2017-03-15 19:19 - 2017-03-04 03:03 - 01600632 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2017-03-15 19:19 - 2017-03-04 03:03 - 00755648 _____ (Microsoft Corporation) C:\WINDOWS\system32\evr.dll
2017-03-15 19:19 - 2017-03-04 03:03 - 00424616 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFPlay.dll
2017-03-15 19:19 - 2017-03-04 03:03 - 00241496 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll
2017-03-15 19:19 - 2017-03-04 03:03 - 00160096 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostBroker.dll
2017-03-15 19:19 - 2017-03-04 02:59 - 01570208 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2017-03-15 19:19 - 2017-03-04 02:58 - 01416224 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2017-03-15 19:19 - 2017-03-04 02:58 - 00628552 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2017-03-15 19:19 - 2017-03-04 02:42 - 07216640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2017-03-15 19:19 - 2017-03-04 02:37 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2017-03-15 19:19 - 2017-03-04 02:36 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mskssrv.sys
2017-03-15 19:19 - 2017-03-04 02:35 - 00047616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ddrawex.dll
2017-03-15 19:19 - 2017-03-04 02:33 - 00185344 _____ (Microsoft Corporation) C:\WINDOWS\system32\DisplayManager.dll
2017-03-15 19:19 - 2017-03-04 02:33 - 00162304 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcertinst.exe
2017-03-15 19:19 - 2017-03-04 02:33 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\tbauth.dll
2017-03-15 19:19 - 2017-03-04 02:31 - 00280064 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_WorkAccess.dll
2017-03-15 19:19 - 2017-03-04 02:31 - 00247808 _____ (Microsoft Corporation) C:\WINDOWS\system32\icm32.dll
2017-03-15 19:19 - 2017-03-04 02:30 - 00231424 _____ (Microsoft Corporation) C:\WINDOWS\system32\shutdownux.dll
2017-03-15 19:19 - 2017-03-04 02:30 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Cortana.OneCore.dll
2017-03-15 19:19 - 2017-03-04 02:30 - 00058880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.Search.UriHandler.dll
2017-03-15 19:19 - 2017-03-04 02:30 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBrokerCookies.exe
2017-03-15 19:19 - 2017-03-04 02:29 - 00505856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.WiFiDirect.dll
2017-03-15 19:19 - 2017-03-04 02:29 - 00418304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BlockedShutdown.dll
2017-03-15 19:19 - 2017-03-04 02:29 - 00343552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.SmartCards.Phone.dll
2017-03-15 19:19 - 2017-03-04 02:29 - 00171520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.SerialCommunication.dll
2017-03-15 19:19 - 2017-03-04 02:29 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\system32\BrowserSettingSync.dll
2017-03-15 19:19 - 2017-03-04 02:28 - 00568320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.LowLevel.dll
2017-03-15 19:19 - 2017-03-04 02:28 - 00394752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ks.sys
2017-03-15 19:19 - 2017-03-04 02:28 - 00279552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.HumanInterfaceDevice.dll
2017-03-15 19:19 - 2017-03-04 02:28 - 00223744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.HostName.dll
2017-03-15 19:19 - 2017-03-04 02:27 - 00432128 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
2017-03-15 19:19 - 2017-03-04 02:27 - 00311296 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncSettings.dll
2017-03-15 19:19 - 2017-03-04 02:27 - 00252928 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll
2017-03-15 19:19 - 2017-03-04 02:26 - 00949248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.PointOfService.dll
2017-03-15 19:19 - 2017-03-04 02:26 - 00579072 _____ (Microsoft Corporation) C:\WINDOWS\system32\ddraw.dll
2017-03-15 19:19 - 2017-03-04 02:26 - 00337408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Picker.dll
2017-03-15 19:19 - 2017-03-04 02:26 - 00264704 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
2017-03-15 19:19 - 2017-03-04 02:26 - 00261632 _____ (Microsoft Corporation) C:\WINDOWS\system32\indexeddbserver.dll
2017-03-15 19:19 - 2017-03-04 02:25 - 01060352 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppContracts.dll
2017-03-15 19:19 - 2017-03-04 02:25 - 01016320 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthManager.dll
2017-03-15 19:19 - 2017-03-04 02:25 - 00437248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Usb.dll
2017-03-15 19:19 - 2017-03-04 02:24 - 00495104 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataSenseHandlers.dll
2017-03-15 19:19 - 2017-03-04 02:23 - 03753984 _____ (Microsoft Corporation) C:\WINDOWS\system32\bootux.dll
2017-03-15 19:19 - 2017-03-04 02:23 - 00896512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.AccountsControl.dll
2017-03-15 19:19 - 2017-03-04 02:23 - 00715776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2017-03-15 19:19 - 2017-03-04 02:23 - 00634368 _____ (Microsoft Corporation) C:\WINDOWS\system32\StructuredQuery.dll
2017-03-15 19:19 - 2017-03-04 02:23 - 00541696 _____ (Microsoft Corporation) C:\WINDOWS\system32\ipnathlp.dll
2017-03-15 19:19 - 2017-03-04 02:23 - 00320512 _____ (Microsoft Corporation) C:\WINDOWS\system32\thumbcache.dll
2017-03-15 19:19 - 2017-03-04 02:22 - 00869888 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2017-03-15 19:19 - 2017-03-04 02:22 - 00822784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2017-03-15 19:19 - 2017-03-04 02:20 - 01913856 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_fs.dll
2017-03-15 19:19 - 2017-03-04 02:20 - 01361408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
2017-03-15 19:19 - 2017-03-04 02:20 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2017-03-15 19:19 - 2017-03-04 02:20 - 00650752 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2017-03-15 19:19 - 2017-03-04 02:20 - 00203776 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2017-03-15 19:19 - 2017-03-04 02:19 - 01584128 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_health.dll
2017-03-15 19:19 - 2017-03-04 02:19 - 00635904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2017-03-15 19:19 - 2017-03-04 02:19 - 00166912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Tabbtn.dll
2017-03-15 19:19 - 2017-03-04 02:18 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\indexeddbserver.dll
2017-03-15 19:19 - 2017-03-04 02:17 - 01105408 _____ (Microsoft Corporation) C:\WINDOWS\system32\MiracastReceiver.dll
2017-03-15 19:19 - 2017-03-04 02:17 - 00730624 _____ (Microsoft Corporation) C:\WINDOWS\system32\clusapi.dll
2017-03-15 19:19 - 2017-03-04 02:17 - 00442368 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToDevice.dll
2017-03-15 19:19 - 2017-03-04 02:17 - 00440320 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhcfg.dll
2017-03-15 19:19 - 2017-03-04 02:16 - 03289088 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2017-03-15 19:19 - 2017-03-04 02:16 - 00187904 _____ (Microsoft Corporation) C:\WINDOWS\system32\dialclient.dll
2017-03-15 19:19 - 2017-03-04 02:15 - 09130496 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2017-03-15 19:19 - 2017-03-04 02:15 - 02860032 _____ (Microsoft Corporation) C:\WINDOWS\system32\storagewmi.dll
2017-03-15 19:19 - 2017-03-04 02:14 - 04749312 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2017-03-15 19:19 - 2017-03-04 02:14 - 00588288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidprov.dll
2017-03-15 19:19 - 2017-03-04 02:14 - 00374784 _____ (Microsoft Corporation) C:\WINDOWS\system32\resutils.dll
2017-03-15 19:19 - 2017-03-04 02:14 - 00279552 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToReceiver.dll
2017-03-15 19:19 - 2017-03-04 02:13 - 00961024 _____ (Microsoft Corporation) C:\WINDOWS\system32\imapi2fs.dll
2017-03-15 19:19 - 2017-03-04 02:13 - 00937472 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll
2017-03-15 19:19 - 2017-03-04 02:13 - 00628736 _____ (Microsoft Corporation) C:\WINDOWS\system32\uReFS.dll
2017-03-15 19:19 - 2017-03-04 02:13 - 00539136 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToManager.dll
2017-03-15 19:19 - 2017-03-04 02:13 - 00222720 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFoldersShell.dll
2017-03-15 19:19 - 2017-03-04 02:13 - 00112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\CameraCaptureUI.dll
2017-03-15 19:19 - 2017-03-04 02:13 - 00112128 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFoldersGPExt.dll
2017-03-15 19:19 - 2017-03-04 02:12 - 01692160 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2017-03-15 19:19 - 2017-03-04 02:12 - 01040896 _____ (Microsoft Corporation) C:\WINDOWS\system32\NaturalLanguage6.dll
2017-03-15 19:19 - 2017-03-04 02:12 - 00828416 _____ (Microsoft Corporation) C:\WINDOWS\system32\appwiz.cpl
2017-03-15 19:19 - 2017-03-04 02:12 - 00467968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Geolocation.dll
2017-03-15 19:19 - 2017-03-04 02:11 - 04474368 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
2017-03-15 19:19 - 2017-03-04 02:11 - 02611200 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameux.dll
2017-03-15 19:19 - 2017-03-04 02:11 - 02278400 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2017-03-15 19:19 - 2017-03-04 02:11 - 01656832 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2017-03-15 19:19 - 2017-03-04 02:11 - 01643008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
2017-03-15 19:19 - 2017-03-04 02:11 - 00572416 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhotoScreensaver.scr
2017-03-15 19:19 - 2017-03-04 02:10 - 02095616 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2017-03-15 19:19 - 2017-03-04 02:10 - 00960000 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2017-03-15 19:19 - 2017-03-04 02:10 - 00913920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.dll
2017-03-15 19:19 - 2017-03-04 02:10 - 00770560 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2017-03-15 19:19 - 2017-03-04 02:10 - 00104960 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFolders.exe
2017-03-15 19:19 - 2017-03-04 02:07 - 02914816 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnroll.dll
2017-03-15 19:19 - 2017-03-04 02:07 - 02512384 _____ (Microsoft Corporation) C:\WINDOWS\system32\themecpl.dll
2017-03-15 19:19 - 2017-03-04 02:07 - 01490944 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2017-03-15 19:19 - 2017-03-04 02:07 - 01064448 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2017-03-15 19:19 - 2017-03-04 02:07 - 00707584 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2017-03-15 19:19 - 2017-03-04 02:06 - 05384192 _____ (Microsoft) C:\WINDOWS\system32\dbgeng.dll
2017-03-15 19:19 - 2017-03-04 02:06 - 04708864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2017-03-15 19:19 - 2017-03-04 02:06 - 04060672 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbon.dll
2017-03-15 19:19 - 2017-03-04 02:06 - 03614720 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2017-03-15 19:19 - 2017-03-04 02:06 - 03202048 _____ (Microsoft Corporation) C:
 
\WINDOWS\system32\msftedit.dll
2017-03-15 19:19 - 2017-03-04 02:06 - 02317824 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2017-03-15 19:19 - 2017-03-04 02:06 - 00881664 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2017-03-15 19:19 - 2017-03-04 02:06 - 00483328 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.dll
2017-03-15 19:19 - 2017-03-04 02:05 - 01726976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2017-03-15 19:19 - 2017-03-04 02:05 - 01121280 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2017-03-15 19:19 - 2017-03-04 02:03 - 01817088 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll
2017-03-15 19:19 - 2017-03-04 02:02 - 00510464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhotoScreensaver.scr
2017-03-15 19:19 - 2017-03-04 02:01 - 03478528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbon.dll
2017-03-15 19:19 - 2017-03-04 02:00 - 02026496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2017-03-15 19:19 - 2016-07-15 22:29 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\CspCellularSettings.dll
2017-03-15 19:19 - 2016-07-15 22:28 - 00125440 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseAPNCsp.dll
2017-03-15 19:19 - 2016-07-15 22:26 - 00128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\CfgSPCellular.dll
2017-03-15 19:18 - 2017-03-04 03:35 - 00590952 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2017-03-15 19:18 - 2017-03-04 03:24 - 00354264 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemreset.exe
2017-03-15 19:18 - 2017-03-04 03:20 - 00379744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Classpnp.sys
2017-03-15 19:18 - 2017-03-04 03:20 - 00128352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\partmgr.sys
2017-03-15 19:18 - 2017-03-04 03:18 - 00764392 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2017-03-15 19:18 - 2017-03-04 03:09 - 00178520 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostUser.dll
2017-03-15 19:18 - 2017-03-04 03:08 - 00624048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2017-03-15 19:18 - 2017-03-04 03:07 - 02913144 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2017-03-15 19:18 - 2017-03-04 03:07 - 01267512 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2017-03-15 19:18 - 2017-03-04 03:07 - 01100128 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2017-03-15 19:18 - 2017-03-04 03:07 - 00989016 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2017-03-15 19:18 - 2017-03-04 03:07 - 00116064 _____ (Microsoft Corporation) C:\WINDOWS\system32\icfupgd.dll
2017-03-15 19:18 - 2017-03-04 03:07 - 00110944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvsocket.sys
2017-03-15 19:18 - 2017-03-04 03:07 - 00080224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbkmcl.sys
2017-03-15 19:18 - 2017-03-04 03:03 - 00038768 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompPkgSup.dll
2017-03-15 19:18 - 2017-03-04 03:01 - 00201568 _____ (Microsoft Corporation) C:\WINDOWS\system32\basecsp.dll
2017-03-15 19:18 - 2017-03-04 03:01 - 00128648 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpapi.dll
2017-03-15 19:18 - 2017-03-04 02:58 - 00322912 _____ (Microsoft Corporation) C:\WINDOWS\system32\input.dll
2017-03-15 19:18 - 2017-03-04 02:57 - 00372432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MediaControl.dll
2017-03-15 19:18 - 2017-03-04 02:37 - 00025088 _____ C:\WINDOWS\system32\GamePanelExternalHook.dll
2017-03-15 19:18 - 2017-03-04 02:36 - 00217600 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctfp.dll
2017-03-15 19:18 - 2017-03-04 02:36 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2017-03-15 19:18 - 2017-03-04 02:36 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2017-03-15 19:18 - 2017-03-04 02:35 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll
2017-03-15 19:18 - 2017-03-04 02:34 - 00124416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.SystemManagement.dll
2017-03-15 19:18 - 2017-03-04 02:34 - 00116224 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctfui.dll
2017-03-15 19:18 - 2017-03-04 02:34 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbkmclr.sys
2017-03-15 19:18 - 2017-03-04 02:33 - 00259072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Family.SyncEngine.dll
2017-03-15 19:18 - 2017-03-04 02:33 - 00095232 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzautoupdate.dll
2017-03-15 19:18 - 2017-03-04 02:33 - 00057344 _____ (Microsoft Corporation) C:\WINDOWS\system32\BluetoothDesktopHandlers.dll
2017-03-15 19:18 - 2017-03-04 02:33 - 00046592 _____ (Microsoft Corporation) C:\WINDOWS\system32\XInputUap.dll
2017-03-15 19:18 - 2017-03-04 02:32 - 00249856 _____ (Microsoft Corporation) C:\WINDOWS\system32\scksp.dll
2017-03-15 19:18 - 2017-03-04 02:32 - 00196096 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDeviceRegistration.dll
2017-03-15 19:18 - 2017-03-04 02:32 - 00193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.WiFi.dll
2017-03-15 19:18 - 2017-03-04 02:32 - 00133632 _____ (Microsoft Corporation) C:\WINDOWS\system32\MediaFoundation.DefaultPerceptionProvider.dll
2017-03-15 19:18 - 2017-03-04 02:32 - 00073216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryBroker.dll
2017-03-15 19:18 - 2017-03-04 02:31 - 00567296 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicePairing.dll
2017-03-15 19:18 - 2017-03-04 02:31 - 00122880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryClient.dll
2017-03-15 19:18 - 2017-03-04 02:30 - 00547840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Gaming.Input.dll
2017-03-15 19:18 - 2017-03-04 02:30 - 00463872 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2017-03-15 19:18 - 2017-03-04 02:30 - 00300544 _____ (Microsoft Corporation) C:\WINDOWS\system32\mscandui.dll
2017-03-15 19:18 - 2017-03-04 02:30 - 00236544 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Flights.dll
2017-03-15 19:18 - 2017-03-04 02:30 - 00205824 _____ (Microsoft Corporation) C:\WINDOWS\system32\netiohlp.dll
2017-03-15 19:18 - 2017-03-04 02:30 - 00186368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Radios.dll
2017-03-15 19:18 - 2017-03-04 02:29 - 00289792 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeveloperOptionsSettingsHandlers.dll
2017-03-15 19:18 - 2017-03-04 02:29 - 00125952 _____ (Microsoft Corporation) C:\WINDOWS\system32\appinfo.dll
2017-03-15 19:18 - 2017-03-04 02:28 - 00947712 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2017-03-15 19:18 - 2017-03-04 02:28 - 00651264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.AllJoyn.dll
2017-03-15 19:18 - 2017-03-04 02:28 - 00623104 _____ (Microsoft Corporation) C:\WINDOWS\system32\PCPTpm12.dll
2017-03-15 19:18 - 2017-03-04 02:28 - 00349696 _____ (Microsoft Corporation) C:\WINDOWS\system32\icsvcext.dll
2017-03-15 19:18 - 2017-03-04 02:28 - 00268800 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserMgrProxy.dll
2017-03-15 19:18 - 2017-03-04 02:28 - 00267264 _____ (Microsoft Corporation) C:\WINDOWS\system32\vaultcli.dll
2017-03-15 19:18 - 2017-03-04 02:28 - 00193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\certprop.dll
2017-03-15 19:18 - 2017-03-04 02:28 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2017-03-15 19:18 - 2017-03-04 02:27 - 00852480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Import.dll
2017-03-15 19:18 - 2017-03-04 02:27 - 00391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleacc.dll
2017-03-15 19:18 - 2017-03-04 02:27 - 00379392 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepsync.dll
2017-03-15 19:18 - 2017-03-04 02:27 - 00324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll
2017-03-15 19:18 - 2017-03-04 02:27 - 00176128 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepapi.dll
2017-03-15 19:18 - 2017-03-04 02:26 - 00643072 _____ (Microsoft Corporation) C:\WINDOWS\system32\main.cpl
2017-03-15 19:18 - 2017-03-04 02:26 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbonRes.dll
2017-03-15 19:18 - 2017-03-04 02:26 - 00464896 _____ (Microsoft Corporation) C:\WINDOWS\system32\msutb.dll
2017-03-15 19:18 - 2017-03-04 02:26 - 00450048 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll
2017-03-15 19:18 - 2017-03-04 02:26 - 00407552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2017-03-15 19:18 - 2017-03-04 02:26 - 00090112 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2017-03-15 19:18 - 2017-03-04 02:26 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2017-03-15 19:18 - 2017-03-04 02:25 - 00526848 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
2017-03-15 19:18 - 2017-03-04 02:24 - 01092096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplicationFrame.dll
2017-03-15 19:18 - 2017-03-04 02:24 - 00956416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2017-03-15 19:18 - 2017-03-04 02:24 - 00655872 _____ (Microsoft Corporation) C:\WINDOWS\system32\sud.dll
2017-03-15 19:18 - 2017-03-04 02:24 - 00560128 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll
2017-03-15 19:18 - 2017-03-04 02:24 - 00478208 _____ (Microsoft Corporation) C:\WINDOWS\system32\DXP.dll
2017-03-15 19:18 - 2017-03-04 02:24 - 00329728 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceaccess.dll
2017-03-15 19:18 - 2017-03-04 02:23 - 00775168 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe
2017-03-15 19:18 - 2017-03-04 02:23 - 00496128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.UserAccountsHandlers.dll
2017-03-15 19:18 - 2017-03-04 02:22 - 00410112 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2017-03-15 19:18 - 2017-03-04 02:21 - 00776192 _____ (Microsoft Corporation) C:\WINDOWS\system32\TabletPC.cpl
2017-03-15 19:18 - 2017-03-04 02:21 - 00347648 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll
2017-03-15 19:18 - 2017-03-04 02:20 - 00893952 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2017-03-15 19:18 - 2017-03-04 02:20 - 00282112 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmWmiPl.dll
2017-03-15 19:18 - 2017-03-04 02:19 - 00376832 _____ (Microsoft Corporation) C:\WINDOWS\system32\CryptoWinRT.dll
2017-03-15 19:18 - 2017-03-04 02:19 - 00083456 _____ (Microsoft Corporation) C:\WINDOWS\system32\tabcal.exe
2017-03-15 19:18 - 2017-03-04 02:18 - 01227264 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpsvc.dll
2017-03-15 19:18 - 2017-03-04 02:18 - 00320512 _____ (Microsoft Corporation) C:\WINDOWS\regedit.exe
2017-03-15 19:18 - 2017-03-04 02:17 - 01082368 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2017-03-15 19:18 - 2017-03-04 02:16 - 00649216 _____ (Microsoft Corporation) C:\WINDOWS\system32\vds.exe
2017-03-15 19:18 - 2017-03-04 02:16 - 00583168 _____ (Microsoft Corporation) C:\WINDOWS\system32\BootMenuUX.dll
2017-03-15 19:18 - 2017-03-04 02:15 - 01443328 _____ (Microsoft Corporation) C:\WINDOWS\system32\VSSVC.exe
2017-03-15 19:18 - 2017-03-04 02:14 - 01562112 _____ (Microsoft Corporation) C:\WINDOWS\system32\vssapi.dll
2017-03-15 19:18 - 2017-03-04 02:14 - 01547264 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbengine.exe
2017-03-15 19:18 - 2017-03-04 02:14 - 00167936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ErrorDetails.dll
2017-03-15 19:18 - 2017-03-04 02:14 - 00130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpaceAgent.exe
2017-03-15 19:18 - 2017-03-04 02:13 - 05114368 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2017-03-15 19:18 - 2017-03-04 02:13 - 00947200 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_sr.dll
2017-03-15 19:18 - 2017-03-04 02:13 - 00054272 _____ (Microsoft Corporation) C:\WINDOWS\system32\MultiDigiMon.exe
2017-03-15 19:18 - 2017-03-04 02:11 - 01312768 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorDataService.exe
2017-03-15 19:18 - 2017-03-04 02:11 - 00818176 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2017-03-15 19:18 - 2017-03-04 02:10 - 06664192 _____ (Microsoft Corporation) C:\WINDOWS\system32\mspaint.exe
2017-03-15 19:18 - 2017-03-04 02:10 - 01586176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Globalization.dll
2017-03-15 19:18 - 2017-03-04 02:10 - 00460800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Midi.dll
2017-03-15 19:18 - 2017-03-04 02:09 - 00653824 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserLanguagesCpl.dll
2017-03-15 19:18 - 2017-03-04 02:08 - 01714688 _____ (Microsoft Corporation) C:\WINDOWS\system32\dui70.dll
2017-03-15 19:18 - 2017-03-04 02:08 - 00629248 _____ (Microsoft Corporation) C:\WINDOWS\system32\hgcpl.dll
2017-03-15 19:18 - 2017-03-04 02:07 - 00716800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ShareHost.dll
2017-03-15 19:18 - 2017-03-04 02:07 - 00389632 _____ (Microsoft Corporation) C:\WINDOWS\system32\stobject.dll
2017-03-15 19:18 - 2017-03-04 02:05 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll
2017-03-15 19:18 - 2017-03-04 02:04 - 00035328 _____ (Microsoft Corporation) C:\WINDOWS\system32\spaceman.exe
2017-03-15 19:17 - 2016-05-29 14:38 - 08886976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSetup.exe
2017-03-14 21:08 - 2017-03-14 21:08 - 00001230 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Creative Cloud.lnk
2017-03-14 21:08 - 2017-03-14 21:08 - 00001218 _____ C:\Users\Public\Desktop\Adobe Creative Cloud.lnk
2017-03-14 16:43 - 2017-03-14 16:43 - 10088725 _____ C:\Users\Owner\Downloads\T2SelectKitMeat.mp4
2017-03-14 14:22 - 2017-03-14 14:22 - 00227359 _____ C:\Users\Owner\Downloads\teen wolf coloring #7 (unbrokencolorings).psd
2017-03-13 21:10 - 2017-03-13 21:10 - 00000000 ____D C:\Program Files (x86)\Tepi
2017-03-13 21:09 - 2017-03-13 21:09 - 00001108 _____ C:\Users\Owner\Desktop\KMPlayer.lnk
2017-03-12 14:27 - 2017-03-12 14:28 - 00000000 ____D C:\Users\Owner\Desktop\GIF
2017-03-12 14:27 - 2017-03-12 14:27 - 00000000 ____D C:\Users\Owner\Desktop\New folder
2017-03-12 13:34 - 2017-03-13 19:33 - 00000000 ____D C:\Users\Owner\Downloads\Black.Sails.S04E01.1080p.WEBRip.X264-DEFLATE[rarbg]
2017-03-12 13:34 - 2017-03-12 13:34 - 00187213 _____ C:\Users\Owner\Downloads\Black.Sails.S04E01.1080p.WEBRip.X264-DEFLATE[rartv]-[rarbg.to].torrent
2017-03-12 13:31 - 2017-03-12 13:31 - 00110130 _____ C:\Users\Owner\Downloads\Black.Sails.S04E02.720p.WEBRip.X264-DEFLATE[rartv]-[rarbg.to].torrent
2017-03-12 13:24 - 2017-03-12 14:30 - 00000000 ____D C:\Users\Owner\Downloads\Black.Sails.S04E07.1080p.WEBRip.X264-DEFLATE[rarbg]
2017-03-12 13:23 - 2017-03-12 13:23 - 00119073 _____ C:\Users\Owner\Downloads\Black.Sails.S04E07.1080p.WEBRip.X264-DEFLATE[rartv]-[rarbg.to].torrent
2017-03-12 13:14 - 2017-03-12 13:14 - 00000000 ____D C:\Users\Owner\AppData\Roaming\IPVanish VPN
2017-03-12 13:14 - 2017-03-12 13:14 - 00000000 ____D C:\Users\Owner\AppData\Local\IPVanish
2017-03-12 13:14 - 2017-03-12 13:14 - 00000000 ____D C:\ProgramData\MapControl
2017-03-12 13:10 - 2017-03-12 13:10 - 00000000 ____D C:\Users\Owner\AppData\Local\IsolatedStorage
2017-03-12 12:58 - 2017-04-02 10:47 - 00000000 ____D C:\Program Files\IPVanish
2017-03-12 12:58 - 2017-03-12 12:58 - 00000857 _____ C:\Users\Public\Desktop\IPVanish.lnk
2017-03-12 12:58 - 2017-03-12 12:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IPVanish
2017-03-12 12:58 - 2016-09-22 15:26 - 00045552 _____ (The OpenVPN Project) C:\WINDOWS\system32\Drivers\tapipvanish.sys
2017-03-12 12:56 - 2017-03-12 12:56 - 06963248 _____ (IPVANISH ) C:\Users\Owner\Downloads\ipvanish-setup.exe
2017-03-10 16:57 - 2017-03-10 16:57 - 01817105 _____ C:\Users\Owner\Documents\File_000.pdf
2017-03-10 16:42 - 2017-03-10 16:42 - 00011436 _____ C:\Users\Owner\Downloads\Payslip_to_Print_01_18_2017.pdf
2017-03-08 14:42 - 2017-03-08 14:42 - 00739392 _____ (Oracle Corporation) C:\Users\Owner\Downloads\JavaSetup8u121.exe
 
==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-04-07 18:45 - 2012-01-16 17:38 - 00000000 ____D C:\Users\Owner\AppData\Roaming\uTorrent
2017-04-07 18:43 - 2014-02-24 14:22 - 00000000 ___RD C:\Users\Owner\Dropbox
2017-04-07 18:43 - 2014-02-24 14:20 - 00000000 ____D C:\Users\Owner\AppData\Roaming\Dropbox
2017-04-07 18:26 - 2016-07-16 02:04 - 00032768 _____ C:\WINDOWS\system32\config\ELAM
2017-04-07 18:26 - 2015-01-31 18:20 - 00000000 ____D C:\ProgramData\MFAData
2017-04-07 18:23 - 2013-10-05 06:50 - 00000000 ____D C:\Users\Owner\AppData\Roaming\Spotify
2017-04-07 18:23 - 2013-10-05 06:50 - 00000000 ____D C:\Users\Owner\AppData\Local\Spotify
2017-04-07 18:17 - 2016-09-25 21:44 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-04-07 18:17 - 2016-09-25 21:03 - 00000000 ____D C:\ProgramData\NVIDIA
2017-04-07 18:17 - 2016-09-25 21:00 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2017-04-07 18:17 - 2014-08-10 09:00 - 00001721 _____ C:\WINDOWS\keyacc.ini
2017-04-06 19:07 - 2011-12-28 11:12 - 00000000 ____D C:\Users\Owner\Desktop\Portable Photoshop CS5 Extended
2017-04-06 19:05 - 2011-11-23 14:49 - 00000000 ____D C:\ProgramData\clear.fi
2017-04-06 18:24 - 2016-09-25 21:07 - 00000000 ____D C:\Users\Owner
2017-04-05 17:59 - 2016-09-25 21:44 - 00003668 _____ C:\WINDOWS\System32\Tasks\AVG EUpdate Task
2017-04-03 10:27 - 2013-08-03 21:09 - 00000000 ____D C:\Users\Owner\AppData\Roaming\Skype
2017-04-03 01:13 - 2012-01-09 20:31 - 00001456 _____ C:\Users\Owner\AppData\Local\Adobe Save for Web 12.0 Prefs
2017-04-02 22:56 - 2016-07-16 02:04 - 00524288 _____ C:\WINDOWS\system32\config\BBI
2017-04-02 10:45 - 2016-07-16 07:47 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-03-31 17:40 - 2011-11-28 18:48 - 00002495 _____ C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-03-31 17:31 - 2015-11-11 13:07 - 00001013 _____ C:\Users\Public\Desktop\AVG Protection.lnk
2017-03-31 17:31 - 2015-01-31 18:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2017-03-30 18:48 - 2016-07-16 07:47 - 00000000 ___HD C:\Program Files\WindowsApps
2017-03-27 21:21 - 2017-01-30 22:15 - 00002013 _____ C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
2017-03-27 21:21 - 2015-11-18 18:01 - 00000000 ____D C:\Program Files\McAfee Security Scan
2017-03-25 18:21 - 2012-01-09 23:10 - 00000000 ____D C:\Users\Owner\Documents\The KMPlayer
2017-03-23 15:28 - 2014-05-26 15:35 - 00000000 ____D C:\Users\Owner\Documents\Lynka
2017-03-23 15:10 - 2016-01-28 14:51 - 00000580 _____ C:\WINDOWS\Tasks\G2MUpdateTask-S-1-5-21-1550112743-170410322-4251018227-1000.job
2017-03-22 18:54 - 2016-01-28 14:51 - 00000676 _____ C:\WINDOWS\Tasks\G2MUploadTask-S-1-5-21-1550112743-170410322-4251018227-1000.job
2017-03-21 19:58 - 2016-07-16 07:47 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2017-03-21 19:54 - 2013-06-04 23:00 - 00000000 ____D C:\Program Files\Microsoft Office 15
2017-03-20 22:15 - 2016-09-25 21:44 - 00004374 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2017-03-20 22:14 - 2017-01-12 23:14 - 06847064 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerInstaller.exe
2017-03-20 22:14 - 2016-07-16 07:47 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed
2017-03-20 22:14 - 2016-07-16 07:47 - 00000000 ____D C:\WINDOWS\system32\Macromed
2017-03-20 16:02 - 2011-12-28 11:50 - 00000000 ____D C:\Users\Owner\AppData\Roaming\Adobe
2017-03-18 19:52 - 2016-09-25 21:07 - 01284450 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-03-18 17:47 - 2016-07-16 07:45 - 00000000 ____D C:\WINDOWS\INF
2017-03-18 10:33 - 2016-07-16 07:47 - 00000000 ____D C:\WINDOWS\rescache
2017-03-16 18:37 - 2016-07-16 07:47 - 00000000 ____D C:\WINDOWS\system32\appraiser
2017-03-16 18:37 - 2016-07-16 07:36 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-03-15 22:32 - 2015-09-10 01:42 - 00000000 __RHD C:\Users\Public\AccountPictures
2017-03-15 22:28 - 2016-09-25 21:00 - 04797024 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-03-15 22:28 - 2013-03-13 17:41 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2017-03-15 22:28 - 2013-03-13 17:41 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2017-03-15 22:24 - 2016-07-16 07:47 - 00000000 ___SD C:\WINDOWS\SysWOW64\F12
2017-03-15 22:24 - 2016-07-16 07:47 - 00000000 ____D C:\WINDOWS\SysWOW64\setup
2017-03-15 22:23 - 2016-07-16 07:47 - 00000000 ___SD C:\WINDOWS\system32\F12
2017-03-15 22:23 - 2016-07-16 07:47 - 00000000 ___RD C:\WINDOWS\PrintDialog
2017-03-15 22:23 - 2016-07-16 07:47 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2017-03-15 22:23 - 2016-07-16 07:47 - 00000000 ___RD C:\Program Files\Windows Defender
2017-03-15 22:23 - 2016-07-16 07:47 - 00000000 ____D C:\WINDOWS\system32\setup
2017-03-15 22:23 - 2016-07-16 07:47 - 00000000 ____D C:\WINDOWS\system32\oobe
2017-03-15 22:23 - 2016-07-16 07:47 - 00000000 ____D C:\WINDOWS\ShellExperiences
2017-03-15 22:23 - 2016-07-16 07:47 - 00000000 ____D C:\WINDOWS\bcastdvr
2017-03-15 22:23 - 2016-07-16 07:47 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2017-03-15 22:23 - 2016-07-16 07:47 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2017-03-15 22:23 - 2016-07-16 07:47 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2017-03-15 20:14 - 2013-08-16 20:57 - 00000000 ____D C:\WINDOWS\system32\MRT
2017-03-15 20:05 - 2011-11-28 16:19 - 138634176 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-03-15 19:47 - 2013-03-13 17:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2017-03-15 18:03 - 2016-02-04 10:35 - 00000000 ____D C:\Users\Owner\AppData\Local\Adobe
2017-03-14 21:10 - 2016-04-02 19:49 - 00000000 ___RD C:\Users\Owner\Creative Cloud Files
2017-03-14 21:10 - 2016-04-02 19:49 - 00000000 ____D C:\ProgramData\boost_interprocess
2017-03-14 21:08 - 2010-08-30 21:36 - 00000000 ____D C:\Program Files (x86)\Adobe
2017-03-14 12:56 - 2011-11-25 21:44 - 00000000 ____D C:\Users\Owner\AppData\Roaming\vlc
2017-03-13 21:08 - 2012-01-09 22:51 - 00000000 ____D C:\Program Files (x86)\The KMPlayer
2017-03-12 13:05 - 2015-09-19 10:16 - 00000000 ____D C:\ProgramData\AVG Web TuneUp
2017-03-12 12:32 - 2015-09-19 08:11 - 00000000 ____D C:\Program Files (x86)\AVG Web TuneUp
2017-03-09 17:41 - 2015-09-19 13:40 - 00000000 ____D C:\Users\Owner\AppData\Local\Packages
2017-03-08 14:45 - 2016-05-03 08:16 - 00000000 ____D C:\Program Files (x86)\Java
2017-03-08 14:45 - 2016-03-15 16:31 - 00000000 ____D C:\ProgramData\Oracle
2017-03-08 14:44 - 2016-05-03 08:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2017-03-08 14:43 - 2016-05-03 08:16 - 00097856 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2017-03-08 09:32 - 2015-06-12 16:36 - 00000000 ____D C:\Users\Owner\AppData\Local\Dropbox

==================== Files in the root of some directories =======

2013-11-11 17:51 - 2013-11-11 17:51 - 0893239 _____ () C:\Users\Owner\AppData\Local\a.zip
2012-01-09 20:31 - 2017-04-03 01:13 - 0001456 _____ () C:\Users\Owner\AppData\Local\Adobe Save for Web 12.0 Prefs
2013-11-11 17:51 - 2013-11-11 17:51 - 2162416 _____ (Catalina Marketing Corp) C:\Users\Owner\AppData\Local\BcsKtYcHW.dll
2011-11-23 04:49 - 2011-11-23 05:14 - 0014339 _____ () C:\ProgramData\ArcadeDeluxe4.log
2011-11-23 05:04 - 2011-11-23 05:10 - 0015896 _____ () C:\ProgramData\ArcadeDeluxe5.log
2011-11-23 04:55 - 2011-11-23 05:06 - 0000032 _____ () C:\ProgramData\PS.log

Some files in TEMP:
====================
2016-10-02 19:33 - 2016-10-02 19:33 - 2831864 _____ (Google) C:\Users\Owner\AppData\Local\Temp\121A.exe
2016-11-01 15:53 - 2016-11-01 15:53 - 0737856 _____ (Oracle Corporation) C:\Users\Owner\AppData\Local\Temp\jre-8u111-windows-au.exe
2017-03-12 12:39 - 2017-03-12 12:39 - 38086544 _____ (PandoraTV) C:\Users\Owner\AppData\Local\Temp\KMP_4.1.5.8.exe

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2017-04-02 22:09

==================== End of FRST.txt ============================
 
Here's the Addition log

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 15-03-2017
Ran by Owner (07-04-2017 18:46:37)
Running from C:\Users\Owner\Downloads
Windows 10 Home Version 1607 (X64) (2016-09-26 01:49:37)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1550112743-170410322-4251018227-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1550112743-170410322-4251018227-503 - Limited - Disabled)
Guest (S-1-5-21-1550112743-170410322-4251018227-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1550112743-170410322-4251018227-1003 - Limited - Enabled)
Owner (S-1-5-21-1550112743-170410322-4251018227-1000 - Administrator - Enabled) => C:\Users\Owner

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: AVG AntiVirus Free Edition (Enabled - Up to date) {4D41356F-32AD-7C42-C820-63775EE4F413}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG AntiVirus Free Edition (Enabled - Up to date) {F620D48B-1497-73CC-F290-58052563BEAE}
FW: AVG update module (Disabled) {757AB44A-78C2-7D1A-E37F-CA42A037B368}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-1550112743-170410322-4251018227-1000\...\uTorrent) (Version: 3.4.9.43388 - BitTorrent Inc.)
18 Wheels of Steel - American Long Haul (x32 Version: 2.2.0.95 - WildTangent) Hidden
Acer eRecovery Management (HKLM-x32\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 4.05.3013 - Acer Incorporated)
Acer Game Console (x32 Version: - WildTangent) Hidden
Acer Games (HKLM-x32\...\WildTangent acer Master Uninstall) (Version: 1.0.1.3 - WildTangent)
Acer ScreenSaver (HKLM-x32\...\Acer Screensaver) (Version: 1.1.0825.2010 - Acer Incorporated)
Acer TouchCam (x32 Version: 3.0.2624 - CyberLink Corp.) Hidden
Acer TouchPortal (HKLM-x32\...\{C652F86F-348A-4A65-8BE8-A3F7A6370D98}) (Version: 2.00.3007 - Acer Incorporated)
Acer TouchPortal (x32 Version: 4.2.8227 - CyberLink Corp.) Hidden
Acer TouchPortal (x32 Version: 9.0.7029 - CyberLink Corp.) Hidden
Acer Updater (HKLM-x32\...\{EE171732-BEB4-4576-887D-CB62727F01CA}) (Version: 1.02.3001 - Acer Incorporated)
Acrobat.com (HKLM-x32\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated)
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 15.023.20070 - Adobe Systems Incorporated)
Adobe Acrobat X Pro - English, Français, Deutsch (HKLM-x32\...\{AC76BA86-1033-F400-7760-000000000005}) (Version: 10.1.12 - Adobe Systems)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 2.5.1.17730 - Adobe Systems Inc.)
Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.4.980 - Adobe Systems Incorporated.)
Adobe Connect 9 Add-in (HKU\S-1-5-21-1550112743-170410322-4251018227-1000\...\Adobe Connect 9 Add-in) (Version: 11.2.261.0 - Adobe Systems Incorporated)
Adobe Connect Add-in (HKU\S-1-5-21-1550112743-170410322-4251018227-1000\...\Adobe Connect Add-in) (Version: - )
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 3.9.1.335 - Adobe Systems Incorporated)
Adobe Flash Player 25 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 25.0.0.127 - Adobe Systems Incorporated)
Advertising Center (x32 Version: 0.0.0.2 - Nero AG) Hidden
Agatha Christie - Death on the Nile (x32 Version: 2.2.0.95 - WildTangent) Hidden
Amazon Assistant (HKLM-x32\...\{5437E77B-E4B5-45E7-BD33-95C3F0AA6602}) (Version: 10.17.0228 - Amazon) <==== ATTENTION
Apple Application Support (32-bit) (HKLM-x32\...\{9BA1A894-B42F-4805-BC8C-349C905A3930}) (Version: 5.3.1 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{7EAC8A42-9FAC-4F6B-AABF-C08C9F2E0F13}) (Version: 5.3.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{55BB2110-FB43-49B3-93F4-945A0CFB0A6C}) (Version: 10.0.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
AVG (Version: 16.151.8012 - AVG Technologies) Hidden
AVG 2016 (Version: 16.0.4769 - AVG Technologies) Hidden
AVG Protection (HKLM\...\AVG) (Version: 2016.151.8012 - AVG Technologies)
AVG Quick ThreatScan (HKLM-x32\...\AVG Quick ThreatScan) (Version: qts-1.12.3-c4b1-1d-norm-is - AVG Technologies CZ, s.r.o.)
AVG Web TuneUp (HKLM-x32\...\AVG Web TuneUp) (Version: 4.3.7.452 - AVG Technologies)
Bejeweled 2 Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
BIG-IP Edge Client Components (All Users) (HKLM-x32\...\F5 Networks Client Components) (Version: 70.2014.0409.2153 - F5 Networks, Inc.)
Bing Bar (HKLM-x32\...\{3365E735-48A6-4194-9988-CE59AC5AE503}) (Version: 7.3.132.0 - Microsoft Corporation)
Bing Rewards Client Installer (x32 Version: 16.0.345.0 - Microsoft Corporation) Hidden
Blackhawk Striker 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Brother MFL-Pro Suite MFC-7360N (HKLM-x32\...\{3ACCCFB3-7B17-4E9F-ACB0-46868FCD4487}) (Version: 1.1.3.0 - Brother Industries, Ltd.)
Browntech Image Plugin for Internet Explorer (HKLM-x32\...\{30EF82DA-D159-4A2E-A6B0-F95D10F55B4A}) (Version: 3.00.0000 - BrownTech, Inc.)
Build-a-lot 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Catalina Savings Printer (HKLM-x32\...\{37331C16-3E97-4A20-80D8-BFB43AB0E2FB}) (Version: 1.0.0 - Catalina Marketing Corp) <==== ATTENTION
Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Citrix Online Launcher (HKLM-x32\...\{678753E6-E526-4AE5-A144-00240772543A}) (Version: 1.0.393 - Citrix)
ClamWin Free Antivirus 0.97.3 (HKLM-x32\...\ClamWin Free Antivirus_is1) (Version: - alch)
clear.fi (HKLM-x32\...\InstallShield_{2637C347-9DAD-11D6-9EA2-00055D0CA761}) (Version: 1.0.1111.15 - CyberLink Corp.)
clear.fi (x32 Version: 1.0.1111.15 - CyberLink Corp.) Hidden
clear.fi (x32 Version: 9.0.7105 - CyberLink Corp.) Hidden
clear.fi Client (HKLM-x32\...\{43AAE145-83CF-4C96-9A5E-756CEFCE879F}) (Version: 1.00.3007 - Acer Incorporated)
Coupon Printer for Windows (HKLM-x32\...\Coupon Printer for Windows5.0.0.4) (Version: 5.0.0.4 - Coupons.com Incorporated)
CouponBar (HKLM-x32\...\CouponBar5.0.0.4) (Version: 5.0.0.4 - Coupons.com Incorporated) <==== ATTENTION
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DataMaster RhodeIslandStateWideMLS (HKLM-x32\...\DataMaster RhodeIslandStateWideMLS) (Version: 4.55.5869.26483 - Market Data Service LLC)
Diner Dash 2 Restaurant Rescue (x32 Version: 2.2.0.95 - WildTangent) Hidden
Dora's Carnival Adventure (x32 Version: 2.2.0.95 - WildTangent) Hidden
Dropbox (HKU\S-1-5-21-1550112743-170410322-4251018227-1000\...\Dropbox) (Version: 23.4.18 - Dropbox, Inc.)
eBay Worldwide (HKLM-x32\...\{E0B19DF7-B1C7-4937-82C4-0E4B1E346965}) (Version: 2.1.0901 - OEM)
eSobi v2 (HKLM-x32\...\InstallShield_{15D967B5-A4BE-42AE-9E84-64CD062B25AA}) (Version: 2.0.4.000274 - esobi Inc.)
eSobi v2 (x32 Version: 2.0.4.000274 - esobi Inc.) Hidden
FATE (x32 Version: 2.2.0.95 - WildTangent) Hidden
FMW 1 (Version: 1.143.3 - AVG Technologies) Hidden
Google Chrome (HKU\S-1-5-21-1550112743-170410322-4251018227-1000\...\Google Chrome) (Version: 57.0.2987.133 - Google Inc.)
Google Talk Plugin (HKLM-x32\...\{F9B579C2-D854-300A-BE62-A09EB9D722E4}) (Version: 5.41.3.0 - Google)
GoToMeeting 8.2.0.6634 (HKU\S-1-5-21-1550112743-170410322-4251018227-1000\...\GoToMeeting) (Version: 8.2.0.6634 - CitrixOnline)
Hotkey Utility (HKLM-x32\...\Hotkey Utility) (Version: 2.05.3009 - Acer Incorporated)
iCloud (HKLM\...\{0493048C-CB1A-44B7-8BB3-8467AF7BA9E4}) (Version: 6.1.2.13 - Apple Inc.)
Identity Card (HKLM-x32\...\Identity Card) (Version: 1.00.3003 - Acer Incorporated)
ImagXpress (x32 Version: 7.0.74.0 - Nero AG) Hidden
IPVanish (HKLM\...\A57226AD-BDAF-4860-BD4E-EDA6BC546189_is1) (Version: 3.0.6.0 - IPVANISH)
iTunes (HKLM\...\{9D0D2A8B-7E7B-4D88-8D50-24286ED6A5EB}) (Version: 12.5.5.5 - Apple Inc.)
Java 8 Update 121 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180121F0}) (Version: 8.0.1210.13 - Oracle Corporation)
Jewel Quest - Heritage (x32 Version: 2.2.0.95 - WildTangent) Hidden
Jewel Quest Solitaire 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
John Deere Drive Green (x32 Version: 2.2.0.95 - WildTangent) Hidden
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
KMPlayer (remove only) (HKLM-x32\...\The KMPlayer) (Version: 4.1.5.8 - PandoraTV)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.11.523.1 - McAfee, Inc.)
MediaEspresso (x32 Version: 1.0.1028_32125 - CyberLink Corp.) Hidden
MediaShow Espresso (x32 Version: 5.5.1422_24072 - CyberLink Corp.) Hidden
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft Office Click-to-Run 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Home and Student 2013 - en-us (HKLM\...\HomeStudentRetail - en-us) (Version: 15.0.4911.1002 - Microsoft Corporation)
Microsoft Office Starter 2010 - English (HKLM-x32\...\{90140011-0066-0409-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1550112743-170410322-4251018227-1000\...\OneDriveSetup.exe) (Version: 17.3.6798.0207 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50905.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Touch Pack for Windows 7 (HKLM-x32\...\{8FF90DB8-6DED-44A3-B182-244FEC09012F}) (Version: 1.0.40517.00 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23918 (HKLM-x32\...\{dab68466-3a7d-41a8-a5cf-415e3ff8ef71}) (Version: 14.0.23918.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23918 (HKLM-x32\...\{2e085fd2-a3e4-4b39-8e10-6b8d35f55244}) (Version: 14.0.23918.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 3.0 (HKLM-x32\...\{3898934B-05AE-41CD-96BE-70DA9BFBCE1F}) (Version: 3.0.11010.0 - Microsoft Corporation)
Mozilla Firefox 48.0.2 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 48.0.2 (x86 en-US)) (Version: 48.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 48.0.2.6079 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MyWinLocker (x32 Version: 3.1.212.0 - Egis Technology Inc.) Hidden
MyWinLocker Suite (HKLM-x32\...\InstallShield_{738BF5C3-AF7B-4BB0-B7EF-E505EFC756BE}) (Version: 3.1.212.0 - Egis Technology Inc.)
MyWinLocker Suite (x32 Version: 3.1.212.0 - Egis Technology Inc.) Hidden
Nero 9 Essentials (HKLM-x32\...\{7610bffa-ba1f-4747-b6fc-e91e4bef3359}) (Version: - Nero AG)
NOOK for PC (HKLM-x32\...\BN_DesktopReader) (Version: 2.5.1.237 - Barnesandnoble.com)
Norton Online Backup (HKLM-x32\...\{40A66DF6-22D3-44B5-A7D3-83B118A2C0DC}) (Version: 2.1.17869 - Symantec Corporation)
Nuance PaperPort 12 (HKLM-x32\...\{6C0A559F-8583-4B5A-8B50-20BEE15D8E64}) (Version: 12.1.0000 - Nuance Communications, Inc.)
Nuance PDF Viewer Plus (HKLM-x32\...\{28656860-4728-433C-8AD4-D1A930437BC8}) (Version: 5.30.3290 - Nuance Communications, Inc)
NVIDIA 3D Vision Driver 342.01 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 342.01 - NVIDIA Corporation)
NVIDIA Display Control Panel (HKLM\...\NVIDIA Display Control Panel) (Version: 6.14.12.5933 - NVIDIA Corporation)
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.5 - NVIDIA Corporation)
NVIDIA ForceWare Network Access Manager (HKLM-x32\...\InstallShield_{7CFA46E3-CC2F-4355-82AE-6012DC3633FD}) (Version: 1.00.7316 - NVIDIA Corporation)
NVIDIA Graphics Driver 342.01 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 342.01 - NVIDIA Corporation)
NVIDIA Update 10.4.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 10.4.0 - NVIDIA Corporation)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4911.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4911.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4911.1002 - Microsoft Corporation) Hidden
Pandora Service (HKLM-x32\...\4F6D5E84-5826-4394-9F40-3A9A19165651_is1) (Version: - Pandora.TV) <==== ATTENTION
PaperPort Image Printer 64-bit (HKLM\...\{715CAACC-579B-4831-A5F4-A83A8DE3EFE2}) (Version: 1.00.0001 - Nuance Communications, Inc.)
Penguins! (x32 Version: 2.2.0.95 - WildTangent) Hidden
Plants vs. Zombies (x32 Version: 2.2.0.95 - WildTangent) Hidden
Polar Bowler (x32 Version: 2.2.0.95 - WildTangent) Hidden
Polar Golfer (x32 Version: 2.2.0.95 - WildTangent) Hidden
QuickTime 7 (HKLM-x32\...\{80CEEB1E-0A6C-45B9-A312-37A1D25FDEBC}) (Version: 7.78.80.95 - Apple Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6215 - Realtek Semiconductor Corp.)
Safari (HKLM-x32\...\{C779648B-410E-4BBA-B75B-5815BCEFE71D}) (Version: 5.34.57.2 - Apple Inc.)
Sassafras K2 Client (HKLM\...\{E23D1D2C-1762-11D5-A8D2-00C04FA35723}) (Version: 7.2 - Sassafras Software Inc.)
Scansoft PDF Professional (x32 Version: - ) Hidden
Shredder (Version: 2.0.8.3 - Egis Technology Inc.) Hidden
Shredder (x32 Version: 2.0.8.3 - Egis Technology Inc.) Hidden
Skype Click to Call (HKLM-x32\...\{873F8E7C-10E6-449F-BD7E-5FBA7C8E1C9B}) (Version: 8.5.0.9167 - Microsoft Corporation)
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
Sling (HKLM-x32\...\{A0C306FE-01A5-4B94-A037-EF5403F8CE41}) (Version: 5.0.174 - Echostar)
Spotify (HKU\S-1-5-21-1550112743-170410322-4251018227-1000\...\Spotify) (Version: 1.0.51.693.g6ea1e7f6 - Spotify AB)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1) (Version: 1.6.2 - Safer Networking Limited)
Tepi version 2.4 (HKLM-x32\...\Tepi_is1) (Version: 2.4 - )
Times Reader (HKLM-x32\...\com.nyt.timesreader.78C54164786ADE80CB31E1C5D95607D0938C987A.1) (Version: 2.055 - The New York Times Company)
Times Reader (x32 Version: 2.055 - The New York Times Company) Hidden
TouchSettings (HKLM-x32\...\{75880CD4-9436-4EDD-B7E7-400EBFD60B2C}) (Version: 1.00.0006 - Acer Incorporated)
uTorrentBar Toolbar (HKLM-x32\...\uTorrentBar Toolbar) (Version: 6.8.2.0 - uTorrentBar) <==== ATTENTION
Virtual Earth 3D (Beta) (HKLM\...\{6ACE7F46-FACE-4125-AE86-672F4F2A6A28}) (Version: 4.0.903.16005 - Microsoft Corporation)
Virtual Villagers 4 - The Tree of Life (x32 Version: 2.2.0.95 - WildTangent) Hidden
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player 1.1.11 (HKLM-x32\...\VLC media player) (Version: 1.1.11 - VideoLAN)
Welcome Center (HKLM-x32\...\Acer Welcome Center) (Version: 1.02.3005 - Acer Incorporated)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3502.0922 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Zuma's Revenge (x32 Version: 2.2.0.95 - WildTangent) Hidden
 
==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

HKU\S-1-5-21-1550112743-170410322-4251018227-1000\...\ChromeHTML: -> C:\Users\Owner\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1550112743-170410322-4251018227-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Owner\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1550112743-170410322-4251018227-1000_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-813CB5835A7A}\InprocServer32 -> %%systemroot%%\system32\shell32.dll => No File
CustomCLSID: HKU\S-1-5-21-1550112743-170410322-4251018227-1000_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\Owner\AppData\Local\Google\Update\1.3.25.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1550112743-170410322-4251018227-1000_Classes\CLSID\{1423F872-3F7F-4E57-B621-8B1A9D49B448}\InprocServer32 -> C:\Users\Owner\AppData\Local\Google\Update\1.3.27.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1550112743-170410322-4251018227-1000_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\Owner\AppData\Local\Google\Update\1.3.23.9\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1550112743-170410322-4251018227-1000_Classes\CLSID\{590C4387-5EBD-4D46-8A84-CD0BA2EF2856}\InprocServer32 -> C:\Users\Owner\AppData\Local\Google\Update\1.3.30.3\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1550112743-170410322-4251018227-1000_Classes\CLSID\{59B55F04-DE14-4BB8-92FF-C4A22EF2E5F4}\InprocServer32 -> C:\Users\Owner\AppData\Local\Google\Update\1.3.31.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1550112743-170410322-4251018227-1000_Classes\CLSID\{5C8C2A98-6133-4EBA-BBCC-34D9EA01FC2E}\InprocServer32 -> C:\Users\Owner\AppData\Local\Google\Update\1.3.28.1\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1550112743-170410322-4251018227-1000_Classes\CLSID\{78550997-5DEF-4A8A-BAF9-D5774E87AC98}\InprocServer32 -> C:\Users\Owner\AppData\Local\Google\Update\1.3.28.13\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1550112743-170410322-4251018227-1000_Classes\CLSID\{793EE463-1304-471C-ADF1-68C2FFB01247}\InprocServer32 -> C:\Users\Owner\AppData\Local\Google\Update\1.3.29.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1550112743-170410322-4251018227-1000_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}\InprocServer32 -> C:\Users\Owner\AppData\Local\Citrix\GoToMeeting\4431\G2MOutlookAddin64.dll (Citrix Online, a division of Citrix Systems, Inc.)
CustomCLSID: HKU\S-1-5-21-1550112743-170410322-4251018227-1000_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\Owner\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1550112743-170410322-4251018227-1000_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}\InprocServer32 -> C:\Users\Owner\AppData\Local\Google\Update\1.3.26.9\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1550112743-170410322-4251018227-1000_Classes\CLSID\{CB492AF1-2CEF-4E58-BE47-471C77D0C8BA}\InprocServer32 -> C:\Users\Owner\AppData\Local\Google\Update\1.3.32.7\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1550112743-170410322-4251018227-1000_Classes\CLSID\{CC182BE1-84CE-4A57-B85C-FD4BBDF78CB2}\InprocServer32 -> C:\Users\Owner\AppData\Local\Google\Update\1.3.29.1\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1550112743-170410322-4251018227-1000_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\Owner\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1550112743-170410322-4251018227-1000_Classes\CLSID\{D1EDC4F5-7F4D-4B12-906A-614ECF66DDAF}\InprocServer32 -> C:\Users\Owner\AppData\Local\Google\Update\1.3.28.15\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1550112743-170410322-4251018227-1000_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
CustomCLSID: HKU\S-1-5-21-1550112743-170410322-4251018227-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Owner\AppData\Local\Google\Update\1.3.32.7\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1550112743-170410322-4251018227-1000_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Owner\AppData\Roaming\Dropbox\bin\DropboxExt64.15.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1550112743-170410322-4251018227-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Owner\AppData\Roaming\Dropbox\bin\DropboxExt64.15.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1550112743-170410322-4251018227-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Owner\AppData\Roaming\Dropbox\bin\DropboxExt64.15.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1550112743-170410322-4251018227-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Owner\AppData\Roaming\Dropbox\bin\DropboxExt64.15.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1550112743-170410322-4251018227-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Owner\AppData\Roaming\Dropbox\bin\DropboxExt64.15.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1550112743-170410322-4251018227-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Owner\AppData\Roaming\Dropbox\bin\DropboxExt64.15.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1550112743-170410322-4251018227-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Owner\AppData\Roaming\Dropbox\bin\DropboxExt64.15.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1550112743-170410322-4251018227-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Owner\AppData\Roaming\Dropbox\bin\DropboxExt64.15.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1550112743-170410322-4251018227-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Owner\AppData\Roaming\Dropbox\bin\DropboxExt64.15.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1550112743-170410322-4251018227-1000_Classes\CLSID\{FB314EE1-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Owner\AppData\Roaming\Dropbox\bin\DropboxExt64.15.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1550112743-170410322-4251018227-1000_Classes\CLSID\{FB314EE2-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Owner\AppData\Roaming\Dropbox\bin\DropboxExt64.15.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1550112743-170410322-4251018227-1000_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\Owner\AppData\Roaming\Dropbox\bin\DropboxExt64.15.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1550112743-170410322-4251018227-1000_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\Owner\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll => No File

