Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

My computer is infected with a worm, it might only be my Edge browser

Started by Lacosu , Jan 10 2017 12:00 PM

  • This topic is locked This topic is locked

#1
Lacosu
Posted 10 January 2017 - 12:00 PM

Lacosu

    New Member

  • Member
  • Pip
  • 1 posts

A page will pop up and create a tab not allowing you to exit or go to another tab. I must close browser with task manager. The main page is red, like Microsoft's page if they think it is a bad site, then a recording comes on telling you to call 1-888-344-6926,and it says I have the RDN/YahLover.worm!055BCCAC9EC infection, which I won't call because I know how that works, they will take control of your computer and basically ask for a ransom so you may have your PC work again.(I've heard about this but never had it happen before.) I was on the Fox News page just scrolling down looking on left sAttached File  FRST.txt   111.17KB   345 downloadsAttached File  Addition.txt   63.27KB   178 downloadside of screen when I accidently clicked on somethin on the right

 

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 08-01-2017
Ran by Larry (administrator) on ALIENINSIDER (10-01-2017 10:17:50)
Running from C:\Users\Larry\Desktop
Loaded Profiles: Larry (Available Profiles: Larry)
Platform: Windows 10 Pro Insider Preview Version 1607 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Edge)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
(Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Creative Technology Ltd) C:\Windows\SysWOW64\CtHdaSvc.exe
(Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\ODD Monitor\ODD_Monitor.exe
() C:\Program Files\Alienware\Command Center\DDR\MSIDDRService.exe
() C:\Program Files\Alienware\Command Center\ClockGen\MSIClockService.exe
() C:\Program Files\Alienware\Command Center\CPU\MSICPUService.exe
() C:\Program Files\Alienware\Command Center\SMBus\MSISMBService.exe
() C:\Program Files\Alienware\Command Center\MSIControlService.exe
(Microsoft) C:\Program Files\Softland\novaPDF 8\Server\novapdfs.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Security with Backup\Engine\22.8.1.14\NSBU.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\nvwirelesscontroller.exe
(Qualcomm Atheros) C:\Program Files\Qualcomm Atheros\Network Manager\KillerService.exe
() C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe
(Microsoft Corporation) C:\Windows\System32\SecurityHealthService.exe
(Alienware) C:\Program Files\Alienware\Command Center\ThermalsWindowsService.exe
(RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpdsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Security with Backup\Engine\22.8.1.14\NSBU.exe
(Microsoft Corporation) C:\Windows\System32\Speech_OneCore\common\SpeechRuntime.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Alienware) C:\Program Files\Alienware\Command Center\AWCCServiceController.exe
(Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe
(Logitech, Inc.) C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet 6700\Bin\ScanToPCActivationApp.exe
() C:\Program Files\Earth Networks\WeatherBug\WeatherBug.exe
(Alienware) C:\Program Files\Alienware\Command Center\ThermalController.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\Power2Go11\Power2GoExpress.exe
(Alienware) C:\Program Files\Alienware\Command Center\AlienwareAlienFXController.exe
() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(Alienware) C:\Program Files\Alienware\Command Center\AWCCApplicationWatcher32.exe
(Alienware) C:\Program Files\Alienware\Command Center\AWCCApplicationWatcher64.exe
() C:\Program Files\Qualcomm Atheros\Network Manager\NetworkManager.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet 6700\Bin\HPNetworkCommunicatorCom.exe
(Microsoft Corp.) C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktop.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go11\CLMLSvc_P2G11.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD16\PowerDVD16Agent.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet 6700\Bin\HPNetworkCommunicator.exe
(Crystal Dew World) C:\Users\Larry\Downloads\CrystalDiskInfo6_5_2ShizukuUltimate\DiskInfoS.exe
(Microsoft Corp.) C:\Program Files (x86)\Microsoft\BingDesktop\BDExtHost.exe
(Microsoft Corp.) C:\Program Files (x86)\Microsoft\BingDesktop\BDAppHost.exe
(Microsoft Corp.) C:\Program Files (x86)\Microsoft\BingDesktop\BDRuntimeHost.exe
(Microsoft Corp.) C:\Program Files (x86)\Microsoft\BingDesktop\BDSurrogateHost.exe
(CyberLink) C:\Program Files (x86)\CyberLink\MediaEspresso7\DeviceDetector\DeviceDetector7.exe
(Alienware) C:\Program Files\Alienware\Command Center\AlienFusionService.exe
(Dell Inc.) C:\Program Files\Dell\DellDataVault\DellDataVaultWiz.exe
(Dell Products, LP.) C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe
(Alienware) C:\Program Files\Alienware\Command Center\AlienFusionController.exe
(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intuit Inc.) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
(SoftThinks SAS) C:\Program Files (x86)\AlienRespawn\SftService.exe
(Glarysoft Ltd) C:\Program Files (x86)\Glarysoft\Malware Hunter\mhtray.exe
(SoftThinks - Dell) C:\Program Files (x86)\AlienRespawn\Toaster.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(SoftThinks - Dell) C:\Program Files (x86)\AlienRespawn\Components\Shell\DBRSync.exe
(BitTorrent, Inc.) C:\Program Files (x86)\uTorrent 1\uTorrent.exe
Failed to access process -> explorer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Security Assist\isa.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ink\InputPersonalization.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.16112.10211.0_x64__8wekyb3d8bbwe\Music.UI.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.16112.10221.0_x64__8wekyb3d8bbwe\Video.UI.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.1207.10020.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office16\OUTLOOK.EXE
() C:\Program Files\WindowsApps\Microsoft.WindowsFeedbackHub_1.1611.3471.0_x64__8wekyb3d8bbwe\PilotshubApp.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
==================== Registry (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [Command Center Controllers] => C:\Program Files\Alienware\Command Center\AWCCStartupOrchestrator.exe [14056 2014-10-24] (Alienware)
HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [3113592 2015-08-25] (Logitech, Inc.)
HKLM\...\Run: [ShadowPlay] => "C:\WINDOWS\system32\rundll32.exe" C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [BingDesktop] => C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktop.exe [2369240 2015-10-20] (Microsoft Corp.)
HKLM-x32\...\Run: [CLMLServer_For_P2G11] => C:\Program Files (x86)\CyberLink\Power2Go11\CLMLSvc_P2G11.exe [118552 2016-10-20] (CyberLink)
HKLM-x32\...\Run: [PowerDVD16Agent] => C:\Program Files (x86)\CyberLink\PowerDVD16\PowerDVD16Agent.exe [525352 2016-12-06] (CyberLink Corp.)
HKLM-x32\...\Run: [MalTray] => C:\Program Files (x86)\Glarysoft\Malware Hunter\mhtray.exe [926160 2017-01-02] (Glarysoft Ltd)
HKLM-x32\...\RunOnce: [Nitudag] => C:\WINDOWS\SysWOW64\wscript.exe /E:vbscript /B "C:\PROGRA~2\COMMON~1\UPDATE~1\Nekukelupo.dat"
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
HKU\S-1-5-21-3336670907-1719923216-113533501-1001\...\Run: [HP Officejet 6700 (NET)] => C:\Program Files\HP\HP Officejet 6700\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.)
HKU\S-1-5-21-3336670907-1719923216-113533501-1001\...\Run: [WeatherBug] => C:\Program Files\Earth Networks\WeatherBug\WeatherBug.exe [108456 2016-05-05] ()
HKU\S-1-5-21-3336670907-1719923216-113533501-1001\...\Run: [Power2GoExpress11] => C:\Program Files (x86)\CyberLink\Power2Go11\Power2GoExpress.exe [3322648 2016-10-20] (CyberLink Corp.)
HKU\S-1-5-21-3336670907-1719923216-113533501-1001\...\Run: [µTorrent] => C:\Program Files (x86)\uTorrent\utorrent.exe [177152 2007-02-15] ()
HKU\S-1-5-21-3336670907-1719923216-113533501-1001\...\Run: [GUDelayStartup] => C:\Program Files (x86)\Glary Utilities 5\StartupManager.exe [43984 2017-01-02] (Glarysoft Ltd)
HKU\S-1-5-21-3336670907-1719923216-113533501-1001\...\RunOnce: [Uninstall 17.3.6517.0809_10\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Larry\AppData\Local\Microsoft\OneDrive\17.3.6517.0809_10\amd64"
HKU\S-1-5-21-3336670907-1719923216-113533501-1001\...\RunOnce: [Uninstall 17.3.6517.0809_10] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Larry\AppData\Local\Microsoft\OneDrive\17.3.6517.0809_10"
ShellIconOverlayIdentifiers: [  OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files (x86)\Norton Security with Backup\Engine64\22.8.1.14\buShell.dll [2016-11-11] (Symantec Corporation)
ShellIconOverlayIdentifiers: [  OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files (x86)\Norton Security with Backup\Engine64\22.8.1.14\buShell.dll [2016-11-11] (Symantec Corporation)
ShellIconOverlayIdentifiers: [  OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files (x86)\Norton Security with Backup\Engine64\22.8.1.14\buShell.dll [2016-11-11] (Symantec Corporation)
ShellIconOverlayIdentifiers: [DBARFileBackuped] -> {831cebdd-6baf-4432-be76-9e0989c14aef} => C:\Program Files (x86)\AlienRespawn\Components\Shell\DBROverlayIconBackuped.dll [2015-12-07] (SoftThinks SAS)
ShellIconOverlayIdentifiers: [DBARFileNotBackuped] -> {275e4fd7-21ef-45cf-a836-832e5d2cc1b3} => C:\Program Files (x86)\AlienRespawn\Components\Shell\DBROverlayIconNotBackuped.dll [2015-12-07] (SoftThinks SAS)
ShellIconOverlayIdentifiers: [DBRShellOverlayBackupFile] -> {831CEBDD-6BAF-4432-BE76-9E0989C14AEF} => C:\Program Files (x86)\AlienRespawn\Components\Shell\DBROverlayIconBackuped.dll [2015-12-07] (SoftThinks SAS)
ShellIconOverlayIdentifiers: [DBRShellOverlayModifiedBackupFile] -> {275E4FD7-21EF-45CF-A836-832E5D2CC1B3} => C:\Program Files (x86)\AlienRespawn\Components\Shell\DBROverlayIconNotBackuped.dll [2015-12-07] (SoftThinks SAS)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Killer Network Manager.lnk [2015-09-04]
ShortcutTarget: Killer Network Manager.lnk -> C:\Windows\Installer\{EEFEFA96-8A1A-4B0F-AF69-FFDE5CD9692D}\NetworkManager.exe_130C27D738F34C89BDDF21BCFD74B56D.exe (Flexera Software LLC)
Startup: C:\Users\Larry\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Monitor Ink Alerts - HP Officejet 6700 (Network).lnk [2017-01-08]
ShortcutTarget: Monitor Ink Alerts - HP Officejet 6700 (Network).lnk -> C:\Program Files\HP\HP Officejet 6700\Bin\HPStatusBL.dll (Hewlett-Packard Co.)
Startup: C:\Users\Larry\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Sidebar.lnk [2015-09-03]
ShortcutTarget: Sidebar.lnk -> C:\Program Files\Windows Sidebar\sidebar.exe (Microsoft Corporation)
BootExecute: autocheck autochk * 
GroupPolicy: Restriction <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
AutoConfigURL: [S-1-5-21-3336670907-1719923216-113533501-1001] => hxxp://noblockingweb.net/wpad.dat?e9ad89b33d24962c5fb94940cf99348623191916
Winsock: Catalog5 08 C:\WINDOWS\SysWOW64\wlidNSP.dll [42496 2016-12-03] (Microsoft Corporation)
Winsock: Catalog5 09 C:\WINDOWS\SysWOW64\wlidNSP.dll [42496 2016-12-03] (Microsoft Corporation)
Winsock: Catalog5-x64 08 C:\WINDOWS\system32\wlidnsp.dll [67072 2016-12-03] (Microsoft Corporation)
Winsock: Catalog5-x64 09 C:\WINDOWS\system32\wlidnsp.dll [67072 2016-12-03] (Microsoft Corporation)
Tcpip\..\Interfaces\{316a1279-0c10-47f7-b7f9-0337704912e3}: [NameServer] 24.56.178.101,24.56.178.102,74.211.89.201
Tcpip\..\Interfaces\{3ad1a4c1-a42c-4359-95a2-a2445b945957}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{80766714-30eb-4634-a255-175bfab4909b}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{944ce5a4-05a2-4658-b4ba-8ba1e5034966}: [NameServer] 24.56.178.101,24.56.178.102,74.211.89.201
Tcpip\..\Interfaces\{c7269c18-faaf-42cc-9153-c2803328badf}: [DhcpNameServer] 192.168.1.1
ManualProxies: 0hxxp://noblockingweb.net/wpad.dat?e9ad89b33d24962c5fb94940cf99348623191916
Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://us.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_fremkfs_16_52&param1=1&param2=f%3D1%26b%3DIE%26cc%3Dus%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1Qzu0Fzz0BtCyDyC0F0E0DyE0AyCyE0BtAzytN0D0Tzu0StCzztByCtN1L2XzutAtFtByDtFtCtFyBzztN1L1Czu1StN1L1G1B1V1N2Y1L1Qzu2SyB0EyDyByD0D0AtDtGtAzytCyCtGtCtB0ByEtGtA0C0CtBtG0FtDzztByE0B0EyD0F0Czz0C2QtN1M1F1B2Z1V1N2Y1L1Qzu2StD0C0AyByB0CtB0BtGtB0D0CzztGyE0CyCyDtG0B0AtD0EtGyEyCzzyC0EtC0A0EyE0DyDzy2QtN0A0LzuyE%26cr%3D882319315%26a%3Dwbf_fremkfs_16_52%26os_ver%3D10.0%26os%3DWindows%2B10%2BPro%2BInsider%2BPreview
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxps://us.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_fremkfs_16_52&param1=1&param2=f%3D1%26b%3DIE%26cc%3Dus%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1Qzu0Fzz0BtCyDyC0F0E0DyE0AyCyE0BtAzytN0D0Tzu0StCzztByCtN1L2XzutAtFtByDtFtCtFyBzztN1L1Czu1StN1L1G1B1V1N2Y1L1Qzu2SyB0EyDyByD0D0AtDtGtAzytCyCtGtCtB0ByEtGtA0C0CtBtG0FtDzztByE0B0EyD0F0Czz0C2QtN1M1F1B2Z1V1N2Y1L1Qzu2StD0C0AyByB0CtB0BtGtB0D0CzztGyE0CyCyDtG0B0AtD0EtGyEyCzzyC0EtC0A0EyE0DyDzy2QtN0A0LzuyE%26cr%3D882319315%26a%3Dwbf_fremkfs_16_52%26os_ver%3D10.0%26os%3DWindows%2B10%2BPro%2BInsider%2BPreview
HKU\S-1-5-21-3336670907-1719923216-113533501-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://dell13.msn.com/?pc=DCJB
HKU\S-1-5-21-3336670907-1719923216-113533501-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://calvarybaptisttemple.net/
hxxps://www.microsoft.com/en-us/welcomeie11/
SearchScopes: HKLM -> DefaultScope {1A95DC8F-4A6D-4938-B715-50B59B516306} URL = hxxps://us.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wcg_fremkfs_16_52&param1=1&param2=f%3D4%26b%3DIE%26cc%3Dus%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1Qzu0Fzz0BtCyDyC0F0E0DyE0AyCyE0BtAzytN0D0Tzu0StCzztByCtN1L2XzutAtFtByDtFtCtFyBzztN1L1Czu1StN1L1G1B1V1N2Y1L1Qzu2StB0E0DyCzzzy0D0EtGtB0AtBtDtGyCyC0CyCtGtCtDyDtBtG0CzyyBtDyDtD0F0F0FtCtAtB2QtN1M1F1B2Z1V1N2Y1L1Qzu2StD0C0AyByB0CtB0BtGtB0D0CzztGyE0CyCyDtG0B0AtD0EtGyEyCzzyC0EtC0A0EyE0DyDzy2QtN0A0LzuyE%26cr%3D624116016%26a%3Dwcg_fremkfs_16_52%26os_ver%3D10.0%26os%3DWindows%2B10%2BPro%2BInsider%2BPreview&p={searchTerms}
SearchScopes: HKLM -> {1A95DC8F-4A6D-4938-B715-50B59B516306} URL = hxxps://us.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wcg_fremkfs_16_52&param1=1&param2=f%3D4%26b%3DIE%26cc%3Dus%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1Qzu0Fzz0BtCyDyC0F0E0DyE0AyCyE0BtAzytN0D0Tzu0StCzztByCtN1L2XzutAtFtByDtFtCtFyBzztN1L1Czu1StN1L1G1B1V1N2Y1L1Qzu2StB0E0DyCzzzy0D0EtGtB0AtBtDtGyCyC0CyCtGtCtDyDtBtG0CzyyBtDyDtD0F0F0FtCtAtB2QtN1M1F1B2Z1V1N2Y1L1Qzu2StD0C0AyByB0CtB0BtGtB0D0CzztGyE0CyCyDtG0B0AtD0EtGyEyCzzyC0EtC0A0EyE0DyDzy2QtN0A0LzuyE%26cr%3D624116016%26a%3Dwcg_fremkfs_16_52%26os_ver%3D10.0%26os%3DWindows%2B10%2BPro%2BInsider%2BPreview&p={searchTerms}
SearchScopes: HKLM -> {2211d4a5-48d0-47f5-a7cd-81e861470f7f} URL = hxxps://us.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_fremkfs_16_52&param1=1&param2=f%3D4%26b%3DIE%26cc%3Dus%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1Qzu0Fzz0BtCyDyC0F0E0DyE0AyCyE0BtAzytN0D0Tzu0StCzztByCtN1L2XzutAtFtByDtFtCtFyBzztN1L1Czu1StN1L1G1B1V1N2Y1L1Qzu2SyB0EyDyByD0D0AtDtGtAzytCyCtGtCtB0ByEtGtA0C0CtBtG0FtDzztByE0B0EyD0F0Czz0C2QtN1M1F1B2Z1V1N2Y1L1Qzu2StD0C0AyByB0CtB0BtGtB0D0CzztGyE0CyCyDtG0B0AtD0EtGyEyCzzyC0EtC0A0EyE0DyDzy2QtN0A0LzuyE%26cr%3D882319315%26a%3Dwbf_fremkfs_16_52%26os_ver%3D10.0%26os%3DWindows%2B10%2BPro%2BInsider%2BPreview&p={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://us.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wcg_fremkfs_16_52&param1=1&param2=f%3D4%26b%3DIE%26cc%3Dus%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1Qzu0Fzz0BtCyDyC0F0E0DyE0AyCyE0BtAzytN0D0Tzu0StCzztByCtN1L2XzutAtFtByDtFtCtFyBzztN1L1Czu1StN1L1G1B1V1N2Y1L1Qzu2StB0E0DyCzzzy0D0EtGtB0AtBtDtGyCyC0CyCtGtCtDyDtBtG0CzyyBtDyDtD0F0F0FtCtAtB2QtN1M1F1B2Z1V1N2Y1L1Qzu2StD0C0AyByB0CtB0BtGtB0D0CzztGyE0CyCyDtG0B0AtD0EtGyEyCzzyC0EtC0A0EyE0DyDzy2QtN0A0LzuyE%26cr%3D624116016%26a%3Dwcg_fremkfs_16_52%26os_ver%3D10.0%26os%3DWindows%2B10%2BPro%2BInsider%2BPreview&p={searchTerms}
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://us.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wcg_fremkfs_16_52&param1=1&param2=f%3D4%26b%3DIE%26cc%3Dus%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1Qzu0Fzz0BtCyDyC0F0E0DyE0AyCyE0BtAzytN0D0Tzu0StCzztByCtN1L2XzutAtFtByDtFtCtFyBzztN1L1Czu1StN1L1G1B1V1N2Y1L1Qzu2StB0E0DyCzzzy0D0EtGtB0AtBtDtGyCyC0CyCtGtCtDyDtBtG0CzyyBtDyDtD0F0F0FtCtAtB2QtN1M1F1B2Z1V1N2Y1L1Qzu2StD0C0AyByB0CtB0BtGtB0D0CzztGyE0CyCyDtG0B0AtD0EtGyEyCzzyC0EtC0A0EyE0DyDzy2QtN0A0LzuyE%26cr%3D624116016%26a%3Dwcg_fremkfs_16_52%26os_ver%3D10.0%26os%3DWindows%2B10%2BPro%2BInsider%2BPreview&p={searchTerms}
SearchScopes: HKLM-x32 -> {2211d4a5-48d0-47f5-a7cd-81e861470f7f} URL = hxxps://us.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_fremkfs_16_52&param1=1&param2=f%3D4%26b%3DIE%26cc%3Dus%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1Qzu0Fzz0BtCyDyC0F0E0DyE0AyCyE0BtAzytN0D0Tzu0StCzztByCtN1L2XzutAtFtByDtFtCtFyBzztN1L1Czu1StN1L1G1B1V1N2Y1L1Qzu2SyB0EyDyByD0D0AtDtGtAzytCyCtGtCtB0ByEtGtA0C0CtBtG0FtDzztByE0B0EyD0F0Czz0C2QtN1M1F1B2Z1V1N2Y1L1Qzu2StD0C0AyByB0CtB0BtGtB0D0CzztGyE0CyCyDtG0B0AtD0EtGyEyCzzyC0EtC0A0EyE0DyDzy2QtN0A0LzuyE%26cr%3D882319315%26a%3Dwbf_fremkfs_16_52%26os_ver%3D10.0%26os%3DWindows%2B10%2BPro%2BInsider%2BPreview&p={searchTerms}
SearchScopes: HKU\S-1-5-21-3336670907-1719923216-113533501-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?FORM=BTP3DF&PC=BTP3&q={searchTerms}&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-3336670907-1719923216-113533501-1001 -> {2211d4a5-48d0-47f5-a7cd-81e861470f7f} URL = hxxps://us.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_fremkfs_16_52&param1=1&param2=f%3D4%26b%3DIE%26cc%3Dus%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1Qzu0Fzz0BtCyDyC0F0E0DyE0AyCyE0BtAzytN0D0Tzu0StCzztByCtN1L2XzutAtFtByDtFtCtFyBzztN1L1Czu1StN1L1G1B1V1N2Y1L1Qzu2SyB0EyDyByD0D0AtDtGtAzytCyCtGtCtB0ByEtGtA0C0CtBtG0FtDzztByE0B0EyD0F0Czz0C2QtN1M1F1B2Z1V1N2Y1L1Qzu2StD0C0AyByB0CtB0BtGtB0D0CzztGyE0CyCyDtG0B0AtD0EtGyEyCzzyC0EtC0A0EyE0DyDzy2QtN0A0LzuyE%26cr%3D882319315%26a%3Dwbf_fremkfs_16_52%26os_ver%3D10.0%26os%3DWindows%2B10%2BPro%2BInsider%2BPreview&p={searchTerms}
SearchScopes: HKU\S-1-5-21-3336670907-1719923216-113533501-1001 -> {AFBCB7E0-F91A-4951-9F31-58FEE57A25C4} URL = hxxps://nortonsafe.search.ask.com/web?q={searchTerms}&o=APN11913&l=dis&prt=NSBU&chn=1000&geo=US&ver=22&locale=en_US&guid=978BB0E6-675C-4DA5-8EF3-1D2633B93E98&doi=2016-09-01&gct=kwd&qsrc=2869
BHO: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\Program Files (x86)\Real\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin64.dll [2016-11-11] (RealDownloader)
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office16\OCHelper.dll [2016-11-15] (Microsoft Corporation)
BHO: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Security with Backup\Engine64\22.8.1.14\coIEPlg.dll [2016-11-11] (Symantec Corporation)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
BHO: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll [2015-08-25] (Logitech, Inc.)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office16\GROOVEEX.DLL [2016-11-16] (Microsoft Corporation)
BHO-x32: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\Program Files (x86)\Real\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll [2016-11-11] (RealDownloader)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office16\OCHelper.dll [2015-07-31] (Microsoft Corporation)
BHO-x32: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Security with Backup\Engine\22.8.1.14\coIEPlg.dll [2016-11-11] (Symantec Corporation)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
BHO-x32: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll [2015-08-25] (Logitech, Inc.)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office16\GROOVEEX.DLL [2016-11-16] (Microsoft Corporation)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security with Backup\Engine64\22.8.1.14\coIEPlg.dll [2016-11-11] (Symantec Corporation)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security with Backup\Engine\22.8.1.14\coIEPlg.dll [2016-11-11] (Symantec Corporation)
Toolbar: HKU\S-1-5-21-3336670907-1719923216-113533501-1001 -> Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security with Backup\Engine64\22.8.1.14\coIEPlg.dll [2016-11-11] (Symantec Corporation)
Handler: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} -  No File
Handler: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2016-11-16] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2016-11-16] (Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2016-11-16] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2016-11-16] (Microsoft Corporation)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} -  No File
Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} -  No File
Filter: lzdhtml - {8f6b0360-b80d-11d0-a9b3-006097942311} -  No File
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
FireFox:
========
FF DefaultProfile: wvz9u14y.default
FF ProfilePath: C:\Users\Larry\AppData\Roaming\Mozilla\Firefox\Profiles\wvz9u14y.default [2017-01-09]
FF NewTab: Mozilla\Firefox\Profiles\wvz9u14y.default -> about:newtab
FF DefaultSearchEngine: Mozilla\Firefox\Profiles\wvz9u14y.default -> Yahoo! Powered
FF DefaultSearchEngine.US: Mozilla\Firefox\Profiles\wvz9u14y.default -> Yahoo! Powered
FF SelectedSearchEngine: Mozilla\Firefox\Profiles\wvz9u14y.default -> Yahoo! Powered
FF Homepage: Mozilla\Firefox\Profiles\wvz9u14y.default -> hxxps://search.norton.com/?prt=NSBU&chn=1000&geo=US&ver=22&locale=en_US&doi=2017-01-02&guid=978BB0E6-675C-4DA5-8EF3-1D2633B93E98
FF Keyword.URL: Mozilla\Firefox\Profiles\wvz9u14y.default -> user_pref("keyword.URL", true);
FF NetworkProxy: Mozilla\Firefox\Profiles\wvz9u14y.default -> type", 0
FF Extension: (Disconnect) - C:\Users\Larry\AppData\Roaming\Mozilla\Firefox\Profiles\wvz9u14y.default\Extensions\[email protected] [2017-01-02]
FF Extension: (Hoxx VPN Proxy) - C:\Users\Larry\AppData\Roaming\Mozilla\Firefox\Profiles\wvz9u14y.default\Extensions\@hoxx-vpn.xpi [2017-01-02]
FF Extension: (Blocker) - C:\Users\Larry\AppData\Roaming\Mozilla\Firefox\Profiles\wvz9u14y.default\Extensions\@kikikokicicidada.xpi [2016-03-05]
FF Extension: (AdBlocker Ultimate) - C:\Users\Larry\AppData\Roaming\Mozilla\Firefox\Profiles\wvz9u14y.default\Extensions\[email protected] [2017-01-02]
FF Extension: (Clear Console) - C:\Users\Larry\AppData\Roaming\Mozilla\Firefox\Profiles\wvz9u14y.default\Extensions\[email protected] [2017-01-02]
FF Extension: (Metal Lion Customise Palette) - C:\Users\Larry\AppData\Roaming\Mozilla\Firefox\Profiles\wvz9u14y.default\Extensions\[email protected] [2016-03-05]
FF Extension: (Norton Identity Safe) - C:\Users\Larry\AppData\Roaming\Mozilla\Firefox\Profiles\wvz9u14y.default\Extensions\[email protected] [2017-01-02]
FF Extension: (Awesome Screenshot - Capture, Annotate & More) - C:\Users\Larry\AppData\Roaming\Mozilla\Firefox\Profiles\wvz9u14y.default\Extensions\[email protected] [2017-01-02]
FF Extension: (Audio Downloader Prime) - C:\Users\Larry\AppData\Roaming\Mozilla\Firefox\Profiles\wvz9u14y.default\Extensions\[email protected] [2016-11-22]
FF Extension: (Faster Video) - C:\Users\Larry\AppData\Roaming\Mozilla\Firefox\Profiles\wvz9u14y.default\Extensions\[email protected] [2016-11-22]
FF Extension: (NASA Night Launch) - C:\Users\Larry\AppData\Roaming\Mozilla\Firefox\Profiles\wvz9u14y.default\Extensions\[email protected] [2016-04-23]
FF Extension: (Cookie Monster) - C:\Users\Larry\AppData\Roaming\Mozilla\Firefox\Profiles\wvz9u14y.default\Extensions\{45d8ff86-d909-11db-9705-005056c00008} [2017-01-02]
FF Extension: (Metal Lion Australis Tiger) - C:\Users\Larry\AppData\Roaming\Mozilla\Firefox\Profiles\wvz9u14y.default\Extensions\{F3400BAB-1070-4345-99FE-15B150454840}.xpi [2016-03-05] [not signed]
FF Extension: (Metal Lion Australis Scrollbars II) - C:\Users\Larry\AppData\Roaming\Mozilla\Firefox\Profiles\wvz9u14y.default\Extensions\{FDBAD97E-A258-4fe3-9CF6-60CF386C4422}.xpi [2016-03-05]
FF SearchPlugin: C:\Users\Larry\AppData\Roaming\Mozilla\Firefox\Profiles\wvz9u14y.default\searchplugins\norton-safe-search.xml [2017-01-02]
FF SearchPlugin: C:\Users\Larry\AppData\Roaming\Mozilla\Firefox\Profiles\wvz9u14y.default\searchplugins\yahoo! powered.xml [2017-01-02]
FF HKLM\...\Firefox\Extensions: [{C1A2A613-35F1-4FCF-B27F-2840527B6556}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NSBU_22.8.1.14\coFFAddon
FF Extension: (Norton Security Toolbar) - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NSBU_22.8.1.14\coFFAddon [2017-01-02]
FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt
FF Extension: (Logitech SetPoint) - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2016-01-15] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [{C1A2A613-35F1-4FCF-B27F-2840527B6556}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NSBU_22.8.1.14\coFFAddon
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [2014-05-22] (DivX, LLC.)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll [2014-05-22] (DivX, LLC.)
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll [2016-11-13] (DivX, LLC)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=5.0.5 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2016-03-16] (Intel Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-10-18] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-12-11] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-12-11] (NVIDIA Corporation)
FF Plugin-x32: @real.com/nppl3260;version=18.1.6.161 -> C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll [2016-12-25] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpplugin;version=18.1.6.161 -> C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpplugin.dll [2016-12-25] (RealPlayer)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-12-23] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2016-10-18] (Microsoft Corporation)
Chrome:
=======
CHR HKLM\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files (x86)\Norton Security with Backup\Engine\22.8.1.14\Exts\Chrome.crx [2017-01-02]
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files (x86)\Norton Security with Backup\Engine\22.8.1.14\Exts\Chrome.crx [2017-01-02]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 BingDesktopUpdate; C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe [173784 2015-10-20] (Microsoft Corp.)
S3 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1394816 2015-05-01] (Microsoft Corporation)
S3 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1772672 2015-05-01] (Microsoft Corporation)
R2 CTAudSvcService; C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe [429056 2013-10-28] (Creative Technology Ltd) [File not signed]
R2 CtHdaSvc; C:\WINDOWS\sysWow64\CtHdaSvc.exe [113160 2015-11-26] (Creative Technology Ltd)
S3 DellDataVault; C:\Program Files\Dell\DellDataVault\DellDataVault.exe [2573520 2015-05-22] (Dell Inc.)
R2 DellDataVaultWiz; C:\Program Files\Dell\DellDataVault\DellDataVaultWiz.exe [201936 2015-05-22] (Dell Inc.)
S3 DevicesFlowUserSvc; C:\WINDOWS\System32\DevicesFlowBroker.dll [785920 2016-12-03] (Microsoft Corporation)
S3 DevicesFlowUserSvc_84e21; C:\WINDOWS\system32\svchost.exe [41856 2016-12-03] (Microsoft Corporation)
S3 DevicesFlowUserSvc_84e21; C:\WINDOWS\SysWOW64\svchost.exe [35128 2016-12-03] (Microsoft Corporation)
R2 DusmSvc; C:\WINDOWS\System32\dusmsvc.dll [289280 2016-12-03] (Microsoft Corporation)
S2 Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [104448 2016-12-28] (Freemake) [File not signed]
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [19440 2015-11-04] (Intel Corporation)
S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [974632 2016-02-19] (Intel® Corporation)
R3 Intel® Security Assist; C:\Program Files (x86)\Intel\Intel® Security Assist\isa.exe [335872 2016-03-02] (Intel Corporation) [File not signed]
S3 ioloEnergyBooster; C:\Program Files\Alienware\Command Center\ioloEnergyBooster.exe [6145872 2012-11-01] (iolo technologies, LLC)
S3 IpxlatCfgSvc; C:\WINDOWS\System32\IpxlatCfg.dll [67584 2016-12-03] (Microsoft Corporation)
S2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel® Security Assist\isaHelperService.exe [8704 2016-03-02] (Intel Corporation) [File not signed]
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [209184 2016-03-16] (Intel Corporation)
S3 MSIBIOSData_CC; C:\Program Files\Alienware\Command Center\BIOSData\MSIBIOSDataService.exe [2109776 2014-08-01] (MSI)
R2 MSIClock_CC; C:\Program Files\Alienware\Command Center\ClockGen\MSIClockService.exe [4033360 2014-08-18] ()
S3 MSICOMM_CC; C:\Program Files\Alienware\Command Center\MSICommService.exe [2128720 2014-08-18] ()
R2 MSICPU_CC; C:\Program Files\Alienware\Command Center\CPU\MSICPUService.exe [4174672 2014-08-07] ()
R2 MSICTL_CC; C:\Program Files\Alienware\Command Center\MSIControlService.exe [2021712 2014-09-12] ()
R2 MSIDDR_CC; C:\Program Files\Alienware\Command Center\DDR\MSIDDRService.exe [2257232 2014-10-22] ()
S3 MSISaveLoad_CC; C:\Program Files\Alienware\Command Center\MSISaveLoadService.exe [3966288 2014-08-01] ()
R2 MSISMB_CC; C:\Program Files\Alienware\Command Center\SMBus\MSISMBService.exe [2067792 2014-08-01] ()
S3 MSISuperIO_CC; C:\Program Files\Alienware\Command Center\SuperIO\MSISuperIOService.exe [549200 2014-08-01] ()
S3 MSIWMI_CC; C:\Program Files\Alienware\Command Center\MSIWMIService.exe [191312 2014-09-12] ()
R2 MSI_ODD_Service; C:\Program Files (x86)\MSI\ODD Monitor\ODD_Monitor.exe [83952 2014-01-13] (Micro-Star Int'l Co., Ltd.)
S3 NaturalAuthentication; C:\WINDOWS\System32\NaturalAuth.dll [226304 2016-12-03] (Microsoft Corporation)
R2 NovaPdfServer; C:\Program Files\Softland\novaPDF 8\Server\novapdfs.exe [51112 2016-12-16] (Microsoft)
R2 NSBU; C:\Program Files (x86)\Norton Security with Backup\Engine\22.8.1.14\NSBU.exe [289080 2016-11-11] (Symantec Corporation)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [462784 2016-12-12] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [462784 2016-12-12] (NVIDIA Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [459832 2016-12-11] (NVIDIA Corporation)
R2 NVIDIA Wireless Controller Service; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\nvwirelesscontroller.exe [1163712 2016-12-12] (NVIDIA Corporation)
R2 NvTelemetryContainer; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [425408 2016-12-12] (NVIDIA Corporation)
S3 PrintWorkflowUserSvc; C:\WINDOWS\System32\Windows.Graphics.Internal.Printing.Workflow.dll [164352 2016-12-03] (Microsoft Corporation)
S3 PrintWorkflowUserSvc; C:\WINDOWS\SysWOW64\Windows.Graphics.Internal.Printing.Workflow.dll [122880 2016-12-03] (Microsoft Corporation)
R3 PrintWorkflowUserSvc_84e21; C:\WINDOWS\system32\svchost.exe [41856 2016-12-03] (Microsoft Corporation)
R3 PrintWorkflowUserSvc_84e21; C:\WINDOWS\SysWOW64\svchost.exe [35128 2016-12-03] (Microsoft Corporation)
R2 Qualcomm Atheros Killer Service V2; C:\Program Files\Qualcomm Atheros\Network Manager\KillerService.exe [344576 2014-04-24] (Qualcomm Atheros) [File not signed]
R2 RealPlayerUpdateSvc; C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe [35104 2016-11-11] ()
R2 RealTimes Desktop Service; C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpdsvc.exe [987408 2016-12-25] (RealNetworks, Inc.)
S3 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [390672 2012-08-08] ()
R2 SecurityHealthService; C:\WINDOWS\system32\SecurityHealthService.exe [192272 2016-12-03] (Microsoft Corporation)
S3 SEMgrSvc; C:\WINDOWS\system32\SEMgrSvc.dll [1231360 2016-12-03] (Microsoft Corporation)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [3385120 2016-12-03] (Microsoft Corporation)
S3 spectrum; C:\WINDOWS\system32\spectrum.exe [1177600 2016-12-03] (Microsoft Corporation)
S3 SupportAssistAgent; C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [20648 2015-06-11] (Dell Inc.)
R2 ThermalsWindowsService; C:\Program Files\Alienware\Command Center\ThermalsWindowsService.exe [14568 2014-10-24] (Alienware)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [349632 2016-12-03] (Microsoft Corporation)
S3 WFDSConMgrSvc; C:\WINDOWS\System32\wfdsconmgrsvc.dll [547840 2016-12-03] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [97032 2016-12-03] (Microsoft Corporation)
S3 wlpasvc; C:\WINDOWS\System32\lpasvc.dll [1270784 2016-12-03] (Microsoft Corporation)
R2 ibtsiva; %SystemRoot%\system32\ibtsiva [X]
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 AnyDVD; C:\WINDOWS\System32\Drivers\AnyDVD.sys [150440 2015-12-28] (SlySoft, Inc.)
R3 AnyDVD; C:\Windows\SysWOW64\Drivers\AnyDVD.sys [150440 2015-12-28] (SlySoft, Inc.)
R1 BfLwf; C:\WINDOWS\system32\DRIVERS\bwcW8x64.sys [82608 2014-04-10] (Qualcomm Atheros, Inc.)
R1 BHDrvx64; C:\Program Files (x86)\Norton Security with Backup\NortonData\22.8.1.14\Definitions\BASHDefs\20170105.001\BHDrvx64.sys [1874136 2016-12-20] (Symantec Corporation)
R3 BthLEEnum; C:\WINDOWS\system32\DRIVERS\Microsoft.Bluetooth.Legacy.LEEnumerator.sys [300032 2016-12-03] (Microsoft Corporation)
R1 ccSet_NSBU; C:\WINDOWS\system32\drivers\NSBUx64\1608010.00E\ccSetx64.sys [174328 2016-11-11] (Symantec Corporation)
R1 CLBStor; C:\WINDOWS\System32\DRIVERS\CLBStor.sys [25864 2013-09-24] (Cyberlink Co.,Ltd.)
R2 CLBUDF; C:\Windows\System32\Drivers\CLBUDF.sys [379144 2013-09-24] (CyberLink Corporation.)
R2 CldFlt; C:\WINDOWS\System32\drivers\cldflt.sys [225792 2016-12-03] (Microsoft Corporation)
R3 CLVirtualBus01; C:\WINDOWS\System32\drivers\CLVirtualBus01.sys [103176 2014-11-05] (CyberLink)
R3 cthda; C:\WINDOWS\system32\drivers\cthda.sys [1067304 2015-11-26] (Creative Technology Ltd)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [497368 2016-09-22] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [156888 2016-09-22] (Symantec Corporation)
R1 GUBootStartup; C:\WINDOWS\System32\drivers\GUBootStartup.sys [20160 2017-01-02] (Glarysoft Ltd)
S3 GUMHFilters; C:\Program Files (x86)\Glarysoft\Malware Hunter\Native\winxp_x64\GUMHFilter.sys [37688 2016-11-04] (GlarySoft Ltd)
S1 GUSBootStartup; C:\WINDOWS\System32\drivers\GUSBootStartup.sys [20160 2017-01-08] (Glarysoft Ltd)
R3 ibtusb; C:\WINDOWS\system32\DRIVERS\ibtusb.sys [230144 2016-10-25] (Intel Corporation)
R1 IDSVia64; C:\Program Files (x86)\Norton Security with Backup\NortonData\22.8.1.14\Definitions\IPSDefs\20170109.001\IDSvia64.sys [1038032 2016-12-30] (Symantec Corporation)
S3 Ke2200; C:\WINDOWS\System32\drivers\e22w8x64.sys [130224 2014-03-27] (Qualcomm Atheros, Inc.)
R3 KillerEth; C:\WINDOWS\System32\drivers\e2xw10x64.sys [145920 2016-12-03] (Qualcomm Atheros, Inc.)
S3 mausbhost; C:\WINDOWS\System32\drivers\mausbhost.sys [266000 2016-12-03] (Microsoft Corporation)
S3 mausbip; C:\WINDOWS\System32\drivers\mausbip.sys [45840 2016-12-03] (Microsoft Corporation)
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [104960 2016-12-03] (Microsoft Corporation)
R3 NETwNb64; C:\WINDOWS\System32\drivers\Netwbw02.sys [3485696 2016-12-03] (Intel Corporation)
R3 NTIOLib_MSICEN; C:\Program Files\Alienware\Command Center\NTIOLib_Thermals_X64.sys [13808 2013-12-03] (MSI)
R3 NTIOLib_MSIClock_CC; C:\Program Files\Alienware\Command Center\ClockGen\NTIOLib_X64.sys [13368 2012-11-20] (MSI)
S3 NTIOLib_MSICOMM_CC; C:\Program Files\Alienware\Command Center\NTIOLib_X64.sys [13368 2012-11-19] (MSI)
R3 NTIOLib_MSICPU_CC; C:\Program Files\Alienware\Command Center\CPU\NTIOLib_X64.sys [13368 2012-11-20] (MSI)
R3 NTIOLib_MSIDDR_CC; C:\Program Files\Alienware\Command Center\DDR\NTIOLib_X64.sys [13368 2012-11-26] (MSI)
S3 NTIOLib_MSIFrequency_CC; C:\Program Files\Alienware\Command Center\ClockGen\CPU_Frequency\NTIOLib_X64.sys [13368 2012-11-20] (MSI)
S3 NTIOLib_MSIRatio_CC; C:\Program Files\Alienware\Command Center\CPU\CPU_Ratio\NTIOLib_X64.sys [13368 2012-11-20] (MSI)
R3 NTIOLib_MSISMB_CC; C:\Program Files\Alienware\Command Center\SMBus\NTIOLib_X64.sys [13368 2012-11-19] (MSI)
S3 NTIOLib_MSISuperIO_CC; C:\Program Files\Alienware\Command Center\SuperIO\NTIOLib_X64.sys [13368 2012-11-19] (MSI)
R3 NTIOLib_X64; C:\Program Files (x86)\msi\ODD Monitor\NTIOLib_X64.sys [14136 2014-01-13] (MSI)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_desktop_ref4i.inf_amd64_e9418cd4947d9b45\nvlddmkm.sys [14200880 2016-12-12] (NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [27584 2016-12-12] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [46016 2016-12-12] (NVIDIA Corporation)
S3 pmem; C:\WINDOWS\System32\drivers\pmem.sys [98304 2016-12-03] (Microsoft Corporation)
R3 RTSUER; C:\WINDOWS\system32\Drivers\RtsUer.sys [422616 2015-09-11] (Realsil Semiconductor Corporation)
S3 SDFRd; C:\WINDOWS\System32\drivers\SDFRd.sys [26896 2016-12-03] ()
S3 SpatialGraphFilter; C:\WINDOWS\System32\drivers\SpatialGraphFilter.sys [30480 2016-12-03] (Microsoft Corporation)
R1 SRTSP; C:\WINDOWS\system32\drivers\NSBUx64\1608010.00E\SRTSP64.SYS [784624 2016-11-11] (Symantec Corporation)
R1 SRTSPX; C:\WINDOWS\system32\drivers\NSBUx64\1608010.00E\SRTSPX64.SYS [49400 2016-11-11] (Symantec Corporation)
R0 SymEFASI; C:\WINDOWS\System32\drivers\NSBUx64\1608010.00E\SYMEFASI64.SYS [1628888 2016-11-11] (Symantec Corporation)
S0 SymELAM; C:\WINDOWS\System32\drivers\NSBUx64\1608010.00E\SymELAM.sys [24192 2016-11-11] (Symantec Corporation)
R3 SymEvent; C:\WINDOWS\system32\Drivers\SYMEVENT64x86.SYS [100592 2017-01-02] (Symantec Corporation)
R1 SymIRON; C:\WINDOWS\system32\drivers\NSBUx64\1608010.00E\Ironx64.SYS [289520 2016-11-11] (Symantec Corporation)
R1 SymNetS; C:\WINDOWS\system32\drivers\NSBUx64\1608010.00E\SYMNETS.SYS [567512 2016-11-11] (Symantec Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [40768 2016-12-03] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [285968 2016-12-03] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [117008 2016-12-03] (Microsoft Corporation)
S3 WinNat; C:\WINDOWS\System32\drivers\winnat.sys [206336 2016-12-03] (Microsoft Corporation)
S3 WofAdk; C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit\Deployment Tools\amd64\DISM\wofadk.sys [221888 2015-10-30] (Microsoft Corporation)
R2 {41E8078B-96D9-42DC-8789-A1CF102CD880}; C:\Program Files (x86)\CyberLink\PowerDVD16\Common\NavFilter\000.fcl [38168 2016-12-02] (CyberLink Corp.)
R2 {687703DE-DC6D-4649-892B-B8497854A6AB}; C:\Program Files (x86)\CyberLink\PowerDVD15\Common\NavFilter\000.fcl [29896 2016-09-13] (CyberLink Corp.)
S3 NAVENG; \??\C:\Program Files (x86)\Norton Security with Backup\NortonData\22.8.1.14\Definitions\SDSDefs\20170103.002\ENG64.SYS [X]
S3 NAVEX15; \??\C:\Program Files (x86)\Norton Security with Backup\NortonData\22.8.1.14\Definitions\SDSDefs\20170103.002\EX64.SYS [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
NETSVC: NaturalAuthentication -> C:\Windows\System32\NaturalAuth.dll (Microsoft Corporation)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-01-10 10:17 - 2017-01-10 10:18 - 00046430 _____ C:\Users\Larry\Desktop\FRST.txt
2017-01-10 10:17 - 2017-01-10 10:17 - 00000000 ____D C:\FRST
2017-01-10 10:16 - 2017-01-10 10:17 - 02419200 _____ (Farbar) C:\Users\Larry\Desktop\FRST64.exe
2017-01-10 07:37 - 2017-01-10 07:37 - 00280877 _____ C:\Users\Larry\Documents\COLORADO HEALTH MEDICAL GROUP payment.pdf
2017-01-10 07:26 - 2017-01-10 07:26 - 00000000 ___HD C:\$WINDOWS.~BT
2017-01-10 07:19 - 2017-01-10 07:19 - 00249188 _____ C:\Users\Larry\Downloads\War.on.Everyone.2016.720p.WEB-DL.H264.AC3-EVO.torrent
2017-01-10 07:16 - 2017-01-10 07:16 - 00003284 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task v2
2017-01-10 07:16 - 2017-01-10 07:16 - 00000000 ___HD C:\OneDriveTemp
2017-01-10 07:14 - 2017-01-10 07:14 - 01165149 _____ C:\Users\Larry\Downloads\Far.Cry.Primal-CPY.torrent
2017-01-10 07:14 - 2017-01-10 07:14 - 01128914 _____ C:\Users\Larry\Downloads\Sherlock.Holmes.Crimes.and.Punishments.MULTi10-PLAZA.torrent
2017-01-09 01:43 - 2017-01-09 01:43 - 00221619 _____ C:\Users\Larry\Downloads\The Girl On The Train 2016 BRRip x264 720p-NPW.torrent
2017-01-08 09:31 - 2017-01-08 09:31 - 00000000 ____D C:\Users\Larry\AppData\Local\Glarysoft
2017-01-08 09:04 - 2017-01-08 09:04 - 00001197 _____ C:\Users\Larry\AppData\Local\recently-used.xbel
2017-01-08 08:50 - 2017-01-08 09:03 - 00000000 ____D C:\Users\Larry\AppData\Roaming\deluge
2017-01-08 08:50 - 2017-01-08 08:50 - 00001062 _____ C:\Users\Public\Desktop\Deluge.lnk
2017-01-08 08:50 - 2017-01-08 08:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Deluge
2017-01-08 08:50 - 2017-01-08 08:50 - 00000000 ____D C:\Program Files (x86)\Deluge
2017-01-08 08:49 - 2017-01-08 08:50 - 15955676 _____ (Deluge Team) C:\Users\Larry\Downloads\deluge-1.3.13-win32-py2.7-0.exe
2017-01-08 08:15 - 2017-01-08 08:15 - 00001042 _____ C:\ProgramData\Microsoft\Windows\Start Menu\µTorrent.lnk
2017-01-08 08:15 - 2017-01-08 08:15 - 00001036 _____ C:\Users\Public\Desktop\µTorrent.lnk
2017-01-08 08:15 - 2017-01-08 08:15 - 00000000 ____D C:\Program Files (x86)\uTorrent 1
2017-01-08 08:08 - 2017-01-08 08:08 - 00634156 _____ C:\Users\Larry\Downloads\The.Deluge.Redivivus.1974.READNFO.720p.BluRay.x264-ProPL.torrent
2017-01-08 08:02 - 2017-01-08 09:30 - 00000000 ___HD C:\$GlaryQuarantine
2017-01-08 07:57 - 2017-01-08 07:57 - 00020160 _____ (Glarysoft Ltd) C:\WINDOWS\system32\Drivers\GUSBootStartup.sys
2017-01-08 07:57 - 2017-01-08 07:57 - 00003056 _____ C:\WINDOWS\System32\Tasks\GMHSkipUAC
2017-01-08 07:57 - 2017-01-08 07:57 - 00001307 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malware Hunter.lnk
2017-01-08 07:57 - 2017-01-08 07:57 - 00001295 _____ C:\Users\Public\Desktop\Malware Hunter.lnk
2017-01-08 07:57 - 2017-01-08 07:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glarysoft
2017-01-08 07:56 - 2017-01-08 07:56 - 18004592 _____ C:\Users\Larry\Downloads\mhsetup (1).exe
2017-01-08 07:38 - 2017-01-08 08:11 - 00000000 ____D C:\ProgramData\Glarysoft
2017-01-08 07:38 - 2017-01-08 07:57 - 00000000 ____D C:\Program Files (x86)\Glarysoft
2017-01-08 07:38 - 2017-01-08 07:38 - 18004592 _____ C:\Users\Larry\Downloads\mhsetup.exe
2017-01-08 06:30 - 2017-01-08 06:30 - 00205191 _____ C:\Users\Larry\Downloads\Sniper.Elite.Berlin.1945-GOG.torrent
2017-01-08 06:26 - 2017-01-08 06:26 - 00001003 _____ C:\Users\Larry\Downloads\Sniper.Elite.3.MULTi9.Crackfix-PLAZA.torrent
2017-01-08 05:42 - 2017-01-08 05:42 - 00009281 _____ C:\Users\Larry\Downloads\Willie_Nelson-For_the_Good_Times_A_Tribute_to_Ray_Price-WEB-2016-AZF.torrent
2017-01-08 05:41 - 2017-01-08 05:41 - 00006443 _____ C:\Users\Larry\Downloads\Willie_Nelson-Greatest_Hits-2009-iTS.torrent
2017-01-08 05:31 - 2017-01-08 05:31 - 00000740 _____ C:\Users\Larry\Downloads\uTorrent 1.6.1.torrent
2017-01-08 05:30 - 2017-01-08 05:30 - 00000554 _____ C:\Users\Larry\Downloads\utorrent 1.8.4 RAR tw.torrent
2017-01-08 05:28 - 2017-01-08 05:28 - 00004608 _____ C:\WINDOWS\system32\sppextcomobjpatcher.exe
2017-01-06 08:00 - 2017-01-06 08:00 - 00815517 _____ C:\Users\Larry\Downloads\9.Souls.2003.1080p.BluRay.x264-USURY.torrent
2017-01-06 06:34 - 2017-01-06 06:34 - 00000544 _____ C:\Users\Larry\Downloads\utorrent 2.2.1.rar.torrent
2017-01-06 06:34 - 2017-01-06 06:34 - 00000427 _____ C:\Users\Larry\Downloads\utorrent_1.7.7.rar.torrent
2017-01-06 06:32 - 2017-01-06 06:32 - 00085683 _____ C:\Users\Larry\Downloads\No.Highway.In.The.Sky.1951.DVDRip.x264-FiCO.torrent
2017-01-02 23:35 - 2017-01-02 23:35 - 01693209 _____ C:\Users\Larry\Downloads\Sniper.Elite.3.MULTi9-PLAZA (1).torrent
2017-01-02 23:29 - 2017-01-02 23:29 - 01693209 _____ C:\Users\Larry\Downloads\Sniper.Elite.3.MULTi9-PLAZA.torrent
2017-01-02 23:25 - 2017-01-02 23:25 - 00077924 _____ C:\Users\Larry\Downloads\The.Ultimate.Matrix.Collection.1080p.BluRay.AAC.x264-tomcat12.torrent
2017-01-02 23:24 - 2017-01-02 23:24 - 00071843 _____ C:\Users\Larry\Downloads\Iron Man Trilogy 1080p BDRip AAC x264-tomcat12.torrent
2017-01-02 23:22 - 2017-01-02 23:22 - 00047412 _____ C:\Users\Larry\Downloads\The.Godfather.Trilogy. I. II. III .1972-1990.1080p.BluRay.x264.anoXmous.torrent
2017-01-02 23:19 - 2017-01-02 23:19 - 00223967 _____ C:\Users\Larry\Downloads\Star Wars - The Complete Saga.BRRiP.XViD.AC3.5.1.ReLeNTLesS.torrent
2017-01-02 23:18 - 2017-01-02 23:18 - 00068336 _____ C:\Users\Larry\Downloads\The.Librarian.Trilogy.Pack.720p-CzT.torrent
2017-01-02 18:21 - 2017-01-02 18:21 - 00001583 _____ C:\Users\Larry\Downloads\RarLab.WinRAR.v5.21.Cracked Reg.rar.torrent
2017-01-02 16:06 - 2017-01-02 16:06 - 00032749 _____ C:\Users\Larry\Downloads\Lynda.com.Windows.Performance.Toolkit.CPU.Analysis-ELOHiM.torrent
2017-01-02 15:39 - 2017-01-02 15:39 - 00000000 ____D C:\Users\Default\AppData\Roaming\RealNetworks
2017-01-02 15:39 - 2017-01-02 15:39 - 00000000 ____D C:\Users\Default User\AppData\Roaming\RealNetworks
2017-01-02 15:25 - 2017-01-02 15:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced Uninstaller PRO
2017-01-02 15:20 - 2017-01-02 15:20 - 00000000 ____D C:\Program Files (x86)\VulkanRT
2017-01-02 15:20 - 2016-12-11 20:03 - 00215608 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2017-01-02 15:20 - 2016-12-11 11:23 - 00134712 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvStreaming.exe
2017-01-02 15:20 - 2016-09-09 11:25 - 00269600 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2017-01-02 15:20 - 2016-09-09 11:25 - 00261920 _____ C:\WINDOWS\system32\vulkan-1.dll
2017-01-02 15:20 - 2016-09-09 11:25 - 00110880 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2017-01-02 15:20 - 2016-09-09 11:24 - 00125216 _____ C:\WINDOWS\system32\vulkaninfo.exe
2017-01-02 15:19 - 2017-01-02 15:20 - 00000000 ____D C:\WINDOWS\LastGood.Tmp
2017-01-02 15:18 - 2016-12-11 20:03 - 40125496 _____ C:\WINDOWS\system32\nvcompiler.dll
2017-01-02 15:18 - 2016-12-11 20:03 - 35222976 _____ C:\WINDOWS\SysWOW64\nvcompiler.dll
2017-01-02 15:18 - 2016-12-11 20:03 - 34710584 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2017-01-02 15:18 - 2016-12-11 20:03 - 10912744 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvptxJitCompiler.dll
2017-01-02 15:18 - 2016-12-11 20:03 - 10803880 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2017-01-02 15:18 - 2016-12-11 20:03 - 10353960 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2017-01-02 15:18 - 2016-12-11 20:03 - 08913328 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll
2017-01-02 15:18 - 2016-12-11 20:03 - 08761560 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2017-01-02 15:18 - 2016-12-11 20:03 - 02950200 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2017-01-02 15:18 - 2016-12-11 20:03 - 02587704 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2017-01-02 15:18 - 2016-12-11 20:03 - 01953336 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6437633.dll
2017-01-02 15:18 - 2016-12-11 20:03 - 01586744 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6437633.dll
2017-01-02 15:18 - 2016-12-11 20:03 - 01038392 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2017-01-02 15:18 - 2016-12-11 20:03 - 00974784 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2017-01-02 15:18 - 2016-12-11 20:03 - 00942528 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2017-01-02 15:18 - 2016-12-11 20:03 - 00894400 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2017-01-02 15:18 - 2016-12-11 20:03 - 00802768 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFTH264.dll
2017-01-02 15:18 - 2016-12-11 20:03 - 00801560 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFThevc.dll
2017-01-02 15:18 - 2016-12-11 20:03 - 00683640 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvfatbinaryLoader.dll
2017-01-02 15:18 - 2016-12-11 20:03 - 00643928 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFTH264.dll
2017-01-02 15:18 - 2016-12-11 20:03 - 00642392 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFThevc.dll
2017-01-02 15:18 - 2016-12-11 20:03 - 00617696 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmcumd.dll
2017-01-02 15:18 - 2016-12-11 20:03 - 00438208 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2017-01-02 15:18 - 2016-12-11 20:03 - 00394888 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2017-01-02 15:18 - 2016-12-11 20:03 - 00388544 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2017-01-02 15:18 - 2016-12-11 20:03 - 00386104 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvDecMFTMjpeg.dll
2017-01-02 15:18 - 2016-12-11 20:03 - 00347072 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvDecMFTMjpeg.dll
2017-01-02 15:18 - 2016-12-11 20:03 - 00327408 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2017-01-02 15:14 - 2017-01-02 15:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\doPDF 8
2017-01-02 15:12 - 2017-01-02 15:13 - 52798040 _____ (Softland) C:\Users\Larry\Downloads\doPDF_v8.8.946.exe
2017-01-02 15:11 - 2017-01-02 15:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2017-01-02 15:02 - 2017-01-08 07:49 - 00005110 _____ C:\ProgramData\NvTelemetryContainer.log_backup1
2017-01-02 15:02 - 2017-01-02 15:02 - 00004410 _____ C:\WINDOWS\System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-01-02 15:02 - 2017-01-02 15:02 - 00003986 _____ C:\WINDOWS\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-01-02 15:02 - 2017-01-02 15:02 - 00000000 ____D C:\Users\Larry\AppData\Local\Chromium
2017-01-02 15:02 - 2016-12-12 16:30 - 00120256 _____ C:\WINDOWS\system32\NvRtmpStreamer64.dll
2017-01-02 15:01 - 2017-01-02 15:11 - 43524096 _____ C:\Users\Larry\Downloads\Skype_v7.30.0.105.msi
2017-01-02 15:01 - 2017-01-02 15:01 - 00003996 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-01-02 15:01 - 2017-01-02 15:01 - 00003968 _____ C:\WINDOWS\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-01-02 15:01 - 2017-01-02 15:01 - 00003960 _____ C:\WINDOWS\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-01-02 15:01 - 2017-01-02 15:01 - 00003798 _____ C:\WINDOWS\System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-01-02 15:01 - 2017-01-02 15:01 - 00003756 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-01-02 15:01 - 2016-12-12 16:30 - 00156096 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvaudcap64v.dll
2017-01-02 15:01 - 2016-12-12 16:30 - 00123840 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvaudcap32v.dll
2017-01-02 15:01 - 2016-12-12 16:30 - 00046016 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvad64v.sys
2017-01-02 15:01 - 2016-12-12 07:36 - 00001951 _____ C:\WINDOWS\NvTelemetryContainerRecovery.bat
2017-01-02 14:59 - 2017-01-02 15:00 - 79969144 _____ (NVIDIA Corporation) C:\Users\Larry\Downloads\NVIDIA_GeForce_Experience_v3.2.0.96.exe
2017-01-02 14:48 - 2017-01-02 14:59 - 00000000 ____D C:\Users\Larry\AppData\LocalLow\Mozilla
2017-01-02 14:46 - 2017-01-02 14:46 - 46977648 _____ C:\Users\Larry\Downloads\Mozilla_Firefox_(64bit)_v50.1.0.exe
2017-01-02 14:44 - 2017-01-02 14:44 - 10380544 _____ (Innovative Solutions ) C:\Users\Larry\Downloads\Advanced_Uninstaller_Pro_v12.15.exe
2017-01-02 14:43 - 2017-01-02 14:43 - 10769864 _____ (Adobe Systems Inc.) C:\Users\Larry\Downloads\AdobeAIRInstaller (1).exe
2017-01-02 14:40 - 2017-01-02 14:40 - 00000000 ___HD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup-Disabled
2017-01-02 14:38 - 2017-01-02 14:38 - 16752312 _____ C:\Users\Larry\Downloads\gup5setup.exe
2017-01-02 14:34 - 2017-01-08 07:51 - 00000000 ____D C:\Program Files (x86)\Glary Utilities 5
2017-01-02 14:34 - 2017-01-08 07:38 - 00000000 ____D C:\Users\Larry\AppData\Roaming\GlarySoft
2017-01-02 14:34 - 2017-01-08 07:35 - 00003390 _____ C:\WINDOWS\System32\Tasks\GlaryInitialize 5
2017-01-02 14:34 - 2017-01-08 07:35 - 00003036 _____ C:\WINDOWS\System32\Tasks\GU5SkipUAC
2017-01-02 14:34 - 2017-01-08 07:35 - 00001175 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities 5.lnk
2017-01-02 14:34 - 2017-01-08 07:35 - 00001163 _____ C:\Users\Public\Desktop\Glary Utilities 5.lnk
2017-01-02 14:34 - 2017-01-02 14:39 - 00020160 _____ (Glarysoft Ltd) C:\WINDOWS\system32\Drivers\GUBootStartup.sys
2017-01-02 14:34 - 2017-01-02 14:34 - 00000000 ____D C:\Users\Larry\AppData\Roaming\DiskDefrag
2017-01-02 14:34 - 2017-01-02 14:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities 5
2017-01-02 14:32 - 2017-01-02 14:33 - 00000000 ____D C:\Users\Larry\Downloads\Lump
2017-01-02 13:46 - 2017-01-02 14:48 - 00000000 ____D C:\Program Files\Mozilla Firefox
2017-01-02 13:31 - 2017-01-10 06:05 - 00000000 ____D C:\WINDOWS\System32\Tasks\Remediation
2017-01-02 13:31 - 2017-01-02 13:31 - 00000000 ____D C:\Program Files\Common Files\AV
2017-01-02 13:22 - 2017-01-10 05:33 - 00000000 ____D C:\WINDOWS\System32\Tasks\Norton Security with Backup
2017-01-02 13:20 - 2017-01-02 13:20 - 00100592 _____ (Symantec Corporation) C:\WINDOWS\system32\Drivers\SYMEVENT64x86.SYS
2017-01-02 13:20 - 2017-01-02 13:20 - 00008319 _____ C:\WINDOWS\system32\Drivers\SYMEVENT64x86.CAT
2017-01-02 13:20 - 2017-01-02 13:20 - 00003410 _____ C:\WINDOWS\System32\Tasks\Norton WSC Integration
2017-01-02 13:20 - 2017-01-02 13:20 - 00002623 _____ C:\Users\Public\Desktop\Norton Security with Backup.lnk
2017-01-02 13:20 - 2017-01-02 13:20 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Security with Backup
2017-01-02 13:20 - 2017-01-02 13:20 - 00000000 ____D C:\WINDOWS\system32\Drivers\NSBUx64
2017-01-02 13:20 - 2017-01-02 13:20 - 00000000 ____D C:\Program Files\Common Files\Symantec Shared
2017-01-02 13:20 - 2017-01-02 13:20 - 00000000 ____D C:\Program Files (x86)\Norton Security with Backup
2017-01-02 13:15 - 2017-01-02 13:15 - 00000000 ____D C:\ProgramData\NortonInstaller
2017-01-02 13:15 - 2017-01-02 13:15 - 00000000 ____D C:\Program Files (x86)\NortonInstaller
2017-01-02 13:13 - 2017-01-02 13:22 - 00000000 ____D C:\ProgramData\Norton
2017-01-02 13:13 - 2017-01-02 13:13 - 01101176 _____ (Symantec Corporation) C:\Users\Larry\Downloads\NortonNSBUDownloader.exe
2017-01-02 13:13 - 2017-01-02 13:13 - 00001395 _____ C:\Users\Larry\Desktop\Norton Installation Files.lnk
2017-01-02 13:13 - 2017-01-02 13:13 - 00000000 ____D C:\Users\Public\Downloads\Norton
2017-01-02 12:45 - 2017-01-02 12:49 - 00000000 ____D C:\Users\Larry\Downloads\Microsoft Excel 2013 Beginner Training
2017-01-02 10:39 - 2017-01-02 10:39 - 00001009 _____ C:\Users\Larry\Downloads\Malwarebytes.Anti-Malware.Premium.v2.0.1.1004.Multilingual.Incl.Keygen-BRD.torrent
2017-01-02 09:59 - 2017-01-02 09:59 - 00000000 ____D C:\Program Files (x86)\Produtools_Manuals_2.1
2017-01-02 08:31 - 2017-01-02 08:31 - 00275903 _____ C:\Users\Larry\Downloads\Jack.Reacher.Never.Go.Back.2016.HC.720p.HDRip.x264.AC3-iFT.torrent
2017-01-02 08:30 - 2017-01-02 08:30 - 00177099 _____ C:\Users\Larry\Downloads\Warcraft.2016.BDRip.x264.AC3-FRWL.mkv.torrent
2017-01-02 08:29 - 2017-01-02 08:29 - 00119894 _____ C:\Users\Larry\Downloads\The.Secret.Life.of.Pets.2016.BDRip.x264.AC3-FRWL.mkv.torrent
2017-01-01 01:14 - 2017-01-01 01:14 - 00114858 _____ C:\Users\Larry\Downloads\Jack.Reacher.Never.Go.Back.2016.HC.HDRip.XviD.AC3-EVO.torrent
2017-01-01 00:31 - 2017-01-01 00:31 - 00000046 _____ C:\Users\Larry\AppData\Roaming\WB.CFG
2016-12-31 20:36 - 2016-12-31 20:36 - 00002383 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDVD.lnk
2016-12-31 20:36 - 2016-12-31 20:36 - 00002371 _____ C:\Users\Public\Desktop\CyberLink PowerDVD 16.lnk
2016-12-31 20:18 - 2016-12-31 20:18 - 00050359 _____ C:\Users\Larry\Documents\Power DVD16.pdf
2016-12-31 20:09 - 2016-12-31 20:09 - 01167128 _____ (CyberLink) C:\Users\Larry\Downloads\CyberLink_PhotoDirector_Downloader (1).exe
2016-12-31 20:06 - 2016-12-31 20:10 - 355650096 _____ C:\Users\Larry\Downloads\PhotoDirector_8.0.2303.60332_GM4_Patch_PTD161220-04.exe
2016-12-31 20:06 - 2016-12-31 20:06 - 01167128 _____ (CyberLink) C:\Users\Larry\Downloads\CyberLink_PhotoDirector_Downloader.exe
2016-12-31 19:57 - 2017-01-02 08:52 - 00003593 _____ C:\Users\Larry\AppData\LocalLow\lpm.dat
2016-12-31 19:55 - 2017-01-08 07:49 - 00111783 ____H C:\Users\Larry\AppData\Local\IconCache.db
2016-12-31 19:44 - 2016-12-31 19:44 - 00003696 _____ C:\WINDOWS\System32\Tasks\DivXUpdate
2016-12-31 17:28 - 2017-01-02 15:39 - 00001002 _____ C:\WINDOWS\Tasks\Yahoo! Powered rorir.job
2016-12-31 17:28 - 2017-01-02 14:41 - 00003786 _____ C:\WINDOWS\System32\Tasks\Yahoo! Powered rorir
2016-12-31 17:28 - 2017-01-02 00:30 - 00000000 ____D C:\ProgramData\{7CD1B9B2-F693-3374-7055-AD36EA1726F8}
2016-12-31 17:28 - 2016-12-31 17:31 - 00000000 ____D C:\Users\Larry\AppData\Local\{159323CF-313B-4F77-5CA3-6A9F78CB9607}
2016-12-31 17:28 - 2016-12-31 17:30 - 00001619 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HowToRemove.html.lnk
2016-12-31 17:28 - 2016-12-31 17:28 - 34139976 _____ (Ellora Assets Corporation ) C:\Users\Larry\Downloads\FreemakeVideoConverterFull.exe
2016-12-31 17:22 - 2016-12-31 17:22 - 00000000 ___HD C:\Users\Larry\Documents\PDRMUSIC.TMP
2016-12-31 17:22 - 2016-12-31 17:22 - 00000000 ____D C:\Users\Larry\CyberLink
2016-12-31 04:50 - 2016-12-31 04:52 - 00000000 ____D C:\Users\Larry\Documents\TurboTax
2016-12-31 04:47 - 2016-12-31 04:50 - 00000000 ____D C:\Users\Larry\AppData\Roaming\Intuit
2016-12-31 04:45 - 2016-12-31 04:47 - 00000319 _____ C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc
2016-12-31 04:45 - 2016-12-31 04:45 - 00002529 _____ C:\Users\Public\Desktop\TurboTax 2016.lnk
2016-12-31 04:45 - 2016-12-31 04:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TurboTax 2016
2016-12-31 04:45 - 2016-12-31 04:45 - 00000000 ____D C:\Program Files (x86)\TurboTax
2016-12-31 04:44 - 2016-12-31 04:45 - 00000000 ____D C:\ProgramData\Intuit
2016-12-31 01:51 - 2016-12-31 01:51 - 00014705 _____ C:\Users\Larry\Downloads\TurboTax Deluxe 2016.torrent
2016-12-31 01:47 - 2016-12-31 01:47 - 00028918 _____ C:\Users\Larry\Downloads\Homeland.Defense.National.Security.Patrol-SKIDROW.torrent
2016-12-31 01:46 - 2016-12-31 01:46 - 00027894 _____ C:\Users\Larry\Downloads\Homeland.S06E01.HDTV.x264-BATV.torrent
2016-12-28 10:23 - 2016-12-28 10:35 - 00000000 ____D C:\Users\Larry\Desktop\Breaking Bad
2016-12-28 10:21 - 2016-12-28 10:21 - 00000000 ____D C:\Users\Larry\AppData\Local\nfoviewer
2016-12-26 23:32 - 2016-12-26 23:32 - 00358785 _____ C:\Users\Larry\Downloads\Suicide Squad 2016 Extended 2016 BluRay 720p DTS AC3 x264-ETRG.torrent
2016-12-26 23:30 - 2016-12-26 23:30 - 02956158 _____ C:\Users\Larry\Downloads\Suicide Squad 2016 Theatrical Cut 1080p Blu-ray 3D Remux AVC Atmos - KRaLiMaRKo (1).torrent
2016-12-26 23:29 - 2016-12-26 23:29 - 02956158 _____ C:\Users\Larry\Downloads\Suicide Squad 2016 Theatrical Cut 1080p Blu-ray 3D Remux AVC Atmos - KRaLiMaRKo.torrent
2016-12-25 00:34 - 2016-12-25 00:34 - 00001093 _____ C:\Users\Public\Desktop\Revo Uninstaller.lnk
2016-12-25 00:34 - 2016-12-25 00:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
2016-12-25 00:34 - 2016-12-25 00:34 - 00000000 ____D C:\Program Files\VS Revo Group
2016-12-25 00:33 - 2016-12-25 00:33 - 07097928 _____ (VS Revo Group ) C:\Users\Larry\Downloads\revosetup.exe
2016-12-25 00:26 - 2017-01-02 15:43 - 00002698 _____ C:\WINDOWS\System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-3336670907-1719923216-113533501-1001
2016-12-25 00:26 - 2017-01-02 15:43 - 00002582 _____ C:\WINDOWS\System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-3336670907-1719923216-113533501-1001
2016-12-25 00:26 - 2017-01-02 15:43 - 00002538 _____ C:\WINDOWS\System32\Tasks\RealDownloader Update Check
2016-12-25 00:26 - 2016-12-25 00:26 - 00512392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcp71.dll
2016-12-25 00:26 - 2016-12-25 00:26 - 00360840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcr71.dll
2016-12-25 00:26 - 2016-12-25 00:26 - 00285576 _____ (Progressive Networks) C:\WINDOWS\SysWOW64\pncrt.dll
2016-12-25 00:26 - 2016-12-25 00:26 - 00207752 _____ (RealNetworks, Inc.) C:\WINDOWS\SysWOW64\rmoc3260.dll
2016-12-25 00:26 - 2016-12-25 00:26 - 00001291 _____ C:\Users\Public\Desktop\RealPlayer (RealTimes).lnk
2016-12-25 00:26 - 2016-12-25 00:26 - 00000000 ____D C:\Users\Larry\AppData\Roaming\RealNetworks
2016-12-25 00:26 - 2016-12-25 00:26 - 00000000 ____D C:\Users\Larry\AppData\Local\Real
2016-12-25 00:26 - 2016-12-25 00:26 - 00000000 ____D C:\Users\Larry\AppData\Local\CrashRpt
2016-12-25 00:26 - 2016-12-25 00:26 - 00000000 ____D C:\ProgramData\RealNetworks
2016-12-25 00:26 - 2016-12-25 00:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RealNetworks
2016-12-25 00:26 - 2016-12-25 00:26 - 00000000 ____D C:\Program Files (x86)\Real
2016-12-25 00:25 - 2017-01-02 09:10 - 00000000 ____D C:\Users\Larry\AppData\Roaming\Real
2016-12-25 00:25 - 2016-12-25 00:27 - 00000000 ____D C:\ProgramData\Real
2016-12-25 00:18 - 2016-12-25 00:18 - 17443464 _____ (Nullsoft, Inc.) C:\Users\Larry\Downloads\winamp5666_full_all.exe
2016-12-25 00:16 - 2016-12-25 00:36 - 00000000 ____D C:\Program Files (x86)\Winamp
2016-12-25 00:16 - 2009-09-04 17:29 - 01892184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_42.dll
2016-12-25 00:16 - 2006-09-28 16:05 - 02414360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_31.dll
2016-12-24 22:15 - 2016-12-24 22:15 - 00056491 _____ C:\Users\Larry\Downloads\Contract.To.Kill.2016.HDRip.AC3.2.0.x264-BDP.torrent
2016-12-24 07:11 - 2016-12-24 07:11 - 00000068 _____ C:\Users\Larry\Downloads\listen (1).pls
2016-12-24 07:08 - 2016-12-24 07:08 - 00000068 _____ C:\Users\Larry\Downloads\listen.pls
2016-12-24 07:02 - 2016-12-24 07:02 - 00075319 _____ C:\Users\Larry\Downloads\Indiana Jones Quadrilogy 1981 - 2008 720p BRRIP X264 AC3 (2).torrent
2016-12-24 07:01 - 2016-12-24 07:01 - 00075319 _____ C:\Users\Larry\Downloads\Indiana Jones Quadrilogy 1981 - 2008 720p BRRIP X264 AC3 (1).torrent
2016-12-24 06:59 - 2016-12-13 01:55 - 00075319 _____ C:\Users\Larry\Downloads\Indiana Jones Quadrilogy 1981 - 2008 720p BRRIP X264 AC3.torrent
2016-12-24 06:55 - 2016-01-22 02:14 - 00035090 _____ C:\Users\Larry\Downloads\Active.Boot.Disk.Suite.10.0.3.1.rar.torrent
2016-12-24 06:55 - 2016-01-22 02:10 - 00001151 _____ C:\Users\Larry\Downloads\Raxco.InstantRecovery.Server.v2.2.Incl.Keygen-TSZ.torrent
2016-12-24 06:55 - 2016-01-22 02:00 - 00001631 _____ C:\Users\Larry\Downloads\Comfy.File.Recovery.v3.7.Incl.Keygen-BEAN.torrent
2016-12-24 06:55 - 2016-01-22 01:50 - 00001405 _____ C:\Users\Larry\Downloads\ILike.Any.Data.Recovery.Pro.v1.8.8.8.Multilanguage-LAXiTY.torrent
2016-12-24 06:55 - 2016-01-22 01:45 - 00000947 _____ C:\Users\Larry\Downloads\Hetman.Excel.Recovery.v2.2.Incl.Keygen-BEAN.torrent
2016-12-24 06:55 - 2016-01-22 01:44 - 00001735 _____ C:\Users\Larry\Downloads\East.Imperial.Soft.Magic.Partition.Recovery.v2.4.Incl.Keygen-BEAN.torrent
2016-12-24 06:55 - 2016-01-21 23:39 - 00001700 _____ C:\Users\Larry\Downloads\OO.DiskRecovery.Tech.Edition.v11.0.17.x64.Incl.KeyMaker.HAPPY.NEW.YEAR-DVT.torrent
2016-12-24 06:48 - 2016-12-24 06:48 - 00813951 _____ C:\Users\Larry\Downloads\The.Accountant.2016.MULTi.1080p.BluRay.x264-LOST.torrent
2016-12-24 06:47 - 2016-12-24 06:47 - 01159435 _____ C:\Users\Larry\Downloads\Jason.Bourne.2016.1080p.BluRay.DTS.x264-SpaceHD.mkv.torrent
2016-12-24 06:36 - 2016-12-24 06:36 - 00067461 _____ C:\Users\Larry\Downloads\ZWCAD.ZW3D.2017.v21.00-AMPED.torrent
2016-12-24 06:27 - 2016-12-24 06:27 - 00021385 _____ C:\Users\Larry\Downloads\Turok.Dinosaur.Hunters.v20161222.MULTI5-ALiAS.torrent
2016-12-24 06:25 - 2016-12-24 06:25 - 00004043 _____ C:\Users\Larry\Downloads\Kick.[bleep].Commandos.v1.0.3-ALiAS.torrent
2016-12-24 06:17 - 2016-12-24 06:17 - 00000460 _____ C:\Users\Larry\Downloads\Open ports WITHOUT router access.rar.torrent
2016-12-24 06:14 - 2016-12-24 06:14 - 00001089 _____ C:\Users\Larry\Downloads\Simple Port Forwarding Pro 3.4.0 + crack-XenoCoder.rar.torrent
2016-12-24 06:10 - 2016-12-24 06:10 - 00615532 _____ C:\Users\Larry\Documents\Setting a Static IP Address in Windows 10.pdf
2016-12-24 06:07 - 2016-12-24 06:07 - 00151990 _____ C:\Users\Larry\Downloads\Deepwater.Horizon.2016.HDRip.XviD.AC3-iFT.torrent
2016-12-24 06:06 - 2016-12-24 06:06 - 00180188 _____ C:\Users\Larry\Downloads\Ben.Hur.2016.BDRip.XviD.AC3-iFT.torrent
2016-12-24 06:06 - 2016-12-24 06:06 - 00153601 _____ C:\Users\Larry\Downloads\Inferno.2016.HC.HDRip.XviD.AC3-iFT.torrent
2016-12-20 03:45 - 2016-12-20 03:45 - 00871089 _____ C:\Users\Larry\Downloads\Breaking.Bad.S01-S05.COMPLETE.1080p.BluRay.x264.torrent
2016-12-20 01:29 - 2016-12-12 01:21 - 01614552 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2016-12-20 01:29 - 2016-12-12 01:21 - 01353208 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2016-12-20 01:29 - 2016-12-12 01:21 - 01050896 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.efi
2016-12-20 01:29 - 2016-12-12 01:21 - 00910608 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.exe
2016-12-20 01:29 - 2016-12-12 01:21 - 00127760 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinelsa.dll
2016-12-20 01:29 - 2016-12-12 01:21 - 00109504 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32u.dll
2016-12-20 01:29 - 2016-12-12 00:48 - 00376592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2016-12-20 01:29 - 2016-12-12 00:48 - 00165136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2016-12-20 01:29 - 2016-12-12 00:45 - 02761200 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
2016-12-20 01:29 - 2016-12-12 00:44 - 01807184 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2016-12-20 01:29 - 2016-12-12 00:42 - 00169912 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcrypt.dll
2016-12-20 01:29 - 2016-12-12 00:40 - 00651864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2016-12-20 01:29 - 2016-12-12 00:38 - 01095952 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2016-12-20 01:29 - 2016-12-12 00:38 - 00987408 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2016-12-20 01:29 - 2016-12-12 00:38 - 00068880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys
2016-12-20 01:29 - 2016-12-12 00:38 - 00015632 _____ (Microsoft Corporation) C:\WINDOWS\system32\kdhvcom.dll
2016-12-20 01:29 - 2016-12-12 00:23 - 00524560 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2016-12-20 01:29 - 2016-12-12 00:04 - 01404328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2016-12-20 01:29 - 2016-12-12 00:03 - 03580928 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-12-20 01:29 - 2016-12-12 00:03 - 01270024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2016-12-20 01:29 - 2016-12-12 00:03 - 00110864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offlinelsa.dll
2016-12-20 01:29 - 2016-12-12 00:03 - 00074848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32u.dll
2016-12-20 01:29 - 2016-12-12 00:02 - 00201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2016-12-20 01:29 - 2016-12-11 23:59 - 02755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2016-12-20 01:29 - 2016-12-11 23:55 - 00125952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakrathunk.dll
2016-12-20 01:29 - 2016-12-11 23:51 - 00073216 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2016-12-20 01:29 - 2016-12-11 23:47 - 00114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2016-12-20 01:29 - 2016-12-11 23:44 - 00453120 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2016-12-20 01:29 - 2016-12-11 23:26 - 00794112 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2016-12-20 01:29 - 2016-12-11 23:24 - 02311832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
2016-12-20 01:29 - 2016-12-11 23:23 - 01483352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2016-12-20 01:29 - 2016-12-11 23:21 - 00101656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcrypt.dll
2016-12-20 01:29 - 2016-12-11 22:59 - 01949696 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2016-12-20 01:29 - 2016-12-11 22:51 - 01533440 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2016-12-20 01:29 - 2016-12-11 22:47 - 02924032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2016-12-20 01:29 - 2016-12-11 22:46 - 00138752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2016-12-20 01:29 - 2016-12-11 22:44 - 02755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2016-12-20 01:29 - 2016-12-11 22:42 - 08642560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-12-20 01:29 - 2016-12-11 22:42 - 05094912 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-12-20 01:29 - 2016-12-11 22:39 - 00103936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakrathunk.dll
2016-12-20 01:29 - 2016-12-11 22:34 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2016-12-20 01:29 - 2016-12-11 22:33 - 00306688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2016-12-20 01:29 - 2016-12-11 22:31 - 00055808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2016-12-20 01:29 - 2016-12-11 22:30 - 24567808 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-12-20 01:29 - 2016-12-11 22:16 - 04141056 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2016-12-20 01:29 - 2016-12-11 22:16 - 00551936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2016-12-20 01:29 - 2016-12-11 22:15 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\msimsg.dll
2016-12-20 01:29 - 2016-12-11 22:12 - 24752640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-12-20 01:29 - 2016-12-11 21:46 - 05920256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2016-12-20 01:29 - 2016-12-11 21:46 - 03599360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2016-12-20 01:29 - 2016-12-11 21:25 - 04031488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2016-12-20 01:29 - 2016-12-11 21:24 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msimsg.dll
2016-12-20 01:29 - 2016-12-11 21:23 - 19456512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2016-12-20 01:29 - 2016-12-11 21:21 - 19085312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-12-18 03:05 - 2016-12-18 03:05 - 00166824 _____ C:\Users\Larry\Downloads\Rogue One A Star Wars Story 2016 HDTS UN-WATERMARKED NAKRO.torrent
2016-12-18 02:50 - 2016-12-18 02:50 - 00024361 _____ C:\Users\Larry\Downloads\Sherlock Holmes 1-2 Duology 2009-2011 BluRay 720p x264 ac3 jbr.torrent
2016-12-18 02:46 - 2016-12-18 02:46 - 00296464 _____ C:\Users\Larry\Downloads\Disney.Classic.Collection.Movie.PACK.torrent
2016-12-18 00:42 - 2016-12-18 00:42 - 00000000 ____D C:\Users\Larry\AppData\Local\DBG
2016-12-16 18:32 - 2016-12-16 18:32 - 00018944 _____ (Softland) C:\WINDOWS\system32\novamn8.dll
2016-12-16 18:32 - 2016-12-16 18:32 - 00015872 _____ (Softland) C:\WINDOWS\system32\novami8.dll
2016-12-13 06:36 - 2016-12-03 08:51 - 00020657 _____ C:\WINDOWS\SysWOW64\license.rtf
2016-12-13 06:36 - 2016-12-03 08:51 - 00020657 _____ C:\WINDOWS\system32\license.rtf
2016-12-13 06:34 - 2016-12-25 17:24 - 00000000 ____D C:\Windows.old
2016-12-13 06:34 - 2016-12-13 06:34 - 00000000 ____D C:\Program Files\Reference Assemblies
2016-12-13 06:34 - 2016-12-13 06:34 - 00000000 ____D C:\Program Files\MSBuild
2016-12-13 06:34 - 2016-12-13 06:34 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
2016-12-13 06:34 - 2016-12-13 06:34 - 00000000 ____D C:\Program Files (x86)\MSBuild
2016-12-13 06:34 - 2016-11-18 19:50 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2016-12-13 06:34 - 2016-11-18 19:50 - 00124624 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2016-12-13 06:34 - 2016-11-18 19:50 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2016-12-13 06:34 - 2016-11-18 19:46 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2016-12-13 06:34 - 2016-11-18 19:46 - 00103120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2016-12-13 06:34 - 2016-11-18 19:46 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2016-12-13 06:33 - 2016-12-13 06:33 - 00008192 ___SH C:\WINDOWS\system32\config\userdiff.LOG1
2016-12-13 06:33 - 2016-12-13 06:33 - 00008192 _____ C:\WINDOWS\system32\config\userdiff
2016-12-13 06:33 - 2016-12-13 06:33 - 00000000 ___SH C:\WINDOWS\system32\config\userdiff.LOG2
2016-12-13 06:33 - 2016-12-13 06:33 - 00000000 ____D C:\WINDOWS\system32\Microsoft
2016-12-13 06:33 - 2016-12-13 05:37 - 00000000 ____D C:\WINDOWS\ServiceProfiles
2016-12-13 05:50 - 2017-01-08 07:56 - 01082720 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-12-13 05:49 - 2016-12-13 05:49 - 00000000 ____D C:\ProgramData\Microsoft OneDrive
2016-12-13 05:48 - 2016-12-13 05:48 - 00000174 ___SH C:\Users\Larry\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\desktop.ini
2016-12-13 05:48 - 2016-12-13 05:48 - 00000020 ___SH C:\Users\Larry\ntuser.ini
2016-12-13 05:48 - 2016-12-13 05:48 - 00000000 ____D C:\ProgramData\USOShared
2016-12-13 05:47 - 2016-12-13 05:47 - 00000000 _SHDL C:\Users\Default\Templates
2016-12-13 05:47 - 2016-12-13 05:47 - 00000000 _SHDL C:\Users\Default\Start Menu
2016-12-13 05:47 - 2016-12-13 05:47 - 00000000 _SHDL C:\Users\Default\SendTo
2016-12-13 05:47 - 2016-12-13 05:47 - 00000000 _SHDL C:\Users\Default\Recent
2016-12-13 05:47 - 2016-12-13 05:47 - 00000000 _SHDL C:\Users\Default\PrintHood
2016-12-13 05:47 - 2016-12-13 05:47 - 00000000 _SHDL C:\Users\Default\NetHood
2016-12-13 05:47 - 2016-12-13 05:47 - 00000000 _SHDL C:\Users\Default\My Documents
2016-12-13 05:47 - 2016-12-13 05:47 - 00000000 _SHDL C:\Users\Default\Local Settings
2016-12-13 05:47 - 2016-12-13 05:47 - 00000000 _SHDL C:\Users\Default\Cookies
2016-12-13 05:47 - 2016-12-13 05:47 - 00000000 _SHDL C:\Users\Default\Application Data
2016-12-13 05:47 - 2016-12-13 05:47 - 00000000 _SHDL C:\Users\Default\AppData\Local\Temporary Internet Files
2016-12-13 05:47 - 2016-12-13 05:47 - 00000000 _SHDL C:\Users\Default\AppData\Local\History
2016-12-13 05:47 - 2016-12-13 05:47 - 00000000 _SHDL C:\Users\Default\AppData\Local\Application Data
2016-12-13 05:47 - 2016-12-13 05:47 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Temporary Internet Files
2016-12-13 05:47 - 2016-12-13 05:47 - 00000000 _SHDL C:\Users\Default User\AppData\Local\History
2016-12-13 05:47 - 2016-12-13 05:47 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Application Data
2016-12-13 05:47 - 2016-12-13 05:47 - 00000000 _SHDL C:\ProgramData\Templates
2016-12-13 05:47 - 2016-12-13 05:47 - 00000000 _SHDL C:\ProgramData\Start Menu
2016-12-13 05:47 - 2016-12-13 05:47 - 00000000 _SHDL C:\ProgramData\Documents
2016-12-13 05:47 - 2016-12-13 05:47 - 00000000 _SHDL C:\ProgramData\Desktop
2016-12-13 05:47 - 2016-12-13 05:47 - 00000000 _SHDL C:\ProgramData\Application Data
2016-12-13 05:46 - 2016-12-13 05:47 - 00007623 _____ C:\WINDOWS\diagwrn.xml
2016-12-13 05:46 - 2016-12-13 05:47 - 00007623 _____ C:\WINDOWS\diagerr.xml
2016-12-13 05:45 - 2017-01-10 08:08 - 00004562 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2016-12-13 05:45 - 2017-01-09 21:16 - 00004162 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{92E004E0-944B-4CF6-B097-741811337254}
2016-12-13 05:45 - 2017-01-08 07:50 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-12-13 05:45 - 2017-01-02 15:52 - 00002916 _____ C:\WINDOWS\System32\Tasks\UninstallMonitor
2016-12-13 05:45 - 2017-01-02 15:49 - 00004032 _____ C:\WINDOWS\System32\Tasks\AupAvUpdate
2016-12-13 05:45 - 2017-01-02 15:14 - 00003666 _____ C:\WINDOWS\System32\Tasks\doPDF Update
2016-12-13 05:45 - 2016-12-13 05:45 - 00003890 _____ C:\WINDOWS\System32\Tasks\PCDoctorBackgroundMonitorTask
2016-12-13 05:45 - 2016-12-13 05:45 - 00003364 _____ C:\WINDOWS\System32\Tasks\Dell SupportAssistAgent AutoUpdate
2016-12-13 05:45 - 2016-12-13 05:45 - 00003168 _____ C:\WINDOWS\System32\Tasks\KMSAutoNet
2016-12-13 05:45 - 2016-12-13 05:45 - 00003118 _____ C:\WINDOWS\System32\Tasks\Intel PTT EK Recertification
2016-12-13 05:45 - 2016-12-13 05:45 - 00003076 _____ C:\WINDOWS\System32\Tasks\PCDEventLauncherTask
2016-12-13 05:45 - 2016-12-13 05:45 - 00002938 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3336670907-1719923216-113533501-1001
2016-12-13 05:45 - 2016-12-13 05:45 - 00002712 _____ C:\WINDOWS\System32\Tasks\HPCustParticipation HP Officejet 6700
2016-12-13 05:45 - 2016-12-13 05:45 - 00002708 _____ C:\WINDOWS\System32\Tasks\Health-Check-deep
2016-12-13 05:45 - 2016-12-13 05:45 - 00002690 _____ C:\WINDOWS\System32\Tasks\Health-Check
2016-12-13 05:45 - 2016-12-13 05:45 - 00002648 _____ C:\WINDOWS\System32\Tasks\CrystalDiskInfo
2016-12-13 05:45 - 2016-12-13 05:45 - 00002536 _____ C:\WINDOWS\System32\Tasks\DeviceDetector7
2016-12-13 05:45 - 2016-12-13 05:45 - 00002318 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3336670907-1719923216-113533501-500
2016-12-13 05:45 - 2016-12-13 05:45 - 00002180 _____ C:\WINDOWS\System32\Tasks\Toolbox.exe_{A121AC8C-E8D8-4974-84B8-45A1639C735E}
2016-12-13 05:45 - 2016-12-13 05:45 - 00000000 ____D C:\WINDOWS\System32\Tasks\WPD
2016-12-13 05:45 - 2016-12-13 05:45 - 00000000 ____D C:\WINDOWS\System32\Tasks\Apple
2016-12-13 05:45 - 2013-09-21 23:39 - 00003594 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2502134517-3762767452-646584501-500
2016-12-13 05:44 - 2016-12-13 05:46 - 00274395 _____ C:\WINDOWS\comsetup.log
2016-12-13 05:43 - 2017-01-08 07:50 - 814424064 ___SH C:\hiberfil.sys
2016-12-13 05:42 - 2016-12-13 05:42 - 00001576 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2016-12-13 05:39 - 2016-12-13 05:43 - 00000000 ____D C:\WINDOWS\system32\config\bbimigrate
2016-12-13 05:38 - 2017-01-10 10:18 - 00000000 ____D C:\Users\Larry\AppData\Local\Temp
2016-12-13 05:38 - 2017-01-08 09:31 - 00000000 ____D C:\Users\Larry\AppData\Local
2016-12-13 05:38 - 2017-01-08 08:50 - 00000000 ____D C:\Users\Larry\AppData\Roaming
2016-12-13 05:38 - 2017-01-08 07:52 - 00067584 ____S C:\WINDOWS\bootstat.dat
2016-12-13 05:38 - 2017-01-08 07:49 - 08912896 ____H C:\Users\Larry\NTUSER.DAT
2016-12-13 05:38 - 2017-01-02 15:38 - 00000000 ____D C:\Users\Larry
2016-12-13 05:38 - 2017-01-02 15:21 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2016-12-13 05:38 - 2017-01-02 15:02 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2016-12-13 05:38 - 2017-01-02 15:02 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2016-12-13 05:38 - 2016-12-24 07:25 - 00000000 ____D C:\Users\Larry\AppData\Local\Microsoft
2016-12-13 05:38 - 2016-12-13 13:42 - 00524288 ___SH C:\Users\Larry\NTUSER.DAT{cee83db6-c130-11e6-80ee-98b65c6e8283}.TMContainer00000000000000000001.regtrans-ms
2016-12-13 05:38 - 2016-12-13 13:42 - 00065536 ___SH C:\Users\Larry\NTUSER.DAT{cee83db6-c130-11e6-80ee-98b65c6e8283}.TM.blf
2016-12-13 05:38 - 2016-12-13 05:48 - 00000000 ___RD C:\Users\Larry\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2016-12-13 05:38 - 2016-12-13 05:45 - 00000000 ___SD C:\Users\Larry\AppData\Roaming\Microsoft
2016-12-13 05:38 - 2016-12-13 05:43 - 00524288 ___SH C:\WINDOWS\system32\config\ELAM{120e256d-b936-11e6-a947-e41d2d740e30}.TMContainer00000000000000000002.regtrans-ms
2016-12-13 05:38 - 2016-12-13 05:43 - 00524288 ___SH C:\WINDOWS\system32\config\ELAM{120e256d-b936-11e6-a947-e41d2d740e30}.TMContainer00000000000000000001.regtrans-ms
2016-12-13 05:38 - 2016-12-13 05:43 - 00065536 ___SH C:\WINDOWS\system32\config\ELAM{120e256d-b936-11e6-a947-e41d2d740e30}.TM.blf
2016-12-13 05:38 - 2016-12-13 05:38 - 02195456 ___SH C:\Users\Larry\ntuser.dat.LOG2
2016-12-13 05:38 - 2016-12-13 05:38 - 02085888 ___SH C:\Users\Larry\ntuser.dat.LOG1
2016-12-13 05:38 - 2016-12-13 05:38 - 00524288 ___SH C:\Users\Larry\NTUSER.DAT{cee83db6-c130-11e6-80ee-98b65c6e8283}.TMContainer00000000000000000002.regtrans-ms
2016-12-13 05:38 - 2016-12-13 05:38 - 00000000 _SHDL C:\Users\Larry\Templates
2016-12-13 05:38 - 2016-12-13 05:38 - 00000000 _SHDL C:\Users\Larry\Start Menu
2016-12-13 05:38 - 2016-12-13 05:38 - 00000000 _SHDL C:\Users\Larry\SendTo
2016-12-13 05:38 - 2016-12-13 05:38 - 00000000 _SHDL C:\Users\Larry\Recent
2016-12-13 05:38 - 2016-12-13 05:38 - 00000000 _SHDL C:\Users\Larry\PrintHood
2016-12-13 05:38 - 2016-12-13 05:38 - 00000000 _SHDL C:\Users\Larry\NetHood
2016-12-13 05:38 - 2016-12-13 05:38 - 00000000 _SHDL C:\Users\Larry\My Documents
2016-12-13 05:38 - 2016-12-13 05:38 - 00000000 _SHDL C:\Users\Larry\Local Settings
2016-12-13 05:38 - 2016-12-13 05:38 - 00000000 _SHDL C:\Users\Larry\Documents\My Videos
2016-12-13 05:38 - 2016-12-13 05:38 - 00000000 _SHDL C:\Users\Larry\Documents\My Pictures
2016-12-13 05:38 - 2016-12-13 05:38 - 00000000 _SHDL C:\Users\Larry\Documents\My Music
2016-12-13 05:38 - 2016-12-13 05:38 - 00000000 _SHDL C:\Users\Larry\Cookies
2016-12-13 05:38 - 2016-12-13 05:38 - 00000000 _SHDL C:\Users\Larry\Application Data
2016-12-13 05:38 - 2016-12-13 05:38 - 00000000 _SHDL C:\Users\Larry\AppData\Local\Temporary Internet Files
2016-12-13 05:38 - 2016-12-13 05:38 - 00000000 _SHDL C:\Users\Larry\AppData\Local\History
2016-12-13 05:38 - 2016-12-13 05:38 - 00000000 _SHDL C:\Users\Larry\AppData\Local\Application Data
2016-12-13 05:38 - 2016-12-13 05:38 - 00000000 ___HD C:\Users\Larry\AppData
2016-12-13 05:38 - 2016-12-13 05:38 - 00000000 ___HD C:\Program Files (x86)\Uninstall Information
2016-12-13 05:38 - 2016-12-13 05:38 - 00000000 ____D C:\WINDOWS\SysWOW64\sda
2016-12-13 05:38 - 2016-12-11 11:47 - 06384576 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2016-12-13 05:38 - 2016-12-11 11:47 - 02475968 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2016-12-13 05:38 - 2016-12-11 11:47 - 01764408 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2016-12-13 05:38 - 2016-12-11 11:47 - 00548408 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2016-12-13 05:38 - 2016-12-11 11:47 - 00392128 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2016-12-13 05:38 - 2016-12-11 11:47 - 00081856 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2016-12-13 05:38 - 2016-12-11 11:47 - 00071224 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2016-12-13 05:38 - 2016-12-09 01:52 - 07639617 _____ C:\WINDOWS\system32\nvcoproc.bin
2016-12-13 05:38 - 2016-12-03 07:42 - 00000000 ___RD C:\Users\Larry\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell
2016-12-13 05:38 - 2016-12-03 07:42 - 00000000 ___RD C:\Users\Larry\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2016-12-13 05:38 - 2016-12-03 07:42 - 00000000 ___RD C:\Users\Larry\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2016-12-13 05:38 - 2016-12-03 07:42 - 00000000 ____D C:\Users\Larry\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2016-12-13 05:37 - 2017-01-10 10:17 - 00000000 ____D C:\WINDOWS\Prefetch
2016-12-13 05:37 - 2017-01-10 07:11 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2016-12-13 05:37 - 2017-01-08 07:50 - 00062861 _____ C:\WINDOWS\setupact.log
2016-12-13 05:37 - 2017-01-02 03:49 - 00366568 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-12-13 05:37 - 2016-12-13 05:38 - 00000156 _____ C:\WINDOWS\setuperr.log
2016-12-13 05:37 - 2016-12-13 05:37 - 00524288 ___SH C:\Users\Default\NTUSER.DAT{cee83db6-c130-11e6-80ee-98b65c6e8283}.TMContainer00000000000000000002.regtrans-ms
2016-12-13 05:37 - 2016-12-13 05:37 - 00524288 ___SH C:\Users\Default\NTUSER.DAT{cee83db6-c130-11e6-80ee-98b65c6e8283}.TMContainer00000000000000000001.regtrans-ms
2016-12-13 05:37 - 2016-12-13 05:37 - 00081337 _____ C:\WINDOWS\system32\NetSetupMig.log
2016-12-13 05:37 - 2016-12-13 05:37 - 00065536 ___SH C:\Users\Default\NTUSER.DAT{cee83db6-c130-11e6-80ee-98b65c6e8283}.TM.blf
2016-12-13 05:37 - 2016-12-03 07:33 - 02258432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2016-12-13 05:17 - 2017-01-10 07:26 - 00000000 ___DC C:\WINDOWS\Panther
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-01-10 10:18 - 2016-01-21 22:39 - 00000000 ____D C:\Users\Larry\AppData\Roaming\uTorrent
2017-01-10 08:08 - 2015-09-12 00:37 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2017-01-10 08:08 - 2015-09-04 13:08 - 00000000 ____D C:\Users\Larry\AppData\Local\Clipboarder
2017-01-10 07:16 - 2015-09-04 15:30 - 00002421 _____ C:\Users\Larry\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-01-10 07:16 - 2015-09-03 20:25 - 00000000 __RDO C:\Users\Larry\SkyDrive
2017-01-10 06:11 - 2016-12-03 07:42 - 00000000 ___HD C:\Program Files\WindowsApps
2017-01-10 06:11 - 2016-12-03 07:42 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-01-09 12:25 - 2016-10-23 00:34 - 00000000 ____D C:\ProgramData\NVIDIA
2017-01-08 09:30 - 2013-09-21 23:31 - 00000000 ____D C:\WINDOWS\options
2017-01-08 08:17 - 2016-10-24 13:42 - 00000000 ____D C:\Users\Larry\AppData\Local\CrashDumps
2017-01-08 07:59 - 2015-09-04 00:07 - 00000000 ____D C:\ProgramData\softthinks
2017-01-08 07:59 - 2015-09-03 20:32 - 00000000 ____D C:\Program Files (x86)\AlienRespawn
2017-01-08 07:51 - 2015-10-26 06:20 - 00000000 ____D C:\MSI
2017-01-08 07:49 - 2016-12-03 01:55 - 01572864 _____ C:\WINDOWS\system32\config\BBI
2017-01-07 03:36 - 2015-11-01 02:29 - 00000000 ____D C:\Users\Larry\Documents\Outlook Files
2017-01-07 02:18 - 2015-11-12 21:58 - 00000000 ____D C:\Users\Larry\Documents\Taxes
2017-01-02 15:47 - 2015-11-13 06:42 - 00000000 ____D C:\ProgramData\KMSAutoS
2017-01-02 15:41 - 2015-09-03 23:29 - 00000000 ____D C:\Users\Larry\AppData\Local\NVIDIA Corporation
2017-01-02 15:39 - 2016-03-05 00:54 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-01-02 15:39 - 2015-09-25 03:45 - 00000000 ____D C:\Program Files (x86)\360
2017-01-02 15:39 - 2015-09-03 20:31 - 00000000 ____D C:\ProgramData\Package Cache
2017-01-02 15:25 - 2016-07-06 23:05 - 00001728 _____ C:\Users\Larry\Desktop\Advanced Uninstaller PRO 12.lnk
2017-01-02 15:25 - 2016-07-06 23:05 - 00001612 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced Uninstaller PRO 12.lnk
2017-01-02 15:21 - 2016-12-03 07:38 - 00000000 ____D C:\WINDOWS\INF
2017-01-02 15:21 - 2015-09-03 21:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2017-01-02 15:21 - 2015-09-03 20:32 - 00000000 ____D C:\Temp
2017-01-02 15:13 - 2015-09-12 02:32 - 00000000 ____D C:\Users\Larry\AppData\Roaming\Skype
2017-01-02 15:11 - 2015-09-12 02:32 - 00002640 _____ C:\Users\Public\Desktop\Skype.lnk
2017-01-02 15:11 - 2015-09-12 02:32 - 00000000 ___RD C:\Program Files (x86)\Skype
2017-01-02 15:11 - 2015-09-12 02:32 - 00000000 ____D C:\Users\Larry\AppData\Local\Skype
2017-01-02 15:11 - 2015-09-12 02:32 - 00000000 ____D C:\ProgramData\Skype
2017-01-02 15:10 - 2015-09-25 03:25 - 00000000 ____D C:\Users\Larry\AppData\Roaming\NVIDIA
2017-01-02 15:10 - 2015-09-03 21:36 - 00000000 ____D C:\Users\Larry\AppData\Local\NVIDIA
2017-01-02 15:02 - 2015-09-03 23:29 - 00001499 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2017-01-02 14:48 - 2016-03-05 00:54 - 00001019 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2017-01-02 14:48 - 2016-03-05 00:54 - 00001007 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2017-01-02 13:21 - 2016-12-03 01:55 - 00032768 _____ C:\WINDOWS\system32\config\ELAM
2017-01-02 13:20 - 2016-12-03 07:42 - 00000000 ___HD C:\WINDOWS\ELAMBKUP
2017-01-02 09:59 - 2016-01-21 13:16 - 00000000 ____D C:\Users\Larry\AppData\LocalLow\Temp
2017-01-02 03:58 - 2016-01-21 12:41 - 00000486 __RSH C:\ProgramData\ntuser.pol
2017-01-02 03:57 - 2015-09-03 21:07 - 00485032 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2016-12-31 20:45 - 2015-09-25 01:21 - 00000000 ____D C:\Users\Larry\AppData\Local\CyberLink
2016-12-31 20:44 - 2015-09-25 02:11 - 00000000 ____D C:\Users\Larry\Documents\CyberLink
2016-12-31 20:36 - 2016-12-03 07:42 - 00000964 ___SH C:\ProgramData\Microsoft\Windows\Start Menu\Programs\desktop.ini
2016-12-31 20:36 - 2016-12-03 07:42 - 00000000 __RSD C:\WINDOWS\Fonts
2016-12-31 20:36 - 2016-12-03 01:55 - 00262144 _____ C:\Users\Default\NTUSER.DAT
2016-12-31 20:36 - 2015-09-25 01:23 - 00000000 ____D C:\Program Files (x86)\NSIS Uninstall Information
2016-12-31 20:36 - 2015-09-25 01:18 - 00000000 ____D C:\ProgramData\install_clap
2016-12-31 20:36 - 2015-09-25 01:18 - 00000000 ____D C:\Program Files (x86)\CyberLink
2016-12-31 20:36 - 2015-09-25 01:17 - 00000000 ____D C:\ProgramData\CyberLink
2016-12-31 20:36 - 2015-09-03 20:32 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2016-12-31 20:35 - 2016-11-15 22:11 - 00000000 ____D C:\ProgramData\install_backup
2016-12-31 20:35 - 2015-09-25 01:21 - 00000000 ____D C:\ProgramData\SUPPORTDIR
2016-12-31 20:19 - 2015-09-12 00:33 - 00000000 ____D C:\Users\Larry\Downloads\Cyberlink Purchases
2016-12-31 19:46 - 2015-09-25 03:44 - 00001535 _____ C:\Users\Larry\Desktop\DivX Movies.lnk
2016-12-31 19:46 - 2015-09-25 01:23 - 00000000 ____D C:\ProgramData\DivX
2016-12-31 19:46 - 2015-09-25 01:23 - 00000000 ____D C:\Program Files (x86)\DivX
2016-12-31 19:44 - 2015-09-25 03:44 - 00001174 _____ C:\Users\Public\Desktop\DivX Converter.lnk
2016-12-31 19:44 - 2015-09-25 03:44 - 00001149 _____ C:\Users\Public\Desktop\DivX Player.lnk
2016-12-31 19:44 - 2015-09-25 03:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DivX
2016-12-31 19:44 - 2015-09-25 03:24 - 00000000 ____D C:\Users\Larry\AppData\Roaming\DivX
2016-12-31 17:30 - 2016-01-16 12:29 - 00000000 ____D C:\Users\Larry\AppData\Local\FreemakeVideoConverter
2016-12-31 17:30 - 2016-01-16 12:28 - 00001407 _____ C:\Users\Public\Desktop\Freemake Video Converter.lnk
2016-12-31 17:30 - 2016-01-16 12:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Freemake
2016-12-31 04:45 - 2016-12-03 07:42 - 00000000 __RSD C:\WINDOWS\assembly
2016-12-30 06:29 - 2016-12-03 07:42 - 00000000 ____D C:\WINDOWS\system32\config\RegBack
2016-12-30 02:29 - 2015-09-03 20:21 - 00000000 ____D C:\Users\Larry\AppData\Local\Packages
2016-12-28 17:34 - 2015-09-03 20:21 - 00000000 ___RD C:\Users\Larry\Favorites
2016-12-25 00:04 - 2016-12-03 07:42 - 00000000 ___SD C:\ProgramData\Microsoft
2016-12-24 03:17 - 2016-12-03 09:44 - 00524288 ___SH C:\WINDOWS\system32\config\COMPONENTS{72a53a21-b964-11e6-a943-e41d2d0d3f20}.TMContainer00000000000000000002.regtrans-ms
2016-12-24 03:03 - 2016-12-03 01:55 - 00000000 ____D C:\WINDOWS\WinSxS
2016-12-20 05:48 - 2016-12-03 07:27 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-12-18 04:08 - 2016-12-03 07:42 - 00000000 ____D C:\WINDOWS\appcompat
2016-12-18 02:36 - 2016-12-03 07:42 - 00000000 ____D C:\WINDOWS\system32\WDI
2016-12-18 02:34 - 2016-12-03 07:42 - 00000000 ____D C:\WINDOWS\system32\LogFiles
2016-12-18 00:57 - 2015-09-04 15:45 - 00000000 ____D C:\ProgramData\Microsoft Help
2016-12-18 00:53 - 2013-08-22 06:25 - 00000167 _____ C:\WINDOWS\win.ini
2016-12-18 00:50 - 2016-12-03 07:42 - 00000000 ____D C:\WINDOWS\system32\restore
2016-12-18 00:38 - 2015-11-01 01:47 - 00000000 ____D C:\Users\Larry\AppData\Local\MSfree Inc
2016-12-18 00:27 - 2016-12-03 07:42 - 00000000 ____D C:\WINDOWS\SysWOW64\config
2016-12-13 13:40 - 2016-12-03 07:42 - 00000000 ____D C:\WINDOWS\system32\WinBioDatabase
2016-12-13 06:36 - 2016-12-03 07:42 - 00028672 _____ C:\WINDOWS\system32\config\BCD-Template
2016-12-13 06:34 - 2016-12-03 01:55 - 00073728 _____ C:\WINDOWS\system32\config\SAM
2016-12-13 05:54 - 2016-12-03 07:42 - 00000000 ____D C:\WINDOWS\system32\CodeIntegrity
2016-12-13 05:48 - 2016-12-03 07:42 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2016-12-13 05:48 - 2016-12-03 07:42 - 00000000 ____D C:\WINDOWS\system32\wbem
2016-12-13 05:48 - 2016-12-03 07:42 - 00000000 ____D C:\ProgramData\USOPrivate
2016-12-13 05:48 - 2016-04-07 03:08 - 00000000 ____D C:\Users\Larry\AppData\Local\ConnectedDevicesPlatform
2016-12-13 05:48 - 2015-09-03 21:14 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-12-13 05:48 - 2015-09-03 20:21 - 00000402 ___SH C:\Users\Larry\Documents\desktop.ini
2016-12-13 05:48 - 2015-09-03 20:21 - 00000174 ___SH C:\Users\Larry\AppData\Roaming\Microsoft\Windows\Start Menu\desktop.ini
2016-12-13 05:48 - 2015-09-03 20:21 - 00000000 ___RD C:\Users\Larry\Searches
2016-12-13 05:48 - 2015-09-03 20:21 - 00000000 ___RD C:\Users\Larry\Saved Games
2016-12-13 05:48 - 2015-09-03 20:21 - 00000000 ___RD C:\Users\Larry\Links
2016-12-13 05:48 - 2015-09-03 20:21 - 00000000 ___RD C:\Users\Larry\Contacts
2016-12-13 05:48 - 2015-09-03 20:21 - 00000000 ___RD C:\Users\Larry\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2016-12-13 05:47 - 2016-12-03 07:42 - 00000000 ____D C:\WINDOWS\debug
2016-12-13 05:47 - 2016-12-03 07:42 - 00000000 ____D C:\Users\Default\AppData\Local
2016-12-13 05:47 - 2016-12-03 07:42 - 00000000 ____D C:\Users\Default User\AppData\Local
2016-12-13 05:47 - 2016-12-03 01:55 - 00000000 __RHD C:\Users\Default
2016-12-13 05:47 - 2015-09-03 20:31 - 00000000 ____D C:\WINDOWS\SoftwareDistribution
2016-12-13 05:46 - 2016-12-03 07:42 - 00000000 ____D C:\WINDOWS\Registration
2016-12-13 05:46 - 2016-11-12 03:13 - 00000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2016-12-13 05:45 - 2016-12-03 07:42 - 00000000 __RSD C:\WINDOWS\Media
2016-12-13 05:45 - 2016-12-03 07:42 - 00000000 __RHD C:\Users\Public\Libraries
2016-12-13 05:45 - 2016-12-03 07:42 - 00000000 ____D C:\WINDOWS\System32\Tasks\Microsoft
2016-12-13 05:45 - 2016-12-03 07:42 - 00000000 ____D C:\WINDOWS\system32\Drivers\etc
2016-12-13 05:45 - 2016-12-03 07:42 - 00000000 ____D C:\WINDOWS\AppPatch
2016-12-13 05:45 - 2015-09-04 14:18 - 00022840 _____ C:\WINDOWS\system32\emptyregdb.dat
2016-12-13 05:45 - 2013-08-22 08:36 - 00000000 ___RD C:\Users\Public\Documents
2016-12-13 05:44 - 2016-12-03 07:42 - 00000000 ___SD C:\Users\Default\AppData\Roaming\Microsoft
2016-12-13 05:44 - 2016-12-03 07:42 - 00000000 ___SD C:\Users\Default User\AppData\Roaming\Microsoft
2016-12-13 05:44 - 2016-11-14 01:51 - 00000000 ____D C:\Users\Public\Creative
2016-12-13 05:43 - 2016-12-03 07:42 - 00000000 __SHD C:\Program Files\Windows Sidebar
2016-12-13 05:43 - 2016-12-03 07:42 - 00000000 __SHD C:\Program Files (x86)\Windows Sidebar
2016-12-13 05:43 - 2016-12-03 07:42 - 00000000 ____D C:\WINDOWS\SysWOW64\drivers
2016-12-13 05:43 - 2016-12-03 07:42 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-12-13 05:43 - 2016-10-01 22:15 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2016-12-13 05:43 - 2016-09-26 16:45 - 00000000 ____D C:\Users\Larry\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dell
2016-12-13 05:43 - 2016-09-13 23:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVD-Cloner Gold
2016-12-13 05:43 - 2016-07-01 22:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WeatherBug®
2016-12-13 05:43 - 2016-04-03 11:59 - 00000000 ____D C:\WINDOWS\ShellNew
2016-12-13 05:43 - 2016-01-21 22:39 - 00000000 ____D C:\Users\Larry\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\µTorrent
2016-12-13 05:43 - 2015-12-07 00:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Verizon Messages
2016-12-13 05:43 - 2015-11-23 12:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bing Desktop
2016-12-13 05:43 - 2015-11-01 01:44 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2016 Tools
2016-12-13 05:43 - 2015-09-25 01:54 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDVD 15
2016-12-13 05:43 - 2015-09-25 01:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
2016-12-13 05:43 - 2015-09-25 01:19 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink Media Suite
2016-12-13 05:43 - 2015-09-12 04:37 - 00000000 ____D C:\Users\Larry\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2016-12-13 05:43 - 2015-09-12 04:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2016-12-13 05:43 - 2015-09-12 03:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell Display Manager
2016-12-13 05:43 - 2015-09-04 13:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2016-12-13 05:43 - 2015-09-04 00:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox 20 GB
2016-12-13 05:43 - 2015-09-03 23:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\8GadgetPack
2016-12-13 05:43 - 2015-09-03 23:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Creative
2016-12-13 05:43 - 2015-09-03 23:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
2016-12-13 05:43 - 2015-09-03 20:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Alienware
2016-12-13 05:42 - 2016-12-03 07:46 - 00004176 _____ C:\WINDOWS\DtcInstall.log
2016-12-13 05:39 - 2016-12-03 07:42 - 00000000 ___RD C:\Users\Public
2016-12-13 05:39 - 2016-12-03 07:42 - 00000000 ____D C:\WINDOWS\twain_32
2016-12-13 05:39 - 2016-12-03 07:42 - 00000000 ____D C:\WINDOWS\SysWOW64\oobe
2016-12-13 05:39 - 2016-12-03 07:42 - 00000000 ____D C:\WINDOWS\SysWOW64\GroupPolicy
2016-12-13 05:39 - 2016-12-03 07:42 - 00000000 ____D C:\WINDOWS\SysWOW64\en-US
2016-12-13 05:39 - 2016-12-03 07:42 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2016-12-13 05:39 - 2016-12-03 07:42 - 00000000 ____D C:\WINDOWS\system32\spool
2016-12-13 05:39 - 2016-12-03 07:42 - 00000000 ____D C:\WINDOWS\system32\Recovery
2016-12-13 05:39 - 2016-12-03 07:42 - 00000000 ____D C:\WINDOWS\system32\oobe
2016-12-13 05:39 - 2016-12-03 07:42 - 00000000 ____D C:\WINDOWS\system32\NDF
2016-12-13 05:39 - 2016-12-03 07:42 - 00000000 ____D C:\WINDOWS\system32\InputMethod
2016-12-13 05:39 - 2016-12-03 07:42 - 00000000 ____D C:\WINDOWS\system32\en-US
2016-12-13 05:39 - 2016-12-03 07:42 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2016-12-13 05:39 - 2016-12-03 07:42 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2016-12-13 05:39 - 2016-12-03 07:42 - 00000000 ____D C:\WINDOWS\InputMethod
2016-12-13 05:39 - 2016-12-03 07:42 - 00000000 ____D C:\WINDOWS\IME
2016-12-13 05:39 - 2016-12-03 07:42 - 00000000 ____D C:\WINDOWS\HoloShell
2016-12-13 05:39 - 2016-12-03 07:42 - 00000000 ____D C:\Program Files\Internet Explorer
2016-12-13 05:39 - 2016-12-03 07:42 - 00000000 ____D C:\Program Files\Common Files\System
2016-12-13 05:39 - 2016-12-03 07:42 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2016-12-13 05:39 - 2016-12-03 07:42 - 00000000 ____D C:\Program Files (x86)\Microsoft.NET
2016-12-13 05:39 - 2016-12-03 01:55 - 00000000 ___RD C:\Users
2016-12-13 05:39 - 2016-11-22 01:25 - 00000000 ____D C:\Program Files\Microsoft.NET
2016-12-13 05:39 - 2016-09-11 02:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\e-Sword
2016-12-13 05:39 - 2016-06-14 04:20 - 00000000 __RSD C:\WINDOWS\system32\WindowsDevicePortal
2016-12-13 05:39 - 2016-06-14 04:20 - 00000000 ___RD C:\WINDOWS\WebManagement
2016-12-13 05:39 - 2016-01-29 01:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SlySoft
2016-12-13 05:39 - 2016-01-29 01:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Elaborate Bytes
2016-12-13 05:39 - 2016-01-22 01:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\O&O Software
2016-12-13 05:39 - 2016-01-15 02:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech
2016-12-13 05:39 - 2016-01-07 02:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Kits
2016-12-13 05:39 - 2015-12-19 01:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SanDisk
2016-12-13 05:39 - 2015-11-13 20:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NeoSmart Technologies
2016-12-13 05:39 - 2015-09-25 01:19 - 00000000 ___DC C:\WINDOWS\system32\DRVSTORE
2016-12-13 05:39 - 2015-09-04 00:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Qualcomm Atheros
2016-12-13 05:39 - 2015-09-03 23:49 - 00000000 ___HD C:\WINDOWS\system32\WLANProfiles
2016-12-13 05:39 - 2015-09-03 20:31 - 00000000 ____D C:\Program Files\Intel
2016-12-13 05:39 - 2013-08-22 08:36 - 00000000 ___HD C:\WINDOWS\system32\GroupPolicy
2016-12-13 05:39 - 2013-08-22 08:36 - 00000000 ____D C:\WINDOWS\system32\WindowsInternal.Inbox.Shared
2016-12-13 05:39 - 2013-08-22 08:36 - 00000000 ____D C:\WINDOWS\system32\WindowsInternal.Inbox.Media.Shared
2016-12-13 05:38 - 2016-12-03 07:42 - 00000000 ____D C:\WINDOWS\Help
2016-12-13 05:38 - 2016-12-03 01:55 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2016-12-13 05:38 - 2016-03-14 23:14 - 00000000 ____D C:\Users\Larry\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Amazon
2016-12-13 05:38 - 2016-01-16 12:28 - 00000000 ____D C:\Users\Larry\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Freemake
2016-12-13 05:38 - 2013-09-21 22:51 - 00000000 ____D C:\Recovery
2016-12-13 05:37 - 2016-12-03 07:42 - 00000000 ____D C:\WINDOWS\system32\config\TxR
2016-12-13 04:08 - 2016-01-21 22:40 - 00000000 ____D C:\torrent downloads
2016-12-12 16:30 - 2015-09-03 23:29 - 01853376 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll
2016-12-12 16:30 - 2015-09-03 23:29 - 01755072 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspbridge64.dll
2016-12-12 16:30 - 2015-09-03 23:29 - 01452480 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll
2016-12-12 16:30 - 2015-09-03 23:29 - 01317312 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspbridge.dll
2016-12-11 20:03 - 2016-10-24 09:13 - 28201408 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2016-12-11 20:03 - 2016-10-24 09:13 - 09158616 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2016-12-11 20:03 - 2016-10-24 09:13 - 03934504 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2016-12-11 20:03 - 2016-10-24 09:13 - 03474392 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2016-12-11 20:03 - 2016-10-24 09:13 - 00572888 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll
2016-12-11 20:03 - 2016-10-24 09:13 - 00042286 _____ C:\WINDOWS\system32\nvinfo.pb
2016-12-11 11:47 - 2016-10-24 09:14 - 00001951 _____ C:\WINDOWS\NvContainerRecovery.bat
==================== Files in the root of some directories =======
2015-09-04 15:43 - 2015-09-04 15:43 - 0000624 _____ () C:\Users\Larry\AppData\Roaming\All CPU MeterV3_Settings.ini
2017-01-01 00:31 - 2017-01-01 00:31 - 0000046 _____ () C:\Users\Larry\AppData\Roaming\WB.CFG
2016-08-06 16:45 - 2016-08-06 16:45 - 0000367 _____ () C:\Users\Larry\AppData\Roaming\Weather Meter_Settings.ini
2015-09-03 23:56 - 2015-09-03 23:56 - 0000000 _____ () C:\Users\Larry\AppData\Local\Driver_LOM_8161Present.flag
2017-01-08 09:04 - 2017-01-08 09:04 - 0001197 _____ () C:\Users\Larry\AppData\Local\recently-used.xbel
2016-10-29 22:25 - 2016-10-29 22:58 - 0000125 ___SH () C:\ProgramData\.zreglib
2015-09-03 23:01 - 2015-09-03 23:01 - 0000057 _____ () C:\ProgramData\Ament.ini
2016-12-31 04:45 - 2016-12-31 04:47 - 0000319 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc
2017-01-02 15:02 - 2017-01-10 07:26 - 0003135 _____ () C:\ProgramData\NvTelemetryContainer.log
2017-01-02 15:02 - 2017-01-08 07:49 - 0005110 _____ () C:\ProgramData\NvTelemetryContainer.log_backup1
Some files in TEMP:
====================
C:\Users\Larry\AppData\Local\Temp\gusetup0.exe

==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2016-12-30 06:29
==================== End of FRST.txt ============================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 08-01-2017
Ran by Larry (10-01-2017 10:18:20)
Running from C:\Users\Larry\Desktop
Windows 10 Pro Insider Preview Version 1607 (X64) (2016-12-13 12:48:09)
Boot Mode: Normal
==========================================================

==================== Accounts: =============================
Administrator (S-1-5-21-3336670907-1719923216-113533501-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3336670907-1719923216-113533501-503 - Limited - Disabled)
Guest (S-1-5-21-3336670907-1719923216-113533501-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3336670907-1719923216-113533501-1005 - Limited - Enabled)
lacos (S-1-5-21-3336670907-1719923216-113533501-1004 - Limited - Disabled)
Larry (S-1-5-21-3336670907-1719923216-113533501-1001 - Administrator - Enabled) => C:\Users\Larry
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Norton Security (Enabled - Up to date) {53C7D717-52E2-B95E-FA61-6F32ECC805DB}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Norton Security (Enabled - Up to date) {E8A636F3-74D8-B6D0-C0D1-5440974F4F66}
FW: Norton Security (Enabled) {6BFC5632-188D-B806-D13E-C607121B42A0}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
µTorrent (HKLM-x32\...\uTorrent) (Version: 2.2.1 - )
8GadgetPack (HKLM-x32\...\{F7EF899D-0339-4279-8FB1-96801D829A3F}) (Version: 8.0.1 - Helmut Buhler)
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 15.023.20053 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 24.0.0.180 - Adobe Systems Incorporated)
Advanced Uninstaller PRO - Version 12 (HKLM-x32\...\AU11_is1) (Version: 12.15.0.70 - Innovative Solutions)
AlienRespawn (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 1.9.2.8 - Alienware)
Alienware Command Center (HKLM-x32\...\InstallShield_{3B0BFF91-F5EE-4EE3-84B9-5822AF012632}) (Version: 4.0.51.0 - Dell Inc.)
Alienware Command Center (Version: 4.0.51.0 - Dell Inc.) Hidden
Alienware Digital Delivery (HKLM-x32\...\{693A23FB-F28B-4F7A-A720-4C1263F97F43}) (Version: 3.1.1002.0 - Dell Products, LP)
Amazon Kindle (HKU\S-1-5-21-3336670907-1719923216-113533501-1001\...\Amazon Kindle) (Version: 1.15.0.43061 - Amazon)
Ansel (Version: 376.33 - NVIDIA Corporation) Hidden
AnyDVD (HKLM-x32\...\AnyDVD) (Version: 7.6.9.0 - SlySoft)
Apple Application Support (HKLM-x32\...\{5D09C772-ECB3-442B-9CC6-B4341C78FDC2}) (Version: 2.3.4 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Assessments on Client (x32 Version: 10.1.10586.0 - Microsoft) Hidden
Bing Desktop (HKLM-x32\...\{7D095455-D971-4D4C-9EFD-9AF6A6584F3A}) (Version: 1.3.478.0 - Microsoft Corporation)
CloneBD (HKLM-x32\...\CloneBD) (Version: 1.0.7.3 - Elaborate Bytes)
CloneDVD2 (HKLM-x32\...\CloneDVD2) (Version: 2.9.3.3 - Elaborate Bytes)
CloneDVDmobile (HKLM-x32\...\CloneDVDmobile) (Version: 1.9.2.0 - SlySoft)
CyberLink LabelPrint 2.5 (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.0.10521 - CyberLink Corp.)
CyberLink Media Suite 12 (HKLM-x32\...\InstallShield_{8F14AA37-5193-4A14-BD5B-BDF9B361AEF7}) (Version: 12.0 - CyberLink Corp.)
CyberLink PhotoDirector 5 (Version: 5.0.5424.0 - CyberLink Corp.) Hidden
CyberLink PhotoDirector 8 (HKLM-x32\...\{80986AB6-3CB0-49db-AB48-1600844D6374}) (Version: 8.0.2303.4 - CyberLink Corp.)
CyberLink Power2Go 10 Content Pack (HKLM-x32\...\InstallShield_{2BC3A01D-06C3-410B-9B0E-110F0E75C0A3}) (Version: 10.0.1104.0 - CyberLink Corp.)
CyberLink Power2Go 11 (HKLM-x32\...\{7A3F32E0-D8E1-40C1-8E1B-1F5693F2ADE0}) (Version: 11.0.1013.0 - CyberLink Corp.)
CyberLink Power2Go 11 Content Pack (HKLM-x32\...\{DE5573D6-AFCC-4484-AA03-67C41D1124DC}) (Version: 11.0.0920.0 - CyberLink Corp.)
CyberLink PowerDirector 12 (Version: 12.0.4210.0 - CyberLink Corp.) Hidden
CyberLink PowerDVD 15 (HKLM-x32\...\{DE85B8F3-D088-4D6E-A970-EE0BC7883A66}) (Version: 15.0.3305.58 - CyberLink Corp.)
CyberLink PowerDVD 16 (HKLM-x32\...\{7CD1ACC0-3DD0-4894-90C7-BF2A136C074D}) (Version: 16.0.2406.60 - CyberLink Corp.)
CyberLink WaveEditor 2 (HKLM-x32\...\{324F76CC-D8DD-4D87-B77D-D4AF5E1AA7B3}) (Version: 2.0.8205.0 - CyberLink Corp.)
Dell Data Vault (Version: 4.3.4.0 - Dell Inc.) Hidden
Dell Display Manager (HKLM-x32\...\{AC50C05D-9D57-40F5-B2EF-AC402F14312B}_is1) (Version:  - EnTech Taiwan)
Dell SupportAssist (HKLM\...\PC-Doctor for Windows) (Version: 1.1.6664.10 - Dell)
Dell SupportAssistAgent (HKLM-x32\...\{287348C8-8B47-4C36-AF28-441A3B7D8722}) (Version: 1.1.0.47 - Dell)
Dell System Detect (HKU\S-1-5-21-3336670907-1719923216-113533501-1001\...\58d94f3ce2c27db0) (Version: 7.9.0.10 - Dell)
Deluge 1.3.13 (HKLM-x32\...\Deluge) (Version:  - )
DivX Setup (HKLM\...\DivX Setup) (Version: 3.0.0.125 - DivX, LLC)
doPDF (Version: 8.8.946 - Softland) Hidden
doPDF 8 (HKLM-x32\...\{3aba8e0f-add2-4184-a828-80ee3352c738}) (Version: 8.8.946 - Softland)
Dropbox 20 GB (HKLM-x32\...\{597A58EC-42D6-4940-8739-FB94491B013C}) (Version: 0.9.0 - Dropbox, Inc.)
DVD-Cloner V12.30 Build 1404 (HKLM-x32\...\DVD-Cloner Gold_is1) (Version: 12.30.0.1404 - OpenCloner Inc.)
EasyBCD 2.3 (HKLM-x32\...\EasyBCD) (Version: 2.3 - NeoSmart Technologies)
e-Sword (HKLM-x32\...\{047B84FB-D809-485C-BFB0-9F9EF7DE6F5B}) (Version: 11.00.0006 - Rick Meyers)
e-Sword (HKLM-x32\...\{0BF38804-B6AE-4C32-9564-B0C0E7188D62}) (Version: 11.00.0006 - Rick Meyers)
Free NFO Viewer (HKLM-x32\...\{62DBB49B-1937-47AB-90B9-F564965BAC91}) (Version: 1.0.0 - Media Freeware)
Freemake Video Converter version 4.1.9 (HKLM-x32\...\Freemake Video Converter_is1) (Version: 4.1.9 - Ellora Assets Corporation)
Glary Utilities PRO 5.67 (HKLM-x32\...\Glary Utilities 5) (Version: 5.67.0.88 - Glarysoft Ltd)
Herramientas de corrección de Microsoft Office 2016: español (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
HP Officejet 6700 Basic Device Software (HKLM\...\{A1CFA587-90D4-4DE6-B200-68CC0F92252F}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Officejet 6700 Help (HKLM-x32\...\{E1AE0CB7-1333-4728-8520-CB3F88A252B4}) (Version: 140.0.2.2 - Hewlett Packard)
HP Officejet 6700 Product Improvement Study (HKLM\...\{988D55BB-08DE-43C9-8D16-3751361E2A79}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
I.R.I.S. OCR (HKLM-x32\...\{CA6BCA2F-EDEB-408F-850B-31404BE16A61}) (Version: 12.3.4.0 - HP)
Imaging And Configuration Designer (x32 Version: 10.1.10586.0 - Microsoft) Hidden
Imaging Tools Support (x32 Version: 10.1.10586.0 - Microsoft) Hidden
Intel® Chipset Device Software (x32 Version: 10.0.13 - Intel® Corporation) Hidden
Intel® Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.4.1186 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 14.8.0.1042 - Intel Corporation)
Intel® Wireless Bluetooth®(patch version 17.0.1427.2) (HKLM\...\{302600C1-6BDF-4FD1-1406-148929CC1385}) (Version: 17.1.1406.0472 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{694000a5-c594-49d2-b6e4-ef3960120b0f}) (Version: 17.1.0 - Intel Corporation)
Intel® Security Assist (HKLM-x32\...\{8B08DDA1-FDE7-4897-8EB6-E0B048A6D88B}) (Version: 1.0.1.618 - Intel Corporation)
Kits Configuration Installer (x32 Version: 10.1.10586.0 - Microsoft) Hidden
Logitech SetPoint 6.67 (HKLM\...\sp6) (Version: 6.67.83 - Logitech)
Logitech Unifying Software 2.50 (HKLM\...\Logitech Unifying) (Version: 2.50.25 - Logitech)
Malware Hunter 1.27.0.44 (HKLM-x32\...\Malware Hunter) (Version: 1.27.0.44 - Glarysoft Ltd)
Message+ (HKLM-x32\...\{c828830f-53d4-4a2f-ad5a-0b86574bce11}) (Version: 1.0.17.0 - Verizon)
Message+ (x32 Version: 1.0.17.0 - Verizon) Hidden
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Office Professional Plus 2016 (HKLM\...\Office16.PROPLUS) (Version: 16.0.4266.1001 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3336670907-1719923216-113533501-1001\...\OneDriveSetup.exe) (Version: 17.3.6720.1207 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Mozilla Firefox 50.1.0 (x64 en-US) (HKLM\...\Mozilla Firefox 50.1.0 (x64 en-US)) (Version: 50.1.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 50.1.0 - Mozilla)
MSI ODD Monitor (HKLM-x32\...\InstallShield_{B7D9BAAA-F068-4BF8-B929-462C3A8AB677}) (Version: 1.0.0.7 - Micro-Star Int'l Co., Ltd.)
MSI ODD Monitor (x32 Version: 1.0.0.7 - Micro-Star Int'l Co., Ltd.) Hidden
Norton Security (HKLM-x32\...\NSBU) (Version: 22.8.1.14 - Symantec Corporation)
novaPDF 8 add-in for Microsoft Office (x64) (HKLM\...\{5DFCF6F7-EE45-4FFC-8B63-E0D5FAF9BF6B}) (Version: 8.8.946 - Softland)
novaPDF 8 add-in for Microsoft Office (x86) (HKLM-x32\...\{B1C79167-9B86-413A-9E91-97CA6BC28DC1}) (Version: 8.8.946 - Softland)
novaPDF 8 Printer Driver (HKLM\...\{45ACC237-36D7-4071-8BFE-54DA41A0EC21}) (Version: 8.8.946 - Softland)
novaPDF 8 SDK COM (x64) (HKLM\...\{F3836946-7615-418E-A0E6-611F80E9832D}) (Version: 8.3.931 - Softland)
novaPDF 8 SDK COM (x86) (HKLM-x32\...\{522153DA-9319-4E93-87BB-6632C85947F3}) (Version: 8.3.931 - Softland)
NVIDIA 3D Vision Controller Driver 369.04 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 369.04 - NVIDIA Corporation)
NVIDIA 3D Vision Driver 376.33 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 376.33 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.2.0.96 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.2.0.96 - NVIDIA Corporation)
NVIDIA Graphics Driver 376.33 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 376.33 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.34.17 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.17 - NVIDIA Corporation)
NVIDIA Miracast Virtual Audio 355.82 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Miracast.VirtualAudio) (Version: 355.82 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation)
NvNodejs (Version: 3.2.0.96 - NVIDIA Corporation) Hidden
NvTelemetry (Version: 2.0.0.0 - NVIDIA Corporation) Hidden
O&O DiskRecovery (HKLM\...\{175386F1-1556-400B-ABEA-79C96C4C3A47}) (Version: 11.0.17 - O&O Software GmbH)
Outils de vérification linguistique 2016 de Microsoft Office - Français (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
PhotoNow (x32 Version: 1.1.7717 - CyberLink Corp.) Hidden
PowerDirector (Version: 12.0 - CyberLink Corp.) Hidden
Qualcomm Atheros Bandwidth Control Filter Driver (Version: 1.1.42.1080 - Qualcomm Atheros) Hidden
Qualcomm Atheros Killer E220x Drivers (Version: 1.1.42.1080 - Qualcomm Atheros) Hidden
Qualcomm Atheros Killer Network Manager Suite (HKLM-x32\...\{E70DB50B-10B4-46BC-9DE2-AB8B49E061EE}) (Version: 1.1.42.1080 - Qualcomm Atheros)
Qualcomm Atheros Network Manager (Version: 1.1.42.1080 - Qualcomm Atheros) Hidden
QuickTime (HKLM-x32\...\{B67BAFBA-4C9F-48FA-9496-933E3B255044}) (Version: 7.74.80.86 - Apple Inc.)
RealDownloader (x32 Version: 18.1.6.161 - RealNetworks, Inc.) Hidden
RealDownloader (x32 Version: 18.1.6.165 - RealNetworks) Hidden
RealNetworks - Microsoft Visual C++ 2008 Runtime (x32 Version: 9.0 - RealNetworks, Inc) Hidden
RealNetworks - Microsoft Visual C++ 2010 Runtime (x32 Version: 10.0 - RealNetworks, Inc) Hidden
RealPlayer (RealTimes) (HKLM-x32\...\RealPlayer 18.1) (Version: 18.1.6 - RealNetworks)
RealUpgrade 1.1 (x32 Version: 1.1.0 - RealNetworks, Inc.) Hidden
Revo Uninstaller 2.0.2 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.0.2 - VS Revo Group, Ltd.)
SanDisk SSD Dashboard (HKLM-x32\...\SanDisk SSD Dashboard) (Version: 1.4.1 - SanDisk Corporation)
SanDisk SSD Dashboard Service (HKLM-x32\...\{EE9255E4-283A-4318-ABB6-A75BEE59ACA3}) (Version: 1.0.0 - SanDisk Corporation)
SHIELD Streaming (Version: 7.1.0350 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 3.2.0.96 - NVIDIA Corporation) Hidden
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.4.0.9058 - Microsoft Corporation)
Skype™ 7.30 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.30.105 - Skype Technologies S.A.)
Sound Blaster Recon3Di (HKLM-x32\...\{F58259E2-91F3-4904-9DD7-6FDC455BABE1}) (Version: 1.00.08 - Creative Technology Limited)
Sound Blaster Recon3Di Extras (HKLM-x32\...\{C45E715E-442E-4D82-BD46-A08A0870957C}) (Version: 1.0 - Creative Technology Limited)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Toolkit Documentation (x32 Version: 10.1.10586.0 - Microsoft) Hidden
TurboTax 2016 (HKLM-x32\...\TurboTax 2016) (Version: 2016.0 - Intuit, Inc)
Update for Skype for Business 2016 (KB3127980) 64-Bit Edition (HKLM\...\{90160000-0011-0000-1000-0000000FF1CE}_Office16.PROPLUS_{63487652-EA1D-4817-B4EB-B3D29A441B8F}) (Version:  - Microsoft)
Update for Skype for Business 2016 (KB3127980) 64-Bit Edition (HKLM\...\{90160000-012B-0409-1000-0000000FF1CE}_Office16.PROPLUS_{63487652-EA1D-4817-B4EB-B3D29A441B8F}) (Version:  - Microsoft)
UpdateService (x32 Version: 1.0.0 - RealNetworks, Inc.) Hidden
User State Migration Tool (x32 Version: 10.1.10586.0 - Microsoft) Hidden
vc2012_redist (x32 Version: 1.0.0.0 - Realnetworks) Hidden
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
Video Downloader (x32 Version: 1.3.0 - RealNetworks) Hidden
Volume Activation Management Tool (x32 Version: 10.1.10586.0 - Microsoft) Hidden
vs2015_redist x86 (x32 Version: 1.0.0.0 - Realnetworks) Hidden
Vulkan Run Time Libraries 1.0.26.0 (HKLM\...\VulkanRT1.0.26.0) (Version: 1.0.26.0 - LunarG, Inc.)
WeatherBug® (HKLM-x32\...\WeatherBug®) (Version: 10.0.7.4 - Earth Networks, Inc.)
Windows Assessment and Deployment Kit - Windows 10 (HKLM-x32\...\{82daddb6-d4e0-42cb-988d-1e7f5739e155}) (Version: 10.1.10586.0 - Microsoft Corporation)
WinRAR 5.21 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
WPT Redistributables (x32 Version: 10.1.10586.0 - Microsoft) Hidden
WPTx64 (x32 Version: 10.1.10586.0 - Microsoft) Hidden
Yahoo! Powered (HKLM-x32\...\{A10649C6-F186-9846-4006-E8C690863B46}) (Version:  - )
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-3336670907-1719923216-113533501-1001_Classes\CLSID\{083f5ae0-2b0a-11dd-bd0b-0800200c9a66}\InprocServer32 -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3336670907-1719923216-113533501-1001_Classes\CLSID\{0B7AD8D3-094A-44DE-A348-83C6C3FA347C}\InprocServer32 -> C:\Users\Larry\AppData\Local\Microsoft\Windows Sidebar\Gadgets\Clipboarder.gadget\Release\Clipboarder64.dll (Helmut Buhler)
CustomCLSID: HKU\S-1-5-21-3336670907-1719923216-113533501-1001_Classes\CLSID\{0E7BE950-4ACC-47CB-834B-41A8B96BBFF9}\InprocServer32 -> C:\Users\Larry\AppData\Local\Microsoft\Windows Sidebar\Gadgets\Sidebar7.gadget\Release\Sidebar7.64.dll (Helmut Buhler)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0A1A42DA-4E60-4F30-AC4B-ADA79F792645} - System32\Tasks\doPDF Update => C:\Program Files\Softland\novaPDF 8\Driver\UpdateApplication.exe [2016-12-16] ()
Task: {138F5F15-0110-44B8-ACD4-691C13340083} - System32\Tasks\CrystalDiskInfo => C:\Users\Larry\Downloads\CrystalDiskInfo6_5_2ShizukuUltimate\DiskInfoS.exe [2015-06-14] (Crystal Dew World)
Task: {1AEA1CDD-573A-40EB-8AFB-04DC527E5B89} - System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-3336670907-1719923216-113533501-1001 => C:\Program Files (x86)\Real\RealDownloader\RealUpgrade.exe [2016-11-11] (RealNetworks, Inc.)
Task: {1BD0112E-7852-4BF3-BB63-C750E166B0E5} - System32\Tasks\DeviceDetector7 => C:\Program Files (x86)\CyberLink\MediaEspresso7\DeviceDetector\DeviceDetector7.exe [2015-09-10] (CyberLink)
Task: {21DCAC9D-5780-4633-AAEA-B459498B654B} - System32\Tasks\PCDEventLauncherTask => C:\Program Files\Alienware\SupportAssist\sessionchecker.exe [2015-05-25] (PC-Doctor, Inc.)
Task: {22B13C2F-3542-45B0-99CC-AFD03D7FADC4} - System32\Tasks\KMSAutoNet => C:\ProgramData\KMSAutoS\KMSAuto Net.exe [2017-01-02] (MSFree Inc.)
Task: {22E7EF14-0FC1-4EBD-88E6-D3CBD745C6D4} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {27DFD54D-5D75-42FA-A3DC-7AEF314DDBAC} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {2C13C0FC-1686-4EDF-B208-90146878D016} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [2015-07-31] (Microsoft Corporation)
Task: {2D264788-ADA1-409F-A818-3674D2C74269} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {2F431CA5-1A07-4DBF-B9FB-E13EB2E94F84} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterDeviceProtectionStateChanged
Task: {2FCBAD95-7565-4791-AB68-D95AD1534C82} - System32\Tasks\Dell SupportAssistAgent AutoUpdate => C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssist.exe [2015-06-11] (Dell Inc.)
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe
Task: {389D51D2-530F-4C82-AEE7-6BDF56B35850} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {38FC6311-E6BE-419E-9CA3-E73800AAE006} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2016-12-12] (NVIDIA Corporation)
Task: {39CC15E8-CB2F-420E-BA71-14D3D024CF59} - System32\Tasks\AupAvUpdate => C:\Program Files (x86)\Innovative Solutions\Advanced Uninstaller PRO\updAvTask.exe [2016-06-01] ()
Task: {4250350E-D3D5-432B-B742-3675F0FC2CF7} - System32\Tasks\Health-Check => C:\Program Files (x86)\Innovative Solutions\Advanced Uninstaller PRO\healthcheck.exe [2016-11-03] (Innovative Solutions)
Task: {4479DA0D-1C11-4A90-959A-6BC1834BD57A} - System32\Tasks\RealDownloader Update Check => C:\Program Files (x86)\Real\RealDownloader\downloader2.exe [2016-12-13] ()
Task: {5837BCE7-0AA9-4983-9D00-3821296B6F79} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {589375FE-E581-4B54-ADAC-EF672E60AF65} - \Microsoft\XblGameSave\XblGameSaveTask\Logon -> No File <==== ATTENTION
Task: {66C5910E-9552-4B94-950E-C8553405E945} - System32\Tasks\UninstallMonitor => C:\Program Files (x86)\Innovative Solutions\Advanced Uninstaller PRO\uninstaller.exe [2016-11-03] (Innovative Solutions GRUP SRL)
Task: {68BBB67F-C9FB-44B2-9B7B-E32ED99812BB} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2016-12-12] (NVIDIA Corporation)
Task: {6BE3094F-7AD4-4A73-A5E8-296CEABA7D1D} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2016-12-12] (NVIDIA Corporation)
Task: {6C6D46A2-8EEF-4D0B-882E-0BF88A972E01} - System32\Tasks\GlaryInitialize 5 => C:\Program Files (x86)\Glary Utilities 5\Initialize.exe [2017-01-02] (Glarysoft Ltd)
Task: {7597ADD9-C074-4C1E-A4A0-2650C0686697} - System32\Tasks\Microsoft\Windows\Subscription\EnableLicenseAcquisition => C:\WINDOWS\system32\ClipRenew.exe [2016-12-03] (Microsoft Corporation)
Task: {78CA7968-9717-4020-89B0-56F8BB37791D} - System32\Tasks\Remediation\AntimalwareMigrationTask => C:\Program Files\Common Files\AV\Norton Security\Upgrade.exe [2016-11-11] (Symantec Corporation)
Task: {82184F7B-5AC8-40B1-ABD1-2DF529D4FCF4} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2016-12-12] (NVIDIA Corporation)
Task: {88538C0D-602A-446E-BF83-81F9DAA298D3} - \WPD\SqmUpload_S-1-5-21-3336670907-1719923216-113533501-1001 -> No File <==== ATTENTION
Task: {8C250B7B-B8C0-4A40-B5DB-551545BCEAAF} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {91A185E7-1BF6-4CDC-AA72-36F743755BE1} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {9BBE3A12-39AD-48DA-885F-DA1D6D485E4C} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {AA57D100-BE05-42A1-8D07-32092D323B6F} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2016-12-12] (NVIDIA Corporation)
Task: {AAB40BF7-8BE7-4441-8F4D-454A3DCBA90B} - System32\Tasks\HPCustParticipation HP Officejet 6700 => C:\Program Files\HP\HP Officejet 6700\Bin\HPCustPartic.exe [2012-10-17] (Hewlett-Packard Co.)
Task: {B07571C8-9239-4A1B-992A-0F0975B575E0} - System32\Tasks\Toolbox.exe_{A121AC8C-E8D8-4974-84B8-45A1639C735E} => C:\Program Files\HP\HP Officejet 6700\Bin\Toolbox.exe [2012-10-17] (Hewlett-Packard Co.)
Task: {B1DB217B-1FE4-4673-8D4A-79F5724DF9ED} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {B279820C-DCF4-4066-8234-398E13EE85DB} - System32\Tasks\Health-Check-deep => C:\Program Files (x86)\Innovative Solutions\Advanced Uninstaller PRO\healthcheck.exe [2016-11-03] (Innovative Solutions)
Task: {BADFC92A-A2CF-4636-91BD-148B748D27F0} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton Security with Backup\Engine\22.8.1.14\WSCStub.exe [2016-11-11] (Symantec Corporation)
Task: {BD715A2C-3901-4136-B161-940F32EF2405} - System32\Tasks\PCDoctorBackgroundMonitorTask => C:\Program Files\Alienware\SupportAssist\uaclauncher.exe [2015-05-25] (PC-Doctor, Inc.)
Task: {C216F656-4E5E-478F-98AD-F19C4722C191} - System32\Tasks\GMHSkipUAC => C:\Program Files (x86)\Glarysoft\Malware Hunter\MalwareHunter.exe [2017-01-02] (Glarysoft Ltd)
Task: {C32B115B-90E4-4804-B9F7-861C37C77291} - System32\Tasks\Norton Security with Backup\Norton Error Processor => C:\Program Files (x86)\Norton Security with Backup\Engine\22.8.1.14\SymErr.exe [2016-11-11] (Symantec Corporation)
Task: {C58F1DF6-DD13-43F0-8E85-1AD5A6DCF633} - System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-3336670907-1719923216-113533501-1001 => C:\Program Files (x86)\Real\RealDownloader\RealUpgrade.exe [2016-11-11] (RealNetworks, Inc.)
Task: {C63A951E-F18F-413B-9881-5893FD7AF12C} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {C799313C-5E67-4883-A9E5-8CBEBA5719C5} - System32\Tasks\Yahoo! Powered rorir => Wscript.exe "C:\ProgramData\{7CD1B9B2-F693-3374-7055-AD36EA1726F8}\soma.txt" "687474703a2f2f7761676e672e636f6d" "433a5c50726f6772616d446174615c7b37434431423942322d463639332d333337342d373035352d4144333645413137323646387d5c6e696e696c65" "433a5c50726f6772616d446174615c7b37434431423942322d463639332d333337342d373035 (the data entry has 78 more characters).
Task: {CB5FFBF7-04B7-422A-A10A-E158304BD4FF} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {CDFB9941-193E-4F16-9F37-BD27397126D9} - System32\Tasks\Intel PTT EK Recertification => C:\Program Files\Intel\iCLS Client\IntelPTTEKRecertification.exe [2016-02-19] (Intel® Corporation)
Task: {D2B372CE-B468-4A68-90F7-FDE9AFD64A40} - System32\Tasks\Norton Security with Backup\Norton Autofix => C:\Program Files (x86)\Norton Security with Backup\Engine\22.8.1.14\SymErr.exe [2016-11-11] (Symantec Corporation)
Task: {D492CCE4-1598-4EC2-BFFE-D30D748C3488} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2015-07-31] (Microsoft Corporation)
Task: {E326602E-A55A-4DB3-8428-67A57CF0EB7C} - System32\Tasks\Microsoft\Windows\Subscription\LicenseAcquisition => C:\WINDOWS\system32\ClipRenew.exe [2016-12-03] (Microsoft Corporation)
Task: {E6CFB7E4-72BD-4C32-A382-C9114F4E6496} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {E978DBC7-5FBB-4369-BB39-53C7C331F5CB} - System32\Tasks\GU5SkipUAC => C:\Program Files (x86)\Glary Utilities 5\Integrator.exe [2017-01-02] (Glarysoft Ltd)
Task: {EC0DBF35-CA8D-46F2-83EA-0D2447AF6E5A} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-12-19] (Adobe Systems Incorporated)
Task: {F1F033BB-85C1-4793-9F0D-834CF7418F93} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2016-12-12] (NVIDIA Corporation)
Task: {F63452D3-D8B3-40F3-8107-747EC691E908} - System32\Tasks\Norton Security with Backup\Norton Error Analyzer => C:\Program Files (x86)\Norton Security with Backup\Engine\22.8.1.14\SymErr.exe [2016-11-11] (Symantec Corporation)
Task: {F70350B0-E067-4492-B035-FD31809E9705} - System32\Tasks\DivXUpdate => C:\Program Files (x86)\Common Files\DivX Shared\Qt4.8\DivXUpdate.exe [2016-11-11] (DivX, LLC)
Task: {F80142CF-167E-4F3D-BF86-F9531AD8E1B7} - System32\Tasks\Microsoft\Windows\BrokerInfrastructure\BgTaskRegistrationMaintenanceTask
Task: {FDEA19DF-8298-4662-B27B-D970D0B8AA39} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2016-12-12] (NVIDIA Corporation)
Task: {FFB99315-4172-42D3-9452-5C55240EE447} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [2015-07-31] (Microsoft Corporation)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\HP Officejet 6700.exe_{A4A32DF3-D6DA-4E0A-9ACA-605EF21923F3}.job => C:\Program Files\HP\HP Officejet 6700\Bin\HP Officejet 6700.exe x-install -prfn HP Officejet 6700 (Network) -ePCUrl hxxps:/h30495.www3.hp.com
Task: C:\WINDOWS\Tasks\Yahoo! Powered rorir.job => Wscript.exe  C:\ProgramData\{7CD1B9B2-F693-3374-7055-AD36EA1726F8}\soma.txt <==== ATTENTION
==================== Shortcuts =============================
(The entries could be listed to be restored or removed.)
Shortcut: C:\Users\Larry\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\µTorrent\µTorrent Homepage.lnk -> hxxp://www.utorrent.com
==================== Loaded Modules (Whitelisted) ==============
2016-12-03 07:34 - 2016-12-03 07:34 - 03142840 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-12-03 07:34 - 2016-12-03 07:34 - 03142840 _____ () C:\Windows\System32\CoreUIComponents.dll
2016-12-03 07:34 - 2016-12-03 07:34 - 00347136 _____ () C:\Windows\System32\HrtfApo.dll
2014-10-22 12:32 - 2014-10-22 12:32 - 02257232 _____ () C:\Program Files\Alienware\Command Center\DDR\MSIDDRService.exe
2014-08-18 19:33 - 2014-08-18 19:33 - 04033360 _____ () C:\Program Files\Alienware\Command Center\ClockGen\MSIClockService.exe
2014-08-07 19:14 - 2014-08-07 19:14 - 04174672 _____ () C:\Program Files\Alienware\Command Center\CPU\MSICPUService.exe
2014-08-01 12:42 - 2014-08-01 12:42 - 02067792 _____ () C:\Program Files\Alienware\Command Center\SMBus\MSISMBService.exe
2014-09-12 16:28 - 2014-09-12 16:28 - 02021712 _____ () C:\Program Files\Alienware\Command Center\MSIControlService.exe
2016-12-16 18:36 - 2016-12-16 18:36 - 00145696 _____ () C:\Program Files\Softland\novaPDF 8\Server\AgileDotNetRT64.dll
2017-01-02 15:01 - 2016-12-12 16:30 - 04489152 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\Poco.dll
2017-01-02 15:01 - 2016-12-12 16:30 - 01147328 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
2016-11-11 12:52 - 2016-11-11 12:52 - 00035104 _____ () C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe
2016-12-13 05:38 - 2016-12-11 11:47 - 00134712 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2016-12-03 07:34 - 2016-12-03 07:34 - 03142840 _____ () c:\windows\system32\CoreUIComponents.dll
2016-12-03 07:34 - 2016-12-03 07:34 - 00148752 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2016-12-03 07:34 - 2016-12-03 07:34 - 03142840 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll
2016-12-13 05:50 - 2016-12-13 05:50 - 01864384 _____ () C:\Users\Larry\AppData\Local\Microsoft\OneDrive\17.3.6517.0809_10\amd64\ClientTelemetry.dll
2016-10-18 02:45 - 2016-10-18 02:45 - 08911552 _____ () C:\Program Files\Microsoft Office\Office16\1033\GrooveIntlResource.dll
2016-12-03 07:35 - 2016-12-03 09:01 - 02004480 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-12-03 07:34 - 2016-12-03 07:34 - 03142840 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2016-07-01 22:20 - 2016-05-05 08:41 - 00108456 ____N () C:\Program Files\Earth Networks\WeatherBug\WeatherBug.exe
2015-09-25 01:21 - 2014-06-27 02:40 - 00241734 ____N () C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
2014-04-24 09:07 - 2014-04-24 09:07 - 00300544 _____ () C:\Program Files\Qualcomm Atheros\Network Manager\NetworkManager.exe
2015-09-03 23:50 - 2013-06-06 11:16 - 00012520 _____ () C:\Users\Larry\AppData\Local\Microsoft\Windows Sidebar\Gadgets\All_CPU_Meter.gadget\CoreTempReader.dll
2015-09-03 23:50 - 2013-06-06 11:16 - 00015080 _____ () C:\Users\Larry\AppData\Local\Microsoft\Windows Sidebar\Gadgets\All_CPU_Meter.gadget\GetCoreTempInfoNET.dll
2015-09-03 23:50 - 2013-06-06 11:16 - 00014056 _____ () C:\Users\Larry\AppData\Local\Microsoft\Windows Sidebar\Gadgets\All_CPU_Meter.gadget\SystemInfo.dll
2016-12-03 07:34 - 2016-12-03 07:34 - 00186368 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2016-12-03 07:35 - 2016-12-03 07:35 - 00816640 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2016-12-13 01:49 - 2016-12-13 01:50 - 00019456 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.1207.10020.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
2016-12-13 01:49 - 2016-12-13 01:50 - 21861888 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.1207.10020.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll
2016-06-06 16:22 - 2016-06-06 16:23 - 00680448 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.1207.10020.0_x64__8wekyb3d8bbwe\Microsoft.DesignCore.dll
2016-11-30 20:08 - 2016-11-30 20:08 - 00307712 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.1207.10020.0_x64__8wekyb3d8bbwe\Microsoft.RichMedia.Ink.Controls.dll
2016-11-30 20:08 - 2016-11-30 20:08 - 01046016 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.1207.10020.0_x64__8wekyb3d8bbwe\Microsoft.Sharing.dll
2016-06-21 11:27 - 2016-06-21 11:27 - 00291328 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.1207.10020.0_x64__8wekyb3d8bbwe\StoreRatingPromotion.dll
2015-07-30 03:32 - 2015-07-30 03:32 - 02210480 _____ () C:\Program Files\Microsoft Office\Office16\tmpod.dll
2016-11-15 06:28 - 2016-11-15 06:28 - 01466048 _____ () C:\Program Files\Microsoft Office\Office16\ADDINS\UmOutlookAddin.dll
2016-12-13 01:50 - 2016-12-13 01:50 - 00015872 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsFeedbackHub_1.1611.3471.0_x64__8wekyb3d8bbwe\PilotshubApp.exe
2016-12-13 01:50 - 2016-12-13 01:50 - 14038016 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsFeedbackHub_1.1611.3471.0_x64__8wekyb3d8bbwe\PilotshubApp.dll
2016-12-13 01:50 - 2016-12-13 01:50 - 00369664 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsFeedbackHub_1.1611.3471.0_x64__8wekyb3d8bbwe\Helper.dll
2016-12-03 07:35 - 2016-12-03 09:01 - 10812416 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-12-03 07:35 - 2016-12-03 09:01 - 01100800 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll
2016-12-03 07:35 - 2016-12-03 09:01 - 05280256 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2014-08-13 12:56 - 2014-08-13 12:56 - 00102736 _____ () C:\Program Files\Alienware\Command Center\ClockGen\IccLibDll.dll
2016-11-11 12:52 - 2016-11-11 12:52 - 00040248 _____ () C:\Program Files (x86)\Real\UpdateService\DL2UpdatePlugin.dll
2016-11-11 12:52 - 2016-11-11 12:52 - 00042296 _____ () C:\Program Files (x86)\Real\UpdateService\RealDownloaderUpdatePlugin.dll
2016-11-11 12:52 - 2016-11-11 12:52 - 00039752 _____ () C:\Program Files (x86)\Real\UpdateService\VideoDLUpdatePlugin.dll
2017-01-02 15:02 - 2016-12-12 16:30 - 00018880 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2017-01-02 15:01 - 2016-12-12 16:30 - 00900032 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll
2017-01-02 15:01 - 2016-12-12 16:30 - 03774400 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\Poco.dll
2016-11-15 22:11 - 2016-04-19 04:12 - 00695808 _____ () C:\Program Files (x86)\CyberLink\Power2Go11\tag.dll
2016-11-15 22:11 - 2016-10-20 00:50 - 00915736 _____ () C:\Program Files (x86)\CyberLink\Power2Go11\UNO.dll
2016-11-15 22:11 - 2016-10-11 03:00 - 01912088 _____ () C:\Program Files (x86)\CyberLink\Power2Go11\Language\ENU\P2GRC.dll
2016-11-15 22:11 - 2016-10-20 00:51 - 01621272 _____ () C:\Program Files (x86)\CyberLink\Power2Go11\runtime\authoring\AuroraU.dll
2015-09-25 01:21 - 2014-06-27 02:40 - 00028672 ____N () C:\Program Files (x86)\Cyberlink\Shared files\RichVideops.dll
2016-11-15 22:11 - 2012-10-31 23:10 - 00548352 _____ () C:\Program Files (x86)\CyberLink\Power2Go11\runtime\mediacache\libmatroska.dll
2016-11-15 22:11 - 2012-10-31 23:10 - 00249344 _____ () C:\Program Files (x86)\CyberLink\Power2Go11\runtime\mediacache\libebml.dll
2016-11-15 22:11 - 2016-10-20 00:50 - 00192792 _____ () C:\Program Files (x86)\CyberLink\Power2Go11\CLVistaAudioMixer.dll
2016-11-15 22:11 - 2016-10-20 00:52 - 00334104 _____ () C:\Program Files (x86)\CyberLink\Power2Go11\runtime\authoring\EditingMgrWrapperU.dll
2016-11-15 22:11 - 2016-10-20 00:52 - 00634648 _____ () C:\Program Files (x86)\CyberLink\Power2Go11\CLMediaLibrary.dll
2016-12-31 20:36 - 2016-12-06 00:49 - 00882456 _____ () C:\Program Files (x86)\CyberLink\PowerDVD16\common\UNO\UNO.dll
2016-12-31 20:36 - 2016-04-06 01:09 - 00087552 _____ () C:\Program Files (x86)\CyberLink\PowerDVD16\Common\Koan\_ctypes.pyd
2016-12-31 20:36 - 2016-04-06 01:09 - 00805888 _____ () C:\Program Files (x86)\CyberLink\PowerDVD16\Common\Koan\_hashlib.pyd
2016-12-31 20:36 - 2016-04-06 01:09 - 00045568 _____ () C:\Program Files (x86)\CyberLink\PowerDVD16\Common\Koan\_socket.pyd
2016-12-31 20:36 - 2016-04-06 01:09 - 01243136 _____ () C:\Program Files (x86)\CyberLink\PowerDVD16\Common\Koan\_ssl.pyd
2016-12-31 20:36 - 2016-12-06 00:49 - 00059160 _____ () C:\Program Files (x86)\CyberLink\PowerDVD16\Kernel\DHProcedure\DHProcedure.dll
2015-11-23 13:13 - 2014-09-05 11:55 - 00132808 _____ () C:\Users\Larry\AppData\Local\Microsoft\BingDesktop\en-US\Apps\Wallpaper_5386c77076d04cf9a8b5d619b4cba48e\1.4.82\wallpaper.dll
2015-03-16 10:28 - 2015-03-16 10:28 - 00155528 _____ () C:\Program Files (x86)\Dell Digital Delivery\ServiceTagPlusPlus.dll
2017-01-02 15:02 - 2016-12-12 07:36 - 00525760 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvSpCapsAPINode.node
2017-01-02 15:02 - 2016-12-12 07:36 - 00254008 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\DriverInstall.node
2017-01-02 15:02 - 2016-12-12 07:36 - 02808888 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\Downloader.node
2017-01-02 15:02 - 2016-12-12 07:36 - 00384568 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvGameShareAPINode.node
2017-01-02 15:02 - 2016-12-12 07:36 - 00447424 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvGalleryAPINode.node
2017-01-02 15:02 - 2016-12-12 07:36 - 00336832 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVAccountAPINode.node
2017-01-02 15:02 - 2016-12-12 07:36 - 01003456 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvCameraAPINode.node
2017-01-02 15:02 - 2016-12-12 07:36 - 00956472 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvSDKAPINode.node
2016-01-05 10:19 - 2015-12-18 16:52 - 01607920 _____ () C:\Program Files (x86)\AlienRespawn\Components\Restore\STRestoreAPI.dll
2015-09-03 20:32 - 2012-11-25 23:19 - 01153384 _____ () C:\Program Files (x86)\AlienRespawn\Components\Restore\libxml2.dll
2015-10-06 14:57 - 2014-02-18 14:12 - 00117568 _____ () C:\Program Files (x86)\AlienRespawn\Components\Restore\zlib1.dll
2017-01-10 07:16 - 2017-01-10 07:16 - 01244376 _____ () C:\Users\Larry\AppData\Local\Microsoft\OneDrive\17.3.6720.1207\ClientTelemetry.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)

==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)

==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2013-08-22 06:25 - 2017-01-02 03:54 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts

==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-3336670907-1719923216-113533501-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Larry\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\panoramic_waves1.jpg
DNS Servers: 24.56.178.101 - 24.56.178.102
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
HKLM\...\StartupApproved\StartupFolder: => "Dell Display Manager.lnk"
HKLM\...\StartupApproved\StartupFolder: => "PlutoTV.lnk"
HKLM\...\StartupApproved\Run: => "Logitech Download Assistant"
HKLM\...\StartupApproved\Run: => "NvBackend"
HKLM\...\StartupApproved\Run: => "ShadowPlay"
HKLM\...\StartupApproved\Run32: => "UpdReg"
HKLM\...\StartupApproved\Run32: => "DropboxOEM"
HKLM\...\StartupApproved\Run32: => "HP Software Update"
HKLM\...\StartupApproved\Run32: => "Sound Blaster Recon3Di SBX Control Panel"
HKU\S-1-5-21-3336670907-1719923216-113533501-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-3336670907-1719923216-113533501-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-3336670907-1719923216-113533501-1001\...\StartupApproved\Run: => "Skype"
HKU\S-1-5-21-3336670907-1719923216-113533501-1001\...\StartupApproved\Run: => "Power2GoExpress10"
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [vm-monitoring-nb-session] => LPort=139
FirewallRules: [holoshellapp-In-TCP] => %systemroot%\holoshell\holoshellapp.exe
FirewallRules: [holoshellapp-Out-TCP] => %systemroot%\holoshell\holoshellapp.exe
FirewallRules: [compositor-In-TCP] => LPort=48862
FirewallRules: [compositor-Out-TCP] => LPort=48862
FirewallRules: [{0ADD1729-BDAA-4AA9-9233-FDECC518F992}] => C:\Program Files (x86)\360\Total Security\safemon\QHSafeTray.exe
FirewallRules: [{B27C9A6D-2DD5-47C1-BFBF-CEF3FC9FEFA1}] => C:\Program Files (x86)\360\Total Security\safemon\QHSafeTray.exe
FirewallRules: [{82C006B0-FCB7-4C49-B111-9D9AC916519B}] => C:\Program Files\Microsoft Office\Office16\UcMapi.exe
FirewallRules: [{55EE65FE-3BCF-4D56-879E-9B87D300566E}] => C:\Program Files\Microsoft Office\Office16\UcMapi.exe
FirewallRules: [{0AF70686-8796-469A-BA88-044BE553F427}] => C:\Program Files\Microsoft Office\Office16\lync.exe
FirewallRules: [{7C5CCAA7-69BA-485E-BC63-5B3DA20448F9}] => C:\Program Files\Microsoft Office\Office16\lync.exe
FirewallRules: [{D6492391-3B93-41E3-8E38-240D151C16FB}] => C:\Program Files (x86)\360\Total Security\softmgr\360InstantSetup.exe
FirewallRules: [{0E50B734-3B08-41D1-974F-D34174E33358}] => C:\Program Files (x86)\360\Total Security\softmgr\360InstantSetup.exe
FirewallRules: [{21112920-E2F2-455D-A6F9-34E68503B7B4}] => C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{92016AFD-04A1-419B-9D2E-717A88C79BB9}] => C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{41B39979-BC8A-4498-AB58-B0689B7EC991}] => C:\Program Files (x86)\360\Total Security\LiveUpdate360.exe
FirewallRules: [{800FF5D5-4112-44C9-842F-B29D29050C17}] => C:\Program Files (x86)\360\Total Security\LiveUpdate360.exe
FirewallRules: [UDP Query User{9167CFB6-4C1C-4D3E-AB16-F68A886EAD63}C:\program files (x86)\skype\phone\skype.exe] => C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [TCP Query User{593871AC-5020-4E57-B257-01CDA07E1473}C:\program files (x86)\skype\phone\skype.exe] => C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{806795DA-0F77-48B4-B811-1F13D0804928}] => C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{491BC49F-B5C8-431A-8032-65E0AAD05881}] => C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{A1DD7096-C9EB-4E42-BB4B-11DCACAAD986}] => C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{11EA7A24-8883-4879-8CFC-B09D20634EF3}] => C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{92FAB7FC-41B9-4B14-9211-AE7E545F904B}] => C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [{1F45C000-5731-4B7B-A826-BB18EB611D33}] => C:\Program Files\HP\HP Officejet 6700\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [{749E7800-ECB4-4DD1-A527-6C2392F78F58}] => C:\Program Files\HP\HP Officejet 6700\Bin\HPNetworkCommunicator.exe
FirewallRules: [{DC400F0C-B0C6-440F-8C51-A12153E573B6}] => C:\Program Files\HP\HP Officejet 6700\Bin\DeviceSetup.exe
FirewallRules: [{10A39B1D-FC41-4F61-A9F4-7D1FF0830AC1}] => C:\Program Files\HP\HP Officejet 6700\bin\SendAFax.exe
FirewallRules: [{75502190-78CC-425E-9F44-747B831DEBA8}] => C:\Program Files\HP\HP Officejet 6700\bin\DigitalWizards.exe
FirewallRules: [{3E7D7498-F03E-414A-938C-26CFD4C3F079}] => C:\Program Files\HP\HP Officejet 6700\bin\FaxApplications.exe
FirewallRules: [{89D6B2DB-C8AD-4EBE-A67C-89E200FC586C}] => C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{5F8EF517-053C-46C6-87B9-B3CBC7E0085C}] => C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{5FA11187-FBFA-4C34-93DF-3DE0FBCE7FF0}] => C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{0180A372-4E33-41C8-80C7-0E2E5F86CD9A}] => C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{5E723AF9-4712-4A7C-81C0-49DC779371A5}] => C:\Program Files\CyberLink\PowerDirector12\PDR10.EXE
FirewallRules: [{E310148F-BEF0-4FA3-9CAA-ACD5255B1B4A}] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe
FirewallRules: [{D1713330-8FA2-491C-8809-2AEA8CFD9F4E}] => C:\Program Files\Microsoft Office\Office16\lync.exe
FirewallRules: [{41A20AE5-E7BD-4FB1-A132-1417949D985F}] => C:\Program Files\Microsoft Office\Office16\lync.exe
FirewallRules: [{0A7CB4C8-1DE9-4B7F-865D-C2B88FCECD67}] => C:\Program Files\Microsoft Office\Office16\UcMapi.exe
FirewallRules: [{9F74EE94-D89E-4353-82F3-93679BEE1033}] => C:\Program Files\Microsoft Office\Office16\UcMapi.exe
FirewallRules: [{9007287E-737F-4ABC-996E-4A9100F4B1F8}] => C:\Program Files (x86)\uTorrent\utorrent.exe
FirewallRules: [{28B6B59A-6DE5-44F5-8FF0-DF0D47E20BF8}] => C:\Program Files (x86)\uTorrent\utorrent.exe
FirewallRules: [TCP Query User{BC2611B9-4EAB-4BF4-A72B-DBECE568CD53}C:\program files (x86)\utorrent\utorrent.exe] => C:\program files (x86)\utorrent\utorrent.exe
FirewallRules: [UDP Query User{9FD74C92-0302-4DEF-9D66-09048A7A03C9}C:\program files (x86)\utorrent\utorrent.exe] => C:\program files (x86)\utorrent\utorrent.exe
FirewallRules: [{72F43AA0-558C-448D-9410-ABE968BBA5FE}] => C:\Program Files (x86)\CyberLink\PowerDVD15\PowerDVD.exe
FirewallRules: [{094CD586-D665-46B6-8DBC-44AFC1EE3506}] => C:\Program Files (x86)\CyberLink\PowerDVD15\Kernel\DMS\CLMSServerPDVD15.exe
FirewallRules: [{927A3997-09A8-4C2C-A39E-751B043A73DF}] => C:\Program Files (x86)\CyberLink\PowerDVD15\PowerDVD15Agent.exe
FirewallRules: [{5B84405F-B58D-40F2-9B89-11E4A3E5ED9B}] => C:\Program Files (x86)\CyberLink\PowerDVD15\Movie\PowerDVDMovie.exe
FirewallRules: [{F9379BAA-5B1A-4165-81A8-37220DB5F92A}] => C:\Program Files (x86)\CyberLink\PowerDVD15\Movie\PowerDVD Cinema\PowerDVDCinema.exe
FirewallRules: [{D18FE7CD-D47B-4C4F-B083-2C346E3B7CFC}] => C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpdsvc.exe
FirewallRules: [{F881AD85-F4F1-4DBE-AE9E-62D0F6DE12AF}] => C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdater.exe
FirewallRules: [{33B9A6C4-968B-40C6-937E-E5938BACBDC5}] => C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
FirewallRules: [{6EBABC78-9213-49B8-AE57-2D6827C5CF24}] => C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
FirewallRules: [{B270DF64-9225-4DC8-BA99-C04753DD3444}] => C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
FirewallRules: [{EBE4995D-7B5F-4DDC-965D-750FE4C8C6E7}] => C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
FirewallRules: [{3452326E-53B5-4AFB-BF50-0F0CF922A7B0}] => C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
FirewallRules: [{B2A400D6-9F59-41D0-A616-236B2F9E2E7B}] => C:\Program Files (x86)\CyberLink\PowerDVD16\PowerDVD.exe
FirewallRules: [{E03B3309-4593-4D08-9216-66EEE2C53DAC}] => C:\Program Files (x86)\CyberLink\PowerDVD16\Kernel\DMS\CLMSServerPDVD16.exe
FirewallRules: [{9F5F33AE-D310-45CA-8E09-B7DA82185B99}] => C:\Program Files (x86)\CyberLink\PowerDVD16\PowerDVD16Agent.exe
FirewallRules: [{2B5D5A43-7831-4CBC-A5A0-4AF2DCD429C1}] => C:\Program Files (x86)\CyberLink\PowerDVD16\Movie\PowerDVDMovie.exe
FirewallRules: [{59C9969A-EF87-4157-AF99-678EDD00A7C7}] => C:\Program Files (x86)\CyberLink\PowerDVD16\CastingStation.exe
FirewallRules: [{BE6CCA1D-42BE-4444-8837-46899B662C51}] => C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe
FirewallRules: [{4183DF5A-A6D3-4167-8FC9-8678EBC65EED}] => C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe
FirewallRules: [{29E56029-A928-4417-B5ED-88A8DB9FE0AB}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{8228DCFB-1CE5-4F99-81A4-08BE6B2C9619}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{B381A423-F6CF-45AD-AAC1-BE65097D02D1}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{F2F181E3-CB9D-4960-942E-DFC1ADDDC076}] => LPort=8501
FirewallRules: [{A7DD94C5-D549-4124-A6A2-09113AD66008}] => LPort=8501
FirewallRules: [{D8FB2016-D4EB-4267-9110-5788FFE8327A}] => C:\Program Files (x86)\uTorrent 1\uTorrent.exe
FirewallRules: [{B411B5AA-0858-4712-9418-9C12436EECC4}] => C:\Program Files (x86)\uTorrent 1\uTorrent.exe
==================== Restore Points =========================
24-12-2016 02:56:53 Windows Update
28-12-2016 03:26:31 Windows Update
31-12-2016 04:45:24 Installed TurboTax 2016 wrapper
02-01-2017 15:11:15 Installed Skype™ 7.30
05-01-2017 19:08:21 Windows Update
09-01-2017 08:42:52 Windows Update
==================== Faulty Device Manager Devices =============

==================== Event log errors: =========================
Application errors:
==================
Error: (01/08/2017 08:17:35 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: ALIENINSIDER)
Description: Package Microsoft.MicrosoftEdge_39.14986.1000.0_neutral__8wekyb3d8bbwe+ContentProcess#{00061401-0001-0000-07f8-010000000000} was terminated because it took too long to suspend.
Error: (01/08/2017 08:17:34 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: MicrosoftEdgeCP.exe, version: 11.0.14986.1001, time stamp: 0x584e4e99
Faulting module name: KERNELBASE.dll, version: 10.0.14986.1000, time stamp: 0x5cabbcb9
Exception code: 0x800706bf
Fault offset: 0x0000000000039668
Faulting process id: 0x1fb4
Faulting application start time: 0x01d269c087391802
Faulting application path: C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
Faulting module path: C:\WINDOWS\System32\KERNELBASE.dll
Report Id: 3fbdb378-f0c5-40d1-877c-6341a64595b9
Faulting package full name: Microsoft.MicrosoftEdge_39.14986.1000.0_neutral__8wekyb3d8bbwe
Faulting package-relative application ID: ContentProcess
Error: (01/08/2017 08:17:24 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Explorer.EXE, version: 10.0.14986.1000, time stamp: 0xf95d161b
Faulting module name: DBRShellExtension.dll_unloaded, version: 1.8.0.9, time stamp: 0x559bed87
Exception code: 0xc0000005
Fault offset: 0x0000000000047353
Faulting process id: 0x2238
Faulting application start time: 0x01d269be9fed46af
Faulting application path: C:\WINDOWS\Explorer.EXE
Faulting module path: DBRShellExtension.dll
Report Id: 8a462146-c972-47e7-8bfe-69619fabacfa
Faulting package full name:
Faulting package-relative application ID:
Error: (01/08/2017 08:15:26 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: utorrent 2.2.1.exe, version: 2.2.1.25154, time stamp: 0x4d93a6ca
Faulting module name: ntdll.dll, version: 10.0.14986.1000, time stamp: 0x1b7454ed
Exception code: 0xc0000005
Fault offset: 0x0003c56e
Faulting process id: 0x1e64
Faulting application start time: 0x01d269c1df43cc8a
Faulting application path: H:\Unzipped\utorrent 2.2.1.exe
Faulting module path: C:\WINDOWS\SYSTEM32\ntdll.dll
Report Id: 17e611bd-f09b-439b-833c-caa374dc8cad
Faulting package full name:
Faulting package-relative application ID:
Error: (01/08/2017 07:51:15 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: ALIENINSIDER)
Description: Activation of app Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI failed with error: -2147024865 See the Microsoft-Windows-TWinUI/Operational log for additional information.
Error: (01/08/2017 07:51:15 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: ALIENINSIDER)
Description: Activation of app Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI failed with error: -2147024865 See the Microsoft-Windows-TWinUI/Operational log for additional information.
Error: (01/08/2017 07:51:04 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: backgroundTaskHost.exe, version: 10.0.14986.1000, time stamp: 0x2d981759
Faulting module name: ucrtbase.dll, version: 10.0.14986.1000, time stamp: 0x91b6c463
Exception code: 0xc0000005
Fault offset: 0x000000000004a6e7
Faulting process id: 0x296c
Faulting application start time: 0x01d269bea295a5f2
Faulting application path: C:\WINDOWS\system32\backgroundTaskHost.exe
Faulting module path: C:\WINDOWS\System32\ucrtbase.dll
Report Id: 0b63c9f2-e6b2-4fcd-a288-c7fb51db4521
Faulting package full name: Microsoft.Windows.Cortana_1.8.3.14986_neutral_neutral_cw5n1h2txyewy
Faulting package-relative application ID: CortanaUI
Error: (01/08/2017 07:50:55 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: FreemakeUtilsService.exe, version: 1.0.0.0, time stamp: 0x58636ac6
Faulting module name: KERNELBASE.dll, version: 10.0.14986.1000, time stamp: 0x96defb21
Exception code: 0xe0434352
Fault offset: 0x000ee512
Faulting process id: 0xf2c
Faulting application start time: 0x01d269be9c3bbb57
Faulting application path: C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
Faulting module path: C:\WINDOWS\System32\KERNELBASE.dll
Report Id: 5151d276-612b-4b54-b3c6-f89683440421
Faulting package full name:
Faulting package-relative application ID:
Error: (01/08/2017 07:50:54 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: FreemakeUtilsService.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.IO.FileNotFoundException
   at FreemakeUtilsService.Statistics.Manager.ApplyNewTargetsConfigs()
   at FreemakeUtilsService.Statistics.Manager.TargetsConfigSyncCompleted(System.Object, System.EventArgs)
   at FreemakeUtilsService.Common.Synchronizer.OnWorkerCompleted(System.Object, System.ComponentModel.RunWorkerCompletedEventArgs)
   at System.ComponentModel.BackgroundWorker.OnRunWorkerCompleted(System.ComponentModel.RunWorkerCompletedEventArgs)
   at System.ComponentModel.BackgroundWorker.AsyncOperationCompleted(System.Object)
   at System.Threading.QueueUserWorkItemCallback.WaitCallback_Context(System.Object)
   at System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   at System.Threading.QueueUserWorkItemCallback.System.Threading.IThreadPoolWorkItem.ExecuteWorkItem()
   at System.Threading.ThreadPoolWorkQueue.Dispatch()
   at System.Threading._ThreadPoolWaitCallback.PerformWaitCallback()
Error: (01/08/2017 07:48:51 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine QueryFullProcessImageNameW.  hr = 0x80070006, The handle is invalid.
.

Operation:
   Executing Asynchronous Operation
Context:
   Current State: DoSnapshotSet

System errors:
=============
Error: (01/10/2017 10:19:23 AM) (Source: Microsoft-Windows-BitLocker-Driver) (EventID: 24620) (User: NT AUTHORITY)
Description: Encrypted volume check: Volume information on \\?\Volume{b0215847-42f8-4ca4-94e0-921a8533487d} cannot be read.
Error: (01/10/2017 10:19:23 AM) (Source: Microsoft-Windows-BitLocker-Driver) (EventID: 24620) (User: ALIENINSIDER)
Description: Encrypted volume check: Volume information on \\?\Volume{b0215847-42f8-4ca4-94e0-921a8533487d} cannot be read.
Error: (01/10/2017 10:19:23 AM) (Source: Microsoft-Windows-BitLocker-Driver) (EventID: 24620) (User: NT AUTHORITY)
Description: Encrypted volume check: Volume information on \\?\Volume{b0215847-42f8-4ca4-94e0-921a8533487d} cannot be read.
Error: (01/10/2017 10:19:23 AM) (Source: Microsoft-Windows-BitLocker-Driver) (EventID: 24620) (User: ALIENINSIDER)
Description: Encrypted volume check: Volume information on \\?\Volume{b0215847-42f8-4ca4-94e0-921a8533487d} cannot be read.
Error: (01/10/2017 10:19:23 AM) (Source: Microsoft-Windows-BitLocker-Driver) (EventID: 24620) (User: NT AUTHORITY)
Description: Encrypted volume check: Volume information on \\?\Volume{b0215847-42f8-4ca4-94e0-921a8533487d} cannot be read.
Error: (01/10/2017 10:19:23 AM) (Source: Microsoft-Windows-BitLocker-Driver) (EventID: 24620) (User: NT AUTHORITY)
Description: Encrypted volume check: Volume information on \\?\Volume{b0215847-42f8-4ca4-94e0-921a8533487d} cannot be read.
Error: (01/10/2017 10:19:23 AM) (Source: Microsoft-Windows-BitLocker-Driver) (EventID: 24620) (User: NT AUTHORITY)
Description: Encrypted volume check: Volume information on \\?\Volume{b0215847-42f8-4ca4-94e0-921a8533487d} cannot be read.
Error: (01/10/2017 10:19:23 AM) (Source: Microsoft-Windows-BitLocker-Driver) (EventID: 24620) (User: NT AUTHORITY)
Description: Encrypted volume check: Volume information on \\?\Volume{b0215847-42f8-4ca4-94e0-921a8533487d} cannot be read.
Error: (01/10/2017 10:19:23 AM) (Source: Microsoft-Windows-BitLocker-Driver) (EventID: 24620) (User: NT AUTHORITY)
Description: Encrypted volume check: Volume information on \\?\Volume{b0215847-42f8-4ca4-94e0-921a8533487d} cannot be read.
Error: (01/10/2017 10:19:23 AM) (Source: Microsoft-Windows-BitLocker-Driver) (EventID: 24620) (User: NT AUTHORITY)
Description: Encrypted volume check: Volume information on \\?\Volume{b0215847-42f8-4ca4-94e0-921a8533487d} cannot be read.

CodeIntegrity:
===================================
  Date: 2017-01-10 09:40:19.820
  Description: Code Integrity determined that a process (\Device\HarddiskVolume8\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume8\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.
  Date: 2017-01-08 09:33:11.971
  Description: Code Integrity determined that a process (\Device\HarddiskVolume8\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume8\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.
  Date: 2017-01-08 08:04:52.922
  Description: Code Integrity determined that a process (\Device\HarddiskVolume8\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume8\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.
  Date: 2017-01-08 07:52:06.320
  Description: Code Integrity determined that a process (\Device\HarddiskVolume8\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume8\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.
  Date: 2017-01-07 03:52:09.108
  Description: Code Integrity determined that a process (\Device\HarddiskVolume8\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume8\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.
  Date: 2017-01-02 22:40:14.501
  Description: Code Integrity determined that a process (\Device\HarddiskVolume8\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume8\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.
  Date: 2017-01-02 19:44:42.511
  Description: Code Integrity determined that a process (\Device\HarddiskVolume8\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume8\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.
  Date: 2017-01-02 19:44:36.353
  Description: Code Integrity determined that a process (\Device\HarddiskVolume8\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume8\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.
  Date: 2017-01-02 19:44:35.940
  Description: Code Integrity determined that a process (\Device\HarddiskVolume8\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume8\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.
  Date: 2017-01-02 19:30:48.934
  Description: Code Integrity determined that a process (\Device\HarddiskVolume8\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume8\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.

==================== Memory info ===========================
Processor: Intel® Core™ i7-5960X CPU @ 3.00GHz
Percentage of memory in use: 21%
Total physical RAM: 32661.74 MB
Available physical RAM: 25513.12 MB
Total Virtual: 37525.74 MB
Available Virtual: 28974.64 MB
==================== Drives ================================
Drive c: (Ailien Insider) (Fixed) (Total:879.1 GB) (Free:480.03 GB) NTFS
Drive d: (Larrys Alienware) (Fixed) (Total:884.98 GB) (Free:725.56 GB) NTFS
Drive e: (Alienware Backup 2TB) (Fixed) (Total:1853.73 GB) (Free:1397.25 GB) NTFS
Drive h: (SSD #3) (Fixed) (Total:237.96 GB) (Free:221.22 GB) NTFS
Drive i: (SYSTEM) (Fixed) (Total:0.25 GB) (Free:0.23 GB) FAT32
Drive x: (RECOVERY) (Fixed) (Total:0.24 GB) (Free:0 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 238.5 GB) (Disk ID: 00000000)
Partition: GPT.
========================================================
Disk: 1 (Size: 894.3 GB) (Disk ID: D658939F)
Partition: GPT.
========================================================
Disk: 2 (Size: 894.3 GB) (Disk ID: 00000000)
Partition: GPT.
========================================================
Disk: 3 (Size: 1863 GB) (Disk ID: 00000000)
Partition: GPT.
==================== End of Addition.txt ============================

 


  • 0

Advertisements

#2
Jr0x
Posted 21 January 2017 - 07:40 AM

Jr0x

    Malware removal team

  • Malware Removal
  • 1,830 posts
Hi Lacosu,

Welcome to :welcome:. My name is Jr0x and I'll be helping you with your problem.

Before we get started, there are a few things I need you to take note of.
  • Please read through the instructions before attempting to follow those procedures. I would recommend printing them out as some of the instructions would requires you to be in safe mode / offline.
  • If there is anything you are unclear of, please ask before you start the fix.
  • Do not run any scripts / tools on your own, unsupervised usage may cause more harm than good.
  • Please stay with me on this thread, do not start another thread in here (Geeks To Go) or any other forum until I've declared you clean and good to go.
  • There may be delayed response to you as we may live in different timezone.
  • Inform me of anything that happens unexpectedly during the fix at any point of time.
  • As much as we like to make this a easy process for you. Malware removal is a complex multi-step process, and things may happen such as data loss or render your machine unbootable. I would recommend that you backup your personal data before we proceed.
  • Posts that are not replied to in four (4) days will result in the topic being closed. We have not forgotten you; this is just an effort to keep the boards organized and flowing. To continue on your closed topic, please PM me or any Moderator to have the topic reactivated. If, at any time during our working together, I have not responded to you in 2 days (48 hours), then please PM me.
  • Please do not attach any log files to your replies unless I specifically ask you. Instead please copy and paste so as to include the log in your reply. You can do this in separate posts if it's easier for you.
  • As we go along please tell me how the computer is running now. Please be as descriptive as possible e.g. I'm still getting web redirects, I am unable to access the internet etc.
Let's get started.

I would require a new log so please run the scan again.

FRST.gif Re-Scan with Farbar's Recovery Scan Tool (FRST)
  • Right click to run as administrator (XP users click run after receipt of Windows Security Warning - Open File).
  • Please ensure you place a check mark in the Addition.txt check box at the bottom of the form before running.
  • Press Scan button.
  • It will produce a log called FRST.txt in the same directory the tool is run from.
  • Please copy and paste log back here.
  • Because you selected the Addition.txt check box this log will be created as well. Please also paste that along with the FRST.txt into your reply.

  • 0

#3
Jr0x
Posted 03 February 2017 - 11:44 PM

Jr0x

    Malware removal team

  • Malware Removal
  • 1,830 posts

Due to lack of feedback, this topic has been closed.

If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.


  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP