Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

virus won't die


  • This topic is locked This topic is locked
13 replies to this topic

#1 applepieofdeath

applepieofdeath

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:54 PM

Posted 22 November 2016 - 06:30 AM

First of all, I would like to apologize for not thanking for the assistance given during this thread: http://www.bleepingcomputer.com/forums/t/629591/need-confirmation/

 

Anyway my computer has been excessively slow recently so I ran my usual scans, (rkill>malwarebytes+rogue killer+dr. web cureit>spybot s&d>JRT>adware cleaner>eset). Rogue killer is the only program to find multiple infections and while it killed many, it reported a failure to kill a few dangerously labeled results. Scanning multiple times still eventually ends with the same result and the the detection count seems to come back every time.

Attached Files



BC AdBot (Login to Remove)

 


#2 Starbuck

Starbuck

    'r Brudiwr


  • Malware Response Team
  • 4,150 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Midlands, UK
  • Local time:03:54 AM

Posted 25 November 2016 - 05:04 PM

Hi applepieofdeath

Please take note of the following:

1. Please do not run any other tools unless instructed.
2. Please don't install or uninstall anything unless asked.
3. The cleaning process is not instant. Please continue to review my answers until I tell you that your computer is clean.
4. If there's anything that you don't understand, please ask your question(s) before proceeding with the fixes.
5. Please reply to this thread. Do not start a new topic.
6. Please follow steps in the correct order.

Step 1
This is not helping you at all:

Trend Micro Antivirus+
Spybot - Search & Destroy
Ad-Aware Antivirus


It is not recommend that you have more than one anti virus product installed and running on your computer at a time.
The reason for this is that if these products have their automatic (Real-Time) protection switched on, then those products which do not encrypt the virus strings within them can cause other anti virus products to cause "false alarms".
It can also lead to a clash as these products fight for access to files which are opened again this is the resident/automatic protection.
In general terms, having more than one AntiVirus program may conflict and cause:
1) False Alarms: When the anti virus software tells you that your PC has a virus when it actually doesn't.
2) System Performance Problems: Your system may lock up due to these products attempting to access the same file at the same time.

Trend Micro Antivirus is by far the best AV that you have installed......
Therefore please go to add/remove in the control panel and remove Ad-Aware Antivirus and Spybot - Search & Destroy.

Reboot your system once the AV's have been removed.


Step 2
QuickTime

Please uninstall Quicktime for Windows.

It is now a security risk:
Apple is deprecating QuickTime for Microsoft Windows.
They will no longer be issuing security updates for the product on the Windows Platform and as such they recommend users uninstall it.

And because Apple is no longer providing security updates for QuickTime on Windows, the present vulnerabilities are never going to be patched.


Step 3
Do you know what these programs are? (they are showing in your uninstall list )

“Œ•û¯˜@‘D ver 1.00a (HKLM-x32\...\“Œ•û¯˜@‘D_is1) (Version: - )
ƒOƒŠ[ƒtƒVƒ“ƒhƒ[ƒ€ Ver1.10 (HKLM-x32\...\{AD9E5D61-0EBB-4472-8DA9-359560FB6988}}_is1) (Version: - ‰©¨ƒtƒƒ“ƒeƒBƒA)
東方地霊殿 ver 1.00a (HKLM-x32\...\東方地霊殿_is1) (Version: - )

If not.... see if they will uninstall.


Step 4
When these steps are completed, please let me have a fresh set of FRST reports.

Please re-run FRST.
  • Make sure that Addition.txt is selected at the bottom
  • Press Scan button.

    newfrst_zpsa63ffa3d.png
  • It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
  • It will also make another log (Addition.txt). Please copy and paste it to your reply also.
In your next reply, please submit:
2 new reports from FRST


Thanks.

Edited by Starbuck, 25 November 2016 - 05:06 PM.

BBPP6nz.png


#3 applepieofdeath

applepieofdeath
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:54 PM

Posted 25 November 2016 - 09:53 PM

Step 1: All done, my trend-micro is actually an expired free-trial, should i also uninstall it or keep it for the scanner portion?

 

Step 2: Done.

 

Step 3: I forgot what the second was but 1 and 3 are Japanese programs and I vaguely remember #2 being one as well. Regardless, attempting to uninstall gave an error message that stated the program might have already been uninstalled followed by a prompt to remove from program list. They were removed without any harm caused to the aforementioned programs.

 

step 4:

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 23-11-2016
Ran by applepieofdeath (administrator) on STEVE (26-11-2016 11:33:00)
Running from C:\Users\applepieofdeath\Desktop\anti-virus\FRST
Loaded Profiles: applepieofdeath (Available Profiles: applepieofdeath & Administrator & DefaultAppPool)
Platform: Windows 10 Home Version 1607 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(Trend Micro Inc.) C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro\UniClient\UiFrmwrk\uiWatchDog.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe
(Lenovo) C:\Program Files\Lenovo\Power Dial\LenovoCOMSvc.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro\Titanium\plugin\Pt\PtSvcHost.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\nvwirelesscontroller.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(SoftEther VPN Project at University of Tsukuba, Japan.) C:\Program Files\SoftEther VPN Client\vpnclient_x64.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro\Titanium\plugin\Pt\PtWatchDog.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro\AMSP\coreFrameworkHost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.31.5\GoogleCrashHandler.exe
() C:\Windows\SysWOW64\UMonit.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.31.5\GoogleCrashHandler64.exe
(SoftEther VPN Project at University of Tsukuba, Japan.) C:\Program Files\SoftEther VPN Client\vpnclient_x64.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro\Titanium\plugin\Pt\PtSessionAgent.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro\UniClient\UiFrmwrk\uiSeAgnt.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Akamai Technologies, Inc.) C:\Users\applepieofdeath\AppData\Local\Akamai\netsession_win.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet Pro 8600\Bin\ScanToPCActivationApp.exe
(Dropbox, Inc.) C:\Users\applepieofdeath\AppData\Local\Dropbox\Update\DropboxUpdate.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Electronic Arts) C:\Program Files (x86)\Origin\Origin.exe
(Akamai Technologies, Inc.) C:\Users\applepieofdeath\AppData\Local\Akamai\netsession_win.exe
(SoftEther VPN Project at University of Tsukuba, Japan.) C:\Program Files\SoftEther VPN Client\vpncmgr_x64.exe
(JME) C:\Program Files (x86)\jmesoft\hotkey.exe
(Dropbox, Inc.) C:\Users\applepieofdeath\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Lenovo) C:\Program Files\Lenovo\Power Dial\LitModeSwitch.exe
(CyberLink) C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc.exe
(Lenovo) C:\Program Files\Lenovo\Power Dial\LitModeCtrl.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet Pro 8600\Bin\HPNetworkCommunicator.exe
(Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Elements 10 Organizer\PhotoshopElementsFileAgent.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
() C:\Program Files (x86)\Origin\QtWebEngineProcess.exe
() C:\Program Files (x86)\Origin\QtWebEngineProcess.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.9.261.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe
 
 
==================== Registry (Whitelisted) ====================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11057768 2010-07-06] (Realtek Semiconductor)
HKLM\...\Run: [UMonit] => C:\windows\SysWOW64\UMonit.exe [28672 2010-12-01] ()
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [499608 2011-06-17] (Adobe Systems Incorporated)
HKLM\...\Run: [SoftEther VPN Client UI Helper] => C:\Program Files\SoftEther VPN Client\vpnclient_x64.exe [5250280 2015-10-23] (SoftEther VPN Project at University of Tsukuba, Japan.)
HKLM\...\Run: [Trend Micro Client Framework] => C:\Program Files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe [256744 2016-07-25] (Trend Micro Inc.)
HKLM\...\Run: [Platinum] => C:\Program Files\Trend Micro\Titanium\plugin\Pt\PtSessionAgent.exe [1266176 2016-07-25] (Trend Micro Inc.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [176440 2016-10-13] (Apple Inc.)
HKLM\...\Run: [ShadowPlay] => "C:\WINDOWS\system32\rundll32.exe" C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [jmekey] => C:\Program Files (x86)\jmesoft\hotkey.exe [114688 2009-07-17] (JME)
HKLM-x32\...\Run: [ModeSwitch] => C:\Program Files\Lenovo\Power Dial\LitModeSwitch.exe [163840 2010-09-27] (Lenovo)
HKLM-x32\...\Run: [Lenovo Dynamic Brightness System] => C:\Program Files\Lenovo\Lenovo Brightness System\Lenovo Dynamic Brightness System.exe [285696 2010-10-09] (Lenovo)
HKLM-x32\...\Run: [Lenovo Eye Distance System] => C:\Program Files\Lenovo\Lenovo Eye Distance System\Lenovo Eye Distance System.exe [265216 2010-09-10] (Lenovo)
HKLM-x32\...\Run: [CLMLServer] => C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc.exe [103720 2009-12-05] (CyberLink)
HKLM-x32\...\Run: [UpdateP2GoShortCut] => C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [222504 2009-05-20] (CyberLink Corp.)
HKLM-x32\...\Run: [UpdatePRCShortCut] => C:\Program Files\Lenovo\OneKey App\Lenovo Rescue System\MUITransfer\MUIStartMenu.exe [222504 2009-05-14] (CyberLink Corp.)
HKLM-x32\...\Run: [SetDefaultSCR] => C:\Program Files (x86)\Lenovo\Lenovo Screensaver\SetDefaultSCR.exe [102400 2009-12-31] (Lenovo)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [67384 2016-10-05] (Apple Inc.)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [49208 2011-10-29] (Hewlett-Packard)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2016-09-22] (Oracle Corporation)
HKU\S-1-5-21-2113719894-2314059281-1428513383-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\Steam.exe [2860832 2016-10-13] (Valve Corporation)
HKU\S-1-5-21-2113719894-2314059281-1428513383-1001\...\Run: [Akamai NetSession Interface] => C:\Users\applepieofdeath\AppData\Local\Akamai\netsession_win.exe [4691384 2015-09-10] (Akamai Technologies, Inc.)
HKU\S-1-5-21-2113719894-2314059281-1428513383-1001\...\Run: [HP Officejet Pro 8600 (NET)] => C:\Program Files\HP\HP Officejet Pro 8600\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.)
HKU\S-1-5-21-2113719894-2314059281-1428513383-1001\...\Run: [Dropbox Update] => C:\Users\applepieofdeath\AppData\Local\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-05] (Dropbox, Inc.)
HKU\S-1-5-21-2113719894-2314059281-1428513383-1001\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3044848 2016-11-23] (Electronic Arts)
HKU\S-1-5-21-2113719894-2314059281-1428513383-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4557504 2016-10-06] (Disc Soft Ltd)
HKU\S-1-5-21-2113719894-2314059281-1428513383-1001\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.)
HKU\S-1-5-21-2113719894-2314059281-1428513383-1001\...\RunOnce: [Uninstall C:\Users\applepieofdeath\AppData\Local\Microsoft\OneDrive\17.3.6390.0509_1\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\applepieofdeath\AppData\Local\Microsoft\OneDrive\17.3.6390.0509_1\amd64"
HKU\S-1-5-21-2113719894-2314059281-1428513383-1001\...\RunOnce: [Uninstall C:\Users\applepieofdeath\AppData\Local\Microsoft\OneDrive\17.3.6390.0509_1] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\applepieofdeath\AppData\Local\Microsoft\OneDrive\17.3.6390.0509_1"
HKU\S-1-5-21-2113719894-2314059281-1428513383-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> 
ShellIconOverlayIdentifiers: [  FSOverlayIcon] -> {C0829D19-E5A0-44F5-B56E-D15030C53BB9} => C:\Program Files\Trend Micro\Titanium\plugin\TmOverlayIcon.dll [2016-07-25] (Trend Micro Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SoftEther VPN Client Manager Startup.lnk [2015-10-23]
ShortcutTarget: SoftEther VPN Client Manager Startup.lnk -> C:\Program Files\SoftEther VPN Client\vpncmgr_x64.exe (SoftEther VPN Project at University of Tsukuba, Japan.)
Startup: C:\Users\applepieofdeath\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2016-11-12]
ShortcutTarget: Dropbox.lnk -> C:\Users\applepieofdeath\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\applepieofdeath\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Monitor Ink Alerts - .lnk [2015-05-11]
ShortcutTarget: Monitor Ink Alerts - .lnk -> C:\Program Files\HP\HP Officejet Pro 8600\Bin\HPStatusBL.dll (Hewlett-Packard Co.)
Startup: C:\Users\applepieofdeath\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Monitor Ink Alerts - HP Officejet Pro 8600 (Network).lnk [2015-11-28]
ShortcutTarget: Monitor Ink Alerts - HP Officejet Pro 8600 (Network).lnk -> C:\Program Files\HP\HP Officejet Pro 8600\Bin\HPStatusBL.dll (Hewlett-Packard Co.)
BootExecute: autocheck autochk * sdnclean64.exe
GroupPolicy: Restriction - Chrome <======= ATTENTION
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{a6586540-6da1-45ab-b6d7-038e72de0ba8}: [DhcpNameServer] 192.168.1.1
 
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-2113719894-2314059281-1428513383-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-2113719894-2314059281-1428513383-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
BHO: Trend Micro Security Toolbar Helper -> {43C6D902-A1C5-45c9-91F6-FD9E90337E18} -> C:\Program Files\Trend Micro\Titanium\plugin\ToolbarIE64\ToolbarIE.dll [2016-07-25] (Trend Micro Inc.)
BHO: Trend Micro Network Filter Plugin -> {959A5673-7971-48e6-AF54-58F745AC4ABC} -> C:\Program Files\Trend Micro\AMSP\module\20013\5.0.1307\2.7.1067\TmopIEPlg.dll [2016-04-26] (Trend Micro Inc.)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-28] (Google Inc.)
BHO: Trend Micro IE Protection -> {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} -> C:\Program Files\Trend Micro\AMSP\module\20002\9.2.1026\9.2.1026\TmBpIe64.dll [2016-06-29] (Trend Micro Inc.)
BHO-x32: Trend Micro Security Toolbar Helper -> {43C6D902-A1C5-45c9-91F6-FD9E90337E18} -> C:\Program Files\Trend Micro\Titanium\UIFramework\ToolbarIE.dll [2016-07-25] (Trend Micro Inc.)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\ssv.dll [2016-11-03] (Oracle Corporation)
BHO-x32: Trend Micro Network Filter Plugin -> {959A5673-7971-48e6-AF54-58F745AC4ABC} -> C:\Program Files\Trend Micro\AMSP\module\20013\5.0.1307\2.7.1067\TmopIEPlg32.dll [2016-04-26] (Trend Micro Inc.)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-28] (Google Inc.)
BHO-x32: Trend Micro IE Protection -> {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} -> C:\Program Files\Trend Micro\AMSP\module\20002\9.2.1026\9.2.1026\TmBpIe32.dll [2016-06-29] (Trend Micro Inc.)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\jp2ssv.dll [2016-11-03] (Oracle Corporation)
Toolbar: HKLM - Trend Micro Security Toolbar - {CCAC5586-44D7-4c43-B64A-F042461A97D2} - C:\Program Files\Trend Micro\Titanium\plugin\ToolbarIE64\ToolbarIE.dll [2016-07-25] (Trend Micro Inc.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-28] (Google Inc.)
Toolbar: HKLM-x32 - Trend Micro Security Toolbar - {CCAC5586-44D7-4c43-B64A-F042461A97D2} - C:\Program Files\Trend Micro\Titanium\UIFramework\ToolbarIE.dll [2016-07-25] (Trend Micro Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-28] (Google Inc.)
Toolbar: HKU\S-1-5-21-2113719894-2314059281-1428513383-1001 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-28] (Google Inc.)
DPF: HKLM-x32 {166B1BCA-3F9C-11CF-8075-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
Handler-x32: gcf - {9875BFAF-B04D-445E-8A69-BE36838CDE3E} - C:\Program Files (x86)\Google\Chrome Frame\Application\32.0.1700.107\npchrome_frame.dll [2014-02-02] (Google Inc.)
Handler: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\module\20002\9.2.1026\9.2.1026\TmBpIe64.dll [2016-06-29] (Trend Micro Inc.)
Handler-x32: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\module\20002\9.2.1026\9.2.1026\TmBpIe32.dll [2016-06-29] (Trend Micro Inc.)
Handler: tmop - {69FD7CE3-4604-4fe6-967C-49B9735CEE70} - C:\Program Files\Trend Micro\AMSP\module\20013\5.0.1307\2.7.1067\TmopIEPlg.dll [2016-04-26] (Trend Micro Inc.)
Handler-x32: tmop - {69FD7CE3-4604-4fe6-967C-49B9735CEE70} - C:\Program Files\Trend Micro\AMSP\module\20013\5.0.1307\2.7.1067\TmopIEPlg32.dll [2016-04-26] (Trend Micro Inc.)
Handler: tmtb - {04EAF3FB-4BAC-4B5A-A37D-A1CF210A5A42} - C:\Program Files\Trend Micro\Titanium\plugin\ToolbarIE64\ToolbarIE.dll [2016-07-25] (Trend Micro Inc.)
Handler-x32: tmtb - {04EAF3FB-4BAC-4B5A-A37D-A1CF210A5A42} - C:\Program Files\Trend Micro\Titanium\UIFramework\ToolbarIE.dll [2016-07-25] (Trend Micro Inc.)
Handler: tmtbim - {0B37915C-8B98-4B9E-80D4-464D2C830D10} - C:\Program Files\Trend Micro\Titanium\plugin\ToolbarIE64\ProToolbarIMRatingActiveX.dll [2016-07-25] (Trend Micro Inc.)
Handler-x32: tmtbim - {0B37915C-8B98-4B9E-80D4-464D2C830D10} - C:\Program Files\Trend Micro\Titanium\UIFramework\ProToolbarIMRatingActiveX.dll [2016-07-25] (Trend Micro Inc.)
 
FireFox:
========
FF ProfilePath: C:\Users\applepieofdeath\AppData\Roaming\Mozilla\Firefox\Profiles\nwc5yez9.default-1451443203899 [2016-11-26]
FF Homepage: Mozilla\Firefox\Profiles\nwc5yez9.default-1451443203899 -> hxxps://www.google.com/?gws_rd=ssl
FF Extension: (Adblock Plus) - C:\Users\applepieofdeath\AppData\Roaming\Mozilla\Firefox\Profiles\nwc5yez9.default-1451443203899\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-11-24]
FF HKLM\...\Firefox\Extensions: [tmbepff@trendmicro.com] - C:\Program Files\Trend Micro\AMSP\module\20002\9.2.1026\9.2.1026\firefoxextension
FF Extension: (Trend Micro BEP Firefox Extension) - C:\Program Files\Trend Micro\AMSP\module\20002\9.2.1026\9.2.1026\firefoxextension [2016-10-15]
FF HKLM\...\Firefox\Extensions: [{c2056674-a37f-4b29-9300-2004759d74fe}] - C:\Program Files\Trend Micro\AMSP\module\20013\FxExt\firefoxextension
FF Extension: (Trend Micro Osprey Firefox Extension) - C:\Program Files\Trend Micro\AMSP\module\20013\FxExt\firefoxextension [2016-10-15]
FF HKLM-x32\...\Firefox\Extensions: [tmbepff@trendmicro.com] - C:\Program Files\Trend Micro\AMSP\module\20002\9.2.1026\9.2.1026\firefoxextension
FF HKLM-x32\...\Firefox\Extensions: [{c2056674-a37f-4b29-9300-2004759d74fe}] - C:\Program Files\Trend Micro\AMSP\module\20013\FxExt\firefoxextension
FF HKLM-x32\...\Firefox\Extensions: [{22181a4d-af90-4ca3-a569-faed9118d6bc}] - C:\Program Files\Trend Micro\Titanium\UIFramework\Toolbar\firefoxextension
FF Extension: (Trend Micro Toolbar) - C:\Program Files\Trend Micro\Titanium\UIFramework\Toolbar\firefoxextension [2016-10-31]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_23_0_0_207.dll [2016-11-21] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWoW64\Macromed\Flash\NPSWF32_23_0_0_207.dll [2016-11-21] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\WINDOWS\SysWOW64\Adobe\Director\np32dsw_1225195.dll [2016-09-21] (Adobe Systems, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=11.111.2 -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\dtplugin\npDeployJava1.dll [2016-11-03] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.111.2 -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\plugin2\npjp2.dll [2016-11-03] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-14] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-14] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-11-11] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-11-11] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-10-01] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2113719894-2314059281-1428513383-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\applepieofdeath\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [No File]
FF Plugin HKU\S-1-5-21-2113719894-2314059281-1428513383-1001: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2015-07-09] ()
 
Chrome: 
=======
CHR Profile: C:\Users\applepieofdeath\AppData\Local\Google\Chrome\User Data\Default [2016-11-26]
CHR Extension: (Google Docs) - C:\Users\applepieofdeath\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-11-03]
CHR Extension: (Google Drive) - C:\Users\applepieofdeath\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-11-03]
CHR Extension: (WOT: Web of Trust, Website Reputation Ratings) - C:\Users\applepieofdeath\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp [2016-11-03]
CHR Extension: (YouTube) - C:\Users\applepieofdeath\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-11-03]
CHR Extension: (Google Sheets) - C:\Users\applepieofdeath\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-10-31]
CHR Extension: (Google Docs Offline) - C:\Users\applepieofdeath\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-11-03]
CHR Extension: (KanColle Command Center 改) - C:\Users\applepieofdeath\AppData\Local\Google\Chrome\User Data\Default\Extensions\hkgmldnainaglpjngpajnnjfhpdjkohh [2016-11-23]
CHR Extension: (Chrome Web Store Payments) - C:\Users\applepieofdeath\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-10-31]
CHR Extension: (Trend Micro Toolbar) - C:\Users\applepieofdeath\AppData\Local\Google\Chrome\User Data\Default\Extensions\ohhcpmplhhiiaoiddkfboafbhiknefdf [2016-10-31]
CHR Extension: (Gmail) - C:\Users\applepieofdeath\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-11-03]
CHR Extension: (Chrome Media Router) - C:\Users\applepieofdeath\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-11-03]
CHR HKLM-x32\...\Chrome\Extension: [ohhcpmplhhiiaoiddkfboafbhiknefdf] - hxxps://clients2.google.com/service/update2/crx
 
==================== Services (Whitelisted) ====================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 AdobeActiveFileMonitor10.0; C:\Program Files (x86)\Adobe\Elements 10 Organizer\PhotoshopElementsFileAgent.exe [169624 2011-09-15] (Adobe Systems Incorporated)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-09-22] (Apple Inc.)
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [1468608 2016-10-06] (Disc Soft Ltd)
R2 LenovoCOMSvc; C:\Program Files\Lenovo\Power Dial\LenovoCOMSvc.exe [49152 2009-10-01] (Lenovo) [File not signed]
R3 LitModeCtrl; C:\Program Files\Lenovo\Power Dial\LitModeCtrl.exe [81920 2010-09-10] (Lenovo) [File not signed]
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [456640 2016-10-26] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [456640 2016-10-26] (NVIDIA Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [458176 2016-11-11] (NVIDIA Corporation)
R2 NVIDIA Wireless Controller Service; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\nvwirelesscontroller.exe [1163712 2016-10-26] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2119688 2016-11-23] (Electronic Arts)
R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [2180624 2016-11-23] (Electronic Arts)
R2 Platinum Host Service; C:\Program Files\Trend Micro\Titanium\plugin\Pt\PtSvcHost.exe [1145856 2016-07-25] (Trend Micro Inc.)
R2 PnkBstrA; C:\windows\SysWOW64\PnkBstrA.exe [76888 2013-01-05] ()
S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [118520 2013-03-01] (Riverbed Technology, Inc.)
R2 SEVPNCLIENT; C:\Program Files\SoftEther VPN Client\vpnclient_x64.exe [5250280 2015-10-23] (SoftEther VPN Project at University of Tsukuba, Japan.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation)
R2 Amsp; "C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe" coreFrameworkHost.exe -m=rb -dt=60000 -ad -bt=0 [X]
 
===================== Drivers (Whitelisted) ======================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2016-10-10] (Disc Soft Ltd)
R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [47672 2016-10-10] (Disc Soft Ltd)
R3 GeneStor; C:\WINDOWS\System32\drivers\GeneStor.sys [57856 2010-12-17] (GenesysLogic)
S3 hitmanpro37; C:\windows\system32\drivers\hitmanpro37.sys [32512 2014-05-15] ()
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R2 NPF; C:\WINDOWS\System32\drivers\npf.sys [36600 2013-03-01] (Riverbed Technology, Inc.)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_c775b600ccf2cdac\nvlddmkm.sys [14172608 2016-11-12] (NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [27584 2016-10-26] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [46016 2016-10-26] (NVIDIA Corporation)
R1 tmactmon; C:\WINDOWS\system32\DRIVERS\tmactmon.sys [142552 2016-08-08] (Trend Micro Inc.)
R0 tmcomm; C:\WINDOWS\System32\DRIVERS\tmcomm.sys [435416 2016-08-08] (Trend Micro Inc.)
R0 TMEBC; C:\WINDOWS\System32\DRIVERS\TMEBC64.sys [72504 2016-01-05] (Trend Micro Inc.)
R3 tmeevw; C:\WINDOWS\system32\DRIVERS\tmeevw.sys [143648 2016-06-21] (Trend Micro Inc.)
S0 tmel; C:\WINDOWS\System32\DRIVERS\tmel.sys [39056 2015-06-23] (Trend Micro Inc.)
R1 tmevtmgr; C:\WINDOWS\system32\DRIVERS\tmevtmgr.sys [117984 2016-08-08] (Trend Micro Inc.)
R3 tmnciesc; C:\WINDOWS\system32\DRIVERS\tmnciesc.sys [561952 2016-06-24] (Trend Micro Inc.)
R1 tmumh; C:\WINDOWS\system32\DRIVERS\TMUMH.sys [111840 2016-09-30] (Trend Micro Inc.)
R2 tmusa; C:\WINDOWS\system32\DRIVERS\tmusa.sys [132888 2016-05-16] (Trend Micro Inc.)
R1 VBoxNetAdp; C:\WINDOWS\System32\drivers\VBoxNetAdp6.sys [117768 2016-01-20] (Oracle Corporation)
R1 VBoxNetLwf; C:\WINDOWS\system32\DRIVERS\VBoxNetLwf.sys [194976 2016-01-20] (Oracle Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
R0 WinI2C-DDC; C:\WINDOWS\System32\drivers\DDCDrv.sys [20832 2008-04-08] (Nicomsoft Ltd.)
R0 WinI2C-DDC; C:\Windows\SysWOW64\drivers\DDCDrv.sys [15712 2010-03-23] (Nicomsoft Ltd.)
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2016-11-26 11:26 - 2016-11-26 11:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\グリーフシンドローム
2016-11-26 11:06 - 2016-11-26 11:06 - 00000085 _____ C:\WINDOWS\wininit.ini
2016-11-19 09:05 - 2016-11-26 11:13 - 00000000 ____D C:\Users\applepieofdeath\AppData\LocalLow\Mozilla
2016-11-18 23:58 - 2016-11-20 06:29 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-11-16 22:30 - 2016-11-16 22:31 - 00541628 _____ C:\WINDOWS\Minidump\111616-49390-01.dmp
2016-11-16 22:30 - 2016-11-16 22:30 - 1086679446 _____ C:\WINDOWS\MEMORY.DMP
2016-11-16 22:30 - 2016-11-16 22:30 - 00000000 ____D C:\WINDOWS\Minidump
2016-11-16 18:10 - 2016-11-16 18:10 - 00000000 ____D C:\Program Files (x86)\VulkanRT
2016-11-16 18:10 - 2016-11-11 07:23 - 00133056 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvStreaming.exe
2016-11-16 18:10 - 2016-09-10 03:25 - 00269600 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2016-11-16 18:10 - 2016-09-10 03:25 - 00261920 _____ C:\WINDOWS\system32\vulkan-1.dll
2016-11-16 18:10 - 2016-09-10 03:25 - 00110880 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2016-11-16 18:10 - 2016-09-10 03:24 - 00125216 _____ C:\WINDOWS\system32\vulkaninfo.exe
2016-11-16 18:06 - 2016-11-11 08:51 - 40123840 _____ C:\WINDOWS\system32\nvcompiler.dll
2016-11-16 18:06 - 2016-11-11 08:51 - 35222464 _____ C:\WINDOWS\SysWOW64\nvcompiler.dll
2016-11-16 18:06 - 2016-11-11 08:51 - 28203576 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2016-11-16 18:06 - 2016-11-11 08:51 - 10912048 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvptxJitCompiler.dll
2016-11-16 18:06 - 2016-11-11 08:51 - 10804064 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2016-11-16 18:06 - 2016-11-11 08:51 - 10354984 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2016-11-16 18:06 - 2016-11-11 08:51 - 09158432 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2016-11-16 18:06 - 2016-11-11 08:51 - 08913328 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll
2016-11-16 18:06 - 2016-11-11 08:51 - 08761376 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2016-11-16 18:06 - 2016-11-11 08:51 - 02953152 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2016-11-16 18:06 - 2016-11-11 08:51 - 02587704 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2016-11-16 18:06 - 2016-11-11 08:51 - 01951680 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6437586.dll
2016-11-16 18:06 - 2016-11-11 08:51 - 01586744 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6437586.dll
2016-11-16 18:06 - 2016-11-11 08:51 - 01037248 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2016-11-16 18:06 - 2016-11-11 08:51 - 00976952 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2016-11-16 18:06 - 2016-11-11 08:51 - 00943552 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2016-11-16 18:06 - 2016-11-11 08:51 - 00895424 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2016-11-16 18:06 - 2016-11-11 08:51 - 00683640 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvfatbinaryLoader.dll
2016-11-16 18:06 - 2016-11-11 08:51 - 00572888 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll
2016-11-12 07:32 - 2016-11-12 07:32 - 00000000 ____D C:\Users\applepieofdeath\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2016-11-09 06:49 - 2016-11-02 21:01 - 00484584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2016-11-09 06:49 - 2016-11-02 21:01 - 00315744 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2016-11-09 06:49 - 2016-11-02 20:22 - 01570672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2016-11-09 06:49 - 2016-11-02 20:20 - 00590960 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2016-11-09 06:49 - 2016-11-02 20:13 - 01883784 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2016-11-09 06:49 - 2016-11-02 20:13 - 00773720 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2016-11-09 06:49 - 2016-11-02 20:12 - 02255712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2016-11-09 06:49 - 2016-11-02 20:12 - 00376672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2016-11-09 06:49 - 2016-11-02 20:12 - 00341344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2016-11-09 06:49 - 2016-11-02 20:10 - 02323728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
2016-11-09 06:49 - 2016-11-02 20:09 - 02257104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2016-11-09 06:49 - 2016-11-02 20:08 - 00576408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2016-11-09 06:49 - 2016-11-02 20:08 - 00186424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\weretw.dll
2016-11-09 06:49 - 2016-11-02 20:05 - 06657176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2016-11-09 06:49 - 2016-11-02 20:05 - 03892352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2016-11-09 06:49 - 2016-11-02 20:05 - 00959112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2016-11-09 06:49 - 2016-11-02 20:05 - 00951904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2016-11-09 06:49 - 2016-11-02 20:05 - 00405856 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2016-11-09 06:49 - 2016-11-02 20:04 - 04312248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2016-11-09 06:49 - 2016-11-02 20:03 - 02750936 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2016-11-09 06:49 - 2016-11-02 20:03 - 00714592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2016-11-09 06:49 - 2016-11-02 20:02 - 00682816 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2016-11-09 06:49 - 2016-11-02 20:02 - 00238056 _____ (Microsoft Corporation) C:\WINDOWS\system32\weretw.dll
2016-11-09 06:49 - 2016-11-02 20:01 - 01415744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2016-11-09 06:49 - 2016-11-02 20:01 - 01263856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2016-11-09 06:49 - 2016-11-02 20:01 - 00545936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2016-11-09 06:49 - 2016-11-02 20:00 - 08156080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2016-11-09 06:49 - 2016-11-02 20:00 - 01274712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2016-11-09 06:49 - 2016-11-02 20:00 - 00534096 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2016-11-09 06:49 - 2016-11-02 19:59 - 04673304 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2016-11-09 06:49 - 2016-11-02 19:50 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe
2016-11-09 06:49 - 2016-11-02 19:49 - 00147968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2016-11-09 06:49 - 2016-11-02 19:49 - 00037376 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2016-11-09 06:49 - 2016-11-02 19:47 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Shell.Search.UriHandler.dll
2016-11-09 06:49 - 2016-11-02 19:46 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininetlui.dll
2016-11-09 06:49 - 2016-11-02 19:44 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2016-11-09 06:49 - 2016-11-02 19:44 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AuthExt.dll
2016-11-09 06:49 - 2016-11-02 19:43 - 00557568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2016-11-09 06:49 - 2016-11-02 19:42 - 00632832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sud.dll
2016-11-09 06:49 - 2016-11-02 19:42 - 00506880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DevicePairing.dll
2016-11-09 06:49 - 2016-11-02 19:42 - 00306176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2016-11-09 06:49 - 2016-11-02 19:42 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe
2016-11-09 06:49 - 2016-11-02 19:40 - 00896512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontext.dll
2016-11-09 06:49 - 2016-11-02 19:39 - 00348672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\zipfldr.dll
2016-11-09 06:49 - 2016-11-02 19:38 - 00760832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appwiz.cpl
2016-11-09 06:49 - 2016-11-02 19:37 - 19415040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2016-11-09 06:49 - 2016-11-02 19:36 - 19415552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-11-09 06:49 - 2016-11-02 19:36 - 07626752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2016-11-09 06:49 - 2016-11-02 19:34 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2016-11-09 06:49 - 2016-11-02 19:33 - 12349952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2016-11-09 06:49 - 2016-11-02 19:33 - 03307520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2016-11-09 06:49 - 2016-11-02 19:32 - 00040448 _____ (Microsoft Corporation) C:\WINDOWS\system32\efsext.dll
2016-11-09 06:49 - 2016-11-02 19:31 - 03196416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2016-11-09 06:49 - 2016-11-02 19:31 - 01228288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usercpl.dll
2016-11-09 06:49 - 2016-11-02 19:31 - 00226304 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcTok.exe
2016-11-09 06:49 - 2016-11-02 19:31 - 00159232 _____ (Microsoft Corporation) C:\WINDOWS\system32\ACPBackgroundManagerPolicy.dll
2016-11-09 06:49 - 2016-11-02 19:31 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSpkg.dll
2016-11-09 06:49 - 2016-11-02 19:31 - 00097792 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2016-11-09 06:49 - 2016-11-02 19:30 - 12175360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-11-09 06:49 - 2016-11-02 19:30 - 09131008 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2016-11-09 06:49 - 2016-11-02 19:30 - 00567296 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicePairing.dll
2016-11-09 06:49 - 2016-11-02 19:30 - 00321536 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2016-11-09 06:49 - 2016-11-02 19:30 - 00109056 _____ (Microsoft Corporation) C:\WINDOWS\system32\dab.dll
2016-11-09 06:49 - 2016-11-02 19:30 - 00058880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.Search.UriHandler.dll
2016-11-09 06:49 - 2016-11-02 19:29 - 07469056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2016-11-09 06:49 - 2016-11-02 19:29 - 03666432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2016-11-09 06:49 - 2016-11-02 19:29 - 01247232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Globalization.dll
2016-11-09 06:49 - 2016-11-02 19:29 - 00884224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2016-11-09 06:49 - 2016-11-02 19:29 - 00336896 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkBindingEngineMigPlugin.dll
2016-11-09 06:49 - 2016-11-02 19:29 - 00122368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NPSM.dll
2016-11-09 06:49 - 2016-11-02 19:28 - 06044160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2016-11-09 06:49 - 2016-11-02 19:28 - 04423680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2016-11-09 06:49 - 2016-11-02 19:28 - 00690176 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2016-11-09 06:49 - 2016-11-02 19:28 - 00566784 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActionCenterCPL.dll
2016-11-09 06:49 - 2016-11-02 19:28 - 00432128 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
2016-11-09 06:49 - 2016-11-02 19:28 - 00411136 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCenter.dll
2016-11-09 06:49 - 2016-11-02 19:28 - 00324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll
2016-11-09 06:49 - 2016-11-02 19:28 - 00274432 _____ (Microsoft Corporation) C:\WINDOWS\system32\ListSvc.dll
2016-11-09 06:49 - 2016-11-02 19:28 - 00252928 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll
2016-11-09 06:49 - 2016-11-02 19:28 - 00240640 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkDesktopSettings.dll
2016-11-09 06:49 - 2016-11-02 19:28 - 00115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\IdCtrls.dll
2016-11-09 06:49 - 2016-11-02 19:28 - 00109568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\chartv.dll
2016-11-09 06:49 - 2016-11-02 19:27 - 23677952 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-11-09 06:49 - 2016-11-02 19:27 - 02458112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\themecpl.dll
2016-11-09 06:49 - 2016-11-02 19:27 - 01388544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Cred.dll
2016-11-09 06:49 - 2016-11-02 19:27 - 00631296 _____ (Microsoft Corporation) C:\WINDOWS\system32\WlanMediaManager.dll
2016-11-09 06:49 - 2016-11-02 19:27 - 00580608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hgcpl.dll
2016-11-09 06:49 - 2016-11-02 19:27 - 00545792 _____ (Microsoft Corporation) C:\WINDOWS\system32\timedate.cpl
2016-11-09 06:49 - 2016-11-02 19:27 - 00495104 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataSenseHandlers.dll
2016-11-09 06:49 - 2016-11-02 19:27 - 00422400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.dll
2016-11-09 06:49 - 2016-11-02 19:26 - 02747392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpcore.dll
2016-11-09 06:49 - 2016-11-02 19:26 - 02484736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gameux.dll
2016-11-09 06:49 - 2016-11-02 19:26 - 00912896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2016-11-09 06:49 - 2016-11-02 19:26 - 00712192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2016-11-09 06:49 - 2016-11-02 19:26 - 00579072 _____ (Microsoft Corporation) C:\WINDOWS\system32\ddraw.dll
2016-11-09 06:49 - 2016-11-02 19:26 - 00388608 _____ (Microsoft Corporation) C:\WINDOWS\system32\zipfldr.dll
2016-11-09 06:49 - 2016-11-02 19:26 - 00358912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\stobject.dll
2016-11-09 06:49 - 2016-11-02 19:26 - 00278016 _____ (Microsoft Corporation) C:\WINDOWS\system32\netplwiz.dll
2016-11-09 06:49 - 2016-11-02 19:26 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2016-11-09 06:49 - 2016-11-02 19:25 - 02998272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2016-11-09 06:49 - 2016-11-02 19:25 - 01556480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2016-11-09 06:49 - 2016-11-02 19:25 - 00655872 _____ (Microsoft Corporation) C:\WINDOWS\system32\sud.dll
2016-11-09 06:49 - 2016-11-02 19:25 - 00496128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.UserAccountsHandlers.dll
2016-11-09 06:49 - 2016-11-02 19:24 - 00940032 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontext.dll
2016-11-09 06:49 - 2016-11-02 19:23 - 03106304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstsc.exe
2016-11-09 06:49 - 2016-11-02 19:23 - 02104320 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2016-11-09 06:49 - 2016-11-02 19:23 - 00101888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bowser.sys
2016-11-09 06:49 - 2016-11-02 19:22 - 13441024 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2016-11-09 06:49 - 2016-11-02 19:22 - 13081600 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-11-09 06:49 - 2016-11-02 19:22 - 04749312 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2016-11-09 06:49 - 2016-11-02 19:22 - 00369664 _____ (Microsoft Corporation) C:\WINDOWS\system32\msinfo32.exe
2016-11-09 06:49 - 2016-11-02 19:22 - 00337920 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2016-11-09 06:49 - 2016-11-02 19:21 - 00942080 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2016-11-09 06:49 - 2016-11-02 19:19 - 08127488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-11-09 06:49 - 2016-11-02 19:19 - 00981504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.OnlineId.dll
2016-11-09 06:49 - 2016-11-02 19:19 - 00805888 _____ (Microsoft Corporation) C:\WINDOWS\system32\FrameServer.dll
2016-11-09 06:49 - 2016-11-02 19:19 - 00154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\NPSM.dll
2016-11-09 06:49 - 2016-11-02 19:19 - 00130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\chartv.dll
2016-11-09 06:49 - 2016-11-02 19:19 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\asycfilt.dll
2016-11-09 06:49 - 2016-11-02 19:18 - 00991232 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2016-11-09 06:49 - 2016-11-02 19:18 - 00836608 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcRefreshTask.dll
2016-11-09 06:49 - 2016-11-02 19:17 - 04746752 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-11-09 06:49 - 2016-11-02 19:17 - 01282048 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2016-11-09 06:49 - 2016-11-02 19:17 - 00909824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2016-11-09 06:49 - 2016-11-02 19:17 - 00828416 _____ (Microsoft Corporation) C:\WINDOWS\system32\appwiz.cpl
2016-11-09 06:49 - 2016-11-02 19:17 - 00389632 _____ (Microsoft Corporation) C:\WINDOWS\system32\stobject.dll
2016-11-09 06:49 - 2016-11-02 19:16 - 03400192 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncCenter.dll
2016-11-09 06:49 - 2016-11-02 19:16 - 03133440 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcore.dll
2016-11-09 06:49 - 2016-11-02 19:16 - 02688512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2016-11-09 06:49 - 2016-11-02 19:16 - 02512384 _____ (Microsoft Corporation) C:\WINDOWS\system32\themecpl.dll
2016-11-09 06:49 - 2016-11-02 19:16 - 01779712 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-11-09 06:49 - 2016-11-02 19:16 - 01359360 _____ (Microsoft Corporation) C:\WINDOWS\system32\usercpl.dll
2016-11-09 06:49 - 2016-11-02 19:16 - 00881664 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2016-11-09 06:49 - 2016-11-02 19:16 - 00629248 _____ (Microsoft Corporation) C:\WINDOWS\system32\hgcpl.dll
2016-11-09 06:49 - 2016-11-02 19:16 - 00308736 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActionCenter.dll
2016-11-09 06:49 - 2016-11-02 19:15 - 02611200 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameux.dll
2016-11-09 06:49 - 2016-11-02 19:15 - 01513472 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2016-11-09 06:49 - 2016-11-02 19:15 - 00483328 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.dll
2016-11-09 06:49 - 2016-11-02 19:14 - 01726976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2016-11-09 06:49 - 2016-11-02 17:20 - 00446896 _____ C:\WINDOWS\system32\ApnDatabase.xml
2016-11-09 06:48 - 2016-11-02 20:22 - 00601712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2016-11-09 06:48 - 2016-11-02 20:20 - 00378720 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2016-11-09 06:48 - 2016-11-02 20:15 - 01051112 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2016-11-09 06:48 - 2016-11-02 20:15 - 00894096 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2016-11-09 06:48 - 2016-11-02 20:14 - 07816544 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-11-09 06:48 - 2016-11-02 20:13 - 01354320 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2016-11-09 06:48 - 2016-11-02 20:13 - 01173496 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2016-11-09 06:48 - 2016-11-02 20:13 - 00423776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifitask.exe
2016-11-09 06:48 - 2016-11-02 20:08 - 00602464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll
2016-11-09 06:48 - 2016-11-02 20:08 - 00111968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupApi.dll
2016-11-09 06:48 - 2016-11-02 20:05 - 20969928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2016-11-09 06:48 - 2016-11-02 20:04 - 02678056 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
2016-11-09 06:48 - 2016-11-02 20:04 - 00596832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comctl32.dll
2016-11-09 06:48 - 2016-11-02 20:02 - 00848736 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll
2016-11-09 06:48 - 2016-11-02 20:02 - 00148832 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupApi.dll
2016-11-09 06:48 - 2016-11-02 20:01 - 01425000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d9.dll
2016-11-09 06:48 - 2016-11-02 20:01 - 00276832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\input.dll
2016-11-09 06:48 - 2016-11-02 20:01 - 00092512 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2016-11-09 06:48 - 2016-11-02 20:00 - 22223968 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2016-11-09 06:48 - 2016-11-02 20:00 - 04130432 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2016-11-09 06:48 - 2016-11-02 20:00 - 01061968 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2016-11-09 06:48 - 2016-11-02 19:56 - 01609920 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9.dll
2016-11-09 06:48 - 2016-11-02 19:56 - 01572768 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2016-11-09 06:48 - 2016-11-02 19:56 - 01418312 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2016-11-09 06:48 - 2016-11-02 19:56 - 00628552 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2016-11-09 06:48 - 2016-11-02 19:56 - 00322912 _____ (Microsoft Corporation) C:\WINDOWS\system32\input.dll
2016-11-09 06:48 - 2016-11-02 19:55 - 00048992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\iorate.sys
2016-11-09 06:48 - 2016-11-02 19:48 - 00095232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TSpkg.dll
2016-11-09 06:48 - 2016-11-02 19:48 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2016-11-09 06:48 - 2016-11-02 19:48 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\efsext.dll
2016-11-09 06:48 - 2016-11-02 19:47 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.BlockedShutdown.dll
2016-11-09 06:48 - 2016-11-02 19:47 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BcastDVRHelper.dll
2016-11-09 06:48 - 2016-11-02 19:46 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppCapture.dll
2016-11-09 06:48 - 2016-11-02 19:45 - 00492032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.exe
2016-11-09 06:48 - 2016-11-02 19:45 - 00253952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.BioFeedback.dll
2016-11-09 06:48 - 2016-11-02 19:45 - 00182784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsensorgroup.dll
2016-11-09 06:48 - 2016-11-02 19:44 - 00231936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.LockScreen.dll
2016-11-09 06:48 - 2016-11-02 19:43 - 00731136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d8.dll
2016-11-09 06:48 - 2016-11-02 19:43 - 00270336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2016-11-09 06:48 - 2016-11-02 19:43 - 00198144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FSClient.dll
2016-11-09 06:48 - 2016-11-02 19:43 - 00126464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2016-11-09 06:48 - 2016-11-02 19:42 - 00866816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Cred.dll
2016-11-09 06:48 - 2016-11-02 19:42 - 00549376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActionCenterCPL.dll
2016-11-09 06:48 - 2016-11-02 19:42 - 00202752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.HumanInterfaceDevice.dll
2016-11-09 06:48 - 2016-11-02 19:41 - 00635904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2016-11-09 06:48 - 2016-11-02 19:40 - 00548352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ddraw.dll
2016-11-09 06:48 - 2016-11-02 19:40 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\indexeddbserver.dll
2016-11-09 06:48 - 2016-11-02 19:39 - 00465920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppBroker.dll
2016-11-09 06:48 - 2016-11-02 19:39 - 00236544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAnimation.dll
2016-11-09 06:48 - 2016-11-02 19:38 - 22563840 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-11-09 06:48 - 2016-11-02 19:36 - 00063488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ErrorDetailsUpdate.dll
2016-11-09 06:48 - 2016-11-02 19:35 - 00336896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msinfo32.exe
2016-11-09 06:48 - 2016-11-02 19:34 - 00327168 _____ (Microsoft Corporation) C:\WINDOWS\system32\microsoft-windows-system-events.dll
2016-11-09 06:48 - 2016-11-02 19:33 - 00206848 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2016-11-09 06:48 - 2016-11-02 19:32 - 00045056 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2016-11-09 06:48 - 2016-11-02 19:31 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\system32\BcastDVRHelper.dll
2016-11-09 06:48 - 2016-11-02 19:31 - 00170496 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppCapture.dll
2016-11-09 06:48 - 2016-11-02 19:31 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2016-11-09 06:48 - 2016-11-02 19:31 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininetlui.dll
2016-11-09 06:48 - 2016-11-02 19:30 - 00635904 _____ (Microsoft Corporation) C:\WINDOWS\system32\FlightSettings.dll
2016-11-09 06:48 - 2016-11-02 19:30 - 00363520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BioFeedback.dll
2016-11-09 06:48 - 2016-11-02 19:30 - 00134144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ErrorDetails.dll
2016-11-09 06:48 - 2016-11-02 19:29 - 00418304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BlockedShutdown.dll
2016-11-09 06:48 - 2016-11-02 19:29 - 00314880 _____ (Microsoft Corporation) C:\WINDOWS\system32\FSClient.dll
2016-11-09 06:48 - 2016-11-02 19:29 - 00296960 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsensorgroup.dll
2016-11-09 06:48 - 2016-11-02 19:29 - 00276992 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2016-11-09 06:48 - 2016-11-02 19:29 - 00211968 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2016-11-09 06:48 - 2016-11-02 19:29 - 00139264 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2016-11-09 06:48 - 2016-11-02 19:28 - 00807424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.OnlineId.dll
2016-11-09 06:48 - 2016-11-02 19:28 - 00748544 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2016-11-09 06:48 - 2016-11-02 19:28 - 00321024 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkUXBroker.dll
2016-11-09 06:48 - 2016-11-02 19:28 - 00279552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.HumanInterfaceDevice.dll
2016-11-09 06:48 - 2016-11-02 19:28 - 00260608 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgentUserBroker.exe
2016-11-09 06:48 - 2016-11-02 19:28 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2016-11-09 06:48 - 2016-11-02 19:28 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\asycfilt.dll
2016-11-09 06:48 - 2016-11-02 19:27 - 00605184 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe
2016-11-09 06:48 - 2016-11-02 19:27 - 00261632 _____ (Microsoft Corporation) C:\WINDOWS\system32\indexeddbserver.dll
2016-11-09 06:48 - 2016-11-02 19:26 - 01880576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2016-11-09 06:48 - 2016-11-02 19:26 - 01595392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-11-09 06:48 - 2016-11-02 19:26 - 01509376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2016-11-09 06:48 - 2016-11-02 19:26 - 00798208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2016-11-09 06:48 - 2016-11-02 19:26 - 00273920 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAnimation.dll
2016-11-09 06:48 - 2016-11-02 19:25 - 02256384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2016-11-09 06:48 - 2016-11-02 19:25 - 00956416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2016-11-09 06:48 - 2016-11-02 19:25 - 00772608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntshrui.dll
2016-11-09 06:48 - 2016-11-02 19:25 - 00541696 _____ (Microsoft Corporation) C:\WINDOWS\system32\ipnathlp.dll
2016-11-09 06:48 - 2016-11-02 19:24 - 03778560 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2016-11-09 06:48 - 2016-11-02 19:23 - 02356736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVidCtl.dll
2016-11-09 06:48 - 2016-11-02 19:23 - 00199680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GlobCollationHost.dll
2016-11-09 06:48 - 2016-11-02 19:23 - 00072704 _____ (Microsoft Corporation) C:\WINDOWS\system32\ErrorDetailsUpdate.dll
2016-11-09 06:48 - 2016-11-02 19:21 - 05111296 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2016-11-09 06:48 - 2016-11-02 19:20 - 02273792 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2016-11-09 06:48 - 2016-11-02 19:20 - 00167936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ErrorDetails.dll
2016-11-09 06:48 - 2016-11-02 19:19 - 08075776 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2016-11-09 06:48 - 2016-11-02 19:19 - 01586176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Globalization.dll
2016-11-09 06:48 - 2016-11-02 19:18 - 01690112 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2016-11-09 06:48 - 2016-11-02 19:18 - 00243712 _____ (Microsoft Corporation) C:\WINDOWS\system32\shdocvw.dll
2016-11-09 06:48 - 2016-11-02 19:17 - 00982528 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2016-11-09 06:48 - 2016-11-02 19:16 - 04148736 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2016-11-09 06:48 - 2016-11-02 19:16 - 02669056 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-11-09 06:48 - 2016-11-02 19:16 - 01637888 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2016-11-09 06:48 - 2016-11-02 19:16 - 01490944 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2016-11-09 06:48 - 2016-11-02 19:16 - 00770560 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2016-11-09 06:48 - 2016-11-02 19:16 - 00579072 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppBroker.dll
2016-11-09 06:48 - 2016-11-02 19:16 - 00265728 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll
2016-11-09 06:48 - 2016-11-02 19:15 - 04708864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2016-11-09 06:48 - 2016-11-02 19:15 - 03616768 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-11-09 06:48 - 2016-11-02 19:15 - 01348608 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2016-11-09 06:48 - 2016-11-02 19:15 - 00842240 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntshrui.dll
2016-11-09 06:48 - 2016-11-02 19:13 - 03496960 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVidCtl.dll
2016-11-09 06:48 - 2016-11-02 19:13 - 03299840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstsc.exe
2016-11-09 06:48 - 2016-11-02 19:13 - 00322048 _____ (Microsoft Corporation) C:\WINDOWS\system32\GlobCollationHost.dll
2016-11-09 06:48 - 2016-11-02 18:11 - 00788624 _____ C:\WINDOWS\SysWOW64\locale.nls
2016-11-09 06:48 - 2016-11-02 18:11 - 00788624 _____ C:\WINDOWS\system32\locale.nls
2016-11-09 06:48 - 2016-08-02 13:30 - 00822784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2016-11-05 03:10 - 2016-11-13 06:48 - 00000970 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-2113719894-2314059281-1428513383-1001UA.job
2016-11-05 03:10 - 2016-11-13 06:48 - 00000918 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-2113719894-2314059281-1428513383-1001Core.job
2016-11-05 03:10 - 2016-11-10 04:39 - 00004110 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskUserS-1-5-21-2113719894-2314059281-1428513383-1001UA
2016-11-05 03:10 - 2016-11-10 04:39 - 00003734 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskUserS-1-5-21-2113719894-2314059281-1428513383-1001Core
2016-11-04 23:51 - 2016-11-04 23:51 - 00000128 _____ C:\Users\applepieofdeath\Desktop\line ranger arena.txt
2016-11-03 19:56 - 2016-11-03 19:56 - 00004002 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2016-11-03 19:56 - 2016-11-03 19:56 - 00003974 _____ C:\WINDOWS\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2016-11-03 19:56 - 2016-11-03 19:56 - 00003938 _____ C:\WINDOWS\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2016-11-03 19:56 - 2016-11-03 19:56 - 00003912 _____ C:\WINDOWS\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2016-11-03 19:56 - 2016-11-03 19:56 - 00003750 _____ C:\WINDOWS\System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2016-11-03 19:56 - 2016-11-03 19:56 - 00003708 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2016-11-03 19:56 - 2016-11-03 19:56 - 00001489 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2016-11-03 19:56 - 2016-10-26 05:19 - 01852352 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll
2016-11-03 19:56 - 2016-10-26 05:19 - 01755072 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspbridge64.dll
2016-11-03 19:56 - 2016-10-26 05:19 - 01452480 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll
2016-11-03 19:56 - 2016-10-26 05:19 - 01317312 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspbridge.dll
2016-11-03 19:56 - 2016-10-26 05:19 - 00120256 _____ C:\WINDOWS\system32\NvRtmpStreamer64.dll
2016-11-03 19:55 - 2016-11-16 18:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2016-11-03 19:54 - 2016-11-11 07:35 - 00001951 _____ C:\WINDOWS\NvContainerRecovery.bat
2016-11-03 19:53 - 2016-10-26 06:40 - 00215608 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2016-11-03 19:53 - 2016-10-26 06:40 - 00201664 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2016-11-03 19:51 - 2016-11-11 08:51 - 34711096 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2016-11-03 19:51 - 2016-10-26 10:09 - 00046024 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdap64.dll
2016-11-03 19:51 - 2016-10-26 06:40 - 01953336 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6437570.dll
2016-11-03 19:51 - 2016-10-26 06:40 - 01586744 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6437570.dll
2016-11-03 19:51 - 2016-10-26 06:40 - 00000669 _____ C:\WINDOWS\SysWOW64\nv-vk32.json
2016-11-03 19:51 - 2016-10-26 06:40 - 00000669 _____ C:\WINDOWS\system32\nv-vk64.json
2016-11-03 19:51 - 2016-10-26 05:19 - 00104384 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvaudcap64v.dll
2016-11-03 19:51 - 2016-10-26 05:19 - 00094144 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvaudcap32v.dll
2016-11-03 19:51 - 2016-10-26 05:19 - 00046016 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvad64v.sys
2016-11-03 19:46 - 2016-11-03 19:47 - 391438192 ____N (NVIDIA Corporation) C:\Users\applepieofdeath\Desktop\375.70-desktop-win10-64bit-international-whql.exe
2016-11-03 19:38 - 2016-11-03 19:38 - 00097856 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2016-11-03 19:38 - 2016-11-03 19:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2016-11-03 19:38 - 2016-11-03 19:38 - 00000000 ____D C:\Program Files (x86)\Java
2016-11-03 19:29 - 2016-11-03 19:29 - 00737344 _____ (Oracle Corporation) C:\Users\applepieofdeath\Desktop\JavaSetup8u111.exe
2016-10-31 18:46 - 2016-11-11 05:51 - 00002272 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-10-31 18:46 - 2016-11-11 05:51 - 00002260 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-10-31 18:45 - 2016-10-31 18:45 - 01065376 ____N (Google Inc.) C:\Users\applepieofdeath\Desktop\ChromeSetup(1).exe
2016-10-30 08:15 - 2016-10-30 08:15 - 00001822 _____ C:\Users\Public\Desktop\iTunes.lnk
2016-10-30 08:15 - 2016-10-30 08:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2016-10-30 08:14 - 2016-10-30 08:15 - 00000000 ____D C:\Program Files\iTunes
2016-10-30 08:14 - 2016-10-30 08:14 - 00000000 ____D C:\Program Files\iPod
2016-10-30 07:58 - 2016-10-30 07:58 - 01065376 _____ (Google Inc.) C:\Users\applepieofdeath\Downloads\ChromeSetup.exe
2016-10-30 07:49 - 2016-11-17 18:34 - 00407608 _____ (Trend Micro Inc.) C:\WINDOWS\RegBootClean64.exe
2016-10-28 19:30 - 2016-10-15 13:48 - 00498952 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyDecMFT.dll
2016-10-28 19:30 - 2016-10-15 13:26 - 01990648 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2016-10-28 19:30 - 2016-10-15 13:26 - 01472536 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2016-10-28 19:30 - 2016-10-15 13:15 - 01557808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2016-10-28 19:30 - 2016-10-15 12:53 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2016-10-28 19:30 - 2016-10-15 12:52 - 06285312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2016-10-28 19:30 - 2016-10-15 12:50 - 00509440 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Bluetooth.dll
2016-10-28 19:30 - 2016-08-27 14:12 - 00244816 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2016-10-28 19:29 - 2016-10-15 13:51 - 02186896 _____ (Microsoft Corporation) C:\WINDOWS\system32\hevcdecoder.dll
2016-10-28 19:29 - 2016-10-15 13:51 - 01637728 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2016-10-28 19:29 - 2016-10-15 13:51 - 01235296 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2016-10-28 19:29 - 2016-10-15 13:51 - 00595296 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2016-10-28 19:29 - 2016-10-15 13:51 - 00584032 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2016-10-28 19:29 - 2016-10-15 13:51 - 00322912 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2016-10-28 19:29 - 2016-10-15 13:51 - 00283488 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2016-10-28 19:29 - 2016-10-15 13:51 - 00232800 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2016-10-28 19:29 - 2016-10-15 13:51 - 00137568 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2016-10-28 19:29 - 2016-10-15 13:51 - 00078688 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2016-10-28 19:29 - 2016-10-15 13:43 - 01356352 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipUp.exe
2016-10-28 19:29 - 2016-10-15 13:41 - 05622088 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2016-10-28 19:29 - 2016-10-15 13:38 - 00500064 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll
2016-10-28 19:29 - 2016-10-15 13:37 - 00063328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dam.sys
2016-10-28 19:29 - 2016-10-15 13:34 - 01969912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hevcdecoder.dll
2016-10-28 19:29 - 2016-10-15 13:33 - 00455040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DolbyDecMFT.dll
2016-10-28 19:29 - 2016-10-15 13:31 - 02827864 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2016-10-28 19:29 - 2016-10-15 13:31 - 02190688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2016-10-28 19:29 - 2016-10-15 13:31 - 00658272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2016-10-28 19:29 - 2016-10-15 13:31 - 00402272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2016-10-28 19:29 - 2016-10-15 13:30 - 01851696 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2016-10-28 19:29 - 2016-10-15 13:30 - 00557408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2016-10-28 19:29 - 2016-10-15 13:30 - 00509280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2016-10-28 19:29 - 2016-10-15 13:30 - 00341936 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll
2016-10-28 19:29 - 2016-10-15 13:29 - 02913104 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2016-10-28 19:29 - 2016-10-15 13:29 - 01267504 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2016-10-28 19:29 - 2016-10-15 13:29 - 00908640 _____ (Microsoft Corporation) C:\WINDOWS\system32\drvstore.dll
2016-10-28 19:29 - 2016-10-15 13:29 - 00335712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2016-10-28 19:29 - 2016-10-15 13:29 - 00079200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\crashdmp.sys
2016-10-28 19:29 - 2016-10-15 13:26 - 01694712 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2016-10-28 19:29 - 2016-10-15 13:26 - 01600632 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2016-10-28 19:29 - 2016-10-15 13:26 - 00811416 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFCaptureEngine.dll
2016-10-28 19:29 - 2016-10-15 13:26 - 00691080 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2016-10-28 19:29 - 2016-10-15 13:25 - 00882680 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeManagerObj.dll
2016-10-28 19:29 - 2016-10-15 13:25 - 00742704 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppwinob.dll
2016-10-28 19:29 - 2016-10-15 13:22 - 01461200 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2016-10-28 19:29 - 2016-10-15 13:21 - 02537824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2016-10-28 19:29 - 2016-10-15 13:21 - 01100128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2016-10-28 19:29 - 2016-10-15 13:21 - 00292872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpeffects.dll
2016-10-28 19:29 - 2016-10-15 13:18 - 00749920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\drvstore.dll
2016-10-28 19:29 - 2016-10-15 13:15 - 01123368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2016-10-28 19:29 - 2016-10-15 13:10 - 00254656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmpeffects.dll
2016-10-28 19:29 - 2016-10-15 13:06 - 05685760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2016-10-28 19:29 - 2016-10-15 13:05 - 07216640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2016-10-28 19:29 - 2016-10-15 13:01 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2016-10-28 19:29 - 2016-10-15 13:00 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll
2016-10-28 19:29 - 2016-10-15 13:00 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2016-10-28 19:29 - 2016-10-15 13:00 - 00018432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\stdole2.tlb
2016-10-28 19:29 - 2016-10-15 12:59 - 00272384 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfksproxy.dll
2016-10-28 19:29 - 2016-10-15 12:59 - 00187904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfksproxy.dll
2016-10-28 19:29 - 2016-10-15 12:59 - 00130560 _____ (Microsoft Corporation) C:\WINDOWS\splwow64.exe
2016-10-28 19:29 - 2016-10-15 12:58 - 00258560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xboxgip.sys
2016-10-28 19:29 - 2016-10-15 12:57 - 00217600 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpdxm.dll
2016-10-28 19:29 - 2016-10-15 12:57 - 00186880 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2016-10-28 19:29 - 2016-10-15 12:57 - 00175104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmpdxm.dll
2016-10-28 19:29 - 2016-10-15 12:57 - 00039424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dtdump.exe
2016-10-28 19:29 - 2016-10-15 12:56 - 00339968 _____ (Microsoft Corporation) C:\WINDOWS\system32\esentutl.exe
2016-10-28 19:29 - 2016-10-15 12:56 - 00327680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2016-10-28 19:29 - 2016-10-15 12:56 - 00306688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\esentutl.exe
2016-10-28 19:29 - 2016-10-15 12:56 - 00193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.WiFi.dll
2016-10-28 19:29 - 2016-10-15 12:56 - 00120832 _____ (Microsoft Corporation) C:\WINDOWS\system32\BluetoothApis.dll
2016-10-28 19:29 - 2016-10-15 12:56 - 00098816 _____ (Microsoft Corporation) C:\WINDOWS\system32\BthRadioMedia.dll
2016-10-28 19:29 - 2016-10-15 12:56 - 00095232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BluetoothApis.dll
2016-10-28 19:29 - 2016-10-15 12:56 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\system32\HttpsDataSource.dll
2016-10-28 19:29 - 2016-10-15 12:56 - 00065024 _____ (Microsoft Corporation) C:\WINDOWS\system32\OnDemandConnRouteHelper.dll
2016-10-28 19:29 - 2016-10-15 12:55 - 00329216 _____ (Microsoft Corporation) C:\WINDOWS\system32\wc_storage.dll
2016-10-28 19:29 - 2016-10-15 12:55 - 00265728 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore6.dll
2016-10-28 19:29 - 2016-10-15 12:55 - 00236544 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Flights.dll
2016-10-28 19:29 - 2016-10-15 12:55 - 00142336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.WiFi.dll
2016-10-28 19:29 - 2016-10-15 12:55 - 00126464 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpshell.dll
2016-10-28 19:29 - 2016-10-15 12:54 - 00717312 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskbarcpl.dll
2016-10-28 19:29 - 2016-10-15 12:54 - 00463872 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2016-10-28 19:29 - 2016-10-15 12:54 - 00410112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SndVolSSO.dll
2016-10-28 19:29 - 2016-10-15 12:54 - 00241152 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafBth.dll
2016-10-28 19:29 - 2016-10-15 12:54 - 00217088 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicePairingFolder.dll
2016-10-28 19:29 - 2016-10-15 12:54 - 00152064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autoplay.dll
2016-10-28 19:29 - 2016-10-15 12:54 - 00102912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmpshell.dll
2016-10-28 19:29 - 2016-10-15 12:54 - 00043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmTasks.dll
2016-10-28 19:29 - 2016-10-15 12:53 - 00313856 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshostcore.dll
2016-10-28 19:29 - 2016-10-15 12:52 - 00410624 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpsvc.dll
2016-10-28 19:29 - 2016-10-15 12:52 - 00339456 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpusersvc.dll
2016-10-28 19:29 - 2016-10-15 12:52 - 00288256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\systemcpl.dll
2016-10-28 19:29 - 2016-10-15 12:52 - 00163328 _____ (Microsoft Corporation) C:\WINDOWS\system32\autoplay.dll
2016-10-28 19:29 - 2016-10-15 12:51 - 13868544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2016-10-28 19:29 - 2016-10-15 12:51 - 00429568 _____ (Microsoft Corporation) C:\WINDOWS\system32\SndVolSSO.dll
2016-10-28 19:29 - 2016-10-15 12:50 - 17188352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2016-10-28 19:29 - 2016-10-15 12:50 - 02716672 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmSvc.dll
2016-10-28 19:29 - 2016-10-15 12:50 - 02333184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmSvc.dll
2016-10-28 19:29 - 2016-10-15 12:50 - 00438784 _____ (Microsoft Corporation) C:\WINDOWS\system32\EncDec.dll
2016-10-28 19:29 - 2016-10-15 12:50 - 00310272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2016-10-28 19:29 - 2016-10-15 12:50 - 00090112 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2016-10-28 19:29 - 2016-10-15 12:50 - 00074752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
2016-10-28 19:29 - 2016-10-15 12:49 - 01913344 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_fs.dll
2016-10-28 19:29 - 2016-10-15 12:49 - 00838144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll
2016-10-28 19:29 - 2016-10-15 12:49 - 00187904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscsvc.dll
2016-10-28 19:29 - 2016-10-15 12:49 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAppInstaller.exe
2016-10-28 19:29 - 2016-10-15 12:49 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSManHTTPConfig.exe
2016-10-28 19:29 - 2016-10-15 12:49 - 00032256 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSManHTTPConfig.exe
2016-10-28 19:29 - 2016-10-15 12:48 - 01554944 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_health.dll
2016-10-28 19:29 - 2016-10-15 12:48 - 01323008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_fs.dll
2016-10-28 19:29 - 2016-10-15 12:48 - 01054208 _____ (Microsoft Corporation) C:\WINDOWS\system32\qmgr.dll
2016-10-28 19:29 - 2016-10-15 12:47 - 07792640 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2016-10-28 19:29 - 2016-10-15 12:47 - 04612608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2016-10-28 19:29 - 2016-10-15 12:47 - 01113600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_health.dll
2016-10-28 19:29 - 2016-10-15 12:47 - 00720896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.BackgroundMediaPlayback.dll
2016-10-28 19:29 - 2016-10-15 12:47 - 00558080 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnprv.dll
2016-10-28 19:29 - 2016-10-15 12:46 - 03287552 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2016-10-28 19:29 - 2016-10-15 12:46 - 00718848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Playback.BackgroundMediaPlayer.dll
2016-10-28 19:29 - 2016-10-15 12:46 - 00471552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.BackgroundMediaPlayback.dll
2016-10-28 19:29 - 2016-10-15 12:45 - 00702464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Playback.MediaPlayer.dll
2016-10-28 19:29 - 2016-10-15 12:45 - 00406016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2016-10-28 19:29 - 2016-10-15 12:44 - 00747008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RemoteNaturalLanguage.dll
2016-10-28 19:29 - 2016-10-15 12:44 - 00470016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Playback.BackgroundMediaPlayer.dll
2016-10-28 19:29 - 2016-10-15 12:44 - 00090112 _____ (Microsoft Corporation) C:\WINDOWS\system32\powercfg.exe
2016-10-28 19:29 - 2016-10-15 12:43 - 02748928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll
2016-10-28 19:29 - 2016-10-15 12:43 - 01365504 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2016-10-28 19:29 - 2016-10-15 12:43 - 00574976 _____ (Microsoft Corporation) C:\WINDOWS\system32\energy.dll
2016-10-28 19:29 - 2016-10-15 12:43 - 00078336 _____ (Microsoft Corporation) C:\WINDOWS\system32\iscsiwmi.dll
2016-10-28 19:29 - 2016-10-15 12:42 - 06108672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2016-10-28 19:29 - 2016-10-15 12:42 - 00539136 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2016-10-28 19:29 - 2016-10-15 12:42 - 00467968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Geolocation.dll
2016-10-28 19:29 - 2016-10-15 12:42 - 00459776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Playback.MediaPlayer.dll
2016-10-28 19:29 - 2016-10-15 12:41 - 07654912 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2016-10-28 19:29 - 2016-10-15 12:41 - 05376000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2016-10-28 19:29 - 2016-10-15 12:41 - 00161792 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeHelper.dll
2016-10-28 19:29 - 2016-10-15 12:41 - 00067584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iscsiwmi.dll
2016-10-28 19:29 - 2016-10-15 12:39 - 04474368 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
2016-10-28 19:29 - 2016-10-15 12:39 - 01060864 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll
2016-10-28 19:29 - 2016-10-15 12:39 - 01005568 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3D12.dll
2016-10-28 19:29 - 2016-10-15 12:39 - 00869888 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2016-10-28 19:29 - 2016-10-15 12:39 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2016-10-28 19:29 - 2016-10-15 12:39 - 00631296 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2016-10-28 19:29 - 2016-10-15 12:39 - 00357376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Geolocation.dll
2016-10-28 19:29 - 2016-10-15 12:38 - 01993216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2016-10-28 19:29 - 2016-10-15 12:38 - 00913920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.dll
2016-10-28 19:29 - 2016-10-15 12:38 - 00675840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.dll
2016-10-28 19:29 - 2016-10-15 12:37 - 03733504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll
2016-10-28 19:29 - 2016-10-15 12:37 - 01980416 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2016-10-28 19:29 - 2016-10-15 12:37 - 01643008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
2016-10-28 19:29 - 2016-10-15 12:37 - 01029632 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2016-10-28 19:29 - 2016-10-15 12:37 - 00715264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlCore.dll
2016-10-28 19:29 - 2016-10-15 12:37 - 00709120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll
2016-10-28 19:29 - 2016-10-15 12:37 - 00093184 _____ (Microsoft Corporation) C:\WINDOWS\system32\cmifw.dll
2016-10-28 19:29 - 2016-10-15 12:36 - 02290176 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2016-10-28 19:29 - 2016-10-15 12:36 - 01170944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll
2016-10-28 19:29 - 2016-10-15 12:36 - 00792064 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe
2016-10-28 19:29 - 2016-10-15 12:36 - 00673792 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2016-10-28 19:29 - 2016-10-15 12:36 - 00542208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Connectivity.dll
2016-10-28 19:29 - 2016-10-15 12:36 - 00347136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Display.dll
2016-10-28 19:29 - 2016-10-15 12:36 - 00338944 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhcpl.dll
2016-10-28 19:29 - 2016-10-15 12:36 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cmifw.dll
2016-10-28 19:29 - 2016-10-15 12:35 - 03054080 _____ (Microsoft Corporation) C:\WINDOWS\system32\esent.dll
2016-10-28 19:29 - 2016-10-15 12:35 - 02708992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\esent.dll
2016-10-28 19:29 - 2016-10-15 12:35 - 02315264 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2016-10-28 19:29 - 2016-10-15 12:35 - 02005504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2016-10-28 19:29 - 2016-10-15 12:35 - 00905216 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
2016-10-28 19:29 - 2016-10-15 12:35 - 00760832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NMAA.dll
2016-10-28 19:29 - 2016-10-15 12:35 - 00701952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Connectivity.dll
2016-10-28 19:29 - 2016-10-15 12:35 - 00391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2016-10-28 19:29 - 2016-10-15 12:34 - 02476544 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2016-10-28 19:29 - 2016-10-15 12:34 - 01840640 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2016-10-28 19:29 - 2016-10-15 12:34 - 00936448 _____ (Microsoft Corporation) C:\WINDOWS\system32\NMAA.dll
2016-10-28 19:29 - 2016-10-15 12:32 - 00886784 _____ (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll
2016-10-28 19:29 - 2016-10-15 12:31 - 00227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ahcache.sys
2016-10-28 19:29 - 2016-09-10 22:21 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\capimg.sys
2016-10-28 19:29 - 2016-08-06 13:17 - 00619368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2016-10-28 19:28 - 2016-10-15 13:38 - 00409952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2016-10-28 19:28 - 2016-10-15 13:26 - 00160096 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostBroker.dll
2016-10-28 19:28 - 2016-10-15 13:21 - 00584032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys
2016-10-28 19:28 - 2016-10-15 13:20 - 02276736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2016-10-28 19:28 - 2016-10-15 13:19 - 00272720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wintrust.dll
2016-10-28 19:28 - 2016-10-15 13:18 - 02166232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2016-10-28 19:28 - 2016-10-15 13:18 - 01556712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
2016-10-28 19:28 - 2016-10-15 13:18 - 00846560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2016-10-28 19:28 - 2016-10-15 13:15 - 01853776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2016-10-28 19:28 - 2016-10-15 13:15 - 00687936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
2016-10-28 19:28 - 2016-10-15 13:11 - 01435896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2016-10-28 19:28 - 2016-10-15 13:00 - 00323584 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2016-10-28 19:28 - 2016-10-15 12:59 - 00018432 _____ (Microsoft Corporation) C:\WINDOWS\system32\stdole2.tlb
2016-10-28 19:28 - 2016-10-15 12:56 - 00227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2016-10-28 19:28 - 2016-10-15 12:56 - 00219648 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSrvPolicyManager.dll
2016-10-28 19:28 - 2016-10-15 12:55 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidclass.sys
2016-10-28 19:28 - 2016-10-15 12:52 - 00523776 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2016-10-28 19:28 - 2016-10-15 12:51 - 00226304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore6.dll
2016-10-28 19:28 - 2016-10-15 12:45 - 01790464 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationFramework.dll
2016-10-28 19:28 - 2016-10-15 12:44 - 00636928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2016-10-28 19:28 - 2016-10-15 12:42 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\powercfg.exe
2016-10-28 19:28 - 2016-10-15 12:41 - 00945664 _____ (Microsoft Corporation) C:\WINDOWS\system32\iphlpsvc.dll
2016-10-28 19:28 - 2016-10-15 12:39 - 00806400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3D12.dll
2016-10-28 19:28 - 2016-10-15 12:36 - 00983040 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemoteNaturalLanguage.dll
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2016-11-26 11:33 - 2016-10-16 21:59 - 00000000 ____D C:\FRST
2016-11-26 11:29 - 2015-12-21 19:16 - 00000000 ____D C:\Users\applepieofdeath\AppData\Roaming\Origin
2016-11-26 11:22 - 2016-07-16 15:04 - 00032768 _____ C:\WINDOWS\system32\config\ELAM
2016-11-26 11:21 - 2016-08-17 22:30 - 00000000 ____D C:\Users\applepieofdeath
2016-11-26 11:19 - 2015-12-21 19:08 - 00000000 ____D C:\ProgramData\Origin
2016-11-26 11:19 - 2014-02-21 09:43 - 00000000 ___RD C:\Users\applepieofdeath\Dropbox
2016-11-26 11:18 - 2011-07-04 08:47 - 00000000 ____D C:\Program Files (x86)\Steam
2016-11-26 11:16 - 2014-07-10 17:36 - 00000000 ____D C:\Program Files\SoftEther VPN Client
2016-11-26 11:15 - 2016-10-15 01:42 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2016-11-26 11:15 - 2016-08-17 22:50 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-11-26 11:15 - 2016-08-17 22:23 - 00000000 ____D C:\ProgramData\NVIDIA
2016-11-26 11:14 - 2016-07-16 15:04 - 00524288 _____ C:\WINDOWS\system32\config\BBI
2016-11-26 11:08 - 2016-10-10 18:21 - 00000000 ____D C:\Users\applepieofdeath\Desktop\anti-virus
2016-11-26 11:06 - 2016-10-15 01:42 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2016-11-26 11:04 - 2011-07-19 15:58 - 00000000 ____D C:\Users\applepieofdeath\AppData\Local\CrashDumps
2016-11-26 11:00 - 2016-08-17 22:19 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2016-11-25 20:17 - 2016-04-22 22:00 - 00000000 ____D C:\Users\applepieofdeath\AppData\Local\Jagex
2016-11-25 20:17 - 2016-04-22 22:00 - 00000000 ____D C:\ProgramData\Jagex
2016-11-25 09:18 - 2016-10-15 20:53 - 00000010 _____ C:\Users\applepieofdeath\AppData\Local\sponge.last.runtime.cache
2016-11-24 07:39 - 2016-07-16 20:47 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-11-24 06:00 - 2015-12-21 19:07 - 00000000 ____D C:\Program Files (x86)\Origin
2016-11-23 12:18 - 2015-05-12 12:56 - 00028272 _____ C:\WINDOWS\system32\Drivers\TrueSight.sys
2016-11-23 07:17 - 2016-07-16 20:47 - 00000000 ___HD C:\Program Files\WindowsApps
2016-11-22 17:54 - 2016-10-16 20:29 - 00000000 ____D C:\Users\applepieofdeath\Desktop\cobian backup
2016-11-22 11:16 - 2014-07-07 13:20 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2016-11-22 03:39 - 2016-07-16 20:47 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2016-11-21 20:07 - 2016-07-16 20:47 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed
2016-11-21 20:07 - 2016-07-16 20:47 - 00000000 ____D C:\WINDOWS\system32\Macromed
2016-11-21 20:07 - 2011-07-15 14:59 - 00000000 ____D C:\Users\applepieofdeath\AppData\Local\Adobe
2016-11-20 06:29 - 2012-08-18 12:03 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-11-20 06:28 - 2014-05-14 23:02 - 00000000 ____D C:\AdwCleaner
2016-11-17 18:38 - 2013-08-24 11:25 - 00001649 _____ C:\Users\applepieofdeath\Desktop\cookie clicker.txt
2016-11-17 07:01 - 2016-09-27 19:17 - 00071297 _____ C:\Users\applepieofdeath\Desktop\Kancolle Compilation.xlsx
2016-11-16 21:31 - 2012-05-07 12:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
2016-11-16 19:59 - 2011-04-22 00:21 - 00000000 ____D C:\ProgramData\Temp
2016-11-16 19:58 - 2016-08-24 11:10 - 00000258 __RSH C:\ProgramData\ntuser.pol
2016-11-16 19:58 - 2016-04-21 21:03 - 00000000 ____D C:\Program Files (x86)\SpywareBlaster
2016-11-16 18:11 - 2016-08-17 22:23 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2016-11-16 18:11 - 2016-07-16 20:45 - 00000000 ____D C:\WINDOWS\INF
2016-11-13 16:34 - 2016-07-16 20:47 - 00000000 ____D C:\WINDOWS\rescache
2016-11-13 06:57 - 2015-11-28 07:22 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-11-13 06:48 - 2016-08-17 22:19 - 00264176 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-11-12 19:38 - 2016-07-16 20:47 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2016-11-12 19:38 - 2016-07-16 20:47 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2016-11-12 19:38 - 2016-07-16 20:47 - 00000000 ____D C:\WINDOWS\system32\oobe
2016-11-12 19:38 - 2016-07-16 20:47 - 00000000 ____D C:\WINDOWS\system32\migwiz
2016-11-12 19:38 - 2016-07-16 20:47 - 00000000 ____D C:\WINDOWS\ShellExperiences
2016-11-12 19:38 - 2016-07-16 20:47 - 00000000 ____D C:\WINDOWS\bcastdvr
2016-11-12 08:14 - 2016-07-16 20:36 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-11-12 08:02 - 2015-04-24 10:03 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-11-12 07:49 - 2012-08-18 07:03 - 141011376 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-11-12 07:32 - 2014-02-15 17:10 - 00000000 ____D C:\Users\applepieofdeath\AppData\Roaming\Dropbox
2016-11-11 08:51 - 2016-05-10 03:05 - 03934504 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2016-11-11 08:51 - 2016-05-10 03:05 - 03473880 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2016-11-11 08:51 - 2016-05-10 03:05 - 00042296 _____ C:\WINDOWS\system32\nvinfo.pb
2016-11-11 07:38 - 2016-08-17 22:23 - 07511235 _____ C:\WINDOWS\system32\nvcoproc.bin
2016-11-11 07:38 - 2016-08-17 22:23 - 06384576 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2016-11-11 07:38 - 2016-08-17 22:23 - 02475968 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2016-11-11 07:38 - 2016-08-17 22:23 - 01762752 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2016-11-11 07:38 - 2016-08-17 22:23 - 00546752 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2016-11-11 07:38 - 2016-08-17 22:23 - 00392128 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2016-11-11 07:38 - 2016-08-17 22:23 - 00083512 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2016-11-11 07:38 - 2016-08-17 22:23 - 00069568 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2016-11-09 16:53 - 2016-03-04 07:11 - 00000000 ____D C:\Users\applepieofdeath\Desktop\scammer catching tools
2016-11-09 07:58 - 2016-03-04 07:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Oracle VM VirtualBox
2016-11-09 06:00 - 2016-10-14 20:54 - 00004562 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2016-11-07 01:23 - 2016-10-14 20:53 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-11-04 21:54 - 2016-04-20 16:39 - 00000000 ____D C:\Users\applepieofdeath\AppData\Local\NVIDIA Corporation
2016-11-03 19:56 - 2016-08-17 22:23 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2016-11-03 19:56 - 2016-08-17 22:23 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2016-11-03 19:56 - 2015-12-21 20:40 - 00000000 ____D C:\Users\applepieofdeath\AppData\Local\NVIDIA
2016-11-03 19:39 - 2014-02-16 11:42 - 00000000 ____D C:\ProgramData\Oracle
2016-11-03 19:08 - 2011-07-04 08:28 - 00000000 ____D C:\Users\applepieofdeath\AppData\Local\Google
2016-11-02 16:28 - 2016-07-16 20:47 - 00015425 _____ C:\WINDOWS\system32\OEMDefaultAssociations.xml
2016-11-02 16:28 - 2016-07-16 20:47 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-10-31 18:46 - 2011-04-22 00:19 - 00000000 ____D C:\Program Files (x86)\Google
2016-10-30 14:39 - 2016-10-15 18:26 - 00000000 ____D C:\ProgramData\Trend Micro Installer
2016-10-30 08:14 - 2016-06-01 09:12 - 00000000 ____D C:\Program Files\Common Files\Apple
2016-10-30 07:49 - 2016-10-15 18:58 - 00000000 ____D C:\ProgramData\Trend Micro
2016-10-29 08:56 - 2016-07-16 20:49 - 00828408 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-10-29 08:56 - 2016-07-16 20:49 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2016-10-27 12:45 - 2016-10-15 18:28 - 00000000 ____D C:\Users\applepieofdeath\AppData\Local\Trend Micro
 
==================== Files in the root of some directories =======
 
2014-11-04 06:55 - 2014-11-04 06:55 - 0000106 _____ () C:\Users\applepieofdeath\AppData\Roaming\settings.xml
2011-08-23 16:01 - 2016-02-11 15:03 - 0049152 _____ () C:\Users\applepieofdeath\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2016-10-15 18:55 - 2016-10-15 18:55 - 0000036 _____ () C:\Users\applepieofdeath\AppData\Local\housecall.guid.cache
2016-10-15 20:53 - 2016-11-25 09:18 - 0000010 _____ () C:\Users\applepieofdeath\AppData\Local\sponge.last.runtime.cache
2013-06-04 10:24 - 2013-06-04 10:24 - 0000057 _____ () C:\ProgramData\Ament.ini
2015-01-05 22:41 - 2015-01-05 22:41 - 0000040 _____ () C:\ProgramData\ra3.ini
 
Files to move or delete:
====================
C:\Users\applepieofdeath\PhotoshopElements_9_LS15.exe
 
 
Some files in TEMP:
====================
C:\Users\applepieofdeath\AppData\Local\Temp\dllnt_dump.dll
C:\Users\applepieofdeath\AppData\Local\Temp\libeay32.dll
C:\Users\applepieofdeath\AppData\Local\Temp\msvcr120.dll
C:\Users\applepieofdeath\AppData\Local\Temp\sqlite3.dll
C:\Users\applepieofdeath\AppData\Local\Temp\swat4_update_en_10_11.EXE
 
 
==================== Bamital & volsnap ======================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2016-11-23 10:25
 
==================== End of FRST.txt ============================


#4 applepieofdeath

applepieofdeath
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:54 PM

Posted 25 November 2016 - 09:55 PM

Continuing form last post...
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 23-11-2016
Ran by applepieofdeath (26-11-2016 11:34:34)
Running from C:\Users\applepieofdeath\Desktop\anti-virus\FRST
Windows 10 Home Version 1607 (X64) (2016-08-17 14:01:42)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-2113719894-2314059281-1428513383-500 - Administrator - Disabled) => C:\Users\Administrator
applepieofdeath (S-1-5-21-2113719894-2314059281-1428513383-1001 - Administrator - Enabled) => C:\Users\applepieofdeath
ASPNET (S-1-5-21-2113719894-2314059281-1428513383-1003 - Limited - Enabled)
DefaultAccount (S-1-5-21-2113719894-2314059281-1428513383-503 - Limited - Disabled)
Guest (S-1-5-21-2113719894-2314059281-1428513383-501 - Limited - Disabled)
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Trend Micro Antivirus+ (Enabled - Up to date) {6458A697-CD62-2062-F924-44AA7F87C1E7}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Trend Micro Antivirus+ (Enabled - Up to date) {DF394773-EB58-2FEC-C394-7FD804008B5A}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
Ad-Aware Antivirus (HKLM\...\{36036827-FA38-4A74-8333-26BC4EEC9308}_AdAwareUpdater) (Version: 11.12.945.9202 - Lavasoft)
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 15.020.20042 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 2.7.0.19530 - Adobe Systems Incorporated)
Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.5.23 - Adobe Systems Incorporated.)
Adobe Flash Player 23 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 23.0.0.207 - Adobe Systems Incorporated)
Adobe Photoshop Elements 10 (HKLM-x32\...\Adobe Photoshop Elements 10) (Version: 10.0 - Adobe Systems Incorporated)
Adobe Photoshop Elements 9 (HKLM-x32\...\Adobe Photoshop Elements 9) (Version: 9.0 - Adobe Systems Incorporated)
Adobe Photoshop.com Inspiration Browser (HKLM-x32\...\PhotoshopdotcomInspirationBrowser.4C35C4D325D350FE0114230CBADCA2DDD0AC8D25.1) (Version: 3.07 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.2 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.2.5.195 - Adobe Systems, Inc.)
Advanced Uninstaller PRO - Version 12 (HKLM-x32\...\AU11_is1) (Version: 12.12.0.48 - Innovative Solutions)
Akamai NetSession Interface (HKU\S-1-5-21-2113719894-2314059281-1428513383-1001\...\Akamai) (Version:  - Akamai Technologies, Inc)
Alien Swarm (HKLM-x32\...\Steam App 630) (Version:  - Valve)
Angry Video Game Nerd Adventures (HKLM\...\Steam App 237740) (Version:  - FreakZone Games)
Angry Video Game Nerd II: ASSimilation (HKLM\...\Steam App 409660) (Version:  - FreakZone Games)
Ansel (Version: 375.86 - NVIDIA Corporation) Hidden
Any Video Converter 5.7.3 (HKLM-x32\...\Any Video Converter_is1) (Version:  - Any-Video-Converter.com)
Apple Application Support (32-bit) (HKLM-x32\...\{F2871C89-C8A5-42EE-8D45-0F02506385A6}) (Version: 5.1 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{9BC93467-75D1-4AA4-BD58-D9C51D88DFAB}) (Version: 5.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{55BB2110-FB43-49B3-93F4-945A0CFB0A6C}) (Version: 10.0.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
Assassin’s Creed® III (HKLM-x32\...\Steam App 208480) (Version:  - Ubisoft Montreal)
Assassin's Creed (HKLM-x32\...\Steam App 15100) (Version:  - Ubisoft)
Assassin's Creed Brotherhood (HKLM-x32\...\Steam App 48190) (Version:  - )
Assassin's Creed II (HKLM-x32\...\Steam App 33230) (Version:  - Ubisoft Montreal)
Assassin's Creed IV Black Flag (HKLM-x32\...\Steam App 242050) (Version:  - Ubisoft Montreal)
Assassin's Creed Revelations (HKLM-x32\...\Steam App 201870) (Version:  - Ubisoft)
Battlestations: Midway (HKLM-x32\...\Steam App 6870) (Version:  - Eidos Interactive)
Battlestations: Pacific (HKLM\...\Steam App 8170) (Version:  - Eidos Studio Hungary)
BioShock (HKLM-x32\...\Steam App 7670) (Version:  - 2K Boston)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Borderlands (HKLM\...\Steam App 8980) (Version:  - Gearbox Software)
BOSS (HKLM\...\BOSS) (Version: 2.3.2 - BOSS Development Team)
ClueFinders® 3rd Grade Adventures (HKLM-x32\...\ClueFinders® 3rd Grade Adventures) (Version:  - )
Cobian Backup 11 Gravity (HKLM-x32\...\CobBackup11) (Version:  - )
Code Head Calculated Risk (HKLM-x32\...\Code Head Calculated Risk) (Version:  - )
Command and Conquer: Red Alert 3 - Uprising (HKLM-x32\...\Steam App 24800) (Version:  - EA Los Angeles)
Command and Conquer: Red Alert 3 (HKLM-x32\...\Steam App 17480) (Version:  - EA Los Angeles)
Cross Terrain Challenge (HKLM-x32\...\Cross Terrain Challenge) (Version:  - )
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.4.0.0196 - Disc Soft Ltd)
Defraggler (HKLM\...\Defraggler) (Version: 2.21 - Piriform)
DemonStar (HKLM-x32\...\DemonStar_is1) (Version: 4.04 - Mountain King Studios)
Dropbox (HKU\S-1-5-21-2113719894-2314059281-1428513383-1001\...\Dropbox) (Version: 14.4.19 - Dropbox, Inc.)
Elements 10 Organizer (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden
Elements 9 Organizer (x32 Version: 9.0 - Adobe Systems Incorporated) Hidden
Elements STI Installer (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Empire: Total War (HKLM-x32\...\Steam App 10500) (Version:  - The Creative Assembly)
Fallout 3 - Game of the Year Edition (HKLM-x32\...\Steam App 22370) (Version:  - Bethesda Softworks)
Fallout 3 - The Garden of Eden Creation Kit (HKLM-x32\...\{B343B0E3-212A-40B9-8207-1BD299228F5D}) (Version: 1.00.0000 - Bethesda Softworks)
Fallout 4 (HKLM-x32\...\Steam App 377160) (Version:  - Bethesda Game Studios)
Fallout Mod Manager 0.13.21 (HKLM-x32\...\Generic Mod Manager_is1) (Version:  - Q, Timeslip)
Fallout: New Vegas (HKLM-x32\...\Steam App 22380) (Version:  - Bethesda Softworks)
Fleet Command (HKLM\...\Steam App 2910) (Version:  - Sonalysts)
Fraps (remove only) (HKLM-x32\...\Fraps) (Version:  - )
Free Studio version 5.5.0 (HKLM-x32\...\Free Studio_is1) (Version: 5.5.0 - DVDVideoSoft Ltd.)
Genesys USB Mass Storage Device (HKLM-x32\...\{959B7F35-2819-40C5-A0CD-3C53B5FCC935}) (Version: 4.0.1.1 - Genesys Logic)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 54.0.2840.99 - Google Inc.)
Google Chrome Frame (HKLM-x32\...\Google Chrome Frame) (Version: 32.0.1700.107 - Google Inc.)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.8231.2252 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.31.5 - Google Inc.) Hidden
Half-Life (HKLM-x32\...\Steam App 70) (Version:  - Valve)
Half-Life 2 (HKLM-x32\...\Steam App 220) (Version:  - Valve)
Half-Life 2: Deathmatch (HKLM-x32\...\Steam App 320) (Version:  - Valve)
Half-Life 2: Episode One (HKLM-x32\...\Steam App 380) (Version:  - Valve)
Half-Life 2: Episode Two (HKLM-x32\...\Steam App 420) (Version:  - Valve)
Half-Life 2: Lost Coast (HKLM-x32\...\Steam App 340) (Version:  - Valve)
Half-Life Deathmatch: Source (HKLM-x32\...\Steam App 360) (Version:  - Valve)
Half-Life: Blue Shift (HKLM-x32\...\Steam App 130) (Version:  - Gearbox Software)
HitmanPro 3.7 (HKLM\...\HitmanPro37) (Version: 3.7.9.220 - SurfRight B.V.)
HP Officejet Pro 8600 Basic Device Software (HKLM\...\{791A06E2-340F-43B0-8FAB-62D151339362}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Officejet Pro 8600 Help (HKLM-x32\...\{46235FF7-2CBE-4A84-BEDA-87348D1F7850}) (Version: 28.0.0 - Hewlett Packard)
HP Officejet Pro 8600 Product Improvement Study (HKLM\...\{2BF5E9CC-C55D-4B0F-ACAF-FFE77F333CD8}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Update (HKLM-x32\...\{6F1C00D2-25C2-4CBA-8126-AE9A6E2E9CD5}) (Version: 5.003.003.001 - Hewlett-Packard)
I.R.I.S. OCR (HKLM-x32\...\{CA6BCA2F-EDEB-408F-850B-31404BE16A61}) (Version: 12.3.4.0 - HP)
InstantStorm 2.0 (HKLM-x32\...\InstantStorm_is1) (Version: 2.0.0 - Jan Kolarik and Ondrej Vaverka)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1118 - Intel Corporation)
Intel® Network Connections Drivers (HKLM\...\PROSet) (Version: 15.4 - Intel)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.32 - Irfan Skiljan)
iTunes (HKLM\...\{F11677B7-0D8E-4F34-BEBB-6869FE861CDF}) (Version: 12.5.2.36 - Apple Inc.)
Java 8 Update 111 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180111F0}) (Version: 8.0.1110.14 - Oracle Corporation)
Left 4 Dead (HKLM-x32\...\Steam App 500) (Version:  - Valve)
Left 4 Dead 2 (HKLM-x32\...\Steam App 550) (Version:  - Valve)
Left 4 Dead 2 Add-on Support (HKLM-x32\...\Steam App 564) (Version:  - Valve)
Left 4 Dead 2 Dedicated Server (HKLM-x32\...\Steam App 222860) (Version:  - )
Lenovo Driver and Application Installation (HKLM-x32\...\{45970CD1-D599-47D4-938F-3E9800D54ED1}) (Version: 5.10.1809 - Lenovo)
Lenovo Dynamic Brightness System (HKLM-x32\...\{D9ED6D06-6002-495E-A7BC-46E6AE386996}) (Version: 4.0.00.22080 - Lenovo)
Lenovo Eye Distance System (HKLM-x32\...\{5183D7AB-D09B-411F-A74E-BBAEA61C6505}) (Version: 4.0.00.21090 - Lenovo)
Lenovo Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.0.3720 - CyberLink Corp.)
Lenovo Power2Go (x32 Version: 6.0.3720 - CyberLink Corp.) Hidden
Lenovo Rescue System (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 3.0.1409 - CyberLink Corp.)
Lenovo Rescue System (Version: 3.0.1409 - CyberLink Corp.) Hidden
Lenovo Screensaver (HKLM-x32\...\{803E6DED-5050-4E3D-B26A-5915397362CD}) (Version: 1.0.5.100928 - Lenovo)
Lenovo USB2.0 UVC Camera (HKLM-x32\...\{70D2C5B8-EB22-45B1-9EAA-5E8C1C408A3B}) (Version: 1.00.0000 - Vimicro Corporation)
LINE (HKLM-x32\...\LINE) (Version: 4.1.2.525 - LINE Corporation)
LOOT version 0.8.1 (HKLM-x32\...\{BF634210-A0D4-443F-A657-0DCE38040374}_is1) (Version: 0.8.1 - LOOT Team)
LVT (HKLM-x32\...\{D3063097-EC84-4D21-84A4-9D852E974355}) (Version: 4.1.2.0919 - Lenovo)
LXH-JME2207FN Hotkey Driver (HKLM-x32\...\{42B21298-C850-4272-AFD9-636CBC005421}) (Version: 5.1.0804 - Lenovo)
Malwarebytes Anti-Malware version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Medieval II: Total War (HKLM-x32\...\Steam App 4700) (Version:  - The Creative Assembly)
Medieval II: Total War Kingdoms (HKLM-x32\...\Steam App 4780) (Version:  - The Creative Assembly)
Microsoft .NET Framework 1.1 (HKLM-x32\...\{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}) (Version: 1.1.4322 - Microsoft)
Microsoft AppLocale (HKLM-x32\...\{394BE3D9-7F57-4638-A8D1-1D88671913B7}) (Version: 1.0.0 - MS)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE  (HKLM-x32\...\{4AA3D64E-9EC3-4B0F-AB91-5885AC55641F}) (Version: 2.0.675.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{42AA4CA8-DCD8-4308-BCAB-0B6D75856A9D}) (Version: 3.5.95.0 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (HKLM-x32\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23918 (HKLM-x32\...\{dab68466-3a7d-41a8-a5cf-415e3ff8ef71}) (Version: 14.0.23918.0 - Microsoft Corporation)
Microsoft Windows Application Compatibility Database (HKLM\...\{deb7008b-681e-4a4a-8aae-cc833e8216ce}.sdb) (Version:  - )
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Monopoly Junior (HKLM-x32\...\Monopoly Junior) (Version:  - )
Mozilla Firefox 50.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 50.0 (x86 en-US)) (Version: 50.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 50.0.0.6152 - Mozilla)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB973685) (HKLM-x32\...\{859DFA95-E4A6-48CD-B88E-A3E483E89B44}) (Version: 4.30.2107.0 - Microsoft Corporation)
Narbacular Drop version 1.4 (HKLM-x32\...\NarbacularDrop_is1) (Version:  - )
Nexus Mod Manager (HKLM\...\6af12c54-643b-4752-87d0-8335503010de_is1) (Version: 0.61.20 - Black Tree Gaming)
NVIDIA 3D Vision Controller Driver 369.04 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 369.04 - NVIDIA Corporation)
NVIDIA 3D Vision Driver 375.86 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 375.86 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.1.0.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.1.0.52 - NVIDIA Corporation)
NVIDIA Graphics Driver 375.86 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 375.86 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.34.17 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.17 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation)
NvNodejs (Version: 3.1.0.52 - NVIDIA Corporation) Hidden
NvTelemetry (Version: 1.2.0.0 - NVIDIA Corporation) Hidden
Oracle VM VirtualBox 5.0.14 (HKLM\...\{82022940-639B-48A3-86D9-B139864105F7}) (Version: 5.0.14 - Oracle Corporation)
Origin (HKLM-x32\...\Origin) (Version: 10.3.2.64935 - Electronic Arts, Inc.)
Pearl Harbor : Zero Hour (HKLM-x32\...\{E9688BE6-D55F-4B62-9422-99AC56572C0F}) (Version:  - )
Poker Night 2 (HKLM-x32\...\Steam App 234710) (Version:  - )
Poker Night at the Inventory (HKLM-x32\...\Steam App 31280) (Version:  - Telltale Games)
Portal (HKLM-x32\...\Steam App 400) (Version:  - Valve)
Portal 2 (HKLM-x32\...\Steam App 620) (Version:  - Valve)
Power Dial (HKLM-x32\...\{816F9A97-9889-43DA-A394-7AA45DD68BA0}) (Version: 3.0.1.2126 - Lenovo)
PSE10 STI Installer (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.991 - Even Balance, Inc.)
Raptor: Call of The Shadows - 2015 Edition (HKLM-x32\...\Steam App 336060) (Version:  - DotEmu)
Reading Blaster Ages 9-12 (HKLM-x32\...\Reading Blaster Ages 9-12) (Version:  - )
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6151 - Realtek Semiconductor Corp.)
RogueKiller version 11 (HKLM\...\8B3D7924-ED89-486B-8322-E8594065D5CB_is1) (Version: 11 - Adlice Software)
RollerCoaster Tycoonョ 3 (HKLM-x32\...\{907B4640-266B-4A21-92FB-CD1A86CD0F63}) (Version: 1.00.000 - )
Roxio BackOnTrack (HKLM-x32\...\{32F9BACF-FCD3-4B6A-AD85-255A449B6FA5}) (Version: 1.3.1 - Roxio)
RR (HKLM-x32\...\RR_is1) (Version:  - )
RuneScape Launcher 1.2.5 (HKLM-x32\...\{BB1810FD-EB25-4A9D-ADDD-3543190D429A}) (Version: 1.2.5 - Jagex Ltd)
RuneScape Launcher 2.2.2 (HKLM\...\RuneScape Launcher_is1) (Version: 2.2.2 - Jagex Ltd)
Scholastic's I SPY Mystery (HKLM-x32\...\Scholastic's I SPY Mystery) (Version:  - )
SHIELD Streaming (Version: 7.1.0330 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 3.1.0.52 - NVIDIA Corporation) Hidden
SoftEther VPN Client (HKLM\...\softether_sevpnclient) (Version: 4.19.9599 - SoftEther VPN Project)
Spore (HKLM-x32\...\Steam App 17390) (Version:  - Maxis)
Spore: Creepy & Cute Parts Pack (HKLM-x32\...\Steam App 17440) (Version:  - Maxis)
Spore: Galactic Adventures (HKLM-x32\...\Steam App 24720) (Version:  - EA - Maxis)
Spy Masters Max Strikes Back (HKLM-x32\...\Max Strikes Back) (Version:  - )
SpywareBlaster 5.5 (HKLM-x32\...\SpywareBlaster_is1) (Version: 5.5.0 - BrightFort LLC)
Star Wars - Battlefront II (HKLM-x32\...\Steam App 6060) (Version:  - Pandemic Studios)
Star Wars: The Force Unleashed Ultimate Sith Edition (HKLM-x32\...\Steam App 32430) (Version:  - LucasArts)
STAR WARS™ Battlefront™ (HKLM-x32\...\{E402D891-4E45-4ce9-B41F-DD35864EF170}) (Version: 1.0.6.35326 - Electronic Arts)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Super Amazing Wagon Adventure (HKLM-x32\...\Steam App 250500) (Version:  - sparsevector)
Surgeon Simulator 2013 (HKLM-x32\...\Steam App 233720) (Version:  - )
SWAT 4 (HKLM-x32\...\InstallShield_{8E1CCF20-9E12-4824-BD59-7AD9E0486DD8}) (Version: 1.0.31973 - Sierra Entertainment, Inc.)
SWAT 4 (x32 Version: 1.0.31973 - Sierra Entertainment, Inc.) Hidden
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Team Fortress 2 (HKLM-x32\...\Steam App 440) (Version:  - Valve)
The ClueFinders® Mystery of the Missing Amulet™ (HKLM-x32\...\The ClueFinders® Mystery of the Missing Amulet™) (Version:  - )
ThemeWallpaper (HKLM-x32\...\{F29CBF73-C211-4616-898A-379A2679F990}) (Version: 1.2.0.101108 - Lenovo)
Third Age - Total War 3.0 (Part 1of2) (HKU\S-1-5-21-2113719894-2314059281-1428513383-1001\...\Third Age - Total War 3.0 (Part 1of2)) (Version:  - )
Third Age - Total War 3.0 (Part 2of2) (HKU\S-1-5-21-2113719894-2314059281-1428513383-1001\...\Third Age - Total War 3.0 (Part 2of2)) (Version:  - )
This War of Mine (HKLM-x32\...\Steam App 282070) (Version:  - 11 bit studios)
Total War: Shogun 2 - TEd (HKLM-x32\...\Steam App 202920) (Version:  - The Creative Assembly)
Total War: SHOGUN 2 (HKLM-x32\...\Steam App 34330) (Version:  - The Creative Assembly)
Trend Micro Antivirus+ (HKLM\...\{ABBD4BA8-6703-40D2-AB1E-5BB1F7DB49A4}) (Version: 11.0 - Trend Micro Inc.)
Trend Micro Titanium (Version: 11.0 - Trend Micro Inc.) Hidden
Trend Micro Troubleshooting Tool (HKLM\...\{4B83469E-CE4F-45D0-BC34-CCB7BF194477}) (Version: 6.0.1068 - Trend Micro Inc.)
Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Uplay (HKLM-x32\...\Uplay) (Version: 2.0 - Ubisoft)
Vulkan Run Time Libraries 1.0.26.0 (HKLM\...\VulkanRT1.0.26.0) (Version: 1.0.26.0 - LunarG, Inc.)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)
Windows Movie Maker 2.6 (HKLM-x32\...\{B3DAF54F-DB25-4586-9EF1-96D24BB14088}) (Version: 2.6.4037.0 - Microsoft Corporation)
WinPcap 4.1.3 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2980 - Riverbed Technology, Inc.)
WinRAR 4.10 beta 4 (64-bit) (HKLM\...\WinRAR archiver) (Version: 4.10.4 - win.rar GmbH)
World of Goo (HKLM-x32\...\Steam App 22000) (Version:  - 2D BOY)
World of Tanks (HKU\S-1-5-21-2113719894-2314059281-1428513383-1001\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812na}_is1) (Version:  - Wargaming.net)
WoT Skins and Mods Installer version 1.83 (HKLM-x32\...\{9BFAD985-B7E2-40FB-B9F9-DEEEAFB25780}_is1) (Version: 1.83 - www.worldoftanksskins.org)
Xvid Video Codec (HKLM-x32\...\Xvid Video Codec 1.3.4) (Version: 1.3.4 - Xvid Team)
 
==================== Custom CLSID (Whitelisted): ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
CustomCLSID: HKU\S-1-5-21-2113719894-2314059281-1428513383-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\applepieofdeath\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2113719894-2314059281-1428513383-1001_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\applepieofdeath\AppData\Roaming\Dropbox\bin\DropboxExt64.3.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2113719894-2314059281-1428513383-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\applepieofdeath\AppData\Roaming\Dropbox\bin\DropboxExt64.3.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2113719894-2314059281-1428513383-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\applepieofdeath\AppData\Roaming\Dropbox\bin\DropboxExt64.3.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2113719894-2314059281-1428513383-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\applepieofdeath\AppData\Roaming\Dropbox\bin\DropboxExt64.3.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2113719894-2314059281-1428513383-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\applepieofdeath\AppData\Roaming\Dropbox\bin\DropboxExt64.3.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2113719894-2314059281-1428513383-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\applepieofdeath\AppData\Roaming\Dropbox\bin\DropboxExt64.3.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2113719894-2314059281-1428513383-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\applepieofdeath\AppData\Roaming\Dropbox\bin\DropboxExt64.3.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2113719894-2314059281-1428513383-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\applepieofdeath\AppData\Roaming\Dropbox\bin\DropboxExt64.3.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2113719894-2314059281-1428513383-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\applepieofdeath\AppData\Roaming\Dropbox\bin\DropboxExt64.3.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2113719894-2314059281-1428513383-1001_Classes\CLSID\{FB314EE1-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\applepieofdeath\AppData\Roaming\Dropbox\bin\DropboxExt64.3.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2113719894-2314059281-1428513383-1001_Classes\CLSID\{FB314EE2-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\applepieofdeath\AppData\Roaming\Dropbox\bin\DropboxExt64.3.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2113719894-2314059281-1428513383-1001_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\applepieofdeath\AppData\Roaming\Dropbox\bin\DropboxExt64.3.0.dll (Dropbox, Inc.)
 
==================== Scheduled Tasks (Whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {006DD724-7645-46B4-A1D4-424446D9EF19} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {043CB5AE-0C7A-436D-A77F-599F2453F1E4} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2016-02-24] (Apple Inc.)
Task: {04D55096-6F2A-4785-80AC-C426F5608806} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Maintenance Install
Task: {109C0A62-FA68-46C9-9836-0BBD66F1AF51} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2016-10-26] (NVIDIA Corporation)
Task: {12A43A3A-D90B-4279-829D-545B23EBE14D} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {12FF6C49-2921-4BF8-886C-6EC263754C86} - System32\Tasks\{2E624A83-1EFA-4D4F-B257-884341427E02} => pcalua.exe -a C:\Users\applepieofdeath\Desktop\irfanview_plugins_433_setup.exe -d C:\Users\applepieofdeath\Desktop
Task: {1D6BC131-90BC-4A66-AA5F-AA7601338DD9} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\WINDOWS\ehome\mcupdate.exe
Task: {1DF4B60F-24A5-4406-A4C0-7B9E6D2D99B0} - System32\Tasks\AdobeAAMUpdater-1.0-Steve-applepieofdeath => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2011-06-17] (Adobe Systems Incorporated)
Task: {210E8F8C-DA2E-433D-BBC0-6D54B08F7588} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-2113719894-2314059281-1428513383-1001UA => C:\Users\applepieofdeath\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2016-11-05] (Dropbox, Inc.)
Task: {235D2121-4CFE-425E-B452-897CF0D47767} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {24EEF524-3725-45D9-8F11-7FAE048F76CE} - System32\Tasks\AupAvUpdate => C:\Program Files (x86)\Innovative Solutions\Advanced Uninstaller PRO\updAvTask.exe
Task: {263C1925-0090-43D5-85B6-DA9056407CEC} - System32\Tasks\AirSupport Update => C:\Program Files\Trend Micro\AirSupport\Update.exe [2016-08-16] (Trend Micro Inc.)
Task: {274960DE-9305-4781-B1DF-7F056A9D17D4} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\WINDOWS\ehome\ehrec.exe
Task: {2897F6CA-AEE6-4BE4-9B6A-8E788252D850} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {2B92D3E6-057B-423C-9A66-A31B7DC71E4A} - System32\Tasks\HPCustParticipation HP Officejet Pro 8600 => C:\Program Files\HP\HP Officejet Pro 8600\Bin\HPCustPartic.exe [2012-10-17] (Hewlett-Packard Co.)
Task: {2E29C6E0-1869-43E6-91BA-6B9D4F4E5F3C} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {32DC0DD4-8436-4A18-92A7-780EA5D56799} - System32\Tasks\{FCFF4CFB-56E4-4CE5-B36B-6152EB5956FA} => pcalua.exe -a D:\AUTORUN.EXE -d D:\
Task: {43A619BA-4440-4679-B415-066D462459AA} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {4689706A-A1E1-4123-92BA-2891D491F214} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {4D6598C8-39CE-4A1C-B6A3-EEA2252A6BF5} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {58283E7C-9E20-4EBC-8846-52C52697A074} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {5D25ED7C-CC29-4165-A025-36E4B40129EA} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2016-10-26] (NVIDIA Corporation)
Task: {62FFAAF8-F282-4801-A5CE-85C2897F10B5} - System32\Tasks\Health-Check => C:\Program Files (x86)\Innovative Solutions\Advanced Uninstaller PRO\healthcheck.exe
Task: {6B7D0D85-4A52-457C-8717-86E47EEBDC10} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker_ReadyToReboot
Task: {6C95A3DE-4B75-47F3-928D-F5E748A143B9} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {7B095F05-6781-421D-9429-71DBC3F5EBD3} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {823CD3C6-7C99-43CB-BE82-E1A97FE2D15E} - System32\Tasks\Health-Check-deep => C:\Program Files (x86)\Innovative Solutions\Advanced Uninstaller PRO\healthcheck.exe
Task: {871C735E-BD49-41EE-9FE2-C56924CB6E4E} - System32\Tasks\{1104FF1C-3590-4280-8B86-1FDFE2ACC6DA} => pcalua.exe -a C:\Users\applepieofdeath\Desktop\Dove-SetupEN.exe -d C:\Users\applepieofdeath\Desktop
Task: {8FEF0490-AE9B-4723-9E56-388177E0C92E} - System32\Tasks\UninstallMonitor => C:\Program Files (x86)\Innovative Solutions\Advanced Uninstaller PRO\Uninstaller.exe
Task: {9187740F-F2AB-4D17-BAF8-0145F91C653C} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {936C993A-8C2E-4158-ADE8-AAC2F6893CD6} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2016-10-26] (NVIDIA Corporation)
Task: {96F56A04-F885-484E-B205-AF348F62ECAC} - System32\Tasks\{7D848A2B-E91A-4237-90FA-3930A106125D} => pcalua.exe -a E:\autorun.exe -d E:\
Task: {987A5FF2-3DDA-4F47-B0A0-AD07B5A47B89} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2016-11-12] (Microsoft Corporation)
Task: {9AEA0982-B4F8-4E09-A45A-2735CD621999} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {9D9D6BC0-0C8E-4D2B-AFE4-3DDB8D7056A3} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe
Task: {A00E9D4D-EC00-40CF-9C8F-618DC60F2D8B} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2016-10-26] (NVIDIA Corporation)
Task: {A81749E5-7111-4C37-85D4-62CB23B0227C} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {A81A66AC-ED81-4AC1-A96A-3C11791DDE33} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2016-10-26] (NVIDIA Corporation)
Task: {AE98D39E-4B0D-4EA9-AD66-975672F31C60} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Policy Install
Task: {B9AA5E34-D2AD-44EA-B905-255F249B02B9} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {BA59BEC3-B84A-4B37-9DE1-5864168261B1} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker_Display
Task: {BDE4F238-C5D7-4ED2-9155-4AF68AD624FF} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {BE663AF5-3B7D-48FF-9640-5063893B388A} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe
Task: {C545F5EC-6C9A-436B-8AA6-589CE681F01F} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2016-10-26] (NVIDIA Corporation)
Task: {D0003D44-4B97-43D9-AA5F-8F772530B18C} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {D617CC88-95FE-478C-9B20-A41460080CB8} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-10-21] (Adobe Systems Incorporated)
Task: {D6DFC52C-19A1-4A4E-9B26-A345BFD02760} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {D703CD68-7D51-494C-BF8B-5313A814C179} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {DAB60C49-B7B5-4EB7-98BE-AB0B4A0BAB6E} - System32\Tasks\{271BB769-97B2-4B36-98AD-344767BCEB4C} => pcalua.exe -a C:\Users\applepieofdeath\Desktop\Dove-Setup.exe -d C:\Users\applepieofdeath\Desktop
Task: {DC12261B-5F9F-4204-9ACD-96B30464555D} - System32\Tasks\{44251283-B430-4A51-A924-D86A6E798D4C} => pcalua.exe -a D:\install.exe -d D:\
Task: {E3F36F8B-D994-4229-BB52-BD10A6C5621E} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-2113719894-2314059281-1428513383-1001Core => C:\Users\applepieofdeath\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2016-11-05] (Dropbox, Inc.)
Task: {EAFF623C-392D-4F82-91A6-06A495810828} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Resume On Boot
Task: {F200B6AE-7AD3-4DF7-B3EB-F1356CA5D011} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot
Task: {F57F40D4-B46F-4E83-97BE-61A22A7D3271} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe
Task: {F6A5C317-2326-4139-B8D3-0CB4F41BDAD2} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-2113719894-2314059281-1428513383-1001Core.job => C:\Users\applepieofdeath\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-2113719894-2314059281-1428513383-1001UA.job => C:\Users\applepieofdeath\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\Health-Check-deep.job => C:\Program Files (x86)\Innovative Solutions\Advanced Uninstaller PRO\healthcheck.exe
Task: C:\WINDOWS\Tasks\Health-Check.job => C:\Program Files (x86)\Innovative Solutions\Advanced Uninstaller PRO\healthcheck.exe
 
==================== Shortcuts =============================
 
(The entries could be listed to be restored or removed.)
 
==================== Loaded Modules (Whitelisted) ==============
 
2016-07-16 20:42 - 2016-07-16 20:42 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-09-30 19:42 - 2016-09-16 02:25 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-10-15 18:58 - 2015-03-31 20:08 - 00026408 _____ () C:\Program Files\Trend Micro\AMSP\boost_system-vc110-mt-1_57.dll
2016-10-15 18:58 - 2015-03-31 20:08 - 00058320 _____ () C:\Program Files\Trend Micro\AMSP\boost_date_time-vc110-mt-1_57.dll
2016-10-15 18:58 - 2015-03-31 20:09 - 00686608 _____ () C:\Program Files\Trend Micro\AMSP\sqlite3.dll
2016-10-15 18:58 - 2015-03-31 20:08 - 00110320 _____ () C:\Program Files\Trend Micro\AMSP\boost_thread-vc110-mt-1_57.dll
2016-10-15 18:58 - 2015-03-31 20:08 - 00036160 _____ () C:\Program Files\Trend Micro\AMSP\boost_chrono-vc110-mt-1_57.dll
2016-10-15 18:58 - 2015-03-31 20:09 - 01314920 _____ () C:\Program Files\Trend Micro\AMSP\libprotobuf.dll
2016-10-15 18:32 - 2016-07-25 02:40 - 00178416 _____ () C:\Program Files\Trend Micro\UniClient\plugins\LUADLL.dll
2016-10-15 19:01 - 2016-07-25 02:40 - 00089088 _____ () C:\Program Files\Trend Micro\Titanium\plugin\Pt\boost_thread-vc110-mt-1_52.dll
2016-10-15 19:01 - 2016-07-25 02:40 - 00018944 _____ () C:\Program Files\Trend Micro\Titanium\plugin\Pt\boost_system-vc110-mt-1_52.dll
2016-10-15 19:01 - 2016-07-25 02:40 - 00049664 _____ () C:\Program Files\Trend Micro\Titanium\plugin\Pt\boost_date_time-vc110-mt-1_52.dll
2016-10-15 19:01 - 2016-07-25 02:40 - 00761856 _____ () C:\Program Files\Trend Micro\Titanium\plugin\Pt\boost_regex-vc110-mt-1_52.dll
2016-09-01 18:12 - 2016-09-01 18:12 - 00092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2016-10-05 18:17 - 2016-10-05 18:17 - 01353528 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2016-11-03 19:56 - 2016-10-26 05:19 - 01147328 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
2016-11-03 19:56 - 2016-10-26 05:19 - 04489152 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\Poco.dll
2016-11-03 19:56 - 2016-10-26 05:19 - 00418752 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\plugins\LocalSystem\_nvspserviceplugin64.dll
2012-01-01 10:32 - 2013-01-05 12:07 - 00076888 _____ () C:\WINDOWS\SysWoW64\PnkBstrA.exe
2016-08-17 22:23 - 2016-11-11 07:38 - 00133056 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2016-09-30 19:42 - 2016-09-16 02:25 - 02681200 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll
2016-08-24 05:40 - 2016-08-24 05:40 - 01864384 _____ () C:\Users\applepieofdeath\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\amd64\ClientTelemetry.dll
2011-11-28 16:29 - 2011-11-26 05:59 - 00193536 _____ () C:\Program Files\WinRAR\rarext.dll
2016-09-22 04:36 - 2016-09-07 13:56 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2016-11-09 06:49 - 2016-11-02 19:30 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2016-11-09 06:48 - 2016-11-02 19:21 - 09760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-11-09 06:48 - 2016-11-02 19:15 - 01401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-11-09 06:49 - 2016-11-02 19:14 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2016-11-09 06:49 - 2016-11-02 19:15 - 01033216 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll
2016-11-09 06:49 - 2016-11-02 19:16 - 02424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-11-09 06:49 - 2016-11-02 19:17 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2011-04-22 00:12 - 2010-12-01 15:48 - 00028672 _____ () C:\Windows\SysWOW64\UMonit.exe
2016-11-24 06:00 - 2016-11-23 06:59 - 00022024 _____ () C:\Program Files (x86)\Origin\QtWebEngineProcess.exe
2016-11-17 18:45 - 2016-11-17 18:56 - 00072192 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.9.261.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2016-11-17 18:45 - 2016-11-17 18:55 - 00178688 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.9.261.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2016-11-17 18:45 - 2016-11-17 18:57 - 41609728 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.9.261.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2016-11-24 06:00 - 2016-11-23 06:58 - 02493440 _____ () C:\Program Files (x86)\Origin\libGLESv2.dll
2016-11-03 19:56 - 2016-10-26 05:19 - 00018880 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2016-08-24 05:40 - 2016-08-24 05:40 - 01383616 _____ () C:\Users\applepieofdeath\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\ClientTelemetry.dll
2016-08-24 05:40 - 2016-08-24 05:40 - 00118976 _____ () C:\Users\applepieofdeath\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\FileSyncViews.dll
2016-11-24 06:00 - 2016-11-23 06:58 - 00012288 _____ () C:\Program Files (x86)\Origin\libEGL.DLL
2015-12-21 19:15 - 2016-06-11 10:26 - 00266240 _____ () C:\Program Files (x86)\Origin\imageformats\qmng.dll
2011-04-22 00:12 - 2009-07-17 01:20 - 00032768 _____ () C:\Program Files (x86)\jmesoft\Keyhook.dll
2011-04-22 00:12 - 2008-01-01 02:27 - 00007168 _____ () C:\Program Files (x86)\jmesoft\VistaVolume.dll
2016-10-14 15:46 - 2016-10-11 01:29 - 00035792 _____ () C:\Users\applepieofdeath\AppData\Roaming\Dropbox\bin\_multiprocessing.pyd
2016-11-12 07:31 - 2016-10-11 01:29 - 00145864 _____ () C:\Users\applepieofdeath\AppData\Roaming\Dropbox\bin\pyexpat.pyd
2016-11-12 07:31 - 2016-10-11 01:29 - 00019408 _____ () C:\Users\applepieofdeath\AppData\Roaming\Dropbox\bin\faulthandler.pyd
2016-11-12 07:31 - 2016-10-11 01:29 - 00116688 _____ () C:\Users\applepieofdeath\AppData\Roaming\Dropbox\bin\pywintypes27.dll
2016-10-14 15:46 - 2016-10-11 01:29 - 00100296 _____ () C:\Users\applepieofdeath\AppData\Roaming\Dropbox\bin\_ctypes.pyd
2016-10-14 15:46 - 2016-10-11 01:29 - 00018888 _____ () C:\Users\applepieofdeath\AppData\Roaming\Dropbox\bin\select.pyd
2016-10-14 15:46 - 2016-11-08 07:59 - 00019760 _____ () C:\Users\applepieofdeath\AppData\Roaming\Dropbox\bin\tornado.speedups.pyd
2016-10-14 15:46 - 2016-10-11 01:29 - 00694224 _____ () C:\Users\applepieofdeath\AppData\Roaming\Dropbox\bin\unicodedata.pyd
2016-11-12 07:31 - 2016-11-08 07:58 - 00020816 _____ () C:\Users\applepieofdeath\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._constant_time.pyd
2016-10-14 15:46 - 2016-10-11 01:30 - 00123856 _____ () C:\Users\applepieofdeath\AppData\Roaming\Dropbox\bin\_cffi_backend.pyd
2016-11-12 07:31 - 2016-11-08 07:58 - 01682760 _____ () C:\Users\applepieofdeath\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._openssl.pyd
2016-11-12 07:31 - 2016-11-08 07:58 - 00020808 _____ () C:\Users\applepieofdeath\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._padding.pyd
2016-10-14 15:46 - 2016-10-11 01:31 - 00105928 _____ () C:\Users\applepieofdeath\AppData\Roaming\Dropbox\bin\win32api.pyd
2016-10-14 15:46 - 2016-11-08 07:59 - 00021312 _____ () C:\Users\applepieofdeath\AppData\Roaming\Dropbox\bin\winffi.crt.compiled._winffi_crt.pyd
2016-11-12 07:31 - 2016-11-08 07:59 - 00052024 _____ () C:\Users\applepieofdeath\AppData\Roaming\Dropbox\bin\psutil._psutil_windows.pyd
2016-11-12 07:31 - 2016-11-08 07:59 - 00038696 _____ () C:\Users\applepieofdeath\AppData\Roaming\Dropbox\bin\fastpath.pyd
2016-11-12 07:31 - 2016-10-11 01:29 - 00392144 _____ () C:\Users\applepieofdeath\AppData\Roaming\Dropbox\bin\pythoncom27.dll
2016-11-12 07:31 - 2016-10-11 01:31 - 00020936 _____ () C:\Users\applepieofdeath\AppData\Roaming\Dropbox\bin\mmapfile.pyd
2016-10-14 15:46 - 2016-10-11 01:31 - 00024528 _____ () C:\Users\applepieofdeath\AppData\Roaming\Dropbox\bin\win32event.pyd
2016-10-14 15:46 - 2016-10-11 01:31 - 00116176 _____ () C:\Users\applepieofdeath\AppData\Roaming\Dropbox\bin\win32security.pyd
2016-10-14 15:46 - 2016-11-08 07:59 - 00381752 _____ () C:\Users\applepieofdeath\AppData\Roaming\Dropbox\bin\win32com.shell.shell.pyd
2016-10-14 15:46 - 2016-10-11 01:31 - 00124880 _____ () C:\Users\applepieofdeath\AppData\Roaming\Dropbox\bin\win32file.pyd
2016-10-14 15:46 - 2016-11-08 07:59 - 00025424 _____ () C:\Users\applepieofdeath\AppData\Roaming\Dropbox\bin\winffi.kernel32.compiled._winffi_kernel32.pyd
2016-10-14 15:46 - 2016-10-11 01:31 - 00024016 _____ () C:\Users\applepieofdeath\AppData\Roaming\Dropbox\bin\win32clipboard.pyd
2016-10-14 15:46 - 2016-10-11 01:31 - 00175560 _____ () C:\Users\applepieofdeath\AppData\Roaming\Dropbox\bin\win32gui.pyd
2016-10-14 15:46 - 2016-10-11 01:31 - 00030160 _____ () C:\Users\applepieofdeath\AppData\Roaming\Dropbox\bin\win32pipe.pyd
2016-10-14 15:46 - 2016-10-11 01:31 - 00043472 _____ () C:\Users\applepieofdeath\AppData\Roaming\Dropbox\bin\win32process.pyd
2016-10-14 15:46 - 2016-10-11 01:31 - 00048592 _____ () C:\Users\applepieofdeath\AppData\Roaming\Dropbox\bin\win32service.pyd
2016-10-14 15:46 - 2016-10-11 01:31 - 00057808 _____ () C:\Users\applepieofdeath\AppData\Roaming\Dropbox\bin\win32evtlog.pyd
2016-10-14 15:46 - 2016-10-11 01:31 - 00024016 _____ () C:\Users\applepieofdeath\AppData\Roaming\Dropbox\bin\win32profile.pyd
2016-11-12 07:31 - 2016-11-08 07:58 - 00246592 _____ () C:\Users\applepieofdeath\AppData\Roaming\Dropbox\bin\breakpad.client.windows.handler.pyd
2016-11-12 07:31 - 2016-11-08 07:59 - 00026456 _____ () C:\Users\applepieofdeath\AppData\Roaming\Dropbox\bin\dropbox.infinite.win.compiled._driverinstallation.pyd
2016-10-14 15:46 - 2016-10-11 01:30 - 00241104 _____ () C:\Users\applepieofdeath\AppData\Roaming\Dropbox\bin\_jpegtran.pyd
2016-11-12 07:31 - 2016-11-08 07:58 - 00020280 _____ () C:\Users\applepieofdeath\AppData\Roaming\Dropbox\bin\cpuid.compiled._cpuid.pyd
2016-10-14 15:46 - 2016-10-11 01:31 - 00028616 _____ () C:\Users\applepieofdeath\AppData\Roaming\Dropbox\bin\win32ts.pyd
2016-10-14 15:46 - 2016-11-08 07:59 - 00023376 _____ () C:\Users\applepieofdeath\AppData\Roaming\Dropbox\bin\winscreenshot.compiled._CaptureScreenshot.pyd
2016-10-14 15:46 - 2016-11-08 07:59 - 00020800 _____ () C:\Users\applepieofdeath\AppData\Roaming\Dropbox\bin\winffi.iphlpapi._winffi_iphlpapi.pyd
2016-10-14 15:46 - 2016-11-08 07:59 - 00019776 _____ () C:\Users\applepieofdeath\AppData\Roaming\Dropbox\bin\winffi.winerror._winffi_winerror.pyd
2016-10-14 15:46 - 2016-11-08 07:59 - 00020800 _____ () C:\Users\applepieofdeath\AppData\Roaming\Dropbox\bin\winffi.wininet._winffi_wininet.pyd
2016-10-14 15:46 - 2016-10-11 01:31 - 00350152 _____ () C:\Users\applepieofdeath\AppData\Roaming\Dropbox\bin\winxpgui.pyd
2016-10-14 15:46 - 2016-11-08 07:59 - 00022352 _____ () C:\Users\applepieofdeath\AppData\Roaming\Dropbox\bin\winverifysignature.compiled._VerifySignature.pyd
2016-11-12 07:31 - 2016-11-08 07:59 - 00024392 _____ () C:\Users\applepieofdeath\AppData\Roaming\Dropbox\bin\librsyncffi.compiled._librsyncffi.pyd
2016-11-12 07:31 - 2016-10-11 01:27 - 00036296 _____ () C:\Users\applepieofdeath\AppData\Roaming\Dropbox\bin\librsync.dll
2016-11-12 07:31 - 2016-11-08 07:59 - 00031568 _____ () C:\Users\applepieofdeath\AppData\Roaming\Dropbox\bin\enterprise_data.compiled._enterprise_data.pyd
2016-11-12 07:31 - 2016-11-08 07:49 - 00293392 _____ () C:\Users\applepieofdeath\AppData\Roaming\Dropbox\bin\EnterpriseDataAdapter.dll
2016-11-12 07:31 - 2016-11-08 07:59 - 00084280 _____ () C:\Users\applepieofdeath\AppData\Roaming\Dropbox\bin\dropbox_sqlite_ext.DLL
2016-11-12 07:31 - 2016-11-08 07:59 - 01826096 _____ () C:\Users\applepieofdeath\AppData\Roaming\Dropbox\bin\PyQt5.QtCore.pyd
2016-10-14 15:46 - 2016-10-11 01:29 - 00083912 _____ () C:\Users\applepieofdeath\AppData\Roaming\Dropbox\bin\sip.pyd
2016-11-12 07:31 - 2016-11-08 07:59 - 00531248 _____ () C:\Users\applepieofdeath\AppData\Roaming\Dropbox\bin\PyQt5.QtNetwork.pyd
2016-11-12 07:31 - 2016-11-08 07:59 - 03928880 _____ () C:\Users\applepieofdeath\AppData\Roaming\Dropbox\bin\PyQt5.QtWidgets.pyd
2016-11-12 07:31 - 2016-11-08 07:59 - 01972528 _____ () C:\Users\applepieofdeath\AppData\Roaming\Dropbox\bin\PyQt5.QtGui.pyd
2016-11-12 07:31 - 2016-11-08 07:59 - 00133424 _____ () C:\Users\applepieofdeath\AppData\Roaming\Dropbox\bin\PyQt5.QtWebKit.pyd
2016-11-12 07:31 - 2016-11-08 07:59 - 00224056 _____ () C:\Users\applepieofdeath\AppData\Roaming\Dropbox\bin\PyQt5.QtWebKitWidgets.pyd
2016-11-12 07:31 - 2016-11-08 07:59 - 00207672 _____ () C:\Users\applepieofdeath\AppData\Roaming\Dropbox\bin\PyQt5.QtPrintSupport.pyd
2016-10-14 15:46 - 2016-11-08 07:59 - 00020288 _____ () C:\Users\applepieofdeath\AppData\Roaming\Dropbox\bin\winffi.user32._winffi_user32.pyd
2016-11-12 07:31 - 2016-10-11 01:33 - 00017864 _____ () C:\Users\applepieofdeath\AppData\Roaming\Dropbox\bin\libEGL.dll
2016-11-12 07:31 - 2016-10-11 01:34 - 01631184 _____ () C:\Users\applepieofdeath\AppData\Roaming\Dropbox\bin\libGLESv2.dll
2016-11-12 07:31 - 2016-11-08 07:59 - 00042808 _____ () C:\Users\applepieofdeath\AppData\Roaming\Dropbox\bin\PyQt5.QtWebChannel.pyd
2016-11-12 07:31 - 2016-11-08 07:59 - 00168760 _____ () C:\Users\applepieofdeath\AppData\Roaming\Dropbox\bin\PyQt5.QtWebEngineWidgets.pyd
2016-11-12 07:31 - 2016-11-08 07:59 - 00357680 _____ () C:\Users\applepieofdeath\AppData\Roaming\Dropbox\bin\PyQt5.QtQml.pyd
2016-10-14 15:46 - 2016-10-11 01:31 - 00060880 _____ () C:\Users\applepieofdeath\AppData\Roaming\Dropbox\bin\win32print.pyd
2016-10-14 15:46 - 2016-11-08 07:59 - 00037192 _____ () C:\Users\applepieofdeath\AppData\Roaming\Dropbox\bin\windisplaytoast.compiled._DisplayToast.pyd
2016-10-14 15:46 - 2016-11-08 07:59 - 00024904 _____ () C:\Users\applepieofdeath\AppData\Roaming\Dropbox\bin\winffi.winhttp.compiled._winffi_winhttp.pyd
2016-11-12 07:31 - 2016-11-08 07:59 - 00546096 _____ () C:\Users\applepieofdeath\AppData\Roaming\Dropbox\bin\PyQt5.QtQuick.pyd
2011-04-22 00:17 - 2008-12-31 03:09 - 02088960 _____ () C:\Program Files\Lenovo\Power Dial\LitModeSwitchRes.dll
2009-12-05 08:59 - 2009-12-05 08:59 - 00619816 _____ () C:\Program Files (x86)\Lenovo\Power2Go\CLMediaLibrary.dll
2009-12-05 09:04 - 2009-12-05 09:04 - 00013096 _____ () C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvcPS.dll
2016-11-03 19:56 - 2016-10-26 04:57 - 00506424 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvSpCapsAPINode.node
2016-11-03 19:56 - 2016-10-26 04:57 - 00255936 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\DriverInstall.node
2016-11-03 19:56 - 2016-10-26 04:57 - 02808256 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\Downloader.node
2016-11-03 19:56 - 2016-10-26 05:19 - 00900032 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll
2016-11-03 19:56 - 2016-10-26 05:19 - 03774400 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\Poco.dll
2016-11-03 19:56 - 2016-10-26 04:57 - 00246840 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvGameShareAPINode.node
2016-11-03 19:56 - 2016-10-26 04:57 - 00436792 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvGalleryAPINode.node
2016-11-03 19:56 - 2016-10-26 04:57 - 00338488 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVAccountAPINode.node
2016-11-03 19:56 - 2016-10-26 04:57 - 00968248 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvCameraAPINode.node
 
==================== Alternate Data Streams (Whitelisted) =========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 
AlternateDataStreams: C:\ProgramData\Temp:5C321E34 [105]
 
==================== Safe Mode (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
 
==================== Association (Whitelisted) ===============
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
 
 
==================== Internet Explorer trusted/restricted ===============
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com
IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com
IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com
IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com
IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com
IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com
IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com
IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com
 
There are 7914 more sites.
 
IE trusted site: HKU\S-1-5-21-2113719894-2314059281-1428513383-1001\...\amazon.com -> hxxps://amazon.com
IE restricted site: HKU\S-1-5-21-2113719894-2314059281-1428513383-1001\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-2113719894-2314059281-1428513383-1001\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-2113719894-2314059281-1428513383-1001\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-2113719894-2314059281-1428513383-1001\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-2113719894-2314059281-1428513383-1001\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-2113719894-2314059281-1428513383-1001\...\0190-dialers.com -> 0190-dialers.com
IE restricted site: HKU\S-1-5-21-2113719894-2314059281-1428513383-1001\...\01i.info -> 01i.info
IE restricted site: HKU\S-1-5-21-2113719894-2314059281-1428513383-1001\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
IE restricted site: HKU\S-1-5-21-2113719894-2314059281-1428513383-1001\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-2113719894-2314059281-1428513383-1001\...\0411dd.com -> 0411dd.com
IE restricted site: HKU\S-1-5-21-2113719894-2314059281-1428513383-1001\...\0511zfhl.com -> 0511zfhl.com
IE restricted site: HKU\S-1-5-21-2113719894-2314059281-1428513383-1001\...\05p.com -> 05p.com
IE restricted site: HKU\S-1-5-21-2113719894-2314059281-1428513383-1001\...\0632qyw.com -> 0632qyw.com
IE restricted site: HKU\S-1-5-21-2113719894-2314059281-1428513383-1001\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
IE restricted site: HKU\S-1-5-21-2113719894-2314059281-1428513383-1001\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
IE restricted site: HKU\S-1-5-21-2113719894-2314059281-1428513383-1001\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
IE restricted site: HKU\S-1-5-21-2113719894-2314059281-1428513383-1001\...\0calories.net -> 0calories.net
IE restricted site: HKU\S-1-5-21-2113719894-2314059281-1428513383-1001\...\0cj.net -> 0cj.net
IE restricted site: HKU\S-1-5-21-2113719894-2314059281-1428513383-1001\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-2113719894-2314059281-1428513383-1001\...\1-2005-search.com -> www.1-2005-search.com
 
There are 12731 more sites.
 
 
==================== Hosts content: ===============================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2009-07-14 11:34 - 2016-10-15 21:32 - 00001048 ____A C:\WINDOWS\system32\Drivers\etc\hosts
 
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-2113719894-2314059281-1428513383-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\applepieofdeath\Documents\Willy\davie background 2\davie background 2 copy.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 1) (EnableLUA: 1)
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
 
==================== FirewallRules (Whitelisted) ===============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [MSMQ-In-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-In-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [WCF-NetTcpActivator-In-TCP-64bit] => (Allow) LPort=808
FirewallRules: [{8F029138-3CC4-4FC1-BAFC-90D9394A13BC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Battlestations Pacific\battlestationspacific.exe
FirewallRules: [{F5212C9C-8ED1-4C25-8557-F84CBA719E78}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Battlestations Pacific\battlestationspacific.exe
FirewallRules: [{A7D49F4E-7210-481C-8C98-54A2A1621EC8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Borderlands\Binaries\Borderlands.exe
FirewallRules: [{B0BFD9D4-F0AA-4D64-9BE4-8690CBAB0D4A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Borderlands\Binaries\Borderlands.exe
FirewallRules: [{06EE5C62-C6ED-4E72-9806-27D5183571D6}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{B0737A36-A776-4036-9E97-93A861913CF2}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{BE424F62-02D4-4FBF-A048-7D9C20B5BF2F}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{016A8C71-64CB-49CD-B188-64E2D3CF4004}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{DC7D9E6A-E627-4DA0-8806-FECC6168D22E}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{C870D663-1676-4304-AC5F-BB2883750761}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{92B5D44A-3057-4E2C-8744-17D31221B2CD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Angry Video Game Nerd II ASSimilation\AVGN2.exe
FirewallRules: [{A89520AA-3C90-4F9B-B2E2-1DAAC7E65FBD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Angry Video Game Nerd II ASSimilation\AVGN2.exe
FirewallRules: [{D5F72C14-62F9-4911-840A-3287EF3FA1CE}] => (Allow) C:\Program Files (x86)\Origin Games\STAR WARS Battlefront\starwarsbattlefront.exe
FirewallRules: [{3CC1DB96-95F0-4FBB-B774-8CF021491FE1}] => (Allow) C:\Program Files (x86)\Origin Games\STAR WARS Battlefront\starwarsbattlefront.exe
FirewallRules: [{FF5943F2-0FB2-4154-8E4F-487B819E7D14}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Angry Video Game Nerd Adventures\avgn.exe
FirewallRules: [{1927E02D-1242-4793-A121-894169FE01CC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Angry Video Game Nerd Adventures\avgn.exe
FirewallRules: [{4156DA66-24D6-4B9A-A4AA-B57B6CFEA751}] => (Allow) C:\Games\World_of_Tanks\worldoftanks.exe
FirewallRules: [{935DB4C1-9AA0-45CD-8B36-E5EC49F0D2F5}] => (Allow) C:\Games\World_of_Tanks\worldoftanks.exe
FirewallRules: [{A1DF83DD-2315-4D90-BC6B-EFB78F325F30}] => (Allow) C:\Games\World_of_Tanks\WoTLauncher.exe
FirewallRules: [{C43774A1-0B2C-4E73-95C1-B062127A31C1}] => (Allow) C:\Games\World_of_Tanks\WoTLauncher.exe
FirewallRules: [{729D0759-0A59-4EEE-9D54-3EBC55B3D0DD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Raptor Call of The Shadows - 2015 Edition\Raptor.exe
FirewallRules: [{B9753936-2810-4D17-AEF3-3237F58C4CDC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Raptor Call of The Shadows - 2015 Edition\Raptor.exe
FirewallRules: [{78BFA9BB-4F11-4CF7-A2DC-9A408A4A73ED}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Fallout 4\Fallout4Launcher.exe
FirewallRules: [{96B81404-810C-4265-A10C-5990D0650FDB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Fallout 4\Fallout4Launcher.exe
FirewallRules: [{807F6668-9CC3-464F-9550-92D33DCA940A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\This War of Mine\Storyteller.exe
FirewallRules: [{A55044ED-641F-46BE-9EB5-84940329D11D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\This War of Mine\Storyteller.exe
FirewallRules: [{7AF5CB81-D5E4-46B4-B41E-A92523D5D44D}] => (Allow) C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe
FirewallRules: [{ACE60D55-B1AF-4199-A6D7-A2B9E6995F9D}] => (Allow) C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe
FirewallRules: [{E7E7BCDE-CC3F-4DD0-9592-68BE38B9AF65}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{000E0C55-0EA0-4118-95DB-D3F154099464}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [TCP Query User{B482B830-369E-41BE-90F2-7D2B8EE186B5}C:\program files (x86)\steam\steamapps\applepieofdeath\team fortress 2\hl2.exe] => (Allow) C:\program files (x86)\steam\steamapps\applepieofdeath\team fortress 2\hl2.exe
FirewallRules: [UDP Query User{5AB11E64-D31E-4C36-B0EF-147B5525ECEA}C:\program files (x86)\steam\steamapps\applepieofdeath\team fortress 2\hl2.exe] => (Allow) C:\program files (x86)\steam\steamapps\applepieofdeath\team fortress 2\hl2.exe
FirewallRules: [TCP Query User{6505F702-E4BC-46D3-B5FF-575827CEAF34}C:\program files (x86)\steam\steam.exe] => (Allow) C:\program files (x86)\steam\steam.exe
FirewallRules: [UDP Query User{9E212D31-0202-488D-8EEE-31B3DE3A2360}C:\program files (x86)\steam\steam.exe] => (Allow) C:\program files (x86)\steam\steam.exe
FirewallRules: [{E97DA85C-E654-4536-9D54-AA63961737EF}] => (Allow) LPort=49521
FirewallRules: [{384CB70B-3AC7-46A8-A98D-42A8D93E2892}] => (Allow) LPort=5000
FirewallRules: [{40622B6C-4640-4201-B1F4-35E43EC7A371}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{2C62F97C-736D-4E01-A78F-43F4B90C4AD6}] => (Allow) LPort=2869
FirewallRules: [{69C37649-E8A9-400E-850E-754700274E75}] => (Allow) LPort=1900
FirewallRules: [TCP Query User{80D14186-5FF9-4BEC-AA9F-09610A1014DB}C:\users\applepieofdeath\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\applepieofdeath\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{FAC4AF1D-EE97-4E65-9681-648C33EABACC}C:\users\applepieofdeath\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\applepieofdeath\appdata\local\akamai\netsession_win.exe
FirewallRules: [TCP Query User{2FB7C1DA-7734-4B73-880B-C609EA12310D}C:\users\applepieofdeath\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\applepieofdeath\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{1584C538-32DF-4D06-B4CA-07954DAB0211}C:\users\applepieofdeath\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\applepieofdeath\appdata\local\akamai\netsession_win.exe
FirewallRules: [{98F99B21-34AB-4CEF-972F-D1C28CC45EDC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Assassins Creed Brotherhood\ACBSP.exe
FirewallRules: [{6E9F9AB5-A611-412A-BC2E-F284F9B8880D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Assassins Creed Brotherhood\ACBSP.exe
FirewallRules: [{B78B7D92-2ADE-469E-BDAF-89DA977BE44B}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe
FirewallRules: [{05606076-1076-4CC1-9D66-5D469F52C2AC}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe
FirewallRules: [TCP Query User{E839E725-6F3D-4304-8BF0-614DEDE40957}C:\program files (x86)\steam\steamapps\common\assassins creed brotherhood\acbmp.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\assassins creed brotherhood\acbmp.exe
FirewallRules: [UDP Query User{D171A58B-A6E3-4EAC-920D-93048566A655}C:\program files (x86)\steam\steamapps\common\assassins creed brotherhood\acbmp.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\assassins creed brotherhood\acbmp.exe
FirewallRules: [TCP Query User{2116E182-5369-46AA-9122-F85131F21A92}C:\program files (x86)\steam\steamapps\common\assassin's creed revelations\acrpr.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\assassin's creed revelations\acrpr.exe
FirewallRules: [UDP Query User{11B62CEC-18D2-4FC3-9C55-52CF0C39E956}C:\program files (x86)\steam\steamapps\common\assassin's creed revelations\acrpr.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\assassin's creed revelations\acrpr.exe
FirewallRules: [TCP Query User{DBE15F2A-73D3-4C40-A5E8-9E13BA722FAF}C:\program files (x86)\steam\steamapps\common\assassin's creed revelations\acrmp.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\assassin's creed revelations\acrmp.exe
FirewallRules: [UDP Query User{B4D6A099-4C5E-4CD4-8EEA-704604427AA6}C:\program files (x86)\steam\steamapps\common\assassin's creed revelations\acrmp.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\assassin's creed revelations\acrmp.exe
FirewallRules: [{5C0032D1-1C9D-4566-A9E0-897016D65437}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\spore\runme.exe
FirewallRules: [{949D4E8B-693F-4118-B190-B08F9C61B4E5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\spore\runme.exe
FirewallRules: [{F1646254-E64D-47DE-888D-7C02D27140BE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\spore\SporebinEP1\SporeApp.exe
FirewallRules: [{CCA4CC86-E340-4512-9465-31A5E475F187}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\spore\SporebinEP1\SporeApp.exe
FirewallRules: [{EDE04E4B-AB78-4221-A7D3-BF37445B634C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\spore\Support\EA Help\Electronic_Arts_Technical_Support.htm
FirewallRules: [{BCC72B0F-72C5-407F-B314-226AF6A939F6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\spore\Support\EA Help\Electronic_Arts_Technical_Support.htm
FirewallRules: [{325E6271-EC69-4C4B-99E3-356A3E07468D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\assassin's creed revelations\ACRSP.exe
FirewallRules: [{0B5FFBCB-D75F-4A2B-AE7A-DD0E88EFF98E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\assassin's creed revelations\ACRSP.exe
FirewallRules: [{6AF97515-5101-44DE-BE0D-0FD506C82228}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\assassin's creed 2\AssassinsCreedIIGame.exe
FirewallRules: [{24C8EAAE-0680-41CC-8C2B-0C9307447135}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\assassin's creed 2\AssassinsCreedIIGame.exe
FirewallRules: [TCP Query User{7CFCFF45-9251-4D8E-80B3-3A56D04A8592}C:\program files (x86)\utorrent\utorrent.exe] => (Allow) C:\program files (x86)\utorrent\utorrent.exe
FirewallRules: [UDP Query User{59A245A5-7D1F-4B5B-870A-70A9498F9FFE}C:\program files (x86)\utorrent\utorrent.exe] => (Allow) C:\program files (x86)\utorrent\utorrent.exe
FirewallRules: [{DA61ACD4-6C55-4791-8BF0-7708A4D770D4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Assassins Creed\AssassinsCreed_Game.exe
FirewallRules: [{C8143FB0-FC24-4986-93DA-980082A66493}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Assassins Creed\AssassinsCreed_Game.exe
FirewallRules: [{8907E779-9469-4310-84A8-EEDB7AFAB38A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Fallout 3 goty\FalloutLauncher.exe
FirewallRules: [{9FDFE7F8-B04B-4670-B48C-99C9785634A7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Fallout 3 goty\FalloutLauncher.exe
FirewallRules: [{A8449188-33DB-4B20-BEB0-DD0767552B07}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\total war shogun 2\TEd.exe
FirewallRules: [{FE866327-8B68-4E66-A8CD-3FD8EAB5E5E5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\total war shogun 2\TEd.exe
FirewallRules: [{9CB13552-1019-4E95-AAA3-689BDD5A4D81}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\empire total war\Empire.exe
FirewallRules: [{AABDCCCD-AFAF-4561-B2CD-225408B2A477}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\empire total war\Empire.exe
FirewallRules: [{D5824DBD-7E85-4C7A-9595-1D310709CB7F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Assassin's Creed 3\AC3MP.exe
FirewallRules: [{CE58A088-9AAF-427C-8A2F-D785E8F9D199}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Assassin's Creed 3\AC3MP.exe
FirewallRules: [{A78593DF-2E28-4F14-8E32-CF62514C95E3}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{411C8696-F7AF-4457-B1CF-01AC795F2023}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{07280DF3-895B-4623-B599-891876EFFB13}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{47FCC2C0-9BBE-4B72-BD6B-AC2ACDD38433}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{4880A522-0CA4-414F-8484-7DE3A4523AEC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\left 4 dead\left4dead.exe
FirewallRules: [{A921D34A-F7F8-4D02-B3AE-65E30D2DD997}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\left 4 dead\left4dead.exe
FirewallRules: [{9A24DDEF-75AA-44FC-99E4-94FCA5C90DEE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\fallout new vegas\FalloutNVLauncher.exe
FirewallRules: [{040326D7-4982-421F-8290-4A2C13892746}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\fallout new vegas\FalloutNVLauncher.exe
FirewallRules: [{2BD158FE-9EBF-4A86-B07E-1521C6113A5D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Star Wars Battlefront II\GameData\BattlefrontII.exe
FirewallRules: [{AFA5782E-3D5C-4EC5-A589-BD42026E7555}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Star Wars Battlefront II\GameData\BattlefrontII.exe
FirewallRules: [{244A6192-F545-443B-BFE1-E41CCF37C3CD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\applepieofdeath\half-life\hl.exe
FirewallRules: [{BBBC63A1-D25F-4F29-A750-548563BB91D5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\applepieofdeath\half-life\hl.exe
FirewallRules: [{C22548FC-E69A-4641-86DD-9FBC35CDD55F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\poker night at the inventory\CelebrityPoker.exe
FirewallRules: [{94FF0CF1-7ACF-452E-815B-24FA5294F256}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\poker night at the inventory\CelebrityPoker.exe
FirewallRules: [{0426FB2E-00E7-4C5E-9EF8-0838DA2289C6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Poker Night 2\PokerNight2.exe
FirewallRules: [{E51EE38C-7701-4871-B631-8A94AD0AB118}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Poker Night 2\PokerNight2.exe
FirewallRules: [{8B3E83D1-0FEE-4364-8CD9-C0AE13FDCDC7}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8600\bin\FaxApplications.exe
FirewallRules: [{48BD901E-BE99-452E-9520-D3FD080FF552}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8600\bin\DigitalWizards.exe
FirewallRules: [{E7947011-B880-4128-BED3-162BA2519ECE}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8600\bin\SendAFax.exe
FirewallRules: [{0CEA8E35-87E9-4FF9-86A7-A468D975A420}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8600\Bin\DeviceSetup.exe
FirewallRules: [{9F686860-4D4A-4582-B039-ADC6885FAF9C}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8600\Bin\HPNetworkCommunicator.exe
FirewallRules: [{54785CAC-67FA-4FA4-80CA-02A282A807FB}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8600\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [{CF60847A-E028-425F-8F35-045DD5116BEF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Assassin's Creed 3\AC3SP.exe
FirewallRules: [{5E74117F-7F1F-4EC8-9DB2-84AEB4E062B9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Assassin's Creed 3\AC3SP.exe
FirewallRules: [{5232F903-2FE0-4F71-B87E-F853072FCFDF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\total war shogun 2\Shogun2.exe
FirewallRules: [{82A776DB-D0AB-4AB9-86C8-863CE774D826}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\total war shogun 2\Shogun2.exe
FirewallRules: [{BD969C18-CE8A-48FE-A38F-EC657A13812E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\total war shogun 2\data\encyclopedia\how_to_play.html
FirewallRules: [{FF5ABDF3-5E70-4C08-97A6-611C950AFC3C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\total war shogun 2\data\encyclopedia\how_to_play.html
FirewallRules: [{0B9CD1D8-C739-44D1-953E-BB0493D4EE0C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\total war shogun 2\benchmarks\benchmark_current_settings.bat
FirewallRules: [{2EA1EF45-163A-4A17-9C70-BC988D06AB32}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\total war shogun 2\benchmarks\benchmark_current_settings.bat
FirewallRules: [{EA0D461E-2D95-49C3-B288-01738B9EDD84}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\total war shogun 2\benchmarks\benchmark_specify_properties.bat
FirewallRules: [{FFDA58DA-6E8D-4DBC-8E07-868F14766AFC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\total war shogun 2\benchmarks\benchmark_specify_properties.bat
FirewallRules: [{D29CEAAE-5371-4825-B5EB-18F0E69734E3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\portal 2\portal2.exe
FirewallRules: [{353FE8EE-FCF2-4009-9602-3D8F9E579667}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\portal 2\portal2.exe
FirewallRules: [{881BD9FA-4E62-4A67-9A41-3E94D669A4ED}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Star Wars The Force Unleashed\SWTFU Launcher.exe
FirewallRules: [{7CA4AA53-D6B3-44D0-845D-7875B3A2B4A4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Star Wars The Force Unleashed\SWTFU Launcher.exe
FirewallRules: [{91C26EE2-4ED9-4402-87CD-43F449950039}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Bioshock\Builds\Release\Bioshock.exe
FirewallRules: [{78592B0E-3C60-4DAA-9C5F-4653C1A3BAA4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Bioshock\Builds\Release\Bioshock.exe
FirewallRules: [{64C1F3AE-CE5F-4E9A-9BE9-E05E6E7BC552}] => (Allow) C:\Program Files (x86)\Naver\LINE\Line.exe
FirewallRules: [{2F07C252-83F5-4A69-ADE0-AB9FFECC1637}] => (Allow) C:\Program Files (x86)\Naver\LINE\Line.exe
FirewallRules: [{9C0F38DB-C121-44A1-8E6C-3CDA71DE9F73}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\medieval ii total war\Launcher.exe
FirewallRules: [{A48A8D14-443D-4519-9720-0A4AD1A66703}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\medieval ii total war\Launcher.exe
FirewallRules: [{536F8C7B-C9F2-4E9C-A6EC-CF0044718236}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Half-Life 2 Deathmatch\hl2.exe
FirewallRules: [{795B82AC-8E84-452B-9BD0-60EE04ACC717}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Half-Life 2 Deathmatch\hl2.exe
FirewallRules: [{91E789B2-DDD9-4928-BD81-07501B76876A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Surgeon Simulator 2013\ss2013.exe
FirewallRules: [{9A3DC588-2570-4A8C-8404-971186D02C83}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Surgeon Simulator 2013\ss2013.exe
FirewallRules: [{F9AB4E66-9A76-4FE8-A817-9E01F71DDA15}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Team Fortress 2\hl2.exe
FirewallRules: [{5CC32445-C0A3-4CDD-B1F0-933704A21F84}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Team Fortress 2\hl2.exe
FirewallRules: [{201C4933-0F7B-4D81-BCE0-BA1DE3E471C5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Half-Life 2\hl2.exe
FirewallRules: [{6AD26DE1-D969-49F4-BCFC-CD9711A85F64}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Half-Life 2\hl2.exe
FirewallRules: [{847B3F0D-FD89-4C03-B152-72457E1E383D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Half-Life 2\hl2.exe
FirewallRules: [{10085948-6EB6-40BE-A16B-D5C9E36FD057}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Half-Life 2\hl2.exe
FirewallRules: [{51B19CA6-003F-4B97-A625-9B4F9C009078}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Team Fortress 2\hl2.exe
FirewallRules: [{098313FE-69DA-4FE2-96B0-1C6B13814357}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Team Fortress 2\hl2.exe
FirewallRules: [{DD1F063F-863A-42DE-ABB6-D9965C4B4500}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\left 4 dead 2\left4dead2.exe
FirewallRules: [{50A45027-8F37-4961-BEF4-C527C13E18EC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\left 4 dead 2\left4dead2.exe
FirewallRules: [{EA2C935A-185D-42A2-8086-A87D5D00C1BA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Half-Life\hl.exe
FirewallRules: [{629201C2-416F-48DE-A96E-43889E50B32D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Half-Life\hl.exe
FirewallRules: [{7B35214C-192A-4B71-ACCB-124088EFE056}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Team Fortress 2\hl2.exe
FirewallRules: [{AAF9F2B4-DB62-4E53-954C-9E2A72FE72C1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Team Fortress 2\hl2.exe
FirewallRules: [{61641A89-D299-4CA2-9102-70698CFB6482}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Team Fortress 2\hl2.exe
FirewallRules: [{2A48EFB9-3B64-42A0-910D-366E31F5AE48}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Team Fortress 2\hl2.exe
FirewallRules: [{A95721DD-179E-4CED-BD6B-E9E43FF0250A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\left 4 dead 2\left4dead2.exe
FirewallRules: [{4D7281EB-C359-4B94-8115-E9E04C19A664}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\left 4 dead 2\left4dead2.exe
FirewallRules: [{399C2D44-4FE2-4ED8-AE43-1E7CFB8DB829}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\left 4 dead 2\left4dead2.exe
FirewallRules: [{FBF59FB4-E75B-4CC8-B0A4-7CE8A229B422}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\left 4 dead 2\left4dead2.exe
FirewallRules: [{CCF49D1D-5180-466B-8725-677AFF6EFB54}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Half-Life 1 Source Deathmatch\hl2.exe
FirewallRules: [{2BDB0176-81B8-4E87-B349-A6D5628084C3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Half-Life 1 Source Deathmatch\hl2.exe
FirewallRules: [{CBE1040C-033B-4C13-B566-DAE4DA9FBA6F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Portal\hl2.exe
FirewallRules: [{FC8A3711-3758-461F-ABE6-0155394CA87D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Portal\hl2.exe
FirewallRules: [{E84EE170-9BA4-4BA6-A57C-85420EE5A6AF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\World of Goo\WorldOfGoo.exe
FirewallRules: [{4119BA49-3EA7-4AFE-BC22-DE6FE085E284}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\World of Goo\WorldOfGoo.exe
FirewallRules: [{CC6BCF2D-0A22-4B0E-99BD-DF2D5A4921DF}] => (Allow) C:\Users\applepieofdeath\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{E3AB33AF-0EBC-4440-94EC-DDCD040D1D0F}] => (Allow) C:\Users\applepieofdeath\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{FA534C55-1366-459E-B76B-F4258E048C69}] => (Allow) C:\Users\applepieofdeath\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{8E12ABDA-6947-4A16-817A-2F372A01922F}] => (Allow) C:\Users\applepieofdeath\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [TCP Query User{A98F1CE3-5A1D-4C34-8F30-C44DD48C4975}C:\users\applepieofdeath\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\applepieofdeath\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [UDP Query User{20563885-A23F-4DE1-958A-5C85BCF35F42}C:\users\applepieofdeath\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\applepieofdeath\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [{DD50848A-4557-4F07-80AF-1068B1D9AB4C}] => (Allow) C:\Program Files\SoftEther VPN Client\vpncmd_x64.exe
FirewallRules: [{6BEB139F-9872-4698-9829-DDA77F9344B1}] => (Allow) C:\Program Files\SoftEther VPN Client\vpncmgr.exe
FirewallRules: [{B2504892-7396-4DC7-AC65-9A1247D9B0FA}] => (Allow) C:\Program Files\SoftEther VPN Client\vpnclient_x64.exe
FirewallRules: [{ADC8D086-E17B-474F-B137-300A8C0BF4E2}] => (Allow) C:\Program Files\SoftEther VPN Client\vpnclient.exe
FirewallRules: [{C41A9C50-EE01-469F-AFD1-0AE9434DE6DC}] => (Allow) C:\Program Files\SoftEther VPN Client\vpncmd.exe
FirewallRules: [{C7094896-EB82-458D-B7F4-16A7C4FD74F0}] => (Allow) C:\Program Files\SoftEther VPN Client\vpncmgr_x64.exe
FirewallRules: [TCP Query User{330AF343-5B5A-4433-A07C-DAA37FA21B3A}C:\users\applepieofdeath\desktop\kancolleviewer\kancolleviewer.exe] => (Allow) C:\users\applepieofdeath\desktop\kancolleviewer\kancolleviewer.exe
FirewallRules: [UDP Query User{F17C86D0-A8F4-4558-96B3-DD9202FC6F62}C:\users\applepieofdeath\desktop\kancolleviewer\kancolleviewer.exe] => (Allow) C:\users\applepieofdeath\desktop\kancolleviewer\kancolleviewer.exe
FirewallRules: [TCP Query User{0E4DDC5A-523D-4BEA-977D-233BFD7E1FE3}C:\users\applepieofdeath\desktop\kancolleviewer\kancolleviewer.exe] => (Allow) C:\users\applepieofdeath\desktop\kancolleviewer\kancolleviewer.exe
FirewallRules: [UDP Query User{1703C0EB-7CD4-4F12-AC44-9B5EBD1F3EB7}C:\users\applepieofdeath\desktop\kancolleviewer\kancolleviewer.exe] => (Allow) C:\users\applepieofdeath\desktop\kancolleviewer\kancolleviewer.exe
FirewallRules: [{0A7B7CD8-E9A5-4EBB-80CC-9456A4403A3C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\medieval ii total war\medieval2.exe
FirewallRules: [{811421FF-155E-45F0-8ADC-256B68F90216}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\medieval ii total war\medieval2.exe
FirewallRules: [TCP Query User{7A07B1A4-2A30-46EE-98AD-C212151069F7}C:\users\applepieofdeath\desktop\games\kancolleviewer\kancolleviewer\kancolleviewer.exe] => (Allow) C:\users\applepieofdeath\desktop\games\kancolleviewer\kancolleviewer\kancolleviewer.exe
FirewallRules: [UDP Query User{5BF0AA74-2E77-4A90-A020-D66374355C40}C:\users\applepieofdeath\desktop\games\kancolleviewer\kancolleviewer\kancolleviewer.exe] => (Allow) C:\users\applepieofdeath\desktop\games\kancolleviewer\kancolleviewer\kancolleviewer.exe
FirewallRules: [TCP Query User{AF462D72-4A62-4466-9EBC-01BC50EEF65C}C:\users\applepieofdeath\desktop\games\kancolleviewer\kancolleviewer.exe] => (Allow) C:\users\applepieofdeath\desktop\games\kancolleviewer\kancolleviewer.exe
FirewallRules: [UDP Query User{28D25CDB-B7A8-414B-BDF1-F24DC7C71617}C:\users\applepieofdeath\desktop\games\kancolleviewer\kancolleviewer.exe] => (Allow) C:\users\applepieofdeath\desktop\games\kancolleviewer\kancolleviewer.exe
FirewallRules: [{D0BCB5CC-0B5C-4A60-A3B5-7E8F9062B871}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Battlestations Midway\Battlestationsmidway.exe
FirewallRules: [{8DAA65A6-8055-470A-8B77-0CF6C4A6ECC4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Battlestations Midway\Battlestationsmidway.exe
FirewallRules: [{8FC4D42C-7EC5-46E5-94BB-EE94753F3B95}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Battlestations Midway\Options.exe
FirewallRules: [{C1A6D928-3892-41C1-9E3A-853C2ABA933F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Battlestations Midway\Options.exe
FirewallRules: [{2FE18AEB-D0E7-4090-9142-175C606A5BEE}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{9D7234AE-C200-4846-91D1-8E62E171FBF4}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [TCP Query User{ABE0C888-1FB4-4715-BB00-DF048E3C1459}C:\program files (x86)\steam\steamapps\common\battlestations pacific\bsp.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\battlestations pacific\bsp.exe
FirewallRules: [UDP Query User{1C3E9AD9-6BAB-453D-A3A5-A68ABE2C7153}C:\program files (x86)\steam\steamapps\common\battlestations pacific\bsp.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\battlestations pacific\bsp.exe
FirewallRules: [TCP Query User{F94C748D-3D4E-4952-99E8-93F6AD8CD247}C:\program files (x86)\steam\steamapps\common\battlestations pacific\bsp.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\battlestations pacific\bsp.exe
FirewallRules: [UDP Query User{CD769E78-C1F0-4990-9488-96A4C884F4F2}C:\program files (x86)\steam\steamapps\common\battlestations pacific\bsp.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\battlestations pacific\bsp.exe
FirewallRules: [{71D55331-B6C1-4E8E-9AA3-E7B247F02308}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Super Amazing Wagon Adventure\WagonAdventure.exe
FirewallRules: [{6451A5B8-1A61-420D-A5B7-EF8E785E0C84}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Super Amazing Wagon Adventure\WagonAdventure.exe
FirewallRules: [{9085E985-6FE1-4A58-96A3-1E0127398F6B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Left 4 Dead 2 Dedicated Server\srcds.exe
FirewallRules: [{055EE133-17C7-48C8-955B-1A338D77EEFF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Left 4 Dead 2 Dedicated Server\srcds.exe
FirewallRules: [TCP Query User{543FED0A-6F6D-4E15-B55F-F75811510B44}C:\program files (x86)\steam\steamapps\common\assassin's creed 3\ac3sp.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\assassin's creed 3\ac3sp.exe
FirewallRules: [UDP Query User{2B093C83-B24A-4137-999B-65BD6F3FABC9}C:\program files (x86)\steam\steamapps\common\assassin's creed 3\ac3sp.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\assassin's creed 3\ac3sp.exe
FirewallRules: [{CCABD561-E48E-469A-A938-3A326F96F3E3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Command and Conquer Red Alert 3\runme.exe
FirewallRules: [{01379A89-02A0-4933-BCF7-C745531BC4E5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Command and Conquer Red Alert 3\runme.exe
FirewallRules: [{395F138F-CB0A-4277-B875-4E2BB87AB89B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Command and Conquer Red Alert 3 Uprising\RA3EP1.exe
FirewallRules: [{0295EFAF-8EBF-43B2-97B0-FF7BAD3B2915}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Command and Conquer Red Alert 3 Uprising\RA3EP1.exe
FirewallRules: [{50441948-9F2C-4111-99C6-5E96091A7A98}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\This War of Mine\This War of Mine.exe
FirewallRules: [{D6393567-1CCF-43D6-812C-62AF3859FAAA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\This War of Mine\This War of Mine.exe
FirewallRules: [{569A8B96-FA2E-4F39-B9DD-F4F53D1C2668}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Assassin's Creed IV Black Flag\AC4BFSP.exe
FirewallRules: [{E3FEA3A4-528C-4972-84A2-5B0D94740271}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Assassin's Creed IV Black Flag\AC4BFSP.exe
FirewallRules: [TCP Query User{39C28310-33F6-49E4-8345-173BDC11378B}C:\program files (x86)\asap games\pearl harbor - zero hour\pharbor.exe] => (Allow) C:\program files (x86)\asap games\pearl harbor - zero hour\pharbor.exe
FirewallRules: [UDP Query User{4502C992-DF9B-4AB2-A09A-161EB921A1ED}C:\program files (x86)\asap games\pearl harbor - zero hour\pharbor.exe] => (Allow) C:\program files (x86)\asap games\pearl harbor - zero hour\pharbor.exe
FirewallRules: [{4E7A8FF3-8FC6-4C16-9979-AA0A935B2554}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Assassin's Creed IV Black Flag\AC4BFMP.exe
FirewallRules: [{DED024D5-8D79-48D5-8D00-17D3075FC8DD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Assassin's Creed IV Black Flag\AC4BFMP.exe
FirewallRules: [{A7C8F03C-D54F-4FE7-8FBC-87111BC6B2CB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Alien Swarm\swarm.exe
FirewallRules: [{95B37CCA-B532-42E2-8B52-273D6D1B1C40}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Alien Swarm\swarm.exe
FirewallRules: [{B7A7E1B1-99DB-4F9A-BBAE-A222008F3B43}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Fleet Command\Steamrun.exe
FirewallRules: [{1B03EE28-45ED-402E-AE89-E457151E872B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Fleet Command\Steamrun.exe
FirewallRules: [{5C77B838-A00A-496B-A71B-DF4DB79A803B}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{EB899266-E7EF-49AE-AE68-232BA74654D7}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe
FirewallRules: [{A905B5E7-858B-4B4A-B1B7-913692B1E3B8}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe
FirewallRules: [{6A3D5766-514A-4EAA-9D73-D08E7AF41AD9}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{7C04C654-4818-4290-9F9D-1015725AA6A1}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{2760F586-85B8-4F80-9BFE-427FCA3BD657}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{754F86C9-8E78-4B94-8BEF-A8B05A68D9F5}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
==================== Restore Points =========================
 
21-11-2016 04:40:58 Scheduled Checkpoint
26-11-2016 11:01:36 AA11
 
==================== Faulty Device Manager Devices =============
 
Name: 
Description: 
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (11/26/2016 11:04:39 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: AdAwareUpdater.exe, version: 11.12.945.9202, time stamp: 0x578d0e35
Faulting module name: ntdll.dll, version: 10.0.14393.447, time stamp: 0x5819bc32
Exception code: 0xc0000374
Fault offset: 0x00000000000f7423
Faulting process id: 0xe6c
Faulting application start time: 0x01d24788f51089cd
Faulting application path: C:\Program Files\Common Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus Updater\11.12.945.9202\AdAwareUpdater.exe
Faulting module path: C:\WINDOWS\SYSTEM32\ntdll.dll
Report Id: 94aa50e0-92f8-4dee-90f4-96d3bf6c51e9
Faulting package full name: 
Faulting package-relative application ID:
 
Error: (11/26/2016 11:02:10 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.
 
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol.
 
System Error:
Access is denied.
.
 
Error: (11/26/2016 11:01:34 AM) (Source: SecurityCenter) (EventID: 16) (User: )
Description: Error while updating  status to SECURITY_PRODUCT_STATE_OFF (error %3).
 
Error: (11/26/2016 11:01:34 AM) (Source: SecurityCenter) (EventID: 16) (User: )
Description: Error while updating  status to SECURITY_PRODUCT_STATE_OFF (error %3).
 
Error: (11/26/2016 11:01:34 AM) (Source: SecurityCenter) (EventID: 16) (User: )
Description: Error while updating  status to SECURITY_PRODUCT_STATE_OFF (error %3).
 
Error: (11/25/2016 09:42:41 PM) (Source: SecurityCenter) (EventID: 16) (User: )
Description: Error while updating  status to SECURITY_PRODUCT_STATE_OFF (error %3).
 
Error: (11/25/2016 08:45:12 PM) (Source: SecurityCenter) (EventID: 16) (User: )
Description: Error while updating  status to SECURITY_PRODUCT_STATE_OFF (error %3).
 
Error: (11/25/2016 08:45:11 PM) (Source: SecurityCenter) (EventID: 16) (User: )
Description: Error while updating  status to SECURITY_PRODUCT_STATE_OFF (error %3).
 
Error: (11/25/2016 07:42:10 PM) (Source: SecurityCenter) (EventID: 16) (User: )
Description: Error while updating  status to SECURITY_PRODUCT_STATE_OFF (error %3).
 
Error: (11/25/2016 07:42:09 PM) (Source: SecurityCenter) (EventID: 16) (User: )
Description: Error while updating  status to SECURITY_PRODUCT_STATE_OFF (error %3).
 
 
System errors:
=============
Error: (11/26/2016 11:26:33 AM) (Source: DCOM) (EventID: 10016) (User: STEVE)
Description: The machine-default permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{C2F03A33-21F5-47FA-B4BB-156362A2F239}
 and APPID 
{316CDED5-E4AE-4B15-9113-7055D84DCC97}
 to the user Steve\applepieofdeath SID (S-1-5-21-2113719894-2314059281-1428513383-1001) from address LocalHost (Using LRPC) running in the application container Microsoft.Windows.Cortana_1.7.0.14393_neutral_neutral_cw5n1h2txyewy SID (S-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742). This security permission can be modified using the Component Services administrative tool.
 
Error: (11/26/2016 11:15:58 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
 and APPID 
{F72671A9-012C-4725-9D2F-2A4D32D65169}
 to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
 
Error: (11/26/2016 11:15:35 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The NetTcpActivator service depends on the NetTcpPortSharing service which failed to start because of the following error: 
The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
 
Error: (11/26/2016 11:04:41 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{3185A766-B338-11E4-A71E-12E3F512A338}
 and APPID 
{7006698D-2974-4091-A424-85DD0B909E23}
 to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
 
Error: (11/26/2016 11:00:35 AM) (Source: DCOM) (EventID: 10016) (User: STEVE)
Description: The machine-default permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{C2F03A33-21F5-47FA-B4BB-156362A2F239}
 and APPID 
{316CDED5-E4AE-4B15-9113-7055D84DCC97}
 to the user Steve\applepieofdeath SID (S-1-5-21-2113719894-2314059281-1428513383-1001) from address LocalHost (Using LRPC) running in the application container Microsoft.Windows.Cortana_1.7.0.14393_neutral_neutral_cw5n1h2txyewy SID (S-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742). This security permission can be modified using the Component Services administrative tool.
 
Error: (11/26/2016 11:00:35 AM) (Source: DCOM) (EventID: 10016) (User: STEVE)
Description: The machine-default permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{C2F03A33-21F5-47FA-B4BB-156362A2F239}
 and APPID 
{316CDED5-E4AE-4B15-9113-7055D84DCC97}
 to the user Steve\applepieofdeath SID (S-1-5-21-2113719894-2314059281-1428513383-1001) from address LocalHost (Using LRPC) running in the application container Microsoft.Windows.Cortana_1.7.0.14393_neutral_neutral_cw5n1h2txyewy SID (S-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742). This security permission can be modified using the Component Services administrative tool.
 
Error: (11/26/2016 11:00:35 AM) (Source: DCOM) (EventID: 10016) (User: STEVE)
Description: The machine-default permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{C2F03A33-21F5-47FA-B4BB-156362A2F239}
 and APPID 
{316CDED5-E4AE-4B15-9113-7055D84DCC97}
 to the user Steve\applepieofdeath SID (S-1-5-21-2113719894-2314059281-1428513383-1001) from address LocalHost (Using LRPC) running in the application container Microsoft.Windows.Cortana_1.7.0.14393_neutral_neutral_cw5n1h2txyewy SID (S-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742). This security permission can be modified using the Component Services administrative tool.
 
Error: (11/26/2016 11:00:35 AM) (Source: DCOM) (EventID: 10016) (User: STEVE)
Description: The machine-default permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{C2F03A33-21F5-47FA-B4BB-156362A2F239}
 and APPID 
{316CDED5-E4AE-4B15-9113-7055D84DCC97}
 to the user Steve\applepieofdeath SID (S-1-5-21-2113719894-2314059281-1428513383-1001) from address LocalHost (Using LRPC) running in the application container Microsoft.Windows.Cortana_1.7.0.14393_neutral_neutral_cw5n1h2txyewy SID (S-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742). This security permission can be modified using the Component Services administrative tool.
 
Error: (11/26/2016 11:00:35 AM) (Source: DCOM) (EventID: 10016) (User: STEVE)
Description: The machine-default permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{C2F03A33-21F5-47FA-B4BB-156362A2F239}
 and APPID 
{316CDED5-E4AE-4B15-9113-7055D84DCC97}
 to the user Steve\applepieofdeath SID (S-1-5-21-2113719894-2314059281-1428513383-1001) from address LocalHost (Using LRPC) running in the application container Microsoft.Windows.Cortana_1.7.0.14393_neutral_neutral_cw5n1h2txyewy SID (S-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742). This security permission can be modified using the Component Services administrative tool.
 
Error: (11/26/2016 11:00:35 AM) (Source: DCOM) (EventID: 10016) (User: STEVE)
Description: The machine-default permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{C2F03A33-21F5-47FA-B4BB-156362A2F239}
 and APPID 
{316CDED5-E4AE-4B15-9113-7055D84DCC97}
 to the user Steve\applepieofdeath SID (S-1-5-21-2113719894-2314059281-1428513383-1001) from address LocalHost (Using LRPC) running in the application container Microsoft.Windows.Cortana_1.7.0.14393_neutral_neutral_cw5n1h2txyewy SID (S-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742). This security permission can be modified using the Component Services administrative tool.
 
 
CodeIntegrity:
===================================
  Date: 2016-11-13 15:33:25.495
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.StdFormat.dll that did not meet the Microsoft signing level requirements.
 
  Date: 2016-11-13 15:33:25.477
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll that did not meet the Microsoft signing level requirements.
 
  Date: 2016-11-13 15:33:25.403
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\MSDATASRC\7.0.3300.0__b03f5f7f11d50a3a\MSDATASRC.dll that did not meet the Microsoft signing level requirements.
 
  Date: 2016-11-13 15:33:25.357
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.StdFormat.dll that did not meet the Microsoft signing level requirements.
 
  Date: 2016-11-13 15:33:25.339
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll that did not meet the Microsoft signing level requirements.
 
  Date: 2016-11-13 15:33:25.322
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\MSDATASRC\7.0.3300.0__b03f5f7f11d50a3a\MSDATASRC.dll that did not meet the Microsoft signing level requirements.
 
  Date: 2016-11-13 15:33:23.733
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\stdole\7.0.3300.0__b03f5f7f11d50a3a\stdole.dll that did not meet the Microsoft signing level requirements.
 
  Date: 2016-11-13 15:33:23.242
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\stdole\7.0.3300.0__b03f5f7f11d50a3a\stdole.dll that did not meet the Microsoft signing level requirements.
 
  Date: 2016-11-13 14:06:55.695
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.StdFormat.dll that did not meet the Microsoft signing level requirements.
 
  Date: 2016-11-13 14:06:55.681
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll that did not meet the Microsoft signing level requirements.
 
 
==================== Memory info =========================== 
 
Processor: Intel® Core™ i7-2600 CPU @ 3.40GHz
Percentage of memory in use: 24%
Total physical RAM: 12270.53 MB
Available physical RAM: 9315.54 MB
Total Virtual: 24558.53 MB
Available Virtual: 21478.36 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:905.9 GB) (Free:93.57 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 6A02EC44)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=905.9 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=450 MB) - (Type=27)
Partition 4: (Not Active) - (Size=25.1 GB) - (Type=12)
 
==================== End of Addition.txt ============================
 
For future reasons is there any way to attach files besides the first post?


#5 Starbuck

Starbuck

    'r Brudiwr


  • Malware Response Team
  • 4,150 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Midlands, UK
  • Local time:03:54 AM

Posted 26 November 2016 - 11:21 AM

Hi applepieofdeath
 

attempting to uninstall gave an error message that stated the program might have already been uninstalled followed by a prompt to remove from program list.

Ok.
This sometimes happens with a badly written uninstaller.... it can leave an entry in the uninstall list.
 

my trend-micro is actually an expired free-trial, should i also uninstall it or keep it for the scanner portion?

If it's expired then it's best to remove it and use something else.
Leave it for now, I'll address this later.
 

For future reasons is there any way to attach files besides the first post?

Yes sure.
Instead of clicking on the 'Post' button .... click on More Reply Options.

attach_zpsmrynkv5p.png

On the next page, scroll down to the Attach Files section.

attach2_zpsy8kb5sk0.png

Click on the Browse button and navigate to the file that you want to attach.
Click on it to select and then click on the Attach this file button.
It will then be attached to your post.


Step 1
Please download the attached fixlist.txt file (bottom of this post) and save it to C:\Users\applepieofdeath\Desktop\anti-virus\FRST.
NOTE.
It's important that both files, FRST and fixlist.txt are in the same location or the fix will not work.

NOTICE: This script was written specifically for this user, for use on that particular machine.
Running this on another machine may cause damage to your operating system


Re-run FRST/FRST64 (which ever is installed ) and press the Fix button just once and wait.

frstfix_zps7db0c905.png

The tool will make a log (Fixlog.txt). Please post this in your next reply.


Step 2

RogueKiller version 11 is an old version.
Please uninstall this.
Then:

Please download RogueKiller Anti-malware (Free) onto your desktop.
  • Close all open programs and internet browsers.
  • Double click on RogueKiller Anti-malware to install the tool.
    Vista/Windows 7/8/10 users right-click and select Run As Administrator.
  • Select Accept the User Agreement then continue to click Next then finally click Install
  • Click Finish
    .
  • When the program opens..... click Scan

    rk1_zpsn7bfbew7.png
  • Click Start Scan

    rk2_zpszu8aygv0.png

    rk4_zpsj0fwsy1w.png
  • Double check anything found and tick to select items to be removed

    rk3_zps0k0uqbtb.png
  • Click Remove Selected
  • When the items have been removed.... Click Open Report >> Open TXT.
  • Copy and paste that report into your next reply.
Step 3
Remove Trend Micro

Uninstall Trend Micro Titanium from the system:
It may well leave remnants on the system, so download the:
Remnant File Removal Tool
  • Double-click Ti_110_win_en_Tool_TMRemnantFileRemoveTool_hfb0001.exe to run it.
  • Click I agree on the terms of the license agreement, then click Next.
  • Click Install.
  • Click OK.
  • Restart your computer.
Once Trend Micro has been removed, enable Windows Defender ( built into Win 10 )

Click Start >> Settings >> Update & Security >> Windows Defender
Set Real-Time Protection to On
It's up to you if you want to turn on Cloud Based Protection and Automatic Sample Submission



In your next reply, please submit:
Fixlog.txt
RogueKiller report

Also give me an update on how the system is running now.

Thanks.

Attached Files


BBPP6nz.png


#6 applepieofdeath

applepieofdeath
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:54 PM

Posted 26 November 2016 - 02:14 PM

Step 1: Done, though the computer restarted itself without my action after it was completed

 

step 2: Done

 

step 3: Done

 

Windows defender is already active

 

I don't have any hard data but the computer feels slightly faster.

Attached Files


Edited by applepieofdeath, 26 November 2016 - 02:17 PM.


#7 Starbuck

Starbuck

    'r Brudiwr


  • Malware Response Team
  • 4,150 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Midlands, UK
  • Local time:03:54 AM

Posted 26 November 2016 - 02:33 PM

Hi applepieofdeath
 

Reports look good. :)

I don't have any hard data but the computer feels slightly faster.

Ok, let's run a double check and then let me know in about 24 hours if there's any problems.

I'd like us to scan your machine with ESET OnlineScan This process may may take several hours, that is normal.
  • Download esetsmartinstaller_enu.exe and save it to your Desktop
  • Double click the icon
  • Check YES, I accept the Terms of Use
  • Click the Start button
  • Accept any security warnings from your browser
  • Click Advanced settings
  • Check the following items

Enable detection of potentially unwanted applications
Remove found threats
Scan archives
Scan for potentially unsafe applications
Enable Anti-Stealth technology

  • Click Start
  • ESET will then download updates and begin scanning your computer
  • If no threats are found simply click Uninstall application on close and hit Finish
  • If threats are found click List of found threats
  • Click Export to text file
  • Save the file on your Desktop as ESET.txt
  • Click Back
  • Click Finish
  • Close the ESET Online Scanner window
  • Copy and paste the contents of ESET.txt in your reply
Thanks

Edited by Starbuck, 26 November 2016 - 02:34 PM.

BBPP6nz.png


#8 applepieofdeath

applepieofdeath
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:54 PM

Posted 27 November 2016 - 01:04 PM

threats detected, I believe they are still in quarantine.

Attached Files

  • Attached File  ESET.txt   552bytes   1 downloads


#9 Starbuck

Starbuck

    'r Brudiwr


  • Malware Response Team
  • 4,150 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Midlands, UK
  • Local time:03:54 AM

Posted 27 November 2016 - 01:32 PM

Hi applepieofdeath

Not much detected .... that's good.
When we finish off we'll clear all of the quarantine folders.

If there are no further problems we can finish the cleaning procedure now.

BBPP6nz.png


#10 applepieofdeath

applepieofdeath
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:54 PM

Posted 28 November 2016 - 04:48 AM

I don't see a quarantine option in the scanner menu. Should I simply go to This PC>Local Disk (C:)>Program File (x86)>ESET>ESET Online Scanner>Quarantine and delete everything inside?



#11 Starbuck

Starbuck

    'r Brudiwr


  • Malware Response Team
  • 4,150 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Midlands, UK
  • Local time:03:54 AM

Posted 28 November 2016 - 06:42 AM

Hi

Don't worry about cleaning the quarantine folder... the items are safe in there.
I'll explain the procedure later when I return from work.
We'll complete the cleanup then.

BBPP6nz.png


#12 Starbuck

Starbuck

    'r Brudiwr


  • Malware Response Team
  • 4,150 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Midlands, UK
  • Local time:03:54 AM

Posted 28 November 2016 - 01:09 PM

Hi applepieofdeath

Let's finish the cleaning process and remove the tools we have used.

Step 1
Restart MBAM.
Click on the History tab >> Quarantine
Tick to select all items (if any there ) and then click the Delete button.
Close MBAM.

Step 2
FRST can now be removed:

Right click on the FRST icon and select delete.
Right click on any fixlog.txt or fixlist.txt files and select delete.
Navigate to: C:\frst and delete the frst folder

Step 3
RogueKiller AntiMalware can be uninstalled from the uninstall list: (if you want to remove it)

Right click on the Start button >> select Programs and Features
Right click on RogueKiller Antimalware and select uninstall.

Step 4
Eset Online Scan can be removed now.
Right click on the Start button >> select Programs and Features
Right click on Eset Online Scan and select uninstall (this will also remove the quarantine folder)


Now that you are clean, please follow these simple steps in order to keep your computer clean and secure:

Use an AntiVirus Software

Only install one AntiVirus program at a time

Use a Firewall

Only install one software Firewall

Scan regularly with a 'Stand Alone' Anti-Malware scanner:
Installing another scanner that you can run once or twice a week is always beneficial.
Something like:Remember to update these programs each time before running.
You can install more than one of these if you only run them as stand alone programs.

Install an AdBlocker
Firefox: uBlock Origin
Google Chrome: uBlock Origin

uBlock Origin is NOT an "ad blocker" as such: it is a wide-spectrum blocker -- which happens to be able to function as a mere "ad blocker".
The default behavior of uBlock Origin when newly installed is to block ads, trackers and malware sites
.

Internet Explorer:
Adblock Plus for Internet Explorer

P2P programs/Torrents
Don't be tempted to use Peer to Peer programs.
Many of the downloads are bundled with malware.

Beware of PuP's when installing 'free' software
(Potentially Unwanted Program) An application that is installed along with the desired application the user actually asked for.
In most cases, the PUP is spyware, adware or some other unwanted software.
However, what makes spyware or adware a PUP rather than pure malware is the fact that the end user license agreement (EULA) does inform the user that this additional program is being installed.
Considering hardly anyone ever reads the license agreement, the distinction is a subtle one.

Understanding PuP's (Adware)


Update all your 'Security' programs regularly - Without regular updates you WILL NOT be protected when new malicious programs are released.

Follow this list and your potential for being infected again will reduce dramatically.

Glad I was able to help.

Safe surfing. Computer_addict__by_Sinister_Starfeesh.g

Edited by Starbuck, 28 November 2016 - 01:11 PM.

BBPP6nz.png


#13 applepieofdeath

applepieofdeath
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:54 PM

Posted 28 November 2016 - 03:10 PM

Ok Thank you for your assistance.



#14 Starbuck

Starbuck

    'r Brudiwr


  • Malware Response Team
  • 4,150 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Midlands, UK
  • Local time:03:54 AM

Posted 29 November 2016 - 12:38 PM

As this topic has been resolved this thread will now be closed.

If you need this topic reopened, please contact one of the moderating team by PM and we will reopen it for you.
Include the address of this thread in your request.
If you should have a new issue, please start a new topic.
This applies only to the original topic starter.

Everyone else please begin a New Topic.

BBPP6nz.png





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users