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {00B84456-A34E-4C51-A29E-884A9826AF3D} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => %SystemRoot%\ehome\ehPrivJob.exe
Task: {027F3C0D-23EC-4984-AC67-17E6A614080D} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {03CFAB11-91E7-4E01-9518-884DE70D7287} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {07C9C172-E3B1-461D-9E90-9E0EAD71D17C} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {1A013823-1451-4FBE-9DD5-AEF26C875EEA} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1550112743-170410322-4251018227-1000Core => C:\Users\Owner\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {1A15ADCF-FE54-4D24-B951-A82BE8214AC4} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1550112743-170410322-4251018227-1000UA1d2588094a41701 => C:\Users\Owner\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {1AFDFB47-9988-431F-BC5C-0F9AC8F95A6C} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => %SystemRoot%\ehome\ehPrivJob.exe
Task: {1D6AA372-0922-4D52-9E26-7A07A67DB616} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => %SystemRoot%\ehome\ehPrivJob.exe
Task: {1FB834B6-CBD3-4F95-AF80-44FA726D3D04} - System32\Tasks\G2MUploadTask-S-1-5-21-1550112743-170410322-4251018227-1000 => C:\Users\Owner\AppData\Local\Citrix\GoToMeeting\5573\g2mupload.exe [2016-09-21] (Citrix Online, a division of Citrix Systems, Inc.)
Task: {2060526B-F6D7-4538-990C-1F48985B1DBB} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => %SystemRoot%\ehome\ehPrivJob.exe
Task: {31F37556-7F5A-4F21-BBED-81BD36ED571B} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => %SystemRoot%\ehome\ehPrivJob.exe
Task: {3968379F-77B1-4AB5-BD83-C28299EA2D52} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {39F9FD97-5F0B-4B89-B9A9-5828142287D2} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> No File <==== ATTENTION
Task: {3FFAE560-36D2-4BA0-90FE-7AE41D2D454E} - System32\Tasks\OneDrive Standalone Update Task => C:\Users\Owner\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\OneDriveStandaloneUpdater.exe
Task: {3FFEFE25-5C09-405A-AEB3-0C9389990286} - System32\Tasks\{B2AFBA7C-C390-418E-A6C6-774C2E5ADA69} => pcalua.exe -a "C:\Users\Owner\AppData\Local\Temp\Temp1_addin_win_r96 (2).zip\setup.exe" <==== ATTENTION
Task: {4353B8C1-D3A7-4453-86A4-FD830BC87049} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => %SystemRoot%\ehome\ehPrivJob.exe
Task: {4D41BCEF-ABA1-45F5-815C-FB59F68301BB} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1550112743-170410322-4251018227-1000UA1d23779c73e65fb => C:\Users\Owner\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2016-11-05] (Dropbox, Inc.)
Task: {4EF58A46-B297-435B-83D9-A7AA29DA9D3B} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => %SystemRoot%\ehome\ehPrivJob.exe
Task: {510B834F-F397-429B-B950-3A7F90B15675} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => %SystemRoot%\ehome\mcupdate.exe
Task: {52878A8A-699F-4510-A2A6-EA0854590C7C} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => %SystemRoot%\ehome\mcupdate.exe
Task: {53408745-5597-412E-BE91-655F064ABACA} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => %SystemRoot%\ehome\ehPrivJob.exe
Task: {5C640EA3-7F8E-421D-B938-4055FA01AB31} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {6339C904-72B5-40ED-88D2-BF5FDCC0DECC} - System32\Tasks\clear.fiAgent => C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe [2010-11-11] (CyberLink Corp.)
Task: {6BDB5723-CA78-4AC0-8E29-68292E80D775} - System32\Tasks\Apple Diagnostics => C:\Program Files (x86)\Common Files\Apple\Internet Services\EReporter.exe [2017-01-17] (Apple Inc.)
Task: {7121A4B7-8518-493D-A18E-0FFF70FBC31F} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2016-02-23] (Apple Inc.)
Task: {7717DA65-BA17-42FE-A4DC-D59324DA22DB} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => %SystemRoot%\ehome\mcupdate.exe
Task: {79DE9998-595C-4618-A8EE-9843D6820ADD} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {7BD2E14C-FED6-4C98-AE28-BFD42B2BE08A} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => %SystemRoot%\ehome\ehPrivJob.exe
Task: {80AFCAA2-2597-48C4-9FC1-241A4B7BA006} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => %windir%\ehome\MCUpdate.exe
Task: {81A1BB64-661F-4C9C-A109-5FC717EEB08B} - System32\Tasks\AVG EUpdate Task => avgsetupx.exe
Task: {82ED7596-54EA-4CC4-A6B7-C3D5A1325771} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1550112743-170410322-4251018227-1000Core1d25880948ce5bc => C:\Users\Owner\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {830CCC6F-CEFF-4932-82C2-5EFEE7DF2AA3} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {8480F9BF-B256-4C1F-9540-4D910E19A3C1} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => %SystemRoot%\ehome\mcupdate.exe
Task: {91DFA57E-28FA-46D5-8C0C-29F8E7BBE0C1} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2017-03-15] (Microsoft Corporation)
Task: {9A6DB340-18E4-401B-8115-4F2A18019D64} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => %SystemRoot%\ehome\mcupdate.exe
Task: {9F9824B6-4E1D-4E13-ADB8-0A739834FA5E} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-12-19] (Adobe Systems Incorporated)
Task: {A33317FE-4C44-47E6-82CF-7A5D367EC8BA} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1550112743-170410322-4251018227-1000UA => C:\Users\Owner\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {A48C3B3F-6B83-4DC5-AF62-5793FD1798E7} - System32\Tasks\G2MUpdateTask-S-1-5-21-1550112743-170410322-4251018227-1000 => C:\Users\Owner\AppData\Local\Citrix\GoToMeeting\5573\g2mupdate.exe [2016-09-21] (Citrix Online, a division of Citrix Systems, Inc.)
Task: {AB0A4A82-41EF-45AD-B88F-71B46596735E} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => %SystemRoot%\ehome\ehPrivJob.exe
Task: {BC86AEA0-9A83-46B2-B417-FE4933023506} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => %SystemRoot%\ehome\ehPrivJob.exe
Task: {BE6DB5C9-CE35-4900-845E-1C3562F44721} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {C06C0508-B7A2-4FD8-A1C6-ACCBC5C9DC05} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2017-01-17] (Microsoft Corporation)
Task: {C30131D3-85E7-4EBE-AB98-4BD10F89B93F} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2017-01-17] (Microsoft Corporation)
Task: {CA0FE3E7-43CE-4DCB-B0BA-1C720983D4AE} - System32\Tasks\DMREngine => C:\Program Files (x86)\Acer\clear.fi\MVP\.\Kernel\DMR\DMREngine.exe [2010-11-11] (CyberLink)
Task: {DA92DF1B-E2F3-4ED5-9EDF-E52B00215394} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {DC05B185-54FC-4E24-9BD0-E0D3295A7B6B} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => %SystemRoot%\ehome\ehrec.exe
Task: {DCA7C30D-1A12-47D5-9687-655F9FFEA237} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-03-20] (Adobe Systems Incorporated)
Task: {DD2A87F2-A37C-43CD-A6AF-E54A90AE511D} - System32\Tasks\{C8DF1F94-6F07-4DAD-9971-432D502707DF} => pcalua.exe -a F:\PSD\PhotoshopPortable.exe -d F:\PSD
Task: {E4383319-676E-48B8-B2AC-C20E845ABAE2} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => %SystemRoot%\ehome\mcupdate.exe
Task: {E5895421-DF01-43E4-B779-6593ED7DB8AA} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {E8C0B78D-1E1E-44C0-8AA8-11C92D5DB81A} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1550112743-170410322-4251018227-1000Core1d23779c6ff613d => C:\Users\Owner\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2016-11-05] (Dropbox, Inc.)
Task: {EED6063B-1F22-4780-8549-FBB3BFFA9E38} - System32\Tasks\clear.fi => C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fi.exe [2010-11-11] (Acer Incorporated)
Task: {F270B334-62DD-4FAC-9AEB-0F0829636A7F} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => %SystemRoot%\ehome\ehPrivJob.exe
Task: {F33F2697-0C2F-497A-A806-14CCB26C1843} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => %SystemRoot%\ehome\ehPrivJob.exe
Task: {F5ADAB2D-6C5F-4C0D-B607-031C6124A978} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {F80828C9-D3F9-4B4B-99E8-4B1439032FE4} - System32\Tasks\{F00CABC0-3F1D-4C5F-B2AA-1DE760779FBA} => pcalua.exe -a C:\Users\Owner\AppData\Local\Temp\Temp1_addin_win_r96.zip\setup.exe <==== ATTENTION
Task: {FF6EC5DC-8622-4181-846E-F4A7F4492202} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => %SystemRoot%\ehome\mcupdate.exe
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-1550112743-170410322-4251018227-1000Core1d23779c6ff613d.job => C:\Users\Owner\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-1550112743-170410322-4251018227-1000UA1d23779c73e65fb.job => C:\Users\Owner\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\G2MUpdateTask-S-1-5-21-1550112743-170410322-4251018227-1000.job => C:\Users\Owner\AppData\Local\Citrix\GoToMeeting\6634\g2mupdate.exe
Task: C:\WINDOWS\Tasks\G2MUploadTask-S-1-5-21-1550112743-170410322-4251018227-1000.job => C:\Users\Owner\AppData\Local\Citrix\GoToMeeting\6634\g2mupload.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1550112743-170410322-4251018227-1000Core.job => C:\Users\Owner\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1550112743-170410322-4251018227-1000UA.job => C:\Users\Owner\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\Owner\Desktop\Dumont - Chrome.lnk -> C:\Users\Owner\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 1"
ShortcutWithArgument: C:\Users\Public\Desktop\Netflix.lnk -> C:\ProgramData\OEM_E471269A730D\Netflix\StartURL.exe () -> hxxp://homepage.acer.com/redirect.aspx?rid=09000001

==================== Loaded Modules (Whitelisted) ==============

2016-07-16 07:42 - 2016-07-16 07:42 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2017-03-15 19:19 - 2017-03-04 03:19 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2015-09-19 08:11 - 2017-03-12 12:32 - 00981576 ____N () C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe
2016-09-25 21:03 - 2016-11-14 07:15 - 00135224 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2017-02-28 16:19 - 2017-02-28 16:19 - 00102064 _____ () C:\Program Files (x86)\Amazon\Amazon Assistant\amazonAssistantService.exe
2014-03-24 19:53 - 2017-01-17 03:25 - 00117440 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2013-05-20 22:54 - 2013-05-20 22:54 - 01571352 _____ () C:\Program Files (x86)\AVG Quick ThreatScan\qtsscand.exe
2016-09-01 18:12 - 2016-09-01 18:12 - 00092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2017-01-13 14:56 - 2017-01-13 14:56 - 01353528 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2009-08-10 20:01 - 2009-08-10 20:01 - 00626208 _____ () C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe
2009-08-10 20:00 - 2009-08-10 20:00 - 00070176 _____ () C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nv_common.dll
2009-08-10 20:01 - 2009-08-10 20:01 - 00578592 _____ () C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\SpecialCase.dll
2011-11-23 05:12 - 2010-02-24 04:42 - 00244904 ____N () C:\Program Files (x86)\Cyberlink\Shared files\RichVideo.exe
2009-08-10 20:01 - 2009-08-10 20:01 - 00206880 _____ () C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe
2017-03-15 19:19 - 2017-03-04 03:19 - 02681200 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll
2016-10-25 09:57 - 2016-10-25 09:57 - 00491184 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll
2017-03-21 19:52 - 2017-01-31 08:34 - 08909512 _____ () C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2016-09-26 00:54 - 2016-09-26 00:54 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2017-03-15 19:18 - 2017-03-04 02:31 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2017-03-15 19:18 - 2017-03-04 02:30 - 00693248 _____ () C:\Windows\ShellExperiences\MtcUvc.dll
2017-03-15 19:19 - 2017-03-04 02:12 - 09760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2017-03-15 19:19 - 2017-03-04 02:05 - 01401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-03-15 19:19 - 2017-03-04 02:05 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2017-03-15 19:19 - 2017-03-04 02:05 - 01033216 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll
2017-03-15 19:19 - 2017-03-04 02:05 - 02424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2017-03-15 19:20 - 2017-03-04 02:08 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2010-08-04 08:40 - 2010-08-04 08:40 - 00611872 _____ () C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe
2015-09-19 10:19 - 2017-03-12 12:32 - 02183752 _____ () C:\Program Files (x86)\AVG Web TuneUp\vprot.exe
2016-10-02 11:32 - 2016-09-15 13:29 - 03388256 _____ () C:\Windows\SystemApps\Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy\ContentDeliveryManager.Background.dll
2012-01-09 22:52 - 2016-03-19 19:08 - 01277952 _____ () C:\Program Files (x86)\PANDORA.TV\PanService\avformat-53.dll
2012-01-09 22:52 - 2012-01-09 22:52 - 00133632 _____ () C:\Program Files (x86)\PANDORA.TV\PanService\avutil-51.dll
2012-01-09 22:52 - 2012-01-09 22:52 - 02090496 _____ () C:\Program Files (x86)\PANDORA.TV\PanService\avcodec-53.dll
2012-03-13 23:10 - 2012-03-22 21:51 - 00224768 _____ () C:\Program Files (x86)\PANDORA.TV\PanService\libupnp.dll
2010-11-11 21:57 - 2010-11-11 21:57 - 00210304 _____ () C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\DMR\CLNetMediaDMA.dll
2017-03-31 17:40 - 2017-03-28 22:04 - 02187096 _____ () C:\Users\Owner\AppData\Local\Google\Chrome\Application\57.0.2987.133\libglesv2.dll
2017-03-31 17:40 - 2017-03-28 22:04 - 00086360 _____ () C:\Users\Owner\AppData\Local\Google\Chrome\Application\57.0.2987.133\libegl.dll
2011-11-23 04:49 - 2010-03-12 01:14 - 00014368 _____ () C:\Program Files (x86)\Acer\Acer TouchPortal\LanguageDll\TouchPortalLauncher-en.dll
2017-01-13 14:56 - 2017-01-13 14:56 - 01041720 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2017-01-13 14:56 - 2017-01-13 14:56 - 00189752 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxslt.dll
2016-09-01 18:13 - 2016-09-01 18:13 - 00080184 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2015-03-19 07:49 - 2017-03-25 09:41 - 67725936 _____ () C:\Users\Owner\AppData\Roaming\Spotify\libcef.dll
2016-10-27 20:09 - 2017-03-25 09:41 - 00110192 _____ () C:\Users\Owner\AppData\Roaming\Spotify\SpotifyWinRT.dll
2011-07-14 08:21 - 2011-07-14 08:21 - 02263552 _____ () C:\Program Files (x86)\VideoLAN\VLC\libvlccore.dll
2010-08-04 05:47 - 2010-08-04 05:47 - 00144896 _____ () C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyHook.dll
2011-12-20 20:21 - 2005-02-08 18:23 - 00979005 _____ () C:\Program Files (x86)\ClamWin\bin\python23.dll
2011-12-20 20:21 - 2004-11-20 04:27 - 00069632 _____ () C:\Program Files (x86)\ClamWin\lib\win32api.pyd
2011-12-20 20:21 - 2004-10-11 21:21 - 00094208 _____ () C:\Program Files (x86)\ClamWin\lib\pywintypes23.dll
2011-12-20 20:21 - 2004-05-25 22:18 - 00057401 _____ () C:\Program Files (x86)\ClamWin\lib\_sre.pyd
2011-12-20 20:21 - 2004-11-20 04:27 - 00086016 _____ () C:\Program Files (x86)\ClamWin\lib\win32gui.pyd
2011-12-20 20:21 - 2004-11-20 04:27 - 00024576 _____ () C:\Program Files (x86)\ClamWin\lib\win32event.pyd
2011-12-20 20:21 - 2004-11-20 04:27 - 00036864 _____ () C:\Program Files (x86)\ClamWin\lib\win32process.pyd
2011-12-20 20:21 - 2004-05-25 22:18 - 00049212 _____ () C:\Program Files (x86)\ClamWin\lib\_socket.pyd
2011-12-20 20:21 - 2004-05-25 22:18 - 00495616 _____ () C:\Program Files (x86)\ClamWin\lib\_ssl.pyd
2011-12-20 20:21 - 2004-05-25 22:20 - 00036864 _____ () C:\Program Files (x86)\ClamWin\lib\_winreg.pyd
2011-12-20 20:21 - 2004-10-11 21:22 - 00315392 _____ () C:\Program Files (x86)\ClamWin\lib\pythoncom23.dll
2011-12-20 20:21 - 2004-11-20 04:27 - 00106496 _____ () C:\Program Files (x86)\ClamWin\lib\shell.pyd
2011-12-20 20:21 - 2004-11-20 04:27 - 00065536 _____ () C:\Program Files (x86)\ClamWin\lib\win32security.pyd
2011-12-20 20:21 - 2004-01-15 15:45 - 00061440 _____ () C:\Program Files (x86)\ClamWin\lib\_ctypes.pyd
2011-12-20 20:21 - 2004-11-20 04:27 - 00077824 _____ () C:\Program Files (x86)\ClamWin\lib\win32file.pyd
2011-12-20 20:21 - 2004-11-20 04:27 - 00024576 _____ () C:\Program Files (x86)\ClamWin\lib\win32pipe.pyd
2011-12-20 20:21 - 2003-10-01 14:40 - 02240512 _____ () C:\Program Files (x86)\ClamWin\lib\wxc.pyd
2011-12-20 20:21 - 2003-10-01 12:43 - 03239936 _____ () C:\Program Files (x86)\ClamWin\lib\wxmsw24h.dll
2011-12-20 20:21 - 2003-08-10 10:14 - 00061440 _____ () C:\Program Files (x86)\ClamWin\lib\mxDateTime.pyd
2011-12-20 20:21 - 2004-05-25 22:17 - 00622651 _____ () C:\Program Files (x86)\ClamWin\lib\_bsddb.pyd
2011-12-20 20:21 - 2004-05-25 22:19 - 00045117 _____ () C:\Program Files (x86)\ClamWin\lib\datetime.pyd
2016-02-03 20:55 - 2009-02-27 17:38 - 00139264 ____R () C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll
2016-10-25 10:51 - 2016-10-25 10:51 - 40523456 _____ () C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\CEF\libcef.dll
2016-12-03 14:27 - 2016-12-03 14:27 - 48920064 _____ () C:\Program Files (x86)\AVG\UiDll\2623\libcef.dll
2015-03-19 07:49 - 2017-03-25 09:41 - 01929840 _____ () C:\Users\Owner\AppData\Roaming\Spotify\libglesv2.dll
2015-03-19 07:49 - 2017-03-25 09:41 - 00087152 _____ () C:\Users\Owner\AppData\Roaming\Spotify\libegl.dll
2017-04-07 18:42 - 2017-04-06 13:05 - 00870720 _____ () C:\Users\Owner\AppData\Roaming\Dropbox\bin\dropbox_watchdog.dll
2017-04-07 18:42 - 2017-03-20 14:10 - 00035792 _____ () C:\Users\Owner\AppData\Roaming\Dropbox\bin\_multiprocessing.pyd
2017-04-07 18:42 - 2017-03-20 14:10 - 00100296 _____ () C:\Users\Owner\AppData\Roaming\Dropbox\bin\_ctypes.pyd
2017-04-07 18:42 - 2017-03-20 14:10 - 00018888 _____ () C:\Users\Owner\AppData\Roaming\Dropbox\bin\select.pyd
2017-04-07 18:42 - 2017-04-06 13:07 - 00019776 _____ () C:\Users\Owner\AppData\Roaming\Dropbox\bin\tornado.speedups.pyd
2017-04-07 18:42 - 2017-04-06 13:07 - 00020824 _____ () C:\Users\Owner\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._constant_time.pyd
2017-04-07 18:42 - 2017-03-20 14:11 - 00123856 _____ () C:\Users\Owner\AppData\Roaming\Dropbox\bin\_cffi_backend.pyd
2017-04-07 18:42 - 2017-03-20 14:10 - 00694224 _____ () C:\Users\Owner\AppData\Roaming\Dropbox\bin\unicodedata.pyd
2017-04-07 18:42 - 2017-04-06 13:07 - 01729360 _____ () C:\Users\Owner\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._openssl.pyd
2017-04-07 18:42 - 2017-04-06 13:07 - 00020816 _____ () C:\Users\Owner\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._padding.pyd
2017-04-07 18:42 - 2017-03-20 14:10 - 00145864 _____ () C:\Users\Owner\AppData\Roaming\Dropbox\bin\pyexpat.pyd
2017-04-07 18:42 - 2017-03-20 14:11 - 00019408 _____ () C:\Users\Owner\AppData\Roaming\Dropbox\bin\faulthandler.pyd
2017-04-07 18:42 - 2017-03-20 14:10 - 00116688 _____ () C:\Users\Owner\AppData\Roaming\Dropbox\bin\pywintypes27.dll
2017-04-07 18:42 - 2017-03-20 14:13 - 00105928 _____ () C:\Users\Owner\AppData\Roaming\Dropbox\bin\win32api.pyd
2017-04-07 18:42 - 2017-04-06 13:07 - 00022864 _____ () C:\Users\Owner\AppData\Roaming\Dropbox\bin\winffi.crt.compiled._winffi_crt.pyd
2017-04-07 18:42 - 2017-04-06 13:07 - 00060736 _____ () C:\Users\Owner\AppData\Roaming\Dropbox\bin\psutil._psutil_windows.pyd
2017-04-07 18:42 - 2017-04-06 13:07 - 00038712 _____ () C:\Users\Owner\AppData\Roaming\Dropbox\bin\fastpath.pyd
2017-04-07 18:42 - 2017-03-20 14:13 - 00024528 _____ () C:\Users\Owner\AppData\Roaming\Dropbox\bin\win32event.pyd
2017-04-07 18:42 - 2017-03-20 14:10 - 00392656 _____ () C:\Users\Owner\AppData\Roaming\Dropbox\bin\pythoncom27.dll
2017-04-07 18:42 - 2017-03-20 14:13 - 00020936 _____ () C:\Users\Owner\AppData\Roaming\Dropbox\bin\mmapfile.pyd
2017-04-07 18:42 - 2017-03-20 14:13 - 00116176 _____ () C:\Users\Owner\AppData\Roaming\Dropbox\bin\win32security.pyd
2017-04-07 18:42 - 2017-04-06 13:07 - 00392512 _____ () C:\Users\Owner\AppData\Roaming\Dropbox\bin\win32com.shell.shell.pyd
2017-04-07 18:42 - 2017-03-20 14:13 - 00124880 _____ () C:\Users\Owner\AppData\Roaming\Dropbox\bin\win32file.pyd
2017-04-07 18:42 - 2017-04-06 13:07 - 00026456 _____ () C:\Users\Owner\AppData\Roaming\Dropbox\bin\winffi.kernel32.compiled._winffi_kernel32.pyd
2017-04-07 18:42 - 2017-03-20 14:13 - 00024016 _____ () C:\Users\Owner\AppData\Roaming\Dropbox\bin\win32clipboard.pyd
2017-04-07 18:42 - 2017-03-20 14:13 - 00175560 _____ () C:\Users\Owner\AppData\Roaming\Dropbox\bin\win32gui.pyd
2017-04-07 18:42 - 2017-03-20 14:13 - 00030160 _____ () C:\Users\Owner\AppData\Roaming\Dropbox\bin\win32pipe.pyd
2017-04-07 18:42 - 2017-03-20 14:13 - 00043472 _____ () C:\Users\Owner\AppData\Roaming\Dropbox\bin\win32process.pyd
2017-04-07 18:42 - 2017-03-20 14:13 - 00048592 _____ () C:\Users\Owner\AppData\Roaming\Dropbox\bin\win32service.pyd
2017-04-07 18:42 - 2017-03-20 14:13 - 00057808 _____ () C:\Users\Owner\AppData\Roaming\Dropbox\bin\win32evtlog.pyd
2017-04-07 18:42 - 2017-03-20 14:13 - 00024016 _____ () C:\Users\Owner\AppData\Roaming\Dropbox\bin\win32profile.pyd
2017-04-07 18:42 - 2017-04-06 13:07 - 00246608 _____ () C:\Users\Owner\AppData\Roaming\Dropbox\bin\breakpad.client.windows.handler.pyd
2017-04-07 18:42 - 2017-04-06 13:07 - 00027488 _____ () C:\Users\Owner\AppData\Roaming\Dropbox\bin\dropbox.infinite.win.compiled._driverinstallation.pyd
2017-04-07 18:42 - 2017-03-20 14:12 - 00241104 _____ () C:\Users\Owner\AppData\Roaming\Dropbox\bin\_jpegtran.pyd
2017-04-07 18:42 - 2017-04-06 13:07 - 00022336 _____ () C:\Users\Owner\AppData\Roaming\Dropbox\bin\cpuid.compiled._cpuid.pyd
2017-04-07 18:42 - 2017-04-06 13:08 - 00025432 _____ () C:\Users\Owner\AppData\Roaming\Dropbox\bin\winscreenshot.compiled._CaptureScreenshot.pyd
2017-04-07 18:42 - 2017-03-20 14:13 - 00028616 _____ () C:\Users\Owner\AppData\Roaming\Dropbox\bin\win32ts.pyd
2017-04-07 18:42 - 2017-04-06 13:07 - 01826104 _____ () C:\Users\Owner\AppData\Roaming\Dropbox\bin\PyQt5.QtCore.pyd
2017-04-07 18:42 - 2017-03-20 14:11 - 00083912 _____ () C:\Users\Owner\AppData\Roaming\Dropbox\bin\sip.pyd
2017-04-07 18:42 - 2017-04-06 13:07 - 01972024 _____ () C:\Users\Owner\AppData\Roaming\Dropbox\bin\PyQt5.QtGui.pyd
2017-04-07 18:42 - 2017-04-06 13:07 - 03928896 _____ () C:\Users\Owner\AppData\Roaming\Dropbox\bin\PyQt5.QtWidgets.pyd
2017-04-07 18:42 - 2017-04-06 13:07 - 00171336 _____ () C:\Users\Owner\AppData\Roaming\Dropbox\bin\PyQt5.QtWebEngineWidgets.pyd
2017-04-07 18:42 - 2017-04-06 13:07 - 00042816 _____ () C:\Users\Owner\AppData\Roaming\Dropbox\bin\PyQt5.QtWebChannel.pyd
2017-04-07 18:42 - 2017-04-06 13:07 - 00531264 _____ () C:\Users\Owner\AppData\Roaming\Dropbox\bin\PyQt5.QtNetwork.pyd
2017-04-07 18:42 - 2017-04-06 13:07 - 00133432 _____ () C:\Users\Owner\AppData\Roaming\Dropbox\bin\PyQt5.QtWebKit.pyd
2017-04-07 18:42 - 2017-04-06 13:07 - 00224064 _____ () C:\Users\Owner\AppData\Roaming\Dropbox\bin\PyQt5.QtWebKitWidgets.pyd
2017-04-07 18:42 - 2017-04-06 13:07 - 00207680 _____ () C:\Users\Owner\AppData\Roaming\Dropbox\bin\PyQt5.QtPrintSupport.pyd
2017-04-07 18:42 - 2017-03-20 14:13 - 00060880 _____ () C:\Users\Owner\AppData\Roaming\Dropbox\bin\win32print.pyd
2017-04-07 18:42 - 2017-04-06 13:08 - 00053072 _____ () C:\Users\Owner\AppData\Roaming\Dropbox\bin\winrpcserver.compiled._RPCServer.pyd
2017-04-07 18:42 - 2017-04-06 13:08 - 00022864 _____ () C:\Users\Owner\AppData\Roaming\Dropbox\bin\winffi.user32.compiled._winffi_user32.pyd
2017-04-07 18:42 - 2017-04-06 13:07 - 00069968 _____ () C:\Users\Owner\AppData\Roaming\Dropbox\bin\windisplaytoast.compiled._DisplayToast.pyd
2017-04-07 18:42 - 2017-04-06 13:07 - 00022872 _____ () C:\Users\Owner\AppData\Roaming\Dropbox\bin\winffi.iphlpapi.compiled._winffi_iphlpapi.pyd
2017-04-07 18:42 - 2017-04-06 13:08 - 00021848 _____ () C:\Users\Owner\AppData\Roaming\Dropbox\bin\winffi.winerror.compiled._winffi_winerror.pyd
2017-04-07 18:42 - 2017-04-06 13:08 - 00022872 _____ () C:\Users\Owner\AppData\Roaming\Dropbox\bin\winffi.wininet.compiled._winffi_wininet.pyd
2017-04-07 18:42 - 2017-03-20 14:13 - 00349128 _____ () C:\Users\Owner\AppData\Roaming\Dropbox\bin\winxpgui.pyd
2017-04-07 18:42 - 2017-04-06 13:07 - 00103232 _____ () C:\Users\Owner\AppData\Roaming\Dropbox\bin\PyQt5.QtWinExtras.pyd
2017-04-07 18:42 - 2017-04-06 13:08 - 00023896 _____ () C:\Users\Owner\AppData\Roaming\Dropbox\bin\winverifysignature.compiled._VerifySignature.pyd
2017-04-07 18:42 - 2017-04-06 13:07 - 00025936 _____ () C:\Users\Owner\AppData\Roaming\Dropbox\bin\librsyncffi.compiled._librsyncffi.pyd
2017-04-07 18:42 - 2017-03-20 14:08 - 00036296 _____ () C:\Users\Owner\AppData\Roaming\Dropbox\bin\librsync.dll
2017-04-07 18:42 - 2017-04-06 13:07 - 00033112 _____ () C:\Users\Owner\AppData\Roaming\Dropbox\bin\enterprise_data.compiled._enterprise_data.pyd
2017-04-07 18:42 - 2017-03-22 13:47 - 00293392 _____ () C:\Users\Owner\AppData\Roaming\Dropbox\bin\EnterpriseDataAdapter.dll
2017-04-07 18:42 - 2017-04-06 13:07 - 00084288 _____ () C:\Users\Owner\AppData\Roaming\Dropbox\bin\dropbox_sqlite_ext.DLL
2017-04-07 18:42 - 2017-04-06 13:07 - 00030536 _____ () C:\Users\Owner\AppData\Roaming\Dropbox\bin\wind3d11.compiled._wind3d11.pyd
2017-04-07 18:42 - 2017-03-20 14:17 - 00017864 _____ () C:\Users\Owner\AppData\Roaming\Dropbox\bin\libEGL.dll
2017-04-07 18:42 - 2017-03-20 14:17 - 01631184 _____ () C:\Users\Owner\AppData\Roaming\Dropbox\bin\libGLESv2.dll
2017-04-07 18:42 - 2017-04-06 13:07 - 00357688 _____ () C:\Users\Owner\AppData\Roaming\Dropbox\bin\PyQt5.QtQml.pyd
2017-04-07 18:42 - 2017-04-06 13:08 - 00026456 _____ () C:\Users\Owner\AppData\Roaming\Dropbox\bin\winffi.winhttp.compiled._winffi_winhttp.pyd
2017-04-07 18:42 - 2017-04-06 13:07 - 00546104 _____ () C:\Users\Owner\AppData\Roaming\Dropbox\bin\PyQt5.QtQuick.pyd
 
==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-1550112743-170410322-4251018227-1000\...\alamode.com -> alamode.com
IE trusted site: HKU\S-1-5-21-1550112743-170410322-4251018227-1000\...\almsr.com -> almsr.com
IE trusted site: HKU\S-1-5-21-1550112743-170410322-4251018227-1000\...\appraiserxsites.com -> appraiserxsites.com
IE trusted site: HKU\S-1-5-21-1550112743-170410322-4251018227-1000\...\bing.com -> bing.com
IE trusted site: HKU\S-1-5-21-1550112743-170410322-4251018227-1000\...\certmail.com -> certmail.com
IE trusted site: HKU\S-1-5-21-1550112743-170410322-4251018227-1000\...\interflood.com -> interflood.com
IE trusted site: HKU\S-1-5-21-1550112743-170410322-4251018227-1000\...\virtualearth.net -> virtualearth.net
IE trusted site: HKU\S-1-5-21-1550112743-170410322-4251018227-1000\...\xsitesnetwork.com -> xsitesnetwork.com

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 22:34 - 2017-03-27 21:21 - 00001859 ____A C:\WINDOWS\system32\Drivers\etc\hosts

127.0.0.1 3dns.adobe.com 3dns-1.adobe.com 3dns-2.adobe.com 3dns-3.adobe.com 3dns-4.adobe.com activate.adobe.com activate-sea.adobe.com activate-sjc0.adobe.com activate.wip.adobe.com
127.0.0.1 activate.wip1.adobe.com activate.wip2.adobe.com activate.wip3.adobe.com activate.wip4.adobe.com adobe-dns.adobe.com adobe-dns-1.adobe.com adobe-dns-2.adobe.com adobe-dns-3.adobe.com adobe-dns-4.adobe.com
127.0.0.1 adobeereg.com practivate.adobe practivate.adobe.com practivate.adobe.newoa practivate.adobe.ntp practivate.adobe.ipp ereg.adobe.com ereg.wip.adobe.com ereg.wip1.adobe.com
127.0.0.1 ereg.wip2.adobe.com ereg.wip3.adobe.com ereg.wip4.adobe.com hl2rcv.adobe.com wip.adobe.com wip1.adobe.com wip2.adobe.com wip3.adobe.com wip4.adobe.com
127.0.0.1 www.adobeereg.com wwis-dubc1-vip60.adobe.com www.wip.adobe.com www.wip1.adobe.com
127.0.0.1 www.wip2.adobe.com www.wip3.adobe.com www.wip4.adobe.com wwis-dubc1-vip60.adobe.com crl.verisign.net CRL.VERISIGN.NET ood.opsource.net
0.0.0.1 mssplus.mcafee.com

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1550112743-170410322-4251018227-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Owner\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\{8fe2fb3b-9b06-47f6-bd9e-179f54fa3d70}.jpg
DNS Servers: 68.105.28.11 - 68.105.29.11
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [MSMQ-In-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-In-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [WCF-NetTcpActivator-In-TCP-64bit] => (Allow) LPort=808
FirewallRules: [{745D0644-0F26-4A87-AAAB-9434747938B2}] => (Allow) C:\Users\Owner\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{32BDA32B-444C-47BD-A9C3-D8C3F431E8BE}] => (Allow) C:\Users\Owner\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{7ACA8409-EBCA-4670-B2B8-FCF4D1F3AE71}] => (Allow) C:\Users\Owner\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{47BA5B09-FD29-4C83-9C55-3AD1E86993BF}] => (Allow) C:\Users\Owner\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{81DAD577-74EB-4CCA-875F-F8CA7A931AAC}] => (Allow) C:\Users\Owner\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{9EF01C6B-CEBB-4876-95E9-417E40BE7AFB}] => (Allow) C:\Users\Owner\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [UDP Query User{8E105187-0EBB-40B1-8554-0FB6F7FB5472}C:\users\owner\appdata\local\temp\joi13c8.tmp\join.me.exe] => (Allow) C:\users\owner\appdata\local\temp\joi13c8.tmp\join.me.exe
FirewallRules: [TCP Query User{0EA7A4BD-C564-4442-BACA-A54035998613}C:\users\owner\appdata\local\temp\joi13c8.tmp\join.me.exe] => (Allow) C:\users\owner\appdata\local\temp\joi13c8.tmp\join.me.exe
FirewallRules: [UDP Query User{6B8F68EA-AEED-49FF-ABDE-809A2BD62F7A}C:\users\owner\appdata\local\temp\joie33b.tmp\join.me.exe] => (Allow) C:\users\owner\appdata\local\temp\joie33b.tmp\join.me.exe
FirewallRules: [TCP Query User{E9573CC6-4B07-4BDB-9F85-C6BBDD1E1113}C:\users\owner\appdata\local\temp\joie33b.tmp\join.me.exe] => (Allow) C:\users\owner\appdata\local\temp\joie33b.tmp\join.me.exe
FirewallRules: [{383E3445-0D1F-4146-9BEA-7EEFD3BC031A}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgemca.exe
FirewallRules: [{B281E140-636E-412C-8037-899A510E3B5C}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgemca.exe
FirewallRules: [{68DF2D34-E61D-4AD7-8522-4D2C68C2AB98}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgdiagex.exe
FirewallRules: [{216A3A60-9575-453E-B9A3-8BFA1CF0AFEB}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgdiagex.exe
FirewallRules: [{4D02FE73-66C5-40ED-956D-FE16E0225736}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe
FirewallRules: [{A4D7C683-C933-4F1C-A913-108E62BA0CE8}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe
FirewallRules: [{84FCFBA1-898C-4E00-B179-85B4690970CF}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgmfapx.exe
FirewallRules: [{19F5AFFE-2272-4CC2-AB64-28D5FA1F0287}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgmfapx.exe
FirewallRules: [{60CF1224-B57C-431C-98AA-9B265E959802}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{7C0DBFFD-56DB-4886-A517-369625A51510}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [UDP Query User{1369E11D-EA3E-4E02-A28E-C1E7E0363FFF}C:\users\owner\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\owner\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [TCP Query User{BC8757F7-467A-41D1-986E-0333A78012D8}C:\users\owner\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\owner\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [UDP Query User{EEED2BA8-6CC2-4C40-BE7F-FC39FBA8258F}C:\users\owner\appdata\local\google\chrome\application\chrome.exe] => (Block) C:\users\owner\appdata\local\google\chrome\application\chrome.exe
FirewallRules: [TCP Query User{52DE2AF3-593B-4848-83A5-3164BE3A0A89}C:\users\owner\appdata\local\google\chrome\application\chrome.exe] => (Block) C:\users\owner\appdata\local\google\chrome\application\chrome.exe
FirewallRules: [UDP Query User{7399A4A6-3BC6-4A86-BA5F-FCC42F213B85}C:\users\owner\appdata\local\google\chrome\application\chrome.exe] => (Block) C:\users\owner\appdata\local\google\chrome\application\chrome.exe
FirewallRules: [TCP Query User{9E1E900D-EE8D-4A85-8C7C-4ADBBA354543}C:\users\owner\appdata\local\google\chrome\application\chrome.exe] => (Block) C:\users\owner\appdata\local\google\chrome\application\chrome.exe
FirewallRules: [{9AC8EBDB-2A37-4E75-B879-6E8FD3AA313B}] => (Allow) C:\Windows\keyacc32.exe
FirewallRules: [{C41FFAE1-0443-4B4D-A267-715BFEEB66D5}] => (Allow) C:\Users\Owner\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{B939371D-5186-44BD-B0D3-8C78B11A2271}] => (Allow) C:\Users\Owner\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [UDP Query User{448AF2E2-2BF1-47B9-9332-7F8E874CEDF2}C:\users\owner\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\owner\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{F2549049-38C2-4862-B6F7-2E7BB5627193}C:\users\owner\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\owner\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{9E617E95-8F58-4FE7-9E2B-4AC475D1D2C9}C:\users\owner\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\owner\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{0DE9A3ED-D8EC-4E4F-9A75-0C9A35A66E9C}C:\users\owner\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\owner\appdata\roaming\spotify\spotify.exe
FirewallRules: [{46827E01-F8DE-45AD-9E4F-EBF3B64474C9}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{F7A9C075-EB25-4261-BABB-334B3D521162}] => (Allow) C:\Users\Owner\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
FirewallRules: [{54B2FA12-CF95-4781-A7A7-73760388286F}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{84A4A8D3-16E7-4E75-BE0E-558887722178}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{390120B4-A548-4A3D-AC02-5EBB88C3D0B7}] => (Allow) C:\Program Files (x86)\uTorrent\uTorrent.exe
FirewallRules: [{4FAC49C6-DF2D-4C7F-B627-046C42B4AF13}] => (Allow) C:\Program Files (x86)\uTorrent\uTorrent.exe
FirewallRules: [UDP Query User{B4977DDC-0F81-4E96-B207-AA47471D80B4}C:\program files (x86)\videolan\vlc\vlc.exe] => (Block) C:\program files (x86)\videolan\vlc\vlc.exe
FirewallRules: [TCP Query User{A9E5EF58-E76A-4CCB-92B3-145B15E88B2B}C:\program files (x86)\videolan\vlc\vlc.exe] => (Block) C:\program files (x86)\videolan\vlc\vlc.exe
FirewallRules: [{5E3C81C4-10FC-4EEF-8FD5-F92430F9F0FB}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
FirewallRules: [{76F3A90C-8B24-40A5-B076-C61DEA916A0E}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
FirewallRules: [{7937FA13-35F1-4499-B649-172C170348D3}] => (Allow) C:\Program Files (x86)\Acer\Acer TouchPortal\Acer Touch Movie\TouchMovieService.exe
FirewallRules: [{23AD5AE4-D755-4DC8-9A1D-2B32DFD13D23}] => (Allow) C:\Program Files (x86)\Acer\Acer TouchPortal\Acer Touch Movie\TouchMovie.exe
FirewallRules: [{115B6A7F-84D4-4DE7-8781-4A34E6D2840B}] => (Allow) C:\Program Files (x86)\Acer\Acer TouchPortal\Acer TouchPortal\Kernel\DMS\CLMSService.exe
FirewallRules: [{AF55180F-E6B0-47DD-9E00-67946045AE78}] => (Allow) C:\Program Files (x86)\Acer\Acer TouchPortal\Acer TouchPortal\Kernel\DMP\CLBrowserEngine.exe
FirewallRules: [{E52D932A-3AA5-47CC-85C6-0F5E9909D972}] => (Allow) C:\Program Files (x86)\Acer\Acer TouchPortal\Acer TouchPortal\PCMService.exe
FirewallRules: [{C02AAEF3-D07F-438F-92E5-0CC25513ABB3}] => (Allow) C:\Program Files (x86)\Acer\Acer TouchPortal\Acer TouchPortal\PowerCinema.exe
FirewallRules: [{59F3B4AF-7B73-41C5-80CA-5A00B39E0415}] => (Allow) C:\Program Files (x86)\Acer\clear.fi\Movie\TouchMovieService.exe
FirewallRules: [{40E49AEC-30D4-4AF9-A1B8-EF5201B6AE4F}] => (Allow) C:\Program Files (x86)\Acer\clear.fi\Movie\TouchMovie.exe
FirewallRules: [{62EF2F15-6F10-43F1-9E95-C25B97F0654A}] => (Block) C:\Program Files (x86)\Acer\clear.fi\MVP\.\Kernel\DMR\DMREngine.exe
FirewallRules: [{413198D6-4993-4DBA-8194-8BB1C9567D34}] => (Allow) C:\Program Files (x86)\Acer\clear.fi\MVP\.\Kernel\DMR\DMREngine.exe
FirewallRules: [{732A6B9E-675C-47EC-ADA3-00C84EFB9D59}] => (Allow) C:\Program Files (x86)\Acer\clear.fi\MVP\.\Kernel\DMR\DMREngine.exe
FirewallRules: [{2EAC0A7C-C80B-4083-B003-CF48E437FBB9}] => (Allow) C:\Program Files (x86)\Acer\clear.fi\MVP\.\Kernel\CLML\CLMLSvc.exe
FirewallRules: [{A95C5257-9FAF-4E3B-A624-C72087665766}] => (Allow) C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe
FirewallRules: [{BABCFE24-6C7A-4105-98BF-EEDD992C96E5}] => (Allow) C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fi.exe
FirewallRules: [{9D3F76E6-EA33-4150-93BF-8AABE793A80B}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe
FirewallRules: [{67E709BB-05DF-4689-BB82-E43147A55830}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{8244D536-A9BE-4DE2-B811-BEB52EA30BC7}] => (Allow) LPort=1900
FirewallRules: [{37AD22B6-07E2-4E10-9BAE-414C28F88F37}] => (Allow) LPort=2869
FirewallRules: [{7B95529D-460A-4A63-AB7E-3577FF48378E}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{75969E49-9C9D-4BB0-8490-8A1EF3BD5E48}] => (Allow) C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe
FirewallRules: [{2C4FEFB9-BBDD-4E4D-8F4C-9C0AA8F13522}] => (Allow) C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe
FirewallRules: [{0E4E01EF-1B29-495A-9FA9-1B71944F8280}] => (Allow) C:\Program Files (x86)\PANDORA.TV\PanService\PandoraService.exe
FirewallRules: [{D4FDBB3E-DC91-4BF2-896D-3C347BDF6018}] => (Allow) C:\Program Files (x86)\PANDORA.TV\PanService\PandoraService.exe
FirewallRules: [{FFF63BDB-3E4F-4909-A089-7AE07C94F4E9}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{D2FD3FE1-16F5-4DA7-A7A6-6132EFED5B9A}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{771E2127-BC41-48C6-95A1-E0536311F580}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{9D12FC1A-74AB-4D1E-9C4D-416F01E6356D}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{255F0E60-E498-45BA-99D7-409BF42E19FE}] => (Allow) C:\Program Files (x86)\AVG\Av\avgmfapx.exe
FirewallRules: [{474DCC91-FFFA-4D10-B2AD-A2507CAB4FFE}] => (Allow) C:\Program Files (x86)\AVG\Av\avgmfapx.exe
FirewallRules: [{F68C8D93-C758-45A7-B6AA-351658C04867}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{719EB415-AC2E-416A-8101-61A6133CA8BD}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{6DD35557-3BBE-4305-9124-BC7D1332868D}C:\programdata\sling\sling.exe] => (Block) C:\programdata\sling\sling.exe
FirewallRules: [UDP Query User{9DB3DA44-2245-4172-9A84-DB424F6D0F63}C:\programdata\sling\sling.exe] => (Block) C:\programdata\sling\sling.exe
FirewallRules: [{46432117-9D72-4904-ABAF-48063D911CE4}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{C23D909C-4CCD-4B10-A90A-4CD2A321CAF3}] => (Allow) C:\Program Files (x86)\AVG\Av\avgnsa.exe
FirewallRules: [{3E7C2DD4-B600-4C60-B0DC-6F2C7DFC4607}] => (Allow) C:\Program Files (x86)\AVG\Av\avgnsa.exe
FirewallRules: [{3DA7B951-6E55-46B8-805C-C6B4869E1B56}] => (Allow) C:\Program Files (x86)\AVG\Av\avgemca.exe
FirewallRules: [{5C3BC365-DBC5-4246-AECF-2E2814BF89EE}] => (Allow) C:\Program Files (x86)\AVG\Av\avgemca.exe
FirewallRules: [{F48E5340-4EC8-41D4-96DD-FD4B797E4CFA}] => (Allow) C:\Program Files (x86)\PANDORA.TV\PanService\PanProcess.exe
FirewallRules: [{5E9D948F-3284-49D7-9EE6-AA6FAA480486}] => (Allow) C:\Program Files (x86)\PANDORA.TV\PanService\PanProcess.exe
FirewallRules: [{759EBF77-F566-44B1-9347-6B971DF608E8}] => (Allow) C:\Program Files (x86)\PANDORA.TV\PanService\PandoraService.exe
FirewallRules: [{17F0B064-8911-4BEE-8D2E-7EF2D90C7775}] => (Allow) C:\Program Files (x86)\PANDORA.TV\PanService\PandoraService.exe
 
==================== Restore Points =========================

24-03-2017 21:52:17 Scheduled Checkpoint

==================== Faulty Device Manager Devices =============

Name: Microsoft PS/2 Mouse
Description: Microsoft PS/2 Mouse
Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


==================== Event log errors: =========================

Application errors:
==================
Error: (04/07/2017 06:27:59 PM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Information only.
(Patch task for {90140011-0066-0409-0000-0000000FF1CE}): DownloadLatest Failed: HTTP status 403: The client does not have sufficient access rights to the requested server object.

Error: (04/06/2017 07:03:40 PM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Information only.
(Patch task for {90140011-0066-0409-0000-0000000FF1CE}): DownloadLatest Failed: There are currently no active network connections. Background Intelligent Transfer Service (BITS) will try again when an adapter is connected.

Error: (04/06/2017 07:00:08 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: SystemSettings.exe, version: 10.0.14393.82, time stamp: 0x57a55dc6
Faulting module name: Windows.UI.Xaml.dll, version: 10.0.14393.953, time stamp: 0x58ba5c3d
Exception code: 0xc0000005
Fault offset: 0x000000000032b3c5
Faulting process id: 0x2ac8
Faulting application start time: 0x01d2af29509c45eb
Faulting application path: C:\WINDOWS\ImmersiveControlPanel\SystemSettings.exe
Faulting module path: C:\Windows\System32\Windows.UI.Xaml.dll
Report Id: 21f0aa4b-5a46-4185-8b0b-e4f9005005ba
Faulting package full name: windows.immersivecontrolpanel_6.2.0.0_neutral_neutral_cw5n1h2txyewy
Faulting package-relative application ID: microsoft.windows.immersivecontrolpanel

Error: (04/06/2017 06:59:29 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: ShellExperienceHost.exe, version: 10.0.14393.447, time stamp: 0x5819bf85
Faulting module name: twinapi.appcore.dll, version: 10.0.14393.953, time stamp: 0x58ba5a0a
Exception code: 0xc000027b
Fault offset: 0x000000000006d1b4
Faulting process id: 0x1abc
Faulting application start time: 0x01d2af2940aeeda2
Faulting application path: C:\WINDOWS\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
Faulting module path: C:\Windows\System32\twinapi.appcore.dll
Report Id: 74dccaf3-d1ef-4915-8cba-02b1511f27fc
Faulting package full name: Microsoft.Windows.ShellExperienceHost_10.0.14393.953_neutral_neutral_cw5n1h2txyewy
Faulting package-relative application ID: App

Error: (04/06/2017 06:55:47 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: SearchUI.exe, version: 10.0.14393.953, time stamp: 0x58ba5a2f
Faulting module name: KERNELBASE.dll, version: 10.0.14393.953, time stamp: 0x58ba59e1
Exception code: 0xc0000002
Fault offset: 0x0000000000017788
Faulting process id: 0x1c18
Faulting application start time: 0x01d2af28ad2b4034
Faulting application path: C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
Faulting module path: C:\WINDOWS\System32\KERNELBASE.dll
Report Id: 580f7272-1dff-4cb0-9a04-f85de4343020
Faulting package full name: Microsoft.Windows.Cortana_1.7.0.14393_neutral_neutral_cw5n1h2txyewy
Faulting package-relative application ID: CortanaUI

Error: (04/05/2017 06:01:09 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: svchost.exe_MapsBroker, version: 10.0.14393.0, time stamp: 0x57899b1c
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0x8400000e
Fault offset: 0x0000000000000000
Faulting process id: 0x392c
Faulting application start time: 0x01d2ae57fbc2f288
Faulting application path: C:\WINDOWS\System32\svchost.exe
Faulting module path: unknown
Report Id: 1f089ca3-e4c0-4e53-9b20-15a7d27e5aad
Faulting package full name:
Faulting package-relative application ID:

Error: (04/03/2017 12:01:34 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 32453

Error: (04/03/2017 12:01:34 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 32453

Error: (04/03/2017 12:01:34 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (04/03/2017 12:01:32 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 31093


System errors:
=============
Error: (04/07/2017 06:41:54 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: The Software Protection service hung on starting.

Error: (04/07/2017 06:28:16 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: The Security Center service hung on starting.

Error: (04/07/2017 06:26:23 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: The server {B91D5831-B1BD-4608-8198-D72E155020F7} did not register with DCOM within the required timeout.

Error: (04/07/2017 06:26:15 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: The Software Protection service hung on starting.

Error: (04/07/2017 06:23:50 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: The Downloaded Maps Manager service hung on starting.

Error: (04/07/2017 06:18:08 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
and APPID
{F72671A9-012C-4725-9D2F-2A4D32D65169}
to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (04/07/2017 06:17:30 PM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: The ScRegSetValueExW call failed for FailureActions with the following error:
Access is denied.

Error: (04/07/2017 06:17:28 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The NetTcpActivator service depends on the NetTcpPortSharing service which failed to start because of the following error:
The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.

Error: (04/07/2017 06:17:27 PM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: The ScRegSetValueExW call failed for FailureActions with the following error:
Access is denied.

Error: (04/07/2017 06:17:16 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 6:53:20 PM on ‎4/‎6/‎2017 was unexpected.


CodeIntegrity:
===================================
Date: 2017-04-07 18:39:00.035
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\AVG\Av\avgidsagenta.exe) attempted to load \Device\HarddiskVolume3\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp64.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2017-04-07 18:38:55.514
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\AVG\Av\avgidsagenta.exe) attempted to load \Device\HarddiskVolume3\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp64.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2017-04-07 18:35:51.473
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\AVG\Av\avgidsagenta.exe) attempted to load \Device\HarddiskVolume3\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp64.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2017-04-07 18:27:11.416
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\AVG\Av\avgidsagenta.exe) attempted to load \Device\HarddiskVolume3\Windows\WinSxS\amd64_avg.vc140.crt_f92d94485545da78_14.0.24210.0_none_69fa0197d9b096ae\vcruntime140.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2017-04-07 18:26:37.200
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\AVG\Av\avgidsagenta.exe) attempted to load \Device\HarddiskVolume3\Windows\WinSxS\amd64_avg.vc140.crt_f92d94485545da78_14.0.24210.0_none_69fa0197d9b096ae\vcruntime140.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2017-04-07 18:23:02.307
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\AVG\Av\avgidsagenta.exe) attempted to load \Device\HarddiskVolume3\Windows\WinSxS\amd64_avg.vc140.crt_f92d94485545da78_14.0.24210.0_none_69fa0197d9b096ae\vcruntime140.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2017-04-07 18:22:54.383
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\AVG\Av\avgidsagenta.exe) attempted to load \Device\HarddiskVolume3\Windows\WinSxS\amd64_avg.vc140.crt_f92d94485545da78_14.0.24210.0_none_69fa0197d9b096ae\vcruntime140.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2017-04-07 18:22:53.102
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\AVG\Av\avgidsagenta.exe) attempted to load \Device\HarddiskVolume3\Windows\WinSxS\amd64_avg.vc140.crt_f92d94485545da78_14.0.24210.0_none_69fa0197d9b096ae\vcruntime140.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2017-04-07 18:22:51.657
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\AVG\Av\avgidsagenta.exe) attempted to load \Device\HarddiskVolume3\Windows\WinSxS\amd64_avg.vc140.crt_f92d94485545da78_14.0.24210.0_none_69fa0197d9b096ae\vcruntime140.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2017-04-07 18:21:27.566
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\AVG\Av\avgidsagenta.exe) attempted to load \Device\HarddiskVolume3\Windows\WinSxS\amd64_avg.vc140.crt_f92d94485545da78_14.0.24210.0_none_69fa0197d9b096ae\vcruntime140.dll that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Memory info ===========================

Processor: AMD Athlon(tm) II X2 240e Processor
Percentage of memory in use: 79%
Total physical RAM: 3839.23 MB
Available physical RAM: 783.97 MB
Total Virtual: 7679.23 MB
Available Virtual: 3471.7 MB

==================== Drives ================================

Drive c: (Acer) (Fixed) (Total:911.88 GB) (Free:731.56 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 350BDF19)
Partition 1: (Not Active) - (Size=19.5 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=911.9 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================
 
And here are the malwarebytes logs - there are 4.

1 of 4



==================== Restore Points =========================

24-03-2017 21:52:17 Scheduled Checkpoint

==================== Faulty Device Manager Devices =============

Name: Microsoft PS/2 Mouse
Description: Microsoft PS/2 Mouse
Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


==================== Event log errors: =========================

Application errors:
==================
Error: (04/07/2017 06:27:59 PM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Information only.
(Patch task for {90140011-0066-0409-0000-0000000FF1CE}): DownloadLatest Failed: HTTP status 403: The client does not have sufficient access rights to the requested server object.

Error: (04/06/2017 07:03:40 PM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Information only.
(Patch task for {90140011-0066-0409-0000-0000000FF1CE}): DownloadLatest Failed: There are currently no active network connections. Background Intelligent Transfer Service (BITS) will try again when an adapter is connected.

Error: (04/06/2017 07:00:08 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: SystemSettings.exe, version: 10.0.14393.82, time stamp: 0x57a55dc6
Faulting module name: Windows.UI.Xaml.dll, version: 10.0.14393.953, time stamp: 0x58ba5c3d
Exception code: 0xc0000005
Fault offset: 0x000000000032b3c5
Faulting process id: 0x2ac8
Faulting application start time: 0x01d2af29509c45eb
Faulting application path: C:\WINDOWS\ImmersiveControlPanel\SystemSettings.exe
Faulting module path: C:\Windows\System32\Windows.UI.Xaml.dll
Report Id: 21f0aa4b-5a46-4185-8b0b-e4f9005005ba
Faulting package full name: windows.immersivecontrolpanel_6.2.0.0_neutral_neutral_cw5n1h2txyewy
Faulting package-relative application ID: microsoft.windows.immersivecontrolpanel

Error: (04/06/2017 06:59:29 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: ShellExperienceHost.exe, version: 10.0.14393.447, time stamp: 0x5819bf85
Faulting module name: twinapi.appcore.dll, version: 10.0.14393.953, time stamp: 0x58ba5a0a
Exception code: 0xc000027b
Fault offset: 0x000000000006d1b4
Faulting process id: 0x1abc
Faulting application start time: 0x01d2af2940aeeda2
Faulting application path: C:\WINDOWS\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
Faulting module path: C:\Windows\System32\twinapi.appcore.dll
Report Id: 74dccaf3-d1ef-4915-8cba-02b1511f27fc
Faulting package full name: Microsoft.Windows.ShellExperienceHost_10.0.14393.953_neutral_neutral_cw5n1h2txyewy
Faulting package-relative application ID: App

Error: (04/06/2017 06:55:47 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: SearchUI.exe, version: 10.0.14393.953, time stamp: 0x58ba5a2f
Faulting module name: KERNELBASE.dll, version: 10.0.14393.953, time stamp: 0x58ba59e1
Exception code: 0xc0000002
Fault offset: 0x0000000000017788
Faulting process id: 0x1c18
Faulting application start time: 0x01d2af28ad2b4034
Faulting application path: C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
Faulting module path: C:\WINDOWS\System32\KERNELBASE.dll
Report Id: 580f7272-1dff-4cb0-9a04-f85de4343020
Faulting package full name: Microsoft.Windows.Cortana_1.7.0.14393_neutral_neutral_cw5n1h2txyewy
Faulting package-relative application ID: CortanaUI

Error: (04/05/2017 06:01:09 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: svchost.exe_MapsBroker, version: 10.0.14393.0, time stamp: 0x57899b1c
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0x8400000e
Fault offset: 0x0000000000000000
Faulting process id: 0x392c
Faulting application start time: 0x01d2ae57fbc2f288
Faulting application path: C:\WINDOWS\System32\svchost.exe
Faulting module path: unknown
Report Id: 1f089ca3-e4c0-4e53-9b20-15a7d27e5aad
Faulting package full name:
Faulting package-relative application ID:

Error: (04/03/2017 12:01:34 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 32453

Error: (04/03/2017 12:01:34 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 32453

Error: (04/03/2017 12:01:34 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (04/03/2017 12:01:32 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 31093


System errors:
=============
Error: (04/07/2017 06:41:54 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: The Software Protection service hung on starting.

Error: (04/07/2017 06:28:16 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: The Security Center service hung on starting.

Error: (04/07/2017 06:26:23 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: The server {B91D5831-B1BD-4608-8198-D72E155020F7} did not register with DCOM within the required timeout.

Error: (04/07/2017 06:26:15 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: The Software Protection service hung on starting.

Error: (04/07/2017 06:23:50 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: The Downloaded Maps Manager service hung on starting.

Error: (04/07/2017 06:18:08 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
and APPID
{F72671A9-012C-4725-9D2F-2A4D32D65169}
to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (04/07/2017 06:17:30 PM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: The ScRegSetValueExW call failed for FailureActions with the following error:
Access is denied.

Error: (04/07/2017 06:17:28 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The NetTcpActivator service depends on the NetTcpPortSharing service which failed to start because of the following error:
The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.

Error: (04/07/2017 06:17:27 PM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: The ScRegSetValueExW call failed for FailureActions with the following error:
Access is denied.

Error: (04/07/2017 06:17:16 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 6:53:20 PM on ‎4/‎6/‎2017 was unexpected.


CodeIntegrity:
===================================
Date: 2017-04-07 18:39:00.035
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\AVG\Av\avgidsagenta.exe) attempted to load \Device\HarddiskVolume3\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp64.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2017-04-07 18:38:55.514
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\AVG\Av\avgidsagenta.exe) attempted to load \Device\HarddiskVolume3\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp64.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2017-04-07 18:35:51.473
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\AVG\Av\avgidsagenta.exe) attempted to load \Device\HarddiskVolume3\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp64.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2017-04-07 18:27:11.416
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\AVG\Av\avgidsagenta.exe) attempted to load \Device\HarddiskVolume3\Windows\WinSxS\amd64_avg.vc140.crt_f92d94485545da78_14.0.24210.0_none_69fa0197d9b096ae\vcruntime140.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2017-04-07 18:26:37.200
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\AVG\Av\avgidsagenta.exe) attempted to load \Device\HarddiskVolume3\Windows\WinSxS\amd64_avg.vc140.crt_f92d94485545da78_14.0.24210.0_none_69fa0197d9b096ae\vcruntime140.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2017-04-07 18:23:02.307
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\AVG\Av\avgidsagenta.exe) attempted to load \Device\HarddiskVolume3\Windows\WinSxS\amd64_avg.vc140.crt_f92d94485545da78_14.0.24210.0_none_69fa0197d9b096ae\vcruntime140.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2017-04-07 18:22:54.383
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\AVG\Av\avgidsagenta.exe) attempted to load \Device\HarddiskVolume3\Windows\WinSxS\amd64_avg.vc140.crt_f92d94485545da78_14.0.24210.0_none_69fa0197d9b096ae\vcruntime140.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2017-04-07 18:22:53.102
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\AVG\Av\avgidsagenta.exe) attempted to load \Device\HarddiskVolume3\Windows\WinSxS\amd64_avg.vc140.crt_f92d94485545da78_14.0.24210.0_none_69fa0197d9b096ae\vcruntime140.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2017-04-07 18:22:51.657
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\AVG\Av\avgidsagenta.exe) attempted to load \Device\HarddiskVolume3\Windows\WinSxS\amd64_avg.vc140.crt_f92d94485545da78_14.0.24210.0_none_69fa0197d9b096ae\vcruntime140.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2017-04-07 18:21:27.566
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\AVG\Av\avgidsagenta.exe) attempted to load \Device\HarddiskVolume3\Windows\WinSxS\amd64_avg.vc140.crt_f92d94485545da78_14.0.24210.0_none_69fa0197d9b096ae\vcruntime140.dll that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Memory info ===========================

Processor: AMD Athlon(tm) II X2 240e Processor
Percentage of memory in use: 79%
Total physical RAM: 3839.23 MB
Available physical RAM: 783.97 MB
Total Virtual: 7679.23 MB
Available Virtual: 3471.7 MB

==================== Drives ================================

Drive c: (Acer) (Fixed) (Total:911.88 GB) (Free:731.56 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 350BDF19)
Partition 1: (Not Active) - (Size=19.5 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=911.9 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================
 
2 of 4

Malwarebytes
www.malwarebytes.com

-Log Details-
Protection Event Date: 4/7/17
Protection Event Time: 7:57 PM
Logfile: april7-757pmA.txt
Administrator: Yes

-Software Information-
Version: 3.0.6.1469
Components Version: 1.0.96
Update Package Version: 1.0.1683
License: Trial

-System Information-
OS: Windows 10
CPU: x64
File System: NTFS
User: System

-Blocked Website Details-
Malicious Website: 1
, , Blocked, [-1], [-1],0.0.0

-Website Data-
Domain:
IP Address: 194.63.142.147
Port: [11653]
Type: Outbound
File: C:\Users\Owner\AppData\Roaming\uTorrent\uTorrent.exe



(end)
 
3 of 4

Malwarebytes
www.malwarebytes.com

-Log Details-
Protection Event Date: 4/7/17
Protection Event Time: 10:48 PM
Logfile: april7-1048pm.txt
Administrator: Yes

-Software Information-
Version: 3.0.6.1469
Components Version: 1.0.75
Update Package Version: 1.0.1683
License: Trial

-System Information-
OS: Windows 10
CPU: x64
File System: NTFS
User: System

-Blocked Website Details-
Malicious Website: 1
, , Blocked, [-1], [-1],0.0.0

-Website Data-
Domain:
IP Address: 58.84.14.126
Port: [16280]
Type: Outbound
File: C:\Users\Owner\AppData\Roaming\uTorrent\uTorrent.exe



(end)
 
4 of 4

Malwarebytes
www.malwarebytes.com

-Log Details-
Protection Event Date: 4/7/17
Protection Event Time: 10:48 PM
Logfile: april7-1048pmA.txt
Administrator: Yes

-Software Information-
Version: 3.0.6.1469
Components Version: 1.0.75
Update Package Version: 1.0.1683
License: Trial

-System Information-
OS: Windows 10
CPU: x64
File System: NTFS
User: System

-Blocked Website Details-
Malicious Website: 1
, , Blocked, [-1], [-1],0.0.0

-Website Data-
Domain:
IP Address: 58.84.14.126
Port: [16280]
Type: Outbound
File: C:\Users\Owner\AppData\Roaming\uTorrent\uTorrent.exe



(end)
 
Here's AdwCleaner[C0].txt

# AdwCleaner v6.045 - Logfile created 08/04/2017 at 09:45:46
# Updated on 28/03/2017 by Malwarebytes
# Database : 2017-04-06.1 [Server]
# Operating System : Windows 10 Home (X64)
# Username : Owner - OWNER-PC
# Running from : C:\Users\Owner\Downloads\adwcleaner_6.045.exe
# Mode: Clean
# Support : https://www.malwarebytes.com/support



***** [ Services ] *****

[-] Service deleted: vToolbarUpdater40.3.7
[-] Service deleted: PanService
[-] Service deleted: WtuSystemSupport


***** [ Folders ] *****

[-] Folder deleted: C:\ProgramData\Avg_Update_0116av
[-] Folder deleted: C:\ProgramData\Avg_Update_1015av
[-] Folder deleted: C:\ProgramData\Avg_Update_1215av
[-] Folder deleted: C:\Users\Owner\AppData\Local\avg web tuneup
[-] Folder deleted: C:\Users\Owner\AppData\LocalLow\Toolbar4
[-] Folder deleted: C:\Users\Owner\Documents\Addendum
[-] Folder deleted: C:\Program Files\avg web tuneup
[-] Folder deleted: C:\Program Files\Common Files\AVG Secure Search
[-] Folder deleted: C:\ProgramData\AVG Secure Search
[-] Folder deleted: C:\ProgramData\avg web tuneup
[#] Folder deleted on reboot: C:\ProgramData\Application Data\AVG Secure Search
[#] Folder deleted on reboot: C:\ProgramData\Application Data\avg web tuneup
[-] Folder deleted: C:\Program Files (x86)\Conduit
[-] Folder deleted: C:\Program Files (x86)\PANDORA.TV
[-] Folder deleted: C:\Program Files (x86)\avg web tuneup
[-] Folder deleted: C:\Program Files (x86)\Common Files\AVG Secure Search


***** [ Files ] *****

[-] File deleted: C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\2r1qdddl.default\extensions\Avg@toolbar.xpi
[-] File deleted: C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\2r1qdddl.default\searchplugins\bingp.xml


***** [ DLL ] *****



***** [ WMI ] *****



***** [ Shortcuts ] *****



***** [ Scheduled Tasks ] *****



***** [ Registry ] *****

[#] Key deleted on reboot: HKLM\SYSTEM\CurrentControlSet\services\panservice
[-] Key deleted: HKLM\SOFTWARE\Classes\AmazonAppIE.AppGateway
[-] Key deleted: HKLM\SOFTWARE\Classes\AmazonAppIE.GadgetGateway
[-] Key deleted: HKLM\SOFTWARE\Classes\OCComSDK.ComSDK
[-] Key deleted: HKLM\SOFTWARE\Classes\OCComSDK.ComSDK.1
[-] Key deleted: HKLM\SOFTWARE\Classes\ScriptHelper.GenericWnd
[-] Key deleted: HKLM\SOFTWARE\Classes\ScriptHelper.GenericWnd.1
[-] Key deleted: HKLM\SOFTWARE\Classes\ScriptHelper.NativeApi
[-] Key deleted: HKLM\SOFTWARE\Classes\ScriptHelper.NativeApi.1
[-] Key deleted: HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
[-] Key deleted: HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
[-] Key deleted: HKLM\SOFTWARE\Classes\TbHelper.TbDownloadManager
[-] Key deleted: HKLM\SOFTWARE\Classes\TbHelper.TbDownloadManager.1
[-] Key deleted: HKLM\SOFTWARE\Classes\TbHelper.TbPropertyManager
[-] Key deleted: HKLM\SOFTWARE\Classes\TbHelper.TbPropertyManager.1
[-] Key deleted: HKLM\SOFTWARE\Classes\TbHelper.TbRequest
[-] Key deleted: HKLM\SOFTWARE\Classes\TbHelper.TbRequest.1
[-] Key deleted: HKLM\SOFTWARE\Classes\TbHelper.TbTask
[-] Key deleted: HKLM\SOFTWARE\Classes\TbHelper.TbTask.1
[-] Key deleted: HKLM\SOFTWARE\Classes\TbHelper.ToolbarHelper
[-] Key deleted: HKLM\SOFTWARE\Classes\TbHelper.ToolbarHelper.1
[-] Key deleted: HKLM\SOFTWARE\Classes\WtuServer.WtuServerObj
[-] Key deleted: HKLM\SOFTWARE\Classes\WtuServer.WtuServerObj.1
[#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\AmazonAppIE.AppGateway
[#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\AmazonAppIE.GadgetGateway
[#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\OCComSDK.ComSDK
[#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\OCComSDK.ComSDK.1
[#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\ScriptHelper.GenericWnd
[#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\ScriptHelper.GenericWnd.1
[#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\ScriptHelper.NativeApi
[#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\ScriptHelper.NativeApi.1
[#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
[#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
[#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\TbHelper.TbDownloadManager
[#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\TbHelper.TbDownloadManager.1
[#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\TbHelper.TbPropertyManager
[#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\TbHelper.TbPropertyManager.1
[#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\TbHelper.TbRequest
[#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\TbHelper.TbRequest.1
[#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\TbHelper.TbTask
[#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\TbHelper.TbTask.1
[#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\TbHelper.ToolbarHelper
[#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\TbHelper.ToolbarHelper.1
[#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\WtuServer.WtuServerObj
[#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\WtuServer.WtuServerObj.1
[-] Key deleted: HKLM\SOFTWARE\Classes\AppID\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
[-] Key deleted: HKLM\SOFTWARE\Classes\AppID\{7F46C358-270D-4791-A579-AD1DDA1A3F7B}
[-] Key deleted: HKCU\Software\Classes\CLSID\{66E8DCC7-97D2-4A89-8E08-D0610FF0878C}
[-] Key deleted: HKCU\Software\Classes\CLSID\{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC}
[-] Key deleted: HKLM\SOFTWARE\Classes\CLSID\{1C950DE5-D31E-42FB-AFB9-91B0161633D8}
[-] Key deleted: HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
[-] Key deleted: HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}
[-] Key deleted: HKLM\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}
[-] Key deleted: HKLM\SOFTWARE\Classes\CLSID\{A9A56B8E-2DEB-4ED3-BC92-1FA450BCE1A5}
[-] Key deleted: HKLM\SOFTWARE\Classes\CLSID\{AE338F6D-5A7C-4D1D-86E3-C618532079B5}
[-] Key deleted: HKLM\SOFTWARE\Classes\CLSID\{C339D489-FABC-41DD-B39D-276101667C70}
[-] Key deleted: HKLM\SOFTWARE\Classes\CLSID\{D89031C2-10DA-4C90-9A62-FCED012BC46B}
[-] Key deleted: HKLM\SOFTWARE\Classes\CLSID\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}
[-] Key deleted: HKLM\SOFTWARE\Classes\CLSID\{CA3A5461-96B5-46DD-9341-5350D3C94615}
[-] Key deleted: HKLM\SOFTWARE\Classes\CLSID\{B9D64D3B-BE75-4FA2-B94A-C4AE772A0146}
[-] Key deleted: HKLM\SOFTWARE\Classes\CLSID\{47A1DF02-BCE4-40C3-AE47-E3EA09A65E4A}
[-] Key deleted: HKLM\SOFTWARE\Classes\CLSID\{BD6ECB00-7C4A-4F97-B425-44117F2A7AAE}
[-] Key deleted: HKLM\SOFTWARE\Classes\CLSID\{E4ADC61E-D06A-4E0E-8582-78C809CC8450}
[-] Key deleted: HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
[-] Key deleted: HKLM\SOFTWARE\Classes\Interface\{FA7B2795-C0C8-4A58-8672-3F8D80CC0270}
[-] Key deleted: HKLM\SOFTWARE\Classes\Interface\{47A1DF02-BCE4-40C3-AE47-E3EA09A65E4A}
[-] Key deleted: HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
[-] Key deleted: HKLM\SOFTWARE\Classes\TypeLib\{4BC8AD89-AC5F-4DBD-A38F-C355C7DD33D7}
[-] Key deleted: HKLM\SOFTWARE\Classes\TypeLib\{1112F282-7099-4624-A439-DB29D6551552}
[-] Key deleted: HKLM\SOFTWARE\Classes\TypeLib\{EB2BEAEF-150C-4DE4-9D09-F16403C22769}
[-] Key deleted: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
[-] Key deleted: HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BD6ECB00-7C4A-4F97-B425-44117F2A7AAE}
[-] Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
[-] Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}
[-] Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9522B3FB-7A2B-4646-8AF6-36E7F593073C}
[-] Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BD6ECB00-7C4A-4F97-B425-44117F2A7AAE}
[-] Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
[-] Key deleted: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}
[-] Key deleted: HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{9522B3FB-7A2B-4646-8AF6-36E7F593073C}
[-] Key deleted: HKU\S-1-5-21-1550112743-170410322-4251018227-1000\Software\Conduit
[-] Key deleted: HKU\S-1-5-21-1550112743-170410322-4251018227-1000\Software\Softonic
[-] Key deleted: HKU\S-1-5-21-1550112743-170410322-4251018227-1000\Software\AppDataLow\Toolbar
[-] Key deleted: HKU\S-1-5-21-1550112743-170410322-4251018227-1000\Software\AppDataLow\Software\BackgroundContainer
[-] Key deleted: HKU\S-1-5-21-1550112743-170410322-4251018227-1000\Software\AppDataLow\Software\BackgroundContainerV2
[#] Key deleted on reboot: HKCU\Software\Conduit
[#] Key deleted on reboot: HKCU\Software\Softonic
[#] Key deleted on reboot: HKCU\Software\AppDataLow\Toolbar
[#] Key deleted on reboot: HKCU\Software\AppDataLow\Software\BackgroundContainer
[#] Key deleted on reboot: HKCU\Software\AppDataLow\Software\BackgroundContainerV2
[-] Key deleted: HKLM\SOFTWARE\Conduit
[-] Key deleted: HKLM\SOFTWARE\AVG Tuneup
[-] Key deleted: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{EE171732-BEB4-4576-887D-CB62727F01CA}
[#] Key deleted on reboot: [x64] HKCU\Software\Conduit
[#] Key deleted on reboot: [x64] HKCU\Software\Softonic
[#] Key deleted on reboot: [x64] HKCU\Software\AppDataLow\Toolbar
[#] Key deleted on reboot: [x64] HKCU\Software\AppDataLow\Software\BackgroundContainer
[#] Key deleted on reboot: [x64] HKCU\Software\AppDataLow\Software\BackgroundContainerV2
[-] Key deleted: [x64] HKLM\SOFTWARE\AVG Secure Search
[-] Key deleted: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\3DCCCD6BD02558446B24CF1C63EC213C
[#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\3DCCCD6BD02558446B24CF1C63EC213C
[-] Data restored: HKU\S-1-5-21-1550112743-170410322-4251018227-1000\Software\Microsoft\Internet Explorer\Main [Start Page]
[-] Data restored: HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
[-] Data restored: [x64] HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
[-] Key deleted: HKU\S-1-5-21-1550112743-170410322-4251018227-1000\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
[#] Key deleted on reboot: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
[#] Key deleted on reboot: [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\amazonbrowserapp.com
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\analytics.app.amazonbrowserapp.com
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\amazonbrowserapp.com
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\analytics.app.amazonbrowserapp.com
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\app.mam.conduit.com
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\conduit.com
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\mysearch.avg.com
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\superfish.com
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\www.superfish.com
[#] Key deleted on reboot: [x64] HKCU\Software\Microsoft\Internet Explorer\DOMStorage\amazonbrowserapp.com
[#] Key deleted on reboot: [x64] HKCU\Software\Microsoft\Internet Explorer\DOMStorage\analytics.app.amazonbrowserapp.com
[#] Key deleted on reboot: [x64] HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\amazonbrowserapp.com
[#] Key deleted on reboot: [x64] HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\analytics.app.amazonbrowserapp.com
[#] Key deleted on reboot: [x64] HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\app.mam.conduit.com
[#] Key deleted on reboot: [x64] HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\conduit.com
[#] Key deleted on reboot: [x64] HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\mysearch.avg.com
[#] Key deleted on reboot: [x64] HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\superfish.com
[#] Key deleted on reboot: [x64] HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\www.superfish.com
[-] Value deleted: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [vProt]
[-] Value deleted: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32 [vProt]
[-] Key deleted: HKLM\SOFTWARE\Classes\AppID\TbCommonUtils.DLL
[-] Key deleted: HKLM\SOFTWARE\Classes\AppID\TbHelper.EXE
[-] Key deleted: HKLM\SOFTWARE\Google\Chrome\NativeMessagingHosts\avgsh
[-] Key deleted: HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
[-] Key deleted: HKCU\SOFTWARE\Classes\ChromeHTML


***** [ Web browsers ] *****

[-] Firefox preferences cleaned: "browser.search.defaultenginename" - "AVG Secure Search"


*************************

:: "Tracing" keys deleted
:: Winsock settings cleared

*************************

C:\AdwCleaner\AdwCleaner[C0].txt - [13431 Bytes] - [08/04/2017 09:45:46]
C:\AdwCleaner\AdwCleaner[S0].txt - [12999 Bytes] - [08/04/2017 09:35:30]

########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [13579 Bytes] ##########
 
Ran JunkWare Removal tool. Here's the JRT log:

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.1.2 (03.10.2017)
Operating System: Windows 10 Home x64
Ran by Owner (Administrator) on Sat 04/08/2017 at 12:23:45.69
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




File System: 27

Successfully deleted: C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkojfkhlekighikafcpjkiklfbnlmeio (Folder)
Successfully deleted: C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\gkojfkhlekighikafcpjkiklfbnlmeio (Folder)
Successfully deleted: C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_gkojfkhlekighikafcpjkiklfbnlmeio_0.localstorage (File)
Successfully deleted: C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\2r1qdddl.default\user.js (File)
Successfully deleted: C:\WINDOWS\wininit.ini (File)
Successfully deleted: C:\WINDOWS\SysWOW64\sho1213.tmp (File)
Successfully deleted: C:\WINDOWS\SysWOW64\sho1818.tmp (File)
Successfully deleted: C:\WINDOWS\SysWOW64\sho47BD.tmp (File)
Successfully deleted: C:\WINDOWS\SysWOW64\sho4D6F.tmp (File)
Successfully deleted: C:\WINDOWS\SysWOW64\sho511A.tmp (File)
Successfully deleted: C:\WINDOWS\SysWOW64\sho59F.tmp (File)
Successfully deleted: C:\WINDOWS\SysWOW64\sho6232.tmp (File)
Successfully deleted: C:\WINDOWS\SysWOW64\sho62DE.tmp (File)
Successfully deleted: C:\WINDOWS\SysWOW64\sho62E.tmp (File)
Successfully deleted: C:\WINDOWS\SysWOW64\sho630F.tmp (File)
Successfully deleted: C:\WINDOWS\SysWOW64\sho6434.tmp (File)
Successfully deleted: C:\WINDOWS\SysWOW64\sho6E26.tmp (File)
Successfully deleted: C:\WINDOWS\SysWOW64\sho7300.tmp (File)
Successfully deleted: C:\WINDOWS\SysWOW64\sho74E.tmp (File)
Successfully deleted: C:\WINDOWS\SysWOW64\sho9003.tmp (File)
Successfully deleted: C:\WINDOWS\SysWOW64\sho9A6D.tmp (File)
Successfully deleted: C:\WINDOWS\SysWOW64\shoA1E2.tmp (File)
Successfully deleted: C:\WINDOWS\SysWOW64\shoAABA.tmp (File)
Successfully deleted: C:\WINDOWS\SysWOW64\shoCE02.tmp (File)
Successfully deleted: C:\WINDOWS\SysWOW64\shoDABE.tmp (File)
Successfully deleted: C:\WINDOWS\SysWOW64\shoE435.tmp (File)
Successfully deleted: C:\WINDOWS\SysWOW64\shoFE4B.tmp (File)

Deleted the following from C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\2r1qdddl.default\prefs.js
user_pref(extensions.xpiState, {\app-profile\:{\abb@amazon.com\:{\d\:\C:\\\\Users\\\\Owner\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\2r1qdddl.defaul



Registry: 3

Successfully deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\GoogleChromeAutoLaunch_721577D41E77D440C916E2687EBA0267 (Registry Value)
Successfully deleted: HKLM\Software\Google\Chrome\Extensions\bejbohlohkkgompgecdcbbglkpjfjgdj (Registry Key)
Successfully deleted: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B} (Registry Key)




~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Sat 04/08/2017 at 12:31:31.75
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
Welcome aboard

Please, observe following rules:
  • Read all of my instructions very carefully. Your mistakes during cleaning process may have very serious consequences, like unbootable computer.
  • If you're stuck, or you're not sure about certain step, always ask before doing anything else.
  • Please refrain from running any tools, fixes or applying any changes to your computer other than those I suggest.
  • Never run more than one scan at a time.
  • Keep updating me regarding your computer behavior, good, or bad.
  • The cleaning process, once started, has to be completed. Even if your computer appears to act better, it may still be infected. Once the computer is totally clean, I'll certainly let you know.
  • If you leave the topic without explanation in the middle of a cleaning process, you may not be eligible to receive any more help in malware removal forum.
  • I close my topics if you have not replied in 5 days. If you need more time, simply let me know. If I closed your topic and you need it to be reopened, simply PM me.

============================================

Never run any tools unless asked to.

redtarget.gif
Uninstall following unwanted programs:

Amazon Assistant
Catalina Savings Printer
CouponBar
Pandora Service
uTorrentBar Toolbar

redtarget.gif
Download RogueKiller from one of the following links and save it to your Desktop:

Link 1
Link 2
  • Close all the running programs
  • Double click on downloaded setup.exe file to install the program.
  • Click on Start Scan button.
  • Click on another Start Scan button.
  • Wait until the Status box shows Scan Finished
  • Click on Delete.
  • Wait until the Status box shows Deleting Finished.
  • Click on Report and copy/paste the content of the Notepad into your next reply.
  • RKreport.txt could also be found on your desktop.
  • If more than one log is produced post all logs.
redtarget.gif
Please download Malwarebytes to your desktop.
  • Double-click mb3-setup-consumer-{version}.exe and follow the prompts to install the program.
  • Then click Finish.
  • Once the program has fully updated, select Scan Now on the Dashboard. Or select the Threat Scan from the Scan menu.
  • If another update of the definitions is available, it will be implemented before the rest of the scanning procedure.
  • When the scan is complete, make sure that all Threats are selected, and click Remove Selected.
  • Restart your computer when prompted to do so.
  • The Scan log is available throughout History ->Application logs. Please post it contents in your next reply.
redtarget.gif
Please download AdwCleaner by Xplode and save to your Desktop.
  • Double click on AdwCleaner.exe to run the tool.
    Vista/Windows 7/8 users right-click and select Run As Administrator
  • The tool will start to update the database if one is required.
  • Click on the Scan button.
  • AdwCleaner will begin...be patient as the scan may take some time to complete.
  • After the scan has finished, click on the Logfile button.
  • A window will open which lists the logs of your scans.
  • Click on the Scan tab.
  • Double-click the most recent scan which will be at the top of the list....the log will appear.
  • Review the results...see note below
  • After reviewing the log, click on the Clean button.
  • Press OK when asked to close all programs and follow the onscreen prompts.
  • Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
  • After rebooting, a logfile report (AdwCleaner[CX].txt) will open automatically (where the largest value of X represents the most recent report).
  • To open a Cleaning log, launch AdwareClearer, click on the Logfile button, click on the Cleaning tab and double-click the log at the top of the list.
  • Copy and paste the contents of AdwCleaner[CX].txt in your next reply.
  • A copy of all logfiles are saved to C:\AdwCleaner.
-- Note: The contents of the AdwCleaner log file may be confusing. Unless you see a program name or entry that you recognize and know should not be removed, don't worry about it. If you see an entry you want to keep, return to AdwCleaner before cleaning...all detected items will be listed (and checked) in each tab. Click on and uncheck any items you want to keep.


redtarget.gif
Please download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista or Seven, right-mouse click it and select Run as Administrator.
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.
 
Appreciate your help! I'm not able to remove pandora service. Here's what happens when I try. Should I move to step 2 anyway?Capture-pandora-service.JPG
 
Yeah, that's because you ran AdwCleaner and it removed whole Pandora folder.
Hence my note about not running tools I didn't ask to run.

Go ahead with other steps.
 
Appreciate it! Here's !: Rogue Killer

RogueKiller V12.10.3.0 (x64) [Apr 3 2017] (Free) by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : https://forum.adlice.com
Website : http://www.adlice.com/download/roguekiller/
Blog : http://www.adlice.com

Operating System : Windows 10 (10.0.14393) 64 bits version
Started in : Normal mode
User : Owner [Administrator]
Started from : C:\Program Files\RogueKiller\RogueKiller64.exe
Mode : Scan -- Date : 04/08/2017 20:52:30 (Duration : 01:06:11)

¤¤¤ Processes : 0 ¤¤¤

¤¤¤ Registry : 16 ¤¤¤
[PUP.Gen0] (X64) HKEY_CLASSES_ROOT\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233} (C:\Program Files\AVG Web TuneUp\4.3.7.452\AVG Web TuneUp.dll) -> Found
[PUP.Gen0] (X64) HKEY_CLASSES_ROOT\CLSID\{BD6ECB00-7C4A-4F97-B425-44117F2A7AAE} (C:\Program Files (x86)\Amazon\Amazon1ButtonApp\AmazonAppIE64.dll) -> Found
[PUP.Gen1] (X64) HKEY_CLASSES_ROOT\CLSID\{E4ADC61E-D06A-4E0E-8582-78C809CC8450} (C:\Program Files (x86)\Amazon\Amazon1ButtonApp\AmazonAppIE64.dll) -> Found
[PUP.Gen0] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233} (C:\Program Files\AVG Web TuneUp\4.3.7.452\AVG Web TuneUp.dll) -> Found
[PUM.HomePage] (X64) HKEY_USERS\S-1-5-21-1550112743-170410322-4251018227-1000\Software\Microsoft\Internet Explorer\Main | Default_Page_URL : http://acer.msn.com -> Found
[PUM.HomePage] (X86) HKEY_USERS\S-1-5-21-1550112743-170410322-4251018227-1000\Software\Microsoft\Internet Explorer\Main | Default_Page_URL : http://acer.msn.com -> Found
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | UDP Query User{8E105187-0EBB-40B1-8554-0FB6F7FB5472}C:\users\owner\appdata\local\temp\joi13c8.tmp\join.me.exe : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\users\owner\appdata\local\temp\joi13c8.tmp\join.me.exe|Name=join.me.exe|Desc=join.me.exe|Defer=User| [x] -> Found
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | TCP Query User{0EA7A4BD-C564-4442-BACA-A54035998613}C:\users\owner\appdata\local\temp\joi13c8.tmp\join.me.exe : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\users\owner\appdata\local\temp\joi13c8.tmp\join.me.exe|Name=join.me.exe|Desc=join.me.exe|Defer=User| [x] -> Found
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | UDP Query User{6B8F68EA-AEED-49FF-ABDE-809A2BD62F7A}C:\users\owner\appdata\local\temp\joie33b.tmp\join.me.exe : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\users\owner\appdata\local\temp\joie33b.tmp\join.me.exe|Name=join.me.exe|Desc=join.me.exe|Defer=User| [x] -> Found
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | TCP Query User{E9573CC6-4B07-4BDB-9F85-C6BBDD1E1113}C:\users\owner\appdata\local\temp\joie33b.tmp\join.me.exe : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\users\owner\appdata\local\temp\joie33b.tmp\join.me.exe|Name=join.me.exe|Desc=join.me.exe|Defer=User| [x] -> Found
[PUP.Gen1] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {0E4E01EF-1B29-495A-9FA9-1B71944F8280} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\Program Files (x86)\PANDORA.TV\PanService\PandoraService.exe|Name=PandoraService| [x] -> Found
[PUP.Gen1] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {D4FDBB3E-DC91-4BF2-896D-3C347BDF6018} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\Program Files (x86)\PANDORA.TV\PanService\PandoraService.exe|Name=PandoraService| [x] -> Found
[PUP.Gen1] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {F48E5340-4EC8-41D4-96DD-FD4B797E4CFA} : v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\Program Files (x86)\PANDORA.TV\PanService\PanProcess.exe|Name=PanProcess| [x] -> Found
[PUP.Gen1] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {5E9D948F-3284-49D7-9EE6-AA6FAA480486} : v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\Program Files (x86)\PANDORA.TV\PanService\PanProcess.exe|Name=PanProcess| [x] -> Found
[PUP.Gen1] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {759EBF77-F566-44B1-9347-6B971DF608E8} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\Program Files (x86)\PANDORA.TV\PanService\PandoraService.exe|Name=PandoraService| [x] -> Found
[PUP.Gen1] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {17F0B064-8911-4BEE-8D2E-7EF2D90C7775} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\Program Files (x86)\PANDORA.TV\PanService\PandoraService.exe|Name=PandoraService| [x] -> Found

¤¤¤ Tasks : 0 ¤¤¤

¤¤¤ Files : 12 ¤¤¤
[Tr.Gen0][File] C:\Users\Owner\AppData\Roaming\uTorrent\updates\3.4.5_41865\utorrentie.exe -> Found
[Tr.Gen0][File] C:\Users\Owner\AppData\Roaming\uTorrent\updates\3.4.6_42094\utorrentie.exe -> Found
[Tr.Gen0][File] C:\Users\Owner\AppData\Roaming\uTorrent\updates\3.4.7_42330\utorrentie.exe -> Found
[Tr.Gen0][File] C:\Users\Owner\AppData\Roaming\uTorrent\updates\3.4.8_42449\utorrentie.exe -> Found
[Tr.Gen0][File] C:\Users\Owner\AppData\Roaming\uTorrent\updates\3.4.8_42576\utorrentie.exe -> Found
[Tr.Gen0][File] C:\Users\Owner\AppData\Roaming\uTorrent\updates\3.4.9_42606\utorrentie.exe -> Found
[Tr.Gen0][File] C:\Users\Owner\AppData\Roaming\uTorrent\updates\3.4.9_42923\utorrentie.exe -> Found
[Tr.Gen0][File] C:\Users\Owner\AppData\Roaming\uTorrent\updates\3.4.9_42973\utorrentie.exe -> Found
[Tr.Gen0][File] C:\Users\Owner\AppData\Roaming\uTorrent\updates\3.4.9_43085\utorrentie.exe -> Found
[Tr.Gen0][File] C:\Users\Owner\AppData\Roaming\uTorrent\updates\3.4.9_43295\utorrentie.exe -> Found
[Tr.Gen0][File] C:\Users\Owner\AppData\Roaming\uTorrent\updates\3.4.9_43388\utorrentie.exe -> Found
[Tr.Gen0][File] C:\Users\Owner\AppData\Roaming\uTorrent\updates\3.5.0_43580\utorrentie.exe -> Found

¤¤¤ WMI : 0 ¤¤¤

¤¤¤ Hosts File : 0 ¤¤¤

¤¤¤ Antirootkit : 0 (Driver: Loaded) ¤¤¤

¤¤¤ Web browsers : 7 ¤¤¤
[PUP.Gen2][Firefox:Addon] 2r1qdddl.default : Amazon Assistant for Firefox [abb@amazon.com] -> Found
[PUP.Gen2][Firefox:Addon] 2r1qdddl.default : YouTube Unblocker [youtubeunblocker@unblocker.yt] -> Found
[PUP.Gen2][Firefox:Addon] 2r1qdddl.default : uTorrentBar [{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}] -> Found
[PUP.Gen2][Firefox:Addon] 2r1qdddl.default : AVG Web TuneUp [avg@toolbar] -> Found
[PUP.Gen0][Chrome:Addon] Default : AVG Web TuneUp [chfdnecihphmhljaaejmgoiahnihplgn] -> Found
[PUP.Gen0][Chrome:Addon] Profile 2 : AVG Web TuneUp [chfdnecihphmhljaaejmgoiahnihplgn] -> Found
[PUP.Gen0][Chrome:Addon] Profile 2 : Amazon Assistant for Chrome [pbjikboenpfhbbejgkoklgkhjpfogcam] -> Found
 
Rogue 2/2

¤¤¤ MBR Check : ¤¤¤
+++++ PhysicalDrive0: WDC WD10 EARS-22Y5B1 SCSI Disk Device +++++
--- User ---
[MBR] 9e65aec921fbd6e536203fa46686f5e3
[BSP] 922ef439d8effc04ed3401607668d67b : Windows Vista/7/8 MBR Code
Partition table:
0 - [XXXXXX] ACER (0x27) [VISIBLE] Offset (sectors): 2048 | Size: 20000 MB
1 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 40962048 | Size: 100 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
2 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 41166848 | Size: 933767 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
User = LL1 ... OK
Error reading LL2 MBR! ([1] Incorrect function. )

+++++ PhysicalDrive1: Generic- Multi-Card USB Device +++++
Error reading User MBR! ([15] The device is not ready. )
Error reading LL1 MBR! NOT VALID!
Error reading LL2 MBR! ([32] The request is not supported. )
 
You must log in or register to reply here.

Similar threads

Bob O'Donnell
Amazon debuts Bedrock, a new cloud service for AI-generated text and images
Replies
0
Views
414
Bob O'Donnell
Bob O'Donnell
J
Give Amazon your palm print and receive $10 in credit
Replies
23
Views
1K
Danny101
Danny101
Scorpus
AMD Ryzen 7000 is off to a slow start, Zen 4 sales are not good
3 4 5
Replies
112
Views
7K
quadibloc
quadibloc

Latest posts

Back