Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Fairly Certain Malware Hiding Somewhere I Cannot Find

Malware Removal Send in the Reinforcements Another set of eyes Help Oh God what have I done

  • Please log in to reply

#1
Solarin_

Solarin_

    New Member

  • Member
  • Pip
  • 1 posts

I foolishly let a family member use my computer without close supervision recently over the holidays. The young person was downloading torrents and my computer was hit with some trojans that began auto installing at least 5 different malware programs onto the computer. I didn't quite catch from which site it was, but it was quite the effort to get it back to what is somewhat normal.

Recently, I have noticed that my keyboard and mouse have begun to be unresponsive (or incorrectly responsive) at random intervals for random periods of time. This was not present before the infection. Thus far I have used Malwarebytes, Spybot, and some online virus scanners to remove whatever was present. It is my suspicion that something tries to occasionally take over the mouse and keyboard input from time to time. This is especially noticeable when I am playing a game. It looks like a window flashes over the game window for a tiny instant sometimes. It then feels like the keyboard and mouse try to interact with another program in some fashion

 

I have not noticed any other installed programs that I can see and there are no random popups. (It basically completely hijacked Chrome so I did a fresh install.) Something could still be lurking though. Any assistance would be greatly appreciated.

 

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:10-01-2015 01
Ran by Matthew (administrator) on PHOENIX-PC (14-01-2016 23:14:14)
Running from C:\Users\Matthew\Desktop
Loaded Profiles: Matthew (Available Profiles: Matthew)
Platform: Windows 10 Pro Version 1511 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome Remote Desktop\47.0.2526.18\remoting_host.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe
(DTS) C:\Program Files\Realtek\Audio\HDA\DTSAudioService64.exe
(Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL10_50.CSSQL08\MSSQL\Binn\sqlservr.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Company) C:\Program Files (x86)\Popcorn Time\Updater.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome Remote Desktop\47.0.2526.18\remoting_host.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL10_50.CSSQL08\MSSQL\Binn\fdlauncher.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL10_50.CSSQL08\MSSQL\Binn\fdhost.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe
() C:\Program Files (x86)\ASUS\AI Suite II\EasyUpdate\EzUpdt.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe
() C:\Program Files\WindowsApps\Microsoft.Messaging_2.12.15004.0_x86__8wekyb3d8bbwe\SkypeHost.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.29.1\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.29.1\GoogleCrashHandler64.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\AI Suite II.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\USB 3.0 Boost\U3BoostSvr64.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\AlertHelper.exe
() C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDPictureViewer.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDMovieViewer.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDClock.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDYT.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDMedia.exe
(Pushbullet Inc) C:\Users\Matthew\AppData\Local\Pushbullet\bin\pushbullet_client.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDCountdown.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDPOP3.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDWebCam.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDRSS.exe
(Pushbullet Inc) C:\Users\Matthew\AppData\Local\Temp\pushbullet_watchdog.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OFFICE15\CSISYNCCLIENT.EXE
(Google Inc.) C:\Users\Matthew\AppData\Local\Programs\Google\MusicManager\MusicManager.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Blizzard Entertainment) C:\ProgramData\Battle.net\Agent\Agent.4669\Agent.exe
(Blizzard Entertainment) G:\Battle.net\Battle.net.6526\Battle.net.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(NVIDIA Corporation) C:\Users\Matthew\AppData\Local\NVIDIA\NvBackend\ApplicationOntology\NvOAWrapperCache.exe
 
 
==================== Registry (Whitelisted) ===========================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [ShadowPlay] => "C:\WINDOWS\system32\rundll32.exe" C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [287592 2013-08-07] (Intel Corporation)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2787264 2016-01-11] (NVIDIA Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [444904 2012-09-20] (Adobe Systems Incorporated)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8484056 2015-06-12] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_DTS] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1393880 2015-04-28] (Realtek Semiconductor)
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [15053944 2016-01-06] (Logitech Inc.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-05-11] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe [3478600 2013-05-11] (Adobe Systems Inc.)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [508800 2014-12-17] (Oracle Corporation)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
HKU\S-1-5-21-222771743-675066039-1018729164-1001\...\Run: [Pushbullet] => C:\Program Files (x86)\Pushbullet\pushbullet.exe [64000 2014-12-21] (Pushbullet inc)
HKU\S-1-5-21-222771743-675066039-1018729164-1001\...\Run: [Spotify Web Helper] => C:\Users\Matthew\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2022968 2015-07-23] (Spotify Ltd)
HKU\S-1-5-21-222771743-675066039-1018729164-1001\...\Run: [Spotify] => C:\Users\Matthew\AppData\Roaming\Spotify\Spotify.exe [7298616 2015-07-23] (Spotify Ltd)
HKU\S-1-5-21-222771743-675066039-1018729164-1001\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [22790776 2015-11-04] (Google)
HKU\S-1-5-21-222771743-675066039-1018729164-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3014224 2016-01-14] (Valve Corporation)
HKU\S-1-5-21-222771743-675066039-1018729164-1001\...\Run: [TSMApplication] => C:\Program Files (x86)\TradeSkillMaster Application\app\TSMApplication.exe [1623040 2015-12-20] ()
HKU\S-1-5-21-222771743-675066039-1018729164-1001\...\Run: [Google Update] => C:\Users\Matthew\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2015-11-06] (Google Inc.)
HKU\S-1-5-21-222771743-675066039-1018729164-1001\...\Run: [MusicManager] => C:\Users\Matthew\AppData\Local\Programs\Google\MusicManager\MusicManager.exe [7643136 2015-11-17] (Google Inc.)
HKU\S-1-5-21-222771743-675066039-1018729164-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [50378880 2015-12-17] (Skype Technologies S.A.)
HKU\S-1-5-21-222771743-675066039-1018729164-1001\...\Run: [GoogleChromeAutoLaunch_1DCACA8C0EC1716DD73D162837173624] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [748360 2016-01-12] (Google Inc.)
HKU\S-1-5-21-222771743-675066039-1018729164-1001\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.)
HKU\S-1-5-21-222771743-675066039-1018729164-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8590760 2015-12-08] (Piriform Ltd)
HKU\S-1-5-21-222771743-675066039-1018729164-1001\...\Policies\Explorer: [] 
ShellIconOverlayIdentifiers: [  GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2015-11-04] (Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2015-11-04] (Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2015-11-04] (Google)
ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Matthew\AppData\Local\Microsoft\OneDrive\17.3.6281.1202_1\amd64\FileSyncShell64.dll [2015-12-13] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Matthew\AppData\Local\Microsoft\OneDrive\17.3.6281.1202_1\amd64\FileSyncShell64.dll [2015-12-13] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Matthew\AppData\Local\Microsoft\OneDrive\17.3.6281.1202_1\amd64\FileSyncShell64.dll [2015-12-13] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} =>  No File
ShellIconOverlayIdentifiers: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} =>  No File
ShellIconOverlayIdentifiers: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} =>  No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Matthew\AppData\Local\Microsoft\OneDrive\17.3.6281.1202_1\FileSyncShell.dll [2015-12-13] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Matthew\AppData\Local\Microsoft\OneDrive\17.3.6281.1202_1\FileSyncShell.dll [2015-12-13] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Matthew\AppData\Local\Microsoft\OneDrive\17.3.6281.1202_1\FileSyncShell.dll [2015-12-13] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} =>  No File
ShellIconOverlayIdentifiers-x32: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} =>  No File
ShellIconOverlayIdentifiers-x32: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} =>  No File
BootExecute: autocheck autochk * sdnclean64.exe
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\..\Interfaces\{5d063979-903b-4dfe-b4e6-9c46ed3427f1}: [NameServer] 208.87.151.17,208.87.151.16
Tcpip\..\Interfaces\{8718928d-cbeb-45ea-a621-800a9249001d}: [NameServer] 208.87.151.17,208.87.151.16
Tcpip\..\Interfaces\{ec26cd93-76bb-4169-b8ab-d25945ec0f2f}: [NameServer] 208.87.151.17,208.87.151.16
 
Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-222771743-675066039-1018729164-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-222771743-675066039-1018729164-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://t.msn.com/
HKU\S-1-5-21-222771743-675066039-1018729164-1001\Software\Microsoft\Internet Explorer\Main,First Home Page = hxxp://g.msn.com/1ewenusDefaultPack/UP97_FRPage
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2015-11-18] (Microsoft Corporation)
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_31\bin\ssv.dll [2015-02-04] (Oracle Corporation)
BHO: LastPass Vault -> {95D9ECF5-2A4D-4550-BE49-70D42F71296E} -> C:\Program Files (x86)\LastPass\LPToolbar_x64.dll [2016-01-13] (LastPass)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-10-12] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2015-11-10] (Microsoft Corporation)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-02-04] (Oracle Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2015-11-18] (Microsoft Corporation)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-02-24] (Oracle Corporation)
BHO-x32: Evernote extension -> {92EF2EAD-A7CE-4424-B0DB-499CF856608E} -> C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll [2015-12-01] (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
BHO-x32: LastPass Vault -> {95D9ECF5-2A4D-4550-BE49-70D42F71296E} -> C:\Program Files (x86)\LastPass\LPToolbar.dll [2016-01-13] (LastPass)
BHO-x32: Adobe Acrobat Create PDF Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2012-09-23] (Adobe Systems Incorporated)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-10-12] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2015-11-10] (Microsoft Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-02-24] (Oracle Corporation)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2012-09-23] (Adobe Systems Incorporated)
Toolbar: HKLM - LastPass Toolbar - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPToolbar_x64.dll [2016-01-13] (LastPass)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2012-09-23] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - LastPass Toolbar - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPToolbar.dll [2016-01-13] (LastPass)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2014-03-12] (Microsoft Corporation)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-10-12] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-10-12] (Microsoft Corporation)
 
FireFox:
========
FF ProfilePath: C:\Users\Matthew\AppData\Roaming\Mozilla\Firefox\Profiles\cemx0rvn.default
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_20_0_0_267.dll [2015-12-28] ()
FF Plugin: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-02-04] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-02-04] (Oracle Corporation)
FF Plugin: @lastpass.com/NPLastPass -> C:\Program Files (x86)\LastPass\nplastpass64.dll [2016-01-13] (LastPass)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDAPP\CCM\Utilities\npAdobeAAMDetect64.dll [No File]
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_267.dll [2015-12-28] ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-05-20] (Google)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-08-08] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-08-08] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-02-24] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2014-02-24] (Oracle Corporation)
FF Plugin-x32: @lastpass.com/NPLastPass -> C:\Program Files (x86)\LastPass\nplastpass64.dll [2016-01-13] (LastPass)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-11-18] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-22] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-12-16] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-12-16] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-02] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-02] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-02-04] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-02-04] (VideoLAN)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll [2013-05-11] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-222771743-675066039-1018729164-1001: @talk.google.com/GoogleTalkPlugin -> C:\Users\Matthew\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll [2015-12-08] (Google)
FF Plugin HKU\S-1-5-21-222771743-675066039-1018729164-1001: @talk.google.com/O1DPlugin -> C:\Users\Matthew\AppData\Roaming\Mozilla\plugins\npo1d.dll [2015-12-08] (Google)
FF Plugin HKU\S-1-5-21-222771743-675066039-1018729164-1001: @tools.google.com/Google Update;version=3 -> C:\Users\Matthew\AppData\Local\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-04] (Google Inc.)
FF Plugin HKU\S-1-5-21-222771743-675066039-1018729164-1001: @tools.google.com/Google Update;version=9 -> C:\Users\Matthew\AppData\Local\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-04] (Google Inc.)
FF Plugin HKU\S-1-5-21-222771743-675066039-1018729164-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Matthew\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-07-07] (Unity Technologies ApS)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2015-11-18] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Users\Matthew\AppData\Roaming\mozilla\plugins\npgoogletalk.dll [2015-12-08] (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\Matthew\AppData\Roaming\mozilla\plugins\npo1d.dll [2015-12-08] (Google)
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2015-10-08]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat - Create PDF - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn [2013-11-23] [not signed]
 
Chrome: 
=======
CHR HomePage: Default -> hxxp://www-searching.com/?pid=s&s=G1Dzamobl3687,d27478ca-ee27-457a-be14-a9f5e96c4d91,&vp=ch&prd=set_ch
CHR StartupUrls: Default -> "hxxp://www-searching.com/?pid=s&s=G1Dzamobl3687,d27478ca-ee27-457a-be14-a9f5e96c4d91,&vp=ch&prd=set_ch"
CHR Plugin: (Widevine Content Decryption Module) - C:\Users\Matthew\AppData\Local\Google\Chrome\User Data\WidevineCDM\1.4.6.703\_platform_specific\win_x86\widevinecdmadapter.dll => No File
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\47.0.2526.111\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\47.0.2526.111\pdf.dll => No File
CHR Plugin: (Microsoft Office 2013) - C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Bio3D) - C:\Program Files (x86)\CambridgeSoft\ChemOffice2012\Chem3D\npChem3DPlugin.dll => No File
CHR Plugin: (ChemDraw) - C:\Program Files (x86)\CambridgeSoft\ChemOffice2012\ChemDraw\npcdp32.dll => No File
CHR Plugin: (Google Earth Plugin) - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Intel® Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
CHR Plugin: (Intel® Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
CHR Plugin: (Java Deployment Toolkit 7.0.510.13) - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
CHR Plugin: (Java™ Platform SE 7 U51) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (NPLastPass) - C:\Program Files (x86)\LastPass\nplastpass.dll (LastPass)
CHR Plugin: (Silverlight Plug-In) - C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll => No File
CHR Plugin: (Microsoft Office 2013) - C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
CHR Plugin: (NVIDIA 3D Vision) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
CHR Plugin: (NVIDIA 3D VISION) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
CHR Plugin: (VLC Web Plugin) - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
CHR Plugin: (Unity Player) - C:\Users\Matthew\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
CHR Plugin: (Google Update) - C:\Users\Matthew\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll => No File
CHR Plugin: (Shockwave Flash) - C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_257.dll => No File
CHR Profile: C:\Users\Matthew\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (BetterTTV) - C:\Users\Matthew\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajopnjidmegmdimjlfnijceegpefgped [2016-01-13]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Matthew\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2015-06-07]
CHR Extension: (YouTube) - C:\Users\Matthew\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-27]
CHR Extension: (Adblock Plus) - C:\Users\Matthew\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-01-13]
CHR Extension: (Add to Amazon Wish List) - C:\Users\Matthew\AppData\Local\Google\Chrome\User Data\Default\Extensions\ciagpekplgpbepdgggflgmahnjgiaced [2013-11-21]
CHR Extension: (uBlock Origin) - C:\Users\Matthew\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2016-01-13]
CHR Extension: (Google Search) - C:\Users\Matthew\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-05]
CHR Extension: (Tampermonkey) - C:\Users\Matthew\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2015-12-15]
CHR Extension: (ZenMate Security, Privacy & Unblock VPN) - C:\Users\Matthew\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdcgdnkidjaadafnichfpabhfomcebme [2015-11-24]
CHR Extension: (Chrome Remote Desktop) - C:\Users\Matthew\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbchcmhmhahfdphkhkmpfmihenigjmpp [2016-01-13]
CHR Extension: (Google Docs Offline) - C:\Users\Matthew\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-11-24]
CHR Extension: (The Camelizer) - C:\Users\Matthew\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghnomdcacenbmilgjigehppbamfndblo [2015-09-01]
CHR Extension: (LastPass: Free Password Manager) - C:\Users\Matthew\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd [2016-01-13]
CHR Extension: (Wolfram
Alpha (Official)) - C:\Users\Matthew\AppData\Local\Google\Chrome\User Data\Default\Extensions\icncamkooinmbehmkeilcccmoljfkdhp [2013-11-21]
CHR Extension: (ReChat for Twitch™) - C:\Users\Matthew\AppData\Local\Google\Chrome\User Data\Default\Extensions\ipplilmaapjjklilmmaccfemdmhkoacd [2015-12-29]
CHR Extension: (HTML5ify) - C:\Users\Matthew\AppData\Local\Google\Chrome\User Data\Default\Extensions\jikbjpjgjmmdhcmlagappehlpiljoaop [2013-11-21]
CHR Extension: (Video Blocker) - C:\Users\Matthew\AppData\Local\Google\Chrome\User Data\Default\Extensions\jknkjnpcbbgcbdbaampbjlhkcghmgfhk [2016-01-13]
CHR Extension: (Grammarly Spell Checker & Grammar Checker) - C:\Users\Matthew\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbfnbcaeplbcioakkpcpgfkobkghlhen [2016-01-13]
CHR Extension: (Reddit Enhancement Suite) - C:\Users\Matthew\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbmfpngjjgdllneeigpgjifpgocmfgmb [2016-01-13]
CHR Extension: (Google Mail Checker) - C:\Users\Matthew\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff [2013-11-21]
CHR Extension: (Google Hangouts) - C:\Users\Matthew\AppData\Local\Google\Chrome\User Data\Default\Extensions\nckgahadagoaajjgafhacjanaoiihapd [2016-01-13]
CHR Extension: (Google Chrome to Phone Extension [DEPRECATED]) - C:\Users\Matthew\AppData\Local\Google\Chrome\User Data\Default\Extensions\oadboiipflhobonjjffjbfekfjcgkhco [2015-12-07]
CHR Extension: (Hover Zoom+) - C:\Users\Matthew\AppData\Local\Google\Chrome\User Data\Default\Extensions\pccckmaobkjjboncdfnnofkonhgpceea [2016-01-14]
CHR Extension: (Gmail) - C:\Users\Matthew\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-04]
CHR HKLM\...\Chrome\Extension: [hdokiejnpimakedhajhdlcegeplioahd] - hxxp://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-222771743-675066039-1018729164-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\Matthew\AppData\Local\Google\Drive\user_default\apdfllckaahabafndbhieahigkjlhalf_live.crx [2016-01-13]
CHR HKU\S-1-5-21-222771743-675066039-1018729164-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCChromeExtn\WCChromeExtn.crx [2013-05-11]
CHR HKLM-x32\...\Chrome\Extension: [hdokiejnpimakedhajhdlcegeplioahd] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2015-10-12]
 
==================== Services (Whitelisted) ========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe [920736 2013-11-21] ()
R2 asHmComSvc; C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe [951936 2013-11-21] (ASUSTeK Computer Inc.)
R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe [149120 2013-11-21] (ASUSTeK Computer Inc.)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1433216 2015-10-12] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1773696 2015-10-12] (Microsoft Corporation)
R2 chromoting; C:\Program Files (x86)\Google\Chrome Remote Desktop\47.0.2526.18\remoting_host.exe [69448 2015-10-14] (Google Inc.)
R2 DTSAudioService; C:\Program Files\Realtek\Audio\HDA\DTSAudioService64.exe [210024 2011-05-31] (DTS)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1163200 2016-01-11] (NVIDIA Corporation)
R2 HPSLPSVC; C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL [1039360 2011-08-18] (Hewlett-Packard Co.) [File not signed]
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-07] (Intel Corporation)
R2 Intel® Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-11] (Intel® Corporation) [File not signed]
S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-11] (Intel® Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [169432 2013-08-08] (Intel Corporation)
R2 LogiRegistryService; C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe [193144 2016-01-06] (Logitech Inc.)
S4 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1513784 2015-10-05] (Malwarebytes)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
R2 MSSQL$CSSQL08; C:\Program Files\Microsoft SQL Server\MSSQL10_50.CSSQL08\MSSQL\Binn\sqlservr.exe [62111072 2011-06-17] (Microsoft Corporation)
R3 MSSQLFDLauncher$CSSQL08; C:\Program Files\Microsoft SQL Server\MSSQL10_50.CSSQL08\MSSQL\Binn\fdlauncher.exe [32096 2010-04-03] (Microsoft Corporation)
R2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1879488 2016-01-11] (NVIDIA Corporation)
R3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [6308288 2016-01-11] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [4812736 2016-01-11] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2078216 2015-10-09] (Electronic Arts)
R2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
S4 SQLAgent$CSSQL08; C:\Program Files\Microsoft SQL Server\MSSQL10_50.CSSQL08\MSSQL\Binn\SQLAGENT.EXE [431456 2011-06-17] (Microsoft Corporation)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 Update service; C:\Program Files (x86)\Popcorn Time\Updater.exe [179200 2014-10-05] (Company) [File not signed]
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-10-30] (Microsoft Corporation)
R2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2014-02-25] (Atheros) [File not signed]
 
===================== Drivers (Whitelisted) ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2013-11-21] ()
R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [14464 2013-11-21] ()
R2 LGCoreTemp; C:\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\lgcoretemp.sys [14184 2015-06-21] (Logitech)
R3 LGJoyXlCore; C:\Windows\system32\drivers\LGJoyXlCore.sys [68384 2015-06-10] (Logitech Inc.)
R3 LGPBTDD; C:\Windows\System32\Drivers\LGPBTDD.sys [30728 2009-07-01] (Logitech Inc.)
R3 LGSHidFilt; C:\Windows\system32\DRIVERS\LGSHidFilt.Sys [64280 2013-05-30] (Logitech Inc.)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-10-05] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-08-08] (Intel Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [26560 2016-01-11] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [47760 2015-12-18] (NVIDIA Corporation)
R0 sdfhgdf; C:\Windows\System32\DRIVERS\sdfhgdf.sys [22184 2016-01-13] (Corporation) [File not signed]
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)
R3 XSplit_Dummy; C:\Windows\system32\drivers\xspltspk.sys [26200 2015-05-25] (SplitmediaLabs Limited)
S1 ktwlvhla; \??\C:\WINDOWS\system32\drivers\ktwlvhla.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2016-01-14 23:14 - 2016-01-14 23:14 - 00038891 _____ C:\Users\Matthew\Desktop\FRST.txt
2016-01-14 23:13 - 2016-01-14 23:14 - 00000000 ____D C:\FRST
2016-01-14 23:13 - 2016-01-14 23:13 - 02370560 _____ (Farbar) C:\Users\Matthew\Desktop\FRST64.exe
2016-01-14 23:13 - 2016-01-14 23:13 - 00003900 _____ C:\Users\Matthew\Desktop\FRST64.exe - Shortcut.lnk
2016-01-14 22:44 - 2016-01-14 22:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech
2016-01-14 22:32 - 2016-01-14 22:32 - 00000000 ____D C:\Program Files\Realtek
2016-01-14 22:32 - 2015-06-18 18:45 - 04496600 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\Drivers\RTKVHD64.sys
2016-01-14 22:32 - 2015-06-18 17:59 - 02862488 _____ C:\WINDOWS\system32\Drivers\RTAIODAT.DAT
2016-01-14 22:32 - 2015-06-17 19:47 - 02930904 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RltkAPO64.dll
2016-01-14 22:32 - 2015-06-17 19:47 - 02585816 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\SysWOW64\RltkAPO.dll
2016-01-14 22:32 - 2015-06-17 14:45 - 03234520 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkApi64.dll
2016-01-14 22:32 - 2015-06-15 17:39 - 01748184 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RCoInstII64.dll
2016-01-14 22:32 - 2015-06-11 19:40 - 03157796 _____ C:\WINDOWS\system32\Drivers\rtkSSTsetting.dat
2016-01-14 22:32 - 2015-06-10 13:20 - 03129672 _____ (Intel Corporation) C:\WINDOWS\system32\IntelSSTAPO.dll
2016-01-14 22:32 - 2015-06-10 13:20 - 00728392 _____ (Intel Corporation) C:\WINDOWS\system32\IntelSstCApoPropPage.dll
2016-01-14 22:32 - 2015-06-09 11:17 - 05708736 _____ (Nahimic Inc) C:\WINDOWS\system32\NAHIMICV2apo.dll
2016-01-14 22:32 - 2015-06-02 19:25 - 01576976 _____ (Conexant Systems Inc.) C:\WINDOWS\system32\CX64APO.dll
2016-01-14 22:32 - 2015-05-27 18:51 - 02461016 _____ (Dolby Laboratories) C:\WINDOWS\system32\DolbyDAX2APOv211.dll
2016-01-14 22:32 - 2015-05-27 18:51 - 02393432 _____ (Dolby Laboratories) C:\WINDOWS\system32\DolbyDAX2APOv201.dll
2016-01-14 22:32 - 2015-05-27 18:51 - 00944984 _____ (Dolby Laboratories) C:\WINDOWS\system32\DolbyDAX2APOProp.dll
2016-01-14 22:32 - 2015-05-27 18:51 - 00349528 _____ (Dolby Laboratories) C:\WINDOWS\system32\HiFiDAX2API.dll
2016-01-14 22:32 - 2015-05-26 11:59 - 00166616 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkCfg64.dll
2016-01-14 22:32 - 2015-05-25 15:18 - 03195416 _____ (Fortemedia Corporation) C:\WINDOWS\system32\FMAPO64.dll
2016-01-14 22:32 - 2015-05-18 14:47 - 02702040 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTSnMg64.cpl
2016-01-14 22:32 - 2015-05-15 19:27 - 02918104 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtPgEx64.dll
2016-01-14 22:32 - 2015-05-15 16:32 - 01316056 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTCOM64.dll
2016-01-14 22:32 - 2015-05-11 18:53 - 12996528 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxVoiceAPO3064.dll
2016-01-14 22:32 - 2015-05-11 13:08 - 01374640 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPO6064.dll
2016-01-14 22:32 - 2015-05-11 13:08 - 01192368 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPO5064.dll
2016-01-14 22:32 - 2015-05-11 13:08 - 01145264 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPO4064.dll
2016-01-14 22:32 - 2015-05-11 13:08 - 00980400 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxVoiceAPO2064.dll
2016-01-14 22:32 - 2015-04-27 16:09 - 00328816 _____ (ICEpower a/s) C:\WINDOWS\system32\ICEsoundAPO64.dll
2016-01-14 22:32 - 2015-04-24 05:42 - 00858256 _____ (Sound Research, Corp.) C:\WINDOWS\system32\SEHDRA64.dll
2016-01-14 22:32 - 2015-04-24 05:42 - 00684176 _____ (Sound Research, Corp.) C:\WINDOWS\system32\SECOMN64.dll
2016-01-14 22:32 - 2015-04-24 05:42 - 00435856 _____ (Sound Research, Corp.) C:\WINDOWS\system32\SEAPO64.dll
2016-01-14 22:32 - 2015-04-24 05:41 - 00555664 _____ (Sound Research, Corp.) C:\WINDOWS\SysWOW64\SECOMN32.DLL
2016-01-14 22:32 - 2015-04-13 16:25 - 03262184 _____ (Yamaha Corporation) C:\WINDOWS\system32\YamahaAE2.dll
2016-01-14 22:32 - 2015-02-05 17:48 - 12834736 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxVoiceAPO4064.dll
2016-01-14 22:32 - 2015-02-05 17:48 - 02789808 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPO7064.dll
2016-01-14 22:32 - 2015-02-04 00:38 - 01413776 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRRPTR64.dll
2016-01-14 22:32 - 2015-02-04 00:38 - 00454288 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRAPO64.dll
2016-01-14 22:32 - 2015-02-04 00:38 - 00369296 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRCOM64.dll
2016-01-14 22:32 - 2015-02-04 00:38 - 00329360 _____ (Synopsys, Inc.) C:\WINDOWS\SysWOW64\SRCOM.dll
2016-01-14 22:32 - 2015-02-04 00:38 - 00329360 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRCOM.dll
2016-01-14 22:32 - 2015-01-23 18:16 - 00213432 _____ (TOSHIBA Corporation) C:\WINDOWS\system32\tossaemaxapo64.dll
2016-01-14 22:32 - 2015-01-19 18:10 - 72113152 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RCoRes64.dat
2016-01-14 22:32 - 2014-12-11 08:10 - 01104040 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\slcnt64.dll
2016-01-14 22:32 - 2014-12-11 08:10 - 00943784 _____ (DTS, Inc.) C:\WINDOWS\system32\sl3apo64.dll
2016-01-14 22:32 - 2014-12-11 08:10 - 00734376 _____ (DTS, Inc.) C:\WINDOWS\system32\sltech64.dll
2016-01-14 22:32 - 2014-12-11 08:10 - 00250536 _____ (TODO: <Company name>) C:\WINDOWS\system32\slprp64.dll
2016-01-14 22:32 - 2014-11-11 13:44 - 00631000 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtDataProc64.dll
2016-01-14 22:32 - 2014-11-04 13:42 - 06242576 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPP64AF3.dll
2016-01-14 22:32 - 2014-11-04 13:42 - 01933584 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPD64AF3.dll
2016-01-14 22:32 - 2014-11-04 13:42 - 00336144 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPO64AF3.dll
2016-01-14 22:32 - 2014-11-04 13:42 - 00284944 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPA64F3.dll
2016-01-14 22:32 - 2014-10-24 10:12 - 05234952 _____ (Nahimic Inc) C:\WINDOWS\system32\NAHIMICAPOlfx.dll
2016-01-14 22:32 - 2014-10-24 10:12 - 00995120 _____ (Nahimic Inc) C:\WINDOWS\system32\NahimicAPONSControl.dll
2016-01-14 22:32 - 2014-09-24 11:31 - 07087448 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPP64A.dll
2016-01-14 22:32 - 2014-09-24 11:31 - 01939800 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPD64A.dll
2016-01-14 22:32 - 2014-09-24 11:31 - 00315736 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPO64A.dll
2016-01-14 22:32 - 2014-09-24 11:31 - 00261464 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPA64.dll
2016-01-14 22:32 - 2014-08-14 19:16 - 05804772 _____ C:\WINDOWS\system32\Drivers\rtvienna.dat
2016-01-14 22:32 - 2014-06-17 19:17 - 00856992 _____ (TOSHIBA Corporation) C:\WINDOWS\system32\tadefxapo264.dll
2016-01-14 22:32 - 2014-06-09 10:59 - 00560328 _____ (Andrea Electronics Corporation) C:\WINDOWS\system32\AERTAC64.dll
2016-01-14 22:32 - 2014-05-22 16:24 - 00096568 _____ C:\WINDOWS\system32\audioLibVc.dll
2016-01-14 22:32 - 2014-04-10 12:19 - 02101848 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\WavesGUILib64.dll
2016-01-14 22:32 - 2014-04-10 12:19 - 02041432 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioEQ64.dll
2016-01-14 22:32 - 2014-02-27 20:02 - 02162992 _____ (Yamaha Corporation) C:\WINDOWS\system32\YamahaAE.dll
2016-01-14 22:32 - 2014-01-31 17:27 - 01313904 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxSpeechAPO64.dll
2016-01-14 22:32 - 2013-10-11 12:47 - 00113576 _____ (Real Sound Lab SIA) C:\WINDOWS\system32\CONEQMSAPOGUILibrary.dll
2016-01-14 22:32 - 2013-10-11 11:31 - 00947760 _____ (Sony Corporation) C:\WINDOWS\system32\SFSS_APO.dll
2016-01-14 22:32 - 2013-10-07 00:26 - 00501184 _____ (DTS) C:\WINDOWS\system32\DTSU2PLFX64.dll
2016-01-14 22:32 - 2013-10-07 00:26 - 00487360 _____ (DTS) C:\WINDOWS\system32\DTSU2PGFX64.dll
2016-01-14 22:32 - 2013-10-07 00:26 - 00415680 _____ (DTS) C:\WINDOWS\system32\DTSU2PREC64.dll
2016-01-14 22:32 - 2013-08-14 15:36 - 00662784 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxVolumeSDAPO.dll
2016-01-14 22:32 - 2013-08-14 15:35 - 00663296 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPO30.dll
2016-01-14 22:32 - 2013-07-23 15:39 - 14048512 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioRealtek64.dll
2016-01-14 22:32 - 2013-07-23 15:39 - 00922880 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPOShell64.dll
2016-01-14 22:32 - 2013-06-25 12:47 - 00871856 _____ (TOSHIBA Corporation) C:\WINDOWS\system32\tossaeapo64.dll
2016-01-14 22:32 - 2013-06-25 12:47 - 00162224 _____ (TOSHIBA Corporation) C:\WINDOWS\system32\toseaeapo64.dll
2016-01-14 22:32 - 2013-06-25 12:46 - 00582056 _____ (TOSHIBA Corporation) C:\WINDOWS\system32\tosasfapo64.dll
2016-01-14 22:32 - 2013-06-21 11:01 - 00109848 _____ C:\WINDOWS\system32\AcpiServiceVnA64.dll
2016-01-14 22:32 - 2013-04-03 14:13 - 00906800 _____ (Sony Corporation) C:\WINDOWS\system32\MISS_APO.dll
2016-01-14 22:32 - 2012-08-31 19:18 - 07164176 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEP64A.dll
2016-01-14 22:32 - 2012-08-31 19:17 - 00434960 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EED64A.dll
2016-01-14 22:32 - 2012-08-31 19:17 - 00141584 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEL64A.dll
2016-01-14 22:32 - 2012-08-31 19:17 - 00124176 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEA64A.dll
2016-01-14 22:32 - 2012-08-31 19:17 - 00075024 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEG64A.dll
2016-01-14 22:32 - 2012-03-08 11:47 - 00108640 _____ (Andrea Electronics Corporation) C:\WINDOWS\system32\AERTAR64.dll
2016-01-14 22:32 - 2012-01-10 10:20 - 00065944 _____ (TOSHIBA CORPORATION.) C:\WINDOWS\system32\tepeqapo64.dll
2016-01-14 22:32 - 2011-12-20 15:32 - 00331880 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtlCPAPI64.dll
2016-01-14 22:32 - 2011-11-22 16:28 - 00014952 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkCoLDR64.dll
2016-01-14 22:32 - 2011-09-02 14:21 - 00221024 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SFNHK64.dll
2016-01-14 22:32 - 2011-09-02 14:21 - 00081248 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SFCOM64.dll
2016-01-14 22:32 - 2011-09-02 14:21 - 00078688 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SFAPO64.dll
2016-01-14 22:32 - 2011-08-23 17:00 - 00603984 _____ (Knowles Acoustics ) C:\WINDOWS\system32\KAAPORT64.dll
2016-01-14 22:32 - 2011-05-31 09:42 - 01756264 _____ (DTS) C:\WINDOWS\system32\DTSS2SpeakerDLL64.dll
2016-01-14 22:32 - 2011-05-31 09:42 - 01568360 _____ (DTS) C:\WINDOWS\system32\DTSS2HeadphoneDLL64.dll
2016-01-14 22:32 - 2011-05-31 09:42 - 01486952 _____ (DTS) C:\WINDOWS\system32\DTSBoostDLL64.dll
2016-01-14 22:32 - 2011-05-31 09:42 - 00728680 _____ (DTS) C:\WINDOWS\system32\DTSBassEnhancementDLL64.dll
2016-01-14 22:32 - 2011-05-31 09:42 - 00712296 _____ (DTS) C:\WINDOWS\system32\DTSSymmetryDLL64.dll
2016-01-14 22:32 - 2011-05-31 09:42 - 00693352 _____ (DTS) C:\WINDOWS\system32\DTSVoiceClarityDLL64.dll
2016-01-14 22:32 - 2011-05-31 09:42 - 00491112 _____ (DTS) C:\WINDOWS\system32\DTSNeoPCDLL64.dll
2016-01-14 22:32 - 2011-05-31 09:42 - 00432744 _____ (DTS) C:\WINDOWS\system32\DTSLimiterDLL64.dll
2016-01-14 22:32 - 2011-05-31 09:42 - 00428648 _____ (DTS) C:\WINDOWS\system32\DTSGainCompensatorDLL64.dll
2016-01-14 22:32 - 2011-05-31 09:42 - 00242792 _____ (DTS) C:\WINDOWS\system32\DTSLFXAPO64.dll
2016-01-14 22:32 - 2011-05-31 09:42 - 00242792 _____ (DTS) C:\WINDOWS\system32\DTSGFXAPO64.dll
2016-01-14 22:32 - 2011-05-31 09:42 - 00241768 _____ (DTS) C:\WINDOWS\system32\DTSGFXAPONS64.dll
2016-01-14 22:32 - 2011-03-17 12:17 - 01361336 _____ (TOSHIBA Corporation) C:\WINDOWS\system32\tosade.dll
2016-01-14 22:32 - 2011-03-07 17:11 - 00148416 _____ (TOSHIBA Corporation) C:\WINDOWS\system32\tadefxapo.dll
2016-01-14 22:32 - 2010-11-08 07:31 - 00375128 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEP64A.dll
2016-01-14 22:32 - 2010-11-08 07:31 - 00310104 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RP3DHT64.dll
2016-01-14 22:32 - 2010-11-08 07:31 - 00310104 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RP3DAA64.dll
2016-01-14 22:32 - 2010-11-08 07:31 - 00204120 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEED64A.dll
2016-01-14 22:32 - 2010-11-08 07:31 - 00101208 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEL64A.dll
2016-01-14 22:32 - 2010-11-08 07:31 - 00078680 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEG64A.dll
2016-01-14 22:32 - 2010-09-27 09:34 - 00318808 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPO20.dll
2016-01-14 22:32 - 2010-07-22 16:48 - 00074064 _____ (Virage Logic Corporation / Sonic Focus) C:\WINDOWS\SysWOW64\SFCOM.dll
2016-01-14 22:32 - 2009-11-24 09:55 - 00518896 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSTSX64.dll
2016-01-14 22:32 - 2009-11-24 09:55 - 00211184 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSTSH64.dll
2016-01-14 22:32 - 2009-11-24 09:55 - 00198896 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSHP64.dll
2016-01-14 22:32 - 2009-11-24 09:55 - 00155888 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSWOW64.dll
2016-01-14 22:30 - 2016-01-14 22:30 - 00002222 _____ C:\Users\Public\Desktop\3D Vision Photo Viewer.lnk
2016-01-14 22:30 - 2015-12-16 08:54 - 00523384 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2016-01-14 22:30 - 2015-12-16 08:54 - 00075056 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2016-01-14 22:30 - 2015-12-16 08:19 - 00103216 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvStreaming.exe
2016-01-14 22:29 - 2015-12-16 10:59 - 42976888 _____ C:\WINDOWS\system32\nvcompiler.dll
2016-01-14 22:29 - 2015-12-16 10:59 - 37608568 _____ C:\WINDOWS\SysWOW64\nvcompiler.dll
2016-01-14 22:29 - 2015-12-16 10:59 - 31098488 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2016-01-14 22:29 - 2015-12-16 10:59 - 24923768 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2016-01-14 22:29 - 2015-12-16 10:59 - 21131424 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2016-01-14 22:29 - 2015-12-16 10:59 - 20672376 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2016-01-14 22:29 - 2015-12-16 10:59 - 17568432 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2016-01-14 22:29 - 2015-12-16 10:59 - 17164160 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2016-01-14 22:29 - 2015-12-16 10:59 - 17104016 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvd3dumx.dll
2016-01-14 22:29 - 2015-12-16 10:59 - 02560816 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2016-01-14 22:29 - 2015-12-16 10:59 - 02214192 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2016-01-14 22:29 - 2015-12-16 10:59 - 01915512 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6436143.dll
2016-01-14 22:29 - 2015-12-16 10:59 - 01564976 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6436143.dll
2016-01-14 22:29 - 2015-12-16 10:59 - 00938104 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2016-01-14 22:29 - 2015-12-16 10:59 - 00872056 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2016-01-14 22:29 - 2015-12-16 10:59 - 00786688 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFTH264.dll
2016-01-14 22:29 - 2015-12-16 10:59 - 00735024 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2016-01-14 22:29 - 2015-12-16 10:59 - 00681592 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2016-01-14 22:29 - 2015-12-16 10:59 - 00632336 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFTH264.dll
2016-01-14 22:29 - 2015-12-16 10:59 - 00541000 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvumdshimx.dll
2016-01-14 22:29 - 2015-12-16 10:59 - 00445728 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvumdshim.dll
2016-01-14 22:29 - 2015-12-16 10:59 - 00416560 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2016-01-14 22:29 - 2015-12-16 10:59 - 00378784 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2016-01-14 22:29 - 2015-12-16 10:59 - 00376440 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvDecMFTMjpeg.dll
2016-01-14 22:29 - 2015-12-16 10:59 - 00370992 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2016-01-14 22:29 - 2015-12-16 10:59 - 00339760 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvDecMFTMjpeg.dll
2016-01-14 22:29 - 2015-12-16 10:59 - 00316960 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2016-01-14 22:29 - 2015-12-16 10:59 - 00206968 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2016-01-14 22:29 - 2015-12-16 10:59 - 00175368 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvinitx.dll
2016-01-14 22:29 - 2015-12-16 10:59 - 00153208 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvinit.dll
2016-01-14 22:29 - 2015-12-16 10:59 - 00151184 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglshim64.dll
2016-01-14 22:29 - 2015-12-16 10:59 - 00128696 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglshim32.dll
2016-01-14 22:29 - 2015-12-16 10:59 - 00039240 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdap64.dll
2016-01-14 22:20 - 2016-01-14 22:30 - 00000000 ____D C:\WINDOWS\LastGood.Tmp
2016-01-14 22:20 - 2015-12-18 00:10 - 00099472 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvaudcap64v.dll
2016-01-14 22:20 - 2015-12-18 00:10 - 00090768 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvaudcap32v.dll
2016-01-14 21:54 - 2016-01-14 21:54 - 00002864 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2016-01-14 21:54 - 2016-01-14 21:54 - 00000879 _____ C:\Users\Public\Desktop\CCleaner.lnk
2016-01-14 21:54 - 2016-01-14 21:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2016-01-14 21:54 - 2016-01-14 21:54 - 00000000 ____D C:\Program Files\CCleaner
