Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Constant Sound Coming From Computer Like It's Running a Scan, Even


  • Please log in to reply

#1
[email protected]

[email protected]

    New Member

  • Member
  • Pip
  • 6 posts

Hello there, and thanks for the help :)

 

I've had my desktop for about 6 years and I use things like spybot, malwarebyte, and tweaknow to keep it running smooth. Recently it began to constantly make a very loud sound. It used to only make this sound during high processing, like a virus scan or downloading large files or writing large files to an external drive, and then it would stop. But now, even when the computer is sitting idle with all programs off and the internet disconnected, there is a loud sound coming from it, a sound which I've only heard while my computer was being pushed to process a lot of data.

 

At first I assumed it was some sort of virus that was constantly using my computer as a server, but after cleaning extensively and removing the internet connection, the sound continued. Now I'm starting to think that the hard drive is dying and any data processing causes it to be loud. I've noticed that if I turn the computer off for a while, when I turn it back on the loud noise isn't there at first, but it slowly builds up again, until I can hear it constantly purring away from across the house.

 

I've attached a file with a video of my computer so you can hear the sound. The sound is clearest at the end of the video once I move the camera near the ventilation holes. The sound is separate from the fan, and has a stutter-like, Star Wars droid language vibe to it. I've also included the FRST text below.

 

I'm not sure what's wrong so please walk me through whatever steps y'all think are necessary to diagnose this problem. If this is a sign my harddrive is about to die, can someone help me figure out how to make a full copy of my current setup and put it on a new drive so that I can install it and boot straight to what I experience right now (minus the sound of course, hehe)?

 

Many thanks for any help,

-Brett
 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 28.02.2018
Ran by Tony (administrator) on TONY-PC (28-02-2018 14:47:32)
Running from C:\Users\Tony\Desktop
Loaded Profiles: Tony (Available Profiles: Tony)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Spotify Ltd) C:\Users\Tony\AppData\Roaming\Spotify\SpotifyWebHelper.exe
() C:\Program Files (x86)\Google\Drive\googledrivesync.exe
() C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.7\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.7\GoogleCrashHandler64.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Google Inc.) C:\Users\Tony\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Tony\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Tony\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Tony\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Tony\AppData\Local\Google\Chrome\Application\chrome.exe
(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(Google Inc.) C:\Users\Tony\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Tony\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Tony\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Tony\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Tony\AppData\Local\Google\Chrome\Application\chrome.exe
(Dropbox, Inc.) C:\Users\Tony\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Dropbox, Inc.) C:\Users\Tony\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Dropbox, Inc.) C:\Users\Tony\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Google Inc.) C:\Users\Tony\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Tony\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Tony\AppData\Local\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(Google Inc.) C:\Users\Tony\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Tony\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Tony\AppData\Local\Google\Chrome\Application\chrome.exe
 
==================== Registry (Whitelisted) ===========================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11905128 2011-06-28] (Realtek Semiconductor)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1353680 2016-11-14] (Microsoft Corporation)
HKLM\...\Run: [ShadowPlay] => "C:\Windows\system32\rundll32.exe" C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [amd_dc_opt] => C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe [77824 2008-07-22] (AMD)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-1102455636-970572162-2684302250-1001\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-1102455636-970572162-2684302250-1001\...\Run: [Spotify Web Helper] => C:\Users\Tony\AppData\Roaming\Spotify\SpotifyWebHelper.exe [777840 2017-10-29] (Spotify Ltd)
HKU\S-1-5-21-1102455636-970572162-2684302250-1001\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [41100328 2018-01-29] ()
HKU\S-1-5-21-1102455636-970572162-2684302250-1001\...\MountPoints2: {bf264a75-ba56-11e7-bfff-c860006e989e} - E:\LG_PC_Programs.exe
HKU\S-1-5-21-1102455636-970572162-2684302250-1001\...\MountPoints2: {e9ab700c-d19f-11e5-80da-c860006e989e} - E:\LG_PC_Programs.exe
HKU\S-1-5-21-1102455636-970572162-2684302250-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\es.scr [4136960 2011-12-13] ()
Startup: C:\Users\Tony\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2018-02-28]
ShortcutTarget: Dropbox.lnk -> C:\Users\Tony\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
BootExecute: autocheck autochk * sdnclean64.exe
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{83CC380F-0EFD-4577-8436-4FDC05C6D927}: [DhcpNameServer] 192.168.0.1 205.171.2.25
Tcpip\..\Interfaces\{893935B8-2CF8-4197-963C-594FB1F592F3}: [DhcpNameServer] 10.200.0.1
Tcpip\..\Interfaces\{F28A17E5-ABBD-49A3-AC39-7BE762094AD4}: [DhcpNameServer] 192.168.1.1
 
Internet Explorer:
==================
HKU\S-1-5-21-1102455636-970572162-2684302250-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://23.31.83.214/onlinebooking/
SearchScopes: HKLM -> DefaultScope {69088CDD-C0D1-4C45-8902-80A286C71C74} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MNMTDF&pc=MANM&src=IE-SearchBox
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM -> {69088CDD-C0D1-4C45-8902-80A286C71C74} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MNMTDF&pc=MANM&src=IE-SearchBox
SearchScopes: HKLM-x32 -> DefaultScope {69088CDD-C0D1-4C45-8902-80A286C71C74} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MNMTDF&pc=MANM&src=IE-SearchBox
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> {69088CDD-C0D1-4C45-8902-80A286C71C74} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MNMTDF&pc=MANM&src=IE-SearchBox
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-1102455636-970572162-2684302250-1001 -> {69088CDD-C0D1-4C45-8902-80A286C71C74} URL = 
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: ContributeBHO Class -> {074C1DC5-9320-4A9A-947D-C042949C6216} -> C:\Program Files (x86)\Adobe\Adobe Contribute CS5.1\Plugins\IEPlugin\contributeieplugin.dll [2011-03-19] (Adobe Systems, Inc.)
BHO-x32: No Name -> {5C255C8A-E604-49b4-9D64-90988571CECB} -> No File
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation)
BHO-x32: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2015-09-24] (Adobe Systems Incorporated)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: SmartSelect Class -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2015-09-24] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Contribute Toolbar - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files (x86)\Adobe\Adobe Contribute CS5.1\Plugins\IEPlugin\contributeieplugin.dll [2011-03-19] (Adobe Systems, Inc.)
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2015-09-24] (Adobe Systems Incorporated)
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll [2010-04-16] (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll [2010-04-16] (Microsoft Corporation)
 
FireFox:
========
FF DefaultProfile: o91mghwi.default-1420154049689
FF ProfilePath: C:\Users\Tony\AppData\Roaming\Mozilla\Firefox\Profiles\o91mghwi.default-1420154049689 [2018-02-27]
FF HKLM-x32\...\Firefox\Extensions: [{01A8CA0A-4C96-465b-A49B-65C46FAD54F9}] - C:\Program Files (x86)\Adobe\Adobe Contribute CS5.1\Plugins\FirefoxPlugin\{01A8CA0A-4C96-465b-A49B-65C46FAD54F9}
FF Extension: (Adobe Contribute Toolbar) - C:\Program Files (x86)\Adobe\Adobe Contribute CS5.1\Plugins\FirefoxPlugin\{01A8CA0A-4C96-465b-A49B-65C46FAD54F9} [2012-04-27] [Legacy] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: (Adobe Acrobat - Create PDF) - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2016-11-28] [Legacy] [not signed]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_232.dll [2015-08-13] ()
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_232.dll [2015-08-13] ()
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MIF5BA~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MIF5BA~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8117.0416 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-04-17] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2017-10-27] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2017-10-27] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-13] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-13] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll [2015-09-24] (Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-02-11] (Adobe Systems Inc.)
FF Plugin-x32: shipin7 -> C:\Program Files (x86)\hicloud\PCPlayer\npSP7WebVideoPlugin.dll [2016-05-09] ()
FF Plugin-x32: shipin7safebox -> C:\Program Files (x86)\hicloud\PCPlayer\npSafePlugin.dll [2016-05-09] ()
FF Plugin-x32: shipin7update -> C:\Program Files (x86)\hicloud\PCPlayer\npUpdataPlugin.dll [2016-05-09] ()
FF Plugin HKU\S-1-5-21-1102455636-970572162-2684302250-1001: @tools.google.com/Google Update;version=3 -> C:\Users\Tony\AppData\Local\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-14] (Google Inc.)
FF Plugin HKU\S-1-5-21-1102455636-970572162-2684302250-1001: @tools.google.com/Google Update;version=9 -> C:\Users\Tony\AppData\Local\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-14] (Google Inc.)
FF Plugin HKU\S-1-5-21-1102455636-970572162-2684302250-1001: anvisoft.com/AdblockPlugin ->   [No File]
FF Plugin HKU\S-1-5-21-1102455636-970572162-2684302250-1001: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2017-05-30] ()
 
Chrome: 
=======
CHR DefaultProfile: Default
CHR StartupUrls: Default -> "hxxps://www.google.com/calendar/render?tab=mc#main_7","hxxps://mail.google.com/mail/u/0/#inbox","hxxps://www.wunderlist.com/#/lists/starred"
CHR Profile: C:\Users\Tony\AppData\Local\Google\Chrome\User Data\Default [2018-02-28]
CHR Extension: (Google Drive) - C:\Users\Tony\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-20]
CHR Extension: (YouTube) - C:\Users\Tony\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-24]
CHR Extension: (Spotify - Music for every moment) - C:\Users\Tony\AppData\Local\Google\Chrome\User Data\Default\Extensions\cnkjkdjlofllcpbemipjbcpfnglbgieh [2017-07-15]
CHR Extension: (Google Search) - C:\Users\Tony\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-26]
CHR Extension: (History Limiter) - C:\Users\Tony\AppData\Local\Google\Chrome\User Data\Default\Extensions\dpdjaigdefdamkfcgjhbmpjbhiejjkph [2012-06-29]
CHR Extension: (Adobe Acrobat) - C:\Users\Tony\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-03-05]
CHR Extension: (Google Calendar) - C:\Users\Tony\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejjicmeblgpmajnghnpcppodonldlgfn [2017-01-07]
CHR Extension: (HTTPS Everywhere) - C:\Users\Tony\AppData\Local\Google\Chrome\User Data\Default\Extensions\gcbommkclmclpchllfjekcdonpmejbdp [2018-02-27]
CHR Extension: (Google Docs Offline) - C:\Users\Tony\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-15]
CHR Extension: (Telegram) - C:\Users\Tony\AppData\Local\Google\Chrome\User Data\Default\Extensions\hadgilakbfohcfcgfbioeeehgpkopaga [2017-02-20]
CHR Extension: (LastPass: Free Password Manager) - C:\Users\Tony\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd [2018-02-13]
CHR Extension: (Greenhouse) - C:\Users\Tony\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifomhmgandipmpnelclcmbefppopfklc [2016-03-19]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\Tony\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2018-02-26]
CHR Extension: (Poppit!) - C:\Users\Tony\AppData\Local\Google\Chrome\User Data\Default\Extensions\mcbkbpnkkkipelfledbfocopglifcfmi [2015-11-01]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Tony\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-02-26]
CHR Extension: (Click&Clean App) - C:\Users\Tony\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdabfienifkbhoihedcgeogidfmibmhp [2018-02-24]
CHR Extension: (Gmail) - C:\Users\Tony\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-29]
CHR Extension: (Chrome Media Router) - C:\Users\Tony\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-02-27]
CHR Profile: C:\Users\Tony\AppData\Local\Google\Chrome\User Data\Guest Profile [2015-05-22]
CHR Profile: C:\Users\Tony\AppData\Local\Google\Chrome\User Data\Profile 1 [2018-02-28]
CHR Extension: (Google Drive) - C:\Users\Tony\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-22]
CHR Extension: (YouTube) - C:\Users\Tony\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-30]
CHR Extension: (Google Search) - C:\Users\Tony\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27]
CHR Extension: (Adobe Acrobat) - C:\Users\Tony\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-03-08]
CHR Extension: (Google Docs Offline) - C:\Users\Tony\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-14]
CHR Extension: (Zoom) - C:\Users\Tony\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\hmbjbjdpkobdjplfobhljndfdfdipjhg [2018-02-22]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\Tony\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2018-02-26]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Tony\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-02-26]
CHR Extension: (Gmail) - C:\Users\Tony\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-05]
CHR Extension: (Chrome Media Router) - C:\Users\Tony\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-02-28]
CHR Profile: C:\Users\Tony\AppData\Local\Google\Chrome\User Data\System Profile [2017-08-03]
CHR Extension: (Google Slides) - C:\Users\Tony\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-06-01]
CHR Extension: (Google Docs) - C:\Users\Tony\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\aohghmighlieiainnegkcijnfilokake [2015-06-01]
CHR Extension: (YouTube) - C:\Users\Tony\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-06-01]
CHR Extension: (Google Search) - C:\Users\Tony\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-06-01]
CHR Extension: (Google Sheets) - C:\Users\Tony\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-06-01]
CHR Extension: (Gmail) - C:\Users\Tony\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-06-01]
CHR HKU\S-1-5-21-1102455636-970572162-2684302250-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\Tony\AppData\Local\Google\Drive\apdfllckaahabafndbhieahigkjlhalf_live.crx [2013-05-01]
CHR HKU\S-1-5-21-1102455636-970572162-2684302250-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [lhmiofmipcpmhgihiecmpiekcacigpgb] -   <not found>
StartMenuInternet: Google Chrome - C:\Users\Tony\AppData\Local\Google\Chrome\Application\chrome.exe
 
==================== Services (Whitelisted) ====================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S4 Bonjour Service; C:\Program Files (x86)\Blizzard\Bonjour Service\mDNSResponder.exe [390504 2017-07-16] (Apple Inc.)
S2 CLKMSVC10_38F51D56; C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe [241648 2011-04-20] (CyberLink)
S4 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6234056 2017-11-01] (Malwarebytes)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [119864 2016-11-14] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [361816 2016-11-14] (Microsoft Corporation)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2014-03-02] ()
S4 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
S4 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [4088608 2016-09-21] (Safer-Networking Ltd.) [File not signed]
S4 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [235984 2016-11-24] (Safer-Networking Ltd.) [File not signed]
S4 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
S4 VPNUnlimitedService; C:\Program Files (x86)\VPN Unlimited\vpn-unlimited-daemon.exe [285696 2017-11-24] (KeepSolid Inc.) [File not signed]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-26] (Microsoft Corporation)
R2 NvContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe" -s NvContainerLocalSystem -a -f "C:\ProgramData\NVIDIA\NvContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvContainer\plugins\LocalSystem" -r -p 30000
S3 NvContainerNetworkService; "C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe" -s NvContainerNetworkService -f "C:\ProgramData\NVIDIA\NvContainerNetworkService.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvContainer\plugins\NetworkService" -r -p 30000
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
 
===================== Drivers (Whitelisted) ======================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S3 AndnetBus; C:\Windows\System32\DRIVERS\lgandnetbus64.sys [29184 2015-05-12] (LG Electronics Inc.)
S3 AndNetDiag; C:\Windows\System32\DRIVERS\lgandnetdiag64.sys [30720 2015-05-12] (LG Electronics Inc.)
S3 ANDNetModem; C:\Windows\System32\DRIVERS\lgandnetmodem64.sys [37376 2015-05-12] (LG Electronics Inc.)
R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae64.sys [77432 2017-11-29] ()
R3 Linksys_adapter_H; C:\Windows\System32\DRIVERS\AE2500w764.sys [1254464 2011-03-28] (Broadcom Corporation)
R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [193968 2018-02-25] (Malwarebytes)
S3 MBAMFarflt; C:\Windows\System32\DRIVERS\farflt.sys [110016 2018-02-26] (Malwarebytes)
S3 MBAMProtection; C:\Windows\System32\DRIVERS\mbam.sys [46008 2018-02-26] (Malwarebytes)
R0 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [253880 2018-02-25] (Malwarebytes)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [295000 2016-08-25] (Microsoft Corporation)
R1 MpKsldfb53773; c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{7F3442BE-4B26-43F5-AC8B-9B8CB5E166F9}\MpKsldfb53773.sys [58120 2018-02-28] (Microsoft Corporation)
R3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [135928 2016-08-25] (Microsoft Corporation)
R2 NPF; C:\Program Files (x86)\hicloud\PCPlayer\npf64.sys [36600 2016-05-04] (Riverbed Technology, Inc.)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [29240 2017-03-16] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [47672 2017-03-16] (NVIDIA Corporation)
R3 nvvhci; C:\Windows\System32\DRIVERS\nvvhci.sys [59448 2017-03-16] (NVIDIA Corporation)
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2018-02-28 14:47 - 2018-02-28 14:48 - 000025649 _____ C:\Users\Tony\Desktop\FRST.txt
2018-02-28 14:46 - 2018-02-28 14:47 - 000000000 ____D C:\FRST
2018-02-28 14:46 - 2018-02-28 14:46 - 002403840 _____ (Farbar) C:\Users\Tony\Desktop\FRST64.exe
2018-02-28 11:59 - 2018-02-28 11:59 - 000000000 ____D C:\Users\Tony\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2018-02-26 15:26 - 2018-02-26 15:26 - 000110016 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt.sys
2018-02-25 20:43 - 2018-02-25 20:43 - 000193968 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamChameleon.sys
2018-02-25 20:42 - 2018-02-26 15:26 - 000046008 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2018-02-25 20:42 - 2018-02-25 20:42 - 067755792 _____ (Malwarebytes ) C:\Users\Tony\Desktop\mb3-setup-consumer-3.3.1.2183-1.0.262-1.0.4092.exe
2018-02-25 20:42 - 2018-02-25 20:42 - 000253880 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2018-02-25 20:42 - 2018-02-25 20:42 - 000001867 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2018-02-25 20:42 - 2018-02-25 20:42 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2018-02-25 20:42 - 2018-02-25 20:42 - 000000000 ____D C:\Program Files\Malwarebytes
2018-02-25 20:42 - 2017-11-29 09:11 - 000077432 _____ C:\Windows\system32\Drivers\mbae64.sys
2018-02-25 15:16 - 2018-02-25 15:16 - 000354987 _____ C:\Users\Tony\Desktop\i-129instr.pdf
2018-02-25 15:03 - 2018-02-25 15:03 - 001983279 _____ C:\Users\Tony\Desktop\i-129.pdf
2018-02-22 20:57 - 2018-02-26 16:26 - 000007602 _____ C:\Users\Tony\AppData\Local\Resmon.ResmonCfg
2018-02-22 15:30 - 2018-02-22 15:30 - 000075521 _____ C:\Users\Tony\Desktop\Inbox and Documents - Nelnet.pdf
2018-02-21 12:37 - 2018-02-21 12:37 - 002168540 _____ C:\Users\Tony\Desktop\2018 Sponsorship Deck_v6.pdf
2018-02-21 12:36 - 2018-02-21 12:36 - 002600051 _____ C:\Users\Tony\Desktop\Betty Williams Contagious Courage Press Kit.pdf
2018-02-21 12:36 - 2018-02-21 12:36 - 002415371 _____ C:\Users\Tony\Desktop\2018 Dream Team Sponsorship Deck v3.pdf
2018-02-21 12:36 - 2018-02-21 12:36 - 002415371 _____ C:\Users\Tony\Desktop\2018 Dream Team Sponsorship Deck v3 (1).pdf
2018-02-21 12:36 - 2018-02-21 12:36 - 000098448 _____ C:\Users\Tony\Desktop\Special Jury.pdf
2018-02-21 12:36 - 2018-02-21 12:36 - 000096580 _____ C:\Users\Tony\Desktop\Film Producer.pdf
2018-02-21 12:35 - 2018-02-21 12:35 - 002692635 _____ C:\Users\Tony\Desktop\Permanent file H. Peacejamleaseagreemt Arvada office.pdf
2018-02-21 12:35 - 2018-02-21 12:35 - 000667344 _____ C:\Users\Tony\Desktop\2018 Juror Package_ With Benefits.pdf
2018-02-21 12:35 - 2018-02-21 12:35 - 000299308 _____ C:\Users\Tony\Desktop\Permanent file C. PeaceJam Articles of incorporation.pdf
2018-02-21 12:35 - 2018-02-21 12:35 - 000091778 _____ C:\Users\Tony\Desktop\PeaceJam Bylaws Updated 2017.pdf
2018-02-21 12:31 - 2018-02-21 12:31 - 016935455 _____ C:\Users\Tony\Desktop\PeaceJam Sponsor Deck - 12.17.pptx
2018-02-21 12:31 - 2018-02-21 12:31 - 000991446 _____ C:\Users\Tony\Desktop\PeaceJam Sponsor Deck - 12.17.pdf
2018-02-21 12:30 - 2018-02-21 12:30 - 003542573 _____ C:\Users\Tony\Desktop\2018 Sponsorship Deck_v3.pdf
2018-02-21 12:30 - 2018-02-21 12:30 - 002953597 _____ C:\Users\Tony\Desktop\2018 Dream Team Sponsorship Deck_v3.pdf
2018-02-21 09:02 - 2018-02-10 12:52 - 000395928 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2018-02-21 09:02 - 2018-02-10 12:03 - 000347296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2018-02-21 09:02 - 2018-02-10 01:44 - 025740288 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2018-02-21 09:02 - 2018-02-10 00:30 - 002724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2018-02-21 09:02 - 2018-02-10 00:29 - 000004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2018-02-21 09:02 - 2018-02-10 00:19 - 002900480 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2018-02-21 09:02 - 2018-02-10 00:17 - 000417280 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2018-02-21 09:02 - 2018-02-10 00:17 - 000066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2018-02-21 09:02 - 2018-02-10 00:17 - 000048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2018-02-21 09:02 - 2018-02-10 00:16 - 000577536 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2018-02-21 09:02 - 2018-02-10 00:16 - 000088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2018-02-21 09:02 - 2018-02-10 00:10 - 000054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2018-02-21 09:02 - 2018-02-10 00:10 - 000034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2018-02-21 09:02 - 2018-02-10 00:09 - 005782016 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2018-02-21 09:02 - 2018-02-10 00:07 - 000615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2018-02-21 09:02 - 2018-02-10 00:06 - 000816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2018-02-21 09:02 - 2018-02-10 00:06 - 000814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2018-02-21 09:02 - 2018-02-10 00:06 - 000144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2018-02-21 09:02 - 2018-02-10 00:06 - 000116224 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2018-02-21 09:02 - 2018-02-10 00:01 - 000969216 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2018-02-21 09:02 - 2018-02-09 23:58 - 000489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2018-02-21 09:02 - 2018-02-09 23:52 - 000087552 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2018-02-21 09:02 - 2018-02-09 23:52 - 000077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2018-02-21 09:02 - 2018-02-09 23:51 - 000107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2018-02-21 09:02 - 2018-02-09 23:49 - 000199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2018-02-21 09:02 - 2018-02-09 23:48 - 000092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2018-02-21 09:02 - 2018-02-09 23:46 - 000315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2018-02-21 09:02 - 2018-02-09 23:45 - 000152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2018-02-21 09:02 - 2018-02-09 23:36 - 015283712 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2018-02-21 09:02 - 2018-02-09 23:36 - 000262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2018-02-21 09:02 - 2018-02-09 23:34 - 000807936 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2018-02-21 09:02 - 2018-02-09 23:34 - 000726528 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2018-02-21 09:02 - 2018-02-09 23:33 - 001359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2018-02-21 09:02 - 2018-02-09 23:32 - 002134528 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2018-02-21 09:02 - 2018-02-09 23:27 - 003241472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2018-02-21 09:02 - 2018-02-09 23:20 - 020274176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2018-02-21 09:02 - 2018-02-09 23:14 - 001546240 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2018-02-21 09:02 - 2018-02-09 23:08 - 002724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2018-02-21 09:02 - 2018-02-09 23:02 - 000800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2018-02-21 09:02 - 2018-02-09 22:57 - 000499712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2018-02-21 09:02 - 2018-02-09 22:57 - 000341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2018-02-21 09:02 - 2018-02-09 22:57 - 000062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2018-02-21 09:02 - 2018-02-09 22:57 - 000047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2018-02-21 09:02 - 2018-02-09 22:56 - 000064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2018-02-21 09:02 - 2018-02-09 22:54 - 002294272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2018-02-21 09:02 - 2018-02-09 22:52 - 000047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2018-02-21 09:02 - 2018-02-09 22:51 - 000030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2018-02-21 09:02 - 2018-02-09 22:50 - 000476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2018-02-21 09:02 - 2018-02-09 22:49 - 000662528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2018-02-21 09:02 - 2018-02-09 22:49 - 000620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2018-02-21 09:02 - 2018-02-09 22:49 - 000115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2018-02-21 09:02 - 2018-02-09 22:42 - 000416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2018-02-21 09:02 - 2018-02-09 22:39 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2018-02-21 09:02 - 2018-02-09 22:38 - 000091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2018-02-21 09:02 - 2018-02-09 22:38 - 000073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2018-02-21 09:02 - 2018-02-09 22:36 - 000168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2018-02-21 09:02 - 2018-02-09 22:35 - 004498944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2018-02-21 09:02 - 2018-02-09 22:35 - 000279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2018-02-21 09:02 - 2018-02-09 22:35 - 000076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2018-02-21 09:02 - 2018-02-09 22:34 - 000130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2018-02-21 09:02 - 2018-02-09 22:33 - 013680640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2018-02-21 09:02 - 2018-02-09 22:29 - 000230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2018-02-21 09:02 - 2018-02-09 22:27 - 002058752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2018-02-21 09:02 - 2018-02-09 22:27 - 000694784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2018-02-21 09:02 - 2018-02-09 22:26 - 001155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2018-02-21 09:02 - 2018-02-09 22:14 - 002767872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2018-02-21 09:02 - 2018-02-09 22:10 - 001314304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2018-02-21 09:02 - 2018-02-09 22:08 - 000710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2018-02-21 09:02 - 2018-01-12 09:46 - 000631680 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2018-02-21 09:02 - 2018-01-12 09:44 - 005581544 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2018-02-21 09:02 - 2018-01-12 09:44 - 001894120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2018-02-21 09:02 - 2018-01-12 09:44 - 000708328 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2018-02-21 09:02 - 2018-01-12 09:44 - 000377064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2018-02-21 09:02 - 2018-01-12 09:44 - 000371432 _____ (Microsoft Corporation) C:\Windows\system32\clfs.sys
2018-02-21 09:02 - 2018-01-12 09:44 - 000287976 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2018-02-21 09:02 - 2018-01-12 09:44 - 000262376 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll
2018-02-21 09:02 - 2018-01-12 09:44 - 000154856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2018-02-21 09:02 - 2018-01-12 09:44 - 000095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2018-02-21 09:02 - 2018-01-12 09:40 - 001460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2018-02-21 09:02 - 2018-01-12 09:40 - 001212928 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2018-02-21 09:02 - 2018-01-12 09:40 - 001163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2018-02-21 09:02 - 2018-01-12 09:40 - 000880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2018-02-21 09:02 - 2018-01-12 09:40 - 000731648 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2018-02-21 09:02 - 2018-01-12 09:40 - 000690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2018-02-21 09:02 - 2018-01-12 09:40 - 000503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2018-02-21 09:02 - 2018-01-12 09:40 - 000484864 _____ (Microsoft Corporation) C:\Windows\system32\StructuredQuery.dll
2018-02-21 09:02 - 2018-01-12 09:40 - 000463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2018-02-21 09:02 - 2018-01-12 09:40 - 000419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2018-02-21 09:02 - 2018-01-12 09:40 - 000361984 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2018-02-21 09:02 - 2018-01-12 09:40 - 000345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2018-02-21 09:02 - 2018-01-12 09:40 - 000316928 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2018-02-21 09:02 - 2018-01-12 09:40 - 000312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2018-02-21 09:02 - 2018-01-12 09:40 - 000243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2018-02-21 09:02 - 2018-01-12 09:40 - 000215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2018-02-21 09:02 - 2018-01-12 09:40 - 000210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2018-02-21 09:02 - 2018-01-12 09:40 - 000190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2018-02-21 09:02 - 2018-01-12 09:40 - 000146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2018-02-21 09:02 - 2018-01-12 09:40 - 000135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2018-02-21 09:02 - 2018-01-12 09:40 - 000123904 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
2018-02-21 09:02 - 2018-01-12 09:40 - 000086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2018-02-21 09:02 - 2018-01-12 09:40 - 000063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2018-02-21 09:02 - 2018-01-12 09:40 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2018-02-21 09:02 - 2018-01-12 09:40 - 000059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2018-02-21 09:02 - 2018-01-12 09:40 - 000050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2018-02-21 09:02 - 2018-01-12 09:40 - 000044032 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2018-02-21 09:02 - 2018-01-12 09:40 - 000043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2018-02-21 09:02 - 2018-01-12 09:40 - 000034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2018-02-21 09:02 - 2018-01-12 09:40 - 000028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2018-02-21 09:02 - 2018-01-12 09:40 - 000028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2018-02-21 09:02 - 2018-01-12 09:40 - 000022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2018-02-21 09:02 - 2018-01-12 09:40 - 000016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2018-02-21 09:02 - 2018-01-12 09:40 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2018-02-21 09:02 - 2018-01-12 09:40 - 000006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2018-02-21 09:02 - 2018-01-12 09:40 - 000006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2018-02-21 09:02 - 2018-01-12 09:40 - 000005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2018-02-21 09:02 - 2018-01-12 09:40 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2018-02-21 09:02 - 2018-01-12 09:40 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2018-02-21 09:02 - 2018-01-12 09:40 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2018-02-21 09:02 - 2018-01-12 09:40 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2018-02-21 09:02 - 2018-01-12 09:40 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2018-02-21 09:02 - 2018-01-12 09:40 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2018-02-21 09:02 - 2018-01-12 09:40 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2018-02-21 09:02 - 2018-01-12 09:40 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2018-02-21 09:02 - 2018-01-12 09:40 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2018-02-21 09:02 - 2018-01-12 09:40 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2018-02-21 09:02 - 2018-01-12 09:40 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2018-02-21 09:02 - 2018-01-12 09:40 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2018-02-21 09:02 - 2018-01-12 09:40 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2018-02-21 09:02 - 2018-01-12 09:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2018-02-21 09:02 - 2018-01-12 09:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2018-02-21 09:02 - 2018-01-12 09:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2018-02-21 09:02 - 2018-01-12 09:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2018-02-21 09:02 - 2018-01-12 09:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2018-02-21 09:02 - 2018-01-12 09:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2018-02-21 09:02 - 2018-01-12 09:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2018-02-21 09:02 - 2018-01-12 09:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2018-02-21 09:02 - 2018-01-12 09:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2018-02-21 09:02 - 2018-01-12 09:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2018-02-21 09:02 - 2018-01-12 09:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2018-02-21 09:02 - 2018-01-12 09:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2018-02-21 09:02 - 2018-01-12 09:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2018-02-21 09:02 - 2018-01-12 09:33 - 001665384 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2018-02-21 09:02 - 2018-01-12 09:29 - 004014312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2018-02-21 09:02 - 2018-01-12 09:29 - 003959016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2018-02-21 09:02 - 2018-01-12 09:27 - 004834816 _____ (Microsoft Corporation) C:\Windows\system32\xpsrchvw.exe
2018-02-21 09:02 - 2018-01-12 09:27 - 001314112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2018-02-21 09:02 - 2018-01-12 09:26 - 001114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2018-02-21 09:02 - 2018-01-12 09:26 - 000690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2018-02-21 09:02 - 2018-01-12 09:26 - 000666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2018-02-21 09:02 - 2018-01-12 09:26 - 000644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2018-02-21 09:02 - 2018-01-12 09:26 - 000554496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2018-02-21 09:02 - 2018-01-12 09:26 - 000363520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\StructuredQuery.dll
2018-02-21 09:02 - 2018-01-12 09:26 - 000342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2018-02-21 09:02 - 2018-01-12 09:26 - 000275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2018-02-21 09:02 - 2018-01-12 09:26 - 000261120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2018-02-21 09:02 - 2018-01-12 09:26 - 000254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2018-02-21 09:02 - 2018-01-12 09:26 - 000223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2018-02-21 09:02 - 2018-01-12 09:26 - 000172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2018-02-21 09:02 - 2018-01-12 09:26 - 000146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2018-02-21 09:02 - 2018-01-12 09:26 - 000141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2018-02-21 09:02 - 2018-01-12 09:26 - 000096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2018-02-21 09:02 - 2018-01-12 09:26 - 000082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcrypt.dll
2018-02-21 09:02 - 2018-01-12 09:26 - 000065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2018-02-21 09:02 - 2018-01-12 09:26 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2018-02-21 09:02 - 2018-01-12 09:26 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2018-02-21 09:02 - 2018-01-12 09:26 - 000043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2018-02-21 09:02 - 2018-01-12 09:26 - 000022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2018-02-21 09:02 - 2018-01-12 09:26 - 000017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2018-02-21 09:02 - 2018-01-12 09:26 - 000006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2018-02-21 09:02 - 2018-01-12 09:26 - 000005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2018-02-21 09:02 - 2018-01-12 09:26 - 000005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2018-02-21 09:02 - 2018-01-12 09:26 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2018-02-21 09:02 - 2018-01-12 09:26 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2018-02-21 09:02 - 2018-01-12 09:26 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2018-02-21 09:02 - 2018-01-12 09:26 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2018-02-21 09:02 - 2018-01-12 09:26 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2018-02-21 09:02 - 2018-01-12 09:26 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2018-02-21 09:02 - 2018-01-12 09:26 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2018-02-21 09:02 - 2018-01-12 09:26 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2018-02-21 09:02 - 2018-01-12 09:26 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2018-02-21 09:02 - 2018-01-12 09:26 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2018-02-21 09:02 - 2018-01-12 09:26 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2018-02-21 09:02 - 2018-01-12 09:26 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2018-02-21 09:02 - 2018-01-12 09:26 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2018-02-21 09:02 - 2018-01-12 09:26 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2018-02-21 09:02 - 2018-01-12 09:26 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2018-02-21 09:02 - 2018-01-12 09:26 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2018-02-21 09:02 - 2018-01-12 09:26 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2018-02-21 09:02 - 2018-01-12 09:26 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2018-02-21 09:02 - 2018-01-12 09:26 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2018-02-21 09:02 - 2018-01-12 09:26 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2018-02-21 09:02 - 2018-01-12 09:26 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2018-02-21 09:02 - 2018-01-12 09:26 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2018-02-21 09:02 - 2018-01-12 09:26 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2018-02-21 09:02 - 2018-01-12 09:16 - 003405824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xpsrchvw.exe
2018-02-21 09:02 - 2018-01-12 09:16 - 000076288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys
2018-02-21 09:02 - 2018-01-12 09:16 - 000030208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidusb.sys
2018-02-21 09:02 - 2018-01-12 09:15 - 000032896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys
2018-02-21 09:02 - 2018-01-12 09:11 - 000148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2018-02-21 09:02 - 2018-01-12 09:11 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2018-02-21 09:02 - 2018-01-12 09:11 - 000017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2018-02-21 09:02 - 2018-01-12 09:10 - 000064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2018-02-21 09:02 - 2018-01-12 09:07 - 000338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2018-02-21 09:02 - 2018-01-12 09:06 - 000296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2018-02-21 09:02 - 2018-01-12 09:03 - 000159744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2018-02-21 09:02 - 2018-01-12 09:02 - 000291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2018-02-21 09:02 - 2018-01-12 09:02 - 000129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2018-02-21 09:02 - 2018-01-12 09:02 - 000050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2018-02-21 09:02 - 2018-01-12 09:01 - 000112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2018-02-21 09:02 - 2018-01-12 09:01 - 000030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2018-02-21 09:02 - 2018-01-12 08:57 - 000036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2018-02-21 09:02 - 2018-01-12 08:57 - 000025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2018-02-21 09:02 - 2018-01-12 08:57 - 000014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2018-02-21 09:02 - 2018-01-12 08:57 - 000007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2018-02-21 09:02 - 2018-01-12 08:57 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2018-02-21 09:02 - 2018-01-12 08:56 - 000006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2018-02-21 09:02 - 2018-01-12 08:56 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2018-02-21 09:02 - 2018-01-12 08:56 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2018-02-21 09:02 - 2018-01-12 08:56 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2018-02-21 09:02 - 2018-01-11 09:41 - 001133568 _____ (Microsoft Corporation) C:\Windows\system32\cdosys.dll
2018-02-21 09:02 - 2018-01-11 09:22 - 000805376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cdosys.dll
2018-02-21 09:02 - 2018-01-11 09:09 - 003224064 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2018-02-21 09:02 - 2018-01-05 09:31 - 000151552 _____ (Microsoft Corporation) C:\Windows\system32\t2embed.dll
2018-02-21 09:02 - 2018-01-05 09:31 - 000041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2018-02-21 09:02 - 2018-01-05 09:30 - 000100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2018-02-21 09:02 - 2018-01-05 09:30 - 000046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2018-02-21 09:02 - 2018-01-05 09:30 - 000014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2018-02-21 09:02 - 2018-01-05 09:25 - 000383720 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2018-02-21 09:02 - 2018-01-05 09:14 - 000309480 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2018-02-21 09:02 - 2018-01-05 09:11 - 000111104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\t2embed.dll
2018-02-21 09:02 - 2018-01-05 09:11 - 000071168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2018-02-21 09:02 - 2018-01-05 09:11 - 000025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2018-02-21 09:02 - 2018-01-05 09:11 - 000010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2018-02-21 09:02 - 2018-01-05 08:50 - 000034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2018-02-21 08:49 - 2018-01-21 16:50 - 000136424 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2018-02-21 08:49 - 2018-01-21 16:40 - 000654336 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2018-02-21 08:49 - 2018-01-19 07:05 - 001994752 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2018-02-21 08:49 - 2018-01-19 07:05 - 001569280 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2018-02-21 08:49 - 2018-01-19 07:05 - 000749568 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2018-02-21 08:49 - 2018-01-19 07:05 - 000604672 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2018-02-21 08:49 - 2018-01-19 07:05 - 000450048 _____ (Microsoft Corporation) C:\Windows\system32\centel.dll
2018-02-21 08:49 - 2018-01-19 07:05 - 000378880 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2018-02-21 08:49 - 2018-01-19 07:05 - 000262144 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2018-02-21 08:49 - 2018-01-19 07:05 - 000236544 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2018-02-20 23:34 - 2018-02-20 23:34 - 004234749 _____ C:\Users\Tony\Desktop\Eval Reporting Conf PJ 2017.pdf
2018-02-20 15:20 - 2018-02-20 15:20 - 000908729 _____ C:\Users\Tony\Desktop\PJ GREECE CONFERENCE - Announcement Flyer.pdf
2018-02-20 14:49 - 2018-02-20 14:49 - 005124088 _____ C:\Users\Tony\Desktop\BrightVibes - This elementary school replaced detention.mp4
2018-02-20 14:45 - 2018-02-20 14:46 - 016010543 _____ C:\Users\Tony\Desktop\FOX8 - Norway has a brilliant way to get people to recycle.mp4
2018-02-20 14:37 - 2018-02-20 14:37 - 000080079 _____ C:\Users\Tony\Desktop\Service Project Template 2018.pdf
2018-02-20 13:03 - 2018-02-20 13:03 - 000182971 _____ C:\Users\Tony\Desktop\Belgium Slam Flyer 2018 DUTCH.pdf
2018-02-19 14:05 - 2018-02-19 14:05 - 000182945 _____ C:\Users\Tony\Desktop\Belgium Slam Flyer 2018 FRENCH.pdf
2018-02-15 07:56 - 2018-02-15 07:56 - 000775248 _____ C:\Users\Tony\Desktop\Belgium Slam Flyer 2018.pdf
2018-02-07 00:05 - 2018-02-07 00:05 - 000002210 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth Pro.lnk
2018-02-01 11:20 - 2018-02-01 11:20 - 000000000 ____D C:\Users\Tony\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2018-02-28 14:45 - 2015-11-01 12:59 - 000000000 ____D C:\Users\Tony\Desktop\Cleaning
2018-02-28 14:05 - 2016-11-05 09:47 - 000000914 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1102455636-970572162-2684302250-1001UA1d2378447b6aa01.job
2018-02-28 14:03 - 2012-04-17 10:11 - 000000000 ____D C:\Users\Tony\AppData\Local\VirtualStore
2018-02-28 12:25 - 2012-04-11 18:44 - 000000000 ____D C:\ProgramData\NVIDIA
2018-02-28 12:00 - 2012-04-26 13:01 - 000000000 ____D C:\Users\Tony\AppData\Roaming\Dropbox
2018-02-28 10:04 - 2009-07-13 21:45 - 000021888 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2018-02-28 10:04 - 2009-07-13 21:45 - 000021888 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2018-02-28 10:03 - 2012-05-06 16:19 - 000000000 ___RD C:\Users\Tony\Google Drive
2018-02-28 09:56 - 2009-07-13 22:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2018-02-27 08:54 - 2012-04-26 12:15 - 000002411 _____ C:\Users\Tony\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-02-26 20:09 - 2015-10-30 19:38 - 000000000 ____D C:\Users\Tony\AppData\Local\Battle.net
2018-02-26 19:40 - 2015-10-30 19:49 - 000000000 ____D C:\Program Files (x86)\StarCraft II
2018-02-26 19:39 - 2015-10-30 19:32 - 000000000 ____D C:\Program Files (x86)\Battle.net
2018-02-26 19:05 - 2016-11-05 09:47 - 000000862 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1102455636-970572162-2684302250-1001Core1d237844736f0d3.job
2018-02-26 16:28 - 2013-09-03 10:08 - 000000000 ____D C:\Users\Tony\AppData\Roaming\Spotify
2018-02-26 16:28 - 2013-09-03 10:08 - 000000000 ____D C:\Users\Tony\AppData\Local\Spotify
2018-02-26 16:21 - 2017-11-04 00:45 - 000000000 ____D C:\Users\Tony\AppData\Roaming\vlc
2018-02-26 16:16 - 2017-08-06 08:44 - 000000000 ____D C:\Windows\pss
2018-02-25 20:42 - 2014-12-30 17:38 - 000000000 ____D C:\ProgramData\Malwarebytes
2018-02-25 20:41 - 2014-12-30 17:33 - 000000000 ____D C:\AdwCleaner
2018-02-25 12:57 - 2016-08-22 21:37 - 000000000 ___RD C:\Users\Tony\Dropbox (Peace Jam)
2018-02-24 11:31 - 2017-02-03 20:35 - 000002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2018-02-23 19:07 - 2014-07-18 19:23 - 000000000 ____D C:\Users\Tony\AppData\Roaming\KeePass
2018-02-22 20:38 - 2012-04-26 12:01 - 000110584 _____ C:\Users\Tony\AppData\Local\GDIPFONTCACHEV1.DAT
2018-02-22 20:36 - 2009-07-13 21:45 - 004968272 _____ C:\Windows\system32\FNTCACHE.DAT
2018-02-22 20:02 - 2013-09-24 06:38 - 000000000 ____D C:\Windows\Minidump
2018-02-22 18:08 - 2012-04-26 13:03 - 000000000 ___RD C:\Users\Tony\Dropbox (Personal)
2018-02-22 10:42 - 2009-07-13 22:13 - 000006466 _____ C:\Windows\system32\PerfStringBackup.INI
2018-02-21 17:35 - 2015-06-23 09:23 - 000000000 ____D C:\Windows\system32\appraiser
2018-02-21 09:13 - 2013-07-26 11:15 - 000000000 ____D C:\Windows\system32\MRT
2018-02-21 09:08 - 2017-10-11 18:03 - 130067560 ____C (Microsoft Corporation) C:\Windows\system32\MRT-KB890830.exe
2018-02-21 09:08 - 2012-04-26 12:19 - 130067560 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2018-02-15 15:00 - 2016-02-12 00:24 - 000000000 ____D C:\Users\Tony\Desktop\Penpa  Files
2018-02-15 14:40 - 2014-12-29 08:15 - 000004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2018-02-13 09:24 - 2018-01-24 15:37 - 000000161 _____ C:\Users\Tony\BullseyeCoverageError.txt
2018-02-10 20:07 - 2017-10-16 06:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Backup and Sync from Google
2018-02-07 00:05 - 2012-05-06 15:31 - 000000000 ____D C:\Program Files (x86)\Google
 
==================== Files in the root of some directories =======
 
2017-11-10 19:15 - 2017-11-10 19:15 - 000000132 _____ () C:\Users\Tony\AppData\Roaming\Adobe AIFF Format CS5 Prefs
2012-06-27 10:42 - 2012-06-27 10:42 - 000000132 _____ () C:\Users\Tony\AppData\Roaming\Adobe GIF Format CS5 Prefs
2017-01-04 14:22 - 2017-11-28 18:10 - 000000132 _____ () C:\Users\Tony\AppData\Roaming\Adobe PNG Format CS5 Prefs
2012-05-06 13:46 - 2012-05-06 13:48 - 000001456 _____ () C:\Users\Tony\AppData\Local\Adobe Save for Web 12.0 Prefs
2018-02-22 20:57 - 2018-02-26 16:26 - 000007602 _____ () C:\Users\Tony\AppData\Local\Resmon.ResmonCfg
2013-06-06 00:04 - 2013-06-06 00:04 - 000022105 _____ () C:\Users\Tony\AppData\Local\soulseek-client.dat.1370502285295
 
==================== Bamital & volsnap ======================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
 
LastRegBack: 2016-01-09 13:43
 
==================== End of FRST.txt ============================
 
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 28.02.2018
Ran by Tony (28-02-2018 14:49:07)
Running from C:\Users\Tony\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2012-04-17 17:11:01)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-1102455636-970572162-2684302250-500 - Administrator - Disabled)
Guest (S-1-5-21-1102455636-970572162-2684302250-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1102455636-970572162-2684302250-1004 - Limited - Enabled)
Tony (S-1-5-21-1102455636-970572162-2684302250-1001 - Administrator - Enabled) => C:\Users\Tony
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Microsoft Security Essentials (Enabled - Up to date) {71A27EC9-3DA6-45FC-60A7-004F623C6189}
AS: Spybot - Search and Destroy (Disabled - Up to date) {A16C3F68-9280-E053-1818-342707FECF4D}
AS: Microsoft Security Essentials (Enabled - Up to date) {CAC39F2D-1B9C-4A72-5A17-3B3D19BB2B34}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
µTorrent (HKU\S-1-5-21-1102455636-970572162-2684302250-1001\...\uTorrent) (Version: 3.5.0.44294 - BitTorrent Inc.)
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 18.011.20038 - Adobe Systems Incorporated)
Adobe Acrobat X Pro - English, Français, Deutsch (HKLM-x32\...\{AC76BA86-1033-F400-7760-000000000005}) (Version: 10.1.16 - Adobe Systems)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 2.5.1.17730 - Adobe Systems Inc.)
Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.4.980 - Adobe Systems Incorporated.)
Adobe Content Viewer (HKLM-x32\...\com.adobe.dmp.contentviewer) (Version: 1.4.0 - Adobe Systems Incorporated)
Adobe Creative Suite 5.5 Master Collection (HKLM-x32\...\{D57FC112-312E-4D70-860F-2DB8FB6858F0}) (Version: 5.5 - Adobe Systems Incorporated)
Adobe Flash Player 18 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 18.0.0.232 - Adobe Systems Incorporated)
Adobe Flash Player 25 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 25.0.0.171 - Adobe Systems Incorporated)
Adobe Story (HKLM-x32\...\com.adobe.AdobeStory.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.0.571 - Adobe Systems Incorporated)
Adobe Widget Browser (HKLM-x32\...\com.adobe.WidgetBrowser.E7BED6E5DDA59983786DD72EBFA46B1598278E07.1) (Version: 2.0 Build 230 - Adobe Systems Incorporated.)
Asmedia ASM104x USB 3.0 Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.12.5.0 - Asmedia Technology)
Backup and Sync from Google (HKLM-x32\...\{AC62F3F2-61A2-4357-93EC-C308E3FEDF4E}) (Version: 3.39.8370.7843 - Google, Inc.)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
BitTorrent Sync (HKLM-x32\...\BitTorrent Sync) (Version: 1.4.75 - )
BovadaPoker (HKLM-x32\...\{D7CA2DF8-95CE-4C80-9296-98E21219A1E5}}_is1) (Version:   - )
ComicRack v0.9.176 (HKLM\...\ComicRack) (Version: v0.9.176 - cYo Soft)
ConvertHelper 2.2 (HKLM-x32\...\{27CC6AB1-E72B-4179-AF1A-EAE507EBAF51}_is1) (Version:  - DownloadHelper)
Dropbox (HKU\S-1-5-21-1102455636-970572162-2684302250-1001\...\Dropbox) (Version: 44.4.58 - Dropbox, Inc.)
Dual-Core Optimizer (HKLM-x32\...\{9FD6F1A8-5550-46AF-8509-271DF0E768B5}) (Version: 1.1.4.0169 - AMD)
Electric Sheep 2.7b34 (HKLM-x32\...\Electric Sheep) (Version: 2.7b34 - Electricsheep)
Ezviz Studio (HKLM-x32\...\{49DF99D3-BC81-439A-8F40-A0529159024C}_is1) (Version:  - EZVIZ Inc.)
Google Chrome (HKU\S-1-5-21-1102455636-970572162-2684302250-1001\...\Google Chrome) (Version: 64.0.3282.186 - Google Inc.)
Google Earth Pro (HKLM-x32\...\{FA1BBF34-E994-4310-95D7-BE93092B8E61}) (Version: 7.3.1.4507 - Google)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.7 - Google Inc.) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
iSEEK AnswerWorks English Runtime (HKLM-x32\...\{18A8E78B-9EF2-496E-B310-BCD8E4C1DAB3}) (Version: 010.000.0101 - Vantage Linguistics)
Jawbone Updater (HKLM-x32\...\Jawbone Updater) (Version: 0.1 - Jawbone)
join.me (HKU\S-1-5-21-1102455636-970572162-2684302250-1001\...\JoinMe) (Version: 3.4.0.5369 - LogMeIn, Inc.)
Junk Mail filter update (HKLM-x32\...\{8E5233E1-7495-44FB-8DEB-4BE906D59619}) (Version: 14.0.8117.416 - Microsoft Corporation) Hidden
KeePass Password Safe 2.30 (HKLM-x32\...\KeePassPasswordSafe2_is1) (Version: 2.30 - Dominik Reichl)
LG CyberLink BD Advisor (HKLM-x32\...\{2D2D8FE2-605C-4D3C-B706-36E981E7EEF0}) (Version: 2.0.4606 - CyberLink Corp.)
LG CyberLink Media Suite (HKLM-x32\...\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 8.0.2820 - CyberLink Corp.) Hidden
LG CyberLink Media Suite (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 8.0.2820 - CyberLink Corp.)
LG CyberLink PowerDVD (HKLM-x32\...\{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.3424.52 - CyberLink Corp.) Hidden
LG CyberLink PowerDVD (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.3424.52 - CyberLink Corp.)
LG Mobile Drivers (HKLM-x32\...\{D8D0327A-72B4-4C79-9883-1B6B6C20ED2B}) (Version: 4.0.3 - LG Electronics)
Malwarebytes version 3.3.1.2183 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.3.1.2183 - Malwarebytes)
Microsoft .NET Framework 4.7.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.02558 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Mouse and Keyboard Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.5.166.0 - Microsoft Corporation)
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.10.209.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Sync Framework Runtime Native v1.0 (x86) (HKLM-x32\...\{8A74E887-8F0F-4017-AF53-CBA42211AAA5}) (Version: 1.0.1215.0 - Microsoft Corporation)
Microsoft Sync Framework Services Native v1.0 (x86) (HKLM-x32\...\{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}) (Version: 1.0.1215.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Mozilla Firefox 32.0.1 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 32.0.1 (x86 en-US)) (Version: 32.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 30.0 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
NVIDIA 3D Vision Controller Driver 369.04 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 369.04 - NVIDIA Corporation)
NVIDIA 3D Vision Driver 388.13 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 388.13 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.4.0.70 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.4.0.70 - NVIDIA Corporation)
NVIDIA Graphics Driver 388.13 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 388.13 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.35.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.35.1 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation)
NvNodejs (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvNodejs) (Version: 3.4.0.70 - NVIDIA Corporation) Hidden
NvTelemetry (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvTelemetry) (Version: 2.3.16.0 - NVIDIA Corporation) Hidden
NvvHci (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvvHci) (Version: 2.02.0.5 - NVIDIA Corporation) Hidden
PCPlayer (HKLM-x32\...\{B54CE443-35EF-4776-A0CD-6D961B983097}_is1) (Version: 3.18.11.0 - EZVIZ Inc.)
PDF Settings CS5 (HKLM-x32\...\{A78FE97A-C0C8-49CE-89D0-EDD524A17392}) (Version: 10.0 - Adobe Systems Incorporated) Hidden
Private Internet Access Support Files (HKLM-x32\...\{7D72DAFF-DCB2-437B-BC22-4B2ABF21462B}) (Version: 1.0.0.0 - Private Internet Access)
PxMergeModule (HKLM-x32\...\{024521CF-C07E-4F8E-8481-0D75695E03AF}) (Version: 1.00.0000 - Your Company Name) Hidden
Quicken 2014 (HKLM-x32\...\{0877F595-254F-45F4-991D-3F72E86B17CE}) (Version: 23.1.10.9 - Intuit)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.45.516.2011 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6402 - Realtek Semiconductor Corp.)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
SHIELD Streaming (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv) (Version: 7.1.0351 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShieldWirelessController) (Version: 3.4.0.70 - NVIDIA Corporation) Hidden
Skype™ 7.3 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.3.101 - Skype Technologies S.A.)
SoulseekQt (HKLM-x32\...\SoulseekQt) (Version:  - )
Spotify (HKU\S-1-5-21-1102455636-970572162-2684302250-1001\...\Spotify) (Version: 1.0.65.320.gac7a8e02 - Spotify AB)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.)
StarCraft (HKLM-x32\...\StarCraft) (Version:  - Blizzard Entertainment)
StarCraft II (HKLM-x32\...\StarCraft II) (Version:  - Blizzard Entertainment)
Steam (HKLM-x32\...\Steam) (Version:  - Valve Corporation)
TAP-Windows 9.9.2 (HKLM\...\TAP-Windows) (Version: 9.9.2 - )
TweakNow RegCleaner (HKLM-x32\...\TweakNow RegCleaner_is1) (Version: 7.3.6 - TweakNow.com)
update_server (HKLM-x32\...\{1D08522D-308D-4615-AEA9-44021FD7445A}_is1) (Version:  - )
Uplay (HKLM-x32\...\Uplay) (Version: 2.0 - Ubisoft)
VirtualCloneDrive (HKLM-x32\...\VirtualCloneDrive) (Version:  - Elaborate Bytes)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.6 - VideoLAN)
VPN Unlimited 4.16 (HKLM-x32\...\{DC24521E-872B-41AF-93EA-FE477902D6FB}_is1) (Version: 4.16 - KeepSolid Inc.)
Vulkan Run Time Libraries 1.0.61.0 (HKLM\...\VulkanRT1.0.61.0) (Version: 1.0.61.0 - LunarG, Inc.) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite_Wave3) (Version: 14.0.8117.0416 - Microsoft Corporation)
Windows Live ID Sign-in Assistant (HKLM\...\{9B48B0AC-C813-4174-9042-476A887592C7}) (Version: 6.500.3165.0 - Microsoft Corporation)
Windows Live Sync (HKLM-x32\...\{B10914FD-8812-47A4-85A1-50FCDE7F1F33}) (Version: 14.0.8117.416 - Microsoft Corporation)
Windows Live Upload Tool (HKLM-x32\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
YouTubeByClick (HKLM-x32\...\{AB74E85A-DDDE-4DE5-BB0B-8954FACB6D2E}) (Version: 2.2.48 - YouTubeByClick.com)
 
==================== Custom CLSID (Whitelisted): ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
HKU\S-1-5-21-1102455636-970572162-2684302250-1001\...\ChromeHTML: -> C:\Users\Tony\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1102455636-970572162-2684302250-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Tony\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1102455636-970572162-2684302250-1001_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\Tony\AppData\Local\Google\Update\1.3.25.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1102455636-970572162-2684302250-1001_Classes\CLSID\{1423F872-3F7F-4E57-B621-8B1A9D49B448}\InprocServer32 -> C:\Users\Tony\AppData\Local\Google\Update\1.3.27.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1102455636-970572162-2684302250-1001_Classes\CLSID\{144DF3B2-2402-47AE-9583-5A045929A8D4}\InprocServer32 -> C:\Users\Tony\AppData\Local\Google\Update\1.3.33.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1102455636-970572162-2684302250-1001_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\Tony\AppData\Local\Google\Update\1.3.23.9\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1102455636-970572162-2684302250-1001_Classes\CLSID\{38216570-5DB1-45F8-A344-B0C4E252B14B}\InprocServer32 -> C:\Users\Tony\AppData\Local\Google\Update\1.3.26.7\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1102455636-970572162-2684302250-1001_Classes\CLSID\{590C4387-5EBD-4D46-8A84-CD0BA2EF2856}\InprocServer32 -> C:\Users\Tony\AppData\Local\Google\Update\1.3.30.3\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1102455636-970572162-2684302250-1001_Classes\CLSID\{59B55F04-DE14-4BB8-92FF-C4A22EF2E5F4}\InprocServer32 -> C:\Users\Tony\AppData\Local\Google\Update\1.3.31.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1102455636-970572162-2684302250-1001_Classes\CLSID\{5C8C2A98-6133-4EBA-BBCC-34D9EA01FC2E}\InprocServer32 -> C:\Users\Tony\AppData\Local\Google\Update\1.3.28.1\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1102455636-970572162-2684302250-1001_Classes\CLSID\{78550997-5DEF-4A8A-BAF9-D5774E87AC98}\InprocServer32 -> C:\Users\Tony\AppData\Local\Google\Update\1.3.28.13\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1102455636-970572162-2684302250-1001_Classes\CLSID\{793EE463-1304-471C-ADF1-68C2FFB01247}\InprocServer32 -> C:\Users\Tony\AppData\Local\Google\Update\1.3.29.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1102455636-970572162-2684302250-1001_Classes\CLSID\{8C46158B-D978-483C-A312-16EE5013BE04}\InprocServer32 -> C:\Users\Tony\AppData\Local\Google\Update\1.3.33.3\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1102455636-970572162-2684302250-1001_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\Tony\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1102455636-970572162-2684302250-1001_Classes\CLSID\{91A41FCC-BC02-42D8-A36E-0D27FF9BFFC8}\InprocServer32 -> C:\Users\Tony\AppData\Local\Google\Update\1.3.33.7\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1102455636-970572162-2684302250-1001_Classes\CLSID\{CB492AF1-2CEF-4E58-BE47-471C77D0C8BA}\InprocServer32 -> C:\Users\Tony\AppData\Local\Google\Update\1.3.32.8\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1102455636-970572162-2684302250-1001_Classes\CLSID\{CC182BE1-84CE-4A57-B85C-FD4BBDF78CB2}\InprocServer32 -> C:\Users\Tony\AppData\Local\Google\Update\1.3.29.1\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1102455636-970572162-2684302250-1001_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\Tony\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1102455636-970572162-2684302250-1001_Classes\CLSID\{D1EDC4F5-7F4D-4B12-906A-614ECF66DDAF}\InprocServer32 -> C:\Users\Tony\AppData\Local\Google\Update\1.3.28.15\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1102455636-970572162-2684302250-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Tony\AppData\Local\Google\Update\1.3.33.7\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1102455636-970572162-2684302250-1001_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Tony\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1102455636-970572162-2684302250-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Tony\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1102455636-970572162-2684302250-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Tony\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1102455636-970572162-2684302250-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Tony\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1102455636-970572162-2684302250-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Tony\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1102455636-970572162-2684302250-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Tony\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1102455636-970572162-2684302250-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Tony\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1102455636-970572162-2684302250-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Tony\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1102455636-970572162-2684302250-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Tony\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1102455636-970572162-2684302250-1001_Classes\CLSID\{FB314EE1-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Tony\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1102455636-970572162-2684302250-1001_Classes\CLSID\{FB314EE2-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Tony\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1102455636-970572162-2684302250-1001_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\Tony\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1102455636-970572162-2684302250-1001_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\Tony\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll => No File
ShellIconOverlayIdentifiers: [  GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2018-01-29] (Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2018-01-29] (Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2018-01-29] (Google)
ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Tony\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2018-02-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Tony\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2018-02-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Tony\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2018-02-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Tony\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2018-02-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Tony\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2018-02-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Tony\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2018-02-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Tony\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2018-02-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Tony\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2018-02-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [GDriveSharedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Tony\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2018-02-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Tony\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2018-02-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Tony\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2018-02-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Tony\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2018-02-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Tony\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2018-02-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Tony\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2018-02-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Tony\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2018-02-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Tony\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2018-02-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Tony\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2018-02-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Tony\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2018-02-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Tony\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2018-02-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Tony\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2018-02-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Tony\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2018-02-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Tony\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2018-02-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Tony\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2018-02-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Tony\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2018-02-26] (Dropbox, Inc.)
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {D25B2CAB-8A9A-4517-A9B2-CB5F68A5A802} => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\..\Acrobat Elements\ContextMenu64.dll [2015-09-24] (Adobe Systems Inc.)
ContextMenuHandlers1: [BTSync] -> {581FFA63-FC33-4622-A77B-95003A5CDE89} => C:\Users\Tony\AppData\Roaming\BitTorrent Sync\SyncShellContextMenu.dll [2014-09-14] ()
ContextMenuHandlers1: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => c:\Program Files\Microsoft Security Client\shellext.dll [2016-11-14] (Microsoft Corporation)
ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files (x86)\Google\Drive\contextmenu64.dll [2018-01-29] (Google)
ContextMenuHandlers1: [SDECon32] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2014-06-24] (Safer-Networking Ltd.)
ContextMenuHandlers1: [SDECon64] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2014-06-24] (Safer-Networking Ltd.)
ContextMenuHandlers1: [VirtualCloneDrive] -> {B7056B8E-4F99-44f8-8CBD-282390FE5428} => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\ElbyVCDShell.dll [2009-12-14] (Elaborate Bytes AG)
ContextMenuHandlers2: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => c:\Program Files\Microsoft Security Client\shellext.dll [2016-11-14] (Microsoft Corporation)
ContextMenuHandlers2: [VirtualCloneDrive] -> {B7056B8E-4F99-44f8-8CBD-282390FE5428} => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\ElbyVCDShell.dll [2009-12-14] (Elaborate Bytes AG)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-11-01] (Malwarebytes)
ContextMenuHandlers4: [BTSync] -> {581FFA63-FC33-4622-A77B-95003A5CDE89} => C:\Users\Tony\AppData\Roaming\BitTorrent Sync\SyncShellContextMenu.dll [2014-09-14] ()
ContextMenuHandlers4: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => c:\Program Files\Microsoft Security Client\shellext.dll [2016-11-14] (Microsoft Corporation)
ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files (x86)\Google\Drive\contextmenu64.dll [2018-01-29] (Google)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2017-10-27] (NVIDIA Corporation)
ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {D25B2CAB-8A9A-4517-A9B2-CB5F68A5A802} => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\..\Acrobat Elements\ContextMenu64.dll [2015-09-24] (Adobe Systems Inc.)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-11-01] (Malwarebytes)
ContextMenuHandlers6: [SDECon32] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2014-06-24] (Safer-Networking Ltd.)
ContextMenuHandlers6: [SDECon64] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2014-06-24] (Safer-Networking Ltd.)
ContextMenuHandlers1_S-1-5-21-1102455636-970572162-2684302250-1001: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Users\Tony\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2018-02-26] (Dropbox, Inc.)
ContextMenuHandlers4_S-1-5-21-1102455636-970572162-2684302250-1001: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Users\Tony\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2018-02-26] (Dropbox, Inc.)
ContextMenuHandlers5_S-1-5-21-1102455636-970572162-2684302250-1001: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Users\Tony\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2018-02-26] (Dropbox, Inc.)
FolderExtensions: [] -> {F6BF8414-962C-40FE-90F1-B80A7E72DB9A} => 
 
==================== Scheduled Tasks (Whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {0673DDF5-2E03-466F-ADB2-5080982C2DAE} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1102455636-970572162-2684302250-1001UA1d2378447b6aa01 => C:\Users\Tony\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2016-11-05] (Dropbox, Inc.)
Task: {15D7AD47-8CFE-4226-8EE9-6A8084B5F69C} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-03-16] (NVIDIA Corporation)
Task: {19F8A4AD-B9BB-4E74-909A-0F5D604E6B8D} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-03-16] (NVIDIA Corporation)
Task: {28EA23E1-44D0-4B09-A828-4C2A38A4B003} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-08-02] (Google Inc.)
Task: {2F57269B-1E09-4E2D-AB1E-B0FDAC7D279C} - \Microsoft\Windows\WindowsBackup\ConfigNotification -> No File <==== ATTENTION
Task: {2FADFAB9-F988-4874-813E-758EF9D54DAD} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1102455636-970572162-2684302250-1001Core1d237844736f0d3 => C:\Users\Tony\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2016-11-05] (Dropbox, Inc.)
Task: {3690DB9B-BF80-4122-B7A6-6DA6CF55B50B} - \Microsoft\Windows\Windows Activation Technologies\ValidationTask -> No File <==== ATTENTION
Task: {383E93A7-1432-4B80-9E36-58EC16361023} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2015-07-08] (Microsoft Corporation)
Task: {508CAA6B-1705-4115-93DF-BFE313836229} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1102455636-970572162-2684302250-1001Core1d0e10c47009057 => C:\Users\Tony\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.)
Task: {5928D882-01B0-4B0A-9599-AD43F413E324} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-08-02] (Google Inc.)
Task: {65DC6440-5103-4663-A2BE-DEF7C053C9F6} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-03-16] (NVIDIA Corporation)
Task: {6BE90D85-012C-4B11-9E3D-397AB50494E2} - System32\Tasks\AdobeAAMUpdater-1.0-Tony-PC-Tony => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2011-03-30] (Adobe Systems Incorporated)
Task: {6BFDCBBC-70DF-445D-8E20-19C5F4C14149} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-03-16] (NVIDIA Corporation)
Task: {6F137257-7E4D-4CA8-9B13-511AD1B4749C} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2017-03-16] (NVIDIA Corporation)
Task: {74FBB584-3512-49D5-ADDC-FC16D51C4E0B} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1102455636-970572162-2684302250-1001UA => C:\Users\Tony\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.)
Task: {7AAA285E-1893-447A-B030-7303AC5D2952} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2015-07-08] (Microsoft)
Task: {7DB42BE8-CB52-4EFE-99B0-B518C89284C6} - System32\Tasks\Microsoft_Hardware_Launch_devicecenter_exe => c:\Program Files\Microsoft Device Center\devicecenter.exe
Task: {85F719B8-C8CA-43C2-849D-905BBA4D32B0} - \Microsoft\Windows\Windows Activation Technologies\ValidationTaskDeadline -> No File <==== ATTENTION
Task: {969E29FA-2CE9-4220-A1D8-2C014A69E708} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2015-07-08] (Microsoft Corporation)
Task: {9E71EFB4-5D50-48C0-90ED-8FC0B1855744} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => c:\Program Files\Microsoft Security Client\\MpCmdRun.exe [2016-11-14] (Microsoft Corporation)
Task: {9FD97BA8-60D0-488B-A77A-18872DB286D1} - System32\Tasks\GoogleUpdateTaskMachineUA1d1ecd8493363f0 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-08-02] (Google Inc.)
Task: {A553D406-E62F-46F1-888D-C4A3A2BEBB92} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1102455636-970572162-2684302250-1001UA1d0e10c475d6602 => C:\Users\Tony\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.)
Task: {A6D14B58-1B85-4FD4-854B-114170084323} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-03-16] (NVIDIA Corporation)
Task: {A7A52E6D-DBE7-47CB-A0FE-21A3FC50ACA5} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2017-03-16] (NVIDIA Corporation)
Task: {AC4E5ACF-89F7-4220-BA21-81EE183975E2} - \Microsoft\Windows\Application Experience\AitAgent -> No File <==== ATTENTION
Task: {BB05E85A-6941-427A-AFB6-1BBC8E93A675} - System32\Tasks\GoogleUpdateTaskMachineCore1d1ecd848a6085c => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-08-02] (Google Inc.)
Task: {C25FF519-5F61-44BB-8564-2BEF2A3049E3} - System32\Tasks\elbyExecuteWithUAC => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\ExecuteWithUAC.exe [2008-06-27] ()
Task: {C3915108-885E-4D76-8F95-7D6839B6D97E} - System32\Tasks\Games\UpdateCheck_S-1-5-21-1102455636-970572162-2684302250-1001
Task: {CEE64558-E1A7-4D9D-80A7-2001912BE5B5} - \Microsoft\Windows\MemoryDiagnostic\CorruptionDetector -> No File <==== ATTENTION
Task: {D35D5454-2C61-49DF-8BE3-5BB8F9A7A9EA} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-01-17] (Adobe Systems Incorporated)
Task: {E7388B02-914C-48A5-81F7-CA614B87CA85} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2015-07-08] (Microsoft Corporation)
Task: {EF894200-1F4B-4DCB-B8C9-51CAC4EE1355} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-05-12] (Adobe Systems Incorporated)
Task: {F756EC7C-E3B2-496E-8EE5-17EA5797851B} - System32\Tasks\Private Internet Access Startup => C:\Program Files\pia_manager\pia_manager.exe [2016-05-17] ()
Task: {F99AFCD9-43B6-49CB-9EF5-34CE3CBEB578} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2015-07-08] (Microsoft Corporation)
Task: {FA2BC0A6-8D4B-458A-85C8-2B8C72487513} - \Microsoft\Windows\MemoryDiagnostic\DecompressionFailureDetector -> No File <==== ATTENTION
Task: {FFE74BB5-59F7-454D-83F5-AB2123CC29E0} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1102455636-970572162-2684302250-1001Core => C:\Users\Tony\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.)
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1102455636-970572162-2684302250-1001Core1d237844736f0d3.job => C:\Users\Tony\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1102455636-970572162-2684302250-1001UA1d2378447b6aa01.job => C:\Users\Tony\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1102455636-970572162-2684302250-1001Core.job => C:\Users\Tony\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1102455636-970572162-2684302250-1001UA.job => C:\Users\Tony\AppData\Local\Google\Update\GoogleUpdate.exe
 
==================== Shortcuts & WMI ========================
 
(The entries could be listed to be restored or removed.)
 
 
ShortcutWithArgument: C:\Users\Tony\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Zoom.lnk -> C:\Users\Tony\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) ->  --profile-directory="Profile 1" --app-id=hmbjbjdpkobdjplfobhljndfdfdipjhg
ShortcutWithArgument: C:\Users\Tony\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\c858f8848722416a\Zara - Chrome.lnk -> C:\Users\Tony\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 1"
 
==================== Loaded Modules (Whitelisted) ==============
 
2017-04-14 19:28 - 2017-03-16 17:59 - 001148984 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
2017-04-14 19:28 - 2017-03-16 17:59 - 004490808 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\Poco.dll
2012-04-27 07:07 - 2014-03-02 18:27 - 000076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2010-10-20 15:23 - 2010-10-20 15:23 - 008801632 _____ () C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll
2014-09-14 12:19 - 2014-09-14 12:19 - 000101888 _____ () C:\Users\Tony\AppData\Roaming\BitTorrent Sync\SyncShellContextMenu.dll
2018-01-29 12:42 - 2018-01-29 12:42 - 041100328 _____ () C:\Program Files (x86)\Google\Drive\googledrivesync.exe
2018-02-27 08:54 - 2018-02-21 20:57 - 004433752 _____ () C:\Users\Tony\AppData\Local\Google\Chrome\Application\64.0.3282.186\libglesv2.dll
2018-02-27 08:54 - 2018-02-21 20:57 - 000099672 _____ () C:\Users\Tony\AppData\Local\Google\Chrome\Application\64.0.3282.186\libegl.dll
2017-04-14 19:28 - 2017-03-16 17:59 - 000020536 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2017-04-14 19:28 - 2017-03-16 17:59 - 000901688 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll
2017-04-14 19:28 - 2017-03-16 17:59 - 003776056 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\Poco.dll
2018-02-28 10:03 - 2018-02-28 10:03 - 000088064 _____ () C:\Users\Tony\AppData\Local\Temp\_MEI32722\_ctypes.pyd
2018-02-28 10:03 - 2018-02-28 10:03 - 000069120 _____ () C:\Users\Tony\AppData\Local\Temp\_MEI32722\bz2.pyd
2018-02-28 10:03 - 2018-02-28 10:03 - 000920064 _____ () C:\Users\Tony\AppData\Local\Temp\_MEI32722\_hashlib.pyd
2018-02-28 10:03 - 2018-02-28 10:03 - 000098816 _____ () C:\Users\Tony\AppData\Local\Temp\_MEI32722\win32api.pyd
2018-02-28 10:03 - 2018-02-28 10:03 - 000110080 _____ () C:\Users\Tony\AppData\Local\Temp\_MEI32722\pywintypes27.dll
2018-02-28 10:03 - 2018-02-28 10:03 - 000364544 _____ () C:\Users\Tony\AppData\Local\Temp\_MEI32722\pythoncom27.dll
2018-02-28 10:03 - 2018-02-28 10:03 - 000686080 _____ () C:\Users\Tony\AppData\Local\Temp\_MEI32722\unicodedata.pyd
2018-02-28 10:03 - 2018-02-28 10:03 - 000320512 _____ () C:\Users\Tony\AppData\Local\Temp\_MEI32722\win32com.shell.shell.pyd
2018-02-28 10:03 - 2018-02-28 10:03 - 001177088 _____ () C:\Users\Tony\AppData\Local\Temp\_MEI32722\wx._core_.pyd
2018-02-28 10:03 - 2018-02-28 10:03 - 000806912 _____ () C:\Users\Tony\AppData\Local\Temp\_MEI32722\wx._gdi_.pyd
2018-02-28 10:03 - 2018-02-28 10:03 - 000816640 _____ () C:\Users\Tony\AppData\Local\Temp\_MEI32722\wx._windows_.pyd
2018-02-28 10:03 - 2018-02-28 10:03 - 001067520 _____ () C:\Users\Tony\AppData\Local\Temp\_MEI32722\wx._controls_.pyd
2018-02-28 10:03 - 2018-02-28 10:03 - 000733696 _____ () C:\Users\Tony\AppData\Local\Temp\_MEI32722\wx._misc_.pyd
2018-02-28 10:03 - 2018-02-28 10:03 - 000736256 _____ () C:\Users\Tony\AppData\Local\Temp\_MEI32722\pysqlite2._sqlite.pyd
2018-02-28 10:03 - 2018-02-28 10:03 - 000119808 _____ () C:\Users\Tony\AppData\Local\Temp\_MEI32722\win32file.pyd
2018-02-28 10:03 - 2018-02-28 10:03 - 000108544 _____ () C:\Users\Tony\AppData\Local\Temp\_MEI32722\win32security.pyd
2018-02-28 10:03 - 2018-02-28 10:03 - 000007168 _____ () C:\Users\Tony\AppData\Local\Temp\_MEI32722\hashobjs_ext.pyd
2018-02-28 10:03 - 2018-02-28 10:03 - 000017920 _____ () C:\Users\Tony\AppData\Local\Temp\_MEI32722\thumbnails_ext.pyd
2018-02-28 10:03 - 2018-02-28 10:03 - 000082432 _____ () C:\Users\Tony\AppData\Local\Temp\_MEI32722\usb_ext.pyd
2018-02-28 10:03 - 2018-02-28 10:03 - 000013824 _____ () C:\Users\Tony\AppData\Local\Temp\_MEI32722\common.time34.pyd
2018-02-28 10:03 - 2018-02-28 10:03 - 000018432 _____ () C:\Users\Tony\AppData\Local\Temp\_MEI32722\win32event.pyd
2018-02-28 10:03 - 2018-02-28 10:03 - 000027648 _____ () C:\Users\Tony\AppData\Local\Temp\_MEI32722\windows.conditional.pyd
2018-02-28 10:03 - 2018-02-28 10:03 - 000017408 _____ () C:\Users\Tony\AppData\Local\Temp\_MEI32722\windows.winwrap.pyd
2018-02-28 10:03 - 2018-02-28 10:03 - 000089088 _____ () C:\Users\Tony\AppData\Local\Temp\_MEI32722\windows.volumes.pyd
2018-02-28 10:03 - 2018-02-28 10:03 - 000167936 _____ () C:\Users\Tony\AppData\Local\Temp\_MEI32722\win32gui.pyd
2018-02-28 10:03 - 2018-02-28 10:03 - 000046080 _____ () C:\Users\Tony\AppData\Local\Temp\_MEI32722\_socket.pyd
2018-02-28 10:03 - 2018-02-28 10:03 - 001311232 _____ () C:\Users\Tony\AppData\Local\Temp\_MEI32722\_ssl.pyd
2018-02-28 10:03 - 2018-02-28 10:03 - 000135680 _____ () C:\Users\Tony\AppData\Local\Temp\_MEI32722\_elementtree.pyd
2018-02-28 10:03 - 2018-02-28 10:03 - 000133632 _____ () C:\Users\Tony\AppData\Local\Temp\_MEI32722\pyexpat.pyd
2018-02-28 10:03 - 2018-02-28 10:03 - 000038912 _____ () C:\Users\Tony\AppData\Local\Temp\_MEI32722\win32inet.pyd
2018-02-28 10:03 - 2018-02-28 10:03 - 000077824 _____ () C:\Users\Tony\AppData\Local\Temp\_MEI32722\wx._html2.pyd
2018-02-28 10:03 - 2018-02-28 10:03 - 000036864 _____ () C:\Users\Tony\AppData\Local\Temp\_MEI32722\_psutil_windows.pyd
2018-02-28 10:03 - 2018-02-28 10:03 - 000524248 _____ () C:\Users\Tony\AppData\Local\Temp\_MEI32722\windows._lib_cacheinvalidation.pyd
2018-02-28 10:03 - 2018-02-28 10:03 - 000010240 _____ () C:\Users\Tony\AppData\Local\Temp\_MEI32722\select.pyd
2018-02-28 10:03 - 2018-02-28 10:03 - 000011264 _____ () C:\Users\Tony\AppData\Local\Temp\_MEI32722\win32crypt.pyd
2018-02-28 10:03 - 2018-02-28 10:03 - 000218624 _____ () C:\Users\Tony\AppData\Local\Temp\_MEI32722\PIL._imaging.pyd
2018-02-28 10:03 - 2018-02-28 10:03 - 000027648 _____ () C:\Users\Tony\AppData\Local\Temp\_MEI32722\_multiprocessing.pyd
2018-02-28 10:03 - 2018-02-28 10:03 - 000020480 _____ () C:\Users\Tony\AppData\Local\Temp\_MEI32722\_yappi.pyd
2018-02-28 10:03 - 2018-02-28 10:03 - 000035840 _____ () C:\Users\Tony\AppData\Local\Temp\_MEI32722\win32process.pyd
2018-02-28 10:03 - 2018-02-28 10:03 - 000024064 _____ () C:\Users\Tony\AppData\Local\Temp\_MEI32722\win32pipe.pyd
2018-02-28 10:03 - 2018-02-28 10:03 - 000025600 _____ () C:\Users\Tony\AppData\Local\Temp\_MEI32722\win32pdh.pyd
2018-02-28 10:03 - 2018-02-28 10:03 - 000059392 _____ () C:\Users\Tony\AppData\Local\Temp\_MEI32722\windows.device_monitor.pyd
2018-02-28 10:03 - 2018-02-28 10:03 - 000017408 _____ () C:\Users\Tony\AppData\Local\Temp\_MEI32722\win32profile.pyd
2018-02-28 10:03 - 2018-02-28 10:03 - 000022528 _____ () C:\Users\Tony\AppData\Local\Temp\_MEI32722\win32ts.pyd
2017-04-14 19:28 - 2017-03-16 17:59 - 000338488 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVAccountAPINode.node
2017-04-14 19:28 - 2017-03-16 17:59 - 000252352 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\DriverInstall.node
2017-04-14 19:28 - 2017-03-16 17:59 - 002443320 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\Downloader.node
2017-04-14 19:28 - 2017-03-16 17:59 - 000385592 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvGameShareAPINode.node
2017-04-14 19:28 - 2017-03-16 17:59 - 000543288 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvSpCapsAPINode.node
2017-04-14 19:28 - 2017-03-16 17:59 - 000468536 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvGalleryAPINode.node
2018-02-28 11:59 - 2018-02-26 04:24 - 000746312 _____ () C:\Users\Tony\AppData\Roaming\Dropbox\bin\dropbox_watchdog.dll
2018-02-28 11:59 - 2018-02-26 04:24 - 002079048 _____ () C:\Users\Tony\AppData\Roaming\Dropbox\bin\dropbox_crashpad.dll
2017-11-02 15:20 - 2018-02-26 04:24 - 000100312 _____ () C:\Users\Tony\AppData\Roaming\Dropbox\bin\_ctypes.pyd
2017-10-19 12:28 - 2018-02-26 04:24 - 000018896 _____ () C:\Users\Tony\AppData\Roaming\Dropbox\bin\select.pyd
2017-10-19 12:28 - 2018-02-26 04:26 - 000020808 _____ () C:\Users\Tony\AppData\Roaming\Dropbox\bin\tornado.speedups.pyd
2017-11-02 15:20 - 2018-02-26 04:24 - 000035808 _____ () C:\Users\Tony\AppData\Roaming\Dropbox\bin\_multiprocessing.pyd
2017-11-02 15:20 - 2018-02-26 04:24 - 000694232 _____ () C:\Users\Tony\AppData\Roaming\Dropbox\bin\unicodedata.pyd
2018-02-28 11:59 - 2018-02-26 04:26 - 000021856 _____ () C:\Users\Tony\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._constant_time.pyd
2017-11-02 15:20 - 2018-02-26 04:24 - 000130520 _____ () C:\Users\Tony\AppData\Roaming\Dropbox\bin\_cffi_backend.pyd
2018-02-28 11:59 - 2018-02-26 04:26 - 001856864 _____ () C:\Users\Tony\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._openssl.pyd
2018-02-28 11:59 - 2018-02-26 04:26 - 000022880 _____ () C:\Users\Tony\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._padding.pyd
2018-02-28 11:59 - 2018-02-26 04:24 - 000145880 _____ () C:\Users\Tony\AppData\Roaming\Dropbox\bin\pyexpat.pyd
2018-02-28 11:59 - 2018-02-26 04:24 - 000116696 _____ () C:\Users\Tony\AppData\Roaming\Dropbox\bin\pywintypes27.dll
2017-11-02 15:20 - 2018-02-26 04:24 - 000105944 _____ () C:\Users\Tony\AppData\Roaming\Dropbox\bin\win32api.pyd
2017-11-02 15:20 - 2018-02-26 04:26 - 000022872 _____ () C:\Users\Tony\AppData\Roaming\Dropbox\bin\winffi.crt.compiled._winffi_crt.pyd
2018-02-28 11:59 - 2018-02-26 04:26 - 000063312 _____ () C:\Users\Tony\AppData\Roaming\Dropbox\bin\psutil._psutil_windows.pyd
2017-11-02 15:20 - 2018-02-26 04:24 - 000024536 _____ () C:\Users\Tony\AppData\Roaming\Dropbox\bin\win32event.pyd
2018-02-28 11:59 - 2018-02-26 04:26 - 000077120 _____ () C:\Users\Tony\AppData\Roaming\Dropbox\bin\fastpath.pyd
2018-02-28 11:59 - 2018-02-26 04:24 - 000020952 _____ () C:\Users\Tony\AppData\Roaming\Dropbox\bin\mmapfile.pyd
2017-11-02 15:20 - 2018-02-26 04:24 - 000124888 _____ () C:\Users\Tony\AppData\Roaming\Dropbox\bin\win32file.pyd
2017-11-02 15:20 - 2018-02-26 04:24 - 000116184 _____ () C:\Users\Tony\AppData\Roaming\Dropbox\bin\win32security.pyd
2018-02-28 11:59 - 2018-02-26 04:24 - 000392664 _____ () C:\Users\Tony\AppData\Roaming\Dropbox\bin\pythoncom27.dll
2017-11-02 15:20 - 2018-02-26 04:26 - 000392520 _____ () C:\Users\Tony\AppData\Roaming\Dropbox\bin\win32com.shell.shell.pyd
2017-11-02 15:20 - 2018-02-26 04:26 - 000026464 _____ () C:\Users\Tony\AppData\Roaming\Dropbox\bin\winffi.kernel32.compiled._winffi_kernel32.pyd
2017-11-02 15:20 - 2018-02-26 04:24 - 000024024 _____ () C:\Users\Tony\AppData\Roaming\Dropbox\bin\win32clipboard.pyd
2017-11-02 15:20 - 2018-02-26 04:24 - 000175576 _____ () C:\Users\Tony\AppData\Roaming\Dropbox\bin\win32gui.pyd
2017-11-02 15:20 - 2018-02-26 04:24 - 000030168 _____ () C:\Users\Tony\AppData\Roaming\Dropbox\bin\win32pipe.pyd
2017-11-02 15:20 - 2018-02-26 04:24 - 000043480 _____ () C:\Users\Tony\AppData\Roaming\Dropbox\bin\win32process.pyd
2017-11-02 15:20 - 2018-02-26 04:24 - 000026072 _____ () C:\Users\Tony\AppData\Roaming\Dropbox\bin\win32job.pyd
2017-11-02 15:20 - 2018-02-26 04:24 - 000048600 _____ () C:\Users\Tony\AppData\Roaming\Dropbox\bin\win32service.pyd
2017-11-02 15:20 - 2018-02-26 04:24 - 000057816 _____ () C:\Users\Tony\AppData\Roaming\Dropbox\bin\win32evtlog.pyd
2018-02-28 11:59 - 2018-02-26 04:26 - 000021840 _____ () C:\Users\Tony\AppData\Roaming\Dropbox\bin\cpuid.compiled._cpuid.pyd
2017-11-02 15:20 - 2018-02-26 04:27 - 000023376 _____ () C:\Users\Tony\AppData\Roaming\Dropbox\bin\winshell.compiled._winshell.pyd
2018-02-28 11:59 - 2018-02-26 04:26 - 000022864 _____ () C:\Users\Tony\AppData\Roaming\Dropbox\bin\crashpad.compiled._Crashpad.pyd
2017-11-02 15:20 - 2018-02-26 04:26 - 000066400 _____ () C:\Users\Tony\AppData\Roaming\Dropbox\bin\winenumhandles.compiled._WinEnumHandles.pyd
2018-02-28 11:59 - 2018-02-26 04:26 - 001798464 _____ () C:\Users\Tony\AppData\Roaming\Dropbox\bin\PyQt5.QtCore.pyd
2017-10-19 12:28 - 2018-02-26 04:24 - 000084944 _____ () C:\Users\Tony\AppData\Roaming\Dropbox\bin\sip.pyd
2018-02-28 11:59 - 2018-02-26 04:26 - 001959232 _____ () C:\Users\Tony\AppData\Roaming\Dropbox\bin\PyQt5.QtGui.pyd
2018-02-28 11:59 - 2018-02-26 04:26 - 003863880 _____ () C:\Users\Tony\AppData\Roaming\Dropbox\bin\PyQt5.QtWidgets.pyd
2018-02-28 11:59 - 2018-02-26 04:26 - 000155472 _____ () C:\Users\Tony\AppData\Roaming\Dropbox\bin\PyQt5.QtWebEngineWidgets.pyd
2018-02-28 11:59 - 2018-02-26 04:26 - 000521544 _____ () C:\Users\Tony\AppData\Roaming\Dropbox\bin\PyQt5.QtNetwork.pyd
2018-02-28 11:59 - 2018-02-26 04:26 - 000051024 _____ () C:\Users\Tony\AppData\Roaming\Dropbox\bin\PyQt5.QtWebEngineCore.pyd
2018-02-28 11:59 - 2018-02-26 04:26 - 000043336 _____ () C:\Users\Tony\AppData\Roaming\Dropbox\bin\PyQt5.QtWebChannel.pyd
2018-02-28 11:59 - 2018-02-26 04:26 - 000131400 _____ () C:\Users\Tony\AppData\Roaming\Dropbox\bin\PyQt5.QtWebKit.pyd
2018-02-28 11:59 - 2018-02-26 04:26 - 000219984 _____ () C:\Users\Tony\AppData\Roaming\Dropbox\bin\PyQt5.QtWebKitWidgets.pyd
2018-02-28 11:59 - 2018-02-26 04:26 - 000204104 _____ () C:\Users\Tony\AppData\Roaming\Dropbox\bin\PyQt5.QtPrintSupport.pyd
2017-11-02 15:20 - 2018-02-26 04:27 - 000025440 _____ () C:\Users\Tony\AppData\Roaming\Dropbox\bin\winscreenshot.compiled._CaptureScreenshot.pyd
2017-11-02 15:20 - 2018-02-26 04:24 - 000060888 _____ () C:\Users\Tony\AppData\Roaming\Dropbox\bin\win32print.pyd
2017-11-02 15:20 - 2018-02-26 04:27 - 000054616 _____ () C:\Users\Tony\AppData\Roaming\Dropbox\bin\winrpcserver.compiled._RPCServer.pyd
2017-11-02 15:20 - 2018-02-26 04:24 - 000024024 _____ () C:\Users\Tony\AppData\Roaming\Dropbox\bin\win32profile.pyd
2017-11-02 15:20 - 2018-02-26 04:26 - 000022880 _____ () C:\Users\Tony\AppData\Roaming\Dropbox\bin\winffi.user32.compiled._winffi_user32.pyd
2017-11-02 15:20 - 2018-02-26 04:24 - 000028632 _____ () C:\Users\Tony\AppData\Roaming\Dropbox\bin\win32ts.pyd
2017-11-02 15:20 - 2018-02-26 04:26 - 000022368 _____ () C:\Users\Tony\AppData\Roaming\Dropbox\bin\winffi.iphlpapi.compiled._winffi_iphlpapi.pyd
2017-11-02 15:20 - 2018-02-26 04:26 - 000021856 _____ () C:\Users\Tony\AppData\Roaming\Dropbox\bin\winffi.winerror.compiled._winffi_winerror.pyd
2017-11-02 15:20 - 2018-02-26 04:27 - 000022368 _____ () C:\Users\Tony\AppData\Roaming\Dropbox\bin\winffi.wininet.compiled._winffi_wininet.pyd
2018-02-28 11:59 - 2018-02-26 04:26 - 000027496 _____ () C:\Users\Tony\AppData\Roaming\Dropbox\bin\dropbox.infinite.win.compiled._driverinstallation.pyd
2017-11-02 15:20 - 2018-02-26 04:24 - 000349144 _____ () C:\Users\Tony\AppData\Roaming\Dropbox\bin\winxpgui.pyd
2017-11-02 15:20 - 2018-02-26 04:27 - 000023904 _____ () C:\Users\Tony\AppData\Roaming\Dropbox\bin\winverifysignature.compiled._VerifySignature.pyd
2018-02-28 11:59 - 2018-02-26 04:26 - 000025432 _____ () C:\Users\Tony\AppData\Roaming\Dropbox\bin\librsyncffi.compiled._librsyncffi.pyd
2018-02-28 11:59 - 2018-02-26 04:24 - 000036312 _____ () C:\Users\Tony\AppData\Roaming\Dropbox\bin\librsync.dll
2018-01-11 13:23 - 2018-02-26 04:26 - 000021856 _____ () C:\Users\Tony\AppData\Roaming\Dropbox\bin\winffi.advapi32.compiled._winffi_advapi32.pyd
2018-02-28 11:59 - 2018-02-26 04:26 - 000181064 _____ () C:\Users\Tony\AppData\Roaming\Dropbox\bin\dropbox_sqlite_ext.DLL
2017-11-02 15:20 - 2018-02-26 04:26 - 000030544 _____ () C:\Users\Tony\AppData\Roaming\Dropbox\bin\wind3d11.compiled._wind3d11.pyd
2018-02-28 11:59 - 2018-02-26 04:26 - 000024384 _____ () C:\Users\Tony\AppData\Roaming\Dropbox\bin\libEGL.DLL
2018-02-28 11:59 - 2018-02-26 04:26 - 001638208 _____ () C:\Users\Tony\AppData\Roaming\Dropbox\bin\libGLESv2.dll
2017-11-02 15:20 - 2018-02-26 04:26 - 000026464 _____ () C:\Users\Tony\AppData\Roaming\Dropbox\bin\winffi.winhttp.compiled._winffi_winhttp.pyd
2018-02-28 11:59 - 2018-02-26 04:26 - 000546632 _____ () C:\Users\Tony\AppData\Roaming\Dropbox\bin\PyQt5.QtQuick.pyd
2018-02-28 11:59 - 2018-02-26 04:26 - 000359744 _____ () C:\Users\Tony\AppData\Roaming\Dropbox\bin\PyQt5.QtQml.pyd
2018-02-28 11:59 - 2018-02-26 04:26 - 000038216 _____ () C:\Users\Tony\AppData\Roaming\Dropbox\bin\PyQt5.QtWebEngine.pyd
 
==================== Alternate Data Streams (Whitelisted) =========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 
AlternateDataStreams: C:\Program Files\Common Files\System:g2iileUKu9DvDX0fYTlpeSCqT [2210]
AlternateDataStreams: C:\ProgramData\Microsoft:VssScbIji3c67OfLqb2CNS2 [2276]
AlternateDataStreams: C:\ProgramData\Microsoft:yqRnPwY6mHlzbSwNQRBRe5nSqS0 [2166]
AlternateDataStreams: C:\Users\Tony\Cookies:bCFZvAvxQkkGxzHRivPI5cR2d [2230]
 
==================== Safe Mode (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
 
==================== Association (Whitelisted) ===============
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
 
 
==================== Internet Explorer trusted/restricted ===============
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com
IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com
IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com
IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com
IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com
IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com
IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com
IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com
 
There are 7937 more sites.
 
IE restricted site: HKU\S-1-5-21-1102455636-970572162-2684302250-1001\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-1102455636-970572162-2684302250-1001\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-1102455636-970572162-2684302250-1001\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-1102455636-970572162-2684302250-1001\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-1102455636-970572162-2684302250-1001\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-1102455636-970572162-2684302250-1001\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-1102455636-970572162-2684302250-1001\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-1102455636-970572162-2684302250-1001\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-1102455636-970572162-2684302250-1001\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-1102455636-970572162-2684302250-1001\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-1102455636-970572162-2684302250-1001\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-1102455636-970572162-2684302250-1001\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-1102455636-970572162-2684302250-1001\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-1102455636-970572162-2684302250-1001\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-1102455636-970572162-2684302250-1001\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-1102455636-970572162-2684302250-1001\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-1102455636-970572162-2684302250-1001\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-1102455636-970572162-2684302250-1001\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-1102455636-970572162-2684302250-1001\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-1102455636-970572162-2684302250-1001\...\123simsen.com -> www.123simsen.com
 
There are 7937 more sites.
 
 
==================== Hosts content: ==========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2009-07-13 19:34 - 2018-02-22 19:09 - 000456004 ____R C:\Windows\system32\Drivers\etc\hosts
 
127.0.0.1 crl.verisign.net CRL.VERISIGN.NET ood.opsource.net
127.0.0.1 activate.adobe.com
127.0.0.1 activate-sea.adobe.com
127.0.0.1 practivate.adobe
127.0.0.1 practivate.adobe.com
127.0.0.1 practivate.adobe.newoa
127.0.0.1 practivate.adobe.ntp
127.0.0.1 practivate.adobe.ipp
127.0.0.1 adobeereg.com
127.0.0.1 activate.wip1.adobe.com
127.0.0.1 activate.wip2.adobe.com
127.0.0.1 activate.wip3.adobe.com
127.0.0.1 activate.wip4.adobe.com
127.0.0.1 www.adobeereg.com
127.0.0.1 hl2rcv.adobe.com
127.0.0.1 wip.adobe.com
127.0.0.1 wip1.aobe.com
127.0.0.1 wip2.adobe.com
127.0.0.1 wip3.adobe.com
127.0.0.1 wip4.adobe.com
127.0.0.1 www.wip.adobe.com
127.0.0.1 www.wip1.adobe.com
127.0.0.1 www.wip2.adobe.com
127.0.0.1 www.wip3.adobe.com
127.0.0.1 www.wip4.adobe.com
127.0.0.1 3dns.adobe.com
127.0.0.1 3dns-1.adobe.com
127.0.0.1 3dns-2.adobe.com
127.0.0.1 3dns-3.adobe.com
127.0.0.1 3dns-4.adobe.com
 
There are 15645 more lines.
 
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-1102455636-970572162-2684302250-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Tony\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
MSCONFIG\Services: Bonjour Service => 2
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: MBAMService => 2
MSCONFIG\Services: MozillaMaintenance => 3
MSCONFIG\Services: SDScannerService => 2
MSCONFIG\Services: SDUpdateService => 2
MSCONFIG\Services: SDWSCService => 2
MSCONFIG\Services: SkypeUpdate => 2
MSCONFIG\Services: Steam Client Service => 3
MSCONFIG\Services: SwitchBoard => 3
MSCONFIG\Services: VPNUnlimitedService => 2
MSCONFIG\startupfolder: C:^Users^Tony^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk => C:\Windows\pss\Dropbox.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Tony^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Launch Jawbone Updater.lnk => C:\Windows\pss\Launch Jawbone Updater.lnk.Startup
MSCONFIG\startupreg: Acrobat Assistant 8.0 => "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe"
MSCONFIG\startupreg: Adobe Acrobat Speed Launcher => "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe"
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: AdobeCS5.5ServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin
MSCONFIG\startupreg: BCSSync => "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
MSCONFIG\startupreg: BDRegion => C:\Program Files (x86)\Cyberlink\Shared files\brs.exe
MSCONFIG\startupreg: Dropbox Update => "C:\Users\Tony\AppData\Local\Dropbox\Update\DropboxUpdate.exe" /c
MSCONFIG\startupreg: Google Update => C:\Users\Tony\AppData\Local\Google\Update\1.3.33.7\GoogleUpdateCore.exe
MSCONFIG\startupreg: GoogleDriveSync => "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
MSCONFIG\startupreg: KeePass 2 PreLoad => "C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe" --preload
MSCONFIG\startupreg: NvBackend => "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
MSCONFIG\startupreg: RemoteControl10 => "C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"
MSCONFIG\startupreg: SDTray => "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
MSCONFIG\startupreg: ShadowPlay => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: Spotify => "C:\Users\Tony\AppData\Roaming\Spotify\Spotify.exe" -autostart -minimized
MSCONFIG\startupreg: Spotify Web Helper => C:\Users\Tony\AppData\Roaming\Spotify\SpotifyWebHelper.exe --autostart
MSCONFIG\startupreg: SPUpDateServerrun => C:\Program Files (x86)\hicloud\update_server\startUp.exe
MSCONFIG\startupreg: SpybotPostWindows10UpgradeReInstall => "C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe"
MSCONFIG\startupreg: Steam => "C:\Program Files (x86)\Steam\Steam.exe" -silent
MSCONFIG\startupreg: SwitchBoard => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
MSCONFIG\startupreg: VirtualCloneDrive => "C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
MSCONFIG\startupreg: VPN Unlimited => "C:\Program Files (x86)\VPN Unlimited\vpn-unlimited-launcher.exe"
 
==================== FirewallRules (Whitelisted) ===============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [{C94B7BBA-7528-4065-A327-32837718CFBA}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\wlcsdk.exe
FirewallRules: [{FEBDE4F8-1509-448A-AD50-B7E09C433AF3}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{D780D2D3-2C6E-4A4B-808C-291839ED713A}] => (Allow) svchost.exe
FirewallRules: [{C35302F7-0F1C-4ED8-AB13-F999E2E89E74}] => (Allow) C:\Program Files (x86)\Windows Live\Sync\WindowsLiveSync.exe
FirewallRules: [{50A14BA8-ADCA-4CC6-B56B-F208468AA670}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{58AD8B65-40F5-401F-9294-1463887A38E4}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{1F1EB59A-B902-4718-960A-F7DFA940034B}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD Cinema\PowerDVDCinema10.exe
FirewallRules: [{1D6C89FD-1FE5-4572-B0B3-9AA31B60DDBD}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD10.EXE
FirewallRules: [{27621D25-8363-469A-A55A-405CCD1EE34C}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{0CAE9E8D-E3C4-4EB2-A413-D8BE189D3355}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{A7583A5E-3962-49DE-97AE-733BEDFB7979}] => (Allow) C:\Users\Tony\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{BB43B410-9DD0-460F-9F6D-5D54B98FB2DD}] => (Allow) C:\Users\Tony\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [TCP Query User{2316BD9B-C573-4309-B9E1-22AE5BD764E0}C:\users\tony\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\tony\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [UDP Query User{CA2DE3B7-3BA9-4789-89E9-7EF688ACF1E4}C:\users\tony\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\tony\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [TCP Query User{22FCBB10-E887-44AC-9E9A-FEF38494E654}C:\program files (x86)\starcraft ii\versions\base21029\sc2.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base21029\sc2.exe
FirewallRules: [UDP Query User{820CA7FC-8CEE-44F5-9D51-2B19336FC755}C:\program files (x86)\starcraft ii\versions\base21029\sc2.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base21029\sc2.exe
FirewallRules: [{55DF7993-1990-44F3-A1D8-12BC5C870009}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\far cry 2\bin\FarCry2.exe
FirewallRules: [{FA973FBE-1749-4DD1-A3FE-8CDBFC918DF7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\far cry 2\bin\FarCry2.exe
FirewallRules: [{A2569AE1-7502-461C-AB09-4B355BDE37BC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\far cry 2\bin\FC2Editor.exe
FirewallRules: [{C0C2D631-3B82-48A1-A167-E9F85C08C75E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\far cry 2\bin\FC2Editor.exe
FirewallRules: [{23C246E8-F7ED-4FB9-BD86-65E982492D94}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\far cry 2\bin\FC2BenchmarkTool.exe
FirewallRules: [{D968DC83-A818-4F15-9036-31113EADB362}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\far cry 2\bin\FC2BenchmarkTool.exe
FirewallRules: [{3ED7F80D-F835-4EEA-AADE-B33F9BF00E38}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\far cry 2\bin\FC2ServerLauncher.exe
FirewallRules: [{FE0E5019-8C2D-41EF-9231-2C74A29F9AD0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\far cry 2\bin\FC2ServerLauncher.exe
FirewallRules: [{91044E54-F13B-4A4C-8249-F41263587D96}] => (Allow) C:\Program Files (x86)\Adobe\Adobe Flash Builder 4.5\FlashBuilder.exe
FirewallRules: [{F9AA042C-32C2-446F-996F-27A7D18BC4B6}] => (Allow) C:\Program Files (x86)\Adobe\Adobe Flash Builder 4.5\FlashBuilder.exe
FirewallRules: [{A9D52C2B-FABC-4AA7-BAC7-8FEDEEABB966}] => (Allow) LPort=7935
FirewallRules: [{B3B1CD70-416E-41A5-A8EC-3ACFCD074196}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\deus ex - human revolution\dxhr.exe
FirewallRules: [{D6A9BBAE-0185-448C-B077-CDE9ACC5CFD3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\deus ex - human revolution\dxhr.exe
FirewallRules: [{595C43A2-DF86-4F5E-8499-BC329E817444}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\batman arkham asylum\Batman_Revoker.exe
FirewallRules: [{F2AD82F0-D740-4D11-8822-A4C847038776}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\batman arkham asylum\Batman_Revoker.exe
FirewallRules: [{E8CE9104-293C-4425-96E6-2EBA7A98E2ED}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\batman arkham asylum\Binaries\BmLauncher.exe
FirewallRules: [{D7D31D45-0C11-47DC-B56F-8001C1E5A824}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\batman arkham asylum\Binaries\BmLauncher.exe
FirewallRules: [{EE4F8369-AFA6-4C6E-9795-64001F41EDFA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Mass Effect\Binaries\MassEffect.exe
FirewallRules: [{7D67C039-DC27-4D73-BD9E-072FF2765A51}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Mass Effect\Binaries\MassEffect.exe
FirewallRules: [{833FB474-6C2B-4CDC-B1FB-771DB35E1FEC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Mass Effect\docs\EA Help\Electronic_Arts_Technical_Support.htm
FirewallRules: [{145884B9-FA73-4E23-9C95-594FE41E2892}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Mass Effect\docs\EA Help\Electronic_Arts_Technical_Support.htm
FirewallRules: [{29283C7E-7160-4B7F-8DFF-F102F3498540}] => (Allow) C:\Program Files (x86)\StarCraft II\StarCraft II Public Test.exe
FirewallRules: [{566A7F5A-9C52-48F6-8B2A-3D16F511AB1B}] => (Allow) C:\Program Files (x86)\StarCraft II\StarCraft II Public Test.exe
FirewallRules: [{5936E222-B2B7-4DF9-A647-67F36BD584C6}] => (Allow) C:\Program Files (x86)\StarCraft II\Versions\Base23260\SC2.exe
FirewallRules: [{43AA3C86-78E6-47F8-B5F8-EF479DAD5C9A}] => (Allow) C:\Program Files (x86)\StarCraft II\Versions\Base23260\SC2.exe
FirewallRules: [{295D6561-BD4E-4FEA-96C1-823F26BC9AB1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\bioshock\Builds\Release\Bioshock.exe
FirewallRules: [{21E6802C-07CD-43E0-994F-026BEE8613D4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\bioshock\Builds\Release\Bioshock.exe
FirewallRules: [{6D043871-189B-42A2-8DF0-2F5B62035A41}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Operation Flashpoint Red River\RedRiverLauncher.exe
FirewallRules: [{7CF7B59B-BAF1-41F3-A500-52A1D02A48E9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Operation Flashpoint Red River\RedRiverLauncher.exe
FirewallRules: [TCP Query User{3D5903BA-A9E4-4C3D-98FD-D729172B86F1}C:\program files (x86)\steam\steamapps\common\operation flashpoint red river\redriver.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\operation flashpoint red river\redriver.exe
FirewallRules: [UDP Query User{8D0D78F3-180F-4340-96B1-66D9AAA2BA9D}C:\program files (x86)\steam\steamapps\common\operation flashpoint red river\redriver.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\operation flashpoint red river\redriver.exe
FirewallRules: [TCP Query User{93D54BE7-278D-4100-A37B-19F6B9D00212}C:\program files (x86)\steam\steamapps\common\the witcher 2\bin\witcher2.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\the witcher 2\bin\witcher2.exe
FirewallRules: [UDP Query User{67287190-27D2-4F22-95E6-F165F7907330}C:\program files (x86)\steam\steamapps\common\the witcher 2\bin\witcher2.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\the witcher 2\bin\witcher2.exe
FirewallRules: [{980A7706-DC85-47B0-AE46-1060364562D3}] => (Allow) C:\Program Files (x86)\StarCraft II\Versions\Base23260\SC2.exe
FirewallRules: [{D891CF18-B259-45E3-9A08-008C8BE4D384}] => (Allow) C:\Program Files (x86)\StarCraft II\Versions\Base23260\SC2.exe
FirewallRules: [TCP Query User{730458B9-C37D-4A78-A7FC-3B6B12B96FB7}C:\program files (x86)\steam\steamapps\k2o4\counter-strike source\hl2.exe] => (Allow) C:\program files (x86)\steam\steamapps\k2o4\counter-strike source\hl2.exe
FirewallRules: [UDP Query User{2409B414-35DB-4E71-9FD5-CCB413877DC9}C:\program files (x86)\steam\steamapps\k2o4\counter-strike source\hl2.exe] => (Allow) C:\program files (x86)\steam\steamapps\k2o4\counter-strike source\hl2.exe
FirewallRules: [TCP Query User{DA7F12F1-9843-406D-BA2D-C6E138AF33E9}C:\program files (x86)\steam\steamapps\common\batman arkham asylum\binaries\shippingpc-bmgame.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\batman arkham asylum\binaries\shippingpc-bmgame.exe
FirewallRules: [UDP Query User{70ABE535-AA49-4781-B50F-5B1F690101F1}C:\program files (x86)\steam\steamapps\common\batman arkham asylum\binaries\shippingpc-bmgame.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\batman arkham asylum\binaries\shippingpc-bmgame.exe
FirewallRules: [{D3A21772-8751-4842-921B-E4FC17264215}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\sniper ghost warrior\Sniper_x86.exe
FirewallRules: [{B8A21AD6-3B7B-402C-923F-267BDE0004F2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\sniper ghost warrior\Sniper_x86.exe
FirewallRules: [{FFCC9C62-6DC2-40AC-8541-ADE755BA730C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\skyrim\SkyrimLauncher.exe
FirewallRules: [{6D01B1DE-17E0-4C94-B5D9-4D56202BDAA0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\skyrim\SkyrimLauncher.exe
FirewallRules: [{FA72446A-6AEA-4DFC-9CA6-8CCD18B6FA6F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\the witcher 2\Launcher.exe
FirewallRules: [{42F24E93-8D36-4632-B52A-5A13A6E5834E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\the witcher 2\Launcher.exe
FirewallRules: [{5FE39FA7-E9C2-4136-A4CB-05FA021A2821}] => (Allow) C:\Program Files (x86)\StarCraft II\Versions\Base24944\SC2.exe
FirewallRules: [{8D17D197-EDD5-4FF7-81C5-18DB99DF6550}] => (Allow) C:\Program Files (x86)\StarCraft II\Versions\Base24944\SC2.exe
FirewallRules: [TCP Query User{C0F52063-B14D-406C-BF25-6605465BB970}C:\program files (x86)\soulseekqt\soulseekqt.exe] => (Allow) C:\program files (x86)\soulseekqt\soulseekqt.exe
FirewallRules: [UDP Query User{E14C4857-6C0C-4710-807C-4909810C9479}C:\program files (x86)\soulseekqt\soulseekqt.exe] => (Allow) C:\program files (x86)\soulseekqt\soulseekqt.exe
FirewallRules: [{B4B51B01-6CCB-48C1-B111-9FF738624089}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Portal 2\portal2.exe
FirewallRules: [{3C2BDA58-5126-483E-982C-AA680C6BAFE2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Portal 2\portal2.exe
FirewallRules: [{B1AFC845-8006-4DB3-A4AD-5003C6DD0949}] => (Allow) C:\Users\Tony\AppData\Roaming\Spotify\spotify.exe
FirewallRules: [{463A718C-299A-44DE-8D55-71FDF529B708}] => (Allow) C:\Users\Tony\AppData\Roaming\Spotify\spotify.exe
FirewallRules: [{9EAD787C-E81E-431F-B740-5E7BB0660B10}] => (Allow) C:\Users\Tony\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{0E9CD0D0-BD16-458F-96C6-EA1CE3A4A3FB}] => (Allow) C:\Users\Tony\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{72DA5740-D28B-479D-9A77-55123D3C835B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Source\hl2.exe
FirewallRules: [{654A3215-0E47-4153-A848-21C5676CBE33}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Source\hl2.exe
FirewallRules: [{D140B750-D28D-4AB1-BC60-4A34C7ADD316}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Batman Arkham City GOTY\Binaries\Win32\BatmanAC.exe
FirewallRules: [{D70FF6E1-E9C5-4BD7-83FC-99A2195DF0B2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Batman Arkham City GOTY\Binaries\Win32\BatmanAC.exe
FirewallRules: [{D0427322-583C-4839-8222-45B4B0678EAC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Batman Arkham City GOTY\RunLauncher.bat
FirewallRules: [{73F3E47C-2B69-419A-8AC9-A2C6AC917BEA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Batman Arkham City GOTY\RunLauncher.bat
FirewallRules: [{A58ACA2D-8708-47B0-AB00-9FACDD6B545A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ArmA Armed Assault\arma.exe
FirewallRules: [{0A88817B-52E6-48F0-8E99-0DD5D2BDAEFF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ArmA Armed Assault\arma.exe
FirewallRules: [{E67CAF2B-6A16-4124-BC9C-64D4E2AE444E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ArmA Armed Assault\arma_server.exe
FirewallRules: [{14895B41-8D2E-4D1E-BBD1-33D5F41118A1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ArmA Armed Assault\arma_server.exe
FirewallRules: [{95B56A3A-7EC8-447B-9FE9-ADA59EC88E54}] => (Allow) C:\Program Files (x86)\Steam\steamapps\k2o4\half-life source\hl2.exe
FirewallRules: [{757DED74-77FD-4AAB-A19B-D1C711444C29}] => (Allow) C:\Program Files (x86)\Steam\steamapps\k2o4\half-life source\hl2.exe
FirewallRules: [{6F46221F-6D84-418B-BB93-11E5B26EDC9F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\call of duty modern warfare 2\iw4mp.exe
FirewallRules: [{2224ED4C-C4B2-4099-BF97-46476A2F1586}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\call of duty modern warfare 2\iw4mp.exe
FirewallRules: [{0FA96B23-4E19-4A28-B615-88E910142C6C}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{1CAB844F-9461-441F-BD85-6FBC6531F7D9}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{DC54BBB6-8679-4084-A9C3-92BC2DECB015}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{40BE571D-699B-4694-B8FC-4F75A8D91572}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{7ABAFA1E-BD4D-4E47-8F66-F120A8527E2E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Far Cry 3\bin\farcry3.exe
FirewallRules: [{843CFA62-789B-45B0-949B-EA2C80E9F5ED}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Far Cry 3\bin\farcry3.exe
FirewallRules: [{7A2B1FEB-260B-4833-8A8B-E749AB1509FC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Far Cry 3\bin\farcry3_d3d11.exe
FirewallRules: [{B5E2345A-5A44-4543-936D-5F8E5B001E00}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Far Cry 3\bin\farcry3_d3d11.exe
FirewallRules: [{FE242D0B-62A8-4468-AD51-D5EA3287A0BC}] => (Allow) C:\Program Files (x86)\StarCraft II\Versions\Base28667\SC2.exe
FirewallRules: [{3112BD5E-B84E-47C2-A13A-2A9A2695172B}] => (Allow) C:\Program Files (x86)\StarCraft II\Versions\Base28667\SC2.exe
FirewallRules: [{8A9C3534-04E8-48B8-A93F-F943315F0ABA}] => (Allow) C:\Users\Tony\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{0C2CB363-3EEB-46E8-B932-5FF218035381}] => (Allow) C:\Users\Tony\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{AD01599C-56DA-4091-B7C9-7332AC0983B8}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{0D103B16-B666-458A-8F88-E5C43091C854}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{75180442-838E-4598-AD04-5F90F1C46CE5}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Batman Arkham Origins\SinglePlayer\Binaries\Win32\BatmanOrigins.exe
FirewallRules: [{EA6A3B73-0091-4FE4-BD0D-A54B0A530481}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Batman Arkham Origins\SinglePlayer\Binaries\Win32\BatmanOrigins.exe
FirewallRules: [{EE3711E7-8925-4EAD-A5F9-58FF110F0890}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Batman Arkham Origins\Online\Binaries\Win32\BatmanOriginsOnline.exe
FirewallRules: [{5076828A-E978-4C2A-9D5B-87C9EAED8765}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Batman Arkham Origins\Online\Binaries\Win32\BatmanOriginsOnline.exe
FirewallRules: [TCP Query User{787422F0-DCFC-4C30-9967-CC30D36292F3}C:\program files\comicrack\comicrack.exe] => (Allow) C:\program files\comicrack\comicrack.exe
FirewallRules: [UDP Query User{28F2EC35-E815-479D-B5B0-88A716919B4E}C:\program files\comicrack\comicrack.exe] => (Allow) C:\program files\comicrack\comicrack.exe
FirewallRules: [{7FE5707E-DA61-42FB-A847-D0E2B8E4723D}] => (Allow) C:\Program Files (x86)\BitTorrent Sync\BTSync.exe
FirewallRules: [{8B4D8705-F675-47C6-B159-6DE184055E35}] => (Allow) C:\Program Files (x86)\BitTorrent Sync\BTSync.exe
FirewallRules: [{304A4303-B574-4369-811B-A0BC53B36644}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Witcher Enhanced Edition\System\witcher.exe
FirewallRules: [{CFBF4CB7-7C62-45E8-A094-690BC9421604}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Witcher Enhanced Edition\System\witcher.exe
FirewallRules: [{1E455F01-2230-4523-8B31-E731C404E657}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Witcher Enhanced Edition\System\djinni!.exe
FirewallRules: [{6942D3E2-80A5-4C13-A4FC-8B67CD02AD8B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Witcher Enhanced Edition\System\djinni!.exe
FirewallRules: [{C42B5ABA-86B4-47CE-BAB3-123F587F32FA}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Witcher Enhanced Edition\Digital Comic\DigitalComic.exe
FirewallRules: [{5C6E041C-0244-45CC-B1D2-A64C6FC584D2}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Witcher Enhanced Edition\Digital Comic\DigitalComic.exe
FirewallRules: [{0179A596-CE66-4F1E-A6FA-7A02B9942FEF}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\How to Survive\HowToSurvive.exe
FirewallRules: [{02CACBFA-DB8A-4A40-8841-13F9A34B7C94}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\How to Survive\HowToSurvive.exe
FirewallRules: [{5ECE6AE2-3975-4A65-83C1-315BDB4D9ED0}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\How to Survive\Detect.exe
FirewallRules: [{9A31FE80-4312-4748-88E1-BFDA808AC319}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\How to Survive\Detect.exe
FirewallRules: [{1EAB5B9F-D77E-4B4E-80D9-BBDB3AA7ACB9}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Half-Life 2\hl2.exe
FirewallRules: [{EC541598-DF82-4E62-95F3-BD97898D5992}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Half-Life 2\hl2.exe
FirewallRules: [{92E65FE7-C300-40D9-8049-3CEFDCB32577}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{D2B5FC28-9E58-4C33-8EAF-A2BCC2099EC9}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Far Cry 3\bin\FC3UpdaterSteam.exe
FirewallRules: [{9176C9EF-4AB5-4CC2-9AD1-93BE46583375}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Far Cry 3\bin\FC3UpdaterSteam.exe
FirewallRules: [TCP Query User{DDDA03D4-D43B-41EF-AF9D-4F4EAF41DDD9}C:\program files (x86)\starcraft ii\versions\base38749\sc2_x64.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base38749\sc2_x64.exe
FirewallRules: [UDP Query User{3F56A0CC-672D-4379-9B1A-A1EBF9B322C6}C:\program files (x86)\starcraft ii\versions\base38749\sc2_x64.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base38749\sc2_x64.exe
FirewallRules: [{727A4383-4781-46BA-AAD5-BEF338D8AD84}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net Launcher.exe
FirewallRules: [{BB219E4D-A349-4496-8A68-5CF28C5959CD}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net Launcher.exe
FirewallRules: [{FAC5160A-8271-41BC-9CF9-C190F859969D}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net Launcher.exe
FirewallRules: [{11E1560D-7786-44B4-A937-373149B6368A}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net Launcher.exe
FirewallRules: [TCP Query User{86DC95B3-2305-4E9D-A4E3-F8DDA873D132}C:\program files (x86)\starcraft ii\versions\base38996\sc2_x64.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base38996\sc2_x64.exe
FirewallRules: [UDP Query User{4BA5C3E7-16B9-432E-8A45-FACC94FE9AAB}C:\program files (x86)\starcraft ii\versions\base38996\sc2_x64.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base38996\sc2_x64.exe
FirewallRules: [TCP Query User{F203F71C-B647-4DB4-8705-9A2D2DCCC4BF}C:\program files (x86)\starcraft ii\versions\base38996\sc2_x64.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base38996\sc2_x64.exe
FirewallRules: [UDP Query User{4ABADC62-8451-44E2-AB49-7DFAA9E1D880}C:\program files (x86)\starcraft ii\versions\base38996\sc2_x64.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base38996\sc2_x64.exe
FirewallRules: [TCP Query User{C14B42BB-892F-4439-9D23-F356092ACB59}C:\program files (x86)\starcraft ii\versions\base39576\sc2_x64.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base39576\sc2_x64.exe
FirewallRules: [UDP Query User{53B05269-CED8-4873-9BDE-767BC1E3D7F3}C:\program files (x86)\starcraft ii\versions\base39576\sc2_x64.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base39576\sc2_x64.exe
FirewallRules: [TCP Query User{274BCB66-77C7-4B32-8C76-2562184B2F7B}C:\program files (x86)\starcraft ii\versions\base41743\sc2_x64.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base41743\sc2_x64.exe
FirewallRules: [UDP Query User{A4855539-E298-4371-90EA-5AE54C71E0E3}C:\program files (x86)\starcraft ii\versions\base41743\sc2_x64.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base41743\sc2_x64.exe
FirewallRules: [TCP Query User{F1EC5057-1BFE-4363-A03D-4C74ED092118}C:\users\tony\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\tony\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{9ACBCC16-212B-4F10-BD06-88CAE3A76A3E}C:\users\tony\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\tony\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{99DEFCAB-8880-4910-A411-12C629DFEA97}C:\program files (x86)\starcraft ii\versions\base42253\sc2_x64.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base42253\sc2_x64.exe
FirewallRules: [UDP Query User{8F56C318-E395-41F5-BAD6-9EC52F300933}C:\program files (x86)\starcraft ii\versions\base42253\sc2_x64.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base42253\sc2_x64.exe
FirewallRules: [{433A6DFD-BBF8-4902-8699-F51EA2DAFFF6}] => (Allow) C:\Program Files\pia_manager\pia_manager.exe
FirewallRules: [{0EC7F383-986D-4046-961A-489E7A463801}] => (Allow) C:\Program Files\pia_manager\pia_manager.exe
FirewallRules: [{C0C05FB5-FF8A-4BAD-84AD-02412C610334}] => (Allow) C:\Program Files\pia_manager\pia_manager.exe
FirewallRules: [{38827AF6-90E0-433E-AFD3-3E292E083EFF}] => (Allow) C:\Program Files\pia_manager\pia_manager.exe
FirewallRules: [TCP Query User{47C2AEE1-9AC4-4CBF-A23C-21BD20C53CD7}C:\program files (x86)\starcraft ii\versions\base42932\sc2_x64.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base42932\sc2_x64.exe
FirewallRules: [UDP Query User{219E2389-4B86-488B-88C6-B2597AA1B0EC}C:\program files (x86)\starcraft ii\versions\base42932\sc2_x64.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base42932\sc2_x64.exe
FirewallRules: [TCP Query User{70119917-546B-4262-B2F8-E3861CFB024A}C:\program files (x86)\starcraft ii\versions\base43478\sc2_x64.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base43478\sc2_x64.exe
FirewallRules: [UDP Query User{A3F646BF-0C59-4441-A763-7E42F6E14291}C:\program files (x86)\starcraft ii\versions\base43478\sc2_x64.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base43478\sc2_x64.exe
FirewallRules: [TCP Query User{7B3BC547-386D-44DA-B856-6688220DCE42}C:\program files (x86)\starcraft ii\versions\base44401\sc2_x64.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base44401\sc2_x64.exe
FirewallRules: [UDP Query User{2F2B7EF2-5BEC-411E-9D85-0F96D156AF0A}C:\program files (x86)\starcraft ii\versions\base44401\sc2_x64.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base44401\sc2_x64.exe
FirewallRules: [TCP Query User{921920D5-6270-4BC1-BEFA-DFC14BB99493}C:\program files (x86)\starcraft ii\versions\base44983\sc2_x64.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base44983\sc2_x64.exe
FirewallRules: [UDP Query User{905ACA9D-DF61-4413-B976-5D833199DD12}C:\program files (x86)\starcraft ii\versions\base44983\sc2_x64.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base44983\sc2_x64.exe
FirewallRules: [TCP Query User{B2D44B2C-0FF6-44E6-867C-2D559AE571FC}C:\program files (x86)\starcraft ii\versions\base46154\sc2_x64.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base46154\sc2_x64.exe
FirewallRules: [UDP Query User{AC875072-0264-4BC2-8B3C-FFE6E713F76F}C:\program files (x86)\starcraft ii\versions\base46154\sc2_x64.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base46154\sc2_x64.exe
FirewallRules: [TCP Query User{977BB100-0188-4341-A2AF-7FEA48EBBA8C}C:\program files (x86)\starcraft ii\versions\base47185\sc2_x64.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base47185\sc2_x64.exe
FirewallRules: [UDP Query User{A44668C6-9C64-4F0E-BA0E-7A0C0D747763}C:\program files (x86)\starcraft ii\versions\base47185\sc2_x64.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base47185\sc2_x64.exe
FirewallRules: [TCP Query User{ABC0251F-84FC-40A3-A371-CA243B6962A8}C:\program files (x86)\starcraft ii\versions\base48258\sc2_x64.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base48258\sc2_x64.exe
FirewallRules: [UDP Query User{193A2525-DF7A-400C-956B-D9081E38A099}C:\program files (x86)\starcraft ii\versions\base48258\sc2_x64.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base48258\sc2_x64.exe
FirewallRules: [{C3282C1E-7659-4B8F-9257-8C4065A4CF85}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Metro 2033\metro2033.exe
FirewallRules: [{4094DA89-A5D7-41B7-9979-87027D6B63E2}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Metro 2033\metro2033.exe
FirewallRules: [{7F34928B-E98C-4557-B9FD-C43C8F454E36}] => (Allow) C:\Users\Tony\AppData\Local\Google\Chrome\Application\chrome.exe
FirewallRules: [{A8C5F1F1-0632-4501-858B-8F4EAF28BC27}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{F8A01D9A-62FA-414E-8633-0A428C33D8AB}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [TCP Query User{0737BDB7-CC86-4823-8569-F384F0DE07C1}C:\program files (x86)\starcraft ii\versions\base48645\sc2_x64.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base48645\sc2_x64.exe
FirewallRules: [UDP Query User{2E47101F-B9EE-40A1-B0DD-673A3513FB63}C:\program files (x86)\starcraft ii\versions\base48645\sc2_x64.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base48645\sc2_x64.exe
FirewallRules: [TCP Query User{BF700088-C7C9-4C29-9796-9DF866768570}C:\program files (x86)\starcraft ii\versions\base49716\sc2_x64.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base49716\sc2_x64.exe
FirewallRules: [UDP Query User{B28CBEFB-E374-4ABF-ABBE-CF46F5AF6C1E}C:\program files (x86)\starcraft ii\versions\base49716\sc2_x64.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base49716\sc2_x64.exe
FirewallRules: [TCP Query User{6CBF9D88-9686-4BFD-9827-3CCF443319D6}C:\program files (x86)\starcraft ii\versions\base51702\sc2_x64.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base51702\sc2_x64.exe
FirewallRules: [UDP Query User{E8209BB7-F5C4-4039-9AE1-B6CD618221B5}C:\program files (x86)\starcraft ii\versions\base51702\sc2_x64.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base51702\sc2_x64.exe
FirewallRules: [{ECBD7FF9-EB66-49B7-AD00-6118637642F2}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe
FirewallRules: [{50BDC76C-4F77-4EC5-8C07-A3256BE456A2}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe
FirewallRules: [{E1B890BD-27C8-4C69-B3BB-84C5833D4D6E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{02EE5E72-33B7-460B-A97E-922588FE8852}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{0E8C7CCB-7755-44D2-9E98-2A5168A96828}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{20C0F152-3640-4F0F-A452-A4DEC8622503}] => (Allow) C:\Program Files (x86)\VPN Unlimited\openvpn.exe
FirewallRules: [{11098611-6E18-47D7-8435-0C5423760E9E}] => (Allow) C:\Program Files (x86)\VPN Unlimited\openvpn.exe
FirewallRules: [TCP Query User{3E9152C0-E8D0-4AA3-A38F-F78C4A9282A4}C:\program files (x86)\starcraft ii\versions\base52910\sc2_x64.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base52910\sc2_x64.exe
FirewallRules: [UDP Query User{604F7706-5B5E-4B33-9893-92F6E8A5FA7B}C:\program files (x86)\starcraft ii\versions\base52910\sc2_x64.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base52910\sc2_x64.exe
FirewallRules: [TCP Query User{3946D6DD-7A22-4266-9003-AF26D1C384E2}C:\program files (x86)\starcraft ii\versions\base53644\sc2_x64.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base53644\sc2_x64.exe
FirewallRules: [UDP Query User{6C56C954-B03F-4194-A1D0-8EA475446390}C:\program files (x86)\starcraft ii\versions\base53644\sc2_x64.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base53644\sc2_x64.exe
FirewallRules: [{12C97139-C211-4F6E-95F3-C3D9E6901900}] => (Allow) C:\Program Files (x86)\Jawbone\JawboneUpdater.exe
FirewallRules: [{77FEE69C-518C-4419-8912-95F81EC0A9E2}] => (Allow) C:\Program Files (x86)\Jawbone\JawboneUpdater.exe
FirewallRules: [TCP Query User{2384408E-E408-4892-8816-FB3F44A08F00}C:\program files (x86)\starcraft ii\versions\base54518\sc2_x64.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base54518\sc2_x64.exe
FirewallRules: [UDP Query User{3B254439-68CD-4B2B-A94F-B166D57F65C9}C:\program files (x86)\starcraft ii\versions\base54518\sc2_x64.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base54518\sc2_x64.exe
FirewallRules: [TCP Query User{24682025-692D-4C09-9F00-13D4AA6DE9F0}C:\program files (x86)\starcraft\starcraft.exe] => (Allow) C:\program files (x86)\starcraft\starcraft.exe
FirewallRules: [UDP Query User{80B44FDE-CE38-4CEF-8E91-63FAF9FF8A96}C:\program files (x86)\starcraft\starcraft.exe] => (Allow) C:\program files (x86)\starcraft\starcraft.exe
FirewallRules: [TCP Query User{741F52C2-3AFD-4475-8B2D-ADF77AF3DBEE}C:\program files (x86)\starcraft ii\versions\base55505\sc2_x64.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base55505\sc2_x64.exe
FirewallRules: [UDP Query User{7ABAC158-CC3D-43A7-B6F2-D5A5F9CF6D3C}C:\program files (x86)\starcraft ii\versions\base55505\sc2_x64.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base55505\sc2_x64.exe
FirewallRules: [TCP Query User{0DCCC732-7C2E-4CE4-BD23-BF4B5E507B9A}C:\program files (x86)\starcraft ii\versions\base55958\sc2_x64.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base55958\sc2_x64.exe
FirewallRules: [UDP Query User{C9FE52E3-6FF9-46AB-9514-7D11BC31E127}C:\program files (x86)\starcraft ii\versions\base55958\sc2_x64.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base55958\sc2_x64.exe
FirewallRules: [TCP Query User{8D50237F-A830-47F6-AB45-DB2DD645F77B}C:\program files (x86)\starcraft ii\versions\base56787\sc2_x64.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base56787\sc2_x64.exe
FirewallRules: [UDP Query User{8D5BAE24-9EE4-4DAD-9CC8-17554736AB1C}C:\program files (x86)\starcraft ii\versions\base56787\sc2_x64.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base56787\sc2_x64.exe
FirewallRules: [TCP Query User{4ED4F737-EDBA-475C-B76B-2774F1591639}C:\program files (x86)\starcraft ii\versions\base57507\sc2_x64.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base57507\sc2_x64.exe
FirewallRules: [UDP Query User{75E7EB89-7D4A-4CCB-A121-62ECB1ED26CB}C:\program files (x86)\starcraft ii\versions\base57507\sc2_x64.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base57507\sc2_x64.exe
FirewallRules: [TCP Query User{825AE80E-4AFF-47FA-92B2-2254992342E5}C:\program files (x86)\ezviz studio\ezvizstudio.exe] => (Allow) C:\program files (x86)\ezviz studio\ezvizstudio.exe
FirewallRules: [UDP Query User{6F44D33C-7988-4F7F-AE66-AAA2D17B88FF}C:\program files (x86)\ezviz studio\ezvizstudio.exe] => (Allow) C:\program files (x86)\ezviz studio\ezvizstudio.exe
FirewallRules: [TCP Query User{8AE1EB9B-C2F8-459C-8830-CDE7AC11E9E3}C:\program files (x86)\starcraft ii\versions\base58400\sc2_x64.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base58400\sc2_x64.exe
FirewallRules: [UDP Query User{38EA4E55-A324-4615-A47E-54C7B6DC6A10}C:\program files (x86)\starcraft ii\versions\base58400\sc2_x64.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base58400\sc2_x64.exe
FirewallRules: [TCP Query User{7FCBD95E-A233-437C-8572-D0497269ED75}C:\program files (x86)\ezviz studio\ezvizstudio.exe] => (Allow) C:\program files (x86)\ezviz studio\ezvizstudio.exe
FirewallRules: [UDP Query User{142F4EC7-9381-4169-A17F-E56D51C53B0C}C:\program files (x86)\ezviz studio\ezvizstudio.exe] => (Allow) C:\program files (x86)\ezviz studio\ezvizstudio.exe
FirewallRules: [{D4BDB173-1DDB-4C75-94BD-1C5E53003866}] => (Allow) C:\Program Files (x86)\VPN Unlimited\vpn-unlimited.exe
FirewallRules: [{C9E9B489-8780-40D6-8E08-80019DC3F3BB}] => (Allow) C:\Program Files (x86)\VPN Unlimited\vpn-unlimited.exe
FirewallRules: [TCP Query User{E9A99166-3BC4-4456-8D92-49A9C67C4D0D}C:\program files (x86)\starcraft ii\versions\base60196\sc2_x64.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base60196\sc2_x64.exe
FirewallRules: [UDP Query User{B013799B-13C4-4902-8942-140F42C9D53A}C:\program files (x86)\starcraft ii\versions\base60196\sc2_x64.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base60196\sc2_x64.exe
FirewallRules: [TCP Query User{64E0CEF2-11AF-430F-81F7-842FEACB38A7}C:\program files (x86)\starcraft ii\versions\base60321\sc2_x64.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base60321\sc2_x64.exe
FirewallRules: [UDP Query User{89AE2755-5EA1-471C-AA8E-70B4C7F09E0D}C:\program files (x86)\starcraft ii\versions\base60321\sc2_x64.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base60321\sc2_x64.exe
FirewallRules: [TCP Query User{0DF09FFA-699E-4ECF-8FEA-CD7D6BE6FB8C}C:\program files (x86)\vpn unlimited\vpn-unlimited.exe] => (Allow) C:\program files (x86)\vpn unlimited\vpn-unlimited.exe
FirewallRules: [UDP Query User{BEAF2393-563D-4E11-85A1-85C9B210F20F}C:\program files (x86)\vpn unlimited\vpn-unlimited.exe] => (Allow) C:\program files (x86)\vpn unlimited\vpn-unlimited.exe
FirewallRules: [TCP Query User{B00BBDB5-C940-41BA-BE6A-CF31FCA26E7A}C:\program files (x86)\starcraft ii\versions\base60321\sc2_x64.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base60321\sc2_x64.exe
FirewallRules: [UDP Query User{70ACFB73-2993-459D-924A-F78EC4F052FE}C:\program files (x86)\starcraft ii\versions\base60321\sc2_x64.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base60321\sc2_x64.exe
FirewallRules: [TCP Query User{7346EE59-2327-41BB-8AB9-1BE1C71B485F}C:\program files (x86)\starcraft ii\versions\base62347\sc2_x64.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base62347\sc2_x64.exe
FirewallRules: [UDP Query User{05644EEC-524D-4E48-8A24-57281BD861E9}C:\program files (x86)\starcraft ii\versions\base62347\sc2_x64.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base62347\sc2_x64.exe
FirewallRules: [TCP Query User{28AD80B6-7A5C-4F58-9C04-64165FEC23E1}C:\program files (x86)\starcraft ii\versions\base62347\sc2_x64.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base62347\sc2_x64.exe
FirewallRules: [UDP Query User{DB86D642-0EB3-48F8-867A-A596E9EA8C13}C:\program files (x86)\starcraft ii\versions\base62347\sc2_x64.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base62347\sc2_x64.exe
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service
 
==================== Restore Points =========================
 
24-02-2018 21:24:15 Windows Update
28-02-2018 10:08:05 Windows Update
 
==================== Faulty Device Manager Devices =============
 
Name: Microsoft Virtual WiFi Miniport Adapter
Description: Microsoft Virtual WiFi Miniport Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: vwifimp
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
 
 
==================== Event log errors: =========================
 
Could not start eventlog service, could not read events.
 
The Windows Event Log service is starting.
The Windows Event Log service could not be started.
 
A system error has occurred.
 
The system cannot find message text for message number 0x1069 in the message file for (null).
 
More help is available by typing NET HELPMSG 4201.
 
 
==================== Memory info =========================== 
 
Processor: Intel® Core™ i5-2550K CPU @ 3.40GHz
Percentage of memory in use: 31%
Total physical RAM: 8173.21 MB
Available physical RAM: 5569.36 MB
Total Virtual: 16344.59 MB
Available Virtual: 13005.7 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:931.41 GB) (Free:278.67 GB) NTFS
 
\\?\Volume{6e3c938c-843e-11e1-8978-806e6f6e6963}\ (System Reserved) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: E0D240D5)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=931.4 GB) - (Type=07 NTFS)
 
==================== End of Addition.txt ============================

 


  • 0

Advertisements


#2
RKinner

RKinner

    Malware Expert

  • Expert
  • 21,459 posts
  • MVP

Get Process Explorer

http://live.sysinter...com/procexp.exe
Save it to your desktop then run it (Vista or Win7+ - right click and Run As Administrator).  

View, Select Column, check Verified Signer, OK
Options, Verify Image Signatures


Click twice on the CPU column header  to sort things by CPU usage with the big hitters at the top.  

Wait a full minute then:

File, Save As, Save.  Note the file name.   Open the file  on your desktop and copy and paste the text to a reply.


Copy the next 2 lines:

TASKLIST /SVC  > \junk.txt
notepad \junk.txt

Open an Elevated Command Prompt:
Win 7: Start, All Programs, Accessories then right click on Command Prompt and Run as Administrator
Win 8: http://www.eightforu...indows-8-a.html
win 10: http://www.howtogeek...-in-windows-10/

Right click and Paste (or Edit then Paste) and the copied lines should appear.
Hit Enter if notepad does not open.  Copy and paste the text from notepad into a reply.


Get the free version of Speccy:

http://www.filehippo...ownload_speccy/ 

(Look in the upper right for the Download
Latest Version button  - Do NOT press the large Start Download button on the upper left!)  
Download, Save and Install it.  Tell it you do not need CCLEANER.    Run Speccy.  When it finishes (the little icon in the bottom left will stop moving),
File, Save as Text File,  (to your desktop) note the name it gives. OK.  Open the file in notepad and delete the line that gives the serial number of your Operating System.  
(It will be near the top,  10-20  lines down.) Save the file.  Attach the file to your next post.  Attaching the log is the best option as it is too big for the forum.  Attaching is a multi step process.

First click on More Reply Options
Then scroll down to where you see
Choose File and click on it.  Point it at the file and hit Open.
Now click on Attach this file.



 


  • 0

#3
[email protected]

[email protected]

    New Member

  • Topic Starter
  • Member
  • Pip
  • 6 posts

Thank you! Sorry for the slow reply, here's the first data you asked for:

 

Process CPU Private Bytes Working Set PID Description Company Name Verified Signer
System Idle Process 95.81 0 K 24 K 0
procexp64.exe 1.35 28,072 K 46,816 K 3696 Sysinternals Process Explorer Sysinternals - www.sysinternals.com (Verified) Microsoft Corporation
chrome.exe 1.26 241,392 K 278,500 K 5840 Google Chrome Google Inc. (Verified) Google Inc
Interrupts 0.28 0 K 0 K n/a Hardware Interrupts and DPCs
chrome.exe 0.27 237,072 K 336,760 K 5188 Google Chrome Google Inc. (Verified) Google Inc
googledrivesync.exe 0.23 111,040 K 50,736 K 740 (Verified) Google Inc
MsMpEng.exe 0.16 157,680 K 123,284 K 128 Antimalware Service Executable Microsoft Corporation (Verified) Microsoft Corporation
System 0.15 252 K 1,324 K 4
svchost.exe 0.13 5,012 K 5,048 K 812 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
chrome.exe 0.06 210,124 K 238,564 K 5368 Google Chrome Google Inc. (Verified) Google Inc
dwm.exe 0.05 73,300 K 61,868 K 3048 Desktop Window Manager Microsoft Corporation (Verified) Microsoft Windows
chrome.exe 0.05 6,368 K 12,112 K 5352 Google Chrome Google Inc. (Verified) Google Inc
chrome.exe 0.04 56,988 K 74,468 K 4836 Google Chrome Google Inc. (Verified) Google Inc
csrss.exe 0.03 4,160 K 23,224 K 604 Client Server Runtime Process Microsoft Corporation (Verified) Microsoft Windows
nvcontainer.exe 0.02 9,068 K 6,108 K 2028 NVIDIA Container NVIDIA Corporation (Verified) NVIDIA Corporation
explorer.exe 0.02 68,676 K 76,248 K 1196 Windows Explorer Microsoft Corporation (Verified) Microsoft Windows
Dropbox.exe 0.01 176,016 K 81,052 K 3608 Dropbox Dropbox, Inc. (Verified) Dropbox
chrome.exe 0.01 47,596 K 62,152 K 2344 Google Chrome Google Inc. (Verified) Google Inc
svchost.exe 0.01 8,484 K 8,716 K 2928 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 0.01 15,848 K 12,232 K 3732 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
chrome.exe 0.01 99,608 K 128,288 K 7924 Google Chrome Google Inc. (Verified) Google Inc
NVIDIA Web Helper.exe 0.01 32,140 K 1,416 K 5116 NVIDIA Web Helper Service Node.js (Verified) NVIDIA Corporation
nvcontainer.exe 0.01 35,152 K 11,716 K 1404 NVIDIA Container NVIDIA Corporation (Verified) NVIDIA Corporation
svchost.exe 0.01 18,228 K 8,608 K 496 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
PnkBstrA.exe < 0.01 1,236 K 516 K 704 (Verified) Even Balance
SearchIndexer.exe < 0.01 41,056 K 20,692 K 2444 Microsoft Windows Search Indexer Microsoft Corporation (Verified) Microsoft Windows
taskhost.exe < 0.01 8,348 K 6,564 K 1140 Host Process for Windows Tasks Microsoft Corporation (Verified) Microsoft Windows
svchost.exe < 0.01 11,096 K 12,252 K 1028 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe < 0.01 40,280 K 19,180 K 1432 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe < 0.01 57,588 K 49,784 K 1060 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
NVDisplay.Container.exe < 0.01 24,136 K 12,096 K 1272 NVIDIA Container NVIDIA Corporation (Verified) NVIDIA Corporation
chrome.exe < 0.01 226,816 K 194,060 K 5992 Google Chrome Google Inc. (Verified) Google Inc
csrss.exe < 0.01 2,268 K 1,980 K 536 Client Server Runtime Process Microsoft Corporation (Verified) Microsoft Windows
wmpnetwk.exe < 0.01 14,288 K 12,168 K 2412 Windows Media Player Network Sharing Service Microsoft Corporation (Verified) Microsoft Windows
ipoint.exe < 0.01 5,664 K 2,592 K 3140 IPoint.exe Microsoft Corporation (Verified) Microsoft Corporation
svchost.exe < 0.01 12,700 K 9,880 K 792 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
WmiPrvSE.exe 3,652 K 7,548 K 6084 WMI Provider Host Microsoft Corporation (Verified) Microsoft Windows
WmiPrvSE.exe 2,948 K 7,264 K 3080 WMI Provider Host Microsoft Corporation (Verified) Microsoft Windows
WLIDSVCM.EXE 1,436 K 396 K 2268 Microsoft® Windows Live ID Service Monitor Microsoft Corporation (Verified) Microsoft Corporation
WLIDSVC.EXE 4,952 K 2,896 K 1328 Microsoft® Windows Live ID Service Microsoft Corporation (Verified) Microsoft Corporation
wlanext.exe 1,984 K 2,104 K 1620 Windows Wireless LAN 802.11 Extensibility Framework Microsoft Corporation (Verified) Microsoft Windows
winlogon.exe 3,168 K 2,416 K 664 Windows Logon Application Microsoft Corporation (Verified) Microsoft Windows
wininit.exe 1,684 K 236 K 576 Windows Start-Up Application Microsoft Corporation (Verified) Microsoft Windows
taskeng.exe 2,656 K 3,048 K 2888 Task Scheduler Engine Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 198,864 K 190,100 K 1312 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 5,400 K 5,332 K 932 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 17,104 K 15,180 K 1740 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 3,536 K 2,000 K 1976 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 2,996 K 2,008 K 1160 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
SpotifyWebHelper.exe 1,572 K 724 K 3636 SpotifyWebHelper Spotify Ltd (Verified) Spotify AB
spoolsv.exe 9,140 K 5,108 K 1712 Spooler SubSystem App Microsoft Corporation (Verified) Microsoft Windows
smss.exe 548 K 376 K 296 Windows Session Manager Microsoft Corporation (Verified) Microsoft Windows
services.exe 4,060 K 4,356 K 676 Services and Controller app Microsoft Corporation (Verified) Microsoft Windows
RAVCpl64.exe 9,612 K 2,420 K 3356 Realtek HD Audio Manager Realtek Semiconductor (Verified) Realtek Semiconductor Corp
procexp.exe 3,740 K 7,936 K 5404 Sysinternals Process Explorer Sysinternals - www.sysinternals.com (Verified) Microsoft Corporation
NVDisplay.Container.exe 4,848 K 4,560 K 880 NVIDIA Container NVIDIA Corporation (Verified) NVIDIA Corporation
notepad.exe 2,000 K 6,884 K 4884 Notepad Microsoft Corporation (Verified) Microsoft Windows
NisSrv.exe 17,424 K 9,196 K 2468 Microsoft Network Realtime Inspection Service Microsoft Corporation (Verified) Microsoft Corporation
msseces.exe 6,432 K 1,380 K 3532 Microsoft Security Client User Interface Microsoft Corporation (Verified) Microsoft Corporation
lsm.exe 3,024 K 1,984 K 708 Local Session Manager Service Microsoft Corporation (Verified) Microsoft Windows
lsass.exe 7,944 K 7,692 K 700 Local Security Authority Process Microsoft Corporation (Verified) Microsoft Windows
itype.exe 8,548 K 1,816 K 3124 IType.exe Microsoft Corporation (Verified) Microsoft Corporation
googledrivesync.exe 2,952 K 144 K 3684 (Verified) Google Inc
GoogleCrashHandler64.exe 1,668 K 656 K 3248 Google Crash Handler Google Inc. (Verified) Google Inc
GoogleCrashHandler.exe 1,524 K 528 K 3100 Google Crash Handler Google Inc. (Verified) Google Inc
Dropbox.exe 2,140 K 1,236 K 3476 Dropbox Dropbox, Inc. (Verified) Dropbox
Dropbox.exe 1,360 K 348 K 3752 Dropbox Dropbox, Inc. (Verified) Dropbox
dllhost.exe 2,804 K 1,936 K 4776 COM Surrogate Microsoft Corporation (Verified) Microsoft Windows
conhost.exe 1,916 K 6,100 K 4664 Console Window Host Microsoft Corporation (Verified) Microsoft Windows
conhost.exe 1,092 K 432 K 1684 Console Window Host Microsoft Corporation (Verified) Microsoft Windows
conhost.exe 1,484 K 460 K 3224 Console Window Host Microsoft Corporation (Verified) Microsoft Windows
cmd.exe 2,520 K 3,420 K 8024 Windows Command Processor Microsoft Corporation (Verified) Microsoft Windows
chrome.exe 118,112 K 127,292 K 7888 Google Chrome Google Inc. (Verified) Google Inc
chrome.exe 2,556 K 6,184 K 6220 Google Chrome Google Inc. (Verified) Google Inc
chrome.exe 24,924 K 37,072 K 6816 Google Chrome Google Inc. (Verified) Google Inc
chrome.exe 32,928 K 44,224 K 6632 Google Chrome Google Inc. (Verified) Google Inc
chrome.exe 2,708 K 6,864 K 2040 Google Chrome Google Inc. (Verified) Google Inc
audiodg.exe 19,036 K 18,236 K 5496 Windows Audio Device Graph Isolation Microsoft Corporation (Verified) Microsoft Windows

  • 0

#4
[email protected]

[email protected]

    New Member

  • Topic Starter
  • Member
  • Pip
  • 6 posts
 
Image Name                     PID Services                                    
========================= ======== ============================================
System Idle Process              0 N/A                                         
System                           4 N/A                                         
smss.exe                       296 N/A                                         
csrss.exe                      536 N/A                                         
wininit.exe                    576 N/A                                         
csrss.exe                      604 N/A                                         
winlogon.exe                   664 N/A                                         
services.exe                   676 N/A                                         
lsass.exe                      700 EFS, KeyIso, SamSs                          
lsm.exe                        708 N/A                                         
svchost.exe                    812 DcomLaunch, PlugPlay, Power                 
NVDisplay.Container.exe        880 NVDisplay.ContainerLocalSystem              
svchost.exe                    932 RpcEptMapper, RpcSs                         
MsMpEng.exe                    128 MsMpSvc                                     
svchost.exe                    496 AudioSrv, Dhcp, HomeGroupProvider, lmhosts, 
                                   wscsvc                                      
svchost.exe                    792 AudioEndpointBuilder, HomeGroupListener,    
                                   Netman, PcaSvc, TrkWks, UxSms, Wlansvc      
svchost.exe                   1028 EventSystem, fdPHost, FontCache, netprofm,  
                                   nsi, WdiServiceHost                         
svchost.exe                   1060 Appinfo, BITS, EapHost, iphlpsvc,           
                                   LanmanServer, MMCSS, ProfSvc, Schedule,     
                                   SENS, ShellHWDetection, Themes, Winmgmt,    
                                   wuauserv                                    
svchost.exe                   1160 gpsvc                                       
NVDisplay.Container.exe       1272 N/A                                         
svchost.exe                   1432 CryptSvc, Dnscache, LanmanWorkstation,      
                                   NlaSvc                                      
wlanext.exe                   1620 N/A                                         
conhost.exe                   1684 N/A                                         
spoolsv.exe                   1712 Spooler                                     
svchost.exe                   1740 BFE, DPS, MpsSvc                            
svchost.exe                   1976 DiagTrack                                   
nvcontainer.exe               2028 NvContainerLocalSystem                      
PnkBstrA.exe                   704 PnkBstrA                                    
svchost.exe                   1312 SysMain                                     
WLIDSVC.EXE                   1328 wlidsvc                                     
WLIDSVCM.EXE                  2268 N/A                                         
SearchIndexer.exe             2444 WSearch                                     
NisSrv.exe                    2468 NisSrv                                      
svchost.exe                   2928 FDResPub, QWAVE, SSDPSRV, upnphost          
wmpnetwk.exe                  2412 WMPNetworkSvc                               
taskhost.exe                  1140 N/A                                         
nvcontainer.exe               1404 N/A                                         
dwm.exe                       3048 N/A                                         
taskeng.exe                   2888 N/A                                         
explorer.exe                  1196 N/A                                         
GoogleCrashHandler.exe        3100 N/A                                         
itype.exe                     3124 N/A                                         
ipoint.exe                    3140 N/A                                         
GoogleCrashHandler64.exe      3248 N/A                                         
RAVCpl64.exe                  3356 N/A                                         
msseces.exe                   3532 N/A                                         
SpotifyWebHelper.exe          3636 N/A                                         
googledrivesync.exe           3684 N/A                                         
Dropbox.exe                   3608 N/A                                         
Dropbox.exe                   3476 N/A                                         
Dropbox.exe                   3752 N/A                                         
svchost.exe                   3732 p2pimsvc, p2psvc, PNRPsvc                   
googledrivesync.exe            740 N/A                                         
dllhost.exe                   4776 N/A                                         
NVIDIA Web Helper.exe         5116 N/A                                         
conhost.exe                   3224 N/A                                         
chrome.exe                    5188 N/A                                         
chrome.exe                    6220 N/A                                         
chrome.exe                    2040 N/A                                         
chrome.exe                    5992 N/A                                         
chrome.exe                    6816 N/A                                         
chrome.exe                    6632 N/A                                         
chrome.exe                    7888 N/A                                         
chrome.exe                    4836 N/A                                         
chrome.exe                    7924 N/A                                         
chrome.exe                    5368 N/A                                         
chrome.exe                    2344 N/A                                         
chrome.exe                    5840 N/A                                         
audiodg.exe                   5496 N/A                                         
procexp.exe                   5404 N/A                                         
procexp64.exe                 3696 N/A                                         
WmiPrvSE.exe                  3080 N/A                                         
chrome.exe                    7760 N/A                                         
dllhost.exe                   5552 N/A                                         
dllhost.exe                   7984 N/A                                         
cmd.exe                       8024 N/A                                         
conhost.exe                   4664 N/A                                         
tasklist.exe                  5464 N/A                                         
WmiPrvSE.exe                  6084 N/A                                         

  • 0

#5
[email protected]

[email protected]

    New Member

  • Topic Starter
  • Member
  • Pip
  • 6 posts

And here's the Speccy file :)

 

Thanks!

Attached Files


Edited by [email protected], 03 March 2018 - 08:18 PM.

  • 0

#6
RKinner

RKinner

    Malware Expert

  • Expert
  • 21,459 posts
  • MVP

FRST doesn't show any malware and Process Explorer doesn't show any problems with something using the CPU.  The Hard drive is very old and it's a Seagate so it's a miracle that it still runs.  They generally don't last more than a year or two.

 

There was no attachment to listen to but the forum software only allows certain file types - otherwise you have to zip them up and there is a limit to the size of the file.  Perhaps you can put it on dropbox or google drive and give me a link to it.  Remember to make sure that I can read it as the default is usually private mode.

 

If you are sure it is not the CPU fan (which you might also want to replace since it's so old) and it's not the fan in the power supply or the graphics card then that only leaves the hard drive.  ( I assume you ruled out the audio by putting it on mute).  Replacing the hard drive is not difficult especially with a desktop.

 

You just need a replacement drive as big or bigger than your current drive.

Something like this:

WD Black 1TB Performance Desktop Hard Disk Drive - 7200 RPM SATA 6 Gb/s 64MB Cache 3.5 Inch - WD1003FZEX
Amazon $71.99

They also have a 2TB version for $109

 

I recommend the WD Blacks since they seem to last forever and have a better warranty than the Blue but if cost is a problem a Blue is:

WD Blue 1TB SATA 6 Gb/s 7200 RPM 64MB Cache 3.5 Inch Desktop Hard Drive (WD10EZEX)
 

for $47.49

 

Other brands are probably OK just don't get another Seagate.

 

Then you will need some cloning software.

You can use the software from your new drive maker's website or even from Seagate's site or some free software like Macrium

https://www.macrium.com/reflectfree

 

Download and install the software then shut down the PC. 

 

You need to install the new drive.  You probably have a spare SATA connection - most motherboards have 4 total but sometimes these are turned off in the BIOS setup and need to be turned on and you would need a spare power connection and a SATA cable.  The simplest thing to do is to just unplug the SATA and power cables from your DVD drive and plug them in to the new drive.  You don't need to even mount the new drive - just make sure it can't accidentally short something out. 

 

Fire it up and it should recognize the drive in disk management but you won't see it in explorer tho Speccy will probably see it. 

 

Start up your cloning sofware and tell it to clone from your old drive (Source) to the new (Destination).  Once it's done (may take hours) then you just shut down, disconnect the old drive and mount the new in its place, reconnect the DVD and reboot.  If your drive is larger than 1 TB then go in and extend the partition to use up the remaining space.  Don't go higher than 2TB on a Win 7.


  • 0

#7
[email protected]

[email protected]

    New Member

  • Topic Starter
  • Member
  • Pip
  • 6 posts

Ok thanks for all that info! Here is a dropbox link to the video file with the sound:

 

https://www.dropbox....231150.mp4?dl=0

 

Let me know if listening to the sound specifies your diagnosis in anyway. Otherwise I think I'll be trying to replace the HD. (btw I'm happy to hear that I got that HD to last a long time, didn't realize the risk I took, hehe).

 

 


  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP