Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

1 pc slow internet


  • This topic is locked This topic is locked
35 replies to this topic

#1 acadburn

acadburn

  • Members
  • 26 posts
  • OFFLINE
  •  
  • Local time:11:17 AM

Posted 05 September 2017 - 06:13 PM

boopme (mod) said this fit here better

https://www.bleepingcomputer.com/forums/t/656197/slow-internet-1-pc-only/       <---- original post

 

 

Problem

 I have many devices at my house (2 laptops, 4 Kindles 2 rokus 2 cell phones and my Desktop)  Any device i have ran a speed test on WIFI (all but 1 of the Roku's which is hard wired) have between 20 and 30mb download and from 7 to 12MB upload speeds..... Except my desktop. When i run a speed test on it currently is at 1mb down and 300kb upload (this is an improvement over what i was getting.

 

System Specs

Windows 7 Home premium 

8GB Ram

128GB Samsung EVO SSD

500 GB WD Green series HD

-amd FX 6300 processor (black edition)

-Radeon MSI RX 470 4gb Video Card

          (I am running 4 monitors 2 27" 1 28" and 1 21")

Logitech G15 Keyboard (old style)

World of Warcraft Mouse (old Style)

 

-WIFI card 1 Gigabyte GN-WP01gs PCI WLAN card (Turbo)   (old but has never let me down before)

-WIFI card 2 Marvell Yukon 88e8059 PIC-E Gigabit Ethernet Controller (NEW USB style wifi device)

(originally was overclocked 19.5x multiplier with 222 Clock)  

 

 

What I have tried Thus Far.

I have changed WIFI adapters to my USB and back to the Gigabyte WIFI card

I have bought a new wireless router and swapped it out thinking the old one was having issues (No changes)

changed channels from 5 to 11 and back

i have 65 - 70db of siginal (there are other people on the same channels but i live in a house and their signal is rather week compared to mine)

Stopped overclocking  (have put the multiplayer back in)

briefly disabled firewall

briefly disabled antivirus

ipconfig /release  <----   This combo got me from 300kbbps to 1.1mbps

ipconfig /renew     <----

ipconfig /flushdns <----

netsh int tcp set global autotuninglevel=normal

netsh interface tcp set heuristics disabled

 

Software Ran

CC cleaner

Combo Fix

Hitman pro

Anti Virus

Malware bytes

 

Other things i have done

Used google chrome Firefox and IE.... ya i still had an old version of that

tried running both wifi cards at 1ce.... speed still stayed the same didnt double eg 1mb per card

tried differnt times of day eg noon 2 am etc

tried a download from Steam (abt 350kbbps)

 

There are no yellow boxes in device manager except when i plug in my phone to charge then i have an unknown USB device

checked my internet usage in Task-manager then networking nothing is stealing bandwidth that i can see i'm usually showing less than 2% ussage

tried killing all applications running in the background

 

**Note i am only about 15feet away from my router... but i do not have a long enough Ethernet cord to reach my pc even for a test.....

**Note I have run the speed tests with no other devices actively doing something on my network and with them doing things on my network (dose not seem to affect my desktops speed)

**Note I did recently install new hardware AMD 6300 and the Video card however the problem persisted b4 they were installed

 

If there is anything i have missed ill be sure to update you as i can think of it / when you request more information

 

Thank you in advance even if all you did was read this HUGE post!

 

 

 

posts for minitoolbox

speccy

can be found in the previous post as well

 

Attached Files



BC AdBot (Login to Remove)

 


#2 HelpBot

HelpBot

    Bleepin' Binary Bot


  • Bots
  • 12,769 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:01:17 PM

Posted 10 September 2017 - 06:15 PM

Hello and welcome to Bleeping Computer!

I am HelpBot: an automated program designed to help the Bleeping Computer Staff better assist you! This message contains very important information, so please read through all of it before doing anything.

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.

To help Bleeping Computer better assist you please perform the following steps:

***************************************************

step1.gif In order to continue receiving help at BleepingComputer.com, YOU MUST tell me if you still need help or if your issue has already been resolved on your own or through another resource! To tell me this, please click on the following link and follow the instructions there.

CLICK THIS LINK >>> https://www.bleepingcomputer.com/logreply/656394 <<< CLICK THIS LINK



If you no longer need help, then all you needed to do was the previous instructions of telling me so. You can skip the rest of this post. If you do need help please continue with Step 2 below.

***************************************************

step2.gifIf you still need help, I would like you to post a Reply to this topic (click the "Add Reply" button in the lower right hand of this page). In that reply, please include the following information:

  • If you have not done so already, include a clear description of the problems you're having, along with any steps you may have performed so far.
  • A new FRST log. For your convenience, you will find the instructions for generating these logs repeated at the bottom of this post.
    • Please do this even if you have previously posted logs for us.
    • If you were unable to produce the logs originally please try once more.
    • If you are unable to create a log please provide detailed information about your installed Windows Operating System including the Version, Edition and if it is a 32bit or a 64bit system.
    • If you are unsure about any of these characteristics just post what you can and we will guide you.
  • Please tell us if you have your original Windows CD/DVD available.
  • Upon completing the above steps and posting a reply, another staff member will review your topic and do their best to resolve your issues.

Thank you for your patience, and again sorry for the delay.

***************************************************

We need to see some information about what is happening in your machine. Please perform the following scan again:

  • Download FRST by Farbar from the following link if you no longer have it available and save it to your destop.

    FRST Download Link

  • When you go to the above page, there will be 32-bit and 64-bit downloads available. Please click on the appropriate one for your version of Windows. If you are unsure as to whether your Windows is 32-bit or 64-bit, please see this tutorial.
  • Double click on the FRST icon and allow it to run.
  • Agree to the usage agreement and FRST will open. Do not make any changes and click on the Scan button.
  • Notepad will open with the results.
  • Post the new logs as explained in the prep guide.
  • Close the program window, and delete the program from your desktop.


As I am just a silly little program running on the BleepingComputer.com servers, please do not send me private messages as I do not know how to read and reply to them! Thanks!

#3 HelpBot

HelpBot

    Bleepin' Binary Bot


  • Bots
  • 12,769 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:01:17 PM

Posted 15 September 2017 - 06:20 PM

Hello again!

I haven't heard from you in 5 days. Therefore, I am going to assume that you no longer need our help, and close this topic.

If you do still need help, please send a Private Message to any Moderator within the next five days. Be sure to include a link to your topic in your Private Message.

Thank you for using Bleeping Computer, and have a great day!

#4 acadburn

acadburn
  • Topic Starter

  • Members
  • 26 posts
  • OFFLINE
  •  
  • Local time:11:17 AM

Posted 16 September 2017 - 11:32 AM

FRST.TXT

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 16-09-2017
Ran by big red (administrator) on BIGRED-PC (15-09-2017 22:05:34)
Running from C:\Users\big red\Downloads
Loaded Profiles: big red (Available Profiles: big red)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(Bitdefender) C:\Program Files\Bitdefender\Antivirus Free Edition\gzserv.exe
(Bitdefender) C:\Program Files\Bitdefender\Antivirus Free Edition\gziface.exe
(Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe
(Microsoft Corporation) C:\ProgramData\SOLIDWORKS Electrical\MSSQL11.TEW_SQLEXPRESS\MSSQL\Binn\sqlservr.exe
() C:\Windows\DAODx.exe
(Greenshot) C:\Program Files\Greenshot\Greenshot.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Rainmeter) C:\Program Files\Rainmeter\Rainmeter.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(SteelSeries) C:\Program Files (x86)\SteelSeries\World of Warcraft MMO Gaming Mouse\WoWMHID.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDMedia.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDCountdown.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDClock.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDPOP3.exe
(SteelSeries) C:\Program Files (x86)\SteelSeries\World of Warcraft MMO Gaming Mouse\WoWMTray.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Samsung Electronics.) C:\Program Files (x86)\Samsung Magician\Samsung Magician.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intuit Inc.) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
(Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
(Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Farbar) C:\Users\big red\Downloads\FRST64 (1).exe
 
==================== Registry (Whitelisted) ====================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [Greenshot] => C:\Program Files\Greenshot\Greenshot.exe [495616 2014-05-12] (Greenshot)
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [12697368 2014-10-14] (Logitech Inc.)
HKLM-x32\...\Run: [SteelSeries World of Warcraft MMO Gaming Mouse] => C:\Program Files (x86)\SteelSeries\World of Warcraft MMO Gaming Mouse\WoWMHID.exe [1651200 2011-08-18] (SteelSeries)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-07-21] (Oracle Corporation)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [3487032 2017-09-06] (Dropbox, Inc.)
HKU\S-1-5-21-1497550341-3238969554-3758295579-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [6482200 2014-09-26] (Piriform Ltd)
HKU\S-1-5-21-1497550341-3238969554-3758295579-1000\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.)
HKU\S-1-5-21-1497550341-3238969554-3758295579-1000\...\Policies\Explorer: [] 
HKU\S-1-5-21-1497550341-3238969554-3758295579-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Ribbons.scr [241664 2010-11-20] (Microsoft Corporation)
Startup: C:\Users\big red\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Rainmeter.lnk [2017-05-22]
ShortcutTarget: Rainmeter.lnk -> C:\Program Files\Rainmeter\Rainmeter.exe (Rainmeter)
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{509412EB-D32D-4521-8F1F-BA5708BA5EDB}: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{68FAA270-B9D8-4FED-ACE7-8E41A47FD64E}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{7BDF3C6D-5F05-4DE5-8D8A-91C57B161F6F}: [DhcpNameServer] 192.168.2.1
 
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-1497550341-3238969554-3758295579-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-1497550341-3238969554-3758295579-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKLM-x32 -> DefaultScope {20B9D1AE-AD1A-38B4-87FE-AF278DA9861D} URL = 
SearchScopes: HKU\S-1-5-21-1497550341-3238969554-3758295579-1000 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-1497550341-3238969554-3758295579-1000 -> {AD54EC0D-4014-4941-941B-A07EE8977E4F} URL = hxxps://search.yahoo.com/search?p={searchTerms}&intl=us&fr=yset_ie_syc_oracle&type=orcl_default&partnerexternal-oracle=external-oracle
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_144\bin\ssv.dll [2017-08-06] (Oracle Corporation)
BHO-x32: Evernote extension -> {92EF2EAD-A7CE-4424-B0DB-499CF856608E} -> C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll [2014-08-26] (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_144\bin\jp2ssv.dll [2017-08-06] (Oracle Corporation)
 
FireFox:
========
FF ProfilePath: C:\Users\big red\AppData\Roaming\Mozilla\Firefox\Profiles\9rep5mpm.default [2017-09-15]
FF DefaultSearchEngine: Mozilla\Firefox\Profiles\9rep5mpm.default -> Google
FF DefaultSearchEngine.US: Mozilla\Firefox\Profiles\9rep5mpm.default -> Google
FF Homepage: Mozilla\Firefox\Profiles\9rep5mpm.default -> www.google.com
FF Extension: (Search and New Tab by Yahoo) - C:\Users\big red\AppData\Roaming\Mozilla\Firefox\Profiles\9rep5mpm.default\Extensions\jid1-16aeif9OQIRKxA@jetpack.xpi [2017-08-07]
FF Extension: (OfficeX Addon) - C:\Users\big red\AppData\Roaming\Mozilla\Firefox\Profiles\9rep5mpm.default\Extensions\{823489ae-1bf8-4403-acdd-ea1bdc6431da}.xpi [2017-06-30]
FF Extension: (Adblock Plus) - C:\Users\big red\AppData\Roaming\Mozilla\Firefox\Profiles\9rep5mpm.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2017-06-22]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_21_0_0_213.dll [2016-04-21] ()
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_213.dll [2016-04-21] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1213153.dll [2014-06-24] (Adobe Systems, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=11.144.2 -> C:\Program Files (x86)\Java\jre1.8.0_144\bin\dtplugin\npDeployJava1.dll [2017-08-06] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.144.2 -> C:\Program Files (x86)\Java\jre1.8.0_144\bin\plugin2\npjp2.dll [2017-08-06] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-05-02] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-05-02] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-07-31] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1497550341-3238969554-3758295579-1000: @citrixonline.com/appdetectorplugin -> C:\Users\big red\AppData\Local\Citrix\Plugins\104\npappdetector.dll [2014-10-20] (Citrix Online)
FF Plugin HKU\S-1-5-21-1497550341-3238969554-3758295579-1000: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2017-01-06] ()
 
Chrome: 
=======
CHR DefaultProfile: Default
CHR DefaultSearchURL: Default -> hxxps://search.yahoo.com/search?p={searchTerms}&fr=yset_chr_syc_oracle&type=default
CHR DefaultSearchKeyword: Default -> Yahoo
CHR DefaultSuggestURL: Default -> hxxps://search.yahoo.com/sugg/ie?output=fxjson&command={searchTerms}&nResults=10
CHR Profile: C:\Users\big red\AppData\Local\Google\Chrome\User Data\Default [2017-09-15]
CHR Extension: (Video Downloader professional) - C:\Users\big red\AppData\Local\Google\Chrome\User Data\Default\Extensions\elicpjhcidhpjomhibiffojpinpmmpil [2017-08-08]
CHR Extension: (Video Downloader All) - C:\Users\big red\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpaglkhbmbmhlnpnehlffkgaaapoicnk [2017-03-31]
CHR Extension: (Chrome Web Store Payments) - C:\Users\big red\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-08-25]
CHR Extension: (Chrome Media Router) - C:\Users\big red\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-08-08]
CHR Extension: (0aac4dee8f30d10e4125aa050c97587f) - C:\Program Files (x86)\Google\Chrome\Application\0aac4dee8f30d10e4125aa050c97587f [2016-03-21]
CHR HKLM-x32\...\Chrome\Extension: [dofoafnmdocgkdphpkdooahjkhpmakjd] - hxxps://clients2.google.com/service/update2/crx
 
==================== Services (Whitelisted) ====================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S4 AMD FUEL Service; C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe [344064 2015-07-15] (Advanced Micro Devices, Inc.) [File not signed]
S4 cFosSpeedS; C:\Program Files\ASUS\ROG GameFirst\spd.exe [487128 2010-02-08] (cFos Software GmbH)
S4 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-03-17] (Dropbox, Inc.)
S4 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-03-17] (Dropbox, Inc.)
R2 DbxSvc; C:\Windows\system32\DbxSvc.exe [49992 2017-09-06] (Dropbox, Inc.)
S4 DraftSight API Service; C:\Program Files\Dassault Systemes\DraftSight\bin\dsHttpApiService.exe [123904 2015-01-14] (Dassault Systèmes) [File not signed]
S4 EaselLocal; C:\EaselLocal\nssm.exe [294912 2014-08-31] () [File not signed]
R2 gzserv; C:\Program Files\Bitdefender\Antivirus Free Edition\gzserv.exe [79552 2016-03-18] (Bitdefender)
S4 HitmanProScheduler; C:\Program Files\HitmanPro\hmpsched.exe [135496 2016-10-09] (SurfRight B.V.)
R2 MSSQL$TEW_SQLEXPRESS; C:\ProgramData\SOLIDWORKS Electrical\MSSQL11.TEW_SQLEXPRESS\MSSQL\Binn\sqlservr.exe [191064 2012-02-11] (Microsoft Corporation)
S4 PlexUpdateService; C:\Program Files (x86)\Plex\Plex Media Server\Plex Update Service.exe [1919472 2016-12-15] (Plex, Inc.)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [75136 2015-01-11] ()
S4 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
S4 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [4088608 2016-09-21] (Safer-Networking Ltd.) [File not signed]
S4 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [235984 2016-11-24] (Safer-Networking Ltd.) [File not signed]
S4 SQLAgent$TEW_SQLEXPRESS; C:\ProgramData\SOLIDWORKS Electrical\MSSQL11.TEW_SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [597080 2012-02-11] (Microsoft Corporation)
S4 ss_conn_service; C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [754784 2016-01-08] (DEVGURU Co., LTD.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
 
===================== Drivers (Whitelisted) ======================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 AODDriver4.3; C:\Program Files\AMD\ATI.ACE\Fuel\amd64\AODDriver2.sys [59616 2014-02-11] (Advanced Micro Devices)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-13] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [13368 2009-04-06] ()
R0 avc3; C:\Windows\System32\DRIVERS\avc3.sys [718840 2013-04-17] (BitDefender)
U5 avchv; C:\Windows\System32\Drivers\avchv.sys [261056 2015-05-16] (BitDefender)
R3 avckf; C:\Windows\System32\DRIVERS\avckf.sys [593144 2013-04-17] (BitDefender)
R1 bdfwfpf; C:\Program Files\Bitdefender\Antivirus Free Edition\bdfwfpf.sys [121928 2013-07-02] (Bitdefender SRL)
R3 cFosSpeed; C:\Windows\System32\DRIVERS\cfosspeed.sys [1432792 2009-10-12] (cFos Software GmbH)
S3 dg_ssudbus; C:\Windows\System32\DRIVERS\ssudbus.sys [131984 2017-05-18] (Samsung Electronics Co., Ltd.)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-12-31] (Disc Soft Ltd)
R1 gzflt; C:\Windows\System32\DRIVERS\gzflt.sys [148696 2013-04-22] (BitDefender LLC)
R3 Mo3Fltr; C:\Windows\System32\drivers\Mo3Fltr.sys [12800 2010-08-11] ()
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [15416 2009-07-15] ()
S4 RsFx0200; C:\Windows\System32\DRIVERS\RsFx0200.sys [334936 2012-02-11] (Microsoft Corporation)
S3 RT61; C:\Windows\System32\DRIVERS\RT61.sys [445952 2007-07-28] (Ralink Technology, Corp.)
S3 RTL8192cu; C:\Windows\System32\DRIVERS\RTL8192cu.sys [748648 2010-08-12] (Realtek Semiconductor Corporation )
S3 ssudmdm; C:\Windows\System32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd.)
R0 trufos; C:\Windows\System32\DRIVERS\trufos.sys [382536 2013-05-28] (BitDefender S.R.L.)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 dbx; system32\DRIVERS\dbx.sys [X]
S0 hitmanpro37duringboot; system32\drivers\hitmanpro37.sys [X]
S3 WinRing0_1_2_0; \??\C:\Users\big red\Desktop\temp\OpenHardwareMonitor.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2017-09-15 22:04 - 2017-09-15 22:05 - 002398720 _____ (Farbar) C:\Users\big red\Downloads\FRST64 (1).exe
2017-09-11 19:46 - 2017-09-11 19:46 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2017-09-06 05:29 - 2017-09-06 05:29 - 000049992 _____ (Dropbox, Inc.) C:\Windows\system32\DbxSvc.exe
2017-09-06 05:29 - 2017-09-06 05:29 - 000045672 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-dev.sys
2017-09-06 05:29 - 2017-09-06 05:29 - 000045640 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-stable.sys
2017-09-06 05:29 - 2017-09-06 05:29 - 000045640 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-canary.sys
2017-09-04 23:10 - 2017-09-04 23:10 - 000000000 ____D C:\Windows\system32\appraiser
2017-09-04 22:12 - 2017-09-04 22:12 - 000000000 ___HD C:\Program Files (x86)\Microsoft CAPICOM 2.1.0.2
2017-09-04 22:05 - 2017-07-29 09:56 - 000117248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2017-09-04 22:05 - 2017-07-21 09:26 - 000518144 _____ C:\Windows\SysWOW64\msjetoledb40.dll
2017-09-04 22:05 - 2017-07-21 09:26 - 000290816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msjtes40.dll
2017-09-04 22:05 - 2017-07-15 13:35 - 000394448 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2017-09-04 22:05 - 2017-07-15 12:52 - 000346320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2017-09-04 22:05 - 2017-07-14 10:29 - 002319872 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll
2017-09-04 22:05 - 2017-07-14 10:29 - 002222080 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll
2017-09-04 22:05 - 2017-07-14 10:29 - 002058240 _____ (Microsoft Corporation) C:\Windows\system32\Query.dll
2017-09-04 22:05 - 2017-07-14 10:29 - 000778240 _____ (Microsoft Corporation) C:\Windows\system32\mssvp.dll
2017-09-04 22:05 - 2017-07-14 10:29 - 000491520 _____ (Microsoft Corporation) C:\Windows\system32\mssph.dll
2017-09-04 22:05 - 2017-07-14 10:29 - 000486400 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2017-09-04 22:05 - 2017-07-14 10:12 - 000591872 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe
2017-09-04 22:05 - 2017-07-14 10:12 - 000249856 _____ (Microsoft Corporation) C:\Windows\system32\SearchProtocolHost.exe
2017-09-04 22:05 - 2017-07-14 10:10 - 001549824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tquery.dll
2017-09-04 22:05 - 2017-07-14 10:10 - 001400320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssrch.dll
2017-09-04 22:05 - 2017-07-14 10:10 - 001363968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Query.dll
2017-09-04 22:05 - 2017-07-14 10:10 - 000382976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2017-09-04 22:05 - 2017-07-14 10:00 - 000427520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchIndexer.exe
2017-09-04 22:05 - 2017-07-14 02:16 - 002724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2017-09-04 22:05 - 2017-07-14 02:15 - 000004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2017-09-04 22:05 - 2017-07-14 01:49 - 025733632 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2017-09-04 22:05 - 2017-07-14 01:47 - 000066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2017-09-04 22:05 - 2017-07-14 01:45 - 000417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2017-09-04 22:05 - 2017-07-14 01:45 - 000048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2017-09-04 22:05 - 2017-07-14 01:44 - 000576512 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2017-09-04 22:05 - 2017-07-14 01:44 - 000088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2017-09-04 22:05 - 2017-07-14 01:38 - 002899456 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2017-09-04 22:05 - 2017-07-14 01:29 - 000054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2017-09-04 22:05 - 2017-07-14 01:28 - 000034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2017-09-04 22:05 - 2017-07-14 01:22 - 000615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2017-09-04 22:05 - 2017-07-14 01:20 - 000144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2017-09-04 22:05 - 2017-07-14 01:20 - 000116224 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2017-09-04 22:05 - 2017-07-14 01:19 - 000817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2017-09-04 22:05 - 2017-07-14 01:19 - 000814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2017-09-04 22:05 - 2017-07-14 01:08 - 000968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2017-09-04 22:05 - 2017-07-14 01:02 - 000489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2017-09-04 22:05 - 2017-07-14 00:49 - 000077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2017-09-04 22:05 - 2017-07-14 00:48 - 000087552 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2017-09-04 22:05 - 2017-07-14 00:47 - 000107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2017-09-04 22:05 - 2017-07-14 00:42 - 000199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2017-09-04 22:05 - 2017-07-14 00:40 - 000092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2017-09-04 22:05 - 2017-07-14 00:35 - 005981184 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2017-09-04 22:05 - 2017-07-14 00:35 - 000315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2017-09-04 22:05 - 2017-07-14 00:33 - 000152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2017-09-04 22:05 - 2017-07-14 00:16 - 000262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2017-09-04 22:05 - 2017-07-14 00:11 - 000725504 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2017-09-04 22:05 - 2017-07-14 00:10 - 000806912 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2017-09-04 22:05 - 2017-07-14 00:09 - 002132992 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2017-09-04 22:05 - 2017-07-14 00:09 - 001359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2017-09-04 22:05 - 2017-07-13 23:40 - 015254016 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2017-09-04 22:05 - 2017-07-13 23:23 - 003240960 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2017-09-04 22:05 - 2017-07-13 23:07 - 001545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2017-09-04 22:05 - 2017-07-13 22:58 - 000800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2017-09-04 22:05 - 2017-07-13 22:01 - 002724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2017-09-04 22:05 - 2017-07-13 21:54 - 020270080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2017-09-04 22:05 - 2017-07-13 21:48 - 000499200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2017-09-04 22:05 - 2017-07-13 21:48 - 000341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2017-09-04 22:05 - 2017-07-13 21:48 - 000062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2017-09-04 22:05 - 2017-07-13 21:48 - 000047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2017-09-04 22:05 - 2017-07-13 21:47 - 000064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2017-09-04 22:05 - 2017-07-13 21:44 - 002290176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2017-09-04 22:05 - 2017-07-13 21:42 - 000047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2017-09-04 22:05 - 2017-07-13 21:41 - 000030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2017-09-04 22:05 - 2017-07-13 21:39 - 000476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2017-09-04 22:05 - 2017-07-13 21:38 - 000663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2017-09-04 22:05 - 2017-07-13 21:38 - 000620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2017-09-04 22:05 - 2017-07-13 21:38 - 000115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2017-09-04 22:05 - 2017-07-13 21:30 - 000416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2017-09-04 22:05 - 2017-07-13 21:26 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2017-09-04 22:05 - 2017-07-13 21:25 - 000091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2017-09-04 22:05 - 2017-07-13 21:25 - 000073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2017-09-04 22:05 - 2017-07-13 21:23 - 000168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2017-09-04 22:05 - 2017-07-13 21:22 - 000076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2017-09-04 22:05 - 2017-07-13 21:21 - 000279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2017-09-04 22:05 - 2017-07-13 21:20 - 000130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2017-09-04 22:05 - 2017-07-13 21:17 - 004546048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2017-09-04 22:05 - 2017-07-13 21:13 - 000230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2017-09-04 22:05 - 2017-07-13 21:12 - 000693248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2017-09-04 22:05 - 2017-07-13 21:11 - 002057216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2017-09-04 22:05 - 2017-07-13 21:11 - 001155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2017-09-04 22:05 - 2017-07-13 21:09 - 013663744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2017-09-04 22:05 - 2017-07-13 20:53 - 002767872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2017-09-04 22:05 - 2017-07-13 20:50 - 001314816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2017-09-04 22:05 - 2017-07-13 20:48 - 000710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2017-09-04 22:05 - 2017-07-08 10:34 - 000370920 _____ (Microsoft Corporation) C:\Windows\system32\clfs.sys
2017-09-04 22:05 - 2017-07-08 10:00 - 003224064 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2017-09-04 22:05 - 2017-07-07 10:37 - 000631176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2017-09-04 22:05 - 2017-07-07 10:33 - 005547752 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2017-09-04 22:05 - 2017-07-07 10:33 - 000706792 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2017-09-04 22:05 - 2017-07-07 10:33 - 000363752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volmgrx.sys
2017-09-04 22:05 - 2017-07-07 10:33 - 000154856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2017-09-04 22:05 - 2017-07-07 10:31 - 001732864 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2017-09-04 22:05 - 2017-07-07 10:29 - 001460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2017-09-04 22:05 - 2017-07-07 10:29 - 001212928 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2017-09-04 22:05 - 2017-07-07 10:29 - 001163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2017-09-04 22:05 - 2017-07-07 10:29 - 000880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2017-09-04 22:05 - 2017-07-07 10:29 - 000731648 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2017-09-04 22:05 - 2017-07-07 10:29 - 000690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2017-09-04 22:05 - 2017-07-07 10:29 - 000503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2017-09-04 22:05 - 2017-07-07 10:29 - 000463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2017-09-04 22:05 - 2017-07-07 10:29 - 000419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2017-09-04 22:05 - 2017-07-07 10:29 - 000362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2017-09-04 22:05 - 2017-07-07 10:29 - 000345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2017-09-04 22:05 - 2017-07-07 10:29 - 000316928 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2017-09-04 22:05 - 2017-07-07 10:29 - 000312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2017-09-04 22:05 - 2017-07-07 10:29 - 000243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2017-09-04 22:05 - 2017-07-07 10:29 - 000215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2017-09-04 22:05 - 2017-07-07 10:29 - 000210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2017-09-04 22:05 - 2017-07-07 10:29 - 000190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2017-09-04 22:05 - 2017-07-07 10:29 - 000086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2017-09-04 22:05 - 2017-07-07 10:15 - 004001000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2017-09-04 22:05 - 2017-07-07 10:15 - 003945192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2017-09-04 22:05 - 2017-07-07 10:13 - 001314112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2017-09-04 22:05 - 2017-07-07 10:11 - 001114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2017-09-04 22:05 - 2017-07-07 10:11 - 000666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2017-09-04 22:05 - 2017-07-07 10:11 - 000275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2017-09-04 22:05 - 2017-07-07 10:11 - 000261120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2017-09-04 22:05 - 2017-07-07 10:11 - 000254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2017-09-04 22:05 - 2017-07-07 10:11 - 000223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2017-09-04 22:05 - 2017-07-07 10:11 - 000141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2017-09-04 22:05 - 2017-07-07 10:10 - 000690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2017-09-04 22:05 - 2017-07-07 10:10 - 000644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2017-09-04 22:05 - 2017-07-07 10:10 - 000554496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2017-09-04 22:05 - 2017-07-07 10:02 - 000148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2017-09-04 22:05 - 2017-07-07 09:54 - 000291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2017-09-04 22:05 - 2017-07-07 09:54 - 000159744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2017-09-04 22:05 - 2017-07-07 09:54 - 000129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2017-09-04 22:05 - 2017-07-01 08:05 - 001311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msjet40.dll
2017-09-04 22:05 - 2017-07-01 08:05 - 000866816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswdat10.dll
2017-09-04 22:05 - 2017-07-01 08:05 - 000641536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswstr10.dll
2017-09-04 22:05 - 2017-07-01 08:05 - 000616448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrepl40.dll
2017-09-04 22:05 - 2017-07-01 08:05 - 000475648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxbde40.dll
2017-09-04 22:05 - 2017-07-01 08:05 - 000375808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mspbde40.dll
2017-09-04 22:05 - 2017-07-01 08:05 - 000343552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrd3x40.dll
2017-09-04 22:05 - 2017-07-01 08:05 - 000339968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msexcl40.dll
2017-09-04 22:05 - 2017-07-01 08:05 - 000310272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrd2x40.dll
2017-09-04 22:05 - 2017-07-01 08:05 - 000240640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msltus40.dll
2017-09-04 22:05 - 2017-07-01 08:05 - 000144896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msjint40.dll
2017-09-04 22:05 - 2017-07-01 08:05 - 000083968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msjter40.dll
2017-09-04 22:05 - 2017-06-15 15:23 - 000753664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys
2017-09-04 22:05 - 2017-06-12 17:49 - 001363456 _____ (Microsoft Corporation) C:\Windows\system32\wdc.dll
2017-09-04 22:05 - 2017-06-12 17:49 - 000475136 _____ (Microsoft Corporation) C:\Windows\system32\sysmon.ocx
2017-09-04 22:05 - 2017-06-12 17:49 - 000058880 _____ (Microsoft Corporation) C:\Windows\system32\pdhui.dll
2017-09-04 22:05 - 2017-06-12 17:29 - 001227264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdc.dll
2017-09-04 22:05 - 2017-06-12 17:29 - 000390144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sysmon.ocx
2017-09-04 22:05 - 2017-06-12 17:14 - 000379392 _____ (Microsoft Corporation) C:\Windows\system32\msinfo32.exe
2017-09-04 22:05 - 2017-06-12 17:06 - 000303616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msinfo32.exe
2017-09-04 22:05 - 2017-06-10 10:59 - 000313856 _____ (Microsoft Corporation) C:\Windows\system32\Wldap32.dll
2017-09-04 22:05 - 2017-06-10 10:39 - 000271360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Wldap32.dll
2017-09-04 22:05 - 2017-06-09 10:33 - 001680616 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2017-09-04 22:05 - 2017-06-06 10:30 - 001867264 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2017-09-04 22:05 - 2017-06-06 10:12 - 001499648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll
2017-09-04 22:05 - 2017-06-02 03:10 - 000733696 _____ (Microsoft Corporation) C:\Windows\HelpPane.exe
2017-09-04 22:05 - 2017-05-29 23:56 - 001895656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2017-09-04 22:05 - 2017-05-29 23:56 - 000377576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2017-09-04 22:05 - 2017-05-29 23:56 - 000287976 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2017-09-04 22:05 - 2017-05-16 10:35 - 000986856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2017-09-04 22:05 - 2017-05-16 10:35 - 000265448 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2017-09-04 22:05 - 2017-05-12 13:26 - 000382696 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2017-09-04 22:05 - 2017-05-12 13:22 - 000806912 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2017-09-04 22:05 - 2017-05-12 13:22 - 000405504 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2017-09-04 22:05 - 2017-05-12 13:07 - 000308456 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2017-09-04 22:05 - 2017-05-12 13:03 - 000629760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2017-09-04 22:05 - 2017-05-12 13:03 - 000313344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2017-09-04 22:05 - 2017-05-12 11:25 - 001251328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2017-09-04 22:05 - 2017-05-12 10:58 - 001648128 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2017-09-04 22:05 - 2017-05-12 10:58 - 001180160 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2017-09-04 22:05 - 2017-05-10 10:29 - 014183936 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2017-09-04 22:05 - 2017-05-10 10:29 - 003165184 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2017-09-04 22:05 - 2017-05-10 10:29 - 000192512 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2017-09-04 22:05 - 2017-05-10 10:29 - 000098816 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2017-09-04 22:05 - 2017-05-10 10:28 - 000091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2017-09-04 22:05 - 2017-05-10 10:14 - 002651136 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2017-09-04 22:05 - 2017-05-10 10:13 - 000709120 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2017-09-04 22:05 - 2017-05-10 10:13 - 000140288 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2017-09-04 22:05 - 2017-05-10 10:13 - 000037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2017-09-04 22:05 - 2017-05-10 10:13 - 000037888 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2017-09-04 22:05 - 2017-05-10 10:13 - 000036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2017-09-04 22:05 - 2017-05-10 10:13 - 000012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2017-09-04 22:05 - 2017-05-10 10:12 - 012880896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2017-09-04 22:05 - 2017-05-10 10:12 - 000174080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2017-09-04 22:05 - 2017-05-10 10:00 - 000573440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2017-09-04 22:05 - 2017-05-10 10:00 - 000093696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2017-09-04 22:05 - 2017-05-10 10:00 - 000035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2017-09-04 22:05 - 2017-05-10 10:00 - 000030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2017-09-04 22:05 - 2017-05-09 10:30 - 000757248 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2017-09-04 22:05 - 2017-05-09 10:29 - 000970240 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2017-09-04 22:05 - 2017-05-09 10:11 - 000497664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32spl.dll
2017-09-04 22:05 - 2017-05-07 10:33 - 000094440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2017-09-04 22:05 - 2017-04-27 17:50 - 003550208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_47.dll
2017-09-04 22:05 - 2017-04-21 10:34 - 001133568 _____ (Microsoft Corporation) C:\Windows\system32\cdosys.dll
2017-09-04 22:05 - 2017-04-21 10:15 - 000805376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cdosys.dll
2017-09-04 22:05 - 2017-04-17 10:37 - 002065408 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2017-09-04 22:05 - 2017-04-17 10:37 - 000876544 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2017-09-04 22:05 - 2017-04-17 10:37 - 000512000 _____ (Microsoft Corporation) C:\Windows\system32\rpcss.dll
2017-09-04 22:05 - 2017-04-17 10:12 - 001417728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2017-09-04 22:05 - 2017-04-17 10:12 - 000581632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2017-09-04 22:05 - 2017-04-12 10:32 - 001483776 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2017-09-04 22:05 - 2017-04-12 10:32 - 000229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2017-09-04 22:05 - 2017-04-12 10:32 - 000190976 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2017-09-04 22:05 - 2017-04-12 10:32 - 000141824 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2017-09-04 22:05 - 2017-04-12 10:26 - 000179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2017-09-04 22:05 - 2017-04-12 10:25 - 001176064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2017-09-04 22:05 - 2017-04-12 10:25 - 000145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2017-09-04 22:05 - 2017-04-12 10:25 - 000106496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2017-09-04 22:05 - 2017-04-12 08:05 - 004296704 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_47.dll
2017-09-04 22:05 - 2017-04-05 09:55 - 000460800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2017-09-04 22:05 - 2017-04-05 09:55 - 000405504 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2017-09-04 22:05 - 2017-04-05 09:55 - 000168960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2017-09-04 22:05 - 2017-04-04 09:53 - 000496128 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2017-09-04 22:05 - 2017-03-10 11:32 - 001389056 _____ (Microsoft Corporation) C:\Windows\system32\pla.dll
2017-09-04 22:05 - 2017-03-10 11:32 - 000300544 _____ (Microsoft Corporation) C:\Windows\system32\pdh.dll
2017-09-04 22:05 - 2017-03-10 11:20 - 001508352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pla.dll
2017-09-04 22:05 - 2017-03-10 11:20 - 000237056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pdh.dll
2017-09-04 22:05 - 2017-03-10 10:55 - 000205312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fastfat.sys
2017-09-04 22:05 - 2017-03-10 10:55 - 000195584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\exfat.sys
2017-09-04 22:05 - 2017-03-07 09:05 - 000243200 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2017-09-04 22:05 - 2017-03-03 20:27 - 001574912 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2017-09-04 22:05 - 2017-03-03 20:14 - 001329664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2017-09-04 22:05 - 2017-02-09 11:32 - 000769536 _____ (Microsoft Corporation) C:\Windows\system32\samsrv.dll
2017-09-04 22:05 - 2017-02-09 11:31 - 000625664 _____ (Microsoft Corporation) C:\Windows\system32\mscms.dll
2017-09-04 22:05 - 2017-01-18 10:36 - 000994760 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll
2017-09-04 22:05 - 2017-01-18 10:36 - 000063840 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll
2017-09-04 22:05 - 2017-01-18 10:36 - 000020832 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
2017-09-04 22:05 - 2017-01-18 10:36 - 000019808 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2017-09-04 22:05 - 2017-01-18 10:36 - 000017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
2017-09-04 22:05 - 2017-01-18 10:36 - 000017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2017-09-04 22:05 - 2017-01-18 10:36 - 000016224 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2017-09-04 22:05 - 2017-01-18 10:36 - 000015712 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2017-09-04 22:05 - 2017-01-18 10:36 - 000014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
2017-09-04 22:05 - 2017-01-18 10:36 - 000014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-2-0.dll
2017-09-04 22:05 - 2017-01-18 10:36 - 000013664 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2017-09-04 22:05 - 2017-01-18 10:36 - 000012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll
2017-09-04 22:05 - 2017-01-18 10:36 - 000012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2017-09-04 22:05 - 2017-01-18 10:36 - 000012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2017-09-04 22:05 - 2017-01-18 10:36 - 000012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2017-09-04 22:05 - 2017-01-18 10:36 - 000012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2017-09-04 22:05 - 2017-01-18 10:36 - 000012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2017-09-04 22:05 - 2017-01-18 10:36 - 000012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-2-0.dll
2017-09-04 22:05 - 2017-01-18 10:36 - 000012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-1.dll
2017-09-04 22:05 - 2017-01-18 10:36 - 000011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l2-1-0.dll
2017-09-04 22:05 - 2017-01-18 10:36 - 000011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-timezone-l1-1-0.dll
2017-09-04 22:05 - 2017-01-18 10:36 - 000011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l2-1-0.dll
2017-09-04 22:05 - 2017-01-18 10:36 - 000011608 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-2-0.dll
2017-09-04 22:05 - 2017-01-18 10:35 - 000922432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll
2017-09-04 22:05 - 2017-01-18 10:35 - 000066400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-private-l1-1-0.dll
2017-09-04 22:05 - 2017-01-18 10:35 - 000022368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-math-l1-1-0.dll
2017-09-04 22:05 - 2017-01-18 10:35 - 000019808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
2017-09-04 22:05 - 2017-01-18 10:35 - 000017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-string-l1-1-0.dll
2017-09-04 22:05 - 2017-01-18 10:35 - 000017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-stdio-l1-1-0.dll
2017-09-04 22:05 - 2017-01-18 10:35 - 000016224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2017-09-04 22:05 - 2017-01-18 10:35 - 000015712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-convert-l1-1-0.dll
2017-09-04 22:05 - 2017-01-18 10:35 - 000014176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-time-l1-1-0.dll
2017-09-04 22:05 - 2017-01-18 10:35 - 000014176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-2-0.dll
2017-09-04 22:05 - 2017-01-18 10:35 - 000013664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
2017-09-04 22:05 - 2017-01-18 10:35 - 000012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-process-l1-1-0.dll
2017-09-04 22:05 - 2017-01-18 10:35 - 000012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll
2017-09-04 22:05 - 2017-01-18 10:35 - 000012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-conio-l1-1-0.dll
2017-09-04 22:05 - 2017-01-18 10:35 - 000012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-utility-l1-1-0.dll
2017-09-04 22:05 - 2017-01-18 10:35 - 000012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll
2017-09-04 22:05 - 2017-01-18 10:35 - 000012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-environment-l1-1-0.dll
2017-09-04 22:05 - 2017-01-18 10:35 - 000012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-2-0.dll
2017-09-04 22:05 - 2017-01-18 10:35 - 000012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-1.dll
2017-09-04 22:05 - 2017-01-18 10:35 - 000011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l2-1-0.dll
2017-09-04 22:05 - 2017-01-18 10:35 - 000011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-timezone-l1-1-0.dll
2017-09-04 22:05 - 2017-01-18 10:35 - 000011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l2-1-0.dll
2017-09-04 22:05 - 2017-01-18 10:35 - 000011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-2-0.dll
2017-09-04 22:05 - 2017-01-13 13:00 - 000976896 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2017-09-04 22:05 - 2017-01-13 12:45 - 000741888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2017-09-04 22:05 - 2017-01-11 13:01 - 001887744 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2017-09-04 22:05 - 2017-01-11 12:43 - 001241088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2017-09-04 22:05 - 2016-11-20 09:07 - 000467392 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2017-09-04 22:05 - 2016-11-10 11:32 - 001009152 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
2017-09-04 22:05 - 2016-11-10 11:19 - 000833024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
2017-09-04 22:05 - 2016-11-09 11:41 - 000114408 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2017-09-04 22:05 - 2016-11-09 11:33 - 003244032 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2017-09-04 22:05 - 2016-11-09 11:33 - 001941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2017-09-04 22:05 - 2016-11-09 11:33 - 000070144 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2017-09-04 22:05 - 2016-11-09 11:17 - 002365440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2017-09-04 22:05 - 2016-11-09 11:17 - 001806848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2017-09-04 22:05 - 2016-11-09 11:17 - 000337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2017-09-04 22:05 - 2016-11-09 11:02 - 000128512 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2017-09-04 22:05 - 2016-10-11 10:31 - 001148416 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10.IME
2017-09-04 22:05 - 2016-10-11 10:31 - 001068544 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2017-09-04 22:05 - 2016-10-11 10:31 - 000878080 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10K.DLL
2017-09-04 22:05 - 2016-10-11 10:31 - 000176128 _____ (Microsoft Corporation) C:\Windows\system32\tintlgnt.ime
2017-09-04 22:05 - 2016-10-11 10:31 - 000175104 _____ (Microsoft Corporation) C:\Windows\system32\quick.ime
2017-09-04 22:05 - 2016-10-11 10:31 - 000175104 _____ (Microsoft Corporation) C:\Windows\system32\qintlgnt.ime
2017-09-04 22:05 - 2016-10-11 10:31 - 000175104 _____ (Microsoft Corporation) C:\Windows\system32\phon.ime
2017-09-04 22:05 - 2016-10-11 10:31 - 000175104 _____ (Microsoft Corporation) C:\Windows\system32\cintlgnt.ime
2017-09-04 22:05 - 2016-10-11 10:31 - 000175104 _____ (Microsoft Corporation) C:\Windows\system32\chajei.ime
2017-09-04 22:05 - 2016-10-11 10:31 - 000132608 _____ (Microsoft Corporation) C:\Windows\system32\pintlgnt.ime
2017-09-04 22:05 - 2016-10-11 10:18 - 001027584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IMJP10.IME
2017-09-04 22:05 - 2016-10-11 10:18 - 000829952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
2017-09-04 22:05 - 2016-10-11 10:18 - 000701440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IMJP10K.DLL
2017-09-04 22:05 - 2016-10-11 10:18 - 000430080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imkr80.ime
2017-09-04 22:05 - 2016-10-11 10:18 - 000126976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tintlgnt.ime
2017-09-04 22:05 - 2016-10-11 10:18 - 000125952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qintlgnt.ime
2017-09-04 22:05 - 2016-10-11 10:18 - 000125952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\phon.ime
2017-09-04 22:05 - 2016-10-11 10:18 - 000125952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cintlgnt.ime
2017-09-04 22:05 - 2016-10-11 10:18 - 000125952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\chajei.ime
2017-09-04 22:05 - 2016-10-11 10:18 - 000090112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pintlgnt.ime
2017-09-04 22:05 - 2016-10-11 09:55 - 000346112 _____ (Microsoft Corporation) C:\Windows\system32\bcdedit.exe
2017-09-04 22:05 - 2016-10-11 08:33 - 000187392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIAnimation.dll
2017-09-04 22:05 - 2016-10-11 08:18 - 000419648 _____ C:\Windows\SysWOW64\locale.nls
2017-09-04 22:05 - 2016-10-11 08:17 - 000419648 _____ C:\Windows\system32\locale.nls
2017-09-04 22:05 - 2016-10-11 08:06 - 000221184 _____ (Microsoft Corporation) C:\Windows\system32\UIAnimation.dll
2017-09-04 22:05 - 2016-10-08 08:06 - 000633296 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2017-09-04 22:05 - 2016-10-07 10:32 - 003649536 _____ (Microsoft Corporation) C:\Windows\system32\MSVidCtl.dll
2017-09-04 22:05 - 2016-10-07 10:12 - 002291712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSVidCtl.dll
2017-09-04 22:05 - 2016-10-05 09:54 - 000090112 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bowser.sys
2017-09-04 22:05 - 2016-09-15 09:56 - 000041984 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
2017-09-04 22:05 - 2016-09-12 16:08 - 000107520 _____ (Microsoft Corporation) C:\Windows\system32\adsmsext.dll
2017-09-04 22:05 - 2016-09-12 15:49 - 000076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adsmsext.dll
2017-09-04 22:05 - 2016-09-08 15:34 - 000263680 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2017-09-04 22:05 - 2016-09-08 15:34 - 000208896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2017-09-04 22:05 - 2016-09-08 15:34 - 000108544 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2017-09-04 22:05 - 2016-09-08 15:34 - 000087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll
2017-09-04 22:05 - 2016-09-08 09:55 - 000142336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2017-09-04 22:05 - 2016-09-08 09:55 - 000106496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dfsc.sys
2017-09-04 22:05 - 2016-08-22 11:19 - 001386496 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2017-09-04 22:05 - 2016-08-12 12:02 - 014632960 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2017-09-04 22:05 - 2016-08-12 12:02 - 012574720 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2017-09-04 22:05 - 2016-08-12 11:47 - 012574208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2017-09-04 22:05 - 2016-08-12 11:47 - 011410432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2017-09-04 22:05 - 2016-08-12 11:26 - 000461312 _____ (Microsoft Corporation) C:\Windows\system32\scavengeui.dll
2017-09-04 22:05 - 2016-08-06 10:31 - 002023424 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
2017-09-04 22:05 - 2016-08-06 10:31 - 000347136 _____ (Microsoft Corporation) C:\Windows\system32\WSManMigrationPlugin.dll
2017-09-04 22:05 - 2016-08-06 10:31 - 000310784 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll
2017-09-04 22:05 - 2016-08-06 10:31 - 000182272 _____ (Microsoft Corporation) C:\Windows\system32\WsmAuto.dll
2017-09-04 22:05 - 2016-08-06 10:15 - 001178112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll
2017-09-04 22:05 - 2016-08-06 10:15 - 000249344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManMigrationPlugin.dll
2017-09-04 22:05 - 2016-08-06 10:15 - 000214016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmWmiPl.dll
2017-09-04 22:05 - 2016-08-06 10:15 - 000146944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmAuto.dll
2017-09-04 22:05 - 2016-08-06 10:01 - 000266752 _____ (Microsoft Corporation) C:\Windows\system32\WSManHTTPConfig.exe
2017-09-04 22:05 - 2016-08-06 09:53 - 000199168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManHTTPConfig.exe
2017-09-04 22:05 - 2016-06-14 12:16 - 004121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2017-09-04 22:05 - 2016-06-14 12:16 - 001202176 _____ (Microsoft Corporation) C:\Windows\system32\drmv2clt.dll
2017-09-04 22:05 - 2016-06-14 12:16 - 001068544 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll
2017-09-04 22:05 - 2016-06-14 12:16 - 000842240 _____ (Microsoft Corporation) C:\Windows\system32\blackbox.dll
2017-09-04 22:05 - 2016-06-14 12:16 - 000782848 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmsdk.dll
2017-09-04 22:05 - 2016-06-14 12:16 - 000680448 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2017-09-04 22:05 - 2016-06-14 12:16 - 000632320 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
2017-09-04 22:05 - 2016-06-14 12:16 - 000499712 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2017-09-04 22:05 - 2016-06-14 12:16 - 000497664 _____ (Microsoft Corporation) C:\Windows\system32\drmmgrtn.dll
2017-09-04 22:05 - 2016-06-14 12:16 - 000440320 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2017-09-04 22:05 - 2016-06-14 12:16 - 000433152 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2017-09-04 22:05 - 2016-06-14 12:16 - 000371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2017-09-04 22:05 - 2016-06-14 12:16 - 000295936 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2017-09-04 22:05 - 2016-06-14 12:16 - 000284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2017-09-04 22:05 - 2016-06-14 12:16 - 000206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2017-09-04 22:05 - 2016-06-14 12:16 - 000187904 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
2017-09-04 22:05 - 2016-06-14 12:16 - 000081920 _____ (Microsoft Corporation) C:\Windows\system32\cryptsp.dll
2017-09-04 22:05 - 2016-06-14 12:11 - 000663552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys
2017-09-04 22:05 - 2016-06-14 10:21 - 003209216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2017-09-04 22:05 - 2016-06-14 10:21 - 001005056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptui.dll
2017-09-04 22:05 - 2016-06-14 10:21 - 000988160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmv2clt.dll
2017-09-04 22:05 - 2016-06-14 10:21 - 000744960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\blackbox.dll
2017-09-04 22:05 - 2016-06-14 10:21 - 000617984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmdrmsdk.dll
2017-09-04 22:05 - 2016-06-14 10:21 - 000519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2017-09-04 22:05 - 2016-06-14 10:21 - 000489984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\evr.dll
2017-09-04 22:05 - 2016-06-14 10:21 - 000442368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2017-09-04 22:05 - 2016-06-14 10:21 - 000406016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmmgrtn.dll
2017-09-04 22:05 - 2016-06-14 10:21 - 000374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2017-09-04 22:05 - 2016-06-14 10:21 - 000354816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2017-09-04 22:05 - 2016-06-14 10:21 - 000195072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2017-09-04 22:05 - 2016-06-14 10:21 - 000080896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsp.dll
2017-09-04 22:05 - 2016-06-14 10:15 - 000125952 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2017-09-04 22:05 - 2016-05-12 08:05 - 000297984 _____ (Microsoft Corporation) C:\Windows\system32\bcryptprimitives.dll
2017-09-04 22:05 - 2016-05-12 08:04 - 000249352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcryptprimitives.dll
2017-09-04 22:05 - 2016-03-23 17:40 - 003181568 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2017-09-04 22:05 - 2016-03-23 17:40 - 000016384 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll
2017-09-04 22:04 - 2017-07-21 09:26 - 000409600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msexch40.dll
2017-09-04 22:04 - 2017-07-21 09:26 - 000282624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstext40.dll
2017-09-04 22:04 - 2017-07-14 10:29 - 000288256 _____ (Microsoft Corporation) C:\Windows\system32\mssphtb.dll
2017-09-04 22:04 - 2017-07-14 10:29 - 000115200 _____ (Microsoft Corporation) C:\Windows\system32\mssitlb.dll
2017-09-04 22:04 - 2017-07-14 10:29 - 000099840 _____ (Microsoft Corporation) C:\Windows\system32\mssprxy.dll
2017-09-04 22:04 - 2017-07-14 10:29 - 000075264 _____ (Microsoft Corporation) C:\Windows\system32\msscntrs.dll
2017-09-04 22:04 - 2017-07-14 10:29 - 000034304 _____ (Microsoft Corporation) C:\Windows\system32\werdiagcontroller.dll
2017-09-04 22:04 - 2017-07-14 10:29 - 000014336 _____ (Microsoft Corporation) C:\Windows\system32\msshooks.dll
2017-09-04 22:04 - 2017-07-14 10:11 - 000113664 _____ (Microsoft Corporation) C:\Windows\system32\SearchFilterHost.exe
2017-09-04 22:04 - 2017-07-14 10:10 - 000666624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssvp.dll
2017-09-04 22:04 - 2017-07-14 10:10 - 000337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssph.dll
2017-09-04 22:04 - 2017-07-14 10:10 - 000197120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssphtb.dll
2017-09-04 22:04 - 2017-07-14 10:10 - 000104448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssitlb.dll
2017-09-04 22:04 - 2017-07-14 10:10 - 000059392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscntrs.dll
2017-09-04 22:04 - 2017-07-14 10:10 - 000034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssprxy.dll
2017-09-04 22:04 - 2017-07-14 10:00 - 000164352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe
2017-09-04 22:04 - 2017-07-14 09:59 - 000086528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchFilterHost.exe
2017-09-04 22:04 - 2017-07-14 09:59 - 000009728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msshooks.dll
2017-09-04 22:04 - 2017-07-14 09:57 - 000050688 _____ (Microsoft Corporation) C:\Windows\system32\wermgr.exe
2017-09-04 22:04 - 2017-07-14 09:50 - 000054272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wermgr.exe
2017-09-04 22:04 - 2017-07-14 09:50 - 000028672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\werdiagcontroller.dll
2017-09-04 22:04 - 2017-07-07 10:33 - 000095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2017-09-04 22:04 - 2017-07-07 10:29 - 000149504 _____ (Microsoft Corporation) C:\Windows\system32\t2embed.dll
2017-09-04 22:04 - 2017-07-07 10:29 - 000146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2017-09-04 22:04 - 2017-07-07 10:29 - 000135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2017-09-04 22:04 - 2017-07-07 10:29 - 000123904 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
2017-09-04 22:04 - 2017-07-07 10:29 - 000063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2017-09-04 22:04 - 2017-07-07 10:29 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2017-09-04 22:04 - 2017-07-07 10:29 - 000059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2017-09-04 22:04 - 2017-07-07 10:29 - 000050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2017-09-04 22:04 - 2017-07-07 10:29 - 000044032 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2017-09-04 22:04 - 2017-07-07 10:29 - 000043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2017-09-04 22:04 - 2017-07-07 10:29 - 000034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2017-09-04 22:04 - 2017-07-07 10:29 - 000028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2017-09-04 22:04 - 2017-07-07 10:29 - 000028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2017-09-04 22:04 - 2017-07-07 10:29 - 000022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2017-09-04 22:04 - 2017-07-07 10:29 - 000016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2017-09-04 22:04 - 2017-07-07 10:29 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2017-09-04 22:04 - 2017-07-07 10:29 - 000006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2017-09-04 22:04 - 2017-07-07 10:29 - 000006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2017-09-04 22:04 - 2017-07-07 10:29 - 000005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2017-09-04 22:04 - 2017-07-07 10:29 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2017-09-04 22:04 - 2017-07-07 10:29 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2017-09-04 22:04 - 2017-07-07 10:29 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2017-09-04 22:04 - 2017-07-07 10:29 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2017-09-04 22:04 - 2017-07-07 10:29 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2017-09-04 22:04 - 2017-07-07 10:29 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2017-09-04 22:04 - 2017-07-07 10:29 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2017-09-04 22:04 - 2017-07-07 10:29 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2017-09-04 22:04 - 2017-07-07 10:29 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2017-09-04 22:04 - 2017-07-07 10:29 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2017-09-04 22:04 - 2017-07-07 10:29 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2017-09-04 22:04 - 2017-07-07 10:29 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2017-09-04 22:04 - 2017-07-07 10:29 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2017-09-04 22:04 - 2017-07-07 10:29 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2017-09-04 22:04 - 2017-07-07 10:29 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2017-09-04 22:04 - 2017-07-07 10:29 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2017-09-04 22:04 - 2017-07-07 10:29 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2017-09-04 22:04 - 2017-07-07 10:29 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2017-09-04 22:04 - 2017-07-07 10:29 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2017-09-04 22:04 - 2017-07-07 10:29 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2017-09-04 22:04 - 2017-07-07 10:29 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2017-09-04 22:04 - 2017-07-07 10:29 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2017-09-04 22:04 - 2017-07-07 10:29 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2017-09-04 22:04 - 2017-07-07 10:29 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2017-09-04 22:04 - 2017-07-07 10:29 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2017-09-04 22:04 - 2017-07-07 10:29 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2017-09-04 22:04 - 2017-07-07 10:11 - 000172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2017-09-04 22:04 - 2017-07-07 10:11 - 000109568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\t2embed.dll
2017-09-04 22:04 - 2017-07-07 10:11 - 000096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2017-09-04 22:04 - 2017-07-07 10:11 - 000082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcrypt.dll
2017-09-04 22:04 - 2017-07-07 10:11 - 000065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2017-09-04 22:04 - 2017-07-07 10:11 - 000043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2017-09-04 22:04 - 2017-07-07 10:11 - 000022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2017-09-04 22:04 - 2017-07-07 10:11 - 000005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2017-09-04 22:04 - 2017-07-07 10:10 - 000342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2017-09-04 22:04 - 2017-07-07 10:10 - 000146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2017-09-04 22:04 - 2017-07-07 10:10 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2017-09-04 22:04 - 2017-07-07 10:10 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2017-09-04 22:04 - 2017-07-07 10:10 - 000017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2017-09-04 22:04 - 2017-07-07 10:10 - 000006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2017-09-04 22:04 - 2017-07-07 10:10 - 000005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2017-09-04 22:04 - 2017-07-07 10:10 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2017-09-04 22:04 - 2017-07-07 10:10 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2017-09-04 22:04 - 2017-07-07 10:10 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2017-09-04 22:04 - 2017-07-07 10:10 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2017-09-04 22:04 - 2017-07-07 10:10 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2017-09-04 22:04 - 2017-07-07 10:10 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2017-09-04 22:04 - 2017-07-07 10:10 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2017-09-04 22:04 - 2017-07-07 10:10 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2017-09-04 22:04 - 2017-07-07 10:10 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2017-09-04 22:04 - 2017-07-07 10:10 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2017-09-04 22:04 - 2017-07-07 10:10 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2017-09-04 22:04 - 2017-07-07 10:10 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2017-09-04 22:04 - 2017-07-07 10:10 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2017-09-04 22:04 - 2017-07-07 10:10 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2017-09-04 22:04 - 2017-07-07 10:10 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2017-09-04 22:04 - 2017-07-07 10:10 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2017-09-04 22:04 - 2017-07-07 10:10 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2017-09-04 22:04 - 2017-07-07 10:10 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2017-09-04 22:04 - 2017-07-07 10:10 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2017-09-04 22:04 - 2017-07-07 10:10 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2017-09-04 22:04 - 2017-07-07 10:10 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2017-09-04 22:04 - 2017-07-07 10:10 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2017-09-04 22:04 - 2017-07-07 10:10 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2017-09-04 22:04 - 2017-07-07 10:01 - 000064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2017-09-04 22:04 - 2017-07-07 10:01 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2017-09-04 22:04 - 2017-07-07 10:01 - 000017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2017-09-04 22:04 - 2017-07-07 09:58 - 000338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2017-09-04 22:04 - 2017-07-07 09:57 - 000296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2017-09-04 22:04 - 2017-07-07 09:53 - 000112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2017-09-04 22:04 - 2017-07-07 09:53 - 000030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2017-09-04 22:04 - 2017-07-07 09:51 - 000050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2017-09-04 22:04 - 2017-07-07 09:48 - 000025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2017-09-04 22:04 - 2017-07-07 09:48 - 000014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2017-09-04 22:04 - 2017-07-07 09:48 - 000007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2017-09-04 22:04 - 2017-07-07 09:48 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2017-09-04 22:04 - 2017-07-07 09:47 - 000036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2017-09-04 22:04 - 2017-07-07 09:47 - 000006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2017-09-04 22:04 - 2017-07-07 09:47 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2017-09-04 22:04 - 2017-07-07 09:47 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2017-09-04 22:04 - 2017-07-07 09:47 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2017-09-04 22:04 - 2017-06-12 17:49 - 000594432 _____ (Microsoft Corporation) C:\Windows\system32\wvc.dll
2017-09-04 22:04 - 2017-06-12 17:29 - 000444928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wvc.dll
2017-09-04 22:04 - 2017-06-12 17:28 - 000047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pdhui.dll
2017-09-04 22:04 - 2017-06-12 17:14 - 000172544 _____ (Microsoft Corporation) C:\Windows\system32\perfmon.exe
2017-09-04 22:04 - 2017-06-12 17:14 - 000103936 _____ (Microsoft Corporation) C:\Windows\system32\resmon.exe
2017-09-04 22:04 - 2017-06-12 17:06 - 000157184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\perfmon.exe
2017-09-04 22:04 - 2017-06-12 17:06 - 000103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\resmon.exe
2017-09-04 22:04 - 2017-05-20 23:24 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2017-09-04 22:04 - 2017-05-20 23:06 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2017-09-04 22:04 - 2017-05-16 10:30 - 000144384 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
2017-09-04 22:04 - 2017-05-12 13:22 - 000100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2017-09-04 22:04 - 2017-05-12 13:22 - 000046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2017-09-04 22:04 - 2017-05-12 13:22 - 000041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2017-09-04 22:04 - 2017-05-12 13:22 - 000014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2017-09-04 22:04 - 2017-05-12 13:03 - 000070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2017-09-04 22:04 - 2017-05-12 13:03 - 000025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2017-09-04 22:04 - 2017-05-12 13:03 - 000010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2017-09-04 22:04 - 2017-05-12 12:43 - 000034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2017-09-04 22:04 - 2017-05-10 10:33 - 000091368 _____ (Microsoft Corporation) C:\Windows\system32\MigAutoPlay.exe
2017-09-04 22:04 - 2017-05-10 10:16 - 000091368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MigAutoPlay.exe
2017-09-04 22:04 - 2017-05-07 10:29 - 000011264 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll
2017-09-04 22:04 - 2017-04-17 10:37 - 000026112 _____ (Microsoft Corporation) C:\Windows\system32\oleres.dll
2017-09-04 22:04 - 2017-04-17 10:37 - 000008704 _____ (Microsoft Corporation) C:\Windows\system32\comcat.dll
2017-09-04 22:04 - 2017-04-17 10:12 - 000026112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleres.dll
2017-09-04 22:04 - 2017-04-17 09:54 - 000007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comcat.dll
2017-09-04 22:04 - 2017-03-30 10:03 - 000046080 _____ (Microsoft Corporation) C:\Windows\system32\rundll32.exe
2017-09-04 22:04 - 2017-03-30 09:58 - 000045056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
2017-09-04 22:04 - 2017-03-10 10:57 - 000009216 _____ (Microsoft Corporation) C:\Windows\system32\plasrv.exe
2017-09-04 22:04 - 2017-03-07 11:30 - 000085504 _____ (Microsoft Corporation) C:\Windows\system32\asycfilt.dll
2017-09-04 22:04 - 2017-03-07 11:17 - 000067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\asycfilt.dll
2017-09-04 22:04 - 2017-03-03 20:27 - 000093696 _____ (Microsoft Corporation) C:\Windows\system32\mfmjpegdec.dll
2017-09-04 22:04 - 2017-03-03 20:14 - 000077312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmjpegdec.dll
2017-09-04 22:04 - 2017-02-09 11:32 - 000106496 _____ (Microsoft Corporation) C:\Windows\system32\samlib.dll
2017-09-04 22:04 - 2017-02-09 11:32 - 000040960 _____ (Microsoft Corporation) C:\Windows\system32\WcsPlugInService.dll
2017-09-04 22:04 - 2017-02-09 11:31 - 000250880 _____ (Microsoft Corporation) C:\Windows\system32\icm32.dll
2017-09-04 22:04 - 2017-02-09 11:14 - 000481792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscms.dll
2017-09-04 22:04 - 2017-02-09 11:14 - 000215040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icm32.dll
2017-09-04 22:04 - 2017-02-09 11:14 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\samlib.dll
2017-09-04 22:04 - 2017-02-09 10:51 - 000032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WcsPlugInService.dll
2017-09-04 22:04 - 2017-01-13 13:00 - 000084480 _____ (Microsoft Corporation) C:\Windows\system32\INETRES.dll
2017-09-04 22:04 - 2017-01-13 12:45 - 000084480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\INETRES.dll
2017-09-04 22:04 - 2017-01-11 13:01 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2017-09-04 22:04 - 2017-01-11 12:43 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2017-09-04 22:04 - 2016-11-21 13:12 - 000109568 _____ (Microsoft Corporation) C:\Windows\system32\hlink.dll
2017-09-04 22:04 - 2016-11-20 11:19 - 000084992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hlink.dll
2017-09-04 22:04 - 2016-11-09 11:33 - 000504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2017-09-04 22:04 - 2016-11-09 11:33 - 000025088 _____ (Microsoft Corporation) C:\Windows\system32\msimsg.dll
2017-09-04 22:04 - 2016-11-09 11:17 - 000025088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimsg.dll
2017-09-04 22:04 - 2016-11-09 10:55 - 000073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe
2017-09-04 22:04 - 2016-10-11 10:32 - 000069120 _____ (Microsoft Corporation) C:\Windows\system32\nlsbres.dll
2017-09-04 22:04 - 2016-10-11 10:31 - 000457216 _____ (Microsoft Corporation) C:\Windows\system32\imkr80.ime
2017-09-04 22:04 - 2016-10-11 10:31 - 000246784 _____ (Microsoft Corporation) C:\Windows\system32\input.dll
2017-09-04 22:04 - 2016-10-11 10:18 - 000202240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\input.dll
2017-09-04 22:04 - 2016-10-11 10:18 - 000125952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quick.ime
2017-09-04 22:04 - 2016-10-11 10:18 - 000069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlsbres.dll
2017-09-04 22:04 - 2016-08-12 12:02 - 000009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2017-09-04 22:04 - 2016-08-12 12:02 - 000005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2017-09-04 22:04 - 2016-08-12 12:02 - 000005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2017-09-04 22:04 - 2016-08-12 11:31 - 000008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2017-09-04 22:04 - 2016-08-12 11:31 - 000004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2017-09-04 22:04 - 2016-08-12 11:31 - 000004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2017-09-04 22:04 - 2016-08-06 10:31 - 000054272 _____ (Microsoft Corporation) C:\Windows\system32\WsmRes.dll
2017-09-04 22:04 - 2016-08-06 10:31 - 000012800 _____ (Microsoft Corporation) C:\Windows\system32\wsmplpxy.dll
2017-09-04 22:04 - 2016-08-06 10:15 - 000054272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmRes.dll
2017-09-04 22:04 - 2016-08-06 10:01 - 000013824 _____ (Microsoft Corporation) C:\Windows\system32\wsmprovhost.exe
2017-09-04 22:04 - 2016-08-06 09:53 - 000012288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wsmprovhost.exe
2017-09-04 22:04 - 2016-08-06 09:53 - 000010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wsmplpxy.dll
2017-09-04 22:04 - 2016-06-14 12:16 - 000641024 _____ (Microsoft Corporation) C:\Windows\system32\msscp.dll
2017-09-04 22:04 - 2016-06-14 12:16 - 000325632 _____ (Microsoft Corporation) C:\Windows\system32\msnetobj.dll
2017-09-04 22:04 - 2016-06-14 12:16 - 000037376 _____ (Microsoft Corporation) C:\Windows\system32\pcadm.dll
2017-09-04 22:04 - 2016-06-14 12:16 - 000008704 _____ (Microsoft Corporation) C:\Windows\system32\pcaevts.dll
2017-09-04 22:04 - 2016-06-14 12:16 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2017-09-04 22:04 - 2016-06-14 10:21 - 000504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscp.dll
2017-09-04 22:04 - 2016-06-14 10:21 - 000265216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msnetobj.dll
2017-09-04 22:04 - 2016-06-14 10:21 - 000103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2017-09-04 22:04 - 2016-06-14 10:21 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2017-09-04 22:04 - 2016-06-14 10:15 - 000055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2017-09-04 22:04 - 2016-06-14 10:15 - 000024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2017-09-04 22:04 - 2016-06-14 10:05 - 000050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2017-09-04 22:04 - 2016-06-14 10:05 - 000023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2017-09-04 22:04 - 2016-06-14 10:00 - 000011264 _____ (Microsoft Corporation) C:\Windows\system32\pcawrk.exe
2017-09-04 22:04 - 2016-06-14 10:00 - 000009728 _____ (Microsoft Corporation) C:\Windows\system32\pcalua.exe
2017-09-04 22:04 - 2015-05-25 13:19 - 000113664 _____ (Microsoft Corporation) C:\Windows\system32\sechost.dll
2017-09-04 22:04 - 2015-05-25 13:18 - 000404992 _____ (Microsoft Corporation) C:\Windows\system32\tracerpt.exe
2017-09-04 22:04 - 2015-05-25 13:18 - 000104448 _____ (Microsoft Corporation) C:\Windows\system32\logman.exe
2017-09-04 22:04 - 2015-05-25 13:18 - 000047104 _____ (Microsoft Corporation) C:\Windows\system32\typeperf.exe
2017-09-04 22:04 - 2015-05-25 13:18 - 000043008 _____ (Microsoft Corporation) C:\Windows\system32\relog.exe
2017-09-04 22:04 - 2015-05-25 13:18 - 000019456 _____ (Microsoft Corporation) C:\Windows\system32\diskperf.exe
2017-09-04 22:04 - 2015-05-25 13:01 - 000092160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sechost.dll
2017-09-04 22:04 - 2015-05-25 13:00 - 000364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tracerpt.exe
2017-09-04 22:04 - 2015-05-25 13:00 - 000082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\logman.exe
2017-09-04 22:04 - 2015-05-25 13:00 - 000040448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\typeperf.exe
2017-09-04 22:04 - 2015-05-25 13:00 - 000037888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\relog.exe
2017-09-04 22:04 - 2015-05-25 13:00 - 000017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\diskperf.exe
2017-09-04 22:03 - 2017-05-03 10:34 - 000094952 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2017-09-04 22:03 - 2017-05-03 10:29 - 001206272 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2017-09-04 22:03 - 2017-05-03 08:05 - 001555968 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2017-09-04 22:03 - 2017-05-03 08:05 - 000620544 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2017-09-04 22:03 - 2017-05-03 08:05 - 000535552 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2017-09-04 22:03 - 2017-05-03 08:05 - 000325632 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2017-09-04 22:03 - 2017-05-03 08:05 - 000311296 _____ (Microsoft Corporation) C:\Windows\system32\centel.dll
2017-09-04 22:03 - 2017-05-03 08:05 - 000217088 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2017-09-04 22:03 - 2017-05-03 08:05 - 000127488 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2017-09-04 22:03 - 2017-03-22 21:06 - 001691136 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2017-09-04 22:03 - 2016-08-29 10:04 - 003229696 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2017-09-04 22:03 - 2016-08-29 09:55 - 002972672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2017-09-04 22:03 - 2016-08-16 15:40 - 000343552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2017-09-04 22:03 - 2016-08-16 15:40 - 000327168 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2017-09-04 22:03 - 2016-08-16 15:40 - 000099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2017-09-04 22:03 - 2016-08-16 15:40 - 000056320 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2017-09-04 22:03 - 2016-08-16 15:40 - 000030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2017-09-04 22:03 - 2016-08-16 15:40 - 000025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2017-09-04 22:03 - 2016-08-16 15:40 - 000007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2017-09-04 22:03 - 2016-07-07 10:08 - 000046080 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpipreg.sys
2017-09-04 22:03 - 2016-05-12 12:15 - 000105472 _____ (Microsoft Corporation) C:\Windows\system32\winipsec.dll
2017-09-04 22:03 - 2016-05-12 12:14 - 000794624 _____ (Microsoft Corporation) C:\Windows\system32\gpsvc.dll
2017-09-04 22:03 - 2016-05-12 12:14 - 000502272 _____ (Microsoft Corporation) C:\Windows\system32\IPSECSVC.DLL
2017-09-04 22:03 - 2016-05-12 12:14 - 000373760 _____ (Microsoft Corporation) C:\Windows\system32\polstore.dll
2017-09-04 22:03 - 2016-05-12 12:14 - 000096256 _____ (Microsoft Corporation) C:\Windows\system32\gpapi.dll
2017-09-04 22:03 - 2016-05-12 12:14 - 000075776 _____ (Microsoft Corporation) C:\Windows\system32\FwRemoteSvr.dll
2017-09-04 22:03 - 2016-05-12 10:18 - 000274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\polstore.dll
2017-09-04 22:03 - 2016-05-12 10:18 - 000090624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\olepro32.dll
2017-09-04 22:03 - 2016-05-12 10:18 - 000079360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gpapi.dll
2017-09-04 22:03 - 2016-05-12 10:18 - 000070144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winipsec.dll
2017-09-04 22:03 - 2016-05-12 10:18 - 000044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FwRemoteSvr.dll
2017-09-04 22:03 - 2016-05-11 12:02 - 000483840 _____ (Microsoft Corporation) C:\Windows\system32\StructuredQuery.dll
2017-09-04 22:03 - 2016-05-11 10:19 - 000363520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\StructuredQuery.dll
2017-09-04 22:03 - 2016-03-16 13:50 - 000156672 _____ (Microsoft Corporation) C:\Windows\system32\mtxoci.dll
2017-09-04 22:03 - 2016-03-16 13:28 - 000176128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msorcl32.dll
2017-09-04 22:03 - 2016-03-16 13:28 - 000111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mtxoci.dll
2017-09-04 22:03 - 2016-03-09 14:00 - 000396800 _____ (Microsoft Corporation) C:\Windows\system32\webio.dll
2017-09-04 22:03 - 2016-03-09 13:54 - 000275456 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2017-09-04 22:03 - 2016-03-09 13:40 - 000316416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webio.dll
2017-09-04 22:03 - 2016-03-09 13:34 - 000216064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InkEd.dll
2017-09-04 22:03 - 2016-02-05 13:56 - 000020480 _____ (Microsoft Corporation) C:\Windows\system32\tbs.dll
2017-09-04 22:03 - 2016-02-05 13:54 - 000109568 _____ (Microsoft Corporation) C:\Windows\system32\fveapibase.dll
2017-09-04 22:03 - 2016-02-05 12:33 - 000015360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tbs.dll
2017-09-04 22:03 - 2016-01-20 19:51 - 000073664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\disk.sys
2017-09-04 22:03 - 2015-10-29 12:50 - 000342016 _____ (Microsoft Corporation) C:\Windows\system32\apphelp.dll
2017-09-04 22:03 - 2015-10-29 12:50 - 000072192 _____ (Microsoft Corporation) C:\Windows\system32\aelupsvc.dll
2017-09-04 22:03 - 2015-10-29 12:50 - 000023552 _____ (Microsoft Corporation) C:\Windows\system32\sdbinst.exe
2017-09-04 22:03 - 2015-10-29 12:50 - 000006656 _____ (Microsoft Corporation) C:\Windows\system32\shimeng.dll
2017-09-04 22:03 - 2015-10-29 12:50 - 000005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shimeng.dll
2017-09-04 22:03 - 2015-10-29 12:49 - 000295936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apphelp.dll
2017-09-04 22:03 - 2015-10-29 12:49 - 000020992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sdbinst.exe
2017-09-04 22:03 - 2015-08-27 13:18 - 002004480 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2017-09-04 22:03 - 2015-08-27 13:13 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2017-09-04 22:03 - 2015-08-27 12:58 - 001391104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2017-09-04 22:03 - 2015-08-27 12:51 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2017-09-04 22:03 - 2015-07-22 19:02 - 000879104 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2017-09-04 22:03 - 2015-07-22 12:53 - 000635392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2017-09-04 22:03 - 2015-06-03 15:21 - 000451080 _____ (Microsoft Corporation) C:\Windows\system32\fveapi.dll
2017-09-04 22:03 - 2015-04-10 22:19 - 000069888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\stream.sys
2017-09-04 22:03 - 2015-01-28 22:19 - 002543104 _____ (Microsoft Corporation) C:\Windows\system32\wpdshext.dll
2017-09-04 22:03 - 2015-01-28 22:02 - 002311168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wpdshext.dll
2017-09-04 22:03 - 2014-10-29 21:03 - 000165888 _____ (Microsoft Corporation) C:\Windows\system32\charmap.exe
2017-09-04 22:03 - 2014-10-29 20:45 - 000155136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\charmap.exe
2017-09-04 22:00 - 2016-06-25 19:27 - 000344576 _____ (Microsoft Corporation) C:\Windows\system32\ntprint.dll
2017-09-04 22:00 - 2016-06-25 19:27 - 000166400 _____ (Microsoft Corporation) C:\Windows\system32\inetpp.dll
2017-09-04 22:00 - 2016-06-25 19:27 - 000022528 _____ (Microsoft Corporation) C:\Windows\system32\inetppui.dll
2017-09-04 22:00 - 2016-06-25 14:53 - 000297472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntprint.dll
2017-09-04 22:00 - 2016-06-25 14:53 - 000061952 _____ (Microsoft Corporation) C:\Windows\system32\ntprint.exe
2017-09-04 22:00 - 2016-06-25 14:53 - 000048640 _____ (Microsoft Corporation) C:\Windows\system32\wpnpinst.exe
2017-09-04 22:00 - 2016-06-25 14:41 - 000061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntprint.exe
2017-09-04 22:00 - 2016-05-11 12:02 - 000444928 _____ (Microsoft Corporation) C:\Windows\system32\winhttp.dll
2017-09-04 22:00 - 2016-05-11 12:02 - 000327168 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll
2017-09-04 22:00 - 2016-05-11 12:02 - 000296448 _____ (Microsoft Corporation) C:\Windows\system32\ws2_32.dll
2017-09-04 22:00 - 2016-05-11 10:19 - 000351744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winhttp.dll
2017-09-04 22:00 - 2016-05-11 10:19 - 000231424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswsock.dll
2017-09-04 22:00 - 2016-05-11 10:19 - 000206336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ws2_32.dll
2017-09-04 22:00 - 2016-05-11 10:11 - 000025088 _____ (Microsoft Corporation) C:\Windows\system32\netbtugc.exe
2017-09-04 22:00 - 2016-05-11 10:01 - 000026624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netbtugc.exe
2017-09-04 22:00 - 2016-05-11 09:58 - 000262144 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netbt.sys
2017-09-04 22:00 - 2016-04-14 08:49 - 000603648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll
2017-09-04 22:00 - 2016-04-14 08:21 - 000647680 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
2017-09-04 22:00 - 2015-07-09 12:58 - 001632256 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll
2017-09-04 22:00 - 2015-07-09 12:58 - 000082944 _____ (Microsoft Corporation) C:\Windows\system32\dwmapi.dll
2017-09-04 22:00 - 2015-07-09 12:42 - 001372160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmcore.dll
2017-09-04 22:00 - 2015-07-09 12:42 - 000067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmapi.dll
2017-09-04 21:54 - 2016-04-08 23:20 - 001230848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2017-09-04 21:54 - 2016-04-08 22:52 - 001424896 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2017-09-04 11:29 - 2017-09-04 11:29 - 000032410 _____ C:\Users\big red\Desktop\MTB.txt
2017-09-04 11:27 - 2017-09-04 11:27 - 000027754 _____ C:\Users\big red\Desktop\BIGRED-PC.speccy
2017-09-04 11:16 - 2017-09-04 11:16 - 000000796 _____ C:\Users\Public\Desktop\Speccy.lnk
2017-09-04 11:16 - 2017-09-04 11:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Speccy
2017-09-04 11:16 - 2017-09-04 11:16 - 000000000 ____D C:\Program Files\Speccy
2017-09-04 11:12 - 2017-09-04 11:14 - 006299336 _____ (Piriform Ltd) C:\Users\big red\Downloads\spsetup131.exe
2017-09-04 11:11 - 2017-09-04 11:44 - 000032529 _____ C:\Users\big red\Downloads\MTB.txt
2017-09-04 10:55 - 2017-09-04 10:56 - 000892416 _____ (Farbar) C:\Users\big red\Downloads\MiniToolBox.exe
2017-09-03 22:14 - 2017-09-03 22:17 - 307048337 _____ C:\Users\big red\Downloads\2000_to_1_A_Space_Felony_64bit_v1.04.zip
2017-09-03 17:43 - 2017-09-03 17:47 - 034890000 _____ (AMD Inc.) C:\Users\big red\Downloads\radeon-crimson-relive-17.8.2-minimalsetup-170824_64bit.exe
2017-09-03 17:09 - 2017-09-06 21:00 - 034900000 _____ (AMD Inc.) C:\Users\big red\Downloads\radeon-crimson-relive-17.7.2-minimalsetup-170727_64bit.exe
2017-08-28 17:08 - 2017-08-28 17:10 - 000000000 ____D C:\Windows\SysWOW64\GPBAK
2017-08-28 17:08 - 2017-08-28 17:08 - 000000000 ____D C:\Windows\SysWOW64\GroupPolicy
2017-08-28 17:08 - 2008-04-14 02:11 - 000295936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appmgr.dll
2017-08-28 17:08 - 2001-08-23 13:00 - 000034871 _____ C:\Windows\SysWOW64\gpedit.msc
2017-08-28 17:07 - 2017-08-28 17:10 - 000707354 _____ C:\Windows\unins000.exe
2017-08-28 17:07 - 2017-08-28 17:10 - 000002586 _____ C:\Windows\unins000.dat
2017-08-28 17:07 - 2017-08-28 17:07 - 000875012 _____ C:\Users\big red\Downloads\add_gpedit_msc_by_jwils876-d3kh6vm.zip
2017-08-28 17:07 - 2011-04-09 09:44 - 000901344 _____ (Richard ) C:\Users\big red\Desktop\setup.exe
2017-08-27 19:37 - 2017-08-27 19:37 - 000208486 _____ C:\TDSSKiller.3.1.0.9_27.08.2017_19.37.00_log.txt
2017-08-27 19:31 - 2017-08-27 19:31 - 000000000 _____ C:\Users\big red\AppData\Local\{6587C0C7-870B-4FB2-B242-A3905E18806D}
2017-08-26 20:14 - 2017-08-26 20:14 - 000028334 _____ C:\ComboFix.txt
2017-08-26 13:53 - 2017-08-26 13:53 - 000000000 ___HD C:\Program Files (x86)\AGEIA Technologies
2017-08-25 21:38 - 2017-08-25 21:38 - 002260735 _____ C:\Users\big red\Downloads\generic-items-160-assets.zip
2017-08-25 20:51 - 2017-08-25 20:51 - 000115838 _____ C:\Users\big red\Downloads\1417888831_Platformer_Procedural_Generation.gmez
2017-08-24 22:10 - 2017-08-24 22:10 - 000000000 ____D C:\Users\big red\Documents\CAPCOM
2017-08-24 21:48 - 2017-08-24 21:48 - 000000000 ____D C:\SWTOOLS
2017-08-22 22:39 - 2017-08-25 21:16 - 000000000 ____D C:\Users\big red\Desktop\game img
2017-08-22 22:25 - 2017-08-22 22:49 - 088797504 _____ (Lenovo Group Limited ) C:\Users\big red\Downloads\c6etn08us17.exe
2017-08-22 22:24 - 2007-09-18 11:20 - 000000000 ____D C:\Users\big red\Desktop\GN-WI01GS_WP01GS_WI02GM_WP01GM
2017-08-22 18:20 - 2017-08-22 18:36 - 013454447 _____ C:\Users\big red\Downloads\comm_driver_wireless_g_v1.3.1.0.10.zip
2017-08-22 18:18 - 2017-08-22 23:07 - 000000000 ____D C:\Users\big red\AppData\Local\gm_ttt_13738
2017-08-17 19:18 - 2017-08-17 19:18 - 000000000 ____D C:\Users\big red\AppData\Local\Risen3
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2017-09-15 22:05 - 2016-03-25 09:26 - 000016729 _____ C:\Users\big red\Downloads\FRST.txt
2017-09-15 22:05 - 2016-03-25 09:26 - 000000000 ____D C:\FRST
2017-09-15 22:04 - 2009-07-14 00:13 - 000006616 _____ C:\Windows\system32\PerfStringBackup.INI
2017-09-15 21:58 - 2016-03-17 23:38 - 000000906 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job
2017-09-15 21:58 - 2009-07-14 00:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2017-09-15 01:32 - 2017-01-04 18:06 - 000065536 _____ C:\Windows\system32\spu_storage.bin
2017-09-15 01:15 - 2014-09-29 21:50 - 000000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2017-09-15 00:45 - 2016-03-17 23:38 - 000000910 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job
2017-09-14 21:17 - 2014-11-16 14:33 - 000018400 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-09-14 21:17 - 2014-11-16 14:33 - 000018400 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-09-11 22:23 - 2017-01-07 17:56 - 000000000 ____D C:\Users\big red\AppData\LocalLow\Mozilla
2017-09-11 22:23 - 2015-01-18 10:23 - 000000000 ____D C:\Program Files (x86)\Steam
2017-09-11 19:46 - 2016-03-17 23:38 - 000000000 ___HD C:\Program Files (x86)\Dropbox
2017-09-05 18:17 - 2009-07-13 22:20 - 000000000 ____D C:\Windows\AppCompat
2017-09-04 23:11 - 2009-07-13 23:45 - 000391168 _____ C:\Windows\system32\FNTCACHE.DAT
2017-09-04 23:10 - 2014-09-30 23:29 - 000000000 ___SD C:\Windows\system32\CompatTel
2017-09-04 23:10 - 2009-07-13 22:20 - 000000000 ____D C:\Windows\system32\AdvancedInstallers
2017-09-04 23:09 - 2009-07-14 00:32 - 000000000 ____D C:\Program Files\DVD Maker
2017-09-04 23:09 - 2009-07-13 22:20 - 000000000 ____D C:\Windows\SysWOW64\migwiz
2017-09-04 23:09 - 2009-07-13 22:20 - 000000000 ____D C:\Windows\SysWOW64\Dism
2017-09-04 23:09 - 2009-07-13 22:20 - 000000000 ____D C:\Windows\system32\migwiz
2017-09-04 23:09 - 2009-07-13 22:20 - 000000000 ____D C:\Windows\system32\Dism
2017-09-04 23:09 - 2009-07-13 22:20 - 000000000 ____D C:\Windows\PolicyDefinitions
2017-09-04 22:13 - 2014-09-29 21:49 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2017-09-04 22:12 - 2014-09-29 21:49 - 000000000 ___HD C:\Program Files (x86)\Microsoft Silverlight
2017-09-04 22:12 - 2014-09-29 21:49 - 000000000 ____D C:\Program Files\Microsoft Silverlight
2017-09-04 22:08 - 2009-07-13 22:20 - 000000000 ____D C:\Windows\inf
2017-09-04 22:07 - 2014-09-30 23:28 - 000000000 ____D C:\Windows\system32\MRT
2017-09-04 22:06 - 2014-09-30 23:28 - 140394280 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2017-09-04 17:48 - 2014-10-01 20:22 - 000000000 ___HD C:\Program Files (x86)\Battle.net
2017-09-04 17:48 - 2014-10-01 20:22 - 000000000 ____D C:\Users\big red\AppData\Local\Battle.net
2017-09-04 11:58 - 2017-05-22 16:18 - 000000000 ____D C:\Users\big red\Desktop\Old Desktop Icons
2017-09-04 10:45 - 2016-12-28 12:16 - 000365082 _____ C:\Windows\ntbtlog.txt
2017-09-04 10:40 - 2016-05-05 23:10 - 000000000 ____D C:\Users\big red\AppData\Local\ElevatedDiagnostics
2017-09-04 00:54 - 2009-07-13 22:20 - 000000000 ____D C:\Windows\system32\NDF
2017-09-03 19:55 - 2017-08-07 23:37 - 000000000 ____D C:\Users\big red\Documents\SavedGames
2017-09-03 18:34 - 2009-07-13 22:20 - 000000000 ____D C:\Windows\LiveKernelReports
2017-09-01 00:03 - 2014-09-29 21:50 - 000000000 ____D C:\Users\big red\AppData\Local\Greenshot
2017-08-31 22:42 - 2015-02-16 13:24 - 000002195 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-08-31 22:40 - 2016-03-17 23:45 - 000002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2017-08-31 22:40 - 2015-07-03 10:44 - 000004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2017-08-27 22:59 - 2017-08-14 15:29 - 000000000 ____D C:\Users\big red\AppData\Local\GameMaker-Studio
2017-08-27 19:29 - 2014-09-29 19:32 - 000000000 ___HD C:\Program Files (x86)\Mozilla Maintenance Service
2017-08-27 00:36 - 2016-05-08 08:29 - 000000000 ___HD C:\Program Files (x86)\Mozilla Firefox
2017-08-26 20:14 - 2014-09-29 19:39 - 000000000 ____D C:\Qoobox
2017-08-26 20:11 - 2009-07-13 21:34 - 000000215 _____ C:\Windows\system.ini
2017-08-26 19:21 - 2015-04-29 20:05 - 000192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2017-08-26 13:53 - 2014-12-29 01:41 - 000000000 ____D C:\Users\big red\Documents\My Games
2017-08-25 20:56 - 2014-09-29 21:13 - 000000000 ____D C:\Users\big red
2017-08-23 04:48 - 2014-09-29 21:51 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2017-08-22 23:07 - 2017-08-14 15:30 - 000000000 ____D C:\Users\big red\AppData\Roaming\GameMaker-Studio
2017-08-22 18:09 - 2017-08-14 15:29 - 000000000 ____D C:\Users\big red\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GameMaker-Studio 1.4
2017-08-17 19:18 - 2016-10-05 15:07 - 000000000 ___HD C:\Program Files (x86)\NVIDIA Corporation
2017-08-17 19:18 - 2014-09-29 21:51 - 000000000 ____D C:\Users\big red\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
 
==================== Files in the root of some directories =======
 
2016-03-19 01:21 - 2016-03-19 01:21 - 000000842 _____ () C:\Users\big red\AppData\Local\recently-used.xbel
2015-01-03 00:13 - 2016-03-17 23:39 - 000007597 _____ () C:\Users\big red\AppData\Local\Resmon.ResmonCfg
2015-07-11 09:22 - 2015-07-11 09:23 - 000000000 _____ () C:\Users\big red\AppData\Local\Temptable.xml
2016-10-26 00:17 - 2016-10-26 00:17 - 000000000 _____ () C:\Users\big red\AppData\Local\{2E0C1FD5-9873-4D38-B561-63D6494650A0}
2017-08-27 19:31 - 2017-08-27 19:31 - 000000000 _____ () C:\Users\big red\AppData\Local\{6587C0C7-870B-4FB2-B242-A3905E18806D}
2016-12-28 12:15 - 2016-12-28 12:15 - 000000000 _____ () C:\Users\big red\AppData\Local\{6887A583-E483-4CAA-BE3C-07E4466A47F4}
2015-02-05 20:15 - 2017-03-02 21:13 - 000000629 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc
 
==================== Bamital & volsnap ======================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
 
LastRegBack: 2017-09-03 17:40
 
==================== End of FRST.txt ============================

Addition.TXT

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 16-09-2017
Ran by big red (15-09-2017 22:06:05)
Running from C:\Users\big red\Downloads
Windows 7 Home Premium Service Pack 1 (X64) (2014-09-30 02:13:48)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-1497550341-3238969554-3758295579-500 - Administrator - Disabled)
big red (S-1-5-21-1497550341-3238969554-3758295579-1000 - Administrator - Enabled) => C:\Users\big red
Guest (S-1-5-21-1497550341-3238969554-3758295579-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1497550341-3238969554-3758295579-1002 - Limited - Enabled)
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Bitdefender Antivirus Free Edition (Enabled - Up to date) {3FB17364-4FCC-0FA7-6BBF-973897395371}
AS: Bitdefender Antivirus Free Edition (Enabled - Up to date) {84D09280-69F6-0029-510F-AC4AECBE19CC}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 17.012.20098 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 15.0.0.356 - Adobe Systems Incorporated)
Adobe Flash Player 21 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 21.0.0.197 - Adobe Systems Incorporated)
Adobe Flash Player 21 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 21.0.0.213 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.3.153 - Adobe Systems, Inc.)
aioprnt (HKLM\...\{0645A454-AD44-4F0D-99CF-6B762735AD1F}) (Version: 5.3.1.0 - Eastman Kodak Company) Hidden
aioscnnr (HKLM-x32\...\{376348C2-E372-48BC-A138-E896757BD86A}) (Version: 5.8.10.0 - Your Company Name) Hidden
aioscnnr (HKLM-x32\...\{EF53BFAB-4C10-40DB-A82D-9B07111715C6}) (Version: 7.6.13.10 - Your Company Name) Hidden
Amazon Music (HKU\S-1-5-21-1497550341-3238969554-3758295579-1000\...\Amazon Amazon Music) (Version: 3.9.5.820 - Amazon Services LLC)
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 9.0.000.8 - Advanced Micro Devices, Inc.)
Aspire 4.0 (HKLM-x32\...\Aspire) (Version: 4.0 - Vectric)
AutoCAD MEP 2015 - English (HKLM\...\{5783F2D7-E006-0409-2102-0060B0CE6BBA}) (Version: 7.7.49.0 - Autodesk) Hidden
AutoCAD MEP 2015 Language Pack - English (HKLM\...\{5783F2D7-E006-0409-1102-0060B0CE6BBA}) (Version: 7.7.49.0 - Autodesk) Hidden
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Bejeweled 3 (HKLM-x32\...\Steam App 78000) (Version:  - PopCap Games, Inc.)
Bitdefender Antivirus Free Edition (HKLM\...\BitDefender Gonzales) (Version: 1.0.21.1109 - Bitdefender)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Catalyst Control Center Next Localization BR (HKLM\...\{E6B28959-AAD6-FB44-7A45-F272ED4C72C4}) (Version: 2016.1219.1506.27144 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (HKLM\...\{47EF4D14-F64E-3FE2-5489-88D9FC5B289E}) (Version: 2016.1219.1506.27144 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (HKLM\...\{1010A67C-D549-15DC-477E-9E566195BD23}) (Version: 2016.1219.1506.27144 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (HKLM\...\{7C350E7C-5437-40FC-6935-6C09D6C66527}) (Version: 2016.1219.1506.27144 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (HKLM\...\{A25A6E38-50CD-CE67-ADA1-2FD7A3200F43}) (Version: 2016.1219.1506.27144 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (HKLM\...\{B6E83A19-69A0-27F5-C64A-D8D251B6D3C9}) (Version: 2016.1219.1506.27144 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (HKLM\...\{759141B6-0690-A210-8CE7-C0E8B1AD93E3}) (Version: 2016.1219.1506.27144 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (HKLM\...\{2F39E2F6-BC81-C530-9F4D-693FB433898D}) (Version: 2016.1219.1506.27144 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (HKLM\...\{EAB1341C-BDA9-CF63-D968-BD78C3BB9BAB}) (Version: 2016.1219.1506.27144 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (HKLM\...\{2E4FBA69-A3F7-7E07-479F-330F28B949A7}) (Version: 2016.1219.1506.27144 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (HKLM\...\{BD63FEFE-74D5-81D0-CF48-5FF3911FEB4C}) (Version: 2016.1219.1506.27144 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (HKLM\...\{8018E5F5-AF4D-6F75-CBE0-270C000CFD25}) (Version: 2016.1219.1506.27144 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (HKLM\...\{AA6A639C-5CFB-4946-F60B-688C068163A8}) (Version: 2016.1219.1506.27144 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (HKLM\...\{393F54BF-306E-9334-96F6-F7548B3AC946}) (Version: 2016.1219.1506.27144 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (HKLM\...\{4E708107-0B12-E65F-BA36-D3601B0634B2}) (Version: 2016.1219.1506.27144 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (HKLM\...\{F7C9FC57-DBF0-D3E0-1D2E-0B1700A3AA3B}) (Version: 2016.1219.1506.27144 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (HKLM\...\{D42CEC36-053F-EAEF-8B12-0CE285C6FD99}) (Version: 2016.1219.1506.27144 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (HKLM\...\{5B7B7551-3EBC-473F-47F4-E13F5CEBF180}) (Version: 2016.1219.1506.27144 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (HKLM\...\{59C3FD9B-2DE8-62BC-4BC8-FF9C56BD05AE}) (Version: 2016.1219.1506.27144 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (HKLM\...\{9C5A18F9-7578-905A-FD82-02E79966639D}) (Version: 2016.1219.1506.27144 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (HKLM\...\{75D77315-1890-4848-F478-CEFD7ADB45DD}) (Version: 2016.1219.1506.27144 - Advanced Micro Devices, Inc.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 4.18 - Piriform)
center (HKLM-x32\...\{56BA241F-580C-43D2-8403-947241AAE633}) (Version: 7.8.0.0 - Eastman Kodak Company) Hidden
Citrix Online Launcher (HKLM-x32\...\{77463C86-BB3A-426E-A6C2-06B4D28C250F}) (Version: 1.0.223 - Citrix)
Cool & Quiet (HKLM-x32\...\{1ADE1AA0-7F82-4BB1-B1BD-727DE438057B}) (Version:  - )
CorelDRAW Graphics Suite 12 (HKLM-x32\...\{505AFDC0-5E72-4928-8368-5DEA385E3647}) (Version: 12.0.0.458 - Corel Corporation)
CPUID CPU-Z 1.71.1 (HKLM\...\CPUID CPU-Z_is1) (Version:  - )
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd)
DARK SOULS™ II: Scholar of the First Sin (HKLM\...\Steam App 335300) (Version:  - FromSoftware, Inc)
Dota 2 (HKLM\...\Steam App 570) (Version:  - Valve)
Dota 2 Test (HKLM\...\Steam App 205790) (Version:  - )
DraftSight 2015 SP1 x64 (HKLM\...\{680A2762-F6EE-4222-9F3B-B67FED0F6B91}) (Version: 13.1.1091 - Dassault Systemes)
DriverNavigator 3.6.9 (HKLM\...\DriverNavigator_is1) (Version: 3.6.9.0 - Easeware)
Dropbox (HKLM-x32\...\Dropbox) (Version: 34.4.20 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.59.1 - Dropbox, Inc.) Hidden
EaselLocal (HKLM-x32\...\{93DA774D-82B2-48EF-87B1-F939324ADCEB}}_is1) (Version: 0.2.1-p20 - Inventables)
essentials (HKLM-x32\...\{BE94C681-68E2-4561-8ABC-8D2E799168B4}) (Version: 7.8.0.0 - Eastman Kodak Company) Hidden
Eterium (HKLM\...\Steam App 280200) (Version:  - Rogue Earth LLC)
Evernote v. 5.6.4 (HKLM-x32\...\{DFDF0BE2-2D71-11E4-9454-00163E98E7D6}) (Version: 5.6.4.4632 - Evernote Corp.)
Galactic Civilizations III (HKLM\...\Steam App 226860) (Version:  - Stardock Entertainment)
GameMaker: Player (HKLM-x32\...\GameMakerPlayer) (Version: 1.4.1416.41504 - YoYo Games Ltd.)
GameMaker-Studio 1.4 (HKU\S-1-5-21-1497550341-3238969554-3758295579-1000\...\GameMaker-Studio14) (Version:  - YoYo Games Ltd.)
Get the Picture! (HKLM-x32\...\{F6FFEEE9-3805-9521-EC87-88C3A67AB4FF}) (Version: 2.3.5 - Image Holdings) Hidden
Get the Picture! (HKLM-x32\...\com.image.getthepicture) (Version: 2.3.5 - Image Holdings)
GIMP 2.8.14 (HKLM\...\GIMP-2_is1) (Version: 2.8.14 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 60.0.3112.113 - Google Inc.)
Google Drive (HKLM-x32\...\{A90339B3-2C3F-492E-B3A7-0BDFC691E526}) (Version: 2.34.6425.2548 - Google, Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.5 - Google Inc.) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
gpedt.msc 1.0 (HKLM-x32\...\{10B9C608-BF7C-4CCF-A658-C01D969DCA21}_is1) (Version:  - Richard)
Greenshot 1.1.9.13 (HKLM\...\Greenshot_is1) (Version: 1.1.9.13 - Greenshot)
Heroes of the Storm (HKLM-x32\...\Heroes of the Storm) (Version:  - Blizzard Entertainment)
HitmanPro 3.7 (HKLM\...\HitmanPro37) (Version: 3.7.14.280 - SurfRight B.V.)
Homefront (HKLM\...\Steam App 55100) (Version:  - Kaos Studios)
Icecream Screen Recorder version 4.74 (HKLM-x32\...\{7ADEC622-3230-4C9A-9DCE-9BD462B74095}_is1) (Version: 4.74 - Icecream Apps)
Java 8 Update 144 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180144F0}) (Version: 8.0.1440.1 - Oracle Corporation)
Killing Floor 2 (HKLM\...\Steam App 232090) (Version:  - Tripwire Interactive)
Kodak AIO Printer (HKLM\...\{27EF8E7F-88D1-4ec5-ADE2-7E447FDF114E}) (Version: 7.8.1.0 - Eastman Kodak Company) Hidden
KODAK AiO Software (HKLM-x32\...\{E0F274B7-592B-4669-8FB8-8D9825A09858}) (Version: 7.8.5.2 - Eastman Kodak Company)
Logitech Gaming Software 8.57 (HKLM\...\Logitech Gaming Software) (Version: 8.57.145 - Logitech Inc.)
Malwarebytes Anti-Malware version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Marvell Miniport Driver (HKLM-x32\...\Marvell Miniport Driver) (Version: 11.44.1.3 - Marvell)
MechWarrior Online (HKLM-x32\...\{1A14AC87-9585-4AC5-BA5D-0A3A4C6AF7D4}) (Version: 1.6.1.0 - Piranha Games Inc.) Hidden
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office 2003 Web Components (HKLM-x32\...\{90120000-00A4-0409-0000-0000000FF1CE}) (Version: 12.0.6213.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
Microsoft SQL Server 2008 Native Client (HKLM\...\{C79A7EAB-9D6F-4072-8A6D-F8F54957CD93}) (Version: 10.0.1600.22 - Microsoft Corporation)
Microsoft SQL Server 2008 Setup Support Files  (HKLM\...\{B40EE88B-400A-4266-A17B-E3DE64E94431}) (Version: 10.1.2731.0 - Microsoft Corporation)
Microsoft SQL Server 2012 (64-bit) (HKLM\...\Microsoft SQL Server SQLServer2012) (Version:  - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client  (HKLM\...\{49D665A2-4C2A-476E-9AB8-FCC425F526FC}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Setup (English) (HKLM\...\{5DDC2234-4B37-45BC-AD33-41F1469B4D83}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Transact-SQL ScriptDom  (HKLM\...\{0E8670B8-3965-4930-ADA6-570348B67153}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual Studio 2005 Remote Debugger Light (x64) - ENU (HKLM\...\Microsoft Visual Studio 2005 Remote Debugger Light (x64) - ENU) (Version:  - Microsoft Corporation)
Microsoft Visual Studio 2005 Tools for Applications - ENU (HKLM-x32\...\Microsoft Visual Studio 2005 Tools for Applications - ENU) (Version:  - Microsoft Corporation)
Microsoft VSS Writer for SQL Server 2012 (HKLM\...\{3E0DD83F-BE4C-4478-86A0-AD0D79D1353E}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Middle-earth™: Shadow of Mordor™ (HKLM\...\Steam App 241930) (Version:  - Monolith Productions, Inc.)
Mozilla Firefox 55.0.3 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 55.0.3 (x86 en-US)) (Version: 55.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 55.0.3.6445 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
NEC Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\{D7BF9739-8A68-4335-BBEE-37752AD9E86B}) (Version: 1.0.19.0 - NEC Electronics Corporation) Hidden
NEC Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{D7BF9739-8A68-4335-BBEE-37752AD9E86B}) (Version: 1.0.19.0 - NEC Electronics Corporation)
NVIDIA PhysX (HKLM-x32\...\{B455E95A-B804-439F-B533-336B1635AE97}) (Version: 9.14.0702 - NVIDIA Corporation)
ocr (HKLM-x32\...\{BFBCF96F-7361-486A-965C-54B17AC35421}) (Version: 6.2.3.50 - Eastman Kodak Company) Hidden
Offworld Trading Company (HKLM\...\Steam App 271240) (Version:  - Mohawk Games)
OpenOffice 4.1.0 (HKLM-x32\...\{C87EF11D-36E9-479D-9898-7541EA1E8A6A}) (Version: 4.10.9764 - Apache Software Foundation)
Orcs Must Die! 2 (HKLM-x32\...\Steam App 201790) (Version:  - Robot Entertainment)
Our Cruise Photos Digital version 0.9.32 (HKLM-x32\...\{7460981E-FCC2-480B-ACB0-C75AE6201B7B}_is1) (Version: 0.9.32 - The Image Group)
Outlast (HKLM\...\Steam App 238320) (Version:  - Red Barrels)
Path of Exile (HKLM\...\Steam App 238960) (Version:  - Grinding Gear Games)
PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.7.3 - pdfforge)
Plex Media Server (HKLM-x32\...\{4A10DB6A-8093-40A8-BF1C-C3587B0A901D}) (Version: 1.3.3148 - Plex, Inc.) Hidden
Plex Media Server (HKLM-x32\...\{d685b3b4-91da-4364-9e7d-f365a614d42b}) (Version: 1.3.3.3148 - Plex, Inc.)
PreReq (HKLM-x32\...\{DA5BDB2A-12F0-4343-8351-21AAEB293990}) (Version: 6.2.4.0 - Eastman Kodak Company) Hidden
PrintProjects (HKLM-x32\...\PrintProjects) (Version: 1.0.0.9282 - RocketLife Inc.)
qBittorrent 3.1.10 (HKLM-x32\...\qBittorrent) (Version: 3.1.10 - The qBittorrent project)
Rainmeter (HKLM-x32\...\Rainmeter) (Version: 4.0 r2746 - )
Resident Evil 6 / Biohazard 6 (HKLM\...\Steam App 221040) (Version:  - Capcom)
Risen 3 - Titan Lords (HKLM\...\Steam App 249230) (Version:  - Piranha Bytes)
ROG GameFirst v4.53 (HKLM\...\ROG GameFirst) (Version: 4.53 - cFos Software GmbH, Bonn)
Saints Row 2 (HKLM\...\Steam App 9480) (Version:  - Volition)
Samsung Magician (HKLM-x32\...\{29AE3F9F-7158-4ca7-B1ED-28A73ECDB215}_is1) (Version: 4.5.1 - Samsung Electronics)
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.59.0 - Samsung Electronics Co., Ltd.)
Sherlock Holmes: The Devil's Daughter (HKLM\...\Steam App 350640) (Version:  - Frogwares)
SimplePlanes (HKLM\...\Steam App 397340) (Version:  - Jundroo, LLC)
SketchUp Import (HKLM-x32\...\{C403E867-FCF1-432B-BCC1-8FFD40A10A6E}) (Version: 1.2.0 - Autodesk)
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
Speccy (HKLM\...\Speccy) (Version: 1.31 - Piriform)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.)
SQL Server 2012 Common Files (HKLM\...\{1D411379-9CE0-4B13-A19B-72D3222DD620}) (Version: 11.0.2100.60 - Microsoft Corporation) Hidden
SQL Server 2012 Common Files (HKLM\...\{202AAF1F-69AA-442A-B59F-6B54B1AD07C6}) (Version: 11.0.2100.60 - Microsoft Corporation) Hidden
SQL Server 2012 Database Engine Services (HKLM\...\{18B2A97C-92C3-4AC7-BE72-F823E0BC895B}) (Version: 11.0.2100.60 - Microsoft Corporation) Hidden
SQL Server 2012 Database Engine Services (HKLM\...\{84FBCA4A-D650-4B0D-8094-EC0671FA9B91}) (Version: 11.0.2100.60 - Microsoft Corporation) Hidden
SQL Server 2012 Database Engine Shared (HKLM\...\{54FF8FAB-DE27-4187-82F1-EBAE6AEE869A}) (Version: 11.0.2100.60 - Microsoft Corporation) Hidden
SQL Server 2012 Database Engine Shared (HKLM\...\{6603C2CE-3C54-4F1D-92F9-8390CD4CCCA8}) (Version: 11.0.2100.60 - Microsoft Corporation) Hidden
SQL Server Browser for SQL Server 2012 (HKLM-x32\...\{4B9E6EB0-0EED-4E74-9479-F982C3254F71}) (Version: 11.0.2100.60 - Microsoft Corporation)
Sql Server Customer Experience Improvement Program (HKLM\...\{BED1EA3D-592D-4305-9D1F-20F03726EFC1}) (Version: 11.0.2100.60 - Microsoft Corporation) Hidden
StarCraft II (HKLM-x32\...\StarCraft II) (Version:  - Blizzard Entertainment)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Stopping Plex (HKLM-x32\...\{0F4F2C9B-2C85-4DBF-B385-3D6D44446C16}) (Version: 1.3.3148 - Plex, Inc.) Hidden
swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.41110 - TeamViewer)
TurboTax 2016 (HKLM-x32\...\TurboTax 2016) (Version: 2016.0 - Intuit, Inc)
Uplay (HKLM-x32\...\Uplay) (Version: 4.9 - Ubisoft)
Vectric Shell Extensions 1.2 (HKLM-x32\...\VectricThumbnailShellExt) (Version:  - Vectric)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
Vulkan Run Time Libraries 1.0.26.0 (HKLM\...\VulkanRT1.0.26.0) (Version: 1.0.26.0 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.26.0 (HKLM\...\VulkanRT1.0.26.0-2) (Version: 1.0.26.0 - LunarG, Inc.)
WebM Project Directshow Filters (HKU\S-1-5-21-1497550341-3238969554-3758295579-1000\...\webmdshow) (Version: 1.0.4.1 - WebM Project)
Windows Driver Package - SteelSeries (HidUsb) HIDClass  (11/06/2008 1.0.0.0) (HKLM\...\3BAB28DCB147AECC0E058666DF1B98388950B510) (Version: 11/06/2008 1.0.0.0 - SteelSeries)
WinRAR 5.20 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.20.0 - win.rar GmbH)
WinTopo Freeware version 1.7.6.0 and WinTopo Professional (HKLM-x32\...\{46999DF1-04C2-4CFF-B5CD-080A74F440CD}_is1) (Version: 1.7.6.0 and WinTopo Professional - SoftSoft Ltd)
World of Warcraft MMO Gaming Mouse (HKLM-x32\...\{C9DF0468-5F31-4799-B4FE-CBAD37FFB8DE}) (Version: 1.14.0000 - SteelSeries)
Worms W.M.D (HKLM\...\Steam App 327030) (Version:  - Team17 Digital Ltd)
Xiph.Org Open Codecs 0.85.17777 (HKLM-x32\...\Open Codecs) (Version: 0.85.17777 - Xiph.Org)
Yahoo Search Set (HKLM-x32\...\Yahoo! SearchSet) (Version:  - Yahoo Inc.)
Yet Another Zombie Defense (HKLM\...\Steam App 270550) (Version:  - Awesome Games Studio)
 
==================== Custom CLSID (Whitelisted): ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
ShellIconOverlayIdentifiers: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.18.0.dll [2017-09-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.18.0.dll [2017-09-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.18.0.dll [2017-09-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.18.0.dll [2017-09-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.18.0.dll [2017-09-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.18.0.dll [2017-09-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.18.0.dll [2017-09-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.18.0.dll [2017-09-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.18.0.dll [2017-09-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.18.0.dll [2017-09-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [  GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2017-08-04] (Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2017-08-04] (Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2017-08-04] (Google)
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2014-02-07] (Autodesk, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.18.0.dll [2017-09-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.18.0.dll [2017-09-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.18.0.dll [2017-09-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.18.0.dll [2017-09-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.18.0.dll [2017-09-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.18.0.dll [2017-09-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.18.0.dll [2017-09-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.18.0.dll [2017-09-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.18.0.dll [2017-09-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.18.0.dll [2017-09-06] (Dropbox, Inc.)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2010-11-18] (Igor Pavlov)
ContextMenuHandlers1: [AcShellExtension.AcContextMenuHandler] -> {2E7A2C6C-B938-40a4-BA1C-C7EC982DC202} => C:\Program Files\Common Files\Autodesk Shared\AcShellEx\AcShellExtension.dll [2014-02-07] (Autodesk)
ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.18.0.dll [2017-09-06] (Dropbox, Inc.)
ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files (x86)\Google\Drive\contextmenu64.dll [2017-08-04] (Google)
ContextMenuHandlers1: [Gonzales] -> {A50F8401-953F-4C11-8B77-1278C6C7C3F4} => C:\Program Files\Bitdefender\Antivirus Free Edition\GzShellIntegration.dll [2016-03-18] (Bitdefender)
ContextMenuHandlers1: [SDECon32] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2014-06-24] (Safer-Networking Ltd.)
ContextMenuHandlers1: [SDECon64] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2014-06-24] (Safer-Networking Ltd.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2014-12-02] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2014-12-02] (Alexander Roshal)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamext.dll [2016-03-10] (Malwarebytes)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2010-11-18] (Igor Pavlov)
ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.18.0.dll [2017-09-06] (Dropbox, Inc.)
ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files (x86)\Google\Drive\contextmenu64.dll [2017-08-04] (Google)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files\AMD\CNext\CNext\atiacm64.dll [2016-12-19] (Advanced Micro Devices, Inc.)
ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.18.0.dll [2017-09-06] (Dropbox, Inc.)
ContextMenuHandlers6: [Gonzales] -> {A50F8401-953F-4C11-8B77-1278C6C7C3F4} => C:\Program Files\Bitdefender\Antivirus Free Edition\GzShellIntegration.dll [2016-03-18] (Bitdefender)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamext.dll [2016-03-10] (Malwarebytes)
ContextMenuHandlers6: [SDECon32] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2014-06-24] (Safer-Networking Ltd.)
ContextMenuHandlers6: [SDECon64] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2014-06-24] (Safer-Networking Ltd.)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2014-12-02] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2014-12-02] (Alexander Roshal)
 
==================== Scheduled Tasks (Whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {12F502EE-1222-4A2D-8A2E-CA425102617D} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe [2014-06-24] (Safer-Networking Ltd.)
Task: {316647C8-43AC-42A7-BD44-EC3EE6F7712E} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe [2014-06-27] (Safer-Networking Ltd.)
Task: {328B3E92-7D26-4003-AD37-39F52CFF3DDF} - System32\Tasks\Omega Safe Network Uninstaller => C:\Program Files (x86)\Omega Safe Network\jptask.exe <==== ATTENTION
Task: {37B71E66-E0B8-4888-AFE8-0678CBC0D062} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-09-26] (Piriform Ltd)
Task: {49A9A1C8-6AE9-4A6E-854A-24A520BA15FB} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-03-17] (Dropbox, Inc.)
Task: {5B85FDA5-89C9-40E3-A58C-C5881B0BC8D8} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe [2014-06-24] (Safer-Networking Ltd.)
Task: {5B916A57-B756-413E-B176-89E3566EA415} - System32\Tasks\{8B2B4E49-F3E0-4F84-B5A3-2AB224072FFB} => C:\Windows\system32\pcalua.exe -a "C:\Users\big red\Desktop\CoreDraw12-english\instmsiw.exe" -d "C:\Users\big red\Desktop\CoreDraw12-english"
Task: {5E026B62-C327-4C0E-AE91-E734043F09AA} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-01-05] (Google Inc.)
Task: {5E2DF8B6-D2D2-4781-81C6-6BE70ABCBDE2} - System32\Tasks\DriverNavigator Scheduled Scan => C:\Program Files\Easeware\DriverNavigator\DriverNavigator.exe [2016-12-12] (Easeware)
Task: {6E1C048A-929C-4CC3-8968-B9A23D73E3D2} - System32\Tasks\SamsungMagician => C:\Program Files (x86)\Samsung Magician\Samsung Magician.exe [2014-09-28] (Samsung Electronics.)
Task: {7B0B5DF7-FE1C-4396-B631-04F7F7DA2D3C} - \{DD058AB2-94B2-4BC7-A1D4-4D03AD967BAF} -> No File <==== ATTENTION
Task: {87429531-D170-46FA-81E4-4E883165B968} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-03-17] (Dropbox, Inc.)
Task: {A250499C-1800-4767-A2C8-BB568F6ED554} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [2016-12-19] (Advanced Micro Devices, Inc.)
Task: {BE09656B-0FB9-45C5-BC72-9D36E351EF06} - System32\Tasks\Personal Computer Updater Worker => C:\Program Files (x86)\Personal Computer Updater\Personal ComputerUpdater.exe
Task: {BFFFCAF4-211F-4274-86A6-C38FDFBBE8FF} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-01-05] (Google Inc.)
Task: {C1860B3B-EC56-4E2A-920A-BA9C65946E6C} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-04-21] (Adobe Systems Incorporated)
Task: {DE5A4A73-C535-4FBE-B4FB-A6A8E3C1FBDB} - \{471DCEA1-714A-43F0-BE11-1A63EF9D5BB2} -> No File <==== ATTENTION
Task: {DF6D9478-C689-4330-9F0B-F37941D08FC6} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-07-19] (Adobe Systems Incorporated)
Task: {E0F0B09C-2406-4146-90A7-A8998A6FDACC} - System32\Tasks\ASUS\RunDAOD => C:\Windows\DAODx.exe [2009-03-30] ()
Task: {E83A329E-EFD0-4944-8BFC-2BF6C3E4397B} - \{32703E98-5E07-4123-A9B5-C3969F99F317} -> No File <==== ATTENTION
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\DriverNavigator Scheduled Scan.job => C:\Program Files\Easeware\DriverNavigator\DriverNavigator.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
 
==================== Shortcuts & WMI ========================
 
(The entries could be listed to be restored or removed.)
 
 
ShortcutWithArgument: C:\Users\big red\Desktop\Old Desktop Icons\Google\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --load-extension="C:\Program Files (x86)\Google\Chrome\Application\0aac4dee8f30d10e4125aa050c97587f"
ShortcutWithArgument: C:\Users\big red\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --load-extension="C:\Program Files (x86)\Google\Chrome\Application\0aac4dee8f30d10e4125aa050c97587f"
ShortcutWithArgument: C:\Users\big red\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --load-extension="C:\Program Files (x86)\Google\Chrome\Application\0aac4dee8f30d10e4125aa050c97587f"
 
==================== Loaded Modules (Whitelisted) ==============
 
2016-03-18 01:39 - 2016-03-18 01:39 - 000712288 _____ () C:\Program Files\Bitdefender\Antivirus Free Edition\sqlite3.dll
2016-03-18 01:40 - 2016-03-18 01:40 - 000111832 _____ () C:\Program Files\Bitdefender\Antivirus Free Edition\BDMetrics.dll
2009-03-30 09:32 - 2009-03-30 09:32 - 000032768 ____R () C:\Windows\DAODx.exe
2014-09-18 02:23 - 2014-09-18 02:23 - 000866584 _____ () C:\Program Files\Logitech Gaming Software\libGLESv2.dll
2014-10-14 13:51 - 2014-10-14 13:51 - 001050904 _____ () C:\Program Files\Logitech Gaming Software\platforms\qwindows.dll
2014-09-18 02:23 - 2014-09-18 02:23 - 000059160 _____ () C:\Program Files\Logitech Gaming Software\libEGL.dll
2014-10-14 13:51 - 2014-10-14 13:51 - 000242456 _____ () C:\Program Files\Logitech Gaming Software\imageformats\qjpeg.dll
2015-01-11 12:18 - 2015-01-11 12:18 - 000075136 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2017-01-01 08:59 - 2017-01-01 08:59 - 000173568 _____ () C:\Program Files\Rainmeter\Plugins\AudioLevel.DLL
2017-01-01 08:59 - 2017-01-01 08:59 - 000111104 _____ () C:\Program Files\Rainmeter\Plugins\PowerPlugin.dll
2017-01-01 08:59 - 2017-01-01 08:59 - 000136704 _____ () C:\Program Files\Rainmeter\Plugins\Win7AudioPlugin.DLL
2017-01-01 08:59 - 2017-01-01 08:59 - 000130560 _____ () C:\Program Files\Rainmeter\Plugins\SysInfo.dll
2017-01-01 08:59 - 2017-01-01 08:59 - 000115712 _____ () C:\Program Files\Rainmeter\Plugins\SpeedFanPlugin.DLL
2017-01-01 09:00 - 2017-01-01 09:00 - 000023040 _____ () C:\Program Files\Rainmeter\Plugins\InputText.dll
2017-01-01 08:59 - 2017-01-01 08:59 - 000120832 _____ () C:\Program Files\Rainmeter\Plugins\QuotePlugin.dll
2016-09-15 04:34 - 2016-09-15 04:34 - 000014336 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll
2016-09-15 04:34 - 2016-09-15 04:34 - 000739840 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll
2016-09-15 04:34 - 2016-09-15 04:34 - 000014336 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll
2016-09-15 04:34 - 2016-09-15 04:34 - 000071168 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll
2016-09-15 04:34 - 2016-09-15 04:34 - 000011776 _____ () C:\Program Files\AMD\CNext\CNext\libEGL.dll
2016-09-15 04:34 - 2016-09-15 04:34 - 002013696 _____ () C:\Program Files\AMD\CNext\CNext\libGLESv2.dll
2016-09-15 04:34 - 2016-09-15 04:34 - 000191488 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Dialogs\dialogplugin.dll
2017-08-31 22:42 - 2017-08-23 03:48 - 003824472 ____H () C:\Program Files (x86)\Google\Chrome\Application\60.0.3112.113\libglesv2.dll
2017-08-31 22:42 - 2017-08-23 03:48 - 000100184 ____H () C:\Program Files (x86)\Google\Chrome\Application\60.0.3112.113\libegl.dll
2016-03-25 10:40 - 2010-08-11 15:18 - 000010752 ____H () C:\Program Files (x86)\SteelSeries\World of Warcraft MMO Gaming Mouse\VDHIDWDM.DLL
2017-09-11 19:46 - 2017-09-06 05:29 - 000771392 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_watchdog.dll
2017-09-11 19:46 - 2017-09-06 05:29 - 001804608 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_crashpad.dll
2016-03-17 23:40 - 2017-09-06 05:29 - 000100296 _____ () C:\Program Files (x86)\Dropbox\Client\_ctypes.pyd
2016-03-17 23:40 - 2017-09-06 05:29 - 000018888 _____ () C:\Program Files (x86)\Dropbox\Client\select.pyd
2016-03-17 23:40 - 2017-09-06 05:34 - 000020800 _____ () C:\Program Files (x86)\Dropbox\Client\tornado.speedups.pyd
2016-03-17 23:40 - 2017-09-06 05:29 - 000035792 _____ () C:\Program Files (x86)\Dropbox\Client\_multiprocessing.pyd
2017-09-11 19:46 - 2017-09-06 05:31 - 000021848 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._constant_time.pyd
2016-03-17 23:40 - 2017-09-06 05:29 - 000125904 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_backend.pyd
2016-03-17 23:40 - 2017-09-06 05:29 - 000694224 _____ () C:\Program Files (x86)\Dropbox\Client\unicodedata.pyd
2017-09-11 19:46 - 2017-09-06 05:31 - 001862992 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._openssl.pyd
2017-09-11 19:46 - 2017-09-06 05:31 - 000022864 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._padding.pyd
2017-09-11 19:46 - 2017-09-06 05:29 - 000145864 _____ () C:\Program Files (x86)\Dropbox\Client\pyexpat.pyd
2017-09-11 19:46 - 2017-09-06 05:29 - 000116688 _____ () C:\Program Files (x86)\Dropbox\Client\pywintypes27.dll
2016-03-17 23:40 - 2017-09-06 05:29 - 000105928 _____ () C:\Program Files (x86)\Dropbox\Client\win32api.pyd
2016-10-05 14:23 - 2017-09-06 05:34 - 000022864 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.crt.compiled._winffi_crt.pyd
2017-09-11 19:46 - 2017-09-06 05:32 - 000062784 _____ () C:\Program Files (x86)\Dropbox\Client\psutil._psutil_windows.pyd
2016-03-17 23:40 - 2017-09-06 05:29 - 000024528 _____ () C:\Program Files (x86)\Dropbox\Client\win32event.pyd
2017-09-11 19:46 - 2017-09-06 05:32 - 000040248 _____ () C:\Program Files (x86)\Dropbox\Client\fastpath.pyd
2017-09-11 19:46 - 2017-09-06 05:29 - 000020936 _____ () C:\Program Files (x86)\Dropbox\Client\mmapfile.pyd
2016-03-17 23:40 - 2017-09-06 05:29 - 000124880 _____ () C:\Program Files (x86)\Dropbox\Client\win32file.pyd
2016-03-17 23:40 - 2017-09-06 05:29 - 000116176 _____ () C:\Program Files (x86)\Dropbox\Client\win32security.pyd
2017-09-11 19:46 - 2017-09-06 05:29 - 000392656 _____ () C:\Program Files (x86)\Dropbox\Client\pythoncom27.dll
2016-03-17 23:40 - 2017-09-06 05:34 - 000392512 _____ () C:\Program Files (x86)\Dropbox\Client\win32com.shell.shell.pyd
2016-10-05 14:23 - 2017-09-06 05:34 - 000026456 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.kernel32.compiled._winffi_kernel32.pyd
2016-03-17 23:40 - 2017-09-06 05:29 - 000024016 _____ () C:\Program Files (x86)\Dropbox\Client\win32clipboard.pyd
2016-03-17 23:40 - 2017-09-06 05:29 - 000175560 _____ () C:\Program Files (x86)\Dropbox\Client\win32gui.pyd
2016-03-17 23:40 - 2017-09-06 05:29 - 000030160 _____ () C:\Program Files (x86)\Dropbox\Client\win32pipe.pyd
2016-03-17 23:40 - 2017-09-06 05:29 - 000043472 _____ () C:\Program Files (x86)\Dropbox\Client\win32process.pyd
2016-03-17 23:40 - 2017-09-06 05:29 - 000048592 _____ () C:\Program Files (x86)\Dropbox\Client\win32service.pyd
2016-03-17 23:40 - 2017-09-06 05:29 - 000057808 _____ () C:\Program Files (x86)\Dropbox\Client\win32evtlog.pyd
2017-09-11 19:46 - 2017-09-06 05:31 - 000022336 _____ () C:\Program Files (x86)\Dropbox\Client\cpuid.compiled._cpuid.pyd
2017-09-11 19:46 - 2017-09-06 05:35 - 000023368 _____ () C:\Program Files (x86)\Dropbox\Client\winshell.compiled._winshell.pyd
2017-05-21 16:41 - 2017-09-06 05:34 - 000082264 _____ () C:\Program Files (x86)\Dropbox\Client\winenumhandles.compiled._WinEnumHandles.pyd
2016-03-17 23:40 - 2017-09-06 05:35 - 000025432 _____ () C:\Program Files (x86)\Dropbox\Client\winscreenshot.compiled._CaptureScreenshot.pyd
2016-03-17 23:40 - 2017-09-06 05:29 - 000028616 _____ () C:\Program Files (x86)\Dropbox\Client\win32ts.pyd
2016-03-17 23:40 - 2017-09-06 05:29 - 000024016 _____ () C:\Program Files (x86)\Dropbox\Client\win32profile.pyd
2017-09-11 19:46 - 2017-09-06 05:32 - 001826104 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtCore.pyd
2016-03-17 23:40 - 2017-09-06 05:29 - 000083912 _____ () C:\Program Files (x86)\Dropbox\Client\sip.pyd
2017-09-11 19:46 - 2017-09-06 05:32 - 001972024 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtGui.pyd
2017-09-11 19:46 - 2017-09-06 05:32 - 003928896 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWidgets.pyd
2017-09-11 19:46 - 2017-09-06 05:32 - 000171336 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngineWidgets.pyd
2017-09-11 19:46 - 2017-09-06 05:32 - 000042816 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebChannel.pyd
2017-09-11 19:46 - 2017-09-06 05:32 - 000531264 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtNetwork.pyd
2017-09-11 19:46 - 2017-09-06 05:32 - 000133432 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKit.pyd
2017-09-11 19:46 - 2017-09-06 05:32 - 000224064 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKitWidgets.pyd
2017-09-11 19:46 - 2017-09-06 05:32 - 000207680 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtPrintSupport.pyd
2016-03-17 23:40 - 2017-09-06 05:29 - 000060880 _____ () C:\Program Files (x86)\Dropbox\Client\win32print.pyd
2017-02-24 17:22 - 2017-09-06 05:35 - 000054608 _____ () C:\Program Files (x86)\Dropbox\Client\winrpcserver.compiled._RPCServer.pyd
2017-01-26 18:53 - 2017-09-06 05:35 - 000022864 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.user32.compiled._winffi_user32.pyd
2017-01-26 18:53 - 2017-09-06 05:34 - 000022872 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.iphlpapi.compiled._winffi_iphlpapi.pyd
2017-01-26 18:53 - 2017-09-06 05:35 - 000021848 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winerror.compiled._winffi_winerror.pyd
2017-01-26 18:53 - 2017-09-06 05:35 - 000022872 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.wininet.compiled._winffi_wininet.pyd
2017-09-11 19:46 - 2017-09-06 05:31 - 000027488 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox.infinite.win.compiled._driverinstallation.pyd
2016-03-17 23:40 - 2017-09-06 05:29 - 000349128 _____ () C:\Program Files (x86)\Dropbox\Client\winxpgui.pyd
2016-03-17 23:40 - 2017-09-06 05:35 - 000023896 _____ () C:\Program Files (x86)\Dropbox\Client\winverifysignature.compiled._VerifySignature.pyd
2017-09-11 19:46 - 2017-09-06 05:32 - 000025936 _____ () C:\Program Files (x86)\Dropbox\Client\librsyncffi.compiled._librsyncffi.pyd
2017-09-11 19:46 - 2017-09-06 05:29 - 000036296 _____ () C:\Program Files (x86)\Dropbox\Client\librsync.dll
2017-09-11 19:46 - 2017-09-06 05:31 - 000181056 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_sqlite_ext.DLL
2016-10-05 14:23 - 2017-09-06 05:34 - 000030536 _____ () C:\Program Files (x86)\Dropbox\Client\wind3d11.compiled._wind3d11.pyd
2017-09-11 19:46 - 2017-09-06 05:32 - 000024368 _____ () C:\Program Files (x86)\Dropbox\Client\libEGL.dll
2017-09-11 19:46 - 2017-09-06 05:32 - 001637688 _____ () C:\Program Files (x86)\Dropbox\Client\libGLESv2.dll
2016-10-05 14:23 - 2017-09-06 05:35 - 000026456 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winhttp.compiled._winffi_winhttp.pyd
2017-04-07 14:53 - 2017-09-06 05:34 - 000023368 _____ () C:\Program Files (x86)\Dropbox\Client\wincrashpad.compiled._Crashpad.pyd
2017-09-11 19:46 - 2017-09-06 05:32 - 000546104 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQuick.pyd
2017-09-11 19:46 - 2017-09-06 05:32 - 000357688 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQml.pyd
2014-09-29 21:42 - 2014-09-28 20:59 - 000019872 ____H () C:\Program Files (x86)\Samsung Magician\SAMSUNG_SSD.dll
 
==================== Alternate Data Streams (Whitelisted) =========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 
AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxlctlfudivq`qsp`28hfm [0]
AlternateDataStreams: C:\Users\big red\Downloads\adwcleaner_6.021.exe:BDU [0]
AlternateDataStreams: C:\Users\big red\Downloads\Apache_OpenOffice_4.1.3_Win_x86_install_en-US.exe:BDU [0]
AlternateDataStreams: C:\Users\big red\Downloads\autodetectutility(1).exe:BDU [0]
AlternateDataStreams: C:\Users\big red\Downloads\bitdefender_online.exe:BDU [0]
AlternateDataStreams: C:\Users\big red\Downloads\c6etn08us17.exe:BDU [0]
AlternateDataStreams: C:\Users\big red\Downloads\DriverNavigator_Setup.exe:BDU [0]
AlternateDataStreams: C:\Users\big red\Downloads\DropboxInstaller.exe:BDU [0]
AlternateDataStreams: C:\Users\big red\Downloads\FRST64 (1).exe:BDU [0]
AlternateDataStreams: C:\Users\big red\Downloads\FRST64.exe:BDU [0]
AlternateDataStreams: C:\Users\big red\Downloads\GMStudio-Installer-1.4.1763.exe:BDU [0]
AlternateDataStreams: C:\Users\big red\Downloads\jxpiinstall.exe:BDU [0]
AlternateDataStreams: C:\Users\big red\Downloads\mbam-setup-2.1.6.1022.exe:BDU [0]
AlternateDataStreams: C:\Users\big red\Downloads\MiniToolBox.exe:BDU [0]
AlternateDataStreams: C:\Users\big red\Downloads\Ninite 7Zip Air Evernote GIMP Google Drive Installer.exe:BDU [0]
AlternateDataStreams: C:\Users\big red\Downloads\Ninite Air Java 8 NET 452 Reader Installer.exe:BDU [0]
AlternateDataStreams: C:\Users\big red\Downloads\Plex-Media-Server-1.3.3.3148-b38628e.exe:BDU [0]
AlternateDataStreams: C:\Users\big red\Downloads\Rainmeter-4.0.exe:BDU [0]
AlternateDataStreams: C:\Users\big red\Downloads\Samsung-Usb-Driver-v1.5.59.0.exe:BDU [0]
AlternateDataStreams: C:\Users\big red\Downloads\setup-wintopo.exe:BDU [0]
AlternateDataStreams: C:\Users\big red\Downloads\Silverlight_x64.exe:BDU [0]
AlternateDataStreams: C:\Users\big red\Downloads\spybot-2.4.exe:BDU [0]
AlternateDataStreams: C:\Users\big red\Downloads\TeamViewer_Setup_en.exe:BDU [0]
AlternateDataStreams: C:\Users\big red\Downloads\wow_mouse.exe:BDU [0]
 
==================== Safe Mode (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
 
==================== Association (Whitelisted) ===============
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
 
HKU\S-1-5-21-1497550341-3238969554-3758295579-1000\Software\Classes\.scr: AutoCADScriptFile => C:\Windows\system32\notepad.exe "%1"
 
==================== Internet Explorer trusted/restricted ===============
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
 
==================== Hosts content: ===============================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2009-07-13 21:34 - 2017-08-26 20:11 - 000000027 _____ C:\Windows\system32\Drivers\etc\hosts
 
127.0.0.1       localhost
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-1497550341-3238969554-3758295579-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\big red\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
MSCONFIG\Services: AdAppMgrSvc => 2
MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
MSCONFIG\Services: AMD External Events Utility => 2
MSCONFIG\Services: AMD FUEL Service => 2
MSCONFIG\Services: Bonjour Service => 2
MSCONFIG\Services: cFosSpeedS => 2
MSCONFIG\Services: dbupdate => 2
MSCONFIG\Services: dbupdatem => 3
MSCONFIG\Services: DbxSvc => 2
MSCONFIG\Services: DraftSight API Service => 2
MSCONFIG\Services: EaselLocal => 2
MSCONFIG\Services: ewserver => 2
MSCONFIG\Services: FlexNet Licensing Service 64 => 3
MSCONFIG\Services: HitmanProScheduler => 2
MSCONFIG\Services: Kodak AiO Network Discovery Service => 2
MSCONFIG\Services: Kodak AiO Status Monitor Service => 2
MSCONFIG\Services: MozillaMaintenance => 3
MSCONFIG\Services: PlaysService => 2
MSCONFIG\Services: PlexUpdateService => 2
MSCONFIG\Services: RemoteSolverDispatcher => 2
MSCONFIG\Services: SDScannerService => 2
MSCONFIG\Services: SDUpdateService => 2
MSCONFIG\Services: SDWSCService => 2
MSCONFIG\Services: SkypeUpdate => 2
MSCONFIG\Services: ss_conn_service => 2
MSCONFIG\Services: Steam Client Service => 3
MSCONFIG\Services: TeamViewer9 => 2
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^SOLIDWORKS Background Downloader.lnk => C:\Windows\pss\SOLIDWORKS Background Downloader.lnk.CommonStartup
MSCONFIG\startupreg: ADSKAppManager => "C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgr.exe" -showminimized -checkautorun
MSCONFIG\startupreg: Amazon Music => "C:\Users\big red\AppData\Local\Amazon Music\Amazon Music Helper.exe"
MSCONFIG\startupreg: Conime => %windir%\system32\conime.exe
MSCONFIG\startupreg: DAEMON Tools Lite => "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
MSCONFIG\startupreg: Dropbox => "C:\Program Files (x86)\Dropbox\Client\Dropbox.exe" /systemstartup
MSCONFIG\startupreg: EKIJ5000StatusMonitor => C:\Windows\system32\spool\DRIVERS\x64\3\EKIJ5000MUI.exe
MSCONFIG\startupreg: EKStatusMonitor => C:\Program Files (x86)\Kodak\AiO\StatusMonitor\EKStatusMonitor.exe
MSCONFIG\startupreg: f.lux => "C:\Users\big red\AppData\Local\FluxSoftware\Flux\flux.exe" /noshow
MSCONFIG\startupreg: PlaysTV => "C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv_launcher.exe" --startup
MSCONFIG\startupreg: Plex Media Server => "C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe"
MSCONFIG\startupreg: ROG GameFirst => C:\Program Files\ASUS\ROG GameFirst\cFosSpeed.exe
MSCONFIG\startupreg: SDTray => "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
MSCONFIG\startupreg: Steam => "C:\Program Files (x86)\Steam\steam.exe" -silent
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
 
==================== FirewallRules (Whitelisted) ===============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [TCP Query User{D681F593-4A38-4AFE-AD0C-7777B878495E}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe
FirewallRules: [UDP Query User{2C7DDCC8-13C1-4FA1-8A7E-6C23D824C609}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe
FirewallRules: [{78FDB859-E204-4AC8-8C0F-0243D77BF2CE}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{8F65B117-7320-453C-B5DC-5C8198A2DCCE}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{0F4504CD-18F2-436C-821E-7F5C580940ED}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{41427921-1927-4E0A-A282-65AA75FE8675}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [TCP Query User{97A85120-00C3-4C93-9D6E-DADC901F69F9}C:\program files (x86)\steam\steamapps\common\orcs must die 2\build\game\orcsmustdie2.exe] => (Block) C:\program files (x86)\steam\steamapps\common\orcs must die 2\build\game\orcsmustdie2.exe
FirewallRules: [UDP Query User{F68F89C3-F169-4F51-93BF-A037280FBE24}C:\program files (x86)\steam\steamapps\common\orcs must die 2\build\game\orcsmustdie2.exe] => (Block) C:\program files (x86)\steam\steamapps\common\orcs must die 2\build\game\orcsmustdie2.exe
FirewallRules: [TCP Query User{FD45E078-22FE-4AFF-8924-DD3456EB4FCC}C:\program files (x86)\starcraft ii\versions\base46154\sc2_x64.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base46154\sc2_x64.exe
FirewallRules: [UDP Query User{4D7275BD-AFA8-481F-AEAD-B1C7372459D5}C:\program files (x86)\starcraft ii\versions\base46154\sc2_x64.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base46154\sc2_x64.exe
FirewallRules: [{AE936598-89AC-4355-AFB6-CC0D53995232}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{F4D9A1BB-1915-4CCC-8BEA-2794E611DB06}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{C76454FE-71FA-4CE7-8EF5-D22808DA13F4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Path of Exile\PathOfExileSteam.exe
FirewallRules: [{212C0AE5-E73F-44AD-83A3-15C8964081F5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Path of Exile\PathOfExileSteam.exe
FirewallRules: [{D0132098-2831-46BC-97A7-D4C7785DDDC6}] => (Allow) C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe
FirewallRules: [{91C49363-9B04-4F6F-BF2B-7C047FB3FAD6}] => (Allow) C:\Program Files (x86)\Plex\Plex Media Server\PlexScriptHost.exe
FirewallRules: [{8E5CFA54-6B6D-40D7-89A3-A543BE09DBC2}] => (Allow) C:\Program Files (x86)\Plex\Plex Media Server\Plex DLNA Server.exe
FirewallRules: [TCP Query User{A5D68B63-3A3A-49B4-8C2C-9761591879B5}C:\program files (x86)\starcraft ii\versions\base51702\sc2_x64.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base51702\sc2_x64.exe
FirewallRules: [UDP Query User{66247F7D-ED94-49A3-ABFA-360BE664E3BF}C:\program files (x86)\starcraft ii\versions\base51702\sc2_x64.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base51702\sc2_x64.exe
FirewallRules: [{4ECE4E97-E5C2-4479-A776-BB08E30302CD}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdater.exe
FirewallRules: [{6332C74E-2372-4682-947E-C566E4154C64}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
FirewallRules: [{FAD7D959-5EED-430B-B24E-5402AEE3E151}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
FirewallRules: [{C8A052D5-1775-4713-92AC-73178E1CFA27}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
FirewallRules: [{F0D40286-0FEA-40EB-8434-D4A9F2CFCD48}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
FirewallRules: [{3F9CBA77-7CC2-488B-B3A4-1720C452EDAD}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
FirewallRules: [{FEDFD29F-3CDC-41C9-8D05-DD0093EBC9AF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Outlast\OutlastLauncher.exe
FirewallRules: [{4C82CAF7-B86B-4138-8B53-F6AE411A49E5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Outlast\OutlastLauncher.exe
FirewallRules: [TCP Query User{1CD71DBB-D287-423E-A086-35B9FDCD47B8}C:\program files (x86)\steam\steamapps\common\outlast\binaries\win64\olgame.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\outlast\binaries\win64\olgame.exe
FirewallRules: [UDP Query User{A2CD6103-4924-4B95-A33F-0A71EEB9FF6E}C:\program files (x86)\steam\steamapps\common\outlast\binaries\win64\olgame.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\outlast\binaries\win64\olgame.exe
FirewallRules: [{066ED026-6327-48C7-B82B-1C540F81BAEE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ShadowOfMordor\x64\ShadowOfMordor.exe
FirewallRules: [{FB02EC55-DA7F-4B41-AEC4-20C35042A5F0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ShadowOfMordor\x64\ShadowOfMordor.exe
FirewallRules: [{4FCDE3D8-6E31-4CFE-AD0E-6C1093B55216}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SimplePlanes\SimplePlanes.exe
FirewallRules: [{713B424F-E727-4E00-8D59-E5B358F0FB7C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SimplePlanes\SimplePlanes.exe
FirewallRules: [{66E186A1-4ABD-4406-89C2-C7E8746CEA87}] => (Allow) E:\SteamLibrary\steamapps\common\Offworld Trading Company\StardockLauncher.exe
FirewallRules: [{3379C852-3C7A-434F-A9BD-3C379F8034D8}] => (Allow) E:\SteamLibrary\steamapps\common\Offworld Trading Company\StardockLauncher.exe
FirewallRules: [{AAD1ED97-733D-4A5C-860A-BAB3EEA96475}] => (Allow) E:\SteamLibrary\steamapps\common\Dark Souls II Scholar of the First Sin\Game\DarkSoulsII.exe
FirewallRules: [{2FA92568-AA52-437B-BF72-80F66D8D2E18}] => (Allow) E:\SteamLibrary\steamapps\common\Dark Souls II Scholar of the First Sin\Game\DarkSoulsII.exe
FirewallRules: [{FD305F5E-0752-46F2-9C17-EECE3C07EB41}] => (Allow) E:\SteamLibrary\steamapps\common\Yet Another Zombie Defense\YetAnotherZombieDefense.exe
FirewallRules: [{D60CC01E-70DC-44E9-B725-2A0F8B68F2FC}] => (Allow) E:\SteamLibrary\steamapps\common\Yet Another Zombie Defense\YetAnotherZombieDefense.exe
FirewallRules: [{78C4CB05-41A9-4A62-A399-741E56C3A685}] => (Allow) E:\SteamLibrary\steamapps\common\Saints Row 2\SR2_pc.exe
FirewallRules: [{B7694516-6B72-4050-97B3-66F390BD1EDF}] => (Allow) E:\SteamLibrary\steamapps\common\Saints Row 2\SR2_pc.exe
FirewallRules: [{5527AF20-1E92-4E69-8296-2874033EFBDA}] => (Allow) E:\SteamLibrary\steamapps\common\HOMEFRONT\Binaries\HOMEFRONT.exe
FirewallRules: [{356AC3B4-2B13-488C-9400-DE0BCED287A8}] => (Allow) E:\SteamLibrary\steamapps\common\HOMEFRONT\Binaries\HOMEFRONT.exe
FirewallRules: [{0184696C-2E1E-40C2-A175-4792260817FA}] => (Allow) E:\SteamLibrary\steamapps\common\Risen 3\system\Risen3.exe
FirewallRules: [{68D0576A-4CDD-47FD-8675-CAA59AC8F995}] => (Allow) E:\SteamLibrary\steamapps\common\Risen 3\system\Risen3.exe
FirewallRules: [{B077CF95-3CAF-434E-8714-F89BF0EA2735}] => (Allow) E:\SteamLibrary\steamapps\common\Sherlock Holmes - The Devil's Daughter\Binaries\Win64\Sherlock.exe
FirewallRules: [{6742B294-DD1F-4082-AEDB-A77FA65FBFC7}] => (Allow) E:\SteamLibrary\steamapps\common\Sherlock Holmes - The Devil's Daughter\Binaries\Win64\Sherlock.exe
FirewallRules: [{90268BB4-E208-415C-9B3C-B279C794AC78}] => (Allow) E:\SteamLibrary\steamapps\common\Resident Evil 6\BH6.exe
FirewallRules: [{47BA85CC-7AF8-4A98-8729-A6DF8C3161BD}] => (Allow) E:\SteamLibrary\steamapps\common\Resident Evil 6\BH6.exe
FirewallRules: [{D97202DB-04AC-40D1-A78B-AE53A99DD99D}] => (Allow) E:\SteamLibrary\steamapps\common\killingfloor2\Binaries\Win64\KFGame.exe
FirewallRules: [{46D17776-FC43-409B-A59A-1CF42E97FBAA}] => (Allow) E:\SteamLibrary\steamapps\common\killingfloor2\Binaries\Win64\KFGame.exe
FirewallRules: [{B2722942-4FA4-4334-8782-AEA2D0B46C01}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{38850559-28C1-460D-AC3C-F066F6C83311}] => (Allow) E:\SteamLibrary\steamapps\common\Galactic Civilizations III\StardockLauncher.exe
FirewallRules: [{49820AEC-58C1-4386-A713-7E0367B75118}] => (Allow) E:\SteamLibrary\steamapps\common\Galactic Civilizations III\StardockLauncher.exe
FirewallRules: [{E49E893C-5F22-45EA-99A9-299100E76F55}] => (Allow) E:\SteamLibrary\steamapps\common\WormsWMD\Worms W.M.D.exe
FirewallRules: [{2A8219A4-BFE1-44E7-84D3-86462590D918}] => (Allow) E:\SteamLibrary\steamapps\common\WormsWMD\Worms W.M.D.exe
FirewallRules: [{DD17ECEE-D861-4DE4-9C8C-8C5AACC9AE47}] => (Allow) E:\SteamLibrary\steamapps\common\Eterium\EteriumLauncher.exe
FirewallRules: [{11566B88-44A2-4FA4-857F-D20582BF6F84}] => (Allow) E:\SteamLibrary\steamapps\common\Eterium\EteriumLauncher.exe
FirewallRules: [{E31135BC-039D-498F-846F-9310E074E33E}] => (Allow) E:\SteamLibrary\steamapps\common\dota 2 test\game\bin\win64\dota2.exe
FirewallRules: [{FAAB6E9D-7E04-439C-92C8-C9661095BE61}] => (Allow) E:\SteamLibrary\steamapps\common\dota 2 test\game\bin\win64\dota2.exe
FirewallRules: [{083FED15-8340-481F-80E9-179DEC8EA6B7}] => (Allow) E:\SteamLibrary\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{C50C70A4-B26A-480C-A1B6-39AAE5343F47}] => (Allow) E:\SteamLibrary\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{411A9123-C5E4-4B26-9052-147416BA8310}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service
 
==================== Restore Points =========================
 
03-09-2017 20:46:25 Scheduled Checkpoint
04-09-2017 22:05:43 Windows Update
 
==================== Faulty Device Manager Devices =============
 
Name: Unknown Device
Description: Unknown Device
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (Standard USB Host Controller)
Service: 
Problem: : Windows has stopped this device because it has reported problems. (Code 43)
Resolution: One of the drivers controlling the device notified the operating system that the device failed in some manner. For more information about how to diagnose the problem, see the hardware documentation. 
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (09/15/2017 10:04:23 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT AUTHORITY)
Description: Unloading the performance counter strings for service WmiApRpl (WmiApRpl) failed. The first DWORD in the Data section contains the error code.
 
Error: (09/15/2017 10:04:23 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)
Description: The performance strings in the Performance registry value is corrupted when process Performance extension counter provider. The BaseIndex value from the Performance registry is the first DWORD in the Data section, LastCounter value is the second DWORD in the Data section, and LastHelp value is the third DWORD in the Data section.
 
Error: (09/14/2017 09:06:22 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT AUTHORITY)
Description: Unloading the performance counter strings for service WmiApRpl (WmiApRpl) failed. The first DWORD in the Data section contains the error code.
 
Error: (09/14/2017 09:06:22 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)
Description: The performance strings in the Performance registry value is corrupted when process Performance extension counter provider. The BaseIndex value from the Performance registry is the first DWORD in the Data section, LastCounter value is the second DWORD in the Data section, and LastHelp value is the third DWORD in the Data section.
 
Error: (09/11/2017 07:04:20 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT AUTHORITY)
Description: Unloading the performance counter strings for service WmiApRpl (WmiApRpl) failed. The first DWORD in the Data section contains the error code.
 
Error: (09/11/2017 07:04:20 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)
Description: The performance strings in the Performance registry value is corrupted when process Performance extension counter provider. The BaseIndex value from the Performance registry is the first DWORD in the Data section, LastCounter value is the second DWORD in the Data section, and LastHelp value is the third DWORD in the Data section.
 
Error: (09/06/2017 08:00:33 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT AUTHORITY)
Description: Unloading the performance counter strings for service WmiApRpl (WmiApRpl) failed. The first DWORD in the Data section contains the error code.
 
Error: (09/06/2017 08:00:33 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)
Description: The performance strings in the Performance registry value is corrupted when process Performance extension counter provider. The BaseIndex value from the Performance registry is the first DWORD in the Data section, LastCounter value is the second DWORD in the Data section, and LastHelp value is the third DWORD in the Data section.
 
Error: (09/05/2017 06:10:33 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT AUTHORITY)
Description: Unloading the performance counter strings for service WmiApRpl (WmiApRpl) failed. The first DWORD in the Data section contains the error code.
 
Error: (09/05/2017 06:10:33 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)
Description: The performance strings in the Performance registry value is corrupted when process Performance extension counter provider. The BaseIndex value from the Performance registry is the first DWORD in the Data section, LastCounter value is the second DWORD in the Data section, and LastHelp value is the third DWORD in the Data section.
 
 
System errors:
=============
Error: (09/15/2017 09:58:45 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Peer Networking Grouping service depends on the Peer Name Resolution Protocol service which failed to start because of the following error: 
%%-2140993535
 
Error: (09/15/2017 09:58:45 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Peer Name Resolution Protocol service terminated with the following error: 
%%-2140993535
 
Error: (09/15/2017 09:58:45 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Peer Networking Grouping service depends on the Peer Name Resolution Protocol service which failed to start because of the following error: 
%%-2140993535
 
Error: (09/15/2017 09:58:45 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Peer Name Resolution Protocol service terminated with the following error: 
%%-2140993535
 
Error: (09/15/2017 09:58:45 PM) (Source: PNRPSvc) (EventID: 102) (User: )
Description: The Peer Name Resolution Protocol cloud did not start because the creation of the default identity failed with error code: 0x80630801.
 
Error: (09/15/2017 09:58:45 PM) (Source: PNRPSvc) (EventID: 102) (User: )
Description: The Peer Name Resolution Protocol cloud did not start because the creation of the default identity failed with error code: 0x80630801.
 
Error: (09/15/2017 09:58:34 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Peer Networking Grouping service depends on the Peer Name Resolution Protocol service which failed to start because of the following error: 
%%-2140993535
 
Error: (09/15/2017 09:58:34 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Peer Name Resolution Protocol service terminated with the following error: 
%%-2140993535
 
Error: (09/15/2017 09:58:34 PM) (Source: PNRPSvc) (EventID: 102) (User: )
Description: The Peer Name Resolution Protocol cloud did not start because the creation of the default identity failed with error code: 0x80630801.
 
Error: (09/15/2017 01:32:17 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Peer Networking Grouping service depends on the Peer Name Resolution Protocol service which failed to start because of the following error: 
%%-2140993535
 
 
CodeIntegrity:
===================================
  Date: 2017-08-26 20:10:26.222
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2017-08-26 20:10:26.171
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2017-08-26 20:10:26.115
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2017-08-26 20:10:26.062
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2016-03-28 13:44:56.720
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2016-03-28 13:44:56.658
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2016-03-28 13:44:56.611
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2016-03-28 13:44:56.549
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2016-03-25 08:40:49.842
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2016-03-25 08:40:49.780
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
 
==================== Memory info =========================== 
 
Processor: AMD FX™-6300 Six-Core Processor 
Percentage of memory in use: 42%
Total physical RAM: 8174.11 MB
Available physical RAM: 4681.95 MB
Total Virtual: 16346.41 MB
Available Virtual: 12133.94 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:232.79 GB) (Free:20.49 GB) NTFS
Drive d: (StarCraft II 3.0 Disc 1) (CDROM) (Total:7.91 GB) (Free:0 GB) CDFS
Drive e: () (Fixed) (Total:461.83 GB) (Free:171.38 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive f: () (Fixed) (Total:3.93 GB) (Free:3.86 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 0001CA63)
Partition 1: (Active) - (Size=461.8 GB) - (Type=83)
Partition 2: (Not Active) - (Size=4 GB) - (Type=05)
 
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 000F3FD0)
Partition 1: (Active) - (Size=461.8 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=3.9 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=1024 KB) - (Type=07 NTFS)
 
========================================================
Disk: 2 (MBR Code: Windows 7 or 8) (Size: 232.9 GB) (Disk ID: 3E1946BB)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=232.8 GB) - (Type=07 NTFS)
 
==================== End of Addition.txt ============================


#5 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 38,196 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:09:17 AM

Posted 16 September 2017 - 07:53 PM

Greetings acadburn and :welcome: to BleepingComputer's Virus/Trojan/Spyware/Malware Removal forum.

My name is Oh My! and I am here to help you! Now that we are "friends" please call me Gary.

If you would allow me to call you by your first name I would prefer to do that.

===================================================

Ground Rules:
  • First, I would like to inform you that most of us here at Bleeping Computer offer our expert assistance out of the goodness of our hearts. Please try to match our commitment to you with your patience toward us. If this was easy we would never have met.
  • Please do not run any tools or take any steps other than those I will provide for you while we work on your computer together. I need to be certain about the state of your computer in order to provide appropriate and effective steps for you to take. Most often "well intentioned" (and usually panic driven!) independent efforts can make things much worse for both of us. If at any point you would prefer to take your own steps please let me know, I will not be offended. I would be happy to focus on the many others who are waiting in line for assistance.
  • Please perform all steps in the order they are listed in each set of instructions. Some steps may be a bit complicated. If things are not clear, be sure to stop and let me know. We need to work on this together with confidence.
  • Please copy and paste all logs into your post unless directed otherwise. Please do not re-run any programs I suggest. If you encounter problems simply stop and tell me.
  • If you do not reply to your topic after 5 days we assume it has been abandoned and I will close it.
  • When your computer is clean I will alert you of such. I will also provide for you detailed information about how you can combat future infections.
  • I would like to remind you to make no further changes to your computer unless I direct you to do so.
===================================================

Now that I am assisting you, you can expect that I will be very responsive to your situation. If you are able, I would request you check this thread at least once per day so that we can try to resolve your issues effectively and efficiently. If you are going to be delayed please be considerate and post that information so that I know you are still with me. Unfortunately, there are many people waiting to be assisted and not enough of us at BleepingComputer to go around. I appreciate your understanding and diligence.

Thank you for your patience thus far.

Please consider and do this.

===================================================

Peer to Peer (P2P) Warning

--------------------

Going over your logs I noticed that you have Peer 2 Peer (torrent) program(s) installed. It is pretty much certain that if you continue to use P2P programs, you will get infected again.
  • Avoid gaming sites, pirated software, cracking tools, keygens, and peer-to-peer (P2P) file sharing programs.
  • They are a security risk which can make your computer susceptible to a smörgåsbord of malware infections, remote attacks, exposure of personal information, and identity theft. Many malicious worms and Trojans spread across P2P file sharing networks, gaming and underground sites.
  • Users visiting such pages may see innocuous-looking banner ads containing code which can trigger pop-up ads and malicious Flash ads that install viruses, Trojans and spyware. Ads are a target for hackers because they offer a stealthy way to distribute malware to a wide range of Internet users.
  • The best way to reduce the risk of infection is to avoid these types of web sites and not use any P2P applications.
I would recommend that you uninstall Peer 2 Peer programs, however that choice is up to you. If you choose to remove the program, you can do so via Start > Control Panel > Add/Remove Programs.

If you are still leaning toward using this program, please take a look at this information about CryptoLocker Ransomware, a type of Ransomware which can be delivered via P2P file transfers. The newest variation of Ransomware can make it impossible to recover the files this malicious software encrypts. In other words, you will probably lose most if not all of your valuable information, including pictures. In addition it has recently been reported that P2P downloads may be tracked resulting in your IP address being monitored by copyright authorities.

If you wish to keep it, please do not use it until we are completely done and your machine is determined to be clean and updated.

=================

Malwarebytes Junkware Removal Tool

-------------------
  • Please download Junkware Removal Tool and save it to your Desktop
  • Right click JRT.exe and select Run as administrator (Windows XP double click the icon)
  • Press any key to start the scan
  • Once completed a JRT.txt document will open on your desktop
  • Copy and paste the contents in your reply
===================================================

Farbar's Recovery Scan Tool - Run Fix in Normal or Safe Mode

--------------------
  • Right click on the FRST icon and select Run as administrator
  • Highlight the below information then hit the Ctrl + C keys at the same time
Start::
CreateRestorePoint:
CloseProcesses:
SearchScopes: HKLM-x32 -> DefaultScope {20B9D1AE-AD1A-38B4-87FE-AF278DA9861D} URL = 
FF Extension: (OfficeX Addon) - C:\Users\big red\AppData\Roaming\Mozilla\Firefox\Profiles\9rep5mpm.default\Extensions\{823489ae-1bf8-4403-acdd-ea1bdc6431da}.xpi [2017-06-30]
CHR Extension: (0aac4dee8f30d10e4125aa050c97587f) - C:\Program Files (x86)\Google\Chrome\Application\0aac4dee8f30d10e4125aa050c97587f [2016-03-21]
CHR HKLM-x32\...\Chrome\Extension: [dofoafnmdocgkdphpkdooahjkhpmakjd] - hxxps://clients2.google.com/service/update2/crx
U5 AppMgmt; C:\Windows\system32\svchost.exe
2017-08-27 19:31 - 2017-08-27 19:31 - 000000000 _____ C:\Users\big red\AppData\Local\{6587C0C7-870B-4FB2-B242-A3905E18806D}
2016-10-26 00:17 - 2016-10-26 00:17 - 000000000 _____ () C:\Users\big red\AppData\Local\{2E0C1FD5-9873-4D38-B561-63D6494650A0}
2017-08-27 19:31 - 2017-08-27 19:31 - 000000000 _____ () C:\Users\big red\AppData\Local\{6587C0C7-870B-4FB2-B242-A3905E18806D}
2016-12-28 12:15 - 2016-12-28 12:15 - 000000000 _____ () C:\Users\big red\AppData\Local\{6887A583-E483-4CAA-BE3C-07E4466A47F4}
Task: {328B3E92-7D26-4003-AD37-39F52CFF3DDF} - System32\Tasks\Omega Safe Network Uninstaller => C:\Program Files (x86)\Omega Safe Network\jptask.exe
C:\Program Files (x86)\Omega Safe Network
Task: {7B0B5DF7-FE1C-4396-B631-04F7F7DA2D3C} - \{DD058AB2-94B2-4BC7-A1D4-4D03AD967BAF}
Task: {DE5A4A73-C535-4FBE-B4FB-A6A8E3C1FBDB} - \{471DCEA1-714A-43F0-BE11-1A63EF9D5BB2}
Task: {E83A329E-EFD0-4944-8BFC-2BF6C3E4397B} - \{32703E98-5E07-4123-A9B5-C3969F99F317}
AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxlctlfudivq`qsp`28hfm [0]
HKU\S-1-5-21-1497550341-3238969554-3758295579-1000\...\Policies\Explorer: [] 
Folder: C:\Users\big red\AppData\Local\gm_ttt_13738
CMD: sfc /scannow
CMD: findstr /c:"[SR]" %windir%\logs\cbs\cbs.log >> "%userprofile%\desktop\sfcdetails.txt"
emptytemp:
End::
  • Click Fix
  • Copy and paste the contents of the Fixlog.txt file in your reply.
  • Test your Internet
===================================================

Please attempt to run MiniToolBox again.

===================================================

Things I would like to see in your next reply. Please be sure to copy and paste any requested log information unless you are asked to attach it. :thumbsup2:
  • Junkware log
  • Fixlog
  • Internet?
  • MTB log

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"For unto us a Child is born, Unto us a Son is given;"

#6 acadburn

acadburn
  • Topic Starter

  • Members
  • 26 posts
  • OFFLINE
  •  
  • Local time:11:17 AM

Posted 17 September 2017 - 12:18 AM

I ran JRT.txt   <---- my pc then said it was un-registered..... BSOD   then restarted and is acting like nothing happend

 

BSOD FILE

 

Problem signature:
  Problem Event Name: BlueScreen
  OS Version: 6.1.7601.2.1.0.768.3
  Locale ID: 1033
 
Additional information about the problem:
  BCCode: 1e
  BCP1: 0000000000000000
  BCP2: 0000000000000000
  BCP3: 0000000000000000
  BCP4: 0000000000000000
  OS Version: 6_1_7601
  Service Pack: 1_0
  Product: 768_1
 
Files that help describe the problem:
  C:\Windows\Minidump\091717-15615-01.dmp
  C:\Users\big red\AppData\Local\Temp\WER-25147-0.sysdata.xml
 
Read our privacy statement online:
 
If the online privacy statement is not available, please read our privacy statement offline:
  C:\Windows\system32\en-US\erofflps.txt
 
 
 
JRT.txt File 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.1.4 (07.09.2017)
Operating System: Windows 7 Home Premium x64 
Ran by big red (Administrator) on Sat 09/16/2017 at 20:00:58.48
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
File System: 15 
 
Successfully deleted: C:\Users\big red\AppData\Local\ysearchutil (Folder) 
Successfully deleted: C:\Windows\system32\Tasks\DriverNavigator Scheduled Scan (Task)
Successfully deleted: C:\Windows\Tasks\DriverNavigator Scheduled Scan.job (Task) 
Successfully deleted: C:\Users\big red\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\H7Z3D7KJ (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\big red\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\KYY8CHIE (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\big red\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ND8RBFMK (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\big red\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QBRX8O7U (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\big red\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\US9YUSED (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\big red\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZC2TKZ9S (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\H7Z3D7KJ (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\KYY8CHIE (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ND8RBFMK (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QBRX8O7U (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\US9YUSED (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZC2TKZ9S (Temporary Internet Files Folder) 
 
 
Registry: 0 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Sat 09/16/2017 at 20:04:40.98
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


#7 acadburn

acadburn
  • Topic Starter

  • Members
  • 26 posts
  • OFFLINE
  •  
  • Local time:11:17 AM

Posted 17 September 2017 - 12:32 AM

you said to 

 

  • Right click on the FRST icon and select Run as administrator
  • Highlight the below information then hit the Ctrl + C keys at the same time
  •  
  •   ~~~~~~~~~(Where do i paste it)~~~~~~~~~   (If i only hold it in the clipboard CTRL +C it says NO fixlist.txt found. the fixlist.txt should be in the same folder/directory the tool is located in)  (I tried to re run the scan ... the scan said it saved FRST.txt to the same folder tried to click fix and got the same error message pop up..... I could continue with the next step with the next tool but i want to make sure that is a good idea before i proceed.... as of this point i am rather stuck.... 

 

 

Start::
CreateRestorePoint:
CloseProcesses:
SearchScopes: HKLM-x32 -> DefaultScope {20B9D1AE-AD1A-38B4-87FE-AF278DA9861D} URL =
FF Extension: (OfficeX Addon) - C:\Users\big red\AppData\Roaming\Mozilla\Firefox\Profiles\9rep5mpm.default\Extensions\{823489ae-1bf8-4403-acdd-ea1bdc6431da}.xpi [2017-06-30]
CHR Extension: (0aac4dee8f30d10e4125aa050c97587f) - C:\Program Files (x86)\Google\Chrome\Application\0aac4dee8f30d10e4125aa050c97587f [2016-03-21]
CHR HKLM-x32\...\Chrome\Extension: [dofoafnmdocgkdphpkdooahjkhpmakjd] - hxxps://clients2.google.com/service/update2/crx
U5 AppMgmt; C:\Windows\system32\svchost.exe
2017-08-27 19:31 - 2017-08-27 19:31 - 000000000 _____ C:\Users\big red\AppData\Local\{6587C0C7-870B-4FB2-B242-A3905E18806D}
2016-10-26 00:17 - 2016-10-26 00:17 - 000000000 _____ () C:\Users\big red\AppData\Local\{2E0C1FD5-9873-4D38-B561-63D6494650A0}
2017-08-27 19:31 - 2017-08-27 19:31 - 000000000 _____ () C:\Users\big red\AppData\Local\{6587C0C7-870B-4FB2-B242-A3905E18806D}
2016-12-28 12:15 - 2016-12-28 12:15 - 000000000 _____ () C:\Users\big red\AppData\Local\{6887A583-E483-4CAA-BE3C-07E4466A47F4}
Task: {328B3E92-7D26-4003-AD37-39F52CFF3DDF} - System32\Tasks\Omega Safe Network Uninstaller => C:\Program Files (x86)\Omega Safe Network\jptask.exe
C
:\Program Files (x86)\Omega Safe Network
Task: {7B0B5DF7-FE1C-4396-B631-04F7F7DA2D3C} - \{DD058AB2-94B2-4BC7-A1D4-4D03AD967BAF}
Task: {DE5A4A73-C535-4FBE-B4FB-A6A8E3C1FBDB} - \{471DCEA1-714A-43F0-BE11-1A63EF9D5BB2}
Task: {E83A329E-EFD0-4944-8BFC-2BF6C3E4397B} - \{32703E98-5E07-4123-A9B5-C3969F99F317}
AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxlctlfudivq`qsp`28hfm [0]
HKU\S-1-5-21-1497550341-3238969554-3758295579-1000\...\Policies\Explorer: []
Folder: C:\Users\big red\AppData\Local\gm_ttt_13738
CMD
: sfc /scannow
CMD
: findstr /c:"[SR]" %windir%\logs\cbs\cbs.log >> "%userprofile%\desktop\sfcdetails.txt"
emptytemp:
End::

  • Click Fix
  • Copy and paste the contents of the Fixlog.txt file in your reply.
  • Test your Internet


#8 acadburn

acadburn
  • Topic Starter

  • Members
  • 26 posts
  • OFFLINE
  •  
  • Local time:11:17 AM

Posted 17 September 2017 - 12:35 AM

Note after i closed the scanner this log now popped up.... might be the 1 you wanted.... i dunno  I will hold off from changing anything else until i hear from you!  (speed test still shows 1mb down and 700kb up)

 

ComboFix 15-05-13.01 - big red 05/13/2015  19:30:19.1.6 - x64
 
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.1.1033.18.6142.3377 [GMT -5:00]
Running from: c:\users\big red\Desktop\ComboFix.exe
AV: Bitdefender Antivirus Free Edition *Enabled/Updated* {9B5F5313-CAF9-DD97-C460-E778420237B4}
SP: Bitdefender Antivirus Free Edition *Enabled/Updated* {203EB2F7-ECC3-D219-FED0-DC0A39857D09}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((((((   Other Deletions   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\1412037284.bdinstall.bin
c:\windows\msdownld.tmp
.
.
(((((((((((((((((((((((((   Files Created from 2015-04-14 to 2015-05-14  )))))))))))))))))))))))))))))))
.
.
2015-05-14 00:43 . 2015-05-14 00:43 -------- d-----w- c:\users\Default\AppData\Local\temp
2015-05-13 08:00 . 2015-05-01 13:17 124112 ----a-w- c:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-05-13 08:00 . 2015-05-01 13:16 102608 ----a-w- c:\windows\SysWow64\PresentationCFFRasterizerNative_v0300.dll
2015-05-13 00:42 . 2015-04-22 02:28 813776 ----a-w- c:\program files\Internet Explorer\iexplore.exe
2015-05-09 02:25 . 2015-05-09 02:25 -------- d-----w- c:\users\big red\AppData\Roaming\vlc
2015-04-30 01:05 . 2015-05-13 21:14 136408 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2015-04-30 01:05 . 2015-04-30 01:05 -------- d-----w- c:\program files (x86)\Malwarebytes Anti-Malware
2015-04-30 01:05 . 2015-04-30 01:05 -------- d-----w- c:\programdata\Malwarebytes
2015-04-30 01:05 . 2015-04-14 14:37 63704 ----a-w- c:\windows\system32\drivers\mwac.sys
2015-04-30 01:05 . 2015-04-14 14:37 107736 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2015-04-30 01:05 . 2015-04-14 14:37 25816 ----a-w- c:\windows\system32\drivers\mbam.sys
2015-04-27 23:16 . 2015-04-27 23:16 -------- d-----w- c:\program files\Common Files\Vectric
2015-04-27 23:16 . 2015-04-27 23:16 -------- d-----w- c:\programdata\Vectric
2015-04-27 23:16 . 2015-04-27 23:19 -------- d-----w- c:\program files (x86)\Aspire 4.0
2015-04-27 03:05 . 2015-05-13 08:29 -------- d-----r- c:\users\big red\Dropbox
2015-04-27 02:28 . 2015-05-13 08:29 -------- d-----w- c:\users\big red\AppData\Roaming\Dropbox
2015-04-19 01:29 . 2015-04-19 01:29 -------- d-----w- c:\users\big red\AppData\Roaming\LolClient
2015-04-18 01:44 . 2015-04-18 01:44 -------- d-----w- c:\programdata\Riot Games
2015-04-18 01:44 . 2008-07-12 14:18 467984 ----a-w- c:\windows\SysWow64\d3dx10_39.dll
2015-04-18 01:44 . 2008-07-12 14:18 3851784 ----a-w- c:\windows\SysWow64\D3DX9_39.dll
2015-04-18 01:44 . 2008-07-12 14:18 1493528 ----a-w- c:\windows\SysWow64\D3DCompiler_39.dll
2015-04-18 01:44 . 2015-04-18 01:44 -------- d-----w- C:\Riot Games
2015-04-18 01:43 . 2015-04-18 01:44 -------- d-----w- c:\users\big red\AppData\Roaming\Riot Games
.
.
.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-05-13 08:05 . 2014-10-01 04:28 140425016 ----a-w- c:\windows\system32\MRT.exe
2015-04-15 13:15 . 2014-09-30 02:50 778416 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2015-04-15 13:15 . 2014-09-30 02:50 142512 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2015-03-17 04:56 . 2015-04-19 06:54 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2015-02-20 04:41 . 2015-03-11 13:48 41984 ----a-w- c:\windows\system32\lpk.dll
2015-02-20 04:40 . 2015-03-11 13:48 100864 ----a-w- c:\windows\system32\fontsub.dll
2015-02-20 04:40 . 2015-03-11 13:48 14336 ----a-w- c:\windows\system32\dciman32.dll
2015-02-20 04:40 . 2015-03-11 13:48 46080 ----a-w- c:\windows\system32\atmlib.dll
2015-02-20 04:13 . 2015-03-11 13:48 70656 ----a-w- c:\windows\SysWow64\fontsub.dll
2015-02-20 04:13 . 2015-03-11 13:48 10240 ----a-w- c:\windows\SysWow64\dciman32.dll
2015-02-20 04:13 . 2015-03-11 13:48 34304 ----a-w- c:\windows\SysWow64\atmlib.dll
2015-02-20 04:12 . 2015-03-11 13:48 25600 ----a-w- c:\windows\SysWow64\lpk.dll
2015-02-20 03:29 . 2015-03-11 13:48 372224 ----a-w- c:\windows\system32\atmfd.dll
2015-02-20 03:09 . 2015-03-11 13:48 299008 ----a-w- c:\windows\SysWow64\atmfd.dll
2015-02-13 05:22 . 2015-03-11 13:47 14177280 ----a-w- c:\windows\system32\shell32.dll
.
.
(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown 
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"f.lux"="c:\users\big red\AppData\Local\FluxSoftware\Flux\flux.exe" [2013-10-23 1017224]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2014-03-04 3696912]
"Steam"="c:\program files (x86)\Steam\steam.exe" [2015-04-13 2889408]
"GoogleChromeAutoLaunch_C6305C9CEC1CFEBD3402BB0EC315BD2A"="c:\program files (x86)\Google\Chrome\Application\chrome.exe" [2015-05-05 812872]
"CCleaner Monitoring"="c:\program files\CCleaner\CCleaner64.exe" [2014-09-26 6482200]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"EKStatusMonitor"="c:\program files (x86)\Kodak\AiO\StatusMonitor\EKStatusMonitor.exe" [2013-12-12 2750840]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2014-10-07 507776]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2014-12-03 1021128]
"ADSKAppManager"="c:\program files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgr.exe" [2014-12-05 493960]
"EKIJ5000StatusMonitor"="c:\windows\system32\spool\DRIVERS\x64\3\EKIJ5000MUI.exe" [2012-10-08 3182080]
.
c:\users\big red\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\users\big red\AppData\Roaming\Dropbox\bin\Dropbox.exe /systemstartup [2015-5-4 43374104]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
McAfee Security Scan Plus.lnk - c:\program files\McAfee Security Scan\3.8.150\SSScheduler.exe [2014-4-9 332016]
SOLIDWORKS 2015 Fast Start.lnk - c:\windows\Installer\{F8093877-4F2C-40ED-9BA7-2F9F48F5176F}\NewShortcut2_87EDF6C81D0A4B7B84F42FE0C6A9D608.exe [2015-1-1 335872]
SOLIDWORKS Background Downloader.lnk - c:\program files (x86)\Common Files\SOLIDWORKS Installation Manager\BackgroundDownloading\sldBgDwld.exe /launch_from 0 [2014-12-31 2934264]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
R2 BBSvc;BingBar Service;c:\program files (x86)\Microsoft\BingBar\7.1.362.0\BBSvc.exe;c:\program files (x86)\Microsoft\BingBar\7.1.362.0\BBSvc.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 CoordinatorServiceHost;DTSInterops;c:\program files\SOLIDWORKS Corp\SOLIDWORKS\swScheduler\DTSCoordinatorService.exe;c:\program files\SOLIDWORKS Corp\SOLIDWORKS\swScheduler\DTSCoordinatorService.exe [x]
R3 DrvAgent64;DrvAgent64;c:\windows\SysWOW64\Drivers\DrvAgent64.SYS;c:\windows\SysWOW64\Drivers\DrvAgent64.SYS [x]
R3 FlexNet Licensing Service 64;FlexNet Licensing Service 64;c:\program files\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService64.exe;c:\program files\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService64.exe [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\McAfee Security Scan\3.8.150\McCHSvc.exe;c:\program files\McAfee Security Scan\3.8.150\McCHSvc.exe [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R4 RsFx0200;RsFx0200 Driver;c:\windows\system32\DRIVERS\RsFx0200.sys;c:\windows\SYSNATIVE\DRIVERS\RsFx0200.sys [x]
R4 SQLAgent$TEW_SQLEXPRESS;SQL Server Agent (TEW_SQLEXPRESS);c:\programdata\SOLIDWORKS Electrical\MSSQL11.TEW_SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE;c:\programdata\SOLIDWORKS Electrical\MSSQL11.TEW_SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [x]
S0 avc3;avc3;c:\windows\system32\DRIVERS\avc3.sys;c:\windows\SYSNATIVE\DRIVERS\avc3.sys [x]
S1 bdfwfpf;bdfwfpf;c:\program files\Bitdefender\Antivirus Free Edition\bdfwfpf.sys;c:\program files\Bitdefender\Antivirus Free Edition\bdfwfpf.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S1 gzflt;gzflt;c:\windows\system32\DRIVERS\gzflt.sys;c:\windows\SYSNATIVE\DRIVERS\gzflt.sys [x]
S2 AdAppMgrSvc;Autodesk Application Manager Service;c:\program files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe ;c:\program files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe  [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
S2 DraftSight API Service;DraftSight API Service;c:\program files\Dassault Systemes\DraftSight\bin\dsHttpApiService.exe;c:\program files\Dassault Systemes\DraftSight\bin\dsHttpApiService.exe [x]
S2 ewserver;SOLIDWORKS Electrical Collaborative Server;c:\program files\SOLIDWORKS Corp\SOLIDWORKS Electrical\server\EwServer.exe;c:\program files\SOLIDWORKS Corp\SOLIDWORKS Electrical\server\EwServer.exe [x]
S2 gzserv;Bitdefender Antivirus Free Edition;c:\program files\Bitdefender\Antivirus Free Edition\gzserv.exe;c:\program files\Bitdefender\Antivirus Free Edition\gzserv.exe [x]
S2 IntuitUpdateServiceV4;Intuit Update Service v4;c:\program files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe;c:\program files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe [x]
S2 Kodak AiO Network Discovery Service;Kodak AiO Network Discovery Service;c:\program files (x86)\Kodak\AiO\Center\EKAiOHostService.exe;c:\program files (x86)\Kodak\AiO\Center\EKAiOHostService.exe [x]
S2 Kodak AiO Status Monitor Service;Kodak AiO Status Monitor Service;c:\program files (x86)\Kodak\AiO\StatusMonitor\EKPrinterSDK.exe;c:\program files (x86)\Kodak\AiO\StatusMonitor\EKPrinterSDK.exe [x]
S2 MSSQL$TEW_SQLEXPRESS;SQL Server (TEW_SQLEXPRESS);c:\programdata\SOLIDWORKS Electrical\MSSQL11.TEW_SQLEXPRESS\MSSQL\Binn\sqlservr.exe;c:\programdata\SOLIDWORKS Electrical\MSSQL11.TEW_SQLEXPRESS\MSSQL\Binn\sqlservr.exe [x]
S2 RemoteSolverDispatcher;Remote Solver for Flow Simulation 2015;c:\program files\SOLIDWORKS Corp\SOLIDWORKS Flow Simulation\binCFW\remotesolverdispatcherservice.exe SOFTWARE\SRAC\COSMOS_FloWorks 2015;c:\program files\SOLIDWORKS Corp\SOLIDWORKS Flow Simulation\binCFW\remotesolverdispatcherservice.exe SOFTWARE\SRAC\COSMOS_FloWorks 2015 [x]
S2 TeamViewer9;TeamViewer 9;c:\program files (x86)\TeamViewer\Version9\TeamViewer_Service.exe;c:\program files (x86)\TeamViewer\Version9\TeamViewer_Service.exe [x]
S3 avckf;avckf;c:\windows\system32\DRIVERS\avckf.sys;c:\windows\SYSNATIVE\DRIVERS\avckf.sys [x]
S3 BBUpdate;BBUpdate;c:\program files (x86)\Microsoft\BingBar\7.1.362.0\SeaPort.exe;c:\program files (x86)\Microsoft\BingBar\7.1.362.0\SeaPort.exe [x]
S3 LGBusEnum;Logitech GamePanel Virtual Bus Enumerator Driver;c:\windows\system32\drivers\LGBusEnum.sys;c:\windows\SYSNATIVE\drivers\LGBusEnum.sys [x]
S3 LGVirHid;Logitech Gamepanel Virtual HID Device Driver;c:\windows\system32\drivers\LGVirHid.sys;c:\windows\SYSNATIVE\drivers\LGVirHid.sys [x]
S3 nusb3hub;NEC Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\nusb3hub.sys [x]
S3 nusb3xhc;NEC Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\nusb3xhc.sys [x]
S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\DRIVERS\usbfilter.sys;c:\windows\SYSNATIVE\DRIVERS\usbfilter.sys [x]
S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x64.sys;c:\windows\SYSNATIVE\DRIVERS\yk62x64.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2015-05-13 06:14 988488 ----a-w- c:\program files (x86)\Google\Chrome\Application\42.0.2311.152\Installer\chrmstp.exe
.
Contents of the 'Scheduled Tasks' folder
.
2015-05-14 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-09-30 13:15]
.
2015-05-14 c:\windows\Tasks\G2MUpdateTask-S-1-5-21-1497550341-3238969554-3758295579-1000.job
- c:\users\big red\AppData\Local\Citrix\GoToMeeting\2553\g2mupdate.exe [2015-04-13 08:15]
.
2015-05-13 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-09-30 02:51]
.
2015-05-14 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-09-30 02:51]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt1"]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2015-04-14 01:42 184856 ----a-w- c:\users\big red\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt2"]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2015-04-14 01:42 184856 ----a-w- c:\users\big red\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt3"]
@="{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}]
2015-04-14 01:42 184856 ----a-w- c:\users\big red\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt4"]
@="{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}]
2015-04-14 01:42 184856 ----a-w- c:\users\big red\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt5"]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2015-04-14 01:42 184856 ----a-w- c:\users\big red\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt6"]
@="{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}]
2015-04-14 01:42 184856 ----a-w- c:\users\big red\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt7"]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2015-04-14 01:42 184856 ----a-w- c:\users\big red\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt8"]
@="{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}]
2015-04-14 01:42 184856 ----a-w- c:\users\big red\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveBlacklistedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}]
2015-04-28 16:34 774984 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedEditOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}]
2015-04-28 16:34 774984 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedViewOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}]
2015-04-28 16:34 774984 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}]
2015-04-28 16:34 774984 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncingOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}]
2015-04-28 16:34 774984 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ROG GameFirst"="c:\program files\ASUS\ROG GameFirst\cFosSpeed.exe" [2010-02-09 1305816]
"Greenshot"="c:\program files\Greenshot\Greenshot.exe" [2014-05-13 495616]
"EKIJ5000StatusMonitor"="c:\windows\system32\spool\DRIVERS\x64\3\EKIJ5000MUI.exe" [2012-10-08 3182080]
"Launch LCore"="c:\program files\Logitech Gaming Software\LCore.exe" [2014-10-14 12697368]
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = about:blank
mStart Page = about:blank
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: Clip bookmark - c:\program files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=0
IE: Clip image - c:\program files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=4
IE: Clip selection - c:\program files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=3
IE: Clip this page - c:\program files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=1
IE: Clip URL - c:\program files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=0
IE: New note - c:\program files (x86)\Evernote\Evernote\EvernoteIERes\NewNote.html
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\users\big red\AppData\Roaming\Mozilla\Firefox\Profiles\9rep5mpm.default\
.
.
------- File Associations -------
.
inifile="%SystemRoot%\system32\NOTEPAD.EXE" %1
txtfile="%SystemRoot%\system32\NOTEPAD.EXE" %1
.
- - - - ORPHANS REMOVED - - - -
.
Wow6432Node-HKLM-Run-Conime - c:\windows\system32\conime.exe
Wow6432Node-HKU-Default-RunOnce-SPReview - c:\windows\System32\SPReview\SPReview.exe
AddRemove-PunkBusterSvc - c:\windows\system32\pbsvc.exe
AddRemove-Open Office Packages - c:\users\big red\AppData\Roaming\1H1Q1V1N1N1O1R\Open Office Packages\uninstaller.exe
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_17_0_0_169_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_17_0_0_169_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_17_0_0_169_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_17_0_0_169_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_17_0_0_169.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.17"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_17_0_0_169.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_17_0_0_169.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_17_0_0_169.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2015-05-13  19:58:12
ComboFix-quarantined-files.txt  2015-05-14 00:58
.
Pre-Run: 31,932,428,288 bytes free
Post-Run: 31,561,515,008 bytes free
.
- - End Of File - - 728DED783ACE6AB5581E92A497DDFE08
A36C5E4F47E84449FF07ED3517B43A31
ComboFix 16-03-19.01 - big red 03/20/2016  11:55:28.2.6 - x64
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.1.1033.18.8190.5758 [GMT -6:00]
Running from: c:\users\big red\Desktop\pc utilities\ComboFix.exe
AV: Bitdefender Antivirus Free Edition *Disabled/Updated* {3FB17364-4FCC-0FA7-6BBF-973897395371}
SP: Bitdefender Antivirus Free Edition *Disabled/Updated* {84D09280-69F6-0029-510F-AC4AECBE19CC}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 * Created a new restore point
.
.
(((((((((((((((((((((((((   Files Created from 2016-02-20 to 2016-03-20  )))))))))))))))))))))))))))))))
.
.
2016-03-20 18:08 . 2016-03-20 18:08 -------- d-----w- c:\users\Public\AppData\Local\temp
2016-03-20 18:08 . 2016-03-20 18:08 -------- d-----w- c:\users\Default\AppData\Local\temp
2016-03-20 17:34 . 2016-03-20 17:34 -------- d-----w- c:\program files (x86)\Jelbruss Secure Web
2016-03-19 16:25 . 2016-03-19 20:33 -------- d-----w- c:\users\big red\AppData\Roaming\Interstat
2016-03-19 14:02 . 2016-03-19 14:02 -------- d-----w- c:\program files (x86)\Common Files\Java
2016-03-19 14:02 . 2016-03-19 14:02 -------- d-----w- c:\users\big red\.oracle_jre_usage
2016-03-19 14:02 . 2015-01-01 04:31 111016 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-64.dll
2016-03-19 06:21 . 2016-03-19 06:21 -------- d-----w- c:\users\big red\.thumbnails
2016-03-19 06:20 . 2016-03-19 06:20 -------- d-----w- c:\users\big red\AppData\Local\fontconfig
2016-03-19 06:20 . 2016-03-19 06:26 -------- d-----w- c:\users\big red\.gimp-2.8
2016-03-19 06:20 . 2016-03-19 06:20 -------- d-----w- c:\users\big red\AppData\Local\gegl-0.2
2016-03-18 16:24 . 2016-03-18 16:24 -------- d-----w- c:\users\big red\AppData\Local\qBittorrent
2016-03-18 16:24 . 2016-03-18 16:24 -------- d-----w- c:\users\big red\AppData\Roaming\qBittorrent
2016-03-18 16:21 . 2016-03-18 16:21 -------- d-----w- c:\users\big red\AppData\Roaming\Mighty Defrag
2016-03-18 14:45 . 2016-03-18 14:45 -------- d-----w- c:\users\big red\AppData\Local\CEF
2016-03-18 06:49 . 2016-02-12 18:52 98816 ----a-w- c:\windows\system32\wudriver.dll
2016-03-18 06:48 . 2015-11-05 19:05 17408 ----a-w- c:\windows\system32\wshrm.dll
2016-03-18 06:47 . 2015-12-08 21:54 815616 ----a-w- c:\windows\SysWow64\WMADMOE.DLL
2016-03-18 06:46 . 2015-10-13 04:57 950720 ----a-w- c:\windows\system32\drivers\ndis.sys
2016-03-18 06:46 . 2015-12-08 21:52 312320 ----a-w- c:\windows\SysWow64\gdi32.dll
2016-03-18 06:46 . 2015-12-08 19:07 405504 ----a-w- c:\windows\system32\gdi32.dll
2016-03-18 06:46 . 2015-11-03 19:04 241664 ----a-w- c:\windows\system32\els.dll
2016-03-18 06:46 . 2015-11-03 18:55 179712 ----a-w- c:\windows\SysWow64\els.dll
2016-03-18 04:38 . 2016-03-18 04:40 -------- d-----w- c:\program files (x86)\Dropbox
2016-03-18 04:34 . 2007-07-28 21:11 445952 ----a-w- c:\windows\system32\drivers\rt61.sys
.
.
.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2016-03-19 14:02 . 2014-11-20 22:35 97888 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2016-03-18 09:00 . 2014-10-01 04:28 143659408 ----a-w- c:\windows\system32\MRT.exe
2016-03-18 06:15 . 2014-09-30 02:50 797376 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2016-03-18 06:15 . 2014-09-30 02:50 142528 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2016-02-11 18:30 . 2016-03-18 06:48 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2016-02-05 05:13 . 2016-02-05 05:13 875720 ----a-w- c:\windows\SysWow64\msvcr120_clr0400.dll
2016-02-05 05:13 . 2016-02-05 05:13 536776 ----a-w- c:\windows\SysWow64\msvcp120_clr0400.dll
2016-02-05 05:03 . 2016-02-05 05:03 869568 ----a-w- c:\windows\system32\msvcr120_clr0400.dll
2016-02-05 05:03 . 2016-02-05 05:03 678600 ----a-w- c:\windows\system32\msvcp120_clr0400.dll
.
.
(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2016-03-12 00:16 200000 ----a-w- c:\program files (x86)\Dropbox\Client\DropboxExt.34.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2016-03-12 00:16 200000 ----a-w- c:\program files (x86)\Dropbox\Client\DropboxExt.34.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt3]
@="{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}]
2016-03-12 00:16 200000 ----a-w- c:\program files (x86)\Dropbox\Client\DropboxExt.34.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt4]
@="{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}]
2016-03-12 00:16 200000 ----a-w- c:\program files (x86)\Dropbox\Client\DropboxExt.34.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt5]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2016-03-12 00:16 200000 ----a-w- c:\program files (x86)\Dropbox\Client\DropboxExt.34.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt6]
@="{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}]
2016-03-12 00:16 200000 ----a-w- c:\program files (x86)\Dropbox\Client\DropboxExt.34.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt7]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2016-03-12 00:16 200000 ----a-w- c:\program files (x86)\Dropbox\Client\DropboxExt.34.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt8]
@="{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}]
2016-03-12 00:16 200000 ----a-w- c:\program files (x86)\Dropbox\Client\DropboxExt.34.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"f.lux"="c:\users\big red\AppData\Local\FluxSoftware\Flux\flux.exe" [2013-10-23 1017224]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2014-03-04 3696912]
"Steam"="c:\program files (x86)\Steam\steam.exe" [2016-03-10 3074128]
"CCleaner Monitoring"="c:\program files\CCleaner\CCleaner64.exe" [2014-09-26 6482200]
"Amazon Music"="c:\users\big red\AppData\Local\Amazon Music\Amazon Music Helper.exe" [2015-05-07 5886784]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"EKStatusMonitor"="c:\program files (x86)\Kodak\AiO\StatusMonitor\EKStatusMonitor.exe" [2013-12-12 2750840]
"EKIJ5000StatusMonitor"="c:\windows\system32\spool\DRIVERS\x64\3\EKIJ5000MUI.exe" [2012-10-08 3182080]
"Dropbox"="c:\program files (x86)\Dropbox\Client\Dropbox.exe" [2016-03-12 25577864]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2016-01-30 594992]
"Conime"="c:\windows\system32\conime.exe" [BU]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
McAfee Security Scan Plus.lnk - c:\program files\McAfee Security Scan\3.11.149\SSScheduler.exe [2015-6-26 330456]
SOLIDWORKS 2015 Fast Start.lnk - c:\windows\Installer\{F8093877-4F2C-40ED-9BA7-2F9F48F5176F}\NewShortcut2_87EDF6C81D0A4B7B84F42FE0C6A9D608.exe [2014-12-31 335872]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
R2 BBSvc;BingBar Service;c:\program files (x86)\Microsoft\BingBar\7.1.362.0\BBSvc.exe;c:\program files (x86)\Microsoft\BingBar\7.1.362.0\BBSvc.exe [x]
R2 dbupdate;Dropbox Update Service (dbupdate);c:\program files (x86)\Dropbox\Update\DropboxUpdate.exe;c:\program files (x86)\Dropbox\Update\DropboxUpdate.exe [x]
R3 CoordinatorServiceHost;DTSInterops;c:\program files\SOLIDWORKS Corp\SOLIDWORKS\swScheduler\DTSCoordinatorService.exe;c:\program files\SOLIDWORKS Corp\SOLIDWORKS\swScheduler\DTSCoordinatorService.exe [x]
R3 cpuz138;cpuz138;c:\users\BIGRED~1\AppData\Local\Temp\cpuz138\cpuz138_x64.sys;c:\users\BIGRED~1\AppData\Local\Temp\cpuz138\cpuz138_x64.sys [x]
R3 dbupdatem;Dropbox Update Service (dbupdatem);c:\program files (x86)\Dropbox\Update\DropboxUpdate.exe;c:\program files (x86)\Dropbox\Update\DropboxUpdate.exe [x]
R3 DrvAgent64;DrvAgent64;c:\windows\SysWOW64\Drivers\DrvAgent64.SYS;c:\windows\SysWOW64\Drivers\DrvAgent64.SYS [x]
R3 FlexNet Licensing Service 64;FlexNet Licensing Service 64;c:\program files\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService64.exe;c:\program files\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService64.exe [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\McAfee Security Scan\3.11.149\McCHSvc.exe;c:\program files\McAfee Security Scan\3.11.149\McCHSvc.exe [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R4 AdAppMgrSvc;Autodesk Application Manager Service;c:\program files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe ;c:\program files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe  [x]
R4 ewserver;SOLIDWORKS Electrical Collaborative Server;c:\program files\SOLIDWORKS Corp\SOLIDWORKS Electrical\server\EwServer.exe;c:\program files\SOLIDWORKS Corp\SOLIDWORKS Electrical\server\EwServer.exe [x]
R4 RemoteSolverDispatcher;Remote Solver for Flow Simulation 2015;c:\program files\SOLIDWORKS Corp\SOLIDWORKS Flow Simulation\binCFW\remotesolverdispatcherservice.exe SOFTWARE\SRAC\COSMOS_FloWorks 2015;c:\program files\SOLIDWORKS Corp\SOLIDWORKS Flow Simulation\binCFW\remotesolverdispatcherservice.exe SOFTWARE\SRAC\COSMOS_FloWorks 2015 [x]
R4 RsFx0200;RsFx0200 Driver;c:\windows\system32\DRIVERS\RsFx0200.sys;c:\windows\SYSNATIVE\DRIVERS\RsFx0200.sys [x]
R4 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R4 SQLAgent$TEW_SQLEXPRESS;SQL Server Agent (TEW_SQLEXPRESS);c:\programdata\SOLIDWORKS Electrical\MSSQL11.TEW_SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE;c:\programdata\SOLIDWORKS Electrical\MSSQL11.TEW_SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [x]
S0 avc3;avc3;c:\windows\system32\DRIVERS\avc3.sys;c:\windows\SYSNATIVE\DRIVERS\avc3.sys [x]
S1 bdfwfpf;bdfwfpf;c:\program files\Bitdefender\Antivirus Free Edition\bdfwfpf.sys;c:\program files\Bitdefender\Antivirus Free Edition\bdfwfpf.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S1 gzflt;gzflt;c:\windows\system32\DRIVERS\gzflt.sys;c:\windows\SYSNATIVE\DRIVERS\gzflt.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
S2 DraftSight API Service;DraftSight API Service;c:\program files\Dassault Systemes\DraftSight\bin\dsHttpApiService.exe;c:\program files\Dassault Systemes\DraftSight\bin\dsHttpApiService.exe [x]
S2 EaselLocal;EaselLocal;c:\easellocal\nssm.exe;c:\easellocal\nssm.exe [x]
S2 gzserv;Bitdefender Antivirus Free Edition;c:\program files\Bitdefender\Antivirus Free Edition\gzserv.exe;c:\program files\Bitdefender\Antivirus Free Edition\gzserv.exe [x]
S2 IntuitUpdateServiceV4;Intuit Update Service v4;c:\program files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe;c:\program files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe [x]
S2 Kodak AiO Network Discovery Service;Kodak AiO Network Discovery Service;c:\program files (x86)\Kodak\AiO\Center\EKAiOHostService.exe;c:\program files (x86)\Kodak\AiO\Center\EKAiOHostService.exe [x]
S2 Kodak AiO Status Monitor Service;Kodak AiO Status Monitor Service;c:\program files (x86)\Kodak\AiO\StatusMonitor\EKPrinterSDK.exe;c:\program files (x86)\Kodak\AiO\StatusMonitor\EKPrinterSDK.exe [x]
S2 MSSQL$TEW_SQLEXPRESS;SQL Server (TEW_SQLEXPRESS);c:\programdata\SOLIDWORKS Electrical\MSSQL11.TEW_SQLEXPRESS\MSSQL\Binn\sqlservr.exe;c:\programdata\SOLIDWORKS Electrical\MSSQL11.TEW_SQLEXPRESS\MSSQL\Binn\sqlservr.exe [x]
S2 PrivoxyService;Privoxy (PrivoxyService);c:\program files (x86)\Jelbruss Secure Web\privoxy.exe;c:\program files (x86)\Jelbruss Secure Web\privoxy.exe [x]
S2 ss_conn_service;SAMSUNG Mobile Connectivity Service;c:\program files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe;c:\program files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [x]
S2 TeamViewer9;TeamViewer 9;c:\program files (x86)\TeamViewer\Version9\TeamViewer_Service.exe;c:\program files (x86)\TeamViewer\Version9\TeamViewer_Service.exe [x]
S3 avckf;avckf;c:\windows\system32\DRIVERS\avckf.sys;c:\windows\SYSNATIVE\DRIVERS\avckf.sys [x]
S3 BBUpdate;BBUpdate;c:\program files (x86)\Microsoft\BingBar\7.1.362.0\SeaPort.exe;c:\program files (x86)\Microsoft\BingBar\7.1.362.0\SeaPort.exe [x]
S3 LGBusEnum;Logitech GamePanel Virtual Bus Enumerator Driver;c:\windows\system32\drivers\LGBusEnum.sys;c:\windows\SYSNATIVE\drivers\LGBusEnum.sys [x]
S3 LGVirHid;Logitech Gamepanel Virtual HID Device Driver;c:\windows\system32\drivers\LGVirHid.sys;c:\windows\SYSNATIVE\drivers\LGVirHid.sys [x]
S3 nusb3hub;NEC Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\nusb3hub.sys [x]
S3 nusb3xhc;NEC Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\nusb3xhc.sys [x]
S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\DRIVERS\usbfilter.sys;c:\windows\SYSNATIVE\DRIVERS\usbfilter.sys [x]
S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x64.sys;c:\windows\SYSNATIVE\DRIVERS\yk62x64.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2016-03-18 05:54 1106072 ----a-w- c:\program files (x86)\Google\Chrome\Application\49.0.2623.87\Installer\chrmstp.exe
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{A6EADE66-0000-0000-484E-7E8A45000000}]
2015-12-18 15:42 286904 ----a-w- c:\program files (x86)\Adobe\Acrobat Reader DC\Esl\AiodLite.dll
.
Contents of the 'Scheduled Tasks' folder
.
2016-03-20 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-09-30 06:15]
.
2016-03-20 c:\windows\Tasks\DropboxUpdateTaskMachineCore.job
- c:\program files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-03-18 04:38]
.
2016-03-20 c:\windows\Tasks\DropboxUpdateTaskMachineUA.job
- c:\program files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-03-18 04:38]
.
2016-03-20 c:\windows\Tasks\G2MUpdateTask-S-1-5-21-1497550341-3238969554-3758295579-1000.job
- c:\users\big red\AppData\Local\Citrix\GoToMeeting\3215\g2mupdate.exe [2015-08-13 09:20]
.
2016-03-20 c:\windows\Tasks\G2MUploadTask-S-1-5-21-1497550341-3238969554-3758295579-1000.job
- c:\users\big red\AppData\Local\Citrix\GoToMeeting\3215\g2mupload.exe [2015-08-13 09:20]
.
2016-03-20 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-09-30 04:45]
.
2016-03-20 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-09-30 04:45]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\  GoogleDriveBlacklisted]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}]
2016-02-25 04:39 775064 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\  GoogleDriveSynced]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}]
2016-02-25 04:39 775064 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\  GoogleDriveSyncing]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}]
2016-02-25 04:39 775064 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt1"]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2016-03-12 00:16 236864 ----a-w- c:\program files (x86)\Dropbox\Client\DropboxExt64.34.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt2"]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2016-03-12 00:16 236864 ----a-w- c:\program files (x86)\Dropbox\Client\DropboxExt64.34.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt3]
@="{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}"
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt3"]
@="{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}]
2016-03-12 00:16 236864 ----a-w- c:\program files (x86)\Dropbox\Client\DropboxExt64.34.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt4]
@="{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}"
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt4"]
@="{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}]
2016-03-12 00:16 236864 ----a-w- c:\program files (x86)\Dropbox\Client\DropboxExt64.34.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt5]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt5"]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2016-03-12 00:16 236864 ----a-w- c:\program files (x86)\Dropbox\Client\DropboxExt64.34.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt6]
@="{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}"
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt6"]
@="{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}]
2016-03-12 00:16 236864 ----a-w- c:\program files (x86)\Dropbox\Client\DropboxExt64.34.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt7]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt7"]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2016-03-12 00:16 236864 ----a-w- c:\program files (x86)\Dropbox\Client\DropboxExt64.34.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt8]
@="{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}"
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt8"]
@="{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}]
2016-03-12 00:16 236864 ----a-w- c:\program files (x86)\Dropbox\Client\DropboxExt64.34.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt1"]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2016-03-12 00:16 236864 ----a-w- c:\program files (x86)\Dropbox\Client\DropboxExt64.34.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt2"]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2016-03-12 00:16 236864 ----a-w- c:\program files (x86)\Dropbox\Client\DropboxExt64.34.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt3]
@="{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}"
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt3"]
@="{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}]
2016-03-12 00:16 236864 ----a-w- c:\program files (x86)\Dropbox\Client\DropboxExt64.34.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt4]
@="{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}"
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt4"]
@="{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}]
2016-03-12 00:16 236864 ----a-w- c:\program files (x86)\Dropbox\Client\DropboxExt64.34.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt5]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt5"]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2016-03-12 00:16 236864 ----a-w- c:\program files (x86)\Dropbox\Client\DropboxExt64.34.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt6]
@="{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}"
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt6"]
@="{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}]
2016-03-12 00:16 236864 ----a-w- c:\program files (x86)\Dropbox\Client\DropboxExt64.34.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt7]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt7"]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2016-03-12 00:16 236864 ----a-w- c:\program files (x86)\Dropbox\Client\DropboxExt64.34.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt8]
@="{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}"
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt8"]
@="{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}]
2016-03-12 00:16 236864 ----a-w- c:\program files (x86)\Dropbox\Client\DropboxExt64.34.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ROG GameFirst"="c:\program files\ASUS\ROG GameFirst\cFosSpeed.exe" [2010-02-09 1305816]
"Greenshot"="c:\program files\Greenshot\Greenshot.exe" [2014-05-13 495616]
"EKIJ5000StatusMonitor"="c:\windows\system32\spool\DRIVERS\x64\3\EKIJ5000MUI.exe" [2012-10-08 3182080]
"Launch LCore"="c:\program files\Logitech Gaming Software\LCore.exe" [2014-10-14 12697368]
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = about:blank
mStart Page = about:blank
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
uInternet Settings,ProxyServer = 127.0.0.1:8118
IE: Clip bookmark - c:\program files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=0
IE: Clip image - c:\program files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=4
IE: Clip selection - c:\program files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=3
IE: Clip this page - c:\program files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=1
IE: Clip URL - c:\program files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=0
IE: New note - c:\program files (x86)\Evernote\Evernote\EvernoteIERes\NewNote.html
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\users\big red\AppData\Roaming\Mozilla\Firefox\Profiles\9rep5mpm.default\
FF - prefs.js: network.proxy.type - 5)
.
.
------- File Associations -------
.
inifile="%SystemRoot%\system32\NOTEPAD.EXE" %1
txtfile="%SystemRoot%\system32\NOTEPAD.EXE" %1
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_21_0_0_182_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_21_0_0_182_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_21_0_0_182_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_21_0_0_182_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_21_0_0_182.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.21"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_21_0_0_182.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_21_0_0_182.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_21_0_0_182.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2016-03-20  12:22:40
ComboFix-quarantined-files.txt  2016-03-20 18:22
ComboFix2.txt  2015-05-14 00:58
.
Pre-Run: 45,491,998,720 bytes free
Post-Run: 45,236,051,968 bytes free
.
- - End Of File - - A938F9CB3B1FBB69D9C18AF547802114
A36C5E4F47E84449FF07ED3517B43A31


#9 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 38,196 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:09:17 AM

Posted 17 September 2017 - 08:53 AM

Greetings,

You shouldn't have to paste the Fixlist information anywhere. Did you highlight the information, hit Ctrl + C then immediately click Fix?

Let's try to run it again since I added a line.

===================================================

Farbar's Recovery Scan Tool - Run Fix in Normal or Safe Mode

--------------------
  • Right click on the FRST icon and select Run as administrator
  • Highlight the below information then hit the Ctrl + C keys at the same time
Start::
CreateRestorePoint:
CloseProcesses:
SearchScopes: HKLM-x32 -> DefaultScope {20B9D1AE-AD1A-38B4-87FE-AF278DA9861D} URL = 
FF Extension: (OfficeX Addon) - C:\Users\big red\AppData\Roaming\Mozilla\Firefox\Profiles\9rep5mpm.default\Extensions\{823489ae-1bf8-4403-acdd-ea1bdc6431da}.xpi [2017-06-30]
CHR Extension: (0aac4dee8f30d10e4125aa050c97587f) - C:\Program Files (x86)\Google\Chrome\Application\0aac4dee8f30d10e4125aa050c97587f [2016-03-21]
CHR HKLM-x32\...\Chrome\Extension: [dofoafnmdocgkdphpkdooahjkhpmakjd] - hxxps://clients2.google.com/service/update2/crx
U5 AppMgmt; C:\Windows\system32\svchost.exe
2017-08-27 19:31 - 2017-08-27 19:31 - 000000000 _____ C:\Users\big red\AppData\Local\{6587C0C7-870B-4FB2-B242-A3905E18806D}
2016-10-26 00:17 - 2016-10-26 00:17 - 000000000 _____ () C:\Users\big red\AppData\Local\{2E0C1FD5-9873-4D38-B561-63D6494650A0}
2017-08-27 19:31 - 2017-08-27 19:31 - 000000000 _____ () C:\Users\big red\AppData\Local\{6587C0C7-870B-4FB2-B242-A3905E18806D}
2016-12-28 12:15 - 2016-12-28 12:15 - 000000000 _____ () C:\Users\big red\AppData\Local\{6887A583-E483-4CAA-BE3C-07E4466A47F4}
Task: {328B3E92-7D26-4003-AD37-39F52CFF3DDF} - System32\Tasks\Omega Safe Network Uninstaller => C:\Program Files (x86)\Omega Safe Network\jptask.exe
C:\Program Files (x86)\Omega Safe Network
Task: {7B0B5DF7-FE1C-4396-B631-04F7F7DA2D3C} - \{DD058AB2-94B2-4BC7-A1D4-4D03AD967BAF}
Task: {DE5A4A73-C535-4FBE-B4FB-A6A8E3C1FBDB} - \{471DCEA1-714A-43F0-BE11-1A63EF9D5BB2}
Task: {E83A329E-EFD0-4944-8BFC-2BF6C3E4397B} - \{32703E98-5E07-4123-A9B5-C3969F99F317}
AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxlctlfudivq`qsp`28hfm [0]
HKU\S-1-5-21-1497550341-3238969554-3758295579-1000\...\Policies\Explorer: [] 
Folder: C:\Users\big red\AppData\Local\gm_ttt_13738
zip: C:\Windows\Minidump\091717-15615-01.dmp
CMD: sfc /scannow
CMD: findstr /c:"[SR]" %windir%\logs\cbs\cbs.log >> "%userprofile%\desktop\sfcdetails.txt"
emptytemp:
End::
  • Click Fix
  • Copy and paste the contents of the Fixlog.txt file in your reply.
  • The tool will also create a zip file on your Desktop with today's date and time, example 05.12.2016_13.04.06.zip. Please attach the file to your reply
  • Test your Internet
===================================================

Things I would like to see in your next reply. Please be sure to copy and paste any requested log information unless you are asked to attach it. :thumbsup2:
  • Fixlog

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"For unto us a Child is born, Unto us a Son is given;"

#10 acadburn

acadburn
  • Topic Starter

  • Members
  • 26 posts
  • OFFLINE
  •  
  • Local time:11:17 AM

Posted 17 September 2017 - 12:33 PM

as long as this is the correct icon for the FRST program ... I'm doing exactly as you say and m getting the error message (is there a way to post screen shots?) I tried but the forms are saying "You are not allowed to use that image extension on this community."

 

BTW I'm noticing my boot time (bios side) is starting to take longer... my bios also lost all overclocking settings and which hard drive to boot from.... I noticed that when it tried starting in UBUNTU this morning



#11 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 38,196 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:09:17 AM

Posted 17 September 2017 - 01:33 PM

Greetings,

Delete the existing FRST program and download a new one to your desktop. Then do this.

===================================================

Farbar's Recovery Scan Tool - Run Fix in Normal or Safe Mode Using Attached File

--------------------
  • Please download and save it in the same location as FRST.exe (example, Desktop, USB device) <<< Important
  • Launch FRST and press the Fix button just once and wait, the program will automatically launch fixlist.txt.
  • The tool will create a log on the desktop called Fixlog.txt. Please copy and paste the contents of the file in your reply.
  • The tool will also create a zip file on your Desktop with today's date and time, example 05.12.2016_13.04.06.zip. Please attach the file to your reply
  • Test your Internet
===================================================

Things I would like to see in your next reply. Please be sure to copy and paste any requested log information unless you are asked to attach it. :thumbsup2:
  • Fixlog
  • Attached file

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"For unto us a Child is born, Unto us a Son is given;"

#12 acadburn

acadburn
  • Topic Starter

  • Members
  • 26 posts
  • OFFLINE
  •  
  • Local time:11:17 AM

Posted 17 September 2017 - 08:47 PM

Download speed 3.33 mb upload .61

 

 

Fix result of Farbar Recovery Scan Tool (x64) Version: 17-09-2017 01
Ran by big red (17-09-2017 20:35:08) Run:1
Running from C:\Users\big red\Downloads
Loaded Profiles: big red (Available Profiles: big red)
Boot Mode: Normal
==============================================

fixlist content:
*****************

CreateRestorePoint:
CloseProcesses:
SearchScopes: HKLM-x32 -> DefaultScope {20B9D1AE-AD1A-38B4-87FE-AF278DA9861D} URL =
FF Extension: (OfficeX Addon) - C:\Users\big red\AppData\Roaming\Mozilla\Firefox\Profiles\9rep5mpm.default\Extensions\{823489ae-1bf8-4403-acdd-ea1bdc6431da}.xpi [2017-06-30]
CHR Extension: (0aac4dee8f30d10e4125aa050c97587f) - C:\Program Files (x86)\Google\Chrome\Application\0aac4dee8f30d10e4125aa050c97587f [2016-03-21]
CHR HKLM-x32\...\Chrome\Extension: [dofoafnmdocgkdphpkdooahjkhpmakjd] - hxxps://clients2.google.com/service/update2/crx
U5 AppMgmt; C:\Windows\system32\svchost.exe
2017-08-27 19:31 - 2017-08-27 19:31 - 000000000 _____ C:\Users\big red\AppData\Local\{6587C0C7-870B-4FB2-B242-A3905E18806D}
2016-10-26 00:17 - 2016-10-26 00:17 - 000000000 _____ () C:\Users\big red\AppData\Local\{2E0C1FD5-9873-4D38-B561-63D6494650A0}
2017-08-27 19:31 - 2017-08-27 19:31 - 000000000 _____ () C:\Users\big red\AppData\Local\{6587C0C7-870B-4FB2-B242-A3905E18806D}
2016-12-28 12:15 - 2016-12-28 12:15 - 000000000 _____ () C:\Users\big red\AppData\Local\{6887A583-E483-4CAA-BE3C-07E4466A47F4}
Task: {328B3E92-7D26-4003-AD37-39F52CFF3DDF} - System32\Tasks\Omega Safe Network Uninstaller => C:\Program Files (x86)\Omega Safe Network\jptask.exe
C:\Program Files (x86)\Omega Safe Network
Task: {7B0B5DF7-FE1C-4396-B631-04F7F7DA2D3C} - \{DD058AB2-94B2-4BC7-A1D4-4D03AD967BAF}
Task: {DE5A4A73-C535-4FBE-B4FB-A6A8E3C1FBDB} - \{471DCEA1-714A-43F0-BE11-1A63EF9D5BB2}
Task: {E83A329E-EFD0-4944-8BFC-2BF6C3E4397B} - \{32703E98-5E07-4123-A9B5-C3969F99F317}
AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxlctlfudivq`qsp`28hfm [0]
HKU\S-1-5-21-1497550341-3238969554-3758295579-1000\...\Policies\Explorer: []
Folder: C:\Users\big red\AppData\Local\gm_ttt_13738
zip: C:\Windows\Minidump\091717-15615-01.dmp
CMD: sfc /scannow
CMD: findstr /c:"[SR]" %windir%\logs\cbs\cbs.log >> "%userprofile%\desktop\sfcdetails.txt"
emptytemp:

*****************

Restore point was successfully created.
Processes closed successfully.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
C:\Users\big red\AppData\Roaming\Mozilla\Firefox\Profiles\9rep5mpm.default\Extensions\{823489ae-1bf8-4403-acdd-ea1bdc6431da}.xpi => moved successfully
CHR Extension: (0aac4dee8f30d10e4125aa050c97587f) - C:\Program Files (x86)\Google\Chrome\Application\0aac4dee8f30d10e4125aa050c97587f [2016-03-21] => Error: No automatic fix found for this entry.
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\dofoafnmdocgkdphpkdooahjkhpmakjd => key removed successfully
HKLM\System\CurrentControlSet\Services\AppMgmt => key removed successfully
AppMgmt => service removed successfully
C:\Users\big red\AppData\Local\{6587C0C7-870B-4FB2-B242-A3905E18806D} => moved successfully
C:\Users\big red\AppData\Local\{2E0C1FD5-9873-4D38-B561-63D6494650A0} => moved successfully
"C:\Users\big red\AppData\Local\{6587C0C7-870B-4FB2-B242-A3905E18806D}" => not found.
C:\Users\big red\AppData\Local\{6887A583-E483-4CAA-BE3C-07E4466A47F4} => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{328B3E92-7D26-4003-AD37-39F52CFF3DDF} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{328B3E92-7D26-4003-AD37-39F52CFF3DDF} => key removed successfully
C:\Windows\System32\Tasks\Omega Safe Network Uninstaller => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Omega Safe Network Uninstaller => key removed successfully
C:\Program Files (x86)\Omega Safe Network => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7B0B5DF7-FE1C-4396-B631-04F7F7DA2D3C} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7B0B5DF7-FE1C-4396-B631-04F7F7DA2D3C} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{DE5A4A73-C535-4FBE-B4FB-A6A8E3C1FBDB} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DE5A4A73-C535-4FBE-B4FB-A6A8E3C1FBDB} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E83A329E-EFD0-4944-8BFC-2BF6C3E4397B} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E83A329E-EFD0-4944-8BFC-2BF6C3E4397B} => key removed successfully
C:\ProgramData\Reprise => ":wupeogjxlctlfudivq`qsp`28hfm" ADS removed successfully.
HKU\S-1-5-21-1497550341-3238969554-3758295579-1000\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\ => value removed successfully

========================= Folder: C:\Users\big red\AppData\Local\gm_ttt_13738 ========================

2017-08-22 18:18 - 2017-08-22 18:18 - 000000556 _____ () C:\Users\big red\AppData\Local\gm_ttt_13738\a25378.plist
2017-08-22 23:07 - 2017-08-22 23:07 - 000000000 ____D () C:\Users\big red\AppData\Local\gm_ttt_13738\gm_ttt_71308
2017-08-22 23:07 - 2017-08-22 23:07 - 000177976 _____ () C:\Users\big red\AppData\Local\gm_ttt_13738\gm_ttt_71308\My_First_Game1.win
2017-08-22 23:07 - 2017-08-22 23:07 - 000000644 _____ () C:\Users\big red\AppData\Local\gm_ttt_13738\gm_ttt_71308\My_First_Game1.yydebug
2017-08-22 23:07 - 2017-08-22 23:07 - 000000097 _____ () C:\Users\big red\AppData\Local\gm_ttt_13738\gm_ttt_71308\options.ini
2017-08-22 23:07 - 2014-11-24 06:06 - 000039233 _____ () C:\Users\big red\AppData\Local\gm_ttt_13738\gm_ttt_71308\splash.png
2017-08-22 23:07 - 2017-08-22 23:07 - 000000000 ____D () C:\Users\big red\AppData\Local\gm_ttt_13738\My_First_Game1

====== End of Folder: ======

================== Zip: ===================
C:\Windows\Minidump\091717-15615-01.dmp -> copied successfully to C:\Users\big red\Desktop\17.09.2017_20.35.22.zip
=========== Zip: End ===========

========= sfc /scannow =========



Beginning system scan.  This process will take some time.



Beginning verification phase of system scan.

Verification 0% complete.Verification 1% complete.Verification 2% complete.Verification 2% complete.Verification 3% complete.Verification 4% complete.Verification 4% complete.Verification 5% complete.Verification 6% complete.Verification 6% complete.Verification 7% complete.Verification 8% complete.Verification 8% complete.Verification 9% complete.Verification 10% complete.Verification 10% complete.Verification 11% complete.Verification 12% complete.Verification 12% complete.Verification 13% complete.Verification 14% complete.Verification 14% complete.Verification 15% complete.Verification 16% complete.Verification 16% complete.Verification 17% complete.Verification 18% complete.Verification 18% complete.Verification 19% complete.Verification 20% complete.Verification 20% complete.Verification 21% complete.Verification 22% complete.Verification 22% complete.Verification 23% complete.Verification 24% complete.Verification 24% complete.Verification 25% complete.Verification 26% complete.Verification 26% complete.Verification 27% complete.Verification 28% complete.Verification 28% complete.Verification 29% complete.Verification 30% complete.Verification 30% complete.Verification 31% complete.Verification 32% complete.Verification 32% complete.Verification 33% complete.Verification 34% complete.Verification 34% complete.Verification 35% complete.Verification 36% complete.Verification 37% complete.Verification 37% complete.Verification 38% complete.Verification 39% complete.Verification 39% complete.Verification 40% complete.Verification 41% complete.Verification 41% complete.Verification 42% complete.Verification 43% complete.Verification 43% complete.Verification 44% complete.Verification 45% complete.Verification 45% complete.Verification 46% complete.Verification 47% complete.Verification 47% complete.Verification 48% complete.Verification 49% complete.Verification 49% complete.Verification 50% complete.Verification 51% complete.Verification 51% complete.Verification 52% complete.Verification 53% complete.Verification 53% complete.Verification 54% complete.Verification 55% complete.Verification 55% complete.Verification 56% complete.Verification 57% complete.Verification 57% complete.Verification 58% complete.Verification 59% complete.Verification 59% complete.Verification 60% complete.Verification 61% complete.Verification 61% complete.Verification 62% complete.Verification 63% complete.Verification 63% complete.Verification 64% complete.Verification 65% complete.Verification 65% complete.Verification 66% complete.Verification 67% complete.Verification 67% complete.Verification 68% complete.Verification 69% complete.Verification 69% complete.Verification 70% complete.Verification 71% complete.Verification 72% complete.Verification 72% complete.Verification 73% complete.Verification 74% complete.Verification 74% complete.Verification 75% complete.Verification 76% complete.Verification 76% complete.Verification 77% complete.Verification 78% complete.Verification 78% complete.Verification 79% complete.Verification 80% complete.Verification 80% complete.Verification 81% complete.Verification 82% complete.Verification 82% complete.Verification 83% complete.Verification 84% complete.Verification 84% complete.Verification 85% complete.Verification 86% complete.Verification 86% complete.Verification 87% complete.Verification 88% complete.Verification 88% complete.Verification 89% complete.Verification 90% complete.Verification 90% complete.Verification 91% complete.Verification 92% complete.Verification 92% complete.Verification 93% complete.Verification 94% complete.Verification 94% complete.Verification 95% complete.Verification 96% complete.Verification 96% complete.Verification 97% complete.Verification 98% complete.Verification 98% complete.Verification 99% complete.Verification 100% complete.


Windows Resource Protection did not find any integrity violations.


========= End of CMD: =========


========= findstr /c:"[SR]" %windir%\logs\cbs\cbs.log >> "%userprofile%\desktop\sfcdetails.txt" =========

2017-09-16 20:22:26, Info                  CSI    00000009 [SR] Verifying 1 components
2017-09-16 20:22:26, Info                  CSI    0000000a [SR] Beginning Verify and Repair transaction
2017-09-16 20:22:26, Info                  CSI    0000000b [SR] Repairing corrupted file [ml:520{260},l:46{23}]"\??\C:\Windows\System32"\[l:16{8}]"slui.exe" from store
2017-09-16 20:22:26, Info                  CSI    0000000d [SR] Verify complete
2017-09-16 20:22:26, Info                  CSI    0000000e [SR] Repairing 1 components
2017-09-16 20:22:26, Info                  CSI    0000000f [SR] Beginning Verify and Repair transaction
2017-09-16 20:22:26, Info                  CSI    00000010 [SR] Repairing corrupted file [ml:520{260},l:46{23}]"\??\C:\Windows\System32"\[l:16{8}]"slui.exe" from store
2017-09-16 20:22:26, Info                  CSI    00000012 [SR] Repair complete
2017-09-16 20:22:26, Info                  CSI    00000013 [SR] Committing transaction
2017-09-16 20:22:26, Info                  CSI    00000017 [SR] Verify and Repair Transaction completed. All files and registry keys listed in this transaction  have been successfully repaired
2017-09-17 20:35:25, Info                  CSI    00000009 [SR] Verifying 100 (0x0000000000000064) components
2017-09-17 20:35:25, Info                  CSI    0000000a [SR] Beginning Verify and Repair transaction
2017-09-17 20:35:26, Info                  CSI    0000000c [SR] Verify complete
2017-09-17 20:35:26, Info                  CSI    0000000d [SR] Verifying 100 (0x0000000000000064) components
2017-09-17 20:35:26, Info                  CSI    0000000e [SR] Beginning Verify and Repair transaction
2017-09-17 20:35:26, Info                  CSI    00000010 [SR] Verify complete
2017-09-17 20:35:26, Info                  CSI    00000011 [SR] Verifying 100 (0x0000000000000064) components
2017-09-17 20:35:26, Info                  CSI    00000012 [SR] Beginning Verify and Repair transaction
2017-09-17 20:35:26, Info                  CSI    00000014 [SR] Verify complete
2017-09-17 20:35:27, Info                  CSI    00000015 [SR] Verifying 100 (0x0000000000000064) components
2017-09-17 20:35:27, Info                  CSI    00000016 [SR] Beginning Verify and Repair transaction
2017-09-17 20:35:27, Info                  CSI    00000018 [SR] Verify complete
2017-09-17 20:35:27, Info                  CSI    00000019 [SR] Verifying 100 (0x0000000000000064) components
2017-09-17 20:35:27, Info                  CSI    0000001a [SR] Beginning Verify and Repair transaction
2017-09-17 20:35:27, Info                  CSI    0000001c [SR] Verify complete
2017-09-17 20:35:27, Info                  CSI    0000001d [SR] Verifying 100 (0x0000000000000064) components
2017-09-17 20:35:27, Info                  CSI    0000001e [SR] Beginning Verify and Repair transaction
2017-09-17 20:35:28, Info                  CSI    00000020 [SR] Verify complete
2017-09-17 20:35:28, Info                  CSI    00000021 [SR] Verifying 100 (0x0000000000000064) components
2017-09-17 20:35:28, Info                  CSI    00000022 [SR] Beginning Verify and Repair transaction
2017-09-17 20:35:28, Info                  CSI    00000024 [SR] Verify complete
2017-09-17 20:35:28, Info                  CSI    00000025 [SR] Verifying 100 (0x0000000000000064) components
2017-09-17 20:35:28, Info                  CSI    00000026 [SR] Beginning Verify and Repair transaction
2017-09-17 20:35:29, Info                  CSI    00000028 [SR] Verify complete
2017-09-17 20:35:29, Info                  CSI    00000029 [SR] Verifying 100 (0x0000000000000064) components
2017-09-17 20:35:29, Info                  CSI    0000002a [SR] Beginning Verify and Repair transaction
2017-09-17 20:35:29, Info                  CSI    0000002c [SR] Verify complete
2017-09-17 20:35:29, Info                  CSI    0000002d [SR] Verifying 100 (0x0000000000000064) components
2017-09-17 20:35:29, Info                  CSI    0000002e [SR] Beginning Verify and Repair transaction
2017-09-17 20:35:29, Info                  CSI    00000030 [SR] Verify complete
2017-09-17 20:35:29, Info                  CSI    00000031 [SR] Verifying 100 (0x0000000000000064) components
2017-09-17 20:35:29, Info                  CSI    00000032 [SR] Beginning Verify and Repair transaction
2017-09-17 20:35:30, Info                  CSI    00000034 [SR] Verify complete
2017-09-17 20:35:30, Info                  CSI    00000035 [SR] Verifying 100 (0x0000000000000064) components
2017-09-17 20:35:30, Info                  CSI    00000036 [SR] Beginning Verify and Repair transaction
2017-09-17 20:35:30, Info                  CSI    00000038 [SR] Verify complete
2017-09-17 20:35:30, Info                  CSI    00000039 [SR] Verifying 100 (0x0000000000000064) components
2017-09-17 20:35:30, Info                  CSI    0000003a [SR] Beginning Verify and Repair transaction
2017-09-17 20:35:30, Info                  CSI    0000003c [SR] Verify complete
2017-09-17 20:35:31, Info                  CSI    0000003d [SR] Verifying 100 (0x0000000000000064) components
2017-09-17 20:35:31, Info                  CSI    0000003e [SR] Beginning Verify and Repair transaction
2017-09-17 20:35:31, Info                  CSI    00000040 [SR] Verify complete
2017-09-17 20:35:31, Info                  CSI    00000041 [SR] Verifying 100 (0x0000000000000064) components
2017-09-17 20:35:31, Info                  CSI    00000042 [SR] Beginning Verify and Repair transaction
2017-09-17 20:35:31, Info                  CSI    00000044 [SR] Verify complete
2017-09-17 20:35:31, Info                  CSI    00000045 [SR] Verifying 100 (0x0000000000000064) components
2017-09-17 20:35:31, Info                  CSI    00000046 [SR] Beginning Verify and Repair transaction
2017-09-17 20:35:31, Info                  CSI    00000048 [SR] Verify complete
2017-09-17 20:35:32, Info                  CSI    00000049 [SR] Verifying 100 (0x0000000000000064) components
2017-09-17 20:35:32, Info                  CSI    0000004a [SR] Beginning Verify and Repair transaction
2017-09-17 20:35:32, Info                  CSI    0000004c [SR] Verify complete
2017-09-17 20:35:32, Info                  CSI    0000004d [SR] Verifying 100 (0x0000000000000064) components
2017-09-17 20:35:32, Info                  CSI    0000004e [SR] Beginning Verify and Repair transaction
2017-09-17 20:35:32, Info                  CSI    00000050 [SR] Verify complete
2017-09-17 20:35:32, Info                  CSI    00000051 [SR] Verifying 100 (0x0000000000000064) components
2017-09-17 20:35:32, Info                  CSI    00000052 [SR] Beginning Verify and Repair transaction
2017-09-17 20:35:34, Info                  CSI    00000054 [SR] Verify complete
2017-09-17 20:35:34, Info                  CSI    00000055 [SR] Verifying 100 (0x0000000000000064) components
2017-09-17 20:35:34, Info                  CSI    00000056 [SR] Beginning Verify and Repair transaction
2017-09-17 20:35:34, Info                  CSI    00000058 [SR] Verify complete
2017-09-17 20:35:35, Info                  CSI    00000059 [SR] Verifying 100 (0x0000000000000064) components
2017-09-17 20:35:35, Info                  CSI    0000005a [SR] Beginning Verify and Repair transaction
2017-09-17 20:35:35, Info                  CSI    0000005c [SR] Verify complete
2017-09-17 20:35:35, Info                  CSI    0000005d [SR] Verifying 100 (0x0000000000000064) components
2017-09-17 20:35:35, Info                  CSI    0000005e [SR] Beginning Verify and Repair transaction
2017-09-17 20:35:36, Info                  CSI    00000060 [SR] Verify complete
2017-09-17 20:35:36, Info                  CSI    00000061 [SR] Verifying 100 (0x0000000000000064) components
2017-09-17 20:35:36, Info                  CSI    00000062 [SR] Beginning Verify and Repair transaction
2017-09-17 20:35:37, Info                  CSI    00000064 [SR] Verify complete
2017-09-17 20:35:37, Info                  CSI    00000065 [SR] Verifying 100 (0x0000000000000064) components
2017-09-17 20:35:37, Info                  CSI    00000066 [SR] Beginning Verify and Repair transaction
2017-09-17 20:35:37, Info                  CSI    00000068 [SR] Verify complete
2017-09-17 20:35:37, Info                  CSI    00000069 [SR] Verifying 100 (0x0000000000000064) components
2017-09-17 20:35:37, Info                  CSI    0000006a [SR] Beginning Verify and Repair transaction
2017-09-17 20:35:38, Info                  CSI    0000006c [SR] Verify complete
2017-09-17 20:35:38, Info                  CSI    0000006d [SR] Verifying 100 (0x0000000000000064) components
2017-09-17 20:35:38, Info                  CSI    0000006e [SR] Beginning Verify and Repair transaction
2017-09-17 20:35:38, Info                  CSI    00000070 [SR] Verify complete
2017-09-17 20:35:38, Info                  CSI    00000071 [SR] Verifying 100 (0x0000000000000064) components
2017-09-17 20:35:38, Info                  CSI    00000072 [SR] Beginning Verify and Repair transaction
2017-09-17 20:35:39, Info                  CSI    00000074 [SR] Verify complete
2017-09-17 20:35:39, Info                  CSI    00000075 [SR] Verifying 100 (0x0000000000000064) components
2017-09-17 20:35:39, Info                  CSI    00000076 [SR] Beginning Verify and Repair transaction
2017-09-17 20:35:40, Info                  CSI    00000078 [SR] Verify complete
2017-09-17 20:35:40, Info                  CSI    00000079 [SR] Verifying 100 (0x0000000000000064) components
2017-09-17 20:35:40, Info                  CSI    0000007a [SR] Beginning Verify and Repair transaction
2017-09-17 20:35:40, Info                  CSI    0000007c [SR] Verify complete
2017-09-17 20:35:41, Info                  CSI    0000007d [SR] Verifying 100 (0x0000000000000064) components
2017-09-17 20:35:41, Info                  CSI    0000007e [SR] Beginning Verify and Repair transaction
2017-09-17 20:35:42, Info                  CSI    00000080 [SR] Verify complete
2017-09-17 20:35:42, Info                  CSI    00000081 [SR] Verifying 100 (0x0000000000000064) components
2017-09-17 20:35:42, Info                  CSI    00000082 [SR] Beginning Verify and Repair transaction
2017-09-17 20:35:43, Info                  CSI    00000084 [SR] Verify complete
2017-09-17 20:35:43, Info                  CSI    00000085 [SR] Verifying 100 (0x0000000000000064) components
2017-09-17 20:35:43, Info                  CSI    00000086 [SR] Beginning Verify and Repair transaction
2017-09-17 20:35:43, Info                  CSI    00000088 [SR] Verify complete
2017-09-17 20:35:44, Info                  CSI    00000089 [SR] Verifying 100 (0x0000000000000064) components
2017-09-17 20:35:44, Info                  CSI    0000008a [SR] Beginning Verify and Repair transaction
2017-09-17 20:35:47, Info                  CSI    0000008e [SR] Verify complete
2017-09-17 20:35:47, Info                  CSI    0000008f [SR] Verifying 100 (0x0000000000000064) components
2017-09-17 20:35:47, Info                  CSI    00000090 [SR] Beginning Verify and Repair transaction
2017-09-17 20:35:49, Info                  CSI    00000094 [SR] Verify complete
2017-09-17 20:35:49, Info                  CSI    00000095 [SR] Verifying 100 (0x0000000000000064) components
2017-09-17 20:35:49, Info                  CSI    00000096 [SR] Beginning Verify and Repair transaction
2017-09-17 20:35:51, Info                  CSI    00000099 [SR] Verify complete
2017-09-17 20:35:51, Info                  CSI    0000009a [SR] Verifying 100 (0x0000000000000064) components
2017-09-17 20:35:51, Info                  CSI    0000009b [SR] Beginning Verify and Repair transaction
2017-09-17 20:35:54, Info                  CSI    0000009e [SR] Verify complete
2017-09-17 20:35:54, Info                  CSI    0000009f [SR] Verifying 100 (0x0000000000000064) components
2017-09-17 20:35:54, Info                  CSI    000000a0 [SR] Beginning Verify and Repair transaction
2017-09-17 20:35:56, Info                  CSI    000000a2 [SR] Verify complete
2017-09-17 20:35:56, Info                  CSI    000000a3 [SR] Verifying 100 (0x0000000000000064) components
2017-09-17 20:35:56, Info                  CSI    000000a4 [SR] Beginning Verify and Repair transaction
2017-09-17 20:36:00, Info                  CSI    000000c9 [SR] Verify complete
2017-09-17 20:36:00, Info                  CSI    000000ca [SR] Verifying 100 (0x0000000000000064) components
2017-09-17 20:36:00, Info                  CSI    000000cb [SR] Beginning Verify and Repair transaction
2017-09-17 20:36:02, Info                  CSI    000000cd [SR] Verify complete
2017-09-17 20:36:02, Info                  CSI    000000ce [SR] Verifying 100 (0x0000000000000064) components
2017-09-17 20:36:02, Info                  CSI    000000cf [SR] Beginning Verify and Repair transaction
2017-09-17 20:36:04, Info                  CSI    000000d1 [SR] Verify complete
2017-09-17 20:36:04, Info                  CSI    000000d2 [SR] Verifying 100 (0x0000000000000064) components
2017-09-17 20:36:04, Info                  CSI    000000d3 [SR] Beginning Verify and Repair transaction
2017-09-17 20:36:06, Info                  CSI    000000d5 [SR] Verify complete
2017-09-17 20:36:06, Info                  CSI    000000d6 [SR] Verifying 100 (0x0000000000000064) components
2017-09-17 20:36:06, Info                  CSI    000000d7 [SR] Beginning Verify and Repair transaction
2017-09-17 20:36:07, Info                  CSI    000000d9 [SR] Verify complete
2017-09-17 20:36:07, Info                  CSI    000000da [SR] Verifying 100 (0x0000000000000064) components
2017-09-17 20:36:07, Info                  CSI    000000db [SR] Beginning Verify and Repair transaction
2017-09-17 20:36:15, Info                  CSI    000000dd [SR] Verify complete
2017-09-17 20:36:15, Info                  CSI    000000de [SR] Verifying 100 (0x0000000000000064) components
2017-09-17 20:36:15, Info                  CSI    000000df [SR] Beginning Verify and Repair transaction
2017-09-17 20:36:18, Info                  CSI    000000e3 [SR] Verify complete
2017-09-17 20:36:18, Info                  CSI    000000e4 [SR] Verifying 100 (0x0000000000000064) components
2017-09-17 20:36:18, Info                  CSI    000000e5 [SR] Beginning Verify and Repair transaction
2017-09-17 20:36:21, Info                  CSI    00000106 [SR] Verify complete
2017-09-17 20:36:22, Info                  CSI    00000107 [SR] Verifying 100 (0x0000000000000064) components
2017-09-17 20:36:22, Info                  CSI    00000108 [SR] Beginning Verify and Repair transaction
2017-09-17 20:36:26, Info                  CSI    0000010a [SR] Verify complete
2017-09-17 20:36:26, Info                  CSI    0000010b [SR] Verifying 100 (0x0000000000000064) components
2017-09-17 20:36:26, Info                  CSI    0000010c [SR] Beginning Verify and Repair transaction
2017-09-17 20:36:29, Info                  CSI    00000110 [SR] Verify complete
2017-09-17 20:36:30, Info                  CSI    00000111 [SR] Verifying 100 (0x0000000000000064) components
2017-09-17 20:36:30, Info                  CSI    00000112 [SR] Beginning Verify and Repair transaction
2017-09-17 20:36:31, Info                  CSI    00000114 [SR] Verify complete
2017-09-17 20:36:31, Info                  CSI    00000115 [SR] Verifying 100 (0x0000000000000064) components
2017-09-17 20:36:31, Info                  CSI    00000116 [SR] Beginning Verify and Repair transaction
2017-09-17 20:36:32, Info                  CSI    00000118 [SR] Verify complete
2017-09-17 20:36:32, Info                  CSI    00000119 [SR] Verifying 100 (0x0000000000000064) components
2017-09-17 20:36:32, Info                  CSI    0000011a [SR] Beginning Verify and Repair transaction
2017-09-17 20:36:33, Info                  CSI    0000011c [SR] Verify complete
2017-09-17 20:36:33, Info                  CSI    0000011d [SR] Verifying 100 (0x0000000000000064) components
2017-09-17 20:36:33, Info                  CSI    0000011e [SR] Beginning Verify and Repair transaction
2017-09-17 20:36:38, Info                  CSI    00000131 [SR] Verify complete
2017-09-17 20:36:38, Info                  CSI    00000132 [SR] Verifying 100 (0x0000000000000064) components
2017-09-17 20:36:38, Info                  CSI    00000133 [SR] Beginning Verify and Repair transaction
2017-09-17 20:36:39, Info                  CSI    00000135 [SR] Verify complete
2017-09-17 20:36:39, Info                  CSI    00000136 [SR] Verifying 100 (0x0000000000000064) components
2017-09-17 20:36:39, Info                  CSI    00000137 [SR] Beginning Verify and Repair transaction
2017-09-17 20:36:40, Info                  CSI    00000139 [SR] Verify complete
2017-09-17 20:36:40, Info                  CSI    0000013a [SR] Verifying 100 (0x0000000000000064) components
2017-09-17 20:36:40, Info                  CSI    0000013b [SR] Beginning Verify and Repair transaction
2017-09-17 20:36:41, Info                  CSI    0000013d [SR] Verify complete
2017-09-17 20:36:41, Info                  CSI    0000013e [SR] Verifying 100 (0x0000000000000064) components
2017-09-17 20:36:41, Info                  CSI    0000013f [SR] Beginning Verify and Repair transaction
2017-09-17 20:36:42, Info                  CSI    00000141 [SR] Verify complete
2017-09-17 20:36:43, Info                  CSI    00000142 [SR] Verifying 100 (0x0000000000000064) components
2017-09-17 20:36:43, Info                  CSI    00000143 [SR] Beginning Verify and Repair transaction
2017-09-17 20:36:46, Info                  CSI    00000147 [SR] Verify complete
2017-09-17 20:36:47, Info                  CSI    00000148 [SR] Verifying 100 (0x0000000000000064) components
2017-09-17 20:36:47, Info                  CSI    00000149 [SR] Beginning Verify and Repair transaction
2017-09-17 20:36:48, Info                  CSI    0000014b [SR] Verify complete
2017-09-17 20:36:48, Info                  CSI    0000014c [SR] Verifying 100 (0x0000000000000064) components
2017-09-17 20:36:48, Info                  CSI    0000014d [SR] Beginning Verify and Repair transaction
2017-09-17 20:36:49, Info                  CSI    0000014f [SR] Verify complete
2017-09-17 20:36:49, Info                  CSI    00000150 [SR] Verifying 100 (0x0000000000000064) components
2017-09-17 20:36:49, Info                  CSI    00000151 [SR] Beginning Verify and Repair transaction
2017-09-17 20:36:51, Info                  CSI    00000153 [SR] Verify complete
2017-09-17 20:36:51, Info                  CSI    00000154 [SR] Verifying 100 (0x0000000000000064) components
2017-09-17 20:36:51, Info                  CSI    00000155 [SR] Beginning Verify and Repair transaction
2017-09-17 20:36:52, Info                  CSI    00000157 [SR] Verify complete
2017-09-17 20:36:53, Info                  CSI    00000158 [SR] Verifying 100 (0x0000000000000064) components
2017-09-17 20:36:53, Info                  CSI    00000159 [SR] Beginning Verify and Repair transaction
2017-09-17 20:36:55, Info                  CSI    0000015b [SR] Verify complete
2017-09-17 20:36:55, Info                  CSI    0000015c [SR] Verifying 100 (0x0000000000000064) components
2017-09-17 20:36:55, Info                  CSI    0000015d [SR] Beginning Verify and Repair transaction
2017-09-17 20:37:00, Info                  CSI    00000171 [SR] Verify complete
2017-09-17 20:37:00, Info                  CSI    00000172 [SR] Verifying 100 (0x0000000000000064) components
2017-09-17 20:37:00, Info                  CSI    00000173 [SR] Beginning Verify and Repair transaction
2017-09-17 20:37:02, Info                  CSI    00000179 [SR] Verify complete
2017-09-17 20:37:02, Info                  CSI    0000017a [SR] Verifying 100 (0x0000000000000064) components
2017-09-17 20:37:02, Info                  CSI    0000017b [SR] Beginning Verify and Repair transaction
2017-09-17 20:37:08, Info                  CSI    0000017d [SR] Verify complete
2017-09-17 20:37:08, Info                  CSI    0000017e [SR] Verifying 100 (0x0000000000000064) components
2017-09-17 20:37:08, Info                  CSI    0000017f [SR] Beginning Verify and Repair transaction
2017-09-17 20:37:10, Info                  CSI    00000182 [SR] Verify complete
2017-09-17 20:37:10, Info                  CSI    00000183 [SR] Verifying 100 (0x0000000000000064) components
2017-09-17 20:37:10, Info                  CSI    00000184 [SR] Beginning Verify and Repair transaction
2017-09-17 20:37:14, Info                  CSI    00000186 [SR] Verify complete
2017-09-17 20:37:14, Info                  CSI    00000187 [SR] Verifying 100 (0x0000000000000064) components
2017-09-17 20:37:14, Info                  CSI    00000188 [SR] Beginning Verify and Repair transaction
2017-09-17 20:37:16, Info                  CSI    0000018a [SR] Verify complete
2017-09-17 20:37:16, Info                  CSI    0000018b [SR] Verifying 100 (0x0000000000000064) components
2017-09-17 20:37:16, Info                  CSI    0000018c [SR] Beginning Verify and Repair transaction
2017-09-17 20:37:17, Info                  CSI    0000018e [SR] Verify complete
2017-09-17 20:37:18, Info                  CSI    0000018f [SR] Verifying 100 (0x0000000000000064) components
2017-09-17 20:37:18, Info                  CSI    00000190 [SR] Beginning Verify and Repair transaction
2017-09-17 20:37:19, Info                  CSI    00000192 [SR] Verify complete
2017-09-17 20:37:19, Info                  CSI    00000193 [SR] Verifying 100 (0x0000000000000064) components
2017-09-17 20:37:19, Info                  CSI    00000194 [SR] Beginning Verify and Repair transaction
2017-09-17 20:37:21, Info                  CSI    00000198 [SR] Verify complete
2017-09-17 20:37:21, Info                  CSI    00000199 [SR] Verifying 100 (0x0000000000000064) components
2017-09-17 20:37:21, Info                  CSI    0000019a [SR] Beginning Verify and Repair transaction
2017-09-17 20:37:27, Info                  CSI    0000019c [SR] Verify complete
2017-09-17 20:37:27, Info                  CSI    0000019d [SR] Verifying 100 (0x0000000000000064) components
2017-09-17 20:37:27, Info                  CSI    0000019e [SR] Beginning Verify and Repair transaction
2017-09-17 20:37:30, Info                  CSI    000001a1 [SR] Verify complete
2017-09-17 20:37:30, Info                  CSI    000001a2 [SR] Verifying 100 (0x0000000000000064) components
2017-09-17 20:37:30, Info                  CSI    000001a3 [SR] Beginning Verify and Repair transaction
2017-09-17 20:37:32, Info                  CSI    000001a5 [SR] Verify complete
2017-09-17 20:37:32, Info                  CSI    000001a6 [SR] Verifying 100 (0x0000000000000064) components
2017-09-17 20:37:32, Info                  CSI    000001a7 [SR] Beginning Verify and Repair transaction
2017-09-17 20:37:34, Info                  CSI    000001aa [SR] Verify complete
2017-09-17 20:37:34, Info                  CSI    000001ab [SR] Verifying 100 (0x0000000000000064) components
2017-09-17 20:37:34, Info                  CSI    000001ac [SR] Beginning Verify and Repair transaction
2017-09-17 20:37:37, Info                  CSI    000001af [SR] Verify complete
2017-09-17 20:37:37, Info                  CSI    000001b0 [SR] Verifying 100 (0x0000000000000064) components
2017-09-17 20:37:37, Info                  CSI    000001b1 [SR] Beginning Verify and Repair transaction
2017-09-17 20:37:39, Info                  CSI    000001b3 [SR] Verify complete
2017-09-17 20:37:40, Info                  CSI    000001b4 [SR] Verifying 100 (0x0000000000000064) components
2017-09-17 20:37:40, Info                  CSI    000001b5 [SR] Beginning Verify and Repair transaction
2017-09-17 20:37:41, Info                  CSI    000001b7 [SR] Verify complete
2017-09-17 20:37:42, Info                  CSI    000001b8 [SR] Verifying 100 (0x0000000000000064) components
2017-09-17 20:37:42, Info                  CSI    000001b9 [SR] Beginning Verify and Repair transaction
2017-09-17 20:37:43, Info                  CSI    000001bb [SR] Verify complete
2017-09-17 20:37:43, Info                  CSI    000001bc [SR] Verifying 100 (0x0000000000000064) components
2017-09-17 20:37:43, Info                  CSI    000001bd [SR] Beginning Verify and Repair transaction
2017-09-17 20:37:45, Info                  CSI    000001c0 [SR] Verify complete
2017-09-17 20:37:45, Info                  CSI    000001c1 [SR] Verifying 100 (0x0000000000000064) components
2017-09-17 20:37:45, Info                  CSI    000001c2 [SR] Beginning Verify and Repair transaction
2017-09-17 20:37:47, Info                  CSI    000001c4 [SR] Verify complete
2017-09-17 20:37:47, Info                  CSI    000001c5 [SR] Verifying 100 (0x0000000000000064) components
2017-09-17 20:37:47, Info                  CSI    000001c6 [SR] Beginning Verify and Repair transaction
2017-09-17 20:37:48, Info                  CSI    000001c8 [SR] Verify complete
2017-09-17 20:37:48, Info                  CSI    000001c9 [SR] Verifying 100 (0x0000000000000064) components
2017-09-17 20:37:48, Info                  CSI    000001ca [SR] Beginning Verify and Repair transaction
2017-09-17 20:37:51, Info                  CSI    000001cd [SR] Verify complete
2017-09-17 20:37:51, Info                  CSI    000001ce [SR] Verifying 100 (0x0000000000000064) components
2017-09-17 20:37:51, Info                  CSI    000001cf [SR] Beginning Verify and Repair transaction
2017-09-17 20:37:53, Info                  CSI    000001d2 [SR] Verify complete
2017-09-17 20:37:53, Info                  CSI    000001d3 [SR] Verifying 100 (0x0000000000000064) components
2017-09-17 20:37:53, Info                  CSI    000001d4 [SR] Beginning Verify and Repair transaction
2017-09-17 20:37:55, Info                  CSI    000001d7 [SR] Verify complete
2017-09-17 20:37:55, Info                  CSI    000001d8 [SR] Verifying 100 (0x0000000000000064) components
2017-09-17 20:37:55, Info                  CSI    000001d9 [SR] Beginning Verify and Repair transaction
2017-09-17 20:37:57, Info                  CSI    000001db [SR] Verify complete
2017-09-17 20:37:58, Info                  CSI    000001dc [SR] Verifying 100 (0x0000000000000064) components
2017-09-17 20:37:58, Info                  CSI    000001dd [SR] Beginning Verify and Repair transaction
2017-09-17 20:38:00, Info                  CSI    000001e0 [SR] Verify complete
2017-09-17 20:38:00, Info                  CSI    000001e1 [SR] Verifying 100 (0x0000000000000064) components
2017-09-17 20:38:00, Info                  CSI    000001e2 [SR] Beginning Verify and Repair transaction
2017-09-17 20:38:01, Info                  CSI    000001e4 [SR] Verify complete
2017-09-17 20:38:02, Info                  CSI    000001e5 [SR] Verifying 100 (0x0000000000000064) components
2017-09-17 20:38:02, Info                  CSI    000001e6 [SR] Beginning Verify and Repair transaction
2017-09-17 20:38:03, Info                  CSI    000001e8 [SR] Verify complete
2017-09-17 20:38:03, Info                  CSI    000001e9 [SR] Verifying 100 (0x0000000000000064) components
2017-09-17 20:38:03, Info                  CSI    000001ea [SR] Beginning Verify and Repair transaction
2017-09-17 20:38:04, Info                  CSI    000001ec [SR] Verify complete
2017-09-17 20:38:04, Info                  CSI    000001ed [SR] Verifying 100 (0x0000000000000064) components
2017-09-17 20:38:04, Info                  CSI    000001ee [SR] Beginning Verify and Repair transaction
2017-09-17 20:38:06, Info                  CSI    000001f0 [SR] Verify complete
2017-09-17 20:38:06, Info                  CSI    000001f1 [SR] Verifying 100 (0x0000000000000064) components
2017-09-17 20:38:06, Info                  CSI    000001f2 [SR] Beginning Verify and Repair transaction
2017-09-17 20:38:08, Info                  CSI    000001f4 [SR] Verify complete
2017-09-17 20:38:08, Info                  CSI    000001f5 [SR] Verifying 100 (0x0000000000000064) components
2017-09-17 20:38:08, Info                  CSI    000001f6 [SR] Beginning Verify and Repair transaction
2017-09-17 20:38:09, Info                  CSI    000001f8 [SR] Verify complete
2017-09-17 20:38:10, Info                  CSI    000001f9 [SR] Verifying 100 (0x0000000000000064) components
2017-09-17 20:38:10, Info                  CSI    000001fa [SR] Beginning Verify and Repair transaction
2017-09-17 20:38:12, Info                  CSI    000001fc [SR] Verify complete
2017-09-17 20:38:12, Info                  CSI    000001fd [SR] Verifying 100 (0x0000000000000064) components
2017-09-17 20:38:12, Info                  CSI    000001fe [SR] Beginning Verify and Repair transaction
2017-09-17 20:38:23, Info                  CSI    00000200 [SR] Verify complete
2017-09-17 20:38:23, Info                  CSI    00000201 [SR] Verifying 100 (0x0000000000000064) components
2017-09-17 20:38:23, Info                  CSI    00000202 [SR] Beginning Verify and Repair transaction
2017-09-17 20:38:31, Info                  CSI    00000204 [SR] Verify complete
2017-09-17 20:38:31, Info                  CSI    00000205 [SR] Verifying 100 (0x0000000000000064) components
2017-09-17 20:38:31, Info                  CSI    00000206 [SR] Beginning Verify and Repair transaction
2017-09-17 20:38:35, Info                  CSI    00000208 [SR] Verify complete
2017-09-17 20:38:35, Info                  CSI    00000209 [SR] Verifying 100 (0x0000000000000064) components
2017-09-17 20:38:35, Info                  CSI    0000020a [SR] Beginning Verify and Repair transaction
2017-09-17 20:38:36, Info                  CSI    0000020c [SR] Verify complete
2017-09-17 20:38:36, Info                  CSI    0000020d [SR] Verifying 100 (0x0000000000000064) components
2017-09-17 20:38:36, Info                  CSI    0000020e [SR] Beginning Verify and Repair transaction
2017-09-17 20:38:38, Info                  CSI    00000210 [SR] Verify complete
2017-09-17 20:38:38, Info                  CSI    00000211 [SR] Verifying 100 (0x0000000000000064) components
2017-09-17 20:38:38, Info                  CSI    00000212 [SR] Beginning Verify and Repair transaction
2017-09-17 20:38:39, Info                  CSI    00000214 [SR] Verify complete
2017-09-17 20:38:39, Info                  CSI    00000215 [SR] Verifying 100 (0x0000000000000064) components
2017-09-17 20:38:39, Info                  CSI    00000216 [SR] Beginning Verify and Repair transaction
2017-09-17 20:38:41, Info                  CSI    00000218 [SR] Verify complete
2017-09-17 20:38:41, Info                  CSI    00000219 [SR] Verifying 100 (0x0000000000000064) components
2017-09-17 20:38:41, Info                  CSI    0000021a [SR] Beginning Verify and Repair transaction
2017-09-17 20:38:41, Info                  CSI    0000021c [SR] Verify complete
2017-09-17 20:38:42, Info                  CSI    0000021d [SR] Verifying 100 (0x0000000000000064) components
2017-09-17 20:38:42, Info                  CSI    0000021e [SR] Beginning Verify and Repair transaction
2017-09-17 20:38:42, Info                  CSI    00000220 [SR] Verify complete
2017-09-17 20:38:42, Info                  CSI    00000221 [SR] Verifying 100 (0x0000000000000064) components
2017-09-17 20:38:42, Info                  CSI    00000222 [SR] Beginning Verify and Repair transaction
2017-09-17 20:38:45, Info                  CSI    0000022a [SR] Verify complete
2017-09-17 20:38:46, Info                  CSI    0000022b [SR] Verifying 100 (0x0000000000000064) components
2017-09-17 20:38:46, Info                  CSI    0000022c [SR] Beginning Verify and Repair transaction
2017-09-17 20:38:46, Info                  CSI    0000022e [SR] Verify complete
2017-09-17 20:38:47, Info                  CSI    0000022f [SR] Verifying 100 (0x0000000000000064) components
2017-09-17 20:38:47, Info                  CSI    00000230 [SR] Beginning Verify and Repair transaction
2017-09-17 20:38:48, Info                  CSI    00000232 [SR] Verify complete
2017-09-17 20:38:48, Info                  CSI    00000233 [SR] Verifying 100 (0x0000000000000064) components
2017-09-17 20:38:48, Info                  CSI    00000234 [SR] Beginning Verify and Repair transaction
2017-09-17 20:38:49, Info                  CSI    00000236 [SR] Verify complete
2017-09-17 20:38:49, Info                  CSI    00000237 [SR] Verifying 100 (0x0000000000000064) components
2017-09-17 20:38:49, Info                  CSI    00000238 [SR] Beginning Verify and Repair transaction
2017-09-17 20:38:51, Info                  CSI    0000023a [SR] Verify complete
2017-09-17 20:38:51, Info                  CSI    0000023b [SR] Verifying 100 (0x0000000000000064) components
2017-09-17 20:38:51, Info                  CSI    0000023c [SR] Beginning Verify and Repair transaction
2017-09-17 20:38:55, Info                  CSI    0000023f [SR] Verify complete
2017-09-17 20:38:56, Info                  CSI    00000240 [SR] Verifying 100 (0x0000000000000064) components
2017-09-17 20:38:56, Info                  CSI    00000241 [SR] Beginning Verify and Repair transaction
2017-09-17 20:38:57, Info                  CSI    00000243 [SR] Verify complete
2017-09-17 20:38:57, Info                  CSI    00000244 [SR] Verifying 100 (0x0000000000000064) components
2017-09-17 20:38:57, Info                  CSI    00000245 [SR] Beginning Verify and Repair transaction
2017-09-17 20:38:57, Info                  CSI    00000247 [SR] Verify complete
2017-09-17 20:38:58, Info                  CSI    00000248 [SR] Verifying 100 (0x0000000000000064) components
2017-09-17 20:38:58, Info                  CSI    00000249 [SR] Beginning Verify and Repair transaction
2017-09-17 20:39:02, Info                  CSI    0000024e [SR] Verify complete
2017-09-17 20:39:02, Info                  CSI    0000024f [SR] Verifying 100 (0x0000000000000064) components
2017-09-17 20:39:02, Info                  CSI    00000250 [SR] Beginning Verify and Repair transaction
2017-09-17 20:39:05, Info                  CSI    00000255 [SR] Verify complete
2017-09-17 20:39:05, Info                  CSI    00000256 [SR] Verifying 100 (0x0000000000000064) components
2017-09-17 20:39:05, Info                  CSI    00000257 [SR] Beginning Verify and Repair transaction
2017-09-17 20:39:08, Info                  CSI    00000259 [SR] Verify complete
2017-09-17 20:39:09, Info                  CSI    0000025a [SR] Verifying 100 (0x0000000000000064) components
2017-09-17 20:39:09, Info                  CSI    0000025b [SR] Beginning Verify and Repair transaction
2017-09-17 20:39:11, Info                  CSI    00000269 [SR] Verify complete
2017-09-17 20:39:11, Info                  CSI    0000026a [SR] Verifying 100 (0x0000000000000064) components
2017-09-17 20:39:11, Info                  CSI    0000026b [SR] Beginning Verify and Repair transaction
2017-09-17 20:39:13, Info                  CSI    00000271 [SR] Verify complete
2017-09-17 20:39:13, Info                  CSI    00000272 [SR] Verifying 100 (0x0000000000000064) components
2017-09-17 20:39:13, Info                  CSI    00000273 [SR] Beginning Verify and Repair transaction
2017-09-17 20:39:14, Info                  CSI    00000275 [SR] Verify complete
2017-09-17 20:39:15, Info                  CSI    00000276 [SR] Verifying 100 (0x0000000000000064) components
2017-09-17 20:39:15, Info                  CSI    00000277 [SR] Beginning Verify and Repair transaction
2017-09-17 20:39:16, Info                  CSI    0000027b [SR] Verify complete
2017-09-17 20:39:16, Info                  CSI    0000027c [SR] Verifying 100 (0x0000000000000064) components
2017-09-17 20:39:16, Info                  CSI    0000027d [SR] Beginning Verify and Repair transaction
2017-09-17 20:39:17, Info                  CSI    0000027f [SR] Verify complete
2017-09-17 20:39:18, Info                  CSI    00000280 [SR] Verifying 100 (0x0000000000000064) components
2017-09-17 20:39:18, Info                  CSI    00000281 [SR] Beginning Verify and Repair transaction
2017-09-17 20:39:20, Info                  CSI    000002a6 [SR] Verify complete
2017-09-17 20:39:21, Info                  CSI    000002a7 [SR] Verifying 100 (0x0000000000000064) components
2017-09-17 20:39:21, Info                  CSI    000002a8 [SR] Beginning Verify and Repair transaction
2017-09-17 20:39:22, Info                  CSI    000002aa [SR] Verify complete
2017-09-17 20:39:22, Info                  CSI    000002ab [SR] Verifying 100 (0x0000000000000064) components
2017-09-17 20:39:22, Info                  CSI    000002ac [SR] Beginning Verify and Repair transaction
2017-09-17 20:39:23, Info                  CSI    000002ae [SR] Verify complete
2017-09-17 20:39:23, Info                  CSI    000002af [SR] Verifying 100 (0x0000000000000064) components
2017-09-17 20:39:23, Info                  CSI    000002b0 [SR] Beginning Verify and Repair transaction
2017-09-17 20:39:24, Info                  CSI    000002b2 [SR] Verify complete
2017-09-17 20:39:25, Info                  CSI    000002b3 [SR] Verifying 100 (0x0000000000000064) components
2017-09-17 20:39:25, Info                  CSI    000002b4 [SR] Beginning Verify and Repair transaction
2017-09-17 20:39:27, Info                  CSI    000002c2 [SR] Verify complete
2017-09-17 20:39:27, Info                  CSI    000002c3 [SR] Verifying 100 (0x0000000000000064) components
2017-09-17 20:39:27, Info                  CSI    000002c4 [SR] Beginning Verify and Repair transaction
2017-09-17 20:39:29, Info                  CSI    000002c6 [SR] Verify complete
2017-09-17 20:39:29, Info                  CSI    000002c7 [SR] Verifying 100 (0x0000000000000064) components
2017-09-17 20:39:29, Info                  CSI    000002c8 [SR] Beginning Verify and Repair transaction
2017-09-17 20:39:33, Info                  CSI    000002d6 [SR] Verify complete
2017-09-17 20:39:33, Info                  CSI    000002d7 [SR] Verifying 100 (0x0000000000000064) components
2017-09-17 20:39:33, Info                  CSI    000002d8 [SR] Beginning Verify and Repair transaction
2017-09-17 20:39:34, Info                  CSI    000002da [SR] Verify complete
2017-09-17 20:39:34, Info                  CSI    000002db [SR] Verifying 100 (0x0000000000000064) components
2017-09-17 20:39:34, Info                  CSI    000002dc [SR] Beginning Verify and Repair transaction
2017-09-17 20:39:35, Info                  CSI    000002de [SR] Verify complete
2017-09-17 20:39:36, Info                  CSI    000002df [SR] Verifying 100 (0x0000000000000064) components
2017-09-17 20:39:36, Info                  CSI    000002e0 [SR] Beginning Verify and Repair transaction
2017-09-17 20:39:37, Info                  CSI    000002e3 [SR] Verify complete
2017-09-17 20:39:37, Info                  CSI    000002e4 [SR] Verifying 100 (0x0000000000000064) components
2017-09-17 20:39:37, Info                  CSI    000002e5 [SR] Beginning Verify and Repair transaction
2017-09-17 20:39:38, Info                  CSI    000002e7 [SR] Verify complete
2017-09-17 20:39:38, Info                  CSI    000002e8 [SR] Verifying 100 (0x0000000000000064) components
2017-09-17 20:39:38, Info                  CSI    000002e9 [SR] Beginning Verify and Repair transaction
2017-09-17 20:39:40, Info                  CSI    000002eb [SR] Verify complete
2017-09-17 20:39:40, Info                  CSI    000002ec [SR] Verifying 100 (0x0000000000000064) components
2017-09-17 20:39:40, Info                  CSI    000002ed [SR] Beginning Verify and Repair transaction
2017-09-17 20:39:41, Info                  CSI    000002ef [SR] Verify complete
2017-09-17 20:39:41, Info                  CSI    000002f0 [SR] Verifying 100 (0x0000000000000064) components
2017-09-17 20:39:41, Info                  CSI    000002f1 [SR] Beginning Verify and Repair transaction
2017-09-17 20:39:44, Info                  CSI    000002fe [SR] Verify complete
2017-09-17 20:39:45, Info                  CSI    000002ff [SR] Verifying 100 (0x0000000000000064) components
2017-09-17 20:39:45, Info                  CSI    00000300 [SR] Beginning Verify and Repair transaction
2017-09-17 20:39:47, Info                  CSI    0000030f [SR] Verify complete
2017-09-17 20:39:47, Info                  CSI    00000310 [SR] Verifying 100 (0x0000000000000064) components
2017-09-17 20:39:47, Info                  CSI    00000311 [SR] Beginning Verify and Repair transaction
2017-09-17 20:39:53, Info                  CSI    00000313 [SR] Verify complete
2017-09-17 20:39:53, Info                  CSI    00000314 [SR] Verifying 100 (0x0000000000000064) components
2017-09-17 20:39:53, Info                  CSI    00000315 [SR] Beginning Verify and Repair transaction
2017-09-17 20:39:55, Info                  CSI    00000317 [SR] Verify complete
2017-09-17 20:39:55, Info                  CSI    00000318 [SR] Verifying 100 (0x0000000000000064) components
2017-09-17 20:39:55, Info                  CSI    00000319 [SR] Beginning Verify and Repair transaction
2017-09-17 20:39:56, Info                  CSI    0000031b [SR] Verify complete
2017-09-17 20:39:56, Info                  CSI    0000031c [SR] Verifying 100 (0x0000000000000064) components
2017-09-17 20:39:56, Info                  CSI    0000031d [SR] Beginning Verify and Repair transaction
2017-09-17 20:39:57, Info                  CSI    00000321 [SR] Verify complete
2017-09-17 20:39:58, Info                  CSI    00000322 [SR] Verifying 100 (0x0000000000000064) components
2017-09-17 20:39:58, Info                  CSI    00000323 [SR] Beginning Verify and Repair transaction
2017-09-17 20:39:59, Info                  CSI    00000325 [SR] Verify complete
2017-09-17 20:39:59, Info                  CSI    00000326 [SR] Verifying 100 (0x0000000000000064) components
2017-09-17 20:39:59, Info                  CSI    00000327 [SR] Beginning Verify and Repair transaction
2017-09-17 20:40:01, Info                  CSI    00000329 [SR] Verify complete
2017-09-17 20:40:01, Info                  CSI    0000032a [SR] Verifying 100 (0x0000000000000064) components
2017-09-17 20:40:01, Info                  CSI    0000032b [SR] Beginning Verify and Repair transaction
2017-09-17 20:40:02, Info                  CSI    0000032d [SR] Verify complete
2017-09-17 20:40:02, Info                  CSI    0000032e [SR] Verifying 100 (0x0000000000000064) components
2017-09-17 20:40:02, Info                  CSI    0000032f [SR] Beginning Verify and Repair transaction
2017-09-17 20:40:03, Info                  CSI    00000332 [SR] Verify complete
2017-09-17 20:40:03, Info                  CSI    00000333 [SR] Verifying 100 (0x0000000000000064) components
2017-09-17 20:40:03, Info                  CSI    00000334 [SR] Beginning Verify and Repair transaction
2017-09-17 20:40:04, Info                  CSI    00000336 [SR] Verify complete
2017-09-17 20:40:05, Info                  CSI    00000337 [SR] Verifying 100 (0x0000000000000064) components
2017-09-17 20:40:05, Info                  CSI    00000338 [SR] Beginning Verify and Repair transaction
2017-09-17 20:40:06, Info                  CSI    0000033a [SR] Verify complete
2017-09-17 20:40:06, Info                  CSI    0000033b [SR] Verifying 100 (0x0000000000000064) components
2017-09-17 20:40:06, Info                  CSI    0000033c [SR] Beginning Verify and Repair transaction
2017-09-17 20:40:08, Info                  CSI    0000033f [SR] Verify complete
2017-09-17 20:40:08, Info                  CSI    00000340 [SR] Verifying 100 (0x0000000000000064) components
2017-09-17 20:40:08, Info                  CSI    00000341 [SR] Beginning Verify and Repair transaction
2017-09-17 20:40:09, Info                  CSI    00000343 [SR] Verify complete
2017-09-17 20:40:10, Info                  CSI    00000344 [SR] Verifying 100 (0x0000000000000064) components
2017-09-17 20:40:10, Info                  CSI    00000345 [SR] Beginning Verify and Repair transaction
2017-09-17 20:40:12, Info                  CSI    00000347 [SR] Verify complete
2017-09-17 20:40:12, Info                  CSI    00000348 [SR] Verifying 100 (0x0000000000000064) components
2017-09-17 20:40:12, Info                  CSI    00000349 [SR] Beginning Verify and Repair transaction
2017-09-17 20:40:13, Info                  CSI    0000034b [SR] Verify complete
2017-09-17 20:40:13, Info                  CSI    0000034c [SR] Verifying 100 (0x0000000000000064) components
2017-09-17 20:40:13, Info                  CSI    0000034d [SR] Beginning Verify and Repair transaction
2017-09-17 20:40:15, Info                  CSI    0000034f [SR] Verify complete
2017-09-17 20:40:15, Info                  CSI    00000350 [SR] Verifying 61 (0x000000000000003d) components
2017-09-17 20:40:15, Info                  CSI    00000351 [SR] Beginning Verify and Repair transaction
2017-09-17 20:40:16, Info                  CSI    00000353 [SR] Verify complete
2017-09-17 20:40:16, Info                  CSI    00000354 [SR] Repairing 0 components
2017-09-17 20:40:16, Info                  CSI    00000355 [SR] Beginning Verify and Repair transaction
2017-09-17 20:40:16, Info                  CSI    00000357 [SR] Repair complete

========= End of CMD: =========


=========== EmptyTemp: ==========

BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 6068611 B
Java, Flash, Steam htmlcache => 115395040 B
Windows/system/drivers => 31982080 B
Edge => 0 B
Chrome => 135684940 B
Firefox => 390887725 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 33125 B
Public => 0 B
ProgramData => 0 B
systemprofile => 33253 B
systemprofile32 => 39159 B
LocalService => 794225 B
NetworkService => 7636938 B
big red => 15288364 B

RecycleBin => 3753797 B
EmptyTemp: => 682.8 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 20:40:31 ====

Attached Files



#13 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 38,196 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:09:17 AM

Posted 17 September 2017 - 09:03 PM

Thank you.

 

Your gaming mouse crashed your computer.

 

Please boot into Safe Mode with Networking and test your computer.


Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"For unto us a Child is born, Unto us a Son is given;"

#14 acadburn

acadburn
  • Topic Starter

  • Members
  • 26 posts
  • OFFLINE
  •  
  • Local time:11:17 AM

Posted 17 September 2017 - 09:14 PM

4.33mb down 3.2mb up



#15 acadburn

acadburn
  • Topic Starter

  • Members
  • 26 posts
  • OFFLINE
  •  
  • Local time:11:17 AM

Posted 17 September 2017 - 09:16 PM

I ran a 2nd speed test this one from my ISP and they said

 

9ms ping

jitter 51ms  

Download 1.8

Upload 3.6

 

(still in safe mode)






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users