Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Sen here by: RKinner, not infected. BSOD by aswMBR, computer CD-ROM wa


  • Please log in to reply

#1
Alduin

Alduin

    Banned

  • Banned
  • PipPip
  • 55 posts
Sen here by: RKinner, not infected. BSOD by aswMBR, computer CD-ROM was acting crazy.

 

Don't mind the IFEO debugger key and the Group Policy changes on google chrome and proxy changes if you ever see..., I'm not looking for any removal i want to know what caused this.

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 29-06-2017
Ran by elgiganten-demo (administrator) on FARFAR (02-07-2017 14:31:24)
Running from C:\Users\elgiganten-demo\Downloads
Loaded Profiles: elgiganten-demo (Available Profiles: elgiganten-demo)
Platform: Windows 8.1 (Update) (X64) Language: Svenska (Sverige)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe
() C:\Program Files (x86)\NordVPN\nordvpn-service.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(SoftEther VPN Project at University of Tsukuba, Japan.) C:\Program Files\SoftEther VPN Client\vpnclient_x64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(MSI) C:\Windows\SysWOW64\muachost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Nota Inc.) C:\Program Files (x86)\Gyazo\GyStation.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Cooler Master) C:\Program Files (x86)\Cooler Master\MasterKeys Pro L With intelligent RGB\Masterkeys pro L RGB HID.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Farbar) C:\Users\elgiganten-demo\Downloads\FRST64 (1).exe
 
==================== Registry (Whitelisted) ====================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [ShadowPlay] => "C:\windows\system32\rundll32.exe" C:\windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [MasterKeys Pro L] => C:\Program Files (x86)\Cooler Master\MasterKeys Pro L With intelligent RGB\MasterKeys Pro L RGB HID.exe [1970176 2016-05-31] (Cooler Master)
HKU\S-1-5-21-3593711402-1704135711-2489708331-1001\...\Run: [Gyazo] => C:\Program Files (x86)\Gyazo\GyStation.exe [5077792 2017-05-16] (Nota Inc.)
HKU\S-1-5-21-3593711402-1704135711-2489708331-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3042592 2017-06-08] (Valve Corporation)
IFEO\mbam.exe: [Debugger] mbam.exe
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-10-25] ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-10-25] ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-10-25] ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AutorunsDisabled [2017-03-18] ()
AlternateShell: 
GroupPolicy: Restriction <==== ATTENTION
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
ProxyServer: [S-1-5-21-3593711402-1704135711-2489708331-1001] => 47.89.51.239:8088
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\..\Interfaces\{2378E2A0-33C5-4993-AA17-DEF6418DA6C2}: [DhcpNameServer] 78.46.223.24 162.242.211.137
Tcpip\..\Interfaces\{593F17AF-2544-460B-BD33-A260B9FDAFE1}: [NameServer] 208.67.222.123,208.67.220.123
Tcpip\..\Interfaces\{593F17AF-2544-460B-BD33-A260B9FDAFE1}: [DhcpNameServer] 172.20.10.1
Tcpip\..\Interfaces\{9381A909-72B3-4D8E-B0B9-90BFB79510B6}: [DhcpNameServer] 78.46.223.24 162.242.211.137
Tcpip\..\Interfaces\{A81ECF4D-B7A5-4931-87DA-12131228653C}: [DhcpNameServer] 78.46.223.24 162.242.211.137
Tcpip\..\Interfaces\{ABBEFDB3-7314-4A02-90F5-1B9EFDD648B2}: [NameServer] 8.8.4.4,4.4.8.8
Tcpip\..\Interfaces\{ABBEFDB3-7314-4A02-90F5-1B9EFDD648B2}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{C9888951-F004-486F-B35F-D12AFEE5C51B}: [DhcpNameServer] 10.110.114.1
Tcpip\..\Interfaces\{EB300C49-589E-44DB-A9EC-9A7413DD426E}: [DhcpNameServer] 68.168.114.253 8.8.8.8
 
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.uk.msn.com/HPCON14/33
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.uk.msn.com/HPCON14/33
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPCON14/33
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPCON14/33
HKU\S-1-5-21-3593711402-1704135711-2489708331-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.uk.msn.com/HPCON14/33
HKU\S-1-5-21-3593711402-1704135711-2489708331-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPCON14/33
SearchScopes: HKLM -> {8D09011F-FE7A-48B8-9A19-8C469A7010F8} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie=UTF-8&tag=hp-uk3-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM-x32 -> {8D09011F-FE7A-48B8-9A19-8C469A7010F8} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie=UTF-8&tag=hp-uk3-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKU\S-1-5-21-3593711402-1704135711-2489708331-1001 -> {8D09011F-FE7A-48B8-9A19-8C469A7010F8} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie=UTF-8&tag=hp-uk3-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_60\bin\ssv.dll [2015-08-27] (Oracle Corporation)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_60\bin\jp2ssv.dll [2015-08-27] (Oracle Corporation)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2013-08-28] (Hewlett-Packard)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2013-08-28] (Hewlett-Packard)
 
FireFox:
========
FF ProfilePath: C:\Users\elgiganten-demo\AppData\Roaming\Mozilla\Firefox\Profiles\ta0AUfZF.default [2017-05-26]
FF NetworkProxy: Mozilla\Firefox\Profiles\ta0AUfZF.default -> http_port", 53059
FF NetworkProxy: Mozilla\Firefox\Profiles\ta0AUfZF.default -> socks", "85.192.220.168"
FF NetworkProxy: Mozilla\Firefox\Profiles\ta0AUfZF.default -> socks_port", 53059
FF NetworkProxy: Mozilla\Firefox\Profiles\ta0AUfZF.default -> type", 0
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_17_0_0_188.dll [2015-05-30] ()
FF Plugin: @java.com/DTPlugin,version=11.60.2 -> C:\Program Files\Java\jre1.8.0_60\bin\dtplugin\npDeployJava1.dll [2015-08-27] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.60.2 -> C:\Program Files\Java\jre1.8.0_60\bin\plugin2\npjp2.dll [2015-08-27] (Oracle Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2017-03-27] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_188.dll [2015-05-30] ()
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 -> C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll [2011-11-03] (ESN Social Software AB)
FF Plugin-x32: @esn/esnlaunch,version=2.3.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll [2013-09-16] (ESN Social Software AB)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2017-05-18] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2017-05-18] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2017-03-27] (Adobe Systems)
 
Chrome: 
=======
CHR DefaultProfile: Default
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR Profile: C:\Users\elgiganten-demo\AppData\Local\Google\Chrome\User Data\Default [2017-07-02]
CHR Extension: (Google Presentationer) - C:\Users\elgiganten-demo\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-04-17]
CHR Extension: (Google Dokument) - C:\Users\elgiganten-demo\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-04-17]
CHR Extension: (Google Drive) - C:\Users\elgiganten-demo\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-21]
CHR Extension: (WOT: Web of Trust, Website Reputation Ratings) - C:\Users\elgiganten-demo\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp [2017-03-01]
CHR Extension: (YouTube) - C:\Users\elgiganten-demo\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-25]
CHR Extension: (Google Search) - C:\Users\elgiganten-demo\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-28]
CHR Extension: (Tampermonkey) - C:\Users\elgiganten-demo\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2017-05-31]
CHR Extension: (Google Kalkylark) - C:\Users\elgiganten-demo\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-04-17]
CHR Extension: (EditThisCookie) - C:\Users\elgiganten-demo\AppData\Local\Google\Chrome\User Data\Default\Extensions\fngmhnnpilhplaeedifhccceomclgfbg [2017-06-26]
CHR Extension: (Hacker Vision) - C:\Users\elgiganten-demo\AppData\Local\Google\Chrome\User Data\Default\Extensions\fommidcneendjonelhhhkmoekeicedej [2017-01-03]
CHR Extension: (HTTPS Everywhere) - C:\Users\elgiganten-demo\AppData\Local\Google\Chrome\User Data\Default\Extensions\gcbommkclmclpchllfjekcdonpmejbdp [2017-06-21]
CHR Extension: (Google Dokument Offline) - C:\Users\elgiganten-demo\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-15]
CHR Extension: (AdBlock) - C:\Users\elgiganten-demo\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2017-06-27]
CHR Extension: (Grammarly for Chrome) - C:\Users\elgiganten-demo\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbfnbcaeplbcioakkpcpgfkobkghlhen [2017-06-28]
CHR Extension: (Malware Search) - C:\Users\elgiganten-demo\AppData\Local\Google\Chrome\User Data\Default\Extensions\kgleioieeffejophokeklefchfglgmnk [2015-05-09]
CHR Extension: (DotVPN — a better way to VPN) - C:\Users\elgiganten-demo\AppData\Local\Google\Chrome\User Data\Default\Extensions\kpiecbcckbofpmkkkdibbllpinceiihk [2017-05-29]
CHR Extension: (Betalning via Chrome Web Store) - C:\Users\elgiganten-demo\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-03-09]
CHR Extension: (Talkz) - C:\Users\elgiganten-demo\AppData\Local\Google\Chrome\User Data\Default\Extensions\nncdmicfhjggfogddpjjpdlhfaaaglno [2016-12-13]
CHR Extension: (Blue Space Sunset Chrome Theme) - C:\Users\elgiganten-demo\AppData\Local\Google\Chrome\User Data\Default\Extensions\nndfdjfoclbidmgpmbelcieibgjjfdog [2016-01-21]
CHR Extension: (Gmail) - C:\Users\elgiganten-demo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-17]
CHR Extension: (Chrome Media Router) - C:\Users\elgiganten-demo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-06-21]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
 
==================== Services (Whitelisted) ====================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [771672 2017-03-14] (Adobe Systems Incorporated)
S4 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2227312 2017-02-27] (Adobe Systems, Incorporated)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1536520 2017-05-09] ()
S4 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [437784 2016-04-11] (BlueStack Systems, Inc.)
S4 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [417304 2016-04-11] (BlueStack Systems, Inc.)
S4 BstHdPlusAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Plus-Service.exe [433688 2016-04-11] (BlueStack Systems, Inc.)
S4 BstHdUpdaterSvc; C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe [921112 2016-04-11] (BlueStack Systems, Inc.)
S4 DirMngr; C:\Program Files (x86)\GNU\GnuPG\dirmngr.exe [216576 2016-08-18] () [File not signed]
S4 EasyAntiCheat; C:\windows\SysWOW64\EasyAntiCheat.exe [237864 2015-04-23] (EasyAntiCheat Ltd)
S4 ExpressCache; C:\Program Files\Condusiv Technologies\ExpressCache\ExpressCache.exe [828656 2013-11-18] (Condusiv Technologies)
S3 fussvc; C:\Program Files (x86)\Windows Kits\8.1\App Certification Kit\fussvc.exe [142336 2014-02-20] (Microsoft Corporation) [File not signed]
S4 GamingApp_Service; C:\Program Files (x86)\MSI\MSI Gaming APP\GamingApp_Service.exe [36008 2016-01-09] (Micro-Star Int'l Co., Ltd.)
S4 GamingHotkey_Service; C:\Program Files (x86)\MSI\MSI Gaming APP\GamingHotkey_Service.exe [2019792 2016-01-09] (Micro-Star INT'L CO., LTD.)
S4 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [92160 2014-01-13] (Hewlett-Packard Company) [File not signed]
R2 LogiRegistryService; C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe [193656 2016-02-18] (Logitech Inc.)
S4 MSI_LiveUpdate_Service; C:\Program Files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe [1779664 2016-01-09] (Micro-Star INT'L CO., LTD.)
R2 nordvpn-service; C:\Program Files (x86)\NordVPN\nordvpn-service.exe [411312 2017-03-02] ()
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [495224 2017-05-03] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [495224 2017-05-03] (NVIDIA Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [462968 2017-05-18] (NVIDIA Corporation)
R2 NvTelemetryContainer; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [449984 2017-05-18] (NVIDIA Corporation)
S4 omniserv; C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe [88064 2014-02-07] (Softex Inc.) [File not signed]
S4 OpenVPNAccessClient; C:\Program Files (x86)\OpenVPN Technologies\OpenVPN Client\core\capiws.exe [24064 2014-06-05] () [File not signed]
S4 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2147216 2017-05-06] (Electronic Arts)
S2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3116440 2017-05-06] (Electronic Arts)
S4 PAExec; C:\windows\PAExec.exe [189112 2016-01-19] (Power Admin LLC)
S4 PnkBstrA; C:\windows\system32\PnkBstrA.exe [76152 2016-01-25] ()
S4 PnkBstrA; C:\windows\SysWOW64\PnkBstrA.exe [76888 2016-01-25] ()
S4 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [118520 2015-07-19] (Riverbed Technology, Inc.)
S4 SbieSvc; C:\Program Files\Sandboxie\SbieSvc.exe [197264 2016-06-15] (Sandboxie Holdings, LLC)
R2 SEVPNCLIENT; C:\Program Files\SoftEther VPN Client\vpnclient_x64.exe [5248456 2017-01-06] (SoftEther VPN Project at University of Tsukuba, Japan.)
S4 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [340480 2014-01-07] (IDT, Inc.) [File not signed]
S3 Te.Service; C:\Program Files (x86)\Windows Kits\8.1\Testing\Runtimes\TAEF\Wex.Services.exe [119808 2013-08-22] (Microsoft Corporation) [File not signed]
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [10884848 2017-05-23] (TeamViewer GmbH)
S4 vncserver; C:\Program Files\RealVNC\VNC Server\vncserver.exe [5663824 2016-06-06] (RealVNC Ltd)
S3 VSStandardCollectorService140; C:\Program Files (x86)\Microsoft Visual Studio 14.0\Team Tools\DiagnosticsHub\Collector\StandardCollector.Service.exe [52968 2015-08-04] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [361824 2017-01-12] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [119872 2017-01-12] (Microsoft Corporation)
S4 WindscribeService; C:\Program Files (x86)\Windscribe\WindscribeService.exe [71272 2017-05-09] (Windscribe Limited)
S4 0242891429271669mcinstcleanup; C:\Users\ELGIGA~1\AppData\Local\Temp\024289~1.EXE -cleanup -nolog [X] <==== ATTENTION
 
===================== Drivers (Whitelisted) ======================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S3 athr; C:\windows\system32\DRIVERS\athwbx.sys [4265984 2015-08-26] (Qualcomm Atheros Communications, Inc.)
R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [154680 2016-04-11] (BlueStack Systems)
R2 BstkDrv; C:\Program Files (x86)\BlueStacks\BstkDrv.sys [270904 2016-04-06] (Bluestack System Inc. )
R1 CLVirtualDrive; C:\windows\system32\DRIVERS\CLVirtualDrive.sys [91912 2013-11-12] (CyberLink)
S3 CM_VENDER_CMD; C:\Program Files\Common Files\Logitech\G430Install\CMVC64.sys [17104 2014-07-31] (Windows ® Win 7 DDK provider)
S3 cpuz137; C:\Program Files (x86)\CPUID\PC Wizard 2013\pcwiz_x64.sys [26856 2016-01-09] (CPUID)
S3 CV2K1; C:\windows\system32\DRIVERS\cv2k1.sys [32616 2016-08-02] (TamoSoft Limited)
R1 excfs; C:\windows\System32\DRIVERS\excfs.sys [25840 2013-11-18] (Condusiv Technologies)
R0 excsd; C:\windows\System32\DRIVERS\excsd.sys [117488 2013-11-18] (Condusiv Technologies)
R3 I2cHkBurn; C:\windows\system32\drivers\I2cHkBurn.sys [41760 2016-01-09] (FINTEK Corp.)
S3 ladfGSS; C:\windows\system32\drivers\ladfGSS.sys [45200 2016-02-16] (Logitech Inc.)
R2 LGCoreTemp; C:\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\lgcoretemp.sys [14184 2015-06-21] (Logitech)
R3 LGJoyXlCore; C:\windows\system32\drivers\LGJoyXlCore.sys [68384 2015-06-11] (Logitech Inc.)
R2 mi2c; C:\windows\system32\drivers\mi2c.sys [20784 2015-05-12] (Nicomsoft Ltd.)
R3 Neo_VPN; C:\windows\system32\DRIVERS\Neo_VPN.sys [38432 2017-01-06] (SoftEther Corporation)
R2 NPF; C:\windows\System32\drivers\npf.sys [36600 2013-03-01] (Riverbed Technology, Inc.)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30328 2017-05-03] (NVIDIA Corporation)
R3 NVVADARM; C:\windows\system32\drivers\nvvadarm.sys [46200 2017-05-18] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\windows\system32\drivers\nvvad64v.sys [48248 2017-05-03] (NVIDIA Corporation)
R3 nvvhci; C:\windows\System32\drivers\nvvhci.sys [57792 2017-01-20] (NVIDIA Corporation)
S3 RTCore64; C:\Program Files (x86)\MSI Afterburner\RTCore64.sys [13512 2015-12-09] ()
S3 RtlWlanu; C:\windows\system32\DRIVERS\rtwlanu.sys [1975000 2013-07-31] (Realtek Semiconductor Corporation                           )
S3 SbieDrv; C:\Program Files\Sandboxie\SbieDrv.sys [204944 2016-06-15] (Sandboxie Holdings, LLC)
R1 SeLow; C:\windows\system32\DRIVERS\SeLow_x64.sys [51232 2017-01-06] (SoftEther Corporation)
R3 SensorsSimulatorDriver; C:\windows\system32\DRIVERS\WUDFRd.sys [226304 2014-10-29] (Microsoft Corporation)
R3 tap0901_openvpn_accl; C:\windows\system32\DRIVERS\tap0901_openvpn_accl.sys [37912 2016-07-11] (The OpenVPN Project)
R3 tapnord; C:\windows\system32\DRIVERS\tapnord.sys [35376 2016-10-13] (The OpenVPN Project)
R3 tapoas; C:\windows\system32\DRIVERS\tapoas.sys [26624 2014-05-08] (The OpenVPN Project)
R3 tapwindscribe0901; C:\windows\system32\DRIVERS\tapwindscribe0901.sys [45560 2017-04-21] (The OpenVPN Project)
U3 TrueSight; C:\Windows\System32\drivers\TrueSight.sys [35064 2015-07-29] ()
R1 TSCOMM; C:\windows\system32\DRIVERS\tscomm8.sys [40808 2016-08-03] (TamoSoft)
S3 TsVlb; C:\windows\system32\DRIVERS\tsvlb.sys [33128 2016-08-03] (TamoSoft)
R1 TsVp; C:\windows\system32\DRIVERS\tsvp.sys [37224 2016-08-03] (TamoSoft)
R3 TS_ARN5416; C:\windows\system32\DRIVERS\ts_athrx.sys [3508584 2016-08-03] (TamoSoft)
R1 VBoxNetAdp; C:\windows\system32\DRIVERS\VBoxNetAdp6.sys [121248 2016-08-16] (Oracle Corporation)
R1 VBoxNetLwf; C:\windows\system32\DRIVERS\VBoxNetLwf.sys [195936 2016-08-16] (Oracle Corporation)
R3 VCSVADHWSer; C:\windows\system32\DRIVERS\vcsvad.sys [29320 2015-10-01] (AVSOFT Corp.)
R3 voxaldriver; C:\windows\system32\DRIVERS\voxaldriverx64.sys [43472 2016-12-13] ()
R0 vsock; C:\windows\System32\drivers\vsock.sys [76480 2015-01-07] (VMware, Inc.)
S3 WdBoot; C:\windows\system32\drivers\WdBoot.sys [46600 2017-02-10] (Microsoft Corporation)
S3 WdFilter; C:\windows\system32\drivers\WdFilter.sys [274776 2017-01-12] (Microsoft Corporation)
S3 WdNisDrv; C:\windows\System32\Drivers\WdNisDrv.sys [117592 2017-01-12] (Microsoft Corporation)
S3 cpuz138; \??\C:\Users\ELGIGA~1\AppData\Local\Temp\cpuz138\cpuz138_x64.sys [X] <==== ATTENTION
S3 MSICDSetup; \??\E:\CDriver64.sys [X]
S3 NTIOLib_1_0_C; \??\E:\NTIOLib_X64.sys [X]
S3 VBoxNetFlt; \SystemRoot\system32\DRIVERS\VBoxNetFlt.sys [X]
U3 aswMBR; \??\C:\Users\ELGIGA~1\AppData\Local\Temp\aswMBR.sys [X] <==== ATTENTION
U3 aswVmm; \??\C:\Users\ELGIGA~1\AppData\Local\Temp\aswVmm.sys [X] <==== ATTENTION
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2017-07-02 14:31 - 2017-07-02 14:31 - 02440704 _____ (Farbar) C:\Users\elgiganten-demo\Downloads\FRST64 (1).exe
2017-07-01 22:44 - 2017-07-01 22:44 - 00002089 _____ C:\Users\elgiganten-demo\Desktop\aswMBR.txt
2017-07-01 22:44 - 2017-07-01 22:44 - 00000512 _____ C:\Users\elgiganten-demo\Desktop\MBR.dat
2017-07-01 22:32 - 2017-07-01 22:32 - 00011100 _____ C:\Users\elgiganten-demo\Downloads\Fixlog (2).txt
2017-07-01 22:25 - 2017-07-01 22:25 - 00067310 _____ C:\Users\elgiganten-demo\Downloads\bluescreenview (1).zip
2017-07-01 22:25 - 2017-07-01 22:25 - 00001579 _____ C:\Users\elgiganten-demo\Downloads\bluescreenview_swedish (1).zip
2017-07-01 22:00 - 2017-07-01 22:00 - 1286211872 _____ C:\windows\MEMORY.DMP
2017-07-01 22:00 - 2017-07-01 22:00 - 00412112 _____ C:\windows\Minidump\070117-38640-01.dmp
2017-07-01 21:22 - 2017-07-01 21:22 - 02530656 _____ C:\Users\elgiganten-demo\Downloads\1498862046178.webm
2017-07-01 21:22 - 2017-07-01 21:22 - 02530656 _____ C:\Users\elgiganten-demo\Downloads\1498862046178 (1).webm
2017-07-01 20:22 - 2017-07-01 20:22 - 05198336 _____ (AVAST Software) C:\Users\elgiganten-demo\Downloads\aswMBR.exe
2017-07-01 19:21 - 2017-07-01 19:21 - 00000020 _____ C:\Users\elgiganten-demo\Desktop\olle.txt
2017-07-01 16:43 - 2017-07-01 16:43 - 00501210 _____ C:\Users\elgiganten-demo\Desktop\procexp.exe.7648.dmp
2017-07-01 16:43 - 2017-07-01 16:43 - 00000000 ____D C:\Users\elgiganten-demo\AppData\Roaming\Mael
2017-07-01 16:40 - 2017-07-01 16:40 - 00000864 _____ C:\Users\Public\Desktop\HxD.lnk
2017-07-01 16:40 - 2017-07-01 16:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HxD Hex Editor
2017-07-01 16:40 - 2017-07-01 16:40 - 00000000 ____D C:\Program Files (x86)\HxD
2017-07-01 16:38 - 2017-07-01 16:38 - 00872029 _____ C:\Users\elgiganten-demo\Downloads\HxDSetupEN.zip
2017-07-01 16:32 - 2017-07-01 16:33 - 00412130 _____ C:\Users\elgiganten-demo\Downloads\20120025.pdf
2017-07-01 00:01 - 2017-07-01 00:01 - 00000284 _____ C:\Users\elgiganten-demo\Downloads\fixlist (9).txt
2017-06-30 23:46 - 2017-06-30 23:46 - 00000400 _____ C:\Users\elgiganten-demo\Downloads\fixlist (8).txt
2017-06-30 23:26 - 2017-06-30 23:26 - 00049832 _____ C:\Users\elgiganten-demo\Downloads\FRST (1).txt
2017-06-30 23:06 - 2017-06-30 23:06 - 00019230 _____ C:\Users\elgiganten-demo\Downloads\Fixlog (1).txt
2017-06-30 22:27 - 2017-06-30 22:27 - 00002614 _____ C:\Users\elgiganten-demo\Downloads\Rkill.txt
2017-06-30 22:25 - 2017-06-30 22:25 - 00001199 _____ C:\Users\elgiganten-demo\Downloads\fixlist (7).txt
2017-06-30 22:13 - 2017-06-30 22:17 - 00002374 _____ C:\Users\elgiganten-demo\Desktop\Rkill.txt
2017-06-30 22:13 - 2017-06-30 22:13 - 02030536 _____ (Bleeping Computer, LLC) C:\Users\elgiganten-demo\Downloads\rkill.exe
2017-06-30 22:13 - 2017-06-30 22:13 - 01106888 _____ (Bleeping Computer, LLC) C:\Users\elgiganten-demo\Downloads\rkill64.exe
2017-06-30 20:52 - 2017-06-30 20:52 - 00000394 _____ C:\Users\elgiganten-demo\Desktop\fixlist2.txt
2017-06-30 13:33 - 2017-06-30 13:33 - 00038792 _____ (Microsoft Corporation) C:\Users\elgiganten-demo\Downloads\svchost.exe
2017-06-30 11:27 - 2017-06-30 11:27 - 00012218 _____ C:\Users\elgiganten-demo\Downloads\fixlist (6).txt
2017-06-30 10:27 - 2017-06-30 10:27 - 00002216 _____ C:\Users\elgiganten-demo\Downloads\fixlist (5).txt
2017-06-29 14:50 - 2017-06-29 14:50 - 00001128 _____ C:\Users\elgiganten-demo\Downloads\fixlist (4).txt
2017-06-29 02:58 - 2017-04-21 23:53 - 00029376 _____ (Microsoft Corporation) C:\windows\SysWOW64\aspnet_counters.dll
2017-06-29 02:58 - 2017-04-21 23:53 - 00018600 _____ (Microsoft Corporation) C:\windows\SysWOW64\msvcr100_clr0400.dll
2017-06-29 02:58 - 2017-04-21 23:50 - 00030912 _____ (Microsoft Corporation) C:\windows\system32\aspnet_counters.dll
2017-06-29 02:58 - 2017-04-21 23:50 - 00018592 _____ (Microsoft Corporation) C:\windows\system32\msvcr100_clr0400.dll
2017-06-29 02:58 - 2017-04-11 20:27 - 00987840 _____ (Microsoft Corporation) C:\windows\SysWOW64\msvcr120_clr0400.dll
2017-06-29 02:58 - 2017-04-11 20:27 - 00485576 _____ (Microsoft Corporation) C:\windows\SysWOW64\msvcp120_clr0400.dll
2017-06-29 02:58 - 2017-03-15 20:15 - 00993632 _____ (Microsoft Corporation) C:\windows\system32\msvcr120_clr0400.dll
2017-06-29 02:58 - 2017-03-15 20:15 - 00690008 _____ (Microsoft Corporation) C:\windows\system32\msvcp120_clr0400.dll
2017-06-27 20:36 - 2017-06-27 20:36 - 01536119 _____ C:\Users\elgiganten-demo\Downloads\1498574158450.webm
2017-06-27 18:19 - 2017-06-27 18:19 - 11014728 _____ C:\Users\elgiganten-demo\Downloads\RogueKillerCMD_portable64 (1).exe
2017-06-27 18:18 - 2017-06-27 18:18 - 11014728 _____ C:\Users\elgiganten-demo\Downloads\RogueKillerCMD_portable64.exe
2017-06-27 12:55 - 2017-07-02 14:32 - 00025224 _____ C:\Users\elgiganten-demo\Downloads\FRST.txt
2017-06-26 14:45 - 2017-06-26 18:48 - 00250556 _____ C:\TDSSKiller.3.1.0.15_26.06.2017_14.45.19_log.txt
2017-06-26 14:45 - 2017-06-26 14:45 - 04922400 _____ (AO Kaspersky Lab) C:\Users\elgiganten-demo\Downloads\tdsskiller.exe
2017-06-26 14:20 - 2017-06-27 13:54 - 00002734 _____ C:\Users\elgiganten-demo\Desktop\fixlist.txt
2017-06-26 03:26 - 2017-06-26 03:27 - 00000000 ____D C:\ProgramData\RogueKillerPE
2017-06-26 01:35 - 2017-07-01 22:15 - 00126291 _____ C:\Users\elgiganten-demo\Downloads\Addition.txt
2017-06-24 07:52 - 2017-06-24 07:52 - 00000408 _____ C:\Users\elgiganten-demo\Downloads\fixlist (3).txt
2017-06-23 13:19 - 2017-06-23 13:19 - 00009317 _____ C:\Users\elgiganten-demo\Downloads\Fixlog.txt
2017-06-22 03:10 - 2017-06-22 03:10 - 00021824 _____ C:\Users\elgiganten-demo\Downloads\fixlist (2).txt
2017-06-21 20:45 - 2017-06-21 20:45 - 00005508 _____ C:\Users\elgiganten-demo\Downloads\fixlist (1).txt
2017-06-21 18:56 - 2017-06-21 18:56 - 00000514 _____ C:\Users\elgiganten-demo\Downloads\fixlist.txt
2017-06-21 17:58 - 2017-06-21 17:58 - 00005111 _____ C:\Users\elgiganten-demo\Downloads\20869359234641705.html
2017-06-20 19:20 - 2017-07-01 22:12 - 00000000 ____D C:\Users\elgiganten-demo\Downloads\FRST-OlderVersion
2017-06-20 18:35 - 2017-06-20 18:35 - 01130328 _____ (Google Inc.) C:\Users\elgiganten-demo\Downloads\ChromeSetup.exe
2017-06-18 15:21 - 2017-06-18 15:21 - 00000000 ____D C:\Users\elgiganten-demo\Documents\Lmao
2017-06-18 15:20 - 2017-06-18 15:20 - 00000000 ____D C:\Users\elgiganten-demo\Desktop\Lmao
2017-06-18 08:15 - 2017-06-18 08:15 - 00197480 _____ C:\Users\elgiganten-demo\Downloads\Extras.Txt
2017-06-18 08:14 - 2017-06-18 08:14 - 00426730 _____ C:\Users\elgiganten-demo\Downloads\OTL.Txt
2017-06-18 08:09 - 2017-07-01 22:12 - 02440704 _____ (Farbar) C:\Users\elgiganten-demo\Downloads\FRST64.exe
2017-06-18 07:56 - 2017-06-18 07:56 - 00602112 _____ (OldTimer Tools) C:\Users\elgiganten-demo\Downloads\OTL.exe
2017-06-17 04:25 - 2017-06-17 04:25 - 00000492 _____ C:\Users\elgiganten-demo\Desktop\imp2.txt
2017-06-15 14:54 - 2017-06-15 14:54 - 00238840 _____ C:\Users\elgiganten-demo\Downloads\watch (2).htm
2017-06-14 05:10 - 2017-06-02 14:15 - 00337408 _____ (Microsoft Corporation) C:\windows\system32\SearchProtocolHost.exe
2017-06-14 05:10 - 2017-06-02 14:12 - 00468992 _____ (Microsoft Corporation) C:\windows\system32\mssph.dll
2017-06-14 05:10 - 2017-06-02 14:12 - 00248832 _____ (Microsoft Corporation) C:\windows\system32\mssphtb.dll
2017-06-14 05:10 - 2017-06-02 14:06 - 01001984 _____ (Microsoft Corporation) C:\windows\HelpPane.exe
2017-06-14 05:10 - 2017-06-02 14:01 - 00774144 _____ (Microsoft Corporation) C:\windows\system32\mssvp.dll
2017-06-14 05:10 - 2017-06-02 13:30 - 03635200 _____ (Microsoft Corporation) C:\windows\system32\tquery.dll
2017-06-14 05:10 - 2017-06-02 13:03 - 00903168 _____ (Microsoft Corporation) C:\windows\system32\SearchIndexer.exe
2017-06-14 05:10 - 2017-06-02 12:58 - 02551808 _____ (Microsoft Corporation) C:\windows\system32\mssrch.dll
2017-06-14 05:10 - 2017-06-02 12:25 - 00272896 _____ (Microsoft Corporation) C:\windows\SysWOW64\SearchProtocolHost.exe
2017-06-14 05:10 - 2017-06-02 12:24 - 00391680 _____ (Microsoft Corporation) C:\windows\SysWOW64\mssph.dll
2017-06-14 05:10 - 2017-06-02 12:17 - 00699392 _____ (Microsoft Corporation) C:\windows\SysWOW64\mssvp.dll
2017-06-14 05:10 - 2017-06-02 12:02 - 02751488 _____ (Microsoft Corporation) C:\windows\SysWOW64\tquery.dll
2017-06-14 05:10 - 2017-06-02 11:43 - 01920000 _____ (Microsoft Corporation) C:\windows\SysWOW64\mssrch.dll
2017-06-14 05:10 - 2017-06-02 11:43 - 00710144 _____ (Microsoft Corporation) C:\windows\SysWOW64\SearchIndexer.exe
2017-06-14 05:10 - 2017-05-15 21:58 - 00121184 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tm.sys
2017-06-14 05:10 - 2017-05-14 22:44 - 04170240 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2017-06-14 05:10 - 2017-05-14 22:42 - 00107520 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tdx.sys
2017-06-14 05:10 - 2017-05-14 22:26 - 00576512 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2017-06-14 05:10 - 2017-05-14 22:19 - 25738752 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2017-06-14 05:10 - 2017-05-14 22:19 - 01364040 _____ (Microsoft Corporation) C:\windows\system32\gdi32.dll
2017-06-14 05:10 - 2017-05-14 22:10 - 00817664 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2017-06-14 05:10 - 2017-05-14 21:55 - 05975040 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2017-06-14 05:10 - 2017-05-14 21:32 - 07077376 _____ (Microsoft Corporation) C:\windows\system32\glcndFilter.dll
2017-06-14 05:10 - 2017-05-14 21:31 - 01033216 _____ (Microsoft Corporation) C:\windows\system32\inetcomm.dll
2017-06-14 05:10 - 2017-05-14 21:22 - 00499200 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2017-06-14 05:10 - 2017-05-14 21:19 - 00806912 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2017-06-14 05:10 - 2017-05-14 21:11 - 20274688 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2017-06-14 05:10 - 2017-05-14 21:10 - 00663552 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
2017-06-14 05:10 - 2017-05-14 21:04 - 00315224 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\atmfd.dll
2017-06-14 05:10 - 2017-05-14 21:03 - 00373080 _____ (Adobe Systems Incorporated) C:\windows\system32\atmfd.dll
2017-06-14 05:10 - 2017-05-14 20:54 - 15252992 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2017-06-14 05:10 - 2017-05-14 20:52 - 03240960 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2017-06-14 05:10 - 2017-05-14 20:48 - 05274112 _____ (Microsoft Corporation) C:\windows\SysWOW64\glcndFilter.dll
2017-06-14 05:10 - 2017-05-14 20:46 - 00880640 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcomm.dll
2017-06-14 05:10 - 2017-05-14 20:44 - 04549120 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2017-06-14 05:10 - 2017-05-14 20:40 - 00693248 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2017-06-14 05:10 - 2017-05-14 20:38 - 07796736 _____ (Microsoft Corporation) C:\windows\system32\Windows.Data.Pdf.dll
2017-06-14 05:10 - 2017-05-14 20:37 - 01544704 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2017-06-14 05:10 - 2017-05-14 20:30 - 13664768 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2017-06-14 05:10 - 2017-05-14 20:27 - 00800768 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2017-06-14 05:10 - 2017-05-14 20:16 - 05268992 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Data.Pdf.dll
2017-06-14 05:10 - 2017-05-14 20:15 - 02767872 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2017-06-14 05:10 - 2017-05-14 20:13 - 00136904 _____ (Microsoft Corporation) C:\windows\system32\wuauclt.exe
2017-06-14 05:10 - 2017-05-14 20:11 - 01314816 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2017-06-14 05:10 - 2017-05-14 20:11 - 00710144 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2017-06-14 05:10 - 2017-05-14 20:06 - 07441240 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe
2017-06-14 05:10 - 2017-05-14 20:06 - 01737600 _____ (Microsoft Corporation) C:\windows\system32\ntdll.dll
2017-06-14 05:10 - 2017-05-14 20:06 - 01502000 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntdll.dll
2017-06-14 05:10 - 2017-05-12 19:05 - 00035840 _____ (Adobe Systems) C:\windows\SysWOW64\atmlib.dll
2017-06-14 05:10 - 2017-05-12 18:16 - 01084928 _____ (Microsoft Corporation) C:\windows\SysWOW64\gdi32.dll
2017-06-14 05:10 - 2017-05-12 18:13 - 01559552 _____ (Microsoft Corporation) C:\windows\SysWOW64\DWrite.dll
2017-06-14 05:10 - 2017-05-12 17:51 - 00029696 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuapp.exe
2017-06-14 05:10 - 2017-05-12 17:50 - 00124928 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuwebv.dll
2017-06-14 05:10 - 2017-05-12 17:48 - 00081920 _____ (Microsoft Corporation) C:\windows\SysWOW64\wudriver.dll
2017-06-14 05:10 - 2017-05-12 17:47 - 00726528 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuapi.dll
2017-06-14 05:10 - 2017-05-12 06:10 - 00044032 _____ (Adobe Systems) C:\windows\system32\atmlib.dll
2017-06-14 05:10 - 2017-05-12 04:58 - 01985536 _____ (Microsoft Corporation) C:\windows\system32\DWrite.dll
2017-06-14 05:10 - 2017-05-12 04:48 - 01377792 _____ (Microsoft Corporation) C:\windows\system32\FntCache.dll
2017-06-14 05:10 - 2017-05-12 04:18 - 03714560 _____ (Microsoft Corporation) C:\windows\system32\wuaueng.dll
2017-06-14 05:10 - 2017-05-12 04:11 - 00035840 _____ (Microsoft Corporation) C:\windows\system32\wuapp.exe
2017-06-14 05:10 - 2017-05-12 04:10 - 00140288 _____ (Microsoft Corporation) C:\windows\system32\wuwebv.dll
2017-06-14 05:10 - 2017-05-12 04:07 - 00409088 _____ (Microsoft Corporation) C:\windows\system32\WUSettingsProvider.dll
2017-06-14 05:10 - 2017-05-12 04:06 - 00095744 _____ (Microsoft Corporation) C:\windows\system32\wudriver.dll
2017-06-14 05:10 - 2017-05-12 04:04 - 00897024 _____ (Microsoft Corporation) C:\windows\system32\wuapi.dll
2017-06-14 05:10 - 2017-05-12 04:00 - 02240512 _____ (Microsoft Corporation) C:\windows\system32\wucltux.dll
2017-06-14 05:10 - 2017-05-12 01:36 - 22361848 _____ (Microsoft Corporation) C:\windows\system32\shell32.dll
2017-06-14 05:10 - 2017-05-12 01:32 - 19788672 _____ (Microsoft Corporation) C:\windows\SysWOW64\shell32.dll
2017-06-14 05:10 - 2017-05-10 20:19 - 00101720 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mountmgr.sys
2017-06-14 05:10 - 2017-05-06 18:05 - 01094656 _____ (Microsoft Corporation) C:\windows\system32\localspl.dll
2017-06-14 05:10 - 2017-05-06 18:04 - 00865792 _____ (Microsoft Corporation) C:\windows\system32\win32spl.dll
2017-06-14 05:10 - 2017-04-06 19:37 - 00445440 _____ (Microsoft Corporation) C:\windows\system32\certcli.dll
2017-06-14 05:10 - 2017-04-06 19:16 - 00615936 _____ (Microsoft Corporation) C:\windows\system32\wpd_ci.dll
2017-06-14 05:10 - 2017-04-06 18:50 - 01436672 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
2017-06-14 05:10 - 2017-04-06 18:46 - 00434688 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll
2017-06-14 05:10 - 2017-04-06 18:46 - 00324096 _____ (Microsoft Corporation) C:\windows\SysWOW64\certcli.dll
2017-06-14 05:10 - 2017-04-06 18:35 - 01362432 _____ (Microsoft Corporation) C:\windows\system32\gpsvc.dll
2017-06-14 05:10 - 2017-04-06 18:15 - 00358912 _____ (Microsoft Corporation) C:\windows\SysWOW64\schannel.dll
2017-06-14 05:10 - 2017-04-06 17:44 - 00087040 _____ (Microsoft Corporation) C:\windows\system32\wpdbusenum.dll
2017-06-14 05:10 - 2017-04-02 16:49 - 00186880 _____ (Microsoft Corporation) C:\windows\system32\dpapisrv.dll
2017-06-14 05:10 - 2017-04-02 15:40 - 02013016 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ntfs.sys
2017-06-14 04:53 - 2017-06-14 05:01 - 262671666 _____ C:\Users\elgiganten-demo\Downloads\majuu-jouka-shoujo-utea-1-720p-opt.mp4
2017-06-13 21:31 - 2017-06-13 21:31 - 00321110 _____ C:\Users\elgiganten-demo\Downloads\watch (1).htm
2017-06-12 18:18 - 2017-06-14 00:21 - 00000000 ____D C:\Users\elgiganten-demo\Desktop\troll
2017-06-10 21:48 - 2017-06-11 15:00 - 00000838 _____ C:\Users\elgiganten-demo\Desktop\important.txt
2017-06-10 17:43 - 2017-06-15 11:12 - 00000000 ____D C:\Program Files (x86)\Windscribe
2017-06-10 17:43 - 2017-06-10 17:43 - 15139472 _____ (Windscribe ) C:\Users\elgiganten-demo\Downloads\Windscribe.exe
2017-06-10 17:43 - 2017-06-10 17:43 - 00001054 _____ C:\Users\Public\Desktop\Windscribe.lnk
2017-06-10 17:43 - 2017-06-10 17:43 - 00000000 ____D C:\Users\elgiganten-demo\AppData\Local\Windscribe
2017-06-10 17:43 - 2017-06-10 17:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windscribe
2017-06-10 17:43 - 2017-04-21 04:16 - 00045560 _____ (The OpenVPN Project) C:\windows\system32\Drivers\tapwindscribe0901.sys
2017-06-08 08:31 - 2017-06-08 08:31 - 00062020 _____ C:\Users\elgiganten-demo\Downloads\index.htm
2017-06-06 17:08 - 2017-06-06 14:16 - 01022464 _____ C:\Users\elgiganten-demo\Downloads\minecraft.exe
2017-06-06 14:18 - 2017-06-06 14:18 - 00422450 _____ C:\Users\elgiganten-demo\Downloads\VwVBLPa.rar
2017-06-06 13:29 - 2017-06-06 13:29 - 01282640 _____ C:\Users\elgiganten-demo\Desktop\ts3_recording_17_06_06_13_29_23.wav
2017-06-05 16:05 - 2017-06-05 16:05 - 02274001 _____ C:\Users\elgiganten-demo\Downloads\Menyoo Launcher (1).zip
2017-06-05 16:05 - 2017-06-05 16:05 - 00000000 ____D C:\Users\elgiganten-demo\Downloads\Menyoo Launcher (1)
2017-06-05 05:38 - 2017-06-05 05:38 - 00361775 _____ C:\Users\elgiganten-demo\Desktop\FARFAR.txt
2017-06-04 23:05 - 2017-06-04 23:05 - 04506104 _____ C:\Users\elgiganten-demo\Downloads\faithful32pack.zip
2017-06-04 04:12 - 2017-06-08 08:27 - 00000000 ____D C:\Users\elgiganten-demo\Documents\elgiganten-demo
2017-06-04 04:12 - 2017-06-04 04:12 - 00000000 ____D C:\Users\elgiganten-demo\Desktop\gta 5
2017-06-04 04:11 - 2017-06-04 04:11 - 02274001 _____ C:\Users\elgiganten-demo\Downloads\Menyoo Launcher.zip
2017-06-03 06:27 - 2017-07-02 08:48 - 00000987 _____ C:\Users\elgiganten-demo\Desktop\BlueScreenView.cfg
2017-06-03 05:14 - 2017-06-03 05:14 - 00132659 _____ C:\Users\elgiganten-demo\Downloads\BSOD.rar
2017-06-03 05:14 - 2017-05-21 17:01 - 00712740 _____ C:\Users\elgiganten-demo\Desktop\052117-23281-01.dmp
2017-06-03 05:08 - 2017-06-03 05:08 - 00067310 _____ C:\Users\elgiganten-demo\Downloads\bluescreenview.zip
2017-06-03 05:08 - 2017-06-03 05:08 - 00001579 _____ C:\Users\elgiganten-demo\Downloads\bluescreenview_swedish.zip
2017-06-03 05:04 - 2017-06-03 05:04 - 00260007 _____ C:\Users\elgiganten-demo\Downloads\Minidump.rar
2017-06-03 05:04 - 2017-06-01 16:47 - 00652756 _____ C:\Users\elgiganten-demo\Desktop\060117-30515-01.dmp
2017-06-03 05:04 - 2017-06-01 16:38 - 00715356 _____ C:\Users\elgiganten-demo\Desktop\060117-32765-01.dmp
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2017-07-02 14:31 - 2015-04-27 01:05 - 00000000 ____D C:\FRST
2017-07-02 14:22 - 2016-01-19 16:42 - 00000000 ____D C:\ProgramData\NVIDIA
2017-07-02 08:48 - 2017-05-03 21:08 - 00128482 _____ C:\windows\ntbtlog.txt
2017-07-02 08:48 - 2015-01-21 02:28 - 00000000 ____D C:\Users\elgiganten-demo
2017-07-02 06:43 - 2015-04-17 13:50 - 00000000 ____D C:\Users\elgiganten-demo\AppData\Roaming\Skype
2017-07-01 22:27 - 2015-07-29 20:10 - 00000000 ____D C:\Users\elgiganten-demo\AppData\Local\CrashDumps
2017-07-01 22:27 - 2015-01-29 10:11 - 00061024 _____ (NirSoft) C:\Users\elgiganten-demo\Desktop\BlueScreenView.exe
2017-07-01 22:23 - 2015-08-04 10:19 - 00000000 ____D C:\Users\elgiganten-demo\Documents\Visual Studio 2015
2017-07-01 22:04 - 2017-01-06 12:47 - 00000000 ____D C:\Program Files\SoftEther VPN Client
2017-07-01 22:00 - 2015-12-31 17:31 - 00000000 ____D C:\windows\Minidump
2017-07-01 22:00 - 2013-08-22 16:45 - 00000006 ____H C:\windows\Tasks\SA.DAT
2017-07-01 17:04 - 2015-04-17 18:04 - 00192216 _____ (Malwarebytes) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2017-07-01 11:14 - 2014-08-02 12:38 - 00945396 _____ C:\windows\system32\perfh01D.dat
2017-07-01 11:14 - 2014-08-02 12:38 - 00244364 _____ C:\windows\system32\perfc01D.dat
2017-07-01 11:12 - 2013-08-22 15:25 - 00262144 ___SH C:\windows\system32\config\BBI
2017-07-01 11:09 - 2013-08-22 15:36 - 00000000 ____D C:\windows\Inf
2017-06-30 12:42 - 2013-08-22 17:36 - 00000000 ____D C:\windows\system32\NDF
2017-06-30 09:07 - 2015-04-23 16:07 - 00000000 ____D C:\Program Files (x86)\Steam
2017-06-29 03:01 - 2013-08-22 17:20 - 00000000 ____D C:\windows\CbsTemp
2017-06-28 17:15 - 2015-04-17 22:53 - 00000000 ____D C:\Users\elgiganten-demo\AppData\Roaming\.minecraft
2017-06-27 07:13 - 2015-07-08 09:15 - 00003444 _____ C:\windows\System32\Tasks\GyazoUpdateTaskMachineDaily
2017-06-27 07:13 - 2015-04-17 19:15 - 00003318 _____ C:\windows\System32\Tasks\GyazoUpdateTaskMachine
2017-06-27 07:13 - 2015-04-17 19:15 - 00000000 ____D C:\Program Files (x86)\Gyazo
2017-06-25 08:18 - 2015-04-17 19:26 - 00000000 ____D C:\Users\elgiganten-demo\.VirtualBox
2017-06-24 04:29 - 2016-03-29 15:55 - 00000000 ____D C:\Users\elgiganten-demo\AppData\Roaming\TS3Client
2017-06-24 01:22 - 2013-08-22 17:36 - 00000000 ____D C:\windows\tracing
2017-06-21 17:33 - 2015-01-21 02:33 - 00003600 _____ C:\windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3593711402-1704135711-2489708331-1001
2017-06-20 18:35 - 2015-09-05 16:18 - 00002254 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-06-18 08:25 - 2015-11-09 04:05 - 00000000 ___RD C:\Users\elgiganten-demo\Desktop\Deskt-
2017-06-16 22:12 - 2016-06-19 21:42 - 00000000 ____D C:\Users\elgiganten-demo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Roblox
2017-06-16 14:08 - 2015-01-21 02:28 - 00000000 ____D C:\Users\elgiganten-demo\AppData\Local\Packages
2017-06-16 14:08 - 2013-08-22 17:36 - 00000000 ___HD C:\Program Files\WindowsApps
2017-06-16 14:08 - 2013-08-22 17:36 - 00000000 ____D C:\windows\AppReadiness
2017-06-15 11:24 - 2013-08-22 17:36 - 00000000 ____D C:\windows\rescache
2017-06-15 11:11 - 2017-05-12 11:27 - 00350520 _____ C:\windows\system32\FNTCACHE.DAT
2017-06-15 11:11 - 2015-04-23 22:44 - 00000000 ____D C:\Program Files (x86)\360
2017-06-15 00:53 - 2013-08-22 17:36 - 00000000 ___RD C:\windows\ToastData
2017-06-14 13:31 - 2015-01-31 06:59 - 00000000 ____D C:\windows\system32\MRT
2017-06-14 13:26 - 2015-01-31 06:59 - 133627792 ____C (Microsoft Corporation) C:\windows\system32\MRT.exe
2017-06-14 04:59 - 2017-04-12 06:22 - 00201728 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb20.sys
2017-06-14 04:58 - 2017-04-12 06:22 - 00401408 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb.sys
2017-06-14 04:58 - 2017-04-12 06:22 - 00285184 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb10.sys
2017-06-13 15:41 - 2016-01-29 19:30 - 00000000 ____D C:\Program Files\Rockstar Games
2017-06-13 15:41 - 2016-01-29 19:30 - 00000000 ____D C:\Program Files (x86)\Rockstar Games
2017-06-07 22:37 - 2017-03-24 00:32 - 00000000 ____D C:\Users\elgiganten-demo\Desktop\imp
2017-06-05 15:13 - 2017-01-09 21:09 - 00000950 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 12.lnk
2017-06-05 15:13 - 2015-04-23 00:26 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2017-06-04 04:11 - 2017-05-23 07:42 - 02421248 _____ () C:\Users\elgiganten-demo\Desktop\Menyoo Launcher.exe
2017-06-04 04:11 - 2017-05-23 07:42 - 00020480 _____ () C:\Users\elgiganten-demo\Desktop\LauncherUI.dll
2017-06-04 04:11 - 2017-05-14 04:07 - 00011776 _____ C:\Users\elgiganten-demo\Desktop\Inject.dll
2017-06-03 04:31 - 2016-11-10 10:21 - 00835576 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2017-06-03 04:31 - 2016-11-10 10:21 - 00177656 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2017-06-02 02:40 - 2017-06-01 21:59 - 00000034 _____ C:\Users\elgiganten-demo\Desktop\minecraft.txt
 
==================== Files in the root of some directories =======
 
2016-12-13 19:54 - 2016-12-13 19:54 - 0001167 _____ () C:\Users\elgiganten-demo\AppData\Roaming\trace_FilterInstaller.txt
2016-12-13 19:54 - 2016-12-13 19:54 - 0000000 _____ () C:\Users\elgiganten-demo\AppData\Roaming\trace_FilterInstaller.txt-CRT.txt
2016-08-20 19:42 - 2016-10-10 23:35 - 0000600 _____ () C:\Users\elgiganten-demo\AppData\Roaming\winscp.rnd
2016-08-20 15:24 - 2017-03-17 16:49 - 0000600 _____ () C:\Users\elgiganten-demo\AppData\Local\PUTTY.RND
2015-07-19 04:59 - 2015-07-19 04:59 - 0000741 _____ () C:\Users\elgiganten-demo\AppData\Local\recently-used.xbel
2015-06-20 00:59 - 2016-01-13 16:45 - 0007606 _____ () C:\Users\elgiganten-demo\AppData\Local\Resmon.ResmonCfg
2017-01-06 11:34 - 2017-01-26 18:36 - 0011639 _____ () C:\ProgramData\NvTelemetryContainer.log
 
Some files in TEMP:
====================
2017-05-03 20:45 - 2017-04-20 02:18 - 0867968 _____ (NVIDIA Corporation) C:\Users\elgiganten-demo\AppData\Local\Temp\nvSCPAPI64.dll
2017-05-24 17:41 - 2017-04-20 02:18 - 0367736 _____ (NVIDIA Corporation) C:\Users\elgiganten-demo\AppData\Local\Temp\nvStInst.exe
2017-07-02 00:12 - 2017-07-02 00:12 - 1347216 _____ (Sysinternals - www.sysinternals.com) C:\Users\elgiganten-demo\AppData\Local\Temp\procexp64.exe
2017-05-19 22:54 - 2017-06-19 18:46 - 58684896 _____ (Skype Technologies S.A.) C:\Users\elgiganten-demo\AppData\Local\Temp\SkypeSetup.exe
2017-06-30 14:42 - 2017-06-30 14:42 - 1639936 _____ (CPUID) C:\Users\elgiganten-demo\AppData\Local\Temp\speccycpuid.dll
 
==================== Bamital & volsnap ======================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\windows\system32\winlogon.exe => File is digitally signed
C:\windows\system32\wininit.exe => File is digitally signed
C:\windows\explorer.exe => File is digitally signed
C:\windows\SysWOW64\explorer.exe => File is digitally signed
C:\windows\system32\svchost.exe => File is digitally signed
C:\windows\SysWOW64\svchost.exe => File is digitally signed
C:\windows\system32\services.exe => File is digitally signed
C:\windows\system32\User32.dll => File is digitally signed
C:\windows\SysWOW64\User32.dll => File is digitally signed
C:\windows\system32\userinit.exe => File is digitally signed
C:\windows\SysWOW64\userinit.exe => File is digitally signed
C:\windows\system32\rpcss.dll => File is digitally signed
C:\windows\system32\dnsapi.dll => File is digitally signed
C:\windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\windows\system32\Drivers\volsnap.sys => File is digitally signed
 
LastRegBack: 2017-07-01 11:24
 
==================== End of FRST.txt ============================

Edited by Alduin, 02 July 2017 - 06:47 AM.

  • 0

Advertisements


#2
Alduin

Alduin

    Banned

  • Topic Starter
  • Banned
  • PipPip
  • 55 posts
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 29-06-2017
Ran by elgiganten-demo (02-07-2017 14:33:08)
Running from C:\Users\elgiganten-demo\Downloads
Windows 8.1 (Update) (X64) (2015-01-21 00:27:58)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administratör (S-1-5-21-3593711402-1704135711-2489708331-500 - Administrator - Disabled)
elgiganten-demo (S-1-5-21-3593711402-1704135711-2489708331-1001 - Administrator - Enabled) => C:\Users\elgiganten-demo
Gäst (S-1-5-21-3593711402-1704135711-2489708331-501 - Limited - Disabled)
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
.NET Reflector Desktop (HKLM-x32\...\{34795E6B-338D-4A6D-8BCE-906AD056AF4F}) (Version: 9.0.1.374 - Red Gate Software Ltd)
.NET Reflector Visual Studio Extension 9.0 (HKLM-x32\...\{BDF47606-A702-4FDF-8003-F5B807F54DA3}) (Version: 9.0.1.374 - Red Gate Software Ltd)
7-Zip 16.02 (x64) (HKLM\...\7-Zip) (Version: 16.02 - Igor Pavlov)
A3Launcher version 0.1.4.6 (HKLM-x32\...\{1E29A86E-9AE2-4CD8-74C8-6B170ED3C4D2}_is1) (Version: 0.1.4.6 - Maca134)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 4.0.1.188 - Adobe Systems Incorporated)
Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.188 - Adobe Systems Incorporated)
Adobe Photoshop CC 2017 (HKLM-x32\...\PHSP_18_1) (Version: 18.1.0 - Adobe Systems Incorporated)
Aftermath (HKLM\...\Steam App 349700) (Version:  - Free Reign Entertainment)
Alcor Micro USB Card Reader Driver  (HKLM-x32\...\{7F28165B-148D-4672-AA21-469D9E6E3CB6}) (Version: 20.21.3317.03861 - Alcor Micro Corp.) Hidden
Alcor Micro USB Card Reader Driver  (HKLM-x32\...\AmUStor) (Version: 20.21.3317.03861 - Alcor Micro Corp.)
Ansel (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Ansel) (Version: 382.33 - NVIDIA Corporation) Hidden
APB Reloaded (HKLM-x32\...\Steam App 113400) (Version:  - Reloaded Productions)
Application Insights Tools for Visual Studio 2015 (HKLM-x32\...\{9F429DF7-F8DD-4980-9673-E6DACA012F6C}) (Version: 3.3 - Microsoft Corporation) Hidden
Arma 3 (HKLM\...\Steam App 107410) (Version:  - Bohemia Interactive)
Authoirty (HKLM\...\{69C97AF5-465E-4C36-B7C7-DAD597ED4E78}) (Version: 1.3.5 - Menyoo) Hidden
Authoirty (HKLM-x32\...\Authoirty 1.3.5) (Version: 1.3.5 - Menyoo)
Authority (HKLM\...\{83BF47B4-D7C2-4127-A4A8-AD309DA95111}) (Version: 1.6.0 - Menyoo) Hidden
Authority (HKLM\...\{D4B72E58-BFC3-489B-A3A9-94ED22D7FE2D}) (Version: 1.7.1 - Menyoo) Hidden
Authority (HKLM-x32\...\Authority 1.6.0) (Version: 1.6.0 - Menyoo)
Authority (HKLM-x32\...\Authority 1.7.1) (Version: 1.7.1 - Menyoo)
Auto Clicker v3.1 (HKLM-x32\...\{C0A7E4F3-82CC-416B-82C6-BA06AACFD635}_is1) (Version: 3.1 - MurGee.com)
Auto Typer by MurGee v1.16 (HKLM-x32\...\{D04D8636-FB60-47FD-8F8C-18D475C52456}_is1) (Version: 1.16 - MurGee.com)
AutoHotkey 1.1.22.02 (HKLM\...\AutoHotkey) (Version: 1.1.22.02 - Lexikos)
Azure AD Authentication Connected Service (HKLM-x32\...\{3FEAC561-1CF6-41D6-B0F3-BECDD9C88A1B}) (Version: 14.0.23107 - Microsoft Corporation) Hidden
AzureTools.Notifications (HKLM-x32\...\{1E5CA362-39B6-4BD0-B9C0-69CF15F0FEA2}) (Version: 2.7.30611.1601 - Microsoft Corporation) Hidden
BankID säkerhetsprogram (HKLM-x32\...\{81F0D54A-F439-424E-9872-FB9B56C24AEB}) (Version: 7.0.0.41 - Finansiell ID-Teknik BID AB)
Battlefield 4™ (HKLM-x32\...\{ABADE36E-EC37-413B-8179-B432AD3FACE7}) (Version: 1.8.2.48475 - Electronic Arts)
Battlefield™ 1 Open Beta (HKLM-x32\...\{F9E19363-7B10-4F8A-8640-945C36D4B504}) (Version: 1.0.8.10777 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.3.0 - EA Digital Illusions CE AB)
Blend for Visual Studio SDK for .NET 4.5 (HKLM-x32\...\{37E53780-3944-4A6A-842F-727128E8616E}) (Version: 3.0.40218.0 - Microsoft Corporation) Hidden
Blueline 1.1.1 (HKLM-x32\...\Blueline_is1) (Version:  - )
BlueStacks App Player (HKLM-x32\...\{38E69C88-1B39-4A51-96D2-303337D9C210}) (Version: 2.2.18.6014 - BlueStack Systems, Inc.)
Cain & Abel 4.9.56 (HKLM-x32\...\Cain & Abel 4.9.56) (Version:  - )
Call of Duty: Advanced Warfare - Multiplayer (HKLM-x32\...\Steam App 209660) (Version:  - Sledgehammer Games)
CCleaner (HKLM\...\CCleaner) (Version: 5.13 - Piriform)
CommView (HKLM-x32\...\{70C4E840-DAB4-11DF-5F90-014727066952}) (Version: 6.5 - TamoSoft)
Counter-Strike: Global Offensive (HKLM\...\Steam App 730) (Version:  - Valve)
Counter-Strike: Source (HKLM-x32\...\Steam App 240) (Version:  - Valve)
CPUID CPU-Z 1.72 (HKLM\...\CPUID CPU-Z_is1) (Version:  - )
Creativerse (HKLM\...\Steam App 280790) (Version:  - Playful Corporation)
CyberLink Media Suite 10 (HKLM-x32\...\InstallShield_{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}) (Version: 10.0.6.3728 - CyberLink Corp.)
Cyberlink PhotoDirector (HKLM-x32\...\InstallShield_{39337565-330E-4ab6-A9AE-AC81E0720B10}) (Version: 3.0.5.4824 - CyberLink Corp.)
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.6.3702 - CyberLink Corp.)
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.6.3625 - CyberLink Corp.)
CyberLink PowerDVD 12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.3.3626 - CyberLink Corp.)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
DisableMSDefender (HKLM\...\{74FE39A0-FB76-47CD-84BA-91E2BBB17EF2}) (Version: 1.0.0 - Hewlett-Packard Company) Hidden
Discord (HKU\S-1-5-21-3593711402-1704135711-2489708331-1001\...\Discord) (Version: 0.0.297 - Hammer & Chisel, Inc.)
Dotfuscator and Analytics Community Edition 5.18.1 (HKLM-x32\...\{9890DF1A-10E9-4236-94B1-1EFAA4099F13}) (Version: 5.18.1.2898 - PreEmptive Solutions) Hidden
Energy Star (HKLM-x32\...\{FC0ADA4D-8FA5-4452-8AFF-F0A0BAC97EF7}) (Version: 1.0.9 - Hewlett-Packard Company)
Entity Framework 6.1.3 Tools  for Visual Studio 2015 (HKLM-x32\...\{1A8A9739-BAD7-491F-B5B9-A79A2B965422}) (Version: 14.0.40302.0 - Microsoft Corporation)
ESN Sonar (HKLM-x32\...\ESN Sonar-0.70.4) (Version: 0.70.4 - ESN Social Software AB)
ExpressCache (HKLM\...\{44EAE7F6-8BBF-4C3F-A573-3CD5A3C067FA}) (Version: 1.3.110.0 - Condusiv Technologies)
Fallout 3 (HKLM-x32\...\Steam App 22300) (Version:  - Bethesda Game Studios)
FlyVPN (HKLM-x32\...\FlyVPN) (Version: 3.5.1.1 - FlyVPN)
Fotogalleriet (HKLM-x32\...\{5FF3045E-4A36-4B98-9F7F-48B49F4469C7}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Fraps (HKLM-x32\...\Fraps) (Version:  - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 59.0.3071.104 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.5 - Google Inc.) Hidden
Gpg4win (2.3.3) (HKLM-x32\...\GPG4Win) (Version: 2.3.3 - The Gpg4win Project)
Grand Theft Auto IV (HKLM\...\Steam App 12210) (Version:  - Rockstar North)
Grand Theft Auto V (HKLM-x32\...\{E01FA564-2094-4833-8F2F-1FFEC6AFCC46}) (Version: "1.00.0000" - Rockstar Games)
Grand Theft Auto V (HKLM-x32\...\Steam App 271590) (Version:  - Rockstar North)
Gyazo 3.3.2 (HKLM-x32\...\{6DB8C365-E719-4BA5-9594-10DFC244D3FD}_is1) (Version:  - Nota Inc.)
H1Z1: Just Survive (HKLM\...\Steam App 295110) (Version:  - Daybreak Game Company)
H1Z1: King of the Kill (HKLM\...\Steam App 433850) (Version:  - Daybreak Game Company)
Hewlett-Packard ACLM.NET v1.2.2.3 (HKLM-x32\...\{6F340107-F9AA-47C6-B54C-C3A19F11553F}) (Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HP Documentation (HKLM-x32\...\{06600E94-1C34-40E2-AB09-D30AECF78172}) (Version: 1.1.0.0 - Hewlett-Packard)
HP Registration Service (HKLM\...\{D1E8F2D7-7794-4245-B286-87ED86C1893C}) (Version: 1.2.7493.4758 - Hewlett-Packard)
HP SimplePass (HKLM-x32\...\InstallShield_{314FAD12-F785-4471-BCE8-AB506642B9A1}) (Version: 8.01.06 - Hewlett-Packard)
HP Support Assistant (HKLM-x32\...\{8C696B4B-6AB1-44BC-9416-96EAC474CABE}) (Version: 7.5.2.12 - Hewlett-Packard Company)
HP Support Information (HKLM-x32\...\{B2B7B1C8-7C8B-476C-BE2C-049731C55992}) (Version: 13.00.0000 - Hewlett-Packard)
HxD Hex Editor version 1.7.7.0 (HKLM-x32\...\HxD Hex Editor_is1) (Version: 1.7.7.0 - Maël Hörz)
ICQ (version 10.0.12154) (HKU\S-1-5-21-3593711402-1704135711-2489708331-1001\...\icq.desktop) (Version: 10.0.12154 - ICQ)
IDA Pro Free v5.0 (HKLM-x32\...\IDA Pro Free_is1) (Version:  - Hex-Rays SA)
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6496.0 - IDT)
IIS 10.0 Express (HKLM\...\{5984D8DA-C1AF-4284-9C88-D7150425B315}) (Version: 10.0.1734 - Microsoft Corporation)
IIS Express Application Compatibility Database for x64 (HKLM\...\{08274920-8908-45c2-9258-8ad67ff77b09}.sdb) (Version:  - )
IIS Express Application Compatibility Database for x86 (HKLM\...\{ad846bae-d44b-4722-abad-f7420e08bcd9}.sdb) (Version:  - )
i-Menu version 4.1.3 (HKLM-x32\...\{0121C0BD-363C-4B1D-8B64-FE7681A37D0A}_is1) (Version: 4.1.3 - AOC)
Inst5675 (HKLM\...\{2DE6247C-7077-451B-8BA7-FFD1A2ABBB47}) (Version: 8.01.06 - Softex Inc.) Hidden
Inst5676 (HKLM\...\{878F6913-7421-4713-97F7-0A736EE2A188}) (Version: 8.01.06 - Softex Inc.) Hidden
Java 7 Update 79 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F06417079FF}) (Version: 7.0.790 - Oracle)
Java 8 Update 60 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418060F0}) (Version: 8.0.600.27 - Oracle Corporation)
Java SE Development Kit 7 Update 79 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0170790}) (Version: 1.7.0.790 - Oracle)
JetBrains dotPeek 2016.2.2 (HKU\S-1-5-21-3593711402-1704135711-2489708331-1001\...\{74577882-de65-576a-a99d-1ee8fe04c0b3}) (Version: 2016.2.2  - JetBrains s.r.o.)
JetBrains ReSharper Ultimate in Visual Studio 2015 (HKU\S-1-5-21-3593711402-1704135711-2489708331-1001\...\{02ee0a0e-7567-5503-9c73-1d5e05353513}) (Version: 2016.2.2  - JetBrains s.r.o.)
JKZ Mod (HKU\S-1-5-21-3593711402-1704135711-2489708331-1001\...\48aca53fe04c254a) (Version: 1.0.0.0 - Hewlett-Packard Company)
Last Man Standing (HKLM\...\Steam App 506540) (Version:  - Free Reign Entertainment)
Logitech G430 Driver (HKLM-x32\...\G430_Driver) (Version: 8.53.0.2 - Logitech)
Logitech Gaming Software 8.81 (HKLM\...\Logitech Gaming Software) (Version: 8.81.15 - Logitech Inc.)
Malwarebytes Anti-Malware version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
MasterKeys Pro L Settings software (HKLM-x32\...\{1A3E3EA7-5A7C-4292-8A13-B0DE1BF49E13}_MASTERKEYS_PRO_L) (Version: 0.051 - Cooler Master)
Menyoo (HKLM\...\{D01E76E8-1A8D-4AB6-9D8D-0F2C78D37F3B}) (Version: 1.7.5 - Menyoo) Hidden
Menyoo (HKLM-x32\...\Menyoo 1.7.5) (Version: 1.7.5 - Menyoo)
Microsoft .NET Framework 4.5 Multi-Targeting Pack (HKLM-x32\...\{56E962F0-4FB0-3C67-88DB-9EAA6EEFC493}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (ENU) (HKLM-x32\...\{D3517C62-68A5-37CF-92F7-93C029A89681}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (HKLM-x32\...\{6A0C6700-EA93-372C-8871-DCCF13D160A4}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 SDK (HKLM-x32\...\{19A5926D-66E1-46FC-854D-163AA10A52D3}) (Version: 4.5.51641 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 Multi-Targeting Pack (ENU) (HKLM-x32\...\{290FC320-2F5A-329E-8840-C4193BD7A9EE}) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 Multi-Targeting Pack (HKLM-x32\...\{B941AFB4-8851-33A1-9E72-0C33D463C41C}) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.6 SDK (HKLM-x32\...\{B5915D37-0637-4A26-A3AA-C5DC9F856370}) (Version: 4.6.00081 - Microsoft Corporation)
Microsoft .NET Framework 4.6 Targeting Pack (ENU) (HKLM-x32\...\{3D3CEBE6-40EA-4C48-97FD-73828281AB4A}) (Version: 4.6.00081 - Microsoft Corporation)
Microsoft .NET Framework 4.6 Targeting Pack (HKLM-x32\...\{2CC6A4A7-AAC2-46C9-9DBB-3727B5954F65}) (Version: 4.6.00081 - Microsoft Corporation)
Microsoft .NET Version Manager (x64) 1.0.0-beta5 (HKLM\...\{c5a4aba3-1aba-3ef8-b2d5-c3fa37f59738}) (Version: 1.0.10609.0 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Expression Encoder 4 (HKLM-x32\...\Encoder_4.0.1651.0) (Version: 4.0.1651.0 - Microsoft Corporation)
Microsoft Expression Encoder 4 Screen Capture Codec (HKLM-x32\...\{F940D859-DDB5-4067-82E2-3C8D02F8E09F}) (Version: 4.0.1653.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{67F42018-F647-4D3C-BE62-F8CB4FE2FCD5}) (Version: 3.5.67.0 - Microsoft Corporation)
Microsoft Help Viewer 2.2 (HKLM-x32\...\Microsoft Help Viewer 2.2) (Version: 2.2.23107 - Microsoft Corporation)
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server 2012 Command Line Utilities  (HKLM\...\{9D573E71-1077-4C7E-B4DB-4E22A5D2B48B}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client  (HKLM\...\{49D665A2-4C2A-476E-9AB8-FCC425F526FC}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2014 Management Objects  (HKLM-x32\...\{2774595F-BC2A-4B12-A25B-0C37A37049B0}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 Management Objects  (x64) (HKLM\...\{1F9EB3B6-AED7-4AA7-B8F1-8E314B74B2A5}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 Transact-SQL ScriptDom  (HKLM\...\{020CDFE0-C127-4047-B571-37C82396B662}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 T-SQL Language Service  (HKLM-x32\...\{47D08E7A-92A1-489B-B0BF-415516497BCE}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 SP1 x64 ENU (HKLM\...\{78909610-D229-459C-A936-25D92283D3FD}) (Version: 4.0.8876.1 - Microsoft Corporation)
Microsoft SQL Server Data Tools - enu (14.0.50616.0) (HKLM-x32\...\{58246C80-3941-4B69-AE31-264644E2ADB8}) (Version: 14.0.50616.0 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2014 (HKLM\...\{68BA34E8-9B9D-4A74-83F0-7D366B532D75}) (Version: 12.0.2402.11 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2014 (HKLM-x32\...\{718FFB65-F6E4-4D62-861F-ED10ED32C936}) (Version: 12.0.2402.11 - Microsoft Corporation)
Microsoft Web Deploy 3.6 (HKLM\...\{ED4CC1E5-043E-4157-8452-B5E533FE2BA1}) (Version: 3.1238.1955 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual Studio Community 2015 (HKLM-x32\...\{50b32652-69d2-4b93-9316-edcd12067b8b}) (Version: 14.0.23107.10 - Microsoft Corporation)
Movie Maker (HKLM-x32\...\{5D3B997B-DF28-4BC1-82E6-E6C29A53AF6E}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 51.0.1 (x86 sv-SE) (HKLM-x32\...\Mozilla Firefox 51.0.1 (x86 sv-SE)) (Version: 51.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 51.0.1.6234 - Mozilla)
MSI Afterburner 4.2.0 (HKLM-x32\...\Afterburner) (Version: 4.2.0 - MSI Co., LTD)
MSI Gaming APP (HKLM-x32\...\{E0229316-E73B-484B-B9E0-45098AB38D8C}}_is1) (Version: 5.0.0.25 - MSI)
MSI Live Update 6 (HKLM-x32\...\{4F46CF54-47D2-41F4-B230-B0954C544420}}_is1) (Version: 6.1.009 - MSI)
Multi-Device Hybrid Apps using C# - Templates - ENU (HKLM-x32\...\{12D99739-FFD3-3761-8AA6-F929E0FE407E}) (Version: 14.0.23107 - Microsoft Corporation) Hidden
NordVPN (HKLM-x32\...\{24202B92-D2A2-4FCE-A041-D6E7DE02603C}) (Version: 6.0.0 - NordVPN) Hidden
NordVPN (HKLM-x32\...\NordVPN 6.0.0) (Version: 6.0.0 - NordVPN)
Notepad++ (32-bit x86) (HKLM-x32\...\Notepad++) (Version: 7.2 - Notepad++ Team)
NVIDIA 3D Vision drivrutin 382.33 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 382.33 - NVIDIA Corporation)
NVIDIA 3D Vision drivrutin för styrenhet 369.04 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 369.04 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.6.0.74 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.6.0.74 - NVIDIA Corporation)
NVIDIA Grafikdrivrutin 382.33 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 382.33 - NVIDIA Corporation)
NVIDIA HD audiodrivrutin 1.3.34.26 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.26 - NVIDIA Corporation)
NVIDIA Miracast virtuell audio 382.33 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Miracast.VirtualAudio) (Version: 382.33 - NVIDIA Corporation)
NVIDIA PhysX systemprogramvara 9.17.0329 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0329 - NVIDIA Corporation)
NvNodejs (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvNodejs) (Version: 3.6.0.74 - NVIDIA Corporation) Hidden
NvTelemetry (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvTelemetry) (Version: 2.4.10.0 - NVIDIA Corporation) Hidden
NvvHci (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvvHci) (Version: 2.02.0.5 - NVIDIA Corporation) Hidden
OCCT 4.4.1 (HKLM-x32\...\OCCT) (Version: 4.4.1 - Ocbase.com)
Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version:  - )
OpenIV (HKU\S-1-5-21-3593711402-1704135711-2489708331-1001\...\OpenIV) (Version: 2.8.703 - .black/OpenIV Team)
OpenVPN Connect (HKLM-x32\...\{3D9A5267-3236-4BCC-AA45-2CE16F531187}) (Version: 2.0.8.106 - OpenVPN Technologies)
Opera Stable 44.0.2510.857 (HKLM-x32\...\Opera 44.0.2510.857) (Version: 44.0.2510.857 - Opera Software)
Oracle VM VirtualBox 5.1.4 (HKLM\...\{4EF3FBF6-697D-440A-AADA-7F5D39B73E62}) (Version: 5.1.4 - Oracle Corporation)
Origin (HKLM-x32\...\Origin) (Version: 10.4.9.38188 - Electronic Arts, Inc.)
osu! (HKLM-x32\...\{72f18568-8b56-4dbd-89ef-4c13a51c8fa2}) (Version: latest - ppy Pty Ltd)
PC Wizard 2013.2.12 (HKLM-x32\...\PC Wizard 2013_is1) (Version:  - CPUID)
Phoenix Protector (HKLM-x32\...\{32A1C684-C199-4DD2-9F89-8F44C655D4EC}) (Version: 1.7.1 - NTCore)
Pidgin (HKLM-x32\...\Pidgin) (Version: 2.12.0 - )
Pokki (HKU\S-1-5-21-3593711402-1704135711-2489708331-1001\...\SweetLabs_AP) (Version: 0.269.7.983 - Pokki)
PreEmptive Analytics Visual Studio Components (HKLM-x32\...\{436A18DD-5F2C-4B3C-985E-AD3C13B0CC25}) (Version: 1.2.5134.1 - PreEmptive Solutions) Hidden
Prerequisites for SSDT  (HKLM-x32\...\{21373064-AD95-48DB-A32E-0D9E08EF7355}) (Version: 12.0.2000.8 - Microsoft Corporation)
Project CARS (HKLM\...\Steam App 234630) (Version:  - Slightly Mad Studios)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)
Python 3.5.2 (32-bit) (HKU\S-1-5-21-3593711402-1704135711-2489708331-1001\...\{cf72a2ab-2f1d-49fd-a0d7-1065e6357e1e}) (Version: 3.5.2150.0 - Python Software Foundation)
Python 3.5.2 Core Interpreter (32-bit) (HKLM-x32\...\{EB0611B2-7F10-4D97-BCF2-DCAAB1199498}) (Version: 3.5.2150.0 - Python Software Foundation) Hidden
Python 3.5.2 Development Libraries (32-bit) (HKLM-x32\...\{5DB2183B-62D3-407F-BBC1-EAD2F36283FA}) (Version: 3.5.2150.0 - Python Software Foundation) Hidden
Python 3.5.2 Documentation (32-bit) (HKLM-x32\...\{1FBA5182-78DD-4940-9F06-96E5042B7061}) (Version: 3.5.2150.0 - Python Software Foundation) Hidden
Python 3.5.2 Executables (32-bit) (HKLM-x32\...\{33B10015-A9B1-4210-B50A-26C6443979B0}) (Version: 3.5.2150.0 - Python Software Foundation) Hidden
Python 3.5.2 pip Bootstrap (32-bit) (HKLM-x32\...\{9ADF9987-3327-48C6-91B3-B10900366491}) (Version: 3.5.2150.0 - Python Software Foundation) Hidden
Python 3.5.2 Standard Library (32-bit) (HKLM-x32\...\{FCBB04F4-D2CF-4F55-BE92-B3898696B318}) (Version: 3.5.2150.0 - Python Software Foundation) Hidden
Python 3.5.2 Tcl/Tk Support (32-bit) (HKLM-x32\...\{C1153533-FDC4-4922-892D-B71810F69566}) (Version: 3.5.2150.0 - Python Software Foundation) Hidden
Python 3.5.2 Test Suite (32-bit) (HKLM-x32\...\{9D50A6D7-410A-4469-87B7-35FA84CBD479}) (Version: 3.5.2150.0 - Python Software Foundation) Hidden
Python 3.5.2 Utility Scripts (32-bit) (HKLM-x32\...\{E6DEBF43-7ACF-4E88-9BBF-9B5945683281}) (Version: 3.5.2150.0 - Python Software Foundation) Hidden
Python Launcher (HKLM-x32\...\{963ECCDD-F09F-4C24-9367-8B5D748AA7C8}) (Version: 3.5.2121.0 - Python Software Foundation)
qTox (HKLM-x32\...\qTox) (Version: 1.8.1 - The qTox Project)
Qualcomm Atheros Driver Installation Program (HKLM-x32\...\{C3A32068-8AB1-4327-BB16-BED9C6219DC7}) (Version: 10.0 - Qualcomm Atheros)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9200.30164 - Realtek Semiconductor Corp.)
Recovery Manager (HKLM-x32\...\{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}) (Version: 5.5.0.7316 - CyberLink Corp.) Hidden
Recuva (HKLM\...\Recuva) (Version: 1.53 - Piriform)
Remote Desktop Connection Manager (HKLM-x32\...\{0240359E-6A4C-4884-9E94-B397A02D893C}) (Version: 2.7.14060 - Microsoft Corporation)
Resource Hacker Version 4.2.5 (HKLM-x32\...\ResourceHacker_is1) (Version:  - )
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
rFactor Demo (HKLM-x32\...\Steam App 353320) (Version:  - Image Space Incorporated)
Rising World (HKLM\...\Steam App 324080) (Version:  - JIW-Games)
RivaTuner Statistics Server 6.4.1 (HKLM-x32\...\RTSS) (Version: 6.4.1 - Unwinder)
ROBLOX Player for elgiganten-demo (HKU\S-1-5-21-3593711402-1704135711-2489708331-1001\...\{373B1718-8CC5-4567-8EE2-9033AD08A680}) (Version:  - ROBLOX Corporation)
Robocraft (HKLM-x32\...\Steam App 301520) (Version:  - Freejam)
RoBoRumble (HKLM\...\Steam App 420970) (Version:  - Metropolis)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.2.1.9 - Rockstar Games)
Roslyn Language Services - x86 (HKLM-x32\...\{5B47029B-1E62-30FF-906E-694851C22782}) (Version: 14.0.23107 - Microsoft Corporation) Hidden
Roslyn Language Services - x86 (HKLM-x32\...\{6C1985E7-E1C5-3A95-86EF-2C62465F15C3}) (Version: 14.0.23107 - Microsoft Corporation) Hidden
S.K.I.L.L. - Special Force 2 (HKLM-x32\...\Steam App 286940) (Version:  - )
Sandboxie 5.12 (64-bit) (HKLM\...\Sandboxie) (Version: 5.12 - Sandboxie Holdings, LLC)
SHIELD Streaming (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv) (Version: 7.1.0370 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShieldWirelessController) (Version: 3.6.0.74 - NVIDIA Corporation) Hidden
Skype™ 7.25 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.25.106 - Skype Technologies S.A.)
SmartAssembly 6 (HKLM\...\{09D5CC0D-0505-4A3D-AB2D-560206B0E6EB}) (Version: 6.9.0.114 - Red Gate Software Ltd)
SoftEther VPN Client (HKLM\...\softether_sevpnclient) (Version: 4.22.9634 - SoftEther VPN Project)
Speccy (HKLM\...\Speccy) (Version: 1.28 - Piriform)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version:  - )
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TAP-Windows 9.21.2 (HKLM\...\TAP-Windows) (Version: 9.21.2 - )
Team Explorer for Microsoft Visual Studio 2015 (HKLM-x32\...\{791295AE-3B0A-3222-9E69-26C8C106E8D1}) (Version: 14.0.23102 - Microsoft Corporation) Hidden
Team Fortress 2 (HKLM-x32\...\Steam App 440) (Version:  - Valve)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.18 - TeamSpeak Systems GmbH)
TeamViewer 12 (HKLM-x32\...\TeamViewer) (Version: 12.0.78313 - TeamViewer)
Telerik JustDecompile Q2 2016 SP2 (HKLM-x32\...\{46E0879B-43C3-467D-91DD-56723E3F6378}) (Version: 16.2.718.0 - Telerik AD)
Test Tools for Microsoft Visual Studio 2015 (HKLM-x32\...\{9EABBFE1-7EED-47D9-8FB8-21D7E4808057}) (Version: 14.0.23107 - Microsoft Corporation) Hidden
The Elder Scrolls V: Skyrim (HKLM-x32\...\Steam App 72850) (Version:  - Bethesda Game Studios)
Tom Clancy's Ghost Recon Phantoms - EU (HKLM-x32\...\Steam App 272350) (Version:  - Ubisoft Singapore)
TypeScript Power Tool (HKLM-x32\...\{6E3FB6C9-8C3C-45D4-BD9E-AECA430EE8E0}) (Version: 1.5.3.0 - Microsoft Corporation) Hidden
TypeScript Tools for Microsoft Visual Studio 2015 (HKLM-x32\...\{EA2C2406-C25C-4845-842F-360EFEA4CDCE}) (Version: 1.5.3.0 - Microsoft Corporation) Hidden
TypeScript Tools for Microsoft Visual Studio 2015 1.5.3.0 (HKLM-x32\...\{7f54b430-3428-4775-aeae-531e46185ec6}) (Version: 1.5.23115.0 - Microsoft Corporation)
Universal CRT Extension SDK (HKLM-x32\...\{284FA9A0-CEDD-81D3-5A19-5858E95FD0C4}) (Version: 10.0.10150 - Microsoft Corporation) Hidden
Universal CRT Headers Libraries and Sources (HKLM-x32\...\{ABD37F71-FC3F-F525-C7B3-BDD95F684C51}) (Version: 10.0.10150 - Microsoft Corporation) Hidden
Universal CRT Redistributable (HKLM-x32\...\{74E0F5DD-514A-4F85-0EE0-1E2EBB8BFC8C}) (Version: 10.0.10150 - Microsoft Corporation) Hidden
Universal CRT Tools x64 (HKLM\...\{4C8DCEB6-5D3C-90BD-6E31-A8342B9185FF}) (Version: 10.0.10150 - Microsoft Corporation) Hidden
Universal CRT Tools x86 (HKLM-x32\...\{DE0B03D4-5A26-DEEC-F62E-278EF28BA58E}) (Version: 10.0.10150 - Microsoft Corporation) Hidden
Unturned (HKLM-x32\...\Steam App 304930) (Version:  - Nelson Sexton)
Update for  (KB2504637) (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}.KB2504637) (Version: 1 - Microsoft Corporation)
Warface (HKLM-x32\...\Steam App 291480) (Version:  - Crytek)
WARMODE (HKLM-x32\...\Steam App 391460) (Version:  - WARTEAM)
WCF Data Services 5.6.4 Runtime (HKLM-x32\...\{DB85E7BD-B2DD-43D4-B3C0-23D7B527B597}) (Version: 5.6.62175.4 - Microsoft Corporation) Hidden
WCF Data Services Tools for Microsoft Visual Studio 2015 (HKLM-x32\...\{0A3B508E-5638-4471-BCC9-954E1868CB86}) (Version: 5.6.62175.4 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Windscribe version 1.70 build 4 (HKLM-x32\...\{fa690e90-ddb0-4f0c-b3f1-136c084e5fc7}_is1) (Version: 1.70 build 4 - Windscribe)
WinPcap 4.1.3 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2980 - Riverbed Technology, Inc.)
WinSCP 5.9.1 (HKLM-x32\...\winscp3_is1) (Version: 5.9.1 - Martin Prikryl)
Wireshark 1.12.6 (64-bit) (HKLM-x32\...\Wireshark) (Version: 1.12.6 - The Wireshark developer community, hxxp://www.wireshark.org)
Virtual Audio Cable 4.10 (HKLM\...\Virtual Audio Cable 4.10) (Version:  - )
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
VMware Player (HKLM\...\{E452E727-86B8-4233-8CC3-41FD817AFAFF}) (Version: 7.1.0 - VMware, Inc.) Hidden
VMware Player (HKLM-x32\...\VMware_Player) (Version: 7.1.0 - VMware, Inc)
VNC Server 5.3.2 (HKLM\...\{BD3BF59A-3CD6-49B3-A166-E57BF55FF959}) (Version: 5.3.2.19179 - RealVNC Ltd)
VNC Viewer 5.3.2 (HKLM\...\{F10020E5-D194-469E-B494-DDCE5D76A3A0}) (Version: 5.3.2.19179 - RealVNC Ltd)
Voxal Voice Changer (HKLM-x32\...\Voxal) (Version: 1.35 - NCH Software)
Vulkan Run Time Libraries 1.0.42.1 (HKLM\...\VulkanRT1.0.42.1) (Version: 1.0.42.1 - LunarG, Inc.)
 
==================== Custom CLSID (Whitelisted): ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
CustomCLSID: HKU\S-1-5-21-3593711402-1704135711-2489708331-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
 
==================== Scheduled Tasks (Whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {0509E600-C120-4BE2-85FD-B385B7ED6F45} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2013-12-18] (Hewlett-Packard)
Task: {13F61DBF-4C25-4CD4-928A-23A86965B72A} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-05-03] (NVIDIA Corporation)
Task: {1A437A6F-2592-415A-B787-CDF8CBE939C6} - System32\Tasks\NordVPN => C:\Program Files (x86)\NordVPN\NordVPN.exe [2017-03-02] (NordVPN)
Task: {20EE4705-5C5C-454F-B3CE-AEA4028A0184} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2017-05-03] (NVIDIA Corporation)
Task: {2CD14849-0CA9-4E57-AA99-B31BBF75DD57} - System32\Tasks\MSISW_Host => C:\windows\SysWOW64\muachost.exe [2016-01-09] (MSI)
Task: {2CD92505-6B4D-4449-A2D0-70E8B900A816} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2014-01-13] (Hewlett-Packard Company)
Task: {3505DDAD-54E3-4462-8EB2-277F98D7562A} - System32\Tasks\MurGeeAutoTyper => C:\Program Files (x86)\Auto Typer by MurGee\AutoTyper.exe [2016-12-09] (MurGee.com)
Task: {503ADDEE-6979-4BE7-9789-A0513ADFA1D2} - System32\Tasks\GoogleUpdateTaskMachineCore1d12ec1cfc74f1f => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-05] (Google Inc.)
Task: {6A05C6DB-96C2-470F-8458-04CB98085056} - System32\Tasks\SweetLabs App Platform => C:\Users\elgiganten-demo\AppData\Local\SweetLabs App Platform\Engine\ServiceHostAppUpdater.exe [2016-09-18] (Pokki)
Task: {75F9169E-85EE-4E60-A0E5-46EB91AEAFCC} - System32\Tasks\COMODO\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe
Task: {7E3175CB-1C99-4DAB-A6DC-62B087FA2EB1} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-05-03] (NVIDIA Corporation)
Task: {88ABC249-1102-4551-B7E4-A966289407B9} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-01-13] (Piriform Ltd)
Task: {8B2F5235-325F-4A20-8F73-DE0F92DF1144} - System32\Tasks\GyazoUpdateTaskMachineDaily => C:\Program Files (x86)\Gyazo\GyazoUpdate.exe [2017-05-16] ()
Task: {8C923D3C-7A3D-4005-B673-152CFFAF9372} - System32\Tasks\AdobeAAMUpdater-1.0-FARFAR-elgiganten-demo => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2016-07-01] (Adobe Systems Incorporated)
Task: {8D46F609-6401-45D4-BB3F-0A1BDC4A776C} - System32\Tasks\Opera scheduled Autoupdate 1477234867 => C:\Program Files (x86)\Opera\launcher.exe [2017-03-21] (Opera Software)
Task: {905A5DDC-2058-4CDA-A0B3-CA1974C66728} - System32\Tasks\COMODO\COMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe
Task: {A5D847D2-AB7A-416E-8DBE-D815EF0901AE} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2017-05-03] (NVIDIA Corporation)
Task: {BB8388A6-7410-4D28-ADA9-775407784A06} - System32\Tasks\GyazoUpdateTaskMachine => C:\Program Files (x86)\Gyazo\GyazoUpdate.exe [2017-05-16] ()
Task: {D2420570-2547-4A86-9E7A-88CF118282D3} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-05] (Google Inc.)
Task: {D6222255-0C12-46DE-9BFD-26B541A4D3FC} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2017-05-03] (NVIDIA Corporation)
Task: {D8AF1ECF-8C7C-4EE2-A360-602C89ADBB77} - System32\Tasks\CommView Update => C:\Program Files (x86)\CommView\Updater.exe [2016-01-08] (TamoSoft)
Task: {DA5B6F3D-B9E3-4219-B12C-59A005AF26D1} - System32\Tasks\COMODO\COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10} => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe
Task: {E26861C8-DC50-42FC-B78B-21E073BAF431} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\windows\system32\MRT.exe [2017-06-14] (Microsoft Corporation)
Task: {E3CEB74E-81F3-482E-B423-3DEC60404E71} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-05] (Google Inc.)
Task: {E3ECD631-ACA3-4911-9A8B-5146AEAC1C49} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2012-11-29] (Hewlett-Packard Company)
Task: {E73911D5-480B-4750-9FBD-9B28F9E1317D} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-05-03] (NVIDIA Corporation)
Task: {EA5E7606-15BA-48C0-BB56-8167A687C1C1} - System32\Tasks\{31DDBD37-5DB7-4030-8064-10B0CAA806C3} => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe
Task: {EA7F24DE-774D-43C8-87E5-A64EBEF80A87} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-05-03] (NVIDIA Corporation)
Task: {EAB5C0E1-BBB1-40B0-A15F-431C2672AAE8} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-05-03] (NVIDIA Corporation)
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
 
==================== Shortcuts & WMI ========================
 
(The entries could be listed to be restored or removed.)
 
 
Shortcut: C:\Users\elgiganten-demo\Favorites\NCH Software Download Site.lnk -> hxxp://www.nch.com.au/index.htm
 
ShortcutWithArgument: C:\Users\elgiganten-demo\Desktop\----------\Programs shortcuts\Startprogrammet för appar i Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --show-app-list
ShortcutWithArgument: C:\Users\elgiganten-demo\AppData\Local\Google\Chrome\User Data\Startprogrammet för appar i Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --show-app-list
ShortcutWithArgument: C:\Users\elgiganten-demo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome-appar\Talkz.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) ->  --profile-directory=Default --app-id=nncdmicfhjggfogddpjjpdlhfaaaglno
 
==================== Loaded Modules (Whitelisted) ==============
 
2017-03-02 10:25 - 2017-03-02 10:25 - 00411312 _____ () C:\Program Files (x86)\NordVPN\nordvpn-service.exe
2016-12-04 14:51 - 2017-05-03 22:21 - 01267320 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
2016-10-25 09:57 - 2016-10-25 09:57 - 00491184 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll
2017-06-20 18:35 - 2017-06-15 09:29 - 03807064 _____ () C:\Program Files (x86)\Google\Chrome\Application\59.0.3071.104\libglesv2.dll
2017-06-20 18:35 - 2017-06-15 09:29 - 00100184 _____ () C:\Program Files (x86)\Google\Chrome\Application\59.0.3071.104\libegl.dll
2017-06-16 23:01 - 2017-06-16 23:01 - 31133184 _____ () C:\Users\elgiganten-demo\AppData\Local\Google\Chrome\User Data\PepperFlash\26.0.0.131\pepflashplayer.dll
2016-12-04 14:51 - 2017-05-03 22:21 - 01040504 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll
2017-01-01 05:10 - 2016-02-23 14:48 - 00082944 _____ () C:\Program Files (x86)\Cooler Master\MasterKeys Pro L With intelligent RGB\HidDevice.dll
 
==================== Alternate Data Streams (Whitelisted) =========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 
AlternateDataStreams: C:\Windows:{4B9A1497-0817-47C4-9612-D6A1C53ACF57} [26]
AlternateDataStreams: C:\Windows:{DA6227CB-326B-4B4D-9A81-04B61F1538DD} [26]
AlternateDataStreams: C:\windows\acpimof.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\CtDrvIns.exe:$CmdTcID [64]
AlternateDataStreams: C:\windows\notepad.exe:$CmdTcID [64]
AlternateDataStreams: C:\windows\PAExec.exe:$CmdTcID [64]
AlternateDataStreams: C:\windows\splwow64.exe:$CmdTcID [64]
AlternateDataStreams: C:\windows\WLXPGSS.SCR:$CmdTcID [64]
AlternateDataStreams: C:\windows\system32\advapi32.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\system32\api-ms-win-crt-conio-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\system32\api-ms-win-crt-convert-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\system32\api-ms-win-crt-environment-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\system32\api-ms-win-crt-heap-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\system32\api-ms-win-crt-locale-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\system32\api-ms-win-crt-math-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\system32\api-ms-win-crt-private-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\system32\api-ms-win-crt-process-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\system32\api-ms-win-crt-runtime-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\system32\api-ms-win-crt-stdio-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\system32\api-ms-win-crt-string-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\system32\api-ms-win-crt-time-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\system32\api-ms-win-crt-utility-l1-1-0.dll:$CmdTcID [130]
AlternateDataStreams: C:\windows\system32\apphelp.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\system32\appidapi.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\system32\appidsvc.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\system32\appinfo.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\system32\AppxAllUserStore.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\system32\AppXDeploymentExtensions.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\system32\AppXDeploymentServer.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\system32\AudioEndpointBuilder.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\system32\audiosrv.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\system32\AuthHost.exe:$CmdTcID [64]
AlternateDataStreams: C:\windows\system32\authz.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\system32\basesrv.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\system32\BFE.DLL:$CmdTcID [64]
AlternateDataStreams: C:\windows\system32\catsrvut.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\system32\cfgbkend.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\system32\COLORCNV.DLL:$CmdTcID [64]
AlternateDataStreams: C:\windows\system32\comctl32.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\system32\compstui.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\system32\comsvcs.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\system32\consent.exe:$CmdTcID [64]
AlternateDataStreams: C:\windows\system32\CPFilters.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\system32\CtCamMgr.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\system32\d2d1.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\system32\D3DCompiler_33.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\system32\D3DCompiler_34.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\system32\D3DCompiler_35.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\system32\D3DCompiler_36.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\system32\D3DCompiler_37.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\system32\D3DCompiler_38.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\system32\D3DCompiler_39.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\system32\D3DCompiler_40.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\system32\D3DCompiler_41.dll:$CmdTcID [130]
AlternateDataStreams: C:\windows\system32\D3DCompiler_42.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\system32\D3DCompiler_43.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\system32\d3dcsx_42.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\system32\d3dcsx_43.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\system32\d3dx10.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\system32\d3dx10_33.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\system32\d3dx10_34.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\system32\d3dx10_35.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\system32\d3dx10_36.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\system32\d3dx10_37.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\system32\d3dx10_38.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\system32\d3dx10_39.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\system32\d3dx10_40.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\system32\d3dx10_41.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\system32\d3dx10_42.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\system32\d3dx10_43.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\system32\d3dx11_42.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\system32\d3dx11_43.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\system32\d3dx9_24.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\system32\d3dx9_25.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\system32\d3dx9_26.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\system32\d3dx9_27.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\system32\d3dx9_28.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\system32\d3dx9_29.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\system32\d3dx9_30.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\system32\d3dx9_31.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\system32\d3dx9_32.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\system32\d3dx9_33.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\system32\d3dx9_34.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\system32\d3dx9_35.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\system32\d3dx9_36.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\system32\D3DX9_37.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\system32\D3DX9_38.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\system32\D3DX9_39.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\system32\D3DX9_40.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\system32\D3DX9_41.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\system32\D3DX9_42.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\system32\davclnt.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\system32\dbgeng.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\system32\dbghelp.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\system32\devenum.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\system32\DevicePairing.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\system32\dhcpsapi.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\system32\dsparse.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\system32\dwmcore.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\system32\dxcap.exe:$CmdTcID [64]
AlternateDataStreams: C:\windows\system32\dxcpl.exe:$CmdTcID [64]
AlternateDataStreams: C:\windows\system32\dxtmsft.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\system32\EncDec.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\system32\eventcls.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\system32\evr.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\system32\ExplorerFrame.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\system32\fhcpl.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\system32\FintekIcon1.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\system32\FWPUCLNT.DLL:$CmdTcID [64]
AlternateDataStreams: C:\windows\system32\FwRemoteSvr.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\system32\GeofenceMonitorService.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\system32\gpapi.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\system32\hgcpl.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\system32\hhctrl.ocx:$CmdTcID [64]
AlternateDataStreams: C:\windows\system32\hlink.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\system32\InkEd.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\system32\inseng.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\system32\IPHLPAPI.DLL:$CmdTcID [64]
AlternateDataStreams: C:\windows\system32\IPSECSVC.DLL:$CmdTcID [64]
AlternateDataStreams: C:\windows\system32\java.exe:$CmdTcID [64]
AlternateDataStreams: C:\windows\system32\javaw.exe:$CmdTcID [64]
AlternateDataStreams: C:\windows\system32\javaws.exe:$CmdTcID [64]
AlternateDataStreams: C:\windows\system32\jscript9diag.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\system32\KBDAZE.DLL:$CmdTcID [64]
AlternateDataStreams: C:\windows\system32\KBDAZEL.DLL:$CmdTcID [64]
AlternateDataStreams: C:\windows\system32\KBDAZST.DLL:$CmdTcID [64]
AlternateDataStreams: C:\windows\system32\kbdgeoqw.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\system32\kmddsp.tsp:$CmdTcID [64]
AlternateDataStreams: C:\windows\system32\ksproxy.ax:$CmdTcID [64]
AlternateDataStreams: C:\windows\system32\mcupdate_GenuineIntel.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\system32\MDMAgent.exe:$CmdTcID [64]
AlternateDataStreams: C:\windows\system32\mfcore.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\system32\mfds.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\system32\MFMediaEngine.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\system32\mfnetcore.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\system32\mfnetsrc.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\system32\mfplat.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\system32\mfps.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\system32\mfvdsp.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\system32\MFWMAAEC.DLL:$CmdTcID [64]
AlternateDataStreams: C:\windows\system32\MP3DMOD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\windows\system32\MP43DECD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\windows\system32\MP4SDECD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\windows\system32\MPG4DECD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\windows\system32\msftedit.dll:$CmdTcID [130]
AlternateDataStreams: C:\windows\system32\msmpeg2adec.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\system32\msra.exe:$CmdTcID [64]
AlternateDataStreams: C:\windows\system32\msrating.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\system32\mstscax.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\system32\mswsock.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\system32\msxml6.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\system32\mtxoci.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\system32\NcdAutoSetup.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\system32\ncrypt.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\system32\netcfgx.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\system32\notepad.exe:$CmdTcID [64]
AlternateDataStreams: C:\windows\system32\ntvdm64.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\system32\nvdispco6436143.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\system32\nvdispgenco6436143.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\system32\PCPKsp.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\system32\PhotoMetadataHandler.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\system32\PnkBstrA.exe:$CmdTcID [64]
AlternateDataStreams: C:\windows\system32\polstore.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\system32\PresentationCFFRasterizerNative_v0300.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\system32\profsvc.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\system32\qdvd.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\system32\qedit.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\system32\QSHVHOST.DLL:$CmdTcID [64]
AlternateDataStreams: C:\windows\system32\QSVRMGMT.DLL:$CmdTcID [64]
AlternateDataStreams: C:\windows\system32\rascfg.dll:$CmdTcID [130]
AlternateDataStreams: C:\windows\system32\rasdiag.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\system32\rasmxs.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\system32\rasser.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\system32\rdvidcrl.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\system32\RESAMPLEDMO.DLL:$CmdTcID [64]
AlternateDataStreams: C:\windows\system32\rpcrt4.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\system32\rsaenh.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\system32\schedsvc.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\system32\schtasks.exe:$CmdTcID [64]
AlternateDataStreams: C:\windows\system32\sdbinst.exe:$CmdTcID [64]
AlternateDataStreams: C:\windows\system32\seclogon.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\system32\services.exe:$CmdTcID [64]
AlternateDataStreams: C:\windows\system32\SettingMonitor.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\system32\SettingsHandlers.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\system32\SettingSync.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\system32\SettingSyncCore.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\system32\SettingSyncHost.exe:$CmdTcID [64]
AlternateDataStreams: C:\windows\system32\shacct.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\system32\SkyDrive.exe:$CmdTcID [64]
AlternateDataStreams: C:\windows\system32\SkyDriveTelemetry.dll:$CmdTcID [130]
AlternateDataStreams: C:\windows\system32\spoolsv.exe:$CmdTcID [64]
AlternateDataStreams: C:\windows\system32\SRH.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\system32\stobject.dll:$CmdTcID [130]
AlternateDataStreams: C:\windows\system32\StructuredQuery.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\system32\SyncEngine.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\system32\SysFxUI.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\system32\sysmain.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\system32\SystemEventsBrokerServer.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\system32\SystemSettings.Handlers.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\system32\SystemSettingsAdminFlows.exe:$CmdTcID [64]
AlternateDataStreams: C:\windows\system32\SystemSettingsAdminFlowUI.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\system32\SystemSettingsDatabase.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\system32\taskeng.exe:$CmdTcID [64]
AlternateDataStreams: C:\windows\system32\tdh.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\system32\themecpl.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\system32\tzsync.exe:$CmdTcID [64]
AlternateDataStreams: C:\windows\system32\UIAutomationCore.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\system32\untfs.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\system32\usercpl.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\system32\UtcResources.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\system32\VIDRESZR.DLL:$CmdTcID [64]
AlternateDataStreams: C:\windows\system32\vmnetbridge.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\system32\vnetinst.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\system32\vsgraphicsremoteengine.exe:$CmdTcID [64]
AlternateDataStreams: C:\windows\system32\vsjitdebugger.exe:$CmdTcID [64]
AlternateDataStreams: C:\windows\system32\vssapi.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\system32\vsstrace.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\system32\VSSVC.exe:$CmdTcID [64]
AlternateDataStreams: C:\windows\system32\werdiagcontroller.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\system32\wevtsvc.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\system32\WiFiDisplay.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\system32\Windows.UI.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\system32\Windows.UI.Immersive.dll:$CmdTcID [130]
AlternateDataStreams: C:\windows\system32\Windows.UI.Input.Inking.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\system32\WindowsAnytimeUpgradeui.exe:$CmdTcID [64]
AlternateDataStreams: C:\windows\system32\winlogon.exe:$CmdTcID [64]
AlternateDataStreams: C:\windows\system32\WinSetupUI.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\system32\WinSync.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\system32\WMADMOD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\windows\system32\WMADMOE.DLL:$CmdTcID [64]
AlternateDataStreams: C:\windows\system32\WMALFXGFXDSP.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\system32\WMASF.DLL:$CmdTcID [64]
AlternateDataStreams: C:\windows\system32\WMSPDMOD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\windows\system32\WMSPDMOE.DLL:$CmdTcID [64]
AlternateDataStreams: C:\windows\system32\WMVDECOD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\windows\system32\WMVENCOD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\windows\system32\WMVSDECD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\windows\system32\WMVSENCD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\windows\system32\WMVXENCD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\windows\system32\WorkfoldersControl.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\system32\workfolderssvc.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\system32\wpdshext.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\system32\ws2_32.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\system32\wscapi.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\system32\wscsvc.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\system32\WSDApi.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\system32\WSDMon.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\system32\WsmAgent.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\system32\WsmAuto.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\system32\WSShared.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\system32\wups.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\system32\wups2.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\system32\x3daudio1_0.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\system32\x3daudio1_1.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\system32\X3DAudio1_2.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\system32\X3DAudio1_3.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\system32\X3DAudio1_4.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\system32\X3DAudio1_5.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\system32\X3DAudio1_6.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\system32\X3DAudio1_7.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\system32\xactengine2_0.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\system32\xactengine2_1.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\system32\xactengine2_10.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\system32\xactengine2_3.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\system32\xactengine2_4.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\system32\xactengine2_5.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\system32\xactengine2_6.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\system32\xactengine2_7.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\system32\xactengine2_8.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\system32\xactengine2_9.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\system32\xactengine3_0.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\system32\xactengine3_1.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\system32\xactengine3_2.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\system32\xactengine3_3.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\system32\xactengine3_4.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\system32\xactengine3_5.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\system32\xactengine3_6.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\system32\xactengine3_7.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\system32\XAPOFX1_0.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\system32\XAPOFX1_1.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\system32\XAPOFX1_2.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\system32\XAPOFX1_3.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\system32\XAPOFX1_4.dll:$CmdTcID [130]
AlternateDataStreams: C:\windows\system32\XAPOFX1_5.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\system32\XAudio2_0.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\system32\XAudio2_1.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\system32\XAudio2_2.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\system32\XAudio2_3.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\system32\XAudio2_4.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\system32\XAudio2_5.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\system32\XAudio2_6.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\system32\XAudio2_7.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\system32\xinput1_1.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\system32\xinput1_2.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\system32\xinput1_3.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\SysWOW64\advapi32.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\SysWOW64\api-ms-win-crt-conio-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\SysWOW64\api-ms-win-crt-convert-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\SysWOW64\api-ms-win-crt-environment-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\SysWOW64\api-ms-win-crt-filesystem-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\SysWOW64\api-ms-win-crt-math-l1-1-0.dll:$CmdTcID [130]
AlternateDataStreams: C:\windows\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\SysWOW64\api-ms-win-crt-private-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\SysWOW64\api-ms-win-crt-process-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\SysWOW64\api-ms-win-crt-runtime-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\SysWOW64\api-ms-win-crt-stdio-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\SysWOW64\api-ms-win-crt-string-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\SysWOW64\api-ms-win-crt-time-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\SysWOW64\api-ms-win-crt-utility-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\SysWOW64\appidapi.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\SysWOW64\AppxAllUserStore.dll:$CmdTcID [130]
AlternateDataStreams: C:\windows\SysWOW64\authz.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\SysWOW64\catsrvut.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\SysWOW64\cfgbkend.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\SysWOW64\COLORCNV.DLL:$CmdTcID [64]
AlternateDataStreams: C:\windows\SysWOW64\comctl32.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\SysWOW64\comsvcs.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\SysWOW64\CPFilters.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\SysWOW64\CtCamMgr.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\SysWOW64\cximage.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\SysWOW64\d2d1.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\SysWOW64\D3DCompiler_33.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\SysWOW64\D3DCompiler_34.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\SysWOW64\D3DCompiler_35.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\SysWOW64\D3DCompiler_36.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\SysWOW64\D3DCompiler_37.dll:$CmdTcID [130]
AlternateDataStreams: C:\windows\SysWOW64\D3DCompiler_38.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\SysWOW64\D3DCompiler_39.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\SysWOW64\D3DCompiler_40.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\SysWOW64\D3DCompiler_41.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\SysWOW64\D3DCompiler_42.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\SysWOW64\D3DCompiler_43.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\SysWOW64\d3dcsx_42.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\SysWOW64\d3dcsx_43.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\SysWOW64\d3dx10.dll:$CmdTcID [130]
AlternateDataStreams: C:\windows\SysWOW64\d3dx10_33.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\SysWOW64\d3dx10_34.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\SysWOW64\d3dx10_35.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\SysWOW64\d3dx10_36.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\SysWOW64\d3dx10_37.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\SysWOW64\d3dx10_38.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\SysWOW64\d3dx10_39.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\SysWOW64\d3dx10_40.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\SysWOW64\d3dx10_41.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\SysWOW64\d3dx10_42.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\SysWOW64\d3dx10_43.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\SysWOW64\d3dx11_42.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\SysWOW64\d3dx11_43.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\SysWOW64\d3dx9_24.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\SysWOW64\d3dx9_25.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\SysWOW64\d3dx9_26.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\SysWOW64\d3dx9_27.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\SysWOW64\d3dx9_28.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\SysWOW64\d3dx9_29.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\SysWOW64\d3dx9_30.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\SysWOW64\d3dx9_31.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\SysWOW64\d3dx9_32.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\SysWOW64\d3dx9_33.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\SysWOW64\d3dx9_34.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\SysWOW64\d3dx9_35.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\SysWOW64\d3dx9_36.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\SysWOW64\D3DX9_37.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\SysWOW64\D3DX9_38.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\SysWOW64\D3DX9_39.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\SysWOW64\D3DX9_40.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\SysWOW64\D3DX9_41.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\SysWOW64\D3DX9_42.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\SysWOW64\D3DX9_43.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\SysWOW64\davclnt.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\SysWOW64\dbgeng.dll:$CmdTcID [130]
AlternateDataStreams: C:\windows\SysWOW64\dbghelp.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\SysWOW64\devenum.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\SysWOW64\DevicePairing.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\SysWOW64\dhcpsapi.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\SysWOW64\dsparse.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\SysWOW64\dwmcore.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\SysWOW64\dxcap.exe:$CmdTcID [64]
AlternateDataStreams: C:\windows\SysWOW64\dxcpl.exe:$CmdTcID [64]
AlternateDataStreams: C:\windows\SysWOW64\dxtmsft.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\SysWOW64\EncDec.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\SysWOW64\eventcls.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\SysWOW64\evr.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\SysWOW64\ExplorerFrame.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\SysWOW64\FWPUCLNT.DLL:$CmdTcID [64]
AlternateDataStreams: C:\windows\SysWOW64\FwRemoteSvr.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\SysWOW64\GeofenceMonitorService.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\SysWOW64\GlobCollationHost.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\SysWOW64\gpapi.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\SysWOW64\hgcpl.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\SysWOW64\hhctrl.ocx:$CmdTcID [64]
AlternateDataStreams: C:\windows\SysWOW64\hlink.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\SysWOW64\ieui.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\SysWOW64\InkEd.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\SysWOW64\IPHLPAPI.DLL:$CmdTcID [64]
AlternateDataStreams: C:\windows\SysWOW64\jscript9diag.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\SysWOW64\KBDAZE.DLL:$CmdTcID [64]
AlternateDataStreams: C:\windows\SysWOW64\KBDAZEL.DLL:$CmdTcID [64]
AlternateDataStreams: C:\windows\SysWOW64\KBDAZST.DLL:$CmdTcID [64]
AlternateDataStreams: C:\windows\SysWOW64\kbdgeoqw.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\SysWOW64\kmddsp.tsp:$CmdTcID [64]
AlternateDataStreams: C:\windows\SysWOW64\ksproxy.ax:$CmdTcID [64]
AlternateDataStreams: C:\windows\SysWOW64\mfcore.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\SysWOW64\mfds.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\SysWOW64\MFMediaEngine.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\SysWOW64\mfnetcore.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\SysWOW64\mfnetsrc.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\SysWOW64\mfplat.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\SysWOW64\mfps.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\SysWOW64\mfvdsp.dll:$CmdTcID [130]
AlternateDataStreams: C:\windows\SysWOW64\MFWMAAEC.DLL:$CmdTcID [64]
AlternateDataStreams: C:\windows\SysWOW64\MP3DMOD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\windows\SysWOW64\MP43DECD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\windows\SysWOW64\MP4SDECD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\windows\SysWOW64\MPG4DECD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\windows\SysWOW64\msftedit.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\SysWOW64\msmpeg2adec.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\SysWOW64\msorcl32.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\SysWOW64\msrating.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\SysWOW64\mstscax.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\SysWOW64\mswsock.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\SysWOW64\msxml3a.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\SysWOW64\msxml6.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\SysWOW64\mtxoci.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\SysWOW64\muachost.exe:$CmdTcID [64]
AlternateDataStreams: C:\windows\SysWOW64\ncrypt.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\SysWOW64\netcfgx.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\SysWOW64\notepad.exe:$CmdTcID [64]
AlternateDataStreams: C:\windows\SysWOW64\nshwfp.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\SysWOW64\ntvdm64.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\SysWOW64\PCPKsp.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\SysWOW64\PCWizard.cpl:$CmdTcID [130]
AlternateDataStreams: C:\windows\SysWOW64\PhotoMetadataHandler.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\SysWOW64\polstore.dll:$CmdTcID [130]
AlternateDataStreams: C:\windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\SysWOW64\qdvd.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\SysWOW64\qedit.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\SysWOW64\QSHVHOST.DLL:$CmdTcID [64]
AlternateDataStreams: C:\windows\SysWOW64\QSVRMGMT.DLL:$CmdTcID [64]
AlternateDataStreams: C:\windows\SysWOW64\rascfg.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\SysWOW64\rasdiag.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\SysWOW64\rasmxs.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\SysWOW64\rasser.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\SysWOW64\rdvidcrl.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\SysWOW64\RESAMPLEDMO.DLL:$CmdTcID [64]
AlternateDataStreams: C:\windows\SysWOW64\rgb9rast.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\SysWOW64\rpcrt4.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\SysWOW64\rsaenh.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\SysWOW64\schtasks.exe:$CmdTcID [64]
AlternateDataStreams: C:\windows\SysWOW64\sdbinst.exe:$CmdTcID [64]
AlternateDataStreams: C:\windows\SysWOW64\SettingMonitor.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\SysWOW64\SettingSync.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\SysWOW64\SettingSyncCore.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\SysWOW64\SettingSyncHost.exe:$CmdTcID [64]
AlternateDataStreams: C:\windows\SysWOW64\shacct.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\SysWOW64\SRH.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\SysWOW64\stobject.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\SysWOW64\StructuredQuery.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\SysWOW64\taskeng.exe:$CmdTcID [64]
AlternateDataStreams: C:\windows\SysWOW64\tdh.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\SysWOW64\themecpl.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\SysWOW64\UIAutomationCore.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\SysWOW64\untfs.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\SysWOW64\usercpl.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\SysWOW64\V0270Ext.ax:$CmdTcID [64]
AlternateDataStreams: C:\windows\SysWOW64\V0270Hwx.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\SysWOW64\V0270Srv.exe:$CmdTcID [64]
AlternateDataStreams: C:\windows\SysWOW64\VIDRESZR.DLL:$CmdTcID [64]
AlternateDataStreams: C:\windows\SysWOW64\vmnat.exe:$CmdTcID [64]
AlternateDataStreams: C:\windows\SysWOW64\vmnetdhcp.exe:$CmdTcID [64]
AlternateDataStreams: C:\windows\SysWOW64\vsd3dwarpdebug.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\SysWOW64\vsgraphicsremoteengine.exe:$CmdTcID [130]
AlternateDataStreams: C:\windows\SysWOW64\vsjitdebugger.exe:$CmdTcID [64]
AlternateDataStreams: C:\windows\SysWOW64\vssapi.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\SysWOW64\vsstrace.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\SysWOW64\Windows.UI.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\SysWOW64\Windows.UI.Immersive.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\SysWOW64\Windows.UI.Input.Inking.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\SysWOW64\WinSync.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\SysWOW64\WMADMOD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\windows\SysWOW64\WMADMOE.DLL:$CmdTcID [64]
AlternateDataStreams: C:\windows\SysWOW64\WMASF.DLL:$CmdTcID [64]
AlternateDataStreams: C:\windows\SysWOW64\WMSPDMOD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\windows\SysWOW64\WMSPDMOE.DLL:$CmdTcID [64]
AlternateDataStreams: C:\windows\SysWOW64\WMVDECOD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\windows\SysWOW64\WMVENCOD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\windows\SysWOW64\WMVSDECD.DLL:$CmdTcID [130]
AlternateDataStreams: C:\windows\SysWOW64\WMVSENCD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\windows\SysWOW64\WMVXENCD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\windows\SysWOW64\wpdshext.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\SysWOW64\ws2_32.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\SysWOW64\wscapi.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\SysWOW64\WSDApi.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\SysWOW64\WsmAgent.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\SysWOW64\WsmAuto.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\SysWOW64\WSShared.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\SysWOW64\wups.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\SysWOW64\x3daudio1_0.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\SysWOW64\x3daudio1_1.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\SysWOW64\X3DAudio1_2.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\SysWOW64\X3DAudio1_3.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\SysWOW64\X3DAudio1_4.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\SysWOW64\X3DAudio1_5.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\SysWOW64\X3DAudio1_6.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\SysWOW64\X3DAudio1_7.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\SysWOW64\xactengine2_0.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\SysWOW64\xactengine2_1.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\SysWOW64\xactengine2_10.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\SysWOW64\xactengine2_2.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\SysWOW64\xactengine2_3.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\SysWOW64\xactengine2_4.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\SysWOW64\xactengine2_5.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\SysWOW64\xactengine2_6.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\SysWOW64\xactengine2_7.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\SysWOW64\xactengine2_8.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\SysWOW64\xactengine2_9.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\SysWOW64\xactengine3_0.dll:$CmdTcID [130]
AlternateDataStreams: C:\windows\SysWOW64\xactengine3_1.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\SysWOW64\xactengine3_2.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\SysWOW64\xactengine3_3.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\SysWOW64\xactengine3_4.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\SysWOW64\xactengine3_5.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\SysWOW64\xactengine3_6.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\SysWOW64\xactengine3_7.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\SysWOW64\XAPOFX1_0.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\SysWOW64\XAPOFX1_1.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\SysWOW64\XAPOFX1_2.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\SysWOW64\XAPOFX1_3.dll:$CmdTcID [32]
AlternateDataStreams: C:\windows\SysWOW64\XAPOFX1_4.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\SysWOW64\XAPOFX1_5.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\SysWOW64\XAudio2_0.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\SysWOW64\XAudio2_1.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\SysWOW64\XAudio2_2.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\SysWOW64\XAudio2_3.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\SysWOW64\XAudio2_4.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\SysWOW64\XAudio2_5.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\SysWOW64\XAudio2_6.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\SysWOW64\XAudio2_7.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\SysWOW64\xinput1_1.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\SysWOW64\xinput1_2.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\SysWOW64\xinput1_3.dll:$CmdTcID [64]
AlternateDataStreams: C:\windows\SysWOW64\xliveinstallhost.exe:$CmdTcID [64]
AlternateDataStreams: C:\windows\system32\Drivers\afd.sys:$CmdTcID [64]
AlternateDataStreams: C:\windows\system32\Drivers\ahcache.sys:$CmdTcID [64]
AlternateDataStreams: C:\windows\system32\Drivers\athwbx.sys:$CmdTcID [64]
AlternateDataStreams: C:\windows\system32\Drivers\bthhfenum.sys:$CmdTcID [64]
AlternateDataStreams: C:\windows\system32\Drivers\dam.sys:$CmdTcID [64]
AlternateDataStreams: C:\windows\system32\Drivers\disk.sys:$CmdTcID [130]
AlternateDataStreams: C:\windows\system32\Drivers\dumpsd.sys:$CmdTcID [64]
AlternateDataStreams: C:\windows\system32\Drivers\FWPKCLNT.SYS:$CmdTcID [64]
AlternateDataStreams: C:\windows\system32\Drivers\I2cHkBurn.sys:$CmdTcID [64]
AlternateDataStreams: C:\windows\system32\Drivers\i8042prt.sys:$CmdTcID [64]
AlternateDataStreams: C:\windows\system32\Drivers\intelpep.sys:$CmdTcID [64]
AlternateDataStreams: C:\windows\system32\Drivers\IPMIDrv.sys:$CmdTcID [64]
AlternateDataStreams: C:\windows\system32\Drivers\kbdclass.sys:$CmdTcID [64]
AlternateDataStreams: C:\windows\system32\Drivers\kbdhid.sys:$CmdTcID [64]
AlternateDataStreams: C:\windows\system32\Drivers\KMWDFILTER.sys:$CmdTcID [64]
AlternateDataStreams: C:\windows\system32\Drivers\mouclass.sys:$CmdTcID [64]
AlternateDataStreams: C:\windows\system32\Drivers\mouhid.sys:$CmdTcID [64]
AlternateDataStreams: C:\windows\system32\Drivers\ndistapi.sys:$CmdTcID [64]
AlternateDataStreams: C:\windows\system32\Drivers\ndproxy.sys:$CmdTcID [64]
AlternateDataStreams: C:\windows\system32\Drivers\netbt.sys:$CmdTcID [64]
AlternateDataStreams: C:\windows\system32\Drivers\netio.sys:$CmdTcID [64]
AlternateDataStreams: C:\windows\system32\Drivers\pdc.sys:$CmdTcID [64]
AlternateDataStreams: C:\windows\system32\Drivers\rasl2tp.sys:$CmdTcID [64]
AlternateDataStreams: C:\windows\system32\Drivers\rmcast.sys:$CmdTcID [64]
AlternateDataStreams: C:\windows\system32\Drivers\sdbus.sys:$CmdTcID [64]
AlternateDataStreams: C:\windows\system32\Drivers\sermouse.sys:$CmdTcID [64]
AlternateDataStreams: C:\windows\system32\Drivers\tpm.sys:$CmdTcID [64]
AlternateDataStreams: C:\windows\system32\Drivers\tunnel.sys:$CmdTcID [64]
AlternateDataStreams: C:\windows\system32\Drivers\udfs.sys:$CmdTcID [64]
AlternateDataStreams: C:\windows\system32\Drivers\usb8023.sys:$CmdTcID [64]
AlternateDataStreams: C:\windows\system32\Drivers\usbd.sys:$CmdTcID [64]
AlternateDataStreams: C:\windows\system32\Drivers\usbehci.sys:$CmdTcID [64]
AlternateDataStreams: C:\windows\system32\Drivers\usbhub.sys:$CmdTcID [64]
AlternateDataStreams: C:\windows\system32\Drivers\USBHUB3.SYS:$CmdTcID [64]
AlternateDataStreams: C:\windows\system32\Drivers\usbohci.sys:$CmdTcID [64]
AlternateDataStreams: C:\windows\system32\Drivers\usbport.sys:$CmdTcID [64]
AlternateDataStreams: C:\windows\system32\Drivers\USBSTOR.SYS:$CmdTcID [64]
AlternateDataStreams: C:\windows\system32\Drivers\usbuhci.sys:$CmdTcID [64]
AlternateDataStreams: C:\windows\system32\Drivers\USBXHCI.SYS:$CmdTcID [64]
AlternateDataStreams: C:\windows\system32\Drivers\vmci.sys:$CmdTcID [64]
AlternateDataStreams: C:\windows\system32\Drivers\vmnet.sys:$CmdTcID [64]
AlternateDataStreams: C:\windows\system32\Drivers\vmnetadapter.sys:$CmdTcID [64]
AlternateDataStreams: C:\windows\system32\Drivers\vmnetbridge.sys:$CmdTcID [64]
AlternateDataStreams: C:\windows\system32\Drivers\volmgr.sys:$CmdTcID [64]
AlternateDataStreams: C:\windows\system32\Drivers\volsnap.sys:$CmdTcID [64]
AlternateDataStreams: C:\windows\system32\Drivers\vpci.sys:$CmdTcID [64]
AlternateDataStreams: C:\windows\system32\Drivers\wanarp.sys:$CmdTcID [64]
AlternateDataStreams: C:\windows\system32\Drivers\wfplwfs.sys:$CmdTcID [64]
AlternateDataStreams: C:\windows\system32\Drivers\winusb.sys:$CmdTcID [64]
 
==================== Safe Mode (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot => "AlternateShell"=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\88159310.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PAexec => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\88159310.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PAexec => ""="Service"
 
==================== Association (Whitelisted) ===============
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
 
HKU\S-1-5-21-3593711402-1704135711-2489708331-1001\Software\Classes\exefile:  <==== ATTENTION
HKU\S-1-5-21-3593711402-1704135711-2489708331-1001\Software\Classes\.exe: exefile =>  <==== ATTENTION
 
==================== Internet Explorer trusted/restricted ===============
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
 
==================== Hosts content: ==========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2013-08-22 15:25 - 2017-06-06 20:51 - 00000077 _____ C:\windows\system32\Drivers\etc\hosts
 
35.156.90.191 authserver.mojang.com
35.156.90.191 sessionserver.mojang.com
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-3593711402-1704135711-2489708331-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\elgiganten-demo\Desktop\Deskt-\sweden_stockholm_winter_night_city_hall_lights_reflection_82522_1920x1080.jpg
DNS Servers: 208.67.222.123 - 208.67.220.123
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
MSCONFIG\Services: 0242891429271669mcinstcleanup => 2
MSCONFIG\Services: BstHdAndroidSvc => 2
MSCONFIG\Services: BstHdLogRotatorSvc => 3
MSCONFIG\Services: BstHdPlusAndroidSvc => 3
MSCONFIG\Services: BstHdUpdaterSvc => 3
MSCONFIG\Services: DirMngr => 2
MSCONFIG\Services: ExpressCache => 2
MSCONFIG\Services: GamingApp_Service => 2
MSCONFIG\Services: GamingHotkey_Service => 2
MSCONFIG\Services: GfExperienceService => 2
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: HP Support Assistant Service => 2
MSCONFIG\Services: hpqwmiex => 3
MSCONFIG\Services: MBAMService => 2
MSCONFIG\Services: MSI_LiveUpdate_Service => 2
MSCONFIG\Services: NvNetworkService => 2
MSCONFIG\Services: NvStreamNetworkSvc => 3
MSCONFIG\Services: NvStreamSvc => 2
MSCONFIG\Services: nvsvc => 2
MSCONFIG\Services: omniserv => 2
MSCONFIG\Services: PAExec => 3
MSCONFIG\Services: PnkBstrA => 2
MSCONFIG\Services: QHActiveDefense => 
MSCONFIG\Services: rpcapd => 3
MSCONFIG\Services: SkypeUpdate => 2
MSCONFIG\Services: STacSV => 2
MSCONFIG\Services: Stereo Service => 2
MSCONFIG\Services: TeamViewer => 2
MSCONFIG\Services: VMAuthdService => 2
MSCONFIG\Services: VMnetDHCP => 2
MSCONFIG\Services: VMUSBArbService => 2
MSCONFIG\Services: VMware NAT Service => 2
HKLM\...\StartupApproved\Run: => "SysTrayApp"
HKLM\...\StartupApproved\Run: => "BeatsOSDApp"
HKLM\...\StartupApproved\Run: => "SimplePass"
HKLM\...\StartupApproved\Run: => "OPBHOBroker"
HKLM\...\StartupApproved\Run: => "OPBHOBrokerDesktop"
HKLM\...\StartupApproved\Run: => "NvBackend"
HKLM\...\StartupApproved\Run: => "ShadowPlay"
HKLM\...\StartupApproved\Run: => "Launch LCore"
HKLM\...\StartupApproved\Run32: => "ADX AFPV0114 Gaming Mouse"
HKLM\...\StartupApproved\Run32: => "Live Update"
HKLM\...\StartupApproved\Run32: => "StereoLinksInstall"
HKU\S-1-5-21-3593711402-1704135711-2489708331-1001\...\StartupApproved\Run: => "Pokki"
HKU\S-1-5-21-3593711402-1704135711-2489708331-1001\...\StartupApproved\Run: => "Skype"
HKU\S-1-5-21-3593711402-1704135711-2489708331-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-3593711402-1704135711-2489708331-1001\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-3593711402-1704135711-2489708331-1001\...\StartupApproved\Run: => "BlueStacks Agent"
HKU\S-1-5-21-3593711402-1704135711-2489708331-1001\...\StartupApproved\Run: => "SandboxieControl"
HKU\S-1-5-21-3593711402-1704135711-2489708331-1001\...\StartupApproved\Run: => "GoogleChromeAutoLaunch_D41432CA7954C8ED41DD1BEB3ADAA803"
HKU\S-1-5-21-3593711402-1704135711-2489708331-1001\...\StartupApproved\Run: => "icq.desktop"
 
==================== FirewallRules (Whitelisted) ===============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [{EB4CC47A-CA24-4C7D-877F-591F1E233975}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDirector10\PDR10.EXE
FirewallRules: [{72B6371F-F999-4AF5-A6D6-723FE1B81725}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12.exe
FirewallRules: [{7627A017-D922-43E7-84F0-52B893BE05C7}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe
FirewallRules: [{AE8AFCE2-118A-45C7-A245-8858337A6360}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe
FirewallRules: [{7091D5E1-26C3-40EE-A658-CFD7078EC4FA}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12Agent.exe
FirewallRules: [{27DDB171-2C24-4E42-852A-DACB98E76B18}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12ML.exe
FirewallRules: [{60793BA7-02C7-45AB-B5B4-9AB3329ADA55}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDVD12\Movie\PowerDVD.exe
FirewallRules: [{17C4D8C6-C0B2-4AA8-9D95-DC4722DEBF93}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [TCP Query User{121E3333-220F-471F-BBFB-3ED0CEDC2EF5}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{58F656D7-7546-4B53-95F4-0A95BCEFA09B}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [TCP Query User{05BF2BEA-267C-4398-BBA2-F283888634C7}C:\users\elgiganten-demo\downloads\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\users\elgiganten-demo\downloads\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{7C227C2E-2DA9-4C8D-A2A5-C7C2E7D685D4}C:\users\elgiganten-demo\downloads\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\users\elgiganten-demo\downloads\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [TCP Query User{B8459EC1-5D7C-4DEC-BC3F-ABB386ACE023}C:\users\elgiganten-demo\desktop\alla filer\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\users\elgiganten-demo\desktop\alla filer\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{359A2107-C5AE-4D09-B20B-21365D666478}C:\users\elgiganten-demo\desktop\alla filer\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\users\elgiganten-demo\desktop\alla filer\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [{74C6F5A4-28AD-404F-8E63-83B15EB88253}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{3167F695-A9E1-4C8E-98DA-8D4D5614C014}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{F69FCCD9-A2B3-4A6E-8118-6412A77B8A03}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{26C0C3C1-BF3F-4AB8-8D64-E975C6184D8A}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{0318777A-605E-41CC-97F8-F0412AE73DCA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Unturned\Unturned.exe
FirewallRules: [{C63CC058-AE8A-4156-98E9-6063B0172E9C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Unturned\Unturned.exe
FirewallRules: [{46067F1D-DEFD-4CA2-93AC-C4CFBF4F2500}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Team Fortress 2\hl2.exe
FirewallRules: [{7A391BF8-8642-4776-B6F9-1DB890FB717B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Team Fortress 2\hl2.exe
FirewallRules: [{0FAF0EA3-2D28-4776-B412-2B1AC2F10461}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Robocraft\Robocraft.exe
FirewallRules: [{45E32560-6120-4B44-B5D6-C8865750C28F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Robocraft\Robocraft.exe
FirewallRules: [{241884E8-7BCD-4E49-9C27-C70446DA8C9C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\APB Reloaded\Launcher\APBLauncher.exe
FirewallRules: [{1D749D21-72D8-4633-8627-7191EE08A1DE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\APB Reloaded\Launcher\APBLauncher.exe
FirewallRules: [{4D3EB559-1A34-42C4-93F7-D9E8356B5C88}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [{42D59C57-5E92-4485-A6A7-3D85F2404232}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [{9C1F7476-738F-43C3-96A9-33E322106DD0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Tom Clancy's Ghost Recon Phantoms - EU\Launcher.exe
FirewallRules: [{5808B8C8-FFFB-4501-825E-6FFDA7E1C534}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Tom Clancy's Ghost Recon Phantoms - EU\Launcher.exe
FirewallRules: [{83DBA5E8-D8D0-48EC-AA28-6236E5D9EC72}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Call of Duty Advanced Warfare\s1_mp64_ship.exe
FirewallRules: [{015A4187-1F2D-4F0B-B46A-5F628BD1EE2A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Call of Duty Advanced Warfare\s1_mp64_ship.exe
FirewallRules: [{6C2F51EC-E680-46F9-9205-50F5D16BA56D}] => (Allow) C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe
FirewallRules: [{51BC6176-60A7-4E8A-A02C-2FD4DFA212CB}] => (Allow) C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe
FirewallRules: [TCP Query User{3B8E8041-3BA3-4BCD-8020-1BEB25ED0630}C:\program files (x86)\steam\steamapps\common\tom clancy's ghost recon phantoms - eu\game\pdc-live\ghostreconphantoms.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\tom clancy's ghost recon phantoms - eu\game\pdc-live\ghostreconphantoms.exe
FirewallRules: [UDP Query User{B3FF2EF6-6126-44E9-B9F6-42CAB4FB2130}C:\program files (x86)\steam\steamapps\common\tom clancy's ghost recon phantoms - eu\game\pdc-live\ghostreconphantoms.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\tom clancy's ghost recon phantoms - eu\game\pdc-live\ghostreconphantoms.exe
FirewallRules: [{EF663E9D-541F-4B7F-A044-4B3CFC75B654}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\APB Reloaded\Binaries\APB.exe
FirewallRules: [{4118D9D6-1134-4F74-A207-8D6A077EE97E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\APB Reloaded\Binaries\APB.exe
FirewallRules: [{85D77049-6F4F-4ABD-8828-251B883810FB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\APB Reloaded\Binaries\VivoxVoiceService.exe
FirewallRules: [{60E26C3B-B267-4E3D-B84A-1B2EC5AC18FC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\APB Reloaded\Binaries\VivoxVoiceService.exe
FirewallRules: [{71168F72-E1FB-451F-8218-421F3412BB58}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SKILL\DFUBG.exe
FirewallRules: [{B43D4D1C-B4E5-4748-BAEA-0E6D9619E8CE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SKILL\DFUBG.exe
FirewallRules: [{64D445F4-621C-4371-9E1C-3204C3D2A94D}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\bf4_x86.exe
FirewallRules: [{EFFD4F85-5067-422D-A822-6482DE4578E3}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\bf4_x86.exe
FirewallRules: [{EF2FB6AC-92BE-4CA7-9CE8-A8E2708BA20D}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\bf4.exe
FirewallRules: [{2DDB3EDE-EFC6-45F9-BB21-4209E36DFE37}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\bf4.exe
FirewallRules: [{B3ABA67A-D6DF-4E89-A2E9-502E5FDDF8F3}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{42D09D4A-68D1-4661-A6A2-81F8EACE0844}] => (Allow) LPort=2869
FirewallRules: [{FCCE36BD-AB91-4C4F-9BF7-C91D86FADFE6}] => (Allow) LPort=1900
FirewallRules: [{0F277CFB-7596-47A1-8899-551C062622DB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Fallout 3\FalloutLauncher.exe
FirewallRules: [{5EDECC42-8A93-4CFB-8A53-614BC16D47EB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Fallout 3\FalloutLauncher.exe
FirewallRules: [{39C6F41F-7B53-4C10-B25F-CB766C517A8D}] => (Allow) C:\Program Files (x86)\Microsoft Visual Studio 14.0\Common7\IDE\devenv.exe
FirewallRules: [{F0155847-422A-473F-9594-FC834C2860C2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\WARMODE\warmode.exe
FirewallRules: [{E8107788-2F8D-458C-B46F-603944D36930}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\WARMODE\warmode.exe
FirewallRules: [{FB7911E8-2C4C-47F6-9A61-85AA9F79AF00}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{4FA725A9-2FD6-4D0C-B463-CDB3432A5957}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{2080FA62-2B92-4DFE-9201-054D86A99956}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{F29D5A41-C090-45BE-824F-A32DF9FEA14B}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{E3CFB468-52CD-4343-A373-E1FB8BA3C9EA}] => (Allow) C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe
FirewallRules: [{73C49AED-60C3-48BD-8B06-420A7E62D9F8}] => (Allow) C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe
FirewallRules: [{701103A9-6B1C-4BC4-919B-6C3CE1273841}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\BF4WebHelper.exe
FirewallRules: [{2AEDAD03-4A8C-4C1B-ADB5-0521A655343C}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\BF4WebHelper.exe
FirewallRules: [{2028384D-A2E5-4350-98EF-19409E908AEE}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\BF4X86WebHelper.exe
FirewallRules: [{187055C7-6A25-4EAC-8ED4-36CF67BA7B41}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\BF4X86WebHelper.exe
FirewallRules: [{5CAED7BB-EA12-48AB-BD44-CE008AF4F55F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Grand Theft Auto V\GTAVLauncher.exe
FirewallRules: [{2162B5F8-10E8-47AA-A570-249808EB538C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Grand Theft Auto V\GTAVLauncher.exe
FirewallRules: [TCP Query User{30472F72-2759-46C9-8304-EEDF6634F779}C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe
FirewallRules: [UDP Query User{713B990C-60CC-4FB4-BEA5-49E669FB2975}C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe
FirewallRules: [{45A052E8-3C2A-4C95-937C-3E8C2DC5974E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Source\hl2.exe
FirewallRules: [{D26CED1D-320A-4DEB-8D09-8FDA4F442827}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Source\hl2.exe
FirewallRules: [{BD059E17-9EAC-4F6D-BF8B-A209F73D99DB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\rFactor Demo\rFactor.exe
FirewallRules: [{D2111FD3-BC58-4101-8E88-E0533A28093F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\rFactor Demo\rFactor.exe
FirewallRules: [{1C5F4DE8-0831-4C9E-B1E9-D2968C109484}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\rFactor Demo\rF Config.exe
FirewallRules: [{5091F690-19C3-4747-933A-0172D716CC86}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\rFactor Demo\rF Config.exe
FirewallRules: [{4F2B544D-CABA-4007-8983-BFBDA205E36C}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPDeviceDetection3.exe
FirewallRules: [{9B00EE8A-C3BC-4339-ADDB-EAC489310292}] => (Allow) C:\ProgramData\BlueStacksGameManager\OBS\HD-OBS.exe
FirewallRules: [{B5312830-9261-471B-ACED-2222F4BDFA81}] => (Allow) C:\ProgramData\BlueStacksGameManager\OBS\HD-OBS.exe
FirewallRules: [{1D1C9E11-B6D4-4B91-AC8B-CC9F7380EC26}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warface\live\nw.exe
FirewallRules: [{042D82B7-4B03-4C28-9135-A758D100A3DF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warface\live\nw.exe
FirewallRules: [{AF95BA7B-1752-49A3-951B-869F1F517F6E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Aftermath\AMLauncher.exe
FirewallRules: [{8484B640-7CF3-4632-A845-1D8C82819169}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Aftermath\AMLauncher.exe
FirewallRules: [TCP Query User{E2910ECD-3BC0-4562-8C8B-D3B8455D1BFC}C:\program files (x86)\steam\steamapps\common\aftermath\amlauncher.exe.new.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\aftermath\amlauncher.exe.new.exe
FirewallRules: [UDP Query User{7952CD4C-3B6F-4702-B3A7-DEF1EC0BD503}C:\program files (x86)\steam\steamapps\common\aftermath\amlauncher.exe.new.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\aftermath\amlauncher.exe.new.exe
FirewallRules: [TCP Query User{4EC5FA9A-20F4-4E80-B39F-2A218DD4D0D8}C:\program files\java\jre1.8.0_60\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_60\bin\javaw.exe
FirewallRules: [UDP Query User{997F0E57-EB82-42D2-9C20-8DFDF7772D8B}C:\program files\java\jre1.8.0_60\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_60\bin\javaw.exe
FirewallRules: [{4E64468B-DF1C-4483-B301-510FDC3D7284}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Grand Theft Auto IV\GTAIV\LaunchGTAIV.exe
FirewallRules: [{5BCE1FBA-9C1B-4535-BA43-6E2DD28B47CE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Grand Theft Auto IV\GTAIV\LaunchGTAIV.exe
FirewallRules: [{79FB5B7A-12A5-4066-A599-9A9621B84CFC}] => (Allow) C:\Program Files (x86)\FlyVPN\FlyVPN.exe
FirewallRules: [{97972E95-4E1B-4873-AB02-A49706841EEC}] => (Allow) C:\Program Files\Rockstar Games\Grand Theft Auto V\GTA5.exe
FirewallRules: [{D1AA4CBC-F280-4EB4-BBD8-7AEBACF92457}] => (Allow) C:\Program Files\Rockstar Games\Grand Theft Auto V\GTA5.exe
FirewallRules: [{491B67EE-D908-4FA5-A382-A5B304FB0787}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Creativerse\Creativerse.exe
FirewallRules: [{FA2BB7D6-75E1-4814-A4EA-1A52D835BDC2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Creativerse\Creativerse.exe
FirewallRules: [{C0CADBBE-C755-452B-AFBB-701AFA965518}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\RisingWorld\risingworldx64.exe
FirewallRules: [{5DA10135-317F-4291-9078-3B7B60A22A99}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\RisingWorld\risingworldx64.exe
FirewallRules: [{D9A50580-7341-4193-A35A-782E5570685C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\pCars\pCARS64.exe
FirewallRules: [{A4C52E3B-BF4C-4D6D-8E45-D8980FE772BE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\pCars\pCARS64.exe
FirewallRules: [{E286ED96-9062-4773-9BE8-EA39AAA5AAFF}] => (Allow) C:\Program Files\RealVNC\VNC Server\vncserver.exe
FirewallRules: [{3BE293AC-80AE-4AAD-9029-687CF7088F46}] => (Allow) C:\Program Files\RealVNC\VNC Server\vncserver.exe
FirewallRules: [TCP Query User{27E34102-7627-49B5-B91F-13B327BF98BC}C:\users\elgiganten-demo\desktop\ida_v6.1\idag64.exe] => (Allow) C:\users\elgiganten-demo\desktop\ida_v6.1\idag64.exe
FirewallRules: [UDP Query User{004CD375-124B-4F06-A786-4AE0B4115BAD}C:\users\elgiganten-demo\desktop\ida_v6.1\idag64.exe] => (Allow) C:\users\elgiganten-demo\desktop\ida_v6.1\idag64.exe
FirewallRules: [{1CB66292-1239-437D-A906-25CA89B57BB4}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 1 Open Beta\bf1.exe
FirewallRules: [{4135EB17-A346-42F9-9E11-84DF89E6FC51}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 1 Open Beta\bf1.exe
FirewallRules: [TCP Query User{8917BC53-C35D-4FE1-B006-7DB454BDD9C7}C:\users\elgiganten-demo\desktop\njrat 0.7d\njrat v0.7d.exe] => (Allow) C:\users\elgiganten-demo\desktop\njrat 0.7d\njrat v0.7d.exe
FirewallRules: [UDP Query User{406290A6-3E58-4C5E-9EC1-38B5552CDD6F}C:\users\elgiganten-demo\desktop\njrat 0.7d\njrat v0.7d.exe] => (Allow) C:\users\elgiganten-demo\desktop\njrat 0.7d\njrat v0.7d.exe
FirewallRules: [TCP Query User{01C29E3D-D06C-4DBB-A426-70720F721ED7}C:\users\elgiganten-demo\desktop\njrat 0.5.0\njrat.exe] => (Allow) C:\users\elgiganten-demo\desktop\njrat 0.5.0\njrat.exe
FirewallRules: [UDP Query User{2C573C6F-3992-429A-93D0-FAEF4AA41058}C:\users\elgiganten-demo\desktop\njrat 0.5.0\njrat.exe] => (Allow) C:\users\elgiganten-demo\desktop\njrat 0.5.0\njrat.exe
FirewallRules: [TCP Query User{88C2E208-5098-4262-A241-60B3E6825745}C:\users\elgiganten-demo\desktop\crypt\crypt tools\njrat 0.7d\njrat v0.7d.exe] => (Block) C:\users\elgiganten-demo\desktop\crypt\crypt tools\njrat 0.7d\njrat v0.7d.exe
FirewallRules: [UDP Query User{1D46DBF9-065D-45C7-A3FE-360D9D0922C3}C:\users\elgiganten-demo\desktop\crypt\crypt tools\njrat 0.7d\njrat v0.7d.exe] => (Block) C:\users\elgiganten-demo\desktop\crypt\crypt tools\njrat 0.7d\njrat v0.7d.exe
FirewallRules: [TCP Query User{4877F8CD-0E43-44AD-A652-71C891834FD5}C:\users\elgiganten-demo\desktop\deskt-\hacking, cheats etc\rats\njrat 0.5.0\njrat.exe] => (Allow) C:\users\elgiganten-demo\desktop\deskt-\hacking, cheats etc\rats\njrat 0.5.0\njrat.exe
FirewallRules: [UDP Query User{9DA56138-5DE2-4A72-B58F-C5273D608ECE}C:\users\elgiganten-demo\desktop\deskt-\hacking, cheats etc\rats\njrat 0.5.0\njrat.exe] => (Allow) C:\users\elgiganten-demo\desktop\deskt-\hacking, cheats etc\rats\njrat 0.5.0\njrat.exe
FirewallRules: [TCP Query User{60E2D41C-09E0-4D9C-9214-625A67BA4C85}C:\users\elgiganten-demo\desktop\deskt-\hacking, cheats etc\ida_v6.1\idag64.exe] => (Allow) C:\users\elgiganten-demo\desktop\deskt-\hacking, cheats etc\ida_v6.1\idag64.exe
FirewallRules: [UDP Query User{9828C8C5-FA2E-43A4-8D2B-D229C81C49E0}C:\users\elgiganten-demo\desktop\deskt-\hacking, cheats etc\ida_v6.1\idag64.exe] => (Allow) C:\users\elgiganten-demo\desktop\deskt-\hacking, cheats etc\ida_v6.1\idag64.exe
FirewallRules: [{0BA05294-3486-4B11-AA71-98ACD55FE5E8}] => (Allow) C:\Program Files (x86)\Remotr\RemotrServer.exe
FirewallRules: [{EEBD19F2-395E-478C-8C8F-392534106172}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\H1Z1\LaunchPad.exe
FirewallRules: [{30A8C5C3-610F-4E2B-8378-0E08A971E820}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\H1Z1\LaunchPad.exe
FirewallRules: [TCP Query User{3515B577-08A3-4492-9144-942D8C7259F6}C:\program files (x86)\steam\steamapps\common\h1z1\h1z1.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\h1z1\h1z1.exe
FirewallRules: [UDP Query User{6CBC54B5-704A-4917-8275-C3926A29D905}C:\program files (x86)\steam\steamapps\common\h1z1\h1z1.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\h1z1\h1z1.exe
FirewallRules: [TCP Query User{B748C987-266B-47FA-9FCF-D80B633F2C15}C:\program files\qtox\bin\qtox.exe] => (Allow) C:\program files\qtox\bin\qtox.exe
FirewallRules: [UDP Query User{15093021-ACAB-49A0-9AFF-9380C3D6B717}C:\program files\qtox\bin\qtox.exe] => (Allow) C:\program files\qtox\bin\qtox.exe
FirewallRules: [TCP Query User{86782A92-83F8-44F3-98F7-0EDAA9D70877}C:\program files\logitech gaming software\lcore.exe] => (Block) C:\program files\logitech gaming software\lcore.exe
FirewallRules: [UDP Query User{2483393C-C1CF-47C4-AF37-E868A0F1B65A}C:\program files\logitech gaming software\lcore.exe] => (Block) C:\program files\logitech gaming software\lcore.exe
FirewallRules: [{5A91859D-7B4C-411D-8876-73FB470C84D5}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{E8D0A5BD-3F4D-4FCB-BC11-35CBEA126DA0}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{95BCA5C1-B6BC-47E2-8C14-261951D4D8C6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Unturned\Unturned_BE.exe
FirewallRules: [{C82E15AB-8D10-47ED-9EAA-8156A4EA9419}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Unturned\Unturned_BE.exe
FirewallRules: [{DBE3B26D-5750-4B1C-A432-025E1CCB099E}] => (Allow) C:\Users\elgiganten-demo\Desktop\FIVE REBORN\FiveReborn.exe
FirewallRules: [{A0F2E2A9-5E26-4746-BBE1-381F1B34D141}] => (Allow) C:\Users\elgiganten-demo\Desktop\FIVE REBORN\FiveReborn.exe
FirewallRules: [{5D13A95F-1FEE-43A9-80A9-7FC0E68AC461}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{56AD13FA-0667-4E7C-BB86-157F5E06EA72}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{38514D56-EF36-47B1-9698-DD53015C14D4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{DD04850D-2CBB-40DE-BCD7-654CDA715B38}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{CADF09BD-2103-4210-86FD-700D5286095A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{2E8B3CFA-65E5-45CF-B3E3-B36C26609734}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{1534D259-2010-41B6-97F1-D2EA6441DD7A}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{FB53D026-DA27-42C8-838E-8C91235EAFA0}] => (Allow) C:\Program Files\SoftEther VPN Client\vpncmd_x64.exe
FirewallRules: [{D580092A-AF33-4B5A-9CF2-BC6BA45AA634}] => (Allow) C:\Program Files\SoftEther VPN Client\vpnclient_x64.exe
FirewallRules: [{79180420-7E09-4576-8439-FBA0B4829B2B}] => (Allow) C:\Program Files\SoftEther VPN Client\vpncmd.exe
FirewallRules: [{FA697C85-79C2-4BCD-A5A7-4E9ABDB51C6A}] => (Allow) C:\Program Files\SoftEther VPN Client\vpncmgr_x64.exe
FirewallRules: [{4A4147E7-4FAD-42A4-892C-8A9B7E863B12}] => (Allow) C:\Program Files\SoftEther VPN Client\vpncmgr.exe
FirewallRules: [{B74F80D4-2792-408C-A232-8F9ADCBC95C0}] => (Allow) C:\Program Files\SoftEther VPN Client\vpnclient.exe
FirewallRules: [TCP Query User{1E6FA279-627E-4352-A9A0-D548B9ED3FAD}C:\program files (x86)\steam\steamapps\common\h1z1 king of the kill\h1z1.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\h1z1 king of the kill\h1z1.exe
FirewallRules: [UDP Query User{4AF7D44C-1D88-43F7-AAF1-B2FA73F0DCF7}C:\program files (x86)\steam\steamapps\common\h1z1 king of the kill\h1z1.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\h1z1 king of the kill\h1z1.exe
FirewallRules: [{EAAD0486-2292-469A-8D03-6360F2954EF2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Arma 3\arma3launcher.exe
FirewallRules: [{E6C60B5A-5674-4652-AC7C-C205052C89D7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Arma 3\arma3launcher.exe
FirewallRules: [TCP Query User{93A0D086-AAA1-4916-AD08-CAA1171B74EC}C:\program files (x86)\steam\steamapps\common\arma 3\arma3.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\arma 3\arma3.exe
FirewallRules: [UDP Query User{82EA4DEE-7AE8-42C7-9050-E8E6FD5B6D89}C:\program files (x86)\steam\steamapps\common\arma 3\arma3.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\arma 3\arma3.exe
FirewallRules: [TCP Query User{91F7C6FA-40BE-4C08-8B6A-36EF256B5544}C:\program files\java\jre1.8.0_60\bin\java.exe] => (Allow) C:\program files\java\jre1.8.0_60\bin\java.exe
FirewallRules: [UDP Query User{A1EE2D25-1E6B-4ED6-9639-DCE136E12529}C:\program files\java\jre1.8.0_60\bin\java.exe] => (Allow) C:\program files\java\jre1.8.0_60\bin\java.exe
FirewallRules: [{FF2872B4-DB27-4366-8E85-69259DB1F672}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\RoBoRumble\rrumble.exe
FirewallRules: [{FDDD538F-67EB-4A42-97C7-D6A1B53A2FAA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\RoBoRumble\rrumble.exe
FirewallRules: [{C845128A-1DF5-46D7-B2BB-B5CD3D02626F}] => (Allow) C:\Program Files (x86)\Opera\43.0.2442.1144\opera.exe
FirewallRules: [{E46667BF-6473-46A1-9B29-6DB605D0BC96}] => (Allow) C:\Program Files (x86)\Opera\44.0.2510.857\opera.exe
FirewallRules: [{5BA21154-40F3-49D0-A198-389D93BBEBF6}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\BFLauncher.exe
FirewallRules: [{D077CBCE-3647-4945-9F95-9455D54FCD1E}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\BFLauncher.exe
FirewallRules: [{270CA4E2-445A-4909-A47F-AA5178A4FD7F}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\BFLauncher_x86.exe
FirewallRules: [{62CF4FF2-4B3F-48E1-AD97-D5A84F0E7EE6}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\BFLauncher_x86.exe
FirewallRules: [{70423494-95A0-437B-84D0-25140ED950B2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\LMS\Launcher.exe
FirewallRules: [{2DDF40A7-3A50-4B5B-A5BD-5B0AA4B915B0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\LMS\Launcher.exe
FirewallRules: [TCP Query User{ADA183DE-E002-419B-8907-6512B1731C70}C:\program files (x86)\steam\steamapps\common\lms\lms.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\lms\lms.exe
FirewallRules: [UDP Query User{A998CE72-76FD-4E1F-99D5-8521BA73A118}C:\program files (x86)\steam\steamapps\common\lms\lms.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\lms\lms.exe
FirewallRules: [{E622A3F2-1183-48EC-849F-3E018937E9BE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{16AD3127-8C9E-4879-9B5E-B956481B6E67}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [TCP Query User{B6223D89-D32C-41E6-A162-99D3CB09CADC}C:\program files (x86)\qtox\bin\qtox.exe] => (Block) C:\program files (x86)\qtox\bin\qtox.exe
FirewallRules: [UDP Query User{DA8694CF-2C00-41C8-8888-62742F4C38C6}C:\program files (x86)\qtox\bin\qtox.exe] => (Block) C:\program files (x86)\qtox\bin\qtox.exe
FirewallRules: [TCP Query User{5F5ED134-9FF3-4A79-B142-F0E32039E6F5}C:\users\elgiganten-demo\desktop\----------\spel\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\users\elgiganten-demo\desktop\----------\spel\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{BC449061-12C9-4D77-851C-4FC2FF6E4050}C:\users\elgiganten-demo\desktop\----------\spel\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\users\elgiganten-demo\desktop\----------\spel\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [{B8DDE68B-27AC-448B-B935-5372591B94AE}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{9920D746-1B16-4FFD-97CC-4CD5CEB18F00}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{5BBB00E5-2FB8-4B4B-A5AA-DB4DD385B066}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{115AB1F2-4C83-4793-BD6E-C6B671520FD6}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{6BE0940A-8954-435B-8B9B-DED36906F43B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\H1Z1 King of the Kill\LaunchPad.exe
FirewallRules: [{A16AFCA3-C03B-4CE7-A093-A6E7C404AD83}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\H1Z1 King of the Kill\LaunchPad.exe
FirewallRules: [{D5A295E8-906A-4C60-99DB-A5310AF97C39}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{826049F8-210E-4D78-BED3-EB0772F214E9}] => (Allow) C:\Users\elgiganten-demo\Desktop\Deskt-\HACKING, cheats etc\Reverse ENG tools\IDA_v6.1\idag64.exe
FirewallRules: [{64840879-FF73-4C0D-BC57-4541792AB464}] => (Allow) C:\Users\elgiganten-demo\Desktop\Deskt-\HACKING, cheats etc\Reverse ENG tools\IDA_v6.1\idag64.exe
 
==================== Restore Points =========================
 
14-06-2017 13:20:42 Installationsprogram för Windows-moduler
21-06-2017 02:21:18 Windows Update
28-06-2017 10:48:43 Schemalagd kontrollpunkt
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (07/02/2017 12:56:14 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Det gick inte att skapa aktiveringskontext för C:\Program Files (x86)\Microsoft Visual Studio 14.0\VC\redist\1033\vcredist_arm.exe.
Den beroende sammansättningen Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="arm",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" kunde inte hittas.
Använd sxstrace.exe om du vill diagnostisera ytterligare.
 
Error: (07/01/2017 10:01:49 PM) (Source: Windows Search Service) (EventID: 10021) (User: )
Description: Det gick inte att hämta registerinfo om prestandaräknare för WSearchIdxPi för instansen   på grund av följande fel: Åtgärden har slutförts.   0x0.
 
Error: (07/01/2017 10:01:46 PM) (Source: Windows Search Service) (EventID: 3007) (User: )
Description: Det går inte att initiera prestandaövervakning för insamlingsobjektet eftersom räknarna inte har lästs in eller det delade minnesobjektet inte går att öppna. Detta påverkar endast tillgängligheten för prestandaräknarna. Starta om datorn.
 
Kontext: program , katalog SystemIndex
 
Error: (07/01/2017 10:01:43 PM) (Source: Windows Search Service) (EventID: 3006) (User: )
Description: Det går inte att initiera prestandaövervakning för insamlingstjänsten eftersom räknarna inte har lästs in eller det delade minnesobjektet inte går att öppna. Detta påverkar endast tillgängligheten för prestandaräknarna. Starta om datorn.
 
Error: (07/01/2017 05:03:48 PM) (Source: Microsoft-Windows-LocationProvider) (EventID: 2006) (User: NT instans)
Description: There was an error with the Windows Location Provider database
 
Error: (07/01/2017 04:44:27 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Det gick inte att skapa aktiveringskontext för C:\Program Files (x86)\Microsoft Visual Studio 14.0\VC\redist\1033\vcredist_arm.exe.
Den beroende sammansättningen Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="arm",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" kunde inte hittas.
Använd sxstrace.exe om du vill diagnostisera ytterligare.
 
Error: (07/01/2017 04:43:12 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Felet uppstod i programmet med namn: procexp.exe, version 16.5.0.0, tidsstämpel 0x54fe13dc
, felet uppstod i modulen med namn: procexp.exe, version 16.5.0.0, tidsstämpel 0x54fe13dc
Undantagskod: 0xc0000005
Felförskjutning: 0x00001284
Process-ID: 0x1de0
Programmets starttid: 0x01d2f2785d25da30
Sökväg till program: C:\Users\elgiganten-demo\Desktop\procexp.exe
Sökväg till modul: C:\Users\elgiganten-demo\Desktop\procexp.exe
Rapport-ID: 9ad72fa7-5e6b-11e7-8301-a0d3c147e639
Fullständigt namn på felaktigt paket: 
Program-ID relativt till felaktigt paket:
 
Error: (07/01/2017 04:42:50 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Felet uppstod i programmet med namn: procexp.exe, version 16.5.0.0, tidsstämpel 0x54fe13dc
, felet uppstod i modulen med namn: procexp.exe, version 16.5.0.0, tidsstämpel 0x54fe13dc
Undantagskod: 0xc0000005
Felförskjutning: 0x00001284
Process-ID: 0x1934
Programmets starttid: 0x01d2f27850786084
Sökväg till program: C:\Users\elgiganten-demo\Desktop\procexp.exe
Sökväg till modul: C:\Users\elgiganten-demo\Desktop\procexp.exe
Rapport-ID: 8e29587d-5e6b-11e7-8301-a0d3c147e639
Fullständigt namn på felaktigt paket: 
Program-ID relativt till felaktigt paket:
 
Error: (07/01/2017 04:42:35 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Felet uppstod i programmet med namn: procexp.exe, version 16.5.0.0, tidsstämpel 0x54fe13dc
, felet uppstod i modulen med namn: procexp.exe, version 16.5.0.0, tidsstämpel 0x54fe13dc
Undantagskod: 0xc0000005
Felförskjutning: 0x00001284
Process-ID: 0xfb4
Programmets starttid: 0x01d2f27846b5e209
Sökväg till program: C:\Users\elgiganten-demo\Desktop\procexp.exe
Sökväg till modul: C:\Users\elgiganten-demo\Desktop\procexp.exe
Rapport-ID: 84d1d68d-5e6b-11e7-8301-a0d3c147e639
Fullständigt namn på felaktigt paket: 
Program-ID relativt till felaktigt paket:
 
Error: (07/01/2017 11:25:01 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: Öppningsproceduren .NETFramework i DLL-filen C:\windows\system32\mscoree.dll kunde inte utföras. Prestandadata för den här tjänsten kommer inte att vara tillgängliga. Felkoden anges av datasektionens första fyra byte (DWORD).
 
 
System errors:
=============
Error: (07/02/2017 04:29:34 AM) (Source: DCOM) (EventID: 10010) (User: FARFAR)
Description: Servern {1B1F472E-3221-4826-97DB-2C2324D389AE} registrerades inte med DCOM inom erforderlig timeout.
 
Error: (07/02/2017 04:29:04 AM) (Source: DCOM) (EventID: 10010) (User: FARFAR)
Description: Servern {BF6C1E47-86EC-4194-9CE5-13C15DCB2001} registrerades inte med DCOM inom erforderlig timeout.
 
Error: (07/01/2017 10:01:17 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Tjänsten Origin Web Helper Service kunde inte startas på grund av följande fel: 
Tjänsten svarade inte på start- eller kontrollbegäran i tid.
 
Error: (07/01/2017 10:01:17 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: En timeout (30000 ms) inträffade vid väntan på att tjänsten Origin Web Helper Service skulle ansluta.
 
Error: (07/01/2017 10:00:36 PM) (Source: BugCheck) (EventID: 1001) (User: )
Description: Datorn har startats om efter felsökningen. Felsökningen var: 0x00000109 (0xa3a01f594408bb53, 0xb3b72bdf9688ba3a, 0xffffd000e61ecfc0, 0x0000000000000002). Innehållet dumpades och sparades i: C:\windows\MEMORY.DMP. Rapport-ID: 070117-38640-01.
 
Error: (07/01/2017 10:00:18 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Den senaste avstängningen av datorn vid 21:53:55 den ‎2017-‎07-‎01 skedde oväntat.
 
Error: (07/01/2017 09:55:57 PM) (Source: cdrom) (EventID: 11) (User: )
Description: Drivrutinen hittade ett styrenhetsfel på \Device\CdRom0.
 
Error: (07/01/2017 09:55:51 PM) (Source: cdrom) (EventID: 11) (User: )
Description: Drivrutinen hittade ett styrenhetsfel på \Device\CdRom0.
 
Error: (07/01/2017 09:55:45 PM) (Source: cdrom) (EventID: 11) (User: )
Description: Drivrutinen hittade ett styrenhetsfel på \Device\CdRom0.
 
Error: (07/01/2017 03:37:26 PM) (Source: DCOM) (EventID: 10010) (User: FARFAR)
Description: Servern {1B1F472E-3221-4826-97DB-2C2324D389AE} registrerades inte med DCOM inom erforderlig timeout.
 
 
CodeIntegrity:
===================================
  Date: 2016-09-23 09:47:32.040
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files (x86)\Common Files\Avnex\vcs64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2016-09-15 06:32:06.690
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files (x86)\Common Files\Avnex\vcs64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2016-08-31 12:59:59.983
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files (x86)\Common Files\Avnex\vcs64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2016-08-25 16:22:58.116
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files (x86)\Common Files\Avnex\vcs64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2016-06-25 21:14:02.660
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2016-06-25 21:06:34.882
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2016-06-25 20:53:49.612
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2016-06-25 20:43:13.006
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2016-06-25 20:34:59.789
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2016-06-25 17:46:47.624
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.
 
 
==================== Memory info =========================== 
 
Processor: AMD FX™-670K Quad-Core Processor 
Percentage of memory in use: 27%
Total physical RAM: 12212.94 MB
Available physical RAM: 8812.2 MB
Total Virtual: 24500.94 MB
Available Virtual: 20648.75 MB
 
==================== Drives ================================
 
Drive c: (Windows) (Fixed) (Total:1847.95 GB) (Free:599.69 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive d: (Bajs) (Fixed) (Total:13.59 GB) (Free:13.53 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (Size: 1863 GB) (Disk ID: 20133143)
 
Partition: GPT.
 
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 14.9 GB) (Disk ID: BDD23883)
Partition 1: (Not Active) - (Size=14.9 GB) - (Type=73)
 
==================== End of Addition.txt ============================

  • 0

#3
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,024 posts
  • MVP
Error: (07/01/2017 09:55:57 PM) (Source: cdrom) (EventID: 11) (User: )
Description: Drivrutinen hittade ett styrenhetsfel på \Device\CdRom0.

 

 

Search for 

 

device manager

 

hit enter

 

Find DVD/CD-ROM

 

Click on the arrow in front of it.  Right click on each device under DVD/CD-ROM and UNINSTALL.  (Do not let it remove drivers if it asks)  Reboot.

 

IF the error reappears then try

 

Windows Repair all in one
 
 
Download it and save it then run it.
 
You can skip to step 4 or 5 where it gives you the same picture as in the above link.
 
Make sure the following is checked before hitting Start:
 
 
Repair CD/DVD Missing/Not Working
 
(Others won't hurt anything but will take a lot longer to complete)
 
Reboot when done and see if the error reappears.
 
Error: (07/01/2017 10:00:36 PM) (Source: BugCheck) (EventID: 1001) (User: )
Description: Datorn har startats om efter felsökningen. Felsökningen var: 0x00000109 (0xa3a01f594408bb53, 0xb3b72bdf9688ba3a, 0xffffd000e61ecfc0, 0x0000000000000002). Innehållet dumpades och sparades i: C:\windows\MEMORY.DMP. Rapport-ID: 070117-38640-01.
 

 

 

 
 
Download BlueScreenView
 
Double click on BlueScreenView.exe file to run the program.
When scanning is done, go Edit, Select All.
 
Go File, Save Selected Items, and save the report as BSOD.txt.
Open BSOD.txt in Notepad, copy all content, and paste it into your next reply.
 
I see you have Speccy.  Please make a log and attach it:
Run Speccy.  When it finishes (the little icon in the bottom left will stop moving), 
File, Save as Text File,  (to your desktop) note the name it gives. OK.  Open the file in notepad and delete the line that gives the serial number of your Operating System.  
(It will be near the top,  10-20  lines down.) Save the file.  Attach the file to your next post.  Attaching the log is the best option as it is too big for the forum.  Attaching is a multi step process.
 
First click on More Reply Options
Then scroll down to where you see
Choose File and click on it.  Point it at the file and hit Open.
Now click on Attach this file.
 
 
 
Error: (07/01/2017 10:01:17 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Tjänsten Origin Web Helper Service kunde inte startas på grund av följande fel: 
Tjänsten svarade inte på start- eller kontrollbegäran i tid.
 
Error: (07/01/2017 10:01:17 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: En timeout (30000 ms) inträffade vid väntan på att tjänsten Origin Web Helper Service skulle ansluta.
 

 

 

Search for

 

services.msc

 

hit Enter

 

Find the Origin Web Helper Service  and right click and select Properties.  Change the Startup Type to Manual  OK.

 

No idea what is wrong with Process Explorer.  Could be it doesn't like Swedish but  I would try a new download:

 

 

 
 
Right click on it and Run As Admin.

  • 0

#4
Alduin

Alduin

    Banned

  • Topic Starter
  • Banned
  • PipPip
  • 55 posts

The error hasn't been reappearing since 07/01/2017 09:55:57 PM, but I still uninstalled it. If it ever does reappear again I will try that step u mentioned above!

 

 

==================================================
Dump File         : 070117-38640-01.dmp
Crash Time        : 2017-07-01 21:58:41
Bug Check String  : 
Bug Check Code    : 0x00000109
Parameter 1       : a3a01f59`4408bb53
Parameter 2       : b3b72bdf`9688ba3a
Parameter 3       : ffffd000`e61ecfc0
Parameter 4       : 00000000`00000002
Caused By Driver  : ntoskrnl.exe
Caused By Address : ntoskrnl.exe+14dda0
File Description  : 
Product Name      : 
Company           : 
File Version      : 
Processor         : x64
Crash Address     : ntoskrnl.exe+14dda0
Stack Address 1   : 
Stack Address 2   : 
Stack Address 3   : 
Computer Name     : 
Full Path         : C:\Windows\Minidump\070117-38640-01.dmp
Processors Count  : 4
Major Version     : 15
Minor Version     : 9600
Dump File Size    : 412 112
Dump File Time    : 2017-07-01 22:00:36
==================================================

 

 
 

I have a very hot CPU, I'm going to change motherboard, and CPU, and Cooler fan in the future.

Find the Origin Web Helper Service  and right click and select Properties.  Change the Startup Type to Manual  OK.

 

Done.

 

No idea what is wrong with Process Explorer.  Could be it doesn't like Swedish but  I would try a new download:

 

I was tampering with it before changing its digital signatures to unverified. So that was maybe it, however i can't be sure.

 


  • 0

#5
Alduin

Alduin

    Banned

  • Topic Starter
  • Banned
  • PipPip
  • 55 posts

Also, this is the last time I will buy an HP computer, It gets loaded with bloatware and the cooler is bad.


Edited by Alduin, 02 July 2017 - 05:19 PM.

  • 0

#6
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,024 posts
  • MVP

The heat is probably why you are getting BSODs.  Usually you can just shut them down, leave it plugged into the wall, open it up.  Remove the fan (but not the heatsink then use a small brush and a vacuum cleaner hose to clean the heatsink and fans and air vents.  If that's not enough then you pull the heatsink, clean it really well and put new Arctic Silver 5 thermal paste.  I like to use the kit that comes with the  cleaner and surface prep but if you don't have it alcohol will work almost as well.  The Arctic Silver 5 website tells you how much to put on and what shape to use for each CPU type.

 

My usual Event reader doesn't work in Swedish but I think MiniToolBox doesn't care:

 

Please download MiniToolBox, save it to your desktop and run it.
 
Checkmark the following checkboxes:
 
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer Errors
  • List Installed Programs
  • List Devices
  • List Users, Partitions and Memory size.
  •  
    Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.

    • 0

    #7
    Alduin

    Alduin

      Banned

    • Topic Starter
    • Banned
    • PipPip
    • 55 posts

    Are you really sure RKinner? The temps have been like this since I got this PC totally new from elgiganten. I got the BSOD while I was scanning with aswMBR and my CD-ROM was acting crazy and then poff one for the first time and no more BSODs after that. But i can try ur suggestion with Arctic Silver 5 thermal paste thanks ;). I also ran following commands on CMD

     

    cmd: 

    sfc /scannow

    Dism /online  /Cleanup-image  /Restorehealth

     

     

    I also removed Pokki btw even tough I had it disabled, but since I saw it on the frst logs and I almost completely forgot about it, I removed it.

     

    MiniToolBox by Farbar  Version: 17-06-2016
    Ran by elgiganten-demo (administrator) on 03-07-2017 at 01:40:08
    Running from "C:\Users\elgiganten-demo\Downloads"
    Microsoft Windows 8.1  (X64)
    Model: 500-311no Manufacturer: Hewlett-Packard
    Boot Mode: Normal
    ***************************************************************************
    ========================= Hosts content: =================================
    35.156.90.191 authserver.mojang.com
    35.156.90.191 sessionserver.mojang.com
    ========================= IP Configuration: ================================
     
    [CommView] Atheros AR9485 Wireless Network Adapter = Wi-Fi (Connected)
    VirtualBox Host-Only Ethernet Adapter = VirtualBox Host-Only Network (Connected)
    VMware Virtual Ethernet Adapter for VMnet1 = VMware Network Adapter VMnet1 (Connected)
    VMware Virtual Ethernet Adapter for VMnet8 = VMware Network Adapter VMnet8 (Connected)
    Realtek PCIe GBE Family Controller = Ethernet (Media disconnected)
    TAP-Win32 Adapter V9 for OpenVPN Accelerator = Anslutning till lokalt nätverk (Media disconnected)
    VPN Client Adapter - VPN = VPN - VPN Client (Media disconnected)
    TAP-Windows Adapter V9 | NordVPN-9.21.2 = Ethernet 2 (Media disconnected)
    TAP-Windows Adapter V9 = Ethernet 5 (Media disconnected)
    TAP Adapter OAS NDIS 6.0 = Ethernet 3 (Media disconnected)
    TAP-Windows Adapter V9 = Ethernet 4 (Media disconnected)
    Windscribe VPN = Ethernet 6 (Media disconnected)
     
     
    # ----------------------------------
    # IPv4 Configuration
    # ----------------------------------
    pushd interface ipv4
     
    reset
    set global icmpredirects=enabled
    set interface interface="Anslutning till lokalt n„tverk* 1" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
    set interface interface="Wi-Fi" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
    set interface interface="Anslutning till lokalt n„tverk* 2" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
    set interface interface="other_0" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
    set interface interface="VMware Network Adapter VMnet1" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
    set interface interface="VMware Network Adapter VMnet8" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
    set interface interface="VirtualBox Host-Only Network" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
    set interface interface="Ethernet 2" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
    set interface interface="Ethernet" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
    set interface interface="VPN - VPN Client" forwarding=enabled advertise=enabled metric=1 nud=enabled ignoredefaultroutes=disabled
    set interface interface="Ethernet 3" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
    set interface interface="Ethernet 4" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
    set interface interface="Ethernet 5" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
    set interface interface="Ethernet 6" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
    add address name="VirtualBox Host-Only Network" address=192.168.56.1 mask=255.255.255.0
    add address name="VMware Network Adapter VMnet1" address=192.168.75.1 mask=255.255.255.0
    add address name="VMware Network Adapter VMnet8" address=192.168.93.1 mask=255.255.255.0
     
     
    popd
    # End of IPv4 configuration
     
     
     
    Windows IP Configuration
     
       Host Name . . . . . . . . . . . . : Farfar
       Primary Dns Suffix  . . . . . . . : 
       Node Type . . . . . . . . . . . . : Hybrid
       IP Routing Enabled. . . . . . . . : No
       WINS Proxy Enabled. . . . . . . . : No
     
    Ethernet adapter Ethernet 6:
     
       Media State . . . . . . . . . . . : Media disconnected
       Connection-specific DNS Suffix  . : 
       Description . . . . . . . . . . . : Windscribe VPN
       Physical Address. . . . . . . . . : 00-FF-C9-88-89-51
       DHCP Enabled. . . . . . . . . . . : Yes
       Autoconfiguration Enabled . . . . : Yes
     
    Ethernet adapter Ethernet 5:
     
       Media State . . . . . . . . . . . : Media disconnected
       Connection-specific DNS Suffix  . : 
       Description . . . . . . . . . . . : TAP-Windows Adapter V9 #2
       Physical Address. . . . . . . . . : 00-FF-93-81-A9-09
       DHCP Enabled. . . . . . . . . . . : Yes
       Autoconfiguration Enabled . . . . : Yes
     
    Ethernet adapter Ethernet 4:
     
       Media State . . . . . . . . . . . : Media disconnected
       Connection-specific DNS Suffix  . : 
       Description . . . . . . . . . . . : TAP-Windows Adapter V9
       Physical Address. . . . . . . . . : 00-FF-A8-1E-CF-4D
       DHCP Enabled. . . . . . . . . . . : Yes
       Autoconfiguration Enabled . . . . : Yes
     
    Ethernet adapter Ethernet 3:
     
       Media State . . . . . . . . . . . : Media disconnected
       Connection-specific DNS Suffix  . : 
       Description . . . . . . . . . . . : TAP Adapter OAS NDIS 6.0
       Physical Address. . . . . . . . . : 00-FF-69-9B-B5-72
       DHCP Enabled. . . . . . . . . . . : Yes
       Autoconfiguration Enabled . . . . : Yes
     
    Ethernet adapter VPN - VPN Client:
     
       Media State . . . . . . . . . . . : Media disconnected
       Connection-specific DNS Suffix  . : 
       Description . . . . . . . . . . . : VPN Client Adapter - VPN
       Physical Address. . . . . . . . . : 00-AC-80-F9-6A-27
       DHCP Enabled. . . . . . . . . . . : Yes
       Autoconfiguration Enabled . . . . : Yes
     
    Ethernet adapter Ethernet:
     
       Media State . . . . . . . . . . . : Media disconnected
       Connection-specific DNS Suffix  . : 
       Description . . . . . . . . . . . : Realtek PCIe GBE Family Controller
       Physical Address. . . . . . . . . : A0-D3-C1-47-E6-39
       DHCP Enabled. . . . . . . . . . . : Yes
       Autoconfiguration Enabled . . . . : Yes
     
    Ethernet adapter Ethernet 2:
     
       Media State . . . . . . . . . . . : Media disconnected
       Connection-specific DNS Suffix  . : 
       Description . . . . . . . . . . . : TAP-Windows Adapter V9 | NordVPN-9.21.2
       Physical Address. . . . . . . . . : 00-FF-23-78-E2-A0
       DHCP Enabled. . . . . . . . . . . : Yes
       Autoconfiguration Enabled . . . . : Yes
     
    Ethernet adapter Anslutning till lokalt n„tverk:
     
       Media State . . . . . . . . . . . : Media disconnected
       Connection-specific DNS Suffix  . : 
       Description . . . . . . . . . . . : TAP-Win32 Adapter V9 for OpenVPN Accelerator
       Physical Address. . . . . . . . . : 00-FF-EB-30-0C-49
       DHCP Enabled. . . . . . . . . . . : Yes
       Autoconfiguration Enabled . . . . : Yes
     
    Wireless LAN adapter Anslutning till lokalt n„tverk* 2:
     
       Media State . . . . . . . . . . . : Media disconnected
       Connection-specific DNS Suffix  . : 
       Description . . . . . . . . . . . : Microsoft Wi-Fi Direct Virtual Adapter
       Physical Address. . . . . . . . . : 12-10-B3-01-75-8B
       DHCP Enabled. . . . . . . . . . . : Yes
       Autoconfiguration Enabled . . . . : Yes
     
    Wireless LAN adapter Wi-Fi:
     
       Connection-specific DNS Suffix  . : 
       Description . . . . . . . . . . . : [CommView] Atheros AR9485 Wireless Network Adapter
       Physical Address. . . . . . . . . : 30-10-B3-01-75-8B
       DHCP Enabled. . . . . . . . . . . : Yes
       Autoconfiguration Enabled . . . . : Yes
       IPv6 Address. . . . . . . . . . . : 2a00:801:250:d0c4:f87b:8679:d10f:f6d3(Preferred) 
       Temporary IPv6 Address. . . . . . : 2a00:801:250:d0c4:2955:9db3:8190:d2d2(Preferred) 
       Link-local IPv6 Address . . . . . : fe80::f87b:8679:d10f:f6d3%3(Preferred) 
       IPv4 Address. . . . . . . . . . . : 172.20.10.2(Preferred) 
       Subnet Mask . . . . . . . . . . . : 255.255.255.240
       Lease Obtained. . . . . . . . . . : den 3 juli 2017 00:24:49
       Lease Expires . . . . . . . . . . : den 4 juli 2017 00:10:26
       Default Gateway . . . . . . . . . : fe80::31:99e6:3292:3c32%3
                                           172.20.10.1
       DHCP Server . . . . . . . . . . . : 172.20.10.1
       DHCPv6 IAID . . . . . . . . . . . : 53481651
       DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-1B-6E-11-85-A0-D3-C1-47-E6-39
       DNS Servers . . . . . . . . . . . : fe80::31:99e6:3292:3c32%3
                                           208.67.222.123
                                           208.67.220.123
       NetBIOS over Tcpip. . . . . . . . : Enabled
     
    Ethernet adapter VMware Network Adapter VMnet1:
     
       Connection-specific DNS Suffix  . : 
       Description . . . . . . . . . . . : VMware Virtual Ethernet Adapter for VMnet1
       Physical Address. . . . . . . . . : 00-50-56-C0-00-01
       DHCP Enabled. . . . . . . . . . . : No
       Autoconfiguration Enabled . . . . : Yes
       Link-local IPv6 Address . . . . . : fe80::c158:9f13:26a3:7150%10(Preferred) 
       IPv4 Address. . . . . . . . . . . : 192.168.75.1(Preferred) 
       Subnet Mask . . . . . . . . . . . : 255.255.255.0
       Default Gateway . . . . . . . . . : 
       DHCPv6 IAID . . . . . . . . . . . : 620777558
       DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-1B-6E-11-85-A0-D3-C1-47-E6-39
       DNS Servers . . . . . . . . . . . : fec0:0:0:ffff::1%1
                                           fec0:0:0:ffff::2%1
                                           fec0:0:0:ffff::3%1
       NetBIOS over Tcpip. . . . . . . . : Enabled
     
    Ethernet adapter VMware Network Adapter VMnet8:
     
       Connection-specific DNS Suffix  . : 
       Description . . . . . . . . . . . : VMware Virtual Ethernet Adapter for VMnet8
       Physical Address. . . . . . . . . : 00-50-56-C0-00-08
       DHCP Enabled. . . . . . . . . . . : No
       Autoconfiguration Enabled . . . . : Yes
       Link-local IPv6 Address . . . . . : fe80::54d3:c72e:cde:6149%11(Preferred) 
       IPv4 Address. . . . . . . . . . . : 192.168.93.1(Preferred) 
       Subnet Mask . . . . . . . . . . . : 255.255.255.0
       Default Gateway . . . . . . . . . : 
       DHCPv6 IAID . . . . . . . . . . . : 637554774
       DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-1B-6E-11-85-A0-D3-C1-47-E6-39
       DNS Servers . . . . . . . . . . . : fec0:0:0:ffff::1%1
                                           fec0:0:0:ffff::2%1
                                           fec0:0:0:ffff::3%1
       NetBIOS over Tcpip. . . . . . . . : Enabled
     
    Ethernet adapter VirtualBox Host-Only Network:
     
       Connection-specific DNS Suffix  . : 
       Description . . . . . . . . . . . : VirtualBox Host-Only Ethernet Adapter
       Physical Address. . . . . . . . . : 0A-00-27-00-00-17
       DHCP Enabled. . . . . . . . . . . : No
       Autoconfiguration Enabled . . . . : Yes
       Link-local IPv6 Address . . . . . : fe80::a9d1:628b:a92a:39d7%23(Preferred) 
       IPv4 Address. . . . . . . . . . . : 192.168.56.1(Preferred) 
       Subnet Mask . . . . . . . . . . . : 255.255.255.0
       Default Gateway . . . . . . . . . : 
       DHCPv6 IAID . . . . . . . . . . . : 185204775
       DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-1B-6E-11-85-A0-D3-C1-47-E6-39
       DNS Servers . . . . . . . . . . . : fec0:0:0:ffff::1%1
                                           fec0:0:0:ffff::2%1
                                           fec0:0:0:ffff::3%1
       NetBIOS over Tcpip. . . . . . . . : Enabled
     
    Tunnel adapter isatap.{EAB3369F-9F17-4368-8476-FBC06B61F297}:
     
       Media State . . . . . . . . . . . : Media disconnected
       Connection-specific DNS Suffix  . : 
       Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
       Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
       DHCP Enabled. . . . . . . . . . . : No
       Autoconfiguration Enabled . . . . : Yes
     
    Tunnel adapter Teredo Tunneling Pseudo-Interface:
     
       Connection-specific DNS Suffix  . : 
       Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
       Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
       DHCP Enabled. . . . . . . . . . . : No
       Autoconfiguration Enabled . . . . : Yes
       IPv6 Address. . . . . . . . . . . : 2001:0:9d38:78cf:458:3d7c:53eb:f5fd(Preferred) 
       Link-local IPv6 Address . . . . . : fe80::458:3d7c:53eb:f5fd%6(Preferred) 
       Default Gateway . . . . . . . . . : 
       DHCPv6 IAID . . . . . . . . . . . : 335544320
       DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-1B-6E-11-85-A0-D3-C1-47-E6-39
       NetBIOS over Tcpip. . . . . . . . : Disabled
     
    Tunnel adapter isatap.{669C7374-3C3A-4632-BB39-362B28A8548A}:
     
       Media State . . . . . . . . . . . : Media disconnected
       Connection-specific DNS Suffix  . : 
       Description . . . . . . . . . . . : Microsoft ISATAP Adapter #3
       Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
       DHCP Enabled. . . . . . . . . . . : No
       Autoconfiguration Enabled . . . . : Yes
     
    Tunnel adapter isatap.{593F17AF-2544-460B-BD33-A260B9FDAFE1}:
     
       Media State . . . . . . . . . . . : Media disconnected
       Connection-specific DNS Suffix  . : 
       Description . . . . . . . . . . . : Microsoft ISATAP Adapter #4
       Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
       DHCP Enabled. . . . . . . . . . . : No
       Autoconfiguration Enabled . . . . : Yes
     
    Tunnel adapter isatap.{A2A7AA1C-4F3C-454E-A032-FBADAD48F01F}:
     
       Media State . . . . . . . . . . . : Media disconnected
       Connection-specific DNS Suffix  . : 
       Description . . . . . . . . . . . : Microsoft ISATAP Adapter #5
       Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
       DHCP Enabled. . . . . . . . . . . : No
       Autoconfiguration Enabled . . . . : Yes
    DNS request timed out.
        timeout was 2 seconds.
    Server:  UnKnown
    Address:  fe80::31:99e6:3292:3c32
     
    Name:    google.com
    Addresses:  2a00:1450:400f:803::200e
     172.217.22.174
     
     
    Pinging google.com [2a00:1450:400f:803::200e] with 32 bytes of data:
    Reply from 2a00:1450:400f:803::200e: time=45ms 
    Reply from 2a00:1450:400f:803::200e: time=44ms 
     
    Ping statistics for 2a00:1450:400f:803::200e:
        Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
    Approximate round trip times in milli-seconds:
        Minimum = 44ms, Maximum = 45ms, Average = 44ms
    DNS request timed out.
        timeout was 2 seconds.
    Server:  UnKnown
    Address:  fe80::31:99e6:3292:3c32
     
    Name:    yahoo.com
    Addresses:  2001:4998:44:204::a7
     2001:4998:c:a06::2:4008
     2001:4998:58:c02::a9
     98.138.253.109
     98.139.180.149
     206.190.36.45
     
     
    Pinging yahoo.com [2001:4998:44:204::a7] with 32 bytes of data:
    Reply from 2001:4998:44:204::a7: time=161ms 
    Reply from 2001:4998:44:204::a7: time=168ms 
     
    Ping statistics for 2001:4998:44:204::a7:
        Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
    Approximate round trip times in milli-seconds:
        Minimum = 161ms, Maximum = 168ms, Average = 164ms
     
    Pinging 127.0.0.1 with 32 bytes of data:
    Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
    Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
     
    Ping statistics for 127.0.0.1:
        Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
    Approximate round trip times in milli-seconds:
        Minimum = 0ms, Maximum = 0ms, Average = 0ms
    ===========================================================================
    Interface List
     31...00 ff c9 88 89 51 ......Windscribe VPN
     29...00 ff 93 81 a9 09 ......TAP-Windows Adapter V9 #2
     28...00 ff a8 1e cf 4d ......TAP-Windows Adapter V9
     27...00 ff 69 9b b5 72 ......TAP Adapter OAS NDIS 6.0
     26...00 ac 80 f9 6a 27 ......VPN Client Adapter - VPN
     25...a0 d3 c1 47 e6 39 ......Realtek PCIe GBE Family Controller
     24...00 ff 23 78 e2 a0 ......TAP-Windows Adapter V9 | NordVPN-9.21.2
     22...00 ff eb 30 0c 49 ......TAP-Win32 Adapter V9 for OpenVPN Accelerator
      4...12 10 b3 01 75 8b ......Microsoft Wi-Fi Direct Virtual Adapter
      3...30 10 b3 01 75 8b ......[CommView] Atheros AR9485 Wireless Network Adapter
     10...00 50 56 c0 00 01 ......VMware Virtual Ethernet Adapter for VMnet1
     11...00 50 56 c0 00 08 ......VMware Virtual Ethernet Adapter for VMnet8
     23...0a 00 27 00 00 17 ......VirtualBox Host-Only Ethernet Adapter
      1...........................Software Loopback Interface 1
      5...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
      6...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
      7...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #3
      8...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #4
      9...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #5
    ===========================================================================
     
    IPv4 Route Table
    ===========================================================================
    Active Routes:
    Network Destination        Netmask          Gateway       Interface  Metric
              0.0.0.0          0.0.0.0      172.20.10.1      172.20.10.2     25
            127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
            127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
      127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
          172.20.10.0  255.255.255.240         On-link       172.20.10.2    281
          172.20.10.2  255.255.255.255         On-link       172.20.10.2    281
         172.20.10.15  255.255.255.255         On-link       172.20.10.2    281
         192.168.56.0    255.255.255.0         On-link      192.168.56.1    266
         192.168.56.1  255.255.255.255         On-link      192.168.56.1    266
       192.168.56.255  255.255.255.255         On-link      192.168.56.1    266
         192.168.75.0    255.255.255.0         On-link      192.168.75.1    276
         192.168.75.1  255.255.255.255         On-link      192.168.75.1    276
       192.168.75.255  255.255.255.255         On-link      192.168.75.1    276
         192.168.93.0    255.255.255.0         On-link      192.168.93.1    276
         192.168.93.1  255.255.255.255         On-link      192.168.93.1    276
       192.168.93.255  255.255.255.255         On-link      192.168.93.1    276
            224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
            224.0.0.0        240.0.0.0         On-link      192.168.56.1    266
            224.0.0.0        240.0.0.0         On-link      192.168.75.1    276
            224.0.0.0        240.0.0.0         On-link      192.168.93.1    276
            224.0.0.0        240.0.0.0         On-link       172.20.10.2    281
      255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
      255.255.255.255  255.255.255.255         On-link      192.168.56.1    266
      255.255.255.255  255.255.255.255         On-link      192.168.75.1    276
      255.255.255.255  255.255.255.255         On-link      192.168.93.1    276
      255.255.255.255  255.255.255.255         On-link       172.20.10.2    281
    ===========================================================================
    Persistent Routes:
      None
     
    IPv6 Route Table
    ===========================================================================
    Active Routes:
     If Metric Network Destination      Gateway
      3    281 ::/0                     fe80::31:99e6:3292:3c32
      1    306 ::1/128                  On-link
      6    306 2001::/32                On-link
      6    306 2001:0:9d38:78cf:458:3d7c:53eb:f5fd/128
                                        On-link
      3    281 2a00:801:250:d0c4::/64   On-link
      3    281 2a00:801:250:d0c4:2955:9db3:8190:d2d2/128
                                        On-link
      3    281 2a00:801:250:d0c4:f87b:8679:d10f:f6d3/128
                                        On-link
     23    266 fe80::/64                On-link
     10    276 fe80::/64                On-link
     11    276 fe80::/64                On-link
      3    281 fe80::/64                On-link
      6    306 fe80::/64                On-link
      6    306 fe80::458:3d7c:53eb:f5fd/128
                                        On-link
     11    276 fe80::54d3:c72e:cde:6149/128
                                        On-link
     23    266 fe80::a9d1:628b:a92a:39d7/128
                                        On-link
     10    276 fe80::c158:9f13:26a3:7150/128
                                        On-link
      3    281 fe80::f87b:8679:d10f:f6d3/128
                                        On-link
      1    306 ff00::/8                 On-link
     23    266 ff00::/8                 On-link
     10    276 ff00::/8                 On-link
     11    276 ff00::/8                 On-link
      3    281 ff00::/8                 On-link
      6    306 ff00::/8                 On-link
    ===========================================================================
    Persistent Routes:
      None
    ========================= Winsock entries =====================================
     
    Catalog5 01 C:\windows\SysWOW64\napinsp.dll [55296] (Microsoft Corporation)
    Catalog5 02 C:\windows\SysWOW64\pnrpnsp.dll [70144] (Microsoft Corporation)
    Catalog5 03 C:\windows\SysWOW64\pnrpnsp.dll [70144] (Microsoft Corporation)
    Catalog5 04 C:\windows\SysWOW64\NLAapi.dll [65536] (Microsoft Corporation)
    Catalog5 05 C:\windows\SysWOW64\mswsock.dll [286208] (Microsoft Corporation)
    Catalog5 06 C:\windows\SysWOW64\winrnr.dll [23040] (Microsoft Corporation)
    Catalog9 01 C:\windows\SysWOW64\mswsock.dll [286208] (Microsoft Corporation)
    Catalog9 02 C:\windows\SysWOW64\mswsock.dll [286208] (Microsoft Corporation)
    Catalog9 03 C:\windows\SysWOW64\mswsock.dll [286208] (Microsoft Corporation)
    Catalog9 04 C:\windows\SysWOW64\mswsock.dll [286208] (Microsoft Corporation)
    Catalog9 05 C:\windows\SysWOW64\mswsock.dll [286208] (Microsoft Corporation)
    Catalog9 06 C:\windows\SysWOW64\mswsock.dll [286208] (Microsoft Corporation)
    Catalog9 07 C:\windows\SysWOW64\mswsock.dll [286208] (Microsoft Corporation)
    Catalog9 08 C:\windows\SysWOW64\mswsock.dll [286208] (Microsoft Corporation)
    Catalog9 09 C:\windows\SysWOW64\mswsock.dll [286208] (Microsoft Corporation)
    Catalog9 10 C:\windows\SysWOW64\mswsock.dll [286208] (Microsoft Corporation)
    Catalog9 11 C:\windows\SysWOW64\vsocklib.dll [64192] (VMware, Inc.)
    Catalog9 12 C:\windows\SysWOW64\vsocklib.dll [64192] (VMware, Inc.)
    x64-Catalog5 01 C:\Windows\System32\napinsp.dll [69120] (Microsoft Corporation)
    x64-Catalog5 02 C:\Windows\System32\pnrpnsp.dll [88576] (Microsoft Corporation)
    x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [88576] (Microsoft Corporation)
    x64-Catalog5 04 C:\Windows\System32\NLAapi.dll [86016] (Microsoft Corporation)
    x64-Catalog5 05 C:\Windows\System32\mswsock.dll [339456] (Microsoft Corporation)
    x64-Catalog5 06 C:\Windows\System32\winrnr.dll [30720] (Microsoft Corporation)
    x64-Catalog9 01 C:\Windows\System32\mswsock.dll [339456] (Microsoft Corporation)
    x64-Catalog9 02 C:\Windows\System32\mswsock.dll [339456] (Microsoft Corporation)
    x64-Catalog9 03 C:\Windows\System32\mswsock.dll [339456] (Microsoft Corporation)
    x64-Catalog9 04 C:\Windows\System32\mswsock.dll [339456] (Microsoft Corporation)
    x64-Catalog9 05 C:\Windows\System32\mswsock.dll [339456] (Microsoft Corporation)
    x64-Catalog9 06 C:\Windows\System32\mswsock.dll [339456] (Microsoft Corporation)
    x64-Catalog9 07 C:\Windows\System32\mswsock.dll [339456] (Microsoft Corporation)
    x64-Catalog9 08 C:\Windows\System32\mswsock.dll [339456] (Microsoft Corporation)
    x64-Catalog9 09 C:\Windows\System32\mswsock.dll [339456] (Microsoft Corporation)
    x64-Catalog9 10 C:\Windows\System32\mswsock.dll [339456] (Microsoft Corporation)
    x64-Catalog9 11 C:\Windows\System32\vsocklib.dll [68288] (VMware, Inc.)
    x64-Catalog9 12 C:\Windows\System32\vsocklib.dll [68288] (VMware, Inc.)
     
    ========================= Event log errors: ===============================
     
    Application errors:
    ==================
    Error: (07/03/2017 12:24:31 AM) (Source: Windows Search Service) (User: )
    Description: Det gick inte att hämta registerinfo om prestandaräknare för WSearchIdxPi för instansen   på grund av följande fel: Åtgärden har slutförts.   0x0.
     
    Error: (07/03/2017 12:24:31 AM) (Source: Windows Search Service) (User: )
    Description: Det går inte att initiera prestandaövervakning för insamlingsobjektet eftersom räknarna inte har lästs in eller det delade minnesobjektet inte går att öppna. Detta påverkar endast tillgängligheten för prestandaräknarna. Starta om datorn.
     
    Kontext: program , katalog SystemIndex
     
    Error: (07/03/2017 12:24:30 AM) (Source: Windows Search Service) (User: )
    Description: Det går inte att initiera prestandaövervakning för insamlingstjänsten eftersom räknarna inte har lästs in eller det delade minnesobjektet inte går att öppna. Detta påverkar endast tillgängligheten för prestandaräknarna. Starta om datorn.
     
    Error: (07/03/2017 12:05:14 AM) (Source: SideBySide) (User: )
    Description: Det gick inte att skapa aktiveringskontext för Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="arm",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1.
    Den beroende sammansättningen Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="arm",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" kunde inte hittas.
    Använd sxstrace.exe om du vill diagnostisera ytterligare.
     
    Error: (07/02/2017 03:13:18 PM) (Source: Perflib) (User: )
    Description: .NETFrameworkC:\windows\system32\mscoree.dll8
     
    Error: (07/02/2017 12:56:14 AM) (Source: SideBySide) (User: )
    Description: Det gick inte att skapa aktiveringskontext för Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="arm",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1.
    Den beroende sammansättningen Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="arm",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" kunde inte hittas.
    Använd sxstrace.exe om du vill diagnostisera ytterligare.
     
    Error: (07/01/2017 10:01:49 PM) (Source: Windows Search Service) (User: )
    Description: Det gick inte att hämta registerinfo om prestandaräknare för WSearchIdxPi för instansen   på grund av följande fel: Åtgärden har slutförts.   0x0.
     
    Error: (07/01/2017 10:01:46 PM) (Source: Windows Search Service) (User: )
    Description: Det går inte att initiera prestandaövervakning för insamlingsobjektet eftersom räknarna inte har lästs in eller det delade minnesobjektet inte går att öppna. Detta påverkar endast tillgängligheten för prestandaräknarna. Starta om datorn.
     
    Kontext: program , katalog SystemIndex
     
    Error: (07/01/2017 10:01:43 PM) (Source: Windows Search Service) (User: )
    Description: Det går inte att initiera prestandaövervakning för insamlingstjänsten eftersom räknarna inte har lästs in eller det delade minnesobjektet inte går att öppna. Detta påverkar endast tillgängligheten för prestandaräknarna. Starta om datorn.
     
    Error: (07/01/2017 05:03:48 PM) (Source: Microsoft-Windows-LocationProvider) (User: NT instans)
    Description: -2147024883
     
     
    System errors:
    =============
    Error: (07/03/2017 12:24:13 AM) (Source: Service Control Manager) (User: )
    Description: Tjänsten Origin Web Helper Service kunde inte startas på grund av följande fel: 
    %%1053 = Tjänsten svarade inte på start- eller kontrollbegäran i tid.
     
     
    Error: (07/03/2017 12:24:13 AM) (Source: Service Control Manager) (User: )
    Description: En timeout (30000 ms) inträffade vid väntan på att tjänsten Origin Web Helper Service skulle ansluta.
     
    Error: (07/02/2017 08:12:04 PM) (Source: DCOM) (User: FARFAR)
    Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
     
    Error: (07/02/2017 08:11:34 PM) (Source: DCOM) (User: FARFAR)
    Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}
     
    Error: (07/02/2017 03:13:18 PM) (Source: DCOM) (User: FARFAR)
    Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
     
    Error: (07/02/2017 03:12:48 PM) (Source: DCOM) (User: FARFAR)
    Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}
     
    Error: (07/02/2017 04:29:34 AM) (Source: DCOM) (User: FARFAR)
    Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}
     
    Error: (07/02/2017 04:29:04 AM) (Source: DCOM) (User: FARFAR)
    Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
     
    Error: (07/01/2017 10:01:17 PM) (Source: Service Control Manager) (User: )
    Description: Tjänsten Origin Web Helper Service kunde inte startas på grund av följande fel: 
    %%1053 = Tjänsten svarade inte på start- eller kontrollbegäran i tid.
     
     
    Error: (07/01/2017 10:01:17 PM) (Source: Service Control Manager) (User: )
    Description: En timeout (30000 ms) inträffade vid väntan på att tjänsten Origin Web Helper Service skulle ansluta.
     
     
    Microsoft Office Sessions:
    =========================
    Error: (07/03/2017 12:24:31 AM) (Source: Windows Search Service)(User: )
    Description: WSearchIdxPiÅtgärden har slutförts.   0x0
     
    Error: (07/03/2017 12:24:31 AM) (Source: Windows Search Service)(User: )
    Description: Kontext: program , katalog SystemIndex
     
    Error: (07/03/2017 12:24:30 AM) (Source: Windows Search Service)(User: )
    Description: 
     
    Error: (07/03/2017 12:05:14 AM) (Source: SideBySide)(User: )
    Description: Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="arm",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"C:\Program Files (x86)\Microsoft Visual Studio 14.0\VC\redist\1033\vcredist_arm.exe
     
    Error: (07/02/2017 03:13:18 PM) (Source: Perflib)(User: )
    Description: .NETFrameworkC:\windows\system32\mscoree.dll8
     
    Error: (07/02/2017 12:56:14 AM) (Source: SideBySide)(User: )
    Description: Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="arm",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"C:\Program Files (x86)\Microsoft Visual Studio 14.0\VC\redist\1033\vcredist_arm.exe
     
    Error: (07/01/2017 10:01:49 PM) (Source: Windows Search Service)(User: )
    Description: WSearchIdxPiÅtgärden har slutförts.   0x0
     
    Error: (07/01/2017 10:01:46 PM) (Source: Windows Search Service)(User: )
    Description: Kontext: program , katalog SystemIndex
     
    Error: (07/01/2017 10:01:43 PM) (Source: Windows Search Service)(User: )
    Description: 
     
    Error: (07/01/2017 05:03:48 PM) (Source: Microsoft-Windows-LocationProvider)(User: NT instans)
    Description: -2147024883
     
     
    CodeIntegrity Errors:
    ===================================
      Date: 2016-09-23 09:47:32.040
      Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files (x86)\Common Files\Avnex\vcs64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
     
      Date: 2016-09-15 06:32:06.690
      Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files (x86)\Common Files\Avnex\vcs64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
     
      Date: 2016-08-31 12:59:59.983
      Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files (x86)\Common Files\Avnex\vcs64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
     
      Date: 2016-08-25 16:22:58.116
      Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files (x86)\Common Files\Avnex\vcs64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
     
      Date: 2016-06-25 21:14:02.660
      Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.
     
      Date: 2016-06-25 21:06:34.882
      Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.
     
      Date: 2016-06-25 20:53:49.612
      Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.
     
      Date: 2016-06-25 20:43:13.006
      Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.
     
      Date: 2016-06-25 20:34:59.789
      Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.
     
      Date: 2016-06-25 17:46:47.624
      Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.
     
     
    =========================== Installed Programs ============================
     
    .NET Reflector Desktop (HKLM-x32\...\{34795E6B-338D-4A6D-8BCE-906AD056AF4F}) (Version: 9.0.1.374 - Red Gate Software Ltd)
    .NET Reflector Visual Studio Extension 9.0 (HKLM-x32\...\{BDF47606-A702-4FDF-8003-F5B807F54DA3}) (Version: 9.0.1.374 - Red Gate Software Ltd)
    7-Zip 16.02 (x64) (HKLM\...\7-Zip) (Version: 16.02 - Igor Pavlov)
    A3Launcher version 0.1.4.6 (HKLM-x32\...\{1E29A86E-9AE2-4CD8-74C8-6B170ED3C4D2}_is1) (Version: 0.1.4.6 - Maca134)
    Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 4.0.1.188 - Adobe Systems Incorporated)
    Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.188 - Adobe Systems Incorporated)
    Adobe Photoshop CC 2017 (HKLM-x32\...\PHSP_18_1) (Version: 18.1.0 - Adobe Systems Incorporated)
    Aftermath (HKLM\...\Steam App 349700) (Version:  - Free Reign Entertainment)
    Alcor Micro USB Card Reader Driver  (HKLM-x32\...\{7F28165B-148D-4672-AA21-469D9E6E3CB6}) (Version: 20.21.3317.03861 - Alcor Micro Corp.) Hidden
    Alcor Micro USB Card Reader Driver  (HKLM-x32\...\AmUStor) (Version: 20.21.3317.03861 - Alcor Micro Corp.)
    Ansel (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Ansel) (Version: 382.33 - NVIDIA Corporation) Hidden
    APB Reloaded (HKLM-x32\...\Steam App 113400) (Version:  - Reloaded Productions)
    Application Insights Tools for Visual Studio 2015 (HKLM-x32\...\{9F429DF7-F8DD-4980-9673-E6DACA012F6C}) (Version: 3.3 - Microsoft Corporation) Hidden
    Arma 3 (HKLM\...\Steam App 107410) (Version:  - Bohemia Interactive)
    Authoirty (HKLM\...\{69C97AF5-465E-4C36-B7C7-DAD597ED4E78}) (Version: 1.3.5 - Menyoo) Hidden
    Authoirty (HKLM-x32\...\Authoirty 1.3.5) (Version: 1.3.5 - Menyoo)
    Authority (HKLM\...\{83BF47B4-D7C2-4127-A4A8-AD309DA95111}) (Version: 1.6.0 - Menyoo) Hidden
    Authority (HKLM\...\{D4B72E58-BFC3-489B-A3A9-94ED22D7FE2D}) (Version: 1.7.1 - Menyoo) Hidden
    Authority (HKLM-x32\...\Authority 1.6.0) (Version: 1.6.0 - Menyoo)
    Authority (HKLM-x32\...\Authority 1.7.1) (Version: 1.7.1 - Menyoo)
    Auto Clicker v3.1 (HKLM-x32\...\{C0A7E4F3-82CC-416B-82C6-BA06AACFD635}_is1) (Version: 3.1 - MurGee.com)
    Auto Typer by MurGee v1.16 (HKLM-x32\...\{D04D8636-FB60-47FD-8F8C-18D475C52456}_is1) (Version: 1.16 - MurGee.com)
    AutoHotkey 1.1.22.02 (HKLM\...\AutoHotkey) (Version: 1.1.22.02 - Lexikos)
    Azure AD Authentication Connected Service (HKLM-x32\...\{3FEAC561-1CF6-41D6-B0F3-BECDD9C88A1B}) (Version: 14.0.23107 - Microsoft Corporation) Hidden
    AzureTools.Notifications (HKLM-x32\...\{1E5CA362-39B6-4BD0-B9C0-69CF15F0FEA2}) (Version: 2.7.30611.1601 - Microsoft Corporation) Hidden
    BankID säkerhetsprogram (HKLM-x32\...\{81F0D54A-F439-424E-9872-FB9B56C24AEB}) (Version: 7.0.0.41 - Finansiell ID-Teknik BID AB)
    Battlefield 4™ (HKLM-x32\...\{ABADE36E-EC37-413B-8179-B432AD3FACE7}) (Version: 1.8.2.48475 - Electronic Arts)
    Battlefield™ 1 Open Beta (HKLM-x32\...\{F9E19363-7B10-4F8A-8640-945C36D4B504}) (Version: 1.0.8.10777 - Electronic Arts)
    Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.3.0 - EA Digital Illusions CE AB)
    Blend for Visual Studio SDK for .NET 4.5 (HKLM-x32\...\{37E53780-3944-4A6A-842F-727128E8616E}) (Version: 3.0.40218.0 - Microsoft Corporation) Hidden
    Blueline 1.1.1 (HKLM-x32\...\Blueline_is1) (Version:  - )
    BlueStacks App Player (HKLM-x32\...\{38E69C88-1B39-4A51-96D2-303337D9C210}) (Version: 2.2.18.6014 - BlueStack Systems, Inc.)
    Cain & Abel 4.9.56 (HKLM-x32\...\Cain & Abel 4.9.56) (Version:  - )
    Call of Duty: Advanced Warfare - Multiplayer (HKLM-x32\...\Steam App 209660) (Version:  - Sledgehammer Games)
    CCleaner (HKLM\...\CCleaner) (Version: 5.13 - Piriform)
    CommView (HKLM-x32\...\{70C4E840-DAB4-11DF-5F90-014727066952}) (Version: 6.5 - TamoSoft)
    Counter-Strike: Global Offensive (HKLM\...\Steam App 730) (Version:  - Valve)
    Counter-Strike: Source (HKLM-x32\...\Steam App 240) (Version:  - Valve)
    CPUID CPU-Z 1.72 (HKLM\...\CPUID CPU-Z_is1) (Version:  - )
    Creativerse (HKLM\...\Steam App 280790) (Version:  - Playful Corporation)
    CyberLink Media Suite 10 (HKLM-x32\...\InstallShield_{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}) (Version: 10.0.6.3728 - CyberLink Corp.)
    Cyberlink PhotoDirector (HKLM-x32\...\InstallShield_{39337565-330E-4ab6-A9AE-AC81E0720B10}) (Version: 3.0.5.4824 - CyberLink Corp.)
    CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.6.3702 - CyberLink Corp.)
    CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.6.3625 - CyberLink Corp.)
    CyberLink PowerDVD 12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.3.3626 - CyberLink Corp.)
    D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
    DisableMSDefender (HKLM\...\{74FE39A0-FB76-47CD-84BA-91E2BBB17EF2}) (Version: 1.0.0 - Hewlett-Packard Company) Hidden
    Discord (HKCU\...\Discord) (Version: 0.0.297 - Hammer & Chisel, Inc.)
    Dotfuscator and Analytics Community Edition 5.18.1 (HKLM-x32\...\{9890DF1A-10E9-4236-94B1-1EFAA4099F13}) (Version: 5.18.1.2898 - PreEmptive Solutions) Hidden
    Energy Star (HKLM-x32\...\{FC0ADA4D-8FA5-4452-8AFF-F0A0BAC97EF7}) (Version: 1.0.9 - Hewlett-Packard Company)
    Entity Framework 6.1.3 Tools  for Visual Studio 2015 (HKLM-x32\...\{1A8A9739-BAD7-491F-B5B9-A79A2B965422}) (Version: 14.0.40302.0 - Microsoft Corporation)
    ESN Sonar (HKLM-x32\...\ESN Sonar-0.70.4) (Version: 0.70.4 - ESN Social Software AB)
    ExpressCache (HKLM\...\{44EAE7F6-8BBF-4C3F-A573-3CD5A3C067FA}) (Version: 1.3.110.0 - Condusiv Technologies)
    Fallout 3 (HKLM-x32\...\Steam App 22300) (Version:  - Bethesda Game Studios)
    FlyVPN (HKLM-x32\...\FlyVPN) (Version: 3.5.1.1 - FlyVPN)
    Fotogalleriet (HKLM-x32\...\{5FF3045E-4A36-4B98-9F7F-48B49F4469C7}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
    Fraps (HKLM-x32\...\Fraps) (Version:  - )
    Google Chrome (HKLM-x32\...\Google Chrome) (Version: 59.0.3071.104 - Google Inc.)
    Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.5 - Google Inc.) Hidden
    Gpg4win (2.3.3) (HKLM-x32\...\GPG4Win) (Version: 2.3.3 - The Gpg4win Project)
    Grand Theft Auto IV (HKLM\...\Steam App 12210) (Version:  - Rockstar North)
    Grand Theft Auto V (HKLM-x32\...\{E01FA564-2094-4833-8F2F-1FFEC6AFCC46}) (Version: "1.00.0000" - Rockstar Games)
    Grand Theft Auto V (HKLM-x32\...\Steam App 271590) (Version:  - Rockstar North)
    Gyazo 3.3.2 (HKLM-x32\...\{6DB8C365-E719-4BA5-9594-10DFC244D3FD}_is1) (Version:  - Nota Inc.)
    H1Z1: Just Survive (HKLM\...\Steam App 295110) (Version:  - Daybreak Game Company)
    H1Z1: King of the Kill (HKLM\...\Steam App 433850) (Version:  - Daybreak Game Company)
    Hewlett-Packard ACLM.NET v1.2.2.3 (HKLM-x32\...\{6F340107-F9AA-47C6-B54C-C3A19F11553F}) (Version: 1.00.0000 - Hewlett-Packard Company) Hidden
    HP Documentation (HKLM-x32\...\{06600E94-1C34-40E2-AB09-D30AECF78172}) (Version: 1.1.0.0 - Hewlett-Packard)
    HP Registration Service (HKLM\...\{D1E8F2D7-7794-4245-B286-87ED86C1893C}) (Version: 1.2.7493.4758 - Hewlett-Packard)
    HP SimplePass (HKLM-x32\...\InstallShield_{314FAD12-F785-4471-BCE8-AB506642B9A1}) (Version: 8.01.06 - Hewlett-Packard)
    HP Support Assistant (HKLM-x32\...\{8C696B4B-6AB1-44BC-9416-96EAC474CABE}) (Version: 7.5.2.12 - Hewlett-Packard Company)
    HP Support Information (HKLM-x32\...\{B2B7B1C8-7C8B-476C-BE2C-049731C55992}) (Version: 13.00.0000 - Hewlett-Packard)
    HxD Hex Editor version 1.7.7.0 (HKLM-x32\...\HxD Hex Editor_is1) (Version: 1.7.7.0 - Maël Hörz)
    ICQ (version 10.0.12154) (HKCU\...\icq.desktop) (Version: 10.0.12154 - ICQ)
    IDA Pro Free v5.0 (HKLM-x32\...\IDA Pro Free_is1) (Version:  - Hex-Rays SA)
    IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6496.0 - IDT)
    IIS 10.0 Express (HKLM\...\{5984D8DA-C1AF-4284-9C88-D7150425B315}) (Version: 10.0.1734 - Microsoft Corporation)
    IIS Express Application Compatibility Database for x64 (HKLM\...\{08274920-8908-45c2-9258-8ad67ff77b09}.sdb) (Version:  - )
    IIS Express Application Compatibility Database for x86 (HKLM\...\{ad846bae-d44b-4722-abad-f7420e08bcd9}.sdb) (Version:  - )
    i-Menu version 4.1.3 (HKLM-x32\...\{0121C0BD-363C-4B1D-8B64-FE7681A37D0A}_is1) (Version: 4.1.3 - AOC)
    Inst5675 (HKLM\...\{2DE6247C-7077-451B-8BA7-FFD1A2ABBB47}) (Version: 8.01.06 - Softex Inc.) Hidden
    Inst5676 (HKLM\...\{878F6913-7421-4713-97F7-0A736EE2A188}) (Version: 8.01.06 - Softex Inc.) Hidden
    Java 7 Update 79 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F06417079FF}) (Version: 7.0.790 - Oracle)
    Java 8 Update 60 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418060F0}) (Version: 8.0.600.27 - Oracle Corporation)
    Java SE Development Kit 7 Update 79 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0170790}) (Version: 1.7.0.790 - Oracle)
    JetBrains dotPeek 2016.2.2 (HKCU\...\{74577882-de65-576a-a99d-1ee8fe04c0b3}) (Version: 2016.2.2  - JetBrains s.r.o.)
    JetBrains ReSharper Ultimate in Visual Studio 2015 (HKCU\...\{02ee0a0e-7567-5503-9c73-1d5e05353513}) (Version: 2016.2.2  - JetBrains s.r.o.)
    JKZ Mod (HKCU\...\48aca53fe04c254a) (Version: 1.0.0.0 - Hewlett-Packard Company)
    Last Man Standing (HKLM\...\Steam App 506540) (Version:  - Free Reign Entertainment)
    Logitech G430 Driver (HKLM-x32\...\G430_Driver) (Version: 8.53.0.2 - Logitech)
    Logitech Gaming Software 8.81 (HKLM\...\Logitech Gaming Software) (Version: 8.81.15 - Logitech Inc.)
    Malwarebytes Anti-Malware version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
    MasterKeys Pro L Settings software (HKLM-x32\...\{1A3E3EA7-5A7C-4292-8A13-B0DE1BF49E13}_MASTERKEYS_PRO_L) (Version: 0.051 - Cooler Master)
    Menyoo (HKLM\...\{D01E76E8-1A8D-4AB6-9D8D-0F2C78D37F3B}) (Version: 1.7.5 - Menyoo) Hidden
    Menyoo (HKLM-x32\...\Menyoo 1.7.5) (Version: 1.7.5 - Menyoo)
    Microsoft .NET Framework 4.5 Multi-Targeting Pack (HKLM-x32\...\{56E962F0-4FB0-3C67-88DB-9EAA6EEFC493}) (Version: 4.5.50710 - Microsoft Corporation)
    Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (ENU) (HKLM-x32\...\{D3517C62-68A5-37CF-92F7-93C029A89681}) (Version: 4.5.50932 - Microsoft Corporation)
    Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (HKLM-x32\...\{6A0C6700-EA93-372C-8871-DCCF13D160A4}) (Version: 4.5.50932 - Microsoft Corporation)
    Microsoft .NET Framework 4.5.1 SDK (HKLM-x32\...\{19A5926D-66E1-46FC-854D-163AA10A52D3}) (Version: 4.5.51641 - Microsoft Corporation)
    Microsoft .NET Framework 4.5.2 Multi-Targeting Pack (ENU) (HKLM-x32\...\{290FC320-2F5A-329E-8840-C4193BD7A9EE}) (Version: 4.5.51209 - Microsoft Corporation)
    Microsoft .NET Framework 4.5.2 Multi-Targeting Pack (HKLM-x32\...\{B941AFB4-8851-33A1-9E72-0C33D463C41C}) (Version: 4.5.51209 - Microsoft Corporation)
    Microsoft .NET Framework 4.6 SDK (HKLM-x32\...\{B5915D37-0637-4A26-A3AA-C5DC9F856370}) (Version: 4.6.00081 - Microsoft Corporation)
    Microsoft .NET Framework 4.6 Targeting Pack (ENU) (HKLM-x32\...\{3D3CEBE6-40EA-4C48-97FD-73828281AB4A}) (Version: 4.6.00081 - Microsoft Corporation)
    Microsoft .NET Framework 4.6 Targeting Pack (HKLM-x32\...\{2CC6A4A7-AAC2-46C9-9DBB-3727B5954F65}) (Version: 4.6.00081 - Microsoft Corporation)
    Microsoft .NET Version Manager (x64) 1.0.0-beta5 (HKLM\...\{c5a4aba3-1aba-3ef8-b2d5-c3fa37f59738}) (Version: 1.0.10609.0 - Microsoft Corporation)
    Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
    Microsoft Expression Encoder 4 (HKLM-x32\...\Encoder_4.0.1651.0) (Version: 4.0.1651.0 - Microsoft Corporation)
    Microsoft Expression Encoder 4 Screen Capture Codec (HKLM-x32\...\{F940D859-DDB5-4067-82E2-3C8D02F8E09F}) (Version: 4.0.1653.0 - Microsoft Corporation)
    Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation)
    Microsoft Games for Windows Marketplace (HKLM-x32\...\{67F42018-F647-4D3C-BE62-F8CB4FE2FCD5}) (Version: 3.5.67.0 - Microsoft Corporation)
    Microsoft Help Viewer 2.2 (HKLM-x32\...\Microsoft Help Viewer 2.2) (Version: 2.2.23107 - Microsoft Corporation)
    Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation)
    Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
    Microsoft SQL Server 2012 Command Line Utilities  (HKLM\...\{9D573E71-1077-4C7E-B4DB-4E22A5D2B48B}) (Version: 11.0.2100.60 - Microsoft Corporation)
    Microsoft SQL Server 2012 Native Client  (HKLM\...\{49D665A2-4C2A-476E-9AB8-FCC425F526FC}) (Version: 11.0.2100.60 - Microsoft Corporation)
    Microsoft SQL Server 2014 Management Objects  (HKLM-x32\...\{2774595F-BC2A-4B12-A25B-0C37A37049B0}) (Version: 12.0.2000.8 - Microsoft Corporation)
    Microsoft SQL Server 2014 Management Objects  (x64) (HKLM\...\{1F9EB3B6-AED7-4AA7-B8F1-8E314B74B2A5}) (Version: 12.0.2000.8 - Microsoft Corporation)
    Microsoft SQL Server 2014 Transact-SQL ScriptDom  (HKLM\...\{020CDFE0-C127-4047-B571-37C82396B662}) (Version: 12.0.2000.8 - Microsoft Corporation)
    Microsoft SQL Server 2014 T-SQL Language Service  (HKLM-x32\...\{47D08E7A-92A1-489B-B0BF-415516497BCE}) (Version: 12.0.2000.8 - Microsoft Corporation)
    Microsoft SQL Server Compact 4.0 SP1 x64 ENU (HKLM\...\{78909610-D229-459C-A936-25D92283D3FD}) (Version: 4.0.8876.1 - Microsoft Corporation)
    Microsoft SQL Server Data Tools - enu (14.0.50616.0) (HKLM-x32\...\{58246C80-3941-4B69-AE31-264644E2ADB8}) (Version: 14.0.50616.0 - Microsoft Corporation)
    Microsoft System CLR Types for SQL Server 2014 (HKLM\...\{68BA34E8-9B9D-4A74-83F0-7D366B532D75}) (Version: 12.0.2402.11 - Microsoft Corporation)
    Microsoft System CLR Types for SQL Server 2014 (HKLM-x32\...\{718FFB65-F6E4-4D62-861F-ED10ED32C936}) (Version: 12.0.2402.11 - Microsoft Corporation)
    Microsoft Web Deploy 3.6 (HKLM\...\{ED4CC1E5-043E-4157-8452-B5E533FE2BA1}) (Version: 3.1238.1955 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
    Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
    Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
    Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
    Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
    Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
    Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
    Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
    Microsoft Visual Studio Community 2015 (HKLM-x32\...\{50b32652-69d2-4b93-9316-edcd12067b8b}) (Version: 14.0.23107.10 - Microsoft Corporation)
    Movie Maker (HKLM-x32\...\{5D3B997B-DF28-4BC1-82E6-E6C29A53AF6E}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
    Movie Maker (HKLM-x32\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
    Mozilla Firefox 51.0.1 (x86 sv-SE) (HKLM-x32\...\Mozilla Firefox 51.0.1 (x86 sv-SE)) (Version: 51.0.1 - Mozilla)
    Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 51.0.1.6234 - Mozilla)
    MSI Afterburner 4.2.0 (HKLM-x32\...\Afterburner) (Version: 4.2.0 - MSI Co., LTD)
    MSI Gaming APP (HKLM-x32\...\{E0229316-E73B-484B-B9E0-45098AB38D8C}}_is1) (Version: 5.0.0.25 - MSI)
    MSI Live Update 6 (HKLM-x32\...\{4F46CF54-47D2-41F4-B230-B0954C544420}}_is1) (Version: 6.1.009 - MSI)
    Multi-Device Hybrid Apps using C# - Templates - ENU (HKLM-x32\...\{12D99739-FFD3-3761-8AA6-F929E0FE407E}) (Version: 14.0.23107 - Microsoft Corporation) Hidden
    NordVPN (HKLM-x32\...\{24202B92-D2A2-4FCE-A041-D6E7DE02603C}) (Version: 6.0.0 - NordVPN) Hidden
    NordVPN (HKLM-x32\...\NordVPN 6.0.0) (Version: 6.0.0 - NordVPN)
    Notepad++ (32-bit x86) (HKLM-x32\...\Notepad++) (Version: 7.2 - Notepad++ Team)
    NVIDIA 3D Vision drivrutin 382.33 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 382.33 - NVIDIA Corporation)
    NVIDIA 3D Vision drivrutin för styrenhet 369.04 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 369.04 - NVIDIA Corporation)
    NVIDIA GeForce Experience 3.6.0.74 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.6.0.74 - NVIDIA Corporation)
    NVIDIA Grafikdrivrutin 382.33 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 382.33 - NVIDIA Corporation)
    NVIDIA HD audiodrivrutin 1.3.34.26 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.26 - NVIDIA Corporation)
    NVIDIA Miracast virtuell audio 382.33 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Miracast.VirtualAudio) (Version: 382.33 - NVIDIA Corporation)
    NVIDIA PhysX systemprogramvara 9.17.0329 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0329 - NVIDIA Corporation)
    NvNodejs (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvNodejs) (Version: 3.6.0.74 - NVIDIA Corporation) Hidden
    NvTelemetry (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvTelemetry) (Version: 2.4.10.0 - NVIDIA Corporation) Hidden
    NvvHci (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvvHci) (Version: 2.02.0.5 - NVIDIA Corporation) Hidden
    OCCT 4.4.1 (HKLM-x32\...\OCCT) (Version: 4.4.1 - Ocbase.com)
    Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version:  - )
    OpenIV (HKCU\...\OpenIV) (Version: 2.8.703 - .black/OpenIV Team)
    OpenVPN Connect (HKLM-x32\...\{3D9A5267-3236-4BCC-AA45-2CE16F531187}) (Version: 2.0.8.106 - OpenVPN Technologies)
    Opera Stable 44.0.2510.857 (HKLM-x32\...\Opera 44.0.2510.857) (Version: 44.0.2510.857 - Opera Software)
    Oracle VM VirtualBox 5.1.4 (HKLM\...\{4EF3FBF6-697D-440A-AADA-7F5D39B73E62}) (Version: 5.1.4 - Oracle Corporation)
    Origin (HKLM-x32\...\Origin) (Version: 10.4.9.38188 - Electronic Arts, Inc.)
    osu! (HKLM-x32\...\{72f18568-8b56-4dbd-89ef-4c13a51c8fa2}) (Version: latest - ppy Pty Ltd)
    PC Wizard 2013.2.12 (HKLM-x32\...\PC Wizard 2013_is1) (Version:  - CPUID)
    Phoenix Protector (HKLM-x32\...\{32A1C684-C199-4DD2-9F89-8F44C655D4EC}) (Version: 1.7.1 - NTCore)
    Pidgin (HKLM-x32\...\Pidgin) (Version: 2.12.0 - )
    PreEmptive Analytics Visual Studio Components (HKLM-x32\...\{436A18DD-5F2C-4B3C-985E-AD3C13B0CC25}) (Version: 1.2.5134.1 - PreEmptive Solutions) Hidden
    Prerequisites for SSDT  (HKLM-x32\...\{21373064-AD95-48DB-A32E-0D9E08EF7355}) (Version: 12.0.2000.8 - Microsoft Corporation)
    Project CARS (HKLM\...\Steam App 234630) (Version:  - Slightly Mad Studios)
    PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)
    Python 3.5.2 (32-bit) (HKCU\...\{cf72a2ab-2f1d-49fd-a0d7-1065e6357e1e}) (Version: 3.5.2150.0 - Python Software Foundation)
    Python 3.5.2 Core Interpreter (32-bit) (HKLM-x32\...\{EB0611B2-7F10-4D97-BCF2-DCAAB1199498}) (Version: 3.5.2150.0 - Python Software Foundation) Hidden
    Python 3.5.2 Development Libraries (32-bit) (HKLM-x32\...\{5DB2183B-62D3-407F-BBC1-EAD2F36283FA}) (Version: 3.5.2150.0 - Python Software Foundation) Hidden
    Python 3.5.2 Documentation (32-bit) (HKLM-x32\...\{1FBA5182-78DD-4940-9F06-96E5042B7061}) (Version: 3.5.2150.0 - Python Software Foundation) Hidden
    Python 3.5.2 Executables (32-bit) (HKLM-x32\...\{33B10015-A9B1-4210-B50A-26C6443979B0}) (Version: 3.5.2150.0 - Python Software Foundation) Hidden
    Python 3.5.2 pip Bootstrap (32-bit) (HKLM-x32\...\{9ADF9987-3327-48C6-91B3-B10900366491}) (Version: 3.5.2150.0 - Python Software Foundation) Hidden
    Python 3.5.2 Standard Library (32-bit) (HKLM-x32\...\{FCBB04F4-D2CF-4F55-BE92-B3898696B318}) (Version: 3.5.2150.0 - Python Software Foundation) Hidden
    Python 3.5.2 Tcl/Tk Support (32-bit) (HKLM-x32\...\{C1153533-FDC4-4922-892D-B71810F69566}) (Version: 3.5.2150.0 - Python Software Foundation) Hidden
    Python 3.5.2 Test Suite (32-bit) (HKLM-x32\...\{9D50A6D7-410A-4469-87B7-35FA84CBD479}) (Version: 3.5.2150.0 - Python Software Foundation) Hidden
    Python 3.5.2 Utility Scripts (32-bit) (HKLM-x32\...\{E6DEBF43-7ACF-4E88-9BBF-9B5945683281}) (Version: 3.5.2150.0 - Python Software Foundation) Hidden
    Python Launcher (HKLM-x32\...\{963ECCDD-F09F-4C24-9367-8B5D748AA7C8}) (Version: 3.5.2121.0 - Python Software Foundation)
    qTox (HKLM-x32\...\qTox) (Version: 1.8.1 - The qTox Project)
    Qualcomm Atheros Driver Installation Program (HKLM-x32\...\{C3A32068-8AB1-4327-BB16-BED9C6219DC7}) (Version: 10.0 - Qualcomm Atheros)
    Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9200.30164 - Realtek Semiconductor Corp.)
    Recovery Manager (HKLM-x32\...\{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}) (Version: 5.5.0.7316 - CyberLink Corp.) Hidden
    Recuva (HKLM\...\Recuva) (Version: 1.53 - Piriform)
    Remote Desktop Connection Manager (HKLM-x32\...\{0240359E-6A4C-4884-9E94-B397A02D893C}) (Version: 2.7.14060 - Microsoft Corporation)
    Resource Hacker Version 4.2.5 (HKLM-x32\...\ResourceHacker_is1) (Version:  - )
    Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
    rFactor Demo (HKLM-x32\...\Steam App 353320) (Version:  - Image Space Incorporated)
    Rising World (HKLM\...\Steam App 324080) (Version:  - JIW-Games)
    RivaTuner Statistics Server 6.4.1 (HKLM-x32\...\RTSS) (Version: 6.4.1 - Unwinder)
    ROBLOX Player for elgiganten-demo (HKCU\...\{373B1718-8CC5-4567-8EE2-9033AD08A680}) (Version:  - ROBLOX Corporation)
    Robocraft (HKLM-x32\...\Steam App 301520) (Version:  - Freejam)
    RoBoRumble (HKLM\...\Steam App 420970) (Version:  - Metropolis)
    Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.2.1.9 - Rockstar Games)
    Roslyn Language Services - x86 (HKLM-x32\...\{5B47029B-1E62-30FF-906E-694851C22782}) (Version: 14.0.23107 - Microsoft Corporation) Hidden
    Roslyn Language Services - x86 (HKLM-x32\...\{6C1985E7-E1C5-3A95-86EF-2C62465F15C3}) (Version: 14.0.23107 - Microsoft Corporation) Hidden
    S.K.I.L.L. - Special Force 2 (HKLM-x32\...\Steam App 286940) (Version:  - )
    Sandboxie 5.12 (64-bit) (HKLM\...\Sandboxie) (Version: 5.12 - Sandboxie Holdings, LLC)
    SHIELD Streaming (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv) (Version: 7.1.0370 - NVIDIA Corporation) Hidden
    SHIELD Wireless Controller Driver (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShieldWirelessController) (Version: 3.6.0.74 - NVIDIA Corporation) Hidden
    Skype™ 7.25 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.25.106 - Skype Technologies S.A.)
    SmartAssembly 6 (HKLM\...\{09D5CC0D-0505-4A3D-AB2D-560206B0E6EB}) (Version: 6.9.0.114 - Red Gate Software Ltd)
    SoftEther VPN Client (HKLM\...\softether_sevpnclient) (Version: 4.22.9634 - SoftEther VPN Project)
    Speccy (HKLM\...\Speccy) (Version: 1.28 - Piriform)
    SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version:  - )
    Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
    TAP-Windows 9.21.2 (HKLM\...\TAP-Windows) (Version: 9.21.2 - )
    Team Explorer for Microsoft Visual Studio 2015 (HKLM-x32\...\{791295AE-3B0A-3222-9E69-26C8C106E8D1}) (Version: 14.0.23102 - Microsoft Corporation) Hidden
    Team Fortress 2 (HKLM-x32\...\Steam App 440) (Version:  - Valve)
    TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.18 - TeamSpeak Systems GmbH)
    TeamViewer 12 (HKLM-x32\...\TeamViewer) (Version: 12.0.78313 - TeamViewer)
    Telerik JustDecompile Q2 2016 SP2 (HKLM-x32\...\{46E0879B-43C3-467D-91DD-56723E3F6378}) (Version: 16.2.718.0 - Telerik AD)
    Test Tools for Microsoft Visual Studio 2015 (HKLM-x32\...\{9EABBFE1-7EED-47D9-8FB8-21D7E4808057}) (Version: 14.0.23107 - Microsoft Corporation) Hidden
    The Elder Scrolls V: Skyrim (HKLM-x32\...\Steam App 72850) (Version:  - Bethesda Game Studios)
    Tom Clancy's Ghost Recon Phantoms - EU (HKLM-x32\...\Steam App 272350) (Version:  - Ubisoft Singapore)
    TypeScript Power Tool (HKLM-x32\...\{6E3FB6C9-8C3C-45D4-BD9E-AECA430EE8E0}) (Version: 1.5.3.0 - Microsoft Corporation) Hidden
    TypeScript Tools for Microsoft Visual Studio 2015 (HKLM-x32\...\{EA2C2406-C25C-4845-842F-360EFEA4CDCE}) (Version: 1.5.3.0 - Microsoft Corporation) Hidden
    TypeScript Tools for Microsoft Visual Studio 2015 1.5.3.0 (HKLM-x32\...\{7f54b430-3428-4775-aeae-531e46185ec6}) (Version: 1.5.23115.0 - Microsoft Corporation)
    Universal CRT Extension SDK (HKLM-x32\...\{284FA9A0-CEDD-81D3-5A19-5858E95FD0C4}) (Version: 10.0.10150 - Microsoft Corporation) Hidden
    Universal CRT Headers Libraries and Sources (HKLM-x32\...\{ABD37F71-FC3F-F525-C7B3-BDD95F684C51}) (Version: 10.0.10150 - Microsoft Corporation) Hidden
    Universal CRT Redistributable (HKLM-x32\...\{74E0F5DD-514A-4F85-0EE0-1E2EBB8BFC8C}) (Version: 10.0.10150 - Microsoft Corporation) Hidden
    Universal CRT Tools x64 (HKLM\...\{4C8DCEB6-5D3C-90BD-6E31-A8342B9185FF}) (Version: 10.0.10150 - Microsoft Corporation) Hidden
    Universal CRT Tools x86 (HKLM-x32\...\{DE0B03D4-5A26-DEEC-F62E-278EF28BA58E}) (Version: 10.0.10150 - Microsoft Corporation) Hidden
    Unturned (HKLM-x32\...\Steam App 304930) (Version:  - Nelson Sexton)
    Update for  (KB2504637) (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}.KB2504637) (Version: 1 - Microsoft Corporation)
    Warface (HKLM-x32\...\Steam App 291480) (Version:  - Crytek)
    WARMODE (HKLM-x32\...\Steam App 391460) (Version:  - WARTEAM)
    WCF Data Services 5.6.4 Runtime (HKLM-x32\...\{DB85E7BD-B2DD-43D4-B3C0-23D7B527B597}) (Version: 5.6.62175.4 - Microsoft Corporation) Hidden
    WCF Data Services Tools for Microsoft Visual Studio 2015 (HKLM-x32\...\{0A3B508E-5638-4471-BCC9-954E1868CB86}) (Version: 5.6.62175.4 - Microsoft Corporation) Hidden
    Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
    Windscribe version 1.70 build 4 (HKLM-x32\...\{fa690e90-ddb0-4f0c-b3f1-136c084e5fc7}_is1) (Version: 1.70 build 4 - Windscribe)
    WinPcap 4.1.3 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2980 - Riverbed Technology, Inc.)
    WinSCP 5.9.1 (HKLM-x32\...\winscp3_is1) (Version: 5.9.1 - Martin Prikryl)
    Wireshark 1.12.6 (64-bit) (HKLM-x32\...\Wireshark) (Version: 1.12.6 - The Wireshark developer community, http://www.wireshark.org)
    Virtual Audio Cable 4.10 (HKLM\...\Virtual Audio Cable 4.10) (Version:  - )
    VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
    VMware Player (HKLM\...\{E452E727-86B8-4233-8CC3-41FD817AFAFF}) (Version: 7.1.0 - VMware, Inc.) Hidden
    VMware Player (HKLM-x32\...\VMware_Player) (Version: 7.1.0 - VMware, Inc)
    VNC Server 5.3.2 (HKLM\...\{BD3BF59A-3CD6-49B3-A166-E57BF55FF959}) (Version: 5.3.2.19179 - RealVNC Ltd)
    VNC Viewer 5.3.2 (HKLM\...\{F10020E5-D194-469E-B494-DDCE5D76A3A0}) (Version: 5.3.2.19179 - RealVNC Ltd)
    Voxal Voice Changer (HKLM-x32\...\Voxal) (Version: 1.35 - NCH Software)
    Vulkan Run Time Libraries 1.0.42.1 (HKLM\...\VulkanRT1.0.42.1) (Version: 1.0.42.1 - LunarG, Inc.)
     
    ========================= Devices: ================================
     
     
    ========================= Memory info: ===================================
     
    Percentage of memory in use: 49%
    Total physical RAM: 12212.94 MB
    Available physical RAM: 6133.38 MB
    Total Virtual: 24500.94 MB
    Available Virtual: 17581.72 MB
     
    ========================= Partitions: =====================================
     
    1 Drive c: (Windows) (Fixed) (Total:1847.95 GB) (Free:599.23 GB) NTFS
    2 Drive d: (Bajs) (Fixed) (Total:13.59 GB) (Free:13.53 GB) NTFS
     
    ========================= Users: ========================================
     
    Anv„ndarkonton f”r \\FARFAR
     
    Administrat”r            elgiganten-demo          G„st                     
    Kommandot har utf”rts.
     
     
    **** End of log ****
     

    • 0

    #8
    RKinner

    RKinner

      Malware Expert

    • Expert
    • 20,024 posts
    • MVP

    Get a second opinion on the temps with Speedfan:

     

     
     
    Download, save and Install it (Win 7+ or Vista right click and Run As Admin.) then run it (Win 7+ or Vista right click and Run As Admin.).
     
    It will tell you your temps in real time tho the default is to show the hard drive temp in the systray.  You can change it:  Hit Configure then click on the highest temp and check Show in tray
     
    A desktop should run about 45 C or so when idle and it should stay under 65 when watching a video, playing a game or doing an anti-virus scan.
     
     
     
    You do not have the latest Java.
    First go into Control Panel, Add/Remove Software (XP) or Programs and Features (Vista/Win 7) and remove any old versions (which may call themselves: Java Runtime, Runtime Environment, Runtime, JRE, Java Virtual Machine, Virtual Machine, Java VM, JVM, VM, J2RE, J2SE)
    I see:
    Java 7 Update 79 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F06417079FF}) (Version: 7.0.790 - Oracle)
    Java 8 Update 60 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418060F0}) (Version: 8.0.600.27 - Oracle Corporation)
    Java SE Development Kit 7 Update 79 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0170790}) (Version: 1.7.0.790 - Oracle)
     
    Java has been very vulnerable to infection so unless you absolutely need it you should not reinstall it.
     
    If you feel you must have Java:
    Get the latest Java at:
     
    Save it to your PC then close all browsers and install it.  Do not let it install the yahoo toolbar or other foistware.
    Once installed, go into Control Panel, Java, Security and set the slider to the Highest then OK.
     
    (If you also want the 64 bit version then use the 64 bit version of IE to get it.)
     
     
     

    • 0

    #9
    Alduin

    Alduin

      Banned

    • Topic Starter
    • Banned
    • PipPip
    • 55 posts

    Uninstalled them will reinstall the newer versions later. Speed fan shows that my temps are fine and not over 40 degrees when idle. But even tough my CPU fan sounds like an airplane sometimes haha : D


    • 0

    #10
    RKinner

    RKinner

      Malware Expert

    • Expert
    • 20,024 posts
    • MVP

    Might be time to change out the fan


    • 0

    #11
    Alduin

    Alduin

      Banned

    • Topic Starter
    • Banned
    • PipPip
    • 55 posts

    Yep maybe haha but i will change motherboard and cpu and cooler anyway so : P, well I guess this is the end of the road, Thanks for all the help RKinner much appreciated! :)


    • 0

    #12
    RKinner

    RKinner

      Malware Expert

    • Expert
    • 20,024 posts
    • MVP
     
     
    If we installed Speccy it needs to be uninstalled.  Process Explorer, VEW, AdwCleaner, JRT  and their logs and Speccy's log can just be deleted.
     
    Also make sure you have the latest versions of any adobe.com products you use like Shockwave, Flash or Acrobat.  Flash is now the most malware targeted program so it must be kept up to date.  Be careful with Adobe.  They are fond of offering optional downloads like yahoo or Ask toolbars or that worthless McAfee Security Scan.  Go slow and uncheck the optional stuff.
     
    Whether you use adobe reader, acrobat or fox-it to read pdf files you need to disable Javascript in the program.  There is an exploit out there now that can use it to get on your PC.  For Adobe Reader:  Start, All Programs, Adobe Reader, Edit, Preferences, Click on Javascript in the left column and uncheck Enable Acrobat Javascript.  OK Close program.  It's the same for Foxit reader except you uncheck Enable Javascript Actions. 
     
     
    If you use Chrome/Firefox then get the Ublock Origin  Add-on from https://www.ublock.org/.  For IE go to adblockplus.org  and get the add-on.  (It's actually a program for IE)
     
    If Chrome/Firefox is slow loading make sure it only has the current Java add-on.  Then download and run Speedy Fox.
    http://www.crystalidea.com/speedyfox.  Close Chrome/Firefox/Skpe. Hit Optimize.   You can run it any time that Chrome/Firefox seems slow starting..
     
    To prevent a relatively new phishing attack:  In Firefox, type:
     
    about:config
     
    in the URL box and hit Enter.  You should get a new page of options (if you get a notice about voiding the warranty just cancel the warning).  In the Search box put in 
     
    puny
     
    You should only get one option:
    network.IDN_show_punycode
    We want it to say True but by default it is False so double click on it to toggle from False to True.
    Close and restart firefox.
     
    To test it you can go to:
     
     
    If the value is false you will see https://www.apple.cominstead of the correct value
     
     
    If you are a Facebook user get the FB Purity extension for your browser:
    This will stop all of the suggested pages and ads so that Facebook loads much quicker.
     
     
    Be warned:  If you use Limewire, utorrent or any of the other P2P programs you will probably be coming back to the Malware Removal forum.  If you must use P2P then submit any files you get to http://virustotal.combeforeyou open them.
     
    Due to a recent rise in the number of Crytolocker infections I am now recommending you install:
     
    CryptoPrevent
     
     
    The free version does not update on its own so you should check for updated versions once in a while. When you install it the default is NONE which is kind of worthless so change it to Standard or default. If you have problems after installing CryptoPrevent you can just uninstall it.
     
    If you have a router, log on to it today and change the default password!  If using a Wireless router you really should be using encryption on the link.  Use the strongest (newest) encryption method that your router and PC wireless adapter support especially if you own a business.  See http://www.king5.com...0637284.htmlandhttp://www.seattlepi...ted-1344185.php for why encryption is important.  If you don't know how, visit the router maker's website.  They all have detailed step by step instructions or a wizard you can download.
     
    Special note on Java.  Old Java versions should be removed after first clearing the Java Cache by following the instructions in:
    Then remove the old versions by going to Control Panel, Programs and Features and Uninstall all Java programs which are not Java Version 7 update 25 or better.  These may call themselves: Java Runtime, Runtime Environment, Runtime, JRE, Java Virtual Machine, Virtual Machine, Java VM, JVM, VM, J2RE, J2SE.  Get the latest version from Java.com.  They will usually attempt to foist some garbage like the Ask toolbar, Yahoo toolbar or McAfee Security Scan on you as part of the download.  Just uncheck the garbage before the download (or install) starts.  If you use a 64-bit browser and want the 64-bit version of Java you need to use it to visit java.com.
    Due to multiple security problems with Java we are now recommending that it not be installed unless you absolutely know you need it.  IF that is the case then go to Control Panel, Java, Security and slide it up to the highest level.  OK.

    • 0






    Similar Topics

    0 user(s) are reading this topic

    0 members, 0 guests, 0 anonymous users

    As Featured On:

    Microsoft Yahoo BBC MSN PC Magazine Washington Post HP