Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Am I Infected with a trojan?


  • This topic is locked This topic is locked
2 replies to this topic

#1 Daemon87

Daemon87

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:06:10 PM

Posted 14 December 2016 - 09:58 AM

I've been experiencing severe slowdowns with my computer for a few days. Windows and browsers not responding. executing files takes forever at times. Connecting to a website is very slow.

When I open the task manager it's update interval is very slow. Even if I set it to fastest. It just hangs.No change in values When I close it it stays as a blank screens for a while before closing. Any other window doesn't do that.

 

I've reinstalled my OS yesterday hoping the problems would go away, but no. They were immediately back. I've tried many popular scanners, but none of them besides UnHackMe couldn't find anything. UnHackMe says it found AFX Rootkit.

I recall first bumping into these troubles after trying to find a lyric displaying program for Spotify. I found Lyrify.com and downloaded it. The site and program seemed legit so I Installed it. I recall getting a warning that it is malware though. I was stupid and installed it anyway. The program didn't work so I uninstalled it soon after. 

 

I've followed the prep guide to a point. I've reinstalled my system 3 times in the last few days and the problems have always come back. So I just uninstalled unhackme and hope someone could look at the FRST logs now and come up with a solution. I'll do a full reinstall then if nothing else can be done. I just got things set up the way I like them, so please understand.

 

I don't have a router. I'm connected to the Internet through my phones 4G HotSpot connection, so It's not anything router related I think as was suggested by the previous helper.

 

I really appreciate any help you can give me. I don't want to be part of an international bot network or something.

 

Here is the FRST logs:

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 07-12-2016
Ran by Joni (administrator) on DESKTOP-MPARLL1 (14-12-2016 16:20:54)
Running from F:\DropBox\Softaa
Loaded Profiles: Joni (Available Profiles: Joni)
Platform: Windows 10 Pro Version 1607 (X64) Language: English (United Kingdom)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(AMD) C:\Windows\System32\atiesrxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe
(Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(IObit) C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
(Electronic Arts) H:\Origin\OriginWebHelperService.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(IObit) C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Valve Corporation) H:\Steam\Steam.exe
(Valve Corporation) H:\Steam\bin\cef\cef.win7\steamwebhelper.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Valve Corporation) H:\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Dropbox, Inc.) C:\Windows\Temp\DropboxUpdate.exe.old128b083
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Microsoft Corporation) C:\Windows\System32\InstallAgent.exe
(Microsoft Corporation) C:\Windows\System32\InstallAgentUserBroker.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.4.86.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Valve Corporation) H:\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Messaging) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Foxit Software Inc.) C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitConnectedPDFService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.511.8780.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Dropbox, Inc.) C:\Windows\Temp\DropboxUpdateSetup_1.3.59.1.exe128b323
(Dropbox, Inc.) C:\Windows\Temp\GUM5256.tmp\DropboxUpdate.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
 
==================== Registry (Whitelisted) ====================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [16475392 2016-12-13] (Realtek Semiconductor)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [176440 2016-12-06] (Apple Inc.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [9080768 2016-12-13] (AVAST Software)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [25778760 2016-12-12] (Dropbox, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2016-09-22] (Oracle Corporation)
HKLM-x32\...\RunOnceEx\@Regrun2: [] => RegRun II Secure Start
HKLM-x32\...\RunOnceEx\@Regrun2: [1] => C:\PROGRA~2\Greatis\REGRUN~1\regrun2.exe /w
HKLM-x32\...\RunOnceEx\@UnHackMe: [1] => C:\PROGRA~2\UnHackMe\UnHackMe.exe /p Partizan
HKU\S-1-5-21-1728596040-986643569-3976350010-1001\...\Run: [Steam] => H:\Steam\steam.exe [2876704 2016-12-09] (Valve Corporation)
HKU\S-1-5-21-1728596040-986643569-3976350010-1001\...\Run: [Spotify Web Helper] => C:\Users\Joni\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1444976 2016-12-14] (Spotify Ltd)
HKU\S-1-5-21-1728596040-986643569-3976350010-1001\...\Run: [Spotify] => C:\Users\Joni\AppData\Roaming\Spotify\Spotify.exe [7095408 2016-12-14] (Spotify Ltd)
ShellExecuteHooks-x32:  - {F552DDE6-2090-4bf4-B924-6141E87789A5} -  No File [ ]
ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.3.0.dll [2016-12-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.3.0.dll [2016-12-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.3.0.dll [2016-12-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.3.0.dll [2016-12-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.3.0.dll [2016-12-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.3.0.dll [2016-12-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.3.0.dll [2016-12-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.3.0.dll [2016-12-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.3.0.dll [2016-12-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt9] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.3.0.dll [2016-12-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.3.0.dll [2016-12-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.3.0.dll [2016-12-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.3.0.dll [2016-12-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.3.0.dll [2016-12-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.3.0.dll [2016-12-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.3.0.dll [2016-12-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.3.0.dll [2016-12-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.3.0.dll [2016-12-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2016-12-13] (AVAST Software)
ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.3.0.dll [2016-12-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.3.0.dll [2016-12-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.3.0.dll [2016-12-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.3.0.dll [2016-12-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.3.0.dll [2016-12-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.3.0.dll [2016-12-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.3.0.dll [2016-12-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.3.0.dll [2016-12-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.3.0.dll [2016-12-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt9] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.3.0.dll [2016-12-12] (Dropbox, Inc.)
BootExecute: autocheck autochk * Partizan
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Tcpip\Parameters: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{6ade49e9-3039-4785-b6f6-f282a9ec0dd6}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{731703b6-c2e7-41e4-91ba-d6e643f9efe3}: [DhcpNameServer] 192.168.42.129
 
Internet Explorer:
==================
URLSearchHook: [S-1-5-21-1728596040-986643569-3976350010-1001] ATTENTION => Default URLSearchHook is missing
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer.dll [2015-08-25] (IObit)
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_111\bin\ssv.dll [2016-12-14] (Oracle Corporation)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_111\bin\jp2ssv.dll [2016-12-14] (Oracle Corporation)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\ssv.dll [2016-12-14] (Oracle Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\jp2ssv.dll [2016-12-14] (Oracle Corporation)
 
FireFox:
========
FF DefaultProfile: 0pdjvhyv.default
FF ProfilePath: C:\Users\Joni\AppData\Roaming\Mozilla\Firefox\Profiles\0pdjvhyv.default [2016-12-14]
FF user.js: detected! => C:\Users\Joni\AppData\Roaming\Mozilla\Firefox\Profiles\0pdjvhyv.default\user.js [2016-03-14]
FF NetworkProxy: Mozilla\Firefox\Profiles\0pdjvhyv.default -> autoconfig_url", "data:text/plain, function FindProxyForURL(url, host) {if(isInNet(host, '192.168.0.0', '255.255.0.0')) return 'DIRECT'; \nif(host == 'us1-base.cd-n.net') return 'DIRECT'; \nif(host == 'us2-base.cd-n.net') return 'DIRECT'; \nif(host == 'us3-base.cd-n.net') return 'DIRECT'; \nif(host == 'us4-base.cd-n.net') return 'DIRECT'; \nif(host == 'jp1-base.cd-n.net') return 'DIRECT'; \nif(host == 'de1-base.cd-n.net') return 'DIRECT'; \nif(host == 'au1-base.cd-n.net') return 'DIRECT'; \nif(host == 'ca1-base.cd-n.net') return 'DIRECT'; \nif(host == 'ir1-base.cd-n.net') return 'DIRECT'; \nif(host == 'sg1-base.cd-n.net') return 'DIRECT'; \nif(host == 'kr1-base.cd-n.net') return 'DIRECT'; \nif(host == '127.0.0.1') return 'DIRECT'; \nif(host == 'localhost') return 'DIRECT'; \nif(host == 'de1-base.cd-n.net') return 'DIRECT'; \nif(host == '127.0.0.1') return 'DIRECT'; \nif(host == 'localhost') return 'DIRECT'; \nif(host == 'de1-base.cd-n.net') return 'DIRECT'; \nreturn 'HTTPS HA4S4MZWFYZDCOBOGMZCGMJUG4YDENRYHAYDA.mycdns.com:443';}"
FF NetworkProxy: Mozilla\Firefox\Profiles\0pdjvhyv.default -> type", 0
FF Extension: (Hoxx VPN Proxy) - C:\Users\Joni\AppData\Roaming\Mozilla\Firefox\Profiles\0pdjvhyv.default\Extensions\@hoxx-vpn.xpi [2016-08-29]
FF Extension: (MEGA) - C:\Users\Joni\AppData\Roaming\Mozilla\Firefox\Profiles\0pdjvhyv.default\Extensions\firefox@mega.co.nz.xpi [2016-12-13]
FF Extension: (Flash Control) - C:\Users\Joni\AppData\Roaming\Mozilla\Firefox\Profiles\0pdjvhyv.default\Extensions\jid1-sNL73VCI4UB0Fw@jetpack.xpi [2016-12-13]
FF Extension: (WhatsApp™ Desktop) - C:\Users\Joni\AppData\Roaming\Mozilla\Firefox\Profiles\0pdjvhyv.default\Extensions\jid1-uqwEAwSca3FXUo@jetpack.xpi [2016-11-03]
FF Extension: (Torrent Tornado) - C:\Users\Joni\AppData\Roaming\Mozilla\Firefox\Profiles\0pdjvhyv.default\Extensions\s3torrent@tornado.xpi [2016-09-16]
FF Extension: (Video WithOut Flash) - C:\Users\Joni\AppData\Roaming\Mozilla\Firefox\Profiles\0pdjvhyv.default\Extensions\vwof@drev.com.xpi [2016-12-13]
FF Extension: (Twitter App) - C:\Users\Joni\AppData\Roaming\Mozilla\Firefox\Profiles\0pdjvhyv.default\Extensions\{12b6fdcd-4423-4276-82a3-73fdbff5f7e4}.xpi [2016-11-29]
FF Extension: (Bamboo Feed Reader) - C:\Users\Joni\AppData\Roaming\Mozilla\Firefox\Profiles\0pdjvhyv.default\Extensions\{b2e69492-2358-071a-7056-24ad0c3defb1} [2016-12-13]
FF Extension: (Adblock Plus) - C:\Users\Joni\AppData\Roaming\Mozilla\Firefox\Profiles\0pdjvhyv.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-11-29]
FF Extension: (DownThemAll!) - C:\Users\Joni\AppData\Roaming\Mozilla\Firefox\Profiles\0pdjvhyv.default\Extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi [2016-09-29]
FF Extension: (Web Messenger for WhatsApp™) - C:\Users\Joni\AppData\Roaming\Mozilla\Firefox\Profiles\0pdjvhyv.default\Extensions\{e1ab1333-aff6-42fe-84a5-55be2409491b}.xpi [2016-11-29]
FF HKLM\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Extension: (Avast SafePrice) - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2016-12-13]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: (Avast Online Security) - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-12-13]
FF HKLM-x32\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Plugin: @java.com/DTPlugin,version=11.111.2 -> C:\Program Files\Java\jre1.8.0_111\bin\dtplugin\npDeployJava1.dll [2016-12-14] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.111.2 -> C:\Program Files\Java\jre1.8.0_111\bin\plugin2\npjp2.dll [2016-12-14] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2016-12-08] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2016-12-08] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2016-12-08] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2016-12-08] (Foxit Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.111.2 -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\dtplugin\npDeployJava1.dll [2016-12-14] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.111.2 -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\plugin2\npjp2.dll [2016-12-14] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-12-13] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-12-13] (Google Inc.)
 
Chrome: 
=======
CHR Profile: C:\Users\Joni\AppData\Local\Google\Chrome\User Data\Default [2016-12-14]
CHR Extension: (Google Slides) - C:\Users\Joni\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-12-13]
CHR Extension: (Google Docs) - C:\Users\Joni\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-12-13]
CHR Extension: (Google Drive) - C:\Users\Joni\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-12-13]
CHR Extension: (YouTube) - C:\Users\Joni\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-12-13]
CHR Extension: (Avast SafePrice) - C:\Users\Joni\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2016-12-14]
CHR Extension: (Google Sheets) - C:\Users\Joni\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-12-13]
CHR Extension: (Google Docs Offline) - C:\Users\Joni\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-12-13]
CHR Extension: (AdBlock) - C:\Users\Joni\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-12-13]
CHR Extension: (Avast Online Security) - C:\Users\Joni\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2016-12-13]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Joni\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-12-13]
CHR Extension: (Gmail) - C:\Users\Joni\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-12-13]
CHR Extension: (Chrome Media Router) - C:\Users\Joni\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-12-13]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx
 
==================== Services (Whitelisted) ====================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-09-22] (Apple Inc.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [197128 2016-12-13] (AVAST Software)
R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [223600 2016-12-13] (AVAST Software)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-12-14] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-12-14] (Dropbox, Inc.)
R2 DbxSvc; C:\Windows\system32\DbxSvc.exe [42096 2016-12-05] (Dropbox, Inc.)
R2 FoxitReaderService; C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitConnectedPDFService.exe [1659592 2016-11-15] (Foxit Software Inc.)
R2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2909472 2015-08-25] (IObit)
S3 Origin Client Service; H:\Origin\OriginClientService.exe [2119688 2016-12-13] (Electronic Arts)
R2 Origin Web Helper Service; H:\Origin\OriginWebHelperService.exe [2180624 2016-12-13] (Electronic Arts)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [2889896 2016-07-17] (Microsoft Corporation)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [10216688 2016-11-28] (TeamViewer GmbH)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation)
 
===================== Drivers (Whitelisted) ======================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S0 amdkmafd; C:\WINDOWS\System32\drivers\amdkmafd.sys [49448 2016-08-18] (Advanced Micro Devices, Inc.)
R3 amdkmdag; C:\WINDOWS\System32\DriverStore\FileRepository\c0309270.inf_amd64_47c09dd18e1ee4c5\atikmdag.sys [28729240 2016-12-08] (Advanced Micro Devices, Inc.)
R3 amdkmdap; C:\WINDOWS\System32\DriverStore\FileRepository\c0309270.inf_amd64_47c09dd18e1ee4c5\atikmpag.sys [530328 2016-12-08] (Advanced Micro Devices, Inc.)
S3 aswHwid; C:\WINDOWS\system32\drivers\aswHwid.sys [37656 2016-12-13] (AVAST Software)
R1 aswKbd; C:\WINDOWS\system32\drivers\aswKbd.sys [37144 2016-12-13] (AVAST Software)
R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [108816 2016-12-13] (AVAST Software)
R1 aswNetSec; C:\WINDOWS\system32\drivers\aswNetSec.sys [453192 2016-12-13] (AVAST Software)
R1 aswRdr; C:\WINDOWS\system32\drivers\aswRdr2.sys [103064 2016-12-13] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [74544 2016-12-13] (AVAST Software)
R1 aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [969184 2016-12-13] (AVAST Software)
R1 aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [513632 2016-12-13] (AVAST Software)
R2 aswStm; C:\WINDOWS\system32\drivers\aswStm.sys [163416 2016-12-13] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [293352 2016-12-13] (AVAST Software)
R3 AtiHDAudioService; C:\WINDOWS\system32\drivers\AtihdWT6.sys [110104 2016-09-28] (Advanced Micro Devices)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [27552 2016-12-13] (REALiX™)
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
S0 Partizan; C:\Windows\SysWOW64\drivers\Partizan.sys [35816 2016-12-13] (Greatis Software)
S3 RegGuard; C:\WINDOWS\SysWOW64\Drivers\regguard.sys [24416 2016-12-14] (Greatis Software)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [946696 2016-12-13] (Realtek                                            )
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
R3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2016-12-14 16:20 - 2016-12-14 16:20 - 00000000 ____D C:\FRST
2016-12-14 15:17 - 2016-12-14 15:17 - 00110144 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge-64.dll
2016-12-14 15:16 - 2016-12-14 15:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java Development Kit
2016-12-14 15:16 - 2016-12-14 15:17 - 00000000 ____D C:\Program Files\Java
2016-12-14 15:16 - 2016-12-14 15:16 - 00000000 ____D C:\Users\Joni\AppData\LocalLow\Oracle
2016-12-14 15:13 - 2016-12-14 15:13 - 00002535 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2016-12-14 15:13 - 2016-12-14 15:13 - 00001822 _____ C:\Users\Public\Desktop\iTunes.lnk
2016-12-14 15:13 - 2016-12-14 15:13 - 00001104 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\paint.net.lnk
2016-12-14 15:13 - 2016-12-14 15:13 - 00001092 _____ C:\Users\Public\Desktop\paint.net.lnk
2016-12-14 15:13 - 2016-12-14 15:13 - 00000000 ____D C:\WINDOWS\System32\Tasks\Apple
2016-12-14 15:13 - 2016-12-14 15:13 - 00000000 ____D C:\Users\Joni\AppData\Roaming\Apple Computer
2016-12-14 15:13 - 2016-12-14 15:13 - 00000000 ____D C:\Users\Joni\AppData\Local\Apple Computer
2016-12-14 15:13 - 2016-12-14 15:13 - 00000000 ____D C:\Users\Joni\AppData\Local\Apple
2016-12-14 15:13 - 2016-12-14 15:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2016-12-14 15:13 - 2016-12-14 15:13 - 00000000 ____D C:\ProgramData\Apple Computer
2016-12-14 15:13 - 2016-12-14 15:13 - 00000000 ____D C:\ProgramData\Apple
2016-12-14 15:13 - 2016-12-14 15:13 - 00000000 ____D C:\Program Files\iTunes
2016-12-14 15:13 - 2016-12-14 15:13 - 00000000 ____D C:\Program Files\iPod
2016-12-14 15:13 - 2016-12-14 15:13 - 00000000 ____D C:\Program Files\Common Files\Apple
2016-12-14 15:13 - 2016-12-14 15:13 - 00000000 ____D C:\Program Files\Bonjour
2016-12-14 15:13 - 2016-12-14 15:13 - 00000000 ____D C:\Program Files (x86)\Bonjour
2016-12-14 15:13 - 2016-12-14 15:13 - 00000000 ____D C:\Program Files (x86)\Apple Software Update
2016-12-14 15:09 - 2016-12-14 15:09 - 00001424 _____ C:\Users\Public\Desktop\Foxit Reader.lnk
2016-12-14 15:09 - 2016-12-14 15:09 - 00000000 ____D C:\Users\Public\Foxit Software
2016-12-14 15:09 - 2016-12-14 15:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foxit Reader
2016-12-14 15:09 - 2016-12-14 15:09 - 00000000 ____D C:\ProgramData\Foxit Software
2016-12-14 15:09 - 2016-12-14 15:09 - 00000000 ____D C:\ProgramData\Foxit ContentPlatform
2016-12-14 15:08 - 2016-12-14 16:15 - 00001845 _____ C:\Users\Joni\Desktop\Spotify.lnk
2016-12-14 15:08 - 2016-12-14 15:08 - 00001831 _____ C:\Users\Joni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk
2016-12-14 15:08 - 2016-12-14 15:08 - 00001112 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 12.lnk
2016-12-14 15:08 - 2016-12-14 15:08 - 00001100 _____ C:\Users\Public\Desktop\TeamViewer 12.lnk
2016-12-14 15:08 - 2016-12-14 15:08 - 00001088 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity.lnk
2016-12-14 15:08 - 2016-12-14 15:08 - 00001076 _____ C:\Users\Public\Desktop\Audacity.lnk
2016-12-14 15:08 - 2016-12-14 15:08 - 00000000 ____D C:\Users\Joni\AppData\Roaming\TeamViewer
2016-12-14 15:08 - 2016-12-14 15:08 - 00000000 ____D C:\Users\Joni\AppData\Roaming\Spotify
2016-12-14 15:08 - 2016-12-14 15:08 - 00000000 ____D C:\Users\Joni\AppData\Local\Spotify
2016-12-14 15:08 - 2016-12-14 15:08 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2016-12-14 15:08 - 2016-12-14 15:08 - 00000000 ____D C:\Program Files (x86)\Audacity
2016-12-14 15:07 - 2016-12-14 15:07 - 00001106 _____ C:\Users\Public\Desktop\Notepad++.lnk
2016-12-14 15:07 - 2016-12-14 15:07 - 00000000 ____D C:\Users\Joni\AppData\Roaming\Notepad++
2016-12-14 15:07 - 2016-12-14 15:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++
2016-12-14 15:07 - 2016-12-14 15:07 - 00000000 ____D C:\Program Files (x86)\Notepad++
2016-12-14 15:05 - 2016-12-14 15:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2016-12-14 15:05 - 2016-12-14 15:15 - 00000000 ____D C:\Users\Joni\AppData\Local\paint.net
2016-12-14 15:05 - 2016-12-14 15:13 - 00000000 ____D C:\Program Files\paint.net
2016-12-14 15:05 - 2016-12-14 15:05 - 00097856 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2016-12-14 15:05 - 2016-12-14 15:05 - 00000000 ____D C:\Users\Joni\AppData\Roaming\Sun
2016-12-14 15:05 - 2016-12-14 15:05 - 00000000 ____D C:\Users\Joni\AppData\LocalLow\Sun
2016-12-14 15:05 - 2016-12-14 15:05 - 00000000 ____D C:\ProgramData\Oracle
2016-12-14 15:05 - 2016-12-14 15:05 - 00000000 ____D C:\Program Files (x86)\Java
2016-12-14 14:18 - 2016-08-01 16:46 - 00001887 _____ C:\Users\Joni\Desktop\TV Shows.lnk
2016-12-14 14:15 - 2016-12-14 14:15 - 00000202 _____ C:\Users\Joni\Desktop\Cities Skylines.url
2016-12-14 14:12 - 2016-12-14 14:12 - 00001935 _____ C:\Users\Joni\Desktop\OpenShare - BLUESTORAGE.lnk
2016-12-14 14:09 - 2016-12-14 14:09 - 00000709 _____ C:\Users\Joni\Desktop\DropBox (2).lnk
2016-12-14 12:52 - 2016-12-14 10:58 - 00000000 ___DC C:\WINDOWS\Panther
2016-12-14 12:51 - 2016-12-14 12:51 - 00000000 ____D C:\Windows.old
2016-12-14 12:50 - 2016-12-14 12:50 - 00008192 _____ C:\WINDOWS\system32\config\userdiff
2016-12-14 12:48 - 2016-12-14 12:48 - 00000000 ____H C:\$WINRE_BACKUP_PARTITION.MARKER
2016-12-14 12:00 - 2016-12-14 12:00 - 00000130 _____ C:\WINDOWS\SysWOW64\Partizan.RRI
2016-12-14 11:55 - 2016-12-14 12:07 - 00000000 ____D C:\ProgramData\RegRun
2016-12-14 11:38 - 2016-07-15 19:29 - 08071168 _____ (Microsoft Corporation) C:\WINDOWS\system32\prm000b.dll
2016-12-14 11:35 - 2016-04-27 07:12 - 04502352 _____ (Microsoft Corporation) C:\WINDOWS\16141116
2016-12-14 11:35 - 2016-04-27 07:12 - 00294752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\16141127
2016-12-14 11:35 - 2015-10-30 09:18 - 01206784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\16141102
2016-12-14 11:35 - 2015-10-30 09:18 - 00515072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\16141121
2016-12-14 11:35 - 2015-10-30 09:18 - 00224768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\16141124
2016-12-14 11:34 - 2015-10-30 09:18 - 00589856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\16141156
2016-12-14 11:34 - 2015-10-30 09:18 - 00016384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\16141146
2016-12-14 11:04 - 2016-12-14 11:04 - 00000000 ____D C:\Users\Joni\AppData\Roaming\Skype
2016-12-14 11:02 - 2016-12-14 11:02 - 00000000 ____D C:\ProgramData\Microsoft OneDrive
2016-12-14 11:01 - 2016-12-14 11:01 - 00000000 ____D C:\ProgramData\USOShared
2016-12-14 11:00 - 2016-12-14 11:02 - 00000000 ____D C:\Users\Joni\AppData\Local\ConnectedDevicesPlatform
2016-12-14 11:00 - 2016-12-14 11:00 - 00000020 ___SH C:\Users\Joni\ntuser.ini
2016-12-14 11:00 - 2016-12-14 11:00 - 00000000 ____D C:\Users\Joni\AppData\Local\Comms
2016-12-14 10:57 - 2016-12-14 16:20 - 00003996 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskMachineUA
2016-12-14 10:57 - 2016-12-14 16:20 - 00003764 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskMachineCore
2016-12-14 10:57 - 2016-12-14 14:13 - 00002490 _____ C:\WINDOWS\System32\Tasks\Uninstaller_SkipUac_Joni
2016-12-14 10:57 - 2016-12-14 11:05 - 00003034 _____ C:\WINDOWS\System32\Tasks\Driver Booster SkipUAC (Joni)
2016-12-14 10:57 - 2016-12-14 10:57 - 00022744 _____ C:\WINDOWS\system32\emptyregdb.dat
2016-12-14 10:57 - 2016-12-14 10:57 - 00007623 _____ C:\WINDOWS\diagwrn.xml
2016-12-14 10:57 - 2016-12-14 10:57 - 00007623 _____ C:\WINDOWS\diagerr.xml
2016-12-14 10:57 - 2016-12-14 10:57 - 00003562 _____ C:\WINDOWS\System32\Tasks\Driver Easy Scheduled Scan
2016-12-14 10:57 - 2016-12-14 10:57 - 00003560 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2016-12-14 10:57 - 2016-12-14 10:57 - 00003368 _____ C:\WINDOWS\System32\Tasks\SafeZone scheduled Autoupdate 1481630714
2016-12-14 10:57 - 2016-12-14 10:57 - 00003336 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2016-12-14 10:57 - 2016-12-14 10:57 - 00003306 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{D4A91EF9-AD61-4FE7-A8D5-E6FC878F0EBB}
2016-12-14 10:57 - 2016-12-14 10:57 - 00002952 _____ C:\WINDOWS\System32\Tasks\avast! Emergency Update
2016-12-14 10:57 - 2016-12-14 10:57 - 00002566 _____ C:\WINDOWS\System32\Tasks\Driver Booster Scheduler
2016-12-14 10:57 - 2016-12-14 10:57 - 00002288 _____ C:\WINDOWS\System32\Tasks\StartCN
2016-12-14 10:57 - 2016-12-14 10:57 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-12-14 10:56 - 2016-12-14 10:56 - 00001576 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2016-12-14 10:55 - 2016-07-16 13:41 - 02716672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2016-12-14 10:54 - 2016-12-14 11:02 - 00000000 ____D C:\Users\Joni
2016-12-14 10:54 - 2016-12-14 10:56 - 00000000 ____D C:\WINDOWS\system32\config\bbimigrate
2016-12-14 10:54 - 2016-12-14 10:54 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2016-12-14 10:53 - 2016-12-14 16:15 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2016-12-14 10:53 - 2016-12-14 10:56 - 00194248 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-12-14 10:53 - 2016-12-14 10:56 - 00065536 _____ C:\WINDOWS\system32\spu_storage.bin
2016-12-14 10:53 - 2016-12-14 10:54 - 00000000 ____D C:\Program Files\AMD
2016-12-14 10:53 - 2016-12-14 10:53 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2016-12-14 10:53 - 2016-12-14 10:53 - 00000000 ____H C:\ProgramData\DP45977C.lfl
2016-12-14 10:53 - 2016-12-14 10:53 - 00000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2016-12-14 10:53 - 2016-12-14 10:53 - 00000000 ____D C:\WINDOWS\system32\DAX2
2016-12-14 10:53 - 2016-12-14 10:53 - 00000000 ____D C:\WINDOWS\ServiceProfiles
2016-12-14 10:53 - 2016-12-14 10:53 - 00000000 ____D C:\Program Files\Realtek
2016-12-14 10:53 - 2016-12-14 10:53 - 00000000 ____D C:\Program Files\Common Files\ATI Technologies
2016-12-13 21:23 - 2016-12-13 21:23 - 00000000 ____D C:\Users\Joni\AppData\Roaming\com.ynab.YNAB4.LiveSteam
2016-12-13 20:25 - 2010-06-02 04:55 - 00527192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_7.dll
2016-12-13 20:25 - 2010-06-02 04:55 - 00518488 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_7.dll
2016-12-13 20:25 - 2010-06-02 04:55 - 00239960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_7.dll
2016-12-13 20:25 - 2010-06-02 04:55 - 00176984 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_7.dll
2016-12-13 20:25 - 2010-06-02 04:55 - 00077656 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_5.dll
2016-12-13 20:25 - 2010-06-02 04:55 - 00074072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_5.dll
2016-12-13 20:25 - 2010-05-26 11:41 - 02526056 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_43.dll
2016-12-13 20:25 - 2010-05-26 11:41 - 02106216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_43.dll
2016-12-13 20:24 - 2010-05-26 11:41 - 02401112 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_43.dll
2016-12-13 20:24 - 2010-05-26 11:41 - 01998168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_43.dll
2016-12-13 20:24 - 2010-05-26 11:41 - 01907552 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dcsx_43.dll
2016-12-13 20:24 - 2010-05-26 11:41 - 01868128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dcsx_43.dll
2016-12-13 20:24 - 2010-05-26 11:41 - 00511328 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_43.dll
2016-12-13 20:24 - 2010-05-26 11:41 - 00470880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_43.dll
2016-12-13 20:24 - 2010-05-26 11:41 - 00276832 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx11_43.dll
2016-12-13 20:24 - 2010-05-26 11:41 - 00248672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx11_43.dll
2016-12-13 20:24 - 2010-02-04 10:01 - 00530776 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_6.dll
2016-12-13 20:24 - 2010-02-04 10:01 - 00528216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_6.dll
2016-12-13 20:24 - 2010-02-04 10:01 - 00238936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_6.dll
2016-12-13 20:24 - 2010-02-04 10:01 - 00176984 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_6.dll
2016-12-13 20:24 - 2010-02-04 10:01 - 00078680 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_4.dll
2016-12-13 20:24 - 2010-02-04 10:01 - 00074072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_4.dll
2016-12-13 20:24 - 2010-02-04 10:01 - 00024920 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_7.dll
2016-12-13 20:24 - 2010-02-04 10:01 - 00022360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_7.dll
2016-12-13 20:24 - 2009-09-04 17:44 - 00517960 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_5.dll
2016-12-13 20:24 - 2009-09-04 17:44 - 00515416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_5.dll
2016-12-13 20:24 - 2009-09-04 17:44 - 00238936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_5.dll
2016-12-13 20:24 - 2009-09-04 17:44 - 00176968 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_5.dll
2016-12-13 20:24 - 2009-09-04 17:44 - 00073544 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_3.dll
2016-12-13 20:24 - 2009-09-04 17:44 - 00069464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_3.dll
2016-12-13 20:24 - 2009-09-04 17:29 - 05554512 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dcsx_42.dll
2016-12-13 20:24 - 2009-09-04 17:29 - 05501792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dcsx_42.dll
2016-12-13 20:24 - 2009-09-04 17:29 - 02582888 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_42.dll
2016-12-13 20:24 - 2009-09-04 17:29 - 02475352 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_42.dll
2016-12-13 20:24 - 2009-09-04 17:29 - 01974616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_42.dll
2016-12-13 20:24 - 2009-09-04 17:29 - 01892184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_42.dll
2016-12-13 20:24 - 2009-09-04 17:29 - 00523088 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_42.dll
2016-12-13 20:24 - 2009-09-04 17:29 - 00453456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_42.dll
2016-12-13 20:24 - 2009-09-04 17:29 - 00285024 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx11_42.dll
2016-12-13 20:24 - 2009-09-04 17:29 - 00235344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx11_42.dll
2016-12-13 20:24 - 2009-03-16 14:18 - 00521560 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_4.dll
2016-12-13 20:24 - 2009-03-16 14:18 - 00517448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_4.dll
2016-12-13 20:24 - 2009-03-16 14:18 - 00235352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_4.dll
2016-12-13 20:24 - 2009-03-16 14:18 - 00174936 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_4.dll
2016-12-13 20:24 - 2009-03-16 14:18 - 00024920 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_6.dll
2016-12-13 20:24 - 2009-03-16 14:18 - 00022360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_6.dll
2016-12-13 20:24 - 2009-03-09 15:27 - 05425496 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_41.dll
2016-12-13 20:24 - 2009-03-09 15:27 - 04178264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_41.dll
2016-12-13 20:24 - 2009-03-09 15:27 - 02430312 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_41.dll
2016-12-13 20:24 - 2009-03-09 15:27 - 01846632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_41.dll
2016-12-13 20:24 - 2009-03-09 15:27 - 00520544 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_41.dll
2016-12-13 20:24 - 2009-03-09 15:27 - 00453456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_41.dll
2016-12-13 20:24 - 2008-10-27 10:04 - 00518480 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_3.dll
2016-12-13 20:24 - 2008-10-27 10:04 - 00514384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_3.dll
2016-12-13 20:24 - 2008-10-27 10:04 - 00235856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_3.dll
2016-12-13 20:24 - 2008-10-27 10:04 - 00175440 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_3.dll
2016-12-13 20:24 - 2008-10-27 10:04 - 00074576 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_2.dll
2016-12-13 20:24 - 2008-10-27 10:04 - 00070992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_2.dll
2016-12-13 20:24 - 2008-10-27 10:04 - 00025936 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_5.dll
2016-12-13 20:24 - 2008-10-27 10:04 - 00023376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_5.dll
2016-12-13 20:24 - 2008-10-15 06:22 - 05631312 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_40.dll
2016-12-13 20:24 - 2008-10-15 06:22 - 04379984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_40.dll
2016-12-13 20:24 - 2008-10-15 06:22 - 02605920 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_40.dll
2016-12-13 20:24 - 2008-10-15 06:22 - 02036576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_40.dll
2016-12-13 20:24 - 2008-10-15 06:22 - 00519000 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_40.dll
2016-12-13 20:24 - 2008-10-15 06:22 - 00452440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_40.dll
2016-12-13 20:24 - 2008-07-31 10:41 - 00238088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_2.dll
2016-12-13 20:24 - 2008-07-31 10:41 - 00177672 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_2.dll
2016-12-13 20:24 - 2008-07-31 10:41 - 00072200 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_1.dll
2016-12-13 20:24 - 2008-07-31 10:41 - 00068616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_1.dll
2016-12-13 20:24 - 2008-07-31 10:40 - 00513544 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_2.dll
2016-12-13 20:24 - 2008-07-31 10:40 - 00509448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_2.dll
2016-12-13 20:24 - 2008-07-10 11:01 - 00467984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_39.dll
2016-12-13 20:24 - 2008-07-10 11:00 - 04992520 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_39.dll
2016-12-13 20:24 - 2008-07-10 11:00 - 03851784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_39.dll
2016-12-13 20:24 - 2008-07-10 11:00 - 01942552 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_39.dll
2016-12-13 20:24 - 2008-07-10 11:00 - 01493528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_39.dll
2016-12-13 20:24 - 2008-07-10 11:00 - 00540688 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_39.dll
2016-12-13 20:24 - 2008-05-30 14:19 - 00511496 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_1.dll
2016-12-13 20:24 - 2008-05-30 14:19 - 00507400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_1.dll
2016-12-13 20:24 - 2008-05-30 14:18 - 00238088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_1.dll
2016-12-13 20:24 - 2008-05-30 14:18 - 00177672 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_1.dll
2016-12-13 20:24 - 2008-05-30 14:17 - 00068104 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_0.dll
2016-12-13 20:24 - 2008-05-30 14:17 - 00065032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_0.dll
2016-12-13 20:24 - 2008-05-30 14:17 - 00025608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_4.dll
2016-12-13 20:24 - 2008-05-30 14:16 - 00028168 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_4.dll
2016-12-13 20:24 - 2008-05-30 14:11 - 04991496 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_38.dll
2016-12-13 20:24 - 2008-05-30 14:11 - 03850760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_38.dll
2016-12-13 20:24 - 2008-05-30 14:11 - 01941528 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_38.dll
2016-12-13 20:24 - 2008-05-30 14:11 - 01491992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_38.dll
2016-12-13 20:24 - 2008-05-30 14:11 - 00540688 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_38.dll
2016-12-13 20:24 - 2008-05-30 14:11 - 00467984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_38.dll
2016-12-13 20:24 - 2008-03-05 16:04 - 00489480 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_0.dll
2016-12-13 20:24 - 2008-03-05 16:03 - 00479752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_0.dll
2016-12-13 20:24 - 2008-03-05 16:03 - 00238088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_0.dll
2016-12-13 20:24 - 2008-03-05 16:03 - 00177672 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_0.dll
2016-12-13 20:24 - 2008-03-05 16:00 - 00028168 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_3.dll
2016-12-13 20:24 - 2008-03-05 16:00 - 00025608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_3.dll
2016-12-13 20:24 - 2008-03-05 15:56 - 04910088 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_37.dll
2016-12-13 20:24 - 2008-03-05 15:56 - 03786760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_37.dll
2016-12-13 20:24 - 2008-03-05 15:56 - 01860120 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_37.dll
2016-12-13 20:24 - 2008-03-05 15:56 - 01420824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_37.dll
2016-12-13 20:24 - 2008-02-05 23:07 - 00529424 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_37.dll
2016-12-13 20:24 - 2008-02-05 23:07 - 00462864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_37.dll
2016-12-13 20:24 - 2007-10-22 03:40 - 00411656 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_10.dll
2016-12-13 20:24 - 2007-10-22 03:39 - 00267272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_10.dll
2016-12-13 20:24 - 2007-10-22 03:37 - 00021000 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_2.dll
2016-12-13 20:24 - 2007-10-22 03:37 - 00017928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_2.dll
2016-12-13 20:24 - 2007-10-12 15:14 - 05081608 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_36.dll
2016-12-13 20:24 - 2007-10-12 15:14 - 03734536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_36.dll
2016-12-13 20:24 - 2007-10-12 15:14 - 02006552 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_36.dll
2016-12-13 20:24 - 2007-10-12 15:14 - 01374232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_36.dll
2016-12-13 20:24 - 2007-10-02 09:56 - 00508264 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_36.dll
2016-12-13 20:24 - 2007-10-02 09:56 - 00444776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_36.dll
2016-12-13 20:24 - 2007-07-20 00:57 - 00411496 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_9.dll
2016-12-13 20:24 - 2007-07-20 00:57 - 00267112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_9.dll
2016-12-13 20:24 - 2007-07-19 18:14 - 05073256 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_35.dll
2016-12-13 20:24 - 2007-07-19 18:14 - 03727720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_35.dll
2016-12-13 20:24 - 2007-07-19 18:14 - 01985904 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_35.dll
2016-12-13 20:24 - 2007-07-19 18:14 - 01358192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_35.dll
2016-12-13 20:24 - 2007-07-19 18:14 - 00508264 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_35.dll
2016-12-13 20:24 - 2007-07-19 18:14 - 00444776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_35.dll
2016-12-13 20:24 - 2007-06-20 20:49 - 00409960 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_8.dll
2016-12-13 20:24 - 2007-06-20 20:46 - 00266088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_8.dll
2016-12-13 20:24 - 2007-05-16 16:45 - 04496232 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_34.dll
2016-12-13 20:24 - 2007-05-16 16:45 - 03497832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_34.dll
2016-12-13 20:24 - 2007-05-16 16:45 - 01401200 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_34.dll
2016-12-13 20:24 - 2007-05-16 16:45 - 01124720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_34.dll
2016-12-13 20:24 - 2007-05-16 16:45 - 00506728 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_34.dll
2016-12-13 20:24 - 2007-05-16 16:45 - 00443752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_34.dll
2016-12-13 20:24 - 2007-04-04 18:55 - 00403304 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_7.dll
2016-12-13 20:24 - 2007-04-04 18:55 - 00261480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_7.dll
2016-12-13 20:24 - 2007-04-04 18:54 - 00107368 _____ (Microsoft Corporation) C:\WINDOWS\system32\xinput1_3.dll
2016-12-13 20:24 - 2007-04-04 18:53 - 00081768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xinput1_3.dll
2016-12-13 20:24 - 2007-03-15 16:57 - 00506728 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_33.dll
2016-12-13 20:24 - 2007-03-15 16:57 - 00443752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_33.dll
2016-12-13 20:24 - 2007-03-12 16:42 - 04494184 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_33.dll
2016-12-13 20:24 - 2007-03-12 16:42 - 03495784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_33.dll
2016-12-13 20:24 - 2007-03-12 16:42 - 01400176 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_33.dll
2016-12-13 20:24 - 2007-03-12 16:42 - 01123696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_33.dll
2016-12-13 20:24 - 2007-03-05 12:42 - 00017688 _____ (Microsoft Corporation) C:\WINDOWS\system32\x3daudio1_1.dll
2016-12-13 20:24 - 2007-03-05 12:42 - 00015128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\x3daudio1_1.dll
2016-12-13 20:24 - 2007-01-24 15:27 - 00393576 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_6.dll
2016-12-13 20:24 - 2007-01-24 15:27 - 00255848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_6.dll
2016-12-13 20:24 - 2006-12-08 12:02 - 00251672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_5.dll
2016-12-13 20:24 - 2006-12-08 12:00 - 00390424 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_5.dll
2016-12-13 20:24 - 2006-11-29 13:06 - 04398360 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_32.dll
2016-12-13 20:24 - 2006-11-29 13:06 - 03426072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_32.dll
2016-12-13 20:24 - 2006-11-29 13:06 - 00469264 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10.dll
2016-12-13 20:24 - 2006-11-29 13:06 - 00440080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10.dll
2016-12-13 20:24 - 2006-09-28 16:05 - 03977496 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_31.dll
2016-12-13 20:24 - 2006-09-28 16:05 - 02414360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_31.dll
2016-12-13 20:24 - 2006-09-28 16:05 - 00237848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_4.dll
2016-12-13 20:24 - 2006-09-28 16:04 - 00364824 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_4.dll
2016-12-13 20:24 - 2006-07-28 09:31 - 00083736 _____ (Microsoft Corporation) C:\WINDOWS\system32\xinput1_2.dll
2016-12-13 20:24 - 2006-07-28 09:30 - 00363288 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_3.dll
2016-12-13 20:24 - 2006-07-28 09:30 - 00236824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_3.dll
2016-12-13 20:24 - 2006-07-28 09:30 - 00062744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xinput1_2.dll
2016-12-13 20:24 - 2006-05-31 07:24 - 00230168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_2.dll
2016-12-13 20:24 - 2006-05-31 07:22 - 00354072 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_2.dll
2016-12-13 20:24 - 2006-03-31 12:41 - 03927248 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_30.dll
2016-12-13 20:24 - 2006-03-31 12:40 - 02388176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_30.dll
2016-12-13 20:24 - 2006-03-31 12:40 - 00352464 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_1.dll
2016-12-13 20:24 - 2006-03-31 12:39 - 00229584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_1.dll
2016-12-13 20:24 - 2006-03-31 12:39 - 00083664 _____ (Microsoft Corporation) C:\WINDOWS\system32\xinput1_1.dll
2016-12-13 20:24 - 2006-03-31 12:39 - 00062672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xinput1_1.dll
2016-12-13 20:24 - 2006-02-03 08:43 - 03830992 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_29.dll
2016-12-13 20:24 - 2006-02-03 08:43 - 02332368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_29.dll
2016-12-13 20:24 - 2006-02-03 08:42 - 00355536 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_0.dll
2016-12-13 20:24 - 2006-02-03 08:42 - 00230096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_0.dll
2016-12-13 20:24 - 2006-02-03 08:41 - 00016592 _____ (Microsoft Corporation) C:\WINDOWS\system32\x3daudio1_0.dll
2016-12-13 20:24 - 2006-02-03 08:41 - 00014032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\x3daudio1_0.dll
2016-12-13 20:24 - 2005-12-05 18:09 - 03815120 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_28.dll
2016-12-13 20:24 - 2005-12-05 18:09 - 02323664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_28.dll
2016-12-13 20:24 - 2005-07-22 19:59 - 03807440 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_27.dll
2016-12-13 20:24 - 2005-07-22 19:59 - 02319568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_27.dll
2016-12-13 20:24 - 2005-05-26 15:34 - 03767504 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_26.dll
2016-12-13 20:24 - 2005-05-26 15:34 - 02297552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_26.dll
2016-12-13 20:24 - 2005-03-18 17:19 - 03823312 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_25.dll
2016-12-13 20:24 - 2005-03-18 17:19 - 02337488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_25.dll
2016-12-13 20:24 - 2005-02-05 19:45 - 03544272 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_24.dll
2016-12-13 20:24 - 2005-02-05 19:45 - 02222800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_24.dll
2016-12-13 20:15 - 2016-12-13 20:19 - 00000190 _____ C:\Users\Joni\Desktop\You Need A Budget 4 (YNAB).url
2016-12-13 20:13 - 2016-12-14 10:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FIFA 15
2016-12-13 20:13 - 2016-12-13 20:21 - 00000000 ____D C:\Users\Joni\Documents\FIFA 15
2016-12-13 20:13 - 2016-12-13 20:13 - 00000669 _____ C:\Users\Public\Desktop\FIFA 15.lnk
2016-12-13 20:05 - 2016-12-13 20:05 - 00001110 _____ C:\Users\Joni\Desktop\MiniMetro.exe - Shortcut.lnk
2016-12-13 19:44 - 2016-12-13 19:44 - 00000000 ____D C:\Users\Joni\AppData\LocalLow\Dinosaur Polo Club
2016-12-13 19:27 - 2016-12-14 10:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Transport Fever [GOG.com]
2016-12-13 19:27 - 2016-12-13 19:27 - 00000847 _____ C:\Users\Public\Desktop\Transport Fever.lnk
2016-12-13 19:01 - 2016-12-13 20:19 - 00000200 _____ C:\Users\Joni\Desktop\Tropico 5.url
2016-12-13 19:00 - 2016-12-13 20:20 - 00000206 _____ C:\Users\Joni\Desktop\Valiant Hearts The Great War  Soldats Inconnus  Mmoires de la Grande Guerre.url
2016-12-13 19:00 - 2016-12-13 19:00 - 00000202 _____ C:\Users\Joni\Desktop\Eastside Hockey Manager.url
2016-12-13 18:58 - 2016-12-13 20:19 - 00000206 _____ C:\Users\Joni\Desktop\Sid Meier's Railroads!.url
2016-12-13 18:58 - 2016-12-13 20:19 - 00000202 _____ C:\Users\Joni\Desktop\SpeedRunners.url
2016-12-13 18:58 - 2016-12-13 18:58 - 00000202 _____ C:\Users\Joni\Desktop\Stonehearth.url
2016-12-13 18:58 - 2016-12-13 18:58 - 00000201 _____ C:\Users\Joni\Desktop\Super Meat Boy.url
2016-12-13 18:51 - 2016-12-14 10:55 - 00000000 ____D C:\WINDOWS\SysWOW64\BestPractices
2016-12-13 18:51 - 2016-12-14 10:54 - 00000000 ____D C:\WINDOWS\system32\BestPractices
2016-12-13 18:37 - 2016-12-14 10:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Easy
2016-12-13 18:37 - 2016-12-13 18:53 - 00000436 _____ C:\WINDOWS\Tasks\Driver Easy Scheduled Scan.job
2016-12-13 18:37 - 2016-12-13 18:37 - 00001012 _____ C:\Users\Public\Desktop\Driver Easy.lnk
2016-12-13 18:37 - 2016-12-13 18:37 - 00000000 ____D C:\Users\Joni\AppData\Roaming\Easeware
2016-12-13 18:37 - 2016-12-13 18:37 - 00000000 ____D C:\Program Files\Easeware
2016-12-13 18:19 - 2016-12-14 14:19 - 00000000 ____D C:\Users\Joni\AppData\LocalLow\Mozilla
2016-12-13 18:18 - 2016-12-13 18:25 - 00000000 ____D C:\Users\Joni\AppData\Local\Mozilla
2016-12-13 18:17 - 2016-12-13 20:23 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-12-13 18:17 - 2016-12-13 20:23 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-12-13 18:17 - 2016-12-13 18:17 - 00001228 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2016-12-13 18:17 - 2016-12-13 18:17 - 00001216 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2016-12-13 18:11 - 2016-12-13 18:12 - 00243464 _____ C:\Users\Joni\Downloads\Firefox Setup Stub 50.0.2.exe
2016-12-13 18:06 - 2016-12-13 18:06 - 15202040 _____ (Yamaha Corporation) C:\WINDOWS\system32\YamahaAE3.dll
2016-12-13 18:06 - 2016-12-13 18:06 - 14057256 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioRealtek64.dll
2016-12-13 18:06 - 2016-12-13 18:06 - 13122584 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxVoiceAPO3064.dll
2016-12-13 18:06 - 2016-12-13 18:06 - 12988352 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxVoiceAPO4064.dll
2016-12-13 18:06 - 2016-12-13 18:06 - 10512456 _____ (Intel Corporation) C:\WINDOWS\system32\IntelSSTAPO.dll
2016-12-13 18:06 - 2016-12-13 18:06 - 07172920 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEP64A.dll
2016-12-13 18:06 - 2016-12-13 18:06 - 07096192 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPP64A.dll
2016-12-13 18:06 - 2016-12-13 18:06 - 06402440 _____ (Nahimic Inc) C:\WINDOWS\system32\NAHIMICV3apo.dll
2016-12-13 18:06 - 2016-12-13 18:06 - 06264640 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPP64AF3.dll
2016-12-13 18:06 - 2016-12-13 18:06 - 05804772 _____ C:\WINDOWS\system32\Drivers\rtvienna.dat
2016-12-13 18:06 - 2016-12-13 18:06 - 05776968 _____ (Nahimic Inc) C:\WINDOWS\system32\NAHIMICV2apo.dll
2016-12-13 18:06 - 2016-12-13 18:06 - 05664483 _____ C:\WINDOWS\system32\Drivers\RTAIODAT.DAT
2016-12-13 18:06 - 2016-12-13 18:06 - 05339560 _____ (Dolby Laboratories) C:\WINDOWS\system32\DolbyDAX2APOv211.dll
2016-12-13 18:06 - 2016-12-13 18:06 - 05289952 _____ (Nahimic Inc) C:\WINDOWS\system32\NAHIMICAPOlfx.dll
2016-12-13 18:06 - 2016-12-13 18:06 - 05200128 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\Drivers\RTKVHD64.sys
2016-12-13 18:06 - 2016-12-13 18:06 - 03299832 _____ (Yamaha Corporation) C:\WINDOWS\system32\YamahaAE2.dll
2016-12-13 18:06 - 2016-12-13 18:06 - 03283248 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkApi64.dll
2016-12-13 18:06 - 2016-12-13 18:06 - 03282544 _____ (Fortemedia Corporation) C:\WINDOWS\system32\FMAPO64.dll
2016-12-13 18:06 - 2016-12-13 18:06 - 03199232 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtPgEx64.dll
2016-12-13 18:06 - 2016-12-13 18:06 - 03181209 _____ C:\WINDOWS\system32\Drivers\rtkSSTsetting.dat
2016-12-13 18:06 - 2016-12-13 18:06 - 03087472 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RltkAPO64.dll
2016-12-13 18:06 - 2016-12-13 18:06 - 02825112 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPO7064.dll
2016-12-13 18:06 - 2016-12-13 18:06 - 02719208 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\SysWOW64\RltkAPO.dll
2016-12-13 18:06 - 2016-12-13 18:06 - 02477520 _____ (DTS, Inc.) C:\WINDOWS\system32\sltech64.dll
2016-12-13 18:06 - 2016-12-13 18:06 - 02437760 _____ (Dolby Laboratories) C:\WINDOWS\system32\DolbyDAX2APOv201.dll
2016-12-13 18:06 - 2016-12-13 18:06 - 02190992 _____ (Yamaha Corporation) C:\WINDOWS\system32\YamahaAE.dll
2016-12-13 18:06 - 2016-12-13 18:06 - 02110592 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\WavesGUILib64.dll
2016-12-13 18:06 - 2016-12-13 18:06 - 02058496 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RCoInstII64.dll
2016-12-13 18:06 - 2016-12-13 18:06 - 02050184 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioEQ64.dll
2016-12-13 18:06 - 2016-12-13 18:06 - 01965816 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPD64A.dll
2016-12-13 18:06 - 2016-12-13 18:06 - 01959608 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPD64AF3.dll
2016-12-13 18:06 - 2016-12-13 18:06 - 01847888 _____ (DTS, Inc.) C:\WINDOWS\system32\slcnt64.dll
2016-12-13 18:06 - 2016-12-13 18:06 - 01780624 _____ (DTS) C:\WINDOWS\system32\DTSS2SpeakerDLL64.dll
2016-12-13 18:06 - 2016-12-13 18:06 - 01601952 _____ (Conexant Systems Inc.) C:\WINDOWS\system32\CX64APO.dll
2016-12-13 18:06 - 2016-12-13 18:06 - 01591064 _____ (DTS) C:\WINDOWS\system32\DTSS2HeadphoneDLL64.dll
2016-12-13 18:06 - 2016-12-13 18:06 - 01508936 _____ (DTS) C:\WINDOWS\system32\DTSBoostDLL64.dll
2016-12-13 18:06 - 2016-12-13 18:06 - 01435152 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRRPTR64.dll
2016-12-13 18:06 - 2016-12-13 18:06 - 01422936 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPO6064.dll
2016-12-13 18:06 - 2016-12-13 18:06 - 01382240 _____ (TOSHIBA Corporation) C:\WINDOWS\system32\tosade.dll
2016-12-13 18:06 - 2016-12-13 18:06 - 01355616 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTCOM64.dll
2016-12-13 18:06 - 2016-12-13 18:06 - 01334384 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxSpeechAPO64.dll
2016-12-13 18:06 - 2016-12-13 18:06 - 01213664 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPO5064.dll
2016-12-13 18:06 - 2016-12-13 18:06 - 01186824 _____ (Intel Corporation) C:\WINDOWS\system32\IntelSstCApoPropPage.dll
2016-12-13 18:06 - 2016-12-13 18:06 - 01166168 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPO4064.dll
2016-12-13 18:06 - 2016-12-13 18:06 - 01061120 _____ (Dolby Laboratories) C:\WINDOWS\system32\DolbyDAX2APOProp.dll
2016-12-13 18:06 - 2016-12-13 18:06 - 01023240 _____ (DTS, Inc.) C:\WINDOWS\system32\sl3apo64.dll
2016-12-13 18:06 - 2016-12-13 18:06 - 01003864 _____ (Nahimic Inc) C:\WINDOWS\system32\NahimicAPONSControl.dll
2016-12-13 18:06 - 2016-12-13 18:06 - 00999864 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxVoiceAPO2064.dll
2016-12-13 18:06 - 2016-12-13 18:06 - 00965032 _____ (Sony Corporation) C:\WINDOWS\system32\SFSS_APO.dll
2016-12-13 18:06 - 2016-12-13 18:06 - 00946696 _____ (Realtek ) C:\WINDOWS\system32\Drivers\rt640x64.sys
2016-12-13 18:06 - 2016-12-13 18:06 - 00931624 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPOShell64.dll
2016-12-13 18:06 - 2016-12-13 18:06 - 00927424 _____ (Sound Research, Corp.) C:\WINDOWS\system32\SEHDRA64.dll
2016-12-13 18:06 - 2016-12-13 18:06 - 00923744 _____ (Sony Corporation) C:\WINDOWS\system32\MISS_APO.dll
2016-12-13 18:06 - 2016-12-13 18:06 - 00888472 _____ (TOSHIBA Corporation) C:\WINDOWS\system32\tossaeapo64.dll
2016-12-13 18:06 - 2016-12-13 18:06 - 00873472 _____ (TOSHIBA Corporation) C:\WINDOWS\system32\tadefxapo264.dll
2016-12-13 18:06 - 2016-12-13 18:06 - 00743968 _____ (DTS) C:\WINDOWS\system32\DTSBassEnhancementDLL64.dll
2016-12-13 18:06 - 2016-12-13 18:06 - 00727440 _____ (DTS) C:\WINDOWS\system32\DTSSymmetryDLL64.dll
2016-12-13 18:06 - 2016-12-13 18:06 - 00716112 _____ (Sound Research, Corp.) C:\WINDOWS\system32\SECOMN64.dll
2016-12-13 18:06 - 2016-12-13 18:06 - 00708320 _____ (DTS) C:\WINDOWS\system32\DTSVoiceClarityDLL64.dll
2016-12-13 18:06 - 2016-12-13 18:06 - 00689888 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtDataProc64.dll
2016-12-13 18:06 - 2016-12-13 18:06 - 00678192 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPO30.dll
2016-12-13 18:06 - 2016-12-13 18:06 - 00677680 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxVolumeSDAPO.dll
2016-12-13 18:06 - 2016-12-13 18:06 - 00618192 _____ (Knowles Acoustics ) C:\WINDOWS\system32\KAAPORT64.dll
2016-12-13 18:06 - 2016-12-13 18:06 - 00596120 _____ (TOSHIBA Corporation) C:\WINDOWS\system32\tosasfapo64.dll
2016-12-13 18:06 - 2016-12-13 18:06 - 00589072 _____ (Sound Research, Corp.) C:\WINDOWS\SysWOW64\SECOMN32.DLL
2016-12-13 18:06 - 2016-12-13 18:06 - 00574760 _____ (Andrea Electronics Corporation) C:\WINDOWS\system32\AERTAC64.dll
2016-12-13 18:06 - 2016-12-13 18:06 - 00532384 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSTSX64.dll
2016-12-13 18:06 - 2016-12-13 18:06 - 00514528 _____ (DTS) C:\WINDOWS\system32\DTSU2PLFX64.dll
2016-12-13 18:06 - 2016-12-13 18:06 - 00504312 _____ (DTS) C:\WINDOWS\system32\DTSNeoPCDLL64.dll
2016-12-13 18:06 - 2016-12-13 18:06 - 00500560 _____ (DTS) C:\WINDOWS\system32\DTSU2PGFX64.dll
2016-12-13 18:06 - 2016-12-13 18:06 - 00472312 _____ (ICEpower a/s) C:\WINDOWS\system32\ICEsoundAPO64.dll
2016-12-13 18:06 - 2016-12-13 18:06 - 00467160 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRAPO64.dll
2016-12-13 18:06 - 2016-12-13 18:06 - 00450128 _____ (Sound Research, Corp.) C:\WINDOWS\system32\SEAPO64.dll
2016-12-13 18:06 - 2016-12-13 18:06 - 00447728 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EED64A.dll
2016-12-13 18:06 - 2016-12-13 18:06 - 00445408 _____ (DTS) C:\WINDOWS\system32\DTSLimiterDLL64.dll
2016-12-13 18:06 - 2016-12-13 18:06 - 00441272 _____ (DTS) C:\WINDOWS\system32\DTSGainCompensatorDLL64.dll
2016-12-13 18:06 - 2016-12-13 18:06 - 00428232 _____ (DTS) C:\WINDOWS\system32\DTSU2PREC64.dll
2016-12-13 18:06 - 2016-12-13 18:06 - 00416512 _____ (Harman) C:\WINDOWS\system32\HMUI.dll
2016-12-13 18:06 - 2016-12-13 18:06 - 00387320 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEP64A.dll
2016-12-13 18:06 - 2016-12-13 18:06 - 00381416 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRCOM64.dll
2016-12-13 18:06 - 2016-12-13 18:06 - 00371456 _____ (Dolby Laboratories) C:\WINDOWS\system32\HiFiDAX2API.dll
2016-12-13 18:06 - 2016-12-13 18:06 - 00366128 _____ (Windows ® Win 7 DDK provider) C:\WINDOWS\system32\HMAPO.dll
2016-12-13 18:06 - 2016-12-13 18:06 - 00362064 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPO64AF3.dll
2016-12-13 18:06 - 2016-12-13 18:06 - 00360352 _____ (Harman) C:\WINDOWS\system32\HMClariFi.dll
2016-12-13 18:06 - 2016-12-13 18:06 - 00343712 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtlCPAPI64.dll
2016-12-13 18:06 - 2016-12-13 18:06 - 00341160 _____ (Synopsys, Inc.) C:\WINDOWS\SysWOW64\SRCOM.dll
2016-12-13 18:06 - 2016-12-13 18:06 - 00341160 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRCOM.dll
2016-12-13 18:06 - 2016-12-13 18:06 - 00330568 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPO20.dll
2016-12-13 18:06 - 2016-12-13 18:06 - 00327464 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPO64A.dll
2016-12-13 18:06 - 2016-12-13 18:06 - 00321720 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RP3DHT64.dll
2016-12-13 18:06 - 2016-12-13 18:06 - 00321720 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RP3DAA64.dll
2016-12-13 18:06 - 2016-12-13 18:06 - 00310432 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPA64F3.dll
2016-12-13 18:06 - 2016-12-13 18:06 - 00272720 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPA64.dll
2016-12-13 18:06 - 2016-12-13 18:06 - 00258864 _____ (TODO: <Company name>) C:\WINDOWS\system32\slprp64.dll
2016-12-13 18:06 - 2016-12-13 18:06 - 00253904 _____ (DTS) C:\WINDOWS\system32\DTSGFXAPO64.dll
2016-12-13 18:06 - 2016-12-13 18:06 - 00253872 _____ (DTS) C:\WINDOWS\system32\DTSLFXAPO64.dll
2016-12-13 18:06 - 2016-12-13 18:06 - 00252880 _____ (DTS) C:\WINDOWS\system32\DTSGFXAPONS64.dll
2016-12-13 18:06 - 2016-12-13 18:06 - 00231920 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SFNHK64.dll
2016-12-13 18:06 - 2016-12-13 18:06 - 00224264 _____ (TOSHIBA Corporation) C:\WINDOWS\system32\tossaemaxapo64.dll
2016-12-13 18:06 - 2016-12-13 18:06 - 00221976 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSTSH64.dll
2016-12-13 18:06 - 2016-12-13 18:06 - 00214840 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEED64A.dll
2016-12-13 18:06 - 2016-12-13 18:06 - 00209544 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSHP64.dll
2016-12-13 18:06 - 2016-12-13 18:06 - 00203848 _____ (Harman) C:\WINDOWS\system32\HMHVS.dll
2016-12-13 18:06 - 2016-12-13 18:06 - 00192992 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkCfg64.dll
2016-12-13 18:06 - 2016-12-13 18:06 - 00190944 _____ (Harman) C:\WINDOWS\system32\HMEQ_Voice.dll
2016-12-13 18:06 - 2016-12-13 18:06 - 00190944 _____ (Harman) C:\WINDOWS\system32\HMEQ.dll
2016-12-13 18:06 - 2016-12-13 18:06 - 00179608 _____ (Harman) C:\WINDOWS\system32\HMLimiter.dll
2016-12-13 18:06 - 2016-12-13 18:06 - 00172584 _____ (TOSHIBA Corporation) C:\WINDOWS\system32\toseaeapo64.dll
2016-12-13 18:06 - 2016-12-13 18:06 - 00166208 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSWOW64.dll
2016-12-13 18:06 - 2016-12-13 18:06 - 00158704 _____ (TOSHIBA Corporation) C:\WINDOWS\system32\tadefxapo.dll
2016-12-13 18:06 - 2016-12-13 18:06 - 00154368 _____ (Harman) C:\WINDOWS\system32\HarmanAudioInterface.dll
2016-12-13 18:06 - 2016-12-13 18:06 - 00151792 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEL64A.dll
2016-12-13 18:06 - 2016-12-13 18:06 - 00134208 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEA64A.dll
2016-12-13 18:06 - 2016-12-13 18:06 - 00122328 _____ (Real Sound Lab SIA) C:\WINDOWS\system32\CONEQMSAPOGUILibrary.dll
2016-12-13 18:06 - 2016-12-13 18:06 - 00118600 _____ C:\WINDOWS\system32\AcpiServiceVnA64.dll
2016-12-13 18:06 - 2016-12-13 18:06 - 00118600 _____ (Andrea Electronics Corporation) C:\WINDOWS\system32\AERTAR64.dll
2016-12-13 18:06 - 2016-12-13 18:06 - 00110992 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEL64A.dll
2016-12-13 18:06 - 2016-12-13 18:06 - 00105312 _____ C:\WINDOWS\system32\audioLibVc.dll
2016-12-13 18:06 - 2016-12-13 18:06 - 00090920 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SFCOM64.dll
2016-12-13 18:06 - 2016-12-13 18:06 - 00088352 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEG64A.dll
2016-12-13 18:06 - 2016-12-13 18:06 - 00088328 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SFAPO64.dll
2016-12-13 18:06 - 2016-12-13 18:06 - 00084624 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEG64A.dll
2016-12-13 18:06 - 2016-12-13 18:06 - 00083632 _____ (Virage Logic Corporation / Sonic Focus) C:\WINDOWS\SysWOW64\SFCOM.dll
2016-12-13 18:06 - 2016-12-13 18:06 - 00082544 _____ (Realtek Semiconductor Corporation) C:\WINDOWS\system32\RtNicProp64.dll
2016-12-13 18:06 - 2016-12-13 18:06 - 00075544 _____ (TOSHIBA CORPORATION.) C:\WINDOWS\system32\tepeqapo64.dll
2016-12-13 18:06 - 2016-12-13 18:06 - 00023696 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkCoLDR64.dll
2016-12-13 18:05 - 2016-12-13 18:06 - 72520720 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RCoRes64.dat
2016-12-13 18:05 - 2016-12-13 18:05 - 02895104 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTSnMg64.cpl
2016-12-13 18:04 - 2016-12-13 18:04 - 00186424 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\TeeDriverW8x64.sys
2016-12-13 17:57 - 2016-12-13 17:57 - 00000000 ____D C:\WINDOWS\IObit
2016-12-13 17:54 - 2016-12-14 10:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster 4
2016-12-13 17:54 - 2016-12-13 18:07 - 00002351 _____ C:\Users\Public\Desktop\Driver Booster 4.lnk
2016-12-13 17:54 - 2016-12-13 17:54 - 00027552 _____ (REALiX™) C:\WINDOWS\SysWOW64\Drivers\HWiNFO64A.SYS
2016-12-13 17:49 - 2016-12-13 17:53 - 17146184 _____ (IObit ) C:\Users\Joni\Downloads\driver_booster_setup.exe
2016-12-13 17:44 - 2016-12-13 17:44 - 00000202 _____ C:\Users\Joni\Desktop\Rocksmith 2014 Edition - Remastered.url
2016-12-13 16:54 - 2016-12-13 16:58 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-12-13 16:54 - 2016-12-13 16:54 - 141011376 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-12-13 16:29 - 2016-07-01 05:57 - 00059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpreference.exe
2016-12-13 16:29 - 2016-07-01 05:40 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Speech.Pal.dll
2016-12-13 16:17 - 2016-12-13 16:17 - 00000000 ____D C:\Users\Joni\AppData\LocalLow\AMD
2016-12-13 16:09 - 2016-12-13 16:09 - 00014456 _____ (NoVirusThanks Company Srl) C:\WINDOWS\system32\Drivers\RegDeleteEx.sys
2016-12-13 16:05 - 2016-12-13 16:05 - 00000000 ____D C:\Users\Joni\AppData\Roaming\WinRAR
2016-12-13 15:41 - 2016-12-13 15:41 - 00000202 _____ C:\Users\Joni\Desktop\Grand Theft Auto V.url
2016-12-13 15:39 - 2016-12-13 21:27 - 00000000 ____D C:\Users\Joni\Documents\my games
2016-12-13 15:39 - 2016-12-13 15:39 - 00000000 ____D C:\Users\Joni\Downloads\backups
2016-12-13 15:38 - 2016-12-13 15:38 - 00000000 ____D C:\Users\Joni\AppData\Roaming\tropico 5
2016-12-13 15:37 - 2016-12-13 15:37 - 00000000 ____D C:\Users\Joni\AppData\Roaming\Factorio
2016-12-13 15:37 - 2016-12-13 15:37 - 00000000 ____D C:\Users\Joni\AppData\LocalLow\SomaSim
2016-12-13 15:37 - 2016-12-13 15:37 - 00000000 ____D C:\SteamGames
2016-12-13 15:36 - 2016-12-13 15:36 - 00000202 _____ C:\Users\Joni\Desktop\Another Brick in the Mall.url
2016-12-13 15:19 - 2016-12-13 20:55 - 00000000 ____D C:\Users\Joni\AppData\Local\CrashDumps
2016-12-13 15:14 - 2016-12-14 13:22 - 00000000 ____D C:\Users\Joni\AppData\Local\Adobe
2016-12-13 15:07 - 2016-12-14 10:56 - 00000000 ____D C:\Users\Joni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2016-12-13 15:07 - 2016-12-13 15:07 - 00000533 _____ C:\Users\Joni\Desktop\C SSD.lnk
2016-12-13 15:07 - 2016-12-13 15:07 - 00000521 _____ C:\Users\Joni\Desktop\F IOMEGA.lnk
2016-12-13 15:07 - 2016-12-13 15:07 - 00000520 _____ C:\Users\Joni\Desktop\I Games.lnk
2016-12-13 15:07 - 2016-12-13 15:07 - 00000515 _____ C:\Users\Joni\Desktop\J.lnk
2016-12-13 15:07 - 2016-12-13 15:07 - 00000515 _____ C:\Users\Joni\Desktop\H Origin & Steam.lnk
2016-12-13 15:07 - 2016-12-13 15:07 - 00000202 _____ C:\Users\Joni\Desktop\Age of Mythology Extended Edition.url
2016-12-13 15:03 - 2016-12-13 15:03 - 00000000 ____D C:\Users\Joni\AppData\Local\Steam
2016-12-13 15:03 - 2016-12-13 15:03 - 00000000 ____D C:\Users\Joni\AppData\Local\Chromium
2016-12-13 14:58 - 2016-12-14 10:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2016-12-13 14:58 - 2016-12-13 14:58 - 00000575 _____ C:\Users\Public\Desktop\Steam.lnk
2016-12-13 14:53 - 2016-12-14 10:56 - 00000000 ____D C:\Users\Joni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2016-12-13 14:53 - 2016-12-14 10:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2016-12-13 14:53 - 2016-12-14 10:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2016-12-13 14:53 - 2016-12-14 10:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2016-12-13 14:53 - 2016-12-13 18:52 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2016-12-13 14:53 - 2016-12-13 18:52 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2016-12-13 14:53 - 2016-12-13 14:53 - 00000916 _____ C:\Users\Public\Desktop\VLC media player.lnk
2016-12-13 14:53 - 2016-12-13 14:53 - 00000000 ____D C:\Users\Joni\AppData\Roaming\vlc
2016-12-13 14:53 - 2016-12-13 14:53 - 00000000 ____D C:\Program Files\VideoLAN
2016-12-13 14:52 - 2016-12-13 14:53 - 00000000 ____D C:\Program Files\WinRAR
2016-12-13 14:49 - 2016-12-14 10:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Settings
2016-12-13 14:49 - 2016-12-14 10:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Problem Report Wizard
2016-12-13 14:49 - 2016-12-13 14:49 - 00000000 ____D C:\Program Files (x86)\AMD
2016-12-13 14:48 - 2016-12-14 10:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RogueKiller
2016-12-13 14:48 - 2016-12-13 14:48 - 00028272 _____ C:\WINDOWS\system32\Drivers\TrueSight.sys
2016-12-13 14:48 - 2016-12-13 14:48 - 00000899 _____ C:\Users\Public\Desktop\RogueKiller.lnk
2016-12-13 14:48 - 2016-12-13 14:48 - 00000000 ____D C:\Program Files\RogueKiller
2016-12-13 14:47 - 2016-12-13 15:02 - 00000000 ____D C:\ProgramData\RogueKiller
2016-12-13 14:44 - 2016-12-13 14:47 - 34211496 _____ (Adlice Software ) C:\Users\Joni\Downloads\setup.exe
2016-12-13 14:44 - 2016-12-13 14:44 - 00000000 ____D C:\Program Files (x86)\VulkanRT
2016-12-13 14:44 - 2016-09-09 20:25 - 00269600 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2016-12-13 14:44 - 2016-09-09 20:25 - 00261920 _____ C:\WINDOWS\system32\vulkan-1.dll
2016-12-13 14:44 - 2016-09-09 20:25 - 00110880 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2016-12-13 14:44 - 2016-09-09 20:24 - 00125216 _____ C:\WINDOWS\system32\vulkaninfo.exe
2016-12-13 14:43 - 2016-12-13 14:44 - 00388608 _____ (Trend Micro Inc.) C:\Users\Joni\Downloads\HijackThis.exe
2016-12-13 14:40 - 2016-12-13 14:41 - 00000000 ____D C:\Users\Joni\AppData\Local\AMD
2016-12-13 14:40 - 2016-12-13 14:41 - 00000000 ____D C:\AMD
2016-12-13 14:34 - 2016-12-13 20:22 - 00000000 ____D C:\Users\Joni\AppData\Roaming\Origin
2016-12-13 14:34 - 2016-12-13 20:09 - 00000000 ____D C:\Users\Joni\AppData\Local\Origin
2016-12-13 14:34 - 2016-12-13 14:34 - 00000000 ____D C:\Users\Joni\.QtWebEngineProcess
2016-12-13 14:34 - 2016-12-13 14:34 - 00000000 ____D C:\Users\Joni\.Origin
2016-12-13 14:30 - 2016-12-13 20:13 - 00000000 ____D C:\ProgramData\Package Cache
2016-12-13 14:29 - 2016-12-14 10:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin
2016-12-13 14:29 - 2016-12-13 20:22 - 00000000 ____D C:\ProgramData\Origin
2016-12-13 14:29 - 2016-12-13 14:29 - 00000561 _____ C:\Users\Public\Desktop\Origin.lnk
2016-12-13 14:29 - 2016-12-13 14:29 - 00000000 ____D C:\ProgramData\Electronic Arts
2016-12-13 14:27 - 2016-12-13 14:27 - 00000000 ____D C:\Users\Joni\AppData\Roaming\Foxit Software
2016-12-13 14:26 - 2016-12-14 14:13 - 00000308 _____ C:\WINDOWS\Tasks\Uninstaller_SkipUac_Joni.job
2016-12-13 14:26 - 2016-12-14 10:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Uninstaller
2016-12-13 14:26 - 2016-12-13 18:54 - 00000000 ____D C:\ProgramData\ProductData
2016-12-13 14:26 - 2016-12-13 17:54 - 00000000 ____D C:\ProgramData\IObit
2016-12-13 14:26 - 2016-12-13 17:53 - 00000000 ____D C:\Users\Joni\AppData\Roaming\IObit
2016-12-13 14:26 - 2016-12-13 17:53 - 00000000 ____D C:\Program Files (x86)\IObit
2016-12-13 14:26 - 2016-12-13 14:26 - 00001439 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Uninstaller.lnk
2016-12-13 14:26 - 2016-12-13 14:26 - 00001427 _____ C:\Users\Public\Desktop\IObit Uninstaller.lnk
2016-12-13 14:26 - 2016-12-13 14:26 - 00000000 ____D C:\Users\Joni\AppData\Roaming\ProductData
2016-12-13 14:26 - 2016-12-13 14:26 - 00000000 ____D C:\Users\Joni\AppData\LocalLow\IObit
2016-12-13 14:26 - 2016-12-13 14:26 - 00000000 ____D C:\Program Files (x86)\Foxit Software
2016-12-13 14:24 - 2016-12-13 14:24 - 00001299 _____ C:\Users\Joni\Desktop\Dropbox.lnk
2016-12-13 14:21 - 2016-12-13 14:21 - 00001047 _____ C:\Users\Joni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Optional Features.lnk
2016-12-13 14:16 - 2016-12-14 10:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2016-12-13 14:14 - 2016-12-14 16:20 - 00000936 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job
2016-12-13 14:14 - 2016-12-14 16:20 - 00000932 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job
2016-12-13 14:14 - 2016-12-13 14:24 - 00000000 ____D C:\Users\Joni\AppData\Local\Dropbox
2016-12-13 14:14 - 2016-12-13 14:16 - 00000000 ____D C:\Program Files (x86)\Dropbox
2016-12-13 14:14 - 2016-12-13 14:14 - 00000000 ____D C:\ProgramData\Dropbox
2016-12-13 14:09 - 2016-12-14 10:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BS.Player
2016-12-13 14:09 - 2016-12-13 14:09 - 00001201 _____ C:\ProgramData\Microsoft\Windows\Start Menu\BS.Player FREE.lnk
2016-12-13 14:09 - 2016-12-13 14:09 - 00001195 _____ C:\Users\Public\Desktop\BS.Player FREE.lnk
2016-12-13 14:09 - 2016-12-13 14:09 - 00000000 ____D C:\Users\Joni\AppData\Roaming\BSplayer Pro
2016-12-13 14:09 - 2016-12-13 14:09 - 00000000 ____D C:\Users\Joni\AppData\Roaming\BSplayer
2016-12-13 14:09 - 2016-12-13 14:09 - 00000000 ____D C:\Program Files (x86)\Webteh
2016-12-13 14:05 - 2016-12-13 16:15 - 00001088 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast SafeZone Browser.lnk
2016-12-13 14:05 - 2016-12-13 14:05 - 00001088 _____ C:\Users\Public\Desktop\Avast SafeZone Browser.lnk
2016-12-13 14:05 - 2016-12-13 14:05 - 00000000 ____D C:\Users\Joni\AppData\Local\Google
2016-12-13 14:05 - 2016-12-13 14:05 - 00000000 ____D C:\Users\Joni\AppData\Local\CEF
2016-12-13 14:04 - 2016-12-13 14:04 - 00002272 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-12-13 14:04 - 2016-12-13 14:04 - 00002260 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-12-13 14:03 - 2016-12-13 23:13 - 00001048 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-12-13 14:03 - 2016-12-13 18:54 - 00001044 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-12-13 14:03 - 2016-12-13 14:04 - 00000000 ____D C:\Program Files (x86)\Google
2016-12-13 14:03 - 2016-12-13 14:03 - 00037144 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2016-12-13 14:02 - 2016-12-13 14:02 - 00969184 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsnx.sys
2016-12-13 14:02 - 2016-12-13 14:02 - 00513632 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsp.sys
2016-12-13 14:02 - 2016-12-13 14:02 - 00391496 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2016-12-13 14:02 - 2016-12-13 14:02 - 00293352 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswvmm.sys
2016-12-13 14:02 - 2016-12-13 14:02 - 00163416 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2016-12-13 14:02 - 2016-12-13 14:02 - 00108816 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2016-12-13 14:02 - 2016-12-13 14:02 - 00103064 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2016-12-13 14:02 - 2016-12-13 14:02 - 00074544 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2016-12-13 14:02 - 2016-12-13 14:02 - 00037656 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHwid.sys
2016-12-13 14:02 - 2016-12-13 14:02 - 00001979 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Internet Security.lnk
2016-12-13 14:02 - 2016-12-13 14:02 - 00001967 _____ C:\Users\Public\Desktop\Avast Internet Security.lnk
2016-12-13 14:02 - 2016-12-13 14:02 - 00000000 ____D C:\Users\Joni\AppData\Roaming\AVAST Software
2016-12-13 14:02 - 2016-12-13 14:01 - 00453192 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswNetSec.sys
2016-12-13 14:01 - 2016-12-13 14:03 - 00000000 ____D C:\Program Files\AVAST Software
2016-12-13 14:01 - 2016-12-13 14:01 - 00053208 _____ (AVAST Software) C:\WINDOWS\avastSS.scr
2016-12-13 13:58 - 2016-12-13 14:03 - 00000000 ____D C:\ProgramData\AVAST Software
2016-12-13 13:54 - 2016-12-13 13:55 - 00000000 ___HD C:\Program Files (x86)\Temp
2016-12-13 13:54 - 2016-12-13 13:54 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2016-12-13 13:54 - 2016-12-13 13:54 - 00000000 ____D C:\Program Files (x86)\Realtek
2016-12-13 13:54 - 2015-05-27 17:38 - 02825944 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\RtlExUpd.dll
2016-12-13 13:53 - 2016-09-14 18:28 - 00001598 _____ C:\Users\Joni\Desktop\BLUE STORAGE.lnk
2016-12-13 13:51 - 2016-12-13 13:51 - 00000000 ____D C:\Users\Joni\AppData\Local\PeerDistRepub
2016-12-13 13:50 - 2016-12-13 14:17 - 00000000 ____D C:\Users\Joni\AppData\Roaming\Dropbox
2016-12-13 13:21 - 2016-12-13 18:18 - 00000000 ____D C:\Users\Joni\AppData\Roaming\Mozilla
2016-12-13 13:21 - 2016-12-13 13:21 - 00000000 ____D C:\Users\Joni\AppData\Roaming\Thunderbird
2016-12-13 13:21 - 2016-12-13 13:21 - 00000000 ____D C:\Users\Joni\AppData\Local\Thunderbird
2016-12-13 13:17 - 2016-12-14 10:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird
2016-12-13 13:17 - 2016-12-13 13:17 - 00002074 _____ C:\Users\Public\Desktop\Mozilla Thunderbird.lnk
2016-12-13 13:17 - 2016-12-13 13:17 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2016-12-13 12:44 - 2016-12-13 12:45 - 01631928 _____ (Malwarebytes) C:\Users\Joni\Downloads\JRT.exe
2016-12-13 12:43 - 2016-12-13 12:43 - 00000000 ____D C:\Users\Joni\AppData\Roaming\Macromedia
2016-12-13 12:38 - 2016-12-13 12:41 - 00000000 ____D C:\Users\Joni\AppData\Local\MicrosoftEdge
2016-12-13 12:19 - 2016-12-14 14:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UnHackMe
2016-12-13 12:19 - 2016-12-13 12:19 - 00000418 _____ C:\WINDOWS\Tasks\UnHackMe Task Scheduler.job
2016-12-13 12:19 - 2010-10-07 11:26 - 00012808 _____ (Greatis Software, LLC.) C:\WINDOWS\SysWOW64\Drivers\UnHackMeDrv.sys
2016-12-13 12:15 - 2016-12-14 11:49 - 00000410 _____ C:\WINDOWS\Tasks\Startup Analyser.job
2016-12-13 11:46 - 2016-12-13 18:52 - 00000378 _____ C:\WINDOWS\SysWOW64\PARTIZAN.TXT
2016-12-13 11:37 - 2016-12-14 11:00 - 00024416 _____ (Greatis Software) C:\WINDOWS\SysWOW64\Drivers\regguard.sys
2016-12-13 11:37 - 2016-12-13 11:38 - 00000532 ____H C:\regrun.war
2016-12-13 11:30 - 2016-12-14 11:03 - 00837818 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-12-13 11:30 - 2016-12-13 11:30 - 00037600 _____ (Greatis Software) C:\WINDOWS\SysWOW64\Partizan.exe
2016-12-13 11:30 - 2016-12-13 11:30 - 00035816 _____ (Greatis Software) C:\WINDOWS\SysWOW64\Drivers\Partizan.sys
2016-12-13 11:28 - 2016-12-14 12:07 - 00000000 ____D C:\Users\Joni\Documents\RegRun2
2016-12-13 11:28 - 2016-12-14 11:54 - 00000002 RSHOT C:\WINDOWS\winstart.bat
2016-12-13 11:28 - 2016-12-14 11:54 - 00000002 RSHOT C:\WINDOWS\SysWOW64\CONFIG.NT
2016-12-13 11:28 - 2016-12-14 11:54 - 00000002 RSHOT C:\WINDOWS\SysWOW64\AUTOEXEC.NT
2016-12-13 11:28 - 2016-12-14 11:53 - 00049968 _____ (Greatis Software) C:\WINDOWS\system32\Partizan.exe
2016-12-13 11:28 - 2016-12-13 12:19 - 00000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2016-12-13 11:28 - 2016-12-13 11:28 - 00000000 ___HD C:\Users\Joni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Disabled Startup Items
2016-12-13 11:28 - 2016-12-13 11:28 - 00000000 ___HD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Disabled Startup Items
2016-12-13 11:27 - 2016-12-14 14:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RegRun Security Suite
2016-12-13 11:27 - 2016-12-14 12:00 - 00000000 ____D C:\Users\Public\Documents\regruninfo
2016-12-13 11:27 - 2016-12-13 12:27 - 00000000 ____D C:\WINDOWS\pss
2016-12-13 11:27 - 2016-11-28 15:39 - 01387448 _____ (Greatis Software) C:\WINDOWS\RunGuard.exe
2016-12-13 11:27 - 2016-11-28 15:39 - 00022456 _____ C:\WINDOWS\WinBait.org
2016-12-13 11:27 - 2016-11-28 15:39 - 00022456 _____ C:\WINDOWS\WinBait.exe
2016-12-13 11:27 - 2003-09-06 15:55 - 00057556 _____ C:\WINDOWS\guard.bmp
2016-12-13 11:26 - 2016-12-14 14:14 - 00000000 ____D C:\Program Files (x86)\Greatis
2016-12-13 11:26 - 2016-12-14 11:05 - 00002360 _____ C:\Users\Joni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2016-12-13 11:26 - 2016-12-14 11:05 - 00000000 ___RD C:\Users\Joni\OneDrive
2016-12-13 11:25 - 2016-12-13 11:25 - 00000000 ____D C:\WINDOWS\CSC
2016-12-13 11:25 - 2016-12-13 11:25 - 00000000 ____D C:\Users\Joni\AppData\Local\ActiveSync
2016-12-13 11:24 - 2016-12-14 11:17 - 00000000 ____D C:\Users\Joni\AppData\Local\Packages
2016-12-13 11:24 - 2016-12-13 14:44 - 00000000 ____D C:\Users\Joni\AppData\Local\VirtualStore
2016-12-13 11:24 - 2016-12-13 11:24 - 00000000 ____D C:\Users\Joni\AppData\Roaming\Adobe
2016-12-13 11:24 - 2016-12-13 11:24 - 00000000 ____D C:\Users\Joni\AppData\Local\TileDataLayer
2016-12-13 11:24 - 2016-12-13 11:24 - 00000000 ____D C:\Users\Joni\AppData\Local\Publishers
2016-12-08 00:33 - 2016-12-08 00:33 - 00276376 _____ C:\WINDOWS\system32\hsa-thunk64.dll
2016-12-08 00:33 - 2016-12-08 00:33 - 00168856 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\mantle64.dll
2016-12-08 00:33 - 2016-12-08 00:33 - 00143768 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\mantle32.dll
2016-12-08 00:33 - 2016-12-08 00:33 - 00138136 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\mantleaxl64.dll
2016-12-08 00:33 - 2016-12-08 00:33 - 00117656 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\mantleaxl32.dll
2016-12-08 00:32 - 2016-12-08 00:32 - 00922512 _____ (AMD) C:\WINDOWS\system32\coinst_16.50.dll
2016-12-08 00:32 - 2016-12-08 00:32 - 00290712 _____ C:\WINDOWS\system32\dgtrayicon.exe
2016-12-08 00:32 - 2016-12-08 00:32 - 00284056 _____ C:\WINDOWS\system32\GameManager64.dll
2016-12-08 00:32 - 2016-12-08 00:32 - 00277912 _____ C:\WINDOWS\system32\clinfo.exe
2016-12-08 00:32 - 2016-12-08 00:32 - 00248728 _____ C:\WINDOWS\SysWOW64\GameManager32.dll
2016-12-08 00:32 - 2016-12-08 00:32 - 00242072 _____ C:\WINDOWS\SysWOW64\hsa-thunk.dll
2016-12-08 00:32 - 2016-12-08 00:32 - 00145304 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atisamu64.dll
2016-12-08 00:32 - 2016-12-08 00:32 - 00126360 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atisamu32.dll
2016-12-08 00:32 - 2016-12-08 00:32 - 00029080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\detoured.dll
2016-12-08 00:32 - 2016-12-08 00:32 - 00029080 _____ (Microsoft Corporation) C:\WINDOWS\system32\detoured.dll
2016-12-08 00:31 - 2016-12-08 00:31 - 00539544 _____ (AMD) C:\WINDOWS\system32\atieclxx.exe
2016-12-08 00:31 - 2016-12-08 00:31 - 00467352 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atidemgy.dll
2016-12-08 00:31 - 2016-12-08 00:31 - 00298904 _____ (AMD) C:\WINDOWS\system32\atiesrxx.exe
2016-12-08 00:31 - 2016-12-08 00:31 - 00239000 _____ C:\WINDOWS\system32\atieah64.exe
2016-12-08 00:31 - 2016-12-08 00:31 - 00216984 _____ C:\WINDOWS\SysWOW64\atieah32.exe
2016-12-08 00:31 - 2016-12-08 00:31 - 00211864 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atig6txx.dll
2016-12-08 00:31 - 2016-12-08 00:31 - 00185240 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atigktxx.dll
2016-12-08 00:31 - 2016-12-08 00:31 - 00149504 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\aticfx64.dll
2016-12-08 00:31 - 2016-12-08 00:31 - 00145872 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\aticfx32.dll
2016-12-08 00:31 - 2016-12-08 00:31 - 00119192 _____ (AMD) C:\WINDOWS\system32\atimuixx.dll
2016-12-08 00:31 - 2016-12-08 00:31 - 00110488 _____ C:\WINDOWS\system32\atidxx64.dll
2016-12-08 00:31 - 2016-12-08 00:31 - 00098200 _____ C:\WINDOWS\SysWOW64\atidxx32.dll
2016-12-08 00:30 - 2016-12-08 00:30 - 02495896 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amfrt64.dll
2016-12-08 00:30 - 2016-12-08 00:30 - 02178968 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amfrt32.dll
2016-12-08 00:30 - 2016-12-08 00:30 - 01355672 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atiadlxx.dll
2016-12-08 00:30 - 2016-12-08 00:30 - 01015704 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxy.dll
2016-12-08 00:30 - 2016-12-08 00:30 - 01015704 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxx.dll
2016-12-08 00:30 - 2016-12-08 00:30 - 00411032 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atiapfxx.exe
2016-12-08 00:30 - 2016-12-08 00:30 - 00068504 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\ati2erec.dll
2016-12-08 00:29 - 2016-12-08 00:29 - 59876760 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\SETDE2D.tmp
2016-12-08 00:29 - 2016-12-08 00:29 - 09945496 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdvlk64.dll
2016-12-08 00:29 - 2016-12-08 00:29 - 08082328 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdvlk32.dll
2016-12-08 00:29 - 2016-12-08 00:29 - 00121240 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2016-12-08 00:29 - 2016-12-08 00:29 - 00112024 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2016-12-08 00:29 - 2016-12-08 00:29 - 00108440 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdxc64.dll
2016-12-08 00:29 - 2016-12-08 00:29 - 00096152 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdxc32.dll
2016-12-08 00:28 - 2016-12-08 00:28 - 00853912 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdlvr64.dll
2016-12-08 00:28 - 2016-12-08 00:28 - 00688024 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdlvr32.dll
2016-12-08 00:28 - 2016-12-08 00:28 - 00091544 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdmcl64.dll
2016-12-08 00:28 - 2016-12-08 00:28 - 00075160 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdmcl32.dll
2016-12-08 00:27 - 2016-12-08 00:27 - 00256920 _____ C:\WINDOWS\system32\amdgfxinfo64.dll
2016-12-08 00:27 - 2016-12-08 00:27 - 00229784 _____ C:\WINDOWS\SysWOW64\amdgfxinfo32.dll
2016-12-08 00:23 - 2016-12-08 00:23 - 00119736 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atimpc64.dll
2016-12-08 00:23 - 2016-12-08 00:23 - 00102032 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atimpc32.dll
2016-12-08 00:22 - 2016-12-08 00:22 - 00474984 _____ C:\WINDOWS\system32\amdmiracast.dll
2016-12-08 00:22 - 2016-12-08 00:22 - 00151448 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdhcp64.dll
2016-12-08 00:22 - 2016-12-08 00:22 - 00135280 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdhcp32.dll
2016-12-08 00:22 - 2016-12-08 00:22 - 00124920 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdave64.dll
2016-12-08 00:22 - 2016-12-08 00:22 - 00119736 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdpcom64.dll
2016-12-08 00:22 - 2016-12-08 00:22 - 00112960 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdave32.dll
2016-12-08 00:22 - 2016-12-08 00:22 - 00102032 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdpcom32.dll
2016-12-07 09:53 - 2016-12-07 09:53 - 00154384 _____ C:\WINDOWS\system32\samu_krnl_ci.sbin
2016-12-07 09:53 - 2016-12-07 09:53 - 00138832 _____ C:\WINDOWS\system32\samu_krnl_isv_ci.sbin
2016-12-07 09:53 - 2016-12-07 09:53 - 00119856 _____ C:\WINDOWS\system32\kapp_ci.sbin
2016-12-07 09:53 - 2016-12-07 09:53 - 00115984 _____ C:\WINDOWS\system32\kapp_si.sbin
2016-12-07 09:52 - 2016-12-07 09:52 - 03471376 _____ C:\WINDOWS\SysWOW64\atiumdva.cap
2016-12-07 09:52 - 2016-12-07 09:52 - 03437632 _____ C:\WINDOWS\system32\atiumd6a.cap
2016-12-07 09:52 - 2016-12-07 09:52 - 00776464 _____ C:\WINDOWS\SysWOW64\atiapfxx.blb
2016-12-07 09:52 - 2016-12-07 09:52 - 00776464 _____ C:\WINDOWS\system32\atiapfxx.blb
2016-12-07 09:52 - 2016-12-07 09:52 - 00204952 _____ C:\WINDOWS\SysWOW64\ativvsvl.dat
2016-12-07 09:52 - 2016-12-07 09:52 - 00204952 _____ C:\WINDOWS\system32\ativvsvl.dat
2016-12-07 09:52 - 2016-12-07 09:52 - 00157144 _____ C:\WINDOWS\SysWOW64\ativvsva.dat
2016-12-07 09:52 - 2016-12-07 09:52 - 00157144 _____ C:\WINDOWS\system32\ativvsva.dat
2016-12-07 09:52 - 2016-12-07 09:52 - 00019391 _____ C:\WINDOWS\system32\AMDKernelEvents.man
2016-12-07 09:52 - 2016-12-07 09:52 - 00000144 _____ C:\WINDOWS\SysWOW64\amd-vulkan32.json
2016-12-07 09:52 - 2016-12-07 09:52 - 00000144 _____ C:\WINDOWS\system32\amd-vulkan64.json
2016-12-05 22:07 - 2016-12-05 22:07 - 00075888 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-stable.sys
2016-12-05 22:07 - 2016-12-05 22:07 - 00075888 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-dev.sys
2016-12-05 22:07 - 2016-12-05 22:07 - 00075888 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-canary.sys
2016-12-05 22:07 - 2016-12-05 22:07 - 00042096 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2016-12-14 15:58 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-12-14 15:39 - 2016-07-16 13:47 - 00000000 ___HD C:\Program Files\WindowsApps
2016-12-14 15:13 - 2016-07-16 13:45 - 00000000 ____D C:\WINDOWS\INF
2016-12-14 14:58 - 2016-07-16 13:36 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-12-14 12:52 - 2016-07-16 13:47 - 00028672 _____ C:\WINDOWS\system32\config\BCD-Template
2016-12-14 11:01 - 2016-07-16 13:47 - 00000000 ____D C:\ProgramData\USOPrivate
2016-12-14 11:00 - 2016-04-27 07:42 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-12-14 10:58 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\Registration
2016-12-14 10:57 - 2016-07-16 13:47 - 00000000 __RHD C:\Users\Public\Libraries
2016-12-14 10:57 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\WinBioDatabase
2016-12-14 10:57 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2016-12-14 10:56 - 2016-07-16 13:47 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-12-14 10:56 - 2016-07-16 08:04 - 00262144 _____ C:\WINDOWS\system32\config\BBI
2016-12-14 10:56 - 2015-10-30 08:28 - 00000000 ____D C:\Users\Default.migrated
2016-12-14 10:55 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\spool
2016-12-14 10:54 - 2016-07-17 00:50 - 00000000 ____D C:\WINDOWS\OCR
2016-12-14 10:54 - 2016-07-16 13:47 - 00000000 ___RD C:\WINDOWS\PrintDialog
2016-12-14 10:54 - 2016-07-16 13:47 - 00000000 ___RD C:\WINDOWS\MiracastView
2016-12-14 10:54 - 2016-07-16 13:47 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2016-12-14 10:54 - 2016-07-16 13:47 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2016-12-14 10:54 - 2016-07-16 08:04 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2016-12-14 10:54 - 2015-10-30 09:24 - 00000000 ___HD C:\WINDOWS\system32\GroupPolicy
2016-12-13 23:27 - 2016-07-17 01:34 - 00000000 ___HD C:\$WINDOWS.~BT
2016-12-13 13:55 - 2015-10-30 09:19 - 00635904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqsnap.dll
2016-12-13 13:55 - 2015-10-30 09:19 - 00014848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqcertui.dll
 
==================== Files in the root of some directories =======
 
2016-12-14 10:53 - 2016-12-14 10:53 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
 
Some files in TEMP:
====================
C:\Users\Joni\AppData\Local\Temp\flashplayer24_xa_install.exe
C:\Users\Joni\AppData\Local\Temp\FoxitUpdater.exe
 
 
==================== Bamital & volsnap ======================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
 
LastRegBack: 2016-12-14 10:52
 
==================== End of FRST.txt ============================
 
 
 
 
 
 
 
 
 
 
 
addition.txt:
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 07-12-2016
Ran by Joni (14-12-2016 16:21:52)
Running from F:\DropBox\Softaa
Windows 10 Pro Version 1607 (X64) (2016-12-14 08:58:49)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-1728596040-986643569-3976350010-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1728596040-986643569-3976350010-503 - Limited - Disabled)
Guest (S-1-5-21-1728596040-986643569-3976350010-501 - Limited - Disabled)
Joni (S-1-5-21-1728596040-986643569-3976350010-1001 - Administrator - Enabled) => C:\Users\Joni
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avast Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: Avast Antivirus (Enabled) {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
Age of Mythology: Extended Edition (HKLM\...\Steam App 266840) (Version:  - SkyBox Labs)
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 9.0.000.8 - Advanced Micro Devices, Inc.)
Another Brick in the Mall (HKLM\...\Steam App 521150) (Version:  - The Quadsphere)
Apple Mobile Device Support (HKLM\...\{55BB2110-FB43-49B3-93F4-945A0CFB0A6C}) (Version: 10.0.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
Applen ohjelmatuki (32-bittinen) (HKLM-x32\...\{D079CAAD-0C31-47A2-9AF5-A82F9CD9B221}) (Version: 5.2 - Apple Inc.)
Applen ohjelmatuki (64-bittinen) (HKLM\...\{64E6007B-1DA9-42CD-BBE4-D5FA67A7C71D}) (Version: 5.2 - Apple Inc.)
Audacity 2.1.2 (HKLM-x32\...\Audacity®_is1) (Version: 2.1.2 - Audacity Team)
Avast Internet Security (HKLM-x32\...\Avast) (Version: 12.3.2280 - AVAST Software)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
BS.Player FREE (HKLM-x32\...\BSPlayerf) (Version: 2.70.1080 - AB Team, d.o.o.)
Catalyst Control Center Next Localization BR (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization BR (Version: 2016.1204.1136.20853 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (Version: 2016.1204.1136.20853 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (Version: 2016.1204.1136.20853 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (Version: 2016.1204.1136.20853 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (Version: 2016.1204.1136.20853 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (Version: 2016.1204.1136.20853 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (Version: 2016.1204.1136.20853 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (Version: 2016.1204.1136.20853 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (Version: 2016.1204.1136.20853 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (Version: 2016.1204.1136.20853 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (Version: 2016.1204.1136.20853 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (Version: 2016.1204.1136.20853 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (Version: 2016.1204.1136.20853 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (Version: 2016.1204.1136.20853 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (Version: 2016.1204.1136.20853 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (Version: 2016.1204.1136.20853 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (Version: 2016.1204.1136.20853 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (Version: 2016.1204.1136.20853 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (Version: 2016.1204.1136.20853 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (Version: 2016.1204.1136.20853 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (Version: 2016.1204.1136.20853 - Advanced Micro Devices, Inc.) Hidden
Driver Booster 4.1 (HKLM-x32\...\Driver Booster_is1) (Version: 4.1.0 - IObit)
Driver Easy 5.1.5 (HKLM\...\DriverEasy_is1) (Version: 5.1.5 - Easeware)
Dropbox (HKLM-x32\...\Dropbox) (Version: 16.4.29 - Dropbox, Inc.)
Dropbox Update Helper (x32 Version: 1.3.59.1 - Dropbox, Inc.) Hidden
EA SPORTS™ FIFA 15 (HKLM-x32\...\{3D4ADA2B-F028-4307-ADF4-6F9AA44725DA}) (Version: 1.8.0.0 - Electronic Arts)
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 8.1.4.1208 - Foxit Software Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 55.0.2883.87 - Google Inc.)
Google Update Helper (x32 Version: 1.3.21.169 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.31.5 - Google Inc.) Hidden
Grand Theft Auto V (HKLM\...\Steam App 271590) (Version:  - Rockstar North)
IObit Uninstaller (HKLM-x32\...\IObitUninstall) (Version: 5.0.3.171 - IObit)
iTunes (HKLM\...\{81C96689-EA5B-4B7D-A04F-16326EC51BC2}) (Version: 12.5.4.42 - Apple Inc.)
Java 8 Update 111 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180111F0}) (Version: 8.0.1110.14 - Oracle Corporation)
Java 8 Update 111 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180111F0}) (Version: 8.0.1110.14 - Oracle Corporation)
Java SE Development Kit 8 Update 111 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180111}) (Version: 8.0.1110.14 - Oracle Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50901.0 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Mozilla Firefox 50.1.0 (x86 en-GB) (HKLM-x32\...\Mozilla Firefox 50.1.0 (x86 en-GB)) (Version: 50.1.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 50.1.0.6186 - Mozilla)
Mozilla Thunderbird (3.1.9) (HKLM-x32\...\Mozilla Thunderbird (3.1.9)) (Version: 3.1.9 (fi) - Mozilla)
Notepad++ (32-bit x86) (HKLM-x32\...\Notepad++) (Version: 7.2.2 - Notepad++ Team)
Origin (HKLM-x32\...\Origin) (Version: 9.5.12.2862 - Electronic Arts, Inc.)
paint.net (HKLM\...\{6AC1101E-7561-43C9-BEEA-4AB1D220D8FF}) (Version: 4.0.13 - dotPDN LLC)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7794 - Realtek Semiconductor Corp.)
Rocksmith® 2014 Edition - Remastered (HKLM\...\Steam App 221680) (Version:  - Ubisoft - San Francisco)
RogueKiller version 12.8.5.0 (HKLM\...\8B3D7924-ED89-486B-8322-E8594065D5CB_is1) (Version: 12.8.5.0 - Adlice Software)
SafeZone Stable 1.51.2220.62 (x32 Version: 1.51.2220.62 - Avast Software) Hidden
Spotify (HKU\S-1-5-21-1728596040-986643569-3976350010-1001\...\Spotify) (Version: 1.0.44.100.ga60c0ce1 - Spotify AB)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
TeamViewer 12 (HKLM-x32\...\TeamViewer) (Version: 12.0.71503 - TeamViewer)
Transport Fever (HKLM-x32\...\1720767912_is1) (Version: 2.2.0.5 - GOG.com)
WinRAR 5.21 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.4 - VideoLAN)
Vulkan Run Time Libraries 1.0.26.0 (HKLM\...\VulkanRT1.0.26.0) (Version: 1.0.26.0 - LunarG, Inc.)
 
==================== Custom CLSID (Whitelisted): ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== Scheduled Tasks (Whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {122D8B42-F290-4A32-A3D7-1DDF55601B00} - System32\Tasks\Driver Booster SkipUAC (Joni) => C:\Program Files (x86)\IObit\Driver Booster\4.1.0\DriverBooster.exe [2016-11-25] (IObit)
Task: {12712988-3408-424E-8D2A-5A1E581DACA9} - System32\Tasks\Uninstaller_SkipUac_Joni => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe [2015-08-25] (IObit)
Task: {1854D691-FA25-41B9-A84C-48C7CFC7917A} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2016-02-23] (Apple Inc.)
Task: {1D2542FE-E78E-4CD4-B987-9F02357AC6E4} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [2016-12-04] (Advanced Micro Devices, Inc.)
Task: {21C95C0F-3F2B-4A83-9F2E-A085F41BD5C4} - System32\Tasks\SafeZone scheduled Autoupdate 1481630714 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe [2016-09-06] (Avast Software)
Task: {3F40983E-56EB-4D26-B8D1-A1F4F2A9133D} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-12-13] (Google Inc.)
Task: {6649EF36-D257-4BCB-BFCC-9BC220D2F95C} - System32\Tasks\Driver Easy Scheduled Scan => C:\Program Files\Easeware\DriverEasy\DriverEasy.exe [2016-12-12] (Easeware)
Task: {7FF254ED-55FF-4790-8838-05C66E867737} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-12-14] (Dropbox, Inc.)
Task: {D4271253-A3A0-4A65-B1D0-656BD723F878} - System32\Tasks\Driver Booster Scheduler => C:\Program Files (x86)\IObit\Driver Booster\4.1.0\Scheduler.exe [2016-11-21] (IObit)
Task: {DD6F3A7C-35B1-45E0-83DD-7D9078CA11EB} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-12-13] (Google Inc.)
Task: {F83F3314-06FC-4F85-9C18-C5C614887A38} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2016-12-13] (AVAST Software)
Task: {FE5AD8E5-7E94-4A9B-9833-6478C5C01E5C} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-12-14] (Dropbox, Inc.)
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\Windows\explorer.exe
Task: C:\WINDOWS\Tasks\Driver Easy Scheduled Scan.job => C:\Program Files\Easeware\DriverEasy\DriverEasy.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\Startup Analyser.job => C:\Program Files (x86)\Greatis\RegRunSuite\TrojanAnalyser.exe
Task: C:\WINDOWS\Tasks\UnHackMe Task Scheduler.job => C:\Program Files (x86)\UnHackMe\hackmon.exe$(Arg0)Greatis Software, LLC.?Part of RegRun Suite/UnHackMe software. hxxp:/www.greatis.com
Task: C:\WINDOWS\Tasks\Uninstaller_SkipUac_Joni.job => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe
 
==================== Shortcuts =============================
 
(The entries could be listed to be restored or removed.)
 
==================== Loaded Modules (Whitelisted) ==============
 
2016-07-16 13:42 - 2016-07-16 13:42 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-07-16 13:42 - 2016-07-16 13:42 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-07-16 13:42 - 2016-07-16 13:42 - 02681200 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2016-09-14 22:30 - 2016-09-14 22:30 - 00014336 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll
2016-09-14 22:30 - 2016-09-14 22:30 - 00739840 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll
2016-09-14 22:30 - 2016-09-14 22:30 - 00014336 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll
2016-09-14 22:30 - 2016-09-14 22:30 - 00071168 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll
2016-09-14 22:30 - 2016-09-14 22:30 - 00011776 _____ () C:\Program Files\AMD\CNext\CNext\libEGL.dll
2016-09-14 22:30 - 2016-09-14 22:30 - 02013696 _____ () C:\Program Files\AMD\CNext\CNext\libGLESv2.dll
2016-09-14 22:30 - 2016-09-14 22:30 - 00191488 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Dialogs\dialogplugin.dll
2016-07-16 13:42 - 2016-07-16 13:42 - 02681200 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll
2016-12-14 11:04 - 2016-12-14 11:04 - 01864384 _____ () C:\Users\Joni\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\amd64\ClientTelemetry.dll
2016-07-16 13:42 - 2016-07-16 13:42 - 00130048 _____ () C:\WINDOWS\SYSTEM32\CHARTV.dll
2016-11-27 19:55 - 2016-11-27 19:55 - 00230064 _____ () C:\Program Files (x86)\Notepad++\NppShell_06.dll
2016-07-16 13:42 - 2016-07-16 13:42 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2016-07-16 13:43 - 2016-07-16 13:43 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2016-07-17 00:57 - 2016-07-17 00:57 - 00071168 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.4.86.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2016-07-17 00:57 - 2016-07-17 00:57 - 00157184 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.4.86.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2016-07-17 00:57 - 2016-07-17 00:57 - 29443072 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.4.86.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2016-07-16 13:43 - 2016-07-17 00:53 - 09761280 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-07-16 13:43 - 2016-07-17 00:53 - 01400320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-07-16 13:43 - 2016-07-17 00:53 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2016-07-16 13:43 - 2016-07-17 00:53 - 02438144 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-07-16 13:43 - 2016-07-17 00:53 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2016-11-17 01:28 - 2016-11-17 01:28 - 00092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2016-11-17 01:28 - 2016-11-17 01:28 - 01353528 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2016-07-17 00:58 - 2016-07-17 00:58 - 00017408 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.511.8780.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
2016-07-17 00:58 - 2016-07-17 00:58 - 12473856 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.511.8780.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll
2016-07-16 13:43 - 2016-07-17 00:54 - 03378528 _____ () C:\Windows\SystemApps\Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy\ContentDeliveryManager.Background.dll
2016-07-16 13:43 - 2016-07-17 00:54 - 02263904 _____ () C:\Windows\SystemApps\Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy\ContentManagementSDK.dll
2016-12-13 14:01 - 2016-12-13 14:01 - 00169064 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2016-12-13 22:57 - 2016-12-13 22:57 - 03131344 _____ () C:\Program Files\AVAST Software\Avast\defs\16121302\algo.dll
2016-12-13 14:01 - 2016-12-13 14:01 - 00482928 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll
2016-12-14 14:06 - 2016-12-14 14:06 - 03131344 _____ () C:\Program Files\AVAST Software\Avast\defs\16121401\algo.dll
2016-12-13 14:26 - 2015-08-25 14:54 - 00622880 _____ () C:\Program Files (x86)\IObit\LiveUpdate\ProductStatistics.dll
2016-12-13 14:33 - 2016-12-13 14:33 - 02493440 _____ () H:\Origin\libGLESv2.dll
2016-12-13 14:26 - 2015-08-25 14:54 - 00348960 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\madExcept_.bpl
2016-12-13 14:26 - 2015-08-25 14:54 - 00183584 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\madBasic_.bpl
2016-12-13 14:26 - 2015-08-25 14:54 - 00050976 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\madDisAsm_.bpl
2016-12-13 15:03 - 2016-12-08 17:13 - 00656160 _____ () H:\Steam\SDL2.dll
2016-12-13 15:03 - 2016-09-01 03:02 - 04969248 _____ () H:\Steam\v8.dll
2016-12-13 15:03 - 2016-12-09 22:48 - 02322720 _____ () H:\Steam\video.dll
2016-12-13 15:03 - 2016-01-27 09:49 - 02549760 _____ () H:\Steam\libavcodec-56.dll
2016-12-13 15:03 - 2016-01-27 09:49 - 00491008 _____ () H:\Steam\libavformat-56.dll
2016-12-13 15:03 - 2016-01-27 09:49 - 00332800 _____ () H:\Steam\libavresample-2.dll
2016-12-13 15:03 - 2016-01-27 09:49 - 00442880 _____ () H:\Steam\libavutil-54.dll
2016-12-13 15:03 - 2016-01-27 09:49 - 00485888 _____ () H:\Steam\libswscale-3.dll
2016-12-13 15:03 - 2016-09-01 03:02 - 01563936 _____ () H:\Steam\icui18n.dll
2016-12-13 15:03 - 2016-09-01 03:02 - 01195296 _____ () H:\Steam\icuuc.dll
2016-12-13 15:03 - 2016-12-09 22:48 - 00838432 _____ () H:\Steam\bin\chromehtml.DLL
2016-12-13 15:03 - 2016-07-05 00:17 - 00266560 _____ () H:\Steam\openvr_api.dll
2016-12-13 15:03 - 2016-12-05 18:21 - 67304736 _____ () H:\Steam\bin\cef\cef.win7\libcef.dll
2016-12-13 15:03 - 2016-12-09 22:48 - 00388384 _____ () H:\Steam\steam.dll
2016-12-13 14:02 - 2016-12-13 14:02 - 48936448 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2016-12-13 14:16 - 2016-11-11 22:36 - 00035792 _____ () C:\Program Files (x86)\Dropbox\Client\_multiprocessing.pyd
2016-12-13 14:16 - 2016-11-11 22:36 - 00100296 _____ () C:\Program Files (x86)\Dropbox\Client\_ctypes.pyd
2016-12-13 14:16 - 2016-11-11 22:36 - 00018888 _____ () C:\Program Files (x86)\Dropbox\Client\select.pyd
2016-12-13 14:16 - 2016-12-12 16:17 - 00019760 _____ () C:\Program Files (x86)\Dropbox\Client\tornado.speedups.pyd
2016-12-13 14:16 - 2016-11-11 22:36 - 00694224 _____ () C:\Program Files (x86)\Dropbox\Client\unicodedata.pyd
2016-12-13 14:16 - 2016-12-12 16:16 - 00020816 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._constant_time.pyd
2016-12-13 14:16 - 2016-11-11 22:37 - 00123856 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_backend.pyd
2016-12-13 14:16 - 2016-12-12 16:16 - 01682760 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._openssl.pyd
2016-12-13 14:16 - 2016-12-12 16:16 - 00020808 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._padding.pyd
2016-12-13 14:16 - 2016-11-11 22:36 - 00145864 _____ () C:\Program Files (x86)\Dropbox\Client\pyexpat.pyd
2016-12-13 14:16 - 2016-11-11 22:37 - 00019408 _____ () C:\Program Files (x86)\Dropbox\Client\faulthandler.pyd
2016-12-13 14:16 - 2016-11-11 22:36 - 00116688 _____ () C:\Program Files (x86)\Dropbox\Client\pywintypes27.dll
2016-12-13 14:16 - 2016-11-11 22:38 - 00105928 _____ () C:\Program Files (x86)\Dropbox\Client\win32api.pyd
2016-12-13 14:16 - 2016-12-12 16:17 - 00021312 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.crt.compiled._winffi_crt.pyd
2016-12-13 14:16 - 2016-12-12 16:16 - 00052024 _____ () C:\Program Files (x86)\Dropbox\Client\psutil._psutil_windows.pyd
2016-12-13 14:16 - 2016-12-12 16:16 - 00038696 _____ () C:\Program Files (x86)\Dropbox\Client\fastpath.pyd
2016-12-13 14:16 - 2016-11-11 22:36 - 00392144 _____ () C:\Program Files (x86)\Dropbox\Client\pythoncom27.dll
2016-12-13 14:16 - 2016-11-11 22:38 - 00020936 _____ () C:\Program Files (x86)\Dropbox\Client\mmapfile.pyd
2016-12-13 14:16 - 2016-11-11 22:38 - 00024528 _____ () C:\Program Files (x86)\Dropbox\Client\win32event.pyd
2016-12-13 14:16 - 2016-11-11 22:39 - 00116176 _____ () C:\Program Files (x86)\Dropbox\Client\win32security.pyd
2016-12-13 14:16 - 2016-12-12 16:17 - 00381752 _____ () C:\Program Files (x86)\Dropbox\Client\win32com.shell.shell.pyd
2016-12-13 14:16 - 2016-11-11 22:38 - 00124880 _____ () C:\Program Files (x86)\Dropbox\Client\win32file.pyd
2016-12-13 14:16 - 2016-12-12 16:17 - 00025424 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.kernel32.compiled._winffi_kernel32.pyd
2016-12-13 14:16 - 2016-11-11 22:38 - 00024016 _____ () C:\Program Files (x86)\Dropbox\Client\win32clipboard.pyd
2016-12-13 14:16 - 2016-11-11 22:38 - 00175560 _____ () C:\Program Files (x86)\Dropbox\Client\win32gui.pyd
2016-12-13 14:16 - 2016-11-11 22:38 - 00030160 _____ () C:\Program Files (x86)\Dropbox\Client\win32pipe.pyd
2016-12-13 14:16 - 2016-11-11 22:39 - 00043472 _____ () C:\Program Files (x86)\Dropbox\Client\win32process.pyd
2016-12-13 14:16 - 2016-11-11 22:39 - 00048592 _____ () C:\Program Files (x86)\Dropbox\Client\win32service.pyd
2016-12-13 14:16 - 2016-11-11 22:38 - 00057808 _____ () C:\Program Files (x86)\Dropbox\Client\win32evtlog.pyd
2016-12-13 14:16 - 2016-11-11 22:39 - 00024016 _____ () C:\Program Files (x86)\Dropbox\Client\win32profile.pyd
2016-12-13 14:16 - 2016-12-12 16:16 - 00246592 _____ () C:\Program Files (x86)\Dropbox\Client\breakpad.client.windows.handler.pyd
2016-12-13 14:16 - 2016-12-12 16:16 - 00026456 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox.infinite.win.compiled._driverinstallation.pyd
2016-12-13 14:16 - 2016-11-11 22:37 - 00241104 _____ () C:\Program Files (x86)\Dropbox\Client\_jpegtran.pyd
2016-12-13 14:16 - 2016-12-12 16:16 - 00020280 _____ () C:\Program Files (x86)\Dropbox\Client\cpuid.compiled._cpuid.pyd
2016-12-13 14:16 - 2016-11-11 22:39 - 00028616 _____ () C:\Program Files (x86)\Dropbox\Client\win32ts.pyd
2016-12-13 14:16 - 2016-12-12 16:17 - 00023376 _____ () C:\Program Files (x86)\Dropbox\Client\winscreenshot.compiled._CaptureScreenshot.pyd
2016-12-13 14:16 - 2016-12-12 16:17 - 00020800 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.iphlpapi._winffi_iphlpapi.pyd
2016-12-13 14:16 - 2016-12-12 16:17 - 00019776 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winerror._winffi_winerror.pyd
2016-12-13 14:16 - 2016-12-12 16:17 - 00020800 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.wininet._winffi_wininet.pyd
2016-12-13 14:16 - 2016-11-11 22:39 - 00350152 _____ () C:\Program Files (x86)\Dropbox\Client\winxpgui.pyd
2016-12-13 14:16 - 2016-12-12 16:17 - 00022352 _____ () C:\Program Files (x86)\Dropbox\Client\winverifysignature.compiled._VerifySignature.pyd
2016-12-13 14:16 - 2016-12-12 16:16 - 00024392 _____ () C:\Program Files (x86)\Dropbox\Client\librsyncffi.compiled._librsyncffi.pyd
2016-12-13 14:16 - 2016-11-11 22:35 - 00036296 _____ () C:\Program Files (x86)\Dropbox\Client\librsync.dll
2016-12-13 14:16 - 2016-12-12 16:16 - 00031568 _____ () C:\Program Files (x86)\Dropbox\Client\enterprise_data.compiled._enterprise_data.pyd
2016-12-13 14:16 - 2016-12-05 22:07 - 00293392 _____ () C:\Program Files (x86)\Dropbox\Client\EnterpriseDataAdapter.dll
2016-12-13 14:16 - 2016-12-12 16:16 - 00084280 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_sqlite_ext.DLL
2016-12-13 14:16 - 2016-12-12 16:16 - 01826096 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtCore.pyd
2016-12-13 14:16 - 2016-11-11 22:37 - 00083912 _____ () C:\Program Files (x86)\Dropbox\Client\sip.pyd
2016-12-13 14:16 - 2016-12-12 16:16 - 00531248 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtNetwork.pyd
2016-12-13 14:16 - 2016-12-12 16:17 - 03928880 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWidgets.pyd
2016-12-13 14:16 - 2016-12-12 16:16 - 01972528 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtGui.pyd
2016-12-13 14:16 - 2016-12-12 16:17 - 00133424 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKit.pyd
2016-12-13 14:16 - 2016-12-12 16:17 - 00224056 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKitWidgets.pyd
2016-12-13 14:16 - 2016-12-12 16:16 - 00207672 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtPrintSupport.pyd
2016-12-13 14:16 - 2016-12-12 16:17 - 00020288 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.user32._winffi_user32.pyd
2016-12-13 14:16 - 2016-11-11 22:42 - 00017864 _____ () C:\Program Files (x86)\Dropbox\Client\libEGL.dll
2016-12-13 14:16 - 2016-11-11 22:42 - 01631184 _____ () C:\Program Files (x86)\Dropbox\Client\libGLESv2.dll
2016-12-13 14:16 - 2016-12-12 16:16 - 00042808 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebChannel.pyd
2016-12-13 14:16 - 2016-12-12 16:17 - 00171320 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngineWidgets.pyd
2016-12-13 14:16 - 2016-12-12 16:16 - 00357680 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQml.pyd
2016-12-13 14:16 - 2016-11-11 22:39 - 00060880 _____ () C:\Program Files (x86)\Dropbox\Client\win32print.pyd
2016-12-13 14:16 - 2016-12-12 16:17 - 00037192 _____ () C:\Program Files (x86)\Dropbox\Client\windisplaytoast.compiled._DisplayToast.pyd
2016-12-13 14:16 - 2016-12-12 16:17 - 00024904 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winhttp.compiled._winffi_winhttp.pyd
2016-12-13 14:16 - 2016-12-12 16:16 - 00546096 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQuick.pyd
2016-12-13 15:03 - 2015-09-25 01:52 - 00119208 _____ () H:\Steam\winh264.dll
2016-12-13 13:17 - 2011-03-03 20:05 - 00848560 _____ () C:\Program Files (x86)\Mozilla Thunderbird\js3250.dll
2016-12-13 13:17 - 2011-03-03 20:05 - 00161968 _____ () C:\Program Files (x86)\Mozilla Thunderbird\NSLDAP32V60.dll
2016-12-13 13:17 - 2011-03-03 20:05 - 00021680 _____ () C:\Program Files (x86)\Mozilla Thunderbird\NSLDAPPR32V60.dll
2016-12-14 11:04 - 2016-12-14 11:04 - 01383616 _____ () C:\Users\Joni\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\ClientTelemetry.dll
2016-12-13 14:04 - 2016-12-08 09:29 - 01829208 _____ () C:\Program Files (x86)\Google\Chrome\Application\55.0.2883.87\libglesv2.dll
2016-12-13 14:04 - 2016-12-08 09:29 - 00085848 _____ () C:\Program Files (x86)\Google\Chrome\Application\55.0.2883.87\libegl.dll
2016-12-13 17:40 - 2016-12-11 12:37 - 17833560 _____ () C:\Users\Joni\AppData\Local\Google\Chrome\User Data\PepperFlash\24.0.0.186\pepflashplayer.dll
 
==================== Alternate Data Streams (Whitelisted) =========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 
 
==================== Safe Mode (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
 
==================== Association (Whitelisted) ===============
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
 
 
==================== Internet Explorer trusted/restricted ===============
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
 
==================== Hosts content: ===============================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2015-10-30 09:24 - 2015-10-30 09:21 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts
 
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-1728596040-986643569-3976350010-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg
DNS Servers: 192.168.42.129 - 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
HKLM\...\StartupApproved\Run32: => "@RegRunOnSecure"
HKLM\...\StartupApproved\Run32: => "RegRun WinBait"
 
==================== FirewallRules (Whitelisted) ===============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [vm-monitoring-nb-session] => LPort=139
FirewallRules: [{C5FEF7A0-EC3C-4193-8448-E1152ECF20BB}] => I:\Games\SteamApps\common\YNAB 4\YNAB 4.exe
FirewallRules: [{DDE2B974-E82D-4162-A1ED-6C6E19D1D6CA}] => I:\Games\SteamApps\common\YNAB 4\YNAB 4.exe
FirewallRules: [{B55F3B07-E3C6-458B-8B62-F94BC23A63A4}] => I:\Games\FIFA 15\fifasetup\fifaconfig.exe
FirewallRules: [{C0201645-3ABD-429E-B929-EB920CB7EFC9}] => I:\Games\FIFA 15\fifasetup\fifaconfig.exe
FirewallRules: [{57977E90-50DC-40F5-AF84-599056BB82CF}] => I:\Games\SteamApps\common\Rocksmith2014\Rocksmith2014.exe
FirewallRules: [{2B126BC0-F263-4EFA-AE13-28B00AA43769}] => I:\Games\SteamApps\common\Rocksmith2014\Rocksmith2014.exe
FirewallRules: [{6AB96F12-E9DA-437D-BEDE-0D340573BA6E}] => I:\Games\SteamApps\common\Tropico 5\Tropico5Steam.exe
FirewallRules: [{7654DE90-35BB-4F96-95FB-C97DA23263A7}] => I:\Games\SteamApps\common\Tropico 5\Tropico5Steam.exe
FirewallRules: [{F893ACD5-C85D-4670-847A-4AD8881DC8E1}] => I:\Games\SteamApps\common\Valiant Hearts\Valiant Hearts.exe
FirewallRules: [{2C964F57-2CF9-450C-A7F5-3A6BD93F2A70}] => I:\Games\SteamApps\common\Valiant Hearts\Valiant Hearts.exe
FirewallRules: [{DF579B6F-B201-46ED-97C9-0D7A26880A0C}] => I:\Games\SteamApps\common\Runaway A Road Adventure\Video Card Setup.exe
FirewallRules: [{F6CE2493-64B5-41E7-8A27-116E195D9357}] => I:\Games\SteamApps\common\Runaway A Road Adventure\Video Card Setup.exe
FirewallRules: [{974CD25A-0B6B-48F5-B266-82A291ED4C8C}] => I:\Games\SteamApps\common\Runaway A Road Adventure\Runaway.exe
FirewallRules: [{948933DF-E723-4809-9BCF-DA47213EE218}] => I:\Games\SteamApps\common\Runaway A Road Adventure\Runaway.exe
FirewallRules: [{36105B25-A4CD-4B08-BCA6-F2DE354E6CD7}] => I:\Games\SteamApps\common\Sid Meier's Railroads\RailRoads.exe
FirewallRules: [{4192C2EB-AAAA-41A6-B4FD-CB797491761B}] => I:\Games\SteamApps\common\Sid Meier's Railroads\RailRoads.exe
FirewallRules: [{4571146B-DA95-4137-A930-1490E7B6B033}] => I:\Games\SteamApps\common\Super Meat Boy\SuperMeatBoy.exe
FirewallRules: [{7A083798-18A9-4677-A449-E4CC97F6F0FE}] => I:\Games\SteamApps\common\Super Meat Boy\SuperMeatBoy.exe
FirewallRules: [{0BBC80DC-C33B-41A1-A7C9-34A44E5B8438}] => I:\Games\SteamApps\common\Stonehearth\Stonehearth.exe
FirewallRules: [{740780CE-F538-403A-9CB6-F2C3D7E61E31}] => I:\Games\SteamApps\common\Stonehearth\Stonehearth.exe
FirewallRules: [{7F5F5D5C-1AB9-47C3-9260-842661E775EF}] => C:\Program Files\Easeware\DriverEasy\DriverEasy.exe
FirewallRules: [{A14849BD-12BE-4D17-8870-C024B7185AE3}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{D8842386-039A-4A19-8EC2-D15E9A6F2B0D}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{09FF1387-3F80-44B8-9F2E-782DEBCAC2BC}] => C:\Program Files (x86)\IObit\Driver Booster\4.1.0\AutoUpdate.exe
FirewallRules: [{77257D80-41CE-494C-9293-99AAD3A2FE22}] => C:\Program Files (x86)\IObit\Driver Booster\4.1.0\AutoUpdate.exe
FirewallRules: [{E2BCAF46-D642-4645-AAFC-5299BCF170C6}] => C:\Program Files (x86)\IObit\Driver Booster\4.1.0\DBDownloader.exe
FirewallRules: [{18B80792-BA15-455E-8DDB-64FCDA6060D0}] => C:\Program Files (x86)\IObit\Driver Booster\4.1.0\DBDownloader.exe
FirewallRules: [{4A20E676-BACA-42B3-B1AC-29C9E9C46185}] => C:\Program Files (x86)\IObit\Driver Booster\4.1.0\DriverBooster.exe
FirewallRules: [{317244B1-99A9-4F6E-8315-38C049A5C719}] => C:\Program Files (x86)\IObit\Driver Booster\4.1.0\DriverBooster.exe
FirewallRules: [UDP Query User{EFE5B741-4A93-4E86-ADCB-30C1E6E0E43F}I:\games\steamapps\common\godus\windows\godus.exe] => I:\games\steamapps\common\godus\windows\godus.exe
FirewallRules: [TCP Query User{C04DD5C2-7BBD-4DEF-A4B6-DE0C481346FE}I:\games\steamapps\common\godus\windows\godus.exe] => I:\games\steamapps\common\godus\windows\godus.exe
FirewallRules: [{F3284004-55B4-4BD0-9785-910B9D26CF7C}] => H:\Steam\steamapps\common\Age of Mythology\Launcher.exe
FirewallRules: [{A04F6DDF-AC03-4A18-98DB-5FADC6CD4C25}] => H:\Steam\steamapps\common\Age of Mythology\Launcher.exe
FirewallRules: [{25D3955E-7C41-41F9-A550-30066CFB05D2}] => I:\Games\SteamApps\common\Eastside Hockey Manager\ehm.exe
FirewallRules: [{96A7434E-2FFC-460F-AA6A-E2417EC4B7DC}] => I:\Games\SteamApps\common\Eastside Hockey Manager\ehm.exe
FirewallRules: [{0704658F-0D37-4187-BE01-374CC3258C42}] => I:\Games\SteamApps\common\Factorio\bin\x64\factorio.exe
FirewallRules: [{34EFA89A-0552-457A-B024-E332EE88D73F}] => I:\Games\SteamApps\common\Factorio\bin\x64\factorio.exe
FirewallRules: [{19FC15FF-D4B5-4D62-983A-97EC31187A03}] => I:\Games\SteamApps\common\Godus\windows\godus.exe
FirewallRules: [{03B6EB4B-1E16-448E-B6BF-FB8825A7B8C6}] => I:\Games\SteamApps\common\Godus\windows\godus.exe
FirewallRules: [{D9768C70-D9E9-4B3D-869D-A2FE27EC37BA}] => I:\Games\SteamApps\common\Cities_Skylines\Cities.exe
FirewallRules: [{94BC3E8E-C2C7-4633-A60D-53D1DECC8717}] => I:\Games\SteamApps\common\Cities_Skylines\Cities.exe
FirewallRules: [{E5928BF0-3D85-4594-A111-60DA2EB6FAE7}] => I:\Games\SteamApps\common\Another Brick in the Mall\launch.exe
FirewallRules: [{D92235CA-83CF-4F62-A6E1-4FD09E528619}] => I:\Games\SteamApps\common\Another Brick in the Mall\launch.exe
FirewallRules: [{1B15954B-9855-466B-82F9-567257D8211F}] => H:\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{6D574835-C477-41DE-80F0-44BC68E47116}] => H:\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{67515539-63D4-4ED7-8250-5ED2CAA00D17}] => H:\Steam\Steam.exe
FirewallRules: [{AD784B9C-60EB-4CCF-BB90-D1E80E68809B}] => H:\Steam\Steam.exe
FirewallRules: [{DD427379-86E0-4952-98C4-494D8B557FCB}] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
FirewallRules: [{71B52321-AAF2-4C7C-BCF5-4044E7614DB4}] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{33F23778-0D46-4B86-9968-F3F565A5B179}] => I:\Games\SteamApps\common\Age2HD\Launcher.exe
FirewallRules: [{44985C70-A930-4B1D-95EC-4883807E27AD}] => I:\Games\SteamApps\common\Age2HD\Launcher.exe
FirewallRules: [{42CDBFA4-AA47-46F1-BA7B-7DD48DBEBB77}] => C:\SteamGames\steamapps\common\Grand Theft Auto V\GTAVLauncher.exe
FirewallRules: [{6C2D04E2-C10C-4E6D-82E5-EC07D3702173}] => C:\SteamGames\steamapps\common\Grand Theft Auto V\GTAVLauncher.exe
FirewallRules: [{F3730FA1-EB5F-45DE-893C-762474CEB07F}] => C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{29C690A4-1242-495F-B61B-180461698D98}] => C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{86DF4A35-592A-4D61-8D19-DFA890CA80DE}] => C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{54654C3B-B48B-4BCA-8A7E-7E92633253A7}] => C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{3654662A-1573-4076-B15A-FA09B84DDEAF}] => C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{E0BD878C-7AF6-49FC-8B3E-98BD6D724D76}] => C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{EB870DED-4F69-49AE-B02B-294C9650E412}] => C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{8DCE7084-9CE1-467D-9822-BC24E31CF3DF}] => C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{9647D4ED-25A9-4B20-B14C-F7CF54949A24}] => C:\Program Files\iTunes\iTunes.exe
 
==================== Restore Points =========================
 
14-12-2016 11:12:31 RegRun Virus Scan
 
==================== Faulty Device Manager Devices =============
 
Name: LGE Android Phone
Description: LGE Android Phone
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (12/14/2016 02:59:24 PM) (Source: Windows Search Service) (EventID: 3104) (User: )
Description: Enumerating user sessions to generate filter pools failed.
 
Details:
(HRESULT : 0x80040210) (0x80040210)
 
Error: (12/14/2016 01:21:51 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: explorer.exe, version: 10.0.14393.0, time stamp: 0x57898e92
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x028bf5a6
Faulting process ID: 0x2338
Faulting application start time: 0x01d255fc3d1f3ea9
Faulting application path: C:\WINDOWS\SysWoW64\explorer.exe
Faulting module path: unknown
Report ID: dc9b3538-278e-41e2-8b82-55c5ab732adc
Faulting package full name: 
Faulting package-relative application ID:
 
Error: (12/14/2016 11:59:24 AM) (Source: Windows Search Service) (EventID: 3104) (User: )
Description: Enumerating user sessions to generate filter pools failed.
 
Details:
(HRESULT : 0x80040210) (0x80040210)
 
Error: (12/14/2016 11:47:10 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-MPARLL1)
Description: Activation of application Microsoft.WindowsPhone_8wekyb3d8bbwe!CompanionApp.App failed with error: -2147024770 See the Microsoft-Windows-TWinUI/Operational log for additional information.
 
Error: (12/14/2016 11:42:03 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-MPARLL1)
Description: Activation of application Microsoft.WindowsPhone_8wekyb3d8bbwe!CompanionApp.App failed with error: -2147024770 See the Microsoft-Windows-TWinUI/Operational log for additional information.
 
Error: (12/14/2016 11:37:01 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-MPARLL1)
Description: Activation of application Microsoft.WindowsPhone_8wekyb3d8bbwe!CompanionApp.App failed with error: -2147024770 See the Microsoft-Windows-TWinUI/Operational log for additional information.
 
Error: (12/14/2016 11:31:58 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-MPARLL1)
Description: Activation of application Microsoft.WindowsPhone_8wekyb3d8bbwe!CompanionApp.App failed with error: -2147024770 See the Microsoft-Windows-TWinUI/Operational log for additional information.
 
Error: (12/14/2016 11:26:57 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-MPARLL1)
Description: Activation of application Microsoft.WindowsPhone_8wekyb3d8bbwe!CompanionApp.App failed with error: -2147024770 See the Microsoft-Windows-TWinUI/Operational log for additional information.
 
Error: (12/14/2016 11:17:01 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-MPARLL1)
Description: Activation of application Microsoft.WindowsPhone_8wekyb3d8bbwe!CompanionApp.App failed with error: -2147024770 See the Microsoft-Windows-TWinUI/Operational log for additional information.
 
Error: (12/14/2016 11:12:33 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.
 
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol.
 
System Error:
Access is denied.
.
 
 
System errors:
=============
Error: (12/14/2016 03:09:25 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: The Foxit Reader Service service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.
 
Error: (12/14/2016 11:08:22 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
 and APPID 
{F72671A9-012C-4725-9D2F-2A4D32D65169}
 to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
 
Error: (12/14/2016 11:00:56 AM) (Source: Microsoft-Windows-NDIS) (EventID: 10317) (User: NT AUTHORITY)
Description: Miniport Remote NDIS based Internet Sharing Device, {F3E6B7A7-2586-4FA8-8A2D-BEAA8BBC00BD}, had event 76
 
Error: (12/14/2016 11:00:50 AM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\WINDOWS\SysWow64\Drivers\regguard.sys
 
Error: (12/14/2016 10:58:27 AM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: The BranchCache service terminated with the following service-specific error: 
This program is blocked by group policy. For more information, contact your system administrator.
 
Error: (12/14/2016 10:58:22 AM) (Source: NETLOGON) (EventID: 3095) (User: )
Description: This computer is configured as a member of a workgroup, not as
a member of a domain. The Netlogon service does not need to run in this
configuration.
 
Error: (12/14/2016 10:57:38 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Computer Browser service depends on the Workstation service which failed to start because of the following error: 
The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
 
Error: (12/14/2016 10:57:38 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Computer Browser service depends on the Workstation service which failed to start because of the following error: 
The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
 
Error: (12/14/2016 10:57:38 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Computer Browser service depends on the Workstation service which failed to start because of the following error: 
The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
 
Error: (12/14/2016 10:57:38 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Computer Browser service depends on the Workstation service which failed to start because of the following error: 
The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
 
 
==================== Memory info =========================== 
 
Processor: Intel® Core™ i5-3570K CPU @ 3.40GHz
Percentage of memory in use: 46%
Total physical RAM: 8157.06 MB
Available physical RAM: 4347.91 MB
Total Virtual: 10077.06 MB
Available Virtual: 5650.05 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:417.81 GB) (Free:305.12 GB) NTFS
Drive d: (System Reserved) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive f: (Iomega) (Fixed) (Total:465.76 GB) (Free:283.72 GB) NTFS
Drive h: () (Fixed) (Total:292.87 GB) (Free:288.59 GB) NTFS
Drive i: (Games) (Fixed) (Total:439.45 GB) (Free:126.12 GB) NTFS
Drive j: () (Fixed) (Total:199.09 GB) (Free:128.02 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: D3020AE7)
Partition 1: (Active) - (Size=500 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=417.8 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=450 MB) - (Type=27)
Partition 4: (Not Active) - (Size=450 MB) - (Type=27)
 
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: D4CAE167)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=292.9 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=439.5 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=199.1 GB) - (Type=07 NTFS)
 
========================================================
Disk: 2 (MBR Code: Windows XP) (Size: 465.8 GB) (Disk ID: CB4A53FB)
Partition 1: (Not Active) - (Size=465.8 GB) - (Type=07 NTFS)
 
==================== End of Addition.txt ============================

 



BC AdBot (Login to Remove)

 


#2 HelpBot

HelpBot

    Bleepin' Binary Bot


  • Bots
  • 12,576 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:12:10 PM

Posted 19 December 2016 - 10:00 AM

Hello and welcome to Bleeping Computer!

I am HelpBot: an automated program designed to help the Bleeping Computer Staff better assist you! This message contains very important information, so please read through all of it before doing anything.

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.

To help Bleeping Computer better assist you please perform the following steps:

***************************************************

step1.gif In order to continue receiving help at BleepingComputer.com, YOU MUST tell me if you still need help or if your issue has already been resolved on your own or through another resource! To tell me this, please click on the following link and follow the instructions there.

CLICK THIS LINK >>> https://www.bleepingcomputer.com/logreply/634794 <<< CLICK THIS LINK



If you no longer need help, then all you needed to do was the previous instructions of telling me so. You can skip the rest of this post. If you do need help please continue with Step 2 below.

***************************************************

step2.gifIf you still need help, I would like you to post a Reply to this topic (click the "Add Reply" button in the lower right hand of this page). In that reply, please include the following information:

  • If you have not done so already, include a clear description of the problems you're having, along with any steps you may have performed so far.
  • A new FRST log. For your convenience, you will find the instructions for generating these logs repeated at the bottom of this post.
    • Please do this even if you have previously posted logs for us.
    • If you were unable to produce the logs originally please try once more.
    • If you are unable to create a log please provide detailed information about your installed Windows Operating System including the Version, Edition and if it is a 32bit or a 64bit system.
    • If you are unsure about any of these characteristics just post what you can and we will guide you.
  • Please tell us if you have your original Windows CD/DVD available.
  • Upon completing the above steps and posting a reply, another staff member will review your topic and do their best to resolve your issues.

Thank you for your patience, and again sorry for the delay.

***************************************************

We need to see some information about what is happening in your machine. Please perform the following scan again:

  • Download FRST by Farbar from the following link if you no longer have it available and save it to your destop.

    FRST Download Link

  • When you go to the above page, there will be 32-bit and 64-bit downloads available. Please click on the appropriate one for your version of Windows. If you are unsure as to whether your Windows is 32-bit or 64-bit, please see this tutorial.
  • Double click on the FRST icon and allow it to run.
  • Agree to the usage agreement and FRST will open. Do not make any changes and click on the Scan button.
  • Notepad will open with the results.
  • Post the new logs as explained in the prep guide.
  • Close the program window, and delete the program from your desktop.


As I am just a silly little program running on the BleepingComputer.com servers, please do not send me private messages as I do not know how to read and reply to them! Thanks!

#3 HelpBot

HelpBot

    Bleepin' Binary Bot


  • Bots
  • 12,576 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:12:10 PM

Posted 19 December 2016 - 05:19 PM

You have stated that you no longer need help with this issue, therefore I am closing this topic. If that is not the case and you need or wish to continue with this topic, please send any Moderator a Personal Message (PM) that you would like this topic re-opened.

As I am just a silly little program running on the BleepingComputer.com servers, please do not send me private messages as I do not know how to read and reply to them! Thanks!





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users