Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Second hand computer: Infected, pirated software. want it all gone. I

Started by benjy1 , Oct 20 2017 03:41 AM

  • Please log in to reply

#1
benjy1
Posted 20 October 2017 - 03:41 AM

benjy1

    New Member

  • Member
  • Pip
  • 8 posts

Just got given a second hand computer. I think i can spot illegal software and might be infected. I would like to know what to uninstall and any infections please.  Please keep it simple i am no computer expert

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 18-10-2017
Ran by TMine (administrator) on Tim (18-10-2017 16:01:14)
Running from C:\Users\TMine\Desktop
Loaded Profiles: TMine (Available Profiles: TMine & Visitor)
Platform: Windows 10 Pro Version 1703 15063.674 (X64) Language: English (United Kingdom)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(AMD) C:\Windows\System32\atiesrxx.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AAHM\1.00.22\aaHMSvc.exe
() C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsusFanControlService\1.06.26\AsusFanControlService.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Electronic Arts) E:\Games\Origin\OriginWebHelperService.exe
(Plays.tv, LLC) C:\Program Files (x86)\Raptr Inc\PlaysTV\plays_service.exe
(Motorola) C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe
(Native Instruments GmbH) C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe
(Media Gobbler, Inc) C:\Program Files (x86)\Media Gobbler, Inc\Downstream Proxy\downstreamproxyservice.exe
(Motorola Mobility LLC) C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(PACE Anti-Piracy, Inc.) C:\Program Files (x86)\Common Files\PACE\Services\LicenseServices\LDSvc.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite III\AISuite3.exe
() C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DipAwayMode.exe
(Motorola Mobility LLC) C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperAgent.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler64.exe
(HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\MOM.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\CCC.exe
(Advanced Micro Devices, Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\SLSTaskbar.exe
() C:\Program Files (x86)\Quassel\quasselclient.exe
(Valve Corporation) E:\Games\Steam\Steam.exe
(Valve Corporation) E:\Games\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Valve Corporation) E:\Games\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Sports Interactive) E:\Games\Steam\steamapps\common\Football Manager Touch 2017\fm.exe
(Valve Corporation) E:\Games\Steam\GameOverlayUI.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
==================== Registry (Whitelisted) ===========================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [629152 2017-03-18] (Microsoft Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8838400 2016-06-07] (Realtek Semiconductor)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-05-05] (Adobe Systems Incorporated)
HKLM\...\Run: [StartCN] => C:\Program Files\AMD\CNext\CNext\cnext.exe [4926664 2016-02-26] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [Everything] => C:\Program Files\Everything\Everything.exe [2197608 2017-06-07] ()
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [297784 2017-09-11] (Apple Inc.)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [EaseUS EPM Tray Agent] => C:\Program Files (x86)\EaseUS\EaseUS Partition Master 10.5\bin\TrayPopupE\TrayTipAgentE.exe [255072 2014-11-18] ()
HKLM-x32\...\Run: [CAM] => C:\Program Files (x86)\NZXT\CAM\CAMLauncher.exe [45680 2016-02-04] ()
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2380480 2016-06-08] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [PlaysTV] => C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv_launcher.exe [71440 2016-07-13] (Plays.tv, LLC)
HKLM-x32\...\Run: [RIMBBLaunchAgent.exe] => C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe [267792 2013-01-17] (Research In Motion Limited)
HKLM-x32\...\Run: [Raptr] => C:\Program Files (x86)\Raptr Inc\Raptr\raptrstub.exe [58584 2017-05-30] (Raptr, Inc)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-08-04] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [CloantoSoftwareDirector] => C:\Program Files (x86)\Common Files\Cloanto\Software Director\softdir.exe [370512 2013-02-01] (Cloanto Corporation)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-07-21] (Oracle Corporation)
HKU\S-1-5-21-1484530008-2578543859-123513441-1002\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9856176 2017-09-20] (Piriform Ltd)
HKU\S-1-5-21-1484530008-2578543859-123513441-1002\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [29494400 2016-07-13] (Skype Technologies S.A.)
HKU\S-1-5-21-1484530008-2578543859-123513441-1002\...\Run: [f.lux] => C:\Users\TMine\AppData\Local\FluxSoftware\Flux\flux.exe [1678840 2017-10-10] (f.lux Software LLC)
HKU\S-1-5-21-1484530008-2578543859-123513441-1002\...\Run: [Spotify Web Helper] => C:\Users\TMine\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1529456 2016-12-15] (Spotify Ltd)
HKU\S-1-5-21-1484530008-2578543859-123513441-1002\...\Run: [Spotify] => C:\Users\TMine\AppData\Roaming\Spotify\Spotify.exe [6810224 2016-12-15] (Spotify Ltd)
HKU\S-1-5-21-1484530008-2578543859-123513441-1002\...\Run: [EADM] => E:\Games\Origin\Origin.exe [3098944 2017-09-17] (Electronic Arts)
HKU\S-1-5-21-1484530008-2578543859-123513441-1002\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4299968 2016-06-22] (Disc Soft Ltd)
HKU\S-1-5-21-1484530008-2578543859-123513441-1002\...\Run: [GobblerTray] => C:\Program Files (x86)\Media Gobbler, Inc\User Agent\GobblerTray.exe [1031208 2016-12-19] (Media Gobbler, Inc)
HKU\S-1-5-21-1484530008-2578543859-123513441-1002\...\Run: [WhatsApp] => C:\Users\TMine\AppData\Local\WhatsApp\app-0.2.5863\WhatsApp.exe [88291088 2017-08-23] (WhatsApp)
Startup: C:\Users\TMine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MEGAsync.lnk [2017-07-05]
ShortcutTarget: MEGAsync.lnk -> C:\Users\TMine\AppData\Local\MEGAsync\MEGAsync.exe (Mega Limited)
Startup: C:\Users\TMine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Monitor Ink Alerts - HP Deskjet 2540 series.lnk [2016-05-07]
ShortcutTarget: Monitor Ink Alerts - HP Deskjet 2540 series.lnk -> C:\Program Files\HP\HP Deskjet 2540 series\Bin\HPStatusBL.dll (Hewlett-Packard Co.)
Startup: C:\Users\TMine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Send to OneNote.lnk [2017-09-06]
ShortcutTarget: Send to OneNote.lnk -> C:\Program Files\Microsoft Office\Office16\ONENOTEM.EXE (Microsoft Corporation)
Startup: C:\Users\TMine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ShareX.lnk [2017-07-24]
ShortcutTarget: ShareX.lnk -> C:\Program Files\ShareX\ShareX.exe (ShareX Team)
Startup: C:\Users\TMine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Twitch.lnk [2017-07-30]
ShortcutTarget: Twitch.lnk -> C:\Users\TMine\AppData\Roaming\Twitch\Bin\Twitch.exe (Twitch Interactive, Inc.)
GroupPolicy: Restriction <==== ATTENTION
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 192.168.1.1
Tcpip\..\Interfaces\{20aa972f-d523-4973-bb97-0567f06ddb71}: [DhcpNameServer] 192.168.1.1 192.168.1.1
Tcpip\..\Interfaces\{ff37550b-b169-4446-81fb-2415012ba52f}: [DhcpNameServer] 192.168.1.1 192.168.1.1
 
Internet Explorer:
==================
HKU\S-1-5-21-1484530008-2578543859-123513441-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=131355190043174071&GUID=35B03DA2-884C-4CBF-A69E-DA3F42698FDB
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office16\OCHelper.dll [2017-08-23] (Microsoft Corporation)
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_144\bin\ssv.dll [2017-09-09] (Oracle Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office16\GROOVEEX.DLL [2017-07-11] (Microsoft Corporation)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_144\bin\jp2ssv.dll [2017-09-09] (Oracle Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office16\OCHelper.dll [2015-07-31] (Microsoft Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office16\GROOVEEX.DLL [2017-07-11] (Microsoft Corporation)
Handler: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2017-08-15] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2017-08-15] (Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2017-08-15] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2017-08-15] (Microsoft Corporation)
 
FireFox:
========
FF DefaultProfile: otfbu970.default
FF ProfilePath: C:\Users\TMine\AppData\Roaming\Mozilla\Firefox\Profiles\otfbu970.default [2017-10-18]
FF Extension: (British English Dictionary (Marco Pinto)) - C:\Users\TMine\AppData\Roaming\Mozilla\Firefox\Profiles\otfbu970.default\Extensions\[email protected] [2017-10-03]
FF Extension: (uBlock Origin) - C:\Users\TMine\AppData\Roaming\Mozilla\Firefox\Profiles\otfbu970.default\Extensions\[email protected] [2017-10-03]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_27_0_0_170.dll [2017-10-16] ()
FF Plugin: @java.com/DTPlugin,version=11.144.2 -> C:\Program Files\Java\jre1.8.0_144\bin\dtplugin\npDeployJava1.dll [2017-09-09] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.144.2 -> C:\Program Files\Java\jre1.8.0_144\bin\plugin2\npjp2.dll [2017-09-09] (Oracle Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2016-06-08] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_27_0_0_170.dll [2017-10-16] ()
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-03-15] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @RIM.com/WebSLLauncher,version=1.0 -> C:\Program Files (x86)\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll [2012-12-13] ()
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-29] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-29] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2016-06-08] (Adobe Systems)
FF Plugin HKU\.DEFAULT: @hola.org/FlashPlayer -> C:\Users\TMine\AppData\Local\Hola\firefox_hola\app\flash\NPSWF32_18_0_0_232.dll [No File]
FF Plugin HKU\.DEFAULT: @hola.org/vlc -> C:\Users\TMine\AppData\Local\Hola\firefox_hola\app\vlc\npvlc.dll [No File]
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2016-03-15] (Microsoft Corporation)
 
Chrome: 
=======
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR Profile: C:\Users\TMine\AppData\Local\Google\Chrome\User Data\Default [2017-10-18]
CHR Extension: (Slides) - C:\Users\TMine\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-13]
CHR Extension: (Flash Video Downloader) - C:\Users\TMine\AppData\Local\Google\Chrome\User Data\Default\Extensions\aiimdkdngfcipjohbjenkahhlhccpdbc [2017-10-07]
CHR Extension: (Docs) - C:\Users\TMine\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-13]
CHR Extension: (Google Drive) - C:\Users\TMine\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-04-02]
CHR Extension: (YouTube) - C:\Users\TMine\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-04-02]
CHR Extension: (uBlock Origin) - C:\Users\TMine\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2017-10-16]
CHR Extension: (Video Downloader professional) - C:\Users\TMine\AppData\Local\Google\Chrome\User Data\Default\Extensions\elicpjhcidhpjomhibiffojpinpmmpil [2017-08-03]
CHR Extension: (Sheets) - C:\Users\TMine\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-13]
CHR Extension: (Google Docs Offline) - C:\Users\TMine\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-04-02]
CHR Extension: (Emoji for Google Chrome™) - C:\Users\TMine\AppData\Local\Google\Chrome\User Data\Default\Extensions\immhpnclomdloikkpcefncmfgjbkojmh [2017-10-11]
CHR Extension: (SoundCloud) - C:\Users\TMine\AppData\Local\Google\Chrome\User Data\Default\Extensions\ipebkipbeggmmkjjljenoblnfaenambp [2017-04-02]
CHR Extension: (Reddit Enhancement Suite) - C:\Users\TMine\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbmfpngjjgdllneeigpgjifpgocmfgmb [2017-09-22]
CHR Extension: (Office Online) - C:\Users\TMine\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndjpnladcallmjemlbaebfadecfhkepb [2017-09-12]
CHR Extension: (Chrome Web Store Payments) - C:\Users\TMine\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-08-22]
CHR Extension: (Oddshot) - C:\Users\TMine\AppData\Local\Google\Chrome\User Data\Default\Extensions\olnoeeagkgpkplnhmnnlgodjnjgckhja [2017-10-07]
CHR Extension: (Gmail) - C:\Users\TMine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-04-02]
CHR Extension: (Chrome Media Router) - C:\Users\TMine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-09-15]
 
==================== Services (Whitelisted) ====================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [737984 2016-06-03] (Adobe Systems Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2257016 2017-08-23] (Adobe Systems, Incorporated)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2017-09-07] (Apple Inc.)
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe [936728 2013-07-04] ()
R2 asHmComSvc; C:\Program Files (x86)\ASUS\AAHM\1.00.22\aaHMSvc.exe [954648 2014-09-09] (ASUSTeK Computer Inc.)
R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe [1360016 2014-09-26] () [File not signed]
R2 AsusFanControlService; C:\Program Files (x86)\ASUS\AsusFanControlService\1.06.26\AsusFanControlService.exe [397592 2015-07-02] (ASUSTeK Computer Inc.)
S3 Blackberry Device Manager; C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe [577536 2013-01-18] (Research In Motion Limited) [File not signed]
S3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [1467072 2016-06-22] (Disc Soft Ltd)
R2 gobblerproxy; C:\Program Files (x86)\Media Gobbler, Inc\Downstream Proxy\downstreamproxyservice.exe [15872 2016-12-19] (Media Gobbler, Inc) [File not signed]
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [323952 2017-09-27] (HP Inc.)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [File not signed]
S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6058960 2017-08-07] (Malwarebytes)
R2 Motorola Device Manager; C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe [137528 2014-04-08] (Motorola Mobility LLC)
S3 Origin Client Service; E:\Games\Origin\OriginClientService.exe [2098528 2017-09-17] (Electronic Arts)
R2 Origin Web Helper Service; E:\Games\Origin\OriginWebHelperService.exe [2977640 2017-09-17] (Electronic Arts)
R2 PlaysService; C:\Program Files (x86)\Raptr Inc\PlaysTV\plays_service.exe [32528 2016-07-13] (Plays.tv, LLC)
R2 PST Service; C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe [65657 2011-09-02] (Motorola) [File not signed]
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [3913064 2017-03-20] (Microsoft Corporation)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [7534864 2016-08-25] (TeamViewer GmbH)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [342264 2017-03-18] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [102816 2017-06-20] (Microsoft Corporation)
 
===================== Drivers (Whitelisted) ======================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S0 amdkmafd; C:\WINDOWS\System32\drivers\amdkmafd.sys [31992 2015-06-03] (Advanced Micro Devices, Inc.)
R3 AndroidAFD; C:\Windows\SysWow64\drivers\AndroidAFDx64.sys [28472 2015-07-06] (ASUSTek Computer Inc.)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2013-07-04] ()
R3 asiovadpro; C:\WINDOWS\system32\DRIVERS\asiovadpro.sys [42984 2016-03-29] (John Shield/O Deus Audio)
R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [14464 2014-02-24] ()
S3 ASUSstpt; C:\WINDOWS\System32\drivers\ASUSstpt.sys [27392 2013-03-28] (MCCI Corporation)
S3 ASUSumsc; C:\WINDOWS\system32\DRIVERS\ASUSumsc.sys [151808 2013-03-28] (MCCI Corporation)
R3 AtiHDAudioService; C:\WINDOWS\system32\drivers\AtihdWT6.sys [102400 2016-02-26] (Advanced Micro Devices)
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2016-08-03] (Disc Soft Ltd)
R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [47672 2016-08-03] (Disc Soft Ltd)
S3 epmntdrv; C:\WINDOWS\system32\epmntdrv.sys [18528 2014-11-18] () [File not signed]
S3 epmntdrv; C:\WINDOWS\SysWOW64\epmntdrv.sys [15968 2014-11-18] () [File not signed]
S3 EuGdiDrv; C:\WINDOWS\system32\EuGdiDrv.sys [10848 2014-11-18] () [File not signed]
S3 EuGdiDrv; C:\WINDOWS\SysWOW64\EuGdiDrv.sys [10208 2014-11-18] () [File not signed]
R3 ffusb2audio; C:\WINDOWS\system32\DRIVERS\ffusb2audio.sys [127280 2014-03-17] (Focusrite Audio Engineering Limited.)
U5 ggsomc; C:\Windows\System32\Drivers\ggsomc.sys [30424 2016-07-27] (Sony Mobile Communications)
R4 IOMap; C:\WINDOWS\system32\drivers\IOMap64.sys [24824 2014-09-08] (ASUSTeK Computer Inc.)
R3 LiveTwitchTranslator; C:\WINDOWS\system32\DRIVERS\LiveTwitchTranslator.sys [18776 2011-08-11] (Focusrite Audio Engineering Limited)
R1 MpKsl09d67f3a; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{2B1B94E6-C6E5-4988-92FC-7F45F41DA41C}\MpKsl09d67f3a.sys [58120 2017-10-18] (Microsoft Corporation)
R1 MpKsl8bd243e5; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{2ED8C06F-48B7-4D84-8977-94003E25CEA6}\MpKsl8bd243e5.sys [58120 2017-10-18] (Microsoft Corporation)
R1 MpKslb8fa73f2; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{D8979E4A-7D33-45AA-B302-7824CCC94444}\MpKslb8fa73f2.sys [58120 2017-10-18] (Microsoft Corporation)
R3 netr28x; C:\WINDOWS\System32\drivers\netr28x.sys [2537984 2017-03-18] (MediaTek Inc.)
S3 NvnUsbAudio; C:\WINDOWS\system32\DRIVERS\nvnusbaudio.sys [54000 2014-10-17] (Novation DMS Ltd.)
S3 RimUsb; C:\WINDOWS\System32\Drivers\RimUsb_AMD64.sys [78336 2013-01-03] (Research In Motion Limited)
R3 RimVSerPort; C:\WINDOWS\system32\DRIVERS\RimSerial_AMD64.sys [44544 2012-12-10] (Research in Motion Ltd)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [888064 2015-10-15] (Realtek )
S3 SDFRd; C:\WINDOWS\System32\drivers\SDFRd.sys [31128 2017-03-18] ()
R3 VBAudioVMAUXVAIOMME; C:\WINDOWS\system32\DRIVERS\vbaudio_vmauxvaio64_win7.sys [41192 2017-03-03] (Windows ® Win 7 DDK provider)
R3 VBAudioVMVAIOMME; C:\WINDOWS\system32\DRIVERS\vbaudio_vmvaio64_win7.sys [41192 2017-03-02] (Windows ® Win 7 DDK provider)
S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [44632 2017-03-18] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [294816 2017-03-18] (Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [121248 2017-03-18] (Microsoft Corporation)
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2017-10-18 16:01 - 2017-10-18 16:01 - 000025613 _____ C:\Users\TMine\Desktop\FRST.txt
2017-10-18 16:00 - 2017-10-18 16:00 - 000001492 _____ C:\Users\TMine\Desktop\scan_171018-155720.txt
2017-10-18 15:54 - 2017-10-18 15:54 - 000000000 ____D C:\ProgramData\Emsisoft
2017-10-18 15:53 - 2017-10-18 16:01 - 000000000 ____D C:\FRST
2017-10-18 15:52 - 2017-10-18 15:52 - 002401792 _____ (Farbar) C:\Users\TMine\Desktop\FRST64.exe
2017-10-18 15:42 - 2017-10-18 16:00 - 000000000 ____D C:\Users\TMine\Desktop\EEK
2017-10-18 14:24 - 2017-10-18 14:24 - 000000546 _____ C:\Users\TMine\Desktop\JRT.txt
2017-10-18 14:21 - 2017-10-18 14:21 - 000003800 _____ C:\Users\TMine\Desktop\Rkill.txt
2017-10-18 14:19 - 2017-10-18 14:19 - 000000000 ___HD C:\Users\Public\Documents\AdobeGC
2017-10-18 13:42 - 2017-10-18 13:42 - 000000966 _____ C:\Users\TMine\Desktop\sneaksby.txt
2017-10-18 02:50 - 2017-10-18 02:50 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2017-10-18 02:50 - 2017-10-18 02:50 - 000000000 ____D C:\ProgramData\MB2Migration
2017-10-18 02:50 - 2017-10-18 02:50 - 000000000 ____D C:\Program Files\Malwarebytes
2017-10-18 02:50 - 2017-10-04 13:15 - 000077440 _____ C:\WINDOWS\system32\Drivers\mbae64.sys
2017-10-11 13:55 - 2017-10-11 13:55 - 126925120 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT-KB890830.exe
2017-10-11 13:53 - 2017-09-30 06:49 - 001004136 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase.dll
2017-10-11 13:53 - 2017-09-30 06:45 - 000511896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbhub.sys
2017-10-11 13:53 - 2017-09-30 06:42 - 000820120 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2017-10-11 13:53 - 2017-09-30 06:41 - 000259400 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotifyIcon.exe
2017-10-11 13:53 - 2017-09-30 06:40 - 000336320 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthService.exe
2017-10-11 13:53 - 2017-09-30 06:40 - 000173976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbccgp.sys
2017-10-11 13:53 - 2017-09-30 06:36 - 002672024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2017-10-11 13:53 - 2017-09-30 03:29 - 001408536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2017-10-11 13:53 - 2017-09-30 03:29 - 000804784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2017-10-11 13:53 - 2017-09-30 03:26 - 001333136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2017-10-11 13:53 - 2017-09-30 03:26 - 001292872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2017-10-11 13:53 - 2017-09-30 03:10 - 001839872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2017-10-11 13:53 - 2017-09-30 03:10 - 000606072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2017-10-11 13:53 - 2017-09-30 03:10 - 000508344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2017-10-11 13:53 - 2017-09-30 03:10 - 000480920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\advapi32.dll
2017-10-11 13:53 - 2017-09-30 03:09 - 002259760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2017-10-11 13:53 - 2017-09-30 03:09 - 000787712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2017-10-11 13:53 - 2017-09-30 03:06 - 004471368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2017-10-11 13:53 - 2017-09-30 03:05 - 005827744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2017-10-11 13:53 - 2017-09-30 03:05 - 002603744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneCoreUAPCommonProxyStub.dll
2017-10-11 13:53 - 2017-09-30 03:05 - 001266544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2017-10-11 13:53 - 2017-09-30 03:05 - 000750488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2017-10-11 13:53 - 2017-09-30 03:05 - 000559000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2017-10-11 13:53 - 2017-09-30 03:04 - 004215184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll
2017-10-11 13:53 - 2017-09-30 03:04 - 000612120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2017-10-11 13:53 - 2017-09-30 03:04 - 000519680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2017-10-11 13:53 - 2017-09-30 03:04 - 000438096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.dll
2017-10-11 13:53 - 2017-09-30 03:04 - 000347544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2017-10-11 13:53 - 2017-09-30 03:04 - 000182680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2017-10-11 13:53 - 2017-09-30 03:03 - 020373408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2017-10-11 13:53 - 2017-09-30 03:03 - 006768288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2017-10-11 13:53 - 2017-09-30 03:03 - 001439032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll
2017-10-11 13:53 - 2017-09-30 03:02 - 001624096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Microsoft.Uev.AppAgent.dll
2017-10-11 13:53 - 2017-09-30 03:02 - 001517464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppVEntSubsystems32.dll
2017-10-11 13:53 - 2017-09-30 03:02 - 000175512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\basecsp.dll
2017-10-11 13:53 - 2017-09-30 03:01 - 000124544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sspicli.dll
2017-10-11 13:53 - 2017-09-29 08:45 - 002953216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2017-10-11 13:53 - 2017-09-29 08:44 - 000133120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\t2embed.dll
2017-10-11 13:53 - 2017-09-29 08:43 - 002199552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll
2017-10-11 13:53 - 2017-09-29 08:43 - 000142336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\smartscreenps.dll
2017-10-11 13:53 - 2017-09-29 08:43 - 000060928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usoapi.dll
2017-10-11 13:53 - 2017-09-29 08:42 - 000018944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mgmtapi.dll
2017-10-11 13:53 - 2017-09-29 08:41 - 013844992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2017-10-11 13:53 - 2017-09-29 08:41 - 000110080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BitLockerCsp.dll
2017-10-11 13:53 - 2017-09-29 08:40 - 006728192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2017-10-11 13:53 - 2017-09-29 08:40 - 000371200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2017-10-11 13:53 - 2017-09-29 08:40 - 000086528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
2017-10-11 13:53 - 2017-09-29 08:39 - 020511232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2017-10-11 13:53 - 2017-09-29 08:39 - 000364032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2017-10-11 13:53 - 2017-09-29 08:38 - 005721600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2017-10-11 13:53 - 2017-09-29 08:38 - 002671616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2017-10-11 13:53 - 2017-09-29 08:38 - 001135616 ____R (The ICU Project) C:\WINDOWS\SysWOW64\icuuc.dll
2017-10-11 13:53 - 2017-09-29 08:38 - 000498688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Microsoft.Uev.Office2013CustomActions.dll
2017-10-11 13:53 - 2017-09-29 08:38 - 000471040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TpmCoreProvisioning.dll
2017-10-11 13:53 - 2017-09-29 08:38 - 000463360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webio.dll
2017-10-11 13:53 - 2017-09-29 08:38 - 000370688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FirewallAPI.dll
2017-10-11 13:53 - 2017-09-29 08:38 - 000308224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptngc.dll
2017-10-11 13:53 - 2017-09-29 08:38 - 000229376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scksp.dll
2017-10-11 13:53 - 2017-09-29 08:37 - 000306688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.dll
2017-10-11 13:53 - 2017-09-29 08:37 - 000038400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBrokerUI.dll
2017-10-11 13:53 - 2017-09-29 08:36 - 000590336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PCPKsp.dll
2017-10-11 13:53 - 2017-09-29 08:34 - 002859520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2017-10-11 13:53 - 2017-09-29 08:34 - 000798720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2017-10-11 13:53 - 2017-09-29 08:34 - 000787456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2017-10-11 13:53 - 2017-09-29 08:34 - 000434176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.dll
2017-10-11 13:53 - 2017-09-29 08:33 - 007598080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2017-10-11 13:53 - 2017-09-29 08:33 - 004559360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2017-10-11 13:53 - 2017-09-29 08:33 - 001506816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\quartz.dll
2017-10-11 13:53 - 2017-09-29 08:32 - 002782720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2017-10-11 13:53 - 2017-09-29 08:32 - 002340864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2017-10-11 13:53 - 2017-09-29 08:32 - 001627136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2017-10-11 13:53 - 2017-09-29 08:32 - 001244160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Phone.dll
2017-10-11 13:53 - 2017-09-29 08:32 - 000128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2017-10-11 13:53 - 2017-09-29 08:32 - 000035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BasicRender.sys
2017-10-11 13:53 - 2017-09-29 08:31 - 003107328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstsc.exe
2017-10-11 13:53 - 2017-09-29 08:31 - 000306176 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2017-10-11 13:53 - 2017-09-29 08:31 - 000168448 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2017-10-11 13:53 - 2017-09-29 08:31 - 000052736 _____ (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll
2017-10-11 13:53 - 2017-09-29 08:29 - 001460736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_fs.dll
2017-10-11 13:53 - 2017-09-29 08:29 - 001318912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_health.dll
2017-10-11 13:53 - 2017-09-29 08:29 - 000724992 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2017-10-11 13:53 - 2017-09-29 08:29 - 000157696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpchttp.dll
2017-10-11 13:53 - 2017-09-29 08:29 - 000102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2017-10-11 13:53 - 2017-09-29 08:29 - 000083456 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpdbusenum.dll
2017-10-11 13:53 - 2017-09-29 08:28 - 000681472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clusapi.dll
2017-10-11 13:53 - 2017-09-29 08:28 - 000473088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\resutils.dll
2017-10-11 13:53 - 2017-09-29 08:28 - 000458752 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnr.dll
2017-10-11 13:53 - 2017-09-29 08:28 - 000297984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mcbuilder.exe
2017-10-11 13:53 - 2017-09-29 08:28 - 000104448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Robocopy.exe
2017-10-11 13:53 - 2017-09-29 08:28 - 000040448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cipher.exe
2017-10-11 13:53 - 2017-09-29 08:27 - 000409600 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptngc.dll
2017-10-11 13:53 - 2017-09-29 08:27 - 000350720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.dll
2017-10-11 13:53 - 2017-09-29 08:26 - 008213504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2017-10-11 13:53 - 2017-09-29 08:24 - 003377664 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2017-10-11 13:53 - 2017-09-29 08:24 - 001628672 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataService.dll
2017-10-11 13:53 - 2017-09-29 08:21 - 003304448 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstsc.exe
2017-10-11 13:53 - 2017-09-29 08:21 - 000414208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2017-10-11 13:53 - 2017-09-29 08:20 - 000385536 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdesvc.dll
2017-10-11 13:53 - 2017-09-29 08:20 - 000286208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb10.sys
2017-10-11 13:53 - 2017-09-29 08:19 - 000306176 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveui.dll
2017-10-11 13:53 - 2017-09-29 08:18 - 000215040 _____ (Microsoft Corporation) C:\WINDOWS\system32\manage-bde.exe
2017-10-11 13:53 - 2017-09-29 08:18 - 000141312 _____ (Microsoft Corporation) C:\WINDOWS\system32\BitLockerDeviceEncryption.exe
2017-10-11 13:53 - 2017-09-29 06:40 - 000804312 _____ C:\WINDOWS\SysWOW64\locale.nls
2017-10-11 13:53 - 2017-09-29 06:40 - 000804312 _____ C:\WINDOWS\system32\locale.nls
2017-10-11 13:53 - 2017-09-20 16:08 - 000640512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mswstr10.dll
2017-10-11 13:53 - 2017-09-20 16:08 - 000345088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msexcl40.dll
2017-10-11 13:53 - 2017-09-20 16:08 - 000008704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjint40.dll
2017-10-11 13:53 - 2017-09-19 00:09 - 000554400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2017-10-11 13:53 - 2017-09-18 23:20 - 000049664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tetheringclient.dll
2017-10-11 13:53 - 2017-09-18 23:15 - 000648704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApiPublic.dll
2017-10-11 13:52 - 2017-09-30 06:52 - 001595152 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2017-10-11 13:52 - 2017-09-30 06:51 - 001458320 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2017-10-11 13:52 - 2017-09-30 06:51 - 001147288 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2017-10-11 13:52 - 2017-09-30 06:51 - 000661224 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2017-10-11 13:52 - 2017-09-30 06:50 - 001346112 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2017-10-11 13:52 - 2017-09-30 06:50 - 001068208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2017-10-11 13:52 - 2017-09-30 06:50 - 001024920 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2017-10-11 13:52 - 2017-09-30 06:49 - 000777400 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2017-10-11 13:52 - 2017-09-30 06:49 - 000135576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecdd.sys
2017-10-11 13:52 - 2017-09-30 06:48 - 008319384 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2017-10-11 13:52 - 2017-09-30 06:48 - 002399728 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2017-10-11 13:52 - 2017-09-30 06:48 - 002327448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2017-10-11 13:52 - 2017-09-30 06:48 - 000644696 _____ (Microsoft Corporation) C:\WINDOWS\system32\advapi32.dll
2017-10-11 13:52 - 2017-09-30 06:47 - 002969880 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreUIComponents.dll
2017-10-11 13:52 - 2017-09-30 06:47 - 001194792 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2017-10-11 13:52 - 2017-09-30 06:44 - 000712600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2017-10-11 13:52 - 2017-09-30 06:44 - 000181912 _____ (Microsoft Corporation) C:\WINDOWS\system32\sspicli.dll
2017-10-11 13:52 - 2017-09-30 06:43 - 007318888 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2017-10-11 13:52 - 2017-09-30 06:43 - 002442136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2017-10-11 13:52 - 2017-09-30 06:42 - 004848952 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2017-10-11 13:52 - 2017-09-30 06:42 - 001506712 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2017-10-11 13:52 - 2017-09-30 06:41 - 005477600 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll
2017-10-11 13:52 - 2017-09-30 06:41 - 005304496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll
2017-10-11 13:52 - 2017-09-30 06:41 - 002086808 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateAgent.dll
2017-10-11 13:52 - 2017-09-30 06:41 - 000961944 _____ (Microsoft Corporation) C:\WINDOWS\system32\efscore.dll
2017-10-11 13:52 - 2017-09-30 06:41 - 000654976 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2017-10-11 13:52 - 2017-09-30 06:41 - 000651672 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2017-10-11 13:52 - 2017-09-30 06:41 - 000257432 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2017-10-11 13:52 - 2017-09-30 06:41 - 000228248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2017-10-11 13:52 - 2017-09-30 06:40 - 000849816 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVClient.exe
2017-10-11 13:52 - 2017-09-30 06:40 - 000724704 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2017-10-11 13:52 - 2017-09-30 06:40 - 000701336 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVCatalog.dll
2017-10-11 13:52 - 2017-09-30 06:40 - 000642680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2017-10-11 13:52 - 2017-09-30 06:40 - 000558912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.dll
2017-10-11 13:52 - 2017-09-30 06:40 - 000408984 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2017-10-11 13:52 - 2017-09-30 06:40 - 000184728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\appid.sys
2017-10-11 13:52 - 2017-09-30 06:40 - 000072944 _____ (Microsoft Corporation) C:\WINDOWS\system32\easinvoker.exe
2017-10-11 13:52 - 2017-09-30 06:39 - 021351760 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2017-10-11 13:52 - 2017-09-30 06:39 - 001694104 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVIntegration.dll
2017-10-11 13:52 - 2017-09-30 06:39 - 000203672 _____ (Microsoft Corporation) C:\WINDOWS\system32\basecsp.dll
2017-10-11 13:52 - 2017-09-30 06:38 - 007910072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2017-10-11 13:52 - 2017-09-30 06:38 - 002239136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
2017-10-11 13:52 - 2017-09-30 06:38 - 001854872 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntVirtualization.dll
2017-10-11 13:52 - 2017-09-30 06:37 - 002377112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.AppAgent.dll
2017-10-11 13:52 - 2017-09-30 06:37 - 002229144 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystems64.dll
2017-10-11 13:52 - 2017-09-30 06:37 - 001464728 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystemController.dll
2017-10-11 13:52 - 2017-09-30 06:36 - 000855960 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVOrchestration.dll
2017-10-11 13:52 - 2017-09-30 06:36 - 000675224 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVPublishing.dll
2017-10-11 13:52 - 2017-09-30 06:36 - 000057976 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsass.exe
2017-10-11 13:52 - 2017-09-30 03:10 - 001150776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ucrtbase.dll
2017-10-11 13:52 - 2017-09-29 08:46 - 023678976 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2017-10-11 13:52 - 2017-09-29 08:39 - 011888640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2017-10-11 13:52 - 2017-09-29 08:36 - 019337216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2017-10-11 13:52 - 2017-09-29 08:35 - 003654656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2017-10-11 13:52 - 2017-09-29 08:34 - 017370624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2017-10-11 13:52 - 2017-09-29 08:34 - 006255616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2017-10-11 13:52 - 2017-09-29 08:34 - 003669504 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2017-10-11 13:52 - 2017-09-29 08:33 - 000658944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2017-10-11 13:52 - 2017-09-29 08:33 - 000175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\t2embed.dll
2017-10-11 13:52 - 2017-09-29 08:32 - 002199552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2017-10-11 13:52 - 2017-09-29 08:32 - 000209920 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreenps.dll
2017-10-11 13:52 - 2017-09-29 08:32 - 000087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\usoapi.dll
2017-10-11 13:52 - 2017-09-29 08:32 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2017-10-11 13:52 - 2017-09-29 08:32 - 000029184 _____ (Microsoft Corporation) C:\WINDOWS\system32\sspisrv.dll
2017-10-11 13:52 - 2017-09-29 08:32 - 000023040 _____ (Microsoft Corporation) C:\WINDOWS\system32\mgmtapi.dll
2017-10-11 13:52 - 2017-09-29 08:31 - 000113152 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll
2017-10-11 13:52 - 2017-09-29 08:31 - 000057344 _____ (Microsoft Corporation) C:\WINDOWS\system32\efssvc.dll
2017-10-11 13:52 - 2017-09-29 08:30 - 023686144 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2017-10-11 13:52 - 2017-09-29 08:30 - 007931392 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2017-10-11 13:52 - 2017-09-29 08:30 - 000529408 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2017-10-11 13:52 - 2017-09-29 08:30 - 000179200 _____ (Microsoft Corporation) C:\WINDOWS\system32\BitLockerCsp.dll
2017-10-11 13:52 - 2017-09-29 08:30 - 000064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2017-10-11 13:52 - 2017-09-29 08:30 - 000043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmTasks.dll
2017-10-11 13:52 - 2017-09-29 08:29 - 008333312 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2017-10-11 13:52 - 2017-09-29 08:29 - 000550400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys
2017-10-11 13:52 - 2017-09-29 08:29 - 000461824 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll
2017-10-11 13:52 - 2017-09-29 08:29 - 000433152 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll
2017-10-11 13:52 - 2017-09-29 08:29 - 000304640 _____ (Microsoft Corporation) C:\WINDOWS\system32\dusmsvc.dll
2017-10-11 13:52 - 2017-09-29 08:29 - 000052736 _____ (Microsoft Corporation) C:\WINDOWS\system32\ServiceWorkerHost.exe
2017-10-11 13:52 - 2017-09-29 08:28 - 000699904 _____ (Microsoft Corporation) C:\WINDOWS\system32\FlightSettings.dll
2017-10-11 13:52 - 2017-09-29 08:28 - 000556032 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmCoreProvisioning.dll
2017-10-11 13:52 - 2017-09-29 08:28 - 000527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2017-10-11 13:52 - 2017-09-29 08:28 - 000256000 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2017-10-11 13:52 - 2017-09-29 08:28 - 000254976 _____ (Microsoft Corporation) C:\WINDOWS\system32\scksp.dll
2017-10-11 13:52 - 2017-09-29 08:27 - 012803072 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2017-10-11 13:52 - 2017-09-29 08:27 - 001321984 ____R (The ICU Project) C:\WINDOWS\system32\icuuc.dll
2017-10-11 13:52 - 2017-09-29 08:27 - 000616960 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowManagement.dll
2017-10-11 13:52 - 2017-09-29 08:27 - 000565760 _____ (Microsoft Corporation) C:\WINDOWS\system32\webio.dll
2017-10-11 13:52 - 2017-09-29 08:27 - 000538624 _____ (Microsoft Corporation) C:\WINDOWS\system32\FirewallAPI.dll
2017-10-11 13:52 - 2017-09-29 08:27 - 000524800 _____ (Microsoft Corporation) C:\WINDOWS\system32\TileDataRepository.dll
2017-10-11 13:52 - 2017-09-29 08:27 - 000412160 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2017-10-11 13:52 - 2017-09-29 08:26 - 002809344 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2017-10-11 13:52 - 2017-09-29 08:26 - 001468928 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2017-10-11 13:52 - 2017-09-29 08:26 - 001269760 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2017-10-11 13:52 - 2017-09-29 08:26 - 001197568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.CommonBridge.dll
2017-10-11 13:52 - 2017-09-29 08:26 - 001141760 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplySettingsTemplateCatalog.exe
2017-10-11 13:52 - 2017-09-29 08:26 - 000772096 _____ (Microsoft Corporation) C:\WINDOWS\system32\PCPKsp.dll
2017-10-11 13:52 - 2017-09-29 08:26 - 000356864 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapibase.dll
2017-10-11 13:52 - 2017-09-29 08:26 - 000045056 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBrokerUI.dll
2017-10-11 13:52 - 2017-09-29 08:25 - 008199168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2017-10-11 13:52 - 2017-09-29 08:25 - 004175872 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2017-10-11 13:52 - 2017-09-29 08:25 - 002760704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.UnifiedTile.CuratedTileCollections.dll
2017-10-11 13:52 - 2017-09-29 08:25 - 000586240 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll
2017-10-11 13:52 - 2017-09-29 08:24 - 003307008 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2017-10-11 13:52 - 2017-09-29 08:24 - 002503680 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2017-10-11 13:52 - 2017-09-29 08:24 - 001886208 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2017-10-11 13:52 - 2017-09-29 08:24 - 001307648 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2017-10-11 13:52 - 2017-09-29 08:24 - 001201664 _____ (Microsoft Corporation) C:\WINDOWS\system32\AgentService.exe
2017-10-11 13:52 - 2017-09-29 08:24 - 000684032 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2017-10-11 13:52 - 2017-09-29 08:23 - 005557760 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2017-10-11 13:52 - 2017-09-29 08:23 - 004730368 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2017-10-11 13:52 - 2017-09-29 08:23 - 003140096 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2017-10-11 13:52 - 2017-09-29 08:23 - 002730496 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreen.exe
2017-10-11 13:52 - 2017-09-29 08:23 - 002446336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2017-10-11 13:52 - 2017-09-29 08:23 - 002195968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.ModernAppAgent.dll
2017-10-11 13:52 - 2017-09-29 08:23 - 002055680 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2017-10-11 13:52 - 2017-09-29 08:23 - 001887744 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2017-10-11 13:52 - 2017-09-29 08:23 - 001605632 _____ (Microsoft Corporation) C:\WINDOWS\system32\quartz.dll
2017-10-11 13:52 - 2017-09-29 08:23 - 001460224 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2017-10-11 13:52 - 2017-09-29 08:23 - 001398784 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2017-10-11 13:52 - 2017-09-29 08:23 - 001052672 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2017-10-11 13:52 - 2017-09-29 08:23 - 000986624 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2017-10-11 13:52 - 2017-09-29 08:23 - 000972288 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2017-10-11 13:52 - 2017-09-29 08:23 - 000841216 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2017-10-11 13:52 - 2017-09-29 08:23 - 000756224 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2017-10-11 13:52 - 2017-09-29 08:23 - 000647168 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2017-10-11 13:52 - 2017-09-29 08:23 - 000512000 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.dll
2017-10-11 13:52 - 2017-09-29 08:22 - 002829824 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2017-10-11 13:52 - 2017-09-29 08:22 - 001802240 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2017-10-11 13:52 - 2017-09-29 08:22 - 001438208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Phone.dll
2017-10-11 13:52 - 2017-09-29 08:22 - 000407040 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2017-10-11 13:52 - 2017-09-29 08:21 - 000722944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2017-10-11 13:52 - 2017-09-29 08:21 - 000476160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2017-10-11 13:52 - 2017-09-29 08:21 - 000324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
2017-10-11 13:52 - 2017-09-29 08:21 - 000154624 _____ (Microsoft Corporation) C:\WINDOWS\system32\regsvc.dll
2017-10-11 13:52 - 2017-09-29 08:21 - 000147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\TabSvc.dll
2017-10-11 13:52 - 2017-09-29 08:21 - 000124928 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputLocaleManager.dll
2017-10-11 13:52 - 2017-09-29 08:20 - 001811456 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_health.dll
2017-10-11 13:52 - 2017-09-29 08:20 - 000804864 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvewiz.dll
2017-10-11 13:52 - 2017-09-29 08:20 - 000194560 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpchttp.dll
2017-10-11 13:52 - 2017-09-29 08:20 - 000150016 _____ (Microsoft Corporation) C:\WINDOWS\system32\iscsiexe.dll
2017-10-11 13:52 - 2017-09-29 08:19 - 002088448 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_fs.dll
2017-10-11 13:52 - 2017-09-29 08:19 - 000325120 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvecpl.dll
2017-10-11 13:52 - 2017-09-29 08:19 - 000208896 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscsvc.dll
2017-10-11 13:52 - 2017-09-29 08:18 - 002438656 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll
2017-10-11 13:52 - 2017-09-29 08:18 - 001527296 _____ (Microsoft Corporation) C:\WINDOWS\system32\RecoveryDrive.exe
2017-10-11 13:52 - 2017-09-29 08:18 - 000893440 _____ (Microsoft Corporation) C:\WINDOWS\system32\clusapi.dll
2017-10-11 13:52 - 2017-09-29 08:18 - 000603136 _____ (Microsoft Corporation) C:\WINDOWS\system32\resutils.dll
2017-10-11 13:52 - 2017-09-29 08:18 - 000364032 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdechangepin.exe
2017-10-11 13:52 - 2017-09-29 08:18 - 000347648 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcbuilder.exe
2017-10-11 13:52 - 2017-09-29 08:18 - 000130048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Robocopy.exe
2017-10-11 13:52 - 2017-09-29 08:18 - 000046592 _____ (Microsoft Corporation) C:\WINDOWS\system32\cipher.exe
2017-10-11 13:52 - 2017-09-19 00:20 - 001065104 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2017-10-11 13:52 - 2017-09-19 00:20 - 000900376 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2017-10-11 13:52 - 2017-09-19 00:18 - 000965024 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.efi
2017-10-11 13:52 - 2017-09-19 00:17 - 001395664 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2017-10-11 13:52 - 2017-09-19 00:17 - 001186464 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2017-10-11 13:52 - 2017-09-19 00:17 - 000821664 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.exe
2017-10-11 13:52 - 2017-09-19 00:11 - 001018272 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2017-10-11 13:52 - 2017-09-18 23:26 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringclient.dll
2017-10-11 13:52 - 2017-09-18 23:25 - 000117248 _____ (Microsoft Corporation) C:\WINDOWS\system32\eShims.dll
2017-10-11 13:52 - 2017-09-18 23:23 - 000210432 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringservice.dll
2017-10-11 13:52 - 2017-09-18 23:20 - 000831488 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApiPublic.dll
2017-10-10 13:13 - 2017-10-10 13:14 - 072475268 _____ C:\Users\TMine\Downloads\Isolee - Beau Mot Plage (Electrorites Unofficial Bootleg Mix)_BL.wav
2017-10-10 12:06 - 2017-10-10 12:06 - 000000000 ___HD C:\$Windows.~WS
2017-10-10 10:58 - 2017-10-10 11:02 - 000000000 ____D C:\Users\TMine\Desktop\Windows 7 SP1 Ultimate (64 Bit)
2017-10-10 09:34 - 2017-10-10 09:34 - 000966776 _____ (Akeo Consulting (hxxp://akeo.ie)) C:\Users\TMine\Desktop\rufus-2.17.exe
2017-10-09 12:57 - 2017-10-09 12:58 - 018357776 _____ (Microsoft Corporation) C:\Users\TMine\Downloads\MediaCreationTool (2).exe
2017-10-09 10:50 - 2017-10-09 10:50 - 014930946 _____ C:\Users\TMine\Downloads\LegoweltStudio-KORGER1Samples.zip
2017-10-09 10:35 - 2017-10-09 10:41 - 060276380 _____ C:\Users\TMine\Downloads\LegoweltYamahaPSS795samplekit.zip
2017-10-09 10:34 - 2017-10-09 10:45 - 213775240 _____ C:\Users\TMine\Downloads\Legowelt-Elektrovolt-RolandJV2080sampleKit.zip
2017-10-09 10:34 - 2017-10-09 10:37 - 016550293 _____ C:\Users\TMine\Downloads\YamahaPSS380samplezzz.zip
2017-10-09 10:34 - 2017-10-09 10:34 - 003032139 _____ C:\Users\TMine\Downloads\CASIOMT70-Drumsamplezzz.zip
2017-10-09 10:33 - 2017-10-09 10:35 - 005802376 _____ C:\Users\TMine\Downloads\Smackos DR660 Drumsamples.zip
2017-10-08 20:10 - 2017-10-08 20:10 - 000000407 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Grand Theft Auto V.lnk
2017-10-08 16:09 - 2017-10-08 16:09 - 000000000 ____D C:\Users\TMine\Documents\Akai Professional
2017-10-08 16:09 - 2017-10-08 16:09 - 000000000 ____D C:\Users\TMine\AppData\Local\Downloaded Installations
2017-10-08 16:09 - 2017-10-08 16:09 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Akai Professional
2017-10-08 16:09 - 2017-10-08 16:09 - 000000000 ____D C:\Program Files (x86)\Akai Professional
2017-10-08 16:04 - 2017-10-08 16:04 - 004222499 _____ (Akai Professional) C:\Users\TMine\Downloads\MPD218_Editor_v1.0.8.exe_3e559379d796ad32da963d3a3d9fbec7.exe
2017-10-08 13:14 - 2017-10-08 13:14 - 000001072 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MPC Essentials.lnk
2017-10-08 13:14 - 2017-10-08 13:14 - 000000000 ____D C:\Program Files\Akai Pro
2017-10-08 13:14 - 2017-10-08 13:14 - 000000000 ____D C:\Program Files (x86)\Akai Pro
2017-10-08 13:12 - 2017-10-08 13:12 - 000000000 ____D C:\WINDOWS\usb-audio.deAkaiACV3
2017-10-08 13:12 - 2017-10-08 13:03 - 000055552 ____N (Ploytec GmbH) C:\WINDOWS\system32\Drivers\akaiacv3m.sys
2017-10-08 13:10 - 2017-10-08 13:10 - 000000000 ____D C:\WINDOWS\usb-audio.deAkaiACV1
2017-10-08 13:10 - 2017-10-08 13:03 - 000055104 ____N (Ploytec GmbH) C:\WINDOWS\system32\Drivers\akaiacv1m.sys
2017-10-08 13:08 - 2017-10-08 13:08 - 000000000 ____D C:\WINDOWS\usb-audio.deAkaiACV0
2017-10-08 13:08 - 2017-10-08 13:03 - 000502392 ____N (Ploytec GmbH) C:\WINDOWS\system32\Drivers\akaiacv0u.sys
2017-10-08 13:08 - 2017-10-08 13:03 - 000056952 ____N (Numark) C:\WINDOWS\system32\Drivers\akaiacv0a.sys
2017-10-08 13:08 - 2017-10-08 13:03 - 000053880 ____N (Ploytec GmbH) C:\WINDOWS\system32\Drivers\akaiacv0m.sys
2017-10-08 12:54 - 2017-10-08 13:01 - 136513144 _____ C:\Users\TMine\Downloads\Update-MPC-Essentials-1.8.2-WIN (1).zip
2017-10-08 12:49 - 2017-10-08 13:14 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Akai
2017-10-08 12:49 - 2017-10-08 12:49 - 000000000 ____D C:\ProgramData\Akai
2017-10-08 12:13 - 2017-10-08 12:39 - 974302507 _____ C:\Users\TMine\Downloads\harmontown-2017-09-16-final.mp4
2017-10-07 15:56 - 2017-10-07 15:56 - 001104562 _____ C:\Users\TMine\Downloads\MT_and_MTA_v1.1b.zip
2017-10-07 15:56 - 2017-10-07 15:56 - 000589262 _____ C:\Users\TMine\Downloads\MT_and_MTA_v1.1_notfrozen.zip
2017-10-07 15:46 - 2017-10-07 15:46 - 008105643 _____ C:\Users\TMine\Downloads\AudibleInstruments-0.3.2.zip
2017-10-07 15:46 - 2017-10-07 15:46 - 002623270 _____ C:\Users\TMine\Downloads\Befaco-0.3.2.zip
2017-10-07 15:46 - 2017-10-07 15:46 - 000584340 _____ C:\Users\TMine\Downloads\ESeries-0.3.2.zip
2017-10-07 15:46 - 2017-10-07 15:46 - 000001289 _____ C:\Users\TMine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Rack.lnk
2017-10-07 11:33 - 2017-10-07 15:45 - 000000000 ____D C:\Program Files\Rack
2017-10-07 11:33 - 2017-10-07 11:33 - 000000000 ____D C:\Users\TMine\Downloads\Rack-0.3.2-win
2017-10-05 11:25 - 2017-10-05 11:25 - 000067448 _____ C:\Users\TMine\Downloads\posting (1).html
2017-10-05 11:25 - 2017-10-05 11:25 - 000067444 _____ C:\Users\TMine\Downloads\posting.html
2017-10-04 19:01 - 2017-10-04 22:45 - 686472780 _____ C:\Users\TMine\Downloads\Unconfirmed 43053.crdownload
2017-10-04 19:01 - 2017-10-04 22:45 - 568289623 _____ C:\Users\TMine\Downloads\Unconfirmed 355692.crdownload
2017-10-04 19:01 - 2017-10-04 19:14 - 136513144 _____ C:\Users\TMine\Downloads\Update-MPC-Essentials-1.8.2-WIN.zip
2017-09-27 03:30 - 2017-09-27 03:32 - 051966256 _____ (AMD Inc.) C:\Users\TMine\Downloads\radeon-crimson-relive-17.9.2-minimalsetup-170921_web.exe
2017-09-27 03:24 - 2017-09-27 04:01 - 000000000 ____D C:\Users\TMine\AppData\Local\Jagex
2017-09-27 03:24 - 2017-09-27 04:01 - 000000000 ____D C:\ProgramData\Jagex
2017-09-27 03:23 - 2017-09-27 03:23 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Jagex
2017-09-27 03:09 - 2017-09-27 03:10 - 005522392 _____ (Jagex Ltd ) C:\Users\TMine\Downloads\RuneScape-Setup.exe
2017-09-26 14:25 - 2017-09-26 17:08 - 500447347 _____ C:\Users\TMine\Downloads\SoundToys.v5.0.1.10839.WIN.FIXED-AudioUTOPiA.rar
2017-09-26 08:58 - 2017-09-26 08:58 - 000695465 _____ C:\Users\TMine\Downloads\pierce.pdf
2017-09-23 22:58 - 2017-09-23 22:59 - 027052174 _____ C:\Users\TMine\Downloads\Sonic BLoom Field Recording Drum Rack.alp
2017-09-23 22:57 - 2017-09-23 22:57 - 000031876 _____ C:\Users\TMine\Downloads\Parallel Processing.zip
2017-09-23 14:33 - 2017-09-23 21:49 - 000000000 ____D C:\Users\TMine\Documents\BIAS_FX
2017-09-23 14:18 - 2017-09-23 14:24 - 223479913 _____ C:\Users\TMine\Downloads\Hybrid_3.0.7_Setup.zip
2017-09-23 12:27 - 2017-09-23 12:27 - 000001308 _____ C:\Users\TMine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\klystrack.lnk
2017-09-23 12:26 - 2017-09-24 23:11 - 000000746 _____ C:\Users\TMine\.klystrack
2017-09-23 12:26 - 2017-09-24 23:11 - 000000000 _____ C:\Users\TMine\.klystrackfavorites
2017-09-23 12:26 - 2017-09-23 12:27 - 000000000 ____D C:\Program Files (x86)\Klystrack
2017-09-23 11:52 - 2017-09-23 12:48 - 1795742248 _____ (inMusic Brands ) C:\Users\TMine\Downloads\VIPKEYBOARDSPC.EXE
2017-09-22 23:52 - 2017-09-22 23:55 - 134180489 _____ C:\Users\TMine\Downloads\runthejewels3.zip
2017-09-22 14:51 - 2017-09-22 15:08 - 000000000 ____D C:\Users\TMine\AppData\Roaming\discord
2017-09-22 14:51 - 2017-09-22 14:51 - 000000000 ____D C:\Users\TMine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Discord Inc
2017-09-22 14:51 - 2017-09-22 14:51 - 000000000 ____D C:\Users\TMine\AppData\Local\Discord
2017-09-22 14:49 - 2017-09-22 14:50 - 054332920 _____ (Discord Inc.) C:\Users\TMine\Downloads\DiscordSetup.exe
2017-09-22 11:47 - 2017-10-18 05:03 - 000002156 _____ C:\Users\TMine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\f.lux.lnk
2017-09-21 14:48 - 2017-09-21 14:48 - 000983168 _____ (Bleeping Computer, LLC) C:\Users\TMine\Downloads\rkill (2)64.exe
2017-09-21 11:32 - 2017-09-21 11:32 - 000462251 _____ C:\Users\TMine\Downloads\ASIO4ALL_2_14_English.exe
2017-09-20 21:34 - 2017-09-20 21:34 - 000732424 _____ C:\Users\TMine\Downloads\AZR3-x64.zip
2017-09-20 21:34 - 2017-09-20 21:34 - 000732424 _____ C:\Users\TMine\Downloads\AZR3-x64 (1).zip
2017-09-20 19:11 - 2017-09-20 19:16 - 051613696 _____ C:\Users\TMine\Downloads\PMX-302_Funky_Pianos.alp.zip
2017-09-20 19:11 - 2017-09-20 19:16 - 047697920 _____ C:\Users\TMine\Downloads\PMX-303_Organs.alp.zip
2017-09-20 19:11 - 2017-09-20 19:16 - 046256128 _____ C:\Users\TMine\Downloads\CrystalGoblets.zip
2017-09-20 19:11 - 2017-09-20 19:16 - 044695552 _____ C:\Users\TMine\Downloads\Eugene.zip
2017-09-20 19:11 - 2017-09-20 19:16 - 041811968 _____ C:\Users\TMine\Downloads\PMX-304_Reeds.alp.zip
2017-09-19 14:52 - 2017-09-19 14:52 - 000000000 _____ C:\Users\TMine\AppData\Local\{9F4957C5-F98C-477D-889F-0041F8B9ADA3}
2017-09-18 15:22 - 2017-09-18 15:22 - 008182736 _____ (Malwarebytes) C:\Users\TMine\Downloads\AdwCleaner (1).exe
2017-09-18 15:22 - 2017-09-18 15:22 - 001790024 _____ (Malwarebytes) C:\Users\TMine\Downloads\JRT (1).exe
2017-09-18 15:21 - 2017-09-18 15:22 - 001792640 _____ (Bleeping Computer, LLC) C:\Users\TMine\Downloads\rkill (2).exe
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2017-10-18 15:54 - 2017-05-06 10:28 - 000004166 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{260BFBE1-F649-4712-8897-B8521EA87F12}
2017-10-18 14:27 - 2016-11-17 13:04 - 000000000 ____D C:\Users\TMine\AppData\Roaming\quassel-irc.org
2017-10-18 14:25 - 2017-05-06 10:31 - 002754830 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-10-18 14:21 - 2017-03-18 22:01 - 000000000 ____D C:\WINDOWS\INF
2017-10-18 14:21 - 2015-11-20 14:49 - 000000000 ____D C:\AdwCleaner
2017-10-18 14:19 - 2017-05-06 10:28 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-10-18 14:19 - 2015-09-02 13:18 - 000000000 ____D C:\Temp
2017-10-18 14:16 - 2017-05-06 10:21 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2017-10-18 14:16 - 2016-02-14 14:31 - 000000000 ____D C:\Users\TMine\AppData\Roaming\tixati
2017-10-18 12:30 - 2017-03-18 22:03 - 000000000 ___HD C:\Program Files\WindowsApps
2017-10-18 12:30 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\AppReadiness
2017-10-18 08:38 - 2016-02-19 16:37 - 000000132 _____ C:\Users\TMine\AppData\Roaming\Adobe PNG Format CS6 Prefs
2017-10-18 08:18 - 2016-02-12 17:52 - 000000000 ____D C:\Users\TMine\AppData\Roaming\vlc
2017-10-18 03:14 - 2017-03-18 21:51 - 000000000 ____D C:\WINDOWS\CbsTemp
2017-10-18 03:11 - 2016-02-19 16:29 - 000000000 ____D C:\Users\TMine\AppData\Local\Adobe
2017-10-18 03:05 - 2017-03-18 12:40 - 001572864 _____ C:\WINDOWS\system32\config\BBI
2017-10-18 02:50 - 2016-02-17 15:49 - 000000000 ____D C:\ProgramData\Malwarebytes
2017-10-18 00:21 - 2017-04-02 16:14 - 000002272 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-10-16 18:59 - 2016-05-08 14:51 - 000000352 _____ C:\WINDOWS\Tasks\HPCeeScheduleForTMine.job
2017-10-16 12:59 - 2017-05-06 10:28 - 000003244 _____ C:\WINDOWS\System32\Tasks\HPCeeScheduleForTMine
2017-10-16 12:52 - 2017-05-06 10:28 - 000004588 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player PPAPI Notifier
2017-10-16 12:52 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2017-10-16 12:52 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\system32\Macromed
2017-10-13 14:34 - 2017-09-11 13:43 - 000000000 ____D C:\Users\TMine\AppData\Roaming\WhatsApp
2017-10-13 14:23 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\rescache
2017-10-13 01:21 - 2017-03-18 22:06 - 000835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2017-10-13 01:21 - 2017-03-18 22:06 - 000177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2017-10-11 19:09 - 2016-02-12 17:38 - 000000000 __RHD C:\Users\Public\AccountPictures
2017-10-11 17:40 - 2017-05-06 10:21 - 005207968 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-10-11 17:40 - 2017-03-18 22:03 - 000230400 _____ (Microsoft Corporation) C:\WINDOWS\system32\msclmd.dll
2017-10-11 17:40 - 2017-03-18 22:03 - 000207872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msclmd.dll
2017-10-11 17:40 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\SysWOW64\en-GB
2017-10-11 17:40 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\system32\en-GB
2017-10-11 17:40 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\ShellExperiences
2017-10-11 17:40 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\Provisioning
2017-10-11 17:40 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2017-10-11 13:58 - 2016-02-12 19:47 - 000000000 ____D C:\WINDOWS\system32\MRT
2017-10-11 13:55 - 2016-02-12 19:47 - 126925120 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-10-11 13:54 - 2015-10-30 08:24 - 000000167 _____ C:\WINDOWS\win.ini
2017-10-11 13:53 - 2017-03-18 22:03 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2017-10-10 12:14 - 2017-09-09 18:45 - 000000000 ____D C:\WINDOWS\Panther
2017-10-10 11:38 - 2016-02-14 19:18 - 000000540 __RSH C:\ProgramData\ntuser.pol
2017-10-10 11:23 - 2017-05-06 10:22 - 000000000 ____D C:\Users\TMine
2017-10-10 10:47 - 2016-02-15 22:21 - 000000000 ____D C:\Users\TMine\AppData\Roaming\Skype
2017-10-09 14:23 - 2016-02-12 13:52 - 000000000 ____D C:\ESD
2017-10-08 22:05 - 2016-08-03 10:15 - 000000000 ____D C:\Users\TMine\AppData\Roaming\DAEMON Tools Lite
2017-10-08 20:28 - 2016-09-05 02:06 - 000000000 ____D C:\Program Files\Rockstar Games
2017-10-08 20:28 - 2016-09-05 02:06 - 000000000 ____D C:\Program Files (x86)\Rockstar Games
2017-10-08 18:25 - 2017-07-12 19:42 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SONiVOX
2017-10-08 18:10 - 2016-05-02 12:27 - 000000000 ____D C:\ProgramData\SONiVOX
2017-10-08 18:06 - 2016-05-14 20:47 - 000000000 ____D C:\Program Files (x86)\SONiVOX
2017-10-06 16:03 - 2017-07-11 17:50 - 000000000 ____D C:\Users\TMine\AppData\LocalLow\Mozilla
2017-10-05 11:57 - 2016-05-07 08:39 - 000000000 ____D C:\Users\TMine\AppData\Local\Hewlett-Packard
2017-10-05 09:17 - 2016-02-15 14:10 - 000000000 ____D C:\Users\TMine\AppData\Roaming\Audacity
2017-10-02 09:05 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2017-10-02 05:17 - 2016-08-21 12:32 - 000000000 ____D C:\Users\TMine\AppData\Roaming\Raptr
2017-09-27 03:35 - 2015-06-30 02:12 - 000000000 ____D C:\AMD
2017-09-23 14:38 - 2017-06-18 02:01 - 000000000 ____D C:\Program Files\Softube
2017-09-23 14:38 - 2017-06-02 21:22 - 000000000 ____D C:\ProgramData\ValhallaVintageVerb
2017-09-23 14:38 - 2017-06-02 21:22 - 000000000 ____D C:\ProgramData\ValhallaShimmer
2017-09-23 14:38 - 2017-06-02 21:22 - 000000000 ____D C:\ProgramData\ValhallaRoom
2017-09-23 14:38 - 2017-02-25 21:29 - 000000000 ____D C:\WINDOWS\SecureLib
2017-09-23 14:38 - 2016-02-17 14:41 - 000000000 ____D C:\Program Files\Common Files\VST3
2017-09-23 14:37 - 2017-07-12 19:47 - 000004096 _____ C:\Users\TMine\PaceKeyChain
2017-09-23 14:33 - 2017-06-01 12:51 - 000000000 ____D C:\Users\TMine\Documents\PG_Passive_EQ
2017-09-23 14:33 - 2017-06-01 12:51 - 000000000 ____D C:\Users\TMine\Documents\PG_FET_Compressor
2017-09-23 14:26 - 2017-02-26 01:32 - 000000000 ____D C:\Program Files (x86)\AIR Music Technology
2017-09-23 14:26 - 2016-02-12 17:32 - 000000000 ____D C:\ProgramData\Package Cache
2017-09-23 11:34 - 2016-02-12 18:06 - 000000000 ____D C:\Program Files\CCleaner
2017-09-22 14:51 - 2017-09-11 13:43 - 000000000 ____D C:\Users\TMine\AppData\Local\SquirrelTemp
2017-09-22 07:51 - 2017-07-27 10:01 - 000003364 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1484530008-2578543859-123513441-1002
2017-09-22 07:51 - 2016-02-12 17:40 - 000002363 _____ C:\Users\TMine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-09-22 07:51 - 2016-02-12 17:40 - 000000000 ___RD C:\Users\TMine\OneDrive
2017-09-21 11:33 - 2016-02-14 17:04 - 000000000 ____D C:\Program Files (x86)\ASIO4ALL v2
2017-09-18 12:31 - 2017-09-11 14:00 - 000000000 ____D C:\Users\TMine\AppData\Roaming\MusicBee
 
==================== Files in the root of some directories =======
 
2017-06-01 13:56 - 2017-06-01 13:56 - 000000041 _____ () C:\Users\TMine\AppData\Roaming\.pedal.version
2017-06-01 12:51 - 2017-06-01 12:51 - 000000033 _____ () C:\Users\TMine\AppData\Roaming\.pgbias
2017-06-01 12:51 - 2017-06-01 12:51 - 000000033 _____ () C:\Users\TMine\AppData\Roaming\.pgbiasfx
2017-06-01 12:51 - 2017-06-01 12:51 - 000000033 _____ () C:\Users\TMine\AppData\Roaming\.pgbiaspedal
2017-06-01 12:51 - 2017-06-01 12:51 - 000000030 _____ () C:\Users\TMine\AppData\Roaming\.pgdigitaleq
2017-06-01 12:51 - 2017-06-01 12:51 - 000000030 _____ () C:\Users\TMine\AppData\Roaming\.pgfetcompressor
2017-06-01 12:51 - 2017-06-01 12:51 - 000000030 _____ () C:\Users\TMine\AppData\Roaming\.pgopticalcompressor
2017-06-01 12:51 - 2017-06-01 12:51 - 000000030 _____ () C:\Users\TMine\AppData\Roaming\.pgpassiveeq
2017-06-01 12:51 - 2017-06-01 12:51 - 000000030 _____ () C:\Users\TMine\AppData\Roaming\.pgtubecompressor
2017-06-01 12:51 - 2017-06-01 12:51 - 000000030 _____ () C:\Users\TMine\AppData\Roaming\.pgtubeeq
2016-02-19 16:37 - 2017-10-18 08:38 - 000000132 _____ () C:\Users\TMine\AppData\Roaming\Adobe PNG Format CS6 Prefs
2016-08-01 08:18 - 2016-08-01 08:25 - 000000077 _____ () C:\Users\TMine\AppData\Roaming\Rim.Desktop.Exception.log
2016-08-01 08:18 - 2016-08-01 08:18 - 000001111 _____ () C:\Users\TMine\AppData\Roaming\Rim.Desktop.HttpServerSetup.log
2016-08-01 08:18 - 2016-08-01 08:25 - 000000077 _____ () C:\Users\TMine\AppData\Roaming\Rim.DesktopHelper.Exception.log
2016-01-03 15:47 - 2016-01-03 15:47 - 000322552 _____ (Alexander Roshal) C:\Users\TMine\AppData\Roaming\UnRAR.exe
2017-03-03 00:43 - 2017-07-09 23:20 - 000033992 _____ () C:\Users\TMine\AppData\Roaming\VoiceMeeterDefault.xml
2016-04-06 14:08 - 2017-05-07 14:05 - 000001456 _____ () C:\Users\TMine\AppData\Local\Adobe Save for Web 13.0 Prefs
2016-02-14 14:50 - 2017-01-17 08:48 - 000000600 _____ () C:\Users\TMine\AppData\Local\PUTTY.RND
2017-09-19 14:52 - 2017-09-19 14:52 - 000000000 _____ () C:\Users\TMine\AppData\Local\{9F4957C5-F98C-477D-889F-0041F8B9ADA3}
2016-05-03 10:04 - 2016-05-03 10:04 - 000000057 _____ () C:\ProgramData\Ament.ini
2017-05-06 10:22 - 2017-05-06 10:22 - 000000000 ____H () C:\ProgramData\DP45977C.lfl
 
==================== Bamital & volsnap ======================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
 
LastRegBack: 2017-10-10 13:25
 
==================== End of FRST.txt ============================
 
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 18-10-2017
Ran by TMine (18-10-2017 16:01:40)
Running from C:\Users\TMine\Desktop
Windows 10 Pro Version 1703 15063.674 (X64) (2017-05-06 09:32:43)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-1484530008-2578543859-123513441-500 - Administrator - Disabled)
TMine (S-1-5-21-1484530008-2578543859-123513441-1002 - Administrator - Enabled) => C:\Users\TMine
DefaultAccount (S-1-5-21-1484530008-2578543859-123513441-503 - Limited - Disabled)
Guest (S-1-5-21-1484530008-2578543859-123513441-501 - Limited - Disabled)
Visitor (S-1-5-21-1484530008-2578543859-123513441-1006 - Limited - Enabled) => C:\Users\Visitor
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
Ableton Live 9 Lite (HKLM\...\{0B08C4C6-8B1F-4657-ABF6-71E46A8D13F3}) (Version: 9.0.0.0 - Ableton)
Ableton Live 9 Suite (HKLM\...\{7597F2DC-003A-476E-9281-774AB112B7BE}) (Version: 9.0.0.0 - Ableton)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.1.0.4880 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 3.7.0.272 - Adobe Systems Incorporated)
Adobe Flash Player 27 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 27.0.0.170 - Adobe Systems Incorporated)
Adobe Flash Player 27 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 27.0.0.170 - Adobe Systems Incorporated)
Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated)
Adobe Illustrator CS6 (HKLM-x32\...\{4869414E-7AEA-4C8E-BE1C-8D40977FD517}) (Version: 16.0 - Adobe Systems Incorporated)
Adobe Muse CC 2015 (HKLM-x32\...\MUSE_2015_2_0) (Version: 2015.2.0.877 - Adobe Systems Incorporated)
Adobe Photoshop CS6 (HKLM-x32\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated)
Aegisub 3.2.2 (HKLM-x32\...\{24BC8B57-716C-444F-B46B-A3349B9164C5}_is1) (Version: 3.2.2 - Aegisub Team)
AI Suite 3 (HKLM-x32\...\{CD36E28B-6023-469A-91E7-049A2874EC13}) (Version: 1.01.24 - ASUSTeK Computer Inc.)
AIR Music Technology Creative FX Collection Plus (HKLM-x32\...\AIR Music Technology Creative FX Collection Plus) (Version: 1.1 - AIR Music Technology)
Akai Elements of Dystopia (HKLM-x32\...\Akai Dystopia_is1) (Version:  - )
Akai Elements of House (HKLM-x32\...\Akai House_is1) (Version:  - )
Akai Elements of UK Dance (HKLM-x32\...\Akai UK Dance_is1) (Version:  - )
AMD Install Manager (HKLM\...\AMD Catalyst Install Manager) (Version: 9.0.000.4 - Advanced Micro Devices, Inc.)
Amiga Forever (HKLM-x32\...\{3C657235-E81F-4731-B50D-CD0DCB70DDBB}) (Version: 2013.0.1 - Cloanto)
Amiga SWOS version 2.12 (HKLM-x32\...\{45E70F4F-2A12-4DCE-802B-4A4F6BC7DE87}_is1) (Version: 2.12 - SWOS United e.V.)
Android Studio (HKLM\...\Android Studio) (Version: 1.0 - Google Inc.)
Anime Studio Pro 11.0 (HKLM\...\ASP1100_is1) (Version: 11.0 - Smith Micro Software, Inc.)
Antares Autotune Evo VST RTAS v6.0.9 (HKLM-x32\...\Antares Autotune Evo VST RTAS_is1) (Version:  - )
Apple Application Support (32-bit) (HKLM-x32\...\{3D1290E6-1F77-46D5-A715-A56679C8D4E3}) (Version: 6.0.2 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{D0E45DEC-F4B9-4370-A9DF-66837789C2EF}) (Version: 6.0.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{E3C4B99B-BE71-4C27-8E3C-4FAE3C46E1D5}) (Version: 11.0.0.30 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{C1BBFD2A-BCDD-45B3-8C0B-66BD434970A8}) (Version: 2.4.8.1 - Apple Inc.)
ARIA Engine v1.9.1.6 (HKLM\...\ARIA Engine_is1) (Version: v1.9.1.6 - Plogue Art et Technologie, Inc)
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.14 - Michael Tippach)
Audacity 2.1.3 (HKLM-x32\...\Audacity®_is1) (Version: 2.1.3 - Audacity Team)
AudioEase Speakersphone VST RTAS v1.03 (HKLM-x32\...\AudioEase Speakersphone VST RTAS_is1) (Version:  - Audio Ease)
Ballistix MOD Utility (HKLM\...\{F9AFFE49-003C-4D23-943F-33AAF9554234}) (Version: 1.0.0 - Crucial)
Bass Station 2.1 (HKLM-x32\...\{ABAF1232-6213-4062-9D52-04E04A730CEA}_is1) (Version: 2.1 - Novation)
BBC iPlayer Downloads (HKLM-x32\...\{148784F3-3B6E-4DFA-B7A1-3400B277DAF3}) (Version: 1.14.2 - BBC)
BIAS AMP Plugins Pack (64bit) (HKLM\...\{5EB0E97A-2BE6-44FD-B752-C6AC868AB1D7}) (Version: 1.4.11.3389 - PositiveGrid)
BIAS FX Plugins Pack (64bit) (HKLM\...\{BAA1FD3F-DAAF-4D04-9592-817EDDB064E9}) (Version: 1.5.4.2354 - PositiveGrid)
BIAS Pedal Plugins Pack (64bit) (HKLM\...\{4E9417BF-090E-4A79-A9C4-CFF4BCA3F044}) (Version: 2.2.4.4717 - PositiveGrid)
BlackBerry Desktop Software 7.1 (HKLM-x32\...\{BE5B0450-DCCB-4FE9-93E2-3B38D88A745B}) (Version: 7.1.0.41 - Research In Motion Ltd.) Hidden
BlackBerry Desktop Software 7.1 (HKLM-x32\...\BlackBerry_Desktop) (Version: 7.1.0.41 - Research In Motion Ltd.)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Bulk Rename Utility 3.0.0.1 (64-bit) (HKLM\...\Bulk Rename Utility Installation_is1) (Version:  - TGRMN Software)
Cableguys PanCake 2.3.1 (HKLM\...\PanCake_is1) (Version: 2.3.1 - Cableguys)
Cakewalk Z3TA+ 2 (HKLM\...\Z3TA+ 2_is1) (Version: 2.2.3.51 - Cakewalk)
CAM (HKLM-x32\...\{4FFDAF72-B7CD-441A-8B51-A30BF074F2C7}) (Version: 3.0.52 - NZXT)
Catalyst Control Center Next Localization BR (HKLM\...\{585A6A74-1DED-8DA0-32F1-F5EFA485DFB1}) (Version: 2016.0226.1531.27895 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (HKLM\...\{A0649E20-C57C-DCFA-AE1B-1CE1CB9D98A8}) (Version: 2016.0226.1531.27895 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (HKLM\...\{35F79A5D-00E2-8C19-D929-2E85DEA4252D}) (Version: 2016.0226.1531.27895 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (HKLM\...\{2CEBB6AA-EC39-DFF2-1F5B-9A98301C4DAB}) (Version: 2016.0226.1531.27895 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (HKLM\...\{F05F0B6E-9999-55D0-C323-D06DF0E2B59F}) (Version: 2016.0226.1531.27895 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (HKLM\...\{CBABB5FD-BD69-8969-729A-5659E11D9518}) (Version: 2016.0226.1531.27895 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (HKLM\...\{98527BF3-A8E0-B8CF-7297-436B714FC576}) (Version: 2016.0226.1531.27895 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (HKLM\...\{D6CD1B25-53E6-C2F8-FA99-F89138A9C86F}) (Version: 2016.0226.1531.27895 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (HKLM\...\{487C3865-3005-F04A-FBA4-F4239E02A847}) (Version: 2016.0226.1531.27895 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (HKLM\...\{D80AD200-548C-B62B-32AE-BF3CD7AA7EA2}) (Version: 2016.0226.1531.27895 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (HKLM\...\{D21BFF5C-51AA-4C15-1C91-6A1087FDC373}) (Version: 2016.0226.1531.27895 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (HKLM\...\{04F0FFCB-D9A5-2332-2697-CA47C0424AF2}) (Version: 2016.0226.1531.27895 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (HKLM\...\{47F2FFDC-3D6A-CED6-0B54-6E7082D5B29B}) (Version: 2016.0226.1531.27895 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (HKLM\...\{5608D1B6-6483-9FA3-7297-C2CFC3FCE747}) (Version: 2016.0226.1531.27895 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (HKLM\...\{1FCA484A-5A9E-9C91-F050-257D1F311A0C}) (Version: 2016.0226.1531.27895 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (HKLM\...\{D8FB03AE-A326-0C12-AC47-B898FE73FA94}) (Version: 2016.0226.1531.27895 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (HKLM\...\{F7876D2E-CDCD-CE53-0E88-995B57A94B58}) (Version: 2016.0226.1531.27895 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (HKLM\...\{3BAB5AC8-EF35-FED0-BCEB-9306D05EDE1C}) (Version: 2016.0226.1531.27895 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (HKLM\...\{746E086C-023A-A79C-DBE1-062E773FF6C8}) (Version: 2016.0226.1531.27895 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (HKLM\...\{1C44BB26-1941-DB44-D5E8-C455F89EE6E6}) (Version: 2016.0226.1531.27895 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (HKLM\...\{BE7F26CB-6E91-7673-7130-80C36FBF13DE}) (Version: 2016.0226.1531.27895 - Advanced Micro Devices, Inc.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.35 - Piriform)
Celemony Melodyne Plugin VST RTAS v1.0 (HKLM-x32\...\Celemony Melodyne Plugin_is1) (Version:  - )
CPUID CPU-Z 1.75 (HKLM\...\CPUID CPU-Z_is1) (Version:  - )
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.4.0.0192 - Disc Soft Ltd)
Defraggler (HKLM\...\Defraggler) (Version: 2.21 - Piriform)
Digits VST (HKLM-x32\...\DigitsVst) (Version:  - )
discoDSP OB-Xd 1.4 (HKLM-x32\...\DDOB_is1) (Version: 1.4 - discoDSP)
Discord (HKU\S-1-5-21-1484530008-2578543859-123513441-1002\...\Discord) (Version: 0.0.298 - Discord Inc.)
Dukto R6 (HKLM-x32\...\{386C0311-B146-4CE0-89E5-8469A3583156}}_is1) (Version: R6 - Emanuele Colombo)
Dungeon Keeper (HKLM-x32\...\{B9E79070-56B6-4980-A7E9-C28D6480D050}) (Version: 1.0.0.1 - Electronic Arts)
EaseUS Partition Master 10.5 Trial Edition (HKLM-x32\...\EaseUS Partition Master Trial Edition_is1) (Version:  - EaseUS)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version:  - )
Everything 1.4.1.877 (x64) (HKLM\...\Everything) (Version: 1.4.1.877 (x64) - David Carpenter)
f.lux (HKU\S-1-5-21-1484530008-2578543859-123513441-1002\...\Flux) (Version:  - f.lux Software LLC)
FileZilla Client 3.24.0 (HKLM-x32\...\FileZilla Client) (Version: 3.24.0 - Tim Kosse)
Final Draft (HKLM-x32\...\{E8FDC52C-83F4-4A0F-AA65-D0E8C0F3302F}) (Version: 9.0.0.163 - Final Draft, Inc.)
FL Studio 12 (HKLM-x32\...\FL Studio 12) (Version:  - Image-Line)
FL Studio ASIO (HKLM-x32\...\FL Studio ASIO) (Version:  - Image-Line)
FlacSquisher 1.3.7 (HKLM-x32\...\FlacSquisher) (Version: 1.3.7 - FlacSquisher)
Focusrite USB 2.0 Audio Driver 2.5.1 (HKLM\...\Focusrite USB 2.0 Audio Driver_is1) (Version: 2.5.1 - Focusrite Audio Engineering Limited.)
FormatFactory 3.8.0.0 (HKLM-x32\...\FormatFactory) (Version: 3.8.0.0 - Free Time)
Fotosizer 2.09 (HKLM-x32\...\Fotosizer) (Version: 2.09.0.548 - Fotosizer.com)
FreeTelly (HKU\S-1-5-21-1484530008-2578543859-123513441-1002\...\FreeTelly) (Version:  - ${COMPANY})
FXpansion DCAMDynamics (HKU\S-1-5-21-1484530008-2578543859-123513441-1002\...\FXpansion DCAMDynamics) (Version: 1.0.1.7 - FXpansion Audio UK Ltd)
GEAR driver installer for AMD64 and Intel EM64T (HKLM\...\{50CBBEC7-1010-41C5-8718-A1A6FEDD9C3A}) (Version: 2.003.1 - GEAR Software, Inc.)
get_iplayer (HKLM-x32\...\get_iplayer) (Version: 2.95.1 - )
Gobbler (HKLM\...\{49C3123D-9497-434D-A988-A9B389B1E189}) (Version: 2.1.2.246 - Media Gobbler, Inc.) Hidden
Gobbler (HKLM-x32\...\{953c9b39-f945-469d-a0d2-8d1c5fd040f1}) (Version: 2.1.2.246 - Media Gobbler, Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 62.0.3202.62 - Google Inc.)
Google Earth Pro (HKLM-x32\...\{ECF2E224-42F5-4E50-B58E-94CA70E85697}) (Version: 7.3.0.3832 - Google)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.5 - Google Inc.) Hidden
Grace 64bit 1.0.4.9 (HKLM\...\Grace_is1) (Version:  - One Small Clue)
Grace Factory Content 1.0 (HKLM-x32\...\Grace Factory Content_is1) (Version:  - One Small Clue)
Grand Theft Auto V (HKLM-x32\...\R3JhbmRUaGVmdEF1dG9W_is1) (Version: 1 - )
HandBrake 1.0.7 (HKLM-x32\...\HandBrake) (Version: 1.0.7 - )
Helm (HKLM\...\{0FBF237A-BE97-4368-B312-7D229C749734}) (Version: 0.8.5.0 - Matt Tytel)
Herramientas de corrección de Microsoft Office 2016: español (HKLM\...\{90160000-001F-0C0A-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
HP Deskjet 2540 series Basic Device Software (HKLM\...\{6A79CD11-0C1C-4E24-A8C6-46A02F680346}) (Version: 32.2.188.47710 - Hewlett-Packard Co.)
HP Deskjet 2540 series Help (HKLM-x32\...\{4539575D-C09D-4E71-B207-0F2D6BD74DA2}) (Version: 30.0.0 - Hewlett Packard)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.7702 - HP)
HP Support Assistant (HKLM-x32\...\{78E2C850-ADA6-420D-BA35-2F4A9BE733CC}) (Version: 8.5.37.19 - HP)
HP Support Solutions Framework (HKLM-x32\...\{CE7447C2-EF12-4EF3-BE51-BFC3B049C0F6}) (Version: 12.8.37.11 - HP)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
Hybrid (HKLM-x32\...\{a131ab43-5f9e-4241-87bf-e705d4045ac7}) (Version: 3.0.7.19000 - AIR Music Tech GmbH)
Hybrid Content (HKLM-x32\...\{77129154-5C4A-45D0-AFEF-5D9C2D307246}) (Version: 3.0.7.19000 - AIR Music Tech GmbH) Hidden
Hybrid VST64 (HKLM\...\{EB4543A3-A9D8-4354-94BE-22400A619F7A}) (Version: 3.0.7.19000 - AIR Music Tech GmbH) Hidden
Icecream Screen Recorder version 4.61 (HKLM-x32\...\{7ADEC622-3230-4C9A-9DCE-9BD462B74095}_is1) (Version: 4.61 - Icecream Apps)
IL Download Manager (HKLM-x32\...\IL Download Manager) (Version:  - Image-Line)
Intel® Chipset Device Software (HKLM-x32\...\{60c073df-e736-4210-9c3a-5fc2b651cef3}) (Version: 10.1.1.7 - Intel® Corporation) Hidden
Intel® Hardware Accelerated Execution Manager (HKLM\...\{6F73FF93-0B55-4194-AE45-C19DA1F33E97}) (Version: 6.0.3 - Intel Corporation)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.41 - Irfan Skiljan)
iSpy (64 bit) (HKLM\...\{4C5C6F38-E560-4A88-8F68-735D7A258F28}) (Version: 6.5.1.0 - DeveloperInABox)
iSpy package installer (64 bit) (HKLM-x32\...\{122ec9b4-1264-45d8-b64c-b73493549025}) (Version: 6.5.1.0 - DeveloperInABox)
ITCH (HKLM-x32\...\{A86FE646-BE8F-46A7-AD10-68B69BB0029E}) (Version: 2.2.2.20 - Serato Audio Research)
iTunes (HKLM\...\{A7186CCF-A94A-4BB3-A38D-DEDC70C66A53}) (Version: 12.7.0.166 - Apple Inc.)
iZotope Alloy 2 (HKLM-x32\...\iZotope Alloy 2_is1) (Version: 2.01 - iZotope, Inc.)
iZotope Nectar (HKLM-x32\...\iZotope Nectar_is1) (Version: 1.14 - iZotope, Inc.)
Java 8 Update 144 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180144F0}) (Version: 8.0.1440.1 - Oracle Corporation)
Java SE Development Kit 7 Update 79 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0170790}) (Version: 1.7.0.790 - Oracle)
JBridge (HKLM-x32\...\JBridge) (Version:  - JBridge)
Kirnu Cream (HKLM\...\Cream_is1) (Version: 1.2.3 - Kirnu)
K-Lite Codec Pack 13.4.3 Full (HKLM-x32\...\KLiteCodecPack_is1) (Version: 13.4.3 - KLCP)
Kodi (HKU\S-1-5-21-1484530008-2578543859-123513441-1002\...\Kodi) (Version:  - XBMC-Foundation)
KORG Legacy Collection - DIGITAL EDITION (HKLM-x32\...\{D0E565B0-03A0-40D9-A514-000634AA58C6}) (Version: 1.3.2 - KORG Inc.)
Krush version 1.1.0 (HKLM\...\Krush_is1) (Version: 1.1.0 - tritik)
LADSPA_plugins-win-0.4.15 (HKLM-x32\...\LADSPA_plugins-win_is1) (Version:  - Audacity Team)
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version:  - )
LiveTwitchTranslator 0 (HKLM\...\LiveTwitchTranslator_is1) (Version: 0 - Focusrite Audio Engineering Limited)
Malwarebytes version 3.2.2.2029 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.2.2.2029 - Malwarebytes)
Max 7 (64-bit) (HKLM\...\{23261731-0D66-4BDF-8221-D388AC2863FB}) (Version: 7.3.4 - Cycling '74)
MEGAsync (HKLM-x32\...\MEGAsync) (Version:  - Mega Limited)
MeldaProduction Audio Plugins 10 (HKLM-x32\...\MeldaProduction Audio Plugins 10) (Version:  - MeldaProduction)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{67F42018-F647-4D3C-BE62-F8CB4FE2FCD5}) (Version: 3.5.67.0 - Microsoft Corporation)
Microsoft Office Professional Plus 2016 (HKLM\...\Office16.PROPLUS) (Version: 16.0.4266.1001 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1484530008-2578543859-123513441-1002\...\OneDriveSetup.exe) (Version: 17.3.6998.0830 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{a2199617-3609-410f-a8e8-e8806c73545b}) (Version: 11.0.61030.0 - Корпорация Майкрософт)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{f0080ca2-80ae-4958-b6eb-e8fa916d744a}) (Version: 11.0.61030.0 - Корпорация Майкрософт)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.10.25017 (HKLM-x32\...\{e52a6842-b0ac-476e-b48f-378a97a67346}) (Version: 14.10.25017.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.10.25017 (HKLM-x32\...\{f325f05b-f963-4640-a43b-c8a494cdda0f}) (Version: 14.10.25017.0 - Microsoft Corporation)
Minecraft (HKLM-x32\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang)
MixMeister Fusion 7.2.2 (HKLM-x32\...\MixMeister Fusion 7.2.2_is1) (Version:  - )
Monoplugs Monique (HKLM\...\Monique_is1) (Version: 1.0.3 - Monoplugs)
Motorola Device Manager (HKLM-x32\...\{28DB8373-C1BB-444F-A427-A55585A12ED7}) (Version: 2.5.4 - Motorola Mobility)
Motorola Device Software Update (HKLM-x32\...\{894AB83D-A9AF-4E54-BFF3-A7262A0A6C13}) (Version: 13.09.3001 - Motorola Mobility) Hidden
Motorola Mobile Drivers Installation 6.4.0 (HKLM\...\{27986EDD-C9EC-4B52-B92F-06D073F0AA52}) (Version: 6.4.0 - Motorola Mobility LLC)
Movie Maker (HKLM-x32\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{EB3DF0F0-0525-4C5A-A2F8-DEC868A3075D}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 55.0.3 (x86 en-GB) (HKLM-x32\...\Mozilla Firefox 55.0.3 (x86 en-GB)) (Version: 55.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 55.0.3.6445 - Mozilla)
MPC Element (HKLM\...\USB_AUDIO_DEusb-audio.deAkaiACV3) (Version:  - )
MPC Essentials 1.8.2 (HKLM\...\com.akaipro.mpc.essentials_is1) (Version: 1.8.2 - Akai Professional)
MPC Renaissance driver (HKLM\...\USB_AUDIO_DEusb-audio.deAkaiACV0) (Version:  - )
MPC Studio driver (HKLM\...\USB_AUDIO_DEusb-audio.deAkaiACV1) (Version:  - )
MPD218 Editor (HKLM-x32\...\{A2560B81-A7CA-4163-B1AC-4360F9E2AA5A}) (Version: 1.00.0008 - Akai Professional)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MusicBee 3.0 (HKLM-x32\...\MusicBee) (Version: 3.0 - Steven Mayall)
Native Instruments B4 II (HKLM-x32\...\Native Instruments B4 II) (Version:  - )
Native Instruments Controller Editor (HKLM-x32\...\Native Instruments Controller Editor) (Version:  - Native Instruments)
Native Instruments Guitar Rig 5 (HKLM-x32\...\Native Instruments Guitar Rig 5) (Version:  - Native Instruments)
Native Instruments Guitar Rig Mobile I/O (HKLM-x32\...\Native Instruments Guitar Rig Mobile I/O) (Version:  - Native Instruments)
Native Instruments Guitar Rig Session I/O (HKLM-x32\...\Native Instruments Guitar Rig Session I/O) (Version:  - Native Instruments)
Native Instruments Kontakt 5 (HKLM-x32\...\Native Instruments Kontakt 5) (Version: 5.6.1.48 - Native Instruments)
Native Instruments Massive (HKLM-x32\...\Native Instruments Massive) (Version:  - Native Instruments)
Native Instruments Reaktor 6 (HKLM-x32\...\Native Instruments Reaktor 6) (Version: 6.0.0.1501 - Native Instruments)
Native Instruments Reaktor 6 Bundle (HKLM-x32\...\Native Instruments Reaktor 6 Bundle) (Version: 6.0.0.0 - Native Instruments)
Native Instruments Reaktor Blocks (HKLM-x32\...\Native Instruments Reaktor Blocks) (Version: 1.0.0.12 - Native Instruments)
Native Instruments Reaktor Factory Library (HKLM-x32\...\Native Instruments Reaktor Factory Library) (Version: 1.0.0.5 - Native Instruments)
Native Instruments Rig Kontrol 3 (HKLM-x32\...\Native Instruments Rig Kontrol 3) (Version:  - Native Instruments)
Native Instruments Service Center (HKLM-x32\...\Native Instruments Service Center) (Version: 2.6.0.137 - Native Instruments)
Notepad++ (32-bit x86) (HKLM-x32\...\Notepad++) (Version: 7.2.2 - Notepad++ Team)
Novation USB Audio Driver 2.6 (HKLM\...\Novation USB Audio Driver_is1) (Version: 2.6 - Novation DMS Ltd.)
O Deus ASIOLinkPro v2.4.2 CE (HKLM\...\ASIOLinkPro_is1) (Version: 2.4.2 - Team V.R)
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 18.0.1 - OBS Project)
Origin (HKLM-x32\...\Origin) (Version: 10.5.2.49155 - Electronic Arts, Inc.)
Outils de vérification linguistique 2016 de Microsoft Office - Français (HKLM\...\{90160000-001F-040C-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
PACE License Support Win64 (HKLM\...\{72ad9d51-0903-4fe7-af5d-33b3185fa6e9}) (Version: 2.4.1.0731 - PACE Anti-Piracy, Inc.) Hidden
PACE License Support Win64 (HKLM\...\{83E92696-D92D-4c7e-B094-0BE853B191FE}) (Version: 2.5.2.1034 - PACE Anti-Piracy, Inc.) Hidden
PACE License Support Win64 (HKLM-x32\...\InstallShield_{72ad9d51-0903-4fe7-af5d-33b3185fa6e9}) (Version: 2.4.1.0731 - PACE Anti-Piracy, Inc.)
PACE License Support Win64 (HKLM-x32\...\InstallShield_{83E92696-D92D-4c7e-B094-0BE853B191FE}) (Version: 2.5.2.1034 - PACE Anti-Piracy, Inc.)
PC SWOS-Total Pack version V1.5 (HKLM-x32\...\{C5C62359-A304-4C6B-B2F0-63AB58F9CBB8}_is1) (Version: V1.5 - )
PDF Settings CS6 (HKLM-x32\...\{BFEAAE77-BD7F-4534-B286-9C5CB4697EB1}) (Version: 11.0 - Adobe Systems Incorporated) Hidden
PG Digital EQ Plugins Pack (64bit) (HKLM\...\{93914426-F706-4AC2-9732-30EEE08EC215}) (Version: 0.0.7.256 - PositiveGrid)
PG FET Compressor Plugins Pack (64bit) (HKLM\...\{87D45417-BB58-48BD-A976-2083ABADD769}) (Version: 0.0.8.255 - PositiveGrid)
PG Optical Compressor Plugins Pack (64bit) (HKLM\...\{558D2E74-AAB5-49BA-ACA5-34CA9F6CA7D8}) (Version: 0.0.8.255 - PositiveGrid)
PG Passive EQ Plugins Pack (64bit) (HKLM\...\{AEBCBADF-67D8-41CD-A576-8DBD6A47B0AB}) (Version: 0.0.7.256 - PositiveGrid)
PG Tube Compressor Plugins Pack (64bit) (HKLM\...\{117131A9-5AA2-413D-B14B-DB9003499A7D}) (Version: 0.0.8.255 - PositiveGrid)
PG Tube EQ Plugins Pack (64bit) (HKLM\...\{2E12D09A-9CFD-4728-AEFC-C79FE65573ED}) (Version: 0.0.7.256 - PositiveGrid)
PlaysTV (HKLM-x32\...\PlaysTV) (Version: 1.12.3-r114511-release - Plays.tv, LLC)
Plogue AlterEgo v1.516 (HKLM\...\__ARIA_1019___is1) (Version: v1.516 - Plogue)
Plogue chipsounds (HKLM\...\__ARIA_1009___is1) (Version: v1.600 - Plogue)
Plogue NATA v1.003 (HKLM\...\__ARIA_2405___is1) (Version: v1.003 - Plogue)
Pro Motion NG (HKLM-x32\...\{F68BBD08-1B32-4113-998C-71811BF271E5}) (Version: 7.0.5.0 - Cosmigo)
Product Improvement Study for HP Deskjet 2540 series (HKLM\...\{DF34643B-A745-430C-B27B-A48F853C81E4}) (Version: 32.2.188.47710 - Hewlett-Packard Co.)
PSP VintageWarmer 2.0.0 (HKLM-x32\...\PSP VintageWarmer 2.0.0) (Version: 2.0.0 - PSPaudioware.com)
Quassel (remove only) (HKLM-x32\...\Quassel) (Version: 1d306c - KDE)
QuickTime 7 (HKLM-x32\...\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 - Apple Inc.)
Raptr (HKLM-x32\...\Raptr) (Version: 5.2.10-r123135-release - Raptr, Inc)
Ravernator V5.8.4 VSTi (HKLM-x32\...\Ravernator VSTi_is1) (Version:  - )
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7841 - Realtek Semiconductor Corp.)
Recuva (HKLM\...\Recuva) (Version: 1.53 - Piriform)
Red 2 & Red 3 Plug-in Suite version 1.1 (HKLM\...\Red 2 & Red 3 Plug-in Suite_is1) (Version: 1.1 - Focusrite Audio Engineering Limited)
Reverberate (x64) 1.225 (HKLM\...\Reverberate (x64)) (Version: 1.225 - LiquidSonics)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.5.8 - Rockstar Games)
RuneScape Launcher 2.2.4 (HKLM\...\RuneScape Launcher_is1) (Version: 2.2.4 - Jagex Ltd)
Scarlett MixControl 1.8 (HKLM-x32\...\Saffire USB 26_is1) (Version: 1.8 - Focusrite Audio Engineering Limited)
Scarlett Plug-in Suite 1.7 (HKLM-x32\...\{D7F912D4-C237-4079-966A-5044A5025CBF}}_is1) (Version: 1.7 - Focusrite)
Serato DJ  (HKLM-x32\...\{4B0C437B-9C97-4456-94C8-5BC9DA88A82C}) (Version: 1.9.5.1692 - Serato) Hidden
Serato DJ  (HKLM-x32\...\{b713ac71-e598-4b2d-9342-2ee51a7f1440}) (Version: 1.9.5.1692 - )
S-GEAR 2 (HKLM\...\S-GEAR 2.6 CE_is1) (Version: 2.6.0 - Scuffham Amps)
ShareX (HKLM\...\82E6AC09-0FEF-4390-AD9F-0DD3F5561EFC_is1) (Version: 11.8.0 - ShareX Team)
SideKick4.3.2 (HKLM-x32\...\SideKick432 ID_mp1) (Version:  - Twisted Lemon)
Sinnah 1.0.0 (HKLM-x32\...\NUSofting Sinnah VST Synthesizer_is1) (Version: 1.0.0 - NUSofting)
Skype™ 7.26 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.26.101 - Skype Technologies S.A.)
Slate Digital FG-X Mastering Processor VST RTAS v1.1.2 (HKLM-x32\...\Slate Digital FG-X Mastering Processor_is1) (Version:  - )
Software Director (HKLM-x32\...\Cloanto Software Director) (Version: 3.8.10.0 - Cloanto Corporation)
Sonalksis Plug-Ins for Windows 2.00 (HKLM-x32\...\Sonalksis Plug-Ins for Windows_is1) (Version:  - Sonalksis)
SONiVOX BigBang 2 (HKLM-x32\...\SONiVOX BigBang 2_is1) (Version:  - )
SONiVOX BigBangDrums 2 (HKLM-x32\...\SONiVOX BigBangDrums 2_is1) (Version:  - )
SONiVOX Twist 2 (HKLM-x32\...\SONiVOX Twist 2_is1) (Version:  - )
SONiVOX Wobble 2 (HKLM-x32\...\SONiVOX Wobble 2) (Version: 2.3 - SONiVOX)
SoulseekQt version 2016.4.24 (HKLM-x32\...\{8A4E1646-488C-4E5B-AC31-F784400E8D2D}_is1) (Version: 2016.4.24 - Soulseek LLC)
SoundToys Native Effects V4 (HKLM-x32\...\SoundToys Native Effects V4_is1) (Version:  - SoundToys Inc)
SoundToys Native Effects VST RTAS v3.1.2 (HKLM-x32\...\SoundToys Native Effects VST RTAS_is1) (Version:  - )
Speccy (HKLM\...\Speccy) (Version: 1.30 - Piriform)
Spotify (HKU\S-1-5-21-1484530008-2578543859-123513441-1002\...\Spotify) (Version: 1.0.37.150.gad02a02e - Spotify AB)
Spybot Anti-Beacon (HKLM-x32\...\{419A7FCF-93E1-474D-BFE9-987CF3F90C88}_is1) (Version: 1.5 - Safer-Networking Ltd.)
Star Citizen Launcher (HKU\S-1-5-21-1484530008-2578543859-123513441-1002\...\Star Citizen Launcher) (Version: 00.01.00.00 - Cloud Imperium Games)
Steinberg Cubase 5 (HKLM-x32\...\{4A19D6AC-ADE0-4A07-80FF-9C9812C45557}) (Version: 5.1.2 - Steinberg Media Technologies GmbH)
Steinberg Drum Loop Expansion 01 (HKLM-x32\...\{490BF87E-1F75-4453-BF55-9F540543A3CA}) (Version: 1.0.0.1 - Steinberg Media Technologies GmbH)
Steinberg Groove Agent ONE Content (HKLM-x32\...\{BD86F1AC-B594-46E4-85DC-1258AC9E2232}) (Version: 1.0.0.003 - Steinberg Media Technologies GmbH)
Steinberg HALionOne (HKLM-x32\...\{E70E7159-93B1-470D-9FBD-D8E9EF34B538}) (Version: 1.1.0.457 - Steinberg Media Technologies GmbH)
Steinberg HALionOne Additional Content Set 01 (HKLM-x32\...\{F3AFD063-8BAD-485E-B641-E7F5A2C5AE71}) (Version: 1.0.0.001 - Steinberg Media Technologies GmbH)
Steinberg HALionOne Expression Set (HKLM-x32\...\{E22AD5D3-EB60-4A8F-835C-6C10E369DCE2}) (Version: 1.0.1.0 - Steinberg Media Technologies GmbH)
Steinberg HALionOne GM Drum Set (HKLM-x32\...\{AC997F93-0757-4ED4-A701-F40C2D654D09}) (Version: 1.0.1.457 - Steinberg Media Technologies GmbH)
Steinberg HALionOne GM Set (HKLM-x32\...\{F057965A-D974-4C64-ADB1-4381CD4B8956}) (Version: 1.0.1.457 - Steinberg Media Technologies GmbH)
Steinberg HALionOne Pro Set (HKLM-x32\...\{D82CDA0D-C182-42C8-8FF2-5649C98D6003}) (Version: 1.0.1.457 - Steinberg Media Technologies GmbH)
Steinberg HALionOne Studio Drum Set (HKLM-x32\...\{865D9ED1-EAC2-436D-AFA7-0B750EB5AAAB}) (Version: 1.0.1.457 - Steinberg Media Technologies GmbH)
Steinberg HALionOne Studio Set (HKLM-x32\...\{D23CBFDA-C46B-4920-BA70-FC7878A3F05A}) (Version: 1.0.1.457 - Steinberg Media Technologies GmbH)
Steinberg LoopMash Content (HKLM-x32\...\{4D454CF8-12FD-464D-B57B-B46FE27B78BB}) (Version: 1.0.0.005 - Steinberg Media Technologies GmbH)
Steinberg REVerence Content 01 (HKLM-x32\...\{532B917B-8235-4FA5-BE36-643A8BB053A5}) (Version: 1.0.0.006 - Steinberg Media Technologies GmbH)
Steinberg VST Classics 1 64bit (HKLM\...\{AA322103-FC2B-4D86-BA6C-67D4DDB4209C}) (Version: 1.0.0 - Steinberg Media Technologies GmbH)
Sugar Bytes Cyclop 1.1.2 (HKLM\...\Cyclop_is1) (Version: 1.1.2 - Sugar Bytes)
TeamViewer 11 (HKLM-x32\...\TeamViewer) (Version: 11.0.65452 - TeamViewer)
Tixati (HKLM-x32\...\tixati) (Version:  - )
Toon Boom Studio 8.0 (HKLM-x32\...\{D7294307-BFD3-4D70-8A8B-80693EB8245C}) (Version:  - Toon Boom Animation Inc.)
TransMac version 11.0 (HKLM-x32\...\TransMac_is1) (Version: 11.0 - Acute Systems)
TreeSize Free V3.4.5 (HKLM-x32\...\TreeSize Free_is1) (Version: 3.4.5 - JAM Software)
TubeOhm ANTI-TRANSPIRANT V1.06 (HKLM-x32\...\TUBEOHM ANTI-TRANSPIRANT V 1.06_is1) (Version:  - )
Twitch (HKLM-x32\...\{DEE70742-F4E9-44CA-B2B9-EE95DCF37295}) (Version: 6.0.0.0 - Twitch Interactive, Inc.)
Uplay (HKLM-x32\...\Uplay) (Version: 20.0 - Ubisoft)
ValhallaRoom version 1.1.1 (HKLM-x32\...\{375980F3-1584-496E-888B-BD3D81EF0C1D}_is1) (Version: 1.1.1 - Valhalla DSP, LLC)
ValhallaShimmer version 1.0.3dot4 (HKLM-x32\...\{6955BA75-52B6-4C6F-BCC4-1014920D587C}_is1) (Version: 1.0.3dot4 - Valhalla DSP, LLC)
ValhallaSpaceModulator version 1.0.7 (HKLM-x32\...\{5A8791CD-6E9A-4270-8A0B-D6AC9967877E}_is1) (Version: 1.0.7 - Valhalla DSP, LLC)
ValhallaVintageVerb version 1.5.0 (HKLM-x32\...\{86164718-6457-42DE-8DB6-EA05F7045F2C}_is1) (Version: 1.5.0 - Valhalla DSP, LLC)
Virtual Audio Cable 4.15 (HKLM\...\Virtual Audio Cable 4.15) (Version:  - )
Visual C++ 64-bit Redistributables (HKLM-x32\...\InstallShield_{FB03650C-B373-4B20-ACA5-B7BA1A8EEE33}) (Version: 1.2.0.5555 - PACE Anti-Piracy, Inc.)
Visual C++ Redistributables (HKLM-x32\...\InstallShield_{F03117FA-9270-46B0-9666-0B4BC2CDEBF5}) (Version: 1.2.0.5555 - PACE Anti-Piracy, Inc.)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.6 - VideoLAN)
Voicemeeter, The Virtual Mixing Console (HKLM-x32\...\VB:Voicemeeter {17359A74-1236-5467}) (Version:  - VB-Audio Software)
Volfram version 1.2.1 (HKLM\...\Volfram_is1) (Version: 1.2.1 - )
Vulkan Run Time Libraries 1.0.17.0 (HKLM\...\VulkanRT1.0.17.0) (Version: 1.0.17.0 - LunarG, Inc.)
Waves Complete V9r15 (HKLM-x32\...\{91000001-C561-4E32-99EB-3C5AD3683A70}) (Version: 9.1.15 - Waves)
WebM Project Directshow Filters (HKU\S-1-5-21-1484530008-2578543859-123513441-1002\...\webmdshow) (Version: 1.0.4.1 - WebM Project)
WhatsApp (HKU\S-1-5-21-1484530008-2578543859-123513441-1002\...\WhatsApp) (Version: 0.2.5863 - WhatsApp)
Winamp (HKLM-x32\...\Winamp) (Version: 5.666  - Nullsoft, Inc)
Windows 10 Update and Privacy Settings (HKLM\...\{293F2009-0145-450B-B4AA-063D43FB368C}) (Version: 1.0.13.0 - Microsoft Corporation)
Windows 10 Upgrade Assistant (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.17387 - Microsoft Corporation)
Windows 7 Games for Windows 8 and 10 (HKLM-x32\...\MicrosoftGamesForWin8) (Version: 1.1.0.10 - )
Windows Driver Package - Focusrite USB 2.0 Audio Driver (03/17/2014 2.5.128.1) (HKLM\...\D86E353566ECB4A7ADA159C02FE46D0BACC4FA6B) (Version: 03/17/2014 2.5.128.1 - Focusrite)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
WinRAR 5.31 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.31.0 - win.rar GmbH)
Xfer Records LFOTool v1.29 Beta 6 x64 (HKLM\...\Xfer Records LFOTool v1.29 Beta 6 x64_is1) (Version:  - )
Xiph.Org Open Codecs 0.85.17777 (HKLM-x32\...\Open Codecs) (Version: 0.85.17777 - Xiph.Org)
XLN Online Installer (HKLM\...\XLN Online Installer Inno Setup ID_is1) (Version:  - )
Xpand!2 (64-bit VSTi) (HKLM-x32\...\{1381AB76-4418-2E05-12EF-D823420BC993}) (Version: 2.2.7.19000 - AIR Music Tech GmbH)
Zip Motion Block Video codec (Remove Only) (HKLM-x32\...\ZMBV) (Version:  - )
 
==================== Custom CLSID (Whitelisted): ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
CustomCLSID: HKU\S-1-5-21-1484530008-2578543859-123513441-1002_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-8ACAB622FEC3}\InprocServer32 -> %%systemroot%%\system32\shell32.dll => No File
CustomCLSID: HKU\S-1-5-21-1484530008-2578543859-123513441-1002_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\TMine\AppData\Local\MEGAsync\ShellExtX64.dll [2017-06-07] ()
ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\TMine\AppData\Local\MEGAsync\ShellExtX64.dll [2017-06-07] ()
ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\TMine\AppData\Local\MEGAsync\ShellExtX64.dll [2017-06-07] ()
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-05-22] ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-05-22] ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-05-22] ()
ShellIconOverlayIdentifiers-x32: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\TMine\AppData\Local\MEGAsync\ShellExtX64.dll [2017-06-07] ()
ShellIconOverlayIdentifiers-x32: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\TMine\AppData\Local\MEGAsync\ShellExtX64.dll [2017-06-07] ()
ShellIconOverlayIdentifiers-x32: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\TMine\AppData\Local\MEGAsync\ShellExtX64.dll [2017-06-07] ()
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-05-22] ()
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files (x86)\Notepad++\NppShell_06.dll [2016-03-28] ()
ContextMenuHandlers1: [BRUMenuHandler] -> {5D924130-4CB1-11DB-B0DE-0800200C9A66} => C:\Program Files\Bulk Rename Utility\BRUhere64.dll [2016-02-04] (Bulk Rename Utility)
ContextMenuHandlers1: [DefragglerShellExtension] -> {4380C993-0C43-4E02-9A7A-0D40B6EA7590} => C:\Program Files\Defraggler\DefragglerShell64.dll [2016-03-08] (Piriform Ltd)
ContextMenuHandlers1: [FormatFactoryShell] -> {A3777921-CFD3-4A6B-89BF-08E6B95716E8} => C:\Program Files (x86)\FormatFactory\ShellEx64_103.dll [2013-06-17] (Free Time)
ContextMenuHandlers1: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\TMine\AppData\Local\MEGAsync\ShellExtX64.dll [2017-06-07] ()
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-02-04] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-02-04] (Alexander Roshal)
ContextMenuHandlers2: [BRUMenuHandler] -> {5D924130-4CB1-11DB-B0DE-0800200C9A66} => C:\Program Files\Bulk Rename Utility\BRUhere64.dll [2016-02-04] (Bulk Rename Utility)
ContextMenuHandlers2: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\TMine\AppData\Local\MEGAsync\ShellExtX64.dll [2017-06-07] ()
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-08-30] (Malwarebytes)
ContextMenuHandlers3: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\TMine\AppData\Local\MEGAsync\ShellExtX64.dll [2017-06-07] ()
ContextMenuHandlers4: [BRUMenuHandler] -> {5D924130-4CB1-11DB-B0DE-0800200C9A66} => C:\Program Files\Bulk Rename Utility\BRUhere64.dll [2016-02-04] (Bulk Rename Utility)
ContextMenuHandlers4: [FormatFactoryShell] -> {A3777921-CFD3-4A6B-89BF-08E6B95716E8} => C:\Program Files (x86)\FormatFactory\ShellEx64_103.dll [2013-06-17] (Free Time)
ContextMenuHandlers4: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\TMine\AppData\Local\MEGAsync\ShellExtX64.dll [2017-06-07] ()
ContextMenuHandlers4: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2016-06-06] (Piriform Ltd)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files\AMD\CNext\CNext\atiacm64.dll [2016-02-26] (Advanced Micro Devices, Inc.)
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-05-22] ()
ContextMenuHandlers6: [DefragglerShellExtension] -> {4380C993-0C43-4E02-9A7A-0D40B6EA7590} => C:\Program Files\Defraggler\DefragglerShell64.dll [2016-03-08] (Piriform Ltd)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-08-30] (Malwarebytes)
ContextMenuHandlers6: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2016-06-06] (Piriform Ltd)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-02-04] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-02-04] (Alexander Roshal)
 
==================== Scheduled Tasks (Whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {044FED78-955C-47A4-96DE-6877EFB367B6} - System32\Tasks\ASUS\Push Notice Server Execute => C:\Program Files (x86)\ASUS\AI Suite III\Push Notice\PushNotifyServer.exe [2014-05-28] (ASUSTeK Computer Inc.)
Task: {0E6937D2-E134-4DCD-A9A9-A05DAD91D1F2} - System32\Tasks\ASUS\USB 3.0 Boost Service => C:\Program Files (x86)\ASUS\AI Suite III\USB 3.0 Boost\U3BoostSvr.exe [2013-07-24] (ASUSTeK Computer Inc.)
Task: {11263612-A7D3-46E1-9C18-28A7C289CCD6} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-02-12] (Google Inc.)
Task: {15954B0B-31CB-4936-A839-C44693F6008D} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2017-07-24] (Apple Inc.)
Task: {17BB5F09-1F14-48BF-B120-9C34FC2D2EAB} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [2016-11-07] (HP Inc.)
Task: {1EF79A5C-910E-489E-AE08-C5B661D49244} - System32\Tasks\ASUS\Ez Update => C:\Program Files (x86)\ASUS\AI Suite III\EZ Update\EzUpdt.exe [2015-09-10] ()
Task: {2022481F-4B4E-455E-BF8B-9A889B4EE314} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2017-10-11] (Microsoft Corporation)
Task: {3E7C13A1-CF4B-4A1D-B711-5D27A4095C93} - System32\Tasks\{230C249C-3265-4B21-BCF5-7EEF0E72D430} => C:\WINDOWS\system32\pcalua.exe -a "C:\Users\TMine\Desktop\Duo Driver\XPPOSTINSTALLER.EXE" -d "C:\Users\TMine\Desktop\Duo Driver"
Task: {40158EC5-56E1-4592-9FFB-267D233BEC6A} - System32\Tasks\klcp_update => C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe [2017-08-03] ()
Task: {536D80EB-9A1F-40F7-BCDE-392D0C63AE6C} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe [2017-09-15] (HP Inc.)
Task: {6CC4BEDE-A039-4AC7-BE63-A2C45E8CB230} - System32\Tasks\ASUS\ASUS AISuiteIII => C:\Program Files (x86)\ASUS\AI Suite III\AISuite3.exe [2015-06-30] (ASUSTeK Computer Inc.)
Task: {7057C281-C701-4A9D-A921-133EC7EBDB10} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2017-09-27] (HP Inc.)
Task: {7B65A0FD-E93A-4A0E-90B7-F7969CAFD233} - System32\Tasks\[email protected] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2016-05-05] (Adobe Systems Incorporated)
Task: {8B42BFB5-082B-4956-AA5C-F41BE54A2DC6} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [2015-07-31] (Microsoft Corporation)
Task: {91E3BB0E-BB5B-46CF-985B-55EF5453822A} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [2017-06-22] (HP Inc.)
Task: {9453D238-C0B4-479D-BF6B-094EDF8AD12F} - System32\Tasks\HPCeeScheduleForTMine => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2016-01-22] (Hewlett-Packard)
Task: {95C8D77C-579E-4E30-99F3-73464055F583} - System32\Tasks\HPCustParticipation HP Deskjet 2540 series => C:\Program Files\HP\HP Deskjet 2540 series\Bin\HPCustPartic.exe [2014-03-06] (Hewlett-Packard Co.)
Task: {A14C147D-3986-4226-BD65-4FCFF8C2AA90} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2017-09-27] (HP Inc.)
Task: {A48119F4-E003-4822-BA3D-5968A73B973B} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_27_0_0_170_pepper.exe [2017-10-16] (Adobe Systems Incorporated)
Task: {C11AA2E5-BA9A-4E54-8B68-4B4A53D6695D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-02-12] (Google Inc.)
Task: {C38EF616-7A98-4FEA-9878-C31CEF39E4E7} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [2015-07-31] (Microsoft Corporation)
Task: {C931C2C5-8A23-44DC-9586-8DC59CF873BB} - System32\Tasks\Motorola Device Manager Update => C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotorolaDeviceManagerUpdate.exe [2014-10-30] ()
Task: {D06D1C11-4880-4C2D-9230-E9477F56B035} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2017-09-20] (HP Inc.)
Task: {D994C346-74FB-4237-A1A8-F9C246CAF062} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2017-09-20] (Piriform Ltd)
Task: {D9DADA29-CEFD-49FB-B37B-A9F16945F59F} - System32\Tasks\AMD Updater => C:\Program Files\AMD\CIM\\Bin64\InstallManagerApp.exe [2016-07-18] (Advanced Micro Devices, Inc.)
Task: {DBA0976D-4898-47B4-A0BF-305A31B2B2D9} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2015-07-31] (Microsoft Corporation)
Task: {DFB8F0BE-DEF0-441B-B2D4-7DAF0E1CF35B} - System32\Tasks\Safer-Networking\Spybot Anti-Beacon\Refresh Anti-Beacon immunization => C:\Program Files (x86)\Spybot Anti-Beacon\SDAntiBeacon.exe [2015-10-19] (Safer-Networking Ltd.)
Task: {E02B9FBE-5B48-4663-8777-893D79B0CB77} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-10-16] (Adobe Systems Incorporated)
Task: {E62610CE-D35C-4624-8879-14900F017083} - System32\Tasks\ASUS\ASUS DIPAwayMode => C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DipAwayMode.exe [2015-06-30] ()
Task: {E673E6D8-9F6E-4238-80DA-CD61023AA64C} - System32\Tasks\CAM => C:\Program Files (x86)\NZXT\CAM\CAM_Client_V3.exe [2016-02-04] ()
Task: {E89515D0-106D-427C-9A40-3F021F1E1684} - System32\Tasks\ASUS\GpuFanHelper => C:\Program Files (x86)\ASUS\AI Suite III\DIP4\GpuFanHelper.exe [2015-06-04] (TODO: <Company name>)
Task: {F6D77D02-2945-4EBF-A911-7CB95B88DBCD} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater - Resources => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2017-09-20] (HP Inc.)
Task: {F7494308-C086-4F5B-B97C-9AAE656B395D} - System32\Tasks\Motorola Device Manager Initial Update => C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotorolaDeviceManagerUpdate.exe [2014-10-30] ()
Task: {F845EB14-338F-483D-A2F2-C6DF48C297ED} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2017-09-25] (HP Inc.)
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: C:\WINDOWS\Tasks\HPCeeScheduleForTMine.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
 
==================== Shortcuts & WMI ========================
 
(The entries could be listed to be restored or removed.)
 
 
==================== Loaded Modules (Whitelisted) ==============
 
2016-09-01 18:12 - 2016-09-01 18:12 - 000092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2017-09-01 02:49 - 2017-09-01 02:49 - 001356088 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2017-05-06 10:22 - 2013-07-04 04:32 - 000936728 _____ () C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe
2016-04-18 16:21 - 2014-09-26 14:40 - 001360016 _____ () C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe
2017-03-18 21:58 - 2017-03-18 21:58 - 000138000 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2016-04-18 16:21 - 2015-06-30 22:23 - 001275672 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DipAwayMode.exe
2017-06-07 21:09 - 2017-06-07 21:09 - 000598528 _____ () C:\Users\TMine\AppData\Local\MEGAsync\ShellExtX64.dll
2016-05-22 19:33 - 2016-05-22 19:33 - 000491184 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll
2017-02-23 00:56 - 2017-02-23 00:56 - 008911560 _____ () C:\Program Files\Microsoft Office\Office16\1033\GrooveIntlResource.dll
2017-01-13 20:10 - 2017-01-13 20:10 - 000052400 _____ () C:\Program Files\FileZilla FTP Client\fzshellext_64.dll
2016-03-28 19:07 - 2016-03-28 19:07 - 000230064 _____ () C:\Program Files (x86)\Notepad++\NppShell_06.dll
2017-03-18 21:59 - 2017-03-20 04:43 - 001731072 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-05-05 21:49 - 2016-05-05 21:49 - 005192192 _____ () C:\Program Files (x86)\Quassel\quasselclient.exe
2017-07-03 14:28 - 2017-07-03 15:36 - 000980543 _____ () E:\Games\Steam\steamapps\common\Football Manager Touch 2017\OpenAL32.dll
2017-07-03 14:28 - 2017-07-03 15:36 - 001919488 _____ () E:\Games\Steam\steamapps\common\Football Manager Touch 2017\vpxmt.dll
2017-07-03 14:28 - 2017-07-03 15:36 - 001609728 _____ () E:\Games\Steam\steamapps\common\Football Manager Touch 2017\twitchsdk_x64_release.dll
2017-07-03 14:28 - 2017-07-03 15:36 - 000361103 _____ () E:\Games\Steam\steamapps\common\Football Manager Touch 2017\swresample-ttv-0.dll
2017-07-03 14:28 - 2017-07-03 15:36 - 000688161 _____ () E:\Games\Steam\steamapps\common\Football Manager Touch 2017\libmp3lame-ttv.dll
2017-07-03 14:28 - 2017-07-03 15:34 - 000653832 _____ () E:\Games\Steam\steamapps\common\Football Manager Touch 2017\avutil-ttv-51.dll
2017-10-18 00:21 - 2017-10-17 09:08 - 004135768 _____ () C:\Program Files (x86)\Google\Chrome\Application\62.0.3202.62\libglesv2.dll
2017-10-18 00:21 - 2017-10-17 09:08 - 000100184 _____ () C:\Program Files (x86)\Google\Chrome\Application\62.0.3202.62\libegl.dll
2017-10-16 12:52 - 2017-10-16 12:52 - 031229440 _____ () C:\WINDOWS\system32\Macromed\Flash\pepflashplayer64_27_0_0_170.dll
2017-05-06 10:22 - 2017-10-18 14:19 - 000034448 _____ () C:\Program Files (x86)\ASUS\AXSP\1.01.02\PEbiosinterface32.dll
2017-05-06 10:22 - 2013-07-04 04:32 - 000104448 _____ () C:\Program Files (x86)\ASUS\AXSP\1.01.02\ATKEX.dll
2015-11-24 21:48 - 2015-11-24 21:48 - 000028160 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\servicemanager.pyd
2015-11-24 21:46 - 2015-11-24 21:46 - 000110592 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\pywintypes26.dll
2015-11-24 21:48 - 2015-11-24 21:48 - 000041472 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\win32service.pyd
2015-11-24 21:48 - 2015-11-24 21:48 - 000096256 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\win32api.pyd
2015-11-24 21:43 - 2015-11-24 21:43 - 000356864 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\_hashlib.pyd
2015-11-24 21:48 - 2015-11-24 21:48 - 000017920 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\win32event.pyd
2015-11-24 21:48 - 2015-11-24 21:48 - 000019968 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\win32evtlog.pyd
2015-11-24 21:48 - 2015-11-24 21:48 - 000036352 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\win32process.pyd
2015-11-24 21:43 - 2015-11-24 21:43 - 000043008 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\_socket.pyd
2015-11-24 21:43 - 2015-11-24 21:43 - 000805376 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\_ssl.pyd
2015-11-24 21:43 - 2015-11-24 21:43 - 000087040 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\_ctypes.pyd
2015-11-24 21:46 - 2015-11-24 21:46 - 000354304 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\pythoncom26.dll
2015-11-24 21:48 - 2015-11-24 21:48 - 000167936 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\win32gui.pyd
2015-11-24 21:47 - 2015-11-24 21:47 - 001980928 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\PyQt5.QtGui.pyd
2015-12-07 21:57 - 2015-12-07 21:57 - 000077824 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\sip.pyd
2015-11-24 21:47 - 2015-11-24 21:47 - 001862144 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\PyQt5.QtCore.pyd
2015-11-24 21:47 - 2015-11-24 21:47 - 000516608 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\PyQt5.QtNetwork.pyd
2015-11-24 21:47 - 2015-11-24 21:47 - 004060160 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\PyQt5.QtWidgets.pyd
2015-11-24 21:43 - 2015-11-24 21:43 - 000010240 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\select.pyd
2014-04-07 15:31 - 2014-04-07 15:31 - 000172032 _____ () C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\css_core.dll
2016-04-18 16:19 - 2015-06-03 16:17 - 000091648 _____ () C:\Program Files (x86)\ASUS\AI Suite III\Log4cxxWrapper.dll
2016-04-18 16:19 - 2015-06-03 16:17 - 000147456 _____ () C:\Program Files (x86)\ASUS\AI Suite III\AssistFunc.dll
2016-04-18 16:21 - 2015-07-02 23:20 - 004662272 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\dip4.dll
2016-04-18 16:21 - 2015-06-04 00:48 - 000091648 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\Log4cxxWrapper.dll
2016-04-18 16:22 - 2015-05-21 22:57 - 001141248 _____ () C:\Program Files (x86)\ASUS\AI Suite III\EZ Update\EasyUpdt.dll
2016-04-18 16:22 - 2015-07-13 11:16 - 001341440 _____ () C:\Program Files (x86)\ASUS\AI Suite III\Mobo Connect\MoboConnect.dll
2016-04-18 16:19 - 2015-06-28 16:37 - 000829440 _____ () C:\Program Files (x86)\ASUS\AI Suite III\Version\Version.dll
2016-04-18 16:21 - 2014-09-08 07:26 - 000053248 _____ () C:\Program Files (x86)\ASUS\VGA COM\1.00.20\Exeio.dll
2016-04-18 16:21 - 2014-09-26 14:40 - 000278528 _____ () C:\Program Files (x86)\ASUS\VGA COM\1.00.20\Vender.dll
2016-04-18 16:19 - 2015-06-03 16:17 - 000663552 _____ () C:\Program Files (x86)\ASUS\AI Suite III\aaHMLib.dll
2016-04-18 16:21 - 2015-06-04 00:48 - 000712192 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DIPDLL\DIP4DIGIPowerControlAction.dll
2016-04-18 16:21 - 2015-06-30 22:22 - 000863744 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DIPDLL\DIP4EpuAction.dll
2016-04-18 16:21 - 2015-06-04 00:48 - 000803840 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DIPDLL\DIP4FanAction.dll
2016-04-18 16:21 - 2015-07-01 16:33 - 000815104 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DIPDLL\DIP4TurboVEVOAction.dll
2016-04-18 16:21 - 2015-06-04 00:48 - 000507392 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\AsKeyboardFocusHooker.dll
2016-05-05 21:34 - 2016-05-05 21:34 - 000068096 _____ () C:\Program Files (x86)\Quassel\snoresettings-qt5.dll
2016-05-05 21:33 - 2016-05-05 21:33 - 000182272 _____ () C:\Program Files (x86)\Quassel\snore-qt5.dll
2016-05-05 21:34 - 2016-05-05 21:34 - 000034816 _____ () C:\Program Files (x86)\Quassel\libsnore-qt5\libsnore_backend_windowstoast.dll
2016-05-05 21:33 - 2016-05-05 21:33 - 000056320 _____ () C:\Program Files (x86)\Quassel\libsnore-qt5\libsnore_backend_snarl.dll
2016-05-05 21:34 - 2016-05-05 21:34 - 000044544 _____ () C:\Program Files (x86)\Quassel\libsnore-qt5\libsnore_backend_snore.dll
2016-05-05 21:34 - 2016-05-05 21:34 - 000027136 _____ () C:\Program Files (x86)\Quassel\libsnore-qt5\libsnore_backend_trayicon.dll
2016-05-05 21:34 - 2016-05-05 21:34 - 000032256 _____ () C:\Program Files (x86)\Quassel\libsnore-qt5\libsnore_backend_growl.dll
2016-05-05 21:32 - 2016-05-05 21:32 - 000015872 _____ () C:\Program Files (x86)\Quassel\snoregrowl++.dll
2016-05-05 21:32 - 2016-05-05 21:32 - 000017408 _____ () C:\Program Files (x86)\Quassel\snoregrowl.dll
2016-05-05 21:34 - 2016-05-05 21:34 - 000026112 _____ () C:\Program Files (x86)\Quassel\libsnore-qt5\libsnore_secondarybackend_puhover.dll
2016-05-05 21:33 - 2016-05-05 21:33 - 000022528 _____ () C:\Program Files (x86)\Quassel\libsnore-qt5\libsnore_secondarybackend_sound.dll
2016-05-05 21:34 - 2016-05-05 21:34 - 000022528 _____ () C:\Program Files (x86)\Quassel\libsnore-qt5\libsnore_secondarybackend_nma.dll
2016-05-05 21:33 - 2016-05-05 21:33 - 000025088 _____ () C:\Program Files (x86)\Quassel\libsnore-qt5\libsnore_secondarybackend_toasty.dll
2016-05-05 21:34 - 2016-05-05 21:34 - 000023040 _____ () C:\Program Files (x86)\Quassel\libsnore-qt5\libsnore_settings_backend_snore.dll
2016-05-05 21:34 - 2016-05-05 21:34 - 000022016 _____ () C:\Program Files (x86)\Quassel\libsnore-qt5\libsnore_settings_backend_snarl.dll
2016-05-05 21:34 - 2016-05-05 21:34 - 000030208 _____ () C:\Program Files (x86)\Quassel\libsnore-qt5\libsnore_settings_secondarybackend_sound.dll
2016-05-05 21:34 - 2016-05-05 21:34 - 000025600 _____ () C:\Program Files (x86)\Quassel\libsnore-qt5\libsnore_settings_secondarybackend_puhover.dll
2016-05-05 21:34 - 2016-05-05 21:34 - 000024064 _____ () C:\Program Files (x86)\Quassel\libsnore-qt5\libsnore_settings_secondarybackend_nma.dll
2016-05-05 21:34 - 2016-05-05 21:34 - 000022528 _____ () C:\Program Files (x86)\Quassel\libsnore-qt5\libsnore_settings_backend_growl.dll
2016-05-05 21:34 - 2016-05-05 21:34 - 000024064 _____ () C:\Program Files (x86)\Quassel\libsnore-qt5\libsnore_settings_secondarybackend_toasty.dll
2016-05-21 13:01 - 2017-09-09 20:25 - 000688416 _____ () E:\Games\Steam\SDL2.dll
2016-05-21 13:01 - 2017-10-17 22:24 - 002546976 _____ () E:\Games\Steam\video.dll
2016-05-21 13:01 - 2016-09-01 02:02 - 004969248 _____ () E:\Games\Steam\v8.dll
2016-05-21 13:01 - 2016-01-27 08:49 - 000491008 _____ () E:\Games\Steam\libavformat-56.dll
2016-05-21 13:01 - 2016-01-27 08:49 - 000332800 _____ () E:\Games\Steam\libavresample-2.dll
2016-05-21 13:01 - 2016-01-27 08:49 - 000442880 _____ () E:\Games\Steam\libavutil-54.dll
2016-05-21 13:01 - 2016-01-27 08:49 - 002549760 _____ () E:\Games\Steam\libavcodec-56.dll
2016-05-21 13:01 - 2016-01-27 08:49 - 000485888 _____ () E:\Games\Steam\libswscale-3.dll
2016-05-21 13:01 - 2016-09-01 02:02 - 001195296 _____ () E:\Games\Steam\icuuc.dll
2016-05-21 13:01 - 2016-09-01 02:02 - 001563936 _____ () E:\Games\Steam\icui18n.dll
2016-05-21 13:01 - 2017-10-17 22:24 - 000901408 _____ () E:\Games\Steam\bin\chromehtml.DLL
2016-05-21 13:01 - 2016-07-04 23:17 - 000266560 _____ () E:\Games\Steam\openvr_api.dll
2017-06-12 08:30 - 2017-09-07 03:04 - 000678400 _____ () E:\Games\Steam\bin\cef\cef.win7\SDL2.dll
2016-12-12 19:25 - 2017-08-16 23:28 - 073130272 _____ () E:\Games\Steam\bin\cef\cef.win7\libcef.dll
2016-05-21 13:01 - 2015-09-25 00:52 - 000119208 _____ () E:\Games\Steam\winh264.dll
 
==================== Alternate Data Streams (Whitelisted) =========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 
 
==================== Safe Mode (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
 
==================== Association (Whitelisted) ===============
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
 
 
==================== Internet Explorer trusted/restricted ===============
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
 
==================== Hosts content: ==========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2015-10-30 08:24 - 2017-10-18 14:24 - 000002641 _____ C:\WINDOWS\system32\Drivers\etc\hosts
 
0.0.0.0 choice.microsoft.com
0.0.0.0 choice.microsoft.com.nstac.net
0.0.0.0 df.telemetry.microsoft.com
0.0.0.0 oca.telemetry.microsoft.com
0.0.0.0 oca.telemetry.microsoft.com.nsatc.net
0.0.0.0 redir.metaservices.microsoft.com
0.0.0.0 reports.wes.df.telemetry.microsoft.com
0.0.0.0 services.wes.df.telemetry.microsoft.com
0.0.0.0 settings-sandbox.data.microsoft.com
0.0.0.0 settings-win.data.microsoft.com
0.0.0.0 sqm.df.telemetry.microsoft.com
0.0.0.0 sqm.telemetry.microsoft.com
0.0.0.0 sqm.telemetry.microsoft.com.nsatc.net
0.0.0.0 telecommand.telemetry.microsoft.com
0.0.0.0 telecommand.telemetry.microsoft.com.nsatc.net
0.0.0.0 telemetry.appex.bing.net
0.0.0.0 telemetry.microsoft.com
0.0.0.0 telemetry.urs.microsoft.com
0.0.0.0 vortex-sandbox.data.microsoft.com
0.0.0.0 vortex-win.data.microsoft.com
0.0.0.0 vortex.data.microsoft.com
0.0.0.0 watson.telemetry.microsoft.com
0.0.0.0 watson.telemetry.microsoft.com.nsatc.net
0.0.0.0 watson.ppe.telemetry.microsoft.com
0.0.0.0 wes.df.telemetry.microsoft.com
0.0.0.0 vortex-bn2.metron.live.com.nsatc.net
0.0.0.0 vortex-cy2.metron.live.com.nsatc.net
0.0.0.0 watson.live.com
0.0.0.0 watson.microsoft.com
0.0.0.0 feedback.search.microsoft.com
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-1484530008-2578543859-123513441-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\TMine\AppData\Roaming\IrfanView\IrfanView_Wallpaper.bmp
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run: => "StartCCC"
HKLM\...\StartupApproved\Run: => "RTHDVCPL"
HKLM\...\StartupApproved\Run: => "Everything"
HKLM\...\StartupApproved\Run32: => "AdobeCS6ServiceManager"
HKLM\...\StartupApproved\Run32: => "SwitchBoard"
HKLM\...\StartupApproved\Run32: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run32: => "EaseUS EPM Tray Agent"
HKLM\...\StartupApproved\Run32: => "CAM"
HKLM\...\StartupApproved\Run32: => "HP Software Update"
HKLM\...\StartupApproved\Run32: => "PlaysTV"
HKLM\...\StartupApproved\Run32: => "Raptr"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud"
HKLM\...\StartupApproved\Run32: => "RIMBBLaunchAgent.exe"
HKLM\...\StartupApproved\Run32: => "CloantoSoftwareDirector"
HKU\S-1-5-21-1484530008-2578543859-123513441-1002\...\StartupApproved\StartupFolder: => "Monitor Ink Alerts - HP Deskjet 2540 series.lnk"
HKU\S-1-5-21-1484530008-2578543859-123513441-1002\...\StartupApproved\StartupFolder: => "Send to OneNote.lnk"
HKU\S-1-5-21-1484530008-2578543859-123513441-1002\...\StartupApproved\StartupFolder: => "MEGAsync.lnk"
HKU\S-1-5-21-1484530008-2578543859-123513441-1002\...\StartupApproved\StartupFolder: => "ShareX.lnk"
HKU\S-1-5-21-1484530008-2578543859-123513441-1002\...\StartupApproved\StartupFolder: => "Twitch.lnk"
HKU\S-1-5-21-1484530008-2578543859-123513441-1002\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-1484530008-2578543859-123513441-1002\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-1484530008-2578543859-123513441-1002\...\StartupApproved\Run: => "Skype"
HKU\S-1-5-21-1484530008-2578543859-123513441-1002\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-1484530008-2578543859-123513441-1002\...\StartupApproved\Run: => "EADM"
HKU\S-1-5-21-1484530008-2578543859-123513441-1002\...\StartupApproved\Run: => "AdobeBridge"
HKU\S-1-5-21-1484530008-2578543859-123513441-1002\...\StartupApproved\Run: => "Spotify"
HKU\S-1-5-21-1484530008-2578543859-123513441-1002\...\StartupApproved\Run: => "Spotify Web Helper"
HKU\S-1-5-21-1484530008-2578543859-123513441-1002\...\StartupApproved\Run: => "DAEMON Tools Lite Automount"
HKU\S-1-5-21-1484530008-2578543859-123513441-1002\...\StartupApproved\Run: => "GobblerTray"
HKU\S-1-5-21-1484530008-2578543859-123513441-1002\...\StartupApproved\Run: => "WhatsApp"
HKU\S-1-5-21-1484530008-2578543859-123513441-1002\...\StartupApproved\Run: => "Discord"
 
==================== FirewallRules (Whitelisted) ===============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [{4957319E-EF6D-42F7-A2E6-2270E219B3EB}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [UDP Query User{A9687FB6-09FA-43F3-872C-0E5E0A5CCE6D}C:\program files (x86)\freetelly\freetelly.exe] => (Allow) C:\program files (x86)\freetelly\freetelly.exe
FirewallRules: [TCP Query User{1B398B0B-D938-43DC-893B-D7BD1A43AE2E}C:\program files (x86)\freetelly\freetelly.exe] => (Allow) C:\program files (x86)\freetelly\freetelly.exe
FirewallRules: [{2C7E4232-B234-4444-96F3-C522316A7D97}] => (Block) %ProgramFiles% (x86)\Final Draft 9\installanchorservice.exe
FirewallRules: [{2ABA505E-809B-4B85-B93E-80A27F0F44F1}] => (Block) %ProgramFiles% (x86)\Final Draft 9\Final Draft.exe
FirewallRules: [{0660B32D-01DA-4D2E-AA2C-AFD01417C639}] => (Block) %ProgramFiles% (x86)\Toon Boom Animation\Toon Boom Studio 8.0\toonboom.exe
FirewallRules: [{57277743-F57D-4883-AE89-F66C4E7B665A}] => (Block) %ProgramFiles% (x86)\Toon Boom Animation\Toon Boom Studio 8.0\TBS.exe
FirewallRules: [{17EE3EC5-084C-4543-AA1D-8EF1BDC49532}] => (Block) %ProgramFiles%\Smith Micro\Anime Studio Pro 11\Anime Studio Pro x64.exe
FirewallRules: [{8BAE8AC6-B0D4-4165-949F-B26D8B242F20}] => (Allow) C:\Program Files\Smith Micro\Anime Studio Pro 11\Anime Studio Pro x64.exe
FirewallRules: [{C47EEF0F-20E2-4685-9501-B63D14096B9C}] => (Allow) C:\Program Files\Smith Micro\Anime Studio Pro 11\Anime Studio Pro x64.exe
FirewallRules: [{F418974C-F83F-49FF-9043-B65DEFA8E9B3}] => (Allow) E:\Games\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{EBC723B0-ACE1-4332-86DE-2766F4950A49}] => (Allow) E:\Games\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{33298195-FFEE-45BD-B696-60109E54B1AD}] => (Allow) E:\Program Files (x86)\Origin Games\Dungeon Keeper\DATA\DOSBox\DOSBox.exe
FirewallRules: [{67E24709-47FC-44F8-932C-0E3A5B276029}] => (Allow) E:\Program Files (x86)\Origin Games\Dungeon Keeper\DATA\DOSBox\DOSBox.exe
FirewallRules: [UDP Query User{FB39C056-FE1A-41D8-ADAD-25A76621E383}C:\program files (x86)\dukto\dukto.exe] => (Allow) C:\program files (x86)\dukto\dukto.exe
FirewallRules: [TCP Query User{544334BF-FE1A-48DA-B016-9E4AA7D6387F}C:\program files (x86)\dukto\dukto.exe] => (Allow) C:\program files (x86)\dukto\dukto.exe
FirewallRules: [{05BB5A0C-D503-4AA0-9D38-4F58E6D0BDA8}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{6AD7C358-8CF6-4F5F-93A1-2F257E2FF648}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{332D2B8B-BF8F-40C1-BF7B-D1752640C9AE}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{C7F36339-84C0-45DA-AA6B-257FE9B359E7}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [TCP Query User{08DAB8D4-4E47-4274-BC03-5839BDDE30A7}C:\program files\tixati\tixati.exe] => (Allow) C:\program files\tixati\tixati.exe
FirewallRules: [UDP Query User{2B26DA5B-9781-466E-BB2D-85FDA4C30869}C:\program files\tixati\tixati.exe] => (Allow) C:\program files\tixati\tixati.exe
FirewallRules: [{068D9F4B-0D31-4882-964E-45AF8051E501}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{15571B5F-E138-4BEB-8738-3FB487BA891C}] => (Block) %ALLUSERSPROFILE%\Ableton\Live 9 Suite\Program\Ableton Live 9 Suite.exe
FirewallRules: [{DE8AD8BE-D273-442D-80FF-C7DAE2EDF1A0}] => (Block) %ALLUSERSPROFILE%\Ableton\Live 9 Suite\Program\InstallHelper.exe
FirewallRules: [{254C0F2A-318F-407E-B41E-260668EA9E0B}] => (Block) %ALLUSERSPROFILE%\Ableton\Live 9 Suite\Program\Push2DisplayProcess.exe
FirewallRules: [{7808D3BA-F9C0-442A-B2C1-9F1BAC848E0A}] => (Block) %ALLUSERSPROFILE%\Ableton\Live 9 Suite\Resources\Extensions\Updater\Ableton Updater.exe
FirewallRules: [{20AA2C5B-5318-4DF6-83F4-493A35E1FB74}] => (Block) %ALLUSERSPROFILE%\Ableton\Live 9 Suite\Resources\Extensions\SoundCloud\soundcloud.exe
FirewallRules: [{3B437668-223A-47B2-AAFB-AEB3AD9DBEB3}] => (Allow) C:\Program Files\Microsoft Office\Office16\lync.exe
FirewallRules: [{AB4D9A5D-8AF7-47C0-9AED-9C1C36CFCC2D}] => (Allow) C:\Program Files\Microsoft Office\Office16\lync.exe
FirewallRules: [{8D8A28B8-3F23-4001-8ED3-9E5F5BC36CB4}] => (Allow) C:\Program Files\Microsoft Office\Office16\UcMapi.exe
FirewallRules: [{A31976A5-0844-45B2-BF47-F20944D9D50D}] => (Allow) C:\Program Files\Microsoft Office\Office16\UcMapi.exe
FirewallRules: [{4F442AD1-5004-4711-8E3B-E1C474DDE823}] => (Allow) C:\Program Files (x86)\FormatFactory\FormatFactory.exe
FirewallRules: [{088C5AD1-A180-415F-AAF6-7FFC9FAA499A}] => (Allow) C:\Program Files (x86)\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe
FirewallRules: [{1DE7AD24-D504-4D22-A475-E84707F65A40}] => (Allow) C:\Program Files (x86)\FormatFactory\FormatFactory.exe
FirewallRules: [{56ABDA7E-86D1-415E-8797-6B1632D1708F}] => (Allow) C:\Program Files (x86)\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe
FirewallRules: [{797E287C-EB8C-4ACE-8AD6-F6AADAC0B750}] => (Block) %ProgramFiles% (x86)\Waves\Applications\GTR 3.5.exe
FirewallRules: [{1857E4FB-8185-40FC-A32F-068F520448E1}] => (Block) %ProgramFiles% (x86)\Waves\Applications\GTRSolo 3.5.exe
FirewallRules: [{97E177BC-AE62-4973-8CB4-DEC06DFE4475}] => (Block) %ProgramFiles% (x86)\Waves\Applications\Element App.exe
FirewallRules: [{E05DA443-5C77-456F-8823-F6E5E4BD5176}] => (Block) %ProgramFiles% (x86)\Waves\Applications\wlc.exe
FirewallRules: [{9BF8D13C-9B84-475C-841A-F3E044831650}] => (Block) %ProgramFiles%\Adobe\Adobe Bridge CS6 (64 Bit)\Bridge.exe
FirewallRules: [{B6B6F428-EF86-401A-8216-E263899F5EE3}] => (Block) %ProgramFiles%\Adobe\Adobe Bridge CS6 (64 Bit)\bridgeproxy.exe
FirewallRules: [{DA829327-5B7E-45C8-87A7-5B8C26FF4CEC}] => (Block) %ProgramFiles%\Adobe\Adobe Photoshop CS6 (64 Bit)\Photoshop.exe
FirewallRules: [{600A0C44-2B19-4FCA-BD4D-CCCDF4A75A50}] => (Block) %ProgramFiles%\Adobe\Adobe Photoshop CS6 (64 Bit)\sniffer_gpu.exe
FirewallRules: [{334D7AE7-1537-4CEB-8DA0-5B52AFEED6D8}] => (Block) %ProgramFiles%\Adobe\Adobe Photoshop CS6 (64 Bit)\LogTransport2.exe
FirewallRules: [TCP Query User{F969A447-9E48-446A-B6EC-B9662C72AE6B}C:\program files\ispy\ispy.exe] => (Allow) C:\program files\ispy\ispy.exe
FirewallRules: [UDP Query User{ECADCDDF-9A23-44B1-911C-EB3501AFD464}C:\program files\ispy\ispy.exe] => (Allow) C:\program files\ispy\ispy.exe
FirewallRules: [{89998C07-F98D-40B9-9197-A01C0C0BC13F}] => (Allow) LPort=9143
FirewallRules: [{1501B942-B74E-45AF-B148-D29923924A84}] => (Allow) LPort=2333
FirewallRules: [TCP Query User{90383BFC-C4EE-4EBA-B693-26C9F5F8E048}C:\program files (x86)\kodi\kodi.exe] => (Allow) C:\program files (x86)\kodi\kodi.exe
FirewallRules: [UDP Query User{7329CCA8-E1F4-4D75-A2EC-178C1C0B4BF9}C:\program files (x86)\kodi\kodi.exe] => (Allow) C:\program files (x86)\kodi\kodi.exe
FirewallRules: [TCP Query User{E0E1C321-BB67-4292-A272-1D40DD32ECE2}C:\program files\tixati\tixati.exe] => (Allow) C:\program files\tixati\tixati.exe
FirewallRules: [UDP Query User{7555EDCE-DD61-4B39-BF8B-B7948AD957E5}C:\program files\tixati\tixati.exe] => (Allow) C:\program files\tixati\tixati.exe
FirewallRules: [{7FC67036-C900-44AB-A81D-8716420681BF}] => (Allow) C:\Program Files\HP\HP Deskjet 2540 series\Bin\DeviceSetup.exe
FirewallRules: [{8A8CB15F-F497-4DFB-A713-2F07913EB78A}] => (Allow) LPort=5357
FirewallRules: [{CB4D159C-3CD6-4EE9-AFB5-117F6BF1BB1B}] => (Allow) C:\Program Files\HP\HP Deskjet 2540 series\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [TCP Query User{9E0C4361-C918-4771-8A06-396775F33BEB}C:\program files (x86)\soulseekqt\soulseekqt.exe] => (Allow) C:\program files (x86)\soulseekqt\soulseekqt.exe
FirewallRules: [UDP Query User{0EB03CAB-C0CF-48F5-A5CD-FEE6038178FB}C:\program files (x86)\soulseekqt\soulseekqt.exe] => (Allow) C:\program files (x86)\soulseekqt\soulseekqt.exe
FirewallRules: [{68D43C39-5652-4931-A659-A8563871C0AE}] => (Block) %ProgramFiles%\Adobe\Adobe Illustrator CS6 (64 Bit)\Support Files\Contents\Windows\arh.exe
FirewallRules: [{F1B5AF2B-45D6-4F2F-926E-55D31E4EE9C7}] => (Block) %ProgramFiles%\Adobe\Adobe Illustrator CS6 (64 Bit)\Support Files\Contents\Windows\Illustrator.exe
FirewallRules: [{35F18E3D-75EE-488F-ABC4-4D2CF32A941F}] => (Block) %ProgramFiles%\Adobe\Adobe Illustrator CS6 (64 Bit)\Support Files\Contents\Windows\LogTransport2.exe
FirewallRules: [{F5D4D278-B12B-4C6A-B370-6B0B4EEAE14C}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{50B942F5-5BD3-4B00-9C0A-5C4507B517B8}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{1D4B5693-7AA9-4E5F-A24F-6AF937EB758A}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{EA5D1705-3A5C-484F-B268-90DFF2D2260D}] => (Allow) LPort=2869
FirewallRules: [{4572F3CE-CEC3-4743-A7C4-C9DDCE2A97F8}] => (Allow) LPort=1900
FirewallRules: [{29ADD5A9-02F9-4CD9-B1D0-A227DD40F6D7}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe
FirewallRules: [{AC80A13D-9741-463E-9EDD-8913B2730F34}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe
FirewallRules: [TCP Query User{19B3116B-BA05-40D6-8356-0949C254245F}C:\users\TMine\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\TMine\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{B276FEE0-6A6B-4B00-8AED-7A3D9A8E24E4}C:\users\TMine\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\TMine\appdata\roaming\spotify\spotify.exe
FirewallRules: [{FE6AB63B-A1F6-4564-897A-08F83C5F78CB}] => (Allow) C:\Program Files\Microsoft Office\Office16\lync.exe
FirewallRules: [{A33242AC-B00B-4AE3-8FE9-C15DAB7E97E1}] => (Allow) C:\Program Files\Microsoft Office\Office16\lync.exe
FirewallRules: [{5FEADAA8-85F3-4DC1-B3B4-4842092E0C8A}] => (Allow) C:\Program Files\Microsoft Office\Office16\UcMapi.exe
FirewallRules: [{FB1C54E3-7457-41F1-8D4E-9BB6F9F7516C}] => (Allow) C:\Program Files\Microsoft Office\Office16\UcMapi.exe
FirewallRules: [{E279F6E7-039E-479C-9477-D3DD936FB9A6}] => (Allow) E:\Games\Steam\Steam.exe
FirewallRules: [{58506424-93B6-4874-8109-5ECA3966889F}] => (Allow) E:\Games\Steam\Steam.exe
FirewallRules: [TCP Query User{86D10F91-6B35-4815-A76A-B6ADEFC60D4C}C:\users\TMine\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\TMine\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{9362BCFA-02E5-4AE9-8418-6E704715023E}C:\users\TMine\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\TMine\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{403A7C49-0269-4C5C-80FD-6CDCE91A0D08}C:\program files\adobe\adobe muse cc 2015.2\muse.exe] => (Allow) C:\program files\adobe\adobe muse cc 2015.2\muse.exe
FirewallRules: [UDP Query User{AEBE5FDE-1D86-4B75-B217-39605B7E63CA}C:\program files\adobe\adobe muse cc 2015.2\muse.exe] => (Allow) C:\program files\adobe\adobe muse cc 2015.2\muse.exe
FirewallRules: [{9935C121-9D75-48DD-BE51-8854087E76DE}] => (Allow) C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv.exe
FirewallRules: [{5728CD7B-66AE-4C21-8111-9D8CF56ED16E}] => (Allow) C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv.exe
FirewallRules: [{4E55D5AA-6566-405B-810C-6EA1F2905BEE}] => (Allow) C:\Program Files (x86)\Research In Motion\BlackBerry Desktop\Rim.Desktop.exe
FirewallRules: [{22D1EA41-D8C1-451F-A0D8-CF879F49BEC5}] => (Allow) C:\Program Files (x86)\Research In Motion\BlackBerry Desktop\Rim.Desktop.exe
FirewallRules: [{79184B61-31BC-47A6-8A8F-08CFC7F392AD}] => (Allow) LPort=4481
FirewallRules: [{9509130D-7D8C-4F87-A2AE-AE37B0879662}] => (Allow) LPort=4481
FirewallRules: [{336AB702-B439-4450-8A6A-0A42EA6DEE01}] => (Allow) LPort=4482
FirewallRules: [{09987521-DE23-48C2-B673-5EF5F06E83C2}] => (Allow) LPort=4482
FirewallRules: [{363B41C7-37B7-4D74-9BA6-BF356F393DF6}] => (Allow) E:\Games\Steam\steamapps\common\Football Manager 2016\fm.exe
FirewallRules: [{61C8982F-32E3-44B5-A583-725B85D86A07}] => (Allow) E:\Games\Steam\steamapps\common\Football Manager 2016\fm.exe
FirewallRules: [{63C1C1E2-39F3-4285-8C07-EFCEF0C1538D}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{DD95FE30-6770-4BF2-A34D-D04093B76A59}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{D5E86F3E-4D25-4C27-9478-2E6ADDDF2995}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{68EC494D-E38A-4CBE-8C7F-CE7BCB5B454D}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{23D63F2B-4520-408C-BEBF-2670514B4CDE}] => (Block) %ProgramFiles% (x86)\Steinberg\Cubase 5\Cubase5.exe
FirewallRules: [{17466D81-C285-4CF1-8323-27A262A2881D}] => (Block) LPort=445
FirewallRules: [TCP Query User{EF1027CD-6F07-4D56-A797-6FF5B555F519}C:\program files\cycling '74\max 7\max.exe] => (Block) C:\program files\cycling '74\max 7\max.exe
FirewallRules: [UDP Query User{47571719-802E-418F-98D7-EA457651113B}C:\program files\cycling '74\max 7\max.exe] => (Block) C:\program files\cycling '74\max 7\max.exe
FirewallRules: [{C0EAB7C1-B32E-4A73-ADFB-92C1B4C59361}] => (Allow) E:\Games\Steam\steamapps\common\Football Manager Touch 2017\fm.exe
FirewallRules: [{FFDDFB0A-CC98-4440-ADEE-AEE26914F6D7}] => (Allow) E:\Games\Steam\steamapps\common\Football Manager Touch 2017\fm.exe
FirewallRules: [{E00947F7-685A-4795-8F7F-7046115ACFAF}] => (Allow) E:\Games\Steam\steamapps\common\Football Manager 2017\fm.exe
FirewallRules: [{696D6415-EF1A-499F-B260-387647EB7051}] => (Allow) E:\Games\Steam\steamapps\common\Football Manager 2017\fm.exe
FirewallRules: [{1F447AF2-9E43-4159-87D3-24A1B77DB668}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{D2AA8D2C-D466-475A-80E4-029D17EC75CB}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe
FirewallRules: [{D2A98D1A-EE62-4795-9B66-4E953E1F1655}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe
FirewallRules: [{3BD16706-358C-447C-BA46-40A66A1AB70D}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe
FirewallRules: [{F30E4B68-B7B2-40EB-A54F-F40FCA26515B}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe
FirewallRules: [{CB448E0F-1144-4DD3-A301-ED34DC879395}] => (Block) E:\Grand Theft Auto V\GTA5.exe
FirewallRules: [{544D4267-ED9F-45A2-B862-209A103F07A0}] => (Block) E:\Grand Theft Auto V\GTAVLauncher.exe
FirewallRules: [{0E02F918-19D6-499B-835D-A6CF4981F268}] => (Block) E:\Grand Theft Auto V\unins000.exe
FirewallRules: [{5861D716-86C9-4744-9DD5-FBE148525F1C}] => (Block) %ProgramFiles% (x86)\Rockstar Games\Social Club\subprocess.exe
FirewallRules: [{2C4F3012-758E-43B3-8D78-756E11A274D6}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{AC353544-28F9-4090-B2A2-9C6425B5A4D8}] => (Allow) C:\Program Files (x86)\ASUS\AI Suite III\Push Notice\PushNotifyServer.exe
FirewallRules: [{52B81A5F-D512-45E3-BAE3-951E9E333F2B}] => (Allow) C:\Program Files (x86)\ASUS\AI Suite III\Push Notice\PushNotifyServer.exe
 
==================== Restore Points =========================
 
13-10-2017 14:24:34 Scheduled Checkpoint
18-10-2017 02:58:32 JRT Pre-Junkware Removal
18-10-2017 14:22:53 JRT Pre-Junkware Removal
 
==================== Faulty Device Manager Devices =============
 
Name: Generic PnP Monitor
Description: Generic PnP Monitor
Class Guid: {4d36e96e-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard monitor types)
Service: monitor
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
 
Name: Generic PnP Monitor
Description: Generic PnP Monitor
Class Guid: {4d36e96e-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard monitor types)
Service: monitor
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (10/18/2017 02:54:30 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Activation context generation failed for "C:\Program Files (x86)\Waves\Applications\wlc.exe".Error in manifest or policy file "C:\Program Files (x86)\Waves\Applications\WavesQtLibs_4.8.2_Win32_Release\WavesQtLibs_4.8.2_Win32_Release.MANIFEST" on line 8.
Component identity found in manifest does not match the identity of the component requested.
Reference is WavesQtLibs_4.8.2_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0".
Definition is WavesQtLibs_4.8.2_Win32_Release,processorArchitecture="x86",type="win32",version="1.0.0.0".
Please use sxstrace.exe for detailed diagnosis.
 
Error: (10/18/2017 02:54:28 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Activation context generation failed for "C:\Program Files (x86)\Waves\Applications\GTRSolo 3.5.exe".Error in manifest or policy file "C:\Program Files (x86)\Waves\Applications\WavesQtLibs_4.7.3_Win32_Release\WavesQtLibs_4.7.3_Win32_Release.MANIFEST" on line 8.
Component identity found in manifest does not match the identity of the component requested.
Reference is WavesQtLibs_4.7.3_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0".
Definition is WavesQtLibs_4.7.3_Win32_Release,processorArchitecture="x86",type="win32",version="1.0.0.0".
Please use sxstrace.exe for detailed diagnosis.
 
Error: (10/18/2017 02:54:28 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Activation context generation failed for "C:\Program Files (x86)\Waves\Applications\Element App.exe".Error in manifest or policy file "C:\Program Files (x86)\Waves\Applications\WavesQtLibs_4.7.3_Win32_Release\WavesQtLibs_4.7.3_Win32_Release.MANIFEST" on line 8.
Component identity found in manifest does not match the identity of the component requested.
Reference is WavesQtLibs_4.7.3_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0".
Definition is WavesQtLibs_4.7.3_Win32_Release,processorArchitecture="x86",type="win32",version="1.0.0.0".
Please use sxstrace.exe for detailed diagnosis.
 
Error: (10/18/2017 02:54:27 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Activation context generation failed for "C:\Program Files (x86)\Waves\Applications\GTR 3.5.exe".Error in manifest or policy file "C:\Program Files (x86)\Waves\Applications\WavesQtLibs_4.7.3_Win32_Release\WavesQtLibs_4.7.3_Win32_Release.MANIFEST" on line 8.
Component identity found in manifest does not match the identity of the component requested.
Reference is WavesQtLibs_4.7.3_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0".
Definition is WavesQtLibs_4.7.3_Win32_Release,processorArchitecture="x86",type="win32",version="1.0.0.0".
Please use sxstrace.exe for detailed diagnosis.
 
Error: (10/18/2017 02:25:51 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: cnext.exe, version: 10.1.1.1522, time stamp: 0x56d0b595
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x0000000000000000
Faulting process ID: 0x254c
Faulting application start time: 0x01d3481497bb9f4d
Faulting application path: C:\Program Files\AMD\CNext\CNext\cnext.exe
Faulting module path: unknown
Report ID: c372d21f-810e-46c5-b3b3-72fdec44d088
Faulting package full name: 
Faulting package-relative application ID:
 
Error: (10/18/2017 02:19:51 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: cnext.exe, version: 10.1.1.1522, time stamp: 0x56d0b595
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x0000000000000000
Faulting process ID: 0x2174
Faulting application start time: 0x01d34813beebdab7
Faulting application path: C:\Program Files\AMD\CNext\CNext\cnext.exe
Faulting module path: unknown
Report ID: b7ee842c-8317-4f94-a52a-ff4149b516a0
Faulting package full name: 
Faulting package-relative application ID:
 
Error: (10/18/2017 02:19:46 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Activation context generation failed for "C:\Program Files (x86)\Waves\Applications\wlc.exe".Error in manifest or policy file "C:\Program Files (x86)\Waves\Applications\WavesQtLibs_4.8.2_Win32_Release\WavesQtLibs_4.8.2_Win32_Release.MANIFEST" on line 8.
Component identity found in manifest does not match the identity of the component requested.
Reference is WavesQtLibs_4.8.2_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0".
Definition is WavesQtLibs_4.8.2_Win32_Release,processorArchitecture="x86",type="win32",version="1.0.0.0".
Please use sxstrace.exe for detailed diagnosis.
 
Error: (10/18/2017 02:19:44 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Activation context generation failed for "C:\Program Files (x86)\Waves\Applications\GTRSolo 3.5.exe".Error in manifest or policy file "C:\Program Files (x86)\Waves\Applications\WavesQtLibs_4.7.3_Win32_Release\WavesQtLibs_4.7.3_Win32_Release.MANIFEST" on line 8.
Component identity found in manifest does not match the identity of the component requested.
Reference is WavesQtLibs_4.7.3_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0".
Definition is WavesQtLibs_4.7.3_Win32_Release,processorArchitecture="x86",type="win32",version="1.0.0.0".
Please use sxstrace.exe for detailed diagnosis.
 
Error: (10/18/2017 02:19:44 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Activation context generation failed for "C:\Program Files (x86)\Waves\Applications\Element App.exe".Error in manifest or policy file "C:\Program Files (x86)\Waves\Applications\WavesQtLibs_4.7.3_Win32_Release\WavesQtLibs_4.7.3_Win32_Release.MANIFEST" on line 8.
Component identity found in manifest does not match the identity of the component requested.
Reference is WavesQtLibs_4.7.3_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0".
Definition is WavesQtLibs_4.7.3_Win32_Release,processorArchitecture="x86",type="win32",version="1.0.0.0".
Please use sxstrace.exe for detailed diagnosis.
 
Error: (10/18/2017 02:19:43 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Activation context generation failed for "C:\Program Files (x86)\Waves\Applications\GTR 3.5.exe".Error in manifest or policy file "C:\Program Files (x86)\Waves\Applications\WavesQtLibs_4.7.3_Win32_Release\WavesQtLibs_4.7.3_Win32_Release.MANIFEST" on line 8.
Component identity found in manifest does not match the identity of the component requested.
Reference is WavesQtLibs_4.7.3_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0".
Definition is WavesQtLibs_4.7.3_Win32_Release,processorArchitecture="x86",type="win32",version="1.0.0.0".
Please use sxstrace.exe for detailed diagnosis.
 
 
System errors:
=============
Error: (10/18/2017 02:19:47 PM) (Source: DCOM) (EventID: 10016) (User: TMine)
Description: The machine-default permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{C2F03A33-21F5-47FA-B4BB-156362A2F239}
 and APPID 
{316CDED5-E4AE-4B15-9113-7055D84DCC97}
 to the user TMine\TMine SID (S-1-5-21-1484530008-2578543859-123513441-1002) from address LocalHost (Using LRPC) running in the application container Microsoft.Windows.Cortana_1.8.12.15063_neutral_neutral_cw5n1h2txyewy SID (S-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742). This security permission can be modified using the Component Services administrative tool.
 
Error: (10/18/2017 02:19:47 PM) (Source: DCOM) (EventID: 10016) (User: TMine)
Description: The machine-default permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{C2F03A33-21F5-47FA-B4BB-156362A2F239}
 and APPID 
{316CDED5-E4AE-4B15-9113-7055D84DCC97}
 to the user TMine\TMine SID (S-1-5-21-1484530008-2578543859-123513441-1002) from address LocalHost (Using LRPC) running in the application container Microsoft.Windows.Cortana_1.8.12.15063_neutral_neutral_cw5n1h2txyewy SID (S-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742). This security permission can be modified using the Component Services administrative tool.
 
Error: (10/18/2017 02:19:26 PM) (Source: IntelHaxm) (EventID: 10) (User: )
Description: HAXM can't work on system with VT disabled
 
Error: (10/18/2017 02:19:25 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The CldFlt service failed to start due to the following error: 
The request is not supported.
 
Error: (10/18/2017 02:19:11 PM) (Source: Microsoft-Windows-EnhancedStorage-EhStorTcgDrv) (EventID: 10) (User: NT AUTHORITY)
Description: A TCG Command has returned an error.
Desc: AuthenticateSession
Param1: 0x1
Param2: 0x60000001c
Param3: 0x900000006
Param4: 0x0
Status: 0x1
 
Error: (10/18/2017 02:19:25 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 13:37:58 on ‎18/‎10/‎2017 was unexpected.
 
Error: (10/18/2017 02:19:10 PM) (Source: Microsoft-Windows-Kernel-Boot) (EventID: 29) (User: NT AUTHORITY)
Description: 32212256844601971559389440
 
Error: (10/18/2017 04:57:59 AM) (Source: IntelHaxm) (EventID: 10) (User: )
Description: HAXM can't work on system with VT disabled
 
Error: (10/18/2017 04:57:58 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The CldFlt service failed to start due to the following error: 
The request is not supported.
 
Error: (10/18/2017 04:57:49 AM) (Source: Microsoft-Windows-EnhancedStorage-EhStorTcgDrv) (EventID: 10) (User: NT AUTHORITY)
Description: A TCG Command has returned an error.
Desc: AuthenticateSession
Param1: 0x1
Param2: 0x60000001c
Param3: 0x900000006
Param4: 0x0
Status: 0x1
 
 
CodeIntegrity:
===================================
  Date: 2017-10-18 16:01:53.897
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2017-10-18 16:01:53.896
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2017-10-18 15:59:13.857
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2017-10-18 15:59:13.856
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2017-10-18 15:52:26.056
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2017-10-18 15:52:26.056
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2017-10-18 15:52:25.752
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2017-10-18 15:52:25.751
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2017-10-18 15:51:13.450
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2017-10-18 15:51:13.449
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
 
==================== Memory info =========================== 
 
Processor: Intel® Core™ i5-4670K CPU @ 3.40GHz
Percentage of memory in use: 32%
Total physical RAM: 16322.8 MB
Available physical RAM: 11063.4 MB
Total Virtual: 18754.8 MB
Available Virtual: 12568.37 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:237.69 GB) (Free:11.39 GB) NTFS
Drive d: (Big Storage) (Fixed) (Total:1863.01 GB) (Free:311.36 GB) NTFS
Drive e: (Games) (Fixed) (Total:111.79 GB) (Free:18.78 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 238.5 GB) (Disk ID: 2528F5A5)
Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=237.7 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=450 MB) - (Type=27)
 
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: 6E54A9C4)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)
 
========================================================
Disk: 2 (MBR Code: Windows 7 or 8) (Size: 111.8 GB) (Disk ID: E94FA0F4)
Partition 1: (Active) - (Size=111.8 GB) - (Type=07 NTFS)
 
==================== End of Addition.txt ============================

 


  • 0

Advertisements

#2
RKinner
Posted 24 October 2017 - 06:26 PM

RKinner

    Malware Expert

  • Expert
  • 24,624 posts
  • MVP

Uninstall:

Bonjour -not working you get a new one if you install iTunes but you only need it if you have Apple stuff
Java 8 Update 144 (64-bit)  - unless you know you need it

Java SE Development Kit 7 Update 79 - obsolete

 

Waves Complete V9r15 -not working correctly

 

Download : ADWCleaner to your desktop.  Make sure you get the correct Download button.  Sometimes the ads on BleepingComputer will mimic the real Download button which should say: Download Now @BleepingComputer

NOTE: If using Internet Explorer and you get an alert that stops the program downloading, click on the warning and allow the download to complete.

Close  all programs, pause your anti-virus and run AdwCleaner (Vista or Win 7 => right click and Run As Administrator).

scan-results.jpg

Click on Scan  and follow the prompts. Let it run unhindered. When done, click on the Clean button, and follow the prompts. Allow the system to reboot. You will then be presented with the report. Copy & Paste this report on your next reply.

The report will be saved in the C:\AdwCleaner folder.

 

 

 

Get Process Explorer

http://live.sysinter...com/procexp.exe
Save it to your desktop then run it (Vista or Win7+ - right click and Run As Administrator).  

View, Select Column, check Verified Signer, OK
Options, Verify Image Signatures


Click twice on the CPU column header  to sort things by CPU usage with the big hitters at the top.  

Wait a full minute then:

File, Save As, Save.  Note the file name.   Open the file  on your desktop and copy and paste the text to a reply.


Copy the next 2 lines:

TASKLIST /SVC  > \junk.txt
notepad \junk.txt

Open an Elevated Command Prompt:
Win 7: Start, All Programs, Accessories then right click on Command Prompt and Run as Administrator
Win 8: http://www.eightforu...indows-8-a.html
win 10: http://www.howtogeek...-in-windows-10/

Right click and Paste (or Edit then Paste) and the copied lines should appear.
Hit Enter if notepad does not open.  Copy and paste the text from notepad into a reply.


Get the free version of Speccy:

http://www.filehippo.com/download_speccy/ (Look in the upper right for the Download
Latest Version button  - Do NOT press the large Start Download button on the upper left!)  
Download, Save and Install it.  Tell it you do not need CCLEANER.    Run Speccy.  When it finishes (the little icon in the bottom left will stop moving),
File, Save as Text File,  (to your desktop) note the name it gives. OK.  Open the file in notepad and delete the line that gives the serial number of your Operating System.  
(It will be near the top,  10-20  lines down.) Save the file.  Attach the file to your next post.  Attaching the log is the best option as it is too big for the forum.  Attaching is a multi step process.

First click on More Reply Options
Then scroll down to where you see
Choose File and click on it.  Point it at the file and hit Open.
Now click on Attach this file.




 


  • 0

#3
benjy1
Posted 28 October 2017 - 01:35 PM

benjy1

    New Member

  • Topic Starter
  • Member
  • Pip
  • 8 posts

Hello, sorry i have been ill. Doing this now :)


  • 0

#4
benjy1
Posted 30 October 2017 - 03:55 PM

benjy1

    New Member

  • Topic Starter
  • Member
  • Pip
  • 8 posts
# AdwCleaner 7.0.2.1 - Logfile created on Mon Oct 30 21:34:32 2017
# Updated on 2017/29/08 by Malwarebytes 
# Running on Windows 10 Pro (X64)
# Mode: clean
 
***** [ Services ] *****
 
No malicious services deleted.
 
***** [ Folders ] *****
 
Deleted: C:\Users\TMine\AppData\Roaming\MPC
Deleted: C:\Users\TMine\Documents\MPC
 
 
***** [ Files ] *****
 
No malicious files deleted.
 
***** [ DLL ] *****
 
No malicious DLLs cleaned.
 
***** [ WMI ] *****
 
No malicious WMI cleaned.
 
***** [ Shortcuts ] *****
 
No malicious shortcuts cleaned.
 
***** [ Tasks ] *****
 
No malicious tasks deleted.
 
***** [ Registry ] *****
 
No malicious registry entries deleted.
 
***** [ Firefox (and derivatives) ] *****
 
No malicious Firefox entries deleted.
 
***** [ Chromium (and derivatives) ] *****
 
No malicious Chromium entries deleted.
 
*************************
 
::Tracing keys deleted
::Winsock settings cleared
::Additional Actions: 0
 
 
 
*************************
 
C:/AdwCleaner/AdwCleaner[C10].txt - [2529 B] - [2017/5/6 8:37:18]
C:/AdwCleaner/AdwCleaner[C11].txt - [2513 B] - [2017/6/1 8:4:57]
C:/AdwCleaner/AdwCleaner[C12].txt - [2809 B] - [2017/7/10 9:23:9]
C:/AdwCleaner/AdwCleaner[C1].txt - [3396 B] - [2015/11/20 13:50:26]
C:/AdwCleaner/AdwCleaner[C2].txt - [4159 B] - [2015/11/23 11:54:51]
C:/AdwCleaner/AdwCleaner[C3].txt - [3466 B] - [2015/12/4 17:8:27]
C:/AdwCleaner/AdwCleaner[C4].txt - [3378 B] - [2015/12/15 11:40:18]
C:/AdwCleaner/AdwCleaner[C5].txt - [4049 B] - [2016/1/29 19:26:54]
C:/AdwCleaner/AdwCleaner[C6].txt - [2088 B] - [2016/7/26 17:5:24]
C:/AdwCleaner/AdwCleaner[C7].txt - [2322 B] - [2016/11/20 12:7:39]
C:/AdwCleaner/AdwCleaner[C8].txt - [2180 B] - [2017/2/24 15:17:57]
C:/AdwCleaner/AdwCleaner[C9].txt - [2328 B] - [2017/4/1 11:32:42]
C:/AdwCleaner/AdwCleaner[S10].txt - [2437 B] - [2017/4/1 11:32:32]
C:/AdwCleaner/AdwCleaner[S11].txt - [2605 B] - [2017/5/6 8:37:6]
C:/AdwCleaner/AdwCleaner[S12].txt - [2680 B] - [2017/6/1 8:4:48]
C:/AdwCleaner/AdwCleaner[S13].txt - [2716 B] - [2017/7/10 9:23:3]
C:/AdwCleaner/AdwCleaner[S1].txt - [3201 B] - [2015/11/20 13:49:35]
C:/AdwCleaner/AdwCleaner[S2].txt - [3904 B] - [2015/11/23 11:54:7]
C:/AdwCleaner/AdwCleaner[S3].txt - [3277 B] - [2015/12/4 17:8:0]
C:/AdwCleaner/AdwCleaner[S4].txt - [3167 B] - [2015/12/15 11:39:27]
C:/AdwCleaner/AdwCleaner[S5].txt - [3826 B] - [2016/1/29 19:25:28]
C:/AdwCleaner/AdwCleaner[S6].txt - [1930 B] - [2016/7/26 17:4:54]
C:/AdwCleaner/AdwCleaner[S7].txt - [2319 B] - [2016/11/20 12:7:13]
C:/AdwCleaner/AdwCleaner[S8].txt - [2160 B] - [2017/1/11 11:25:13]
C:/AdwCleaner/AdwCleaner[S9].txt - [2304 B] - [2017/2/24 15:17:31]
 
 
########## EOF - C:\AdwCleaner\AdwCleaner[C12].txt ##########
 
 
 
process explorer
 
Process CPU Private Bytes Working Set PID Description Company Name Verified Signer
System Idle Process 97.41 52 K 8 K 0
procexp64.exe 1.39 46,852 K 67,332 K 3624 Sysinternals Process Explorer Sysinternals - www.sysinternals.com (Verified) Microsoft Corporation
dwm.exe 0.31 43,416 K 41,752 K 884
System 0.25 140 K 80 K 4
Interrupts 0.16 0 K 0 K n/a Hardware Interrupts and DPCs
csrss.exe 0.14 4,568 K 5,672 K 636
CCC.exe 0.11 78,048 K 31,040 K 9196 Catalyst Control Center: Host application Advanced Micro Devices Inc. (Verified) Advanced Micro Devices
explorer.exe 0.09 57,208 K 105,848 K 6224 Windows Explorer Microsoft Corporation (Verified) Microsoft Windows
MsMpEng.exe 0.03 144,768 K 128,296 K 3436 Antimalware Service Executable Microsoft Corporation (Verified) Microsoft Corporation
WMIADAP.exe 0.02 2,056 K 7,320 K 10860
LDSvc.exe 0.02 21,944 K 56,328 K 3832 PACE License Service PACE Anti-Piracy, Inc. (Verified) PACE Anti-Piracy
quasselclient.exe 0.02 59,428 K 61,992 K 1104 (No signature was present in the subject)
flux.exe 0.01 9,048 K 22,468 K 8584 f.lux f.lux Software LLC (Verified) F.lux Software LLC
fontdrvhost.exe < 0.01 13,120 K 17,244 K 1020
MOM.exe < 0.01 27,368 K 4,868 K 9096 Catalyst Control Center: Monitoring program Advanced Micro Devices Inc. (Verified) Advanced Micro Devices
svchost.exe < 0.01 6,516 K 11,900 K 1000 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
AdobeUpdateService.exe < 0.01 1,444 K 6,376 K 1576 Adobe Update Service Adobe Systems Incorporated (Verified) Adobe Systems Incorporated
AppleMobileDeviceService.exe < 0.01 3,464 K 13,252 K 3064 MobileDeviceService Apple Inc. (Verified) Apple Inc.
chrome.exe < 0.01 71,200 K 118,052 K 9048 Google Chrome Google Inc. (Verified) Google Inc
OriginWebHelperService.exe < 0.01 6,296 K 17,032 K 3204 OriginWebHelperService Electronic Arts (Verified) Electronic Arts
TeamViewer_Service.exe < 0.01 4,948 K 16,200 K 3640 TeamViewer 11 TeamViewer GmbH (Verified) TeamViewer
svchost.exe < 0.01 7,232 K 15,732 K 2928 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
plays_service.exe < 0.01 12,984 K 24,044 K 3300 Plays.tv Service Plays.tv, LLC (Verified) Plays.tv
AGSService.exe < 0.01 3,848 K 14,476 K 1864 Adobe Genuine Software Integrity Service Adobe Systems, Incorporated (Verified) Adobe Systems Incorporated
svchost.exe < 0.01 2,308 K 11,388 K 3324 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe < 0.01 3,920 K 14,248 K 2148 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
ss_conn_service.exe < 0.01 2,048 K 6,264 K 3292 MSS CS Connectivity Service DEVGURU Co., LTD. (Verified) DEVGURU CO LTD
HPSupportSolutionsFrameworkService.exe < 0.01 48,508 K 51,356 K 8352 HP Support Solutions Framework Service HP Inc. (Verified) HP Inc.
svchost.exe < 0.01 3,960 K 12,452 K 3056 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
WUDFHost.exe 1,420 K 5,652 K 1256
WmiPrvSE.exe 3,836 K 10,512 K 11056
WmiPrvSE.exe 2,660 K 8,648 K 8740
WmiApSrv.exe 1,492 K 6,776 K 11232 WMI Performance Reverse Adapter Microsoft Corporation (Verified) Microsoft Windows
winlogon.exe 2,272 K 9,220 K 836
wininit.exe 1,740 K 6,148 K 628
U3BoostSvr64.exe 1,876 K 2,964 K 2356
taskhostw.exe 7,972 K 17,936 K 5236 Host Process for Windows Tasks Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 14,364 K 23,636 K 1548 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 4,208 K 8,316 K 3176 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 5,500 K 16,340 K 3036 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 5,824 K 23,040 K 5944 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 6,676 K 13,464 K 1724 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 4,232 K 8,196 K 1776 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 4,772 K 12,004 K 2500 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 3,636 K 11,720 K 2604 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 12,172 K 25,692 K 912 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 2,020 K 7,632 K 2996 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 2,600 K 8,912 K 3452 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 2,164 K 6,152 K 368 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 2,272 K 7,220 K 1888 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 4,880 K 14,500 K 2680 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 4,216 K 15,440 K 8008 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 2,376 K 8,824 K 644 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 7,200 K 15,280 K 1236 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 3,064 K 8,916 K 2236 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 2,572 K 7,408 K 3080 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 16,172 K 18,524 K 1664 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 4,820 K 17,948 K 3372 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 5,848 K 17,568 K 13360 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 1,324 K 5,556 K 1824 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 1,628 K 5,556 K 8908 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 6,376 K 13,540 K 3184 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 12,880 K 16,420 K 2720 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 3,716 K 18,268 K 5340 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 3,032 K 7,736 K 2080 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 3,752 K 15,484 K 7512 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 2,244 K 8,264 K 1600 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 8,080 K 28,888 K 6028 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 2,052 K 10,644 K 1200 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 2,152 K 7,544 K 1840 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 2,144 K 9,940 K 7344 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 4,192 K 10,796 K 1480 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 1,868 K 6,808 K 2376 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 1,712 K 6,056 K 2592 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 1,616 K 6,048 K 2020 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 1,920 K 7,260 K 1040 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 5,288 K 10,608 K 1448 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 2,148 K 7,116 K 8516 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 1,824 K 6,892 K 4996 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 3,924 K 16,196 K 3460 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 2,584 K 10,084 K 1440 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 1,720 K 7,468 K 4344 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 856 K 3,536 K 864 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 1,540 K 5,736 K 1068 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 1,392 K 5,192 K 1112 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 2,220 K 9,256 K 1192 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 1,664 K 5,676 K 1340 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 1,964 K 7,936 K 1392 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 1,948 K 7,792 K 1940 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 2,828 K 8,560 K 2004 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 2,640 K 7,032 K 2168 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 2,396 K 10,944 K 2772 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 2,288 K 8,336 K 3236 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 1,296 K 5,396 K 3380 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 1,316 K 5,232 K 3824 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 1,472 K 5,784 K 4304 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 1,928 K 8,288 K 4664 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 9,948 K 27,616 K 9380 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 2,180 K 8,760 K 7712 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
spoolsv.exe 6,596 K 16,572 K 2852 Spooler SubSystem App Microsoft Corporation (Verified) Microsoft Windows
smss.exe 480 K 1,036 K 356
smartscreen.exe 16,712 K 33,956 K 7252 SmartScreen Microsoft Corporation (Verified) Microsoft Windows
SLSTaskbar64.exe 2,280 K 8,964 K 9084 Eyefinity Taskbar Application Advanced Micro Devices, Inc. (Verified) Advanced Micro Devices
SLSTaskbar.exe 2,132 K 9,344 K 5580 Eyefinity Taskbar Application Advanced Micro Devices, Inc. (Verified) Advanced Micro Devices
SkypeHost.exe Suspended 43,996 K 26,164 K 7592 Microsoft Skype Microsoft Corporation (No signature was present in the subject) Microsoft Corporation
sihost.exe 6,760 K 25,832 K 5932 Shell Infrastructure Host Microsoft Corporation (Verified) Microsoft Windows
ShellExperienceHost.exe Suspended 67,828 K 110,420 K 6740 Windows Shell Experience Host Microsoft Corporation (Verified) Microsoft Windows
SettingSyncHost.exe 11,728 K 22,428 K 8224 Host Process for Setting Synchronization Microsoft Corporation (Verified) Microsoft Windows
services.exe 6,408 K 9,736 K 704
SecurityHealthService.exe 3,720 K 12,276 K 3272 Windows Security Health Service Microsoft Corporation (Verified) Microsoft Windows Publisher
SearchUI.exe Suspended 59,352 K 106,792 K 6784 Search and Cortana application Microsoft Corporation (Verified) Microsoft Windows
SearchIndexer.exe 36,644 K 27,260 K 6964 Microsoft Windows Search Indexer Microsoft Corporation (Verified) Microsoft Windows
RuntimeBroker.exe 49,704 K 52,568 K 7148 Runtime Broker Microsoft Corporation (Verified) Microsoft Windows
RemindersServer.exe Suspended 9,424 K 21,060 K 7472 Reminders WinRT OOP Server Microsoft Corporation (Verified) Microsoft Windows
quasselclient.exe 59,180 K 65,044 K 10348 (No signature was present in the subject)
PushNotifyServer.exe 4,136 K 5,284 K 6096
PushNotify_PCCtrl.exe 27,152 K 6,408 K 15972
PushNoticeMonitor.exe 7,660 K 5,612 K 15956
procexp.exe 6,672 K 12,248 K 3636 Sysinternals Process Explorer Sysinternals - www.sysinternals.com (Verified) Microsoft Corporation
NisSrv.exe 10,800 K 7,688 K 5436 Microsoft Network Realtime Inspection Service Microsoft Corporation (Verified) Microsoft Corporation
NIHardwareService.exe 7,216 K 13,680 K 3264 NIHardwareService Native Instruments GmbH (Verified) NATIVE INSTRUMENTS GmbH
MSASCuiL.exe 1,912 K 8,952 K 7828 Windows Defender notification icon Microsoft Corporation (Verified) Microsoft Windows
MotoHelperService.exe 2,772 K 10,052 K 3308 MotoHelper Service Motorola Mobility LLC (Verified) Motorola Mobility Inc.
MotoHelperAgent.exe 3,452 K 13,104 K 7156 MotoHelperAgent Motorola Mobility LLC (Verified) Motorola Mobility Inc.
Memory Compression 32 K 4 K 3976
mDNSResponder.exe 1,788 K 6,316 K 3148 Bonjour Service Apple Inc. (Verified) Apple Inc.
lsass.exe 6,188 K 15,364 K 712 Local Security Authority Process Microsoft Corporation (Verified) Microsoft Windows Publisher
GoogleCrashHandler64.exe 1,620 K 1,004 K 8452
GoogleCrashHandler.exe 1,728 K 1,260 K 8444
ForwardDaemon.exe 1,356 K 5,692 K 3420 ForwardDemon Motorola (No signature was present in the subject) Motorola
fontdrvhost.exe 11,088 K 13,124 K 936
EzUpdt.exe 6,532 K 4,676 K 6128
downstreamproxyservice.exe 10,192 K 14,584 K 3392 DownstreamProxyService Media Gobbler, Inc (No signature was present in the subject) Media Gobbler, Inc
dllhost.exe 3,276 K 10,164 K 16300 COM Surrogate Microsoft Corporation (Verified) Microsoft Windows
DipAwayMode.exe 14,132 K 5,924 K 4628
csrss.exe 1,876 K 5,000 K 524
cnext.exe 3,212 K 14,472 K 8260 Radeon Settings: Host Application Advanced Micro Devices, Inc. (Verified) Advanced Micro Devices
chrome.exe 55,120 K 61,044 K 13508 Google Chrome Google Inc. (Verified) Google Inc
chrome.exe 57,808 K 50,724 K 13736 Google Chrome Google Inc. (Verified) Google Inc
chrome.exe 51,460 K 68,916 K 13488 Google Chrome Google Inc. (Verified) Google Inc
chrome.exe 33,836 K 37,192 K 6124 Google Chrome Google Inc. (Verified) Google Inc
chrome.exe 35,280 K 40,124 K 1212 Google Chrome Google Inc. (Verified) Google Inc
chrome.exe 2,548 K 10,512 K 8724 Google Chrome Google Inc. (Verified) Google Inc
chrome.exe 2,504 K 10,948 K 10088 Google Chrome Google Inc. (Verified) Google Inc
audiodg.exe 3,744 K 7,168 K 16272
atkexComSvc.exe 7,684 K 8,416 K 3156 (Verified) ASUSTeK Computer Inc.
atiesrxx.exe 1,364 K 5,464 K 1652 AMD External Events Service Module AMD (Verified) Microsoft Windows Hardware Compatibility Publisher
atieclxx.exe 2,556 K 9,532 K 1792
AsusFanControlService.exe 3,488 K 9,444 K 3164 ASUS Motherboard Fan Control Service ASUSTeK Computer Inc. (Verified) ASUSTeK Computer Inc.
AsSysCtrlService.exe 1,392 K 6,080 K 3400 (Certificate expired)
AISuite3.exe 78,264 K 18,444 K 4192
AdobeGCClient.exe 3,536 K 9,480 K 8632 Adobe GC Client Application Adobe Systems, Incorporated (Verified) Adobe Systems Incorporated
aaHMSvc.exe 5,464 K 9,600 K 3280 ASUSTeK Computer Inc. (Verified) ASUSTeK Computer Inc.


Image Name                     PID Services                                    
========================= ======== ============================================
System Idle Process              0 N/A                                         
System                           4 N/A                                         
smss.exe                       356 N/A                                         
csrss.exe                      524 N/A                                         
wininit.exe                    628 N/A                                         
csrss.exe                      636 N/A                                         
services.exe                   704 N/A                                         
lsass.exe                      712 KeyIso, SamSs, VaultSvc                     
winlogon.exe                   836 N/A                                         
svchost.exe                    864 PlugPlay                                    
svchost.exe                    912 BrokerInfrastructure, DcomLaunch, Power,    
                                   SystemEventsBroker                          
fontdrvhost.exe                936 N/A                                         
svchost.exe                   1000 RpcEptMapper, RpcSs                         
fontdrvhost.exe               1020 N/A                                         
svchost.exe                    368 LSM                                         
dwm.exe                        884 N/A                                         
svchost.exe                   1040 gpsvc                                       
svchost.exe                   1068 wudfsvc                                     
svchost.exe                   1112 lmhosts                                     
svchost.exe                   1192 NcbService                                  
svchost.exe                   1200 TimeBrokerSvc                               
svchost.exe                   1236 Schedule                                    
WUDFHost.exe                  1256 N/A                                         
svchost.exe                   1340 hidserv                                     
svchost.exe                   1392 StorSvc                                     
svchost.exe                   1440 ProfSvc                                     
svchost.exe                   1548 BFE, CoreMessagingRegistrar, MpsSvc         
svchost.exe                   1600 UserManager                                 
atiesrxx.exe                  1652 AMD External Events Utility                 
svchost.exe                   1664 EventLog                                    
svchost.exe                   1724 StateRepository                             
svchost.exe                   1776 nsi                                         
atieclxx.exe                  1792 N/A                                         
svchost.exe                   1824 Themes                                      
svchost.exe                   1840 EventSystem                                 
svchost.exe                   1888 Dhcp                                        
svchost.exe                   1940 SENS                                        
svchost.exe                   2004 AudioEndpointBuilder                        
svchost.exe                   2020 FontCache                                   
svchost.exe                   1480 NlaSvc                                      
svchost.exe                   2080 Dnscache                                    
svchost.exe                   2236 netprofm                                    
svchost.exe                   2376 WinHttpAutoProxySvc                         
svchost.exe                   2500 Audiosrv                                    
svchost.exe                   2592 DusmSvc                                     
svchost.exe                   2604 Wcmsvc                                      
svchost.exe                   2680 WlanSvc                                     
svchost.exe                   2720 wuauserv                                    
svchost.exe                   2772 ShellHWDetection                            
spoolsv.exe                   2852 Spooler                                     
svchost.exe                   2928 Winmgmt                                     
svchost.exe                   2996 LanmanWorkstation                           
svchost.exe                   3036 iphlpsvc                                    
svchost.exe                   3056 CryptSvc                                    
AppleMobileDeviceService.     3064 Apple Mobile Device Service                 
AdobeUpdateService.exe        1576 AdobeUpdateService                          
AGSService.exe                1864 AGSService                                  
svchost.exe                   3080 IKEEXT                                      
mDNSResponder.exe             3148 Bonjour Service                             
atkexComSvc.exe               3156 asComSvc                                    
AsusFanControlService.exe     3164 AsusFanControlService                       
svchost.exe                   3176 PcaSvc                                      
svchost.exe                   3184 DPS                                         
OriginWebHelperService.ex     3204 Origin Web Helper Service                   
svchost.exe                   3236 stisvc                                      
NIHardwareService.exe         3264 NIHardwareService                           
SecurityHealthService.exe     3272 SecurityHealthService                       
aaHMSvc.exe                   3280 asHmComSvc                                  
ss_conn_service.exe           3292 ss_conn_service                             
plays_service.exe             3300 PlaysService                                
MotoHelperService.exe         3308 Motorola Device Manager                     
svchost.exe                   3324 SysMain                                     
svchost.exe                   3372 tiledatamodelsvc                            
svchost.exe                   3380 TrkWks                                      
downstreamproxyservice.ex     3392 gobblerproxy                                
AsSysCtrlService.exe          3400 AsSysCtrlService                            
ForwardDaemon.exe             3420 PST Service                                 
MsMpEng.exe                   3436 WinDefend                                   
svchost.exe                   3452 LanmanServer                                
svchost.exe                   3460 WpnService                                  
TeamViewer_Service.exe        3640 TeamViewer                                  
svchost.exe                   3824 WdiServiceHost                              
LDSvc.exe                     3832 PaceLicenseDServices                        
Memory Compression            3976 N/A                                         
svchost.exe                   4304 DeviceAssociationService                    
svchost.exe                   4344 NgcSvc                                      
svchost.exe                   4664 NgcCtnrSvc                                  
svchost.exe                   4996 PolicyAgent                                 
NisSrv.exe                    5436 WdNisSvc                                    
sihost.exe                    5932 N/A                                         
svchost.exe                   5944 CDPUserSvc_5ad4d                            
svchost.exe                   6028 WpnUserService_5ad4d                        
PushNotifyServer.exe          6096 N/A                                         
EzUpdt.exe                    6128 N/A                                         
AISuite3.exe                  4192 N/A                                         
taskhostw.exe                 5236 N/A                                         
DipAwayMode.exe               4628 N/A                                         
svchost.exe                   5340 TokenBroker                                 
explorer.exe                  6224 N/A                                         
ShellExperienceHost.exe       6740 N/A                                         
SearchUI.exe                  6784 N/A                                         
SearchIndexer.exe             6964 WSearch                                     
RuntimeBroker.exe             7148 N/A                                         
MotoHelperAgent.exe           7156 N/A                                         
smartscreen.exe               7252 N/A                                         
svchost.exe                   7344 LicenseManager                              
RemindersServer.exe           7472 N/A                                         
svchost.exe                   7512 lfsvc                                       
SkypeHost.exe                 7592 N/A                                         
MSASCuiL.exe                  7828 N/A                                         
SettingSyncHost.exe           8224 N/A                                         
cnext.exe                     8260 N/A                                         
GoogleCrashHandler.exe        8444 N/A                                         
GoogleCrashHandler64.exe      8452 N/A                                         
svchost.exe                   8516 SSDPSRV                                     
flux.exe                      8584 N/A                                         
WmiPrvSE.exe                  8740 N/A                                         
svchost.exe                   8908 WdiSystemHost                               
MOM.exe                       9096 N/A                                         
CCC.exe                       9196 N/A                                         
U3BoostSvr64.exe              2356 N/A                                         
SLSTaskbar.exe                5580 N/A                                         
SLSTaskbar64.exe              9084 N/A                                         
svchost.exe                   9380 OneSyncSvc_5ad4d,                           
                                   PimIndexMaintenanceSvc_5ad4d,               
                                   UnistoreSvc_5ad4d, UserDataSvc_5ad4d        
svchost.exe                  13360 CDPSvc                                      
PushNoticeMonitor.exe        15956 N/A                                         
PushNotify_PCCtrl.exe        15972 N/A                                         
dllhost.exe                  16300 N/A                                         
quasselclient.exe             1104 N/A                                         
chrome.exe                    9048 N/A                                         
chrome.exe                    8724 N/A                                         
chrome.exe                   10088 N/A                                         
chrome.exe                   13736 N/A                                         
chrome.exe                   13488 N/A                                         
chrome.exe                   13508 N/A                                         
chrome.exe                    1212 N/A                                         
chrome.exe                    6124 N/A                                         
svchost.exe                   2148 DoSvc                                       
HPSupportSolutionsFramewo     8352 HPSupportSolutionsFrameworkService          
svchost.exe                    644 wscsvc                                      
quasselclient.exe            10348 N/A                                         
WmiPrvSE.exe                 11056 N/A                                         
chrome.exe                   12188 N/A                                         
svchost.exe                  12912 Appinfo                                     
backgroundTaskHost.exe       13284 N/A                                         
cmd.exe                       9652 N/A                                         
conhost.exe                   1868 N/A                                         
tasklist.exe                  3788 N/A

 


  • 0

#5
RKinner
Posted 30 October 2017 - 10:02 PM

RKinner

    Malware Expert

  • Expert
  • 24,624 posts
  • MVP

Process Explorer looks very good.

 

Speccy shows the graphics card is running a bit hot.  Make sure its fan is running and that it is free of dust.

 

You have a Seagate drive that is not looking very healthy.  Lots of command timeouts and other errors.  Try running the Seatools for Windows program and let it do the long or extended test.

https://www.seagate....loads/seatools/

 

 

One of your SSDs is also showing some errors.  Get the 64 bit version of their tool from:

 

http://www.crucial.c...orage-executive

 

and see if it can optimize your drives.

 

You forgot to remove the serial number from your speccy log so I deleted the file.  Will attach a cleaned version to this post so I will have it for a reference.

 

 

Open an elevated command prompt:

http://www.howtogeek...-in-windows-10/
http://www.eightforu...indows-8-a.html

If you open an elevated command prompt it will by default open in c:\Windows\system32

Once you have an elevated command prompt:

Type:

 DISM  /Online  /Cleanup-Image  /RestoreHealth

 (I use two spaces so you can be sure to see where one space goes.)
Hit Enter.  This will take a while (10-20 minutes) to complete.  Once the prompt returns:

Reboot.  Open an elevated Command Prompt again and type (with an Enter after the line):

sfc  /scannow



This will also take a few minutes.  

When it finishes it will say one of the following:

Windows did not find any integrity violations (a good thing)
Windows Resource Protection found corrupt files and repaired them (a good thing)
Windows Resource Protection found corrupt files but was unable to fix some (or all) of them (not a good thing)

If you get the last result then type:

findstr  /c:"[SR]"  \windows\logs\cbs\cbs.log  >  \junk.txt

Hit Enter.  Then type::


notepad  \junk.txt

Hit Enter.

 Copy the text from notepad and paste it into a reply.


After you finish SFC, regardless of the result:



1. Please download the Event Viewer Tool by Vino Rosso
http://images.malwar...om/vino/VEW.exe
and save it to your Desktop:
2. Right-click VEW.exe and Run AS Administrator
3. Under 'Select log to query', select:

* System
4. Under 'Select type to list', select:
* Error
* Warning


Then use the 'Number of events' as follows:


1. Click the radio button for 'Number of events'
Type 20 in the 1 to 20 box
Then click the Run button.
Notepad will open with the output log.


Please post the Output log in your next reply then repeat but select Application.  (Each time you run VEW it overwrites the log so copy the first one to a Reply or rename it before running it a second time.)

 

 


  • 0

#6
benjy1
Posted 01 November 2017 - 03:53 PM

benjy1

    New Member

  • Topic Starter
  • Member
  • Pip
  • 8 posts

im sorry if sounds silly. i installed crucial but where is optimize drives?


  • 0

#7
RKinner
Posted 01 November 2017 - 03:56 PM

RKinner

    Malware Expert

  • Expert
  • 24,624 posts
  • MVP

Run

Storage Executive
  • Enable the Momentum Cache feature and make many SSD operations up to 10x faster
  • Download the latest firmware

Sometimes there is also a trim option.


  • 0

#8
benjy1
Posted 02 November 2017 - 08:38 AM

benjy1

    New Member

  • Topic Starter
  • Member
  • Pip
  • 8 posts

every scan went well. I think iv given you all you want :)

 

Vino's Event Viewer v01c run on Windows 7 in English
Report run at 02/11/2017 14:34:57
 
Note: All dates below are in the format dd/mm/yyyy
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Critical Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 01/11/2017 15:07:45
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.
 
Log: 'System' Date/Time: 01/11/2017 11:12:18
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.
 
Log: 'System' Date/Time: 31/10/2017 10:55:26
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.
 
Log: 'System' Date/Time: 30/10/2017 11:15:48
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.
 
Log: 'System' Date/Time: 25/10/2017 08:39:47
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.
 
Log: 'System' Date/Time: 23/10/2017 14:11:16
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.
 
Log: 'System' Date/Time: 22/10/2017 14:28:16
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.
 
Log: 'System' Date/Time: 19/10/2017 15:52:38
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.
 
Log: 'System' Date/Time: 19/10/2017 03:30:09
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.
 
Log: 'System' Date/Time: 18/10/2017 13:19:14
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.
 
Log: 'System' Date/Time: 18/10/2017 03:57:50
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.
 
Log: 'System' Date/Time: 16/10/2017 11:52:09
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.
 
Log: 'System' Date/Time: 10/10/2017 10:18:20
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.
 
Log: 'System' Date/Time: 09/10/2017 08:31:44
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.
 
Log: 'System' Date/Time: 08/10/2017 09:02:01
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.
 
Log: 'System' Date/Time: 07/10/2017 14:48:25
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.
 
Log: 'System' Date/Time: 07/10/2017 08:25:45
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.
 
Log: 'System' Date/Time: 06/10/2017 10:54:06
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.
 
Log: 'System' Date/Time: 03/10/2017 10:47:38
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.
 
Log: 'System' Date/Time: 03/10/2017 10:43:22
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 02/11/2017 13:30:38
Type: Error Category: 0
Event: 10001 Source: Microsoft-Windows-DistributedCOM
Unable to start a DCOM Server: Microsoft.Windows.Cortana_1.8.12.15063_neutral_neutral_cw5n1h2txyewy!CortanaUI.AppXtpp90jhw9p0njjb85kvhxpppgrqfp117.mca as Unavailable/Unavailable. The error: "31" Happened while starting this command: "C:\WINDOWS\system32\backgroundTaskHost.exe" -ServerName:CortanaUI.AppXy7vb4pc2dr3kc93kfc509b1d0arkfb2x.mca
 
Log: 'System' Date/Time: 02/11/2017 13:30:38
Type: Error Category: 0
Event: 10001 Source: Microsoft-Windows-DistributedCOM
Unable to start a DCOM Server: Microsoft.Windows.Cortana_1.8.12.15063_neutral_neutral_cw5n1h2txyewy!CortanaUI.AppXd4tad4d57t4wtdbnnmb8v2xtzym8c1n8.mca as Unavailable/Unavailable. The error: "31" Happened while starting this command: "C:\WINDOWS\system32\backgroundTaskHost.exe" -ServerName:CortanaUI.AppXy7vb4pc2dr3kc93kfc509b1d0arkfb2x.mca
 
Log: 'System' Date/Time: 02/11/2017 13:29:01
Type: Error Category: 0
Event: 10 Source: IntelHaxm
HAXM can't work on system with VT disabled
 
Log: 'System' Date/Time: 02/11/2017 13:29:00
Type: Error Category: 0
Event: 7000 Source: Service Control Manager
The CldFlt service failed to start due to the following error:  The request is not supported.
 
Log: 'System' Date/Time: 02/11/2017 13:28:26
Type: Error Category: 1
Event: 10 Source: Microsoft-Windows-EnhancedStorage-EhStorTcgDrv
A TCG Command has returned an error. Desc: AuthenticateSession Param1: 0x1 Param2: 0x60000001C Param3: 0x900000006 Param4: 0x0 Status: 0x12
 
Log: 'System' Date/Time: 02/11/2017 12:45:21
Type: Error Category: 0
Event: 10 Source: IntelHaxm
HAXM can't work on system with VT disabled
 
Log: 'System' Date/Time: 02/11/2017 12:45:20
Type: Error Category: 0
Event: 7000 Source: Service Control Manager
The CldFlt service failed to start due to the following error:  The request is not supported.
 
Log: 'System' Date/Time: 02/11/2017 12:45:12
Type: Error Category: 1
Event: 10 Source: Microsoft-Windows-EnhancedStorage-EhStorTcgDrv
A TCG Command has returned an error. Desc: AuthenticateSession Param1: 0x1 Param2: 0x60000001C Param3: 0x900000006 Param4: 0x0 Status: 0x1
 
Log: 'System' Date/Time: 02/11/2017 12:44:59
Type: Error Category: 0
Event: 10010 Source: Microsoft-Windows-DistributedCOM
The server {9BA05972-F6A8-11CF-A442-00A0C90A8F39} did not register with DCOM within the required timeout.
 
Log: 'System' Date/Time: 02/11/2017 12:22:02
Type: Error Category: 0
Event: 10 Source: IntelHaxm
HAXM can't work on system with VT disabled
 
Log: 'System' Date/Time: 02/11/2017 12:22:01
Type: Error Category: 0
Event: 7000 Source: Service Control Manager
The CldFlt service failed to start due to the following error:  The request is not supported.
 
Log: 'System' Date/Time: 02/11/2017 12:21:53
Type: Error Category: 1
Event: 10 Source: Microsoft-Windows-EnhancedStorage-EhStorTcgDrv
A TCG Command has returned an error. Desc: AuthenticateSession Param1: 0x1 Param2: 0x60000001C Param3: 0x900000006 Param4: 0x0 Status: 0x1
 
Log: 'System' Date/Time: 02/11/2017 12:04:23
Type: Error Category: 0
Event: 10 Source: IntelHaxm
HAXM can't work on system with VT disabled
 
Log: 'System' Date/Time: 02/11/2017 12:04:22
Type: Error Category: 0
Event: 7000 Source: Service Control Manager
The CldFlt service failed to start due to the following error:  The request is not supported.
 
Log: 'System' Date/Time: 02/11/2017 12:04:14
Type: Error Category: 1
Event: 10 Source: Microsoft-Windows-EnhancedStorage-EhStorTcgDrv
A TCG Command has returned an error. Desc: AuthenticateSession Param1: 0x1 Param2: 0x60000001C Param3: 0x900000006 Param4: 0x0 Status: 0x1
 
Log: 'System' Date/Time: 02/11/2017 12:04:02
Type: Error Category: 0
Event: 10010 Source: Microsoft-Windows-DistributedCOM
The server {9BA05972-F6A8-11CF-A442-00A0C90A8F39} did not register with DCOM within the required timeout.
 
Log: 'System' Date/Time: 02/11/2017 11:19:12
Type: Error Category: 0
Event: 10 Source: IntelHaxm
HAXM can't work on system with VT disabled
 
Log: 'System' Date/Time: 02/11/2017 11:19:12
Type: Error Category: 0
Event: 7000 Source: Service Control Manager
The CldFlt service failed to start due to the following error:  The request is not supported.
 
Log: 'System' Date/Time: 02/11/2017 11:19:03
Type: Error Category: 1
Event: 10 Source: Microsoft-Windows-EnhancedStorage-EhStorTcgDrv
A TCG Command has returned an error. Desc: AuthenticateSession Param1: 0x1 Param2: 0x60000001C Param3: 0x900000006 Param4: 0x0 Status: 0x1
 
Log: 'System' Date/Time: 02/11/2017 11:18:47
Type: Error Category: 0
Event: 10010 Source: Microsoft-Windows-DistributedCOM
The server Microsoft.Windows.Cortana_1.8.12.15063_neutral_neutral_cw5n1h2txyewy!CortanaUI.AppXjxtspbn4351hrtx8tc95e89kaz3h2f1f.mca did not register with DCOM within the required timeout.
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 02/11/2017 13:29:01
Type: Warning Category: 0
Event: 4291 Source: Tcpip
The network adapter with hardware address 44-33-4C-06-60-9A has indicated packet coalescing capability without indicating support for one or more prerequisite receive filter capabilities (IPv4 0x00000000).
 
Log: 'System' Date/Time: 02/11/2017 13:29:01
Type: Warning Category: 0
Event: 4291 Source: Tcpip
The network adapter with hardware address 44-33-4C-06-60-9A has indicated packet coalescing capability without indicating support for one or more prerequisite receive filter capabilities (IPv6 0x00000000).
 
Log: 'System' Date/Time: 02/11/2017 13:28:28
Type: Warning Category: 212
Event: 219 Source: Microsoft-Windows-Kernel-PnP
The driver \Driver\WUDFRd failed to load for the device ACPI\PNP0A0A\2&daba3ff&0.
 
Log: 'System' Date/Time: 02/11/2017 12:45:21
Type: Warning Category: 0
Event: 4291 Source: Tcpip
The network adapter with hardware address 44-33-4C-06-60-9A has indicated packet coalescing capability without indicating support for one or more prerequisite receive filter capabilities (IPv6 0x00000000).
 
Log: 'System' Date/Time: 02/11/2017 12:45:21
Type: Warning Category: 0
Event: 4291 Source: Tcpip
The network adapter with hardware address 44-33-4C-06-60-9A has indicated packet coalescing capability without indicating support for one or more prerequisite receive filter capabilities (IPv4 0x00000000).
 
Log: 'System' Date/Time: 02/11/2017 12:45:14
Type: Warning Category: 212
Event: 219 Source: Microsoft-Windows-Kernel-PnP
The driver \Driver\WUDFRd failed to load for the device ACPI\PNP0A0A\2&daba3ff&0.
 
Log: 'System' Date/Time: 02/11/2017 12:22:02
Type: Warning Category: 0
Event: 4291 Source: Tcpip
The network adapter with hardware address 44-33-4C-06-60-9A has indicated packet coalescing capability without indicating support for one or more prerequisite receive filter capabilities (IPv6 0x00000000).
 
Log: 'System' Date/Time: 02/11/2017 12:22:02
Type: Warning Category: 0
Event: 4291 Source: Tcpip
The network adapter with hardware address 44-33-4C-06-60-9A has indicated packet coalescing capability without indicating support for one or more prerequisite receive filter capabilities (IPv4 0x00000000).
 
Log: 'System' Date/Time: 02/11/2017 12:21:55
Type: Warning Category: 212
Event: 219 Source: Microsoft-Windows-Kernel-PnP
The driver \Driver\WUDFRd failed to load for the device ACPI\PNP0A0A\2&daba3ff&0.
 
Log: 'System' Date/Time: 02/11/2017 12:04:23
Type: Warning Category: 0
Event: 4291 Source: Tcpip
The network adapter with hardware address 44-33-4C-06-60-9A has indicated packet coalescing capability without indicating support for one or more prerequisite receive filter capabilities (IPv6 0x00000000).
 
Log: 'System' Date/Time: 02/11/2017 12:04:23
Type: Warning Category: 0
Event: 4291 Source: Tcpip
The network adapter with hardware address 44-33-4C-06-60-9A has indicated packet coalescing capability without indicating support for one or more prerequisite receive filter capabilities (IPv4 0x00000000).
 
Log: 'System' Date/Time: 02/11/2017 12:04:16
Type: Warning Category: 212
Event: 219 Source: Microsoft-Windows-Kernel-PnP
The driver \Driver\WUDFRd failed to load for the device ACPI\PNP0A0A\2&daba3ff&0.
 
Log: 'System' Date/Time: 02/11/2017 11:19:12
Type: Warning Category: 0
Event: 4291 Source: Tcpip
The network adapter with hardware address 44-33-4C-06-60-9A has indicated packet coalescing capability without indicating support for one or more prerequisite receive filter capabilities (IPv4 0x00000000).
 
Log: 'System' Date/Time: 02/11/2017 11:19:12
Type: Warning Category: 0
Event: 4291 Source: Tcpip
The network adapter with hardware address 44-33-4C-06-60-9A has indicated packet coalescing capability without indicating support for one or more prerequisite receive filter capabilities (IPv6 0x00000000).
 
Log: 'System' Date/Time: 02/11/2017 11:19:05
Type: Warning Category: 212
Event: 219 Source: Microsoft-Windows-Kernel-PnP
The driver \Driver\WUDFRd failed to load for the device ACPI\PNP0A0A\2&daba3ff&0.
 
Log: 'System' Date/Time: 01/11/2017 22:28:13
Type: Warning Category: 223
Event: 225 Source: Microsoft-Windows-Kernel-PnP
The application \Device\HarddiskVolume2\Program Files (x86)\Google\Chrome\Application\chrome.exe with process id 17336 stopped the removal or ejection for the device SCSI\Disk&Ven_&Prod_Crucial_CT256MX1\4&e937c7&0&000000.
 
Log: 'System' Date/Time: 01/11/2017 22:28:13
Type: Warning Category: 223
Event: 225 Source: Microsoft-Windows-Kernel-PnP
The application \Device\HarddiskVolume2\Program Files (x86)\Google\Chrome\Application\chrome.exe with process id 17136 stopped the removal or ejection for the device SCSI\Disk&Ven_&Prod_Crucial_CT256MX1\4&e937c7&0&000000.
 
Log: 'System' Date/Time: 01/11/2017 22:28:13
Type: Warning Category: 223
Event: 225 Source: Microsoft-Windows-Kernel-PnP
The application \Device\HarddiskVolume2\Program Files (x86)\ASUS\AI Suite III\Push Notice\PushNotify_PCCtrl.exe with process id 17112 stopped the removal or ejection for the device SCSI\Disk&Ven_&Prod_Crucial_CT256MX1\4&e937c7&0&000000.
 
Log: 'System' Date/Time: 01/11/2017 22:28:13
Type: Warning Category: 223
Event: 225 Source: Microsoft-Windows-Kernel-PnP
The application \Device\HarddiskVolume2\Program Files (x86)\Quassel\quasselclient.exe with process id 15252 stopped the removal or ejection for the device SCSI\Disk&Ven_&Prod_Crucial_CT256MX1\4&e937c7&0&000000.
 
Log: 'System' Date/Time: 01/11/2017 22:28:13
Type: Warning Category: 223
Event: 225 Source: Microsoft-Windows-Kernel-PnP
The application \Device\HarddiskVolume2\Program Files (x86)\Google\Chrome\Application\chrome.exe with process id 15176 stopped the removal or ejection for the device SCSI\Disk&Ven_&Prod_Crucial_CT256MX1\4&e937c7&0&000000.
 
 
 
 
 
Vino's Event Viewer v01c run on Windows 7 in English
Report run at 02/11/2017 14:36:13
 
Note: All dates below are in the format dd/mm/yyyy
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Critical Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'Application' Date/Time: 02/11/2017 13:59:09
Type: Error Category: 0
Event: 35 Source: SideBySide
Activation context generation failed for "C:\Program Files (x86)\Waves\Applications\wlc.exe".Error in manifest or policy file "C:\Program Files (x86)\Waves\Applications\WavesQtLibs_4.8.2_Win32_Release\WavesQtLibs_4.8.2_Win32_Release.MANIFEST" on line 8. Component identity found in manifest does not match the identity of the component requested. Reference is WavesQtLibs_4.8.2_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0". Definition is WavesQtLibs_4.8.2_Win32_Release,processorArchitecture="x86",type="win32",version="1.0.0.0". Please use sxstrace.exe for detailed diagnosis.
 
Log: 'Application' Date/Time: 02/11/2017 13:59:08
Type: Error Category: 0
Event: 35 Source: SideBySide
Activation context generation failed for "C:\Program Files (x86)\Waves\Applications\GTRSolo 3.5.exe".Error in manifest or policy file "C:\Program Files (x86)\Waves\Applications\WavesQtLibs_4.7.3_Win32_Release\WavesQtLibs_4.7.3_Win32_Release.MANIFEST" on line 8. Component identity found in manifest does not match the identity of the component requested. Reference is WavesQtLibs_4.7.3_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0". Definition is WavesQtLibs_4.7.3_Win32_Release,processorArchitecture="x86",type="win32",version="1.0.0.0". Please use sxstrace.exe for detailed diagnosis.
 
Log: 'Application' Date/Time: 02/11/2017 13:59:07
Type: Error Category: 0
Event: 35 Source: SideBySide
Activation context generation failed for "C:\Program Files (x86)\Waves\Applications\Element App.exe".Error in manifest or policy file "C:\Program Files (x86)\Waves\Applications\WavesQtLibs_4.7.3_Win32_Release\WavesQtLibs_4.7.3_Win32_Release.MANIFEST" on line 8. Component identity found in manifest does not match the identity of the component requested. Reference is WavesQtLibs_4.7.3_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0". Definition is WavesQtLibs_4.7.3_Win32_Release,processorArchitecture="x86",type="win32",version="1.0.0.0". Please use sxstrace.exe for detailed diagnosis.
 
Log: 'Application' Date/Time: 02/11/2017 13:59:06
Type: Error Category: 0
Event: 35 Source: SideBySide
Activation context generation failed for "C:\Program Files (x86)\Waves\Applications\GTR 3.5.exe".Error in manifest or policy file "C:\Program Files (x86)\Waves\Applications\WavesQtLibs_4.7.3_Win32_Release\WavesQtLibs_4.7.3_Win32_Release.MANIFEST" on line 8. Component identity found in manifest does not match the identity of the component requested. Reference is WavesQtLibs_4.7.3_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0". Definition is WavesQtLibs_4.7.3_Win32_Release,processorArchitecture="x86",type="win32",version="1.0.0.0". Please use sxstrace.exe for detailed diagnosis.
 
Log: 'Application' Date/Time: 02/11/2017 13:30:38
Type: Error Category: 5973
Event: 5973 Source: Microsoft-Windows-Immersive-Shell
Activation of application Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI failed with error: A device attached to the system is not functioning. See the Microsoft-Windows-TWinUI/Operational log for additional information.
 
Log: 'Application' Date/Time: 02/11/2017 13:30:38
Type: Error Category: 5973
Event: 5973 Source: Microsoft-Windows-Immersive-Shell
Activation of application Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI failed with error: A device attached to the system is not functioning. See the Microsoft-Windows-TWinUI/Operational log for additional information.
 
Log: 'Application' Date/Time: 02/11/2017 13:30:38
Type: Error Category: 5973
Event: 5973 Source: Microsoft-Windows-Immersive-Shell
Activation of application Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI failed with error: The remote procedure call failed. See the Microsoft-Windows-TWinUI/Operational log for additional information.
 
Log: 'Application' Date/Time: 02/11/2017 13:30:37
Type: Error Category: 5973
Event: 5973 Source: Microsoft-Windows-Immersive-Shell
Activation of application Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI failed with error: The app didn't start. See the Microsoft-Windows-TWinUI/Operational log for additional information.
 
Log: 'Application' Date/Time: 02/11/2017 13:28:04
Type: Error Category: 0
Event: 35 Source: SideBySide
Activation context generation failed for "C:\Program Files (x86)\Waves\Applications\wlc.exe".Error in manifest or policy file "C:\Program Files (x86)\Waves\Applications\WavesQtLibs_4.8.2_Win32_Release\WavesQtLibs_4.8.2_Win32_Release.MANIFEST" on line 8. Component identity found in manifest does not match the identity of the component requested. Reference is WavesQtLibs_4.8.2_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0". Definition is WavesQtLibs_4.8.2_Win32_Release,processorArchitecture="x86",type="win32",version="1.0.0.0". Please use sxstrace.exe for detailed diagnosis.
 
Log: 'Application' Date/Time: 02/11/2017 13:28:04
Type: Error Category: 0
Event: 35 Source: SideBySide
Activation context generation failed for "C:\Program Files (x86)\Waves\Applications\GTRSolo 3.5.exe".Error in manifest or policy file "C:\Program Files (x86)\Waves\Applications\WavesQtLibs_4.7.3_Win32_Release\WavesQtLibs_4.7.3_Win32_Release.MANIFEST" on line 8. Component identity found in manifest does not match the identity of the component requested. Reference is WavesQtLibs_4.7.3_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0". Definition is WavesQtLibs_4.7.3_Win32_Release,processorArchitecture="x86",type="win32",version="1.0.0.0". Please use sxstrace.exe for detailed diagnosis.
 
Log: 'Application' Date/Time: 02/11/2017 13:28:04
Type: Error Category: 0
Event: 35 Source: SideBySide
Activation context generation failed for "C:\Program Files (x86)\Waves\Applications\GTR 3.5.exe".Error in manifest or policy file "C:\Program Files (x86)\Waves\Applications\WavesQtLibs_4.7.3_Win32_Release\WavesQtLibs_4.7.3_Win32_Release.MANIFEST" on line 8. Component identity found in manifest does not match the identity of the component requested. Reference is WavesQtLibs_4.7.3_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0". Definition is WavesQtLibs_4.7.3_Win32_Release,processorArchitecture="x86",type="win32",version="1.0.0.0". Please use sxstrace.exe for detailed diagnosis.
 
Log: 'Application' Date/Time: 02/11/2017 13:28:04
Type: Error Category: 0
Event: 35 Source: SideBySide
Activation context generation failed for "C:\Program Files (x86)\Waves\Applications\Element App.exe".Error in manifest or policy file "C:\Program Files (x86)\Waves\Applications\WavesQtLibs_4.7.3_Win32_Release\WavesQtLibs_4.7.3_Win32_Release.MANIFEST" on line 8. Component identity found in manifest does not match the identity of the component requested. Reference is WavesQtLibs_4.7.3_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0". Definition is WavesQtLibs_4.7.3_Win32_Release,processorArchitecture="x86",type="win32",version="1.0.0.0". Please use sxstrace.exe for detailed diagnosis.
 
Log: 'Application' Date/Time: 02/11/2017 13:28:01
Type: Error Category: 0
Event: 78 Source: SideBySide
Activation context generation failed for "C:\Program Files (x86)\Audacity\audacity.exe".Error in manifest or policy file "" on line . A component version required by the application conflicts with another component version already active. Conflicting components are:. Component 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.15063.483_none_26002d27e7c744a2.manifest. Component 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.15063.483_none_6dad63fefc436da8.manifest.
 
Log: 'Application' Date/Time: 02/11/2017 13:24:58
Type: Error Category: 0
Event: 10005 Source: MsiInstaller
Product: Bonjour -- A later version of Bonjour is already installed on this computer.
 
Log: 'Application' Date/Time: 02/11/2017 12:45:41
Type: Error Category: 0
Event: 35 Source: SideBySide
Activation context generation failed for "C:\Program Files (x86)\Waves\Applications\wlc.exe".Error in manifest or policy file "C:\Program Files (x86)\Waves\Applications\WavesQtLibs_4.8.2_Win32_Release\WavesQtLibs_4.8.2_Win32_Release.MANIFEST" on line 8. Component identity found in manifest does not match the identity of the component requested. Reference is WavesQtLibs_4.8.2_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0". Definition is WavesQtLibs_4.8.2_Win32_Release,processorArchitecture="x86",type="win32",version="1.0.0.0". Please use sxstrace.exe for detailed diagnosis.
 
Log: 'Application' Date/Time: 02/11/2017 12:45:40
Type: Error Category: 0
Event: 35 Source: SideBySide
Activation context generation failed for "C:\Program Files (x86)\Waves\Applications\GTRSolo 3.5.exe".Error in manifest or policy file "C:\Program Files (x86)\Waves\Applications\WavesQtLibs_4.7.3_Win32_Release\WavesQtLibs_4.7.3_Win32_Release.MANIFEST" on line 8. Component identity found in manifest does not match the identity of the component requested. Reference is WavesQtLibs_4.7.3_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0". Definition is WavesQtLibs_4.7.3_Win32_Release,processorArchitecture="x86",type="win32",version="1.0.0.0". Please use sxstrace.exe for detailed diagnosis.
 
Log: 'Application' Date/Time: 02/11/2017 12:45:39
Type: Error Category: 0
Event: 35 Source: SideBySide
Activation context generation failed for "C:\Program Files (x86)\Waves\Applications\Element App.exe".Error in manifest or policy file "C:\Program Files (x86)\Waves\Applications\WavesQtLibs_4.7.3_Win32_Release\WavesQtLibs_4.7.3_Win32_Release.MANIFEST" on line 8. Component identity found in manifest does not match the identity of the component requested. Reference is WavesQtLibs_4.7.3_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0". Definition is WavesQtLibs_4.7.3_Win32_Release,processorArchitecture="x86",type="win32",version="1.0.0.0". Please use sxstrace.exe for detailed diagnosis.
 
Log: 'Application' Date/Time: 02/11/2017 12:45:38
Type: Error Category: 0
Event: 35 Source: SideBySide
Activation context generation failed for "C:\Program Files (x86)\Waves\Applications\GTR 3.5.exe".Error in manifest or policy file "C:\Program Files (x86)\Waves\Applications\WavesQtLibs_4.7.3_Win32_Release\WavesQtLibs_4.7.3_Win32_Release.MANIFEST" on line 8. Component identity found in manifest does not match the identity of the component requested. Reference is WavesQtLibs_4.7.3_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0". Definition is WavesQtLibs_4.7.3_Win32_Release,processorArchitecture="x86",type="win32",version="1.0.0.0". Please use sxstrace.exe for detailed diagnosis.
 
Log: 'Application' Date/Time: 02/11/2017 12:44:57
Type: Error Category: 0
Event: 78 Source: SideBySide
Activation context generation failed for "C:\Program Files (x86)\Audacity\audacity.exe".Error in manifest or policy file "" on line . A component version required by the application conflicts with another component version already active. Conflicting components are:. Component 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.15063.483_none_26002d27e7c744a2.manifest. Component 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.15063.483_none_6dad63fefc436da8.manifest.
 
Log: 'Application' Date/Time: 02/11/2017 12:44:45
Type: Error Category: 0
Event: 1013 Source: MsiInstaller
Product: PACE License Support Win64 -- A later version of this product is already installed. To install this earlier version, please uninstall the existing version first.
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'Application' Date/Time: 02/11/2017 13:30:35
Type: Warning Category: 0
Event: 8233 Source: Microsoft-Windows-Security-SPP
The rules engine reported a failed VL activation attempt. Reason:0x8007232B AppId = 0ff1ce15-a989-479d-af46-f275c6370663, SkuId = d450596f-894d-49e0-966a-fd39ed4c4c64 Trigger=UserLogon(1)
 
Log: 'Application' Date/Time: 02/11/2017 13:29:09
Type: Warning Category: 0
Event: 8233 Source: Microsoft-Windows-Security-SPP
The rules engine reported a failed VL activation attempt. Reason:0x8007232B AppId = 0ff1ce15-a989-479d-af46-f275c6370663, SkuId = d450596f-894d-49e0-966a-fd39ed4c4c64 Trigger=NetworkAvailable
 
Log: 'Application' Date/Time: 02/11/2017 12:45:33
Type: Warning Category: 0
Event: 8233 Source: Microsoft-Windows-Security-SPP
The rules engine reported a failed VL activation attempt. Reason:0x8007232B AppId = 0ff1ce15-a989-479d-af46-f275c6370663, SkuId = d450596f-894d-49e0-966a-fd39ed4c4c64 Trigger=UserLogon(1)
 
Log: 'Application' Date/Time: 02/11/2017 12:45:29
Type: Warning Category: 0
Event: 8233 Source: Microsoft-Windows-Security-SPP
The rules engine reported a failed VL activation attempt. Reason:0x8007232B AppId = 0ff1ce15-a989-479d-af46-f275c6370663, SkuId = d450596f-894d-49e0-966a-fd39ed4c4c64 Trigger=NetworkAvailable
 
Log: 'Application' Date/Time: 02/11/2017 12:23:11
Type: Warning Category: 0
Event: 8233 Source: Microsoft-Windows-Security-SPP
The rules engine reported a failed VL activation attempt. Reason:0x8007232B AppId = 0ff1ce15-a989-479d-af46-f275c6370663, SkuId = d450596f-894d-49e0-966a-fd39ed4c4c64 Trigger=UserLogon(1)
 
Log: 'Application' Date/Time: 02/11/2017 12:22:10
Type: Warning Category: 0
Event: 8233 Source: Microsoft-Windows-Security-SPP
The rules engine reported a failed VL activation attempt. Reason:0x8007232B AppId = 0ff1ce15-a989-479d-af46-f275c6370663, SkuId = d450596f-894d-49e0-966a-fd39ed4c4c64 Trigger=NetworkAvailable
 
Log: 'Application' Date/Time: 02/11/2017 12:04:46
Type: Warning Category: 0
Event: 8233 Source: Microsoft-Windows-Security-SPP
The rules engine reported a failed VL activation attempt. Reason:0x8007232B AppId = 0ff1ce15-a989-479d-af46-f275c6370663, SkuId = d450596f-894d-49e0-966a-fd39ed4c4c64 Trigger=UserLogon(1)
 
Log: 'Application' Date/Time: 02/11/2017 12:04:33
Type: Warning Category: 0
Event: 8233 Source: Microsoft-Windows-Security-SPP
The rules engine reported a failed VL activation attempt. Reason:0x8007232B AppId = 0ff1ce15-a989-479d-af46-f275c6370663, SkuId = d450596f-894d-49e0-966a-fd39ed4c4c64 Trigger=NetworkAvailable
 
Log: 'Application' Date/Time: 02/11/2017 11:46:20
Type: Warning Category: 0
Event: 8303 Source: Microsoft-Windows-System-Restore
Scoping unsuccessful for shadowcopy \\?\GLOBALROOT\Device\HarddiskVolumeShadowCopy2 with error 0x80070057.
 
Log: 'Application' Date/Time: 02/11/2017 11:19:33
Type: Warning Category: 0
Event: 8233 Source: Microsoft-Windows-Security-SPP
The rules engine reported a failed VL activation attempt. Reason:0x8007232B AppId = 0ff1ce15-a989-479d-af46-f275c6370663, SkuId = d450596f-894d-49e0-966a-fd39ed4c4c64 Trigger=UserLogon(1)
 
Log: 'Application' Date/Time: 02/11/2017 11:19:23
Type: Warning Category: 0
Event: 8233 Source: Microsoft-Windows-Security-SPP
The rules engine reported a failed VL activation attempt. Reason:0x8007232B AppId = 0ff1ce15-a989-479d-af46-f275c6370663, SkuId = d450596f-894d-49e0-966a-fd39ed4c4c64 Trigger=NetworkAvailable
 
Log: 'Application' Date/Time: 02/11/2017 11:18:34
Type: Warning Category: 0
Event: 8233 Source: Microsoft-Windows-Security-SPP
The rules engine reported a failed VL activation attempt. Reason:0x8007232B AppId = 0ff1ce15-a989-479d-af46-f275c6370663, SkuId = d450596f-894d-49e0-966a-fd39ed4c4c64 Trigger=UserLogon(2)
 
Log: 'Application' Date/Time: 02/11/2017 11:04:52
Type: Warning Category: 0
Event: 8233 Source: Microsoft-Windows-Security-SPP
The rules engine reported a failed VL activation attempt. Reason:0x8007232B AppId = 0ff1ce15-a989-479d-af46-f275c6370663, SkuId = d450596f-894d-49e0-966a-fd39ed4c4c64 Trigger=NetworkAvailable
 
Log: 'Application' Date/Time: 02/11/2017 11:04:48
Type: Warning Category: 0
Event: 8233 Source: Microsoft-Windows-Security-SPP
The rules engine reported a failed VL activation attempt. Reason:0x8007232B AppId = 0ff1ce15-a989-479d-af46-f275c6370663, SkuId = d450596f-894d-49e0-966a-fd39ed4c4c64 Trigger=NetworkAvailable
 
Log: 'Application' Date/Time: 02/11/2017 11:04:42
Type: Warning Category: 0
Event: 8233 Source: Microsoft-Windows-Security-SPP
The rules engine reported a failed VL activation attempt. Reason:0x8007232B AppId = 0ff1ce15-a989-479d-af46-f275c6370663, SkuId = d450596f-894d-49e0-966a-fd39ed4c4c64 Trigger=TimerEvent
 
Log: 'Application' Date/Time: 02/11/2017 04:18:45
Type: Warning Category: 0
Event: 8233 Source: Microsoft-Windows-Security-SPP
The rules engine reported a failed VL activation attempt. Reason:0x8007232B AppId = 0ff1ce15-a989-479d-af46-f275c6370663, SkuId = d450596f-894d-49e0-966a-fd39ed4c4c64 Trigger=TimerEvent
 
Log: 'Application' Date/Time: 02/11/2017 02:18:45
Type: Warning Category: 0
Event: 8233 Source: Microsoft-Windows-Security-SPP
The rules engine reported a failed VL activation attempt. Reason:0x8007232B AppId = 0ff1ce15-a989-479d-af46-f275c6370663, SkuId = d450596f-894d-49e0-966a-fd39ed4c4c64 Trigger=TimerEvent
 
Log: 'Application' Date/Time: 02/11/2017 00:18:45
Type: Warning Category: 0
Event: 8233 Source: Microsoft-Windows-Security-SPP
The rules engine reported a failed VL activation attempt. Reason:0x8007232B AppId = 0ff1ce15-a989-479d-af46-f275c6370663, SkuId = d450596f-894d-49e0-966a-fd39ed4c4c64 Trigger=TimerEvent
 
Log: 'Application' Date/Time: 01/11/2017 22:18:47
Type: Warning Category: 0
Event: 8233 Source: Microsoft-Windows-Security-SPP
The rules engine reported a failed VL activation attempt. Reason:0x8007232B AppId = 0ff1ce15-a989-479d-af46-f275c6370663, SkuId = d450596f-894d-49e0-966a-fd39ed4c4c64 Trigger=UserLogon(1)
 
Log: 'Application' Date/Time: 01/11/2017 22:18:43
Type: Warning Category: 0
Event: 8233 Source: Microsoft-Windows-Security-SPP
The rules engine reported a failed VL activation attempt. Reason:0x8007232B AppId = 0ff1ce15-a989-479d-af46-f275c6370663, SkuId = d450596f-894d-49e0-966a-fd39ed4c4c64 Trigger=NetworkAvailable

  • 0

#9
RKinner
Posted 02 November 2017 - 09:23 AM

RKinner

    Malware Expert

  • Expert
  • 24,624 posts
  • MVP

Why do you have so many of these:
 

 

The system has rebooted without cleanly shutting down first.

 

 

Is it hanging up on you?

 

Log: 'System' Date/Time: 02/11/2017 12:45:21
Type: Error Category: 0
Event: 10 Source: IntelHaxm
HAXM can't work on system with VT disabled

 

 

 
Expect it's associated with Android Studio.
 
Log: 'System' Date/Time: 02/11/2017 13:28:26
Type: Error Category: 1
Event: 10 Source: Microsoft-Windows-EnhancedStorage-EhStorTcgDrv
A TCG Command has returned an error. Desc: AuthenticateSession Param1: 0x1 Param2: 0x60000001C Param3: 0x900000006 Param4: 0x0 Status: 0x12
 
 

 

 

Long discussion on this issue.  Seems to be a problem with Crucial SSDs.
 
 
Still unable to install Waves:
 

Log: 'Application' Date/Time: 02/11/2017 13:59:09
Type: Error Category: 0
Event: 35 Source: SideBySide
Activation context generation failed for "C:\Program Files (x86)\Waves\Applications\wlc.exe".Error in manifest or policy file "C:\Program Files (x86)\Waves\Applications\WavesQtLibs_4.8.2_Win32_Release\WavesQtLibs_4.8.2_Win32_Release.MANIFEST" on line 8. Component identity found in manifest does not match the identity of the component requested. Reference is WavesQtLibs_4.8.2_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0". Definition is WavesQtLibs_4.8.2_Win32_Release,processorArchitecture="x86",type="win32",version="1.0.0.0". Please use sxstrace.exe for detailed diagnosis.

 

 

 
 

  • 0

#10
benjy1
Posted 02 November 2017 - 06:54 PM

benjy1

    New Member

  • Topic Starter
  • Member
  • Pip
  • 8 posts

I have no idea. You got toremember i have only just brought this second hand laptop and its laggy. Iv had it less then 2 weeks. It was meant to be a gift for my mum. But now i think i got a rubbish laptop :(


  • 0

#11
RKinner
Posted 02 November 2017 - 08:59 PM

RKinner

    Malware Expert

  • Expert
  • 24,624 posts
  • MVP

Uninstall Waves and Android studio.


  • 0

#12
benjy1
Posted 05 November 2017 - 03:48 PM

benjy1

    New Member

  • Topic Starter
  • Member
  • Pip
  • 8 posts

Ok done


  • 0

#13
RKinner
Posted 06 November 2017 - 08:22 AM

RKinner

    Malware Expert

  • Expert
  • 24,624 posts
  • MVP

reboot if you haven't already after uninstalling the software.  Run VEW as before and post both.


  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP