Thanks, i am running the 64bit version
I also forgot to mention that i recently turned off all the options including the extra option that are on the 2nd tab for SpyBot Anti-Beacon as it was interfering with certain apps, so i dunno if that may have opened up things previously closed to attack.
I never got a log on the actual FRST application, I did however get 2 notepad logs, one called FRTS which is the first one pasted bellow and then another notepad file called Addition, so i presume they are the 2 you need
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 07-12-2016
Ran by Mitchcraft (administrator) on DESKTOP-LTRSUGA (14-12-2016 20:12:36)
Running from C:\Users\Mitchcraft\Desktop
Loaded Profiles: Mitchcraft (Available Profiles: Mitchcraft)
Platform: Windows 10 Home Version 1607 (X64) Language: English (United Kingdom)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(SurfRight B.V.) C:\Program Files\HitmanPro\hmpsched.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
(Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
() C:\Program Files\AVAST Software\SecureLine\vpnsvc.exe
(Károly Pados) C:\Program Files (x86)\TinyWall\TinyWall.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Conexant Systems, Inc.) C:\Windows\SysWOW64\SASrv.exe
(Intel Corporation) C:\Windows\SysWOW64\esif_uf.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(Intel Corporation) C:\Windows\Temp\DPTF\esif_assist_64.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe
(Microsoft Corporation) C:\Windows\System32\Speech_OneCore\Common\SpeechRuntime.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Windows\System32\igfxTray.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe
(Károly Pados) C:\Program Files (x86)\TinyWall\TinyWall.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Dashlane, Inc.) C:\Users\Mitchcraft\AppData\Roaming\Dashlane\Dashlane.exe
() C:\Users\Mitchcraft\AppData\Roaming\Dashlane\DashlanePlugin.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(FreeDownloadManager.org) C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\fdm.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(AVAST Software) C:\Program Files\AVAST Software\SecureLine\secureline.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.11.427\SSScheduler.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Conexant Systems, Inc) C:\Program Files\CONEXANT\SAII\SmartAudio.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.10.145.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe
(WildTangent) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\TXE Components\DAL\jhi_service.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot Anti-Beacon\SDAntiBeacon.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
() C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\browsernativehost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Security Assist\isa.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
==================== Registry (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [599896 2015-06-10] (Conexant Systems, Inc.)
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1830616 2014-04-10] (Conexant Systems, Inc.)
HKLM\...\Run: [TinyWall Controller] => C:\Program Files (x86)\TinyWall\TinyWall.exe [698296 2016-03-10] (Károly Pados)
HKLM\...\Run: [WindowsDefender] => C:\Program Files\Windows Defender\MSASCuiL.exe [631808 2016-10-02] (Microsoft Corporation)
HKU\S-1-5-21-428243178-1705098954-1503791332-1001\...\Run: [Dashlane] => C:\Users\Mitchcraft\AppData\Roaming\Dashlane\Dashlane.exe [478592 2016-11-25] (Dashlane, Inc.)
HKU\S-1-5-21-428243178-1705098954-1503791332-1001\...\Run: [DashlanePlugin] => C:\Users\Mitchcraft\AppData\Roaming\Dashlane\DashlanePlugin.exe [536960 2016-11-25] ()
HKU\S-1-5-21-428243178-1705098954-1503791332-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2876704 2016-12-09] (Valve Corporation)
HKU\S-1-5-21-428243178-1705098954-1503791332-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8944344 2016-09-28] (Piriform Ltd)
HKU\S-1-5-21-428243178-1705098954-1503791332-1001\...\Run: [Free Download Manager] => C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\fdm.exe [10275528 2016-11-25] (FreeDownloadManager.org)
HKU\S-1-5-21-428243178-1705098954-1503791332-1001\...\Run: [GoogleChromeAutoLaunch_6C958A2B97141EC4E8DFED4011BDC2A9] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1104728 2016-12-08] (Google Inc.)
HKU\S-1-5-21-428243178-1705098954-1503791332-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Bubbles.scr [806400 2016-07-16] (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\avast! SecureLine.lnk [2016-04-27]
ShortcutTarget: avast! SecureLine.lnk -> C:\Program Files\AVAST Software\SecureLine\SecureLine.exe (AVAST Software)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2016-12-07]
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.427\SSScheduler.exe (McAfee, Inc.)
GroupPolicy: Restriction <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{021eb0cc-d550-49c4-99d6-0b9d20d9ba43}: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{c95a4efb-7330-444a-89b7-e29030e247b3}: [DhcpNameServer] 192.168.1.254
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKU\S-1-5-21-428243178-1705098954-1503791332-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus15.msn.com/?pc=ASTE
BHO: No Name -> {13D67BB7-DB5F-48AA-884D-7A5D94168509} -> No File
BHO: McAfee WebAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2016-10-24] (McAfee, Inc.)
BHO-x32: No Name -> {13D67BB7-DB5F-48AA-884D-7A5D94168509} -> No File
BHO-x32: Dashlane BHO -> {42D79B50-CC4A-4A8E-860F-BE674AF053A2} -> C:\Users\Mitchcraft\AppData\Roaming\Dashlane\ie\Dashlanei.dll [2016-11-25] (Dashlane, Inc.)
BHO-x32: Evernote extension -> {92EF2EAD-A7CE-4424-B0DB-499CF856608E} -> C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll [2015-09-03] (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
BHO-x32: McAfee WebAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2016-10-24] (McAfee, Inc.)
Toolbar: HKLM-x32 - Dashlane Toolbar - {669695BC-A811-4A9D-8CDF-BA8C795F261C} - C:\Users\Mitchcraft\AppData\Roaming\Dashlane\ie\KWIEBar.dll [2016-11-25] (Dashlane, Inc.)
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2016-10-24] (McAfee, Inc.)
Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2016-10-24] (McAfee, Inc.)
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - No File
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - No File
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2016-10-24] (McAfee, Inc.)
Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2016-10-24] (McAfee, Inc.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2013-02-26] (Skype Technologies)
FireFox:
========
FF DefaultProfile: [email protected]
FF ProfilePath: C:\Users\Mitchcraft\AppData\Roaming\Mozilla\Firefox\Profiles\uhuxyevp.default-1478170308547 [2016-12-14]
FF Extension: (Free Download Manager extension) - C:\Users\Mitchcraft\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\[email protected] [2016-12-06]
FF Extension: (Reddit on Youtube) - C:\Users\Mitchcraft\AppData\Roaming\Mozilla\Firefox\Profiles\uhuxyevp.default-1478170308547\Extensions\[email protected] [2016-12-07]
FF Extension: (British English Dictionary) - C:\Users\Mitchcraft\AppData\Roaming\Mozilla\Firefox\Profiles\uhuxyevp.default-1478170308547\Extensions\[email protected] [2016-11-03] [not signed]
FF Extension: (Enhancer for YouTube™) - C:\Users\Mitchcraft\AppData\Roaming\Mozilla\Firefox\Profiles\uhuxyevp.default-1478170308547\Extensions\[email protected] [2016-12-06]
FF Extension: (Ghostery) - C:\Users\Mitchcraft\AppData\Roaming\Mozilla\Firefox\Profiles\uhuxyevp.default-1478170308547\Extensions\[email protected] [2016-11-30]
FF Extension: (LavaFox V2) - C:\Users\Mitchcraft\AppData\Roaming\Mozilla\Firefox\Profiles\uhuxyevp.default-1478170308547\Extensions\[email protected] [2016-12-08]
FF Extension: (Emoji Cheatsheet for GitHub, Basecamp etc.) - C:\Users\Mitchcraft\AppData\Roaming\Mozilla\Firefox\Profiles\uhuxyevp.default-1478170308547\Extensions\[email protected] [2016-11-17]
FF Extension: (LavaFox V2-Green) - C:\Users\Mitchcraft\AppData\Roaming\Mozilla\Firefox\Profiles\uhuxyevp.default-1478170308547\Extensions\[email protected] [2016-12-08]
FF Extension: (YouTube High Definition) - C:\Users\Mitchcraft\AppData\Roaming\Mozilla\Firefox\Profiles\uhuxyevp.default-1478170308547\Extensions\{7b1bf0b6-a1b9-42b0-b75d-252036438bdc}.xpi [2016-11-27]
FF Extension: (Download YouTube Videos as MP4) - C:\Users\Mitchcraft\AppData\Roaming\Mozilla\Firefox\Profiles\uhuxyevp.default-1478170308547\Extensions\{b9bfaf1c-a63f-47cd-8b9a-29526ced9060}.xpi [2016-11-17]
FF Extension: (Video DownloadHelper) - C:\Users\Mitchcraft\AppData\Roaming\Mozilla\Firefox\Profiles\uhuxyevp.default-1478170308547\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2016-12-06]
FF Extension: (Adblock Plus) - C:\Users\Mitchcraft\AppData\Roaming\Mozilla\Firefox\Profiles\uhuxyevp.default-1478170308547\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-11-24]
FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi
FF Extension: (McAfee WebAdvisor) - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi [2016-05-24]
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_23_0_0_207.dll [2016-11-21] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWoW64\Macromed\Flash\NPSWF32_23_0_0_207.dll [2016-11-21] ()
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2015-04-21] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2015-04-21] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2015-04-21] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2015-04-21] (Foxit Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.56 -> C:\Program Files (x86)\Intel\TXE Components\IPT\npIntelWebAPIIPT.dll [2014-07-01] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\TXE Components\IPT\npIntelWebAPIUpdater.dll [2014-07-01] (Intel Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-12-13] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-12-13] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2014-11-14] ()
Chrome:
=======
CHR Profile: C:\Users\Mitchcraft\AppData\Local\Google\Chrome\User Data\Default [2016-12-14]
CHR Extension: (Google Slides) - C:\Users\Mitchcraft\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-12-13]
CHR Extension: (Google Docs) - C:\Users\Mitchcraft\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-12-14]
CHR Extension: (Google Drive) - C:\Users\Mitchcraft\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-12-14]
CHR Extension: (YouTube) - C:\Users\Mitchcraft\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-12-14]
CHR Extension: (Google Sheets) - C:\Users\Mitchcraft\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-12-13]
CHR Extension: (McAfee® WebAdvisor) - C:\Users\Mitchcraft\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2016-12-13]
CHR Extension: (Google Docs Offline) - C:\Users\Mitchcraft\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-12-14]
CHR Extension: (Betternet Unlimited Free VPN Proxy) - C:\Users\Mitchcraft\AppData\Local\Google\Chrome\User Data\Default\Extensions\gjknjjomckknofjidppipffbpoekiipm [2016-12-13]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Mitchcraft\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-12-13]
CHR Extension: (Gmail) - C:\Users\Mitchcraft\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-12-14]
CHR Extension: (Chrome Media Router) - C:\Users\Mitchcraft\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-12-13]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - hxxp://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [38000 2016-10-10] (Dropbox, Inc.)
R2 esifsvc; C:\WINDOWS\SysWoW64\esif_uf.exe [1385640 2015-07-13] (Intel Corporation)
R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [373312 2015-04-14] (WildTangent)
R2 HitmanProScheduler; C:\Program Files\HitmanPro\hmpsched.exe [135496 2016-11-21] (SurfRight B.V.)
R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [373752 2016-02-15] (Intel Corporation)
S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe [881152 2015-05-22] (Intel® Corporation)
R3 Intel® Security Assist; C:\Program Files (x86)\Intel\Intel® Security Assist\isa.exe [335872 2015-05-19] (Intel Corporation) [File not signed]
S2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel® Security Assist\isaHelperService.exe [7680 2015-05-19] () [File not signed]
R2 jhi_service; C:\Program Files (x86)\Intel\TXE Components\DAL\jhi_service.exe [174368 2015-04-21] (Intel Corporation)
S2 Kingsoft_WPS_UpdateService; C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.5178\wtoolex\wpsupdatesvr.exe [133480 2015-11-24] (Zhuhai Kingsoft Office Software Co.,Ltd)
R2 McAfee SiteAdvisor Service; C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe [187840 2016-10-24] (McAfee, Inc.)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.11.427\McCHSvc.exe [329480 2016-10-13] (McAfee, Inc.)
R2 SecureLine; C:\Program Files\AVAST Software\SecureLine\VpnSvc.exe [592392 2016-09-19] ()
S3 Soda PDF 8; C:\Program Files\Soda PDF 8\ws.exe [2263504 2016-08-26] (LULU SOFTWARE LIMITED)
S3 Soda PDF 8 CrashHandler; C:\Program Files\Soda PDF 8\crash-handler-ws.exe [920016 2016-08-26] (LULU SOFTWARE LIMITED)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5495056 2015-06-17] (TeamViewer GmbH)
R2 TinyWall; C:\Program Files (x86)\TinyWall\TinyWall.exe [698296 2016-03-10] (Károly Pados) [File not signed]
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation)
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 ATP; C:\WINDOWS\System32\drivers\AsusTP.sys [101368 2015-12-14] (ASUS Corporation)
R3 dptf_cpu; C:\WINDOWS\System32\drivers\dptf_cpu.sys [43512 2015-07-13] (Intel Corporation)
R3 esif_lf; C:\WINDOWS\system32\DRIVERS\esif_lf.sys [251384 2015-07-13] (Intel Corporation)
R3 igfxLP; C:\WINDOWS\system32\DRIVERS\igdkmd64lp.sys [7357944 2016-02-15] (Intel Corporation)
R3 mfesapsn; C:\Program Files (x86)\McAfee\SiteAdvisor\x64\mfesapsn.sys [46240 2016-06-06] (McAfee, Inc.)
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [887552 2015-07-15] (Realtek )
R3 TXEIx64; C:\WINDOWS\System32\drivers\TXEIx64.sys [146232 2015-06-26] (Intel Corporation)
S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
S3 dbx; system32\DRIVERS\dbx.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-12-14 20:12 - 2016-12-14 20:13 - 00021460 _____ C:\Users\Mitchcraft\Desktop\FRST.txt
2016-12-14 20:12 - 2016-12-14 20:12 - 00000000 ____D C:\FRST
2016-12-14 20:10 - 2016-12-14 20:10 - 02420224 _____ (Farbar) C:\Users\Mitchcraft\Desktop\FRST64.exe
2016-12-14 10:43 - 2016-12-14 10:43 - 00001964 _____ C:\Users\Public\Desktop\HitmanPro.lnk
2016-12-13 14:29 - 2016-12-13 14:29 - 00002346 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-12-13 14:29 - 2016-12-13 14:29 - 00002334 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-12-13 14:28 - 2016-12-14 10:38 - 00000938 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-12-13 14:28 - 2016-12-14 10:38 - 00000934 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-12-13 14:28 - 2016-12-13 14:42 - 00000000 ____D C:\Users\Mitchcraft\AppData\Local\Google
2016-12-13 14:28 - 2016-12-13 14:28 - 00003996 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2016-12-13 14:28 - 2016-12-13 14:28 - 00003764 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2016-12-13 14:28 - 2016-12-13 14:28 - 00000000 ____D C:\Program Files (x86)\Google
2016-12-13 14:27 - 2016-12-13 14:27 - 01065376 _____ (Google Inc.) C:\Users\Mitchcraft\Downloads\ChromeSetup.exe
2016-12-13 09:43 - 2016-12-13 09:43 - 00003300 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task v2
2016-12-10 09:31 - 2016-12-10 09:35 - 00000000 ___RD C:\Users\Mitchcraft\Desktop\Anti Malware FOLDER
2016-12-10 09:20 - 2016-11-11 10:22 - 00590960 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2016-12-10 09:20 - 2016-11-11 10:14 - 00603488 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll
2016-12-10 09:20 - 2016-11-11 10:13 - 01886344 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2016-12-10 09:20 - 2016-11-11 10:01 - 01859264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2016-12-10 09:20 - 2016-11-11 10:01 - 01293152 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2016-12-10 09:20 - 2016-11-11 09:57 - 22224480 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2016-12-10 09:20 - 2016-11-11 09:56 - 00534096 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2016-12-10 09:20 - 2016-11-11 09:29 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2016-12-10 09:20 - 2016-11-11 09:24 - 00098304 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2016-12-10 09:20 - 2016-11-11 09:22 - 00211968 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2016-12-10 09:20 - 2016-11-11 09:21 - 00748544 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2016-12-10 09:20 - 2016-11-11 09:21 - 00379392 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepsync.dll
2016-12-10 09:20 - 2016-11-11 09:20 - 00407552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2016-12-10 09:20 - 2016-11-11 09:20 - 00260608 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgentUserBroker.exe
2016-12-10 09:20 - 2016-11-11 09:20 - 00176128 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepapi.dll
2016-12-10 09:20 - 2016-11-11 09:18 - 17188352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2016-12-10 09:20 - 2016-11-11 09:17 - 01004032 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2016-12-10 09:20 - 2016-11-11 09:14 - 00615424 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnprv.dll
2016-12-10 09:20 - 2016-11-11 09:11 - 00942080 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2016-12-10 09:20 - 2016-11-11 09:11 - 00337920 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2016-12-10 09:20 - 2016-11-11 09:08 - 00539136 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToManager.dll
2016-12-10 09:20 - 2016-11-11 09:07 - 00347648 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll
2016-12-10 09:20 - 2016-11-11 09:06 - 00650752 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2016-12-10 09:20 - 2016-11-11 09:04 - 02800128 _____ (Microsoft Corporation) C:\WINDOWS\system32\netshell.dll
2016-12-10 09:20 - 2016-11-11 09:04 - 01232384 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2016-12-10 09:20 - 2016-11-11 09:03 - 00842240 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntshrui.dll
2016-12-10 09:20 - 2016-11-11 07:49 - 00263472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.ApplicationData.dll
2016-12-10 09:20 - 2016-11-11 07:48 - 02277248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2016-12-10 09:20 - 2016-11-11 07:42 - 03892864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2016-12-10 09:20 - 2016-11-11 07:42 - 01852720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2016-12-10 09:20 - 2016-11-11 07:42 - 01123912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2016-12-10 09:20 - 2016-11-11 07:42 - 00952416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2016-12-10 09:20 - 2016-11-11 07:23 - 00094208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryClient.dll
2016-12-10 09:20 - 2016-11-11 07:19 - 00313856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2016-12-10 09:20 - 2016-11-11 07:19 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepsync.dll
2016-12-10 09:20 - 2016-11-11 07:19 - 00125952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepapi.dll
2016-12-10 09:20 - 2016-11-11 07:18 - 02333184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmSvc.dll
2016-12-10 09:20 - 2016-11-11 07:17 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSManHTTPConfig.exe
2016-12-10 09:20 - 2016-11-11 07:15 - 04612608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2016-12-10 09:20 - 2016-11-11 07:15 - 01357824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2016-12-10 09:20 - 2016-11-11 07:11 - 03306496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2016-12-10 09:20 - 2016-11-11 07:10 - 06109184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2016-12-10 09:20 - 2016-11-11 07:05 - 03370496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll
2016-12-10 09:20 - 2016-11-11 07:04 - 02682880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netshell.dll
2016-12-10 09:20 - 2016-11-11 07:04 - 01992704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2016-12-10 09:20 - 2016-11-11 07:04 - 00715264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlCore.dll
2016-12-10 09:20 - 2016-11-11 07:03 - 00760832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NMAA.dll
2016-12-10 09:19 - 2016-11-11 10:15 - 00198856 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscapi.dll
2016-12-10 09:19 - 2016-11-11 10:15 - 00101216 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceReactivation.dll
2016-12-10 09:19 - 2016-11-11 10:14 - 02482280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2016-12-10 09:19 - 2016-11-11 10:14 - 02186896 _____ (Microsoft Corporation) C:\WINDOWS\system32\hevcdecoder.dll
2016-12-10 09:19 - 2016-11-11 10:13 - 07816032 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-12-10 09:19 - 2016-11-11 10:13 - 02213760 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2016-12-10 09:19 - 2016-11-11 10:13 - 00352096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fastfat.sys
2016-12-10 09:19 - 2016-11-11 10:12 - 00128352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\partmgr.sys
2016-12-10 09:19 - 2016-11-11 10:10 - 02681200 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2016-12-10 09:19 - 2016-11-11 10:09 - 00764392 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2016-12-10 09:19 - 2016-11-11 10:08 - 00142176 _____ (Microsoft Corporation) C:\WINDOWS\system32\migisol.dll
2016-12-10 09:19 - 2016-11-11 10:03 - 01069720 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2016-12-10 09:19 - 2016-11-11 10:03 - 00328008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll
2016-12-10 09:19 - 2016-11-11 10:03 - 00266544 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2016-12-10 09:19 - 2016-11-11 10:02 - 02828376 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2016-12-10 09:19 - 2016-11-11 10:02 - 00360040 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2016-12-10 09:19 - 2016-11-11 10:01 - 07219672 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2016-12-10 09:19 - 2016-11-11 10:01 - 00637400 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2016-12-10 09:19 - 2016-11-11 10:00 - 00335712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2016-12-10 09:19 - 2016-11-11 10:00 - 00219488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tpm.sys
2016-12-10 09:19 - 2016-11-11 09:59 - 02913136 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2016-12-10 09:19 - 2016-11-11 09:59 - 01267512 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2016-12-10 09:19 - 2016-11-11 09:57 - 08170048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2016-12-10 09:19 - 2016-11-11 09:57 - 04130432 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2016-12-10 09:19 - 2016-11-11 09:57 - 01988560 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2016-12-10 09:19 - 2016-11-11 09:57 - 01473048 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2016-12-10 09:19 - 2016-11-11 09:56 - 01274712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2016-12-10 09:19 - 2016-11-11 09:56 - 01062480 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2016-12-10 09:19 - 2016-11-11 09:56 - 00424616 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFPlay.dll
2016-12-10 09:19 - 2016-11-11 09:56 - 00418952 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2016-12-10 09:19 - 2016-11-11 09:56 - 00241496 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll
2016-12-10 09:19 - 2016-11-11 09:56 - 00187520 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudStorageWizard.exe
2016-12-10 09:19 - 2016-11-11 09:56 - 00163752 _____ (Microsoft Corporation) C:\WINDOWS\system32\RTWorkQ.dll
2016-12-10 09:19 - 2016-11-11 09:56 - 00126568 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfaudiocnv.dll
2016-12-10 09:19 - 2016-11-11 09:55 - 01600624 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2016-12-10 09:19 - 2016-11-11 09:55 - 00882680 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeManagerObj.dll
2016-12-10 09:19 - 2016-11-11 09:55 - 00743224 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppwinob.dll
2016-12-10 09:19 - 2016-11-11 09:54 - 01418312 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2016-12-10 09:19 - 2016-11-11 09:51 - 00454592 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2016-12-10 09:19 - 2016-11-11 09:31 - 00366080 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXTaskFactory.dll
2016-12-10 09:19 - 2016-11-11 09:27 - 00206848 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2016-12-10 09:19 - 2016-11-11 09:27 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpremove.exe
2016-12-10 09:19 - 2016-11-11 09:26 - 00258560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xboxgip.sys
2016-12-10 09:19 - 2016-11-11 09:26 - 00163840 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseModernAppMgmtCSP.dll
2016-12-10 09:19 - 2016-11-11 09:26 - 00109056 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReportingCSP.dll
2016-12-10 09:19 - 2016-11-11 09:26 - 00042496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\modem.sys
2016-12-10 09:19 - 2016-11-11 09:25 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\system32\BcastDVRHelper.dll
2016-12-10 09:19 - 2016-11-11 09:25 - 00185344 _____ (Microsoft Corporation) C:\WINDOWS\system32\DisplayManager.dll
2016-12-10 09:19 - 2016-11-11 09:25 - 00147968 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcertinst.exe
2016-12-10 09:19 - 2016-11-11 09:25 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\system32\HttpsDataSource.dll
2016-12-10 09:19 - 2016-11-11 09:25 - 00073216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryBroker.dll
2016-12-10 09:19 - 2016-11-11 09:24 - 00170496 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppCapture.dll
2016-12-10 09:19 - 2016-11-11 09:24 - 00159744 _____ (Microsoft Corporation) C:\WINDOWS\system32\ACPBackgroundManagerPolicy.dll
2016-12-10 09:19 - 2016-11-11 09:24 - 00158720 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEStoreEventHandlers.dll
2016-12-10 09:19 - 2016-11-11 09:24 - 00122880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryClient.dll
2016-12-10 09:19 - 2016-11-11 09:24 - 00110080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.BackgroundManagerPolicy.dll
2016-12-10 09:19 - 2016-11-11 09:24 - 00107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\VPNv2CSP.dll
2016-12-10 09:19 - 2016-11-11 09:23 - 00409088 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnr.dll
2016-12-10 09:19 - 2016-11-11 09:23 - 00058880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.Search.UriHandler.dll
2016-12-10 09:19 - 2016-11-11 09:23 - 00041472 _____ (Microsoft Corporation) C:\WINDOWS\system32\EAMProgressHandler.dll
2016-12-10 09:19 - 2016-11-11 09:22 - 00143360 _____ (Microsoft Corporation) C:\WINDOWS\system32\EDPCleanup.exe
2016-12-10 09:19 - 2016-11-11 09:21 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2016-12-10 09:19 - 2016-11-11 09:20 - 00641024 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngccredprov.dll
2016-12-10 09:19 - 2016-11-11 09:20 - 00574464 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_StorageSense.dll
2016-12-10 09:19 - 2016-11-11 09:20 - 00381952 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptngc.dll
2016-12-10 09:19 - 2016-11-11 09:20 - 00339456 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpusersvc.dll
2016-12-10 09:19 - 2016-11-11 09:19 - 00620544 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe
2016-12-10 09:19 - 2016-11-11 09:19 - 00411648 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpsvc.dll
2016-12-10 09:19 - 2016-11-11 09:19 - 00389632 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
2016-12-10 09:19 - 2016-11-11 09:19 - 00366080 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFolder.dll
2016-12-10 09:19 - 2016-11-11 09:19 - 00320000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2016-12-10 09:19 - 2016-11-11 09:19 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll
2016-12-10 09:19 - 2016-11-11 09:18 - 06285312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2016-12-10 09:19 - 2016-11-11 09:18 - 02084352 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceFlows.DataModel.dll
2016-12-10 09:19 - 2016-11-11 09:18 - 00425984 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2016-12-10 09:19 - 2016-11-11 09:18 - 00411136 _____ (Microsoft Corporation) C:\WINDOWS\system32\facecredentialprovider.dll
2016-12-10 09:19 - 2016-11-11 09:18 - 00278016 _____ (Microsoft Corporation) C:\WINDOWS\system32\netplwiz.dll
2016-12-10 09:19 - 2016-11-11 09:17 - 01220096 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscui.cpl
2016-12-10 09:19 - 2016-11-11 09:17 - 01002496 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2016-12-10 09:19 - 2016-11-11 09:17 - 00956416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2016-12-10 09:19 - 2016-11-11 09:17 - 00410112 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2016-12-10 09:19 - 2016-11-11 09:16 - 01477632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsecedit.dll
2016-12-10 09:19 - 2016-11-11 09:16 - 00560128 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll
2016-12-10 09:19 - 2016-11-11 09:16 - 00184832 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscsvc.dll
2016-12-10 09:19 - 2016-11-11 09:16 - 00161792 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeHelper.dll
2016-12-10 09:19 - 2016-11-11 09:15 - 00159232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscinterop.dll
2016-12-10 09:19 - 2016-11-11 09:14 - 03777536 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2016-12-10 09:19 - 2016-11-11 09:14 - 02104320 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2016-12-10 09:19 - 2016-11-11 09:14 - 01589760 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtctm.dll
2016-12-10 09:19 - 2016-11-11 09:14 - 00713216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2016-12-10 09:19 - 2016-11-11 09:13 - 00396800 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2016-12-10 09:19 - 2016-11-11 09:13 - 00306176 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtcuiu.dll
2016-12-10 09:19 - 2016-11-11 09:12 - 00870912 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtcprx.dll
2016-12-10 09:19 - 2016-11-11 09:11 - 00870400 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmkvsrcsnk.dll
2016-12-10 09:19 - 2016-11-11 09:10 - 13084160 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-12-10 09:19 - 2016-11-11 09:09 - 05111296 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2016-12-10 09:19 - 2016-11-11 09:09 - 01366016 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2016-12-10 09:19 - 2016-11-11 09:08 - 00981504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.OnlineId.dll
2016-12-10 09:19 - 2016-11-11 09:07 - 02510848 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2016-12-10 09:19 - 2016-11-11 09:07 - 02009600 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRHInproc.dll
2016-12-10 09:19 - 2016-11-11 09:07 - 01692672 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2016-12-10 09:19 - 2016-11-11 09:07 - 00991232 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2016-12-10 09:19 - 2016-11-11 09:06 - 02275840 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2016-12-10 09:19 - 2016-11-11 09:06 - 00960000 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2016-12-10 09:19 - 2016-11-11 09:05 - 04136448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll
2016-12-10 09:19 - 2016-11-11 09:05 - 02852864 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2016-12-10 09:19 - 2016-11-11 09:05 - 01490944 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2016-12-10 09:19 - 2016-11-11 09:05 - 00673792 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2016-12-10 09:19 - 2016-11-11 09:04 - 02688512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2016-12-10 09:19 - 2016-11-11 09:04 - 01359360 _____ (Microsoft Corporation) C:\WINDOWS\system32\usercpl.dll
2016-12-10 09:19 - 2016-11-11 09:04 - 00909312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2016-12-10 09:19 - 2016-11-11 09:04 - 00691712 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsm.dll
2016-12-10 09:19 - 2016-11-11 09:04 - 00455168 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2016-12-10 09:19 - 2016-11-11 09:04 - 00172544 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
2016-12-10 09:19 - 2016-11-11 09:03 - 04708864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2016-12-10 09:19 - 2016-11-11 09:03 - 03616768 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-12-10 09:19 - 2016-11-11 09:03 - 02287616 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2016-12-10 09:19 - 2016-11-11 09:03 - 00717824 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2016-12-10 09:19 - 2016-11-11 09:03 - 00716800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ShareHost.dll
2016-12-10 09:19 - 2016-11-11 09:03 - 00391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2016-12-10 09:19 - 2016-11-11 09:03 - 00283648 _____ (Microsoft Corporation) C:\WINDOWS\system32\wkssvc.dll
2016-12-10 09:19 - 2016-11-11 09:03 - 00187392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2016-12-10 09:19 - 2016-11-11 09:02 - 03542016 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2016-12-10 09:19 - 2016-11-11 09:02 - 01726976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2016-12-10 09:19 - 2016-11-11 09:01 - 01107456 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2016-12-10 09:19 - 2016-11-11 08:39 - 00484584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2016-12-10 09:19 - 2016-11-11 08:00 - 01706488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2016-12-10 09:19 - 2016-11-11 07:59 - 01572768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2016-12-10 09:19 - 2016-11-11 07:56 - 02048496 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2016-12-10 09:19 - 2016-11-11 07:49 - 00869848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
2016-12-10 09:19 - 2016-11-11 07:49 - 00248480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll
2016-12-10 09:19 - 2016-11-11 07:47 - 05722832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2016-12-10 09:19 - 2016-11-11 07:47 - 01503032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2016-12-10 09:19 - 2016-11-11 07:47 - 00527880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2016-12-10 09:19 - 2016-11-11 07:45 - 02166752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2016-12-10 09:19 - 2016-11-11 07:45 - 00846560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2016-12-10 09:19 - 2016-11-11 07:42 - 06668032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2016-12-10 09:19 - 2016-11-11 07:42 - 00382784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll
2016-12-10 09:19 - 2016-11-11 07:42 - 00374448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFPlay.dll
2016-12-10 09:19 - 2016-11-11 07:42 - 00152416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RTWorkQ.dll
2016-12-10 09:19 - 2016-11-11 07:42 - 00091936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfaudiocnv.dll
2016-12-10 09:19 - 2016-11-11 07:41 - 04311736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2016-12-10 09:19 - 2016-11-11 07:41 - 00157536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudStorageWizard.exe
2016-12-10 09:19 - 2016-11-11 07:38 - 01263856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2016-12-10 09:19 - 2016-11-11 07:28 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll
2016-12-10 09:19 - 2016-11-11 07:27 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe
2016-12-10 09:19 - 2016-11-11 07:26 - 00147968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2016-12-10 09:19 - 2016-11-11 07:25 - 00117248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapsBtSvc.dll
2016-12-10 09:19 - 2016-11-11 07:25 - 00071168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosStorage.dll
2016-12-10 09:19 - 2016-11-11 07:24 - 00519168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ngccredprov.dll
2016-12-10 09:19 - 2016-11-11 07:24 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BcastDVRHelper.dll
2016-12-10 09:19 - 2016-11-11 07:24 - 00138240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DisplayManager.dll
2016-12-10 09:19 - 2016-11-11 07:24 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Shell.Search.UriHandler.dll
2016-12-10 09:19 - 2016-11-11 07:23 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppCapture.dll
2016-12-10 09:19 - 2016-11-11 07:22 - 00505856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.exe
2016-12-10 09:19 - 2016-11-11 07:22 - 00122880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sendmail.dll
2016-12-10 09:19 - 2016-11-11 07:21 - 00332288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
2016-12-10 09:19 - 2016-11-11 07:21 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.BackgroundTransfer.BackgroundManagerPolicy.dll
2016-12-10 09:19 - 2016-11-11 07:19 - 13868544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2016-12-10 09:19 - 2016-11-11 07:19 - 01755136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DeviceFlows.DataModel.dll
2016-12-10 09:19 - 2016-11-11 07:19 - 00506880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DevicePairing.dll
2016-12-10 09:19 - 2016-11-11 07:19 - 00298496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2016-12-10 09:19 - 2016-11-11 07:18 - 01336320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsecedit.dll
2016-12-10 09:19 - 2016-11-11 07:18 - 00431616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\efswrt.dll
2016-12-10 09:19 - 2016-11-11 07:18 - 00318464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFolder.dll
2016-12-10 09:19 - 2016-11-11 07:17 - 00333312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActivationManager.dll
2016-12-10 09:19 - 2016-11-11 07:15 - 07626752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2016-12-10 09:19 - 2016-11-11 07:15 - 00838144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll
2016-12-10 09:19 - 2016-11-11 07:15 - 00348672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\zipfldr.dll
2016-12-10 09:19 - 2016-11-11 07:15 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptngc.dll
2016-12-10 09:19 - 2016-11-11 07:14 - 00395264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmenrollengine.dll
2016-12-10 09:19 - 2016-11-11 07:13 - 00499200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LogonController.dll
2016-12-10 09:19 - 2016-11-11 07:13 - 00165376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll
2016-12-10 09:19 - 2016-11-11 07:10 - 12177920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-12-10 09:19 - 2016-11-11 07:10 - 00746496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdtcprx.dll
2016-12-10 09:19 - 2016-11-11 07:09 - 05380608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2016-12-10 09:19 - 2016-11-11 07:09 - 00545280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmkvsrcsnk.dll
2016-12-10 09:19 - 2016-11-11 07:08 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xolehlp.dll
2016-12-10 09:19 - 2016-11-11 07:06 - 06474752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspaint.exe
2016-12-10 09:19 - 2016-11-11 07:06 - 02362880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapRouter.dll
2016-12-10 09:19 - 2016-11-11 07:06 - 02109952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapGeocoder.dll
2016-12-10 09:19 - 2016-11-11 07:06 - 01228288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usercpl.dll
2016-12-10 09:19 - 2016-11-11 07:06 - 00400384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToManager.dll
2016-12-10 09:19 - 2016-11-11 07:06 - 00359936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mtxclu.dll
2016-12-10 09:19 - 2016-11-11 07:05 - 04423680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2016-12-10 09:19 - 2016-11-11 07:04 - 01880576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2016-12-10 09:19 - 2016-11-11 07:04 - 01595392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-12-10 09:19 - 2016-11-11 07:04 - 00912896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2016-12-10 09:19 - 2016-11-11 07:04 - 00358912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\stobject.dll
2016-12-10 09:19 - 2016-11-11 07:03 - 02484736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gameux.dll
2016-12-10 09:19 - 2016-11-11 07:03 - 02256384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2016-12-10 09:19 - 2016-11-11 07:03 - 01576448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2016-12-10 09:19 - 2016-11-11 07:03 - 01556480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2016-12-10 09:19 - 2016-11-11 07:03 - 00565248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll
2016-12-10 09:19 - 2016-11-11 07:02 - 00711680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2016-12-10 09:19 - 2016-11-11 07:01 - 02998272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2016-12-10 09:19 - 2016-11-11 06:40 - 00483840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2016-12-10 09:18 - 2016-11-11 10:01 - 02189152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2016-12-10 09:18 - 2016-11-11 10:01 - 01738048 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2016-12-10 09:18 - 2016-11-11 10:01 - 00658264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2016-12-10 09:18 - 2016-11-11 10:01 - 00401760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2016-12-10 09:18 - 2016-11-11 10:00 - 00223584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2016-12-10 09:18 - 2016-11-11 09:59 - 00433504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2016-12-10 09:18 - 2016-11-11 09:56 - 04673304 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2016-12-10 09:18 - 2016-11-11 09:51 - 00455520 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2016-12-10 09:18 - 2016-11-11 09:31 - 22563840 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-12-10 09:18 - 2016-11-11 09:28 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2016-12-10 09:18 - 2016-11-11 09:28 - 00040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\CbtBackgroundManagerPolicy.dll
2016-12-10 09:18 - 2016-11-11 09:27 - 00086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetCfgNotifyObjectHost.exe
2016-12-10 09:18 - 2016-11-11 09:26 - 00034816 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgentc.exe
2016-12-10 09:18 - 2016-11-11 09:25 - 00151040 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvc.dll
2016-12-10 09:18 - 2016-11-11 09:25 - 00089600 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosStorage.dll
2016-12-10 09:18 - 2016-11-11 09:24 - 00226816 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2016-12-10 09:18 - 2016-11-11 09:24 - 00136192 _____ (Microsoft Corporation) C:\WINDOWS\system32\sendmail.dll
2016-12-10 09:18 - 2016-11-11 09:23 - 00567296 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicePairing.dll
2016-12-10 09:18 - 2016-11-11 09:23 - 00380928 _____ (Microsoft Corporation) C:\WINDOWS\system32\wincorlib.dll
2016-12-10 09:18 - 2016-11-11 09:22 - 00489472 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupShim.dll
2016-12-10 09:18 - 2016-11-11 09:22 - 00082944 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshost.dll
2016-12-10 09:18 - 2016-11-11 09:21 - 00690688 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2016-12-10 09:18 - 2016-11-11 09:21 - 00587776 _____ (Microsoft Corporation) C:\WINDOWS\system32\vpnike.dll
2016-12-10 09:18 - 2016-11-11 09:21 - 00313856 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshostcore.dll
2016-12-10 09:18 - 2016-11-11 09:20 - 00657920 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2016-12-10 09:18 - 2016-11-11 09:20 - 00590336 _____ (Microsoft Corporation) C:\WINDOWS\system32\efswrt.dll
2016-12-10 09:18 - 2016-11-11 09:20 - 00446976 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2016-12-10 09:18 - 2016-11-11 09:20 - 00261632 _____ (Microsoft Corporation) C:\WINDOWS\system32\indexeddbserver.dll
2016-12-10 09:18 - 2016-11-11 09:20 - 00216576 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapibase.dll
2016-12-10 09:18 - 2016-11-11 09:20 - 00125952 _____ (Microsoft Corporation) C:\WINDOWS\system32\setupugc.exe
2016-12-10 09:18 - 2016-11-11 09:20 - 00115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\IdCtrls.dll
2016-12-10 09:18 - 2016-11-11 09:19 - 09131008 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2016-12-10 09:18 - 2016-11-11 09:19 - 00495104 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataSenseHandlers.dll
2016-12-10 09:18 - 2016-11-11 09:19 - 00388096 _____ (Microsoft Corporation) C:\WINDOWS\system32\zipfldr.dll
2016-12-10 09:18 - 2016-11-11 09:19 - 00198144 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpapisrv.dll
2016-12-10 09:18 - 2016-11-11 09:19 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2016-12-10 09:18 - 2016-11-11 09:17 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProvSysprep.dll
2016-12-10 09:18 - 2016-11-11 09:16 - 02716672 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmSvc.dll
2016-12-10 09:18 - 2016-11-11 09:16 - 00105984 _____ (Microsoft Corporation) C:\WINDOWS\system32\RjvMDMConfig.dll
2016-12-10 09:18 - 2016-11-11 09:15 - 00282624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb10.sys
2016-12-10 09:18 - 2016-11-11 09:15 - 00032256 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSManHTTPConfig.exe
2016-12-10 09:18 - 2016-11-11 09:14 - 07654400 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2016-12-10 09:18 - 2016-11-11 09:14 - 00178176 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppnp.dll
2016-12-10 09:18 - 2016-11-11 09:13 - 07812096 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2016-12-10 09:18 - 2016-11-11 09:11 - 23678464 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-12-10 09:18 - 2016-11-11 09:11 - 00096256 _____ (Microsoft Corporation) C:\WINDOWS\system32\umpoext.dll
2016-12-10 09:18 - 2016-11-11 09:10 - 04749312 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2016-12-10 09:18 - 2016-11-11 09:09 - 00164352 _____ (Microsoft Corporation) C:\WINDOWS\system32\dialserver.dll
2016-12-10 09:18 - 2016-11-11 09:08 - 08127488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-12-10 09:18 - 2016-11-11 09:07 - 03441152 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapRouter.dll
2016-12-10 09:18 - 2016-11-11 09:07 - 02953216 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapGeocoder.dll
2016-12-10 09:18 - 2016-11-11 09:07 - 01691136 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2016-12-10 09:18 - 2016-11-11 09:07 - 01060864 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll
2016-12-10 09:18 - 2016-11-11 09:06 - 03400192 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncCenter.dll
2016-12-10 09:18 - 2016-11-11 09:05 - 01779712 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-12-10 09:18 - 2016-11-11 09:05 - 01031680 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2016-12-10 09:18 - 2016-11-11 09:04 - 06664192 _____ (Microsoft Corporation) C:\WINDOWS\system32\mspaint.exe
2016-12-10 09:18 - 2016-11-11 09:04 - 04746752 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-12-10 09:18 - 2016-11-11 09:04 - 02611200 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameux.dll
2016-12-10 09:18 - 2016-11-11 09:04 - 02317312 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2016-12-10 09:18 - 2016-11-11 09:04 - 01709056 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2016-12-10 09:18 - 2016-11-11 09:04 - 00389632 _____ (Microsoft Corporation) C:\WINDOWS\system32\stobject.dll
2016-12-10 09:18 - 2016-11-11 09:03 - 02669056 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-12-10 09:18 - 2016-11-11 09:03 - 01513472 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2016-12-10 09:18 - 2016-11-11 09:03 - 00905216 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
2016-12-10 09:18 - 2016-11-11 09:03 - 00632320 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
2016-12-10 09:18 - 2016-11-11 09:02 - 00936448 _____ (Microsoft Corporation) C:\WINDOWS\system32\NMAA.dll
2016-12-10 09:18 - 2016-11-11 09:02 - 00730112 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2016-12-10 09:18 - 2016-11-11 08:01 - 02206496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2016-12-10 09:18 - 2016-11-11 08:01 - 01969912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hevcdecoder.dll
2016-12-10 09:18 - 2016-11-11 08:01 - 00167848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscapi.dll
2016-12-10 09:18 - 2016-11-11 07:54 - 00122208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\migisol.dll
2016-12-10 09:18 - 2016-11-11 07:47 - 01430720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2016-12-10 09:18 - 2016-11-11 07:47 - 00861024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2016-12-10 09:18 - 2016-11-11 07:42 - 20969928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2016-12-10 09:18 - 2016-11-11 07:42 - 00959112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2016-12-10 09:18 - 2016-11-11 07:27 - 00065024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetCfgNotifyObjectHost.exe
2016-12-10 09:18 - 2016-11-11 07:26 - 00030720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgentc.exe
2016-12-10 09:18 - 2016-11-11 07:21 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2016-12-10 09:18 - 2016-11-11 07:20 - 00822784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2016-12-10 09:18 - 2016-11-11 07:20 - 00557568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2016-12-10 09:18 - 2016-11-11 07:20 - 00306176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2016-12-10 09:18 - 2016-11-11 07:20 - 00288768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincorlib.dll
2016-12-10 09:18 - 2016-11-11 07:20 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe
2016-12-10 09:18 - 2016-11-11 07:19 - 00364544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupShim.dll
2016-12-10 09:18 - 2016-11-11 07:19 - 00114176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setupugc.exe
2016-12-10 09:18 - 2016-11-11 07:18 - 01196544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscui.cpl
2016-12-10 09:18 - 2016-11-11 07:18 - 00108544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscinterop.dll
2016-12-10 09:18 - 2016-11-11 07:17 - 00635904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2016-12-10 09:18 - 2016-11-11 07:16 - 19415552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2016-12-10 09:18 - 2016-11-11 07:16 - 00253952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2016-12-10 09:18 - 2016-11-11 07:16 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\indexeddbserver.dll
2016-12-10 09:18 - 2016-11-11 07:14 - 19415552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-12-10 09:18 - 2016-11-11 07:12 - 00259584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdtcuiu.dll
2016-12-10 09:18 - 2016-11-11 07:09 - 03196416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2016-12-10 09:18 - 2016-11-11 07:06 - 03666432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2016-12-10 09:18 - 2016-11-11 07:06 - 00807424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.OnlineId.dll
2016-12-10 09:18 - 2016-11-11 07:05 - 06044160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2016-12-10 09:18 - 2016-11-11 07:04 - 00873472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2016-12-10 09:18 - 2016-11-11 07:03 - 00772608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntshrui.dll
2016-12-10 09:18 - 2016-11-11 07:03 - 00566784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ShareHost.dll
2016-12-09 10:20 - 2016-12-09 10:20 - 00000000 ____D C:\Users\Mitchcraft\Documents\Screencast-O-Matic
2016-12-09 10:17 - 2016-12-09 10:21 - 00000000 ____D C:\Users\Mitchcraft\AppData\Local\Screencast-O-Matic-v2
2016-12-09 10:17 - 2016-12-09 10:17 - 00001285 _____ C:\Users\Public\Desktop\Screencast-O-Matic v2.0.lnk
2016-12-09 10:16 - 2016-12-09 10:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Screencast-O-Matic v2.0
2016-12-09 10:16 - 2016-12-09 10:16 - 00000000 ____D C:\Program Files (x86)\Screencast-O-Matic
2016-12-09 10:14 - 2016-12-09 10:16 - 17956136 _____ C:\Users\Mitchcraft\Downloads\InstallScreencastOMatic-2.0.exe
2016-12-08 09:36 - 2016-12-08 09:36 - 00004389 _____ C:\Users\Mitchcraft\Documents\My Movie.wlmp
2016-12-07 17:45 - 2016-12-07 17:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
2016-12-07 17:45 - 2016-12-07 17:45 - 00000000 ____D C:\Program Files\McAfee Security Scan
2016-12-07 16:11 - 2016-12-07 16:11 - 00000000 ____D C:\Program Files\McAfee
2016-12-07 16:08 - 2016-12-07 16:08 - 00002531 _____ C:\Users\Public\Desktop\Skype.lnk
2016-12-07 16:08 - 2016-12-07 16:08 - 00000000 ___RD C:\Program Files (x86)\Skype
2016-12-07 16:08 - 2016-12-07 16:08 - 00000000 ____D C:\ProgramData\Skype
2016-12-07 16:08 - 2016-12-07 16:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2016-12-07 16:05 - 2016-12-14 10:52 - 00000000 ____D C:\Users\Mitchcraft\Tracing
2016-12-07 16:03 - 2016-12-07 16:03 - 00001449 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Photo Gallery.lnk
2016-12-07 16:03 - 2016-12-07 16:03 - 00001380 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Movie Maker.lnk
2016-12-07 16:03 - 2016-12-07 16:03 - 00001360 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Mail.lnk
2016-12-07 16:03 - 2016-12-07 16:03 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live
2016-12-07 16:03 - 2016-12-07 16:03 - 00000000 ____D C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2016-12-07 16:02 - 2016-12-07 16:02 - 00000000 ____D C:\WINDOWS\PCHEALTH
2016-12-07 16:02 - 2016-12-07 16:02 - 00000000 ____D C:\Program Files\Windows Live
2016-12-07 16:01 - 2016-12-07 16:09 - 00000000 ____D C:\Program Files (x86)\Windows Live
2016-12-07 16:01 - 2010-06-02 04:55 - 00527192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_7.dll
2016-12-07 16:01 - 2010-06-02 04:55 - 00518488 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_7.dll
2016-12-07 16:01 - 2010-06-02 04:55 - 00077656 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_5.dll
2016-12-07 16:01 - 2010-06-02 04:55 - 00074072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_5.dll
2016-12-07 16:01 - 2010-05-26 11:41 - 02526056 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_43.dll
2016-12-07 16:01 - 2010-05-26 11:41 - 02106216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_43.dll
2016-12-07 16:01 - 2010-05-26 11:41 - 00276832 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx11_43.dll
2016-12-07 16:01 - 2010-05-26 11:41 - 00248672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx11_43.dll
2016-12-07 16:00 - 2009-09-04 17:29 - 00523088 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_42.dll
2016-12-07 16:00 - 2009-09-04 17:29 - 00453456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_42.dll
2016-12-07 15:59 - 2006-11-29 13:06 - 04398360 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_32.dll
2016-12-07 15:59 - 2006-11-29 13:06 - 03426072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_32.dll
2016-12-07 15:57 - 2016-12-14 17:30 - 00000000 ____D C:\Users\Mitchcraft\AppData\Local\Windows Live
2016-12-07 15:57 - 2016-12-07 15:57 - 01239752 _____ (Microsoft Corporation) C:\Users\Mitchcraft\Downloads\wlsetup-web.exe
2016-12-06 19:24 - 2016-12-06 19:24 - 00000000 ____D C:\Users\Mitchcraft\dwhelper
2016-12-06 19:20 - 2016-12-14 20:10 - 00000000 ____D C:\Users\Mitchcraft\AppData\Local\Free Download Manager
2016-12-06 19:20 - 2016-12-06 19:20 - 00001159 _____ C:\Users\Public\Desktop\Free Download Manager 5.lnk
2016-12-06 19:20 - 2016-12-06 19:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free Download Manager
2016-12-06 19:19 - 2016-12-06 19:19 - 00000000 ____D C:\Program Files\FreeDownloadManager.ORG
2016-12-06 19:18 - 2016-12-06 19:19 - 49999328 _____ (FreeDownloadManager.ORG ) C:\Users\Mitchcraft\Downloads\fdm5_x64_setup.exe
2016-11-29 15:51 - 2016-11-29 15:51 - 00011538 _____ C:\Users\Mitchcraft\Documents\cc_20161129_155153.reg
2016-11-17 10:15 - 2016-11-17 10:16 - 00011850 _____ C:\Users\Mitchcraft\Documents\cc_20161117_101556.reg
2016-11-17 09:38 - 2016-12-14 12:02 - 00000000 ____D C:\Users\Mitchcraft\AppData\LocalLow\Mozilla
2016-11-16 09:13 - 2016-11-16 09:13 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2016-11-16 00:19 - 2016-12-14 12:06 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-12-14 19:31 - 2016-10-02 03:23 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2016-12-14 17:39 - 2016-09-20 10:55 - 00000000 ____D C:\Users\Mitchcraft\AppData\Roaming\vlc
2016-12-14 13:54 - 2016-07-16 11:47 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-12-14 12:52 - 2016-07-16 11:36 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-12-14 12:41 - 2016-09-19 18:50 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-12-14 12:37 - 2016-09-19 18:49 - 135632432 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-12-14 12:20 - 2016-07-16 11:47 - 00000000 ___HD C:\Program Files\WindowsApps
2016-12-14 12:00 - 2016-10-02 03:58 - 00003550 _____ C:\WINDOWS\System32\Tasks\ASUS Live Update1
2016-12-14 12:00 - 2016-10-02 03:58 - 00003540 _____ C:\WINDOWS\System32\Tasks\ASUS Live Update2
2016-12-14 11:43 - 2016-09-19 13:39 - 00000000 ____D C:\Program Files (x86)\Steam
2016-12-14 11:43 - 2016-09-19 12:42 - 00000184 _____ C:\Users\Mitchcraft\AppData\Roaming\sp_data.sys
2016-12-14 11:42 - 2016-09-19 13:24 - 00000000 ____D C:\ProgramData\ASUS Smart Gesture
2016-12-14 11:41 - 2016-10-02 03:26 - 00000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2016-12-14 11:41 - 2016-09-19 12:42 - 00000000 __SHD C:\Users\Mitchcraft\IntelGraphicsProfiles
2016-12-14 11:40 - 2016-10-02 03:58 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-12-14 11:39 - 2016-07-16 06:04 - 00524288 _____ C:\WINDOWS\system32\config\BBI
2016-12-14 11:38 - 2016-11-03 10:28 - 00000000 ____D C:\AdwCleaner
2016-12-14 11:38 - 2016-10-08 10:07 - 00000000 ____D C:\ProgramData\TinyWall
2016-12-14 11:38 - 2016-10-02 03:34 - 00000000 ____D C:\Users\Mitchcraft
2016-12-14 11:00 - 2016-09-23 11:01 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2016-12-14 10:52 - 2016-07-16 11:45 - 00000000 ____D C:\WINDOWS\INF
2016-12-14 10:38 - 2016-09-19 13:26 - 00000000 ____D C:\Program Files (x86)\McAfee
2016-12-14 10:37 - 2016-09-19 12:47 - 00000000 ___RD C:\Users\Mitchcraft\OneDrive
2016-12-14 08:48 - 2016-11-09 08:26 - 00000000 ____D C:\Users\Mitchcraft\AppData\Local\ElevatedDiagnostics
2016-12-13 11:14 - 2016-09-19 12:42 - 00000000 ____D C:\Users\Mitchcraft\AppData\Local\Packages
2016-12-13 09:43 - 2016-09-19 12:47 - 00002427 _____ C:\Users\Mitchcraft\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2016-12-13 06:54 - 2016-07-16 11:47 - 00000000 ____D C:\WINDOWS\rescache
2016-12-12 10:07 - 2016-09-19 13:12 - 00002020 _____ C:\Users\Mitchcraft\Desktop\Dashlane.lnk
2016-12-12 10:07 - 2016-09-19 13:08 - 00000000 ____D C:\Users\Mitchcraft\AppData\Roaming\Dashlane
2016-12-12 10:04 - 2016-04-27 06:13 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-12-12 10:03 - 2015-11-24 04:55 - 01057986 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-12-12 09:56 - 2016-10-02 03:23 - 00194248 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-12-12 09:54 - 2016-07-16 11:47 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2016-12-12 09:54 - 2016-07-16 11:47 - 00000000 ____D C:\WINDOWS\SysWOW64\oobe
2016-12-12 09:54 - 2016-07-16 11:47 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2016-12-12 09:54 - 2016-07-16 11:47 - 00000000 ____D C:\WINDOWS\system32\oobe
2016-12-12 09:54 - 2016-07-16 11:47 - 00000000 ____D C:\WINDOWS\ShellExperiences
2016-12-12 09:54 - 2016-07-16 11:47 - 00000000 ____D C:\WINDOWS\bcastdvr
2016-12-12 09:54 - 2016-07-16 06:04 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism
2016-12-12 09:54 - 2016-07-16 06:04 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2016-12-12 09:54 - 2016-07-16 06:04 - 00000000 ____D C:\WINDOWS\system32\Dism
2016-12-12 09:54 - 2016-07-16 06:04 - 00000000 ____D C:\WINDOWS\servicing
2016-12-11 23:56 - 2016-07-16 11:49 - 00835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-12-11 23:56 - 2016-07-16 11:49 - 00177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2016-12-10 09:38 - 2016-09-21 13:22 - 00000000 ____D C:\Users\Mitchcraft\Desktop\Mitchcraft Documents
2016-12-10 09:28 - 2016-09-22 05:48 - 00000830 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2016-12-10 09:28 - 2016-09-19 12:54 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-12-10 08:49 - 2016-07-16 11:42 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll
2016-12-08 11:39 - 2016-07-16 11:47 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2016-12-08 09:22 - 2016-09-20 12:47 - 00000000 ____D C:\Users\Mitchcraft\AppData\Roaming\Skype
2016-12-07 16:04 - 2016-07-16 22:49 - 00000000 ____D C:\WINDOWS\en-GB
2016-11-21 09:37 - 2016-09-20 09:34 - 00000000 ____D C:\Users\Mitchcraft\AppData\Roaming\Stellarium
2016-11-21 09:09 - 2016-10-02 03:58 - 00003816 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2016-11-21 09:09 - 2016-09-22 05:48 - 00000000 ____D C:\Users\Mitchcraft\AppData\Local\Adobe
2016-11-21 09:09 - 2016-07-16 11:47 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed
2016-11-21 09:09 - 2016-07-16 11:47 - 00000000 ____D C:\WINDOWS\system32\Macromed
2016-11-16 09:25 - 2016-09-19 12:56 - 00000000 ____D C:\Users\Mitchcraft\AppData\Roaming\Notepad++
==================== Files in the root of some directories =======
2016-09-19 12:42 - 2016-12-14 11:43 - 0000184 _____ () C:\Users\Mitchcraft\AppData\Roaming\sp_data.sys
2016-09-19 13:24 - 2016-09-22 23:54 - 0000098 _____ () C:\Users\Mitchcraft\AppData\Roaming\WB.CFG
Files to move or delete:
====================
C:\Windows\Tasks\{56E55082-182C-2959-1722-17B52C2094A5}.job
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2016-12-07 07:03
==================== End of FRST.txt ============================
------------------------------------------------- Addition notepad log bellow
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 07-12-2016
Ran by Mitchcraft (14-12-2016 20:14:22)
Running from C:\Users\Mitchcraft\Desktop
Windows 10 Home Version 1607 (X64) (2016-10-02 04:03:58)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-428243178-1705098954-1503791332-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-428243178-1705098954-1503791332-503 - Limited - Disabled)
Guest (S-1-5-21-428243178-1705098954-1503791332-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-428243178-1705098954-1503791332-1003 - Limited - Enabled)
Mitchcraft (S-1-5-21-428243178-1705098954-1503791332-1001 - Administrator - Enabled) => C:\Users\Mitchcraft
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Flash Player 23 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 23.0.0.207 - Adobe Systems Incorporated)
ASUS HiPost (HKLM-x32\...\{04768366-F421-4BA5-8423-B84F644B5249}) (Version: 1.0.6 - ASUS)
ASUS Live Update (HKLM-x32\...\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}) (Version: 3.4.3 - ASUS)
ASUS Smart Gesture (HKLM-x32\...\{4D3286A6-F6AB-498A-82A4-E4F040529F3D}) (Version: 4.0.12 - ASUS)
ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 3.14.0006 - ASUS)
ASUS USB Charger Plus (HKLM-x32\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 4.1.6 - ASUS)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0040 - ASUS)
AudioWizard (HKLM-x32\...\{57E770A2-2BAF-4CAA-BAA3-BD896E2254D3}) (Version: 1.0.0.85 - ICEpower a/s)
Avast SecureLine for Asustek (HKLM\...\{2CD3C92F-EDC5-4B02-9B0A-9C1D37C58EF5}_is1) (Version: 1.0.239.3 - AVAST Software)
CCleaner (HKLM\...\CCleaner) (Version: 5.23 - Piriform)
CleanUp! (HKLM-x32\...\CleanUp!) (Version: - )
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.66.16.50 - Conexant)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dashlane (HKU\S-1-5-21-428243178-1705098954-1503791332-1001\...\Dashlane) (Version: 4.6.4.21286 - Dashlane SAS)
Device Setup (HKLM-x32\...\{8D6B05E0-F457-408C-9D13-549334D8FAE1}) (Version: 2.0.2 - ASUSTek Computer Inc.)
Evernote v. 5.9.1 (HKLM-x32\...\{5EA1DED0-5285-11E5-8AA1-0050569584E9}) (Version: 5.9.1.8742 - Evernote Corp.)
Foxit PhantomPDF (HKLM-x32\...\{E40149BB-552F-44C8-A10F-4188ADC5AD70}) (Version: 7.0.510.429 - Foxit Software Inc.)
Free Download Manager (HKLM\...\{43781dff-e0df-49ce-a6d2-47da96a485e7}}_is1) (Version: - FreeDownloadManager.ORG)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 55.0.2883.87 - Google Inc.)
Google Update Helper (x32 Version: 1.3.31.5 - Google Inc.) Hidden
HitmanPro 3.7 (HKLM\...\HitmanPro37) (Version: 3.7.15.281 - SurfRight B.V.)
Intel® Chipset Device Software (x32 Version: 10.1.1.9 - Intel® Corporation) Hidden
Intel® Dynamic Platform and Thermal Framework (HKLM-x32\...\{654EE65D-FAA4-4EA6-8C07-DC94E6A304D4}) (Version: 8.1.10600.150 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4380 - Intel Corporation)
Intel® Trusted Execution Engine (HKLM\...\{176E2755-0A17-42C6-88E2-192AB2131278}) (Version: 2.0.0.1067 - Intel Corporation)
Intel® Security Assist (HKLM-x32\...\{4B230374-6475-4A73-BA6E-41015E9C5013}) (Version: 1.0.0.532 - Intel Corporation)
Junk Mail filter update (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Malwarebytes Anti-Malware version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.11.427.2 - McAfee, Inc.)
McAfee WebAdvisor (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.0.164 - McAfee, Inc.)
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4693.1005 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-428243178-1705098954-1503791332-1001\...\OneDriveSetup.exe) (Version: 17.3.6720.1207 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 50.0.2 (x86 en-GB) (HKLM-x32\...\Mozilla Firefox 50.0.2 (x86 en-GB)) (Version: 50.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 50.0.2.6177 - Mozilla)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.9.2 - Notepad++ Team)
Qualcomm Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Qualcomm Atheros)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.2.703.2015 - Realtek)
Screencast-O-Matic v2.0 (HKLM-x32\...\Screencast-O-Matic v2.0) (Version: v2.0 - Screencast-O-Matic)
Skype™ 6.3 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.3.105 - Skype Technologies S.A.)
Soda PDF 8 (HKLM-x32\...\Soda8) (Version: 8.0.49.26236 - LULU Software Limited)
Soda PDF 8 View Module (Version: 8.1.12.29405 - LULU Software Limited) Hidden
Spybot Anti-Beacon (HKLM-x32\...\{419A7FCF-93E1-474D-BFE9-987CF3F90C88}_is1) (Version: 1.5 - Safer-Networking Ltd.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Stellarium 0.15.0 (HKLM\...\Stellarium_is1) (Version: 0.15.0 - Stellarium team)
TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.43835 - TeamViewer)
TinyWall (HKLM-x32\...\{20E767BE-FE75-4429-8722-A5D75AC2FCA6}) (Version: 2.1.8.0 - Károly Pados)
Update Installer for WildTangent Games App (x32 Version: - WildTangent) Hidden
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.4 - VideoLAN)
WildTangent Games App (HKLM-x32\...\{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-asus) (Version: 4.0.11.16 - WildTangent)
Windows Driver Package - ASUS (ATP) Mouse (11/11/2015 1.0.0.262) (HKLM\...\A044C5901003C24E6891688653ABA1068D04A1A0) (Version: 11/11/2015 1.0.0.262 - ASUS)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 3.0.1 - ASUS)
WinRAR 5.40 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH)
WPS Office for ASUS (HKLM-x32\...\Kingsoft Office) (Version: 9.1.0.5178 - Kingsoft Corp.)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0E7305EA-F078-4CD5-A9FF-BBBB8B174A41} - System32\Tasks\ASUS\ASUS Product Register Service => C:\Program Files (x86)\ASUS\APRP\aprp.exe [2015-05-14] (ASUSTek Computer Inc.)
Task: {0EDDFD94-4B4E-472A-B6D8-BF55E70A1110} - System32\Tasks\Safer-Networking\Spybot Anti-Beacon\Refresh Anti-Beacon immunization => C:\Program Files (x86)\Spybot Anti-Beacon\SDAntiBeacon.exe [2015-10-19] (Safer-Networking Ltd.)
Task: {10D00071-6C40-4119-B76C-D72D7E025892} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-11-21] (Adobe Systems Incorporated)
Task: {110A0F8D-9033-4339-B988-A47F86BDF486} - System32\Tasks\WpsNotifyTask_Administrator => C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.5178\wtoolex\wpsnotify.exe [2015-11-24] (Zhuhai Kingsoft Office Software Co.,Ltd)
Task: {12601334-8854-4B59-802A-B75C3B1F1F62} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [2015-05-25] (ASUSTek Computer Inc.)
Task: {180448C2-A3AB-4EA0-9327-45013D06E773} - System32\Tasks\ASUS Splendid ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [2015-12-02] (ASUS)
Task: {1A229993-9C49-446F-A961-050474547343} - System32\Tasks\{56E55082-182C-2959-1722-17B52C2094A5} => C:\Users\MITCHC~1\AppData\Local\{777A4~1\Sync.exe <==== ATTENTION
Task: {20DDC7A8-C520-4E49-8695-9FDB3DA9BE38} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\Program Files\Windows Defender\\MpCmdRun.exe [2016-07-16] (Microsoft Corporation)
Task: {33AB079C-68E1-41EB-994D-E5F5663ED2A7} - System32\Tasks\ATK Package 36D18D69AFC3 => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe [2015-03-10] (ASUSTek Computer Inc.)
Task: {6774DD65-BB1C-437E-8389-514555DD6DA3} - System32\Tasks\Microsoft\Office\Microsoft Office Touchless Attach Notification => C:\Program Files (x86)\Microsoft Office\Office15\FirstRun.exe [2015-03-14] (Microsoft Corporation)
Task: {68766B2D-94EC-4FD6-B533-6D28DAC552D4} - System32\Tasks\ASUS Live Update2 => C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe [2016-08-01] ()
Task: {722C3080-E999-4C75-9355-0FA4084AFF14} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-12-13] (Google Inc.)
Task: {78A3D86F-2522-4596-B2CC-F0257CB6018F} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-09-28] (Piriform Ltd)
Task: {912346CE-7504-4B1A-8C9C-4ADCB7F207CE} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\Program Files\Windows Defender\\MpCmdRun.exe [2016-07-16] (Microsoft Corporation)
Task: {C07CBF99-E536-4480-AB40-42471D22BABB} - System32\Tasks\WpsUpdateTask_Administrator => C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.5178\wtoolex\wpsupdate.exe [2015-11-24] (Zhuhai Kingsoft Office Software Co.,Ltd)
Task: {C2E3CBA0-5B3F-468D-A5D1-64E1CB86B039} - System32\Tasks\ASUS Smart Gesture Launcher => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe [2015-12-14] (AsusTek)
Task: {CC326EE8-5C63-4CBA-8A1C-FBFE08FEB424} - System32\Tasks\Update Checker => C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe [2016-08-01] ()
Task: {CD4B299A-1E25-4A21-AD03-63E44BA91E66} - System32\Tasks\ATK Package A22126881260 => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe [2015-03-10] (ASUSTek Computer Inc.)
Task: {D3E53446-138C-485D-A851-6D981AA94A90} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_ERROR_HB => C:\WINDOWS\system32\MRT.exe [2016-12-14] (Microsoft Corporation)
Task: {DCDB876D-73ED-4B9D-B701-6B113EDEEFDB} - System32\Tasks\OneDrive Standalone Update Task => C:\Users\Mitchcraft\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\OneDriveStandaloneUpdater.exe
Task: {E00667F4-B825-4B72-9FC1-26BC86D4C918} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\Program Files\Windows Defender\\MpCmdRun.exe [2016-07-16] (Microsoft Corporation)
Task: {E1283449-21F9-4AC8-8A8D-0B2CA7BF0983} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-12-13] (Google Inc.)
Task: {E455207C-9CBD-4019-8865-975FFEE241BA} - System32\Tasks\ASUS Live Update1 => C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe [2016-08-01] ()
Task: {F0AEDF1D-B5E0-4898-A5EF-7368616F11BF} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\Program Files\Windows Defender\\MpCmdRun.exe [2016-07-16] (Microsoft Corporation)
Task: {F9C2AAAF-4B57-4801-B0DC-6A979E32DAB1} - System32\Tasks\avast! SL Update => C:\Program Files\AVAST Software\SecureLine\SLUpdate.exe [2016-09-19] (AVAST Software)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\WpsNotifyTask_Administrator.job => C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.5178\wtoolex\wpsnotify.exe
Task: C:\WINDOWS\Tasks\WpsUpdateTask_Administrator.job => C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.5178\wtoolex\wpsupdate.exe
Task: C:\WINDOWS\Tasks\{56E55082-182C-2959-1722-17B52C2094A5}.job => C:\Users\MITCHC~1\AppData\Local\{777A4~1\Sync.exe <==== ATTENTION
==================== Shortcuts =============================
(The entries could be listed to be restored or removed.)
==================== Loaded Modules (Whitelisted) ==============
2016-07-16 11:42 - 2016-07-16 11:42 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-12-10 09:19 - 2016-11-11 10:10 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-09-19 12:42 - 2016-09-19 12:46 - 00592392 _____ () C:\Program Files\AVAST Software\SecureLine\VpnSvc.exe
2016-12-10 09:19 - 2016-11-11 10:10 - 02681200 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll
2016-12-13 09:42 - 2016-12-13 09:42 - 01678560 _____ () C:\Users\Mitchcraft\AppData\Local\Microsoft\OneDrive\17.3.6720.1207\amd64\ClientTelemetry.dll
2016-05-17 22:42 - 2016-05-17 22:42 - 00230064 _____ () C:\Program Files (x86)\Notepad++\NppShell_06.dll
2016-10-02 04:13 - 2016-10-02 04:13 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2016-12-10 09:18 - 2016-11-11 09:23 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2016-12-10 09:18 - 2016-11-11 09:23 - 00693248 _____ () C:\Windows\ShellExperiences\MtcUvc.dll
2016-11-09 08:09 - 2016-11-02 10:15 - 01401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-02-17 08:20 - 2016-02-15 18:43 - 00402928 _____ () C:\WINDOWS\system32\igfxTray.exe
2016-09-19 13:11 - 2016-11-25 13:42 - 00536960 _____ () C:\Users\Mitchcraft\AppData\Roaming\Dashlane\DashlanePlugin.exe
2016-12-06 19:20 - 2016-10-13 18:03 - 02160128 _____ () C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\avformat-57.dll
2016-12-06 19:20 - 2016-10-13 18:03 - 00484352 _____ () C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\avutil-55.dll
2016-12-06 19:20 - 2016-10-13 18:03 - 12621312 _____ () C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\avcodec-57.dll
2016-12-06 19:20 - 2016-10-13 18:03 - 02111488 _____ () C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\avfilter-6.dll
2016-12-06 19:20 - 2016-10-13 18:03 - 00663040 _____ () C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\swscale-4.dll
2016-12-06 19:20 - 2016-10-13 18:03 - 00071168 _____ () C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\postproc-54.dll
2016-12-06 19:20 - 2016-10-13 18:03 - 00139264 _____ () C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\swresample-2.dll
2016-12-06 19:19 - 2016-11-25 18:36 - 00099328 _____ () C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\winunivappfeatures.dll
2016-12-06 19:20 - 2016-10-13 16:36 - 65771520 _____ () C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\libcef.dll
2016-12-06 19:20 - 2016-10-13 16:36 - 02129920 _____ () C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\libglesv2.dll
2016-12-06 19:20 - 2016-10-13 16:36 - 00087040 _____ () C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\libegl.dll
2016-12-13 14:29 - 2016-12-08 08:03 - 02412888 _____ () C:\Program Files (x86)\Google\Chrome\Application\55.0.2883.87\libglesv2.dll
2016-12-13 14:29 - 2016-12-08 08:03 - 00099672 _____ () C:\Program Files (x86)\Google\Chrome\Application\55.0.2883.87\libegl.dll
2016-12-14 10:28 - 2016-12-14 10:28 - 00072192 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.10.145.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2016-12-14 10:28 - 2016-12-14 10:28 - 00179712 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.10.145.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2016-12-14 10:28 - 2016-12-14 10:28 - 42130432 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.10.145.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2016-12-14 10:28 - 2016-12-14 10:28 - 02216448 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.10.145.0_x64__kzf8qxf38zg5c\roottools.dll
2016-12-06 19:19 - 2016-11-25 18:46 - 00939208 _____ () C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\browsernativehost.exe
2016-11-09 08:08 - 2016-11-02 10:21 - 09760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-11-09 08:08 - 2016-11-02 10:14 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2016-11-09 08:08 - 2016-11-02 10:15 - 01033216 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll
2016-11-09 08:08 - 2016-11-02 10:16 - 02424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-11-09 08:08 - 2016-11-02 10:17 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2015-12-02 17:01 - 2015-12-02 17:01 - 00027648 _____ () C:\Program Files (x86)\ASUS\Splendid\DetectDisplayDC.dll
2015-12-02 17:01 - 2015-12-02 17:01 - 00124928 _____ () C:\Program Files (x86)\ASUS\Splendid\CCTAdjust.dll
2015-12-02 17:01 - 2015-12-02 17:01 - 00029184 _____ () C:\Program Files (x86)\ASUS\Splendid\VideoEnhance.dll
2016-11-25 13:41 - 2016-11-25 13:41 - 00346496 _____ () C:\Users\Mitchcraft\AppData\Roaming\Dashlane\4.6.4.21286\bin\Firefox_Extension\{442718d9-475e-452a-b3e1-fb1ee16b8e9f}\components\KWDebugDll_win32.4.6.4.21286.dll
2016-11-25 13:41 - 2016-11-25 13:41 - 00441216 _____ () C:\Users\Mitchcraft\AppData\Roaming\Dashlane\4.6.4.21286\bin\Firefox_Extension\{442718d9-475e-452a-b3e1-fb1ee16b8e9f}\components\KWDebug.4.6.4.21286.dll
2016-11-25 13:41 - 2016-11-25 13:41 - 00471424 _____ () C:\Users\Mitchcraft\AppData\Roaming\Dashlane\4.6.4.21286\bin\Firefox_Extension\{442718d9-475e-452a-b3e1-fb1ee16b8e9f}\components\KWUtils.4.6.4.21286.dll
2016-11-25 13:41 - 2016-11-25 13:41 - 63181184 _____ () C:\Users\Mitchcraft\AppData\Roaming\Dashlane\4.6.4.21286\bin\Firefox_Extension\{442718d9-475e-452a-b3e1-fb1ee16b8e9f}\components\KWExternLib.4.6.4.21286.dll
2016-11-25 13:41 - 2016-11-25 13:41 - 00292736 _____ () C:\Users\Mitchcraft\AppData\Roaming\Dashlane\4.6.4.21286\bin\Firefox_Extension\{442718d9-475e-452a-b3e1-fb1ee16b8e9f}\components\KWMainLib_win.4.6.4.21286.dll
2016-11-25 13:41 - 2016-11-25 13:41 - 06328704 _____ () C:\Users\Mitchcraft\AppData\Roaming\Dashlane\4.6.4.21286\bin\Firefox_Extension\{442718d9-475e-452a-b3e1-fb1ee16b8e9f}\components\KWData.4.6.4.21286.dll
2016-11-25 13:41 - 2016-11-25 13:41 - 07599488 _____ () C:\Users\Mitchcraft\AppData\Roaming\Dashlane\4.6.4.21286\bin\Firefox_Extension\{442718d9-475e-452a-b3e1-fb1ee16b8e9f}\components\KWApplication.4.6.4.21286.dll
2016-11-25 13:41 - 2016-11-25 13:41 - 13815680 _____ () C:\Users\Mitchcraft\AppData\Roaming\Dashlane\4.6.4.21286\bin\Firefox_Extension\{442718d9-475e-452a-b3e1-fb1ee16b8e9f}\components\KWMainLib.4.6.4.21286.dll
2016-11-25 13:41 - 2016-11-25 13:41 - 02285440 _____ () C:\Users\Mitchcraft\AppData\Roaming\Dashlane\4.6.4.21286\bin\Firefox_Extension\{442718d9-475e-452a-b3e1-fb1ee16b8e9f}\components\KWMainLibData.4.6.4.21286.dll
2016-11-25 13:41 - 2016-11-25 13:41 - 00334208 _____ () C:\Users\Mitchcraft\AppData\Roaming\Dashlane\4.6.4.21286\bin\Firefox_Extension\{442718d9-475e-452a-b3e1-fb1ee16b8e9f}\components\Kwift_DP.4.6.4.21286.dll
2016-09-19 13:40 - 2016-12-08 15:13 - 00656160 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2016-09-19 13:40 - 2016-09-01 01:02 - 04969248 _____ () C:\Program Files (x86)\Steam\v8.dll
2016-09-19 13:40 - 2016-12-09 20:48 - 02322720 _____ () C:\Program Files (x86)\Steam\video.dll
2016-09-19 13:40 - 2016-01-27 07:49 - 02549760 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll
2016-09-19 13:40 - 2016-01-27 07:49 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll
2016-09-19 13:40 - 2016-01-27 07:49 - 00491008 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll
2016-09-19 13:40 - 2016-01-27 07:49 - 00442880 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll
2016-09-19 13:40 - 2016-01-27 07:49 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll
2016-09-19 13:40 - 2016-09-01 01:02 - 01563936 _____ () C:\Program Files (x86)\Steam\icui18n.dll
2016-09-19 13:40 - 2016-09-01 01:02 - 01195296 _____ () C:\Program Files (x86)\Steam\icuuc.dll
2016-09-19 13:40 - 2016-12-09 20:48 - 00838432 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2016-09-19 13:40 - 2016-07-04 22:17 - 00266560 _____ () C:\Program Files (x86)\Steam\openvr_api.dll
2016-04-27 06:47 - 2015-04-29 16:04 - 38561984 _____ () C:\Program Files\AVAST Software\SecureLine\libcef.dll
2016-12-14 10:40 - 2016-12-05 16:21 - 67304736 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.win7\libcef.dll
2016-09-19 13:40 - 2016-12-09 20:48 - 00388384 _____ () C:\Program Files (x86)\Steam\steam.dll
2016-09-19 13:40 - 2015-09-24 23:52 - 00119208 _____ () C:\Program Files (x86)\Steam\winh264.dll
2013-04-27 09:24 - 2013-04-27 09:24 - 00071680 _____ () C:\Program Files (x86)\ASUS\ASUS Live Update\checkmetro.dll
2016-12-13 09:42 - 2016-12-13 09:42 - 01244376 _____ () C:\Users\Mitchcraft\AppData\Local\Microsoft\OneDrive\17.3.6720.1207\ClientTelemetry.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2015-10-30 07:24 - 2016-12-14 11:38 - 00005948 ____N C:\WINDOWS\system32\Drivers\etc\hosts
0.0.0.0 choice.microsoft.com
0.0.0.0 choice.microsoft.com.nstac.net
0.0.0.0 df.telemetry.microsoft.com
0.0.0.0 oca.telemetry.microsoft.com
0.0.0.0 oca.telemetry.microsoft.com.nsatc.net
0.0.0.0 redir.metaservices.microsoft.com
0.0.0.0 reports.wes.df.telemetry.microsoft.com
0.0.0.0 services.wes.df.telemetry.microsoft.com
0.0.0.0 settings-sandbox.data.microsoft.com
0.0.0.0 settings-win.data.microsoft.com
0.0.0.0 sqm.df.telemetry.microsoft.com
0.0.0.0 sqm.telemetry.microsoft.com
0.0.0.0 sqm.telemetry.microsoft.com.nsatc.net
0.0.0.0 telecommand.telemetry.microsoft.com
0.0.0.0 telecommand.telemetry.microsoft.com.nsatc.net
0.0.0.0 telemetry.appex.bing.net
0.0.0.0 telemetry.microsoft.com
0.0.0.0 telemetry.urs.microsoft.com
0.0.0.0 vortex-sandbox.data.microsoft.com
0.0.0.0 vortex-win.data.microsoft.com
0.0.0.0 vortex.data.microsoft.com
0.0.0.0 watson.telemetry.microsoft.com
0.0.0.0 watson.telemetry.microsoft.com.nsatc.net
0.0.0.0 watson.ppe.telemetry.microsoft.com
0.0.0.0 wes.df.telemetry.microsoft.com
0.0.0.0 vortex-bn2.metron.live.com.nsatc.net
0.0.0.0 vortex-cy2.metron.live.com.nsatc.net
0.0.0.0 watson.live.com
0.0.0.0 watson.microsoft.com
0.0.0.0 feedback.search.microsoft.com
There are 109 more lines.
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-428243178-1705098954-1503791332-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Mitchcraft\AppData\Roaming\Mozilla\Firefox\Desktop Background.bmp
DNS Servers: 192.168.1.254
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
HKLM\...\StartupApproved\Run32: => "Dropbox"
HKLM\...\StartupApproved\Run32: => "FreedomeAutoStart"
HKU\S-1-5-21-428243178-1705098954-1503791332-1001\...\StartupApproved\Run: => "OneDrive"
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{C505E9C8-AA69-4A0C-BF6E-8B38EEA882F6}] => C:\Program Files (x86)\TinyWall\TinyWall.exe
FirewallRules: [{1083F304-883C-4072-BB2E-87DCE030F741}] => C:\Users\Mitchcraft\Desktop\Anti Malware FOLDER\hitmanpro_x64.exe
FirewallRules: [{D265162F-3B08-4ADE-9A2B-A54182A1948F}] => C:\Users\Mitchcraft\Desktop\Anti Malware FOLDER\hitmanpro_x64.exe
FirewallRules: [{4E450ED6-4D04-46B3-9EA9-95AED48E69CB}] => C:\Users\Mitchcraft\Desktop\Anti Malware FOLDER\hitmanpro_x64.exe
FirewallRules: [{F847854B-50F6-4F5F-B451-B4206A1DBD5E}] => C:\Users\Mitchcraft\Desktop\Anti Malware FOLDER\hitmanpro_x64.exe
FirewallRules: [{D6A266FE-1BCB-4556-9A6B-C5A053807897}] => C:\Program Files\WindowsApps\Microsoft.XboxApp_22.24.1006.0_x64__8wekyb3d8bbwe\XboxApp.exe
FirewallRules: [{501E4992-A754-4190-9F4C-2034AC2F6C7A}] => C:\Program Files\WindowsApps\Microsoft.XboxApp_22.24.1006.0_x64__8wekyb3d8bbwe\XboxApp.exe
FirewallRules: [{2DA48E3A-20A9-4B6A-A051-18B4483E0664}] => C:\Program Files\WindowsApps\Microsoft.XboxApp_22.24.1006.0_x64__8wekyb3d8bbwe\XboxApp.exe
FirewallRules: [{2C0DDCDA-BD30-4F03-94FD-B837F1954452}] => C:\Program Files\WindowsApps\Microsoft.XboxApp_22.24.1006.0_x64__8wekyb3d8bbwe\XboxApp.exe
FirewallRules: [{6BE6C649-CE56-459C-BE4D-E4829BCD5213}] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{D862957A-B496-47F9-954F-A713A956501C}] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{D566AC8A-4E7C-4B09-B12E-801EDA041EEA}] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{D2802CE4-EDD3-49E8-8264-5B32902C5ECA}] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{F6C579FE-DFCB-4C89-9E06-F1DD640D5276}] => C:\Users\Mitchcraft\AppData\Local\Microsoft\OneDrive\OneDrive.exe
FirewallRules: [{D55DF33F-A75A-460E-8ECC-A5BB5116DB76}] => C:\Users\Mitchcraft\AppData\Local\Microsoft\OneDrive\OneDrive.exe
FirewallRules: [{D5588983-BFE8-4FFB-AFAF-ED03AF7B2DFD}] => C:\Users\Mitchcraft\AppData\Local\Microsoft\OneDrive\OneDrive.exe
FirewallRules: [{2774ACA4-39E3-41D6-B118-15D06EF208B4}] => C:\Users\Mitchcraft\AppData\Local\Microsoft\OneDrive\OneDrive.exe
FirewallRules: [{2BF1B262-5B17-4C96-AF7F-BBBEA0FA4AEF}] => C:\Program Files\WindowsApps\Microsoft.WindowsStore_11610.1001.10.0_x64__8wekyb3d8bbwe\WinStore.App.exe
FirewallRules: [{6D7FB6AD-2658-450B-A847-6404D8F913E8}] => C:\Program Files\WindowsApps\Microsoft.WindowsStore_11610.1001.10.0_x64__8wekyb3d8bbwe\WinStore.App.exe
FirewallRules: [{B5DE60F7-5F41-4B7A-9F67-7C6E473FCECB}] => C:\Program Files\WindowsApps\Microsoft.WindowsStore_11610.1001.10.0_x64__8wekyb3d8bbwe\WinStore.App.exe
FirewallRules: [{640BD22A-039A-4E43-9F2A-0777CEF5F14E}] => C:\Program Files\WindowsApps\Microsoft.WindowsStore_11610.1001.10.0_x64__8wekyb3d8bbwe\WinStore.App.exe
FirewallRules: [{64610576-FED4-4976-9D0B-167F68AD43D6}] => C:\Program Files (x86)\Screencast-O-Matic\v2\Screencast-O-Matic.exe
FirewallRules: [{E0C3C4DB-CFFF-435A-82C9-25EF98C5D955}] => C:\Program Files (x86)\Screencast-O-Matic\v2\Screencast-O-Matic.exe
FirewallRules: [{B355F817-2CF3-4758-BCEF-4FB5F0D8E44D}] => C:\Program Files (x86)\Screencast-O-Matic\v2\Screencast-O-Matic.exe
FirewallRules: [{6C299D2E-B74C-4B6C-B89B-41218C443F39}] => C:\Program Files (x86)\Screencast-O-Matic\v2\Screencast-O-Matic.exe
FirewallRules: [{DAE64773-2166-4D03-AA3F-61B788C7DE47}] => C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\fdm.exe
FirewallRules: [{5EBA038C-845F-46CC-B0AF-91BF2FE8F81D}] => C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\fdm.exe
FirewallRules: [{1C007E3D-867C-414D-9894-4DDE227B3A6A}] => C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\fdm.exe
FirewallRules: [{7F2E26C6-41A5-4459-A632-54DCE5798561}] => C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\fdm.exe
FirewallRules: [{FE987027-5B8D-41E1-8A1B-EBA74DA7A697}] => C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{953C91AF-4482-441D-8C70-F758BF34403C}] => C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{3CFDD50D-F7D9-49A5-B958-D509FDE42906}] => C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{7874C9C3-74B2-44BA-8A1D-1BB5F1721C1C}] => C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{B3937E2D-5D43-43D5-B7E2-845BA6B5CBBF}] => C:\Program Files (x86)\McAfee Security Scan\3.11.266\McUICnt.exe
FirewallRules: [{BAA76C0F-063B-424B-BE46-34A1A5CA30D0}] => C:\Program Files (x86)\McAfee Security Scan\3.11.266\McUICnt.exe
FirewallRules: [{F5421946-E6C4-4FF6-A708-698367279FF5}] => C:\Program Files (x86)\McAfee Security Scan\3.11.266\McUICnt.exe
FirewallRules: [{C92CE699-BD6E-4828-9E95-7935C623ABDA}] => C:\Program Files (x86)\McAfee Security Scan\3.11.266\McUICnt.exe
FirewallRules: [{E083F306-D527-4DD7-8B62-3DB74B47B37C}] => C:\Users\Mitchcraft\Downloads\flashplayer23au_ga_install.exe
FirewallRules: [{15F74277-1EC8-4026-BFF8-544DA821B7A4}] => C:\Users\Mitchcraft\Downloads\flashplayer23au_ga_install.exe
FirewallRules: [{EB8FE704-A357-4FA9-B00A-3421552C88A9}] => C:\Users\Mitchcraft\Downloads\flashplayer23au_ga_install.exe
FirewallRules: [{EE487A03-C36B-4662-9F50-46E849F58982}] => C:\Users\Mitchcraft\Downloads\flashplayer23au_ga_install.exe
FirewallRules: [{4F54EF91-81CE-41AF-86D1-60CED395F375}] => C:\Program Files (x86)\Steam\bin\cef\cef.winxp\steamwebhelper.exe
FirewallRules: [{FD9E2D18-7431-4F0E-ACFB-20058D88E54E}] => C:\Program Files (x86)\Steam\bin\cef\cef.winxp\steamwebhelper.exe
FirewallRules: [{CEA219E4-425E-4244-A5A5-FD0BACC90D9C}] => C:\Program Files (x86)\Steam\bin\cef\cef.winxp\steamwebhelper.exe
FirewallRules: [{A7D70525-C440-4147-88D8-E7EC08D99FF8}] => C:\Program Files (x86)\Steam\bin\cef\cef.winxp\steamwebhelper.exe
FirewallRules: [{6B104DF3-2BE9-461F-950D-2AB3E620757D}] => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\microsoftedgecp.exe
FirewallRules: [{D89351BB-61F6-45A9-9571-ABCD6B451758}] => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\microsoftedgecp.exe
FirewallRules: [{915768BF-76EC-4563-A679-150D074BBBDC}] => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\microsoftedgecp.exe
FirewallRules: [{E22C6FF4-169A-48CE-BE63-8F57A09CA1B7}] => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\microsoftedgecp.exe
FirewallRules: [{4BEAF563-1F69-4094-8FEC-7FA948BAB6B8}] => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
FirewallRules: [{25FC6BFF-0671-4F9B-B805-0E361F08AEF1}] => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
FirewallRules: [{55DE2434-397B-4AF4-89C7-51847BB0549B}] => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
FirewallRules: [{8FBB82C3-1648-41A9-8D20-096129B18DCD}] => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
FirewallRules: [{443CE3A8-E7C4-413D-A0D8-BBC917C1F43B}] => C:\Users\Mitchcraft\Desktop\hitmanpro_x64.exe
FirewallRules: [{2CF13529-F042-4729-8EF7-9E240DAB5F66}] => C:\Users\Mitchcraft\Desktop\hitmanpro_x64.exe
FirewallRules: [{5EDBD0FF-A5F9-4181-909F-43F46A77FF48}] => C:\Users\Mitchcraft\Desktop\hitmanpro_x64.exe
FirewallRules: [{7562DA4A-1AC6-412E-9006-7A268A58D0D8}] => C:\Users\Mitchcraft\Desktop\hitmanpro_x64.exe
FirewallRules: [{DD5343D3-97FE-4214-A527-7554290004A4}] => C:\Users\Mitchcraft\Downloads\flashplayer23_la_install.exe
FirewallRules: [{C85FE01A-F85D-49C8-88D0-5E569BCF2C21}] => C:\Users\Mitchcraft\Downloads\flashplayer23_la_install.exe
FirewallRules: [{AFE1E9FF-DC09-4CA7-8C38-42FB23DF12F4}] => C:\Users\Mitchcraft\Downloads\flashplayer23_la_install.exe
FirewallRules: [{C4ED3A6B-E94A-4185-8EF6-D0CFA93EFDEF}] => C:\Users\Mitchcraft\Downloads\flashplayer23_la_install.exe
FirewallRules: [{1D23CE74-205E-428A-855E-0675A1FD3C50}] => C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
FirewallRules: [{2668D4DF-01AA-46B0-A2B3-ED6F90B65524}] => C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
FirewallRules: [{50517617-7598-4153-A74D-87A2C3EF2860}] => C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
FirewallRules: [{BEFA3068-5DBD-411F-8C00-72824838722D}] => C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
FirewallRules: [{8DDD5A3D-828F-4315-846D-9210FE961DAE}] => C:\Windows\explorer.exe
FirewallRules: [{C2CB535B-3805-4C0F-98D9-B79009CAE9BB}] => C:\Windows\explorer.exe
FirewallRules: [{50B5F26E-9E76-48F8-8B37-80704DF7E263}] => C:\Windows\explorer.exe
FirewallRules: [{295DDD58-6211-4CC2-8C8F-EA4232F593BF}] => C:\Windows\explorer.exe
FirewallRules: [{D51A620D-9227-48ED-BCED-273C36B42F17}] => C:\Program Files\Windows Defender\MSASCui.exe
FirewallRules: [{0B167793-ED25-4827-9527-58D07D12AE21}] => C:\Program Files\Windows Defender\MSASCui.exe
FirewallRules: [{8CE5C353-0276-4F1A-8DA2-563D63C2235C}] => C:\Program Files\Windows Defender\MSASCui.exe
FirewallRules: [{63B58C93-8314-4943-87AC-C6677A2DE07E}] => C:\Program Files\Windows Defender\MSASCui.exe
FirewallRules: [{B3B68DA2-D98E-4039-A667-C7DB8813993D}] => C:\Program Files (x86)\F-Secure\SAFE\fshoster32.exe
FirewallRules: [{7BBAC945-6A24-479A-A80A-97777C9DE152}] => C:\Program Files (x86)\F-Secure\SAFE\fshoster32.exe
FirewallRules: [{3C27C5AC-21DE-4013-9BB8-ADC4E087D68E}] => C:\Program Files (x86)\F-Secure\SAFE\fshoster32.exe
FirewallRules: [{E4AF8579-08C8-4ADB-AB04-C934C4A22606}] => C:\Program Files (x86)\F-Secure\SAFE\fshoster32.exe
FirewallRules: [{3A4BE96E-13B8-4F01-9120-BC3BA30492CC}] => C:\WINDOWS\SysWOW64\WWAHost.exe
FirewallRules: [{2305AA1A-754A-4D99-B424-412FC3A40C87}] => C:\WINDOWS\SysWOW64\WWAHost.exe
FirewallRules: [{2905D3F5-BCAF-4636-9C79-0BA5956EB64E}] => C:\WINDOWS\SysWOW64\WWAHost.exe
FirewallRules: [{85B104A6-A7D5-45F2-A3E7-BEF583BB2238}] => C:\WINDOWS\SysWOW64\WWAHost.exe
FirewallRules: [{3E3FD5F2-E13A-404D-AAB0-E1B40B083203}] => C:\WINDOWS\system32\WWAHost.exe
FirewallRules: [{161EA08E-8237-4AB2-AC6B-688BC1CF3D7B}] => C:\WINDOWS\system32\WWAHost.exe
FirewallRules: [{BA2BD8AB-40CA-4003-86A7-8ABBC2BE9E24}] => C:\WINDOWS\system32\WWAHost.exe
FirewallRules: [{8FE6E098-B34A-407C-96BE-B43E8C1F21D9}] => C:\WINDOWS\system32\WWAHost.exe
FirewallRules: [{C75F6BCA-7884-4482-9CC5-D12E942665BA}] => C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{984695E4-D2E5-4CD7-BD65-4118C22E7CF9}] => C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{181B69FC-D5F9-4A65-BC43-E1DD7BF958E1}] => C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{F75B6A4C-2710-4E7D-8EC5-D8F66D59DF0B}] => C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{AFF0C6E2-F3C7-477F-833E-9C0BDAC9E701}] => C:\Program Files (x86)\Steam\GameOverlayUI.exe
FirewallRules: [{FEB5AA40-34F7-4188-BF00-DA257BD49750}] => C:\Program Files (x86)\Steam\GameOverlayUI.exe
FirewallRules: [{C29919CD-3DDD-4430-8FFF-3433426524D7}] => C:\Program Files (x86)\Steam\GameOverlayUI.exe
FirewallRules: [{14E2BDDE-6ACE-4A86-B9E4-AC919039FC2E}] => C:\Program Files (x86)\Steam\GameOverlayUI.exe
FirewallRules: [{F9CD007B-F595-44D4-8EE7-6F094BF9077E}] => C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{2B53D30D-ACB4-482D-B4C8-A6C4845F7B13}] => C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{F7442825-B7FF-493B-8F40-B6C7B5837819}] => C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{4EA13A5C-CD1E-4413-B7FC-716B571A684D}] => C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{373F6B2E-022F-43DD-8431-010D9503A08F}] => C:\Program Files\Internet Explorer\iexplore.exe
FirewallRules: [{683101AB-9237-49CB-A271-774172021B58}] => C:\Program Files\Internet Explorer\iexplore.exe
FirewallRules: [{945338C2-E2DA-486A-8284-C5104E5ACE4A}] => C:\Program Files (x86)\Internet Explorer\iexplore.exe
FirewallRules: [{337C4B9D-099F-4BA4-B362-B393D0B3A854}] => C:\Program Files (x86)\Internet Explorer\iexplore.exe
FirewallRules: [{83714A58-7CDD-4E94-BE6D-CEDEB18812DE}] => C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
FirewallRules: [{E4278580-0427-4FC9-AC0F-158D96473FA0}] => C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
FirewallRules: [{1538B7A2-C327-4C8E-935D-3070C742EBE9}] => C:\Program Files (x86)\Mozilla Firefox\Firefox.exe
FirewallRules: [{47C9BE12-E484-4A7B-AD0D-C104B7DAC9E4}] => C:\Program Files (x86)\Mozilla Firefox\Firefox.exe
FirewallRules: [{FCFA1855-5FC9-435F-9E26-9015FAAC176A}] => C:\Program Files (x86)\Mozilla Firefox\Firefox.exe
FirewallRules: [{666DB219-6417-4C97-B2C4-DD29F9A2ECEB}] => C:\Program Files (x86)\Mozilla Firefox\Firefox.exe
==================== Restore Points =========================
25-11-2016 08:54:39 Scheduled Checkpoint
04-12-2016 10:05:02 Scheduled Checkpoint
07-12-2016 16:01:58 WLSetup
14-12-2016 12:36:53 Windows Update
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (12/14/2016 12:37:08 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol.
System Error:
Access is denied.
.
Error: (12/14/2016 10:41:55 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: AsusTPCenter.exe, version: 1.0.0.84, time stamp: 0x55d1cd50
Faulting module name: AsusTPApi.dll, version: 1.0.58.0, time stamp: 0x55d1cd12
Exception code: 0xc0000005
Fault offset: 0x000000000001a21a
Faulting process ID: 0xb34
Faulting application start time: 0x01d255f68db0823a
Faulting application path: C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe
Faulting module path: C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPApi.dll
Report ID: 7d9d44dc-c760-4f1d-b29e-5e24be18465d
Faulting package full name:
Faulting package-relative application ID:
Error: (12/14/2016 10:39:41 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: The Open Procedure for service "BITS" in DLL "C:\Windows\System32\bitsperf.dll" failed. Performance data for this service will not be available. The first four bytes (DWORD) of the Data section contains the error code.
Error: (12/14/2016 10:31:50 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: TinyWall.exe, version: 2.1.8.0, time stamp: 0x56e1e785
Faulting module name: KERNELBASE.dll, version: 10.0.14393.479, time stamp: 0x582588e6
Exception code: 0xe0434352
Fault offset: 0x0000000000017788
Faulting process ID: 0x16c
Faulting application start time: 0x01d255f4e891a4ea
Faulting application path: C:\Program Files (x86)\TinyWall\TinyWall.exe
Faulting module path: C:\WINDOWS\System32\KERNELBASE.dll
Report ID: 0eb7e2f6-f534-4866-a7e0-7e68a03ee457
Faulting package full name:
Faulting package-relative application ID:
Error: (12/14/2016 10:31:49 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: TinyWall.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.Runtime.InteropServices.COMException
at NetFwTypeLib.INetFwRules.Remove(System.String)
at PKSoft.WindowsFirewall.Rules.ClearItems()
at PKSoft.TinyWallService.InitFirewall()
at PKSoft.TinyWallService.ProcessCmd(PKSoft.Message)
at PKSoft.TinyWallService.FirewallWorkerMethod()
at System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
at System.Threading.ThreadHelper.ThreadStart()
Error: (12/14/2016 10:29:08 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: TinyWall.exe, version: 2.1.8.0, time stamp: 0x56e1e785
Faulting module name: KERNELBASE.dll, version: 10.0.14393.479, time stamp: 0x582588e6
Exception code: 0xe0434352
Fault offset: 0x0000000000017788
Faulting process ID: 0xb8c
Faulting application start time: 0x01d2545df90fdf9a
Faulting application path: C:\Program Files (x86)\TinyWall\TinyWall.exe
Faulting module path: C:\WINDOWS\System32\KERNELBASE.dll
Report ID: 38e5ab39-5a3f-48cf-b11e-af82ff226ed2
Faulting package full name:
Faulting package-relative application ID:
Error: (12/14/2016 10:29:08 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: TinyWall.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.Runtime.InteropServices.COMException
at NetFwTypeLib.INetFwRules.Remove(System.String)
at PKSoft.WindowsFirewall.Rules.ClearItems()
at PKSoft.TinyWallService.InitFirewall()
at PKSoft.TinyWallService.ProcessCmd(PKSoft.Message)
at PKSoft.TinyWallService.FirewallWorkerMethod()
at System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
at System.Threading.ThreadHelper.ThreadStart()
Error: (12/13/2016 10:06:15 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: The Open Procedure for service "BITS" in DLL "C:\Windows\System32\bitsperf.dll" failed. Performance data for this service will not be available. The first four bytes (DWORD) of the Data section contains the error code.
Error: (12/12/2016 10:04:37 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: The Open Procedure for service "BITS" in DLL "C:\Windows\System32\bitsperf.dll" failed. Performance data for this service will not be available. The first four bytes (DWORD) of the Data section contains the error code.
Error: (12/12/2016 09:48:41 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-LTRSUGA)
Description: Activation of application Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy!App failed with error: -2144927141 See the Microsoft-Windows-TWinUI/Operational log for additional information.
System errors:
=============
Error: (12/14/2016 11:41:12 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
and APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (12/14/2016 11:41:12 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
and APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (12/14/2016 11:41:11 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
and APPID
{F72671A9-012C-4725-9D2F-2A4D32D65169}
to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (12/14/2016 11:40:22 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Kingsoft_WPS_UpdateService service failed to start due to the following error:
The service did not respond to the start or control request in a timely fashion.
Error: (12/14/2016 11:40:22 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Kingsoft_WPS_UpdateService service to connect.
Error: (12/14/2016 11:38:55 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-LTRSUGA)
Description: The server {F9717507-6651-4EDB-BFF7-AE615179BCCF} did not register with DCOM within the required timeout.
Error: (12/14/2016 11:38:55 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-LTRSUGA)
Description: The server {F9717507-6651-4EDB-BFF7-AE615179BCCF} did not register with DCOM within the required timeout.
Error: (12/14/2016 11:38:54 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-LTRSUGA)
Description: The server {F9717507-6651-4EDB-BFF7-AE615179BCCF} did not register with DCOM within the required timeout.
Error: (12/14/2016 11:38:54 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-LTRSUGA)
Description: The server {F9717507-6651-4EDB-BFF7-AE615179BCCF} did not register with DCOM within the required timeout.
Error: (12/14/2016 11:38:54 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-LTRSUGA)
Description: The server {3EEF301F-B596-4C0B-BD92-013BEAFCE793} did not register with DCOM within the required timeout.
CodeIntegrity:
===================================
Date: 2016-10-02 04:29:30.588
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe because the set of per-page image hashes could not be found on the system.
Date: 2016-10-02 04:29:30.575
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe because the set of per-page image hashes could not be found on the system.
Date: 2016-10-02 04:29:30.563
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe because the set of per-page image hashes could not be found on the system.
Date: 2016-10-02 04:29:30.551
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe because the set of per-page image hashes could not be found on the system.
==================== Memory info ===========================
Processor: Intel® Pentium® CPU N3700 @ 1.60GHz
Percentage of memory in use: 45%
Total physical RAM: 7586.51 MB
Available physical RAM: 4114.86 MB
Total Virtual: 8802.51 MB
Available Virtual: 4655.66 MB
==================== Drives ================================
Drive c: (OS) (Fixed) (Total:371.85 GB) (Free:328.66 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive d: (DATA) (Fixed) (Total:558.91 GB) (Free:558.74 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 5B079A7B)
Partition: GPT.
==================== End of Addition.txt ============================