Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

some keyboard buttons not working


  • Please log in to reply

#1
scoobydoo123

scoobydoo123

    New Member

  • Member
  • Pip
  • 1 posts

t's dffclt to type, some lettes aen't okng. 

 

Windows 10 x64

 

Asus laptop

 

 tried Malwarebytes with no luck

 

-----------------------------------

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 30-11-2017
Ran by Administrator (administrator) on MAIN (01-12-2017 13:53:48)
Running from C:\Users\Paul\Desktop
Loaded Profiles: Paul & Administrator &  (Available Profiles: Paul & UpdatusUser & Administrator)
Platform: Windows 10 Home Version 1709 16299.64 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Edge)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(Seagate Technology LLC) C:\Program Files (x86)\Seagate\SeagateManager\Sync\FreeAgentService.exe
(FileZilla Project) C:\Program Files (x86)\FileZilla Server\FileZilla Server.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Flexera Software LLC) C:\Program Files (x86)\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
() C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe
(Bitdefender) C:\Program Files\Bitdefender Agent\ProductAgentService.exe
(RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpdsvc.exe
(Seagate Technology LLC) C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.DASWindowsService.exe
(Seagate Technology LLC) C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\MobileService.exe
(TechSmith Corporation) C:\Program Files (x86)\Common Files\TechSmith Shared\Uploader\UploaderService.exe
(Bitdefender) C:\Program Files\Bitdefender Antivirus Free\vsserv.exe
(Bitdefender) C:\Program Files\Bitdefender Antivirus Free\updatesrv.exe
(Bitdefender) C:\Program Files\Bitdefender Antivirus Free\vsservppl.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Bitdefender) C:\Program Files\Bitdefender Antivirus Free\bdagent.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\SystemApps\InputApp_cw5n1h2txyewy\WindowsInternal.ComposableShell.Experiences.TextInput.InputApp.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [630168 2017-09-29] (Microsoft Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-07-01] (Adobe Systems Incorporated)
HKLM\...\Run: [IgfxTray] => "C:\WINDOWS\system32\igfxtray.exe"
HKLM\...\Run: [HotKeysCmds] => "C:\WINDOWS\system32\hkcmd.exe"
HKLM\...\Run: [Persistence] => "C:\WINDOWS\system32\igfxpers.exe"
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [596528 2015-11-09] (Oracle Corporation)
HKLM-x32\...\Run: [TkBellExe] => C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe [286984 2015-10-12] (RealNetworks, Inc.)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [3567928 2017-11-13] (Dropbox, Inc.)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2383040 2016-10-25] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [RealDownloader] => C:\Program Files (x86)\RealNetworks\RealDownloader\downloader2.exe [714992 2016-07-05] ()
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [67384 2016-11-17] (Apple Inc.)
HKLM-x32\...\Run: [MaxMenuMgr] => C:\Program Files (x86)\Seagate\SeagateManager\FreeAgent Status\StxMenuMgr.exe [185640 2009-05-01] (Seagate LLC)
HKLM-x32\...\Run: [DBAgent] => C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\DBAgent.exe [1563424 2016-06-28] (Seagate Technology LLC)
HKLM-x32\...\Run: [FileZilla Server Interface] => C:\Program Files (x86)\FileZilla Server\FileZilla Server Interface.exe [2771632 2016-09-22] (FileZilla Project)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-3266970540-2495065241-1426683439-1001\...\Run: [Zoom] => [X]
HKU\S-1-5-21-3266970540-2495065241-1426683439-1001\...\Run: [Uploader] => C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.Uploader.exe [127816 2016-06-28] (Seagate Technology LLC)
HKU\S-1-5-21-3266970540-2495065241-1426683439-1001\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2016-11-17] (Apple Inc.)
HKU\S-1-5-21-3266970540-2495065241-1426683439-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12012017134246041\...\Run: [Zoom] => [X]
HKU\S-1-5-21-3266970540-2495065241-1426683439-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12012017134246041\...\Run: [Uploader] => C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.Uploader.exe [127816 2016-06-28] (Seagate Technology LLC)
HKU\S-1-5-21-3266970540-2495065241-1426683439-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12012017134246041\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2016-11-17] (Apple Inc.)
HKU\S-1-5-21-3266970540-2495065241-1426683439-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12012017134246188\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [519680 2017-09-29] (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\Parameters: [NameServer] 8.8.8.8
Tcpip\..\Interfaces\{5011f843-20f2-4e8a-83dd-c2ec7d61ac45}: [NameServer] 8.8.8.8
Tcpip\..\Interfaces\{5011f843-20f2-4e8a-83dd-c2ec7d61ac45}: [DhcpNameServer] 8.8.8.8
Tcpip\..\Interfaces\{6bb4f047-2706-11e5-9bbe-806e6f6e6963}: [NameServer] 8.8.8.8
Tcpip\..\Interfaces\{72794e1e-57ee-11e5-9bc2-806e6f6e6963}: [NameServer] 8.8.8.8
Tcpip\..\Interfaces\{72cf2297-471f-4bbf-9092-d3e45e180bb3}: [NameServer] 8.8.8.8
Tcpip\..\Interfaces\{8718928d-cbeb-45ea-a621-800a9249001d}: [NameServer] 8.8.8.8
Tcpip\..\Interfaces\{8fa3eb3e-52bd-48e9-a193-e8264b27efde}: [NameServer] 8.8.8.8
Tcpip\..\Interfaces\{b481a92d-d5f0-11e7-b0f2-806e6f6e6963}: [NameServer] 8.8.8.8
Tcpip\..\Interfaces\{f16c6a2e-8028-4635-af20-f8401b832bae}: [NameServer] 8.8.8.8
Tcpip\..\Interfaces\{f16c6a2e-8028-4635-af20-f8401b832bae}: [DhcpNameServer] 192.168.1.254

Internet Explorer:
==================
HKU\S-1-5-21-3266970540-2495065241-1426683439-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION
HKU\S-1-5-21-3266970540-2495065241-1426683439-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12012017134246041\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-3266970540-2495065241-1426683439-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-3266970540-2495065241-1426683439-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12012017134246041\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
BHO: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\Program Files (x86)\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin64.dll [2015-09-16] (RealDownloader)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2010-01-21] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-01-16] (Microsoft Corporation)
BHO-x32: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\Program Files (x86)\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll [2015-09-16] (RealDownloader)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2010-01-21] (Microsoft Corporation)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\ssv.dll [2015-12-20] (Oracle Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2010-01-16] (Microsoft Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\jp2ssv.dll [2015-12-20] (Oracle Corporation)
Toolbar: HKU\S-1-5-21-3266970540-2495065241-1426683439-1001 -> No Name - {3507FA00-ADA2-4A02-99B9-51AD26CA9120} -  No File
Toolbar: HKU\S-1-5-21-3266970540-2495065241-1426683439-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12012017134246041 -> No Name - {3507FA00-ADA2-4A02-99B9-51AD26CA9120} -  No File

FireFox:
========
FF DefaultProfile: w22ucxj8.default
FF ProfilePath: C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\w22ucxj8.default [2017-11-30]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_27_0_0_187.dll [2017-11-14] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-04] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\Program Files\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [No File]
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2016-10-25] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_27_0_0_187.dll [2017-11-14] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\WINDOWS\SysWOW64\Adobe\Director\np32dsw_1220162.dll [2015-08-31] (Adobe Systems, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=11.66.2 -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\dtplugin\npDeployJava1.dll [2015-12-20] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.66.2 -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\plugin2\npjp2.dll [2015-12-20] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-04] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\Program Files (x86)\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\MICROS~1\Office14\NPSPWRAP.DLL [2010-01-10] (Microsoft Corporation)
FF Plugin-x32: @real.com/nppl3260;version=18.1.0.1236 -> C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll [2015-10-12] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpplugin;version=18.1.0.1236 -> C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpplugin.dll [2015-10-12] (RealTimes)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-14] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-14] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-09-30] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2016-10-25] (Adobe Systems)
FF Plugin HKU\S-1-5-21-3266970540-2495065241-1426683439-1001: @citrixonline.com/appdetectorplugin -> C:\Users\Paul\AppData\Local\Citrix\Plugins\104\npappdetector.dll [2016-10-19] (Citrix Online)
FF Plugin HKU\S-1-5-21-3266970540-2495065241-1426683439-1001: SkypePlugin -> C:\Users\Paul\AppData\Local\SkypePlugin\7.31.0.56\npGatewayNpapi.dll [2017-02-03] (Skype Technologies S.A.)
FF Plugin HKU\S-1-5-21-3266970540-2495065241-1426683439-1001: SkypePlugin64 -> C:\Users\Paul\AppData\Local\SkypePlugin\7.31.0.56\npGatewayNpapi-x64.dll [2017-02-03] (Skype Technologies S.A.)
FF Plugin HKU\S-1-5-21-3266970540-2495065241-1426683439-1001: tdameritrade.com/thinkorswim -> C:\Users\Paul\AppData\Local\thinkorswim\npthinkorswim.dll [2017-04-23] (TD Ameritrade)
FF Plugin HKU\S-1-5-21-3266970540-2495065241-1426683439-1001: tdameritrade.com/tossc -> C:\Users\Paul\AppData\Local\thinkorswim\nptossc.dll [2017-04-23] (TD Ameritrade)
FF Plugin HKU\S-1-5-21-3266970540-2495065241-1426683439-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12012017134246041: @citrixonline.com/appdetectorplugin -> C:\Users\Paul\AppData\Local\Citrix\Plugins\104\npappdetector.dll [2016-10-19] (Citrix Online)
FF Plugin HKU\S-1-5-21-3266970540-2495065241-1426683439-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12012017134246041: SkypePlugin -> C:\Users\Paul\AppData\Local\SkypePlugin\7.31.0.56\npGatewayNpapi.dll [2017-02-03] (Skype Technologies S.A.)
FF Plugin HKU\S-1-5-21-3266970540-2495065241-1426683439-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12012017134246041: SkypePlugin64 -> C:\Users\Paul\AppData\Local\SkypePlugin\7.31.0.56\npGatewayNpapi-x64.dll [2017-02-03] (Skype Technologies S.A.)
FF Plugin HKU\S-1-5-21-3266970540-2495065241-1426683439-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12012017134246041: tdameritrade.com/thinkorswim -> C:\Users\Paul\AppData\Local\thinkorswim\npthinkorswim.dll [2017-04-23] (TD Ameritrade)
FF Plugin HKU\S-1-5-21-3266970540-2495065241-1426683439-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12012017134246041: tdameritrade.com/tossc -> C:\Users\Paul\AppData\Local\thinkorswim\nptossc.dll [2017-04-23] (TD Ameritrade)

Chrome:
=======
CHR Profile: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default [2017-09-22]
CHR Extension: (Google Slides) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-09-22]
CHR Extension: (Google Docs) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-09-22]
CHR Extension: (Google Drive) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-09-22]
CHR Extension: (YouTube) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-09-22]
CHR Extension: (Google Sheets) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-09-22]
CHR Extension: (Avira Browser Safety) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2017-09-22]
CHR Extension: (Google Docs Offline) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-09-22]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-09-22]
CHR Extension: (Gmail) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-09-22]
CHR Extension: (Chrome Media Router) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-09-22]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [744640 2016-10-25] (Adobe Systems Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2257016 2017-08-23] (Adobe Systems, Incorporated)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-04-12] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-04-12] (Dropbox, Inc.)
R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [51016 2017-11-13] (Dropbox, Inc.)
R2 FileZilla Server; C:\Program Files (x86)\FileZilla Server\FileZilla Server.exe [857776 2016-09-22] (FileZilla Project)
S2 i2p; C:\Program Files (x86)\i2p\I2Psvc.exe [389632 2015-12-20] (Tanuki Software, Ltd.) [File not signed]
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6234056 2017-11-01] (Malwarebytes)
R2 ProductAgentService; C:\Program Files\Bitdefender Agent\ProductAgentService.exe [1269824 2017-06-21] (Bitdefender)
R2 RealPlayerUpdateSvc; C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe [33088 2015-09-16] ()
R2 RealTimes Desktop Service; C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpdsvc.exe [1103656 2015-10-12] (RealNetworks, Inc.)
R2 Seagate Dashboard Services; C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.DASWindowsService.exe [16216 2016-06-28] (Seagate Technology LLC)
R2 Seagate MobileBackup Service; C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\MobileService.exe [143656 2016-06-28] (Seagate Technology LLC)
R2 TechSmith Uploader Service; C:\Program Files (x86)\Common Files\TechSmith Shared\Uploader\UploaderService.exe [3408384 2015-01-26] (TechSmith Corporation) [File not signed]
R2 updatesrv; C:\Program Files\Bitdefender Antivirus Free\updatesrv.exe [100392 2017-08-29] (Bitdefender)
R2 vsserv; C:\Program Files\Bitdefender Antivirus Free\vsserv.exe [100392 2017-08-29] (Bitdefender)
R2 vsservppl; C:\Program Files\Bitdefender Antivirus Free\vsservppl.exe [100392 2017-08-29] (Bitdefender)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [355304 2017-09-29] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [105944 2017-09-29] (Microsoft Corporation)
S2 Stereo Service; "C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe" [X]

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 atc; C:\WINDOWS\System32\DRIVERS\atc.sys [1019880 2017-10-13] (BitDefender S.R.L. Bucharest, ROMANIA)
R0 avc3; C:\WINDOWS\System32\DRIVERS\avc3.sys [1763744 2017-08-29] (BitDefender)
S0 bdelam; C:\WINDOWS\System32\drivers\bdelam.sys [23672 2016-03-15] (Bitdefender)
R1 bdfwfpf; C:\Program Files\Bitdefender Antivirus Free\bdfwfpf.sys [127312 2016-02-22] (BitDefender LLC)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.)
R3 edrsensor; C:\WINDOWS\System32\DRIVERS\edrsensor.sys [250504 2017-10-05] (BitDefender S.R.L. Bucharest, ROMANIA)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [77432 2017-11-01] ()
R3 FLxHCIh; C:\WINDOWS\System32\drivers\FLxHCIh.sys [77040 2012-11-08] (Fresco Logic)
R0 gpt_loader; C:\WINDOWS\System32\DRIVERS\gpt_loader.sys [60752 2016-09-01] (Paragon Software Group)
R0 gzflt; C:\WINDOWS\System32\drivers\gzflt.sys [187688 2017-05-11] (BitDefender LLC)
S3 Hfsplus; C:\WINDOWS\System32\DRIVERS\hfsplus.sys [205136 2016-09-01] (Paragon Software Group)
R2 HfsplusRec; C:\WINDOWS\System32\DRIVERS\hfsplusrec.sys [15184 2016-09-01] (Paragon Software Group)
S3 i8042HDR; C:\WINDOWS\system32\DRIVERS\i8042HDR.sys [15920 2009-08-14] (Windows ® Codename Longhorn DDK provider)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [193464 2017-12-01] (Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\system32\DRIVERS\farflt.sys [110016 2017-12-01] (Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [46008 2017-12-01] (Malwarebytes)
R0 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [253880 2017-12-01] (Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [94144 2017-12-01] (Malwarebytes)
R0 mounthlp; C:\WINDOWS\System32\DRIVERS\mounthlp.sys [44880 2016-09-01] (Paragon Software Group)
R3 NETwNe64; C:\WINDOWS\System32\drivers\NETwew00.sys [3341824 2017-09-29] (Intel Corporation)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvamwu.inf_amd64_d4715679184092a8\nvlddmkm.sys [13754936 2016-09-12] (NVIDIA Corporation)
S3 PSKMAD; C:\WINDOWS\System32\DRIVERS\PSKMAD.sys [50320 2015-01-29] (Panda Security, S.L.)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [604160 2017-09-29] (Realtek )
R3 RTSUER; C:\WINDOWS\system32\Drivers\RtsUer.sys [410880 2015-07-08] (Realsil Semiconductor Corporation)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.)
R2 trufos; C:\WINDOWS\System32\drivers\trufos.sys [520032 2016-06-22] (BitDefender S.R.L.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44608 2017-09-29] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [309144 2017-09-29] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [119192 2017-09-29] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2039-08-10 20:09 - 2039-08-10 20:13 - 000000000 ____D C:\Users\Paul\AppData\Roaming\Steinberg
2039-08-10 20:09 - 2039-08-10 20:09 - 000002258 _____ C:\Users\Public\Desktop\Cubase LE AI Elements 7.lnk
2039-08-10 20:09 - 2039-08-10 20:09 - 000000000 ____D C:\ProgramData\Syncrosoft
2039-08-10 20:09 - 2039-08-10 20:09 - 000000000 ____D C:\Program Files (x86)\Syncrosoft
2039-08-10 20:09 - 2039-08-10 20:09 - 000000000 ____D C:\Program Files (x86)\Steinberg
2039-08-10 20:09 - 2017-11-30 15:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steinberg Cubase LE AI Elements 7 32bit
2039-08-10 20:09 - 2016-08-11 00:03 - 000000000 ____D C:\ProgramData\Steinberg
2017-12-01 13:53 - 2017-12-01 13:54 - 000024337 _____ C:\Users\Paul\Desktop\FRST.txt
2017-12-01 13:53 - 2017-12-01 13:53 - 000000000 ____D C:\FRST
2017-12-01 13:52 - 2017-12-01 13:52 - 002391552 _____ (Farbar) C:\Users\Paul\Desktop\FRST64.exe
2017-12-01 13:40 - 2017-12-01 13:40 - 000193464 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2017-12-01 13:39 - 2017-12-01 13:42 - 000110016 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2017-12-01 13:39 - 2017-12-01 13:42 - 000094144 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2017-12-01 13:39 - 2017-12-01 13:42 - 000046008 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2017-12-01 13:39 - 2017-12-01 13:39 - 000253880 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2017-12-01 13:39 - 2017-12-01 13:39 - 000001912 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2017-12-01 13:39 - 2017-12-01 13:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2017-12-01 13:39 - 2017-12-01 13:39 - 000000000 ____D C:\Program Files\Malwarebytes
2017-12-01 13:39 - 2017-11-01 08:54 - 000077432 _____ C:\WINDOWS\system32\Drivers\mbae64.sys
2017-12-01 13:38 - 2017-12-01 13:39 - 078346672 _____ (Malwarebytes ) C:\Users\Paul\Downloads\mb3-setup-consumer-3.3.1.2183.exe
2017-11-30 20:13 - 2017-10-25 04:11 - 017083904 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
2017-11-30 20:13 - 2017-10-25 04:11 - 000336896 _____ (Microsoft Corporation) C:\WINDOWS\system32\HolographicRuntimes.dll
2017-11-30 20:13 - 2017-10-25 04:09 - 021753344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2017-11-30 20:13 - 2017-10-25 03:57 - 000956416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Spectrum.exe
2017-11-30 20:13 - 2017-10-25 03:57 - 000882688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Mirage.Internal.dll
2017-11-30 20:13 - 2017-10-25 03:56 - 000665600 _____ (Microsoft Corporation) C:\WINDOWS\system32\DHolographicDisplay.dll
2017-11-30 20:13 - 2017-10-25 01:36 - 000618496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.Internal.dll
2017-11-30 20:13 - 2017-10-24 23:41 - 000362176 _____ (Microsoft Corporation) C:\WINDOWS\system32\BioIso.exe
2017-11-30 20:13 - 2017-10-24 23:40 - 001634288 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2017-11-30 20:13 - 2017-10-24 23:40 - 000612760 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2017-11-30 20:13 - 2017-10-24 23:40 - 000269696 _____ C:\WINDOWS\system32\FaceProcessorCore.dll
2017-11-30 20:13 - 2017-10-24 23:39 - 007831248 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
2017-11-30 20:13 - 2017-10-24 23:39 - 000479912 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64win.dll
2017-11-30 20:13 - 2017-10-24 23:39 - 000285080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2017-11-30 20:13 - 2017-10-24 23:37 - 001954048 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2017-11-30 20:13 - 2017-10-24 23:37 - 000610712 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2017-11-30 20:13 - 2017-10-24 23:36 - 008590744 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2017-11-30 20:13 - 2017-10-24 23:36 - 002400664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2017-11-30 20:13 - 2017-10-24 23:36 - 000187288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2017-11-30 20:13 - 2017-10-24 23:34 - 002573208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2017-11-30 20:13 - 2017-10-24 23:34 - 000839928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Perception.Stub.dll
2017-11-30 20:13 - 2017-10-24 23:34 - 000710920 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2017-11-30 20:13 - 2017-10-24 23:32 - 000559512 _____ C:\WINDOWS\system32\Drivers\storport.sys
2017-11-30 20:13 - 2017-10-24 23:32 - 000147864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wcifs.sys
2017-11-30 20:13 - 2017-10-24 23:31 - 000436120 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostCommon.dll
2017-11-30 20:13 - 2017-10-24 23:31 - 000045464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storufs.sys
2017-11-30 20:13 - 2017-10-24 23:30 - 004487968 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2017-11-30 20:13 - 2017-10-24 23:30 - 000555416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2017-11-30 20:13 - 2017-10-24 23:29 - 002269080 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
2017-11-30 20:13 - 2017-10-24 23:29 - 001507736 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2017-11-30 20:13 - 2017-10-24 23:29 - 000603920 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2017-11-30 20:13 - 2017-10-24 23:28 - 001170008 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2017-11-30 20:13 - 2017-10-24 23:27 - 006791472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2017-11-30 20:13 - 2017-10-24 23:27 - 001970520 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2017-11-30 20:13 - 2017-10-24 23:27 - 001426152 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2017-11-30 20:13 - 2017-10-24 23:27 - 000374032 _____ (Microsoft Corporation) C:\WINDOWS\system32\vac.exe
2017-11-30 20:13 - 2017-10-24 23:24 - 000428952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2017-11-30 20:13 - 2017-10-24 23:20 - 002717392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2017-11-30 20:13 - 2017-10-24 22:52 - 001615720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2017-11-30 20:13 - 2017-10-24 22:50 - 001528904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2017-11-30 20:13 - 2017-10-24 22:36 - 025246208 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2017-11-30 20:13 - 2017-10-24 22:30 - 005615968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
2017-11-30 20:13 - 2017-10-24 22:30 - 000354200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostCommon.dll
2017-11-30 20:13 - 2017-10-24 22:28 - 004648528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2017-11-30 20:13 - 2017-10-24 22:28 - 001246432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2017-11-30 20:13 - 2017-10-24 22:28 - 000982016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2017-11-30 20:13 - 2017-10-24 22:27 - 001454568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll
2017-11-30 20:13 - 2017-10-24 22:27 - 001377080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2017-11-30 20:13 - 2017-10-24 22:27 - 001015008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2017-11-30 20:13 - 2017-10-24 22:24 - 000506256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Perception.Stub.dll
2017-11-30 20:13 - 2017-10-24 22:22 - 006015200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2017-11-30 20:13 - 2017-10-24 22:22 - 002465848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2017-11-30 20:13 - 2017-10-24 22:19 - 003670016 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2017-11-30 20:13 - 2017-10-24 22:19 - 000097792 _____ C:\WINDOWS\system32\runexehelper.exe
2017-11-30 20:13 - 2017-10-24 22:18 - 000975872 _____ C:\WINDOWS\system32\FaceProcessor.dll
2017-11-30 20:13 - 2017-10-24 22:18 - 000328192 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcGenral.dll
2017-11-30 20:13 - 2017-10-24 22:18 - 000301056 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcLayers.dll
2017-11-30 20:13 - 2017-10-24 22:18 - 000135168 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_CapabilityAccess.dll
2017-11-30 20:13 - 2017-10-24 22:18 - 000095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\CapabilityAccessManagerClient.dll
2017-11-30 20:13 - 2017-10-24 22:18 - 000056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcSpecfc.dll
2017-11-30 20:13 - 2017-10-24 22:16 - 023658496 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2017-11-30 20:13 - 2017-10-24 22:16 - 000227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\CapabilityAccessManager.dll
2017-11-30 20:13 - 2017-10-24 22:16 - 000114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\UcmCx.sys
2017-11-30 20:13 - 2017-10-24 22:16 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
2017-11-30 20:13 - 2017-10-24 22:15 - 000140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2017-11-30 20:13 - 2017-10-24 22:14 - 000541184 _____ (Microsoft Corporation) C:\WINDOWS\system32\HolographicExtensions.dll
2017-11-30 20:13 - 2017-10-24 22:14 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdrleakdiag.exe
2017-11-30 20:13 - 2017-10-24 22:13 - 013655552 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2017-11-30 20:13 - 2017-10-24 22:13 - 002972672 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2017-11-30 20:13 - 2017-10-24 22:12 - 000708096 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2017-11-30 20:13 - 2017-10-24 22:12 - 000599040 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2017-11-30 20:13 - 2017-10-24 22:12 - 000568832 _____ (Microsoft Corporation) C:\WINDOWS\system32\TileDataRepository.dll
2017-11-30 20:13 - 2017-10-24 22:11 - 000768512 _____ (Microsoft Corporation) C:\WINDOWS\system32\PCPKsp.dll
2017-11-30 20:13 - 2017-10-24 22:10 - 008099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2017-11-30 20:13 - 2017-10-24 22:10 - 004742144 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2017-11-30 20:13 - 2017-10-24 22:10 - 001167360 _____ (Microsoft Corporation) C:\WINDOWS\system32\ISM.dll
2017-11-30 20:13 - 2017-10-24 22:09 - 002862080 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2017-11-30 20:13 - 2017-10-24 22:09 - 002106368 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2017-11-30 20:13 - 2017-10-24 22:09 - 001806336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
2017-11-30 20:13 - 2017-10-24 22:09 - 000812032 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2017-11-30 20:13 - 2017-10-24 22:08 - 002905600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2017-11-30 20:13 - 2017-10-24 22:08 - 002781696 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2017-11-30 20:13 - 2017-10-24 22:08 - 002633216 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2017-11-30 20:13 - 2017-10-24 22:08 - 002392576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcGenral.dll
2017-11-30 20:13 - 2017-10-24 22:08 - 001667584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Input.Inking.dll
2017-11-30 20:13 - 2017-10-24 22:08 - 000654848 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2017-11-30 20:13 - 2017-10-24 22:08 - 000487424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcSpecfc.dll
2017-11-30 20:13 - 2017-10-24 22:08 - 000465408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2017-11-30 20:13 - 2017-10-24 22:07 - 018914304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2017-11-30 20:13 - 2017-10-24 22:07 - 003478016 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2017-11-30 20:13 - 2017-10-24 22:07 - 001485824 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2017-11-30 20:13 - 2017-10-24 22:07 - 000685056 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2017-11-30 20:13 - 2017-10-24 22:07 - 000372224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcLayers.dll
2017-11-30 20:13 - 2017-10-24 22:07 - 000064512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CapabilityAccessManagerClient.dll
2017-11-30 20:13 - 2017-10-24 22:06 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll
2017-11-30 20:13 - 2017-10-24 22:05 - 019339776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2017-11-30 20:13 - 2017-10-24 22:05 - 000106496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2017-11-30 20:13 - 2017-10-24 22:05 - 000022528 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtcVSp1res.dll
2017-11-30 20:13 - 2017-10-24 22:04 - 000124928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\luafv.sys
2017-11-30 20:13 - 2017-10-24 22:04 - 000041984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdrleakdiag.exe
2017-11-30 20:13 - 2017-10-24 22:03 - 000450048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TileDataRepository.dll
2017-11-30 20:13 - 2017-10-24 22:02 - 000591872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PCPKsp.dll
2017-11-30 20:13 - 2017-10-24 22:01 - 012687360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2017-11-30 20:13 - 2017-10-24 22:01 - 000462848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2017-11-30 20:13 - 2017-10-24 21:59 - 003679232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2017-11-30 20:13 - 2017-10-24 21:59 - 000664576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2017-11-30 20:13 - 2017-10-24 21:58 - 002467840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2017-11-30 20:13 - 2017-10-24 21:58 - 001322496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Input.Inking.dll
2017-11-30 20:13 - 2017-10-24 21:58 - 001280000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll
2017-11-30 20:13 - 2017-10-24 21:57 - 006035968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2017-11-30 20:13 - 2017-10-24 21:55 - 002864640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll
2017-11-30 20:13 - 2017-10-24 21:54 - 000022528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdtcVSp1res.dll
2017-11-30 20:13 - 2017-10-21 07:25 - 003313968 _____ C:\WINDOWS\system32\Windows.Mirage.dll
2017-11-30 20:13 - 2017-10-20 09:17 - 002474584 _____ C:\WINDOWS\SysWOW64\Windows.Mirage.dll
2017-11-30 20:13 - 2017-10-20 00:08 - 000339968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msexcl40.dll
2017-11-30 20:13 - 2017-10-10 02:14 - 000139672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecdd.sys
2017-11-30 20:13 - 2017-10-10 02:11 - 000739696 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2017-11-30 20:13 - 2017-10-10 02:10 - 001200024 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2017-11-30 20:13 - 2017-10-10 02:01 - 005906264 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2017-11-30 20:13 - 2017-10-10 02:00 - 001053592 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2017-11-30 20:13 - 2017-10-10 02:00 - 000373656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2017-11-30 20:13 - 2017-10-10 01:59 - 001641536 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2017-11-30 20:13 - 2017-10-10 01:59 - 000778936 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2017-11-30 20:13 - 2017-10-10 01:54 - 001463856 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2017-11-30 20:13 - 2017-10-10 01:53 - 000464416 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll
2017-11-30 20:13 - 2017-10-10 01:53 - 000232344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2017-11-30 20:13 - 2017-10-10 01:51 - 000184984 _____ (Microsoft Corporation) C:\WINDOWS\system32\sspicli.dll
2017-11-30 20:13 - 2017-10-10 01:49 - 001554216 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2017-11-30 20:13 - 2017-10-10 01:49 - 000060824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\urscx01000.sys
2017-11-30 20:13 - 2017-10-10 01:48 - 000677280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2017-11-30 20:13 - 2017-10-10 01:44 - 000246168 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2017-11-30 20:13 - 2017-10-10 01:43 - 000418712 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2017-11-30 20:13 - 2017-10-10 01:36 - 001436432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2017-11-30 20:13 - 2017-10-10 01:31 - 001323840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2017-11-30 20:13 - 2017-10-10 01:30 - 000123520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sspicli.dll
2017-11-30 20:13 - 2017-10-10 01:26 - 000649304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2017-11-30 20:13 - 2017-10-10 01:11 - 000597160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2017-11-30 20:13 - 2017-10-10 01:07 - 001261864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2017-11-30 20:13 - 2017-10-10 01:06 - 000353688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2017-11-30 20:13 - 2017-10-10 00:46 - 001470976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2017-11-30 20:13 - 2017-10-10 00:46 - 000136192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\t2embed.dll
2017-11-30 20:13 - 2017-10-10 00:43 - 000566272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TpmCoreProvisioning.dll
2017-11-30 20:13 - 2017-10-10 00:43 - 000070656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XblAuthTokenBrokerExt.dll
2017-11-30 20:13 - 2017-10-10 00:42 - 000374784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FirewallAPI.dll
2017-11-30 20:13 - 2017-10-10 00:42 - 000326144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptngc.dll
2017-11-30 20:13 - 2017-10-10 00:37 - 002869248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2017-11-30 20:13 - 2017-10-10 00:37 - 001587200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2017-11-30 20:13 - 2017-10-10 00:37 - 001559552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2017-11-30 20:13 - 2017-10-10 00:36 - 001664000 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2017-11-30 20:13 - 2017-10-10 00:36 - 000177664 _____ (Microsoft Corporation) C:\WINDOWS\system32\t2embed.dll
2017-11-30 20:13 - 2017-10-10 00:34 - 000057344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\UcmUcsi.sys
2017-11-30 20:13 - 2017-10-10 00:34 - 000034816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BasicRender.sys
2017-11-30 20:13 - 2017-10-10 00:34 - 000028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\sspisrv.dll
2017-11-30 20:13 - 2017-10-10 00:33 - 000086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthTokenBrokerExt.dll
2017-11-30 20:13 - 2017-10-10 00:33 - 000058880 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmTasks.dll
2017-11-30 20:13 - 2017-10-10 00:32 - 000529408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys
2017-11-30 20:13 - 2017-10-10 00:32 - 000461312 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll
2017-11-30 20:13 - 2017-10-10 00:31 - 000665088 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmCoreProvisioning.dll
2017-11-30 20:13 - 2017-10-10 00:31 - 000478208 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnr.dll
2017-11-30 20:13 - 2017-10-10 00:30 - 000542208 _____ (Microsoft Corporation) C:\WINDOWS\system32\FirewallAPI.dll
2017-11-30 20:13 - 2017-10-10 00:30 - 000442880 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptngc.dll
2017-11-30 20:13 - 2017-10-10 00:27 - 001547264 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2017-11-30 20:13 - 2017-10-10 00:26 - 003334144 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2017-11-30 20:13 - 2017-10-10 00:26 - 001856000 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2017-11-30 20:13 - 2017-10-10 00:25 - 001822208 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2017-11-30 20:13 - 2017-10-10 00:25 - 000925184 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2017-11-30 20:13 - 2017-10-10 00:24 - 000726016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2017-11-30 20:13 - 2017-10-10 00:24 - 000422912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2017-11-30 20:13 - 2017-10-10 00:24 - 000285696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb10.sys
2017-11-30 20:13 - 2017-10-03 17:42 - 000640512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mswstr10.dll
2017-11-30 20:13 - 2017-10-03 17:42 - 000008704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjint40.dll
2017-11-30 19:45 - 2017-11-30 19:45 - 000000000 ___HD C:\Users\Administrator\MicrosoftEdgeBackups
2017-11-30 19:44 - 2017-11-30 19:44 - 000000020 ___SH C:\Users\Administrator\ntuser.ini
2017-11-30 19:44 - 2017-11-30 19:44 - 000000000 ___RD C:\Users\Administrator\3D Objects
2017-11-30 19:44 - 2017-11-30 19:44 - 000000000 ____D C:\Users\Administrator\AppData\Local\VirtualStore
2017-11-30 19:44 - 2017-11-30 19:44 - 000000000 ____D C:\Users\Administrator\AppData\Local\MicrosoftEdge
2017-11-30 19:44 - 2017-11-30 19:44 - 000000000 ____D C:\Users\Administrator\AppData\Local\ConnectedDevicesPlatform
2017-11-30 15:03 - 2017-11-30 12:16 - 000000000 ____D C:\Windows.old
2017-11-30 15:00 - 2017-11-30 15:03 - 000000000 ____D C:\WINDOWS\system32\config\bbimigrate
2017-11-30 15:00 - 2017-11-30 15:00 - 000000000 ____D C:\WINDOWS\ServiceProfiles
2017-11-30 14:59 - 2017-11-30 15:03 - 000000000 ____D C:\Program Files (x86)\MSBuild
2017-11-30 14:59 - 2017-11-30 14:59 - 000008192 _____ C:\WINDOWS\system32\config\userdiff
2017-11-30 14:59 - 2017-11-30 14:59 - 000000000 ____D C:\Program Files\Reference Assemblies
2017-11-30 14:59 - 2017-11-30 14:59 - 000000000 ____D C:\Program Files\MSBuild
2017-11-30 14:59 - 2017-11-30 14:59 - 000000000 ____D C:\Program Files (x86)\Reference Assemblies
2017-11-30 14:58 - 2017-09-28 18:50 - 001166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2017-11-30 14:58 - 2017-09-28 18:50 - 000124624 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2017-11-30 14:58 - 2017-09-28 18:50 - 000035456 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2017-11-30 14:58 - 2017-09-22 21:19 - 000778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2017-11-30 14:58 - 2017-09-22 21:19 - 000103120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2017-11-30 14:58 - 2017-09-22 21:19 - 000035456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2017-11-30 12:27 - 2017-11-30 12:27 - 000003354 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3266970540-2495065241-1426683439-1001
2017-11-30 12:26 - 2017-11-30 12:26 - 000000000 ____D C:\ProgramData\Microsoft OneDrive
2017-11-30 12:25 - 2017-11-30 22:52 - 000000000 ____D C:\Users\Paul\AppData\Local\PackageStaging
2017-11-30 12:25 - 2017-11-30 12:26 - 000000000 ____D C:\Users\Paul\AppData\Local\ConnectedDevicesPlatform
2017-11-30 12:25 - 2017-11-30 12:25 - 000000020 ___SH C:\Users\Paul\ntuser.ini
2017-11-30 12:25 - 2017-11-30 12:25 - 000000000 ___HD C:\Users\Paul\MicrosoftEdgeBackups
2017-11-30 12:21 - 2017-11-30 12:21 - 000000000 ____D C:\ProgramData\USOShared
2017-11-30 12:14 - 2017-12-01 13:42 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-11-30 12:14 - 2017-11-30 12:27 - 000003802 _____ C:\WINDOWS\System32\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864
2017-11-30 12:14 - 2017-11-30 12:15 - 000015243 _____ C:\WINDOWS\diagwrn.xml
2017-11-30 12:14 - 2017-11-30 12:15 - 000015243 _____ C:\WINDOWS\diagerr.xml
2017-11-30 12:14 - 2017-11-30 12:14 - 000003482 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2017-11-30 12:14 - 2017-11-30 12:14 - 000003428 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskMachineUA
2017-11-30 12:14 - 2017-11-30 12:14 - 000003344 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2017-11-30 12:14 - 2017-11-30 12:14 - 000003278 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2017-11-30 12:14 - 2017-11-30 12:14 - 000003232 _____ C:\WINDOWS\System32\Tasks\G2MUploadTask-S-1-5-21-3266970540-2495065241-1426683439-1001
2017-11-30 12:14 - 2017-11-30 12:14 - 000003204 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskMachineCore
2017-11-30 12:14 - 2017-11-30 12:14 - 000003136 _____ C:\WINDOWS\System32\Tasks\G2MUpdateTask-S-1-5-21-3266970540-2495065241-1426683439-1001
2017-11-30 12:14 - 2017-11-30 12:14 - 000003124 _____ C:\WINDOWS\System32\Tasks\TechSmith Updater
2017-11-30 12:14 - 2017-11-30 12:14 - 000003120 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2017-11-30 12:14 - 2017-11-30 12:14 - 000002856 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3266970540-2495065241-1426683439-500
2017-11-30 12:14 - 2017-11-30 12:14 - 000002814 _____ C:\WINDOWS\System32\Tasks\[email protected]
2017-11-30 12:14 - 2017-11-30 12:14 - 000002784 _____ C:\WINDOWS\System32\Tasks\Seagate_Install_Launch
2017-11-30 12:14 - 2017-11-30 12:14 - 000002658 _____ C:\WINDOWS\System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-3266970540-2495065241-1426683439-1001
2017-11-30 12:14 - 2017-11-30 12:14 - 000002524 _____ C:\WINDOWS\System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-3266970540-2495065241-1426683439-1001
2017-11-30 12:14 - 2017-11-30 12:14 - 000002496 _____ C:\WINDOWS\System32\Tasks\Private Internet Access Startup
2017-11-30 12:14 - 2017-11-30 12:14 - 000002346 _____ C:\WINDOWS\System32\Tasks\RtHDVBg_ListenToDevice
2017-11-30 12:14 - 2017-11-30 12:14 - 000002280 _____ C:\WINDOWS\System32\Tasks\RTKCPL
2017-11-30 12:14 - 2017-11-30 12:14 - 000002240 _____ C:\WINDOWS\System32\Tasks\{7696699D-4963-4E1E-A552-E725826C77DF}
2017-11-30 12:14 - 2017-11-30 12:14 - 000000000 ____D C:\WINDOWS\System32\Tasks\WPD
2017-11-30 12:14 - 2017-11-30 12:14 - 000000000 ____D C:\WINDOWS\System32\Tasks\OfficeSoftwareProtectionPlatform
2017-11-30 12:14 - 2017-11-30 12:14 - 000000000 ____D C:\WINDOWS\System32\Tasks\McAfee
2017-11-30 12:14 - 2017-11-30 12:14 - 000000000 ____D C:\WINDOWS\System32\Tasks\Apple
2017-11-30 12:09 - 2017-11-30 12:09 - 000001576 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2017-11-30 12:08 - 2017-11-30 19:45 - 000000000 ____D C:\Users\Administrator
2017-11-30 12:08 - 2017-11-30 12:25 - 000000000 ____D C:\Users\Paul
2017-11-30 12:08 - 2017-11-30 12:12 - 000000000 ____D C:\Users\UpdatusUser
2017-11-30 12:08 - 2017-09-29 08:41 - 002241024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2017-11-30 12:07 - 2016-08-01 07:54 - 000547896 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2017-11-30 12:07 - 2016-08-01 07:54 - 000081856 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2017-11-30 12:05 - 2017-12-01 13:37 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2017-11-30 12:05 - 2017-11-30 22:45 - 005071776 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-11-27 11:40 - 2017-11-27 11:50 - 000000000 ____D C:\Users\Paul\Documents\UserTesting
2017-11-27 11:31 - 2017-11-27 11:46 - 000000000 ____D C:\Users\Paul\AppData\Local\UserTestingPlugin
2017-11-27 11:31 - 2017-11-27 11:31 - 017797624 _____ C:\Users\Paul\Downloads\InstallUserTesting-v2.0.exe
2017-11-21 14:28 - 2017-11-30 12:25 - 000000000 ___DC C:\WINDOWS\Panther
2017-11-16 18:57 - 2017-11-16 18:57 - 000000000 ____D C:\WINDOWS\UpdateAssistant
2017-11-14 16:46 - 2017-11-30 15:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2017-11-13 05:26 - 2017-11-13 05:26 - 000051016 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe
2017-11-13 05:26 - 2017-11-13 05:26 - 000045672 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-dev.sys
2017-11-13 05:26 - 2017-11-13 05:26 - 000045640 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-stable.sys
2017-11-13 05:26 - 2017-11-13 05:26 - 000045640 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-canary.sys
2017-11-11 14:05 - 2017-11-19 10:10 - 000000000 ____D C:\Users\Paul\Downloads\New folder (18)
2017-11-09 09:34 - 2017-11-15 12:21 - 000000000 ____D C:\Users\Paul\Downloads\New folder (17)
2017-11-06 13:47 - 2017-11-06 13:47 - 000000000 _____ C:\Users\Paul\AppData\Local\{2E6B95B3-E11D-48BC-82A9-589D3A080A04}
2017-11-03 12:47 - 2017-11-03 12:47 - 000000000 _____ C:\Users\Paul\AppData\Local\{97388CC7-7989-4B04-BEDD-F8C12AA3D4F2}
2017-11-01 12:47 - 2017-11-01 12:47 - 000000000 _____ C:\Users\Paul\AppData\Local\{5FB3EA0D-4E60-41A0-B418-7802E45A73DA}

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2039-08-10 20:09 - 2015-11-09 18:41 - 000002892 _____ () C:\WINDOWS\SysWOW64\audcon.sys
2022-08-09 11:06 - 2015-11-09 18:43 - 000000000 ____D C:\Users\Paul\Documents\Steinberg
2017-12-01 13:48 - 2015-09-10 14:11 - 000943624 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-12-01 13:47 - 2017-08-21 14:58 - 000000000 ____D C:\Program Files\Bitdefender Antivirus Free
2017-12-01 13:43 - 2016-11-19 18:01 - 000000000 ____D C:\Users\Paul\AppData\LocalLow\Mozilla
2017-12-01 13:42 - 2017-09-29 03:45 - 001572864 _____ C:\WINDOWS\system32\config\BBI
2017-12-01 13:42 - 2017-09-29 03:45 - 000065536 _____ C:\WINDOWS\system32\config\ELAM
2017-12-01 13:39 - 2015-09-15 00:21 - 000000000 ____D C:\ProgramData\Malwarebytes
2017-12-01 11:41 - 2017-09-29 08:46 - 000000000 ____D C:\WINDOWS\DeliveryOptimization
2017-12-01 11:40 - 2017-09-29 08:46 - 000000000 ___HD C:\Program Files\WindowsApps
2017-12-01 11:40 - 2017-09-29 08:46 - 000000000 ____D C:\WINDOWS\AppReadiness
2017-12-01 11:40 - 2016-11-04 17:33 - 000000000 ____D C:\Users\Paul\AppData\Local\Adobe
2017-11-30 22:55 - 2017-09-29 08:44 - 000000000 ____D C:\WINDOWS\INF
2017-11-30 22:51 - 2016-11-29 16:10 - 000000000 ____D C:\Users\Administrator\AppData\LocalLow\Mozilla
2017-11-30 22:46 - 2015-09-15 01:39 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\Mozilla
2017-11-30 22:44 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\zu-ZA
2017-11-30 22:44 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\yo-NG
2017-11-30 22:44 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\xh-ZA
2017-11-30 22:44 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\wo-SN
2017-11-30 22:44 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\vi-VN
2017-11-30 22:44 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\uz-Latn-UZ
2017-11-30 22:44 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\ur-PK
2017-11-30 22:44 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\ug-CN
2017-11-30 22:44 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\tt-RU
2017-11-30 22:44 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\tn-ZA
2017-11-30 22:44 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\tk-TM
2017-11-30 22:44 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\ti-ET
2017-11-30 22:44 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\tg-Cyrl-TJ
2017-11-30 22:44 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\te-IN
2017-11-30 22:44 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\ta-IN
2017-11-30 22:44 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\sw-KE
2017-11-30 22:44 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\sr-Cyrl-RS
2017-11-30 22:44 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\sr-Cyrl-BA
2017-11-30 22:44 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\sq-AL
2017-11-30 22:44 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\si-LK
2017-11-30 22:44 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\sd-Arab-PK
2017-11-30 22:44 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\rw-RW
2017-11-30 22:44 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\quz-PE
2017-11-30 22:44 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\quc-Latn-GT
2017-11-30 22:44 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\prs-AF
2017-11-30 22:44 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\pa-IN
2017-11-30 22:44 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\pa-Arab-PK
2017-11-30 22:44 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\or-IN
2017-11-30 22:44 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\nso-ZA
2017-11-30 22:44 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\nn-NO
2017-11-30 22:44 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\ne-NP
2017-11-30 22:44 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\mt-MT
2017-11-30 22:44 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\mr-IN
2017-11-30 22:44 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\mn-MN
2017-11-30 22:44 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\ml-IN
2017-11-30 22:44 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\mk-MK
2017-11-30 22:44 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\mi-NZ
2017-11-30 22:44 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\lo-LA
2017-11-30 22:44 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\lb-LU
2017-11-30 22:44 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\ky-KG
2017-11-30 22:44 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\ku-Arab-IQ
2017-11-30 22:44 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\kok-IN
2017-11-30 22:44 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\kn-IN
2017-11-30 22:44 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\km-KH
2017-11-30 22:44 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\kk-KZ
2017-11-30 22:44 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\ka-GE
2017-11-30 22:44 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\is-IS
2017-11-30 22:44 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\ig-NG
2017-11-30 22:44 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\id-ID
2017-11-30 22:44 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\hy-AM
2017-11-30 22:44 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\ha-Latn-NG
2017-11-30 22:44 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\gu-IN
2017-11-30 22:44 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\gd-GB
2017-11-30 22:44 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\ga-IE
2017-11-30 22:44 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\fil-PH
2017-11-30 22:44 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\fa-IR
2017-11-30 22:44 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\cy-GB
2017-11-30 22:44 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\chr-CHER-US
2017-11-30 22:44 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\ca-ES-valencia
2017-11-30 22:44 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\bs-Latn-BA
2017-11-30 22:44 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\bn-IN
2017-11-30 22:44 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\bn-BD
2017-11-30 22:44 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\be-BY
2017-11-30 22:44 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\az-Latn-AZ
2017-11-30 22:44 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\as-IN
2017-11-30 22:44 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\am-ET
2017-11-30 22:44 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\af-ZA
2017-11-30 22:44 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\zu-ZA
2017-11-30 22:44 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\yo-NG
2017-11-30 22:44 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\xh-ZA
2017-11-30 22:44 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\wo-SN
2017-11-30 22:44 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\vi-VN
2017-11-30 22:44 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\uz-Latn-UZ
2017-11-30 22:44 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\ur-PK
2017-11-30 22:44 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\ug-CN
2017-11-30 22:44 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\tt-RU
2017-11-30 22:44 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\tn-ZA
2017-11-30 22:44 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\tk-TM
2017-11-30 22:44 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\ti-ET
2017-11-30 22:44 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\tg-Cyrl-TJ
2017-11-30 22:44 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\te-IN
2017-11-30 22:44 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\ta-IN
2017-11-30 22:44 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\sw-KE
2017-11-30 22:44 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\sr-Cyrl-RS
2017-11-30 22:44 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\sr-Cyrl-BA
2017-11-30 22:44 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\sq-AL
2017-11-30 22:44 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\si-LK
2017-11-30 22:44 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\sd-Arab-PK
2017-11-30 22:44 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\rw-RW
2017-11-30 22:44 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\quz-PE
2017-11-30 22:44 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\quc-Latn-GT
2017-11-30 22:44 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\prs-AF
2017-11-30 22:44 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\pa-IN
2017-11-30 22:44 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\pa-Arab-PK
2017-11-30 22:44 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\or-IN
2017-11-30 22:44 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\nso-ZA
2017-11-30 22:44 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\nn-NO
2017-11-30 22:44 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\ne-NP
2017-11-30 22:44 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\mt-MT
2017-11-30 22:44 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\mr-IN
2017-11-30 22:44 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\mn-MN
2017-11-30 22:44 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\ml-IN
2017-11-30 22:44 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\mk-MK
2017-11-30 22:44 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\mi-NZ
2017-11-30 22:44 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\lo-LA
2017-11-30 22:44 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\lb-LU
2017-11-30 22:44 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\ky-KG
2017-11-30 22:44 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\ku-Arab-IQ
2017-11-30 22:44 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\kok-IN
2017-11-30 22:44 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\kn-IN
2017-11-30 22:44 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\km-KH
2017-11-30 22:44 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\kk-KZ
2017-11-30 22:44 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\ka-GE
2017-11-30 22:44 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\is-IS
2017-11-30 22:44 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\ig-NG
2017-11-30 22:44 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\id-ID
2017-11-30 22:44 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\hy-AM
2017-11-30 22:44 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\ha-Latn-NG
2017-11-30 22:44 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\gu-IN
2017-11-30 22:44 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\gd-GB
2017-11-30 22:44 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\ga-IE
2017-11-30 22:44 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\fil-PH
2017-11-30 22:44 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\fa-IR
2017-11-30 22:44 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\cy-GB
2017-11-30 22:44 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\chr-CHER-US
2017-11-30 22:44 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\ca-ES-valencia
2017-11-30 22:44 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\bs-Latn-BA
2017-11-30 22:44 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\bn-IN
2017-11-30 22:44 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\bn-BD
2017-11-30 22:44 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\be-BY
2017-11-30 22:44 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\az-Latn-AZ
2017-11-30 22:44 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\as-IN
2017-11-30 22:44 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\am-ET
2017-11-30 22:44 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\af-ZA
2017-11-30 22:44 - 2017-09-29 08:46 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2017-11-30 22:44 - 2017-09-29 08:46 - 000000000 ___SD C:\WINDOWS\system32\F12
2017-11-30 22:44 - 2017-09-29 08:46 - 000000000 ____D C:\WINDOWS\TextInput
2017-11-30 22:44 - 2017-09-29 08:46 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2017-11-30 22:44 - 2017-09-29 08:46 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2017-11-30 22:44 - 2017-09-29 08:46 - 000000000 ____D C:\WINDOWS\system32\appraiser
2017-11-30 22:44 - 2017-09-29 03:45 - 000000000 ____D C:\WINDOWS\system32\Dism
2017-11-30 20:14 - 2017-09-29 08:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2017-11-30 20:01 - 2015-09-15 01:29 - 000000000 ____D C:\Users\Administrator\AppData\Local\Packages
2017-11-30 19:53 - 2015-09-15 01:30 - 000002421 _____ C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-11-30 19:53 - 2015-09-15 01:30 - 000000000 ___RD C:\Users\Administrator\OneDrive
2017-11-30 19:44 - 2016-04-27 01:39 - 000000000 __RHD C:\Users\Public\AccountPictures
2017-11-30 19:44 - 2015-09-15 01:29 - 000000000 ____D C:\Users\Administrator\AppData\Local\TileDataLayer
2017-11-30 15:05 - 2017-09-29 08:46 - 000028672 _____ C:\WINDOWS\system32\config\BCD-Template
2017-11-30 15:03 - 2017-10-29 18:55 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Celtx
2017-11-30 15:03 - 2017-09-29 08:49 - 000000000 ____D C:\WINDOWS\Setup
2017-11-30 15:03 - 2017-09-29 08:46 - 000000000 __RHD C:\Users\Public\Libraries
2017-11-30 15:03 - 2017-09-29 08:46 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2017-11-30 15:03 - 2017-09-29 08:46 - 000000000 ____D C:\WINDOWS\system32\spool
2017-11-30 15:03 - 2017-09-29 08:46 - 000000000 ____D C:\WINDOWS\system32\oobe
2017-11-30 15:03 - 2017-09-29 08:46 - 000000000 ____D C:\WINDOWS\system32\NDF
2017-11-30 15:03 - 2017-09-29 08:46 - 000000000 ____D C:\WINDOWS\system32\Macromed
2017-11-30 15:03 - 2017-09-29 08:46 - 000000000 ____D C:\WINDOWS\system32\InputMethod
2017-11-30 15:03 - 2017-09-29 08:46 - 000000000 ____D C:\WINDOWS\System
2017-11-30 15:03 - 2017-09-29 08:46 - 000000000 ____D C:\WINDOWS\InputMethod
2017-11-30 15:03 - 2017-09-29 08:46 - 000000000 ____D C:\WINDOWS\Help
2017-11-30 15:03 - 2017-09-29 08:46 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2017-11-30 15:03 - 2017-08-21 14:59 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bitdefender Antivirus Free
2017-11-30 15:03 - 2017-07-19 06:29 - 000000000 ____D C:\WINDOWS\system32\DBBK
2017-11-30 15:03 - 2017-07-06 19:39 - 000000000 ____D C:\Program Files\UNP
2017-11-30 15:03 - 2017-01-23 20:28 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net
2017-11-30 15:03 - 2016-12-28 16:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla Server
2017-11-30 15:03 - 2016-12-18 01:43 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud
2017-11-30 15:03 - 2016-12-07 17:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2017-11-30 15:03 - 2016-11-29 16:55 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Seagate Dashboard
2017-11-30 15:03 - 2016-11-27 05:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EaseUS Data Recovery Wizard
2017-11-30 15:03 - 2016-11-26 18:42 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Puran File Recovery
2017-11-30 15:03 - 2016-11-09 03:42 - 000000000 ____D C:\WINDOWS\SysWOW64\BestPractices
2017-11-30 15:03 - 2016-11-04 17:32 - 000000000 ____D C:\ProgramData\regid.1986-12.com.adobe
2017-11-30 15:03 - 2016-11-02 09:27 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
2017-11-30 15:03 - 2016-10-18 02:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Forex Strategy Builder Pro
2017-11-30 15:03 - 2016-10-11 00:52 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FXCM MetaTrader 4
2017-11-30 15:03 - 2016-10-10 04:27 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MetaTrader 5
2017-11-30 15:03 - 2016-08-19 23:09 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MetaTrader 4
2017-11-30 15:03 - 2016-08-13 23:51 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2017-11-30 15:03 - 2016-08-09 10:48 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eLicenser
2017-11-30 15:03 - 2016-05-08 15:17 - 000000000 ____D C:\WINDOWS\system32\xegt
2017-11-30 15:03 - 2016-04-27 01:20 - 000000000 ____D C:\WINDOWS\ShellNew
2017-11-30 15:03 - 2015-12-20 17:36 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2017-11-30 15:03 - 2015-10-30 02:24 - 000000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2017-11-30 15:03 - 2015-10-12 14:08 - 000000000 ____D C:\WINDOWS\SysWOW64\Adobe
2017-11-30 15:03 - 2015-10-12 14:05 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RealNetworks
2017-11-30 15:03 - 2015-09-25 23:17 - 000000000 ____D C:\ProgramData\regid.1995-08.com.techsmith
2017-11-30 15:03 - 2015-09-25 23:17 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TechSmith
2017-11-30 15:03 - 2015-09-23 01:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SharePoint
2017-11-30 15:03 - 2015-09-23 01:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2017-11-30 15:03 - 2015-09-15 01:22 - 000000000 ____D C:\ProgramData\regid.1986-12.com.adobe-Backup
2017-11-30 15:03 - 2015-09-15 00:17 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2017-11-30 15:03 - 2015-09-10 10:51 - 000000000 ____D C:\WINDOWS\system32\MRT
2017-11-30 15:03 - 2013-08-22 10:36 - 000000000 ____D C:\WINDOWS\system32\WindowsInternal.Inbox.Shared
2017-11-30 15:03 - 2013-08-22 10:36 - 000000000 ____D C:\WINDOWS\system32\WindowsInternal.Inbox.Media.Shared
2017-11-30 15:01 - 2017-09-29 08:46 - 000000000 ____D C:\WINDOWS\SysWOW64\lv-LV
2017-11-30 15:01 - 2017-09-29 08:46 - 000000000 ____D C:\WINDOWS\SysWOW64\lt-LT
2017-11-30 15:01 - 2017-09-29 08:46 - 000000000 ____D C:\WINDOWS\SysWOW64\et-EE
2017-11-30 15:01 - 2017-09-29 08:46 - 000000000 ____D C:\WINDOWS\SysWOW64\en-GB
2017-11-30 15:01 - 2017-09-29 08:46 - 000000000 ____D C:\WINDOWS\system32\lv-LV
2017-11-30 15:01 - 2017-09-29 08:46 - 000000000 ____D C:\WINDOWS\system32\lt-LT
2017-11-30 15:01 - 2017-09-29 08:46 - 000000000 ____D C:\WINDOWS\system32\et-EE
2017-11-30 15:01 - 2017-09-29 08:46 - 000000000 ____D C:\WINDOWS\system32\en-GB
2017-11-30 15:00 - 2017-09-29 08:46 - 000000000 ____D C:\WINDOWS\appcompat
2017-11-30 15:00 - 2017-07-19 06:05 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Panda Security
2017-11-30 15:00 - 2016-11-27 23:21 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Seagate
2017-11-30 15:00 - 2016-11-09 03:42 - 000000000 ____D C:\WINDOWS\system32\BestPractices
2017-11-30 15:00 - 2016-11-06 02:21 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\1stWORKS Corporation
2017-11-30 15:00 - 2016-08-10 20:00 - 000000000 ____D C:\Program Files\Realtek
2017-11-30 15:00 - 2015-09-25 15:46 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung
2017-11-30 12:58 - 2015-09-10 00:55 - 000000000 ____D C:\Users\Paul\AppData\Local\Packages
2017-11-30 12:27 - 2015-09-10 14:13 - 000002398 _____ C:\Users\Paul\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-11-30 12:27 - 2015-09-10 00:55 - 000000000 __RDO C:\Users\Paul\OneDrive
2017-11-30 12:25 - 2015-09-16 13:30 - 000000000 ___RD C:\Users\Paul\3D Objects
2017-11-30 12:25 - 2015-09-10 14:10 - 000000000 ____D C:\Users\Paul\AppData\Local\TileDataLayer
2017-11-30 12:21 - 2017-09-29 08:46 - 000000000 ____D C:\ProgramData\USOPrivate
2017-11-30 12:15 - 2017-09-29 08:46 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase
2017-11-30 12:14 - 2017-09-29 08:46 - 000000000 ____D C:\WINDOWS\Registration
2017-11-30 12:13 - 2016-08-27 23:50 - 000002272 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-11-30 12:13 - 2016-08-27 23:50 - 000002260 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2017-11-30 12:13 - 2015-09-10 14:08 - 000022840 _____ C:\WINDOWS\system32\emptyregdb.dat
2017-11-30 12:10 - 2017-02-08 20:21 - 000000000 ____D C:\Users\Paul\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\thinkorswim
2017-11-30 12:10 - 2016-10-12 23:17 - 000000000 ____D C:\Users\Paul\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FX LITE
2017-11-30 12:10 - 2016-10-08 01:36 - 000000000 ____D C:\Users\Paul\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GDMFX-EXT
2017-11-30 12:10 - 2016-09-14 15:15 - 000000000 ____D C:\Users\Paul\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FX Trading
2017-11-30 12:10 - 2015-09-15 00:17 - 000000000 ____D C:\Users\Paul\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2017-11-30 12:09 - 2016-05-03 21:36 - 000000000 ____D C:\Users\Paul\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Celemony
2017-11-30 12:08 - 2017-09-29 03:45 - 000000000 ____D C:\WINDOWS\system32\Sysprep
2017-11-30 12:07 - 2017-09-29 08:46 - 000000000 ___RD C:\WINDOWS\PrintDialog
2017-11-30 12:07 - 2017-09-29 08:46 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2017-11-30 12:06 - 2016-06-30 15:05 - 000000000 ____D C:\WINDOWS\SysWOW64\sda
2017-11-30 12:06 - 2016-06-30 15:05 - 000000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2017-11-30 12:06 - 2016-06-30 15:05 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2017-11-30 12:06 - 2015-09-10 01:12 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2017-11-30 11:47 - 2016-10-19 16:00 - 000000634 _____ C:\WINDOWS\Tasks\G2MUploadTask-S-1-5-21-3266970540-2495065241-1426683439-1001.job
2017-11-30 11:46 - 2016-04-12 16:25 - 000000910 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job
2017-11-30 11:45 - 2016-04-12 16:25 - 000000914 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job
2017-11-30 11:41 - 2016-06-30 15:05 - 000000000 ____D C:\ProgramData\NVIDIA
2017-11-29 23:13 - 2016-10-19 16:00 - 000000538 _____ C:\WINDOWS\Tasks\G2MUpdateTask-S-1-5-21-3266970540-2495065241-1426683439-1001.job
2017-11-29 02:00 - 2015-09-25 23:17 - 000000000 ____D C:\Users\Paul\AppData\Local\CrashDumps
2017-11-24 02:13 - 2017-07-08 04:21 - 000000000 ____D C:\Users\Paul\AppData\Local\GoToMeeting
2017-11-19 03:45 - 2016-06-07 14:52 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-11-19 03:45 - 2016-05-28 17:10 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-11-17 12:30 - 2016-05-28 17:10 - 000001232 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2017-11-17 12:30 - 2015-09-10 11:30 - 000000000 ____D C:\Users\Paul\AppData\Roaming\Mozilla
2017-11-16 18:57 - 2017-07-21 15:59 - 000000000 ____D C:\Program Files\rempl
2017-11-15 08:50 - 2017-10-10 13:46 - 127017032 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT-KB890830.exe
2017-11-15 08:50 - 2015-09-10 10:51 - 127017032 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-11-15 08:45 - 2017-08-21 14:54 - 000000000 ____D C:\Program Files\Bitdefender Agent
2017-11-14 16:46 - 2016-04-12 16:25 - 000000000 ____D C:\Program Files (x86)\Dropbox
2017-11-03 20:25 - 2017-09-29 08:49 - 000835568 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2017-11-03 20:25 - 2017-09-29 08:49 - 000177648 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2017-11-30 12:05

==================== End of FRST.txt ============================

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 30-11-2017
Ran by Administrator (01-12-2017 13:55:04)
Running from C:\Users\Paul\Desktop
Windows 10 Home Version 1709 16299.64 (X64) (2017-11-30 17:16:27)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-3266970540-2495065241-1426683439-500 - Administrator - Enabled) => C:\Users\Administrator
DefaultAccount (S-1-5-21-3266970540-2495065241-1426683439-503 - Limited - Disabled)
Guest (S-1-5-21-3266970540-2495065241-1426683439-501 - Limited - Disabled)
Paul (S-1-5-21-3266970540-2495065241-1426683439-1001 - Limited - Enabled) => C:\Users\Paul
UpdatusUser (S-1-5-21-3266970540-2495065241-1426683439-1004 - Limited - Enabled) => C:\Users\UpdatusUser
WDAGUtilityAccount (S-1-5-21-3266970540-2495065241-1426683439-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AV: Bitdefender Antivirus Free Antimalware (Enabled - Up to date) {3FB17364-4FCC-0FA7-6BBF-973897395371}
AS: Bitdefender Antivirus Free Antimalware (Enabled - Up to date) {84D09280-69F6-0029-510F-AC4AECBE19CC}
AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-3266970540-2495065241-1426683439-1001\...\uTorrent) (Version: 3.5.0.44090 - BitTorrent Inc.)
µTorrent (HKU\S-1-5-21-3266970540-2495065241-1426683439-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12012017134246041\...\uTorrent) (Version: 3.5.0.44090 - BitTorrent Inc.)
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 15.020.20039 - Adobe Systems Incorporated)
Adobe After Effects CC 2015.3 (HKLM-x32\...\AEFT_13_8_1) (Version: 13.8.1 - Adobe Systems Incorporated)
Adobe Bridge CC (64 Bit) (HKLM-x32\...\{359F8007-6486-429C-A8C5-D67F6897C88C}) (Version: 6.2 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 3.9.1.335 - Adobe Systems Incorporated)
Adobe Flash Player 27 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 27.0.0.187 - Adobe Systems Incorporated)
Adobe Media Encoder CC 2015.3 (HKLM-x32\...\AME_10_4_0) (Version: 10.4.0 - Adobe Systems Incorporated)
Adobe Photoshop CC 2015 (HKLM-x32\...\{793C2BF7-A4FE-4608-91C9-9282C5801C21}) (Version: 16.0 - Adobe Systems Incorporated)
Adobe Premiere Pro CC 2015 (HKLM-x32\...\{38C72D42-0672-43B1-9E05-E7631684F9A1}) (Version: 9.0.0 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.2 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.2.0.162 - Adobe Systems, Inc.)
Apple Application Support (32-bit) (HKLM-x32\...\{D079CAAD-0C31-47A2-9AF5-A82F9CD9B221}) (Version: 5.2 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{64E6007B-1DA9-42CD-BBE4-D5FA67A7C71D}) (Version: 5.2 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0026 - ASUS)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Bitdefender Agent (HKLM\...\Bitdefender Agent) (Version: 21.0.25.59 - Bitdefender)
Bitdefender Antivirus Free (HKLM\...\{1FCCF41D-5F00-4FE2-9653-162D0486C8B4}) (Version: 1.0.8.33 - Bitdefender)
Celtx (2.9.1) (HKLM-x32\...\Celtx (2.9.1)) (Version: 2.9.1 (en-US) - Greyfirst)
Citrix Online Launcher (HKLM-x32\...\{09DA5EE2-7E46-4DC4-96F9-BFEE50D40659}) (Version: 1.0.408 - Citrix)
Citrix Online Launcher (HKLM-x32\...\{48947098-A67C-46D4-90C5-9F2F6F0F96FE}) (Version: 1.0.449 - Citrix)
Dropbox (HKLM-x32\...\Dropbox) (Version: 39.4.49 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.59.1 - Dropbox, Inc.) Hidden
eLicenser Control (HKLM-x32\...\eLicenser Control) (Version: 6.8.5.1157 - Steinberg Media Technologies GmbH)
FileZilla Server (HKLM-x32\...\FileZilla Server) (Version: beta 0.9.59 - FileZilla Project)
Final Draft (HKLM-x32\...\{7C3C895B-AE02-4F30-8A6A-051D37A38DD0}) (Version: 8.0.3.120 - Final Draft, Inc.)
Final Draft (HKLM-x32\...\{98CA9FD5-87B8-407B-B803-2DB8A05AACBE}) (Version: 10.0.3.53 - Cast & Crew Production Software, LLC)
Forex Strategy Builder Pro v3.2.4 (HKLM\...\Forex Software Ltd. Forex Strategy Builder Pro_is1) (Version: 3.2.4.0 - Forex Software Ltd.)
FX LITE for MT4 (HKLM-x32\...\{344C8C81-2B86-437D-A49A-A02B105DCCAA}) (Version: 4.28.0 - TradeToolsFX)
FXCM MetaTrader 4 (HKLM-x32\...\FXCM MetaTrader 4) (Version: 4.00 - MetaQuotes Software Corp.)
FXCM Trading Station (HKLM-x32\...\FXTS2) (Version:  - Forex Capital Markets, LLC ("FXCM LLC"))
FXNewsAlert v3.2 (HKLM-x32\...\{6B910800-2D4E-4093-B6F1-A212BEAF1FB8}) (Version: 3.2 - FXNewsAlert)
GDMFX-EXT (HKLM-x32\...\{796A3E6D-32CE-4EA2-B0EC-188759FC295F}) (Version: 4.32.0 - GDMFX)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 62.0.3202.94 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.7 - Google Inc.) Hidden
GoToMeeting 8.17.0.7943 (HKU\S-1-5-21-3266970540-2495065241-1426683439-1001\...\GoToMeeting) (Version: 8.17.0.7943 - LogMeIn, Inc.)
GoToMeeting 8.17.0.7943 (HKU\S-1-5-21-3266970540-2495065241-1426683439-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12012017134246041\...\GoToMeeting) (Version: 8.17.0.7943 - LogMeIn, Inc.)
hotComm® CL (HKLM-x32\...\hotComm® CL) (Version: 8.00.012x - 1stWorks Corporation)
iCloud (HKLM\...\{4BB313CE-D3D1-424C-8823-15CF85B00B05}) (Version: 6.1.0.30 - Apple Inc.)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.4229 - Intel Corporation)
Java 8 Update 66 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218066F0}) (Version: 8.0.660.18 - Oracle Corporation)
Malwarebytes version 3.3.1.2183 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.3.1.2183 - Malwarebytes)
MetaTrader 4 (HKLM-x32\...\MetaTrader 4) (Version: 4.00 - MetaQuotes Software Corp.)
MetaTrader 5 (HKLM\...\MetaTrader 5) (Version: 5.00 - MetaQuotes Software Corp.)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.4734.1000 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3266970540-2495065241-1426683439-1001\...\OneDriveSetup.exe) (Version: 17.3.7076.1026 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3266970540-2495065241-1426683439-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12012017134246041\...\OneDriveSetup.exe) (Version: 17.3.7076.1026 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3266970540-2495065241-1426683439-500\...\OneDriveSetup.exe) (Version: 17.3.7076.1026 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3266970540-2495065241-1426683439-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12012017134246265\...\OneDriveSetup.exe) (Version: 17.3.7076.1026 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23918 (HKLM-x32\...\{dab68466-3a7d-41a8-a5cf-415e3ff8ef71}) (Version: 14.0.23918.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23918 (HKLM-x32\...\{2e085fd2-a3e4-4b39-8e10-6b8d35f55244}) (Version: 14.0.23918.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
MotiveWave (HKLM-x32\...\MotiveWave) (Version:  - )
Mozilla Firefox 57.0 (x64 en-US) (HKLM\...\Mozilla Firefox 57.0 (x64 en-US)) (Version: 57.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 57.0.0.6525 - Mozilla)
NinjaTrader 7 (HKLM-x32\...\{8420E070-95E7-4D36-A341-3E7530F64645}) (Version: 7.0.1032 - NinjaTrader)
NinjaTrader 8 (HKLM-x32\...\{977D122F-C93B-420B-8668-A80506755AFC}) (Version: 8.0.0.14 - NinjaTrader, LLC)
NVIDIA Update 1.14.17 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.14.17 - NVIDIA Corporation)
Panda Cloud Cleaner (HKLM-x32\...\{92B2B132-C7F0-43DC-921A-4493C04F78A4}_is1) (Version: 1.1.10 - Panda Security)
Paragon HFS+ for Windows™ 9.1 (HKLM-x32\...\{456534C0-51E7-11DF-B336-005056C00008}) (Version: 1.00 - Paragon Software)
Price Action Lab (HKLM-x32\...\Price Action Lab) (Version: 7.1 - Price Action Lab)
QuickTime 7 (HKLM-x32\...\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 - Apple Inc.)
RealDownloader (HKLM-x32\...\{13743594-F75E-491E-9EFF-203C8F8DF705}) (Version: 18.1.4.144 - RealNetworks) Hidden
RealDownloader (HKLM-x32\...\{f05bfa4b-0c78-4a3e-aa74-8c220b4a7782}) (Version: 18.1.4.144 - RealNetworks) Hidden
RealDownloader (HKLM-x32\...\{FB20AA56-F683-463A-8812-90A3507E96F9}) (Version: 18.1.0.1233 - RealNetworks, Inc.) Hidden
RealNetworks - Microsoft Visual C++ 2008 Runtime (HKLM-x32\...\{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}) (Version: 9.0 - RealNetworks, Inc) Hidden
RealNetworks - Microsoft Visual C++ 2010 Runtime (HKLM\...\{21E47F47-C9A7-4454-BA48-388327B0EA00}) (Version: 10.0 - RealNetworks, Inc) Hidden
RealNetworks - Microsoft Visual C++ 2010 Runtime (HKLM-x32\...\{AAECF7BA-E83B-4A10-87EA-DE0B333F8734}) (Version: 10.0 - RealNetworks, Inc) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7571 - Realtek Semiconductor Corp.)
RealTimes (RealPlayer) (HKLM-x32\...\RealPlayer 18.1) (Version: 18.1.0 - RealNetworks)
RealUpgrade 1.1 (HKLM-x32\...\{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}) (Version: 1.1.0 - RealNetworks, Inc.) Hidden
Seagate Dashboard (HKLM-x32\...\{EA266F00-A8E7-43A0-8DED-FBFE3F076934}) (Version: 4.4.19.0 - Seagate)
Seagate Manager Installer (HKLM-x32\...\{E6F019F1-DFB6-4853-A87D-6E31624755A9}) (Version: 2.02.0109 - Seagate) Hidden
Seagate Manager Installer (HKLM-x32\...\InstallShield_{E6F019F1-DFB6-4853-A87D-6E31624755A9}) (Version: 2.02.0109 - Seagate)
SeaTools for Windows 1.4.0.4 (HKLM-x32\...\SeaTools for Windows) (Version: 1.4.0.4 - Seagate Technology)
Sharp World Clock 7.14 (HKLM-x32\...\Sharp World Clock_is1) (Version:  - Johannes Wallroth)
Skype Web Plugin (HKLM-x32\...\{CD62BCB9-02D2-443F-AC7A-443377DA5B38}) (Version: 7.31.0.56 - Skype Technologies S.A.)
Smart Switch (HKLM-x32\...\{74FA5314-85C8-4E2A-907D-D9ECCCB770A7}) (Version: 4.0.15093.11 - Samsung Electronics Co., Ltd.) Hidden
Smart Switch (HKLM-x32\...\InstallShield_{74FA5314-85C8-4E2A-907D-D9ECCCB770A7}) (Version: 4.0.15093.11 - Samsung Electronics Co., Ltd.)
Snagit 12 (HKLM-x32\...\{50f2d2b0-9e6e-466f-b418-b3526b61aa3f}) (Version: 12.3.2.2920 - TechSmith Corporation)
Snagit 12 (HKLM-x32\...\{588591F5-74D7-4646-87C5-6A07E526F303}) (Version: 12.3.2 - TechSmith Corporation) Hidden
Statdisk 12.0.2 (HKLM-x32\...\{1F582FEC-511A-43F7-BB37-99E2F314C2F3}_is1) (Version:  - Marc Triola)
Steinberg Cubase LE AI Elements 7 (HKLM-x32\...\{5C73FC14-D3B1-45FC-A50C-7B41CB0D9DED}) (Version: 7.0.80 - Steinberg Media Technologies GmbH)
Steinberg Drum Loop Expansion 01 (HKLM-x32\...\{490BF87E-1F75-4453-BF55-9F540543A3CA}) (Version: 2.0.0.0 - Steinberg Media Technologies GmbH)
Steinberg Groove Agent ONE Content (HKLM-x32\...\{BD86F1AC-B594-46E4-85DC-1258AC9E2232}) (Version: 1.0.0.003 - Steinberg Media Technologies GmbH)
Steinberg Groove Agent ONE Vintage Beatboxes (HKLM-x32\...\{DBF4BC99-53F1-4C97-84C3-7557D103E182}) (Version: 1.0.0.000 - Steinberg Media Technologies GmbH)
Steinberg HALion Sonic SE (HKLM-x32\...\{EF7800A8-575E-4776-95A5-A9D904A85D5F}) (Version: 1.6.3 - Steinberg Media Technologies GmbH)
Steinberg HALion Sonic SE Content for Cubase LE AI Elements (HKLM-x32\...\{CF45002F-2205-4116-BB51-2D015F436CAC}) (Version: 1.6.3 - Steinberg Media Technologies GmbH)
Steinberg Midi Loop Library (HKLM-x32\...\{89DE2651-6DD9-4C15-AC94-8348362D456C}) (Version: 1.0.0 - Steinberg Media Technologies GmbH)
Steinberg REVerence Content 01 (HKLM-x32\...\{532B917B-8235-4FA5-BE36-643A8BB053A5}) (Version: 2.0.1.000 - Steinberg Media Technologies GmbH)
swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
thinkorswim (HKLM\...\9968-4488-2169-7623) (Version: desktop - thinkorswim, Inc)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{61702639-6539-473A-8FE5-618E194C0069}) (Version: 2.7.0.0 - Microsoft Corporation)
UpdateAssistant (HKLM-x32\...\{B7AFAF92-D1C8-49A0-B34A-B5DAF9C9D5C6}) (Version: 1.9.0.0 - Microsoft Corporation) Hidden
UpdateService (HKLM-x32\...\{E3AE96D6-E196-45B4-AF62-2B41998B9E37}) (Version: 1.0.0 - RealNetworks, Inc.) Hidden
UserTesting (HKU\S-1-5-21-3266970540-2495065241-1426683439-1001\...\UserTestingPlugin) (Version:  - UserTesting.com)
UserTesting (HKU\S-1-5-21-3266970540-2495065241-1426683439-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12012017134246041\...\UserTestingPlugin) (Version:  - UserTesting.com)
Video Downloader (HKLM-x32\...\{8B6202FD-3790-4DD4-B343-51736F7FF4E5}) (Version: 1.2.0 - RealNetworks) Hidden
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.6 - VideoLAN)
WebOptimum (HKLM-x32\...\{53C9B483-EF2D-480D-9E1D-118F46700824}) (Version: 1.0.0.0 - bscodecs.com) Hidden <==== ATTENTION
WebOptimum (HKLM-x32\...\{D417EF89-F7E6-45FF-9D54-08DE4D7F3A25}) (Version: 1.0.0.0 - bscodecs.com) Hidden <==== ATTENTION
Windows 10 Update Assistant (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22243 - Microsoft Corporation)
WinRAR 5.21 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-3266970540-2495065241-1426683439-1001_Classes\CLSID\{0112bcab-ec40-8cbd-e8e0-18acfa7731940}\InprocServer32 -> 0x6C41493845567338387553786F394142486741734146567A5A584A4F5957316C5055347651534E4462323177595735355055347651534E46545746706244314F4C30456A5648687553575139546939425150694B4563797A4D355763592F7044516932 (the data entry has 114 more characters). => No File
CustomCLSID: HKU\S-1-5-21-3266970540-2495065241-1426683439-1001_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-8880DA67C722}\InprocServer32 -> %%systemroot%%\system32\shell32.dll => No File
CustomCLSID: HKU\S-1-5-21-3266970540-2495065241-1426683439-1001_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}\InprocServer32 -> C:\Users\Paul\AppData\Local\Citrix\GoToMeeting\6749\G2MOutlookAddin64.dll => No File
CustomCLSID: HKU\S-1-5-21-3266970540-2495065241-1426683439-1001_Classes\CLSID\{A62E09B4-6467-4E0F-9B52-E61D8BC9FC69}\localserver32 -> C:\Users\Paul\AppData\Local\SkypePlugin\7.31.0.56\GatewayVersion-x64.exe (Skype Technologies S.A.)
CustomCLSID: HKU\S-1-5-21-3266970540-2495065241-1426683439-1001_Classes\CLSID\{CBF9CD8C-2714-4F36-B76A-43E6C7547BC2}\localserver32 -> C:\Users\Paul\AppData\Local\SkypePlugin\7.31.0.56\EdgeCalling.exe (Skype Technologies S.A.)
CustomCLSID: HKU\S-1-5-21-3266970540-2495065241-1426683439-1001_Classes\CLSID\{E5A7A7B5-9D06-4DBE-BAC0-04B69FF070B5}\InprocServer32 -> C:\Users\Paul\AppData\Local\SkypePlugin\7.31.0.56\GatewayActiveX-x64.dll (Skype Technologies S.A.)
CustomCLSID: HKU\S-1-5-21-3266970540-2495065241-1426683439-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
CustomCLSID: HKU\S-1-5-21-3266970540-2495065241-1426683439-1001_Classes\CLSID\{ef79fc18-df28-de4f-628c-b2e02c0815a76}\InprocServer32 -> 0x3142023E3307D2015A3BE572D73FD201250000005400000000000000 => No File
ShellIconOverlayIdentifiers: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2017-11-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2017-11-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2017-11-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2017-11-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2017-11-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2017-11-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2017-11-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2017-11-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2017-11-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2017-11-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-10-25] ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-10-25] ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-10-25] ()
ShellIconOverlayIdentifiers-x32: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2017-11-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2017-11-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2017-11-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2017-11-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2017-11-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2017-11-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2017-11-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2017-11-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2017-11-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2017-11-13] (Dropbox, Inc.)
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-10-25] ()
ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2017-11-13] (Dropbox, Inc.)
ContextMenuHandlers1: [MagicISO] -> {DB85C504-C730-49DD-BEC1-7B39C6103B7A} => C:\Program Files (x86)\MagicISO\misosh64.dll -> No File
ContextMenuHandlers1: [PhotoStreamsExt] -> {89D984B3-813B-406A-8298-118AFA3A22AE} => C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll [2016-11-17] (Apple Inc.)
ContextMenuHandlers1: [SnagItMainShellExt] -> {CF74B903-3389-469c-B3B6-0204D204FCBD} => C:\Program Files (x86)\TechSmith\Snagit 12\DLLx64\SnagitShellExt64.dll [2015-04-17] (TechSmith Corporation)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2015-02-15] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2015-02-15] (Alexander Roshal)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-11-01] (Malwarebytes)
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin64\rpcontextmenu.dll [2015-10-12] (RealNetworks, Inc.)
ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2017-11-13] (Dropbox, Inc.)
ContextMenuHandlers4: [MagicISO] -> {DB85C504-C730-49DD-BEC1-7B39C6103B7A} => C:\Program Files (x86)\MagicISO\misosh64.dll -> No File
ContextMenuHandlers4: [SnagItMainShellExt] -> {CF74B903-3389-469c-B3B6-0204D204FCBD} => C:\Program Files (x86)\TechSmith\Snagit 12\DLLx64\SnagitShellExt64.dll [2015-04-17] (TechSmith Corporation)
ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2017-11-13] (Dropbox, Inc.)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> No File
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2016-08-01] (NVIDIA Corporation)
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-10-25] ()
ContextMenuHandlers6: [MagicISO] -> {DB85C504-C730-49DD-BEC1-7B39C6103B7A} => C:\Program Files (x86)\MagicISO\misosh64.dll -> No File
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-11-01] (Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2015-02-15] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2015-02-15] (Alexander Roshal)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0CB76FA6-EA16-4381-B862-981B35BF16C6} - \CCleanerSkipUAC -> No File <==== ATTENTION
Task: {11CF9DB2-5156-47A5-B9C3-0B6DFAEF1778} - System32\Tasks\Seagate_Install_Launch => C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Dashboard.exe [2016-06-28] (Seagate Technology LLC)
Task: {18E71226-31EA-464F-9498-5768DDD9F380} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {1A27E59C-E6CC-45EC-8BEB-37334D5CE7F0} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-04-12] (Dropbox, Inc.)
Task: {2F5BDA15-0F29-4715-A4E3-39632C5CEDD4} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-11-14] (Adobe Systems Incorporated)
Task: {31B92F34-4243-4F5E-829E-1EB9343485FB} - System32\Tasks\{7696699D-4963-4E1E-A552-E725826C77DF} => C:\WINDOWS\system32\pcalua.exe -a "C:\Program Files\TupfitkyrpeplyUn\unins000.exe"
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe
Task: {481842DB-F07A-40BC-A632-46313656AFF8} - System32\Tasks\RtHDVBg_ListenToDevice => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2015-07-30] (Realtek Semiconductor)
Task: {48465260-8877-4D75-BA35-F70038E5A7CE} - System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-3266970540-2495065241-1426683439-1001 => C:\Program Files (x86)\RealNetworks\RealDownloader\RealUpgrade.exe [2015-09-16] (RealNetworks, Inc.)
Task: {51315A18-22CF-4835-B6E5-B6C237A94E20} - \User_Feed_Synchronization-{9C6D608C-BFCA-43E7-8A8A-EF52B54E62CB} -> No File <==== ATTENTION
Task: {56F799FB-C52E-4F9A-AF6F-AF12E6AE45B6} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {5934E3DD-EC7D-4A98-B5DF-FE94CEBE54EC} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {6188C930-2F11-47C8-B4DD-794E0BC7C3B4} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-08-27] (Google Inc.)
Task: {6229FFE7-20F1-48C7-BE29-B04AB05B091C} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-04-12] (Dropbox, Inc.)
Task: {731B1B6A-D166-417F-A2D0-211915B3AD68} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {795D8E86-6669-43A7-88C6-E3DE961096AB} - System32\Tasks\TechSmith Updater => C:\Program Files (x86)\Common Files\TechSmith Shared\Updater\TSCUpdClt.exe [2014-07-31] (TechSmith Corporation)
Task: {7ACD3C7F-EA7F-4E67-AF06-E2959F771014} - \RealDownloaderDownloaderScheduledTaskS-1-5-21-3266970540-2495065241-1426683439-1001 -> No File <==== ATTENTION
Task: {7FDD76B9-95D2-48F7-854D-C3B9BADC5A34} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2016-02-23] (Apple Inc.)
Task: {83C28371-B53C-4D81-85FA-45DC9C128941} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-09-16] (Adobe Systems Incorporated)
Task: {870EB3FD-45D7-4EB1-A1C0-AA2B362D6916} - System32\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864 => C:\Program Files\Bitdefender Agent\WatchDog.exe [2017-06-21] (Bitdefender)
Task: {8F9B2F01-A53C-4000-9242-67BE9718C34B} - \RealDownloader Update Check -> No File <==== ATTENTION
Task: {93A08F75-835E-413A-AAC6-18D46FE716F1} - System32\Tasks\G2MUpdateTask-S-1-5-21-3266970540-2495065241-1426683439-1001 => C:\Users\Paul\AppData\Local\GoToMeeting\7943\g2mupdate.exe [2017-11-17] (LogMeIn, Inc.)
Task: {94C8F454-4ECE-4331-8542-4C4DE8875F2A} - System32\Tasks\Private Internet Access Startup => C:\Program Files\pia_manager\pia_manager.exe
Task: {AFDBAD33-4FFF-46FA-A901-6D0EA61D0D0E} - \Optimize Start Menu Cache Files-S-1-5-21-3266970540-2495065241-1426683439-1001 -> No File <==== ATTENTION
Task: {B9BB3DD4-C778-4B83-A2CB-003A9FF4DE1B} - System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-3266970540-2495065241-1426683439-1001 => C:\Program Files (x86)\RealNetworks\RealDownloader\RealUpgrade.exe [2015-09-16] (RealNetworks, Inc.)
Task: {D9B3F938-9DC5-474B-B52E-CEA32126136D} - System32\Tasks\G2MUploadTask-S-1-5-21-3266970540-2495065241-1426683439-1001 => C:\Users\Paul\AppData\Local\GoToMeeting\7943\g2mupload.exe [2017-11-17] (LogMeIn, Inc.)
Task: {E7E788AD-638D-4706-B59F-97AADB50069B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-08-27] (Google Inc.)
Task: {EC765380-94F7-4D72-AFCC-00DF2EC0CB38} - System32\Tasks\[email protected] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2016-07-01] (Adobe Systems Incorporated)
Task: {FF7D46FF-248D-4615-833D-63722DD2983C} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2015-07-30] (Realtek Semiconductor)
Task: {FFFBD62B-4C50-4B88-90F3-AACB8EA837E2} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\G2MUpdateTask-S-1-5-21-3266970540-2495065241-1426683439-1001.job => C:\Users\Paul\AppData\Local\GoToMeeting\7943\g2mupdate.exe
Task: C:\WINDOWS\Tasks\G2MUploadTask-S-1-5-21-3266970540-2495065241-1426683439-1001.job => C:\Users\Paul\AppData\Local\GoToMeeting\7943\g2mupload.exe

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============

2017-09-29 08:41 - 2017-09-29 08:41 - 000184432 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2016-06-30 15:05 - 2016-08-01 07:54 - 000133056 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2015-09-16 20:26 - 2015-09-16 20:26 - 000033088 _____ () C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe
2017-08-21 14:58 - 2017-11-24 00:00 - 000280576 _____ () C:\Program Files\Bitdefender Antivirus Free\txmlutil.dll
2017-08-21 14:58 - 2017-02-07 14:29 - 001008448 _____ () C:\Program Files\Bitdefender Antivirus Free\Signatures\OTEngines\OTEngines_000_000\ashttpbr.mdl
2017-08-21 14:58 - 2017-02-07 14:29 - 000541952 _____ () C:\Program Files\Bitdefender Antivirus Free\Signatures\OTEngines\OTEngines_000_000\ashttpdsp.mdl
2017-08-21 14:58 - 2017-02-07 14:29 - 003243920 _____ () C:\Program Files\Bitdefender Antivirus Free\Signatures\OTEngines\OTEngines_000_000\ashttpph.mdl
2017-08-21 14:58 - 2017-02-07 14:29 - 001544568 _____ () C:\Program Files\Bitdefender Antivirus Free\Signatures\OTEngines\OTEngines_000_000\ashttprbl.mdl
2017-12-01 13:39 - 2017-11-01 08:54 - 002358736 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll
2017-12-01 13:39 - 2017-11-01 08:55 - 002299344 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\SelfProtectionSdk.dll
2016-10-25 11:57 - 2016-10-25 11:57 - 000491184 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll
2010-01-09 22:17 - 2010-01-09 22:17 - 004254560 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2010-01-21 03:40 - 2010-01-21 03:40 - 008794464 _____ () C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll
2017-09-29 08:42 - 2017-09-29 09:43 - 011044864 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2017-09-29 08:42 - 2017-09-29 09:43 - 001804288 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2015-09-16 20:26 - 2015-09-16 20:26 - 000037720 _____ () C:\Program Files (x86)\Real\UpdateService\DL2UpdatePlugin.dll
2015-09-16 20:26 - 2015-09-16 20:26 - 000039768 _____ () C:\Program Files (x86)\Real\UpdateService\RealDownloaderUpdatePlugin.dll
2015-09-16 20:26 - 2015-09-16 20:26 - 000037728 _____ () C:\Program Files (x86)\Real\UpdateService\VideoDLUpdatePlugin.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\TEMP:7E0867E4 [120]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 08:25 - 2016-12-31 23:06 - 000001111 _____ C:\WINDOWS\system32\Drivers\etc\hosts

255.255.255.255    hcurltest5
255.255.255.255    vnsjs1.1stworks.com
76.74.166.147    hcurltest2
74.208.77.54    hcurltest1

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12012017134246004\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12012017134246025\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
HKU\S-1-5-21-3266970540-2495065241-1426683439-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Paul\AppData\Local\Microsoft\Windows\Themes\TranscodedWallpaper
HKU\S-1-5-21-3266970540-2495065241-1426683439-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12012017134246041\Control Panel\Desktop\\Wallpaper -> C:\Users\Paul\AppData\Local\Microsoft\Windows\Themes\TranscodedWallpaper
HKU\S-1-5-21-3266970540-2495065241-1426683439-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12012017134246188\Control Panel\Desktop\\Wallpaper ->
HKU\S-1-5-21-3266970540-2495065241-1426683439-500\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg
HKU\S-1-5-21-3266970540-2495065241-1426683439-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12012017134246265\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg
DNS Servers: 8.8.8.8
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

HKLM\...\StartupApproved\StartupFolder: => "RealTimes.lnk"
HKLM\...\StartupApproved\StartupFolder: => "Start Guardian.lnk"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run: => "HotKeysCmds"
HKLM\...\StartupApproved\Run: => "interpee"
HKLM\...\StartupApproved\Run32: => "Malwarebytes Anti-Exploit"
HKLM\...\StartupApproved\Run32: => "RealDownloader"
HKLM\...\StartupApproved\Run32: => "TkBellExe"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud"
HKLM\...\StartupApproved\Run32: => "Dropbox"
HKLM\...\StartupApproved\Run32: => "MaxMenuMgr"
HKLM\...\StartupApproved\Run32: => "DBAgent"
HKLM\...\StartupApproved\Run32: => "FileZilla Server Interface"
HKU\S-1-5-21-3266970540-2495065241-1426683439-1001\...\StartupApproved\StartupFolder: => "ok38980386gehrig.lnk"
HKU\S-1-5-21-3266970540-2495065241-1426683439-1001\...\StartupApproved\StartupFolder: => "zSpeedup.lnk"
HKU\S-1-5-21-3266970540-2495065241-1426683439-1001\...\StartupApproved\Run: => "uTorrent"
HKU\S-1-5-21-3266970540-2495065241-1426683439-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-3266970540-2495065241-1426683439-1001\...\StartupApproved\Run: => "Spotify"
HKU\S-1-5-21-3266970540-2495065241-1426683439-1001\...\StartupApproved\Run: => "Spotify Web Helper"
HKU\S-1-5-21-3266970540-2495065241-1426683439-1001\...\StartupApproved\Run: => "Skype"
HKU\S-1-5-21-3266970540-2495065241-1426683439-1001\...\StartupApproved\Run: => "interpee"
HKU\S-1-5-21-3266970540-2495065241-1426683439-1001\...\StartupApproved\Run: => "paperback"
HKU\S-1-5-21-3266970540-2495065241-1426683439-1001\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-3266970540-2495065241-1426683439-1001\...\StartupApproved\Run: => "OfficeSyncProcess"
HKU\S-1-5-21-3266970540-2495065241-1426683439-1001\...\StartupApproved\Run: => "iCloudServices"
HKU\S-1-5-21-3266970540-2495065241-1426683439-1001\...\StartupApproved\Run: => "Uploader"
HKU\S-1-5-21-3266970540-2495065241-1426683439-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12012017134246041\...\StartupApproved\StartupFolder: => "ok38980386gehrig.lnk"
HKU\S-1-5-21-3266970540-2495065241-1426683439-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12012017134246041\...\StartupApproved\StartupFolder: => "zSpeedup.lnk"
HKU\S-1-5-21-3266970540-2495065241-1426683439-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12012017134246041\...\StartupApproved\Run: => "uTorrent"
HKU\S-1-5-21-3266970540-2495065241-1426683439-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12012017134246041\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-3266970540-2495065241-1426683439-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12012017134246041\...\StartupApproved\Run: => "Spotify"
HKU\S-1-5-21-3266970540-2495065241-1426683439-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12012017134246041\...\StartupApproved\Run: => "Spotify Web Helper"
HKU\S-1-5-21-3266970540-2495065241-1426683439-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12012017134246041\...\StartupApproved\Run: => "Skype"
HKU\S-1-5-21-3266970540-2495065241-1426683439-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12012017134246041\...\StartupApproved\Run: => "interpee"
HKU\S-1-5-21-3266970540-2495065241-1426683439-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12012017134246041\...\StartupApproved\Run: => "paperback"
HKU\S-1-5-21-3266970540-2495065241-1426683439-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12012017134246041\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-3266970540-2495065241-1426683439-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12012017134246041\...\StartupApproved\Run: => "OfficeSyncProcess"
HKU\S-1-5-21-3266970540-2495065241-1426683439-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12012017134246041\...\StartupApproved\Run: => "iCloudServices"
HKU\S-1-5-21-3266970540-2495065241-1426683439-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12012017134246041\...\StartupApproved\Run: => "Uploader"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{3888E76C-1A7D-4B19-B058-BCE356A2B68F}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
FirewallRules: [{D6A894B8-5375-4DF6-8198-3C8A99C857A5}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{BEE177C4-A891-449B-BEED-4D7381CEAB73}] => (Block) C:\users\paul\desktop\ipcamera.exe
FirewallRules: [{2CCBB28C-7BF3-499C-AB1E-9679C1ED2010}] => (Block) C:\users\paul\desktop\ipcamera.exe
FirewallRules: [UDP Query User{B09BC7B0-2A2F-4263-93AC-852557E341E4}C:\users\paul\desktop\ipcamera.exe] => (Allow) C:\users\paul\desktop\ipcamera.exe
FirewallRules: [TCP Query User{F964BC03-10B6-4DFC-A2A4-910340881C32}C:\users\paul\desktop\ipcamera.exe] => (Allow) C:\users\paul\desktop\ipcamera.exe
FirewallRules: [{B87F3C9B-BB7B-4739-B24D-FF1C770AABFB}] => (Block) C:\program files (x86)\foscam\software\ipcamera.exe
FirewallRules: [{FC6CDDAB-62A9-4379-A3EC-A82B52831CC0}] => (Block) C:\program files (x86)\foscam\software\ipcamera.exe
FirewallRules: [UDP Query User{C40538E3-E2E4-4594-A950-C57C3BA95DA6}C:\program files (x86)\foscam\software\ipcamera.exe] => (Allow) C:\program files (x86)\foscam\software\ipcamera.exe
FirewallRules: [TCP Query User{9E671BF5-BD67-4E71-954A-2754FB0C3D4C}C:\program files (x86)\foscam\software\ipcamera.exe] => (Allow) C:\program files (x86)\foscam\software\ipcamera.exe
FirewallRules: [{1E88EA66-01B1-4252-96D9-96D22DCBCF40}] => (Allow) C:\Program Files (x86)\FXCM MetaTrader 4\terminal.exe
FirewallRules: [{81E16B7E-1118-4AC7-AC29-2EC6EFDAA2FE}] => (Allow) C:\Program Files (x86)\FXCM MetaTrader 4\terminal.exe
FirewallRules: [{973D7B68-8584-46F0-9360-56CD6569A0DD}] => (Allow) C:\Program Files (x86)\FXCM MetaTrader 4\terminal.exe
FirewallRules: [{AFD5A422-027D-43A2-A262-8FF17A8D6C49}] => (Allow) C:\Program Files (x86)\FXCM MetaTrader 4\terminal.exe
FirewallRules: [{670FF306-FD54-4076-9DF0-9FBF4376656A}] => (Allow) C:\Program Files (x86)\MetaTrader 4 (2)\terminal.exe
FirewallRules: [{AA77F80F-3E54-4993-BC5F-986839D4A6EB}] => (Allow) C:\Program Files (x86)\MetaTrader 4 (2)\terminal.exe
FirewallRules: [{09EB8610-7BDA-4342-92E6-6A22486E6F92}] => (Allow) C:\Program Files (x86)\MetaTrader 4 (2)\terminal.exe
FirewallRules: [{E6406C78-DA53-494F-9C83-6E73265B36AF}] => (Allow) C:\Program Files (x86)\MetaTrader 4 (2)\terminal.exe
FirewallRules: [{1669998C-1146-494A-BDB0-F4F3DA1B306B}] => (Allow) C:\Program Files (x86)\MetaTrader 4\terminal.exe
FirewallRules: [{6B26BF34-9E38-4DA3-87B7-2302AE788471}] => (Allow) C:\Program Files (x86)\MetaTrader 4\terminal.exe
FirewallRules: [{99AA3892-3EF1-4854-9F67-5FE36DD175A7}] => (Allow) C:\Program Files (x86)\MetaTrader 4\terminal.exe
FirewallRules: [{5351997B-813B-46D1-975D-C0A819261446}] => (Allow) C:\Program Files (x86)\MetaTrader 4\terminal.exe
FirewallRules: [{E32ACC43-9BC5-4ACF-8EAE-C884C60B84F0}] => (Block) C:\users\paul\downloads\discoverytool_pc_v2.2.24.0.exe
FirewallRules: [{A5C171DA-DE40-46B5-A301-C3FEE1BCFD09}] => (Block) C:\users\paul\downloads\discoverytool_pc_v2.2.24.0.exe
FirewallRules: [UDP Query User{36E0E438-5D6F-4979-B83E-ED1B80ACDB67}C:\users\paul\downloads\discoverytool_pc_v2.2.24.0.exe] => (Allow) C:\users\paul\downloads\discoverytool_pc_v2.2.24.0.exe
FirewallRules: [TCP Query User{08DA6810-B7E2-4264-97B6-1B6D186FC963}C:\users\paul\downloads\discoverytool_pc_v2.2.24.0.exe] => (Allow) C:\users\paul\downloads\discoverytool_pc_v2.2.24.0.exe
FirewallRules: [{601C96F6-4E62-454D-A9EB-ACC38471244F}] => (Allow) LPort=8888
FirewallRules: [{125D42F6-6BF7-44C9-A9ED-340F8BC661D1}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{3247A07B-8955-4253-B2C3-70DA20751C15}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{9867FBAD-2A76-4524-A0BC-881C32BDFD31}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{278ACCA7-671B-486B-9A09-8BB2E47D3955}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{9B9A7D2B-20F4-4C34-BF3C-DC5DCEC16BE9}] => (Block) C:\program files (x86)\seagate\seagate dashboard 2.0\dashboard.exe
FirewallRules: [{C3128BD8-B094-4934-B802-73C3FA9BF865}] => (Block) C:\program files (x86)\seagate\seagate dashboard 2.0\dashboard.exe
FirewallRules: [UDP Query User{5E4FF59C-AE87-44F3-A150-7F44990E4C44}C:\program files (x86)\seagate\seagate dashboard 2.0\dashboard.exe] => (Allow) C:\program files (x86)\seagate\seagate dashboard 2.0\dashboard.exe
FirewallRules: [TCP Query User{3597A111-7A8C-4222-B959-FFC62412140C}C:\program files (x86)\seagate\seagate dashboard 2.0\dashboard.exe] => (Allow) C:\program files (x86)\seagate\seagate dashboard 2.0\dashboard.exe
FirewallRules: [{8B72CA5C-C54D-4CF3-A1B9-51311D6B6698}] => (Allow) LPort=8888
FirewallRules: [{CA244FC0-AF45-46E5-9EE0-6457ACC62AF4}] => (Allow) C:\Program Files (x86)\1stWORKS\hotCommCL\BIN\HotComm.exe
FirewallRules: [{501DB94B-AA08-4078-A0FB-159B8401EEB5}] => (Allow) C:\Program Files (x86)\1stWORKS\hotCommCL\BIN\HotComm.exe
FirewallRules: [UDP Query User{DAF54347-116D-4AFB-86B3-375DC1301D7B}C:\program files (x86)\1stworks\hotcommcl\bin\hotcomm.exe] => (Allow) C:\program files (x86)\1stworks\hotcommcl\bin\hotcomm.exe
FirewallRules: [TCP Query User{1D5A15A5-9E62-4464-A701-948BFDC33F55}C:\program files (x86)\1stworks\hotcommcl\bin\hotcomm.exe] => (Allow) C:\program files (x86)\1stworks\hotcommcl\bin\hotcomm.exe
FirewallRules: [{B0E6EA99-F64D-4BBC-8081-91A1C9C9F568}] => (Block) C:\program files (x86)\ninjatrader 7\bin\ninjatrader.exe
FirewallRules: [{FF9F93BA-65A2-48A9-8B47-092F27663276}] => (Block) C:\program files (x86)\ninjatrader 7\bin\ninjatrader.exe
FirewallRules: [UDP Query User{453378DC-0C6E-4311-B19E-4D8C956CA218}C:\program files (x86)\ninjatrader 7\bin\ninjatrader.exe] => (Allow) C:\program files (x86)\ninjatrader 7\bin\ninjatrader.exe
FirewallRules: [TCP Query User{6D642F99-2BCC-4C25-A9CD-01278EE33B45}C:\program files (x86)\ninjatrader 7\bin\ninjatrader.exe] => (Allow) C:\program files (x86)\ninjatrader 7\bin\ninjatrader.exe
FirewallRules: [{048EFFC3-08D1-4DAF-85DD-5F26E8E13F8E}] => (Block) C:\program files (x86)\ninjatrader 8\bin64\ninjatrader.exe
FirewallRules: [{2C01765D-E663-410B-8BF8-AFD8B3112D99}] => (Block) C:\program files (x86)\ninjatrader 8\bin64\ninjatrader.exe
FirewallRules: [UDP Query User{B474BBCF-77D6-4F6A-9C26-749BAFF0A6EA}C:\program files (x86)\ninjatrader 8\bin64\ninjatrader.exe] => (Allow) C:\program files (x86)\ninjatrader 8\bin64\ninjatrader.exe
FirewallRules: [TCP Query User{0FE7D96A-7987-479C-953F-67649218EAB7}C:\program files (x86)\ninjatrader 8\bin64\ninjatrader.exe] => (Allow) C:\program files (x86)\ninjatrader 8\bin64\ninjatrader.exe
FirewallRules: [{801642D1-BC85-4B25-96C5-7C8166D84DCF}] => (Block) C:\users\paul\desktop\searchtool.exe
FirewallRules: [{C650BB8B-FB01-428A-9D29-AA93070F1AAB}] => (Block) C:\users\paul\desktop\searchtool.exe
FirewallRules: [UDP Query User{FD8E34D4-AFCF-4DE2-98B4-E077F3B53691}C:\users\paul\desktop\searchtool.exe] => (Allow) C:\users\paul\desktop\searchtool.exe
FirewallRules: [TCP Query User{93F9F741-BC5E-4022-A975-30C2E729EA59}C:\users\paul\desktop\searchtool.exe] => (Allow) C:\users\paul\desktop\searchtool.exe
FirewallRules: [{D8665521-EE47-4F6A-8030-441F342E2138}] => (Block) F:\backup\documents\documents\foscam\search tool\searchtool v1.0.0.5\searchtool.exe
FirewallRules: [{EFD2BD0A-253A-4FB9-895F-AA39A03F6089}] => (Block) F:\backup\documents\documents\foscam\search tool\searchtool v1.0.0.5\searchtool.exe
FirewallRules: [UDP Query User{21654254-D064-4E28-931C-F2C864ACAFD1}F:\backup\documents\documents\foscam\search tool\searchtool v1.0.0.5\searchtool.exe] => (Allow) F:\backup\documents\documents\foscam\search tool\searchtool v1.0.0.5\searchtool.exe
FirewallRules: [TCP Query User{B0F38B2E-48A5-4489-8268-7B041AD195DA}F:\backup\documents\documents\foscam\search tool\searchtool v1.0.0.5\searchtool.exe] => (Allow) F:\backup\documents\documents\foscam\search tool\searchtool v1.0.0.5\searchtool.exe
FirewallRules: [UDP Query User{A36EC576-BDBE-4C78-9684-176E09DF539B}C:\users\paul\downloads\new folder\searchtool v1.0.0.5\searchtool.exe] => (Allow) C:\users\paul\downloads\new folder\searchtool v1.0.0.5\searchtool.exe
FirewallRules: [TCP Query User{A93D1A3F-96FF-413B-8C89-EC904B6F7B6B}C:\users\paul\downloads\new folder\searchtool v1.0.0.5\searchtool.exe] => (Allow) C:\users\paul\downloads\new folder\searchtool v1.0.0.5\searchtool.exe
FirewallRules: [{18A7ED7C-FCA9-4759-8406-303AF6FE1E56}] => (Allow) C:\Program Files\MetaTrader 5\metatester64.exe
FirewallRules: [{2CEC84C9-44E5-4D45-9BBE-EA1BB215D382}] => (Allow) C:\bb\BBHelper\BandinaBoxServer.exe
FirewallRules: [{E710A5EF-3F39-4F91-81DE-32217F79C2EA}] => (Allow) C:\bb\BBHelper\BandinaBoxServer.exe
FirewallRules: [UDP Query User{18BB6848-1534-487C-8C54-BA9CF53720D2}C:\users\paul\appdata\local\skypeplugin\pluginhost.exe] => (Block) C:\users\paul\appdata\local\skypeplugin\pluginhost.exe
FirewallRules: [TCP Query User{32CAEC1C-1F38-497D-B58D-84E756FD6BAE}C:\users\paul\appdata\local\skypeplugin\pluginhost.exe] => (Block) C:\users\paul\appdata\local\skypeplugin\pluginhost.exe
FirewallRules: [UDP Query User{E010585E-2380-47B8-84AC-02192D5E27F5}C:\users\paul\appdata\local\skypeplugin\pluginhost.exe] => (Allow) C:\users\paul\appdata\local\skypeplugin\pluginhost.exe
FirewallRules: [TCP Query User{643FD469-8250-4E61-A843-AB54E30309B3}C:\users\paul\appdata\local\skypeplugin\pluginhost.exe] => (Allow) C:\users\paul\appdata\local\skypeplugin\pluginhost.exe
FirewallRules: [{956FDB81-6474-4BAE-9FD2-EE6BB10DA24F}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{24CCC015-206C-4B54-BB4E-2151E61DB1BA}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{E019A327-466B-4BAE-AE0A-FA18985324FB}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{95D42A4A-A243-45E6-8BDE-B7C53FB6AD03}] => (Allow) C:\Users\Paul\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{963C152A-4234-4823-89CA-546C05B0151E}] => (Allow) C:\Users\Paul\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{08F68F5C-454F-4E77-B6D1-04A4660E4217}] => (Allow) C:\Users\Paul\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{64E06369-BC94-4C19-9ABB-66F11547E8E0}] => (Allow) C:\Users\Paul\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{3EFD4A92-A63C-485D-A112-3019194BBF04}] => (Allow) C:\Users\Paul\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{B5622633-7A59-4666-A3CB-4ED477D0456A}] => (Allow) C:\Users\Paul\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{D834D9C2-E898-4499-AAF2-7A28C75A8BB5}] => (Allow) C:\Program Files\Adobe\Adobe Photoshop CC 2015\Photoshop.exe
FirewallRules: [{A3B09134-9E1D-4505-B695-4401FECD4D67}] => (Allow) C:\Program Files\Adobe\Adobe Photoshop CC 2015\Photoshop.exe
FirewallRules: [{C45E2ADA-9204-4396-901E-9F01D2EBC33C}] => (Allow) C:\Program Files\Adobe\Adobe Photoshop CC 2015\Photoshop.exe
FirewallRules: [{33E5BC7D-1CA2-4A35-ABA7-916D2FA5D2F5}] => (Allow) C:\Program Files\Adobe\Adobe Photoshop CC 2015\Photoshop.exe
FirewallRules: [{18C36B04-F23D-4813-8AB8-308E887C660A}] => (Allow) C:\Program Files\Adobe\Adobe Photoshop CC 2015\Photoshop.exe
FirewallRules: [{E7E20C9E-C535-4B95-98E1-1650E2E94F93}] => (Allow) C:\Program Files\Adobe\Adobe Photoshop CC 2015\Photoshop.exe
FirewallRules: [{6734695D-47FF-40FE-A8CB-2223324A08DB}] => (Allow) C:\Program Files\Adobe\Adobe Photoshop CC 2015\Photoshop.exe
FirewallRules: [{FE97AF96-2869-4EE9-B291-108FA5DDE7AA}] => (Allow) C:\Program Files\Adobe\Adobe Photoshop CC 2015\Photoshop.exe
FirewallRules: [{4697917C-2123-4FAD-96CB-C6B7D35FA580}] => (Allow) LPort=8298
FirewallRules: [{E039D4EA-EF4C-4C65-BEE0-01616D989B51}] => (Allow) C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpdsvc.exe
FirewallRules: [TCP Query User{CD04D5AF-A8F1-42E4-BBC6-A3E05543D2A3}C:\users\paul\appdata\local\skypeplugin\7.9.0.56\pluginhost.exe] => (Allow) C:\users\paul\appdata\local\skypeplugin\7.9.0.56\pluginhost.exe
FirewallRules: [UDP Query User{8D17FCC8-DFB1-4F15-BCF8-FD015BC26653}C:\users\paul\appdata\local\skypeplugin\7.9.0.56\pluginhost.exe] => (Allow) C:\users\paul\appdata\local\skypeplugin\7.9.0.56\pluginhost.exe
FirewallRules: [{E46880CA-AEFC-4C45-B79C-E115A6B81D0B}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{2FFD3662-AD32-44F7-9EDB-996B5C942C6C}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{B959EACE-DBD8-418B-9EB1-9EF798469F9D}C:\program files\steinberg\cubase le ai elements 7\cubase le ai elements 7.exe] => (Allow) C:\program files\steinberg\cubase le ai elements 7\cubase le ai elements 7.exe
FirewallRules: [UDP Query User{8890E089-1120-4C68-802F-65167327817A}C:\program files\steinberg\cubase le ai elements 7\cubase le ai elements 7.exe] => (Allow) C:\program files\steinberg\cubase le ai elements 7\cubase le ai elements 7.exe
FirewallRules: [TCP Query User{A8089ECA-9126-4CBC-B11D-C2E1D47B3B06}C:\program files\steinberg\cubase le ai elements 7\components\vstbridgeapp.exe] => (Allow) C:\program files\steinberg\cubase le ai elements 7\components\vstbridgeapp.exe
FirewallRules: [UDP Query User{EB2848C3-CB4B-4BC2-8921-2FAE9AB115AC}C:\program files\steinberg\cubase le ai elements 7\components\vstbridgeapp.exe] => (Allow) C:\program files\steinberg\cubase le ai elements 7\components\vstbridgeapp.exe
FirewallRules: [{6CAE1C4A-A024-4E1D-AB65-6ECE97C4413E}] => (Allow) C:\Users\Paul\AppData\Local\ddnowyes.exe
FirewallRules: [{4D4710FF-8195-4BAB-8A85-73D3E384F50F}] => (Allow) C:\Users\Paul\AppData\Local\Temp\nswD964.tmp\oksoft12.exe
FirewallRules: [{432F7508-CC60-491E-A15C-751520A5B63B}] => (Allow) C:\Users\Paul\AppData\Local\79157029.exe
FirewallRules: [{F21A9C65-8D94-47DF-A87C-1A2ED8A500D5}] => (Allow) C:\Users\Paul\AppData\Local\tinstall.exe
FirewallRules: [{529C4426-8C45-4E74-B3CE-8917A062980F}] => (Allow) C:\Program Files (x86)\grooms\unlicensed.exe
FirewallRules: [{3F74C502-22D1-49D5-91BF-1B8BA273236D}] => (Allow) C:\Program Files (x86)\counterman\sonorous.exe
FirewallRules: [{549F42D9-9CD7-4E74-B261-A55FFF5D2023}] => (Allow) C:\Program Files (x86)\SrpnFiles\SrpnFiles.exe
FirewallRules: [{5E9CDF76-5360-494F-8C15-7626BABD8271}] => (Allow) C:\Program Files (x86)\SrpnFiles\SrpnFiles.exe
FirewallRules: [{A5F98ECB-7B83-4775-9ED8-EAE841F13198}] => (Allow) C:\Program Files (x86)\SrpnFiles\downloader.exe
FirewallRules: [{F61F59CC-80B4-471D-ACE9-051FE7668A19}] => (Allow) C:\Program Files (x86)\SrpnFiles\downloader.exe
FirewallRules: [{476F46CA-54D9-448F-A122-68AB74E693DC}] => (Allow) C:\Program Files (x86)\Audinate\Shared Files\mDNSResponder.exe
FirewallRules: [{DB9F0472-713D-426E-891F-002A8479D695}] => (Allow) C:\Program Files (x86)\Audinate\Shared Files\mDNSResponder.exe

==================== Restore Points =========================

ATTENTION: System Restore is disabled

==================== Faulty Device Manager Devices =============

Name: PS/2 Compatible Mouse
Description: PS/2 Compatible Mouse
Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: Intel® Centrino® Advanced-N + WiMAX 6250
Description: Intel® Centrino® Advanced-N + WiMAX 6250
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (12/01/2017 11:57:15 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: RealPlayerUpdateSvc.exe, version: 0.0.0.0, time stamp: 0x55fa16c4
Faulting module name: ntdll.dll, version: 10.0.16299.64, time stamp: 0xac8afc81
Exception code: 0xc0000005
Fault offset: 0x0009400f
Faulting process id: 0xd6c
Faulting application start time: 0x01d36a56d7bd722b
Faulting application path: C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe
Faulting module path: C:\WINDOWS\SYSTEM32\ntdll.dll
Report Id: 8ff723d6-b947-4aca-8d19-c378cddd053f
Faulting package full name:
Faulting package-relative application ID:

Error: (12/01/2017 11:39:25 AM) (Source: RealPlayerUpdateSvc) (EventID: 0) (User: )
Description: Event-ID 0

Error: (12/01/2017 11:39:25 AM) (Source: RealPlayerUpdateSvc) (EventID: 0) (User: )
Description: Event-ID 0

Error: (12/01/2017 11:11:24 AM) (Source: RealPlayerUpdateSvc) (EventID: 0) (User: )
Description: Event-ID 0

Error: (12/01/2017 11:11:24 AM) (Source: RealPlayerUpdateSvc) (EventID: 0) (User: )
Description: Event-ID 0

Error: (12/01/2017 09:29:03 AM) (Source: RealPlayerUpdateSvc) (EventID: 0) (User: )
Description: Event-ID 0

Error: (12/01/2017 09:29:03 AM) (Source: RealPlayerUpdateSvc) (EventID: 0) (User: )
Description: Event-ID 0

Error: (11/30/2017 08:12:27 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: RealPlayerUpdateSvc.exe, version: 0.0.0.0, time stamp: 0x55fa16c4
Faulting module name: ntdll.dll, version: 10.0.16299.15, time stamp: 0xac8afc81
Exception code: 0xc0000005
Fault offset: 0x0009400f
Faulting process id: 0xd90
Faulting application start time: 0x01d36a3d42fb69d4
Faulting application path: C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe
Faulting module path: C:\WINDOWS\SYSTEM32\ntdll.dll
Report Id: ded7440d-7098-43d3-b9ea-41ad133ebeae
Faulting package full name:
Faulting package-relative application ID:

Error: (11/30/2017 07:49:33 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "C:\Windows\Installer\{FB20AA56-F683-463A-8812-90A3507E96F9}\recordingmanager.exe".
Dependent Assembly rpshellextension.1.0,language="&#x2a;",type="win32",version="1.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (11/30/2017 12:41:14 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: RealPlayerUpdateSvc.exe, version: 0.0.0.0, time stamp: 0x55fa16c4
Faulting module name: ntdll.dll, version: 10.0.16299.15, time stamp: 0xac8afc81
Exception code: 0xc0000005
Fault offset: 0x0009400f
Faulting process id: 0xd74
Faulting application start time: 0x01d369fe39ee7e1e
Faulting application path: C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe
Faulting module path: C:\WINDOWS\SYSTEM32\ntdll.dll
Report Id: 45a2a21d-2eef-476c-8865-2d44110c313c
Faulting package full name:
Faulting package-relative application ID:


System errors:
=============
Error: (12/01/2017 01:45:49 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: The server {784E29F4-5EBE-4279-9948-1E8FE941646D} did not register with DCOM within the required timeout.

Error: (12/01/2017 01:42:41 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The I2P Service service terminated unexpectedly.  It has done this 1 time(s).

Error: (12/01/2017 01:42:39 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Stereo Service service failed to start due to the following error:
The system cannot find the file specified.

Error: (12/01/2017 12:11:56 PM) (Source: DCOM) (EventID: 10016) (User: main)
Description: The machine-default permission settings do not grant Local Activation permission for the COM Server application with CLSID
{C2F03A33-21F5-47FA-B4BB-156362A2F239}
 and APPID
{316CDED5-E4AE-4B15-9113-7055D84DCC97}
 to the user main\Paul SID (S-1-5-21-3266970540-2495065241-1426683439-1001) from address LocalHost (Using LRPC) running in the application container Microsoft.Windows.Cortana_1.9.6.16299_neutral_neutral_cw5n1h2txyewy SID (S-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742). This security permission can be modified using the Component Services administrative tool.

Error: (12/01/2017 12:11:56 PM) (Source: DCOM) (EventID: 10016) (User: main)
Description: The machine-default permission settings do not grant Local Activation permission for the COM Server application with CLSID
{C2F03A33-21F5-47FA-B4BB-156362A2F239}
 and APPID
{316CDED5-E4AE-4B15-9113-7055D84DCC97}
 to the user main\Paul SID (S-1-5-21-3266970540-2495065241-1426683439-1001) from address LocalHost (Using LRPC) running in the application container Microsoft.Windows.Cortana_1.9.6.16299_neutral_neutral_cw5n1h2txyewy SID (S-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742). This security permission can be modified using the Component Services administrative tool.

Error: (12/01/2017 11:57:15 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The RealPlayer Update Service service terminated unexpectedly.  It has done this 1 time(s).

Error: (12/01/2017 11:39:24 AM) (Source: ACPI) (EventID: 10) (User: )
Description: ACPI: ACPI BIOS is attempting to write to an illegal PCI Operation Region (0x4), Please contact your system vendor for technical assistance.

Error: (12/01/2017 11:39:24 AM) (Source: ACPI) (EventID: 10) (User: )
Description: ACPI: ACPI BIOS is attempting to write to an illegal PCI Operation Region (0x4), Please contact your system vendor for technical assistance.

Error: (11/30/2017 10:55:25 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: The server {784E29F4-5EBE-4279-9948-1E8FE941646D} did not register with DCOM within the required timeout.

Error: (11/30/2017 10:48:53 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: The server {784E29F4-5EBE-4279-9948-1E8FE941646D} did not register with DCOM within the required timeout.


==================== Memory info ===========================

Processor: Intel® Core™ i7-2630QM CPU @ 2.00GHz
Percentage of memory in use: 40%
Total physical RAM: 8169.16 MB
Available physical RAM: 4842.89 MB
Total Virtual: 9108.86 MB
Available Virtual: 5581.89 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:118.02 GB) (Free:1.1 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 119.2 GB) (Disk ID: BC4FF9A3)
Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=118 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=450 MB) - (Type=27)
Partition 4: (Not Active) - (Size=450 MB) - (Type=27)

==================== End of Addition.txt ============================


  • 0

Advertisements


#2
zep516

zep516

    Trusted Helper

  • Malware Removal
  • 6,792 posts
Hello,

That log looks ok. It's most likely a keyboard problem. You might try an external keyboard see if that works. Make sure there is nothing jammed in on any of the keys too holding it down.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP