Jump to content

Recommended Posts

I am having trouble connecting to https websites using firefox. It says the connection is insecure.

I ran malwarebytes anti-rootkit and I got rid of one that it found.

I used Rogue Killer and it removed some DNS-related malware

But it still sometimes won't let me do a simple google search due to insecure connection.

 

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 11-02-2017 01
Ran by John (administrator) on HOME (11-02-2017 16:36:27)
Running from C:\Users\John\Desktop
Loaded Profiles: John (Available Profiles: John & Guest)
Platform: Windows 10 Home Version 1607 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SbieSvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
() C:\Program Files\Listary\ListaryService.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Code 42 Software) C:\Program Files (x86)\CrashPlan\CrashPlanService.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\Program Files (x86)\Common Files\Appkeys\yytool64.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
() C:\Program Files (x86)\Haystack Software\Arq 5\ArqAgent.exe
() C:\Program Files\Everything\Everything.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Windows\System32\igfxTray.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.11.105.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(AVAST Software s.r.o.) C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Hewlett-Packard ) C:\Program Files\IDT\WDM\Beats64.exe
(Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SbieCtrl.exe
() C:\Program Files (x86)\CLCL\CLCL.exe
(Code 42 Software, Inc.) C:\Program Files (x86)\CrashPlan\CrashPlanTray.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
() C:\Users\John\.odrive\bin\6083\odriveapp.exe
(odrive) C:\Users\John\.odrive\bin\6083\odrive.exe
(JockerSoft) C:\Users\John\Desktop\monitorBright.exe
(Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SbieSvc.exe
(Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SandboxieRpcSs.exe
(Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SandboxieDcomLaunch.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\32\SbieSvc.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SandboxieCrypto.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Ipswitch, Inc.) C:\Program Files (x86)\Ipswitch\iMacros\nm.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Farbar) C:\Users\John\Desktop\FRST64 (1).exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
() C:\Program Files\AutoHotkey\AutoHotkey.exe

==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1703424 2014-01-05] (IDT, Inc.)
HKLM\...\Run: [BeatsOSDApp] => C:\Program Files\IDT\WDM\beats64.exe [41664 2014-01-05] (Hewlett-Packard )
HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [163800 2016-07-30] (IvoSoft)
HKLM\...\Run: [Malwarebytes TrayApp] => C:\PROGRAM FILES/MALWAREBYTES/ANTI-MALWARE\mbamtray.exe [2776528 2016-12-14] (Malwarebytes)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [205512 2017-02-11] (AVAST Software)
HKLM-x32\...\Run: [CrashPlanTray] => C:\Program Files (x86)\CrashPlan\CrashPlanTray.exe [461184 2016-10-17] (Code 42 Software, Inc.)
HKLM-x32\...\Run: [amd_dc_opt] => C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe [77824 2008-07-22] (AMD)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [67384 2016-11-17] (Apple Inc.)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [KiesTrayAgent] => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [318128 2016-06-02] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2016-12-12] (Oracle Corporation)
HKU\S-1-5-21-1988652473-299233099-1850083578-1001\...\Run: [Google Update] => C:\Users\John\AppData\Local\Google\Update\1.3.32.7\GoogleUpdateCore.exe [601752 2016-12-16] (Google Inc.)
HKU\S-1-5-21-1988652473-299233099-1850083578-1001\...\Run: [SandboxieControl] => C:\Program Files\Sandboxie\SbieCtrl.exe [799376 2016-12-13] (Sandboxie Holdings, LLC)
ShellIconOverlayIdentifiers: [ 0drive.Active] -> {4585263E-BEF5-4A39-A2E8-8F69E0054F0C} => C:\Users\John\.odrive\bin\6083\x64\ActiveOverlay.dll [2016-12-09] ()
ShellIconOverlayIdentifiers: [ 0drive.Locked] -> {E07BCA71-E88B-4A5E-BA46-69A52D6B9B20} => C:\Users\John\.odrive\bin\6083\x64\LockedOverlay.dll [2016-12-09] ()
ShellIconOverlayIdentifiers: [ 0drive.Synced] -> {35B08E96-DA1F-4321-BF80-D6B53C20F3CF} => C:\Users\John\.odrive\bin\6083\x64\SyncedOverlay.dll [2016-12-09] ()
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-02-11] (AVAST Software)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-02-11] (AVAST Software)
ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2016-07-30] (IvoSoft)
ShellIconOverlayIdentifiers-x32: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer32.dll [2016-07-30] (IvoSoft)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\CLCL.lnk [2016-01-25]
ShortcutTarget: CLCL.lnk -> C:\Program Files (x86)\CLCL\CLCL.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\odrive.lnk [2016-08-25]
ShortcutTarget: odrive.lnk -> C:\Program Files\odrive\odrive.exe ()
Startup: C:\Users\John\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Monitor Ink Alerts - HP Officejet Pro 6830.lnk [2016-09-21]
ShortcutTarget: Monitor Ink Alerts - HP Officejet Pro 6830.lnk -> C:\Program Files\HP\HP Officejet Pro 6830\Bin\HPStatusBL.dll (Hewlett-Packard Development Company, LP)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{24376243-9c92-4025-bae3-3bec41cdb126}: [NameServer] 192.168.1.253,8.8.8.8
Tcpip\..\Interfaces\{24376243-9c92-4025-bae3-3bec41cdb126}: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{e278ff2e-d9fd-40c5-864b-7aa80d6a0a8e}: [DhcpNameServer] 192.168.1.254

Internet Explorer:
==================
HKU\S-1-5-21-1988652473-299233099-1850083578-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/?ocid=iehp
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2016-12-28] (Microsoft Corporation)
BHO: iMacros Browser Helper Object -> {34D5A80A-992D-4F07-9509-66E9E133BAAF} -> C:\Program Files\Ipswitch\iMacros\iMacrosBHO.dll [2014-05-27] ()
BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer64.dll [2016-07-30] (IvoSoft)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\root\Office16\GROOVEEX.DLL [2016-12-28] (Microsoft Corporation)
BHO: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_64.dll [2016-07-30] (IvoSoft)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2016-12-28] (Microsoft Corporation)
BHO-x32: iMacros Browser Helper Object -> {34D5A80A-992D-4F07-9509-66E9E133BAAF} -> C:\Program Files (x86)\Ipswitch\iMacros\iMacrosBHO.dll [2014-05-27] ()
BHO-x32: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer32.dll [2016-07-30] (IvoSoft)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\ssv.dll [2017-01-17] (Oracle Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\GROOVEEX.DLL [2016-12-28] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\jp2ssv.dll [2017-01-17] (Oracle Corporation)
BHO-x32: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_32.dll [2016-07-30] (IvoSoft)
Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2016-07-30] (IvoSoft)
Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2016-07-30] (IvoSoft)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2016-12-28] (Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2016-12-28] (Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2016-12-28] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2016-12-28] (Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2016-12-28] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2016-12-28] (Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2016-12-28] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2016-12-28] (Microsoft Corporation)

FireFox:
========
FF DefaultProfile: g95n054t.default
FF ProfilePath: C:\Users\John\AppData\Roaming\Mozilla\Firefox\Profiles\g95n054t.default [2017-02-11]
FF Homepage: Mozilla\Firefox\Profiles\g95n054t.default -> www.techmeme.com
FF NetworkProxy: Mozilla\Firefox\Profiles\g95n054t.default -> type", 0
FF Extension: (Advanced Cookie Manager) - C:\Users\John\AppData\Roaming\Mozilla\Firefox\Profiles\g95n054t.default\Extensions\cookiemgr@jayapal.com [2017-02-02]
FF Extension: (fireform) - C:\Users\John\AppData\Roaming\Mozilla\Firefox\Profiles\g95n054t.default\Extensions\fireform@mozilla.org.xpi [2017-02-02]
FF Extension: (PageZipper) - C:\Users\John\AppData\Roaming\Mozilla\Firefox\Profiles\g95n054t.default\Extensions\pagezipper@printwhatyoulike.com.xpi [2017-02-02]
FF Extension: (Snap Links) - C:\Users\John\AppData\Roaming\Mozilla\Firefox\Profiles\g95n054t.default\Extensions\snaplinks@snaplinks.mozdev.org.xpi [2017-02-02]
FF Extension: (LastPass) - C:\Users\John\AppData\Roaming\Mozilla\Firefox\Profiles\g95n054t.default\Extensions\support@lastpass.com [2017-02-02]
FF Extension: (uBlock Origin) - C:\Users\John\AppData\Roaming\Mozilla\Firefox\Profiles\g95n054t.default\Extensions\uBlock0@raymondhill.net.xpi [2017-02-02]
FF Extension: (Vocabulary Highlighter) - C:\Users\John\AppData\Roaming\Mozilla\Firefox\Profiles\g95n054t.default\Extensions\vocabhighlighter@name.domain.xpi [2017-02-02]
FF Extension: (NoSquint Plus) - C:\Users\John\AppData\Roaming\Mozilla\Firefox\Profiles\g95n054t.default\Extensions\zoomlevelplus@zoomlevelplus.net.xpi [2017-02-06]
FF Extension: (Popup Blocker Ultimate) - C:\Users\John\AppData\Roaming\Mozilla\Firefox\Profiles\g95n054t.default\Extensions\{60B7679C-BED9-11E5-998D-8526BB8E7F8B}.xpi [2017-02-02]
FF Extension: (NoScript) - C:\Users\John\AppData\Roaming\Mozilla\Firefox\Profiles\g95n054t.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2017-02-02]
FF Extension: (iMacros for Firefox) - C:\Users\John\AppData\Roaming\Mozilla\Firefox\Profiles\g95n054t.default\Extensions\{81BF1D23-5F17-408D-AC6B-BD6DF7CAF670}.xpi [2017-02-02]
FF Extension: (Right Links) - C:\Users\John\AppData\Roaming\Mozilla\Firefox\Profiles\g95n054t.default\Extensions\{B5F5E8D3-AE31-49A1-AC42-78B7B1CC5CDC}.xpi [2017-02-09]
FF Extension: (Greasemonkey) - C:\Users\John\AppData\Roaming\Mozilla\Firefox\Profiles\g95n054t.default\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2017-02-02]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF48
FF Extension: (No Name) - C:\Program Files\AVAST Software\Avast\WebRep\FF48 [2017-02-11]
FF HKLM\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF48
FF Extension: (Avast SafePrice) - C:\Program Files\AVAST Software\Avast\SafePrice\FF48 [2017-02-11]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF48
FF HKLM-x32\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF48
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_24_0_0_194.dll [2017-01-21] ()
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2016-12-28] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWoW64\Macromed\Flash\NPSWF32_24_0_0_194.dll [2017-01-21] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.121.2 -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\dtplugin\npDeployJava1.dll [2017-01-17] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.121.2 -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\plugin2\npjp2.dll [2017-01-17] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-12-28] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2016-12-28] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-16] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin HKU\S-1-5-21-1988652473-299233099-1850083578-1001: @talk.google.com/GoogleTalkPlugin -> C:\Users\John\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll [No File]
FF Plugin HKU\S-1-5-21-1988652473-299233099-1850083578-1001: @talk.google.com/O1DPlugin -> C:\Users\John\AppData\Roaming\Mozilla\plugins\npo1d.dll [No File]
FF Plugin HKU\S-1-5-21-1988652473-299233099-1850083578-1001: @tools.google.com/Google Update;version=3 -> C:\Users\John\AppData\Local\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-16] (Google Inc.)
FF Plugin HKU\S-1-5-21-1988652473-299233099-1850083578-1001: @tools.google.com/Google Update;version=9 -> C:\Users\John\AppData\Local\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-16] (Google Inc.)

Chrome: 
=======
CHR HomePage: Default -> hxxps://www.techmeme.com/
CHR StartupUrls: Default -> "hxxps://www.techmeme.com/"
CHR Profile: C:\Users\John\AppData\Local\Google\Chrome\User Data\Default [2017-02-11]
CHR Extension: (Google Slides) - C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-01-24]
CHR Extension: (Google Docs) - C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-01-24]
CHR Extension: (Google Drive) - C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-01-24]
CHR Extension: (Poper Blocker) - C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkkbcggnhapdmkeljlodobbkopceiche [2017-02-07]
CHR Extension: (YouTube) - C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-01-24]
CHR Extension: (Form Filler) - C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\bnjjngeaknajbdcgpfkgnonkmififhfo [2017-02-05]
CHR Extension: (OneTab) - C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\chphlpgkkbolifaimnlloiipkdnihall [2016-08-17]
CHR Extension: (uBlock Origin) - C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2017-02-11]
CHR Extension: (Google Search) - C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-01-24]
CHR Extension: (iMacros for Chrome) - C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp [2016-10-14]
CHR Extension: (Tampermonkey) - C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2017-01-06]
CHR Extension: (DNSthingy Assistant) - C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdmpekabnlekabjlimjkfmdjajnddgpc [2017-02-05]
CHR Extension: (Google Sheets) - C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-01-24]
CHR Extension: (Fake Data) - C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\gchcfdihakkhjgfmokemfeembfokkajj [2017-01-20]
CHR Extension: (Google Docs Offline) - C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-16]
CHR Extension: (LastPass: Free Password Manager) - C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd [2017-02-05]
CHR Extension: (Premiumize.me) - C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgcgfbbibjgalgcnfpieiaeibjkngoph [2016-09-29]
CHR Extension: (Save All Images) - C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmolegopjlipmoedaoijpjaddhjjckal [2017-01-31]
CHR Extension: (Awesome Reload All Tabs Button) - C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\kamfkajbgmjkfmfgcikbmbmpjfokfijk [2016-04-11]
CHR Extension: (Google Hangouts) - C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\knipolnnllmklapflnccelgolnpehhpl [2017-02-11]
CHR Extension: (RadioEnhancer) - C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfijnebfkjdclmcedinoknekamigckii [2016-01-24]
CHR Extension: (Pearls Extension) - C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mccffpojdcohdkefnbfhfdcklpcagdlc [2016-01-24]
CHR Extension: (Chrome Web Store Payments) - C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-01-18]
CHR Extension: (Gmail) - C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-01-24]
CHR Extension: (Chrome Media Router) - C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-02-05]
CHR HKLM-x32\...\Chrome\Extension: [daanglpcpkjjlkhcbladppjphglbigam] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [fcoadmpfijfcmokecmkgolhbaeclfage] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx <not found>

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-09-22] (Apple Inc.)
R2 ArqAgent; C:\Program Files (x86)\Haystack Software\Arq 5\ArqAgent.exe [671744 2016-11-28] () [File not signed]
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7142136 2017-02-11] (AVAST Software s.r.o.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [262736 2017-02-11] (AVAST Software)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [3699904 2016-12-28] (Microsoft Corporation)
R2 CrashPlanService; C:\Program Files (x86)\CrashPlan\CrashPlanService.exe [220032 2016-10-17] (Code 42 Software)
R2 Everything; C:\Program Files\Everything\Everything.exe [1441792 2014-08-05] () [File not signed]
R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [373720 2017-01-25] (Intel Corporation)
R2 Leawo_service; C:\Program Files (x86)\Common Files\Appkeys\yytool64.exe [1114608 2015-11-04] ()
R2 ListaryService; C:\Program Files\Listary\ListaryService.exe [271112 2016-05-23] ()
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4317648 2016-12-14] (Malwarebytes)
R2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [76888 2016-05-13] ()
S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [118520 2013-02-28] (Riverbed Technology, Inc.)
R2 SbieSvc; C:\Program Files\Sandboxie\SbieSvc.exe [197776 2016-12-13] (Sandboxie Holdings, LLC)
R2 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [340480 2014-01-05] (IDT, Inc.) [File not signed]
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation)
S2 CG6Service; "C:\Program Files\CyberGhost 6\CyberGhost.Service.exe" [X]

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 aswbidsdriver; C:\WINDOWS\system32\drivers\aswbidsdrivera.sys [309784 2017-02-11] (AVAST Software s.r.o.)
R0 aswbidsh; C:\WINDOWS\system32\drivers\aswbidsha.sys [189768 2017-02-11] (AVAST Software s.r.o.)
R0 aswblog; C:\WINDOWS\system32\drivers\aswbloga.sys [334600 2017-02-11] (AVAST Software s.r.o.)
R0 aswbuniv; C:\WINDOWS\system32\drivers\aswbuniva.sys [48528 2017-02-11] (AVAST Software s.r.o.)
S3 aswHwid; C:\WINDOWS\system32\drivers\aswHwid.sys [38296 2017-02-11] (AVAST Software)
R1 aswKbd; C:\WINDOWS\system32\drivers\aswKbd.sys [32088 2017-02-11] (AVAST Software)
R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [126088 2017-02-11] (AVAST Software)
R1 aswRdr; C:\WINDOWS\system32\drivers\aswRdr2.sys [100640 2017-02-11] (AVAST Software)
R0 aswRvrt; C:\WINDOWS\system32\drivers\aswRvrt.sys [74680 2017-02-11] (AVAST Software)
R1 aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [991496 2017-02-11] (AVAST Software)
R1 aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [547904 2017-02-11] (AVAST Software)
R2 aswStm; C:\WINDOWS\system32\drivers\aswStm.sys [162528 2017-02-11] (AVAST Software)
R0 aswVmm; C:\WINDOWS\system32\drivers\aswVmm.sys [337080 2017-02-11] (AVAST Software)
S3 CMUSBDAC; C:\WINDOWS\system32\DRIVERS\CMUSBDAC.sys [3792904 2016-11-30] (C-MEDIA)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [77408 2017-02-10] ()
R2 MBAMChameleon; C:\WINDOWS\system32\drivers\MBAMChameleon.sys [176064 2017-02-10] (Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\system32\drivers\farflt.sys [102856 2017-02-11] (Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\drivers\mbam.sys [43968 2017-02-11] (Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [250816 2017-02-11] (Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\drivers\mwac.sys [91584 2017-02-11] (Malwarebytes)
R3 MEIx64; C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys [99288 2014-03-31] (Intel Corporation)
S3 monectdevices; C:\WINDOWS\System32\drivers\monectdevices.sys [15768 2015-05-09] ()
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
S3 NPF; C:\WINDOWS\System32\drivers\npf.sys [36600 2013-02-28] (Riverbed Technology, Inc.)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [896768 2016-02-17] (Realtek                                            )
R3 RTWlanE; C:\WINDOWS\System32\drivers\rtwlane.sys [6294016 2017-02-01] (Realtek Semiconductor Corporation                           )
R3 SbieDrv; C:\Program Files\Sandboxie\SbieDrv.sys [205968 2016-12-13] (Sandboxie Holdings, LLC)
R3 ScpVBus; C:\WINDOWS\System32\drivers\ScpVBus.sys [39168 2013-05-19] (Scarlet.Crush Productions)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.)
S3 tapwindscribe0901; C:\WINDOWS\System32\drivers\tapwindscribe0901.sys [40240 2015-12-26] (The OpenVPN Project)
U3 TrueSight; C:\Windows\System32\drivers\TrueSight.sys [28272 2017-02-10] ()
S3 VBoxUSB; C:\WINDOWS\System32\Drivers\VBoxUSB.sys [125008 2015-11-20] (Oracle Corporation)
R1 VBoxUSBMon; C:\WINDOWS\system32\DRIVERS\VBoxUSBMon.sys [127432 2017-01-08] (BigNox Corporation)
R1 VBoxUSBMon; C:\Windows\SysWOW64\DRIVERS\VBoxUSBMon.sys [135912 2017-01-11] (BigNox Corporation)
R1 veracrypt; C:\WINDOWS\System32\drivers\veracrypt.sys [195416 2016-02-03] (IDRIX)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-02-11 16:36 - 2017-02-11 16:36 - 00029845 _____ C:\Users\John\Desktop\FRST.txt
2017-02-11 16:35 - 2017-02-11 16:36 - 00000000 ____D C:\Users\John\Desktop\New folder
2017-02-11 16:27 - 2017-02-11 16:36 - 00000000 ____D C:\FRST
2017-02-11 16:26 - 2017-02-11 16:26 - 02421248 _____ (Farbar) C:\Users\John\Desktop\FRST64 (1).exe
2017-02-11 16:18 - 2017-02-11 16:18 - 00000000 ____D C:\ProgramData\SWCUTemp
2017-02-11 16:14 - 2017-02-11 16:14 - 00398408 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2017-02-11 16:14 - 2017-02-11 16:14 - 00003994 _____ C:\WINDOWS\System32\Tasks\Avast Emergency Update
2017-02-11 16:14 - 2017-02-11 16:12 - 00334600 _____ (AVAST Software s.r.o.) C:\WINDOWS\system32\Drivers\aswbloga.sys
2017-02-11 16:14 - 2017-02-11 16:12 - 00309784 _____ (AVAST Software s.r.o.) C:\WINDOWS\system32\Drivers\aswbidsdrivera.sys
2017-02-11 16:14 - 2017-02-11 16:12 - 00189768 _____ (AVAST Software s.r.o.) C:\WINDOWS\system32\Drivers\aswbidsha.sys
2017-02-11 16:14 - 2017-02-11 16:12 - 00048528 _____ (AVAST Software s.r.o.) C:\WINDOWS\system32\Drivers\aswbuniva.sys
2017-02-10 18:45 - 2017-02-10 18:47 - 00000000 ____D C:\Users\John\AppData\Roaming\ImgBurn
2017-02-10 18:37 - 2017-02-10 18:37 - 00001949 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ImgBurn.lnk
2017-02-10 18:37 - 2017-02-10 18:37 - 00001937 _____ C:\Users\Public\Desktop\ImgBurn.lnk
2017-02-10 18:37 - 2017-02-10 18:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ImgBurn
2017-02-10 18:37 - 2017-02-10 18:37 - 00000000 ____D C:\Program Files (x86)\ImgBurn
2017-02-06 23:38 - 2017-02-06 23:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AutoHotkey
2017-02-06 16:28 - 2017-02-06 16:28 - 00000000 ____D C:\Users\John\AppData\Local\Chromium
2017-02-05 13:55 - 2017-02-05 13:55 - 26122156 _____ C:\Users\John\Documents\est.rar
2017-02-02 22:01 - 2017-02-10 22:01 - 00001940 _____ C:\WINDOWS\Sandboxie.ini
2017-02-02 22:01 - 2017-02-02 22:00 - 00000940 _____ C:\Users\John\Desktop\Sandboxed Web Browser.lnk
2017-02-02 22:00 - 2017-02-02 22:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sandboxie
2017-02-02 21:21 - 2017-02-02 21:21 - 00000866 _____ C:\Users\Public\Desktop\CCleaner.lnk
2017-02-02 20:55 - 2017-02-02 20:55 - 00001231 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2017-02-02 20:55 - 2017-02-02 20:55 - 00001219 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2017-02-02 20:55 - 2017-02-02 20:55 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-02-01 14:35 - 2017-02-01 14:35 - 00000000 ____D C:\WINDOWS\LastGood
2017-02-01 13:57 - 2017-02-01 13:57 - 00000000 ____D C:\notify-183200528
2017-02-01 00:38 - 2017-02-01 00:38 - 06294016 _____ (Realtek Semiconductor Corporation ) C:\WINDOWS\system32\Drivers\rtwlane.sys
2017-02-01 00:38 - 2017-02-01 00:38 - 01164800 _____ (Realtek Semiconductor Corp. ) C:\WINDOWS\system32\Rtlihvs.dll
2017-01-31 23:23 - 2017-02-06 23:39 - 00000467 _____ C:\Users\John\Desktop\Master Setup.ahk
2017-01-28 17:06 - 2017-01-28 17:06 - 00000000 _____ C:\Users\John\Desktop\New Text Document.txt
2017-01-27 15:23 - 2017-01-27 15:23 - 00000000 ____D C:\WINDOWS\LastGood.Tmp
2017-01-27 15:08 - 2016-12-21 00:08 - 00142848 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2017-01-27 15:08 - 2016-12-20 21:44 - 00120320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
2017-01-27 14:59 - 2017-01-27 14:59 - 00000000 ____D C:\WINDOWS\System32\Tasks\AVAST Software
2017-01-27 14:59 - 2017-01-27 14:59 - 00000000 ____D C:\Program Files\Common Files\AV
2017-01-26 16:51 - 2017-02-11 16:17 - 00102856 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2017-01-26 16:51 - 2017-02-11 16:17 - 00091584 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2017-01-26 16:51 - 2017-02-10 10:01 - 00176064 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMChameleon.sys
2017-01-26 16:50 - 2017-02-10 19:49 - 00077408 _____ C:\WINDOWS\system32\Drivers\mbae64.sys
2017-01-26 16:50 - 2017-01-26 16:50 - 00001915 _____ C:\Users\John\Desktop\Malwarebytes.lnk
2017-01-26 16:50 - 2017-01-26 16:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2017-01-26 16:50 - 2017-01-26 16:50 - 00000000 ____D C:\Program Files\Malwarebytes
2017-01-25 04:43 - 2017-01-25 04:43 - 00705024 _____ (Intel Corporation) C:\WINDOWS\system32\MetroIntelGenericUIFramework.dll
2017-01-25 04:42 - 2017-01-25 04:42 - 01027032 _____ C:\WINDOWS\system32\igfxSDK.exe
2017-01-25 04:42 - 2017-01-25 04:42 - 00448472 _____ (Intel Corporation) C:\WINDOWS\system32\IntelCpHDCPSvc.exe
2017-01-25 04:42 - 2017-01-25 04:42 - 00416256 _____ (Intel Corporation) C:\WINDOWS\system32\IntelOpenCL64.dll
2017-01-25 04:42 - 2017-01-25 04:42 - 00390144 _____ (Intel Corporation) C:\WINDOWS\system32\igfxOSP.dll
2017-01-25 04:42 - 2017-01-25 04:42 - 00318464 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\IntelOpenCL32.dll
2017-01-25 04:42 - 2017-01-25 04:42 - 00301528 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\IntelCpHeciSvc.exe
2017-01-25 04:42 - 2017-01-25 04:42 - 00254976 _____ (Intel Corporation) C:\WINDOWS\system32\igfxDTCM.dll
2017-01-25 04:42 - 2017-01-25 04:42 - 00237016 _____ (Intel Corporation) C:\WINDOWS\system32\igfxext.exe
2017-01-25 04:42 - 2017-01-25 04:42 - 00220160 _____ (Intel Corporation) C:\WINDOWS\system32\igfxCoIn_v4549.dll
2017-01-25 04:42 - 2017-01-25 04:42 - 00111616 _____ ( ) C:\WINDOWS\system32\igfxSDKLibv2_0.dll
2017-01-25 04:42 - 2017-01-25 04:42 - 00103936 _____ (Khronos Group) C:\WINDOWS\SysWOW64\Intel_OpenCL_ICD32.dll
2017-01-25 04:42 - 2017-01-25 04:42 - 00100864 _____ ( ) C:\WINDOWS\system32\igfxSDKLib.dll
2017-01-25 04:42 - 2017-01-25 04:42 - 00099840 _____ (Khronos Group) C:\WINDOWS\system32\Intel_OpenCL_ICD64.dll
2017-01-25 04:42 - 2017-01-25 04:42 - 00095232 _____ ( ) C:\WINDOWS\system32\igfxDHLibv2_0.dll
2017-01-25 04:42 - 2017-01-25 04:42 - 00084480 _____ ( ) C:\WINDOWS\system32\igfxDHLib.dll
2017-01-25 04:42 - 2017-01-25 04:42 - 00052736 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfxexps32.dll
2017-01-25 04:42 - 2017-01-25 04:42 - 00029184 _____ ( ) C:\WINDOWS\system32\igfxDILibv2_0.dll
2017-01-25 04:42 - 2017-01-25 04:42 - 00029184 _____ ( ) C:\WINDOWS\system32\igfxDILib.dll
2017-01-25 04:42 - 2017-01-25 04:42 - 00027648 _____ ( ) C:\WINDOWS\system32\igfxEMLibv2_0.dll
2017-01-25 04:42 - 2017-01-25 04:42 - 00027648 _____ ( ) C:\WINDOWS\system32\igfxEMLib.dll
2017-01-25 04:42 - 2017-01-25 04:42 - 00022528 _____ ( ) C:\WINDOWS\system32\igfxLHMLibv2_0.dll
2017-01-25 04:42 - 2017-01-25 04:42 - 00022528 _____ ( ) C:\WINDOWS\system32\igfxLHMLib.dll
2017-01-25 04:41 - 2017-01-25 04:41 - 39863888 _____ (Intel Corporation) C:\WINDOWS\system32\igdumdim64.dll
2017-01-25 04:41 - 2017-01-25 04:41 - 38903920 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdumdim32.dll
2017-01-25 04:41 - 2017-01-25 04:41 - 33479888 _____ (Intel Corporation) C:\WINDOWS\system32\igd11dxva64.dll
2017-01-25 04:41 - 2017-01-25 04:41 - 11753472 _____ (Intel Corporation) C:\WINDOWS\system32\ig75icd64.dll
2017-01-25 04:41 - 2017-01-25 04:41 - 08738304 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\ig75icd32.dll
2017-01-25 04:41 - 2017-01-25 04:41 - 05688832 _____ (Intel Corporation) C:\WINDOWS\system32\igdmcl64.dll
2017-01-25 04:41 - 2017-01-25 04:41 - 05262848 _____ (Intel Corporation) C:\WINDOWS\system32\GfxResources.dll
2017-01-25 04:41 - 2017-01-25 04:41 - 04928000 _____ (Intel Corporation) C:\WINDOWS\system32\igdrcl64.dll
2017-01-25 04:41 - 2017-01-25 04:41 - 04364288 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdrcl32.dll
2017-01-25 04:41 - 2017-01-25 04:41 - 04270696 _____ (Intel Corporation) C:\WINDOWS\system32\igd12umd64.dll
2017-01-25 04:41 - 2017-01-25 04:41 - 04239720 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igd12umd32.dll
2017-01-25 04:41 - 2017-01-25 04:41 - 03971584 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdmcl32.dll
2017-01-25 04:41 - 2017-01-25 04:41 - 02393184 _____ (Intel Corporation) C:\WINDOWS\system32\igdmd64.dll
2017-01-25 04:41 - 2017-01-25 04:41 - 01858656 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdmd32.dll
2017-01-25 04:41 - 2017-01-25 04:41 - 01816736 _____ (Intel Corporation) C:\WINDOWS\system32\iglhsip64.dll
2017-01-25 04:41 - 2017-01-25 04:41 - 01814080 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\iglhsip32.dll
2017-01-25 04:41 - 2017-01-25 04:41 - 01590784 _____ (Intel Corporation) C:\WINDOWS\system32\igfxcmjit64.dll
2017-01-25 04:41 - 2017-01-25 04:41 - 01178624 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfxcmjit32.dll
2017-01-25 04:41 - 2017-01-25 04:41 - 00968152 _____ (Intel Corporation) C:\WINDOWS\system32\Gfxv4_0.exe
2017-01-25 04:41 - 2017-01-25 04:41 - 00964568 _____ (Intel Corporation) C:\WINDOWS\system32\Gfxv2_0.exe
2017-01-25 04:41 - 2017-01-25 04:41 - 00466904 _____ (Intel Corporation) C:\WINDOWS\system32\GfxUIEx.exe
2017-01-25 04:41 - 2017-01-25 04:41 - 00439296 _____ (Intel Corporation) C:\WINDOWS\system32\igdbcl64.dll
2017-01-25 04:41 - 2017-01-25 04:41 - 00388608 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdbcl32.dll
2017-01-25 04:41 - 2017-01-25 04:41 - 00273408 _____ C:\WINDOWS\system32\igfxCPL.cpl
2017-01-25 04:41 - 2017-01-25 04:41 - 00266240 _____ (Intel Corporation) C:\WINDOWS\system32\igdfcl64.dll
2017-01-25 04:41 - 2017-01-25 04:41 - 00242176 _____ (Intel Corporation) C:\WINDOWS\system32\iglhcp64.dll
2017-01-25 04:41 - 2017-01-25 04:41 - 00225280 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdfcl32.dll
2017-01-25 04:41 - 2017-01-25 04:41 - 00223264 _____ (Intel Corporation) C:\WINDOWS\system32\igdde64.dll
2017-01-25 04:41 - 2017-01-25 04:41 - 00205376 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\iglhcp32.dll
2017-01-25 04:41 - 2017-01-25 04:41 - 00193024 _____ (Intel Corporation) C:\WINDOWS\system32\igdail64.dll
2017-01-25 04:41 - 2017-01-25 04:41 - 00184000 _____ (Intel Corporation) C:\WINDOWS\system32\igfxcmrt64.dll
2017-01-25 04:41 - 2017-01-25 04:41 - 00182976 _____ (Intel Corporation) C:\WINDOWS\system32\igfx11cmrt64.dll
2017-01-25 04:41 - 2017-01-25 04:41 - 00181856 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdde32.dll
2017-01-25 04:41 - 2017-01-25 04:41 - 00173568 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdail32.dll
2017-01-25 04:41 - 2017-01-25 04:41 - 00160288 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfxcmrt32.dll
2017-01-25 04:41 - 2017-01-25 04:41 - 00160288 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfx11cmrt32.dll
2017-01-25 04:41 - 2017-01-25 04:41 - 00103424 _____ C:\WINDOWS\system32\igfxCUIServicePS.dll
2017-01-25 04:41 - 2017-01-25 04:41 - 00055264 _____ (Intel Corporation) C:\WINDOWS\system32\igfxexps.dll
2017-01-25 04:40 - 2017-01-25 04:40 - 34825520 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igd11dxva32.dll
2017-01-25 04:40 - 2017-01-25 04:40 - 29101568 _____ (Intel Corporation) C:\WINDOWS\system32\common_clang64.dll
2017-01-25 04:40 - 2017-01-25 04:40 - 19861504 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\common_clang32.dll
2017-01-25 04:40 - 2017-01-25 04:40 - 15488944 _____ (Intel Corporation) C:\WINDOWS\system32\igc64.dll
2017-01-25 04:40 - 2017-01-25 04:40 - 13483216 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igc32.dll
2017-01-25 04:40 - 2017-01-25 04:40 - 00312320 _____ (Intel Corporation) C:\WINDOWS\system32\igd10idpp64.dll
2017-01-25 04:40 - 2017-01-25 04:40 - 00297184 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igd10idpp32.dll
2017-01-25 04:40 - 2017-01-25 04:40 - 00232408 _____ (Intel Corporation) C:\WINDOWS\system32\DPTopologyApp.exe
2017-01-25 04:40 - 2017-01-25 04:40 - 00231896 _____ (Intel Corporation) C:\WINDOWS\system32\DPTopologyAppv2_0.exe
2017-01-25 04:40 - 2017-01-25 04:40 - 00175064 _____ (Intel Corporation) C:\WINDOWS\system32\difx64.exe
2017-01-25 00:35 - 2017-01-25 00:35 - 00004862 _____ C:\WINDOWS\system32\iglhxs64.vp
2017-01-24 18:02 - 2017-01-24 18:02 - 00000000 ____D C:\Program Files\AutoHotkey
2017-01-24 17:56 - 2017-01-24 17:56 - 00001438 _____ C:\Users\John\Desktop\Microsoft Edge - Shortcut.lnk
2017-01-24 10:14 - 2017-02-07 15:13 - 00000000 ____D C:\Users\John\Desktop\work emails
2017-01-24 09:13 - 2017-02-07 19:49 - 00001338 _____ C:\Users\John\Desktop\iMacros 10.lnk
2017-01-24 09:13 - 2017-01-26 18:10 - 00002017 _____ C:\Users\John\Desktop\iMacros for IE.lnk
2017-01-24 09:13 - 2017-01-24 09:13 - 00001199 _____ C:\Users\John\Desktop\iMacros Scripting Interface Sample.lnk
2017-01-24 09:13 - 2017-01-24 09:13 - 00001077 _____ C:\Users\John\Desktop\iMacros Batch Sample.lnk
2017-01-24 09:13 - 2017-01-24 09:13 - 00000775 _____ C:\Users\John\Desktop\Examples.lnk
2017-01-24 09:13 - 2017-01-24 09:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iMacros
2017-01-24 09:13 - 2017-01-24 09:13 - 00000000 ____D C:\Program Files\Ipswitch
2017-01-24 09:13 - 2017-01-24 09:13 - 00000000 ____D C:\Program Files (x86)\Ipswitch
2017-01-23 19:56 - 2017-01-23 19:56 - 00000000 ____D C:\Users\John\Desktop\Imacros software browser
2017-01-23 16:04 - 2017-01-24 10:55 - 00011874 _____ C:\Users\John\Desktop\Google Voice Numbers.xlsx
2017-01-21 19:17 - 2017-01-21 19:25 - 00000000 ____D C:\Users\John\AppData\Local\Amazon
2017-01-21 19:17 - 2017-01-21 19:17 - 00000000 ____D C:\Users\John\Documents\My Kindle Content
2017-01-20 19:19 - 2010-06-02 04:55 - 00527192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_7.dll
2017-01-20 19:19 - 2010-06-02 04:55 - 00518488 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_7.dll
2017-01-20 19:19 - 2010-06-02 04:55 - 00077656 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_5.dll
2017-01-20 19:19 - 2010-06-02 04:55 - 00074072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_5.dll
2017-01-20 19:19 - 2007-04-04 18:54 - 00107368 _____ (Microsoft Corporation) C:\WINDOWS\system32\xinput1_3.dll
2017-01-20 19:19 - 2007-04-04 18:53 - 00081768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xinput1_3.dll
2017-01-15 18:19 - 2017-01-15 18:20 - 04690468 _____ C:\Users\John\Documents\Dividend Stocks For Dummies(BookZZ.org).pdf
2017-01-13 21:57 - 2015-12-18 23:41 - 00573952 _____ () C:\Users\John\Desktop\DS4Updater.exe
2017-01-13 20:19 - 2017-01-13 20:19 - 00000000 ____D C:\Users\John\AppData\Roaming\tiger-k
2017-01-13 20:19 - 2017-01-13 20:19 - 00000000 ____D C:\Users\John\AppData\Roaming\Leawo
2017-01-13 20:19 - 2017-01-13 20:19 - 00000000 ____D C:\Users\John\AppData\Roaming\com.leawo.imediago
2017-01-13 20:19 - 2017-01-13 20:19 - 00000000 ____D C:\Users\John\AppData\Local\Leawo
2017-01-13 20:19 - 2017-01-13 20:19 - 00000000 ____D C:\ProgramData\Leawo
2017-01-13 20:01 - 2017-01-13 20:01 - 00000000 ____D C:\Users\John\AppData\Local\Apple Computer
2017-01-13 19:58 - 2017-01-13 19:58 - 00000000 ____D C:\WINDOWS\System32\Tasks\Apple
2017-01-13 19:58 - 2017-01-13 19:58 - 00000000 ____D C:\Program Files\Bonjour
2017-01-13 19:58 - 2017-01-13 19:58 - 00000000 ____D C:\Program Files (x86)\Bonjour
2017-01-13 19:58 - 2017-01-13 19:58 - 00000000 ____D C:\Program Files (x86)\Apple Software Update
2017-01-13 19:57 - 2017-01-13 20:24 - 00000000 ____D C:\Program Files\Common Files\Apple
2017-01-13 06:39 - 2017-01-13 06:39 - 00000000 ____D C:\Program Files\Common Files\DESIGNER
2017-01-12 17:27 - 2017-02-02 22:04 - 00001286 _____ C:\Users\John\Desktop\Internet Explorer.lnk

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-02-11 16:32 - 2016-08-11 21:26 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2017-02-11 16:23 - 2016-01-24 10:53 - 02594948 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-02-11 16:19 - 2016-02-01 13:10 - 00000000 ___RD C:\Users\John\odrive
2017-02-11 16:18 - 2016-07-17 06:11 - 00000000 ____D C:\Temp
2017-02-11 16:17 - 2016-08-11 21:49 - 00004000 _____ C:\WINDOWS\System32\Tasks\SafeZone scheduled Autoupdate 1458712122
2017-02-11 16:17 - 2016-08-11 21:49 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-02-11 16:17 - 2016-08-11 21:29 - 00000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2017-02-11 16:17 - 2016-04-13 18:49 - 00000000 ____D C:\Program Files (x86)\Haystack Software
2017-02-11 16:17 - 2016-03-22 22:48 - 00001091 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast SafeZone Browser.lnk
2017-02-11 16:17 - 2016-01-24 12:28 - 00250816 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2017-02-11 16:17 - 2016-01-24 11:42 - 00043968 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2017-02-11 16:17 - 2014-12-12 13:00 - 00000000 __SHD C:\Users\John\IntelGraphicsProfiles
2017-02-11 16:16 - 2016-08-11 21:33 - 00000000 ____D C:\Users\John
2017-02-11 16:16 - 2016-07-15 23:04 - 01310720 _____ C:\WINDOWS\system32\config\BBI
2017-02-11 16:14 - 2016-01-24 11:40 - 00547904 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2017-02-11 16:14 - 2016-01-24 11:40 - 00337080 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswvmm.sys.148685489729604
2017-02-11 16:14 - 2016-01-24 11:40 - 00337080 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswvmm.sys
2017-02-11 16:14 - 2016-01-24 11:40 - 00162528 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2017-02-11 16:14 - 2016-01-24 11:40 - 00126088 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2017-02-11 16:14 - 2016-01-24 11:40 - 00074680 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2017-02-11 16:14 - 2016-01-24 11:40 - 00038296 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHwid.sys
2017-02-11 16:13 - 2016-03-22 22:48 - 00032088 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2017-02-11 16:13 - 2016-01-24 11:40 - 00991496 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2017-02-11 16:13 - 2016-01-24 11:40 - 00100640 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2017-02-11 16:10 - 2014-12-22 18:46 - 00000000 ____D C:\Users\John\AppData\LocalLow\LastPass
2017-02-11 16:07 - 2016-01-24 11:18 - 00000000 ____D C:\Users\John\AppData\Local\ClassicShell
2017-02-11 16:05 - 2016-12-23 10:02 - 00000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2017-02-11 16:04 - 2016-07-14 14:18 - 00000000 ____D C:\Program Files\CyberGhost 6
2017-02-11 16:03 - 2016-01-24 12:45 - 00000000 ____D C:\Users\John\AppData\Roaming\Everything
2017-02-11 15:51 - 2016-09-25 02:02 - 00000000 ____D C:\Users\John\AppData\LocalLow\Mozilla
2017-02-11 15:44 - 2016-01-24 14:39 - 00000000 ____D C:\Users\John\AppData\Local\JDownloader v2.0
2017-02-11 12:09 - 2016-04-29 18:17 - 00000000 ____D C:\Users\John\Desktop\gls
2017-02-11 09:31 - 2016-10-27 14:50 - 00000000 ____D C:\Users\John\Documents\Python Projects
2017-02-11 09:31 - 2016-10-26 20:13 - 00000000 ____D C:\Users\John\AppData\Roaming\jupyter
2017-02-11 09:30 - 2016-10-26 19:37 - 00000000 ____D C:\Users\John\.matplotlib
2017-02-11 08:45 - 2016-11-03 19:32 - 00000000 ____D C:\Users\John\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Anaconda3 (64-bit)
2017-02-11 08:45 - 2016-11-03 19:26 - 00000000 ____D C:\Users\John\Anaconda3
2017-02-11 08:27 - 2016-02-10 21:31 - 00000000 ____D C:\Users\John\AppData\Local\CrashDumps
2017-02-11 00:06 - 2016-01-24 13:24 - 00000000 ____D C:\ProgramData\Arq
2017-02-10 18:33 - 2016-07-16 04:47 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-02-10 17:46 - 2016-03-25 18:39 - 00000000 ____D C:\AdwCleaner
2017-02-10 17:46 - 2016-02-02 17:19 - 00028272 _____ C:\WINDOWS\system32\Drivers\TrueSight.sys
2017-02-10 09:18 - 2016-02-02 17:36 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2017-02-09 18:26 - 2016-07-16 04:47 - 00000000 ___HD C:\Program Files\WindowsApps
2017-02-09 11:48 - 2016-01-24 14:37 - 00000000 ____D C:\Users\John\AppData\Roaming\vlc
2017-02-08 22:19 - 2016-12-18 12:13 - 00000600 _____ C:\Users\John\AppData\Local\PUTTY.RND
2017-02-08 17:24 - 2016-11-22 20:07 - 00000233 _____ C:\Users\John\Desktop\QQQ.csv
2017-02-08 17:23 - 2015-11-10 16:25 - 00010735 _____ C:\Users\John\Desktop\SHORTZ.xlsx
2017-02-08 16:25 - 2014-12-12 16:53 - 00001838 _____ C:\Users\John\Desktop\always_on_top.ahk
2017-02-08 13:32 - 2014-12-12 16:53 - 00000000 ____D C:\Users\John\Desktop\ahk scripts
2017-02-08 12:39 - 2016-05-21 17:25 - 00000000 ____D C:\Users\John\Desktop\Sikuli
2017-02-08 12:20 - 2016-01-24 10:56 - 00000000 ____D C:\Users\John\AppData\Local\Packages
2017-02-07 12:59 - 2014-12-12 16:09 - 00000000 ____D C:\Users\John\Documents\Software
2017-02-06 16:28 - 2016-03-23 11:35 - 00002459 _____ C:\Users\John\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\InsomniacBrowser.lnk
2017-02-06 16:28 - 2016-03-23 11:35 - 00002451 _____ C:\Users\John\Desktop\InsomniacBrowser.lnk
2017-02-06 16:28 - 2016-03-23 11:35 - 00000000 ____D C:\Users\John\AppData\Local\InsomniacBrowser
2017-02-05 23:28 - 2016-03-25 20:14 - 00000000 ____D C:\Users\John\AppData\Roaming\qBittorrent
2017-02-04 12:24 - 2014-12-12 16:53 - 00000000 ___RD C:\Users\John\Desktop\Patterns
2017-02-04 11:59 - 2016-07-16 04:47 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2017-02-02 22:00 - 2016-01-24 11:18 - 00000000 ____D C:\Program Files\Sandboxie
2017-02-02 21:53 - 2016-09-21 17:21 - 00000000 ____D C:\Users\John\AppData\Roaming\Mozilla
2017-02-02 20:55 - 2016-11-18 00:44 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-02-02 16:42 - 2016-01-24 11:15 - 00002275 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-02-02 14:37 - 2016-01-24 11:42 - 00000000 ____D C:\ProgramData\Malwarebytes
2017-02-02 14:04 - 2015-01-24 13:48 - 00001718 _____ C:\Users\John\Desktop\tom bernstein.txt
2017-02-02 11:33 - 2016-07-16 04:45 - 00000000 ____D C:\WINDOWS\INF
2017-01-31 08:18 - 2014-12-22 20:11 - 00000000 ____D C:\Users\John\Documents\Files
2017-01-30 22:46 - 2016-12-29 08:56 - 00001052 _____ C:\Users\John\Documents\microsoft stumbles.txt
2017-01-28 17:40 - 2016-05-11 14:40 - 00000000 ____D C:\Users\John\AppData\Roaming\OBS
2017-01-28 17:20 - 2016-01-24 15:07 - 00000000 ____D C:\Users\John\AppData\Roaming\Audacity
2017-01-28 13:41 - 2014-12-12 17:16 - 00000000 ____D C:\Users\John\Documents\pics
2017-01-28 11:48 - 2016-07-17 06:09 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2017-01-27 15:23 - 2016-08-11 21:29 - 00000200 _____ C:\WINDOWS\system32\{EC94D02F-D200-4428-9531-05AF7F9799CB}.bat
2017-01-27 15:22 - 2016-07-16 04:36 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-01-27 14:54 - 2016-12-17 08:24 - 00003266 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task v2
2017-01-27 14:54 - 2016-01-24 10:59 - 00002363 _____ C:\Users\John\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-01-27 14:54 - 2015-09-23 06:59 - 00000000 __RDO C:\Users\John\OneDrive
2017-01-27 14:50 - 2016-02-01 08:47 - 00000830 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2017-01-26 18:10 - 2016-08-12 11:14 - 00001179 _____ C:\Users\John\Desktop\HitFilm 4 Express.lnk
2017-01-26 18:10 - 2016-07-25 12:25 - 00001990 _____ C:\Users\John\Desktop\Resolve.lnk
2017-01-26 18:10 - 2016-07-04 10:10 - 00001021 _____ C:\Users\John\Desktop\Listary.lnk
2017-01-26 18:10 - 2016-06-26 19:52 - 00001589 _____ C:\Users\John\Desktop\mameuifx64.exe - Shortcut.lnk
2017-01-26 18:10 - 2016-06-13 11:05 - 00001182 _____ C:\Users\John\Desktop\Documents - Shortcut.lnk
2017-01-26 18:10 - 2016-05-29 15:09 - 00000946 _____ C:\Users\John\Desktop\LaunchBox.lnk
2017-01-26 18:10 - 2016-05-11 14:39 - 00001007 _____ C:\Users\John\Desktop\Open Broadcaster Software.lnk
2017-01-26 18:10 - 2016-04-07 15:24 - 00001893 _____ C:\Users\John\Desktop\Ros Jeffries -  DC 2000 - Shortcut.lnk
2017-01-26 18:10 - 2016-02-01 13:18 - 00000965 _____ C:\Users\John\Desktop\Start odrive.lnk
2017-01-26 18:10 - 2016-01-25 15:34 - 00001079 _____ C:\Users\John\Desktop\Audacity.lnk
2017-01-26 18:10 - 2016-01-24 14:58 - 00001079 _____ C:\Users\John\Desktop\Electrum.lnk
2017-01-26 18:10 - 2016-01-24 14:41 - 00002181 _____ C:\Users\John\Desktop\JDownloader 2.lnk
2017-01-26 18:10 - 2016-01-24 12:45 - 00001061 _____ C:\Users\John\Desktop\Search Everything.lnk
2017-01-26 18:10 - 2014-12-12 15:48 - 00000903 _____ C:\Users\John\Desktop\Downloads - Shortcut.lnk
2017-01-25 14:25 - 2016-12-25 13:26 - 00001289 _____ C:\Users\John\Desktop\torrents.txt
2017-01-25 04:42 - 2016-08-11 21:28 - 00103936 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.DLL
2017-01-25 04:42 - 2016-08-11 21:28 - 00099840 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.DLL
2017-01-25 04:42 - 2016-05-27 14:50 - 02142208 _____ (Intel Corporation) C:\WINDOWS\system32\igfxLHM.dll
2017-01-25 04:42 - 2016-05-27 14:50 - 00401880 _____ C:\WINDOWS\system32\igfxTray.exe
2017-01-25 04:42 - 2016-05-27 14:50 - 00399360 _____ (Intel Corporation) C:\WINDOWS\system32\igfxDI.dll
2017-01-25 04:42 - 2016-05-27 14:50 - 00354776 _____ (Intel Corporation) C:\WINDOWS\system32\igfxEM.exe
2017-01-25 04:42 - 2016-05-27 14:50 - 00268760 _____ (Intel Corporation) C:\WINDOWS\system32\igfxHK.exe
2017-01-25 04:41 - 2016-05-27 14:53 - 06696840 _____ (Intel Corporation) C:\WINDOWS\system32\igdusc64.dll
2017-01-25 04:41 - 2016-05-27 14:53 - 05140488 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdusc32.dll
2017-01-25 04:41 - 2016-05-27 14:50 - 07969752 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\igdkmd64.sys
2017-01-25 04:41 - 2016-05-27 14:50 - 00756736 _____ (Intel Corporation) C:\WINDOWS\system32\igfxDH.dll
2017-01-25 04:41 - 2016-05-27 14:50 - 00373720 _____ (Intel Corporation) C:\WINDOWS\system32\igfxCUIService.exe
2017-01-25 04:40 - 2016-05-27 14:53 - 16446352 _____ (Intel Corporation) C:\WINDOWS\system32\igd10iumd64.dll
2017-01-25 04:40 - 2016-05-27 14:53 - 13056560 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igd10iumd32.dll
2017-01-24 18:02 - 2016-01-24 11:16 - 00000000 ____D C:\WINDOWS\ShellNew
2017-01-24 14:29 - 2016-07-16 10:19 - 00000346 _____ C:\Users\John\Documents\Music download sites.txt
2017-01-24 10:48 - 2016-05-12 20:37 - 00000000 ____D C:\Program Files (x86)\Steam
2017-01-24 09:13 - 2015-09-08 07:52 - 00000000 ____D C:\Users\John\Documents\iMacros
2017-01-23 19:00 - 2016-08-26 11:12 - 00000000 ____D C:\Users\John\AppData\Roaming\MacroCreator
2017-01-21 12:09 - 2015-11-10 13:55 - 00000000 ____D C:\Users\John\Documents\Short TBDs
2017-01-21 10:24 - 2016-07-16 04:47 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed
2017-01-21 10:24 - 2016-07-16 04:47 - 00000000 ____D C:\WINDOWS\system32\Macromed
2017-01-21 09:20 - 2016-04-22 08:40 - 00000892 _____ C:\WINDOWS\Tasks\Adobe Flash Player PPAPI Notifier.job
2017-01-20 19:25 - 2016-05-29 14:42 - 00000000 ____D C:\Users\John\Documents\RetroArch
2017-01-20 19:19 - 2016-05-29 14:50 - 00000000 ____D C:\Users\John\LaunchBox
2017-01-20 19:18 - 2016-05-29 14:50 - 00000000 ____D C:\Users\John\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\LaunchBox
2017-01-18 20:05 - 2016-11-16 15:15 - 00013752 _____ C:\Users\John\Documents\Dr visits. billing insurance payment .xlsx
2017-01-18 19:41 - 2015-09-13 21:46 - 00002993 _____ C:\Users\John\Desktop\phone project.txt
2017-01-17 19:34 - 2016-01-29 16:20 - 00097856 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2017-01-17 19:34 - 2016-01-29 16:20 - 00000000 ____D C:\ProgramData\Oracle
2017-01-17 19:34 - 2016-01-29 16:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2017-01-17 19:34 - 2016-01-26 18:51 - 00000000 ____D C:\Program Files (x86)\Java
2017-01-15 07:27 - 2016-08-11 21:49 - 00004030 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player PPAPI Notifier
2017-01-15 07:27 - 2016-02-01 08:46 - 00000000 ____D C:\Users\John\AppData\Local\Adobe
2017-01-13 21:57 - 2016-06-01 20:30 - 00000000 ____D C:\Users\John\AppData\Roaming\DS4Windows
2017-01-13 20:05 - 2016-07-26 08:30 - 00000000 ____D C:\Users\John\AppData\Roaming\Apple Computer
2017-01-13 20:00 - 2016-07-25 12:21 - 00000000 ____D C:\ProgramData\Apple Computer
2017-01-13 19:58 - 2016-07-25 11:15 - 00002535 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2017-01-13 19:58 - 2016-07-25 11:15 - 00000000 ____D C:\ProgramData\Apple
2017-01-13 06:40 - 2016-07-16 04:47 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2017-01-13 06:39 - 2016-07-16 04:47 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2017-01-13 06:39 - 2016-01-24 11:52 - 00000000 ____D C:\Program Files\Microsoft Office
2017-01-12 22:36 - 2016-07-16 04:47 - 00000000 ____D C:\WINDOWS\rescache
2017-01-12 06:27 - 2014-12-12 12:56 - 00000000 __RHD C:\Users\Public\AccountPictures
2017-01-12 00:14 - 2016-08-11 21:26 - 00337064 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-01-12 00:13 - 2016-07-16 04:47 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2017-01-12 00:13 - 2016-07-16 04:47 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2017-01-12 00:13 - 2016-07-16 04:47 - 00000000 ____D C:\WINDOWS\system32\oobe
2017-01-12 00:13 - 2016-07-16 04:47 - 00000000 ____D C:\WINDOWS\ShellExperiences
2017-01-12 00:13 - 2016-07-16 04:47 - 00000000 ____D C:\WINDOWS\Provisioning

==================== Files in the root of some directories =======

2016-03-22 10:57 - 2016-03-22 10:58 - 0004536 _____ () C:\Users\John\AppData\Roaming\CamStudio.cfg
2016-03-22 10:50 - 2016-03-22 10:59 - 0000096 _____ () C:\Users\John\AppData\Roaming\version2.xml
2016-12-18 12:13 - 2017-02-08 22:19 - 0000600 _____ () C:\Users\John\AppData\Local\PUTTY.RND
2016-03-25 20:14 - 2016-03-25 20:14 - 0000752 _____ () C:\Users\John\AppData\Local\recently-used.xbel
2016-08-18 12:57 - 2016-08-18 12:57 - 0000057 _____ () C:\ProgramData\Ament.ini

Some files in TEMP:
====================
2017-02-10 09:18 - 2016-11-11 03:13 - 1886344 _____ (Microsoft Corporation) C:\Users\John\AppData\Local\Temp\dllnt_dump.dll

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2017-02-08 22:24

==================== End of FRST.txt ============================

Addition.txt

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.