Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

WIN32/TIGGRE!RFN Infection


  • Please log in to reply
14 replies to this topic

#1 WTP07

WTP07

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:04:23 AM

Posted 10 March 2018 - 03:00 PM

So, through my own stupdity, I have manage to get infected with the above nonsense.
 
 
 
I have tried MalwarBytes, Avast, AVG, AdAware, Spybot, Avira, all to no avail.
 
 
 
Hopefully one of you can help me out.
 
 
 
Two files keep appearing in my task manager: Methode.exe and Prolongs.exe
 
 
I have deleted them in their folders, but they keep coming back. 
 
 
 
Here are my CCleaner logs. (let me know if you want HiJackThis instead)
 
 
Programs:
 
 
 
ABBYY FineReader 9.0 Sprint ABBYY 12/10/2014 9.00.15.58233
AC3Filter 1.63b Alexander Vigovsky 1/5/2010 1.63b
Acrobat.com Adobe Systems Incorporated 8/21/2009 1.60 MB 1.6.65
Acronis True Image WD Edition Acronis 3/4/2018 585 MB 19.0.33
Active@ Boot Disk 7.1 LSoft Technologies Inc 10/21/2013 7.1
Adobe Acrobat 6.0 Professional - English, Français, Deutsch Adobe Systems 3/3/2015 384 MB 006.000.000
Adobe Acrobat Reader DC Adobe Systems Incorporated 2/25/2018 278 MB 18.011.20038
Adobe AIR Adobe Systems Inc. 1/15/2010 1.5.3.9120
Adobe Creative Cloud Adobe Systems Incorporated 4.0.1.188
Adobe Flash Player 10 Plugin Adobe Systems Incorporated 10.0.45.2
Adobe Flash Player 20 ActiveX Adobe Systems Incorporated 20.0.0.228
Adobe Illustrator CS3 Adobe Systems Incorporated 1/25/2011 13.0
Adobe Illustrator CS4 Adobe Systems Incorporated 12/15/2011 14.0
Adobe Lightroom Adobe Systems Incorporated 6.10
Adobe Media Player Adobe Systems Incorporated 1/17/2010 1.1
Adobe Photoshop CC 2017 Adobe Systems Incorporated 18.1.1
Adobe Photoshop CS4 Adobe Systems Incorporated 1/17/2010 11.0
Adobe Photoshop Lightroom 5.7 64-bit Adobe Systems Incorporated 3/18/2015 1.07 GB 5.7.0
Adobe Premiere Pro CC 2015 Adobe Systems Incorporated 9.0.0
Adobe Shockwave Player 11.6 Adobe Systems, Inc. 11.6.8.638
Advanced Renamer Hulubulu Software 1/15/2017 3.73
Amazon Drive Amazon.com, Inc. 4.0.16
Anime Studio Debut 7.0 Smith Micro Software, Inc. 8/6/2013 7.0
Any Video Converter 3.2.5 Any-Video-Converter.com 7/13/2011 
Any Video Converter Ultimate 5.8.0 Any-Video-Converter.com 6/23/2015 
Apple Application Support (32-bit) Apple Inc. 12/20/2016 127 MB 5.2
Apple Application Support (64-bit) Apple Inc. 12/20/2016 142 MB 5.2
Apple Mobile Device Support Apple Inc. 12/20/2016 27.4 MB 10.0.1.3
Apple Software Update Apple Inc. 6/28/2016 2.69 MB 2.2.0.150
ASUS Wireless Router Device Discovery Utility ASUS 8/15/2017 1.4.8.0
AutoTRAX Design Express Version 1 AutoTRAX Software 3/24/2013 
AVG Web TuneUp AVG Technologies 4.3.6.255
Battle.net Blizzard Entertainment 
BlueStacks App Player BlueStack Systems, Inc. 1/16/2018 3.55.70.1783
Bonjour Apple Inc. 2/19/2016 2.05 MB 3.1.0.1
CaddieSync Express 1.5.14 SkyHawke Technologies 1.5.14
calibre Kovid Goyal 11/27/2010 105 MB 0.7.31
Canon Utilities Digital Photo Professional Canon Inc. 3.14.40.0
Canon Utilities EOS Lens Registration Tool Canon Inc. 1.1.0.6
Canon Utilities EOS Utility 2 Canon Inc. 2.14.10.2
Canon Utilities ImageBrowser EX Canon Inc. 1.5.2.8
Canon Utilities Map Utility Canon Inc. 1.6.0.2
Canon Utilities PhotoStitch Canon Inc. 3.1.23.47
Canon Utilities Picture Style Editor Canon Inc. 1.14.20.0
CCleaner Piriform 5.40
Cisco WebEx Meetings Cisco WebEx LLC 
Citrix Online Launcher Citrix 1/6/2014 286 KB 1.0.168
Citrix Receiver Citrix Systems, Inc. 13.3.0.55
Compatibility Pack for the 2007 Office system Microsoft Corporation 2/14/2018 401 MB 12.0.6612.1000
Convert AVI to MP4 convertavitomp4.com 11/24/2013 
Coolmuster Android Assistant Coolmuster 4.1.20
CopyTrans Control Center Uninstall Only WindSolutions 4.017
Corel VideoStudio 12 Corel Corporation 1/5/2010 12.0.0.0000
CorelDRAW® Graphics Suite X4 Corel Corporation 
CorelDRAW® Graphics Suite X4 - Windows Shell Extension Corel Corporation 3/30/2010 
CPUID CPU-Z 1.67.1 12/29/2013 
CPV550 emulator (V16.02.01R) Vertex Standard Inc. 1/24/2010 16.02.01R
CR2 Codec by Ardfry Imaging, LLC (32 bit) Ardfry Imaging, LLC 2/15/2011 712 KB 1.0.0.0
CR2 Codec by Ardfry Imaging, LLC (64 bit) Ardfry Imaging, LLC 2/15/2011 1.14 MB 1.0.0.0
CR2 CODEC Version 1.0 Ardfry Imaging, LLC 2/15/2011 
Dell Driver Download Manager Dell Inc. 2.1.0.0
Disk Calculator version 1.00.1 Flir 6/5/2017 1.00.1
DiveOrganizer Mares 1.7.2.808
doPDF 7.1 printer Softland 11/8/2010 
Download Navigator SEIKO EPSON CORPORATION 12/10/2014 6.14 MB 3.4.0
Dropbox Dropbox, Inc. 44.4.58
Dual Smart Solution LG Soft India Pvt Ltd 2/12/2014 2.5
Duplicate File Finder Ashisoft 9/2/2013 5.4
DVD Decrypter DVD Decrypter 3.5.5.0
DVD Flick 1.3.0.7 Dennis Meuwissen 5/18/2015 1.3.0.7
DVDShrink 2008 BitByteSoft 3/19/2011 9.95 MB 1.0.0
EaseUS Partition Master 12.5 Trial Edition EaseUS 9/14/2017 
EOSInfo astrojargon.net 1/23/2014 1.66 MB 0.2.0
EPAFactory Endpoint Analysis Client 3.64 Citrix Systems, Inc. 4/24/2010 2.13 MB 3.64.0.0
EPSON Connect version 1.0 Epson America Inc. 12/10/2014 1.0
Epson Customer Participation SEIKO EPSON CORPORATION 12/10/2014 3.32 MB 1.4.0.0
Epson Event Manager Seiko Epson Corporation 12/10/2014 42.4 MB 3.01.0003
Epson FAX Utility SEIKO EPSON CORPORATION 12/10/2014 1.30.00
EPSON Scan Seiko Epson Corporation 
EPSON WF-2540 Series Printer Uninstall SEIKO EPSON Corporation 
EpsonNet Print SEIKO EPSON CORPORATION 12/10/2014 2.5.00
EVGA Precision X 4.2.1 EVGA Corporation 4.2.1
Exif Pilot 4.7 Two Pilots 3/15/2015 4.7
ExifPro 2.1 Photo Viewer 
FastPictureViewer Codec Pack 3.8.0.97 Axel Rietschin Software Developments 2/10/2018 68.9 MB 3.8.0.97
FastStone Image Viewer 5.3 FastStone Soft 5.3
FileZilla Client 3.7.3 Tim Kosse 3.7.3
FLIRCloudClient 2.1.39 FLIR 2.1.39
Free Avi To Mp4 Converter convertaudiofree 4/12/2015 44.9 MB 1.0.0
Free PDF to Word Converter 5.1.0.383 Smart Soft 4/5/2011 5.1.0.383
Free YouTube Downloader 4.1.484 HOW Inc. 4/4/2016 
Freemake Video Converter version 4.0.3 Ellora Assets Corporation 8/12/2013 4.0.3
Fresco Logic USB3.0 Host Controller Fresco Logic Inc. 1/12/2016 5.22 MB 3.5.106.0
Gadwin PrintScreen Gadwin Systems, Inc. 4.3
Garmin BaseCamp Garmin Ltd or its subsidiaries 3/22/2017 152 MB 4.6.2.0
Garmin City Navigator North America NT 2018.10 Garmin Ltd or its subsidiaries 3/31/2017 3.44 GB 2.0.0.0
Garmin Express Garmin Ltd or its subsidiaries 2/13/2018 6.1.1.0
Gateway InfoCentre Gateway Incorporated 3.02.3000
Gateway MyBackup NewTech Infosystems 8/21/2009 2.0.2.19
Gateway Photo Frame 4.2.3.10 I/O Interconnect 4.2.3.10
Gateway Recovery Management Acer Incorporated 8/21/2009 4.05.3002
Gateway Registration Gateway Incorporated 1.02.3004
Gateway ScreenSaver Gateway Incorporated 1.1.0812
Gateway Updater Gateway Incorporated 8/21/2009 1.01.3014
Geeks3D FurMark 1.18.2.0 Geeks3D 1/12/2017 
getPlus® Download Manager for Corel NOS Microsystems Ltd. 1.5.0.56
Google Chrome Google Inc. 3/27/2010 64.0.3282.186
Google Drive Google, Inc. 8/15/2014 35.0 MB 1.17.7290.4094
Google Earth Google 12/11/2013 180 MB 7.1.2.2041
GoProCineFormDecoders 1.2.0 CineForm, Inc & GoPro, Inc. 1.2.0
HandBrake 0.10.0 0.10.0
HitmanPro 3.8 SurfRight B.V. 3/10/2018 3.8.0.292
Icecream Screen Recorder version 2.72 Icecream Apps 12/17/2015 2.72
iCloud Apple Inc. 6/28/2016 135 MB 5.2.1.69
Ideal DVD to AVI Converter V2.0.1 Ideal DVD Software, Inc. 3/5/2010 
iDealshare VideoGo 5.5.1.5487 iDealshare Corporation 4/12/2015 
Identity Card Gateway Incorporated 1.00.3001
iExplorer 3.9.11.0 Macroplant LLC 10/7/2016 
ImageMagick 6.8.8-2 Q16 (64-bit) (2014-01-01) ImageMagick Studio LLC 1/19/2014 6.8.8
ImgBurn LIGHTNING UK! 10/20/2011 2.5.6.0
Indeo® software 
iTunes Apple Inc. 12/20/2016 242 MB 12.5.4.42
J2SE Development Kit 5.0 Update 22 Sun Microsystems, Inc. 4/21/2013 284 MB 1.5.0.220
Java 8 Update 131 Oracle Corporation 5/8/2017 95.4 MB 8.0.1310.11
Kobo Rakuten Kobo Inc. 4.0.5579
Kodi XBMC-Foundation 
Leawo Video Converter version  5.2.0.1 9/9/2015 
LG United Mobile Driver LG Electronics 2/15/2012 3.6.0.0
Lightshot-5.2.1.1 Skillbrains 4/23/2015 5.2.1.1
Logitech Harmony Remote Software 7 Logitech 1/14/2012 7.7.0.0
Logitech SetPoint 6.32 Logitech 6.32.20
Lorex Auto Port Forwarding Lorex Technology 1.0.5
Magic DVD Ripper V5.5.0 Magic DVD Software, Inc. 1/21/2011 
MagicDisc 2.7.106 
Marvell Miniport Driver Marvell 11.45.4.3
MEGAsync Mega Limited 
MGTEK dopisp MGTEK 12/28/2009 2.00 MB 3.0.1742
Microsoft .NET Framework 4.7.1 Microsoft Corporation 2/28/2018 4.7.02558
Microsoft Access database engine 2010 (English) Microsoft Corporation 2/14/2018 229 MB 14.0.6029.1000
Microsoft ASP.NET MVC 4 Runtime Microsoft Corporation 8/22/2015 1.59 MB 4.0.40804.0
Microsoft Camera Codec Pack Microsoft Corporation 1/19/2014 38.8 MB 16.4.1970.0624
Microsoft MapPoint North America 2011 Microsoft Corporation 10/26/2012 1.50 GB 18.0.26.0201
Microsoft Office Access database engine 2007 (English) Microsoft Corporation 2/14/2018 80.9 MB 12.0.6612.1000
Microsoft Office Enterprise 2007 Microsoft Corporation 2/14/2018 12.0.6612.1000
Microsoft Office PowerPoint Viewer 2007 (English) Microsoft Corporation 2/14/2018 60.1 MB 12.0.6612.1000
Microsoft Office Project Professional 2003 Microsoft Corporation 6/15/2017 348 MB 11.0.8173.0
Microsoft Office Suite Activation Assistant Microsoft Corporation 8/21/2009 8.36 MB 2.9
Microsoft Office Visio Professional 2007 Microsoft Corporation 2/14/2018 12.0.6612.1000
Microsoft Save as PDF or XPS Add-in for 2007 Microsoft Office programs Microsoft Corporation 1/6/2010 132 KB 12.0.4518.1014
Microsoft Security Essentials Microsoft Corporation 11/30/2016 4.10.209.0
Microsoft Silverlight Microsoft Corporation 6/15/2017 497 MB 5.1.50907.0
Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Corporation 12/28/2009 1.72 MB 3.1.0000
Microsoft SQL Server 2008 R2 Microsoft Corporation 
Microsoft SQL Server 2008 R2 Native Client Microsoft Corporation 11/15/2016 6.12 MB 10.52.4042.0
Microsoft SQL Server 2008 R2 Setup (English) Microsoft Corporation 11/15/2016 132 MB 10.52.4042.0
Microsoft SQL Server 2008 Setup Support Files  Microsoft Corporation 11/13/2016 21.6 MB 10.1.2731.0
Microsoft SQL Server Browser Microsoft Corporation 11/15/2016 9.08 MB 10.52.4000.0
Microsoft SQL Server Compact 3.5 SP1 - Italiano Microsoft Corporation 6/24/2010 2.85 MB 3.5.5692.0
Microsoft SQL Server VSS Writer Microsoft Corporation 11/15/2016 3.70 MB 10.52.4000.0
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 Microsoft Corporation 12/29/2009 260 KB 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable Microsoft Corporation 6/23/2017 2.61 MB 8.0.59193
Microsoft Visual C++ 2005 Redistributable (x64) Microsoft Corporation 3/19/2015 572 KB 8.0.61000
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 Microsoft Corporation 2/7/2012 786 KB 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 Microsoft Corporation 3/21/2012 782 KB 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 Microsoft Corporation 6/25/2015 788 KB 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 Microsoft Corporation 5/30/2011 2.05 MB 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Corporation 12/26/2011 592 KB 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Corporation 3/21/2012 588 KB 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Corporation 3/4/2014 594 KB 9.0.30729.6161
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 Microsoft Corporation 9/7/2016 24.7 MB 10.0.40219
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 Microsoft Corporation 11/20/2016 11.2 MB 10.0.40219
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 Microsoft Corporation 11.0.50727.1
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 Microsoft Corporation 11.0.61030.0
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 Microsoft Corporation 11.0.50727.1
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 Microsoft Corporation 11.0.61030.0
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 Microsoft Corporation 12.0.30501.0
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 Microsoft Corporation 12.0.30501.0
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23918 Microsoft Corporation 14.0.23918.0
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23918 Microsoft Corporation 14.0.23918.0
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Microsoft Corporation 6/25/2015 10.0.50903
Microsoft Web Platform Installer 2.0 Microsoft Corporation 11/26/2010 4.98 MB 2.1.1
Microsoft Works Microsoft Corporation 6/25/2015 892 MB 9.7.0621
Mobile Internet Key Huawei Technologies Co.,Ltd 13.001.08.01.464
Mozilla Firefox 55.0.3 (x86 en-US) Mozilla 55.0.3
Mozilla Maintenance Service Mozilla 55.0.3.6445
MSI Afterburner 4.3.0 MSI Co., LTD 4.3.0
MSXML 4.0 SP2 (KB954430) Microsoft Corporation 12/29/2009 1.27 MB 4.20.9870.0
MSXML 4.0 SP2 (KB973688) Microsoft Corporation 1/5/2010 1.33 MB 4.20.9876.0
Multimedia Reader USB 2.0 Drivers Jeppesen Marine 1/24/2010 2.2.0.6
MusicBee 2.4 Steven Mayall 2.4
MyFreeCodec 
Neat Image v7.5.0 Demo plug-in for Photoshop (64-bit) Neat Image team, ABSoft 2/14/2014 
Nero 9 Essentials Nero AG 8/21/2009 
Newblue Art Effects for PowerDirector NewBlue 2.0
NirSoft Mail PassView 
Nmap 5.61-Spiceworks 
NordVPN NordVPN 3/5/2018 6.11.14
NVIDIA 3D Vision Controller Driver 390.41 NVIDIA Corporation 1/13/2018 390.41
NVIDIA 3D Vision Driver 390.65 NVIDIA Corporation 1/13/2018 390.65
NVIDIA GeForce Experience 3.1.2.31 NVIDIA Corporation 1/15/2017 3.1.2.31
NVIDIA Graphics Driver 390.65 NVIDIA Corporation 1/13/2018 390.65
NVIDIA HD Audio Driver 1.3.36.6 NVIDIA Corporation 1/13/2018 1.3.36.6
NVIDIA PhysX System Software 9.17.0524 NVIDIA Corporation 1/13/2018 9.17.0524
OpenAL 
PartyPoker.net PartyGaming.Net 7/21/2010 145
PDFTOEXCEL Blue Label Soft 11/6/2012 
Photobucket Backup Photobucket 1/31/2013 14.0 MB 1.0.5.2168
PhotoME Jens Duttke 2/16/2014 0.79R17
Picasa 3 Google, Inc. 3.9
PIXELA AAC LC CODEC Canon Inc. 1.1.0.1
PL-2303 USB-to-Serial 
Plex Media Server Plex, Inc. 5/1/2016 0.9.1606
PokerStars PokerStars 
PokerStars.net PokerStars.net 
PROSPECTOR® Sales Tool version 33.20(5c) PACCAR, Inc. 11/13/2016 33.20(5c)
Punch! Architectural Series 19.0 Encore, Inc. A Wynit Company 6/23/2017 3.03 GB 19.0.0
Python 2.7.5 (64-bit) Python Software Foundation 2/15/2014 53.6 MB 2.7.5150
Quick Cribbage 3.5 (remove only) 
QuickTax 2009 Intuit Canada 11/22/2010 53.9 MB 1.00.0000
QuickTime Apple Inc. 12/8/2012 73.1 MB 7.73.80.64
RAR Password Unlocker 4.2.0.0 Password Unlocker Studio 1/16/2014 
RayTech RNS Raymarine 4/30/2010 6.00.000
ReadySHARE Vault Genie9 3.0
Realtek High Definition Audio Driver Realtek Semiconductor Corp. 8/21/2009 6.0.1.5874
RegiStax 6 
RegiStax 6.1.0.8 update 
Remote Control USB Driver 1/14/2012 2.3.2.317
RivaTuner Statistics Server 6.5.0 Unwinder 6.5.0
Roll 
Samsung AllShare Samsung Electronics Co., Ltd. 12/1/2014 2.1.0.12031_10
Samsung Kies Samsung Electronics Co., Ltd. 6/8/2013 2.5.3.13043_14
Samsung Kies3 Samsung Electronics Co., Ltd. 11/6/2015 3.2.15072.2
Samsung Story Album Viewer Samsung Electronics Co., Ltd. 6/13/2013 1.0.0.13052_1
Samsung USB Driver for Mobile Phones Samsung Electronics Co., Ltd. 1.5.63.0
Silicon Laboratories CP210x USB to UART Bridge (Driver Removal) Silicon Laboratories 
SketchUp 5 5
SketchUp 8 Trimble Navigation Limited 11/7/2012 69.4 MB 3.0.15158
Skype™ 7.0 Skype Technologies S.A. 6/26/2015 47.9 MB 7.0.102
Smart Switch Samsung Electronics Co., Ltd. 6/19/2017 4.1.17054.16
SmartGPS Eco MiTAC Digital Corp. 10/23/2016 18.8 MB 3.0.0.00
SmartSound Quicktracks 5 SmartSound Software Inc. 2/24/2016 5.1.8
SmartSound Quicktracks Plugin SmartSound Software Inc 1/5/2010 3.0.2.7
Solve Elec 2.5 3/24/2013 
Spiceworks Spiceworks, Inc. 6.2.00919
Spybot - Search & Destroy Safer-Networking Ltd. 3/2/2015 2.4.40
Steam Valve Corporation 2/6/2013 1.77 MB 1.0.0.0
SyncDroid version 1.2.5 JunTu Software, Inc. 10/31/2014 1.2.5
Syncios Data Transfer 1.5.6 Anvsoft, Inc. 1.5.6
TAP-NordVPN 9.21.2 NordVPN.com 9.21.2
Tesseract-OCR 3.01 - open source OCR engine 
TomTom HOME Visual Studio Merge Modules TomTom International B.V. 6/21/2010 1.88 MB 1.0.2
TurboTax 2010 Intuit Canada 3/3/2011 52.9 MB 1.00.0000
TurboTax 2011 Intuit Canada 9/18/2013 51.3 MB 1.00.0000
TurboTax 2012 Intuit Canada 10/3/2013 59.0 MB 1.00.0000
Unity Web Player Unity Technologies ApS 
UPSMON Plus for Windows 7/4/2011 
VideoPad Video Editor NCH Software 4.58
Visual C++ 8.0 Runtime Setup Package (x64) AVG Technologies CZ, s.r.o. 12/28/2009 2.23 MB 9.0.0.623
Visual Studio 2012 x64 Redistributables AVG Technologies 11/17/2013 12.9 MB 14.0.0.1
Visual Studio 2012 x86 Redistributables AVG Technologies CZ, s.r.o. 11/17/2013 10.5 MB 14.0.0.1
VLC media player VideoLAN 2.2.4
VMware View Client VMware, Inc. 3/21/2012 30.9 MB 5.0.0.481677
WebM Project Directshow Filters WebM Project 1.0.4.1
Welcome Center Gateway Incorporated 1.00.3004
WIDCOMM Bluetooth Software Broadcom Corporation 11/1/2013 278 MB 6.5.1.2700
WinCDEmu Bazis 3.6
Windows 7 USB/DVD Download Tool Microsoft Corporation 2/17/2018 2.71 MB 1.0.30
Windows Driver Package - Active Mind Technology, Inc. CDM Driver Package - Bus/D2XX Driver (07/12/2013 2.08.30) Active Mind Technology, Inc. 07/12/2013 2.08.30
Windows Driver Package - Active Mind Technology, Inc. CDM Driver Package - VCP Driver (07/12/2013 2.08.30) Active Mind Technology, Inc. 07/12/2013 2.08.30
Windows Driver Package - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) Dynastream Innovations, Inc. 04/11/2012 1.2.40.201
Windows Driver Package - Silicon Labs Software (DSI_SiUSBXp_3_1) USB  (02/06/2007 3.1) Silicon Labs Software 02/06/2007 3.1
Windows Live Essentials Microsoft Corporation 12/28/2009 14.0.8064.0206
Windows Live Sign-in Assistant Microsoft Corporation 12/28/2009 1.93 MB 5.000.818.5
Windows Live Sync Microsoft Corporation 12/28/2009 2.79 MB 14.0.8064.206
Windows Live Upload Tool Microsoft Corporation 12/28/2009 224 KB 14.0.8014.1029
Windows Media Player Firefox Plugin Microsoft Corp 4/26/2010 296 KB 1.0.0.8
Windows Movie Maker 2.6 Microsoft Corporation 1/5/2010 8.81 MB 2.6.4037.0
Windows Password Key 8.0 demo PasswordSeeker 8.0 demo
WinPcap 4.1.2-Spiceworks CACE Technologies 4.1.0.2001
WinRAR archiver 
WinX Free DVD Ripper 4.5.12 Digiarty Software,Inc. 3/19/2011 
Wondershare AllMyTube(Build 3.8.0.4) Wondershare Software 2/15/2014 3.8.0.4
Wondershare Dr.Fone for Android(Build 6.4.1.37) Wondershare Software Co.,Ltd. 11/14/2017 6.4.1.37
Wondershare MobileGo(Version 8.2.3) Wondershare 11/14/2017 8.2.3
WordBiz 1.8 
Xiph.Org Open Codecs 0.85.17777 Xiph.Org 0.85.17777
XMedia Recode version 3.1.4.1 XMedia Recode 1/19/2013 3.1.4.1
YTD Video Downloader 4.8.9 GreenTree Applications SRL 4.8.9
µTorrent BitTorrent Inc. 3.5.3.44358
 
Scheduled Tasks: 
 
No Task AdobeAAMUpdater-1.0-Gateway-Randy Adobe Systems Incorporated C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe -mode=scheduled
Yes Task AdobeGCInvoker-1.0-Gateway-Randy Adobe Systems, Incorporated C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe
Yes Task CCleanerSkipUAC Piriform Ltd "C:\Program Files\CCleaner\CCleaner.exe" $(Arg0)
Yes Task DropboxUpdateTaskUserS-1-5-21-1411555444-1497203140-1760718375-1000Core1d236efa3fda48a Dropbox, Inc. C:\Users\Randy\AppData\Local\Dropbox\Update\DropboxUpdate.exe /c
Yes Task DropboxUpdateTaskUserS-1-5-21-1411555444-1497203140-1760718375-1000UA1d236efa4f32bb3 Dropbox, Inc. C:\Users\Randy\AppData\Local\Dropbox\Update\DropboxUpdate.exe /ua /installsource scheduler
Yes Task GarminUpdaterTask Garmin International, Inc. C:\Program Files (x86)\Garmin\Express SelfUpdater\ExpressSelfUpdater.exe
Yes Task GoogleUpdateTaskUserS-1-5-21-1411555444-1497203140-1760718375-1000Core1d1ab1f1a8cdd80 Google Inc. C:\Users\Randy\AppData\Local\Google\Update\GoogleUpdate.exe /c
Yes Task GoogleUpdateTaskUserS-1-5-21-1411555444-1497203140-1760718375-1000UA1d1ab1f1b357c09 Google Inc. C:\Users\Randy\AppData\Local\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
Yes Task NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} NVIDIA Corporation C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe
Yes Task NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} NVIDIA Corporation C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe
Yes Task NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} NVIDIA Corporation C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe
Yes Task NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} NVIDIA Corporation C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe
Yes Task NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} NVIDIA Corporation C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe
Yes Task NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} NVIDIA Corporation C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe --logon
 
Windows: 
 
No HKCU:Run Samsung C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
No HKCU:Run 36F007971E0F9347D851CE74F3932A132ABF5A64._service_run "C:\Users\Randy\AppData\Local\Google\Chrome\Application\chrome.exe" --type=service /prefetch:8
No HKCU:Run BitTorrent "C:\Program Files (x86)\BitTorrent\BitTorrent.exe"
Yes HKCU:Run CCleaner Monitoring Piriform Ltd "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
No HKCU:Run CCleaner Monitoring Piriform Ltd "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
No HKCU:Run Dropbox Update Dropbox, Inc. "C:\Users\Randy\AppData\Local\Dropbox\Update\DropboxUpdate.exe" /c
No HKCU:Run Facebook Update "C:\Users\Randy\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
Yes HKCU:Run GarminExpressTrayApp Garmin Ltd. or its subsidiaries "C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe"
Yes HKCU:Run Google Update Google Inc. C:\Users\Randy\AppData\Local\Google\Update\1.3.33.7\GoogleUpdateCore.exe
No HKCU:Run GoogleChromeAutoLaunch_1A79A2200C004DCED2675514EE5085D0 "C:\Users\Randy\AppData\Local\Google\Chrome\Application\chrome.exe" --no-startup-window
No HKCU:Run GoogleDriveSync Google "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
No HKCU:Run iCloudDrive Apple Inc. C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
No HKCU:Run iCloudPhotos Apple Inc. C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe
No HKCU:Run iCloudServices Apple Inc. C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
No HKCU:Run KiesAirMessage Samsung Electronics C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe -startup
No HKCU:Run Magellan Update Manager MiTAC "C:\Users\Randy\AppData\Roaming\MiTAC Digital Corporation\mgnContentManager\3.0.0.00\mgnContentManager.exe"
No HKCU:Run msnmsgr "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
No HKCU:Run NokiaSuite.exe C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe -tray
Yes HKCU:Run NordVPN NordVPN C:\Program Files (x86)\NordVPN\NordVPN.exe
No HKCU:Run Plex Media Server Plex, Inc. "C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe"
No HKCU:Run Skype Skype Technologies S.A. "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
Yes HKCU:Run Spybot-S&D Cleaning Safer-Networking Ltd. "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe" /autoclean
No HKCU:Run Spybot-S&D Cleaning Safer-Networking Ltd. "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe" /autoclean
No HKCU:Run SpybotPostWindows10UpgradeReInstall Safer-Networking Ltd. "C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe"
No HKCU:Run Steam Valve Corporation "C:\Program Files (x86)\Steam\Steam.exe" -silent
No HKCU:Run TomTomHOME.exe "C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe" -s
Yes HKCU:Run uTorrent BitTorrent Inc. "C:\Users\Randy\AppData\Roaming\uTorrent\uTorrent.exe"  /MINIMIZED
No HKCU:Run uTorrent BitTorrent, Inc. "C:\Program Files (x86)\uTorrent\uTorrent.exe"  /MINIMIZED
No HKCU:Run Wowhead_Client Wowhead "C:\Users\Randy\Downloads\Wowhead_Client\Wowhead_Client.exe"
Yes HKLM:Run Acronis Scheduler2 Service Acronis International GmbH "C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe"
Yes HKLM:Run AcronisTibMounterMonitor Acronis International GmbH C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe
No HKLM:Run Adobe ARM Adobe Systems Incorporated "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
Yes HKLM:Run Adobe Creative Cloud Adobe Systems Incorporated "C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" --showwindow=false --onOSstartup=true
No HKLM:Run Adobe Reader Speed Launcher "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
No HKLM:Run AdobeAAMUpdater-1.0 Adobe Systems Incorporated "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
No HKLM:Run AdobeCS4ServiceManager Adobe Systems Incorporated "C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin
Yes HKLM:Run AdobeGCInvoker-1.0 Adobe Systems, Incorporated "C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe"
No HKLM:Run AllShareAgent Samsung Electronics Co., Ltd. C:\Program Files (x86)\Samsung\AllShare\AllShareAgent.exe
No HKLM:Run APSDaemon Apple Inc. "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
No HKLM:Run BackupManagerTray NewTech Infosystems, Inc. "C:\Program Files (x86)\NewTech Infosystems\Gateway MyBackup\BackupManagerTray.exe" -h -k
No HKLM:Run BlueStacks Agent BlueStack Systems, Inc. C:\Program Files (x86)\BlueStacks\HD-Agent.exe
No HKLM:Run BrMfcWnd C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe /AUTORUN
No HKLM:Run BrowserPlugInHelper Wondershare Software C:\Program Files (x86)\Wondershare\AllMyTube\BrowserPlugInHelper.exe
No HKLM:Run CaddieSyncConduit SkyHawke C:\Program Files (x86)\SkyGolf\CaddieSync Express\CaddieSyncExpress.exe
No HKLM:Run CitrixReceiver "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Citrix\Receiver Updater.lnk"
No HKLM:Run ConnectionCenter Citrix Systems, Inc. "C:\Program Files (x86)\Citrix\ICA Client\concentr.exe" /startup
No HKLM:Run ControlCenter3 C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe /autorun
No HKLM:Run DelaypluginInstall C:\ProgramData\iSkysoft\Video Converter Ultimate\DelayPluginI.exe
Yes HKLM:Run EaseUS EPM Tray Agent CHENGDU YIWO Tech Development Co., Ltd. "C:\Program Files (x86)\EaseUS\EaseUS Partition Master 12.5\bin\TrayPopupE\TrayTipAgentE.exe"
Yes HKLM:Run EEventManager SEIKO EPSON CORPORATION "C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe"
No HKLM:Run EvtMgr6 Logitech, Inc. C:\Program Files\Logitech\SetPointP\SetPoint.exe /launchGaming
Yes HKLM:Run FLxHCIm64 Windows ® Win 7 DDK provider "C:\Program Files\Fresco Logic\Fresco Logic USB3.0 Host Controller\amd64_host\FLxHCIm.exe"
No HKLM:Run FUFAXRCV SEIKO EPSON CORPORATION "C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXRCV.exe"
No HKLM:Run FUFAXSTM SEIKO EPSON CORPORATION "C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe"
No HKLM:Run Gateway Photo Frame IOI C:\Program Files (x86)\Gateway Photo Frame\ButtonMonitor.exe -A
No HKLM:Run GrooveMonitor Microsoft Corporation "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
No HKLM:Run iSkysoft Helper Compact.exe iSkySoft C:\Program Files (x86)\Common Files\iSkysoft\iSkysoft Helper Compact\ISHelper.exe
No HKLM:Run iTunesHelper Apple Inc. "C:\Program Files\iTunes\iTunesHelper.exe"
No HKLM:Run KiesTrayAgent Samsung Electronics Co., Ltd. C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
No HKLM:Run LifeCam "C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe"
Yes HKLM:Run Lightshot OOO Kango C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe
No HKLM:Run MSC Microsoft Corporation "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
No HKLM:Run Photobucket Backup Photobucket C:\Program Files (x86)\Photobucket Backup\Photobucket.App.exe
No HKLM:Run QuickTime Task Apple Inc. "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
No HKLM:Run rlsit Microsoft Corporation rundll32.exe "C:\Users\Randy\AppData\Local\Temp\rlsit.dll",GetDevSplineArrayEx
No HKLM:Run RtHDVCpl Realtek Semiconductor C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
No HKLM:Run SDTray Safer-Networking Ltd. "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
No HKLM:Run Skytel Realtek Semiconductor Corp. C:\Program Files\Realtek\Audio\HDA\Skytel.exe
No HKLM:Run spcwb Microsoft Corporation rundll32.exe "C:\Users\Randy\AppData\Local\Temp\spcwb.dll",WriteFileStamp
No HKLM:Run Spiceworks Spiceworks, Inc. C:\Program Files (x86)\Spiceworks\bin\spicetray_silent.exe
No HKLM:Run SunJavaUpdateSched Oracle Corporation "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
Yes HKLM:Run TrueImageMonitor.exe Acronis International GmbH C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
No HKLM:Run TRUUpdater "C:\Program Files (x86)\Sierra Wireless Inc\WebUpdater\TRUUpdater.exe" /bkground
No HKLM:Run UPSMON C:\Program Files (x86)\UPSMON\UPSMON.exe
No HKLM:Run UVS12 Preload Ulead Systems, Inc. C:\Program Files (x86)\Corel\Corel VideoStudio 12\uvPL.exe
Yes HKLM:Run vProt AVG Technologies CZ, s.r.o. "C:\Program Files (x86)\AVG Web TuneUp\vprot.exe"
No HKLM:Run VX3000 Microsoft Corporation C:\Windows\vVX3000.exe
No HKLM:Run WatcherHelper "C:\Program Files (x86)\Rogers\Rogers Connection Manager\WaHelper.exe"
No HKLM:Run Wondershare Helper Compact.exe Wondershare C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
Yes HKLM:RunOnce AvgUninstallURL Microsoft Corporation cmd.exe /c start http://www.avg.com/ww.special-uninstallation-feedback-app?
 
lic=OQBJAC0AQQBXAEwARwBCAC0ATQBXAFAANwBMAC0ATQBMAE0AVgBBAC0AWgBQAFIAUABQAC0ARwBSAEYAUQAzAA"&"inst=NwA2AC0AMgA5ADUANQA5ADAAOAA4ADUANQAtAEYAUAA5ADIAKwA2AC0AQgBBAFIAOQBHACsAMQAtAFQAQgA5ACsAMgAtAEYATAArADkALQBYAE8AMwA2AC
 
sAMQAtAEYAOQBNADEAMABCACsAMQAtAFgATwA5ACsAMQAtAEYAOQBNADIAKwAxAC0AUABMACsAOQAtAE4AMQBEACsAMQAtAEQARABUACsAMAAtAEQARAA5ADAAKwAxAC0AUwBUADkAMABBAFAAUAArADEALQBQADkAMABUAEIAKwAyAC0ARgBVAEkAKwAyAC0AQwBJAEQAKwAxAC0ASQBJAF
 
MAQQArADYALQBDAEkARAA3ADcASQBCACsANQAtAEMASQBEADcANwBUACsAMQAtAEMASQBEADcANwBUAFQAKwAxAA"&"prod=94"&"ver=9.0.894
No Startup Common Acrobat Assistant.lnk Adobe Systems Inc. C:\PROGRA~2\Adobe\ACROBA~2.0\Distillr\acrotray.exe 
Yes Startup Common BackupRemind.lnk Wondershare C:\Program Files (x86)\Wondershare\Dr.Fone for Android\BackupRemind.exe
No Startup Common Bluetooth.lnk Broadcom Corporation. C:\PROGRA~1\WIDCOMM\BLUETO~1\BTTray.exe 
Yes Startup Common CineForm Status.lnk GoPro C:\Program Files (x86)\CineForm\Tools\GoProCineFormStatusViewer.exe
Yes Startup Common Dual Smart Solution.lnk LG Electronics C:\Program Files (x86)\LG Soft India Pvt Ltd\Dual Smart Solution\bin\Dual Smart Solution.exe
No Startup Common ImageBrowser EX Agent.lnk C:\PROGRA~2\Canon\IMAGEB~1\MFMANA~1.EXE 
Yes Startup Common MobileGo Service.lnk Wondershare C:\Program Files (x86)\Wondershare\MobileGo\MobileGoService.exe
No Startup User CurseClientStartup.ccip C:\Users\Randy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip
Yes Startup User Dropbox.lnk Dropbox, Inc. C:\Users\Randy\AppData\Roaming\Dropbox\bin\Dropbox.exe
Yes Startup User EOS Utility.lnk Canon INC. C:\Program Files (x86)\Canon\EOS Utility\EOS Utility.exe
No Startup User MagicDisc.lnk MagicISO, Inc. C:\PROGRA~2\MAGICD~2\MAGICD~1.EXE 
No Startup User MEGAsync.lnk Mega Limited C:\PROGRA~3\MEGAsync\MEGAsync.exe 
No Startup User MyPC Backup.lnk C:\PROGRA~2\MYPCBA~1\MYPCBA~1.EXE 
No Startup User vicomte.lnk C:\PROGRA~2\INTUIT~1\methode.exe
No Startup User vicomtevicomte.lnk C:\PROGRA~2\netters\prolongs.exe

Edited by hamluis, 10 March 2018 - 03:32 PM.
Moved from MRL to Am I Infected - Hamluis.


BC AdBot (Login to Remove)

 


#2 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,679 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:01:23 AM

Posted 10 March 2018 - 05:23 PM

Download Autoruns for Windows: http://technet.microsoft.com/en-us/sysinternals/bb963902.aspx
No installation required.
Simply unzip Autoruns.zip file, and double click on autoruns.exe file to run the program.
Go File>Save, and save it as Autoruns.txt file to know location.
You must select Text from drop-down menu as a file type:

p4436801.gif

Paste content of Autoruns.txt file into your next reply.


My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 


#3 WTP07

WTP07
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:04:23 AM

Posted 10 March 2018 - 05:33 PM

I've been trying.  I keep getting "You do not have permssion to to that" what hitting Post.  

 



#4 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,679 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:01:23 AM

Posted 10 March 2018 - 06:02 PM

Upload the file(s) here: http://www.sendspace.com/
Click on Browse button and navigate to the file you want to upload.
Click on Upload button.
Click on FIRST Copy Link button and paste the link in your next reply.

My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 


#5 WTP07

WTP07
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:04:23 AM

Posted 11 March 2018 - 05:02 PM

Here is a link to the file on my google drive account.  Hopefully you can access it there.

 

https://drive.google.com/open?id=1oiaZloFulF3-dCJxC6Sd4jY0wKbd6LeM

 

In order to post it to the sendspace I had to verify with a CC, which as you can imagine, I am reluctant to do at the moment.

 

Let me know if you have any problems accessing it from my Google Drive.

 

Thanks again for your help!



#6 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,679 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:01:23 AM

Posted 11 March 2018 - 05:56 PM

"HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\AlternateShell"    ""    ""    ""    "3/10/2018 2:16 PM"    ""
+ "cmd.exe"    "Windows Command Processor"    "Microsoft Corporation"    "c:\windows\system32\cmd.exe"    "11/20/2010 4:46 AM"    ""
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run"    ""    ""    ""    "3/10/2018 1:52 PM"    ""
+ "Acronis Scheduler2 Service"    ""    ""    "c:\program files (x86)\common files\acronis\schedule2\schedhlp.exe"    "12/15/2016 11:41 AM"    ""
+ "AdobeGCInvoker-1.0"    "Adobe GC Invoker Utility"    "Adobe Systems, Incorporated"    "c:\program files (x86)\common files\adobe\adobegcclient\agcinvokerutility.exe"    "1/5/2018 2:49 AM"    ""
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run"    ""    ""    ""    "3/10/2018 2:06 PM"    ""
+ "AcronisTibMounterMonitor"    "Acronis TIB Mounter Monitor"    "Acronis International GmbH"    "c:\program files (x86)\common files\acronis\tibmounter\tibmountermonitor.exe"    "11/10/2015 4:09 AM"    ""
+ "Adobe Creative Cloud"    "Adobe Creative Cloud"    "Adobe Systems Incorporated"    "c:\program files (x86)\adobe\adobe creative cloud\acc\creative cloud.exe"    "3/27/2017 2:20 PM"    ""
+ "EaseUS EPM Tray Agent"    ""    ""    "c:\program files (x86)\easeus\easeus partition master 12.5\bin\traypopupe\traytipagente.exe"    "2/13/2014 2:40 AM"    ""
+ "EEventManager"    "EEventManager Application"    "SEIKO EPSON CORPORATION"    "c:\program files (x86)\epson software\event manager\eeventmanager.exe"    "1/25/2012 9:46 PM"    ""
+ "FLxHCIm64"    "Fresco Logic"    "Windows ® Win 7 DDK provider"    "c:\program files\fresco logic\fresco logic usb3.0 host controller\amd64_host\flxhcim.exe"    "12/25/2013 5:42 AM"    ""
+ "Lightshot"    "Starter Module"    ""    "c:\program files (x86)\skillbrains\lightshot\lightshot.exe"    "10/17/2009 7:36 PM"    ""
+ "TrueImageMonitor.exe"    ""    ""    "c:\program files (x86)\acronis\trueimagehome\trueimagemonitor.exe"    "12/15/2016 12:51 PM"    ""
+ "vProt"    "VProtect Application "    ""    "c:\program files (x86)\avg web tuneup\vprot.exe"    "9/15/2016 4:25 AM"    ""
"HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run"    ""    ""    ""    "3/9/2018 7:39 PM"    ""
+ "CCleaner Monitoring"    "CCleaner"    "Piriform Ltd"    "c:\program files\ccleaner\ccleaner64.exe"    "2/7/2018 12:24 PM"    ""
+ "GarminExpressTrayApp"    "Garmin Express Tray"    "Garmin Ltd. or its subsidiaries"    "c:\program files (x86)\garmin\express tray\expresstray.exe"    "2/8/2018 2:33 PM"    ""
+ "Google Update"    "Google Update Core"    "Google Inc."    "c:\users\randy\appdata\local\google\update\1.3.33.7\googleupdatecore.exe"    "7/13/2017 9:14 PM"    ""
+ "NordVPN"    "NordVPN"    "NordVPN"    "c:\program files (x86)\nordvpn\nordvpn.exe"    "2/20/2018 5:00 AM"    ""
+ "Spybot-S&D Cleaning"    "Search results cleaner"    "Safer-Networking Ltd."    "c:\program files (x86)\spybot - search & destroy 2\sdcleaner.exe"    "3/21/2016 7:16 AM"    ""
+ "uTorrent"    "µTorrent"    "BitTorrent Inc."    "c:\users\randy\appdata\roaming\utorrent\utorrent.exe"    "2/20/2018 4:29 PM"    ""
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\RunOnce"    ""    ""    ""    "3/10/2018 11:56 AM"    ""
+ "AvgUninstallURL"    "Windows Command Processor"    "Microsoft Corporation"    "c:\windows\syswow64\cmd.exe"    "11/20/2010 4:00 AM"    ""
"C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup"    ""    ""    ""    "11/14/2017 7:33 AM"    ""
+ "BackupRemind.lnk"    "BackupRemind"    "Wondershare"    "c:\program files (x86)\wondershare\dr.fone for android\backupremind.exe"    "9/21/2016 5:49 AM"    ""
+ "CineForm Status.lnk"    "GoPro/CineForm Status Viewer"    "GoPro"    "c:\program files (x86)\cineform\tools\goprocineformstatusviewer.exe"    "6/1/2012 3:31 PM"    ""
+ "Dual Smart Solution.lnk"    "Dual Smart Solution"    "LG Electronics"    "c:\program files (x86)\lg soft india pvt ltd\dual smart solution\bin\dual smart solution.exe"    "12/17/2012 1:10 AM"    ""
+ "MobileGo Service.lnk"    "MobileGoService"    "Wondershare"    "c:\program files (x86)\wondershare\mobilego\mobilegoservice.exe"    "10/18/2016 6:51 AM"    ""
"C:\Users\Randy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup"    ""    ""    ""    "3/10/2018 2:01 PM"    ""
+ "Dropbox.lnk"    "Dropbox"    "Dropbox, Inc."    "c:\users\randy\appdata\roaming\dropbox\bin\dropbox.exe"    "2/26/2018 6:23 AM"    ""
+ "EOS Utility.lnk"    "EOS Utility"    "Canon INC."    "c:\program files (x86)\canon\eos utility\eos utility.exe"    "8/18/2014 8:43 PM"    ""
"HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components"    ""    ""    ""    "2/28/2018 3:19 AM"    ""
+ "Microsoft Windows"    "Windows Mail"    "Microsoft Corporation"    "c:\program files\windows mail\winmail.exe"    "7/13/2009 6:58 PM"    ""
+ "n/a"    "Windows host process (Rundll32)"    "Microsoft Corporation"    "c:\windows\system32\rundll32.exe"    "3/30/2017 10:03 AM"    ""
+ "Themes Setup"    "Microsoft© Register Server"    "Microsoft Corporation"    "c:\windows\system32\regsvr32.exe"    "7/13/2009 7:14 PM"    ""
+ "Windows Desktop Update"    "Microsoft© Register Server"    "Microsoft Corporation"    "c:\windows\system32\regsvr32.exe"    "7/13/2009 7:14 PM"    ""
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Active Setup\Installed Components"    ""    ""    ""    "2/28/2018 3:19 AM"    ""
+ "Microsoft Windows"    "Windows Mail"    "Microsoft Corporation"    "c:\program files (x86)\windows mail\winmail.exe"    "7/13/2009 6:42 PM"    ""
+ "n/a"    "Windows host process (Rundll32)"    "Microsoft Corporation"    "c:\windows\syswow64\rundll32.exe"    "3/30/2017 9:58 AM"    ""
+ "Themes Setup"    "Microsoft© Register Server"    "Microsoft Corporation"    "c:\windows\syswow64\regsvr32.exe"    "7/13/2009 6:58 PM"    ""
+ "Windows Desktop Update"    "Microsoft© Register Server"    "Microsoft Corporation"    "c:\windows\syswow64\regsvr32.exe"    "7/13/2009 6:58 PM"    ""
"HKLM\SOFTWARE\Classes\Protocols\Filter"    ""    ""    ""    "6/28/2015 7:03 PM"    ""
+ "text/xml"    "Microsoft Office XML MIME Filter"    "Microsoft Corporation"    "c:\program files\common files\microsoft shared\office12\msoxmlmf.dll"    "2/26/2009 6:28 AM"    ""
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler"    ""    ""    ""    "10/7/2016 11:43 AM"    ""
+ "Virtual Storage Mount Notification"    "CbFs Mount Notifier"    "EldoS Corporation"    "c:\windows\system32\cbfsmntntf3.dll"    "4/9/2012 8:26 AM"    ""
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler"    ""    ""    ""    "10/7/2016 11:43 AM"    ""
+ "Virtual Storage Mount Notification"    "CbFs Mount Notifier"    "EldoS Corporation"    "c:\windows\syswow64\cbfsmntntf3.dll"    "4/9/2012 8:26 AM"    ""
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellServiceObjects"    ""    ""    ""    "10/7/2016 11:43 AM"    ""
+ "Virtual Storage Mount Notification"    "CbFs Mount Notifier"    "EldoS Corporation"    "c:\windows\system32\cbfsmntntf3.dll"    "4/9/2012 8:26 AM"    ""
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellServiceObjects"    ""    ""    ""    "10/7/2016 11:43 AM"    ""
+ "Virtual Storage Mount Notification"    "CbFs Mount Notifier"    "EldoS Corporation"    "c:\windows\syswow64\cbfsmntntf3.dll"    "4/9/2012 8:26 AM"    ""
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad"    ""    ""    ""    "10/7/2016 11:43 AM"    ""
+ "EldosMountNotificator"    "CbFs Mount Notifier"    "EldoS Corporation"    "c:\windows\system32\cbfsmntntf3.dll"    "4/9/2012 8:26 AM"    ""
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad"    ""    ""    ""    "10/7/2016 11:43 AM"    ""
+ "EldosMountNotificator"    "CbFs Mount Notifier"    "EldoS Corporation"    "c:\windows\syswow64\cbfsmntntf3.dll"    "4/9/2012 8:26 AM"    ""
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks"    ""    ""    ""    "12/29/2009 1:38 AM"    ""
+ "Groove GFS Stub Execution Hook"    "GrooveShellExtensions Module"    "Microsoft Corporation"    "c:\program files (x86)\microsoft office\office12\grooveshellextensions.dll"    "2/26/2009 8:20 AM"    ""
"HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers"    ""    ""    ""    "3/10/2018 10:25 AM"    ""
+ "AccExt"    "Core Sync"    ""    "c:\program files (x86)\adobe\adobe creative cloud\coresyncextension\coresync_x64.dll"    "10/25/2016 11:35 AM"    ""
+ "Acronis True Image Shell Extensions"    "Acronis True Image Shell Extensions"    "Acronis"    "c:\program files (x86)\acronis\trueimagehome\tishell64.dll"    "11/11/2015 5:55 AM"    ""
+ "EPP"    "Microsoft Security Client Shell Extension"    "Microsoft Corporation"    "c:\program files\microsoft security client\shellext.dll"    "11/14/2016 11:53 PM"    ""
+ "GDContextMenu"    "Google Drive shell extension"    "Google"    "c:\program files (x86)\google\drive\contextmenu64.dll"    "8/8/2014 12:32 PM"    ""
+ "Genie-Soft Timeline Backup Context Menu Extension"    "GSTimelineBackup context menu module"    "Genie9"    "c:\program files\netgear\readyshare vault\gstimelinecontextmenu.gtl"    "8/28/2013 3:37 AM"    ""
+ "MEGA (Context menu)"    ""    ""    "c:\programdata\megasync\shellextx64.dll"    "10/31/2016 2:45 PM"    ""
+ "PhotoStreamsExt"    "ShellStreams"    "Apple Inc."    "c:\program files\common files\apple\internet services\shellstreams64.dll"    "4/22/2016 5:04 AM"    ""
+ "SDECon32"    "Windows Explorer context menu integration"    "Safer-Networking Ltd."    "c:\program files (x86)\spybot - search & destroy 2\sdecon64.dll"    "12/31/1969 7:00 PM"    ""
+ "SDECon64"    "Windows Explorer context menu integration"    "Safer-Networking Ltd."    "c:\program files (x86)\spybot - search & destroy 2\sdecon64.dll"    "12/31/1969 7:00 PM"    ""
+ "WinCDEmu"    "WinCDEmu Explorer context menu module"    "SysProgs.org"    "c:\program files (x86)\wincdemu\x64\wincdemucontextmenu.dll"    "8/8/2011 1:11 PM"    ""
+ "WinRAR"    ""    ""    "c:\program files\winrar\rarext.dll"    "12/12/2009 5:12 AM"    ""
"HKLM\Software\Classes\Drive\ShellEx\ContextMenuHandlers"    ""    ""    ""    "3/4/2018 1:30 PM"    ""
+ "Acronis True Image Shell Extensions"    "Acronis True Image Shell Extensions"    "Acronis"    "c:\program files (x86)\acronis\trueimagehome\tishell64.dll"    "11/11/2015 5:55 AM"    ""
+ "Adobe Drive CS4"    "Adobe Drive Menu"    "Adobe Systems Incorporated"    "c:\program files\common files\adobe\adobe drive cs4\adfsmenu.dll"    "8/14/2008 9:47 AM"    ""
+ "EPP"    "Microsoft Security Client Shell Extension"    "Microsoft Corporation"    "c:\program files\microsoft security client\shellext.dll"    "11/14/2016 11:53 PM"    ""
+ "Genie-Soft Timeline Backup Context Menu Extension"    "GSTimelineBackup context menu module"    "Genie9"    "c:\program files\netgear\readyshare vault\gstimelinecontextmenu.gtl"    "8/28/2013 3:37 AM"    ""
+ "WinCDEmu"    "WinCDEmu Explorer context menu module"    "SysProgs.org"    "c:\program files (x86)\wincdemu\x64\wincdemucontextmenu.dll"    "8/8/2011 1:11 PM"    ""
"HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers"    ""    ""    ""    "3/10/2018 11:19 AM"    ""
+ "Adobe Drive CS4"    "Adobe Drive Menu"    "Adobe Systems Incorporated"    "c:\program files\common files\adobe\adobe drive cs4\adfsmenu.dll"    "8/14/2008 9:47 AM"    ""
+ "MEGA (Context menu)"    ""    ""    "c:\programdata\megasync\shellextx64.dll"    "10/31/2016 2:45 PM"    ""
"HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers"    ""    ""    ""    "8/12/2016 2:27 PM"    ""
+ "EPP"    "Microsoft Security Client Shell Extension"    "Microsoft Corporation"    "c:\program files\microsoft security client\shellext.dll"    "11/14/2016 11:53 PM"    ""
+ "GDContextMenu"    "Google Drive shell extension"    "Google"    "c:\program files (x86)\google\drive\contextmenu64.dll"    "8/8/2014 12:32 PM"    ""
+ "Genie-Soft Timeline Backup Context Menu Extension"    "GSTimelineBackup context menu module"    "Genie9"    "c:\program files\netgear\readyshare vault\gstimelinecontextmenu.gtl"    "8/28/2013 3:37 AM"    ""
+ "MEGA (Context menu)"    ""    ""    "c:\programdata\megasync\shellextx64.dll"    "10/31/2016 2:45 PM"    ""
+ "WinRAR"    ""    ""    "c:\program files\winrar\rarext.dll"    "12/12/2009 5:12 AM"    ""
"HKLM\Software\Classes\Directory\Shellex\DragDropHandlers"    ""    ""    ""    "6/11/2015 7:19 AM"    ""
+ "Genie-Soft Timeline Backup Context Menu Extension"    "GSTimelineBackup context menu module"    "Genie9"    "c:\program files\netgear\readyshare vault\gstimelinecontextmenu.gtl"    "8/28/2013 3:37 AM"    ""
+ "Timeline"    "GSTimelineNSE Dynamic Link Library"    "Genie9"    "c:\program files\netgear\readyshare vault\gstimelinense.gtl"    "8/28/2013 3:38 AM"    ""
+ "WinRAR"    ""    ""    "c:\program files\winrar\rarext.dll"    "12/12/2009 5:12 AM"    ""
"HKLM\Software\Classes\Directory\Shellex\CopyHookHandlers"    ""    ""    ""    "1/19/2014 9:16 AM"    ""
+ "FileZilla3CopyHook"    "fzshellext Dynamic Link Library"    ""    "c:\program files (x86)\filezilla ftp client\fzshellext_64.dll"    "8/1/2009 5:34 AM"    ""
+ "Monitor"    "BTNCopy Module"    "Broadcom Corporation."    "c:\program files\widcomm\bluetooth software\btncopy.dll"    "4/1/2012 2:17 PM"    ""
"HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers"    ""    ""    ""    "1/23/2017 9:52 AM"    ""
+ "Adobe Drive CS4"    "Adobe Drive Menu"    "Adobe Systems Incorporated"    "c:\program files\common files\adobe\adobe drive cs4\adfsmenu.dll"    "8/14/2008 9:47 AM"    ""
+ "Gadgets"    "Sidebar droptarget"    "Microsoft Corporation"    "c:\program files\windows sidebar\sbdrop.dll"    "7/13/2009 8:32 PM"    ""
+ "Genie-Soft Timeline Backup Context Menu Extension"    "GSTimelineBackup context menu module"    "Genie9"    "c:\program files\netgear\readyshare vault\gstimelinecontextmenu.gtl"    "8/28/2013 3:37 AM"    ""
+ "NvCplDesktopContext"    "NVIDIA Display Shell Extension"    "NVIDIA Corporation"    "c:\windows\system32\nvshext.dll"    "1/3/2018 6:43 PM"    ""
"HKLM\Software\Classes\Folder\Shellex\ColumnHandlers"    ""    ""    ""    "8/27/2017 6:02 PM"    ""
+ "CDR Column Provider"    "Windows XP Shell Extension"    "Corel Corporation"    "c:\program files (x86)\common files\corel\shared\shell extension\shellxp64.dll"    "1/11/2008 10:49 PM"    ""
"HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers"    ""    ""    ""    "3/10/2018 11:19 AM"    ""
+ "AccExt"    "Core Sync"    ""    "c:\program files (x86)\adobe\adobe creative cloud\coresyncextension\coresync_x64.dll"    "10/25/2016 11:35 AM"    ""
+ "Acronis True Image Shell Extensions"    "Acronis True Image Shell Extensions"    "Acronis"    "c:\program files (x86)\acronis\trueimagehome\tishell64.dll"    "11/11/2015 5:55 AM"    ""
+ "SDECon32"    "Windows Explorer context menu integration"    "Safer-Networking Ltd."    "c:\program files (x86)\spybot - search & destroy 2\sdecon64.dll"    "12/31/1969 7:00 PM"    ""
+ "SDECon64"    "Windows Explorer context menu integration"    "Safer-Networking Ltd."    "c:\program files (x86)\spybot - search & destroy 2\sdecon64.dll"    "12/31/1969 7:00 PM"    ""
+ "WinRAR"    ""    ""    "c:\program files\winrar\rarext.dll"    "12/12/2009 5:12 AM"    ""
"HKLM\Software\Classes\Folder\ShellEx\DragDropHandlers"    ""    ""    ""    "6/11/2015 7:19 AM"    ""
+ "Timeline"    "GSTimelineNSE Dynamic Link Library"    "Genie9"    "c:\program files\netgear\readyshare vault\gstimelinense.gtl"    "8/28/2013 3:38 AM"    ""
+ "WinRAR"    ""    ""    "c:\program files\winrar\rarext.dll"    "12/12/2009 5:12 AM"    ""
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers"    ""    ""    ""    "3/10/2018 10:19 AM"    ""
+ " MEGA (Pending)"    ""    ""    "c:\programdata\megasync\shellextx64.dll"    "10/31/2016 2:45 PM"    ""
+ " MEGA (Synced)"    ""    ""    "c:\programdata\megasync\shellextx64.dll"    "10/31/2016 2:45 PM"    ""
+ " MEGA (Syncing)"    ""    ""    "c:\programdata\megasync\shellextx64.dll"    "10/31/2016 2:45 PM"    ""
+ " AccExtIco1"    "Core Sync"    ""    "c:\program files (x86)\adobe\adobe creative cloud\coresyncextension\coresync_x64.dll"    "10/25/2016 11:35 AM"    ""
+ " AccExtIco2"    "Core Sync"    ""    "c:\program files (x86)\adobe\adobe creative cloud\coresyncextension\coresync_x64.dll"    "10/25/2016 11:35 AM"    ""
+ " AccExtIco3"    "Core Sync"    ""    "c:\program files (x86)\adobe\adobe creative cloud\coresyncextension\coresync_x64.dll"    "10/25/2016 11:35 AM"    ""
+ "0GenieTimeLine-BackedUp"    ""    ""    "c:\program files\netgear\readyshare vault\gstimelineiconoverlay.gtl"    "8/28/2013 3:34 AM"    ""
+ "0GenieTimeLine-Excluded"    ""    ""    "c:\program files\netgear\readyshare vault\gstimelineiconoverlay.gtl"    "8/28/2013 3:34 AM"    ""
+ "0GenieTimeLine-Folder"    ""    ""    "c:\program files\netgear\readyshare vault\gstimelineiconoverlay.gtl"    "8/28/2013 3:34 AM"    ""
+ "0GenieTimeLine-NotBackedUp"    ""    ""    "c:\program files\netgear\readyshare vault\gstimelineiconoverlay.gtl"    "8/28/2013 3:34 AM"    ""
+ "0GenieTimeLine-Pending "    ""    ""    "c:\program files\netgear\readyshare vault\gstimelineiconoverlay.gtl"    "8/28/2013 3:34 AM"    ""
+ "AcronisSyncError"    "Acronis True Image Shell Extensions"    "Acronis"    "c:\program files (x86)\acronis\trueimagehome\tishell64.dll"    "11/11/2015 5:55 AM"    ""
+ "AcronisSyncInProgress"    "Acronis True Image Shell Extensions"    "Acronis"    "c:\program files (x86)\acronis\trueimagehome\tishell64.dll"    "11/11/2015 5:55 AM"    ""
+ "AcronisSyncOk"    "Acronis True Image Shell Extensions"    "Acronis"    "c:\program files (x86)\acronis\trueimagehome\tishell64.dll"    "11/11/2015 5:55 AM"    ""
+ "EldosIconOverlay"    "CbFs Mount Notifier"    "EldoS Corporation"    "c:\windows\system32\cbfsmntntf3.dll"    "4/9/2012 8:26 AM"    ""
+ "GDriveBlacklistedOverlay"    "Google Drive shell extension"    "Google"    "c:\program files (x86)\google\drive\googledrivesync64.dll"    "8/8/2014 12:31 PM"    ""
+ "GDriveSharedEditOverlay"    "Google Drive shell extension"    "Google"    "c:\program files (x86)\google\drive\googledrivesync64.dll"    "8/8/2014 12:31 PM"    ""
+ "GDriveSharedOverlay"    "Google Drive shell extension"    "Google"    "c:\program files (x86)\google\drive\googledrivesync64.dll"    "8/8/2014 12:31 PM"    ""
+ "GDriveSharedViewOverlay"    "Google Drive shell extension"    "Google"    "c:\program files (x86)\google\drive\googledrivesync64.dll"    "8/8/2014 12:31 PM"    ""
+ "GDriveSyncedOverlay"    "Google Drive shell extension"    "Google"    "c:\program files (x86)\google\drive\googledrivesync64.dll"    "8/8/2014 12:31 PM"    ""
+ "GDriveSyncingOverlay"    "Google Drive shell extension"    "Google"    "c:\program files (x86)\google\drive\googledrivesync64.dll"    "8/8/2014 12:31 PM"    ""
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers"    ""    ""    ""    "10/7/2016 11:43 AM"    ""
+ " MEGA (Pending)"    ""    ""    "c:\programdata\megasync\shellextx32.dll"    "10/31/2016 2:43 PM"    ""
+ " MEGA (Synced)"    ""    ""    "c:\programdata\megasync\shellextx32.dll"    "10/31/2016 2:43 PM"    ""
+ " MEGA (Syncing)"    ""    ""    "c:\programdata\megasync\shellextx32.dll"    "10/31/2016 2:43 PM"    ""
+ "0GenieTimeLine-BackedUp"    ""    ""    "c:\program files\netgear\readyshare vault\x86\gstimelineiconoverlay.gtl"    "8/28/2013 3:53 AM"    ""
+ "0GenieTimeLine-Excluded"    ""    ""    "c:\program files\netgear\readyshare vault\x86\gstimelineiconoverlay.gtl"    "8/28/2013 3:53 AM"    ""
+ "0GenieTimeLine-Folder"    ""    ""    "c:\program files\netgear\readyshare vault\x86\gstimelineiconoverlay.gtl"    "8/28/2013 3:53 AM"    ""
+ "0GenieTimeLine-NotBackedUp"    ""    ""    "c:\program files\netgear\readyshare vault\x86\gstimelineiconoverlay.gtl"    "8/28/2013 3:53 AM"    ""
+ "0GenieTimeLine-Pending "    ""    ""    "c:\program files\netgear\readyshare vault\x86\gstimelineiconoverlay.gtl"    "8/28/2013 3:53 AM"    ""
+ "EldosIconOverlay"    "CbFs Mount Notifier"    "EldoS Corporation"    "c:\windows\syswow64\cbfsmntntf3.dll"    "4/9/2012 8:26 AM"    ""
+ "Groove Explorer Icon Overlay 1 (GFS Unread Stub)"    "GrooveShellExtensions Module"    "Microsoft Corporation"    "c:\program files (x86)\microsoft office\office12\grooveshellextensions.dll"    "2/26/2009 8:20 AM"    ""
+ "Groove Explorer Icon Overlay 2 (GFS Stub)"    "GrooveShellExtensions Module"    "Microsoft Corporation"    "c:\program files (x86)\microsoft office\office12\grooveshellextensions.dll"    "2/26/2009 8:20 AM"    ""
+ "Groove Explorer Icon Overlay 2.5 (GFS Unread Folder)"    "GrooveShellExtensions Module"    "Microsoft Corporation"    "c:\program files (x86)\microsoft office\office12\grooveshellextensions.dll"    "2/26/2009 8:20 AM"    ""
+ "Groove Explorer Icon Overlay 3 (GFS Folder)"    "GrooveShellExtensions Module"    "Microsoft Corporation"    "c:\program files (x86)\microsoft office\office12\grooveshellextensions.dll"    "2/26/2009 8:20 AM"    ""
+ "Groove Explorer Icon Overlay 4 (GFS Unread Mark)"    "GrooveShellExtensions Module"    "Microsoft Corporation"    "c:\program files (x86)\microsoft office\office12\grooveshellextensions.dll"    "2/26/2009 8:20 AM"    ""
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects"    ""    ""    ""    "3/10/2018 10:23 AM"    ""
+ "AcroIEToolbarHelper Class"    ""    ""    "c:\program files (x86)\adobe\acrobat 6.0\acrobat\acroiefavclient.dll"    "5/15/2003 3:03 AM"    ""
+ "AVG Web TuneUp"    "AVG Web TuneUp.dll"    "AVG"    "c:\program files (x86)\avg web tuneup\4.3.6.255\avg web tuneup.dll"    "9/15/2016 4:28 AM"    ""
+ "Groove GFS Browser Helper"    "GrooveShellExtensions Module"    "Microsoft Corporation"    "c:\program files (x86)\microsoft office\office12\grooveshellextensions.dll"    "2/26/2009 8:20 AM"    ""
+ "Java™ Plug-In 2 SSV Helper"    "Java™ Platform SE binary"    "Oracle Corporation"    "c:\program files (x86)\java\jre1.8.0_131\bin\jp2ssv.dll"    "3/15/2017 4:18 AM"    ""
+ "Java™ Plug-In SSV Helper"    "Java™ Platform SE binary"    "Oracle Corporation"    "c:\program files (x86)\java\jre1.8.0_131\bin\ssv.dll"    "3/15/2017 4:18 AM"    ""
+ "Windows Live Sign-in Helper"    "WindowsLiveLogin.dll"    "Microsoft Corporation"    "c:\program files (x86)\common files\microsoft shared\windows live\windowslivelogin.dll"    "1/22/2009 6:42 PM"    ""
+ "Wondershare AllMyTube"    "Wondershare AllMyTube Plugin"    "Wondershare Software Co., Ltd."    "c:\program files (x86)\wondershare\allmytube\svrieplugin.dll"    "12/25/2013 12:52 AM"    ""
"HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Toolbar"    ""    ""    ""    "6/5/2015 6:47 AM"    ""
+ "Adobe PDF"    ""    ""    "c:\program files (x86)\adobe\acrobat 6.0\acrobat\acroiefavclient.dll"    "5/15/2003 3:03 AM"    ""
"HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Extensions"    ""    ""    ""    "3/2/2015 1:07 PM"    ""
+ "&Blog This in Windows Live Writer"    "Windows Live Writer Blog This Extension"    "Microsoft Corporation"    "c:\program files (x86)\windows live\writer\writerbrowserextension.dll"    "2/6/2009 8:34 PM"    ""
+ "PartyPoker.com"    ""    ""    "File not found: C:\Programs\PartyGaming\PartyPoker\RunApp.exe"    ""    ""
+ "PartyPoker.net"    "RunApp MFC Application"    ""    "c:\programs\partygaming.net\partypokernet\runpf.exe"    "6/23/2006 1:35 AM"    ""
+ "PokerStars"    "PokerStars Update"    "PokerStars"    "c:\program files (x86)\pokerstars\pokerstarsupdate.exe"    "6/23/2011 1:02 PM"    ""
+ "S&end to OneNote"    "Microsoft Office OneNote Internet Explorer Add-in"    "Microsoft Corporation"    "c:\program files (x86)\microsoft office\office12\onbttnie.dll"    "8/30/2011 1:40 AM"    ""
"Task Scheduler"    ""    ""    ""    ""    ""
+ "\achieved shallows evidence"    "Methode"    ""    "c:\users\randy\appdata\local\methode.exe"    "3/7/2018 6:30 PM"    ""
+ "\Adobe Acrobat Update Task"    "Adobe Reader and Acrobat Manager"    "Adobe Systems Incorporated"    "c:\program files (x86)\common files\adobe\arm\1.0\adobearm.exe"    "2/9/2018 8:56 PM"    ""
X "\AdobeAAMUpdater-1.0-Gateway-Randy"    "Adobe Updater Startup Utility"    "Adobe Systems Incorporated"    "c:\program files (x86)\common files\adobe\oobe\pdapp\uwa\updaterstartuputility.exe"    "6/29/2016 2:29 AM"    ""
+ "\AdobeGCInvoker-1.0-Gateway-Randy"    "Adobe GC Invoker Utility"    "Adobe Systems, Incorporated"    "c:\program files (x86)\common files\adobe\adobegcclient\agcinvokerutility.exe"    "1/5/2018 2:49 AM"    ""
+ "\Antivirus Emergency Update"    ""    ""    "File not found: C:\Program Files\AVG\Antivirus\AvEmUpdate.exe"    ""    ""
+ "\bisson"    ""    ""    "File not found: C:\Program Files (x86)\Intuitively\methode.exe"    ""    ""
+ "\CCleaner Update"    "CCleaner emergency updater"    "Piriform Ltd"    "c:\program files\ccleaner\ccupdate.exe"    "1/31/2018 11:27 AM"    ""
+ "\CCleanerSkipUAC"    "CCleaner"    "Piriform Ltd"    "c:\program files\ccleaner\ccleaner.exe"    "2/7/2018 12:21 PM"    ""
+ "\DropboxUpdateTaskUserS-1-5-21-1411555444-1497203140-1760718375-1000Core1d236efa3fda48a"    "Dropbox Update"    "Dropbox, Inc."    "c:\users\randy\appdata\local\dropbox\update\dropboxupdate.exe"    "10/21/2015 1:52 PM"    ""
+ "\DropboxUpdateTaskUserS-1-5-21-1411555444-1497203140-1760718375-1000UA1d236efa4f32bb3"    "Dropbox Update"    "Dropbox, Inc."    "c:\users\randy\appdata\local\dropbox\update\dropboxupdate.exe"    "10/21/2015 1:52 PM"    ""
+ "\GarminUpdaterTask"    "Garmin.Omt.Express.SelfUpdater"    ""    "c:\program files (x86)\garmin\express selfupdater\expressselfupdater.exe"    "2/8/2018 2:33 PM"    ""
+ "\GoogleUpdateTaskUserS-1-5-21-1411555444-1497203140-1760718375-1000Core1d1ab1f1a8cdd80"    "Google Installer"    "Google Inc."    "c:\users\randy\appdata\local\google\update\googleupdate.exe"    "8/21/2015 9:13 PM"    ""
+ "\GoogleUpdateTaskUserS-1-5-21-1411555444-1497203140-1760718375-1000UA1d1ab1f1b357c09"    "Google Installer"    "Google Inc."    "c:\users\randy\appdata\local\google\update\googleupdate.exe"    "8/21/2015 9:13 PM"    ""
+ "\kika romanticizing"    ""    ""    "File not found: C:\Program Files (x86)\Drooped\prolongs.exe"    ""    ""
+ "\Microsoft\Windows\Autochk\Proxy"    "Windows host process (Rundll32)"    "Microsoft Corporation"    "c:\windows\system32\rundll32.exe"    "3/30/2017 10:03 AM"    ""
X "\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticDataCollector"    "Windows host process (Rundll32)"    "Microsoft Corporation"    "c:\windows\system32\rundll32.exe"    "3/30/2017 10:03 AM"    ""
+ "\Microsoft\Windows\NetTrace\GatherNetworkInfo"    ""    ""    "c:\windows\system32\gathernetworkinfo.vbs"    "6/10/2009 3:36 PM"    ""
+ "\Microsoft\Windows\SystemRestore\SR"    "Windows host process (Rundll32)"    "Microsoft Corporation"    "c:\windows\system32\rundll32.exe"    "3/30/2017 10:03 AM"    ""
+ "\Microsoft\Windows\Windows Filtering Platform\BfeOnServiceStartTypeChange"    "Windows host process (Rundll32)"    "Microsoft Corporation"    "c:\windows\system32\rundll32.exe"    "3/30/2017 10:03 AM"    ""
+ "\Microsoft\Windows\Windows Media Sharing\UpdateLibrary"    "Windows Media Player Network Sharing Service Configuration Application"    "Microsoft Corporation"    "c:\program files\windows media player\wmpnscfg.exe"    "7/13/2009 7:24 PM"    ""
+ "\monsanto_exploit"    ""    ""    "File not found: C:\Users\Randy\AppData\Local\prolongs.exe"    ""    ""
+ "\mousse_laud"    ""    ""    "File not found: C:\Program Files (x86)\Drooped\methode.exe"    ""    ""
+ "\nida"    ""    ""    "File not found: C:\Program Files (x86)\purchasers\purchasers.exe"    ""    ""
+ "\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}"    "NVIDIA nodejs launcher"    "NVIDIA Corporation"    "c:\program files (x86)\nvidia corporation\nvnode\nvnodejslauncher.exe"    "11/16/2016 11:38 AM"    ""
+ "\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}"    "NVIDIA driver profile updater"    "NVIDIA Corporation"    "c:\program files\nvidia corporation\update core\nvprofileupdater64.exe"    "11/17/2016 5:16 AM"    ""
+ "\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}"    "NVIDIA driver profile updater"    "NVIDIA Corporation"    "c:\program files\nvidia corporation\update core\nvprofileupdater64.exe"    "11/17/2016 5:16 AM"    ""
+ "\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}"    "NVIDIA telemetry monitor"    "NVIDIA Corporation"    "c:\program files (x86)\nvidia corporation\update core\nvtmmon.exe"    "11/17/2016 5:12 AM"    ""
+ "\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}"    "NVIDIA crash and telemetry reporter"    "NVIDIA Corporation"    "c:\program files (x86)\nvidia corporation\update core\nvtmrep.exe"    "11/17/2016 5:11 AM"    ""
+ "\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}"    "NVIDIA crash and telemetry reporter"    "NVIDIA Corporation"    "c:\program files (x86)\nvidia corporation\update core\nvtmrep.exe"    "11/17/2016 5:11 AM"    ""
+ "\Safer-Networking\Spybot - Search and Destroy\Check for updates"    "Update"    "Safer-Networking Ltd."    "c:\program files (x86)\spybot - search & destroy 2\sdupdate.exe"    "6/27/2014 4:52 AM"    ""
+ "\Safer-Networking\Spybot - Search and Destroy\Refresh immunization"    "Pro-active browser protection"    "Safer-Networking Ltd."    "c:\program files (x86)\spybot - search & destroy 2\sdimmunize.exe"    "3/21/2016 7:16 AM"    ""
+ "\Safer-Networking\Spybot - Search and Destroy\Scan the system"    "Malware Scanner"    "Safer-Networking Ltd."    "c:\program files (x86)\spybot - search & destroy 2\sdscan.exe"    "3/21/2016 7:48 AM"    ""
+ "\sailboat-paging"    ""    ""    "File not found: C:\Program Files (x86)\netters\prolongs.exe"    ""    ""
"HKLM\System\CurrentControlSet\Services"    ""    ""    ""    "3/10/2018 2:42 PM"    ""
+ "ABBYY.Licensing.FineReader.Sprint.9.0"    "ABBYY FineReader 9.0 Sprint Licensing Service: This service is required for the operation of the ABBYY FineReader 9.0 Express Edition licensing mechanism."    "ABBYY"    "c:\program files (x86)\common files\abbyy\finereadersprint\9.00\licensing\networklicenseserver.exe"    "5/14/2009 9:07 AM"    ""
+ "AcrSch2Svc"    "Acronis Scheduler2 Service: Provides scheduling for tasks of Acronis components."    ""    "c:\program files (x86)\common files\acronis\schedule2\schedul2.exe"    "12/15/2016 12:10 PM"    ""
+ "AdobeARMservice"    "Adobe Acrobat Update Service: Adobe Acrobat Updater keeps your Adobe software up to date."    "Adobe Systems Incorporated"    "c:\program files (x86)\common files\adobe\arm\1.0\armsvc.exe"    "2/9/2018 8:55 PM"    ""
+ "AdobeFlashPlayerUpdateSvc"    "Adobe Flash Player Update Service: This service keeps your Adobe Flash Player installation up to date with the latest enhancements and security fixes."    "Adobe Systems Incorporated"    "c:\windows\syswow64\macromed\flash\flashplayerupdateservice.exe"    "11/21/2015 9:26 PM"    ""
+ "AdobeUpdateService"    "AdobeUpdateService: Adobe Update Service"    "Adobe Systems Incorporated"    "c:\program files (x86)\common files\adobe\adobe desktop common\elevationmanager\adobeupdateservice.exe"    "3/14/2017 10:13 AM"    ""
+ "afcdpsrv"    "Acronis Nonstop Backup Service: Provides nonstop backup for partitions of the computer."    "Acronis"    "c:\program files (x86)\common files\acronis\cdp\afcdpsrv.exe"    "7/30/2015 8:04 AM"    ""
+ "AGSService"    "Adobe Genuine Software Integrity Service: Adobe Genuine Software Integrity Service"    "Adobe Systems, Incorporated"    "c:\program files (x86)\common files\adobe\adobegcclient\agsservice.exe"    "1/5/2018 2:46 AM"    ""
+ "AirPrint"    "AirPrint: AirPrint For Windows"    "Apple Inc."    "c:\program files (x86)\airprint\airprint.exe"    "10/7/2010 3:20 PM"    ""
+ "Apple Mobile Device Service"    "Apple Mobile Device Service: Provides the interface to Apple mobile devices."    "Apple Inc."    "c:\program files\common files\apple\mobile device support\applemobiledeviceservice.exe"    "2/12/2015 10:18 PM"    ""
+ "BEService"    "BattlEye Service: "    ""    "c:\program files (x86)\common files\battleye\beservice.exe"    "11/9/2017 11:50 PM"    ""
+ "Bonjour Service"    "Bonjour Service: Enables hardware devices and software services to automatically configure themselves on the network and advertise their presence."    "Apple Inc."    "c:\program files\bonjour\mdnsresponder.exe"    "8/12/2015 5:47 PM"    ""
+ "btwdins"    "Bluetooth Service: Handles installation and removal of Bluetooth devices."    "Broadcom Corporation."    "c:\program files\widcomm\bluetooth software\btwdins.exe"    "4/1/2012 2:17 PM"    ""
+ "EPSON_PM_RPCV4_05"    "EPSON V3 Service4(05): EPSON Status Monitor 3"    "SEIKO EPSON CORPORATION"    "c:\program files\common files\epson\epw!3 ssrp\e_wt50rp.exe"    "2/26/2012 8:31 PM"    ""
+ "EpsonCustomerParticipation"    "EpsonCustomerParticipation: Epson Customer Participation"    "SEIKO EPSON CORPORATION"    "c:\program files\epson\epsoncustomerparticipation\epcp.exe"    "5/9/2012 1:45 AM"    ""
+ "EpsonScanSvc"    "Epson Scanner Service: Epson Scanner Service (64bit)"    "Seiko Epson Corporation"    "c:\windows\system32\escsvc64.exe"    "12/11/2011 9:27 PM"    ""
+ "FLEXnet Licensing Service"    "FLEXnet Licensing Service: This service performs licensing functions on behalf of FLEXnet enabled products."    "Acresso Software Inc."    "c:\program files (x86)\common files\macrovision shared\flexnet publisher\fnplicensingservice.exe"    "5/6/2008 10:26 AM"    ""
+ "FLEXnet Licensing Service 64"    "FLEXnet Licensing Service 64: This service performs licensing functions on behalf of FLEXnet enabled products."    "Acresso Software Inc."    "c:\program files\common files\macrovision shared\flexnet publisher\fnplicensingservice64.exe"    "5/6/2008 10:17 AM"    ""
+ "Garmin Device Interaction Service"    "Garmin Device Interaction Service: Keeps the software and content on your Garmin devices and the Garmin software on your PC up to date."    "Garmin Ltd. or its subsidiaries"    "c:\program files (x86)\garmin\device interaction service\garminservice.exe"    "2/8/2018 2:34 PM"    ""
+ "GenieTimelineService"    "Genie Timeline Service: Genie Timeline Service provided by. Genie9"    "Genie9"    "c:\program files\netgear\readyshare vault\genietimelineservice.exe"    "8/28/2013 3:37 AM"    ""
+ "getPlusHelper"    "getPlus® Helper: getPlus® Helper"    "NOS Microsystems Ltd."    "c:\program files (x86)\nos\bin\getplus_helper.dll"    "12/14/2009 8:43 AM"    ""
+ "Greg_Service"    "GRegService: Global Registration Service"    "Acer Incorporated"    "c:\program files (x86)\gateway\registration\greghsrw.exe"    "6/19/1992 5:22 PM"    ""
+ "gusvc"    "Google Updater Service: gusvc"    "Google"    "c:\program files (x86)\google\common\google updater\googleupdaterservice.exe"    "12/14/2006 12:55 AM"    ""
+ "HitmanProScheduler"    "HitmanPro Scheduler: HitmanPro Scheduler controls scheduled scans"    "SurfRight B.V."    "c:\program files\hitmanpro\hmpsched.exe"    "1/15/2018 2:59 AM"    ""
+ "IDriverT"    "InstallDriver Table Manager: Provides support for the Running Object Table for InstallShield Drivers"    "Macrovision Corporation"    "c:\program files (x86)\common files\installshield\driver\11\intel 32\idrivert.exe"    "4/4/2005 12:41 AM"    ""
+ "iPod Service"    "iPod Service: iPod hardware management services"    "Apple Inc."    "c:\program files\ipod\bin\ipodservice.exe"    "12/6/2016 5:10 AM"    ""
+ "LBTServ"    "Logitech Bluetooth Service: Logitech Bluetooth Service"    "Logitech, Inc."    "c:\program files\common files\logishrd\bluetooth\lbtserv.exe"    "9/27/2011 1:57 PM"    ""
+ "MDM"    "Machine Debug Manager: Supports local and remote debugging for Visual Studio and script debuggers. If this service is stopped, the debuggers will not function properly."    "Microsoft Corporation"    "c:\program files (x86)\common files\microsoft shared\vs7debug\mdm.exe"    "3/19/2003 4:55 AM"    ""
+ "Microsoft Office Groove Audit Service"    "Microsoft Office Groove Audit Service: Groove Audit Service"    "Microsoft Corporation"    "c:\program files (x86)\microsoft office\office12\grooveauditservice.exe"    "2/26/2009 7:44 AM"    ""
+ "MozillaMaintenance"    "Mozilla Maintenance Service: The Mozilla Maintenance Service ensures that you have the latest and most secure version of Mozilla Firefox on your computer. Keeping Firefox up to date is very important for your online security, and Mozilla strongly recommends that you keep this service enabled."    "Mozilla Foundation"    "c:\program files (x86)\mozilla maintenance service\maintenanceservice.exe"    "8/24/2017 8:40 AM"    ""
+ "MsMpSvc"    "Microsoft Antimalware Service: Helps protect users from malware and other potentially unwanted software"    "Microsoft Corporation"    "c:\program files\microsoft security client\msmpeng.exe"    "11/14/2016 11:52 PM"    ""
+ "MSSQL$PACCAR2"    "SQL Server (PACCAR2): Provides storage, processing and controlled access of data, and rapid transaction processing."    "Microsoft Corporation"    "c:\program files (x86)\microsoft sql server\mssql10_50.paccar2\mssql\binn\sqlservr.exe"    "3/27/2015 2:45 AM"    ""
+ "Nero BackItUp Scheduler 4.0"    "Nero BackItUp Scheduler 4.0: Nero BackItUp Scheduler 4.0 is responsible to control all jobs created using Nero BackItUp. These jobs can create backups of selected files/folders/partitions or complete hard disk to hard disk, network drive, disc or FTP."    "Nero AG"    "c:\program files (x86)\common files\nero\nero backitup 4\nbservice.exe"    "12/5/2008 7:25 AM"    ""
+ "NisSrv"    "Microsoft Network Inspection: Helps guard against intrusion attempts targeting known and newly discovered vulnerabilities in network protocols"    "Microsoft Corporation"    "c:\program files\microsoft security client\nissrv.exe"    "11/14/2016 11:52 PM"    ""
+ "nordvpn-service"    "nordvpn-service: nordvpn-service"    ""    "c:\program files (x86)\nordvpn\nordvpn-service.exe"    "2/20/2018 5:00 AM"    ""
+ "nosGetPlusHelper"    "getPlus® Helper 3004: getPlus® Helper"    "NOS Microsystems Ltd."    "c:\program files (x86)\nos\bin\getplus_helper_3004.dll"    "12/14/2009 8:43 AM"    ""
+ "NTI IScheduleSvc"    "NTI IScheduleSvc: NTI IShadow Manage backup/Sync jobs and  etc..."    "NewTech Infosystems, Inc."    "c:\program files (x86)\newtech infosystems\gateway mybackup\ischedulesvc.exe"    "8/12/2009 1:34 AM"    ""
+ "NvContainerLocalSystem"    "NVIDIA LocalSystem Container: Container service for NVIDIA root features"    "NVIDIA Corporation"    "c:\program files\nvidia corporation\nvcontainer\nvcontainer.exe"    "11/11/2016 4:15 PM"    ""
+ "NvContainerNetworkService"    "NVIDIA NetworkService Container: Container service for NVIDIA network features"    "NVIDIA Corporation"    "c:\program files\nvidia corporation\nvcontainer\nvcontainer.exe"    "11/11/2016 4:15 PM"    ""
+ "NVDisplay.ContainerLocalSystem"    "NVIDIA Display Container LS: Container service for NVIDIA root features"    "NVIDIA Corporation"    "c:\program files\nvidia corporation\display.nvcontainer\nvdisplay.container.exe"    "1/3/2018 7:18 PM"    ""
+ "NVIDIA Wireless Controller Service"    "NVIDIA Wireless Controller Service: NVIDIA Wireless Controller Service"    "NVIDIA Corporation"    "c:\program files\nvidia corporation\geforce experience service\nvwirelesscontroller.exe"    "11/16/2016 11:37 AM"    ""
+ "odserv"    "Microsoft Office Diagnostics Service: Run portions of Microsoft Office Diagnostics."    "Microsoft Corporation"    "c:\program files (x86)\common files\microsoft shared\office12\odserv.exe"    "7/20/2011 12:12 AM"    ""
+ "ose"    "Office  Source Engine: Saves installation files used for updates and repairs and is required for the downloading of Setup updates and Watson error reports."    "Microsoft Corporation"    "c:\program files (x86)\common files\microsoft shared\source engine\ose.exe"    "9/12/2017 3:22 AM"    ""
+ "PSI_SVC_2"    "Protexis Licensing V2: This service provides Protexis licensing functionalty."    "Protexis Inc."    "c:\program files (x86)\common files\protexis\license service\psiservice_2.exe"    "7/24/2007 1:15 PM"    ""
+ "RichVideo64"    "Cyberlink RichVideo64 Service(CRVS): RichVideo Module"    ""    "c:\program files\cyberlink\shared files\richvideo64.exe"    "2/12/2012 9:44 PM"    ""
+ "SamsungAllShareV2.0"    "Samsung AllShare PC: Samsung AllShare Service"    "Samsung Electronics Co., Ltd."    "c:\program files (x86)\samsung\allshare\allsharedms\allsharedms.exe"    "3/2/2012 2:59 AM"    ""
+ "SDScannerService"    "Spybot-S&D 2 Scanner Service: Offers malware scanning services to Spybot-S&D modules"    "Safer-Networking Ltd."    "c:\program files (x86)\spybot - search & destroy 2\sdfssvc.exe"    "4/25/2014 7:12 AM"    ""
+ "SDUpdateService"    "Spybot-S&D 2 Updating Service: Downloads Spybot updates and installs them."    "Safer-Networking Ltd."    "c:\program files (x86)\spybot - search & destroy 2\sdupdsvc.exe"    "6/27/2014 4:52 AM"    ""
+ "SDWSCService"    "Spybot-S&D 2 Security Center Service: Integrates Spybot into the Windows Security Center."    "Safer-Networking Ltd."    "c:\program files (x86)\spybot - search & destroy 2\sdwscsvc.exe"    "11/24/2016 5:34 AM"    ""
+ "SimpleSlideShowServer"    "SimpleSlideShowServer: Samsung AllShare SlideShow Service"    "Samsung Electronics Co., Ltd."    "c:\program files (x86)\samsung\allshare\allshareslideshowservice.exe"    "3/2/2012 2:59 AM"    ""
+ "SkypeUpdate"    "Skype Updater: Enables the detection, download and installation of updates for Skype."    "Skype Technologies"    "c:\program files (x86)\skype\updater\updater.exe"    "12/11/2014 5:20 AM"    ""
+ "SpyHunter 4 Service"    "SpyHunter4 Service: Service scanner interface"    "Enigma Software Group USA, LLC."    "c:\program files\enigma software group\spyhunter\sh4service.exe"    "7/26/2017 7:30 AM"    ""
+ "SQLWriter"    "SQL Server VSS Writer: Provides the interface to backup/restore Microsoft SQL server through the Windows VSS infrastructure."    "Microsoft Corporation"    "c:\program files\microsoft sql server\90\shared\sqlwriter.exe"    "4/2/2010 6:11 PM"    ""
+ "ss_conn_service"    "SAMSUNG Mobile Connectivity Service: MSS CS Connectivity Service"    "DEVGURU Co., LTD."    "c:\program files (x86)\samsung\usb drivers\27_ssconn\conn\ss_conn_service.exe"    "1/16/2017 1:03 AM"    ""
+ "Steam Client Service"    "Steam Client Service: Steam Client Service monitors and updates Steam content"    "Valve Corporation"    "c:\program files (x86)\common files\steam\steamservice.exe"    "3/23/2012 3:57 PM"    ""
+ "syncagentsrv"    "Acronis Sync Agent Service: Acronis Sync Agent Service"    "Acronis"    "c:\program files (x86)\common files\acronis\syncagent\syncagentsrv.exe"    "11/6/2015 7:50 AM"    ""
+ "Updater Service"    "Updater Service: Acer Update Service"    "Acer"    "c:\program files\gateway\gateway updater\updaterservice.exe"    "7/3/2009 5:44 AM"    ""
+ "UPSMONService"    "UPSMONService: "    ""    "c:\program files (x86)\upsmon\upsmon_service.exe"    "6/19/1992 5:22 PM"    ""
+ "WinDefend"    "Windows Defender: Protection against spyware and potentially unwanted software"    "Microsoft Corporation"    "c:\program files\windows defender\mpsvc.dll"    "5/27/2013 12:51 AM"    ""
+ "WMPNetworkSvc"    "Windows Media Player Network Sharing Service: Shares Windows Media Player libraries to other networked players and media devices using Universal Plug and Play"    "Microsoft Corporation"    "c:\program files\windows media player\wmpnetwk.exe"    "11/20/2010 6:18 AM"    ""
+ "WsAppService"    "Wondershare Application Framework Service: Wondershare Application Framework Service"    "Wondershare"    "c:\program files (x86)\wondershare\waf\2.4.3.224\wsappservice.exe"    "4/20/2017 1:39 AM"    ""
+ "WsDrvInst"    "Wondershare Driver Install Service: Wondershare Driver Install Service"    "Wondershare"    "c:\program files (x86)\wondershare\dr.fone for android\driverinstall.exe"    "9/21/2016 5:49 AM"    ""
+ "WtuSystemSupport"    "WtuSystemSupport: WtuSyste Application"    ""    "c:\program files (x86)\avg web tuneup\wtusystemsupport.exe"    "9/15/2016 4:24 AM"    ""
"HKLM\System\CurrentControlSet\Services"    ""    ""    ""    "3/10/2018 2:42 PM"    ""
+ "adfs"    "adfs: Adobe Drive File System Driver"    "Adobe Systems, Inc."    "c:\windows\system32\drivers\adfs.sys"    "6/26/2008 3:52 PM"    ""
+ "adp94xx"    "adp94xx: Adaptec Windows SAS/SATA Storport Driver"    "Adaptec, Inc."    "c:\windows\system32\drivers\adp94xx.sys"    "12/5/2008 6:54 PM"    ""
+ "adpahci"    "adpahci: Adaptec Windows SATA Storport Driver"    "Adaptec, Inc."    "c:\windows\system32\drivers\adpahci.sys"    "5/1/2007 12:30 PM"    ""
+ "adpu320"    "adpu320: Adaptec StorPort Ultra320 SCSI Driver (X64)"    "Adaptec, Inc."    "c:\windows\system32\drivers\adpu320.sys"    "2/27/2007 7:04 PM"    ""
+ "aliide"    "aliide: ALi mini IDE Driver"    "Acer Laboratories Inc."    "c:\windows\system32\drivers\aliide.sys"    "7/13/2009 6:19 PM"    ""
+ "amdkmdag"    "amdkmdag: ATI Radeon Kernel Mode Driver"    "ATI Technologies Inc."    "c:\windows\system32\drivers\atikmdag.sys"    "4/24/2009 5:51 AM"    ""
+ "amdkmdap"    "amdkmdap: AMD multi-vendor Miniport Driver"    "Advanced Micro Devices, Inc."    "c:\windows\system32\drivers\atikmpag.sys"    "12/23/2016 11:58 AM"    ""
+ "amdsata"    "amdsata: AHCI 1.2 Device Driver"    "Advanced Micro Devices"    "c:\windows\system32\drivers\amdsata.sys"    "3/18/2010 7:45 PM"    ""
+ "amdsbs"    "amdsbs: AMD Technology AHCI Compatible Controller Driver for Windows - AMD64 platform"    "AMD Technologies Inc."    "c:\windows\system32\drivers\amdsbs.sys"    "3/20/2009 1:36 PM"    ""
+ "amdxata"    "amdxata: Storage Filter Driver"    "Advanced Micro Devices"    "c:\windows\system32\drivers\amdxata.sys"    "3/19/2010 11:18 AM"    ""
+ "anodlwf"    "ANOD Network Security Filter driver: ANOD Network Security Filter driver"    ""    "c:\windows\system32\drivers\anodlwfx.sys"    "3/6/2009 5:10 AM"    ""
+ "anvsnddrv"    "AnvSoft Virtual Sound Device: AnvSoft Virtual Audio Device"    "AnvSoft Inc."    "c:\windows\system32\drivers\anvsnddrv.sys"    "11/14/2011 3:17 AM"    ""
+ "arc"    "arc: Adaptec RAID Storport Driver"    "Adaptec, Inc."    "c:\windows\system32\drivers\arc.sys"    "5/24/2007 4:27 PM"    ""
+ "arcsas"    "arcsas: Adaptec SAS RAID WS03 Driver"    "Adaptec, Inc."    "c:\windows\system32\drivers\arcsas.sys"    "1/14/2009 2:27 PM"    ""
+ "athr"    "Atheros Extensible Wireless LAN device driver: Atheros Extensible Wireless LAN device driver"    "Atheros Communications, Inc."    "c:\windows\system32\drivers\athrx.sys"    "11/5/2010 7:03 PM"    ""
+ "AtiHdmiService"    "ATI Service for HD Audio Codec: Ati High Definition Audio Function Driver"    "ATI Research Inc."    "c:\windows\system32\drivers\atihdmi.sys"    "6/5/2009 3:31 AM"    ""
+ "atikmdag"    "atikmdag: ATI Radeon Kernel Mode Driver"    "ATI Technologies Inc."    "c:\windows\system32\drivers\atikmdag.sys"    "4/24/2009 5:51 AM"    ""
+ "AtiPcie"    "AMD PCI Express (3GIO) Filter: AMD PCIE Filter Driver for ATI PCIE chipset"    "Advanced Micro Devices Inc."    "c:\windows\system32\drivers\atipcie.sys"    "5/5/2009 10:00 AM"    ""
+ "b06bdrv"    "Broadcom NetXtreme II VBD: Broadcom NetXtreme II GigE VBD"    "Broadcom Corporation"    "c:\windows\system32\drivers\bxvbda.sys"    "2/13/2009 5:18 PM"    ""
+ "b57nd60a"    "Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0: Broadcom NetXtreme Gigabit Ethernet NDIS6.x Unified Driver."    "Broadcom Corporation"    "c:\windows\system32\drivers\b57nd60a.sys"    "4/26/2009 6:14 AM"    ""
+ "BazisVirtualCDBus"    "WinCDEmu Virtual Bus Driver: WinCDEmu virtual CDROM bus"    "SysProgs.org"    "c:\windows\system32\drivers\bazisvirtualcdbus.sys"    "8/8/2011 1:11 PM"    ""
+ "bcbtums"    "Bluetooth RAM Firmware Download USB Filter: Broadcom Bluetooth Firmware Download Filter"    "Broadcom Corporation."    "c:\windows\system32\drivers\bcbtums.sys"    "3/27/2012 4:06 PM"    ""
+ "blackberryncm"    "BlackBerryNCM Service: BlackBerry CDC/NCM Driver"    "BlackBerry"    "c:\windows\system32\drivers\blackberryncm6_amd64.sys"    "9/4/2013 1:12 PM"    ""
+ "BrFiltLo"    "Brother USB Mass-Storage Lower Filter Driver: Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver"    "Brother Industries, Ltd."    "c:\windows\system32\drivers\brfiltlo.sys"    "8/6/2006 8:51 PM"    ""
+ "BrFiltUp"    "Brother USB Mass-Storage Upper Filter Driver: Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver"    "Brother Industries, Ltd."    "c:\windows\system32\drivers\brfiltup.sys"    "8/6/2006 8:51 PM"    ""
+ "Brserid"    "Brother MFC Serial Port Interface Driver (WDM): Brotehr Serial I/F Driver (WDM)"    "Brother Industries Ltd."    "c:\windows\system32\drivers\brserid.sys"    "8/6/2006 8:51 PM"    ""
+ "BrSerWdm"    "Brother WDM Serial driver: Brother Serial driver (WDM version)"    "Brother Industries Ltd."    "c:\windows\system32\drivers\brserwdm.sys"    "8/6/2006 8:51 PM"    ""
+ "BrUsbMdm"    "Brother MFC USB Fax Only Modem: Brother USB MDM Driver "    "Brother Industries Ltd."    "c:\windows\system32\drivers\brusbmdm.sys"    "8/6/2006 8:51 PM"    ""
+ "BrUsbSer"    "Brother MFC USB Serial WDM Driver: Brother USB Serial Driver"    "Brother Industries Ltd."    "c:\windows\system32\drivers\brusbser.sys"    "8/9/2006 7:11 AM"    ""
+ "BstkDrv"    "BlueStacks Plus Hypervisor: Bluestacks Support Driver"    "Bluestack System Inc. "    "c:\program files (x86)\bluestacks\bstkdrv.sys"    "11/7/2017 9:02 AM"    ""
+ "btwampfl"    "btwampfl Bluetooth filter driver: Broadcom Bluetooth USB AMP Filter for Windows Vista"    "Broadcom Corporation."    "c:\windows\system32\drivers\btwampfl.sys"    "3/29/2012 1:51 PM"    ""
+ "btwaudio"    "Bluetooth Audio Device Service: Bluetooth Audio Device"    "Broadcom Corporation."    "c:\windows\system32\drivers\btwaudio.sys"    "3/28/2012 5:34 PM"    ""
+ "btwavdt"    "Bluetooth AVDT Service: Broadcom Bluetooth AVDT Service"    "Broadcom Corporation."    "c:\windows\system32\drivers\btwavdt.sys"    "3/1/2012 4:45 PM"    ""
+ "btwl2cap"    "Bluetooth L2CAP Service: Broadcom Bluetooth L2CAP Service"    "Broadcom Corporation."    "c:\windows\system32\drivers\btwl2cap.sys"    "8/27/2011 5:58 PM"    ""
+ "btwrchid"    "btwrchid: Bluetooth Remote Control HID Minidriver"    "Broadcom Corporation."    "c:\windows\system32\drivers\btwrchid.sys"    "3/1/2012 4:46 PM"    ""
+ "cbfs3"    "EldoS Callback File System driver v3: Callback File System Driver"    "EldoS Corporation"    "c:\windows\system32\drivers\cbfs3.sys"    "4/9/2012 8:21 AM"    ""
+ "cmdide"    "cmdide: CMD PCI IDE Bus Driver"    "CMD Technology, Inc."    "c:\windows\system32\drivers\cmdide.sys"    "7/13/2009 6:19 PM"    ""
+ "ctxusbm"    "Citrix USB Monitor Driver: Citrix USB Filter Driver"    "Citrix Systems, Inc."    "c:\windows\system32\drivers\ctxusbm.sys"    "2/3/2012 9:36 AM"    ""
+ "dg_ssudbus"    "SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.): SAMSUNG USB Composite Device Driver"    "Samsung Electronics Co., Ltd."    "c:\windows\system32\drivers\ssudbus.sys"    "8/24/2016 3:00 AM"    ""
+ "dgderdrv"    "dgderdrv: "    ""    "File not found: System32\drivers\dgderdrv.sys"    ""    ""
+ "ebdrv"    "Broadcom NetXtreme II 10 GigE VBD: Broadcom NetXtreme II 10 GigE VBD"    "Broadcom Corporation"    "c:\windows\system32\drivers\evbda.sys"    "12/31/2008 11:29 AM"    ""
+ "elxstor"    "elxstor: Storport Miniport Driver for LightPulse HBAs"    "Emulex"    "c:\windows\system32\drivers\elxstor.sys"    "2/3/2009 5:52 PM"    ""
+ "epmntdrv"    "epmntdrv: "    ""    "c:\windows\system32\epmntdrv.sys"    "8/1/2016 2:10 AM"    ""
+ "EsgScanner"    "EsgScanner: Enigma Scan filter"    ""    "c:\windows\system32\drivers\esgscanner.sys"    "5/31/2012 2:38 AM"    ""
+ "EuGdiDrv"    "EuGdiDrv: "    ""    "c:\windows\system32\eugdidrv.sys"    "9/15/2009 2:13 AM"    ""
+ "ewusbnet"    "HUAWEI USB-NDIS miniport: USB NDIS Miniport Driver"    "Huawei Technologies Co., Ltd."    "c:\windows\system32\drivers\ewusbnet.sys"    "10/21/2009 6:46 AM"    ""
+ "file_tracker"    "file_tracker: Acronis File Tracker Driver"    "Acronis International GmbH"    "c:\windows\system32\drivers\file_tracker.sys"    "11/3/2015 12:26 PM"    ""
+ "fltsrv"    "Acronis Storage Filter Management: Acronis Storage Filter Management Driver"    "Acronis International GmbH"    "c:\windows\system32\drivers\fltsrv.sys"    "11/3/2015 11:22 AM"    ""
+ "FLxHCIc"    "Fresco Logic xHCI (USB3) Device Driver: Fresco Logic xHCI (USB3) Bus Driver"    "Fresco Logic"    "c:\windows\system32\drivers\flxhcic.sys"    "1/9/2014 8:03 AM"    ""
+ "FLxHCIh"    "Fresco Logic xHCI (USB3) Hub Device Driver: Fresco Logic xHCI (USB3) Hub Driver"    "Fresco Logic"    "c:\windows\system32\drivers\flxhcih.sys"    "1/9/2014 8:03 AM"    ""
+ "GEARAspiWDM"    "GEAR ASPI Filter Driver: CD DVD Filter"    "GEAR Software Inc."    "c:\windows\system32\drivers\gearaspiwdm.sys"    "5/3/2012 2:56 PM"    ""
+ "GPUZ"    "GPUZ: "    ""    "File not found: C:\Users\Randy\AppData\Local\Temp\GPUZ.sys"    ""    ""
+ "hcmon"    "VMware hcmon: VMware USB Host Controller Monitor"    ""    "File not found: system32\DRIVERS\hcmon.sys"    ""    ""
+ "hcw85cir"    "Hauppauge Consumer Infrared Receiver: Hauppauge WinTV 885 Consumer IR Driver for eHome"    "Hauppauge Computer Works, Inc."    "c:\windows\system32\drivers\hcw85cir.sys"    "5/11/2009 3:26 AM"    ""
+ "HpSAMD"    "HpSAMD: Smart Array SAS/SATA Controller Media Driver"    "Hewlett-Packard Company"    "c:\windows\system32\drivers\hpsamd.sys"    "4/20/2010 1:32 PM"    ""
+ "hwdatacard"    "Huawei DataCard USB Modem and USB Serial: USB Modem/Serial Device Driver"    "Huawei Technologies Co., Ltd."    "c:\windows\system32\drivers\ewusbmdm.sys"    "9/10/2009 2:31 AM"    ""
+ "hwusbdev"    "Huawei DataCard USB PNP Device: USB Modem/Serial Device Driver"    "Huawei Technologies Co., Ltd."    "c:\windows\system32\drivers\ewusbdev.sys"    "10/12/2009 2:23 AM"    ""
+ "iaStorV"    "Intel RAID Controller Windows 7: Intel Matrix Storage Manager driver - x64"    "Intel Corporation"    "c:\windows\system32\drivers\iastorv.sys"    "6/10/2010 7:46 PM"    ""
+ "iirsp"    "iirsp: Intel/ICP Raid Storport Driver"    "Intel Corp./ICP vortex GmbH"    "c:\windows\system32\drivers\iirsp.sys"    "12/13/2005 4:47 PM"    ""
+ "IntcAzAudAddService"    "Service for Realtek HD Audio (WDM): Realtek® High Definition Audio Function Driver"    "Realtek Semiconductor Corp."    "c:\windows\system32\drivers\rtkvhd64.sys"    "6/16/2009 5:12 AM"    ""
+ "IOMap"    "IOMap: ASUS Kernel Mode Driver for NT "    "ASUSTeK Computer Inc."    "c:\windows\system32\drivers\iomap64.sys"    "10/22/2014 7:52 PM"    ""
+ "JSWPSLWF"    "JumpStart Wireless Filter Driver: JumpStart Wireless Filter Driver"    "Atheros Communications, Inc."    "c:\windows\system32\drivers\jswpslwfx.sys"    "5/15/2008 5:28 AM"    ""
+ "LEqdUsb"    "Logitech SetPoint Unifying KMDF USB Filter: Logitech Equad USB Driver."    "Logitech, Inc."    "c:\windows\system32\drivers\leqdusb.sys"    "9/2/2011 1:22 AM"    ""
+ "LGDDCDevice"    "LGDDCDevice: "    ""    "File not found: C:\Windows\system32\LGI2CDriver.sys"    ""    ""
+ "LGII2CDevice"    "LGII2CDevice: "    ""    "File not found: C:\Windows\system32\LGPII2CDriver.sys"    ""    ""
+ "LHidEqd"    "Logitech SetPoint Unifying KMDF HID Filter: Logitech HID Filter Driver."    "Logitech, Inc."    "c:\windows\system32\drivers\lhideqd.sys"    "9/2/2011 1:22 AM"    ""
+ "LHidFilt"    "Logitech SetPoint KMDF HID Filter Driver: Logitech HID Filter Driver."    "Logitech, Inc."    "c:\windows\system32\drivers\lhidfilt.sys"    "9/2/2011 1:23 AM"    ""
+ "Linksys_adapter_H"    "Linksys Adapter Network Driver: Broadcom 802.11 Network Adapter wireless driver"    "Broadcom Corporation"    "c:\windows\system32\drivers\ae1200w764.sys"    "3/28/2011 7:22 PM"    ""
+ "LMouFilt"    "Logitech SetPoint KMDF Mouse Filter Driver: Logitech Mouse Filter Driver."    "Logitech, Inc."    "c:\windows\system32\drivers\lmoufilt.sys"    "9/2/2011 1:23 AM"    ""
+ "LSI_FC"    "LSI_FC: LSI Fusion-MPT FC Driver (StorPort)"    "LSI Corporation"    "c:\windows\system32\drivers\lsi_fc.sys"    "12/9/2008 5:46 PM"    ""
+ "LSI_SAS"    "LSI_SAS: LSI Fusion-MPT SAS Driver (StorPort)"    "LSI Corporation"    "c:\windows\system32\drivers\lsi_sas.sys"    "5/18/2009 7:20 PM"    ""
+ "LSI_SAS2"    "LSI_SAS2: LSI SAS Gen2 Driver (StorPort)"    "LSI Corporation"    "c:\windows\system32\drivers\lsi_sas2.sys"    "5/18/2009 7:31 PM"    ""
+ "LSI_SCSI"    "LSI_SCSI: LSI Fusion-MPT SCSI Driver (StorPort)"    "LSI Corporation"    "c:\windows\system32\drivers\lsi_scsi.sys"    "4/16/2009 5:13 PM"    ""
+ "LUsbFilt"    "Logitech SetPoint KMDF USB Filter: Logitech USB Filter Driver."    "Logitech, Inc."    "c:\windows\system32\drivers\lusbfilt.sys"    "9/2/2011 1:23 AM"    ""
+ "mcdbus"    "Driver for MagicISO SCSI Host Controller: MagicISO SCSI Host Controller"    "MagicISO, Inc."    "c:\windows\system32\drivers\mcdbus.sys"    "2/24/2009 5:34 AM"    ""
+ "megasas"    "megasas: MEGASAS RAID Controller Driver for Windows 7\Server 2008 R2 for x64"    "LSI Corporation"    "c:\windows\system32\drivers\megasas.sys"    "5/18/2009 8:09 PM"    ""
+ "MegaSR"    "MegaSR: LSI MegaRAID Software RAID Driver"    "LSI Corporation, Inc."    "c:\windows\system32\drivers\megasr.sys"    "5/18/2009 8:25 PM"    ""
+ "MpKslc7379215"    "MpKslc7379215: KSLDriver"    "Microsoft Corporation"    "c:\programdata\microsoft\microsoft antimalware\definition updates\{337fe8b4-5eed-4d97-a0a9-d15c5699d42a}\mpkslc7379215.sys"    "2/27/1989 8:54 PM"    ""
+ "Netaapl"    "Apple Mobile Device Ethernet Service: Apple Mobile Device Ethernet"    "Apple Inc."    "c:\windows\system32\drivers\netaapl64.sys"    "7/15/2013 5:39 PM"    ""
+ "netr28ux"    "D-Link dnetr28u USB Extensible Wireless LAN Card Driver: Ralink 802.11n Wireless Adapter Driver"    "Ralink Technology Corp."    "c:\windows\system32\drivers\dnetr28ux.sys"    "4/28/2011 1:18 AM"    ""
+ "netr28x"    "Ralink 802.11n Extensible Wireless Driver: Ralink 802.11 Wireless Adapter Driver"    "Ralink Technology, Corp."    "c:\windows\system32\drivers\netr28x.sys"    "6/19/2009 2:56 AM"    ""
+ "nfrd960"    "nfrd960: IBM ServeRAID Controller Driver"    "IBM Corporation"    "c:\windows\system32\drivers\nfrd960.sys"    "6/6/2006 4:11 PM"    ""
+ "NLNdisMP"    "NLNdisMP: "    ""    "File not found: system32\DRIVERS\nlndis.sys"    ""    ""
+ "NLNdisPT"    "NetLimiter Ndis Protocol Service: "    ""    "File not found: system32\DRIVERS\nlndis.sys"    ""    ""
+ "npf"    "NetGroup Packet Filter Driver: npf.sys (NT5/6 AMD64) Kernel Driver"    "CACE Technologies, Inc."    "c:\windows\system32\drivers\npf.sys"    "6/25/2010 11:50 AM"    ""
+ "NTIDrvr"    "NTIDrvr: NTI CD-ROM Filter Driver"    "NewTech Infosystems, Inc."    "c:\windows\system32\drivers\ntidrvr.sys"    "3/24/2009 10:09 PM"    ""
+ "NVHDA"    "Service for NVIDIA High Definition Audio Driver: NVIDIA HDMI Audio Driver"    "NVIDIA Corporation"    "c:\windows\system32\drivers\nvhda64v.sys"    "12/15/2017 3:17 AM"    ""
+ "nvlddmkm"    "nvlddmkm: NVIDIA Windows Kernel Mode Driver, Version 390.65 "    "NVIDIA Corporation"    "c:\windows\system32\drivers\nvlddmkm.sys"    "1/3/2018 6:39 PM"    ""
+ "nvraid"    "nvraid: NVIDIA® nForce™ RAID Driver"    "NVIDIA Corporation"    "c:\windows\system32\drivers\nvraid.sys"    "3/19/2010 3:59 PM"    ""
+ "nvstor"    "nvstor: NVIDIA® nForce™ Sata Performance Driver"    "NVIDIA Corporation"    "c:\windows\system32\drivers\nvstor.sys"    "3/19/2010 3:45 PM"    ""
+ "NvStreamKms"    "NVIDIA KMS: Nvidia Streaming Kernel Service"    "NVIDIA Corporation"    "c:\program files\nvidia corporation\nvstreamsrv\nvstreamkms.sys"    "11/3/2016 3:09 PM"    ""
+ "nvvad_WaveExtensible"    "NVIDIA Virtual Audio Device (Wave Extensible) (WDM): NVIDIA Virtual Audio Driver"    "NVIDIA Corporation"    "c:\windows\system32\drivers\nvvad64v.sys"    "10/4/2016 2:20 AM"    ""
+ "nvvhci"    "NVVHCI Enumerator Service: Virtual USB Host Controller driver"    "NVIDIA Corporation"    "c:\windows\system32\drivers\nvvhci.sys"    "12/27/2016 8:44 PM"    ""
+ "PCAMp50a64"    "PCAMp50a64 NDIS Protocol Driver: PCAUSA NDIS 5.0 MPR Protocol Driver (AMD64)"    "Printing Communications Assoc., Inc. (PCAUSA)"    "c:\windows\system32\drivers\pcamp50a64.sys"    "11/28/2006 9:45 PM"    ""
+ "PCASp50a64"    "PCASp50a64 NDIS Protocol Driver: PCAUSA NDIS 5.0 SPR Protocol Driver (AMD64)"    "Printing Communications Assoc., Inc. (PCAUSA)"    "c:\windows\system32\drivers\pcasp50a64.sys"    "11/28/2006 9:45 PM"    ""
+ "PcaSp60"    "Rawether NDIS 6.X SPR Protocol Driver: Rawether NDIS 6.X SPR Protocol Driver"    "Printing Communications Assoc., Inc. (PCAUSA)"    "c:\windows\system32\drivers\pcasp60.sys"    "9/7/2010 1:27 PM"    ""
+ "pccsmcfd"    "PCCS Mode Change Filter Driver: "    ""    "File not found: system32\DRIVERS\pccsmcfdx64.sys"    ""    ""
+ "psadd"    "Lenovo Parties Service Access Device Driver: SMBIOS Driver"    "Lenovo Information Product(ShenZhen China) Inc."    "c:\windows\system32\drivers\psadd.sys"    "12/26/2011 8:09 PM"    ""
+ "ql2300"    "ql2300: QLogic Fibre Channel Stor Miniport Driver"    "QLogic Corporation"    "c:\windows\system32\drivers\ql2300.sys"    "1/22/2009 6:05 PM"    ""
+ "ql40xx"    "ql40xx: QLogic iSCSI Storport Miniport Driver"    "QLogic Corporation"    "c:\windows\system32\drivers\ql40xx.sys"    "5/18/2009 8:18 PM"    ""
+ "RimUsb"    "BlackBerry Smartphone: BlackBerry Device Driver"    "Research In Motion Limited"    "c:\windows\system32\drivers\rimusb_amd64.sys"    "6/20/2013 10:05 AM"    ""
+ "rimvndis"    "BlackBerry Virtual Private Network: RIM Tunnel Driver"    "Research in Motion Limited"    "c:\windows\system32\drivers\rimvndis6_amd64.sys"    "3/20/2013 8:56 AM"    ""
+ "RimVSerPort"    "RIM Virtual Serial Port v2: RIM Virtual Serial Driver"    "Research in Motion Ltd"    "c:\windows\system32\drivers\rimserial_amd64.sys"    "10/22/2012 3:51 PM"    ""
+ "RTCore64"    "RTCore64: "    ""    "c:\program files (x86)\evga precision x\rtcore64.sys"    "3/11/2013 12:32 AM"    ""
+ "RTL8192su"    "%RTL8192su.DeviceDesc.DispName%: "    ""    "File not found: system32\DRIVERS\RTL8192su.sys"    ""    ""
+ "SiSRaid2"    "SiSRaid2: SiS RAID Stor Miniport Driver"    "Silicon Integrated Systems Corp."    "c:\windows\system32\drivers\sisraid2.sys"    "9/24/2008 1:28 PM"    ""
+ "SiSRaid4"    "SiSRaid4: SiS AHCI Stor-Miniport Driver"    "Silicon Integrated Systems"    "c:\windows\system32\drivers\sisraid4.sys"    "10/1/2008 4:56 PM"    ""
+ "SkyhawkeUSBLan"    "SkyhawkeUSBLan: Windows USBLAN Host Driver"    "Belcarra Technologies"    "c:\windows\system32\drivers\btblan.sys"    "4/9/2010 3:15 PM"    ""
+ "snapman"    "Acronis Snapshots Manager: Acronis Snapshot API"    "Acronis International GmbH"    "c:\windows\system32\drivers\snapman.sys"    "11/5/2015 4:25 PM"    ""
+ "SrvHsfPCI"    "SrvHsfPCI: HSF_HWB2 WDM driver"    "Conexant Systems, Inc."    "c:\windows\system32\drivers\vstbs26.sys"    "10/15/2008 7:54 PM"    ""
+ "SrvHsfV92"    "SrvHsfV92: HSF_DP driver"    "Conexant Systems, Inc."    "c:\windows\system32\drivers\vstdpv6.sys"    "10/15/2008 7:57 PM"    ""
+ "SrvHsfWinac"    "SrvHsfWinac: HSF_CNXT driver"    "Conexant Systems, Inc."    "c:\windows\system32\drivers\vstcnxt6.sys"    "10/15/2008 7:52 PM"    ""
+ "ssudmdm"    "SAMSUNG  Mobile USB Modem Drivers (DEVGURU Ver.): SAMSUNG  Mobile USB Modem Drivers (DEVGURU Ver.)"    "Samsung Electronics Co., Ltd."    "c:\windows\system32\drivers\ssudmdm.sys"    "8/24/2016 3:00 AM"    ""
+ "stexstor"    "stexstor: Promise  SuperTrak EX Series Driver for Windows "    "Promise Technology"    "c:\windows\system32\drivers\stexstor.sys"    "2/17/2009 6:03 PM"    ""
+ "swg3kser00"    "Sierra Wireless QMI USB Device for Legacy Serial Communication: USB Modem/Serial Device Driver"    "Sierra Wireless Incorporated"    "c:\windows\system32\drivers\swg3kser00.sys"    "5/13/2011 3:54 PM"    ""
+ "swiwdmbx"    "Sierra Wireless USB Bus Service: Sierra Wireless USB composite bus driver"    "Sierra Wireless Inc."    "c:\windows\system32\drivers\swiwdmbx64.sys"    "5/16/2011 1:44 PM"    ""
+ "swmsflt"    "USB Mass Storage Filter Driver: "    ""    "File not found: system32\DRIVERS\swmsflt.sys"    ""    ""
+ "SWMX00"    "Sierra Wireless USB MUX Driver (#00): Sierra Wireless USB MUX Driver"    "Sierra Wireless Inc."    "c:\windows\system32\drivers\swmx00.sys"    "2/25/2009 4:07 PM"    ""
+ "SWNC5E00"    "Sierra Wireless MUX NDIS Driver (#00): Sierra Wireless NDIS Driver"    "Sierra Wireless Inc."    "c:\windows\system32\drivers\swnc5e00.sys"    "2/25/2009 6:02 PM"    ""
+ "SWNC8UA3"    "Sierra Wireless MUX NDIS Driver (UMTSA3): Sierra Wireless NDIS 6.20 Driver"    "Sierra Wireless Inc."    "c:\windows\system32\drivers\swnc8ua3.sys"    "5/28/2011 1:45 PM"    ""
+ "SWUMX20"    "Sierra Wireless USB MUX Driver (UMTS20): "    ""    "File not found: system32\DRIVERS\swumx20.sys"    ""    ""
+ "SWUMXA3"    "Sierra Wireless USB MUX Driver (UMTSA3): Sierra Wireless USB MUX Driver"    "Sierra Wireless Inc."    "c:\windows\system32\drivers\swumxa3.sys"    "7/22/2009 6:47 PM"    ""
+ "tap0901"    "TAP-Windows Adapter V9: TAP-Windows Virtual Network Driver"    "The OpenVPN Project"    "c:\windows\system32\drivers\tap0901.sys"    "8/22/2013 7:40 AM"    ""
+ "tapnordvpn"    "TAP-NordVPN Windows Adapter V9: TAP-Windows Virtual Network Driver (NDIS 6.0)"    "The OpenVPN Project"    "c:\windows\system32\drivers\tapnordvpn.sys"    "3/17/2017 5:39 AM"    ""
+ "tib"    "Acronis TIB Manager: Acronis Backup Archive Explorer"    "Acronis International GmbH"    "c:\windows\system32\drivers\tib.sys"    "11/3/2015 1:30 PM"    ""
+ "tib_mounter"    "Acronis TIB Mounter: Acronis TIB Mounter Driver"    "Acronis International GmbH"    "c:\windows\system32\drivers\tib_mounter.sys"    "11/3/2015 2:14 PM"    ""
+ "tnd"    "Acronis Try&Decide filter: Acronis Try&Decide Volume Filter Driver"    "Acronis International GmbH"    "c:\windows\system32\drivers\tnd.sys"    "11/3/2015 3:51 PM"    ""
+ "UBHelper"    "UBHelper: NTI CDROM Filter Driver"    "NewTech Infosystems Corporation"    "c:\windows\system32\drivers\ubhelper.sys"    "4/27/2009 3:48 AM"    ""
+ "USBAAPL64"    "Apple Mobile USB Driver: Apple Mobile Device USB Driver"    "Apple, Inc."    "c:\windows\system32\drivers\usbaapl64.sys"    "6/11/2015 1:08 AM"    ""
+ "usbbus"    "LGE Mobile Composite USB Device: LG CDMA USB Multi function Driver"    "LG Electronics Inc."    "c:\windows\system32\drivers\lgx64bus.sys"    "2/14/2011 1:12 AM"    ""
+ "UsbDiag"    "LGE Mobile USB Serial Port: LGE Mobile USB Serial Port"    "LG Electronics Inc."    "c:\windows\system32\drivers\lgx64diag.sys"    "2/14/2011 1:12 AM"    ""
+ "UsbGps"    "LGE Mobile USB GPS NMEA Port: LGE Mobile USB GPS NMEA Port"    "LG Electronics Inc."    "c:\windows\system32\drivers\lgx64gps.sys"    "2/14/2011 1:12 AM"    ""
+ "USBModem"    "LGE Mobile USB Modem: LGE Mobile Modem Support"    "LG Electronics Inc."    "c:\windows\system32\drivers\lgx64modem.sys"    "2/14/2011 1:12 AM"    ""
+ "viaide"    "viaide: VIA Generic PCI IDE Bus Driver"    "VIA Technologies, Inc."    "c:\windows\system32\drivers\viaide.sys"    "7/13/2009 6:19 PM"    ""
+ "virtual_file"    "Acronis Virtual File Driver: Acronis Virtual File"    "Acronis International GmbH"    "c:\windows\system32\drivers\virtual_file.sys"    "11/22/2015 10:42 AM"    ""
+ "vmkbd3"    "VMware Input Filter and Injection Driver (vmkbd): VMware VMware Input Filter and Injection Driver (64-bit)"    "VMware, Inc."    "c:\windows\system32\drivers\vmkbd.sys"    "8/18/2016 12:50 AM"    ""
+ "VMnetAdapter"    "VMware Virtual Ethernet Adapter Driver: Driver for VMware's Virtual Ethernet Adapters Ver. 2"    ""    "File not found: system32\DRIVERS\vmnetadapter.sys"    ""    ""
+ "VMnetBridge"    "VMware Bridge Protocol: VMware Bridge Protocol"    ""    "File not found: system32\DRIVERS\vmnetbridge.sys"    ""    ""
+ "VMnetUserif"    "VMware Virtual Ethernet Userif for VMnet: VMware Virtual Ethernet Userif for VMnet"    ""    "File not found: system32\DRIVERS\vmnetuserif.sys"    ""    ""
+ "vmx86"    "VMware vmx86: VMware vmx86 driver"    ""    "File not found: system32\DRIVERS\vmx86.sys"    ""    ""
+ "vsmraid"    "vsmraid: VIA RAID DRIVER FOR AMD-X86-64"    "VIA Technologies Inc.,Ltd"    "c:\windows\system32\drivers\vsmraid.sys"    "1/30/2009 8:18 PM"    ""
+ "vsock"    "vSockets Virtual Machine Communication Interface Sockets driver: vSockets Driver"    "VMware, Inc."    "c:\windows\system32\drivers\vsock.sys"    "6/22/2016 3:09 AM"    ""
+ "WDC_SAM"    "WD SCSI Pass Thru driver: Manages WD external storage products."    "Western Digital Technologies"    "c:\windows\system32\drivers\wdcsam64.sys"    "4/16/2008 3:39 AM"    ""
+ "WN111v2"    "NETGEAR WN111v2 USB2.0 Wireless Card Service: "    ""    "File not found: system32\DRIVERS\WN111v2w7x.sys"    ""    ""
+ "yukonw7"    "NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller: NDIS6.20 Miniport Driver for Marvell Yukon Ethernet Controller"    "Marvell"    "c:\windows\system32\drivers\yk62x64.sys"    "9/8/2011 2:34 AM"    ""
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Font Drivers"    ""    ""    ""    "7/13/2009 11:53 PM"    ""
+ "Adobe Type Manager"    "Windows NT OpenType/Type 1 Font Driver"    "Adobe Systems Incorporated"    "c:\windows\system32\atmfd.dll"    "1/5/2018 10:58 AM"    ""
"HKCU\Software\Microsoft\Windows NT\CurrentVersion\Drivers32"    ""    ""    ""    "1/5/2010 11:19 AM"    ""
+ "vidc.uldx"    "DivX® Codec for Windows"    "DivXNetworks, Inc."    "c:\program files (x86)\corel\corel videostudio 12\divx_ul.dll"    "11/11/2003 7:04 PM"    ""
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Drivers32"    ""    ""    ""    "1/13/2018 6:18 PM"    ""
+ "msacm.ac3filter"    ""    ""    "c:\windows\system32\ac3filter64.acm"    "8/11/2009 12:22 PM"    ""
+ "msacm.l3acm"    "MPEG Layer-3 Audio Codec for MSACM"    "Fraunhofer Institut Integrierte Schaltungen IIS"    "c:\windows\system32\l3codeca.acm"    "7/13/2009 8:28 PM"    ""
+ "VIDC.RTV1"    ""    ""    "c:\windows\system32\rtvcvfw64.dll"    "9/28/2012 2:45 PM"    ""
"HKLM\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Drivers32"    ""    ""    ""    "1/13/2018 6:18 PM"    ""
+ "msacm.ac3filter"    ""    ""    "c:\windows\syswow64\ac3filter.acm"    "8/11/2009 12:18 PM"    ""
+ "msacm.dvacm"    "Ulead DV Audio ACM Driver"    "Corel TW Corp."    "c:\program files (x86)\common files\ulead systems\vio\dvacm.acm"    "2/25/2008 1:30 AM"    ""
+ "msacm.iac2"    "Indeo® audio software"    "Intel Corporation"    "c:\windows\syswow64\iac25_32.ax"    "7/13/2009 8:05 PM"    ""
+ "msacm.l3acm"    "MPEG Audio Layer-3 Codec for MSACM"    "Fraunhofer Institut Integrierte Schaltungen IIS"    "c:\windows\syswow64\l3codecp.acm"    "7/13/2009 8:06 PM"    ""
+ "msacm.MPEGacm"    "Ulead MPEG1 Layer2 Audio ACM Driver"    "Ulead Systems, Inc."    "c:\program files (x86)\common files\ulead systems\mpeg\mpegacm.acm"    "5/5/2008 11:54 PM"    ""
+ "msacm.ulmp3acm"    "Ulead MP3 codec engine"    "Ulead systems"    "c:\program files (x86)\common files\ulead systems\mpeg\ulmp3acm.acm"    "1/23/2006 1:58 AM"    ""
+ "vidc.cvid"    "Cinepak® Codec"    "Radius Inc."    "c:\windows\syswow64\iccvid.dll"    "11/20/2010 6:59 AM"    ""
+ "vidc.i420"    "Helix I420 YUV Codec"    "www.helixcommunity.org"    "c:\windows\syswow64\i420vfw.dll"    "1/25/2004 11:18 AM"    ""
+ "vidc.iv31"    ""    "Intel® Corporation"    "c:\windows\syswow64\ir32_32.dll"    "7/13/2009 8:06 PM"    ""
+ "vidc.iv32"    ""    "Intel® Corporation"    "c:\windows\syswow64\ir32_32.dll"    "7/13/2009 8:06 PM"    ""
+ "vidc.iv50"    "Intel Indeo® video 5.10"    "Intel Corporation"    "c:\windows\syswow64\ir50_32.dll"    "7/13/2009 8:06 PM"    ""
+ "VIDC.RTV1"    ""    ""    "c:\windows\syswow64\rtvcvfw32.dll"    "9/28/2012 2:45 PM"    ""
+ "vidc.VP60"    "VP6 VIDEO FOR WINDOWS CODEC "    "On2.com"    "c:\windows\syswow64\vp6vfw.dll"    "10/2/2003 3:38 PM"    ""
+ "vidc.VP61"    "VP6 VIDEO FOR WINDOWS CODEC "    "On2.com"    "c:\windows\syswow64\vp6vfw.dll"    "10/2/2003 3:38 PM"    ""
+ "vidc.yv12"    "Helix YV12 YUV Codec"    "www.helixcommunity.org"    "c:\windows\syswow64\yv12vfw.dll"    "1/25/2004 11:18 AM"    ""
+ "vidc.yvu9"    ""    ""    "c:\windows\syswow64\iyvu9_32.dll"    "6/13/1997 10:56 AM"    ""
"HKLM\Software\Classes\Filter"    ""    ""    ""    "1/5/2010 10:28 AM"    ""
+ "Indeo® video 4.4 Compression Filter"    "Intel Indeo® Video 4.5"    "Intel Corporation"    "c:\windows\syswow64\ir41_32.ax"    "7/13/2009 8:06 PM"    ""
+ "Indeo® video 4.4 Decompression Filter"    "Intel Indeo® Video 4.5"    "Intel Corporation"    "c:\windows\syswow64\ir41_32.ax"    "7/13/2009 8:06 PM"    ""
"HKLM\Software\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance"    ""    ""    ""    "1/15/2017 2:57 PM"    ""
+ "AC3Filter"    "ac3filter"    ""    "c:\program files (x86)\ac3filter\x64\ac3filter64.ax"    "8/11/2009 12:22 PM"    ""
+ "GoPro-CineForm Decoder-2"    "CineForm DirectShow Decoder"    "CineForm Inc."    "c:\program files (x86)\common files\cineform\cfdecode64.ax"    "6/1/2012 2:59 PM"    ""
+ "Theora Encode Filter"    ""    ""    "c:\program files (x86)\xiph.org\open codecs\x64\dsftheoraencoder.dll"    "1/11/2011 7:56 PM"    ""
+ "WebM Muxer Filter"    "WebM Multiplexer Filter"    "Google"    "c:\program files (x86)\xiph.org\open codecs\x64\webmmux.dll"    "1/11/2011 7:57 PM"    ""
+ "WebM Splitter Filter"    "Webm Splitter Filter"    "Google"    "c:\program files (x86)\xiph.org\open codecs\x64\webmsplit.dll"    "1/11/2011 7:57 PM"    ""
+ "WebM VP8 Decoder Filter"    "WebM VP8 Decoder Filter"    "Google"    "c:\program files (x86)\xiph.org\open codecs\x64\vp8decoder.dll"    "1/11/2011 7:58 PM"    ""
+ "WebM VP8 Encoder Filter"    "WebM VP8 Encoder Filter"    "Google"    "c:\program files (x86)\xiph.org\open codecs\x64\vp8encoder.dll"    "1/11/2011 7:58 PM"    ""
+ "Xiph.Org FLAC Decoder"    ""    ""    "c:\program files (x86)\xiph.org\open codecs\x64\dsfflacdecoder.dll"    "1/11/2011 7:57 PM"    ""
+ "Xiph.Org FLAC Encoder"    ""    ""    "c:\program files (x86)\xiph.org\open codecs\x64\dsfflacencoder.dll"    "1/11/2011 7:57 PM"    ""
+ "Xiph.Org Native FLAC Decoder"    ""    ""    "c:\program files (x86)\xiph.org\open codecs\x64\dsfnativeflacsource.dll"    "1/11/2011 7:57 PM"    ""
+ "Xiph.Org Ogg Demuxer"    ""    ""    "c:\program files (x86)\xiph.org\open codecs\x64\dsfoggdemux2.dll"    "1/11/2011 7:56 PM"    ""
+ "Xiph.Org Ogg Muxer"    ""    ""    "c:\program files (x86)\xiph.org\open codecs\x64\dsfoggmux.dll"    "1/11/2011 7:57 PM"    ""
+ "Xiph.Org Speex Decoder"    ""    ""    "c:\program files (x86)\xiph.org\open codecs\x64\dsfspeexdecoder.dll"    "1/11/2011 7:56 PM"    ""
+ "Xiph.Org Speex Encoder"    ""    ""    "c:\program files (x86)\xiph.org\open codecs\x64\dsfspeexencoder.dll"    "1/11/2011 7:56 PM"    ""
+ "Xiph.Org Theora Decoder"    ""    ""    "c:\program files (x86)\xiph.org\open codecs\x64\dsftheoradecoder.dll"    "1/11/2011 7:56 PM"    ""
+ "Xiph.Org Vorbis Decoder"    ""    ""    "c:\program files (x86)\xiph.org\open codecs\x64\dsfvorbisdecoder.dll"    "1/11/2011 7:56 PM"    ""
+ "Xiph.Org Vorbis Encoder"    ""    ""    "c:\program files (x86)\xiph.org\open codecs\x64\dsfvorbisencoder.dll"    "1/11/2011 7:56 PM"    ""
"HKLM\Software\Wow6432Node\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance"    ""    ""    ""    "7/15/2017 11:19 AM"    ""
+ "9x8Resize"    "Movie Maker Filters"    "Microsoft Corporation"    "c:\program files (x86)\movie maker 2.6\wmm2filt.dll"    "3/30/2007 6:37 PM"    ""
+ "aac_parser"    "Direct show parser filter for ADTS"    ""    "c:\windows\syswow64\aac_parser.ax"    "11/23/2003 3:42 PM"    ""
+ "AC3 Decoder Filter"    "TODO: <파일 설명>"    "TODO: <회사 이름>"    "c:\program files (x86)\myfree codec\1.0b beta\ac-3\ac3dx.ax"    "9/30/2009 6:41 AM"    ""
+ "AC3Filter"    "ac3filter"    ""    "c:\windows\syswow64\ac3filter.ax"    "7/9/2008 3:06 AM"    ""
+ "Allocator Fix"    "Movie Maker Filters"    "Microsoft Corporation"    "c:\program files (x86)\movie maker 2.6\wmm2filt.dll"    "3/30/2007 6:37 PM"    ""
+ "AsyncEx"    "VisioForge AsyncEx Filter"    "VisioForge"    "c:\users\randy\appdata\roaming\windsolutions\copytransmanager\copytransmanager.ax"    "6/19/1992 5:22 PM"    ""
+ "Audio Destination"    "WAVDest Filter (Sample)"    "Microsoft Corporation"    "c:\program files (x86)\google\google earth\client\wavdest.ax"    "10/7/2013 2:33 PM"    ""
+ "Bitmap"    "Movie Maker Filters"    "Microsoft Corporation"    "c:\program files (x86)\movie maker 2.6\wmm2filt.dll"    "3/30/2007 6:37 PM"    ""
+ "Canon AAC Dec Wrapper"    "CanonAACDecWrapper"    "Canon Inc."    "c:\program files (x86)\canon\canon mov decoder\canonaacdecwrapper.ax"    "9/12/2011 2:49 AM"    ""
+ "Canon DES Resizer SaveMode"    "CanonDESResizer"    "Canon Inc."    "c:\program files (x86)\canon\mdl40\canondesresizer.ax"    "7/21/2011 1:28 AM"    ""
+ "Canon H.264 Decode Filter"    "Canon H.264 Mov Filter"    "Canon Inc."    "c:\program files (x86)\canon\canon mov decoder\canonh264filter.ax"    "4/24/2014 4:56 AM"    ""
+ "Canon H.264 Encoder"    "Canon H264 Encoder Filter"    "CANON INC."    "c:\program files (x86)\canon\canon mov encoder\canonh264encoder.ax"    "10/11/2012 5:41 AM"    ""
+ "Canon Image Rotation Filter"    "Canon Image Rotation Filter "    "Canon Inc."    "c:\program files (x86)\canon\mdp\canonrotatefilter.dll"    "7/27/2011 8:05 PM"    ""
+ "Canon MDP Motion-JPEG Decoder"    "Canon MDP Motion-JPEG Decoder Filter"    "Canon Inc."    "c:\program files (x86)\canon\mdp\canonmdpmjpegdecoder.ax"    "6/1/2009 11:41 PM"    ""
+ "Canon Motion-JPEG Decoder"    "Canon Motion-JPEG Decoder Filter"    "Canon Inc."    "c:\program files (x86)\canon\mdl40\canonmjpegdecoder.ax"    "7/21/2011 1:59 AM"    ""
+ "Canon Motion-JPEG Encoder"    "Motion-JPEG Encoder Filter"    "Canon Inc."    "c:\program files (x86)\canon\mdl40\canonmjpegencoder.ax"    "7/21/2011 3:03 AM"    ""
+ "Canon Mov File Parser Filter"    "Canon H.264 Mov Filter"    "Canon Inc."    "c:\program files (x86)\canon\canon mov decoder\canonh264filter.ax"    "4/24/2014 4:56 AM"    ""
+ "Canon Mov File Parser Filter2"    "Canon H.264 Mov Filter"    "Canon Inc."    "c:\program files (x86)\canon\canon mov decoder\canonh264filter.ax"    "4/24/2014 4:56 AM"    ""
+ "Canon Mp4 File Parser Filter"    "Canon H.264 Mov Filter"    "Canon Inc."    "c:\program files (x86)\canon\canon mov decoder\canonh264filter.ax"    "4/24/2014 4:56 AM"    ""
+ "Canon Resizer"    "CanonResizer"    "Canon Inc."    "c:\program files (x86)\canon\mdl40\canonresizer.ax"    "7/21/2011 1:41 AM"    ""
+ "Canon Text Source Filter"    "Canon Text Source Filter"    "Canon Inc."    "c:\program files (x86)\canon\mdl40\canontextsourcefilter.ax"    "7/21/2011 7:38 PM"    ""
+ "Canon WAV Dest"    "CanonWavDest"    "Canon Inc."    "c:\program files (x86)\canon\mdl40\canonwavdest.ax"    "7/21/2011 1:49 AM"    ""
+ "Canon-Actual-Data-Length-Setter"    "CanonActualDataLengthSetter"    "Canon Inc."    "c:\program files (x86)\canon\mdl40\canonactualdatalengthsetter.ax"    "7/21/2011 1:14 AM"    ""
+ "Capture File Writer"    "Windows Live Video Acquisition Filters"    "Microsoft Corporation"    "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"    "2/6/2009 9:59 PM"    ""
+ "CoreAAC Audio Decoder"    "CoreAAC"    ""    "c:\windows\syswow64\coreaac.ax"    "8/16/2006 9:53 AM"    ""
+ "CoreAVC Video Decoder"    "CoreAVC DirectShow Video Decoder"    "CoreCodec"    "c:\windows\syswow64\avcdx.ax"    "1/12/2006 6:23 PM"    ""
+ "Dib Output"    ""    "Corel TW Corp."    "c:\program files (x86)\common files\ulead systems\filters\diboutput.ax"    "2/25/2008 1:47 AM"    ""
+ "Dib Receive"    ""    "Corel TW Corp."    "c:\program files (x86)\common files\ulead systems\filters\dibreceive.ax"    "2/25/2008 1:47 AM"    ""
+ "Dirac Source"    "Dirac Splitter"    "Gabest"    "c:\windows\syswow64\diracsplitter.ax"    "1/17/2005 6:26 PM"    ""
+ "Dirac Splitter"    "Dirac Splitter"    "Gabest"    "c:\windows\syswow64\diracsplitter.ax"    "1/17/2005 6:26 PM"    ""
+ "Dirac Video Decoder"    "Dirac Splitter"    "Gabest"    "c:\windows\syswow64\diracsplitter.ax"    "1/17/2005 6:26 PM"    ""
+ "DV ACM V/A Source Filter"    ""    "Corel TW Corp."    "c:\program files (x86)\common files\ulead systems\filters\dvsf.ax"    "2/25/2008 2:34 AM"    ""
+ "DV V/A Source Filter"    ""    "Corel TW Corp."    "c:\program files (x86)\common files\ulead systems\filters\dvsf.ax"    "2/25/2008 2:34 AM"    ""
+ "DV Video Source Filter"    ""    "Corel TW Corp."    "c:\program files (x86)\common files\ulead systems\filters\dvsf.ax"    "2/25/2008 2:34 AM"    ""
+ "FLV Source"    "FLV Splitter"    "Gabest"    "c:\windows\syswow64\flvdx.dll"    "5/3/2006 4:06 AM"    ""
+ "FLV Splitter"    "FLV Splitter"    "Gabest"    "c:\windows\syswow64\flvdx.dll"    "5/3/2006 4:06 AM"    ""
+ "FLV Video Decoder"    "FLV Splitter"    "Gabest"    "c:\windows\syswow64\flvdx.dll"    "5/3/2006 4:06 AM"    ""
+ "Frame Eater"    "Movie Maker Filters"    "Microsoft Corporation"    "c:\program files (x86)\movie maker 2.6\wmm2filt.dll"    "3/30/2007 6:37 PM"    ""
+ "FunUnify Async Filter2"    "TODO: <file description>"    "TODO: <mobileleader>"    "c:\program files (x86)\samsung\allshare\funcodecfilter.ax"    "11/16/2011 3:47 AM"    ""
+ "FunUnify Video Trans Filter2"    "TODO: <file description>"    "TODO: <mobileleader>"    "c:\program files (x86)\samsung\allshare\funcodecfilter.ax"    "11/16/2011 3:47 AM"    ""
+ "Indeo Video ® 5.1 Progressive Download Source"    "Intel Indeo® video IVF Source Filter 5.10"    "Intel Corporation"    "c:\windows\syswow64\ivfsrc.ax"    "7/13/2009 8:06 PM"    ""
+ "Indeo® audio software"    "Indeo® audio software"    "Intel Corporation"    "c:\windows\syswow64\iac25_32.ax"    "7/13/2009 8:05 PM"    ""
+ "Indeo® video 5.10 Compression Filter"    "Intel Indeo® video 5.10"    "Intel Corporation"    "c:\windows\syswow64\ir50_32.dll"    "7/13/2009 8:06 PM"    ""
+ "Indeo® video 5.10 Decompression Filter"    "Intel Indeo® video 5.10"    "Intel Corporation"    "c:\windows\syswow64\ir50_32.dll"    "7/13/2009 8:06 PM"    ""
+ "MACSReaderMP3 Filter"    "MACSReaderMP3 Filter"    ""    "c:\program files (x86)\samsung\kies\external\mediamodules\macsreaderavi.ax"    "10/9/2007 12:42 AM"    ""
+ "Matroska Source"    "Matroska Splitter"    "Gabest"    "c:\windows\syswow64\matroskadx.ax"    "3/10/2006 3:48 PM"    ""
+ "Matroska Splitter"    "Matroska Splitter"    "Gabest"    "c:\windows\syswow64\matroskadx.ax"    "3/10/2006 3:48 PM"    ""
+ "MyFree Codec Filter"    ""    ""    "c:\program files (x86)\myfree codec\1.0b beta\myfree.ax"    "10/19/2012 7:30 PM"    ""
+ "NEDFilter4Samsung Filter"    "MACSReaderMP3 Filter"    "L544™ Technology"    "c:\program files (x86)\samsung\kies\external\mediamodules\nedfilter4samsung.ax"    "12/15/2009 1:25 AM"    ""
+ "psWav Dest"    "Canon Utilities Support Library"    "Canon Inc."    "c:\program files (x86)\canon\imagebrowser ex\pswavdes.ax"    "9/4/2006 5:39 AM"    ""
+ "RadLight Ogg Splitter"    "RLOgg"    "RadLight"    "c:\windows\syswow64\rlogg.ax"    "2/13/2005 2:23 PM"    ""
+ "RadLight Speex Decoder"    "RadLight Speex Decoder"    ""    "c:\windows\syswow64\rlspeexdec.ax"    "2/13/2005 2:25 PM"    ""
+ "RadLight Theora Decoder"    "RadLight Theora Decoder"    "RadLight, LLC"    "c:\windows\syswow64\rltheoradec.ax"    "2/13/2005 2:25 PM"    ""
+ "RadLight Vorbis Decoder"    "RLVorbisDec.ax"    "RadLight"    "c:\windows\syswow64\rlvorbisdec.ax"    "2/6/2005 12:59 PM"    ""
+ "RealAudio Decoder"    "RealMedia Splitter"    "Gabest"    "c:\windows\syswow64\realmediadx.ax"    "11/25/2005 3:46 PM"    ""
+ "RealMedia Source"    "RealMedia Splitter"    "Gabest"    "c:\windows\syswow64\realmediadx.ax"    "11/25/2005 3:46 PM"    ""
+ "RealMedia Splitter"    "RealMedia Splitter"    "Gabest"    "c:\windows\syswow64\realmediadx.ax"    "11/25/2005 3:46 PM"    ""
+ "RealVideo Decoder"    "RealMedia Splitter"    "Gabest"    "c:\windows\syswow64\realmediadx.ax"    "11/25/2005 3:46 PM"    ""
+ "Record Queue"    "Windows Live Video Acquisition Filters"    "Microsoft Corporation"    "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"    "2/6/2009 9:59 PM"    ""
+ "Record Queue"    "Movie Maker Filters"    "Microsoft Corporation"    "c:\program files (x86)\movie maker 2.6\wmm2filt.dll"    "3/30/2007 6:37 PM"    ""
+ "SelfMusicVideo Dump Filter"    "SelfMusicVideo Dump Filter (DShow)"    "ENJsoft Corporation"    "c:\program files (x86)\samsung\kies\external\transmodules\tg_dump0708.dll"    "7/23/2008 1:45 PM"    ""
+ "ShotDetect"    "Movie Maker Filters"    "Microsoft Corporation"    "c:\program files (x86)\movie maker 2.6\wmm2filt.dll"    "3/30/2007 6:37 PM"    ""
+ "SmartSound SDS Reader"    "SDS Media File Reader Filter"    "SmartSound Software Inc."    "c:\program files (x86)\smartsound software\quicktracks\sdsreader.dll"    "6/23/2005 5:15 PM"    ""
+ "SmartSound Soundtrack"    "Quicktracks Soundtrack source filter"    "SmartSound Software Inc."    "c:\program files (x86)\smartsound software\quicktracks\directqx.dll"    "6/23/2005 5:14 PM"    ""
+ "Stetch"    "Movie Maker Filters"    "Microsoft Corporation"    "c:\program files (x86)\movie maker 2.6\wmm2filt.dll"    "3/30/2007 6:37 PM"    ""
+ "Theora Encode Filter"    ""    ""    "c:\program files (x86)\xiph.org\open codecs\dsftheoraencoder.dll"    "1/11/2011 7:51 PM"    ""
+ "Ulead AMR Audio Decoder"    "MP4 AMR Audio Decoder Filter"    "Ulead Systems, Inc."    "c:\program files (x86)\common files\ulead systems\mpeg\uladamr.ax"    "5/9/2006 1:23 AM"    ""
+ "Ulead Audio Dual Channel Filter"    "Ulead Audio Dual Channel Filter"    "Ulead Systems, Inc."    "c:\program files (x86)\common files\ulead systems\mpeg\uaudiodcfilter.ax"    "4/25/2004 10:30 PM"    ""
+ "Ulead DV Scene Detect"    "ulDvScDt"    "Ulead system Inc."    "c:\program files (x86)\common files\ulead systems\capture\uldvscdt.ax"    "1/29/2008 5:18 AM"    ""
+ "Ulead DV Writer"    "ulDVWriter"    "Ulead System Inc."    "c:\program files (x86)\common files\ulead systems\capture\uldvrite.ax"    "11/29/2007 10:03 PM"    ""
+ "Ulead DVD Audio Decoder 2"    "Audio Decoder"    "Ulead Systems, Inc."    "c:\program files (x86)\common files\ulead systems\mpeg\uldvdaudio.ax"    "1/26/2007 10:36 AM"    ""
+ "Ulead DVD Navigator"    "DVD Navigator filter"    "Ulead Systems, Inc."    "c:\program files (x86)\common files\ulead systems\dvd\uleaddvdnavigator.ax"    "1/21/2005 4:15 AM"    ""
+ "Ulead DVD Video decoder 2"    "DVD Video Decoder with DxVA Support"    "Ulead Systems, Inc."    "c:\program files (x86)\common files\ulead systems\mpeg\uldvdvideo.ax"    "5/4/2007 8:14 AM"    ""
+ "ULead File Source (Async.)"    "Ulead Async Filter"    "Ulead Systems"    "c:\program files (x86)\common files\ulead systems\mpeg\ulasync.ax"    "9/2/2007 9:15 PM"    ""
+ "Ulead H264 Decoder"    "uldsh264"    "uleadivi"    "c:\program files (x86)\common files\ulead systems\mpeg\uldsh264.ax"    "4/28/2008 9:09 PM"    ""
+ "Ulead IEEE Push Source Filter"    "Ulead IEEE Push Source Filter"    "Ulead Systems, Inc."    "c:\program files (x86)\common files\ulead systems\mpeg\ulieeepushsource.ax"    "3/16/2006 11:07 PM"    ""
+ "ULead Infinite Pin Tee"    "Ulead Infinite Tee Filter"    "Ulead Systems, Inc."    "c:\program files (x86)\common files\ulead systems\mpeg\uinftee.ax"    "8/8/2007 4:37 AM"    ""
+ "Ulead LPCM Audio Encoder"    "LPCM Audio Encoder"    "ULead Systems"    "c:\program files (x86)\common files\ulead systems\mpeg\ulpcmpeg.ax"    "2/18/2005 6:02 AM"    ""
+ "Ulead Mp3 Decoder"    "MP3 Decoder"    "Ulead Systems, Inc."    "c:\program files (x86)\common files\ulead systems\mpeg\uldamp3.ax"    "1/26/2007 6:51 AM"    ""
+ "Ulead MPEG Audio Decoder"    "Audio Decoder"    "Ulead Systems, Inc."    "c:\program files (x86)\common files\ulead systems\mpeg\uldvdaudio.ax"    "1/26/2007 10:36 AM"    ""
+ "Ulead MPEG Audio Encoder"    "DS MPEG Audio Encoder"    "Ulead Systems"    "c:\program files (x86)\common files\ulead systems\mpeg\uleampeg.ax"    "1/20/2005 3:58 AM"    ""
+ "Ulead MPEG Encoder"    "MPEG Encoder and Muxer"    "ULead Systems"    "c:\program files (x86)\common files\ulead systems\mpeg\ulesmpeg.ax"    "2/14/2008 3:00 AM"    ""
+ "Ulead MPEG Muxer"    "MPEG Muxer"    "ULead Systems"    "c:\program files (x86)\common files\ulead systems\mpeg\ulmxmpeg.ax"    "8/22/2007 4:58 AM"    ""
+ "Ulead MPEG Splitter"    "ULead Mpeg I/II Splitter"    "ULead Systems"    "c:\program files (x86)\common files\ulead systems\mpeg\ulspmpeg.ax"    "5/12/2008 11:02 PM"    ""
+ "Ulead MPEG Video Decoder"    "MPEG Video and Audio Decoder"    "ULead Systems"    "c:\program files (x86)\common files\ulead systems\mpeg\uldsmpeg.ax"    "7/12/2007 6:46 AM"    ""
+ "Ulead MPEG-4 ASP Video Decoder"    "MP4 ASP Video Decoder Filter"    "Ulead Systems, Inc."    "c:\program files (x86)\common files\ulead systems\mpeg\ulaspvdmp4.ax"    "2/3/2007 8:24 PM"    ""
+ "Ulead MPEG-4 Audio Decoder"    "MP4 AAC Audio Decoder Filter"    "Ulead Systems, Inc."    "c:\program files (x86)\common files\ulead systems\mpeg\uladmp4.ax"    "4/11/2006 11:32 PM"    ""
+ "Ulead MPEG-4 Encoder"    "MP4 Encoder Filter"    "Ulead Systems, Inc."    "c:\program files (x86)\common files\ulead systems\mpeg\ulmp4enc.ax"    "2/9/2006 1:18 AM"    ""
+ "Ulead MPEG-4 Splitter"    "MP4 Splitter Filter"    "Ulead Systems, Inc."    "c:\program files (x86)\common files\ulead systems\mpeg\ulspmp4.ax"    "1/24/2008 5:45 AM"    ""
+ "Ulead MPEG-4 Video Decoder"    "MP4 Video Decoder Filter"    "Ulead Systems, Inc."    "c:\program files (x86)\common files\ulead systems\mpeg\ulvdmp4.ax"    "2/2/2007 11:51 PM"    ""
+ "WebM Color Conversion Filter"    "WebM Color Conversion Filter"    "Google"    "c:\program files (x86)\common files\webm project\webmdshow\webmcc.dll"    "1/30/2015 2:20 PM"    ""
+ "WebM Muxer Filter"    "WebM Multiplexer Filter"    "Google"    "c:\program files (x86)\common files\webm project\webmdshow\webmmux.dll"    "1/30/2015 2:20 PM"    ""
+ "WebM Source Filter"    "WebM Source Filter"    "Google"    "c:\program files (x86)\common files\webm project\webmdshow\webmsource.dll"    "1/30/2015 2:20 PM"    ""
+ "WebM Splitter Filter"    "Webm Splitter Filter"    "Google"    "c:\program files (x86)\common files\webm project\webmdshow\webmsplit.dll"    "1/30/2015 2:20 PM"    ""
+ "WebM Vorbis Decoder Filter"    "WebM Vorbis Decoder"    ""    "c:\program files (x86)\common files\webm project\webmdshow\webmvorbisdecoder.dll"    "1/30/2015 2:20 PM"    ""
+ "WebM VP8 Decoder Filter"    "WebM VP8 Decoder Filter"    "Google"    "c:\program files (x86)\common files\webm project\webmdshow\vp8decoder.dll"    "1/30/2015 2:20 PM"    ""
+ "WebM VP8 Encoder Filter"    "WebM VP8 Encoder Filter"    "Google"    "c:\program files (x86)\common files\webm project\webmdshow\vp8encoder.dll"    "1/30/2015 2:20 PM"    ""
+ "WebM VP9 Decoder Filter"    "WebM VP9 Decoder Filter"    "Google"    "c:\program files (x86)\common files\webm project\webmdshow\vp9decoder.dll"    "1/30/2015 2:20 PM"    ""
+ "WebM VPx Decoder Filter"    "WebM VPX Decoder Filter"    "Google"    "c:\program files (x86)\common files\webm project\webmdshow\vpxdecoder.dll"    "1/30/2015 2:20 PM"    ""
+ "WM VIH2 Fix"    "Windows Live Video Acquisition Filters"    "Microsoft Corporation"    "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"    "2/6/2009 9:59 PM"    ""
+ "WM VIH2 Fix"    "Movie Maker Filters"    "Microsoft Corporation"    "c:\program files (x86)\movie maker 2.6\wmm2filt.dll"    "3/30/2007 6:37 PM"    ""
+ "WMT Audio Analyzer"    "Movie Maker Filters"    "Microsoft Corporation"    "c:\program files (x86)\movie maker 2.6\wmm2filt.dll"    "3/30/2007 6:37 PM"    ""
+ "WMT Audio Mixer"    "Movie Maker Filters"    "Microsoft Corporation"    "c:\program files (x86)\movie maker 2.6\wmm2filt.dll"    "3/30/2007 6:37 PM"    ""
+ "WMT Black Frame Generator"    "Movie Maker Filters"    "Microsoft Corporation"    "c:\program files (x86)\movie maker 2.6\wmm2filt.dll"    "3/30/2007 6:37 PM"    ""
+ "WMT DirectX Transform Wrapper"    "Movie Maker Filters"    "Microsoft Corporation"    "c:\program files (x86)\movie maker 2.6\wmm2filt.dll"    "3/30/2007 6:37 PM"    ""
+ "WMT DV Extract"    "Movie Maker Filters"    "Microsoft Corporation"    "c:\program files (x86)\movie maker 2.6\wmm2filt.dll"    "3/30/2007 6:37 PM"    ""
+ "WMT DV Extract Filter"    "Windows Live Video Acquisition Filters"    "Microsoft Corporation"    "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"    "2/6/2009 9:59 PM"    ""
+ "WMT Format Conversion"    "Movie Maker Filters"    "Microsoft Corporation"    "c:\program files (x86)\movie maker 2.6\wmm2filt.dll"    "3/30/2007 6:37 PM"    ""
+ "WMT Import Filter"    "Movie Maker Filters"    "Microsoft Corporation"    "c:\program files (x86)\movie maker 2.6\wmm2filt.dll"    "3/30/2007 6:37 PM"    ""
+ "WMT Interlacer"    "Movie Maker Filters"    "Microsoft Corporation"    "c:\program files (x86)\movie maker 2.6\wmm2filt.dll"    "3/30/2007 6:37 PM"    ""
+ "WMT Log Filter"    "Movie Maker Filters"    "Microsoft Corporation"    "c:\program files (x86)\movie maker 2.6\wmm2filt.dll"    "3/30/2007 6:37 PM"    ""
+ "WMT MuxDeMux Filter"    "Movie Maker Filters"    "Microsoft Corporation"    "c:\program files (x86)\movie maker 2.6\wmm2filt.dll"    "3/30/2007 6:37 PM"    ""
+ "WMT Sample Info Filter"    "Windows Live Video Acquisition Filters"    "Microsoft Corporation"    "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"    "2/6/2009 9:59 PM"    ""
+ "WMT Sample Info Filter"    "Movie Maker Filters"    "Microsoft Corporation"    "c:\program files (x86)\movie maker 2.6\wmm2filt.dll"    "3/30/2007 6:37 PM"    ""
+ "WMT Screen Capture filter"    "Movie Maker Filters"    "Microsoft Corporation"    "c:\program files (x86)\movie maker 2.6\wmm2filt.dll"    "3/30/2007 6:37 PM"    ""
+ "WMT Switch Filter"    "Windows Live Video Acquisition Filters"    "Microsoft Corporation"    "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"    "2/6/2009 9:59 PM"    ""
+ "WMT Switch Filter"    "Movie Maker Filters"    "Microsoft Corporation"    "c:\program files (x86)\movie maker 2.6\wmm2filt.dll"    "3/30/2007 6:37 PM"    ""
+ "WMT Virtual Renderer"    "Windows Live Video Acquisition Filters"    "Microsoft Corporation"    "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"    "2/6/2009 9:59 PM"    ""
+ "WMT Virtual Renderer"    "Movie Maker Filters"    "Microsoft Corporation"    "c:\program files (x86)\movie maker 2.6\wmm2filt.dll"    "3/30/2007 6:37 PM"    ""
+ "WMT Virtual Source"    "Windows Live Video Acquisition Filters"    "Microsoft Corporation"    "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"    "2/6/2009 9:59 PM"    ""
+ "WMT Virtual Source"    "Movie Maker Filters"    "Microsoft Corporation"    "c:\program files (x86)\movie maker 2.6\wmm2filt.dll"    "3/30/2007 6:37 PM"    ""
+ "WMT Volume"    "Movie Maker Filters"    "Microsoft Corporation"    "c:\program files (x86)\movie maker 2.6\wmm2filt.dll"    "3/30/2007 6:37 PM"    ""
+ "Xiph.Org FLAC Decoder"    ""    ""    "c:\program files (x86)\xiph.org\open codecs\dsfflacdecoder.dll"    "1/11/2011 7:51 PM"    ""
+ "Xiph.Org FLAC Encoder"    ""    ""    "c:\program files (x86)\xiph.org\open codecs\dsfflacencoder.dll"    "1/11/2011 7:51 PM"    ""
+ "Xiph.Org Native FLAC Decoder"    ""    ""    "c:\program files (x86)\xiph.org\open codecs\dsfnativeflacsource.dll"    "1/11/2011 7:51 PM"    ""
+ "Xiph.Org Ogg Demuxer"    ""    ""    "c:\program files (x86)\xiph.org\open codecs\dsfoggdemux2.dll"    "1/11/2011 7:51 PM"    ""
+ "Xiph.Org Ogg Muxer"    ""    ""    "c:\program files (x86)\xiph.org\open codecs\dsfoggmux.dll"    "1/11/2011 7:51 PM"    ""
+ "Xiph.Org Speex Decoder"    ""    ""    "c:\program files (x86)\xiph.org\open codecs\dsfspeexdecoder.dll"    "1/11/2011 7:51 PM"    ""
+ "Xiph.Org Speex Encoder"    ""    ""    "c:\program files (x86)\xiph.org\open codecs\dsfspeexencoder.dll"    "1/11/2011 7:51 PM"    ""
+ "Xiph.Org Theora Decoder"    ""    ""    "c:\program files (x86)\xiph.org\open codecs\dsftheoradecoder.dll"    "1/11/2011 7:51 PM"    ""
+ "Xiph.Org Vorbis Decoder"    ""    ""    "c:\program files (x86)\xiph.org\open codecs\dsfvorbisdecoder.dll"    "1/11/2011 7:51 PM"    ""
+ "Xiph.Org Vorbis Encoder"    ""    ""    "c:\program files (x86)\xiph.org\open codecs\dsfvorbisencoder.dll"    "1/11/2011 7:51 PM"    ""
+ "Xvid MPEG-4 Video Decoder"    ""    ""    "c:\windows\syswow64\xvid.ax"    "9/25/2008 10:23 PM"    ""
"HKLM\Software\Classes\CLSID\{7ED96837-96F0-4812-B211-F13C24117ED3}\Instance"    ""    ""    ""    "2/10/2018 10:50 AM"    ""
+ "Adobe DNG Decoder (FastPictureViewer Codec Pack)"    "Adobe DNG Decoder"    "Axel Rietschin Software Developments"    "c:\windows\wiccodecs\{a6d092a4-081a-4f0e-9356-da167e87d922}\raw formats\adobe\x86\adobecodec.dll"    "4/23/2017 4:04 AM"    ""
+ "Adobe Lightroom® Preview Decoder (FastPictureViewer Codec Pack)"    "Adobe Lightroom® Preview Decoder"    "Axel Rietschin Software Developments"    "c:\windows\wiccodecs\{a6d092a4-081a-4f0e-9356-da167e87d922}\raster formats\lightroom lrprev\x86\lrprevcodec.dll"    "4/23/2017 4:04 AM"    ""
+ "Adobe Photoshop® Document Decoder (FastPictureViewer Codec Pack)"    "Adobe Photoshop® Document Decoder"    "Axel Rietschin Software Developments"    "c:\windows\wiccodecs\{a6d092a4-081a-4f0e-9356-da167e87d922}\raster formats\photoshop psd\x86\psdcodec.dll"    "4/23/2017 4:04 AM"    ""
+ "Adobe XMP-Based PDF Thumbnail Provider (FastPictureViewer Codec Pack)"    "XMP-Based PDF Thumbnail Provider"    "Axel Rietschin Software Developments"    "c:\windows\wiccodecs\{a6d092a4-081a-4f0e-9356-da167e87d922}\vector formats\xmp-based thumbnail provider\x86\xmpthumbnailproviderpdf.dll"    "4/23/2017 4:06 AM"    ""
+ "Adobe XMP-Based Thumbnail Provider (FastPictureViewer Codec Pack)"    "XMP-Based Thumbnail Provider"    "Axel Rietschin Software Developments"    "c:\windows\wiccodecs\{a6d092a4-081a-4f0e-9356-da167e87d922}\vector formats\xmp-based thumbnail provider\x86\xmpthumbnailprovider.dll"    "4/23/2017 4:06 AM"    ""
+ "Autodesk Maya IFF Decoder (FastPictureViewer Codec Pack)"    "Autodesk Maya IFF Decoder"    "Axel Rietschin Software Developments"    "c:\windows\wiccodecs\{a6d092a4-081a-4f0e-9356-da167e87d922}\raster formats\maya iff\x86\mayacodec.dll"    "4/23/2017 4:05 AM"    ""
+ "Canon Raw Decoder (FastPictureViewer Codec Pack)"    "Canon Raw Decoder"    "Axel Rietschin Software Developments"    "c:\windows\wiccodecs\{a6d092a4-081a-4f0e-9356-da167e87d922}\raw formats\canon\x86\canoncodec.dll"    "4/23/2017 4:04 AM"    ""
+ "DDS Decoder (FastPictureViewer Codec Pack)"    "DirectDraw Surface Decoder"    "Axel Rietschin Software Developments"    "c:\windows\wiccodecs\{a6d092a4-081a-4f0e-9356-da167e87d922}\raster formats\directx dds\x86\ddscodec.dll"    "4/23/2017 3:52 AM"    ""
+ "Epson Raw Decoder (FastPictureViewer Codec Pack)"    "Epson Raw Decoder"    "Axel Rietschin Software Developments"    "c:\windows\wiccodecs\{a6d092a4-081a-4f0e-9356-da167e87d922}\raw formats\epson\x86\epsoncodec.dll"    "4/23/2017 4:05 AM"    ""
+ "EXR Decoder (FastPictureViewer Codec Pack)"    "OpenEXR Decoder"    "Axel Rietschin Software Developments"    "c:\windows\wiccodecs\{a6d092a4-081a-4f0e-9356-da167e87d922}\raster formats\ilm openexr\x86\exrcodec.dll"    "4/23/2017 4:06 AM"    ""
+ "Fuji Raw Decoder (FastPictureViewer Codec Pack)"    "Fuji Raw Decoder"    "Axel Rietschin Software Developments"    "c:\windows\wiccodecs\{a6d092a4-081a-4f0e-9356-da167e87d922}\raw formats\fuji\x86\fujicodec.dll"    "4/23/2017 4:04 AM"    ""
+ "Google SketchUp Thumbnail Provider (FastPictureViewer Codec Pack)"    "Google SketchUp Thumbnail Provider"    "Axel Rietschin Software Developments"    "c:\windows\wiccodecs\{a6d092a4-081a-4f0e-9356-da167e87d922}\vector formats\skp thumbnail provider\x86\skpthumbnailprovider.dll"    "4/23/2017 4:05 AM"    ""
+ "Hasselblad Raw Decoder (FastPictureViewer Codec Pack)"    "Hasselblad Raw Decoder"    "Axel Rietschin Software Developments"    "c:\windows\wiccodecs\{a6d092a4-081a-4f0e-9356-da167e87d922}\raw formats\hasselblad\x86\hasselbladcodec.dll"    "4/23/2017 4:04 AM"    ""
+ "JPEG 2000 Baseline Decoder (FastPictureViewer Codec Pack)"    "JPEG 2000 Decoder"    "Axel Rietschin Software Developments"    "c:\windows\wiccodecs\{a6d092a4-081a-4f0e-9356-da167e87d922}\raster formats\jpeg 2000\x86\j2kcodec.dll"    "4/23/2017 4:06 AM"    ""
+ "JPEG Derivative Handler (FastPictureViewer Codec Pack)"    "JPEG Derivative (MPO, JPS)"    "Axel Rietschin Software Developments"    "c:\windows\wiccodecs\{a6d092a4-081a-4f0e-9356-da167e87d922}\raster formats\jpeg\x86\jpgderivative.dll"    "4/23/2017 4:05 AM"    ""
+ "JPEG Rotator (FastPictureViewer Codec Pack)"    "JPEG Rotator"    "Axel Rietschin Software Developments"    "c:\windows\wiccodecs\{a6d092a4-081a-4f0e-9356-da167e87d922}\raster formats\jpeg\x86\jpgrotator.dll"    "4/23/2017 4:03 AM"    ""
+ "Kodak Raw Decoder (FastPictureViewer Codec Pack)"    "Kodak Raw Decoder"    "Axel Rietschin Software Developments"    "c:\windows\wiccodecs\{a6d092a4-081a-4f0e-9356-da167e87d922}\raw formats\kodak\x86\kodakcodec.dll"    "4/23/2017 4:05 AM"    ""
+ "Leica Raw Decoder (FastPictureViewer Codec Pack)"    "Leica Raw Decoder"    "Axel Rietschin Software Developments"    "c:\windows\wiccodecs\{a6d092a4-081a-4f0e-9356-da167e87d922}\raw formats\leica\x86\leicacodec.dll"    "4/23/2017 4:04 AM"    ""
+ "Mamiya Raw Decoder (FastPictureViewer Codec Pack)"    "Mamiya Raw Decoder"    "Axel Rietschin Software Developments"    "c:\windows\wiccodecs\{a6d092a4-081a-4f0e-9356-da167e87d922}\raw formats\mamiya\x86\mamiyacodec.dll"    "4/23/2017 4:05 AM"    ""
+ "Minolta Raw Decoder (FastPictureViewer Codec Pack)"    "Minolta Raw Decoder"    "Axel Rietschin Software Developments"    "c:\windows\wiccodecs\{a6d092a4-081a-4f0e-9356-da167e87d922}\raw formats\minolta\x86\minoltacodec.dll"    "4/23/2017 4:04 AM"    ""
+ "Nikon Raw Decoder (FastPictureViewer Codec Pack)"    "Nikon Raw Decoder"    "Axel Rietschin Software Developments"    "c:\windows\wiccodecs\{a6d092a4-081a-4f0e-9356-da167e87d922}\raw formats\nikon\x86\nikoncodec.dll"    "4/23/2017 4:04 AM"    ""
+ "Olympus Raw Decoder (FastPictureViewer Codec Pack)"    "Olympus Raw Decoder"    "Axel Rietschin Software Developments"    "c:\windows\wiccodecs\{a6d092a4-081a-4f0e-9356-da167e87d922}\raw formats\olympus\x86\olympuscodec.dll"    "4/23/2017 4:04 AM"    ""
+ "Panasonic Raw Decoder (FastPictureViewer Codec Pack)"    "Panasonic Raw Decoder"    "Axel Rietschin Software Developments"    "c:\windows\wiccodecs\{a6d092a4-081a-4f0e-9356-da167e87d922}\raw formats\panasonic\x86\panasoniccodec.dll"    "4/23/2017 4:04 AM"    ""
+ "Pentax Raw Decoder (FastPictureViewer Codec Pack)"    "Pentax Raw Decoder"    "Axel Rietschin Software Developments"    "c:\windows\wiccodecs\{a6d092a4-081a-4f0e-9356-da167e87d922}\raw formats\pentax\x86\pentaxcodec.dll"    "4/23/2017 4:04 AM"    ""
+ "PhotoLine Thumbnail Provider (FastPictureViewer Codec Pack)"    "PhotoLine Thumbnail Provider"    "Axel Rietschin Software Developments"    "c:\windows\wiccodecs\{a6d092a4-081a-4f0e-9356-da167e87d922}\vector formats\pld thumbnail provider\x86\pldthumbnailprovider.dll"    "4/23/2017 4:05 AM"    ""
+ "PPM Decoder (FastPictureViewer Codec Pack)"    "Netpbm (PNM/PPM/PGM/PBM) Decoder"    "Axel Rietschin Software Developments"    "c:\windows\wiccodecs\{a6d092a4-081a-4f0e-9356-da167e87d922}\raster formats\portable pixmap\x86\ppmcodec.dll"    "4/23/2017 4:05 AM"    ""
+ "Radiance HDR Decoder (FastPictureViewer Codec Pack)"    "Radiance HDR Decoder"    "Axel Rietschin Software Developments"    "c:\windows\wiccodecs\{a6d092a4-081a-4f0e-9356-da167e87d922}\raster formats\radiance hdr\x86\hdrcodec.dll"    "4/23/2017 4:06 AM"    ""
+ "Rawzor Compressed Raw Format Previewer (FastPictureViewer Codec Pack)"    "Rawzor Compressed Raw Format Previewer"    "Axel Rietschin Software Developments"    "c:\windows\wiccodecs\{a6d092a4-081a-4f0e-9356-da167e87d922}\special codecs\rawzor previewer\x86\rawzorcodec.dll"    "4/23/2017 4:06 AM"    ""
+ "Samsung Raw Decoder (FastPictureViewer Codec Pack)"    "Samsung Raw Decoder"    "Axel Rietschin Software Developments"    "c:\windows\wiccodecs\{a6d092a4-081a-4f0e-9356-da167e87d922}\raw formats\samsung\x86\samsungcodec.dll"    "4/23/2017 4:06 AM"    ""
+ "Sigma X3F Decoder (FastPictureViewer Codec Pack)"    "Sigma X3F Decoder"    "Axel Rietschin Software Developments"    "c:\windows\wiccodecs\{a6d092a4-081a-4f0e-9356-da167e87d922}\raw formats\sigma\x86\sigmacodec.dll"    "4/23/2017 4:05 AM"    ""
+ "Silicon Graphics RGB Decoder (FastPictureViewer Codec Pack)"    "Silicon Graphics RGB Decoder"    "Axel Rietschin Software Developments"    "c:\windows\wiccodecs\{a6d092a4-081a-4f0e-9356-da167e87d922}\raster formats\silicon graphics rgb\x86\silicongraphicscodec.dll"    "4/23/2017 4:05 AM"    ""
+ "Sinar Raw Decoder (FastPictureViewer Codec Pack)"    "Sinar Raw Decoder"    "Axel Rietschin Software Developments"    "c:\windows\wiccodecs\{a6d092a4-081a-4f0e-9356-da167e87d922}\raw formats\sinar\x86\sinarcodec.dll"    "4/23/2017 4:05 AM"    ""
+ "Softimage PIC Decoder (FastPictureViewer Codec Pack)"    "Softimage PIC Decoder"    "Axel Rietschin Software Developments"    "c:\windows\wiccodecs\{a6d092a4-081a-4f0e-9356-da167e87d922}\raster formats\softimage pic\x86\softimagecodec.dll"    "4/23/2017 4:05 AM"    ""
+ "Sony Raw Decoder (FastPictureViewer Codec Pack)"    "Sony Raw Decoder"    "Axel Rietschin Software Developments"    "c:\windows\wiccodecs\{a6d092a4-081a-4f0e-9356-da167e87d922}\raw formats\sony\x86\sonycodec.dll"    "4/23/2017 4:04 AM"    ""
+ "TGA Decoder (FastPictureViewer Codec Pack)"    "Truevision Targa (TGA) Decoder"    "Axel Rietschin Software Developments"    "c:\windows\wiccodecs\{a6d092a4-081a-4f0e-9356-da167e87d922}\raster formats\truevision targa\x86\tgacodec.dll"    "4/23/2017 4:04 AM"    ""
+ "Valve Texture Format Decoder (FastPictureViewer Codec Pack)"    "Valve Texture Format Decoder"    "Axel Rietschin Software Developments"    "c:\windows\wiccodecs\{a6d092a4-081a-4f0e-9356-da167e87d922}\raster formats\valve texture format\x86\vtfcodec.dll"    "4/23/2017 4:05 AM"    ""
+ "{42553C8F-FF8C-45C9-A37A-C3939F7C016B}"    "Microsoft Raw Codec"    "Microsoft Corporation"    "c:\program files\common files\microsoft shared\microsoft camera codec pack\microsoftrawcodec.dll"    "6/25/2013 1:39 AM"    ""
+ "{76A619FA-2B23-4F2B-A167-991A80494D72}"    "CR2 Decoder"    "Ardfry Imaging, LLC"    "c:\program files\ardfryimaging\cr2 codec\ardfrycr2codec.dll"    "2/23/2010 9:43 PM"    ""
"HKLM\Software\Wow6432Node\Classes\CLSID\{7ED96837-96F0-4812-B211-F13C24117ED3}\Instance"    ""    ""    ""    "2/10/2018 10:50 AM"    ""
+ "Adobe DNG Decoder (FastPictureViewer Codec Pack)"    "Adobe DNG Decoder"    "Axel Rietschin Software Developments"    "c:\windows\wiccodecs\{a6d092a4-081a-4f0e-9356-da167e87d922}\raw formats\adobe\x86\adobecodec.dll"    "4/23/2017 4:04 AM"    ""
+ "Adobe Lightroom® Preview Decoder (FastPictureViewer Codec Pack)"    "Adobe Lightroom® Preview Decoder"    "Axel Rietschin Software Developments"    "c:\windows\wiccodecs\{a6d092a4-081a-4f0e-9356-da167e87d922}\raster formats\lightroom lrprev\x86\lrprevcodec.dll"    "4/23/2017 4:04 AM"    ""
+ "Adobe Photoshop® Document Decoder (FastPictureViewer Codec Pack)"    "Adobe Photoshop® Document Decoder"    "Axel Rietschin Software Developments"    "c:\windows\wiccodecs\{a6d092a4-081a-4f0e-9356-da167e87d922}\raster formats\photoshop psd\x86\psdcodec.dll"    "4/23/2017 4:04 AM"    ""
+ "Adobe XMP-Based PDF Thumbnail Provider (FastPictureViewer Codec Pack)"    "XMP-Based PDF Thumbnail Provider"    "Axel Rietschin Software Developments"    "c:\windows\wiccodecs\{a6d092a4-081a-4f0e-9356-da167e87d922}\vector formats\xmp-based thumbnail provider\x86\xmpthumbnailproviderpdf.dll"    "4/23/2017 4:06 AM"    ""
+ "Adobe XMP-Based Thumbnail Provider (FastPictureViewer Codec Pack)"    "XMP-Based Thumbnail Provider"    "Axel Rietschin Software Developments"    "c:\windows\wiccodecs\{a6d092a4-081a-4f0e-9356-da167e87d922}\vector formats\xmp-based thumbnail provider\x86\xmpthumbnailprovider.dll"    "4/23/2017 4:06 AM"    ""
+ "Autodesk Maya IFF Decoder (FastPictureViewer Codec Pack)"    "Autodesk Maya IFF Decoder"    "Axel Rietschin Software Developments"    "c:\windows\wiccodecs\{a6d092a4-081a-4f0e-9356-da167e87d922}\raster formats\maya iff\x86\mayacodec.dll"    "4/23/2017 4:05 AM"    ""
+ "Canon Raw Decoder (FastPictureViewer Codec Pack)"    "Canon Raw Decoder"    "Axel Rietschin Software Developments"    "c:\windows\wiccodecs\{a6d092a4-081a-4f0e-9356-da167e87d922}\raw formats\canon\x86\canoncodec.dll"    "4/23/2017 4:04 AM"    ""
+ "DDS Decoder (FastPictureViewer Codec Pack)"    "DirectDraw Surface Decoder"    "Axel Rietschin Software Developments"    "c:\windows\wiccodecs\{a6d092a4-081a-4f0e-9356-da167e87d922}\raster formats\directx dds\x86\ddscodec.dll"    "4/23/2017 3:52 AM"    ""
+ "Epson Raw Decoder (FastPictureViewer Codec Pack)"    "Epson Raw Decoder"    "Axel Rietschin Software Developments"    "c:\windows\wiccodecs\{a6d092a4-081a-4f0e-9356-da167e87d922}\raw formats\epson\x86\epsoncodec.dll"    "4/23/2017 4:05 AM"    ""
+ "EXR Decoder (FastPictureViewer Codec Pack)"    "OpenEXR Decoder"    "Axel Rietschin Software Developments"    "c:\windows\wiccodecs\{a6d092a4-081a-4f0e-9356-da167e87d922}\raster formats\ilm openexr\x86\exrcodec.dll"    "4/23/2017 4:06 AM"    ""
+ "Fuji Raw Decoder (FastPictureViewer Codec Pack)"    "Fuji Raw Decoder"    "Axel Rietschin Software Developments"    "c:\windows\wiccodecs\{a6d092a4-081a-4f0e-9356-da167e87d922}\raw formats\fuji\x86\fujicodec.dll"    "4/23/2017 4:04 AM"    ""
+ "Google SketchUp Thumbnail Provider (FastPictureViewer Codec Pack)"    "Google SketchUp Thumbnail Provider"    "Axel Rietschin Software Developments"    "c:\windows\wiccodecs\{a6d092a4-081a-4f0e-9356-da167e87d922}\vector formats\skp thumbnail provider\x86\skpthumbnailprovider.dll"    "4/23/2017 4:05 AM"    ""
+ "Hasselblad Raw Decoder (FastPictureViewer Codec Pack)"    "Hasselblad Raw Decoder"    "Axel Rietschin Software Developments"    "c:\windows\wiccodecs\{a6d092a4-081a-4f0e-9356-da167e87d922}\raw formats\hasselblad\x86\hasselbladcodec.dll"    "4/23/2017 4:04 AM"    ""
+ "JPEG 2000 Baseline Decoder (FastPictureViewer Codec Pack)"    "JPEG 2000 Decoder"    "Axel Rietschin Software Developments"    "c:\windows\wiccodecs\{a6d092a4-081a-4f0e-9356-da167e87d922}\raster formats\jpeg 2000\x86\j2kcodec.dll"    "4/23/2017 4:06 AM"    ""
+ "JPEG Derivative Handler (FastPictureViewer Codec Pack)"    "JPEG Derivative (MPO, JPS)"    "Axel Rietschin Software Developments"    "c:\windows\wiccodecs\{a6d092a4-081a-4f0e-9356-da167e87d922}\raster formats\jpeg\x86\jpgderivative.dll"    "4/23/2017 4:05 AM"    ""
+ "JPEG Rotator (FastPictureViewer Codec Pack)"    "JPEG Rotator"    "Axel Rietschin Software Developments"    "c:\windows\wiccodecs\{a6d092a4-081a-4f0e-9356-da167e87d922}\raster formats\jpeg\x86\jpgrotator.dll"    "4/23/2017 4:03 AM"    ""
+ "Kodak Raw Decoder (FastPictureViewer Codec Pack)"    "Kodak Raw Decoder"    "Axel Rietschin Software Developments"    "c:\windows\wiccodecs\{a6d092a4-081a-4f0e-9356-da167e87d922}\raw formats\kodak\x86\kodakcodec.dll"    "4/23/2017 4:05 AM"    ""
+ "Leica Raw Decoder (FastPictureViewer Codec Pack)"    "Leica Raw Decoder"    "Axel Rietschin Software Developments"    "c:\windows\wiccodecs\{a6d092a4-081a-4f0e-9356-da167e87d922}\raw formats\leica\x86\leicacodec.dll"    "4/23/2017 4:04 AM"    ""
+ "Mamiya Raw Decoder (FastPictureViewer Codec Pack)"    "Mamiya Raw Decoder"    "Axel Rietschin Software Developments"    "c:\windows\wiccodecs\{a6d092a4-081a-4f0e-9356-da167e87d922}\raw formats\mamiya\x86\mamiyacodec.dll"    "4/23/2017 4:05 AM"    ""
+ "Minolta Raw Decoder (FastPictureViewer Codec Pack)"    "Minolta Raw Decoder"    "Axel Rietschin Software Developments"    "c:\windows\wiccodecs\{a6d092a4-081a-4f0e-9356-da167e87d922}\raw formats\minolta\x86\minoltacodec.dll"    "4/23/2017 4:04 AM"    ""
+ "Nikon Raw Decoder (FastPictureViewer Codec Pack)"    "Nikon Raw Decoder"    "Axel Rietschin Software Developments"    "c:\windows\wiccodecs\{a6d092a4-081a-4f0e-9356-da167e87d922}\raw formats\nikon\x86\nikoncodec.dll"    "4/23/2017 4:04 AM"    ""
+ "Olympus Raw Decoder (FastPictureViewer Codec Pack)"    "Olympus Raw Decoder"    "Axel Rietschin Software Developments"    "c:\windows\wiccodecs\{a6d092a4-081a-4f0e-9356-da167e87d922}\raw formats\olympus\x86\olympuscodec.dll"    "4/23/2017 4:04 AM"    ""
+ "Panasonic Raw Decoder (FastPictureViewer Codec Pack)"    "Panasonic Raw Decoder"    "Axel Rietschin Software Developments"    "c:\windows\wiccodecs\{a6d092a4-081a-4f0e-9356-da167e87d922}\raw formats\panasonic\x86\panasoniccodec.dll"    "4/23/2017 4:04 AM"    ""
+ "Pentax Raw Decoder (FastPictureViewer Codec Pack)"    "Pentax Raw Decoder"    "Axel Rietschin Software Developments"    "c:\windows\wiccodecs\{a6d092a4-081a-4f0e-9356-da167e87d922}\raw formats\pentax\x86\pentaxcodec.dll"    "4/23/2017 4:04 AM"    ""
+ "PhotoLine Thumbnail Provider (FastPictureViewer Codec Pack)"    "PhotoLine Thumbnail Provider"    "Axel Rietschin Software Developments"    "c:\windows\wiccodecs\{a6d092a4-081a-4f0e-9356-da167e87d922}\vector formats\pld thumbnail provider\x86\pldthumbnailprovider.dll"    "4/23/2017 4:05 AM"    ""
+ "PPM Decoder (FastPictureViewer Codec Pack)"    "Netpbm (PNM/PPM/PGM/PBM) Decoder"    "Axel Rietschin Software Developments"    "c:\windows\wiccodecs\{a6d092a4-081a-4f0e-9356-da167e87d922}\raster formats\portable pixmap\x86\ppmcodec.dll"    "4/23/2017 4:05 AM"    ""
+ "Radiance HDR Decoder (FastPictureViewer Codec Pack)"    "Radiance HDR Decoder"    "Axel Rietschin Software Developments"    "c:\windows\wiccodecs\{a6d092a4-081a-4f0e-9356-da167e87d922}\raster formats\radiance hdr\x86\hdrcodec.dll"    "4/23/2017 4:06 AM"    ""
+ "Rawzor Compressed Raw Format Previewer (FastPictureViewer Codec Pack)"    "Rawzor Compressed Raw Format Previewer"    "Axel Rietschin Software Developments"    "c:\windows\wiccodecs\{a6d092a4-081a-4f0e-9356-da167e87d922}\special codecs\rawzor previewer\x86\rawzorcodec.dll"    "4/23/2017 4:06 AM"    ""
+ "Samsung Raw Decoder (FastPictureViewer Codec Pack)"    "Samsung Raw Decoder"    "Axel Rietschin Software Developments"    "c:\windows\wiccodecs\{a6d092a4-081a-4f0e-9356-da167e87d922}\raw formats\samsung\x86\samsungcodec.dll"    "4/23/2017 4:06 AM"    ""
+ "Sigma X3F Decoder (FastPictureViewer Codec Pack)"    "Sigma X3F Decoder"    "Axel Rietschin Software Developments"    "c:\windows\wiccodecs\{a6d092a4-081a-4f0e-9356-da167e87d922}\raw formats\sigma\x86\sigmacodec.dll"    "4/23/2017 4:05 AM"    ""
+ "Silicon Graphics RGB Decoder (FastPictureViewer Codec Pack)"    "Silicon Graphics RGB Decoder"    "Axel Rietschin Software Developments"    "c:\windows\wiccodecs\{a6d092a4-081a-4f0e-9356-da167e87d922}\raster formats\silicon graphics rgb\x86\silicongraphicscodec.dll"    "4/23/2017 4:05 AM"    ""
+ "Sinar Raw Decoder (FastPictureViewer Codec Pack)"    "Sinar Raw Decoder"    "Axel Rietschin Software Developments"    "c:\windows\wiccodecs\{a6d092a4-081a-4f0e-9356-da167e87d922}\raw formats\sinar\x86\sinarcodec.dll"    "4/23/2017 4:05 AM"    ""
+ "Softimage PIC Decoder (FastPictureViewer Codec Pack)"    "Softimage PIC Decoder"    "Axel Rietschin Software Developments"    "c:\windows\wiccodecs\{a6d092a4-081a-4f0e-9356-da167e87d922}\raster formats\softimage pic\x86\softimagecodec.dll"    "4/23/2017 4:05 AM"    ""
+ "Sony Raw Decoder (FastPictureViewer Codec Pack)"    "Sony Raw Decoder"    "Axel Rietschin Software Developments"    "c:\windows\wiccodecs\{a6d092a4-081a-4f0e-9356-da167e87d922}\raw formats\sony\x86\sonycodec.dll"    "4/23/2017 4:04 AM"    ""
+ "TGA Decoder (FastPictureViewer Codec Pack)"    "Truevision Targa (TGA) Decoder"    "Axel Rietschin Software Developments"    "c:\windows\wiccodecs\{a6d092a4-081a-4f0e-9356-da167e87d922}\raster formats\truevision targa\x86\tgacodec.dll"    "4/23/2017 4:04 AM"    ""
+ "Valve Texture Format Decoder (FastPictureViewer Codec Pack)"    "Valve Texture Format Decoder"    "Axel Rietschin Software Developments"    "c:\windows\wiccodecs\{a6d092a4-081a-4f0e-9356-da167e87d922}\raster formats\valve texture format\x86\vtfcodec.dll"    "4/23/2017 4:05 AM"    ""
+ "{42553C8F-FF8C-45C9-A37A-C3939F7C016B}"    "Microsoft Raw Codec"    "Microsoft Corporation"    "c:\program files (x86)\common files\microsoft shared\microsoft camera codec pack\microsoftrawcodec.dll"    "6/25/2013 1:50 AM"    ""
+ "{D26E1A3B-2604-4632-9DD1-A49C4C300C21}"    "CR2 Decoder"    "Ardfry Imaging, LLC"    "c:\program files (x86)\ardfryimaging\cr2 codec\ardfrycr2codec.dll"    "2/23/2010 9:44 PM"    ""
"HKLM\SOFTWARE\Classes\Htmlfile\Shell\Open\Command\(Default)"    ""    ""    ""    "6/28/2015 7:03 PM"    ""
+ "C:\Program Files\Internet Explorer\iexplore.exe"    "Internet Explorer"    "Microsoft Corporation"    "c:\program files\internet explorer\iexplore.exe"    "2/10/2018 12:58 AM"    ""
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\Credential Providers"    ""    ""    ""    "11/1/2013 5:02 PM"    ""
+ "BtwCredentialProvider"    "BtwCP DLL"    "Broadcom Corporation."    "c:\program files\widcomm\bluetooth software\btwcp.dll"    "4/1/2012 2:14 PM"    ""
+ "BtwProximityCredentialProvider"    "BtwProximityCP DLL"    "Broadcom Corporation."    "c:\program files\widcomm\bluetooth software\btwproximitycp.dll"    "4/1/2012 2:17 PM"    ""
"HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries"    ""    ""    ""    "2/19/2016 10:12 AM"    ""
+ "mdnsNSP"    "Bonjour Namespace Provider"    "Apple Inc."    "c:\program files (x86)\bonjour\mdnsnsp.dll"    "8/12/2015 5:48 PM"    ""
"HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries64"    ""    ""    ""    "2/19/2016 10:12 AM"    ""
+ "mdnsNSP"    "Bonjour Namespace Provider"    "Apple Inc."    "c:\program files\bonjour\mdnsnsp.dll"    "8/12/2015 5:47 PM"    ""
"HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors"    ""    ""    ""    "3/3/2015 3:24 PM"    ""
+ "doPDF 7 Monitor"    "doPDF Port Monitor"    "Softland"    "c:\windows\system32\dopdfmn7.dll"    "10/22/2010 7:15 AM"    ""
+ "EPSON WF-2540 Series 64MonitorBE"    "EPSON Bi-directional Monitor AMD64"    "SEIKO EPSON CORPORATION"    "c:\windows\system32\e_ylmiue.dll"    "4/18/2011 11:13 PM"    ""
+ "EpsonNet Print Port"    "EpsonNet Print Port Monitor DLL"    "SEIKO EPSON CORPORATION"    "c:\windows\system32\enppmon.dll"    "8/29/2011 11:38 PM"    ""
+ "HPLJ1020LM"    ""    ""    "c:\windows\system32\zlhp1020.dll"    "9/18/2012 2:27 AM"    ""
+ "PCL hpz3lwn7"    "LanguageMonitor"    "Hewlett-Packard Company"    "c:\windows\system32\hpz3lwn7.dll"    "7/13/2009 8:28 PM"    ""
+ "ZDesigner Language Monitor"    "Printer Language Monitor"    "Euro Plus d.o.o."    "c:\windows\system32\zdnnlm64.dll"    "1/8/2015 7:36 AM"    ""
"HKLM\SYSTEM\CurrentControlSet\Control\Lsa\Notification Packages"    ""    ""    ""    "3/10/2018 2:21 PM"    ""
+ "C:\Program Files\WIDCOMM\Bluetooth Software\BtwProximityCP.dll"    "BtwProximityCP DLL"    "Broadcom Corporation."    "c:\program files\widcomm\bluetooth software\btwproximitycp.dll"    "4/1/2012 2:17 PM"    ""
"HKLM\SYSTEM\CurrentControlSet\Control\Lsa\Security Packages"    ""    ""    ""    "3/10/2018 2:21 PM"    ""
+ "wsauth"    "VMware View LSA Authentication Provider"    "VMware, Inc."    "c:\windows\system32\wsauth.dll"    "9/7/2011 8:27 PM"    ""
"HKLM\SYSTEM\CurrentControlSet\Control\NetworkProvider\Order"    ""    ""    ""    "10/7/2016 11:43 AM"    ""
+ "AdobeDriveCS4_NP"    "Adobe Drive CS4 Network"    "Adobe Systems Incorporated"    "c:\program files (x86)\common files\adobe\adobe drive cs4\adobedrivecs4_np.dll"    "8/14/2008 9:39 AM"    ""
+ "CbFs3"    "Virtual Network Shares CallbackFS v3"    "EldoS Corporation"    "c:\windows\system32\cbfsnetrdr3.dll"    "4/9/2012 8:27 AM"    ""
"C:\Users\Randy\AppData\Local\Microsoft\Windows Sidebar\Settings.ini"    ""    ""    ""    "12/13/2017 3:14 AM"    ""
+ "Countdown to Anything"    "Countdown to any special event, holiday, or other occasion. Just enter the date and message and watch the gadget count down for you."    "Ben Lemmon"    "C:\Users\Randy\AppData\Local\Microsoft\Windows Sidebar\Gadgets\Countdown.gadget\Gadget.xml"    "1/25/2010 7:30 PM"    ""
"HKLM\Software\Microsoft\Office\Outlook\Addins"    ""    ""    ""    "3/10/2018 10:25 AM"    ""
X "Apple DAV Outlook Addin"    ""    ""    ""    "6/28/2016 7:18 PM"    ""
+ "Connect Class"    "OutlookChangeNotifier"    "Apple Inc."    "c:\program files\common files\apple\mobile device support\outlookchangenotifieraddin.dll"    "4/21/2016 1:32 AM"    ""
"HKCU\Software\Microsoft\Office\Outlook\Addins"    ""    ""    ""    "6/30/2016 1:59 PM"    ""
X "Apple DAV Outlook Addin"    ""    ""    ""    "6/30/2016 1:59 PM"    ""
X "{5B7AB748-6D2E-4827-90A5-32B426DC61B7}"    ""    ""    ""    "12/29/2009 1:40 AM"    ""
+ "{D614B4AF-F5E6-4A03-AE81-37BA64372538}"    ""    ""    ""    "12/29/2009 1:40 AM"    ""
+ "{EFEF7FDB-0CED-4FB6-B3BB-3C50D39F4120}"    ""    ""    ""    "12/29/2009 1:40 AM"    ""
+ "{F959DBBB-3867-41F2-8E5F-3B8BEFAA81B3}"    ""    ""    ""    "12/29/2009 1:40 AM"    ""
"HKLM\Software\Wow6432Node\Microsoft\Office\Outlook\Addins"    ""    ""    ""    "3/10/2018 10:25 AM"    ""
X "Apple DAV Outlook Addin"    "Apple Outlook Addin"    "Apple Inc."    "c:\program files (x86)\common files\apple\internet services\aplzod32.dll"    "2/23/2016 3:59 AM"    ""
+ "Connect Class"    "Streets and Trips add-in for email communication"    "Microsoft"    "c:\program files (x86)\microsoft mappoint 2011\streetsolkaddin.dll"    "9/8/2010 12:07 PM"    ""
+ "Groove OutlookProxyAddIn"    "GrooveTransceiver Module"    "Microsoft Corporation"    "c:\program files (x86)\microsoft office\office12\groovetransceiver.dll"    "2/26/2009 1:00 PM"    ""
+ "Microsoft VBA for Outlook Addin"    "Outlook VBA Integration Add-In"    "Microsoft Corporation"    "c:\program files (x86)\microsoft office\office12\addins\outlvba.dll"    "11/18/2014 10:48 AM"    ""
+ "OMS Connect class"    "Microsoft Outlook Mobile Service"    "Microsoft Corporation"    "c:\program files (x86)\microsoft office\office12\omsmain.dll"    "11/18/2014 10:54 AM"    ""
+ "OneNote Notes about Outlook Items"    "Microsoft Office OneNote Outlook Add-in"    "Microsoft Corporation"    "c:\program files (x86)\microsoft office\office12\onbttnol.dll"    "8/30/2011 1:40 AM"    ""
+ "PDFMOutlook"    "PDFMOutlook Module"    "Adobe Systems Incorporated"    "c:\program files (x86)\adobe\acrobat 6.0\pdfmaker\mail\outlook\pdfmoutlook.dll"    "5/15/2003 3:24 AM"    ""
"HKCU\Software\Microsoft\Office\Access\Addins"    ""    ""    ""    "12/29/2009 1:40 AM"    ""
X "{351C19A9-79EE-4274-BE26-F734A2372439}"    ""    ""    ""    "12/29/2009 1:40 AM"    ""
 


My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 


#7 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,679 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:01:23 AM

Posted 11 March 2018 - 06:03 PM

Right click on Autoruns, click Run As Administrator.
Scroll down to "Task Scheduler" section.
Uncheck following lines:

+ "\achieved shallows evidence"    "Methode"    ""    "c:\users\randy\appdata\local\methode.exe"    "3/7/2018 6:30 PM"    ""
+ "\bisson"    ""    ""    "File not found: C:\Program Files (x86)\Intuitively\methode.exe"
+ "\kika romanticizing"    ""    ""    "File not found: C:\Program Files (x86)\Drooped\prolongs.exe"
+ "\monsanto_exploit"    ""    ""    "File not found: C:\Users\Randy\AppData\Local\prolongs.exe"    ""    ""
+ "\mousse_laud"    ""    ""    "File not found: C:\Program Files (x86)\Drooped\methode.exe"
+ "\sailboat-paging"    ""    ""    "File not found: C:\Program Files (x86)\netters\prolongs.exe"  

Restart computer. Re-run Autoruns as Adminstrator.
Right click on eachof the above lines and click Delete.

Open Windows Explorer adn delete following file:

c:\users\randy\appdata\local\methode.exe


My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 


#8 WTP07

WTP07
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:04:23 AM

Posted 11 March 2018 - 07:55 PM

Did that, rebooted, now it won't boot at all. Black screen, no HDD activity, won't respond to keyboard or mouse. Any ideas?

EDIT: Got it booted...took a long time.  Methode still in task list, k0kx ad popups still happening.  


Edited by WTP07, 11 March 2018 - 08:09 PM.


#9 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,679 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:01:23 AM

Posted 12 March 2018 - 05:36 PM

p22002970.gif Download Security Check from here or here and save it to your Desktop.
  • Double-click SecurityCheck.exe
  • Follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.


NOTE 1. If one of your security applications (e.g., third-party firewall) requests permission to allow DIG.EXE access the Internet, allow it to do so.
NOTE 2. SecurityCheck may produce some false warning(s), so leave the results reading to me.
NOTE 3. If you receive UNSUPPORTED OPERATING SYSTEM! ABORTED! message restart computer and Security Check should run

p22002970.gif Please download Farbar Service Scanner (FSS) and run it on the computer with the issue.
  • Make sure the following options are checked:
    • Internet Services
    • Windows Firewall
    • System Restore
    • Security Center/Action Center
    • Windows Update
    • Windows Defender
    • Other Services
  • Press "Scan".
  • It will create a log (FSS.txt) in the same directory the tool is run.
  • Please copy and paste the log to your reply.


p22002970.gif Please download MiniToolBox and run it.

Checkmark following boxes:
  • Report IE Proxy Settings
  • Report FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Devices (do NOT change any settings here)
  • List Users, Partitions and Memory size
  • List Restore Points

Click Go and post the result.

p22002970.gif Please download Malwarebytes to your desktop.
  • Double-click mb3-setup-1878.1878-3.5.1.2522.exe and follow the prompts to install the program.
  • Then click Finish.
  • Once the program has fully updated, select Scan Now on the Dashboard. Or select the Threat Scan from the Scan menu.
  • If another update of the definitions is available, it will be implemented before the rest of the scanning procedure.
  • When the scan is complete, make sure that all Threats are selected, and click Remove Selected.
  • Restart your computer when prompted to do so.
  • The Scan log is available throughout History ->Application logs. Please post it contents in your next reply.


p22002970.gifDownload 51a5f31352b88-icon_MBAR.pngMalwarebytes Anti-Rootkit (MBAR) to your desktop.
  • Warning! Malwarebytes Anti-Rootkit needs to be run from an account with administrator rights.
  • Double click on downloaded file. OK self extracting prompt.
  • MBAR will start. Click "Next" to continue.
  • Click in the following screen "Update" to obtain the latest malware definitions.
  • Once the update is complete select "Next" and click "Scan".
  • When the scan is finished and no malware has been found select "Exit".
  • If malware was detected, make sure to check all the items and click "Cleanup". Reboot your computer.
  • Open the MBAR folder located on your Desktop and paste the content of the following files in your next reply:
  • "mbar-log-{date} (xx-xx-xx).txt"
  • "system-log.txt"


NOTE. If you see This version requires you to completely exit the Anti Malware application message right click on the Malwarebytes Anti-Malware icon in the system tray and click on Exit.

p22002970.gif Please download Rkill (courtesy of BleepingComputer.com) to your desktop.
There are 2 different versions. If one of them won't run then download and try to run the other one.
You only need to get one of these to run, not all of them. You may get warnings from your antivirus about this tool, ignore them or shutdown your antivirus.

rKill.exe: http://www.bleepingcomputer.com/download/rkill/dl/10/
iExplore.exe (renamed rKill.exe): http://www.bleepingcomputer.com/download/rkill/dl/11/

  • Double-click on the Rkill desktop icon to run the tool.
  • If using Windows Vista, 7 or 8 right-click on it and choose Run As Administrator.
  • A black DOS box will briefly flash and then disappear. This is normal and indicates the tool ran successfully.
  • If not, delete the file, then download and use the one provided in Link 2.
  • Do not reboot until instructed.
  • If the tool does not run from any of the links provided, please let me know.


If normal mode still doesn't work, run the tool from safe mode.

When the scan is done Notepad will open with rKill log.
Post it in your next reply.

NOTE. rKill.txt log will also be present on your desktop.

NOTE Do NOT wrap your logs in "quote" or "code" brackets.
Do NOT use spoilers.
Do NOT edit your reply to post additional logs. Create new reply. I'll not get any email notifications about edits so I won't know you posted something new.

My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 


#10 WTP07

WTP07
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:04:23 AM

Posted 12 March 2018 - 06:11 PM

Security Check: 

 

 Results of screen317's Security Check version 1.014 --- 12/23/15  

 Windows 7 Service Pack 1 x64 (UAC is enabled)  

 Internet Explorer 11  

``````````````Antivirus/Firewall Check:`````````````` 

 Windows Firewall Enabled!  

 Windows Firewall Disabled!  

Microsoft Security Essentials   

 Antivirus up to date!  

`````````Anti-malware/Other Utilities Check:````````` 

 MVPS Hosts File  

 Spybot - Search & Destroy 

 AVG Web TuneUp   

 Java 8 Update 131  

 Java version 32-bit out of Date! 

 Adobe Flash Player 10 Flash Player out of Date! 

 Mozilla Firefox (55.0.3) 

 Google Chrome (64.0.3282.186) 

 Google Chrome (plugins...) 

 Google Chrome (SetupMetrics...) 

````````Process Check: objlist.exe by Laurent````````  

 Microsoft Security Essentials MSMpEng.exe 

 Spybot Teatimer.exe is disabled! 

`````````````````System Health check````````````````` 

 Total Fragmentation on Drive C: 0% 

````````````````````End of Log`````````````````````` 

 

FSS: 

 

Farbar Service Scanner Version: 27-01-2016

Ran by Randy (administrator) on 12-03-2018 at 19:06:39

Running from "C:\Users\Randy\Downloads"

Microsoft Windows 7 Home Premium  Service Pack 1 (X64)

Boot Mode: Normal

****************************************************************

 

Internet Services:

============

 

Connection Status:

==============

Localhost is accessible.

LAN connected.

Google IP is accessible.

Google.com is accessible.

Yahoo.com is accessible.

 

 

Windows Firewall:

=============

 

Firewall Disabled Policy: 

==================

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

"EnableFirewall"=DWORD:0

 

 

System Restore:

============

 

System Restore Policy: 

========================

 

 

Action Center:

============

 

 

Windows Update:

============

 

Windows Autoupdate Disabled Policy: 

============================

 

 

Windows Defender:

==============

WinDefend Service is not running. Checking service configuration:

The start type of WinDefend service is set to Demand. The default start type is Auto.

The ImagePath of WinDefend service is OK.

The ServiceDll of WinDefend service is OK.

 

 

Windows Defender Disabled Policy: 

==========================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]

"DisableAntiSpyware"=DWORD:1

 

 

Other Services:

==============

 

 

File Check:

========

C:\Windows\System32\nsisvc.dll => File is digitally signed

C:\Windows\System32\drivers\nsiproxy.sys => File is digitally signed

C:\Windows\System32\dhcpcore.dll => File is digitally signed

C:\Windows\System32\drivers\afd.sys => File is digitally signed

C:\Windows\System32\drivers\tdx.sys => File is digitally signed

C:\Windows\System32\Drivers\tcpip.sys => File is digitally signed

C:\Windows\System32\dnsrslvr.dll => File is digitally signed

C:\Windows\System32\dnsapi.dll => File is digitally signed

C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed

C:\Windows\System32\mpssvc.dll => File is digitally signed

C:\Windows\System32\bfe.dll => File is digitally signed

C:\Windows\System32\drivers\mpsdrv.sys => File is digitally signed

C:\Windows\System32\SDRSVC.dll => File is digitally signed

C:\Windows\System32\vssvc.exe => File is digitally signed

C:\Windows\System32\wscsvc.dll => File is digitally signed

C:\Windows\System32\wbem\WMIsvc.dll => File is digitally signed

C:\Windows\System32\wuaueng.dll => File is digitally signed

C:\Windows\System32\qmgr.dll => File is digitally signed

C:\Windows\System32\es.dll => File is digitally signed

C:\Windows\System32\cryptsvc.dll => File is digitally signed

C:\Program Files\Windows Defender\MpSvc.dll => File is digitally signed

C:\Windows\System32\ipnathlp.dll => File is digitally signed

C:\Windows\System32\iphlpsvc.dll => File is digitally signed

C:\Windows\System32\svchost.exe => File is digitally signed

C:\Windows\System32\rpcss.dll => File is digitally signed

 

 

**** End of log ****

 
Mini Toolbox:
 

MiniToolBox by Farbar  Version: 17-06-2016
Ran by Randy (administrator) on 12-03-2018 at 19:09:11
Running from "C:\Users\Randy\Downloads"
Microsoft Windows 7 Home Premium  Service Pack 1 (X64)
Model: DX4300 Manufacturer: Gateway
Boot Mode: Normal
***************************************************************************
 
========================= IE Proxy Settings: ============================== 
 
Proxy is not enabled.
No Proxy Server is set.
 
========================= FF Proxy Settings: ============================== 
 
========================= Hosts content: =================================
127.0.0.1 lmlicenses.wip4.adobe.com
127.0.0.1 lm.licenses.adobe.com
127.0.0.1 na1r.services.adobe.com
127.0.0.1 hlrcv.stage.adobe.com
127.0.0.1 practivate.adobe.com 
127.0.0.1 activate.adobe.com
127.0.0.1 activate.adobe.com
127.0.0.1  activate.adobe.com
127.0.0.1  activate-sjc0.adobe.com
127.0.0.1  adobeereg.com
127.0.0.1  practivate.adobe.com
127.0.0.1  ereg.adobe.com
127.0.0.1  www.adobeereg.com
127.0.0.1  activate.wip3.adobe.com
127.0.0.1  wip3.adobe.com
127.0.0.1  3dns-3.adobe.com
127.0.0.1  3dns-2.adobe.com
127.0.0.1  adobe-dns.adobe.com
127.0.0.1  adobe-dns-2.adobe.com
127.0.0.1  adobe-dns-3.adobe.com
127.0.0.1  ereg.wip3.adobe.com
127.0.0.1  activate-sea.adobe.com
127.0.0.1  wwis-dubc1-vip60.adobe.com
127.0.0.1  activate-sjc0.adobe.com
127.0.0.1  wwis-dubc1-vip60.adobe.com
127.0.0.1  192.150.18.108127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
 
There are 15260 entries.
 
========================= IP Configuration: ================================
 
Linksys AE1200 = Wireless Network Connection 19 (Connected)
VMware Virtual Ethernet Adapter for VMnet1 = VMware Network Adapter VMnet1 (Hardware not present)
VMware Virtual Ethernet Adapter for VMnet8 = VMware Network Adapter VMnet8 (Hardware not present)
Marvell Yukon 88E8071 PCI-E Gigabit Ethernet Controller = Local Area Connection (Media disconnected)
TAP-Windows Adapter V9 = Local Area Connection 11 (Media disconnected)
TAP-NordVPN Windows Adapter V9 = Local Area Connection 7 (Media disconnected)
Microsoft Virtual WiFi Miniport Adapter = Wireless Network Connection 21 (Media disconnected)
 
 
# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4
 
reset
set global icmpredirects=enabled
set subinterface interface=?H subinterface=ethernet_17 mtu=1477
 
 
popd
# End of IPv4 configuration
 
 
 
Windows IP Configuration
 
   Host Name . . . . . . . . . . . . : Gateway
   Primary Dns Suffix  . . . . . . . : 
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
   DNS Suffix Search List. . . . . . : hitronhub.home
 
Ethernet adapter Local Area Connection 7:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : TAP-NordVPN Windows Adapter V9
   Physical Address. . . . . . . . . : 00-FF-89-A5-BA-B2
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
 
Wireless LAN adapter Wireless Network Connection 21:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter #12
   Physical Address. . . . . . . . . : 60-38-E0-09-C6-2A
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
 
Wireless LAN adapter Wireless Network Connection 19:
 
   Connection-specific DNS Suffix  . : hitronhub.home
   Description . . . . . . . . . . . : Linksys AE1200
   Physical Address. . . . . . . . . : 60-38-E0-09-C6-2A
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   IPv6 Address. . . . . . . . . . . : 2607:fea8:2a9f:f806::3(Preferred) 
   Lease Obtained. . . . . . . . . . : Sunday, March 11, 2018 8:57:53 PM
   Lease Expires . . . . . . . . . . : Sunday, March 18, 2018 8:57:53 PM
   IPv6 Address. . . . . . . . . . . : 2607:fea8:2a9f:f806:6c9b:8fec:526b:2565(Preferred) 
   IPv6 Address. . . . . . . . . . . : fd00:6477:7db2:3c72:6c9b:8fec:526b:2565(Preferred) 
   Temporary IPv6 Address. . . . . . : 2607:fea8:2a9f:f806:1c61:1c73:9d47:5126(Preferred) 
   Temporary IPv6 Address. . . . . . : fd00:6477:7db2:3c72:1c61:1c73:9d47:5126(Preferred) 
   Link-local IPv6 Address . . . . . : fe80::6c9b:8fec:526b:2565%60(Preferred) 
   IPv4 Address. . . . . . . . . . . : 192.168.0.33(Preferred) 
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : Sunday, March 11, 2018 8:57:51 PM
   Lease Expires . . . . . . . . . . : Sunday, March 18, 2018 8:57:51 PM
   Default Gateway . . . . . . . . . : fe80::6677:7dff:feb2:3c72%60
                                       192.168.0.1
   DHCP Server . . . . . . . . . . . : 192.168.0.1
   DHCPv6 IAID . . . . . . . . . . . : 1264597216
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-12-8F-21-7F-90-FB-A6-29-73-97
   DNS Servers . . . . . . . . . . . : 2607:fea8:2a9f:f806:6677:7dff:feb2:3c72
                                       192.168.0.1
   NetBIOS over Tcpip. . . . . . . . : Enabled
 
Ethernet adapter Local Area Connection 11:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : TAP-Windows Adapter V9
   Physical Address. . . . . . . . . : 00-FF-2D-FF-05-6F
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
 
Ethernet adapter Local Area Connection:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : hitronhub.home
   Description . . . . . . . . . . . : Marvell Yukon 88E8071 PCI-E Gigabit Ethernet Controller
   Physical Address. . . . . . . . . : 90-FB-A6-29-73-97
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
 
Tunnel adapter isatap.hitronhub.home:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : hitronhub.home
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
 
Tunnel adapter isatap.{2DFF056F-A0D8-44D1-A281-57B1D1A68EB1}:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
 
Tunnel adapter Local Area Connection* 14:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
Server:  hitronhub.home
Address:  2607:fea8:2a9f:f806:6677:7dff:feb2:3c72
 
Name:    google.com
Addresses:  2607:f8b0:400b:80c::200e
  172.217.1.174
 
 
Pinging google.com [2607:f8b0:400b:80c::200e] with 32 bytes of data:
Reply from 2607:f8b0:400b:80c::200e: time=36ms 
Reply from 2607:f8b0:400b:80c::200e: time=20ms 
 
Ping statistics for 2607:f8b0:400b:80c::200e:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 20ms, Maximum = 36ms, Average = 28ms
Server:  hitronhub.home
Address:  2607:fea8:2a9f:f806:6677:7dff:feb2:3c72
 
Name:    yahoo.com
Addresses:  2001:4998:58:2201::73
  2001:4998:c:e33::53
  206.190.39.42
  98.139.180.180
 
 
Pinging yahoo.com [2001:4998:58:2201::73] with 32 bytes of data:
Reply from 2001:4998:58:2201::73: time=47ms 
Reply from 2001:4998:58:2201::73: time=48ms 
 
Ping statistics for 2001:4998:58:2201::73:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 47ms, Maximum = 48ms, Average = 47ms
 
Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
 
Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
 64...00 ff 89 a5 ba b2 ......TAP-NordVPN Windows Adapter V9
 61...60 38 e0 09 c6 2a ......Microsoft Virtual WiFi Miniport Adapter #12
 60...60 38 e0 09 c6 2a ......Linksys AE1200
 56...00 ff 2d ff 05 6f ......TAP-Windows Adapter V9
 11...90 fb a6 29 73 97 ......Marvell Yukon 88E8071 PCI-E Gigabit Ethernet Controller
  1...........................Software Loopback Interface 1
 63...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
 66...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
 49...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================
 
IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0      192.168.0.1     192.168.0.33     25
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
      192.168.0.0    255.255.255.0         On-link      192.168.0.33    281
     192.168.0.33  255.255.255.255         On-link      192.168.0.33    281
    192.168.0.255  255.255.255.255         On-link      192.168.0.33    281
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link      192.168.0.33    281
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link      192.168.0.33    281
===========================================================================
Persistent Routes:
  None
 
IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
 60    281 ::/0                     fe80::6677:7dff:feb2:3c72
  1    306 ::1/128                  On-link
 60     33 2607:fea8:2a9f:f806::/64 On-link
 60    281 2607:fea8:2a9f:f806::/64 fe80::6677:7dff:feb2:3c72
 60    281 2607:fea8:2a9f:f806::3/128
                                    On-link
 60    281 2607:fea8:2a9f:f806:1c61:1c73:9d47:5126/128
                                    On-link
 60    281 2607:fea8:2a9f:f806:6c9b:8fec:526b:2565/128
                                    On-link
 60    281 fc00::/7                 fe80::6677:7dff:feb2:3c72
 60     33 fd00:6477:7db2:3c72::/64 On-link
 60    281 fd00:6477:7db2:3c72:1c61:1c73:9d47:5126/128
                                    On-link
 60    281 fd00:6477:7db2:3c72:6c9b:8fec:526b:2565/128
                                    On-link
 60    281 fe80::/64                On-link
 60    281 fe80::6c9b:8fec:526b:2565/128
                                    On-link
  1    306 ff00::/8                 On-link
 60    281 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================
 
Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\wshbth.dll [36352] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog5 07 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 08 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [122128] (Apple Inc.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 11 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\wshbth.dll [47104] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog5 07 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 08 C:\Program Files\Bonjour\mdnsNSP.dll [133392] (Apple Inc.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 11 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
 
========================= Event log errors: ===============================
 
Application errors:
==================
Error: (03/12/2018 04:39:40 AM) (Source: Application Error) (User: )
Description: Faulting application name: CompatTelRunner.exe, version: 10.0.17060.1019, time stamp: 0x0206ae46
Faulting module name: ntdll.dll, version: 6.1.7601.24024, time stamp: 0x5a58e571
Exception code: 0xc0000374
Fault offset: 0x00000000000bf6b2
Faulting process id: 0x1a08
Faulting application start time: 0xCompatTelRunner.exe0
Faulting application path: CompatTelRunner.exe1
Faulting module path: CompatTelRunner.exe2
Report Id: CompatTelRunner.exe3
 
Error: (03/11/2018 09:06:58 PM) (Source: Microsoft-Windows-LoadPerf) (User: NT AUTHORITY)
Description: Unloading the performance counter strings for service WmiApRpl (WmiApRpl) failed. The first DWORD in the Data section contains the error code.
 
Error: (03/11/2018 09:06:58 PM) (Source: Microsoft-Windows-LoadPerf) (User: NT AUTHORITY)
Description: The performance strings in the Performance registry value is corrupted when process Performance extension counter provider. The BaseIndex value from the Performance registry is the first DWORD in the Data section, LastCounter value is the second DWORD in the Data section, and LastHelp value is the third DWORD in the Data section.
 
Error: (03/11/2018 08:02:15 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest2" on line C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.
Component 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
 
Error: (03/11/2018 08:01:41 PM) (Source: Microsoft-Windows-LoadPerf) (User: NT AUTHORITY)
Description: Unloading the performance counter strings for service WmiApRpl (WmiApRpl) failed. The first DWORD in the Data section contains the error code.
 
Error: (03/11/2018 08:01:41 PM) (Source: Microsoft-Windows-LoadPerf) (User: NT AUTHORITY)
Description: The performance strings in the Performance registry value is corrupted when process Performance extension counter provider. The BaseIndex value from the Performance registry is the first DWORD in the Data section, LastCounter value is the second DWORD in the Data section, and LastHelp value is the third DWORD in the Data section.
 
Error: (03/11/2018 07:59:10 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest2" on line C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.
Component 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
 
Error: (03/11/2018 07:39:03 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest2" on line C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.
Component 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
 
Error: (03/11/2018 06:49:24 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest2" on line C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.
Component 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
 
Error: (03/10/2018 06:27:28 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest2" on line C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.
Component 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
 
 
System errors:
=============
Error: (03/12/2018 02:03:57 PM) (Source: Schannel) (User: NT AUTHORITY)
Description: The following fatal alert was received: 40.
 
Error: (03/12/2018 02:03:57 PM) (Source: Schannel) (User: NT AUTHORITY)
Description: The following fatal alert was received: 70.
 
Error: (03/12/2018 05:31:55 AM) (Source: Schannel) (User: NT AUTHORITY)
Description: The following fatal alert was received: 40.
 
Error: (03/12/2018 05:31:54 AM) (Source: Schannel) (User: NT AUTHORITY)
Description: The following fatal alert was received: 70.
 
Error: (03/12/2018 01:15:52 AM) (Source: Schannel) (User: NT AUTHORITY)
Description: The following fatal alert was received: 40.
 
Error: (03/12/2018 01:15:52 AM) (Source: Schannel) (User: NT AUTHORITY)
Description: The following fatal alert was received: 70.
 
Error: (03/11/2018 11:07:48 PM) (Source: Schannel) (User: NT AUTHORITY)
Description: The following fatal alert was received: 40.
 
Error: (03/11/2018 11:07:48 PM) (Source: Schannel) (User: NT AUTHORITY)
Description: The following fatal alert was received: 70.
 
Error: (03/11/2018 10:03:43 PM) (Source: Schannel) (User: NT AUTHORITY)
Description: The following fatal alert was received: 40.
 
Error: (03/11/2018 10:03:43 PM) (Source: Schannel) (User: NT AUTHORITY)
Description: The following fatal alert was received: 70.
 
 
Microsoft Office Sessions:
=========================
Error: (12/04/2014 12:33:38 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.6425.1000. This session lasted 355 seconds with 120 seconds of active time.  This session ended with a crash.
 
 
CodeIntegrity Errors:
===================================
  Date: 2018-03-10 19:48:33.136
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\WINDOWS\SoftwareDistribution\Download\cd2b15b1a90e884578188440a1660b12\x86_microsoft-windows-bcrypt-dll_31bf3856ad364e35_6.0.6002.18005_none_f0780c78ec8773db\bcrypt.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2018-03-10 19:48:32.351
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\WINDOWS\SoftwareDistribution\Download\cd2b15b1a90e884578188440a1660b12\x86_microsoft-windows-bcrypt-dll_31bf3856ad364e35_6.0.6002.18005_none_f0780c78ec8773db\bcrypt.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2018-03-10 19:48:31.573
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\WINDOWS\SoftwareDistribution\Download\cd2b15b1a90e884578188440a1660b12\x86_microsoft-windows-bcrypt-dll_31bf3856ad364e35_6.0.6002.18005_none_f0780c78ec8773db\bcrypt.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2018-03-10 19:48:30.665
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\WINDOWS\SoftwareDistribution\Download\cd2b15b1a90e884578188440a1660b12\x86_microsoft-windows-bcrypt-dll_31bf3856ad364e35_6.0.6002.18005_none_f0780c78ec8773db\bcrypt.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2017-08-23 04:35:45.386
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Andy\msvcr100.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2017-08-23 04:35:44.684
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Andy\msvcp100.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2017-08-22 08:56:55.307
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Andy\msvcr100.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2017-08-22 08:56:54.966
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Andy\msvcp100.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2017-08-22 08:48:32.227
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Andy\msvcr100.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2017-08-22 08:48:31.268
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Andy\msvcp100.dll because the set of per-page image hashes could not be found on the system.
 
 
=========================== Installed Programs ============================
 
µTorrent (HKCU\...\uTorrent) (Version: 3.5.3.44358 - BitTorrent Inc.)
ABBYY FineReader 9.0 Sprint (HKLM-x32\...\{F9000000-0018-0000-0000-074957833700}) (Version: 9.00.15.58233 - ABBYY) Hidden
ABBYY FineReader 9.0 Sprint (HKLM-x32\...\ABBYY FineReader 9.0 Sprint) (Version: 9.00.15.58233 - ABBYY)
AC3Filter 1.63b (HKLM-x32\...\AC3Filter_is1) (Version: 1.63b - Alexander Vigovsky)
Acrobat.com (HKLM-x32\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated)
Acronis True Image WD Edition (HKLM-x32\...\{CEAC6D9F-944A-40F7-AB5D-A7412AF9CED9}) (Version: 19.0.33 - Acronis)
Active@ Boot Disk 7.1 (HKLM-x32\...\{9770BCC6-C50D-41D7-AE07-5B796D630052}_is1) (Version: 7.1 - LSoft Technologies Inc)
Adobe Acrobat 6.0 Professional - English, Français, Deutsch (HKLM-x32\...\{AC76BA86-1033-F400-7760-000000000001}) (Version: 006.000.000 - Adobe Systems)
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 18.011.20038 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.5.3.9120 - Adobe Systems Inc.)
Adobe Anchor Service x64 CS4 (HKLM\...\{887797BF-37A5-4199-B0C9-0D38D6196E9A}) (Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe CMaps x64 CS4 (HKLM\...\{90BA8112-80B3-4617-A3C1-BD2771B60F74}) (Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 4.0.1.188 - Adobe Systems Incorporated)
Adobe CSI CS4 x64 (HKLM\...\{8DAA31EB-6830-4006-A99F-4DF8AB24714F}) (Version: 1 - Adobe Systems Incorporated) Hidden
Adobe Drive CS4 x64 (HKLM\...\{A3454894-144A-4D80-B605-C128FE0D7329}) (Version: 1 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 10 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 10.0.45.2 - Adobe Systems Incorporated)
Adobe Flash Player 20 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 20.0.0.228 - Adobe Systems Incorporated)
Adobe Fonts All x64 (HKLM\...\{6631325A-9B1B-4EE7-8E64-8CC4A6F10643}) (Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Illustrator CS3 (HKLM-x32\...\Adobe_a04a925a57548091300ada368235fc6) (Version: 13.0 - Adobe Systems Incorporated)
Adobe Illustrator CS4 (HKLM-x32\...\Adobe_2a31ae7a5c43ff52d8577782dd34e04) (Version: 14.0 - Adobe Systems Incorporated)
Adobe Lightroom (HKLM-x32\...\{8048A5DF-8A70-5BE1-954B-E0FDE1BD0D0D}) (Version: 6.10 - Adobe Systems Incorporated)
Adobe Linguistics CS4 x64 (HKLM\...\{8875A1C0-6308-4790-8CF6-D34E89880052}) (Version: 4.0.0 - Adobe Systems Incorporated) Hidden
Adobe Media Player (HKLM-x32\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.1 - Adobe Systems Incorporated)
Adobe PDF Library Files x64 CS4 (HKLM\...\{DFFABE78-8173-4E97-9C5C-22FB26192FC5}) (Version: 9.0 - Adobe Systems Incorporated) Hidden
Adobe Photoshop CC 2017 (HKLM-x32\...\PHSP_18_1_1) (Version: 18.1.1 - Adobe Systems Incorporated)
Adobe Photoshop CS4 (64 Bit) (HKLM\...\{D40172D6-CE2D-4B72-BF5F-26A04A900B7B}) (Version: 11.0 - Adobe Systems Incorporated) Hidden
Adobe Photoshop CS4 (HKLM-x32\...\Adobe_faf656ef605427ee2f42989c3ad31b8) (Version: 11.0 - Adobe Systems Incorporated)
Adobe Photoshop Lightroom 5.7 64-bit (HKLM\...\{1B77B02E-17E4-4B6D-B8A1-74B29AF3D8DD}) (Version: 5.7.0 - Adobe Systems Incorporated)
Adobe Premiere Pro CC 2015 (HKLM-x32\...\{38C72D42-0672-43B1-9E05-E7631684F9A1}) (Version: 9.0.0 - Adobe Systems Incorporated)
Adobe Shockwave Player 11.6 (HKLM-x32\...\Adobe Shockwave Player) (Version: 11.6.8.638 - Adobe Systems, Inc.)
Adobe Type Support x64 CS4 (HKLM\...\{8C8D673B-20FB-43E6-BCB7-9B3F78F2E762}) (Version: 9.0 - Adobe Systems Incorporated) Hidden
Adobe WinSoft Linguistics Plugin x64 (HKLM\...\{295CFB7C-A57E-4313-93E7-68E7CE1D0332}) (Version: 1.1 - Adobe Systems Incorporated) Hidden
Advanced Renamer (HKLM-x32\...\Advanced Renamer_is1) (Version: 3.73 - Hulubulu Software)
Advertising Center (HKLM-x32\...\{b2ec4a38-b545-4a00-8214-13fe0e915e6d}) (Version: 0.0.0.2 - Nero AG) Hidden
Amazon Drive (HKCU\...\Amazon Drive) (Version: 4.0.16 - Amazon.com, Inc.)
Anime Studio Debut 7.0 (HKLM-x32\...\ASD700_is1) (Version: 7.0 - Smith Micro Software, Inc.)
ANT Drivers Installer x64 (HKLM\...\{00EC0123-5EC2-4D75-830C-EF11667E74E8}) (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
Any Video Converter 3.2.5 (HKLM-x32\...\Any Video Converter_is1) (Version:  - Any-Video-Converter.com)
Any Video Converter Ultimate 5.8.0 (HKLM-x32\...\Any Video Converter Ultimate_is1) (Version:  - Any-Video-Converter.com)
Apple Application Support (32-bit) (HKLM-x32\...\{D079CAAD-0C31-47A2-9AF5-A82F9CD9B221}) (Version: 5.2 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{64E6007B-1DA9-42CD-BBE4-D5FA67A7C71D}) (Version: 5.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{55BB2110-FB43-49B3-93F4-945A0CFB0A6C}) (Version: 10.0.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
ASUS Wireless Router Device Discovery Utility (HKLM-x32\...\{09CDCA35-23FF-4ED6-AFDA-BBD55235CE4B}) (Version: 1.4.8.0 - ASUS)
AutoTRAX Design Express Version 1 (HKLM\...\AutoTRAXDesignExpress_is1) (Version:  - AutoTRAX Software)
AVG Web TuneUp (HKLM-x32\...\AVG Web TuneUp) (Version: 4.3.6.255 - AVG Technologies)
Backup Manager Advance (HKLM-x32\...\{30075A70-B5D2-440B-AFA3-FB2021740121}) (Version: 2.0.2.19 - NewTech Infosystems) Hidden
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
BlueStacks App Player (HKLM-x32\...\BlueStacks) (Version: 3.55.70.1783 - BlueStack Systems, Inc.)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
CaddieSync Express 1.5.14 (HKLM-x32\...\CaddieSync Express) (Version: 1.5.14 - SkyHawke Technologies)
calibre (HKLM-x32\...\{5A39E27B-BFFB-48B5-886F-D3038AD176BF}) (Version: 0.7.31 - Kovid Goyal)
Canon Utilities Digital Photo Professional (HKLM-x32\...\Digital Photo Professional) (Version: 3.14.40.0 - Canon Inc.)
Canon Utilities EOS Lens Registration Tool (HKLM-x32\...\EOS Lens Registration Tool) (Version: 1.1.0.6 - Canon Inc.)
Canon Utilities EOS Utility 2 (HKLM-x32\...\EOS Utility 2) (Version: 2.14.10.2 - Canon Inc.)
Canon Utilities ImageBrowser EX (HKLM-x32\...\ImageBrowser EX) (Version: 1.5.2.8 - Canon Inc.)
Canon Utilities Map Utility (HKLM-x32\...\Map Utility Parent) (Version: 1.6.0.2 - Canon Inc.)
Canon Utilities PhotoStitch (HKLM-x32\...\PhotoStitch) (Version: 3.1.23.47 - Canon Inc.)
Canon Utilities Picture Style Editor (HKLM-x32\...\Picture Style Editor) (Version: 1.14.20.0 - Canon Inc.)
Catalyst Control Center Next Localization BR (HKLM\...\{C36CEF29-4CB4-32EB-4644-1F87207C5C2A}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (HKLM\...\{4E32E38D-54AA-C693-143C-FC5367C24879}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (HKLM\...\{C0D75AAF-4CE8-D748-F2FB-04B60645B809}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (HKLM\...\{BE046C83-AEAC-D339-443B-68B3A6C49668}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (HKLM\...\{0EA81AC8-43CE-2FAE-232C-DDB131F38A73}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (HKLM\...\{606D0B72-0D1B-4B11-B9A8-3024018C8A45}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (HKLM\...\{1CDDBED4-7DED-5EE2-5497-B529E68CB7DF}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (HKLM\...\{37A79750-DD49-2689-B6A1-661815DFDCAC}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (HKLM\...\{0EC4AC08-A200-54AE-14D1-08C20A08366A}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (HKLM\...\{40FC62EA-925E-5609-432F-2B7AEED8BF8A}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (HKLM\...\{67403187-C448-2874-2EE1-6EA52756F36D}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (HKLM\...\{079457DB-B5D2-4C55-767A-0B264F1B2723}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (HKLM\...\{BFF1F4C3-7490-F06B-B202-F3B28BCFB642}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (HKLM\...\{0A01B598-A93D-20DA-79E9-CD0DAE8C33FF}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (HKLM\...\{7FB37953-014B-6B97-A7C7-C041CFEE6C2E}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (HKLM\...\{6696A3A6-3979-D956-7181-715960192603}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (HKLM\...\{A32D9BDA-B1ED-7181-A581-7C2DFBD07E45}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (HKLM\...\{915B4797-74E2-9011-5C4B-EB2BF7066D29}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (HKLM\...\{C1267437-3F62-983A-D3DC-6A9C8DB72630}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (HKLM\...\{2C1693AA-9270-072C-8FD0-D921DA9529DE}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.40 - Piriform)
Choice Guard (HKLM-x32\...\{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}) (Version: 1.2.87.0 - Microsoft Corporation) Hidden
Cisco WebEx Meetings (HKLM-x32\...\ActiveTouchMeetingClient) (Version:  - Cisco WebEx LLC)
Citrix Online Launcher (HKLM-x32\...\{AC7E7905-8C59-4806-A96D-30936A2B1FC5}) (Version: 1.0.168 - Citrix)
Citrix Receiver (HKLM-x32\...\CitrixOnlinePluginPackWeb) (Version: 13.3.0.55 - Citrix Systems, Inc.)
Compatibility Pack for the 2007 Office system (HKLM-x32\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Connect (HKLM-x32\...\{B29AD377-CC12-490A-A480-1452337C618D}) (Version: 1.0.0.1 - Adobe Systems Incorporated) Hidden
Convert AVI to MP4 (HKLM-x32\...\{9ECE13D2-C028-44CB-8A96-A65196E7BBE7}_is1) (Version:  - convertavitomp4.com)
Coolmuster Android Assistant (HKCU\...\Coolmuster Android Assistant) (Version: 4.1.20 - Coolmuster)
CopyTrans Control Center Uninstall Only (HKCU\...\CopyTrans Suite) (Version: 4.017 - WindSolutions)
Corel Shell Extension - 64Bit (HKLM\...\{7F05E704-30A6-421A-97A7-8EEB1C7FF011}) (Version: 14.0 - Corel Corporation) Hidden
Corel VideoStudio 12 (HKLM-x32\...\InstallShield_{F0FDF9C9-1DDC-401F-B638-36F1CAE8A875}) (Version: 12.0.0.0000 - Corel Corporation)
CorelDRAW Graphics Suite X4 - Capture (HKLM-x32\...\{7F05E704-30A6-421A-97A7-8EEB1C7FF012}) (Version: 14.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X4 - Content (HKLM-x32\...\{7F05E704-30A6-421A-97A7-8EEB1C7FF016}) (Version: 14.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X4 - Draw (HKLM-x32\...\{7F05E704-30A6-421A-97A7-8EEB1C7FF013}) (Version: 14.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X4 - Filters (HKLM-x32\...\{7F05E704-30A6-421A-97A7-8EEB1C7FF017}) (Version: 14.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X4 - FontNav (HKLM-x32\...\{7F05E704-30A6-421A-97A7-8EEB1C7FF019}) (Version: 14.0 - Corel Corporation) Hidden
CorelDRAW Graphics SUite X4 - ICA (HKLM-x32\...\{7F05E704-30A6-421A-97A7-8EEB1C7FF010}) (Version: 14.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X4 - IPM (HKLM-x32\...\{9D0798D0-AF6C-4E62-94B1-AEBF1A43E00A}) (Version: 14.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X4 - Lang EN (HKLM-x32\...\{7F05E704-30A6-421A-97A7-8EEB1C7FF100}) (Version: 14.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X4 - PP (HKLM-x32\...\{7F05E704-30A6-421A-97A7-8EEB1C7FF014}) (Version: 14.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X4 - VBA (HKLM-x32\...\{BF439B41-0252-48DE-8B8B-0430CB26A181}) (Version: 14.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X4 (HKLM-x32\...\{44A27085-0616-4181-A0C3-81C7ECA17F73}) (Version: 14.0 - Corel Corporation) Hidden
CorelDRAW® Graphics Suite X4 - Windows Shell Extension (HKLM-x32\...\_{CE2DA11A-917F-4CF5-AB55-755EC115DD10}) (Version:  - Corel Corporation)
CorelDRAW® Graphics Suite X4 - Windows Shell Extension (HKLM-x32\...\{CE2DA11A-917F-4CF5-AB55-755EC115DD10}) (Version: 1.0 - Corel Corporation) Hidden
CorelDRAW® Graphics Suite X4 (HKLM-x32\...\_{7F05E704-30A6-421A-97A7-8EEB1C7FF010}) (Version:  - Corel Corporation)
CPUID CPU-Z 1.67.1 (HKLM\...\CPUID CPU-Z_is1) (Version:  - )
CPV550 emulator (V16.02.01R) (HKLM-x32\...\Standard Horizon CPV550 PC Emulator_is1) (Version: 16.02.01R - Vertex Standard Inc.)
CR2 Codec by Ardfry Imaging, LLC (32 bit) (HKLM-x32\...\{19C62198-E90B-4002-A641-094EA8F887C4}) (Version: 1.0.0.0 - Ardfry Imaging, LLC)
CR2 Codec by Ardfry Imaging, LLC (64 bit) (HKLM\...\{5450B8EB-FF6C-47A2-AC73-864968F85879}) (Version: 1.0.0.0 - Ardfry Imaging, LLC)
CR2 CODEC Version 1.0 (HKLM\...\Ardfry CR2 CODEC_is1) (Version:  - Ardfry Imaging, LLC)
Dell Driver Download Manager (HKCU\...\f031ef6ac137efc5) (Version: 2.1.0.0 - Dell Inc.)
Disk Calculator version 1.00.1 (HKLM-x32\...\{AFD83061-24D0-409B-B952-7573F6C2879B}_is1) (Version: 1.00.1 - Flir)
DisplayDriverAnalyzer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_DisplayDriverAnalyzer) (Version: 390.65 - NVIDIA Corporation) Hidden
DiveOrganizer (HKCU\...\c3bb34ea4bf15628) (Version: 1.7.2.808 - Mares)
doPDF 7.1 printer (HKLM\...\doPDF 7 printer_is1) (Version:  - Softland)
Download Navigator (HKLM-x32\...\{3A3A3B34-6EA2-4031-8580-D66D29533E89}) (Version: 3.4.0 - SEIKO EPSON CORPORATION)
Dropbox (HKCU\...\Dropbox) (Version: 44.4.58 - Dropbox, Inc.)
Dual Smart Solution (HKLM-x32\...\{E61F7C73-277C-44CE-87C4-B574BF0F3803}) (Version: 2.5 - LG Soft India Pvt Ltd)
Duplicate File Finder (HKLM-x32\...\{0670E1C9-84EF-4C85-B030-CF0A5A76B212}_is1) (Version: 5.4 - Ashisoft)
DVD Decrypter (HKLM-x32\...\DVD Decrypter3.5.5.0) (Version: 3.5.5.0 - DVD Decrypter)
DVD Flick 1.3.0.7 (HKLM-x32\...\DVD Flick_is1) (Version: 1.3.0.7 - Dennis Meuwissen)
DVDShrink 2008 (HKLM-x32\...\{EE3FBA20-AB77-46E0-9825-565807A24A66}) (Version: 1.0.0 - BitByteSoft)
EaseUS Partition Master 12.5 Trial Edition (HKLM-x32\...\EaseUS Partition Master Trial Edition_is1) (Version:  - EaseUS)
Elevated Installer (HKLM-x32\...\{9AB7E852-655C-4BDE-9042-1D3E6807C85A}) (Version: 6.1.1.0 - Garmin Ltd or its subsidiaries) Hidden
EOSInfo (HKLM-x32\...\{CC23FF9A-989C-4DEB-8970-50E6E4862315}) (Version: 0.2.0 - astrojargon.net)
EPAFactory Endpoint Analysis Client 3.64 (HKLM-x32\...\{7085DBC5-637F-40BD-8831-EB482754FB17}) (Version: 3.64.0.0 - Citrix Systems, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
EPSON Connect version 1.0 (HKLM-x32\...\EPSON Connect_is1) (Version: 1.0 - Epson America Inc.)
Epson Customer Participation (HKLM\...\{814FA673-A085-403C-9545-747FC1495069}) (Version: 1.4.0.0 - SEIKO EPSON CORPORATION)
Epson Event Manager (HKLM-x32\...\{44F72193-F59C-4303-BAE8-E3E4BC1C122C}) (Version: 3.01.0003 - Seiko Epson Corporation)
Epson FAX Utility (HKLM-x32\...\{0CBE6C93-CB2E-4378-91EE-12BE6D4E2E4A}) (Version: 1.30.00 - SEIKO EPSON CORPORATION)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version:  - Seiko Epson Corporation)
EPSON WF-2540 Series Printer Uninstall (HKLM\...\EPSON WF-2540 Series) (Version:  - SEIKO EPSON Corporation)
EpsonNet Print (HKLM-x32\...\{3E31400D-274E-4647-916C-2CACC3741799}) (Version: 2.5.00 - SEIKO EPSON CORPORATION)
eReg (HKLM-x32\...\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}) (Version: 1.20.138.34 - Logitech, Inc.) Hidden
EVGA Precision X 4.2.1 (HKLM-x32\...\PrecisionX) (Version: 4.2.1 - EVGA Corporation)
Exif Pilot 4.7 (HKLM-x32\...\Exif Pilot_is1) (Version: 4.7 - Two Pilots)
ExifPro 2.1 Photo Viewer (HKLM-x32\...\ExifPro 2.1) (Version:  - )
FastPictureViewer Codec Pack 3.8.0.97 (HKLM-x32\...\{2A290174-8C6B-4CD5-9069-51A132CE7427}) (Version: 3.8.0.97 - Axel Rietschin Software Developments)
FastStone Image Viewer 5.3 (HKLM-x32\...\FastStone Image Viewer) (Version: 5.3 - FastStone Soft)
FileZilla Client 3.7.3 (HKLM-x32\...\FileZilla Client) (Version: 3.7.3 - Tim Kosse)
FLIRCloudClient 2.1.39 (HKLM-x32\...\FLIRCloudClient) (Version: 2.1.39 - FLIR)
Free Avi To Mp4 Converter (HKLM-x32\...\{6DC5AB78-DF81-45B8-BEA8-C00569E2A28A}) (Version: 1.0.0 - convertaudiofree)
Free CR2 to JPG Converter (HKLM-x32\...\{B2D4CA73-E832-4C04-AF23-C6135369EF7D}) (Version: 1.0.0 - Media Freeware)
Free PDF to Word Converter 5.1.0.383 (HKLM\...\Free PDF to Word Converter_is1) (Version: 5.1.0.383 - Smart Soft)
Free YouTube Downloader 4.1.484 (HKLM-x32\...\{A7E19604-93AF-4611-8C9F-CE509C2B286F}_is1) (Version:  - HOW Inc.)
Freemake Video Converter version 4.0.3 (HKLM-x32\...\Freemake Video Converter_is1) (Version: 4.0.3 - Ellora Assets Corporation)
Fresco Logic USB3.0 Host Controller (HKLM\...\{9F52965F-86A7-4019-AC19-020203808BC1}) (Version: 3.5.106.0 - Fresco Logic Inc.)
Gadwin PrintScreen (HKLM-x32\...\Gadwin PrintScreen) (Version: 4.3 - Gadwin Systems, Inc.)
Garmin BaseCamp (HKLM-x32\...\{23A4DBD1-D847-4957-995D-8B1CC527E2E2}) (Version: 4.6.2.0 - Garmin Ltd or its subsidiaries)
Garmin City Navigator North America NT 2018.10 (HKLM-x32\...\{F94ADEB1-A0D7-4F1B-B53D-0C9CDC1FC79D}) (Version: 2.0.0.0 - Garmin Ltd or its subsidiaries)
Garmin Express (HKLM-x32\...\{E695D74A-9567-46DA-A4EE-0E191F21194B}) (Version: 6.1.1.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin Express (HKLM-x32\...\{fb1ff7db-c0d2-43c4-99bf-5b2fa4f9ca0b}) (Version: 6.1.1.0 - Garmin Ltd or its subsidiaries)
Garmin Express Tray (HKLM-x32\...\{7C8FDEF1-F311-459C-B3CC-EEF73C721BFD}) (Version: 6.1.1.0 - Garmin Ltd or its subsidiaries) Hidden
Gateway InfoCentre (HKLM-x32\...\Gateway InfoCentre) (Version: 3.02.3000 - Gateway Incorporated)
Gateway MyBackup (HKLM-x32\...\InstallShield_{30075A70-B5D2-440B-AFA3-FB2021740121}) (Version: 2.0.2.19 - NewTech Infosystems)
Gateway Photo Frame 4.2.3.10 (HKLM-x32\...\Gateway Photo Frame) (Version: 4.2.3.10 - I/O Interconnect)
Gateway Recovery Management (HKLM-x32\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 4.05.3002 - Acer Incorporated)
Gateway Registration (HKLM-x32\...\Gateway Registration) (Version: 1.02.3004 - Gateway Incorporated)
Gateway ScreenSaver (HKLM-x32\...\Gateway Screensaver) (Version: 1.1.0812 - Gateway Incorporated)
Gateway Updater (HKLM-x32\...\{EE171732-BEB4-4576-887D-CB62727F01CA}) (Version: 1.01.3014 - Gateway Incorporated)
GDR 4042 for SQL Server 2008 R2 (KB3045313) (HKLM-x32\...\KB3045313) (Version: 10.52.4042.0 - Microsoft Corporation)
Geeks3D FurMark 1.18.2.0 (HKLM-x32\...\{2397CAD4-2263-4CD0-96BE-E43A980B9C9A}_is1) (Version:  - Geeks3D)
getPlus® Download Manager for Corel (HKLM-x32\...\{459E93B6-150E-45d5-8D4B-45C66FC035FE}) (Version: 1.5.0.56 - NOS Microsystems Ltd.)
Google Chrome (HKCU\...\Google Chrome) (Version: 64.0.3282.186 - Google Inc.)
Google Drive (HKLM-x32\...\{C6640705-7479-4EE5-BC86-879F05F65E74}) (Version: 1.17.7290.4094 - Google, Inc.)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.24.15 - Google Inc.) Hidden
GoProCineFormDecoders 1.2.0 (HKLM-x32\...\GoProCineFormDecoders) (Version: 1.2.0 - CineForm, Inc & GoPro, Inc.)
HandBrake 0.10.0 (HKLM-x32\...\HandBrake) (Version: 0.10.0 - )
HitmanPro 3.8 (HKLM\...\HitmanPro38) (Version: 3.8.0.292 - SurfRight B.V.)
Icecream Screen Recorder version 2.72 (HKLM-x32\...\{7ADEC622-3230-4C9A-9DCE-9BD462B74095}_is1) (Version: 2.72 - Icecream Apps)
iCloud (HKLM\...\{ADFDB647-35C0-4254-9EE6-2D9C3B7104BD}) (Version: 5.2.1.69 - Apple Inc.)
Ideal DVD to AVI Converter V2.0.1 (HKLM-x32\...\Ideal DVD to AVI Converter_is1) (Version:  - Ideal DVD Software, Inc.)
iDealshare VideoGo 5.5.1.5487 (HKLM-x32\...\{CC4C06C4-7C78-4aab-B5AF-33FB11CCD829}_is1) (Version:  - iDealshare Corporation)
Identity Card (HKLM-x32\...\Identity Card) (Version: 1.00.3001 - Gateway Incorporated)
iExplorer 3.9.11.0 (HKLM-x32\...\{7FD8B0C1-CDDA-4B4D-A577-B2E3570EA3A3}_is1) (Version:  - Macroplant LLC)
ImageMagick 6.8.8-2 Q16 (64-bit) (2014-01-01) (HKLM\...\ImageMagick 6.8.8 Q16 (64-bit)_is1) (Version: 6.8.8 - ImageMagick Studio LLC)
ImagXpress (HKLM-x32\...\{A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D}) (Version: 7.0.74.0 - Nero AG) Hidden
ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.6.0 - LIGHTNING UK!)
Indeo® software (HKLM-x32\...\Indeo® software) (Version:  - )
iTunes (HKLM\...\{81C96689-EA5B-4B7D-A04F-16326EC51BC2}) (Version: 12.5.4.42 - Apple Inc.)
J2SE Development Kit 5.0 Update 22 (HKLM-x32\...\{32A3A4F4-B792-11D6-A78A-00B0D0150220}) (Version: 1.5.0.220 - Sun Microsystems, Inc.)
Java 8 Update 131 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180131F0}) (Version: 8.0.1310.11 - Oracle Corporation)
Junk Mail filter update (HKLM-x32\...\{4DE3E3D9-AE81-45DE-9195-3015F7B1DBF3}) (Version: 14.0.8064.206 - Microsoft Corporation) Hidden
Kobo (HKLM-x32\...\Kobo) (Version: 4.0.5579 - Rakuten Kobo Inc.)
Kodi (HKCU\...\Kodi) (Version:  - XBMC-Foundation)
kuler (HKLM-x32\...\{098727E1-775A-4450-B573-3F441F1CA243}) (Version: 2.0 - Adobe Systems Incorporated) Hidden
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Leawo Video Converter version  5.2.0.1 (HKLM-x32\...\{331ED3CF-3A1B-467C-9A62-899E2D3B20C4}_is1) (Version:  - )
LG United Mobile Driver (HKLM-x32\...\{2A3A4BD6-6CE0-4E2A-80D2-1D0FF6ACBFBA}) (Version: 3.6.0.0 - LG Electronics)
Lightshot-5.2.1.1 (HKLM-x32\...\{30A5B3C9-2084-4063-A32A-628A98DE512B}_is1) (Version: 5.2.1.1 - Skillbrains)
Logitech Harmony Remote Software 7 (HKLM-x32\...\{5C6F884D-680C-448B-B4C9-22296EE1B206}) (Version: 7.7.0.0 - Logitech)
Logitech SetPoint 6.32 (HKLM\...\sp6) (Version: 6.32.20 - Logitech)
Lorex Auto Port Forwarding (HKLM-x32\...\Lorex Auto Port Forwarding1.0.5) (Version: 1.0.5 - Lorex Technology)
Magic DVD Ripper V5.5.0 (HKLM-x32\...\Magic DVD Ripper_is1) (Version:  - Magic DVD Software, Inc.)
MagicDisc 2.7.106 (HKLM-x32\...\MagicDisc 2.7.106) (Version:  - )
Marvell Miniport Driver (HKLM-x32\...\Marvell Miniport Driver) (Version: 11.45.4.3 - Marvell)
MEGAsync (HKLM-x32\...\MEGAsync) (Version:  - Mega Limited)
MGTEK dopisp (HKLM-x32\...\{C25D1742-3136-4B33-9D32-8F0F5E81F349}) (Version: 3.0.1742 - MGTEK)
Microsoft .NET Framework 4.7.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.02558 - Microsoft Corporation)
Microsoft Access database engine 2010 (English) (HKLM-x32\...\{90140000-00D1-0409-0000-0000000FF1CE}) (Version: 14.0.6029.1000 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Camera Codec Pack (HKLM\...\{A6A4A258-0A48-4F76-B8F1-61F0514594DD}) (Version: 16.4.1970.0624 - Microsoft Corporation)
Microsoft MapPoint North America 2011 (HKLM-x32\...\{C82185E8-C27B-4EF4-2011-1111BC2C2B6D}) (Version: 18.0.26.0201 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office Access database engine 2007 (English) (HKLM-x32\...\{90120000-00D1-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office PowerPoint Viewer 2007 (English) (HKLM-x32\...\{95120000-00AF-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Project Professional 2003 (HKLM-x32\...\{903B0409-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Office Suite Activation Assistant (HKLM-x32\...\{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}) (Version: 2.9 - Microsoft Corporation)
Microsoft Office Visio 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0051-0000-0000-0000000FF1CE}_VISPRO_{CE144BF4-4950-4CDB-A5F7-CCE1888F49CB}) (Version:  - Microsoft)
Microsoft Office Visio Professional 2007 (HKLM-x32\...\VISPRO) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Save as PDF or XPS Add-in for 2007 Microsoft Office programs (HKLM-x32\...\{90120000-00B2-0409-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.10.209.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 (HKLM-x32\...\Microsoft SQL Server 2008 R2) (Version:  - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Native Client (HKLM\...\{49860BCD-24D6-44C1-922E-AC12FE32234E}) (Version: 10.52.4042.0 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Setup (English) (HKLM-x32\...\{EFECC55D-7B0A-4D05-8487-CC2FD7C618A3}) (Version: 10.52.4042.0 - Microsoft Corporation)
Microsoft SQL Server 2008 Setup Support Files  (HKLM-x32\...\{D441BD04-E548-4F8E-97A4-1B66135BAAA8}) (Version: 10.1.2731.0 - Microsoft Corporation)
Microsoft SQL Server Browser (HKLM-x32\...\{BF9BF038-FE03-429D-9B26-2FA0FD756052}) (Version: 10.52.4000.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP1 - Italiano (HKLM-x32\...\{7CB59081-B692-441C-A9EF-78C27ED06879}) (Version: 3.5.5692.0 - Microsoft Corporation)
Microsoft SQL Server VSS Writer (HKLM\...\{288D79EE-A2D1-42AF-9597-B0ADCC23A8ED}) (Version: 10.52.4000.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23918 (HKLM-x32\...\{dab68466-3a7d-41a8-a5cf-415e3ff8ef71}) (Version: 14.0.23918.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23918 (HKLM-x32\...\{2e085fd2-a3e4-4b39-8e10-6b8d35f55244}) (Version: 14.0.23918.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Web Platform Installer 2.0 (HKLM\...\{59996900-0E6C-45B7-8C39-C64CB98462E4}) (Version: 2.1.1 - Microsoft Corporation)
Microsoft Works (HKLM-x32\...\{67E03279-F703-408F-B4BF-46B5FC8D70CD}) (Version: 9.7.0621 - Microsoft Corporation)
Mobile Internet Key (HKLM-x32\...\Mobile Internet Key) (Version: 13.001.08.01.464 - Huawei Technologies Co.,Ltd)
Mozilla Firefox 55.0.3 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 55.0.3 (x86 en-US)) (Version: 55.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 55.0.3.6445 - Mozilla)
MSI Afterburner 4.3.0 (HKLM-x32\...\Afterburner) (Version: 4.3.0 - MSI Co., LTD)
MSVC80_x64_v2 (HKLM\...\{4D668D4F-FAA2-4726-834C-31F4614F312E}) (Version: 1.0.3.0 - Nokia) Hidden
MSVC80_x86_v2 (HKLM-x32\...\{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}) (Version: 1.0.3.0 - Nokia) Hidden
MSVC90_x64 (HKLM\...\{AB071C8B-873C-459F-ACA9-9EBE03C3E89B}) (Version: 1.0.1.2 - Nokia) Hidden
MSVC90_x86 (HKLM-x32\...\{AF111648-99A1-453E-81DD-80DBBF6DAD0D}) (Version: 1.0.1.2 - Nokia) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Multimedia Reader USB 2.0 Drivers (HKLM-x32\...\Multimedia Reader USB 2.0 Drivers_is1) (Version: 2.2.0.6 - Jeppesen Marine)
MusicBee 2.4 (HKLM-x32\...\MusicBee) (Version: 2.4 - Steven Mayall)
MyFreeCodec (HKCU\...\MyFreeCodec) (Version:  - )
Neat Image v7.5.0 Demo plug-in for Photoshop (64-bit) (HKLM\...\Neat Image plug-in for Photoshop_is1) (Version:  - Neat Image team, ABSoft)
Nero 9 Essentials (HKLM-x32\...\{dee20f07-04f7-40f0-99bd-afcbd8377f0d}) (Version:  - Nero AG)
Newblue Art Effects for PowerDirector (HKLM\...\NewBlue Art Effects for PowerDirector) (Version: 2.0 - NewBlue)
NirSoft Mail PassView (HKLM-x32\...\NirSoft Mail PassView) (Version:  - )
Nmap 5.61-Spiceworks (HKLM-x32\...\Spiceworks-Nmap) (Version:  - )
NordVPN (HKLM-x32\...\{8774AF38-DC53-4872-908D-FE4B92E8EE67}) (Version: 6.11.14 - NordVPN) Hidden
NordVPN (HKLM-x32\...\NordVPN 6.11.14) (Version: 6.11.14 - NordVPN)
NVIDIA 3D Vision Controller Driver 390.41 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 390.41 - NVIDIA Corporation)
NVIDIA 3D Vision Driver 390.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 390.65 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.1.2.31 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.1.2.31 - NVIDIA Corporation)
NVIDIA Graphics Driver 390.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 390.65 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.36.6 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.36.6 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.17.0524 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0524 - NVIDIA Corporation)
NvNodejs (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvNodejs) (Version: 3.1.2.31 - NVIDIA Corporation) Hidden
NvTelemetry (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvTelemetry) (Version: 1.2.0.0 - NVIDIA Corporation) Hidden
Online Plug-in (HKLM-x32\...\{234AB115-C6C4-4ACB-A029-8845120E4F37}) (Version: 13.3.0.55 - Citrix Systems, Inc.) Hidden
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
PartyPoker.net (HKLM-x32\...\PartyPokerNet) (Version: 145 - PartyGaming.Net)
PDF Settings CS4 (HKLM-x32\...\{35D94F92-1D3A-43C5-8605-EA268B1A7BD9}) (Version: 9.0 - Adobe Systems Incorporated) Hidden
PDFTOEXCEL (HKLM-x32\...\{ECCE5126-9A87-48CC-A2FA-A3D8483AE86B}_is1) (Version:  - Blue Label Soft)
Photobucket Backup (HKLM-x32\...\{06BA6321-B6FC-4A36-8571-B642404D22B6}) (Version: 1.0.5.2168 - Photobucket)
PhotoME (HKLM-x32\...\PhotoME_is1) (Version: 0.79R17 - Jens Duttke)
Photoshop Camera Raw (HKLM-x32\...\{CC75AB5C-2110-4A7F-AF52-708680D22FE8}) (Version: 5.0 - Adobe Systems Incorporated) Hidden
Photoshop Camera Raw_x64 (HKLM\...\{2D74E972-5A85-44DC-9193-8A302BA8C181}) (Version: 5.0 - Adobe Systems Incorporated) Hidden
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
PIXELA AAC LC CODEC (HKLM-x32\...\PIXELA AAC LC CODEC) (Version: 1.1.0.1 - Canon Inc.)
PL-2303 USB-to-Serial (HKLM-x32\...\{ECC3713C-08A4-40E3-95F1-7D0704F1CE5E}) (Version:  - )
Plex Media Server (HKLM-x32\...\{4083e0fa-f188-4146-a257-61608ff30764}) (Version: 0.9.1606 - Plex, Inc.)
Plex Media Server (HKLM-x32\...\{D25B8260-DE45-48FB-8858-29E665EFA8B4}) (Version: 0.9.1606 - Plex, Inc.) Hidden
PokerStars (HKLM-x32\...\PokerStars) (Version:  - PokerStars)
PokerStars.net (HKLM-x32\...\PokerStars.net) (Version:  - PokerStars.net)
PowerDirector (HKLM\...\{2599B6F1-92AC-472C-BE60-9F17565E4938}) (Version: 11.0 - CyberLink Corp.) Hidden
PROSPECTOR® Sales Tool version 33.20(5c) (HKLM-x32\...\{7EF8D0AA-48F9-4B19-A2E5-1090C8FDB7AE}_is1) (Version: 33.20(5c) - PACCAR, Inc.)
Punch! Architectural Series 19.0 (HKLM-x32\...\{DBEE0653-BA95-456C-99A3-978C3E994B84}) (Version: 19.0.0 - Encore, Inc. A Wynit Company)
Python 2.7.5 (64-bit) (HKLM\...\{DBDD570E-0952-475f-9453-AB88F3DD565a}) (Version: 2.7.5150 - Python Software Foundation)
Quick Cribbage 3.5 (remove only) (HKLM-x32\...\Quick Cribbage 3.5) (Version:  - )
QuickTax 2009 (HKLM-x32\...\{ECB9C58E-C565-4683-9599-B72290BD3B25}) (Version: 1.00.0000 - Intuit Canada)
QuickTime (HKLM-x32\...\{AF0CE7C0-A3E4-4D73-988B-B29187EC6E9A}) (Version: 7.73.80.64 - Apple Inc.)
RAR Password Unlocker 4.2.0.0 (HKLM-x32\...\{B789FA51-6A71-408F-92DE-EDE4A517B8F9}_is1) (Version:  - Password Unlocker Studio)
RayTech RNS (HKLM-x32\...\{02C3C410-BA41-4F43-84AC-2B6EADDC8805}) (Version: 6.00.000 - Raymarine)
ReadySHARE Vault (HKLM-x32\...\ReadySHARE Vault) (Version: 3.0 - Genie9)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5874 - Realtek Semiconductor Corp.)
RegiStax 6 (HKCU\...\RegiStax 6) (Version:  - )
RegiStax 6.1.0.8 update (HKCU\...\RegiStax 6.1.0.8 update) (Version:  - )
Remote Control USB Driver (HKLM-x32\...\{8471021C-F529-43DE-84DF-3612E10F58C4}) (Version: 2.3.2.317 - )
RivaTuner Statistics Server 6.5.0 (HKLM-x32\...\RTSS) (Version: 6.5.0 - Unwinder)
Roll (HKLM-x32\...\RollerCoaster Tycoon Setup) (Version:  - )
Samsung AllShare (HKLM-x32\...\{DF47ACA3-7C78-4C08-8007-AC682563C9F1}) (Version: 2.1.0.12031_10 - Samsung Electronics Co., Ltd.) Hidden
Samsung AllShare (HKLM-x32\...\InstallShield_{DF47ACA3-7C78-4C08-8007-AC682563C9F1}) (Version: 2.1.0.12031_10 - Samsung Electronics Co., Ltd.)
Samsung Kies (HKLM-x32\...\{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.5.3.13043_14 - Samsung Electronics Co., Ltd.) Hidden
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.5.3.13043_14 - Samsung Electronics Co., Ltd.)
Samsung Kies3 (HKLM-x32\...\{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.15072.2 - Samsung Electronics Co., Ltd.) Hidden
Samsung Kies3 (HKLM-x32\...\InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.15072.2 - Samsung Electronics Co., Ltd.)
Samsung Story Album Viewer (HKLM-x32\...\{698BBAD8-B116-495D-B879-0F07A533E57F}) (Version: 1.0.0.13052_1 - Samsung Electronics Co., Ltd.) Hidden
Samsung Story Album Viewer (HKLM-x32\...\InstallShield_{698BBAD8-B116-495D-B879-0F07A533E57F}) (Version: 1.0.0.13052_1 - Samsung Electronics Co., Ltd.)
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.63.0 - Samsung Electronics Co., Ltd.)
Self-service Plug-in (HKLM-x32\...\{0A561DC3-36F0-4EBA-961D-531F82D053C9}) (Version: 3.3.0.27839 - Citrix Systems, Inc.) Hidden
Service Pack 2 for SQL Server 2008 R2 (KB2630458) (HKLM-x32\...\KB2630458) (Version: 10.52.4000.0 - Microsoft Corporation)
SHIELD Streaming (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv) (Version: 7.1.0340 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShieldWirelessController) (Version: 3.1.2.31 - NVIDIA Corporation) Hidden
Silicon Laboratories CP210x USB to UART Bridge (Driver Removal) (HKLM-x32\...\SLABCOMM&10C4&EA60) (Version:  - Silicon Laboratories)
SketchUp 5 (HKLM-x32\...\{B357C4B4-9024-4B64-9B3F-A6729031C3DD}) (Version: 5 - )
SketchUp 8 (HKLM-x32\...\{779D8CA1-03DD-4AD4-B21F-3E20BFE7BEDE}) (Version: 3.0.15158 - Trimble Navigation Limited)
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
Smart Switch (HKLM-x32\...\{74FA5314-85C8-4E2A-907D-D9ECCCB770A7}) (Version: 4.1.17054.16 - Samsung Electronics Co., Ltd.) Hidden
Smart Switch (HKLM-x32\...\InstallShield_{74FA5314-85C8-4E2A-907D-D9ECCCB770A7}) (Version: 4.1.17054.16 - Samsung Electronics Co., Ltd.)
SmartGPS Eco (HKLM-x32\...\{F0DF2A34-80D0-477C-8718-7E665341FA55}) (Version: 3.0.0.00 - MiTAC Digital Corp.)
SmartSound Quicktracks 5 (HKLM-x32\...\{2F8BA3FD-1FA9-4279-B696-712ABB12F09F}) (Version: 5.1.8 - SmartSound Software Inc.) Hidden
SmartSound Quicktracks 5 (HKLM-x32\...\InstallShield_{2F8BA3FD-1FA9-4279-B696-712ABB12F09F}) (Version: 5.1.8 - SmartSound Software Inc.)
SmartSound Quicktracks Plugin (HKLM-x32\...\{4A7FDA4D-F4D7-4A49-934A-066D59A43C7E}) (Version: 3.0.2.7 - SmartSound Software Inc) Hidden
SmartSound Quicktracks Plugin (HKLM-x32\...\InstallShield_{4A7FDA4D-F4D7-4A49-934A-066D59A43C7E}) (Version: 3.0.2.7 - SmartSound Software Inc)
Solve Elec 2.5 (HKLM-x32\...\Solve Elec_is1) (Version:  - )
Spiceworks (HKLM-x32\...\Spiceworks) (Version: 6.2.00919 - Spiceworks, Inc.)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.)
SQL Server 2008 R2 SP2 Common Files (HKLM-x32\...\{CACEA8C8-3D38-4F51-953D-1E6FC3346FEF}) (Version: 10.52.4000.0 - Microsoft Corporation) Hidden
SQL Server 2008 R2 SP2 Common Files (HKLM-x32\...\{FC835376-FF3B-4CAA-83E0-2148B3FB7C98}) (Version: 10.52.4000.0 - Microsoft Corporation) Hidden
SQL Server 2008 R2 SP2 Database Engine Services (HKLM-x32\...\{58721EC3-8D4E-4B79-BC51-1054E2DDCD10}) (Version: 10.52.4000.0 - Microsoft Corporation) Hidden
SQL Server 2008 R2 SP2 Database Engine Services (HKLM-x32\...\{B5153233-9AEE-4CD4-9D2C-4FAAC870DBE2}) (Version: 10.52.4000.0 - Microsoft Corporation) Hidden
SQL Server 2008 R2 SP2 Database Engine Shared (HKLM-x32\...\{4C9D82EB-9001-4E59-8F64-0BEEE5F4A30A}) (Version: 10.52.4000.0 - Microsoft Corporation) Hidden
SQL Server 2008 R2 SP2 Database Engine Shared (HKLM-x32\...\{F021CC0C-21C3-4038-AA4A-6E3CBC669CE8}) (Version: 10.52.4000.0 - Microsoft Corporation) Hidden
Sql Server Customer Experience Improvement Program (HKLM-x32\...\{93998800-1608-403F-9A51-420A77D23C25}) (Version: 10.50.1600.1 - Microsoft Corporation) Hidden
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Suite Shared Configuration CS4 (HKLM-x32\...\{842B4B72-9E8F-4962-B3C1-1C422A5C4434}) (Version: 1.0 - Adobe Systems Incorporated) Hidden
swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
SyncDroid version 1.2.5 (HKLM-x32\...\{BE7E35A4-59E5-412B-9B18-57B4938B8C0B}_is1) (Version: 1.2.5 - JunTu Software, Inc.)
Syncios Data Transfer 1.5.6 (HKLM-x32\...\{6C4BB520-3416-4D67-B7EA-A9FF6662345F}_is1) (Version: 1.5.6 - Anvsoft, Inc.)
TAP-NordVPN 9.21.2 (HKLM\...\TAP-NordVPN) (Version: 9.21.2 - NordVPN.com)
Tesseract-OCR 3.01 - open source OCR engine (HKCU\...\Tesseract-OCR) (Version:  - )
TomTom HOME Visual Studio Merge Modules (HKLM-x32\...\{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}) (Version: 1.0.2 - TomTom International B.V.)
TurboTax 2010 (HKLM-x32\...\{24AE6B5B-3D5A-488C-9224-1BEE11F75DD9}) (Version: 1.00.0000 - Intuit Canada)
TurboTax 2011 (HKLM-x32\...\{12CAA28E-56CA-4C3D-B3F2-7311540DD410}) (Version: 1.00.0000 - Intuit Canada)
TurboTax 2012 (HKLM-x32\...\{726DDC29-79B3-41B4-BDBF-97DF25BF1EA8}) (Version: 1.00.0000 - Intuit Canada)
Unity Web Player (HKCU\...\UnityWebPlayer) (Version:  - Unity Technologies ApS)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0051-0000-0000-0000000FF1CE}_VISPRO_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
UPSMON Plus for Windows (HKLM-x32\...\UPSMON Plus for Windows_is1) (Version:  - )
VideoPad Video Editor (HKLM-x32\...\VideoPad) (Version: 4.58 - NCH Software)
VideoStudio (HKLM-x32\...\{F0FDF9C9-1DDC-401F-B638-36F1CAE8A875}) (Version: 12.0.0.0000 - Corel Corporation) Hidden
Visual C++ 8.0 Runtime Setup Package (x64) (HKLM-x32\...\{2FDBBCEA-62DB-45F4-B6E5-0E1FB2A1F29D}) (Version: 9.0.0.623 - AVG Technologies CZ, s.r.o.)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.4 - VideoLAN)
VMware View Client (HKLM\...\{D5A1DA10-4A73-49A3-9C8A-C8CE9797DBBE}) (Version: 5.0.0.481677 - VMware, Inc.)
Vulkan Run Time Libraries 1.0.65.0 (HKLM\...\VulkanRT1.0.65.0) (Version: 1.0.65.0 - LunarG, Inc.) Hidden
WebM Project Directshow Filters (HKCU\...\webmdshow) (Version: 1.0.4.1 - WebM Project)
Welcome Center (HKLM-x32\...\Gateway Welcome Center) (Version: 1.00.3004 - Gateway Incorporated)
WIDCOMM Bluetooth Software (HKLM\...\{A1439D4F-FD46-47F2-A1D3-FEE097C29A09}) (Version: 6.5.1.2700 - Broadcom Corporation)
WinCDEmu (HKLM-x32\...\WinCDEmu) (Version: 3.6 - Bazis)
Windows 7 USB/DVD Download Tool (HKLM-x32\...\{CCF298AF-9CE1-4B26-B251-486E98A34789}) (Version: 1.0.30 - Microsoft Corporation)
Windows Driver Package - Active Mind Technology, Inc. CDM Driver Package - Bus/D2XX Driver (07/12/2013 2.08.30) (HKLM\...\E91002B840385A60FA24C1EC4DA6C2135D349B06) (Version: 07/12/2013 2.08.30 - Active Mind Technology, Inc.)
Windows Driver Package - Active Mind Technology, Inc. CDM Driver Package - VCP Driver (07/12/2013 2.08.30) (HKLM\...\B70EE4609E28DD33B5E744358133498D3D9737B4) (Version: 07/12/2013 2.08.30 - Active Mind Technology, Inc.)
Windows Driver Package - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.)
Windows Driver Package - Silicon Labs Software (DSI_SiUSBXp_3_1) USB  (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite_Wave3) (Version: 14.0.8064.0206 - Microsoft Corporation)
Windows Live Sign-in Assistant (HKLM-x32\...\{45338B07-A236-4270-9A77-EBB4115517B5}) (Version: 5.000.818.5 - Microsoft Corporation)
Windows Live Sync (HKLM-x32\...\{A1BF9950-8CDB-468E-83FA-EACFB00EA7D5}) (Version: 14.0.8064.206 - Microsoft Corporation)
Windows Live Upload Tool (HKLM-x32\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
Windows Movie Maker 2.6 (HKLM-x32\...\{B3DAF54F-DB25-4586-9EF1-96D24BB14088}) (Version: 2.6.4037.0 - Microsoft Corporation)
Windows Password Key 8.0 demo (HKLM-x32\...\Windows Password Key) (Version: 8.0 demo - PasswordSeeker)
WinPcap 4.1.2-Spiceworks (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2001 - CACE Technologies)
WinRAR archiver (HKLM\...\WinRAR archiver) (Version:  - )
WinX Free DVD Ripper 4.5.12 (HKLM-x32\...\WinX Free DVD Ripper_is1) (Version:  - Digiarty Software,Inc.)
WN111v2 (HKLM-x32\...\{1C0E9C6B-D4D5-4D3C-8A10-F10A3E7BEEA5}) (Version: 3.0.0.5 - NETGEAR) Hidden
Wondershare AllMyTube(Build 3.8.0.4) (HKLM-x32\...\Wondershare AllMyTube_is1) (Version: 3.8.0.4 - Wondershare Software)
Wondershare Dr.Fone for Android(Build 6.4.1.37) (HKLM-x32\...\{1DB91A95-C548-4BA5-9D4C-18C7DEAAC39F}_is1) (Version: 6.4.1.37 - Wondershare Software Co.,Ltd.)
Wondershare MobileGo(Version 8.2.3) (HKLM-x32\...\{1E04C795-7359-4E05-8A0E-5644F777AA09}_is1) (Version: 8.2.3 - Wondershare)
WordBiz 1.8 (HKLM-x32\...\WordBiz_0) (Version:  - )
Xiph.Org Open Codecs 0.85.17777 (HKLM-x32\...\Open Codecs) (Version: 0.85.17777 - Xiph.Org)
XMedia Recode version 3.1.4.1 (HKLM-x32\...\{DDA3C325-47B2-4730-9672-BF3771C08799}_is1) (Version: 3.1.4.1 - XMedia Recode)
YTD Video Downloader 4.8.9 (HKLM-x32\...\{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}) (Version: 4.8.9 - GreenTree Applications SRL)
Zebra Setup Utilities (HKLM-x32\...\{9207A8EC-3B2D-4A4A-8BF7-957FC19BB3DE}) (Version: 1.1.8.986 - Zebra Technologies) Hidden
 
========================= Devices: ================================
 
Name: VMware hcmon
Description: VMware hcmon
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: hcmon
Device ID: ROOT\LEGACY_HCMON\0000
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
 
Name: Standard PS/2 Keyboard
Description: Standard PS/2 Keyboard
Class Guid: {4d36e96b-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard keyboards)
Service: i8042prt
Device ID: ACPI\PNP0303\4&2A700557&0
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
 
Name: VMware Virtual Ethernet Adapter for VMnet1
Description: VMware Virtual Ethernet Adapter for VMnet1
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: VMware, Inc.
Service: VMnetAdapter
Device ID: ROOT\VMWARE\0000
Problem: : Windows cannot load the device driver for this hardware. The driver may be corrupted or missing. (Code 39)
Resolution: Reasons for this error include a driver that is not present; a binary file that is corrupt; a file I/O problem, or a driver that references an entry point in another binary file that could not be loaded.
Uninstall the driver, and then click "Scan for hardware changes" to reinstall or upgrade the driver.
 
Name: VMware Virtual Ethernet Adapter for VMnet8
Description: VMware Virtual Ethernet Adapter for VMnet8
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: VMware, Inc.
Service: VMnetAdapter
Device ID: ROOT\VMWARE\0001
Problem: : Windows cannot load the device driver for this hardware. The driver may be corrupted or missing. (Code 39)
Resolution: Reasons for this error include a driver that is not present; a binary file that is corrupt; a file I/O problem, or a driver that references an entry point in another binary file that could not be loaded.
Uninstall the driver, and then click "Scan for hardware changes" to reinstall or upgrade the driver.
 
Name: VMware Bridge Protocol
Description: VMware Bridge Protocol
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: VMnetBridge
Device ID: ROOT\LEGACY_VMNETBRIDGE\0000
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
 
Name: VMware Virtual Ethernet Userif for VMnet
Description: VMware Virtual Ethernet Userif for VMnet
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: VMnetUserif
Device ID: ROOT\LEGACY_VMNETUSERIF\0000
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
 
Name: Microsoft PS/2 Mouse
Description: Microsoft PS/2 Mouse
Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: i8042prt
Device ID: ACPI\PNP0F03\4&2A700557&0
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
 
Name: VMware vmx86
Description: VMware vmx86
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: vmx86
Device ID: ROOT\LEGACY_VMX86\0000
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
 
 
========================= Memory info: ===================================
 
Percentage of memory in use: 76%
Total physical RAM: 6143.3 MB
Available physical RAM: 1473.77 MB
Total Virtual: 12284.78 MB
Available Virtual: 6727.53 MB
 
========================= Partitions: =====================================
 
1 Drive c: (OEM640GB) (Fixed) (Total:581.07 GB) (Free:123.76 GB) NTFS
2 Drive d: (WD250GB) (Fixed) (Total:232.88 GB) (Free:122.76 GB) NTFS
3 Drive e: (WD1TB1) (Fixed) (Total:931.51 GB) (Free:218.68 GB) NTFS
11 Drive m: () (Removable) (Total:28.96 GB) (Free:1.13 GB) FAT32
 
========================= Users: ========================================
 
User accounts for \\GATEWAY
 
Administrator            Guest                    Mcx1-GATEWAY             
Randy                    
 
========================= Restore Points ==================================
 
10-03-2018 17:16:40 Checkpoint by HitmanPro
11-03-2018 19:37:03 Windows Update
 
**** End of log ****
 
 
Malware Bytes, Malware Bytes Anti-Rootkit and Rkill in next post---->


#11 WTP07

WTP07
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:04:23 AM

Posted 12 March 2018 - 07:21 PM

Malware Bytes Log:

 

Malwarebytes

www.malwarebytes.com

 

-Log Details-

Scan Date: 3/12/18

Scan Time: 7:13 PM

Log File: fa63f84e-264a-11e8-badb-00ff89a5bab2.json

Administrator: Yes

 

-Software Information-

Version: 3.4.4.2398

Components Version: 1.0.322

Update Package Version: 1.0.4322

License: Trial

 

-System Information-

OS: Windows 7 Service Pack 1

CPU: x64

File System: NTFS

User: Gateway\Randy

 

-Scan Summary-

Scan Type: Threat Scan

Result: Completed

Objects Scanned: 437363

Threats Detected: 8

Threats Quarantined: 8

Time Elapsed: 1 hr, 3 min, 23 sec

 

-Scan Options-

Memory: Enabled

Startup: Enabled

Filesystem: Enabled

Archives: Enabled

Rootkits: Disabled

Heuristics: Enabled

PUP: Detect

PUM: Detect

 

-Scan Details-

Process: 0

(No malicious items detected)

 

Module: 0

(No malicious items detected)

 

Registry Key: 2

PUP.Optional.Plumbytes, HKLM\SOFTWARE\MICROSOFT\TRACING\Plumbytes_RASAPI32, Delete-on-Reboot, [7658], [396951],1.0.4322

PUP.Optional.Plumbytes, HKLM\SOFTWARE\MICROSOFT\TRACING\Plumbytes_RASMANCS, Delete-on-Reboot, [7658], [396951],1.0.4322

 

Registry Value: 0

(No malicious items detected)

 

Registry Data: 0

(No malicious items detected)

 

Data Stream: 0

(No malicious items detected)

 

Folder: 1

PUP.Optional.ThreatSupport, C:\USERS\RANDY\APPDATA\LOCAL\{12A8CCFE-3C33-4995-BAD8-074E4C5B22FD}, Delete-on-Reboot, [1876], [343538],1.0.4322

 

File: 5

PUP.Optional.ThreatSupport, C:\USERS\RANDY\APPDATA\LOCAL\{12A8CCFE-3C33-4995-BAD8-074E4C5B22FD}\SCANLOGS.XML, Delete-on-Reboot, [1876], [343538],1.0.4322

PUP.Optional.ThreatSupport, C:\Users\Randy\AppData\Local\{12A8CCFE-3C33-4995-BAD8-074E4C5B22FD}\ad.png, Delete-on-Reboot, [1876], [343538],1.0.4322

PUP.Optional.ThreatSupport, C:\Users\Randy\AppData\Local\{12A8CCFE-3C33-4995-BAD8-074E4C5B22FD}\AdHistory.xml, Delete-on-Reboot, [1876], [343538],1.0.4322

PUP.Optional.Plumbytes, C:\USERS\RANDY\APPDATA\LOCAL\TEMP\PAI146A.TMP, Delete-on-Reboot, [7658], [123575],1.0.4322

PUP.Optional.Plumbytes, C:\USERS\RANDY\DOWNLOADS\ANTIMALWARESETUP.EXE, Delete-on-Reboot, [7658], [123575],1.0.4322

 

Physical Sector: 0

(No malicious items detected)

 

 

(end)



#12 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,679 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:01:23 AM

Posted 12 March 2018 - 11:01 PM

Go on...

My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 


#13 WTP07

WTP07
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:04:23 AM

Posted 12 March 2018 - 11:51 PM

MBAR System Log:

 

---------------------------------------

Malwarebytes Anti-Rootkit BETA 1.10.3.1001

 

© Malwarebytes Corporation 2011-2012

 

OS version: 6.1.7601 Windows 7 Service Pack 1 x64

 

Account is Administrative

 

Internet Explorer version: 11.0.9600.18920

 

File system is: NTFS

Disk drives: C:\ DRIVE_FIXED, D:\ DRIVE_FIXED, E:\ DRIVE_FIXED

CPU speed: 2.792000 GHz

Memory total: 6441721856, free: 2399633408

 

Downloaded database version: v2018.03.12.08

Downloaded database version: v2018.03.08.03

Downloaded database version: v2018.01.20.01

=======================================

Initializing...

Driver version: 4.3.0.15

------------ Kernel report ------------

     03/12/2018 20:35:14

------------ Loaded modules -----------

\SystemRoot\system32\ntoskrnl.exe

\SystemRoot\system32\hal.dll

\SystemRoot\system32\kdcom.dll

\SystemRoot\system32\mcupdate_AuthenticAMD.dll

\SystemRoot\system32\PSHED.dll

\SystemRoot\system32\CLFS.SYS

\SystemRoot\system32\CI.dll

\SystemRoot\system32\drivers\Wdf01000.sys

\SystemRoot\system32\drivers\WDFLDR.SYS

\SystemRoot\system32\drivers\ACPI.sys

\SystemRoot\system32\drivers\WMILIB.SYS

\SystemRoot\system32\drivers\msisadrv.sys

\SystemRoot\system32\drivers\pci.sys

\SystemRoot\system32\drivers\vdrvroot.sys

\SystemRoot\System32\drivers\partmgr.sys

\SystemRoot\system32\DRIVERS\compbatt.sys

\SystemRoot\system32\DRIVERS\BATTC.SYS

\SystemRoot\system32\drivers\volmgr.sys

\SystemRoot\System32\drivers\volmgrx.sys

\SystemRoot\system32\drivers\pciide.sys

\SystemRoot\system32\drivers\PCIIDEX.SYS

\SystemRoot\system32\DRIVERS\vsock.sys

\SystemRoot\System32\drivers\mountmgr.sys

\SystemRoot\system32\drivers\atapi.sys

\SystemRoot\system32\drivers\ataport.SYS

\SystemRoot\system32\drivers\amdxata.sys

\SystemRoot\system32\drivers\fltmgr.sys

\SystemRoot\system32\drivers\fileinfo.sys

\SystemRoot\system32\DRIVERS\file_tracker.sys

\SystemRoot\system32\DRIVERS\MpFilter.sys

\SystemRoot\system32\DRIVERS\fltsrv.sys

\SystemRoot\system32\DRIVERS\tib.sys

\SystemRoot\System32\Drivers\Ntfs.sys

\SystemRoot\System32\Drivers\msrpc.sys

\SystemRoot\System32\Drivers\ksecdd.sys

\SystemRoot\System32\Drivers\cng.sys

\SystemRoot\System32\drivers\pcw.sys

\SystemRoot\System32\Drivers\Fs_Rec.sys

\SystemRoot\system32\drivers\ndis.sys

\SystemRoot\system32\drivers\NETIO.SYS

\SystemRoot\System32\Drivers\ksecpkg.sys

\SystemRoot\System32\drivers\tcpip.sys

\SystemRoot\System32\drivers\fwpkclnt.sys

\SystemRoot\system32\drivers\volsnap.sys

\SystemRoot\System32\Drivers\spldr.sys

\SystemRoot\system32\DRIVERS\snapman.sys

\SystemRoot\System32\drivers\rdyboost.sys

\SystemRoot\System32\Drivers\mup.sys

\SystemRoot\System32\Drivers\mbamswissarmy.sys

\SystemRoot\System32\Drivers\CLASSPNP.SYS

\SystemRoot\System32\drivers\hwpolicy.sys

\SystemRoot\System32\DRIVERS\fvevol.sys

\SystemRoot\system32\drivers\disk.sys

\SystemRoot\system32\DRIVERS\AtiPcie.sys

\SystemRoot\system32\drivers\cdrom.sys

\SystemRoot\System32\Drivers\Null.SYS

\SystemRoot\System32\Drivers\Beep.SYS

\SystemRoot\system32\DRIVERS\vmkbd.sys

\SystemRoot\System32\drivers\vga.sys

\SystemRoot\System32\drivers\VIDEOPRT.SYS

\SystemRoot\System32\drivers\watchdog.sys

\SystemRoot\System32\DRIVERS\RDPCDD.sys

\SystemRoot\system32\drivers\rdpencdd.sys

\SystemRoot\system32\drivers\rdprefmp.sys

\SystemRoot\System32\Drivers\Msfs.SYS

\SystemRoot\System32\Drivers\Npfs.SYS

\SystemRoot\system32\DRIVERS\tdx.sys

\SystemRoot\system32\DRIVERS\TDI.SYS

\SystemRoot\System32\DRIVERS\netbt.sys

\SystemRoot\system32\drivers\afd.sys

\SystemRoot\system32\DRIVERS\wfplwf.sys

\SystemRoot\system32\DRIVERS\pacer.sys

\SystemRoot\system32\DRIVERS\vwififlt.sys

\SystemRoot\system32\DRIVERS\anodlwfx.sys

\SystemRoot\system32\DRIVERS\jswpslwfx.sys

\SystemRoot\system32\DRIVERS\netbios.sys

\SystemRoot\system32\DRIVERS\wanarp.sys

\SystemRoot\system32\drivers\termdd.sys

\SystemRoot\system32\DRIVERS\rdbss.sys

\SystemRoot\system32\drivers\nsiproxy.sys

\SystemRoot\system32\drivers\mssmbios.sys

\??\C:\Windows\system32\drivers\mbae64.sys

\SystemRoot\System32\drivers\discache.sys

\SystemRoot\System32\Drivers\dfsc.sys

\SystemRoot\system32\DRIVERS\ctxusbm.sys

\SystemRoot\system32\DRIVERS\blbdrive.sys

\SystemRoot\system32\DRIVERS\tunnel.sys

\SystemRoot\system32\DRIVERS\amdppm.sys

\SystemRoot\system32\DRIVERS\nvlddmkm.sys

\SystemRoot\System32\drivers\dxgkrnl.sys

\SystemRoot\System32\drivers\dxgmms1.sys

\SystemRoot\system32\DRIVERS\HDAudBus.sys

\SystemRoot\system32\DRIVERS\yk62x64.sys

\SystemRoot\system32\drivers\1394ohci.sys

\??\C:\Windows\system32\drivers\UBHelper.sys

\??\C:\Windows\system32\drivers\NTIDrvr.sys

\SystemRoot\system32\DRIVERS\GEARAspiWDM.sys

\SystemRoot\system32\drivers\usbohci.sys

\SystemRoot\system32\drivers\USBPORT.SYS

\SystemRoot\system32\drivers\usbehci.sys

\SystemRoot\system32\drivers\kbdclass.sys

\SystemRoot\system32\DRIVERS\mouclass.sys

\SystemRoot\system32\drivers\wmiacpi.sys

\SystemRoot\system32\drivers\CompositeBus.sys

\SystemRoot\system32\drivers\anvsnddrv.sys

\SystemRoot\system32\drivers\portcls.sys

\SystemRoot\system32\drivers\drmk.sys

\SystemRoot\system32\drivers\ks.sys

\SystemRoot\system32\drivers\ksthunk.sys

\SystemRoot\system32\DRIVERS\AgileVpn.sys

\SystemRoot\system32\DRIVERS\rasl2tp.sys

\SystemRoot\system32\DRIVERS\ndistapi.sys

\SystemRoot\system32\DRIVERS\ndiswan.sys

\SystemRoot\system32\DRIVERS\raspppoe.sys

\SystemRoot\system32\DRIVERS\raspptp.sys

\SystemRoot\system32\DRIVERS\rassstp.sys

\SystemRoot\system32\DRIVERS\tapnordvpn.sys

\SystemRoot\system32\DRIVERS\tap0901.sys

\SystemRoot\system32\DRIVERS\mcdbus.sys

\SystemRoot\system32\DRIVERS\SCSIPORT.SYS

\SystemRoot\system32\DRIVERS\BazisVirtualCDBus.sys

\SystemRoot\system32\DRIVERS\psadd.sys

\SystemRoot\system32\DRIVERS\cbfs3.sys

\SystemRoot\system32\drivers\swenum.sys

\SystemRoot\system32\DRIVERS\umbus.sys

\SystemRoot\system32\drivers\nvvad64v.sys

\SystemRoot\system32\DRIVERS\nvvhci.sys

\SystemRoot\system32\drivers\usbhub.sys

\SystemRoot\System32\Drivers\NDProxy.SYS

\SystemRoot\system32\drivers\nvhda64v.sys

\SystemRoot\system32\drivers\RTKVHD64.sys

\SystemRoot\System32\Drivers\crashdmp.sys

\SystemRoot\System32\Drivers\dump_dumpata.sys

\SystemRoot\System32\Drivers\dump_atapi.sys

\SystemRoot\System32\Drivers\dump_dumpfve.sys

\SystemRoot\System32\Drivers\LUsbFilt.Sys

\SystemRoot\system32\drivers\hidusb.sys

\SystemRoot\system32\drivers\HIDCLASS.SYS

\SystemRoot\system32\drivers\HIDPARSE.SYS

\SystemRoot\system32\drivers\USBD.SYS

\SystemRoot\system32\DRIVERS\LHidFilt.Sys

\SystemRoot\system32\DRIVERS\mouhid.sys

\SystemRoot\system32\DRIVERS\LMouFilt.Sys

\SystemRoot\system32\drivers\usbccgp.sys

\SystemRoot\system32\DRIVERS\usbscan.sys

\SystemRoot\system32\DRIVERS\usbprint.sys

\SystemRoot\system32\DRIVERS\USBSTOR.SYS

\SystemRoot\System32\win32k.sys

\SystemRoot\System32\drivers\Dxapi.sys

\SystemRoot\system32\DRIVERS\AE1200w764.sys

\SystemRoot\system32\DRIVERS\vwifibus.sys

\SystemRoot\system32\DRIVERS\LEqdUsb.Sys

\SystemRoot\system32\drivers\kbdhid.sys

\SystemRoot\system32\DRIVERS\LHidEqd.Sys

\SystemRoot\system32\DRIVERS\monitor.sys

\SystemRoot\System32\TSDDD.dll

\SystemRoot\System32\cdd.dll

\SystemRoot\System32\ATMFD.DLL

\SystemRoot\system32\drivers\luafv.sys

\SystemRoot\System32\Drivers\MbamChameleon.sys

\SystemRoot\system32\DRIVERS\virtual_file.sys

\SystemRoot\system32\DRIVERS\lltdio.sys

\SystemRoot\system32\DRIVERS\nwifi.sys

\SystemRoot\system32\DRIVERS\ndisuio.sys

\SystemRoot\system32\DRIVERS\rspndr.sys

\SystemRoot\system32\drivers\HTTP.sys

\SystemRoot\System32\Drivers\fastfat.SYS

\SystemRoot\system32\DRIVERS\bowser.sys

\SystemRoot\System32\drivers\mpsdrv.sys

\SystemRoot\system32\DRIVERS\mrxsmb.sys

\SystemRoot\system32\DRIVERS\mrxsmb10.sys

\SystemRoot\system32\DRIVERS\mrxsmb20.sys

\SystemRoot\system32\DRIVERS\vwifimp.sys

\SystemRoot\System32\Drivers\adfs.SYS

\SystemRoot\system32\drivers\npf.sys

\SystemRoot\system32\drivers\peauth.sys

\SystemRoot\System32\DRIVERS\srvnet.sys

\SystemRoot\System32\drivers\tcpipreg.sys

\SystemRoot\system32\DRIVERS\tib_mounter.sys

\SystemRoot\system32\drivers\tdtcp.sys

\SystemRoot\System32\DRIVERS\tssecsrv.sys

\SystemRoot\System32\Drivers\RDPWD.SYS

\SystemRoot\System32\DRIVERS\srv2.sys

\SystemRoot\System32\DRIVERS\srv.sys

\SystemRoot\system32\DRIVERS\NisDrvWFP.sys

\??\C:\Windows\system32\drivers\hitmanpro37.sys

\SystemRoot\system32\drivers\WudfPf.sys

\SystemRoot\system32\DRIVERS\WUDFRd.sys

\??\C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{70D41132-AE85-478E-A364-B626074B3DA0}\MpKslb9dcf84e.sys

\SystemRoot\system32\DRIVERS\mwac.sys

\SystemRoot\system32\DRIVERS\farflt.sys

\SystemRoot\system32\drivers\spsys.sys

\??\C:\Windows\system32\drivers\3246F653.sys

\Windows\System32\ntdll.dll

\Windows\System32\smss.exe

\Windows\System32\apisetschema.dll

\Windows\System32\autochk.exe

\Windows\System32\rpcrt4.dll

\Windows\System32\iertutil.dll

\Windows\System32\Wldap32.dll

\Windows\System32\msvcrt.dll

\Windows\System32\nsi.dll

\Windows\System32\imm32.dll

\Windows\System32\setupapi.dll

\Windows\System32\kernel32.dll

\Windows\System32\msctf.dll

\Windows\System32\wininet.dll

\Windows\System32\advapi32.dll

\Windows\System32\sechost.dll

\Windows\System32\oleaut32.dll

\Windows\System32\urlmon.dll

\Windows\System32\comdlg32.dll

\Windows\System32\ws2_32.dll

\Windows\System32\shell32.dll

\Windows\System32\usp10.dll

\Windows\System32\lpk.dll

\Windows\System32\difxapi.dll

\Windows\System32\imagehlp.dll

\Windows\System32\psapi.dll

\Windows\System32\ole32.dll

\Windows\System32\shlwapi.dll

\Windows\System32\user32.dll

\Windows\System32\gdi32.dll

\Windows\System32\clbcatq.dll

\Windows\System32\normaliz.dll

\Windows\System32\comctl32.dll

\Windows\System32\crypt32.dll

\Windows\System32\KernelBase.dll

\Windows\System32\wintrust.dll

\Windows\System32\cfgmgr32.dll

\Windows\System32\api-ms-win-downlevel-version-l1-1-0.dll

\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll

\Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll

\Windows\System32\devobj.dll

\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll

\Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll

\Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll

\Windows\System32\userenv.dll

\Windows\System32\msasn1.dll

\Windows\System32\profapi.dll

----------- End -----------

Done!

 

Scan started

Database versions:

  main:    v2018.03.12.08

  rootkit: v2018.03.08.03

 

<<<2>>>

Physical Sector Size: 512

Drive: 0, DevicePointer: 0xfffffa8006720060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\

--------- Disk Stack ------

DevicePointer: 0xfffffa8006720b90, DeviceName: Unknown, DriverName: \Driver\partmgr\

DevicePointer: 0xfffffa8006720060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\

DevicePointer: 0xfffffa800659d9b0, DeviceName: Unknown, DriverName: \Driver\ACPI\

DevicePointer: 0xfffffa800661c060, DeviceName: \Device\Ide\IdeDeviceP0T0L0-0\, DriverName: \Driver\atapi\

------------ End ----------

Alternate DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\

Upper DeviceData: 0x0, 0x0, 0x0

Lower DeviceData: 0x0, 0x0, 0x0

<<<3>>>

Volume: C:

File system type: NTFS

SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes

<<<2>>>

<<<3>>>

Volume: C:

File system type: NTFS

SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes

Scanning drivers directory: C:\WINDOWS\SYSTEM32\drivers...

Done!

Drive 0

This is a System drive

Scanning MBR on drive 0...

Inspecting partition table:

MBR Signature: 55AA

Disk Signature: B16ACF28

 

Partition information:

 

    Partition 0 type is Other (0x27)

    Partition is NOT ACTIVE.

    Partition starts at LBA: 2048  Numsec = 31457280

    Partition is bootable

    Partition file system is NTFS

 

    Partition 1 type is Primary (0x7)

    Partition is ACTIVE.

    Partition starts at LBA: 31459328  Numsec = 204800

    Partition is bootable

    Partition file system is NTFS

 

    Partition 2 type is Primary (0x7)

    Partition is NOT ACTIVE.

    Partition starts at LBA: 31664128  Numsec = 1218596864

    Partition is not bootable

    Partition file system is NTFS

 

    Partition 3 type is Empty (0x0)

    Partition is NOT ACTIVE.

    Partition starts at LBA: 0  Numsec = 0

    Partition is not bootable

 

Disk Size: 640135028736 bytes

Sector size: 512 bytes

 

Done!

Physical Sector Size: 512

Drive: 1, DevicePointer: 0xfffffa8006721060, DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\Disk\

--------- Disk Stack ------

DevicePointer: 0xfffffa8006721b90, DeviceName: Unknown, DriverName: \Driver\partmgr\

DevicePointer: 0xfffffa8006721060, DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\Disk\

DevicePointer: 0xfffffa800659e9b0, DeviceName: Unknown, DriverName: \Driver\ACPI\

DevicePointer: 0xfffffa8006623060, DeviceName: \Device\Ide\IdeDeviceP0T1L0-2\, DriverName: \Driver\atapi\

------------ End ----------

Alternate DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\Disk\

Upper DeviceData: 0x0, 0x0, 0x0

Lower DeviceData: 0x0, 0x0, 0x0

Drive 1

Scanning MBR on drive 1...

Inspecting partition table:

MBR Signature: 55AA

Disk Signature: 2800280

 

Partition information:

 

    Partition 0 type is Primary (0x7)

    Partition is ACTIVE.

    Partition starts at LBA: 63  Numsec = 488392002

    Partition is not bootable

    Partition file system is NTFS

 

    Partition 1 type is Empty (0x0)

    Partition is NOT ACTIVE.

    Partition starts at LBA: 0  Numsec = 0

    Partition is not bootable

 

    Partition 2 type is Empty (0x0)

    Partition is NOT ACTIVE.

    Partition starts at LBA: 0  Numsec = 0

    Partition is not bootable

 

    Partition 3 type is Empty (0x0)

    Partition is NOT ACTIVE.

    Partition starts at LBA: 0  Numsec = 0

    Partition is not bootable

 

Disk Size: 250059350016 bytes

Sector size: 512 bytes

 

Done!

Physical Sector Size: 512

Drive: 2, DevicePointer: 0xfffffa8006722060, DeviceName: \Device\Harddisk2\DR2\, DriverName: \Driver\Disk\

--------- Disk Stack ------

DevicePointer: 0xfffffa8006722b90, DeviceName: Unknown, DriverName: \Driver\partmgr\

DevicePointer: 0xfffffa8006722060, DeviceName: \Device\Harddisk2\DR2\, DriverName: \Driver\Disk\

DevicePointer: 0xfffffa80065999b0, DeviceName: Unknown, DriverName: \Driver\ACPI\

DevicePointer: 0xfffffa8006629060, DeviceName: \Device\Ide\IdeDeviceP1T1L0-4\, DriverName: \Driver\atapi\

------------ End ----------

Alternate DeviceName: \Device\Harddisk2\DR2\, DriverName: \Driver\Disk\

Upper DeviceData: 0x0, 0x0, 0x0

Lower DeviceData: 0x0, 0x0, 0x0

Drive 2

Scanning MBR on drive 2...

Inspecting partition table:

MBR Signature: 55AA

Disk Signature: 4690AEEE

 

Partition information:

 

    Partition 0 type is Primary (0x7)

    Partition is ACTIVE.

    Partition starts at LBA: 63  Numsec = 1953521281

    Partition is bootable

    Partition file system is NTFS

 

    Partition 1 type is Empty (0x0)

    Partition is NOT ACTIVE.

    Partition starts at LBA: 0  Numsec = 0

    Partition is not bootable

 

    Partition 2 type is Empty (0x0)

    Partition is NOT ACTIVE.

    Partition starts at LBA: 0  Numsec = 0

    Partition is not bootable

 

    Partition 3 type is Empty (0x0)

    Partition is NOT ACTIVE.

    Partition starts at LBA: 0  Numsec = 0

    Partition is not bootable

 

Disk Size: 1000204886016 bytes

Sector size: 512 bytes

 

Done!

Physical Sector Size: 0

Drive: 3, DevicePointer: 0xfffffa800bb8b060, DeviceName: \Device\Harddisk3\DR3\, DriverName: \Driver\Disk\

--------- Disk Stack ------

DevicePointer: 0xfffffa800745bb90, DeviceName: Unknown, DriverName: \Driver\partmgr\

DevicePointer: 0xfffffa800bb8b060, DeviceName: \Device\Harddisk3\DR3\, DriverName: \Driver\Disk\

DevicePointer: 0xfffffa8007461b60, DeviceName: \Device\000000ac\, DriverName: \Driver\USBSTOR\

------------ End ----------

Physical Sector Size: 0

Drive: 4, DevicePointer: 0xfffffa800c639790, DeviceName: \Device\Harddisk4\DR4\, DriverName: \Driver\Disk\

--------- Disk Stack ------

DevicePointer: 0xfffffa800c62db90, DeviceName: Unknown, DriverName: \Driver\partmgr\

DevicePointer: 0xfffffa800c639790, DeviceName: \Device\Harddisk4\DR4\, DriverName: \Driver\Disk\

DevicePointer: 0xfffffa800c4a4b60, DeviceName: \Device\000000c7\, DriverName: \Driver\USBSTOR\

------------ End ----------

Physical Sector Size: 0

Drive: 5, DevicePointer: 0xfffffa800c637060, DeviceName: \Device\Harddisk5\DR5\, DriverName: \Driver\Disk\

--------- Disk Stack ------

DevicePointer: 0xfffffa800c639040, DeviceName: Unknown, DriverName: \Driver\partmgr\

DevicePointer: 0xfffffa800c637060, DeviceName: \Device\Harddisk5\DR5\, DriverName: \Driver\Disk\

DevicePointer: 0xfffffa800c562060, DeviceName: \Device\000000c8\, DriverName: \Driver\USBSTOR\

------------ End ----------

Physical Sector Size: 0

Drive: 6, DevicePointer: 0xfffffa800c638060, DeviceName: \Device\Harddisk6\DR6\, DriverName: \Driver\Disk\

--------- Disk Stack ------

DevicePointer: 0xfffffa800c637b90, DeviceName: Unknown, DriverName: \Driver\partmgr\

DevicePointer: 0xfffffa800c638060, DeviceName: \Device\Harddisk6\DR6\, DriverName: \Driver\Disk\

DevicePointer: 0xfffffa800c57a950, DeviceName: \Device\000000c9\, DriverName: \Driver\USBSTOR\

------------ End ----------

Physical Sector Size: 0

Drive: 7, DevicePointer: 0xfffffa800c572060, DeviceName: \Device\Harddisk7\DR7\, DriverName: \Driver\Disk\

--------- Disk Stack ------

DevicePointer: 0xfffffa800c638b90, DeviceName: Unknown, DriverName: \Driver\partmgr\

DevicePointer: 0xfffffa800c572060, DeviceName: \Device\Harddisk7\DR7\, DriverName: \Driver\Disk\

DevicePointer: 0xfffffa800c583b60, DeviceName: \Device\000000ca\, DriverName: \Driver\USBSTOR\

------------ End ----------

Physical Sector Size: 512

Drive: 8, DevicePointer: 0xfffffa800c636790, DeviceName: \Device\Harddisk8\DR8\, DriverName: \Driver\Disk\

--------- Disk Stack ------

DevicePointer: 0xfffffa800c572b90, DeviceName: Unknown, DriverName: \Driver\partmgr\

DevicePointer: 0xfffffa800c636790, DeviceName: \Device\Harddisk8\DR8\, DriverName: \Driver\Disk\

DevicePointer: 0xfffffa800c59c060, DeviceName: \Device\000000cb\, DriverName: \Driver\USBSTOR\

------------ End ----------

Alternate DeviceName: \Device\Harddisk8\DR8\, DriverName: \Driver\Disk\

Upper DeviceData: 0x0, 0x0, 0x0

Lower DeviceData: 0x0, 0x0, 0x0

Drive 8

Scanning MBR on drive 8...

Inspecting partition table:

MBR Signature: 55AA

Disk Signature: 90528D55

 

Partition information:

 

    Partition 0 type is Other (0xc)

    Partition is ACTIVE.

    Partition starts at LBA: 8192  Numsec = 60743680

    Partition is not bootable

    Partition file system is FAT32

 

    Partition 1 type is Empty (0x0)

    Partition is NOT ACTIVE.

    Partition starts at LBA: 0  Numsec = 0

    Partition is not bootable

 

    Partition 2 type is Empty (0x0)

    Partition is NOT ACTIVE.

    Partition starts at LBA: 0  Numsec = 0

    Partition is not bootable

 

    Partition 3 type is Empty (0x0)

    Partition is NOT ACTIVE.

    Partition starts at LBA: 0  Numsec = 0

    Partition is not bootable

 

Disk Size: 31104958464 bytes

Sector size: 512 bytes

 

Done!

File "C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\mpcache-A93571BADBFB34D3B3607B772A05D6DFD8491730.bin.79" is compressed (flags = 1)

File "C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\mpcache-A93571BADBFB34D3B3607B772A05D6DFD8491730.bin.7C" is compressed (flags = 1)

File "C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\mpcache-A93571BADBFB34D3B3607B772A05D6DFD8491730.bin.83" is compressed (flags = 1)

Scan finished

=======================================

 

 

Removal queue found; removal started

Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-0-i.mbam...

Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\VBR-0-0-2048-i.mbam...

Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\VBR-0-1-31459328-i.mbam...

Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\VBR-0-2-31664128-i.mbam...

Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-0-r.mbam...

Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-1-i.mbam...

Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\VBR-1-0-63-i.mbam...

Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-1-r.mbam...

Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-2-i.mbam...

Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\VBR-2-0-63-i.mbam...

Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-2-r.mbam...

Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-8-i.mbam...

Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\VBR-8-0-8192-i.mbam...

Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-8-r.mbam...

Removal finished

 
MBAR Date Log:
 
Malwarebytes Anti-Rootkit BETA 1.10.3.1001
www.malwarebytes.org
 
Database version:
  main:    v2018.03.12.08
  rootkit: v2018.03.08.03
 
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.18920
Randy :: GATEWAY [administrator]
 
3/12/2018 8:38:07 PM
mbar-log-2018-03-12 (20-38-07).txt
 
Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled: 
Objects scanned: 362800
Time elapsed: 2 hour(s), 4 minute(s), 27 second(s)
 
Memory Processes Detected: 0
(No malicious items detected)
 
Memory Modules Detected: 0
(No malicious items detected)
 
Registry Keys Detected: 0
(No malicious items detected)
 
Registry Values Detected: 0
(No malicious items detected)
 
Registry Data Items Detected: 0
(No malicious items detected)
 
Folders Detected: 0
(No malicious items detected)
 
Files Detected: 0
(No malicious items detected)
 
Physical Sectors Detected: 0
(No malicious items detected)
 
(end)
 
 
RKill Log: 
 
Rkill 2.9.1 by Lawrence Abrams (Grinler)
Copyright 2008-2018 BleepingComputer.com
More Information about Rkill can be found at this link:
 
Program started at: 03/13/2018 12:46:30 AM in x64 mode.
Windows Version: Windows 7 Home Premium Service Pack 1
 
Checking for Windows services to stop:
 
 * No malware services found to stop.
 
Checking for processes to terminate:
 
 * No malware processes found to kill.
 
Checking Registry for malware related settings:
 
 * No issues found in the Registry.
 
Resetting .EXE, .COM, & .BAT associations in the Windows Registry.
 
Performing miscellaneous checks:
 
 * Windows Firewall Disabled
 
   [HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
   "EnableFirewall" = dword:00000000
 
 * Reparse Point/Junctions Found (Most likely legitimate)!
 
     * C:\Windows\system64 => c:\users [Dir]
 
Searching for Missing Digital Signatures: 
 
 * No issues found.
 
Checking HOSTS File: 
 
 * HOSTS file entries found: 
 
  127.0.0.1 lmlicenses.wip4.adobe.com
  127.0.0.1 lm.licenses.adobe.com
  127.0.0.1 na1r.services.adobe.com
  127.0.0.1 hlrcv.stage.adobe.com
  127.0.0.1 practivate.adobe.com 
  127.0.0.1 activate.adobe.com
  127.0.0.1 activate.adobe.com
  127.0.0.1  activate.adobe.com
  127.0.0.1  activate-sjc0.adobe.com
  127.0.0.1  adobeereg.com
  127.0.0.1  practivate.adobe.com
  127.0.0.1  ereg.adobe.com
  127.0.0.1  www.adobeereg.com
  127.0.0.1  activate.wip3.adobe.com
  127.0.0.1  wip3.adobe.com
  127.0.0.1  3dns-3.adobe.com
  127.0.0.1  3dns-2.adobe.com
  127.0.0.1  adobe-dns.adobe.com
  127.0.0.1  adobe-dns-2.adobe.com
  127.0.0.1  adobe-dns-3.adobe.com
 
  20 out of 15294 HOSTS entries shown.
  Please review HOSTS file for further entries.
 
Program finished at: 03/13/2018 12:49:38 AM
Execution time: 0 hours(s), 3 minute(s), and 8 seconds(s)
 
 
Malwarebytes  is blocking traffic to various websites about every 2 seconds.  The offending file is :
 
C:\Users\Randy\AppData\Local\Methode.exe
 
 
Thank you again for your assistance here.  


#14 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,679 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:01:23 AM

Posted 13 March 2018 - 12:52 PM

p22002970.gif Download Temp File Cleaner (TFC)
Alternate download: http://www.itxassociates.com/OT-Tools/TFC.exe
Double click on TFC.exe to run the program.
Click on Start button to begin cleaning process.
TFC will close all running programs, and it may ask you to restart computer.

p22002970.gif Please download AdwCleaner by Xplode and save to your Desktop.
  • Double click on AdwCleaner.exe to run the tool.
    Vista/Windows 7/8 users right-click and select Run As Administrator
  • The tool will start to update the database if one is required.
  • Click on the Scan button.
  • AdwCleaner will begin...be patient as the scan may take some time to complete.
  • After the scan has finished, click on the Logfile button.
  • A window will open which lists the logs of your scans.
  • Click on the Scan tab.
  • Double-click the most recent scan which will be at the top of the list....the log will appear.
  • Review the results...see note below
  • After reviewing the log, click on the Clean button.
  • Press OK when asked to close all programs and follow the onscreen prompts.
  • Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
  • After rebooting, a logfile report (AdwCleaner[CX].txt) will open automatically (where the largest value of X represents the most recent report).
  • To open a Cleaning log, launch AdwareClearer, click on the Logfile button, click on the Cleaning tab and double-click the log at the top of the list.
  • Copy and paste the contents of AdwCleaner[CX].txt in your next reply.
  • A copy of all logfiles are saved to C:\AdwCleaner.


-- Note: The contents of the AdwCleaner log file may be confusing. Unless you see a program name or entry that you recognize and know should not be removed, don't worry about it. If you see an entry you want to keep, return to AdwCleaner before cleaning...all detected items will be listed (and checked) in each tab. Click on and uncheck any items you want to keep.


p22002970.gif Download Sophos Free Virus Removal Tool and save it to your desktop.
  • Double click the icon and select Run
  • Click Next
  • Select I accept the terms in this license agreement, then click Next twice
  • Click Install
  • Click Finish to launch the program
  • Once the virus database has been updated click Start Scanning
  • If any threats are found click Details, then View log file... (bottom left hand corner)
  • Copy and paste the results in your reply
  • Close the Notepad document, close the Threat Details screen, then click Start cleanup
  • Click Exit to close the program

My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 


#15 WTP07

WTP07
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:04:23 AM

Posted 14 March 2018 - 07:08 AM

I wasn't able to get back to it last night.  I will apply these 3 tools tonight when I get home.

 

Thanks!


Edited by WTP07, 14 March 2018 - 07:08 AM.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users