Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

SVCVMX persistent and completely hijacked Windows


  • This topic is locked This topic is locked
24 replies to this topic

#1 Awoo

Awoo

  • Members
  • 14 posts
  • OFFLINE
  •  

Posted 09 July 2017 - 08:52 AM

So admittedly I got this virus in the first place related to cracked files. The files in question have since been shredded with fileshredder. Now onto description of troubles and what I've attempted so far. It started after an install, thought that I declined and unchecked all optionals cause something must've gotten through cause I noticed new program on my desktop called s5 something. Went immediately to my programs and features and uninstalled each new and unrecognized program. Then started a scan with windows defender. Whilst the scan was running though my computer started getting slower, especially in browsing.

I decided to check processes and a unfamiliar process called svcvmx was running, so I killed it. It started back up automatically. As I was sure it was malicious at this point I continued letting my windows defender scan run while looking up info on this process. After research I tried several suggested methods, from killing the task, downloading SpyHunter tool, making suggested regedits, and simply reinstalling and restoring windows. Restore wouldn't work at all, and no matter what I tried I couldn't boot into advanced startup options. I tried mashing f5, f8, shift f8, I tried holding shift while pressing restart option, I tried all of the above after booting in safe mode, legacy mode, with secure boot on and off. I then decided to use windows media creation tool and install windows fresh via a usb drive.

This worked, and I was logged into windows with only my files kept. Yet I couldn't use the internet, whatsoever. My connection showed as all set, white bars with no triangle, task manager showed at times I was both receiving and sending, but any and every browser gave me mainly the error "INET_E_Resource Not Found" looked for fixes on this and again nothing worked. Frustrated I attempted to restore to a previous point on windows, without realizing the error in that. I couldn't select a restore point, but under a certain selection, I believe in Update and Recovery> Updates> Return to Previous Build I was able to restore. Yet when I did, I logged in, and was greeted with a slow computer and even more unfamiliar processes in task mgr. I tried getting it to restore from the media usb I had created but it wouldn't work. Then I decided to ask a friend for a copy of windows 7 because both the media creation tool, the refresh tool, and the update tool from Microsoft would automatically fail during the download.

After getting the copy of windows 7 and mounting it with Rufus to a usb drive, I booted to said usb, and pleasantly was greeted with windows 7 UI. Continued through first steps until I reached a screen where it said "Unable to locate cd/dvd drive" Again I looked for fixes for this, from using only in usb2.0, from switching usb ports the device was plugged into at the main install page, and downloading drivers all the drivers available for the device and putting them on my desktop to be accessed during the install, cause it showed the C drive as an option to browse for drivers. This didn't work, with the drivers both zipped and extracted.

It's at this point where I'm pretty much hopeless. I can't boot to safe mode with networking to download unsigned antimalware there because I don't have a wifi card, it's usb wifi and for some reason that doesn't work in safe mode, nothing does except keyboard and mouse. Also every antivirus/antimalware and even a program called rkill that's supposed to prevent this exact problem- can't be run because it says "resource is already in use". There's also multiple folders and files I can't delete cause I "need administrator privileges" except I'm certainly only administrator on the device.

I'm at a complete loss for what to do now. If there's a way I can force even a restore to factory default I'll do so, but I have no idea how to get into advanced startup options cause it won't seem to let me.

 

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 08-07-2017
Ran by Hazzy (administrator) on DESKTOP-OPCKEO2 (09-07-2017 09:15:49)
Running from C:\Users\Hazzy\Downloads
Loaded Profiles: Hazzy (Available Profiles: Hazzy & chris)
Platform: Windows 10 Home Version 1607 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Intel Corporation) C:\WINDOWS\System32\igfxCUIService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Windows ® Win 7 DDK provider) C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\AdminService.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Pen Tablet Driver) C:\WINDOWS\System32\PenTabletService.exe
() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
() C:\WINDOWS\syswow64\config\systemprofile\AppData\Local\ntuserlitelist\dataup\dataup.exe
() C:\Program Files (x86)\Steam\steamapps\common\wallpaper_engine\bin\wallpaperservice32_c.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Microsoft Corporation) C:\WINDOWS\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
() C:\WINDOWS\System32\tprdpw64.exe
(Pen Tablet Driver) C:\WINDOWS\System32\PenTabletClient.exe
() C:\Program Files (x86)\Steam\steamapps\common\wallpaper_engine\wallpaper32.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.18.614.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\WINDOWS\System32\dllhost.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(CyberLink) C:\Program Files (x86)\CyberLink\CyberLink Media Suite\Power2Go8\CLMLSvc_P2G8.exe
(Dell Inc.) C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe
(Dell Inc.) C:\Program Files (x86)\Dell Customer Connect\DCCService.exe
(Dell) C:\Program Files\Dell\Dell Foundation Services\DFSSvc.exe
(Dell Inc.) C:\Program Files\Dell\Dell Help & Support\MDLCSvc.exe
(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(Dell Products, LP.) C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Dell Inc.) C:\Program Files (x86)\Dell Update\DellUpService.exe
(Dell Inc.) C:\Program Files (x86)\Dell Update\DellUpTray.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Dell) C:\Program Files\Dell\Dell Product Registration\PRSvc.exe
(Dell Inc.) C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe
() C:\Users\Hazzy\AppData\Local\dcaoi\tgenwt\ct.exe
(Dell Inc.) C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe
(Dell Inc.) C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe
(Dell Inc.) C:\Program Files\Dell\DellDataVault\nvapiw.exe
() C:\Users\Hazzy\AppData\Local\ntuserlitelist\svcvmx\svcvmx.exe
() C:\Users\Hazzy\AppData\Local\ntuserlitelist\svcvmx\vmxclient.exe
() C:\Users\Hazzy\AppData\Local\ntuserlitelist\svcvmx\vmxclient.exe
(Dell) C:\Program Files\Dell\Dell Foundation Services\DFS.Common.Agent.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Microsoft® Windows® Operating System) C:\WINDOWS\System32\Taskmgr.exe
(NAMCO BANDAI Games Inc.) C:\Program Files (x86)\Steam\steamapps\common\Dark Souls Prepare to Die Edition\DATA\DARKSOULS.exe
(Valve Corporation) C:\Program Files (x86)\Steam\GameOverlayUI.exe
(Microsoft Corporation) C:\WINDOWS\System32\GameBarPresenceWriter.exe
(Microsoft Corporation) C:\WINDOWS\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation) C:\WINDOWS\System32\browser_broker.exe
(Microsoft Corporation) C:\WINDOWS\System32\InstallAgent.exe
(Microsoft Corporation) C:\WINDOWS\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\WINDOWS\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\WINDOWS\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
() C:\Users\Hazzy\AppData\Local\ntuserlitelist\svcvmx\vmxclient.exe
(Microsoft Corporation) C:\WINDOWS\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
() C:\Users\Hazzy\AppData\Local\ntuserlitelist\svcvmx\vmxclient.exe
() C:\Users\Hazzy\AppData\Local\ntuserlitelist\svcvmx\vmxclient.exe
==================== Registry (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8783616 2015-12-31] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_MAXX6] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1410168 2015-12-31] (Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [323040 2015-11-17] (Intel Corporation)
HKLM\...\Run: [WavesSvc] => C:\Program Files\Waves\MaxxAudio\WavesSvc64.exe [714672 2015-09-25] (Waves Audio Ltd.)
HKLM\...\Run: [WindowsDefender] => C:\Program Files\Windows Defender\MSASCuiL.exe [631808 2017-04-27] (Microsoft Corporation)
HKLM\...\Run: [ShadowPlay] => "C:\WINDOWS\system32\rundll32.exe" C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [Malwarebytes TrayApp] => C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe [3146704 2017-05-09] (Malwarebytes)
HKLM\...\Run: [Plumbytes Anti-Malware] => C:\Program Files\Plumbytes Software\Plumbytes Anti-Malware\Plumbytes.exe [1849072 2017-05-29] (Anti-Malware)
HKLM-x32\...\Run: [PenTabletClient] => C:\WINDOWS\system32\PenTabletClient.exe [58088 2017-06-29] (Pen Tablet Driver)
HKLM-x32\...\Run: [cpx] => "C:\Users\Default\AppData\Local\ntuserlitelist\cpx\cpx.exe" -starup <==== ATTENTION
HKLM-x32\...\Run: [svcvmx] => "C:\Users\Default\AppData\Local\ntuserlitelist\svcvmx\svcvmx.exe" -starup
HKLM-x32\...\Run: [Lightshot] => C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe [225944 2017-04-11] ()
HKU\S-1-5-21-2865199721-532491310-4034810924-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3042592 2017-06-08] (Valve Corporation)
HKU\S-1-5-21-2865199721-532491310-4034810924-1001\...\Run: [Discord] => C:\Users\Hazzy\AppData\Local\Discord\app-0.0.297\Discord.exe [64290304 2017-01-04] (Hammer & Chisel, Inc.)
HKU\S-1-5-21-2865199721-532491310-4034810924-1001\...\Run: [uTorrent] => C:\Users\Hazzy\AppData\Roaming\uTorrent\uTorrent.exe [2406080 2017-07-08] (BitTorrent Inc.)
HKU\S-1-5-21-2865199721-532491310-4034810924-1001\...\Run: [importantupdates] => C:\Users\Hazzy\AppData\Roaming\importantupdates\importantupdates.exe [9108480 2017-07-08] ()
HKU\S-1-5-21-2865199721-532491310-4034810924-1001\...\Run: [windowsupdates] => C:\Users\Hazzy\AppData\Roaming\windowsupdates\windowsupdates.exe [5362176 2017-07-08] ()
HKU\S-1-5-21-2865199721-532491310-4034810924-1001\...\Run: [DellSystemDetect] => C:\Users\Hazzy\AppData\Local\Apps\2.0\GKKE6EET.TW9\5YP81ZB2.RA6\dell..tion_831211ca63b981c5_0008.0005_9a48d74816d64e41\DellSystemDetect.exe [313264 2017-07-09] (Dell)
HKU\S-1-5-21-2865199721-532491310-4034810924-1001\...\MountPoints2: {1d22a0ba-cc45-11e6-99b0-40490f26da2c} - "E:\HTC_Sync_Manager_PC.exe"
Startup: C:\Users\Hazzy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\importantupdates.vbs [2017-07-08] ()
Startup: C:\Users\Hazzy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MEGAsync.lnk [2017-07-06]
ShortcutTarget: MEGAsync.lnk -> C:\Users\Hazzy\AppData\Local\MEGAsync\MEGAsync.exe (Mega Limited)
Startup: C:\Users\Hazzy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\windowsupdates.vbs [2017-07-08] ()
GroupPolicy: Restriction <==== ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
ProxyEnable: [.DEFAULT] => Proxy is enabled.
ProxyServer: [.DEFAULT] => 127.0.0.1:8003
ProxyEnable: [S-1-5-19] => Proxy is enabled.
ProxyServer: [S-1-5-19] => 127.0.0.1:8003
ProxyEnable: [S-1-5-20] => Proxy is enabled.
ProxyServer: [S-1-5-20] => 127.0.0.1:8003
ProxyServer: [S-1-5-21-2865199721-532491310-4034810924-1001] => 127.0.0.1:8003
Tcpip\Parameters: [DhcpNameServer] 192.168.0.240
Tcpip\..\Interfaces\{93a7d957-5a87-4db8-a77e-16ddc2a0f86a}: [DhcpNameServer] 192.168.0.240
Tcpip\..\Interfaces\{b5aa0c84-98b0-4eb9-b36f-79aec3f19ca1}: [DhcpNameServer] 192.168.0.240
Tcpip\..\Interfaces\{e3c601b2-9c68-43bc-a1c4-e924f47cc57b}: [DhcpNameServer] 10.13.109.99
Internet Explorer:
==================
HKU\S-1-5-21-2865199721-532491310-4034810924-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://dell15.msn.com/?pc=DCTE
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2017-06-26] (Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2017-06-26] (Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-06-26] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-06-26] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-06-26] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-06-26] (Microsoft Corporation)
Edge:
======
Edge Extension: (Adblock Plus) -> 10_EyeoGmbHAdblockPlus_d55gg7py3s0m0 => C:\Program Files\WindowsApps\EyeoGmbH.AdblockPlus_0.9.9.0_neutral__d55gg7py3s0m0 [2017-07-09]
FireFox:
========
FF DefaultProfile: vaqt8eel.default
FF ProfilePath: C:\Users\Hazzy\AppData\Roaming\Mozilla\Firefox\Profiles\vaqt8eel.default [2017-07-09]
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2017-06-26] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-12-29] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-12-29] (NVIDIA Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
Chrome:
=======
CHR HomePage: Default -> hxxp://bladesoflegends.com/
CHR StartupUrls: Default -> "hxxp://thephoenixtales.com/","hxxp://lyrania.co.uk/","hxxp://heroesrpg.com/","hxxp://ageoforion.com/","hxxps://www.facebook.com/","hxxp://bladesoflegends.com/","hxxps://us.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_ir_16_05&param1=1&param2=f%3D7%26b%3DChrome%26cc%3Dus%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1QzuzytByEzzzy0A0Fzy0CtC0EzyyBzzzyyDtN0D0Tzu0StCyEzyyBtN1L2XzutAtFtCyBtFzytFtDtN1L1Czu1StN1L1G1B1V1N2Y1L1Qzu2SyD0E0CzzzztC0FtCtGtCtDyEtCtGyCyEtAyDtGtCzytA0CtG0A0EzztByDyEyEtB0FyEzz0E2QtN1M1F1B2Z1V1N2Y1L1Qzu2StDyB0D0DtA0C0BtAtG0DtD0DyEtGyE0E0A0DtGzzzyyC0DtGyE0B0EyD0FyD0BtAyDtAyBtC2QtN0A0LzuyE%26cr%3D946160259%26a%3Dwncy_ir_16_05%26os_ver%3D6.3%26os%3DWindows%2B8.1"
CHR Profile: C:\Users\Hazzy\AppData\Local\Google\Chrome\User Data\Default [2017-07-08]
CHR Extension: (No Name) - C:\Users\Hazzy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nenlahapcbofgnanklpelkaejcehkggg [2017-06-25]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Hazzy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-06-25]
CHR Extension: (Gmail) - C:\Users\Hazzy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-06-25]
CHR Extension: (Chrome Media Router) - C:\Users\Hazzy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-06-25]
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
"drmkpro64" => service could not be unlocked. <==== ATTENTION
R2 AtherosSvc; C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\adminservice.exe [323152 2015-06-07] (Windows ® Win 7 DDK provider)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1465352 2017-07-04] ()
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [4122816 2017-06-10] (Microsoft Corporation)
S3 cplspcon; C:\Windows\system32\IntelCpHDCPSvc.exe [613352 2016-03-30] (Intel Corporation)
R2 Dataup; C:\WINDOWS\SysWOW64\config\systemprofile\AppData\Local\ntuserlitelist\dataup\dataup.exe [77824 2017-01-05] () [File not signed] <==== ATTENTION
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-06-24] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-06-24] (Dropbox, Inc.)
R2 DDVCollectorSvcApi; C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe [206712 2017-06-20] (Dell Inc.)
R2 DDVDataCollector; C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe [3296632 2017-06-20] (Dell Inc.)
R2 DDVRulesProcessor; C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe [217464 2017-06-20] (Dell Inc.)
R2 Dell Customer Connect; C:\Program Files (x86)\Dell Customer Connect\DCCService.exe [137968 2015-09-22] (Dell Inc.)
R2 Dell Foundation Services; C:\Program Files\Dell\Dell Foundation Services\DFSSvc.exe [97616 2017-01-11] (Dell)
R2 Dell Help & Support; C:\Program Files\Dell\Dell Help & Support\MDLCSvc.exe [77648 2016-12-22] (Dell Inc.)
R2 DellUpdate; C:\Program Files (x86)\Dell Update\DellUpService.exe [230248 2017-05-01] (Dell Inc.)
S3 Futuremark SystemInfo Service; C:\Program Files (x86)\Futuremark\SystemInfo\FMSISvc.exe [342456 2017-05-19] (Futuremark)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [19424 2015-11-17] (Intel Corporation)
R2 igfxCUIService2.0.0.0; C:\Windows\system32\igfxCUIService.exe [365032 2016-03-30] (Intel Corporation)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [495224 2017-06-21] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [495224 2017-06-21] (NVIDIA Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [458176 2016-12-29] (NVIDIA Corporation)
R2 NvTelemetryContainer; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [450168 2017-06-21] (NVIDIA Corporation)
S2 pbamw_service; C:\Program Files\Plumbytes Software\Plumbytes Anti-Malware\AmwService.exe [126192 2017-05-19] (PLUMBYTES)
R2 PenTabletService; C:\WINDOWS\System32\PenTabletService.exe [100072 2017-06-29] (Pen Tablet Driver)
R2 Product Registration; C:\Program Files\Dell\Dell Product Registration\PRSvc.exe [47144 2017-04-06] (Dell)
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [253776 2014-04-14] ()
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [309368 2015-12-31] (Realtek Semiconductor)
S2 SpyHunter 4 Service; C:\Program Files\Enigma Software Group\SpyHunter\Sh4Service.exe [868024 2017-07-08] (Enigma Software Group USA, LLC.)
S4 srcsrv; C:\WINDOWS\src_srv\winsrcsrv.exe [17920 2017-06-13] () [File not signed] <==== ATTENTION
R2 SupportAssistAgent; C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [52696 2017-06-28] (Dell Inc.)
R2 Wallpaper Engine Service; C:\Program Files (x86)\Steam\steamapps\common\wallpaper_engine\bin\wallpaperservice32_c.exe [337408 2017-07-07] () [File not signed]
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347320 2017-04-27] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103712 2017-04-27] (Microsoft Corporation)
R2 windowsmanagementservice; C:\Users\Hazzy\AppData\Local\dcaoi\tgenwt\ct.exe [689664 2017-05-30] () [File not signed] <==== ATTENTION
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 athr; C:\WINDOWS\System32\drivers\athw10x.sys [4325808 2016-07-28] (Qualcomm Atheros Communications, Inc.)
R1 CLVirtualDrive; C:\WINDOWS\system32\DRIVERS\CLVirtualDrive.sys [91912 2013-11-12] (CyberLink)
S3 cpuz143; C:\WINDOWS\TEMP\cpuz143\cpuz143_x64.sys [48952 2017-06-28] (CPUID)
R3 DDDriver; C:\WINDOWS\system32\drivers\DDDriver64Dcsa.sys [32960 2017-06-20] (Dell Inc.)
R3 DellProf; C:\WINDOWS\system32\drivers\DellProf.sys [32568 2017-06-20] (Dell Computer Corporation)
S3 EsgScanner; C:\WINDOWS\System32\DRIVERS\EsgScanner.sys [22704 2017-07-08] ()
S3 GPUZ; C:\WINDOWS\TEMP\GPUZ.sys [27008 2017-06-28] ()
R1 MpKslae525b53; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{1544A108-3636-499B-B0D1-E9CBF459A1F7}\MpKslae525b53.sys [44928 2017-07-09] (Microsoft Corporation)
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispiwu.inf_amd64_b67dc924fff8de6d\nvlddmkm.sys [14199224 2017-01-04] (NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30328 2017-06-21] (NVIDIA Corporation)
S3 NVSWCFilter; C:\WINDOWS\System32\drivers\nvswcfilter.sys [28344 2016-05-12] (Windows ® Win 7 DDK provider)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [48248 2017-06-21] (NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [57976 2017-06-21] (NVIDIA Corporation)
S3 PTTblHid; C:\WINDOWS\system32\DRIVERS\PTTblHid.sys [33000 2017-06-29] (Tablet Driver)
S3 PTTPCHid; C:\WINDOWS\system32\DRIVERS\PTTPCHid.sys [19688 2017-06-29] (PenTablet Driver for TabletPC)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [886528 2015-05-29] (Realtek                                            )
R3 RtlWlanu; C:\WINDOWS\System32\drivers\rtwlanu.sys [5195776 2016-07-16] (Realtek Semiconductor Corporation                           )
R3 RTSUER; C:\WINDOWS\system32\Drivers\RtsUer.sys [402136 2015-06-12] (Realsil Semiconductor Corporation)
S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-07-09 09:15 - 2017-07-09 09:17 - 00020687 _____ C:\Users\Hazzy\Downloads\FRST.txt
2017-07-09 09:15 - 2017-07-09 09:15 - 02437120 _____ (Farbar) C:\Users\Hazzy\Downloads\FRST64.exe
2017-07-09 09:15 - 2017-07-09 09:15 - 00000000 ____D C:\FRST
2017-07-09 09:04 - 2017-07-09 09:04 - 00001230 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2017-07-09 09:04 - 2017-07-09 09:04 - 00001218 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2017-07-09 09:04 - 2017-07-09 09:04 - 00000000 ____D C:\Users\Hazzy\AppData\Roaming\Mozilla
2017-07-09 09:04 - 2017-07-09 09:04 - 00000000 ____D C:\Users\Hazzy\AppData\Local\Mozilla
2017-07-09 09:04 - 2017-07-09 09:04 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-07-09 09:04 - 2017-07-09 09:04 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-07-09 09:03 - 2017-07-09 09:03 - 00266192 _____ (Mozilla) C:\Users\Hazzy\Downloads\Firefox Setup Stub 54.0.1.exe
2017-07-09 08:31 - 2017-07-09 08:31 - 00000000 ____D C:\Users\Hazzy\AppData\Local\enchant
2017-07-09 08:29 - 2017-07-09 09:07 - 00000000 ____D C:\Users\Hazzy\AppData\Roaming\HexChat
2017-07-09 08:29 - 2017-07-09 08:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HexChat
2017-07-09 08:29 - 2017-07-09 08:29 - 00000000 ____D C:\Program Files\HexChat
2017-07-09 08:28 - 2017-07-09 08:29 - 09391144 _____ (HexChat ) C:\Users\Hazzy\Downloads\HexChat 2.12.4 x64.exe
2017-07-09 08:04 - 2017-07-09 08:04 - 16719872 _____ C:\Users\Hazzy\Downloads\dban-2.3.0_i586.iso
2017-07-09 07:04 - 2017-07-09 07:04 - 00376528 _____ (Microsoft Corporation) C:\Users\Hazzy\Downloads\RefreshWindowsTool (1).exe
2017-07-09 07:04 - 2017-07-09 07:04 - 00000000 ___HD C:\$Windows.~WS
2017-07-09 04:55 - 2017-07-09 05:59 - 00000000 ____D C:\Users\Hazzy\Downloads\Windows 10 Pro v.1511 En-us x64 July2016 Pre-Activated-=TEAM OS=-
2017-07-09 04:55 - 2017-07-09 05:26 - 3387529216 ____R C:\Users\Hazzy\Desktop\Win10_Pro_1511_English_x64_july_2016.iso
2017-07-09 04:43 - 2017-07-09 08:27 - 298221408 _____ (Dell Inc.) C:\Program Files (x86)\Network_Driver_7Y1H9_WN32_10.0.0.315_A00.EXE
2017-07-09 04:43 - 2017-07-09 08:23 - 07562768 _____ C:\Program Files (x86)\Inspiron_3650_3250_Vostro_3650_3653_3250_3.4.1.exe
2017-07-09 04:43 - 2017-07-09 08:22 - 34435168 _____ (Dell Inc.) C:\Program Files (x86)\Serial-ATA_Driver_PFJ82_WN32_14.8.9.1053_A06.EXE
2017-07-09 04:43 - 2017-07-09 08:22 - 26445216 _____ (Dell Inc.) C:\Program Files (x86)\Storage_Driver_XWHMP_WN64_6.3.9600.39066_A00.EXE
2017-07-09 04:43 - 2017-07-09 08:22 - 16558696 _____ (Dell Inc.) C:\Program Files (x86)\Chipset_Driver_NK43W_WN32_10.1.1.7_A00.EXE
2017-07-09 04:42 - 2017-07-09 08:23 - 33600776 _____ (Dell Inc.) C:\Program Files (x86)\Chipset_Driver_5W1P0_WN32_11.0.0.1168_A01.EXE
2017-07-09 04:42 - 2017-07-09 08:23 - 16576608 _____ (Dell Inc.) C:\Program Files (x86)\Chipset_Driver_F8YTN_WN32_1.0.0.42_A00.EXE
2017-07-09 04:33 - 2017-07-09 04:33 - 04110280 _____ C:\Users\Hazzy\Downloads\AdwCleaner.exe
2017-07-09 04:31 - 2017-07-09 04:32 - 05766464 _____ (Zemana Ltd. ) C:\Users\Hazzy\Downloads\ieexplorer.exe
2017-07-09 04:28 - 2017-07-09 04:28 - 02030536 _____ (Bleeping Computer, LLC) C:\Users\Hazzy\Downloads\rkill.com
2017-07-09 04:27 - 2017-07-09 04:27 - 433459200 _____ C:\Users\Hazzy\Desktop\Dell Drivers Download.iso
2017-07-09 04:21 - 2017-07-09 04:27 - 00000000 ____D C:\Users\Hazzy\Documents\Dell Downloads
2017-07-09 04:18 - 2017-07-09 04:18 - 00000000 ____D C:\Users\Hazzy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dell
2017-07-09 04:17 - 2017-07-09 04:21 - 00000000 ____D C:\Users\Hazzy\AppData\Local\Deployment
2017-07-09 04:17 - 2017-07-09 04:17 - 00000000 ____D C:\Users\Hazzy\AppData\Local\Apps\2.0
2017-07-09 03:06 - 2017-07-09 03:06 - 00000890 _____ C:\Users\Hazzy\Desktop\File Shredder.lnk
2017-07-09 03:06 - 2017-07-09 03:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\File Shredder
2017-07-09 03:06 - 2017-07-09 03:06 - 00000000 ____D C:\Program Files\File Shredder
2017-07-09 03:05 - 2017-07-09 03:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lightshot
2017-07-09 03:04 - 2017-07-09 03:06 - 02317839 _____ (PowTools ) C:\Users\Hazzy\Downloads\file_shredder_setup.exe
2017-07-09 03:04 - 2017-07-09 03:04 - 02732544 _____ (Skillbrains ) C:\Users\Hazzy\Downloads\setup-lightshot.exe
2017-07-09 03:02 - 2017-07-09 03:51 - 00000000 ____D C:\Users\Hazzy\AppData\Local\{12A8CCFE-3C33-4995-BAD8-074E4C5B22FD}
2017-07-09 03:02 - 2017-07-09 03:02 - 00001163 _____ C:\Users\Hazzy\Desktop\Plumbytes Anti-Malware.lnk
2017-07-09 03:02 - 2017-07-09 03:02 - 00000000 ____D C:\Users\Hazzy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Plumbytes Anti-Malware
2017-07-09 03:02 - 2017-07-09 03:02 - 00000000 ____D C:\Program Files\Plumbytes Software
2017-07-09 03:00 - 2017-07-09 03:01 - 00881904 _____ (Plumbytes Software) C:\Users\Hazzy\Downloads\antimalwaresetup.exe
2017-07-09 02:55 - 2017-07-09 02:55 - 00002095 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2017-07-09 02:55 - 2017-07-09 02:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2017-07-09 02:55 - 2017-07-09 02:55 - 00000000 ____D C:\ProgramData\Malwarebytes
2017-07-09 02:55 - 2017-07-09 02:55 - 00000000 ____D C:\Program Files\Malwarebytes
2017-07-09 02:55 - 2017-06-27 12:06 - 00077376 _____ C:\WINDOWS\system32\Drivers\mbae64.sys
2017-07-09 02:43 - 2017-07-09 02:43 - 00954488 _____ (Akeo Consulting (hxxp://akeo.ie)) C:\Users\Hazzy\Downloads\rufus-2.15.exe
2017-07-09 02:22 - 2017-07-09 02:26 - 00000036 _____ C:\WINDOWS\progress.ini
2017-07-09 02:11 - 2017-07-09 02:11 - 00000000 ___HD C:\$SysReset
2017-07-09 01:28 - 2017-07-09 02:26 - 00000000 ____D C:\Windows10Upgrade
2017-07-09 01:28 - 2017-07-09 02:22 - 00000000 ___HD C:\$GetCurrent
2017-07-09 01:28 - 2017-07-09 01:28 - 00000733 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows 10 Upgrade Assistant.lnk
2017-07-09 01:28 - 2017-07-09 01:28 - 00000721 _____ C:\Users\Hazzy\Desktop\Windows 10 Upgrade Assistant.lnk
2017-07-09 01:17 - 2017-07-09 01:28 - 06394488 _____ (Microsoft Corporation) C:\Users\Hazzy\Downloads\Windows10Upgrade9252.exe
2017-07-09 00:20 - 2017-07-09 00:22 - 00376528 _____ (Microsoft Corporation) C:\Users\Hazzy\Downloads\RefreshWindowsTool.exe
2017-07-08 23:38 - 2017-07-08 23:39 - 01130328 _____ (Google Inc.) C:\Users\Hazzy\Downloads\ChromeSetup.exe
2017-07-08 20:55 - 2017-07-08 20:55 - 00002685 _____ C:\Users\Hazzy\Downloads\Restore_Windows_Photo_Viewer_CURRENT_USER.reg
2017-07-08 20:46 - 2017-07-09 02:26 - 00000000 ____D C:\$WINDOWS.~BT
2017-07-08 20:07 - 2017-07-08 20:07 - 00000000 ____D C:\Users\Hazzy\AppData\Roaming\Enigma Software Group
2017-07-08 20:06 - 2017-07-09 03:13 - 00000000 ____D C:\Users\Hazzy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpyHunter
2017-07-08 20:06 - 2017-07-09 02:54 - 00001315 _____ C:\Users\Hazzy\Desktop\SpyHunter.lnk
2017-07-08 20:06 - 2017-07-08 20:06 - 18357776 _____ (Microsoft Corporation) C:\Users\Hazzy\Downloads\MediaCreationTool.exe
2017-07-08 20:06 - 2017-07-08 20:06 - 00003442 _____ C:\WINDOWS\System32\Tasks\SpyHunter4Startup
2017-07-08 20:06 - 2017-07-08 20:06 - 00000000 ____D C:\sh4ldr
2017-07-08 20:05 - 2017-07-08 20:05 - 00022704 _____ C:\WINDOWS\system32\Drivers\EsgScanner.sys
2017-07-08 20:05 - 2017-07-08 20:05 - 00000000 ____D C:\Program Files\Enigma Software Group
2017-07-08 20:04 - 2017-07-08 20:04 - 02755584 _____ C:\Users\Hazzy\Downloads\SH-Alt-Install.exe
2017-07-08 20:03 - 2017-07-08 20:03 - 05103792 _____ (Enigma Software Group USA, LLC.) C:\Users\Hazzy\Downloads\SpyHunter-Installer (1).exe
2017-07-08 20:02 - 2017-07-08 20:02 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2017-07-08 20:01 - 2017-07-09 02:54 - 65033984 _____ (Malwarebytes ) C:\Users\Hazzy\Downloads\mb3-setup-consumer-3.1.2.1733-1.0.160-1.0.2251.exe
2017-07-08 19:26 - 2017-07-08 19:26 - 00000020 ___SH C:\Users\chris\ntuser.ini
2017-07-08 19:26 - 2017-07-08 19:26 - 00000000 ____D C:\Users\chris\AppData\Roaming\Adobe
2017-07-08 19:26 - 2017-07-08 19:26 - 00000000 ____D C:\Users\chris\AppData\Local\VirtualStore
2017-07-08 19:26 - 2017-07-08 19:26 - 00000000 ____D C:\Users\chris\AppData\Local\TileDataLayer
2017-07-08 19:26 - 2017-07-08 19:26 - 00000000 ____D C:\Users\chris\AppData\Local\Packages
2017-07-08 19:26 - 2017-07-08 19:26 - 00000000 ____D C:\Users\chris\AppData\Local\NVIDIA
2017-07-08 19:26 - 2017-07-08 19:26 - 00000000 ____D C:\Users\chris\AppData\Local\ConnectedDevicesPlatform
2017-07-08 19:13 - 2017-07-09 04:13 - 00000000 ____D C:\WINDOWS\pss
2017-07-08 18:41 - 2017-07-09 06:52 - 00000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2017-07-08 18:09 - 2017-07-08 18:10 - 05103792 _____ (Enigma Software Group USA, LLC.) C:\Users\Hazzy\Downloads\SpyHunter-Installer.exe
2017-07-08 17:37 - 2017-07-08 18:03 - 00000000 ____D C:\Users\Hazzy\AppData\Local\llssoft
2017-07-08 17:36 - 2017-07-08 19:19 - 00000000 ____D C:\Users\Hazzy\AppData\Local\ntuserlitelist
2017-07-08 17:35 - 2017-07-09 03:13 - 00000000 ____D C:\Users\Hazzy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AnonymizerGadget
2017-07-08 17:35 - 2017-07-08 17:35 - 00003072 _____ C:\Users\Hazzy\AppData\Local\uninstallce.exe
2017-07-08 17:35 - 2017-07-08 17:35 - 00000000 ____D C:\WINDOWS\src_srv
2017-07-08 17:35 - 2017-07-08 17:35 - 00000000 ____D C:\Users\Hazzy\AppData\Roaming\windowsupdates
2017-07-08 17:35 - 2017-07-08 17:35 - 00000000 ____D C:\Users\Hazzy\AppData\Roaming\importantupdates
2017-07-08 17:35 - 2017-07-08 17:35 - 00000000 ____D C:\Users\Hazzy\AppData\Roaming\c
2017-07-08 17:35 - 2017-07-08 17:35 - 00000000 ____D C:\Users\Hazzy\AppData\Local\mcvutitf
2017-07-08 17:35 - 2017-07-08 17:35 - 00000000 ____D C:\Users\Hazzy\AppData\Local\dcaoi
2017-07-08 17:35 - 2017-07-08 17:35 - 00000000 ____D C:\Users\Hazzy\AppData\Local\AnonymizerLauncher
2017-07-08 17:33 - 2017-07-08 17:35 - 00000000 ____D C:\Users\Hazzy\AppData\Roaming\AGData
2017-07-08 17:32 - 2017-07-08 17:32 - 00000000 ____D C:\Users\Hazzy\AppData\Roaming\CyberLink
2017-07-08 17:29 - 2017-07-09 04:54 - 00000000 ____D C:\Users\Hazzy\AppData\LocalLow\uTorrent
2017-07-08 17:29 - 2017-07-08 17:29 - 00002686 _____ C:\Users\Hazzy\Desktop\µTorrent.lnk
2017-07-08 17:29 - 2017-07-08 17:29 - 00002686 _____ C:\Users\Hazzy\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk
2017-07-08 17:28 - 2017-07-09 06:13 - 00000000 ____D C:\Users\Hazzy\AppData\Roaming\uTorrent
2017-07-08 17:28 - 2017-07-08 17:28 - 02406080 _____ (BitTorrent Inc.) C:\Users\Hazzy\Downloads\uTorrent.exe
2017-07-07 14:25 - 2017-07-07 14:27 - 00000000 ____D C:\Users\Hazzy\AppData\Roaming\DarkSoulsII
2017-07-07 14:21 - 2017-07-07 14:21 - 02549112 _____ (Microsoft Corporation) C:\Users\Hazzy\Downloads\DefaultPack.EXE
2017-07-07 14:21 - 2017-07-07 14:21 - 00292184 _____ (Microsoft Corporation) C:\Users\Hazzy\Downloads\dxwebsetup.exe
2017-07-07 04:56 - 2017-07-07 04:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mr DJ
2017-07-06 15:23 - 2017-07-06 15:23 - 00000000 ____D C:\Users\Hazzy\AppData\Local\Mega Limited
2017-07-06 15:22 - 2017-07-06 15:22 - 00000000 ____D C:\Users\Hazzy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MEGAsync
2017-07-06 15:22 - 2017-07-06 15:22 - 00000000 ____D C:\Users\Hazzy\AppData\Local\MEGAsync
2017-07-06 15:15 - 2017-07-06 15:16 - 13314392 _____ (MEGA Limited) C:\Users\Hazzy\Downloads\MEGAsyncSetup.exe
2017-07-06 11:25 - 2017-07-06 11:25 - 00003934 _____ C:\WINDOWS\System32\Tasks\Dell SupportAssistAgent AnonymousRegistration
2017-07-05 21:34 - 2017-07-05 21:34 - 00126032 _____ C:\Users\Hazzy\Downloads\Excel checklist v2.1-2125-2-1.zip
2017-07-05 21:34 - 2017-07-05 21:34 - 00000000 ____D C:\Users\Hazzy\Downloads\Excel checklist v2.1-2125-2-1
2017-07-05 12:37 - 2017-07-05 12:37 - 00000000 ____D C:\Users\Hazzy\AppData\Local\NBGI
2017-07-03 22:31 - 2017-07-03 22:31 - 00000000 ____D C:\Users\Hazzy\Downloads\Debug Console Enabler v1.31-1555-1-31
2017-07-03 22:30 - 2017-07-03 22:30 - 01398143 _____ (Igor Pavlov) C:\Users\Hazzy\Downloads\7z1700-x64.exe
2017-07-03 22:30 - 2017-07-03 22:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2017-07-03 22:30 - 2017-07-03 22:30 - 00000000 ____D C:\Program Files\7-Zip
2017-07-03 22:28 - 2017-07-03 22:28 - 00034868 _____ C:\Users\Hazzy\Downloads\Debug Console Enabler v1.31-1555-1-31.rar
2017-07-03 22:27 - 2017-07-03 22:27 - 00034720 _____ C:\Users\Hazzy\Downloads\Release 1.22-1334-.rar
2017-07-03 14:56 - 2017-07-08 00:21 - 00000000 ____D C:\Users\Hazzy\AppData\Local\Warframe
2017-07-03 14:47 - 2017-07-03 14:47 - 00000000 ____D C:\Users\Hazzy\Downloads\ethminer-0.11.0rc1-windows
2017-07-03 14:43 - 2017-07-03 14:43 - 01900051 _____ C:\Users\Hazzy\Downloads\ethminer-0.11.0rc1-windows.zip
2017-07-03 14:34 - 2017-07-03 14:36 - 00000000 ____D C:\Users\Hazzy\AppData\Roaming\Ethereum
2017-07-03 14:23 - 2017-07-03 14:27 - 00000000 ____D C:\Users\Hazzy\AppData\Roaming\Bitcoin
2017-07-03 14:23 - 2017-07-03 14:23 - 00000000 ____D C:\Users\Hazzy\AppData\Local\Chromium
2017-07-03 14:23 - 2017-07-03 14:23 - 00000000 ____D C:\Users\Hazzy\AppData\Local\bitpay
2017-07-03 14:20 - 2017-07-03 14:21 - 65400317 _____ (BitPay ) C:\Users\Hazzy\Downloads\BitPay.exe
2017-07-03 14:20 - 2017-07-03 14:21 - 13857192 _____ (Bitcoin Core project) C:\Users\Hazzy\Downloads\bitcoin-0.14.2-win64-setup.exe
2017-07-03 14:13 - 2017-07-03 14:13 - 23755188 _____ C:\Users\Hazzy\Downloads\geth-windows-amd64-1.6.6-10a45cb5.exe
2017-07-03 08:01 - 2017-07-05 19:39 - 00000000 ____D C:\Users\Hazzy\Documents\The Witcher 3
2017-06-29 20:52 - 2017-06-29 20:53 - 00000000 ____D C:\Users\Hazzy\Downloads\File-15639-1-0-0-2
2017-06-29 20:52 - 2017-06-29 20:52 - 00227301 _____ C:\Users\Hazzy\Downloads\File-15639-1-0-0-2.zip
2017-06-29 20:45 - 2017-06-29 20:45 - 00000000 ____D C:\Users\Hazzy\AppData\Local\Black_Tree_Gaming
2017-06-29 20:45 - 2017-06-29 20:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nexus Mod Manager
2017-06-29 20:45 - 2017-06-29 20:45 - 00000000 ____D C:\Program Files\Nexus Mod Manager
2017-06-29 20:44 - 2017-06-29 20:44 - 06441096 _____ (Black Tree Gaming ) C:\Users\Hazzy\Downloads\Nexus Mod Manager-0.63.14.exe
2017-06-29 20:37 - 2017-06-29 20:54 - 00000000 ____D C:\Users\Hazzy\AppData\Local\Fallout4
2017-06-29 15:44 - 2017-06-29 15:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XP_PEN
2017-06-29 15:44 - 2017-06-29 15:44 - 00000000 ____D C:\Program Files (x86)\XP-PEN
2017-06-29 15:43 - 2017-06-29 15:43 - 00000000 ____D C:\Users\Hazzy\Downloads\G430
2017-06-29 15:42 - 2017-06-29 15:43 - 18907427 _____ C:\Users\Hazzy\Downloads\G430.zip
2017-06-29 15:41 - 2017-06-29 15:41 - 00001021 _____ C:\Users\Hazzy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\osu!.lnk
2017-06-29 15:40 - 2017-07-07 23:16 - 00000000 ____D C:\Users\Hazzy\AppData\Local\osu!
2017-06-29 15:40 - 2017-06-29 15:40 - 04479032 _____ (ppy) C:\Users\Hazzy\Downloads\osu!install.exe
2017-06-29 14:46 - 2017-06-29 14:47 - 00000000 ____D C:\Users\Hazzy\.openshot_qt
2017-06-29 14:42 - 2017-06-29 14:45 - 00000000 ____D C:\Users\Hazzy\AppData\Roaming\vlc
2017-06-29 14:42 - 2017-06-29 14:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2017-06-29 14:42 - 2017-06-29 14:42 - 00000000 ____D C:\Program Files (x86)\VideoLAN
2017-06-29 14:41 - 2017-06-29 14:42 - 30950664 _____ C:\Users\Hazzy\Downloads\vlc-2.2.6-win32.exe
2017-06-29 14:40 - 2017-06-29 14:44 - 133741288 _____ (OpenShot Studios, LLC ) C:\Users\Hazzy\Downloads\OpenShot-v2.3.4-x86_64.exe
2017-06-29 14:33 - 2017-06-29 14:39 - 00000000 ____D C:\Users\Hazzy\AppData\Roaming\obs-studio
2017-06-29 14:31 - 2017-06-29 14:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OBS Studio
2017-06-29 14:30 - 2017-06-29 14:31 - 00000000 ____D C:\Program Files (x86)\obs-studio
2017-06-29 14:21 - 2017-06-29 14:24 - 113245088 _____ (obsproject.com) C:\Users\Hazzy\Downloads\OBS-Studio-19.0.3-Full-Installer.exe
2017-06-29 14:08 - 2017-07-05 00:37 - 00000000 ____D C:\Users\Hazzy\AppData\Roaming\discord
2017-06-29 14:08 - 2017-06-29 14:08 - 00000000 ____D C:\Users\Hazzy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Hammer & Chisel, Inc
2017-06-29 14:08 - 2017-06-29 14:08 - 00000000 ____D C:\Users\Hazzy\AppData\Local\SquirrelTemp
2017-06-29 14:08 - 2017-06-29 14:08 - 00000000 ____D C:\Users\Hazzy\AppData\Local\Discord
2017-06-29 12:12 - 2017-06-29 12:12 - 00000000 ____D C:\Users\Hazzy\AppData\Local\UNP
2017-06-29 12:07 - 2017-06-29 12:09 - 52553728 _____ (Hammer & Chisel, Inc.) C:\Users\Hazzy\Downloads\DiscordSetup.exe
2017-06-28 19:42 - 2017-06-28 19:42 - 00520892 _____ C:\WINDOWS\Minidump\062817-26625-01.dmp
2017-06-28 19:36 - 2017-06-28 19:38 - 18085042 _____ (MSI Co., LTD ) C:\Users\Hazzy\Downloads\MSI_Kombustor_Setup_3.5.0.4_x64.exe
2017-06-28 19:30 - 2017-06-28 19:42 - 797035315 _____ C:\WINDOWS\MEMORY.DMP
2017-06-28 19:30 - 2017-06-28 19:42 - 00000000 ____D C:\WINDOWS\Minidump
2017-06-28 19:30 - 2017-06-28 19:31 - 00519756 _____ C:\WINDOWS\Minidump\062817-29515-01.dmp
2017-06-28 19:22 - 2017-07-07 14:22 - 00000000 ___HD C:\WINDOWS\msdownld.tmp
2017-06-28 19:22 - 2017-07-07 14:22 - 00000000 ____D C:\WINDOWS\SysWOW64\directx
2017-06-28 19:22 - 2017-06-28 19:22 - 00000000 ____D C:\Users\Hazzy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RivaTuner Statistics Server
2017-06-28 19:22 - 2017-06-28 19:22 - 00000000 ____D C:\Program Files (x86)\RivaTuner Statistics Server
2017-06-28 19:20 - 2017-06-28 19:20 - 00000000 ____D C:\Users\Hazzy\Downloads\MSIAfterburnerSetup
2017-06-28 19:18 - 2017-06-28 19:19 - 39173612 _____ C:\Users\Hazzy\Downloads\MSIAfterburnerSetup.zip
2017-06-28 13:38 - 2017-06-28 13:38 - 00000000 ____D C:\Program Files (x86)\Dell Update
2017-06-28 01:10 - 2017-06-28 01:10 - 00000084 _____ C:\WINDOWS\SysWOW64\DLC_Debug_log.txt
2017-06-28 01:07 - 2017-06-28 01:07 - 00000000 ____D C:\ProgramData\0c24fc64-9861-447b-bb51-dcda1c78ec83
2017-06-27 23:31 - 2017-06-27 23:31 - 00000912 _____ C:\Users\Hazzy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Start Tor Browser.lnk
2017-06-27 23:27 - 2017-06-27 23:30 - 54270000 _____ C:\Users\Hazzy\Downloads\torbrowser-install-7.0.1_en-US.exe
2017-06-27 20:04 - 2017-06-27 20:04 - 00001480 _____ C:\Users\Hazzy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OpenHardwareMonitor.lnk
2017-06-27 13:24 - 2017-06-28 12:25 - 00000000 ____D C:\Users\Hazzy\AppData\Local\NVIDIA Corporation
2017-06-27 13:24 - 2017-06-27 13:24 - 00000000 ____D C:\Users\Hazzy\AppData\Local\NVIDIA
2017-06-27 13:23 - 2017-06-27 13:23 - 00004000 _____ C:\WINDOWS\System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-06-27 13:23 - 2017-06-27 13:23 - 00003994 _____ C:\WINDOWS\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-06-27 13:23 - 2017-06-21 03:03 - 01903224 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll
2017-06-27 13:23 - 2017-06-21 03:03 - 01755256 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspbridge64.dll
2017-06-27 13:23 - 2017-06-21 03:03 - 01489528 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll
2017-06-27 13:23 - 2017-06-21 03:03 - 01317496 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspbridge.dll
2017-06-27 13:23 - 2017-06-21 03:02 - 00121464 _____ C:\WINDOWS\system32\NvRtmpStreamer64.dll
2017-06-27 13:22 - 2017-06-27 13:22 - 00004308 _____ C:\WINDOWS\System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-06-27 13:22 - 2017-06-27 13:22 - 00003894 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-06-27 13:22 - 2017-06-27 13:22 - 00003866 _____ C:\WINDOWS\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-06-27 13:22 - 2017-06-27 13:22 - 00003858 _____ C:\WINDOWS\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-06-27 13:22 - 2017-06-27 13:22 - 00003696 _____ C:\WINDOWS\System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-06-27 13:22 - 2017-06-27 13:22 - 00003654 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-06-27 13:22 - 2017-06-20 16:58 - 00001951 _____ C:\WINDOWS\NvTelemetryContainerRecovery.bat
2017-06-27 13:18 - 2017-06-21 03:02 - 00179320 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvaudcap64v.dll
2017-06-27 13:18 - 2017-06-21 03:02 - 00146552 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvaudcap32v.dll
2017-06-27 13:18 - 2017-06-21 03:02 - 00057976 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvhci.sys
2017-06-27 13:18 - 2017-06-21 03:02 - 00048248 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvad64v.sys
2017-06-27 12:30 - 2017-06-27 12:30 - 00000000 ____D C:\WINDOWS\system32\UNP
2017-06-27 12:29 - 2017-06-27 12:31 - 00000000 ____D C:\Program Files\UNP
2017-06-27 11:49 - 2017-06-27 11:50 - 88223144 _____ (NVIDIA Corporation) C:\Users\Hazzy\Downloads\GeForce_Experience_v3.7.0.81.exe
2017-06-27 09:50 - 2017-06-28 19:39 - 00000022 _____ C:\WINDOWS\GPU-Z.INI
2017-06-27 09:49 - 2017-06-27 09:49 - 00000000 ____D C:\Users\Hazzy\AppData\Local\Futuremark
2017-06-27 09:49 - 2017-06-27 09:49 - 00000000 ____D C:\ProgramData\Futuremark
2017-06-27 09:48 - 2017-06-27 09:48 - 00000000 ____D C:\Program Files (x86)\Futuremark
2017-06-27 05:38 - 2017-06-27 05:39 - 00000000 ___SD C:\WINDOWS\UpdateAssistantV2
2017-06-27 00:51 - 2017-06-27 00:51 - 00514172 _____ C:\Users\Hazzy\Downloads\openhardwaremonitor-v0.8.0-beta.zip
2017-06-27 00:51 - 2017-06-27 00:51 - 00000000 ____D C:\Users\Hazzy\Downloads\openhardwaremonitor-v0.8.0-beta
2017-06-26 12:03 - 2017-06-26 12:03 - 00000000 ____D C:\Users\Hazzy\AppData\Local\Rockstar Games
2017-06-26 12:01 - 2017-06-26 12:01 - 00000000 ____D C:\Program Files\Rockstar Games
2017-06-26 12:01 - 2017-06-26 12:01 - 00000000 ____D C:\Program Files (x86)\Rockstar Games
2017-06-26 00:11 - 2017-06-26 00:11 - 00565416 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2017-06-25 23:58 - 2017-06-25 23:58 - 00003290 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task v2
2017-06-25 23:57 - 2017-06-25 23:57 - 00000000 ____D C:\WINDOWS\system32\MRT
2017-06-25 23:56 - 2017-06-25 23:56 - 133627792 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-06-25 23:56 - 2017-06-25 23:56 - 00000000 ____D C:\Users\Hazzy\AppData\Roaming\Skype
2017-06-25 22:51 - 2017-06-25 22:51 - 00000000 ____D C:\Users\Hazzy\AppData\Local\ElevatedDiagnostics
2017-06-25 22:46 - 2010-06-02 04:55 - 00518488 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_7.dll
2017-06-25 22:46 - 2010-06-02 04:55 - 00239960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_7.dll
2017-06-25 22:46 - 2010-06-02 04:55 - 00176984 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_7.dll
2017-06-25 22:46 - 2010-06-02 04:55 - 00077656 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_5.dll
2017-06-25 22:46 - 2010-05-26 11:41 - 02526056 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_43.dll
2017-06-25 22:46 - 2010-05-26 11:41 - 02401112 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_43.dll
2017-06-25 22:46 - 2010-05-26 11:41 - 01907552 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dcsx_43.dll
2017-06-25 22:46 - 2010-05-26 11:41 - 01868128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dcsx_43.dll
2017-06-25 22:46 - 2010-05-26 11:41 - 00511328 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_43.dll
2017-06-25 22:46 - 2010-05-26 11:41 - 00470880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_43.dll
2017-06-25 22:46 - 2010-05-26 11:41 - 00276832 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx11_43.dll
2017-06-25 22:46 - 2010-02-04 10:01 - 00530776 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_6.dll
2017-06-25 22:46 - 2010-02-04 10:01 - 00528216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_6.dll
2017-06-25 22:46 - 2010-02-04 10:01 - 00238936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_6.dll
2017-06-25 22:46 - 2010-02-04 10:01 - 00176984 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_6.dll
2017-06-25 22:46 - 2010-02-04 10:01 - 00078680 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_4.dll
2017-06-25 22:46 - 2010-02-04 10:01 - 00074072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_4.dll
2017-06-25 22:46 - 2010-02-04 10:01 - 00024920 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_7.dll
2017-06-25 22:46 - 2009-09-04 17:44 - 00517960 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_5.dll
2017-06-25 22:46 - 2009-09-04 17:44 - 00515416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_5.dll
2017-06-25 22:46 - 2009-09-04 17:44 - 00238936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_5.dll
2017-06-25 22:46 - 2009-09-04 17:44 - 00176968 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_5.dll
2017-06-25 22:46 - 2009-09-04 17:44 - 00073544 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_3.dll
2017-06-25 22:46 - 2009-09-04 17:44 - 00069464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_3.dll
2017-06-25 22:46 - 2009-09-04 17:29 - 05554512 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dcsx_42.dll
2017-06-25 22:46 - 2009-09-04 17:29 - 05501792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dcsx_42.dll
2017-06-25 22:46 - 2009-09-04 17:29 - 02582888 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_42.dll
2017-06-25 22:46 - 2009-09-04 17:29 - 02475352 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_42.dll
2017-06-25 22:46 - 2009-09-04 17:29 - 01974616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_42.dll
2017-06-25 22:46 - 2009-09-04 17:29 - 01892184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_42.dll
2017-06-25 22:46 - 2009-09-04 17:29 - 00523088 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_42.dll
2017-06-25 22:46 - 2009-09-04 17:29 - 00453456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_42.dll
2017-06-25 22:46 - 2009-09-04 17:29 - 00285024 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx11_42.dll
2017-06-25 22:46 - 2009-09-04 17:29 - 00235344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx11_42.dll
2017-06-25 22:46 - 2009-03-16 14:18 - 00521560 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_4.dll
2017-06-25 22:46 - 2009-03-16 14:18 - 00517448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_4.dll
2017-06-25 22:46 - 2009-03-16 14:18 - 00235352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_4.dll
2017-06-25 22:46 - 2009-03-16 14:18 - 00174936 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_4.dll
2017-06-25 22:46 - 2009-03-16 14:18 - 00024920 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_6.dll
2017-06-25 22:46 - 2009-03-16 14:18 - 00022360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_6.dll
2017-06-25 22:46 - 2009-03-09 15:27 - 05425496 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_41.dll
2017-06-25 22:46 - 2009-03-09 15:27 - 04178264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_41.dll
2017-06-25 22:46 - 2009-03-09 15:27 - 02430312 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_41.dll
2017-06-25 22:46 - 2009-03-09 15:27 - 01846632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_41.dll
2017-06-25 22:46 - 2009-03-09 15:27 - 00520544 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_41.dll
2017-06-25 22:46 - 2009-03-09 15:27 - 00453456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_41.dll
2017-06-25 22:46 - 2008-10-27 10:04 - 00518480 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_3.dll
2017-06-25 22:46 - 2008-10-27 10:04 - 00514384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_3.dll
2017-06-25 22:46 - 2008-10-27 10:04 - 00235856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_3.dll
2017-06-25 22:46 - 2008-10-27 10:04 - 00175440 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_3.dll
2017-06-25 22:46 - 2008-10-27 10:04 - 00074576 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_2.dll
2017-06-25 22:46 - 2008-10-27 10:04 - 00070992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_2.dll
2017-06-25 22:46 - 2008-10-27 10:04 - 00025936 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_5.dll
2017-06-25 22:46 - 2008-10-27 10:04 - 00023376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_5.dll
2017-06-25 22:46 - 2008-10-15 06:22 - 05631312 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_40.dll
2017-06-25 22:46 - 2008-10-15 06:22 - 04379984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_40.dll
2017-06-25 22:46 - 2008-10-15 06:22 - 02605920 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_40.dll
2017-06-25 22:46 - 2008-10-15 06:22 - 02036576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_40.dll
2017-06-25 22:46 - 2008-10-15 06:22 - 00519000 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_40.dll
2017-06-25 22:46 - 2008-10-15 06:22 - 00452440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_40.dll
2017-06-25 22:46 - 2008-07-31 10:41 - 00238088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_2.dll
2017-06-25 22:46 - 2008-07-31 10:41 - 00177672 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_2.dll
2017-06-25 22:46 - 2008-07-31 10:41 - 00072200 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_1.dll
2017-06-25 22:46 - 2008-07-31 10:41 - 00068616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_1.dll
2017-06-25 22:46 - 2008-07-31 10:40 - 00513544 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_2.dll
2017-06-25 22:46 - 2008-07-31 10:40 - 00509448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_2.dll
2017-06-25 22:45 - 2008-07-10 11:01 - 00467984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_39.dll
2017-06-25 22:45 - 2008-07-10 11:00 - 04992520 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_39.dll
2017-06-25 22:45 - 2008-07-10 11:00 - 03851784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_39.dll
2017-06-25 22:45 - 2008-07-10 11:00 - 01942552 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_39.dll
2017-06-25 22:45 - 2008-07-10 11:00 - 01493528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_39.dll
2017-06-25 22:45 - 2008-07-10 11:00 - 00540688 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_39.dll
2017-06-25 22:45 - 2008-05-30 14:19 - 00511496 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_1.dll
2017-06-25 22:45 - 2008-05-30 14:19 - 00507400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_1.dll
2017-06-25 22:45 - 2008-05-30 14:18 - 00238088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_1.dll
2017-06-25 22:45 - 2008-05-30 14:18 - 00177672 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_1.dll
2017-06-25 22:45 - 2008-05-30 14:17 - 00068104 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_0.dll
2017-06-25 22:45 - 2008-05-30 14:17 - 00065032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_0.dll
2017-06-25 22:45 - 2008-05-30 14:17 - 00025608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_4.dll
2017-06-25 22:45 - 2008-05-30 14:16 - 00028168 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_4.dll
2017-06-25 22:45 - 2008-05-30 14:11 - 04991496 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_38.dll
2017-06-25 22:45 - 2008-05-30 14:11 - 03850760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_38.dll
2017-06-25 22:45 - 2008-05-30 14:11 - 01941528 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_38.dll
2017-06-25 22:45 - 2008-05-30 14:11 - 01491992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_38.dll
2017-06-25 22:45 - 2008-05-30 14:11 - 00540688 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_38.dll
2017-06-25 22:45 - 2008-05-30 14:11 - 00467984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_38.dll
2017-06-25 22:45 - 2008-03-05 16:04 - 00489480 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_0.dll
2017-06-25 22:45 - 2008-03-05 16:03 - 00479752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_0.dll
2017-06-25 22:45 - 2008-03-05 16:03 - 00238088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_0.dll
2017-06-25 22:45 - 2008-03-05 16:03 - 00177672 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_0.dll
2017-06-25 22:45 - 2008-03-05 16:00 - 00028168 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_3.dll
2017-06-25 22:45 - 2008-03-05 16:00 - 00025608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_3.dll
2017-06-25 22:45 - 2008-03-05 15:56 - 04910088 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_37.dll
2017-06-25 22:45 - 2008-03-05 15:56 - 03786760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_37.dll
2017-06-25 22:45 - 2008-03-05 15:56 - 01860120 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_37.dll
2017-06-25 22:45 - 2008-03-05 15:56 - 01420824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_37.dll
2017-06-25 22:45 - 2008-02-05 23:07 - 00529424 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_37.dll
2017-06-25 22:45 - 2008-02-05 23:07 - 00462864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_37.dll
2017-06-25 22:45 - 2007-10-22 03:40 - 00411656 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_10.dll
2017-06-25 22:45 - 2007-10-22 03:39 - 00267272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_10.dll
2017-06-25 22:45 - 2007-10-22 03:37 - 00021000 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_2.dll
2017-06-25 22:45 - 2007-10-22 03:37 - 00017928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_2.dll
2017-06-25 22:45 - 2007-10-12 15:14 - 05081608 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_36.dll
2017-06-25 22:45 - 2007-10-12 15:14 - 03734536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_36.dll
2017-06-25 22:45 - 2007-10-12 15:14 - 02006552 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_36.dll
2017-06-25 22:45 - 2007-10-12 15:14 - 01374232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_36.dll
2017-06-25 22:45 - 2007-10-02 09:56 - 00508264 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_36.dll
2017-06-25 22:45 - 2007-10-02 09:56 - 00444776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_36.dll
2017-06-25 22:45 - 2007-07-20 00:57 - 00411496 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_9.dll
2017-06-25 22:45 - 2007-07-20 00:57 - 00267112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_9.dll
2017-06-25 22:45 - 2007-07-19 18:14 - 05073256 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_35.dll
2017-06-25 22:45 - 2007-07-19 18:14 - 03727720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_35.dll
2017-06-25 22:45 - 2007-07-19 18:14 - 01985904 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_35.dll
2017-06-25 22:45 - 2007-07-19 18:14 - 01358192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_35.dll
2017-06-25 22:45 - 2007-07-19 18:14 - 00508264 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_35.dll
2017-06-25 22:45 - 2007-07-19 18:14 - 00444776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_35.dll
2017-06-25 22:45 - 2007-06-20 20:49 - 00409960 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_8.dll
2017-06-25 22:45 - 2007-06-20 20:46 - 00266088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_8.dll
2017-06-25 22:45 - 2007-05-16 16:45 - 04496232 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_34.dll
2017-06-25 22:45 - 2007-05-16 16:45 - 03497832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_34.dll
2017-06-25 22:45 - 2007-05-16 16:45 - 01401200 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_34.dll
2017-06-25 22:45 - 2007-05-16 16:45 - 01124720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_34.dll
2017-06-25 22:45 - 2007-05-16 16:45 - 00506728 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_34.dll
2017-06-25 22:45 - 2007-05-16 16:45 - 00443752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_34.dll
2017-06-25 22:45 - 2007-04-04 18:55 - 00403304 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_7.dll
2017-06-25 22:45 - 2007-04-04 18:55 - 00261480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_7.dll
2017-06-25 22:45 - 2007-03-15 16:57 - 00506728 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_33.dll
2017-06-25 22:45 - 2007-03-15 16:57 - 00443752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_33.dll
2017-06-25 22:45 - 2007-03-12 16:42 - 04494184 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_33.dll
2017-06-25 22:45 - 2007-03-12 16:42 - 03495784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_33.dll
2017-06-25 22:45 - 2007-03-12 16:42 - 01400176 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_33.dll
2017-06-25 22:45 - 2007-03-12 16:42 - 01123696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_33.dll
2017-06-25 22:45 - 2007-03-05 12:42 - 00017688 _____ (Microsoft Corporation) C:\WINDOWS\system32\x3daudio1_1.dll
2017-06-25 22:45 - 2007-03-05 12:42 - 00015128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\x3daudio1_1.dll
2017-06-25 22:45 - 2007-01-24 15:27 - 00393576 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_6.dll
2017-06-25 22:45 - 2007-01-24 15:27 - 00255848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_6.dll
2017-06-25 22:45 - 2006-12-08 12:02 - 00251672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_5.dll
2017-06-25 22:45 - 2006-12-08 12:00 - 00390424 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_5.dll
2017-06-25 22:45 - 2006-11-29 13:06 - 04398360 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_32.dll
2017-06-25 22:45 - 2006-11-29 13:06 - 03426072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_32.dll
2017-06-25 22:45 - 2006-11-29 13:06 - 00469264 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10.dll
2017-06-25 22:45 - 2006-11-29 13:06 - 00440080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10.dll
2017-06-25 22:45 - 2006-09-28 16:05 - 03977496 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_31.dll
2017-06-25 22:45 - 2006-09-28 16:05 - 02414360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_31.dll
2017-06-25 22:45 - 2006-09-28 16:05 - 00237848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_4.dll
2017-06-25 22:45 - 2006-09-28 16:04 - 00364824 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_4.dll
2017-06-25 22:45 - 2006-07-28 09:31 - 00083736 _____ (Microsoft Corporation) C:\WINDOWS\system32\xinput1_2.dll
2017-06-25 22:45 - 2006-07-28 09:30 - 00363288 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_3.dll
2017-06-25 22:45 - 2006-07-28 09:30 - 00236824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_3.dll
2017-06-25 22:45 - 2006-07-28 09:30 - 00062744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xinput1_2.dll
2017-06-25 22:45 - 2006-05-31 07:24 - 00230168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_2.dll
2017-06-25 22:45 - 2006-05-31 07:22 - 00354072 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_2.dll
2017-06-25 22:45 - 2006-03-31 12:41 - 03927248 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_30.dll
2017-06-25 22:45 - 2006-03-31 12:40 - 02388176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_30.dll
2017-06-25 22:45 - 2006-03-31 12:40 - 00352464 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_1.dll
2017-06-25 22:45 - 2006-03-31 12:39 - 00229584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_1.dll
2017-06-25 22:45 - 2006-03-31 12:39 - 00083664 _____ (Microsoft Corporation) C:\WINDOWS\system32\xinput1_1.dll
2017-06-25 22:45 - 2006-03-31 12:39 - 00062672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xinput1_1.dll
2017-06-25 22:45 - 2006-02-03 08:43 - 03830992 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_29.dll
2017-06-25 22:45 - 2006-02-03 08:43 - 02332368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_29.dll
2017-06-25 22:45 - 2006-02-03 08:42 - 00355536 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_0.dll
2017-06-25 22:45 - 2006-02-03 08:42 - 00230096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_0.dll
2017-06-25 22:45 - 2006-02-03 08:41 - 00016592 _____ (Microsoft Corporation) C:\WINDOWS\system32\x3daudio1_0.dll
2017-06-25 22:45 - 2006-02-03 08:41 - 00014032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\x3daudio1_0.dll
2017-06-25 22:45 - 2005-12-05 18:09 - 03815120 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_28.dll
2017-06-25 22:45 - 2005-12-05 18:09 - 02323664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_28.dll
2017-06-25 22:45 - 2005-07-22 19:59 - 03807440 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_27.dll
2017-06-25 22:45 - 2005-07-22 19:59 - 02319568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_27.dll
2017-06-25 22:45 - 2005-05-26 15:34 - 03767504 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_26.dll
2017-06-25 22:45 - 2005-05-26 15:34 - 02297552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_26.dll
2017-06-25 22:45 - 2005-03-18 17:19 - 03823312 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_25.dll
2017-06-25 22:45 - 2005-03-18 17:19 - 02337488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_25.dll
2017-06-25 22:45 - 2005-02-05 19:45 - 03544272 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_24.dll
2017-06-25 22:45 - 2005-02-05 19:45 - 02222800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_24.dll
2017-06-25 20:14 - 2017-06-25 20:14 - 01868290 _____ C:\Users\Hazzy\Downloads\desmume-0.9.11-win64.zip
2017-06-25 19:52 - 2017-06-25 19:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dolphin
2017-06-25 19:52 - 2007-04-04 18:54 - 00107368 _____ (Microsoft Corporation) C:\WINDOWS\system32\xinput1_3.dll
2017-06-25 19:51 - 2017-06-25 19:52 - 00000000 ____D C:\Program Files\Dolphin
2017-06-25 15:24 - 2010-06-02 04:55 - 00527192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_7.dll
2017-06-25 15:24 - 2010-06-02 04:55 - 00074072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_5.dll
2017-06-25 15:23 - 2010-05-26 11:41 - 02106216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_43.dll
2017-06-25 15:23 - 2010-05-26 11:41 - 01998168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_43.dll
2017-06-25 15:23 - 2010-05-26 11:41 - 00248672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx11_43.dll
2017-06-25 15:23 - 2010-02-04 10:01 - 00022360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_7.dll
2017-06-25 15:23 - 2007-04-04 18:53 - 00081768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xinput1_3.dll
2017-06-25 13:58 - 2017-07-09 04:14 - 00000420 _____ C:\WINDOWS\Tasks\update-S-1-5-21-2865199721-532491310-4034810924-1001.job
2017-06-25 13:58 - 2017-07-09 03:05 - 00003408 _____ C:\WINDOWS\System32\Tasks\update-S-1-5-21-2865199721-532491310-4034810924-1001
2017-06-25 13:58 - 2017-07-09 03:05 - 00000425 _____ C:\Users\Hazzy\AppData\Local\UserProducts.xml
2017-06-25 13:58 - 2017-07-09 03:05 - 00000000 ____D C:\Program Files (x86)\Skillbrains
2017-06-25 13:58 - 2017-06-26 00:01 - 00000420 _____ C:\WINDOWS\Tasks\update-sys.job
2017-06-25 13:58 - 2017-06-25 13:58 - 00003346 _____ C:\WINDOWS\System32\Tasks\update-sys
2017-06-25 13:32 - 2017-06-29 14:35 - 00000000 ____D C:\Users\Hazzy\AppData\Roaming\NVIDIA
2017-06-25 13:08 - 2017-07-09 03:13 - 00000000 ____D C:\Users\Hazzy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2017-06-25 13:04 - 2017-06-25 13:05 - 00000000 ____D C:\Users\Hazzy\AppData\Local\Steam
2017-06-25 13:04 - 2017-06-25 13:04 - 00000000 ____D C:\Users\Hazzy\AppData\Local\CEF
2017-06-25 13:01 - 2017-07-09 08:09 - 00000000 ____D C:\Program Files (x86)\Steam
2017-06-25 13:01 - 2017-06-25 13:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2017-06-25 12:46 - 2017-06-25 12:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AutoHotkey
2017-06-25 12:46 - 2017-06-25 12:46 - 00000000 ____D C:\Program Files\AutoHotkey
2017-06-25 12:34 - 2017-06-25 12:34 - 00000000 ____D C:\Users\Hazzy\AppData\Roaming\Google
2017-06-25 08:24 - 2017-06-25 08:24 - 00003900 _____ C:\WINDOWS\System32\Tasks\Dell SupportAssistAgent AutoUpdate
2017-06-25 08:23 - 2017-07-06 11:25 - 00000000 ____D C:\ProgramData\SupportAssist
2017-06-25 08:06 - 2017-06-25 08:06 - 00004128 _____ C:\WINDOWS\System32\Tasks\PCDoctorBackgroundMonitorTask
2017-06-25 08:06 - 2017-06-25 08:06 - 00003560 _____ C:\WINDOWS\System32\Tasks\PCDEventLauncherTask
2017-06-25 08:06 - 2017-06-25 08:06 - 00003414 _____ C:\WINDOWS\System32\Tasks\PCDDataUploadTask
2017-06-25 08:06 - 2017-06-25 08:06 - 00003300 _____ C:\WINDOWS\System32\Tasks\SystemToolsDailyTest
2017-06-25 08:06 - 2017-06-25 08:06 - 00000000 ____D C:\ProgramData\PC-Doctor for Windows
2017-06-25 08:05 - 2017-06-25 08:06 - 00000000 ____D C:\Program Files\Dell Support Center
2017-06-25 08:05 - 2017-06-25 08:05 - 00000000 ____D C:\Users\Hazzy\AppData\Roaming\Macromedia
2017-06-25 08:01 - 2017-06-25 08:21 - 00000000 ____D C:\Users\Hazzy\AppData\Roaming\PCDr
2017-06-25 08:01 - 2017-06-25 08:01 - 00000000 ____D C:\ProgramData\PC-Doctor, Inc
2017-06-25 07:59 - 2017-07-08 19:16 - 00000000 ____D C:\Users\Hazzy\AppData\Local\CrashDumps
2017-06-25 02:47 - 2017-06-25 02:47 - 00000000 ____D C:\WINDOWS\InfusedApps
2017-06-25 02:46 - 2017-06-25 02:46 - 00008192 _____ C:\WINDOWS\system32\config\userdiff
2017-06-25 02:46 - 2017-06-24 22:49 - 00000000 ____D C:\WINDOWS\ServiceProfiles
2017-06-25 02:45 - 2017-06-25 02:45 - 00000000 ____D C:\WINDOWS\SysWOW64\sda
2017-06-25 02:42 - 2017-06-25 02:42 - 00000000 ____D C:\WINDOWS\Setup
2017-06-25 02:38 - 2017-06-25 02:38 - 00000000 ____D C:\WINDOWS\OCR
2017-06-25 02:38 - 2017-06-25 02:38 - 00000000 ____D C:\Program Files\Reference Assemblies
2017-06-25 02:38 - 2017-06-25 02:38 - 00000000 ____D C:\Program Files\MSBuild
2017-06-25 02:38 - 2017-06-25 02:38 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
2017-06-25 02:38 - 2017-06-25 02:38 - 00000000 ____D C:\Program Files (x86)\MSBuild
2017-06-25 02:37 - 2017-06-25 02:37 - 00000000 ____D C:\WINDOWS\SysWOW64\winrm
2017-06-25 02:37 - 2017-06-25 02:37 - 00000000 ____D C:\WINDOWS\SysWOW64\WCN
2017-06-25 02:37 - 2017-06-25 02:37 - 00000000 ____D C:\WINDOWS\SysWOW64\sysprep
2017-06-25 02:37 - 2017-06-25 02:37 - 00000000 ____D C:\WINDOWS\SysWOW64\slmgr
2017-06-25 02:37 - 2017-06-25 02:37 - 00000000 ____D C:\WINDOWS\SysWOW64\Printing_Admin_Scripts
2017-06-25 02:37 - 2017-06-25 02:37 - 00000000 ____D C:\WINDOWS\SysWOW64\0409
2017-06-25 02:37 - 2017-06-25 02:37 - 00000000 ____D C:\WINDOWS\system32\winrm
2017-06-25 02:37 - 2017-06-25 02:37 - 00000000 ____D C:\WINDOWS\system32\WCN
2017-06-25 02:37 - 2017-06-25 02:37 - 00000000 ____D C:\WINDOWS\system32\slmgr
2017-06-25 02:37 - 2017-06-25 02:37 - 00000000 ____D C:\WINDOWS\system32\Printing_Admin_Scripts
2017-06-25 02:37 - 2017-06-25 02:37 - 00000000 ____D C:\WINDOWS\system32\0409
2017-06-25 02:37 - 2017-06-25 02:37 - 00000000 ____D C:\WINDOWS\DigitalLocker
2017-06-25 02:34 - 2017-06-03 02:36 - 00835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2017-06-25 02:34 - 2017-06-03 02:36 - 00177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2017-06-25 02:33 - 2017-06-27 05:37 - 00015425 _____ C:\WINDOWS\system32\OEMDefaultAssociations.xml
2017-06-25 02:33 - 2017-06-25 02:46 - 00028672 _____ C:\WINDOWS\system32\config\BCD-Template
2017-06-25 02:33 - 2017-06-25 02:31 - 00231424 _____ (Microsoft Corporation) C:\WINDOWS\system32\msclmd.dll
2017-06-25 02:33 - 2017-06-25 02:31 - 00215943 _____ C:\WINDOWS\SysWOW64\dssec.dat
2017-06-25 02:33 - 2017-06-25 02:31 - 00215943 _____ C:\WINDOWS\system32\dssec.dat
2017-06-25 02:33 - 2017-06-25 02:31 - 00209408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msclmd.dll
2017-06-25 02:33 - 2017-06-25 02:31 - 00004096 _____ C:\WINDOWS\system32\config\VSMIDK
2017-06-25 02:33 - 2017-06-25 02:31 - 00003683 _____ C:\WINDOWS\system32\Drivers\etc\lmhosts.sam
2017-06-25 02:33 - 2017-06-25 02:31 - 00000858 _____ C:\WINDOWS\system32\DefaultQuestions.json
2017-06-25 02:33 - 2017-06-25 02:31 - 00000741 _____ C:\WINDOWS\SysWOW64\NOISE.DAT
2017-06-25 02:33 - 2017-06-25 02:31 - 00000741 _____ C:\WINDOWS\system32\NOISE.DAT
2017-06-25 02:32 - 2017-07-09 07:15 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-06-25 02:32 - 2017-07-09 07:09 - 00000000 ___HD C:\Program Files\WindowsApps
2017-06-25 02:32 - 2017-07-09 03:13 - 00000000 ____D C:\WINDOWS\system32\WinBioDatabase
2017-06-25 02:32 - 2017-07-09 02:43 - 00000000 ____D C:\WINDOWS\SysWOW64\GroupPolicy
2017-06-25 02:32 - 2017-07-05 00:31 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2017-06-25 02:32 - 2017-06-28 19:14 - 00000000 ____D C:\WINDOWS\system32\NDF
2017-06-25 02:32 - 2017-06-28 17:57 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2017-06-25 02:32 - 2017-06-28 02:23 - 00000000 ____D C:\WINDOWS\rescache
2017-06-25 02:32 - 2017-06-27 05:39 - 00000000 ___SD C:\WINDOWS\SysWOW64\F12
2017-06-25 02:32 - 2017-06-27 05:39 - 00000000 ____D C:\WINDOWS\SysWOW64\setup
2017-06-25 02:32 - 2017-06-27 05:39 - 00000000 ____D C:\WINDOWS\SysWOW64\oobe
2017-06-25 02:32 - 2017-06-27 05:39 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism
2017-06-25 02:32 - 2017-06-27 05:38 - 00000000 ___SD C:\WINDOWS\system32\F12
2017-06-25 02:32 - 2017-06-27 05:38 - 00000000 ___SD C:\WINDOWS\system32\dsc
2017-06-25 02:32 - 2017-06-27 05:38 - 00000000 ___SD C:\WINDOWS\system32\DiagSvcs
2017-06-25 02:32 - 2017-06-27 05:38 - 00000000 ___RD C:\WINDOWS\PrintDialog
2017-06-25 02:32 - 2017-06-27 05:38 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2017-06-25 02:32 - 2017-06-27 05:38 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2017-06-25 02:32 - 2017-06-27 05:38 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2017-06-25 02:32 - 2017-06-27 05:38 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2017-06-25 02:32 - 2017-06-27 05:38 - 00000000 ____D C:\WINDOWS\system32\setup
2017-06-25 02:32 - 2017-06-27 05:38 - 00000000 ____D C:\WINDOWS\system32\oobe
2017-06-25 02:32 - 2017-06-27 05:38 - 00000000 ____D C:\WINDOWS\system32\migwiz
2017-06-25 02:32 - 2017-06-27 05:38 - 00000000 ____D C:\WINDOWS\system32\Dism
2017-06-25 02:32 - 2017-06-27 05:38 - 00000000 ____D C:\WINDOWS\system32\appraiser
2017-06-25 02:32 - 2017-06-27 05:38 - 00000000 ____D C:\WINDOWS\ShellExperiences
2017-06-25 02:32 - 2017-06-27 05:38 - 00000000 ____D C:\WINDOWS\Provisioning
2017-06-25 02:32 - 2017-06-27 05:38 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2017-06-25 02:32 - 2017-06-27 05:38 - 00000000 ____D C:\WINDOWS\bcastdvr
2017-06-25 02:32 - 2017-06-27 05:38 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2017-06-25 02:32 - 2017-06-27 05:38 - 00000000 ____D C:\Program Files\Windows Defender
2017-06-25 02:32 - 2017-06-27 05:38 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2017-06-25 02:32 - 2017-06-27 05:38 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2017-06-25 02:32 - 2017-06-26 01:06 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2017-06-25 02:32 - 2017-06-25 13:08 - 00000000 ___HD C:\WINDOWS\ELAMBKUP
2017-06-25 02:32 - 2017-06-25 08:02 - 00000000 ____D C:\WINDOWS\appcompat
2017-06-25 02:32 - 2017-06-25 02:38 - 00000000 ____D C:\WINDOWS\SystemApps
2017-06-25 02:32 - 2017-06-25 02:37 - 00000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2017-06-25 02:32 - 2017-06-25 02:37 - 00000000 ____D C:\WINDOWS\SysWOW64\MUI
2017-06-25 02:32 - 2017-06-25 02:37 - 00000000 ____D C:\WINDOWS\SysWOW64\Com
2017-06-25 02:32 - 2017-06-25 02:37 - 00000000 ____D C:\WINDOWS\system32\MUI
2017-06-25 02:32 - 2017-06-25 02:37 - 00000000 ____D C:\WINDOWS\system32\Com
2017-06-25 02:32 - 2017-06-25 02:37 - 00000000 ____D C:\WINDOWS\IME
2017-06-25 02:32 - 2017-06-25 02:37 - 00000000 ____D C:\Program Files\Common Files\System
2017-06-25 02:32 - 2017-06-25 02:33 - 00000000 __RSD C:\WINDOWS\Media
2017-06-25 02:32 - 2017-06-25 02:33 - 00000000 ___SD C:\WINDOWS\SysWOW64\Nui
2017-06-25 02:32 - 2017-06-25 02:33 - 00000000 ___SD C:\WINDOWS\system32\Nui
2017-06-25 02:32 - 2017-06-25 02:33 - 00000000 ___SD C:\WINDOWS\Downloaded Program Files
2017-06-25 02:32 - 2017-06-25 02:33 - 00000000 ___RD C:\WINDOWS\Offline Web Pages
2017-06-25 02:32 - 2017-06-25 02:33 - 00000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2017-06-25 02:32 - 2017-06-25 02:33 - 00000000 ____D C:\WINDOWS\SysWOW64\migwiz
2017-06-25 02:32 - 2017-06-25 02:33 - 00000000 ____D C:\WINDOWS\SysWOW64\MailContactsCalendarSync
2017-06-25 02:32 - 2017-06-25 02:33 - 00000000 ____D C:\WINDOWS\SysWOW64\icsxml
2017-06-25 02:32 - 2017-06-25 02:33 - 00000000 ____D C:\WINDOWS\SysWOW64\downlevel
2017-06-25 02:32 - 2017-06-25 02:33 - 00000000 ____D C:\WINDOWS\SysWOW64\Bthprops
2017-06-25 02:32 - 2017-06-25 02:33 - 00000000 ____D C:\WINDOWS\SysWOW64\AdvancedInstallers
2017-06-25 02:32 - 2017-06-25 02:33 - 00000000 ____D C:\WINDOWS\system32\WinMetadata
2017-06-25 02:32 - 2017-06-25 02:33 - 00000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2017-06-25 02:32 - 2017-06-25 02:33 - 00000000 ____D C:\WINDOWS\system32\MsDtc
2017-06-25 02:32 - 2017-06-25 02:33 - 00000000 ____D C:\WINDOWS\system32\MailContactsCalendarSync
2017-06-25 02:32 - 2017-06-25 02:33 - 00000000 ____D C:\WINDOWS\system32\icsxml
2017-06-25 02:32 - 2017-06-25 02:33 - 00000000 ____D C:\WINDOWS\system32\ias
2017-06-25 02:32 - 2017-06-25 02:33 - 00000000 ____D C:\WINDOWS\system32\downlevel
2017-06-25 02:32 - 2017-06-25 02:33 - 00000000 ____D C:\WINDOWS\system32\DDFs
2017-06-25 02:32 - 2017-06-25 02:33 - 00000000 ____D C:\WINDOWS\system32\Bthprops
2017-06-25 02:32 - 2017-06-25 02:33 - 00000000 ____D C:\WINDOWS\system32\AdvancedInstallers
2017-06-25 02:32 - 2017-06-25 02:33 - 00000000 ____D C:\WINDOWS\L2Schemas
2017-06-25 02:32 - 2017-06-25 02:32 - 00000000 __SHD C:\Program Files\Windows Sidebar
2017-06-25 02:32 - 2017-06-25 02:32 - 00000000 __SHD C:\Program Files (x86)\Windows Sidebar
2017-06-25 02:32 - 2017-06-25 02:32 - 00000000 ___SD C:\WINDOWS\SysWOW64\Configuration
2017-06-25 02:32 - 2017-06-25 02:32 - 00000000 ___SD C:\WINDOWS\system32\Configuration
2017-06-25 02:32 - 2017-06-25 02:32 - 00000000 ____D C:\WINDOWS\Web
2017-06-25 02:32 - 2017-06-25 02:32 - 00000000 ____D C:\WINDOWS\Vss
2017-06-25 02:32 - 2017-06-25 02:32 - 00000000 ____D C:\WINDOWS\tracing
2017-06-25 02:32 - 2017-06-25 02:32 - 00000000 ____D C:\WINDOWS\TAPI
2017-06-25 02:32 - 2017-06-25 02:32 - 00000000 ____D C:\WINDOWS\SysWOW64\SMI
2017-06-25 02:32 - 2017-06-25 02:32 - 00000000 ____D C:\WINDOWS\SysWOW64\ras
2017-06-25 02:32 - 2017-06-25 02:32 - 00000000 ____D C:\WINDOWS\SysWOW64\NDF
2017-06-25 02:32 - 2017-06-25 02:32 - 00000000 ____D C:\WINDOWS\SysWOW64\MsDtc
2017-06-25 02:32 - 2017-06-25 02:32 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed
2017-06-25 02:32 - 2017-06-25 02:32 - 00000000 ____D C:\WINDOWS\SysWOW64\Ipmi
2017-06-25 02:32 - 2017-06-25 02:32 - 00000000 ____D C:\WINDOWS\SysWOW64\InputMethod
2017-06-25 02:32 - 2017-06-25 02:32 - 00000000 ____D C:\WINDOWS\SysWOW64\inetsrv
2017-06-25 02:32 - 2017-06-25 02:32 - 00000000 ____D C:\WINDOWS\SysWOW64\IME
2017-06-25 02:32 - 2017-06-25 02:32 - 00000000 ____D C:\WINDOWS\SysWOW64\GroupPolicyUsers
2017-06-25 02:32 - 2017-06-25 02:32 - 00000000 ____D C:\WINDOWS\SysWOW64\FxsTmp
2017-06-25 02:32 - 2017-06-25 02:32 - 00000000 ____D C:\WINDOWS\SysWOW64\AppLocker
2017-06-25 02:32 - 2017-06-25 02:32 - 00000000 ____D C:\WINDOWS\SystemResources
2017-06-25 02:32 - 2017-06-25 02:32 - 00000000 ____D C:\WINDOWS\system32\winevt
2017-06-25 02:32 - 2017-06-25 02:32 - 00000000 ____D C:\WINDOWS\system32\ras
2017-06-25 02:32 - 2017-06-25 02:32 - 00000000 ____D C:\WINDOWS\system32\ProximityToast
2017-06-25 02:32 - 2017-06-25 02:32 - 00000000 ____D C:\WINDOWS\system32\PointOfService
2017-06-25 02:32 - 2017-06-25 02:32 - 00000000 ____D C:\WINDOWS\system32\Macromed
2017-06-25 02:32 - 2017-06-25 02:32 - 00000000 ____D C:\WINDOWS\system32\Ipmi
2017-06-25 02:32 - 2017-06-25 02:32 - 00000000 ____D C:\WINDOWS\system32\InputMethod
2017-06-25 02:32 - 2017-06-25 02:32 - 00000000 ____D C:\WINDOWS\system32\inetsrv
2017-06-25 02:32 - 2017-06-25 02:32 - 00000000 ____D C:\WINDOWS\system32\IME
2017-06-25 02:32 - 2017-06-25 02:32 - 00000000 ____D C:\WINDOWS\system32\FxsTmp
2017-06-25 02:32 - 2017-06-25 02:32 - 00000000 ____D C:\WINDOWS\system32\config\Journal
2017-06-25 02:32 - 2017-06-25 02:32 - 00000000 ____D C:\WINDOWS\system32\AppLocker
2017-06-25 02:32 - 2017-06-25 02:32 - 00000000 ____D C:\WINDOWS\System
2017-06-25 02:32 - 2017-06-25 02:32 - 00000000 ____D C:\WINDOWS\SKB
2017-06-25 02:32 - 2017-06-25 02:32 - 00000000 ____D C:\WINDOWS\security
2017-06-25 02:32 - 2017-06-25 02:32 - 00000000 ____D C:\WINDOWS\schemas
2017-06-25 02:32 - 2017-06-25 02:32 - 00000000 ____D C:\WINDOWS\SchCache
2017-06-25 02:32 - 2017-06-25 02:32 - 00000000 ____D C:\WINDOWS\Resources
2017-06-25 02:32 - 2017-06-25 02:32 - 00000000 ____D C:\WINDOWS\PLA
2017-06-25 02:32 - 2017-06-25 02:32 - 00000000 ____D C:\WINDOWS\Performance
2017-06-25 02:32 - 2017-06-25 02:32 - 00000000 ____D C:\WINDOWS\ModemLogs
2017-06-25 02:32 - 2017-06-25 02:32 - 00000000 ____D C:\WINDOWS\InputMethod
2017-06-25 02:32 - 2017-06-25 02:32 - 00000000 ____D C:\WINDOWS\Globalization
2017-06-25 02:32 - 2017-06-25 02:32 - 00000000 ____D C:\WINDOWS\GameBarPresenceWriter
2017-06-25 02:32 - 2017-06-25 02:32 - 00000000 ____D C:\WINDOWS\Cursors
2017-06-25 02:32 - 2017-06-25 02:32 - 00000000 ____D C:\WINDOWS\Branding
2017-06-25 02:32 - 2017-06-25 02:32 - 00000000 ____D C:\WINDOWS\addins
2017-06-25 02:32 - 2017-06-25 02:32 - 00000000 ____D C:\ProgramData\Comms
2017-06-25 02:32 - 2017-06-25 02:32 - 00000000 ____D C:\Program Files\Windows Portable Devices
2017-06-25 02:32 - 2017-06-25 02:32 - 00000000 ____D C:\Program Files\Windows NT
2017-06-25 02:32 - 2017-06-25 02:32 - 00000000 ____D C:\Program Files\Windows Multimedia Platform
2017-06-25 02:32 - 2017-06-25 02:32 - 00000000 ____D C:\Program Files\Common Files\Services
2017-06-25 02:32 - 2017-06-25 02:32 - 00000000 ____D C:\Program Files (x86)\Windows Portable Devices
2017-06-25 02:32 - 2017-06-25 02:32 - 00000000 ____D C:\Program Files (x86)\Windows NT
2017-06-25 02:32 - 2017-06-25 02:32 - 00000000 ____D C:\Program Files (x86)\Windows Multimedia Platform
2017-06-25 02:32 - 2017-06-24 23:23 - 00000000 __RHD C:\Users\Public\Libraries
2017-06-25 02:32 - 2017-06-24 23:20 - 00000000 ____D C:\WINDOWS\Registration
2017-06-25 02:32 - 2017-06-24 23:11 - 00000000 ____D C:\WINDOWS\system32\spool
2017-06-25 02:32 - 2017-06-24 22:55 - 00000000 ___RD C:\WINDOWS\MiracastView
2017-06-25 02:32 - 2017-06-24 22:54 - 00000000 ____D C:\WINDOWS\Help
2017-06-25 02:32 - 2017-06-24 22:51 - 00000000 ____D C:\ProgramData\USOPrivate
2017-06-25 02:31 - 2017-07-09 06:51 - 00000000 ____D C:\WINDOWS\INF
2017-06-25 02:17 - 2017-06-27 01:17 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-06-25 02:11 - 2017-07-09 07:59 - 01048576 _____ C:\WINDOWS\system32\config\BBI
2017-06-25 02:11 - 2017-06-27 05:38 - 00000000 ____D C:\WINDOWS\servicing
2017-06-25 02:11 - 2017-06-25 13:08 - 00032768 _____ C:\WINDOWS\system32\config\ELAM
2017-06-25 02:11 - 2017-06-25 02:32 - 00000000 ____D C:\WINDOWS\system32\SMI
2017-06-25 02:08 - 2017-06-27 13:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2017-06-25 02:08 - 2017-06-25 02:08 - 00000000 ____D C:\Program Files (x86)\VulkanRT
2017-06-25 02:08 - 2016-12-29 08:43 - 00133056 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvStreaming.exe
2017-06-25 02:08 - 2016-09-09 14:25 - 00269600 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2017-06-25 02:08 - 2016-09-09 14:25 - 00261920 _____ C:\WINDOWS\system32\vulkan-1.dll
2017-06-25 02:08 - 2016-09-09 14:25 - 00110880 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2017-06-25 02:08 - 2016-09-09 14:24 - 00125216 _____ C:\WINDOWS\system32\vulkaninfo.exe
2017-06-25 02:07 - 2017-06-07 16:51 - 00001951 _____ C:\WINDOWS\NvContainerRecovery.bat
2017-06-25 02:07 - 2017-01-04 15:24 - 00222648 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2017-06-25 02:07 - 2017-01-04 15:24 - 00210360 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2017-06-25 01:51 - 2017-06-25 01:52 - 00000000 ____D C:\Users\Hazzy\AppData\Local\PackageStaging
2017-06-25 01:31 - 2017-06-25 01:31 - 00000000 ____D C:\ProgramData\0e1c4373-a7b4-4022-99da-def1fae3eca4
2017-06-25 00:56 - 2017-06-25 00:56 - 00000000 ____D C:\Program Files (x86)\Dell Customer Connect
2017-06-25 00:27 - 2017-06-25 00:27 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2017-06-25 00:05 - 2017-07-08 23:47 - 00000000 ____D C:\Program Files (x86)\Google
2017-06-25 00:05 - 2017-06-25 12:34 - 00000000 ____D C:\Users\Hazzy\AppData\Local\Google
2017-06-24 23:57 - 2017-07-08 19:15 - 00000000 ____D C:\Users\Hazzy\AppData\Local\MicrosoftEdge
2017-06-24 23:40 - 2017-06-24 23:40 - 00000000 ____D C:\Users\Hazzy\AppData\Roaming\Intel Corporation
2017-06-24 23:39 - 2017-06-25 23:58 - 00002365 _____ C:\Users\Hazzy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-06-24 23:38 - 2017-06-28 13:40 - 00000000 ____D C:\Users\Hazzy\AppData\Local\Comms
2017-06-24 23:37 - 2017-06-25 00:02 - 00000000 ____D C:\Users\Hazzy\AppData\Roaming\DropboxOEM
2017-06-24 23:37 - 2017-06-24 23:37 - 00000000 ____D C:\Users\Hazzy\AppData\Local\Publishers
2017-06-24 23:37 - 2017-06-24 23:37 - 00000000 ____D C:\Users\Hazzy\AppData\Local\Power2Go8
2017-06-24 23:37 - 2017-06-24 23:37 - 00000000 ____D C:\Users\Hazzy\AppData\Local\DropboxOEM
2017-06-24 23:36 - 2017-07-09 07:59 - 00000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2017-06-24 23:36 - 2017-07-09 07:09 - 00000000 ____D C:\Users\Hazzy\AppData\Local\Packages
2017-06-24 23:36 - 2017-06-24 23:58 - 00000000 ____D C:\Users\Hazzy\AppData\Local\ConnectedDevicesPlatform
2017-06-24 23:36 - 2017-06-24 23:36 - 00000020 ___SH C:\Users\Hazzy\ntuser.ini
2017-06-24 23:36 - 2017-06-24 23:36 - 00000000 ____D C:\Users\Hazzy\AppData\Roaming\Adobe
2017-06-24 23:36 - 2017-06-24 23:36 - 00000000 ____D C:\Users\Hazzy\AppData\Local\VirtualStore
2017-06-24 23:36 - 2017-06-24 23:36 - 00000000 ____D C:\Users\Hazzy\AppData\Local\TileDataLayer
2017-06-24 23:29 - 2017-06-24 23:29 - 00003186 _____ C:\WINDOWS\System32\Tasks\DropboxOEM
2017-06-24 23:29 - 2017-06-24 23:29 - 00002138 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox 20 GB.lnk
2017-06-24 23:24 - 2017-06-24 23:24 - 00021042 _____ C:\Users\chris\Desktop\Removed Apps.html
2017-06-24 23:24 - 2017-06-24 23:24 - 00003994 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskMachineUA
2017-06-24 23:24 - 2017-06-24 23:24 - 00003762 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskMachineCore
2017-06-24 23:24 - 2017-06-24 23:24 - 00000000 _SHDL C:\Users\Default\My Documents
2017-06-24 23:24 - 2017-06-24 23:24 - 00000000 _SHDL C:\Users\Default\Documents\My Videos
2017-06-24 23:24 - 2017-06-24 23:24 - 00000000 _SHDL C:\Users\Default\Documents\My Pictures
2017-06-24 23:24 - 2017-06-24 23:24 - 00000000 _SHDL C:\Users\Default\Documents\My Music
2017-06-24 23:24 - 2017-06-24 23:24 - 00000000 _SHDL C:\Users\Default User\Documents\My Videos
2017-06-24 23:24 - 2017-06-24 23:24 - 00000000 _SHDL C:\Users\Default User\Documents\My Pictures
2017-06-24 23:24 - 2017-06-24 23:24 - 00000000 _SHDL C:\Users\Default User\Documents\My Music
2017-06-24 23:24 - 2017-06-24 23:24 - 00000000 _SHDL C:\Users\Default User
2017-06-24 23:24 - 2017-06-24 23:24 - 00000000 _SHDL C:\Users\All Users
2017-06-24 23:20 - 2017-06-24 23:20 - 00022744 _____ C:\WINDOWS\system32\emptyregdb.dat
2017-06-24 23:14 - 2017-07-09 08:09 - 00000000 ____D C:\Users\Hazzy
2017-06-24 23:14 - 2017-07-09 03:13 - 00000000 ____D C:\Users\chris
2017-06-24 23:14 - 2017-06-24 23:14 - 00000000 _SHDL C:\Users\Hazzy\My Documents
2017-06-24 23:14 - 2017-06-24 23:14 - 00000000 _SHDL C:\Users\Hazzy\Documents\My Videos
2017-06-24 23:14 - 2017-06-24 23:14 - 00000000 _SHDL C:\Users\Hazzy\Documents\My Pictures
2017-06-24 23:14 - 2017-06-24 23:14 - 00000000 _SHDL C:\Users\Hazzy\Documents\My Music
2017-06-24 23:14 - 2017-06-24 23:14 - 00000000 _SHDL C:\Users\chris\My Documents
2017-06-24 23:14 - 2017-06-24 23:14 - 00000000 _SHDL C:\Users\chris\Documents\My Videos
2017-06-24 23:14 - 2017-06-24 23:14 - 00000000 _SHDL C:\Users\chris\Documents\My Pictures
2017-06-24 23:14 - 2017-06-24 23:14 - 00000000 _SHDL C:\Users\chris\Documents\My Music
2017-06-24 23:12 - 2017-06-24 23:12 - 00001576 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2017-06-24 23:00 - 2017-06-24 23:00 - 00000000 ____D C:\WINDOWS\system32\config\bbimigrate
2017-06-24 22:54 - 2017-07-09 08:03 - 00000000 ____D C:\ProgramData\NVIDIA
2017-06-24 22:54 - 2017-06-28 17:57 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2017-06-24 22:54 - 2017-06-27 13:25 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2017-06-24 22:54 - 2017-06-27 13:23 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2017-06-24 22:54 - 2017-06-24 22:54 - 00003218 _____ C:\WINDOWS\System32\Tasks\RtHDVBg_PushButton
2017-06-24 22:54 - 2017-06-24 22:54 - 00000000 ____D C:\Program Files\Common Files\Atheros
2017-06-24 22:54 - 2016-12-29 08:44 - 06386232 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2017-06-24 22:54 - 2016-12-29 08:44 - 02477624 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2017-06-24 22:54 - 2016-12-29 08:44 - 01762752 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2017-06-24 22:54 - 2016-12-29 08:44 - 00546752 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2017-06-24 22:54 - 2016-12-29 08:44 - 00392128 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2017-06-24 22:54 - 2016-12-29 08:44 - 00083512 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2017-06-24 22:54 - 2016-12-29 08:44 - 00069568 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2017-06-24 22:54 - 2016-12-19 03:26 - 07651057 _____ C:\WINDOWS\system32\nvcoproc.bin
2017-06-24 22:53 - 2017-06-24 22:53 - 00000000 ____H C:\ProgramData\DP45977C.lfl
2017-06-24 22:53 - 2017-06-24 22:53 - 00000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2017-06-24 22:53 - 2017-06-24 22:53 - 00000000 ____D C:\WINDOWS\system32\SRSLabs
2017-06-24 22:53 - 2017-06-24 22:53 - 00000000 ____D C:\Program Files\Realtek
2017-06-24 22:52 - 2017-04-27 21:01 - 02717184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2017-06-24 22:51 - 2017-06-24 22:51 - 00000000 ____D C:\ProgramData\USOShared
2017-06-24 22:49 - 2017-07-09 07:59 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-06-24 22:49 - 2017-07-09 07:50 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2017-06-24 22:48 - 2017-06-27 05:42 - 00339528 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-06-23 16:15 - 2017-06-23 16:15 - 00000000 ____D C:\Users\Hazzy\Documents\Rockstar Games
2017-06-23 08:07 - 2017-07-07 04:35 - 00000000 ____D C:\Temp
2017-06-23 08:07 - 2017-06-27 11:45 - 00000000 ____D C:\Users\Hazzy\Documents\3DMark
2017-06-20 23:07 - 2017-06-20 23:08 - 00000000 ____D C:\Users\Public\Documents\Aimersoft
2017-06-20 13:06 - 2017-06-20 13:06 - 00032960 _____ (Dell Inc.) C:\WINDOWS\system32\Drivers\DDDriver64Dcsa.sys
2017-06-20 13:06 - 2017-06-20 13:06 - 00032568 _____ (Dell Computer Corporation) C:\WINDOWS\system32\Drivers\DellProf.sys
2017-06-17 13:55 - 2017-06-17 13:55 - 00000000 ____D C:\Users\Hazzy\AppData\LocalLow\IObit
2017-06-14 06:07 - 2017-06-03 06:50 - 00315744 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2017-06-14 06:07 - 2017-06-03 06:16 - 00279904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2017-06-14 06:07 - 2017-06-03 06:11 - 01706488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2017-06-14 06:07 - 2017-06-03 06:09 - 02213760 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2017-06-14 06:07 - 2017-06-03 06:08 - 07783256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2017-06-14 06:07 - 2017-06-03 06:06 - 02048496 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2017-06-14 06:07 - 2017-06-03 06:01 - 02681200 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2017-06-14 06:07 - 2017-06-03 05:59 - 01181024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2017-06-14 06:07 - 2017-06-03 05:59 - 00118112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tdx.sys
2017-06-14 06:07 - 2017-06-03 05:58 - 00340832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2017-06-14 06:07 - 2017-06-03 05:55 - 00780640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2017-06-14 06:07 - 2017-06-03 05:54 - 00187232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2017-06-14 06:07 - 2017-06-03 05:52 - 01021784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxPackaging.dll
2017-06-14 06:07 - 2017-06-03 05:52 - 00607072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll
2017-06-14 06:07 - 2017-06-03 05:52 - 00111968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupApi.dll
2017-06-14 06:07 - 2017-06-03 05:51 - 02187104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2017-06-14 06:07 - 2017-06-03 05:51 - 00402272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2017-06-14 06:07 - 2017-06-03 05:50 - 00857440 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2017-06-14 06:07 - 2017-06-03 05:50 - 00381792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2017-06-14 06:07 - 2017-06-03 05:49 - 20967840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2017-06-14 06:07 - 2017-06-03 05:48 - 00857952 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll
2017-06-14 06:07 - 2017-06-03 05:48 - 00148832 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupApi.dll
2017-06-14 06:07 - 2017-06-03 05:45 - 22220864 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2017-06-14 06:07 - 2017-06-03 05:44 - 01412640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2017-06-14 06:07 - 2017-06-03 05:44 - 00545944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2017-06-14 06:07 - 2017-06-03 05:39 - 05686272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2017-06-14 06:07 - 2017-06-03 05:39 - 02532192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2017-06-14 06:07 - 2017-06-03 05:33 - 00095232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll
2017-06-14 06:07 - 2017-06-03 05:32 - 00002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll
2017-06-14 06:07 - 2017-06-03 05:31 - 00224256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExSMime.dll
2017-06-14 06:07 - 2017-06-03 05:31 - 00037376 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2017-06-14 06:07 - 2017-06-03 05:28 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.BlockedShutdown.dll
2017-06-14 06:07 - 2017-06-03 05:28 - 00232448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edputil.dll
2017-06-14 06:07 - 2017-06-03 05:26 - 00231936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.LockScreen.dll
2017-06-14 06:07 - 2017-06-03 05:26 - 00100352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AuthBrokerUI.dll
2017-06-14 06:07 - 2017-06-03 05:23 - 00306688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2017-06-14 06:07 - 2017-06-03 05:22 - 00364544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupShim.dll
2017-06-14 06:07 - 2017-06-03 05:22 - 00327168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netcorehc.dll
2017-06-14 06:07 - 2017-06-03 05:22 - 00181760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tcpipcfg.dll
2017-06-14 06:07 - 2017-06-03 05:20 - 00755712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2017-06-14 06:07 - 2017-06-03 05:19 - 01164288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certutil.exe
2017-06-14 06:07 - 2017-06-03 05:18 - 22569984 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2017-06-14 06:07 - 2017-06-03 05:16 - 00709120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll
2017-06-14 06:07 - 2017-06-03 05:16 - 00119808 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
2017-06-14 06:07 - 2017-06-03 05:15 - 19414016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2017-06-14 06:07 - 2017-06-03 05:15 - 18364928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2017-06-14 06:07 - 2017-06-03 05:15 - 00886272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2017-06-14 06:07 - 2017-06-03 05:15 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll
2017-06-14 06:07 - 2017-06-03 05:15 - 00041472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BasicRender.sys
2017-06-14 06:07 - 2017-06-03 05:14 - 00238592 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2017-06-14 06:07 - 2017-06-03 05:14 - 00124416 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2017-06-14 06:07 - 2017-06-03 05:14 - 00098304 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2017-06-14 06:07 - 2017-06-03 05:12 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fdProxy.dll
2017-06-14 06:07 - 2017-06-03 05:09 - 00441344 _____ (Microsoft Corporation) C:\WINDOWS\system32\netcorehc.dll
2017-06-14 06:07 - 2017-06-03 05:08 - 12187648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2017-06-14 06:07 - 2017-06-03 05:08 - 02643968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2017-06-14 06:07 - 2017-06-03 05:08 - 01221120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Audio.dll
2017-06-14 06:07 - 2017-06-03 05:08 - 00691200 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2017-06-14 06:07 - 2017-06-03 05:07 - 00552960 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2017-06-14 06:07 - 2017-06-03 05:07 - 00456192 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll
2017-06-14 06:07 - 2017-06-03 05:06 - 03664384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2017-06-14 06:07 - 2017-06-03 05:05 - 01883648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2017-06-14 06:07 - 2017-06-03 05:05 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hnetcfg.dll
2017-06-14 06:07 - 2017-06-03 05:04 - 06042624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2017-06-14 06:07 - 2017-06-03 05:04 - 02006528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2017-06-14 06:07 - 2017-06-03 05:04 - 00773120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2017-06-14 06:07 - 2017-06-03 05:03 - 01988096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2017-06-14 06:07 - 2017-06-03 05:03 - 00932864 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2017-06-14 06:07 - 2017-06-03 05:02 - 02997760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2017-06-14 06:07 - 2017-06-03 05:00 - 23677440 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2017-06-14 06:07 - 2017-06-03 04:56 - 13091840 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2017-06-14 06:07 - 2017-06-03 04:54 - 01217024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Audio.dll
2017-06-14 06:07 - 2017-06-03 04:53 - 08125440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2017-06-14 06:07 - 2017-06-03 04:52 - 03403264 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2017-06-14 06:07 - 2017-06-03 04:51 - 00266752 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll
2017-06-14 06:07 - 2017-06-03 04:50 - 04744704 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2017-06-14 06:07 - 2017-06-03 04:50 - 02538496 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2017-06-14 06:07 - 2017-06-03 04:49 - 02475520 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2017-06-14 06:07 - 2017-06-03 04:49 - 01845248 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2017-06-14 06:07 - 2017-06-03 04:49 - 01513472 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2017-06-14 06:07 - 2017-06-03 04:49 - 00903680 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2017-06-14 06:07 - 2017-06-03 04:48 - 01131008 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2017-06-14 06:07 - 2017-06-03 04:48 - 00834048 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2017-06-14 06:07 - 2017-06-03 04:48 - 00391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2017-06-14 06:07 - 2017-06-03 04:40 - 00483840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2017-06-14 06:07 - 2017-05-25 01:56 - 00038752 _____ (Microsoft Corporation) C:\WINDOWS\system32\OOBEUpdater.exe
2017-06-14 06:07 - 2017-03-04 02:22 - 00822784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2017-06-14 06:07 - 2017-03-04 02:19 - 00635904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2017-06-14 06:07 - 2017-03-04 02:16 - 00368128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiobj.dll
2017-06-14 06:07 - 2017-03-04 02:16 - 00100864 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpninprc.dll
2017-06-14 06:07 - 2016-09-07 00:53 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppointmentActivation.dll
2017-06-14 06:06 - 2017-06-03 06:50 - 00192856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aepic.dll
2017-06-14 06:06 - 2017-06-03 06:14 - 01564512 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2017-06-14 06:06 - 2017-06-03 06:14 - 01214816 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2017-06-14 06:06 - 2017-06-03 06:14 - 00629088 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2017-06-14 06:06 - 2017-06-03 06:14 - 00544096 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2017-06-14 06:06 - 2017-06-03 06:14 - 00379232 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2017-06-14 06:06 - 2017-06-03 06:14 - 00335712 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcntel.dll
2017-06-14 06:06 - 2017-06-03 06:14 - 00334176 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2017-06-14 06:06 - 2017-06-03 06:14 - 00233824 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2017-06-14 06:06 - 2017-06-03 06:14 - 00136032 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2017-06-14 06:06 - 2017-06-03 06:14 - 00136024 _____ (Microsoft Corporation) C:\WINDOWS\system32\ImplatSetup.dll
2017-06-14 06:06 - 2017-06-03 06:14 - 00096608 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2017-06-14 06:06 - 2017-06-03 06:14 - 00034648 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2017-06-14 06:06 - 2017-06-03 06:11 - 00128864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tm.sys
2017-06-14 06:06 - 2017-06-03 05:59 - 00764392 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2017-06-14 06:06 - 2017-06-03 05:53 - 00404824 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2017-06-14 06:06 - 2017-06-03 05:49 - 00624048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2017-06-14 06:06 - 2017-06-03 05:49 - 00509280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2017-06-14 06:06 - 2017-06-03 05:48 - 01112416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxPackaging.dll
2017-06-14 06:06 - 2017-06-03 05:48 - 01100128 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2017-06-14 06:06 - 2017-06-03 05:48 - 00989024 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2017-06-14 06:06 - 2017-06-03 05:44 - 01600624 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2017-06-14 06:06 - 2017-06-03 05:40 - 01566552 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2017-06-14 06:06 - 2017-06-03 05:40 - 00628552 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2017-06-14 06:06 - 2017-06-03 05:39 - 00455520 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2017-06-14 06:06 - 2017-06-03 05:22 - 07217152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2017-06-14 06:06 - 2017-06-03 05:16 - 00002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
2017-06-14 06:06 - 2017-06-03 05:14 - 00045056 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2017-06-14 06:06 - 2017-06-03 05:11 - 00353792 _____ (Microsoft Corporation) C:\WINDOWS\system32\cloudAP.dll
2017-06-14 06:06 - 2017-06-03 05:10 - 00418304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BlockedShutdown.dll
2017-06-14 06:06 - 2017-06-03 05:10 - 00252928 _____ (Microsoft Corporation) C:\WINDOWS\system32\edputil.dll
2017-06-14 06:06 - 2017-06-03 05:10 - 00117760 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuthBrokerUI.dll
2017-06-14 06:06 - 2017-06-03 05:09 - 00489472 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupShim.dll
2017-06-14 06:06 - 2017-06-03 05:09 - 00337408 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkBindingEngineMigPlugin.dll
2017-06-14 06:06 - 2017-06-03 05:08 - 00324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll
2017-06-14 06:06 - 2017-06-03 05:08 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2017-06-14 06:06 - 2017-06-03 05:07 - 00255488 _____ (Microsoft Corporation) C:\WINDOWS\system32\HNetCfgClient.dll
2017-06-14 06:06 - 2017-06-03 05:06 - 00198144 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpapisrv.dll
2017-06-14 06:06 - 2017-06-03 05:01 - 00856064 _____ (Microsoft Corporation) C:\WINDOWS\system32\efscore.dll
2017-06-14 06:06 - 2017-06-03 04:58 - 00064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdProxy.dll
2017-06-14 06:06 - 2017-06-03 04:52 - 02510848 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2017-06-14 06:06 - 2017-06-03 04:52 - 00975872 _____ (Microsoft Corporation) C:\WINDOWS\HelpPane.exe
2017-06-14 06:06 - 2017-06-03 04:52 - 00886784 _____ (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll
2017-06-14 06:06 - 2017-06-03 04:51 - 01418240 _____ (Microsoft Corporation) C:\WINDOWS\system32\certutil.exe
2017-06-14 06:06 - 2017-06-03 04:49 - 03615744 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2017-06-14 06:06 - 2017-06-03 04:49 - 02691072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2017-06-14 06:06 - 2017-06-03 04:49 - 02318848 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2017-06-14 06:06 - 2017-06-03 04:49 - 00351744 _____ (Microsoft Corporation) C:\WINDOWS\system32\hnetcfg.dll
2017-06-14 06:06 - 2017-06-03 04:48 - 01490432 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2017-06-14 06:06 - 2017-06-03 04:46 - 01121280 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2017-06-14 06:06 - 2017-06-03 02:08 - 00080078 _____ C:\WINDOWS\system32\normidna.nls
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-07-09 09:06 - 2016-11-25 03:43 - 00000000 ____D C:\Users\Hazzy\AppData\LocalLow\Mozilla
2017-07-09 09:02 - 2016-10-06 16:48 - 00000000 ____D C:\Users\Hazzy\Desktop\Shortcuts
2017-07-09 08:04 - 2016-06-07 05:00 - 01369424 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-07-09 07:57 - 2016-09-18 15:08 - 00000000 ____D C:\ESD
2017-07-09 07:56 - 2016-06-07 05:30 - 00006288 _____ C:\WINDOWS\diagwrn.xml
2017-07-09 07:56 - 2016-06-07 05:30 - 00004412 _____ C:\WINDOWS\diagerr.xml
2017-07-09 07:56 - 2016-06-07 05:04 - 00000000 ____D C:\WINDOWS\Panther
2017-07-09 02:43 - 2015-10-30 03:24 - 00000000 ___HD C:\WINDOWS\system32\GroupPolicy
2017-07-09 02:39 - 2016-10-05 12:47 - 00000000 ____D C:\Users\Hazzy\Documents\MEGAsync Downloads
2017-07-09 01:46 - 2017-03-23 17:51 - 00000000 ___HD C:\OneDriveTemp
2017-07-08 23:30 - 2016-09-09 17:13 - 00000000 ___RD C:\Users\Hazzy\OneDrive
2017-07-08 19:26 - 2016-06-07 05:26 - 00000000 __RHD C:\Users\Public\AccountPictures
2017-07-08 18:48 - 2016-10-08 14:14 - 00000000 ____D C:\Games
2017-07-08 17:33 - 2016-06-07 04:55 - 00000000 ____D C:\ProgramData\CyberLink
2017-07-03 08:01 - 2016-06-07 04:58 - 00000000 ____D C:\ProgramData\Package Cache
2017-06-29 20:37 - 2016-09-09 19:30 - 00000000 ____D C:\Users\Hazzy\Documents\My Games
2017-06-29 15:44 - 2014-03-20 14:17 - 00915176 _____ (Tablet WinTab Driver V6.11) C:\WINDOWS\system32\WinTab32.dll
2017-06-29 15:44 - 2014-03-20 14:17 - 00891624 _____ (Tablet WinTab Driver V6.11) C:\WINDOWS\SysWOW64\WinTab32.dll
2017-06-29 15:44 - 2014-03-20 14:17 - 00410344 _____ (Pen Tablet) C:\WINDOWS\SysWOW64\PenTabletSetting.cpl
2017-06-29 15:44 - 2014-03-20 14:17 - 00378088 _____ C:\WINDOWS\system32\PTCINST.dll
2017-06-29 15:44 - 2014-03-20 14:17 - 00033000 _____ (Tablet Driver) C:\WINDOWS\system32\Drivers\PTTblHid.sys
2017-06-29 15:44 - 2014-03-20 14:17 - 00019688 _____ (PenTablet Driver for TabletPC) C:\WINDOWS\system32\Drivers\PTTPCHID.sys
2017-06-29 15:44 - 2014-03-20 14:16 - 06427368 _____ (Pen Tablet) C:\WINDOWS\SysWOW64\PenTabletSetting.exe
2017-06-29 15:44 - 2014-03-20 14:16 - 06427368 _____ (Pen Tablet) C:\WINDOWS\system32\PenTabletSetting.exe
2017-06-29 15:44 - 2014-03-20 14:16 - 00409320 _____ (Pen Tablet) C:\WINDOWS\system32\PenTabletSetting.cpl
2017-06-29 15:44 - 2014-03-20 14:16 - 00100072 _____ (Pen Tablet Driver) C:\WINDOWS\system32\PenTabletService.exe
2017-06-29 15:44 - 2014-03-20 14:16 - 00058088 _____ (Pen Tablet Driver) C:\WINDOWS\SysWOW64\PenTabletClient.exe
2017-06-29 15:44 - 2014-03-20 14:16 - 00058088 _____ (Pen Tablet Driver) C:\WINDOWS\system32\PenTabletClient.exe
2017-06-29 15:44 - 2014-03-20 14:16 - 00031464 _____ (UGTizer Technology Corp.) C:\WINDOWS\system32\DEVRGUPD.EXE
2017-06-29 15:44 - 2013-05-08 03:47 - 00082483 _____ C:\WINDOWS\system32\PTTablet_x64.cat
2017-06-28 13:38 - 2016-06-07 05:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell
2017-06-28 01:10 - 2016-06-07 05:04 - 00000000 ____D C:\Program Files\Dell
2017-06-28 01:10 - 2016-06-07 04:55 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2017-06-26 01:05 - 2016-06-07 05:15 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2017-06-26 00:03 - 2016-06-07 05:04 - 00000000 ____D C:\ProgramData\PCDr
2017-06-26 00:01 - 2016-06-07 05:09 - 00000000 ____D C:\ProgramData\McAfee
2017-06-25 12:46 - 2015-10-30 05:05 - 00000000 ____D C:\WINDOWS\ShellNew
2017-06-25 02:25 - 2016-07-16 02:04 - 00120320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
2017-06-25 02:22 - 2016-07-16 02:04 - 00142848 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2017-06-25 01:03 - 2016-06-07 05:19 - 00000000 ____D C:\ProgramData\Dell
2017-06-24 23:29 - 2016-06-07 05:08 - 00000000 ____D C:\Program Files (x86)\Dropbox
2017-06-24 23:26 - 2016-06-07 05:08 - 00000934 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job
2017-06-24 23:26 - 2016-06-07 05:08 - 00000930 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job
2017-06-24 23:20 - 2015-10-30 03:24 - 00000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2017-06-24 23:19 - 2016-06-07 05:00 - 00900574 _____ C:\WINDOWS\SysWOW64\PerfStringBackup.INI
2017-06-24 23:11 - 2016-06-07 05:02 - 00000000 ____D C:\WINDOWS\system32\nn-NO
2017-06-24 23:11 - 2016-06-07 05:02 - 00000000 ____D C:\WINDOWS\Options
2017-06-24 23:11 - 2015-10-30 03:24 - 00000000 ___RD C:\WINDOWS\PurchaseDialog
2017-06-24 23:11 - 2015-10-30 03:24 - 00000000 ___RD C:\WINDOWS\DesktopTileResources
2017-06-24 23:09 - 2016-06-07 05:24 - 00000000 ____D C:\ProgramData\Microsoft OneDrive
2017-06-24 23:09 - 2016-06-07 05:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2016 Tools
2017-06-24 23:09 - 2016-06-07 05:08 - 00000000 ____D C:\ProgramData\Dropbox
2017-06-24 23:09 - 2016-06-07 05:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell Audio
2017-06-24 23:09 - 2016-06-07 05:00 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2017-06-24 23:09 - 2016-06-07 05:00 - 00000000 ____D C:\ProgramData\Intel
2017-06-24 23:09 - 2016-06-07 05:00 - 00000000 ____D C:\Program Files (x86)\Realtek
2017-06-24 23:09 - 2016-06-07 04:58 - 00000000 ____D C:\Users\Public\CyberLink
2017-06-24 23:09 - 2016-06-07 04:55 - 00000000 ____D C:\ProgramData\Temp
2017-06-24 23:09 - 2016-06-07 04:55 - 00000000 ____D C:\ProgramData\install_clap
2017-06-24 23:09 - 2016-06-07 04:55 - 00000000 ____D C:\ProgramData\CLSK
2017-06-24 23:07 - 2016-06-07 05:08 - 00000000 ____D C:\Program Files (x86)\Dell Digital Delivery
2017-06-24 23:07 - 2016-06-07 05:02 - 00000000 ____D C:\Program Files (x86)\Dell Wireless
2017-06-24 23:07 - 2016-06-07 05:00 - 00000000 ____D C:\Program Files (x86)\Intel
2017-06-24 23:07 - 2016-06-07 04:56 - 00000000 ____D C:\Program Files (x86)\CyberLink
2017-06-24 23:05 - 2016-06-07 05:15 - 00000000 ____D C:\Program Files\Microsoft Office 15
2017-06-24 23:05 - 2016-06-07 05:02 - 00000000 ____D C:\Program Files (x86)\Cisco
2017-06-24 23:05 - 2016-06-07 05:01 - 00000000 ____D C:\Program Files\Waves
2017-06-24 23:05 - 2016-06-07 04:58 - 00000000 ____D C:\Program Files\Intel
2017-06-24 23:05 - 2015-10-30 05:05 - 00000000 ____D C:\Program Files\Windows Journal
2017-06-24 23:01 - 2016-06-07 05:02 - 00000000 ____D C:\Program Files\Common Files\QCA_Bluetooth
2017-06-23 08:07 - 2017-02-24 06:04 - 00000000 ____D C:\Users\Hazzy\.oracle_jre_usage
2017-06-20 23:15 - 2017-01-03 02:33 - 00000000 ____D C:\Users\Hazzy\.android
==================== Files in the root of some directories =======
2017-07-09 04:42 - 2017-07-09 08:23 - 33600776 _____ (Dell Inc.) C:\Program Files (x86)\Chipset_Driver_5W1P0_WN32_11.0.0.1168_A01.EXE
2017-07-09 04:42 - 2017-07-09 08:23 - 16576608 _____ (Dell Inc.) C:\Program Files (x86)\Chipset_Driver_F8YTN_WN32_1.0.0.42_A00.EXE
2017-07-09 04:43 - 2017-07-09 08:22 - 16558696 _____ (Dell Inc.) C:\Program Files (x86)\Chipset_Driver_NK43W_WN32_10.1.1.7_A00.EXE
2017-07-09 04:43 - 2017-07-09 08:23 - 7562768 _____ () C:\Program Files (x86)\Inspiron_3650_3250_Vostro_3650_3653_3250_3.4.1.exe
2017-07-09 04:43 - 2017-07-09 08:27 - 298221408 _____ (Dell Inc.) C:\Program Files (x86)\Network_Driver_7Y1H9_WN32_10.0.0.315_A00.EXE
2017-07-09 04:43 - 2017-07-09 08:22 - 34435168 _____ (Dell Inc.) C:\Program Files (x86)\Serial-ATA_Driver_PFJ82_WN32_14.8.9.1053_A06.EXE
2017-07-09 04:43 - 2017-07-09 08:22 - 26445216 _____ (Dell Inc.) C:\Program Files (x86)\Storage_Driver_XWHMP_WN64_6.3.9600.39066_A00.EXE
2017-05-17 11:32 - 2017-05-17 11:32 - 0125952 _____ () C:\Users\Hazzy\AppData\Local\report
2017-07-08 17:35 - 2017-07-08 17:35 - 0003072 _____ () C:\Users\Hazzy\AppData\Local\uninstallce.exe
2017-06-25 13:58 - 2017-06-25 13:58 - 0000003 _____ () C:\Users\Hazzy\AppData\Local\updater.log
2017-06-25 13:58 - 2017-07-09 03:05 - 0000425 _____ () C:\Users\Hazzy\AppData\Local\UserProducts.xml
2017-06-24 22:53 - 2017-06-24 22:53 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2016-06-07 04:58 - 2016-06-07 04:58 - 0000121 _____ () C:\ProgramData\{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}.log
2016-06-07 04:55 - 2016-06-07 04:56 - 0000106 _____ () C:\ProgramData\{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}.log
2016-06-07 04:57 - 2016-06-07 04:58 - 0000108 _____ () C:\ProgramData\{B46BEA36-0B71-4A4E-AE41-87241643FA0A}.log
2016-06-07 04:56 - 2016-06-07 04:57 - 0000113 _____ () C:\ProgramData\{E1646825-D391-42A0-93AA-27FA810DA093}.log
Some files in TEMP:
====================
2016-02-23 06:43 - 2016-02-23 06:43 - 0120336 _____ (McAfee, Inc.) C:\Users\Hazzy\AppData\Local\Temp\McCSPInstall.dll
2017-06-25 13:07 - 2016-02-23 06:43 - 0123360 _____ (McAfee Inc.) C:\Users\Hazzy\AppData\Local\Temp\mccspuninstall.exe
2017-07-09 00:22 - 2017-07-09 07:04 - 18309328 _____ (Microsoft Corporation) C:\Users\Hazzy\AppData\Local\Temp\MediaCreationTool.exe
2014-03-20 14:16 - 2017-06-29 15:44 - 0586472 _____ (UC-Logic Technology Corp.) C:\Users\Hazzy\AppData\Local\Temp\SetupX32.EXE
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2017-07-09 06:29
==================== End of FRST.txt ============================

 

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 08-07-2017
Ran by Hazzy (09-07-2017 09:18:56)
Running from C:\Users\Hazzy\Downloads
Windows 10 Home Version 1607 (X64) (2017-06-25 03:26:27)
Boot Mode: Normal
==========================================================

==================== Accounts: =============================
Administrator (S-1-5-21-2865199721-532491310-4034810924-500 - Administrator - Disabled)
chris (S-1-5-21-2865199721-532491310-4034810924-1002 - Limited - Enabled) => C:\Users\chris
DefaultAccount (S-1-5-21-2865199721-532491310-4034810924-503 - Limited - Disabled)
Guest (S-1-5-21-2865199721-532491310-4034810924-501 - Limited - Disabled)
Hazzy (S-1-5-21-2865199721-532491310-4034810924-1001 - Administrator - Enabled) => C:\Users\Hazzy
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
µTorrent (HKU\S-1-5-21-2865199721-532491310-4034810924-1001\...\uTorrent) (Version: 3.5.0.43916 - BitTorrent Inc.)
3DMark (HKLM\...\Steam App 223850) (Version:  - Futuremark)
7-Zip 17.00 beta (x64) (HKLM\...\7-Zip) (Version: 17.00 beta - Igor Pavlov)
AutoHotkey 1.1.26.00 (HKLM\...\AutoHotkey) (Version: 1.1.26.00 - Lexikos)
Borderlands 2 (HKLM\...\Steam App 49520) (Version:  - Gearbox Software)
Call of Duty: Black Ops II - Multiplayer (HKLM\...\Steam App 202990) (Version:  - Treyarch)
Call of Duty: Black Ops II - Zombies (HKLM\...\Steam App 212910) (Version:  - )
CyberLink Media Suite Essentials (HKLM-x32\...\InstallShield_{8F14AA37-5193-4A14-BD5B-BDF9B361AEF7}) (Version: 12 - CyberLink Corp.)
Dark Souls II Scholar Of The First Sin version 1.0.2.0 (HKLM-x32\...\Dark Souls II Scholar Of The First Sin_is1) (Version: 1.0.2.0 - Mr DJ)
Dark Souls: Prepare to Die Edition (HKLM\...\Steam App 211420) (Version:  - FromSoftware)
Dell Customer Connect (HKLM-x32\...\{124DE80C-9BFE-4D04-A8D9-69C5019DEEBF}) (Version: 1.3.28.0 - Dell Inc.)
Dell Digital Delivery (HKLM-x32\...\{AB7F2792-2ED1-4C5C-9F28-680E5110BF72}) (Version: 3.1.1018.0 - Dell Products, LP)
Dell Foundation Services (HKLM\...\{BDB50421-E961-42F3-B803-6DAC6F173834}) (Version: 3.4.16100.0 - Dell Inc.)
Dell Help & Support (HKLM\...\{E8669F4E-F2BE-48A9-B5A5-0BC12CA4CB4F}) (Version: 2.4.18.0 - Dell Inc.) Hidden
Dell Help & Support (HKLM-x32\...\InstallShield_{E8669F4E-F2BE-48A9-B5A5-0BC12CA4CB4F}) (Version: 2.4.18.0 - Dell Inc.)
Dell Product Registration (HKLM-x32\...\InstallShield_{48114909-3C3B-43E6-BF98-AE9C396500A3}) (Version: 3.0.127.0 - Dell Inc.)
Dell SupportAssist (HKLM\...\PC-Doctor for Windows) (Version: 2.0.6875.402 - Dell)
Dell SupportAssistAgent (HKLM\...\{90881C8E-6C4F-4662-9923-85AFCA058C44}) (Version: 2.0.1.7 - Dell)
Dell System Detect (HKU\S-1-5-21-2865199721-532491310-4034810924-1001\...\d24084d039586cae) (Version: 8.5.0.4 - Dell)
Dell Update (HKLM-x32\...\{F91263FA-BE4D-439D-9C0A-2E7204E0E9E3}) (Version: 1.9.20.0 - Dell Inc.)
Dell WLAN and Bluetooth Client Installation (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Dell Inc.)
Discord (HKU\S-1-5-21-2865199721-532491310-4034810924-1001\...\Discord) (Version: 0.0.297 - Hammer & Chisel, Inc.)
Dolphin (HKLM-x32\...\Dolphin) (Version: 5.0 - Dolphin Team)
DragonBoost (HKU\S-1-5-21-2865199721-532491310-4034810924-1001\...\DragonBoost) (Version:  - ) <==== ATTENTION
Dropbox 20 GB (HKLM-x32\...\{0867A88D-764F-366E-9E21-130DA8B472C3}) (Version: 3.1.18.0 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.59.1 - Dropbox, Inc.) Hidden
Fallout 4 (HKLM\...\Steam App 377160) (Version:  - Bethesda Game Studios)
File Shredder 2.5 (HKLM\...\File Shredder_is1) (Version:  - Pow Tools)
Futuremark SystemInfo (HKLM-x32\...\{85F94959-7098-4B55-9F39-27D880FE5BA1}) (Version: 5.1.620.0 - Futuremark)
Grand Theft Auto V (HKLM\...\Steam App 271590) (Version:  - Rockstar North)
HexChat (HKLM\...\HexChat_is1) (Version: 2.12.4 - HexChat)
Intel® Chipset Device Software (HKLM-x32\...\{60c073df-e736-4210-9c3a-5fc2b651cef3}) (Version: 10.1.1.7 - Intel® Corporation) Hidden
Intel® Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1168 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4390 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 14.8.1.1043 - Intel Corporation)
Lightshot-5.4.0.10 (HKLM-x32\...\{30A5B3C9-2084-4063-A32A-628A98DE512B}_is1) (Version: 5.4.0.10 - Skillbrains)
Malwarebytes version 3.1.2.1733 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.1.2.1733 - Malwarebytes)
Maxx Audio Installer (x64) (HKLM\...\{307032B2-6AF2-46D7-B933-62438DEB2B9A}) (Version: 2.6.6570.1 - Waves Audio Ltd.) Hidden
MEGAsync (HKLM-x32\...\MEGAsync) (Version:  - Mega Limited)
Microsoft Office 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 16.0.8201.2102 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2865199721-532491310-4034810924-1001\...\OneDriveSetup.exe) (Version: 17.3.6917.0607 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Mozilla Firefox 54.0.1 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 54.0.1 (x86 en-US)) (Version: 54.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 54.0.1 - Mozilla)
Nexus Mod Manager (HKLM\...\6af12c54-643b-4752-87d0-8335503010de_is1) (Version: 0.63.14 - Black Tree Gaming)
NVIDIA 3D Vision Driver 376.53 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 376.53 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.7.0.81 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.7.0.81 - NVIDIA Corporation)
NVIDIA Graphics Driver 376.53 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 376.53 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.34.17 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.17 - NVIDIA Corporation)
NVIDIA PhysX (HKLM-x32\...\{B455E95A-B804-439F-B533-336B1635AE97}) (Version: 9.14.0702 - NVIDIA Corporation)
NvNodejs (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvNodejs) (Version: 3.7.0.81 - NVIDIA Corporation) Hidden
NvTelemetry (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvTelemetry) (Version: 2.6.1.0 - NVIDIA Corporation) Hidden
NvvHci (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvvHci) (Version: 2.02.0.5 - NVIDIA Corporation) Hidden
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 19.0.3 - OBS Project)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.8201.2102 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.8201.2102 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.8201.2102 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0409-0000-0000000FF1CE}) (Version: 16.0.8201.2075 - Microsoft Corporation) Hidden
osu! (HKLM-x32\...\{80f01b02-d979-4a34-b7ba-a188944b8a78}) (Version: latest - ppy Pty Ltd)
Plumbytes Anti-Malware 2017 (HKLM\...\Plumbytes Anti-Malware 2017) (Version:  - Plumbytes Software)
Product Registration (HKLM\...\{48114909-3C3B-43E6-BF98-AE9C396500A3}) (Version: 3.0.127.0 - Dell Inc.) Hidden
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 10.0.1.0 - Qualcomm Atheros)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.10125.31214 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller All-In-One Windows Driver (HKLM-x32\...\{F7E7F0CB-AA41-4D5A-B6F2-8E6738EB063F}) (Version: 10.1.505.2015 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7707 - Realtek Semiconductor Corp.)
RivaTuner Statistics Server 6.5.0 (HKLM-x32\...\RTSS) (Version: 6.5.0 - Unwinder)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.2.1.9 - Rockstar Games)
SHIELD Streaming (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv) (Version: 7.1.0380 - NVIDIA Corporation) Hidden
SpyHunter 4 (HKLM-x32\...\SpyHunter) (Version: 4.26.12.4815 - Enigma Software Group, LLC)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
The Binding of Isaac: Rebirth (HKLM\...\Steam App 250900) (Version:  - Nicalis, Inc.)
The Witcher 3: Wild Hunt (HKLM\...\Steam App 292030) (Version:  - CD PROJEKT RED)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.6 - VideoLAN)
Vulkan Run Time Libraries 1.0.26.0 (HKLM\...\VulkanRT1.0.26.0) (Version: 1.0.26.0 - LunarG, Inc.)
Wallpaper Engine (HKLM\...\Steam App 431960) (Version:  - Kristjan Skutta)
Warframe (HKLM\...\Steam App 230410) (Version:  - Digital Extremes)
Windows 10 Update and Privacy Settings (HKLM\...\{4DFCD818-036A-4229-A67D-CF17DC461D92}) (Version: 1.0.14.0 - Microsoft Corporation)
Windows 10 Upgrade Assistant (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22175 - Microsoft Corporation)
XP_PEN (HKLM-x32\...\UG_PenTablet) (Version:  - )
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Hazzy\AppData\Local\MEGAsync\ShellExtX64.dll [2017-06-07] ()
ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Hazzy\AppData\Local\MEGAsync\ShellExtX64.dll [2017-06-07] ()
ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Hazzy\AppData\Local\MEGAsync\ShellExtX64.dll [2017-06-07] ()
ShellIconOverlayIdentifiers-x32: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Hazzy\AppData\Local\MEGAsync\ShellExtX32.dll [2017-06-07] ()
ShellIconOverlayIdentifiers-x32: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Hazzy\AppData\Local\MEGAsync\ShellExtX32.dll [2017-06-07] ()
ShellIconOverlayIdentifiers-x32: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Hazzy\AppData\Local\MEGAsync\ShellExtX32.dll [2017-06-07] ()
ContextMenuHandlers01: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2017-04-29] (Igor Pavlov)
ContextMenuHandlers01: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt.dll [2015-08-19] (Cyberlink)
ContextMenuHandlers01: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Hazzy\AppData\Local\MEGAsync\ShellExtX64.dll [2017-06-07] ()
ContextMenuHandlers02: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt.dll [2015-08-19] (Cyberlink)
ContextMenuHandlers02: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Hazzy\AppData\Local\MEGAsync\ShellExtX64.dll [2017-06-07] ()
ContextMenuHandlers03: [DeleteFiles] -> {736AF091-C361-49B4-A928-87C586130D33} => C:\Program Files\File Shredder\fsshell.dll [2012-04-01] ()
ContextMenuHandlers03: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-05-09] (Malwarebytes)
ContextMenuHandlers03: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Hazzy\AppData\Local\MEGAsync\ShellExtX64.dll [2017-06-07] ()
ContextMenuHandlers04: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2017-04-29] (Igor Pavlov)
ContextMenuHandlers04: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Hazzy\AppData\Local\MEGAsync\ShellExtX64.dll [2017-06-07] ()
ContextMenuHandlers05: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2016-12-29] (NVIDIA Corporation)
ContextMenuHandlers06: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2017-04-29] (Igor Pavlov)
ContextMenuHandlers06: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-05-09] (Malwarebytes)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {03888C3B-3C6A-482B-8330-90D968608BF9} - System32\Tasks\PCDoctorBackgroundMonitorTask => C:\Program Files\Dell\SupportAssist\uaclauncher.exe [2017-05-29] (PC-Doctor, Inc.)
Task: {27668893-8D3A-4E76-BF57-79BB6832572D} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-06-21] (NVIDIA Corporation)
Task: {28146B5A-1E83-4AB6-A646-D23A362E5641} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2017-06-24] (Dropbox, Inc.)
Task: {2BFB15D0-6113-487A-B315-593F41FDD9EA} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\Program Files\Windows Defender\\MpCmdRun.exe [2017-04-27] (Microsoft Corporation)
Task: {2C56E580-BB5C-481C-98E0-FBA62EFAF380} - System32\Tasks\PCDDataUploadTask => uaclauncher.exe
Task: {33C5EDB3-DA42-4B83-9D34-15D05C81D7B2} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\Program Files\Windows Defender\\MpCmdRun.exe [2017-04-27] (Microsoft Corporation)
Task: {38EBD773-F64E-4FB2-BCDF-50026FA1C517} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\Program Files\Windows Defender\\MpCmdRun.exe [2017-04-27] (Microsoft Corporation)
Task: {3A83A65D-2EDE-4868-AE2D-3090619911CA} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-06-21] (NVIDIA Corporation)
Task: {3B9229B1-CFCD-4186-A27C-D3E8CE08BF75} - System32\Tasks\DropboxOEM => C:\Program Files (x86)\Dropbox\DropboxOEM\DropboxOEM.exe [2016-09-21] ()
Task: {40331234-F87D-473A-A4E1-0CEB38505D8A} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2017-06-21] (NVIDIA Corporation)
Task: {61C26FE0-7959-4710-B00F-E2F1FD37D788} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-06-21] (NVIDIA Corporation)
Task: {6973DECC-0ECE-4447-A4DA-4992F5AD11D5} - System32\Tasks\update-S-1-5-21-2865199721-532491310-4034810924-1001 => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [2017-04-12] (TODO: <Company name>)
Task: {7076712A-1CBC-4913-A29F-B7C0AC8FCEEF} - \CLMLSvc_P2G8 -> No File <==== ATTENTION
Task: {75B4C836-A7BF-454F-AB67-44455B63BB79} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2017-06-21] (NVIDIA Corporation)
Task: {79A66B0C-70FF-48E7-9F0B-96DEB0295BB7} - \CLVDLauncher -> No File <==== ATTENTION
Task: {7D0C0A61-7E78-4C9F-9FF4-31E2DEB03113} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\Program Files\Windows Defender\\MpCmdRun.exe [2017-04-27] (Microsoft Corporation)
Task: {7EADC670-8117-499E-B9C1-667A9CA75B3B} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2017-06-24] (Dropbox, Inc.)
Task: {80F071EB-70C3-47D2-9EF9-5D17123EF4B3} - System32\Tasks\SpyHunter4Startup => C:\Program Files\Enigma Software Group\SpyHunter\Spyhunter4.exe [2017-07-08] (Enigma Software Group USA, LLC.)
Task: {8CFFF7D5-7E65-42E1-BB88-F57D7A694191} - System32\Tasks\update-sys => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [2017-04-12] (TODO: <Company name>)
Task: {91E8ED72-1214-4816-A906-FA4B3788D37B} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-06-21] (NVIDIA Corporation)
Task: {ADD12F3A-3300-4728-9529-6F29CB2C8FB7} - System32\Tasks\Dell SupportAssistAgent AutoUpdate => C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssist.exe [2017-06-28] (Dell Inc.)
Task: {C58C8C4B-6C0E-4A9F-B9BE-B10EEB99C49B} - System32\Tasks\Dell SupportAssistAgent AnonymousRegistration => C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssist.exe [2017-06-28] (Dell Inc.)
Task: {CAAF4DDD-26CF-4E3B-8122-2C81A1E8F620} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-06-21] (NVIDIA Corporation)
Task: {CCB1CD5E-5532-4F1A-A8D5-E044489A120B} - System32\Tasks\SystemToolsDailyTest => uaclauncher.exe
Task: {D63CBE7D-A4ED-4351-9914-00E61A3E0E88} - System32\Tasks\PCDEventLauncherTask => C:\Program Files\Dell\SupportAssist\sessionchecker.exe [2017-05-29] (PC-Doctor, Inc.)
Task: {E539C411-EA0C-4012-8872-92C44E55C0F3} - System32\Tasks\RtHDVBg_PushButton => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2015-12-31] (Realtek Semiconductor)
Task: {E9DFD2BB-F6A4-473D-AF29-5C6DCD40F8B3} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2017-06-21] (NVIDIA Corporation)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\update-S-1-5-21-2865199721-532491310-4034810924-1001.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe
Task: C:\WINDOWS\Tasks\update-sys.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)

==================== Loaded Modules (Whitelisted) ==============
2016-07-16 07:42 - 2016-07-16 07:42 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2017-06-14 06:07 - 2017-06-03 06:01 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2017-06-24 22:54 - 2016-12-29 08:44 - 00134712 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2017-06-27 13:22 - 2017-06-21 03:02 - 01267320 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
2016-06-07 04:57 - 2014-04-14 21:59 - 00253776 _____ () C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
2017-01-05 17:36 - 2017-01-05 17:36 - 00077824 _____ () C:\WINDOWS\SysWOW64\config\systemprofile\AppData\Local\ntuserlitelist\dataup\dataup.exe
2017-07-07 21:06 - 2017-07-07 21:03 - 00337408 _____ () C:\Program Files (x86)\Steam\steamapps\common\wallpaper_engine\bin\wallpaperservice32_c.exe
2017-06-07 16:09 - 2017-06-07 16:09 - 00598528 _____ () C:\Users\Hazzy\AppData\Local\MEGAsync\ShellExtX64.dll
2016-06-07 05:17 - 2017-06-26 00:58 - 08931008 _____ () C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\1033\GrooveIntlResource.dll
2017-05-03 17:11 - 2017-05-03 17:11 - 00619008 ____N () C:\windows\system32\tprdpw64.exe
2016-09-21 07:52 - 2016-09-21 07:52 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2017-03-14 20:49 - 2017-03-04 02:31 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2017-03-14 20:50 - 2017-03-04 02:12 - 09760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2017-03-14 20:50 - 2017-03-04 02:05 - 01401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-03-14 20:50 - 2017-03-04 02:05 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2017-06-14 06:06 - 2017-06-03 04:47 - 01033216 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll
2017-06-14 06:06 - 2017-06-03 04:47 - 02424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2017-06-14 06:06 - 2017-06-03 04:51 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2017-07-07 21:00 - 2017-07-07 21:02 - 01245184 _____ () C:\Program Files (x86)\Steam\steamapps\common\wallpaper_engine\wallpaper32.exe
2017-06-25 19:44 - 2017-06-25 19:46 - 00074752 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.18.614.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2017-06-25 19:44 - 2017-06-25 19:46 - 00203264 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.18.614.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2017-06-25 19:44 - 2017-06-25 19:46 - 43454464 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.18.614.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2017-06-25 19:44 - 2017-06-25 19:46 - 02437120 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.18.614.0_x64__kzf8qxf38zg5c\skypert.dll
2017-05-30 21:52 - 2017-05-30 21:52 - 00689664 ____N () C:\Users\Hazzy\AppData\Local\dcaoi\tgenwt\ct.exe
2017-04-21 15:37 - 2017-04-21 15:37 - 00884224 _____ () C:\Users\Hazzy\AppData\Local\ntuserlitelist\svcvmx\svcvmx.exe
2017-04-21 16:28 - 2017-04-21 16:28 - 01080832 _____ () C:\Users\Hazzy\AppData\Local\ntuserlitelist\svcvmx\vmxclient.exe
2017-06-27 13:22 - 2017-06-21 03:02 - 01040504 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll
2016-06-07 04:56 - 2014-12-08 03:28 - 00627672 _____ () C:\Program Files (x86)\CyberLink\CyberLink Media Suite\Power2Go8\CLMediaLibrary.dll
2014-12-08 18:28 - 2014-12-08 18:28 - 00016856 _____ () C:\Program Files (x86)\CyberLink\CyberLink Media Suite\Power2Go8\CLMLSvcPS.dll
2015-06-23 19:26 - 2015-06-23 19:26 - 00155888 _____ () c:\Program Files (x86)\Dell Digital Delivery\ServiceTagPlusPlus.dll
2017-05-01 15:27 - 2017-05-01 15:27 - 00133992 _____ () C:\Program Files (x86)\Dell Update\ServiceTagPlusPlus.dll
2017-01-14 19:40 - 2017-01-14 19:40 - 53460992 _____ () C:\Users\Hazzy\AppData\Local\ntuserlitelist\svcvmx\libcef.dll
2016-05-31 11:43 - 2016-05-31 11:43 - 01976832 _____ () C:\Users\Hazzy\AppData\Local\ntuserlitelist\svcvmx\libglesv2.dll
2016-05-31 11:44 - 2016-05-31 11:44 - 00075264 _____ () C:\Users\Hazzy\AppData\Local\ntuserlitelist\svcvmx\libegl.dll
2017-06-25 13:03 - 2017-05-16 21:54 - 00678176 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2017-06-25 13:03 - 2017-06-08 01:42 - 02485536 _____ () C:\Program Files (x86)\Steam\video.dll
2017-06-25 13:02 - 2016-01-27 03:49 - 02549760 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll
2017-06-25 13:02 - 2016-01-27 03:49 - 00491008 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll
2017-06-25 13:02 - 2016-01-27 03:49 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll
2017-06-25 13:02 - 2016-01-27 03:49 - 00442880 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll
2017-06-25 13:02 - 2016-01-27 03:49 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll
2017-06-25 13:03 - 2016-08-31 21:02 - 04969248 _____ () C:\Program Files (x86)\Steam\v8.dll
2017-06-25 13:03 - 2016-08-31 21:02 - 01195296 _____ () C:\Program Files (x86)\Steam\icuuc.dll
2017-06-25 13:03 - 2016-08-31 21:02 - 01563936 _____ () C:\Program Files (x86)\Steam\icui18n.dll
2017-06-25 13:03 - 2017-06-08 01:42 - 00877856 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2017-06-25 13:02 - 2016-07-04 18:17 - 00266560 _____ () C:\Program Files (x86)\Steam\openvr_api.dll
2017-06-25 13:04 - 2017-05-08 15:45 - 69516064 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.win7\libcef.dll
2017-06-25 13:04 - 2017-05-16 21:54 - 00678176 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.win7\SDL2.dll
2017-06-25 13:03 - 2017-06-08 01:42 - 00385312 _____ () C:\Program Files (x86)\Steam\steam.dll
2017-07-05 12:05 - 2015-01-19 13:35 - 00489472 _____ () C:\Program Files (x86)\Steam\steamapps\common\Dark Souls Prepare to Die Edition\DATA\DINPUT8.dll
2016-06-15 17:15 - 2016-06-15 17:15 - 17599640 _____ () C:\Users\Hazzy\AppData\Local\ntuserlitelist\svcvmx\pepflashplayer.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)

==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)

==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2015-10-30 03:24 - 2015-10-30 03:21 - 00000824 _____ C:\WINDOWS\system32\Drivers\etc\hosts

==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-2865199721-532491310-4034810924-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Hazzy\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\{b88accc2-395f-45fa-92f8-349109df9908}.jpg
DNS Servers: 192.168.0.240
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
MSCONFIG\Services: Dataup =>
HKLM\...\StartupApproved\Run: => "WindowsDefender"
HKLM\...\StartupApproved\Run: => "RTHDVCPL"
HKLM\...\StartupApproved\Run: => "RtHDVBg_MAXX6"
HKLM\...\StartupApproved\Run: => "IAStorIcon"
HKLM\...\StartupApproved\Run: => "ShadowPlay"
HKLM\...\StartupApproved\Run: => "WavesSvc"
HKLM\...\StartupApproved\Run32: => "PenTabletClient"
HKLM\...\StartupApproved\Run32: => "Lightshot"
HKU\S-1-5-21-2865199721-532491310-4034810924-1001\...\StartupApproved\StartupFolder: => "importantupdates.vbs"
HKU\S-1-5-21-2865199721-532491310-4034810924-1001\...\StartupApproved\StartupFolder: => "MEGAsync.lnk"
HKU\S-1-5-21-2865199721-532491310-4034810924-1001\...\StartupApproved\StartupFolder: => "windowsupdates.vbs"
HKU\S-1-5-21-2865199721-532491310-4034810924-1001\...\StartupApproved\Run: => "uTorrent"
HKU\S-1-5-21-2865199721-532491310-4034810924-1001\...\StartupApproved\Run: => "Discord"
HKU\S-1-5-21-2865199721-532491310-4034810924-1001\...\StartupApproved\Run: => "importantupdates"
HKU\S-1-5-21-2865199721-532491310-4034810924-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-2865199721-532491310-4034810924-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-2865199721-532491310-4034810924-1001\...\StartupApproved\Run: => "windowsupdates"
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{812E59A2-6122-44F6-A1B5-BC5FE3B4AAAB}] => (Allow) C:\Program Files (x86)\CyberLink\CyberLink Media Suite\PowerDVD12\Movie\PowerDVD Cinema\PowerDVDCinema12.exe
FirewallRules: [{FCCE55B2-6985-42FC-8017-0596DD7007B7}] => (Allow) C:\Program Files (x86)\CyberLink\CyberLink Media Suite\PowerDirector12\PDR10.EXE
FirewallRules: [{A04D02D5-86BF-4D47-9BE1-2DD65598C3B6}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{E5D9C612-F620-4335-BB38-A35E225D940C}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{63528817-8472-4FD5-ABFD-A1BA7436C7C0}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{E104D51D-3072-4A05-A874-787B14ED3447}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{FBCA4CF7-44E2-4214-BF17-4C7A65529365}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Borderlands 2\Binaries\Win32\Launcher.exe
FirewallRules: [{D5C9D2B2-1E05-40F8-96D4-0ECE75F9E8D0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Borderlands 2\Binaries\Win32\Launcher.exe
FirewallRules: [{4165F617-B12A-4045-ACF9-104002D76B6A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Borderlands 2\Binaries\Win32\Borderlands2.exe
FirewallRules: [{ABD37CD5-06A7-466E-A636-413D8747C0DA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Borderlands 2\Binaries\Win32\Borderlands2.exe
FirewallRules: [{C6BEC75F-9AA2-4DD3-A428-B51AE746FCB5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Call of Duty Black Ops II\t6mp.exe
FirewallRules: [{9A20F7D1-35F6-4009-AABD-76E057FB255A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Call of Duty Black Ops II\t6mp.exe
FirewallRules: [{E3AFB2E2-8C6F-4457-BC2D-27031E4D77A0}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [{2D25A99A-E3A3-4FEA-9426-931DC0FB2382}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Grand Theft Auto V\GTAVLauncher.exe
FirewallRules: [{65E150E8-085E-4356-AFD4-A5E8AB16C3E1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Grand Theft Auto V\GTAVLauncher.exe
FirewallRules: [TCP Query User{FD4EA90A-E9D0-45CD-852F-980A76FFDDB4}C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe
FirewallRules: [UDP Query User{5C8F64A1-DFFC-439C-B4E0-F52676751BBD}C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe
FirewallRules: [{E89089E7-5AA5-460A-8E4C-7884190530A6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\3DMark\3DMarkLauncher.exe
FirewallRules: [{B3D46AA3-9418-4FAC-895E-D37D675B9923}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\3DMark\3DMarkLauncher.exe
FirewallRules: [{15D5E5B0-7E59-42FD-899E-C1FA32A3564D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Call of Duty Black Ops II\t6zm.exe
FirewallRules: [{9F87F99B-3FDC-47EC-9E1B-23A3ADDEB380}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Call of Duty Black Ops II\t6zm.exe
FirewallRules: [{57DC9885-790F-44C8-83CF-0CBF3520E401}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{35D0C872-03B8-4EEC-B8BE-10672D7B7154}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{2827EF38-1BDF-4CA6-B86B-81A5B3C1A665}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{FCC807D2-C839-410C-B90D-A03D40DABDAE}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{D41D0ED6-54EE-4310-9DC0-F5F6940864B2}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{66F25068-06CD-42B9-B4EB-E332E756FAE1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\3DMark\bin\x86\3DMark.exe
FirewallRules: [{7B259361-F19E-4A6F-A63B-334BF399C6A2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\3DMark\bin\x86\3DMark.exe
FirewallRules: [{9AB97D5D-002F-4EDC-BEF9-335379820863}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\3DMark\bin\x64\3DMark.exe
FirewallRules: [{FF51D8DF-2AC3-4A4C-B219-A9BDE01E068D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\3DMark\bin\x64\3DMark.exe
FirewallRules: [{CC6BAB4D-A29D-48D8-9D9B-5472872F3C7D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [{0DCE17C3-515C-4EBD-BB9B-06DDE0DBC147}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [{B2B42DB4-8EA5-4AD7-A5E7-78607FE2A17D}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [TCP Query User{D7E92791-EBB5-424F-AD86-64906AD0F8AA}C:\program files\openshot video editor\launch.exe] => (Allow) C:\program files\openshot video editor\launch.exe
FirewallRules: [UDP Query User{65BF6271-F225-4003-B907-383080329FF9}C:\program files\openshot video editor\launch.exe] => (Allow) C:\program files\openshot video editor\launch.exe
FirewallRules: [{B07EC4CC-F1F6-467E-A90C-BC081C4F9517}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Fallout 4\Fallout4Launcher.exe
FirewallRules: [{23C13003-4F10-4FEB-9676-F126721DE3F7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Fallout 4\Fallout4Launcher.exe
FirewallRules: [{1F3B2879-018E-4F3F-BDB7-C483CB63438E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Witcher 3\bin\x64\witcher3.exe
FirewallRules: [{6690D1EE-519C-48C5-B33C-CF770B9F989B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Witcher 3\bin\x64\witcher3.exe
FirewallRules: [TCP Query User{52C3889B-9737-4165-A619-36EAEFEE1B18}C:\program files\bitcoin\bitcoin-qt.exe] => (Allow) C:\program files\bitcoin\bitcoin-qt.exe
FirewallRules: [UDP Query User{43F26A94-BB61-4EF7-9BB1-1C38EC4DFD2E}C:\program files\bitcoin\bitcoin-qt.exe] => (Allow) C:\program files\bitcoin\bitcoin-qt.exe
FirewallRules: [{0A5BA012-012A-40CA-A629-6900C0E94BC2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.exe
FirewallRules: [{3C85175D-6A86-45AE-9AE6-537E4EE5C463}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.x64.exe
FirewallRules: [{B15CBCBE-AE30-40B8-9398-60EF709505AF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.exe
FirewallRules: [{B37FA4D3-F4F3-40B6-98DD-F48F36EBF59A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.x64.exe
FirewallRules: [{15EE7AE0-F189-4634-92BE-3252FAC73AD8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Tools\Launcher.exe
FirewallRules: [{5CCD5D22-FDBC-4588-89EB-7853F869F7FA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Tools\RemoteCrashSender.exe
FirewallRules: [{46E0C5E3-ACC2-4712-B1E7-19F0E1C28FDA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.exe
FirewallRules: [{A4FCC18A-8826-4EC1-94C5-8717C6B2E0EF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.x64.exe
FirewallRules: [{A9BDC77E-979B-420E-A0C0-9588217A0C97}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.exe
FirewallRules: [{AB3B9EA5-D239-47E8-9E1E-4C2D4574AAC2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.x64.exe
FirewallRules: [{DF379356-FF04-43D8-B9CA-5DA2210BCBB4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Tools\Launcher.exe
FirewallRules: [{786B1A47-870B-4463-808A-007E0038955B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Tools\RemoteCrashSender.exe
FirewallRules: [{3C93E726-921B-4CA1-92B4-E3A2D3E6713C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dark Souls Prepare to Die Edition\DATA\DARKSOULS.exe
FirewallRules: [{895463C2-99F2-4DFA-856B-8785032779B9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dark Souls Prepare to Die Edition\DATA\DARKSOULS.exe
FirewallRules: [{27EB8F34-6FCD-4CEA-AF85-4CACED2E6143}] => (Allow) C:\Program Files (x86)\Mr DJ\Dark Souls II Scholar Of The First Sin\DarkSoulsII.exe
FirewallRules: [{F876685B-C571-427D-B63F-9D50FB350D09}] => (Allow) C:\Program Files (x86)\Mr DJ\Dark Souls II Scholar Of The First Sin\DarkSoulsII.exe
FirewallRules: [{B9CB4A05-BEA6-4536-A8D6-B7FF020B52BD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\wallpaper_engine\launcher.exe
FirewallRules: [{DCA9F6AC-2BBF-4FE7-B259-CB4B2648E99D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\wallpaper_engine\launcher.exe
FirewallRules: [{207EA93C-4C0A-4C09-A700-8450AFBA4E84}] => (Allow) C:\Users\Hazzy\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{C73C0033-FFD9-44FD-980E-115E6F3ED15E}] => (Allow) C:\Users\Hazzy\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{EF4D3B0E-7D04-4A39-B44B-72F9783E4562}] => (Allow) C:\Users\Hazzy\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{EFADE76A-D432-4B46-B700-7A553F6D7B65}] => (Allow) C:\Users\Hazzy\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{DB1E65AE-0239-4C7A-AF1F-BA58A9A3F751}] => (Allow) C:\Users\Hazzy\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{2744A8E1-7F6D-49F8-AAE6-CCBD2A4DD429}] => (Allow) C:\Users\Hazzy\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{05B560AB-A40A-4CAE-8F96-8511F8394804}] => (Allow) C:\WINDOWS\system32\rundll32.exe
FirewallRules: [{8E418910-FF49-4040-932A-DF25B00FC23C}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{38D9FF9F-CD4C-41C0-9555-6F05DE0FA8AF}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
==================== Restore Points =========================

==================== Faulty Device Manager Devices =============

==================== Event log errors: =========================
Application errors:
==================
Error: (07/09/2017 07:31:21 AM) (Source: Windows Search Service) (EventID: 3104) (User: )
Description: Enumerating user sessions to generate filter pools failed.
Details:
 (HRESULT : 0x80040210) (0x80040210)
Error: (07/09/2017 07:31:21 AM) (Source: Windows Search Service) (EventID: 3104) (User: )
Description: Enumerating user sessions to generate filter pools failed.
Details:
 (HRESULT : 0x80040210) (0x80040210)
Error: (07/09/2017 07:31:21 AM) (Source: Windows Search Service) (EventID: 3104) (User: )
Description: Enumerating user sessions to generate filter pools failed.
Details:
 (HRESULT : 0x80040210) (0x80040210)
Error: (07/09/2017 07:31:21 AM) (Source: Windows Search Service) (EventID: 3104) (User: )
Description: Enumerating user sessions to generate filter pools failed.
Details:
 (HRESULT : 0x80040210) (0x80040210)
Error: (07/09/2017 07:31:21 AM) (Source: Windows Search Service) (EventID: 3104) (User: )
Description: Enumerating user sessions to generate filter pools failed.
Details:
 (HRESULT : 0x80040210) (0x80040210)
Error: (07/09/2017 07:31:21 AM) (Source: Windows Search Service) (EventID: 3104) (User: )
Description: Enumerating user sessions to generate filter pools failed.
Details:
 (HRESULT : 0x80040210) (0x80040210)
Error: (07/09/2017 07:31:21 AM) (Source: Windows Search Service) (EventID: 3104) (User: )
Description: Enumerating user sessions to generate filter pools failed.
Details:
 (HRESULT : 0x80040210) (0x80040210)
Error: (07/09/2017 07:07:15 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program MicrosoftEdgeCP.exe version 11.0.14393.953 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.
Process ID: 1f10
Start Time: 01d2f8a2f9b90ac0
Termination Time: 7
Application Path: C:\WINDOWS\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
Report Id: c2251dd3-6496-11e7-99a8-f48e38945e22
Faulting package full name: Microsoft.MicrosoftEdge_38.14393.1066.0_neutral__8wekyb3d8bbwe
Faulting package-relative application ID: MicrosoftEdge
Error: (07/09/2017 06:53:04 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-OPCKEO2)
Description: Activation of app Microsoft.Getstarted_5.10.1441.0_x64__8wekyb3d8bbwe:App.AppX7mv0s3r0wanj0n66dy6vax24ps6avzvz.mca failed with error: -2144927149 See the Microsoft-Windows-TWinUI/Operational log for additional information.
Error: (07/09/2017 06:21:25 AM) (Source: Windows Search Service) (EventID: 3104) (User: )
Description: Enumerating user sessions to generate filter pools failed.
Details:
 (HRESULT : 0x80040210) (0x80040210)

System errors:
=============
Error: (07/09/2017 08:01:48 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Dropbox Update Service (dbupdate) service failed to start due to the following error:
The requested resource is in use.
Error: (07/09/2017 08:01:48 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Connected Devices Platform Service service terminated with the following error:
Unspecified error
Error: (07/09/2017 07:59:53 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
 and APPID
{F72671A9-012C-4725-9D2F-2A4D32D65169}
 to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (07/09/2017 07:59:47 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The SpyHunter 4 Service service failed to start due to the following error:
The requested resource is in use.
Error: (07/09/2017 07:59:27 AM) (Source: Application Popup) (EventID: 56) (User: )
Description: ACPI5
Error: (07/09/2017 07:58:50 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The SpyHunter 4 Service service failed to start due to the following error:
The requested resource is in use.
Error: (07/09/2017 07:58:30 AM) (Source: Application Popup) (EventID: 56) (User: )
Description: ACPI5
Error: (07/09/2017 07:57:43 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (07/09/2017 07:03:01 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
 and APPID
{F72671A9-012C-4725-9D2F-2A4D32D65169}
 to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (07/09/2017 06:56:50 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Dropbox Update Service (dbupdate) service failed to start due to the following error:
The requested resource is in use.

CodeIntegrity:
===================================
  Date: 2017-07-09 08:05:26.199
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\WINDOWS\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\WINDOWS\System32\nvspcap64.dll that did not meet the Store signing level requirements.
  Date: 2017-07-09 08:00:26.754
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\WINDOWS\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\WINDOWS\System32\nvspcap64.dll that did not meet the Store signing level requirements.
  Date: 2017-07-09 08:00:22.221
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\WINDOWS\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\WINDOWS\System32\nvspcap64.dll that did not meet the Store signing level requirements.
  Date: 2017-07-09 07:03:24.800
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\WINDOWS\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\WINDOWS\System32\nvspcap64.dll that did not meet the Store signing level requirements.
  Date: 2017-07-09 07:03:23.633
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\WINDOWS\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\WINDOWS\System32\nvspcap64.dll that did not meet the Store signing level requirements.
  Date: 2017-07-09 07:03:20.689
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\WINDOWS\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\WINDOWS\System32\nvspcap64.dll that did not meet the Store signing level requirements.
  Date: 2017-07-09 06:47:29.843
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\WINDOWS\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\WINDOWS\System32\nvspcap64.dll that did not meet the Store signing level requirements.
  Date: 2017-07-09 06:46:53.406
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\WINDOWS\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\WINDOWS\System32\nvspcap64.dll that did not meet the Store signing level requirements.
  Date: 2017-07-09 06:46:51.213
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\WINDOWS\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\WINDOWS\System32\nvspcap64.dll that did not meet the Store signing level requirements.
  Date: 2017-07-09 04:49:04.353
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\WINDOWS\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\WINDOWS\System32\nvspcap64.dll that did not meet the Store signing level requirements.

==================== Memory info ===========================
Processor: Intel® Core™ i3-6100 CPU @ 3.70GHz
Percentage of memory in use: 50%
Total physical RAM: 8135.51 MB
Available physical RAM: 4064.71 MB
Total Virtual: 12487.51 MB
Available Virtual: 6821.48 MB
==================== Drives ================================
Drive c: (OS) (Fixed) (Total:919.01 GB) (Free:455.04 GB) NTFS
Drive d: (w_10_pro_x64) (Removable) (Total:28.9 GB) (Free:25.66 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 3A2986C4)
Partition: GPT.
========================================================
Disk: 1 (Size: 28.9 GB) (Disk ID: 0042B97B)
Partition 1: (Active) - (Size=28.9 GB) - (Type=07 NTFS)
==================== End of Addition.txt ============================

 



BC AdBot (Login to Remove)

 


#2 Aura

Aura

    Bleepin' Special Ops


  • Malware Response Team
  • 19,634 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:12:38 PM

Posted 09 July 2017 - 10:33 AM

Hi Awoo :)
 
My name is Aura and I'll be assisting you with your malware issue. Since we'll be working together, you can call me Aura or Yoan, which is my real name, it's up to you! Now that we've broke the ice, I'll just ask you a few things during the time we'll be working together to clean your system and get it back to an operational state.
  • As you'll notice, the logs we are asking for here are quite lenghty, so it's normal for me to not reply exactly after you post them. This is because I need some time to analyse them and then act accordingly. However, I'll always reply within 24 hours, 48 hours at most if something unexpected happens;
  • As long as I'm assisting you on BleepingComputer, in this thread, I'll ask you to not seek assistance anywhere else for any issue related to the system we are working on. If you have an issue, question, etc. about your computer, please ask it in this thread and I'll assist you;
  • The same principle applies to any modifications you make to your system, I would like you to ask me before you do any manipulations that aren't in the instructions I posted. This is to ensure that we are operating in sync and I know exactly what's happening on your system;
  • If you aren't sure about an instruction I'm giving you, ask me about it. This is to ensure that the clean-up process goes without any issue. I'll answer you and even give you more precise instructions/explanations if you need. There's no shame in asking questions here, better be safe than sorry!;
  • If you don't reply to your thread within 3 days, I'll bump this thread to let you know that I'm waiting for you. If you don't reply after 5 days, it'll be closed. If you return after that period, you can send me a PM to get it unlocked and we'll continue where we left off;
  • Since malware can work quickly, we want to get rid of them as fast as we can, before they make unknown changes to the system. This being said, I would appreciate if you could reply to this thread within 24 hours of me posting. This way, we'll have a good clean-up rhythm and the chances of complications will be reduced;
  • I'm against any form of pirated, illegal and counterfeit software and material. So if you have any installed on your system, I'll ask you to uninstall them right now. You don't have to tell me if you indeed had some or not, I'll give you the benefit of the doubt. Plus, this would be against BleepingComputer's rules;
  • In the end, you are the one asking for assistance here. So if you wish to go a different way during the clean-up, like format and reinstall Windows, you are free to do so. I would appreciate you to let me know about it first, and if you need, I can also assist you in the process;
  • I would appreciate if you were to stay with me until the end, which means, until I declare your system clean. Just because your system isn't behaving weirdly anymore, or is running better than before, it doesn't mean that the infection is completely gone;
    This being said, I have a full time job so sometimes it'll take longer for me to reply to you. Don't worry, you'll be my first priority as soon as I get home and have time to look at your thread;
This being said, it's time to clean-up some malware, so let's get started, shall we? :)
 
Follow the instructions in the thread below. Make sure to download the MBAR linked in it. Let me know if you're not able to launch it and run a scan.
 
https://forums.malwarebytes.com/topic/198907-requested-resource-is-in-use-error-unable-to-start-malwarebytes/
 
If you manage to run a scan, delete everything it finds, and then copy/paste the content of the "mbar-log-TODAY'S-DATE.txt" log that is located in the MBAR folder here after.

unite_blue.png
Security Administrator | Sysnative Windows Update Senior Analyst | Malware Hunter | @SecurityAura
My timezone UTC-05:00 (East. Coast). If I didn't reply to you within 48 hours, please send me a PM.


#3 Awoo

Awoo
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  

Posted 09 July 2017 - 11:18 AM

Was able to download the software and update, just started a scan and it's only past the initialize stage so far will edit this post when more develops.
​*edit* Is actively scanning now, so it seems it got past the metaphorical bodyguards the malware is enacting.

*edit* Is not only scanning, but the scan isn't missing out on things like I thought maybe it might, has gotten 5 hits already, which I see as a good thing, would be more worried if it finished the test and had 0 hits.


Edited by Awoo, 09 July 2017 - 11:22 AM.


#4 Awoo

Awoo
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  

Posted 09 July 2017 - 11:52 AM

New development, the software has crashed after 796 hits, don't know what percentage of scan it got through, was somewhere in AppData, has been in (Not Responding) state for 5 minutes, have tried the "click x then click wait for the program to respond" method but it won't unfreeze, thinking I should terminate with task mgr then try once more?

*edit* Scratch that, didn't have the option to kill with taskmgr, it crashed to desktop on it's own. Tried running again from the install folder and got the resource in use error, redownloaded the program and am trying a 2nd scan, if this doesn't work will wait for further instruction.


Edited by Awoo, 09 July 2017 - 11:58 AM.


#5 Aura

Aura

    Bleepin' Special Ops


  • Malware Response Team
  • 19,634 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:12:38 PM

Posted 09 July 2017 - 01:33 PM

When you run a scan with MBAR, make sure the program window is open, all the other programs are closed and do not touch your computer until the scan is complete. It'll go through eventually.

unite_blue.png
Security Administrator | Sysnative Windows Update Senior Analyst | Malware Hunter | @SecurityAura
My timezone UTC-05:00 (East. Coast). If I didn't reply to you within 48 hours, please send me a PM.


#6 Awoo

Awoo
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  

Posted 09 July 2017 - 01:39 PM

I did just that for the 2nd scan, it froze multiple times but I didn't even give mouse input per chance of that crashing it, eventually went through with 6000+ hits and did a cleanup. The program had me restart, though windows wanted to update, and then weirdly it froze at restart screen. I waited 10 minutes but didn't get any change, and couldn't get on to ask you for advice so I went with instinct and held power button couple seconds, then I removed all peripherals, unplugged power cord, and waited 5 minutes. Plugged back in and rebooted, booter without issue to windows and logged in.



#7 Awoo

Awoo
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  

Posted 09 July 2017 - 01:43 PM

I would disable automatic windows updates for now if I knew how, but I'm on windows 10 home, so I don't have access to gpedit.



#8 Aura

Aura

    Bleepin' Special Ops


  • Malware Response Team
  • 19,634 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:12:38 PM

Posted 09 July 2017 - 02:16 PM

You don't need to disable it for now. Are you able to provide me the MBAR log like instructed in my 1st post?

unite_blue.png
Security Administrator | Sysnative Windows Update Senior Analyst | Malware Hunter | @SecurityAura
My timezone UTC-05:00 (East. Coast). If I didn't reply to you within 48 hours, please send me a PM.


#9 Awoo

Awoo
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  

Posted 09 July 2017 - 02:26 PM

I see 2 logs, I believe it's because I was wrong when I believed it had failed to complete the first cleanup because the reboot had issues at first and I had to restart so I ran a 2nd cleanup. I can give you both logs though.

*edit* I'm gonna have to give you the first log as an attachment though, it's too large for my browser to handle all that text.


Edited by Awoo, 09 July 2017 - 02:35 PM.


#10 Awoo

Awoo
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  

Posted 09 July 2017 - 02:37 PM

First Log

Attached File  mbar-log-2017-07-09 (12-56-48).txt   1.91MB   4 downloads

Second Log

Attached File  mbar-log-2017-07-09 (14-25-22).txt   2.22KB   1 downloads


Edited by Awoo, 09 July 2017 - 02:38 PM.


#11 Aura

Aura

    Bleepin' Special Ops


  • Malware Response Team
  • 19,634 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:12:38 PM

Posted 09 July 2017 - 10:01 PM

The 1st log was the good one :) Now you should be able to install and run a scan with Malwarebytes.

j1Bynr2.pngMalwarebytes - Clean Mode
  • Download and install the free version of Malwarebytes
    Note: If you have Malwarebytes already installed, you don't need to install it again. Simply start from the next bullet point;
  • Once Malwarebytes is installed, launch it and let it update his database. You might have to click on the little arrow by Scan Status in the middle right pane for it to do so;
  • Once the database update is complete, click on the Scan tab, then select the Threat Scan button and click on Start Scan;
  • Let the scan run, the time required to complete the scan depends of your system and computer specs;
  • Once the scan is complete, make sure that the first checkbox at the top is checked (which will automatically check every detected item), then click on the Quarantine Selected button;
    • If it asks you to restart your computer to complete the removal, do so;
  • Click on Export Summary after the deletion (in the bottom-left corner) and select Copy to Clipboard. Paste the content in your next reply;

unite_blue.png
Security Administrator | Sysnative Windows Update Senior Analyst | Malware Hunter | @SecurityAura
My timezone UTC-05:00 (East. Coast). If I didn't reply to you within 48 hours, please send me a PM.


#12 Awoo

Awoo
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  

Posted 10 July 2017 - 07:48 AM

Well, I copied to clipboard, though I also read it step by step so I had an order in my head that said restart when it asks me to, so my clipboard was of course cleared cause restart, but I went in Reports tab of Malwarebytes, and exported that to clipboard, detailed below:
 

Malwarebytes
www.malwarebytes.com
-Log Details-
Scan Date: 7/10/17
Scan Time: 8:30 AM
Log File:
Administrator: Yes
-Software Information-
Version: 3.1.2.1733
Components Version: 1.0.139
Update Package Version: 1.0.2331
License: Free
-System Information-
OS: Windows 10
CPU: x64
File System: NTFS
User: DESKTOP-OPCKEO2\Hazzy
-Scan Summary-
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 403590
Threats Detected: 553
Threats Quarantined: 553
Time Elapsed: 5 min, 3 sec
-Scan Options-
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled
-Scan Details-
Process: 0
(No malicious items detected)
Module: 0
(No malicious items detected)
Registry Key: 5
PUP.Optional.AnonymizerGadget.PrxySvrRST, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\NLASVC\PARAMETERS\INTERNET\MANUALPROXIES, Quarantined, [1186], [-1],0.0.0
PUP.Optional.Plumbytes, HKLM\SOFTWARE\MICROSOFT\TRACING\Plumbytes_RASAPI32, Quarantined, [9122], [396951],1.0.2331
PUP.Optional.Plumbytes, HKLM\SOFTWARE\MICROSOFT\TRACING\Plumbytes_RASMANCS, Quarantined, [9122], [396951],1.0.2331
PUP.Optional.ProxyGate, HKU\S-1-5-21-2865199721-532491310-4034810924-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\DragonBoost, Quarantined, [1024], [375419],1.0.2331
PUP.Optional.Plumbytes, HKLM\SOFTWARE\Plumbytes Software, Quarantined, [9122], [262040],1.0.2331
Registry Value: 8
PUP.Optional.AnonymizerGadget.PrxySvrRST, HKU\S-1-5-18\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|PROXYENABLE, Quarantined, [1186], [-1],0.0.0
PUP.Optional.AnonymizerGadget.PrxySvrRST, HKU\S-1-5-19\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|PROXYENABLE, Quarantined, [1186], [-1],0.0.0
PUP.Optional.AnonymizerGadget.PrxySvrRST, HKU\S-1-5-20\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|PROXYENABLE, Quarantined, [1186], [-1],0.0.0
PUP.Optional.AnonymizerGadget.PrxySvrRST, HKU\S-1-5-21-2865199721-532491310-4034810924-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|PROXYENABLE, Quarantined, [1186], [-1],0.0.0
PUP.Optional.AnonymizerGadget.PrxySvrRST, HKU\S-1-5-21-2865199721-532491310-4034810924-1002\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|PROXYENABLE, Quarantined, [1186], [-1],0.0.0
PUP.Optional.AnonymizerGadget.PrxySvrRST, HKU\S-1-5-19\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|PROXYSERVER, Quarantined, [1186], [-1],0.0.0
PUP.Optional.AnonymizerGadget.PrxySvrRST, HKU\S-1-5-20\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|PROXYSERVER, Quarantined, [1186], [-1],0.0.0
PUP.Optional.AnonymizerGadget.PrxySvrRST, HKU\.DEFAULT\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|PROXYENABLE, Quarantined, [1186], [-1],0.0.0
Registry Data: 0
(No malicious items detected)
Data Stream: 0
(No malicious items detected)
Folder: 39
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\QtWebEngine\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\5M3ZG2QG\macromedia.com\support\flashplayer\sys\#cdn.stickyadstv.com, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\QtWebEngine\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\5M3ZG2QG\macromedia.com\support\flashplayer\sys\#inread.anyclip.com, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\QtWebEngine\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\5M3ZG2QG\macromedia.com\support\flashplayer\sys\#cdn.dashbid.io, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\QtWebEngine\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\5M3ZG2QG\inread.anyclip.com\#com.junkbyte\Console, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\QtWebEngine\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\5M3ZG2QG\macromedia.com\support\flashplayer\sys, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\QtWebEngine\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\5M3ZG2QG\macromedia.com\support\flashplayer, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\QtWebEngine\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\5M3ZG2QG\cdn.dashbid.io\prod\db-sdkv30.swf, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\QtWebEngine\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\5M3ZG2QG\inread.anyclip.com\#com.junkbyte, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\QtWebEngine\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\5M3ZG2QG\inread.anyclip.com\ac#, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\QtWebEngine\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\5M3ZG2QG\macromedia.com\support, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\QtWebEngine\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\5M3ZG2QG\cdn.dashbid.io\prod, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\QtWebEngine\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\5M3ZG2QG\cdn.stickyadstv.com, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\QtWebEngine\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\5M3ZG2QG\inread.anyclip.com, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\QtWebEngine\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\5M3ZG2QG\cdn.dashbid.io, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\QtWebEngine\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\5M3ZG2QG\macromedia.com, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\QtWebEngine\Default\Pepper Data\Shockwave Flash\CacheWritableAdobeRoot\AssetCache\TNL6Z3GF, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\QtWebEngine\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\5M3ZG2QG, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\QtWebEngine\Default\Pepper Data\Shockwave Flash\CacheWritableAdobeRoot\AssetCache, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\QtWebEngine\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\QtWebEngine\Default\Pepper Data\Shockwave Flash\CacheWritableAdobeRoot, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\QtWebEngine\Default\Pepper Data\Shockwave Flash\WritableRoot, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\QtWebEngine\Default\Pepper Data\Shockwave Flash, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\QtWebEngine\Default\Local Storage, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\QtWebEngine\Default\Pepper Data, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\QtWebEngine\Default, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\QtWebEngine, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\USERS\HAZZY\APPDATA\LOCAL\AnonymizerLauncher, Quarantined, [1186], [329192],1.0.2331
Trojan.Clicker, C:\WINDOWS\syswow64\config\systemprofile\AppData\Local\ntuserlitelist\svcvmx\locales, Quarantined, [26], [383807],1.0.2331
Trojan.Clicker, C:\WINDOWS\syswow64\config\systemprofile\AppData\Local\ntuserlitelist\regtool, Quarantined, [26], [383807],1.0.2331
Trojan.Clicker, C:\WINDOWS\syswow64\config\systemprofile\AppData\Local\ntuserlitelist\dataup, Quarantined, [26], [383807],1.0.2331
PUP.Optional.AnonymizerGadget, C:\Users\Hazzy\AppData\Roaming\AGData\bin\translations\qtwebengine_locales, Quarantined, [1595], [338259],1.0.2331
PUP.Optional.AnonymizerGadget, C:\Users\Hazzy\AppData\Roaming\AGData\bin\translations, Quarantined, [1595], [338259],1.0.2331
PUP.Optional.AnonymizerGadget, C:\Users\Hazzy\AppData\Roaming\AGData\bin\resources, Quarantined, [1595], [338259],1.0.2331
PUP.Optional.ThreatSupport, C:\USERS\HAZZY\APPDATA\LOCAL\{12A8CCFE-3C33-4995-BAD8-074E4C5B22FD}, Quarantined, [2053], [343538],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\USERS\HAZZY\APPDATA\ROAMING\MICROSOFT\WINDOWS\START MENU\PROGRAMS\ANONYMIZERGADGET, Quarantined, [1186], [329210],1.0.2331
File: 501
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\data_0, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\data_1, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\data_2, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\data_3, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_000001, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_000002, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_000003, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_000004, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_000005, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_000006, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_000007, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_000008, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_000009, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_00000a, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_00000b, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_00000c, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_00000d, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_00000e, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_00000f, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_000011, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_000012, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_000013, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_000014, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_000015, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_000016, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_000017, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_000018, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_000019, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_00001a, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_00001b, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_00001c, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_00001d, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_00001e, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_00001f, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_000020, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_000021, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_000022, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_000023, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_000025, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_000026, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_000027, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_000028, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_000029, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_00002a, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_00002b, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_00002c, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_00002d, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_00002e, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_00002f, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_000030, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_000031, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_000032, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_000033, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_000034, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_000035, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_000036, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_000037, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_000039, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_00003a, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_00003b, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_00003c, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_00003d, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_00003e, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_00003f, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_000040, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_000041, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_000042, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_000043, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_000044, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_000045, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_000046, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_000047, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_000048, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_000049, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_00004a, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_00004b, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_00004d, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_00004e, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_00004f, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_000050, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_000051, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_000052, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_000053, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_000054, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_000055, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_000056, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_000057, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_000058, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_000059, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_00005a, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_00005b, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_00005c, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_00005d, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_00005e, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_00005f, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_000061, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_000062, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_000063, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_000064, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_000065, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_000066, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_000067, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_000068, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_000069, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_00006a, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_00006b, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_00006c, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_00006d, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_00006e, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_00006f, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_000070, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_000071, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_000072, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_000073, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_000010, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_000024, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_000038, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_00004c, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_000060, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_000074, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_000088, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_00009c, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_0000b0, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_0000c4, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_0000d8, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_0000ec, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_000100, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_000114, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_000128, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_00013c, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_000150, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_000164, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_000178, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_00018c, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_000075, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_000076, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_000077, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_000078, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_000079, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_00007a, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_00007b, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_00007c, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_00007d, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_00007e, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_00007f, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_000080, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_000081, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_000082, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_000083, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_000084, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_000085, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_000086, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_000087, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_000089, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_00008a, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_00008b, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_00008c, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_00008d, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_00008e, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_00008f, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_000090, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_000091, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_000092, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_000093, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_000094, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_000095, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_000096, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_000097, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_000098, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_000099, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_00009a, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_00009b, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_00009d, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_00009e, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_00009f, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_0000a0, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_0000a1, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_0000a2, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_0000a3, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_0000a4, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_0000a5, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_0000a6, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_0000a7, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_0000a8, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_0000a9, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_0000aa, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_0000ab, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_0000ac, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_0000ad, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_0000ae, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_0000af, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_0000b1, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_0000b2, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_0000b3, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_0000b4, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_0000b5, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_0000b6, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_0000b7, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_0000b8, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_0000b9, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_0000ba, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_0000bb, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_0000bc, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_0000bd, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_0000be, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_0000bf, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_0000c0, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_0000c1, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_0000c2, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_0000c3, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_0000c5, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_0000c6, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_0000c7, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_0000c8, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_0000c9, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_0000ca, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_0000cb, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_0000cc, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_0000cd, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_0000ce, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_0000cf, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_0000d0, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_0000d1, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_0000d2, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_0000d3, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_0000d4, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_0000d5, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_0000d6, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_0000d7, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_0000d9, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_0000da, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_0000db, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_0000dc, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_0000dd, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_0000de, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_0000df, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_0000e0, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_0000e1, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_0000e2, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_0000e3, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_0000e4, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_0000e5, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_0000e6, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_0000e7, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_0000e8, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_0000e9, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_0000ea, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_0000eb, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_0000ed, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_0000ee, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_0000ef, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_0000f0, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_0000f1, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_0000f2, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_0000f3, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_0000f4, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_0000f5, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_0000f6, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_0000f7, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_0000f8, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_0000f9, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_0000fa, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_0000fb, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_0000fc, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_0000fd, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_0000fe, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_0000ff, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_000101, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_000102, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_000103, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_000104, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_000105, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_000106, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_000107, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_000108, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_000109, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_00010a, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_00010b, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_00010c, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_00010d, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_00010e, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_00010f, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_000110, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_000111, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_000112, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_000113, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_000115, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_000116, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_000117, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_000118, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_000119, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_00011a, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_00011b, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_00011c, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_00011d, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_00011e, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_00011f, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_000120, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_000121, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_000122, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_000123, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_000124, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_000125, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_000126, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_000127, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_000129, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_00012a, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_00012b, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_00012c, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_00012d, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_00012e, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_00012f, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_000130, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_000131, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_000132, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_000133, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_000134, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_000135, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_000136, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_000137, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_000138, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_000139, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_00013a, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_00013b, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_00013d, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_00013e, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_00013f, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_000140, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_000141, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_000142, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_000143, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_000144, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_000145, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_000146, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_000147, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_000148, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_000149, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_00014a, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_00014b, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_00014c, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_00014d, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_00014e, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_00014f, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_000151, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_000152, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_000153, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_000154, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_000155, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_000156, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_000157, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_000158, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_000159, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_00015a, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_00015b, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_00015c, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_00015d, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_00015e, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_00015f, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_000160, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_000161, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_000162, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_000163, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_000165, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_000166, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_000167, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_000168, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_000169, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_00016a, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_00016b, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_00016c, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_00016d, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_00016e, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_00016f, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_000170, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_000171, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_000172, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_000173, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_000174, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_000175, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_000176, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_000177, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_000179, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_00017a, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_00017b, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_00017c, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_00017d, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_00017e, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_00017f, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_000180, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_000181, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_000182, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_000183, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_000184, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_000185, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_000186, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_000187, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_000188, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_000189, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_00018a, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_00018b, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_00018d, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_00018e, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_00018f, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_000190, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_000191, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_000192, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_000193, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_000194, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_000195, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_000196, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_000197, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_000198, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_000199, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_00019a, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_00019b, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_00019c, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_00019d, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_00019e, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_00019f, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_0001a0, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_0001a1, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_0001a2, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_0001a3, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_0001a4, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_0001a5, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_0001a6, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_0001a7, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_0001a8, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_0001a9, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_0001aa, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_0001ab, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\f_0001ac, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\cache\QtWebEngine\Default\Cache\index, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\QtWebEngine\Default\Local Storage\https_www.youtube.com_0.localstorage, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\QtWebEngine\Default\Local Storage\https_www.youtube.com_0.localstorage-journal, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\QtWebEngine\Default\Local Storage\http_imasdk.googleapis.com_0.localstorage, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\QtWebEngine\Default\Local Storage\http_imasdk.googleapis.com_0.localstorage-journal, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\QtWebEngine\Default\Local Storage\http_vdoobv.com_0.localstorage, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\QtWebEngine\Default\Local Storage\http_vdoobv.com_0.localstorage-journal, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\QtWebEngine\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\5M3ZG2QG\cdn.dashbid.io\prod\db-sdkv30.swf\dbStore.sol, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\QtWebEngine\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\5M3ZG2QG\inread.anyclip.com\ac#\_manager_any20170118-163652.sol, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\QtWebEngine\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\5M3ZG2QG\inread.anyclip.com\analytics.sol, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\QtWebEngine\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\5M3ZG2QG\macromedia.com\support\flashplayer\sys\#cdn.dashbid.io\settings.sol, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\QtWebEngine\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\5M3ZG2QG\macromedia.com\support\flashplayer\sys\#cdn.stickyadstv.com\settings.sol, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\QtWebEngine\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\5M3ZG2QG\macromedia.com\support\flashplayer\sys\#inread.anyclip.com\settings.sol, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\QtWebEngine\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\5M3ZG2QG\macromedia.com\support\flashplayer\sys\settings.sol, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\QtWebEngine\Default\Cookies, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\QtWebEngine\Default\Cookies-journal, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\QtWebEngine\Default\Origin Bound Certs, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\QtWebEngine\Default\Origin Bound Certs-journal, Quarantined, [1186], [329192],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\Users\Hazzy\AppData\Local\AnonymizerLauncher\QtWebEngine\Default\Visited Links, Quarantined, [1186], [329192],1.0.2331
Trojan.Clicker, C:\WINDOWS\syswow64\config\systemprofile\AppData\Local\ntuserlitelist\dataup\dataup.exe, Quarantined, [26], [383807],1.0.2331
Trojan.Clicker, C:\WINDOWS\syswow64\config\systemprofile\AppData\Local\ntuserlitelist\dataup\dataup.ini, Quarantined, [26], [383807],1.0.2331
Trojan.Clicker, C:\WINDOWS\syswow64\config\systemprofile\AppData\Local\ntuserlitelist\dataup\help_dll.dll, Quarantined, [26], [383807],1.0.2331
Trojan.Clicker, C:\WINDOWS\syswow64\config\systemprofile\AppData\Local\ntuserlitelist\dataup\NTSVC.ocx, Quarantined, [26], [383807],1.0.2331
Trojan.Clicker, C:\WINDOWS\syswow64\config\systemprofile\AppData\Local\ntuserlitelist\regtool\regtool.exe, Quarantined, [26], [383807],1.0.2331
Trojan.Clicker, C:\WINDOWS\syswow64\config\systemprofile\AppData\Local\ntuserlitelist\svcvmx\locales\en-US.pak, Quarantined, [26], [383807],1.0.2331
Trojan.Clicker, C:\WINDOWS\syswow64\config\systemprofile\AppData\Local\ntuserlitelist\svcvmx\locales\zh-CN.pak, Quarantined, [26], [383807],1.0.2331
Trojan.Clicker, C:\WINDOWS\syswow64\config\systemprofile\AppData\Local\ntuserlitelist\svcvmx\cef.pak, Quarantined, [26], [383807],1.0.2331
Trojan.Clicker, C:\WINDOWS\syswow64\config\systemprofile\AppData\Local\ntuserlitelist\svcvmx\cef_100_percent.pak, Quarantined, [26], [383807],1.0.2331
Trojan.Clicker, C:\WINDOWS\syswow64\config\systemprofile\AppData\Local\ntuserlitelist\svcvmx\cef_200_percent.pak, Quarantined, [26], [383807],1.0.2331
Trojan.Clicker, C:\WINDOWS\syswow64\config\systemprofile\AppData\Local\ntuserlitelist\svcvmx\cef_extensions.pak, Quarantined, [26], [383807],1.0.2331
Trojan.Clicker, C:\WINDOWS\syswow64\config\systemprofile\AppData\Local\ntuserlitelist\svcvmx\icudtl.dat, Quarantined, [26], [383807],1.0.2331
Trojan.Clicker, C:\WINDOWS\syswow64\config\systemprofile\AppData\Local\ntuserlitelist\svcvmx\libcef.dll, Quarantined, [26], [383807],1.0.2331
Trojan.Clicker, C:\WINDOWS\syswow64\config\systemprofile\AppData\Local\ntuserlitelist\svcvmx\libEGL.dll, Quarantined, [26], [383807],1.0.2331
Trojan.Clicker, C:\WINDOWS\syswow64\config\systemprofile\AppData\Local\ntuserlitelist\svcvmx\libGLESv2.dll, Quarantined, [26], [383807],1.0.2331
Trojan.Clicker, C:\WINDOWS\syswow64\config\systemprofile\AppData\Local\ntuserlitelist\svcvmx\natives_blob.bin, Quarantined, [26], [383807],1.0.2331
Trojan.Clicker, C:\WINDOWS\syswow64\config\systemprofile\AppData\Local\ntuserlitelist\svcvmx\snapshot_blob.bin, Quarantined, [26], [383807],1.0.2331
Trojan.Clicker, C:\WINDOWS\syswow64\config\systemprofile\AppData\Local\ntuserlitelist\svcvmx\svcvmx.exe, Quarantined, [26], [383807],1.0.2331
Trojan.Clicker, C:\WINDOWS\syswow64\config\systemprofile\AppData\Local\ntuserlitelist\svcvmx\vmxclient.exe, Quarantined, [26], [383807],1.0.2331
Trojan.Clicker, C:\WINDOWS\syswow64\config\systemprofile\AppData\Local\ntuserlitelist\svcvmx\widevinecdm.dll, Quarantined, [26], [383807],1.0.2331
Trojan.Clicker, C:\WINDOWS\syswow64\config\systemprofile\AppData\Local\ntuserlitelist\svcvmx\widevinecdmadapter.dll, Quarantined, [26], [383807],1.0.2331
PUP.Optional.AnonymizerGadget, C:\USERS\HAZZY\APPDATA\ROAMING\AGDATA\CONFIG.JSON, Quarantined, [1595], [338259],1.0.2331
PUP.Optional.AnonymizerGadget, C:\Users\Hazzy\AppData\Roaming\AGData\bin\resources\icudtl.dat, Quarantined, [1595], [338259],1.0.2331
PUP.Optional.AnonymizerGadget, C:\Users\Hazzy\AppData\Roaming\AGData\bin\resources\qtwebengine_resources.pak, Quarantined, [1595], [338259],1.0.2331
PUP.Optional.AnonymizerGadget, C:\Users\Hazzy\AppData\Roaming\AGData\bin\resources\qtwebengine_resources_100p.pak, Quarantined, [1595], [338259],1.0.2331
PUP.Optional.AnonymizerGadget, C:\Users\Hazzy\AppData\Roaming\AGData\bin\resources\qtwebengine_resources_200p.pak, Quarantined, [1595], [338259],1.0.2331
PUP.Optional.AnonymizerGadget, C:\Users\Hazzy\AppData\Roaming\AGData\bin\translations\qtwebengine_locales\en-US.pak, Quarantined, [1595], [338259],1.0.2331
PUP.Optional.AnonymizerGadget, C:\Users\Hazzy\AppData\Roaming\AGData\bin\libGLESV2.dll, Quarantined, [1595], [338259],1.0.2331
PUP.Optional.AnonymizerGadget, C:\Users\Hazzy\AppData\Roaming\AGData\bin\Qt5WebChannel.dll, Quarantined, [1595], [338259],1.0.2331
PUP.Optional.AnonymizerGadget, C:\Users\Hazzy\AppData\Roaming\AGData\bin\Qt5WebEngineCore.dll, Quarantined, [1595], [338259],1.0.2331
PUP.Optional.AnonymizerGadget, C:\Users\Hazzy\AppData\Roaming\AGData\bin\proxycheck.exe, Quarantined, [1595], [338259],1.0.2331
PUP.Optional.AnonymizerGadget, C:\Users\Hazzy\AppData\Roaming\AGData\bin\Qt5Core.dll, Quarantined, [1595], [338259],1.0.2331
PUP.Optional.AnonymizerGadget, C:\Users\Hazzy\AppData\Roaming\AGData\bin\Qt5Gui.dll, Quarantined, [1595], [338259],1.0.2331
PUP.Optional.AnonymizerGadget, C:\Users\Hazzy\AppData\Roaming\AGData\bin\Qt5Network.dll, Quarantined, [1595], [338259],1.0.2331
PUP.Optional.AnonymizerGadget, C:\Users\Hazzy\AppData\Roaming\AGData\bin\Qt5Positioning.dll, Quarantined, [1595], [338259],1.0.2331
PUP.Optional.AnonymizerGadget, C:\Users\Hazzy\AppData\Roaming\AGData\bin\Qt5Qml.dll, Quarantined, [1595], [338259],1.0.2331
PUP.Optional.AnonymizerGadget, C:\Users\Hazzy\AppData\Roaming\AGData\bin\Qt5Quick.dll, Quarantined, [1595], [338259],1.0.2331
PUP.Optional.AnonymizerGadget, C:\Users\Hazzy\AppData\Roaming\AGData\add.json, Quarantined, [1595], [338259],1.0.2331
Adware.Yelloader, C:\USERS\HAZZY\APPDATA\LOCAL\TEMP\1499549749\S5-20170325.ZIP, Quarantined, [1407], [409678],1.0.2331
PUP.Optional.FastDataX, C:\USERS\HAZZY\APPDATA\LOCAL\TEMP\320491171\IC-0.B6EDF2DB72482.EXE, Quarantined, [9344], [407240],1.0.2331
PUP.Optional.BetterAds, C:\USERS\HAZZY\APPDATA\LOCAL\TEMP\320491171\IC-0.4FB5335BD50B34.EXE, Quarantined, [512], [391675],1.0.2331
PUP.Optional.Plumbytes, C:\USERS\HAZZY\APPDATA\LOCAL\TEMP\PAIFFFE.TMP, Quarantined, [9122], [123575],1.0.2331
PUP.Optional.AnonymizerGadget, C:\USERS\HAZZY\APPDATA\LOCAL\TEMP\320491171\IC-0.F42B6FC04128F.EXE, Quarantined, [1595], [338559],1.0.2331
Trojan.Clicker, C:\USERS\HAZZY\APPDATA\LOCAL\TEMP\1499549750\S5M_INSTALL_325.ZIP, Quarantined, [26], [387412],1.0.2331
PUP.Optional.Plumbytes, C:\USERS\HAZZY\DOWNLOADS\ANTIMALWARESETUP.EXE, Quarantined, [9122], [123575],1.0.2331
PUP.Optional.SpyHunter, C:\USERS\HAZZY\DOWNLOADS\SPYHUNTER-INSTALLER (1).EXE, Quarantined, [963], [345850],1.0.2331
PUP.Optional.ThreatSupport, C:\USERS\HAZZY\APPDATA\LOCAL\{12A8CCFE-3C33-4995-BAD8-074E4C5B22FD}\SCANLOGS.XML, Quarantined, [2053], [343538],1.0.2331
PUP.Optional.AnonymizerGadget.PrxySvrRST, C:\USERS\HAZZY\APPDATA\ROAMING\MICROSOFT\WINDOWS\START MENU\PROGRAMS\ANONYMIZERGADGET\ANONYMIZERGADGET.LNK, Quarantined, [1186], [329210],1.0.2331
PUP.Optional.REOptimizer, C:\USERS\HAZZY\APPDATA\LOCAL\UNINSTALLCE.EXE, Quarantined, [8479], [412227],1.0.2331
PUP.Optional.SpyHunter, C:\USERS\HAZZY\DOWNLOADS\SPYHUNTER-INSTALLER.EXE, Quarantined, [963], [345850],1.0.2331
Physical Sector: 0
(No malicious items detected)

(end)


#13 Aura

Aura

    Bleepin' Special Ops


  • Malware Response Team
  • 19,634 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:12:38 PM

Posted 10 July 2017 - 07:59 AM

You did good by finding the report, thank you :)

Next we'll do a sweep with AdwCleaner and JRT.

zcMPezJ.pngAdwCleaner - Fix Mode
  • Download AdwCleaner and move it to your Desktop;
  • Right-click on AdwCleaner.exe and select Spcusrh.pngRun as Administrator (for Windows Vista, 7, 8, 8.1 and 10 users);
  • Accept the EULA (I accept), let the database update, then click on Scan;
  • Let the scan complete. Once it's done, make sure that every item listed in the different tabs is checked and click on the Cleaning button. This will kill all the active processes;
    MV5ejgW.png
  • Once the cleaning process is complete, AdwCleaner will ask to restart your computer, do it;
  • After the restart, a log will open when logging in. Please copy/paste the content of that log in your next reply;
iT103hr.pngJunkware Removal Tool (JRT)
  • Download Junkware Removal Tool (JRT) and move it to your Desktop;
  • Right-click on JRT.exe and select Spcusrh.pngRun as Administrator (for Windows Vista, 7, 8, 8.1 and 10 users);
  • Press on any key to launch the scan and let it complete;
    tLsXbWy.png
    Credits : BleepingComputer.com
  • Once the scan is complete, a log will open. Please copy/paste the content of the output log in your next reply;
Your next reply(ies) should therefore contain:
  • Copy/pasted AdwCleaner clean log;
  • Copy/pasted JRT log;

unite_blue.png
Security Administrator | Sysnative Windows Update Senior Analyst | Malware Hunter | @SecurityAura
My timezone UTC-05:00 (East. Coast). If I didn't reply to you within 48 hours, please send me a PM.


#14 Awoo

Awoo
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  

Posted 10 July 2017 - 02:47 PM

I'll download and run those, and since windows defender started a scan automatically after I rebooted from the Malwarebytes scan I let it run while I went to work, it detected one thing so I'm letting it clean that, then I'll run AdwCleaner and JRT.
​Just in case the information would be helpful I'll attach a screenshot of this page windows defender gave me after clean, I don't see a save log option that's why I'll do screenshot.

Attached File  Screenshot_1.png   142.84KB   0 downloads



#15 Aura

Aura

    Bleepin' Special Ops


  • Malware Response Team
  • 19,634 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:12:38 PM

Posted 10 July 2017 - 02:48 PM

Windows Defender detected one of your illegal activator/loader for Microsoft products (Windows, Office, etc.)

unite_blue.png
Security Administrator | Sysnative Windows Update Senior Analyst | Malware Hunter | @SecurityAura
My timezone UTC-05:00 (East. Coast). If I didn't reply to you within 48 hours, please send me a PM.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users