2016-01-14 20:35 - 2016-01-14 20:35 - 00000085 _____ C:\WINDOWS\wininit.ini
2016-01-13 20:04 - 2016-01-13 14:44 - 00001171 _____ C:\WINDOWS\system32\Drivers\etc\hosts.20160113-200413.backup
2016-01-13 19:57 - 2016-01-13 19:57 - 00000000 ____D C:\Users\Matthew\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ventrilo
2016-01-13 19:46 - 2016-01-13 20:40 - 00000000 ____D C:\ProgramData\Kaspersky Lab Setup Files
2016-01-13 19:21 - 2016-01-13 19:21 - 00000000 ____D C:\Program Files\Common Files\AV
2016-01-13 19:21 - 2015-07-28 17:52 - 00821920 _____ (Safer-Networking Ltd. ) C:\Users\Public\Desktop\Post Win10 Spybot-install.exe
2016-01-13 19:19 - 2016-01-13 19:19 - 00000000 ____D C:\Users\Matthew\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\LastPass
2016-01-13 19:16 - 2016-01-13 19:25 - 00000000 ____D C:\Users\Matthew\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps
2016-01-13 19:15 - 2016-01-14 21:50 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2016-01-13 19:15 - 2016-01-14 20:35 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2016-01-13 19:15 - 2016-01-13 19:15 - 00000000 ____D C:\WINDOWS\System32\Tasks\Safer-Networking
2016-01-13 19:09 - 2016-01-13 19:09 - 00001244 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2016-01-13 19:09 - 2016-01-13 19:09 - 00001232 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2016-01-13 19:09 - 2016-01-13 19:09 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-01-13 19:08 - 2016-01-13 19:08 - 00002348 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-01-13 19:08 - 2016-01-13 19:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2016-01-13 14:58 - 2016-01-13 14:58 - 00001520 _____ C:\ProgramData\tempimage.bmp
2016-01-13 14:55 - 2016-01-13 14:55 - 00000000 ___HD C:\OneDriveTemp
2016-01-13 14:51 - 2016-01-13 14:57 - 00000000 ____D C:\Program Files (x86)\Setup Support for Looksafe
2016-01-13 14:49 - 2016-01-13 14:49 - 00000000 ____D C:\ProgramData\COMODO
2016-01-13 14:49 - 2016-01-13 14:49 - 00000000 ____D C:\Program Files\COMODO
2016-01-13 14:48 - 2016-01-13 14:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Comodo
2016-01-13 14:48 - 2016-01-13 14:48 - 00000000 ____D C:\Users\Matthew\AppData\Local\Comodo
2016-01-13 14:47 - 2016-01-13 15:19 - 00000000 ____D C:\Program Files (x86)\Probit Software
2016-01-13 14:46 - 2016-01-13 15:26 - 00000000 ____D C:\Program Files (x86)\Setup Support for DataHelper
2016-01-13 14:46 - 2016-01-13 14:46 - 00000000 ____D C:\Program Files (x86)\DataHelper
2016-01-13 14:45 - 2016-01-13 14:44 - 00001171 _____ C:\WINDOWS\system32\Drivers\etc\hp.bak
2016-01-13 14:43 - 2016-01-13 14:55 - 00022184 _____ (Corporation) C:\WINDOWS\system32\Drivers\sdfhgdf.sys
2016-01-13 14:43 - 2016-01-13 14:43 - 00187904 _____ C:\WINDOWS\rsrcs.dll
2016-01-13 04:04 - 2016-01-14 21:50 - 00000000 ____D C:\WINDOWS\PCHEALTH
2016-01-12 23:17 - 2016-01-04 20:51 - 07477600 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-01-12 23:17 - 2016-01-04 20:51 - 01317640 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2016-01-12 23:17 - 2016-01-04 20:51 - 01141496 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2016-01-12 23:17 - 2016-01-04 20:50 - 01173344 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2016-01-12 23:17 - 2016-01-04 20:50 - 00713568 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2016-01-12 23:17 - 2016-01-04 20:50 - 00671472 _____ (Microsoft Corporation) C:\WINDOWS\system32\advapi32.dll
2016-01-12 23:17 - 2016-01-04 20:49 - 00513888 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2016-01-12 23:17 - 2016-01-04 20:48 - 00499432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\advapi32.dll
2016-01-12 23:17 - 2016-01-04 20:45 - 02587696 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2016-01-12 23:17 - 2016-01-04 20:42 - 02026736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2016-01-12 23:17 - 2016-01-04 20:37 - 02544256 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2016-01-12 23:17 - 2016-01-04 20:37 - 01299504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetsrc.dll
2016-01-12 23:17 - 2016-01-04 20:37 - 00858952 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll
2016-01-12 23:17 - 2016-01-04 20:37 - 00848160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2016-01-12 23:17 - 2016-01-04 20:37 - 00785088 _____ (Microsoft Corporation) C:\WINDOWS\system32\evr.dll
2016-01-12 23:17 - 2016-01-04 20:37 - 00245840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2016-01-12 23:17 - 2016-01-04 20:37 - 00234504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mftranscode.dll
2016-01-12 23:17 - 2016-01-04 20:36 - 00808800 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2016-01-12 23:17 - 2016-01-04 20:33 - 02180128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2016-01-12 23:17 - 2016-01-04 20:33 - 01118208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll
2016-01-12 23:17 - 2016-01-04 20:33 - 00709688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2016-01-12 23:17 - 2016-01-04 20:33 - 00701384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetcore.dll
2016-01-12 23:17 - 2016-01-04 20:33 - 00652312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\evr.dll
2016-01-12 23:17 - 2016-01-04 20:33 - 00208176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mftranscode.dll
2016-01-12 23:17 - 2016-01-04 20:33 - 00116728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfps.dll
2016-01-12 23:17 - 2016-01-04 20:31 - 00703840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2016-01-12 23:17 - 2016-01-04 20:27 - 01594408 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2016-01-12 23:17 - 2016-01-04 20:24 - 00796352 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2016-01-12 23:17 - 2016-01-04 20:23 - 01804664 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMALFXGFXDSP.dll
2016-01-12 23:17 - 2016-01-04 20:23 - 01309376 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2016-01-12 23:17 - 2016-01-04 20:23 - 00786696 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMADMOD.DLL
2016-01-12 23:17 - 2016-01-04 20:23 - 00119320 _____ (Microsoft Corporation) C:\WINDOWS\system32\MP3DMOD.DLL
2016-01-12 23:17 - 2016-01-04 20:21 - 01371792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2016-01-12 23:17 - 2016-01-04 20:17 - 00695752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMADMOD.DLL
2016-01-12 23:17 - 2016-01-04 20:16 - 00100160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MP3DMOD.DLL
2016-01-12 23:17 - 2016-01-04 19:59 - 22393856 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-01-12 23:17 - 2016-01-04 19:57 - 16986112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2016-01-12 23:17 - 2016-01-04 19:57 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\system32\RMSRoamingSecurity.dll
2016-01-12 23:17 - 2016-01-04 19:57 - 00043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgrcli.dll
2016-01-12 23:17 - 2016-01-04 19:56 - 00145920 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmclient.exe
2016-01-12 23:17 - 2016-01-04 19:54 - 00162816 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2016-01-12 23:17 - 2016-01-04 19:53 - 00148992 _____ (Microsoft Corporation) C:\WINDOWS\system32\wshom.ocx
2016-01-12 23:17 - 2016-01-04 19:52 - 00210432 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2016-01-12 23:17 - 2016-01-04 19:51 - 00472576 _____ (Microsoft Corporation) C:\WINDOWS\system32\DscCore.dll
2016-01-12 23:17 - 2016-01-04 19:51 - 00248832 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserMgrProxy.dll
2016-01-12 23:17 - 2016-01-04 19:50 - 00644096 _____ (Microsoft Corporation) C:\WINDOWS\system32\uReFS.dll
2016-01-12 23:17 - 2016-01-04 19:50 - 00638464 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2016-01-12 23:17 - 2016-01-04 19:50 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2016-01-12 23:17 - 2016-01-04 19:49 - 13018624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2016-01-12 23:17 - 2016-01-04 19:49 - 01582080 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2016-01-12 23:17 - 2016-01-04 19:49 - 01255936 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMSPDMOE.DLL
2016-01-12 23:17 - 2016-01-04 19:49 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2016-01-12 23:17 - 2016-01-04 19:49 - 00749056 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneService.dll
2016-01-12 23:17 - 2016-01-04 19:49 - 00167936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProximityCommon.dll
2016-01-12 23:17 - 2016-01-04 19:48 - 01009152 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMSPDMOD.DLL
2016-01-12 23:17 - 2016-01-04 19:48 - 00387072 _____ (Microsoft Corporation) C:\WINDOWS\system32\qdvd.dll
2016-01-12 23:17 - 2016-01-04 19:48 - 00034816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usermgrcli.dll
2016-01-12 23:17 - 2016-01-04 19:47 - 00628736 _____ (Microsoft Corporation) C:\WINDOWS\system32\MessagingDataModel2.dll
2016-01-12 23:17 - 2016-01-04 19:47 - 00479232 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2016-01-12 23:17 - 2016-01-04 19:47 - 00305664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ksproxy.ax
2016-01-12 23:17 - 2016-01-04 19:45 - 00678912 _____ (Microsoft Corporation) C:\WINDOWS\system32\qedit.dll
2016-01-12 23:17 - 2016-01-04 19:45 - 00275968 _____ (Microsoft Corporation) C:\WINDOWS\system32\facecredentialprovider.dll
2016-01-12 23:17 - 2016-01-04 19:44 - 00125440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wshom.ocx
2016-01-12 23:17 - 2016-01-04 19:43 - 00953856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2016-01-12 23:17 - 2016-01-04 19:43 - 00912384 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgr.dll
2016-01-12 23:17 - 2016-01-04 19:43 - 00604672 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2016-01-12 23:17 - 2016-01-04 19:43 - 00584704 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2016-01-12 23:17 - 2016-01-04 19:42 - 00166912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserMgrProxy.dll
2016-01-12 23:17 - 2016-01-04 19:41 - 18677760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2016-01-12 23:17 - 2016-01-04 19:41 - 01070080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMSPDMOE.DLL
2016-01-12 23:17 - 2016-01-04 19:41 - 00558592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uReFS.dll
2016-01-12 23:17 - 2016-01-04 19:40 - 00890880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMSPDMOD.DLL
2016-01-12 23:17 - 2016-01-04 19:40 - 00123392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ProximityCommon.dll
2016-01-12 23:17 - 2016-01-04 19:39 - 03428864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2016-01-12 23:17 - 2016-01-04 19:39 - 00569856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qdvd.dll
2016-01-12 23:17 - 2016-01-04 19:39 - 00498176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MessagingDataModel2.dll
2016-01-12 23:17 - 2016-01-04 19:39 - 00235008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ksproxy.ax
2016-01-12 23:17 - 2016-01-04 19:38 - 00389120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2016-01-12 23:17 - 2016-01-04 19:36 - 00573440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qedit.dll
2016-01-12 23:17 - 2016-01-04 19:36 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2016-01-12 23:17 - 2016-01-04 19:33 - 01674240 _____ (Microsoft Corporation) C:\WINDOWS\system32\quartz.dll
2016-01-12 23:17 - 2016-01-04 19:30 - 02796032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2016-01-12 23:17 - 2016-01-04 19:30 - 02280448 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2016-01-12 23:17 - 2016-01-04 19:29 - 03667456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2016-01-12 23:17 - 2016-01-04 19:28 - 07826432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-01-12 23:17 - 2016-01-04 19:28 - 04894720 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-01-12 23:17 - 2016-01-04 19:28 - 01542656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\quartz.dll
2016-01-12 23:17 - 2016-01-04 19:25 - 05660160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2016-01-04 12:11 - 2016-01-14 21:56 - 00000000 ____D C:\WINDOWS\Minidump
2015-12-31 13:14 - 2016-01-13 15:23 - 00001111 _____ C:\Users\Public\Desktop\CAM.lnk
2015-12-31 13:14 - 2015-12-31 13:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CAM
2015-12-31 13:14 - 2015-12-31 13:14 - 00000000 ____D C:\Program Files (x86)\NZXT
2015-12-29 23:25 - 2016-01-13 15:24 - 00002634 _____ C:\Users\Public\Desktop\Skype.lnk
2015-12-29 23:25 - 2015-12-29 23:30 - 00000000 ___RD C:\Program Files (x86)\Skype
2015-12-29 23:25 - 2015-12-29 23:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2015-12-29 12:17 - 2016-01-14 15:50 - 00000000 ____D C:\Users\Matthew\AppData\Roaming\qBittorrent
2015-12-29 12:17 - 2015-12-29 12:17 - 00000000 ____D C:\Users\Matthew\AppData\Local\qBittorrent
2015-12-29 12:17 - 2015-12-29 12:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\qBittorrent
2015-12-29 12:17 - 2015-12-29 12:17 - 00000000 ____D C:\Program Files (x86)\qBittorrent
2015-12-22 08:22 - 2015-12-22 08:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ROCCAT
2015-12-22 08:22 - 2015-12-22 08:22 - 00000000 ____D C:\Program Files (x86)\ROCCAT
2015-12-17 16:35 - 2015-12-06 22:57 - 00973664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2015-12-17 16:35 - 2015-12-06 22:55 - 01281376 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2015-12-17 16:35 - 2015-12-06 22:49 - 00412512 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifitask.exe
2015-12-17 16:35 - 2015-12-06 22:48 - 01155944 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2015-12-17 16:35 - 2015-12-06 22:48 - 01092456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2015-12-17 16:35 - 2015-12-06 22:48 - 01065080 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2015-12-17 16:35 - 2015-12-06 22:48 - 01020096 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
2015-12-17 16:35 - 2015-12-06 22:48 - 00983464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2015-12-17 16:35 - 2015-12-06 22:48 - 00884256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2015-12-17 16:35 - 2015-12-06 22:48 - 00823264 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2015-12-17 16:35 - 2015-12-06 22:48 - 00794888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll
2015-12-17 16:35 - 2015-12-06 22:48 - 00696160 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll
2015-12-17 16:35 - 2015-12-06 22:48 - 00670928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfds.dll
2015-12-17 16:35 - 2015-12-06 22:48 - 00526856 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfreadwrite.dll
2015-12-17 16:35 - 2015-12-06 22:48 - 00502112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll
2015-12-17 16:35 - 2015-12-06 22:48 - 00498448 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFCaptureEngine.dll
2015-12-17 16:35 - 2015-12-06 22:48 - 00462760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfreadwrite.dll
2015-12-17 16:35 - 2015-12-06 22:48 - 00450904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFCaptureEngine.dll
2015-12-17 16:35 - 2015-12-06 22:48 - 00337840 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFPlay.dll
2015-12-17 16:35 - 2015-12-06 22:48 - 00289248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFPlay.dll
2015-12-17 16:35 - 2015-12-06 22:48 - 00115040 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupApi.dll
2015-12-17 16:35 - 2015-12-06 22:48 - 00084832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupApi.dll
2015-12-17 16:35 - 2015-12-06 22:47 - 00925064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2015-12-17 16:35 - 2015-12-06 22:47 - 00898184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll
2015-12-17 16:35 - 2015-12-06 22:47 - 00716928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2015-12-17 16:35 - 2015-12-06 22:46 - 03671888 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-12-17 16:35 - 2015-12-06 22:46 - 02919320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-12-17 16:35 - 2015-12-06 22:45 - 00264544 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll
2015-12-17 16:35 - 2015-12-06 22:15 - 01035776 _____ (Microsoft Corporation) C:\WINDOWS\system32\XboxNetApiSvc.dll
2015-12-17 16:35 - 2015-12-06 22:15 - 00075776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.XboxLive.ProxyStub.dll
2015-12-17 16:35 - 2015-12-06 22:10 - 00824320 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2015-12-17 16:35 - 2015-12-06 22:09 - 00133120 _____ (Microsoft Corporation) C:\WINDOWS\system32\flvprophandler.dll
2015-12-17 16:35 - 2015-12-06 22:09 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanagerprecheck.dll
2015-12-17 16:35 - 2015-12-06 22:09 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorageUsage.dll
2015-12-17 16:35 - 2015-12-06 22:07 - 00134656 _____ (Microsoft Corporation) C:\WINDOWS\system32\wificonnapi.dll
2015-12-17 16:35 - 2015-12-06 22:07 - 00077312 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProvPluginEng.dll
2015-12-17 16:35 - 2015-12-06 22:06 - 00572928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2015-12-17 16:35 - 2015-12-06 22:06 - 00231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCore.dll
2015-12-17 16:35 - 2015-12-06 22:06 - 00199168 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2015-12-17 16:35 - 2015-12-06 22:05 - 00192000 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
2015-12-17 16:35 - 2015-12-06 22:05 - 00036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\BackgroundTransferHost.exe
2015-12-17 16:35 - 2015-12-06 22:04 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshost.dll
2015-12-17 16:35 - 2015-12-06 22:04 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\provtool.exe
2015-12-17 16:35 - 2015-12-06 22:02 - 00269824 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshostcore.dll
2015-12-17 16:35 - 2015-12-06 22:02 - 00161280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2015-12-17 16:35 - 2015-12-06 22:01 - 00543232 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2015-12-17 16:35 - 2015-12-06 22:01 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BackgroundTransferHost.exe
2015-12-17 16:35 - 2015-12-06 22:00 - 00618496 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2015-12-17 16:35 - 2015-12-06 22:00 - 00323072 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSFlacDecoder.dll
2015-12-17 16:35 - 2015-12-06 22:00 - 00210432 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll
2015-12-17 16:35 - 2015-12-06 22:00 - 00203776 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll
2015-12-17 16:35 - 2015-12-06 21:59 - 00558080 _____ (Microsoft Corporation) C:\WINDOWS\system32\MBMediaManager.dll
2015-12-17 16:35 - 2015-12-06 21:59 - 00292352 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2015-12-17 16:35 - 2015-12-06 21:59 - 00286208 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll
2015-12-17 16:35 - 2015-12-06 21:59 - 00165376 _____ (Microsoft Corporation) C:\WINDOWS\system32\provdatastore.dll
2015-12-17 16:35 - 2015-12-06 21:58 - 24601600 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-12-17 16:35 - 2015-12-06 21:58 - 00459776 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2015-12-17 16:35 - 2015-12-06 21:57 - 00409088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2015-12-17 16:35 - 2015-12-06 21:57 - 00270848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSFlacDecoder.dll
2015-12-17 16:35 - 2015-12-06 21:56 - 00607232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2015-12-17 16:35 - 2015-12-06 21:56 - 00497152 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmkvsrcsnk.dll
2015-12-17 16:35 - 2015-12-06 21:55 - 07979008 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2015-12-17 16:35 - 2015-12-06 21:55 - 00346112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
2015-12-17 16:35 - 2015-12-06 21:54 - 00850432 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2015-12-17 16:35 - 2015-12-06 21:53 - 19339264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-12-17 16:35 - 2015-12-06 21:53 - 00381952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmkvsrcsnk.dll
2015-12-17 16:35 - 2015-12-06 21:51 - 01318912 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2015-12-17 16:35 - 2015-12-06 21:51 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapibase.dll
2015-12-17 16:35 - 2015-12-06 21:50 - 01131520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Audio.dll
2015-12-17 16:35 - 2015-12-06 21:49 - 01105920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Audio.dll
2015-12-17 16:35 - 2015-12-06 21:48 - 06297088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2015-12-17 16:35 - 2015-12-06 21:45 - 02582016 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2015-12-17 16:35 - 2015-12-06 21:45 - 00900608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.dll
2015-12-17 16:35 - 2015-12-06 21:45 - 00683008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.BackgroundTransfer.dll
2015-12-17 16:35 - 2015-12-06 21:43 - 02598400 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2015-12-17 16:35 - 2015-12-06 21:43 - 00931328 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSMPEG2ENC.DLL
2015-12-17 16:35 - 2015-12-06 21:41 - 02061824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2015-12-17 16:35 - 2015-12-06 21:40 - 03593216 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2015-12-17 16:35 - 2015-12-06 21:40 - 01995776 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncProvider.dll
2015-12-17 16:35 - 2015-12-06 21:40 - 01706496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActiveSyncProvider.dll
2015-12-17 16:35 - 2015-12-06 21:39 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2015-12-17 16:35 - 2015-12-06 21:38 - 00871936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSMPEG2ENC.DLL
2015-12-17 16:35 - 2015-12-06 21:33 - 00375296 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDEServer.exe
2015-12-17 16:35 - 2015-12-06 21:32 - 00126464 _____ (Microsoft Corporation) C:\WINDOWS\system32\dialserver.dll
2015-12-15 13:23 - 2016-01-13 14:55 - 00000000 ____D C:\Users\Matthew\AppData\Local\Deployment
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2016-01-14 23:13 - 2015-10-30 00:28 - 00000000 ____D C:\Windows
2016-01-14 23:08 - 2014-05-11 17:05 - 00000000 ____D C:\Users\Matthew\AppData\Local\Battle.net
2016-01-14 23:05 - 2015-02-25 16:26 - 00000000 ____D C:\AdwCleaner
2016-01-14 22:59 - 2015-11-06 00:49 - 00000938 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-222771743-675066039-1018729164-1001UA.job
2016-01-14 22:51 - 2015-10-30 01:21 - 00000000 ____D C:\WINDOWS\INF
2016-01-14 22:51 - 2015-08-06 12:38 - 00972620 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-01-14 22:46 - 2014-12-30 18:34 - 00000000 ____D C:\Users\Matthew\AppData\Local\Pushbullet
2016-01-14 22:46 - 2013-11-21 23:06 - 00000000 ____D C:\Program Files (x86)\Steam
2016-01-14 22:46 - 2013-11-21 21:54 - 00000000 __RDO C:\Users\Matthew\SkyDrive
2016-01-14 22:45 - 2015-12-13 11:16 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-01-14 22:45 - 2015-12-13 11:10 - 00000000 ____D C:\ProgramData\NVIDIA
2016-01-14 22:45 - 2015-10-30 00:28 - 00786432 ___SH C:\WINDOWS\system32\config\BBI
2016-01-14 22:45 - 2014-01-10 08:02 - 00000000 ____D C:\Program Files\Logitech Gaming Software
2016-01-14 22:45 - 2013-11-21 21:56 - 00000924 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-01-14 22:44 - 2015-12-13 11:10 - 00018960 _____ (Logitech, Inc.) C:\WINDOWS\system32\Drivers\LNonPnP.sys
2016-01-14 22:44 - 2014-06-07 14:14 - 00000000 ____D C:\ProgramData\Package Cache
2016-01-14 22:37 - 2013-11-21 21:56 - 00000928 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-01-14 22:36 - 2014-03-28 10:43 - 00000830 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2016-01-14 22:35 - 2014-12-16 20:02 - 00000000 ____D C:\Users\Matthew\AppData\Roaming\Ventrilo
2016-01-14 22:33 - 2013-11-21 22:19 - 00000000 ___HD C:\Program Files (x86)\Temp
2016-01-14 22:32 - 2015-12-13 11:09 - 00000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2016-01-14 22:32 - 2015-12-13 11:09 - 00000000 ____D C:\WINDOWS\system32\DAX2
2016-01-14 22:30 - 2015-12-13 11:10 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2016-01-14 22:30 - 2013-11-21 22:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2016-01-14 22:20 - 2015-11-10 23:57 - 00001466 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2016-01-14 22:20 - 2014-11-14 12:52 - 00000000 ____D C:\Users\Matthew\AppData\Local\NVIDIA
2016-01-14 21:57 - 2014-07-04 00:21 - 00000000 ____D C:\Users\Matthew\AppData\Roaming\MPC-HC
2016-01-14 21:56 - 2015-12-13 13:08 - 00000000 ___DC C:\WINDOWS\Panther
2016-01-14 21:56 - 2014-07-03 19:31 - 00000000 ____D C:\Users\Matthew\AppData\Local\CrashDumps
2016-01-14 21:49 - 2015-08-23 23:13 - 00000000 ____D C:\Users\Matthew\AppData\Roaming\Skype
2016-01-14 16:26 - 2014-07-24 22:53 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2016-01-14 00:24 - 2013-11-25 23:38 - 00000132 _____ C:\Users\Matthew\AppData\Roaming\Adobe PNG Format CS6 Prefs
2016-01-13 22:47 - 2015-10-30 01:24 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-01-13 20:40 - 2015-07-10 03:05 - 00000000 ____D C:\Users\Default.migrated
2016-01-13 19:57 - 2014-12-16 20:02 - 00000998 _____ C:\Users\Matthew\Desktop\Ventrilo.lnk
2016-01-13 19:19 - 2013-12-19 16:01 - 00001152 _____ C:\Users\Public\Desktop\My LastPass Vault.lnk
2016-01-13 19:19 - 2013-12-19 16:01 - 00000000 ____D C:\Users\Matthew\AppData\LocalLow\LastPass
2016-01-13 19:19 - 2013-12-19 16:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LastPass
2016-01-13 19:19 - 2013-12-19 16:01 - 00000000 ____D C:\Program Files (x86)\LastPass
2016-01-13 19:09 - 2014-02-11 19:10 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-01-13 19:08 - 2013-11-21 21:56 - 00000000 ____D C:\Program Files (x86)\Google
2016-01-13 17:38 - 2014-01-03 01:10 - 00000000 ____D C:\Users\Matthew\AppData\Roaming\calibre
2016-01-13 17:36 - 2013-11-23 09:16 - 00000000 ____D C:\Users\Matthew\AppData\Local\ElevatedDiagnostics
2016-01-13 16:40 - 2013-11-21 21:53 - 00000000 ____D C:\Users\Matthew\AppData\Local\Packages
2016-01-13 15:26 - 2013-11-21 22:19 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2016-01-13 15:24 - 2015-12-13 20:13 - 00001350 _____ C:\Users\Public\Desktop\TSMApplication.lnk
2016-01-13 15:24 - 2015-12-13 11:13 - 00001540 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2016-01-13 15:24 - 2015-12-09 18:43 - 00002245 _____ C:\Users\Public\Desktop\Style Builder 2016.lnk
2016-01-13 15:24 - 2015-12-09 18:43 - 00002159 _____ C:\Users\Public\Desktop\LayOut 2016.lnk
2016-01-13 15:24 - 2015-12-09 18:43 - 00002070 _____ C:\Users\Public\Desktop\SketchUp 2016.lnk
2016-01-13 15:24 - 2015-11-12 02:57 - 00000985 _____ C:\Users\Public\Desktop\Nexus Mod Manager.lnk
2016-01-13 15:24 - 2015-11-10 16:47 - 00000661 _____ C:\Users\Public\Desktop\Overwatch.lnk
2016-01-13 15:24 - 2015-11-07 23:48 - 00001278 _____ C:\Users\Public\Desktop\XSplit Broadcaster.lnk
2016-01-13 15:24 - 2015-07-25 21:57 - 00001144 _____ C:\Users\Public\Desktop\Syrinscape Fantasy Player.lnk
2016-01-13 15:24 - 2015-07-07 16:44 - 00001029 _____ C:\Users\Public\Desktop\Firehawk Updater.lnk
2016-01-13 15:24 - 2015-06-11 21:18 - 00002180 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth.lnk
2016-01-13 15:24 - 2015-01-29 13:28 - 00001192 _____ C:\Users\Public\Desktop\Intel® Driver Update Utility 2.0.lnk
2016-01-13 15:24 - 2015-01-23 18:20 - 00002753 _____ C:\Users\Public\Desktop\Skin Tool.lnk
2016-01-13 15:24 - 2015-01-23 18:20 - 00002741 _____ C:\Users\Public\Desktop\EVGA PrecisionX 16.lnk
2016-01-13 15:24 - 2015-01-23 11:40 - 00001096 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Warcraft Logs Uploader.lnk
2016-01-13 15:24 - 2015-01-23 11:40 - 00001090 _____ C:\Users\Public\Desktop\Warcraft Logs Uploader.lnk
2016-01-13 15:24 - 2014-11-14 12:16 - 00000758 _____ C:\Users\Public\Desktop\World of Warcraft.lnk
2016-01-13 15:24 - 2014-11-07 00:39 - 00001107 _____ C:\Users\Public\Desktop\Popcorn Time.lnk
2016-01-13 15:24 - 2014-09-12 18:34 - 00001065 _____ C:\Users\Public\Desktop\Last.fm Scrobbler.lnk
2016-01-13 15:24 - 2014-09-12 15:31 - 00001187 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MusicBrainz Picard.lnk
2016-01-13 15:24 - 2014-09-12 15:02 - 00001129 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\foobar2000.lnk
2016-01-13 15:24 - 2014-09-12 15:02 - 00001053 _____ C:\Users\Public\Desktop\foobar2000.lnk
2016-01-13 15:24 - 2014-08-21 14:04 - 00001062 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\I.R.I.S. OCR Registration.lnk
2016-01-13 15:24 - 2014-08-21 14:03 - 00001345 _____ C:\Users\Public\Desktop\HP Solution Center.lnk
2016-01-13 15:24 - 2014-08-21 14:03 - 00001119 _____ C:\Users\Public\Desktop\HP Photo Creations.lnk
2016-01-13 15:24 - 2014-06-09 14:08 - 00001001 _____ C:\Users\Public\Desktop\Origin.lnk
2016-01-13 15:24 - 2014-02-05 18:53 - 00000885 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pandora.lnk
2016-01-13 15:24 - 2014-02-05 18:53 - 00000879 _____ C:\Users\Public\Desktop\Pandora.lnk
2016-01-13 15:24 - 2014-01-27 14:36 - 00000949 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\focus booster.lnk
2016-01-13 15:24 - 2014-01-27 14:36 - 00000943 _____ C:\Users\Public\Desktop\focus booster.lnk
2016-01-13 15:24 - 2014-01-06 22:11 - 00001092 _____ C:\Users\Public\Desktop\VLC media player.lnk
2016-01-13 15:24 - 2013-11-26 19:55 - 00001181 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2016-01-13 15:24 - 2013-11-25 22:03 - 00001001 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Help.lnk
2016-01-13 15:24 - 2013-11-23 11:12 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat XI Pro.lnk
2016-01-13 15:24 - 2013-11-23 11:12 - 00002218 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe FormsCentral.lnk
2016-01-13 15:24 - 2013-11-23 11:12 - 00002057 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat Distiller XI.lnk
2016-01-13 15:24 - 2013-11-23 08:54 - 00002087 _____ C:\Users\Public\Desktop\Google Slides.lnk
2016-01-13 15:24 - 2013-11-23 08:54 - 00002087 _____ C:\Users\Public\Desktop\Google Sheets.lnk
2016-01-13 15:24 - 2013-11-23 08:54 - 00002083 _____ C:\Users\Public\Desktop\Google Docs.lnk
2016-01-13 15:24 - 2013-11-21 23:06 - 00000983 _____ C:\Users\Public\Desktop\Steam.lnk
2016-01-13 15:23 - 2015-12-08 19:31 - 00002517 _____ C:\Users\Public\Desktop\Evernote.lnk
2016-01-13 15:23 - 2015-11-12 03:50 - 00001189 _____ C:\Users\Public\Desktop\Borderless Gaming.lnk
2016-01-13 15:23 - 2015-11-12 03:15 - 00005052 _____ C:\Users\Matthew\Desktop\Dota 2 64.lnk
2016-01-13 15:23 - 2015-11-12 03:10 - 00001947 _____ C:\Users\Matthew\Desktop\FOSE.lnk
2016-01-13 15:23 - 2015-11-11 15:45 - 00001291 _____ C:\Users\Matthew\Desktop\OBS Multiplatform.lnk
2016-01-13 15:23 - 2015-11-03 19:33 - 00000932 _____ C:\Users\Matthew\Desktop\010 Editor.lnk
2016-01-13 15:23 - 2015-09-01 22:42 - 00001509 _____ C:\Users\Matthew\Desktop\Google Drive.lnk
2016-01-13 15:23 - 2015-08-19 11:52 - 00001064 _____ C:\Users\Matthew\Desktop\YNAB 4.lnk
2016-01-13 15:23 - 2015-08-09 03:10 - 00001009 _____ C:\Users\Public\Desktop\calibre 64bit - E-book management.lnk
2016-01-13 15:23 - 2015-03-18 19:49 - 00002403 _____ C:\Users\Matthew\Desktop\Ask Mr. Robot Client.lnk
2016-01-13 15:23 - 2015-01-23 18:27 - 00001114 _____ C:\Users\Matthew\Desktop\MSI Afterburner.lnk
2016-01-13 15:23 - 2014-11-13 08:11 - 00001839 _____ C:\Users\Matthew\Desktop\Spotify.lnk
2016-01-13 15:23 - 2014-10-22 20:53 - 00000717 _____ C:\Users\Matthew\Desktop\Samsung Note3 Backup.lnk
2016-01-13 15:23 - 2014-08-21 14:03 - 00001357 _____ C:\ProgramData\Microsoft\Windows\Start Menu\HP Solution Center.lnk
2016-01-13 15:23 - 2014-07-04 00:08 - 00001008 _____ C:\Users\Public\Desktop\Configure ReClock.lnk
2016-01-13 15:23 - 2014-05-11 17:05 - 00000680 _____ C:\Users\Public\Desktop\Battle.net.lnk
2016-01-13 15:23 - 2014-01-03 01:10 - 00001039 _____ C:\Users\Public\Desktop\calibre - E-book management.lnk
2016-01-13 15:23 - 2013-11-23 11:12 - 00002154 _____ C:\Users\Public\Desktop\Adobe FormsCentral.lnk
2016-01-13 15:23 - 2013-11-23 11:12 - 00002040 _____ C:\Users\Public\Desktop\Adobe Acrobat XI Pro.lnk
2016-01-13 15:22 - 2013-08-22 09:36 - 00000000 ____D C:\WINDOWS\ADFS
2016-01-13 15:10 - 2014-07-24 22:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2016-01-13 15:10 - 2014-07-24 22:53 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2016-01-13 14:57 - 2015-10-30 01:24 - 00000000 ____D C:\WINDOWS\SysWOW64\GroupPolicy
2016-01-13 14:55 - 2014-10-03 04:08 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-01-13 14:54 - 2015-12-13 11:11 - 00000000 ____D C:\Users\Matthew
2016-01-13 14:53 - 2015-12-13 11:08 - 05060136 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-01-13 14:53 - 2015-10-30 01:24 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-01-13 14:53 - 2014-07-03 18:59 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2016-01-13 14:53 - 2014-07-03 18:59 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2016-01-13 04:59 - 2015-11-06 00:49 - 00000886 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-222771743-675066039-1018729164-1001Core.job
2016-01-13 04:07 - 2014-07-03 18:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2016-01-13 04:07 - 2013-11-22 00:54 - 00000000 ____D C:\ProgramData\Microsoft Help
2016-01-13 04:06 - 2013-11-22 00:57 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2016-01-13 04:04 - 2015-10-30 01:11 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-01-13 04:04 - 2013-08-22 07:25 - 00000202 _____ C:\WINDOWS\win.ini
2016-01-13 04:02 - 2013-11-23 09:26 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-01-13 03:59 - 2013-11-23 09:26 - 143671360 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-01-12 18:52 - 2015-10-30 01:24 - 00000000 ___HD C:\Program Files\WindowsApps
2016-01-11 22:41 - 2014-11-14 12:52 - 01316184 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspbridge.dll
2016-01-11 22:41 - 2013-11-21 22:13 - 01542600 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll
2016-01-11 22:40 - 2015-11-29 00:32 - 00112032 _____ C:\WINDOWS\system32\NvRtmpStreamer64.dll
2016-01-11 22:40 - 2014-11-14 12:52 - 01756608 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspbridge64.dll
2016-01-11 22:40 - 2013-11-21 22:13 - 01860120 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll
2016-01-08 04:20 - 2015-10-30 01:24 - 00000000 ____D C:\WINDOWS\system32\NDF
2016-01-08 00:52 - 2014-01-03 01:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\calibre - E-book Management
2016-01-08 00:52 - 2014-01-03 01:10 - 00000000 ____D C:\Program Files (x86)\Calibre2
2016-01-04 22:59 - 2014-01-15 20:01 - 00000000 ____D C:\Users\Matthew\AppData\Roaming\Kodi
2016-01-02 19:40 - 2015-10-30 01:26 - 00826872 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-01-02 19:40 - 2015-10-30 01:26 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-12-30 19:40 - 2014-11-17 18:45 - 00000000 ____D C:\Users\Matthew\.minion
2015-12-30 19:40 - 2014-11-17 18:45 - 00000000 ____D C:\Users\Matthew\.junique
2015-12-29 23:25 - 2014-04-04 22:38 - 00000000 ____D C:\Users\Matthew\AppData\Local\Skype
2015-12-29 23:25 - 2013-12-06 01:21 - 00000000 ____D C:\ProgramData\Skype
2015-12-28 14:36 - 2014-03-28 10:43 - 00003816 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2015-12-23 19:18 - 2014-06-29 22:01 - 00000000 ____D C:\Users\Matthew\AppData\Roaming\Mozilla
2015-12-23 19:18 - 2013-11-21 21:56 - 00000000 ____D C:\Users\Matthew\AppData\Local\Google
2015-12-20 05:04 - 2015-12-13 20:13 - 00000000 ____D C:\Program Files (x86)\TradeSkillMaster Application
2015-12-18 02:48 - 2015-11-10 23:54 - 12426896 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvlddmkm.sys
2015-12-18 00:11 - 2015-08-25 07:50 - 00047760 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvad64v.sys
2015-12-17 19:38 - 2015-10-30 01:24 - 00000000 ____D C:\WINDOWS\Provisioning
2015-12-17 19:38 - 2015-10-30 01:24 - 00000000 ____D C:\WINDOWS\bcastdvr
2015-12-16 17:14 - 2015-10-30 01:24 - 00000000 ____D C:\WINDOWS\rescache
2015-12-16 10:59 - 2015-11-27 14:44 - 01572496 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdagenco6420103.dll
2015-12-16 10:59 - 2015-11-27 14:44 - 00205456 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhda64v.sys
2015-12-16 10:59 - 2015-11-10 23:54 - 19727624 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvwgf2umx.dll
2015-12-16 10:59 - 2015-11-10 23:54 - 17123736 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvwgf2um.dll
2015-12-16 10:59 - 2015-11-10 23:54 - 14103608 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvd3dum.dll
2015-12-16 10:59 - 2015-11-10 23:54 - 03603368 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2015-12-16 10:59 - 2015-11-10 23:54 - 03184152 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2015-12-16 10:59 - 2015-11-10 23:54 - 00035775 _____ C:\WINDOWS\system32\nvinfo.pb
2015-12-16 08:54 - 2015-12-13 11:10 - 06359672 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2015-12-16 08:54 - 2015-12-13 11:10 - 02985264 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2015-12-16 08:54 - 2015-12-13 11:10 - 02554488 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2015-12-16 08:54 - 2015-12-13 11:10 - 01256240 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe
2015-12-16 08:54 - 2015-12-13 11:10 - 00385328 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2015-12-16 08:54 - 2015-12-13 11:10 - 00062768 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2015-12-16 08:49 - 2015-12-13 11:10 - 06090019 _____ C:\WINDOWS\system32\nvcoproc.bin
2015-12-15 03:35 - 2015-10-30 01:24 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2015-12-15 03:35 - 2015-10-30 01:24 - 00000000 ____D C:\WINDOWS\system32\oobe
 
==================== Files in the root of some directories =======
 
2016-01-13 19:19 - 2016-01-13 19:19 - 21403160 _____ (LastPass) C:\Program Files (x86)\Common Files\lpuninstall.exe
2014-07-19 14:20 - 2014-09-14 14:30 - 0000132 _____ () C:\Users\Matthew\AppData\Roaming\Adobe BMP Format CS6 Prefs
2013-11-25 23:38 - 2016-01-14 00:24 - 0000132 _____ () C:\Users\Matthew\AppData\Roaming\Adobe PNG Format CS6 Prefs
2014-02-14 19:28 - 2014-01-25 03:12 - 0012005 _____ () C:\Users\Matthew\AppData\Roaming\alsoft.ini
2015-12-09 18:53 - 2015-12-09 18:53 - 0243702 _____ () C:\Users\Matthew\AppData\Local\ars.cache
2015-12-09 18:53 - 2015-12-09 18:53 - 0601269 _____ () C:\Users\Matthew\AppData\Local\census.cache
2015-12-09 18:46 - 2015-12-09 18:46 - 0000036 _____ () C:\Users\Matthew\AppData\Local\housecall.guid.cache
2015-12-09 18:54 - 2015-12-09 18:54 - 0000010 _____ () C:\Users\Matthew\AppData\Local\sponge.last.runtime.cache
2015-12-13 11:09 - 2015-12-13 11:09 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2014-08-21 14:02 - 2015-05-26 15:55 - 0001822 _____ () C:\ProgramData\hpzinstall.log
2014-06-07 14:19 - 2014-06-07 14:19 - 0000153 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
2016-01-13 14:58 - 2016-01-13 14:58 - 0001520 _____ () C:\ProgramData\tempimage.bmp
 
Some files in TEMP:
====================
C:\Users\Matthew\AppData\Local\Temp\nvSCPAPI.dll
C:\Users\Matthew\AppData\Local\Temp\nvSCPAPI64.dll
C:\Users\Matthew\AppData\Local\Temp\nvStereoApiI64.dll
C:\Users\Matthew\AppData\Local\Temp\nvStInst.exe
C:\Users\Matthew\AppData\Local\Temp\pushbullet_watchdog.exe
 
 
==================== Bamital & volsnap =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2016-01-06 11:41
 
==================== End of FRST.txt ============================
 
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version:10-01-2015 01
Ran by Matthew (2016-01-14 23:14:45)
Running from C:\Users\Matthew\Desktop
Windows 10 Pro (X64) (2015-12-13 17:17:38)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-222771743-675066039-1018729164-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-222771743-675066039-1018729164-503 - Limited - Disabled)
Guest (S-1-5-21-222771743-675066039-1018729164-501 - Limited - Enabled)
HomeGroupUser$ (S-1-5-21-222771743-675066039-1018729164-1010 - Limited - Enabled)
Matthew (S-1-5-21-222771743-675066039-1018729164-1001 - Administrator - Enabled) => C:\Users\Matthew
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
010 Editor 6.0.3 (64-bit) (HKLM\...\010 Editor_is1) (Version:  - SweetScape Software)
64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe Acrobat XI Pro (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-000000000006}) (Version: 11.0.03 - Adobe Systems)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 20.0.0.204 - Adobe Systems Incorporated)
Adobe Creative Suite 6 Master Collection (HKLM-x32\...\{E8AD3069-9EB7-4BA8-8BFE-83F4E69355C0}) (Version: 6 - Adobe Systems Incorporated)
Adobe Flash Player 20 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 20.0.0.267 - Adobe Systems Incorporated)
Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated)
AI Suite II (HKLM-x32\...\{34D3688E-A737-44C5-9E2A-FF73618728E1}) (Version: 2.04.01 - ASUSTeK Computer Inc.)
AIO_Scan (x32 Version: 130.0.421.000 - Hewlett-Packard) Hidden
Album Art Downloader XUI 1.01 (HKLM-x32\...\Album Art Downloader XUI) (Version: 1.01 - hxxp://sourceforge.net/projects/album-art)
Ask Mr. Robot Client (HKU\S-1-5-21-222771743-675066039-1018729164-1001\...\962647591.www.askmrrobot.com) (Version:  - www.askmrrobot.com)
Asmedia ASM104x USB 3.0 Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.16.12.0 - Asmedia Technology)
AviSynth 2.5 (HKLM-x32\...\AviSynth) (Version:  - )
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
bl (x32 Version: 1.0.0 - Your Company Name) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Borderless Gaming (HKLM-x32\...\Borderless Gaming_is1) (Version: 8.2 - Codeusa Software)
BOSS (HKLM-x32\...\BOSS) (Version: 2.1.1 - BOSS Development Team)
BufferChm (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden
C4380 (x32 Version: 140.0.425.000 - Hewlett-Packard) Hidden
C4380_Help (x32 Version: 100.0.206.000 - Hewlett-Packard) Hidden
calibre (HKLM-x32\...\{5AD205E9-E80E-4F4B-88A5-C6B5CC12BBE4}) (Version: 2.48.0 - Kovid Goyal)
calibre 64bit (HKLM\...\{84E37DA5-EB32-4A22-AECA-7FEC9C14CA5A}) (Version: 2.34.0 - Kovid Goyal)
CAM (HKLM-x32\...\{C7C5BA0C-8698-4F79-819A-B262EA577D6E}) (Version: 2.2.0 - NZXT)
CCleaner (HKLM\...\CCleaner) (Version: 5.13 - Piriform)
Chrome Remote Desktop Host (HKLM-x32\...\{CDF9E1C8-4B97-4F8B-A848-7DD0E8BEB89F}) (Version: 47.0.2526.18 - Google Inc.)
Copy (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden
Curse Client (HKU\S-1-5-21-222771743-675066039-1018729164-1001\...\101a9f93b8f0bb6f) (Version: 5.1.1.844 - Curse)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Destinations (x32 Version: 140.0.253.000 - Hewlett-Packard) Hidden
DeviceDiscovery (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden
DocProc (x32 Version: 140.0.185.000 - Hewlett-Packard) Hidden
Dota 2 (HKLM-x32\...\Steam App 570) (Version:  - Valve)
Dragon Age: Origins Character Creator (HKLM-x32\...\{D8B5B7C3-47B1-40FA-8251-59C74A543880}) (Version: 1.00 - Electronic Arts, Inc.)
Dropbox (HKU\S-1-5-21-222771743-675066039-1018729164-1001\...\Dropbox) (Version: 2.10.30 - Dropbox, Inc.)
Evernote v. 5.9.6 (HKLM-x32\...\{A542D366-9877-11E5-B101-005056951CAD}) (Version: 5.9.6.9494 - Evernote Corp.)
EVGA PrecisionX 16 (HKLM-x32\...\{297D2FB1-ACA1-42D6-B697-7F2F94E68B7A}) (Version: 5.2.8 - EVGA Corporation)
Fallout 3 - Game of the Year Edition (HKLM-x32\...\Steam App 22370) (Version:  - Bethesda Game Studios)
Fax (x32 Version: 140.0.307.000 - Hewlett-Packard) Hidden
Firehawk Updater version 1.3.5679.3040 (HKLM-x32\...\{30EFD504-64D8-44D0-8195-42F214F1B792}_is1) (Version: 1.3.5679.3040 - The Firehawk Team)
focus booster (HKLM-x32\...\com.focusboosterapp.focusbooster.air) (Version: 1.3.2 - UNKNOWN)
focus booster (x32 Version: 1.3.2 - UNKNOWN) Hidden
foobar2000 v1.3.3 (HKLM-x32\...\foobar2000) (Version: 1.3.3 - Peter Pawlowski)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 47.0.2526.111 - Google Inc.)
Google Drive (HKLM-x32\...\{1C3D2F92-D25E-4D98-B810-3F3B0857BF26}) (Version: 1.26.0707.2863 - Google, Inc.)
Google Earth (HKLM-x32\...\{817750FA-EC6A-485D-9901-0683AE6FFDF1}) (Version: 7.1.5.1557 - Google)
Google Talk Plugin (HKLM-x32\...\{F9B579C2-D854-300A-BE62-A09EB9D722E4}) (Version: 5.41.3.0 - Google)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.29.1 - Google Inc.) Hidden
GPBaseService2 (x32 Version: 140.0.297.000 - Hewlett-Packard) Hidden
Grand Theft Auto IV (HKLM-x32\...\Steam App 12210) (Version:  - Rockstar North)
HP Customer Participation Program 14.0 (HKLM\...\HPExtendedCapabilities) (Version: 14.0 - HP)
HP Imaging Device Functions 14.0 (HKLM\...\HP Imaging Device Functions) (Version: 14.0 - HP)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.2024 - HP Photo Creations Powered by RocketLife)
HP Photosmart All-In-One Driver Software (HKLM\...\{A96C5DB7-40F9-46DD-B36F-9E657D1D9E04}) (Version: 14.0 - HP)
HP Solution Center 14.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 14.0 - HP)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPPhotoGadget (x32 Version: 140.0.524.000 - Hewlett-Packard) Hidden
HPProductAssistant (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden
Intel® Driver Update Utility 2.0 (x32 Version: 2.0.0.29 - Intel) Hidden
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.13.1706 - Intel Corporation)
Intel® Network Connections 20.0.10.0 (HKLM\...\PROSetDX) (Version: 20.0.10.0 - Intel)
Intel® Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.0.1016 - Intel Corporation)
Intel® Driver Update Utility (HKLM-x32\...\{8409c4f7-2340-4933-a304-5d37db4fb48b}) (Version: 2.0.0.29 - Intel)
Java 7 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217051FF}) (Version: 7.0.510 - Oracle)
Java 7 Update 65 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F06417065FF}) (Version: 7.0.650 - Oracle)
Java 8 Update 31 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418031F0}) (Version: 8.0.310 - Oracle Corporation)
Java SE Development Kit 8 Update 31 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180310}) (Version: 8.0.310.13 - Oracle Corporation)
Kodi (HKU\S-1-5-21-222771743-675066039-1018729164-1001\...\Kodi) (Version:  - XBMC-Foundation)
Last.fm Scrobbler 2.1.37 (HKLM-x32\...\LastFM_is1) (Version:  - Last.fm)
LastPass (uninstall only) (HKLM-x32\...\LastPass) (Version:  - LastPass)
Livestreamer 1.8.2 (HKLM-x32\...\Livestreamer) (Version:  - )
Logitech Gaming Software 8.78 (HKLM\...\Logitech Gaming Software) (Version: 8.78.129 - Logitech Inc.)
LOOT version 0.8.1 (HKLM-x32\...\{BF634210-A0D4-443F-A657-0DCE38040374}_is1) (Version: 0.8.1 - LOOT Team)
Malwarebytes Anti-Malware version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
MarketResearch (x32 Version: 140.0.299.000 - Hewlett-Packard) Hidden
MathType 6 (HKLM-x32\...\DSMT6) (Version: 6.9 - Design Science, Inc.)
MechWarrior Online (HKLM-x32\...\Steam App 342200) (Version:  - Piranha Games Inc.)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{42AA4CA8-DCD8-4308-BCAB-0B6D75856A9D}) (Version: 3.5.95.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{67F42018-F647-4D3C-BE62-F8CB4FE2FCD5}) (Version: 3.5.67.0 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUSR) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 (64-bit) (HKLM\...\Microsoft SQL Server 2008 R2) (Version:  - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Native Client (HKLM\...\{471AAD2C-9078-4DAC-BD43-FA10FB7C3FCE}) (Version: 10.51.2500.0 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Setup (English) (HKLM\...\{01078B88-2981-4F75-96B0-8B22E2D2DE03}) (Version: 10.51.2500.0 - Microsoft Corporation)
Microsoft SQL Server 2008 Setup Support Files  (HKLM\...\{B40EE88B-400A-4266-A17B-E3DE64E94431}) (Version: 10.1.2731.0 - Microsoft Corporation)
Microsoft SQL Server Browser (HKLM-x32\...\{BF9BF038-FE03-429D-9B26-2FA0FD756052}) (Version: 10.51.2500.0 - Microsoft Corporation)
Microsoft SQL Server VSS Writer (HKLM\...\{288D79EE-A2D1-42AF-9597-B0ADCC23A8ED}) (Version: 10.51.2500.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 3.1 (HKLM-x32\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation)
MiKTeX 2.9 (HKLM\...\MiKTeX 2.9) (Version: 2.9 - MiKTeX.org)
Minion (HKU\S-1-5-21-222771743-675066039-1018729164-1001\...\{Minion}}_is1) (Version: 2.0 - ZAM Network LLC)
Mozilla Firefox 43.0.4 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 43.0.4 (x86 en-US)) (Version: 43.0.4 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 43.0.4 - Mozilla)
MSI Afterburner 4.1.0 (HKLM-x32\...\Afterburner) (Version: 4.1.0 - MSI Co., LTD)
Music Manager (HKU\S-1-5-21-222771743-675066039-1018729164-1001\...\MusicManager) (Version:  - Google, Inc.)
MusicBrainz Picard (HKLM-x32\...\MusicBrainz Picard) (Version: 1.2 - MusicBrainz)
MyFreeCodec (HKU\S-1-5-21-222771743-675066039-1018729164-1001\...\MyFreeCodec) (Version:  - )
Network64 (Version: 140.0.306.000 - Hewlett-Packard) Hidden
Nexus Mod Manager (HKLM\...\6af12c54-643b-4752-87d0-8335503010de_is1) (Version: 0.61.0 - Black Tree Gaming)
NexusFont 2.5 (ver 2.5.5.1420) (HKLM-x32\...\{EFEDD205-43FE-4208-B682-0937E803E19E}_is1) (Version:  - xiles)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.8.3 - Notepad++ Team)
NVIDIA 3D Vision Controller Driver 352.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 352.65 - NVIDIA Corporation)
NVIDIA 3D Vision Driver 361.43 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 361.43 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.9.1.22 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.9.1.22 - NVIDIA Corporation)
NVIDIA Graphics Driver 361.43 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 361.43 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.34.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.4 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
OBS Multiplatform (HKLM-x32\...\OBS Multiplatform) (Version: 0.12.0 - OBS Project)
OCCT 4.4.0 (HKLM-x32\...\OCCT) (Version: 4.4.0 - Ocbase.com)
OCR Software by I.R.I.S. 14.0 (HKLM\...\HPOCR) (Version: 14.0 - HP)
Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version:  - )
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
Origin (HKLM-x32\...\Origin) (Version: 9.4.7.2799 - Electronic Arts, Inc.)
Outils de vérification linguistique 2013 de Microsoft Office - Français (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Overwatch (HKLM-x32\...\Overwatch) (Version:  - Blizzard Entertainment)
Pandora (HKLM-x32\...\com.pandora.desktop.E7C14276FFE9EEF0BC7DCE654C467D9A299EFD21.1) (Version: 2.0.8 - PANDORA MEDIA, INC.)
Pandora (x32 Version: 2.0.8 - PANDORA MEDIA, INC.) Hidden
PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
ph (x32 Version: 1.0.0 - Your Company Name) Hidden
Popcorn Time (HKLM-x32\...\Popcorn Time_is1) (Version: Beta 4.3 - Popcorn Time)
PS_AIO_02_ProductContext (x32 Version: 140.0.425.000 - Hewlett-Packard) Hidden
PS_AIO_02_Software (x32 Version: 140.0.425.000 - Hewlett-Packard) Hidden
PS_AIO_02_Software_Min (x32 Version: 140.0.425.000 - Hewlett-Packard) Hidden
Pushbullet version 312 (HKLM-x32\...\{7578F204-49E7-4830-B051-14C23F408BFE}_is1) (Version: 312 - Pushbullet Inc)
Python 3.2 pywin32-217 (HKLM-x32\...\pywin32-py3.2) (Version:  - )
Python 3.2.2 (HKLM-x32\...\{4CDE3168-D060-4b7c-BC74-4D8F9BB01AFD}) (Version: 3.2.2150 - Python Software Foundation)
qBittorrent 3.3.1 (HKLM-x32\...\qBittorrent) (Version: 3.3.1 - The qBittorrent project)
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.318 - Qualcomm Atheros Communications)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7541 - Realtek Semiconductor Corp.)
ReClock (HKLM-x32\...\ReClock) (Version:  - SlySoft, Inc.)
ROCCAT Power-Grid version 0.461 (HKLM-x32\...\{953CF6E6-4EC8-4E55-A263-720CEBD591FE}_is1) (Version: 0.461 - ROCCAT GmbH)
Scan (x32 Version: 140.0.253.000 - Hewlett-Packard) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{D82063A8-7C8C-4C3B-A9BB-95138CA55D26}) (Version:  - Microsoft)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (Version:  - Microsoft) Hidden
Service Pack 1 for SQL Server 2008 R2 (KB2528583) (64-bit) (HKLM\...\KB2528583) (Version: 10.51.2500.0 - Microsoft Corporation)
SHIELD Streaming (Version: 4.1.0260 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.9.1.22 - NVIDIA Corporation) Hidden
Simulationcraft(x64) version 6.2.3.01 (HKLM-x32\...\{AC025546-B7C5-45A7-B16A-80AE482CBB01}_is1) (Version: 6.2.3.01 - Simulationcraft)
SketchUp 2016 (HKLM\...\{D87EE6DC-32BA-4219-AC75-0A6FD54ED058}) (Version: 16.0.19912 - Trimble Navigation Limited)
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.5.0.9082 - Microsoft Corporation)
Skype™ 7.17 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.17.105 - Skype Technologies S.A.)
SmoothVideo Project version 3.1.6 (HKLM-x32\...\SmoothVideo Project_is1) (Version: 3.1.6 - SVP)
SolutionCenter (x32 Version: 140.0.299.000 - Hewlett-Packard) Hidden
Spotify (HKU\S-1-5-21-222771743-675066039-1018729164-1001\...\Spotify) (Version: 1.0.5.186.ga9c24d6a - Spotify AB)
SQL Server 2008 R2 SP1 Common Files (Version: 10.51.2500.0 - Microsoft Corporation) Hidden
SQL Server 2008 R2 SP1 Database Engine Services (Version: 10.51.2500.0 - Microsoft Corporation) Hidden
SQL Server 2008 R2 SP1 Database Engine Shared (Version: 10.51.2500.0 - Microsoft Corporation) Hidden
SQL Server 2008 R2 SP1 Full text search (Version: 10.51.2500.0 - Microsoft Corporation) Hidden
Sql Server Customer Experience Improvement Program (Version: 10.50.1600.1 - Microsoft Corporation) Hidden
Status (x32 Version: 140.0.342.000 - Hewlett-Packard) Hidden
Steam (HKLM-x32\...\Steam) (Version:  - Valve Corporation)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Syrinscape Fantasy Player 1.2.8.1 (HKLM-x32\...\Syrinscape Fantasy Player 1.0_is1) (Version:  - Syrinscape Pty Ltd)
Tag&Rename 3.8.2 (HKLM-x32\...\Tag&Rename_is1) (Version: 3.8.2 - Softpointer Inc)
TechPowerUp GPU-Z (HKLM-x32\...\TechPowerUp GPU-Z) (Version:  - TechPowerUp)
Texmaker (HKLM-x32\...\Texmaker) (Version:  - )
Toolbox (x32 Version: 140.0.596.000 - Hewlett-Packard) Hidden
TradeSkillMaster Application version 1.0 (HKLM-x32\...\{c44da794-b956-4d50-8733-346d56ae63c7}_is1) (Version: 1.0 - TradeSkillMaster)
Transistor (HKLM-x32\...\Steam App 237930) (Version:  - Supergiant Games)
TrayApp (x32 Version: 140.0.297.000 - Hewlett-Packard) Hidden
Unity Web Player (HKU\S-1-5-21-222771743-675066039-1018729164-1001\...\UnityWebPlayer) (Version: 4.5.2f1 - Unity Technologies ApS)
Update for Skype for Business 2015 (KB3039776) 64-Bit Edition (HKLM\...\{90150000-012B-0409-1000-0000000FF1CE}_Office15.PROPLUSR_{0FA8AE0C-69AE-4F60-A1AB-F79C6BA5A999}) (Version:  - Microsoft)
Update for Skype for Business 2015 (KB3114502) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{6F47687A-78E9-41B1-8587-ED0CC2677A2A}) (Version:  - Microsoft)
Update for Skype for Business 2015 (KB3114502) 64-Bit Edition (HKLM\...\{90150000-012B-0409-1000-0000000FF1CE}_Office15.PROPLUSR_{6F47687A-78E9-41B1-8587-ED0CC2677A2A}) (Version:  - Microsoft)
Update for Skype for Business 2015 (KB3114502) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{6F47687A-78E9-41B1-8587-ED0CC2677A2A}) (Version:  - Microsoft)
Ventrilo Client for Windows x64 (HKLM\...\{EEB3F6BB-318D-4CE5-989F-8191FCBFB578}) (Version: 3.0.8.0 - Flagship Industries, Inc.)
Virtual Audio Cable 4.14 (HKLM\...\Virtual Audio Cable 4.14) (Version:  - )
Visual C++ 64-bit Redistributables (HKLM-x32\...\InstallShield_{FB03650C-B373-4B20-ACA5-B7BA1A8EEE33}) (Version: 1.2.0.5555 - PACE Anti-Piracy, Inc.)
Visual C++ Redistributables (HKLM-x32\...\InstallShield_{F03117FA-9270-46B0-9666-0B4BC2CDEBF5}) (Version: 1.2.0.5555 - PACE Anti-Piracy, Inc.)
VLC media player 2.1.3 (HKLM-x32\...\VLC media player) (Version: 2.1.3 - VideoLAN)
Warcraft Logs Uploader (HKLM-x32\...\com.warcraft.logs) (Version: 3.64 - UNKNOWN)
Warcraft Logs Uploader (x32 Version: 3.64 - UNKNOWN) Hidden
WebReg (x32 Version: 140.0.297.017 - Hewlett-Packard) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version:  - Blizzard Entertainment)
XSplit Broadcaster (HKLM-x32\...\{D1AF3975-67FA-47C3-9B54-9FF4818B35F7}) (Version: 2.6.1510.2621 - SplitmediaLabs)
YNAB 4 version 4.3.729 (HKLM-x32\...\com.ynab.YNAB4.LiveCaptive_is1) (Version: 4.3.729 - YouNeedABudget.com)
You Need A Budget 4 Trial (YNAB) (HKLM-x32\...\Steam App 228240) (Version:  - YouNeedABudget.com)
 
==================== Custom CLSID (Whitelisted): ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
CustomCLSID: HKU\S-1-5-21-222771743-675066039-1018729164-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Matthew\AppData\Local\Microsoft\OneDrive\17.3.6281.1202_1\FileCoAuth.exe (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-222771743-675066039-1018729164-1001_Classes\CLSID\{CC182BE1-84CE-4A57-B85C-FD4BBDF78CB2}\InprocServer32 -> C:\Users\Matthew\AppData\Local\Google\Update\1.3.29.1\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-222771743-675066039-1018729164-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Matthew\AppData\Local\Google\Update\1.3.29.1\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-222771743-675066039-1018729164-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Matthew\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-222771743-675066039-1018729164-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Matthew\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-222771743-675066039-1018729164-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Matthew\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-222771743-675066039-1018729164-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Matthew\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-222771743-675066039-1018729164-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Matthew\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-222771743-675066039-1018729164-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Matthew\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-222771743-675066039-1018729164-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Matthew\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-222771743-675066039-1018729164-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Matthew\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
 
==================== Scheduled Tasks (Whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {067E9CD2-1E7D-4FCD-AAF9-493CBFB157CB} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {076A4DDC-B685-42BE-8926-CE3CD0C56884} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-12-28] (Adobe Systems Incorporated)
Task: {0C0B9CFA-907C-4199-B03F-6F462A41246E} - \Easy Driver Pro Schedule -> No File <==== ATTENTION
Task: {0CFE2E40-6A97-48C5-9F38-DE82315CF1B0} - System32\Tasks\Microsoft\Windows\UPnP\UPnPHostConfig => config upnphost start= auto
Task: {0FAC4174-A0D4-4A59-BE97-CAFD5240B1BF} - System32\Tasks\ASUS\ASUS AI Suite II Execute => C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe [2012-03-13] (ASUSTeK Computer Inc.)
Task: {11F623AA-B5D2-41B7-B2D1-D8A880127F0C} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation)
Task: {12B13FF7-222E-4BBF-83D7-3FCAC7B65D8F} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-222771743-675066039-1018729164-1001Core => C:\Users\Matthew\AppData\Local\Google\Update\GoogleUpdate.exe [2015-11-06] (Google Inc.)
Task: {18BE8EBA-2C25-411E-971A-B18F24A94AEB} - \IBUpd2 -> No File <==== ATTENTION
Task: {1B442153-B0DB-445D-83C8-9869EF074653} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {2FC339A1-DAF5-4712-8BFB-B9ACF335C1FC} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {47017147-95BD-43B9-A324-0C7818F220BE} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {4BD2F6B9-01A9-48F7-8648-AB8ED28EC6E8} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {5295DE87-48C5-4A39-A3AF-0E9915FC2A78} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {6429D9A2-14F2-4885-91B3-A271F5179943} - \DailyPCClean Schedule -> No File <==== ATTENTION
Task: {664781EC-2CA0-4216-B763-20B19EF74884} - System32\Tasks\{59A8E522-6207-4013-80C6-C46C17CA44D2} => pcalua.exe -a C:\Users\Matthew\AppData\Local\Akamai\uninstall.exe
Task: {66D17168-1C39-4A17-874D-09CEBA687361} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {776D8857-7645-4715-B26A-7B8F711D31D4} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {7C412665-EED6-4244-9F94-A7C6FEB12E6C} - \Inst_Rep -> No File <==== ATTENTION
Task: {808A4C2A-DB7E-452A-91DD-011DB6301107} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {8479757D-7AF8-46C6-89D8-972DE0D4562B} - \RSPro -> No File <==== ATTENTION
Task: {867FECC4-00F1-4106-9680-FA0CF727D667} - System32\Tasks\ASUS\USB 3.0 Boost Service => C:\Program Files (x86)\ASUS\AI Suite II\USB 3.0 Boost\U3BoostSvr.exe [2011-09-09] ()
Task: {86B3613B-C1C6-4B4F-8BF9-E0198E677E68} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {8C2A200D-D459-4EA3-9A82-53E2846CAD28} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {9BA4259E-13F5-4DE6-80C0-8A6DA387514B} - \SushiLeads -> No File <==== ATTENTION
Task: {ADE4667A-5EE2-4604-A06C-D813B542B4BC} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-222771743-675066039-1018729164-1001UA => C:\Users\Matthew\AppData\Local\Google\Update\GoogleUpdate.exe [2015-11-06] (Google Inc.)
Task: {B1FADD36-D5C2-406D-8BEC-719685FDE1D0} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-12-08] (Piriform Ltd)
Task: {BCF346B5-799C-40E5-8151-28B2569E579B} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {C8EF10A4-5717-4FE0-880F-51F7475DA9D0} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {D339069B-F8B3-433C-BA08-B3EFB57E18BE} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {D858A11E-8557-41D9-B2AC-21AB177E2877} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2016-01-13] (Microsoft Corporation)
Task: {E62BE0D1-523F-4890-9266-46D0FD8F1B42} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {F069E873-8EC6-48A6-AB85-CFF9BD9410D6} - System32\Tasks\ASUS\Easy Update => C:\Program Files (x86)\ASUS\AI Suite II\EasyUpdate\EzUpdt.exe [2013-01-14] ()
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-222771743-675066039-1018729164-1001Core.job => C:\Users\Matthew\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-222771743-675066039-1018729164-1001UA.job => C:\Users\Matthew\AppData\Local\Google\Update\GoogleUpdate.exe
 
==================== Shortcuts =============================
 
(The entries could be listed to be restored or removed.)
 
==================== Loaded Modules (Whitelisted) ==============
 
2015-10-30 01:17 - 2015-10-30 01:17 - 00028672 _____ () C:\WINDOWS\SYSTEM32\efsext.dll
2015-10-30 01:18 - 2015-10-30 01:18 - 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2015-12-13 11:10 - 2015-12-16 08:54 - 00126256 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2015-12-21 15:58 - 2016-01-11 22:43 - 00291264 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamBase.dll
2015-12-13 13:39 - 2015-11-22 04:47 - 02653816 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2013-11-21 22:24 - 2013-01-14 16:37 - 01406776 ____N () C:\Program Files (x86)\ASUS\AI Suite II\EasyUpdate\EzUpdt.exe
2015-12-13 13:39 - 2015-11-22 04:47 - 02653816 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2015-09-15 13:58 - 2015-09-15 13:58 - 08901184 _____ () C:\Program Files\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2015-04-15 14:13 - 2015-04-15 14:13 - 00222720 _____ () C:\Program Files (x86)\Notepad++\NppShell_06.dll
2016-01-12 23:17 - 2016-01-04 19:23 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2015-12-17 10:13 - 2015-12-17 10:13 - 00144384 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.12.15004.0_x86__8wekyb3d8bbwe\SkypeHost.exe
2015-12-17 16:35 - 2015-12-06 22:14 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll
2015-12-17 16:35 - 2015-12-06 22:00 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2016-01-12 23:17 - 2016-01-04 19:29 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-01-12 23:17 - 2016-01-04 19:24 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-01-12 23:17 - 2016-01-04 19:26 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2016-01-12 23:17 - 2016-01-04 19:24 - 00936960 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll
2013-11-21 22:24 - 2013-11-21 22:24 - 00920736 ____N () C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe
2015-03-06 18:07 - 2015-03-06 18:07 - 00908568 _____ () C:\Program Files\Logitech Gaming Software\libGLESv2.dll
2016-01-06 13:43 - 2016-01-06 13:43 - 01095448 _____ () C:\Program Files\Logitech Gaming Software\platforms\qwindows.dll
2015-03-06 18:07 - 2015-03-06 18:07 - 00060184 _____ () C:\Program Files\Logitech Gaming Software\libEGL.dll
2016-01-06 13:43 - 2016-01-06 13:43 - 00240408 _____ () C:\Program Files\Logitech Gaming Software\imageformats\qjpeg.dll
2013-11-21 22:24 - 2013-01-14 17:16 - 05771136 ____N () C:\Program Files (x86)\ASUS\AI Suite II\EasyUpdate\EzULIB.dll
2013-11-21 22:24 - 2010-06-21 15:21 - 00208896 ____N () C:\Program Files (x86)\ASUS\AI Suite II\EasyUpdate\ImageHelper.dll
2015-12-17 10:13 - 2015-12-17 10:13 - 00141312 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.12.15004.0_x86__8wekyb3d8bbwe\SkypeBackgroundTasks.dll
2015-12-17 10:13 - 2015-12-17 10:13 - 21845504 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.12.15004.0_x86__8wekyb3d8bbwe\SkyWrap.dll
2015-05-28 06:03 - 2016-01-11 22:43 - 00018880 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2013-11-21 22:24 - 2011-07-12 19:14 - 00147456 _____ () C:\Program Files (x86)\ASUS\AI Suite II\AssistFunc.dll
2013-11-21 22:24 - 2010-10-05 08:22 - 00253952 _____ () C:\Program Files (x86)\ASUS\AI Suite II\pngio.dll
2013-11-21 22:24 - 2012-10-08 17:07 - 00972288 _____ () C:\Program Files (x86)\ASUS\AI Suite II\BarGadget\BarGadget.dll
2013-11-21 22:24 - 2013-01-15 15:30 - 01040896 ____N () C:\Program Files (x86)\ASUS\AI Suite II\EasyUpdate\EasyUpdt.dll
2013-11-21 22:24 - 2013-04-15 14:19 - 00883712 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Sensor\Sensor.dll
2013-11-21 22:24 - 2012-05-28 21:27 - 01622528 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Sensor Graph\SensorGraph.dll
2013-11-21 22:24 - 2011-09-19 20:18 - 01243136 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Settings\Settings.dll
2013-11-21 22:24 - 2011-07-21 09:06 - 00846848 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Splitter\Splitter.dll
2013-11-21 22:24 - 2012-08-29 18:09 - 00875520 _____ () C:\Program Files (x86)\ASUS\AI Suite II\TabGadget\TabGadget.dll
2013-11-21 22:24 - 2013-11-21 22:23 - 00662016 _____ () C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMLib.dll
2013-11-21 22:24 - 2010-10-05 08:22 - 00208896 _____ () C:\Program Files (x86)\ASUS\AI Suite II\ImageHelper.dll
2013-11-21 22:24 - 2009-08-12 20:15 - 00253952 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\pngio.dll
2013-11-21 22:24 - 2016-01-14 22:45 - 00025600 _____ () C:\Program Files (x86)\ASUS\AXSP\1.00.19\PEbiosinterface32.dll
2013-11-21 22:24 - 2013-11-21 22:23 - 00104448 ____N () C:\Program Files (x86)\ASUS\AXSP\1.00.19\ATKEX.dll
2016-01-14 22:46 - 2016-01-14 22:46 - 00098816 _____ () C:\Users\Matthew\AppData\Local\Temp\_MEI91522\win32api.pyd
2016-01-14 22:46 - 2016-01-14 22:46 - 00110080 _____ () C:\Users\Matthew\AppData\Local\Temp\_MEI91522\pywintypes27.dll
2016-01-14 22:46 - 2016-01-14 22:46 - 00364544 _____ () C:\Users\Matthew\AppData\Local\Temp\_MEI91522\pythoncom27.dll
2016-01-14 22:46 - 2016-01-14 22:46 - 00046080 _____ () C:\Users\Matthew\AppData\Local\Temp\_MEI91522\_socket.pyd
2016-01-14 22:46 - 2016-01-14 22:46 - 01208320 _____ () C:\Users\Matthew\AppData\Local\Temp\_MEI91522\_ssl.pyd
2016-01-14 22:46 - 2016-01-14 22:46 - 00320512 _____ () C:\Users\Matthew\AppData\Local\Temp\_MEI91522\win32com.shell.shell.pyd
2016-01-14 22:46 - 2016-01-14 22:46 - 00776704 _____ () C:\Users\Matthew\AppData\Local\Temp\_MEI91522\_hashlib.pyd
2016-01-14 22:46 - 2016-01-14 22:46 - 01176576 _____ () C:\Users\Matthew\AppData\Local\Temp\_MEI91522\wx._core_.pyd
2016-01-14 22:46 - 2016-01-14 22:46 - 00806400 _____ () C:\Users\Matthew\AppData\Local\Temp\_MEI91522\wx._gdi_.pyd
2016-01-14 22:46 - 2016-01-14 22:46 - 00816128 _____ () C:\Users\Matthew\AppData\Local\Temp\_MEI91522\wx._windows_.pyd
2016-01-14 22:46 - 2016-01-14 22:46 - 01067008 _____ () C:\Users\Matthew\AppData\Local\Temp\_MEI91522\wx._controls_.pyd
2016-01-14 22:46 - 2016-01-14 22:46 - 00733184 _____ () C:\Users\Matthew\AppData\Local\Temp\_MEI91522\wx._misc_.pyd
2016-01-14 22:46 - 2016-01-14 22:46 - 00682496 _____ () C:\Users\Matthew\AppData\Local\Temp\_MEI91522\pysqlite2._sqlite.pyd
2016-01-14 22:46 - 2016-01-14 22:46 - 00088064 _____ () C:\Users\Matthew\AppData\Local\Temp\_MEI91522\_ctypes.pyd
2016-01-14 22:46 - 2016-01-14 22:46 - 00119808 _____ () C:\Users\Matthew\AppData\Local\Temp\_MEI91522\win32file.pyd
2016-01-14 22:46 - 2016-01-14 22:46 - 00108544 _____ () C:\Users\Matthew\AppData\Local\Temp\_MEI91522\win32security.pyd
2016-01-14 22:46 - 2016-01-14 22:46 - 00007168 _____ () C:\Users\Matthew\AppData\Local\Temp\_MEI91522\hashobjs_ext.pyd
2016-01-14 22:46 - 2016-01-14 22:46 - 00017920 _____ () C:\Users\Matthew\AppData\Local\Temp\_MEI91522\thumbnails_ext.pyd
2016-01-14 22:46 - 2016-01-14 22:46 - 00079360 _____ () C:\Users\Matthew\AppData\Local\Temp\_MEI91522\usb_ext.pyd
2016-01-14 22:46 - 2016-01-14 22:46 - 00167936 _____ () C:\Users\Matthew\AppData\Local\Temp\_MEI91522\win32gui.pyd
2016-01-14 22:46 - 2016-01-14 22:46 - 00018432 _____ () C:\Users\Matthew\AppData\Local\Temp\_MEI91522\win32event.pyd
2016-01-14 22:46 - 2016-01-14 22:46 - 00128512 _____ () C:\Users\Matthew\AppData\Local\Temp\_MEI91522\_elementtree.pyd
2016-01-14 22:46 - 2016-01-14 22:46 - 00127488 _____ () C:\Users\Matthew\AppData\Local\Temp\_MEI91522\pyexpat.pyd
2016-01-14 22:46 - 2016-01-14 22:46 - 00013824 _____ () C:\Users\Matthew\AppData\Local\Temp\_MEI91522\common.time34.pyd
2016-01-14 22:46 - 2016-01-14 22:46 - 00036864 _____ () C:\Users\Matthew\AppData\Local\Temp\_MEI91522\_psutil_windows.pyd
2016-01-14 22:46 - 2016-01-14 22:46 - 00038912 _____ () C:\Users\Matthew\AppData\Local\Temp\_MEI91522\win32inet.pyd
2016-01-14 22:46 - 2016-01-14 22:46 - 00525640 _____ () C:\Users\Matthew\AppData\Local\Temp\_MEI91522\windows._lib_cacheinvalidation.pyd
2016-01-14 22:46 - 2016-01-14 22:46 - 00011264 _____ () C:\Users\Matthew\AppData\Local\Temp\_MEI91522\win32crypt.pyd
2016-01-14 22:46 - 2016-01-14 22:46 - 00077312 _____ () C:\Users\Matthew\AppData\Local\Temp\_MEI91522\wx._html2.pyd
2016-01-14 22:46 - 2016-01-14 22:46 - 00027136 _____ () C:\Users\Matthew\AppData\Local\Temp\_MEI91522\_multiprocessing.pyd
2016-01-14 22:46 - 2016-01-14 22:46 - 00020480 _____ () C:\Users\Matthew\AppData\Local\Temp\_MEI91522\_yappi.pyd
2016-01-14 22:46 - 2016-01-14 22:46 - 00035840 _____ () C:\Users\Matthew\AppData\Local\Temp\_MEI91522\win32process.pyd
2016-01-14 22:46 - 2016-01-14 22:46 - 00686080 _____ () C:\Users\Matthew\AppData\Local\Temp\_MEI91522\unicodedata.pyd
2016-01-14 22:46 - 2016-01-14 22:46 - 00123392 _____ () C:\Users\Matthew\AppData\Local\Temp\_MEI91522\wx._wizard.pyd
2016-01-14 22:46 - 2016-01-14 22:46 - 00024064 _____ () C:\Users\Matthew\AppData\Local\Temp\_MEI91522\win32pipe.pyd
2016-01-14 22:46 - 2016-01-14 22:46 - 00010240 _____ () C:\Users\Matthew\AppData\Local\Temp\_MEI91522\select.pyd
2016-01-14 22:46 - 2016-01-14 22:46 - 00025600 _____ () C:\Users\Matthew\AppData\Local\Temp\_MEI91522\win32pdh.pyd
2016-01-14 22:46 - 2016-01-14 22:46 - 00017408 _____ () C:\Users\Matthew\AppData\Local\Temp\_MEI91522\win32profile.pyd
2016-01-14 22:46 - 2016-01-14 22:46 - 00022528 _____ () C:\Users\Matthew\AppData\Local\Temp\_MEI91522\win32ts.pyd
2016-01-14 22:46 - 2016-01-14 22:46 - 00078848 _____ () C:\Users\Matthew\AppData\Local\Temp\_MEI91522\wx._animate.pyd
2013-11-21 23:07 - 2015-12-14 23:54 - 00782336 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2015-01-31 14:03 - 2015-07-03 10:12 - 04962816 _____ () C:\Program Files (x86)\Steam\v8.dll
2014-05-24 21:43 - 2016-01-14 21:05 - 02546768 _____ () C:\Program Files (x86)\Steam\video.dll
2014-08-28 18:26 - 2015-09-23 18:33 - 02549248 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll
2014-08-28 18:26 - 2015-09-23 18:33 - 00491008 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll
2014-08-28 18:26 - 2015-09-23 18:33 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll
2014-08-28 18:26 - 2015-09-23 18:33 - 00442880 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll
2014-08-28 18:26 - 2015-09-23 18:33 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll
2015-01-31 14:03 - 2015-07-03 10:12 - 01187840 _____ () C:\Program Files (x86)\Steam\icuuc.dll
2015-01-31 14:03 - 2015-07-03 10:12 - 01556992 _____ () C:\Program Files (x86)\Steam\icui18n.dll
2013-11-21 23:07 - 2016-01-14 21:05 - 00802896 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2015-08-05 16:20 - 2015-12-29 19:51 - 00208896 _____ () C:\Program Files (x86)\Steam\bin\openvr_api.dll
2015-11-17 11:44 - 2015-11-17 11:44 - 00117248 _____ () C:\Users\Matthew\AppData\Local\Programs\Google\MusicManager\libaacdec.dll
2015-11-17 11:45 - 2015-11-17 11:45 - 00234496 _____ () C:\Users\Matthew\AppData\Local\Programs\Google\MusicManager\libmpgdec.dll
2015-11-17 11:45 - 2015-11-17 11:45 - 00253440 _____ () C:\Users\Matthew\AppData\Local\Programs\Google\MusicManager\libid3tag.dll
2015-11-17 11:44 - 2015-11-17 11:44 - 00344064 _____ () C:\Users\Matthew\AppData\Local\Programs\Google\MusicManager\libaudioenc.dll
2015-09-15 13:58 - 2015-09-15 13:58 - 08901184 _____ () C:\Program Files (x86)\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2016-01-13 19:08 - 2016-01-12 10:35 - 01590088 _____ () C:\Program Files (x86)\Google\Chrome\Application\47.0.2526.111\libglesv2.dll
2016-01-13 19:08 - 2016-01-12 10:35 - 00087880 _____ () C:\Program Files (x86)\Google\Chrome\Application\47.0.2526.111\libegl.dll
2013-11-21 23:07 - 2016-01-05 19:52 - 48387872 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll
2015-12-16 17:25 - 2015-12-16 17:25 - 26065408 _____ () G:\Battle.net\Battle.net.6526\libcef.dll
2015-12-16 17:25 - 2015-12-16 17:25 - 00739840 _____ () G:\Battle.net\Battle.net.6526\libGLESv2.dll
2015-12-16 17:25 - 2015-12-16 17:25 - 00293040 _____ () G:\Battle.net\Battle.net.6526\ortp.dll
2015-12-16 17:25 - 2015-12-16 17:25 - 00909312 _____ () G:\Battle.net\Battle.net.6526\platforms\qwindows.dll
2015-12-16 17:25 - 2015-12-16 17:25 - 00130048 _____ () G:\Battle.net\Battle.net.6526\libEGL.dll
2015-12-16 17:25 - 2015-12-16 17:25 - 00020992 _____ () G:\Battle.net\Battle.net.6526\imageformats\qgif.dll
2015-12-16 17:25 - 2015-12-16 17:25 - 00021504 _____ () G:\Battle.net\Battle.net.6526\imageformats\qico.dll
2015-12-16 17:25 - 2015-12-16 17:25 - 00205312 _____ () G:\Battle.net\Battle.net.6526\imageformats\qjpeg.dll
2015-12-16 17:25 - 2015-12-16 17:25 - 00225792 _____ () G:\Battle.net\Battle.net.6526\imageformats\qmng.dll
2015-12-16 17:25 - 2015-12-16 17:25 - 00015872 _____ () G:\Battle.net\Battle.net.6526\imageformats\qsvg.dll
2015-12-16 17:25 - 2015-12-16 17:25 - 00312832 _____ () G:\Battle.net\Battle.net.6526\imageformats\qtiff.dll
2015-12-16 17:25 - 2015-12-16 17:25 - 00010240 _____ () G:\Battle.net\Battle.net.6526\qml\QtQuick.2\qtquick2plugin.dll
2015-12-16 17:25 - 2015-12-16 17:25 - 00054272 _____ () G:\Battle.net\Battle.net.6526\qml\QtQuick\Layouts\qquicklayoutsplugin.dll
2015-12-16 17:25 - 2015-12-16 17:25 - 00010240 _____ () G:\Battle.net\Battle.net.6526\qml\QtQml\Models.2\modelsplugin.dll
2013-11-21 22:20 - 2013-08-08 13:23 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\ACE.dll
 
==================== Alternate Data Streams (Whitelisted) =========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 
AlternateDataStreams: C:\WINDOWS\system32\Drivers\sdfhgdf.sys:{714b5a11-b9dd-11e5-82fe-00268331ebee}
AlternateDataStreams: C:\WINDOWS\system32\Drivers\sdfhgdf.sys:{714b5a12-b9dd-11e5-82fe-00268331ebee}
AlternateDataStreams: C:\WINDOWS\system32\Drivers\sdfhgdf.sys:{714b5a13-b9dd-11e5-82fe-00268331ebee}
AlternateDataStreams: C:\WINDOWS\system32\Drivers\sdfhgdf.sys:{714b5a14-b9dd-11e5-82fe-00268331ebee}
AlternateDataStreams: C:\WINDOWS\system32\Drivers\sdfhgdf.sys:{714b5a15-b9dd-11e5-82fe-00268331ebee}
AlternateDataStreams: C:\WINDOWS\system32\Drivers\sdfhgdf.sys:{714b5a16-b9dd-11e5-82fe-00268331ebee}
AlternateDataStreams: C:\WINDOWS\system32\Drivers\sdfhgdf.sys:{b5783e3b-ba37-11e5-82ff-00268331ebee}
AlternateDataStreams: C:\WINDOWS\system32\Drivers\sdfhgdf.sys:{b5783e3d-ba37-11e5-82ff-00268331ebee}
AlternateDataStreams: C:\WINDOWS\system32\Drivers\sdfhgdf.sys:{b5783e3e-ba37-11e5-82ff-00268331ebee}
AlternateDataStreams: C:\WINDOWS\system32\Drivers\sdfhgdf.sys:{b5783e3f-ba37-11e5-82ff-00268331ebee}
AlternateDataStreams: C:\WINDOWS\system32\Drivers\sdfhgdf.sys:{b5783e40-ba37-11e5-82ff-00268331ebee}
AlternateDataStreams: C:\WINDOWS\system32\Drivers\sdfhgdf.sys:{b5783e41-ba37-11e5-82ff-00268331ebee}
AlternateDataStreams: C:\WINDOWS\system32\Drivers\sdfhgdf.sys:{b5783e9e-ba37-11e5-82ff-00268331ebee}
AlternateDataStreams: C:\WINDOWS\system32\Drivers\sdfhgdf.sys:{b5783e9f-ba37-11e5-82ff-00268331ebee}
AlternateDataStreams: C:\WINDOWS\system32\Drivers\sdfhgdf.sys:{b5783ea0-ba37-11e5-82ff-00268331ebee}
AlternateDataStreams: C:\WINDOWS\system32\Drivers\sdfhgdf.sys:{b5783ea1-ba37-11e5-82ff-00268331ebee}
AlternateDataStreams: C:\WINDOWS\system32\Drivers\sdfhgdf.sys:{b5783ea2-ba37-11e5-82ff-00268331ebee}
AlternateDataStreams: C:\WINDOWS\system32\Drivers\sdfhgdf.sys:{b5783ea3-ba37-11e5-82ff-00268331ebee}
AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxldtlfudivq`qsp`26hfm
AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxldtlfudivq`qsp`27hfm
AlternateDataStreams: C:\Users\Matthew\Cookies:mWO59TZMThho2u4lyKyuJHgDoe
 
==================== Safe Mode (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
 
==================== EXE Association (Whitelisted) ===============
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
 
 
==================== Internet Explorer trusted/restricted ===============
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com
IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com
IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com
IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com
IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com
IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com
IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com
IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com
 
There are 7866 more sites.
 
IE trusted site: HKU\S-1-5-21-222771743-675066039-1018729164-1001\...\dell.com -> dell.com
IE restricted site: HKU\S-1-5-21-222771743-675066039-1018729164-1001\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-222771743-675066039-1018729164-1001\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-222771743-675066039-1018729164-1001\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-222771743-675066039-1018729164-1001\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-222771743-675066039-1018729164-1001\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-222771743-675066039-1018729164-1001\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-222771743-675066039-1018729164-1001\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-222771743-675066039-1018729164-1001\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-222771743-675066039-1018729164-1001\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-222771743-675066039-1018729164-1001\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-222771743-675066039-1018729164-1001\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-222771743-675066039-1018729164-1001\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-222771743-675066039-1018729164-1001\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-222771743-675066039-1018729164-1001\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-222771743-675066039-1018729164-1001\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-222771743-675066039-1018729164-1001\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-222771743-675066039-1018729164-1001\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-222771743-675066039-1018729164-1001\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-222771743-675066039-1018729164-1001\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-222771743-675066039-1018729164-1001\...\123simsen.com -> www.123simsen.com
 
There are 7866 more sites.
 
 
==================== Hosts content: ==========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2013-08-22 07:25 - 2016-01-13 20:04 - 00451022 ____R C:\WINDOWS\system32\Drivers\etc\hosts
 
127.0.0.1 activate.adobe.com
127.0.0.1 practivate.adobe.com
127.0.0.1 lmlicenses.wip4.adobe.com
127.0.0.1 lm.licenses.adobe.com
127.0.0.1 down.baidu2016.com
127.0.0.1 123.sogou.com
127.0.0.1 www.czzsyzgm.com
127.0.0.1 www.czzsyzxl.com127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 1000gratisproben.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com
127.0.0.1 www.100sexlinks.com
127.0.0.1 100sexlinks.com
127.0.0.1 10sek.com
127.0.0.1 www.10sek.com
127.0.0.1 www.1-2005-search.com
 
There are 15470 more lines.
 
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-222771743-675066039-1018729164-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Matthew\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\amazing-planet-wallpaper.jpg
DNS Servers: 208.87.151.17 - 208.87.151.16
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
(Currently there is no automatic fix for this section.)
 
HKLM\...\StartupApproved\StartupFolder: => "vpngui.exe.lnk"
HKLM\...\StartupApproved\StartupFolder: => "HP Digital Imaging Monitor.lnk"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run32: => "Acrobat Assistant 8.0"
HKLM\...\StartupApproved\Run32: => "AdobeCS6ServiceManager"
HKLM\...\StartupApproved\Run32: => "Adobe ARM"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "ADSKAppManager"
HKLM\...\StartupApproved\Run32: => "ADSK DLMSession"
HKLM\...\StartupApproved\Run32: => "KiesTrayAgent"
HKLM\...\StartupApproved\Run32: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run32: => "HP Software Update"
HKU\S-1-5-21-222771743-675066039-1018729164-1001\...\StartupApproved\Run: => "uTorrent"
HKU\S-1-5-21-222771743-675066039-1018729164-1001\...\StartupApproved\Run: => "DellSystemDetect"
HKU\S-1-5-21-222771743-675066039-1018729164-1001\...\StartupApproved\Run: => "Skype"
HKU\S-1-5-21-222771743-675066039-1018729164-1001\...\StartupApproved\Run: => "HitBliss"
HKU\S-1-5-21-222771743-675066039-1018729164-1001\...\StartupApproved\Run: => "Akamai NetSession Interface"
HKU\S-1-5-21-222771743-675066039-1018729164-1001\...\StartupApproved\Run: => "Autodesk Sync"
HKU\S-1-5-21-222771743-675066039-1018729164-1001\...\StartupApproved\Run: => "KiesPreload"
HKU\S-1-5-21-222771743-675066039-1018729164-1001\...\StartupApproved\Run: => "EADM"
HKU\S-1-5-21-222771743-675066039-1018729164-1001\...\StartupApproved\Run: => "KiesAirMessage"
HKU\S-1-5-21-222771743-675066039-1018729164-1001\...\StartupApproved\Run: => "Spotify"
HKU\S-1-5-21-222771743-675066039-1018729164-1001\...\StartupApproved\Run: => "Spotify Web Helper"
 
==================== FirewallRules (Whitelisted) ===============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{DAA0A218-3DE5-49F3-A7EF-70A9AE5E17D9}] => (Allow) G:\Steam Games\SteamApps\common\Fallout 3 goty\FalloutLauncher.exe
FirewallRules: [{B43A92BD-2D52-415D-8F1D-E33DBE898D50}] => (Allow) G:\Steam Games\SteamApps\common\Fallout 3 goty\FalloutLauncher.exe
FirewallRules: [UDP Query User{DB4458DA-7AE0-4B6A-80FB-926F2219E73B}G:\overwatch\gameclientapp.exe] => (Allow) G:\overwatch\gameclientapp.exe
FirewallRules: [TCP Query User{9A7F426C-44A3-4C76-A976-9E10D923AE44}G:\overwatch\gameclientapp.exe] => (Allow) G:\overwatch\gameclientapp.exe
FirewallRules: [{02F256A6-4B95-40CF-B09C-EE0EA7FEF6F7}] => (Allow) C:\Program Files (x86)\Google\Chrome Remote Desktop\47.0.2526.18\remoting_host.exe
FirewallRules: [UDP Query User{ABF3AEFB-29D3-48FD-892E-A3665ACDF8B8}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe
FirewallRules: [TCP Query User{EB9F6233-C950-42B3-BCFF-7AC0C4574E46}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe
FirewallRules: [{C1E813D8-61A2-4831-A5B4-034296B29B99}] => (Allow) G:\Steam Games\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{7CA943B5-CABE-43F5-B6FD-AEF0A6B75A19}] => (Allow) G:\Steam Games\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [UDP Query User{00DB5DA6-C3C4-4C3C-9D50-18D58708D182}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe
FirewallRules: [TCP Query User{FB2C4C78-7B2E-4687-BAF5-42F4D98864EE}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe
FirewallRules: [{0AE9EA42-F469-4435-BB7F-0E190B6EC9C4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{CA3C8E03-1517-4D2B-AC92-A1E903846235}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{EF31A829-D514-48C1-95B2-69249ACE40DE}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{DB6A6030-018A-4A9C-A2A8-3D54155D4C0C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{D958FAC3-3B75-483A-9D99-19694B5C6DB8}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{398DA9EB-FB46-4100-97F9-75DB00DEECFC}] => (Allow) C:\Program Files (x86)\ASUS\AI Suite II\AI Suite II.exe
FirewallRules: [{4491594B-6D7D-471F-B9D1-4C118F89A602}] => (Allow) C:\Program Files (x86)\ASUS\AI Suite II\AI Suite II.exe
FirewallRules: [{5FFDB7AD-31D5-415A-B840-3B9CEF06C13C}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{EB99C0AD-6440-4ECA-B821-A9133CDA5C60}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{706A8E54-B33A-4D84-ABA2-67292D3BE755}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{42B9D6AF-65AC-41AC-BC7F-2AF8BC3395A6}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{60A5293D-E2C6-43F7-91E9-D25232B6DE7D}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{C61D4358-BE6A-4CE8-86F2-82B0FBAD7D5A}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [TCP Query User{7186813F-7F2C-44D1-A078-137314C59315}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{06BB5426-CE63-4FEF-8D11-78CFA748CE9B}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{4F1D6B72-2580-461C-A96F-89A0D2142619}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{C47838E6-58DA-47B4-9DCF-F8F9431FA24B}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{9FB95C96-2951-47F1-8F1A-FCA81824A516}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{F3C419DB-80D3-4E09-8AE5-737FC65A88F4}] => (Allow) G:\Battle.net\Battle.net.exe
FirewallRules: [{E6C58D8C-969E-4F12-907E-518065CDA3E9}] => (Allow) G:\Battle.net\Battle.net.exe
FirewallRules: [TCP Query User{BA88CCF4-7A03-4499-9EC4-E2926D2369F3}C:\users\matthew\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\matthew\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{15A0D1B7-DA72-48F2-BC8E-B8F76CC7C996}C:\users\matthew\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\matthew\appdata\roaming\spotify\spotify.exe
FirewallRules: [{3E3B6A50-AED4-4515-B5C9-717C5481E587}] => (Allow) G:\Steam Games\SteamApps\common\Grand Theft Auto IV\GTAIV\LaunchGTAIV.exe
FirewallRules: [{A342EF3E-7F7D-4F5E-A1DB-FF0D213895EA}] => (Allow) G:\Steam Games\SteamApps\common\Grand Theft Auto IV\GTAIV\LaunchGTAIV.exe
FirewallRules: [TCP Query User{4FD72816-3281-41F4-81D6-6983269D840C}G:\steam games\steamapps\common\grand theft auto iv\gtaiv\gtaiv.exe] => (Allow) G:\steam games\steamapps\common\grand theft auto iv\gtaiv\gtaiv.exe
FirewallRules: [UDP Query User{D503D6FA-240E-4F82-BEBA-4B4298668E3B}G:\steam games\steamapps\common\grand theft auto iv\gtaiv\gtaiv.exe] => (Allow) G:\steam games\steamapps\common\grand theft auto iv\gtaiv\gtaiv.exe
FirewallRules: [{15D1A49B-BB70-446B-B29C-10A6DF5D057E}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{E78379E3-982B-4800-BA0F-D665512C9E6F}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{90C4D3E0-274C-4E5E-BD62-1A7DFF0D847B}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
FirewallRules: [{B7DDA2D2-181F-4165-915B-021877B533B5}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
FirewallRules: [{E93E6C74-E5AE-4D7A-8DAC-EE3E0A7CA779}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpofxm08.exe
FirewallRules: [{1E1229C0-5821-47DD-8769-337FF3A24534}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposfx08.exe
FirewallRules: [{7F5836F5-DF9A-4467-9F3A-69F85835A863}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposid01.exe
FirewallRules: [{5ECB7FA5-715E-46AD-B101-B77F804B6FA6}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqkygrp.exe
FirewallRules: [{8066BD5F-89B3-4078-BF61-728B1FC91B6B}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcopy2.exe
FirewallRules: [{DF3FA123-C15D-4017-9E08-99223F9A4267}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpfccopy.exe
FirewallRules: [{84F86197-0B60-4D3E-A3C3-53F7C54E4478}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpzwiz01.exe
FirewallRules: [{27D419A5-F278-421B-8F48-3E424D796B03}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpoews01.exe
FirewallRules: [{11FE8295-291B-4521-84EF-631E17B06B88}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqnrs08.exe
FirewallRules: [{AEDA832D-0C59-47D5-8E9F-382182CA0AD0}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpiscnapp.exe
FirewallRules: [{1C4A345F-2F57-412C-8712-3547402BB322}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpofxs08.exe
FirewallRules: [{0D4FFA15-DB51-4902-8DAC-CC54CFA98BE4}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqfxt08.exe
FirewallRules: [{0281F412-C676-47C9-B5BA-CD597A7A8ABA}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgplgtupl.exe
FirewallRules: [{1A8AAFB7-848E-45A8-824D-213457024502}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
FirewallRules: [{C4A2E7DF-BADE-4A21-A2CA-AA10DBDD8DED}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgm.exe
FirewallRules: [{E72D62E5-79F1-4086-94FF-28CF626D4670}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgh.exe
FirewallRules: [{86A6E5D5-0AF7-440B-98BD-B428A6059575}] => (Allow) C:\Program Files (x86)\HP\hp software update\hpwucli.exe
FirewallRules: [{CABACBEC-B677-4669-8E46-E261CF29E4B5}] => (Allow) G:\Steam Games\SteamApps\common\YNAB 4 (Demo)\YNAB 4.exe
FirewallRules: [{022A2C0A-93F8-4099-8AB3-F1B63F8452C9}] => (Allow) G:\Steam Games\SteamApps\common\YNAB 4 (Demo)\YNAB 4.exe
FirewallRules: [TCP Query User{35639629-436E-4EE5-9F0B-A91AA3287336}C:\program files (x86)\musicbrainz picard\picard.exe] => (Allow) C:\program files (x86)\musicbrainz picard\picard.exe
FirewallRules: [UDP Query User{CCD25010-6DF4-4B42-9DD3-0937B6A6135D}C:\program files (x86)\musicbrainz picard\picard.exe] => (Allow) C:\program files (x86)\musicbrainz picard\picard.exe
FirewallRules: [TCP Query User{46FE696A-C015-4385-A5CA-8FED4036B4CF}C:\program files (x86)\musicbrainz picard\picard.exe] => (Allow) C:\program files (x86)\musicbrainz picard\picard.exe
FirewallRules: [UDP Query User{564B6BCA-7FC2-45BC-B958-D18D14ABF0EC}C:\program files (x86)\musicbrainz picard\picard.exe] => (Allow) C:\program files (x86)\musicbrainz picard\picard.exe
FirewallRules: [{47F95B43-6EF0-48BB-8E79-64A684C9F873}] => (Allow) C:\Windows\SysWOW64\muzapp.exe
FirewallRules: [{DF328356-762B-4773-B513-DD3BB0251ABD}] => (Allow) C:\Windows\SysWOW64\muzapp.exe
FirewallRules: [{7B742EFB-4E6A-4B0A-A41A-DDA6BD2628FD}] => (Allow) C:\Program Files (x86)\Popcorn Time\PopcornTimeDesktop.exe
FirewallRules: [{1E5610B3-9FDB-4856-A8B9-667924BE13FA}] => (Allow) C:\Program Files (x86)\Popcorn Time\PopcornTimeDesktop.exe
FirewallRules: [{8FBD1D89-7D28-4314-BFC9-54C5B0DD1407}] => (Allow) C:\Program Files (x86)\Popcorn Time\Updater.exe
FirewallRules: [{5B4F85B1-4E7D-468C-8C3D-A68B2BC16B76}] => (Allow) C:\Program Files (x86)\Popcorn Time\Updater.exe
FirewallRules: [{46F5EF09-CB90-4FFA-9150-6AABC06B423E}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{686C2452-8EA4-42AD-A23F-6D3D43061A7B}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{C7AE3DCF-3950-4218-BBCC-76A9A807FCBD}] => (Allow) C:\Program Files\Ventrilo\Ventrilo.exe
FirewallRules: [{2D949ADB-A8BC-4D6D-83A8-299B8CD9B004}] => (Allow) C:\Program Files\Ventrilo\Ventrilo.exe
FirewallRules: [{490E66F6-57B0-414D-9F13-539378D6A4EA}] => (Allow) G:\Steam Games\SteamApps\common\Transistor\x64\Transistor.exe
FirewallRules: [{86F204F7-5591-488F-8694-F06C49A8A619}] => (Allow) G:\Steam Games\SteamApps\common\Transistor\x64\Transistor.exe
FirewallRules: [TCP Query User{A7F2E116-4AF1-4AB3-A4E0-31E9E0842147}C:\program files (x86)\kodi\kodi.exe] => (Allow) C:\program files (x86)\kodi\kodi.exe
FirewallRules: [UDP Query User{E1FA3423-A3D2-4044-B447-0A4D2F14D9C9}C:\program files (x86)\kodi\kodi.exe] => (Allow) C:\program files (x86)\kodi\kodi.exe
FirewallRules: [{02EF0257-8FCE-4460-AC99-2B0AE24E784F}] => (Allow) E:\Steam Games\steamapps\common\MechWarrior Online\Bin64\MWOClient.exe
FirewallRules: [{F1CDE818-5A85-425D-9BCF-FDB83994991E}] => (Allow) E:\Steam Games\steamapps\common\MechWarrior Online\Bin64\MWOClient.exe
FirewallRules: [{620234AF-8720-4A5C-92FB-5541E80EA375}] => (Allow) C:\Program Files (x86)\qBittorrent\qbittorrent.exe
FirewallRules: [{C651FF0E-3603-4F27-B6B8-E4213149A974}] => (Allow) C:\Program Files (x86)\qBittorrent\qbittorrent.exe
FirewallRules: [{134A45CC-6F1E-47D1-8CD1-189DD82889D0}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{889DDC82-7B10-4D09-BDEA-CDE1BB9114AE}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{F7F6E174-EAFD-4E1E-AFED-0FC15C97430A}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
 
==================== Restore Points =========================
 
ATTENTION: System Restore is disabled
 
==================== Faulty Device Manager Devices =============
 
Name: 
Description: 
Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318}
Manufacturer: 
Service: 
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
 
Name: HP Photosmart C4380
Description: HP Photosmart C4380
Class Guid: {6bdd1fc6-810f-11d0-bec7-08002be2092f}
Manufacturer: Hewlett-Packard
Service: StillCam
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (01/14/2016 10:45:53 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: PHOENIX-PC)
Description: Activation of app Microsoft.XboxApp_8wekyb3d8bbwe!Microsoft.XboxApp failed with error: -2144927148 See the Microsoft-Windows-TWinUI/Operational log for additional information.
 
Error: (01/14/2016 10:33:44 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: PHOENIX-PC)
Description: Activation of app Microsoft.XboxApp_8wekyb3d8bbwe!Microsoft.XboxApp failed with error: -2144927148 See the Microsoft-Windows-TWinUI/Operational log for additional information.
 
Error: (01/14/2016 10:32:00 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: PHOENIX-PC)
Description: Activation of app Microsoft.XboxApp_8wekyb3d8bbwe!Microsoft.XboxApp failed with error: -2144927148 See the Microsoft-Windows-TWinUI/Operational log for additional information.
 
Error: (01/14/2016 09:51:04 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: PHOENIX-PC)
Description: Activation of app Microsoft.XboxApp_8wekyb3d8bbwe!Microsoft.XboxApp failed with error: -2144927148 See the Microsoft-Windows-TWinUI/Operational log for additional information.
 
Error: (01/14/2016 07:26:02 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: BITSC:\Windows\System32\bitsperf.dll8
 
Error: (01/14/2016 02:11:34 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: dwm.exe, version: 10.0.10586.0, time stamp: 0x5632d756
Faulting module name: combase.dll, version: 10.0.10586.0, time stamp: 0x5632d3ca
Exception code: 0xc0000005
Fault offset: 0x0000000000067e5c
Faulting process id: 0x1cc
Faulting application start time: 0xdwm.exe0
Faulting application path: dwm.exe1
Faulting module path: dwm.exe2
Report Id: dwm.exe3
Faulting package full name: dwm.exe4
Faulting package-relative application ID: dwm.exe5
 
Error: (01/13/2016 06:52:09 PM) (Source: COM) (EventID: 10031) (User: )
Description: {CDC82860-468D-4D4E-B7E7-C298FF23AB2C}
 
Error: (01/13/2016 06:52:09 PM) (Source: COM) (EventID: 10031) (User: )
Description: {CDC82860-468D-4D4E-B7E7-C298FF23AB2C}
 
Error: (01/13/2016 06:17:03 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program explorer.exe version 10.0.10586.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.
 
Process ID: 1b00
 
Start Time: 01d14e488aad6529
 
Termination Time: 0
 
Application Path: C:\Windows\explorer.exe
 
Report Id: 19be761f-ba54-11e5-8300-00268331ebee
 
Faulting package full name: 
 
Faulting package-relative application ID:
 
Error: (01/13/2016 05:37:50 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: MicrosoftEdge.exe, version: 11.0.10586.63, time stamp: 0x568b202a
Faulting module name: eModel.dll, version: 11.0.10586.63, time stamp: 0x568b1c63
Exception code: 0xc0000409
Fault offset: 0x000000000012bfdf
Faulting process id: 0x2518
Faulting application start time: 0xMicrosoftEdge.exe0
Faulting application path: MicrosoftEdge.exe1
Faulting module path: MicrosoftEdge.exe2
Report Id: MicrosoftEdge.exe3
Faulting package full name: MicrosoftEdge.exe4
Faulting package-relative application ID: MicrosoftEdge.exe5
 
 
System errors:
=============
Error: (01/14/2016 10:45:14 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The User Data Access_5cdb8 service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 10000 milliseconds: Restart the service.
 
Error: (01/14/2016 10:45:14 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The User Data Storage_5cdb8 service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 10000 milliseconds: Restart the service.
 
Error: (01/14/2016 10:45:14 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Contact Data_5cdb8 service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 10000 milliseconds: Restart the service.
 
Error: (01/14/2016 10:45:14 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Sync Host_5cdb8 service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 10000 milliseconds: Restart the service.
 
Error: (01/14/2016 10:45:14 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)UnavailableUnavailable
 
Error: (01/14/2016 10:33:03 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)UnavailableUnavailable
 
Error: (01/14/2016 10:31:21 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The User Data Access_6d00d service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 10000 milliseconds: Restart the service.
 
Error: (01/14/2016 10:31:21 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The User Data Storage_6d00d service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 10000 milliseconds: Restart the service.
 
Error: (01/14/2016 10:31:21 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Contact Data_6d00d service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 10000 milliseconds: Restart the service.
 
Error: (01/14/2016 10:31:21 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Sync Host_6d00d service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 10000 milliseconds: Restart the service.
 
 
CodeIntegrity:
===================================
  Date: 2016-01-14 23:13:01.609
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2016-01-14 23:13:01.605
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2016-01-14 23:05:18.158
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2016-01-14 23:05:18.152
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2016-01-14 23:05:05.047
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2016-01-14 23:05:05.042
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2016-01-14 21:45:36.528
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2016-01-14 21:45:36.524
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2016-01-14 21:45:36.519
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2016-01-14 21:45:36.357
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
 
==================== Memory info =========================== 
 
Processor: Intel® Core™ i7-3770K CPU @ 3.50GHz
Percentage of memory in use: 22%
Total physical RAM: 16351.13 MB
Available physical RAM: 12659.39 MB
Total Virtual: 18783.13 MB
Available Virtual: 14310.01 MB
 
==================== Drives ================================
 
Drive c: (Operating System) (Fixed) (Total:111.25 GB) (Free:32.46 GB) NTFS
Drive d: (Storage) (Fixed) (Total:931.51 GB) (Free:196.96 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive e: (Media Drive) (Fixed) (Total:119.24 GB) (Free:79.21 GB) NTFS
Drive f: (External Backup) (Fixed) (Total:232.88 GB) (Free:223.72 GB) NTFS
Drive g: (Games) (Fixed) (Total:119.24 GB) (Free:36.78 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 119.2 GB) (Disk ID: ED4C7E5C)
Partition 1: (Not Active) - (Size=119.2 GB) - (Type=07 NTFS)
 
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 111.8 GB) (Disk ID: 3E7E9CDE)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=111.3 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=450 MB) - (Type=27)
 
========================================================
Disk: 2 (MBR Code: Windows 7 or 8) (Size: 119.2 GB) (Disk ID: 291E7935)
Partition 1: (Not Active) - (Size=119.2 GB) - (Type=07 NTFS)
 
========================================================
Disk: 3 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 124B7E29)
Partition 1: (Active) - (Size=931.5 GB) - (Type=07 NTFS)
 
========================================================
Disk: 4 (Size: 232.9 GB) (Disk ID: 12345678)
Partition 1: (Active) - (Size=232.9 GB) - (Type=07 NTFS)
 
==================== End of Addition.txt ============================

Edited by Solarin_, 15 January 2016 - 06:03 PM.

  • 0

Advertisements


#2
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,007 posts
  • MVP
I don't usually work on Windows 10 (Some of my canned may not but since no one else has taken your case and I'm bored I'm going to see what I can do.  
 
Clear the Java Cache by following the instructions on
 
You do not have the latest Java.
First go into Control Panel,  Programs and Features (or whatever they call it in Win 10) and remove any old versions (which may call themselves: Java Runtime, Runtime Environment, Runtime, JRE, Java Virtual Machine, Virtual Machine, Java VM, JVM, VM, J2RE, J2SE)
I see:
Java 7 Update 51 
Java 7 Update 65 
Java 8 Update 31 
Java SE Development Kit 8 Update 31 
 
Java has been very vulnerable to infection so unless you absolutely need it you should not reinstall it.
 
If you feel you must have Java:
Get the latest Java at:
 
Uncheck the optional software before downloading.
 
Also uninstall
 
Skype Click to Call -  This will not hurt Skype.  It's just that stupid program that changes every random 10 digt number into a phone number you can call with Skype.
 
You might want to uninstall:
 
Chrome Remote Desktop Host 
 
unless you really use it as it could allow someone to control your PC remotely and do exactly what you describe.
 
At least change the password to something that's hard to guess.
 
I see some adware so let's use FRST to remove it along with some deadwood.
 
Download the attached fixlist.txt to the same location as FRST
 
[attachment=80069:fixlist.txt]
 
Run FRST and press Fix
A fix log will be generated please post that.  Run FRST again, check the Additions box and then Scan.  You will get two logs.  Post them both.
 
 
Sometimes what you describe can be caused by an overloaded CPU so let's see what is running:
 
Get Process Explorer
 
Save it to your desktop then run it (Vista or Win7 - right click and Run As Administrator).  
 
View, Select Column, check Verified Signer, OK
Options, Verify Image Signatures
 
 
Click twice on the CPU column header  to sort things by CPU usage with the big hitters at the top.  
 
Wait a full minute then:
 
File, Save As, Save.  Open the file Procexp.txt on your desktop and copy and paste the text to a reply.
 
 
 
 
 
 
 

  • 0






Similar Topics


Also tagged with one or more of these keywords: Malware, Removal, Send in the Reinforcements, Another set of eyes, Help, Oh God what have I done

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP