Thanks for your quick response jr0x. I am relieved that you are helping me.
Here is FRST.txt
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 10-07-2016 01
Ran by Mur (administrator) on MURRAY (11-07-2016 21:43:03)
Running from C:\Users\Mur\Desktop
Loaded Profiles: Mur & (Available Profiles: Mur & murra)
Platform: Windows 10 Home Version 1511 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SbieSvc.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(Intel Corporation) C:\Windows\SysWOW64\IntelCpHeciSvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(ASUS) C:\Program Files (x86)\ASUS\ASUS GIFTBOX Desktop\ASUSGiftBoxDesktop.exe
(Broadcom Corporation.) C:\Windows\System32\BtwRSupportService.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Intel Corporation) C:\Windows\SysWOW64\esif_uf.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.30.3\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.30.3\GoogleCrashHandler64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(Intel Corporation) C:\Windows\Temp\DPTF\esif_assist.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Windows\System32\igfxTray.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SbieCtrl.exe
(Savard Software) C:\Program Files (x86)\TurboTop\TurboTop.exe
() C:\Program Files\AutoHotkey\AutoHotkey.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
() C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe
(Microsoft Corporation) C:\Windows\System32\InstallAgent.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\Install\{FA27A75B-B263-4C9E-8F39-D1BE8ADDC7CB}\DropboxClient_6.4.14.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM-x32\...\Run: [WebStorage] => C:\Program Files (x86)\ASUS\WebStorage\2.2.4.537\ASUSWSLoader.exe [63272 2015-10-12] ()
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [24204648 2016-07-05] (Dropbox, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [596504 2016-04-01] (Oracle Corporation)
HKU\S-1-5-21-1587703405-337945311-2996229846-1001\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [23496872 2016-05-17] (Google)
HKU\S-1-5-21-1587703405-337945311-2996229846-1001\...\Run: [KeyboardIndicator] => C:\KeyboardIndicator_1.6.0.1\KeyboardIndicator_1.6.0.1\KeyboardIndicator.exe [267176 2015-10-16] (Roi Dayan)
HKU\S-1-5-21-1587703405-337945311-2996229846-1001\...\Run: [Google Update] => C:\Users\Mur\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2015-10-18] (Google Inc.)
HKU\S-1-5-21-1587703405-337945311-2996229846-1001\...\Run: [cdloader] => C:\Users\Mur\AppData\Roaming\mjusbsp\cdloader2.exe [51592 2014-07-04] (magicJack L.P.)
HKU\S-1-5-21-1587703405-337945311-2996229846-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [53123712 2016-05-17] (Skype Technologies S.A.)
HKU\S-1-5-21-1587703405-337945311-2996229846-1001\...\Run: [SandboxieControl] => C:\Program Files\Sandboxie\SbieCtrl.exe [797328 2016-06-14] (Sandboxie Holdings, LLC)
HKU\S-1-5-21-1587703405-337945311-2996229846-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [23496872 2016-05-17] (Google)
HKU\S-1-5-21-1587703405-337945311-2996229846-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [KeyboardIndicator] => C:\KeyboardIndicator_1.6.0.1\KeyboardIndicator_1.6.0.1\KeyboardIndicator.exe [267176 2015-10-16] (Roi Dayan)
HKU\S-1-5-21-1587703405-337945311-2996229846-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Google Update] => C:\Users\Mur\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2015-10-18] (Google Inc.)
HKU\S-1-5-21-1587703405-337945311-2996229846-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [cdloader] => C:\Users\Mur\AppData\Roaming\mjusbsp\cdloader2.exe [51592 2014-07-04] (magicJack L.P.)
HKU\S-1-5-21-1587703405-337945311-2996229846-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [53123712 2016-05-17] (Skype Technologies S.A.)
HKU\S-1-5-21-1587703405-337945311-2996229846-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [SandboxieControl] => C:\Program Files\Sandboxie\SbieCtrl.exe [797328 2016-06-14] (Sandboxie Holdings, LLC)
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-05-17] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-05-17] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-05-17] (Google)
ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-07-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-07-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-07-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-07-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-07-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-07-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-07-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-07-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7191} => C:\Program Files (x86)\Common Files\AWS\2.2.4.537\ASUSWSShellExt64.dll [2015-04-22] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D809} => C:\Program Files (x86)\Common Files\AWS\2.2.4.537\ASUSWSShellExt64.dll [2015-04-22] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_U] -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4E} => C:\Program Files (x86)\Common Files\AWS\2.2.4.537\ASUSWSShellExt64.dll [2015-04-22] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-07-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-07-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-07-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-07-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-07-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-07-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-07-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-07-05] (Dropbox, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\TurboTop.lnk [2015-10-04]
ShortcutTarget: TurboTop.lnk -> C:\Program Files (x86)\TurboTop\TurboTop.exe (Savard Software)
Startup: C:\Users\Mur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ctlaltshft=.ahk - Shortcut.lnk [2016-06-01]
ShortcutTarget: ctlaltshft=.ahk - Shortcut.lnk -> C:\Users\Mur\Desktop\Apps\ctlaltshft=.ahk ()
Startup: C:\Users\Mur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Send to OneNote.lnk [2016-05-13]
ShortcutTarget: Send to OneNote.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{27edbd0a-3e70-45a0-95e9-c77c587f8945}: [DhcpNameServer] 192.168.40.1
Tcpip\..\Interfaces\{87569a40-f120-4898-a4c4-da4e0aea77be}: [DhcpNameServer] 192.168.2.1
Internet Explorer:
==================
HKU\S-1-5-21-1587703405-337945311-2996229846-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/p/?LinkId=619797&pc=UE01&ocid=UE01DHP
HKU\S-1-5-21-1587703405-337945311-2996229846-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus13.msn.com/?pc=ASJB
HKU\S-1-5-21-1587703405-337945311-2996229846-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/en-ca/?pc=UE01&ocid=UE01DHP
HKU\S-1-5-21-1587703405-337945311-2996229846-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/p/?LinkId=619797&pc=UE01&ocid=UE01DHP
HKU\S-1-5-21-1587703405-337945311-2996229846-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus13.msn.com/?pc=ASJB
HKU\S-1-5-21-1587703405-337945311-2996229846-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/en-ca/?pc=UE01&ocid=UE01DHP
HKU\S-1-5-21-1587703405-337945311-2996229846-1010-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://asus13.msn.com/?pc=ASJB
HKU\S-1-5-21-1587703405-337945311-2996229846-1010-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus13.msn.com/?pc=ASJB
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?FORM=INCOH2&PC=IC05&PTAG=ICO-93e65235&q={searchTerms}
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?FORM=INCOH2&PC=IC05&PTAG=ICO-93e65235&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1587703405-337945311-2996229846-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?FORM=INCOH2&PC=IC05&PTAG=ICO-93e65235&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1587703405-337945311-2996229846-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?FORM=INCOH2&PC=IC05&PTAG=ICO-93e65235&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1587703405-337945311-2996229846-1001 -> {fcd9f10e-0daa-405f-bca0-0dd3f37c59d9} URL =
SearchScopes: HKU\S-1-5-21-1587703405-337945311-2996229846-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?FORM=INCOH2&PC=IC05&PTAG=ICO-93e65235&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1587703405-337945311-2996229846-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?FORM=INCOH2&PC=IC05&PTAG=ICO-93e65235&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1587703405-337945311-2996229846-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {fcd9f10e-0daa-405f-bca0-0dd3f37c59d9} URL =
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2016-06-10] (Microsoft Corporation)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-05-25] (Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2016-06-10] (Microsoft Corporation)
BHO-x32: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\ssv.dll [2016-04-27] (Oracle Corporation)
BHO-x32: Evernote extension -> {92EF2EAD-A7CE-4424-B0DB-499CF856608E} -> C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll [2015-01-29] (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-05-25] (Microsoft Corporation)
BHO-x32: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\jp2ssv.dll [2016-04-27] (Oracle Corporation)
DPF: HKLM-x32 {5AE58FCF-6F6A-49B2-B064-02492C66E3F4} hxxp://catalog.update.microsoft.com/v7/site/ClientControl/en/x86/MuCatalogWebControl.cab?1443660345667
DPF: HKLM-x32 {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} hxxps://akamaicdn.webex.com/client/WBXclient-T29L10NSP13EP50-10011/webex/ieatgpc1.cab
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-06-10] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-06-10] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-06-10] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-06-10] (Microsoft Corporation)
Handler: qvp - {4BA78E3D-CA25-4BFF-B8F0-8A3359E4B520} - C:\Program Files\QlikView\QvProtocol\qvp.dll [2016-03-09] (QlikTech International AB)
Handler-x32: qvp - {4BA78E3D-CA25-4BFF-B8F0-8A3359E4B520} - C:\Program Files (x86)\QlikView\QvProtocol\qvp.dll [2016-03-09] (QlikTech International AB)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-05-25] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-05-25] (Microsoft Corporation)
FireFox:
========
FF ProfilePath: C:\Users\Mur\AppData\Roaming\Mozilla\Firefox\Profiles\d6ex0fnt.default
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_22_0_0_192.dll [2016-06-16] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_22_0_0_192.dll [2016-06-16] ()
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2015-02-12] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2015-02-12] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2015-02-12] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2015-02-12] (Foxit Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-02-25] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-02-25] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\dtplugin\npDeployJava1.dll [2016-04-27] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\plugin2\npjp2.dll [2016-04-27] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2016-06-10] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-10] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-10] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-05-27] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1587703405-337945311-2996229846-1001: @citrixonline.com/appdetectorplugin -> C:\Users\Mur\AppData\Local\Citrix\Plugins\104\npappdetector.dll [2015-10-27] (Citrix Online)
FF Plugin HKU\S-1-5-21-1587703405-337945311-2996229846-1001: @talk.google.com/GoogleTalkPlugin -> C:\Users\Mur\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll [2015-12-08] (Google)
FF Plugin HKU\S-1-5-21-1587703405-337945311-2996229846-1001: @talk.google.com/O1DPlugin -> C:\Users\Mur\AppData\Roaming\Mozilla\plugins\npo1d.dll [2015-12-08] (Google)
FF Plugin HKU\S-1-5-21-1587703405-337945311-2996229846-1001: @tools.google.com/Google Update;version=3 -> C:\Users\Mur\AppData\Local\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-10] (Google Inc.)
FF Plugin HKU\S-1-5-21-1587703405-337945311-2996229846-1001: @tools.google.com/Google Update;version=9 -> C:\Users\Mur\AppData\Local\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-10] (Google Inc.)
FF Plugin HKU\S-1-5-21-1587703405-337945311-2996229846-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0: @citrixonline.com/appdetectorplugin -> C:\Users\Mur\AppData\Local\Citrix\Plugins\104\npappdetector.dll [2015-10-27] (Citrix Online)
FF Plugin HKU\S-1-5-21-1587703405-337945311-2996229846-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0: @talk.google.com/GoogleTalkPlugin -> C:\Users\Mur\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll [2015-12-08] (Google)
FF Plugin HKU\S-1-5-21-1587703405-337945311-2996229846-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0: @talk.google.com/O1DPlugin -> C:\Users\Mur\AppData\Roaming\Mozilla\plugins\npo1d.dll [2015-12-08] (Google)
FF Plugin HKU\S-1-5-21-1587703405-337945311-2996229846-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0: @tools.google.com/Google Update;version=3 -> C:\Users\Mur\AppData\Local\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-10] (Google Inc.)
FF Plugin HKU\S-1-5-21-1587703405-337945311-2996229846-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0: @tools.google.com/Google Update;version=9 -> C:\Users\Mur\AppData\Local\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-10] (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\Mur\AppData\Roaming\mozilla\plugins\npatgpc.dll [2015-10-02] (Cisco WebEx LLC)
FF Plugin ProgramFiles/Appdata: C:\Users\Mur\AppData\Roaming\mozilla\plugins\npgoogletalk.dll [2015-12-08] (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\Mur\AppData\Roaming\mozilla\plugins\npo1d.dll [2015-12-08] (Google)
FF SearchPlugin: C:\Users\Mur\AppData\Roaming\Mozilla\Firefox\Profiles\d6ex0fnt.default\searchplugins\McSiteAdvisor.xml [2015-11-22]
FF Extension: Español (AR) Language Pack - C:\Users\Mur\AppData\Roaming\Mozilla\Firefox\Profiles\d6ex0fnt.default\Extensions\[email protected] [2016-06-09]
FF Extension: Adblock Plus - C:\Users\Mur\AppData\Roaming\Mozilla\Firefox\Profiles\d6ex0fnt.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-04-28]
FF Extension: Skype - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2016-05-25]
Chrome:
=======
CHR Profile: C:\Users\Mur\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Mur\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-10-14]
CHR Extension: (Google Docs) - C:\Users\Mur\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-10-14]
CHR Extension: (Google Drive) - C:\Users\Mur\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-11-22]
CHR Extension: (YouTube) - C:\Users\Mur\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-14]
CHR Extension: (Google Search) - C:\Users\Mur\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-22]
CHR Extension: (Google Sheets) - C:\Users\Mur\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-10-14]
CHR Extension: (Text to Speech App) - C:\Users\Mur\AppData\Local\Google\Chrome\User Data\Default\Extensions\foboeiajimhaijdbfnknapkoiadkohio [2015-11-22]
CHR Extension: (Google Docs Offline) - C:\Users\Mur\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-26]
CHR Extension: (IE Tab) - C:\Users\Mur\AppData\Local\Google\Chrome\User Data\Default\Extensions\hehijbfgiekmjfkfjpbkbammjbdenadd [2016-06-11]
CHR Extension: (TTSReader - Unlimited Text-To-Speech) - C:\Users\Mur\AppData\Local\Google\Chrome\User Data\Default\Extensions\melfcogdhodeocnkdiplgdpkllopbhan [2016-01-13]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Mur\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-12]
CHR Extension: (Online speech recognition - Speech Pad) - C:\Users\Mur\AppData\Local\Google\Chrome\User Data\Default\Extensions\pehlbpmpoabkgenppepoaihkacolpdcf [2016-04-29]
CHR Extension: (Gmail) - C:\Users\Mur\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-10-14]
CHR Extension: (US English Female Text-to-speech (by Google)) - C:\Users\Mur\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkidpnnapnfgjhfhkpmjpbckkbaodldb [2015-11-22]
CHR HKU\S-1-5-21-1587703405-337945311-2996229846-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-1587703405-337945311-2996229846-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S4 Asus WebStorage Windows Service; C:\Program Files (x86)\ASUS\WebStorage\2.1.15.458\AsusWSWinService.exe [71168 2014-12-04] (ASUS Cloud Corporation) [File not signed]
R2 ASUSGiftBoxDekstop; C:\Program Files (x86)\ASUS\ASUS GIFTBOX Desktop\ASUSGIFTBOXDesktop.exe [315704 2015-07-20] (ASUS)
R2 BcmBtRSupport; C:\Windows\system32\BtwRSupportService.exe [2251992 2015-03-27] (Broadcom Corporation.)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1364096 2016-05-25] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1687680 2016-05-25] (Microsoft Corporation)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2944768 2016-06-10] (Microsoft Corporation)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-02-07] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-02-07] (Dropbox, Inc.)
R2 esifsvc; C:\Windows\SysWOW64\esif_uf.exe [1037568 2014-09-18] (Intel Corporation)
R2 igfxCUIService2.0.0.0; C:\Windows\system32\igfxCUIService.exe [351120 2015-07-18] (Intel Corporation)
S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [881152 2014-10-03] (Intel® Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [156960 2015-02-25] (Intel Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1514464 2016-03-10] (Malwarebytes)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1136608 2016-03-10] (Malwarebytes)
R2 SbieSvc; C:\Program Files\Sandboxie\SbieSvc.exe [197264 2016-06-14] (Sandboxie Holdings, LLC)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5702416 2015-09-11] (TeamViewer GmbH)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-10-30] (Microsoft Corporation)
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 ATP; C:\Windows\System32\drivers\AsusTP.sys [98296 2015-12-14] (ASUS Corporation)
R3 bcbtums; C:\Windows\system32\drivers\bcbtums.sys [173312 2015-03-27] (Broadcom Corporation.)
S3 BCM43XX; C:\Windows\system32\DRIVERS\bcmwl63a.sys [11758840 2016-05-25] (Broadcom Corp)
R3 BCMWL63A; C:\Windows\system32\DRIVERS\bcmwl63a.sys [11758840 2016-05-25] (Broadcom Corp)
R3 dptf_cpu; C:\Windows\System32\drivers\dptf_cpu.sys [38720 2014-09-18] (Intel Corporation)
R3 dptf_pch; C:\Windows\System32\drivers\dptf_pch.sys [38208 2014-09-18] (Intel Corporation)
R3 esif_lf; C:\Windows\System32\drivers\esif_lf.sys [216360 2014-09-18] (Intel Corporation)
R0 IntelHSWPcc; C:\Windows\System32\drivers\IntelPcc.sys [79016 2014-08-26] (Intel Corporation)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [27008 2016-03-10] (Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [192216 2016-07-11] (Malwarebytes)
R3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [65408 2016-03-10] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [129312 2015-02-25] (Intel Corporation)
S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [80920 2015-07-02] (McAfee, Inc.)
R0 pwdrvio; C:\Windows\System32\pwdrvio.sys [19152 2013-09-30] ()
S3 pwdspio; C:\WINDOWS\system32\pwdspio.sys [12504 2013-09-30] ()
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [895256 2015-07-07] (Realtek )
R3 RTSUER; C:\Windows\system32\Drivers\RtsUer.sys [410880 2015-07-01] (Realsil Semiconductor Corporation)
R3 SbieDrv; C:\Program Files\Sandboxie\SbieDrv.sys [204944 2016-06-14] (Sandboxie Holdings, LLC)
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-07-11 21:43 - 2016-07-11 21:44 - 00032355 _____ C:\Users\Mur\Desktop\FRST.txt
2016-07-11 21:42 - 2016-07-11 21:43 - 00000000 ____D C:\FRST
2016-07-11 21:42 - 2016-07-11 21:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2016-07-11 21:40 - 2016-07-11 21:42 - 02390528 _____ (Farbar) C:\Users\Mur\Desktop\FRST64.exe
2016-07-10 23:30 - 2016-07-10 23:30 - 00388608 _____ (Trend Micro Inc.) C:\Users\Mur\Downloads\HijackThis.exe
2016-07-10 20:50 - 2016-07-10 22:36 - 00000000 ____D C:\Users\Mur\AppData\Roaming\vlc
2016-07-10 20:50 - 2016-07-10 20:57 - 00001141 _____ C:\Users\Public\Desktop\VLC media player.lnk
2016-07-10 20:50 - 2016-07-10 20:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2016-07-10 20:50 - 2016-07-10 20:50 - 00000000 ____D C:\Program Files (x86)\VideoLAN
2016-07-10 20:44 - 2016-07-10 20:44 - 00001138 _____ C:\Users\Mur\Desktop\BestOffer EveryDay.lnk
2016-07-10 20:44 - 2016-07-10 20:44 - 00000000 ____D C:\Program Files (x86)\Opera
2016-07-10 20:10 - 2016-07-10 20:17 - 00000000 ____D C:\AdwCleaner
2016-07-10 20:10 - 2016-07-10 20:10 - 03712064 _____ C:\Users\Mur\Downloads\adwcleaner_5.201.exe
2016-07-10 20:00 - 2016-07-10 20:00 - 00459861 _____ C:\Users\Mur\Downloads\SmartCam_v1_4.exe
2016-07-10 19:46 - 2016-07-10 19:51 - 31196040 _____ (VideoLAN ) C:\Users\Mur\Downloads\vlc-2.2.3-win32.exe
2016-07-09 09:55 - 2016-07-09 09:57 - 00000000 ____D C:\Users\Mur\Desktop\tmp
2016-07-03 13:45 - 2016-07-03 13:50 - 00000000 ____D C:\Users\Mur\Documents\QlikExerciseData
2016-07-01 19:16 - 2016-07-02 13:30 - 00000187 _____ C:\Users\Mur\Desktop\StoreTableScript.txt
2016-07-01 12:43 - 2016-07-01 12:43 - 00001395 _____ C:\Users\Mur\Desktop\Qlik Sense Desktop.lnk
2016-07-01 12:43 - 2016-07-01 12:43 - 00000000 ____D C:\Users\Mur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Qlik Sense
2016-07-01 12:42 - 2016-07-01 12:42 - 00000000 ____D C:\Users\Mur\AppData\Local\Package Cache
2016-06-29 08:37 - 2016-07-06 12:43 - 00000000 ____D C:\Users\Mur\Documents\QlikSources
2016-06-29 08:13 - 2016-06-30 14:44 - 00000000 ____D C:\Users\Mur\Documents\QlikNotes
2016-06-28 17:01 - 2016-06-28 17:01 - 00000000 ____D C:\Users\Mur\Documents\QlikBackups
2016-06-28 07:57 - 2016-06-28 07:57 - 00000000 ____D C:\DataModel
2016-06-23 13:56 - 2016-06-23 13:56 - 00000000 ____D C:\Users\Mur\AppData\Roaming\Qlik
2016-06-23 13:14 - 2016-06-23 13:14 - 00000000 ____D C:\Program Files\Common Files\QlikTech
2016-06-23 13:14 - 2016-06-23 13:14 - 00000000 ____D C:\Program Files\Common Files\Qlik
2016-06-21 10:58 - 2016-06-21 10:58 - 00000939 _____ C:\Users\Mur\Desktop\Sandboxed Web Browser.lnk
2016-06-21 10:58 - 2016-06-21 10:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sandboxie
2016-06-21 10:53 - 2016-06-21 10:53 - 00000000 ____D C:\Users\Mur\Documents\Conferences
2016-06-20 17:28 - 2016-06-20 17:28 - 00026379 _____ C:\Users\Mur\Documents\Engro.pdf
2016-06-15 19:31 - 2016-06-16 18:04 - 00000000 ____D C:\Users\Mur\Desktop\Example
2016-06-15 09:10 - 2016-05-28 00:57 - 01594416 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2016-06-15 09:10 - 2016-05-28 00:57 - 01372312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2016-06-15 09:10 - 2016-05-28 00:29 - 00045568 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2016-06-15 09:10 - 2016-05-28 00:27 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosHostClient.dll
2016-06-15 09:10 - 2016-05-28 00:22 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapsBtSvc.dll
2016-06-15 09:10 - 2016-05-28 00:22 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosStorage.dll
2016-06-15 09:10 - 2016-05-28 00:19 - 24605696 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-06-15 09:10 - 2016-05-28 00:18 - 00460800 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2016-06-15 09:10 - 2016-05-28 00:15 - 01056256 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll
2016-06-15 09:10 - 2016-05-28 00:15 - 00853504 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2016-06-15 09:10 - 2016-05-28 00:14 - 00606208 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2016-06-15 09:10 - 2016-05-28 00:12 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll
2016-06-15 09:10 - 2016-05-28 00:11 - 00504320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2016-06-15 09:09 - 2016-05-28 02:13 - 01401024 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2016-06-15 09:09 - 2016-05-28 02:13 - 01184960 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2016-06-15 09:09 - 2016-05-28 02:13 - 00514752 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2016-06-15 09:09 - 2016-05-28 02:13 - 00290496 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2016-06-15 09:09 - 2016-05-28 02:13 - 00092352 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2016-06-15 09:09 - 2016-05-28 02:13 - 00046784 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2016-06-15 09:09 - 2016-05-28 01:25 - 04268880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setupapi.dll
2016-06-15 09:09 - 2016-05-28 01:23 - 00388384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ws2_32.dll
2016-06-15 09:09 - 2016-05-28 01:23 - 00312160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mswsock.dll
2016-06-15 09:09 - 2016-05-28 01:22 - 07474528 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-06-15 09:09 - 2016-05-28 01:22 - 04387680 _____ (Microsoft Corporation) C:\WINDOWS\system32\setupapi.dll
2016-06-15 09:09 - 2016-05-28 01:22 - 00428896 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2016-06-15 09:09 - 2016-05-28 01:22 - 00211296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tpm.sys
2016-06-15 09:09 - 2016-05-28 01:22 - 00118624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\partmgr.sys
2016-06-15 09:09 - 2016-05-28 01:20 - 00430312 _____ (Microsoft Corporation) C:\WINDOWS\system32\ws2_32.dll
2016-06-15 09:09 - 2016-05-28 01:18 - 00357216 _____ (Microsoft Corporation) C:\WINDOWS\system32\mswsock.dll
2016-06-15 09:09 - 2016-05-28 01:16 - 00026408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2016-06-15 09:09 - 2016-05-28 01:09 - 00501600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll
2016-06-15 09:09 - 2016-05-28 01:09 - 00170848 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkUXBroker.exe
2016-06-15 09:09 - 2016-05-28 01:09 - 00084832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupApi.dll
2016-06-15 09:09 - 2016-05-28 01:08 - 00693600 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll
2016-06-15 09:09 - 2016-05-28 01:08 - 00258912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ufx01000.sys
2016-06-15 09:09 - 2016-05-28 01:08 - 00115040 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupApi.dll
2016-06-15 09:09 - 2016-05-28 01:07 - 03675512 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2016-06-15 09:09 - 2016-05-28 01:07 - 02921880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2016-06-15 09:09 - 2016-05-28 01:07 - 01322248 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2016-06-15 09:09 - 2016-05-28 01:07 - 00957608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2016-06-15 09:09 - 2016-05-28 01:07 - 00808288 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2016-06-15 09:09 - 2016-05-28 01:07 - 00703840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2016-06-15 09:09 - 2016-05-28 01:07 - 00331616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2016-06-15 09:09 - 2016-05-28 01:06 - 22561256 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2016-06-15 09:09 - 2016-05-28 01:06 - 04074160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2016-06-15 09:09 - 2016-05-28 01:06 - 00730344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
2016-06-15 09:09 - 2016-05-28 01:06 - 00303216 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppHost.exe
2016-06-15 09:09 - 2016-05-28 01:06 - 00254656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppHost.exe
2016-06-15 09:09 - 2016-05-28 01:05 - 04515264 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2016-06-15 09:09 - 2016-05-28 01:04 - 00604928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2016-06-15 09:09 - 2016-05-28 01:04 - 00431296 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll
2016-06-15 09:09 - 2016-05-28 01:04 - 00360480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
2016-06-15 09:09 - 2016-05-28 01:04 - 00161632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2016-06-15 09:09 - 2016-05-28 01:04 - 00111064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptsslp.dll
2016-06-15 09:09 - 2016-05-28 01:04 - 00097096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptsslp.dll
2016-06-15 09:09 - 2016-05-28 01:03 - 00131248 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpapi.dll
2016-06-15 09:09 - 2016-05-28 00:58 - 01996640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2016-06-15 09:09 - 2016-05-28 00:58 - 00379232 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2016-06-15 09:09 - 2016-05-28 00:57 - 02548944 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
2016-06-15 09:09 - 2016-05-28 00:57 - 02195632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
2016-06-15 09:09 - 2016-05-28 00:57 - 00649792 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2016-06-15 09:09 - 2016-05-28 00:57 - 00636304 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2016-06-15 09:09 - 2016-05-28 00:57 - 00577376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2016-06-15 09:09 - 2016-05-28 00:57 - 00546456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2016-06-15 09:09 - 2016-05-28 00:57 - 00521664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2016-06-15 09:09 - 2016-05-28 00:57 - 00316256 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2016-06-15 09:09 - 2016-05-28 00:35 - 00123392 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdlrecover.exe
2016-06-15 09:09 - 2016-05-28 00:35 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsCSP.dll
2016-06-15 09:09 - 2016-05-28 00:35 - 00031744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsdport.sys
2016-06-15 09:09 - 2016-05-28 00:31 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdlrecover.exe
2016-06-15 09:09 - 2016-05-28 00:31 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2016-06-15 09:09 - 2016-05-28 00:31 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosHostClient.dll
2016-06-15 09:09 - 2016-05-28 00:29 - 22379008 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-06-15 09:09 - 2016-05-28 00:29 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\adhsvc.dll
2016-06-15 09:09 - 2016-05-28 00:29 - 00019456 _____ (Microsoft Corporation) C:\WINDOWS\system32\httpprxp.dll
2016-06-15 09:09 - 2016-05-28 00:28 - 00166400 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2016-06-15 09:09 - 2016-05-28 00:28 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2016-06-15 09:09 - 2016-05-28 00:28 - 00090112 _____ (Microsoft Corporation) C:\WINDOWS\system32\FwRemoteSvr.dll
2016-06-15 09:09 - 2016-05-28 00:27 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapsupdatetask.dll
2016-06-15 09:09 - 2016-05-28 00:26 - 00199168 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2016-06-15 09:09 - 2016-05-28 00:26 - 00157184 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcertinst.exe
2016-06-15 09:09 - 2016-05-28 00:26 - 00145920 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmclient.exe
2016-06-15 09:09 - 2016-05-28 00:26 - 00120320 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvc.dll
2016-06-15 09:09 - 2016-05-28 00:26 - 00074752 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosStorage.dll
2016-06-15 09:09 - 2016-05-28 00:25 - 00037376 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2016-06-15 09:09 - 2016-05-28 00:24 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2016-06-15 09:09 - 2016-05-28 00:24 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Ndu.sys
2016-06-15 09:09 - 2016-05-28 00:24 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2016-06-15 09:09 - 2016-05-28 00:24 - 00091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2016-06-15 09:09 - 2016-05-28 00:24 - 00086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppCapture.dll
2016-06-15 09:09 - 2016-05-28 00:24 - 00072704 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshost.dll
2016-06-15 09:09 - 2016-05-28 00:24 - 00067072 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcsvc6.dll
2016-06-15 09:09 - 2016-05-28 00:24 - 00053760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FwRemoteSvr.dll
2016-06-15 09:09 - 2016-05-28 00:23 - 00155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidclass.sys
2016-06-15 09:09 - 2016-05-28 00:23 - 00086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcsvc.dll
2016-06-15 09:09 - 2016-05-28 00:22 - 00406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2016-06-15 09:09 - 2016-05-28 00:22 - 00368640 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2016-06-15 09:09 - 2016-05-28 00:22 - 00278528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netbt.sys
2016-06-15 09:09 - 2016-05-28 00:22 - 00269824 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshostcore.dll
2016-06-15 09:09 - 2016-05-28 00:22 - 00163328 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringservice.dll
2016-06-15 09:09 - 2016-05-28 00:22 - 00161280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2016-06-15 09:09 - 2016-05-28 00:22 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptsvc.dll
2016-06-15 09:09 - 2016-05-28 00:21 - 00550912 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2016-06-15 09:09 - 2016-05-28 00:21 - 00239104 _____ (Microsoft Corporation) C:\WINDOWS\system32\BrokerLib.dll
2016-06-15 09:09 - 2016-05-28 00:21 - 00207360 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll
2016-06-15 09:09 - 2016-05-28 00:21 - 00190464 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscsvc.dll
2016-06-15 09:09 - 2016-05-28 00:20 - 00641536 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2016-06-15 09:09 - 2016-05-28 00:20 - 00511488 _____ (Microsoft Corporation) C:\WINDOWS\system32\newdev.dll
2016-06-15 09:09 - 2016-05-28 00:20 - 00332288 _____ (Microsoft Corporation) C:\WINDOWS\system32\polstore.dll
2016-06-15 09:09 - 2016-05-28 00:20 - 00267264 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore6.dll
2016-06-15 09:09 - 2016-05-28 00:20 - 00199168 _____ (Microsoft Corporation) C:\WINDOWS\system32\GnssAdapter.dll
2016-06-15 09:09 - 2016-05-28 00:20 - 00174080 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Privacy.dll
2016-06-15 09:09 - 2016-05-28 00:20 - 00057344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcsvc6.dll
2016-06-15 09:09 - 2016-05-28 00:19 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2016-06-15 09:09 - 2016-05-28 00:19 - 00567808 _____ (Microsoft Corporation) C:\WINDOWS\system32\MBMediaManager.dll
2016-06-15 09:09 - 2016-05-28 00:19 - 00414720 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe
2016-06-15 09:09 - 2016-05-28 00:19 - 00355840 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore.dll
2016-06-15 09:09 - 2016-05-28 00:19 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcsvc.dll
2016-06-15 09:09 - 2016-05-28 00:18 - 11545088 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2016-06-15 09:09 - 2016-05-28 00:18 - 07977472 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2016-06-15 09:09 - 2016-05-28 00:18 - 00610816 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll
2016-06-15 09:09 - 2016-05-28 00:18 - 00591360 _____ (Microsoft Corporation) C:\WINDOWS\system32\vpnike.dll
2016-06-15 09:09 - 2016-05-28 00:18 - 00392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\IPSECSVC.DLL
2016-06-15 09:09 - 2016-05-28 00:18 - 00380416 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemEventsBrokerServer.dll
2016-06-15 09:09 - 2016-05-28 00:18 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEEventDispatcher.dll
2016-06-15 09:09 - 2016-05-28 00:17 - 09918976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2016-06-15 09:09 - 2016-05-28 00:17 - 00963072 _____ (Microsoft Corporation) C:\WINDOWS\system32\iphlpsvc.dll
2016-06-15 09:09 - 2016-05-28 00:17 - 00630784 _____ (Microsoft Corporation) C:\WINDOWS\system32\MessagingDataModel2.dll
2016-06-15 09:09 - 2016-05-28 00:17 - 00485888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\newdev.dll
2016-06-15 09:09 - 2016-05-28 00:17 - 00415232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2016-06-15 09:09 - 2016-05-28 00:17 - 00315392 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXTaskFactory.dll
2016-06-15 09:09 - 2016-05-28 00:17 - 00278016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2016-06-15 09:09 - 2016-05-28 00:17 - 00173056 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmmigrator.dll
2016-06-15 09:09 - 2016-05-28 00:16 - 19344384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-06-15 09:09 - 2016-05-28 00:16 - 00690176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2016-06-15 09:09 - 2016-05-28 00:16 - 00684544 _____ (Microsoft Corporation) C:\WINDOWS\system32\StructuredQuery.dll
2016-06-15 09:09 - 2016-05-28 00:16 - 00592896 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppContracts.dll
2016-06-15 09:09 - 2016-05-28 00:16 - 00503808 _____ (Microsoft Corporation) C:\WINDOWS\system32\tileobjserver.dll
2016-06-15 09:09 - 2016-05-28 00:16 - 00406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2016-06-15 09:09 - 2016-05-28 00:16 - 00291328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\polstore.dll
2016-06-15 09:09 - 2016-05-28 00:16 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore6.dll
2016-06-15 09:09 - 2016-05-28 00:15 - 00794624 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2016-06-15 09:09 - 2016-05-28 00:15 - 00535040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastls.dll
2016-06-15 09:09 - 2016-05-28 00:15 - 00349696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
2016-06-15 09:09 - 2016-05-28 00:15 - 00293888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore.dll
2016-06-15 09:09 - 2016-05-28 00:15 - 00237056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2016-06-15 09:09 - 2016-05-28 00:14 - 18674176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2016-06-15 09:09 - 2016-05-28 00:14 - 01716736 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRHInproc.dll
2016-06-15 09:09 - 2016-05-28 00:14 - 00988160 _____ (Microsoft Corporation) C:\WINDOWS\system32\NMAA.dll
2016-06-15 09:09 - 2016-05-28 00:14 - 00965632 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2016-06-15 09:09 - 2016-05-28 00:14 - 00784384 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2016-06-15 09:09 - 2016-05-28 00:14 - 00499712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MessagingDataModel2.dll
2016-06-15 09:09 - 2016-05-28 00:14 - 00219136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEEventDispatcher.dll
2016-06-15 09:09 - 2016-05-28 00:14 - 00200192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2016-06-15 09:09 - 2016-05-28 00:13 - 01387520 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2016-06-15 09:09 - 2016-05-28 00:13 - 00990208 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
2016-06-15 09:09 - 2016-05-28 00:13 - 00982016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxPackaging.dll
2016-06-15 09:09 - 2016-05-28 00:13 - 00954368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2016-06-15 09:09 - 2016-05-28 00:13 - 00939520 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
2016-06-15 09:09 - 2016-05-28 00:13 - 00587776 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2016-06-15 09:09 - 2016-05-28 00:13 - 00467456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppContracts.dll
2016-06-15 09:09 - 2016-05-28 00:13 - 00084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BTHUSB.SYS
2016-06-15 09:09 - 2016-05-28 00:12 - 00614400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2016-06-15 09:09 - 2016-05-28 00:12 - 00521728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StructuredQuery.dll
2016-06-15 09:09 - 2016-05-28 00:11 - 01445888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRHInproc.dll
2016-06-15 09:09 - 2016-05-28 00:11 - 00890368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxPackaging.dll
2016-06-15 09:09 - 2016-05-28 00:11 - 00799744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll
2016-06-15 09:09 - 2016-05-28 00:11 - 00784896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NMAA.dll
2016-06-15 09:09 - 2016-05-28 00:11 - 00711680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlCore.dll
2016-06-15 09:09 - 2016-05-28 00:11 - 00687616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2016-06-15 09:09 - 2016-05-28 00:11 - 00128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\httpprxm.dll
2016-06-15 09:09 - 2016-05-28 00:09 - 01073152 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2016-06-15 09:09 - 2016-05-28 00:08 - 13385728 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-06-15 09:09 - 2016-05-28 00:08 - 06295552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2016-06-15 09:09 - 2016-05-28 00:06 - 12128256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-06-15 09:09 - 2016-05-28 00:06 - 07200256 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2016-06-15 09:09 - 2016-05-28 00:06 - 01339904 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpsvc.dll
2016-06-15 09:09 - 2016-05-28 00:05 - 03994624 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2016-06-15 09:09 - 2016-05-28 00:05 - 03664896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2016-06-15 09:09 - 2016-05-28 00:05 - 02582016 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2016-06-15 09:09 - 2016-05-28 00:05 - 01797120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2016-06-15 09:09 - 2016-05-28 00:04 - 06973952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2016-06-15 09:09 - 2016-05-28 00:04 - 00555520 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncController.dll
2016-06-15 09:09 - 2016-05-28 00:04 - 00450560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncController.dll
2016-06-15 09:09 - 2016-05-28 00:03 - 05323776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2016-06-15 09:09 - 2016-05-28 00:03 - 05205504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2016-06-15 09:09 - 2016-05-28 00:03 - 02609664 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2016-06-15 09:09 - 2016-05-28 00:03 - 01185280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LocationFramework.dll
2016-06-15 09:09 - 2016-05-28 00:03 - 00693760 _____ (Microsoft Corporation) C:\WINDOWS\system32\internetmail.dll
2016-06-15 09:09 - 2016-05-28 00:03 - 00417792 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2016-06-15 09:09 - 2016-05-28 00:02 - 03590144 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-06-15 09:09 - 2016-05-28 00:02 - 02061824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2016-06-15 09:09 - 2016-05-28 00:02 - 01534464 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationFramework.dll
2016-06-15 09:09 - 2016-05-28 00:02 - 00103424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
2016-06-15 09:09 - 2016-05-28 00:01 - 01799680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2016-06-15 09:09 - 2016-05-28 00:01 - 01582080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2016-06-15 09:09 - 2016-05-28 00:01 - 01500160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-06-15 09:09 - 2016-05-28 00:01 - 00111104 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2016-06-15 09:09 - 2016-05-28 00:00 - 05660160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2016-06-15 09:09 - 2016-05-28 00:00 - 03585536 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2016-06-15 09:09 - 2016-05-28 00:00 - 02635776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2016-06-15 09:09 - 2016-05-28 00:00 - 02230272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2016-06-15 09:09 - 2016-05-28 00:00 - 02168320 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2016-06-15 09:09 - 2016-05-28 00:00 - 01730560 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-06-15 09:09 - 2016-05-28 00:00 - 01707520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActiveSyncProvider.dll
2016-06-15 09:09 - 2016-05-28 00:00 - 00162816 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll
2016-06-15 09:09 - 2016-05-28 00:00 - 00151040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll
2016-06-15 09:09 - 2016-05-28 00:00 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
2016-06-15 09:09 - 2016-05-27 23:59 - 00176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2016-06-15 09:09 - 2016-05-27 23:58 - 07832576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-06-15 09:09 - 2016-05-27 23:58 - 04896256 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-06-15 09:09 - 2016-05-27 23:58 - 02755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-06-15 09:09 - 2016-05-27 23:58 - 02066432 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2016-06-15 09:09 - 2016-05-27 23:58 - 01996288 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncProvider.dll
2016-06-15 09:09 - 2016-05-27 23:57 - 02281472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2016-06-15 09:09 - 2016-05-27 23:55 - 01390080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2016-06-15 09:09 - 2016-05-27 23:53 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcpopkeysrv.dll
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-07-11 21:43 - 2015-10-30 03:24 - 00000000 ___HD C:\Program Files\WindowsApps
2016-07-11 21:43 - 2015-10-30 03:24 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-07-11 21:43 - 2015-09-29 20:13 - 00000000 ___RD C:\Users\Mur\Dropbox
2016-07-11 21:43 - 2015-06-20 14:33 - 00000000 ____D C:\Program Files (x86)\Dropbox
2016-07-11 21:40 - 2015-09-29 20:25 - 00000000 ___RD C:\Users\Mur\Google Drive
2016-07-11 21:40 - 2015-06-20 13:07 - 00004144 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{1B14A1C6-D023-46DA-9D51-CC8AC860FA41}
2016-07-11 21:39 - 2015-09-30 11:25 - 00000000 ____D C:\Users\Mur\AppData\Local\CrashDumps
2016-07-11 21:39 - 2015-06-20 13:26 - 00000000 ____D C:\Users\Mur\AppData\Roaming\Skype
2016-07-11 21:35 - 2016-04-08 09:42 - 00000000 ____D C:\ProgramData\ASUS Smart Gesture
2016-07-11 21:35 - 2015-06-20 13:01 - 00000125 _____ C:\Users\Mur\AppData\Roaming\sp_data.sys
2016-07-11 21:34 - 2015-11-29 04:57 - 00000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2016-07-11 21:34 - 2015-10-19 17:06 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2016-07-11 21:34 - 2015-09-29 20:20 - 00000916 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-07-11 21:34 - 2015-06-20 14:33 - 00000912 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job
2016-07-11 21:34 - 2015-06-20 12:59 - 00000000 __SHD C:\Users\Mur\IntelGraphicsProfiles
2016-07-11 12:19 - 2016-05-12 12:00 - 00003550 _____ C:\WINDOWS\System32\Tasks\ASUS Live Update1
2016-07-11 12:19 - 2015-06-20 13:16 - 00003540 _____ C:\WINDOWS\System32\Tasks\ASUS Live Update2
2016-07-11 12:16 - 2015-10-18 13:50 - 00000914 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1587703405-337945311-2996229846-1001UA.job
2016-07-10 23:49 - 2015-10-16 10:15 - 00000000 ____D C:\tmp
2016-07-10 23:48 - 2015-11-13 18:52 - 00000830 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2016-07-10 23:45 - 2015-10-27 14:55 - 00000564 _____ C:\WINDOWS\Tasks\G2MUpdateTask-S-1-5-21-1587703405-337945311-2996229846-1001.job
2016-07-10 23:45 - 2015-09-29 20:20 - 00000920 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-07-10 23:30 - 2015-06-20 14:33 - 00000916 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job
2016-07-10 23:19 - 2015-10-27 14:55 - 00000660 _____ C:\WINDOWS\Tasks\G2MUploadTask-S-1-5-21-1587703405-337945311-2996229846-1001.job
2016-07-10 20:19 - 2015-11-29 05:14 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-07-10 20:18 - 2015-10-30 02:28 - 00524288 ___SH C:\WINDOWS\system32\config\BBI
2016-07-10 19:41 - 2015-10-30 03:21 - 00000000 ____D C:\WINDOWS\INF
2016-07-10 19:41 - 2015-10-05 16:18 - 00879220 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-07-10 18:16 - 2015-10-18 13:50 - 00000862 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1587703405-337945311-2996229846-1001Core.job
2016-07-09 09:50 - 2015-06-20 13:00 - 00000000 ____D C:\Users\Mur\AppData\Local\Packages
2016-07-06 20:39 - 2015-10-26 11:13 - 00485032 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2016-07-06 12:31 - 2016-02-15 00:03 - 00001644 _____ C:\WINDOWS\Sandboxie.ini
2016-07-05 18:16 - 2015-09-30 21:18 - 00000000 ____D C:\Users\Mur\Documents\Hardware
2016-07-05 18:15 - 2015-10-07 19:10 - 00000000 ____D C:\Users\Mur\AppData\Roaming\Foxit Scanner Images
2016-07-05 18:13 - 2015-10-29 07:40 - 00000000 ____D C:\Users\Mur\AppData\Local\Foxit PhantomPDF
2016-07-03 14:30 - 2015-09-29 20:48 - 00000484 _____ C:\WINDOWS\ODBC.INI
2016-07-02 09:14 - 2015-10-27 14:55 - 00003806 _____ C:\WINDOWS\System32\Tasks\G2MUploadTask-S-1-5-21-1587703405-337945311-2996229846-1001
2016-07-02 09:14 - 2015-10-27 14:55 - 00003710 _____ C:\WINDOWS\System32\Tasks\G2MUpdateTask-S-1-5-21-1587703405-337945311-2996229846-1001
2016-07-01 12:43 - 2015-12-30 17:09 - 00000000 ____D C:\Users\Mur\Documents\Qlik
2016-07-01 09:53 - 2015-06-20 14:15 - 00000000 ____D C:\Users\Mur\AppData\Roaming\FileZilla
2016-06-30 19:51 - 2015-06-20 14:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client
2016-06-30 19:51 - 2015-06-20 14:15 - 00000000 ____D C:\Program Files\FileZilla FTP Client
2016-06-29 17:33 - 2015-11-23 10:03 - 00000000 ____D C:\Users\Mur\AppData\Roaming\TeamViewer
2016-06-28 16:53 - 2016-04-27 16:49 - 00000000 ____D C:\Users\Mur\Documents\Software
2016-06-28 14:57 - 2015-11-25 10:00 - 00000000 ____D C:\sqldeveloper
2016-06-28 11:33 - 2015-10-02 08:23 - 00000000 ____D C:\Users\Mur\AppData\LocalLow\WebEx
2016-06-24 15:32 - 2015-12-26 16:49 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2016-06-24 15:32 - 2015-12-26 16:49 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2016-06-24 15:28 - 2015-10-30 03:24 - 00000000 ____D C:\WINDOWS\system32\NDF
2016-06-23 18:44 - 2015-12-26 16:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2016-06-23 13:16 - 2015-12-27 14:30 - 00000000 ____D C:\ProgramData\Qlik
2016-06-23 13:14 - 2016-03-22 15:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QlikView
2016-06-21 20:55 - 2015-10-30 03:24 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-06-21 20:53 - 2015-04-10 06:36 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2016-06-21 11:08 - 2015-10-03 05:47 - 00000000 ____D C:\Users\Mur\Documents\Mesh
2016-06-21 10:58 - 2016-02-15 00:02 - 00000000 ____D C:\Program Files\Sandboxie
2016-06-18 16:40 - 2015-10-30 03:24 - 00000000 ____D C:\WINDOWS\rescache
2016-06-17 20:00 - 2015-11-29 05:01 - 00000000 ____D C:\Users\Mur
2016-06-17 14:46 - 2015-10-14 15:32 - 00002274 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-06-16 21:48 - 2015-11-13 18:52 - 00003816 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2016-06-16 21:47 - 2016-05-26 06:53 - 00000000 ____D C:\Users\Mur\Documents\Course
2016-06-16 19:59 - 2015-10-30 03:11 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-06-16 19:11 - 2015-09-10 01:42 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-06-16 19:09 - 2015-11-29 04:53 - 00333088 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-06-16 19:09 - 2015-09-30 21:41 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-06-16 18:08 - 2015-10-30 03:24 - 00000000 ___SD C:\WINDOWS\system32\DiagSvcs
2016-06-16 18:08 - 2015-10-30 03:24 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2016-06-16 18:08 - 2015-10-30 03:24 - 00000000 ____D C:\WINDOWS\bcastdvr
2016-06-15 18:19 - 2015-09-29 21:39 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-06-15 18:15 - 2015-09-29 21:39 - 142482544 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-06-14 14:33 - 2015-10-30 03:26 - 00828408 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-06-14 14:33 - 2015-10-30 03:26 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2016-06-12 11:37 - 2016-05-19 16:17 - 00000000 ____D C:\Users\murra\AppData\Local\Packages
2016-06-12 11:36 - 2016-05-19 16:26 - 00000000 ___RD C:\Users\murra\Dropbox
2016-06-12 11:36 - 2016-05-19 16:17 - 00000125 _____ C:\Users\murra\AppData\Roaming\sp_data.sys
2016-06-12 11:36 - 2016-05-19 16:17 - 00000000 __SHD C:\Users\murra\IntelGraphicsProfiles
2016-06-11 10:06 - 2015-12-04 07:54 - 00000000 ____D C:\Users\Mur\AppData\Local\IE Tab
==================== Files in the root of some directories =======
2015-06-20 13:01 - 2016-07-11 21:35 - 0000125 _____ () C:\Users\Mur\AppData\Roaming\sp_data.sys
2015-10-05 06:19 - 2016-05-16 13:07 - 0000600 _____ () C:\Users\Mur\AppData\Roaming\winscp.rnd
2015-10-05 06:39 - 2015-12-17 12:52 - 0000600 _____ () C:\Users\Mur\AppData\Local\PUTTY.RND
2016-05-14 15:12 - 2016-05-14 15:12 - 0007604 _____ () C:\Users\Mur\AppData\Local\Resmon.ResmonCfg
2015-11-29 04:56 - 2015-11-29 04:56 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2015-04-10 06:45 - 2012-09-07 07:40 - 0000256 _____ () C:\ProgramData\SetStretch.cmd
2015-04-10 06:45 - 2009-07-22 06:04 - 0024576 _____ () C:\ProgramData\SetStretch.exe
2015-04-10 06:45 - 2012-09-07 07:37 - 0000103 _____ () C:\ProgramData\SetStretch.VBS
Some files in TEMP:
====================
C:\Users\Mur\AppData\Local\Temp\cygiconv-2.dll
C:\Users\Mur\AppData\Local\Temp\cygintl-8.dll
C:\Users\Mur\AppData\Local\Temp\cygwin1.dll
C:\Users\Mur\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmptx7wu2.dll
C:\Users\Mur\AppData\Local\Temp\jre-8u71-windows-au.exe
C:\Users\Mur\AppData\Local\Temp\jre-8u73-windows-au.exe
C:\Users\Mur\AppData\Local\Temp\jre-8u77-windows-au.exe
C:\Users\Mur\AppData\Local\Temp\jre-8u91-windows-au.exe
C:\Users\Mur\AppData\Local\Temp\libeay32.dll
C:\Users\Mur\AppData\Local\Temp\md5sum.exe
C:\Users\Mur\AppData\Local\Temp\msvcr120.dll
C:\Users\Mur\AppData\Local\Temp\npp.6.9.1.Installer.exe
C:\Users\Mur\AppData\Local\Temp\npp.6.9.2.Installer.exe
C:\Users\Mur\AppData\Local\Temp\SandboxieInstall.exe
C:\Users\Mur\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Mur\AppData\Local\Temp\sqlite3.dll
C:\Users\Mur\AppData\Local\Temp\vlc-2.2.4-win32.exe
C:\Users\Mur\AppData\Local\Temp\xmlUpdater.exe
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2016-07-04 10:08
==================== End of FRST.txt ============================
Here is Addition.txt
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 10-07-2016 01
Ran by Mur (2016-07-11 21:44:45)
Running from C:\Users\Mur\Desktop
Windows 10 Home Version 1511 (X64) (2015-11-29 09:19:59)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-1587703405-337945311-2996229846-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1587703405-337945311-2996229846-503 - Limited - Disabled)
Guest (S-1-5-21-1587703405-337945311-2996229846-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1587703405-337945311-2996229846-1005 - Limited - Enabled)
Mur (S-1-5-21-1587703405-337945311-2996229846-1001 - Administrator - Enabled) => C:\Users\Mur
murra (S-1-5-21-1587703405-337945311-2996229846-1010 - Limited - Enabled) => C:\Users\murra
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
7-Zip 15.12 (x64) (HKLM\...\7-Zip) (Version: 15.12 - Igor Pavlov)
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 15.016.20045 - Adobe Systems Incorporated)
Adobe Flash Player 22 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 22.0.0.192 - Adobe Systems Incorporated)
ASUS GIFTBOX Desktop (HKLM-x32\...\{4701E5AB-AF91-4D40-8F18-358CC80E4E5B}) (Version: 1.1.6 - ASUS)
ASUS Live Update (HKLM-x32\...\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}) (Version: 3.4.1 - ASUS)
ASUS Screen Saver (HKLM-x32\...\{0FBEEDF8-30FA-4FA3-B31F-C9C7E7E8DFA2}) (Version: 2.1.0 - ASUS)
ASUS Smart Gesture (HKLM-x32\...\{4D3286A6-F6AB-498A-82A4-E4F040529F3D}) (Version: 4.0.12 - ASUS)
ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 3.03.0006 - ASUS)
ASUS USB Charger Plus (HKLM-x32\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 4.0.2 - ASUS)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0037 - ASUS)
Audacity 2.1.1 (HKLM-x32\...\Audacity®_is1) (Version: 2.1.1 - Audacity Team)
AudioWizard (HKLM-x32\...\{57E770A2-2BAF-4CAA-BAA3-BD896E2254D3}) (Version: 1.0.0.57 - ICEpower a/s)
AutoHotkey 1.1.22.07 (HKLM\...\AutoHotkey) (Version: 1.1.22.07 - Lexikos)
Broadcom 802.11 Network Adapter (HKLM\...\Broadcom 802.11 Network Adapter) (Version: 7.35.333.0 - Broadcom Corporation)
Canon MX320 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX320_series) (Version: - )
Cisco WebEx Meetings (HKU\S-1-5-21-1587703405-337945311-2996229846-1001\...\ActiveTouchMeetingClient) (Version: - Cisco WebEx LLC)
Cisco WebEx Meetings (HKU\S-1-5-21-1587703405-337945311-2996229846-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\ActiveTouchMeetingClient) (Version: - Cisco WebEx LLC)
Citrix Online Launcher (HKLM-x32\...\{E5F6D26D-E180-4547-A865-565EAB61000C}) (Version: 1.0.362 - Citrix)
December 8, 2014 (HKLM-x32\...\OpenStat_is1) (Version: - William Miller)
Device Setup (HKLM-x32\...\{1F07F2C7-596F-4F34-B805-2C61A3E50E5A}) (Version: 1.0.20 - ASUSTek Computer Inc.)
Dropbox (HKLM-x32\...\Dropbox) (Version: 6.4.14 - Dropbox, Inc.)
Dropbox Update Helper (x32 Version: 1.3.27.77 - Dropbox, Inc.) Hidden
Evernote v. 5.8.3 (HKLM-x32\...\{404B3FB8-A820-11E4-83FC-00163E98E7D6}) (Version: 5.8.3.6507 - Evernote Corp.)
EXAKT (HKLM-x32\...\{4D49FDFF-E53E-4A8D-8D25-D3744FAAC612}) (Version: 1.00.0000 - OMDEC Inc.)
FileZilla Client 3.19.0 (HKLM-x32\...\FileZilla Client) (Version: 3.19.0 - Tim Kosse)
Foxit PhantomPDF (HKLM-x32\...\{045A0488-55C1-45B1-9992-4B4134904D61}) (Version: 7.0.59.127 - Foxit Software Inc.)
Freeplane (HKLM\...\{D3941722-C4DD-4509-88C4-0E87F675A859}_is1) (Version: 1.3.15 - Open source)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 51.0.2704.103 - Google Inc.)
Google Drive (HKLM-x32\...\{709316AD-161C-4D5C-9AE7-0B3A822DA271}) (Version: 1.30.2170.0459 - Google, Inc.)
Google Talk Plugin (HKLM-x32\...\{F9B579C2-D854-300A-BE62-A09EB9D722E4}) (Version: 5.41.3.0 - Google)
Google Update Helper (x32 Version: 1.3.30.3 - Google Inc.) Hidden
GoToMeeting 7.20.0.5174 (HKU\S-1-5-21-1587703405-337945311-2996229846-1001\...\GoToMeeting) (Version: 7.20.0.5174 - CitrixOnline)
GoToMeeting 7.20.0.5174 (HKU\S-1-5-21-1587703405-337945311-2996229846-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\GoToMeeting) (Version: 7.20.0.5174 - CitrixOnline)
Intel Collaborative Processor Performance Control (HKLM-x32\...\0E7DAF70-FB54-4B91-B192-7E771C25AEEB) (Version: 1.0.0.1017 - Intel Corporation)
Intel® Chipset Device Software (x32 Version: 10.0.22 - Intel® Corporation) Hidden
Intel® Dynamic Platform and Thermal Framework (HKLM-x32\...\{654EE65D-FAA4-4EA6-8C07-DC94E6A304D4}) (Version: 8.0.10100.71 - Intel Corporation)
Intel® Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 10.0.39.1003 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.4013 - Intel Corporation)
Java 8 Update 91 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218091F0}) (Version: 8.0.910.14 - Oracle Corporation)
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version: - )
magicJack (HKU\S-1-5-21-1587703405-337945311-2996229846-1001\...\magicJack) (Version: 4.1.7574.5297 - magicJack L.P.)
magicJack (HKU\S-1-5-21-1587703405-337945311-2996229846-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\magicJack) (Version: 4.1.7574.5297 - magicJack L.P.)
Malwarebytes Anti-Malware version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Microsoft Office 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 16.0.6965.2058 - Microsoft Corporation)
Microsoft PowerPoint Viewer (HKLM-x32\...\{95140000-00AF-0409-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50428.0 - Microsoft Corporation)
Microsoft Visio Professional 2002 [English] (HKLM-x32\...\{90510409-6D54-11D4-BEE3-00C04F990354}) (Version: 10.0.525 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
MiniTool Partition Wizard Free 9.1 (HKLM\...\{05D996FA-ADCB-4D23-BA3C-A7C184A8FAC6}_is1) (Version: - MiniTool Solution Ltd.)
Mozilla Firefox 47.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 47.0 (x86 en-US)) (Version: 47.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 47.0.0.5999 - Mozilla)
MWSnap 3 (HKLM-x32\...\MWSnap 3) (Version: 3.0.0.74 - Mirek Wojtowicz)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.9.2 - Notepad++ Team)
Office 16 Click-to-Run Extensibility Component (x32 Version: 16.0.6925.1018 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (Version: 16.0.6925.1018 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (x32 Version: 16.0.6925.1018 - Microsoft Corporation) Hidden
OREST (HKLM-x32\...\{063E53FC-DCFE-4111-A8A8-8EC84D91B694}) (Version: 1.0.0 - BANAK)
PDFill PDF Editor with FREE Writer and FREE Tools (HKLM\...\{D1399216-81B2-457C-A0F7-73B9A2EF6902}) (Version: 12.0 - PlotSoft LLC)
PPspliT (HKU\S-1-5-21-1587703405-337945311-2996229846-1001\...\PPspliT) (Version: 1.14 - )
PPspliT (HKU\S-1-5-21-1587703405-337945311-2996229846-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\PPspliT) (Version: 1.14 - )
ProjectLibre (HKLM-x32\...\{8E2A530F-ABE9-45B4-B4EA-B9DF56698376}) (Version: 1.6.2.0 - ProjectLibre)
Qlik ODBC Connector Package (HKLM\...\{F7DCF54B-1E73-47BC-8F0B-53272D117330}) (Version: 1.0.0.432 - QlikTech International AB)
Qlik Sense - Quick build tutorial (HKLM-x32\...\{42F648B1-046D-4401-9ACC-109F4B510018}}_is1) (Version: 1.0 - QlikTech International AB)
Qlik Sense DemoApps (Version: 3.0.0.0 - QlikTech International AB) Hidden
Qlik Sense Desktop (HKU\S-1-5-21-1587703405-337945311-2996229846-1001\...\{2483875a-e0c1-40f0-b0ec-9dc8e2ccf683}) (Version: 3.0.0.0 - QlikTech International AB)
Qlik Sense Desktop (HKU\S-1-5-21-1587703405-337945311-2996229846-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\{2483875a-e0c1-40f0-b0ec-9dc8e2ccf683}) (Version: 3.0.0.0 - QlikTech International AB)
Qlik Sense Desktop (Version: 3.0.0.0 - QlikTech International AB) Hidden
Qlik Sense Desktop Connectors (Version: 3.0.0.0 - QlikTech International AB) Hidden
QlikView x64 (HKLM\...\{0BD26E4A-562A-47CD-8F1E-C55519B94863}) (Version: 12.0.20001.0 - QlikTech International AB)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9200.39048 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.33.529.2014 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7383 - Realtek Semiconductor Corp.)
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Sandboxie 5.12 (64-bit) (HKLM\...\Sandboxie) (Version: 5.12 - Sandboxie Holdings, LLC)
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 8.3.0.9150 - Microsoft Corporation)
Skype™ 7.24 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.24.104 - Skype Technologies S.A.)
Staples Easy Print (HKLM-x32\...\{b02f4c9a-50e2-11e1-bd19-00059a3c7800}) (Version: 4.0.2 - IKON)
TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.47484 - TeamViewer)
TurboTop 2.7 (HKLM-x32\...\TurboTop_is1) (Version: 2.7.0.1 - Savard Software)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.4 - VideoLAN)
WebStorage (HKLM-x32\...\WebStorage) (Version: 2.2.4.537 - ASUS Cloud Corporation)
WIDCOMM Bluetooth Software (HKLM\...\{C6D9ED03-6FCF-4410-9CB7-45CA285F9E11}) (Version: 12.0.0.9840 - Broadcom Corporation)
Windows Driver Package - ASUS (ATP) Mouse (11/11/2015 6.0.0.66) (HKLM\...\82D024CBD181D16D72E5AE45A426919815D5F456) (Version: 11/11/2015 6.0.0.66 - ASUS)
WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 3.0.1 - ASUS)
WinSCP 5.7.7 (HKLM-x32\...\winscp3_is1) (Version: 5.7.7 - Martin Prikryl)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-1587703405-337945311-2996229846-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{590C4387-5EBD-4D46-8A84-CD0BA2EF2856}\InprocServer32 -> C:\Users\Mur\AppData\Local\Google\Update\1.3.30.3\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1587703405-337945311-2996229846-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Mur\AppData\Local\Microsoft\OneDrive\17.3.6386.0412\FileCoAuth.exe (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1587703405-337945311-2996229846-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{793EE463-1304-471C-ADF1-68C2FFB01247}\InprocServer32 -> C:\Users\Mur\AppData\Local\Google\Update\1.3.29.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1587703405-337945311-2996229846-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}\InprocServer32 -> C:\Users\Mur\AppData\Local\Citrix\GoToMeeting\4670\G2MOutlookAddin64.dll (Citrix Online, a division of Citrix Systems, Inc.)
CustomCLSID: HKU\S-1-5-21-1587703405-337945311-2996229846-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{CC182BE1-84CE-4A57-B85C-FD4BBDF78CB2}\InprocServer32 -> C:\Users\Mur\AppData\Local\Google\Update\1.3.29.2\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1587703405-337945311-2996229846-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{D1EDC4F5-7F4D-4B12-906A-614ECF66DDAF}\InprocServer32 -> C:\Users\Mur\AppData\Local\Google\Update\1.3.28.15\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1587703405-337945311-2996229846-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Mur\AppData\Local\Google\Update\1.3.30.3\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1587703405-337945311-2996229846-1001_Classes\CLSID\{590C4387-5EBD-4D46-8A84-CD0BA2EF2856}\InprocServer32 -> C:\Users\Mur\AppData\Local\Google\Update\1.3.30.3\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1587703405-337945311-2996229846-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Mur\AppData\Local\Microsoft\OneDrive\17.3.6386.0412\FileCoAuth.exe (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1587703405-337945311-2996229846-1001_Classes\CLSID\{793EE463-1304-471C-ADF1-68C2FFB01247}\InprocServer32 -> C:\Users\Mur\AppData\Local\Google\Update\1.3.29.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1587703405-337945311-2996229846-1001_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}\InprocServer32 -> C:\Users\Mur\AppData\Local\Citrix\GoToMeeting\4670\G2MOutlookAddin64.dll (Citrix Online, a division of Citrix Systems, Inc.)
CustomCLSID: HKU\S-1-5-21-1587703405-337945311-2996229846-1001_Classes\CLSID\{CC182BE1-84CE-4A57-B85C-FD4BBDF78CB2}\InprocServer32 -> C:\Users\Mur\AppData\Local\Google\Update\1.3.29.2\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1587703405-337945311-2996229846-1001_Classes\CLSID\{D1EDC4F5-7F4D-4B12-906A-614ECF66DDAF}\InprocServer32 -> C:\Users\Mur\AppData\Local\Google\Update\1.3.28.15\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1587703405-337945311-2996229846-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Mur\AppData\Local\Google\Update\1.3.30.3\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1587703405-337945311-2996229846-1010-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\murra\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\FileCoAuth.exe (Microsoft Corporation)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0242C116-58D6-492F-9704-01C34E0357FD} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-06-16] (Adobe Systems Incorporated)
Task: {04A98838-7BCC-4314-9B47-4BBFB38945B8} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-06-10] (Microsoft Corporation)
Task: {07895ED7-3EC8-4EE1-905B-FF3B54EE3B0F} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {09F5E11E-3F9B-40BD-9699-6B0B619F6EBC} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {20157AE7-0DBD-4934-8B58-FD416F6CEAB2} - System32\Tasks\ASUS Live Update2 => C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe [2016-06-03] ()
Task: {26480AB1-31CA-4E2E-988C-49FD68DC51BC} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-06-10] (Microsoft Corporation)
Task: {371C11F6-EC67-4B33-B492-5B86922EA84F} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {4597C939-253C-4A84-9519-E8D403D7EDF0} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2016-06-15] (Microsoft Corporation)
Task: {46FA4A2E-BE46-4CA5-8F0A-A59AAC489CD1} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {4C240B7B-D7E3-40FA-A064-50340757AB5A} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2014-10-22] (Realtek Semiconductor)
Task: {53BC244B-CD9A-4F27-BE79-3CA9A784150D} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {58585253-72A9-43DD-BF78-73BB36B93AEE} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-04-22] (Adobe Systems Incorporated)
Task: {5D2C9E01-9092-4BD8-AE2D-06B73AEB9F10} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {65AB1CEF-E160-44BD-A3B5-04E3BF4572F1} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [2014-09-11] (ASUSTek Computer Inc.)
Task: {7C26D853-E65A-44D5-9C6B-B7FBCE20E6E7} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-02-07] (Dropbox, Inc.)
Task: {7D6C5223-074C-4962-8CED-AEF0590CB129} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {7DB97612-CA09-4812-97DA-4D94FA730069} - System32\Tasks\ATK Package 36D18D69AFC3 => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe [2014-06-11] (ASUSTek Computer Inc.)
Task: {87005086-0C55-4E78-8C1D-DD5FCB9E62FB} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-29] (Google Inc.)
Task: {88F37C13-890D-418E-8BD3-357F79F3989C} - System32\Tasks\G2MUploadTask-S-1-5-21-1587703405-337945311-2996229846-1001 => C:\Users\Mur\AppData\Local\Citrix\GoToMeeting\5174\g2mupload.exe [2016-07-02] (Citrix Online, a division of Citrix Systems, Inc.)
Task: {905CC25D-56AB-4C31-932E-958DA1770203} - System32\Tasks\ASUS Smart Gesture Launcher => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe [2015-12-14] (AsusTek)
Task: {93C6C16D-F373-4147-9149-41FC633CC1B5} - System32\Tasks\ASUS Live Update1 => C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe [2016-06-03] ()
Task: {9831CECE-F707-4573-B4CD-99B05D8D845A} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1587703405-337945311-2996229846-1001Core => C:\Users\Mur\AppData\Local\Google\Update\GoogleUpdate.exe [2015-10-18] (Google Inc.)
Task: {9A0F79F6-8AF0-4B99-AD4F-C07388A3C1B3} - System32\Tasks\ASUS Splendid ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [2014-09-11] (ASUS)
Task: {A1327173-F2E7-4491-8581-6918EF72E138} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-29] (Google Inc.)
Task: {B3C664B0-02A4-46EA-A8BA-37883477CF7D} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {BE63A598-5B52-4965-9F76-DE504BE158F7} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {C96B3072-795D-441A-8088-F5F881ECBBA1} - System32\Tasks\G2MUpdateTask-S-1-5-21-1587703405-337945311-2996229846-1001 => C:\Users\Mur\AppData\Local\Citrix\GoToMeeting\5174\g2mupdate.exe [2016-07-02] (Citrix Online, a division of Citrix Systems, Inc.)
Task: {D203AE0E-3447-471A-AF77-8E6A09911C77} - System32\Tasks\Update Checker => C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe [2016-06-03] ()
Task: {D5B04311-6C60-4148-B8A7-7116F7451F0F} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-02-07] (Dropbox, Inc.)
Task: {E2241826-59C4-472C-A243-84BB3719CE8E} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {E8B7138D-E55F-4572-8FA9-F2164539CFAE} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {F21F1823-400C-4525-B121-978C65A520F8} - System32\Tasks\ASUS\ASUS Product Register Service => C:\Program Files (x86)\ASUS\APRP\aprp.exe [2015-03-03] (ASUSTek Computer Inc.)
Task: {F776DE56-37C7-47B0-AD9D-637716C54AEF} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2016-06-10] (Microsoft Corporation)
Task: {F815DB20-E263-422B-9325-9476476F718B} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1587703405-337945311-2996229846-1001UA => C:\Users\Mur\AppData\Local\Google\Update\GoogleUpdate.exe [2015-10-18] (Google Inc.)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\G2MUpdateTask-S-1-5-21-1587703405-337945311-2996229846-1001.job => C:\Users\Mur\AppData\Local\Citrix\GoToMeeting\5174\g2mupdate.exe
Task: C:\WINDOWS\Tasks\G2MUploadTask-S-1-5-21-1587703405-337945311-2996229846-1001.job => C:\Users\Mur\AppData\Local\Citrix\GoToMeeting\5174\g2mupload.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1587703405-337945311-2996229846-1001Core.job => C:\Users\Mur\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1587703405-337945311-2996229846-1001UA.job => C:\Users\Mur\AppData\Local\Google\Update\GoogleUpdate.exe
==================== Shortcuts =============================
(The entries could be listed to be restored or removed.)
Shortcut: C:\Users\Mur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Qlik Sense\Qlik Sense Help.lnk -> hxxp://help.qlik.com/sense/ (No File)
==================== Loaded Modules (Whitelisted) ==============
2015-10-30 03:17 - 2015-10-30 03:17 - 00028672 _____ () C:\WINDOWS\SYSTEM32\efsext.dll
2015-10-17 11:31 - 2012-09-18 15:27 - 00192512 _____ () C:\WINDOWS\System32\zlhp1020.dll
2015-10-17 11:31 - 2012-09-18 15:27 - 00065024 _____ () C:\WINDOWS\system32\spool\PRTPROCS\x64\pphp1020.dll
2015-10-17 11:31 - 2012-09-18 15:27 - 03162624 _____ () C:\WINDOWS\system32\spool\DRIVERS\x64\3\suhp1020.dll
2015-10-17 11:31 - 2012-09-18 15:27 - 01236992 _____ () C:\WINDOWS\system32\spool\DRIVERS\x64\3\gchp1020.dll
2015-10-30 03:18 - 2015-10-30 03:18 - 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-04-13 09:18 - 2016-03-29 06:20 - 02656952 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-04-13 09:18 - 2016-03-29 06:20 - 02656952 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2016-04-23 11:31 - 2016-04-23 11:31 - 00959176 _____ () C:\Users\Mur\AppData\Local\Microsoft\OneDrive\17.3.6386.0412\amd64\ClientTelemetry.dll
2016-02-26 08:07 - 2016-06-10 05:05 - 08919752 _____ () C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\1033\GrooveIntlResource.dll
2016-03-28 14:07 - 2016-03-28 14:07 - 00230064 _____ () C:\Program Files (x86)\Notepad++\NppShell_06.dll
2015-07-18 00:35 - 2015-07-18 00:35 - 00396688 _____ () C:\WINDOWS\system32\igfxTray.exe
2015-12-18 13:07 - 2015-12-07 00:14 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll
2016-05-10 16:14 - 2016-04-23 00:25 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2016-06-15 09:09 - 2016-05-27 23:59 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-06-15 09:09 - 2016-05-27 23:53 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-06-15 09:09 - 2016-05-27 23:54 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-06-15 09:09 - 2016-05-27 23:56 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2015-10-21 18:37 - 2015-09-27 05:26 - 01144320 _____ () C:\Program Files\AutoHotkey\AutoHotkey.exe
2016-04-19 08:58 - 2016-04-19 09:00 - 00144384 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
2015-10-30 03:18 - 2015-10-30 03:18 - 00218456 _____ () c:\windows\system32\WerEtw.dll
2015-02-25 17:15 - 2015-02-25 17:15 - 01243936 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\ACE.dll
2014-09-11 21:31 - 2014-09-11 21:31 - 00037424 _____ () C:\Program Files (x86)\ASUS\Splendid\DetectDisplayDC.dll
2014-09-11 21:31 - 2014-09-11 21:31 - 00018992 _____ () C:\Program Files (x86)\ASUS\Splendid\AMDColorEnhance.dll
2014-09-11 21:31 - 2014-09-11 21:31 - 00020528 _____ () C:\Program Files (x86)\ASUS\Splendid\AMDRegammaAndGamut.dll
2014-09-11 21:31 - 2014-09-11 21:31 - 00124928 _____ () C:\Program Files (x86)\ASUS\Splendid\CCTAdjust.dll
2016-07-11 21:34 - 2016-07-11 21:34 - 00098816 ____R () C:\Users\Mur\AppData\Local\Temp\_MEI76642\win32api.pyd
2016-07-11 21:34 - 2016-07-11 21:34 - 00110080 ____R () C:\Users\Mur\AppData\Local\Temp\_MEI76642\pywintypes27.dll
2016-07-11 21:34 - 2016-07-11 21:34 - 00364544 ____R () C:\Users\Mur\AppData\Local\Temp\_MEI76642\pythoncom27.dll
2016-07-11 21:34 - 2016-07-11 21:34 - 00320512 ____R () C:\Users\Mur\AppData\Local\Temp\_MEI76642\win32com.shell.shell.pyd
2016-07-11 21:34 - 2016-07-11 21:34 - 00776704 ____R () C:\Users\Mur\AppData\Local\Temp\_MEI76642\_hashlib.pyd
2016-07-11 21:34 - 2016-07-11 21:34 - 01176576 ____R () C:\Users\Mur\AppData\Local\Temp\_MEI76642\wx._core_.pyd
2016-07-11 21:34 - 2016-07-11 21:34 - 00806400 ____R () C:\Users\Mur\AppData\Local\Temp\_MEI76642\wx._gdi_.pyd
2016-07-11 21:34 - 2016-07-11 21:34 - 00816128 ____R () C:\Users\Mur\AppData\Local\Temp\_MEI76642\wx._windows_.pyd
2016-07-11 21:34 - 2016-07-11 21:34 - 01067008 ____R () C:\Users\Mur\AppData\Local\Temp\_MEI76642\wx._controls_.pyd
2016-07-11 21:34 - 2016-07-11 21:34 - 00733184 ____R () C:\Users\Mur\AppData\Local\Temp\_MEI76642\wx._misc_.pyd
2016-07-11 21:34 - 2016-07-11 21:34 - 00682496 ____R () C:\Users\Mur\AppData\Local\Temp\_MEI76642\pysqlite2._sqlite.pyd
2016-07-11 21:34 - 2016-07-11 21:34 - 00088064 ____R () C:\Users\Mur\AppData\Local\Temp\_MEI76642\_ctypes.pyd
2016-07-11 21:34 - 2016-07-11 21:34 - 00119808 ____R () C:\Users\Mur\AppData\Local\Temp\_MEI76642\win32file.pyd
2016-07-11 21:34 - 2016-07-11 21:34 - 00108544 ____R () C:\Users\Mur\AppData\Local\Temp\_MEI76642\win32security.pyd
2016-07-11 21:34 - 2016-07-11 21:34 - 00007168 ____R () C:\Users\Mur\AppData\Local\Temp\_MEI76642\hashobjs_ext.pyd
2016-07-11 21:34 - 2016-07-11 21:34 - 00017920 ____R () C:\Users\Mur\AppData\Local\Temp\_MEI76642\thumbnails_ext.pyd
2016-07-11 21:34 - 2016-07-11 21:34 - 00088064 ____R () C:\Users\Mur\AppData\Local\Temp\_MEI76642\usb_ext.pyd
2016-07-11 21:34 - 2016-07-11 21:34 - 00012288 ____R () C:\Users\Mur\AppData\Local\Temp\_MEI76642\common.time34.pyd
2016-07-11 21:34 - 2016-07-11 21:34 - 00018432 ____R () C:\Users\Mur\AppData\Local\Temp\_MEI76642\win32event.pyd
2016-07-11 21:34 - 2016-07-11 21:34 - 00167936 ____R () C:\Users\Mur\AppData\Local\Temp\_MEI76642\win32gui.pyd
2016-07-11 21:34 - 2016-07-11 21:34 - 00046080 ____R () C:\Users\Mur\AppData\Local\Temp\_MEI76642\_socket.pyd
2016-07-11 21:34 - 2016-07-11 21:34 - 01208320 ____R () C:\Users\Mur\AppData\Local\Temp\_MEI76642\_ssl.pyd
2016-07-11 21:34 - 2016-07-11 21:34 - 00128512 ____R () C:\Users\Mur\AppData\Local\Temp\_MEI76642\_elementtree.pyd
2016-07-11 21:34 - 2016-07-11 21:34 - 00127488 ____R () C:\Users\Mur\AppData\Local\Temp\_MEI76642\pyexpat.pyd
2016-07-11 21:34 - 2016-07-11 21:34 - 00038912 ____R () C:\Users\Mur\AppData\Local\Temp\_MEI76642\win32inet.pyd
2016-07-11 21:34 - 2016-07-11 21:34 - 00036864 ____R () C:\Users\Mur\AppData\Local\Temp\_MEI76642\_psutil_windows.pyd
2016-07-11 21:34 - 2016-07-11 21:34 - 00525208 ____R () C:\Users\Mur\AppData\Local\Temp\_MEI76642\windows._lib_cacheinvalidation.pyd
2016-07-11 21:34 - 2016-07-11 21:34 - 00011264 ____R () C:\Users\Mur\AppData\Local\Temp\_MEI76642\win32crypt.pyd
2016-07-11 21:34 - 2016-07-11 21:34 - 00077312 ____R () C:\Users\Mur\AppData\Local\Temp\_MEI76642\wx._html2.pyd
2016-07-11 21:34 - 2016-07-11 21:34 - 00027136 ____R () C:\Users\Mur\AppData\Local\Temp\_MEI76642\_multiprocessing.pyd
2016-07-11 21:34 - 2016-07-11 21:34 - 00020480 ____R () C:\Users\Mur\AppData\Local\Temp\_MEI76642\_yappi.pyd
2016-07-11 21:34 - 2016-07-11 21:34 - 00035840 ____R () C:\Users\Mur\AppData\Local\Temp\_MEI76642\win32process.pyd
2016-07-11 21:34 - 2016-07-11 21:34 - 00686080 ____R () C:\Users\Mur\AppData\Local\Temp\_MEI76642\unicodedata.pyd
2016-07-11 21:34 - 2016-07-11 21:34 - 00078848 ____R () C:\Users\Mur\AppData\Local\Temp\_MEI76642\wx._animate.pyd
2016-07-11 21:34 - 2016-07-11 21:34 - 00123392 ____R () C:\Users\Mur\AppData\Local\Temp\_MEI76642\wx._wizard.pyd
2016-07-11 21:34 - 2016-07-11 21:34 - 00024064 ____R () C:\Users\Mur\AppData\Local\Temp\_MEI76642\win32pipe.pyd
2016-07-11 21:34 - 2016-07-11 21:34 - 00010240 ____R () C:\Users\Mur\AppData\Local\Temp\_MEI76642\select.pyd
2016-07-11 21:34 - 2016-07-11 21:34 - 00025600 ____R () C:\Users\Mur\AppData\Local\Temp\_MEI76642\win32pdh.pyd
2016-07-11 21:34 - 2016-07-11 21:34 - 00017408 ____R () C:\Users\Mur\AppData\Local\Temp\_MEI76642\win32profile.pyd
2016-07-11 21:34 - 2016-07-11 21:34 - 00022528 ____R () C:\Users\Mur\AppData\Local\Temp\_MEI76642\win32ts.pyd
2016-06-27 11:22 - 2016-06-27 11:22 - 00048816 _____ () C:\Program Files\FileZilla FTP Client\fzshellext.dll
2016-04-19 08:58 - 2016-04-19 09:00 - 00141312 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeBackgroundTasks.dll
2016-04-19 08:58 - 2016-04-19 09:00 - 22284800 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkyWrap.dll
2015-12-11 12:14 - 2016-06-06 21:58 - 00034768 _____ () C:\Program Files (x86)\Dropbox\Client\_multiprocessing.pyd
2016-07-11 21:42 - 2016-06-06 21:58 - 00134088 _____ () C:\Program Files (x86)\Dropbox\Client\pyexpat.pyd
2016-07-11 21:42 - 2016-06-06 21:59 - 00019408 _____ () C:\Program Files (x86)\Dropbox\Client\faulthandler.pyd
2016-07-11 21:42 - 2016-06-06 21:58 - 00116688 _____ () C:\Program Files (x86)\Dropbox\Client\pywintypes27.dll
2015-12-11 12:14 - 2016-06-06 21:58 - 00093640 _____ () C:\Program Files (x86)\Dropbox\Client\_ctypes.pyd
2015-12-11 12:14 - 2016-06-06 21:58 - 00018376 _____ () C:\Program Files (x86)\Dropbox\Client\select.pyd
2015-12-11 12:14 - 2016-07-05 14:00 - 00019760 _____ () C:\Program Files (x86)\Dropbox\Client\tornado.speedups.pyd
2015-12-11 12:14 - 2016-06-06 22:00 - 00105928 _____ () C:\Program Files (x86)\Dropbox\Client\win32api.pyd
2016-07-11 21:42 - 2016-06-06 21:58 - 00392144 _____ () C:\Program Files (x86)\Dropbox\Client\pythoncom27.dll
2015-12-11 12:14 - 2016-07-05 14:00 - 00381752 _____ () C:\Program Files (x86)\Dropbox\Client\win32com.shell.shell.pyd
2015-12-11 12:14 - 2016-06-06 21:58 - 00692688 _____ () C:\Program Files (x86)\Dropbox\Client\unicodedata.pyd
2016-07-11 21:42 - 2016-07-05 13:59 - 00020816 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._constant_time.pyd
2015-12-11 12:14 - 2016-06-06 21:59 - 00123856 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_backend.pyd
2016-07-11 21:42 - 2016-07-05 13:59 - 01682760 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._openssl.pyd
2016-07-11 21:42 - 2016-07-05 13:59 - 00020808 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._padding.pyd
2015-12-11 12:14 - 2016-07-05 14:00 - 00021840 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_unicode_environ_win32_x8bf8e68bx9968e850.pyd
2016-07-11 21:42 - 2016-07-05 14:00 - 00052024 _____ () C:\Program Files (x86)\Dropbox\Client\psutil._psutil_windows.pyd
2016-07-11 21:42 - 2016-07-05 14:00 - 00038696 _____ () C:\Program Files (x86)\Dropbox\Client\fastpath.pyd
2016-07-11 21:42 - 2016-06-06 22:00 - 00020936 _____ () C:\Program Files (x86)\Dropbox\Client\mmapfile.pyd
2015-12-11 12:14 - 2016-06-06 22:00 - 00024528 _____ () C:\Program Files (x86)\Dropbox\Client\win32event.pyd
2015-12-11 12:14 - 2016-06-06 22:00 - 00114640 _____ () C:\Program Files (x86)\Dropbox\Client\win32security.pyd
2015-12-11 12:14 - 2016-06-06 22:00 - 00124880 _____ () C:\Program Files (x86)\Dropbox\Client\win32file.pyd
2016-02-18 11:32 - 2016-07-05 14:00 - 00021832 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_pywin_kernel32_x64d8f881xc8c369be.pyd
2015-12-11 12:14 - 2016-06-06 22:00 - 00024016 _____ () C:\Program Files (x86)\Dropbox\Client\win32clipboard.pyd
2015-12-11 12:14 - 2016-06-06 22:00 - 00175560 _____ () C:\Program Files (x86)\Dropbox\Client\win32gui.pyd
2015-12-11 12:14 - 2016-06-06 22:00 - 00030160 _____ () C:\Program Files (x86)\Dropbox\Client\win32pipe.pyd
2015-12-11 12:14 - 2016-06-06 22:00 - 00043472 _____ () C:\Program Files (x86)\Dropbox\Client\win32process.pyd
2015-12-11 12:14 - 2016-06-06 22:00 - 00048592 _____ () C:\Program Files (x86)\Dropbox\Client\win32service.pyd
2016-02-18 11:32 - 2016-07-05 14:00 - 00023872 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.kernel32._winffi_kernel32.pyd
2016-07-11 21:42 - 2016-07-05 14:00 - 00026456 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox.infinite.win.compiled._driverinstallation.pyd
2015-12-11 12:14 - 2016-06-06 22:00 - 00057808 _____ () C:\Program Files (x86)\Dropbox\Client\win32evtlog.pyd
2015-12-11 12:14 - 2016-06-06 22:00 - 00024016 _____ () C:\Program Files (x86)\Dropbox\Client\win32profile.pyd
2016-07-11 21:42 - 2016-07-05 13:59 - 00246592 _____ () C:\Program Files (x86)\Dropbox\Client\breakpad.client.windows.handler.pyd
2015-12-11 12:14 - 2016-06-06 22:00 - 00028616 _____ () C:\Program Files (x86)\Dropbox\Client\win32ts.pyd
2016-02-18 11:32 - 2016-07-05 14:00 - 00020800 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.iphlpapi._winffi_iphlpapi.pyd
2016-02-18 11:32 - 2016-07-05 14:00 - 00019776 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winerror._winffi_winerror.pyd
2016-02-18 11:32 - 2016-07-05 14:00 - 00020800 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.wininet._winffi_wininet.pyd
2015-12-11 12:14 - 2016-06-06 21:58 - 00134608 _____ () C:\Program Files (x86)\Dropbox\Client\_elementtree.pyd
2016-07-11 21:42 - 2016-06-06 21:59 - 00240584 _____ () C:\Program Files (x86)\Dropbox\Client\jpegtran.pyd
2016-07-11 21:42 - 2016-07-05 13:59 - 00020280 _____ () C:\Program Files (x86)\Dropbox\Client\cpuid.compiled._cpuid.pyd
2015-12-11 12:14 - 2016-07-05 14:00 - 00023376 _____ () C:\Program Files (x86)\Dropbox\Client\winscreenshot.compiled._CaptureScreenshot.pyd
2015-12-11 12:14 - 2016-06-06 22:00 - 00350152 _____ () C:\Program Files (x86)\Dropbox\Client\winxpgui.pyd
2016-02-18 11:32 - 2016-07-05 14:00 - 00022352 _____ () C:\Program Files (x86)\Dropbox\Client\winverifysignature.compiled._VerifySignature.pyd
2016-07-11 21:42 - 2016-07-05 14:00 - 00024392 _____ () C:\Program Files (x86)\Dropbox\Client\librsyncffi.compiled._librsyncffi.pyd
2016-07-11 21:42 - 2016-06-06 22:01 - 00036296 _____ () C:\Program Files (x86)\Dropbox\Client\librsync.dll
2016-07-11 21:42 - 2016-07-05 14:00 - 00031568 _____ () C:\Program Files (x86)\Dropbox\Client\enterprise_data.compiled._enterprise_data.pyd
2016-07-11 21:42 - 2016-03-11 20:46 - 00293392 _____ () C:\Program Files (x86)\Dropbox\Client\EnterpriseDataAdapter.dll
2016-07-11 21:42 - 2016-07-05 14:00 - 00084280 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_sqlite_ext.DLL
2016-07-11 21:42 - 2016-07-05 14:00 - 01826096 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtCore.pyd
2015-12-11 12:14 - 2016-06-06 21:59 - 00083912 _____ () C:\Program Files (x86)\Dropbox\Client\sip.pyd
2016-07-11 21:42 - 2016-07-05 14:00 - 03928880 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWidgets.pyd
2016-07-11 21:42 - 2016-07-05 14:00 - 01971504 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtGui.pyd
2016-07-11 21:42 - 2016-07-05 14:00 - 00531248 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtNetwork.pyd
2016-07-11 21:42 - 2016-07-05 14:00 - 00132912 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKit.pyd
2016-07-11 21:42 - 2016-07-05 14:00 - 00223544 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKitWidgets.pyd
2016-07-11 21:42 - 2016-07-05 14:00 - 00207672 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtPrintSupport.pyd
2015-12-11 12:14 - 2016-06-06 22:00 - 00060880 _____ () C:\Program Files (x86)\Dropbox\Client\win32print.pyd
2016-04-14 20:10 - 2016-07-05 14:00 - 00025928 _____ () C:\Program Files (x86)\Dropbox\Client\windisplaytoast.compiled._DisplayToast.pyd
2015-12-11 12:14 - 2016-07-05 14:00 - 00024904 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_wpad_proxy_win_x752e3d61xdcfdcc84.pyd
2016-07-11 21:42 - 2016-07-05 14:00 - 00546096 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQuick.pyd
2016-07-11 21:42 - 2016-07-05 14:00 - 00357680 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQml.pyd
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\Users\Mur\Documents\UnionGasData.zip:com.dropbox.attributes [168]
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2013-08-22 09:25 - 2013-08-22 09:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-1587703405-337945311-2996229846-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Mur\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\img0.jpg
HKU\S-1-5-21-1587703405-337945311-2996229846-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\Wallpaper -> C:\Users\Mur\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\img0.jpg
HKU\S-1-5-21-1587703405-337945311-2996229846-1010-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
MSCONFIG\Services: Asus WebStorage Windows Service => 2
MSCONFIG\Services: WalletService => 3
MSCONFIG\Services: WbioSrvc => 2
MSCONFIG\Services: XblAuthManager => 3
MSCONFIG\Services: XblGameSave => 3
MSCONFIG\Services: XboxNetApiSvc => 3
HKU\S-1-5-21-1587703405-337945311-2996229846-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-1587703405-337945311-2996229846-1001\...\StartupApproved\Run: => "KeyboardIndicator"
HKU\S-1-5-21-1587703405-337945311-2996229846-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-1587703405-337945311-2996229846-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\Run: => "KeyboardIndicator"
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{472D5913-C9CA-43CF-AAE1-4379EEF2DAC4}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{D671147E-628C-45B3-AA8F-9ADBAF97940C}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{B1F09331-063F-49F3-88F5-C296FD266A14}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{ED9C9C5B-6CD2-45B0-9371-5C2EDCDEA10C}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{0210ED46-A26B-4FCF-B3A6-79610317207B}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{852FD436-1CCD-4299-B6F6-47D2DF0E0838}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [UDP Query User{335F5EFA-0337-431B-A90D-2D7A05E7A546}C:\users\mur\appdata\roaming\mjusbsp\magicjack.exe] => (Allow) C:\users\mur\appdata\roaming\mjusbsp\magicjack.exe
FirewallRules: [TCP Query User{36BBC032-30E3-44AB-B3D6-B692E6E1ED35}C:\users\mur\appdata\roaming\mjusbsp\magicjack.exe] => (Allow) C:\users\mur\appdata\roaming\mjusbsp\magicjack.exe
FirewallRules: [{C14B53BC-AA80-46B8-B713-5013E529F1CC}] => (Block) C:\program files (x86)\asus\asus smart gesture\astpcenter\x64\asussgplusbtserver64.exe
FirewallRules: [{3D5D2B84-65DF-415C-8849-FDA09522EE3C}] => (Block) C:\program files (x86)\asus\asus smart gesture\astpcenter\x64\asussgplusbtserver64.exe
FirewallRules: [UDP Query User{16B28C3D-9A85-45D8-A19F-C979B69D1B79}C:\program files (x86)\asus\asus smart gesture\astpcenter\x64\asussgplusbtserver64.exe] => (Allow) C:\program files (x86)\asus\asus smart gesture\astpcenter\x64\asussgplusbtserver64.exe
FirewallRules: [TCP Query User{E1523629-143E-4AED-8898-DE7A3F11F322}C:\program files (x86)\asus\asus smart gesture\astpcenter\x64\asussgplusbtserver64.exe] => (Allow) C:\program files (x86)\asus\asus smart gesture\astpcenter\x64\asussgplusbtserver64.exe
FirewallRules: [{40EC0B1D-44A8-425D-998A-4C8AC9C31BE5}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{C8CAD50B-842C-4E4B-B006-6DB7113B4AC5}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{EBDD87D9-DE9B-4EC4-A4B8-A377D1AC4A9E}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{8D72B2D2-31D2-445D-B5EB-D04FF6ED2D73}] => (Allow) C:\Users\Mur\AppData\Local\Microsoft\OneDrive\OneDrive.exe
FirewallRules: [TCP Query User{7CAEF898-AB16-45A4-8694-FB427FF472B2}C:\users\mur\appdata\local\programs\qlik\sense\qliksense.exe] => (Block) C:\users\mur\appdata\local\programs\qlik\sense\qliksense.exe
FirewallRules: [UDP Query User{0AD5A5AB-4FD5-4983-8374-83B705A7854B}C:\users\mur\appdata\local\programs\qlik\sense\qliksense.exe] => (Block) C:\users\mur\appdata\local\programs\qlik\sense\qliksense.exe
FirewallRules: [TCP Query User{E85F48D6-4581-48C5-9F91-8E3805E372C2}C:\users\mur\appdata\local\temp\dataprepservice2.1.50500.0409.10\dataprepservice.exe] => (Block) C:\users\mur\appdata\local\temp\dataprepservice2.1.50500.0409.10\dataprepservice.exe
FirewallRules: [UDP Query User{32490C40-8E51-4840-ACCD-D4578FD49534}C:\users\mur\appdata\local\temp\dataprepservice2.1.50500.0409.10\dataprepservice.exe] => (Block) C:\users\mur\appdata\local\temp\dataprepservice2.1.50500.0409.10\dataprepservice.exe
FirewallRules: [{C2305F9A-BC4B-4BFA-B45A-F444A73FE890}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [TCP Query User{2C9A8465-27DA-42E5-84B1-C228AC328880}C:\users\mur\appdata\local\programs\qlik\sense\qliksense.exe] => (Allow) C:\users\mur\appdata\local\programs\qlik\sense\qliksense.exe
FirewallRules: [UDP Query User{F327E2FC-7685-435B-872E-198D54467196}C:\users\mur\appdata\local\programs\qlik\sense\qliksense.exe] => (Allow) C:\users\mur\appdata\local\programs\qlik\sense\qliksense.exe
FirewallRules: [TCP Query User{778B5C03-340E-4559-8E8B-0CC4A164C882}C:\users\mur\appdata\local\temp\dataprepservice2.1.50500.0409.10\dataprepservice.exe] => (Allow) C:\users\mur\appdata\local\temp\dataprepservice2.1.50500.0409.10\dataprepservice.exe
FirewallRules: [UDP Query User{E94F317F-2AF5-4430-BF1D-1A7C9466D368}C:\users\mur\appdata\local\temp\dataprepservice2.1.50500.0409.10\dataprepservice.exe] => (Allow) C:\users\mur\appdata\local\temp\dataprepservice2.1.50500.0409.10\dataprepservice.exe
FirewallRules: [{2D8033C5-66E9-4867-9126-6C1D49CDB37F}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [TCP Query User{05F2A843-2F46-4D43-B80B-781FD3BD0126}C:\users\mur\appdata\local\programs\qlik\sense\engine\engine.exe] => (Allow) C:\users\mur\appdata\local\programs\qlik\sense\engine\engine.exe
FirewallRules: [UDP Query User{D9BFB776-2B3D-400D-BCE1-35C12B5BA372}C:\users\mur\appdata\local\programs\qlik\sense\engine\engine.exe] => (Allow) C:\users\mur\appdata\local\programs\qlik\sense\engine\engine.exe
FirewallRules: [TCP Query User{44F9B3F5-05FF-4750-84B9-AA5134812D8C}C:\users\mur\appdata\local\programs\qlik\sense\node\node.exe] => (Allow) C:\users\mur\appdata\local\programs\qlik\sense\node\node.exe
FirewallRules: [UDP Query User{501B34FC-BEEC-491A-9405-F0515A7DC99D}C:\users\mur\appdata\local\programs\qlik\sense\node\node.exe] => (Allow) C:\users\mur\appdata\local\programs\qlik\sense\node\node.exe
FirewallRules: [TCP Query User{A830CEDE-5395-4D95-B61A-4118155E35D3}C:\program files (x86)\smartcam\smartcam.exe] => (Allow) C:\program files (x86)\smartcam\smartcam.exe
FirewallRules: [UDP Query User{92B757EA-A835-4BDF-8351-F829DB1115D6}C:\program files (x86)\smartcam\smartcam.exe] => (Allow) C:\program files (x86)\smartcam\smartcam.exe
FirewallRules: [{0AF6F651-EAA3-4005-8DFA-D4582CE5BE08}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
==================== Restore Points =========================
23-06-2016 13:14:15 Installed Qlik ODBC Connector Package.
26-06-2016 19:00:27 Windows Backup
28-06-2016 16:48:12 Revo Uninstaller's restore point - Qlik Sense Desktop
07-07-2016 10:57:43 Scheduled Checkpoint
10-07-2016 19:00:35 Windows Backup
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (07/11/2016 09:39:19 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: MURRAY)
Description: Activation of app microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 failed with error: -2147023170 See the Microsoft-Windows-TWinUI/Operational log for additional information.
Error: (07/11/2016 09:39:09 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: HxTsr.exe, version: 16.0.6868.4073, time stamp: 0x572152d8
Faulting module name: KERNELBASE.dll, version: 10.0.10586.306, time stamp: 0x571af331
Exception code: 0x00000004
Fault offset: 0x0000000000071f28
Faulting process id: 0x2300
Faulting application start time: 0xHxTsr.exe0
Faulting application path: HxTsr.exe1
Faulting module path: HxTsr.exe2
Report Id: HxTsr.exe3
Faulting package full name: HxTsr.exe4
Faulting package-relative application ID: HxTsr.exe5
Error: (07/11/2016 09:36:37 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: MURRAY)
Description: Activation of app microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 failed with error: -2147023170 See the Microsoft-Windows-TWinUI/Operational log for additional information.
Error: (07/11/2016 09:36:34 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: HxTsr.exe, version: 16.0.6868.4073, time stamp: 0x572152d8
Faulting module name: KERNELBASE.dll, version: 10.0.10586.306, time stamp: 0x571af331
Exception code: 0x00000004
Fault offset: 0x0000000000071f28
Faulting process id: 0x1d58
Faulting application start time: 0xHxTsr.exe0
Faulting application path: HxTsr.exe1
Faulting module path: HxTsr.exe2
Report Id: HxTsr.exe3
Faulting package full name: HxTsr.exe4
Faulting package-relative application ID: HxTsr.exe5
Error: (07/11/2016 12:18:17 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: MURRAY)
Description: Activation of app microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 failed with error: -2147023170 See the Microsoft-Windows-TWinUI/Operational log for additional information.
Error: (07/11/2016 12:18:15 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: HxTsr.exe, version: 16.0.6868.4073, time stamp: 0x572152d8
Faulting module name: KERNELBASE.dll, version: 10.0.10586.306, time stamp: 0x571af331
Exception code: 0x00000004
Fault offset: 0x0000000000071f28
Faulting process id: 0x12ac
Faulting application start time: 0xHxTsr.exe0
Faulting application path: HxTsr.exe1
Faulting module path: HxTsr.exe2
Report Id: HxTsr.exe3
Faulting package full name: HxTsr.exe4
Faulting package-relative application ID: HxTsr.exe5
Error: (07/10/2016 11:34:14 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: MURRAY)
Description: Activation of app microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 failed with error: -2147023170 See the Microsoft-Windows-TWinUI/Operational log for additional information.
Error: (07/10/2016 11:34:13 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: HxTsr.exe, version: 16.0.6868.4073, time stamp: 0x572152d8
Faulting module name: KERNELBASE.dll, version: 10.0.10586.306, time stamp: 0x571af331
Exception code: 0x00000004
Fault offset: 0x0000000000071f28
Faulting process id: 0x1e6c
Faulting application start time: 0xHxTsr.exe0
Faulting application path: HxTsr.exe1
Faulting module path: HxTsr.exe2
Report Id: HxTsr.exe3
Faulting package full name: HxTsr.exe4
Faulting package-relative application ID: HxTsr.exe5
Error: (07/10/2016 10:49:13 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: backgroundTaskHost.exe, version: 10.0.10586.0, time stamp: 0x5632d8f0
Faulting module name: KERNELBASE.dll, version: 10.0.10586.306, time stamp: 0x571af331
Exception code: 0x00000004
Fault offset: 0x0000000000071f28
Faulting process id: 0x7a4
Faulting application start time: 0xbackgroundTaskHost.exe0
Faulting application path: backgroundTaskHost.exe1
Faulting module path: backgroundTaskHost.exe2
Report Id: backgroundTaskHost.exe3
Faulting package full name: backgroundTaskHost.exe4
Faulting package-relative application ID: backgroundTaskHost.exe5
Error: (07/10/2016 10:45:10 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: BITSC:\Windows\System32\bitsperf.dll8
System errors:
=============
Error: (07/11/2016 09:45:55 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80073cf6: Mail and Calendar.
Error: (07/11/2016 09:44:17 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80073cf6: Store.
Error: (07/11/2016 09:43:39 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80073cf6: Get Started.
Error: (07/11/2016 09:42:41 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80073cf6: Windows Camera.
Error: (07/11/2016 09:37:22 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: {784E29F4-5EBE-4279-9948-1E8FE941646D}
Error: (07/11/2016 12:23:38 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The User Data Access_e615f9 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.
Error: (07/11/2016 12:23:38 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The User Data Storage_e615f9 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.
Error: (07/11/2016 12:23:38 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Contact Data_e615f9 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.
Error: (07/11/2016 12:23:38 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Sync Host_e615f9 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.
Error: (07/11/2016 12:23:38 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)UnavailableUnavailable
CodeIntegrity:
===================================
Date: 2016-07-10 19:53:16.769
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-07-10 19:53:16.745
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-07-10 19:53:16.722
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-07-10 19:53:08.685
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-07-10 19:53:08.604
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-07-02 19:47:57.347
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-07-02 19:47:57.322
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-07-02 19:47:57.301
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-07-02 19:47:50.491
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-07-02 19:47:50.423
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
==================== Memory info ===========================
Processor: Intel® Core i5-5200U CPU @ 2.20GHz
Percentage of memory in use: 40%
Total physical RAM: 8095.11 MB
Available physical RAM: 4806.89 MB
Total Virtual: 9375.11 MB
Available Virtual: 5879.02 MB
==================== Drives ================================
Drive c: (OS) (Fixed) (Total:372.6 GB) (Free:317.08 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive d: (Data) (Fixed) (Total:542.8 GB) (Free:472.39 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 52C58659)
Partition: GPT.
==================== End of Addition.txt ============================