Javascript Disabled Detected

You currently have javascript disabled. Several functions may not work. Please re-enable javascript to access full functionality.

Sen here by: RKinner, not infected. BSOD by aswMBR, computer CD-ROM wa

Started by Alduin , Jul 02 2017 06:46 AM

Please log in to reply

#1
Alduin

Posted 02 July 2017 - 06:46 AM

Banned

Banned
55 posts

Sen here by: RKinner, not infected. BSOD by aswMBR, computer CD-ROM was acting crazy.

Don't mind the IFEO debugger key and the Group Policy changes on google chrome and proxy changes if you ever see..., I'm not looking for any removal i want to know what caused this.

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 29-06-2017

Ran by elgiganten-demo (administrator) on FARFAR (02-07-2017 14:31:24)

Running from C:\Users\elgiganten-demo\Downloads

Loaded Profiles: elgiganten-demo (Available Profiles: elgiganten-demo)

Platform: Windows 8.1 (Update) (X64) Language: Svenska (Sverige)

Internet Explorer Version 11 (Default browser: Chrome)

Boot Mode: Normal

Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe

(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe

(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe

() C:\Program Files (x86)\NordVPN\nordvpn-service.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe

(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe

(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe

(SoftEther VPN Project at University of Tsukuba, Japan.) C:\Program Files\SoftEther VPN Client\vpnclient_x64.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe

(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe

(MSI) C:\Windows\SysWOW64\muachost.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Nota Inc.) C:\Program Files (x86)\Gyazo\GyStation.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Cooler Master) C:\Program Files (x86)\Cooler Master\MasterKeys Pro L With intelligent RGB\Masterkeys pro L RGB HID.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Microsoft Corporation) C:\Windows\System32\dllhost.exe

(Farbar) C:\Users\elgiganten-demo\Downloads\FRST64 (1).exe

==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [ShadowPlay] => "C:\windows\system32\rundll32.exe" C:\windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart

HKLM-x32\...\Run: [MasterKeys Pro L] => C:\Program Files (x86)\Cooler Master\MasterKeys Pro L With intelligent RGB\MasterKeys Pro L RGB HID.exe [1970176 2016-05-31] (Cooler Master)

HKU\S-1-5-21-3593711402-1704135711-2489708331-1001\...\Run: [Gyazo] => C:\Program Files (x86)\Gyazo\GyStation.exe [5077792 2017-05-16] (Nota Inc.)

HKU\S-1-5-21-3593711402-1704135711-2489708331-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3042592 2017-06-08] (Valve Corporation)

IFEO\mbam.exe: [Debugger] mbam.exe

ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-10-25] ()

ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-10-25] ()

ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-10-25] ()

Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AutorunsDisabled [2017-03-18] ()

AlternateShell:

GroupPolicy: Restriction <==== ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

ProxyServer: [S-1-5-21-3593711402-1704135711-2489708331-1001] => 47.89.51.239:8088

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt

Tcpip\..\Interfaces\{2378E2A0-33C5-4993-AA17-DEF6418DA6C2}: [DhcpNameServer] 78.46.223.24 162.242.211.137

Tcpip\..\Interfaces\{593F17AF-2544-460B-BD33-A260B9FDAFE1}: [NameServer] 208.67.222.123,208.67.220.123

Tcpip\..\Interfaces\{593F17AF-2544-460B-BD33-A260B9FDAFE1}: [DhcpNameServer] 172.20.10.1

Tcpip\..\Interfaces\{9381A909-72B3-4D8E-B0B9-90BFB79510B6}: [DhcpNameServer] 78.46.223.24 162.242.211.137

Tcpip\..\Interfaces\{A81ECF4D-B7A5-4931-87DA-12131228653C}: [DhcpNameServer] 78.46.223.24 162.242.211.137

Tcpip\..\Interfaces\{ABBEFDB3-7314-4A02-90F5-1B9EFDD648B2}: [NameServer] 8.8.4.4,4.4.8.8

Tcpip\..\Interfaces\{ABBEFDB3-7314-4A02-90F5-1B9EFDD648B2}: [DhcpNameServer] 192.168.1.1

Tcpip\..\Interfaces\{C9888951-F004-486F-B35F-D12AFEE5C51B}: [DhcpNameServer] 10.110.114.1

Tcpip\..\Interfaces\{EB300C49-589E-44DB-A9EC-9A7413DD426E}: [DhcpNameServer] 68.168.114.253 8.8.8.8

Internet Explorer:

==================

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.uk.msn.com/HPCON14/33

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.uk.msn.com/HPCON14/33

HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPCON14/33

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPCON14/33

HKU\S-1-5-21-3593711402-1704135711-2489708331-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.uk.msn.com/HPCON14/33

HKU\S-1-5-21-3593711402-1704135711-2489708331-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPCON14/33

SearchScopes: HKLM -> {8D09011F-FE7A-48B8-9A19-8C469A7010F8} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie=UTF-8&tag=hp-uk3-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}

SearchScopes: HKLM-x32 -> {8D09011F-FE7A-48B8-9A19-8C469A7010F8} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie=UTF-8&tag=hp-uk3-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}

SearchScopes: HKU\S-1-5-21-3593711402-1704135711-2489708331-1001 -> {8D09011F-FE7A-48B8-9A19-8C469A7010F8} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie=UTF-8&tag=hp-uk3-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}

BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_60\bin\ssv.dll [2015-08-27] (Oracle Corporation)

BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_60\bin\jp2ssv.dll [2015-08-27] (Oracle Corporation)

BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2013-08-28] (Hewlett-Packard)

BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2013-08-28] (Hewlett-Packard)

FireFox:

========

FF ProfilePath: C:\Users\elgiganten-demo\AppData\Roaming\Mozilla\Firefox\Profiles\ta0AUfZF.default [2017-05-26]

FF NetworkProxy: Mozilla\Firefox\Profiles\ta0AUfZF.default -> http_port", 53059

FF NetworkProxy: Mozilla\Firefox\Profiles\ta0AUfZF.default -> socks", "85.192.220.168"

FF NetworkProxy: Mozilla\Firefox\Profiles\ta0AUfZF.default -> socks_port", 53059

FF NetworkProxy: Mozilla\Firefox\Profiles\ta0AUfZF.default -> type", 0

FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_17_0_0_188.dll [2015-05-30] ()

FF Plugin: @java.com/DTPlugin,version=11.60.2 -> C:\Program Files\Java\jre1.8.0_60\bin\dtplugin\npDeployJava1.dll [2015-08-27] (Oracle Corporation)

FF Plugin: @java.com/JavaPlugin,version=11.60.2 -> C:\Program Files\Java\jre1.8.0_60\bin\plugin2\npjp2.dll [2015-08-27] (Oracle Corporation)

FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2017-03-27] (Adobe Systems)

FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_188.dll [2015-05-30] ()

FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 -> C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll [2011-11-03] (ESN Social Software AB)

FF Plugin-x32: @esn/esnlaunch,version=2.3.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll [2013-09-16] (ESN Social Software AB)

FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)

FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2017-05-18] (NVIDIA Corporation)

FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2017-05-18] (NVIDIA Corporation)

FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.)

FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.)

FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2017-03-27] (Adobe Systems)

Chrome:

=======

CHR DefaultProfile: Default

CHR StartupUrls: Default -> "hxxp://www.google.com/"

CHR Profile: C:\Users\elgiganten-demo\AppData\Local\Google\Chrome\User Data\Default [2017-07-02]

CHR Extension: (Google Presentationer) - C:\Users\elgiganten-demo\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-04-17]

CHR Extension: (Google Dokument) - C:\Users\elgiganten-demo\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-04-17]

CHR Extension: (Google Drive) - C:\Users\elgiganten-demo\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-21]

CHR Extension: (WOT: Web of Trust, Website Reputation Ratings) - C:\Users\elgiganten-demo\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp [2017-03-01]

CHR Extension: (YouTube) - C:\Users\elgiganten-demo\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-25]

CHR Extension: (Google Search) - C:\Users\elgiganten-demo\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-28]

CHR Extension: (Tampermonkey) - C:\Users\elgiganten-demo\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2017-05-31]

CHR Extension: (Google Kalkylark) - C:\Users\elgiganten-demo\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-04-17]

CHR Extension: (EditThisCookie) - C:\Users\elgiganten-demo\AppData\Local\Google\Chrome\User Data\Default\Extensions\fngmhnnpilhplaeedifhccceomclgfbg [2017-06-26]

CHR Extension: (Hacker Vision) - C:\Users\elgiganten-demo\AppData\Local\Google\Chrome\User Data\Default\Extensions\fommidcneendjonelhhhkmoekeicedej [2017-01-03]

CHR Extension: (HTTPS Everywhere) - C:\Users\elgiganten-demo\AppData\Local\Google\Chrome\User Data\Default\Extensions\gcbommkclmclpchllfjekcdonpmejbdp [2017-06-21]

CHR Extension: (Google Dokument Offline) - C:\Users\elgiganten-demo\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-15]

CHR Extension: (AdBlock) - C:\Users\elgiganten-demo\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2017-06-27]

CHR Extension: (Grammarly for Chrome) - C:\Users\elgiganten-demo\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbfnbcaeplbcioakkpcpgfkobkghlhen [2017-06-28]

CHR Extension: (Malware Search) - C:\Users\elgiganten-demo\AppData\Local\Google\Chrome\User Data\Default\Extensions\kgleioieeffejophokeklefchfglgmnk [2015-05-09]

CHR Extension: (DotVPN — a better way to VPN) - C:\Users\elgiganten-demo\AppData\Local\Google\Chrome\User Data\Default\Extensions\kpiecbcckbofpmkkkdibbllpinceiihk [2017-05-29]

CHR Extension: (Betalning via Chrome Web Store) - C:\Users\elgiganten-demo\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-03-09]

CHR Extension: (Talkz) - C:\Users\elgiganten-demo\AppData\Local\Google\Chrome\User Data\Default\Extensions\nncdmicfhjggfogddpjjpdlhfaaaglno [2016-12-13]

CHR Extension: (Blue Space Sunset Chrome Theme) - C:\Users\elgiganten-demo\AppData\Local\Google\Chrome\User Data\Default\Extensions\nndfdjfoclbidmgpmbelcieibgjjfdog [2016-01-21]

CHR Extension: (Gmail) - C:\Users\elgiganten-demo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-17]

CHR Extension: (Chrome Media Router) - C:\Users\elgiganten-demo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-06-21]

CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx

CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [771672 2017-03-14] (Adobe Systems Incorporated)

S4 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2227312 2017-02-27] (Adobe Systems, Incorporated)

S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1536520 2017-05-09] ()

S4 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [437784 2016-04-11] (BlueStack Systems, Inc.)

S4 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [417304 2016-04-11] (BlueStack Systems, Inc.)

S4 BstHdPlusAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Plus-Service.exe [433688 2016-04-11] (BlueStack Systems, Inc.)

S4 BstHdUpdaterSvc; C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe [921112 2016-04-11] (BlueStack Systems, Inc.)

S4 DirMngr; C:\Program Files (x86)\GNU\GnuPG\dirmngr.exe [216576 2016-08-18] () [File not signed]

S4 EasyAntiCheat; C:\windows\SysWOW64\EasyAntiCheat.exe [237864 2015-04-23] (EasyAntiCheat Ltd)

S4 ExpressCache; C:\Program Files\Condusiv Technologies\ExpressCache\ExpressCache.exe [828656 2013-11-18] (Condusiv Technologies)

S3 fussvc; C:\Program Files (x86)\Windows Kits\8.1\App Certification Kit\fussvc.exe [142336 2014-02-20] (Microsoft Corporation) [File not signed]

S4 GamingApp_Service; C:\Program Files (x86)\MSI\MSI Gaming APP\GamingApp_Service.exe [36008 2016-01-09] (Micro-Star Int'l Co., Ltd.)

S4 GamingHotkey_Service; C:\Program Files (x86)\MSI\MSI Gaming APP\GamingHotkey_Service.exe [2019792 2016-01-09] (Micro-Star INT'L CO., LTD.)

S4 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [92160 2014-01-13] (Hewlett-Packard Company) [File not signed]

R2 LogiRegistryService; C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe [193656 2016-02-18] (Logitech Inc.)

S4 MSI_LiveUpdate_Service; C:\Program Files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe [1779664 2016-01-09] (Micro-Star INT'L CO., LTD.)

R2 nordvpn-service; C:\Program Files (x86)\NordVPN\nordvpn-service.exe [411312 2017-03-02] ()

R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [495224 2017-05-03] (NVIDIA Corporation)

S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [495224 2017-05-03] (NVIDIA Corporation)

R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [462968 2017-05-18] (NVIDIA Corporation)

R2 NvTelemetryContainer; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [449984 2017-05-18] (NVIDIA Corporation)

S4 omniserv; C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe [88064 2014-02-07] (Softex Inc.) [File not signed]

S4 OpenVPNAccessClient; C:\Program Files (x86)\OpenVPN Technologies\OpenVPN Client\core\capiws.exe [24064 2014-06-05] () [File not signed]

S4 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2147216 2017-05-06] (Electronic Arts)

S2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3116440 2017-05-06] (Electronic Arts)

S4 PAExec; C:\windows\PAExec.exe [189112 2016-01-19] (Power Admin LLC)

S4 PnkBstrA; C:\windows\system32\PnkBstrA.exe [76152 2016-01-25] ()

S4 PnkBstrA; C:\windows\SysWOW64\PnkBstrA.exe [76888 2016-01-25] ()

S4 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [118520 2015-07-19] (Riverbed Technology, Inc.)

S4 SbieSvc; C:\Program Files\Sandboxie\SbieSvc.exe [197264 2016-06-15] (Sandboxie Holdings, LLC)

R2 SEVPNCLIENT; C:\Program Files\SoftEther VPN Client\vpnclient_x64.exe [5248456 2017-01-06] (SoftEther VPN Project at University of Tsukuba, Japan.)

S4 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [340480 2014-01-07] (IDT, Inc.) [File not signed]

S3 Te.Service; C:\Program Files (x86)\Windows Kits\8.1\Testing\Runtimes\TAEF\Wex.Services.exe [119808 2013-08-22] (Microsoft Corporation) [File not signed]

R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [10884848 2017-05-23] (TeamViewer GmbH)

S4 vncserver; C:\Program Files\RealVNC\VNC Server\vncserver.exe [5663824 2016-06-06] (RealVNC Ltd)

S3 VSStandardCollectorService140; C:\Program Files (x86)\Microsoft Visual Studio 14.0\Team Tools\DiagnosticsHub\Collector\StandardCollector.Service.exe [52968 2015-08-04] (Microsoft Corporation)

S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [361824 2017-01-12] (Microsoft Corporation)

S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [119872 2017-01-12] (Microsoft Corporation)

S4 WindscribeService; C:\Program Files (x86)\Windscribe\WindscribeService.exe [71272 2017-05-09] (Windscribe Limited)

S4 0242891429271669mcinstcleanup; C:\Users\ELGIGA~1\AppData\Local\Temp\024289~1.EXE -cleanup -nolog [X] <==== ATTENTION

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 athr; C:\windows\system32\DRIVERS\athwbx.sys [4265984 2015-08-26] (Qualcomm Atheros Communications, Inc.)

R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [154680 2016-04-11] (BlueStack Systems)

R2 BstkDrv; C:\Program Files (x86)\BlueStacks\BstkDrv.sys [270904 2016-04-06] (Bluestack System Inc. )

R1 CLVirtualDrive; C:\windows\system32\DRIVERS\CLVirtualDrive.sys [91912 2013-11-12] (CyberLink)

S3 CM_VENDER_CMD; C:\Program Files\Common Files\Logitech\G430Install\CMVC64.sys [17104 2014-07-31] (Windows ® Win 7 DDK provider)

S3 cpuz137; C:\Program Files (x86)\CPUID\PC Wizard 2013\pcwiz_x64.sys [26856 2016-01-09] (CPUID)

S3 CV2K1; C:\windows\system32\DRIVERS\cv2k1.sys [32616 2016-08-02] (TamoSoft Limited)

R1 excfs; C:\windows\System32\DRIVERS\excfs.sys [25840 2013-11-18] (Condusiv Technologies)

R0 excsd; C:\windows\System32\DRIVERS\excsd.sys [117488 2013-11-18] (Condusiv Technologies)

R3 I2cHkBurn; C:\windows\system32\drivers\I2cHkBurn.sys [41760 2016-01-09] (FINTEK Corp.)

S3 ladfGSS; C:\windows\system32\drivers\ladfGSS.sys [45200 2016-02-16] (Logitech Inc.)

R2 LGCoreTemp; C:\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\lgcoretemp.sys [14184 2015-06-21] (Logitech)

R3 LGJoyXlCore; C:\windows\system32\drivers\LGJoyXlCore.sys [68384 2015-06-11] (Logitech Inc.)

R2 mi2c; C:\windows\system32\drivers\mi2c.sys [20784 2015-05-12] (Nicomsoft Ltd.)

R3 Neo_VPN; C:\windows\system32\DRIVERS\Neo_VPN.sys [38432 2017-01-06] (SoftEther Corporation)

R2 NPF; C:\windows\System32\drivers\npf.sys [36600 2013-03-01] (Riverbed Technology, Inc.)

S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30328 2017-05-03] (NVIDIA Corporation)

R3 NVVADARM; C:\windows\system32\drivers\nvvadarm.sys [46200 2017-05-18] (NVIDIA Corporation)

R3 nvvad_WaveExtensible; C:\windows\system32\drivers\nvvad64v.sys [48248 2017-05-03] (NVIDIA Corporation)

R3 nvvhci; C:\windows\System32\drivers\nvvhci.sys [57792 2017-01-20] (NVIDIA Corporation)

S3 RTCore64; C:\Program Files (x86)\MSI Afterburner\RTCore64.sys [13512 2015-12-09] ()

S3 RtlWlanu; C:\windows\system32\DRIVERS\rtwlanu.sys [1975000 2013-07-31] (Realtek Semiconductor Corporation )

S3 SbieDrv; C:\Program Files\Sandboxie\SbieDrv.sys [204944 2016-06-15] (Sandboxie Holdings, LLC)

R1 SeLow; C:\windows\system32\DRIVERS\SeLow_x64.sys [51232 2017-01-06] (SoftEther Corporation)

R3 SensorsSimulatorDriver; C:\windows\system32\DRIVERS\WUDFRd.sys [226304 2014-10-29] (Microsoft Corporation)

R3 tap0901_openvpn_accl; C:\windows\system32\DRIVERS\tap0901_openvpn_accl.sys [37912 2016-07-11] (The OpenVPN Project)

R3 tapnord; C:\windows\system32\DRIVERS\tapnord.sys [35376 2016-10-13] (The OpenVPN Project)

R3 tapoas; C:\windows\system32\DRIVERS\tapoas.sys [26624 2014-05-08] (The OpenVPN Project)

R3 tapwindscribe0901; C:\windows\system32\DRIVERS\tapwindscribe0901.sys [45560 2017-04-21] (The OpenVPN Project)

U3 TrueSight; C:\Windows\System32\drivers\TrueSight.sys [35064 2015-07-29] ()

R1 TSCOMM; C:\windows\system32\DRIVERS\tscomm8.sys [40808 2016-08-03] (TamoSoft)

S3 TsVlb; C:\windows\system32\DRIVERS\tsvlb.sys [33128 2016-08-03] (TamoSoft)

R1 TsVp; C:\windows\system32\DRIVERS\tsvp.sys [37224 2016-08-03] (TamoSoft)

R3 TS_ARN5416; C:\windows\system32\DRIVERS\ts_athrx.sys [3508584 2016-08-03] (TamoSoft)

R1 VBoxNetAdp; C:\windows\system32\DRIVERS\VBoxNetAdp6.sys [121248 2016-08-16] (Oracle Corporation)

R1 VBoxNetLwf; C:\windows\system32\DRIVERS\VBoxNetLwf.sys [195936 2016-08-16] (Oracle Corporation)

R3 VCSVADHWSer; C:\windows\system32\DRIVERS\vcsvad.sys [29320 2015-10-01] (AVSOFT Corp.)

R3 voxaldriver; C:\windows\system32\DRIVERS\voxaldriverx64.sys [43472 2016-12-13] ()

R0 vsock; C:\windows\System32\drivers\vsock.sys [76480 2015-01-07] (VMware, Inc.)

S3 WdBoot; C:\windows\system32\drivers\WdBoot.sys [46600 2017-02-10] (Microsoft Corporation)

S3 WdFilter; C:\windows\system32\drivers\WdFilter.sys [274776 2017-01-12] (Microsoft Corporation)

S3 WdNisDrv; C:\windows\System32\Drivers\WdNisDrv.sys [117592 2017-01-12] (Microsoft Corporation)

S3 cpuz138; \??\C:\Users\ELGIGA~1\AppData\Local\Temp\cpuz138\cpuz138_x64.sys [X] <==== ATTENTION

S3 MSICDSetup; \??\E:\CDriver64.sys [X]

S3 NTIOLib_1_0_C; \??\E:\NTIOLib_X64.sys [X]

S3 VBoxNetFlt; \SystemRoot\system32\DRIVERS\VBoxNetFlt.sys [X]

U3 aswMBR; \??\C:\Users\ELGIGA~1\AppData\Local\Temp\aswMBR.sys [X] <==== ATTENTION

U3 aswVmm; \??\C:\Users\ELGIGA~1\AppData\Local\Temp\aswVmm.sys [X] <==== ATTENTION

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-07-02 14:31 - 2017-07-02 14:31 - 02440704 _____ (Farbar) C:\Users\elgiganten-demo\Downloads\FRST64 (1).exe

2017-07-01 22:44 - 2017-07-01 22:44 - 00002089 _____ C:\Users\elgiganten-demo\Desktop\aswMBR.txt

2017-07-01 22:44 - 2017-07-01 22:44 - 00000512 _____ C:\Users\elgiganten-demo\Desktop\MBR.dat

2017-07-01 22:32 - 2017-07-01 22:32 - 00011100 _____ C:\Users\elgiganten-demo\Downloads\Fixlog (2).txt

2017-07-01 22:25 - 2017-07-01 22:25 - 00067310 _____ C:\Users\elgiganten-demo\Downloads\bluescreenview (1).zip

2017-07-01 22:25 - 2017-07-01 22:25 - 00001579 _____ C:\Users\elgiganten-demo\Downloads\bluescreenview_swedish (1).zip

2017-07-01 22:00 - 2017-07-01 22:00 - 1286211872 _____ C:\windows\MEMORY.DMP

2017-07-01 22:00 - 2017-07-01 22:00 - 00412112 _____ C:\windows\Minidump\070117-38640-01.dmp

2017-07-01 21:22 - 2017-07-01 21:22 - 02530656 _____ C:\Users\elgiganten-demo\Downloads\1498862046178.webm

2017-07-01 21:22 - 2017-07-01 21:22 - 02530656 _____ C:\Users\elgiganten-demo\Downloads\1498862046178 (1).webm

2017-07-01 20:22 - 2017-07-01 20:22 - 05198336 _____ (AVAST Software) C:\Users\elgiganten-demo\Downloads\aswMBR.exe

2017-07-01 19:21 - 2017-07-01 19:21 - 00000020 _____ C:\Users\elgiganten-demo\Desktop\olle.txt

2017-07-01 16:43 - 2017-07-01 16:43 - 00501210 _____ C:\Users\elgiganten-demo\Desktop\procexp.exe.7648.dmp

2017-07-01 16:43 - 2017-07-01 16:43 - 00000000 ____D C:\Users\elgiganten-demo\AppData\Roaming\Mael

2017-07-01 16:40 - 2017-07-01 16:40 - 00000864 _____ C:\Users\Public\Desktop\HxD.lnk

2017-07-01 16:40 - 2017-07-01 16:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HxD Hex Editor

2017-07-01 16:40 - 2017-07-01 16:40 - 00000000 ____D C:\Program Files (x86)\HxD

2017-07-01 16:38 - 2017-07-01 16:38 - 00872029 _____ C:\Users\elgiganten-demo\Downloads\HxDSetupEN.zip

2017-07-01 16:32 - 2017-07-01 16:33 - 00412130 _____ C:\Users\elgiganten-demo\Downloads\20120025.pdf

2017-07-01 00:01 - 2017-07-01 00:01 - 00000284 _____ C:\Users\elgiganten-demo\Downloads\fixlist (9).txt

2017-06-30 23:46 - 2017-06-30 23:46 - 00000400 _____ C:\Users\elgiganten-demo\Downloads\fixlist (8).txt

2017-06-30 23:26 - 2017-06-30 23:26 - 00049832 _____ C:\Users\elgiganten-demo\Downloads\FRST (1).txt

2017-06-30 23:06 - 2017-06-30 23:06 - 00019230 _____ C:\Users\elgiganten-demo\Downloads\Fixlog (1).txt

2017-06-30 22:27 - 2017-06-30 22:27 - 00002614 _____ C:\Users\elgiganten-demo\Downloads\Rkill.txt

2017-06-30 22:25 - 2017-06-30 22:25 - 00001199 _____ C:\Users\elgiganten-demo\Downloads\fixlist (7).txt

2017-06-30 22:13 - 2017-06-30 22:17 - 00002374 _____ C:\Users\elgiganten-demo\Desktop\Rkill.txt

2017-06-30 22:13 - 2017-06-30 22:13 - 02030536 _____ (Bleeping Computer, LLC) C:\Users\elgiganten-demo\Downloads\rkill.exe

2017-06-30 22:13 - 2017-06-30 22:13 - 01106888 _____ (Bleeping Computer, LLC) C:\Users\elgiganten-demo\Downloads\rkill64.exe

2017-06-30 20:52 - 2017-06-30 20:52 - 00000394 _____ C:\Users\elgiganten-demo\Desktop\fixlist2.txt

2017-06-30 13:33 - 2017-06-30 13:33 - 00038792 _____ (Microsoft Corporation) C:\Users\elgiganten-demo\Downloads\svchost.exe

2017-06-30 11:27 - 2017-06-30 11:27 - 00012218 _____ C:\Users\elgiganten-demo\Downloads\fixlist (6).txt

2017-06-30 10:27 - 2017-06-30 10:27 - 00002216 _____ C:\Users\elgiganten-demo\Downloads\fixlist (5).txt

2017-06-29 14:50 - 2017-06-29 14:50 - 00001128 _____ C:\Users\elgiganten-demo\Downloads\fixlist (4).txt

2017-06-29 02:58 - 2017-04-21 23:53 - 00029376 _____ (Microsoft Corporation) C:\windows\SysWOW64\aspnet_counters.dll

2017-06-29 02:58 - 2017-04-21 23:53 - 00018600 _____ (Microsoft Corporation) C:\windows\SysWOW64\msvcr100_clr0400.dll

2017-06-29 02:58 - 2017-04-21 23:50 - 00030912 _____ (Microsoft Corporation) C:\windows\system32\aspnet_counters.dll

2017-06-29 02:58 - 2017-04-21 23:50 - 00018592 _____ (Microsoft Corporation) C:\windows\system32\msvcr100_clr0400.dll

2017-06-29 02:58 - 2017-04-11 20:27 - 00987840 _____ (Microsoft Corporation) C:\windows\SysWOW64\msvcr120_clr0400.dll

2017-06-29 02:58 - 2017-04-11 20:27 - 00485576 _____ (Microsoft Corporation) C:\windows\SysWOW64\msvcp120_clr0400.dll

2017-06-29 02:58 - 2017-03-15 20:15 - 00993632 _____ (Microsoft Corporation) C:\windows\system32\msvcr120_clr0400.dll

2017-06-29 02:58 - 2017-03-15 20:15 - 00690008 _____ (Microsoft Corporation) C:\windows\system32\msvcp120_clr0400.dll

2017-06-27 20:36 - 2017-06-27 20:36 - 01536119 _____ C:\Users\elgiganten-demo\Downloads\1498574158450.webm

2017-06-27 18:19 - 2017-06-27 18:19 - 11014728 _____ C:\Users\elgiganten-demo\Downloads\RogueKillerCMD_portable64 (1).exe

2017-06-27 18:18 - 2017-06-27 18:18 - 11014728 _____ C:\Users\elgiganten-demo\Downloads\RogueKillerCMD_portable64.exe

2017-06-27 12:55 - 2017-07-02 14:32 - 00025224 _____ C:\Users\elgiganten-demo\Downloads\FRST.txt

2017-06-26 14:45 - 2017-06-26 18:48 - 00250556 _____ C:\TDSSKiller.3.1.0.15_26.06.2017_14.45.19_log.txt

2017-06-26 14:45 - 2017-06-26 14:45 - 04922400 _____ (AO Kaspersky Lab) C:\Users\elgiganten-demo\Downloads\tdsskiller.exe

2017-06-26 14:20 - 2017-06-27 13:54 - 00002734 _____ C:\Users\elgiganten-demo\Desktop\fixlist.txt

2017-06-26 03:26 - 2017-06-26 03:27 - 00000000 ____D C:\ProgramData\RogueKillerPE

2017-06-26 01:35 - 2017-07-01 22:15 - 00126291 _____ C:\Users\elgiganten-demo\Downloads\Addition.txt

2017-06-24 07:52 - 2017-06-24 07:52 - 00000408 _____ C:\Users\elgiganten-demo\Downloads\fixlist (3).txt

2017-06-23 13:19 - 2017-06-23 13:19 - 00009317 _____ C:\Users\elgiganten-demo\Downloads\Fixlog.txt

2017-06-22 03:10 - 2017-06-22 03:10 - 00021824 _____ C:\Users\elgiganten-demo\Downloads\fixlist (2).txt

2017-06-21 20:45 - 2017-06-21 20:45 - 00005508 _____ C:\Users\elgiganten-demo\Downloads\fixlist (1).txt

2017-06-21 18:56 - 2017-06-21 18:56 - 00000514 _____ C:\Users\elgiganten-demo\Downloads\fixlist.txt

2017-06-21 17:58 - 2017-06-21 17:58 - 00005111 _____ C:\Users\elgiganten-demo\Downloads\20869359234641705.html

2017-06-20 19:20 - 2017-07-01 22:12 - 00000000 ____D C:\Users\elgiganten-demo\Downloads\FRST-OlderVersion

2017-06-20 18:35 - 2017-06-20 18:35 - 01130328 _____ (Google Inc.) C:\Users\elgiganten-demo\Downloads\ChromeSetup.exe

2017-06-18 15:21 - 2017-06-18 15:21 - 00000000 ____D C:\Users\elgiganten-demo\Documents\Lmao

2017-06-18 15:20 - 2017-06-18 15:20 - 00000000 ____D C:\Users\elgiganten-demo\Desktop\Lmao

2017-06-18 08:15 - 2017-06-18 08:15 - 00197480 _____ C:\Users\elgiganten-demo\Downloads\Extras.Txt

2017-06-18 08:14 - 2017-06-18 08:14 - 00426730 _____ C:\Users\elgiganten-demo\Downloads\OTL.Txt

2017-06-18 08:09 - 2017-07-01 22:12 - 02440704 _____ (Farbar) C:\Users\elgiganten-demo\Downloads\FRST64.exe

2017-06-18 07:56 - 2017-06-18 07:56 - 00602112 _____ (OldTimer Tools) C:\Users\elgiganten-demo\Downloads\OTL.exe

2017-06-17 04:25 - 2017-06-17 04:25 - 00000492 _____ C:\Users\elgiganten-demo\Desktop\imp2.txt

2017-06-15 14:54 - 2017-06-15 14:54 - 00238840 _____ C:\Users\elgiganten-demo\Downloads\watch (2).htm

2017-06-14 05:10 - 2017-06-02 14:15 - 00337408 _____ (Microsoft Corporation) C:\windows\system32\SearchProtocolHost.exe

2017-06-14 05:10 - 2017-06-02 14:12 - 00468992 _____ (Microsoft Corporation) C:\windows\system32\mssph.dll

2017-06-14 05:10 - 2017-06-02 14:12 - 00248832 _____ (Microsoft Corporation) C:\windows\system32\mssphtb.dll

2017-06-14 05:10 - 2017-06-02 14:06 - 01001984 _____ (Microsoft Corporation) C:\windows\HelpPane.exe

2017-06-14 05:10 - 2017-06-02 14:01 - 00774144 _____ (Microsoft Corporation) C:\windows\system32\mssvp.dll

2017-06-14 05:10 - 2017-06-02 13:30 - 03635200 _____ (Microsoft Corporation) C:\windows\system32\tquery.dll

2017-06-14 05:10 - 2017-06-02 13:03 - 00903168 _____ (Microsoft Corporation) C:\windows\system32\SearchIndexer.exe

2017-06-14 05:10 - 2017-06-02 12:58 - 02551808 _____ (Microsoft Corporation) C:\windows\system32\mssrch.dll

2017-06-14 05:10 - 2017-06-02 12:25 - 00272896 _____ (Microsoft Corporation) C:\windows\SysWOW64\SearchProtocolHost.exe

2017-06-14 05:10 - 2017-06-02 12:24 - 00391680 _____ (Microsoft Corporation) C:\windows\SysWOW64\mssph.dll

2017-06-14 05:10 - 2017-06-02 12:17 - 00699392 _____ (Microsoft Corporation) C:\windows\SysWOW64\mssvp.dll

2017-06-14 05:10 - 2017-06-02 12:02 - 02751488 _____ (Microsoft Corporation) C:\windows\SysWOW64\tquery.dll

2017-06-14 05:10 - 2017-06-02 11:43 - 01920000 _____ (Microsoft Corporation) C:\windows\SysWOW64\mssrch.dll

2017-06-14 05:10 - 2017-06-02 11:43 - 00710144 _____ (Microsoft Corporation) C:\windows\SysWOW64\SearchIndexer.exe

2017-06-14 05:10 - 2017-05-15 21:58 - 00121184 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tm.sys

2017-06-14 05:10 - 2017-05-14 22:44 - 04170240 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys

2017-06-14 05:10 - 2017-05-14 22:42 - 00107520 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tdx.sys

2017-06-14 05:10 - 2017-05-14 22:26 - 00576512 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll

2017-06-14 05:10 - 2017-05-14 22:19 - 25738752 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll

2017-06-14 05:10 - 2017-05-14 22:19 - 01364040 _____ (Microsoft Corporation) C:\windows\system32\gdi32.dll

2017-06-14 05:10 - 2017-05-14 22:10 - 00817664 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll

2017-06-14 05:10 - 2017-05-14 21:55 - 05975040 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll

2017-06-14 05:10 - 2017-05-14 21:32 - 07077376 _____ (Microsoft Corporation) C:\windows\system32\glcndFilter.dll

2017-06-14 05:10 - 2017-05-14 21:31 - 01033216 _____ (Microsoft Corporation) C:\windows\system32\inetcomm.dll

2017-06-14 05:10 - 2017-05-14 21:22 - 00499200 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll

2017-06-14 05:10 - 2017-05-14 21:19 - 00806912 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll

2017-06-14 05:10 - 2017-05-14 21:11 - 20274688 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll

2017-06-14 05:10 - 2017-05-14 21:10 - 00663552 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll

2017-06-14 05:10 - 2017-05-14 21:04 - 00315224 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\atmfd.dll

2017-06-14 05:10 - 2017-05-14 21:03 - 00373080 _____ (Adobe Systems Incorporated) C:\windows\system32\atmfd.dll

2017-06-14 05:10 - 2017-05-14 20:54 - 15252992 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll

2017-06-14 05:10 - 2017-05-14 20:52 - 03240960 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll

2017-06-14 05:10 - 2017-05-14 20:48 - 05274112 _____ (Microsoft Corporation) C:\windows\SysWOW64\glcndFilter.dll

2017-06-14 05:10 - 2017-05-14 20:46 - 00880640 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcomm.dll

2017-06-14 05:10 - 2017-05-14 20:44 - 04549120 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll

2017-06-14 05:10 - 2017-05-14 20:40 - 00693248 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll

2017-06-14 05:10 - 2017-05-14 20:38 - 07796736 _____ (Microsoft Corporation) C:\windows\system32\Windows.Data.Pdf.dll

2017-06-14 05:10 - 2017-05-14 20:37 - 01544704 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll

2017-06-14 05:10 - 2017-05-14 20:30 - 13664768 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll

2017-06-14 05:10 - 2017-05-14 20:27 - 00800768 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll

2017-06-14 05:10 - 2017-05-14 20:16 - 05268992 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Data.Pdf.dll

2017-06-14 05:10 - 2017-05-14 20:15 - 02767872 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll

2017-06-14 05:10 - 2017-05-14 20:13 - 00136904 _____ (Microsoft Corporation) C:\windows\system32\wuauclt.exe

2017-06-14 05:10 - 2017-05-14 20:11 - 01314816 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll

2017-06-14 05:10 - 2017-05-14 20:11 - 00710144 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll

2017-06-14 05:10 - 2017-05-14 20:06 - 07441240 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe

2017-06-14 05:10 - 2017-05-14 20:06 - 01737600 _____ (Microsoft Corporation) C:\windows\system32\ntdll.dll

2017-06-14 05:10 - 2017-05-14 20:06 - 01502000 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntdll.dll

2017-06-14 05:10 - 2017-05-12 19:05 - 00035840 _____ (Adobe Systems) C:\windows\SysWOW64\atmlib.dll

2017-06-14 05:10 - 2017-05-12 18:16 - 01084928 _____ (Microsoft Corporation) C:\windows\SysWOW64\gdi32.dll

2017-06-14 05:10 - 2017-05-12 18:13 - 01559552 _____ (Microsoft Corporation) C:\windows\SysWOW64\DWrite.dll

2017-06-14 05:10 - 2017-05-12 17:51 - 00029696 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuapp.exe

2017-06-14 05:10 - 2017-05-12 17:50 - 00124928 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuwebv.dll

2017-06-14 05:10 - 2017-05-12 17:48 - 00081920 _____ (Microsoft Corporation) C:\windows\SysWOW64\wudriver.dll

2017-06-14 05:10 - 2017-05-12 17:47 - 00726528 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuapi.dll

2017-06-14 05:10 - 2017-05-12 06:10 - 00044032 _____ (Adobe Systems) C:\windows\system32\atmlib.dll

2017-06-14 05:10 - 2017-05-12 04:58 - 01985536 _____ (Microsoft Corporation) C:\windows\system32\DWrite.dll

2017-06-14 05:10 - 2017-05-12 04:48 - 01377792 _____ (Microsoft Corporation) C:\windows\system32\FntCache.dll

2017-06-14 05:10 - 2017-05-12 04:18 - 03714560 _____ (Microsoft Corporation) C:\windows\system32\wuaueng.dll

2017-06-14 05:10 - 2017-05-12 04:11 - 00035840 _____ (Microsoft Corporation) C:\windows\system32\wuapp.exe

2017-06-14 05:10 - 2017-05-12 04:10 - 00140288 _____ (Microsoft Corporation) C:\windows\system32\wuwebv.dll

2017-06-14 05:10 - 2017-05-12 04:07 - 00409088 _____ (Microsoft Corporation) C:\windows\system32\WUSettingsProvider.dll

2017-06-14 05:10 - 2017-05-12 04:06 - 00095744 _____ (Microsoft Corporation) C:\windows\system32\wudriver.dll

2017-06-14 05:10 - 2017-05-12 04:04 - 00897024 _____ (Microsoft Corporation) C:\windows\system32\wuapi.dll

2017-06-14 05:10 - 2017-05-12 04:00 - 02240512 _____ (Microsoft Corporation) C:\windows\system32\wucltux.dll

2017-06-14 05:10 - 2017-05-12 01:36 - 22361848 _____ (Microsoft Corporation) C:\windows\system32\shell32.dll

2017-06-14 05:10 - 2017-05-12 01:32 - 19788672 _____ (Microsoft Corporation) C:\windows\SysWOW64\shell32.dll

2017-06-14 05:10 - 2017-05-10 20:19 - 00101720 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mountmgr.sys

2017-06-14 05:10 - 2017-05-06 18:05 - 01094656 _____ (Microsoft Corporation) C:\windows\system32\localspl.dll

2017-06-14 05:10 - 2017-05-06 18:04 - 00865792 _____ (Microsoft Corporation) C:\windows\system32\win32spl.dll

2017-06-14 05:10 - 2017-04-06 19:37 - 00445440 _____ (Microsoft Corporation) C:\windows\system32\certcli.dll

2017-06-14 05:10 - 2017-04-06 19:16 - 00615936 _____ (Microsoft Corporation) C:\windows\system32\wpd_ci.dll

2017-06-14 05:10 - 2017-04-06 18:50 - 01436672 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll

2017-06-14 05:10 - 2017-04-06 18:46 - 00434688 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll

2017-06-14 05:10 - 2017-04-06 18:46 - 00324096 _____ (Microsoft Corporation) C:\windows\SysWOW64\certcli.dll

2017-06-14 05:10 - 2017-04-06 18:35 - 01362432 _____ (Microsoft Corporation) C:\windows\system32\gpsvc.dll

2017-06-14 05:10 - 2017-04-06 18:15 - 00358912 _____ (Microsoft Corporation) C:\windows\SysWOW64\schannel.dll

2017-06-14 05:10 - 2017-04-06 17:44 - 00087040 _____ (Microsoft Corporation) C:\windows\system32\wpdbusenum.dll

2017-06-14 05:10 - 2017-04-02 16:49 - 00186880 _____ (Microsoft Corporation) C:\windows\system32\dpapisrv.dll

2017-06-14 05:10 - 2017-04-02 15:40 - 02013016 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ntfs.sys

2017-06-14 04:53 - 2017-06-14 05:01 - 262671666 _____ C:\Users\elgiganten-demo\Downloads\majuu-jouka-shoujo-utea-1-720p-opt.mp4

2017-06-13 21:31 - 2017-06-13 21:31 - 00321110 _____ C:\Users\elgiganten-demo\Downloads\watch (1).htm

2017-06-12 18:18 - 2017-06-14 00:21 - 00000000 ____D C:\Users\elgiganten-demo\Desktop\troll

2017-06-10 21:48 - 2017-06-11 15:00 - 00000838 _____ C:\Users\elgiganten-demo\Desktop\important.txt

2017-06-10 17:43 - 2017-06-15 11:12 - 00000000 ____D C:\Program Files (x86)\Windscribe

2017-06-10 17:43 - 2017-06-10 17:43 - 15139472 _____ (Windscribe ) C:\Users\elgiganten-demo\Downloads\Windscribe.exe

2017-06-10 17:43 - 2017-06-10 17:43 - 00001054 _____ C:\Users\Public\Desktop\Windscribe.lnk

2017-06-10 17:43 - 2017-06-10 17:43 - 00000000 ____D C:\Users\elgiganten-demo\AppData\Local\Windscribe

2017-06-10 17:43 - 2017-06-10 17:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windscribe

2017-06-10 17:43 - 2017-04-21 04:16 - 00045560 _____ (The OpenVPN Project) C:\windows\system32\Drivers\tapwindscribe0901.sys

2017-06-08 08:31 - 2017-06-08 08:31 - 00062020 _____ C:\Users\elgiganten-demo\Downloads\index.htm

2017-06-06 17:08 - 2017-06-06 14:16 - 01022464 _____ C:\Users\elgiganten-demo\Downloads\minecraft.exe

2017-06-06 14:18 - 2017-06-06 14:18 - 00422450 _____ C:\Users\elgiganten-demo\Downloads\VwVBLPa.rar

2017-06-06 13:29 - 2017-06-06 13:29 - 01282640 _____ C:\Users\elgiganten-demo\Desktop\ts3_recording_17_06_06_13_29_23.wav

2017-06-05 16:05 - 2017-06-05 16:05 - 02274001 _____ C:\Users\elgiganten-demo\Downloads\Menyoo Launcher (1).zip

2017-06-05 16:05 - 2017-06-05 16:05 - 00000000 ____D C:\Users\elgiganten-demo\Downloads\Menyoo Launcher (1)

2017-06-05 05:38 - 2017-06-05 05:38 - 00361775 _____ C:\Users\elgiganten-demo\Desktop\FARFAR.txt

2017-06-04 23:05 - 2017-06-04 23:05 - 04506104 _____ C:\Users\elgiganten-demo\Downloads\faithful32pack.zip

2017-06-04 04:12 - 2017-06-08 08:27 - 00000000 ____D C:\Users\elgiganten-demo\Documents\elgiganten-demo

2017-06-04 04:12 - 2017-06-04 04:12 - 00000000 ____D C:\Users\elgiganten-demo\Desktop\gta 5

2017-06-04 04:11 - 2017-06-04 04:11 - 02274001 _____ C:\Users\elgiganten-demo\Downloads\Menyoo Launcher.zip

2017-06-03 06:27 - 2017-07-02 08:48 - 00000987 _____ C:\Users\elgiganten-demo\Desktop\BlueScreenView.cfg

2017-06-03 05:14 - 2017-06-03 05:14 - 00132659 _____ C:\Users\elgiganten-demo\Downloads\BSOD.rar

2017-06-03 05:14 - 2017-05-21 17:01 - 00712740 _____ C:\Users\elgiganten-demo\Desktop\052117-23281-01.dmp

2017-06-03 05:08 - 2017-06-03 05:08 - 00067310 _____ C:\Users\elgiganten-demo\Downloads\bluescreenview.zip

2017-06-03 05:08 - 2017-06-03 05:08 - 00001579 _____ C:\Users\elgiganten-demo\Downloads\bluescreenview_swedish.zip

2017-06-03 05:04 - 2017-06-03 05:04 - 00260007 _____ C:\Users\elgiganten-demo\Downloads\Minidump.rar

2017-06-03 05:04 - 2017-06-01 16:47 - 00652756 _____ C:\Users\elgiganten-demo\Desktop\060117-30515-01.dmp

2017-06-03 05:04 - 2017-06-01 16:38 - 00715356 _____ C:\Users\elgiganten-demo\Desktop\060117-32765-01.dmp

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-07-02 14:31 - 2015-04-27 01:05 - 00000000 ____D C:\FRST

2017-07-02 14:22 - 2016-01-19 16:42 - 00000000 ____D C:\ProgramData\NVIDIA

2017-07-02 08:48 - 2017-05-03 21:08 - 00128482 _____ C:\windows\ntbtlog.txt

2017-07-02 08:48 - 2015-01-21 02:28 - 00000000 ____D C:\Users\elgiganten-demo

2017-07-02 06:43 - 2015-04-17 13:50 - 00000000 ____D C:\Users\elgiganten-demo\AppData\Roaming\Skype

2017-07-01 22:27 - 2015-07-29 20:10 - 00000000 ____D C:\Users\elgiganten-demo\AppData\Local\CrashDumps

2017-07-01 22:27 - 2015-01-29 10:11 - 00061024 _____ (NirSoft) C:\Users\elgiganten-demo\Desktop\BlueScreenView.exe

2017-07-01 22:23 - 2015-08-04 10:19 - 00000000 ____D C:\Users\elgiganten-demo\Documents\Visual Studio 2015

2017-07-01 22:04 - 2017-01-06 12:47 - 00000000 ____D C:\Program Files\SoftEther VPN Client

2017-07-01 22:00 - 2015-12-31 17:31 - 00000000 ____D C:\windows\Minidump

2017-07-01 22:00 - 2013-08-22 16:45 - 00000006 ____H C:\windows\Tasks\SA.DAT

2017-07-01 17:04 - 2015-04-17 18:04 - 00192216 _____ (Malwarebytes) C:\windows\system32\Drivers\MBAMSwissArmy.sys

2017-07-01 11:14 - 2014-08-02 12:38 - 00945396 _____ C:\windows\system32\perfh01D.dat

2017-07-01 11:14 - 2014-08-02 12:38 - 00244364 _____ C:\windows\system32\perfc01D.dat

2017-07-01 11:12 - 2013-08-22 15:25 - 00262144 ___SH C:\windows\system32\config\BBI

2017-07-01 11:09 - 2013-08-22 15:36 - 00000000 ____D C:\windows\Inf

2017-06-30 12:42 - 2013-08-22 17:36 - 00000000 ____D C:\windows\system32\NDF

2017-06-30 09:07 - 2015-04-23 16:07 - 00000000 ____D C:\Program Files (x86)\Steam

2017-06-29 03:01 - 2013-08-22 17:20 - 00000000 ____D C:\windows\CbsTemp

2017-06-28 17:15 - 2015-04-17 22:53 - 00000000 ____D C:\Users\elgiganten-demo\AppData\Roaming\.minecraft

2017-06-27 07:13 - 2015-07-08 09:15 - 00003444 _____ C:\windows\System32\Tasks\GyazoUpdateTaskMachineDaily

2017-06-27 07:13 - 2015-04-17 19:15 - 00003318 _____ C:\windows\System32\Tasks\GyazoUpdateTaskMachine

2017-06-27 07:13 - 2015-04-17 19:15 - 00000000 ____D C:\Program Files (x86)\Gyazo

2017-06-25 08:18 - 2015-04-17 19:26 - 00000000 ____D C:\Users\elgiganten-demo\.VirtualBox

2017-06-24 04:29 - 2016-03-29 15:55 - 00000000 ____D C:\Users\elgiganten-demo\AppData\Roaming\TS3Client

2017-06-24 01:22 - 2013-08-22 17:36 - 00000000 ____D C:\windows\tracing

2017-06-21 17:33 - 2015-01-21 02:33 - 00003600 _____ C:\windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3593711402-1704135711-2489708331-1001

2017-06-20 18:35 - 2015-09-05 16:18 - 00002254 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk

2017-06-18 08:25 - 2015-11-09 04:05 - 00000000 ___RD C:\Users\elgiganten-demo\Desktop\Deskt-

2017-06-16 22:12 - 2016-06-19 21:42 - 00000000 ____D C:\Users\elgiganten-demo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Roblox

2017-06-16 14:08 - 2015-01-21 02:28 - 00000000 ____D C:\Users\elgiganten-demo\AppData\Local\Packages

2017-06-16 14:08 - 2013-08-22 17:36 - 00000000 ___HD C:\Program Files\WindowsApps

2017-06-16 14:08 - 2013-08-22 17:36 - 00000000 ____D C:\windows\AppReadiness

2017-06-15 11:24 - 2013-08-22 17:36 - 00000000 ____D C:\windows\rescache

2017-06-15 11:11 - 2017-05-12 11:27 - 00350520 _____ C:\windows\system32\FNTCACHE.DAT

2017-06-15 11:11 - 2015-04-23 22:44 - 00000000 ____D C:\Program Files (x86)\360

2017-06-15 00:53 - 2013-08-22 17:36 - 00000000 ___RD C:\windows\ToastData

2017-06-14 13:31 - 2015-01-31 06:59 - 00000000 ____D C:\windows\system32\MRT

2017-06-14 13:26 - 2015-01-31 06:59 - 133627792 ____C (Microsoft Corporation) C:\windows\system32\MRT.exe

2017-06-14 04:59 - 2017-04-12 06:22 - 00201728 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb20.sys

2017-06-14 04:58 - 2017-04-12 06:22 - 00401408 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb.sys

2017-06-14 04:58 - 2017-04-12 06:22 - 00285184 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb10.sys

2017-06-13 15:41 - 2016-01-29 19:30 - 00000000 ____D C:\Program Files\Rockstar Games

2017-06-13 15:41 - 2016-01-29 19:30 - 00000000 ____D C:\Program Files (x86)\Rockstar Games

2017-06-07 22:37 - 2017-03-24 00:32 - 00000000 ____D C:\Users\elgiganten-demo\Desktop\imp

2017-06-05 15:13 - 2017-01-09 21:09 - 00000950 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 12.lnk

2017-06-05 15:13 - 2015-04-23 00:26 - 00000000 ____D C:\Program Files (x86)\TeamViewer

2017-06-04 04:11 - 2017-05-23 07:42 - 02421248 _____ () C:\Users\elgiganten-demo\Desktop\Menyoo Launcher.exe

2017-06-04 04:11 - 2017-05-23 07:42 - 00020480 _____ () C:\Users\elgiganten-demo\Desktop\LauncherUI.dll

2017-06-04 04:11 - 2017-05-14 04:07 - 00011776 _____ C:\Users\elgiganten-demo\Desktop\Inject.dll

2017-06-03 04:31 - 2016-11-10 10:21 - 00835576 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe

2017-06-03 04:31 - 2016-11-10 10:21 - 00177656 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl

2017-06-02 02:40 - 2017-06-01 21:59 - 00000034 _____ C:\Users\elgiganten-demo\Desktop\minecraft.txt

==================== Files in the root of some directories =======

2016-12-13 19:54 - 2016-12-13 19:54 - 0001167 _____ () C:\Users\elgiganten-demo\AppData\Roaming\trace_FilterInstaller.txt

2016-12-13 19:54 - 2016-12-13 19:54 - 0000000 _____ () C:\Users\elgiganten-demo\AppData\Roaming\trace_FilterInstaller.txt-CRT.txt

2016-08-20 19:42 - 2016-10-10 23:35 - 0000600 _____ () C:\Users\elgiganten-demo\AppData\Roaming\winscp.rnd

2016-08-20 15:24 - 2017-03-17 16:49 - 0000600 _____ () C:\Users\elgiganten-demo\AppData\Local\PUTTY.RND

2015-07-19 04:59 - 2015-07-19 04:59 - 0000741 _____ () C:\Users\elgiganten-demo\AppData\Local\recently-used.xbel

2015-06-20 00:59 - 2016-01-13 16:45 - 0007606 _____ () C:\Users\elgiganten-demo\AppData\Local\Resmon.ResmonCfg

2017-01-06 11:34 - 2017-01-26 18:36 - 0011639 _____ () C:\ProgramData\NvTelemetryContainer.log

Some files in TEMP:

====================

2017-05-03 20:45 - 2017-04-20 02:18 - 0867968 _____ (NVIDIA Corporation) C:\Users\elgiganten-demo\AppData\Local\Temp\nvSCPAPI64.dll

2017-05-24 17:41 - 2017-04-20 02:18 - 0367736 _____ (NVIDIA Corporation) C:\Users\elgiganten-demo\AppData\Local\Temp\nvStInst.exe

2017-07-02 00:12 - 2017-07-02 00:12 - 1347216 _____ (Sysinternals - www.sysinternals.com) C:\Users\elgiganten-demo\AppData\Local\Temp\procexp64.exe

2017-05-19 22:54 - 2017-06-19 18:46 - 58684896 _____ (Skype Technologies S.A.) C:\Users\elgiganten-demo\AppData\Local\Temp\SkypeSetup.exe

2017-06-30 14:42 - 2017-06-30 14:42 - 1639936 _____ (CPUID) C:\Users\elgiganten-demo\AppData\Local\Temp\speccycpuid.dll

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\windows\system32\winlogon.exe => File is digitally signed

C:\windows\system32\wininit.exe => File is digitally signed

C:\windows\explorer.exe => File is digitally signed

C:\windows\SysWOW64\explorer.exe => File is digitally signed

C:\windows\system32\svchost.exe => File is digitally signed

C:\windows\SysWOW64\svchost.exe => File is digitally signed

C:\windows\system32\services.exe => File is digitally signed

C:\windows\system32\User32.dll => File is digitally signed

C:\windows\SysWOW64\User32.dll => File is digitally signed

C:\windows\system32\userinit.exe => File is digitally signed

C:\windows\SysWOW64\userinit.exe => File is digitally signed

C:\windows\system32\rpcss.dll => File is digitally signed

C:\windows\system32\dnsapi.dll => File is digitally signed

C:\windows\SysWOW64\dnsapi.dll => File is digitally signed

C:\windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2017-07-01 11:24

==================== End of FRST.txt ============================

Edited by Alduin, 02 July 2017 - 06:47 AM.

#2
Alduin

Posted 02 July 2017 - 06:58 AM

Banned

Topic Starter
Banned
55 posts

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 29-06-2017

Ran by elgiganten-demo (02-07-2017 14:33:08)

Running from C:\Users\elgiganten-demo\Downloads

Windows 8.1 (Update) (X64) (2015-01-21 00:27:58)

Boot Mode: Normal

==========================================================

==================== Accounts: =============================

Administratör (S-1-5-21-3593711402-1704135711-2489708331-500 - Administrator - Disabled)

elgiganten-demo (S-1-5-21-3593711402-1704135711-2489708331-1001 - Administrator - Enabled) => C:\Users\elgiganten-demo

Gäst (S-1-5-21-3593711402-1704135711-2489708331-501 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

.NET Reflector Desktop (HKLM-x32\...\{34795E6B-338D-4A6D-8BCE-906AD056AF4F}) (Version: 9.0.1.374 - Red Gate Software Ltd)

.NET Reflector Visual Studio Extension 9.0 (HKLM-x32\...\{BDF47606-A702-4FDF-8003-F5B807F54DA3}) (Version: 9.0.1.374 - Red Gate Software Ltd)

7-Zip 16.02 (x64) (HKLM\...\7-Zip) (Version: 16.02 - Igor Pavlov)

A3Launcher version 0.1.4.6 (HKLM-x32\...\{1E29A86E-9AE2-4CD8-74C8-6B170ED3C4D2}_is1) (Version: 0.1.4.6 - Maca134)

Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 4.0.1.188 - Adobe Systems Incorporated)

Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.188 - Adobe Systems Incorporated)

Adobe Photoshop CC 2017 (HKLM-x32\...\PHSP_18_1) (Version: 18.1.0 - Adobe Systems Incorporated)

Aftermath (HKLM\...\Steam App 349700) (Version: - Free Reign Entertainment)

Alcor Micro USB Card Reader Driver (HKLM-x32\...\{7F28165B-148D-4672-AA21-469D9E6E3CB6}) (Version: 20.21.3317.03861 - Alcor Micro Corp.) Hidden

Alcor Micro USB Card Reader Driver (HKLM-x32\...\AmUStor) (Version: 20.21.3317.03861 - Alcor Micro Corp.)

Ansel (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Ansel) (Version: 382.33 - NVIDIA Corporation) Hidden

APB Reloaded (HKLM-x32\...\Steam App 113400) (Version: - Reloaded Productions)

Application Insights Tools for Visual Studio 2015 (HKLM-x32\...\{9F429DF7-F8DD-4980-9673-E6DACA012F6C}) (Version: 3.3 - Microsoft Corporation) Hidden

Arma 3 (HKLM\...\Steam App 107410) (Version: - Bohemia Interactive)

Authoirty (HKLM\...\{69C97AF5-465E-4C36-B7C7-DAD597ED4E78}) (Version: 1.3.5 - Menyoo) Hidden

Authoirty (HKLM-x32\...\Authoirty 1.3.5) (Version: 1.3.5 - Menyoo)

Authority (HKLM\...\{83BF47B4-D7C2-4127-A4A8-AD309DA95111}) (Version: 1.6.0 - Menyoo) Hidden

Authority (HKLM\...\{D4B72E58-BFC3-489B-A3A9-94ED22D7FE2D}) (Version: 1.7.1 - Menyoo) Hidden

Authority (HKLM-x32\...\Authority 1.6.0) (Version: 1.6.0 - Menyoo)

Authority (HKLM-x32\...\Authority 1.7.1) (Version: 1.7.1 - Menyoo)

Auto Clicker v3.1 (HKLM-x32\...\{C0A7E4F3-82CC-416B-82C6-BA06AACFD635}_is1) (Version: 3.1 - MurGee.com)

Auto Typer by MurGee v1.16 (HKLM-x32\...\{D04D8636-FB60-47FD-8F8C-18D475C52456}_is1) (Version: 1.16 - MurGee.com)

AutoHotkey 1.1.22.02 (HKLM\...\AutoHotkey) (Version: 1.1.22.02 - Lexikos)

Azure AD Authentication Connected Service (HKLM-x32\...\{3FEAC561-1CF6-41D6-B0F3-BECDD9C88A1B}) (Version: 14.0.23107 - Microsoft Corporation) Hidden

AzureTools.Notifications (HKLM-x32\...\{1E5CA362-39B6-4BD0-B9C0-69CF15F0FEA2}) (Version: 2.7.30611.1601 - Microsoft Corporation) Hidden

BankID säkerhetsprogram (HKLM-x32\...\{81F0D54A-F439-424E-9872-FB9B56C24AEB}) (Version: 7.0.0.41 - Finansiell ID-Teknik BID AB)

Battlefield 4™ (HKLM-x32\...\{ABADE36E-EC37-413B-8179-B432AD3FACE7}) (Version: 1.8.2.48475 - Electronic Arts)

Battlefield™ 1 Open Beta (HKLM-x32\...\{F9E19363-7B10-4F8A-8640-945C36D4B504}) (Version: 1.0.8.10777 - Electronic Arts)

Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.3.0 - EA Digital Illusions CE AB)

Blend for Visual Studio SDK for .NET 4.5 (HKLM-x32\...\{37E53780-3944-4A6A-842F-727128E8616E}) (Version: 3.0.40218.0 - Microsoft Corporation) Hidden

Blueline 1.1.1 (HKLM-x32\...\Blueline_is1) (Version: - )

BlueStacks App Player (HKLM-x32\...\{38E69C88-1B39-4A51-96D2-303337D9C210}) (Version: 2.2.18.6014 - BlueStack Systems, Inc.)

Cain & Abel 4.9.56 (HKLM-x32\...\Cain & Abel 4.9.56) (Version: - )

Call of Duty: Advanced Warfare - Multiplayer (HKLM-x32\...\Steam App 209660) (Version: - Sledgehammer Games)

CCleaner (HKLM\...\CCleaner) (Version: 5.13 - Piriform)

CommView (HKLM-x32\...\{70C4E840-DAB4-11DF-5F90-014727066952}) (Version: 6.5 - TamoSoft)

Counter-Strike: Global Offensive (HKLM\...\Steam App 730) (Version: - Valve)

Counter-Strike: Source (HKLM-x32\...\Steam App 240) (Version: - Valve)

CPUID CPU-Z 1.72 (HKLM\...\CPUID CPU-Z_is1) (Version: - )

Creativerse (HKLM\...\Steam App 280790) (Version: - Playful Corporation)

CyberLink Media Suite 10 (HKLM-x32\...\InstallShield_{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}) (Version: 10.0.6.3728 - CyberLink Corp.)

Cyberlink PhotoDirector (HKLM-x32\...\InstallShield_{39337565-330E-4ab6-A9AE-AC81E0720B10}) (Version: 3.0.5.4824 - CyberLink Corp.)

CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.6.3702 - CyberLink Corp.)

CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.6.3625 - CyberLink Corp.)

CyberLink PowerDVD 12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.3.3626 - CyberLink Corp.)

D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden

DisableMSDefender (HKLM\...\{74FE39A0-FB76-47CD-84BA-91E2BBB17EF2}) (Version: 1.0.0 - Hewlett-Packard Company) Hidden

Discord (HKU\S-1-5-21-3593711402-1704135711-2489708331-1001\...\Discord) (Version: 0.0.297 - Hammer & Chisel, Inc.)

Dotfuscator and Analytics Community Edition 5.18.1 (HKLM-x32\...\{9890DF1A-10E9-4236-94B1-1EFAA4099F13}) (Version: 5.18.1.2898 - PreEmptive Solutions) Hidden

Energy Star (HKLM-x32\...\{FC0ADA4D-8FA5-4452-8AFF-F0A0BAC97EF7}) (Version: 1.0.9 - Hewlett-Packard Company)

Entity Framework 6.1.3 Tools for Visual Studio 2015 (HKLM-x32\...\{1A8A9739-BAD7-491F-B5B9-A79A2B965422}) (Version: 14.0.40302.0 - Microsoft Corporation)

ESN Sonar (HKLM-x32\...\ESN Sonar-0.70.4) (Version: 0.70.4 - ESN Social Software AB)

ExpressCache (HKLM\...\{44EAE7F6-8BBF-4C3F-A573-3CD5A3C067FA}) (Version: 1.3.110.0 - Condusiv Technologies)

Fallout 3 (HKLM-x32\...\Steam App 22300) (Version: - Bethesda Game Studios)

FlyVPN (HKLM-x32\...\FlyVPN) (Version: 3.5.1.1 - FlyVPN)

Fotogalleriet (HKLM-x32\...\{5FF3045E-4A36-4B98-9F7F-48B49F4469C7}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden

Fraps (HKLM-x32\...\Fraps) (Version: - )

Google Chrome (HKLM-x32\...\Google Chrome) (Version: 59.0.3071.104 - Google Inc.)

Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.5 - Google Inc.) Hidden

Gpg4win (2.3.3) (HKLM-x32\...\GPG4Win) (Version: 2.3.3 - The Gpg4win Project)

Grand Theft Auto IV (HKLM\...\Steam App 12210) (Version: - Rockstar North)

Grand Theft Auto V (HKLM-x32\...\{E01FA564-2094-4833-8F2F-1FFEC6AFCC46}) (Version: "1.00.0000" - Rockstar Games)

Grand Theft Auto V (HKLM-x32\...\Steam App 271590) (Version: - Rockstar North)

Gyazo 3.3.2 (HKLM-x32\...\{6DB8C365-E719-4BA5-9594-10DFC244D3FD}_is1) (Version: - Nota Inc.)

H1Z1: Just Survive (HKLM\...\Steam App 295110) (Version: - Daybreak Game Company)

H1Z1: King of the Kill (HKLM\...\Steam App 433850) (Version: - Daybreak Game Company)

Hewlett-Packard ACLM.NET v1.2.2.3 (HKLM-x32\...\{6F340107-F9AA-47C6-B54C-C3A19F11553F}) (Version: 1.00.0000 - Hewlett-Packard Company) Hidden

HP Documentation (HKLM-x32\...\{06600E94-1C34-40E2-AB09-D30AECF78172}) (Version: 1.1.0.0 - Hewlett-Packard)

HP Registration Service (HKLM\...\{D1E8F2D7-7794-4245-B286-87ED86C1893C}) (Version: 1.2.7493.4758 - Hewlett-Packard)

HP SimplePass (HKLM-x32\...\InstallShield_{314FAD12-F785-4471-BCE8-AB506642B9A1}) (Version: 8.01.06 - Hewlett-Packard)

HP Support Assistant (HKLM-x32\...\{8C696B4B-6AB1-44BC-9416-96EAC474CABE}) (Version: 7.5.2.12 - Hewlett-Packard Company)

HP Support Information (HKLM-x32\...\{B2B7B1C8-7C8B-476C-BE2C-049731C55992}) (Version: 13.00.0000 - Hewlett-Packard)

HxD Hex Editor version 1.7.7.0 (HKLM-x32\...\HxD Hex Editor_is1) (Version: 1.7.7.0 - Maël Hörz)

ICQ (version 10.0.12154) (HKU\S-1-5-21-3593711402-1704135711-2489708331-1001\...\icq.desktop) (Version: 10.0.12154 - ICQ)

IDA Pro Free v5.0 (HKLM-x32\...\IDA Pro Free_is1) (Version: - Hex-Rays SA)

IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6496.0 - IDT)

IIS 10.0 Express (HKLM\...\{5984D8DA-C1AF-4284-9C88-D7150425B315}) (Version: 10.0.1734 - Microsoft Corporation)

IIS Express Application Compatibility Database for x64 (HKLM\...\{08274920-8908-45c2-9258-8ad67ff77b09}.sdb) (Version: - )

IIS Express Application Compatibility Database for x86 (HKLM\...\{ad846bae-d44b-4722-abad-f7420e08bcd9}.sdb) (Version: - )

i-Menu version 4.1.3 (HKLM-x32\...\{0121C0BD-363C-4B1D-8B64-FE7681A37D0A}_is1) (Version: 4.1.3 - AOC)

Inst5675 (HKLM\...\{2DE6247C-7077-451B-8BA7-FFD1A2ABBB47}) (Version: 8.01.06 - Softex Inc.) Hidden

Inst5676 (HKLM\...\{878F6913-7421-4713-97F7-0A736EE2A188}) (Version: 8.01.06 - Softex Inc.) Hidden

Java 7 Update 79 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F06417079FF}) (Version: 7.0.790 - Oracle)

Java 8 Update 60 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418060F0}) (Version: 8.0.600.27 - Oracle Corporation)

Java SE Development Kit 7 Update 79 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0170790}) (Version: 1.7.0.790 - Oracle)

JetBrains dotPeek 2016.2.2 (HKU\S-1-5-21-3593711402-1704135711-2489708331-1001\...\{74577882-de65-576a-a99d-1ee8fe04c0b3}) (Version: 2016.2.2 - JetBrains s.r.o.)

JetBrains ReSharper Ultimate in Visual Studio 2015 (HKU\S-1-5-21-3593711402-1704135711-2489708331-1001\...\{02ee0a0e-7567-5503-9c73-1d5e05353513}) (Version: 2016.2.2 - JetBrains s.r.o.)

JKZ Mod (HKU\S-1-5-21-3593711402-1704135711-2489708331-1001\...\48aca53fe04c254a) (Version: 1.0.0.0 - Hewlett-Packard Company)

Last Man Standing (HKLM\...\Steam App 506540) (Version: - Free Reign Entertainment)

Logitech G430 Driver (HKLM-x32\...\G430_Driver) (Version: 8.53.0.2 - Logitech)

Logitech Gaming Software 8.81 (HKLM\...\Logitech Gaming Software) (Version: 8.81.15 - Logitech Inc.)

Malwarebytes Anti-Malware version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)

MasterKeys Pro L Settings software (HKLM-x32\...\{1A3E3EA7-5A7C-4292-8A13-B0DE1BF49E13}_MASTERKEYS_PRO_L) (Version: 0.051 - Cooler Master)

Menyoo (HKLM\...\{D01E76E8-1A8D-4AB6-9D8D-0F2C78D37F3B}) (Version: 1.7.5 - Menyoo) Hidden

Menyoo (HKLM-x32\...\Menyoo 1.7.5) (Version: 1.7.5 - Menyoo)

Microsoft .NET Framework 4.5 Multi-Targeting Pack (HKLM-x32\...\{56E962F0-4FB0-3C67-88DB-9EAA6EEFC493}) (Version: 4.5.50710 - Microsoft Corporation)

Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (ENU) (HKLM-x32\...\{D3517C62-68A5-37CF-92F7-93C029A89681}) (Version: 4.5.50932 - Microsoft Corporation)

Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (HKLM-x32\...\{6A0C6700-EA93-372C-8871-DCCF13D160A4}) (Version: 4.5.50932 - Microsoft Corporation)

Microsoft .NET Framework 4.5.1 SDK (HKLM-x32\...\{19A5926D-66E1-46FC-854D-163AA10A52D3}) (Version: 4.5.51641 - Microsoft Corporation)

Microsoft .NET Framework 4.5.2 Multi-Targeting Pack (ENU) (HKLM-x32\...\{290FC320-2F5A-329E-8840-C4193BD7A9EE}) (Version: 4.5.51209 - Microsoft Corporation)

Microsoft .NET Framework 4.5.2 Multi-Targeting Pack (HKLM-x32\...\{B941AFB4-8851-33A1-9E72-0C33D463C41C}) (Version: 4.5.51209 - Microsoft Corporation)

Microsoft .NET Framework 4.6 SDK (HKLM-x32\...\{B5915D37-0637-4A26-A3AA-C5DC9F856370}) (Version: 4.6.00081 - Microsoft Corporation)

Microsoft .NET Framework 4.6 Targeting Pack (ENU) (HKLM-x32\...\{3D3CEBE6-40EA-4C48-97FD-73828281AB4A}) (Version: 4.6.00081 - Microsoft Corporation)

Microsoft .NET Framework 4.6 Targeting Pack (HKLM-x32\...\{2CC6A4A7-AAC2-46C9-9DBB-3727B5954F65}) (Version: 4.6.00081 - Microsoft Corporation)

Microsoft .NET Version Manager (x64) 1.0.0-beta5 (HKLM\...\{c5a4aba3-1aba-3ef8-b2d5-c3fa37f59738}) (Version: 1.0.10609.0 - Microsoft Corporation)

Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)

Microsoft Expression Encoder 4 (HKLM-x32\...\Encoder_4.0.1651.0) (Version: 4.0.1651.0 - Microsoft Corporation)

Microsoft Expression Encoder 4 Screen Capture Codec (HKLM-x32\...\{F940D859-DDB5-4067-82E2-3C8D02F8E09F}) (Version: 4.0.1653.0 - Microsoft Corporation)

Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation)

Microsoft Games for Windows Marketplace (HKLM-x32\...\{67F42018-F647-4D3C-BE62-F8CB4FE2FCD5}) (Version: 3.5.67.0 - Microsoft Corporation)

Microsoft Help Viewer 2.2 (HKLM-x32\...\Microsoft Help Viewer 2.2) (Version: 2.2.23107 - Microsoft Corporation)

Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation)

Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)

Microsoft SQL Server 2012 Command Line Utilities (HKLM\...\{9D573E71-1077-4C7E-B4DB-4E22A5D2B48B}) (Version: 11.0.2100.60 - Microsoft Corporation)

Microsoft SQL Server 2012 Native Client (HKLM\...\{49D665A2-4C2A-476E-9AB8-FCC425F526FC}) (Version: 11.0.2100.60 - Microsoft Corporation)

Microsoft SQL Server 2014 Management Objects (HKLM-x32\...\{2774595F-BC2A-4B12-A25B-0C37A37049B0}) (Version: 12.0.2000.8 - Microsoft Corporation)

Microsoft SQL Server 2014 Management Objects (x64) (HKLM\...\{1F9EB3B6-AED7-4AA7-B8F1-8E314B74B2A5}) (Version: 12.0.2000.8 - Microsoft Corporation)

Microsoft SQL Server 2014 Transact-SQL ScriptDom (HKLM\...\{020CDFE0-C127-4047-B571-37C82396B662}) (Version: 12.0.2000.8 - Microsoft Corporation)

Microsoft SQL Server 2014 T-SQL Language Service (HKLM-x32\...\{47D08E7A-92A1-489B-B0BF-415516497BCE}) (Version: 12.0.2000.8 - Microsoft Corporation)

Microsoft SQL Server Compact 4.0 SP1 x64 ENU (HKLM\...\{78909610-D229-459C-A936-25D92283D3FD}) (Version: 4.0.8876.1 - Microsoft Corporation)

Microsoft SQL Server Data Tools - enu (14.0.50616.0) (HKLM-x32\...\{58246C80-3941-4B69-AE31-264644E2ADB8}) (Version: 14.0.50616.0 - Microsoft Corporation)

Microsoft System CLR Types for SQL Server 2014 (HKLM\...\{68BA34E8-9B9D-4A74-83F0-7D366B532D75}) (Version: 12.0.2402.11 - Microsoft Corporation)

Microsoft System CLR Types for SQL Server 2014 (HKLM-x32\...\{718FFB65-F6E4-4D62-861F-ED10ED32C936}) (Version: 12.0.2402.11 - Microsoft Corporation)

Microsoft Web Deploy 3.6 (HKLM\...\{ED4CC1E5-043E-4157-8452-B5E533FE2BA1}) (Version: 3.1238.1955 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)

Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)

Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)

Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)

Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)

Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)

Microsoft Visual Studio Community 2015 (HKLM-x32\...\{50b32652-69d2-4b93-9316-edcd12067b8b}) (Version: 14.0.23107.10 - Microsoft Corporation)

Movie Maker (HKLM-x32\...\{5D3B997B-DF28-4BC1-82E6-E6C29A53AF6E}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden

Movie Maker (HKLM-x32\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden

Mozilla Firefox 51.0.1 (x86 sv-SE) (HKLM-x32\...\Mozilla Firefox 51.0.1 (x86 sv-SE)) (Version: 51.0.1 - Mozilla)

Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 51.0.1.6234 - Mozilla)

MSI Afterburner 4.2.0 (HKLM-x32\...\Afterburner) (Version: 4.2.0 - MSI Co., LTD)

MSI Gaming APP (HKLM-x32\...\{E0229316-E73B-484B-B9E0-45098AB38D8C}}_is1) (Version: 5.0.0.25 - MSI)

MSI Live Update 6 (HKLM-x32\...\{4F46CF54-47D2-41F4-B230-B0954C544420}}_is1) (Version: 6.1.009 - MSI)

Multi-Device Hybrid Apps using C# - Templates - ENU (HKLM-x32\...\{12D99739-FFD3-3761-8AA6-F929E0FE407E}) (Version: 14.0.23107 - Microsoft Corporation) Hidden

NordVPN (HKLM-x32\...\{24202B92-D2A2-4FCE-A041-D6E7DE02603C}) (Version: 6.0.0 - NordVPN) Hidden

NordVPN (HKLM-x32\...\NordVPN 6.0.0) (Version: 6.0.0 - NordVPN)

Notepad++ (32-bit x86) (HKLM-x32\...\Notepad++) (Version: 7.2 - Notepad++ Team)

NVIDIA 3D Vision drivrutin 382.33 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 382.33 - NVIDIA Corporation)

NVIDIA 3D Vision drivrutin för styrenhet 369.04 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 369.04 - NVIDIA Corporation)

NVIDIA GeForce Experience 3.6.0.74 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.6.0.74 - NVIDIA Corporation)

NVIDIA Grafikdrivrutin 382.33 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 382.33 - NVIDIA Corporation)

NVIDIA HD audiodrivrutin 1.3.34.26 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.26 - NVIDIA Corporation)

NVIDIA Miracast virtuell audio 382.33 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Miracast.VirtualAudio) (Version: 382.33 - NVIDIA Corporation)

NVIDIA PhysX systemprogramvara 9.17.0329 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0329 - NVIDIA Corporation)

NvNodejs (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvNodejs) (Version: 3.6.0.74 - NVIDIA Corporation) Hidden

NvTelemetry (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvTelemetry) (Version: 2.4.10.0 - NVIDIA Corporation) Hidden

NvvHci (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvvHci) (Version: 2.02.0.5 - NVIDIA Corporation) Hidden

OCCT 4.4.1 (HKLM-x32\...\OCCT) (Version: 4.4.1 - Ocbase.com)

Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version: - )

OpenIV (HKU\S-1-5-21-3593711402-1704135711-2489708331-1001\...\OpenIV) (Version: 2.8.703 - .black/OpenIV Team)

OpenVPN Connect (HKLM-x32\...\{3D9A5267-3236-4BCC-AA45-2CE16F531187}) (Version: 2.0.8.106 - OpenVPN Technologies)

Opera Stable 44.0.2510.857 (HKLM-x32\...\Opera 44.0.2510.857) (Version: 44.0.2510.857 - Opera Software)

Oracle VM VirtualBox 5.1.4 (HKLM\...\{4EF3FBF6-697D-440A-AADA-7F5D39B73E62}) (Version: 5.1.4 - Oracle Corporation)

Origin (HKLM-x32\...\Origin) (Version: 10.4.9.38188 - Electronic Arts, Inc.)

osu! (HKLM-x32\...\{72f18568-8b56-4dbd-89ef-4c13a51c8fa2}) (Version: latest - ppy Pty Ltd)

PC Wizard 2013.2.12 (HKLM-x32\...\PC Wizard 2013_is1) (Version: - CPUID)

Phoenix Protector (HKLM-x32\...\{32A1C684-C199-4DD2-9F89-8F44C655D4EC}) (Version: 1.7.1 - NTCore)

Pidgin (HKLM-x32\...\Pidgin) (Version: 2.12.0 - )

Pokki (HKU\S-1-5-21-3593711402-1704135711-2489708331-1001\...\SweetLabs_AP) (Version: 0.269.7.983 - Pokki)

PreEmptive Analytics Visual Studio Components (HKLM-x32\...\{436A18DD-5F2C-4B3C-985E-AD3C13B0CC25}) (Version: 1.2.5134.1 - PreEmptive Solutions) Hidden

Prerequisites for SSDT (HKLM-x32\...\{21373064-AD95-48DB-A32E-0D9E08EF7355}) (Version: 12.0.2000.8 - Microsoft Corporation)

Project CARS (HKLM\...\Steam App 234630) (Version: - Slightly Mad Studios)

PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)

Python 3.5.2 (32-bit) (HKU\S-1-5-21-3593711402-1704135711-2489708331-1001\...\{cf72a2ab-2f1d-49fd-a0d7-1065e6357e1e}) (Version: 3.5.2150.0 - Python Software Foundation)

Python 3.5.2 Core Interpreter (32-bit) (HKLM-x32\...\{EB0611B2-7F10-4D97-BCF2-DCAAB1199498}) (Version: 3.5.2150.0 - Python Software Foundation) Hidden

Python 3.5.2 Development Libraries (32-bit) (HKLM-x32\...\{5DB2183B-62D3-407F-BBC1-EAD2F36283FA}) (Version: 3.5.2150.0 - Python Software Foundation) Hidden

Python 3.5.2 Documentation (32-bit) (HKLM-x32\...\{1FBA5182-78DD-4940-9F06-96E5042B7061}) (Version: 3.5.2150.0 - Python Software Foundation) Hidden

Python 3.5.2 Executables (32-bit) (HKLM-x32\...\{33B10015-A9B1-4210-B50A-26C6443979B0}) (Version: 3.5.2150.0 - Python Software Foundation) Hidden

Python 3.5.2 pip Bootstrap (32-bit) (HKLM-x32\...\{9ADF9987-3327-48C6-91B3-B10900366491}) (Version: 3.5.2150.0 - Python Software Foundation) Hidden

Python 3.5.2 Standard Library (32-bit) (HKLM-x32\...\{FCBB04F4-D2CF-4F55-BE92-B3898696B318}) (Version: 3.5.2150.0 - Python Software Foundation) Hidden

Python 3.5.2 Tcl/Tk Support (32-bit) (HKLM-x32\...\{C1153533-FDC4-4922-892D-B71810F69566}) (Version: 3.5.2150.0 - Python Software Foundation) Hidden

Python 3.5.2 Test Suite (32-bit) (HKLM-x32\...\{9D50A6D7-410A-4469-87B7-35FA84CBD479}) (Version: 3.5.2150.0 - Python Software Foundation) Hidden

Python 3.5.2 Utility Scripts (32-bit) (HKLM-x32\...\{E6DEBF43-7ACF-4E88-9BBF-9B5945683281}) (Version: 3.5.2150.0 - Python Software Foundation) Hidden

Python Launcher (HKLM-x32\...\{963ECCDD-F09F-4C24-9367-8B5D748AA7C8}) (Version: 3.5.2121.0 - Python Software Foundation)

qTox (HKLM-x32\...\qTox) (Version: 1.8.1 - The qTox Project)

Qualcomm Atheros Driver Installation Program (HKLM-x32\...\{C3A32068-8AB1-4327-BB16-BED9C6219DC7}) (Version: 10.0 - Qualcomm Atheros)

Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9200.30164 - Realtek Semiconductor Corp.)

Recovery Manager (HKLM-x32\...\{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}) (Version: 5.5.0.7316 - CyberLink Corp.) Hidden

Recuva (HKLM\...\Recuva) (Version: 1.53 - Piriform)

Remote Desktop Connection Manager (HKLM-x32\...\{0240359E-6A4C-4884-9E94-B397A02D893C}) (Version: 2.7.14060 - Microsoft Corporation)

Resource Hacker Version 4.2.5 (HKLM-x32\...\ResourceHacker_is1) (Version: - )

Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)

rFactor Demo (HKLM-x32\...\Steam App 353320) (Version: - Image Space Incorporated)

Rising World (HKLM\...\Steam App 324080) (Version: - JIW-Games)

RivaTuner Statistics Server 6.4.1 (HKLM-x32\...\RTSS) (Version: 6.4.1 - Unwinder)

ROBLOX Player for elgiganten-demo (HKU\S-1-5-21-3593711402-1704135711-2489708331-1001\...\{373B1718-8CC5-4567-8EE2-9033AD08A680}) (Version: - ROBLOX Corporation)

Robocraft (HKLM-x32\...\Steam App 301520) (Version: - Freejam)

RoBoRumble (HKLM\...\Steam App 420970) (Version: - Metropolis)

Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.2.1.9 - Rockstar Games)

Roslyn Language Services - x86 (HKLM-x32\...\{5B47029B-1E62-30FF-906E-694851C22782}) (Version: 14.0.23107 - Microsoft Corporation) Hidden

Roslyn Language Services - x86 (HKLM-x32\...\{6C1985E7-E1C5-3A95-86EF-2C62465F15C3}) (Version: 14.0.23107 - Microsoft Corporation) Hidden

S.K.I.L.L. - Special Force 2 (HKLM-x32\...\Steam App 286940) (Version: - )

Sandboxie 5.12 (64-bit) (HKLM\...\Sandboxie) (Version: 5.12 - Sandboxie Holdings, LLC)

SHIELD Streaming (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv) (Version: 7.1.0370 - NVIDIA Corporation) Hidden

SHIELD Wireless Controller Driver (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShieldWirelessController) (Version: 3.6.0.74 - NVIDIA Corporation) Hidden

Skype™ 7.25 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.25.106 - Skype Technologies S.A.)

SmartAssembly 6 (HKLM\...\{09D5CC0D-0505-4A3D-AB2D-560206B0E6EB}) (Version: 6.9.0.114 - Red Gate Software Ltd)

SoftEther VPN Client (HKLM\...\softether_sevpnclient) (Version: 4.22.9634 - SoftEther VPN Project)

Speccy (HKLM\...\Speccy) (Version: 1.28 - Piriform)

SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version: - )

Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)

TAP-Windows 9.21.2 (HKLM\...\TAP-Windows) (Version: 9.21.2 - )

Team Explorer for Microsoft Visual Studio 2015 (HKLM-x32\...\{791295AE-3B0A-3222-9E69-26C8C106E8D1}) (Version: 14.0.23102 - Microsoft Corporation) Hidden

Team Fortress 2 (HKLM-x32\...\Steam App 440) (Version: - Valve)

TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.18 - TeamSpeak Systems GmbH)

TeamViewer 12 (HKLM-x32\...\TeamViewer) (Version: 12.0.78313 - TeamViewer)

Telerik JustDecompile Q2 2016 SP2 (HKLM-x32\...\{46E0879B-43C3-467D-91DD-56723E3F6378}) (Version: 16.2.718.0 - Telerik AD)

Test Tools for Microsoft Visual Studio 2015 (HKLM-x32\...\{9EABBFE1-7EED-47D9-8FB8-21D7E4808057}) (Version: 14.0.23107 - Microsoft Corporation) Hidden

The Elder Scrolls V: Skyrim (HKLM-x32\...\Steam App 72850) (Version: - Bethesda Game Studios)

Tom Clancy's Ghost Recon Phantoms - EU (HKLM-x32\...\Steam App 272350) (Version: - Ubisoft Singapore)

TypeScript Power Tool (HKLM-x32\...\{6E3FB6C9-8C3C-45D4-BD9E-AECA430EE8E0}) (Version: 1.5.3.0 - Microsoft Corporation) Hidden

TypeScript Tools for Microsoft Visual Studio 2015 (HKLM-x32\...\{EA2C2406-C25C-4845-842F-360EFEA4CDCE}) (Version: 1.5.3.0 - Microsoft Corporation) Hidden

TypeScript Tools for Microsoft Visual Studio 2015 1.5.3.0 (HKLM-x32\...\{7f54b430-3428-4775-aeae-531e46185ec6}) (Version: 1.5.23115.0 - Microsoft Corporation)

Universal CRT Extension SDK (HKLM-x32\...\{284FA9A0-CEDD-81D3-5A19-5858E95FD0C4}) (Version: 10.0.10150 - Microsoft Corporation) Hidden

Universal CRT Headers Libraries and Sources (HKLM-x32\...\{ABD37F71-FC3F-F525-C7B3-BDD95F684C51}) (Version: 10.0.10150 - Microsoft Corporation) Hidden

Universal CRT Redistributable (HKLM-x32\...\{74E0F5DD-514A-4F85-0EE0-1E2EBB8BFC8C}) (Version: 10.0.10150 - Microsoft Corporation) Hidden

Universal CRT Tools x64 (HKLM\...\{4C8DCEB6-5D3C-90BD-6E31-A8342B9185FF}) (Version: 10.0.10150 - Microsoft Corporation) Hidden

Universal CRT Tools x86 (HKLM-x32\...\{DE0B03D4-5A26-DEEC-F62E-278EF28BA58E}) (Version: 10.0.10150 - Microsoft Corporation) Hidden

Unturned (HKLM-x32\...\Steam App 304930) (Version: - Nelson Sexton)

Update for (KB2504637) (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}.KB2504637) (Version: 1 - Microsoft Corporation)

Warface (HKLM-x32\...\Steam App 291480) (Version: - Crytek)

WARMODE (HKLM-x32\...\Steam App 391460) (Version: - WARTEAM)

WCF Data Services 5.6.4 Runtime (HKLM-x32\...\{DB85E7BD-B2DD-43D4-B3C0-23D7B527B597}) (Version: 5.6.62175.4 - Microsoft Corporation) Hidden

WCF Data Services Tools for Microsoft Visual Studio 2015 (HKLM-x32\...\{0A3B508E-5638-4471-BCC9-954E1868CB86}) (Version: 5.6.62175.4 - Microsoft Corporation) Hidden

Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)

Windscribe version 1.70 build 4 (HKLM-x32\...\{fa690e90-ddb0-4f0c-b3f1-136c084e5fc7}_is1) (Version: 1.70 build 4 - Windscribe)

WinPcap 4.1.3 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2980 - Riverbed Technology, Inc.)

WinSCP 5.9.1 (HKLM-x32\...\winscp3_is1) (Version: 5.9.1 - Martin Prikryl)

Wireshark 1.12.6 (64-bit) (HKLM-x32\...\Wireshark) (Version: 1.12.6 - The Wireshark developer community, hxxp://www.wireshark.org)

Virtual Audio Cable 4.10 (HKLM\...\Virtual Audio Cable 4.10) (Version: - )

VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)

VMware Player (HKLM\...\{E452E727-86B8-4233-8CC3-41FD817AFAFF}) (Version: 7.1.0 - VMware, Inc.) Hidden

VMware Player (HKLM-x32\...\VMware_Player) (Version: 7.1.0 - VMware, Inc)

VNC Server 5.3.2 (HKLM\...\{BD3BF59A-3CD6-49B3-A166-E57BF55FF959}) (Version: 5.3.2.19179 - RealVNC Ltd)

VNC Viewer 5.3.2 (HKLM\...\{F10020E5-D194-469E-B494-DDCE5D76A3A0}) (Version: 5.3.2.19179 - RealVNC Ltd)

Voxal Voice Changer (HKLM-x32\...\Voxal) (Version: 1.35 - NCH Software)

Vulkan Run Time Libraries 1.0.42.1 (HKLM\...\VulkanRT1.0.42.1) (Version: 1.0.42.1 - LunarG, Inc.)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-3593711402-1704135711-2489708331-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0509E600-C120-4BE2-85FD-B385B7ED6F45} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2013-12-18] (Hewlett-Packard)

Task: {13F61DBF-4C25-4CD4-928A-23A86965B72A} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-05-03] (NVIDIA Corporation)

Task: {1A437A6F-2592-415A-B787-CDF8CBE939C6} - System32\Tasks\NordVPN => C:\Program Files (x86)\NordVPN\NordVPN.exe [2017-03-02] (NordVPN)

Task: {20EE4705-5C5C-454F-B3CE-AEA4028A0184} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2017-05-03] (NVIDIA Corporation)

Task: {2CD14849-0CA9-4E57-AA99-B31BBF75DD57} - System32\Tasks\MSISW_Host => C:\windows\SysWOW64\muachost.exe [2016-01-09] (MSI)

Task: {2CD92505-6B4D-4449-A2D0-70E8B900A816} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2014-01-13] (Hewlett-Packard Company)

Task: {3505DDAD-54E3-4462-8EB2-277F98D7562A} - System32\Tasks\MurGeeAutoTyper => C:\Program Files (x86)\Auto Typer by MurGee\AutoTyper.exe [2016-12-09] (MurGee.com)

Task: {503ADDEE-6979-4BE7-9789-A0513ADFA1D2} - System32\Tasks\GoogleUpdateTaskMachineCore1d12ec1cfc74f1f => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-05] (Google Inc.)

Task: {6A05C6DB-96C2-470F-8458-04CB98085056} - System32\Tasks\SweetLabs App Platform => C:\Users\elgiganten-demo\AppData\Local\SweetLabs App Platform\Engine\ServiceHostAppUpdater.exe [2016-09-18] (Pokki)

Task: {75F9169E-85EE-4E60-A0E5-46EB91AEAFCC} - System32\Tasks\COMODO\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe

Task: {7E3175CB-1C99-4DAB-A6DC-62B087FA2EB1} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-05-03] (NVIDIA Corporation)

Task: {88ABC249-1102-4551-B7E4-A966289407B9} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-01-13] (Piriform Ltd)

Task: {8B2F5235-325F-4A20-8F73-DE0F92DF1144} - System32\Tasks\GyazoUpdateTaskMachineDaily => C:\Program Files (x86)\Gyazo\GyazoUpdate.exe [2017-05-16] ()

Task: {8C923D3C-7A3D-4005-B673-152CFFAF9372} - System32\Tasks\AdobeAAMUpdater-1.0-FARFAR-elgiganten-demo => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2016-07-01] (Adobe Systems Incorporated)

Task: {8D46F609-6401-45D4-BB3F-0A1BDC4A776C} - System32\Tasks\Opera scheduled Autoupdate 1477234867 => C:\Program Files (x86)\Opera\launcher.exe [2017-03-21] (Opera Software)

Task: {905A5DDC-2058-4CDA-A0B3-CA1974C66728} - System32\Tasks\COMODO\COMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe

Task: {A5D847D2-AB7A-416E-8DBE-D815EF0901AE} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2017-05-03] (NVIDIA Corporation)

Task: {BB8388A6-7410-4D28-ADA9-775407784A06} - System32\Tasks\GyazoUpdateTaskMachine => C:\Program Files (x86)\Gyazo\GyazoUpdate.exe [2017-05-16] ()

Task: {D2420570-2547-4A86-9E7A-88CF118282D3} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-05] (Google Inc.)

Task: {D6222255-0C12-46DE-9BFD-26B541A4D3FC} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2017-05-03] (NVIDIA Corporation)

Task: {D8AF1ECF-8C7C-4EE2-A360-602C89ADBB77} - System32\Tasks\CommView Update => C:\Program Files (x86)\CommView\Updater.exe [2016-01-08] (TamoSoft)

Task: {DA5B6F3D-B9E3-4219-B12C-59A005AF26D1} - System32\Tasks\COMODO\COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10} => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe

Task: {E26861C8-DC50-42FC-B78B-21E073BAF431} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\windows\system32\MRT.exe [2017-06-14] (Microsoft Corporation)

Task: {E3CEB74E-81F3-482E-B423-3DEC60404E71} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-05] (Google Inc.)

Task: {E3ECD631-ACA3-4911-9A8B-5146AEAC1C49} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2012-11-29] (Hewlett-Packard Company)

Task: {E73911D5-480B-4750-9FBD-9B28F9E1317D} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-05-03] (NVIDIA Corporation)

Task: {EA5E7606-15BA-48C0-BB56-8167A687C1C1} - System32\Tasks\{31DDBD37-5DB7-4030-8064-10B0CAA806C3} => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe

Task: {EA7F24DE-774D-43C8-87E5-A64EBEF80A87} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-05-03] (NVIDIA Corporation)

Task: {EAB5C0E1-BBB1-40B0-A15F-431C2672AAE8} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-05-03] (NVIDIA Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

Shortcut: C:\Users\elgiganten-demo\Favorites\NCH Software Download Site.lnk -> hxxp://www.nch.com.au/index.htm

ShortcutWithArgument: C:\Users\elgiganten-demo\Desktop\----------\Programs shortcuts\Startprogrammet för appar i Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --show-app-list

ShortcutWithArgument: C:\Users\elgiganten-demo\AppData\Local\Google\Chrome\User Data\Startprogrammet för appar i Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --show-app-list

ShortcutWithArgument: C:\Users\elgiganten-demo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome-appar\Talkz.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=nncdmicfhjggfogddpjjpdlhfaaaglno

==================== Loaded Modules (Whitelisted) ==============

2017-03-02 10:25 - 2017-03-02 10:25 - 00411312 _____ () C:\Program Files (x86)\NordVPN\nordvpn-service.exe

2016-12-04 14:51 - 2017-05-03 22:21 - 01267320 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll

2016-10-25 09:57 - 2016-10-25 09:57 - 00491184 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll

2017-06-20 18:35 - 2017-06-15 09:29 - 03807064 _____ () C:\Program Files (x86)\Google\Chrome\Application\59.0.3071.104\libglesv2.dll

2017-06-20 18:35 - 2017-06-15 09:29 - 00100184 _____ () C:\Program Files (x86)\Google\Chrome\Application\59.0.3071.104\libegl.dll

2017-06-16 23:01 - 2017-06-16 23:01 - 31133184 _____ () C:\Users\elgiganten-demo\AppData\Local\Google\Chrome\User Data\PepperFlash\26.0.0.131\pepflashplayer.dll

2016-12-04 14:51 - 2017-05-03 22:21 - 01040504 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll

2017-01-01 05:10 - 2016-02-23 14:48 - 00082944 _____ () C:\Program Files (x86)\Cooler Master\MasterKeys Pro L With intelligent RGB\HidDevice.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Windows:{4B9A1497-0817-47C4-9612-D6A1C53ACF57} [26]

AlternateDataStreams: C:\Windows:{DA6227CB-326B-4B4D-9A81-04B61F1538DD} [26]

AlternateDataStreams: C:\windows\acpimof.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\CtDrvIns.exe:$CmdTcID [64]

AlternateDataStreams: C:\windows\notepad.exe:$CmdTcID [64]

AlternateDataStreams: C:\windows\PAExec.exe:$CmdTcID [64]

AlternateDataStreams: C:\windows\splwow64.exe:$CmdTcID [64]

AlternateDataStreams: C:\windows\WLXPGSS.SCR:$CmdTcID [64]

AlternateDataStreams: C:\windows\system32\advapi32.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\system32\api-ms-win-crt-conio-l1-1-0.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\system32\api-ms-win-crt-convert-l1-1-0.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\system32\api-ms-win-crt-environment-l1-1-0.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\system32\api-ms-win-crt-heap-l1-1-0.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\system32\api-ms-win-crt-locale-l1-1-0.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\system32\api-ms-win-crt-math-l1-1-0.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\system32\api-ms-win-crt-private-l1-1-0.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\system32\api-ms-win-crt-process-l1-1-0.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\system32\api-ms-win-crt-runtime-l1-1-0.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\system32\api-ms-win-crt-stdio-l1-1-0.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\system32\api-ms-win-crt-string-l1-1-0.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\system32\api-ms-win-crt-time-l1-1-0.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\system32\api-ms-win-crt-utility-l1-1-0.dll:$CmdTcID [130]

AlternateDataStreams: C:\windows\system32\apphelp.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\system32\appidapi.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\system32\appidsvc.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\system32\appinfo.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\system32\AppxAllUserStore.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\system32\AppXDeploymentExtensions.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\system32\AppXDeploymentServer.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\system32\AudioEndpointBuilder.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\system32\audiosrv.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\system32\AuthHost.exe:$CmdTcID [64]

AlternateDataStreams: C:\windows\system32\authz.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\system32\basesrv.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\system32\BFE.DLL:$CmdTcID [64]

AlternateDataStreams: C:\windows\system32\catsrvut.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\system32\cfgbkend.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\system32\COLORCNV.DLL:$CmdTcID [64]

AlternateDataStreams: C:\windows\system32\comctl32.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\system32\compstui.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\system32\comsvcs.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\system32\consent.exe:$CmdTcID [64]

AlternateDataStreams: C:\windows\system32\CPFilters.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\system32\CtCamMgr.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\system32\d2d1.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\system32\D3DCompiler_33.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\system32\D3DCompiler_34.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\system32\D3DCompiler_35.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\system32\D3DCompiler_36.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\system32\D3DCompiler_37.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\system32\D3DCompiler_38.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\system32\D3DCompiler_39.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\system32\D3DCompiler_40.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\system32\D3DCompiler_41.dll:$CmdTcID [130]

AlternateDataStreams: C:\windows\system32\D3DCompiler_42.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\system32\D3DCompiler_43.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\system32\d3dcsx_42.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\system32\d3dcsx_43.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\system32\d3dx10.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\system32\d3dx10_33.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\system32\d3dx10_34.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\system32\d3dx10_35.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\system32\d3dx10_36.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\system32\d3dx10_37.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\system32\d3dx10_38.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\system32\d3dx10_39.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\system32\d3dx10_40.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\system32\d3dx10_41.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\system32\d3dx10_42.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\system32\d3dx10_43.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\system32\d3dx11_42.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\system32\d3dx11_43.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\system32\d3dx9_24.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\system32\d3dx9_25.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\system32\d3dx9_26.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\system32\d3dx9_27.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\system32\d3dx9_28.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\system32\d3dx9_29.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\system32\d3dx9_30.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\system32\d3dx9_31.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\system32\d3dx9_32.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\system32\d3dx9_33.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\system32\d3dx9_34.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\system32\d3dx9_35.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\system32\d3dx9_36.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\system32\D3DX9_37.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\system32\D3DX9_38.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\system32\D3DX9_39.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\system32\D3DX9_40.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\system32\D3DX9_41.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\system32\D3DX9_42.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\system32\davclnt.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\system32\dbgeng.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\system32\dbghelp.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\system32\devenum.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\system32\DevicePairing.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\system32\dhcpsapi.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\system32\dsparse.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\system32\dwmcore.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\system32\dxcap.exe:$CmdTcID [64]

AlternateDataStreams: C:\windows\system32\dxcpl.exe:$CmdTcID [64]

AlternateDataStreams: C:\windows\system32\dxtmsft.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\system32\EncDec.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\system32\eventcls.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\system32\evr.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\system32\ExplorerFrame.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\system32\fhcpl.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\system32\FintekIcon1.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\system32\FWPUCLNT.DLL:$CmdTcID [64]

AlternateDataStreams: C:\windows\system32\FwRemoteSvr.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\system32\GeofenceMonitorService.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\system32\gpapi.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\system32\hgcpl.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\system32\hhctrl.ocx:$CmdTcID [64]

AlternateDataStreams: C:\windows\system32\hlink.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\system32\InkEd.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\system32\inseng.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\system32\IPHLPAPI.DLL:$CmdTcID [64]

AlternateDataStreams: C:\windows\system32\IPSECSVC.DLL:$CmdTcID [64]

AlternateDataStreams: C:\windows\system32\java.exe:$CmdTcID [64]

AlternateDataStreams: C:\windows\system32\javaw.exe:$CmdTcID [64]

AlternateDataStreams: C:\windows\system32\javaws.exe:$CmdTcID [64]

AlternateDataStreams: C:\windows\system32\jscript9diag.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\system32\KBDAZE.DLL:$CmdTcID [64]

AlternateDataStreams: C:\windows\system32\KBDAZEL.DLL:$CmdTcID [64]

AlternateDataStreams: C:\windows\system32\KBDAZST.DLL:$CmdTcID [64]

AlternateDataStreams: C:\windows\system32\kbdgeoqw.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\system32\kmddsp.tsp:$CmdTcID [64]

AlternateDataStreams: C:\windows\system32\ksproxy.ax:$CmdTcID [64]

AlternateDataStreams: C:\windows\system32\mcupdate_GenuineIntel.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\system32\MDMAgent.exe:$CmdTcID [64]

AlternateDataStreams: C:\windows\system32\mfcore.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\system32\mfds.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\system32\MFMediaEngine.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\system32\mfnetcore.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\system32\mfnetsrc.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\system32\mfplat.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\system32\mfps.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\system32\mfvdsp.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\system32\MFWMAAEC.DLL:$CmdTcID [64]

AlternateDataStreams: C:\windows\system32\MP3DMOD.DLL:$CmdTcID [64]

AlternateDataStreams: C:\windows\system32\MP43DECD.DLL:$CmdTcID [64]

AlternateDataStreams: C:\windows\system32\MP4SDECD.DLL:$CmdTcID [64]

AlternateDataStreams: C:\windows\system32\MPG4DECD.DLL:$CmdTcID [64]

AlternateDataStreams: C:\windows\system32\msftedit.dll:$CmdTcID [130]

AlternateDataStreams: C:\windows\system32\msmpeg2adec.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\system32\msra.exe:$CmdTcID [64]

AlternateDataStreams: C:\windows\system32\msrating.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\system32\mstscax.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\system32\mswsock.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\system32\msxml6.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\system32\mtxoci.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\system32\NcdAutoSetup.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\system32\ncrypt.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\system32\netcfgx.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\system32\notepad.exe:$CmdTcID [64]

AlternateDataStreams: C:\windows\system32\ntvdm64.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\system32\nvdispco6436143.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\system32\nvdispgenco6436143.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\system32\PCPKsp.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\system32\PhotoMetadataHandler.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\system32\PnkBstrA.exe:$CmdTcID [64]

AlternateDataStreams: C:\windows\system32\polstore.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\system32\PresentationCFFRasterizerNative_v0300.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\system32\profsvc.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\system32\qdvd.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\system32\qedit.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\system32\QSHVHOST.DLL:$CmdTcID [64]

AlternateDataStreams: C:\windows\system32\QSVRMGMT.DLL:$CmdTcID [64]

AlternateDataStreams: C:\windows\system32\rascfg.dll:$CmdTcID [130]

AlternateDataStreams: C:\windows\system32\rasdiag.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\system32\rasmxs.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\system32\rasser.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\system32\rdvidcrl.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\system32\RESAMPLEDMO.DLL:$CmdTcID [64]

AlternateDataStreams: C:\windows\system32\rpcrt4.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\system32\rsaenh.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\system32\schedsvc.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\system32\schtasks.exe:$CmdTcID [64]

AlternateDataStreams: C:\windows\system32\sdbinst.exe:$CmdTcID [64]

AlternateDataStreams: C:\windows\system32\seclogon.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\system32\services.exe:$CmdTcID [64]

AlternateDataStreams: C:\windows\system32\SettingMonitor.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\system32\SettingsHandlers.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\system32\SettingSync.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\system32\SettingSyncCore.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\system32\SettingSyncHost.exe:$CmdTcID [64]

AlternateDataStreams: C:\windows\system32\shacct.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\system32\SkyDrive.exe:$CmdTcID [64]

AlternateDataStreams: C:\windows\system32\SkyDriveTelemetry.dll:$CmdTcID [130]

AlternateDataStreams: C:\windows\system32\spoolsv.exe:$CmdTcID [64]

AlternateDataStreams: C:\windows\system32\SRH.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\system32\stobject.dll:$CmdTcID [130]

AlternateDataStreams: C:\windows\system32\StructuredQuery.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\system32\SyncEngine.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\system32\SysFxUI.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\system32\sysmain.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\system32\SystemEventsBrokerServer.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\system32\SystemSettings.Handlers.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\system32\SystemSettingsAdminFlows.exe:$CmdTcID [64]

AlternateDataStreams: C:\windows\system32\SystemSettingsAdminFlowUI.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\system32\SystemSettingsDatabase.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\system32\taskeng.exe:$CmdTcID [64]

AlternateDataStreams: C:\windows\system32\tdh.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\system32\themecpl.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\system32\tzsync.exe:$CmdTcID [64]

AlternateDataStreams: C:\windows\system32\UIAutomationCore.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\system32\untfs.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\system32\usercpl.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\system32\UtcResources.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\system32\VIDRESZR.DLL:$CmdTcID [64]

AlternateDataStreams: C:\windows\system32\vmnetbridge.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\system32\vnetinst.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\system32\vsgraphicsremoteengine.exe:$CmdTcID [64]

AlternateDataStreams: C:\windows\system32\vsjitdebugger.exe:$CmdTcID [64]

AlternateDataStreams: C:\windows\system32\vssapi.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\system32\vsstrace.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\system32\VSSVC.exe:$CmdTcID [64]

AlternateDataStreams: C:\windows\system32\werdiagcontroller.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\system32\wevtsvc.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\system32\WiFiDisplay.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\system32\Windows.UI.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\system32\Windows.UI.Immersive.dll:$CmdTcID [130]

AlternateDataStreams: C:\windows\system32\Windows.UI.Input.Inking.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\system32\WindowsAnytimeUpgradeui.exe:$CmdTcID [64]

AlternateDataStreams: C:\windows\system32\winlogon.exe:$CmdTcID [64]

AlternateDataStreams: C:\windows\system32\WinSetupUI.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\system32\WinSync.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\system32\WMADMOD.DLL:$CmdTcID [64]

AlternateDataStreams: C:\windows\system32\WMADMOE.DLL:$CmdTcID [64]

AlternateDataStreams: C:\windows\system32\WMALFXGFXDSP.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\system32\WMASF.DLL:$CmdTcID [64]

AlternateDataStreams: C:\windows\system32\WMSPDMOD.DLL:$CmdTcID [64]

AlternateDataStreams: C:\windows\system32\WMSPDMOE.DLL:$CmdTcID [64]

AlternateDataStreams: C:\windows\system32\WMVDECOD.DLL:$CmdTcID [64]

AlternateDataStreams: C:\windows\system32\WMVENCOD.DLL:$CmdTcID [64]

AlternateDataStreams: C:\windows\system32\WMVSDECD.DLL:$CmdTcID [64]

AlternateDataStreams: C:\windows\system32\WMVSENCD.DLL:$CmdTcID [64]

AlternateDataStreams: C:\windows\system32\WMVXENCD.DLL:$CmdTcID [64]

AlternateDataStreams: C:\windows\system32\WorkfoldersControl.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\system32\workfolderssvc.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\system32\wpdshext.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\system32\ws2_32.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\system32\wscapi.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\system32\wscsvc.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\system32\WSDApi.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\system32\WSDMon.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\system32\WsmAgent.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\system32\WsmAuto.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\system32\WSShared.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\system32\wups.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\system32\wups2.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\system32\x3daudio1_0.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\system32\x3daudio1_1.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\system32\X3DAudio1_2.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\system32\X3DAudio1_3.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\system32\X3DAudio1_4.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\system32\X3DAudio1_5.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\system32\X3DAudio1_6.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\system32\X3DAudio1_7.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\system32\xactengine2_0.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\system32\xactengine2_1.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\system32\xactengine2_10.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\system32\xactengine2_3.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\system32\xactengine2_4.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\system32\xactengine2_5.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\system32\xactengine2_6.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\system32\xactengine2_7.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\system32\xactengine2_8.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\system32\xactengine2_9.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\system32\xactengine3_0.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\system32\xactengine3_1.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\system32\xactengine3_2.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\system32\xactengine3_3.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\system32\xactengine3_4.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\system32\xactengine3_5.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\system32\xactengine3_6.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\system32\xactengine3_7.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\system32\XAPOFX1_0.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\system32\XAPOFX1_1.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\system32\XAPOFX1_2.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\system32\XAPOFX1_3.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\system32\XAPOFX1_4.dll:$CmdTcID [130]

AlternateDataStreams: C:\windows\system32\XAPOFX1_5.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\system32\XAudio2_0.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\system32\XAudio2_1.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\system32\XAudio2_2.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\system32\XAudio2_3.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\system32\XAudio2_4.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\system32\XAudio2_5.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\system32\XAudio2_6.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\system32\XAudio2_7.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\system32\xinput1_1.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\system32\xinput1_2.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\system32\xinput1_3.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\SysWOW64\advapi32.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\SysWOW64\api-ms-win-crt-conio-l1-1-0.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\SysWOW64\api-ms-win-crt-convert-l1-1-0.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\SysWOW64\api-ms-win-crt-environment-l1-1-0.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\SysWOW64\api-ms-win-crt-filesystem-l1-1-0.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\SysWOW64\api-ms-win-crt-math-l1-1-0.dll:$CmdTcID [130]

AlternateDataStreams: C:\windows\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\SysWOW64\api-ms-win-crt-private-l1-1-0.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\SysWOW64\api-ms-win-crt-process-l1-1-0.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\SysWOW64\api-ms-win-crt-runtime-l1-1-0.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\SysWOW64\api-ms-win-crt-stdio-l1-1-0.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\SysWOW64\api-ms-win-crt-string-l1-1-0.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\SysWOW64\api-ms-win-crt-time-l1-1-0.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\SysWOW64\api-ms-win-crt-utility-l1-1-0.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\SysWOW64\appidapi.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\SysWOW64\AppxAllUserStore.dll:$CmdTcID [130]

AlternateDataStreams: C:\windows\SysWOW64\authz.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\SysWOW64\catsrvut.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\SysWOW64\cfgbkend.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\SysWOW64\COLORCNV.DLL:$CmdTcID [64]

AlternateDataStreams: C:\windows\SysWOW64\comctl32.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\SysWOW64\comsvcs.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\SysWOW64\CPFilters.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\SysWOW64\CtCamMgr.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\SysWOW64\cximage.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\SysWOW64\d2d1.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\SysWOW64\D3DCompiler_33.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\SysWOW64\D3DCompiler_34.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\SysWOW64\D3DCompiler_35.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\SysWOW64\D3DCompiler_36.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\SysWOW64\D3DCompiler_37.dll:$CmdTcID [130]

AlternateDataStreams: C:\windows\SysWOW64\D3DCompiler_38.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\SysWOW64\D3DCompiler_39.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\SysWOW64\D3DCompiler_40.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\SysWOW64\D3DCompiler_41.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\SysWOW64\D3DCompiler_42.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\SysWOW64\D3DCompiler_43.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\SysWOW64\d3dcsx_42.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\SysWOW64\d3dcsx_43.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\SysWOW64\d3dx10.dll:$CmdTcID [130]

AlternateDataStreams: C:\windows\SysWOW64\d3dx10_33.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\SysWOW64\d3dx10_34.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\SysWOW64\d3dx10_35.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\SysWOW64\d3dx10_36.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\SysWOW64\d3dx10_37.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\SysWOW64\d3dx10_38.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\SysWOW64\d3dx10_39.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\SysWOW64\d3dx10_40.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\SysWOW64\d3dx10_41.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\SysWOW64\d3dx10_42.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\SysWOW64\d3dx10_43.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\SysWOW64\d3dx11_42.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\SysWOW64\d3dx11_43.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\SysWOW64\d3dx9_24.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\SysWOW64\d3dx9_25.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\SysWOW64\d3dx9_26.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\SysWOW64\d3dx9_27.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\SysWOW64\d3dx9_28.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\SysWOW64\d3dx9_29.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\SysWOW64\d3dx9_30.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\SysWOW64\d3dx9_31.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\SysWOW64\d3dx9_32.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\SysWOW64\d3dx9_33.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\SysWOW64\d3dx9_34.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\SysWOW64\d3dx9_35.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\SysWOW64\d3dx9_36.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\SysWOW64\D3DX9_37.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\SysWOW64\D3DX9_38.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\SysWOW64\D3DX9_39.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\SysWOW64\D3DX9_40.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\SysWOW64\D3DX9_41.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\SysWOW64\D3DX9_42.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\SysWOW64\D3DX9_43.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\SysWOW64\davclnt.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\SysWOW64\dbgeng.dll:$CmdTcID [130]

AlternateDataStreams: C:\windows\SysWOW64\dbghelp.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\SysWOW64\devenum.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\SysWOW64\DevicePairing.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\SysWOW64\dhcpsapi.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\SysWOW64\dsparse.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\SysWOW64\dwmcore.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\SysWOW64\dxcap.exe:$CmdTcID [64]

AlternateDataStreams: C:\windows\SysWOW64\dxcpl.exe:$CmdTcID [64]

AlternateDataStreams: C:\windows\SysWOW64\dxtmsft.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\SysWOW64\EncDec.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\SysWOW64\eventcls.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\SysWOW64\evr.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\SysWOW64\ExplorerFrame.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\SysWOW64\FWPUCLNT.DLL:$CmdTcID [64]

AlternateDataStreams: C:\windows\SysWOW64\FwRemoteSvr.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\SysWOW64\GeofenceMonitorService.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\SysWOW64\GlobCollationHost.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\SysWOW64\gpapi.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\SysWOW64\hgcpl.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\SysWOW64\hhctrl.ocx:$CmdTcID [64]

AlternateDataStreams: C:\windows\SysWOW64\hlink.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\SysWOW64\ieui.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\SysWOW64\InkEd.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\SysWOW64\IPHLPAPI.DLL:$CmdTcID [64]

AlternateDataStreams: C:\windows\SysWOW64\jscript9diag.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\SysWOW64\KBDAZE.DLL:$CmdTcID [64]

AlternateDataStreams: C:\windows\SysWOW64\KBDAZEL.DLL:$CmdTcID [64]

AlternateDataStreams: C:\windows\SysWOW64\KBDAZST.DLL:$CmdTcID [64]

AlternateDataStreams: C:\windows\SysWOW64\kbdgeoqw.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\SysWOW64\kmddsp.tsp:$CmdTcID [64]

AlternateDataStreams: C:\windows\SysWOW64\ksproxy.ax:$CmdTcID [64]

AlternateDataStreams: C:\windows\SysWOW64\mfcore.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\SysWOW64\mfds.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\SysWOW64\MFMediaEngine.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\SysWOW64\mfnetcore.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\SysWOW64\mfnetsrc.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\SysWOW64\mfplat.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\SysWOW64\mfps.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\SysWOW64\mfvdsp.dll:$CmdTcID [130]

AlternateDataStreams: C:\windows\SysWOW64\MFWMAAEC.DLL:$CmdTcID [64]

AlternateDataStreams: C:\windows\SysWOW64\MP3DMOD.DLL:$CmdTcID [64]

AlternateDataStreams: C:\windows\SysWOW64\MP43DECD.DLL:$CmdTcID [64]

AlternateDataStreams: C:\windows\SysWOW64\MP4SDECD.DLL:$CmdTcID [64]

AlternateDataStreams: C:\windows\SysWOW64\MPG4DECD.DLL:$CmdTcID [64]

AlternateDataStreams: C:\windows\SysWOW64\msftedit.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\SysWOW64\msmpeg2adec.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\SysWOW64\msorcl32.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\SysWOW64\msrating.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\SysWOW64\mstscax.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\SysWOW64\mswsock.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\SysWOW64\msxml3a.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\SysWOW64\msxml6.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\SysWOW64\mtxoci.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\SysWOW64\muachost.exe:$CmdTcID [64]

AlternateDataStreams: C:\windows\SysWOW64\ncrypt.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\SysWOW64\netcfgx.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\SysWOW64\notepad.exe:$CmdTcID [64]

AlternateDataStreams: C:\windows\SysWOW64\nshwfp.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\SysWOW64\ntvdm64.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\SysWOW64\PCPKsp.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\SysWOW64\PCWizard.cpl:$CmdTcID [130]

AlternateDataStreams: C:\windows\SysWOW64\PhotoMetadataHandler.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\SysWOW64\polstore.dll:$CmdTcID [130]

AlternateDataStreams: C:\windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\SysWOW64\qdvd.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\SysWOW64\qedit.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\SysWOW64\QSHVHOST.DLL:$CmdTcID [64]

AlternateDataStreams: C:\windows\SysWOW64\QSVRMGMT.DLL:$CmdTcID [64]

AlternateDataStreams: C:\windows\SysWOW64\rascfg.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\SysWOW64\rasdiag.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\SysWOW64\rasmxs.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\SysWOW64\rasser.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\SysWOW64\rdvidcrl.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\SysWOW64\RESAMPLEDMO.DLL:$CmdTcID [64]

AlternateDataStreams: C:\windows\SysWOW64\rgb9rast.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\SysWOW64\rpcrt4.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\SysWOW64\rsaenh.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\SysWOW64\schtasks.exe:$CmdTcID [64]

AlternateDataStreams: C:\windows\SysWOW64\sdbinst.exe:$CmdTcID [64]

AlternateDataStreams: C:\windows\SysWOW64\SettingMonitor.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\SysWOW64\SettingSync.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\SysWOW64\SettingSyncCore.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\SysWOW64\SettingSyncHost.exe:$CmdTcID [64]

AlternateDataStreams: C:\windows\SysWOW64\shacct.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\SysWOW64\SRH.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\SysWOW64\stobject.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\SysWOW64\StructuredQuery.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\SysWOW64\taskeng.exe:$CmdTcID [64]

AlternateDataStreams: C:\windows\SysWOW64\tdh.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\SysWOW64\themecpl.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\SysWOW64\UIAutomationCore.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\SysWOW64\untfs.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\SysWOW64\usercpl.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\SysWOW64\V0270Ext.ax:$CmdTcID [64]

AlternateDataStreams: C:\windows\SysWOW64\V0270Hwx.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\SysWOW64\V0270Srv.exe:$CmdTcID [64]

AlternateDataStreams: C:\windows\SysWOW64\VIDRESZR.DLL:$CmdTcID [64]

AlternateDataStreams: C:\windows\SysWOW64\vmnat.exe:$CmdTcID [64]

AlternateDataStreams: C:\windows\SysWOW64\vmnetdhcp.exe:$CmdTcID [64]

AlternateDataStreams: C:\windows\SysWOW64\vsd3dwarpdebug.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\SysWOW64\vsgraphicsremoteengine.exe:$CmdTcID [130]

AlternateDataStreams: C:\windows\SysWOW64\vsjitdebugger.exe:$CmdTcID [64]

AlternateDataStreams: C:\windows\SysWOW64\vssapi.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\SysWOW64\vsstrace.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\SysWOW64\Windows.UI.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\SysWOW64\Windows.UI.Immersive.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\SysWOW64\Windows.UI.Input.Inking.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\SysWOW64\WinSync.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\SysWOW64\WMADMOD.DLL:$CmdTcID [64]

AlternateDataStreams: C:\windows\SysWOW64\WMADMOE.DLL:$CmdTcID [64]

AlternateDataStreams: C:\windows\SysWOW64\WMASF.DLL:$CmdTcID [64]

AlternateDataStreams: C:\windows\SysWOW64\WMSPDMOD.DLL:$CmdTcID [64]

AlternateDataStreams: C:\windows\SysWOW64\WMSPDMOE.DLL:$CmdTcID [64]

AlternateDataStreams: C:\windows\SysWOW64\WMVDECOD.DLL:$CmdTcID [64]

AlternateDataStreams: C:\windows\SysWOW64\WMVENCOD.DLL:$CmdTcID [64]

AlternateDataStreams: C:\windows\SysWOW64\WMVSDECD.DLL:$CmdTcID [130]

AlternateDataStreams: C:\windows\SysWOW64\WMVSENCD.DLL:$CmdTcID [64]

AlternateDataStreams: C:\windows\SysWOW64\WMVXENCD.DLL:$CmdTcID [64]

AlternateDataStreams: C:\windows\SysWOW64\wpdshext.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\SysWOW64\ws2_32.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\SysWOW64\wscapi.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\SysWOW64\WSDApi.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\SysWOW64\WsmAgent.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\SysWOW64\WsmAuto.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\SysWOW64\WSShared.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\SysWOW64\wups.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\SysWOW64\x3daudio1_0.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\SysWOW64\x3daudio1_1.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\SysWOW64\X3DAudio1_2.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\SysWOW64\X3DAudio1_3.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\SysWOW64\X3DAudio1_4.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\SysWOW64\X3DAudio1_5.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\SysWOW64\X3DAudio1_6.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\SysWOW64\X3DAudio1_7.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\SysWOW64\xactengine2_0.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\SysWOW64\xactengine2_1.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\SysWOW64\xactengine2_10.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\SysWOW64\xactengine2_2.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\SysWOW64\xactengine2_3.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\SysWOW64\xactengine2_4.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\SysWOW64\xactengine2_5.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\SysWOW64\xactengine2_6.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\SysWOW64\xactengine2_7.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\SysWOW64\xactengine2_8.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\SysWOW64\xactengine2_9.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\SysWOW64\xactengine3_0.dll:$CmdTcID [130]

AlternateDataStreams: C:\windows\SysWOW64\xactengine3_1.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\SysWOW64\xactengine3_2.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\SysWOW64\xactengine3_3.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\SysWOW64\xactengine3_4.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\SysWOW64\xactengine3_5.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\SysWOW64\xactengine3_6.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\SysWOW64\xactengine3_7.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\SysWOW64\XAPOFX1_0.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\SysWOW64\XAPOFX1_1.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\SysWOW64\XAPOFX1_2.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\SysWOW64\XAPOFX1_3.dll:$CmdTcID [32]

AlternateDataStreams: C:\windows\SysWOW64\XAPOFX1_4.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\SysWOW64\XAPOFX1_5.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\SysWOW64\XAudio2_0.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\SysWOW64\XAudio2_1.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\SysWOW64\XAudio2_2.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\SysWOW64\XAudio2_3.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\SysWOW64\XAudio2_4.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\SysWOW64\XAudio2_5.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\SysWOW64\XAudio2_6.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\SysWOW64\XAudio2_7.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\SysWOW64\xinput1_1.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\SysWOW64\xinput1_2.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\SysWOW64\xinput1_3.dll:$CmdTcID [64]

AlternateDataStreams: C:\windows\SysWOW64\xliveinstallhost.exe:$CmdTcID [64]

AlternateDataStreams: C:\windows\system32\Drivers\afd.sys:$CmdTcID [64]

AlternateDataStreams: C:\windows\system32\Drivers\ahcache.sys:$CmdTcID [64]

AlternateDataStreams: C:\windows\system32\Drivers\athwbx.sys:$CmdTcID [64]

AlternateDataStreams: C:\windows\system32\Drivers\bthhfenum.sys:$CmdTcID [64]

AlternateDataStreams: C:\windows\system32\Drivers\dam.sys:$CmdTcID [64]

AlternateDataStreams: C:\windows\system32\Drivers\disk.sys:$CmdTcID [130]

AlternateDataStreams: C:\windows\system32\Drivers\dumpsd.sys:$CmdTcID [64]

AlternateDataStreams: C:\windows\system32\Drivers\FWPKCLNT.SYS:$CmdTcID [64]

AlternateDataStreams: C:\windows\system32\Drivers\I2cHkBurn.sys:$CmdTcID [64]

AlternateDataStreams: C:\windows\system32\Drivers\i8042prt.sys:$CmdTcID [64]

AlternateDataStreams: C:\windows\system32\Drivers\intelpep.sys:$CmdTcID [64]

AlternateDataStreams: C:\windows\system32\Drivers\IPMIDrv.sys:$CmdTcID [64]

AlternateDataStreams: C:\windows\system32\Drivers\kbdclass.sys:$CmdTcID [64]

AlternateDataStreams: C:\windows\system32\Drivers\kbdhid.sys:$CmdTcID [64]

AlternateDataStreams: C:\windows\system32\Drivers\KMWDFILTER.sys:$CmdTcID [64]

AlternateDataStreams: C:\windows\system32\Drivers\mouclass.sys:$CmdTcID [64]

AlternateDataStreams: C:\windows\system32\Drivers\mouhid.sys:$CmdTcID [64]

AlternateDataStreams: C:\windows\system32\Drivers\ndistapi.sys:$CmdTcID [64]

AlternateDataStreams: C:\windows\system32\Drivers\ndproxy.sys:$CmdTcID [64]

AlternateDataStreams: C:\windows\system32\Drivers\netbt.sys:$CmdTcID [64]

AlternateDataStreams: C:\windows\system32\Drivers\netio.sys:$CmdTcID [64]

AlternateDataStreams: C:\windows\system32\Drivers\pdc.sys:$CmdTcID [64]

AlternateDataStreams: C:\windows\system32\Drivers\rasl2tp.sys:$CmdTcID [64]

AlternateDataStreams: C:\windows\system32\Drivers\rmcast.sys:$CmdTcID [64]

AlternateDataStreams: C:\windows\system32\Drivers\sdbus.sys:$CmdTcID [64]

AlternateDataStreams: C:\windows\system32\Drivers\sermouse.sys:$CmdTcID [64]

AlternateDataStreams: C:\windows\system32\Drivers\tpm.sys:$CmdTcID [64]

AlternateDataStreams: C:\windows\system32\Drivers\tunnel.sys:$CmdTcID [64]

AlternateDataStreams: C:\windows\system32\Drivers\udfs.sys:$CmdTcID [64]

AlternateDataStreams: C:\windows\system32\Drivers\usb8023.sys:$CmdTcID [64]

AlternateDataStreams: C:\windows\system32\Drivers\usbd.sys:$CmdTcID [64]

AlternateDataStreams: C:\windows\system32\Drivers\usbehci.sys:$CmdTcID [64]

AlternateDataStreams: C:\windows\system32\Drivers\usbhub.sys:$CmdTcID [64]

AlternateDataStreams: C:\windows\system32\Drivers\USBHUB3.SYS:$CmdTcID [64]

AlternateDataStreams: C:\windows\system32\Drivers\usbohci.sys:$CmdTcID [64]

AlternateDataStreams: C:\windows\system32\Drivers\usbport.sys:$CmdTcID [64]

AlternateDataStreams: C:\windows\system32\Drivers\USBSTOR.SYS:$CmdTcID [64]

AlternateDataStreams: C:\windows\system32\Drivers\usbuhci.sys:$CmdTcID [64]

AlternateDataStreams: C:\windows\system32\Drivers\USBXHCI.SYS:$CmdTcID [64]

AlternateDataStreams: C:\windows\system32\Drivers\vmci.sys:$CmdTcID [64]

AlternateDataStreams: C:\windows\system32\Drivers\vmnet.sys:$CmdTcID [64]

AlternateDataStreams: C:\windows\system32\Drivers\vmnetadapter.sys:$CmdTcID [64]

AlternateDataStreams: C:\windows\system32\Drivers\vmnetbridge.sys:$CmdTcID [64]

AlternateDataStreams: C:\windows\system32\Drivers\volmgr.sys:$CmdTcID [64]

AlternateDataStreams: C:\windows\system32\Drivers\volsnap.sys:$CmdTcID [64]

AlternateDataStreams: C:\windows\system32\Drivers\vpci.sys:$CmdTcID [64]

AlternateDataStreams: C:\windows\system32\Drivers\wanarp.sys:$CmdTcID [64]

AlternateDataStreams: C:\windows\system32\Drivers\wfplwfs.sys:$CmdTcID [64]

AlternateDataStreams: C:\windows\system32\Drivers\winusb.sys:$CmdTcID [64]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot => "AlternateShell"=""

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\88159310.sys => ""="Driver"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PAexec => ""="Service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\88159310.sys => ""="Driver"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PAexec => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

HKU\S-1-5-21-3593711402-1704135711-2489708331-1001\Software\Classes\exefile: <==== ATTENTION

HKU\S-1-5-21-3593711402-1704135711-2489708331-1001\Software\Classes\.exe: exefile => <==== ATTENTION

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 15:25 - 2017-06-06 20:51 - 00000077 _____ C:\windows\system32\Drivers\etc\hosts

35.156.90.191 authserver.mojang.com

35.156.90.191 sessionserver.mojang.com

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3593711402-1704135711-2489708331-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\elgiganten-demo\Desktop\Deskt-\sweden_stockholm_winter_night_city_hall_lights_reflection_82522_1920x1080.jpg

DNS Servers: 208.67.222.123 - 208.67.220.123

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)

Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

MSCONFIG\Services: 0242891429271669mcinstcleanup => 2

MSCONFIG\Services: BstHdAndroidSvc => 2

MSCONFIG\Services: BstHdLogRotatorSvc => 3

MSCONFIG\Services: BstHdPlusAndroidSvc => 3

MSCONFIG\Services: BstHdUpdaterSvc => 3

MSCONFIG\Services: DirMngr => 2

MSCONFIG\Services: ExpressCache => 2

MSCONFIG\Services: GamingApp_Service => 2

MSCONFIG\Services: GamingHotkey_Service => 2

MSCONFIG\Services: GfExperienceService => 2

MSCONFIG\Services: gupdate => 2

MSCONFIG\Services: gupdatem => 3

MSCONFIG\Services: HP Support Assistant Service => 2

MSCONFIG\Services: hpqwmiex => 3

MSCONFIG\Services: MBAMService => 2

MSCONFIG\Services: MSI_LiveUpdate_Service => 2

MSCONFIG\Services: NvNetworkService => 2

MSCONFIG\Services: NvStreamNetworkSvc => 3

MSCONFIG\Services: NvStreamSvc => 2

MSCONFIG\Services: nvsvc => 2

MSCONFIG\Services: omniserv => 2

MSCONFIG\Services: PAExec => 3

MSCONFIG\Services: PnkBstrA => 2

MSCONFIG\Services: QHActiveDefense =>

MSCONFIG\Services: rpcapd => 3

MSCONFIG\Services: SkypeUpdate => 2

MSCONFIG\Services: STacSV => 2

MSCONFIG\Services: Stereo Service => 2

MSCONFIG\Services: TeamViewer => 2

MSCONFIG\Services: VMAuthdService => 2

MSCONFIG\Services: VMnetDHCP => 2

MSCONFIG\Services: VMUSBArbService => 2

MSCONFIG\Services: VMware NAT Service => 2

HKLM\...\StartupApproved\Run: => "SysTrayApp"

HKLM\...\StartupApproved\Run: => "BeatsOSDApp"

HKLM\...\StartupApproved\Run: => "SimplePass"

HKLM\...\StartupApproved\Run: => "OPBHOBroker"

HKLM\...\StartupApproved\Run: => "OPBHOBrokerDesktop"

HKLM\...\StartupApproved\Run: => "NvBackend"

HKLM\...\StartupApproved\Run: => "ShadowPlay"

HKLM\...\StartupApproved\Run: => "Launch LCore"

HKLM\...\StartupApproved\Run32: => "ADX AFPV0114 Gaming Mouse"

HKLM\...\StartupApproved\Run32: => "Live Update"

HKLM\...\StartupApproved\Run32: => "StereoLinksInstall"

HKU\S-1-5-21-3593711402-1704135711-2489708331-1001\...\StartupApproved\Run: => "Pokki"

HKU\S-1-5-21-3593711402-1704135711-2489708331-1001\...\StartupApproved\Run: => "Skype"

HKU\S-1-5-21-3593711402-1704135711-2489708331-1001\...\StartupApproved\Run: => "Steam"

HKU\S-1-5-21-3593711402-1704135711-2489708331-1001\...\StartupApproved\Run: => "CCleaner Monitoring"

HKU\S-1-5-21-3593711402-1704135711-2489708331-1001\...\StartupApproved\Run: => "BlueStacks Agent"

HKU\S-1-5-21-3593711402-1704135711-2489708331-1001\...\StartupApproved\Run: => "SandboxieControl"

HKU\S-1-5-21-3593711402-1704135711-2489708331-1001\...\StartupApproved\Run: => "GoogleChromeAutoLaunch_D41432CA7954C8ED41DD1BEB3ADAA803"

HKU\S-1-5-21-3593711402-1704135711-2489708331-1001\...\StartupApproved\Run: => "icq.desktop"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{EB4CC47A-CA24-4C7D-877F-591F1E233975}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDirector10\PDR10.EXE

FirewallRules: [{72B6371F-F999-4AF5-A6D6-723FE1B81725}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12.exe

FirewallRules: [{7627A017-D922-43E7-84F0-52B893BE05C7}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe

FirewallRules: [{AE8AFCE2-118A-45C7-A245-8858337A6360}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe

FirewallRules: [{7091D5E1-26C3-40EE-A658-CFD7078EC4FA}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12Agent.exe

FirewallRules: [{27DDB171-2C24-4E42-852A-DACB98E76B18}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12ML.exe

FirewallRules: [{60793BA7-02C7-45AB-B5B4-9AB3329ADA55}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDVD12\Movie\PowerDVD.exe

FirewallRules: [{17C4D8C6-C0B2-4AA8-9D95-DC4722DEBF93}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe

FirewallRules: [TCP Query User{121E3333-220F-471F-BBFB-3ED0CEDC2EF5}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe

FirewallRules: [UDP Query User{58F656D7-7546-4B53-95F4-0A95BCEFA09B}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe

FirewallRules: [TCP Query User{05BF2BEA-267C-4398-BBA2-F283888634C7}C:\users\elgiganten-demo\downloads\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\users\elgiganten-demo\downloads\runtime\jre-x64\1.8.0_25\bin\javaw.exe

FirewallRules: [UDP Query User{7C227C2E-2DA9-4C8D-A2A5-C7C2E7D685D4}C:\users\elgiganten-demo\downloads\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\users\elgiganten-demo\downloads\runtime\jre-x64\1.8.0_25\bin\javaw.exe

FirewallRules: [TCP Query User{B8459EC1-5D7C-4DEC-BC3F-ABB386ACE023}C:\users\elgiganten-demo\desktop\alla filer\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\users\elgiganten-demo\desktop\alla filer\runtime\jre-x64\1.8.0_25\bin\javaw.exe

FirewallRules: [UDP Query User{359A2107-C5AE-4D09-B20B-21365D666478}C:\users\elgiganten-demo\desktop\alla filer\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\users\elgiganten-demo\desktop\alla filer\runtime\jre-x64\1.8.0_25\bin\javaw.exe

FirewallRules: [{74C6F5A4-28AD-404F-8E63-83B15EB88253}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe

FirewallRules: [{3167F695-A9E1-4C8E-98DA-8D4D5614C014}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe

FirewallRules: [{F69FCCD9-A2B3-4A6E-8118-6412A77B8A03}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe

FirewallRules: [{26C0C3C1-BF3F-4AB8-8D64-E975C6184D8A}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe

FirewallRules: [{0318777A-605E-41CC-97F8-F0412AE73DCA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Unturned\Unturned.exe

FirewallRules: [{C63CC058-AE8A-4156-98E9-6063B0172E9C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Unturned\Unturned.exe

FirewallRules: [{46067F1D-DEFD-4CA2-93AC-C4CFBF4F2500}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Team Fortress 2\hl2.exe

FirewallRules: [{7A391BF8-8642-4776-B6F9-1DB890FB717B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Team Fortress 2\hl2.exe

FirewallRules: [{0FAF0EA3-2D28-4776-B412-2B1AC2F10461}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Robocraft\Robocraft.exe

FirewallRules: [{45E32560-6120-4B44-B5D6-C8865750C28F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Robocraft\Robocraft.exe

FirewallRules: [{241884E8-7BCD-4E49-9C27-C70446DA8C9C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\APB Reloaded\Launcher\APBLauncher.exe

FirewallRules: [{1D749D21-72D8-4633-8627-7191EE08A1DE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\APB Reloaded\Launcher\APBLauncher.exe

FirewallRules: [{4D3EB559-1A34-42C4-93F7-D9E8356B5C88}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Skyrim\SkyrimLauncher.exe

FirewallRules: [{42D59C57-5E92-4485-A6A7-3D85F2404232}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Skyrim\SkyrimLauncher.exe

FirewallRules: [{9C1F7476-738F-43C3-96A9-33E322106DD0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Tom Clancy's Ghost Recon Phantoms - EU\Launcher.exe

FirewallRules: [{5808B8C8-FFFB-4501-825E-6FFDA7E1C534}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Tom Clancy's Ghost Recon Phantoms - EU\Launcher.exe

FirewallRules: [{83DBA5E8-D8D0-48EC-AA28-6236E5D9EC72}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Call of Duty Advanced Warfare\s1_mp64_ship.exe

FirewallRules: [{015A4187-1F2D-4F0B-B46A-5F628BD1EE2A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Call of Duty Advanced Warfare\s1_mp64_ship.exe

FirewallRules: [{6C2F51EC-E680-46F9-9205-50F5D16BA56D}] => (Allow) C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe

FirewallRules: [{51BC6176-60A7-4E8A-A02C-2FD4DFA212CB}] => (Allow) C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe

FirewallRules: [TCP Query User{3B8E8041-3BA3-4BCD-8020-1BEB25ED0630}C:\program files (x86)\steam\steamapps\common\tom clancy's ghost recon phantoms - eu\game\pdc-live\ghostreconphantoms.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\tom clancy's ghost recon phantoms - eu\game\pdc-live\ghostreconphantoms.exe

FirewallRules: [UDP Query User{B3FF2EF6-6126-44E9-B9F6-42CAB4FB2130}C:\program files (x86)\steam\steamapps\common\tom clancy's ghost recon phantoms - eu\game\pdc-live\ghostreconphantoms.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\tom clancy's ghost recon phantoms - eu\game\pdc-live\ghostreconphantoms.exe

FirewallRules: [{EF663E9D-541F-4B7F-A044-4B3CFC75B654}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\APB Reloaded\Binaries\APB.exe

FirewallRules: [{4118D9D6-1134-4F74-A207-8D6A077EE97E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\APB Reloaded\Binaries\APB.exe

FirewallRules: [{85D77049-6F4F-4ABD-8828-251B883810FB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\APB Reloaded\Binaries\VivoxVoiceService.exe

FirewallRules: [{60E26C3B-B267-4E3D-B84A-1B2EC5AC18FC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\APB Reloaded\Binaries\VivoxVoiceService.exe

FirewallRules: [{71168F72-E1FB-451F-8218-421F3412BB58}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SKILL\DFUBG.exe

FirewallRules: [{B43D4D1C-B4E5-4748-BAEA-0E6D9619E8CE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SKILL\DFUBG.exe

FirewallRules: [{64D445F4-621C-4371-9E1C-3204C3D2A94D}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\bf4_x86.exe

FirewallRules: [{EFFD4F85-5067-422D-A822-6482DE4578E3}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\bf4_x86.exe

FirewallRules: [{EF2FB6AC-92BE-4CA7-9CE8-A8E2708BA20D}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\bf4.exe

FirewallRules: [{2DDB3EDE-EFC6-45F9-BB21-4209E36DFE37}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\bf4.exe

FirewallRules: [{B3ABA67A-D6DF-4E89-A2E9-502E5FDDF8F3}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe

FirewallRules: [{42D09D4A-68D1-4661-A6A2-81F8EACE0844}] => (Allow) LPort=2869

FirewallRules: [{FCCE36BD-AB91-4C4F-9BF7-C91D86FADFE6}] => (Allow) LPort=1900

FirewallRules: [{0F277CFB-7596-47A1-8899-551C062622DB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Fallout 3\FalloutLauncher.exe

FirewallRules: [{5EDECC42-8A93-4CFB-8A53-614BC16D47EB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Fallout 3\FalloutLauncher.exe

FirewallRules: [{39C6F41F-7B53-4C10-B25F-CB766C517A8D}] => (Allow) C:\Program Files (x86)\Microsoft Visual Studio 14.0\Common7\IDE\devenv.exe

FirewallRules: [{F0155847-422A-473F-9594-FC834C2860C2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\WARMODE\warmode.exe

FirewallRules: [{E8107788-2F8D-458C-B46F-603944D36930}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\WARMODE\warmode.exe

FirewallRules: [{FB7911E8-2C4C-47F6-9A61-85AA9F79AF00}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe

FirewallRules: [{4FA725A9-2FD6-4D0C-B463-CDB3432A5957}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe

FirewallRules: [{2080FA62-2B92-4DFE-9201-054D86A99956}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe

FirewallRules: [{F29D5A41-C090-45BE-824F-A32DF9FEA14B}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe

FirewallRules: [{E3CFB468-52CD-4343-A373-E1FB8BA3C9EA}] => (Allow) C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe

FirewallRules: [{73C49AED-60C3-48BD-8B06-420A7E62D9F8}] => (Allow) C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe

FirewallRules: [{701103A9-6B1C-4BC4-919B-6C3CE1273841}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\BF4WebHelper.exe

FirewallRules: [{2AEDAD03-4A8C-4C1B-ADB5-0521A655343C}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\BF4WebHelper.exe

FirewallRules: [{2028384D-A2E5-4350-98EF-19409E908AEE}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\BF4X86WebHelper.exe

FirewallRules: [{187055C7-6A25-4EAC-8ED4-36CF67BA7B41}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\BF4X86WebHelper.exe

FirewallRules: [{5CAED7BB-EA12-48AB-BD44-CE008AF4F55F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Grand Theft Auto V\GTAVLauncher.exe

FirewallRules: [{2162B5F8-10E8-47AA-A570-249808EB538C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Grand Theft Auto V\GTAVLauncher.exe

FirewallRules: [TCP Query User{30472F72-2759-46C9-8304-EEDF6634F779}C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe

FirewallRules: [UDP Query User{713B990C-60CC-4FB4-BEA5-49E669FB2975}C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe

FirewallRules: [{45A052E8-3C2A-4C95-937C-3E8C2DC5974E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Source\hl2.exe

FirewallRules: [{D26CED1D-320A-4DEB-8D09-8FDA4F442827}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Source\hl2.exe

FirewallRules: [{BD059E17-9EAC-4F6D-BF8B-A209F73D99DB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\rFactor Demo\rFactor.exe

FirewallRules: [{D2111FD3-BC58-4101-8E88-E0533A28093F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\rFactor Demo\rFactor.exe

FirewallRules: [{1C5F4DE8-0831-4C9E-B1E9-D2968C109484}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\rFactor Demo\rF Config.exe

FirewallRules: [{5091F690-19C3-4747-933A-0172D716CC86}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\rFactor Demo\rF Config.exe

FirewallRules: [{4F2B544D-CABA-4007-8983-BFBDA205E36C}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPDeviceDetection3.exe

FirewallRules: [{9B00EE8A-C3BC-4339-ADDB-EAC489310292}] => (Allow) C:\ProgramData\BlueStacksGameManager\OBS\HD-OBS.exe

FirewallRules: [{B5312830-9261-471B-ACED-2222F4BDFA81}] => (Allow) C:\ProgramData\BlueStacksGameManager\OBS\HD-OBS.exe

FirewallRules: [{1D1C9E11-B6D4-4B91-AC8B-CC9F7380EC26}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warface\live\nw.exe

FirewallRules: [{042D82B7-4B03-4C28-9135-A758D100A3DF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warface\live\nw.exe

FirewallRules: [{AF95BA7B-1752-49A3-951B-869F1F517F6E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Aftermath\AMLauncher.exe

FirewallRules: [{8484B640-7CF3-4632-A845-1D8C82819169}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Aftermath\AMLauncher.exe

FirewallRules: [TCP Query User{E2910ECD-3BC0-4562-8C8B-D3B8455D1BFC}C:\program files (x86)\steam\steamapps\common\aftermath\amlauncher.exe.new.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\aftermath\amlauncher.exe.new.exe

FirewallRules: [UDP Query User{7952CD4C-3B6F-4702-B3A7-DEF1EC0BD503}C:\program files (x86)\steam\steamapps\common\aftermath\amlauncher.exe.new.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\aftermath\amlauncher.exe.new.exe

FirewallRules: [TCP Query User{4EC5FA9A-20F4-4E80-B39F-2A218DD4D0D8}C:\program files\java\jre1.8.0_60\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_60\bin\javaw.exe

FirewallRules: [UDP Query User{997F0E57-EB82-42D2-9C20-8DFDF7772D8B}C:\program files\java\jre1.8.0_60\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_60\bin\javaw.exe

FirewallRules: [{4E64468B-DF1C-4483-B301-510FDC3D7284}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Grand Theft Auto IV\GTAIV\LaunchGTAIV.exe

FirewallRules: [{5BCE1FBA-9C1B-4535-BA43-6E2DD28B47CE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Grand Theft Auto IV\GTAIV\LaunchGTAIV.exe

FirewallRules: [{79FB5B7A-12A5-4066-A599-9A9621B84CFC}] => (Allow) C:\Program Files (x86)\FlyVPN\FlyVPN.exe

FirewallRules: [{97972E95-4E1B-4873-AB02-A49706841EEC}] => (Allow) C:\Program Files\Rockstar Games\Grand Theft Auto V\GTA5.exe

FirewallRules: [{D1AA4CBC-F280-4EB4-BBD8-7AEBACF92457}] => (Allow) C:\Program Files\Rockstar Games\Grand Theft Auto V\GTA5.exe

FirewallRules: [{491B67EE-D908-4FA5-A382-A5B304FB0787}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Creativerse\Creativerse.exe

FirewallRules: [{FA2BB7D6-75E1-4814-A4EA-1A52D835BDC2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Creativerse\Creativerse.exe

FirewallRules: [{C0CADBBE-C755-452B-AFBB-701AFA965518}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\RisingWorld\risingworldx64.exe

FirewallRules: [{5DA10135-317F-4291-9078-3B7B60A22A99}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\RisingWorld\risingworldx64.exe

FirewallRules: [{D9A50580-7341-4193-A35A-782E5570685C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\pCars\pCARS64.exe

FirewallRules: [{A4C52E3B-BF4C-4D6D-8E45-D8980FE772BE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\pCars\pCARS64.exe

FirewallRules: [{E286ED96-9062-4773-9BE8-EA39AAA5AAFF}] => (Allow) C:\Program Files\RealVNC\VNC Server\vncserver.exe

FirewallRules: [{3BE293AC-80AE-4AAD-9029-687CF7088F46}] => (Allow) C:\Program Files\RealVNC\VNC Server\vncserver.exe

FirewallRules: [TCP Query User{27E34102-7627-49B5-B91F-13B327BF98BC}C:\users\elgiganten-demo\desktop\ida_v6.1\idag64.exe] => (Allow) C:\users\elgiganten-demo\desktop\ida_v6.1\idag64.exe

FirewallRules: [UDP Query User{004CD375-124B-4F06-A786-4AE0B4115BAD}C:\users\elgiganten-demo\desktop\ida_v6.1\idag64.exe] => (Allow) C:\users\elgiganten-demo\desktop\ida_v6.1\idag64.exe

FirewallRules: [{1CB66292-1239-437D-A906-25CA89B57BB4}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 1 Open Beta\bf1.exe

FirewallRules: [{4135EB17-A346-42F9-9E11-84DF89E6FC51}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 1 Open Beta\bf1.exe

FirewallRules: [TCP Query User{8917BC53-C35D-4FE1-B006-7DB454BDD9C7}C:\users\elgiganten-demo\desktop\njrat 0.7d\njrat v0.7d.exe] => (Allow) C:\users\elgiganten-demo\desktop\njrat 0.7d\njrat v0.7d.exe

FirewallRules: [UDP Query User{406290A6-3E58-4C5E-9EC1-38B5552CDD6F}C:\users\elgiganten-demo\desktop\njrat 0.7d\njrat v0.7d.exe] => (Allow) C:\users\elgiganten-demo\desktop\njrat 0.7d\njrat v0.7d.exe

FirewallRules: [TCP Query User{01C29E3D-D06C-4DBB-A426-70720F721ED7}C:\users\elgiganten-demo\desktop\njrat 0.5.0\njrat.exe] => (Allow) C:\users\elgiganten-demo\desktop\njrat 0.5.0\njrat.exe

FirewallRules: [UDP Query User{2C573C6F-3992-429A-93D0-FAEF4AA41058}C:\users\elgiganten-demo\desktop\njrat 0.5.0\njrat.exe] => (Allow) C:\users\elgiganten-demo\desktop\njrat 0.5.0\njrat.exe

FirewallRules: [TCP Query User{88C2E208-5098-4262-A241-60B3E6825745}C:\users\elgiganten-demo\desktop\crypt\crypt tools\njrat 0.7d\njrat v0.7d.exe] => (Block) C:\users\elgiganten-demo\desktop\crypt\crypt tools\njrat 0.7d\njrat v0.7d.exe

FirewallRules: [UDP Query User{1D46DBF9-065D-45C7-A3FE-360D9D0922C3}C:\users\elgiganten-demo\desktop\crypt\crypt tools\njrat 0.7d\njrat v0.7d.exe] => (Block) C:\users\elgiganten-demo\desktop\crypt\crypt tools\njrat 0.7d\njrat v0.7d.exe

FirewallRules: [TCP Query User{4877F8CD-0E43-44AD-A652-71C891834FD5}C:\users\elgiganten-demo\desktop\deskt-\hacking, cheats etc\rats\njrat 0.5.0\njrat.exe] => (Allow) C:\users\elgiganten-demo\desktop\deskt-\hacking, cheats etc\rats\njrat 0.5.0\njrat.exe

FirewallRules: [UDP Query User{9DA56138-5DE2-4A72-B58F-C5273D608ECE}C:\users\elgiganten-demo\desktop\deskt-\hacking, cheats etc\rats\njrat 0.5.0\njrat.exe] => (Allow) C:\users\elgiganten-demo\desktop\deskt-\hacking, cheats etc\rats\njrat 0.5.0\njrat.exe

FirewallRules: [TCP Query User{60E2D41C-09E0-4D9C-9214-625A67BA4C85}C:\users\elgiganten-demo\desktop\deskt-\hacking, cheats etc\ida_v6.1\idag64.exe] => (Allow) C:\users\elgiganten-demo\desktop\deskt-\hacking, cheats etc\ida_v6.1\idag64.exe

FirewallRules: [UDP Query User{9828C8C5-FA2E-43A4-8D2B-D229C81C49E0}C:\users\elgiganten-demo\desktop\deskt-\hacking, cheats etc\ida_v6.1\idag64.exe] => (Allow) C:\users\elgiganten-demo\desktop\deskt-\hacking, cheats etc\ida_v6.1\idag64.exe

FirewallRules: [{0BA05294-3486-4B11-AA71-98ACD55FE5E8}] => (Allow) C:\Program Files (x86)\Remotr\RemotrServer.exe

FirewallRules: [{EEBD19F2-395E-478C-8C8F-392534106172}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\H1Z1\LaunchPad.exe

FirewallRules: [{30A8C5C3-610F-4E2B-8378-0E08A971E820}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\H1Z1\LaunchPad.exe

FirewallRules: [TCP Query User{3515B577-08A3-4492-9144-942D8C7259F6}C:\program files (x86)\steam\steamapps\common\h1z1\h1z1.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\h1z1\h1z1.exe

FirewallRules: [UDP Query User{6CBC54B5-704A-4917-8275-C3926A29D905}C:\program files (x86)\steam\steamapps\common\h1z1\h1z1.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\h1z1\h1z1.exe

FirewallRules: [TCP Query User{B748C987-266B-47FA-9FCF-D80B633F2C15}C:\program files\qtox\bin\qtox.exe] => (Allow) C:\program files\qtox\bin\qtox.exe

FirewallRules: [UDP Query User{15093021-ACAB-49A0-9AFF-9380C3D6B717}C:\program files\qtox\bin\qtox.exe] => (Allow) C:\program files\qtox\bin\qtox.exe

FirewallRules: [TCP Query User{86782A92-83F8-44F3-98F7-0EDAA9D70877}C:\program files\logitech gaming software\lcore.exe] => (Block) C:\program files\logitech gaming software\lcore.exe

FirewallRules: [UDP Query User{2483393C-C1CF-47C4-AF37-E868A0F1B65A}C:\program files\logitech gaming software\lcore.exe] => (Block) C:\program files\logitech gaming software\lcore.exe

FirewallRules: [{5A91859D-7B4C-411D-8876-73FB470C84D5}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe

FirewallRules: [{E8D0A5BD-3F4D-4FCB-BC11-35CBEA126DA0}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe

FirewallRules: [{95BCA5C1-B6BC-47E2-8C14-261951D4D8C6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Unturned\Unturned_BE.exe

FirewallRules: [{C82E15AB-8D10-47ED-9EAA-8156A4EA9419}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Unturned\Unturned_BE.exe

FirewallRules: [{DBE3B26D-5750-4B1C-A432-025E1CCB099E}] => (Allow) C:\Users\elgiganten-demo\Desktop\FIVE REBORN\FiveReborn.exe

FirewallRules: [{A0F2E2A9-5E26-4746-BBE1-381F1B34D141}] => (Allow) C:\Users\elgiganten-demo\Desktop\FIVE REBORN\FiveReborn.exe

FirewallRules: [{5D13A95F-1FEE-43A9-80A9-7FC0E68AC461}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe

FirewallRules: [{56AD13FA-0667-4E7C-BB86-157F5E06EA72}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe

FirewallRules: [{38514D56-EF36-47B1-9698-DD53015C14D4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe

FirewallRules: [{DD04850D-2CBB-40DE-BCD7-654CDA715B38}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe

FirewallRules: [{CADF09BD-2103-4210-86FD-700D5286095A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe

FirewallRules: [{2E8B3CFA-65E5-45CF-B3E3-B36C26609734}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe

FirewallRules: [{1534D259-2010-41B6-97F1-D2EA6441DD7A}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe

FirewallRules: [{FB53D026-DA27-42C8-838E-8C91235EAFA0}] => (Allow) C:\Program Files\SoftEther VPN Client\vpncmd_x64.exe

FirewallRules: [{D580092A-AF33-4B5A-9CF2-BC6BA45AA634}] => (Allow) C:\Program Files\SoftEther VPN Client\vpnclient_x64.exe

FirewallRules: [{79180420-7E09-4576-8439-FBA0B4829B2B}] => (Allow) C:\Program Files\SoftEther VPN Client\vpncmd.exe

FirewallRules: [{FA697C85-79C2-4BCD-A5A7-4E9ABDB51C6A}] => (Allow) C:\Program Files\SoftEther VPN Client\vpncmgr_x64.exe

FirewallRules: [{4A4147E7-4FAD-42A4-892C-8A9B7E863B12}] => (Allow) C:\Program Files\SoftEther VPN Client\vpncmgr.exe

FirewallRules: [{B74F80D4-2792-408C-A232-8F9ADCBC95C0}] => (Allow) C:\Program Files\SoftEther VPN Client\vpnclient.exe

FirewallRules: [TCP Query User{1E6FA279-627E-4352-A9A0-D548B9ED3FAD}C:\program files (x86)\steam\steamapps\common\h1z1 king of the kill\h1z1.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\h1z1 king of the kill\h1z1.exe

FirewallRules: [UDP Query User{4AF7D44C-1D88-43F7-AAF1-B2FA73F0DCF7}C:\program files (x86)\steam\steamapps\common\h1z1 king of the kill\h1z1.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\h1z1 king of the kill\h1z1.exe

FirewallRules: [{EAAD0486-2292-469A-8D03-6360F2954EF2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Arma 3\arma3launcher.exe

FirewallRules: [{E6C60B5A-5674-4652-AC7C-C205052C89D7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Arma 3\arma3launcher.exe

FirewallRules: [TCP Query User{93A0D086-AAA1-4916-AD08-CAA1171B74EC}C:\program files (x86)\steam\steamapps\common\arma 3\arma3.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\arma 3\arma3.exe

FirewallRules: [UDP Query User{82EA4DEE-7AE8-42C7-9050-E8E6FD5B6D89}C:\program files (x86)\steam\steamapps\common\arma 3\arma3.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\arma 3\arma3.exe

FirewallRules: [TCP Query User{91F7C6FA-40BE-4C08-8B6A-36EF256B5544}C:\program files\java\jre1.8.0_60\bin\java.exe] => (Allow) C:\program files\java\jre1.8.0_60\bin\java.exe

FirewallRules: [UDP Query User{A1EE2D25-1E6B-4ED6-9639-DCE136E12529}C:\program files\java\jre1.8.0_60\bin\java.exe] => (Allow) C:\program files\java\jre1.8.0_60\bin\java.exe

FirewallRules: [{FF2872B4-DB27-4366-8E85-69259DB1F672}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\RoBoRumble\rrumble.exe

FirewallRules: [{FDDD538F-67EB-4A42-97C7-D6A1B53A2FAA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\RoBoRumble\rrumble.exe

FirewallRules: [{C845128A-1DF5-46D7-B2BB-B5CD3D02626F}] => (Allow) C:\Program Files (x86)\Opera\43.0.2442.1144\opera.exe

FirewallRules: [{E46667BF-6473-46A1-9B29-6DB605D0BC96}] => (Allow) C:\Program Files (x86)\Opera\44.0.2510.857\opera.exe

FirewallRules: [{5BA21154-40F3-49D0-A198-389D93BBEBF6}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\BFLauncher.exe

FirewallRules: [{D077CBCE-3647-4945-9F95-9455D54FCD1E}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\BFLauncher.exe

FirewallRules: [{270CA4E2-445A-4909-A47F-AA5178A4FD7F}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\BFLauncher_x86.exe

FirewallRules: [{62CF4FF2-4B3F-48E1-AD97-D5A84F0E7EE6}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\BFLauncher_x86.exe

FirewallRules: [{70423494-95A0-437B-84D0-25140ED950B2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\LMS\Launcher.exe

FirewallRules: [{2DDF40A7-3A50-4B5B-A5BD-5B0AA4B915B0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\LMS\Launcher.exe

FirewallRules: [TCP Query User{ADA183DE-E002-419B-8907-6512B1731C70}C:\program files (x86)\steam\steamapps\common\lms\lms.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\lms\lms.exe

FirewallRules: [UDP Query User{A998CE72-76FD-4E1F-99D5-8521BA73A118}C:\program files (x86)\steam\steamapps\common\lms\lms.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\lms\lms.exe

FirewallRules: [{E622A3F2-1183-48EC-849F-3E018937E9BE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe

FirewallRules: [{16AD3127-8C9E-4879-9B5E-B956481B6E67}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe

FirewallRules: [TCP Query User{B6223D89-D32C-41E6-A162-99D3CB09CADC}C:\program files (x86)\qtox\bin\qtox.exe] => (Block) C:\program files (x86)\qtox\bin\qtox.exe

FirewallRules: [UDP Query User{DA8694CF-2C00-41C8-8888-62742F4C38C6}C:\program files (x86)\qtox\bin\qtox.exe] => (Block) C:\program files (x86)\qtox\bin\qtox.exe

FirewallRules: [TCP Query User{5F5ED134-9FF3-4A79-B142-F0E32039E6F5}C:\users\elgiganten-demo\desktop\----------\spel\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\users\elgiganten-demo\desktop\----------\spel\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe

FirewallRules: [UDP Query User{BC449061-12C9-4D77-851C-4FC2FF6E4050}C:\users\elgiganten-demo\desktop\----------\spel\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\users\elgiganten-demo\desktop\----------\spel\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe

FirewallRules: [{B8DDE68B-27AC-448B-B935-5372591B94AE}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe

FirewallRules: [{9920D746-1B16-4FFD-97CC-4CD5CEB18F00}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe

FirewallRules: [{5BBB00E5-2FB8-4B4B-A5AA-DB4DD385B066}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe

FirewallRules: [{115AB1F2-4C83-4793-BD6E-C6B671520FD6}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe

FirewallRules: [{6BE0940A-8954-435B-8B9B-DED36906F43B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\H1Z1 King of the Kill\LaunchPad.exe

FirewallRules: [{A16AFCA3-C03B-4CE7-A093-A6E7C404AD83}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\H1Z1 King of the Kill\LaunchPad.exe

FirewallRules: [{D5A295E8-906A-4C60-99DB-A5310AF97C39}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

FirewallRules: [{826049F8-210E-4D78-BED3-EB0772F214E9}] => (Allow) C:\Users\elgiganten-demo\Desktop\Deskt-\HACKING, cheats etc\Reverse ENG tools\IDA_v6.1\idag64.exe

FirewallRules: [{64840879-FF73-4C0D-BC57-4541792AB464}] => (Allow) C:\Users\elgiganten-demo\Desktop\Deskt-\HACKING, cheats etc\Reverse ENG tools\IDA_v6.1\idag64.exe

==================== Restore Points =========================

14-06-2017 13:20:42 Installationsprogram för Windows-moduler

21-06-2017 02:21:18 Windows Update

28-06-2017 10:48:43 Schemalagd kontrollpunkt

==================== Faulty Device Manager Devices =============

==================== Event log errors: =========================

Application errors:

==================

Error: (07/02/2017 12:56:14 AM) (Source: SideBySide) (EventID: 33) (User: )

Description: Det gick inte att skapa aktiveringskontext för C:\Program Files (x86)\Microsoft Visual Studio 14.0\VC\redist\1033\vcredist_arm.exe.

Den beroende sammansättningen Microsoft.Windows.Common-Controls,language="*",processorArchitecture="arm",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" kunde inte hittas.

Använd sxstrace.exe om du vill diagnostisera ytterligare.

Error: (07/01/2017 10:01:49 PM) (Source: Windows Search Service) (EventID: 10021) (User: )

Description: Det gick inte att hämta registerinfo om prestandaräknare för WSearchIdxPi för instansen på grund av följande fel: Åtgärden har slutförts. 0x0.

Error: (07/01/2017 10:01:46 PM) (Source: Windows Search Service) (EventID: 3007) (User: )

Description: Det går inte att initiera prestandaövervakning för insamlingsobjektet eftersom räknarna inte har lästs in eller det delade minnesobjektet inte går att öppna. Detta påverkar endast tillgängligheten för prestandaräknarna. Starta om datorn.

Kontext: program , katalog SystemIndex

Error: (07/01/2017 10:01:43 PM) (Source: Windows Search Service) (EventID: 3006) (User: )

Description: Det går inte att initiera prestandaövervakning för insamlingstjänsten eftersom räknarna inte har lästs in eller det delade minnesobjektet inte går att öppna. Detta påverkar endast tillgängligheten för prestandaräknarna. Starta om datorn.

Error: (07/01/2017 05:03:48 PM) (Source: Microsoft-Windows-LocationProvider) (EventID: 2006) (User: NT instans)

Description: There was an error with the Windows Location Provider database

Error: (07/01/2017 04:44:27 PM) (Source: SideBySide) (EventID: 33) (User: )

Description: Det gick inte att skapa aktiveringskontext för C:\Program Files (x86)\Microsoft Visual Studio 14.0\VC\redist\1033\vcredist_arm.exe.

Den beroende sammansättningen Microsoft.Windows.Common-Controls,language="*",processorArchitecture="arm",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" kunde inte hittas.

Använd sxstrace.exe om du vill diagnostisera ytterligare.

Error: (07/01/2017 04:43:12 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: Felet uppstod i programmet med namn: procexp.exe, version 16.5.0.0, tidsstämpel 0x54fe13dc

, felet uppstod i modulen med namn: procexp.exe, version 16.5.0.0, tidsstämpel 0x54fe13dc

Undantagskod: 0xc0000005

Felförskjutning: 0x00001284

Process-ID: 0x1de0

Programmets starttid: 0x01d2f2785d25da30

Sökväg till program: C:\Users\elgiganten-demo\Desktop\procexp.exe

Sökväg till modul: C:\Users\elgiganten-demo\Desktop\procexp.exe

Rapport-ID: 9ad72fa7-5e6b-11e7-8301-a0d3c147e639

Fullständigt namn på felaktigt paket:

Program-ID relativt till felaktigt paket:

Error: (07/01/2017 04:42:50 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: Felet uppstod i programmet med namn: procexp.exe, version 16.5.0.0, tidsstämpel 0x54fe13dc

, felet uppstod i modulen med namn: procexp.exe, version 16.5.0.0, tidsstämpel 0x54fe13dc

Undantagskod: 0xc0000005

Felförskjutning: 0x00001284

Process-ID: 0x1934

Programmets starttid: 0x01d2f27850786084

Sökväg till program: C:\Users\elgiganten-demo\Desktop\procexp.exe

Sökväg till modul: C:\Users\elgiganten-demo\Desktop\procexp.exe

Rapport-ID: 8e29587d-5e6b-11e7-8301-a0d3c147e639

Fullständigt namn på felaktigt paket:

Program-ID relativt till felaktigt paket:

Error: (07/01/2017 04:42:35 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: Felet uppstod i programmet med namn: procexp.exe, version 16.5.0.0, tidsstämpel 0x54fe13dc

, felet uppstod i modulen med namn: procexp.exe, version 16.5.0.0, tidsstämpel 0x54fe13dc

Undantagskod: 0xc0000005

Felförskjutning: 0x00001284

Process-ID: 0xfb4

Programmets starttid: 0x01d2f27846b5e209

Sökväg till program: C:\Users\elgiganten-demo\Desktop\procexp.exe

Sökväg till modul: C:\Users\elgiganten-demo\Desktop\procexp.exe

Rapport-ID: 84d1d68d-5e6b-11e7-8301-a0d3c147e639

Fullständigt namn på felaktigt paket:

Program-ID relativt till felaktigt paket:

Error: (07/01/2017 11:25:01 AM) (Source: Perflib) (EventID: 1008) (User: )

Description: Öppningsproceduren .NETFramework i DLL-filen C:\windows\system32\mscoree.dll kunde inte utföras. Prestandadata för den här tjänsten kommer inte att vara tillgängliga. Felkoden anges av datasektionens första fyra byte (DWORD).

System errors:

=============

Error: (07/02/2017 04:29:34 AM) (Source: DCOM) (EventID: 10010) (User: FARFAR)

Description: Servern {1B1F472E-3221-4826-97DB-2C2324D389AE} registrerades inte med DCOM inom erforderlig timeout.

Error: (07/02/2017 04:29:04 AM) (Source: DCOM) (EventID: 10010) (User: FARFAR)

Description: Servern {BF6C1E47-86EC-4194-9CE5-13C15DCB2001} registrerades inte med DCOM inom erforderlig timeout.

Error: (07/01/2017 10:01:17 PM) (Source: Service Control Manager) (EventID: 7000) (User: )

Description: Tjänsten Origin Web Helper Service kunde inte startas på grund av följande fel:

Tjänsten svarade inte på start- eller kontrollbegäran i tid.

Error: (07/01/2017 10:01:17 PM) (Source: Service Control Manager) (EventID: 7009) (User: )

Description: En timeout (30000 ms) inträffade vid väntan på att tjänsten Origin Web Helper Service skulle ansluta.

Error: (07/01/2017 10:00:36 PM) (Source: BugCheck) (EventID: 1001) (User: )

Description: Datorn har startats om efter felsökningen. Felsökningen var: 0x00000109 (0xa3a01f594408bb53, 0xb3b72bdf9688ba3a, 0xffffd000e61ecfc0, 0x0000000000000002). Innehållet dumpades och sparades i: C:\windows\MEMORY.DMP. Rapport-ID: 070117-38640-01.

Error: (07/01/2017 10:00:18 PM) (Source: EventLog) (EventID: 6008) (User: )

Description: Den senaste avstängningen av datorn vid 21:53:55 den ‎2017-‎07-‎01 skedde oväntat.

Error: (07/01/2017 09:55:57 PM) (Source: cdrom) (EventID: 11) (User: )

Description: Drivrutinen hittade ett styrenhetsfel på \Device\CdRom0.

Error: (07/01/2017 09:55:51 PM) (Source: cdrom) (EventID: 11) (User: )

Description: Drivrutinen hittade ett styrenhetsfel på \Device\CdRom0.

Error: (07/01/2017 09:55:45 PM) (Source: cdrom) (EventID: 11) (User: )

Description: Drivrutinen hittade ett styrenhetsfel på \Device\CdRom0.

Error: (07/01/2017 03:37:26 PM) (Source: DCOM) (EventID: 10010) (User: FARFAR)

Description: Servern {1B1F472E-3221-4826-97DB-2C2324D389AE} registrerades inte med DCOM inom erforderlig timeout.

CodeIntegrity:

===================================

Date: 2016-09-23 09:47:32.040

Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files (x86)\Common Files\Avnex\vcs64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2016-09-15 06:32:06.690

Date: 2016-08-31 12:59:59.983

Date: 2016-08-25 16:22:58.116

Date: 2016-06-25 21:14:02.660

Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-06-25 21:06:34.882

Date: 2016-06-25 20:53:49.612

Date: 2016-06-25 20:43:13.006

Date: 2016-06-25 20:34:59.789

Date: 2016-06-25 17:46:47.624

==================== Memory info ===========================

Processor: AMD FX™-670K Quad-Core Processor

Percentage of memory in use: 27%

Total physical RAM: 12212.94 MB

Available physical RAM: 8812.2 MB

Total Virtual: 24500.94 MB

Available Virtual: 20648.75 MB

==================== Drives ================================

Drive c: (Windows) (Fixed) (Total:1847.95 GB) (Free:599.69 GB) NTFS ==>[system with boot components (obtained from drive)]

Drive d: (Bajs) (Fixed) (Total:13.59 GB) (Free:13.53 GB) NTFS

==================== MBR & Partition Table ==================

========================================================

Disk: 0 (Size: 1863 GB) (Disk ID: 20133143)

Partition: GPT.

========================================================

Disk: 1 (MBR Code: Windows 7 or 8) (Size: 14.9 GB) (Disk ID: BDD23883)

Partition 1: (Not Active) - (Size=14.9 GB) - (Type=73)

==================== End of Addition.txt ============================

#3
RKinner

Posted 02 July 2017 - 04:14 PM

Malware Expert

Expert
24,624 posts

Error: (07/01/2017 09:55:57 PM) (Source: cdrom) (EventID: 11) (User: )

Description: Drivrutinen hittade ett styrenhetsfel på \Device\CdRom0.

Search for

device manager

hit enter

Find DVD/CD-ROM

Click on the arrow in front of it. Right click on each device under DVD/CD-ROM and UNINSTALL. (Do not let it remove drivers if it asks) Reboot.

IF the error reappears then try

Windows Repair all in one

http://www.tweaking....all_in_one.html

Download it and save it then run it.

You can skip to step 4 or 5 where it gives you the same picture as in the above link.

Make sure the following is checked before hitting Start:

Repair CD/DVD Missing/Not Working

(Others won't hurt anything but will take a lot longer to complete)

Reboot when done and see if the error reappears.

Error: (07/01/2017 10:00:36 PM) (Source: BugCheck) (EventID: 1001) (User: )

Description: Datorn har startats om efter felsökningen. Felsökningen var: 0x00000109 (0xa3a01f594408bb53, 0xb3b72bdf9688ba3a, 0xffffd000e61ecfc0, 0x0000000000000002). Innehållet dumpades och sparades i: C:\windows\MEMORY.DMP. Rapport-ID: 070117-38640-01.

Download BlueScreenView

http://www.nirsoft.net/utils/blue_screen_view.html

Double click on BlueScreenView.exe file to run the program.

When scanning is done, go Edit, Select All.

Go File, Save Selected Items, and save the report as BSOD.txt.

Open BSOD.txt in Notepad, copy all content, and paste it into your next reply.

I see you have Speccy. Please make a log and attach it:

Run Speccy. When it finishes (the little icon in the bottom left will stop moving),

File, Save as Text File, (to your desktop) note the name it gives. OK. Open the file in notepad and delete the line that gives the serial number of your Operating System.

(It will be near the top, 10-20 lines down.) Save the file. Attach the file to your next post. Attaching the log is the best option as it is too big for the forum. Attaching is a multi step process.

First click on More Reply Options

Then scroll down to where you see

Choose File and click on it. Point it at the file and hit Open.

Now click on Attach this file.

Error: (07/01/2017 10:01:17 PM) (Source: Service Control Manager) (EventID: 7000) (User: )

Description: Tjänsten Origin Web Helper Service kunde inte startas på grund av följande fel:

Tjänsten svarade inte på start- eller kontrollbegäran i tid.

Error: (07/01/2017 10:01:17 PM) (Source: Service Control Manager) (EventID: 7009) (User: )

Description: En timeout (30000 ms) inträffade vid väntan på att tjänsten Origin Web Helper Service skulle ansluta.

Search for

services.msc

hit Enter

Find the Origin Web Helper Service and right click and select Properties. Change the Startup Type to Manual OK.

No idea what is wrong with Process Explorer. Could be it doesn't like Swedish but I would try a new download:

http://live.sysinter...com/procexp.exe

Right click on it and Run As Admin.

#4
Alduin

Posted 02 July 2017 - 05:03 PM

Banned

Topic Starter
Banned
55 posts

The error hasn't been reappearing since 07/01/2017 09:55:57 PM, but I still uninstalled it. If it ever does reappear again I will try that step u mentioned above!

==================================================

Dump File : 070117-38640-01.dmp

Crash Time : 2017-07-01 21:58:41

Bug Check String :

Bug Check Code : 0x00000109

Parameter 1 : a3a01f59`4408bb53

Parameter 2 : b3b72bdf`9688ba3a

Parameter 3 : ffffd000`e61ecfc0

Parameter 4 : 00000000`00000002

Caused By Driver : ntoskrnl.exe

Caused By Address : ntoskrnl.exe+14dda0

File Description :

Product Name :

Company :

File Version :

Processor : x64

Crash Address : ntoskrnl.exe+14dda0

Stack Address 1 :

Stack Address 2 :

Stack Address 3 :

Computer Name :

Full Path : C:\Windows\Minidump\070117-38640-01.dmp

Processors Count : 4

Major Version : 15

Minor Version : 9600

Dump File Size : 412 112

Dump File Time : 2017-07-01 22:00:36

==================================================

I have a very hot CPU, I'm going to change motherboard, and CPU, and Cooler fan in the future.

Find the Origin Web Helper Service and right click and select Properties. Change the Startup Type to Manual OK.

Done.

No idea what is wrong with Process Explorer. Could be it doesn't like Swedish but I would try a new download:

I was tampering with it before changing its digital signatures to unverified. So that was maybe it, however i can't be sure.

#5
Alduin

Posted 02 July 2017 - 05:12 PM

Banned

Topic Starter
Banned
55 posts

Also, this is the last time I will buy an HP computer, It gets loaded with bloatware and the cooler is bad.

Edited by Alduin, 02 July 2017 - 05:19 PM.

#6
RKinner

Posted 02 July 2017 - 05:32 PM

Malware Expert

Expert
24,624 posts

The heat is probably why you are getting BSODs. Usually you can just shut them down, leave it plugged into the wall, open it up. Remove the fan (but not the heatsink then use a small brush and a vacuum cleaner hose to clean the heatsink and fans and air vents. If that's not enough then you pull the heatsink, clean it really well and put new Arctic Silver 5 thermal paste. I like to use the kit that comes with the cleaner and surface prep but if you don't have it alcohol will work almost as well. The Arctic Silver 5 website tells you how much to put on and what shape to use for each CPU type.

My usual Event reader doesn't work in Swedish but I think MiniToolBox doesn't care:

Please download MiniToolBox, save it to your desktop and run it.

Checkmark the following checkboxes:

List content of Hosts

List IP configuration

List Winsock Entries

List last 10 Event Viewer Errors

List Installed Programs

List Devices

List Users, Partitions and Memory size.

Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.

#7
Alduin

Posted 02 July 2017 - 06:01 PM

Banned

Topic Starter
Banned
55 posts

Are you really sure RKinner? The temps have been like this since I got this PC totally new from elgiganten. I got the BSOD while I was scanning with aswMBR and my CD-ROM was acting crazy and then poff one for the first time and no more BSODs after that. But i can try ur suggestion with Arctic Silver 5 thermal paste thanks , . I also ran following commands on CMD

cmd:

sfc /scannow

Dism /online /Cleanup-image /Restorehealth

I also removed Pokki btw even tough I had it disabled, but since I saw it on the frst logs and I almost completely forgot about it, I removed it.

MiniToolBox by Farbar Version: 17-06-2016

Ran by elgiganten-demo (administrator) on 03-07-2017 at 01:40:08

Running from "C:\Users\elgiganten-demo\Downloads"

Microsoft Windows 8.1 (X64)

Model: 500-311no Manufacturer: Hewlett-Packard

Boot Mode: Normal

***************************************************************************

========================= Hosts content: =================================

35.156.90.191 authserver.mojang.com

35.156.90.191 sessionserver.mojang.com

========================= IP Configuration: ================================

[CommView] Atheros AR9485 Wireless Network Adapter = Wi-Fi (Connected)

VirtualBox Host-Only Ethernet Adapter = VirtualBox Host-Only Network (Connected)

VMware Virtual Ethernet Adapter for VMnet1 = VMware Network Adapter VMnet1 (Connected)

VMware Virtual Ethernet Adapter for VMnet8 = VMware Network Adapter VMnet8 (Connected)

Realtek PCIe GBE Family Controller = Ethernet (Media disconnected)

TAP-Win32 Adapter V9 for OpenVPN Accelerator = Anslutning till lokalt nätverk (Media disconnected)

VPN Client Adapter - VPN = VPN - VPN Client (Media disconnected)

TAP-Windows Adapter V9 | NordVPN-9.21.2 = Ethernet 2 (Media disconnected)

TAP-Windows Adapter V9 = Ethernet 5 (Media disconnected)

TAP Adapter OAS NDIS 6.0 = Ethernet 3 (Media disconnected)

TAP-Windows Adapter V9 = Ethernet 4 (Media disconnected)

Windscribe VPN = Ethernet 6 (Media disconnected)

# ----------------------------------

# IPv4 Configuration

# ----------------------------------

pushd interface ipv4

reset

set global icmpredirects=enabled

set interface interface="Anslutning till lokalt n„tverk* 1" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled

set interface interface="Wi-Fi" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled

set interface interface="Anslutning till lokalt n„tverk* 2" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled

set interface interface="other_0" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled

set interface interface="VMware Network Adapter VMnet1" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled

set interface interface="VMware Network Adapter VMnet8" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled

set interface interface="VirtualBox Host-Only Network" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled

set interface interface="Ethernet 2" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled

set interface interface="Ethernet" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled

set interface interface="VPN - VPN Client" forwarding=enabled advertise=enabled metric=1 nud=enabled ignoredefaultroutes=disabled

set interface interface="Ethernet 3" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled

set interface interface="Ethernet 4" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled

set interface interface="Ethernet 5" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled

set interface interface="Ethernet 6" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled

add address name="VirtualBox Host-Only Network" address=192.168.56.1 mask=255.255.255.0

add address name="VMware Network Adapter VMnet1" address=192.168.75.1 mask=255.255.255.0

add address name="VMware Network Adapter VMnet8" address=192.168.93.1 mask=255.255.255.0

popd

# End of IPv4 configuration

Windows IP Configuration

Host Name . . . . . . . . . . . . : Farfar

Primary Dns Suffix . . . . . . . :

Node Type . . . . . . . . . . . . : Hybrid

IP Routing Enabled. . . . . . . . : No

WINS Proxy Enabled. . . . . . . . : No

Ethernet adapter Ethernet 6:

Media State . . . . . . . . . . . : Media disconnected

Connection-specific DNS Suffix . :

Description . . . . . . . . . . . : Windscribe VPN

Physical Address. . . . . . . . . : 00-FF-C9-88-89-51

DHCP Enabled. . . . . . . . . . . : Yes

Autoconfiguration Enabled . . . . : Yes

Ethernet adapter Ethernet 5:

Media State . . . . . . . . . . . : Media disconnected

Connection-specific DNS Suffix . :

Description . . . . . . . . . . . : TAP-Windows Adapter V9 #2

Physical Address. . . . . . . . . : 00-FF-93-81-A9-09

DHCP Enabled. . . . . . . . . . . : Yes

Autoconfiguration Enabled . . . . : Yes

Ethernet adapter Ethernet 4:

Media State . . . . . . . . . . . : Media disconnected

Connection-specific DNS Suffix . :

Description . . . . . . . . . . . : TAP-Windows Adapter V9

Physical Address. . . . . . . . . : 00-FF-A8-1E-CF-4D

DHCP Enabled. . . . . . . . . . . : Yes

Autoconfiguration Enabled . . . . : Yes

Ethernet adapter Ethernet 3:

Media State . . . . . . . . . . . : Media disconnected

Connection-specific DNS Suffix . :

Description . . . . . . . . . . . : TAP Adapter OAS NDIS 6.0

Physical Address. . . . . . . . . : 00-FF-69-9B-B5-72

DHCP Enabled. . . . . . . . . . . : Yes

Autoconfiguration Enabled . . . . : Yes

Ethernet adapter VPN - VPN Client:

Media State . . . . . . . . . . . : Media disconnected

Connection-specific DNS Suffix . :

Description . . . . . . . . . . . : VPN Client Adapter - VPN

Physical Address. . . . . . . . . : 00-AC-80-F9-6A-27

DHCP Enabled. . . . . . . . . . . : Yes

Autoconfiguration Enabled . . . . : Yes

Ethernet adapter Ethernet:

Media State . . . . . . . . . . . : Media disconnected

Connection-specific DNS Suffix . :

Description . . . . . . . . . . . : Realtek PCIe GBE Family Controller

Physical Address. . . . . . . . . : A0-D3-C1-47-E6-39

DHCP Enabled. . . . . . . . . . . : Yes

Autoconfiguration Enabled . . . . : Yes

Ethernet adapter Ethernet 2:

Media State . . . . . . . . . . . : Media disconnected

Connection-specific DNS Suffix . :

Description . . . . . . . . . . . : TAP-Windows Adapter V9 | NordVPN-9.21.2

Physical Address. . . . . . . . . : 00-FF-23-78-E2-A0

DHCP Enabled. . . . . . . . . . . : Yes

Autoconfiguration Enabled . . . . : Yes

Ethernet adapter Anslutning till lokalt n„tverk:

Media State . . . . . . . . . . . : Media disconnected

Connection-specific DNS Suffix . :

Description . . . . . . . . . . . : TAP-Win32 Adapter V9 for OpenVPN Accelerator

Physical Address. . . . . . . . . : 00-FF-EB-30-0C-49

DHCP Enabled. . . . . . . . . . . : Yes

Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Anslutning till lokalt n„tverk* 2:

Media State . . . . . . . . . . . : Media disconnected

Connection-specific DNS Suffix . :

Description . . . . . . . . . . . : Microsoft Wi-Fi Direct Virtual Adapter

Physical Address. . . . . . . . . : 12-10-B3-01-75-8B

DHCP Enabled. . . . . . . . . . . : Yes

Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wi-Fi:

Connection-specific DNS Suffix . :

Description . . . . . . . . . . . : [CommView] Atheros AR9485 Wireless Network Adapter

Physical Address. . . . . . . . . : 30-10-B3-01-75-8B

DHCP Enabled. . . . . . . . . . . : Yes

Autoconfiguration Enabled . . . . : Yes

IPv6 Address. . . . . . . . . . . : 2a00:801:250:d0c4:f87b:8679:d10f:f6d3(Preferred)

Temporary IPv6 Address. . . . . . : 2a00:801:250:d0c4:2955:9db3:8190:d2d2(Preferred)

Link-local IPv6 Address . . . . . : fe80::f87b:8679:d10f:f6d3%3(Preferred)

IPv4 Address. . . . . . . . . . . : 172.20.10.2(Preferred)

Subnet Mask . . . . . . . . . . . : 255.255.255.240

Lease Obtained. . . . . . . . . . : den 3 juli 2017 00:24:49

Lease Expires . . . . . . . . . . : den 4 juli 2017 00:10:26

Default Gateway . . . . . . . . . : fe80::31:99e6:3292:3c32%3

172.20.10.1

DHCP Server . . . . . . . . . . . : 172.20.10.1

DHCPv6 IAID . . . . . . . . . . . : 53481651

DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-1B-6E-11-85-A0-D3-C1-47-E6-39

DNS Servers . . . . . . . . . . . : fe80::31:99e6:3292:3c32%3

208.67.222.123

208.67.220.123

NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter VMware Network Adapter VMnet1:

Connection-specific DNS Suffix . :

Description . . . . . . . . . . . : VMware Virtual Ethernet Adapter for VMnet1

Physical Address. . . . . . . . . : 00-50-56-C0-00-01

DHCP Enabled. . . . . . . . . . . : No

Autoconfiguration Enabled . . . . : Yes

Link-local IPv6 Address . . . . . : fe80::c158:9f13:26a3:7150%10(Preferred)

IPv4 Address. . . . . . . . . . . : 192.168.75.1(Preferred)

Subnet Mask . . . . . . . . . . . : 255.255.255.0

Default Gateway . . . . . . . . . :

DHCPv6 IAID . . . . . . . . . . . : 620777558

DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-1B-6E-11-85-A0-D3-C1-47-E6-39

DNS Servers . . . . . . . . . . . : fec0:0:0:ffff::1%1

fec0:0:0:ffff::2%1

fec0:0:0:ffff::3%1

NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter VMware Network Adapter VMnet8:

Connection-specific DNS Suffix . :

Description . . . . . . . . . . . : VMware Virtual Ethernet Adapter for VMnet8

Physical Address. . . . . . . . . : 00-50-56-C0-00-08

DHCP Enabled. . . . . . . . . . . : No

Autoconfiguration Enabled . . . . : Yes

Link-local IPv6 Address . . . . . : fe80::54d3:c72e:cde:6149%11(Preferred)

IPv4 Address. . . . . . . . . . . : 192.168.93.1(Preferred)

Subnet Mask . . . . . . . . . . . : 255.255.255.0

Default Gateway . . . . . . . . . :

DHCPv6 IAID . . . . . . . . . . . : 637554774

DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-1B-6E-11-85-A0-D3-C1-47-E6-39

DNS Servers . . . . . . . . . . . : fec0:0:0:ffff::1%1

fec0:0:0:ffff::2%1

fec0:0:0:ffff::3%1

NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter VirtualBox Host-Only Network:

Connection-specific DNS Suffix . :

Description . . . . . . . . . . . : VirtualBox Host-Only Ethernet Adapter

Physical Address. . . . . . . . . : 0A-00-27-00-00-17

DHCP Enabled. . . . . . . . . . . : No

Autoconfiguration Enabled . . . . : Yes

Link-local IPv6 Address . . . . . : fe80::a9d1:628b:a92a:39d7%23(Preferred)

IPv4 Address. . . . . . . . . . . : 192.168.56.1(Preferred)

Subnet Mask . . . . . . . . . . . : 255.255.255.0

Default Gateway . . . . . . . . . :

DHCPv6 IAID . . . . . . . . . . . : 185204775

DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-1B-6E-11-85-A0-D3-C1-47-E6-39

DNS Servers . . . . . . . . . . . : fec0:0:0:ffff::1%1

fec0:0:0:ffff::2%1

fec0:0:0:ffff::3%1

NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.{EAB3369F-9F17-4368-8476-FBC06B61F297}:

Media State . . . . . . . . . . . : Media disconnected

Connection-specific DNS Suffix . :

Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2

Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0

DHCP Enabled. . . . . . . . . . . : No

Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

Connection-specific DNS Suffix . :

Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface

Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0

DHCP Enabled. . . . . . . . . . . : No

Autoconfiguration Enabled . . . . : Yes

IPv6 Address. . . . . . . . . . . : 2001:0:9d38:78cf:458:3d7c:53eb:f5fd(Preferred)

Link-local IPv6 Address . . . . . : fe80::458:3d7c:53eb:f5fd%6(Preferred)

Default Gateway . . . . . . . . . :

DHCPv6 IAID . . . . . . . . . . . : 335544320

DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-1B-6E-11-85-A0-D3-C1-47-E6-39

NetBIOS over Tcpip. . . . . . . . : Disabled

Tunnel adapter isatap.{669C7374-3C3A-4632-BB39-362B28A8548A}:

Media State . . . . . . . . . . . : Media disconnected

Connection-specific DNS Suffix . :

Description . . . . . . . . . . . : Microsoft ISATAP Adapter #3

Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0

DHCP Enabled. . . . . . . . . . . : No

Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{593F17AF-2544-460B-BD33-A260B9FDAFE1}:

Media State . . . . . . . . . . . : Media disconnected

Connection-specific DNS Suffix . :

Description . . . . . . . . . . . : Microsoft ISATAP Adapter #4

Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0

DHCP Enabled. . . . . . . . . . . : No

Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{A2A7AA1C-4F3C-454E-A032-FBADAD48F01F}:

Media State . . . . . . . . . . . : Media disconnected

Connection-specific DNS Suffix . :

Description . . . . . . . . . . . : Microsoft ISATAP Adapter #5

Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0

DHCP Enabled. . . . . . . . . . . : No

Autoconfiguration Enabled . . . . : Yes

DNS request timed out.

timeout was 2 seconds.

Server: UnKnown

Address: fe80::31:99e6:3292:3c32

Name: google.com

Addresses: 2a00:1450:400f:803::200e

172.217.22.174

Pinging google.com [2a00:1450:400f:803::200e] with 32 bytes of data:

Reply from 2a00:1450:400f:803::200e: time=45ms

Reply from 2a00:1450:400f:803::200e: time=44ms

Ping statistics for 2a00:1450:400f:803::200e:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 44ms, Maximum = 45ms, Average = 44ms

DNS request timed out.

timeout was 2 seconds.

Server: UnKnown

Address: fe80::31:99e6:3292:3c32

Name: yahoo.com

Addresses: 2001:4998:44:204::a7

2001:4998:c:a06::2:4008

2001:4998:58:c02::a9

98.138.253.109

98.139.180.149

206.190.36.45

Pinging yahoo.com [2001:4998:44:204::a7] with 32 bytes of data:

Reply from 2001:4998:44:204::a7: time=161ms

Reply from 2001:4998:44:204::a7: time=168ms

Ping statistics for 2001:4998:44:204::a7:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 161ms, Maximum = 168ms, Average = 164ms

Pinging 127.0.0.1 with 32 bytes of data:

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 0ms, Maximum = 0ms, Average = 0ms

===========================================================================

Interface List

31...00 ff c9 88 89 51 ......Windscribe VPN

29...00 ff 93 81 a9 09 ......TAP-Windows Adapter V9 #2

28...00 ff a8 1e cf 4d ......TAP-Windows Adapter V9

27...00 ff 69 9b b5 72 ......TAP Adapter OAS NDIS 6.0

26...00 ac 80 f9 6a 27 ......VPN Client Adapter - VPN

25...a0 d3 c1 47 e6 39 ......Realtek PCIe GBE Family Controller

24...00 ff 23 78 e2 a0 ......TAP-Windows Adapter V9 | NordVPN-9.21.2

22...00 ff eb 30 0c 49 ......TAP-Win32 Adapter V9 for OpenVPN Accelerator

4...12 10 b3 01 75 8b ......Microsoft Wi-Fi Direct Virtual Adapter

3...30 10 b3 01 75 8b ......[CommView] Atheros AR9485 Wireless Network Adapter

10...00 50 56 c0 00 01 ......VMware Virtual Ethernet Adapter for VMnet1

11...00 50 56 c0 00 08 ......VMware Virtual Ethernet Adapter for VMnet8

23...0a 00 27 00 00 17 ......VirtualBox Host-Only Ethernet Adapter

1...........................Software Loopback Interface 1

5...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2

6...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface

7...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #3

8...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #4

9...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #5

===========================================================================

IPv4 Route Table

===========================================================================

Active Routes:

Network Destination Netmask Gateway Interface Metric

0.0.0.0 0.0.0.0 172.20.10.1 172.20.10.2 25

127.0.0.0 255.0.0.0 On-link 127.0.0.1 306

127.0.0.1 255.255.255.255 On-link 127.0.0.1 306

127.255.255.255 255.255.255.255 On-link 127.0.0.1 306

172.20.10.0 255.255.255.240 On-link 172.20.10.2 281

172.20.10.2 255.255.255.255 On-link 172.20.10.2 281

172.20.10.15 255.255.255.255 On-link 172.20.10.2 281

192.168.56.0 255.255.255.0 On-link 192.168.56.1 266

192.168.56.1 255.255.255.255 On-link 192.168.56.1 266

192.168.56.255 255.255.255.255 On-link 192.168.56.1 266

192.168.75.0 255.255.255.0 On-link 192.168.75.1 276

192.168.75.1 255.255.255.255 On-link 192.168.75.1 276

192.168.75.255 255.255.255.255 On-link 192.168.75.1 276

192.168.93.0 255.255.255.0 On-link 192.168.93.1 276

192.168.93.1 255.255.255.255 On-link 192.168.93.1 276

192.168.93.255 255.255.255.255 On-link 192.168.93.1 276

224.0.0.0 240.0.0.0 On-link 127.0.0.1 306

224.0.0.0 240.0.0.0 On-link 192.168.56.1 266

224.0.0.0 240.0.0.0 On-link 192.168.75.1 276

224.0.0.0 240.0.0.0 On-link 192.168.93.1 276

224.0.0.0 240.0.0.0 On-link 172.20.10.2 281

255.255.255.255 255.255.255.255 On-link 127.0.0.1 306

255.255.255.255 255.255.255.255 On-link 192.168.56.1 266

255.255.255.255 255.255.255.255 On-link 192.168.75.1 276

255.255.255.255 255.255.255.255 On-link 192.168.93.1 276

255.255.255.255 255.255.255.255 On-link 172.20.10.2 281

===========================================================================

Persistent Routes:

None

IPv6 Route Table

===========================================================================

Active Routes:

If Metric Network Destination Gateway

3 281 ::/0 fe80::31:99e6:3292:3c32

1 306 ::1/128 On-link

6 306 2001::/32 On-link

6 306 2001:0:9d38:78cf:458:3d7c:53eb:f5fd/128

On-link

3 281 2a00:801:250:d0c4::/64 On-link

3 281 2a00:801:250:d0c4:2955:9db3:8190:d2d2/128

On-link

3 281 2a00:801:250:d0c4:f87b:8679:d10f:f6d3/128

On-link

23 266 fe80::/64 On-link

10 276 fe80::/64 On-link

11 276 fe80::/64 On-link

3 281 fe80::/64 On-link

6 306 fe80::/64 On-link

6 306 fe80::458:3d7c:53eb:f5fd/128

On-link

11 276 fe80::54d3:c72e:cde:6149/128

On-link

23 266 fe80::a9d1:628b:a92a:39d7/128

On-link

10 276 fe80::c158:9f13:26a3:7150/128

On-link

3 281 fe80::f87b:8679:d10f:f6d3/128

On-link

1 306 ff00::/8 On-link

23 266 ff00::/8 On-link

10 276 ff00::/8 On-link

11 276 ff00::/8 On-link

3 281 ff00::/8 On-link

6 306 ff00::/8 On-link

===========================================================================

Persistent Routes:

None

========================= Winsock entries =====================================

Catalog5 01 C:\windows\SysWOW64\napinsp.dll [55296] (Microsoft Corporation)

Catalog5 02 C:\windows\SysWOW64\pnrpnsp.dll [70144] (Microsoft Corporation)

Catalog5 03 C:\windows\SysWOW64\pnrpnsp.dll [70144] (Microsoft Corporation)

Catalog5 04 C:\windows\SysWOW64\NLAapi.dll [65536] (Microsoft Corporation)

Catalog5 05 C:\windows\SysWOW64\mswsock.dll [286208] (Microsoft Corporation)

Catalog5 06 C:\windows\SysWOW64\winrnr.dll [23040] (Microsoft Corporation)

Catalog9 01 C:\windows\SysWOW64\mswsock.dll [286208] (Microsoft Corporation)

Catalog9 02 C:\windows\SysWOW64\mswsock.dll [286208] (Microsoft Corporation)

Catalog9 03 C:\windows\SysWOW64\mswsock.dll [286208] (Microsoft Corporation)

Catalog9 04 C:\windows\SysWOW64\mswsock.dll [286208] (Microsoft Corporation)

Catalog9 05 C:\windows\SysWOW64\mswsock.dll [286208] (Microsoft Corporation)

Catalog9 06 C:\windows\SysWOW64\mswsock.dll [286208] (Microsoft Corporation)

Catalog9 07 C:\windows\SysWOW64\mswsock.dll [286208] (Microsoft Corporation)

Catalog9 08 C:\windows\SysWOW64\mswsock.dll [286208] (Microsoft Corporation)

Catalog9 09 C:\windows\SysWOW64\mswsock.dll [286208] (Microsoft Corporation)

Catalog9 10 C:\windows\SysWOW64\mswsock.dll [286208] (Microsoft Corporation)

Catalog9 11 C:\windows\SysWOW64\vsocklib.dll [64192] (VMware, Inc.)

Catalog9 12 C:\windows\SysWOW64\vsocklib.dll [64192] (VMware, Inc.)

x64-Catalog5 01 C:\Windows\System32\napinsp.dll [69120] (Microsoft Corporation)

x64-Catalog5 02 C:\Windows\System32\pnrpnsp.dll [88576] (Microsoft Corporation)

x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [88576] (Microsoft Corporation)

x64-Catalog5 04 C:\Windows\System32\NLAapi.dll [86016] (Microsoft Corporation)

x64-Catalog5 05 C:\Windows\System32\mswsock.dll [339456] (Microsoft Corporation)

x64-Catalog5 06 C:\Windows\System32\winrnr.dll [30720] (Microsoft Corporation)

x64-Catalog9 01 C:\Windows\System32\mswsock.dll [339456] (Microsoft Corporation)

x64-Catalog9 02 C:\Windows\System32\mswsock.dll [339456] (Microsoft Corporation)

x64-Catalog9 03 C:\Windows\System32\mswsock.dll [339456] (Microsoft Corporation)

x64-Catalog9 04 C:\Windows\System32\mswsock.dll [339456] (Microsoft Corporation)

x64-Catalog9 05 C:\Windows\System32\mswsock.dll [339456] (Microsoft Corporation)

x64-Catalog9 06 C:\Windows\System32\mswsock.dll [339456] (Microsoft Corporation)

x64-Catalog9 07 C:\Windows\System32\mswsock.dll [339456] (Microsoft Corporation)

x64-Catalog9 08 C:\Windows\System32\mswsock.dll [339456] (Microsoft Corporation)

x64-Catalog9 09 C:\Windows\System32\mswsock.dll [339456] (Microsoft Corporation)

x64-Catalog9 10 C:\Windows\System32\mswsock.dll [339456] (Microsoft Corporation)

x64-Catalog9 11 C:\Windows\System32\vsocklib.dll [68288] (VMware, Inc.)

x64-Catalog9 12 C:\Windows\System32\vsocklib.dll [68288] (VMware, Inc.)

========================= Event log errors: ===============================

Application errors:

==================

Error: (07/03/2017 12:24:31 AM) (Source: Windows Search Service) (User: )

Description: Det gick inte att hämta registerinfo om prestandaräknare för WSearchIdxPi för instansen på grund av följande fel: Åtgärden har slutförts. 0x0.

Error: (07/03/2017 12:24:31 AM) (Source: Windows Search Service) (User: )

Kontext: program , katalog SystemIndex

Error: (07/03/2017 12:24:30 AM) (Source: Windows Search Service) (User: )

Error: (07/03/2017 12:05:14 AM) (Source: SideBySide) (User: )

Description: Det gick inte att skapa aktiveringskontext för Microsoft.Windows.Common-Controls,language="*",processorArchitecture="arm",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1.

Den beroende sammansättningen Microsoft.Windows.Common-Controls,language="*",processorArchitecture="arm",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" kunde inte hittas.

Använd sxstrace.exe om du vill diagnostisera ytterligare.

Error: (07/02/2017 03:13:18 PM) (Source: Perflib) (User: )

Description: .NETFrameworkC:\windows\system32\mscoree.dll8

Error: (07/02/2017 12:56:14 AM) (Source: SideBySide) (User: )

Den beroende sammansättningen Microsoft.Windows.Common-Controls,language="*",processorArchitecture="arm",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" kunde inte hittas.

Använd sxstrace.exe om du vill diagnostisera ytterligare.

Error: (07/01/2017 10:01:49 PM) (Source: Windows Search Service) (User: )

Description: Det gick inte att hämta registerinfo om prestandaräknare för WSearchIdxPi för instansen på grund av följande fel: Åtgärden har slutförts. 0x0.

Error: (07/01/2017 10:01:46 PM) (Source: Windows Search Service) (User: )

Kontext: program , katalog SystemIndex

Error: (07/01/2017 10:01:43 PM) (Source: Windows Search Service) (User: )

Error: (07/01/2017 05:03:48 PM) (Source: Microsoft-Windows-LocationProvider) (User: NT instans)

Description: -2147024883

System errors:

=============

Error: (07/03/2017 12:24:13 AM) (Source: Service Control Manager) (User: )

Description: Tjänsten Origin Web Helper Service kunde inte startas på grund av följande fel:

%%1053 = Tjänsten svarade inte på start- eller kontrollbegäran i tid.

Error: (07/03/2017 12:24:13 AM) (Source: Service Control Manager) (User: )

Description: En timeout (30000 ms) inträffade vid väntan på att tjänsten Origin Web Helper Service skulle ansluta.

Error: (07/02/2017 08:12:04 PM) (Source: DCOM) (User: FARFAR)

Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}

Error: (07/02/2017 08:11:34 PM) (Source: DCOM) (User: FARFAR)

Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}

Error: (07/02/2017 03:13:18 PM) (Source: DCOM) (User: FARFAR)

Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}

Error: (07/02/2017 03:12:48 PM) (Source: DCOM) (User: FARFAR)

Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}

Error: (07/02/2017 04:29:34 AM) (Source: DCOM) (User: FARFAR)

Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}

Error: (07/02/2017 04:29:04 AM) (Source: DCOM) (User: FARFAR)

Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}

Error: (07/01/2017 10:01:17 PM) (Source: Service Control Manager) (User: )

Description: Tjänsten Origin Web Helper Service kunde inte startas på grund av följande fel:

%%1053 = Tjänsten svarade inte på start- eller kontrollbegäran i tid.

Error: (07/01/2017 10:01:17 PM) (Source: Service Control Manager) (User: )

Description: En timeout (30000 ms) inträffade vid väntan på att tjänsten Origin Web Helper Service skulle ansluta.

Microsoft Office Sessions:

=========================

Error: (07/03/2017 12:24:31 AM) (Source: Windows Search Service)(User: )

Description: WSearchIdxPiÅtgärden har slutförts. 0x0

Error: (07/03/2017 12:24:31 AM) (Source: Windows Search Service)(User: )

Description: Kontext: program , katalog SystemIndex

Error: (07/03/2017 12:24:30 AM) (Source: Windows Search Service)(User: )

Description:

Error: (07/03/2017 12:05:14 AM) (Source: SideBySide)(User: )

Description: Microsoft.Windows.Common-Controls,language="*",processorArchitecture="arm",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"C:\Program Files (x86)\Microsoft Visual Studio 14.0\VC\redist\1033\vcredist_arm.exe

Error: (07/02/2017 03:13:18 PM) (Source: Perflib)(User: )

Description: .NETFrameworkC:\windows\system32\mscoree.dll8

Error: (07/02/2017 12:56:14 AM) (Source: SideBySide)(User: )

Error: (07/01/2017 10:01:49 PM) (Source: Windows Search Service)(User: )

Description: WSearchIdxPiÅtgärden har slutförts. 0x0

Error: (07/01/2017 10:01:46 PM) (Source: Windows Search Service)(User: )

Description: Kontext: program , katalog SystemIndex

Error: (07/01/2017 10:01:43 PM) (Source: Windows Search Service)(User: )

Description:

Error: (07/01/2017 05:03:48 PM) (Source: Microsoft-Windows-LocationProvider)(User: NT instans)

Description: -2147024883

CodeIntegrity Errors:

===================================

Date: 2016-09-23 09:47:32.040

Date: 2016-09-15 06:32:06.690

Date: 2016-08-31 12:59:59.983

Date: 2016-08-25 16:22:58.116

Date: 2016-06-25 21:14:02.660

Date: 2016-06-25 21:06:34.882

Date: 2016-06-25 20:53:49.612

Date: 2016-06-25 20:43:13.006

Date: 2016-06-25 20:34:59.789

Date: 2016-06-25 17:46:47.624

=========================== Installed Programs ============================