Hello there, and thanks for the help
I've had my desktop for about 6 years and I use things like spybot, malwarebyte, and tweaknow to keep it running smooth. Recently it began to constantly make a very loud sound. It used to only make this sound during high processing, like a virus scan or downloading large files or writing large files to an external drive, and then it would stop. But now, even when the computer is sitting idle with all programs off and the internet disconnected, there is a loud sound coming from it, a sound which I've only heard while my computer was being pushed to process a lot of data.
At first I assumed it was some sort of virus that was constantly using my computer as a server, but after cleaning extensively and removing the internet connection, the sound continued. Now I'm starting to think that the hard drive is dying and any data processing causes it to be loud. I've noticed that if I turn the computer off for a while, when I turn it back on the loud noise isn't there at first, but it slowly builds up again, until I can hear it constantly purring away from across the house.
I've attached a file with a video of my computer so you can hear the sound. The sound is clearest at the end of the video once I move the camera near the ventilation holes. The sound is separate from the fan, and has a stutter-like, Star Wars droid language vibe to it. I've also included the FRST text below.
I'm not sure what's wrong so please walk me through whatever steps y'all think are necessary to diagnose this problem. If this is a sign my harddrive is about to die, can someone help me figure out how to make a full copy of my current setup and put it on a new drive so that I can install it and boot straight to what I experience right now (minus the sound of course, hehe)?
Many thanks for any help,
-Brett
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 28.02.2018
Ran by Tony (administrator) on TONY-PC (28-02-2018 14:47:32)
Running from C:\Users\Tony\Desktop
Loaded Profiles: Tony (Available Profiles: Tony)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Spotify Ltd) C:\Users\Tony\AppData\Roaming\Spotify\SpotifyWebHelper.exe
() C:\Program Files (x86)\Google\Drive\googledrivesync.exe
() C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.7\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.7\GoogleCrashHandler64.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Google Inc.) C:\Users\Tony\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Tony\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Tony\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Tony\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Tony\AppData\Local\Google\Chrome\Application\chrome.exe
(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(Google Inc.) C:\Users\Tony\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Tony\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Tony\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Tony\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Tony\AppData\Local\Google\Chrome\Application\chrome.exe
(Dropbox, Inc.) C:\Users\Tony\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Dropbox, Inc.) C:\Users\Tony\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Dropbox, Inc.) C:\Users\Tony\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Google Inc.) C:\Users\Tony\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Tony\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Tony\AppData\Local\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(Google Inc.) C:\Users\Tony\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Tony\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Tony\AppData\Local\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11905128 2011-06-28] (Realtek Semiconductor)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1353680 2016-11-14] (Microsoft Corporation)
HKLM\...\Run: [ShadowPlay] => "C:\Windows\system32\rundll32.exe" C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [amd_dc_opt] => C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe [77824 2008-07-22] (AMD)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-1102455636-970572162-2684302250-1001\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-1102455636-970572162-2684302250-1001\...\Run: [Spotify Web Helper] => C:\Users\Tony\AppData\Roaming\Spotify\SpotifyWebHelper.exe [777840 2017-10-29] (Spotify Ltd)
HKU\S-1-5-21-1102455636-970572162-2684302250-1001\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [41100328 2018-01-29] ()
HKU\S-1-5-21-1102455636-970572162-2684302250-1001\...\MountPoints2: {bf264a75-ba56-11e7-bfff-c860006e989e} - E:\LG_PC_Programs.exe
HKU\S-1-5-21-1102455636-970572162-2684302250-1001\...\MountPoints2: {e9ab700c-d19f-11e5-80da-c860006e989e} - E:\LG_PC_Programs.exe
HKU\S-1-5-21-1102455636-970572162-2684302250-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\es.scr [4136960 2011-12-13] ()
Startup: C:\Users\Tony\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2018-02-28]
ShortcutTarget: Dropbox.lnk -> C:\Users\Tony\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
BootExecute: autocheck autochk * sdnclean64.exe
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{83CC380F-0EFD-4577-8436-4FDC05C6D927}: [DhcpNameServer] 192.168.0.1 205.171.2.25
Tcpip\..\Interfaces\{893935B8-2CF8-4197-963C-594FB1F592F3}: [DhcpNameServer] 10.200.0.1
Tcpip\..\Interfaces\{F28A17E5-ABBD-49A3-AC39-7BE762094AD4}: [DhcpNameServer] 192.168.1.1
Internet Explorer:
==================
HKU\S-1-5-21-1102455636-970572162-2684302250-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://23.31.83.214/onlinebooking/
SearchScopes: HKLM -> DefaultScope {69088CDD-C0D1-4C45-8902-80A286C71C74} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MNMTDF&pc=MANM&src=IE-SearchBox
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {69088CDD-C0D1-4C45-8902-80A286C71C74} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MNMTDF&pc=MANM&src=IE-SearchBox
SearchScopes: HKLM-x32 -> DefaultScope {69088CDD-C0D1-4C45-8902-80A286C71C74} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MNMTDF&pc=MANM&src=IE-SearchBox
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {69088CDD-C0D1-4C45-8902-80A286C71C74} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MNMTDF&pc=MANM&src=IE-SearchBox
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1102455636-970572162-2684302250-1001 -> {69088CDD-C0D1-4C45-8902-80A286C71C74} URL =
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: ContributeBHO Class -> {074C1DC5-9320-4A9A-947D-C042949C6216} -> C:\Program Files (x86)\Adobe\Adobe Contribute CS5.1\Plugins\IEPlugin\contributeieplugin.dll [2011-03-19] (Adobe Systems, Inc.)
BHO-x32: No Name -> {5C255C8A-E604-49b4-9D64-90988571CECB} -> No File
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation)
BHO-x32: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2015-09-24] (Adobe Systems Incorporated)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: SmartSelect Class -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2015-09-24] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Contribute Toolbar - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files (x86)\Adobe\Adobe Contribute CS5.1\Plugins\IEPlugin\contributeieplugin.dll [2011-03-19] (Adobe Systems, Inc.)
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2015-09-24] (Adobe Systems Incorporated)
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll [2010-04-16] (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll [2010-04-16] (Microsoft Corporation)
FireFox:
========
FF DefaultProfile: o91mghwi.default-1420154049689
FF ProfilePath: C:\Users\Tony\AppData\Roaming\Mozilla\Firefox\Profiles\o91mghwi.default-1420154049689 [2018-02-27]
FF HKLM-x32\...\Firefox\Extensions: [{01A8CA0A-4C96-465b-A49B-65C46FAD54F9}] - C:\Program Files (x86)\Adobe\Adobe Contribute CS5.1\Plugins\FirefoxPlugin\{01A8CA0A-4C96-465b-A49B-65C46FAD54F9}
FF Extension: (Adobe Contribute Toolbar) - C:\Program Files (x86)\Adobe\Adobe Contribute CS5.1\Plugins\FirefoxPlugin\{01A8CA0A-4C96-465b-A49B-65C46FAD54F9} [2012-04-27] [Legacy] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [
[email protected]] - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: (Adobe Acrobat - Create PDF) - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2016-11-28] [Legacy] [not signed]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_232.dll [2015-08-13] ()
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_232.dll [2015-08-13] ()
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MIF5BA~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MIF5BA~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8117.0416 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-04-17] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2017-10-27] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2017-10-27] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-13] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-13] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll [2015-09-24] (Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-02-11] (Adobe Systems Inc.)
FF Plugin-x32: shipin7 -> C:\Program Files (x86)\hicloud\PCPlayer\npSP7WebVideoPlugin.dll [2016-05-09] ()
FF Plugin-x32: shipin7safebox -> C:\Program Files (x86)\hicloud\PCPlayer\npSafePlugin.dll [2016-05-09] ()
FF Plugin-x32: shipin7update -> C:\Program Files (x86)\hicloud\PCPlayer\npUpdataPlugin.dll [2016-05-09] ()
FF Plugin HKU\S-1-5-21-1102455636-970572162-2684302250-1001: @tools.google.com/Google Update;version=3 -> C:\Users\Tony\AppData\Local\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-14] (Google Inc.)
FF Plugin HKU\S-1-5-21-1102455636-970572162-2684302250-1001: @tools.google.com/Google Update;version=9 -> C:\Users\Tony\AppData\Local\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-14] (Google Inc.)
FF Plugin HKU\S-1-5-21-1102455636-970572162-2684302250-1001: anvisoft.com/AdblockPlugin -> [No File]
FF Plugin HKU\S-1-5-21-1102455636-970572162-2684302250-1001: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2017-05-30] ()
Chrome:
=======
CHR DefaultProfile: Default
CHR StartupUrls: Default -> "hxxps://www.google.com/calendar/render?tab=mc#main_7","hxxps://mail.google.com/mail/u/0/#inbox","hxxps://www.wunderlist.com/#/lists/starred"
CHR Profile: C:\Users\Tony\AppData\Local\Google\Chrome\User Data\Default [2018-02-28]
CHR Extension: (Google Drive) - C:\Users\Tony\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-20]
CHR Extension: (YouTube) - C:\Users\Tony\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-24]
CHR Extension: (Spotify - Music for every moment) - C:\Users\Tony\AppData\Local\Google\Chrome\User Data\Default\Extensions\cnkjkdjlofllcpbemipjbcpfnglbgieh [2017-07-15]
CHR Extension: (Google Search) - C:\Users\Tony\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-26]
CHR Extension: (History Limiter) - C:\Users\Tony\AppData\Local\Google\Chrome\User Data\Default\Extensions\dpdjaigdefdamkfcgjhbmpjbhiejjkph [2012-06-29]
CHR Extension: (Adobe Acrobat) - C:\Users\Tony\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-03-05]
CHR Extension: (Google Calendar) - C:\Users\Tony\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejjicmeblgpmajnghnpcppodonldlgfn [2017-01-07]
CHR Extension: (HTTPS Everywhere) - C:\Users\Tony\AppData\Local\Google\Chrome\User Data\Default\Extensions\gcbommkclmclpchllfjekcdonpmejbdp [2018-02-27]
CHR Extension: (Google Docs Offline) - C:\Users\Tony\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-15]
CHR Extension: (Telegram) - C:\Users\Tony\AppData\Local\Google\Chrome\User Data\Default\Extensions\hadgilakbfohcfcgfbioeeehgpkopaga [2017-02-20]
CHR Extension: (LastPass: Free Password Manager) - C:\Users\Tony\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd [2018-02-13]
CHR Extension: (Greenhouse) - C:\Users\Tony\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifomhmgandipmpnelclcmbefppopfklc [2016-03-19]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\Tony\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2018-02-26]
CHR Extension: (Poppit!) - C:\Users\Tony\AppData\Local\Google\Chrome\User Data\Default\Extensions\mcbkbpnkkkipelfledbfocopglifcfmi [2015-11-01]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Tony\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-02-26]
CHR Extension: (Click&Clean App) - C:\Users\Tony\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdabfienifkbhoihedcgeogidfmibmhp [2018-02-24]
CHR Extension: (Gmail) - C:\Users\Tony\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-29]
CHR Extension: (Chrome Media Router) - C:\Users\Tony\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-02-27]
CHR Profile: C:\Users\Tony\AppData\Local\Google\Chrome\User Data\Guest Profile [2015-05-22]
CHR Profile: C:\Users\Tony\AppData\Local\Google\Chrome\User Data\Profile 1 [2018-02-28]
CHR Extension: (Google Drive) - C:\Users\Tony\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-22]
CHR Extension: (YouTube) - C:\Users\Tony\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-30]
CHR Extension: (Google Search) - C:\Users\Tony\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27]
CHR Extension: (Adobe Acrobat) - C:\Users\Tony\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-03-08]
CHR Extension: (Google Docs Offline) - C:\Users\Tony\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-14]
CHR Extension: (Zoom) - C:\Users\Tony\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\hmbjbjdpkobdjplfobhljndfdfdipjhg [2018-02-22]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\Tony\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2018-02-26]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Tony\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-02-26]
CHR Extension: (Gmail) - C:\Users\Tony\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-05]
CHR Extension: (Chrome Media Router) - C:\Users\Tony\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-02-28]
CHR Profile: C:\Users\Tony\AppData\Local\Google\Chrome\User Data\System Profile [2017-08-03]
CHR Extension: (Google Slides) - C:\Users\Tony\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-06-01]
CHR Extension: (Google Docs) - C:\Users\Tony\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\aohghmighlieiainnegkcijnfilokake [2015-06-01]
CHR Extension: (YouTube) - C:\Users\Tony\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-06-01]
CHR Extension: (Google Search) - C:\Users\Tony\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-06-01]
CHR Extension: (Google Sheets) - C:\Users\Tony\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-06-01]
CHR Extension: (Gmail) - C:\Users\Tony\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-06-01]
CHR HKU\S-1-5-21-1102455636-970572162-2684302250-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\Tony\AppData\Local\Google\Drive\apdfllckaahabafndbhieahigkjlhalf_live.crx [2013-05-01]
CHR HKU\S-1-5-21-1102455636-970572162-2684302250-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [lhmiofmipcpmhgihiecmpiekcacigpgb] - <not found>
StartMenuInternet: Google Chrome - C:\Users\Tony\AppData\Local\Google\Chrome\Application\chrome.exe
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S4 Bonjour Service; C:\Program Files (x86)\Blizzard\Bonjour Service\mDNSResponder.exe [390504 2017-07-16] (Apple Inc.)
S2 CLKMSVC10_38F51D56; C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe [241648 2011-04-20] (CyberLink)
S4 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6234056 2017-11-01] (Malwarebytes)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [119864 2016-11-14] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [361816 2016-11-14] (Microsoft Corporation)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2014-03-02] ()
S4 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
S4 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [4088608 2016-09-21] (Safer-Networking Ltd.) [File not signed]
S4 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [235984 2016-11-24] (Safer-Networking Ltd.) [File not signed]
S4 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
S4 VPNUnlimitedService; C:\Program Files (x86)\VPN Unlimited\vpn-unlimited-daemon.exe [285696 2017-11-24] (KeepSolid Inc.) [File not signed]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-26] (Microsoft Corporation)
R2 NvContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe" -s NvContainerLocalSystem -a -f "C:\ProgramData\NVIDIA\NvContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvContainer\plugins\LocalSystem" -r -p 30000
S3 NvContainerNetworkService; "C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe" -s NvContainerNetworkService -f "C:\ProgramData\NVIDIA\NvContainerNetworkService.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvContainer\plugins\NetworkService" -r -p 30000
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 AndnetBus; C:\Windows\System32\DRIVERS\lgandnetbus64.sys [29184 2015-05-12] (LG Electronics Inc.)
S3 AndNetDiag; C:\Windows\System32\DRIVERS\lgandnetdiag64.sys [30720 2015-05-12] (LG Electronics Inc.)
S3 ANDNetModem; C:\Windows\System32\DRIVERS\lgandnetmodem64.sys [37376 2015-05-12] (LG Electronics Inc.)
R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae64.sys [77432 2017-11-29] ()
R3 Linksys_adapter_H; C:\Windows\System32\DRIVERS\AE2500w764.sys [1254464 2011-03-28] (Broadcom Corporation)
R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [193968 2018-02-25] (Malwarebytes)
S3 MBAMFarflt; C:\Windows\System32\DRIVERS\farflt.sys [110016 2018-02-26] (Malwarebytes)
S3 MBAMProtection; C:\Windows\System32\DRIVERS\mbam.sys [46008 2018-02-26] (Malwarebytes)
R0 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [253880 2018-02-25] (Malwarebytes)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [295000 2016-08-25] (Microsoft Corporation)
R1 MpKsldfb53773; c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{7F3442BE-4B26-43F5-AC8B-9B8CB5E166F9}\MpKsldfb53773.sys [58120 2018-02-28] (Microsoft Corporation)
R3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [135928 2016-08-25] (Microsoft Corporation)
R2 NPF; C:\Program Files (x86)\hicloud\PCPlayer\npf64.sys [36600 2016-05-04] (Riverbed Technology, Inc.)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [29240 2017-03-16] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [47672 2017-03-16] (NVIDIA Corporation)
R3 nvvhci; C:\Windows\System32\DRIVERS\nvvhci.sys [59448 2017-03-16] (NVIDIA Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2018-02-28 14:47 - 2018-02-28 14:48 - 000025649 _____ C:\Users\Tony\Desktop\FRST.txt
2018-02-28 14:46 - 2018-02-28 14:47 - 000000000 ____D C:\FRST
2018-02-28 14:46 - 2018-02-28 14:46 - 002403840 _____ (Farbar) C:\Users\Tony\Desktop\FRST64.exe
2018-02-28 11:59 - 2018-02-28 11:59 - 000000000 ____D C:\Users\Tony\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2018-02-26 15:26 - 2018-02-26 15:26 - 000110016 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt.sys
2018-02-25 20:43 - 2018-02-25 20:43 - 000193968 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamChameleon.sys
2018-02-25 20:42 - 2018-02-26 15:26 - 000046008 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2018-02-25 20:42 - 2018-02-25 20:42 - 067755792 _____ (Malwarebytes ) C:\Users\Tony\Desktop\mb3-setup-consumer-3.3.1.2183-1.0.262-1.0.4092.exe
2018-02-25 20:42 - 2018-02-25 20:42 - 000253880 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2018-02-25 20:42 - 2018-02-25 20:42 - 000001867 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2018-02-25 20:42 - 2018-02-25 20:42 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2018-02-25 20:42 - 2018-02-25 20:42 - 000000000 ____D C:\Program Files\Malwarebytes
2018-02-25 20:42 - 2017-11-29 09:11 - 000077432 _____ C:\Windows\system32\Drivers\mbae64.sys
2018-02-25 15:16 - 2018-02-25 15:16 - 000354987 _____ C:\Users\Tony\Desktop\i-129instr.pdf
2018-02-25 15:03 - 2018-02-25 15:03 - 001983279 _____ C:\Users\Tony\Desktop\i-129.pdf
2018-02-22 20:57 - 2018-02-26 16:26 - 000007602 _____ C:\Users\Tony\AppData\Local\Resmon.ResmonCfg
2018-02-22 15:30 - 2018-02-22 15:30 - 000075521 _____ C:\Users\Tony\Desktop\Inbox and Documents - Nelnet.pdf
2018-02-21 12:37 - 2018-02-21 12:37 - 002168540 _____ C:\Users\Tony\Desktop\2018 Sponsorship Deck_v6.pdf
2018-02-21 12:36 - 2018-02-21 12:36 - 002600051 _____ C:\Users\Tony\Desktop\Betty Williams Contagious Courage Press Kit.pdf
2018-02-21 12:36 - 2018-02-21 12:36 - 002415371 _____ C:\Users\Tony\Desktop\2018 Dream Team Sponsorship Deck v3.pdf
2018-02-21 12:36 - 2018-02-21 12:36 - 002415371 _____ C:\Users\Tony\Desktop\2018 Dream Team Sponsorship Deck v3 (1).pdf
2018-02-21 12:36 - 2018-02-21 12:36 - 000098448 _____ C:\Users\Tony\Desktop\Special Jury.pdf
2018-02-21 12:36 - 2018-02-21 12:36 - 000096580 _____ C:\Users\Tony\Desktop\Film Producer.pdf
2018-02-21 12:35 - 2018-02-21 12:35 - 002692635 _____ C:\Users\Tony\Desktop\Permanent file H. Peacejamleaseagreemt Arvada office.pdf
2018-02-21 12:35 - 2018-02-21 12:35 - 000667344 _____ C:\Users\Tony\Desktop\2018 Juror Package_ With Benefits.pdf
2018-02-21 12:35 - 2018-02-21 12:35 - 000299308 _____ C:\Users\Tony\Desktop\Permanent file C. PeaceJam Articles of incorporation.pdf
2018-02-21 12:35 - 2018-02-21 12:35 - 000091778 _____ C:\Users\Tony\Desktop\PeaceJam Bylaws Updated 2017.pdf
2018-02-21 12:31 - 2018-02-21 12:31 - 016935455 _____ C:\Users\Tony\Desktop\PeaceJam Sponsor Deck - 12.17.pptx
2018-02-21 12:31 - 2018-02-21 12:31 - 000991446 _____ C:\Users\Tony\Desktop\PeaceJam Sponsor Deck - 12.17.pdf
2018-02-21 12:30 - 2018-02-21 12:30 - 003542573 _____ C:\Users\Tony\Desktop\2018 Sponsorship Deck_v3.pdf
2018-02-21 12:30 - 2018-02-21 12:30 - 002953597 _____ C:\Users\Tony\Desktop\2018 Dream Team Sponsorship Deck_v3.pdf
2018-02-21 09:02 - 2018-02-10 12:52 - 000395928 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2018-02-21 09:02 - 2018-02-10 12:03 - 000347296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2018-02-21 09:02 - 2018-02-10 01:44 - 025740288 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2018-02-21 09:02 - 2018-02-10 00:30 - 002724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2018-02-21 09:02 - 2018-02-10 00:29 - 000004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2018-02-21 09:02 - 2018-02-10 00:19 - 002900480 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2018-02-21 09:02 - 2018-02-10 00:17 - 000417280 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2018-02-21 09:02 - 2018-02-10 00:17 - 000066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2018-02-21 09:02 - 2018-02-10 00:17 - 000048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2018-02-21 09:02 - 2018-02-10 00:16 - 000577536 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2018-02-21 09:02 - 2018-02-10 00:16 - 000088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2018-02-21 09:02 - 2018-02-10 00:10 - 000054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2018-02-21 09:02 - 2018-02-10 00:10 - 000034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2018-02-21 09:02 - 2018-02-10 00:09 - 005782016 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2018-02-21 09:02 - 2018-02-10 00:07 - 000615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2018-02-21 09:02 - 2018-02-10 00:06 - 000816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2018-02-21 09:02 - 2018-02-10 00:06 - 000814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2018-02-21 09:02 - 2018-02-10 00:06 - 000144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2018-02-21 09:02 - 2018-02-10 00:06 - 000116224 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2018-02-21 09:02 - 2018-02-10 00:01 - 000969216 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2018-02-21 09:02 - 2018-02-09 23:58 - 000489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2018-02-21 09:02 - 2018-02-09 23:52 - 000087552 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2018-02-21 09:02 - 2018-02-09 23:52 - 000077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2018-02-21 09:02 - 2018-02-09 23:51 - 000107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2018-02-21 09:02 - 2018-02-09 23:49 - 000199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2018-02-21 09:02 - 2018-02-09 23:48 - 000092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2018-02-21 09:02 - 2018-02-09 23:46 - 000315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2018-02-21 09:02 - 2018-02-09 23:45 - 000152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2018-02-21 09:02 - 2018-02-09 23:36 - 015283712 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2018-02-21 09:02 - 2018-02-09 23:36 - 000262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2018-02-21 09:02 - 2018-02-09 23:34 - 000807936 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2018-02-21 09:02 - 2018-02-09 23:34 - 000726528 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2018-02-21 09:02 - 2018-02-09 23:33 - 001359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2018-02-21 09:02 - 2018-02-09 23:32 - 002134528 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2018-02-21 09:02 - 2018-02-09 23:27 - 003241472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2018-02-21 09:02 - 2018-02-09 23:20 - 020274176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2018-02-21 09:02 - 2018-02-09 23:14 - 001546240 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2018-02-21 09:02 - 2018-02-09 23:08 - 002724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2018-02-21 09:02 - 2018-02-09 23:02 - 000800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2018-02-21 09:02 - 2018-02-09 22:57 - 000499712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2018-02-21 09:02 - 2018-02-09 22:57 - 000341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2018-02-21 09:02 - 2018-02-09 22:57 - 000062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2018-02-21 09:02 - 2018-02-09 22:57 - 000047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2018-02-21 09:02 - 2018-02-09 22:56 - 000064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2018-02-21 09:02 - 2018-02-09 22:54 - 002294272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2018-02-21 09:02 - 2018-02-09 22:52 - 000047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2018-02-21 09:02 - 2018-02-09 22:51 - 000030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2018-02-21 09:02 - 2018-02-09 22:50 - 000476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2018-02-21 09:02 - 2018-02-09 22:49 - 000662528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2018-02-21 09:02 - 2018-02-09 22:49 - 000620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2018-02-21 09:02 - 2018-02-09 22:49 - 000115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2018-02-21 09:02 - 2018-02-09 22:42 - 000416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2018-02-21 09:02 - 2018-02-09 22:39 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2018-02-21 09:02 - 2018-02-09 22:38 - 000091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2018-02-21 09:02 - 2018-02-09 22:38 - 000073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2018-02-21 09:02 - 2018-02-09 22:36 - 000168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2018-02-21 09:02 - 2018-02-09 22:35 - 004498944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2018-02-21 09:02 - 2018-02-09 22:35 - 000279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2018-02-21 09:02 - 2018-02-09 22:35 - 000076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2018-02-21 09:02 - 2018-02-09 22:34 - 000130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2018-02-21 09:02 - 2018-02-09 22:33 - 013680640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2018-02-21 09:02 - 2018-02-09 22:29 - 000230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2018-02-21 09:02 - 2018-02-09 22:27 - 002058752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2018-02-21 09:02 - 2018-02-09 22:27 - 000694784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2018-02-21 09:02 - 2018-02-09 22:26 - 001155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2018-02-21 09:02 - 2018-02-09 22:14 - 002767872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2018-02-21 09:02 - 2018-02-09 22:10 - 001314304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2018-02-21 09:02 - 2018-02-09 22:08 - 000710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2018-02-21 09:02 - 2018-01-12 09:46 - 000631680 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2018-02-21 09:02 - 2018-01-12 09:44 - 005581544 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2018-02-21 09:02 - 2018-01-12 09:44 - 001894120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2018-02-21 09:02 - 2018-01-12 09:44 - 000708328 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2018-02-21 09:02 - 2018-01-12 09:44 - 000377064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2018-02-21 09:02 - 2018-01-12 09:44 - 000371432 _____ (Microsoft Corporation) C:\Windows\system32\clfs.sys
2018-02-21 09:02 - 2018-01-12 09:44 - 000287976 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2018-02-21 09:02 - 2018-01-12 09:44 - 000262376 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll
2018-02-21 09:02 - 2018-01-12 09:44 - 000154856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2018-02-21 09:02 - 2018-01-12 09:44 - 000095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2018-02-21 09:02 - 2018-01-12 09:40 - 001460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2018-02-21 09:02 - 2018-01-12 09:40 - 001212928 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2018-02-21 09:02 - 2018-01-12 09:40 - 001163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2018-02-21 09:02 - 2018-01-12 09:40 - 000880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2018-02-21 09:02 - 2018-01-12 09:40 - 000731648 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2018-02-21 09:02 - 2018-01-12 09:40 - 000690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2018-02-21 09:02 - 2018-01-12 09:40 - 000503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2018-02-21 09:02 - 2018-01-12 09:40 - 000484864 _____ (Microsoft Corporation) C:\Windows\system32\StructuredQuery.dll
2018-02-21 09:02 - 2018-01-12 09:40 - 000463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2018-02-21 09:02 - 2018-01-12 09:40 - 000419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2018-02-21 09:02 - 2018-01-12 09:40 - 000361984 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2018-02-21 09:02 - 2018-01-12 09:40 - 000345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2018-02-21 09:02 - 2018-01-12 09:40 - 000316928 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2018-02-21 09:02 - 2018-01-12 09:40 - 000312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2018-02-21 09:02 - 2018-01-12 09:40 - 000243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2018-02-21 09:02 - 2018-01-12 09:40 - 000215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2018-02-21 09:02 - 2018-01-12 09:40 - 000210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2018-02-21 09:02 - 2018-01-12 09:40 - 000190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2018-02-21 09:02 - 2018-01-12 09:40 - 000146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2018-02-21 09:02 - 2018-01-12 09:40 - 000135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2018-02-21 09:02 - 2018-01-12 09:40 - 000123904 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
2018-02-21 09:02 - 2018-01-12 09:40 - 000086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2018-02-21 09:02 - 2018-01-12 09:40 - 000063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2018-02-21 09:02 - 2018-01-12 09:40 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2018-02-21 09:02 - 2018-01-12 09:40 - 000059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2018-02-21 09:02 - 2018-01-12 09:40 - 000050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2018-02-21 09:02 - 2018-01-12 09:40 - 000044032 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2018-02-21 09:02 - 2018-01-12 09:40 - 000043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2018-02-21 09:02 - 2018-01-12 09:40 - 000034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2018-02-21 09:02 - 2018-01-12 09:40 - 000028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2018-02-21 09:02 - 2018-01-12 09:40 - 000028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2018-02-21 09:02 - 2018-01-12 09:40 - 000022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2018-02-21 09:02 - 2018-01-12 09:40 - 000016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2018-02-21 09:02 - 2018-01-12 09:40 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2018-02-21 09:02 - 2018-01-12 09:40 - 000006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2018-02-21 09:02 - 2018-01-12 09:40 - 000006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2018-02-21 09:02 - 2018-01-12 09:40 - 000005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2018-02-21 09:02 - 2018-01-12 09:40 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2018-02-21 09:02 - 2018-01-12 09:40 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2018-02-21 09:02 - 2018-01-12 09:40 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2018-02-21 09:02 - 2018-01-12 09:40 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2018-02-21 09:02 - 2018-01-12 09:40 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2018-02-21 09:02 - 2018-01-12 09:40 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2018-02-21 09:02 - 2018-01-12 09:40 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2018-02-21 09:02 - 2018-01-12 09:40 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2018-02-21 09:02 - 2018-01-12 09:40 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2018-02-21 09:02 - 2018-01-12 09:40 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2018-02-21 09:02 - 2018-01-12 09:40 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2018-02-21 09:02 - 2018-01-12 09:40 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2018-02-21 09:02 - 2018-01-12 09:40 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2018-02-21 09:02 - 2018-01-12 09:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2018-02-21 09:02 - 2018-01-12 09:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2018-02-21 09:02 - 2018-01-12 09:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2018-02-21 09:02 - 2018-01-12 09:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2018-02-21 09:02 - 2018-01-12 09:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2018-02-21 09:02 - 2018-01-12 09:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2018-02-21 09:02 - 2018-01-12 09:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2018-02-21 09:02 - 2018-01-12 09:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2018-02-21 09:02 - 2018-01-12 09:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2018-02-21 09:02 - 2018-01-12 09:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2018-02-21 09:02 - 2018-01-12 09:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2018-02-21 09:02 - 2018-01-12 09:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2018-02-21 09:02 - 2018-01-12 09:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2018-02-21 09:02 - 2018-01-12 09:33 - 001665384 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2018-02-21 09:02 - 2018-01-12 09:29 - 004014312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2018-02-21 09:02 - 2018-01-12 09:29 - 003959016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2018-02-21 09:02 - 2018-01-12 09:27 - 004834816 _____ (Microsoft Corporation) C:\Windows\system32\xpsrchvw.exe
2018-02-21 09:02 - 2018-01-12 09:27 - 001314112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2018-02-21 09:02 - 2018-01-12 09:26 - 001114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2018-02-21 09:02 - 2018-01-12 09:26 - 000690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2018-02-21 09:02 - 2018-01-12 09:26 - 000666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2018-02-21 09:02 - 2018-01-12 09:26 - 000644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2018-02-21 09:02 - 2018-01-12 09:26 - 000554496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2018-02-21 09:02 - 2018-01-12 09:26 - 000363520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\StructuredQuery.dll
2018-02-21 09:02 - 2018-01-12 09:26 - 000342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2018-02-21 09:02 - 2018-01-12 09:26 - 000275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2018-02-21 09:02 - 2018-01-12 09:26 - 000261120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2018-02-21 09:02 - 2018-01-12 09:26 - 000254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2018-02-21 09:02 - 2018-01-12 09:26 - 000223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2018-02-21 09:02 - 2018-01-12 09:26 - 000172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2018-02-21 09:02 - 2018-01-12 09:26 - 000146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2018-02-21 09:02 - 2018-01-12 09:26 - 000141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2018-02-21 09:02 - 2018-01-12 09:26 - 000096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2018-02-21 09:02 - 2018-01-12 09:26 - 000082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcrypt.dll
2018-02-21 09:02 - 2018-01-12 09:26 - 000065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2018-02-21 09:02 - 2018-01-12 09:26 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2018-02-21 09:02 - 2018-01-12 09:26 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2018-02-21 09:02 - 2018-01-12 09:26 - 000043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2018-02-21 09:02 - 2018-01-12 09:26 - 000022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2018-02-21 09:02 - 2018-01-12 09:26 - 000017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2018-02-21 09:02 - 2018-01-12 09:26 - 000006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2018-02-21 09:02 - 2018-01-12 09:26 - 000005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2018-02-21 09:02 - 2018-01-12 09:26 - 000005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2018-02-21 09:02 - 2018-01-12 09:26 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2018-02-21 09:02 - 2018-01-12 09:26 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2018-02-21 09:02 - 2018-01-12 09:26 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2018-02-21 09:02 - 2018-01-12 09:26 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2018-02-21 09:02 - 2018-01-12 09:26 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2018-02-21 09:02 - 2018-01-12 09:26 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2018-02-21 09:02 - 2018-01-12 09:26 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2018-02-21 09:02 - 2018-01-12 09:26 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2018-02-21 09:02 - 2018-01-12 09:26 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2018-02-21 09:02 - 2018-01-12 09:26 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2018-02-21 09:02 - 2018-01-12 09:26 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2018-02-21 09:02 - 2018-01-12 09:26 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2018-02-21 09:02 - 2018-01-12 09:26 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2018-02-21 09:02 - 2018-01-12 09:26 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2018-02-21 09:02 - 2018-01-12 09:26 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2018-02-21 09:02 - 2018-01-12 09:26 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2018-02-21 09:02 - 2018-01-12 09:26 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2018-02-21 09:02 - 2018-01-12 09:26 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2018-02-21 09:02 - 2018-01-12 09:26 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2018-02-21 09:02 - 2018-01-12 09:26 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2018-02-21 09:02 - 2018-01-12 09:26 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2018-02-21 09:02 - 2018-01-12 09:26 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2018-02-21 09:02 - 2018-01-12 09:26 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2018-02-21 09:02 - 2018-01-12 09:16 - 003405824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xpsrchvw.exe
2018-02-21 09:02 - 2018-01-12 09:16 - 000076288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys
2018-02-21 09:02 - 2018-01-12 09:16 - 000030208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidusb.sys
2018-02-21 09:02 - 2018-01-12 09:15 - 000032896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys
2018-02-21 09:02 - 2018-01-12 09:11 - 000148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2018-02-21 09:02 - 2018-01-12 09:11 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2018-02-21 09:02 - 2018-01-12 09:11 - 000017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2018-02-21 09:02 - 2018-01-12 09:10 - 000064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2018-02-21 09:02 - 2018-01-12 09:07 - 000338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2018-02-21 09:02 - 2018-01-12 09:06 - 000296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2018-02-21 09:02 - 2018-01-12 09:03 - 000159744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2018-02-21 09:02 - 2018-01-12 09:02 - 000291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2018-02-21 09:02 - 2018-01-12 09:02 - 000129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2018-02-21 09:02 - 2018-01-12 09:02 - 000050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2018-02-21 09:02 - 2018-01-12 09:01 - 000112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2018-02-21 09:02 - 2018-01-12 09:01 - 000030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2018-02-21 09:02 - 2018-01-12 08:57 - 000036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2018-02-21 09:02 - 2018-01-12 08:57 - 000025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2018-02-21 09:02 - 2018-01-12 08:57 - 000014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2018-02-21 09:02 - 2018-01-12 08:57 - 000007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2018-02-21 09:02 - 2018-01-12 08:57 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2018-02-21 09:02 - 2018-01-12 08:56 - 000006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2018-02-21 09:02 - 2018-01-12 08:56 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2018-02-21 09:02 - 2018-01-12 08:56 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2018-02-21 09:02 - 2018-01-12 08:56 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2018-02-21 09:02 - 2018-01-11 09:41 - 001133568 _____ (Microsoft Corporation) C:\Windows\system32\cdosys.dll
2018-02-21 09:02 - 2018-01-11 09:22 - 000805376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cdosys.dll
2018-02-21 09:02 - 2018-01-11 09:09 - 003224064 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2018-02-21 09:02 - 2018-01-05 09:31 - 000151552 _____ (Microsoft Corporation) C:\Windows\system32\t2embed.dll
2018-02-21 09:02 - 2018-01-05 09:31 - 000041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2018-02-21 09:02 - 2018-01-05 09:30 - 000100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2018-02-21 09:02 - 2018-01-05 09:30 - 000046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2018-02-21 09:02 - 2018-01-05 09:30 - 000014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2018-02-21 09:02 - 2018-01-05 09:25 - 000383720 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2018-02-21 09:02 - 2018-01-05 09:14 - 000309480 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2018-02-21 09:02 - 2018-01-05 09:11 - 000111104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\t2embed.dll
2018-02-21 09:02 - 2018-01-05 09:11 - 000071168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2018-02-21 09:02 - 2018-01-05 09:11 - 000025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2018-02-21 09:02 - 2018-01-05 09:11 - 000010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2018-02-21 09:02 - 2018-01-05 08:50 - 000034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2018-02-21 08:49 - 2018-01-21 16:50 - 000136424 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2018-02-21 08:49 - 2018-01-21 16:40 - 000654336 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2018-02-21 08:49 - 2018-01-19 07:05 - 001994752 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2018-02-21 08:49 - 2018-01-19 07:05 - 001569280 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2018-02-21 08:49 - 2018-01-19 07:05 - 000749568 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2018-02-21 08:49 - 2018-01-19 07:05 - 000604672 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2018-02-21 08:49 - 2018-01-19 07:05 - 000450048 _____ (Microsoft Corporation) C:\Windows\system32\centel.dll
2018-02-21 08:49 - 2018-01-19 07:05 - 000378880 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2018-02-21 08:49 - 2018-01-19 07:05 - 000262144 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2018-02-21 08:49 - 2018-01-19 07:05 - 000236544 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2018-02-20 23:34 - 2018-02-20 23:34 - 004234749 _____ C:\Users\Tony\Desktop\Eval Reporting Conf PJ 2017.pdf
2018-02-20 15:20 - 2018-02-20 15:20 - 000908729 _____ C:\Users\Tony\Desktop\PJ GREECE CONFERENCE - Announcement Flyer.pdf
2018-02-20 14:49 - 2018-02-20 14:49 - 005124088 _____ C:\Users\Tony\Desktop\BrightVibes - This elementary school replaced detention.mp4
2018-02-20 14:45 - 2018-02-20 14:46 - 016010543 _____ C:\Users\Tony\Desktop\FOX8 - Norway has a brilliant way to get people to recycle.mp4
2018-02-20 14:37 - 2018-02-20 14:37 - 000080079 _____ C:\Users\Tony\Desktop\Service Project Template 2018.pdf
2018-02-20 13:03 - 2018-02-20 13:03 - 000182971 _____ C:\Users\Tony\Desktop\Belgium Slam Flyer 2018 DUTCH.pdf
2018-02-19 14:05 - 2018-02-19 14:05 - 000182945 _____ C:\Users\Tony\Desktop\Belgium Slam Flyer 2018 FRENCH.pdf
2018-02-15 07:56 - 2018-02-15 07:56 - 000775248 _____ C:\Users\Tony\Desktop\Belgium Slam Flyer 2018.pdf
2018-02-07 00:05 - 2018-02-07 00:05 - 000002210 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth Pro.lnk
2018-02-01 11:20 - 2018-02-01 11:20 - 000000000 ____D C:\Users\Tony\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2018-02-28 14:45 - 2015-11-01 12:59 - 000000000 ____D C:\Users\Tony\Desktop\Cleaning
2018-02-28 14:05 - 2016-11-05 09:47 - 000000914 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1102455636-970572162-2684302250-1001UA1d2378447b6aa01.job
2018-02-28 14:03 - 2012-04-17 10:11 - 000000000 ____D C:\Users\Tony\AppData\Local\VirtualStore
2018-02-28 12:25 - 2012-04-11 18:44 - 000000000 ____D C:\ProgramData\NVIDIA
2018-02-28 12:00 - 2012-04-26 13:01 - 000000000 ____D C:\Users\Tony\AppData\Roaming\Dropbox
2018-02-28 10:04 - 2009-07-13 21:45 - 000021888 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2018-02-28 10:04 - 2009-07-13 21:45 - 000021888 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2018-02-28 10:03 - 2012-05-06 16:19 - 000000000 ___RD C:\Users\Tony\Google Drive
2018-02-28 09:56 - 2009-07-13 22:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2018-02-27 08:54 - 2012-04-26 12:15 - 000002411 _____ C:\Users\Tony\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-02-26 20:09 - 2015-10-30 19:38 - 000000000 ____D C:\Users\Tony\AppData\Local\Battle.net
2018-02-26 19:40 - 2015-10-30 19:49 - 000000000 ____D C:\Program Files (x86)\StarCraft II
2018-02-26 19:39 - 2015-10-30 19:32 - 000000000 ____D C:\Program Files (x86)\Battle.net
2018-02-26 19:05 - 2016-11-05 09:47 - 000000862 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1102455636-970572162-2684302250-1001Core1d237844736f0d3.job
2018-02-26 16:28 - 2013-09-03 10:08 - 000000000 ____D C:\Users\Tony\AppData\Roaming\Spotify
2018-02-26 16:28 - 2013-09-03 10:08 - 000000000 ____D C:\Users\Tony\AppData\Local\Spotify
2018-02-26 16:21 - 2017-11-04 00:45 - 000000000 ____D C:\Users\Tony\AppData\Roaming\vlc
2018-02-26 16:16 - 2017-08-06 08:44 - 000000000 ____D C:\Windows\pss
2018-02-25 20:42 - 2014-12-30 17:38 - 000000000 ____D C:\ProgramData\Malwarebytes
2018-02-25 20:41 - 2014-12-30 17:33 - 000000000 ____D C:\AdwCleaner
2018-02-25 12:57 - 2016-08-22 21:37 - 000000000 ___RD C:\Users\Tony\Dropbox (Peace Jam)
2018-02-24 11:31 - 2017-02-03 20:35 - 000002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2018-02-23 19:07 - 2014-07-18 19:23 - 000000000 ____D C:\Users\Tony\AppData\Roaming\KeePass
2018-02-22 20:38 - 2012-04-26 12:01 - 000110584 _____ C:\Users\Tony\AppData\Local\GDIPFONTCACHEV1.DAT
2018-02-22 20:36 - 2009-07-13 21:45 - 004968272 _____ C:\Windows\system32\FNTCACHE.DAT
2018-02-22 20:02 - 2013-09-24 06:38 - 000000000 ____D C:\Windows\Minidump
2018-02-22 18:08 - 2012-04-26 13:03 - 000000000 ___RD C:\Users\Tony\Dropbox (Personal)
2018-02-22 10:42 - 2009-07-13 22:13 - 000006466 _____ C:\Windows\system32\PerfStringBackup.INI
2018-02-21 17:35 - 2015-06-23 09:23 - 000000000 ____D C:\Windows\system32\appraiser
2018-02-21 09:13 - 2013-07-26 11:15 - 000000000 ____D C:\Windows\system32\MRT
2018-02-21 09:08 - 2017-10-11 18:03 - 130067560 ____C (Microsoft Corporation) C:\Windows\system32\MRT-KB890830.exe
2018-02-21 09:08 - 2012-04-26 12:19 - 130067560 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2018-02-15 15:00 - 2016-02-12 00:24 - 000000000 ____D C:\Users\Tony\Desktop\Penpa Files
2018-02-15 14:40 - 2014-12-29 08:15 - 000004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2018-02-13 09:24 - 2018-01-24 15:37 - 000000161 _____ C:\Users\Tony\BullseyeCoverageError.txt
2018-02-10 20:07 - 2017-10-16 06:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Backup and Sync from Google
2018-02-07 00:05 - 2012-05-06 15:31 - 000000000 ____D C:\Program Files (x86)\Google
==================== Files in the root of some directories =======
2017-11-10 19:15 - 2017-11-10 19:15 - 000000132 _____ () C:\Users\Tony\AppData\Roaming\Adobe AIFF Format CS5 Prefs
2012-06-27 10:42 - 2012-06-27 10:42 - 000000132 _____ () C:\Users\Tony\AppData\Roaming\Adobe GIF Format CS5 Prefs
2017-01-04 14:22 - 2017-11-28 18:10 - 000000132 _____ () C:\Users\Tony\AppData\Roaming\Adobe PNG Format CS5 Prefs
2012-05-06 13:46 - 2012-05-06 13:48 - 000001456 _____ () C:\Users\Tony\AppData\Local\Adobe Save for Web 12.0 Prefs
2018-02-22 20:57 - 2018-02-26 16:26 - 000007602 _____ () C:\Users\Tony\AppData\Local\Resmon.ResmonCfg
2013-06-06 00:04 - 2013-06-06 00:04 - 000022105 _____ () C:\Users\Tony\AppData\Local\soulseek-client.dat.1370502285295
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2016-01-09 13:43
==================== End of FRST.txt ============================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 28.02.2018
Ran by Tony (28-02-2018 14:49:07)
Running from C:\Users\Tony\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2012-04-17 17:11:01)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-1102455636-970572162-2684302250-500 - Administrator - Disabled)
Guest (S-1-5-21-1102455636-970572162-2684302250-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1102455636-970572162-2684302250-1004 - Limited - Enabled)
Tony (S-1-5-21-1102455636-970572162-2684302250-1001 - Administrator - Enabled) => C:\Users\Tony
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Microsoft Security Essentials (Enabled - Up to date) {71A27EC9-3DA6-45FC-60A7-004F623C6189}
AS: Spybot - Search and Destroy (Disabled - Up to date) {A16C3F68-9280-E053-1818-342707FECF4D}
AS: Microsoft Security Essentials (Enabled - Up to date) {CAC39F2D-1B9C-4A72-5A17-3B3D19BB2B34}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
µTorrent (HKU\S-1-5-21-1102455636-970572162-2684302250-1001\...\uTorrent) (Version: 3.5.0.44294 - BitTorrent Inc.)
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 18.011.20038 - Adobe Systems Incorporated)
Adobe Acrobat X Pro - English, Français, Deutsch (HKLM-x32\...\{AC76BA86-1033-F400-7760-000000000005}) (Version: 10.1.16 - Adobe Systems)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 2.5.1.17730 - Adobe Systems Inc.)
Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.4.980 - Adobe Systems Incorporated.)
Adobe Content Viewer (HKLM-x32\...\com.adobe.dmp.contentviewer) (Version: 1.4.0 - Adobe Systems Incorporated)
Adobe Creative Suite 5.5 Master Collection (HKLM-x32\...\{D57FC112-312E-4D70-860F-2DB8FB6858F0}) (Version: 5.5 - Adobe Systems Incorporated)
Adobe Flash Player 18 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 18.0.0.232 - Adobe Systems Incorporated)
Adobe Flash Player 25 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 25.0.0.171 - Adobe Systems Incorporated)
Adobe Story (HKLM-x32\...\com.adobe.AdobeStory.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.0.571 - Adobe Systems Incorporated)
Adobe Widget Browser (HKLM-x32\...\com.adobe.WidgetBrowser.E7BED6E5DDA59983786DD72EBFA46B1598278E07.1) (Version: 2.0 Build 230 - Adobe Systems Incorporated.)
Asmedia ASM104x USB 3.0 Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.12.5.0 - Asmedia Technology)
Backup and Sync from Google (HKLM-x32\...\{AC62F3F2-61A2-4357-93EC-C308E3FEDF4E}) (Version: 3.39.8370.7843 - Google, Inc.)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
BitTorrent Sync (HKLM-x32\...\BitTorrent Sync) (Version: 1.4.75 - )
BovadaPoker (HKLM-x32\...\{D7CA2DF8-95CE-4C80-9296-98E21219A1E5}}_is1) (Version: - )
ComicRack v0.9.176 (HKLM\...\ComicRack) (Version: v0.9.176 - cYo Soft)
ConvertHelper 2.2 (HKLM-x32\...\{27CC6AB1-E72B-4179-AF1A-EAE507EBAF51}_is1) (Version: - DownloadHelper)
Dropbox (HKU\S-1-5-21-1102455636-970572162-2684302250-1001\...\Dropbox) (Version: 44.4.58 - Dropbox, Inc.)
Dual-Core Optimizer (HKLM-x32\...\{9FD6F1A8-5550-46AF-8509-271DF0E768B5}) (Version: 1.1.4.0169 - AMD)
Electric Sheep 2.7b34 (HKLM-x32\...\Electric Sheep) (Version: 2.7b34 - Electricsheep)
Ezviz Studio (HKLM-x32\...\{49DF99D3-BC81-439A-8F40-A0529159024C}_is1) (Version: - EZVIZ Inc.)
Google Chrome (HKU\S-1-5-21-1102455636-970572162-2684302250-1001\...\Google Chrome) (Version: 64.0.3282.186 - Google Inc.)
Google Earth Pro (HKLM-x32\...\{FA1BBF34-E994-4310-95D7-BE93092B8E61}) (Version: 7.3.1.4507 - Google)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.7 - Google Inc.) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
iSEEK AnswerWorks English Runtime (HKLM-x32\...\{18A8E78B-9EF2-496E-B310-BCD8E4C1DAB3}) (Version: 010.000.0101 - Vantage Linguistics)
Jawbone Updater (HKLM-x32\...\Jawbone Updater) (Version: 0.1 - Jawbone)
join.me (HKU\S-1-5-21-1102455636-970572162-2684302250-1001\...\JoinMe) (Version: 3.4.0.5369 - LogMeIn, Inc.)
Junk Mail filter update (HKLM-x32\...\{8E5233E1-7495-44FB-8DEB-4BE906D59619}) (Version: 14.0.8117.416 - Microsoft Corporation) Hidden
KeePass Password Safe 2.30 (HKLM-x32\...\KeePassPasswordSafe2_is1) (Version: 2.30 - Dominik Reichl)
LG CyberLink BD Advisor (HKLM-x32\...\{2D2D8FE2-605C-4D3C-B706-36E981E7EEF0}) (Version: 2.0.4606 - CyberLink Corp.)
LG CyberLink Media Suite (HKLM-x32\...\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 8.0.2820 - CyberLink Corp.) Hidden
LG CyberLink Media Suite (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 8.0.2820 - CyberLink Corp.)
LG CyberLink PowerDVD (HKLM-x32\...\{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.3424.52 - CyberLink Corp.) Hidden
LG CyberLink PowerDVD (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.3424.52 - CyberLink Corp.)
LG Mobile Drivers (HKLM-x32\...\{D8D0327A-72B4-4C79-9883-1B6B6C20ED2B}) (Version: 4.0.3 - LG Electronics)
Malwarebytes version 3.3.1.2183 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.3.1.2183 - Malwarebytes)
Microsoft .NET Framework 4.7.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.02558 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Mouse and Keyboard Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.5.166.0 - Microsoft Corporation)
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.10.209.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Sync Framework Runtime Native v1.0 (x86) (HKLM-x32\...\{8A74E887-8F0F-4017-AF53-CBA42211AAA5}) (Version: 1.0.1215.0 - Microsoft Corporation)
Microsoft Sync Framework Services Native v1.0 (x86) (HKLM-x32\...\{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}) (Version: 1.0.1215.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Mozilla Firefox 32.0.1 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 32.0.1 (x86 en-US)) (Version: 32.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 30.0 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
NVIDIA 3D Vision Controller Driver 369.04 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 369.04 - NVIDIA Corporation)
NVIDIA 3D Vision Driver 388.13 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 388.13 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.4.0.70 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.4.0.70 - NVIDIA Corporation)
NVIDIA Graphics Driver 388.13 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 388.13 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.35.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.35.1 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation)
NvNodejs (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvNodejs) (Version: 3.4.0.70 - NVIDIA Corporation) Hidden
NvTelemetry (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvTelemetry) (Version: 2.3.16.0 - NVIDIA Corporation) Hidden
NvvHci (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvvHci) (Version: 2.02.0.5 - NVIDIA Corporation) Hidden
PCPlayer (HKLM-x32\...\{B54CE443-35EF-4776-A0CD-6D961B983097}_is1) (Version: 3.18.11.0 - EZVIZ Inc.)
PDF Settings CS5 (HKLM-x32\...\{A78FE97A-C0C8-49CE-89D0-EDD524A17392}) (Version: 10.0 - Adobe Systems Incorporated) Hidden
Private Internet Access Support Files (HKLM-x32\...\{7D72DAFF-DCB2-437B-BC22-4B2ABF21462B}) (Version: 1.0.0.0 - Private Internet Access)
PxMergeModule (HKLM-x32\...\{024521CF-C07E-4F8E-8481-0D75695E03AF}) (Version: 1.00.0000 - Your Company Name) Hidden
Quicken 2014 (HKLM-x32\...\{0877F595-254F-45F4-991D-3F72E86B17CE}) (Version: 23.1.10.9 - Intuit)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.45.516.2011 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6402 - Realtek Semiconductor Corp.)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
SHIELD Streaming (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv) (Version: 7.1.0351 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShieldWirelessController) (Version: 3.4.0.70 - NVIDIA Corporation) Hidden
Skype™ 7.3 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.3.101 - Skype Technologies S.A.)
SoulseekQt (HKLM-x32\...\SoulseekQt) (Version: - )
Spotify (HKU\S-1-5-21-1102455636-970572162-2684302250-1001\...\Spotify) (Version: 1.0.65.320.gac7a8e02 - Spotify AB)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.)
StarCraft (HKLM-x32\...\StarCraft) (Version: - Blizzard Entertainment)
StarCraft II (HKLM-x32\...\StarCraft II) (Version: - Blizzard Entertainment)
Steam (HKLM-x32\...\Steam) (Version: - Valve Corporation)
TAP-Windows 9.9.2 (HKLM\...\TAP-Windows) (Version: 9.9.2 - )
TweakNow RegCleaner (HKLM-x32\...\TweakNow RegCleaner_is1) (Version: 7.3.6 - TweakNow.com)
update_server (HKLM-x32\...\{1D08522D-308D-4615-AEA9-44021FD7445A}_is1) (Version: - )
Uplay (HKLM-x32\...\Uplay) (Version: 2.0 - Ubisoft)
VirtualCloneDrive (HKLM-x32\...\VirtualCloneDrive) (Version: - Elaborate Bytes)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.6 - VideoLAN)
VPN Unlimited 4.16 (HKLM-x32\...\{DC24521E-872B-41AF-93EA-FE477902D6FB}_is1) (Version: 4.16 - KeepSolid Inc.)
Vulkan Run Time Libraries 1.0.61.0 (HKLM\...\VulkanRT1.0.61.0) (Version: 1.0.61.0 - LunarG, Inc.) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite_Wave3) (Version: 14.0.8117.0416 - Microsoft Corporation)
Windows Live ID Sign-in Assistant (HKLM\...\{9B48B0AC-C813-4174-9042-476A887592C7}) (Version: 6.500.3165.0 - Microsoft Corporation)
Windows Live Sync (HKLM-x32\...\{B10914FD-8812-47A4-85A1-50FCDE7F1F33}) (Version: 14.0.8117.416 - Microsoft Corporation)
Windows Live Upload Tool (HKLM-x32\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
YouTubeByClick (HKLM-x32\...\{AB74E85A-DDDE-4DE5-BB0B-8954FACB6D2E}) (Version: 2.2.48 - YouTubeByClick.com)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
HKU\S-1-5-21-1102455636-970572162-2684302250-1001\...\ChromeHTML: -> C:\Users\Tony\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1102455636-970572162-2684302250-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Tony\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1102455636-970572162-2684302250-1001_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\Tony\AppData\Local\Google\Update\1.3.25.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1102455636-970572162-2684302250-1001_Classes\CLSID\{1423F872-3F7F-4E57-B621-8B1A9D49B448}\InprocServer32 -> C:\Users\Tony\AppData\Local\Google\Update\1.3.27.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1102455636-970572162-2684302250-1001_Classes\CLSID\{144DF3B2-2402-47AE-9583-5A045929A8D4}\InprocServer32 -> C:\Users\Tony\AppData\Local\Google\Update\1.3.33.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1102455636-970572162-2684302250-1001_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\Tony\AppData\Local\Google\Update\1.3.23.9\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1102455636-970572162-2684302250-1001_Classes\CLSID\{38216570-5DB1-45F8-A344-B0C4E252B14B}\InprocServer32 -> C:\Users\Tony\AppData\Local\Google\Update\1.3.26.7\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1102455636-970572162-2684302250-1001_Classes\CLSID\{590C4387-5EBD-4D46-8A84-CD0BA2EF2856}\InprocServer32 -> C:\Users\Tony\AppData\Local\Google\Update\1.3.30.3\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1102455636-970572162-2684302250-1001_Classes\CLSID\{59B55F04-DE14-4BB8-92FF-C4A22EF2E5F4}\InprocServer32 -> C:\Users\Tony\AppData\Local\Google\Update\1.3.31.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1102455636-970572162-2684302250-1001_Classes\CLSID\{5C8C2A98-6133-4EBA-BBCC-34D9EA01FC2E}\InprocServer32 -> C:\Users\Tony\AppData\Local\Google\Update\1.3.28.1\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1102455636-970572162-2684302250-1001_Classes\CLSID\{78550997-5DEF-4A8A-BAF9-D5774E87AC98}\InprocServer32 -> C:\Users\Tony\AppData\Local\Google\Update\1.3.28.13\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1102455636-970572162-2684302250-1001_Classes\CLSID\{793EE463-1304-471C-ADF1-68C2FFB01247}\InprocServer32 -> C:\Users\Tony\AppData\Local\Google\Update\1.3.29.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1102455636-970572162-2684302250-1001_Classes\CLSID\{8C46158B-D978-483C-A312-16EE5013BE04}\InprocServer32 -> C:\Users\Tony\AppData\Local\Google\Update\1.3.33.3\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1102455636-970572162-2684302250-1001_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\Tony\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1102455636-970572162-2684302250-1001_Classes\CLSID\{91A41FCC-BC02-42D8-A36E-0D27FF9BFFC8}\InprocServer32 -> C:\Users\Tony\AppData\Local\Google\Update\1.3.33.7\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1102455636-970572162-2684302250-1001_Classes\CLSID\{CB492AF1-2CEF-4E58-BE47-471C77D0C8BA}\InprocServer32 -> C:\Users\Tony\AppData\Local\Google\Update\1.3.32.8\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1102455636-970572162-2684302250-1001_Classes\CLSID\{CC182BE1-84CE-4A57-B85C-FD4BBDF78CB2}\InprocServer32 -> C:\Users\Tony\AppData\Local\Google\Update\1.3.29.1\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1102455636-970572162-2684302250-1001_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\Tony\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1102455636-970572162-2684302250-1001_Classes\CLSID\{D1EDC4F5-7F4D-4B12-906A-614ECF66DDAF}\InprocServer32 -> C:\Users\Tony\AppData\Local\Google\Update\1.3.28.15\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1102455636-970572162-2684302250-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Tony\AppData\Local\Google\Update\1.3.33.7\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1102455636-970572162-2684302250-1001_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Tony\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1102455636-970572162-2684302250-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Tony\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1102455636-970572162-2684302250-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Tony\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1102455636-970572162-2684302250-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Tony\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1102455636-970572162-2684302250-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Tony\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1102455636-970572162-2684302250-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Tony\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1102455636-970572162-2684302250-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Tony\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1102455636-970572162-2684302250-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Tony\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1102455636-970572162-2684302250-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Tony\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1102455636-970572162-2684302250-1001_Classes\CLSID\{FB314EE1-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Tony\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1102455636-970572162-2684302250-1001_Classes\CLSID\{FB314EE2-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Tony\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1102455636-970572162-2684302250-1001_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\Tony\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1102455636-970572162-2684302250-1001_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\Tony\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll => No File
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2018-01-29] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2018-01-29] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2018-01-29] (Google)
ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Tony\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2018-02-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Tony\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2018-02-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Tony\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2018-02-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Tony\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2018-02-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Tony\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2018-02-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Tony\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2018-02-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Tony\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2018-02-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Tony\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2018-02-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [GDriveSharedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => -> No File
ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Tony\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2018-02-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Tony\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2018-02-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Tony\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2018-02-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Tony\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2018-02-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Tony\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2018-02-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Tony\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2018-02-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Tony\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2018-02-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Tony\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2018-02-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Tony\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2018-02-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Tony\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2018-02-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Tony\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2018-02-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Tony\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2018-02-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Tony\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2018-02-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Tony\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2018-02-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Tony\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2018-02-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Tony\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2018-02-26] (Dropbox, Inc.)
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {D25B2CAB-8A9A-4517-A9B2-CB5F68A5A802} => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\..\Acrobat Elements\ContextMenu64.dll [2015-09-24] (Adobe Systems Inc.)
ContextMenuHandlers1: [BTSync] -> {581FFA63-FC33-4622-A77B-95003A5CDE89} => C:\Users\Tony\AppData\Roaming\BitTorrent Sync\SyncShellContextMenu.dll [2014-09-14] ()
ContextMenuHandlers1: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => c:\Program Files\Microsoft Security Client\shellext.dll [2016-11-14] (Microsoft Corporation)
ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files (x86)\Google\Drive\contextmenu64.dll [2018-01-29] (Google)
ContextMenuHandlers1: [SDECon32] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2014-06-24] (Safer-Networking Ltd.)
ContextMenuHandlers1: [SDECon64] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2014-06-24] (Safer-Networking Ltd.)
ContextMenuHandlers1: [VirtualCloneDrive] -> {B7056B8E-4F99-44f8-8CBD-282390FE5428} => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\ElbyVCDShell.dll [2009-12-14] (Elaborate Bytes AG)
ContextMenuHandlers2: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => c:\Program Files\Microsoft Security Client\shellext.dll [2016-11-14] (Microsoft Corporation)
ContextMenuHandlers2: [VirtualCloneDrive] -> {B7056B8E-4F99-44f8-8CBD-282390FE5428} => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\ElbyVCDShell.dll [2009-12-14] (Elaborate Bytes AG)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-11-01] (Malwarebytes)
ContextMenuHandlers4: [BTSync] -> {581FFA63-FC33-4622-A77B-95003A5CDE89} => C:\Users\Tony\AppData\Roaming\BitTorrent Sync\SyncShellContextMenu.dll [2014-09-14] ()
ContextMenuHandlers4: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => c:\Program Files\Microsoft Security Client\shellext.dll [2016-11-14] (Microsoft Corporation)
ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files (x86)\Google\Drive\contextmenu64.dll [2018-01-29] (Google)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2017-10-27] (NVIDIA Corporation)
ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {D25B2CAB-8A9A-4517-A9B2-CB5F68A5A802} => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\..\Acrobat Elements\ContextMenu64.dll [2015-09-24] (Adobe Systems Inc.)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-11-01] (Malwarebytes)
ContextMenuHandlers6: [SDECon32] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2014-06-24] (Safer-Networking Ltd.)
ContextMenuHandlers6: [SDECon64] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2014-06-24] (Safer-Networking Ltd.)
ContextMenuHandlers1_S-1-5-21-1102455636-970572162-2684302250-1001: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Users\Tony\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2018-02-26] (Dropbox, Inc.)
ContextMenuHandlers4_S-1-5-21-1102455636-970572162-2684302250-1001: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Users\Tony\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2018-02-26] (Dropbox, Inc.)
ContextMenuHandlers5_S-1-5-21-1102455636-970572162-2684302250-1001: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Users\Tony\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2018-02-26] (Dropbox, Inc.)
FolderExtensions: [] -> {F6BF8414-962C-40FE-90F1-B80A7E72DB9A} =>
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0673DDF5-2E03-466F-ADB2-5080982C2DAE} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1102455636-970572162-2684302250-1001UA1d2378447b6aa01 => C:\Users\Tony\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2016-11-05] (Dropbox, Inc.)
Task: {15D7AD47-8CFE-4226-8EE9-6A8084B5F69C} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-03-16] (NVIDIA Corporation)
Task: {19F8A4AD-B9BB-4E74-909A-0F5D604E6B8D} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-03-16] (NVIDIA Corporation)
Task: {28EA23E1-44D0-4B09-A828-4C2A38A4B003} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-08-02] (Google Inc.)
Task: {2F57269B-1E09-4E2D-AB1E-B0FDAC7D279C} - \Microsoft\Windows\WindowsBackup\ConfigNotification -> No File <==== ATTENTION
Task: {2FADFAB9-F988-4874-813E-758EF9D54DAD} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1102455636-970572162-2684302250-1001Core1d237844736f0d3 => C:\Users\Tony\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2016-11-05] (Dropbox, Inc.)
Task: {3690DB9B-BF80-4122-B7A6-6DA6CF55B50B} - \Microsoft\Windows\Windows Activation Technologies\ValidationTask -> No File <==== ATTENTION
Task: {383E93A7-1432-4B80-9E36-58EC16361023} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2015-07-08] (Microsoft Corporation)
Task: {508CAA6B-1705-4115-93DF-BFE313836229} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1102455636-970572162-2684302250-1001Core1d0e10c47009057 => C:\Users\Tony\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.)
Task: {5928D882-01B0-4B0A-9599-AD43F413E324} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-08-02] (Google Inc.)
Task: {65DC6440-5103-4663-A2BE-DEF7C053C9F6} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-03-16] (NVIDIA Corporation)
Task: {6BE90D85-012C-4B11-9E3D-397AB50494E2} - System32\Tasks\AdobeAAMUpdater-1.0-Tony-PC-Tony => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2011-03-30] (Adobe Systems Incorporated)
Task: {6BFDCBBC-70DF-445D-8E20-19C5F4C14149} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-03-16] (NVIDIA Corporation)
Task: {6F137257-7E4D-4CA8-9B13-511AD1B4749C} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2017-03-16] (NVIDIA Corporation)
Task: {74FBB584-3512-49D5-ADDC-FC16D51C4E0B} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1102455636-970572162-2684302250-1001UA => C:\Users\Tony\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.)
Task: {7AAA285E-1893-447A-B030-7303AC5D2952} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2015-07-08] (Microsoft)
Task: {7DB42BE8-CB52-4EFE-99B0-B518C89284C6} - System32\Tasks\Microsoft_Hardware_Launch_devicecenter_exe => c:\Program Files\Microsoft Device Center\devicecenter.exe
Task: {85F719B8-C8CA-43C2-849D-905BBA4D32B0} - \Microsoft\Windows\Windows Activation Technologies\ValidationTaskDeadline -> No File <==== ATTENTION
Task: {969E29FA-2CE9-4220-A1D8-2C014A69E708} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2015-07-08] (Microsoft Corporation)
Task: {9E71EFB4-5D50-48C0-90ED-8FC0B1855744} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => c:\Program Files\Microsoft Security Client\\MpCmdRun.exe [2016-11-14] (Microsoft Corporation)
Task: {9FD97BA8-60D0-488B-A77A-18872DB286D1} - System32\Tasks\GoogleUpdateTaskMachineUA1d1ecd8493363f0 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-08-02] (Google Inc.)
Task: {A553D406-E62F-46F1-888D-C4A3A2BEBB92} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1102455636-970572162-2684302250-1001UA1d0e10c475d6602 => C:\Users\Tony\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.)
Task: {A6D14B58-1B85-4FD4-854B-114170084323} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-03-16] (NVIDIA Corporation)
Task: {A7A52E6D-DBE7-47CB-A0FE-21A3FC50ACA5} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2017-03-16] (NVIDIA Corporation)
Task: {AC4E5ACF-89F7-4220-BA21-81EE183975E2} - \Microsoft\Windows\Application Experience\AitAgent -> No File <==== ATTENTION
Task: {BB05E85A-6941-427A-AFB6-1BBC8E93A675} - System32\Tasks\GoogleUpdateTaskMachineCore1d1ecd848a6085c => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-08-02] (Google Inc.)
Task: {C25FF519-5F61-44BB-8564-2BEF2A3049E3} - System32\Tasks\elbyExecuteWithUAC => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\ExecuteWithUAC.exe [2008-06-27] ()
Task: {C3915108-885E-4D76-8F95-7D6839B6D97E} - System32\Tasks\Games\UpdateCheck_S-1-5-21-1102455636-970572162-2684302250-1001
Task: {CEE64558-E1A7-4D9D-80A7-2001912BE5B5} - \Microsoft\Windows\MemoryDiagnostic\CorruptionDetector -> No File <==== ATTENTION
Task: {D35D5454-2C61-49DF-8BE3-5BB8F9A7A9EA} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-01-17] (Adobe Systems Incorporated)
Task: {E7388B02-914C-48A5-81F7-CA614B87CA85} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2015-07-08] (Microsoft Corporation)
Task: {EF894200-1F4B-4DCB-B8C9-51CAC4EE1355} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-05-12] (Adobe Systems Incorporated)
Task: {F756EC7C-E3B2-496E-8EE5-17EA5797851B} - System32\Tasks\Private Internet Access Startup => C:\Program Files\pia_manager\pia_manager.exe [2016-05-17] ()
Task: {F99AFCD9-43B6-49CB-9EF5-34CE3CBEB578} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2015-07-08] (Microsoft Corporation)
Task: {FA2BC0A6-8D4B-458A-85C8-2B8C72487513} - \Microsoft\Windows\MemoryDiagnostic\DecompressionFailureDetector -> No File <==== ATTENTION
Task: {FFE74BB5-59F7-454D-83F5-AB2123CC29E0} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1102455636-970572162-2684302250-1001Core => C:\Users\Tony\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1102455636-970572162-2684302250-1001Core1d237844736f0d3.job => C:\Users\Tony\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1102455636-970572162-2684302250-1001UA1d2378447b6aa01.job => C:\Users\Tony\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1102455636-970572162-2684302250-1001Core.job => C:\Users\Tony\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1102455636-970572162-2684302250-1001UA.job => C:\Users\Tony\AppData\Local\Google\Update\GoogleUpdate.exe
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
ShortcutWithArgument: C:\Users\Tony\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Zoom.lnk -> C:\Users\Tony\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 1" --app-id=hmbjbjdpkobdjplfobhljndfdfdipjhg
ShortcutWithArgument: C:\Users\Tony\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\c858f8848722416a\Zara - Chrome.lnk -> C:\Users\Tony\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 1"
==================== Loaded Modules (Whitelisted) ==============
2017-04-14 19:28 - 2017-03-16 17:59 - 001148984 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
2017-04-14 19:28 - 2017-03-16 17:59 - 004490808 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\Poco.dll
2012-04-27 07:07 - 2014-03-02 18:27 - 000076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2010-10-20 15:23 - 2010-10-20 15:23 - 008801632 _____ () C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll
2014-09-14 12:19 - 2014-09-14 12:19 - 000101888 _____ () C:\Users\Tony\AppData\Roaming\BitTorrent Sync\SyncShellContextMenu.dll
2018-01-29 12:42 - 2018-01-29 12:42 - 041100328 _____ () C:\Program Files (x86)\Google\Drive\googledrivesync.exe
2018-02-27 08:54 - 2018-02-21 20:57 - 004433752 _____ () C:\Users\Tony\AppData\Local\Google\Chrome\Application\64.0.3282.186\libglesv2.dll
2018-02-27 08:54 - 2018-02-21 20:57 - 000099672 _____ () C:\Users\Tony\AppData\Local\Google\Chrome\Application\64.0.3282.186\libegl.dll
2017-04-14 19:28 - 2017-03-16 17:59 - 000020536 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2017-04-14 19:28 - 2017-03-16 17:59 - 000901688 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll
2017-04-14 19:28 - 2017-03-16 17:59 - 003776056 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\Poco.dll
2018-02-28 10:03 - 2018-02-28 10:03 - 000088064 _____ () C:\Users\Tony\AppData\Local\Temp\_MEI32722\_ctypes.pyd
2018-02-28 10:03 - 2018-02-28 10:03 - 000069120 _____ () C:\Users\Tony\AppData\Local\Temp\_MEI32722\bz2.pyd
2018-02-28 10:03 - 2018-02-28 10:03 - 000920064 _____ () C:\Users\Tony\AppData\Local\Temp\_MEI32722\_hashlib.pyd
2018-02-28 10:03 - 2018-02-28 10:03 - 000098816 _____ () C:\Users\Tony\AppData\Local\Temp\_MEI32722\win32api.pyd
2018-02-28 10:03 - 2018-02-28 10:03 - 000110080 _____ () C:\Users\Tony\AppData\Local\Temp\_MEI32722\pywintypes27.dll
2018-02-28 10:03 - 2018-02-28 10:03 - 000364544 _____ () C:\Users\Tony\AppData\Local\Temp\_MEI32722\pythoncom27.dll
2018-02-28 10:03 - 2018-02-28 10:03 - 000686080 _____ () C:\Users\Tony\AppData\Local\Temp\_MEI32722\unicodedata.pyd
2018-02-28 10:03 - 2018-02-28 10:03 - 000320512 _____ () C:\Users\Tony\AppData\Local\Temp\_MEI32722\win32com.shell.shell.pyd
2018-02-28 10:03 - 2018-02-28 10:03 - 001177088 _____ () C:\Users\Tony\AppData\Local\Temp\_MEI32722\wx._core_.pyd
2018-02-28 10:03 - 2018-02-28 10:03 - 000806912 _____ () C:\Users\Tony\AppData\Local\Temp\_MEI32722\wx._gdi_.pyd
2018-02-28 10:03 - 2018-02-28 10:03 - 000816640 _____ () C:\Users\Tony\AppData\Local\Temp\_MEI32722\wx._windows_.pyd
2018-02-28 10:03 - 2018-02-28 10:03 - 001067520 _____ () C:\Users\Tony\AppData\Local\Temp\_MEI32722\wx._controls_.pyd
2018-02-28 10:03 - 2018-02-28 10:03 - 000733696 _____ () C:\Users\Tony\AppData\Local\Temp\_MEI32722\wx._misc_.pyd
2018-02-28 10:03 - 2018-02-28 10:03 - 000736256 _____ () C:\Users\Tony\AppData\Local\Temp\_MEI32722\pysqlite2._sqlite.pyd
2018-02-28 10:03 - 2018-02-28 10:03 - 000119808 _____ () C:\Users\Tony\AppData\Local\Temp\_MEI32722\win32file.pyd
2018-02-28 10:03 - 2018-02-28 10:03 - 000108544 _____ () C:\Users\Tony\AppData\Local\Temp\_MEI32722\win32security.pyd
2018-02-28 10:03 - 2018-02-28 10:03 - 000007168 _____ () C:\Users\Tony\AppData\Local\Temp\_MEI32722\hashobjs_ext.pyd
2018-02-28 10:03 - 2018-02-28 10:03 - 000017920 _____ () C:\Users\Tony\AppData\Local\Temp\_MEI32722\thumbnails_ext.pyd
2018-02-28 10:03 - 2018-02-28 10:03 - 000082432 _____ () C:\Users\Tony\AppData\Local\Temp\_MEI32722\usb_ext.pyd
2018-02-28 10:03 - 2018-02-28 10:03 - 000013824 _____ () C:\Users\Tony\AppData\Local\Temp\_MEI32722\common.time34.pyd
2018-02-28 10:03 - 2018-02-28 10:03 - 000018432 _____ () C:\Users\Tony\AppData\Local\Temp\_MEI32722\win32event.pyd
2018-02-28 10:03 - 2018-02-28 10:03 - 000027648 _____ () C:\Users\Tony\AppData\Local\Temp\_MEI32722\windows.conditional.pyd
2018-02-28 10:03 - 2018-02-28 10:03 - 000017408 _____ () C:\Users\Tony\AppData\Local\Temp\_MEI32722\windows.winwrap.pyd
2018-02-28 10:03 - 2018-02-28 10:03 - 000089088 _____ () C:\Users\Tony\AppData\Local\Temp\_MEI32722\windows.volumes.pyd
2018-02-28 10:03 - 2018-02-28 10:03 - 000167936 _____ () C:\Users\Tony\AppData\Local\Temp\_MEI32722\win32gui.pyd
2018-02-28 10:03 - 2018-02-28 10:03 - 000046080 _____ () C:\Users\Tony\AppData\Local\Temp\_MEI32722\_socket.pyd
2018-02-28 10:03 - 2018-02-28 10:03 - 001311232 _____ () C:\Users\Tony\AppData\Local\Temp\_MEI32722\_ssl.pyd
2018-02-28 10:03 - 2018-02-28 10:03 - 000135680 _____ () C:\Users\Tony\AppData\Local\Temp\_MEI32722\_elementtree.pyd
2018-02-28 10:03 - 2018-02-28 10:03 - 000133632 _____ () C:\Users\Tony\AppData\Local\Temp\_MEI32722\pyexpat.pyd
2018-02-28 10:03 - 2018-02-28 10:03 - 000038912 _____ () C:\Users\Tony\AppData\Local\Temp\_MEI32722\win32inet.pyd
2018-02-28 10:03 - 2018-02-28 10:03 - 000077824 _____ () C:\Users\Tony\AppData\Local\Temp\_MEI32722\wx._html2.pyd
2018-02-28 10:03 - 2018-02-28 10:03 - 000036864 _____ () C:\Users\Tony\AppData\Local\Temp\_MEI32722\_psutil_windows.pyd
2018-02-28 10:03 - 2018-02-28 10:03 - 000524248 _____ () C:\Users\Tony\AppData\Local\Temp\_MEI32722\windows._lib_cacheinvalidation.pyd
2018-02-28 10:03 - 2018-02-28 10:03 - 000010240 _____ () C:\Users\Tony\AppData\Local\Temp\_MEI32722\select.pyd
2018-02-28 10:03 - 2018-02-28 10:03 - 000011264 _____ () C:\Users\Tony\AppData\Local\Temp\_MEI32722\win32crypt.pyd
2018-02-28 10:03 - 2018-02-28 10:03 - 000218624 _____ () C:\Users\Tony\AppData\Local\Temp\_MEI32722\PIL._imaging.pyd
2018-02-28 10:03 - 2018-02-28 10:03 - 000027648 _____ () C:\Users\Tony\AppData\Local\Temp\_MEI32722\_multiprocessing.pyd
2018-02-28 10:03 - 2018-02-28 10:03 - 000020480 _____ () C:\Users\Tony\AppData\Local\Temp\_MEI32722\_yappi.pyd
2018-02-28 10:03 - 2018-02-28 10:03 - 000035840 _____ () C:\Users\Tony\AppData\Local\Temp\_MEI32722\win32process.pyd
2018-02-28 10:03 - 2018-02-28 10:03 - 000024064 _____ () C:\Users\Tony\AppData\Local\Temp\_MEI32722\win32pipe.pyd
2018-02-28 10:03 - 2018-02-28 10:03 - 000025600 _____ () C:\Users\Tony\AppData\Local\Temp\_MEI32722\win32pdh.pyd
2018-02-28 10:03 - 2018-02-28 10:03 - 000059392 _____ () C:\Users\Tony\AppData\Local\Temp\_MEI32722\windows.device_monitor.pyd
2018-02-28 10:03 - 2018-02-28 10:03 - 000017408 _____ () C:\Users\Tony\AppData\Local\Temp\_MEI32722\win32profile.pyd
2018-02-28 10:03 - 2018-02-28 10:03 - 000022528 _____ () C:\Users\Tony\AppData\Local\Temp\_MEI32722\win32ts.pyd
2017-04-14 19:28 - 2017-03-16 17:59 - 000338488 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVAccountAPINode.node
2017-04-14 19:28 - 2017-03-16 17:59 - 000252352 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\DriverInstall.node
2017-04-14 19:28 - 2017-03-16 17:59 - 002443320 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\Downloader.node
2017-04-14 19:28 - 2017-03-16 17:59 - 000385592 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvGameShareAPINode.node
2017-04-14 19:28 - 2017-03-16 17:59 - 000543288 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvSpCapsAPINode.node
2017-04-14 19:28 - 2017-03-16 17:59 - 000468536 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvGalleryAPINode.node
2018-02-28 11:59 - 2018-02-26 04:24 - 000746312 _____ () C:\Users\Tony\AppData\Roaming\Dropbox\bin\dropbox_watchdog.dll
2018-02-28 11:59 - 2018-02-26 04:24 - 002079048 _____ () C:\Users\Tony\AppData\Roaming\Dropbox\bin\dropbox_crashpad.dll
2017-11-02 15:20 - 2018-02-26 04:24 - 000100312 _____ () C:\Users\Tony\AppData\Roaming\Dropbox\bin\_ctypes.pyd
2017-10-19 12:28 - 2018-02-26 04:24 - 000018896 _____ () C:\Users\Tony\AppData\Roaming\Dropbox\bin\select.pyd
2017-10-19 12:28 - 2018-02-26 04:26 - 000020808 _____ () C:\Users\Tony\AppData\Roaming\Dropbox\bin\tornado.speedups.pyd
2017-11-02 15:20 - 2018-02-26 04:24 - 000035808 _____ () C:\Users\Tony\AppData\Roaming\Dropbox\bin\_multiprocessing.pyd
2017-11-02 15:20 - 2018-02-26 04:24 - 000694232 _____ () C:\Users\Tony\AppData\Roaming\Dropbox\bin\unicodedata.pyd
2018-02-28 11:59 - 2018-02-26 04:26 - 000021856 _____ () C:\Users\Tony\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._constant_time.pyd
2017-11-02 15:20 - 2018-02-26 04:24 - 000130520 _____ () C:\Users\Tony\AppData\Roaming\Dropbox\bin\_cffi_backend.pyd
2018-02-28 11:59 - 2018-02-26 04:26 - 001856864 _____ () C:\Users\Tony\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._openssl.pyd
2018-02-28 11:59 - 2018-02-26 04:26 - 000022880 _____ () C:\Users\Tony\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._padding.pyd
2018-02-28 11:59 - 2018-02-26 04:24 - 000145880 _____ () C:\Users\Tony\AppData\Roaming\Dropbox\bin\pyexpat.pyd
2018-02-28 11:59 - 2018-02-26 04:24 - 000116696 _____ () C:\Users\Tony\AppData\Roaming\Dropbox\bin\pywintypes27.dll
2017-11-02 15:20 - 2018-02-26 04:24 - 000105944 _____ () C:\Users\Tony\AppData\Roaming\Dropbox\bin\win32api.pyd
2017-11-02 15:20 - 2018-02-26 04:26 - 000022872 _____ () C:\Users\Tony\AppData\Roaming\Dropbox\bin\winffi.crt.compiled._winffi_crt.pyd
2018-02-28 11:59 - 2018-02-26 04:26 - 000063312 _____ () C:\Users\Tony\AppData\Roaming\Dropbox\bin\psutil._psutil_windows.pyd
2017-11-02 15:20 - 2018-02-26 04:24 - 000024536 _____ () C:\Users\Tony\AppData\Roaming\Dropbox\bin\win32event.pyd
2018-02-28 11:59 - 2018-02-26 04:26 - 000077120 _____ () C:\Users\Tony\AppData\Roaming\Dropbox\bin\fastpath.pyd
2018-02-28 11:59 - 2018-02-26 04:24 - 000020952 _____ () C:\Users\Tony\AppData\Roaming\Dropbox\bin\mmapfile.pyd
2017-11-02 15:20 - 2018-02-26 04:24 - 000124888 _____ () C:\Users\Tony\AppData\Roaming\Dropbox\bin\win32file.pyd
2017-11-02 15:20 - 2018-02-26 04:24 - 000116184 _____ () C:\Users\Tony\AppData\Roaming\Dropbox\bin\win32security.pyd
2018-02-28 11:59 - 2018-02-26 04:24 - 000392664 _____ () C:\Users\Tony\AppData\Roaming\Dropbox\bin\pythoncom27.dll
2017-11-02 15:20 - 2018-02-26 04:26 - 000392520 _____ () C:\Users\Tony\AppData\Roaming\Dropbox\bin\win32com.shell.shell.pyd
2017-11-02 15:20 - 2018-02-26 04:26 - 000026464 _____ () C:\Users\Tony\AppData\Roaming\Dropbox\bin\winffi.kernel32.compiled._winffi_kernel32.pyd
2017-11-02 15:20 - 2018-02-26 04:24 - 000024024 _____ () C:\Users\Tony\AppData\Roaming\Dropbox\bin\win32clipboard.pyd
2017-11-02 15:20 - 2018-02-26 04:24 - 000175576 _____ () C:\Users\Tony\AppData\Roaming\Dropbox\bin\win32gui.pyd
2017-11-02 15:20 - 2018-02-26 04:24 - 000030168 _____ () C:\Users\Tony\AppData\Roaming\Dropbox\bin\win32pipe.pyd
2017-11-02 15:20 - 2018-02-26 04:24 - 000043480 _____ () C:\Users\Tony\AppData\Roaming\Dropbox\bin\win32process.pyd
2017-11-02 15:20 - 2018-02-26 04:24 - 000026072 _____ () C:\Users\Tony\AppData\Roaming\Dropbox\bin\win32job.pyd
2017-11-02 15:20 - 2018-02-26 04:24 - 000048600 _____ () C:\Users\Tony\AppData\Roaming\Dropbox\bin\win32service.pyd
2017-11-02 15:20 - 2018-02-26 04:24 - 000057816 _____ () C:\Users\Tony\AppData\Roaming\Dropbox\bin\win32evtlog.pyd
2018-02-28 11:59 - 2018-02-26 04:26 - 000021840 _____ () C:\Users\Tony\AppData\Roaming\Dropbox\bin\cpuid.compiled._cpuid.pyd
2017-11-02 15:20 - 2018-02-26 04:27 - 000023376 _____ () C:\Users\Tony\AppData\Roaming\Dropbox\bin\winshell.compiled._winshell.pyd
2018-02-28 11:59 - 2018-02-26 04:26 - 000022864 _____ () C:\Users\Tony\AppData\Roaming\Dropbox\bin\crashpad.compiled._Crashpad.pyd
2017-11-02 15:20 - 2018-02-26 04:26 - 000066400 _____ () C:\Users\Tony\AppData\Roaming\Dropbox\bin\winenumhandles.compiled._WinEnumHandles.pyd
2018-02-28 11:59 - 2018-02-26 04:26 - 001798464 _____ () C:\Users\Tony\AppData\Roaming\Dropbox\bin\PyQt5.QtCore.pyd
2017-10-19 12:28 - 2018-02-26 04:24 - 000084944 _____ () C:\Users\Tony\AppData\Roaming\Dropbox\bin\sip.pyd
2018-02-28 11:59 - 2018-02-26 04:26 - 001959232 _____ () C:\Users\Tony\AppData\Roaming\Dropbox\bin\PyQt5.QtGui.pyd
2018-02-28 11:59 - 2018-02-26 04:26 - 003863880 _____ () C:\Users\Tony\AppData\Roaming\Dropbox\bin\PyQt5.QtWidgets.pyd
2018-02-28 11:59 - 2018-02-26 04:26 - 000155472 _____ () C:\Users\Tony\AppData\Roaming\Dropbox\bin\PyQt5.QtWebEngineWidgets.pyd
2018-02-28 11:59 - 2018-02-26 04:26 - 000521544 _____ () C:\Users\Tony\AppData\Roaming\Dropbox\bin\PyQt5.QtNetwork.pyd
2018-02-28 11:59 - 2018-02-26 04:26 - 000051024 _____ () C:\Users\Tony\AppData\Roaming\Dropbox\bin\PyQt5.QtWebEngineCore.pyd
2018-02-28 11:59 - 2018-02-26 04:26 - 000043336 _____ () C:\Users\Tony\AppData\Roaming\Dropbox\bin\PyQt5.QtWebChannel.pyd
2018-02-28 11:59 - 2018-02-26 04:26 - 000131400 _____ () C:\Users\Tony\AppData\Roaming\Dropbox\bin\PyQt5.QtWebKit.pyd
2018-02-28 11:59 - 2018-02-26 04:26 - 000219984 _____ () C:\Users\Tony\AppData\Roaming\Dropbox\bin\PyQt5.QtWebKitWidgets.pyd
2018-02-28 11:59 - 2018-02-26 04:26 - 000204104 _____ () C:\Users\Tony\AppData\Roaming\Dropbox\bin\PyQt5.QtPrintSupport.pyd
2017-11-02 15:20 - 2018-02-26 04:27 - 000025440 _____ () C:\Users\Tony\AppData\Roaming\Dropbox\bin\winscreenshot.compiled._CaptureScreenshot.pyd
2017-11-02 15:20 - 2018-02-26 04:24 - 000060888 _____ () C:\Users\Tony\AppData\Roaming\Dropbox\bin\win32print.pyd
2017-11-02 15:20 - 2018-02-26 04:27 - 000054616 _____ () C:\Users\Tony\AppData\Roaming\Dropbox\bin\winrpcserver.compiled._RPCServer.pyd
2017-11-02 15:20 - 2018-02-26 04:24 - 000024024 _____ () C:\Users\Tony\AppData\Roaming\Dropbox\bin\win32profile.pyd
2017-11-02 15:20 - 2018-02-26 04:26 - 000022880 _____ () C:\Users\Tony\AppData\Roaming\Dropbox\bin\winffi.user32.compiled._winffi_user32.pyd
2017-11-02 15:20 - 2018-02-26 04:24 - 000028632 _____ () C:\Users\Tony\AppData\Roaming\Dropbox\bin\win32ts.pyd
2017-11-02 15:20 - 2018-02-26 04:26 - 000022368 _____ () C:\Users\Tony\AppData\Roaming\Dropbox\bin\winffi.iphlpapi.compiled._winffi_iphlpapi.pyd
2017-11-02 15:20 - 2018-02-26 04:26 - 000021856 _____ () C:\Users\Tony\AppData\Roaming\Dropbox\bin\winffi.winerror.compiled._winffi_winerror.pyd
2017-11-02 15:20 - 2018-02-26 04:27 - 000022368 _____ () C:\Users\Tony\AppData\Roaming\Dropbox\bin\winffi.wininet.compiled._winffi_wininet.pyd
2018-02-28 11:59 - 2018-02-26 04:26 - 000027496 _____ () C:\Users\Tony\AppData\Roaming\Dropbox\bin\dropbox.infinite.win.compiled._driverinstallation.pyd
2017-11-02 15:20 - 2018-02-26 04:24 - 000349144 _____ () C:\Users\Tony\AppData\Roaming\Dropbox\bin\winxpgui.pyd
2017-11-02 15:20 - 2018-02-26 04:27 - 000023904 _____ () C:\Users\Tony\AppData\Roaming\Dropbox\bin\winverifysignature.compiled._VerifySignature.pyd
2018-02-28 11:59 - 2018-02-26 04:26 - 000025432 _____ () C:\Users\Tony\AppData\Roaming\Dropbox\bin\librsyncffi.compiled._librsyncffi.pyd
2018-02-28 11:59 - 2018-02-26 04:24 - 000036312 _____ () C:\Users\Tony\AppData\Roaming\Dropbox\bin\librsync.dll
2018-01-11 13:23 - 2018-02-26 04:26 - 000021856 _____ () C:\Users\Tony\AppData\Roaming\Dropbox\bin\winffi.advapi32.compiled._winffi_advapi32.pyd
2018-02-28 11:59 - 2018-02-26 04:26 - 000181064 _____ () C:\Users\Tony\AppData\Roaming\Dropbox\bin\dropbox_sqlite_ext.DLL
2017-11-02 15:20 - 2018-02-26 04:26 - 000030544 _____ () C:\Users\Tony\AppData\Roaming\Dropbox\bin\wind3d11.compiled._wind3d11.pyd
2018-02-28 11:59 - 2018-02-26 04:26 - 000024384 _____ () C:\Users\Tony\AppData\Roaming\Dropbox\bin\libEGL.DLL
2018-02-28 11:59 - 2018-02-26 04:26 - 001638208 _____ () C:\Users\Tony\AppData\Roaming\Dropbox\bin\libGLESv2.dll
2017-11-02 15:20 - 2018-02-26 04:26 - 000026464 _____ () C:\Users\Tony\AppData\Roaming\Dropbox\bin\winffi.winhttp.compiled._winffi_winhttp.pyd
2018-02-28 11:59 - 2018-02-26 04:26 - 000546632 _____ () C:\Users\Tony\AppData\Roaming\Dropbox\bin\PyQt5.QtQuick.pyd
2018-02-28 11:59 - 2018-02-26 04:26 - 000359744 _____ () C:\Users\Tony\AppData\Roaming\Dropbox\bin\PyQt5.QtQml.pyd
2018-02-28 11:59 - 2018-02-26 04:26 - 000038216 _____ () C:\Users\Tony\AppData\Roaming\Dropbox\bin\PyQt5.QtWebEngine.pyd
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\Program Files\Common Files\System:g2iileUKu9DvDX0fYTlpeSCqT [2210]
AlternateDataStreams: C:\ProgramData\Microsoft:VssScbIji3c67OfLqb2CNS2 [2276]
AlternateDataStreams: C:\ProgramData\Microsoft:yqRnPwY6mHlzbSwNQRBRe5nSqS0 [2166]
AlternateDataStreams: C:\Users\Tony\Cookies:bCFZvAvxQkkGxzHRivPI5cR2d [2230]
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com
IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com
IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com
IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com
IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com
IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com
IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com
IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com
There are 7937 more sites.
IE restricted site: HKU\S-1-5-21-1102455636-970572162-2684302250-1001\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-1102455636-970572162-2684302250-1001\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-1102455636-970572162-2684302250-1001\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-1102455636-970572162-2684302250-1001\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-1102455636-970572162-2684302250-1001\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-1102455636-970572162-2684302250-1001\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-1102455636-970572162-2684302250-1001\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-1102455636-970572162-2684302250-1001\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-1102455636-970572162-2684302250-1001\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-1102455636-970572162-2684302250-1001\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-1102455636-970572162-2684302250-1001\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-1102455636-970572162-2684302250-1001\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-1102455636-970572162-2684302250-1001\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-1102455636-970572162-2684302250-1001\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-1102455636-970572162-2684302250-1001\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-1102455636-970572162-2684302250-1001\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-1102455636-970572162-2684302250-1001\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-1102455636-970572162-2684302250-1001\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-1102455636-970572162-2684302250-1001\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-1102455636-970572162-2684302250-1001\...\123simsen.com -> www.123simsen.com
There are 7937 more sites.
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-13 19:34 - 2018-02-22 19:09 - 000456004 ____R C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 crl.verisign.net CRL.VERISIGN.NET ood.opsource.net
127.0.0.1 activate.adobe.com
127.0.0.1 activate-sea.adobe.com
127.0.0.1 practivate.adobe
127.0.0.1 practivate.adobe.com
127.0.0.1 practivate.adobe.newoa
127.0.0.1 practivate.adobe.ntp
127.0.0.1 practivate.adobe.ipp
127.0.0.1 adobeereg.com
127.0.0.1 activate.wip1.adobe.com
127.0.0.1 activate.wip2.adobe.com
127.0.0.1 activate.wip3.adobe.com
127.0.0.1 activate.wip4.adobe.com
127.0.0.1 www.adobeereg.com
127.0.0.1 hl2rcv.adobe.com
127.0.0.1 wip.adobe.com
127.0.0.1 wip1.aobe.com
127.0.0.1 wip2.adobe.com
127.0.0.1 wip3.adobe.com
127.0.0.1 wip4.adobe.com
127.0.0.1 www.wip.adobe.com
127.0.0.1 www.wip1.adobe.com
127.0.0.1 www.wip2.adobe.com
127.0.0.1 www.wip3.adobe.com
127.0.0.1 www.wip4.adobe.com
127.0.0.1 3dns.adobe.com
127.0.0.1 3dns-1.adobe.com
127.0.0.1 3dns-2.adobe.com
127.0.0.1 3dns-3.adobe.com
127.0.0.1 3dns-4.adobe.com
There are 15645 more lines.
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-1102455636-970572162-2684302250-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Tony\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
MSCONFIG\Services: Bonjour Service => 2
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: MBAMService => 2
MSCONFIG\Services: MozillaMaintenance => 3
MSCONFIG\Services: SDScannerService => 2
MSCONFIG\Services: SDUpdateService => 2
MSCONFIG\Services: SDWSCService => 2
MSCONFIG\Services: SkypeUpdate => 2
MSCONFIG\Services: Steam Client Service => 3
MSCONFIG\Services: SwitchBoard => 3
MSCONFIG\Services: VPNUnlimitedService => 2
MSCONFIG\startupfolder: C:^Users^Tony^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk => C:\Windows\pss\Dropbox.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Tony^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Launch Jawbone Updater.lnk => C:\Windows\pss\Launch Jawbone Updater.lnk.Startup
MSCONFIG\startupreg: Acrobat Assistant 8.0 => "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe"
MSCONFIG\startupreg: Adobe Acrobat Speed Launcher => "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe"
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: AdobeCS5.5ServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin
MSCONFIG\startupreg: BCSSync => "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
MSCONFIG\startupreg: BDRegion => C:\Program Files (x86)\Cyberlink\Shared files\brs.exe
MSCONFIG\startupreg: Dropbox Update => "C:\Users\Tony\AppData\Local\Dropbox\Update\DropboxUpdate.exe" /c
MSCONFIG\startupreg: Google Update => C:\Users\Tony\AppData\Local\Google\Update\1.3.33.7\GoogleUpdateCore.exe
MSCONFIG\startupreg: GoogleDriveSync => "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
MSCONFIG\startupreg: KeePass 2 PreLoad => "C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe" --preload
MSCONFIG\startupreg: NvBackend => "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
MSCONFIG\startupreg: RemoteControl10 => "C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"
MSCONFIG\startupreg: SDTray => "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
MSCONFIG\startupreg: ShadowPlay => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: Spotify => "C:\Users\Tony\AppData\Roaming\Spotify\Spotify.exe" -autostart -minimized
MSCONFIG\startupreg: Spotify Web Helper => C:\Users\Tony\AppData\Roaming\Spotify\SpotifyWebHelper.exe --autostart
MSCONFIG\startupreg: SPUpDateServerrun => C:\Program Files (x86)\hicloud\update_server\startUp.exe
MSCONFIG\startupreg: SpybotPostWindows10UpgradeReInstall => "C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe"
MSCONFIG\startupreg: Steam => "C:\Program Files (x86)\Steam\Steam.exe" -silent
MSCONFIG\startupreg: SwitchBoard => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
MSCONFIG\startupreg: VirtualCloneDrive => "C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
MSCONFIG\startupreg: VPN Unlimited => "C:\Program Files (x86)\VPN Unlimited\vpn-unlimited-launcher.exe"
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{C94B7BBA-7528-4065-A327-32837718CFBA}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\wlcsdk.exe
FirewallRules: [{FEBDE4F8-1509-448A-AD50-B7E09C433AF3}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{D780D2D3-2C6E-4A4B-808C-291839ED713A}] => (Allow) svchost.exe
FirewallRules: [{C35302F7-0F1C-4ED8-AB13-F999E2E89E74}] => (Allow) C:\Program Files (x86)\Windows Live\Sync\WindowsLiveSync.exe
FirewallRules: [{50A14BA8-ADCA-4CC6-B56B-F208468AA670}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{58AD8B65-40F5-401F-9294-1463887A38E4}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{1F1EB59A-B902-4718-960A-F7DFA940034B}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD Cinema\PowerDVDCinema10.exe
FirewallRules: [{1D6C89FD-1FE5-4572-B0B3-9AA31B60DDBD}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD10.EXE
FirewallRules: [{27621D25-8363-469A-A55A-405CCD1EE34C}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{0CAE9E8D-E3C4-4EB2-A413-D8BE189D3355}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{A7583A5E-3962-49DE-97AE-733BEDFB7979}] => (Allow) C:\Users\Tony\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{BB43B410-9DD0-460F-9F6D-5D54B98FB2DD}] => (Allow) C:\Users\Tony\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [TCP Query User{2316BD9B-C573-4309-B9E1-22AE5BD764E0}C:\users\tony\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\tony\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [UDP Query User{CA2DE3B7-3BA9-4789-89E9-7EF688ACF1E4}C:\users\tony\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\tony\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [TCP Query User{22FCBB10-E887-44AC-9E9A-FEF38494E654}C:\program files (x86)\starcraft ii\versions\base21029\sc2.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base21029\sc2.exe
FirewallRules: [UDP Query User{820CA7FC-8CEE-44F5-9D51-2B19336FC755}C:\program files (x86)\starcraft ii\versions\base21029\sc2.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base21029\sc2.exe
FirewallRules: [{55DF7993-1990-44F3-A1D8-12BC5C870009}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\far cry 2\bin\FarCry2.exe
FirewallRules: [{FA973FBE-1749-4DD1-A3FE-8CDBFC918DF7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\far cry 2\bin\FarCry2.exe
FirewallRules: [{A2569AE1-7502-461C-AB09-4B355BDE37BC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\far cry 2\bin\FC2Editor.exe
FirewallRules: [{C0C2D631-3B82-48A1-A167-E9F85C08C75E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\far cry 2\bin\FC2Editor.exe
FirewallRules: [{23C246E8-F7ED-4FB9-BD86-65E982492D94}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\far cry 2\bin\FC2BenchmarkTool.exe
FirewallRules: [{D968DC83-A818-4F15-9036-31113EADB362}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\far cry 2\bin\FC2BenchmarkTool.exe
FirewallRules: [{3ED7F80D-F835-4EEA-AADE-B33F9BF00E38}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\far cry 2\bin\FC2ServerLauncher.exe
FirewallRules: [{FE0E5019-8C2D-41EF-9231-2C74A29F9AD0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\far cry 2\bin\FC2ServerLauncher.exe
FirewallRules: [{91044E54-F13B-4A4C-8249-F41263587D96}] => (Allow) C:\Program Files (x86)\Adobe\Adobe Flash Builder 4.5\FlashBuilder.exe
FirewallRules: [{F9AA042C-32C2-446F-996F-27A7D18BC4B6}] => (Allow) C:\Program Files (x86)\Adobe\Adobe Flash Builder 4.5\FlashBuilder.exe
FirewallRules: [{A9D52C2B-FABC-4AA7-BAC7-8FEDEEABB966}] => (Allow) LPort=7935
FirewallRules: [{B3B1CD70-416E-41A5-A8EC-3ACFCD074196}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\deus ex - human revolution\dxhr.exe
FirewallRules: [{D6A9BBAE-0185-448C-B077-CDE9ACC5CFD3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\deus ex - human revolution\dxhr.exe
FirewallRules: [{595C43A2-DF86-4F5E-8499-BC329E817444}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\batman arkham asylum\Batman_Revoker.exe
FirewallRules: [{F2AD82F0-D740-4D11-8822-A4C847038776}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\batman arkham asylum\Batman_Revoker.exe
FirewallRules: [{E8CE9104-293C-4425-96E6-2EBA7A98E2ED}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\batman arkham asylum\Binaries\BmLauncher.exe
FirewallRules: [{D7D31D45-0C11-47DC-B56F-8001C1E5A824}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\batman arkham asylum\Binaries\BmLauncher.exe
FirewallRules: [{EE4F8369-AFA6-4C6E-9795-64001F41EDFA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Mass Effect\Binaries\MassEffect.exe
FirewallRules: [{7D67C039-DC27-4D73-BD9E-072FF2765A51}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Mass Effect\Binaries\MassEffect.exe
FirewallRules: [{833FB474-6C2B-4CDC-B1FB-771DB35E1FEC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Mass Effect\docs\EA Help\Electronic_Arts_Technical_Support.htm
FirewallRules: [{145884B9-FA73-4E23-9C95-594FE41E2892}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Mass Effect\docs\EA Help\Electronic_Arts_Technical_Support.htm
FirewallRules: [{29283C7E-7160-4B7F-8DFF-F102F3498540}] => (Allow) C:\Program Files (x86)\StarCraft II\StarCraft II Public Test.exe
FirewallRules: [{566A7F5A-9C52-48F6-8B2A-3D16F511AB1B}] => (Allow) C:\Program Files (x86)\StarCraft II\StarCraft II Public Test.exe
FirewallRules: [{5936E222-B2B7-4DF9-A647-67F36BD584C6}] => (Allow) C:\Program Files (x86)\StarCraft II\Versions\Base23260\SC2.exe
FirewallRules: [{43AA3C86-78E6-47F8-B5F8-EF479DAD5C9A}] => (Allow) C:\Program Files (x86)\StarCraft II\Versions\Base23260\SC2.exe
FirewallRules: [{295D6561-BD4E-4FEA-96C1-823F26BC9AB1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\bioshock\Builds\Release\Bioshock.exe
FirewallRules: [{21E6802C-07CD-43E0-994F-026BEE8613D4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\bioshock\Builds\Release\Bioshock.exe
FirewallRules: [{6D043871-189B-42A2-8DF0-2F5B62035A41}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Operation Flashpoint Red River\RedRiverLauncher.exe
FirewallRules: [{7CF7B59B-BAF1-41F3-A500-52A1D02A48E9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Operation Flashpoint Red River\RedRiverLauncher.exe
FirewallRules: [TCP Query User{3D5903BA-A9E4-4C3D-98FD-D729172B86F1}C:\program files (x86)\steam\steamapps\common\operation flashpoint red river\redriver.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\operation flashpoint red river\redriver.exe
FirewallRules: [UDP Query User{8D0D78F3-180F-4340-96B1-66D9AAA2BA9D}C:\program files (x86)\steam\steamapps\common\operation flashpoint red river\redriver.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\operation flashpoint red river\redriver.exe
FirewallRules: [TCP Query User{93D54BE7-278D-4100-A37B-19F6B9D00212}C:\program files (x86)\steam\steamapps\common\the witcher 2\bin\witcher2.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\the witcher 2\bin\witcher2.exe
FirewallRules: [UDP Query User{67287190-27D2-4F22-95E6-F165F7907330}C:\program files (x86)\steam\steamapps\common\the witcher 2\bin\witcher2.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\the witcher 2\bin\witcher2.exe
FirewallRules: [{980A7706-DC85-47B0-AE46-1060364562D3}] => (Allow) C:\Program Files (x86)\StarCraft II\Versions\Base23260\SC2.exe
FirewallRules: [{D891CF18-B259-45E3-9A08-008C8BE4D384}] => (Allow) C:\Program Files (x86)\StarCraft II\Versions\Base23260\SC2.exe
FirewallRules: [TCP Query User{730458B9-C37D-4A78-A7FC-3B6B12B96FB7}C:\program files (x86)\steam\steamapps\k2o4\counter-strike source\hl2.exe] => (Allow) C:\program files (x86)\steam\steamapps\k2o4\counter-strike source\hl2.exe
FirewallRules: [UDP Query User{2409B414-35DB-4E71-9FD5-CCB413877DC9}C:\program files (x86)\steam\steamapps\k2o4\counter-strike source\hl2.exe] => (Allow) C:\program files (x86)\steam\steamapps\k2o4\counter-strike source\hl2.exe
FirewallRules: [TCP Query User{DA7F12F1-9843-406D-BA2D-C6E138AF33E9}C:\program files (x86)\steam\steamapps\common\batman arkham asylum\binaries\shippingpc-bmgame.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\batman arkham asylum\binaries\shippingpc-bmgame.exe
FirewallRules: [UDP Query User{70ABE535-AA49-4781-B50F-5B1F690101F1}C:\program files (x86)\steam\steamapps\common\batman arkham asylum\binaries\shippingpc-bmgame.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\batman arkham asylum\binaries\shippingpc-bmgame.exe
FirewallRules: [{D3A21772-8751-4842-921B-E4FC17264215}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\sniper ghost warrior\Sniper_x86.exe
FirewallRules: [{B8A21AD6-3B7B-402C-923F-267BDE0004F2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\sniper ghost warrior\Sniper_x86.exe
FirewallRules: [{FFCC9C62-6DC2-40AC-8541-ADE755BA730C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\skyrim\SkyrimLauncher.exe
FirewallRules: [{6D01B1DE-17E0-4C94-B5D9-4D56202BDAA0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\skyrim\SkyrimLauncher.exe
FirewallRules: [{FA72446A-6AEA-4DFC-9CA6-8CCD18B6FA6F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\the witcher 2\Launcher.exe
FirewallRules: [{42F24E93-8D36-4632-B52A-5A13A6E5834E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\the witcher 2\Launcher.exe
FirewallRules: [{5FE39FA7-E9C2-4136-A4CB-05FA021A2821}] => (Allow) C:\Program Files (x86)\StarCraft II\Versions\Base24944\SC2.exe
FirewallRules: [{8D17D197-EDD5-4FF7-81C5-18DB99DF6550}] => (Allow) C:\Program Files (x86)\StarCraft II\Versions\Base24944\SC2.exe
FirewallRules: [TCP Query User{C0F52063-B14D-406C-BF25-6605465BB970}C:\program files (x86)\soulseekqt\soulseekqt.exe] => (Allow) C:\program files (x86)\soulseekqt\soulseekqt.exe
FirewallRules: [UDP Query User{E14C4857-6C0C-4710-807C-4909810C9479}C:\program files (x86)\soulseekqt\soulseekqt.exe] => (Allow) C:\program files (x86)\soulseekqt\soulseekqt.exe
FirewallRules: [{B4B51B01-6CCB-48C1-B111-9FF738624089}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Portal 2\portal2.exe
FirewallRules: [{3C2BDA58-5126-483E-982C-AA680C6BAFE2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Portal 2\portal2.exe
FirewallRules: [{B1AFC845-8006-4DB3-A4AD-5003C6DD0949}] => (Allow) C:\Users\Tony\AppData\Roaming\Spotify\spotify.exe
FirewallRules: [{463A718C-299A-44DE-8D55-71FDF529B708}] => (Allow) C:\Users\Tony\AppData\Roaming\Spotify\spotify.exe
FirewallRules: [{9EAD787C-E81E-431F-B740-5E7BB0660B10}] => (Allow) C:\Users\Tony\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{0E9CD0D0-BD16-458F-96C6-EA1CE3A4A3FB}] => (Allow) C:\Users\Tony\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{72DA5740-D28B-479D-9A77-55123D3C835B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Source\hl2.exe
FirewallRules: [{654A3215-0E47-4153-A848-21C5676CBE33}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Source\hl2.exe
FirewallRules: [{D140B750-D28D-4AB1-BC60-4A34C7ADD316}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Batman Arkham City GOTY\Binaries\Win32\BatmanAC.exe
FirewallRules: [{D70FF6E1-E9C5-4BD7-83FC-99A2195DF0B2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Batman Arkham City GOTY\Binaries\Win32\BatmanAC.exe
FirewallRules: [{D0427322-583C-4839-8222-45B4B0678EAC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Batman Arkham City GOTY\RunLauncher.bat
FirewallRules: [{73F3E47C-2B69-419A-8AC9-A2C6AC917BEA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Batman Arkham City GOTY\RunLauncher.bat
FirewallRules: [{A58ACA2D-8708-47B0-AB00-9FACDD6B545A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ArmA Armed Assault\arma.exe
FirewallRules: [{0A88817B-52E6-48F0-8E99-0DD5D2BDAEFF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ArmA Armed Assault\arma.exe
FirewallRules: [{E67CAF2B-6A16-4124-BC9C-64D4E2AE444E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ArmA Armed Assault\arma_server.exe
FirewallRules: [{14895B41-8D2E-4D1E-BBD1-33D5F41118A1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ArmA Armed Assault\arma_server.exe
FirewallRules: [{95B56A3A-7EC8-447B-9FE9-ADA59EC88E54}] => (Allow) C:\Program Files (x86)\Steam\steamapps\k2o4\half-life source\hl2.exe
FirewallRules: [{757DED74-77FD-4AAB-A19B-D1C711444C29}] => (Allow) C:\Program Files (x86)\Steam\steamapps\k2o4\half-life source\hl2.exe
FirewallRules: [{6F46221F-6D84-418B-BB93-11E5B26EDC9F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\call of duty modern warfare 2\iw4mp.exe
FirewallRules: [{2224ED4C-C4B2-4099-BF97-46476A2F1586}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\call of duty modern warfare 2\iw4mp.exe
FirewallRules: [{0FA96B23-4E19-4A28-B615-88E910142C6C}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{1CAB844F-9461-441F-BD85-6FBC6531F7D9}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{DC54BBB6-8679-4084-A9C3-92BC2DECB015}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{40BE571D-699B-4694-B8FC-4F75A8D91572}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{7ABAFA1E-BD4D-4E47-8F66-F120A8527E2E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Far Cry 3\bin\farcry3.exe
FirewallRules: [{843CFA62-789B-45B0-949B-EA2C80E9F5ED}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Far Cry 3\bin\farcry3.exe
FirewallRules: [{7A2B1FEB-260B-4833-8A8B-E749AB1509FC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Far Cry 3\bin\farcry3_d3d11.exe
FirewallRules: [{B5E2345A-5A44-4543-936D-5F8E5B001E00}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Far Cry 3\bin\farcry3_d3d11.exe
FirewallRules: [{FE242D0B-62A8-4468-AD51-D5EA3287A0BC}] => (Allow) C:\Program Files (x86)\StarCraft II\Versions\Base28667\SC2.exe
FirewallRules: [{3112BD5E-B84E-47C2-A13A-2A9A2695172B}] => (Allow) C:\Program Files (x86)\StarCraft II\Versions\Base28667\SC2.exe
FirewallRules: [{8A9C3534-04E8-48B8-A93F-F943315F0ABA}] => (Allow) C:\Users\Tony\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{0C2CB363-3EEB-46E8-B932-5FF218035381}] => (Allow) C:\Users\Tony\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{AD01599C-56DA-4091-B7C9-7332AC0983B8}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{0D103B16-B666-458A-8F88-E5C43091C854}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{75180442-838E-4598-AD04-5F90F1C46CE5}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Batman Arkham Origins\SinglePlayer\Binaries\Win32\BatmanOrigins.exe
FirewallRules: [{EA6A3B73-0091-4FE4-BD0D-A54B0A530481}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Batman Arkham Origins\SinglePlayer\Binaries\Win32\BatmanOrigins.exe
FirewallRules: [{EE3711E7-8925-4EAD-A5F9-58FF110F0890}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Batman Arkham Origins\Online\Binaries\Win32\BatmanOriginsOnline.exe
FirewallRules: [{5076828A-E978-4C2A-9D5B-87C9EAED8765}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Batman Arkham Origins\Online\Binaries\Win32\BatmanOriginsOnline.exe
FirewallRules: [TCP Query User{787422F0-DCFC-4C30-9967-CC30D36292F3}C:\program files\comicrack\comicrack.exe] => (Allow) C:\program files\comicrack\comicrack.exe
FirewallRules: [UDP Query User{28F2EC35-E815-479D-B5B0-88A716919B4E}C:\program files\comicrack\comicrack.exe] => (Allow) C:\program files\comicrack\comicrack.exe
FirewallRules: [{7FE5707E-DA61-42FB-A847-D0E2B8E4723D}] => (Allow) C:\Program Files (x86)\BitTorrent Sync\BTSync.exe
FirewallRules: [{8B4D8705-F675-47C6-B159-6DE184055E35}] => (Allow) C:\Program Files (x86)\BitTorrent Sync\BTSync.exe
FirewallRules: [{304A4303-B574-4369-811B-A0BC53B36644}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Witcher Enhanced Edition\System\witcher.exe
FirewallRules: [{CFBF4CB7-7C62-45E8-A094-690BC9421604}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Witcher Enhanced Edition\System\witcher.exe
FirewallRules: [{1E455F01-2230-4523-8B31-E731C404E657}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Witcher Enhanced Edition\System\djinni!.exe
FirewallRules: [{6942D3E2-80A5-4C13-A4FC-8B67CD02AD8B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Witcher Enhanced Edition\System\djinni!.exe
FirewallRules: [{C42B5ABA-86B4-47CE-BAB3-123F587F32FA}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Witcher Enhanced Edition\Digital Comic\DigitalComic.exe
FirewallRules: [{5C6E041C-0244-45CC-B1D2-A64C6FC584D2}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Witcher Enhanced Edition\Digital Comic\DigitalComic.exe
FirewallRules: [{0179A596-CE66-4F1E-A6FA-7A02B9942FEF}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\How to Survive\HowToSurvive.exe
FirewallRules: [{02CACBFA-DB8A-4A40-8841-13F9A34B7C94}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\How to Survive\HowToSurvive.exe
FirewallRules: [{5ECE6AE2-3975-4A65-83C1-315BDB4D9ED0}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\How to Survive\Detect.exe
FirewallRules: [{9A31FE80-4312-4748-88E1-BFDA808AC319}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\How to Survive\Detect.exe
FirewallRules: [{1EAB5B9F-D77E-4B4E-80D9-BBDB3AA7ACB9}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Half-Life 2\hl2.exe
FirewallRules: [{EC541598-DF82-4E62-95F3-BD97898D5992}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Half-Life 2\hl2.exe
FirewallRules: [{92E65FE7-C300-40D9-8049-3CEFDCB32577}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{D2B5FC28-9E58-4C33-8EAF-A2BCC2099EC9}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Far Cry 3\bin\FC3UpdaterSteam.exe
FirewallRules: [{9176C9EF-4AB5-4CC2-9AD1-93BE46583375}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Far Cry 3\bin\FC3UpdaterSteam.exe
FirewallRules: [TCP Query User{DDDA03D4-D43B-41EF-AF9D-4F4EAF41DDD9}C:\program files (x86)\starcraft ii\versions\base38749\sc2_x64.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base38749\sc2_x64.exe
FirewallRules: [UDP Query User{3F56A0CC-672D-4379-9B1A-A1EBF9B322C6}C:\program files (x86)\starcraft ii\versions\base38749\sc2_x64.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base38749\sc2_x64.exe
FirewallRules: [{727A4383-4781-46BA-AAD5-BEF338D8AD84}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net Launcher.exe
FirewallRules: [{BB219E4D-A349-4496-8A68-5CF28C5959CD}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net Launcher.exe
FirewallRules: [{FAC5160A-8271-41BC-9CF9-C190F859969D}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net Launcher.exe
FirewallRules: [{11E1560D-7786-44B4-A937-373149B6368A}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net Launcher.exe
FirewallRules: [TCP Query User{86DC95B3-2305-4E9D-A4E3-F8DDA873D132}C:\program files (x86)\starcraft ii\versions\base38996\sc2_x64.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base38996\sc2_x64.exe
FirewallRules: [UDP Query User{4BA5C3E7-16B9-432E-8A45-FACC94FE9AAB}C:\program files (x86)\starcraft ii\versions\base38996\sc2_x64.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base38996\sc2_x64.exe
FirewallRules: [TCP Query User{F203F71C-B647-4DB4-8705-9A2D2DCCC4BF}C:\program files (x86)\starcraft ii\versions\base38996\sc2_x64.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base38996\sc2_x64.exe
FirewallRules: [UDP Query User{4ABADC62-8451-44E2-AB49-7DFAA9E1D880}C:\program files (x86)\starcraft ii\versions\base38996\sc2_x64.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base38996\sc2_x64.exe
FirewallRules: [TCP Query User{C14B42BB-892F-4439-9D23-F356092ACB59}C:\program files (x86)\starcraft ii\versions\base39576\sc2_x64.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base39576\sc2_x64.exe
FirewallRules: [UDP Query User{53B05269-CED8-4873-9BDE-767BC1E3D7F3}C:\program files (x86)\starcraft ii\versions\base39576\sc2_x64.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base39576\sc2_x64.exe
FirewallRules: [TCP Query User{274BCB66-77C7-4B32-8C76-2562184B2F7B}C:\program files (x86)\starcraft ii\versions\base41743\sc2_x64.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base41743\sc2_x64.exe
FirewallRules: [UDP Query User{A4855539-E298-4371-90EA-5AE54C71E0E3}C:\program files (x86)\starcraft ii\versions\base41743\sc2_x64.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base41743\sc2_x64.exe
FirewallRules: [TCP Query User{F1EC5057-1BFE-4363-A03D-4C74ED092118}C:\users\tony\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\tony\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{9ACBCC16-212B-4F10-BD06-88CAE3A76A3E}C:\users\tony\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\tony\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{99DEFCAB-8880-4910-A411-12C629DFEA97}C:\program files (x86)\starcraft ii\versions\base42253\sc2_x64.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base42253\sc2_x64.exe
FirewallRules: [UDP Query User{8F56C318-E395-41F5-BAD6-9EC52F300933}C:\program files (x86)\starcraft ii\versions\base42253\sc2_x64.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base42253\sc2_x64.exe
FirewallRules: [{433A6DFD-BBF8-4902-8699-F51EA2DAFFF6}] => (Allow) C:\Program Files\pia_manager\pia_manager.exe
FirewallRules: [{0EC7F383-986D-4046-961A-489E7A463801}] => (Allow) C:\Program Files\pia_manager\pia_manager.exe
FirewallRules: [{C0C05FB5-FF8A-4BAD-84AD-02412C610334}] => (Allow) C:\Program Files\pia_manager\pia_manager.exe
FirewallRules: [{38827AF6-90E0-433E-AFD3-3E292E083EFF}] => (Allow) C:\Program Files\pia_manager\pia_manager.exe
FirewallRules: [TCP Query User{47C2AEE1-9AC4-4CBF-A23C-21BD20C53CD7}C:\program files (x86)\starcraft ii\versions\base42932\sc2_x64.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base42932\sc2_x64.exe
FirewallRules: [UDP Query User{219E2389-4B86-488B-88C6-B2597AA1B0EC}C:\program files (x86)\starcraft ii\versions\base42932\sc2_x64.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base42932\sc2_x64.exe
FirewallRules: [TCP Query User{70119917-546B-4262-B2F8-E3861CFB024A}C:\program files (x86)\starcraft ii\versions\base43478\sc2_x64.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base43478\sc2_x64.exe
FirewallRules: [UDP Query User{A3F646BF-0C59-4441-A763-7E42F6E14291}C:\program files (x86)\starcraft ii\versions\base43478\sc2_x64.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base43478\sc2_x64.exe
FirewallRules: [TCP Query User{7B3BC547-386D-44DA-B856-6688220DCE42}C:\program files (x86)\starcraft ii\versions\base44401\sc2_x64.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base44401\sc2_x64.exe
FirewallRules: [UDP Query User{2F2B7EF2-5BEC-411E-9D85-0F96D156AF0A}C:\program files (x86)\starcraft ii\versions\base44401\sc2_x64.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base44401\sc2_x64.exe
FirewallRules: [TCP Query User{921920D5-6270-4BC1-BEFA-DFC14BB99493}C:\program files (x86)\starcraft ii\versions\base44983\sc2_x64.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base44983\sc2_x64.exe
FirewallRules: [UDP Query User{905ACA9D-DF61-4413-B976-5D833199DD12}C:\program files (x86)\starcraft ii\versions\base44983\sc2_x64.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base44983\sc2_x64.exe
FirewallRules: [TCP Query User{B2D44B2C-0FF6-44E6-867C-2D559AE571FC}C:\program files (x86)\starcraft ii\versions\base46154\sc2_x64.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base46154\sc2_x64.exe
FirewallRules: [UDP Query User{AC875072-0264-4BC2-8B3C-FFE6E713F76F}C:\program files (x86)\starcraft ii\versions\base46154\sc2_x64.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base46154\sc2_x64.exe
FirewallRules: [TCP Query User{977BB100-0188-4341-A2AF-7FEA48EBBA8C}C:\program files (x86)\starcraft ii\versions\base47185\sc2_x64.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base47185\sc2_x64.exe
FirewallRules: [UDP Query User{A44668C6-9C64-4F0E-BA0E-7A0C0D747763}C:\program files (x86)\starcraft ii\versions\base47185\sc2_x64.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base47185\sc2_x64.exe
FirewallRules: [TCP Query User{ABC0251F-84FC-40A3-A371-CA243B6962A8}C:\program files (x86)\starcraft ii\versions\base48258\sc2_x64.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base48258\sc2_x64.exe
FirewallRules: [UDP Query User{193A2525-DF7A-400C-956B-D9081E38A099}C:\program files (x86)\starcraft ii\versions\base48258\sc2_x64.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base48258\sc2_x64.exe
FirewallRules: [{C3282C1E-7659-4B8F-9257-8C4065A4CF85}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Metro 2033\metro2033.exe
FirewallRules: [{4094DA89-A5D7-41B7-9979-87027D6B63E2}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Metro 2033\metro2033.exe
FirewallRules: [{7F34928B-E98C-4557-B9FD-C43C8F454E36}] => (Allow) C:\Users\Tony\AppData\Local\Google\Chrome\Application\chrome.exe
FirewallRules: [{A8C5F1F1-0632-4501-858B-8F4EAF28BC27}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{F8A01D9A-62FA-414E-8633-0A428C33D8AB}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [TCP Query User{0737BDB7-CC86-4823-8569-F384F0DE07C1}C:\program files (x86)\starcraft ii\versions\base48645\sc2_x64.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base48645\sc2_x64.exe
FirewallRules: [UDP Query User{2E47101F-B9EE-40A1-B0DD-673A3513FB63}C:\program files (x86)\starcraft ii\versions\base48645\sc2_x64.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base48645\sc2_x64.exe
FirewallRules: [TCP Query User{BF700088-C7C9-4C29-9796-9DF866768570}C:\program files (x86)\starcraft ii\versions\base49716\sc2_x64.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base49716\sc2_x64.exe
FirewallRules: [UDP Query User{B28CBEFB-E374-4ABF-ABBE-CF46F5AF6C1E}C:\program files (x86)\starcraft ii\versions\base49716\sc2_x64.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base49716\sc2_x64.exe
FirewallRules: [TCP Query User{6CBF9D88-9686-4BFD-9827-3CCF443319D6}C:\program files (x86)\starcraft ii\versions\base51702\sc2_x64.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base51702\sc2_x64.exe
FirewallRules: [UDP Query User{E8209BB7-F5C4-4039-9AE1-B6CD618221B5}C:\program files (x86)\starcraft ii\versions\base51702\sc2_x64.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base51702\sc2_x64.exe
FirewallRules: [{ECBD7FF9-EB66-49B7-AD00-6118637642F2}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe
FirewallRules: [{50BDC76C-4F77-4EC5-8C07-A3256BE456A2}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe
FirewallRules: [{E1B890BD-27C8-4C69-B3BB-84C5833D4D6E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{02EE5E72-33B7-460B-A97E-922588FE8852}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{0E8C7CCB-7755-44D2-9E98-2A5168A96828}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{20C0F152-3640-4F0F-A452-A4DEC8622503}] => (Allow) C:\Program Files (x86)\VPN Unlimited\openvpn.exe
FirewallRules: [{11098611-6E18-47D7-8435-0C5423760E9E}] => (Allow) C:\Program Files (x86)\VPN Unlimited\openvpn.exe
FirewallRules: [TCP Query User{3E9152C0-E8D0-4AA3-A38F-F78C4A9282A4}C:\program files (x86)\starcraft ii\versions\base52910\sc2_x64.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base52910\sc2_x64.exe
FirewallRules: [UDP Query User{604F7706-5B5E-4B33-9893-92F6E8A5FA7B}C:\program files (x86)\starcraft ii\versions\base52910\sc2_x64.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base52910\sc2_x64.exe
FirewallRules: [TCP Query User{3946D6DD-7A22-4266-9003-AF26D1C384E2}C:\program files (x86)\starcraft ii\versions\base53644\sc2_x64.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base53644\sc2_x64.exe
FirewallRules: [UDP Query User{6C56C954-B03F-4194-A1D0-8EA475446390}C:\program files (x86)\starcraft ii\versions\base53644\sc2_x64.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base53644\sc2_x64.exe
FirewallRules: [{12C97139-C211-4F6E-95F3-C3D9E6901900}] => (Allow) C:\Program Files (x86)\Jawbone\JawboneUpdater.exe
FirewallRules: [{77FEE69C-518C-4419-8912-95F81EC0A9E2}] => (Allow) C:\Program Files (x86)\Jawbone\JawboneUpdater.exe
FirewallRules: [TCP Query User{2384408E-E408-4892-8816-FB3F44A08F00}C:\program files (x86)\starcraft ii\versions\base54518\sc2_x64.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base54518\sc2_x64.exe
FirewallRules: [UDP Query User{3B254439-68CD-4B2B-A94F-B166D57F65C9}C:\program files (x86)\starcraft ii\versions\base54518\sc2_x64.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base54518\sc2_x64.exe
FirewallRules: [TCP Query User{24682025-692D-4C09-9F00-13D4AA6DE9F0}C:\program files (x86)\starcraft\starcraft.exe] => (Allow) C:\program files (x86)\starcraft\starcraft.exe
FirewallRules: [UDP Query User{80B44FDE-CE38-4CEF-8E91-63FAF9FF8A96}C:\program files (x86)\starcraft\starcraft.exe] => (Allow) C:\program files (x86)\starcraft\starcraft.exe
FirewallRules: [TCP Query User{741F52C2-3AFD-4475-8B2D-ADF77AF3DBEE}C:\program files (x86)\starcraft ii\versions\base55505\sc2_x64.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base55505\sc2_x64.exe
FirewallRules: [UDP Query User{7ABAC158-CC3D-43A7-B6F2-D5A5F9CF6D3C}C:\program files (x86)\starcraft ii\versions\base55505\sc2_x64.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base55505\sc2_x64.exe
FirewallRules: [TCP Query User{0DCCC732-7C2E-4CE4-BD23-BF4B5E507B9A}C:\program files (x86)\starcraft ii\versions\base55958\sc2_x64.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base55958\sc2_x64.exe
FirewallRules: [UDP Query User{C9FE52E3-6FF9-46AB-9514-7D11BC31E127}C:\program files (x86)\starcraft ii\versions\base55958\sc2_x64.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base55958\sc2_x64.exe
FirewallRules: [TCP Query User{8D50237F-A830-47F6-AB45-DB2DD645F77B}C:\program files (x86)\starcraft ii\versions\base56787\sc2_x64.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base56787\sc2_x64.exe
FirewallRules: [UDP Query User{8D5BAE24-9EE4-4DAD-9CC8-17554736AB1C}C:\program files (x86)\starcraft ii\versions\base56787\sc2_x64.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base56787\sc2_x64.exe
FirewallRules: [TCP Query User{4ED4F737-EDBA-475C-B76B-2774F1591639}C:\program files (x86)\starcraft ii\versions\base57507\sc2_x64.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base57507\sc2_x64.exe
FirewallRules: [UDP Query User{75E7EB89-7D4A-4CCB-A121-62ECB1ED26CB}C:\program files (x86)\starcraft ii\versions\base57507\sc2_x64.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base57507\sc2_x64.exe
FirewallRules: [TCP Query User{825AE80E-4AFF-47FA-92B2-2254992342E5}C:\program files (x86)\ezviz studio\ezvizstudio.exe] => (Allow) C:\program files (x86)\ezviz studio\ezvizstudio.exe
FirewallRules: [UDP Query User{6F44D33C-7988-4F7F-AE66-AAA2D17B88FF}C:\program files (x86)\ezviz studio\ezvizstudio.exe] => (Allow) C:\program files (x86)\ezviz studio\ezvizstudio.exe
FirewallRules: [TCP Query User{8AE1EB9B-C2F8-459C-8830-CDE7AC11E9E3}C:\program files (x86)\starcraft ii\versions\base58400\sc2_x64.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base58400\sc2_x64.exe
FirewallRules: [UDP Query User{38EA4E55-A324-4615-A47E-54C7B6DC6A10}C:\program files (x86)\starcraft ii\versions\base58400\sc2_x64.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base58400\sc2_x64.exe
FirewallRules: [TCP Query User{7FCBD95E-A233-437C-8572-D0497269ED75}C:\program files (x86)\ezviz studio\ezvizstudio.exe] => (Allow) C:\program files (x86)\ezviz studio\ezvizstudio.exe
FirewallRules: [UDP Query User{142F4EC7-9381-4169-A17F-E56D51C53B0C}C:\program files (x86)\ezviz studio\ezvizstudio.exe] => (Allow) C:\program files (x86)\ezviz studio\ezvizstudio.exe
FirewallRules: [{D4BDB173-1DDB-4C75-94BD-1C5E53003866}] => (Allow) C:\Program Files (x86)\VPN Unlimited\vpn-unlimited.exe
FirewallRules: [{C9E9B489-8780-40D6-8E08-80019DC3F3BB}] => (Allow) C:\Program Files (x86)\VPN Unlimited\vpn-unlimited.exe
FirewallRules: [TCP Query User{E9A99166-3BC4-4456-8D92-49A9C67C4D0D}C:\program files (x86)\starcraft ii\versions\base60196\sc2_x64.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base60196\sc2_x64.exe
FirewallRules: [UDP Query User{B013799B-13C4-4902-8942-140F42C9D53A}C:\program files (x86)\starcraft ii\versions\base60196\sc2_x64.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base60196\sc2_x64.exe
FirewallRules: [TCP Query User{64E0CEF2-11AF-430F-81F7-842FEACB38A7}C:\program files (x86)\starcraft ii\versions\base60321\sc2_x64.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base60321\sc2_x64.exe
FirewallRules: [UDP Query User{89AE2755-5EA1-471C-AA8E-70B4C7F09E0D}C:\program files (x86)\starcraft ii\versions\base60321\sc2_x64.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base60321\sc2_x64.exe
FirewallRules: [TCP Query User{0DF09FFA-699E-4ECF-8FEA-CD7D6BE6FB8C}C:\program files (x86)\vpn unlimited\vpn-unlimited.exe] => (Allow) C:\program files (x86)\vpn unlimited\vpn-unlimited.exe
FirewallRules: [UDP Query User{BEAF2393-563D-4E11-85A1-85C9B210F20F}C:\program files (x86)\vpn unlimited\vpn-unlimited.exe] => (Allow) C:\program files (x86)\vpn unlimited\vpn-unlimited.exe
FirewallRules: [TCP Query User{B00BBDB5-C940-41BA-BE6A-CF31FCA26E7A}C:\program files (x86)\starcraft ii\versions\base60321\sc2_x64.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base60321\sc2_x64.exe
FirewallRules: [UDP Query User{70ACFB73-2993-459D-924A-F78EC4F052FE}C:\program files (x86)\starcraft ii\versions\base60321\sc2_x64.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base60321\sc2_x64.exe
FirewallRules: [TCP Query User{7346EE59-2327-41BB-8AB9-1BE1C71B485F}C:\program files (x86)\starcraft ii\versions\base62347\sc2_x64.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base62347\sc2_x64.exe
FirewallRules: [UDP Query User{05644EEC-524D-4E48-8A24-57281BD861E9}C:\program files (x86)\starcraft ii\versions\base62347\sc2_x64.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base62347\sc2_x64.exe
FirewallRules: [TCP Query User{28AD80B6-7A5C-4F58-9C04-64165FEC23E1}C:\program files (x86)\starcraft ii\versions\base62347\sc2_x64.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base62347\sc2_x64.exe
FirewallRules: [UDP Query User{DB86D642-0EB3-48F8-867A-A596E9EA8C13}C:\program files (x86)\starcraft ii\versions\base62347\sc2_x64.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base62347\sc2_x64.exe
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service
==================== Restore Points =========================
24-02-2018 21:24:15 Windows Update
28-02-2018 10:08:05 Windows Update
==================== Faulty Device Manager Devices =============
Name: Microsoft Virtual WiFi Miniport Adapter
Description: Microsoft Virtual WiFi Miniport Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: vwifimp
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Event log errors: =========================
Could not start eventlog service, could not read events.
The Windows Event Log service is starting.
The Windows Event Log service could not be started.
A system error has occurred.
The system cannot find message text for message number 0x1069 in the message file for (null).
More help is available by typing NET HELPMSG 4201.
==================== Memory info ===========================
Processor: Intel® Core i5-2550K CPU @ 3.40GHz
Percentage of memory in use: 31%
Total physical RAM: 8173.21 MB
Available physical RAM: 5569.36 MB
Total Virtual: 16344.59 MB
Available Virtual: 13005.7 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:931.41 GB) (Free:278.67 GB) NTFS
\\?\Volume{6e3c938c-843e-11e1-8978-806e6f6e6963}\ (System Reserved) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: E0D240D5)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=931.4 GB) - (Type=07 NTFS)
==================== End of Addition.txt ============================