Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Can Log in, but screen stays black...other than cursor


  • This topic is locked This topic is locked
57 replies to this topic

#1 Thundergod67

Thundergod67

  • Members
  • 57 posts
  • OFFLINE
  •  
  • Local time:10:25 PM

Posted 27 January 2018 - 03:25 PM

About two weeks ago, my computer started only showing a black screen after I log in. The cursor is there, a much bigger arrow than normal. I can move the cursor around, and if I cntrl-alt-del I get the normal blue screen asking me to chose Lock computer, switch user, log off etc. If I choose lock, log off, switch, it will go back to the normal log in screen. But if I choose task manager, task manager starts...but the reset of the screen stays black. If I select New Tack, then browse to the System32 folder I can tell it to start my browser...but nothing happens.

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 27.01.2018
Ran by Peter (administrator) on PETER-PC (27-01-2018 14:11:59)
Running from C:\Users\Peter\Desktop
Loaded Profiles: Peter (Available Profiles: Peter & Katiana & Dr. Kitten & Administrator & DefaultAppPool)
Platform: Windows 7 Professional Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(IObit) C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Check Point Software Technologies Ltd.) C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(DT Soft Ltd) C:\Program Files (x86)\DAEMON Tools Pro\DTShellHlp.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(IObit) C:\Program Files (x86)\IObit\Smart Defrag\SmartDefrag.exe
() C:\Program Files (x86)\Corsair\Corsair Link\CorsairLink.exe
(Advanced Micro Devices) C:\Program Files\AMD\{920DEC42-4CA5-4d1d-9487-67BE645CDDFC}\amdacpusrsvc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
() C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Innovative Solutions) C:\Program Files (x86)\Innovative Solutions\DriverMax\drivermax.exe
(Paramount Software UK Ltd) C:\Program Files\Macrium\Common\ReflectUI.exe
(Innovative Solutions) C:\Program Files (x86)\Innovative Solutions\DriverMax\innostp.exe
() C:\Program Files (x86)\ASUS\ASUS ROG Connect Plus\RC TweakIt Server\AsBCLK.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AAHM\1.00.22\aaHMSvc.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Security\WDDriveAutoUnlock.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.11.599\SSScheduler.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Paramount Software UK Ltd) C:\Program Files\Macrium\Common\MacriumService.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\ONENOTEM.EXE
() C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe
(Paramount Software UK Ltd) C:\Program Files\Macrium\Common\ReflectMonitor.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe
(Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe
() C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperAgent.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.7\GoogleCrashHandler.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.7\GoogleCrashHandler64.exe
(Copyright © 2017 Plays.tv, LLC) C:\Program Files (x86)\Raptr Inc\PlaysTV\plays_service.exe
(Motorola) C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe
(Microsoft Corporation) C:\Windows\System32\TCPSVCS.EXE
(Microsoft Corporation) C:\Windows\System32\snmp.exe
(DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe
(Malwarebytes) E:\Program Files\Anti-Malware\MBAMService.exe
(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe
(IObit) C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Copyright © 2017 Plays.tv, LLC) C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv.exe
(Raptr, Inc) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe
(Raptr, Inc) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe
(Malwarebytes) E:\Program Files\Anti-Malware\mbamtray.exe
(IObit) C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFTips.exe
() C:\Program Files (x86)\Raptr Inc\PlaysTV\QtWebEngineProcess.exe
() C:\Program Files (x86)\Raptr Inc\PlaysTV\QtWebEngineProcess.exe
() C:\Program Files (x86)\Raptr Inc\PlaysTV\QtWebEngineProcess.exe
() C:\Program Files (x86)\Raptr Inc\PlaysTV\QtWebEngineProcess.exe
() C:\Program Files (x86)\Raptr Inc\PlaysTV\QtWebEngineProcess.exe
(Raptr Inc.) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_ep64.exe
(Samsung Electronics Co. Ltd.) C:\Program Files (x86)\Samsung\Samsung Magician\SamsungMagician.exe
(Raptr Inc.) C:\Program Files (x86)\Raptr Inc\PlaysTV\plays_ep64.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\amddvr.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\amdow.exe
(IObit) C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9068040 2016-11-09] (Realtek Semiconductor)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [303928 2017-05-09] (Apple Inc.)
HKLM\...\Run: [Reflect UI] => C:\Program Files\Macrium\Common\ReflectUI.exe [3465608 2017-10-01] (Paramount Software UK Ltd)
HKLM-x32\...\Run: [WD Drive Unlocker] => C:\Program Files (x86)\Western Digital\WD Security\WDDriveAutoUnlock.exe [1694080 2013-06-18] (Western Digital Technologies, Inc.)
HKLM-x32\...\Run: [IObit Malware Fighter] => C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe [5232928 2017-05-19] (IObit)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [67896 2017-05-08] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-09-05] (Oracle Corporation)
HKLM-x32\...\Run: [Raptr] => C:\Program Files (x86)\Raptr Inc\Raptr\raptrstub.exe [58584 2018-01-22] (Raptr, Inc)
HKLM-x32\...\Run: [hpqSRMon] => C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe [150528 2008-07-22] (Hewlett-Packard)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [54840 2007-05-08] (Hewlett-Packard)
HKLM-x32\...\Run: [PlaysTV] => C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv_launcher.exe [51416 2017-12-12] (Copyright © 2017 Plays.tv, LLC)
HKU\S-1-5-19\...\Run: [Sidebar] => %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
HKU\S-1-5-20\...\Run: [Sidebar] => %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
HKU\S-1-5-21-1439322100-2213096863-3173725656-1000\...\Run: [GalaxyClient] => C:\Program Files (x86)\GOG Galaxy\GalaxyClient.exe [5362760 2018-01-10] (GOG.com)
HKU\S-1-5-21-1439322100-2213096863-3173725656-1000\...\Run: [SmartRAM] => C:\Program Files (x86)\IObit\Advanced SystemCare\Suo10_SmartRAM.exe [560416 2017-07-26] (IObit)
HKU\S-1-5-21-1439322100-2213096863-3173725656-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [10257872 2018-01-09] (Piriform Ltd)
HKU\S-1-5-21-1439322100-2213096863-3173725656-1000\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-1439322100-2213096863-3173725656-1000\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\S-1-5-21-1439322100-2213096863-3173725656-1000\...\MountPoints2: D - D:\setup.exe
HKU\S-1-5-21-1439322100-2213096863-3173725656-1000\...\MountPoints2: {a078e09c-1169-11e6-b69f-240a64ded1ff} - H:\TL_Bootstrap.exe
HKU\S-1-5-21-1439322100-2213096863-3173725656-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\ROG_VI~1.SCR [201728 2011-10-25] (ScreenTime Media)
HKU\S-1-5-18\...\Run: [Skype] => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
Lsa: [Notification Packages] scecli C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter C:\Program Files\WIDCOMM\Bluetooth Software\BtwProximityCP.dll
Startup: C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\12Ghosts Wash.lnk [2018-01-19]
ShortcutTarget: 12Ghosts Wash.lnk -> C:\Program Files (x86)\12Ghosts\12wash.exe (12Ghosts Inc. - www.12Ghosts.com)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2018-01-15]
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2017-09-23]
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.599\SSScheduler.exe (McAfee, Inc.)
Startup: C:\Users\Peter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\12Ghosts Wash.lnk [2017-06-27]
ShortcutTarget: 12Ghosts Wash.lnk -> C:\Program Files (x86)\12Ghosts\12wash.exe (12Ghosts Inc. - www.12Ghosts.com)
Startup: C:\Users\Peter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Send to OneNote.lnk [2018-01-26]
ShortcutTarget: Send to OneNote.lnk -> C:\Program Files\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation)
GroupPolicy: Restriction <==== ATTENTION
GroupPolicy\User: Restriction <==== ATTENTION
GroupPolicyUsers\S-1-5-21-1439322100-2213096863-3173725656-1007\User: Restriction <==== ATTENTION
GroupPolicyUsers\S-1-5-21-1439322100-2213096863-3173725656-1005\User: Restriction <==== ATTENTION
GroupPolicyUsers\S-1-5-21-1439322100-2213096863-3173725656-1003\User: Restriction <==== ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: 0.0.0.1 mssplus.mcafee.com
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{1139B926-537F-431D-88FF-18D61F31698F}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{EDBC27DC-2D80-4CF4-BFF0-02B97827B423}: [NameServer] 8.26.56.26,8.20.247.20

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer.dll [2017-05-22] (IObit)
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_151\bin\ssv.dll [2017-10-19] (Oracle Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\root\Office16\URLREDIR.DLL [2018-01-21] (Microsoft Corporation)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_151\bin\jp2ssv.dll [2017-10-19] (Oracle Corporation)
BHO-x32: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-09-20] (Hewlett-Packard Co.)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2018-01-21] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\URLREDIR.DLL [2018-01-21] (Microsoft Corporation)
BHO-x32: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-09-20] (Hewlett-Packard Co.)
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler-x32: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - C:\Program Files (x86)\Belarc\BelarcAdvisor\System\BAVoilaX.dll [2016-01-04] (Belarc, Inc.)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2018-01-21] (Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2018-01-21] (Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2018-01-21] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2018-01-21] (Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2018-01-21] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2018-01-21] (Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2018-01-21] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2018-01-21] (Microsoft Corporation)

FireFox:
========
FF DefaultProfile: 514ab5iw.default-1485635028814-1516900905494
FF ProfilePath: C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\514ab5iw.default-1485635028814-1516900905494 [2018-01-27]
FF Session Restore: Mozilla\Firefox\Profiles\514ab5iw.default-1485635028814-1516900905494 -> is enabled.
FF Extension: (LastPass: Free Password Manager) - C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\514ab5iw.default-1485635028814-1516900905494\Extensions\support@lastpass.com.xpi [2018-01-25]
FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: (HP Smart Web Printing) - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2018-01-15] [Legacy] [not signed]
FF HKU\S-1-5-21-1439322100-2213096863-3173725656-1000\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF HKU\S-1-5-21-1439322100-2213096863-3173725656-1000\...\SeaMonkey\Extensions: [mozilla_cc2@internetdownloadmanager.com] - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi => not found
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_28_0_0_126.dll [2017-12-28] ()
FF Plugin: @java.com/DTPlugin,version=11.151.2 -> C:\Program Files\Java\jre1.8.0_151\bin\dtplugin\npDeployJava1.dll [2017-10-19] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.151.2 -> C:\Program Files\Java\jre1.8.0_151\bin\plugin2\npjp2.dll [2017-10-19] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2018-01-21] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_28_0_0_126.dll [2017-12-28] ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2016-09-06] (Google)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2015-10-13] (Google, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.0.72 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-05-13] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-05-13] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.21.2 -> C:\Windows\SysWOW64\npDeployJava1.dll [2017-07-11] (Oracle Corporation)
FF Plugin-x32: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 -> C:\Program Files (x86)\Yahoo!\Shared\npYState.dll [2012-05-25] (Yahoo! Inc.)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2018-01-21] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-14] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-14] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-11-04] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1439322100-2213096863-3173725656-1000: @citrixonline.com/appdetectorplugin -> C:\Users\Peter\AppData\Local\Citrix\Plugins\104\npappdetector.dll [2014-10-16] (Citrix Online)
FF Plugin HKU\S-1-5-21-1439322100-2213096863-3173725656-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Peter\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-06-08] (Unity Technologies ApS)
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\itms.js [2017-05-09]

Chrome:
=======
CHR HomePage: Default -> hxxps://search.yahoo.com/?type=430075&fr=yo-yhp-ch
CHR StartupUrls: Default -> "hxxps://search.yahoo.com/?type=430075&fr=yo-yhp-ch"
CHR Profile: C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default [2018-01-27]
CHR Extension: (YouTube) - C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-01-01]
CHR Extension: (Google Search) - C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-01-19]
CHR Extension: (Unlimited Free VPN - Hola) - C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkojfkhlekighikafcpjkiklfbnlmeio [2017-02-26]
CHR Extension: (Helium Backup) - C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpglbgbpeobllokpmeagpoagjbfknanl [2017-07-21]
CHR Extension: (Skype) - C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2017-07-21]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-07-04]
CHR Extension: (Chrome Media Router) - C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-07-21]
CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - <no Path/update_url>
CHR HKU\S-1-5-21-1439322100-2213096863-3173725656-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [hcjjaajflhellmcfcecojihhmdbjmmlm] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 amdacpusrsvc; C:\Program Files\AMD\{920DEC42-4CA5-4d1d-9487-67BE645CDDFC}\amdacpusrsvc.exe [121856 2017-12-06] (Advanced Micro Devices) [File not signed]
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2017-04-03] (Apple Inc.)
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe [936728 2013-06-04] ()
S4 ASGT; C:\Windows\SysWOW64\ASGT.exe [55296 2012-01-17] () [File not signed]
R2 asHmComSvc; C:\Program Files (x86)\ASUS\AAHM\1.00.22\aaHMSvc.exe [954648 2013-08-01] (ASUSTeK Computer Inc.)
S4 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe [1360016 2014-04-24] () [File not signed]
S4 AsusFanControlService; C:\Program Files (x86)\ASUS\AsusFanControlService\1.08.15\AsusFanControlService.exe [419288 2016-05-19] (ASUSTeK Computer Inc.)
S2 AUEPLauncher; C:\Program Files (x86)\AMD\Performance Profile Client\AUEPLauncher.exe [9216 2017-12-17] () [File not signed]
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [7780528 2018-01-15] (Microsoft Corporation)
S4 CLKMSVC10_38F51D56; C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe [243464 2013-09-02] (CyberLink)
S3 GalaxyClientService; C:\Program Files (x86)\GOG Galaxy\GalaxyClientService.exe [532552 2018-01-10] (GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [8345672 2017-12-07] (GOG.com)
R3 hpqcxs08; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll [249344 2009-09-20] (Hewlett-Packard Co.) [File not signed]
R2 hpqddsvc; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll [133120 2009-09-20] (Hewlett-Packard Co.) [File not signed]
R2 HPSLPSVC; C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL [1037824 2009-09-20] (Hewlett-Packard Co.) [File not signed]
S4 IAStorDataMgrSvc; C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-07] (Intel Corporation)
R2 IMFservice; C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe [1766176 2017-05-19] (IObit)
S4 Intel® Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [732160 2012-12-10] (Intel® Corporation) [File not signed]
S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [803872 2012-12-10] (Intel® Corporation)
S4 IntelBCAsvc; C:\Program Files\Intel\BCA\pabeSvc64.exe [3026584 2016-05-06] (Intel® Corporation)
S2 IObitUnSvr; C:\Program Files (x86)\IObit\IObit Uninstaller\IUService.exe [206112 2017-06-14] (IObit)
S4 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [169432 2013-05-13] (Intel Corporation)
R2 MacriumService; C:\Program Files\Macrium\Common\MacriumService.exe [4091112 2017-11-09] (Paramount Software UK Ltd)
R2 MBAMService; E:\Program Files\Anti-Malware\mbamservice.exe [6234056 2017-11-01] (Malwarebytes)
S3 McAfee Vpn Service; C:\Program Files (x86)\McAfee Safe Connect\service\VpnService.exe [320944 2017-10-10] ()
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.11.599\McCHSvc.exe [404376 2017-09-05] (McAfee, Inc.)
R2 Motorola Device Manager; C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe [116632 2012-07-17] ()
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2008-12-03] (Hewlett-Packard) [File not signed]
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2154816 2018-01-20] (Electronic Arts)
R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3024712 2018-01-20] (Electronic Arts)
R2 PlaysService; C:\Program Files (x86)\Raptr Inc\PlaysTV\plays_service.exe [55000 2017-12-12] (Copyright © 2017 Plays.tv, LLC)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2008-12-03] (Hewlett-Packard) [File not signed]
R2 PST Service; C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe [65657 2011-09-02] (Motorola) [File not signed]
S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [118520 2013-02-28] (Riverbed Technology, Inc.)
S4 Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [1363160 2014-11-28] (Secunia)
S4 Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [765144 2014-11-28] (Secunia)
R2 SNMP; C:\Windows\System32\snmp.exe [49664 2010-11-20] (Microsoft Corporation)
R2 SNMP; C:\Windows\SysWOW64\snmp.exe [47616 2010-11-20] (Microsoft Corporation)
R2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [752224 2017-01-16] (DEVGURU Co., LTD.)
S4 TlntSvr; C:\Windows\System32\tlntsvr.exe [81920 2009-07-13] (Microsoft Corporation)
S4 TrueKey; C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe [908256 2016-07-14] (McAfee, Inc.)
S4 TrueKeyScheduler; C:\Program Files\TrueKey\McTkSchedulerService.exe [15736 2016-07-14] (McAfee, Inc.)
S3 TrueKeyServiceHelper; C:\Program Files\TrueKey\McAfee.TrueKey.ServiceHelper.exe [86864 2016-07-14] (McAfee, Inc.)
U2 vsmon; C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe [4087568 2016-10-11] (Check Point Software Technologies Ltd.)
R2 WDBackup; C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe [1049464 2016-04-19] (Western Digital Technologies, Inc.)
R3 WDDriveService; C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe [314744 2016-04-19] (Western Digital Technologies, Inc.)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-26] (Microsoft Corporation)
S2 ZAPrivacyService; C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZaPrivacyService.exe [114936 2016-10-06] (Check Point Software Technologies, Ltd.)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 12Ghosts 12-Z; C:\Program Files (x86)\12Ghosts\12kernel.sys [8224 2010-02-04] ()
S3 AiChargerPlus; C:\Windows\SysWow64\drivers\AiChargerPlus.sys [14848 2013-01-28] (ASUSTek Computer Inc.)
R2 amdacpksd; C:\Windows\system32\drivers\amdacpksd.sys [305544 2017-12-06] (Advanced Micro Devices)
R0 asahci64; C:\Windows\System32\drivers\asahci64.sys [47512 2013-01-10] (Asmedia Technology) [File not signed]
R2 ASInsHelp; C:\Windows\SysWow64\drivers\AsInsHelp64.sys [11832 2013-01-08] ()
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2014-02-20] ()
S3 ASMTFilter; C:\Windows\SysWow64\drivers\asmtufdriver.sys [21400 2013-01-28] (hxxp://www.asmedia.com.tw) [File not signed]
R2 AsRamDisk; C:\Windows\System32\DRIVERS\asramdisk.sys [105784 2013-05-13] (Asus)
S3 ASUSFILTER; C:\Windows\SysWow64\drivers\ASUSFILTER.sys [46152 2011-09-20] (MCCI Corporation)
S3 AWEAlloc; C:\Windows\System32\DRIVERS\awealloc.sys [21456 2012-12-20] (Olof Lagerkvist)
S3 bcbtums; C:\Windows\System32\drivers\bcbtums.sys [172760 2013-10-01] (Broadcom Corporation.)
S3 BCM42RLY; no ImagePath
S3 BstkDrv; C:\Program Files (x86)\BlueStacks\BstkDrv.sys [269408 2017-12-16] (Bluestack System Inc. )
S3 CorsairAudioFilter; C:\Windows\System32\DRIVERS\corsveng2kamd64.sys [112808 2014-08-15] (Corsair Components, Inc.)
S3 dg_ssudbus; C:\Windows\System32\DRIVERS\ssudbus.sys [131984 2017-05-18] (Samsung Electronics Co., Ltd.)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2017-02-10] (DT Soft Ltd)
S3 hitmanpro37; C:\Windows\system32\drivers\hitmanpro37.sys [43664 2015-08-17] ()
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [27552 2017-02-16] (REALiX™)
R0 iaStorF; C:\Windows\System32\drivers\iaStorF.sys [40464 2017-02-21] (Intel Corporation)
R1 IMFCameraProtect; C:\Windows\system32\drivers\IMFCameraProtect.sys [26272 2017-03-17] (IObit.com)
R3 IMFDownProtect; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\IMFDownProtect.sys [21360 2017-03-08] (IObit.com)
R3 IMFFilter; C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\IMFFilter.sys [22440 2017-01-06] (IObit)
R3 IMFForceDelete; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\IMFForceDelete.sys [16216 2017-03-17] (IObit.com)
R3 IUFileFilter; C:\Program Files (x86)\IObit\IObit Uninstaller\drivers\win7_amd64\IUFileFilter.sys [21928 2017-06-06] (IObit.com)
R3 IURegProcessFilter; C:\Program Files (x86)\IObit\IObit Uninstaller\drivers\win7_amd64\IURegProcessFilter.sys [21872 2017-09-28] (IObit.com)
S3 keycrypt; C:\Windows\System32\DRIVERS\KeyCrypt64.sys [161408 2017-01-30] (Zemana Ltd.)
R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [193968 2018-01-20] (Malwarebytes)
R3 MBAMFarflt; C:\Windows\System32\DRIVERS\farflt.sys [110016 2018-01-27] (Malwarebytes)
R3 MBAMProtection; C:\Windows\System32\DRIVERS\mbam.sys [46008 2018-01-27] (Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [253880 2018-01-27] (Malwarebytes)
R3 MBAMWebProtection; C:\Windows\System32\DRIVERS\mwac.sys [84256 2018-01-27] (Malwarebytes)
S3 MotDev; C:\Windows\System32\DRIVERS\motodrv.sys [53632 2009-05-08] (Motorola Inc) [File not signed]
S3 motmodem; C:\Windows\System32\DRIVERS\motmodem.sys [31232 2012-06-08] (Motorola Mobility Inc) [File not signed]
S3 motport; C:\Windows\System32\DRIVERS\motport.sys [31232 2012-06-08] (Motorola Mobility Inc) [File not signed]
R2 NPF; C:\Windows\System32\drivers\npf.sys [36600 2013-02-28] (Riverbed Technology, Inc.)
S3 pikbd; C:\Windows\System32\DRIVERS\pikbd.sys [41368 2016-11-17] ()
S3 pimou; C:\Windows\System32\DRIVERS\pimou.sys [42392 2016-11-17] (Christian Gulden)
S3 PSI; C:\Windows\System32\DRIVERS\psi_mf_amd64.sys [18456 2014-11-28] (Secunia)
S1 QMUdisk; no ImagePath
R3 RegFilter; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\regfilter.sys [34752 2016-12-15] (IObit.com)
R0 SmartDefragDriver; C:\Windows\System32\Drivers\SmartDefragDriver.sys [30744 2017-03-09] (IObit)
S1 softaal; no ImagePath
S3 ssudmdm; C:\Windows\System32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd.)
S2 tsnethlpx64; no ImagePath
S3 TSSKX64; C:\Windows\System32\drivers\tsskx64.sys [52728 2017-02-10] (电脑管家)
S3 usbbus; no ImagePath
S3 UsbDiag; no ImagePath
S3 USBModem; no ImagePath
R1 VBoxNetLwf; C:\Windows\System32\DRIVERS\VBoxNetLwf.sys [185552 2016-07-20] (Oracle Corporation)
R1 Vsdatant; C:\Windows\System32\DRIVERS\vsdatant.sys [462272 2016-10-11] (Check Point Software Technologies Ltd.)
S3 vzandnetbus; no ImagePath
S3 vzandnetdiag; no ImagePath
S3 vzandnetmodem; no ImagePath
S1 ZAM; no ImagePath
S1 ZAM_Guard; no ImagePath
S3 atillk64; \??\C:\Users\ADMINI~1\AppData\Local\Temp\RarSFX0\atillk64.sys [X] <==== ATTENTION
R3 cpuz138; \??\C:\Users\Peter\AppData\Local\Temp\cpuz138\cpuz138_x64.sys [X] <==== ATTENTION
U3 iswSvc; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-01-27 14:11 - 2018-01-27 14:11 - 000000000 ____D C:\Users\Peter\Desktop\FRST-OlderVersion
2018-01-27 11:50 - 2018-01-27 11:50 - 000456568 _____ (ASMedia Technology Inc) C:\Windows\system32\Drivers\asmtxhci.sys
2018-01-27 11:50 - 2018-01-27 11:50 - 000151416 _____ (ASMedia Technology Inc) C:\Windows\system32\Drivers\asmthub3.sys
2018-01-27 11:50 - 2018-01-27 11:50 - 000028024 _____ C:\Windows\system32\asmtxhcicoinstaller.dll
2018-01-27 11:45 - 2018-01-27 13:48 - 000008192 _____ C:\Windows\SysWOW64\WDPABKP.dat
2018-01-25 11:21 - 2018-01-25 11:21 - 000000000 ____D C:\Users\Peter\Desktop\Old Firefox Data
2018-01-25 07:58 - 2018-01-27 13:51 - 000000000 ____D C:\Users\Peter\AppData\LocalLow\HPAppData
2018-01-23 08:04 - 2018-01-23 08:04 - 000000000 ____D C:\Program Files\Common Files\DESIGNER
2018-01-20 16:28 - 2018-01-20 16:28 - 000002790 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2018-01-20 16:06 - 2018-01-20 16:06 - 000003272 _____ C:\Windows\System32\Tasks\SamsungMagician
2018-01-20 16:06 - 2018-01-20 16:06 - 000001238 _____ C:\Users\Public\Desktop\Samsung Magician.lnk
2018-01-20 16:06 - 2018-01-20 16:06 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung Magician
2018-01-20 16:01 - 2018-01-20 16:01 - 000000000 ____D C:\Program Files (x86)\New folder
2018-01-20 15:49 - 2018-01-20 15:49 - 000001952 _____ C:\Users\Public\Desktop\Macrium Reflect.lnk
2018-01-20 15:49 - 2018-01-20 15:49 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Macrium
2018-01-20 15:49 - 2018-01-20 15:49 - 000000000 ____D C:\Program Files\Macrium
2018-01-20 15:07 - 2018-01-20 15:13 - 000000000 ____D C:\Program Files (x86)\DriverTuner
2018-01-20 15:07 - 2018-01-20 15:12 - 000001051 _____ C:\Users\Peter\Desktop\DriverTuner.lnk
2018-01-20 15:07 - 2018-01-20 15:12 - 000000000 ____D C:\Users\Peter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DriverTuner
2018-01-20 14:55 - 2018-01-20 14:55 - 000001051 _____ C:\Users\Peter\Desktop\SpeedyFixer.lnk
2018-01-20 14:55 - 2018-01-20 14:55 - 000000000 ____D C:\Users\Peter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpeedyFixer
2018-01-20 14:55 - 2018-01-20 14:55 - 000000000 ____D C:\Program Files (x86)\SpeedyFixer
2018-01-20 14:31 - 2018-01-20 14:31 - 000000000 ____D C:\Program Files\backup
2018-01-20 14:31 - 2018-01-20 14:31 - 000000000 ____D C:\Program Files (x86)\backup
2018-01-20 14:28 - 2018-01-20 15:50 - 000000000 ____D C:\ProgramData\Macrium
2018-01-20 12:47 - 2018-01-20 12:47 - 000001117 _____ C:\Users\Public\Desktop\DriveImage XML.lnk
2018-01-20 12:47 - 2018-01-20 12:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Runtime Software
2018-01-20 12:45 - 2018-01-20 12:45 - 002023440 _____ C:\Users\Peter\Desktop\dixmlsetup.exe
2018-01-20 12:24 - 2018-01-20 12:24 - 002834285 _____ C:\Users\Peter\Desktop\mb-check-results.zip
2018-01-20 12:23 - 2018-01-20 12:23 - 002326984 _____ (Malwarebytes Corporation) C:\Users\Peter\Desktop\mb-check-3.1.9.1001.exe
2018-01-20 12:19 - 2018-01-27 14:12 - 000033282 _____ C:\Users\Peter\Desktop\FRST.txt
2018-01-20 12:15 - 2018-01-27 14:11 - 002393088 _____ (Farbar) C:\Users\Peter\Desktop\FRST64.exe
2018-01-20 00:18 - 2018-01-27 13:48 - 000253880 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2018-01-20 00:18 - 2018-01-20 00:18 - 000193968 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamChameleon.sys
2018-01-19 23:50 - 2018-01-19 23:50 - 011205832 _____ (Piriform Ltd) C:\Users\Administrator\Downloads\ccsetup539.exe
2018-01-19 23:50 - 2018-01-19 23:50 - 000000824 _____ C:\Users\Public\Desktop\CCleaner.lnk
2018-01-19 23:50 - 2018-01-19 23:50 - 000000300 ____H C:\Windows\Tasks\CCleaner Update.job
2018-01-19 23:50 - 2018-01-19 23:50 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2018-01-19 23:50 - 2018-01-19 23:50 - 000000000 ____D C:\Program Files\CCleaner
2018-01-19 23:48 - 2018-01-19 23:48 - 011203712 _____ (Piriform Ltd) C:\Users\Administrator\Downloads\ccsetup539pro.exe
2018-01-19 23:48 - 2018-01-19 23:48 - 011203712 _____ (Piriform Ltd) C:\Users\Administrator\Downloads\ccsetup539pro(1).exe
2018-01-19 23:43 - 2018-01-19 23:43 - 000001351 _____ C:\Users\Administrator\Desktop\Auslogics Registry Cleaner.lnk
2018-01-19 23:43 - 2018-01-19 23:43 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Auslogics
2018-01-19 23:43 - 2018-01-19 23:43 - 000000000 ____D C:\Program Files (x86)\Auslogics
2018-01-19 23:42 - 2018-01-19 23:42 - 011578344 _____ (Auslogics ) C:\Users\Administrator\Downloads\registry-cleaner-setup.exe
2018-01-19 23:25 - 2018-01-27 13:56 - 000084256 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys
2018-01-19 23:25 - 2018-01-27 13:49 - 000110016 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt.sys
2018-01-19 23:25 - 2018-01-27 13:49 - 000046008 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2018-01-15 16:45 - 2018-01-15 16:45 - 000002363 _____ C:\Users\Public\Desktop\Add a Device - Photosmart All-In-One series.lnk
2018-01-15 16:45 - 2018-01-15 16:45 - 000000000 ____D C:\Users\Peter\AppData\Roaming\HP
2018-01-15 16:40 - 2018-01-15 16:40 - 000002173 _____ C:\Users\Public\Desktop\HP Photosmart Essential 3.5.lnk
2018-01-15 16:40 - 2018-01-15 16:40 - 000001058 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\I.R.I.S. OCR Registration.lnk
2018-01-15 16:39 - 2018-01-15 16:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
2018-01-15 16:39 - 2018-01-15 16:39 - 000001327 _____ C:\ProgramData\Microsoft\Windows\Start Menu\HP Solution Center.lnk
2018-01-15 16:39 - 2018-01-15 16:39 - 000001321 _____ C:\Users\Public\Desktop\HP Solution Center.lnk
2018-01-15 16:39 - 2018-01-15 16:39 - 000001163 _____ C:\Users\Public\Desktop\Shop for HP Supplies.lnk
2018-01-15 16:39 - 2018-01-15 16:39 - 000000000 ____D C:\Windows\SysWOW64\spool
2018-01-15 16:39 - 2018-01-15 16:39 - 000000000 ____D C:\ProgramData\HP Product Assistant
2018-01-15 16:36 - 2018-01-15 16:40 - 000000000 ____D C:\Program Files (x86)\HP
2018-01-15 16:35 - 2018-01-15 16:35 - 000000000 ____D C:\Program Files\HP
2018-01-15 16:20 - 2018-01-15 16:45 - 000210696 _____ C:\Windows\hpoins21.dat
2018-01-15 16:20 - 2018-01-15 16:39 - 000000000 ____D C:\ProgramData\HP
2018-01-15 16:20 - 2009-10-07 19:26 - 000005474 ____N C:\Windows\hpomdl21.dat
2018-01-08 02:07 - 2018-01-20 13:15 - 000001187 _____ C:\Users\Peter\Desktop\Roblox Studio.lnk
2018-01-06 16:10 - 2018-01-06 16:10 - 000002403 _____ C:\Users\Peter\Desktop\Final Fantasy XV A New Empire.lnk
2018-01-06 15:33 - 2018-01-06 15:33 - 000001545 _____ C:\Users\Public\Desktop\BlueStacks.lnk
2018-01-06 15:33 - 2018-01-06 15:33 - 000001545 _____ C:\ProgramData\Microsoft\Windows\Start Menu\BlueStacks.lnk
2018-01-06 15:31 - 2018-01-06 15:32 - 000000000 ____D C:\Program Files (x86)\BlueStacks
2018-01-05 13:32 - 2017-12-31 20:21 - 005581544 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2018-01-05 13:32 - 2017-12-31 20:21 - 001680616 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2018-01-05 13:32 - 2017-12-31 20:21 - 000948968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2018-01-05 13:32 - 2017-12-31 20:21 - 000708328 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2018-01-05 13:32 - 2017-12-31 20:21 - 000288488 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fltMgr.sys
2018-01-05 13:32 - 2017-12-31 20:21 - 000262376 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll
2018-01-05 13:32 - 2017-12-31 20:21 - 000213736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdyboost.sys
2018-01-05 13:32 - 2017-12-31 20:21 - 000154856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2018-01-05 13:32 - 2017-12-31 20:21 - 000114408 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2018-01-05 13:32 - 2017-12-31 20:21 - 000095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2018-01-05 13:32 - 2017-12-31 20:19 - 001665384 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2018-01-05 13:32 - 2017-12-31 20:18 - 014183936 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2018-01-05 13:32 - 2017-12-31 20:18 - 002066432 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2018-01-05 13:32 - 2017-12-31 20:18 - 002004480 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2018-01-05 13:32 - 2017-12-31 20:18 - 001942016 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2018-01-05 13:32 - 2017-12-31 20:18 - 001867776 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2018-01-05 13:32 - 2017-12-31 20:18 - 001741312 _____ (Microsoft Corporation) C:\Windows\system32\sysmain.dll
2018-01-05 13:32 - 2017-12-31 20:18 - 001460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2018-01-05 13:32 - 2017-12-31 20:18 - 001361408 _____ (Microsoft Corporation) C:\Windows\system32\PeerDistSvc.dll
2018-01-05 13:32 - 2017-12-31 20:18 - 001212928 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2018-01-05 13:32 - 2017-12-31 20:18 - 001163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2018-01-05 13:32 - 2017-12-31 20:18 - 001110528 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll
2018-01-05 13:32 - 2017-12-31 20:18 - 000977408 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2018-01-05 13:32 - 2017-12-31 20:18 - 000961024 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll
2018-01-05 13:32 - 2017-12-31 20:18 - 000880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2018-01-05 13:32 - 2017-12-31 20:18 - 000863232 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2018-01-05 13:32 - 2017-12-31 20:18 - 000842752 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2018-01-05 13:32 - 2017-12-31 20:18 - 000828928 _____ (Microsoft Corporation) C:\Windows\system32\MPSSVC.dll
2018-01-05 13:32 - 2017-12-31 20:18 - 000749568 _____ (Microsoft Corporation) C:\Windows\system32\FirewallAPI.dll
2018-01-05 13:32 - 2017-12-31 20:18 - 000731648 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2018-01-05 13:32 - 2017-12-31 20:18 - 000705024 _____ (Microsoft Corporation) C:\Windows\system32\BFE.DLL
2018-01-05 13:32 - 2017-12-31 20:18 - 000690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2018-01-05 13:32 - 2017-12-31 20:18 - 000512000 _____ (Microsoft Corporation) C:\Windows\system32\rpcss.dll
2018-01-05 13:32 - 2017-12-31 20:18 - 000503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2018-01-05 13:32 - 2017-12-31 20:18 - 000473600 _____ (Microsoft Corporation) C:\Windows\system32\taskcomp.dll
2018-01-05 13:32 - 2017-12-31 20:18 - 000463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2018-01-05 13:32 - 2017-12-31 20:18 - 000444928 _____ (Microsoft Corporation) C:\Windows\system32\winhttp.dll
2018-01-05 13:32 - 2017-12-31 20:18 - 000439296 _____ (Microsoft Corporation) C:\Windows\system32\p2psvc.dll
2018-01-05 13:32 - 2017-12-31 20:18 - 000419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2018-01-05 13:32 - 2017-12-31 20:18 - 000366592 _____ (Microsoft Corporation) C:\Windows\system32\wcncsvc.dll
2018-01-05 13:32 - 2017-12-31 20:18 - 000361984 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2018-01-05 13:32 - 2017-12-31 20:18 - 000345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2018-01-05 13:32 - 2017-12-31 20:18 - 000327168 _____ (Microsoft Corporation) C:\Windows\system32\pnrpsvc.dll
2018-01-05 13:32 - 2017-12-31 20:18 - 000324096 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
2018-01-05 13:32 - 2017-12-31 20:18 - 000316928 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2018-01-05 13:32 - 2017-12-31 20:18 - 000312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2018-01-05 13:32 - 2017-12-31 20:18 - 000303104 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2018-01-05 13:32 - 2017-12-31 20:18 - 000264704 _____ (Microsoft Corporation) C:\Windows\system32\P2P.dll
2018-01-05 13:32 - 2017-12-31 20:18 - 000243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2018-01-05 13:32 - 2017-12-31 20:18 - 000223232 _____ (Microsoft Corporation) C:\Windows\system32\ncsi.dll
2018-01-05 13:32 - 2017-12-31 20:18 - 000215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2018-01-05 13:32 - 2017-12-31 20:18 - 000210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2018-01-05 13:32 - 2017-12-31 20:18 - 000190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2018-01-05 13:32 - 2017-12-31 20:18 - 000181760 _____ (Microsoft Corporation) C:\Windows\system32\PeerDist.dll
2018-01-05 13:32 - 2017-12-31 20:18 - 000146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2018-01-05 13:32 - 2017-12-31 20:18 - 000135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2018-01-05 13:32 - 2017-12-31 20:18 - 000131584 _____ (Microsoft Corporation) C:\Windows\system32\PeerDistWSDDiscoProv.dll
2018-01-05 13:32 - 2017-12-31 20:18 - 000123904 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
2018-01-05 13:32 - 2017-12-31 20:18 - 000120320 _____ (Microsoft Corporation) C:\Windows\system32\WcnApi.dll
2018-01-05 13:32 - 2017-12-31 20:18 - 000108544 _____ (Microsoft Corporation) C:\Windows\system32\icfupgd.dll
2018-01-05 13:32 - 2017-12-31 20:18 - 000101376 _____ (Microsoft Corporation) C:\Windows\system32\fdWCN.dll
2018-01-05 13:32 - 2017-12-31 20:18 - 000095744 _____ (Microsoft Corporation) C:\Windows\system32\rascfg.dll
2018-01-05 13:32 - 2017-12-31 20:18 - 000086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2018-01-05 13:32 - 2017-12-31 20:18 - 000084480 _____ (Microsoft Corporation) C:\Windows\system32\INETRES.dll
2018-01-05 13:32 - 2017-12-31 20:18 - 000076288 _____ (Microsoft Corporation) C:\Windows\system32\rasdiag.dll
2018-01-05 13:32 - 2017-12-31 20:18 - 000070656 _____ (Microsoft Corporation) C:\Windows\system32\nlaapi.dll
2018-01-05 13:32 - 2017-12-31 20:18 - 000070144 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2018-01-05 13:32 - 2017-12-31 20:18 - 000063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2018-01-05 13:32 - 2017-12-31 20:18 - 000060928 _____ (Microsoft Corporation) C:\Windows\system32\ndptsp.tsp
2018-01-05 13:32 - 2017-12-31 20:18 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2018-01-05 13:32 - 2017-12-31 20:18 - 000059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2018-01-05 13:32 - 2017-12-31 20:18 - 000053760 _____ (Microsoft Corporation) C:\Windows\system32\vmicres.dll
2018-01-05 13:32 - 2017-12-31 20:18 - 000051200 _____ (Microsoft Corporation) C:\Windows\system32\PeerDistHttpTrans.dll
2018-01-05 13:32 - 2017-12-31 20:18 - 000050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2018-01-05 13:32 - 2017-12-31 20:18 - 000047104 _____ (Microsoft Corporation) C:\Windows\system32\kmddsp.tsp
2018-01-05 13:32 - 2017-12-31 20:18 - 000044032 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2018-01-05 13:32 - 2017-12-31 20:18 - 000043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2018-01-05 13:32 - 2017-12-31 20:18 - 000041472 _____ (Microsoft Corporation) C:\Windows\system32\rasmxs.dll
2018-01-05 13:32 - 2017-12-31 20:18 - 000039424 _____ (Microsoft Corporation) C:\Windows\system32\traffic.dll
2018-01-05 13:32 - 2017-12-31 20:18 - 000034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2018-01-05 13:32 - 2017-12-31 20:18 - 000029696 _____ (Microsoft Corporation) C:\Windows\system32\rasser.dll
2018-01-05 13:32 - 2017-12-31 20:18 - 000028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2018-01-05 13:32 - 2017-12-31 20:18 - 000028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2018-01-05 13:32 - 2017-12-31 20:18 - 000026112 _____ (Microsoft Corporation) C:\Windows\system32\oleres.dll
2018-01-05 13:32 - 2017-12-31 20:18 - 000024576 _____ (Microsoft Corporation) C:\Windows\system32\WcnEapPeerProxy.dll
2018-01-05 13:32 - 2017-12-31 20:18 - 000024064 _____ (Microsoft Corporation) C:\Windows\system32\WcnEapAuthProxy.dll
2018-01-05 13:32 - 2017-12-31 20:18 - 000022528 _____ (Microsoft Corporation) C:\Windows\system32\wfapigp.dll
2018-01-05 13:32 - 2017-12-31 20:18 - 000022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2018-01-05 13:32 - 2017-12-31 20:18 - 000016896 _____ (Microsoft Corporation) C:\Windows\system32\wshqos.dll
2018-01-05 13:32 - 2017-12-31 20:18 - 000016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2018-01-05 13:32 - 2017-12-31 20:18 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\wshnetbs.dll
2018-01-05 13:32 - 2017-12-31 20:18 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2018-01-05 13:32 - 2017-12-31 20:18 - 000008704 _____ (Microsoft Corporation) C:\Windows\system32\comcat.dll
2018-01-05 13:32 - 2017-12-31 20:18 - 000006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2018-01-05 13:32 - 2017-12-31 20:18 - 000006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2018-01-05 13:32 - 2017-12-31 20:18 - 000005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2018-01-05 13:32 - 2017-12-31 20:18 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2018-01-05 13:32 - 2017-12-31 20:18 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2018-01-05 13:32 - 2017-12-31 20:18 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2018-01-05 13:32 - 2017-12-31 20:18 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2018-01-05 13:32 - 2017-12-31 20:18 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2018-01-05 13:32 - 2017-12-31 20:18 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2018-01-05 13:32 - 2017-12-31 20:18 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2018-01-05 13:32 - 2017-12-31 20:18 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2018-01-05 13:32 - 2017-12-31 20:18 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2018-01-05 13:32 - 2017-12-31 20:18 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2018-01-05 13:32 - 2017-12-31 20:18 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2018-01-05 13:32 - 2017-12-31 20:18 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2018-01-05 13:32 - 2017-12-31 20:18 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2018-01-05 13:32 - 2017-12-31 20:18 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2018-01-05 13:32 - 2017-12-31 20:18 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2018-01-05 13:32 - 2017-12-31 20:18 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2018-01-05 13:32 - 2017-12-31 20:18 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2018-01-05 13:32 - 2017-12-31 20:18 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2018-01-05 13:32 - 2017-12-31 20:18 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2018-01-05 13:32 - 2017-12-31 20:18 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2018-01-05 13:32 - 2017-12-31 20:18 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2018-01-05 13:32 - 2017-12-31 20:18 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2018-01-05 13:32 - 2017-12-31 20:18 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2018-01-05 13:32 - 2017-12-31 20:18 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2018-01-05 13:32 - 2017-12-31 20:18 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2018-01-05 13:32 - 2017-12-31 20:18 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2018-01-05 13:32 - 2017-12-31 20:18 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2018-01-05 13:32 - 2017-12-31 20:13 - 000631680 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2018-01-05 13:32 - 2017-12-31 20:04 - 000559616 _____ (Microsoft Corporation) C:\Windows\system32\spoolsv.exe
2018-01-05 13:32 - 2017-12-31 20:02 - 001314112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2018-01-05 13:32 - 2017-12-31 20:00 - 012880384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2018-01-05 13:32 - 2017-12-31 20:00 - 001499648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll
2018-01-05 13:32 - 2017-12-31 20:00 - 001417728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2018-01-05 13:32 - 2017-12-31 20:00 - 001390080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2018-01-05 13:32 - 2017-12-31 20:00 - 001114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2018-01-05 13:32 - 2017-12-31 20:00 - 000741888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2018-01-05 13:32 - 2017-12-31 20:00 - 000666624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll
2018-01-05 13:32 - 2017-12-31 20:00 - 000666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2018-01-05 13:32 - 2017-12-31 20:00 - 000554496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2018-01-05 13:32 - 2017-12-31 20:00 - 000463360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FirewallAPI.dll
2018-01-05 13:32 - 2017-12-31 20:00 - 000351744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winhttp.dll
2018-01-05 13:32 - 2017-12-31 20:00 - 000304640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\taskcomp.dll
2018-01-05 13:32 - 2017-12-31 20:00 - 000276992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wcncsvc.dll
2018-01-05 13:32 - 2017-12-31 20:00 - 000275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2018-01-05 13:32 - 2017-12-31 20:00 - 000261120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2018-01-05 13:32 - 2017-12-31 20:00 - 000254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2018-01-05 13:32 - 2017-12-31 20:00 - 000223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2018-01-05 13:32 - 2017-12-31 20:00 - 000217600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\P2P.dll
2018-01-05 13:32 - 2017-12-31 20:00 - 000216576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL
2018-01-05 13:32 - 2017-12-31 20:00 - 000172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2018-01-05 13:32 - 2017-12-31 20:00 - 000162304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncsi.dll
2018-01-05 13:32 - 2017-12-31 20:00 - 000146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2018-01-05 13:32 - 2017-12-31 20:00 - 000141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2018-01-05 13:32 - 2017-12-31 20:00 - 000139776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PeerDist.dll
2018-01-05 13:32 - 2017-12-31 20:00 - 000096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2018-01-05 13:32 - 2017-12-31 20:00 - 000084480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\INETRES.dll
2018-01-05 13:32 - 2017-12-31 20:00 - 000082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcrypt.dll
2018-01-05 13:32 - 2017-12-31 20:00 - 000081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fdWCN.dll
2018-01-05 13:32 - 2017-12-31 20:00 - 000081408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rascfg.dll
2018-01-05 13:32 - 2017-12-31 20:00 - 000065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2018-01-05 13:32 - 2017-12-31 20:00 - 000061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rasdiag.dll
2018-01-05 13:32 - 2017-12-31 20:00 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2018-01-05 13:32 - 2017-12-31 20:00 - 000052224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll
2018-01-05 13:32 - 2017-12-31 20:00 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ndptsp.tsp
2018-01-05 13:32 - 2017-12-31 20:00 - 000043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2018-01-05 13:32 - 2017-12-31 20:00 - 000033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\traffic.dll
2018-01-05 13:32 - 2017-12-31 20:00 - 000026112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleres.dll
2018-01-05 13:32 - 2017-12-31 20:00 - 000022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2018-01-05 13:32 - 2017-12-31 20:00 - 000017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2018-01-05 13:32 - 2017-12-31 20:00 - 000005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2018-01-05 13:32 - 2017-12-31 20:00 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2018-01-05 13:32 - 2017-12-31 19:59 - 001806848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2018-01-05 13:32 - 2017-12-31 19:59 - 000690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2018-01-05 13:32 - 2017-12-31 19:59 - 000644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2018-01-05 13:32 - 2017-12-31 19:59 - 000342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2018-01-05 13:32 - 2017-12-31 19:59 - 000309760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\actxprxy.dll
2018-01-05 13:32 - 2017-12-31 19:59 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2018-01-05 13:32 - 2017-12-31 19:59 - 000006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2018-01-05 13:32 - 2017-12-31 19:59 - 000005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2018-01-05 13:32 - 2017-12-31 19:59 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2018-01-05 13:32 - 2017-12-31 19:59 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2018-01-05 13:32 - 2017-12-31 19:59 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2018-01-05 13:32 - 2017-12-31 19:59 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2018-01-05 13:32 - 2017-12-31 19:59 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2018-01-05 13:32 - 2017-12-31 19:59 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2018-01-05 13:32 - 2017-12-31 19:59 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2018-01-05 13:32 - 2017-12-31 19:59 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2018-01-05 13:32 - 2017-12-31 19:59 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2018-01-05 13:32 - 2017-12-31 19:59 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2018-01-05 13:32 - 2017-12-31 19:59 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2018-01-05 13:32 - 2017-12-31 19:59 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2018-01-05 13:32 - 2017-12-31 19:59 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2018-01-05 13:32 - 2017-12-31 19:59 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2018-01-05 13:32 - 2017-12-31 19:59 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2018-01-05 13:32 - 2017-12-31 19:59 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2018-01-05 13:32 - 2017-12-31 19:59 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2018-01-05 13:32 - 2017-12-31 19:59 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2018-01-05 13:32 - 2017-12-31 19:59 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2018-01-05 13:32 - 2017-12-31 19:59 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2018-01-05 13:32 - 2017-12-31 19:59 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2018-01-05 13:32 - 2017-12-31 19:59 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2018-01-05 13:32 - 2017-12-31 19:59 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2018-01-05 13:32 - 2017-12-31 19:55 - 000131584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pacer.sys
2018-01-05 13:32 - 2017-12-31 19:55 - 000088576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wanarp.sys
2018-01-05 13:32 - 2017-12-31 19:55 - 000058368 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndproxy.sys
2018-01-05 13:32 - 2017-12-31 19:55 - 000045056 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netbios.sys
2018-01-05 13:32 - 2017-12-31 19:55 - 000024064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndistapi.sys
2018-01-05 13:32 - 2017-12-31 19:54 - 004013800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2018-01-05 13:32 - 2017-12-31 19:54 - 003959016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2018-01-05 13:32 - 2017-12-31 19:54 - 000077312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mpsdrv.sys
2018-01-05 13:32 - 2017-12-31 19:50 - 000455680 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2018-01-05 13:32 - 2017-12-31 19:49 - 000148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2018-01-05 13:32 - 2017-12-31 19:49 - 000064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2018-01-05 13:32 - 2017-12-31 19:49 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2018-01-05 13:32 - 2017-12-31 19:49 - 000017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2018-01-05 13:32 - 2017-12-31 19:47 - 000244224 _____ (Microsoft Corporation) C:\Windows\system32\vmicsvc.exe
2018-01-05 13:32 - 2017-12-31 19:46 - 000338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2018-01-05 13:32 - 2017-12-31 19:46 - 000128512 _____ (Microsoft Corporation) C:\Windows\system32\IcCoinstall.dll
2018-01-05 13:32 - 2017-12-31 19:46 - 000051712 _____ (Microsoft Corporation) C:\Windows\system32\vmictimeprovider.dll
2018-01-05 13:32 - 2017-12-31 19:45 - 000296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2018-01-05 13:32 - 2017-12-31 19:43 - 000086528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WcnApi.dll
2018-01-05 13:32 - 2017-12-31 19:43 - 000038912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kmddsp.tsp
2018-01-05 13:32 - 2017-12-31 19:43 - 000033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rasmxs.dll
2018-01-05 13:32 - 2017-12-31 19:43 - 000022528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rasser.dll
2018-01-05 13:32 - 2017-12-31 19:43 - 000020480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WcnEapPeerProxy.dll
2018-01-05 13:32 - 2017-12-31 19:43 - 000019968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WcnEapAuthProxy.dll
2018-01-05 13:32 - 2017-12-31 19:43 - 000018944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wfapigp.dll
2018-01-05 13:32 - 2017-12-31 19:43 - 000013824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshqos.dll
2018-01-05 13:32 - 2017-12-31 19:42 - 000460288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2018-01-05 13:32 - 2017-12-31 19:42 - 000406016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2018-01-05 13:32 - 2017-12-31 19:42 - 000168448 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2018-01-05 13:32 - 2017-12-31 19:42 - 000159744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2018-01-05 13:32 - 2017-12-31 19:41 - 000754176 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys
2018-01-05 13:32 - 2017-12-31 19:41 - 000291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2018-01-05 13:32 - 2017-12-31 19:41 - 000129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2018-01-05 13:32 - 2017-12-31 19:41 - 000112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2018-01-05 13:32 - 2017-12-31 19:41 - 000106496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dfsc.sys
2018-01-05 13:32 - 2017-12-31 19:41 - 000030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2018-01-05 13:32 - 2017-12-31 19:41 - 000007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comcat.dll
2018-01-05 13:32 - 2017-12-31 19:39 - 000050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2018-01-05 13:32 - 2017-12-31 19:36 - 000025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2018-01-05 13:32 - 2017-12-31 19:36 - 000014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2018-01-05 13:32 - 2017-12-31 19:36 - 000007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2018-01-05 13:32 - 2017-12-31 19:36 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2018-01-05 13:32 - 2017-12-31 19:35 - 000036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2018-01-05 13:32 - 2017-12-31 19:35 - 000006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2018-01-05 13:32 - 2017-12-31 19:35 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2018-01-05 13:32 - 2017-12-31 19:35 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2018-01-05 13:32 - 2017-12-31 19:35 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2018-01-05 13:32 - 2017-12-30 01:29 - 000395968 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2018-01-05 13:32 - 2017-12-30 00:42 - 000347328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2018-01-05 13:32 - 2017-12-29 12:39 - 020274688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2018-01-05 13:32 - 2017-12-29 12:24 - 002724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2018-01-05 13:32 - 2017-12-29 12:13 - 000499712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2018-01-05 13:32 - 2017-12-29 12:13 - 000062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2018-01-05 13:32 - 2017-12-29 12:12 - 000341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2018-01-05 13:32 - 2017-12-29 12:12 - 000047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2018-01-05 13:32 - 2017-12-29 12:11 - 000064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2018-01-05 13:32 - 2017-12-29 12:09 - 002294272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2018-01-05 13:32 - 2017-12-29 12:06 - 000047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2018-01-05 13:32 - 2017-12-29 12:06 - 000030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2018-01-05 13:32 - 2017-12-29 12:04 - 000476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2018-01-05 13:32 - 2017-12-29 12:03 - 000662528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2018-01-05 13:32 - 2017-12-29 12:03 - 000620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2018-01-05 13:32 - 2017-12-29 12:03 - 000115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2018-01-05 13:32 - 2017-12-29 11:55 - 000416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2018-01-05 13:32 - 2017-12-29 11:51 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2018-01-05 13:32 - 2017-12-29 11:50 - 000091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2018-01-05 13:32 - 2017-12-29 11:50 - 000073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2018-01-05 13:32 - 2017-12-29 11:47 - 000168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2018-01-05 13:32 - 2017-12-29 11:47 - 000076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2018-01-05 13:32 - 2017-12-29 11:46 - 000279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2018-01-05 13:32 - 2017-12-29 11:45 - 004508160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2018-01-05 13:32 - 2017-12-29 11:44 - 000130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2018-01-05 13:32 - 2017-12-29 11:39 - 000230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2018-01-05 13:32 - 2017-12-29 11:38 - 013680128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2018-01-05 13:32 - 2017-12-29 11:38 - 000694272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2018-01-05 13:32 - 2017-12-29 11:37 - 002058752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2018-01-05 13:32 - 2017-12-29 11:36 - 001155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2018-01-05 13:32 - 2017-12-29 11:19 - 002767872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2018-01-05 13:32 - 2017-12-29 11:15 - 001313792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2018-01-05 13:32 - 2017-12-29 11:13 - 000710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2018-01-05 13:32 - 2017-12-29 03:15 - 025737728 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2018-01-05 13:32 - 2017-12-29 03:04 - 002724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2018-01-05 13:32 - 2017-12-29 03:04 - 000004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2018-01-05 13:32 - 2017-12-29 02:52 - 002900480 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2018-01-05 13:32 - 2017-12-29 02:51 - 005796352 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2018-01-05 13:32 - 2017-12-29 02:51 - 000066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2018-01-05 13:32 - 2017-12-29 02:50 - 000577024 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2018-01-05 13:32 - 2017-12-29 02:50 - 000417280 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2018-01-05 13:32 - 2017-12-29 02:50 - 000088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2018-01-05 13:32 - 2017-12-29 02:50 - 000048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2018-01-05 13:32 - 2017-12-29 02:44 - 000054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2018-01-05 13:32 - 2017-12-29 02:43 - 000034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2018-01-05 13:32 - 2017-12-29 02:40 - 000615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2018-01-05 13:32 - 2017-12-29 02:39 - 000817152 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2018-01-05 13:32 - 2017-12-29 02:39 - 000814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2018-01-05 13:32 - 2017-12-29 02:39 - 000144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2018-01-05 13:32 - 2017-12-29 02:39 - 000116224 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2018-01-05 13:32 - 2017-12-29 02:32 - 000969216 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2018-01-05 13:32 - 2017-12-29 02:28 - 000489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2018-01-05 13:32 - 2017-12-29 02:22 - 000087552 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2018-01-05 13:32 - 2017-12-29 02:22 - 000077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2018-01-05 13:32 - 2017-12-29 02:21 - 000107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2018-01-05 13:32 - 2017-12-29 02:18 - 000199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2018-01-05 13:32 - 2017-12-29 02:18 - 000092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2018-01-05 13:32 - 2017-12-29 02:16 - 000315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2018-01-05 13:32 - 2017-12-29 02:14 - 000152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2018-01-05 13:32 - 2017-12-29 02:05 - 000262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2018-01-05 13:32 - 2017-12-29 02:04 - 015284224 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2018-01-05 13:32 - 2017-12-29 02:03 - 000807936 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2018-01-05 13:32 - 2017-12-29 02:03 - 000726528 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2018-01-05 13:32 - 2017-12-29 02:01 - 002134528 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2018-01-05 13:32 - 2017-12-29 02:01 - 001359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2018-01-05 13:32 - 2017-12-29 01:50 - 003241472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2018-01-05 13:32 - 2017-12-29 01:39 - 001545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2018-01-05 13:32 - 2017-12-29 01:27 - 000800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2018-01-05 13:32 - 2017-12-21 00:27 - 000634312 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2018-01-05 13:32 - 2017-12-13 10:31 - 000383720 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2018-01-05 13:32 - 2017-12-13 10:27 - 000100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2018-01-05 13:32 - 2017-12-13 10:27 - 000046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2018-01-05 13:32 - 2017-12-13 10:27 - 000041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2018-01-05 13:32 - 2017-12-13 10:27 - 000014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2018-01-05 13:32 - 2017-12-13 10:15 - 000309480 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2018-01-05 13:32 - 2017-12-13 10:11 - 000071168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2018-01-05 13:32 - 2017-12-13 10:11 - 000025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2018-01-05 13:32 - 2017-12-13 10:11 - 000010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2018-01-05 13:32 - 2017-12-13 09:50 - 000034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2018-01-05 13:32 - 2017-12-05 11:36 - 000625664 _____ (Microsoft Corporation) C:\Windows\system32\mscms.dll
2018-01-05 13:32 - 2017-12-05 11:36 - 000250880 _____ (Microsoft Corporation) C:\Windows\system32\icm32.dll
2018-01-05 13:32 - 2017-12-05 11:36 - 000040960 _____ (Microsoft Corporation) C:\Windows\system32\WcsPlugInService.dll
2018-01-05 13:32 - 2017-12-05 11:08 - 000481792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscms.dll
2018-01-05 13:32 - 2017-12-05 11:08 - 000215040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icm32.dll
2018-01-05 13:32 - 2017-12-05 09:59 - 003222528 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2018-01-05 13:32 - 2017-12-05 09:49 - 000032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WcsPlugInService.dll
2018-01-04 12:05 - 2018-01-04 12:05 - 000000000 ____D C:\ProgramData\AMD
2018-01-04 03:42 - 2018-01-04 03:42 - 000000000 ____D C:\Users\Peter\AppData\Local\realtech_VR
2018-01-02 15:30 - 2018-01-23 18:05 - 000000000 ____D C:\Users\Dr. Kitten\AppData\Roaming\Raptr
2018-01-02 15:30 - 2018-01-02 15:30 - 000000000 ____D C:\Users\Dr. Kitten\AppData\Roaming\PlaysTV
2017-12-29 15:35 - 2017-12-29 15:35 - 000000000 ____D C:\Users\Peter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\realtech VR
2017-12-29 15:35 - 2017-12-29 15:35 - 000000000 ____D C:\ProgramData\realtech VR
2017-12-29 15:35 - 2017-12-29 15:35 - 000000000 ____D C:\Program Files (x86)\realtech VR
2017-12-29 15:34 - 2017-12-29 15:34 - 000003146 _____ C:\Windows\System32\Tasks\StartCN
2017-12-29 15:34 - 2017-12-29 15:34 - 000003060 _____ C:\Windows\System32\Tasks\StartDVR
2017-12-29 15:34 - 2017-12-29 15:34 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Settings
2017-12-28 03:49 - 2013-07-02 16:29 - 000024824 _____ C:\Windows\system32\Drivers\IOMap64.sys
2017-12-28 03:46 - 2017-12-28 03:46 - 000000000 ____D C:\Users\Administrator\Desktop\bios
2017-12-28 03:43 - 2017-12-28 03:43 - 000000000 ____D C:\Users\Administrator\Desktop\New folder
2017-12-28 03:07 - 2017-12-28 03:07 - 000001141 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Safe Connect.lnk
2017-12-28 03:07 - 2017-12-28 03:07 - 000001129 _____ C:\Users\Public\Desktop\McAfee Safe Connect.lnk
2017-12-28 03:07 - 2017-12-28 03:07 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\McAfee Safe Connect
2017-12-28 03:07 - 2017-12-28 03:07 - 000000000 ____D C:\Users\Administrator\AppData\Local\McAfee_Inc
2017-12-28 03:06 - 2017-12-28 03:06 - 000000000 ____D C:\Program Files (x86)\McAfee Safe Connect
2017-12-28 03:00 - 2017-12-28 03:00 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\Macromedia
2017-12-28 03:00 - 2017-12-28 03:00 - 000000000 ____D C:\Users\Administrator\AppData\Local\Adobe
2017-12-28 02:30 - 2017-12-28 02:30 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\12Ghosts
2017-12-28 02:16 - 2017-12-28 02:16 - 005603499 _____ (UserBenchmark.com) C:\Users\Administrator\Downloads\UserBenchMark.exe
2017-12-28 02:07 - 2017-12-28 02:07 - 000001978 _____ C:\Users\Administrator\Desktop\Welcome to ASUS Product Registration.lnk
2017-12-28 00:26 - 2018-01-19 23:45 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Problem Report Wizard
2017-12-28 00:26 - 2017-12-29 15:33 - 000000000 ____D C:\Program Files (x86)\AMD
2017-12-28 00:25 - 2017-12-28 00:25 - 000000000 ____D C:\Program Files\Common Files\ATI Technologies
2017-12-28 00:22 - 2018-01-19 23:22 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\Raptr
2017-12-28 00:22 - 2017-12-28 00:22 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\PlaysTV
2017-12-28 00:22 - 2017-12-28 00:22 - 000000000 ____D C:\Users\Administrator\AppData\Local\RadeonInstaller
2017-12-28 00:19 - 2017-12-28 00:19 - 000000000 ____D C:\Users\Peter\AppData\Local\RadeonInstaller

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-01-27 14:11 - 2015-02-25 15:14 - 000000000 ____D C:\FRST
2018-01-27 14:09 - 2009-07-13 22:45 - 000034544 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2018-01-27 14:09 - 2009-07-13 22:45 - 000034544 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2018-01-27 13:54 - 2009-07-13 23:13 - 000930278 _____ C:\Windows\system32\PerfStringBackup.INI
2018-01-27 13:54 - 2009-07-13 21:20 - 000000000 ____D C:\Windows\inf
2018-01-27 13:53 - 2017-03-18 09:23 - 000002886 _____ C:\Windows\System32\Tasks\Driver Booster SkipUAC (Peter)
2018-01-27 13:48 - 2017-05-16 11:40 - 000003464 _____ C:\Windows\System32\Tasks\Application Starter - f1375f225883e83d52e8db9690775c3c
2018-01-27 13:48 - 2017-04-22 16:48 - 000000000 ____D C:\Temp
2018-01-27 13:48 - 2016-03-28 22:54 - 000000000 ____D C:\Users\Peter\AppData\Roaming\PlaysTV
2018-01-27 13:48 - 2016-03-28 22:50 - 000000000 ____D C:\Users\Peter\AppData\Roaming\Raptr
2018-01-27 13:48 - 2009-07-13 23:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2018-01-27 13:45 - 2016-12-27 17:30 - 000000000 ____D C:\Users\Peter\AppData\LocalLow\Mozilla
2018-01-27 11:44 - 2017-01-25 14:19 - 000000000 ____D C:\ProgramData\ProductData
2018-01-24 16:03 - 2015-03-27 20:55 - 000000000 ____D C:\Program Files (x86)\Origin
2018-01-24 11:40 - 2017-05-22 17:29 - 000000000 ____D C:\Program Files\Mozilla Firefox
2018-01-24 11:40 - 2015-03-02 13:01 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2018-01-24 11:39 - 2016-01-19 00:02 - 000065536 _____ C:\Windows\system32\spu_storage.bin
2018-01-23 18:07 - 2017-02-03 20:59 - 000000000 ____D C:\Users\Dr. Kitten\AppData\LocalLow\Mozilla
2018-01-23 18:05 - 2017-02-03 21:09 - 000000000 ____D C:\Users\Dr. Kitten\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Roblox
2018-01-23 08:05 - 2017-02-28 10:26 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2018-01-23 08:04 - 2009-07-13 21:20 - 000000000 ____D C:\Program Files\Common Files\Microsoft Shared
2018-01-23 07:56 - 2016-01-21 21:29 - 000000000 ____D C:\Program Files\Microsoft Office
2018-01-23 07:49 - 2017-10-29 09:08 - 000000000 ____D C:\Windows\Minidump
2018-01-23 07:49 - 2014-08-27 22:26 - 000291468 ____N C:\Windows\Minidump\012318-20826-01.dmp
2018-01-23 03:03 - 2017-01-11 13:58 - 000000000 ____D C:\Users\Peter\AppData\Local\CrashDumps
2018-01-22 02:01 - 2017-03-07 19:44 - 000003598 _____ C:\Windows\System32\Tasks\Zookaware Scheduled Update Check
2018-01-21 03:02 - 2016-01-19 00:04 - 000922400 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2018-01-20 16:36 - 2017-07-01 22:16 - 000071168 ___SH C:\Users\Peter\Desktop\Thumbs.db
2018-01-20 16:06 - 2016-05-10 22:35 - 000000000 ____D C:\Program Files (x86)\Samsung
2018-01-20 16:06 - 2016-01-19 00:30 - 000001417 _____ C:\Users\Peter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2018-01-20 16:06 - 2014-08-29 19:07 - 000000000 ____D C:\ProgramData\Samsung
2018-01-20 15:10 - 2017-05-10 21:57 - 000000000 ____D C:\Users\Peter\Desktop\game shortcuts
2018-01-20 15:10 - 2015-12-11 10:58 - 000000000 ____D C:\Users\Peter\AppData\Local\Bluestacks
2018-01-20 15:10 - 2015-03-02 18:17 - 000000000 ____D C:\Users\Peter\Desktop\tools
2018-01-20 13:15 - 2017-03-04 21:08 - 000000000 ____D C:\Users\Peter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Roblox
2018-01-20 12:47 - 2015-02-25 14:46 - 000000000 ____D C:\Program Files (x86)\Runtime Software
2018-01-20 12:12 - 2017-10-21 14:38 - 000001368 _____ C:\Users\Public\Desktop\IObit Uninstaller.lnk
2018-01-20 12:12 - 2017-06-27 11:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Uninstaller
2018-01-20 12:12 - 2017-01-25 14:19 - 000001380 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Uninstaller.lnk
2018-01-20 11:54 - 2016-05-11 00:43 - 000000000 ____D C:\Users\Peter\AppData\Roaming\Samsung
2018-01-20 11:54 - 2014-08-29 04:44 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2018-01-20 00:10 - 2017-11-16 08:04 - 000000000 ____D C:\Users\Administrator\AppData\LocalLow\Mozilla
2018-01-19 23:54 - 2017-06-27 17:03 - 000000000 ____D C:\Users\Administrator\AppData\Local\CrashDumps
2018-01-19 23:54 - 2014-08-30 10:54 - 000000000 ____D C:\Program Files (x86)\Steam
2018-01-19 23:45 - 2017-02-16 01:43 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare
2018-01-19 23:45 - 2015-09-07 15:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zhu Zhu Pets
2018-01-19 16:56 - 2009-07-13 21:20 - 000000000 ____D C:\Windows\registration
2018-01-19 16:52 - 2016-01-17 14:24 - 000000000 ____D C:\Windows\pss
2018-01-19 16:40 - 2017-06-27 17:01 - 000154880 _____ C:\Users\Administrator\AppData\Local\GDIPFONTCACHEV1.DAT
2018-01-17 13:07 - 2017-09-23 19:37 - 000000000 ____D C:\ProgramData\McAfee Security Scan
2018-01-17 13:07 - 2017-04-27 00:06 - 000000000 ____D C:\Users\DefaultAppPool
2018-01-17 13:07 - 2017-02-03 20:52 - 000000000 ____D C:\Users\Dr. Kitten
2018-01-17 13:07 - 2017-01-27 13:22 - 000000000 ____D C:\Users\Peter\AppData\Roaming\IObit
2018-01-17 13:07 - 2017-01-25 14:19 - 000000000 ____D C:\ProgramData\IObit
2018-01-17 13:07 - 2016-01-19 00:04 - 000000000 ____D C:\Users\Katiana
2018-01-17 13:07 - 2016-01-19 00:04 - 000000000 ____D C:\Users\Administrator
2018-01-17 11:17 - 2017-05-07 11:48 - 000000000 ____D C:\Program Files (x86)\GOG Galaxy
2018-01-17 11:10 - 2016-01-19 00:04 - 000000000 ____D C:\Users\Peter
2018-01-17 11:09 - 2009-07-13 22:45 - 000541368 _____ C:\Windows\system32\FNTCACHE.DAT
2018-01-15 16:45 - 2016-01-19 18:35 - 000154880 _____ C:\Users\Peter\AppData\Local\GDIPFONTCACHEV1.DAT
2018-01-14 22:24 - 2017-02-03 20:51 - 000000632 __RSH C:\Users\Peter\ntuser.pol
2018-01-14 20:59 - 2017-02-03 20:52 - 000001242 __RSH C:\Users\Dr. Kitten\ntuser.pol
2018-01-14 20:58 - 2017-06-27 17:01 - 000000632 __RSH C:\Users\Administrator\ntuser.pol
2018-01-14 03:08 - 2014-10-10 06:36 - 000000000 ____D C:\Users\Peter\AppData\Roaming\vlc
2018-01-12 21:42 - 2015-12-11 10:58 - 000000000 ____D C:\ProgramData\BlueStacksSetup
2018-01-11 11:27 - 2014-08-29 18:21 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS
2018-01-11 11:27 - 2014-08-29 04:39 - 000000000 ____D C:\Program Files (x86)\ASUS
2018-01-11 11:26 - 2014-08-29 04:40 - 000000000 ____D C:\Windows\System32\Tasks\ASUS
2018-01-11 11:17 - 2014-09-02 17:34 - 000000000 ____D C:\ProgramData\ASUS
2018-01-10 03:06 - 2017-10-12 05:14 - 129365736 ____C (Microsoft Corporation) C:\Windows\system32\MRT-KB890830.exe
2018-01-10 03:06 - 2016-01-19 20:43 - 129365736 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2018-01-10 03:06 - 2014-08-30 11:34 - 000000000 ____D C:\Windows\system32\MRT
2018-01-08 23:32 - 2016-12-28 13:03 - 000000000 ____D C:\Users\Peter\AppData\LocalLow\AMD
2018-01-08 02:09 - 2016-12-27 17:37 - 000000000 ____D C:\Users\Peter\AppData\Local\Roblox
2018-01-08 02:07 - 2016-12-27 17:37 - 000000252 _____ C:\Users\Peter\AppData\LocalLow\rbxcsettings.rbx
2018-01-07 21:42 - 2009-07-13 21:20 - 000000000 ____D C:\Windows\rescache
2018-01-07 14:08 - 2017-02-03 20:54 - 000000000 ____D C:\Users\Dr. Kitten\AppData\Local\CrashDumps
2018-01-06 15:32 - 2015-12-11 10:59 - 000000000 ____D C:\ProgramData\BlueStacks
2018-01-06 15:30 - 2009-07-13 21:20 - 000000000 __RHD C:\Users\Public\Libraries
2018-01-06 13:29 - 2009-07-13 21:20 - 000000000 ___HD C:\Windows\system32\GroupPolicyUsers
2018-01-06 00:47 - 2015-09-01 09:30 - 000002195 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-01-04 12:30 - 2017-07-02 00:34 - 000003168 _____ C:\Windows\System32\Tasks\SmartDefrag_AutoAnalyze
2018-01-04 09:44 - 2017-08-18 06:52 - 000001162 _____ C:\Users\Public\Desktop\Smart Defrag 5.lnk
2018-01-04 09:44 - 2017-07-02 00:34 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Smart Defrag
2018-01-02 17:18 - 2017-02-03 21:00 - 000154496 _____ C:\Users\Dr. Kitten\AppData\Local\GDIPFONTCACHEV1.DAT
2018-01-02 15:30 - 2017-02-03 20:52 - 000000000 ____D C:\Users\Dr. Kitten\AppData\Local\AMD
2017-12-29 15:43 - 2017-10-06 10:07 - 000000000 ____D C:\Windows\SysWOW64\directx
2017-12-29 15:34 - 2016-03-28 22:44 - 000000000 ____D C:\Program Files\AMD
2017-12-29 15:29 - 2014-08-27 23:45 - 000000000 ____D C:\AMD
2017-12-28 03:00 - 2015-03-01 21:11 - 000803328 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2017-12-28 03:00 - 2015-03-01 21:11 - 000144896 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2017-12-28 03:00 - 2015-03-01 21:11 - 000004314 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2017-12-28 03:00 - 2014-08-29 18:06 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2017-12-28 03:00 - 2014-08-29 18:06 - 000000000 ____D C:\Windows\system32\Macromed
2017-12-28 02:07 - 2017-10-21 07:28 - 000001105 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2017-12-28 02:04 - 2017-07-23 10:21 - 000000000 ____D C:\Users\Administrator\AppData\Local\AMD
2017-12-28 00:29 - 2016-01-17 14:26 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\Mozilla
2017-12-28 00:24 - 2017-11-16 08:04 - 000000000 ____D C:\Users\Administrator\AppData\LocalLow\AMD
2017-12-28 00:24 - 2016-03-28 22:50 - 000000000 ____D C:\Program Files (x86)\VulkanRT

==================== Files in the root of some directories =======

2017-01-15 21:24 - 2017-01-15 21:24 - 000000000 _____ () C:\ProgramData\cisBFC6.exe
2017-01-15 21:24 - 2017-01-15 21:24 - 000000000 _____ () C:\ProgramData\cisE476.exe
2014-10-15 12:50 - 2014-10-15 12:50 - 012136912 _____ (Citrix Online, a division of Citrix Systems, Inc.) C:\Users\Peter\gosetup.exe
2015-08-12 12:43 - 2015-08-12 12:43 - 009367160 _____ () C:\Program Files (x86)\IntelAndroidDrvSetup1.10.0.exe
2017-01-24 11:35 - 2017-01-24 11:38 - 000006647 _____ () C:\Users\Peter\AppData\Roaming\Comma Separated Values.EML
2014-08-29 06:02 - 2015-04-20 01:17 - 000003264 _____ () C:\Users\Peter\AppData\Roaming\PETER-PC.MTBF.txt
2017-02-16 01:46 - 2017-01-25 03:48 - 002626984 _____ (COMODO) C:\Users\Peter\AppData\Roaming\temp~ccavstart.exe
2017-02-16 01:46 - 2017-01-25 03:49 - 003882680 _____ (Terra Informatica Software, Inc.) C:\Users\Peter\AppData\Roaming\temp~cmdhtml.dll
2014-10-10 07:34 - 2014-10-13 06:34 - 000000132 _____ () C:\Users\Peter\AppData\Roaming\WB.CFG
2016-01-22 09:00 - 2017-07-08 13:35 - 000007626 _____ () C:\Users\Peter\AppData\Local\Resmon.ResmonCfg
2017-01-24 10:39 - 2017-01-24 10:39 - 000000037 _____ () C:\Users\Peter\AppData\Local\X-Plane Installer.prf
2017-01-24 10:39 - 2017-01-26 22:33 - 000000015 _____ () C:\Users\Peter\AppData\Local\X-Plane_drm_11.prf
2017-01-24 10:15 - 2017-01-24 10:15 - 000000016 _____ () C:\Users\Peter\AppData\Local\x-plane_install_11.txt

Some files in TEMP:
====================
2018-01-24 11:51 - 2018-01-24 11:51 - 116708576 _____ () C:\Users\Peter\AppData\Local\Temp\playstv_patch.exe

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2018-01-18 18:15

==================== End of FRST.txt ============================Additional scan result of Farbar Recovery Scan Tool (x64) Version: 27.01.2018
Ran by Peter (27-01-2018 14:13:10)
Running from C:\Users\Peter\Desktop
Windows 7 Professional Service Pack 1 (X64) (2016-01-19 06:28:55)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1439322100-2213096863-3173725656-500 - Administrator - Enabled) => C:\Users\Administrator
ASPNET (S-1-5-21-1439322100-2213096863-3173725656-1005 - Limited - Enabled)
Dr. Kitten (S-1-5-21-1439322100-2213096863-3173725656-1007 - Limited - Enabled) => C:\Users\Dr. Kitten
Guest (S-1-5-21-1439322100-2213096863-3173725656-501 - Limited - Enabled)
HomeGroupUser$ (S-1-5-21-1439322100-2213096863-3173725656-1002 - Limited - Enabled)
Katiana (S-1-5-21-1439322100-2213096863-3173725656-1003 - Limited - Enabled) => C:\Users\Katiana
Peter (S-1-5-21-1439322100-2213096863-3173725656-1000 - Administrator - Enabled) => C:\Users\Peter

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: IObit Malware Fighter (Enabled - Up to date) {A751AC20-3B48-5237-898A-78C4436BB78D}
FW: ZoneAlarm Pro Firewall (Disabled) {1B8D532F-88B1-B2AD-ED22-AED92687A1D2}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

1001 Nights: The Adventures Of Sindbad (HKLM-x32\...\1001 Nights: The Adventures Of Sindbad) (Version: - Alawar Entertainment Inc.)
12G-Complete (HKLM-x32\...\PactGhosts) (Version: - )
64 Bit HP CIO Components Installer (HKLM\...\{55D55008-E5F6-47D6-B16F-B2A40D4D145F}) (Version: 6.2.1 - Hewlett-Packard) Hidden
7-Zip 16.04 (x64) (HKLM\...\7-Zip) (Version: 16.04 - Igor Pavlov)
ACP Application (HKLM\...\{D40D140D-8596-9DF7-A05B-AEFBA5409831}) (Version: 2017.1206.1805.44 - Advanced Micro Devices, Inc.) Hidden
Action Ball 2 (HKLM-x32\...\Action Ball 2) (Version: 1.0 - Alawar Entertainment Inc.)
Action Ball Deluxe (HKLM-x32\...\Action Ball Deluxe) (Version: 1.0 - Alawar Entertainment Inc.)
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 18.009.20050 - Adobe Systems Incorporated)
Adobe Flash Player 24 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 24.0.0.194 - Adobe Systems Incorporated)
Adobe Flash Player 27 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 27.0.0.159 - Adobe Systems Incorporated)
Adobe Flash Player 28 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 28.0.0.126 - Adobe Systems Incorporated)
Advanced SystemCare 10 (HKLM-x32\...\Advanced SystemCare_is1) (Version: 10.5.0 - IObit)
AIO_Scan (HKLM-x32\...\{D86B0E2E-DF9A-441C-AF77-8D1A0FF00FA6}) (Version: 130.0.365.000 - Hewlett-Packard) Hidden
Alabama Smith in Escape from Pompeii (HKLM-x32\...\Alabama Smith in Escape from Pompeii) (Version: - Alawar Entertainment Inc.)
Alabama Smith in the Quest of Fate (HKLM-x32\...\Alabama Smith in the Quest of Fate) (Version: - Alawar Entertainment Inc.)
Alex Gordon (HKLM-x32\...\Alex Gordon) (Version: - Alawar Entertainment Inc.)
Alexandra Fortune - Mystery of the Lunar Archipelago (HKLM-x32\...\Alexandra Fortune - Mystery of the Lunar Archipelago) (Version: - Alawar Entertainment Inc.)
Alien Outbreak 2: Invasion (HKLM-x32\...\Alien Outbreak 2: Invasion) (Version: 1.0 - Alawar Entertainment Inc.)
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 9.0.000.8 - Advanced Micro Devices, Inc.)
Amelie's Cafe (HKLM-x32\...\Amelie's Cafe) (Version: - Alawar Entertainment Inc.)
Amelie's Cafe: Holiday Spirit (HKLM-x32\...\Amelie's Cafe: Holiday Spirit) (Version: 1.0 - Alawar Entertainment Inc.)
Amelie's Cafe: Summer Time (HKLM-x32\...\Amelie's Cafe: Summer Time) (Version: - Alawar Entertainment Inc.)
Angry Birds (HKLM-x32\...\{0CE0711D-A5E3-4E98-B3C0-0227A5E000CA}) (Version: 2.2.0 - Rovio)
Apple Application Support (32-bit) (HKLM-x32\...\{E92BB800-BCC5-4C25-8102-AC2C3B7C7C1E}) (Version: 5.5 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{9C912B1E-06DD-43EF-BB2B-45CB2C88BAAE}) (Version: 5.5 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{0A596141-97D5-45FA-9281-98DFAF48D579}) (Version: 10.3.2.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{52D87F32-70E4-4348-8148-C0B9F35B1314}) (Version: 2.3.0.177 - Apple Inc.)
Arctic Quest (HKLM-x32\...\Arctic Quest) (Version: 1.0 - Alawar Entertainment Inc.)
Arctic Quest 2 (HKLM-x32\...\Arctic Quest 2) (Version: 1.0 - Alawar Entertainment Inc.)
Asmedia ASM104x USB 3.0 Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.16.12.0 - Asmedia Technology)
Asmedia ASM106x SATA Host Controller Driver (HKLM-x32\...\{61942EF5-2CD8-47D4-869C-2E9A8BB085F1}) (Version: 1.3.4.001 - Asmedia Technology)
ASUS Boot Setting (HKLM-x32\...\{7AAE9187-C24F-4073-A951-36C370E7A3A5}) (Version: 1.00.22 - ASUSTeK Computer Inc.)
ASUS GPU Tweak (HKLM-x32\...\{532F6E8A-AF97-41C3-915F-39F718EC07D1}) (Version: 2.5.2.3 - ASUSTek COMPUTER INC.) Hidden
ASUS GPU Tweak (HKLM-x32\...\InstallShield_{532F6E8A-AF97-41C3-915F-39F718EC07D1}) (Version: 2.5.2.3 - ASUSTek COMPUTER INC.)
ASUS MultiFrame (HKLM-x32\...\{FB4D076A-DEFD-4EAF-AD63-70D5A3BC262A}) (Version: 1.1.0 - ASUS)
ASUS Product Register Program (HKLM-x32\...\{C87D79F6-F813-4812-B7A9-CCCAAB8B1188}) (Version: 1.0.025 - ASUSTek Computer Inc.)
ASUS ROG Connect Plus (HKLM-x32\...\{ECF51D37-52ED-4871-BF8B-FEA34B8B4120}) (Version: 1.00.22 - ASUSTeK Computer Inc.)
Asus Sonic Suite Plugins (HKLM-x32\...\{f0c1caa6-9d8d-47a9-b9a0-1d83ded7e857}) (Version: 1.2.401 - ASUSTeKcomputer.Inc) Hidden
ASUS_ROG_THEME (HKLM-x32\...\ASUS_ROG_THEME) (Version: 1.01.00 - ASUSTeK Computer Inc.)
Auslogics Registry Cleaner (HKLM-x32\...\{8D8024F1-2945-49A5-9B78-5AB7B11D7942}_is1) (Version: 7.0.1.0 - Auslogics Labs Pty Ltd)
Aztec Tribe (HKLM-x32\...\Aztec Tribe) (Version: 1.0 - Alawar Entertainment Inc.)
Aztec Tribe: New Land (HKLM-x32\...\Aztec Tribe: New Land) (Version: 1.0 - Alawar Entertainment Inc.)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Beach Party Craze (HKLM-x32\...\Beach Party Craze) (Version: - Alawar Entertainment Inc.)
Belarc Advisor 8.5c (HKLM-x32\...\Belarc Advisor) (Version: 8.5.3.0 - Belarc Inc.)
Big Fish: Game Manager (HKLM-x32\...\BFGC) (Version: 3.3.0.2 - )
Bilbo - The Four Corners of the World (HKLM-x32\...\Bilbo - The Four Corners of the World) (Version: - Alawar Entertainment Inc.)
BitPim 1.0.7 (HKLM-x32\...\{FA61D601-A0FC-48BD-AE7A-54946BCD7FB6}_is1) (Version: 1.0.7 - Joe Pham <djpham@bitpim.org>)
BlueStacks App Player (HKLM-x32\...\BlueStacks) (Version: 3.54.65.1755 - BlueStack Systems, Inc.)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Broadcom 802.11 Network Adapter (HKLM\...\Broadcom 802.11 Network Adapter) (Version: 6.34.223.5 - Broadcom Corporation)
BufferChm (HKLM-x32\...\{2EEA7AA4-C203-4b90-A34F-19FB7EF1C81C}) (Version: 130.0.331.000 - Hewlett-Packard) Hidden
Carl the Caveman (HKLM-x32\...\Carl the Caveman) (Version: 1.0 - Alawar Entertainment Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.39 - Piriform)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.) Hidden
Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.) Hidden
Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.) Hidden
City Magnate (HKLM-x32\...\City Magnate) (Version: 1.0 - Alawar Entertainment Inc.)
Copy (HKLM-x32\...\{3C92B2E6-380D-4fef-B4DF-4A3B4B669771}) (Version: 130.0.428.000 - Hewlett-Packard) Hidden
Corsair Gaming Headset Software (HKLM-x32\...\{6118E939-08B6-4180-8B5B-97836617813B}) (Version: 2.0.35 - Corsair)
Corsair Link (HKLM-x32\...\{658EFB3F-8606-4576-8FEC-B0CED48F1E68}) (Version: 3.1.5525 - Corsair)
Corsair Link™ USB Dongle (Driver Removal) (HKLM-x32\...\SIUSBXP&1B1C&1C00) (Version: - Corsair Memory, Inc.)
CPUID ROG CPU-Z 1.66.1 (HKLM\...\CPUID ROG CPU-Z_is1) (Version: 1.66.1 - CPUID, Inc.)
Creative Pack Volume 1 (HKLM-x32\...\{05181A78-3BA6-4B63-BCE8-888A4BCAACFA}) (Version: 3.0.1 - Corel Corporation)
Crop Busters (HKLM-x32\...\Crop Busters) (Version: 1.0 - Alawar Entertainment Inc.)
Crusaders Of Space 2 (HKLM-x32\...\Crusaders Of Space 2) (Version: 1.0 - Alawar Entertainment Inc.)
CyberLink Media Suite 10 (HKLM-x32\...\InstallShield_{8F14AA37-5193-4A14-BD5B-BDF9B361AEF7}) (Version: 10.0 - CyberLink Corp.)
DAEMON Tools Pro (HKLM-x32\...\DAEMON Tools Pro) (Version: 5.2.0.0350 - DT Soft Ltd)
Dancing Craze (HKLM-x32\...\Dancing Craze) (Version: - Alawar Entertainment Inc.)
Data Import Utility (HKLM-x32\...\{98E62842-1524-4C30-9E60-1545CDD810A4}) (Version: 2.00.005 - PIXELA)
Dazzle Video Capture DVC100 X64 Driver 1.06 (HKLM-x32\...\{BFF23267-1D19-444E-93E2-E5059BE805EA}) (Version: 1.06.0000 - Pinnacle)
Destinations (HKLM-x32\...\{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}) (Version: 130.0.0.0 - Hewlett-Packard) Hidden
DeviceDiscovery (HKLM-x32\...\{2FF8C687-DB7D-4adc-A5DC-57983EC25046}) (Version: 130.0.465.000 - Hewlett-Packard) Hidden
Digger Adventures (HKLM-x32\...\Digger Adventures) (Version: 1.0 - Alawar Entertainment Inc.)
Digital TV for PC 2 (HKLM-x32\...\Digital TV for PC 2_is1) (Version: - 3B Software, Inc.)
DocProc (HKLM-x32\...\{9B362566-EC1B-4700-BB9C-EC661BDE2175}) (Version: 13.0.0.0 - Hewlett-Packard) Hidden
Dragon Age: Origins (HKLM-x32\...\{AEC81925-9C76-4707-84A9-40696C613ED3}) (Version: 1.05.13263.0 - Electronic Arts)
Dragon Age™ II (HKLM-x32\...\{E1EB9F56-AFE2-4204-B28F-AD8DA793B9F4}) (Version: 1.04.8524.0 - Electronic Arts)
Dragon Puzzle (HKLM-x32\...\Dragon Puzzle) (Version: 1.0 - Alawar Entertainment Inc.)
DriveImage XML (Private Edition) (HKLM-x32\...\{F7E1CA14-B39D-452A-960B-39423DDDD933}) (Version: 2.60.000 - Runtime Software)
Driver Booster 4.5 (HKLM-x32\...\Driver Booster_is1) (Version: 4.5.0 - IObit)
DriverMax 9 (HKLM-x32\...\DMX5_is1) (Version: 9.31.0.206 - Innovative Solutions)
DriverTuner 4.5 (HKU\S-1-5-21-1439322100-2213096863-3173725656-1000\...\{459D8863-43B0-47F6-9E1C-F826DCB081E1}_is1) (Version: 4.5 - DriverTuner.net)
Enchanted Cavern (HKLM-x32\...\Enchanted Cavern) (Version: 1.0 - Alawar Entertainment Inc.)
Entropia Universe (HKLM-x32\...\Entropia Universe) (Version: 15.11.3.140709 - MindArk PE AB)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version: - )
Express Burn Disc Burning Software (HKLM-x32\...\ExpressBurn) (Version: 4.84 - NCH Software)
Farm Frenzy 2 (HKLM-x32\...\Farm Frenzy 2) (Version: - Alawar Entertainment Inc.)
Farm Frenzy 3 (HKLM-x32\...\Farm Frenzy 3) (Version: - Alawar Entertainment Inc.)
Fashion Craze (HKLM-x32\...\Fashion Craze) (Version: - Alawar Entertainment Inc.)
Fashion Season (HKLM-x32\...\Fashion Season) (Version: 1.0 - Alawar Entertainment Inc.)
Fax (HKLM-x32\...\{440B915A-0C85-45DB-92AE-75AE14704A64}) (Version: 130.0.418.000 - Hewlett-Packard) Hidden
Filmmaker's Toolkit for Studio (HKLM-x32\...\{2444562A-A7DC-42B8-A4D8-1BCF704B1480}) (Version: 1.0.1 - Red Giant) Hidden
Filmmaker's Toolkit for Studio (HKLM-x32\...\InstallShield_{2444562A-A7DC-42B8-A4D8-1BCF704B1480}) (Version: 1.0.1 - Red Giant)
Finding Doggy (HKLM-x32\...\Finding Doggy) (Version: 1.0 - Alawar Entertainment Inc.)
Flower Quest (HKLM-x32\...\Flower Quest) (Version: 1.0 - Alawar Entertainment Inc.)
Free Opener (HKLM\...\{A1F2C608-32D6-467D-B035-BBEF509042BA}_is1) (Version: 1.0 - EZ Freeware)
Froggy's Adventures (HKLM-x32\...\Froggy's Adventures) (Version: 1.0 - Alawar Entertainment Inc.)
Fruit Lockers 2 - The Enchanting Islands (HKLM-x32\...\Fruit Lockers 2 - The Enchanting Islands) (Version: - Alawar Entertainment Inc.)
Glyph (HKLM-x32\...\Glyph) (Version: - Trion Worlds, Inc.)
GOG Galaxy (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version: - GOG.com)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 63.0.3239.132 - Google Inc.)
Google Earth (HKLM-x32\...\{5D0A40B1-C5A2-4E87-B346-8D7FB6A80B0E}) (Version: 7.1.7.2602 - Google)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.7 - Google Inc.) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
Gourmania (HKLM-x32\...\Gourmania) (Version: - Alawar Entertainment Inc.)
Gourmania 2: Great Expectations (HKLM-x32\...\Gourmania 2: Great Expectations) (Version: - Alawar Entertainment Inc.)
Gourmania 3: Zoo Zoom (HKLM-x32\...\Gourmania 3: Zoo Zoom) (Version: 1.0 - Alawar Entertainment Inc.)
GPBaseService2 (HKLM-x32\...\{63FF21C9-A810-464F-B60A-3111747B1A6D}) (Version: 130.0.371.000 - Hewlett-Packard) Hidden
GPUTweakStreaming (HKLM-x32\...\{D2A41AA7-4313-43D5-AA39-7E3FBBE0556D}) (Version: 1.0.3.5 - ASUS) Hidden
GPUTweakStreaming (HKLM-x32\...\InstallShield_{D2A41AA7-4313-43D5-AA39-7E3FBBE0556D}) (Version: 1.0.3.5 - ASUS)
Grand Master Chess Online (HKLM-x32\...\Grand Master Chess Online) (Version: 1.0 - Alawar Entertainment Inc.)
Hamlet (HKLM-x32\...\Hamlet) (Version: - Alawar Entertainment Inc.)
Haunted Domains (HKLM-x32\...\Haunted Domains) (Version: 1.0 - Alawar Entertainment Inc.)
Helium (HKLM-x32\...\{9A781940-AC41-4D5E-8E1E-76A04B916FB9}) (Version: 1.0.0 - ClockworkMod)
Heroes Of Hellas (HKLM-x32\...\Heroes Of Hellas) (Version: - Alawar Entertainment Inc.)
Heroes of Hellas 2: Olympia (HKLM-x32\...\Heroes of Hellas 2: Olympia) (Version: - Alawar Entertainment Inc.)
Hidden World (HKLM-x32\...\Hidden World) (Version: 1.0 - Alawar Entertainment Inc.)
Holly 2 - Magic Land (HKLM-x32\...\Holly 2 - Magic Land) (Version: - Alawar Entertainment Inc.)
Holly. A Christmas Tale Deluxe (HKLM-x32\...\Holly. A Christmas Tale Deluxe) (Version: 1.0 - Alawar Entertainment Inc.)
Hollywood FX Volumes 1-3 (HKLM-x32\...\{E3D181F8-246B-497F-945E-6DB98CBA6677}) (Version: 2.0.1 - Corel Corporation)
Hotel Mogul (HKLM-x32\...\Hotel Mogul) (Version: - Alawar Entertainment Inc.)
HP Customer Participation Program 13.0 (HKLM\...\HPExtendedCapabilities) (Version: 13.0 - HP)
HP Imaging Device Functions 13.0 (HKLM\...\HP Imaging Device Functions) (Version: 13.0 - HP)
HP Photosmart All-In-One Driver Software 13.0 Rel. 2 (HKLM\...\{988329F4-A1A1-4D51-803C-EF2725A97627}) (Version: 13.0 - HP)
HP Photosmart Essential 3.5 (HKLM\...\HP Photosmart Essential) (Version: 3.5 - HP)
HP Smart Web Printing 4.51 (HKLM\...\HP Smart Web Printing) (Version: 4.51 - HP)
HP Update (HKLM-x32\...\{7059BDA7-E1DB-442C-B7A1-6144596720A4}) (Version: 4.000.011.006 - Hewlett-Packard)
HPPhotoGadget (HKLM-x32\...\{CAE4213F-F797-439D-BD9E-79B71D115BE3}) (Version: 130.0.282.000 - Hewlett-Packard) Hidden
HPPhotoSmartDiscLabel_PaperLabel (HKLM-x32\...\{D9D8F2CF-FE2D-4644-9762-01F916FE90A9}) (Version: 2.04.0000 - Hewlett-Packard) Hidden
HPPhotoSmartDiscLabel_PrintOnDisc (HKLM-x32\...\{20EFC9AA-BBC1-4DFD-81FF-99654F71CBF8}) (Version: 2.04.0000 - Hewlett-Packard) Hidden
HPPhotoSmartDiscLabelContent1 (HKLM-x32\...\{681B698F-C997-42C3-B184-B489C6CA24C9}) (Version: 2.04.0000 - Hewlett-Packard) Hidden
hpphotosmartdisclabelplugin (HKLM-x32\...\{B28635AB-1DF3-4F07-BFEA-975D911B549B}) (Version: 2.04.0000 - Hewlett-Packard) Hidden
HPPhotosmartEssential (HKLM-x32\...\{D79113E7-274C-470B-BD46-01B10219DF6A}) (Version: 2.04.0000 - Hewlett-Packard) Hidden
HPProductAssistant (HKLM-x32\...\{C43326F5-F135-4551-8270-7F7ABA0462E1}) (Version: 130.0.371.000 - Hewlett-Packard) Hidden
HPSSupply (HKLM-x32\...\{6B2FFB21-AC88-45C3-9A7D-4BB3E744EC91}) (Version: 130.0.371.000 - Hewlett-Packard) Hidden
Hyperballoid 2 (HKLM-x32\...\Hyperballoid 2) (Version: 1.0 - Alawar Entertainment Inc.)
Hyperspace Invader (HKLM-x32\...\Hyperspace Invader) (Version: 1.0 - Alawar Entertainment Inc.)
Indeo® Software (HKLM-x32\...\Indeo® Software) (Version: - )
Intel Security True Key (HKLM\...\TrueKey) (Version: 4.4.129.1 - Intel Security)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.0.0.1310 - Intel Corporation)
Intel® Network Connections 18.1.59.0 (HKLM\...\PROSetDX) (Version: 18.1.59.0 - Intel)
Intel® Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.0.1016 - Intel Corporation)
IObit Malware Fighter 5 (HKLM-x32\...\IObit Malware Fighter_is1) (Version: 5.1 - IObit)
IObit Uninstaller (HKLM-x32\...\IObitUninstall) (Version: 7.2.0.11 - IObit)
Island Realms (HKLM-x32\...\Island Realms) (Version: - Alawar Entertainment Inc.)
iTunes (HKLM\...\{F0C7385A-9D20-45F3-8101-05D383885180}) (Version: 12.6.1.25 - Apple Inc.)
iZotope Music & Speech Cleaner (HKLM-x32\...\iZotope Music & Speech Cleaner_is1) (Version: 1.00 - iZotope, Inc.)
Java 8 Update 141 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180141F0}) (Version: 8.0.1410.15 - Oracle Corporation)
Java 8 Update 151 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180151F0}) (Version: 8.0.1510.12 - Oracle Corporation)
Jenny's Fish Shop (HKLM-x32\...\Jenny's Fish Shop) (Version: 1.0 - Alawar Entertainment Inc.)
Joan Jade and the Gates of Xibalba (HKLM-x32\...\Joan Jade and the Gates of Xibalba) (Version: - Alawar Entertainment Inc.)
Joulemeter (HKLM-x32\...\{E043568C-1745-4C69-9D52-43F6E79EB03B}) (Version: 1.2.0 - Microsoft Research)
Journey of Hope (HKLM-x32\...\Journey of Hope) (Version: - Alawar Entertainment Inc.)
Juliette's Fashion Empire (HKLM-x32\...\Juliette's Fashion Empire) (Version: 1.0 - Alawar Entertainment Inc.)
K-Lite Codec Pack 7.0.0 (Standard) (HKLM-x32\...\KLiteCodecPack_is1) (Version: 7.0.0 - )
Land of Runes 1.0 (HKLM-x32\...\Land of Runes) (Version: 1.0 - Viva Media, LLC)
LG Outlook Sync (HKLM-x32\...\{84CA1CCF-5CF7-4ED6-8CFA-77DD5C949505}) (Version: 1.1.0.4 - LG Electronics)
Logitech Gaming Software 5.10 (HKLM\...\{1444D2EE-C7AD-44A8-844F-2634B49353D1}) (Version: 5.10.127 - Logitech)
Macrium Reflect Free Edition (HKLM\...\{BEA0E5E1-8658-4091-92EF-F121D3E09BFD}) (Version: 7.1.2833 - Paramount Software (UK) Ltd.) Hidden
Macrium Reflect Free Edition (HKLM\...\MacriumReflect) (Version: 7.1 - Paramount Software (UK) Ltd.)
Magic Encyclopedia - Moon Light (HKLM-x32\...\Magic Encyclopedia - Moon Light) (Version: - Alawar Entertainment Inc.)
Magic Encyclopedia. First Story (HKLM-x32\...\Magic Encyclopedia. First Story) (Version: - Alawar Entertainment Inc.)
Magic Shop (HKLM-x32\...\Magic Shop) (Version: 1.0 - Alawar Entertainment Inc.)
Mahjongg Artifacts (HKLM-x32\...\Mahjongg Artifacts) (Version: 1.0 - Alawar Entertainment Inc.)
Mahjongg Artifacts 2 (HKLM-x32\...\Mahjongg Artifacts 2) (Version: - Alawar Entertainment Inc.)
Malwarebytes version 3.3.1.2183 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.3.1.2183 - Malwarebytes)
MarketResearch (HKLM-x32\...\{175F0111-2968-4935-8F70-33108C6A4DE3}) (Version: 130.0.374.000 - Hewlett-Packard) Hidden
McAfee Safe Connect (HKLM-x32\...\{F210DAEC-9E43-467E-87E8-B02DA469CFFC}) (Version: 1.4.1.150 - McAfee, Inc)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.11.599.11 - McAfee, Inc.)
MemTweakIt (HKLM-x32\...\{E51AAC3A-D66D-4912-B883-DAFBA249D10F}) (Version: 2.02.01 - ASUSTeK Computer Inc.)
Microsoft .NET Framework 4.7 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.02053 - Microsoft Corporation)
Microsoft Office 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 16.0.8827.2148 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1439322100-2213096863-3173725656-1000\...\OneDriveSetup.exe) (Version: 17.3.6998.0830 - Microsoft Corporation)
Microsoft Primary Interoperability Assemblies 2005 (HKLM-x32\...\{2C303EE0-A595-3543-A71A-931C7AC40EDE}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40649 (HKLM-x32\...\{35b83883-40fa-423c-ae73-2aff7e1ea820}) (Version: 12.0.40649.5 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24212 (HKLM-x32\...\{323dad84-0974-4d90-a1c1-e006c7fdbb7d}) (Version: 14.0.24212.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24212 (HKLM-x32\...\{462f63a8-6347-4894-a1b3-dbfe3a4c981d}) (Version: 14.0.24212.0 - Microsoft Corporation)
Minecraft (HKLM-x32\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang)
Mirror's Edge™ Catalyst (HKLM-x32\...\{12228a0d-f6ad-4691-82af-d2c643424468}) (Version: 1.0.3.47248 - Electronic Arts)
mmCARD Recovery (HKLM-x32\...\mmCARD Recovery) (Version: 3 - DigitalLeo Ltd.)
Monster House 1.0 (HKLM-x32\...\Monster House) (Version: 1.0 - Viva Media, LLC)
Motion Graphics Toolkit for Studio (HKLM-x32\...\{E5C99F9E-E97D-40B6-BAFC-8BCBFF1031E4}) (Version: 1.0.1 - Red Giant) Hidden
Motion Graphics Toolkit for Studio (HKLM-x32\...\InstallShield_{E5C99F9E-E97D-40B6-BAFC-8BCBFF1031E4}) (Version: 1.0.1 - Red Giant)
Motorola Device Manager (HKLM-x32\...\{28DB8373-C1BB-444F-A427-A55585A12ED7}) (Version: 2.2.28 - Motorola Mobility)
Motorola Device Software Update (HKLM-x32\...\{2AADC4EE-94C8-422B-977B-547774C4A463}) (Version: 1.0.40 - Motorola Mobility) Hidden
Motorola MMCP Drivers Installation 1.0.3 (HKLM\...\{98308D2E-57F7-4F76-9D85-CB00810426B5}) (Version: 1.0.3 - Motorola Inc.)
Motorola Mobile Drivers Installation 5.9.0 (HKLM\...\{4E7CCB76-687B-4C53-9A5E-08780AF3A551}) (Version: 5.9.0 - Motorola Inc.) Hidden
Motorola Software Update (HKLM-x32\...\{241C1CF5-9112-442C-B919-F0ADB50F343E}) (Version: 01.16.42 - Motorola)
Mozilla Firefox 58.0 (x64 en-US) (HKLM\...\Mozilla Firefox 58.0 (x64 en-US)) (Version: 58.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 56.0.1 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
My Farm Life (HKLM-x32\...\My Farm Life) (Version: 1.0 - Alawar Entertainment Inc.)
Myst Online: Uru Live (remove only) (HKLM-x32\...\MOUL) (Version: - )
Mysteries of Horus (HKLM-x32\...\Mysteries of Horus) (Version: 1.0 - Viva Media LLC)
Mystery Cookbook (HKLM-x32\...\Mystery Cookbook) (Version: - Alawar Entertainment Inc.)
NahimicSettingsConfigurator (HKLM\...\{3094F0B9-A3E1-4A01-9B0F-2531645C72CF}) (Version: 1.2.401 - ASUSTeKcomputer.Inc) Hidden
Natalie Brooks - Secrets of Treasure House (HKLM-x32\...\Natalie Brooks - Secrets of Treasure House) (Version: - Alawar Entertainment Inc.)
Natalie Brooks - The Treasures of the Lost Kingdom (HKLM-x32\...\Natalie Brooks - The Treasures of the Lost Kingdom ) (Version: 1.0 - Alawar Entertainment Inc.)
Network64 (HKLM\...\{05EFBF37-0E52-4579-875C-7EEF0DFB4FCB}) (Version: 130.0.572.000 - Hewlett-Packard) Hidden
Nik Collection (HKLM-x32\...\Nik Collection) (Version: 1.2.11 - Google)
OCR Software by I.R.I.S. 13.0 (HKLM\...\HPOCR) (Version: 13.0 - HP)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.8827.2148 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.8827.2148 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0409-1000-0000000FF1CE}) (Version: 16.0.8827.2148 - Microsoft Corporation) Hidden
OpenGL Extensions Viewer 5.0 (HKLM-x32\...\GLVIEW3) (Version: 508 - )
OpinionSquare (HKLM-x32\...\{9cf77345-ac1f-46e5-83ff-79676bee4d6b}) (Version: 1.3.337.407 - TMRG, Inc.)
Oracle VM VirtualBox 5.1.0_Sirrix (HKLM\...\{3E94027F-171C-4D95-BAD6-AD97AB64A539}) (Version: 5.1.0 - Sirrix AG)
Oriental Dreams (HKLM-x32\...\Oriental Dreams) (Version: - Alawar Entertainment Inc.)
Origin (HKLM-x32\...\Origin) (Version: 10.5.10.24870 - Electronic Arts, Inc.)
Paradise (HKLM-x32\...\Paradise_is1) (Version: - White Birds Productions)
PC Inspector File Recovery (HKLM-x32\...\{0DD140D3-9563-481E-AA75-BA457CBDAEF2}) (Version: 4.0 - )
PC Inspector smart recovery (HKLM-x32\...\{C9A87D86-FDFD-418B-BF96-EF09320973B3}) (Version: 4.50 - )
Pet Show Craze (HKLM-x32\...\Pet Show Craze) (Version: - Alawar Entertainment Inc.)
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9.141.259 - Google, Inc.)
Pinnacle Studio 17 - Install Manager (HKLM-x32\...\{F04D92CC-5C3A-46FA-9C98-6EACBDD262FF}) (Version: 17.0.131 - Corel Corporation)
Pinnacle Studio 17 - Standard Content Pack (HKLM-x32\...\{BA98BFA8-5EDF-450B-A92E-C096DC135D0E}) (Version: 17.0 - Corel Corporation)
Pinnacle Studio 17 (HKLM-x32\...\{3DA8F808-72E2-4361-82EC-433081D23005}) (Version: 17.6.0.332 - Corel Corporation)
PlaysTV (HKLM-x32\...\PlaysTV) (Version: 1.27.5-r125535-release - Plays.tv, LLC)
PRB Line (HKLM-x32\...\PRB Line) (Version: - )
Premium Pack Volumes 1-2 (HKLM-x32\...\{88C4D8A6-9954-46A0-965D-92E55DAB8734}) (Version: 2.0.1 - Corel Corporation)
Prince of Persia (HKLM-x32\...\{7C11154F-3539-4CB5-979D-EF7913473E53}) (Version: 1.0 - Ubisoft)
PS_AIO_02_Software (HKLM-x32\...\{94F8D42D-BB31-4858-9705-7D756D8D9655}) (Version: 130.0.365.000 - Hewlett-Packard) Hidden
PS_AIO_02_Software_Min (HKLM-x32\...\{685B0843-6C8D-4E42-B60D-2B86B45526E0}) (Version: 130.0.365.000 - Hewlett-Packard) Hidden
QuickTime 7 (HKLM-x32\...\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 - Apple Inc.)
Raptr (HKLM-x32\...\Raptr) (Version: 5.2.11-r125663-release - Raptr, Inc)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7982 - Realtek Semiconductor Corp.)
Recover Files 3.31 (HKLM-x32\...\Recover Files_is1) (Version: - Undelete & Unerase, Inc.)
Recuva (HKLM\...\Recuva) (Version: 1.51 - Piriform)
Refresher (HKLM-x32\...\Refresher) (Version: - )
Rescue Frenzy (HKLM-x32\...\Rescue Frenzy) (Version: 1.0 - Alawar Entertainment Inc.)
Revo Uninstaller Pro 3.2.0 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 3.2.0 - VS Revo Group, Ltd.)
RIFT (HKLM-x32\...\{D7A0A22A-C132-4B6F-8D68-67B95117DE93}) (Version: 1.0.0 - Trion Worlds, Inc.) Hidden
RIFT (HKLM-x32\...\InstallShield_{D7A0A22A-C132-4B6F-8D68-67B95117DE93}) (Version: 1.0.0 - Trion Worlds, Inc.)
ROBLOX Player (HKLM-x32\...\{373B1718-8CC5-4567-8EE2-9033AD08A680}) (Version: - ROBLOX Corporation)
Roblox Player for Peter (HKU\S-1-5-21-1439322100-2213096863-3173725656-1000\...\{373B1718-8CC5-4567-8EE2-9033AD08A680}) (Version: - Roblox Corporation)
Roblox Studio for Peter (HKU\S-1-5-21-1439322100-2213096863-3173725656-1000\...\{2922D6F1-2865-4EFA-97A9-94EEAB3AFA14}) (Version: - Roblox Corporation)
R-Studio 7.3 (HKLM-x32\...\R-Studio 7.3NSIS) (Version: 7.3.155233 - R-Tools Technology Inc.)
Samsung Magician (HKLM-x32\...\{29AE3F9F-7158-4ca7-B1ED-28A73ECDB215}_is1) (Version: 5.2.0.1610 - Samsung Electronics)
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.63.0 - Samsung Electronics Co., Ltd.)
Scan (HKLM-x32\...\{0F367CA3-3B2F-43F9-A44A-25A8EE69E45D}) (Version: 13.0.0.0 - Hewlett-Packard) Hidden
ScoreFitter Volumes 1-2 (HKLM-x32\...\{0FDA9ECA-6DA3-480E-B7A9-76F353AF6B6C}) (Version: 2.0.1 - Corel Corporation)
ScummVM 1.8.1 (HKLM-x32\...\ScummVM_is1) (Version: - The ScummVM Team)
Sea Bounty - Dead Man's Chest (HKLM-x32\...\Sea Bounty - Dead Man's Chest) (Version: - Alawar Entertainment Inc.)
Secunia PSI (3.0.0.10004) (HKLM-x32\...\Secunia PSI) (Version: 3.0.0.10004 - Secunia)
Sheep's Quest (HKLM-x32\...\Sheep's Quest) (Version: - Alawar Entertainment Inc.)
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 13.0 - HP)
Ski Resort Mogul (HKLM-x32\...\Ski Resort Mogul) (Version: 1.0 - Alawar Entertainment Inc.)
Sky Kingdoms (HKLM-x32\...\Sky Kingdoms) (Version: - Alawar Entertainment Inc.)
Sky Taxi 4 (HKLM-x32\...\Sky Taxi 4) (Version: 1.0 - Alawar Entertainment Inc.)
Skype Click to Call (HKLM-x32\...\{873F8E7C-10E6-449F-BD7E-5FBA7C8E1C9B}) (Version: 8.5.0.9167 - Microsoft Corporation)
Smart Defrag 5 (HKLM-x32\...\Smart Defrag_is1) (Version: 5.8.0 - IObit)
SmartSound Common Data (HKLM-x32\...\{B8A2869E-30CA-40C5-9CF8-BD7354E57EF8}) (Version: 1.1.0 - SmartSound Software Inc.) Hidden
SmartSound Common Data (HKLM-x32\...\InstallShield_{B8A2869E-30CA-40C5-9CF8-BD7354E57EF8}) (Version: 1.1.0 - SmartSound Software Inc.)
SmartWebPrinting (HKLM-x32\...\{DC635845-46D3-404B-BCB1-FC4A91091AFA}) (Version: 130.0.457.000 - Hewlett-Packard) Hidden
Snark Busters: All Revved Up! (HKLM-x32\...\Snark Busters: All Revved Up!) (Version: 1.0 - Alawar Entertainment Inc.)
Snark Busters: Welcome to the Club (HKLM-x32\...\Snark Busters: Welcome to the Club) (Version: 1.0 - Alawar Entertainment Inc.)
Snowy Puzzle Islands 1.0 (HKLM-x32\...\Snowy Puzzle Islands) (Version: 1.0 - Viva Media, LLC)
Snowy: Fish Frenzy (HKLM-x32\...\Snowy: Fish Frenzy) (Version: 1.0 - Alawar Entertainment Inc.)
Snowy: Lunch Rush (HKLM-x32\...\Snowy: Lunch Rush) (Version: 1.0 - Alawar Entertainment Inc.)
Snowy: Space Trip (HKLM-x32\...\Snowy: Space Trip) (Version: 1.0 - Alawar Entertainment Inc.)
Snowy: The Bear's Adventures (HKLM-x32\...\Snowy: The Bear's Adventures) (Version: 1.0 - Alawar Entertainment Inc.)
Snowy: Treasure Hunter (HKLM-x32\...\Snowy: Treasure Hunter) (Version: 1.0 - Alawar Entertainment Inc.)
Snowy: Treasure Hunter 2 (HKLM-x32\...\Snowy: Treasure Hunter 2) (Version: 1.0 - Alawar Entertainment Inc.)
SolutionCenter (HKLM-x32\...\{4A70EF07-7F88-4434-BB61-D1DE8AE93DD4}) (Version: 130.0.373.000 - Hewlett-Packard) Hidden
Sonic Radar (HKLM\...\{0FB2E1BE-0747-468A-AD6B-4043B7BDDED5}) (Version: 1.2.401 - ASUSTeKcomputer.Inc)
Sonic Radar (HKLM\...\{A14FEAA1-142B-4DAF-87C1-500764B0383D}) (Version: 1.1.201 - ASUSTeKcomputer.Inc)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version: - )
SpeedyFixer 7.3 (HKU\S-1-5-21-1439322100-2213096863-3173725656-1000\...\{ACFE6C69-8528-41A3-B06B-CE5C7FE4398B}_is1) (Version: 7.3 - Blue Century Software)
Spotify (HKU\S-1-5-21-1439322100-2213096863-3173725656-1000\...\Spotify) (Version: 1.0.64.399.g4637b02a - Spotify AB)
Sprill - The Mystery of The Bermuda Triangle (HKLM-x32\...\Sprill - The Mystery of The Bermuda Triangle) (Version: - Alawar Entertainment Inc.)
Sprill and Ritchie - Adventures In Time (HKLM-x32\...\Sprill and Ritchie - Adventures In Time) (Version: - Alawar Entertainment Inc.)
Stand O'Food (HKLM-x32\...\Stand O'Food) (Version: - Alawar Entertainment Inc.)
STAR WARS™ Battlefront™ (HKLM-x32\...\{E402D891-4E45-4ce9-B41F-DD35864EF170}) (Version: 1.0.7.64833 - Electronic Arts)
Status (HKLM-x32\...\{0EF5BEA9-B9D3-46d7-8958-FB69A0BAEACC}) (Version: 130.0.469.000 - Hewlett-Packard) Hidden
Steam (HKLM-x32\...\Steam) (Version: - Valve Corporation)
Strike Ball 3 (HKLM-x32\...\Strike Ball 3) (Version: - Alawar Entertainment Inc.)
SUABnR (HKLM-x32\...\{2485354C-6B65-4978-BB91-CCE61442377B}) (Version: 1.1.0.13103_1 - Samsung Electronics Co., Ltd.) Hidden
SUABnR (HKLM-x32\...\InstallShield_{2485354C-6B65-4978-BB91-CCE61442377B}) (Version: 1.1.0.13103_1 - Samsung Electronics Co., Ltd.)
Summer Resort Mogul 1.0 (HKLM-x32\...\Summer Resort Mogul) (Version: 1.0 - Viva Media, LLC)
Sunshine Acres (HKLM-x32\...\Sunshine Acres) (Version: 1.0 - Alawar Entertainment Inc.)
Supermarket Mania (HKLM-x32\...\Supermarket Mania) (Version: - Alawar Entertainment Inc.)
The Curse Of Montezuma (HKLM-x32\...\The Curse Of Montezuma) (Version: - Alawar Entertainment Inc.)
The Enchanting Islands (HKLM-x32\...\The Enchanting Islands) (Version: - Alawar Entertainment Inc.)
The Joy of Farming (HKLM-x32\...\The Joy of Farming) (Version: 1.0 - Alawar Entertainment Inc.)
The Treasures Of Montezuma (HKLM-x32\...\The Treasures Of Montezuma) (Version: - Alawar Entertainment Inc.)
The Treasures Of Montezuma 2 (HKLM-x32\...\The Treasures Of Montezuma 2) (Version: - Alawar Entertainment Inc.)
The Witcher Enhanced Edition Director's Cut (HKLM-x32\...\1207658924_is1) (Version: 2.1.0.15 - GOG.com)
Time Breaker (HKLM-x32\...\Time Breaker) (Version: 1.0 - Alawar Entertainment Inc.)
Titanfall™ (HKLM-x32\...\{347EE0C3-0690-48F6-A231-53853C2A80D6}) (Version: 1.0.10.1 - Electronic Arts)
Title Extreme (HKLM-x32\...\{F7214014-27EE-4237-9978-2F9D1551559B}) (Version: 2.0.1 - Corel Corporation)
Tomb Raider: Anniversary 1.0 (HKLM-x32\...\Tomb Raider: Anniversary) (Version: - )
Toolbox (HKLM-x32\...\{6BBA26E9-AB03-4FE7-831A-3535584CA002}) (Version: 130.0.648.000 - Hewlett-Packard) Hidden
Tory's Shop'n'Rush 1.0 (HKLM-x32\...\Tory's Shop'n'Rush) (Version: 1.0 - Viva Media, LLC)
TrayApp (HKLM-x32\...\{1EC71BFB-01A3-4239-B6AF-B1AE656B15C0}) (Version: 130.0.422.000 - Hewlett-Packard) Hidden
Treasure Masters, Inc. (HKLM-x32\...\Treasure Masters, Inc.) (Version: - Alawar Entertainment Inc.)
Tropical Farm (HKLM-x32\...\Tropical Farm ) (Version: 1.0 - Alawar Entertainment Inc.)
TurboTax 2014 (HKLM-x32\...\TurboTax 2014) (Version: 2014.0 - Intuit, Inc)
TurboTax 2015 (HKLM-x32\...\TurboTax 2015) (Version: 2015.0 - Intuit, Inc)
Turtix - Rescue Adventure (HKLM-x32\...\Turtix - Rescue Adventure) (Version: 1.0 - Alawar Entertainment Inc.)
Turtix (HKLM-x32\...\Turtix) (Version: - Alawar Entertainment Inc.)
Unity Web Player (HKU\S-1-5-21-1439322100-2213096863-3173725656-1000\...\UnityWebPlayer) (Version: 5.0.3f2 - Unity Technologies ApS)
UnloadSupport (HKLM-x32\...\{4E7C28C7-D5DA-4E9F-A1CA-60490B54AE35}) (Version: 11.0.0 - Hewlett-Packard) Hidden
Unravel™ (HKLM-x32\...\{5105E605-9EE7-4050-9CC0-005093BBF89A}) (Version: 1.0.0.0 - Electronic Arts, Inc.)
Vacation Mogul (HKLM-x32\...\Vacation Mogul) (Version: - Alawar Entertainment Inc.)
Vampires vs Zombies (HKLM-x32\...\Vampires vs Zombies) (Version: 1.0 - Viva Media, LLC)
VC_CRT_x64 (HKLM\...\{54F2237F-018C-483B-8884-9FC0D88840C3}) (Version: 1.02.0000 - Intel Corporation) Hidden
Verizon Wireless Software Upgrade Assistant - Samsung(ar) (HKLM-x32\...\{6B8AC866-8C52-4FAE-BCD7-F80713F513F9}) (Version: 3.17.0601 - Samsung Electronics Co., Ltd.)
Virtual Farm (HKLM-x32\...\Virtual Farm ) (Version: 1.0 - Alawar Entertainment Inc.)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.6 - VideoLAN)
Vulkan Run Time Libraries 1.0.3.1 (HKLM\...\VulkanRT1.0.3.1) (Version: 1.0.3.1 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.37.0 (HKLM\...\VulkanRT1.0.37.0) (Version: 1.0.37.0 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.39.1 (HKLM\...\VulkanRT1.0.39.1) (Version: 1.0.39.1 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.65.0 (HKLM\...\VulkanRT1.0.65.0) (Version: 1.0.65.0 - LunarG, Inc.) Hidden
WD Drive Utilities (HKLM-x32\...\{2F540611-6560-470F-924A-5F52EFA9156F}) (Version: 1.0.5.7 - Western Digital Technologies, Inc.)
WD Quick View (HKLM-x32\...\{F4F2EF32-EAFE-4F87-B7DC-E19C9F8E76FC}) (Version: 2.4.16.16 - Western Digital Technologies, Inc.)
WD Security (HKLM-x32\...\{A95E3E66-D5A4-404E-997D-02562AA492E8}) (Version: 1.0.5.7 - Western Digital Technologies, Inc.)
WD SES Driver Setup (HKLM-x32\...\{924A274D-38B6-4930-8859-F3F51CFA8DDD}) (Version: 1.0.5.7 - Western Digital) Hidden
WD SmartWare (HKLM\...\{515B34CA-1229-4EDA-AE7C-53CBA68B8A7A}) (Version: 2.4.16.16 - Western Digital Technologies, Inc.)
WD SmartWare Installer (HKLM-x32\...\{4555885d-a64c-4234-9aac-72a8a6b5590b}) (Version: 2.4.16.16 - Western Digital Technologies, Inc.)
WebReg (HKLM-x32\...\{43CDF946-F5D9-4292-B006-BA0D92013021}) (Version: 130.0.132.017 - Hewlett-Packard) Hidden
WebStorage (HKLM-x32\...\WebStorage) (Version: 2.0.1.213 - ASUS Cloud Corporation)
WIDCOMM Bluetooth Software (HKLM\...\{A1439D4F-FD46-47F2-A1D3-FEE097C29A09}) (Version: 6.5.1.4800 - Broadcom Corporation)
Windows Driver Package - OLYMPUS IMAGING CORP. (VNUSB) VNUSB (09/29/2009 2.0.0.0) (HKLM\...\75BD84FDFF77342C2A347F729669CBD84CE11B04) (Version: 09/29/2009 2.0.0.0 - OLYMPUS IMAGING CORP.)
Windows Resource Kit Tools - SubInAcl.exe (HKLM-x32\...\{D3EE034D-5B92-4A55-AA02-2E6D0A6A96EE}) (Version: 5.2.3790.1164 - Microsoft Corporation)
WinPcap 4.1.3 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2980 - Riverbed Technology, Inc.)
WinRAR 5.40 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH)
WinZip 19.0 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240E7}) (Version: 19.0.11294 - WinZip Computing, S.L. )
Wireshark 2.2.7 (32-bit) (HKLM-x32\...\Wireshark) (Version: 2.2.7 - The Wireshark developer community, hxxps://www.wireshark.org)
Wise Data Recovery 3.72 (HKLM-x32\...\Wise Data Recovery_is1) (Version: 3.72 - WiseCleaner.com, Inc.)
Wise Memory Optimizer 3.41 (HKLM-x32\...\Wise Memory Optimizer_is1) (Version: 3.41 - WiseCleaner.com, Inc.)
WizTree v2.01 (HKLM-x32\...\WizTree_is1) (Version: - Antibody Software)
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version: - Blizzard Entertainment)
Yahoo! Messenger (HKLM-x32\...\Yahoo! Messenger) (Version: - Yahoo! Inc.)
Yahoo! Software Update (HKLM-x32\...\Yahoo! Software Update) (Version: - )
Zak & Jack in Showdown at Monstertown (HKLM-x32\...\Zak & Jack in Showdown at Monstertown) (Version: 1.0 - Alawar Entertainment Inc.)
Zhu Zhu Pets (HKLM-x32\...\BFG-Zhu Zhu Pets) (Version: - )
ZookaWare (HKLM-x32\...\ZookaWare) (Version: 5.0.2 - ZookaWare)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [!AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7191} => C:\Program Files (x86)\Common Files\AWS\2.0.1.213\ASUSWSShellExt64.dll [2013-06-25] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D809} => C:\Program Files (x86)\Common Files\AWS\2.0.1.213\ASUSWSShellExt64.dll [2013-06-25] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_U] -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4E} => C:\Program Files (x86)\Common Files\AWS\2.0.1.213\ASUSWSShellExt64.dll [2013-06-25] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers1-x32: [12Ghosts 2ndBackup] -> {00000000-0002-5041-4354-0020e48020af} => C:\Program Files (x86)\12Ghosts\12b2menu.dll [2010-02-04] (12Ghosts Inc. - www.12Ghosts.com)
ContextMenuHandlers1-x32: [12Ghosts ShellX] -> {00000000-0001-5041-4354-0020e48020af} => C:\Program Files (x86)\12Ghosts\12shellx.dll [2010-02-04] (12Ghosts Inc. - www.12Ghosts.com)
ContextMenuHandlers1-x32: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov)
ContextMenuHandlers1-x32: [Advanced SystemCare] -> {2803063F-4B8D-4dc6-8874-D1802487FE2D} => C:\Program Files (x86)\IObit\Advanced SystemCare\ASCExtMenu_64.dll [2016-09-20] (IObit)
ContextMenuHandlers1-x32: [Comodo Antivirus] -> {4255A182-CAD9-4214-A19B-7BA7FB633BBD} => -> No File
ContextMenuHandlers1-x32: [DaemonShellExtImage] -> {40966797-8FFE-46C8-9EF8-7003F33CCF0F} => C:\Program Files (x86)\DAEMON Tools Pro\DTShl64.dll [2012-12-27] (DT Soft Ltd)
ContextMenuHandlers1-x32: [IObit Malware Fighter] -> {0BB81440-5F42-4480-A5F7-770A6F439FC8} => C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFShellExt.dll [2017-03-31] (IObit)
ContextMenuHandlers1-x32: [IObitUnstaler] -> {B19ED566-D419-470b-B111-3C89040BC027} => C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMenuRight.dll [2017-05-22] (IObit)
ContextMenuHandlers1-x32: [ReflectShellExt] -> {DEBB9B79-B3DD-47F4-9E5C-EA6975BAB611} => C:\Program Files\Macrium\Reflect\RContextMenu.dll [2017-10-01] (Paramount Software UK Ltd)
ContextMenuHandlers1-x32: [SmartDefragExtension] -> {189F1E63-33A7-404B-B2F6-8C76A452CC54} => C:\Windows\System32\IObitSmartDefragExtension.dll [2016-03-25] (IObit)
ContextMenuHandlers1-x32: [WDBackupMenuHandler] -> {C752BC82-C19A-4827-9C15-0996BA85C180} => C:\Program Files\Western Digital\WD SmartWare\\WDContextMenuHandler.dll [2016-04-19] (Western Digital Technologies, Inc.)
ContextMenuHandlers1-x32: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2016-08-14] (Alexander Roshal)
ContextMenuHandlers1-x32-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2016-08-14] (Alexander Roshal)
ContextMenuHandlers1-x32-x32: [WinZip] -> {E0D79304-84BE-11CE-9641-444553540000} => C:\Program Files\WinZip\wzshls64.dll [2014-12-15] (WinZip Computing, S.L.)
ContextMenuHandlers2-x32: [12Ghosts 2ndBackup] -> {00000000-0002-5041-4354-0020e48020af} => C:\Program Files (x86)\12Ghosts\12b2menu.dll [2010-02-04] (12Ghosts Inc. - www.12Ghosts.com)
ContextMenuHandlers2-x32: [12Ghosts ShellX] -> {00000000-0001-5041-4354-0020e48020af} => C:\Program Files (x86)\12Ghosts\12shellx.dll [2010-02-04] (12Ghosts Inc. - www.12Ghosts.com)
ContextMenuHandlers2-x32: [Advanced SystemCare] -> {2803063F-4B8D-4dc6-8874-D1802487FE2D} => C:\Program Files (x86)\IObit\Advanced SystemCare\ASCExtMenu_64.dll [2016-09-20] (IObit)
ContextMenuHandlers2-x32: [CWDDriveMenuHandler] -> {CCEFA845-DCDB-4A2F-8BED-DBE87CD198EC} => C:\Program Files\Western Digital\WD SmartWare\\WDContextMenuHandler.dll [2016-04-19] (Western Digital Technologies, Inc.)
ContextMenuHandlers2-x32: [DaemonShellExtDrive] -> {A5415364-784A-41A5-B47A-D452909CA8FF} => C:\Program Files (x86)\DAEMON Tools Pro\DTShl64.dll [2012-12-27] (DT Soft Ltd)
ContextMenuHandlers2-x32: [ReflectShellExt] -> {DEBB9B79-B3DD-47F4-9E5C-EA6975BAB611} => C:\Program Files\Macrium\Reflect\RContextMenu.dll [2017-10-01] (Paramount Software UK Ltd)
ContextMenuHandlers3: [BackupContextMenuExtension] -> {b1b96b20-da1d-4a3c-92c1-7229b32f2326} => C:\Windows\SYSTEM32\mscoree.dll [2010-11-20] (Microsoft Corporation)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => E:\Program Files\Anti-Malware\mbshlext.dll [2017-11-01] (Malwarebytes)
ContextMenuHandlers4-x32: [12Ghosts 2ndBackup] -> {00000000-0002-5041-4354-0020e48020af} => C:\Program Files (x86)\12Ghosts\12b2menu.dll [2010-02-04] (12Ghosts Inc. - www.12Ghosts.com)
ContextMenuHandlers4-x32: [12Ghosts ShellX] -> {00000000-0001-5041-4354-0020e48020af} => C:\Program Files (x86)\12Ghosts\12shellx.dll [2010-02-04] (12Ghosts Inc. - www.12Ghosts.com)
ContextMenuHandlers4-x32: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov)
ContextMenuHandlers4-x32: [Advanced SystemCare] -> {2803063F-4B8D-4dc6-8874-D1802487FE2D} => C:\Program Files (x86)\IObit\Advanced SystemCare\ASCExtMenu_64.dll [2016-09-20] (IObit)
ContextMenuHandlers4-x32: [IObit Malware Fighter] -> {0BB81440-5F42-4480-A5F7-770A6F439FC8} => C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFShellExt.dll [2017-03-31] (IObit)
ContextMenuHandlers4-x32: [IObitUnstaler] -> {B19ED566-D419-470b-B111-3C89040BC027} => C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMenuRight.dll [2017-05-22] (IObit)
ContextMenuHandlers4-x32: [WinZip] -> {E0D79304-84BE-11CE-9641-444553540000} => C:\Program Files\WinZip\wzshls64.dll [2014-12-15] (WinZip Computing, S.L.)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => -> No File
ContextMenuHandlers6-x32: [12Ghosts 2ndBackup] -> {00000000-0002-5041-4354-0020e48020af} => C:\Program Files (x86)\12Ghosts\12b2menu.dll [2010-02-04] (12Ghosts Inc. - www.12Ghosts.com)
ContextMenuHandlers6-x32: [12Ghosts ShellX] -> {00000000-0001-5041-4354-0020e48020af} => C:\Program Files (x86)\12Ghosts\12shellx.dll [2010-02-04] (12Ghosts Inc. - www.12Ghosts.com)
ContextMenuHandlers6-x32: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov)
ContextMenuHandlers6-x32: [IObit Malware Fighter] -> {0BB81440-5F42-4480-A5F7-770A6F439FC8} => C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFShellExt.dll [2017-03-31] (IObit)
ContextMenuHandlers6-x32: [IObitUnstaler] -> {B19ED566-D419-470b-B111-3C89040BC027} => C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMenuRight.dll [2017-05-22] (IObit)
ContextMenuHandlers6-x32: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => E:\Program Files\Anti-Malware\mbshlext.dll [2017-11-01] (Malwarebytes)
ContextMenuHandlers6-x32: [RUShellExt] -> {2C5515DC-2A7E-4BFD-B813-CACC2B685EB7} => C:\Program Files\VS Revo Group\Revo Uninstaller Pro\RUExt.dll [2012-12-29] (VS Revo Group)
ContextMenuHandlers6-x32: [SmartDefragExtension] -> {189F1E63-33A7-404B-B2F6-8C76A452CC54} => C:\Windows\System32\IObitSmartDefragExtension.dll [2016-03-25] (IObit)
ContextMenuHandlers6-x32: [WDBackupMenuHandler] -> {C752BC82-C19A-4827-9C15-0996BA85C180} => C:\Program Files\Western Digital\WD SmartWare\\WDContextMenuHandler.dll [2016-04-19] (Western Digital Technologies, Inc.)
ContextMenuHandlers6-x32: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2016-08-14] (Alexander Roshal)
ContextMenuHandlers6-x32-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2016-08-14] (Alexander Roshal)
ContextMenuHandlers6-x32-x32: [WinZip] -> {E0D79304-84BE-11CE-9641-444553540000} => C:\Program Files\WinZip\wzshls64.dll [2014-12-15] (WinZip Computing, S.L.)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {03F651E1-16BB-4AE8-96A8-A111D8CE5AAF} - System32\Tasks\SmartDefrag_Update => C:\Program Files (x86)\IObit\Smart Defrag\AutoUpdate.exe [2017-07-28] (IObit)
Task: {095CFDC1-EC51-41A5-B592-D723596C0A3D} - System32\Tasks\Motorola Device Manager Engine => C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotorolaDeviceManagerUpdate.exe [2012-07-17] ()
Task: {0FDC0871-F7F3-4A91-8B9D-4520CF998129} - System32\Tasks\Start Corsair Link => C:\Program Files (x86)\Corsair\Corsair Link\CorsairLINK.exe [2015-02-16] ()
Task: {129C5BA3-D223-43BA-A5E7-66AAA3C47786} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2018-01-21] (Microsoft Corporation)
Task: {12E9BED9-9B54-4B03-BE4A-2F00C5D4D71F} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {16F967CD-C067-4A96-B5A3-DF4429579F64} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {284EFBC7-E7D1-4CD0-B2DD-74021DB6D502} - System32\Tasks\Driver Booster SkipUAC (Peter) => C:\Program Files (x86)\IObit\Driver Booster\4.5.0\DriverBooster.exe [2017-07-28] (IObit)
Task: {35B196B7-D7E7-47DC-B7FE-77140AD83F1D} - System32\Tasks\{37F07D5F-29C0-463B-9B47-5F4F224B8DA2} => C:\Windows\system32\pcalua.exe -a C:\Users\Peter\Downloads\dixmlsetup.exe -d C:\Users\Peter\Downloads
Task: {385A1899-4D48-479D-87DD-9F62F32B06EA} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {396062FF-C8BC-4B0B-A435-F4357465EDB6} - System32\Tasks\ASUS\ASUS Product Register Service => C:\Program Files (x86)\ASUS\APRP\aprp.exe [2013-08-27] (ASUSTek Computer Inc.)
Task: {3B9507AD-7E29-4DAB-A7EE-DB330F93ED45} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018-01-21] (Microsoft Corporation)
Task: {46958B6E-6F8A-4931-96AF-3D198C5BB91E} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [2017-12-06] (Advanced Micro Devices, Inc.)
Task: {4901A8B5-C850-47E8-B49D-6AB0E0E6BB5E} - System32\Tasks\{F686285D-2AC5-497A-8279-79F6906B546C} => C:\Users\Peter\Desktop\BLACK BUCCANEER\setup.exe [2006-05-23] (10Tacle )
Task: {4E216687-E9DC-469D-8656-2DD47A1F751C} - System32\Tasks\DriverMax Notification => C:\Program Files (x86)\Innovative Solutions\DriverMax\drivermax.exe [2017-05-09] (Innovative Solutions)
Task: {5EA316E4-BB4E-4DA6-B344-8FDFF8E87C50} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018-01-21] (Microsoft Corporation)
Task: {6046DDE0-B407-4FF3-B74B-5A2E09A562F2} - System32\Tasks\{F8E4E30D-0E6F-4A4D-BCCB-0BE892AA56EE} => E:\SteamLibrary\steamapps\common\Myst Masterpiece\Myst.exe [2017-07-18] ()
Task: {636C7A6D-D3CC-4060-AA68-62103242F514} - \ASC10_SkipUac_adm -> No File <==== ATTENTION
Task: {63CE2969-4B1A-4D92-8B3D-C43799B5D1E8} - System32\Tasks\StartDVR => C:\Program Files\AMD\CNext\CNext\dvrcmd.exe [2017-12-06] (Advanced Micro Devices, Inc.)
Task: {660CA881-F622-43D3-9704-97CC7C0848D4} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2018-01-15] (Microsoft Corporation)
Task: {6633FB95-F9DC-4208-BEF6-F9621319AAE2} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {74979589-00D9-4679-A0E9-0D5AB1BB2F30} - System32\Tasks\Motorola Device Manager Initial Update => C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotorolaDeviceManagerUpdate.exe [2012-07-17] ()
Task: {75147590-8AE2-4FCB-9427-92C610F81DA8} - System32\Tasks\WiseCleaner\WMOSkipUAC => C:\Program Files (x86)\Wise\Wise Memory Optimizer\WiseMemoryOptimzer.exe [2015-09-09] (WiseCleaner.com)
Task: {78901E9E-4278-453F-8931-7B0EB8E67DDF} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-09-27] (Adobe Systems Incorporated)
Task: {7AE744A6-509C-4E29-834E-13CFDDA2B88C} - System32\Tasks\Uninstaller_SkipUac_Mike => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe [2017-12-12] (IObit)
Task: {7D047625-0D4C-49B1-9C2C-889917C55213} - System32\Tasks\{D8C36108-D826-4703-9629-487BD1ABEF27} => C:\Windows\system32\pcalua.exe -a C:\Users\Mike\ashampoo_firewall_free_120_sm.exe -d C:\Users\Mike
Task: {7DA0BD5C-E1A5-463B-99DE-919B0A1D8DAD} - System32\Tasks\Zookaware Scheduled Update Check => C:\Program Files (x86)\ZookaWare\ZookaWare.exe [2017-09-07] (ZookaWare)
Task: {7F4F7054-CD0B-4309-8157-F3A12803434F} - System32\Tasks\{DD0B1554-5C14-4886-88C0-375368DC80F9} => E:\SteamLibrary\steamapps\common\Myst Masterpiece\Myst.exe [2017-07-18] ()
Task: {803127DB-3FA6-4126-81E2-90808B0069D4} - System32\Tasks\McAfee Remediation (Prepare) => C:\Program Files\Common Files\AV\McAfee Anti-Virus And Anti-Spyware\upgrade.exe [2016-03-01] (McAfee, Inc.)
Task: {83660075-8403-48D1-B4D2-B11136583EA1} - System32\Tasks\{BD548CDD-8C33-4753-9AA3-6F21F86F1457} => E:\SteamLibrary\steamapps\common\Myst Masterpiece\Myst.exe [2017-07-18] ()
Task: {843C1510-490E-4631-B627-237ACCC15C90} - System32\Tasks\WiseCleaner\WDRSkipUAC => C:\Program Files (x86)\Wise\Wise Data Recovery\WiseDataRecovery.exe [2015-07-03] (WiseCleaner.com)
Task: {8A79BA91-5174-45DC-818B-E7C0D7BC7FB6} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {93FB7EEF-4A45-4D6E-96B7-4D74A3C73C3E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {94CB06E7-11B1-47FC-B768-6C02D77B0EFC} - System32\Tasks\Application Starter - f1375f225883e83d52e8db9690775c3c => C:\Program Files (x86)\Innovative Solutions\DriverMax\innostp.exe [2017-05-09] (Innovative Solutions)
Task: {94E5884E-FA7E-4453-A8EA-9365B0728B32} - System32\Tasks\Driver Booster Scheduler => C:\Program Files (x86)\IObit\Driver Booster\4.5.0\Scheduler.exe [2017-07-26] (IObit)
Task: {9710ACF0-BCA5-4C11-B93A-F8DA73B5DD9A} - System32\Tasks\{27D73459-7F47-4823-AE51-9BA13BC52BFC} => E:\SteamLibrary\steamapps\common\Myst Masterpiece\Myst.exe [2017-07-18] ()
Task: {9D62B3C7-C8C7-4BC1-BDB7-D969B1605206} - System32\Tasks\DriverMaxAgent => C:\Program Files (x86)\Innovative Solutions\DriverMax\drivermax.exe [2017-05-09] (Innovative Solutions)
Task: {A6DAB744-68A6-4104-B731-23A1ABF6B1AD} - \ASC10_PerformanceMonitor -> No File <==== ATTENTION
Task: {B160AEC1-4F1C-4E85-991A-B4E8D9524C2F} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2018-01-09] (Piriform Ltd)
Task: {B3756EFF-A90A-4348-B043-8767AB2E040F} - System32\Tasks\{A9618B4E-6D54-42E7-A76D-80E59068EAF9} => C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\Origin\vcredist_x64_vs2010.exe" -d "C:\Program Files (x86)\Origin" -c /q
Task: {B4E55EA3-7341-4F08-BF56-4880B9899B15} - System32\Tasks\SmartDefrag_Startup => C:\Program Files (x86)\IObit\Smart Defrag\SmartDefrag.exe [2017-12-20] (IObit)
Task: {C03FBAE2-CA4E-430C-8C10-BFA63775254F} - System32\Tasks\SmartDefrag_AutoAnalyze => C:\Program Files (x86)\IObit\Smart Defrag\AutoDefrag.exe [2016-06-06] (IObit)
Task: {C7EFBADA-CE5B-48E1-B50E-2001A6488CCA} - System32\Tasks\Motorola Device Manager Update => C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotorolaDeviceManagerUpdate.exe [2012-07-17] ()
Task: {C9300441-269A-4BAE-BDC8-8648B6CA00C3} - \ASC10_SkipUac_Peter -> No File <==== ATTENTION
Task: {CA3685E2-761E-4A33-804E-423E4E0905A5} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2018-01-15] (Microsoft Corporation)
Task: {E8E0AFAC-719C-4F74-B2BA-675A6732CE86} - System32\Tasks\DriverMaxWelcome => C:\Program Files (x86)\Innovative Solutions\DriverMax\drivermax.exe [2017-05-09] (Innovative Solutions)
Task: {EAD456EF-069A-47ED-8D10-C90E754E8C0C} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_24_0_0_194_pepper.exe [2017-02-10] (Adobe Systems Incorporated)
Task: {EB159061-A277-45DA-A8A4-5A7D08913B5A} - System32\Tasks\ASUS\RC TweakIt Server Execute => C:\Program Files (x86)\ASUS\ASUS ROG Connect Plus\RC TweakIt Server\AsBCLK.exe [2013-04-12] ()
Task: {EB8CA187-5960-4CED-874F-D54CD2123F0C} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2017-02-14] (Apple Inc.)
Task: {F1BB1B85-A61B-44A8-AFA4-CED44D9465E6} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-12-28] (Adobe Systems Incorporated)
Task: {F22A7615-B859-433C-B37A-3E174B1FA3B5} - System32\Tasks\Uninstaller_SkipUac_Peter => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe [2017-12-12] (IObit)
Task: {F3F1B983-7441-4CFA-A322-6F5CA21E7A99} - System32\Tasks\SamsungMagician => C:\Program Files (x86)\Samsung\Samsung Magician\SamsungMagician.exe [2018-01-08] (Samsung Electronics Co. Ltd.)
Task: {FC1DAB89-9FDE-4BBA-8DCE-F1659529B806} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_24_0_0_194_pepper.exe
Task: C:\Windows\Tasks\CCleaner Update.job => C:\Program Files\CCleaner\CCUpdate.exe

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


Shortcut: C:\Users\Peter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\realtech VR\OpenGL Extensions Viewer 5.0\OpenGL Extensions Viewer 5.0 Home Page.lnk -> hxxp://www.realtech-vr.com/glview
Shortcut: C:\Users\Peter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\realtech VR\OpenGL Extensions Viewer 5.0\realtech VR Home Page.lnk -> hxxp://www.realtech-vr.com

ShortcutWithArgument: C:\Users\Peter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Helium Backup.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=gpglbgbpeobllokpmeagpoagjbfknanl

==================== Loaded Modules (Whitelisted) ==============

2015-04-02 22:49 - 2015-02-16 20:23 - 003113280 _____ () C:\Program Files (x86)\Corsair\Corsair Link\CorsairLINK.exe
2016-11-09 09:45 - 2016-11-09 09:45 - 000118592 _____ () C:\Windows\system32\AcpiServiceVnA64.dll
2016-11-09 09:46 - 2016-11-09 09:46 - 000105312 _____ () C:\Windows\system32\audioLibVc.dll
2017-05-08 23:44 - 2017-05-08 23:44 - 001354040 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2017-01-13 12:56 - 2017-01-13 12:56 - 000092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2014-08-29 04:39 - 2013-06-04 16:41 - 000936728 ____N () C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe
2017-05-09 02:05 - 2017-05-09 02:05 - 001354040 _____ () C:\Program Files\iTunes\libxml2.dll
2017-05-09 02:05 - 2017-05-09 02:05 - 000092472 _____ () C:\Program Files\iTunes\zlib1.dll
2014-09-02 17:42 - 2013-04-12 09:07 - 001985848 _____ () C:\Program Files (x86)\ASUS\ASUS ROG Connect Plus\RC TweakIt Server\AsBCLK.exe
2012-07-17 14:31 - 2012-07-17 14:31 - 000116632 _____ () C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe
2012-07-17 14:31 - 2012-07-17 14:31 - 000776088 _____ () C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperAgent.exe
2017-07-22 00:55 - 2017-07-22 00:55 - 000015360 _____ () C:\Program Files\AMD\CNext\CNext\libEGL.DLL
2017-07-22 00:55 - 2017-07-22 00:55 - 002519040 _____ () C:\Program Files\AMD\CNext\CNext\libGLESv2.dll
2017-11-13 09:44 - 2017-12-12 11:48 - 002301384 _____ () E:\PROGRAM FILES\ANTI-MALWARE\SelfProtectionSdk.dll
2017-11-13 09:44 - 2017-12-12 11:48 - 002358728 _____ () E:\PROGRAM FILES\ANTI-MALWARE\MwacLib.dll
2017-12-12 14:22 - 2017-12-12 14:22 - 000020184 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\QtWebEngineProcess.exe
2017-07-02 00:34 - 2016-01-11 17:03 - 000899872 _____ () C:\Program Files (x86)\IObit\Smart Defrag\webres.dll
2017-07-02 00:34 - 2016-01-11 17:02 - 000630048 _____ () C:\Program Files (x86)\IObit\Smart Defrag\ProductStatistics.dll
2015-04-02 22:49 - 2015-02-09 10:52 - 000203264 _____ () C:\Program Files (x86)\Corsair\Corsair Link\UsbRobbins.dll
2015-04-02 22:49 - 2015-02-09 10:52 - 000203776 _____ () C:\Program Files (x86)\Corsair\Corsair Link\UsbClink.dll
2014-08-29 04:39 - 2018-01-27 13:48 - 000034304 _____ () C:\Program Files (x86)\ASUS\AXSP\1.01.02\PEbiosinterface32.dll
2014-08-29 04:39 - 2013-06-04 16:41 - 000104448 ____N () C:\Program Files (x86)\ASUS\AXSP\1.01.02\ATKEX.dll
2017-03-07 23:38 - 2017-05-09 07:26 - 000010544 _____ () C:\Program Files (x86)\Innovative Solutions\DriverMax\sync.dll
2014-09-02 17:42 - 2013-03-07 09:43 - 000179712 _____ () C:\Program Files (x86)\ASUS\ASUS ROG Connect Plus\RC TweakIt Server\AsusService.dll
2014-09-02 17:42 - 2013-03-07 13:37 - 000470016 _____ () C:\Program Files (x86)\ASUS\ASUS ROG Connect Plus\RC TweakIt Server\IccHelper.dll
2017-12-12 14:22 - 2017-12-12 14:22 - 000033280 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\cx_Logging.cp35-win32.pyd
2017-12-12 14:22 - 2017-12-12 14:22 - 000103424 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\win32api.pyd
2017-12-12 14:22 - 2017-12-12 14:22 - 000111616 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\pywintypes35.dll
2017-12-12 14:22 - 2017-12-12 14:22 - 000041984 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\win32process.pyd
2017-12-12 14:22 - 2017-12-12 14:22 - 000405504 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\pythoncom35.dll
2017-12-12 14:22 - 2017-12-12 14:22 - 000173568 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\win32gui.pyd
2017-12-12 14:22 - 2017-12-12 14:22 - 001934336 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\PyQt5.QtGui.pyd
2017-12-12 14:22 - 2017-12-12 14:22 - 000077824 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\sip.pyd
2017-12-12 14:22 - 2017-12-12 14:22 - 001780736 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\PyQt5.QtCore.pyd
2017-12-12 14:22 - 2017-12-12 14:22 - 000505856 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\PyQt5.QtNetwork.pyd
2017-12-12 14:22 - 2017-12-12 14:22 - 003812864 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\PyQt5.QtWidgets.pyd
2017-02-16 01:45 - 2016-08-10 16:13 - 000188704 _____ () C:\Program Files (x86)\IObit\IObit Malware Fighter\unrar.dll
2017-07-08 13:30 - 2016-08-10 16:13 - 000899872 _____ () C:\Program Files (x86)\IObit\IObit Malware Fighter\webres.dll
2017-02-16 01:45 - 2016-08-10 16:13 - 000151840 _____ () C:\Program Files (x86)\IObit\IObit Malware Fighter\zlibwapi.dll
2017-07-08 13:30 - 2017-05-09 09:59 - 000631584 _____ () C:\Program Files (x86)\IObit\IObit Malware Fighter\ProductStatistics.dll
2017-12-12 14:22 - 2017-12-12 14:22 - 000021504 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\win32event.pyd
2017-12-12 14:22 - 2017-12-12 14:22 - 000113171 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\libvlc.dll
2017-12-12 14:22 - 2017-12-12 14:22 - 002396691 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\libvlccore.dll
2017-12-12 14:22 - 2017-12-12 14:22 - 000124416 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\win32file.pyd
2017-12-12 14:22 - 2017-12-12 14:22 - 000084992 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\PyQt5.QtSvg.pyd
2017-12-12 14:22 - 2017-12-12 14:22 - 000152064 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\PyQt5.QtWebEngineWidgets.pyd
2017-12-12 14:22 - 2017-12-12 14:22 - 000033792 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\PyQt5.QtWebEngineCore.pyd
2017-12-12 14:22 - 2017-12-12 14:22 - 000032256 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\PyQt5.QtWebChannel.pyd
2017-12-12 14:22 - 2017-12-12 14:22 - 000035328 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\simplejson._speedups.pyd
2017-12-12 14:22 - 2017-12-12 14:22 - 000372736 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\win32com.shell.shell.pyd
2017-12-12 14:22 - 2017-12-12 14:22 - 000013824 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\libEGL.dll
2017-12-12 14:22 - 2017-12-12 14:22 - 001983488 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\libGLESv2.dll
2017-12-12 14:22 - 2017-12-12 14:22 - 000271872 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\amd_ags.dll
2017-12-12 14:22 - 2017-12-12 14:22 - 002658512 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\ltc_host_ex.DLL
2017-12-12 14:22 - 2017-12-12 14:22 - 000027667 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\plugins\audio_output\libdirectsound_plugin.dll
2017-12-12 14:22 - 2017-12-12 14:22 - 000031251 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\plugins\audio_output\libwaveout_plugin.dll
2017-12-12 14:22 - 2017-12-12 14:22 - 000066579 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\plugins\video_output\libdirectdraw_plugin.dll
2015-05-07 19:37 - 2015-05-07 19:37 - 000087040 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\_ctypes.pyd
2015-05-07 19:37 - 2015-05-07 19:37 - 000043008 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\_socket.pyd
2015-05-07 19:37 - 2015-05-07 19:37 - 000805376 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\_ssl.pyd
2015-05-07 19:39 - 2015-05-07 19:39 - 005812736 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\PyQt4.QtGui.pyd
2017-05-04 13:01 - 2017-05-04 13:01 - 000067584 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\sip.pyd
2015-05-07 19:39 - 2015-05-07 19:39 - 001662464 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\PyQt4.QtCore.pyd
2015-05-07 19:39 - 2015-05-07 19:39 - 000494592 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\PyQt4.QtNetwork.pyd
2015-05-07 19:39 - 2015-05-07 19:39 - 000096256 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\win32api.pyd
2015-05-07 19:38 - 2015-05-07 19:38 - 000110592 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\pywintypes26.dll
2015-05-07 19:37 - 2015-05-07 19:37 - 000010240 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\select.pyd
2015-05-07 19:37 - 2015-05-07 19:37 - 000356864 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\_hashlib.pyd
2015-05-07 19:39 - 2015-05-07 19:39 - 000036352 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\win32process.pyd
2015-05-07 19:39 - 2015-05-07 19:39 - 000111104 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\win32file.pyd
2015-05-07 19:37 - 2015-05-07 19:37 - 000044544 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\_sqlite3.pyd
2015-05-07 19:49 - 2015-05-07 19:49 - 000417501 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\sqlite3.dll
2015-05-07 19:39 - 2015-05-07 19:39 - 000167936 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\win32gui.pyd
2015-05-07 19:39 - 2015-05-07 19:39 - 000313856 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\PyQt4.QtWebKit.pyd
2015-05-07 19:37 - 2015-05-07 19:37 - 000127488 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\pyexpat.pyd
2015-05-07 19:37 - 2015-05-07 19:37 - 000009216 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\winsound.pyd
2015-11-13 15:59 - 2015-11-13 15:59 - 000113171 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\libvlc.dll
2015-11-13 15:59 - 2015-11-13 15:59 - 002396691 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\libvlccore.dll
2015-05-07 19:37 - 2015-05-07 19:37 - 000583680 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\unicodedata.pyd
2015-05-07 19:39 - 2015-05-07 19:39 - 000141312 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\gobject._gobject.pyd
2017-05-04 11:33 - 2017-05-04 11:33 - 002717595 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\heliotrope._purple.pyd
2015-05-07 19:49 - 2015-05-07 19:49 - 001213633 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\libxml2-2.dll
2015-05-07 19:55 - 2015-05-07 19:55 - 000055808 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\zlib1.dll
2015-05-07 19:49 - 2015-05-07 19:49 - 000495680 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\plugins\libaim.dll
2015-05-07 19:49 - 2015-05-07 19:49 - 001183699 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\liboscar.dll
2015-05-07 19:49 - 2015-05-07 19:49 - 000483306 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\plugins\libicq.dll
2015-05-07 19:49 - 2015-05-07 19:49 - 000655356 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\plugins\libirc.dll
2015-05-07 19:49 - 2015-05-07 19:49 - 001306387 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\plugins\libmsn.dll
2015-05-07 19:49 - 2015-05-07 19:49 - 000565461 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\plugins\libxmpp.dll
2015-05-07 19:49 - 2015-05-07 19:49 - 001640221 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\libjabber.dll
2015-05-07 19:49 - 2015-05-07 19:49 - 000506276 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\plugins\libyahoo.dll
2015-05-07 19:49 - 2015-05-07 19:49 - 001053730 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\libymsg.dll
2015-05-07 19:49 - 2015-05-07 19:49 - 000497782 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\plugins\libyahoojp.dll
2015-05-07 19:49 - 2015-05-07 19:49 - 000603326 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\plugins\ssl-nss.dll
2015-05-07 19:49 - 2015-05-07 19:49 - 000474199 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\plugins\ssl.dll
2017-02-16 01:45 - 2016-12-12 15:52 - 000442144 _____ () C:\Program Files (x86)\IObit\IObit Malware Fighter\madExcept_.bpl
2017-02-16 01:45 - 2016-12-12 15:52 - 000210720 _____ () C:\Program Files (x86)\IObit\IObit Malware Fighter\madBasic_.bpl
2017-02-16 01:45 - 2016-12-12 15:52 - 000059680 _____ () C:\Program Files (x86)\IObit\IObit Malware Fighter\madDisAsm_.bpl
2017-01-25 14:19 - 2017-05-22 11:16 - 000442144 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\madExcept_.bpl
2017-01-25 14:19 - 2017-05-22 11:16 - 000210720 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\madBasic_.bpl
2017-01-25 14:19 - 2017-05-22 11:16 - 000059680 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\madDisAsm_.bpl
2017-01-25 14:19 - 2017-05-22 11:17 - 000899872 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\webres.dll
2017-01-25 14:19 - 2017-05-23 18:57 - 000631584 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\ProductStatistics.dll
2017-01-25 14:19 - 2017-05-22 11:16 - 000524064 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\sqlite3.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\Temp:2CB9631F [134]
AlternateDataStreams: C:\ProgramData\Temp:91730504 [118]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\IMFservice => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\QQPCRTP => ""="service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\IMFservice => "@"="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\QQPCRTP => ""="service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vsmon => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 20:34 - 2017-09-23 19:37 - 000000881 _____ C:\Windows\system32\Drivers\etc\hosts

0.0.0.1 mssplus.mcafee.com

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1439322100-2213096863-3173725656-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Peter\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

MSCONFIG\Services: iPod Service => 3
MSCONFIG\Services: MBAMScheduler => 2
MSCONFIG\Services: MBAMService => 2
MSCONFIG\Services: mfeicfupdate => 2
MSCONFIG\Services: QQPCRTP => 2
MSCONFIG\Services: YahooAUService => 2
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth.lnk =>
MSCONFIG\startupreg: ZoneAlarm => "C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [SNMP-Out-UDP-NoScope] => (Allow) %SystemRoot%\system32\snmp.exe
FirewallRules: [SNMP-Out-UDP] => (Allow) %SystemRoot%\system32\snmp.exe
FirewallRules: [{B179B4EF-FBFC-4897-884B-7BEE394CCD48}] => (Allow) LPort=80
FirewallRules: [{E2F13B0B-0F10-4C2A-B5C1-0DEC567D0616}] => (Allow) LPort=2869
FirewallRules: [{5CEB2AD5-4567-4A88-83C6-6A5DC5D3C23B}] => (Allow) LPort=1900
FirewallRules: [TCP Query User{D625C008-BDCC-4A21-8EF9-B6BFAEE16A21}C:\program files (x86)\google\chrome\application\chrome.exe] => (Allow) C:\program files (x86)\google\chrome\application\chrome.exe
FirewallRules: [UDP Query User{8E3814D4-7E25-4E7C-96DA-EC3AC3EEA8CC}C:\program files (x86)\google\chrome\application\chrome.exe] => (Allow) C:\program files (x86)\google\chrome\application\chrome.exe
FirewallRules: [{33482EE2-2702-478F-A56D-4E7BFCEB462A}] => (Allow) LPort=2869
FirewallRules: [{2D451413-EE16-4D72-9596-15CDA75BE12B}] => (Allow) LPort=1900
FirewallRules: [{CDA13373-088D-4BA5-88B9-AE4A31EDB0D8}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{1A78E269-36AE-4E6B-B743-8D1B5F69A917}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{981D7289-81B4-4390-842B-8F8B48AB8E88}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{98B0A437-FEA8-4787-B2AE-E185A3E20777}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{0ADB46C7-3DA6-4993-91DC-A86C3B0E18A5}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{6AC395A1-CB47-47B8-916F-787BC411383A}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [TCP Query User{A73CB46C-FA26-43E9-919A-B850657FB1CD}C:\program files (x86)\motorola\software update\msu.exe] => (Allow) C:\program files (x86)\motorola\software update\msu.exe
FirewallRules: [UDP Query User{EA4B1FE3-4FE9-4317-B6AE-729918E01F00}C:\program files (x86)\motorola\software update\msu.exe] => (Allow) C:\program files (x86)\motorola\software update\msu.exe
FirewallRules: [{F61F24CB-A4BD-4453-B6F4-7E6EFD0107D0}] => (Block) LPort=445
FirewallRules: [{01B21D38-EB26-4D10-9E85-EEC78BEDD8C2}] => (Block) LPort=445
FirewallRules: [{3A720A65-98EC-430C-BE58-7356C148D1B8}] => (Allow) C:\Program Files (x86)\IObit\IObit Malware Fighter\Surfing Protection\FFNativeMessage.exe
FirewallRules: [{298ECC80-A804-4A84-BCEE-DEB4DA3AED22}] => (Allow) C:\Program Files (x86)\IObit\IObit Malware Fighter\Surfing Protection\FFNativeMessage.exe
FirewallRules: [{99F58D94-2AD8-4CDB-8E15-9C3A82C08974}] => (Allow) E:\SteamLibrary\SteamApps\common\Myst Masterpiece\Myst.exe
FirewallRules: [{F16362EA-2080-40E7-9435-8430A171475B}] => (Allow) E:\SteamLibrary\SteamApps\common\Myst Masterpiece\Myst.exe
FirewallRules: [{6B661D43-DED7-4A30-8F43-7716C4BD4CB3}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{8FDA5E87-0C63-41B8-BDD7-5BCCFBBE7006}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{181ECCA7-B45D-4EEC-88EF-48F8B985AEF5}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{031580B4-F2EF-4ABE-B90E-446864E5EB0B}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{D94972B9-2271-4D8B-B873-3DB6DD2AD2CA}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{726DCCF8-783E-4DD1-AFA7-D5D286AABC8E}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [{22C37FF7-F1A5-47FB-9FB2-146EC675CEA3}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\4.5.0\DriverBooster.exe
FirewallRules: [{B174807B-8E9B-4EAC-8E6F-2882308F4EFB}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\4.5.0\DriverBooster.exe
FirewallRules: [{280CE3F6-4809-4923-A9E6-DA9C6F4B225B}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\4.5.0\DBDownloader.exe
FirewallRules: [{232589FC-C63A-4B80-B382-244CF23C01AC}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\4.5.0\DBDownloader.exe
FirewallRules: [{2BAE8AA5-46B5-41A3-94AE-4ADDE57DD2F1}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\4.5.0\AutoUpdate.exe
FirewallRules: [{8504D9E2-A2E3-4C77-9A33-F408C9323645}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\4.5.0\AutoUpdate.exe
FirewallRules: [TCP Query User{3377C346-12E0-4D84-90A8-94D7F241FCEE}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{82DC1256-CA36-46EE-81F8-C0701D031832}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [{5587BFCB-50D5-4B74-8FFA-CB7DE391692E}] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [{7CAA7ADD-9618-4653-A4CB-1B6718FD7E1B}] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [{92A18FC6-01D6-495D-8714-4BA5C3BF2BD6}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdater.exe
FirewallRules: [{E27253C2-7F6C-4AC4-85C4-448F9F9E1452}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
FirewallRules: [{7EB13912-A221-4CA9-9A8A-086A13DFB468}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
FirewallRules: [{6843D9A1-08CF-4582-A3C9-0CAC8266B9AF}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
FirewallRules: [{A8705F37-66E5-48C5-BDDA-0B522EE06906}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
FirewallRules: [{77C9BC9D-B791-47A0-A926-3966870701ED}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
FirewallRules: [{117A1EA0-32C1-448B-A5AC-E3E1CA2A83BA}] => (Allow) E:\SteamLibrary\SteamApps\common\realMyst Masterpiece Edition\realMyst.exe
FirewallRules: [{F0A461BA-E58D-4683-B7F7-8BDA9978781B}] => (Allow) E:\SteamLibrary\SteamApps\common\realMyst Masterpiece Edition\realMyst.exe
FirewallRules: [{2E99639F-F4F6-4D81-AFDB-7F4A5B2CB907}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{C15EFDE1-A752-4F87-91F9-FC97330E9565}] => (Allow) C:\Program Files (x86)\BlueStacks\HD-Player.exe
FirewallRules: [{0C45305A-4F68-4471-9145-26DE33ED95AE}] => (Allow) C:\Users\Peter\AppData\Local\Temp\7zS0306\setup\hpznui40.exe
FirewallRules: [{EC2A349D-A203-41C5-9DAB-36FDECF3E675}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
FirewallRules: [{CC27AAAE-7A85-4449-B1E8-5AE5474F19E5}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
FirewallRules: [{0A705B8E-17C5-4894-B066-12338BCAAD7C}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpofxm08.exe
FirewallRules: [{A8992A90-1255-4A27-87B8-7538C2926994}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposfx08.exe
FirewallRules: [{E31BBD8B-FDD2-42BF-B008-F44597617C34}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposid01.exe
FirewallRules: [{B31B209F-610F-47A8-9765-2E90F26F5595}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqkygrp.exe
FirewallRules: [{A6B23CF2-BC2A-422C-A54F-183B044D80FF}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcopy2.exe
FirewallRules: [{6A72F28A-D626-4928-98AF-B84EEE343DAC}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpfccopy.exe
FirewallRules: [{CE677987-6C16-49AF-A516-34EBD9252ACF}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpzwiz01.exe
FirewallRules: [{ED450284-2B95-428B-82EC-89270B45EA9E}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpoews01.exe
FirewallRules: [{F38E22BE-8FCB-4BED-9E92-EA69866F9523}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqnrs08.exe
FirewallRules: [{804414B8-9EB8-4ED5-B613-86E5875665FD}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpiscnapp.exe
FirewallRules: [{0631E994-6323-41C7-A5B2-0FD22A4C00F8}] => (Allow) C:\Program Files (x86)\common files\hp\digital imaging\bin\hpqphotocrm.exe
FirewallRules: [{AEBFAFDC-18AD-40CE-BCF1-C5EEA30F198A}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqsudi.exe
FirewallRules: [{0CD3BE65-7E32-4A10-BAB1-EFCE3976A118}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqpsapp.exe
FirewallRules: [{2692E0B5-34AD-4FDF-AA95-F056E9FD3B9C}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpofxs08.exe
FirewallRules: [{F231E621-43F0-4B94-B2A0-0EDB3A3C43E6}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqfxt08.exe
FirewallRules: [{3ADD0C22-C97D-4352-9494-A0556309867E}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqpse.exe
FirewallRules: [{4ACF9816-D07C-411C-A210-2DE509D9E7BB}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgplgtupl.exe
FirewallRules: [{5BADCEA8-6E1F-4B90-AEFE-79AC2439275C}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
FirewallRules: [{7871640F-004B-4435-9558-DC1192545B86}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgm.exe
FirewallRules: [{CD80F640-810C-42E4-86D8-DA9323CD00CE}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgh.exe
FirewallRules: [{04859238-2E32-421B-8ACD-C48C4136B5E9}] => (Allow) C:\Program Files (x86)\HP\hp software update\hpwucli.exe
FirewallRules: [{38908D4F-5510-4AEE-913C-8EDE8EB7D6D1}] => (Allow) C:\Program Files (x86)\HP\digital imaging\smart web printing\smartwebprintexe.exe
FirewallRules: [{9FD2C192-57F8-401C-A5FE-E440915EAB52}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe
FirewallRules: [{FB2107A9-722A-4100-9A8B-0AAC071EF326}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe
FirewallRules: [{84B4EF59-133C-4936-832A-269E86EA758D}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe
FirewallRules: [{8E090654-174D-4027-87FD-A6FA5C619532}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe
FirewallRules: [{8DBF1B8C-4228-4AEE-A93D-F7D8ADFED191}] => (Allow) C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv.exe
FirewallRules: [{C063F60E-DAC7-4445-AB82-3BA175D8661A}] => (Allow) C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv.exe

==================== Restore Points =========================

Check "winmgmt" service or repair WMI.


==================== Faulty Device Manager Devices =============

Could not list Devices. Check "winmgmt" service or repair WMI.


==================== Event log errors: =========================

Application errors:
==================
Error: (01/27/2018 01:48:56 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (01/27/2018 11:48:46 AM) (Source: MsiInstaller) (EventID: 1013) (User: NT AUTHORITY)
Description: Product: Skype™ 6.11 -- A later version of Skype™ 6.11 is already installed.

Error: (01/27/2018 11:48:42 AM) (Source: MsiInstaller) (EventID: 1013) (User: NT AUTHORITY)
Description: Product: Skype™ 7.0 -- A later version of Skype™ 7.0 is already installed.

Error: (01/27/2018 11:44:49 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (01/27/2018 12:25:09 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 29219

Error: (01/27/2018 12:25:09 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 29219

Error: (01/27/2018 12:25:09 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (01/27/2018 12:25:08 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 28174

Error: (01/27/2018 12:25:08 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 28174

Error: (01/27/2018 12:25:08 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second


System errors:
=============
Error: (01/27/2018 01:48:55 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The ZoneAlarm Privacy Service service failed to start due to the following error:
The service did not respond to the start or control request in a timely fashion.

Error: (01/27/2018 01:48:55 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the ZoneAlarm Privacy Service service to connect.

Error: (01/27/2018 01:48:55 PM) (Source: SNMP) (EventID: 1500) (User: )
Description: The SNMP Service encountered an error while accessing the registry key SYSTEM\CurrentControlSet\Services\SNMP\Parameters\TrapConfiguration.

Error: (01/27/2018 01:48:48 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: The TrueVector Internet Monitor service hung on starting.

Error: (01/27/2018 01:42:23 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 11:51:14 AM on ‎1/‎27/‎2018 was unexpected.

Error: (01/27/2018 11:49:00 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80070643: Update for Skype for Windows desktop 6.11 (KB2876229).

Error: (01/27/2018 11:49:00 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80070643: Update for Skype for Windows desktop 7.0 (KB2876229).

Error: (01/27/2018 11:44:48 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The ZoneAlarm Privacy Service service failed to start due to the following error:
The service did not respond to the start or control request in a timely fashion.

Error: (01/27/2018 11:44:48 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the ZoneAlarm Privacy Service service to connect.

Error: (01/27/2018 11:44:48 AM) (Source: SNMP) (EventID: 1500) (User: )
Description: The SNMP Service encountered an error while accessing the registry key SYSTEM\CurrentControlSet\Services\SNMP\Parameters\TrapConfiguration.


CodeIntegrity:
===================================
Date: 2017-07-28 12:13:39.901
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\NAHIMICAPOlfx.dll because the set of per-page image hashes could not be found on the system.

Date: 2017-07-28 12:13:39.808
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\NAHIMICAPOlfx.dll because the set of per-page image hashes could not be found on the system.

Date: 2017-07-28 12:13:11.841
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\NAHIMICAPOlfx.dll because the set of per-page image hashes could not be found on the system.

Date: 2017-07-28 12:13:11.751
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\NAHIMICAPOlfx.dll because the set of per-page image hashes could not be found on the system.

Date: 2017-07-28 12:13:08.218
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\NAHIMICAPOlfx.dll because the set of per-page image hashes could not be found on the system.

Date: 2017-07-28 12:13:08.126
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\NAHIMICAPOlfx.dll because the set of per-page image hashes could not be found on the system.

Date: 2017-07-28 12:12:31.636
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\NAHIMICAPOlfx.dll because the set of per-page image hashes could not be found on the system.

Date: 2017-07-28 12:12:31.580
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\NAHIMICAPOlfx.dll because the set of per-page image hashes could not be found on the system.

Date: 2017-07-28 12:11:31.467
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\NAHIMICAPOlfx.dll because the set of per-page image hashes could not be found on the system.

Date: 2017-07-28 12:11:31.416
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\NAHIMICAPOlfx.dll because the set of per-page image hashes could not be found on the system.


==================== Memory info ===========================

Processor: Intel® Core™ i7-4820K CPU @ 3.70GHz
Percentage of memory in use: 15%
Total physical RAM: 32706.9 MB
Available physical RAM: 27738.2 MB
Total Virtual: 65411.97 MB
Available Virtual: 58646.42 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:219.51 GB) (Free:5.68 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive e: (New Volume) (Fixed) (Total:929.56 GB) (Free:884.05 GB) NTFS
Drive f: (New Volume) (Fixed) (Total:931.51 GB) (Free:170.74 GB) NTFS
Drive g: (New Volume) (Fixed) (Total:1.95 GB) (Free:0.5 GB) NTFS
Drive p: (RAMDISK) (Fixed) (Total:0.02 GB) (Free:0.01 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 348709AE)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 238.5 GB) (Disk ID: 79EA2D58)
Partition 1: (Active) - (Size=219.5 GB) - (Type=07 NTFS)

========================================================
Disk: 2 (Size: 931.5 GB) (Disk ID: FAC0FAC0)
Partition 1: (Active) - (Size=2 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=929.6 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================

Attached Files


Edited by Oh My!, 27 January 2018 - 03:52 PM.


BC AdBot (Login to Remove)

 


#2 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 37,737 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:08:25 PM

Posted 27 January 2018 - 03:50 PM

Greetings Thundergod67 and :welcome: to BleepingComputer's Virus/Trojan/Spyware/Malware Removal forum.

My name is Oh My! and I am here to help you! Now that we are "friends" please call me Gary.

If you would allow me to call you by your first name I would prefer to do that.

===================================================

Ground Rules:
  • First, I would like to inform you that most of us here at Bleeping Computer offer our expert assistance out of the goodness of our hearts. Please try to match our commitment to you with your patience toward us. If this was easy we would never have met.
  • Please do not run any tools or take any steps other than those I will provide for you while we work on your computer together. I need to be certain about the state of your computer in order to provide appropriate and effective steps for you to take. Most often "well intentioned" (and usually panic driven!) independent efforts can make things much worse for both of us. If at any point you would prefer to take your own steps please let me know, I will not be offended. I would be happy to focus on the many others who are waiting in line for assistance.
  • Please perform all steps in the order they are listed in each set of instructions. Some steps may be a bit complicated. If things are not clear, be sure to stop and let me know. We need to work on this together with confidence.
  • Please copy and paste all logs into your post unless directed otherwise. Please do not re-run any programs I suggest. If you encounter problems simply stop and tell me.
  • If you do not reply to your topic after 5 days we assume it has been abandoned and I will close it.
  • When your computer is clean I will alert you of such. I will also provide for you detailed information about how you can combat future infections.
  • I would like to remind you to make no further changes to your computer unless I direct you to do so.
===================================================

Now that I am assisting you, you can expect that I will be very responsive to your situation. If you are able, I would request you check this thread at least once per day so that we can try to resolve your issues effectively and efficiently. If you are going to be delayed please be considerate and post that information so that I know you are still with me. Unfortunately, there are many people waiting to be assisted and not enough of us at BleepingComputer to go around. I appreciate your understanding and diligence.

Thank you for your patience thus far. Please allow me just a bit of time to review what you have posted.
Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#3 Thundergod67

Thundergod67
  • Topic Starter

  • Members
  • 57 posts
  • OFFLINE
  •  
  • Local time:10:25 PM

Posted 27 January 2018 - 04:08 PM

Hi Gary,

 

I'm Peter, and Thanks! I'll try to get you anything that you need.



#4 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 37,737 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:08:25 PM

Posted 27 January 2018 - 05:11 PM

Greetings.

I would like to clarify the state of your computer.
 

If I choose lock, log off, switch, it will go back to the normal log in screen.

Does this mean you can then successfully log in or when you go through these steps you still get the black screen?''

 

Describe how you were able to run a scan in Normal Boot (the above question may answer that).


Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#5 Thundergod67

Thundergod67
  • Topic Starter

  • Members
  • 57 posts
  • OFFLINE
  •  
  • Local time:10:25 PM

Posted 28 January 2018 - 12:06 AM

Gary,

 

I can log into the computer, and then it is the black screen. If all I do is log-in, it will stay black screen forever.

 

If I log-in, then Cntrl-Alt-Delete, the screen comes on that is blue...allowing me to open the task manger. Task Manager opens...but nothing else is there...black screen again. If I then select New Task, then browse, then I can open the system tree until I get to System32 folder. I then find the Exe file for Firefox, and hit ok. I can see in the cpu usage at the bottom that the usage goes up after hitting "ok", seeming to mean that it is trying to start the browser. But nothing happens...initially. After another while (sometimes as little as ten minutes, once almost an hour)...Firefox will start, followed by the rest of my things: desktop, Outlook, etc. The computer will then behave correctly for as long as I want to use it. But upon a restart, I am back to black screen after log-in. If I don't try to start up firefox (will work with IE, also)...it will never respond. I have let it sit for hours, once the better part of a day before giving up.

 

I know thats convoluted, but hope it helps.

 

Peter



#6 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 37,737 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:08:25 PM

Posted 28 January 2018 - 09:34 AM

Thank you Peter, that is helpful.

First, see if you can boot into Safe Mode. Let me know if you can do that normally or if you have to go through the similar Task Manager steps. If you can't get into Safe Mode to run the below then do it in Normal boot.

===================================================

Uninstalling Programs Using Revo Uninstaller Free

--------------------

I recommend uninstalling the below listed program(s) from your computer.
  • Right click Revo Uninstaller and select Run as administrator
  • From the list of programs double click on the listed program(s), or anything similar, to remove it (if it exists)
Advanced SystemCare 10
Auslogics Registry Cleaner
CCleaner 
Driver Booster 4.5
DriverMax 9
DriverTuner 4.5
IObit Malware Fighter 5 
IObit Uninstaller
McAfee Safe Connect 
McAfee Security Scan Plus
Wise Memory Optimizer 3.41
ZookaWare
  • Click Yes to any warning screen that may appear
  • If presented with the program uninstall option click Uninstall
  • If asked to restart now click No
  • Under Scanning Modes select Advanced then select Scan
  • On the Found leftover Registry items window click Select All, Delete, then Yes
  • If prompted click on Next
  • On the Found leftover files and folders window click on Select all, Delete, Yes, OK on any warning screen, then Finish
  • Reboot your computer into Normal Boot and check the performance
===================================================

Things I would like to see in your next reply. Please be sure to copy and paste any requested log information unless you are asked to attach it. :thumbsup2:
  • Boot into Safe Mode?
  • Programs uninstall?
  • Can you boot normally?

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#7 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 37,737 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:08:25 PM

Posted 31 January 2018 - 10:38 AM

Greetings,

===================================================

Do You Still Need Help?

It has been 3 days since my last post.
  • Do you still need help with this?
  • If you have not replied within 48 hours I will assume you have abandoned the Topic and it will be closed.

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#8 Thundergod67

Thundergod67
  • Topic Starter

  • Members
  • 57 posts
  • OFFLINE
  •  
  • Local time:10:25 PM

Posted 31 January 2018 - 11:50 PM

I am sorry about the latestness of my reply, and will not let it happen again.. Yes, I still need help. As soon as I hit send on this note, I will get the items taken care of from your last message. Then I will log back in to let you know how it went.

 

Thanks

 

Peter



#9 Thundergod67

Thundergod67
  • Topic Starter

  • Members
  • 57 posts
  • OFFLINE
  •  
  • Local time:10:25 PM

Posted 01 February 2018 - 12:19 AM

I re-started my computer into normal mode, but it still behaves the exact same way. No change.



#10 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 37,737 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:08:25 PM

Posted 01 February 2018 - 03:31 PM

Hi Peter.

Were you able to boot into Safe Mode normally?
Were you able to uninstall all of the programs?
Please run a fresh FRST scan in Normal Boot and post both reports.
Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#11 Thundergod67

Thundergod67
  • Topic Starter

  • Members
  • 57 posts
  • OFFLINE
  •  
  • Local time:10:25 PM

Posted 01 February 2018 - 03:49 PM

Gary,

I was able to boot to safe mode, after repeatedly hiting F8. It did not, however, work any differently than what it does in normal boot. I was able to complete your list of uninstalls while in safe mode once I got it to load in the same way that I described. All the uninstalls worked using Revo.

I am pasting in the new scans.

I TRIED to paste in the scans. I get an error that says "post_to_long"
:

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 27.01.2018
Ran by Peter (administrator) on PETER-PC (01-02-2018 14:34:33)
Running from C:\Users\Peter\Desktop
Loaded Profiles: Peter (Available Profiles: Peter & Katiana & Dr. Kitten & Administrator & DefaultAppPool)
Platform: Windows 7 Professional Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Check Point Software Technologies Ltd.) C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Advanced Micro Devices) C:\Program Files\AMD\{920DEC42-4CA5-4d1d-9487-67BE645CDDFC}\amdacpusrsvc.exe
(IObit) C:\Program Files (x86)\IObit\Smart Defrag\SmartDefrag.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
() C:\Program Files (x86)\Corsair\Corsair Link\CorsairLink.exe
() C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe
() C:\Program Files (x86)\ASUS\ASUS ROG Connect Plus\RC TweakIt Server\AsBCLK.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AAHM\1.00.22\aaHMSvc.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Paramount Software UK Ltd) C:\Program Files\Macrium\Common\ReflectUI.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe
(DT Soft Ltd) C:\Program Files (x86)\DAEMON Tools Pro\DTShellHlp.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Security\WDDriveAutoUnlock.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\ONENOTEM.EXE
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Paramount Software UK Ltd) C:\Program Files\Macrium\Common\MacriumService.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe
() C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe
(Paramount Software UK Ltd) C:\Program Files\Macrium\Common\ReflectMonitor.exe
(Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe
() C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperAgent.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.7\GoogleCrashHandler.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.7\GoogleCrashHandler64.exe
(Copyright © 2017 Plays.tv, LLC) C:\Program Files (x86)\Raptr Inc\PlaysTV\plays_service.exe
(Motorola) C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe
(Microsoft Corporation) C:\Windows\System32\TCPSVCS.EXE
(Microsoft Corporation) C:\Windows\System32\snmp.exe
(DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe
(Malwarebytes) E:\Program Files\Anti-Malware\MBAMService.exe
(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(IObit) C:\Program Files (x86)\IObit\Smart Defrag\Pub\PubMonitor.exe
(Raptr, Inc) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe
(Copyright © 2017 Plays.tv, LLC) C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv.exe
(Raptr, Inc) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe
(Malwarebytes) E:\Program Files\Anti-Malware\mbamtray.exe
() C:\Program Files (x86)\Raptr Inc\PlaysTV\QtWebEngineProcess.exe
() C:\Program Files (x86)\Raptr Inc\PlaysTV\QtWebEngineProcess.exe
() C:\Program Files (x86)\Raptr Inc\PlaysTV\QtWebEngineProcess.exe
() C:\Program Files (x86)\Raptr Inc\PlaysTV\QtWebEngineProcess.exe
() C:\Program Files (x86)\Raptr Inc\PlaysTV\QtWebEngineProcess.exe
(Raptr Inc.) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_ep64.exe
(Raptr Inc.) C:\Program Files (x86)\Raptr Inc\PlaysTV\plays_ep64.exe
(Samsung Electronics Co. Ltd.) C:\Program Files (x86)\Samsung\Samsung Magician\SamsungMagician.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\amddvr.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\amdow.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\OUTLOOK.EXE
(Microsoft Corporation) C:\Windows\System32\PrintIsolationHost.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9068040 2016-11-09] (Realtek Semiconductor)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [303928 2017-05-09] (Apple Inc.)
HKLM\...\Run: [Reflect UI] => C:\Program Files\Macrium\Common\ReflectUI.exe [3465608 2017-10-01] (Paramount Software UK Ltd)
HKLM-x32\...\Run: [WD Drive Unlocker] => C:\Program Files (x86)\Western Digital\WD Security\WDDriveAutoUnlock.exe [1694080 2013-06-18] (Western Digital Technologies, Inc.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [67896 2017-05-08] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-09-05] (Oracle Corporation)
HKLM-x32\...\Run: [Raptr] => C:\Program Files (x86)\Raptr Inc\Raptr\raptrstub.exe [58584 2018-01-22] (Raptr, Inc)
HKLM-x32\...\Run: [hpqSRMon] => C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe [150528 2008-07-22] (Hewlett-Packard)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [54840 2007-05-08] (Hewlett-Packard)
HKLM-x32\...\Run: [PlaysTV] => C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv_launcher.exe [51416 2017-12-12] (Copyright © 2017 Plays.tv, LLC)
HKU\S-1-5-19\...\Run: [Sidebar] => %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
HKU\S-1-5-20\...\Run: [Sidebar] => %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
HKU\S-1-5-21-1439322100-2213096863-3173725656-1000\...\Run: [GalaxyClient] => C:\Program Files (x86)\GOG Galaxy\GalaxyClient.exe [5362760 2018-01-10] (GOG.com)
HKU\S-1-5-21-1439322100-2213096863-3173725656-1000\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-1439322100-2213096863-3173725656-1000\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\S-1-5-21-1439322100-2213096863-3173725656-1000\...\MountPoints2: D - D:\setup.exe
HKU\S-1-5-21-1439322100-2213096863-3173725656-1000\...\MountPoints2: {a078e09c-1169-11e6-b69f-240a64ded1ff} - H:\TL_Bootstrap.exe
HKU\S-1-5-21-1439322100-2213096863-3173725656-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\ROG_VI~1.SCR [201728 2011-10-25] (ScreenTime Media)
HKU\S-1-5-18\...\Run: [Skype] => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
Lsa: [Notification Packages] scecli C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter C:\Program Files\WIDCOMM\Bluetooth Software\BtwProximityCP.dll
Startup: C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\12Ghosts Wash.lnk [2018-01-19]
ShortcutTarget: 12Ghosts Wash.lnk -> C:\Program Files (x86)\12Ghosts\12wash.exe (12Ghosts Inc. - www.12Ghosts.com)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2018-01-15]
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
Startup: C:\Users\Peter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\12Ghosts Wash.lnk [2017-06-27]
ShortcutTarget: 12Ghosts Wash.lnk -> C:\Program Files (x86)\12Ghosts\12wash.exe (12Ghosts Inc. - www.12Ghosts.com)
Startup: C:\Users\Peter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Send to OneNote.lnk [2018-01-26]
ShortcutTarget: Send to OneNote.lnk -> C:\Program Files\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation)
GroupPolicy: Restriction <==== ATTENTION
GroupPolicy\User: Restriction <==== ATTENTION
GroupPolicyUsers\S-1-5-21-1439322100-2213096863-3173725656-1007\User: Restriction <==== ATTENTION
GroupPolicyUsers\S-1-5-21-1439322100-2213096863-3173725656-1005\User: Restriction <==== ATTENTION
GroupPolicyUsers\S-1-5-21-1439322100-2213096863-3173725656-1003\User: Restriction <==== ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{1139B926-537F-431D-88FF-18D61F31698F}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{EDBC27DC-2D80-4CF4-BFF0-02B97827B423}: [NameServer] 8.26.56.26,8.20.247.20

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_151\bin\ssv.dll [2017-10-19] (Oracle Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\root\Office16\URLREDIR.DLL [2018-01-21] (Microsoft Corporation)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_151\bin\jp2ssv.dll [2017-10-19] (Oracle Corporation)
BHO-x32: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-09-20] (Hewlett-Packard Co.)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2018-01-21] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\URLREDIR.DLL [2018-01-21] (Microsoft Corporation)
BHO-x32: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-09-20] (Hewlett-Packard Co.)
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler-x32: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - C:\Program Files (x86)\Belarc\BelarcAdvisor\System\BAVoilaX.dll [2016-01-04] (Belarc, Inc.)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2018-01-21] (Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2018-01-21] (Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2018-01-21] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2018-01-21] (Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2018-01-21] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2018-01-21] (Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2018-01-21] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2018-01-21] (Microsoft Corporation)

FireFox:
========
FF DefaultProfile: 514ab5iw.default-1485635028814-1516900905494
FF ProfilePath: C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\514ab5iw.default-1485635028814-1516900905494 [2018-02-01]
FF Session Restore: Mozilla\Firefox\Profiles\514ab5iw.default-1485635028814-1516900905494 -> is enabled.
FF Extension: (LastPass: Free Password Manager) - C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\514ab5iw.default-1485635028814-1516900905494\Extensions\support@lastpass.com.xpi [2018-01-25]
FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: (HP Smart Web Printing) - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2018-01-15] [Legacy] [not signed]
FF HKU\S-1-5-21-1439322100-2213096863-3173725656-1000\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF HKU\S-1-5-21-1439322100-2213096863-3173725656-1000\...\SeaMonkey\Extensions: [mozilla_cc2@internetdownloadmanager.com] - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi => not found
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_28_0_0_126.dll [2017-12-28] ()
FF Plugin: @java.com/DTPlugin,version=11.151.2 -> C:\Program Files\Java\jre1.8.0_151\bin\dtplugin\npDeployJava1.dll [2017-10-19] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.151.2 -> C:\Program Files\Java\jre1.8.0_151\bin\plugin2\npjp2.dll [2017-10-19] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2018-01-21] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_28_0_0_126.dll [2017-12-28] ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2016-09-06] (Google)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2015-10-13] (Google, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.0.72 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-05-13] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-05-13] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.21.2 -> C:\Windows\SysWOW64\npDeployJava1.dll [2017-07-11] (Oracle Corporation)
FF Plugin-x32: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 -> C:\Program Files (x86)\Yahoo!\Shared\npYState.dll [2012-05-25] (Yahoo! Inc.)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2018-01-21] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-14] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-14] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-11-04] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1439322100-2213096863-3173725656-1000: @citrixonline.com/appdetectorplugin -> C:\Users\Peter\AppData\Local\Citrix\Plugins\104\npappdetector.dll [2014-10-16] (Citrix Online)
FF Plugin HKU\S-1-5-21-1439322100-2213096863-3173725656-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Peter\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-06-08] (Unity Technologies ApS)
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\itms.js [2017-05-09]

Chrome:
=======
CHR HomePage: Default -> hxxps://search.yahoo.com/?type=430075&fr=yo-yhp-ch
CHR StartupUrls: Default -> "hxxps://search.yahoo.com/?type=430075&fr=yo-yhp-ch"
CHR Profile: C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default [2018-01-27]
CHR Extension: (YouTube) - C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-01-01]
CHR Extension: (Google Search) - C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-01-19]
CHR Extension: (Unlimited Free VPN - Hola) - C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkojfkhlekighikafcpjkiklfbnlmeio [2017-02-26]
CHR Extension: (Helium Backup) - C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpglbgbpeobllokpmeagpoagjbfknanl [2017-07-21]
CHR Extension: (Skype) - C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2017-07-21]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-07-04]
CHR Extension: (Chrome Media Router) - C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-07-21]
CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - <no Path/update_url>
CHR HKU\S-1-5-21-1439322100-2213096863-3173725656-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [hcjjaajflhellmcfcecojihhmdbjmmlm] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 amdacpusrsvc; C:\Program Files\AMD\{920DEC42-4CA5-4d1d-9487-67BE645CDDFC}\amdacpusrsvc.exe [121856 2017-12-06] (Advanced Micro Devices) [File not signed]
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2017-04-03] (Apple Inc.)
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe [936728 2013-06-04] ()
S4 ASGT; C:\Windows\SysWOW64\ASGT.exe [55296 2012-01-17] () [File not signed]
R2 asHmComSvc; C:\Program Files (x86)\ASUS\AAHM\1.00.22\aaHMSvc.exe [954648 2013-08-01] (ASUSTeK Computer Inc.)
S4 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe [1360016 2014-04-24] () [File not signed]
S4 AsusFanControlService; C:\Program Files (x86)\ASUS\AsusFanControlService\1.08.15\AsusFanControlService.exe [419288 2016-05-19] (ASUSTeK Computer Inc.)
S2 AUEPLauncher; C:\Program Files (x86)\AMD\Performance Profile Client\AUEPLauncher.exe [9216 2017-12-17] () [File not signed]
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [7780528 2018-01-15] (Microsoft Corporation)
S4 CLKMSVC10_38F51D56; C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe [243464 2013-09-02] (CyberLink)
S3 GalaxyClientService; C:\Program Files (x86)\GOG Galaxy\GalaxyClientService.exe [532552 2018-01-10] (GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [8345672 2017-12-07] (GOG.com)
R3 hpqcxs08; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll [249344 2009-09-20] (Hewlett-Packard Co.) [File not signed]
R2 hpqddsvc; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll [133120 2009-09-20] (Hewlett-Packard Co.) [File not signed]
R2 HPSLPSVC; C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL [1037824 2009-09-20] (Hewlett-Packard Co.) [File not signed]
S4 IAStorDataMgrSvc; C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-07] (Intel Corporation)
S4 Intel® Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [732160 2012-12-10] (Intel® Corporation) [File not signed]
S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [803872 2012-12-10] (Intel® Corporation)
S4 IntelBCAsvc; C:\Program Files\Intel\BCA\pabeSvc64.exe [3026584 2016-05-06] (Intel® Corporation)
S4 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [169432 2013-05-13] (Intel Corporation)
R2 MacriumService; C:\Program Files\Macrium\Common\MacriumService.exe [4091112 2017-11-09] (Paramount Software UK Ltd)
R2 MBAMService; E:\Program Files\Anti-Malware\mbamservice.exe [6234056 2017-11-01] (Malwarebytes)
R2 Motorola Device Manager; C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe [116632 2012-07-17] ()
S2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2008-12-03] (Hewlett-Packard) [File not signed]
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2154816 2018-01-20] (Electronic Arts)
R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3024712 2018-01-20] (Electronic Arts)
R2 PlaysService; C:\Program Files (x86)\Raptr Inc\PlaysTV\plays_service.exe [55000 2017-12-12] (Copyright © 2017 Plays.tv, LLC)
S2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2008-12-03] (Hewlett-Packard) [File not signed]
R2 PST Service; C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe [65657 2011-09-02] (Motorola) [File not signed]
S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [118520 2013-02-28] (Riverbed Technology, Inc.)
S4 Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [1363160 2014-11-28] (Secunia)
S4 Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [765144 2014-11-28] (Secunia)
R2 SNMP; C:\Windows\System32\snmp.exe [49664 2010-11-20] (Microsoft Corporation)
R2 SNMP; C:\Windows\SysWOW64\snmp.exe [47616 2010-11-20] (Microsoft Corporation)
R2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [752224 2017-01-16] (DEVGURU Co., LTD.)
S4 TlntSvr; C:\Windows\System32\tlntsvr.exe [81920 2009-07-13] (Microsoft Corporation)
S4 TrueKey; C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe [908256 2016-07-14] (McAfee, Inc.)
S4 TrueKeyScheduler; C:\Program Files\TrueKey\McTkSchedulerService.exe [15736 2016-07-14] (McAfee, Inc.)
S3 TrueKeyServiceHelper; C:\Program Files\TrueKey\McAfee.TrueKey.ServiceHelper.exe [86864 2016-07-14] (McAfee, Inc.)
U2 vsmon; C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe [4087568 2016-10-11] (Check Point Software Technologies Ltd.)
R2 WDBackup; C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe [1049464 2016-04-19] (Western Digital Technologies, Inc.)
R3 WDDriveService; C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe [314744 2016-04-19] (Western Digital Technologies, Inc.)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-26] (Microsoft Corporation)
S2 ZAPrivacyService; C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZaPrivacyService.exe [114936 2016-10-06] (Check Point Software Technologies, Ltd.)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 12Ghosts 12-Z; C:\Program Files (x86)\12Ghosts\12kernel.sys [8224 2010-02-04] ()
S3 AiChargerPlus; C:\Windows\SysWow64\drivers\AiChargerPlus.sys [14848 2013-01-28] (ASUSTek Computer Inc.)
R2 amdacpksd; C:\Windows\system32\drivers\amdacpksd.sys [305544 2017-12-06] (Advanced Micro Devices)
R0 asahci64; C:\Windows\System32\drivers\asahci64.sys [47512 2013-01-10] (Asmedia Technology) [File not signed]
R2 ASInsHelp; C:\Windows\SysWow64\drivers\AsInsHelp64.sys [11832 2013-01-08] ()
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2014-02-20] ()
S3 ASMTFilter; C:\Windows\SysWow64\drivers\asmtufdriver.sys [21400 2013-01-28] (hxxp://www.asmedia.com.tw) [File not signed]
R2 AsRamDisk; C:\Windows\System32\DRIVERS\asramdisk.sys [105784 2013-05-13] (Asus)
S3 ASUSFILTER; C:\Windows\SysWow64\drivers\ASUSFILTER.sys [46152 2011-09-20] (MCCI Corporation)
S3 AWEAlloc; C:\Windows\System32\DRIVERS\awealloc.sys [21456 2012-12-20] (Olof Lagerkvist)
S3 bcbtums; C:\Windows\System32\drivers\bcbtums.sys [172760 2013-10-01] (Broadcom Corporation.)
S3 BCM42RLY; no ImagePath
S3 BstkDrv; C:\Program Files (x86)\BlueStacks\BstkDrv.sys [269408 2017-12-16] (Bluestack System Inc. )
S3 CorsairAudioFilter; C:\Windows\System32\DRIVERS\corsveng2kamd64.sys [112808 2014-08-15] (Corsair Components, Inc.)
S3 dg_ssudbus; C:\Windows\System32\DRIVERS\ssudbus.sys [131984 2017-05-18] (Samsung Electronics Co., Ltd.)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2017-02-10] (DT Soft Ltd)
S3 hitmanpro37; C:\Windows\system32\drivers\hitmanpro37.sys [43664 2015-08-17] ()
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [27552 2017-02-16] (REALiX™)
R0 iaStorF; C:\Windows\System32\drivers\iaStorF.sys [40464 2017-02-21] (Intel Corporation)
S3 keycrypt; C:\Windows\System32\DRIVERS\KeyCrypt64.sys [161408 2017-01-30] (Zemana Ltd.)
R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [193968 2018-01-31] (Malwarebytes)
R3 MBAMFarflt; C:\Windows\System32\DRIVERS\farflt.sys [110016 2018-01-31] (Malwarebytes)
R3 MBAMProtection; C:\Windows\System32\DRIVERS\mbam.sys [46008 2018-01-31] (Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [253880 2018-01-31] (Malwarebytes)
R3 MBAMWebProtection; C:\Windows\System32\DRIVERS\mwac.sys [84256 2018-02-01] (Malwarebytes)
S3 MotDev; C:\Windows\System32\DRIVERS\motodrv.sys [53632 2009-05-08] (Motorola Inc) [File not signed]
S3 motmodem; C:\Windows\System32\DRIVERS\motmodem.sys [31232 2012-06-08] (Motorola Mobility Inc) [File not signed]
S3 motport; C:\Windows\System32\DRIVERS\motport.sys [31232 2012-06-08] (Motorola Mobility Inc) [File not signed]
R2 NPF; C:\Windows\System32\drivers\npf.sys [36600 2013-02-28] (Riverbed Technology, Inc.)
S3 pikbd; C:\Windows\System32\DRIVERS\pikbd.sys [41368 2016-11-17] ()
S3 pimou; C:\Windows\System32\DRIVERS\pimou.sys [42392 2016-11-17] (Christian Gulden)
S3 PSI; C:\Windows\System32\DRIVERS\psi_mf_amd64.sys [18456 2014-11-28] (Secunia)
S1 QMUdisk; no ImagePath
R0 SmartDefragDriver; C:\Windows\System32\Drivers\SmartDefragDriver.sys [30744 2017-03-09] (IObit)
S1 softaal; no ImagePath
S3 ssudmdm; C:\Windows\System32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd.)
S2 tsnethlpx64; no ImagePath
S3 TSSKX64; C:\Windows\System32\drivers\tsskx64.sys [52728 2017-02-10] ([font='microsoft jhenghei', sans-serif]电脑管家)
S3 usbbus; no ImagePath
S3 UsbDiag; no ImagePath
S3 USBModem; no ImagePath
R1 VBoxNetLwf; C:\Windows\System32\DRIVERS\VBoxNetLwf.sys [185552 2016-07-20] (Oracle Corporation)
R1 Vsdatant; C:\Windows\System32\DRIVERS\vsdatant.sys [462272 2016-10-11] (Check Point Software Technologies Ltd.)
S3 vzandnetbus; no ImagePath
S3 vzandnetdiag; no ImagePath
S3 vzandnetmodem; no ImagePath
S1 ZAM; no ImagePath
S1 ZAM_Guard; no ImagePath
S3 atillk64; \??\C:\Users\ADMINI~1\AppData\Local\Temp\RarSFX0\atillk64.sys [X] <==== ATTENTION
R3 cpuz138; \??\C:\Users\Peter\AppData\Local\Temp\cpuz138\cpuz138_x64.sys [X] <==== ATTENTION
U3 iswSvc; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-02-01 14:34 - 2018-02-01 14:35 - 000030528 _____ C:\Users\Peter\Desktop\FRST.txt
2018-01-31 23:16 - 2018-01-31 23:16 - 000008192 _____ C:\Windows\SysWOW64\WDPABKP.dat
2018-01-31 22:53 - 2018-01-31 22:59 - 000000394 _____ C:\Windows\Tasks\RunAsStdUser Task.job
2018-01-31 22:33 - 2018-01-31 22:40 - 000103470 _____ C:\Windows\ntbtlog.txt
2018-01-31 17:37 - 2018-01-31 17:37 - 000000000 ____D C:\Users\Dr. Kitten\.QtWebEngineProcess
2018-01-31 17:37 - 2018-01-31 17:37 - 000000000 ____D C:\Users\Dr. Kitten\.Plays.tv
2018-01-29 21:09 - 2018-01-29 21:09 - 000000326 _____ C:\Users\Peter\Desktop\HP Printer Diagnostic Tools.url
2018-01-27 14:11 - 2018-01-27 14:11 - 000000000 ____D C:\Users\Peter\Desktop\FRST-OlderVersion
2018-01-27 11:50 - 2018-01-27 11:50 - 000456568 _____ (ASMedia Technology Inc) C:\Windows\system32\Drivers\asmtxhci.sys
2018-01-27 11:50 - 2018-01-27 11:50 - 000151416 _____ (ASMedia Technology Inc) C:\Windows\system32\Drivers\asmthub3.sys
2018-01-27 11:50 - 2018-01-27 11:50 - 000028024 _____ C:\Windows\system32\asmtxhcicoinstaller.dll
2018-01-25 11:21 - 2018-01-25 11:21 - 000000000 ____D C:\Users\Peter\Desktop\Old Firefox Data
2018-01-25 07:58 - 2018-01-28 11:37 - 000000000 ____D C:\Users\Peter\AppData\LocalLow\HPAppData
2018-01-23 08:04 - 2018-01-23 08:04 - 000000000 ____D C:\Program Files\Common Files\DESIGNER
2018-01-20 16:06 - 2018-01-20 16:06 - 000003272 _____ C:\Windows\System32\Tasks\SamsungMagician
2018-01-20 16:06 - 2018-01-20 16:06 - 000001238 _____ C:\Users\Public\Desktop\Samsung Magician.lnk
2018-01-20 16:06 - 2018-01-20 16:06 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung Magician
2018-01-20 16:01 - 2018-01-20 16:01 - 000000000 ____D C:\Program Files (x86)\New folder
2018-01-20 15:49 - 2018-01-20 15:49 - 000001952 _____ C:\Users\Public\Desktop\Macrium Reflect.lnk
2018-01-20 15:49 - 2018-01-20 15:49 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Macrium
2018-01-20 15:49 - 2018-01-20 15:49 - 000000000 ____D C:\Program Files\Macrium
2018-01-20 14:55 - 2018-01-20 14:55 - 000001051 _____ C:\Users\Peter\Desktop\SpeedyFixer.lnk
2018-01-20 14:55 - 2018-01-20 14:55 - 000000000 ____D C:\Users\Peter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpeedyFixer
2018-01-20 14:55 - 2018-01-20 14:55 - 000000000 ____D C:\Program Files (x86)\SpeedyFixer
2018-01-20 14:31 - 2018-01-20 14:31 - 000000000 ____D C:\Program Files\backup
2018-01-20 14:31 - 2018-01-20 14:31 - 000000000 ____D C:\Program Files (x86)\backup
2018-01-20 14:28 - 2018-01-20 15:50 - 000000000 ____D C:\ProgramData\Macrium
2018-01-20 12:47 - 2018-01-20 12:47 - 000001117 _____ C:\Users\Public\Desktop\DriveImage XML.lnk
2018-01-20 12:47 - 2018-01-20 12:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Runtime Software
2018-01-20 12:45 - 2018-01-20 12:45 - 002023440 _____ C:\Users\Peter\Desktop\dixmlsetup.exe
2018-01-20 12:24 - 2018-01-20 12:24 - 002834285 _____ C:\Users\Peter\Desktop\mb-check-results.zip
2018-01-20 12:23 - 2018-01-20 12:23 - 002326984 _____ (Malwarebytes Corporation) C:\Users\Peter\Desktop\mb-check-3.1.9.1001.exe
2018-01-20 12:15 - 2018-01-27 14:11 - 002393088 _____ (Farbar) C:\Users\Peter\Desktop\FRST64.exe
2018-01-20 00:18 - 2018-01-31 23:16 - 000253880 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2018-01-20 00:18 - 2018-01-31 22:40 - 000193968 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamChameleon.sys
2018-01-19 23:50 - 2018-01-19 23:50 - 011205832 _____ (Piriform Ltd) C:\Users\Administrator\Downloads\ccsetup539.exe
2018-01-19 23:48 - 2018-01-19 23:48 - 011203712 _____ (Piriform Ltd) C:\Users\Administrator\Downloads\ccsetup539pro.exe
2018-01-19 23:48 - 2018-01-19 23:48 - 011203712 _____ (Piriform Ltd) C:\Users\Administrator\Downloads\ccsetup539pro(1).exe
2018-01-19 23:42 - 2018-01-19 23:42 - 011578344 _____ (Auslogics ) C:\Users\Administrator\Downloads\registry-cleaner-setup.exe
2018-01-19 23:25 - 2018-02-01 13:05 - 000084256 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys
2018-01-19 23:25 - 2018-01-31 23:16 - 000110016 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt.sys
2018-01-19 23:25 - 2018-01-31 23:16 - 000046008 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2018-01-15 16:45 - 2018-01-15 16:45 - 000002363 _____ C:\Users\Public\Desktop\Add a Device - Photosmart All-In-One series.lnk
2018-01-15 16:45 - 2018-01-15 16:45 - 000000000 ____D C:\Users\Peter\AppData\Roaming\HP
2018-01-15 16:40 - 2018-01-15 16:40 - 000002173 _____ C:\Users\Public\Desktop\HP Photosmart Essential 3.5.lnk
2018-01-15 16:40 - 2018-01-15 16:40 - 000001058 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\I.R.I.S. OCR Registration.lnk
2018-01-15 16:39 - 2018-01-15 16:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
2018-01-15 16:39 - 2018-01-15 16:39 - 000001327 _____ C:\ProgramData\Microsoft\Windows\Start Menu\HP Solution Center.lnk
2018-01-15 16:39 - 2018-01-15 16:39 - 000001321 _____ C:\Users\Public\Desktop\HP Solution Center.lnk
2018-01-15 16:39 - 2018-01-15 16:39 - 000001163 _____ C:\Users\Public\Desktop\Shop for HP Supplies.lnk
2018-01-15 16:39 - 2018-01-15 16:39 - 000000000 ____D C:\Windows\SysWOW64\spool
2018-01-15 16:39 - 2018-01-15 16:39 - 000000000 ____D C:\ProgramData\HP Product Assistant
2018-01-15 16:36 - 2018-01-15 16:40 - 000000000 ____D C:\Program Files (x86)\HP
2018-01-15 16:35 - 2018-01-15 16:35 - 000000000 ____D C:\Program Files\HP
2018-01-15 16:20 - 2018-01-15 16:45 - 000210696 _____ C:\Windows\hpoins21.dat
2018-01-15 16:20 - 2018-01-15 16:39 - 000000000 ____D C:\ProgramData\HP
2018-01-15 16:20 - 2009-10-07 19:26 - 000005474 ____N C:\Windows\hpomdl21.dat
2018-01-08 02:07 - 2018-01-20 13:15 - 000001187 _____ C:\Users\Peter\Desktop\Roblox Studio.lnk
2018-01-06 16:10 - 2018-01-06 16:10 - 000002403 _____ C:\Users\Peter\Desktop\Final Fantasy XV A New Empire.lnk
2018-01-06 15:33 - 2018-01-06 15:33 - 000001545 _____ C:\Users\Public\Desktop\BlueStacks.lnk
2018-01-06 15:33 - 2018-01-06 15:33 - 000001545 _____ C:\ProgramData\Microsoft\Windows\Start Menu\BlueStacks.lnk
2018-01-06 15:31 - 2018-01-06 15:32 - 000000000 ____D C:\Program Files (x86)\BlueStacks
2018-01-05 13:32 - 2017-12-31 20:21 - 005581544 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2018-01-05 13:32 - 2017-12-31 20:21 - 001680616 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2018-01-05 13:32 - 2017-12-31 20:21 - 000948968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2018-01-05 13:32 - 2017-12-31 20:21 - 000708328 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2018-01-05 13:32 - 2017-12-31 20:21 - 000288488 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fltMgr.sys
2018-01-05 13:32 - 2017-12-31 20:21 - 000262376 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll
2018-01-05 13:32 - 2017-12-31 20:21 - 000213736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdyboost.sys
2018-01-05 13:32 - 2017-12-31 20:21 - 000154856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2018-01-05 13:32 - 2017-12-31 20:21 - 000114408 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2018-01-05 13:32 - 2017-12-31 20:21 - 000095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2018-01-05 13:32 - 2017-12-31 20:19 - 001665384 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2018-01-05 13:32 - 2017-12-31 20:18 - 014183936 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2018-01-05 13:32 - 2017-12-31 20:18 - 002066432 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2018-01-05 13:32 - 2017-12-31 20:18 - 002004480 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2018-01-05 13:32 - 2017-12-31 20:18 - 001942016 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2018-01-05 13:32 - 2017-12-31 20:18 - 001867776 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2018-01-05 13:32 - 2017-12-31 20:18 - 001741312 _____ (Microsoft Corporation) C:\Windows\system32\sysmain.dll
2018-01-05 13:32 - 2017-12-31 20:18 - 001460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2018-01-05 13:32 - 2017-12-31 20:18 - 001361408 _____ (Microsoft Corporation) C:\Windows\system32\PeerDistSvc.dll
2018-01-05 13:32 - 2017-12-31 20:18 - 001212928 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2018-01-05 13:32 - 2017-12-31 20:18 - 001163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2018-01-05 13:32 - 2017-12-31 20:18 - 001110528 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll
2018-01-05 13:32 - 2017-12-31 20:18 - 000977408 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2018-01-05 13:32 - 2017-12-31 20:18 - 000961024 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll
2018-01-05 13:32 - 2017-12-31 20:18 - 000880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2018-01-05 13:32 - 2017-12-31 20:18 - 000863232 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2018-01-05 13:32 - 2017-12-31 20:18 - 000842752 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2018-01-05 13:32 - 2017-12-31 20:18 - 000828928 _____ (Microsoft Corporation) C:\Windows\system32\MPSSVC.dll
2018-01-05 13:32 - 2017-12-31 20:18 - 000749568 _____ (Microsoft Corporation) C:\Windows\system32\FirewallAPI.dll
2018-01-05 13:32 - 2017-12-31 20:18 - 000731648 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2018-01-05 13:32 - 2017-12-31 20:18 - 000705024 _____ (Microsoft Corporation) C:\Windows\system32\BFE.DLL
2018-01-05 13:32 - 2017-12-31 20:18 - 000690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2018-01-05 13:32 - 2017-12-31 20:18 - 000512000 _____ (Microsoft Corporation) C:\Windows\system32\rpcss.dll
2018-01-05 13:32 - 2017-12-31 20:18 - 000503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2018-01-05 13:32 - 2017-12-31 20:18 - 000473600 _____ (Microsoft Corporation) C:\Windows\system32\taskcomp.dll
2018-01-05 13:32 - 2017-12-31 20:18 - 000463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2018-01-05 13:32 - 2017-12-31 20:18 - 000444928 _____ (Microsoft Corporation) C:\Windows\system32\winhttp.dll
2018-01-05 13:32 - 2017-12-31 20:18 - 000439296 _____ (Microsoft Corporation) C:\Windows\system32\p2psvc.dll
2018-01-05 13:32 - 2017-12-31 20:18 - 000419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2018-01-05 13:32 - 2017-12-31 20:18 - 000366592 _____ (Microsoft Corporation) C:\Windows\system32\wcncsvc.dll
2018-01-05 13:32 - 2017-12-31 20:18 - 000361984 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2018-01-05 13:32 - 2017-12-31 20:18 - 000345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2018-01-05 13:32 - 2017-12-31 20:18 - 000327168 _____ (Microsoft Corporation) C:\Windows\system32\pnrpsvc.dll
2018-01-05 13:32 - 2017-12-31 20:18 - 000324096 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
2018-01-05 13:32 - 2017-12-31 20:18 - 000316928 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2018-01-05 13:32 - 2017-12-31 20:18 - 000312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2018-01-05 13:32 - 2017-12-31 20:18 - 000303104 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2018-01-05 13:32 - 2017-12-31 20:18 - 000264704 _____ (Microsoft Corporation) C:\Windows\system32\P2P.dll
2018-01-05 13:32 - 2017-12-31 20:18 - 000243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2018-01-05 13:32 - 2017-12-31 20:18 - 000223232 _____ (Microsoft Corporation) C:\Windows\system32\ncsi.dll
2018-01-05 13:32 - 2017-12-31 20:18 - 000215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2018-01-05 13:32 - 2017-12-31 20:18 - 000210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2018-01-05 13:32 - 2017-12-31 20:18 - 000190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2018-01-05 13:32 - 2017-12-31 20:18 - 000181760 _____ (Microsoft Corporation) C:\Windows\system32\PeerDist.dll
2018-01-05 13:32 - 2017-12-31 20:18 - 000146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2018-01-05 13:32 - 2017-12-31 20:18 - 000135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2018-01-05 13:32 - 2017-12-31 20:18 - 000131584 _____ (Microsoft Corporation) C:\Windows\system32\PeerDistWSDDiscoProv.dll
2018-01-05 13:32 - 2017-12-31 20:18 - 000123904 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
2018-01-05 13:32 - 2017-12-31 20:18 - 000120320 _____ (Microsoft Corporation) C:\Windows\system32\WcnApi.dll
2018-01-05 13:32 - 2017-12-31 20:18 - 000108544 _____ (Microsoft Corporation) C:\Windows\system32\icfupgd.dll
2018-01-05 13:32 - 2017-12-31 20:18 - 000101376 _____ (Microsoft Corporation) C:\Windows\system32\fdWCN.dll
2018-01-05 13:32 - 2017-12-31 20:18 - 000095744 _____ (Microsoft Corporation) C:\Windows\system32\rascfg.dll
2018-01-05 13:32 - 2017-12-31 20:18 - 000086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2018-01-05 13:32 - 2017-12-31 20:18 - 000084480 _____ (Microsoft Corporation) C:\Windows\system32\INETRES.dll
2018-01-05 13:32 - 2017-12-31 20:18 - 000076288 _____ (Microsoft Corporation) C:\Windows\system32\rasdiag.dll
2018-01-05 13:32 - 2017-12-31 20:18 - 000070656 _____ (Microsoft Corporation) C:\Windows\system32\nlaapi.dll
2018-01-05 13:32 - 2017-12-31 20:18 - 000070144 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2018-01-05 13:32 - 2017-12-31 20:18 - 000063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2018-01-05 13:32 - 2017-12-31 20:18 - 000060928 _____ (Microsoft Corporation) C:\Windows\system32\ndptsp.tsp
2018-01-05 13:32 - 2017-12-31 20:18 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2018-01-05 13:32 - 2017-12-31 20:18 - 000059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2018-01-05 13:32 - 2017-12-31 20:18 - 000053760 _____ (Microsoft Corporation) C:\Windows\system32\vmicres.dll
2018-01-05 13:32 - 2017-12-31 20:18 - 000051200 _____ (Microsoft Corporation) C:\Windows\system32\PeerDistHttpTrans.dll
2018-01-05 13:32 - 2017-12-31 20:18 - 000050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2018-01-05 13:32 - 2017-12-31 20:18 - 000047104 _____ (Microsoft Corporation) C:\Windows\system32\kmddsp.tsp
2018-01-05 13:32 - 2017-12-31 20:18 - 000044032 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2018-01-05 13:32 - 2017-12-31 20:18 - 000043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2018-01-05 13:32 - 2017-12-31 20:18 - 000041472 _____ (Microsoft Corporation) C:\Windows\system32\rasmxs.dll
2018-01-05 13:32 - 2017-12-31 20:18 - 000039424 _____ (Microsoft Corporation) C:\Windows\system32\traffic.dll
2018-01-05 13:32 - 2017-12-31 20:18 - 000034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2018-01-05 13:32 - 2017-12-31 20:18 - 000029696 _____ (Microsoft Corporation) C:\Windows\system32\rasser.dll
2018-01-05 13:32 - 2017-12-31 20:18 - 000028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2018-01-05 13:32 - 2017-12-31 20:18 - 000028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2018-01-05 13:32 - 2017-12-31 20:18 - 000026112 _____ (Microsoft Corporation) C:\Windows\system32\oleres.dll
2018-01-05 13:32 - 2017-12-31 20:18 - 000024576 _____ (Microsoft Corporation) C:\Windows\system32\WcnEapPeerProxy.dll
2018-01-05 13:32 - 2017-12-31 20:18 - 000024064 _____ (Microsoft Corporation) C:\Windows\system32\WcnEapAuthProxy.dll
2018-01-05 13:32 - 2017-12-31 20:18 - 000022528 _____ (Microsoft Corporation) C:\Windows\system32\wfapigp.dll
2018-01-05 13:32 - 2017-12-31 20:18 - 000022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2018-01-05 13:32 - 2017-12-31 20:18 - 000016896 _____ (Microsoft Corporation) C:\Windows\system32\wshqos.dll
2018-01-05 13:32 - 2017-12-31 20:18 - 000016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2018-01-05 13:32 - 2017-12-31 20:18 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\wshnetbs.dll
2018-01-05 13:32 - 2017-12-31 20:18 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2018-01-05 13:32 - 2017-12-31 20:18 - 000008704 _____ (Microsoft Corporation) C:\Windows\system32\comcat.dll
2018-01-05 13:32 - 2017-12-31 20:18 - 000006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2018-01-05 13:32 - 2017-12-31 20:18 - 000006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2018-01-05 13:32 - 2017-12-31 20:18 - 000005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2018-01-05 13:32 - 2017-12-31 20:18 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2018-01-05 13:32 - 2017-12-31 20:18 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2018-01-05 13:32 - 2017-12-31 20:18 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2018-01-05 13:32 - 2017-12-31 20:18 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2018-01-05 13:32 - 2017-12-31 20:18 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2018-01-05 13:32 - 2017-12-31 20:18 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2018-01-05 13:32 - 2017-12-31 20:18 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2018-01-05 13:32 - 2017-12-31 20:18 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2018-01-05 13:32 - 2017-12-31 20:18 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2018-01-05 13:32 - 2017-12-31 20:18 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2018-01-05 13:32 - 2017-12-31 20:18 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2018-01-05 13:32 - 2017-12-31 20:18 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2018-01-05 13:32 - 2017-12-31 20:18 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2018-01-05 13:32 - 2017-12-31 20:18 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2018-01-05 13:32 - 2017-12-31 20:18 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2018-01-05 13:32 - 2017-12-31 20:18 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2018-01-05 13:32 - 2017-12-31 20:18 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2018-01-05 13:32 - 2017-12-31 20:18 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2018-01-05 13:32 - 2017-12-31 20:18 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2018-01-05 13:32 - 2017-12-31 20:18 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2018-01-05 13:32 - 2017-12-31 20:18 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2018-01-05 13:32 - 2017-12-31 20:18 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2018-01-05 13:32 - 2017-12-31 20:18 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2018-01-05 13:32 - 2017-12-31 20:18 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2018-01-05 13:32 - 2017-12-31 20:18 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2018-01-05 13:32 - 2017-12-31 20:18 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2018-01-05 13:32 - 2017-12-31 20:18 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2018-01-05 13:32 - 2017-12-31 20:13 - 000631680 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2018-01-05 13:32 - 2017-12-31 20:04 - 000559616 _____ (Microsoft Corporation) C:\Windows\system32\spoolsv.exe
2018-01-05 13:32 - 2017-12-31 20:02 - 001314112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2018-01-05 13:32 - 2017-12-31 20:00 - 012880384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2018-01-05 13:32 - 2017-12-31 20:00 - 001499648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll
2018-01-05 13:32 - 2017-12-31 20:00 - 001417728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2018-01-05 13:32 - 2017-12-31 20:00 - 001390080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2018-01-05 13:32 - 2017-12-31 20:00 - 001114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2018-01-05 13:32 - 2017-12-31 20:00 - 000741888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2018-01-05 13:32 - 2017-12-31 20:00 - 000666624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll
2018-01-05 13:32 - 2017-12-31 20:00 - 000666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2018-01-05 13:32 - 2017-12-31 20:00 - 000554496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2018-01-05 13:32 - 2017-12-31 20:00 - 000463360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FirewallAPI.dll
2018-01-05 13:32 - 2017-12-31 20:00 - 000351744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winhttp.dll
2018-01-05 13:32 - 2017-12-31 20:00 - 000304640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\taskcomp.dll
2018-01-05 13:32 - 2017-12-31 20:00 - 000276992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wcncsvc.dll
2018-01-05 13:32 - 2017-12-31 20:00 - 000275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2018-01-05 13:32 - 2017-12-31 20:00 - 000261120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2018-01-05 13:32 - 2017-12-31 20:00 - 000254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2018-01-05 13:32 - 2017-12-31 20:00 - 000223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2018-01-05 13:32 - 2017-12-31 20:00 - 000217600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\P2P.dll
2018-01-05 13:32 - 2017-12-31 20:00 - 000216576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL
2018-01-05 13:32 - 2017-12-31 20:00 - 000172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2018-01-05 13:32 - 2017-12-31 20:00 - 000162304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncsi.dll
2018-01-05 13:32 - 2017-12-31 20:00 - 000146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2018-01-05 13:32 - 2017-12-31 20:00 - 000141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2018-01-05 13:32 - 2017-12-31 20:00 - 000139776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PeerDist.dll
2018-01-05 13:32 - 2017-12-31 20:00 - 000096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2018-01-05 13:32 - 2017-12-31 20:00 - 000084480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\INETRES.dll
2018-01-05 13:32 - 2017-12-31 20:00 - 000082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcrypt.dll
2018-01-05 13:32 - 2017-12-31 20:00 - 000081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fdWCN.dll
2018-01-05 13:32 - 2017-12-31 20:00 - 000081408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rascfg.dll
2018-01-05 13:32 - 2017-12-31 20:00 - 000065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2018-01-05 13:32 - 2017-12-31 20:00 - 000061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rasdiag.dll
2018-01-05 13:32 - 2017-12-31 20:00 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2018-01-05 13:32 - 2017-12-31 20:00 - 000052224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll
2018-01-05 13:32 - 2017-12-31 20:00 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ndptsp.tsp
2018-01-05 13:32 - 2017-12-31 20:00 - 000043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2018-01-05 13:32 - 2017-12-31 20:00 - 000033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\traffic.dll
2018-01-05 13:32 - 2017-12-31 20:00 - 000026112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleres.dll
2018-01-05 13:32 - 2017-12-31 20:00 - 000022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2018-01-05 13:32 - 2017-12-31 20:00 - 000017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2018-01-05 13:32 - 2017-12-31 20:00 - 000005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2018-01-05 13:32 - 2017-12-31 20:00 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2018-01-05 13:32 - 2017-12-31 19:59 - 001806848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2018-01-05 13:32 - 2017-12-31 19:59 - 000690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2018-01-05 13:32 - 2017-12-31 19:59 - 000644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2018-01-05 13:32 - 2017-12-31 19:59 - 000342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2018-01-05 13:32 - 2017-12-31 19:59 - 000309760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\actxprxy.dll
2018-01-05 13:32 - 2017-12-31 19:59 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2018-01-05 13:32 - 2017-12-31 19:59 - 000006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2018-01-05 13:32 - 2017-12-31 19:59 - 000005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2018-01-05 13:32 - 2017-12-31 19:59 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2018-01-05 13:32 - 2017-12-31 19:59 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2018-01-05 13:32 - 2017-12-31 19:59 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2018-01-05 13:32 - 2017-12-31 19:59 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2018-01-05 13:32 - 2017-12-31 19:59 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2018-01-05 13:32 - 2017-12-31 19:59 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2018-01-05 13:32 - 2017-12-31 19:59 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2018-01-05 13:32 - 2017-12-31 19:59 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2018-01-05 13:32 - 2017-12-31 19:59 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2018-01-05 13:32 - 2017-12-31 19:59 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2018-01-05 13:32 - 2017-12-31 19:59 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2018-01-05 13:32 - 2017-12-31 19:59 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2018-01-05 13:32 - 2017-12-31 19:59 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2018-01-05 13:32 - 2017-12-31 19:59 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2018-01-05 13:32 - 2017-12-31 19:59 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2018-01-05 13:32 - 2017-12-31 19:59 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2018-01-05 13:32 - 2017-12-31 19:59 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2018-01-05 13:32 - 2017-12-31 19:59 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2018-01-05 13:32 - 2017-12-31 19:59 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2018-01-05 13:32 - 2017-12-31 19:59 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2018-01-05 13:32 - 2017-12-31 19:59 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2018-01-05 13:32 - 2017-12-31 19:59 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2018-01-05 13:32 - 2017-12-31 19:59 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2018-01-05 13:32 - 2017-12-31 19:55 - 000131584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pacer.sys
2018-01-05 13:32 - 2017-12-31 19:55 - 000088576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wanarp.sys
2018-01-05 13:32 - 2017-12-31 19:55 - 000058368 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndproxy.sys
2018-01-05 13:32 - 2017-12-31 19:55 - 000045056 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netbios.sys
2018-01-05 13:32 - 2017-12-31 19:55 - 000024064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndistapi.sys
2018-01-05 13:32 - 2017-12-31 19:54 - 004013800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2018-01-05 13:32 - 2017-12-31 19:54 - 003959016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2018-01-05 13:32 - 2017-12-31 19:54 - 000077312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mpsdrv.sys
2018-01-05 13:32 - 2017-12-31 19:50 - 000455680 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2018-01-05 13:32 - 2017-12-31 19:49 - 000148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2018-01-05 13:32 - 2017-12-31 19:49 - 000064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2018-01-05 13:32 - 2017-12-31 19:49 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2018-01-05 13:32 - 2017-12-31 19:49 - 000017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2018-01-05 13:32 - 2017-12-31 19:47 - 000244224 _____ (Microsoft Corporation) C:\Windows\system32\vmicsvc.exe
2018-01-05 13:32 - 2017-12-31 19:46 - 000338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2018-01-05 13:32 - 2017-12-31 19:46 - 000128512 _____ (Microsoft Corporation) C:\Windows\system32\IcCoinstall.dll
2018-01-05 13:32 - 2017-12-31 19:46 - 000051712 _____ (Microsoft Corporation) C:\Windows\system32\vmictimeprovider.dll
2018-01-05 13:32 - 2017-12-31 19:45 - 000296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2018-01-05 13:32 - 2017-12-31 19:43 - 000086528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WcnApi.dll
2018-01-05 13:32 - 2017-12-31 19:43 - 000038912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kmddsp.tsp
2018-01-05 13:32 - 2017-12-31 19:43 - 000033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rasmxs.dll
2018-01-05 13:32 - 2017-12-31 19:43 - 000022528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rasser.dll
2018-01-05 13:32 - 2017-12-31 19:43 - 000020480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WcnEapPeerProxy.dll
2018-01-05 13:32 - 2017-12-31 19:43 - 000019968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WcnEapAuthProxy.dll
2018-01-05 13:32 - 2017-12-31 19:43 - 000018944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wfapigp.dll
2018-01-05 13:32 - 2017-12-31 19:43 - 000013824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshqos.dll
2018-01-05 13:32 - 2017-12-31 19:42 - 000460288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2018-01-05 13:32 - 2017-12-31 19:42 - 000406016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2018-01-05 13:32 - 2017-12-31 19:42 - 000168448 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2018-01-05 13:32 - 2017-12-31 19:42 - 000159744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2018-01-05 13:32 - 2017-12-31 19:41 - 000754176 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys
2018-01-05 13:32 - 2017-12-31 19:41 - 000291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2018-01-05 13:32 - 2017-12-31 19:41 - 000129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2018-01-05 13:32 - 2017-12-31 19:41 - 000112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2018-01-05 13:32 - 2017-12-31 19:41 - 000106496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dfsc.sys
2018-01-05 13:32 - 2017-12-31 19:41 - 000030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2018-01-05 13:32 - 2017-12-31 19:41 - 000007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comcat.dll
2018-01-05 13:32 - 2017-12-31 19:39 - 000050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2018-01-05 13:32 - 2017-12-31 19:36 - 000025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2018-01-05 13:32 - 2017-12-31 19:36 - 000014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2018-01-05 13:32 - 2017-12-31 19:36 - 000007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2018-01-05 13:32 - 2017-12-31 19:36 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2018-01-05 13:32 - 2017-12-31 19:35 - 000036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2018-01-05 13:32 - 2017-12-31 19:35 - 000006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2018-01-05 13:32 - 2017-12-31 19:35 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2018-01-05 13:32 - 2017-12-31 19:35 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2018-01-05 13:32 - 2017-12-31 19:35 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2018-01-05 13:32 - 2017-12-30 01:29 - 000395968 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2018-01-05 13:32 - 2017-12-30 00:42 - 000347328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2018-01-05 13:32 - 2017-12-29 12:39 - 020274688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2018-01-05 13:32 - 2017-12-29 12:24 - 002724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2018-01-05 13:32 - 2017-12-29 12:13 - 000499712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2018-01-05 13:32 - 2017-12-29 12:13 - 000062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2018-01-05 13:32 - 2017-12-29 12:12 - 000341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2018-01-05 13:32 - 2017-12-29 12:12 - 000047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2018-01-05 13:32 - 2017-12-29 12:11 - 000064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2018-01-05 13:32 - 2017-12-29 12:09 - 002294272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2018-01-05 13:32 - 2017-12-29 12:06 - 000047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2018-01-05 13:32 - 2017-12-29 12:06 - 000030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2018-01-05 13:32 - 2017-12-29 12:04 - 000476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2018-01-05 13:32 - 2017-12-29 12:03 - 000662528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2018-01-05 13:32 - 2017-12-29 12:03 - 000620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2018-01-05 13:32 - 2017-12-29 12:03 - 000115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2018-01-05 13:32 - 2017-12-29 11:55 - 000416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2018-01-05 13:32 - 2017-12-29 11:51 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2018-01-05 13:32 - 2017-12-29 11:50 - 000091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2018-01-05 13:32 - 2017-12-29 11:50 - 000073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2018-01-05 13:32 - 2017-12-29 11:47 - 000168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2018-01-05 13:32 - 2017-12-29 11:47 - 000076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2018-01-05 13:32 - 2017-12-29 11:46 - 000279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2018-01-05 13:32 - 2017-12-29 11:45 - 004508160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2018-01-05 13:32 - 2017-12-29 11:44 - 000130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2018-01-05 13:32 - 2017-12-29 11:39 - 000230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2018-01-05 13:32 - 2017-12-29 11:38 - 013680128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2018-01-05 13:32 - 2017-12-29 11:38 - 000694272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2018-01-05 13:32 - 2017-12-29 11:37 - 002058752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2018-01-05 13:32 - 2017-12-29 11:36 - 001155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2018-01-05 13:32 - 2017-12-29 11:19 - 002767872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2018-01-05 13:32 - 2017-12-29 11:15 - 001313792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2018-01-05 13:32 - 2017-12-29 11:13 - 000710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2018-01-05 13:32 - 2017-12-29 03:15 - 025737728 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2018-01-05 13:32 - 2017-12-29 03:04 - 002724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2018-01-05 13:32 - 2017-12-29 03:04 - 000004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2018-01-05 13:32 - 2017-12-29 02:52 - 002900480 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2018-01-05 13:32 - 2017-12-29 02:51 - 005796352 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2018-01-05 13:32 - 2017-12-29 02:51 - 000066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2018-01-05 13:32 - 2017-12-29 02:50 - 000577024 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2018-01-05 13:32 - 2017-12-29 02:50 - 000417280 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2018-01-05 13:32 - 2017-12-29 02:50 - 000088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2018-01-05 13:32 - 2017-12-29 02:50 - 000048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2018-01-05 13:32 - 2017-12-29 02:44 - 000054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2018-01-05 13:32 - 2017-12-29 02:43 - 000034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2018-01-05 13:32 - 2017-12-29 02:40 - 000615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2018-01-05 13:32 - 2017-12-29 02:39 - 000817152 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2018-01-05 13:32 - 2017-12-29 02:39 - 000814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2018-01-05 13:32 - 2017-12-29 02:39 - 000144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2018-01-05 13:32 - 2017-12-29 02:39 - 000116224 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2018-01-05 13:32 - 2017-12-29 02:32 - 000969216 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2018-01-05 13:32 - 2017-12-29 02:28 - 000489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2018-01-05 13:32 - 2017-12-29 02:22 - 000087552 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2018-01-05 13:32 - 2017-12-29 02:22 - 000077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2018-01-05 13:32 - 2017-12-29 02:21 - 000107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2018-01-05 13:32 - 2017-12-29 02:18 - 000199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2018-01-05 13:32 - 2017-12-29 02:18 - 000092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2018-01-05 13:32 - 2017-12-29 02:16 - 000315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2018-01-05 13:32 - 2017-12-29 02:14 - 000152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2018-01-05 13:32 - 2017-12-29 02:05 - 000262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2018-01-05 13:32 - 2017-12-29 02:04 - 015284224 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2018-01-05 13:32 - 2017-12-29 02:03 - 000807936 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2018-01-05 13:32 - 2017-12-29 02:03 - 000726528 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2018-01-05 13:32 - 2017-12-29 02:01 - 002134528 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2018-01-05 13:32 - 2017-12-29 02:01 - 001359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2018-01-05 13:32 - 2017-12-29 01:50 - 003241472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2018-01-05 13:32 - 2017-12-29 01:39 - 001545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2018-01-05 13:32 - 2017-12-29 01:27 - 000800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2018-01-05 13:32 - 2017-12-21 00:27 - 000634312 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2018-01-05 13:32 - 2017-12-13 10:31 - 000383720 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2018-01-05 13:32 - 2017-12-13 10:27 - 000100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2018-01-05 13:32 - 2017-12-13 10:27 - 000046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2018-01-05 13:32 - 2017-12-13 10:27 - 000041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2018-01-05 13:32 - 2017-12-13 10:27 - 000014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2018-01-05 13:32 - 2017-12-13 10:15 - 000309480 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2018-01-05 13:32 - 2017-12-13 10:11 - 000071168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2018-01-05 13:32 - 2017-12-13 10:11 - 000025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2018-01-05 13:32 - 2017-12-13 10:11 - 000010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2018-01-05 13:32 - 2017-12-13 09:50 - 000034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2018-01-05 13:32 - 2017-12-05 11:36 - 000625664 _____ (Microsoft Corporation) C:\Windows\system32\mscms.dll
2018-01-05 13:32 - 2017-12-05 11:36 - 000250880 _____ (Microsoft Corporation) C:\Windows\system32\icm32.dll
2018-01-05 13:32 - 2017-12-05 11:36 - 000040960 _____ (Microsoft Corporation) C:\Windows\system32\WcsPlugInService.dll
2018-01-05 13:32 - 2017-12-05 11:08 - 000481792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscms.dll
2018-01-05 13:32 - 2017-12-05 11:08 - 000215040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icm32.dll
2018-01-05 13:32 - 2017-12-05 09:59 - 003222528 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2018-01-05 13:32 - 2017-12-05 09:49 - 000032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WcsPlugInService.dll
2018-01-04 12:05 - 2018-01-04 12:05 - 000000000 ____D C:\ProgramData\AMD
2018-01-04 03:42 - 2018-01-04 03:42 - 000000000 ____D C:\Users\Peter\AppData\Local\realtech_VR
2018-01-02 15:30 - 2018-01-31 17:37 - 000000000 ____D C:\Users\Dr. Kitten\AppData\Roaming\Raptr
2018-01-02 15:30 - 2018-01-31 17:37 - 000000000 ____D C:\Users\Dr. Kitten\AppData\Roaming\PlaysTV

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-02-01 14:34 - 2015-02-25 15:14 - 000000000 ____D C:\FRST
2018-02-01 13:59 - 2016-03-28 22:54 - 000000000 ____D C:\Users\Peter\AppData\Roaming\PlaysTV
2018-02-01 11:16 - 2016-03-28 22:50 - 000000000 ____D C:\Users\Peter\AppData\Roaming\Raptr
2018-02-01 08:04 - 2009-07-13 22:45 - 000034544 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2018-02-01 08:04 - 2009-07-13 22:45 - 000034544 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2018-01-31 23:21 - 2009-07-13 23:13 - 000930278 _____ C:\Windows\system32\PerfStringBackup.INI
2018-01-31 23:21 - 2009-07-13 21:20 - 000000000 ____D C:\Windows\inf
2018-01-31 23:17 - 2016-12-27 17:30 - 000000000 ____D C:\Users\Peter\AppData\LocalLow\Mozilla
2018-01-31 23:16 - 2017-04-22 16:48 - 000000000 ____D C:\Temp
2018-01-31 23:16 - 2017-01-27 13:22 - 000000000 ____D C:\Users\Peter\AppData\Roaming\IObit
2018-01-31 23:16 - 2009-07-13 23:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2018-01-31 23:09 - 2015-03-02 13:01 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2018-01-31 23:02 - 2017-01-25 14:19 - 000000000 ____D C:\ProgramData\IObit
2018-01-31 23:01 - 2017-01-25 14:19 - 000000000 ____D C:\Program Files (x86)\IObit
2018-01-31 22:59 - 2017-03-07 23:38 - 000000000 ____D C:\Users\Peter\AppData\Local\Innovative Solutions
2018-01-31 22:56 - 2017-01-25 14:19 - 000000000 ____D C:\ProgramData\ProductData
2018-01-31 22:35 - 2017-05-22 17:29 - 000000000 ____D C:\Program Files\Mozilla Firefox
2018-01-31 22:29 - 2016-01-19 00:02 - 000065536 _____ C:\Windows\system32\spu_storage.bin
2018-01-31 18:05 - 2017-02-03 20:59 - 000000000 ____D C:\Users\Dr. Kitten\AppData\LocalLow\Mozilla
2018-01-31 17:38 - 2017-02-03 21:09 - 000000000 ____D C:\Users\Dr. Kitten\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Roblox
2018-01-31 17:37 - 2017-05-16 11:40 - 000003464 _____ C:\Windows\System32\Tasks\Application Starter - f1375f225883e83d52e8db9690775c3c
2018-01-31 17:37 - 2017-02-03 20:52 - 000000000 ____D C:\Users\Dr. Kitten
2018-01-29 21:09 - 2017-01-11 13:58 - 000000000 ____D C:\Users\Peter\AppData\Local\CrashDumps
2018-01-24 16:03 - 2015-03-27 20:55 - 000000000 ____D C:\Program Files (x86)\Origin
2018-01-23 08:05 - 2017-02-28 10:26 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2018-01-23 08:04 - 2009-07-13 21:20 - 000000000 ____D C:\Program Files\Common Files\Microsoft Shared
2018-01-23 07:56 - 2016-01-21 21:29 - 000000000 ____D C:\Program Files\Microsoft Office
2018-01-23 07:49 - 2017-10-29 09:08 - 000000000 ____D C:\Windows\Minidump
2018-01-23 07:49 - 2014-08-27 22:26 - 000291468 ____N C:\Windows\Minidump\012318-20826-01.dmp
2018-01-21 03:02 - 2016-01-19 00:04 - 000922400 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2018-01-20 16:36 - 2017-07-01 22:16 - 000071168 ___SH C:\Users\Peter\Desktop\Thumbs.db
2018-01-20 16:06 - 2016-05-10 22:35 - 000000000 ____D C:\Program Files (x86)\Samsung
2018-01-20 16:06 - 2016-01-19 00:30 - 000001417 _____ C:\Users\Peter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2018-01-20 16:06 - 2014-08-29 19:07 - 000000000 ____D C:\ProgramData\Samsung
2018-01-20 15:10 - 2017-05-10 21:57 - 000000000 ____D C:\Users\Peter\Desktop\game shortcuts
2018-01-20 15:10 - 2015-12-11 10:58 - 000000000 ____D C:\Users\Peter\AppData\Local\Bluestacks
2018-01-20 15:10 - 2015-03-02 18:17 - 000000000 ____D C:\Users\Peter\Desktop\tools
2018-01-20 13:15 - 2017-03-04 21:08 - 000000000 ____D C:\Users\Peter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Roblox
2018-01-20 12:47 - 2015-02-25 14:46 - 000000000 ____D C:\Program Files (x86)\Runtime Software
2018-01-20 11:54 - 2016-05-11 00:43 - 000000000 ____D C:\Users\Peter\AppData\Roaming\Samsung
2018-01-20 11:54 - 2014-08-29 04:44 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2018-01-20 00:10 - 2017-11-16 08:04 - 000000000 ____D C:\Users\Administrator\AppData\LocalLow\Mozilla
2018-01-19 23:54 - 2017-06-27 17:03 - 000000000 ____D C:\Users\Administrator\AppData\Local\CrashDumps
2018-01-19 23:54 - 2014-08-30 10:54 - 000000000 ____D C:\Program Files (x86)\Steam
2018-01-19 23:45 - 2017-12-28 00:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Problem Report Wizard
2018-01-19 23:45 - 2015-09-07 15:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zhu Zhu Pets
2018-01-19 23:22 - 2017-12-28 00:22 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\Raptr
2018-01-19 16:56 - 2009-07-13 21:20 - 000000000 ____D C:\Windows\registration
2018-01-19 16:52 - 2016-01-17 14:24 - 000000000 ____D C:\Windows\pss
2018-01-19 16:40 - 2017-06-27 17:01 - 000154880 _____ C:\Users\Administrator\AppData\Local\GDIPFONTCACHEV1.DAT
2018-01-17 13:07 - 2017-04-27 00:06 - 000000000 ____D C:\Users\DefaultAppPool
2018-01-17 13:07 - 2016-01-19 00:04 - 000000000 ____D C:\Users\Katiana
2018-01-17 13:07 - 2016-01-19 00:04 - 000000000 ____D C:\Users\Administrator
2018-01-17 11:17 - 2017-05-07 11:48 - 000000000 ____D C:\Program Files (x86)\GOG Galaxy
2018-01-17 11:10 - 2016-01-19 00:04 - 000000000 ____D C:\Users\Peter
2018-01-17 11:09 - 2009-07-13 22:45 - 000541368 _____ C:\Windows\system32\FNTCACHE.DAT
2018-01-15 16:45 - 2016-01-19 18:35 - 000154880 _____ C:\Users\Peter\AppData\Local\GDIPFONTCACHEV1.DAT
2018-01-14 22:24 - 2017-02-03 20:51 - 000000632 __RSH C:\Users\Peter\ntuser.pol
2018-01-14 20:59 - 2017-02-03 20:52 - 000001242 __RSH C:\Users\Dr. Kitten\ntuser.pol
2018-01-14 20:58 - 2017-06-27 17:01 - 000000632 __RSH C:\Users\Administrator\ntuser.pol
2018-01-14 03:08 - 2014-10-10 06:36 - 000000000 ____D C:\Users\Peter\AppData\Roaming\vlc
2018-01-12 21:42 - 2015-12-11 10:58 - 000000000 ____D C:\ProgramData\BlueStacksSetup
2018-01-11 11:27 - 2014-08-29 18:21 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS
2018-01-11 11:27 - 2014-08-29 04:39 - 000000000 ____D C:\Program Files (x86)\ASUS
2018-01-11 11:26 - 2014-08-29 04:40 - 000000000 ____D C:\Windows\System32\Tasks\ASUS
2018-01-11 11:17 - 2014-09-02 17:34 - 000000000 ____D C:\ProgramData\ASUS
2018-01-10 03:06 - 2017-10-12 05:14 - 129365736 ____C (Microsoft Corporation) C:\Windows\system32\MRT-KB890830.exe
2018-01-10 03:06 - 2016-01-19 20:43 - 129365736 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2018-01-10 03:06 - 2014-08-30 11:34 - 000000000 ____D C:\Windows\system32\MRT
2018-01-08 23:32 - 2016-12-28 13:03 - 000000000 ____D C:\Users\Peter\AppData\LocalLow\AMD
2018-01-08 02:09 - 2016-12-27 17:37 - 000000000 ____D C:\Users\Peter\AppData\Local\Roblox
2018-01-08 02:07 - 2016-12-27 17:37 - 000000252 _____ C:\Users\Peter\AppData\LocalLow\rbxcsettings.rbx
2018-01-07 21:42 - 2009-07-13 21:20 - 000000000 ____D C:\Windows\rescache
2018-01-07 14:08 - 2017-02-03 20:54 - 000000000 ____D C:\Users\Dr. Kitten\AppData\Local\CrashDumps
2018-01-06 15:32 - 2015-12-11 10:59 - 000000000 ____D C:\ProgramData\BlueStacks
2018-01-06 15:30 - 2009-07-13 21:20 - 000000000 __RHD C:\Users\Public\Libraries
2018-01-06 13:29 - 2009-07-13 21:20 - 000000000 ___HD C:\Windows\system32\GroupPolicyUsers
2018-01-06 00:47 - 2015-09-01 09:30 - 000002195 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-01-04 12:30 - 2017-07-02 00:34 - 000003168 _____ C:\Windows\System32\Tasks\SmartDefrag_AutoAnalyze
2018-01-04 09:44 - 2017-08-18 06:52 - 000001162 _____ C:\Users\Public\Desktop\Smart Defrag 5.lnk
2018-01-04 09:44 - 2017-07-02 00:34 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Smart Defrag
2018-01-02 17:18 - 2017-02-03 21:00 - 000154496 _____ C:\Users\Dr. Kitten\AppData\Local\GDIPFONTCACHEV1.DAT
2018-01-02 15:30 - 2017-02-03 20:52 - 000000000 ____D C:\Users\Dr. Kitten\AppData\Local\AMD

==================== Files in the root of some directories =======

2017-01-15 21:24 - 2017-01-15 21:24 - 000000000 _____ () C:\ProgramData\cisBFC6.exe
2017-01-15 21:24 - 2017-01-15 21:24 - 000000000 _____ () C:\ProgramData\cisE476.exe
2014-10-15 12:50 - 2014-10-15 12:50 - 012136912 _____ (Citrix Online, a division of Citrix Systems, Inc.) C:\Users\Peter\gosetup.exe
2015-08-12 12:43 - 2015-08-12 12:43 - 009367160 _____ () C:\Program Files (x86)\IntelAndroidDrvSetup1.10.0.exe
2017-01-24 11:35 - 2017-01-24 11:38 - 000006647 _____ () C:\Users\Peter\AppData\Roaming\Comma Separated Values.EML
2014-08-29 06:02 - 2015-04-20 01:17 - 000003264 _____ () C:\Users\Peter\AppData\Roaming\PETER-PC.MTBF.txt
2017-02-16 01:46 - 2017-01-25 03:48 - 002626984 _____ (COMODO) C:\Users\Peter\AppData\Roaming\temp~ccavstart.exe
2017-02-16 01:46 - 2017-01-25 03:49 - 003882680 _____ (Terra Informatica Software, Inc.) C:\Users\Peter\AppData\Roaming\temp~cmdhtml.dll
2014-10-10 07:34 - 2014-10-13 06:34 - 000000132 _____ () C:\Users\Peter\AppData\Roaming\WB.CFG
2016-01-22 09:00 - 2017-07-08 13:35 - 000007626 _____ () C:\Users\Peter\AppData\Local\Resmon.ResmonCfg
2017-01-24 10:39 - 2017-01-24 10:39 - 000000037 _____ () C:\Users\Peter\AppData\Local\X-Plane Installer.prf
2017-01-24 10:39 - 2017-01-26 22:33 - 000000015 _____ () C:\Users\Peter\AppData\Local\X-Plane_drm_11.prf
2017-01-24 10:15 - 2017-01-24 10:15 - 000000016 _____ () C:\Users\Peter\AppData\Local\x-plane_install_11.txt

Some files in TEMP:
====================
2018-01-24 11:51 - 2018-01-24 11:51 - 116708576 _____ () C:\Users\Peter\AppData\Local\Temp\playstv_patch.exe

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2018-01-28 11:53

==================== End of FRST.txt ============================

Edited by Oh My!, 01 February 2018 - 03:56 PM.


#12 Thundergod67

Thundergod67
  • Topic Starter

  • Members
  • 57 posts
  • OFFLINE
  •  
  • Local time:10:25 PM

Posted 01 February 2018 - 03:50 PM

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 27.01.2018
Ran by Peter (01-02-2018 14:35:38)
Running from C:\Users\Peter\Desktop
Windows 7 Professional Service Pack 1 (X64) (2016-01-19 06:28:55)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1439322100-2213096863-3173725656-500 - Administrator - Enabled) => C:\Users\Administrator
ASPNET (S-1-5-21-1439322100-2213096863-3173725656-1005 - Limited - Enabled)
Dr. Kitten (S-1-5-21-1439322100-2213096863-3173725656-1007 - Limited - Enabled) => C:\Users\Dr. Kitten
Guest (S-1-5-21-1439322100-2213096863-3173725656-501 - Limited - Enabled)
HomeGroupUser$ (S-1-5-21-1439322100-2213096863-3173725656-1002 - Limited - Enabled)
Katiana (S-1-5-21-1439322100-2213096863-3173725656-1003 - Limited - Enabled) => C:\Users\Katiana
Peter (S-1-5-21-1439322100-2213096863-3173725656-1000 - Administrator - Enabled) => C:\Users\Peter

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: ZoneAlarm Pro Firewall (Disabled) {1B8D532F-88B1-B2AD-ED22-AED92687A1D2}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

1001 Nights: The Adventures Of Sindbad (HKLM-x32\...\1001 Nights: The Adventures Of Sindbad) (Version: - Alawar Entertainment Inc.)
12G-Complete (HKLM-x32\...\PactGhosts) (Version: - )
64 Bit HP CIO Components Installer (HKLM\...\{55D55008-E5F6-47D6-B16F-B2A40D4D145F}) (Version: 6.2.1 - Hewlett-Packard) Hidden
7-Zip 16.04 (x64) (HKLM\...\7-Zip) (Version: 16.04 - Igor Pavlov)
ACP Application (HKLM\...\{D40D140D-8596-9DF7-A05B-AEFBA5409831}) (Version: 2017.1206.1805.44 - Advanced Micro Devices, Inc.) Hidden
Action Ball 2 (HKLM-x32\...\Action Ball 2) (Version: 1.0 - Alawar Entertainment Inc.)
Action Ball Deluxe (HKLM-x32\...\Action Ball Deluxe) (Version: 1.0 - Alawar Entertainment Inc.)
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 18.009.20050 - Adobe Systems Incorporated)
Adobe Flash Player 24 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 24.0.0.194 - Adobe Systems Incorporated)
Adobe Flash Player 27 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 27.0.0.159 - Adobe Systems Incorporated)
Adobe Flash Player 28 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 28.0.0.126 - Adobe Systems Incorporated)
AIO_Scan (HKLM-x32\...\{D86B0E2E-DF9A-441C-AF77-8D1A0FF00FA6}) (Version: 130.0.365.000 - Hewlett-Packard) Hidden
Alabama Smith in Escape from Pompeii (HKLM-x32\...\Alabama Smith in Escape from Pompeii) (Version: - Alawar Entertainment Inc.)
Alabama Smith in the Quest of Fate (HKLM-x32\...\Alabama Smith in the Quest of Fate) (Version: - Alawar Entertainment Inc.)
Alex Gordon (HKLM-x32\...\Alex Gordon) (Version: - Alawar Entertainment Inc.)
Alexandra Fortune - Mystery of the Lunar Archipelago (HKLM-x32\...\Alexandra Fortune - Mystery of the Lunar Archipelago) (Version: - Alawar Entertainment Inc.)
Alien Outbreak 2: Invasion (HKLM-x32\...\Alien Outbreak 2: Invasion) (Version: 1.0 - Alawar Entertainment Inc.)
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 9.0.000.8 - Advanced Micro Devices, Inc.)
Amelie's Cafe (HKLM-x32\...\Amelie's Cafe) (Version: - Alawar Entertainment Inc.)
Amelie's Cafe: Holiday Spirit (HKLM-x32\...\Amelie's Cafe: Holiday Spirit) (Version: 1.0 - Alawar Entertainment Inc.)
Amelie's Cafe: Summer Time (HKLM-x32\...\Amelie's Cafe: Summer Time) (Version: - Alawar Entertainment Inc.)
Angry Birds (HKLM-x32\...\{0CE0711D-A5E3-4E98-B3C0-0227A5E000CA}) (Version: 2.2.0 - Rovio)
Apple Application Support (32-bit) (HKLM-x32\...\{E92BB800-BCC5-4C25-8102-AC2C3B7C7C1E}) (Version: 5.5 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{9C912B1E-06DD-43EF-BB2B-45CB2C88BAAE}) (Version: 5.5 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{0A596141-97D5-45FA-9281-98DFAF48D579}) (Version: 10.3.2.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{52D87F32-70E4-4348-8148-C0B9F35B1314}) (Version: 2.3.0.177 - Apple Inc.)
Arctic Quest (HKLM-x32\...\Arctic Quest) (Version: 1.0 - Alawar Entertainment Inc.)
Arctic Quest 2 (HKLM-x32\...\Arctic Quest 2) (Version: 1.0 - Alawar Entertainment Inc.)
Asmedia ASM104x USB 3.0 Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.16.12.0 - Asmedia Technology)
Asmedia ASM106x SATA Host Controller Driver (HKLM-x32\...\{61942EF5-2CD8-47D4-869C-2E9A8BB085F1}) (Version: 1.3.4.001 - Asmedia Technology)
ASUS Boot Setting (HKLM-x32\...\{7AAE9187-C24F-4073-A951-36C370E7A3A5}) (Version: 1.00.22 - ASUSTeK Computer Inc.)
ASUS GPU Tweak (HKLM-x32\...\{532F6E8A-AF97-41C3-915F-39F718EC07D1}) (Version: 2.5.2.3 - ASUSTek COMPUTER INC.) Hidden
ASUS GPU Tweak (HKLM-x32\...\InstallShield_{532F6E8A-AF97-41C3-915F-39F718EC07D1}) (Version: 2.5.2.3 - ASUSTek COMPUTER INC.)
ASUS MultiFrame (HKLM-x32\...\{FB4D076A-DEFD-4EAF-AD63-70D5A3BC262A}) (Version: 1.1.0 - ASUS)
ASUS Product Register Program (HKLM-x32\...\{C87D79F6-F813-4812-B7A9-CCCAAB8B1188}) (Version: 1.0.025 - ASUSTek Computer Inc.)
ASUS ROG Connect Plus (HKLM-x32\...\{ECF51D37-52ED-4871-BF8B-FEA34B8B4120}) (Version: 1.00.22 - ASUSTeK Computer Inc.)
Asus Sonic Suite Plugins (HKLM-x32\...\{f0c1caa6-9d8d-47a9-b9a0-1d83ded7e857}) (Version: 1.2.401 - ASUSTeKcomputer.Inc) Hidden
ASUS_ROG_THEME (HKLM-x32\...\ASUS_ROG_THEME) (Version: 1.01.00 - ASUSTeK Computer Inc.)
Aztec Tribe (HKLM-x32\...\Aztec Tribe) (Version: 1.0 - Alawar Entertainment Inc.)
Aztec Tribe: New Land (HKLM-x32\...\Aztec Tribe: New Land) (Version: 1.0 - Alawar Entertainment Inc.)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Beach Party Craze (HKLM-x32\...\Beach Party Craze) (Version: - Alawar Entertainment Inc.)
Belarc Advisor 8.5c (HKLM-x32\...\Belarc Advisor) (Version: 8.5.3.0 - Belarc Inc.)
Big Fish: Game Manager (HKLM-x32\...\BFGC) (Version: 3.3.0.2 - )
Bilbo - The Four Corners of the World (HKLM-x32\...\Bilbo - The Four Corners of the World) (Version: - Alawar Entertainment Inc.)
BitPim 1.0.7 (HKLM-x32\...\{FA61D601-A0FC-48BD-AE7A-54946BCD7FB6}_is1) (Version: 1.0.7 - Joe Pham <djpham@bitpim.org>)
BlueStacks App Player (HKLM-x32\...\BlueStacks) (Version: 3.54.65.1755 - BlueStack Systems, Inc.)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Broadcom 802.11 Network Adapter (HKLM\...\Broadcom 802.11 Network Adapter) (Version: 6.34.223.5 - Broadcom Corporation)
BufferChm (HKLM-x32\...\{2EEA7AA4-C203-4b90-A34F-19FB7EF1C81C}) (Version: 130.0.331.000 - Hewlett-Packard) Hidden
Carl the Caveman (HKLM-x32\...\Carl the Caveman) (Version: 1.0 - Alawar Entertainment Inc.)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.) Hidden
Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.) Hidden
Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.) Hidden
City Magnate (HKLM-x32\...\City Magnate) (Version: 1.0 - Alawar Entertainment Inc.)
Copy (HKLM-x32\...\{3C92B2E6-380D-4fef-B4DF-4A3B4B669771}) (Version: 130.0.428.000 - Hewlett-Packard) Hidden
Corsair Gaming Headset Software (HKLM-x32\...\{6118E939-08B6-4180-8B5B-97836617813B}) (Version: 2.0.35 - Corsair)
Corsair Link (HKLM-x32\...\{658EFB3F-8606-4576-8FEC-B0CED48F1E68}) (Version: 3.1.5525 - Corsair)
Corsair Link™ USB Dongle (Driver Removal) (HKLM-x32\...\SIUSBXP&1B1C&1C00) (Version: - Corsair Memory, Inc.)
CPUID ROG CPU-Z 1.66.1 (HKLM\...\CPUID ROG CPU-Z_is1) (Version: 1.66.1 - CPUID, Inc.)
Creative Pack Volume 1 (HKLM-x32\...\{05181A78-3BA6-4B63-BCE8-888A4BCAACFA}) (Version: 3.0.1 - Corel Corporation)
Crop Busters (HKLM-x32\...\Crop Busters) (Version: 1.0 - Alawar Entertainment Inc.)
Crusaders Of Space 2 (HKLM-x32\...\Crusaders Of Space 2) (Version: 1.0 - Alawar Entertainment Inc.)
CyberLink Media Suite 10 (HKLM-x32\...\InstallShield_{8F14AA37-5193-4A14-BD5B-BDF9B361AEF7}) (Version: 10.0 - CyberLink Corp.)
DAEMON Tools Pro (HKLM-x32\...\DAEMON Tools Pro) (Version: 5.2.0.0350 - DT Soft Ltd)
Dancing Craze (HKLM-x32\...\Dancing Craze) (Version: - Alawar Entertainment Inc.)
Data Import Utility (HKLM-x32\...\{98E62842-1524-4C30-9E60-1545CDD810A4}) (Version: 2.00.005 - PIXELA)
Dazzle Video Capture DVC100 X64 Driver 1.06 (HKLM-x32\...\{BFF23267-1D19-444E-93E2-E5059BE805EA}) (Version: 1.06.0000 - Pinnacle)
Destinations (HKLM-x32\...\{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}) (Version: 130.0.0.0 - Hewlett-Packard) Hidden
DeviceDiscovery (HKLM-x32\...\{2FF8C687-DB7D-4adc-A5DC-57983EC25046}) (Version: 130.0.465.000 - Hewlett-Packard) Hidden
Digger Adventures (HKLM-x32\...\Digger Adventures) (Version: 1.0 - Alawar Entertainment Inc.)
Digital TV for PC 2 (HKLM-x32\...\Digital TV for PC 2_is1) (Version: - 3B Software, Inc.)
DocProc (HKLM-x32\...\{9B362566-EC1B-4700-BB9C-EC661BDE2175}) (Version: 13.0.0.0 - Hewlett-Packard) Hidden
Dragon Age: Origins (HKLM-x32\...\{AEC81925-9C76-4707-84A9-40696C613ED3}) (Version: 1.05.13263.0 - Electronic Arts)
Dragon Age II (HKLM-x32\...\{E1EB9F56-AFE2-4204-B28F-AD8DA793B9F4}) (Version: 1.04.8524.0 - Electronic Arts)
Dragon Puzzle (HKLM-x32\...\Dragon Puzzle) (Version: 1.0 - Alawar Entertainment Inc.)
DriveImage XML (Private Edition) (HKLM-x32\...\{F7E1CA14-B39D-452A-960B-39423DDDD933}) (Version: 2.60.000 - Runtime Software)
Enchanted Cavern (HKLM-x32\...\Enchanted Cavern) (Version: 1.0 - Alawar Entertainment Inc.)
Entropia Universe (HKLM-x32\...\Entropia Universe) (Version: 15.11.3.140709 - MindArk PE AB)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version: - )
Express Burn Disc Burning Software (HKLM-x32\...\ExpressBurn) (Version: 4.84 - NCH Software)
Farm Frenzy 2 (HKLM-x32\...\Farm Frenzy 2) (Version: - Alawar Entertainment Inc.)
Farm Frenzy 3 (HKLM-x32\...\Farm Frenzy 3) (Version: - Alawar Entertainment Inc.)
Fashion Craze (HKLM-x32\...\Fashion Craze) (Version: - Alawar Entertainment Inc.)
Fashion Season (HKLM-x32\...\Fashion Season) (Version: 1.0 - Alawar Entertainment Inc.)
Fax (HKLM-x32\...\{440B915A-0C85-45DB-92AE-75AE14704A64}) (Version: 130.0.418.000 - Hewlett-Packard) Hidden
Filmmaker's Toolkit for Studio (HKLM-x32\...\{2444562A-A7DC-42B8-A4D8-1BCF704B1480}) (Version: 1.0.1 - Red Giant) Hidden
Filmmaker's Toolkit for Studio (HKLM-x32\...\InstallShield_{2444562A-A7DC-42B8-A4D8-1BCF704B1480}) (Version: 1.0.1 - Red Giant)
Finding Doggy (HKLM-x32\...\Finding Doggy) (Version: 1.0 - Alawar Entertainment Inc.)
Flower Quest (HKLM-x32\...\Flower Quest) (Version: 1.0 - Alawar Entertainment Inc.)
Free Opener (HKLM\...\{A1F2C608-32D6-467D-B035-BBEF509042BA}_is1) (Version: 1.0 - EZ Freeware)
Froggy's Adventures (HKLM-x32\...\Froggy's Adventures) (Version: 1.0 - Alawar Entertainment Inc.)
Fruit Lockers 2 - The Enchanting Islands (HKLM-x32\...\Fruit Lockers 2 - The Enchanting Islands) (Version: - Alawar Entertainment Inc.)
Glyph (HKLM-x32\...\Glyph) (Version: - Trion Worlds, Inc.)
GOG Galaxy (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version: - GOG.com)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 63.0.3239.132 - Google Inc.)
Google Earth (HKLM-x32\...\{5D0A40B1-C5A2-4E87-B346-8D7FB6A80B0E}) (Version: 7.1.7.2602 - Google)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.7 - Google Inc.) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
Gourmania (HKLM-x32\...\Gourmania) (Version: - Alawar Entertainment Inc.)
Gourmania 2: Great Expectations (HKLM-x32\...\Gourmania 2: Great Expectations) (Version: - Alawar Entertainment Inc.)
Gourmania 3: Zoo Zoom (HKLM-x32\...\Gourmania 3: Zoo Zoom) (Version: 1.0 - Alawar Entertainment Inc.)
GPBaseService2 (HKLM-x32\...\{63FF21C9-A810-464F-B60A-3111747B1A6D}) (Version: 130.0.371.000 - Hewlett-Packard) Hidden
GPUTweakStreaming (HKLM-x32\...\{D2A41AA7-4313-43D5-AA39-7E3FBBE0556D}) (Version: 1.0.3.5 - ASUS) Hidden
GPUTweakStreaming (HKLM-x32\...\InstallShield_{D2A41AA7-4313-43D5-AA39-7E3FBBE0556D}) (Version: 1.0.3.5 - ASUS)
Grand Master Chess Online (HKLM-x32\...\Grand Master Chess Online) (Version: 1.0 - Alawar Entertainment Inc.)
Hamlet (HKLM-x32\...\Hamlet) (Version: - Alawar Entertainment Inc.)
Haunted Domains (HKLM-x32\...\Haunted Domains) (Version: 1.0 - Alawar Entertainment Inc.)
Helium (HKLM-x32\...\{9A781940-AC41-4D5E-8E1E-76A04B916FB9}) (Version: 1.0.0 - ClockworkMod)
Heroes Of Hellas (HKLM-x32\...\Heroes Of Hellas) (Version: - Alawar Entertainment Inc.)
Heroes of Hellas 2: Olympia (HKLM-x32\...\Heroes of Hellas 2: Olympia) (Version: - Alawar Entertainment Inc.)
Hidden World (HKLM-x32\...\Hidden World) (Version: 1.0 - Alawar Entertainment Inc.)
Holly 2 - Magic Land (HKLM-x32\...\Holly 2 - Magic Land) (Version: - Alawar Entertainment Inc.)
Holly. A Christmas Tale Deluxe (HKLM-x32\...\Holly. A Christmas Tale Deluxe) (Version: 1.0 - Alawar Entertainment Inc.)
Hollywood FX Volumes 1-3 (HKLM-x32\...\{E3D181F8-246B-497F-945E-6DB98CBA6677}) (Version: 2.0.1 - Corel Corporation)
Hotel Mogul (HKLM-x32\...\Hotel Mogul) (Version: - Alawar Entertainment Inc.)
HP Customer Participation Program 13.0 (HKLM\...\HPExtendedCapabilities) (Version: 13.0 - HP)
HP Imaging Device Functions 13.0 (HKLM\...\HP Imaging Device Functions) (Version: 13.0 - HP)
HP Photosmart All-In-One Driver Software 13.0 Rel. 2 (HKLM\...\{988329F4-A1A1-4D51-803C-EF2725A97627}) (Version: 13.0 - HP)
HP Photosmart Essential 3.5 (HKLM\...\HP Photosmart Essential) (Version: 3.5 - HP)
HP Smart Web Printing 4.51 (HKLM\...\HP Smart Web Printing) (Version: 4.51 - HP)
HP Update (HKLM-x32\...\{7059BDA7-E1DB-442C-B7A1-6144596720A4}) (Version: 4.000.011.006 - Hewlett-Packard)
HPDiagnosticAlert (HKLM-x32\...\{B6465A32-8BE9-4B38-ADC5-4B4BDDC10B0D}) (Version: 1.00.0001 - Microsoft) Hidden
HPPhotoGadget (HKLM-x32\...\{CAE4213F-F797-439D-BD9E-79B71D115BE3}) (Version: 130.0.282.000 - Hewlett-Packard) Hidden
HPPhotoSmartDiscLabel_PaperLabel (HKLM-x32\...\{D9D8F2CF-FE2D-4644-9762-01F916FE90A9}) (Version: 2.04.0000 - Hewlett-Packard) Hidden
HPPhotoSmartDiscLabel_PrintOnDisc (HKLM-x32\...\{20EFC9AA-BBC1-4DFD-81FF-99654F71CBF8}) (Version: 2.04.0000 - Hewlett-Packard) Hidden
HPPhotoSmartDiscLabelContent1 (HKLM-x32\...\{681B698F-C997-42C3-B184-B489C6CA24C9}) (Version: 2.04.0000 - Hewlett-Packard) Hidden
hpphotosmartdisclabelplugin (HKLM-x32\...\{B28635AB-1DF3-4F07-BFEA-975D911B549B}) (Version: 2.04.0000 - Hewlett-Packard) Hidden
HPPhotosmartEssential (HKLM-x32\...\{D79113E7-274C-470B-BD46-01B10219DF6A}) (Version: 2.04.0000 - Hewlett-Packard) Hidden
HPProductAssistant (HKLM-x32\...\{C43326F5-F135-4551-8270-7F7ABA0462E1}) (Version: 130.0.371.000 - Hewlett-Packard) Hidden
HPSSupply (HKLM-x32\...\{6B2FFB21-AC88-45C3-9A7D-4BB3E744EC91}) (Version: 130.0.371.000 - Hewlett-Packard) Hidden
Hyperballoid 2 (HKLM-x32\...\Hyperballoid 2) (Version: 1.0 - Alawar Entertainment Inc.)
Hyperspace Invader (HKLM-x32\...\Hyperspace Invader) (Version: 1.0 - Alawar Entertainment Inc.)
Indeo® Software (HKLM-x32\...\Indeo® Software) (Version: - )
Intel Security True Key (HKLM\...\TrueKey) (Version: 4.4.129.1 - Intel Security)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.0.0.1310 - Intel Corporation)
Intel® Network Connections 18.1.59.0 (HKLM\...\PROSetDX) (Version: 18.1.59.0 - Intel)
Intel® Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.0.1016 - Intel Corporation)
Island Realms (HKLM-x32\...\Island Realms) (Version: - Alawar Entertainment Inc.)
iTunes (HKLM\...\{F0C7385A-9D20-45F3-8101-05D383885180}) (Version: 12.6.1.25 - Apple Inc.)
iZotope Music & Speech Cleaner (HKLM-x32\...\iZotope Music & Speech Cleaner_is1) (Version: 1.00 - iZotope, Inc.)
Java 8 Update 141 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180141F0}) (Version: 8.0.1410.15 - Oracle Corporation)
Java 8 Update 151 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180151F0}) (Version: 8.0.1510.12 - Oracle Corporation)
Jenny's Fish Shop (HKLM-x32\...\Jenny's Fish Shop) (Version: 1.0 - Alawar Entertainment Inc.)
Joan Jade and the Gates of Xibalba (HKLM-x32\...\Joan Jade and the Gates of Xibalba) (Version: - Alawar Entertainment Inc.)
Joulemeter (HKLM-x32\...\{E043568C-1745-4C69-9D52-43F6E79EB03B}) (Version: 1.2.0 - Microsoft Research)
Journey of Hope (HKLM-x32\...\Journey of Hope) (Version: - Alawar Entertainment Inc.)
Juliette's Fashion Empire (HKLM-x32\...\Juliette's Fashion Empire) (Version: 1.0 - Alawar Entertainment Inc.)
K-Lite Codec Pack 7.0.0 (Standard) (HKLM-x32\...\KLiteCodecPack_is1) (Version: 7.0.0 - )
Land of Runes 1.0 (HKLM-x32\...\Land of Runes) (Version: 1.0 - Viva Media, LLC)
LG Outlook Sync (HKLM-x32\...\{84CA1CCF-5CF7-4ED6-8CFA-77DD5C949505}) (Version: 1.1.0.4 - LG Electronics)
Logitech Gaming Software 5.10 (HKLM\...\{1444D2EE-C7AD-44A8-844F-2634B49353D1}) (Version: 5.10.127 - Logitech)
Macrium Reflect Free Edition (HKLM\...\{BEA0E5E1-8658-4091-92EF-F121D3E09BFD}) (Version: 7.1.2833 - Paramount Software (UK) Ltd.) Hidden
Macrium Reflect Free Edition (HKLM\...\MacriumReflect) (Version: 7.1 - Paramount Software (UK) Ltd.)
Magic Encyclopedia - Moon Light (HKLM-x32\...\Magic Encyclopedia - Moon Light) (Version: - Alawar Entertainment Inc.)
Magic Encyclopedia. First Story (HKLM-x32\...\Magic Encyclopedia. First Story) (Version: - Alawar Entertainment Inc.)
Magic Shop (HKLM-x32\...\Magic Shop) (Version: 1.0 - Alawar Entertainment Inc.)
Mahjongg Artifacts (HKLM-x32\...\Mahjongg Artifacts) (Version: 1.0 - Alawar Entertainment Inc.)
Mahjongg Artifacts 2 (HKLM-x32\...\Mahjongg Artifacts 2) (Version: - Alawar Entertainment Inc.)
Malwarebytes version 3.3.1.2183 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.3.1.2183 - Malwarebytes)
MarketResearch (HKLM-x32\...\{175F0111-2968-4935-8F70-33108C6A4DE3}) (Version: 130.0.374.000 - Hewlett-Packard) Hidden
MemTweakIt (HKLM-x32\...\{E51AAC3A-D66D-4912-B883-DAFBA249D10F}) (Version: 2.02.01 - ASUSTeK Computer Inc.)
Microsoft .NET Framework 4.7 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.02053 - Microsoft Corporation)
Microsoft Office 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 16.0.8827.2148 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1439322100-2213096863-3173725656-1000\...\OneDriveSetup.exe) (Version: 17.3.6998.0830 - Microsoft Corporation)
Microsoft Primary Interoperability Assemblies 2005 (HKLM-x32\...\{2C303EE0-A595-3543-A71A-931C7AC40EDE}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40649 (HKLM-x32\...\{35b83883-40fa-423c-ae73-2aff7e1ea820}) (Version: 12.0.40649.5 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24212 (HKLM-x32\...\{323dad84-0974-4d90-a1c1-e006c7fdbb7d}) (Version: 14.0.24212.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24212 (HKLM-x32\...\{462f63a8-6347-4894-a1b3-dbfe3a4c981d}) (Version: 14.0.24212.0 - Microsoft Corporation)
Minecraft (HKLM-x32\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang)
Mirror's Edge Catalyst (HKLM-x32\...\{12228a0d-f6ad-4691-82af-d2c643424468}) (Version: 1.0.3.47248 - Electronic Arts)
mmCARD Recovery (HKLM-x32\...\mmCARD Recovery) (Version: 3 - DigitalLeo Ltd.)
Monster House 1.0 (HKLM-x32\...\Monster House) (Version: 1.0 - Viva Media, LLC)
Motion Graphics Toolkit for Studio (HKLM-x32\...\{E5C99F9E-E97D-40B6-BAFC-8BCBFF1031E4}) (Version: 1.0.1 - Red Giant) Hidden
Motion Graphics Toolkit for Studio (HKLM-x32\...\InstallShield_{E5C99F9E-E97D-40B6-BAFC-8BCBFF1031E4}) (Version: 1.0.1 - Red Giant)
Motorola Device Manager (HKLM-x32\...\{28DB8373-C1BB-444F-A427-A55585A12ED7}) (Version: 2.2.28 - Motorola Mobility)
Motorola Device Software Update (HKLM-x32\...\{2AADC4EE-94C8-422B-977B-547774C4A463}) (Version: 1.0.40 - Motorola Mobility) Hidden
Motorola MMCP Drivers Installation 1.0.3 (HKLM\...\{98308D2E-57F7-4F76-9D85-CB00810426B5}) (Version: 1.0.3 - Motorola Inc.)
Motorola Mobile Drivers Installation 5.9.0 (HKLM\...\{4E7CCB76-687B-4C53-9A5E-08780AF3A551}) (Version: 5.9.0 - Motorola Inc.) Hidden
Motorola Software Update (HKLM-x32\...\{241C1CF5-9112-442C-B919-F0ADB50F343E}) (Version: 01.16.42 - Motorola)
Mozilla Firefox 58.0.1 (x64 en-US) (HKLM\...\Mozilla Firefox 58.0.1 (x64 en-US)) (Version: 58.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 56.0.1 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
My Farm Life (HKLM-x32\...\My Farm Life) (Version: 1.0 - Alawar Entertainment Inc.)
Myst Online: Uru Live (remove only) (HKLM-x32\...\MOUL) (Version: - )
Mysteries of Horus (HKLM-x32\...\Mysteries of Horus) (Version: 1.0 - Viva Media LLC)
Mystery Cookbook (HKLM-x32\...\Mystery Cookbook) (Version: - Alawar Entertainment Inc.)
NahimicSettingsConfigurator (HKLM\...\{3094F0B9-A3E1-4A01-9B0F-2531645C72CF}) (Version: 1.2.401 - ASUSTeKcomputer.Inc) Hidden
Natalie Brooks - Secrets of Treasure House (HKLM-x32\...\Natalie Brooks - Secrets of Treasure House) (Version: - Alawar Entertainment Inc.)
Natalie Brooks - The Treasures of the Lost Kingdom (HKLM-x32\...\Natalie Brooks - The Treasures of the Lost Kingdom ) (Version: 1.0 - Alawar Entertainment Inc.)
Network64 (HKLM\...\{05EFBF37-0E52-4579-875C-7EEF0DFB4FCB}) (Version: 130.0.572.000 - Hewlett-Packard) Hidden
Nik Collection (HKLM-x32\...\Nik Collection) (Version: 1.2.11 - Google)
OCR Software by I.R.I.S. 13.0 (HKLM\...\HPOCR) (Version: 13.0 - HP)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.8827.2148 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.8827.2148 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0409-1000-0000000FF1CE}) (Version: 16.0.8827.2148 - Microsoft Corporation) Hidden
OpenGL Extensions Viewer 5.0 (HKLM-x32\...\GLVIEW3) (Version: 508 - )
OpinionSquare (HKLM-x32\...\{9cf77345-ac1f-46e5-83ff-79676bee4d6b}) (Version: 1.3.337.407 - TMRG, Inc.)
Oracle VM VirtualBox 5.1.0_Sirrix (HKLM\...\{3E94027F-171C-4D95-BAD6-AD97AB64A539}) (Version: 5.1.0 - Sirrix AG)
Oriental Dreams (HKLM-x32\...\Oriental Dreams) (Version: - Alawar Entertainment Inc.)
Origin (HKLM-x32\...\Origin) (Version: 10.5.10.24870 - Electronic Arts, Inc.)
Paradise (HKLM-x32\...\Paradise_is1) (Version: - White Birds Productions)
PC Inspector File Recovery (HKLM-x32\...\{0DD140D3-9563-481E-AA75-BA457CBDAEF2}) (Version: 4.0 - )
PC Inspector smart recovery (HKLM-x32\...\{C9A87D86-FDFD-418B-BF96-EF09320973B3}) (Version: 4.50 - )
Pet Show Craze (HKLM-x32\...\Pet Show Craze) (Version: - Alawar Entertainment Inc.)
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9.141.259 - Google, Inc.)
Pinnacle Studio 17 - Install Manager (HKLM-x32\...\{F04D92CC-5C3A-46FA-9C98-6EACBDD262FF}) (Version: 17.0.131 - Corel Corporation)
Pinnacle Studio 17 - Standard Content Pack (HKLM-x32\...\{BA98BFA8-5EDF-450B-A92E-C096DC135D0E}) (Version: 17.0 - Corel Corporation)
Pinnacle Studio 17 (HKLM-x32\...\{3DA8F808-72E2-4361-82EC-433081D23005}) (Version: 17.6.0.332 - Corel Corporation)
PlaysTV (HKLM-x32\...\PlaysTV) (Version: 1.27.5-r125535-release - Plays.tv, LLC)
PRB Line (HKLM-x32\...\PRB Line) (Version: - )
Premium Pack Volumes 1-2 (HKLM-x32\...\{88C4D8A6-9954-46A0-965D-92E55DAB8734}) (Version: 2.0.1 - Corel Corporation)
Prince of Persia (HKLM-x32\...\{7C11154F-3539-4CB5-979D-EF7913473E53}) (Version: 1.0 - Ubisoft)
PS_AIO_02_Software (HKLM-x32\...\{94F8D42D-BB31-4858-9705-7D756D8D9655}) (Version: 130.0.365.000 - Hewlett-Packard) Hidden
PS_AIO_02_Software_Min (HKLM-x32\...\{685B0843-6C8D-4E42-B60D-2B86B45526E0}) (Version: 130.0.365.000 - Hewlett-Packard) Hidden
QuickTime 7 (HKLM-x32\...\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 - Apple Inc.)
Raptr (HKLM-x32\...\Raptr) (Version: 5.2.11-r125663-release - Raptr, Inc)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7982 - Realtek Semiconductor Corp.)
Recover Files 3.31 (HKLM-x32\...\Recover Files_is1) (Version: - Undelete & Unerase, Inc.)
Recuva (HKLM\...\Recuva) (Version: 1.51 - Piriform)
Refresher (HKLM-x32\...\Refresher) (Version: - )
Rescue Frenzy (HKLM-x32\...\Rescue Frenzy) (Version: 1.0 - Alawar Entertainment Inc.)
Revo Uninstaller Pro 3.2.0 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 3.2.0 - VS Revo Group, Ltd.)
RIFT (HKLM-x32\...\{D7A0A22A-C132-4B6F-8D68-67B95117DE93}) (Version: 1.0.0 - Trion Worlds, Inc.) Hidden
RIFT (HKLM-x32\...\InstallShield_{D7A0A22A-C132-4B6F-8D68-67B95117DE93}) (Version: 1.0.0 - Trion Worlds, Inc.)
ROBLOX Player (HKLM-x32\...\{373B1718-8CC5-4567-8EE2-9033AD08A680}) (Version: - ROBLOX Corporation)
Roblox Player for Peter (HKU\S-1-5-21-1439322100-2213096863-3173725656-1000\...\{373B1718-8CC5-4567-8EE2-9033AD08A680}) (Version: - Roblox Corporation)
Roblox Studio for Peter (HKU\S-1-5-21-1439322100-2213096863-3173725656-1000\...\{2922D6F1-2865-4EFA-97A9-94EEAB3AFA14}) (Version: - Roblox Corporation)
R-Studio 7.3 (HKLM-x32\...\R-Studio 7.3NSIS) (Version: 7.3.155233 - R-Tools Technology Inc.)
Samsung Magician (HKLM-x32\...\{29AE3F9F-7158-4ca7-B1ED-28A73ECDB215}_is1) (Version: 5.2.0.1610 - Samsung Electronics)
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.63.0 - Samsung Electronics Co., Ltd.)
Scan (HKLM-x32\...\{0F367CA3-3B2F-43F9-A44A-25A8EE69E45D}) (Version: 13.0.0.0 - Hewlett-Packard) Hidden
ScoreFitter Volumes 1-2 (HKLM-x32\...\{0FDA9ECA-6DA3-480E-B7A9-76F353AF6B6C}) (Version: 2.0.1 - Corel Corporation)
ScummVM 1.8.1 (HKLM-x32\...\ScummVM_is1) (Version: - The ScummVM Team)
Sea Bounty - Dead Man's Chest (HKLM-x32\...\Sea Bounty - Dead Man's Chest) (Version: - Alawar Entertainment Inc.)
Secunia PSI (3.0.0.10004) (HKLM-x32\...\Secunia PSI) (Version: 3.0.0.10004 - Secunia)
Sheep's Quest (HKLM-x32\...\Sheep's Quest) (Version: - Alawar Entertainment Inc.)
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 13.0 - HP)
Ski Resort Mogul (HKLM-x32\...\Ski Resort Mogul) (Version: 1.0 - Alawar Entertainment Inc.)
Sky Kingdoms (HKLM-x32\...\Sky Kingdoms) (Version: - Alawar Entertainment Inc.)
Sky Taxi 4 (HKLM-x32\...\Sky Taxi 4) (Version: 1.0 - Alawar Entertainment Inc.)
Skype Click to Call (HKLM-x32\...\{873F8E7C-10E6-449F-BD7E-5FBA7C8E1C9B}) (Version: 8.5.0.9167 - Microsoft Corporation)
Smart Defrag 5 (HKLM-x32\...\Smart Defrag_is1) (Version: 5.8.0 - IObit)
SmartSound Common Data (HKLM-x32\...\{B8A2869E-30CA-40C5-9CF8-BD7354E57EF8}) (Version: 1.1.0 - SmartSound Software Inc.) Hidden
SmartSound Common Data (HKLM-x32\...\InstallShield_{B8A2869E-30CA-40C5-9CF8-BD7354E57EF8}) (Version: 1.1.0 - SmartSound Software Inc.)
SmartWebPrinting (HKLM-x32\...\{DC635845-46D3-404B-BCB1-FC4A91091AFA}) (Version: 130.0.457.000 - Hewlett-Packard) Hidden
Snark Busters: All Revved Up! (HKLM-x32\...\Snark Busters: All Revved Up!) (Version: 1.0 - Alawar Entertainment Inc.)
Snark Busters: Welcome to the Club (HKLM-x32\...\Snark Busters: Welcome to the Club) (Version: 1.0 - Alawar Entertainment Inc.)
Snowy Puzzle Islands 1.0 (HKLM-x32\...\Snowy Puzzle Islands) (Version: 1.0 - Viva Media, LLC)
Snowy: Fish Frenzy (HKLM-x32\...\Snowy: Fish Frenzy) (Version: 1.0 - Alawar Entertainment Inc.)
Snowy: Lunch Rush (HKLM-x32\...\Snowy: Lunch Rush) (Version: 1.0 - Alawar Entertainment Inc.)
Snowy: Space Trip (HKLM-x32\...\Snowy: Space Trip) (Version: 1.0 - Alawar Entertainment Inc.)
Snowy: The Bear's Adventures (HKLM-x32\...\Snowy: The Bear's Adventures) (Version: 1.0 - Alawar Entertainment Inc.)
Snowy: Treasure Hunter (HKLM-x32\...\Snowy: Treasure Hunter) (Version: 1.0 - Alawar Entertainment Inc.)
Snowy: Treasure Hunter 2 (HKLM-x32\...\Snowy: Treasure Hunter 2) (Version: 1.0 - Alawar Entertainment Inc.)
SolutionCenter (HKLM-x32\...\{4A70EF07-7F88-4434-BB61-D1DE8AE93DD4}) (Version: 130.0.373.000 - Hewlett-Packard) Hidden
Sonic Radar (HKLM\...\{0FB2E1BE-0747-468A-AD6B-4043B7BDDED5}) (Version: 1.2.401 - ASUSTeKcomputer.Inc)
Sonic Radar (HKLM\...\{A14FEAA1-142B-4DAF-87C1-500764B0383D}) (Version: 1.1.201 - ASUSTeKcomputer.Inc)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version: - )
SpeedyFixer 7.3 (HKU\S-1-5-21-1439322100-2213096863-3173725656-1000\...\{ACFE6C69-8528-41A3-B06B-CE5C7FE4398B}_is1) (Version: 7.3 - Blue Century Software)
Spotify (HKU\S-1-5-21-1439322100-2213096863-3173725656-1000\...\Spotify) (Version: 1.0.64.399.g4637b02a - Spotify AB)
Sprill - The Mystery of The Bermuda Triangle (HKLM-x32\...\Sprill - The Mystery of The Bermuda Triangle) (Version: - Alawar Entertainment Inc.)
Sprill and Ritchie - Adventures In Time (HKLM-x32\...\Sprill and Ritchie - Adventures In Time) (Version: - Alawar Entertainment Inc.)
Stand O'Food (HKLM-x32\...\Stand O'Food) (Version: - Alawar Entertainment Inc.)
STAR WARS Battlefront (HKLM-x32\...\{E402D891-4E45-4ce9-B41F-DD35864EF170}) (Version: 1.0.7.64833 - Electronic Arts)
Status (HKLM-x32\...\{0EF5BEA9-B9D3-46d7-8958-FB69A0BAEACC}) (Version: 130.0.469.000 - Hewlett-Packard) Hidden
Steam (HKLM-x32\...\Steam) (Version: - Valve Corporation)
Strike Ball 3 (HKLM-x32\...\Strike Ball 3) (Version: - Alawar Entertainment Inc.)
SUABnR (HKLM-x32\...\{2485354C-6B65-4978-BB91-CCE61442377B}) (Version: 1.1.0.13103_1 - Samsung Electronics Co., Ltd.) Hidden
SUABnR (HKLM-x32\...\InstallShield_{2485354C-6B65-4978-BB91-CCE61442377B}) (Version: 1.1.0.13103_1 - Samsung Electronics Co., Ltd.)
Summer Resort Mogul 1.0 (HKLM-x32\...\Summer Resort Mogul) (Version: 1.0 - Viva Media, LLC)
Sunshine Acres (HKLM-x32\...\Sunshine Acres) (Version: 1.0 - Alawar Entertainment Inc.)
Supermarket Mania (HKLM-x32\...\Supermarket Mania) (Version: - Alawar Entertainment Inc.)
The Curse Of Montezuma (HKLM-x32\...\The Curse Of Montezuma) (Version: - Alawar Entertainment Inc.)
The Enchanting Islands (HKLM-x32\...\The Enchanting Islands) (Version: - Alawar Entertainment Inc.)
The Joy of Farming (HKLM-x32\...\The Joy of Farming) (Version: 1.0 - Alawar Entertainment Inc.)
The Treasures Of Montezuma (HKLM-x32\...\The Treasures Of Montezuma) (Version: - Alawar Entertainment Inc.)
The Treasures Of Montezuma 2 (HKLM-x32\...\The Treasures Of Montezuma 2) (Version: - Alawar Entertainment Inc.)
The Witcher Enhanced Edition Director's Cut (HKLM-x32\...\1207658924_is1) (Version: 2.1.0.15 - GOG.com)
Time Breaker (HKLM-x32\...\Time Breaker) (Version: 1.0 - Alawar Entertainment Inc.)
Titanfall (HKLM-x32\...\{347EE0C3-0690-48F6-A231-53853C2A80D6}) (Version: 1.0.10.1 - Electronic Arts)
Title Extreme (HKLM-x32\...\{F7214014-27EE-4237-9978-2F9D1551559B}) (Version: 2.0.1 - Corel Corporation)
Tomb Raider: Anniversary 1.0 (HKLM-x32\...\Tomb Raider: Anniversary) (Version: - )
Toolbox (HKLM-x32\...\{6BBA26E9-AB03-4FE7-831A-3535584CA002}) (Version: 130.0.648.000 - Hewlett-Packard) Hidden
Tory's Shop'n'Rush 1.0 (HKLM-x32\...\Tory's Shop'n'Rush) (Version: 1.0 - Viva Media, LLC)
TrayApp (HKLM-x32\...\{1EC71BFB-01A3-4239-B6AF-B1AE656B15C0}) (Version: 130.0.422.000 - Hewlett-Packard) Hidden
Treasure Masters, Inc. (HKLM-x32\...\Treasure Masters, Inc.) (Version: - Alawar Entertainment Inc.)
Tropical Farm (HKLM-x32\...\Tropical Farm ) (Version: 1.0 - Alawar Entertainment Inc.)
TurboTax 2014 (HKLM-x32\...\TurboTax 2014) (Version: 2014.0 - Intuit, Inc)
TurboTax 2015 (HKLM-x32\...\TurboTax 2015) (Version: 2015.0 - Intuit, Inc)
Turtix - Rescue Adventure (HKLM-x32\...\Turtix - Rescue Adventure) (Version: 1.0 - Alawar Entertainment Inc.)
Turtix (HKLM-x32\...\Turtix) (Version: - Alawar Entertainment Inc.)
Unity Web Player (HKU\S-1-5-21-1439322100-2213096863-3173725656-1000\...\UnityWebPlayer) (Version: 5.0.3f2 - Unity Technologies ApS)
UnloadSupport (HKLM-x32\...\{4E7C28C7-D5DA-4E9F-A1CA-60490B54AE35}) (Version: 11.0.0 - Hewlett-Packard) Hidden
Unravel (HKLM-x32\...\{5105E605-9EE7-4050-9CC0-005093BBF89A}) (Version: 1.0.0.0 - Electronic Arts, Inc.)
Vacation Mogul (HKLM-x32\...\Vacation Mogul) (Version: - Alawar Entertainment Inc.)
Vampires vs Zombies (HKLM-x32\...\Vampires vs Zombies) (Version: 1.0 - Viva Media, LLC)
VC_CRT_x64 (HKLM\...\{54F2237F-018C-483B-8884-9FC0D88840C3}) (Version: 1.02.0000 - Intel Corporation) Hidden
Verizon Wireless Software Upgrade Assistant - Samsung(ar) (HKLM-x32\...\{6B8AC866-8C52-4FAE-BCD7-F80713F513F9}) (Version: 3.17.0601 - Samsung Electronics Co., Ltd.)
Virtual Farm (HKLM-x32\...\Virtual Farm ) (Version: 1.0 - Alawar Entertainment Inc.)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.6 - VideoLAN)
Vulkan Run Time Libraries 1.0.3.1 (HKLM\...\VulkanRT1.0.3.1) (Version: 1.0.3.1 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.37.0 (HKLM\...\VulkanRT1.0.37.0) (Version: 1.0.37.0 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.39.1 (HKLM\...\VulkanRT1.0.39.1) (Version: 1.0.39.1 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.65.0 (HKLM\...\VulkanRT1.0.65.0) (Version: 1.0.65.0 - LunarG, Inc.) Hidden
WD Drive Utilities (HKLM-x32\...\{2F540611-6560-470F-924A-5F52EFA9156F}) (Version: 1.0.5.7 - Western Digital Technologies, Inc.)
WD Quick View (HKLM-x32\...\{F4F2EF32-EAFE-4F87-B7DC-E19C9F8E76FC}) (Version: 2.4.16.16 - Western Digital Technologies, Inc.)
WD Security (HKLM-x32\...\{A95E3E66-D5A4-404E-997D-02562AA492E8}) (Version: 1.0.5.7 - Western Digital Technologies, Inc.)
WD SES Driver Setup (HKLM-x32\...\{924A274D-38B6-4930-8859-F3F51CFA8DDD}) (Version: 1.0.5.7 - Western Digital) Hidden
WD SmartWare (HKLM\...\{515B34CA-1229-4EDA-AE7C-53CBA68B8A7A}) (Version: 2.4.16.16 - Western Digital Technologies, Inc.)
WD SmartWare Installer (HKLM-x32\...\{4555885d-a64c-4234-9aac-72a8a6b5590b}) (Version: 2.4.16.16 - Western Digital Technologies, Inc.)
WebReg (HKLM-x32\...\{43CDF946-F5D9-4292-B006-BA0D92013021}) (Version: 130.0.132.017 - Hewlett-Packard) Hidden
WebStorage (HKLM-x32\...\WebStorage) (Version: 2.0.1.213 - ASUS Cloud Corporation)
WIDCOMM Bluetooth Software (HKLM\...\{A1439D4F-FD46-47F2-A1D3-FEE097C29A09}) (Version: 6.5.1.4800 - Broadcom Corporation)
Windows Driver Package - OLYMPUS IMAGING CORP. (VNUSB) VNUSB (09/29/2009 2.0.0.0) (HKLM\...\75BD84FDFF77342C2A347F729669CBD84CE11B04) (Version: 09/29/2009 2.0.0.0 - OLYMPUS IMAGING CORP.)
Windows Resource Kit Tools - SubInAcl.exe (HKLM-x32\...\{D3EE034D-5B92-4A55-AA02-2E6D0A6A96EE}) (Version: 5.2.3790.1164 - Microsoft Corporation)
WinPcap 4.1.3 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2980 - Riverbed Technology, Inc.)
WinRAR 5.40 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH)
WinZip 19.0 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240E7}) (Version: 19.0.11294 - WinZip Computing, S.L. )
Wireshark 2.2.7 (32-bit) (HKLM-x32\...\Wireshark) (Version: 2.2.7 - The Wireshark developer community, hxxps://www.wireshark.org)
WizTree v2.01 (HKLM-x32\...\WizTree_is1) (Version: - Antibody Software)
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version: - Blizzard Entertainment)
Yahoo! Messenger (HKLM-x32\...\Yahoo! Messenger) (Version: - Yahoo! Inc.)
Yahoo! Software Update (HKLM-x32\...\Yahoo! Software Update) (Version: - )
Zak & Jack in Showdown at Monstertown (HKLM-x32\...\Zak & Jack in Showdown at Monstertown) (Version: 1.0 - Alawar Entertainment Inc.)
Zhu Zhu Pets (HKLM-x32\...\BFG-Zhu Zhu Pets) (Version: - )

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [!AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7191} => C:\Program Files (x86)\Common Files\AWS\2.0.1.213\ASUSWSShellExt64.dll [2013-06-25] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D809} => C:\Program Files (x86)\Common Files\AWS\2.0.1.213\ASUSWSShellExt64.dll [2013-06-25] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_U] -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4E} => C:\Program Files (x86)\Common Files\AWS\2.0.1.213\ASUSWSShellExt64.dll [2013-06-25] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers1-x32: [12Ghosts 2ndBackup] -> {00000000-0002-5041-4354-0020e48020af} => C:\Program Files (x86)\12Ghosts\12b2menu.dll [2010-02-04] (12Ghosts Inc. - www.12Ghosts.com)
ContextMenuHandlers1-x32: [12Ghosts ShellX] -> {00000000-0001-5041-4354-0020e48020af} => C:\Program Files (x86)\12Ghosts\12shellx.dll [2010-02-04] (12Ghosts Inc. - www.12Ghosts.com)
ContextMenuHandlers1-x32: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov)
ContextMenuHandlers1-x32: [Advanced SystemCare] -> {2803063F-4B8D-4dc6-8874-D1802487FE2D} => C:\Program Files (x86)\IObit\Advanced SystemCare\ASCExtMenu_64.dll -> No File
ContextMenuHandlers1-x32: [Comodo Antivirus] -> {4255A182-CAD9-4214-A19B-7BA7FB633BBD} => -> No File
ContextMenuHandlers1-x32: [DaemonShellExtImage] -> {40966797-8FFE-46C8-9EF8-7003F33CCF0F} => C:\Program Files (x86)\DAEMON Tools Pro\DTShl64.dll [2012-12-27] (DT Soft Ltd)
ContextMenuHandlers1-x32: [ReflectShellExt] -> {DEBB9B79-B3DD-47F4-9E5C-EA6975BAB611} => C:\Program Files\Macrium\Reflect\RContextMenu.dll [2017-10-01] (Paramount Software UK Ltd)
ContextMenuHandlers1-x32: [SmartDefragExtension] -> {189F1E63-33A7-404B-B2F6-8C76A452CC54} => C:\Windows\System32\IObitSmartDefragExtension.dll [2016-03-25] (IObit)
ContextMenuHandlers1-x32: [WDBackupMenuHandler] -> {C752BC82-C19A-4827-9C15-0996BA85C180} => C:\Program Files\Western Digital\WD SmartWare\\WDContextMenuHandler.dll [2016-04-19] (Western Digital Technologies, Inc.)
ContextMenuHandlers1-x32: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2016-08-14] (Alexander Roshal)
ContextMenuHandlers1-x32-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2016-08-14] (Alexander Roshal)
ContextMenuHandlers1-x32-x32: [WinZip] -> {E0D79304-84BE-11CE-9641-444553540000} => C:\Program Files\WinZip\wzshls64.dll [2014-12-15] (WinZip Computing, S.L.)
ContextMenuHandlers2-x32: [12Ghosts 2ndBackup] -> {00000000-0002-5041-4354-0020e48020af} => C:\Program Files (x86)\12Ghosts\12b2menu.dll [2010-02-04] (12Ghosts Inc. - www.12Ghosts.com)
ContextMenuHandlers2-x32: [12Ghosts ShellX] -> {00000000-0001-5041-4354-0020e48020af} => C:\Program Files (x86)\12Ghosts\12shellx.dll [2010-02-04] (12Ghosts Inc. - www.12Ghosts.com)
ContextMenuHandlers2-x32: [Advanced SystemCare] -> {2803063F-4B8D-4dc6-8874-D1802487FE2D} => C:\Program Files (x86)\IObit\Advanced SystemCare\ASCExtMenu_64.dll -> No File
ContextMenuHandlers2-x32: [CWDDriveMenuHandler] -> {CCEFA845-DCDB-4A2F-8BED-DBE87CD198EC} => C:\Program Files\Western Digital\WD SmartWare\\WDContextMenuHandler.dll [2016-04-19] (Western Digital Technologies, Inc.)
ContextMenuHandlers2-x32: [DaemonShellExtDrive] -> {A5415364-784A-41A5-B47A-D452909CA8FF} => C:\Program Files (x86)\DAEMON Tools Pro\DTShl64.dll [2012-12-27] (DT Soft Ltd)
ContextMenuHandlers2-x32: [ReflectShellExt] -> {DEBB9B79-B3DD-47F4-9E5C-EA6975BAB611} => C:\Program Files\Macrium\Reflect\RContextMenu.dll [2017-10-01] (Paramount Software UK Ltd)
ContextMenuHandlers3: [BackupContextMenuExtension] -> {b1b96b20-da1d-4a3c-92c1-7229b32f2326} => C:\Windows\SYSTEM32\mscoree.dll [2010-11-20] (Microsoft Corporation)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => E:\Program Files\Anti-Malware\mbshlext.dll [2017-11-01] (Malwarebytes)
ContextMenuHandlers4-x32: [12Ghosts 2ndBackup] -> {00000000-0002-5041-4354-0020e48020af} => C:\Program Files (x86)\12Ghosts\12b2menu.dll [2010-02-04] (12Ghosts Inc. - www.12Ghosts.com)
ContextMenuHandlers4-x32: [12Ghosts ShellX] -> {00000000-0001-5041-4354-0020e48020af} => C:\Program Files (x86)\12Ghosts\12shellx.dll [2010-02-04] (12Ghosts Inc. - www.12Ghosts.com)
ContextMenuHandlers4-x32: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov)
ContextMenuHandlers4-x32: [Advanced SystemCare] -> {2803063F-4B8D-4dc6-8874-D1802487FE2D} => C:\Program Files (x86)\IObit\Advanced SystemCare\ASCExtMenu_64.dll -> No File
ContextMenuHandlers4-x32: [WinZip] -> {E0D79304-84BE-11CE-9641-444553540000} => C:\Program Files\WinZip\wzshls64.dll [2014-12-15] (WinZip Computing, S.L.)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => -> No File
ContextMenuHandlers6-x32: [12Ghosts 2ndBackup] -> {00000000-0002-5041-4354-0020e48020af} => C:\Program Files (x86)\12Ghosts\12b2menu.dll [2010-02-04] (12Ghosts Inc. - www.12Ghosts.com)
ContextMenuHandlers6-x32: [12Ghosts ShellX] -> {00000000-0001-5041-4354-0020e48020af} => C:\Program Files (x86)\12Ghosts\12shellx.dll [2010-02-04] (12Ghosts Inc. - www.12Ghosts.com)
ContextMenuHandlers6-x32: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov)
ContextMenuHandlers6-x32: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => E:\Program Files\Anti-Malware\mbshlext.dll [2017-11-01] (Malwarebytes)
ContextMenuHandlers6-x32: [RUShellExt] -> {2C5515DC-2A7E-4BFD-B813-CACC2B685EB7} => C:\Program Files\VS Revo Group\Revo Uninstaller Pro\RUExt.dll [2012-12-29] (VS Revo Group)
ContextMenuHandlers6-x32: [SmartDefragExtension] -> {189F1E63-33A7-404B-B2F6-8C76A452CC54} => C:\Windows\System32\IObitSmartDefragExtension.dll [2016-03-25] (IObit)
ContextMenuHandlers6-x32: [WDBackupMenuHandler] -> {C752BC82-C19A-4827-9C15-0996BA85C180} => C:\Program Files\Western Digital\WD SmartWare\\WDContextMenuHandler.dll [2016-04-19] (Western Digital Technologies, Inc.)
ContextMenuHandlers6-x32: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2016-08-14] (Alexander Roshal)
ContextMenuHandlers6-x32-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2016-08-14] (Alexander Roshal)
ContextMenuHandlers6-x32-x32: [WinZip] -> {E0D79304-84BE-11CE-9641-444553540000} => C:\Program Files\WinZip\wzshls64.dll [2014-12-15] (WinZip Computing, S.L.)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {03F651E1-16BB-4AE8-96A8-A111D8CE5AAF} - System32\Tasks\SmartDefrag_Update => C:\Program Files (x86)\IObit\Smart Defrag\AutoUpdate.exe [2017-07-28] (IObit)
Task: {095CFDC1-EC51-41A5-B592-D723596C0A3D} - System32\Tasks\Motorola Device Manager Engine => C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotorolaDeviceManagerUpdate.exe [2012-07-17] ()
Task: {0FDC0871-F7F3-4A91-8B9D-4520CF998129} - System32\Tasks\Start Corsair Link => C:\Program Files (x86)\Corsair\Corsair Link\CorsairLINK.exe [2015-02-16] ()
Task: {12E9BED9-9B54-4B03-BE4A-2F00C5D4D71F} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {16F967CD-C067-4A96-B5A3-DF4429579F64} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {35B196B7-D7E7-47DC-B7FE-77140AD83F1D} - System32\Tasks\{37F07D5F-29C0-463B-9B47-5F4F224B8DA2} => C:\Windows\system32\pcalua.exe -a C:\Users\Peter\Downloads\dixmlsetup.exe -d C:\Users\Peter\Downloads
Task: {385A1899-4D48-479D-87DD-9F62F32B06EA} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {396062FF-C8BC-4B0B-A435-F4357465EDB6} - System32\Tasks\ASUS\ASUS Product Register Service => C:\Program Files (x86)\ASUS\APRP\aprp.exe [2013-08-27] (ASUSTek Computer Inc.)
Task: {3B9507AD-7E29-4DAB-A7EE-DB330F93ED45} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018-01-21] (Microsoft Corporation)
Task: {46958B6E-6F8A-4931-96AF-3D198C5BB91E} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [2017-12-06] (Advanced Micro Devices, Inc.)
Task: {4901A8B5-C850-47E8-B49D-6AB0E0E6BB5E} - System32\Tasks\{F686285D-2AC5-497A-8279-79F6906B546C} => C:\Users\Peter\Desktop\BLACK BUCCANEER\setup.exe [2006-05-23] (10Tacle )
Task: {4E216687-E9DC-469D-8656-2DD47A1F751C} - \DriverMax Notification -> No File <==== ATTENTION
Task: {5EA316E4-BB4E-4DA6-B344-8FDFF8E87C50} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018-01-21] (Microsoft Corporation)
Task: {6046DDE0-B407-4FF3-B74B-5A2E09A562F2} - System32\Tasks\{F8E4E30D-0E6F-4A4D-BCCB-0BE892AA56EE} => E:\SteamLibrary\steamapps\common\Myst Masterpiece\Myst.exe [2017-07-18] ()
Task: {636C7A6D-D3CC-4060-AA68-62103242F514} - \ASC10_SkipUac_adm -> No File <==== ATTENTION
Task: {63CE2969-4B1A-4D92-8B3D-C43799B5D1E8} - System32\Tasks\StartDVR => C:\Program Files\AMD\CNext\CNext\dvrcmd.exe [2017-12-06] (Advanced Micro Devices, Inc.)
Task: {660CA881-F622-43D3-9704-97CC7C0848D4} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2018-01-15] (Microsoft Corporation)
Task: {6633FB95-F9DC-4208-BEF6-F9621319AAE2} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {74979589-00D9-4679-A0E9-0D5AB1BB2F30} - System32\Tasks\Motorola Device Manager Initial Update => C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotorolaDeviceManagerUpdate.exe [2012-07-17] ()
Task: {75147590-8AE2-4FCB-9427-92C610F81DA8} - System32\Tasks\WiseCleaner\WMOSkipUAC => C:\Program Files (x86)\Wise\Wise Memory Optimizer\WiseMemoryOptimzer.exe
Task: {78901E9E-4278-453F-8931-7B0EB8E67DDF} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-09-27] (Adobe Systems Incorporated)
Task: {7AE744A6-509C-4E29-834E-13CFDDA2B88C} - System32\Tasks\Uninstaller_SkipUac_Mike => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe
Task: {7D047625-0D4C-49B1-9C2C-889917C55213} - System32\Tasks\{D8C36108-D826-4703-9629-487BD1ABEF27} => C:\Windows\system32\pcalua.exe -a C:\Users\Mike\ashampoo_firewall_free_120_sm.exe -d C:\Users\Mike
Task: {7DA0BD5C-E1A5-463B-99DE-919B0A1D8DAD} - \Zookaware Scheduled Update Check -> No File <==== ATTENTION
Task: {7F4F7054-CD0B-4309-8157-F3A12803434F} - System32\Tasks\{DD0B1554-5C14-4886-88C0-375368DC80F9} => E:\SteamLibrary\steamapps\common\Myst Masterpiece\Myst.exe [2017-07-18] ()
Task: {803127DB-3FA6-4126-81E2-90808B0069D4} - System32\Tasks\McAfee Remediation (Prepare) => C:\Program Files\Common Files\AV\McAfee Anti-Virus And Anti-Spyware\upgrade.exe [2016-03-01] (McAfee, Inc.)
Task: {83660075-8403-48D1-B4D2-B11136583EA1} - System32\Tasks\{BD548CDD-8C33-4753-9AA3-6F21F86F1457} => E:\SteamLibrary\steamapps\common\Myst Masterpiece\Myst.exe [2017-07-18] ()
Task: {843C1510-490E-4631-B627-237ACCC15C90} - System32\Tasks\WiseCleaner\WDRSkipUAC => C:\Program Files (x86)\Wise\Wise Data Recovery\WiseDataRecovery.exe
Task: {8A79BA91-5174-45DC-818B-E7C0D7BC7FB6} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {93FB7EEF-4A45-4D6E-96B7-4D74A3C73C3E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {94CB06E7-11B1-47FC-B768-6C02D77B0EFC} - System32\Tasks\Application Starter - f1375f225883e83d52e8db9690775c3c => C:\Program Files (x86)\Innovative Solutions\DriverMax\innostp.exe
Task: {94E5884E-FA7E-4453-A8EA-9365B0728B32} - \Driver Booster Scheduler -> No File <==== ATTENTION
Task: {9710ACF0-BCA5-4C11-B93A-F8DA73B5DD9A} - System32\Tasks\{27D73459-7F47-4823-AE51-9BA13BC52BFC} => E:\SteamLibrary\steamapps\common\Myst Masterpiece\Myst.exe [2017-07-18] ()
Task: {9D62B3C7-C8C7-4BC1-BDB7-D969B1605206} - \DriverMaxAgent -> No File <==== ATTENTION
Task: {A6DAB744-68A6-4104-B731-23A1ABF6B1AD} - \ASC10_PerformanceMonitor -> No File <==== ATTENTION
Task: {B3756EFF-A90A-4348-B043-8767AB2E040F} - System32\Tasks\{A9618B4E-6D54-42E7-A76D-80E59068EAF9} => C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\Origin\vcredist_x64_vs2010.exe" -d "C:\Program Files (x86)\Origin" -c /q
Task: {B4E55EA3-7341-4F08-BF56-4880B9899B15} - System32\Tasks\SmartDefrag_Startup => C:\Program Files (x86)\IObit\Smart Defrag\SmartDefrag.exe [2017-12-20] (IObit)
Task: {C03FBAE2-CA4E-430C-8C10-BFA63775254F} - System32\Tasks\SmartDefrag_AutoAnalyze => C:\Program Files (x86)\IObit\Smart Defrag\AutoDefrag.exe [2016-06-06] (IObit)
Task: {C7EFBADA-CE5B-48E1-B50E-2001A6488CCA} - System32\Tasks\Motorola Device Manager Update => C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotorolaDeviceManagerUpdate.exe [2012-07-17] ()
Task: {C9300441-269A-4BAE-BDC8-8648B6CA00C3} - \ASC10_SkipUac_Peter -> No File <==== ATTENTION
Task: {CA3685E2-761E-4A33-804E-423E4E0905A5} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2018-01-15] (Microsoft Corporation)
Task: {D1604E71-36F9-425B-8B69-1B89E43A185D} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2018-01-21] (Microsoft Corporation)
Task: {E8E0AFAC-719C-4F74-B2BA-675A6732CE86} - \DriverMaxWelcome -> No File <==== ATTENTION
Task: {EAD456EF-069A-47ED-8D10-C90E754E8C0C} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_24_0_0_194_pepper.exe [2017-02-10] (Adobe Systems Incorporated)
Task: {EB159061-A277-45DA-A8A4-5A7D08913B5A} - System32\Tasks\ASUS\RC TweakIt Server Execute => C:\Program Files (x86)\ASUS\ASUS ROG Connect Plus\RC TweakIt Server\AsBCLK.exe [2013-04-12] ()
Task: {EB8CA187-5960-4CED-874F-D54CD2123F0C} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2017-02-14] (Apple Inc.)
Task: {F1BB1B85-A61B-44A8-AFA4-CED44D9465E6} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-12-28] (Adobe Systems Incorporated)
Task: {F22A7615-B859-433C-B37A-3E174B1FA3B5} - System32\Tasks\Uninstaller_SkipUac_Peter => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe
Task: {F38A100C-A9E1-473E-AE8C-4E01F626B79A} - \Driver Booster SkipUAC (Peter) -> No File <==== ATTENTION
Task: {F3F1B983-7441-4CFA-A322-6F5CA21E7A99} - System32\Tasks\SamsungMagician => C:\Program Files (x86)\Samsung\Samsung Magician\SamsungMagician.exe [2018-01-08] (Samsung Electronics Co. Ltd.)
Task: {FC1DAB89-9FDE-4BBA-8DCE-F1659529B806} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_24_0_0_194_pepper.exe
Task: C:\Windows\Tasks\RunAsStdUser Task.job => C:\Program Files (x86)\IObit\IObit Uninstaller\NoteIcon.exe C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


Shortcut: C:\Users\Peter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\realtech VR\OpenGL Extensions Viewer 5.0\OpenGL Extensions Viewer 5.0 Home Page.lnk -> hxxp://www.realtech-vr.com/glview
Shortcut: C:\Users\Peter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\realtech VR\OpenGL Extensions Viewer 5.0\realtech VR Home Page.lnk -> hxxp://www.realtech-vr.com

ShortcutWithArgument: C:\Users\Peter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Helium Backup.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=gpglbgbpeobllokpmeagpoagjbfknanl

==================== Loaded Modules (Whitelisted) ==============

2017-05-08 23:44 - 2017-05-08 23:44 - 001354040 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2017-01-13 12:56 - 2017-01-13 12:56 - 000092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-04-02 22:49 - 2015-02-16 20:23 - 003113280 _____ () C:\Program Files (x86)\Corsair\Corsair Link\CorsairLINK.exe
2014-08-29 04:39 - 2013-06-04 16:41 - 000936728 ____N () C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe
2014-09-02 17:42 - 2013-04-12 09:07 - 001985848 _____ () C:\Program Files (x86)\ASUS\ASUS ROG Connect Plus\RC TweakIt Server\AsBCLK.exe
2016-11-09 09:45 - 2016-11-09 09:45 - 000118592 _____ () C:\Windows\system32\AcpiServiceVnA64.dll
2016-11-09 09:46 - 2016-11-09 09:46 - 000105312 _____ () C:\Windows\system32\audioLibVc.dll
2017-05-09 02:05 - 2017-05-09 02:05 - 001354040 _____ () C:\Program Files\iTunes\libxml2.dll
2017-05-09 02:05 - 2017-05-09 02:05 - 000092472 _____ () C:\Program Files\iTunes\zlib1.dll
2012-07-17 14:31 - 2012-07-17 14:31 - 000116632 _____ () C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe
2012-07-17 14:31 - 2012-07-17 14:31 - 000776088 _____ () C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperAgent.exe
2017-07-22 00:55 - 2017-07-22 00:55 - 000015360 _____ () C:\Program Files\AMD\CNext\CNext\libEGL.DLL
2017-07-22 00:55 - 2017-07-22 00:55 - 002519040 _____ () C:\Program Files\AMD\CNext\CNext\libGLESv2.dll
2017-11-13 09:44 - 2017-12-12 11:48 - 002301384 _____ () E:\PROGRAM FILES\ANTI-MALWARE\SelfProtectionSdk.dll
2017-11-13 09:44 - 2017-12-12 11:48 - 002358728 _____ () E:\PROGRAM FILES\ANTI-MALWARE\MwacLib.dll
2017-12-12 14:22 - 2017-12-12 14:22 - 000020184 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\QtWebEngineProcess.exe
2017-02-28 10:25 - 2018-01-21 03:27 - 001398952 _____ () C:\Program Files\Microsoft Office\Root\Office16\ADDINS\UmOutlookAddin.dll
2017-02-28 10:27 - 2017-12-01 06:00 - 001902776 _____ () C:\Program Files\Microsoft Office\root\Office16\ClientTelemetry.dll
2017-02-28 10:28 - 2018-01-21 03:29 - 000733360 _____ () C:\Program Files\Microsoft Office\root\Office16\msfad.dll
2017-07-02 00:34 - 2016-01-11 17:03 - 000899872 _____ () C:\Program Files (x86)\IObit\Smart Defrag\webres.dll
2017-07-02 00:34 - 2016-01-11 17:02 - 000630048 _____ () C:\Program Files (x86)\IObit\Smart Defrag\ProductStatistics.dll
2015-04-02 22:49 - 2015-02-09 10:52 - 000203264 _____ () C:\Program Files (x86)\Corsair\Corsair Link\UsbRobbins.dll
2015-04-02 22:49 - 2015-02-09 10:52 - 000203776 _____ () C:\Program Files (x86)\Corsair\Corsair Link\UsbClink.dll
2014-08-29 04:39 - 2018-01-31 23:16 - 000034304 _____ () C:\Program Files (x86)\ASUS\AXSP\1.01.02\PEbiosinterface32.dll
2014-08-29 04:39 - 2013-06-04 16:41 - 000104448 ____N () C:\Program Files (x86)\ASUS\AXSP\1.01.02\ATKEX.dll
2014-09-02 17:42 - 2013-03-07 09:43 - 000179712 _____ () C:\Program Files (x86)\ASUS\ASUS ROG Connect Plus\RC TweakIt Server\AsusService.dll
2014-09-02 17:42 - 2013-03-07 13:37 - 000470016 _____ () C:\Program Files (x86)\ASUS\ASUS ROG Connect Plus\RC TweakIt Server\IccHelper.dll
2017-12-12 14:22 - 2017-12-12 14:22 - 000033280 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\cx_Logging.cp35-win32.pyd
2017-12-12 14:22 - 2017-12-12 14:22 - 000103424 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\win32api.pyd
2017-12-12 14:22 - 2017-12-12 14:22 - 000111616 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\pywintypes35.dll
2017-12-12 14:22 - 2017-12-12 14:22 - 000041984 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\win32process.pyd
2017-12-12 14:22 - 2017-12-12 14:22 - 000405504 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\pythoncom35.dll
2017-12-12 14:22 - 2017-12-12 14:22 - 000173568 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\win32gui.pyd
2017-12-12 14:22 - 2017-12-12 14:22 - 001934336 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\PyQt5.QtGui.pyd
2017-12-12 14:22 - 2017-12-12 14:22 - 000077824 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\sip.pyd
2017-12-12 14:22 - 2017-12-12 14:22 - 001780736 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\PyQt5.QtCore.pyd
2017-12-12 14:22 - 2017-12-12 14:22 - 000505856 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\PyQt5.QtNetwork.pyd
2017-12-12 14:22 - 2017-12-12 14:22 - 003812864 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\PyQt5.QtWidgets.pyd
2015-05-07 19:37 - 2015-05-07 19:37 - 000087040 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\_ctypes.pyd
2015-05-07 19:37 - 2015-05-07 19:37 - 000043008 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\_socket.pyd
2015-05-07 19:37 - 2015-05-07 19:37 - 000805376 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\_ssl.pyd
2015-05-07 19:39 - 2015-05-07 19:39 - 005812736 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\PyQt4.QtGui.pyd
2017-05-04 13:01 - 2017-05-04 13:01 - 000067584 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\sip.pyd
2015-05-07 19:39 - 2015-05-07 19:39 - 001662464 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\PyQt4.QtCore.pyd
2015-05-07 19:39 - 2015-05-07 19:39 - 000494592 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\PyQt4.QtNetwork.pyd
2015-05-07 19:39 - 2015-05-07 19:39 - 000096256 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\win32api.pyd
2015-05-07 19:38 - 2015-05-07 19:38 - 000110592 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\pywintypes26.dll
2015-05-07 19:37 - 2015-05-07 19:37 - 000010240 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\select.pyd
2015-05-07 19:37 - 2015-05-07 19:37 - 000356864 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\_hashlib.pyd
2015-05-07 19:39 - 2015-05-07 19:39 - 000036352 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\win32process.pyd
2015-05-07 19:39 - 2015-05-07 19:39 - 000111104 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\win32file.pyd
2015-05-07 19:37 - 2015-05-07 19:37 - 000044544 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\_sqlite3.pyd
2015-05-07 19:49 - 2015-05-07 19:49 - 000417501 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\sqlite3.dll
2015-05-07 19:39 - 2015-05-07 19:39 - 000167936 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\win32gui.pyd
2015-05-07 19:39 - 2015-05-07 19:39 - 000313856 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\PyQt4.QtWebKit.pyd
2015-05-07 19:37 - 2015-05-07 19:37 - 000127488 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\pyexpat.pyd
2015-05-07 19:37 - 2015-05-07 19:37 - 000009216 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\winsound.pyd
2015-11-13 15:59 - 2015-11-13 15:59 - 000113171 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\libvlc.dll
2015-11-13 15:59 - 2015-11-13 15:59 - 002396691 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\libvlccore.dll
2015-05-07 19:37 - 2015-05-07 19:37 - 000583680 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\unicodedata.pyd
2015-05-07 19:38 - 2015-05-07 19:38 - 000354304 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\pythoncom26.dll
2015-05-07 19:38 - 2015-05-07 19:38 - 000263168 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\win32com.shell.shell.pyd
2017-12-12 14:22 - 2017-12-12 14:22 - 000021504 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\win32event.pyd
2017-12-12 14:22 - 2017-12-12 14:22 - 000113171 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\libvlc.dll
2017-12-12 14:22 - 2017-12-12 14:22 - 002396691 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\libvlccore.dll
2017-12-12 14:22 - 2017-12-12 14:22 - 000124416 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\win32file.pyd
2017-12-12 14:22 - 2017-12-12 14:22 - 000084992 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\PyQt5.QtSvg.pyd
2017-12-12 14:22 - 2017-12-12 14:22 - 000152064 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\PyQt5.QtWebEngineWidgets.pyd
2017-12-12 14:22 - 2017-12-12 14:22 - 000033792 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\PyQt5.QtWebEngineCore.pyd
2017-12-12 14:22 - 2017-12-12 14:22 - 000032256 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\PyQt5.QtWebChannel.pyd
2017-12-12 14:22 - 2017-12-12 14:22 - 000035328 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\simplejson._speedups.pyd
2017-12-12 14:22 - 2017-12-12 14:22 - 000372736 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\win32com.shell.shell.pyd
2017-12-12 14:22 - 2017-12-12 14:22 - 000013824 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\libEGL.dll
2017-12-12 14:22 - 2017-12-12 14:22 - 001983488 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\libGLESv2.dll
2017-12-12 14:22 - 2017-12-12 14:22 - 000271872 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\amd_ags.dll
2017-12-12 14:22 - 2017-12-12 14:22 - 002658512 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\ltc_host_ex.DLL
2017-12-12 14:22 - 2017-12-12 14:22 - 000027667 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\plugins\audio_output\libdirectsound_plugin.dll
2017-12-12 14:22 - 2017-12-12 14:22 - 000031251 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\plugins\audio_output\libwaveout_plugin.dll
2017-12-12 14:22 - 2017-12-12 14:22 - 000066579 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\plugins\video_output\libdirectdraw_plugin.dll
2015-05-07 19:39 - 2015-05-07 19:39 - 000141312 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\gobject._gobject.pyd
2017-05-04 11:33 - 2017-05-04 11:33 - 002717595 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\heliotrope._purple.pyd
2015-05-07 19:49 - 2015-05-07 19:49 - 001213633 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\libxml2-2.dll
2015-05-07 19:55 - 2015-05-07 19:55 - 000055808 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\zlib1.dll
2015-05-07 19:49 - 2015-05-07 19:49 - 000495680 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\plugins\libaim.dll
2015-05-07 19:49 - 2015-05-07 19:49 - 001183699 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\liboscar.dll
2015-05-07 19:49 - 2015-05-07 19:49 - 000483306 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\plugins\libicq.dll
2015-05-07 19:49 - 2015-05-07 19:49 - 000655356 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\plugins\libirc.dll
2015-05-07 19:49 - 2015-05-07 19:49 - 001306387 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\plugins\libmsn.dll
2015-05-07 19:49 - 2015-05-07 19:49 - 000565461 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\plugins\libxmpp.dll
2015-05-07 19:49 - 2015-05-07 19:49 - 001640221 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\libjabber.dll
2015-05-07 19:49 - 2015-05-07 19:49 - 000506276 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\plugins\libyahoo.dll
2015-05-07 19:49 - 2015-05-07 19:49 - 001053730 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\libymsg.dll
2015-05-07 19:49 - 2015-05-07 19:49 - 000497782 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\plugins\libyahoojp.dll
2015-05-07 19:49 - 2015-05-07 19:49 - 000603326 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\plugins\ssl-nss.dll
2015-05-07 19:49 - 2015-05-07 19:49 - 000474199 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\plugins\ssl.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\Temp:2CB9631F [134]
AlternateDataStreams: C:\ProgramData\Temp:91730504 [118]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mbamchameleon => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\QQPCRTP => ""="service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\IMFservice => "@"="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mbamchameleon => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\QQPCRTP => ""="service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vsmon => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 20:34 - 2018-01-31 23:03 - 000000854 _____ C:\Windows\system32\Drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1439322100-2213096863-3173725656-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Peter\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

MSCONFIG\Services: iPod Service => 3
MSCONFIG\Services: MBAMScheduler => 2
MSCONFIG\Services: MBAMService => 2
MSCONFIG\Services: mfeicfupdate => 2
MSCONFIG\Services: QQPCRTP => 2
MSCONFIG\Services: YahooAUService => 2
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth.lnk =>
MSCONFIG\startupreg: ZoneAlarm => "C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [SNMP-Out-UDP-NoScope] => (Allow) %SystemRoot%\system32\snmp.exe
FirewallRules: [SNMP-Out-UDP] => (Allow) %SystemRoot%\system32\snmp.exe
FirewallRules: [{B179B4EF-FBFC-4897-884B-7BEE394CCD48}] => (Allow) LPort=80
FirewallRules: [{E2F13B0B-0F10-4C2A-B5C1-0DEC567D0616}] => (Allow) LPort=2869
FirewallRules: [{5CEB2AD5-4567-4A88-83C6-6A5DC5D3C23B}] => (Allow) LPort=1900
FirewallRules: [TCP Query User{D625C008-BDCC-4A21-8EF9-B6BFAEE16A21}C:\program files (x86)\google\chrome\application\chrome.exe] => (Allow) C:\program files (x86)\google\chrome\application\chrome.exe
FirewallRules: [UDP Query User{8E3814D4-7E25-4E7C-96DA-EC3AC3EEA8CC}C:\program files (x86)\google\chrome\application\chrome.exe] => (Allow) C:\program files (x86)\google\chrome\application\chrome.exe
FirewallRules: [{33482EE2-2702-478F-A56D-4E7BFCEB462A}] => (Allow) LPort=2869
FirewallRules: [{2D451413-EE16-4D72-9596-15CDA75BE12B}] => (Allow) LPort=1900
FirewallRules: [{CDA13373-088D-4BA5-88B9-AE4A31EDB0D8}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{1A78E269-36AE-4E6B-B743-8D1B5F69A917}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{981D7289-81B4-4390-842B-8F8B48AB8E88}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{98B0A437-FEA8-4787-B2AE-E185A3E20777}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{0ADB46C7-3DA6-4993-91DC-A86C3B0E18A5}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{6AC395A1-CB47-47B8-916F-787BC411383A}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [TCP Query User{A73CB46C-FA26-43E9-919A-B850657FB1CD}C:\program files (x86)\motorola\software update\msu.exe] => (Allow) C:\program files (x86)\motorola\software update\msu.exe
FirewallRules: [UDP Query User{EA4B1FE3-4FE9-4317-B6AE-729918E01F00}C:\program files (x86)\motorola\software update\msu.exe] => (Allow) C:\program files (x86)\motorola\software update\msu.exe
FirewallRules: [{F61F24CB-A4BD-4453-B6F4-7E6EFD0107D0}] => (Block) LPort=445
FirewallRules: [{01B21D38-EB26-4D10-9E85-EEC78BEDD8C2}] => (Block) LPort=445
FirewallRules: [{99F58D94-2AD8-4CDB-8E15-9C3A82C08974}] => (Allow) E:\SteamLibrary\SteamApps\common\Myst Masterpiece\Myst.exe
FirewallRules: [{F16362EA-2080-40E7-9435-8430A171475B}] => (Allow) E:\SteamLibrary\SteamApps\common\Myst Masterpiece\Myst.exe
FirewallRules: [{6B661D43-DED7-4A30-8F43-7716C4BD4CB3}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{8FDA5E87-0C63-41B8-BDD7-5BCCFBBE7006}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{181ECCA7-B45D-4EEC-88EF-48F8B985AEF5}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{031580B4-F2EF-4ABE-B90E-446864E5EB0B}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{D94972B9-2271-4D8B-B873-3DB6DD2AD2CA}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{726DCCF8-783E-4DD1-AFA7-D5D286AABC8E}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [TCP Query User{3377C346-12E0-4D84-90A8-94D7F241FCEE}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{82DC1256-CA36-46EE-81F8-C0701D031832}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [{5587BFCB-50D5-4B74-8FFA-CB7DE391692E}] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [{7CAA7ADD-9618-4653-A4CB-1B6718FD7E1B}] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [{92A18FC6-01D6-495D-8714-4BA5C3BF2BD6}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdater.exe
FirewallRules: [{E27253C2-7F6C-4AC4-85C4-448F9F9E1452}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
FirewallRules: [{7EB13912-A221-4CA9-9A8A-086A13DFB468}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
FirewallRules: [{6843D9A1-08CF-4582-A3C9-0CAC8266B9AF}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
FirewallRules: [{A8705F37-66E5-48C5-BDDA-0B522EE06906}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
FirewallRules: [{77C9BC9D-B791-47A0-A926-3966870701ED}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
FirewallRules: [{117A1EA0-32C1-448B-A5AC-E3E1CA2A83BA}] => (Allow) E:\SteamLibrary\SteamApps\common\realMyst Masterpiece Edition\realMyst.exe
FirewallRules: [{F0A461BA-E58D-4683-B7F7-8BDA9978781B}] => (Allow) E:\SteamLibrary\SteamApps\common\realMyst Masterpiece Edition\realMyst.exe
FirewallRules: [{2E99639F-F4F6-4D81-AFDB-7F4A5B2CB907}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{C15EFDE1-A752-4F87-91F9-FC97330E9565}] => (Allow) C:\Program Files (x86)\BlueStacks\HD-Player.exe
FirewallRules: [{0C45305A-4F68-4471-9145-26DE33ED95AE}] => (Allow) C:\Users\Peter\AppData\Local\Temp\7zS0306\setup\hpznui40.exe
FirewallRules: [{EC2A349D-A203-41C5-9DAB-36FDECF3E675}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
FirewallRules: [{CC27AAAE-7A85-4449-B1E8-5AE5474F19E5}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
FirewallRules: [{0A705B8E-17C5-4894-B066-12338BCAAD7C}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpofxm08.exe
FirewallRules: [{A8992A90-1255-4A27-87B8-7538C2926994}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposfx08.exe
FirewallRules: [{E31BBD8B-FDD2-42BF-B008-F44597617C34}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposid01.exe
FirewallRules: [{B31B209F-610F-47A8-9765-2E90F26F5595}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqkygrp.exe
FirewallRules: [{A6B23CF2-BC2A-422C-A54F-183B044D80FF}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcopy2.exe
FirewallRules: [{6A72F28A-D626-4928-98AF-B84EEE343DAC}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpfccopy.exe
FirewallRules: [{CE677987-6C16-49AF-A516-34EBD9252ACF}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpzwiz01.exe
FirewallRules: [{ED450284-2B95-428B-82EC-89270B45EA9E}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpoews01.exe
FirewallRules: [{F38E22BE-8FCB-4BED-9E92-EA69866F9523}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqnrs08.exe
FirewallRules: [{804414B8-9EB8-4ED5-B613-86E5875665FD}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpiscnapp.exe
FirewallRules: [{0631E994-6323-41C7-A5B2-0FD22A4C00F8}] => (Allow) C:\Program Files (x86)\common files\hp\digital imaging\bin\hpqphotocrm.exe
FirewallRules: [{AEBFAFDC-18AD-40CE-BCF1-C5EEA30F198A}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqsudi.exe
FirewallRules: [{0CD3BE65-7E32-4A10-BAB1-EFCE3976A118}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqpsapp.exe
FirewallRules: [{2692E0B5-34AD-4FDF-AA95-F056E9FD3B9C}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpofxs08.exe
FirewallRules: [{F231E621-43F0-4B94-B2A0-0EDB3A3C43E6}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqfxt08.exe
FirewallRules: [{3ADD0C22-C97D-4352-9494-A0556309867E}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqpse.exe
FirewallRules: [{4ACF9816-D07C-411C-A210-2DE509D9E7BB}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgplgtupl.exe
FirewallRules: [{5BADCEA8-6E1F-4B90-AEFE-79AC2439275C}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
FirewallRules: [{7871640F-004B-4435-9558-DC1192545B86}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgm.exe
FirewallRules: [{CD80F640-810C-42E4-86D8-DA9323CD00CE}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgh.exe
FirewallRules: [{04859238-2E32-421B-8ACD-C48C4136B5E9}] => (Allow) C:\Program Files (x86)\HP\hp software update\hpwucli.exe
FirewallRules: [{38908D4F-5510-4AEE-913C-8EDE8EB7D6D1}] => (Allow) C:\Program Files (x86)\HP\digital imaging\smart web printing\smartwebprintexe.exe
FirewallRules: [{9FD2C192-57F8-401C-A5FE-E440915EAB52}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe
FirewallRules: [{FB2107A9-722A-4100-9A8B-0AAC071EF326}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe
FirewallRules: [{84B4EF59-133C-4936-832A-269E86EA758D}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe
FirewallRules: [{8E090654-174D-4027-87FD-A6FA5C619532}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe
FirewallRules: [{8DBF1B8C-4228-4AEE-A93D-F7D8ADFED191}] => (Allow) C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv.exe
FirewallRules: [{C063F60E-DAC7-4445-AB82-3BA175D8661A}] => (Allow) C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv.exe

==================== Restore Points =========================

Check "winmgmt" service or repair WMI.


==================== Faulty Device Manager Devices =============

Could not list Devices. Check "winmgmt" service or repair WMI.


==================== Event log errors: =========================

Application errors:
==================
Error: (02/01/2018 08:00:09 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 17832147

Error: (02/01/2018 08:00:09 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 17832147

Error: (02/01/2018 08:00:09 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (02/01/2018 08:00:08 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 17831148

Error: (02/01/2018 08:00:08 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 17831148

Error: (02/01/2018 08:00:08 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (02/01/2018 08:00:07 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 17830150

Error: (02/01/2018 08:00:07 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 17830150

Error: (02/01/2018 08:00:07 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (02/01/2018 08:00:06 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 17829152


System errors:
=============
Error: (02/01/2018 08:00:40 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the vsmon service.

Error: (02/01/2018 08:00:10 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the vsmon service.

Error: (02/01/2018 03:03:27 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the vsmon service.

Error: (02/01/2018 03:01:21 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80070643: Update for Skype for Windows desktop 6.11 (KB2876229).

Error: (02/01/2018 03:01:21 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80070643: Update for Skype for Windows desktop 7.0 (KB2876229).

Error: (02/01/2018 03:00:44 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the vsmon service.

Error: (02/01/2018 02:40:04 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the vsmon service.

Error: (01/31/2018 11:16:17 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The ZoneAlarm Privacy Service service failed to start due to the following error:
The service did not respond to the start or control request in a timely fashion.

Error: (01/31/2018 11:16:17 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the ZoneAlarm Privacy Service service to connect.

Error: (01/31/2018 11:16:17 PM) (Source: SNMP) (EventID: 1500) (User: )
Description: The SNMP Service encountered an error while accessing the registry key SYSTEM\CurrentControlSet\Services\SNMP\Parameters\TrapConfiguration.


CodeIntegrity:
===================================
Date: 2017-07-28 12:13:39.901
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\NAHIMICAPOlfx.dll because the set of per-page image hashes could not be found on the system.

Date: 2017-07-28 12:13:39.808
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\NAHIMICAPOlfx.dll because the set of per-page image hashes could not be found on the system.

Date: 2017-07-28 12:13:11.841
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\NAHIMICAPOlfx.dll because the set of per-page image hashes could not be found on the system.

Date: 2017-07-28 12:13:11.751
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\NAHIMICAPOlfx.dll because the set of per-page image hashes could not be found on the system.

Date: 2017-07-28 12:13:08.218
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\NAHIMICAPOlfx.dll because the set of per-page image hashes could not be found on the system.

Date: 2017-07-28 12:13:08.126
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\NAHIMICAPOlfx.dll because the set of per-page image hashes could not be found on the system.

Date: 2017-07-28 12:12:31.636
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\NAHIMICAPOlfx.dll because the set of per-page image hashes could not be found on the system.

Date: 2017-07-28 12:12:31.580
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\NAHIMICAPOlfx.dll because the set of per-page image hashes could not be found on the system.

Date: 2017-07-28 12:11:31.467
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\NAHIMICAPOlfx.dll because the set of per-page image hashes could not be found on the system.

Date: 2017-07-28 12:11:31.416
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\NAHIMICAPOlfx.dll because the set of per-page image hashes could not be found on the system.


==================== Memory info ===========================

Processor: Intel® Core™ i7-4820K CPU @ 3.70GHz
Percentage of memory in use: 46%
Total physical RAM: 32706.9 MB
Available physical RAM: 17406.57 MB
Total Virtual: 65411.97 MB
Available Virtual: 43668.99 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:219.51 GB) (Free:35.82 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive e: (New Volume) (Fixed) (Total:929.56 GB) (Free:884.07 GB) NTFS
Drive f: (New Volume) (Fixed) (Total:931.51 GB) (Free:170.22 GB) NTFS
Drive g: (New Volume) (Fixed) (Total:1.95 GB) (Free:0.39 GB) NTFS
Drive p: (RAMDISK) (Fixed) (Total:0.02 GB) (Free:0.01 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 348709AE)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 238.5 GB) (Disk ID: 79EA2D58)
Partition 1: (Active) - (Size=219.5 GB) - (Type=07 NTFS)

========================================================
Disk: 2 (Size: 931.5 GB) (Disk ID: FAC0FAC0)
Partition 1: (Active) - (Size=2 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=929.6 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================

Edited by Oh My!, 01 February 2018 - 03:58 PM.


#13 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 37,737 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:08:25 PM

Posted 01 February 2018 - 06:44 PM

Thank you for the information. Before manipulating your computer I would like to make sure we can create a System Restore Point. Please do this.

===================================================

Enabling System Restore in Windows 7/Vista and Creating a Restore Point

--------------------
  • Click on the Start, Control Panel then System
  • Click on System Protection
  • Click Configure
  • Select Restore system settings and previous versions of files
  • Click Apply then OK
  • If you receive an error code click Apply then OK again
  • If you continue to receive an error code stop and let me know the code
  • Click Create
  • Name the Restore Point Before Fixlist
  • Click Create
  • Determine if a Restore Point was successfully created
===================================================

Things I would like to see in your next reply. Please be sure to copy and paste any requested log information unless you are asked to attach it. :thumbsup2:
  • Restore Point created?

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#14 Thundergod67

Thundergod67
  • Topic Starter

  • Members
  • 57 posts
  • OFFLINE
  •  
  • Local time:10:25 PM

Posted 01 February 2018 - 08:25 PM

Ok, done. It told me "system restore point created successfully". I verified that the restore point is listed.

 

As a side note: system restore hasn't accually restored anything in a while. The restore points are listed, but when I click restore I always get an error saying failed to complete successfully.



#15 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 37,737 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:08:25 PM

Posted 01 February 2018 - 10:16 PM

Thank you Peter.

Though System Restore doesn't always work properly there was a specific issue with your computer that I wanted to try to resolve before the below step. Looks like that worked out well.

We are going to get a bit aggressive in removing things. Please do this in Normal Boot.

===================================================

Farbar's Recovery Scan Tool - Run Fix in Normal Boot

--------------------
  • Right click on the FRST icon and select Run as administrator
  • Highlight the below information then hit the Ctrl + C keys at the same time
Start::
CloseProcesses:
C:\Program Files (x86)\IObit
Lsa: [Notification Packages] scecli C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter C:\Program Files\WIDCOMM\Bluetooth Software\BtwProximityCP.dll
C:\Program Files\TrueKey
GroupPolicy: Restriction 
GroupPolicy\User: Restriction 
GroupPolicyUsers\S-1-5-21-1439322100-2213096863-3173725656-1007\User: Restriction 
GroupPolicyUsers\S-1-5-21-1439322100-2213096863-3173725656-1005\User: Restriction 
GroupPolicyUsers\S-1-5-21-1439322100-2213096863-3173725656-1003\User: Restriction 
CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - <no Path/update_url>
CHR HKU\S-1-5-21-1439322100-2213096863-3173725656-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [hcjjaajflhellmcfcecojihhmdbjmmlm] - hxxps://clients2.google.com/service/update2/crx
S4 TrueKey; C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe [908256 2016-07-14] (McAfee, Inc.)
S4 TrueKeyScheduler; C:\Program Files\TrueKey\McTkSchedulerService.exe [15736 2016-07-14] (McAfee, Inc.)
S3 TrueKeyServiceHelper; C:\Program Files\TrueKey\McAfee.TrueKey.ServiceHelper.exe [86864 2016-07-14] (McAfee, Inc.)
C:\Program Files\TrueKey
S3 BCM42RLY; no ImagePath
S3 keycrypt; C:\Windows\System32\DRIVERS\KeyCrypt64.sys [161408 2017-01-30] (Zemana Ltd.)
C:\Windows\System32\DRIVERS\KeyCrypt64.sys
S1 QMUdisk; no ImagePath
R0 SmartDefragDriver; C:\Windows\System32\Drivers\SmartDefragDriver.sys [30744 2017-03-09] (IObit)
S1 softaal; no ImagePath
C:\Windows\System32\Drivers\SmartDefragDriver.sys
S2 tsnethlpx64; no ImagePath
S3 TSSKX64; C:\Windows\System32\drivers\tsskx64.sys [52728 2017-02-10] ([font='microsoft jhenghei', sans-serif]电脑管家)
S3 usbbus; no ImagePath
S3 UsbDiag; no ImagePath
S3 USBModem; no ImagePath
C:\Windows\System32\drivers\tsskx64.sys
S2 ZAPrivacyService; C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZaPrivacyService.exe [114936 2016-10-06] (Check Point Software Technologies, Ltd.)
C:\Program Files (x86)\CheckPoint
R1 Vsdatant; C:\Windows\System32\DRIVERS\vsdatant.sys [462272 2016-10-11] (Check Point Software Technologies Ltd.)
C:\Windows\System32\DRIVERS\vsdatant.sys
S3 vzandnetbus; no ImagePath
S3 vzandnetdiag; no ImagePath
S3 vzandnetmodem; no ImagePath
S1 ZAM; no ImagePath
S1 ZAM_Guard; no ImagePath
S3 atillk64; \??\C:\Users\ADMINI~1\AppData\Local\Temp\RarSFX0\atillk64.sys [X] 
R3 cpuz138; \??\C:\Users\Peter\AppData\Local\Temp\cpuz138\cpuz138_x64.sys [X] 
U3 iswSvc; no ImagePath
2018-01-31 22:53 - 2018-01-31 22:59 - 000000394 _____ C:\Windows\Tasks\RunAsStdUser Task.job
2018-01-20 14:55 - 2018-01-20 14:55 - 000001051 _____ C:\Users\Peter\Desktop\SpeedyFixer.lnk
2018-01-20 14:55 - 2018-01-20 14:55 - 000000000 ____D C:\Users\Peter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpeedyFixer
2018-01-20 14:55 - 2018-01-20 14:55 - 000000000 ____D C:\Program Files (x86)\SpeedyFixer
2018-01-31 23:16 - 2017-01-27 13:22 - 000000000 ____D C:\Users\Peter\AppData\Roaming\IObit
C:\ProgramData\IObit
2018-01-31 22:59 - 2017-03-07 23:38 - 000000000 ____D C:\Users\Peter\AppData\Local\Innovative Solutions
2018-01-31 22:56 - 2017-01-25 14:19 - 000000000 ____D C:\ProgramData\ProductData
2018-01-31 17:37 - 2017-05-16 11:40 - 000003464 _____ C:\Windows\System32\Tasks\Application Starter - f1375f225883e83d52e8db9690775c3c
2018-01-04 12:30 - 2017-07-02 00:34 - 000003168 _____ C:\Windows\System32\Tasks\SmartDefrag_AutoAnalyze
2018-01-04 09:44 - 2017-08-18 06:52 - 000001162 _____ C:\Users\Public\Desktop\Smart Defrag 5.lnk
2018-01-04 09:44 - 2017-07-02 00:34 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Smart Defrag
2017-01-15 21:24 - 2017-01-15 21:24 - 000000000 _____ () C:\ProgramData\cisBFC6.exe
2017-01-15 21:24 - 2017-01-15 21:24 - 000000000 _____ () C:\ProgramData\cisE476.exe
2017-02-16 01:46 - 2017-01-25 03:48 - 002626984 _____ (COMODO) C:\Users\Peter\AppData\Roaming\temp~ccavstart.exe
2017-02-16 01:46 - 2017-01-25 03:49 - 003882680 _____ (Terra Informatica Software, Inc.) C:\Users\Peter\AppData\Roaming\temp~cmdhtml.dll
2018-01-24 11:51 - 2018-01-24 11:51 - 116708576 _____ () C:\Users\Peter\AppData\Local\Temp\playstv_patch.exe
ContextMenuHandlers1-x32: [Advanced SystemCare] -> {2803063F-4B8D-4dc6-8874-D1802487FE2D} => C:\Program Files (x86)\IObit\Advanced SystemCare\ASCExtMenu_64.dll 
ContextMenuHandlers1-x32: [Comodo Antivirus] -> {4255A182-CAD9-4214-A19B-7BA7FB633BBD} => 
ContextMenuHandlers1-x32: [SmartDefragExtension] -> {189F1E63-33A7-404B-B2F6-8C76A452CC54} => C:\Windows\System32\IObitSmartDefragExtension.dll [2016-03-25] (IObit)
ContextMenuHandlers2-x32: [Advanced SystemCare] -> {2803063F-4B8D-4dc6-8874-D1802487FE2D} => C:\Program Files (x86)\IObit\Advanced SystemCare\ASCExtMenu_64.dll 
ContextMenuHandlers4-x32: [Advanced SystemCare] -> {2803063F-4B8D-4dc6-8874-D1802487FE2D} => C:\Program Files (x86)\IObit\Advanced SystemCare\ASCExtMenu_64.dll 
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => 
ContextMenuHandlers6-x32: [SmartDefragExtension] -> {189F1E63-33A7-404B-B2F6-8C76A452CC54} => C:\Windows\System32\IObitSmartDefragExtension.dll [2016-03-25] (IObit)
Task: {03F651E1-16BB-4AE8-96A8-A111D8CE5AAF} - System32\Tasks\SmartDefrag_Update => C:\Program Files (x86)\IObit\Smart Defrag\AutoUpdate.exe [2017-07-28] (IObit)
Task: {4E216687-E9DC-469D-8656-2DD47A1F751C} - \DriverMax Notification  
Task: {636C7A6D-D3CC-4060-AA68-62103242F514} - \ASC10_SkipUac_adm  
Task: {75147590-8AE2-4FCB-9427-92C610F81DA8} - System32\Tasks\WiseCleaner\WMOSkipUAC => C:\Program Files (x86)\Wise\Wise Memory Optimizer\WiseMemoryOptimzer.exe
Task: {7AE744A6-509C-4E29-834E-13CFDDA2B88C} - System32\Tasks\Uninstaller_SkipUac_Mike => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe
Task: {7D047625-0D4C-49B1-9C2C-889917C55213} - System32\Tasks\{D8C36108-D826-4703-9629-487BD1ABEF27} => C:\Windows\system32\pcalua.exe -a C:\Users\Mike\ashampoo_firewall_free_120_sm.exe -d C:\Users\Mike
Task: {7DA0BD5C-E1A5-463B-99DE-919B0A1D8DAD} - \Zookaware Scheduled Update Check  
Task: {803127DB-3FA6-4126-81E2-90808B0069D4} - System32\Tasks\McAfee Remediation (Prepare) => C:\Program Files\Common Files\AV\McAfee Anti-Virus And Anti-Spyware\upgrade.exe [2016-03-01] (McAfee, Inc.)
C:\Program Files\Common Files\AV\McAfee Anti-Virus And Anti-Spyware
Task: {843C1510-490E-4631-B627-237ACCC15C90} - System32\Tasks\WiseCleaner\WDRSkipUAC => C:\Program Files (x86)\Wise\Wise Data Recovery\WiseDataRecovery.exe
Task: {94CB06E7-11B1-47FC-B768-6C02D77B0EFC} - System32\Tasks\Application Starter - f1375f225883e83d52e8db9690775c3c => C:\Program Files (x86)\Innovative Solutions\DriverMax\innostp.exe
Task: {94E5884E-FA7E-4453-A8EA-9365B0728B32} - \Driver Booster Scheduler  
Task: {9D62B3C7-C8C7-4BC1-BDB7-D969B1605206} - \DriverMaxAgent  
Task: {A6DAB744-68A6-4104-B731-23A1ABF6B1AD} - \ASC10_PerformanceMonitor  
Task: {B4E55EA3-7341-4F08-BF56-4880B9899B15} - System32\Tasks\SmartDefrag_Startup => C:\Program Files (x86)\IObit\Smart Defrag\SmartDefrag.exe [2017-12-20] (IObit)
Task: {C03FBAE2-CA4E-430C-8C10-BFA63775254F} - System32\Tasks\SmartDefrag_AutoAnalyze => C:\Program Files (x86)\IObit\Smart Defrag\AutoDefrag.exe [2016-06-06] (IObit)
Task: {C9300441-269A-4BAE-BDC8-8648B6CA00C3} - \ASC10_SkipUac_Peter  
Task: {E8E0AFAC-719C-4F74-B2BA-675A6732CE86} - \DriverMaxWelcome  
Task: {F22A7615-B859-433C-B37A-3E174B1FA3B5} - System32\Tasks\Uninstaller_SkipUac_Peter => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe
Task: {F38A100C-A9E1-473E-AE8C-4E01F626B79A} - \Driver Booster SkipUAC (Peter)  
Task: C:\Windows\Tasks\RunAsStdUser Task.job => C:\Program Files (x86)\IObit\IObit Uninstaller\NoteIcon.exe C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe
AlternateDataStreams: C:\ProgramData\Temp:2CB9631F [134]
AlternateDataStreams: C:\ProgramData\Temp:91730504 [118]
DeleteKey: HKEY_LOCAL_MACHINE\Software\Microsoft\Shared Tools\MSConfig\Services\mfeicfupdate
cmd: netsh winsock reset catalog
cmd: netsh int ip reset C:\resettcpip.txt
cmd: netsh advfirewall reset
cmd: netsh advfirewall set allprofiles state ON
cmd: Bitsadmin /Reset /Allusers
cmd: ipconfig /flushdns
cmd: sfc /scannow
cmd: chkdsk
emptytemp:
End::
  • Click Fix
  • When completed he tool will create a log on the desktop called Fixlog.txt. Please copy and paste the contents of the file in your reply.
  • Allow your computer to reboot and monitor the boot process
===================================================

Things I would like to see in your next reply. Please be sure to copy and paste any requested log information unless you are asked to attach it. :thumbsup2:
  • Fixlog
  • Boot?

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users