Hi, Please can you help. My Pc has become infected with a virus of some sort. It has disabled my Anti virus software (Avast). It wont let windows update. Windows Defender does not pick up any problems during scans. I have followed instructions from this website to try and run several anti malware tools but all are shut down apart from one. Malwarebytes was shut down, Vipre was shut down. Super Anti spyware did install and run, it found over 1000 items but I guess not the one causing the proplem. I tried running all these in safe mode but the outcome was the same. Links to web pages are now not working. My Son usually plays on Roblox but that now will not open. Nor will Steam open.
When I do try to update Windows, right at the end it is asking me to uninstall Glyph Client?
Please find the FRST text files below:
Ran by VINCENT (administrator) on MCNULTYS_PC (28-11-2017 14:58:23)
Running from C:\Users\VINCENT\Desktop
Loaded Profiles: VINCENT (Available Profiles: VINCENT)
Platform: Windows 10 Home Version 1607 14393.1914 (X64) Language: English (United Kingdom)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Broadcom Corporation.) C:\Windows\System32\BtwRSupportService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Portrait Displays, Inc.) C:\Program Files (x86)\Common Files\Portrait Displays\Libs\DTuneSrvc.exe
(SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50STB.EXE
(SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(HP Inc.) C:\Program Files\HP\HP Touchpoint Analytics Client\TouchpointAnalyticsClientService.exe
(Pokki) C:\Users\VINCENT\AppData\Local\SweetLabs App Platform\Engine\ServiceHostAppUpdater.exe
() C:\Program Files\Hewlett-Packard\SimplePass\opvapp.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.8.487.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\SimplePass\ClientCore.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBroker.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBrokerDsktop.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(SUPERAntiSpyware) C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office12\WINWORD.EXE
(Microsoft Corporation) C:\Windows\splwow64.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.8700.40675.0_x64__8wekyb3d8bbwe\HxOutlook.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.8700.40675.0_x64__8wekyb3d8bbwe\HxTsr.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Corporation) C:\Windows\System32\InstallAgent.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8496344 2016-05-19] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1393880 2016-05-19] (Realtek Semiconductor)
HKLM\...\Run: [IgfxTray] => C:\windows\system32\igfxtray.exe [402904 2016-01-19] ()
HKLM\...\Run: [SimplePass] => C:\Program Files\Hewlett-Packard\SimplePass\ClientCore.exe [3957816 2014-02-07] (Hewlett-Packard)
HKLM\...\Run: [OPBHOBroker] => C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBroker.exe [415288 2014-02-07] (Hewlett-Packard)
HKLM\...\Run: [OPBHOBrokerDesktop] => C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBrokerDsktop.exe [415288 2014-02-07] (Hewlett-Packard)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [170280 2015-07-11] (Apple Inc.)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [253344 2017-10-10] (AVAST Software)
HKLM\...\Run: [WindowsDefender] => C:\Program Files\Windows Defender\MSASCuiL.exe [631808 2017-04-27] (Microsoft Corporation)
HKLM-x32\...\Run: [DT_HPO] => C:\Program Files (x86)\Hewlett-Packard\HP My Display\DTuneStartup.exe [142160 2014-01-28] (Hewlett-Packard)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [31016 2006-10-26] (Microsoft Corporation)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [597016 2016-03-31] (Oracle Corporation)
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
Winlogon\Notify\igfxcui: igfxdev.dll [X]
HKU\S-1-5-21-61005078-2373781621-4259978329-1001\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [1421736 2017-03-28] (Garmin Ltd. or its subsidiaries)
HKU\S-1-5-21-61005078-2373781621-4259978329-1001\...\Run: [EPSON SX420W Series] => C:\windows\system32\spool\DRIVERS\x64\3\E_IATIGCE.EXE [224768 2009-09-14] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-61005078-2373781621-4259978329-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3102496 2017-10-31] (Valve Corporation)
HKU\S-1-5-21-61005078-2373781621-4259978329-1001\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\Bluestacks\HD-Agent.exe
HKU\S-1-5-21-61005078-2373781621-4259978329-1001\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [7964576 2017-10-17] (SUPERAntiSpyware)
HKU\S-1-5-21-61005078-2373781621-4259978329-1001\...\RunOnce: [Application Restart #6] => C:\Users\VINCENT\AppData\Local\SweetLabs App Platform\Engine\ServiceHostApp.exe [7874048 2015-10-30] (Pokki)
HKU\S-1-5-21-61005078-2373781621-4259978329-1001\...\MountPoints2: {422dfe50-a79e-11e4-8259-3010b3a7a938} - "H:\LaunchU3.exe" -a
HKU\S-1-5-21-61005078-2373781621-4259978329-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\Bubbles.scr [806400 2016-07-16] (Microsoft Corporation)
HKU\S-1-5-18\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [1421736 2017-03-28] (Garmin Ltd. or its subsidiaries)
HKU\S-1-5-18\...\RunOnce: [Application Restart #0] => C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe [371928 2016-07-16] (Microsoft Corporation)
HKU\S-1-5-18\...\RunOnce: [Application Restart #1] => C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe [371928 2016-07-16] (Microsoft Corporation)
BootExecute: autocheck autochk * sdnclean64.exe
GroupPolicy: Restriction <==== ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
Tcpip\..\Interfaces\{00619b17-d6fe-4115-9219-5be328fc7947}: [DhcpNameServer] 192.168.0.1
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPDSK14/2
HKU\S-1-5-21-61005078-2373781621-4259978329-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.co.uk/?gws_rd=ssl
HKU\S-1-5-21-61005078-2373781621-4259978329-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPDSK14/2
SearchScopes: HKLM -> {4CAE03D6-B38E-47F5-A819-4F3D25FA0A95} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie=UTF-8&tag=hp-uk3-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {BB82DE59-BC4C-4172-9AC4-73315F71CFFE} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKLM-x32 -> {4CAE03D6-B38E-47F5-A819-4F3D25FA0A95} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie=UTF-8&tag=hp-uk3-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM-x32 -> {BB82DE59-BC4C-4172-9AC4-73315F71CFFE} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-61005078-2373781621-4259978329-1001 -> {4CAE03D6-B38E-47F5-A819-4F3D25FA0A95} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie=UTF-8&tag=hp-uk3-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKU\S-1-5-21-61005078-2373781621-4259978329-1001 -> {BB82DE59-BC4C-4172-9AC4-73315F71CFFE} URL = hxxp://websearch.swellsearch.info/?l=1&q={searchTerms}&pid=1539&r=2015/03/08&hid=14359128447900105012&lg=EN&cc=GB&unqvl=84
BHO: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_92\bin\ssv.dll [2016-07-03] (Oracle Corporation)
BHO: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_92\bin\jp2ssv.dll [2016-07-03] (Oracle Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2006-10-26] (Microsoft Corporation)
BHO-x32: Evernote extension -> {92EF2EAD-A7CE-4424-B0DB-499CF856608E} -> C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll [2014-01-16] (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2016-07-21] (HP Inc.)
======
Edge HomeButtonPage: HKU\S-1-5-21-61005078-2373781621-4259978329-1001 -> hxxp://www.google.co.uk/
========
FF Plugin: @java.com/DTPlugin,version=11.92.2 -> C:\Program Files\Java\jre1.8.0_92\bin\dtplugin\npDeployJava1.dll [2016-07-03] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.92.2 -> C:\Program Files\Java\jre1.8.0_92\bin\plugin2\npjp2.dll [2016-07-03] (Oracle Corporation)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-01-06] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-04-21] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-04-21] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-04-21] (Intel Corporation)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2016-05-23] ()
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-07-31] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-61005078-2373781621-4259978329-1001: @citrixonline.com/appdetectorplugin -> C:\Users\VINCENT\AppData\Local\Citrix\Plugins\104\npappdetector.dll [2016-10-05] (Citrix Online)
FF Plugin HKU\S-1-5-21-61005078-2373781621-4259978329-1001: @rocketlife.com/RocketLife Secure Plug-In Layer;version=1.0.5 -> C:\Users\VINCENT\AppData\Roaming\Visan\plugins\npRLSecurePluginLayer.dll [2011-05-13] (RocketLife, LLP)
FF Plugin HKU\S-1-5-21-61005078-2373781621-4259978329-1001: pokki.com/PokkiDownloadHelper -> C:\Users\VINCENT\AppData\Local\Pokki\Download Helper\npPokkiDownloadHelper.1.2.0.78.dll [No File]
FF Plugin HKU\S-1-5-21-61005078-2373781621-4259978329-1001: SkypePlugin -> C:\Users\VINCENT\AppData\Local\SkypePlugin\7.2.0.422\npGatewayNpapi.dll [2015-04-09] (Skype Technologies S.A.)
FF Plugin HKU\S-1-5-21-61005078-2373781621-4259978329-1001: SkypePlugin64 -> C:\Users\VINCENT\AppData\Local\SkypePlugin\7.2.0.422\npGatewayNpapi-x64.dll [2015-04-09] (Skype Technologies S.A.)
=======
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR Profile: C:\Users\VINCENT\AppData\Local\Google\Chrome\User Data\Default [2017-11-26]
CHR Extension: (Google Slides) - C:\Users\VINCENT\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-12-20]
CHR Extension: (Google Docs) - C:\Users\VINCENT\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-12-20]
CHR Extension: (Google Drive) - C:\Users\VINCENT\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-12-20]
CHR Extension: (YouTube) - C:\Users\VINCENT\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-12-20]
CHR Extension: (Google Sheets) - C:\Users\VINCENT\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-12-20]
CHR Extension: (Google Docs Offline) - C:\Users\VINCENT\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-12-20]
CHR Extension: (Skype) - C:\Users\VINCENT\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2016-12-20]
CHR Extension: (Kaspersky Protection) - C:\Users\VINCENT\AppData\Local\Google\Chrome\User Data\Default\Extensions\lpeeaghdjmhlakojjcgfdhgcejdaefmi [2016-12-20]
CHR Extension: (Chrome Web Store Payments) - C:\Users\VINCENT\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-12-20]
CHR Extension: (Gmail) - C:\Users\VINCENT\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-12-20]
CHR Extension: (Chrome Media Router) - C:\Users\VINCENT\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-12-20]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - hxxps://clients2.google.com/service/update2/crx
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-05-29] (Apple Inc.)
S3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7446024 2017-10-10] (AVAST Software s.r.o.)
S2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [281416 2017-10-10] (AVAST Software)
S2 AxiomAIRMini32AudioDevMon; C:\Program Files (x86)\M-Audio\Axiom AIR Mini 32\AudioDevMon.exe [192360 2012-12-13] (M-Audio)
R2 BcmBtRSupport; C:\WINDOWS\system32\BtwRSupportService.exe [2286848 2015-10-14] (Broadcom Corporation.)
R2 DTuneSrvc; C:\Program Files (x86)\Common Files\Portrait Displays\Libs\DTuneSrvc.exe [120328 2013-07-17] (Portrait Displays, Inc.)
S3 EasyAntiCheat; C:\WINDOWS\SysWOW64\EasyAntiCheat.exe [245544 2016-11-27] (EasyAntiCheat Ltd)
S2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [350064 2016-05-23] (WildTangent)
S2 Garmin Device Interaction Service; C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe [1099280 2017-03-28] (Garmin Ltd. or its subsidiaries)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [323952 2017-09-27] (HP Inc.)
R2 HPTouchpointAnalyticsService; C:\Program Files\HP\HP Touchpoint Analytics Client\TouchpointAnalyticsClientService.exe [332216 2017-11-22] (HP Inc.)
S2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [373720 2016-01-19] (Intel Corporation)
S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [881152 2015-05-22] (Intel® Corporation)
S3 Intel® Security Assist; C:\Program Files (x86)\Intel\Intel® Security Assist\isa.exe [335872 2015-05-19] (Intel Corporation) [File not signed]
S2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel® Security Assist\isaHelperService.exe [7680 2015-05-19] () [File not signed]
S2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [223520 2015-07-10] (Intel Corporation)
S3 npggsvc; C:\WINDOWS\SysWOW64\GameMon.des [5660512 2016-08-16] (INCA Internet Co., Ltd.)
R2 omniserv; C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe [88064 2014-02-07] (Softex Inc.) [File not signed]
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2124296 2017-04-16] (Electronic Arts)
S2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [2185232 2017-04-16] (Electronic Arts)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [294616 2016-05-19] (Realtek Semiconductor)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347320 2017-04-28] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103704 2017-10-09] (Microsoft Corporation)
R0 aswbidsh; C:\WINDOWS\system32\drivers\aswbidsha.sys [198976 2017-10-10] (AVAST Software s.r.o.)
R0 aswblog; C:\WINDOWS\system32\drivers\aswbloga.sys [343288 2017-10-10] (AVAST Software s.r.o.)
R0 aswbuniv; C:\WINDOWS\system32\drivers\aswbuniva.sys [57736 2017-10-10] (AVAST Software s.r.o.)
S3 aswHwid; C:\WINDOWS\system32\drivers\aswHwid.sys [47008 2017-10-10] (AVAST Software)
R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [147776 2017-10-10] (AVAST Software)
R1 aswRdr; C:\WINDOWS\system32\drivers\aswRdr2.sys [110376 2017-10-10] (AVAST Software)
R0 aswRvrt; C:\WINDOWS\system32\drivers\aswRvrt.sys [84416 2017-10-10] (AVAST Software)
R1 aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [1029872 2017-10-26] (AVAST Software)
R1 aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [587168 2017-10-10] (AVAST Software)
R2 aswStm; C:\WINDOWS\system32\drivers\aswStm.sys [201352 2017-10-10] (AVAST Software)
R0 aswVmm; C:\WINDOWS\system32\drivers\aswVmm.sys [363440 2017-10-10] (AVAST Software)
S3 AXIOMAIRMINI32; C:\WINDOWS\system32\DRIVERS\MAudioAxiomAIRMini32.sys [134504 2012-12-13] (M-Audio)
R3 bcbtums; C:\WINDOWS\system32\DRIVERS\bcbtums.sys [177432 2015-12-01] (Broadcom Corporation.)
R3 BCMWL63A; C:\WINDOWS\system32\DRIVERS\bcmwl63a.sys [11244808 2015-09-03] (Broadcom Corp)
R1 CLVirtualDrive; C:\WINDOWS\system32\DRIVERS\CLVirtualDrive.sys [91912 2013-11-12] (CyberLink)
S3 gfiark; C:\WINDOWS\System32\drivers\gfiark.sys [40584 2015-08-27] (ThreatTrack Security)
S3 gfiutil; C:\WINDOWS\System32\drivers\gfiutil.sys [32400 2016-03-04] (ThreatTrack Security)
R3 i8042HDR; C:\WINDOWS\system32\DRIVERS\i8042HDR.sys [15920 2009-08-14] (Windows ® Codename Longhorn DDK provider)
R1 MpKsl1f58403d; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{0AB3D75F-5A27-4E70-BA13-1977D48872E9}\MpKsl1f58403d.sys [58120 2017-11-27] (Microsoft Corporation)
R1 MpKslb79a38eb; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{0AB3D75F-5A27-4E70-BA13-1977D48872E9}\MpKslb79a38eb.sys [58120 2017-11-28] (Microsoft Corporation)
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
S3 RDID1148; C:\WINDOWS\system32\Drivers\RDWM1148.SYS [242432 2015-07-23] (Roland Corporation)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [896768 2016-02-17] (Realtek )
R3 RTSPER; C:\WINDOWS\system32\DRIVERS\RtsPer.sys [753368 2016-05-19] (Realsil Semiconductor Corporation)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
==================== One Month Created files and folders ========
2017-11-28 14:56 - 2017-11-28 14:57 - 002391552 _____ (Farbar) C:\Users\VINCENT\Desktop\FRST64.exe
2017-11-28 13:21 - 2017-11-28 13:21 - 000365168 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2017-11-27 22:12 - 2017-11-18 04:23 - 000038744 _____ (Microsoft Corporation) C:\WINDOWS\system32\OOBEUpdater.exe
2017-11-27 22:12 - 2017-11-18 04:20 - 000219024 _____ (Microsoft Corporation) C:\WINDOWS\system32\LsaIso.exe
2017-11-27 22:12 - 2017-11-18 04:19 - 007780184 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2017-11-27 22:12 - 2017-11-18 04:18 - 002254688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2017-11-27 22:12 - 2017-11-18 04:16 - 000168800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2017-11-27 22:12 - 2017-11-18 04:14 - 002187616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2017-11-27 22:12 - 2017-11-18 04:14 - 000658784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2017-11-27 22:12 - 2017-11-18 04:14 - 000402776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2017-11-27 22:12 - 2017-11-18 04:13 - 007213968 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2017-11-27 22:12 - 2017-11-18 04:13 - 001090904 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2017-11-27 22:12 - 2017-11-18 04:13 - 000947544 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.efi
2017-11-27 22:12 - 2017-11-18 04:13 - 000811872 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.exe
2017-11-27 22:12 - 2017-11-18 04:13 - 000624048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2017-11-27 22:12 - 2017-11-18 04:13 - 000573792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2017-11-27 22:12 - 2017-11-18 04:13 - 000430424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2017-11-27 22:12 - 2017-11-18 04:12 - 022220856 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2017-11-27 22:12 - 2017-11-18 04:12 - 008178816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2017-11-27 22:12 - 2017-11-18 04:11 - 000241504 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll
2017-11-27 22:12 - 2017-11-18 04:10 - 000453536 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2017-11-27 22:12 - 2017-11-18 04:08 - 000222048 _____ (Microsoft Corporation) C:\WINDOWS\system32\ifsutil.dll
2017-11-27 22:12 - 2017-11-18 04:06 - 000983904 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2017-11-27 22:12 - 2017-11-18 04:03 - 000195936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ifsutil.dll
2017-11-27 22:12 - 2017-11-18 04:01 - 005722312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2017-11-27 22:12 - 2017-11-18 03:59 - 020967840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2017-11-27 22:12 - 2017-11-18 03:59 - 006672128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2017-11-27 22:12 - 2017-11-18 03:50 - 022571008 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2017-11-27 22:12 - 2017-11-18 03:50 - 005688320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2017-11-27 22:12 - 2017-11-18 03:46 - 007219200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2017-11-27 22:12 - 2017-11-18 03:43 - 007625728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2017-11-27 22:12 - 2017-11-18 03:43 - 000372736 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXTaskFactory.dll
2017-11-27 22:12 - 2017-11-18 03:43 - 000265216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\socialapis.dll
2017-11-27 22:12 - 2017-11-18 03:42 - 000248832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlancfg.dll
2017-11-27 22:12 - 2017-11-18 03:42 - 000184320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserMgrProxy.dll
2017-11-27 22:12 - 2017-11-18 03:42 - 000176640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhoneCallHistoryApis.dll
2017-11-27 22:12 - 2017-11-18 03:42 - 000050176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertPKICmdlet.dll
2017-11-27 22:12 - 2017-11-18 03:41 - 000300544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataAccountApis.dll
2017-11-27 22:12 - 2017-11-18 03:40 - 018365952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2017-11-27 22:12 - 2017-11-18 03:40 - 000670208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.PointOfService.dll
2017-11-27 22:12 - 2017-11-18 03:40 - 000431616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\efswrt.dll
2017-11-27 22:12 - 2017-11-18 03:40 - 000368640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanui.dll
2017-11-27 22:12 - 2017-11-18 03:39 - 019415040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2017-11-27 22:12 - 2017-11-18 03:38 - 002750976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll
2017-11-27 22:12 - 2017-11-18 03:38 - 000969728 _____ (Microsoft Corporation) C:\WINDOWS\system32\autochk.exe
2017-11-27 22:12 - 2017-11-18 03:38 - 000893440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autochk.exe
2017-11-27 22:12 - 2017-11-18 03:38 - 000862208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll
2017-11-27 22:12 - 2017-11-18 03:38 - 000713216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll
2017-11-27 22:12 - 2017-11-18 03:38 - 000442368 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToDevice.dll
2017-11-27 22:12 - 2017-11-18 03:38 - 000343040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToDevice.dll
2017-11-27 22:12 - 2017-11-18 03:37 - 003291648 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2017-11-27 22:12 - 2017-11-18 03:37 - 000926208 _____ (Microsoft Corporation) C:\WINDOWS\system32\autofmt.exe
2017-11-27 22:12 - 2017-11-18 03:37 - 000854528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autofmt.exe
2017-11-27 22:12 - 2017-11-18 03:37 - 000061440 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertPKICmdlet.dll
2017-11-27 22:12 - 2017-11-18 03:36 - 012349440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2017-11-27 22:12 - 2017-11-18 03:36 - 009129984 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2017-11-27 22:12 - 2017-11-18 03:36 - 000878080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autoconv.exe
2017-11-27 22:12 - 2017-11-18 03:35 - 023678464 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2017-11-27 22:12 - 2017-11-18 03:35 - 000954368 _____ (Microsoft Corporation) C:\WINDOWS\system32\autoconv.exe
2017-11-27 22:12 - 2017-11-18 03:35 - 000227840 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2017-11-27 22:12 - 2017-11-18 03:34 - 002002944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpdshext.dll
2017-11-27 22:12 - 2017-11-18 03:34 - 000859136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EmailApis.dll
2017-11-27 22:12 - 2017-11-18 03:34 - 000579072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ChatApis.dll
2017-11-27 22:12 - 2017-11-18 03:34 - 000238080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AboveLockAppHost.dll
2017-11-27 22:12 - 2017-11-18 03:33 - 006066176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2017-11-27 22:12 - 2017-11-18 03:33 - 000754688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2017-11-27 22:12 - 2017-11-18 03:33 - 000590336 _____ (Microsoft Corporation) C:\WINDOWS\system32\efswrt.dll
2017-11-27 22:12 - 2017-11-18 03:33 - 000296960 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlancfg.dll
2017-11-27 22:12 - 2017-11-18 03:33 - 000231424 _____ (Microsoft Corporation) C:\WINDOWS\system32\shutdownux.dll
2017-11-27 22:12 - 2017-11-18 03:32 - 013441536 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2017-11-27 22:12 - 2017-11-18 03:32 - 004749824 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2017-11-27 22:12 - 2017-11-18 03:32 - 000410112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanui.dll
2017-11-27 22:12 - 2017-11-18 03:32 - 000388096 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataAccountApis.dll
2017-11-27 22:12 - 2017-11-18 03:32 - 000336896 _____ (Microsoft Corporation) C:\WINDOWS\system32\socialapis.dll
2017-11-27 22:12 - 2017-11-18 03:32 - 000268800 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserMgrProxy.dll
2017-11-27 22:12 - 2017-11-18 03:32 - 000229376 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneCallHistoryApis.dll
2017-11-27 22:12 - 2017-11-18 03:32 - 000147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2017-11-27 22:12 - 2017-11-18 03:31 - 008119296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2017-11-27 22:12 - 2017-11-18 03:31 - 002997760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2017-11-27 22:12 - 2017-11-18 03:31 - 001147392 _____ (Microsoft Corporation) C:\WINDOWS\system32\EmailApis.dll
2017-11-27 22:12 - 2017-11-18 03:31 - 000956416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2017-11-27 22:12 - 2017-11-18 03:31 - 000949248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.PointOfService.dll
2017-11-27 22:12 - 2017-11-18 03:31 - 000859136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContactApis.dll
2017-11-27 22:12 - 2017-11-18 03:31 - 000827904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2017-11-27 22:12 - 2017-11-18 03:31 - 000761856 _____ (Microsoft Corporation) C:\WINDOWS\system32\ChatApis.dll
2017-11-27 22:12 - 2017-11-18 03:31 - 000711168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppointmentApis.dll
2017-11-27 22:12 - 2017-11-18 03:31 - 000675840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.dll
2017-11-27 22:12 - 2017-11-18 03:31 - 000284160 _____ (Microsoft Corporation) C:\WINDOWS\system32\AboveLockAppHost.dll
2017-11-27 22:12 - 2017-11-18 03:30 - 002278912 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2017-11-27 22:12 - 2017-11-18 03:30 - 001692160 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2017-11-27 22:12 - 2017-11-18 03:30 - 001010688 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2017-11-27 22:12 - 2017-11-18 03:30 - 000751104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.BackgroundTransfer.dll
2017-11-27 22:12 - 2017-11-18 03:30 - 000369152 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlasvc.dll
2017-11-27 22:12 - 2017-11-18 03:29 - 006664192 _____ (Microsoft Corporation) C:\WINDOWS\system32\mspaint.exe
2017-11-27 22:12 - 2017-11-18 03:29 - 002512384 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2017-11-27 22:12 - 2017-11-18 03:29 - 002321408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2017-11-27 22:12 - 2017-11-18 03:29 - 001485824 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2017-11-27 22:12 - 2017-11-18 03:29 - 000913920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.dll
2017-11-27 22:12 - 2017-11-18 03:28 - 001518080 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2017-11-27 22:12 - 2017-11-18 03:28 - 001512448 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataService.dll
2017-11-27 22:12 - 2017-11-18 03:28 - 001013760 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContactApis.dll
2017-11-27 22:12 - 2017-11-18 03:28 - 000932352 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2017-11-27 22:12 - 2017-11-18 03:28 - 000924672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.dll
2017-11-27 22:12 - 2017-11-18 03:28 - 000772096 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppointmentApis.dll
2017-11-27 22:12 - 2017-11-18 03:27 - 003616256 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2017-11-27 22:12 - 2017-11-18 03:27 - 000394240 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpclip.exe
2017-11-27 22:12 - 2017-11-18 03:26 - 002065408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpdshext.dll
2017-11-27 22:12 - 2017-11-07 02:59 - 000449050 _____ C:\WINDOWS\system32\ApnDatabase.xml
2017-11-27 22:12 - 2017-03-04 06:22 - 000822784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2017-11-27 22:12 - 2017-03-04 06:13 - 006474752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspaint.exe
2017-11-27 22:12 - 2017-03-04 06:10 - 000971264 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2017-11-27 22:12 - 2016-08-02 08:13 - 001081856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2017-11-26 17:34 - 2017-11-26 17:34 - 000000000 ____D C:\Users\VINCENT\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Roblox
2017-11-26 13:13 - 2017-11-26 13:13 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Roblox
2017-11-26 13:13 - 2017-11-26 13:13 - 000000000 ____D C:\Program Files (x86)\Roblox
2017-11-26 11:30 - 2017-11-26 11:30 - 000000085 _____ C:\WINDOWS\wininit.ini
2017-11-25 22:09 - 2017-11-25 21:45 - 841467769 ____N C:\Users\VINCENT\Desktop\Sherlock.Holmes.A.Game.Of.Shadows.2011.720p.BrRip.x264.YIFY.mp4
2017-11-25 20:17 - 2017-11-26 11:24 - 000000538 _____ C:\WINDOWS\Tasks\SUPERAntiSpyware Scheduled Task 374be41b-4387-48eb-a39e-90a86f48af4f.job
2017-11-25 20:17 - 2017-11-26 11:24 - 000000538 _____ C:\WINDOWS\Tasks\SUPERAntiSpyware Scheduled Task 0fd020c8-16a7-436e-83e1-876308315550.job
2017-11-25 20:17 - 2017-11-25 20:17 - 000003774 _____ C:\WINDOWS\System32\Tasks\SUPERAntiSpyware Scheduled Task 0fd020c8-16a7-436e-83e1-876308315550
2017-11-25 20:17 - 2017-11-25 20:17 - 000003692 _____ C:\WINDOWS\System32\Tasks\SUPERAntiSpyware Scheduled Task 374be41b-4387-48eb-a39e-90a86f48af4f
2017-11-25 20:17 - 2017-11-25 20:17 - 000000000 ____D C:\Users\VINCENT\AppData\Roaming\SUPERAntiSpyware.com
2017-11-25 20:16 - 2017-11-27 12:21 - 000002037 _____ C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
2017-11-25 20:16 - 2017-11-25 20:17 - 000000000 ____D C:\Program Files\SUPERAntiSpyware
2017-11-25 20:16 - 2017-11-25 20:16 - 000000000 ____D C:\ProgramData\SUPERAntiSpyware.com
2017-11-25 20:16 - 2017-11-25 20:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
2017-11-25 19:51 - 2017-11-25 19:51 - 000000000 ____D C:\WINDOWS\System32\Tasks\Safer-Networking
2017-11-25 14:23 - 2017-11-25 14:23 - 000000000 _____ C:\autoexec.bat
2017-11-25 14:18 - 2017-11-25 14:18 - 000000000 ___HD C:\$Windows.~WS
2017-11-19 13:31 - 2017-11-25 20:00 - 000001872 _____ C:\Users\VINCENT\Desktop\Rkill.txt
2017-11-16 18:17 - 2017-11-16 18:17 - 038601376 _____ (Microsoft Corporation) C:\Users\VINCENT\Downloads\Windows-KB890830-x64-V5.54.exe
2017-11-16 12:21 - 2017-11-01 22:44 - 000581048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2017-11-16 12:21 - 2017-11-01 22:44 - 000341976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll
2017-11-16 12:21 - 2017-11-01 22:44 - 000269152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe
2017-11-16 12:21 - 2017-11-01 22:44 - 000139096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
2017-11-16 12:21 - 2017-11-01 22:44 - 000120416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFaultSecure.exe
2017-11-16 12:21 - 2017-11-01 22:27 - 000051712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usoapi.dll
2017-11-16 12:21 - 2017-11-01 22:19 - 000145920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWWIN.EXE
2017-11-16 12:21 - 2017-11-01 22:17 - 002641920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2017-11-16 12:21 - 2017-11-01 22:17 - 000538112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PCPTpm12.dll
2017-11-16 12:21 - 2017-11-01 22:15 - 000399360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werui.dll
2017-11-16 12:21 - 2017-11-01 22:14 - 000506368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2017-11-16 12:21 - 2017-11-01 22:14 - 000297472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2017-11-16 12:21 - 2017-11-01 22:13 - 001988096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2017-11-16 12:21 - 2017-11-01 22:12 - 000773120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2017-11-16 12:21 - 2017-11-01 22:12 - 000656896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2017-11-16 12:21 - 2017-11-01 19:44 - 000339968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msexcl40.dll
2017-11-16 12:21 - 2017-10-09 02:41 - 000082272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\stornvme.sys
2017-11-16 12:21 - 2017-10-09 02:37 - 000500576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbhub.sys
2017-11-16 12:21 - 2017-10-09 02:34 - 000965464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgent.dll
2017-11-16 12:21 - 2017-10-09 02:34 - 000082608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcd.dll
2017-11-16 12:21 - 2017-10-09 02:30 - 000381792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2017-11-16 12:21 - 2017-10-09 02:30 - 000169304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbccgp.sys
2017-11-16 12:21 - 2017-10-09 02:28 - 000482384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\advapi32.dll
2017-11-16 12:21 - 2017-10-09 02:16 - 000178008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\basecsp.dll
2017-11-16 12:21 - 2017-10-09 02:02 - 000165376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReInfo.dll
2017-11-16 12:21 - 2017-10-09 02:00 - 000044032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DeviceCredential.dll
2017-11-16 12:21 - 2017-10-09 01:59 - 000451072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastls.dll
2017-11-16 12:21 - 2017-10-09 01:58 - 000231936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scksp.dll
2017-11-16 12:21 - 2017-10-09 01:53 - 000106496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Robocopy.exe
2017-11-16 12:21 - 2017-10-09 01:44 - 004423680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2017-11-16 12:21 - 2017-10-09 01:44 - 000711168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2017-11-16 12:20 - 2017-11-01 23:06 - 000223584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aepic.dll
2017-11-16 12:20 - 2017-11-01 22:53 - 002032472 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2017-11-16 12:20 - 2017-11-01 22:53 - 001578848 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2017-11-16 12:20 - 2017-11-01 22:53 - 000678752 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2017-11-16 12:20 - 2017-11-01 22:53 - 000613720 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2017-11-16 12:20 - 2017-11-01 22:53 - 000612192 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2017-11-16 12:20 - 2017-11-01 22:53 - 000484184 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcntel.dll
2017-11-16 12:20 - 2017-11-01 22:53 - 000379232 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2017-11-16 12:20 - 2017-11-01 22:53 - 000259936 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2017-11-16 12:20 - 2017-11-01 22:53 - 000190296 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2017-11-16 12:20 - 2017-11-01 22:53 - 000136032 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2017-11-16 12:20 - 2017-11-01 22:53 - 000067928 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32appinventorycsp.dll
2017-11-16 12:20 - 2017-11-01 22:53 - 000034648 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2017-11-16 12:20 - 2017-11-01 22:46 - 000635456 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2017-11-16 12:20 - 2017-11-01 22:46 - 000484184 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll
2017-11-16 12:20 - 2017-11-01 22:43 - 000687968 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2017-11-16 12:20 - 2017-11-01 22:43 - 000647520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys
2017-11-16 12:20 - 2017-11-01 22:43 - 000385856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
2017-11-16 12:20 - 2017-11-01 22:43 - 000299360 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe
2017-11-16 12:20 - 2017-11-01 22:43 - 000144728 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2017-11-16 12:20 - 2017-11-01 22:43 - 000124072 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFaultSecure.exe
2017-11-16 12:20 - 2017-11-01 22:42 - 000089552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpfve.sys
2017-11-16 12:20 - 2017-11-01 22:40 - 000455512 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2017-11-16 12:20 - 2017-11-01 22:33 - 000485520 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64win.dll
2017-11-16 12:20 - 2017-11-01 22:26 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll
2017-11-16 12:20 - 2017-11-01 22:21 - 012205056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2017-11-16 12:20 - 2017-11-01 22:16 - 000635904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2017-11-16 12:20 - 2017-11-01 22:15 - 000341504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2017-11-16 12:20 - 2017-11-01 22:14 - 003662848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2017-11-16 12:20 - 2017-11-01 22:12 - 002028032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2017-11-16 12:20 - 2017-11-01 22:12 - 000693248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2017-11-16 12:20 - 2017-11-01 22:12 - 000073728 _____ (Microsoft Corporation) C:\WINDOWS\system32\usoapi.dll
2017-11-16 12:20 - 2017-11-01 22:12 - 000053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll
2017-11-16 12:20 - 2017-11-01 22:12 - 000032768 _____ (Microsoft Corporation) C:\WINDOWS\system32\UsoClient.exe
2017-11-16 12:20 - 2017-11-01 22:12 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
2017-11-16 12:20 - 2017-11-01 22:11 - 000243200 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2017-11-16 12:20 - 2017-11-01 22:11 - 000123904 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2017-11-16 12:20 - 2017-11-01 22:11 - 000099840 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2017-11-16 12:20 - 2017-11-01 22:09 - 000125952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\luafv.sys
2017-11-16 12:20 - 2017-11-01 22:08 - 013107712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2017-11-16 12:20 - 2017-11-01 22:05 - 000626176 _____ (Microsoft Corporation) C:\WINDOWS\system32\PCPTpm12.dll
2017-11-16 12:20 - 2017-11-01 22:05 - 000389120 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2017-11-16 12:20 - 2017-11-01 22:05 - 000297984 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2017-11-16 12:20 - 2017-11-01 22:05 - 000224768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2017-11-16 12:20 - 2017-11-01 22:05 - 000100864 _____ (Microsoft Corporation) C:\WINDOWS\system32\wercplsupport.dll
2017-11-16 12:20 - 2017-11-01 22:04 - 003401216 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2017-11-16 12:20 - 2017-11-01 22:04 - 000564736 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2017-11-16 12:20 - 2017-11-01 22:04 - 000453632 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll
2017-11-16 12:20 - 2017-11-01 22:04 - 000349184 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2017-11-16 12:20 - 2017-11-01 22:04 - 000253952 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll
2017-11-16 12:20 - 2017-11-01 22:04 - 000171008 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWWIN.EXE
2017-11-16 12:20 - 2017-11-01 22:04 - 000159232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wersvc.dll
2017-11-16 12:20 - 2017-11-01 22:03 - 000805888 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2017-11-16 12:20 - 2017-11-01 22:03 - 000551424 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2017-11-16 12:20 - 2017-11-01 22:03 - 000078336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsqmcons.exe
2017-11-16 12:20 - 2017-11-01 22:01 - 002538496 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2017-11-16 12:20 - 2017-11-01 22:01 - 001984512 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2017-11-16 12:20 - 2017-11-01 22:00 - 004742144 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2017-11-16 12:20 - 2017-11-01 22:00 - 002097664 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2017-11-16 12:20 - 2017-11-01 22:00 - 000903680 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2017-11-16 12:20 - 2017-11-01 22:00 - 000799744 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2017-11-16 12:20 - 2017-11-01 22:00 - 000760320 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2017-11-16 12:20 - 2017-11-01 22:00 - 000589312 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2017-11-16 12:20 - 2017-11-01 21:58 - 001285120 _____ (Microsoft Corporation) C:\WINDOWS\system32\werconcpl.dll
2017-11-16 12:20 - 2017-10-09 02:40 - 001117016 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgent.dll
2017-11-16 12:20 - 2017-10-09 02:37 - 000199000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wof.sys
2017-11-16 12:20 - 2017-10-09 02:37 - 000097120 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcd.dll
2017-11-16 12:20 - 2017-10-09 02:35 - 001181528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2017-11-16 12:20 - 2017-10-09 02:33 - 000652344 _____ (Microsoft Corporation) C:\WINDOWS\system32\advapi32.dll
2017-11-16 12:20 - 2017-10-09 02:30 - 000509784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2017-11-16 12:20 - 2017-10-09 02:27 - 000206176 _____ (Microsoft Corporation) C:\WINDOWS\system32\basecsp.dll
2017-11-16 12:20 - 2017-10-09 02:26 - 002529120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2017-11-16 12:20 - 2017-10-09 02:26 - 001102680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2017-11-16 12:20 - 2017-10-09 02:25 - 000392024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volsnap.sys
2017-11-16 12:20 - 2017-10-09 02:24 - 000304232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininit.exe
2017-11-16 12:20 - 2017-10-09 02:22 - 001600624 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2017-11-16 12:20 - 2017-10-09 02:02 - 000019456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mgmtapi.dll
2017-11-16 12:20 - 2017-10-09 02:00 - 000023040 _____ (Microsoft Corporation) C:\WINDOWS\system32\mgmtapi.dll
2017-11-16 12:20 - 2017-10-09 01:58 - 000173056 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdboot.exe
2017-11-16 12:20 - 2017-10-09 01:57 - 000257024 _____ (Microsoft Corporation) C:\WINDOWS\system32\scksp.dll
2017-11-16 12:20 - 2017-10-09 01:57 - 000058880 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCredential.dll
2017-11-16 12:20 - 2017-10-09 01:55 - 000503296 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll
2017-11-16 12:20 - 2017-10-09 01:55 - 000155648 _____ (Microsoft Corporation) C:\WINDOWS\system32\regsvc.dll
2017-11-16 12:20 - 2017-10-09 01:55 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAgent.exe
2017-11-16 12:20 - 2017-10-09 01:54 - 000132608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Robocopy.exe
2017-11-16 12:20 - 2017-10-09 01:53 - 001478656 _____ (Microsoft Corporation) C:\WINDOWS\system32\RecoveryDrive.exe
2017-11-16 12:20 - 2017-10-09 01:52 - 001081856 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2017-11-16 12:20 - 2017-10-09 01:52 - 000084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\spbcd.dll
2017-11-16 12:20 - 2017-10-09 01:51 - 000582656 _____ (Microsoft Corporation) C:\WINDOWS\system32\BootMenuUX.dll
2017-11-16 12:20 - 2017-10-09 01:51 - 000240640 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkDesktopSettings.dll
2017-11-16 12:20 - 2017-10-09 01:51 - 000069120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\spbcd.dll
2017-11-16 12:20 - 2017-10-09 01:50 - 001373184 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2017-11-16 12:20 - 2017-10-09 01:50 - 000069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\setbcdlocale.dll
2017-11-16 12:20 - 2017-10-09 01:48 - 000425472 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdedit.exe
2017-11-16 12:20 - 2017-10-09 01:44 - 004708864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2017-11-16 12:20 - 2017-10-09 01:44 - 000392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2017-11-16 12:20 - 2017-10-09 01:44 - 000172544 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
2017-11-16 12:20 - 2017-10-09 01:43 - 001231360 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2017-11-16 12:20 - 2017-10-09 01:41 - 001817088 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll
2017-11-16 12:20 - 2017-10-09 00:29 - 000788624 _____ C:\WINDOWS\SysWOW64\locale.nls
2017-11-16 12:20 - 2017-10-09 00:29 - 000788624 _____ C:\WINDOWS\system32\locale.nls
2017-11-16 12:20 - 2017-03-04 06:29 - 000289792 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeveloperOptionsSettingsHandlers.dll
2017-11-16 12:20 - 2017-03-04 06:07 - 000909312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2017-11-08 17:32 - 2017-11-08 17:35 - 000066150 _____ C:\Users\VINCENT\Downloads\Addition.txt
2017-11-08 17:29 - 2017-11-28 14:58 - 000000000 ____D C:\FRST
2017-11-08 17:29 - 2017-11-08 17:35 - 000076268 _____ C:\Users\VINCENT\Downloads\FRST.txt
2017-11-08 17:28 - 2017-11-08 17:29 - 002403328 _____ (Farbar) C:\Users\VINCENT\Downloads\FRST64.exe
2017-11-05 14:26 - 2017-11-05 14:26 - 000000000 _____ C:\WINDOWS\SysWOW64\SBRC.dat
2017-11-05 14:26 - 2016-03-04 12:26 - 000032400 _____ (ThreatTrack Security) C:\WINDOWS\system32\Drivers\gfiutil.sys
2017-11-05 14:26 - 2015-08-27 07:31 - 000040584 _____ (ThreatTrack Security) C:\WINDOWS\system32\Drivers\gfiark.sys
2017-11-04 14:08 - 2017-11-04 14:08 - 001792640 _____ (Bleeping Computer, LLC) C:\Users\VINCENT\Downloads\uSeRiNiT (1).exe
2017-11-04 14:03 - 2017-11-25 19:43 - 000000000 ____D C:\VIPRERESCUE
2017-11-04 13:58 - 2017-11-04 14:03 - 328708096 _____ C:\Users\VINCENT\Downloads\VIPRERescue.exe
2017-11-04 13:56 - 2017-11-04 13:56 - 001792640 _____ (Bleeping Computer, LLC) C:\Users\VINCENT\Downloads\eXplorer.exe
2017-11-04 13:55 - 2017-11-04 13:55 - 001792640 _____ (Bleeping Computer, LLC) C:\Users\VINCENT\Downloads\rkildfsl (2).exe
2017-11-04 13:52 - 2017-11-04 13:52 - 001792640 _____ (Bleeping Computer, LLC) C:\Users\VINCENT\Downloads\uSeRiNiT.exe
2017-11-04 13:52 - 2017-11-04 13:52 - 001792640 _____ (Bleeping Computer, LLC) C:\Users\VINCENT\Downloads\rkill (1).exe
2017-11-04 13:51 - 2017-11-04 13:51 - 001792640 _____ (Bleeping Computer, LLC) C:\Users\VINCENT\Downloads\rkill.scr
2017-11-04 13:51 - 2017-11-04 13:51 - 001792640 _____ (Bleeping Computer, LLC) C:\Users\VINCENT\Downloads\rkill.exe
2017-11-04 13:35 - 2017-11-04 13:35 - 000000000 ___HD C:\$SysReset
2017-11-04 12:38 - 2017-11-04 12:38 - 003449304 _____ (AVG Technologies CZ, s.r.o.) C:\Users\VINCENT\Downloads\AVG_Protection_Free_1606.exe
2017-11-04 12:38 - 2017-11-04 12:38 - 000000000 ____D C:\Users\VINCENT\AppData\Local\AvgSetupLog
2017-11-04 12:38 - 2017-11-04 12:38 - 000000000 ____D C:\Users\VINCENT\AppData\Local\Avg
2017-11-04 12:38 - 2017-11-04 12:38 - 000000000 ____D C:\ProgramData\Avg
2017-11-04 12:35 - 2017-11-04 12:36 - 006334880 _____ (AVAST Software) C:\Users\Public\Desktop\avast_free_antivirus_setup_online.exe
2017-11-04 10:43 - 2017-11-04 10:43 - 000820792 _____ (Roblox Corporation) C:\Users\VINCENT\Downloads\RobloxPlayerLauncher (4).exe
2017-11-03 16:34 - 2017-11-03 16:35 - 078346672 _____ (Malwarebytes ) C:\Users\VINCENT\Downloads\mb3-setup-consumer-3.3.1.2183.exe
2017-10-31 18:31 - 2017-10-31 18:31 - 007161304 _____ (AVAST Software) C:\Users\VINCENT\Downloads\avast_free_antivirus_setup_online_e1j.exe
2017-10-29 17:30 - 2017-10-29 17:30 - 000820792 _____ (Roblox Corporation) C:\Users\VINCENT\Downloads\RobloxPlayerLauncher (3).exe
2017-10-29 15:32 - 2017-10-29 15:27 - 636712874 ____N C:\Users\VINCENT\Desktop\The.Simpsons.S29E04.Treehouse.of.Horror.XXVIII.1080p.AMZN.WEB-DL.DD+5.1.H.264-SiGMA.mkv
2017-11-28 08:31 - 2016-07-16 11:47 - 000000000 ____D C:\WINDOWS\AppReadiness
2017-11-28 08:25 - 2015-01-28 15:44 - 000000000 ____D C:\Users\VINCENT\Documents\Youcam
2017-11-28 08:22 - 2015-03-14 13:47 - 000000000 ____D C:\Users\VINCENT\AppData\Local\SweetLabs App Platform
2017-11-28 08:21 - 2015-01-28 07:26 - 000000000 __RHD C:\Users\Public\AccountPictures
2017-11-28 06:36 - 2016-07-16 11:47 - 000000000 ____D C:\WINDOWS\rescache
2017-11-27 23:18 - 2016-09-24 10:10 - 001745166 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-11-27 23:16 - 2017-09-29 17:34 - 000000000 ____D C:\Program Files\rempl
2017-11-27 23:14 - 2016-07-16 11:45 - 000000000 ____D C:\WINDOWS\INF
2017-11-27 23:11 - 2016-09-24 11:05 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-11-27 23:11 - 2016-09-24 10:02 - 000358312 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-11-27 23:10 - 2016-07-16 06:04 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2017-11-27 23:09 - 2017-06-16 22:45 - 000000000 ___SD C:\WINDOWS\UpdateAssistantV2
2017-11-27 23:09 - 2016-07-16 11:47 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2017-11-27 23:09 - 2016-07-16 11:47 - 000000000 ____D C:\WINDOWS\ShellExperiences
2017-11-27 23:01 - 2016-09-24 10:05 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2017-11-27 23:01 - 2015-03-08 19:23 - 000000000 __SHD C:\Users\VINCENT\IntelGraphicsProfiles
2017-11-27 22:22 - 2016-07-16 11:36 - 000000000 ____D C:\WINDOWS\CbsTemp
2017-11-27 15:33 - 2017-10-10 20:55 - 127017032 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT-KB890830.exe
2017-11-27 15:32 - 2015-01-31 02:30 - 127017032 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-11-27 12:20 - 2017-04-28 16:08 - 000000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2017-11-26 13:15 - 2015-06-16 15:13 - 000000000 ____D C:\Program Files (x86)\Steam
2017-11-26 13:14 - 2016-07-16 11:47 - 000000000 ___HD C:\Program Files\WindowsApps
2017-11-26 13:14 - 2015-01-28 15:42 - 000000000 ____D C:\Users\VINCENT\AppData\Local\Packages
2017-11-26 12:38 - 2016-09-24 11:01 - 000000000 ___DC C:\WINDOWS\Panther
2017-11-26 12:20 - 2017-07-11 17:52 - 000000000 ___HD C:\$WINDOWS.~BT
2017-11-25 15:14 - 2016-09-24 10:11 - 000000000 ____D C:\Users\VINCENT
2017-11-24 15:26 - 2016-07-16 11:47 - 000000000 ____D C:\WINDOWS\system32\NDF
2017-11-23 17:43 - 2015-09-13 16:44 - 000000000 ____D C:\Users\VINCENT\AppData\Roaming\Skype
2017-11-21 10:40 - 2015-07-20 18:14 - 000545440 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2017-11-17 17:31 - 2017-05-21 18:12 - 000000000 ____D C:\Program Files\HP
2017-11-17 17:31 - 2016-09-24 10:06 - 000000000 ____D C:\ProgramData\HP
2017-11-16 17:54 - 2016-07-16 11:47 - 000231424 _____ (Microsoft Corporation) C:\WINDOWS\system32\msclmd.dll
2017-11-16 17:54 - 2016-07-16 11:47 - 000209408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msclmd.dll
2017-11-16 17:54 - 2016-07-16 11:47 - 000000000 ___RD C:\Program Files\Windows Defender
2017-11-16 17:54 - 2016-07-16 11:47 - 000000000 ____D C:\WINDOWS\SysWOW64\en-GB
2017-11-16 17:54 - 2016-07-16 11:47 - 000000000 ____D C:\WINDOWS\system32\oobe
2017-11-16 17:54 - 2016-07-16 11:47 - 000000000 ____D C:\WINDOWS\system32\en-GB
2017-11-16 17:54 - 2016-07-16 11:47 - 000000000 ____D C:\WINDOWS\system32\appraiser
2017-11-16 17:54 - 2016-07-16 11:47 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2017-11-16 12:45 - 2015-01-31 02:30 - 000000000 ____D C:\WINDOWS\system32\MRT
2017-11-08 20:01 - 2016-10-06 17:22 - 000000000 ____D C:\Program Files (x86)\Glyph
2017-11-05 14:35 - 2016-05-23 18:37 - 000000251 _____ C:\Users\VINCENT\AppData\LocalLow\rbxcsettings.rbx
2017-11-05 00:47 - 2017-07-11 20:14 - 000835568 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2017-11-05 00:47 - 2017-07-11 20:14 - 000177648 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2017-11-04 13:21 - 2015-03-08 18:34 - 000000000 ____D C:\Users\VINCENT\AppData\Local\ElevatedDiagnostics
2017-11-04 11:05 - 2016-07-16 11:47 - 000000000 ____D C:\WINDOWS\registration
2017-10-29 18:06 - 2015-03-07 13:40 - 000000000 ____D C:\Users\VINCENT\AppData\Roaming\.minecraft
2017-10-29 17:32 - 2015-03-07 13:39 - 000000000 ____D C:\Program Files (x86)\Minecraft
2017-10-29 10:23 - 2016-07-01 20:23 - 000000000 ____D C:\Users\VINCENT\Desktop\games
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
Ran by VINCENT (28-11-2017 15:01:01)
Running from C:\Users\VINCENT\Desktop
Windows 10 Home Version 1607 14393.1914 (X64) (2016-09-24 11:25:50)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
DefaultAccount (S-1-5-21-61005078-2373781621-4259978329-503 - Limited - Disabled)
Guest (S-1-5-21-61005078-2373781621-4259978329-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-61005078-2373781621-4259978329-1003 - Limited - Enabled)
VINCENT (S-1-5-21-61005078-2373781621-4259978329-1001 - Administrator - Enabled) => C:\Users\VINCENT
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Disabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 17.012.20098 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 27.0.0.124 - Adobe Systems Incorporated)
Ample Bass P Lite II version 2.3.1 (HKLM-x32\...\{26ACA0DD-7C66-40D7-B992-CC27CA024F2A}_is1) (Version: 2.3.1 - Ample Sound Technology Co., Ltd.)
ANT Drivers Installer x64 (HKLM\...\{7664AF65-7B0D-4171-9F0F-50455278B428}) (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
Apple Application Support (32-bit) (HKLM-x32\...\{7FE25256-B7C1-480D-B736-10A67A833AEA}) (Version: 3.2 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{B255D495-4734-4E9B-B4F5-96702FD4A7B9}) (Version: 3.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{5D61F006-168C-4B8B-B7FD-F113C10AE0E4}) (Version: 8.2.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{52D87F32-70E4-4348-8148-C0B9F35B1314}) (Version: 2.3.0.177 - Apple Inc.)
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.13 - Michael Tippach)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 17.7.2314 - AVAST Software)
Bejeweled 3 (HKLM-x32\...\WTA-4503b4b6-0fae-4892-9453-df2ee9c29aea) (Version: 2.2.0.98 - WildTangent) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
BOSS TONE STUDIO for GT (HKLM-x32\...\{29D27D34-9609-11D9-098D-4A868943B6F1}) (Version: 1.1.3 - Roland Corporation) Hidden
BOSS TONE STUDIO for GT (HKLM-x32\...\BOSS-TONE-STUDIO-for-GT) (Version: 1.1.3 - Roland Corporation)
Broadcom 802.11 Network Adapter (HKLM\...\Broadcom 802.11 Network Adapter) (Version: - Broadcom Corporation)
Broadcom 802.11 Wireless LAN Adapter (HKLM\...\Broadcom 802.11 Wireless LAN Adapter) (Version: - Broadcom Corporation)
Broadcom Bluetooth Drivers (HKLM\...\{0A1B4690-E176-4533-8058-939480AEE1D0}) (Version: 12.0.1.850 - Broadcom Corporation)
Build-a-lot (HKLM-x32\...\WTA-6e6aeb59-7920-4e07-beae-d658009663a8) (Version: 2.2.0.98 - WildTangent) Hidden
Building the Great Wall of China Collector's Edition (HKLM-x32\...\WTA-4e8eb2a5-1c2f-42b2-a795-e854c1a45b21) (Version: 3.0.2.48 - WildTangent) Hidden
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.) Hidden
Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.) Hidden
Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.) Hidden
Crazy Chicken Soccer (HKLM-x32\...\WTA-f1e8e51e-1739-4158-aa96-6888839e778d) (Version: 2.2.0.110 - WildTangent) Hidden
CyberLink Media Suite 10 (HKLM-x32\...\InstallShield_{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}) (Version: 10.0.6.3728 - CyberLink Corp.)
CyberLink MediaEspresso 6.7 (HKLM-x32\...\InstallShield_{E3739848-5329-48E3-8D28-5BBD6E8BE384}) (Version: 6.7.1.4928 - CyberLink Corp.)
Cyberlink PhotoDirector (HKLM-x32\...\InstallShield_{39337565-330E-4ab6-A9AE-AC81E0720B10}) (Version: 3.0.5.5724 - CyberLink Corp.)
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.6.3702 - CyberLink Corp.)
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.6.4422 - CyberLink Corp.)
CyberLink PowerDVD 12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.4.4230 - CyberLink Corp.)
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 5.0.3.3907 - CyberLink Corp.)
DigiTech RP1000 Drivers (HKLM\...\{BFC66125-5A67-45A6-8B3A-7DDFA3910D30}) (Version: 2.1.1 - DigiTech) Hidden
DigiTech RP1000 Drivers (HKLM-x32\...\DigiTech RP1000 Drivers) (Version: 2.1.1 - DigiTech)
DisableMSDefender (HKLM\...\{74FE39A0-FB76-47CD-84BA-91E2BBB17EF2}) (Version: 1.0.0 - Hewlett-Packard Company) Hidden
DiscountSmasher (HKLM-x32\...\{37476589-E48E-439E-A706-56189E2ED4C4}) (Version: - DiscountSmasher) <==== ATTENTION
Elevated Installer (HKLM-x32\...\{1052502B-4C91-43F9-B160-AE39ED57C9F0}) (Version: 5.3.1.0 - Garmin Ltd or its subsidiaries) Hidden
eLicenser Control (HKLM-x32\...\eLicenser Control) (Version: 6.9.2.1179 - Steinberg Media Technologies GmbH)
Energy Star (HKLM-x32\...\{FC0ADA4D-8FA5-4452-8AFF-F0A0BAC97EF7}) (Version: 1.0.9 - Hewlett-Packard Company)
EPSON SX420W Series Printer Uninstall (HKLM\...\EPSON SX420W Series) (Version: - SEIKO EPSON Corporation)
Evernote v. 5.1.1 (HKLM-x32\...\{19ABCFE2-7EED-11E3-B98A-00163E98E7D6}) (Version: 5.1.1.2334 - Evernote Corp.)
Farm Frenzy (HKLM-x32\...\WTA-2bf9a606-6d85-43af-bf63-67a21cae596c) (Version: 2.2.0.98 - WildTangent) Hidden
Garmin Express (HKLM-x32\...\{BCC7CA85-E57F-452D-BB44-15A1CE018BD0}) (Version: 5.3.1.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin Express (HKLM-x32\...\{bd8bd200-9a60-4969-b267-6b565f36e3da}) (Version: 5.3.1.0 - Garmin Ltd or its subsidiaries)
Garmin Express Tray (HKLM-x32\...\{DA9C865D-6762-4931-8588-0B13B7A0796B}) (Version: 5.3.1.0 - Garmin Ltd or its subsidiaries) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
Governor of Poker 2 Premium Edition (HKLM-x32\...\WTA-90ca4f56-9c88-454b-af27-16cedbc08293) (Version: 2.2.0.110 - WildTangent) Hidden
GT-001 Driver (HKLM\...\RolandRDID0148) (Version: - Roland Corporation)
Hewlett-Packard ACLM.NET v1.2.2.3 (HKLM-x32\...\{6F340107-F9AA-47C6-B54C-C3A19F11553F}) (Version: 1.00.0000 - Hewlett-Packard Company) Hidden
Host App Service (HKU\S-1-5-21-61005078-2373781621-4259978329-1001\...\SweetLabs_AP) (Version: 0.269.7.802 - Pokki)
HP Documentation (HKLM-x32\...\{8126E380-F9C6-4317-9CEE-9BBDDAB676E5}) (Version: 1.1.0.0 - Hewlett-Packard)
HP Dropbox Plugin (HKLM-x32\...\{D12BC084-97D6-438A-AA7C-5962608D17A0}) (Version: 36.0.41.58587 - HP)
HP ENVY 5640 series Basic Device Software (HKLM\...\{BA8749DB-3A36-4CA3-B84C-6007C6E4F84F}) (Version: 40.11.1107.1739 - HP Inc.)
HP ENVY 5640 series Help (HKLM-x32\...\{B04B1DB6-0AA9-4790-95CE-5A45C8F647FD}) (Version: 34.0.0 - Hewlett Packard)
HP Google Drive Plugin (HKLM-x32\...\{BFA42100-DB54-467A-BB87-CF70732B4065}) (Version: 36.0.41.58587 - HP)
HP My Display (HKLM-x32\...\{448286F7-9BCC-4254-A6DC-CB40DC852F55}) (Version: 2.08.20.0 - Portrait Displays, Inc.)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.9572 - HP)
HP Registration Service (HKLM\...\{D1E8F2D7-7794-4245-B286-87ED86C1893C}) (Version: 1.2.7493.4758 - Hewlett-Packard)
HP SimplePass (HKLM-x32\...\InstallShield_{314FAD12-F785-4471-BCE8-AB506642B9A1}) (Version: 8.01.06 - Hewlett-Packard)
HP Support Assistant (HKLM-x32\...\{79C54A05-F146-4EA0-8A70-D4EFE6181E52}) (Version: 8.5.37.19 - Hewlett-Packard Company)
HP Support Information (HKLM-x32\...\{B2B7B1C8-7C8B-476C-BE2C-049731C55992}) (Version: 13.00.0000 - Hewlett-Packard)
HP Support Solutions Framework (HKLM-x32\...\{55065080-504F-43BB-BE00-36B80D7D39A5}) (Version: 12.8.37.11 - Hewlett-Packard Company)
HP Touchpoint Analytics Client (HKLM\...\{E5FB98E0-0784-44F0-8CEC-95CD4690C43F}) (Version: 4.0.2.1439 - HP Inc.)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
Ignite (HKLM-x32\...\{9A731246-E02E-44DC-940D-0F8110C1789D}) (Version: 1.3.1 - AIR Music Technology)
Ignite (HKLM-x32\...\{9C3723A2-E8F3-4F55-8655-8176E50E2D19}) (Version: 1.3.1 - AIR Music Technology) Hidden
Inst5675 (HKLM\...\{2DE6247C-7077-451B-8BA7-FFD1A2ABBB47}) (Version: 8.01.06 - Softex Inc.) Hidden
Inst5676 (HKLM\...\{878F6913-7421-4713-97F7-0A736EE2A188}) (Version: 8.01.06 - Softex Inc.) Hidden
Intel® Chipset Device Software (HKLM-x32\...\{c7f54569-0018-439c-809a-48046a4d4ebc}) (Version: 10.1.1.9 - Intel® Corporation) Hidden
Intel® Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1158 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4360 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 14.5.0.1081 - Intel Corporation)
Intel® Security Assist (HKLM-x32\...\{4B230374-6475-4A73-BA6E-41015E9C5013}) (Version: 1.0.0.532 - Intel Corporation)
iTunes (HKLM\...\{6CF1A7E2-8001-4870-9F18-3C6CDD6FE9E3}) (Version: 12.2.1.16 - Apple Inc.)
Java 8 Update 92 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418092F0}) (Version: 8.0.920.14 - Oracle Corporation)
Jewel Match 3 (HKLM-x32\...\WTA-a0a59cb7-f1c5-4a82-8a37-f684743e7446) (Version: 2.2.0.98 - WildTangent) Hidden
M-Audio Axiom AIR Mini 32 1.0.1 (x64) (HKLM\...\{613163E3-0FC3-4CA3-8835-05D2D6C03523}) (Version: 1.0.1 - M-Audio)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-61005078-2373781621-4259978329-1001\...\OneDriveSetup.exe) (Version: 17.3.6998.0830 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 (HKLM-x32\...\{6e8f74e0-43bd-4dce-8477-6ff6828acc07}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 (HKLM-x32\...\{8e70e4e1-06d7-470b-9f74-a51bef21088e}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24210 (HKLM-x32\...\{f144e08f-9cbe-4f09-9a8c-f2b858b7ee7f}) (Version: 14.0.24210.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Minecraft (HKLM-x32\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang)
NVIDIA PhysX (HKLM-x32\...\{B455E95A-B804-439F-B533-336B1635AE97}) (Version: 9.14.0702 - NVIDIA Corporation)
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
Origin (HKLM-x32\...\Origin) (Version: 9.12.1.43352 - Electronic Arts, Inc.)
PACE License Support Win64 (HKLM\...\{72ad9d51-0903-4fe7-af5d-33b3185fa6e9}) (Version: 2.4.2.0737 - PACE Anti-Piracy, Inc.) Hidden
PACE License Support Win64 (HKLM-x32\...\InstallShield_{72ad9d51-0903-4fe7-af5d-33b3185fa6e9}) (Version: 2.4.2.0737 - PACE Anti-Piracy, Inc.)
Plants vs. Zombies - Game of the Year (HKLM-x32\...\WTA-503e1451-a92d-4fac-be9a-0429304c5dc8) (Version: 3.0.2.51 - WildTangent) Hidden
Pokémon Trading Card Game Online (HKLM-x32\...\{095E9DEE-7EBA-4197-8A50-54FF77BFCBAC}) (Version: 2.41.0 - The Pokémon Company International)
Pokki Download Helper (HKU\S-1-5-21-61005078-2373781621-4259978329-1001\...\PokkiDownloadHelper) (Version: 1.3.1.282 - Pokki)
Polar Bowler (HKLM-x32\...\WTA-21f0b7a4-7c33-4811-bb46-03bf391547c8) (Version: 2.2.0.97 - WildTangent) Hidden
Product Improvement Study for HP ENVY 5640 series (HKLM\...\{2FA76FDB-0A84-4AFD-B5AE-7785C2510AF6}) (Version: 40.11.1107.1739 - HP Inc.)
Ranch Rush 2 - Premium Edition (HKLM-x32\...\WTA-c14e0424-bb2c-4381-9ceb-1b05f25652f5) (Version: 2.2.0.98 - WildTangent) Hidden
Rapture3D 2.4.11 Game (HKLM-x32\...\{D2FCA41E-AC01-4DCD-B3A7-DC9E32363065}}_is1) (Version: - Blue Ripple Sound)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.10143.21278 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.23.1126.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7548 - Realtek Semiconductor Corp.)
Recovery Manager (HKLM-x32\...\{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}) (Version: 5.5.0.7316 - CyberLink Corp.) Hidden
Roblox Player for VINCENT (HKU\S-1-5-21-61005078-2373781621-4259978329-1001\...\{373B1718-8CC5-4567-8EE2-9033AD08A680}) (Version: - Roblox Corporation)
Skype Click to Call (HKLM-x32\...\{873F8E7C-10E6-449F-BD7E-5FBA7C8E1C9B}) (Version: 8.5.0.9167 - Microsoft Corporation)
Skype Web Plugin (HKLM-x32\...\{E5A9C069-5D0C-4EA2-A07E-973014B99F0C}) (Version: 7.2.0.422 - Skype Technologies S.A.)
Skype™ 7.40 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.40.103 - Skype Technologies S.A.)
Start Menu (HKU\S-1-5-21-61005078-2373781621-4259978329-1001\...\SweetLabs_Start_Menu) (Version: 0.269.7.802 - Pokki)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Steinberg Cubase LE 5 (HKLM-x32\...\{50C78780-1A54-4A5C-B3A7-FF828C62C5C2}) (Version: 5.1.2 - Steinberg Media Technologies GmbH)
Steinberg HALionOne (HKLM-x32\...\{E70E7159-93B1-470D-9FBD-D8E9EF34B538}) (Version: 1.1.0.457 - Steinberg Media Technologies GmbH)
Steinberg HALionOne Essential Set (HKLM-x32\...\{C04D5974-F528-4347-A494-EAF56124CC1A}) (Version: 1.0.1.457 - Steinberg Media Technologies GmbH)
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 6.0.1250 - SUPERAntiSpyware.com)
Trinklit Supreme (HKLM-x32\...\WTA-a1abbbe5-becb-4ef4-b5b8-e2dcffe9b0db) (Version: 2.2.0.98 - WildTangent) Hidden
Update Installer for WildTangent Games App (HKLM-x32\...\{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App) (Version: - WildTangent) Hidden
Vacation Quest™ - Australia (HKLM-x32\...\WTA-6bb2105f-d916-4538-8d09-9c55835fdd5e) (Version: 3.0.2.32 - WildTangent) Hidden
Virtual Families (HKLM-x32\...\WTA-97af6557-28de-426e-9bac-fdd4dbda3596) (Version: 2.2.0.98 - WildTangent) Hidden
Wedding Dash (HKLM-x32\...\WTA-bedbeb75-b58e-403a-b57c-15ddc334f04f) (Version: 2.2.0.95 - WildTangent) Hidden
WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.4.0 - WildTangent)
WildTangent Games App for HP (HKLM-x32\...\{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-hp) (Version: 4.0.11.2 - WildTangent) Hidden
Windows 10 Update and Privacy Settings (HKLM\...\{4DFCD818-036A-4229-A67D-CF17DC461D92}) (Version: 1.0.14.0 - Microsoft Corporation)
Windows Driver Package - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.)
Windows Driver Package - Silicon Labs Software (DSI_SiUSBXp_3_1) USB (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software)
X-Edit (HKLM-x32\...\{47107F5F-FDEC-4A01-896C-E76245743F1A}) (Version: 2.7.1.1 - DigiTech) Hidden
X-Edit (HKLM-x32\...\X-Edit) (Version: 2.7.1.1 - DigiTech)
Youda Jewel Shop (HKLM-x32\...\WTA-4c62c20e-7496-4446-929d-01cbc7e1c82c) (Version: 3.0.2.51 - WildTangent) Hidden
CustomCLSID: HKU\S-1-5-21-61005078-2373781621-4259978329-1001_Classes\CLSID\{B5322578-1624-4C26-BB8C-E366FFB9314F}\localserver32 -> C:\Users\VINCENT\AppData\Local\SkypePlugin\7.2.0.422\GatewayVersion-x64.exe (Skype Technologies S.A.)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-10-10] (AVAST Software)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-10-10] (AVAST Software)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-10-10] (AVAST Software)
ContextMenuHandlers1: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt.dll [2014-01-08] (Cyberlink)
ContextMenuHandlers2: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt.dll [2014-01-08] (Cyberlink)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-10-10] (AVAST Software)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\windows\system32\igfxpph.dll -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2016-01-19] (Intel Corporation)
ContextMenuHandlers5: [igfxOSP] -> {FA507C3F-30C6-4DCA-9EE5-2656072EEC14} => C:\WINDOWS\system32\igfxOSP.dll [2016-01-19] (Intel Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-10-10] (AVAST Software)
Task: {0502FD51-CB24-45EE-ACEF-D4ED790E37BA} - System32\Tasks\{82CEF556-8A21-47C3-A43D-9087AD770202} => "c:\program files\internet explorer\iexplore.exe" hxxps://ui.skype.com/ui/0/7.39.0.102/en/abandoninstall?page=tsProgressBar
Task: {08716796-08F3-4781-83F4-17BE63C154FC} - System32\Tasks\{4E18870E-53C2-4053-BCAA-B057E5196A3B} => "c:\program files\internet explorer\iexplore.exe" hxxps://ui.skype.com/ui/0/7.39.0.102/en/abandoninstall?page=tsProgressBar
Task: {0CA272F0-2B91-45C2-986D-5F2794B1526A} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {0CEDE914-13E4-4702-8AFA-F35B54361EF8} - System32\Tasks\{C82AECA2-F2E3-44F7-87B1-4F03A8626F15} => "c:\program files\internet explorer\iexplore.exe" hxxp://ui.skype.com/ui/0/7.25.0.106/en/abandoninstall?page=tsProgressBar
Task: {10072AC6-F8FB-4057-85E6-C7621244CC7A} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [2017-11-17] ()
Task: {1086C7CC-553A-46DA-AED2-4822E71CC813} - System32\Tasks\OneDrive Standalone Update Task => C:\Users\VINCENT\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\OneDriveStandaloneUpdater.exe
Task: {120635B1-02EB-472E-8B94-D6D61381E92B} - System32\Tasks\{23974633-A98A-4FE8-A104-D3426937EB02} => "c:\program files\internet explorer\iexplore.exe" hxxps://ui.skype.com/ui/0/7.33.0.105/en/abandoninstall?page=tsInstall
Task: {141A23B7-FC16-4F61-AABC-533506C81EDE} - System32\Tasks\HPCustParticipation HP ENVY 5640 series => C:\Program Files\HP\HP ENVY 5640 series\Bin\HPCustPartic.exe [2017-02-08] (HP Inc.)
Task: {1D9F3845-7676-4783-9ED6-20FD5D3A0E58} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {26956F50-14D4-4B55-B7B6-773644BE366E} - System32\Tasks\SUPERAntiSpyware Scheduled Task 374be41b-4387-48eb-a39e-90a86f48af4f => C:\Program Files\SUPERAntiSpyware\SASTask.exe [2013-11-07] (SUPERAdBlocker.com)
Task: {27F64E4E-1E6D-4242-81FA-2E570693810E} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\Program Files\Windows Defender\\MpCmdRun.exe [2017-10-09] (Microsoft Corporation)
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe
Task: {41B397CE-12EC-4263-AEEC-8EE2DF6383CE} - System32\Tasks\{674919B6-9508-456B-8555-1C6DB3D30FBA} => "c:\program files\internet explorer\iexplore.exe" hxxps://ui.skype.com/ui/0/7.39.0.102/en/abandoninstall?page=tsProgressBar
Task: {44A4D6B3-BC65-46C6-8906-A6F79BEDACDC} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2017-11-27] (Microsoft Corporation)
Task: {47226A48-C885-40F5-BB8A-819E5967EED6} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {4872E1E9-C28A-4C37-9B29-2E21A85045FC} - System32\Tasks\{3CE9FAE0-70CF-44AB-8CD8-D594981EFEB3} => "c:\program files\internet explorer\iexplore.exe" hxxp://ui.skype.com/ui/0/7.26.0.101/en/abandoninstall?page=tsProgressBar
Task: {500CB796-7AF6-47AC-A2A3-6488C99A35E5} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {591EB34F-11D9-4736-AF2B-94101C4D4160} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-07-19] (Adobe Systems Incorporated)
Task: {5C399377-8772-4031-9454-B51F5289BE92} - System32\Tasks\YCMServiceAgent => c:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe [2014-03-07] (CyberLink Corp.)
Task: {662F9F4D-A30C-42EA-9763-1157C20EC5DC} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {6687ACB6-48A5-4428-A6C3-2430A9AEA766} - System32\Tasks\{14594933-48B2-4983-90E0-3687BBFB9061} => "c:\program files\internet explorer\iexplore.exe" hxxp://ui.skype.com/ui/0/7.25.0.106/en/abandoninstall?page=tsProgressBar
Task: {67ACE5C8-5FE3-477F-AB0B-3272452CD807} - System32\Tasks\{8A567FF2-B876-47C9-BF89-7251C126B1C6} => "c:\windows\system32\launchwinapp.exe" hxxp://ui.skype.com/ui/0/7.24.0.104/en/abandoninstall?page=tsProgressBar
Task: {6941CEC9-9C95-4722-A5D2-326D6C3F7911} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2017-11-08] (HP Inc.)
Task: {6C89A731-F626-43C9-88E7-58AE66A303CD} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2017-09-20] (HP Inc.)
Task: {6D825A09-C460-4882-9615-733562AAF34E} - System32\Tasks\{4F87D9D9-E038-40D0-B202-7D4792EF8169} => C:\WINDOWS\system32\pcalua.exe -a C:\ProgramData\{C5EE6DA0-A057-4009-BADC-FB7523A5715F}\X-Edit.exe -c REMOVE=TRUE MODIFY=FALSE
Task: {737A1B92-B543-4830-AA59-F7EC62D2F4B8} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {76DC2823-BDD6-48CB-A5E0-A1A8972EA9C4} - System32\Tasks\Microsoft\Windows\rempl\shell => C:\Program Files\rempl\remsh.exe
Task: {7779CFE3-D760-4ED2-935B-AE32196EE047} - System32\Tasks\{D1A29812-B29D-481C-A803-24E79FBE7896} => C:\windows\system32\pcalua.exe -a C:\Users\VINCENT\Downloads\forge-1.8-11.14.1.1334-installer-win.exe -d C:\Users\VINCENT\Downloads
Task: {788D7E88-5703-489B-9C6E-170755384563} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {8424B7D2-4424-410D-B787-9F58BC5FA778} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant printer driver installation => C:\WINDOWS\TEMP\EN5640__Full_WebPack_1107.exe <==== ATTENTION
Task: {8C41F415-3EC9-4093-9D0F-A507B9EA63AE} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {8F6146BB-0BC4-4578-9916-473174A3E53D} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2017-09-27] (HP Inc.)
Task: {96C83B6D-6884-4663-9A25-F5FD01BC3BA5} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\Program Files\Windows Defender\\MpCmdRun.exe [2017-10-09] (Microsoft Corporation)
Task: {A1226773-4D8C-4591-BB13-BE70DA02D1DE} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\Program Files\Windows Defender\\MpCmdRun.exe [2017-10-09] (Microsoft Corporation)
Task: {A7F0E571-C0EC-4689-B104-167A76EEAE1D} - System32\Tasks\GarminUpdaterTask => C:\Program Files (x86)\Garmin\Express SelfUpdater\ExpressSelfUpdater.exe [2017-03-28] ()
Task: {AC14622D-A4BC-47AE-B2C6-6604FFC32F39} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\Program Files\Windows Defender\\MpCmdRun.exe [2017-10-09] (Microsoft Corporation)
Task: {AC1B6C96-A259-469F-A12F-D733240DF229} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {B095FDC6-6A03-4F77-89BA-4DE40E4016D7} - System32\Tasks\{350094FC-FACE-41D5-8B91-9F7CC3722C74} => "c:\program files\internet explorer\iexplore.exe" hxxp://ui.skype.com/ui/0/7.25.0.106/en/abandoninstall?page=tsProgressBar
Task: {B1A07583-AFA1-4422-A8E8-AD501DE0980D} - System32\Tasks\Microsoft\Windows\rempl\shell-unlock => C:\Program Files\rempl\remsh.exe
Task: {C8EBF192-538B-42DF-8FC7-EE98349578DC} - System32\Tasks\SUPERAntiSpyware Scheduled Task 0fd020c8-16a7-436e-83e1-876308315550 => C:\Program Files\SUPERAntiSpyware\SASTask.exe [2013-11-07] (SUPERAdBlocker.com)
Task: {CF65F259-0859-45C3-A43C-7088F2F4BB2B} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater - Resources => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2017-09-20] (HP Inc.)
Task: {D51F380B-9743-43B3-ABC9-1A394B2A11E4} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2017-09-27] (HP Inc.)
Task: {D9536904-CAAE-4F3D-8EC8-C5AA5C235730} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {DE1D7AC2-B698-4FD5-B5A5-71A7C6910F71} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2017-11-28] (AVAST Software)
Task: {E5017CB2-0DAA-479B-A38F-9049E44CD9ED} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {F1167672-9E61-40F5-9388-938550865447} - System32\Tasks\{F12A1056-6948-4136-A393-AD26B927ABD1} => "c:\program files\internet explorer\iexplore.exe" hxxps://ui.skype.com/ui/0/7.32.0.104/en/abandoninstall?page=tsMain
Task: {F2C4084D-7F33-4490-9ACC-01827C845CDE} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2017-02-14] (Apple Inc.)
Task: {F92665F2-6429-4AA3-A7D9-97FE46731B94} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe [2017-10-11] (HP Inc.)
Task: {FEC74190-3987-41E5-B587-8A3706B0F752} - System32\Tasks\SweetLabs App Platform => C:\Users\VINCENT\AppData\Local\SweetLabs App Platform\Engine\ServiceHostAppUpdater.exe [2015-10-30] (Pokki)
Task: {FF6E27E8-385F-461F-B2A7-B181C4745347} - System32\Tasks\{8BDE11AF-3E6D-4F29-B4ED-5521F55D08EA} => "c:\program files\internet explorer\iexplore.exe" hxxps://ui.skype.com/ui/0/7.32.0.104/en/abandoninstall?page=tsProgressBar
Task: {FF97C99D-38A1-42E0-A5EA-790DE94B9D31} - System32\Tasks\HPCeeScheduleForVINCENT => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2015-06-16] (Hewlett-Packard)
Task: C:\WINDOWS\Tasks\HPCeeScheduleForVINCENT.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
Task: C:\WINDOWS\Tasks\SUPERAntiSpyware Scheduled Task 0fd020c8-16a7-436e-83e1-876308315550.job => C:\Program Files\SUPERAntiSpyware\SASTask.exe C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
Task: C:\WINDOWS\Tasks\SUPERAntiSpyware Scheduled Task 374be41b-4387-48eb-a39e-90a86f48af4f.job => C:\Program Files\SUPERAntiSpyware\SASTask.exe C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
==================== Loaded Modules (Whitelisted) ==============
2017-09-13 15:57 - 2017-09-07 06:01 - 002681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2014-02-07 10:24 - 2014-02-07 10:24 - 002108928 _____ () C:\Program Files\Hewlett-Packard\SimplePass\autheng.dll
2014-02-07 10:21 - 2014-02-07 10:21 - 000035328 _____ () C:\Program Files\Hewlett-Packard\SimplePass\ssplogon.dll
2014-02-07 10:21 - 2014-02-07 10:21 - 000055296 _____ () C:\Program Files\Hewlett-Packard\SimplePass\RandomPass.dll
2014-02-07 10:21 - 2014-02-07 10:21 - 000021504 _____ () C:\Program Files\Hewlett-Packard\SimplePass\cryptodll.dll
2014-02-07 10:40 - 2014-02-07 10:40 - 000368528 _____ () C:\Program Files\Hewlett-Packard\SimplePass\mstrpwd.dll
2014-02-07 10:40 - 2014-02-07 10:40 - 000714128 _____ () C:\Program Files\Hewlett-Packard\SimplePass\GraphicalPwd.dll
2015-05-15 15:26 - 2015-05-15 15:26 - 000085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-05-15 15:26 - 2015-05-15 15:26 - 001346344 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2014-02-07 10:28 - 2014-02-07 10:28 - 000065024 _____ () C:\Program Files\Hewlett-Packard\SimplePass\opvapp.exe
2016-09-24 10:56 - 2016-09-24 10:56 - 000134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2017-03-15 17:40 - 2017-03-04 06:31 - 000474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2017-03-15 17:41 - 2017-03-04 06:12 - 009760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2017-03-15 17:41 - 2017-03-04 06:05 - 001401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-03-15 17:41 - 2017-03-04 06:05 - 000757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2017-11-27 22:12 - 2017-11-18 03:28 - 001033216 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll
2017-11-27 22:12 - 2017-11-18 03:28 - 002424832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2017-11-27 22:12 - 2017-11-18 03:31 - 004853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2017-11-15 13:21 - 2017-11-15 13:22 - 000087552 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.8.487.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2017-11-15 13:21 - 2017-11-15 13:22 - 000206336 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.8.487.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2017-11-15 13:21 - 2017-11-15 13:22 - 025461760 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.8.487.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2017-11-08 01:08 - 2017-11-08 01:08 - 002552832 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.8.487.0_x64__kzf8qxf38zg5c\skypert.dll
2017-11-15 13:21 - 2017-11-15 13:22 - 000685056 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.8.487.0_x64__kzf8qxf38zg5c\RtmMvrUap.dll
2016-07-16 11:42 - 2016-07-16 11:42 - 000361984 _____ () C:\WINDOWS\SYSTEM32\HrtfApo.dll
2017-11-03 16:42 - 2017-11-03 16:42 - 001919680 _____ () C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.8700.40675.0_x64__8wekyb3d8bbwe\Microsoft.Applications.Telemetry.Windows.dll
2017-11-03 16:42 - 2017-11-03 16:42 - 001226416 _____ () C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.8700.40675.0_x64__8wekyb3d8bbwe\Office.UI.Xaml.Word.dll
2006-10-26 12:56 - 2006-10-26 12:56 - 000757008 _____ () C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\MSPTLS.DLL
AlternateDataStreams: C:\Users\All Users:514A75302A0E5A4C [217]
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Internet Explorer trusted/restricted ===============
==================== Hosts content: ===============================
==================== Other Areas ============================
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.
HKLM\...\StartupApproved\Run: => "AvastUI.exe"
HKU\S-1-5-21-61005078-2373781621-4259978329-1001\...\StartupApproved\Run: => "GarminExpressTrayApp"
HKU\S-1-5-21-61005078-2373781621-4259978329-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-61005078-2373781621-4259978329-1001\...\StartupApproved\Run: => "Steam"
FirewallRules: [{6EA883D9-3783-431F-BADF-EF8CB3090A1B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\YoutubersLife\YoutubersLife.exe
FirewallRules: [{8F253446-8481-4C46-AAA8-BCB11444D98A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\There's Poop In My Soup\PoopInMySoup.exe
FirewallRules: [{D93D7B02-AD6D-4450-B997-8570E8475CE7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\There's Poop In My Soup\PoopInMySoup.exe
FirewallRules: [{963E433A-1246-4C5E-98BF-8A436DA970D5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\TurboDismount\TurboDismount.exe
FirewallRules: [{4A46A9F9-DA58-4D55-BF64-2D3DB6CF1606}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\TurboDismount\TurboDismount.exe
FirewallRules: [{981D4D2E-A3F1-4345-8761-9184462D2E7A}] => (Allow) C:\Program Files\BitComet\BitComet.exe
FirewallRules: [{7A913E68-8084-4AED-9AF8-E2094601A1B1}] => (Allow) C:\Program Files\BitComet\BitComet.exe
FirewallRules: [{308C19AF-8ED2-48F9-B98F-27F2F6DD6DB5}] => (Allow) C:\Users\VINCENT\AppData\Local\Temp\7zS714F\HPDiagnosticCoreUI.exe
FirewallRules: [{6C2B952F-8CF1-4E4D-B6FD-532F1D13140E}] => (Allow) C:\Users\VINCENT\AppData\Local\Temp\7zS714F\HPDiagnosticCoreUI.exe
FirewallRules: [{02A6940D-2113-456F-BCEF-AC55DB48ED9F}] => (Allow) C:\Users\VINCENT\AppData\Local\Temp\7zS70FA\HPDiagnosticCoreUI.exe
FirewallRules: [{E9913014-1404-4EA2-ACDD-DF2791D1EE13}] => (Allow) C:\Users\VINCENT\AppData\Local\Temp\7zS70FA\HPDiagnosticCoreUI.exe
FirewallRules: [{87607621-A183-4F50-AA95-131108B98B74}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPDeviceDetection3.exe
FirewallRules: [{3912B2AD-A424-465D-8DAB-C417A055486A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Octodad Dadliest Catch\OctodadDadliestCatch.exe
FirewallRules: [{8E31C835-DDA4-44D4-BB17-B05247ECEA97}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Octodad Dadliest Catch\OctodadDadliestCatch.exe
FirewallRules: [{EBAF6C0D-C2CB-4355-863F-EE17BBD41CF8}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{6D1ADC78-75B4-44B6-B5D5-1B4D2FAE45A9}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{A633BAEA-AE1E-4C28-92AD-007AE71DA774}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{CA486716-4697-4ADA-A626-5B7C435348A6}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [UDP Query User{80793AE5-39FE-4EF1-BC76-4C2A498DFA3A}C:\program files\java\jre7\bin\javaw.exe] => (Block) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [TCP Query User{F9AC422A-3D4D-42B5-8AB9-6EDF0D900A44}C:\program files\java\jre7\bin\javaw.exe] => (Block) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{EE05BBD3-06D3-4601-A6A2-30C3B5734B3C}C:\program files (x86)\java\jre1.8.0_40\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre1.8.0_40\bin\javaw.exe
FirewallRules: [TCP Query User{DFE49AE8-22FE-4444-BC59-B925FA655315}C:\program files (x86)\java\jre1.8.0_40\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre1.8.0_40\bin\javaw.exe
FirewallRules: [UDP Query User{FC99D5D7-EC0F-4D4D-B660-4FE4DB57A18A}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Block) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [TCP Query User{911B8683-F755-4D04-905C-019D552F082E}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Block) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{C4B419DE-50B4-4B50-ABAD-FAD1945DAFF3}C:\users\vincent\appdata\roaming\utorrent\utorrent.exe] => (Block) C:\users\vincent\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [TCP Query User{BE35506D-9769-4073-AC7E-76B24BA35F4F}C:\users\vincent\appdata\roaming\utorrent\utorrent.exe] => (Block) C:\users\vincent\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [{C8A4D20A-93D5-44CC-8D6A-C0481836C583}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\UcMapi.exe
FirewallRules: [{516975ED-B100-49A0-852E-6E045737E221}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\Lync.exe
FirewallRules: [{FBA4668B-91C2-4762-9573-8E71B05F5A17}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDirector10\PDR10.EXE
FirewallRules: [{44087DE7-8C25-4533-A261-312D47411A44}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Movie\PowerDVD.exe
FirewallRules: [{78DC77D8-028E-4EE3-825B-1B01B6FA1606}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12ML.exe
FirewallRules: [{85DE178C-96D6-43F2-B654-5B17EE37E776}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12Agent.exe
FirewallRules: [{E7CE4BE2-9071-47E1-A90D-7B884664ECA6}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe
FirewallRules: [{1CA65B3C-247C-414A-B244-7033FB7DC54C}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe
FirewallRules: [{C50026BC-E891-45E9-812E-E9E8063FEDD9}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12.exe
FirewallRules: [{2A7E8BA1-CFB0-4029-8211-95922DA8439E}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{92405311-DDE2-47AF-9048-84580F772646}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{030D828A-C459-4A77-973F-9FA0312D24AA}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{3BFF507B-CEAE-4493-B215-6E45713A00AB}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{CC66EB30-6AFC-49EC-BB0F-6D0C6BA2E4FE}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{23E31A2A-3C8E-4794-ACD6-78116D3F6180}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDirector10\PDR10.EXE
FirewallRules: [TCP Query User{1249A627-DCDE-4543-B744-9BFF914FC8FE}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{8CFEF3CA-C04B-4316-BF86-83EC81A88DEF}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [{2A42DDDD-E512-4C2E-BC6E-F7AB8B60B570}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{0F0721F3-A66E-4F78-AF99-1972A23E0E01}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{A98A03F2-0230-4AC2-8BBD-4407CD91BD86}] => (Allow) C:\Users\VINCENT\AppData\Local\Temp\7zS6B2F\HPDiagnosticCoreUI.exe
FirewallRules: [{5AB0EBB8-CCA7-401C-AE75-93CF8112E67A}] => (Allow) C:\Users\VINCENT\AppData\Local\Temp\7zS6B2F\HPDiagnosticCoreUI.exe
FirewallRules: [{9847452F-9E40-47E1-A0C6-6219406A57F8}] => (Allow) C:\Users\VINCENT\AppData\Local\Temp\7zS4768\HPDiagnosticCoreUI.exe
FirewallRules: [{22E727CC-CBE9-4803-ABC0-955BBB088018}] => (Allow) C:\Users\VINCENT\AppData\Local\Temp\7zS4768\HPDiagnosticCoreUI.exe
FirewallRules: [{34AB8337-2FD4-4026-BFDA-FD7626C8DE88}] => (Allow) C:\Users\VINCENT\AppData\Local\Temp\7zS47AA\HPDiagnosticCoreUI.exe
FirewallRules: [{05E44358-7A24-4813-98C4-A0CC9AC18812}] => (Allow) C:\Users\VINCENT\AppData\Local\Temp\7zS47AA\HPDiagnosticCoreUI.exe
FirewallRules: [{AD4B06A7-D52A-46CD-AEB8-9F9584D818A4}] => (Allow) C:\Users\VINCENT\AppData\Local\Temp\7zS573E\HPDiagnosticCoreUI.exe
FirewallRules: [{091B97E5-395C-4A63-95EC-E3A3E21D310E}] => (Allow) C:\Users\VINCENT\AppData\Local\Temp\7zS573E\HPDiagnosticCoreUI.exe
FirewallRules: [{675ED59F-0CB9-4CFE-AC3B-1C305A4E7731}] => (Allow) C:\Users\VINCENT\AppData\Local\Temp\7zS17AF\HPDiagnosticCoreUI.exe
FirewallRules: [{C5A5886C-8271-4359-B06A-F8DA9FEE21D1}] => (Allow) C:\Users\VINCENT\AppData\Local\Temp\7zS17AF\HPDiagnosticCoreUI.exe
FirewallRules: [{E5332E16-636E-4BB2-9654-D58086B15735}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Portal 2\portal2.exe
FirewallRules: [{AF6F891B-A19D-419D-985D-009169FAC5F8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Portal 2\portal2.exe
FirewallRules: [{436AFCF4-8DF4-4BF4-9D46-82A48A78F423}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Digimon Masters Online - Steam\DMLauncher.exe
FirewallRules: [{45487AB5-98AE-4BEA-806F-D932BA004BB8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Digimon Masters Online - Steam\DMLauncher.exe
FirewallRules: [{A11548FC-B577-451B-BB61-B452317845C6}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{B3192EB1-4D38-4B86-989A-4B461E3F5A19}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{A22138BE-2915-40F2-A18A-781471B2463B}] => (Allow) C:\Users\VINCENT\AppData\Local\Temp\7zS377A\HPDiagnosticCoreUI.exe
FirewallRules: [{E822206F-D2E8-402D-8F2A-DAC17513874A}] => (Allow) C:\Users\VINCENT\AppData\Local\Temp\7zS377A\HPDiagnosticCoreUI.exe
FirewallRules: [{DF2ABF49-805D-4682-A3A3-8BA0FD57D8A2}] => (Allow) C:\Users\VINCENT\AppData\Local\Temp\7zS37D6\HPDiagnosticCoreUI.exe
FirewallRules: [{52A1234C-D5D1-474E-8440-CF9385F3EA82}] => (Allow) C:\Users\VINCENT\AppData\Local\Temp\7zS37D6\HPDiagnosticCoreUI.exe
FirewallRules: [{8B4C1147-8EDB-464B-AACD-CC93EEA2BE94}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\DiRT Showdown\showdown.exe
FirewallRules: [{6D64C5C3-9A32-4612-8C14-09B81D28EEEB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\DiRT Showdown\showdown.exe
FirewallRules: [{EB01A0AA-195A-4ADB-8482-34F3CDD1B379}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\A Story About My Uncle\Binaries\Win32\ASAMU-Win32-Shipping.exe
FirewallRules: [{984FD65F-9DE1-4DB8-8890-4A7AE88D7D33}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\A Story About My Uncle\Binaries\Win32\ASAMU-Win32-Shipping.exe
FirewallRules: [{E9F86F6B-C59C-4682-8459-9ED53CF3D012}] => (Allow) C:\Program Files\HP\HP ENVY 5640 series\Bin\DeviceSetup.exe
FirewallRules: [{CA492791-1BC5-4BF2-9E2B-8BA41F987F4F}] => (Allow) LPort=5357
FirewallRules: [{DCDC1670-31F9-45C3-9C49-5910ED495801}] => (Allow) C:\Program Files\HP\HP ENVY 5640 series\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [{1A2FB5E7-B71B-4D0B-B907-6BB31C3F39BD}] => (Allow) C:\Users\VINCENT\AppData\Local\Temp\7zS0067\HPDiagnosticCoreUI.exe
FirewallRules: [{42E5567B-E8A0-4007-829E-1A7A92D9E8EB}] => (Allow) C:\Users\VINCENT\AppData\Local\Temp\7zS0067\HPDiagnosticCoreUI.exe
FirewallRules: [{15ABDFE4-A67D-4116-9DC8-E38B221A5837}] => (Allow) C:\Users\VINCENT\AppData\Local\Temp\7zS00D0\HPDiagnosticCoreUI.exe
FirewallRules: [{EB6F02C2-1B81-4BC7-83CD-E56DAD7001CD}] => (Allow) C:\Users\VINCENT\AppData\Local\Temp\7zS00D0\HPDiagnosticCoreUI.exe
FirewallRules: [{75C77B19-A585-4D32-B422-152296F6BCA2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Escapists\TheEscapists.exe
FirewallRules: [{7C652DFC-0549-4EF0-8A48-A6E670A1FA68}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Escapists\TheEscapists.exe
FirewallRules: [{BD83345D-DBC7-4A2A-A865-B7E5CD682137}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [{1264CC8C-EE7C-416D-97D9-E223D9DC718D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe
23-11-2017 12:40:27 Windows Update
26-11-2017 13:20:47 Windows Update
==================== Event log errors: =========================
==================
Error: (11/28/2017 08:24:44 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: SettingSyncHost.exe, version: 10.0.14393.1198, time stamp: 0x590280cf
Faulting module name: BrowserSettingSync.dll, version: 10.0.14393.953, time stamp: 0x58ba5eb4
Exception code: 0xc0000005
Fault offset: 0x000000000000f1a1
Faulting process ID: 0x1054
Faulting application start time: 0x01d3682256a5c683
Faulting application path: C:\WINDOWS\system32\SettingSyncHost.exe
Faulting module path: C:\WINDOWS\system32\BrowserSettingSync.dll
Report ID: 48138202-514d-465d-ab79-f269f5aa0479
Faulting package full name:
Faulting package-relative application ID:
Description: Faulting application name: RuntimeBroker.exe, version: 10.0.14393.0, time stamp: 0x57899b96
Faulting module name: ntdll.dll, version: 10.0.14393.1715, time stamp: 0x59b0d03e
Exception code: 0xc0000005
Fault offset: 0x00000000000495fc
Faulting process ID: 0xe28
Faulting application start time: 0x01d3682204d02f88
Faulting application path: C:\Windows\System32\RuntimeBroker.exe
Faulting module path: C:\WINDOWS\SYSTEM32\ntdll.dll
Report ID: 86b1604f-27ae-4d77-b069-0b8d6cc37de0
Faulting package full name:
Faulting package-relative application ID:
Description: Faulting application name: RuntimeBroker.exe, version: 10.0.14393.0, time stamp: 0x57899b96
Faulting module name: ntdll.dll, version: 10.0.14393.1715, time stamp: 0x59b0d03e
Exception code: 0xc0000005
Fault offset: 0x00000000000495fc
Faulting process ID: 0xe0c
Faulting application start time: 0x01d36821eb480a5b
Faulting application path: C:\Windows\System32\RuntimeBroker.exe
Faulting module path: C:\WINDOWS\SYSTEM32\ntdll.dll
Report ID: 352835d1-c10d-4baf-b8bc-f751f140c40d
Faulting package full name:
Faulting package-relative application ID:
Description: Product: Update for Windows 10 for x64-based Systems (KB4023057) -- Error 1722. There is a problem with this Windows Installer package. A program run as part of the setup did not finish as expected. Contact your support personnel or package vendor. Action CreateScheduledTaskShell, location: C:\Program Files\rempl\, command: C:\WINDOWS\SysWOW64\schtasks.exe -create -tn Microsoft\Windows\rempl\shell -xml rempl.xml -F
Description: Product: Update for Windows 10 for x64-based Systems (KB4023057) -- Error 1722. There is a problem with this Windows Installer package. A program run as part of the setup did not finish as expected. Contact your support personnel or package vendor. Action CreateScheduledTaskShell, location: C:\Program Files\rempl\, command: C:\WINDOWS\SysWOW64\schtasks.exe -create -tn Microsoft\Windows\rempl\shell -xml rempl.xml -F
Description: Unable to open the Redirector service performance object. The first four bytes (DWORD) of the Data section contains the status code.
Description: Unable to open the Server service performance object. The first four bytes (DWORD) of the Data section contains the status code.
Description: Unable to open the Redirector service performance object. The first four bytes (DWORD) of the Data section contains the status code.
Description: Unable to open the Server service performance object. The first four bytes (DWORD) of the Data section contains the status code.
Description: Failed trying to get the state of the cluster node: .The error code returned: 0x8007085A
System errors:
=============
Error: (11/28/2017 08:42:32 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
and APPID
{F72671A9-012C-4725-9D2F-2A4D32D65169}
to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Description: The machine-default permission settings do not grant Local Activation permission for the COM Server application with CLSID
{C2F03A33-21F5-47FA-B4BB-156362A2F239}
and APPID
{316CDED5-E4AE-4B15-9113-7055D84DCC97}
to the user MCNULTYS_PC\VINCENT SID (S-1-5-21-61005078-2373781621-4259978329-1001) from address LocalHost (Using LRPC) running in the application container Microsoft.SkypeApp_12.8.487.0_x64__kzf8qxf38zg5c SID (S-1-15-2-2246530975-808720366-1776470054-230329187-4153223113-3550430174-4193313734). This security permission can be modified using the Component Services administrative tool.
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
and APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
and APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Description: The Intel® HD Graphics Control Panel Service service terminated unexpectedly. It has done this 1 time(s).
Description: The Intel® Security Assist service failed to start due to the following error:
The service did not respond to the start or control request in a timely fashion.
Description: A timeout was reached (30000 milliseconds) while waiting for the Intel® Security Assist service to connect.
Description: Installation Failure: Windows failed to install the following update with error 0x80070643: Update for Windows 10 Version 1607 for x64-based Systems (KB4023057).
Description: The Interactive Services Detection service terminated with the following error:
Incorrect function.
Description: The Intel® Management and Security Application Local Management Service service terminated unexpectedly. It has done this 1 time(s).
CodeIntegrity:
===================================
Date: 2017-11-28 06:27:35.203
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
==================== Memory info ===========================
Percentage of memory in use: 38%
Total physical RAM: 8114.73 MB
Available physical RAM: 4966.89 MB
Total Virtual: 29503.59 MB
Available Virtual: 25894.44 MB
Drive d: (Recovery Image) (Fixed) (Total:12.83 GB) (Free:1.61 GB) NTFS ==>[system with boot components (obtained from drive)]
Disk: 0 (Size: 931.5 GB) (Disk ID: B885745F)