Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Diskdriver and Win64Coinminer.CZ infection

coinminer diskdriver virus infection russian

  • Please log in to reply

#16
promithius

promithius

    Member

  • Topic Starter
  • Member
  • PipPip
  • 25 posts

I have tried 4 times to install the file you wanted me to download (Windows6.1-KB947821-v34-x64) but I am unable to and keep getting this:

Attached Thumbnails

  • Untitled-1.jpg

  • 0

Advertisements


#17
RKinner

RKinner

    Malware Expert

  • Expert
  • 24,598 posts
  • MVP

See if Windows Repair all in one will help:

 

http://www.tweaking....all_in_one.html

Download it where it says
Download Windows Repair Free/Pro - For Windows XP, Vista, 7, 8, 8.1, 10 (32 & 64 Bit)
Version 4.0.19 (05/17/2018)

Installer (35.88 MB)

 

and save it then run it.

 

Once it opens

Jump to Repairs

Make sure just these are checked before hitting Start:

Reset Registry Permissions
Reset File Permissions
Register System Files

Remove Policies Set By Infections
Unhide Non System Files
Repair Windows Updates

Reboot when done
Then see if the previous download will run.
 


  • 0

#18
promithius

promithius

    Member

  • Topic Starter
  • Member
  • PipPip
  • 25 posts

I'm about set to run the Windows Repair Tool but I do not see this entry: Unhide Non System Files.


  • 0

#19
RKinner

RKinner

    Malware Expert

  • Expert
  • 24,598 posts
  • MVP

Guess they took it away.  Go ahead with what you have.


  • 0

#20
promithius

promithius

    Member

  • Topic Starter
  • Member
  • PipPip
  • 25 posts

Alright, the Repair Tool fixed the issue with the Windows6.1-KB947821-v34-x64 file.

 

Here is the log from CheckSUR:

 

 
=================================
Checking System Update Readiness.
Binary Version 6.1.7601.22471
Package Version 26.0
2018-06-06 21:08
 
Checking Windows Servicing Packages
 
Checking Package Manifests and Catalogs
 
Checking Package Watchlist
 
Checking Component Watchlist
 
Checking Packages
 
Checking Component Store
 
Summary:
Seconds executed: 155
 No errors detected

  • 0

#21
RKinner

RKinner

    Malware Expert

  • Expert
  • 24,598 posts
  • MVP

Download the attached fixlist.txt to the same location as FRST

Attached File  fixlist.txt   214bytes   239 downloads

Run FRST and press Fix (System will reboot)
A fix log will be generated please post that


Run FRST again as before.  Make sure Addition.txt is checked and hit Scan.  Post both logs.
 

 

This clears the errors and will make it easy to see if the system is now happy with the sxs.dll file.


  • 0

#22
promithius

promithius

    Member

  • Topic Starter
  • Member
  • PipPip
  • 25 posts

Fixlog:

 

Fix result of Farbar Recovery Scan Tool (x64) Version: 06.06.2018 01
Ran by SkyNet (07-06-2018 20:24:06) Run:3
Running from C:\Users\SkyNet\Desktop
Loaded Profiles: SkyNet (Available Profiles: SkyNet)
Boot Mode: Normal
==============================================
 
fixlist content:
*****************
CMD: FOR /F "usebackq delims==" %i IN (`wevtutil el`) DO wevtutil cl "%i"
reboot:
 
 
 
 
 
 
 
 
 
 
 
 
*****************
 
 
========= FOR /F "usebackq delims==" %i IN (`wevtutil el`) DO wevtutil cl "%i" =========
 
 
========= End of CMD: =========
 
 
 
The system needed a reboot.
 
==== End of Fixlog 20:24:13 ====
 
 
 
FRST Log:
 
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 06.06.2018 01
Ran by SkyNet (administrator) on SKYNET-SYSTEMS (07-06-2018 20:27:52)
Running from C:\Users\SkyNet\Desktop
Loaded Profiles: SkyNet (Available Profiles: SkyNet)
Platform: Windows 7 Ultimate Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 8 (Default browser: "C:\Users\SkyNet\AppData\Local\Epic Privacy Browser\Application\epic.exe" -- "%1")
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(ESET) C:\Program Files\ESET\ESET Smart Security\ekrn.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
() C:\Program Files\pia_manager\pia_manager.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
() C:\Program Files (x86)\Paragon Software\HFS+ for Windows\apmwinsrv.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUSTek Computer Inc\Disk Unlocker\ASPFSVS64.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsusFanControlService\1.02.00\AsusFanControlService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(DTS, Inc) C:\Program Files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe
(Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Kinetic Jump Software, LLC) C:\Program Files (x86)\Common Files\AppLifeUpdateService2\kjsausvc.exe
(Nalpeiron Ltd.) C:\Windows\SysWOW64\nlssrv32.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
(Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
() C:\Program Files\Intel Driver Update Utility\SUR\SurSvc.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(hxxp://www.ruby-lang.org/) C:\Users\SkyNet\AppData\Local\Temp\ocr729F.tmp\bin\rubyw.exe
() C:\Program Files\pia_manager\pia_manager.exe
(hxxp://www.ruby-lang.org/) C:\Users\SkyNet\AppData\Local\Temp\ocrC705.tmp\bin\rubyw.exe
(The NWJS Community) C:\Program Files\pia_manager\nwjs\pia_nw.exe
(The NWJS Community) C:\Program Files\pia_manager\nwjs\pia_nw.exe
(The NWJS Community) C:\Program Files\pia_manager\nwjs\pia_nw.exe
(The NWJS Community) C:\Program Files\pia_manager\nwjs\pia_nw.exe
(The NWJS Community) C:\Program Files\pia_manager\nwjs\pia_nw.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
() C:\Program Files (x86)\RocketDock\RocketDock.exe
(Tonec Inc.) C:\Program Files (x86)\Internet Download Manager\IDMan.exe
(SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_YATINBE.EXE
(ESET) C:\Program Files\ESET\ESET Smart Security\egui.exe
(Epic Privacy Browser) C:\Users\SkyNet\AppData\Local\Epic Privacy Browser\Installer\EpicUpdate.exe
(Elaborate Bytes AG) C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(IObit) C:\Program Files (x86)\IObit\Driver Booster\4.0.4\Scheduler.exe
() C:\Program Files\Intel\SUR\QUEENCREEK\esrv.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
() C:\Program Files\pia_manager\openvpn.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMWsc.exe
(Hidden Reflex Authors) C:\Users\SkyNet\AppData\Local\Epic Privacy Browser\Application\epic.exe
(Hidden Reflex Authors) C:\Users\SkyNet\AppData\Local\Epic Privacy Browser\Application\epic.exe
(Hidden Reflex Authors) C:\Users\SkyNet\AppData\Local\Epic Privacy Browser\Application\epic.exe
(Hidden Reflex Authors) C:\Users\SkyNet\AppData\Local\Epic Privacy Browser\Application\epic.exe
(Hidden Reflex Authors) C:\Users\SkyNet\AppData\Local\Epic Privacy Browser\Application\epic.exe
(Hidden Reflex Authors) C:\Users\SkyNet\AppData\Local\Epic Privacy Browser\Application\epic.exe
(Hidden Reflex Authors) C:\Users\SkyNet\AppData\Local\Epic Privacy Browser\Application\epic.exe
(Hidden Reflex Authors) C:\Users\SkyNet\AppData\Local\Epic Privacy Browser\Application\epic.exe
(Hidden Reflex Authors) C:\Users\SkyNet\AppData\Local\Epic Privacy Browser\Application\epic.exe
(Hidden Reflex Authors) C:\Users\SkyNet\AppData\Local\Epic Privacy Browser\Application\epic.exe
(Hidden Reflex Authors) C:\Users\SkyNet\AppData\Local\Epic Privacy Browser\Application\epic.exe
(Hidden Reflex Authors) C:\Users\SkyNet\AppData\Local\Epic Privacy Browser\Application\epic.exe
(Hidden Reflex Authors) C:\Users\SkyNet\AppData\Local\Epic Privacy Browser\Application\epic.exe
(Tweaking.com) C:\Program Files (x86)\Tweaking.com\Windows Repair (All in One)\WR_Tray_Icon.exe
(IObit) C:\Program Files (x86)\IObit\Driver Booster\4.0.4\AutoUpdate.exe
 
==================== Registry (Whitelisted) ===========================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9246656 2018-05-27] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_DTS] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1505728 2018-05-27] (Realtek Semiconductor)
HKLM\...\Run: [Bluetooth Connection Assistant] => LBTWIZ.EXE -silent
HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayApp
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2397120 2016-08-25] (NVIDIA Corporation)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [316392 2018-05-11] (Adobe Systems, Incorporated)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Smart Security\ecmds.exe [178496 2018-04-19] (ESET)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [3643712 2018-06-04] (Dropbox, Inc.)
HKLM-x32\...\Run: [VirtualCloneDrive] => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [88984 2013-03-10] (Elaborate Bytes AG)
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [1087184 2016-01-20] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [421736 2012-03-06] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [588704 2018-03-28] (Oracle Corporation)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-407761387-3444271927-348064540-1000\...\Run: [RocketDock] => C:\Program Files (x86)\RocketDock\RocketDock.exe [495616 2007-09-02] ()
HKU\S-1-5-21-407761387-3444271927-348064540-1000\...\Run: [IDMan] => C:\Program Files (x86)\Internet Download Manager\IDMan.exe [4001848 2016-12-16] (Tonec Inc.)
HKU\S-1-5-21-407761387-3444271927-348064540-1000\...\Run: [EPLTarget\P0000000000000000] => C:\Windows\system32\spool\DRIVERS\x64\3\E_YATINBE.EXE [298560 2014-03-20] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-407761387-3444271927-348064540-1000\...\Run: [Epic Privacy Browser Installer] => C:\Users\SkyNet\AppData\Local\Epic Privacy Browser\Installer\EpicUpdate.exe [509096 2018-05-18] (Epic Privacy Browser)
HKU\S-1-5-21-407761387-3444271927-348064540-1000\...\MountPoints2: {e08f94a0-81e1-11e7-9180-7c5cf8efb1df} - O:\VerizonSWUpgradeAssistantLauncher.exe
Startup: C:\Users\SkyNet\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\privateinternetaccess - Shortcut.lnk [2016-11-01]
ShortcutTarget: privateinternetaccess - Shortcut.lnk -> C:\Program Files\pia_manager\privateinternetaccess.exe (No File)
GroupPolicy: Restriction ? <==== ATTENTION
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 209.222.18.222 209.222.18.218
Tcpip\..\Interfaces\{0106C499-AACA-48BE-AF96-B40332427A56}: [DhcpNameServer] 192.168.200.1
Tcpip\..\Interfaces\{7197BA45-B061-4503-A707-3ED2DFF23F36}: [DhcpNameServer] 209.222.18.222 209.222.18.218
Tcpip\..\Interfaces\{7D8893E0-C1FA-44BA-B6A2-3CD6574C780F}: [DhcpNameServer] 192.168.200.1
Tcpip\..\Interfaces\{BDF7F6CA-FCE0-463B-8573-872A301D511B}: [DhcpNameServer] 192.168.200.1
Tcpip\..\Interfaces\{C3273B72-6137-46B4-B56D-6577F37FD1CE}: [DhcpNameServer] 192.168.86.1
 
Internet Explorer:
==================
HKU\S-1-5-21-407761387-3444271927-348064540-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://us.yahoo.com/?fr=fp-comodo&type=42_25050004005_1.13.424807.562_u_hp
HKU\S-1-5-21-407761387-3444271927-348064540-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/?ocid=iehp
SearchScopes: HKU\S-1-5-21-407761387-3444271927-348064540-1000 -> DefaultScope {0AA24E16-07B3-4694-8357-3C21ACC5F516} URL = hxxps://us.search.yahoo.com/yhs/search?hspart=comodo&hsimp=yhs-com_chrome&type=42_25050004005_1.13.424807.562_u_ds&p={searchTerms}
SearchScopes: HKU\S-1-5-21-407761387-3444271927-348064540-1000 -> {0AA24E16-07B3-4694-8357-3C21ACC5F516} URL = hxxps://us.search.yahoo.com/yhs/search?hspart=comodo&hsimp=yhs-com_chrome&type=42_25050004005_1.13.424807.562_u_ds&p={searchTerms}
BHO: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll [2016-12-10] (Internet Download Manager, Tonec Inc.)
BHO-x32: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll [2016-12-10] (Internet Download Manager, Tonec Inc.)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_171\bin\ssv.dll [2018-04-20] (Oracle Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_171\bin\jp2ssv.dll [2018-04-20] (Oracle Corporation)
Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2010-11-20] (Microsoft Corporation)
Filter-x32: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2010-11-20] (Microsoft Corporation)
Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2010-11-20] (Microsoft Corporation)
Filter-x32: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2010-11-20] (Microsoft Corporation)
 
FireFox:
========
FF HKU\S-1-5-21-407761387-3444271927-348064540-1000\...\SeaMonkey\Extensions: [[email protected]] - C:\Users\SkyNet\AppData\Roaming\IDM\idmmzcc5
FF Extension: (IDM CC) - C:\Users\SkyNet\AppData\Roaming\IDM\idmmzcc5 [2018-06-07] [Legacy] [not signed]
FF HKU\S-1-5-21-407761387-3444271927-348064540-1000\...\SeaMonkey\Extensions: [[email protected]] - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi
FF Extension: (IDM integration) - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi [2016-11-16] [Legacy]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_27_0_0_130.dll [2017-09-12] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll [2013-01-24] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_27_0_0_130.dll [2017-09-12] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2012-03-06] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.171.2 -> C:\Program Files (x86)\Java\jre1.8.0_171\bin\dtplugin\npDeployJava1.dll [2018-04-20] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.171.2 -> C:\Program Files (x86)\Java\jre1.8.0_171\bin\plugin2\npjp2.dll [2018-04-20] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll [2013-01-24] ( Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-16] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-05-10] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-407761387-3444271927-348064540-1000: @updates.epicbrowser.com/Epic Privacy Browser Installer;version=3 -> C:\Users\SkyNet\AppData\Local\Epic Privacy Browser\Installer\1.3.27.13\npEpicUpdate3.dll [2018-05-18] (Epic Privacy Browser)
FF Plugin HKU\S-1-5-21-407761387-3444271927-348064540-1000: @updates.epicbrowser.com/Epic Privacy Browser Installer;version=9 -> C:\Users\SkyNet\AppData\Local\Epic Privacy Browser\Installer\1.3.27.13\npEpicUpdate3.dll [2018-05-18] (Epic Privacy Browser)
 
Chrome: 
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxp://drudgereport.com/
CHR StartupUrls: Default -> "hxxp://www.google.com"
CHR Profile: C:\Users\SkyNet\AppData\Local\Google\Chrome\User Data\Default [2018-06-03]
CHR Extension: (YouTube) - C:\Users\SkyNet\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-10-10]
CHR Extension: (Adblock Plus) - C:\Users\SkyNet\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2018-05-16]
CHR Extension: (Google Search) - C:\Users\SkyNet\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-10-10]
CHR Extension: (Notifier for Gmail™) - C:\Users\SkyNet\AppData\Local\Google\Chrome\User Data\Default\Extensions\dcjichoefijpinlfnjghokpkojhlhkgl [2018-05-02]
CHR Extension: (MightyText - SMS from PC & Text from Computer) - C:\Users\SkyNet\AppData\Local\Google\Chrome\User Data\Default\Extensions\dkfhfaphfkopdgpbfkebjfcblcafcmpi [2018-04-18]
CHR Extension: (Adobe Acrobat) - C:\Users\SkyNet\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-05-24]
CHR Extension: (uBlock) - C:\Users\SkyNet\AppData\Local\Google\Chrome\User Data\Default\Extensions\epcnnfbjfcgphgdmggkamkmgojdagdnn [2018-05-12]
CHR Extension: (Kindle Cloud Reader) - C:\Users\SkyNet\AppData\Local\Google\Chrome\User Data\Default\Extensions\icdipabjmbhpdkjaihfjoikhjjeneebd [2016-10-10]
CHR Extension: (Morpheon Dark) - C:\Users\SkyNet\AppData\Local\Google\Chrome\User Data\Default\Extensions\mafbdhjdkjnoafhfelkjpchpaepjknad [2018-02-21]
CHR Extension: (IDM Integration Module) - C:\Users\SkyNet\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngpampappnmepgilojfohadhhmbhlaek [2018-05-12]
CHR Extension: (Chrome Web Store Payments) - C:\Users\SkyNet\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-03]
CHR Extension: (Gmail) - C:\Users\SkyNet\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-10-10]
CHR Extension: (Chrome Media Router) - C:\Users\SkyNet\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-05-01]
CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2016-12-15]
CHR HKU\S-1-5-21-407761387-3444271927-348064540-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-407761387-3444271927-348064540-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [hcjjaajflhellmcfcecojihhmdbjmmlm] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2016-12-15]
 
==================== Services (Whitelisted) ====================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [2321384 2018-05-11] (Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2128872 2018-05-11] (Adobe Systems, Incorporated)
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2013-03-28] (Advanced Micro Devices, Inc.) [File not signed]
R2 apmwinsrv; C:\Program Files (x86)\Paragon Software\HFS+ for Windows\apmwinsrv.exe [1356624 2016-11-15] () [File not signed]
S2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe [920736 2013-09-17] ()
R2 ASDiskUnlocker; C:\Program Files (x86)\ASUSTek Computer Inc\Disk Unlocker\ASPFSVS64.exe [262816 2012-06-18] (ASUSTeK Computer Inc.)
R2 asHmComSvc; C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe [951936 2013-09-17] (ASUSTeK Computer Inc.)
R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe [149120 2012-02-16] (ASUSTeK Computer Inc.)
R2 AsusFanControlService; C:\Program Files (x86)\ASUS\AsusFanControlService\1.02.00\AsusFanControlService.exe [1632256 2012-11-09] (ASUSTeK Computer Inc.) [File not signed]
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2015-12-24] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2015-12-24] (Dropbox, Inc.)
R2 DbxSvc; C:\Windows\system32\DbxSvc.exe [51024 2018-06-04] (Dropbox, Inc.)
R2 DTSAudioSvc; C:\Program Files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe [249312 2017-12-20] (DTS, Inc)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [774272 2018-03-27] (EasyAntiCheat Ltd)
R2 ekrn; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [2240264 2018-04-19] (ESET)
R3 ekrnEpfw; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [2240264 2018-04-19] (ESET)
R2 EpsonScanSvc; C:\Windows\system32\EscSvc64.exe [144560 2012-05-17] (Seiko Epson Corporation)
S2 ESRV_SVC_QUEENCREEK; C:\Program Files\Intel\SUR\QUEENCREEK\esrv_svc.exe [805632 2016-11-17] ()
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1163712 2016-08-25] (NVIDIA Corporation)
R2 ibtsiva; C:\Windows\system32\ibtsiva.exe [183568 2017-06-30] (Intel Corporation)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 KjsUpdateService2; C:\Program Files (x86)\Common Files\AppLifeUpdateService2\kjsausvc.exe [12800 2012-04-18] (Kinetic Jump Software, LLC) [File not signed]
S2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6541008 2018-05-09] (Malwarebytes)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [273136 2013-06-13] ()
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1879488 2016-08-25] (NVIDIA Corporation)
R3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [3632576 2016-08-25] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2521024 2016-08-25] (NVIDIA Corporation)
R2 SystemUsageReportSvc_QUEENCREEK; C:\Program Files\Intel Driver Update Utility\SUR\SurSvc.exe [156928 2016-11-17] ()
S3 USER_ESRV_SVC_QUEENCREEK; C:\Program Files\Intel\SUR\QUEENCREEK\esrv_svc.exe [805632 2016-11-17] ()
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3376880 2013-06-13] (Intel® Corporation)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000 
 
===================== Drivers (Whitelisted) ======================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S3 AiChargerPlus; C:\Windows\SysWow64\drivers\AiChargerPlus.sys [14848 2013-01-28] (ASUSTek Computer Inc.)
R0 amdide64; C:\Windows\System32\drivers\amdide64.sys [11944 2016-07-12] (Advanced Micro Devices Inc.)
R0 apmwin; C:\Windows\System32\DRIVERS\apmwin.sys [37200 2016-09-23] (Paragon Software Group)
R3 ASFLTDrv.sys; C:\Program Files (x86)\ASUSTek Computer Inc\Disk Unlocker\ASFLTDrv64.sys [16512 2010-09-16] (ASUSTeK Computer Inc.)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2012-08-22] ()
R0 asstor64; C:\Windows\System32\drivers\asstor64.sys [83792 2015-06-17] (Asmedia Technology)
S3 ASUSFILTER; C:\Windows\SysWow64\drivers\ASUSFILTER.sys [46152 2011-09-20] (MCCI Corporation)
S3 Btcsrusb; C:\Windows\System32\Drivers\btcusb.sys [51264 2016-07-12] (IVT Corporation.)
R3 btmaudio; C:\Windows\System32\drivers\btmaud.sys [87864 2014-11-05] (Motorola Solutions, Inc.)
R3 btmaux; C:\Windows\System32\DRIVERS\btmaux.sys [141800 2015-05-12] (Motorola Solutions, Inc.)
R3 btmhsf; C:\Windows\System32\DRIVERS\btmhsf.sys [1560552 2017-12-20] (Motorola Solutions, Inc.)
S3 csvol; C:\Windows\System32\DRIVERS\csvol.sys [32080 2016-09-23] (Paragon Software Group)
S3 dg_ssudbus; C:\Windows\System32\DRIVERS\ssudbus.sys [131984 2017-12-20] (Samsung Electronics Co., Ltd.)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [137928 2018-04-12] (ESET)
R0 edevmon; C:\Windows\System32\DRIVERS\edevmon.sys [110432 2018-04-12] (ESET)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [196112 2018-04-12] (ESET)
R2 ekbdflt; C:\Windows\System32\DRIVERS\ekbdflt.sys [50136 2018-04-12] (ESET)
R1 epfw; C:\Windows\System32\DRIVERS\epfw.sys [82816 2018-04-12] (ESET)
R1 EpfwLWF; C:\Windows\System32\DRIVERS\EpfwLWF.sys [61520 2018-04-12] (ESET)
R1 epfwwfp; C:\Windows\system32\DRIVERS\epfwwfp.sys [108320 2018-04-12] (ESET)
R0 gpt_loader; C:\Windows\System32\DRIVERS\gpt_loader.sys [69456 2016-09-23] (Paragon Software Group)
S3 Hfsplus; C:\Windows\System32\DRIVERS\hfsplus.sys [213840 2016-09-23] (Paragon Software Group)
R3 HfsplusRec; C:\Windows\System32\DRIVERS\hfsplusrec.sys [23888 2016-09-23] (Paragon Software Group)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [27552 2016-07-12] (REALiX™)
R3 ibtusb; C:\Windows\System32\DRIVERS\ibtusb.sys [206344 2017-12-20] (Intel Corporation)
R0 mounthlp; C:\Windows\System32\DRIVERS\mounthlp.sys [50512 2016-09-23] (Paragon Software Group)
R3 NETwNs64; C:\Windows\System32\DRIVERS\Netwsw02.sys [3427848 2017-12-20] (Intel Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [26560 2016-08-25] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [50808 2017-12-20] (NVIDIA Corporation)
S3 Revoflt; C:\Windows\SysWOW64\DRIVERS\revoflt.sys [40240 2016-12-21] (VS Revo Group)
S3 ssudmdm; C:\Windows\System32\DRIVERS\ssudmdm.sys [166288 2017-12-20] (Samsung Electronics Co., Ltd.)
R1 VDiskBus; C:\Windows\System32\DRIVERS\VDiskBus64.sys [42656 2012-06-01] (ASUSTeK Computer Inc.)
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2018-06-07 20:27 - 2018-06-07 20:28 - 000025979 _____ C:\Users\SkyNet\Desktop\FRST.txt
2018-06-07 20:24 - 2018-06-07 20:24 - 000000638 _____ C:\Users\SkyNet\Desktop\Fixlog.txt
2018-06-07 20:23 - 2018-06-07 20:23 - 000000000 ____D C:\Users\SkyNet\Desktop\FRST-OlderVersion
2018-06-06 21:06 - 2018-06-06 21:06 - 000000000 ____D C:\Windows\CheckSur
2018-06-05 21:16 - 2018-06-05 21:16 - 000000207 _____ C:\Windows\tweaking.com-regbackup-SKYNET-SYSTEMS-Windows-7-Ultimate-(64-bit).dat
2018-06-05 21:16 - 2018-06-05 21:16 - 000000000 ____D C:\RegBackup
2018-06-05 21:15 - 2018-06-05 21:15 - 000003668 _____ C:\Windows\System32\Tasks\Tweaking.com - Windows Repair Tray Icon
2018-06-05 21:15 - 2018-06-05 21:15 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tweaking.com
2018-06-05 21:15 - 2018-06-05 21:15 - 000000000 ____D C:\Program Files (x86)\Tweaking.com
2018-06-05 21:14 - 2018-06-05 21:15 - 000194324 _____ C:\Windows\Tweaking.com - Windows Repair Setup Log.txt
2018-06-05 15:33 - 2018-06-05 15:33 - 000000910 _____ C:\Users\SkyNet\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Reinstall TAP Driver.lnk
2018-06-05 15:33 - 2018-06-05 15:33 - 000000878 _____ C:\Users\SkyNet\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Private Internet Access.lnk
2018-06-05 15:33 - 2018-06-05 15:33 - 000000863 _____ C:\Users\SkyNet\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Uninstall Private Internet Access.lnk
2018-06-05 15:33 - 2018-06-05 15:33 - 000000000 ____D C:\Users\SkyNet\AppData\Local\PrivateInternetAccess
2018-06-05 15:01 - 2018-06-05 15:01 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2018-06-04 00:18 - 2018-06-04 00:18 - 000051024 _____ (Dropbox, Inc.) C:\Windows\system32\DbxSvc.exe
2018-06-04 00:18 - 2018-06-04 00:18 - 000050232 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-dev.sys
2018-06-04 00:18 - 2018-06-04 00:18 - 000045672 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-canary.sys
2018-06-04 00:18 - 2018-06-04 00:18 - 000045640 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-stable.sys
2018-06-03 16:37 - 2018-06-03 16:37 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Speccy
2018-06-03 16:37 - 2018-06-03 16:37 - 000000000 ____D C:\Program Files\Speccy
2018-06-02 14:53 - 2018-06-02 14:53 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DiskCheckup
2018-06-02 14:53 - 2018-06-02 14:53 - 000000000 ____D C:\Program Files (x86)\DiskCheckup
2018-06-02 13:02 - 2018-06-07 20:23 - 000000000 ____D C:\Users\SkyNet\Desktop\New folder
2018-06-02 12:56 - 2018-06-02 12:58 - 000001074 _____ C:\VEW.txt
2018-06-02 12:36 - 2018-06-02 12:36 - 000000000 ____D C:\Windows\system32\windfn.exe
2018-06-02 12:36 - 2018-06-02 12:36 - 000000000 ____D C:\Windows\system32\StartupCheckLibrary.dll
2018-06-02 12:36 - 2018-06-02 12:36 - 000000000 ____D C:\Windows\system32\diskdriver.exe
2018-06-01 20:04 - 2018-06-01 20:04 - 000000000 ____D C:\Users\SkyNet\Desktop\save3dmgames
2018-06-01 17:20 - 2018-06-07 20:23 - 002413056 _____ (Farbar) C:\Users\SkyNet\Desktop\FRST64.exe
2018-05-30 17:01 - 2018-05-30 17:01 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2018-05-30 17:01 - 2018-04-26 05:36 - 000152184 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys
2018-05-30 17:00 - 2018-05-30 17:00 - 000000000 ____D C:\ProgramData\MB2Migration
2018-05-30 17:00 - 2018-05-30 17:00 - 000000000 ____D C:\Program Files\Malwarebytes
2018-05-30 16:35 - 2018-06-07 20:27 - 000000000 ____D C:\FRST
2018-05-30 16:34 - 2018-05-30 16:34 - 000000000 ____D C:\ProgramData\GridinSoft
2018-05-30 16:26 - 2018-05-30 16:26 - 000007619 _____ C:\Users\SkyNet\AppData\Local\Resmon.ResmonCfg
2018-05-29 17:21 - 2018-05-29 17:21 - 000000000 ____D C:\Windows\SysWOW64\AGEIA
2018-05-29 17:21 - 2018-05-29 17:21 - 000000000 ____D C:\Program Files (x86)\AGEIA Technologies
2018-05-28 15:54 - 2018-05-28 15:54 - 000000000 ____D C:\Program Files (x86)\EasyAntiCheat
2018-05-28 13:12 - 2018-05-28 13:12 - 000000000 ____D C:\Program Files\ESET
2018-05-27 18:23 - 2018-05-27 18:23 - 000000000 __SHD C:\ProgramData\DSS
2018-05-27 18:23 - 2018-05-27 18:23 - 000000000 ____D C:\Users\SkyNet\Documents\EA Games
2018-05-27 18:23 - 2018-05-27 18:23 - 000000000 ____D C:\ProgramData\Electronic Arts
2018-05-27 17:47 - 2018-05-27 17:47 - 015211584 _____ (Yamaha Corporation) C:\Windows\system32\YamahaAE3.dll
2018-05-27 17:47 - 2018-05-27 17:47 - 007178432 _____ (Dolby Laboratories) C:\Windows\system32\R4EEP64A.dll
2018-05-27 17:47 - 2018-05-27 17:47 - 007101704 _____ (Dolby Laboratories) C:\Windows\system32\DDPP64A.dll
2018-05-27 17:47 - 2018-05-27 17:47 - 006463128 _____ (Nahimic Inc) C:\Windows\system32\NAHIMICV3apo.dll
2018-05-27 17:47 - 2018-05-27 17:47 - 006270152 _____ (Dolby Laboratories) C:\Windows\system32\DDPP64AF3.dll
2018-05-27 17:47 - 2018-05-27 17:47 - 006105024 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHD64.sys
2018-05-27 17:47 - 2018-05-27 17:47 - 005938872 _____ (Nahimic Inc) C:\Windows\system32\NAHIMICV2apo.dll
2018-05-27 17:47 - 2018-05-27 17:47 - 005593576 _____ (Nahimic Inc) C:\Windows\system32\NAHIMICAPOlfx.dll
2018-05-27 17:47 - 2018-05-27 17:47 - 005346960 _____ (Dolby Laboratories) C:\Windows\system32\DolbyDAX2APOv211.dll
2018-05-27 17:47 - 2018-05-27 17:47 - 003571504 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RltkAPO64.dll
2018-05-27 17:47 - 2018-05-27 17:47 - 003509160 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkApi64.dll
2018-05-27 17:47 - 2018-05-27 17:47 - 003410288 _____ (DTS, Inc.) C:\Windows\system32\slcnt64.dll
2018-05-27 17:47 - 2018-05-27 17:47 - 003299776 _____ (Yamaha Corporation) C:\Windows\system32\YamahaAE2.dll
2018-05-27 17:47 - 2018-05-27 17:47 - 003205568 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtPgEx64.dll
2018-05-27 17:47 - 2018-05-27 17:47 - 003145872 _____ (Realtek Semiconductor Corp.) C:\Windows\SysWOW64\RltkAPO.dll
2018-05-27 17:47 - 2018-05-27 17:47 - 003121080 _____ (DTS, Inc.) C:\Windows\system32\sltech64.dll
2018-05-27 17:47 - 2018-05-27 17:47 - 002992144 _____ (Audyssey Labs) C:\Windows\system32\AudysseyEfx.dll
2018-05-27 17:47 - 2018-05-27 17:47 - 002922944 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoInstII64.dll
2018-05-27 17:47 - 2018-05-27 17:47 - 002444648 _____ (Dolby Laboratories) C:\Windows\system32\DolbyDAX2APOv201.dll
2018-05-27 17:47 - 2018-05-27 17:47 - 002190944 _____ (Yamaha Corporation) C:\Windows\system32\YamahaAE.dll
2018-05-27 17:47 - 2018-05-27 17:47 - 001971328 _____ (Dolby Laboratories) C:\Windows\system32\DDPD64A.dll
2018-05-27 17:47 - 2018-05-27 17:47 - 001965120 _____ (Dolby Laboratories) C:\Windows\system32\DDPD64AF3.dll
2018-05-27 17:47 - 2018-05-27 17:47 - 001780584 _____ (DTS) C:\Windows\system32\DTSS2SpeakerDLL64.dll
2018-05-27 17:47 - 2018-05-27 17:47 - 001591016 _____ (DTS) C:\Windows\system32\DTSS2HeadphoneDLL64.dll
2018-05-27 17:47 - 2018-05-27 17:47 - 001544216 _____ (Dolby Laboratories) C:\Windows\system32\DAX3APOProp.dll
2018-05-27 17:47 - 2018-05-27 17:47 - 001508896 _____ (DTS) C:\Windows\system32\DTSBoostDLL64.dll
2018-05-27 17:47 - 2018-05-27 17:47 - 001435104 _____ (Synopsys, Inc.) C:\Windows\system32\SRRPTR64.dll
2018-05-27 17:47 - 2018-05-27 17:47 - 001382200 _____ (TOSHIBA Corporation) C:\Windows\system32\tosade.dll
2018-05-27 17:47 - 2018-05-27 17:47 - 001372352 _____ (Dolby Laboratories) C:\Windows\system32\DAX3APOv251.dll
2018-05-27 17:47 - 2018-05-27 17:47 - 001353280 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTCOM64.dll
2018-05-27 17:47 - 2018-05-27 17:47 - 001337600 _____ (Toshiba Client Solutions Co., Ltd.) C:\Windows\system32\tossaeapo64.dll
2018-05-27 17:47 - 2018-05-27 17:47 - 001259688 _____ (Dolby Laboratories) C:\Windows\system32\DolbyDAX2APOvlldp.dll
2018-05-27 17:47 - 2018-05-27 17:47 - 001242440 _____ (Sound Research, Corp.) C:\Windows\system32\SEHDHF64.dll
2018-05-27 17:47 - 2018-05-27 17:47 - 001159144 _____ (Dolby Laboratories) C:\Windows\system32\DolbyDAX2APOProp.dll
2018-05-27 17:47 - 2018-05-27 17:47 - 001154912 _____ (Sound Research, Corp.) C:\Windows\system32\SECOMN64.dll
2018-05-27 17:47 - 2018-05-27 17:47 - 001105920 _____ (Sound Research, Corp.) C:\Windows\system32\SEHDRA64.dll
2018-05-27 17:47 - 2018-05-27 17:47 - 001009544 _____ (Sound Research, Corp.) C:\Windows\system32\SEAPO64.dll
2018-05-27 17:47 - 2018-05-27 17:47 - 001003816 _____ (Nahimic Inc) C:\Windows\system32\NahimicAPONSControl.dll
2018-05-27 17:47 - 2018-05-27 17:47 - 000986960 _____ (DTS, Inc.) C:\Windows\system32\sl3apo64.dll
2018-05-27 17:47 - 2018-05-27 17:47 - 000973568 _____ (Sound Research, Corp.) C:\Windows\SysWOW64\SEHDHF32.dll
2018-05-27 17:47 - 2018-05-27 17:47 - 000964984 _____ (Sony Corporation) C:\Windows\system32\SFSS_APO.dll
2018-05-27 17:47 - 2018-05-27 17:47 - 000899488 _____ (Sound Research, Corp.) C:\Windows\SysWOW64\SECOMN32.dll
2018-05-27 17:47 - 2018-05-27 17:47 - 000873424 _____ (TOSHIBA Corporation) C:\Windows\system32\tadefxapo264.dll
2018-05-27 17:47 - 2018-05-27 17:47 - 000852096 _____ (Toshiba Client Solutions Co., Ltd.) C:\Windows\system32\tosasfapo64.dll
2018-05-27 17:47 - 2018-05-27 17:47 - 000743928 _____ (DTS) C:\Windows\system32\DTSBassEnhancementDLL64.dll
2018-05-27 17:47 - 2018-05-27 17:47 - 000727400 _____ (DTS) C:\Windows\system32\DTSSymmetryDLL64.dll
2018-05-27 17:47 - 2018-05-27 17:47 - 000708272 _____ (DTS) C:\Windows\system32\DTSVoiceClarityDLL64.dll
2018-05-27 17:47 - 2018-05-27 17:47 - 000691640 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtDataProc64.dll
2018-05-27 17:47 - 2018-05-27 17:47 - 000688936 _____ (ICEpower a/s) C:\Windows\system32\ICEsoundAPO64.dll
2018-05-27 17:47 - 2018-05-27 17:47 - 000604752 _____ (Toshiba Client Solutions Co., Ltd.) C:\Windows\system32\tossaemaxapo64.dll
2018-05-27 17:47 - 2018-05-27 17:47 - 000532336 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSX64.dll
2018-05-27 17:47 - 2018-05-27 17:47 - 000504272 _____ (DTS) C:\Windows\system32\DTSNeoPCDLL64.dll
2018-05-27 17:47 - 2018-05-27 17:47 - 000467120 _____ (Synopsys, Inc.) C:\Windows\system32\SRAPO64.dll
2018-05-27 17:47 - 2018-05-27 17:47 - 000453240 _____ (Dolby Laboratories) C:\Windows\system32\R4EED64A.dll
2018-05-27 17:47 - 2018-05-27 17:47 - 000447144 _____ (Toshiba Client Solutions Co., Ltd.) C:\Windows\system32\toseaeapo64.dll
2018-05-27 17:47 - 2018-05-27 17:47 - 000445360 _____ (DTS) C:\Windows\system32\DTSLimiterDLL64.dll
2018-05-27 17:47 - 2018-05-27 17:47 - 000441224 _____ (DTS) C:\Windows\system32\DTSGainCompensatorDLL64.dll
2018-05-27 17:47 - 2018-05-27 17:47 - 000416472 _____ (Harman) C:\Windows\system32\HMUI.dll
2018-05-27 17:47 - 2018-05-27 17:47 - 000406416 _____ (Dolby Laboratories) C:\Windows\system32\HiFiDAX2APIPCLL.dll
2018-05-27 17:47 - 2018-05-27 17:47 - 000392832 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEP64A.dll
2018-05-27 17:47 - 2018-05-27 17:47 - 000381368 _____ (Synopsys, Inc.) C:\Windows\system32\SRCOM64.dll
2018-05-27 17:47 - 2018-05-27 17:47 - 000378344 _____ (Dolby Laboratories) C:\Windows\system32\HiFiDAX2API.dll
2018-05-27 17:47 - 2018-05-27 17:47 - 000367576 _____ (Dolby Laboratories) C:\Windows\system32\DDPO64AF3.dll
2018-05-27 17:47 - 2018-05-27 17:47 - 000366080 _____ (Windows ® Win 7 DDK provider) C:\Windows\system32\HMAPO.dll
2018-05-27 17:47 - 2018-05-27 17:47 - 000360304 _____ (Harman) C:\Windows\system32\HMClariFi.dll
2018-05-27 17:47 - 2018-05-27 17:47 - 000343672 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtlCPAPI64.dll
2018-05-27 17:47 - 2018-05-27 17:47 - 000341112 _____ (Synopsys, Inc.) C:\Windows\SysWOW64\SRCOM.dll
2018-05-27 17:47 - 2018-05-27 17:47 - 000341112 _____ (Synopsys, Inc.) C:\Windows\system32\SRCOM.dll
2018-05-27 17:47 - 2018-05-27 17:47 - 000332976 _____ (Dolby Laboratories) C:\Windows\system32\DDPO64A.dll
2018-05-27 17:47 - 2018-05-27 17:47 - 000327232 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DHT64.dll
2018-05-27 17:47 - 2018-05-27 17:47 - 000327232 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DAA64.dll
2018-05-27 17:47 - 2018-05-27 17:47 - 000315936 _____ (Dolby Laboratories) C:\Windows\system32\DDPA64F3.dll
2018-05-27 17:47 - 2018-05-27 17:47 - 000278232 _____ (Dolby Laboratories) C:\Windows\system32\DDPA64.dll
2018-05-27 17:47 - 2018-05-27 17:47 - 000258824 _____ (TODO: <Company name>) C:\Windows\system32\slprp64.dll
2018-05-27 17:47 - 2018-05-27 17:47 - 000253864 _____ (DTS) C:\Windows\system32\DTSGFXAPO64.dll
2018-05-27 17:47 - 2018-05-27 17:47 - 000253824 _____ (DTS) C:\Windows\system32\DTSLFXAPO64.dll
2018-05-27 17:47 - 2018-05-27 17:47 - 000252840 _____ (DTS) C:\Windows\system32\DTSGFXAPONS64.dll
2018-05-27 17:47 - 2018-05-27 17:47 - 000231880 _____ (Synopsys, Inc.) C:\Windows\system32\SFNHK64.dll
2018-05-27 17:47 - 2018-05-27 17:47 - 000221928 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSH64.dll
2018-05-27 17:47 - 2018-05-27 17:47 - 000220352 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEED64A.dll
2018-05-27 17:47 - 2018-05-27 17:47 - 000209496 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSHP64.dll
2018-05-27 17:47 - 2018-05-27 17:47 - 000203800 _____ (Harman) C:\Windows\system32\HMHVS.dll
2018-05-27 17:47 - 2018-05-27 17:47 - 000192944 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCfg64.dll
2018-05-27 17:47 - 2018-05-27 17:47 - 000190896 _____ (Harman) C:\Windows\system32\HMEQ_Voice.dll
2018-05-27 17:47 - 2018-05-27 17:47 - 000190896 _____ (Harman) C:\Windows\system32\HMEQ.dll
2018-05-27 17:47 - 2018-05-27 17:47 - 000179560 _____ (Harman) C:\Windows\system32\HMLimiter.dll
2018-05-27 17:47 - 2018-05-27 17:47 - 000166160 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSWOW64.dll
2018-05-27 17:47 - 2018-05-27 17:47 - 000158656 _____ (TOSHIBA Corporation) C:\Windows\system32\tadefxapo.dll
2018-05-27 17:47 - 2018-05-27 17:47 - 000157304 _____ (Dolby Laboratories) C:\Windows\system32\R4EEL64A.dll
2018-05-27 17:47 - 2018-05-27 17:47 - 000154328 _____ (Harman) C:\Windows\system32\HarmanAudioInterface.dll
2018-05-27 17:47 - 2018-05-27 17:47 - 000139720 _____ (Dolby Laboratories) C:\Windows\system32\R4EEA64A.dll
2018-05-27 17:47 - 2018-05-27 17:47 - 000122280 _____ (Real Sound Lab SIA) C:\Windows\system32\CONEQMSAPOGUILibrary.dll
2018-05-27 17:47 - 2018-05-27 17:47 - 000118552 _____ C:\Windows\system32\AcpiServiceVnA64.dll
2018-05-27 17:47 - 2018-05-27 17:47 - 000116504 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEL64A.dll
2018-05-27 17:47 - 2018-05-27 17:47 - 000105272 _____ C:\Windows\system32\audioLibVc.dll
2018-05-27 17:47 - 2018-05-27 17:47 - 000093864 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEG64A.dll
2018-05-27 17:47 - 2018-05-27 17:47 - 000090880 _____ (Synopsys, Inc.) C:\Windows\system32\SFCOM64.dll
2018-05-27 17:47 - 2018-05-27 17:47 - 000090136 _____ (Dolby Laboratories) C:\Windows\system32\R4EEG64A.dll
2018-05-27 17:47 - 2018-05-27 17:47 - 000088280 _____ (Synopsys, Inc.) C:\Windows\system32\SFAPO64.dll
2018-05-27 17:47 - 2018-05-27 17:47 - 000083584 _____ (Virage Logic Corporation / Sonic Focus) C:\Windows\SysWOW64\SFCOM.dll
2018-05-27 17:47 - 2018-05-27 17:47 - 000075504 _____ (TOSHIBA CORPORATION.) C:\Windows\system32\tepeqapo64.dll
2018-05-27 17:47 - 2018-05-27 17:47 - 000023656 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCoLDR64.dll
2018-05-27 17:46 - 2018-05-27 17:46 - 072520672 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoRes64.dat
2018-05-27 17:46 - 2018-05-27 17:46 - 015464151 _____ C:\Windows\system32\Drivers\RTAIODAT.DAT
2018-05-27 17:46 - 2018-05-27 17:46 - 003677120 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTSnMg64.cpl
2018-05-27 17:42 - 2018-05-27 17:42 - 000226280 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
2018-05-27 17:42 - 2018-05-27 17:42 - 000046064 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll
2018-05-27 17:40 - 2018-05-27 17:41 - 000000000 ____D C:\Windows\system32\unknown
2018-05-27 17:40 - 2018-05-27 17:40 - 040346984 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2018-05-27 17:40 - 2018-05-27 17:40 - 038468128 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2018-05-27 17:40 - 2018-05-27 17:40 - 035250776 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2018-05-27 17:40 - 2018-05-27 17:40 - 031271232 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2018-05-27 17:40 - 2018-05-27 17:40 - 030741024 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2018-05-27 17:40 - 2018-05-27 17:40 - 025984920 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2018-05-27 17:40 - 2018-05-27 17:40 - 020264848 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2018-05-27 17:40 - 2018-05-27 17:40 - 019009672 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2018-05-27 17:40 - 2018-05-27 17:40 - 017776824 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2018-05-27 17:40 - 2018-05-27 17:40 - 016973216 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2018-05-27 17:40 - 2018-05-27 17:40 - 015619736 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2018-05-27 17:40 - 2018-05-27 17:40 - 015189168 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2018-05-27 17:40 - 2018-05-27 17:40 - 013725744 _____ (NVIDIA Corporation) C:\Windows\system32\nvptxJitCompiler.dll
2018-05-27 17:40 - 2018-05-27 17:40 - 011271400 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvptxJitCompiler.dll
2018-05-27 17:40 - 2018-05-27 17:40 - 004046088 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2018-05-27 17:40 - 2018-05-27 17:40 - 003962272 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2018-05-27 17:40 - 2018-05-27 17:40 - 003495000 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2018-05-27 17:40 - 2018-05-27 17:40 - 001990688 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6439764.dll
2018-05-27 17:40 - 2018-05-27 17:40 - 001561536 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2018-05-27 17:40 - 2018-05-27 17:40 - 001467992 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6439764.dll
2018-05-27 17:40 - 2018-05-27 17:40 - 001417304 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2018-05-27 17:40 - 2018-05-27 17:40 - 001215424 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2018-05-27 17:40 - 2018-05-27 17:40 - 001157392 _____ (NVIDIA Corporation) C:\Windows\system32\nvfatbinaryLoader.dll
2018-05-27 17:40 - 2018-05-27 17:40 - 001091616 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2018-05-27 17:40 - 2018-05-27 17:40 - 000904712 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvfatbinaryLoader.dll
2018-05-27 17:40 - 2018-05-27 17:40 - 000626592 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2018-05-27 17:40 - 2018-05-27 17:40 - 000544472 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2018-05-27 17:40 - 2018-05-27 17:40 - 000518176 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2018-05-27 17:40 - 2018-05-27 17:40 - 000462648 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2018-05-27 17:40 - 2018-05-27 17:40 - 000420184 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2018-05-27 17:40 - 2018-05-27 17:40 - 000182776 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2018-05-27 17:40 - 2018-05-27 17:40 - 000165136 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2018-05-27 17:40 - 2018-05-27 17:40 - 000159896 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2018-05-27 17:40 - 2018-05-27 17:40 - 000142632 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2018-05-27 17:40 - 2018-05-27 17:40 - 000000669 _____ C:\Windows\SysWOW64\nv-vk32.json
2018-05-27 17:40 - 2018-05-27 17:40 - 000000669 _____ C:\Windows\system32\nv-vk64.json
2018-05-27 17:40 - 2018-05-27 17:40 - 000000000 ____D C:\Windows\system32\Drivers\NVIDIA Corporation
2018-05-27 13:45 - 2015-07-18 03:08 - 000984448 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll
2018-05-27 13:45 - 2015-07-18 03:08 - 000901264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll
2018-05-27 13:45 - 2015-07-18 03:08 - 000066400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-private-l1-1-0.dll
2018-05-27 13:45 - 2015-07-18 03:08 - 000063840 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll
2018-05-27 13:45 - 2015-07-18 03:08 - 000022368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-math-l1-1-0.dll
2018-05-27 13:45 - 2015-07-18 03:08 - 000020832 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
2018-05-27 13:45 - 2015-07-18 03:08 - 000019808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
2018-05-27 13:45 - 2015-07-18 03:08 - 000019808 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2018-05-27 13:45 - 2015-07-18 03:08 - 000017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-string-l1-1-0.dll
2018-05-27 13:45 - 2015-07-18 03:08 - 000017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-stdio-l1-1-0.dll
2018-05-27 13:45 - 2015-07-18 03:08 - 000017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
2018-05-27 13:45 - 2015-07-18 03:08 - 000017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2018-05-27 13:45 - 2015-07-18 03:08 - 000016224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2018-05-27 13:45 - 2015-07-18 03:08 - 000016224 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2018-05-27 13:45 - 2015-07-18 03:08 - 000015712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-convert-l1-1-0.dll
2018-05-27 13:45 - 2015-07-18 03:08 - 000015712 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2018-05-27 13:45 - 2015-07-18 03:08 - 000014176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-time-l1-1-0.dll
2018-05-27 13:45 - 2015-07-18 03:08 - 000014176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-2-0.dll
2018-05-27 13:45 - 2015-07-18 03:08 - 000014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
2018-05-27 13:45 - 2015-07-18 03:08 - 000014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-2-0.dll
2018-05-27 13:45 - 2015-07-18 03:08 - 000013664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
2018-05-27 13:45 - 2015-07-18 03:08 - 000013664 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2018-05-27 13:45 - 2015-07-18 03:08 - 000012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-process-l1-1-0.dll
2018-05-27 13:45 - 2015-07-18 03:08 - 000012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll
2018-05-27 13:45 - 2015-07-18 03:08 - 000012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-conio-l1-1-0.dll
2018-05-27 13:45 - 2015-07-18 03:08 - 000012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll
2018-05-27 13:45 - 2015-07-18 03:08 - 000012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2018-05-27 13:45 - 2015-07-18 03:08 - 000012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2018-05-27 13:45 - 2015-07-18 03:08 - 000012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-utility-l1-1-0.dll
2018-05-27 13:45 - 2015-07-18 03:08 - 000012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll
2018-05-27 13:45 - 2015-07-18 03:08 - 000012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-environment-l1-1-0.dll
2018-05-27 13:45 - 2015-07-18 03:08 - 000012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-2-0.dll
2018-05-27 13:45 - 2015-07-18 03:08 - 000012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-1.dll
2018-05-27 13:45 - 2015-07-18 03:08 - 000012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2018-05-27 13:45 - 2015-07-18 03:08 - 000012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2018-05-27 13:45 - 2015-07-18 03:08 - 000012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2018-05-27 13:45 - 2015-07-18 03:08 - 000012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-2-0.dll
2018-05-27 13:45 - 2015-07-18 03:08 - 000012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-1.dll
2018-05-27 13:45 - 2015-07-18 03:08 - 000011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-eventing-provider-l1-1-0.dll
2018-05-27 13:45 - 2015-07-18 03:08 - 000011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l2-1-0.dll
2018-05-27 13:45 - 2015-07-18 03:08 - 000011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-timezone-l1-1-0.dll
2018-05-27 13:45 - 2015-07-18 03:08 - 000011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l2-1-0.dll
2018-05-27 13:45 - 2015-07-18 03:08 - 000011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-2-0.dll
2018-05-27 13:45 - 2015-07-18 03:08 - 000011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-eventing-provider-l1-1-0.dll
2018-05-27 13:45 - 2015-07-18 03:08 - 000011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l2-1-0.dll
2018-05-27 13:45 - 2015-07-18 03:08 - 000011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-timezone-l1-1-0.dll
2018-05-27 13:45 - 2015-07-18 03:08 - 000011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l2-1-0.dll
2018-05-27 13:45 - 2015-07-18 03:08 - 000011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-2-0.dll
2018-05-27 13:32 - 2018-04-29 05:27 - 000024512 _____ C:\Windows\system32\7B296FC0-376B-497d-B013-58F4D9633A22-5P-1.B5841A4C-A289-439d-8115-50AB69CD450B
2018-05-27 13:32 - 2018-01-28 13:09 - 000000000 _____ C:\Windows\system32\setup4.2.6.tmp
2018-05-25 17:06 - 2018-05-25 17:06 - 000000000 ____D C:\Users\SkyNet\AppData\Roaming\EasyAntiCheat
2018-05-18 16:07 - 2018-05-18 16:08 - 000000000 ____D C:\Users\SkyNet\Documents\Flight Simulator X Files
2018-05-18 09:50 - 2018-05-18 09:50 - 000002384 _____ C:\Users\SkyNet\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Epic Privacy Browser.lnk
2018-05-18 09:49 - 2018-05-18 09:50 - 000000000 ____D C:\Users\SkyNet\AppData\Local\Epic Privacy Browser
2018-05-18 09:49 - 2018-05-18 09:49 - 000000000 ____D C:\ProgramData\Epic Privacy Browser
2018-05-09 21:22 - 2018-05-09 21:22 - 000000000 ____D C:\Users\SkyNet\AppData\Local\bunkus.org
2018-05-09 21:22 - 2018-05-09 21:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MKVToolNix 23
2018-05-09 21:22 - 2018-05-09 21:22 - 000000000 ____D C:\Program Files\MKVToolNix 23
2018-05-09 20:58 - 2018-05-09 20:58 - 000000000 ____D C:\Users\SkyNet\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HandBrake Nightly
2018-05-09 20:58 - 2018-05-09 20:58 - 000000000 ____D C:\Users\SkyNet\AppData\Roaming\HandBrake
2018-05-09 20:58 - 2018-05-09 20:58 - 000000000 ____D C:\Program Files\HandBrake Nightly
2018-05-09 20:56 - 2018-05-09 20:56 - 004296704 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_47.dll
2018-05-09 20:56 - 2018-05-09 20:56 - 003550208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_47.dll
2018-05-09 19:01 - 2018-05-09 19:01 - 000000000 ____D C:\Users\SkyNet\AppData\Roaming\iDealshare VideoGo 5
2018-05-09 18:57 - 2018-05-09 18:57 - 000000000 ____D C:\Users\SkyNet\AppData\Roaming\iDealshare VideoGo 6
2018-05-09 12:02 - 2018-05-09 12:02 - 000000000 _____ C:\Windows\system32\dir
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2018-06-07 20:25 - 2017-01-11 19:06 - 000000000 ____D C:\ProgramData\NVIDIA
2018-06-07 20:25 - 2009-07-13 19:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2018-06-07 20:24 - 2015-12-29 09:36 - 000000000 ____D C:\Users\SkyNet\AppData\Roaming\DMCache
2018-06-07 20:22 - 2015-12-24 08:48 - 000000000 ____D C:\Incoming
2018-06-07 20:12 - 2015-12-23 09:34 - 000002224 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-06-07 20:07 - 2009-07-13 19:13 - 000794646 _____ C:\Windows\system32\PerfStringBackup.INI
2018-06-07 20:07 - 2009-07-13 18:45 - 000028976 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2018-06-07 20:07 - 2009-07-13 18:45 - 000028976 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2018-06-07 20:07 - 2009-07-13 17:20 - 000000000 ____D C:\Windows\inf
2018-06-06 21:04 - 2016-10-10 11:58 - 000416816 _____ C:\Users\SkyNet\AppData\Local\GDIPFONTCACHEV1.DAT
2018-06-06 21:03 - 2016-04-13 11:05 - 000000398 __RSH C:\ProgramData\ntuser.pol
2018-06-06 21:03 - 2009-07-13 18:45 - 005920168 _____ C:\Windows\system32\FNTCACHE.DAT
2018-06-06 20:59 - 2009-07-13 16:34 - 000000514 _____ C:\Windows\win.ini
2018-06-06 20:37 - 2017-09-28 17:26 - 000000000 ____D C:\Users\SkyNet\AppData\Roaming\brave
2018-06-05 21:23 - 2017-01-12 18:28 - 000000000 ____D C:\Users\SkyNet\AppData\Local\CrashDumps
2018-06-05 21:23 - 2015-12-23 21:32 - 000000000 ____D C:\Users\SkyNet\AppData\Roaming\tixati
2018-06-05 17:48 - 2015-12-24 08:31 - 000000000 ___RD C:\Users\SkyNet\Dropbox
2018-06-05 15:33 - 2016-03-20 12:45 - 000003230 _____ C:\Windows\System32\Tasks\Private Internet Access Startup
2018-06-05 15:33 - 2016-03-20 12:45 - 000000000 ____D C:\Program Files\pia_manager
2018-06-05 15:01 - 2015-12-24 08:29 - 000000000 ____D C:\Program Files (x86)\Dropbox
2018-06-04 20:58 - 2018-05-02 22:08 - 000013312 _____ C:\Users\SkyNet\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2018-06-02 12:49 - 2009-07-13 17:20 - 000000000 ____D C:\Program Files (x86)\Windows NT
2018-06-01 21:45 - 2017-03-18 17:08 - 000000000 ____D C:\Users\SkyNet\AppData\Local\Fallout4
2018-06-01 20:07 - 2016-10-26 17:45 - 000000000 ____D C:\Windows\SysWOW64\directx
2018-05-31 19:21 - 2018-01-27 17:40 - 000000000 ____D C:\ProgramData\XLN Audio
2018-05-31 19:21 - 2018-01-27 17:40 - 000000000 ____D C:\Program Files\XLN Audio
2018-05-31 19:20 - 2018-01-27 17:39 - 000000000 ____D C:\Users\SkyNet\Documents\XLN Online Installer
2018-05-31 18:40 - 2015-12-23 20:04 - 000000000 ____D C:\Program Files (x86)\ASUS
2018-05-31 18:40 - 2015-12-23 20:01 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS
2018-05-31 18:40 - 2015-12-23 19:50 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2018-05-31 15:50 - 2015-12-23 20:23 - 001048576 _____ C:\Windows\PE_Rom.dll
2018-05-30 17:00 - 2015-12-24 08:10 - 000000000 ____D C:\ProgramData\Malwarebytes
2018-05-30 17:00 - 2015-12-24 08:10 - 000000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2018-05-29 17:21 - 2017-01-11 19:06 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2018-05-28 15:37 - 2017-12-28 09:24 - 000000000 ____D C:\Program Files\Rockstar Games
2018-05-28 15:37 - 2017-12-28 09:24 - 000000000 ____D C:\Program Files (x86)\Rockstar Games
2018-05-27 17:49 - 2009-07-13 19:32 - 000000000 ____D C:\Program Files\Windows Defender
2018-05-27 17:47 - 2016-12-24 19:51 - 000000000 ____D C:\Windows\system32\DAX3
2018-05-27 17:47 - 2016-10-10 16:36 - 000000000 ____D C:\Windows\system32\DAX2
2018-05-27 17:47 - 2016-10-10 11:32 - 000000000 ____D C:\Windows\SysWOW64\RTCOM
2018-05-27 17:42 - 2017-01-11 19:04 - 001688104 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco6420103.dll
2018-05-27 17:40 - 2017-01-12 19:12 - 000505928 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2018-05-27 17:40 - 2017-01-11 19:04 - 023241960 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2018-05-27 17:40 - 2017-01-11 19:04 - 004573960 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2018-05-27 17:40 - 2017-01-11 19:04 - 000041598 _____ C:\Windows\system32\nvinfo.pb
2018-05-27 17:30 - 2016-07-12 16:43 - 000000000 ____D C:\ProgramData\ProductData
2018-05-27 17:29 - 2016-10-10 16:46 - 000002900 _____ C:\Windows\System32\Tasks\Driver Booster SkipUAC (SkyNet)
2018-05-27 13:45 - 2015-12-23 20:55 - 000000000 ____D C:\ProgramData\Package Cache
2018-05-25 17:07 - 2015-12-28 17:56 - 000000000 ____D C:\Users\SkyNet\Documents\My Games
2018-05-24 13:53 - 2017-09-28 17:26 - 000000000 ____D C:\Users\SkyNet\AppData\Local\brave
2018-05-20 12:54 - 2016-07-12 12:45 - 000000000 ____D C:\Users\SkyNet\AppData\Local\ElevatedDiagnostics
2018-05-19 22:14 - 2016-07-05 18:12 - 000000000 ____D C:\Users\SkyNet\AppData\Local\CAPCOM
2018-05-19 09:32 - 2018-05-06 16:15 - 000000000 ____D C:\Users\SkyNet\Desktop\100NCD90
2018-05-18 16:17 - 2015-12-24 08:29 - 000003904 _____ C:\Windows\System32\Tasks\DropboxUpdateTaskMachineUA
2018-05-18 16:17 - 2015-12-24 08:29 - 000003652 _____ C:\Windows\System32\Tasks\DropboxUpdateTaskMachineCore
2018-05-18 16:07 - 2009-07-13 19:32 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2018-05-18 16:02 - 2016-10-23 18:55 - 000000000 ____D C:\Program Files (x86)\Microsoft Games
2018-05-16 18:37 - 2015-12-23 09:33 - 000003332 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2018-05-16 18:37 - 2015-12-23 09:33 - 000003204 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2018-05-15 18:38 - 2017-05-16 11:32 - 000004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2018-05-15 18:38 - 2017-05-16 11:32 - 000002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2018-05-14 20:18 - 2017-12-21 19:01 - 000000000 ____D C:\Users\SkyNet\Documents\Manuals
2018-05-14 20:18 - 2016-10-18 22:37 - 000000000 ____D C:\Users\SkyNet\Documents\PDFs
2018-05-09 20:54 - 2016-10-10 11:34 - 000786820 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
 
==================== Files in the root of some directories =======
 
2017-05-06 17:54 - 2017-05-06 17:54 - 000000087 _____ () C:\Users\SkyNet\AppData\Roaming\1de0de73-de3e-46c6-81b0-f6455f081644
2018-01-12 21:12 - 2018-01-12 21:12 - 000000171 _____ () C:\Users\SkyNet\AppData\Roaming\1eb766f2-fed1-4d33-9c39-2c8a972fd11f
2018-01-12 21:12 - 2018-01-12 21:12 - 000000304 _____ () C:\Users\SkyNet\AppData\Roaming\4e93aa11-2d46-4980-a421-0a4ac759e5bf
2018-01-12 21:12 - 2018-01-12 21:12 - 000000175 _____ () C:\Users\SkyNet\AppData\Roaming\fc19ece2-6b3f-4f22-8758-9651ab9ca388
2017-01-26 17:41 - 2017-01-26 17:42 - 000001456 _____ () C:\Users\SkyNet\AppData\Local\Adobe Save for Web 13.0 Prefs
2018-05-02 22:08 - 2018-06-04 20:58 - 000013312 _____ () C:\Users\SkyNet\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2018-05-30 16:26 - 2018-05-30 16:26 - 000007619 _____ () C:\Users\SkyNet\AppData\Local\Resmon.ResmonCfg
2017-03-02 21:07 - 2017-03-02 21:07 - 000000000 _____ () C:\Users\SkyNet\AppData\Local\{86098965-5FBF-4491-9F48-24AD67142EBD}
2017-01-14 12:42 - 2017-01-14 12:42 - 000000000 _____ () C:\Users\SkyNet\AppData\Local\{F371B246-82C8-4076-8EF4-244595164BBE}
 
Some zero byte size files/folders:
==========================
C:\Windows\System32\diskdriver.exe
C:\Windows\System32\StartupCheckLibrary.dll
C:\Windows\System32\windfn.exe
 
==================== Bamital & volsnap ======================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
 
LastRegBack: 2018-05-28 16:30
 
==================== End of FRST.txt ============================
 
 
 
Addition Text:
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 06.06.2018 01
Ran by SkyNet (07-06-2018 20:28:17)
Running from C:\Users\SkyNet\Desktop
Windows 7 Ultimate Service Pack 1 (X64) (2016-10-10 21:58:01)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-407761387-3444271927-348064540-500 - Administrator - Disabled)
ASPNET (S-1-5-21-407761387-3444271927-348064540-1006 - Limited - Enabled)
Guest (S-1-5-21-407761387-3444271927-348064540-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-407761387-3444271927-348064540-1008 - Limited - Enabled)
SkyNet (S-1-5-21-407761387-3444271927-348064540-1000 - Administrator - Enabled) => C:\Users\SkyNet
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Malwarebytes (Disabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AV: ESET Internet Security (Enabled - Up to date) {EC1D6F37-E411-475A-DF50-12FF7FE4AC70}
AS: ESET Internet Security (Enabled - Up to date) {577C8ED3-C22B-48D4-E5E0-298D0463E6CD}
AS: Malwarebytes (Disabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: ESET Firewall (Enabled) {D426EE12-AE7E-4602-F40F-BBCA8137EB0B}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
. . . (HKLM\...\{DCAFF63A-A26F-4809-A00D-27AD6733ACB3}) (Version: 2.1.28.3 - Intel) Hidden
. . . (HKLM-x32\...\{C7B0C705-9987-44A2-B495-4101DAEDBFE0}) (Version: 2.6.2.4 - Intel) Hidden
300 Modpack 2.1 (HKLM-x32\...\300 Modpack 2.1) (Version:  - )
7-Zip 15.12 (HKLM-x32\...\7-Zip) (Version: 15.12 - Igor Pavlov)
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 18.011.20040 - Adobe Systems Incorporated)
Adobe Audition 1.5 (HKLM-x32\...\{86EF9FC4-F209-4520-B7E1-C7FF0EEBDFFF}) (Version: 1.5 - Adobe Systems)
Adobe Bridge CC (64 Bit) (HKLM-x32\...\{359F8007-6486-429C-A8C5-D67F6897C88C}) (Version: 6.1.1 - Adobe Systems Incorporated)
Adobe Flash Player 27 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 27.0.0.130 - Adobe Systems Incorporated)
Adobe Flash Player 27 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 27.0.0.130 - Adobe Systems Incorporated)
Adobe Flash Player 27 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 27.0.0.183 - Adobe Systems Incorporated)
Adobe Photoshop CC 2015 (HKLM-x32\...\{793C2BF7-A4FE-4608-91C9-9282C5801C21}) (Version: 16.0 - Adobe Systems Incorporated)
Adobe Premiere Pro CC 2015 (HKLM-x32\...\{38C72D42-0672-43B1-9E05-E7631684F9A1}) (Version: 9.0.0 - Adobe Systems Incorporated)
Age of Mythology Gold Edition 1.00 (HKLM-x32\...\Age of Mythology Gold Edition 1.00) (Version:  - )
Aliens vs. Predator (HKLM-x32\...\Aliens vs. Predator_R.G. Mechanics_is1) (Version:  - R.G. Mechanics, spider91)
AMD Catalyst Install Manager (HKLM\...\{5DDB9EF7-1BC0-C9C1-9829-6B9CF68AC357}) (Version: 8.0.903.0 - Advanced Micro Devices, Inc.)
Ansel (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Ansel) (Version: 376.33 - NVIDIA Corporation) Hidden
Apple Application Support (HKLM-x32\...\{63EC2120-1742-4625-AA47-C6A8AEC9C64C}) (Version: 2.2.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{7446FE8D-C1F9-4D42-AAAE-5DBCE58605A6}) (Version: 6.0.0.59 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Asmedia ASM104x USB 3.0 Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.16.12.0 - Asmedia Technology)
Asmedia ASM106x SATA Host Controller Driver (HKLM-x32\...\{61942EF5-2CD8-47D4-869C-2E9A8BB085F1}) (Version: 2.0.8.0000 - Asmedia Technology)
Asmedia ASM106x SATA Host Controller Driver (HKLM-x32\...\{DF6C3726-7E53-4772-9763-E9F147769F51}) (Version: 3.1.6.0000 - Asmedia Technology)
ASUS GPU TweakII (HKLM-x32\...\{0075AAC2-EA9F-490E-83F7-5D5F81EB2A43}) (Version: 1.4.0.8 - ASUSTek COMPUTER INC.) Hidden
ASUS GPU TweakII (HKLM-x32\...\InstallShield_{0075AAC2-EA9F-490E-83F7-5D5F81EB2A43}) (Version: 1.4.0.8 - ASUSTek COMPUTER INC.)
Battlefield 1 v.версия 1.0.u3 (HKLM-x32\...\Battlefield 1_is1) (Version:  - )
BleachBit (HKLM-x32\...\BleachBit) (Version: 2.0 - BleachBit)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Brave (HKU\S-1-5-21-407761387-3444271927-348064540-1000\...\Brave) (Version: 0.22.721 - Brave Software)
Bridge Commander MW (HKLM-x32\...\{304D46E1-364B-45AB-9170-53E200DB4E85}) (Version: 1.1.0000 - Activision) Hidden
Bridge Commander MW (HKLM-x32\...\InstallShield_{304D46E1-364B-45AB-9170-53E200DB4E85}) (Version: 1.1.0000 - Activision)
Call of Duty Modern Warfare Remastered (HKLM-x32\...\Call of Duty Modern Warfare Remastered_is1) (Version:  - )
Call Of Duty World At War version 1.7.1263.0 (HKLM-x32\...\Call Of Duty World At War_is1) (Version: 1.7.1263.0 - Mr DJ)
CPUID CPU-Z 1.82.1 (HKLM\...\CPUID CPU-Z_is1) (Version: 1.82.1 - ) <==== ATTENTION
Crysis (HKLM-x32\...\1809223221_is1) (Version: 2.0.0.7 - GOG.com)
Crysis version 1.21.0.0 (HKLM-x32\...\Crysis_is1) (Version: 1.21.0.0 - Mr DJ)
Crysis Warhead version 1.1.0.0 (HKLM-x32\...\Crysis Warhead_is1) (Version: 1.1.0.0 - Mr DJ)
CRYZENX 1.00 (HKLM-x32\...\CRYZENX 1.00) (Version:  - )
Dirt.4.v1.04-ENG.repack version 1.04 (HKLM-x32\...\{32FFCB8E-23C9-435F-AFC0-7CE64F696FC2}}_is1) (Version: 1.04 - Ali213.net)
Disk Unlocker (HKLM-x32\...\{AE4DB5AB-CD91-4D63-8AD5-33EBADCCC4F2}) (Version: 2.1.3 - ASUSTek Computer Inc.)
DiskCheckup v3.3 (HKLM-x32\...\DiskCheckup_is1) (Version: 3.3.1000 - PassMark Software)
Dragon UnPACKer 5 (HKLM-x32\...\DragonUnPACKer5_is1) (Version: 5.6.2 Exedra Chac - Alexandre Devilliers (aka Elbereth))
Driver Booster 4.0 (HKLM-x32\...\Driver Booster_is1) (Version: 4.0.4 - IObit)
Dropbox (HKLM-x32\...\Dropbox) (Version: 51.4.66 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.75.1 - Dropbox, Inc.) Hidden
DVD Shrink 3.2 (HKLM-x32\...\DVD Shrink_is1) (Version:  - DVD Shrink)
Dying Light (HKLM-x32\...\Dying Light_is1) (Version: 1.3.0 - Релиз от R.G. Steamgames)
Easy Photo Scan (HKLM-x32\...\{BB6241FF-8B76-45A5-95B9-888EDE8E47DC}) (Version: 1.00.0010 - Seiko Epson Corporation)
Epic Privacy Browser (HKU\S-1-5-21-407761387-3444271927-348064540-1000\...\Epic) (Version: 62.0.3202.94 - Epic)
Epson Event Manager (HKLM-x32\...\{9F205E94-9E42-4486-A92A-DF3F6CB85444}) (Version: 3.10.0061 - Seiko Epson Corporation)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version:  - Seiko Epson Corporation)
Epson Software Updater (HKLM-x32\...\{B55DB65D-EF6E-4E04-89D5-B03603BF681B}) (Version: 4.4.5 - SEIKO EPSON CORPORATION)
EPSON XP-320 Series Printer Uninstall (HKLM\...\EPSON XP-320 Series) (Version:  - SEIKO EPSON Corporation)
Epson XP-320 User’s Guide version 1.0 (HKLM-x32\...\UsersGuideEpson XP-320 User’s Guide_is1) (Version: 1.0 - )
EpsonNet Print (HKLM\...\{96ED1D58-440C-4345-8FEE-C4781366C67F}) (Version: 3.1.4.0 - SEIKO EPSON Corporation)
ESET Security (HKLM\...\{BEFBE0CD-6723-4D98-8263-9A2C376BC6CD}) (Version: 11.1.54.0 - ESET, spol. s r.o.)
Far Cry 3 (HKLM-x32\...\Far Cry 3_R.G. Mechanics_is1) (Version:  - R.G. Mechanics, spider91)
Far Cry Primal (HKLM-x32\...\{80BD47AF-CF13-49B2-99BF-7E78FBA26124}_is1) (Version:  - Ubisoft)
FlacSquisher 1.3.6 (HKLM-x32\...\FlacSquisher) (Version: 1.3.6 - FlacSquisher)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 67.0.3396.79 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.17 - Google Inc.) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.21.115 - Google Inc.) Hidden
Grand Theft Auto V (HKLM-x32\...\R3JhbmRUaGVmdEF1dG9W_is1) (Version: 1 - )
Halo 2 for Windows Vista (HKLM-x32\...\{0CA38F52-F0FA-4B9F-8A36-EC8A9609FBBC}) (Version: 1.0.0.0 - Microsoft Corporation) Hidden
Halo 2 for Windows Vista (HKLM-x32\...\Halo 2) (Version:  - Microsoft Game Studios)
HandBrake Nightly (HKLM-x32\...\HandBrake Nightly) (Version: Nightly - )
Hawaiian HI Fonts (HKLM\...\{9128B5D4-6CB4-4090-A09B-D4CF850AD5A1}) (Version: 1.0.3.40 - Hale Kuamoo, University of Hawaii at Hilo)
IDM Crack 6.27 build 1 (HKLM-x32\...\IDM Crack 6.27 build 1) (Version: build 2 - Crackingpatching.com Team)
Ignition (HKLM\...\{50DC22E6-B3C7-4C24-B96C-2939DB5AC0D9}) (Version: 1.50.20324.4505 - Powerteq) Hidden
Ignition (HKLM-x32\...\{e44b92d0-30d5-49aa-950e-a01e2fce0811}) (Version: 1.50.20324.4505 - Powerteq)
ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!)
Intel® Wireless Bluetooth®(patch version 17.1.1531.1764) (HKLM\...\{302600C1-6BDF-4FD1-1507-148929CC1385}) (Version: 17.1.1507.0532 - Intel Corporation)
Intel® Driver Update Utility (HKLM-x32\...\{66307462-7d19-4f1a-af82-aa04b6017f05}) (Version: 2.6.2.4 - Intel)
Intel® PROSet/Wireless Software (HKLM-x32\...\{fd9db181-00fa-4117-82e2-cf920d564253}) (Version: 16.1.0 - Intel Corporation)
Internet Download Manager (HKLM-x32\...\Internet Download Manager) (Version:  - Tonec Inc.)
iTunes (HKLM\...\{4BDE7544-0A08-4AD9-8A8F-4B7944471C36}) (Version: 10.6.0.40 - Apple Inc.)
Java 8 Update 171 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180171F0}) (Version: 8.0.1710.11 - Oracle Corporation)
Klingon Academy (HKLM-x32\...\Klingon Academy) (Version:  - )
K-Lite Codec Pack 14.1.0 Full (HKLM-x32\...\KLiteCodecPack_is1) (Version: 14.1.0 - KLCP)
Lara Croft and the Guardian of Light (HKLM-x32\...\Lara Croft and the Guardian of Light_is1) (Version:  - )
Little Nightmares (HKLM-x32\...\Little Nightmares_is1) (Version:  - )
LIVE gaming on Windows Runtime Version 1.0.6027 (HKLM-x32\...\{839916F4-D8B5-4407-BE6D-6D4EB9D96AF4}) (Version: 1.0.6027 - Microsoft Corporation)
LockHunter 3.1, 32/64 bit (HKLM\...\LockHunter_is1) (Version:  - Crystal Rich Ltd)
Mad Max (HKLM-x32\...\Mad Max_is1) (Version:  - )
MakeMKV v1.10.5 (HKLM-x32\...\MakeMKV) (Version: v1.10.5 - GuinpinSoft inc)
Malwarebytes version 3.5.1.2522 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.5.1.2522 - Malwarebytes)
Microsoft .NET Framework 1.1 (HKLM-x32\...\Microsoft .NET Framework 1.1  (1033)) (Version:  - )
Microsoft .NET Framework 4.7.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.03062 - Microsoft Corporation)
Microsoft Flight Simulator X (HKLM-x32\...\InstallShield_{9527A496-5DF9-412A-ADC7-168BA5379CA6}) (Version: 10.0.61355.0 - Microsoft Game Studios)
Microsoft Flight Simulator X Service Pack 1 (HKLM-x32\...\SP1_9527A496-5DF9-412A-ADC7-168BA5379CA6) (Version: 10.0.61355.0 - Microsoft Game Studios)
Microsoft Halo Custom Edition (HKLM-x32\...\Halo CE) (Version:  - )
Microsoft Hyperlapse Pro (HKLM\...\{33503317-BA83-44C8-873E-581B3D8EB837}) (Version: 1.3.5764 - Microsoft Corporation)
Microsoft Office Professional Plus 2007 (HKLM-x32\...\PROPLUS) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.20125.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable - x86 8.0.61001 (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 Redistributable - x64 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 Redistributable - x86 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Minecraft1.7.2 (HKLM-x32\...\Minecraft1.7.2) (Version:  - )
MKVToolNix 23.0.0 (64-bit) (HKLM-x32\...\MKVToolNix) (Version: 23.0.0 - Moritz Bunkus)
Mojo Jojo's Pet Project (HKLM-x32\...\{BD09FCE9-9D5F-11D5-9E0F-0050FC0220CE}) (Version:  - )
Monkey for Winamp 2x (remove only) (HKLM-x32\...\vis_monkey.dllWinamp) (Version:  - )
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
Nexus Mod Manager (HKLM\...\6af12c54-643b-4752-87d0-8335503010de_is1) (Version: 0.63.13 - Black Tree Gaming)
Nik Collection (HKLM-x32\...\Nik Collection) (Version: 1.2.11 - Google)
NVIDIA 3D Vision Controller Driver 369.04 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 369.04 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.11.4.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.11.4.0 - NVIDIA Corporation)
NVIDIA PhysX (HKLM-x32\...\{1C4551A6-4743-4093-91E4-1477CD655043}) (Version: 9.09.0203 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation)
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
Paragon HFS+ for Windows (HKLM-x32\...\{429D6E81-8E1E-42E6-8AB9-025DD9157F9B}) (Version: 11.0.0.0 - Paragon Software)
Perfect Photo Suite 8 (HKLM-x32\...\{54F3375C-5F19-4DE6-957B-EDE4EFEA5F23}) (Version: 8.0.0 - onOne Software)
Private Internet Access v80 (HKLM-x32\...\{148169C2-5558-4C3E-B38A-7B1813A264CA}_is1) (Version: 80 - London Trust Media, Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.67.1226.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8339 - Realtek Semiconductor Corp.)
Revo Uninstaller Pro 3.2.0 (HKLM-x32\...\Revo Uninstaller Pro 3.2.0) (Version:  - )
RocketDock 1.3.5 (HKLM-x32\...\RocketDock_is1) (Version:  - Punk Software)
SDFormatter (HKLM-x32\...\{179324FF-7B16-4BA8-9836-055CAAEE4F08}) (Version: 4.0.0 - SD Association)
SHIELD Streaming (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv) (Version: 7.1.0280 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShieldWirelessController) (Version: 2.11.4.0 - NVIDIA Corporation) Hidden
SketchUp 2017 (HKLM\...\{F1E181BD-01D6-4754-92CC-DB8C259B9B28}) (Version: 17.0.18899 - Trimble, Inc.)
Sniper - Ghost Warrior 2 — Repacked by R.G. Revenants (HKLM-x32\...\Sniper - Ghost Warrior 2_R.G. Revenants) (Version: 3.4.1.4621 - City Interactive)
SolveigMM AVI Trimmer+ version 5.0.1509.11 (HKLM-x32\...\SolveigMM AVI Trimmer_is1) (Version: 5.0.1509.11 - Solveig Multimedia)
SolveigMM Video Splitter Business Edition (HKLM-x32\...\SolveigMM Video Splitter Business Edition 6.1.1611.7) (Version: 6.1.1611.7 - Solveig Multimedia)
Speccy (HKLM\...\Speccy) (Version: 1.32 - Piriform)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version:  - )
Star Trek Voyager Elite Force (HKLM-x32\...\Star Trek Voyager Elite Force) (Version:  - )
STAR WARS - The Force Unleashed II (HKLM-x32\...\STAR WARS - The Force Unleashed II_is1) (Version:  - )
Star wars Battlefront II version 1.3 (HKLM-x32\...\{2EF34761-F147-4984-8AF1-BB9F8DA76CDD}_is1) (Version: 1.3 - )
Star Wars Empire at War (HKLM-x32\...\{99AE7207-8612-4DBA-A8F8-BAE5C633390D}) (Version: 1.0 - LucasArts)
Star Wars: The Force Unleashed (HKLM-x32\...\Star Wars: The Force Unleashed_is1) (Version: 1.1 - Aspyr)
STAR WARS® - Knights of the Old Republic™ II - The Sith Lords (HKLM-x32\...\1421404581_is1) (Version: 2.0.0.2 - GOG.com)
Subtitle Edit 3.3.5 (HKLM-x32\...\SubtitleEdit_is1) (Version: 3.3.5.1862 - Nikse)
TagScanner 6.0.27 (HKLM-x32\...\TagScanner_is1) (Version:  - Sergey Serkov)
TAP-Windows 9.9.2 (HKLM\...\TAP-Windows) (Version: 9.9.2 - )
The Battle for Middle-earth ™ II (HKLM-x32\...\{2A9F95AB-65A3-432c-8631-B8BC5BF7477A}) (Version:  - )
The Lord of the Rings The Battle for Middle-Earth Collection MULTi9 - ElAmigos version 2.01 (HKLM-x32\...\{5EE9E528-FC92-4C4F-AEE4-BCAFA7A2F6CF}_is1) (Version: 2.01 - Electronic Arts)
The Lord of the Rings, The Rise of the Witch-king (HKLM-x32\...\{B931FB80-537A-4600-00AD-AC5DEDB6C25B}) (Version:  - )
Tixati (HKLM-x32\...\tixati) (Version:  - )
Tomb Raider GOTY version 1.1.748.0 (HKLM-x32\...\Tomb Raider GOTY_is1) (Version: 1.1.748.0 - Mr DJ)
Tomb Raider: Anniversary 1.0 (HKLM-x32\...\Tomb Raider: Anniversary) (Version:  - )
Tomb Raider: Legend 1.2 (HKLM-x32\...\Tomb Raider: Legend) (Version:  - )
Tomb Raider: Underworld 1.1 (HKLM-x32\...\Tomb Raider: Underworld) (Version:  - )
Tweaking.com - Windows Repair (HKLM-x32\...\Tweaking.com - Windows Repair) (Version: 4.0.19 - Tweaking.com)
VidCoder 2.31 Beta (x86) (HKLM-x32\...\VidCoder-Beta-x86_is1) (Version: 2.31 - RandomEngy)
VirtualCloneDrive (HKLM-x32\...\VirtualCloneDrive) (Version: 5.4.9.0 - Elaborate Bytes)
Vulkan Run Time Libraries 1.0.26.0 (HKLM\...\VulkanRT1.0.26.0) (Version: 1.0.26.0 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.3.1 (HKLM\...\VulkanRT1.0.3.1) (Version: 1.0.3.1 - LunarG, Inc.)
WIDCOMM Bluetooth Software (HKLM\...\{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}) (Version: 6.2.1.500 - Broadcom Corporation)
Win32DiskImager version 0.9.5 (HKLM-x32\...\{D074CE74-912A-4AD3-A0BF-3937D9D01F17}_is1) (Version: 0.9.5 - ImageWriter Developers)
Winamp (HKLM-x32\...\Winamp) (Version: 5.666  - Nullsoft, Inc)
Windows Driver Package - Broadcom Bluetooth  (06/15/2009 6.2.0.9000) (HKLM\...\6B8550A319DDC8B17F35F4A89988705E4592349B) (Version: 06/15/2009 6.2.0.9000 - Broadcom)
Windows Driver Package - Broadcom Bluetooth  (07/30/2009 6.2.0.9405) (HKLM\...\6B6B5E96843E55CF5CF8C7E45FB457F1FE642FF1) (Version: 07/30/2009 6.2.0.9405 - Broadcom)
Windows Driver Package - Broadcom HIDClass  (07/28/2009 6.2.0.9800) (HKLM\...\3BA80AB4C7E9F8497C115C844953A3D4BEB84D21) (Version: 07/28/2009 6.2.0.9800 - Broadcom)
WinRAR 4.00 (64-bit) (HKLM\...\WinRAR archiver) (Version: 4.00.0 - win.rar GmbH)
World in Conflict (HKLM-x32\...\World in Conflict) (Version: 1.011 - Ubisoft)
 
==================== Custom CLSID (Whitelisted): ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
ShellIconOverlayIdentifiers: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.22.0.dll [2018-06-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.22.0.dll [2018-06-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.22.0.dll [2018-06-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.22.0.dll [2018-06-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.22.0.dll [2018-06-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.22.0.dll [2018-06-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.22.0.dll [2018-06-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.22.0.dll [2018-06-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.22.0.dll [2018-06-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.22.0.dll [2018-06-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   IDM Shell Extension] -> {CDC95B92-E27C-4745-A8C5-64A52A78855D} => C:\Program Files (x86)\Internet Download Manager\IDMShellExt64.dll [2015-08-14] (Tonec Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.22.0.dll [2018-06-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.22.0.dll [2018-06-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.22.0.dll [2018-06-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.22.0.dll [2018-06-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.22.0.dll [2018-06-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.22.0.dll [2018-06-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.22.0.dll [2018-06-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.22.0.dll [2018-06-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.22.0.dll [2018-06-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.22.0.dll [2018-06-04] (Dropbox, Inc.)
ContextMenuHandlers1-x32: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files (x86)\7-Zip\7-zip.dll [2015-11-19] (Igor Pavlov)
ContextMenuHandlers1-x32: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.22.0.dll [2018-06-04] (Dropbox, Inc.)
ContextMenuHandlers1-x32: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Smart Security\shellExt.dll [2018-04-19] (ESET)
ContextMenuHandlers1-x32: [LockHunterShellExt] -> {0BB27CDA-7029-4C0E-9C56-D922B229F0EB} => C:\Program Files\LockHunter\LHShellExt64.dll [2013-11-21] (Crystal Rich Ltd)
ContextMenuHandlers1-x32: [VirtualCloneDrive] -> {B7056B8E-4F99-44f8-8CBD-282390FE5428} => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\ElbyVCDShell1.dll [2009-12-14] (Elaborate Bytes AG)
ContextMenuHandlers1-x32: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2011-03-02] ()
ContextMenuHandlers1-x32-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2011-03-02] ()
ContextMenuHandlers2: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Smart Security\shellExt.dll [2018-04-19] (ESET)
ContextMenuHandlers2: [LockHunterShellExt] -> {0BB27CDA-7029-4C0E-9C56-D922B229F0EB} => C:\Program Files\LockHunter\LHShellExt64.dll [2013-11-21] (Crystal Rich Ltd)
ContextMenuHandlers2: [VirtualCloneDrive] -> {B7056B8E-4F99-44f8-8CBD-282390FE5428} => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\ElbyVCDShell1.dll [2009-12-14] (Elaborate Bytes AG)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-05-09] (Malwarebytes)
ContextMenuHandlers4-x32: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files (x86)\7-Zip\7-zip.dll [2015-11-19] (Igor Pavlov)
ContextMenuHandlers4-x32: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.22.0.dll [2018-06-04] (Dropbox, Inc.)
ContextMenuHandlers4-x32: [LockHunterShellExt] -> {0BB27CDA-7029-4C0E-9C56-D922B229F0EB} => C:\Program Files\LockHunter\LHShellExt64.dll [2013-11-21] (Crystal Rich Ltd)
ContextMenuHandlers4-x32: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2011-03-02] ()
ContextMenuHandlers4-x32-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2011-03-02] ()
ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.22.0.dll [2018-06-04] (Dropbox, Inc.)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2018-05-07] (NVIDIA Corporation)
ContextMenuHandlers6-x32: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files (x86)\7-Zip\7-zip.dll [2015-11-19] (Igor Pavlov)
ContextMenuHandlers6-x32: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Smart Security\shellExt.dll [2018-04-19] (ESET)
ContextMenuHandlers6-x32: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-05-09] (Malwarebytes)
ContextMenuHandlers6-x32: [RUShellExt] -> {2C5515DC-2A7E-4BFD-B813-CACC2B685EB7} => C:\Program Files\Revo Uninstaller Pro\RUExt.dll [2016-12-14] (VS Revo Group)
ContextMenuHandlers6-x32: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2011-03-02] ()
ContextMenuHandlers6-x32-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2011-03-02] ()
 
==================== Scheduled Tasks (Whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {35A211AB-6D3B-4078-B5B6-9F2E85876676} - System32\Tasks\HFS+ Updater => C:\Program Files (x86)\Paragon Software\HFS+ for Windows\updater\Updater.exe [2016-08-25] (Paragon Software Group)
Task: {3E31366C-E675-44C5-8BC0-6CECADC0704F} - System32\Tasks\klcp_update => C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe [2018-04-11] ()
Task: {40C324BC-D7AD-4882-9673-8F3018FA8405} - System32\Tasks\Tweaking.com - Windows Repair Tray Icon => C:\Program Files (x86)\Tweaking.com\Windows Repair (All in One)\WR_Tray_Icon.exe [2017-05-02] (Tweaking.com)
Task: {425C10DD-2470-48C2-BE24-5F9771B87385} - System32\Tasks\HFS+ Activator => C:\Program Files (x86)\Paragon Software\HFS+ for Windows\activation\OnlineActivator.exe [2016-11-15] (Paragon Software)
Task: {44F446AE-529D-481A-BB08-A900F3A53B41} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_27_0_0_130_pepper.exe
Task: {574D6353-DED6-45DC-BD0C-0D75768F3630} - System32\Tasks\EPSON XP-320 Series Update {2F5A4C44-C787-4243-BF67-47A7A6576221} => C:\Windows\system32\spool\DRIVERS\x64\3\E_YTSNBE.EXE [2013-11-22] (SEIKO EPSON CORPORATION)
Task: {598F1E22-D974-4931-BA4E-1185077E61C9} - System32\Tasks\Private Internet Access Startup => C:/Program Files/pia_manager/pia_manager.exe [2018-05-22] ()
Task: {5A5E1C32-CA20-4DB2-AE5A-C67104C2E8CE} - System32\Tasks\Driver Booster SkipUAC (SkyNet) => C:\Program Files (x86)\IObit\Driver Booster\4.0.4\DriverBooster.exe [2016-10-09] (IObit)
Task: {74A5618A-58B9-49F2-8AAE-D60EB9997BDA} - System32\Tasks\EPSON XP-320 Series Update {9EE9851F-1ACE-4793-8F9F-F6086C9F532B} => C:\Windows\system32\spool\DRIVERS\x64\3\E_YTSNBE.EXE [2013-11-22] (SEIKO EPSON CORPORATION)
Task: {784298BF-2A08-41E5-82FC-C7AB0A863860} - System32\Tasks\Driver Booster Scheduler => C:\Program Files (x86)\IObit\Driver Booster\4.0.4\Scheduler.exe [2016-09-20] (IObit)
Task: {79C655A7-B86E-480A-A906-6D51938C93AE} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-12-23] (Google Inc.)
Task: {B4501B30-6D73-49B8-9145-05858DA45F6E} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-12-24] (Dropbox, Inc.)
Task: {BBCD4906-AD2E-4AC3-AF14-89B0ABC94F44} - System32\Tasks\AdobeGCInvoker-1.0-SKYNET-SYSTEMS-SkyNet => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2018-05-11] (Adobe Systems, Incorporated)
Task: {BE763E74-85F7-4612-B459-06BD2D5EB115} - System32\Tasks\Intel\Intel Telemetry 2 => C:\Program Files\Intel\Telemetry 2.0\lrio.exe [2016-03-17] (Intel Corporation)
Task: {CE3C1698-CD65-49E2-AB60-D2231AA5D0E5} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-12-23] (Google Inc.)
Task: {DCA0EAAC-887C-433D-BDEB-13FAA45979E0} - System32\Tasks\USER_ESRV_SVC_QUEENCREEK => "C:\Windows\System32\Wscript.exe" //B //NoLogo "C:\Program Files\Intel\SUR\QUEENCREEK\task.vbs"
Task: {E3942701-4DA4-446F-A47A-4884A026C1B3} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-12-24] (Dropbox, Inc.)
Task: {F839542E-ABE6-4270-A40A-8DC32F621586} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-02-09] (Adobe Systems Incorporated)
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
 
==================== Shortcuts & WMI ========================
 
(The entries could be listed to be restored or removed.)
 
 
==================== Loaded Modules (Whitelisted) ==============
 
2016-03-20 12:45 - 2018-05-22 10:23 - 016129048 _____ () C:\Program Files\pia_manager\pia_manager.exe
2013-03-28 22:31 - 2013-03-28 22:31 - 000210944 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.PerformanceTuning.dll
2012-09-23 13:53 - 2012-09-23 13:53 - 000748544 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Device.dll
2012-09-23 13:53 - 2012-09-23 13:53 - 003645952 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Platform.dll
2013-03-28 22:30 - 2013-03-28 22:30 - 000073728 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.Wlan.dll
2016-09-23 14:55 - 2016-11-15 07:52 - 001356624 _____ () C:\Program Files (x86)\Paragon Software\HFS+ for Windows\apmwinsrv.exe
2017-01-11 19:06 - 2016-08-25 13:28 - 000367552 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\MessageBus.dll
2017-01-11 19:06 - 2016-08-25 13:28 - 001147328 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\libprotobuf.dll
2017-01-11 19:06 - 2016-08-25 13:28 - 003611584 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Poco.dll
2017-01-11 19:06 - 2016-08-25 13:28 - 000288192 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamBase.dll
2016-11-17 22:05 - 2016-11-17 22:05 - 000156928 _____ () C:\Program Files\Intel Driver Update Utility\SUR\SurSvc.exe
2017-01-11 19:06 - 2016-08-25 13:28 - 002665920 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\NvMdnsPlugin.dll
2017-01-11 19:06 - 2016-08-25 13:28 - 001988544 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\NvPortForwardPlugin.dll
2017-01-11 19:06 - 2016-08-25 13:28 - 001840576 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\RtspPlugin.dll
2017-01-11 19:06 - 2016-08-25 13:28 - 000207296 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\RtspServer.dll
2017-01-11 19:06 - 2016-08-25 13:28 - 000034240 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\boost_system-vc120-mt-1_58.dll
2017-01-11 19:06 - 2016-08-25 13:28 - 000920000 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\boost_regex-vc120-mt-1_58.dll
2015-12-24 08:31 - 2007-09-02 13:58 - 000495616 _____ () C:\Program Files (x86)\RocketDock\RocketDock.exe
2017-01-09 18:08 - 2016-11-17 22:14 - 000730880 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\esrv.exe
2017-01-09 18:08 - 2016-11-17 22:18 - 001981184 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\intel_modeler.dll
2017-01-09 18:08 - 2016-11-17 22:12 - 000237824 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\foreground_window_input.dll
2017-01-09 18:08 - 2016-11-17 22:08 - 000217344 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\intel_user_waiting_input.dll
2016-03-20 12:45 - 2018-05-22 10:23 - 000696600 _____ () C:\Program Files\pia_manager\openvpn.exe
2016-03-20 12:45 - 2018-05-22 10:23 - 000199736 _____ () C:\Program Files\pia_manager\liblzo2-2.dll
2016-03-20 12:45 - 2018-05-22 10:23 - 000114304 _____ () C:\Program Files\pia_manager\libpkcs11-helper-1.dll
2016-03-20 12:45 - 2018-05-22 10:23 - 000148248 _____ () C:\Program Files\pia_manager\pia-openvpn.dll
2012-08-27 21:33 - 2012-08-27 21:33 - 000087912 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2012-08-27 21:33 - 2012-08-27 21:33 - 001242512 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2017-01-11 19:06 - 2016-08-25 13:28 - 000018880 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2015-12-24 08:31 - 2007-09-02 13:57 - 000069632 _____ () C:\Program Files (x86)\RocketDock\RocketDock.dll
2018-06-07 20:26 - 2018-06-07 20:26 - 000521228 _____ () C:\Users\SkyNet\AppData\Local\Temp\ocr729F.tmp\bin\ruby_builtin_dlls\libgmp-10.dll
2018-06-07 20:26 - 2018-06-07 20:26 - 000121524 _____ () C:\Users\SkyNet\AppData\Local\Temp\ocr729F.tmp\bin\ruby_builtin_dlls\libgcc_s_dw2-1.dll
2018-06-07 20:26 - 2018-06-07 20:26 - 000023294 _____ () C:\Users\SkyNet\AppData\Local\Temp\ocr729F.tmp\lib\ruby\2.4.0\i386-mingw32\enc\encdb.so
2018-06-07 20:26 - 2018-06-07 20:26 - 000025094 _____ () C:\Users\SkyNet\AppData\Local\Temp\ocr729F.tmp\lib\ruby\2.4.0\i386-mingw32\enc\trans\transdb.so
2018-06-07 20:26 - 2018-06-07 20:26 - 000020138 _____ () C:\Users\SkyNet\AppData\Local\Temp\ocr729F.tmp\lib\ruby\2.4.0\i386-mingw32\enc\windows_1252.so
2018-06-07 20:26 - 2018-06-07 20:26 - 000042802 _____ () C:\Users\SkyNet\AppData\Local\Temp\ocr729F.tmp\lib\ruby\2.4.0\i386-mingw32\stringio.so
2018-06-07 20:26 - 2018-06-07 20:26 - 000076988 _____ () C:\Users\SkyNet\AppData\Local\Temp\ocr729F.tmp\lib\ruby\2.4.0\i386-mingw32\fiddle.so
2018-06-07 20:26 - 2018-06-07 20:26 - 000034874 _____ () C:\Users\SkyNet\AppData\Local\Temp\ocr729F.tmp\bin\ruby_builtin_dlls\libffi-6.dll
2018-06-07 20:26 - 2018-06-07 20:26 - 000019080 _____ () C:\Users\SkyNet\AppData\Local\Temp\ocr729F.tmp\lib\ruby\2.4.0\i386-mingw32\enc\utf_16le.so
2018-06-07 20:26 - 2018-06-07 20:26 - 000024071 _____ () C:\Users\SkyNet\AppData\Local\Temp\ocr729F.tmp\lib\ruby\2.4.0\i386-mingw32\enc\trans\utf_16_32.so
2018-06-07 20:26 - 2018-06-07 20:26 - 000107527 _____ () C:\Users\SkyNet\AppData\Local\Temp\ocr729F.tmp\lib\ruby\2.4.0\i386-mingw32\enc\trans\single_byte.so
2018-06-07 20:25 - 2018-06-07 20:25 - 000086447 _____ () C:\Users\SkyNet\AppData\Local\Temp\ocr729F.tmp\src\build\windows\pia_manager\bin\rgloader\rgloader24.mingw.so
2018-06-07 20:26 - 2018-06-07 20:26 - 000164238 _____ () C:\Users\SkyNet\AppData\Local\Temp\ocr729F.tmp\lib\ruby\2.4.0\i386-mingw32\socket.so
2018-06-07 20:26 - 2018-06-07 20:26 - 000020278 _____ () C:\Users\SkyNet\AppData\Local\Temp\ocr729F.tmp\lib\ruby\2.4.0\i386-mingw32\io\wait.so
2018-06-07 20:26 - 2018-06-07 20:26 - 000036004 _____ () C:\Users\SkyNet\AppData\Local\Temp\ocr729F.tmp\lib\ruby\2.4.0\i386-mingw32\json\ext\parser.so
2018-06-07 20:26 - 2018-06-07 20:26 - 000043738 _____ () C:\Users\SkyNet\AppData\Local\Temp\ocr729F.tmp\lib\ruby\2.4.0\i386-mingw32\json\ext\generator.so
2018-06-07 20:26 - 2018-06-07 20:26 - 000023715 _____ () C:\Users\SkyNet\AppData\Local\Temp\ocr729F.tmp\lib\ruby\2.4.0\i386-mingw32\etc.so
2018-06-07 20:26 - 2018-06-07 20:26 - 000238686 _____ () C:\Users\SkyNet\AppData\Local\Temp\ocr729F.tmp\lib\ruby\gems\2.4.0\gems\ffi-1.9.23-x86-mingw32\lib\2.4\ffi_c.so
2018-06-07 20:26 - 2018-06-07 20:26 - 000204591 _____ () C:\Users\SkyNet\AppData\Local\Temp\ocr729F.tmp\lib\ruby\2.4.0\i386-mingw32\date_core.so
2018-06-07 20:26 - 2018-06-07 20:26 - 000521228 _____ () C:\Users\SkyNet\AppData\Local\Temp\ocrC705.tmp\bin\ruby_builtin_dlls\libgmp-10.dll
2018-06-07 20:26 - 2018-06-07 20:26 - 000121524 _____ () C:\Users\SkyNet\AppData\Local\Temp\ocrC705.tmp\bin\ruby_builtin_dlls\libgcc_s_dw2-1.dll
2018-06-07 20:26 - 2018-06-07 20:26 - 000023294 _____ () C:\Users\SkyNet\AppData\Local\Temp\ocrC705.tmp\lib\ruby\2.4.0\i386-mingw32\enc\encdb.so
2018-06-07 20:26 - 2018-06-07 20:26 - 000025094 _____ () C:\Users\SkyNet\AppData\Local\Temp\ocrC705.tmp\lib\ruby\2.4.0\i386-mingw32\enc\trans\transdb.so
2018-06-07 20:26 - 2018-06-07 20:26 - 000020138 _____ () C:\Users\SkyNet\AppData\Local\Temp\ocrC705.tmp\lib\ruby\2.4.0\i386-mingw32\enc\windows_1252.so
2018-06-07 20:26 - 2018-06-07 20:26 - 000042802 _____ () C:\Users\SkyNet\AppData\Local\Temp\ocrC705.tmp\lib\ruby\2.4.0\i386-mingw32\stringio.so
2018-06-07 20:26 - 2018-06-07 20:26 - 000076988 _____ () C:\Users\SkyNet\AppData\Local\Temp\ocrC705.tmp\lib\ruby\2.4.0\i386-mingw32\fiddle.so
2018-06-07 20:26 - 2018-06-07 20:26 - 000034874 _____ () C:\Users\SkyNet\AppData\Local\Temp\ocrC705.tmp\bin\ruby_builtin_dlls\libffi-6.dll
2018-06-07 20:26 - 2018-06-07 20:26 - 000019080 _____ () C:\Users\SkyNet\AppData\Local\Temp\ocrC705.tmp\lib\ruby\2.4.0\i386-mingw32\enc\utf_16le.so
2018-06-07 20:26 - 2018-06-07 20:26 - 000024071 _____ () C:\Users\SkyNet\AppData\Local\Temp\ocrC705.tmp\lib\ruby\2.4.0\i386-mingw32\enc\trans\utf_16_32.so
2018-06-07 20:26 - 2018-06-07 20:26 - 000107527 _____ () C:\Users\SkyNet\AppData\Local\Temp\ocrC705.tmp\lib\ruby\2.4.0\i386-mingw32\enc\trans\single_byte.so
2018-06-07 20:26 - 2018-06-07 20:26 - 000086447 _____ () C:\Users\SkyNet\AppData\Local\Temp\ocrC705.tmp\src\build\windows\pia_manager\bin\rgloader\rgloader24.mingw.so
2018-06-07 20:26 - 2018-06-07 20:26 - 000164238 _____ () C:\Users\SkyNet\AppData\Local\Temp\ocrC705.tmp\lib\ruby\2.4.0\i386-mingw32\socket.so
2018-06-07 20:26 - 2018-06-07 20:26 - 000020278 _____ () C:\Users\SkyNet\AppData\Local\Temp\ocrC705.tmp\lib\ruby\2.4.0\i386-mingw32\io\wait.so
2018-06-07 20:26 - 2018-06-07 20:26 - 000036004 _____ () C:\Users\SkyNet\AppData\Local\Temp\ocrC705.tmp\lib\ruby\2.4.0\i386-mingw32\json\ext\parser.so
2018-06-07 20:26 - 2018-06-07 20:26 - 000043738 _____ () C:\Users\SkyNet\AppData\Local\Temp\ocrC705.tmp\lib\ruby\2.4.0\i386-mingw32\json\ext\generator.so
2018-06-07 20:26 - 2018-06-07 20:26 - 000023715 _____ () C:\Users\SkyNet\AppData\Local\Temp\ocrC705.tmp\lib\ruby\2.4.0\i386-mingw32\etc.so
2018-06-07 20:26 - 2018-06-07 20:26 - 000238686 _____ () C:\Users\SkyNet\AppData\Local\Temp\ocrC705.tmp\lib\ruby\gems\2.4.0\gems\ffi-1.9.23-x86-mingw32\lib\2.4\ffi_c.so
2018-06-07 20:26 - 2018-06-07 20:26 - 000204591 _____ () C:\Users\SkyNet\AppData\Local\Temp\ocrC705.tmp\lib\ruby\2.4.0\i386-mingw32\date_core.so
2018-06-07 20:26 - 2018-06-07 20:26 - 000096686 _____ () C:\Users\SkyNet\AppData\Local\Temp\ocrC705.tmp\lib\ruby\2.4.0\i386-mingw32\zlib.so
2018-06-07 20:26 - 2018-06-07 20:26 - 000098626 _____ () C:\Users\SkyNet\AppData\Local\Temp\ocrC705.tmp\bin\ruby_builtin_dlls\zlib1.dll
2018-06-07 20:26 - 2018-06-07 20:26 - 000023870 _____ () C:\Users\SkyNet\AppData\Local\Temp\ocrC705.tmp\lib\ruby\2.4.0\i386-mingw32\enc\windows_31j.so
2018-06-07 20:26 - 2018-06-07 20:26 - 000433264 _____ () C:\Users\SkyNet\AppData\Local\Temp\ocrC705.tmp\lib\ruby\2.4.0\i386-mingw32\openssl.so
2018-06-07 20:26 - 2018-06-07 20:26 - 000027213 _____ () C:\Users\SkyNet\AppData\Local\Temp\ocrC705.tmp\lib\ruby\2.4.0\i386-mingw32\digest.so
2018-06-07 20:26 - 2018-06-07 20:26 - 000018967 _____ () C:\Users\SkyNet\AppData\Local\Temp\ocrC705.tmp\lib\ruby\2.4.0\i386-mingw32\io\nonblock.so
2018-06-07 20:26 - 2018-06-07 20:26 - 000024368 _____ () C:\Users\SkyNet\AppData\Local\Temp\ocrC705.tmp\lib\ruby\2.4.0\i386-mingw32\cgi\escape.so
2018-06-05 15:33 - 2018-05-22 10:23 - 000096920 _____ () C:\Program Files\pia_manager\packet_filter.dll
2018-06-05 15:33 - 2018-05-22 10:23 - 001287960 _____ () C:\Program Files\pia_manager\nwjs\ffmpeg.dll
2018-06-05 15:33 - 2018-05-22 10:22 - 002232832 _____ () C:\Program Files\pia_manager\nwjs\swiftshader\libglesv2.dll
2018-06-05 15:33 - 2018-05-22 10:22 - 000101888 _____ () C:\Program Files\pia_manager\nwjs\swiftshader\libegl.dll
2018-06-05 15:33 - 2018-05-22 10:23 - 005968664 _____ () C:\Program Files\pia_manager\nwjs\node.dll
2013-09-17 00:58 - 2013-09-17 18:58 - 000920736 _____ () C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe
2015-12-23 20:04 - 2018-06-07 20:27 - 000035840 _____ () C:\Program Files (x86)\ASUS\AXSP\1.00.19\PEbiosinterface32.dll
2015-12-23 20:04 - 2010-06-29 10:58 - 000104448 _____ () C:\Program Files (x86)\ASUS\AXSP\1.00.19\ATKEX.dll
 
==================== Alternate Data Streams (Whitelisted) =========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 
 
==================== Safe Mode (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppXSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BFE => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BITS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\camsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ClipSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\dps => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\lfsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MpsSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\msiserver => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\semgrsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SharedAccess => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\shellhwdetection => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TokenBroker => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRemoveSafeBoot => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vss => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WSService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AppXSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BITS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\camsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ClipSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\dps => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\lfsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\msiserver => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SamSs => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\semgrsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\shellhwdetection => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\srv => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\srv2 => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\srvnet => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TokenBroker => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRemoveSafeBoot => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vss => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WSService => ""="Service"
 
==================== Association (Whitelisted) ===============
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
 
 
==================== Internet Explorer trusted/restricted ===============
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
 
==================== Hosts content: ==========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2015-12-25 23:50 - 2018-01-12 11:15 - 000001298 _____ C:\Windows\system32\Drivers\etc\hosts
 
127.0.0.1 na1r.services.adobe.com
127.0.0.1 hlrcv.stage.adobe.com
127.0.0.1 practivate.adobe.com 
127.0.0.1 activate.adobe.com
127.0.0.1                   lmlicenses.wip4.adobe.com
127.0.0.1                   lm.licenses.adobe.com
127.0.0.1 16.217.0.0
127.0.0.1 rosettastone.com
127.0.0.1 launch.rosettastone.com
127.0.0.1 amp.rosettastone.com
127.0.0.1 resources.rosettastone.com
127.0.0.1 updates.rosettastone.com
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-407761387-3444271927-348064540-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\SkyNet\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 209.222.18.222 - 209.222.18.218
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth.lnk => C:\Windows\pss\Bluetooth.lnk.CommonStartup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: EPLTarget => 
MSCONFIG\startupreg: ShadowPlay => "C:\Windows\system32\rundll32.exe" C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
MSCONFIG\startupreg: StartCN => "C:\Program Files\AMD\CNext\CNext\cnext.exe" atlogon
 
==================== FirewallRules (Whitelisted) ===============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [{FB7C27F5-BB80-4ED8-A52E-F204BD37C316}] => (Block) C:\program files\onone software\perfect photo suite 8\perfect photo suite 8.exe
FirewallRules: [{9542AAF1-188F-4C71-861A-E752ABC11CFA}] => (Block) C:\program files\onone software\perfect photo suite 8\perfect photo suite 8.exe
FirewallRules: [UDP Query User{1CCE33FB-AEEA-4ED8-AF19-C2B396B5D814}C:\program files\onone software\perfect photo suite 8\perfect photo suite 8.exe] => (Allow) C:\program files\onone software\perfect photo suite 8\perfect photo suite 8.exe
FirewallRules: [TCP Query User{E1342536-15D0-452F-8FF9-EF3578728F2D}C:\program files\onone software\perfect photo suite 8\perfect photo suite 8.exe] => (Allow) C:\program files\onone software\perfect photo suite 8\perfect photo suite 8.exe
FirewallRules: [{5175D9CD-A3FD-4EF4-A80D-AA46C01BD890}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe
FirewallRules: [{6E5EF3EA-31F2-402C-B458-BB016DB34BB0}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe
FirewallRules: [UDP Query User{B378563C-33B4-49E2-912D-D7C231DB1E6F}C:\program files\tixati\tixati.exe] => (Allow) C:\program files\tixati\tixati.exe
FirewallRules: [TCP Query User{AE11614C-C137-4DF6-86D1-F4C76816BD63}C:\program files\tixati\tixati.exe] => (Allow) C:\program files\tixati\tixati.exe
FirewallRules: [{0452BC5E-4D0C-43D9-9A5E-28F4028CBAF1}] => (Allow) C:\Program Files (x86)\Electronic Arts\Crysis Warhead\Bin64\Crysis.exe
FirewallRules: [{0ADE0E85-BFE0-482B-A20A-4887E9751D9E}] => (Allow) C:\Program Files (x86)\Electronic Arts\Crysis Warhead\Bin64\Crysis.exe
FirewallRules: [{F616906F-6237-47D8-A0C5-AF3BA54D97E4}] => (Allow) C:\Program Files (x86)\Electronic Arts\Crysis Warhead\Bin32\Crysis.exe
FirewallRules: [{99C0B5F5-7B51-4D07-A8D2-0AE91146DB40}] => (Allow) C:\Program Files (x86)\Electronic Arts\Crysis Warhead\Bin32\Crysis.exe
FirewallRules: [{B0C5662F-C649-4A36-8792-48537527A83C}] => (Allow) C:\Program Files (x86)\Electronic Arts\Crytek\Crysis\Bin64\Crysis.exe
FirewallRules: [{141273CE-5FDD-402E-B222-9E13759563E7}] => (Allow) C:\Program Files (x86)\Electronic Arts\Crytek\Crysis\Bin64\Crysis.exe
FirewallRules: [{35A350FD-94D7-4440-AAD5-82F0C4ACA246}] => (Allow) C:\Program Files (x86)\Electronic Arts\Crytek\Crysis\Bin32\crysis.exe
FirewallRules: [{8C3DE5BB-FF61-4E70-9A47-8F85DEE903AB}] => (Allow) C:\Program Files (x86)\Electronic Arts\Crytek\Crysis\Bin32\crysis.exe
FirewallRules: [{007968BD-260C-4DCE-8A9F-1EA6AF72400E}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{D5685863-D18B-4099-820C-F472BF3D84CA}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{96E7BE0E-D304-403C-A275-5DCA2FB0302B}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{941F3F54-2BD5-4E85-BD36-7BEA0B435FF2}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{DDE5C324-684C-4E79-B3BB-C08BBB124967}] => (Block) %ProgramFiles%\Adobe\Adobe Photoshop CC 2015\Photoshop.exe
FirewallRules: [{959BB1F3-A68E-4E0E-A5F2-1DEEB86CC41C}] => (Block) %ProgramFiles%\Adobe\Adobe Photoshop CC 2015\Photoshop.exe
FirewallRules: [{59D8FE2C-0564-4023-8C40-102475C74732}] => (Allow) D:\Network\EpsonNetSetup\ENEasyApp.exe
FirewallRules: [{8D54B22B-A954-496F-901D-9C08FC8A0D19}] => (Allow) D:\Network\EpsonNetSetup\ENEasyApp.exe
FirewallRules: [{079FC4F4-FAD0-4813-8938-95AC8E0DE885}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{0628F2CA-7F4B-4A6C-ABAB-E88127310AB7}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{D1749864-6003-46D3-B48D-FA91635A074D}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{27FBBF6F-8789-44F7-AF44-DDB719F236E4}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{7D796CF0-0B6B-4123-9EE5-FB3045FDEFB1}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe
FirewallRules: [TCP Query User{C2106B5E-D166-4C23-A572-00D2114EAF76}C:\program files\tixati\tixati.exe] => (Allow) C:\program files\tixati\tixati.exe
FirewallRules: [UDP Query User{9DA04F3C-ADD7-4DE9-B271-60981EC6B6A2}C:\program files\tixati\tixati.exe] => (Allow) C:\program files\tixati\tixati.exe
FirewallRules: [{011BAD99-FD9F-4C9D-932A-C3FD26172956}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\4.0.4\DriverBooster.exe
FirewallRules: [{C9417F31-5112-40C5-9643-CFB0F537EAA9}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\4.0.4\DriverBooster.exe
FirewallRules: [{881B987B-391D-4938-B34E-E74A2D2CBE2A}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\4.0.4\DBDownloader.exe
FirewallRules: [{8D8F7100-8302-4698-A5C6-0EF070A51474}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\4.0.4\DBDownloader.exe
FirewallRules: [{8678EAE2-2D5F-45E6-9E2C-DB644A80DF28}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\4.0.4\AutoUpdate.exe
FirewallRules: [{2CC957B7-C991-4E8B-B4A4-3B023D395393}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\4.0.4\AutoUpdate.exe
FirewallRules: [TCP Query User{BE7382CB-95AE-429A-821A-60400273278C}C:\program files (x86)\microsoft games\halo custom edition\haloce.exe] => (Allow) C:\program files (x86)\microsoft games\halo custom edition\haloce.exe
FirewallRules: [UDP Query User{0044A1D1-3464-42E8-B96E-9BAD626BC7CC}C:\program files (x86)\microsoft games\halo custom edition\haloce.exe] => (Allow) C:\program files (x86)\microsoft games\halo custom edition\haloce.exe
FirewallRules: [TCP Query User{5F9A971F-F2B5-47FB-94CB-2E3C972A5242}C:\program files (x86)\raven\star trek voyager elite force\stvoyhm.exe] => (Allow) C:\program files (x86)\raven\star trek voyager elite force\stvoyhm.exe
FirewallRules: [UDP Query User{2292E954-049F-4D9F-8F1B-4D3B6D27CC33}C:\program files (x86)\raven\star trek voyager elite force\stvoyhm.exe] => (Allow) C:\program files (x86)\raven\star trek voyager elite force\stvoyhm.exe
FirewallRules: [{A33F7BB0-D522-4AE5-8DC5-822325B276C9}] => (Block) C:\program files (x86)\raven\star trek voyager elite force\stvoyhm.exe
FirewallRules: [{E00F54FA-48A5-4A6D-AA1C-8464791B6010}] => (Block) C:\program files (x86)\raven\star trek voyager elite force\stvoyhm.exe
FirewallRules: [{A895B6AE-F13E-4174-A79E-FD8347F917CA}] => (Allow) H:\Games\Tomb Raider GOTY\TombRaider.exe
FirewallRules: [{35730279-BF13-4671-8E81-82A1CCB63E1C}] => (Allow) H:\Games\Tomb Raider GOTY\TombRaider.exe
FirewallRules: [{B7D557E8-EF05-4895-9868-C2BE5DEAA4E6}] => (Allow) C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe
FirewallRules: [{D91D1AE7-F21D-426C-83D1-AB43FEBC5502}] => (Allow) C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe
FirewallRules: [TCP Query User{0DA2D116-B31F-44F4-96BC-D5BCCB9D8296}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files (x86)\epson software\event manager\eeventmanager.exe
FirewallRules: [UDP Query User{B50FF09C-5F9A-47E9-92F3-166A2CFC1570}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files (x86)\epson software\event manager\eeventmanager.exe
FirewallRules: [TCP Query User{BFB25B55-7634-4A79-9B85-238CBDB85E50}H:\games\age of mythology gold edition\aom.exe] => (Allow) H:\games\age of mythology gold edition\aom.exe
FirewallRules: [UDP Query User{D02F7EB6-3E5C-4E37-8347-6FBDAF3D6096}H:\games\age of mythology gold edition\aom.exe] => (Allow) H:\games\age of mythology gold edition\aom.exe
FirewallRules: [{35AECB37-E4C5-4F08-B6BE-A6AFF2AA660D}] => (Block) H:\games\age of mythology gold edition\aom.exe
FirewallRules: [{E6656235-82B1-4D03-A36F-29703812A191}] => (Block) H:\games\age of mythology gold edition\aom.exe
FirewallRules: [{D0A6F404-E401-460D-8761-283D847FB16C}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [TCP Query User{F5A48009-9391-4A75-82E0-64C42C095BDA}H:\games\far cry 3\bin\farcry3_d3d11.exe] => (Allow) H:\games\far cry 3\bin\farcry3_d3d11.exe
FirewallRules: [UDP Query User{E9AA2D51-8AF4-49CF-92EC-EAB695FE018B}H:\games\far cry 3\bin\farcry3_d3d11.exe] => (Allow) H:\games\far cry 3\bin\farcry3_d3d11.exe
FirewallRules: [{F6F0223E-E183-4BFC-9720-E2B9C1867171}] => (Block) H:\games\far cry 3\bin\farcry3_d3d11.exe
FirewallRules: [{169B5F1A-E12A-4DD4-9B61-5EAF08F0313C}] => (Block) H:\games\far cry 3\bin\farcry3_d3d11.exe
FirewallRules: [{564BABF5-3AC7-49A0-B215-14B7DC093BA7}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{0575828A-DA83-4013-94FE-52C030651860}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{388BDF3E-E23C-4484-8E2B-0AAFDEB573C9}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{E4F7CBCA-974E-4DEE-97FA-7AF1D6043384}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{F5C4D4BA-DC5D-415E-81C0-4C38D08EA927}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{D229850E-8137-47F5-8B6D-6BA99B5728B3}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{1672625E-8396-4437-AFA1-2544812F7448}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{561E2E6D-9290-4365-8807-BAC94A32B0CE}] => (Allow) LPort=2869
FirewallRules: [{6ED08D25-6A52-4ECD-9CEF-889328ED4F63}] => (Allow) LPort=1900
FirewallRules: [{00F530C6-AE3A-442C-962D-CC9C8C54085C}] => (Allow) LPort=2869
FirewallRules: [{60031D35-ED6F-49C7-97A7-58F109F7534D}] => (Allow) LPort=1900
FirewallRules: [TCP Query User{9F8DFD05-4F5B-4ED3-9C99-5528A983C57A}H:\games\battlefield 1\bf1.exe] => (Block) H:\games\battlefield 1\bf1.exe
FirewallRules: [UDP Query User{AA747C07-FD9B-4589-A2A3-9DFE290EAE7F}H:\games\battlefield 1\bf1.exe] => (Block) H:\games\battlefield 1\bf1.exe
FirewallRules: [{8B8D43CC-23C4-4883-9A76-889CBAD0B7C8}] => (Allow) C:\Program Files (x86)\LucasArts\Star Wars Empire at War\GameData\sweaw.exe
FirewallRules: [{AE899E63-7251-4A22-9243-2B18B09C5785}] => (Allow) C:\Program Files (x86)\LucasArts\Star Wars Empire at War\GameData\sweaw.exe
FirewallRules: [TCP Query User{287CFD38-8173-4AF5-8A11-32591DCC48A2}H:\games\call of duty modern warfare remastered\h1_sp64_ship.exe] => (Allow) H:\games\call of duty modern warfare remastered\h1_sp64_ship.exe
FirewallRules: [UDP Query User{C342F57F-EDB6-42F1-9BE3-E86F57FF46C9}H:\games\call of duty modern warfare remastered\h1_sp64_ship.exe] => (Allow) H:\games\call of duty modern warfare remastered\h1_sp64_ship.exe
FirewallRules: [{77EE1476-DCB7-4A85-A781-1B6E945C05A9}] => (Block) H:\games\call of duty modern warfare remastered\h1_sp64_ship.exe
FirewallRules: [{6773DDC3-60BD-49A5-B978-81AE305A348B}] => (Block) H:\games\call of duty modern warfare remastered\h1_sp64_ship.exe
FirewallRules: [{3A8B1383-5526-44B4-8314-B01CB83DD6F2}] => (Block) LPort=445
FirewallRules: [{3CAA6FC2-FA59-40FF-AD08-369F2AEC17B4}] => (Block) LPort=445
FirewallRules: [{43DD8E92-1050-4FEF-AE3B-46C92AC691AC}] => (Allow) H:\Games\Call Of Duty World At War\CoDWaW.exe
FirewallRules: [{381B961A-83D5-42ED-AD65-C80A4FBCF5EB}] => (Allow) H:\Games\Call Of Duty World At War\CoDWaW.exe
FirewallRules: [TCP Query User{4908AA1F-EC3F-42DD-8A96-F114ED067D2A}H:\games\halo 2\halo 2\halo2.exe] => (Allow) H:\games\halo 2\halo 2\halo2.exe
FirewallRules: [UDP Query User{8C50542A-44EE-4306-A90D-93AB8DB8B74B}H:\games\halo 2\halo 2\halo2.exe] => (Allow) H:\games\halo 2\halo 2\halo2.exe
FirewallRules: [{834AD21D-8A0E-42A9-874E-2F96D2691D57}] => (Block) H:\games\halo 2\halo 2\halo2.exe
FirewallRules: [{69AC1BDD-9F1D-4CF0-9EFD-7703A250A674}] => (Block) H:\games\halo 2\halo 2\halo2.exe
FirewallRules: [{A5DE2541-A865-4489-835B-F7152B3E8DAB}] => (Allow) H:\Games\Halo 2\halo2.exe
FirewallRules: [{97625A2F-03C2-4658-9704-4639321E880A}] => (Allow) H:\Games\Halo 2\halo2.exe
FirewallRules: [{1E29B81A-BD2E-49AF-A713-F2C0B358D9B2}] => (Allow) H:\Games\Halo 2\halo2.exe
FirewallRules: [{F02C1FE6-8E5E-47FE-921E-00192642F714}] => (Allow) H:\Games\Halo 2\halo2.exe
FirewallRules: [TCP Query User{C40DCABF-7228-4B5B-92CB-30E629DB7F9E}C:\program files (x86)\java\jre1.8.0_131\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre1.8.0_131\bin\javaw.exe
FirewallRules: [UDP Query User{9D0D49D9-32A3-4EAC-B64B-B21DC60B4156}C:\program files (x86)\java\jre1.8.0_131\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre1.8.0_131\bin\javaw.exe
FirewallRules: [{F5A98A22-AB34-4F42-8722-0664C26CC0D8}] => (Allow) H:\Games\Crysis\Bin32\crysis.exe
FirewallRules: [{C1700217-77DD-4025-BDAC-361288581F78}] => (Allow) H:\Games\Crysis\Bin32\crysis.exe
FirewallRules: [{4665A9A8-260F-4AAE-AFA9-79334C1FF388}] => (Allow) H:\Games\Crysis\Bin64\Crysis.exe
FirewallRules: [{BBC7C6C9-A363-4950-897A-BD192F1EE47E}] => (Allow) H:\Games\Crysis\Bin64\Crysis.exe
FirewallRules: [TCP Query User{92078F10-6042-4519-B1B4-26BBFD9ACEF5}H:\games\prey\prey\binaries\danielle\x64\release\prey.exe] => (Allow) H:\games\prey\prey\binaries\danielle\x64\release\prey.exe
FirewallRules: [UDP Query User{F1C038E9-0383-460F-84B2-77C4D534DD9E}H:\games\prey\prey\binaries\danielle\x64\release\prey.exe] => (Allow) H:\games\prey\prey\binaries\danielle\x64\release\prey.exe
FirewallRules: [{4D561CC5-30A1-4E9E-96E2-F3EAF3DD9AAC}] => (Block) H:\games\prey\prey\binaries\danielle\x64\release\prey.exe
FirewallRules: [{DC245F4A-3DC3-40CE-AFD2-9DD7026F5F6C}] => (Block) H:\games\prey\prey\binaries\danielle\x64\release\prey.exe
FirewallRules: [{0F417FB7-9F17-410B-8960-4DE17AAEB626}] => (Block) %ProgramFiles% (x86)\Solveig Multimedia\SolveigMM Video Splitter Business Edition\SMMVSplitter_Business.exe
FirewallRules: [{D55F24A3-EB8B-42FB-8771-31FD56C0F857}] => (Block) %ProgramFiles% (x86)\Solveig Multimedia\SolveigMM Video Splitter Business Edition\SMMVSplitter_Business.exe
FirewallRules: [{284784CA-48D1-4BF7-A81A-529C35A052E9}] => (Block) %ProgramFiles% (x86)\Solveig Multimedia\SolveigMM Video Splitter Business Edition\SMM_BatchSplit.exe
FirewallRules: [{BDBC5E1C-0C1A-4ABA-B5EB-82B0D54465F4}] => (Block) %ProgramFiles% (x86)\Solveig Multimedia\SolveigMM Video Splitter Business Edition\SMM_BatchSplit.exe
FirewallRules: [TCP Query User{956666EC-7408-4005-97D3-4458F7A6535D}H:\games\counter strike\hl.exe] => (Allow) H:\games\counter strike\hl.exe
FirewallRules: [UDP Query User{6ED08CF2-2311-4CD9-B003-D9C78C3B03DD}H:\games\counter strike\hl.exe] => (Allow) H:\games\counter strike\hl.exe
FirewallRules: [{D732A50E-88AA-44B8-BE55-964BD4FB659D}] => (Block) H:\games\counter strike\hl.exe
FirewallRules: [{96AE1DED-8908-42B2-B433-90732895E166}] => (Block) H:\games\counter strike\hl.exe
FirewallRules: [TCP Query User{16514BDC-2796-487A-B1A2-1F687775A690}H:\games\counter strike\hlds.exe] => (Allow) H:\games\counter strike\hlds.exe
FirewallRules: [UDP Query User{9839D3C7-6CF6-469E-B71C-4EE3D491B333}H:\games\counter strike\hlds.exe] => (Allow) H:\games\counter strike\hlds.exe
FirewallRules: [{C9692BB1-278C-4FA9-B181-A5A8A1EC8927}] => (Block) H:\games\counter strike\hlds.exe
FirewallRules: [{ED308862-E600-48A2-9A93-932A8CBE1A6D}] => (Block) H:\games\counter strike\hlds.exe
FirewallRules: [TCP Query User{E0C34252-11D0-4CA7-8ED0-A48B8C2CF3BA}H:\games\counter strike\hltv.exe] => (Allow) H:\games\counter strike\hltv.exe
FirewallRules: [UDP Query User{A097959E-765B-49CD-9205-08A0DF668759}H:\games\counter strike\hltv.exe] => (Allow) H:\games\counter strike\hltv.exe
FirewallRules: [{4987A6DB-1650-4C11-B488-3FCD3282BB10}] => (Block) H:\games\counter strike\hltv.exe
FirewallRules: [{6F2A6423-539B-4DD6-AB5A-D77A7A51A8C9}] => (Block) H:\games\counter strike\hltv.exe
FirewallRules: [TCP Query User{090E6C1D-3F2A-439A-A8C7-2D049A9E59CE}H:\games\call of duty 2\cod2mp_s.exe] => (Allow) H:\games\call of duty 2\cod2mp_s.exe
FirewallRules: [UDP Query User{43D41ECF-63AC-4D38-8A66-DFDDC6CEDEA2}H:\games\call of duty 2\cod2mp_s.exe] => (Allow) H:\games\call of duty 2\cod2mp_s.exe
FirewallRules: [{FC3CDEA3-8B96-4847-A0A5-05A8D06BDC90}] => (Block) H:\games\call of duty 2\cod2mp_s.exe
FirewallRules: [{8A01975A-BDC8-4198-8AD6-5762D3D6144A}] => (Block) H:\games\call of duty 2\cod2mp_s.exe
FirewallRules: [TCP Query User{BA0CC5F1-8891-4784-8727-FDD6FEFE9A72}H:\games\sniper - ghost warrior 2\bin32\sniperghostwarrior2.exe] => (Allow) H:\games\sniper - ghost warrior 2\bin32\sniperghostwarrior2.exe
FirewallRules: [UDP Query User{AF5F8BA9-B4C3-4FBB-AF81-DABB907CF037}H:\games\sniper - ghost warrior 2\bin32\sniperghostwarrior2.exe] => (Allow) H:\games\sniper - ghost warrior 2\bin32\sniperghostwarrior2.exe
FirewallRules: [{DE486E41-348B-4867-AD4C-AF539F02A5D3}] => (Block) H:\games\sniper - ghost warrior 2\bin32\sniperghostwarrior2.exe
FirewallRules: [{47D0FEEA-A4FC-4D1C-9286-7443E5F0AC10}] => (Block) H:\games\sniper - ghost warrior 2\bin32\sniperghostwarrior2.exe
FirewallRules: [{9C468828-A775-4BD6-9D0C-A062C8A68FED}] => (Block) %ProgramFiles% (x86)\Paragon Software\HFS+ for Windows  10.0\activation\hfsactivator.exe
FirewallRules: [{298F078E-DF83-4D6E-BE6F-1F3B0EBEADFD}] => (Block) %ProgramFiles% (x86)\Paragon Software\HFS+ for Windows  10.0\activation\hfshelper.exe
FirewallRules: [{77086B90-99CE-4C7B-99C7-C92B46989ADA}] => (Block) %ProgramFiles% (x86)\Paragon Software\HFS+ for Windows  10.0\apmwinsrv.exe
FirewallRules: [{F21326C8-627D-4C0D-AA15-F8313BCA9942}] => (Block) %ProgramFiles% (x86)\Paragon Software\HFS+ for Windows  10.0\mounthfs.exe
FirewallRules: [{57AD44DC-9194-42C2-8492-DF0F6A5A785D}] => (Block) %ProgramFiles% (x86)\Paragon Software\HFS+ for Windows  10.0\mounthfs.exe
FirewallRules: [{50C77D90-6314-46DA-922D-1BA9A5199B11}] => (Block) %ProgramFiles% (x86)\Paragon Software\HFS+ for Windows  10.0\apmwinsrv.exe
FirewallRules: [{11AE5B51-3D43-4137-AB1E-B5DBAE22B266}] => (Block) %ProgramFiles% (x86)\Paragon Software\HFS+ for Windows  10.0\activation\hfsactivator.exe
FirewallRules: [{A1437E5F-4A3D-494B-B95F-EE3917147B2F}] => (Block) %ProgramFiles% (x86)\Paragon Software\HFS+ for Windows  10.0\activation\hfshelper.exe
FirewallRules: [{15BFE731-6C42-426C-817A-A1AB2670C275}] => (Block) %ProgramFiles% (x86)\Paragon Software\HFS+ for Windows\apmwinsrv.exe
FirewallRules: [{023B99DE-D2C5-4E0F-83BC-14E91FDE9421}] => (Block) %ProgramFiles% (x86)\Paragon Software\HFS+ for Windows\mounthfs.exe
FirewallRules: [{C1737EC2-E06B-4CB0-9CBD-E92C68D36362}] => (Block) %ProgramFiles% (x86)\Paragon Software\HFS+ for Windows\activation\OnlineActivator.exe
FirewallRules: [{55428380-F572-4B81-B89F-65C7CBF7A512}] => (Block) %ProgramFiles% (x86)\Paragon Software\HFS+ for Windows\activation\OnlineActivator.exe
FirewallRules: [{08C66253-AB20-4EEB-A2AE-3F41D0AB9EC0}] => (Block) %ProgramFiles% (x86)\Paragon Software\HFS+ for Windows\apmwinsrv.exe
FirewallRules: [{0668A9A4-816F-45FC-8FF2-077C44C8A428}] => (Block) %ProgramFiles% (x86)\Paragon Software\HFS+ for Windows\mounthfs.exe
FirewallRules: [TCP Query User{84E28F8B-CA08-4DC8-BB8A-9DF711280C7B}C:\users\skynet\appdata\local\brave\app-0.18.36\brave.exe] => (Block) C:\users\skynet\appdata\local\brave\app-0.18.36\brave.exe
FirewallRules: [UDP Query User{ABC15052-4E47-460E-85CC-248154B9CECA}C:\users\skynet\appdata\local\brave\app-0.18.36\brave.exe] => (Block) C:\users\skynet\appdata\local\brave\app-0.18.36\brave.exe
FirewallRules: [TCP Query User{D35B6580-F1D8-4196-B6F3-DAED0186E7DC}H:\games\far cry primal\bin\fcprimal.exe] => (Block) H:\games\far cry primal\bin\fcprimal.exe
FirewallRules: [UDP Query User{F2E0036E-6785-46F5-AA59-A5C0DCBA15B9}H:\games\far cry primal\bin\fcprimal.exe] => (Block) H:\games\far cry primal\bin\fcprimal.exe
FirewallRules: [TCP Query User{C28438FE-5764-4FA6-865A-ECBA98BCC0CF}C:\program files (x86)\java\jre1.8.0_151\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre1.8.0_151\bin\javaw.exe
FirewallRules: [UDP Query User{AE9A1FCC-2806-47B6-A412-EB50EB01E56C}C:\program files (x86)\java\jre1.8.0_151\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre1.8.0_151\bin\javaw.exe
FirewallRules: [{911084A3-0070-4ADE-A49C-2931D8126CE9}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe
FirewallRules: [{6A60088F-03B3-4F02-8568-BAEA4680A035}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe
FirewallRules: [{738E9E66-F20A-4847-B8DC-90CFC2B47F73}] => (Allow) C:\Program Files (x86)\iTunes\iTunes.exe
FirewallRules: [TCP Query User{9AFC4B02-19C5-49F9-888C-950953E2716B}H:\games\klingon academy\ka.exe] => (Block) H:\games\klingon academy\ka.exe
FirewallRules: [UDP Query User{EEC425FC-0A96-45D3-9BF4-83988C9E2B0F}H:\games\klingon academy\ka.exe] => (Block) H:\games\klingon academy\ka.exe
FirewallRules: [{3D7354DA-94D6-4AD0-A028-53D0BEF45007}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
FirewallRules: [{AD03BF01-99A0-4CB2-93A0-913EF99CB5BD}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
==================== Restore Points =========================
 
02-06-2018 20:00:59 Revo Uninstaller Pro's restore point - Call of Duty: Ghosts Update 3
03-06-2018 17:03:09 Installed DirectX
06-06-2018 21:06:21 Windows Update
 
==================== Faulty Device Manager Devices =============
 
Name: Bluetooth Peripheral Device
Description: Bluetooth Peripheral Device
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
 
Name: Bluetooth Peripheral Device
Description: Bluetooth Peripheral Device
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
 
Name: Bluetooth Hands-free Audio
Description: Bluetooth Hands-free Audio
Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318}
Manufacturer: Broadcom
Service: btwaudio
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (06/07/2018 08:26:29 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download....uthrootstl.cab>with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
.
 
Error: (06/07/2018 08:25:57 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
 
 
System errors:
=============
Error: (06/07/2018 08:27:02 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: The following fatal alert was received: 40.
 
Error: (06/07/2018 08:27:02 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: The following fatal alert was received: 70.
 
Error: (06/07/2018 08:26:04 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: The following fatal alert was received: 40.
 
Error: (06/07/2018 08:26:04 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: The following fatal alert was received: 70.
 
 
CodeIntegrity:
===================================
 
Date: 2018-06-07 20:26:39.388
Description: 
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\sxs.dll because the set of per-page image hashes could not be found on the system.
 
==================== Memory info =========================== 
 
Processor: AMD FX™-6300 Six-Core Processor 
Percentage of memory in use: 17%
Total physical RAM: 16283.5 MB
Available physical RAM: 13380.94 MB
Total Virtual: 32565.19 MB
Available Virtual: 29032.01 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:465.66 GB) (Free:173.3 GB) NTFS
Drive f: (Mars) (Fixed) (Total:465.76 GB) (Free:381.76 GB) NTFS
Drive g: (Pluto) (Fixed) (Total:200 GB) (Free:106.77 GB) NTFS
Drive h: (Hoth) (Fixed) (Total:931.51 GB) (Free:351.67 GB) NTFS
Drive i: (Saturn) (Fixed) (Total:1062.89 GB) (Free:200.65 GB) NTFS
Drive q: (Ryloth) (Fixed) (Total:1953.12 GB) (Free:1718.23 GB) NTFS
Drive r: (Scarif) (Fixed) (Total:1772.77 GB) (Free:583.87 GB) NTFS
Drive s: (Mercury) (Fixed) (Total:600 GB) (Free:57.37 GB) NTFS
 
\\?\Volume{92252ac3-a9cc-11e5-aced-806e6f6e6963}\ (System Reserved) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 1549F232)
Partition 1: (Not Active) - (Size=465.8 GB) - (Type=07 NTFS)
 
========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: D6C2710D)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=465.7 GB) - (Type=07 NTFS)
 
========================================================
Disk: 2 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: D7729B52)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)
 
========================================================
Disk: 3 (Protective MBR) (Size: 1863 GB) (Disk ID: 00000000)
 
Partition: GPT.
 
========================================================
Disk: 4 (Protective MBR) (Size: 3726 GB) (Disk ID: 00000000)
 
Partition: GPT.
 
==================== End of Addition.txt ============================
 

  • 0

#23
RKinner

RKinner

    Malware Expert

  • Expert
  • 24,598 posts
  • MVP
We are still getting this error:

 
Date: 2018-06-07 20:26:39.388
Description: 
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\sxs.dll because the set of per-page image hashes could not be found on the system.
 

 

 

 
This error is a nuisance. 
Error: (06/07/2018 08:25:57 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
 

 

There used to be a fixit for it but they took it away.  If you run Windows Repair All-in-one with just the

Repair WMI

checked it will fix it.

 
Assuming the time and date on the clock in the bottom right are correct this error:

Error: (06/07/2018 08:26:29 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download....uthrootstl.cab>with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
 

 

.
Has a fixit:

https://support.micr...on-log-in-windo

 

Click on: For Windows 7...

and you will get a Download button. 


  • 0

#24
promithius

promithius

    Member

  • Topic Starter
  • Member
  • PipPip
  • 25 posts

I have run the Windows Repair All-in-one with just the "Repair WMI" checked.

Clock and date are correct.

 

The Fixit solution takes me to another Microsoft page after I click the "Download" tab.

There doesn't appear to be a download link available, unless I missed it.

I have checked numerous times.


  • 0

#25
RKinner

RKinner

    Malware Expert

  • Expert
  • 24,598 posts
  • MVP

Looks like MS has "retired" the fixit.  See if you can get the manual fix to work:

 

    At the command prompt, type the following command, and then press ENTER:
    certutil -urlcache * delete

(You may want to also try an elevated command prompt)

    Note The certutil command must be run for every user on the workstation. Each user must login and follow steps 1 and 2 above.
    If the expired certificate is cached in one of the local system profiles, you must delete the contents of some directories by using Windows Explorer. To do this, follow these steps:
        Start Windows Explorer. To do this, click Start, click All Programs, click Accessories, and then click Windows Explorer.

        Note You must enable hidden folders to view the directories whose contents you must delete. To enable hidden files and folders, follow these steps:
            Click Organize, and then click Folder and search options.
            Click the View tab.
            Click to select the Show hidden files and folders check box.
            Click to clear the Hide extensions for known file types check box.
            lick to clear the Hide protected operating system files check box.
            Click Yes to dismiss the warning, and then click OK to apply the changes and to close the dialog box.
        Delete the contents of the directories that are listed here. (%windir% is the Windows directory.)

        Note You may receive a message that states that you do not have permission to access the folder. If you receive this message, Click Continue.

        LocalService:

        %windir%\ServiceProfiles\LocalService\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content
        %windir%\ServiceProfiles\LocalService\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData

        NetworkService:
        %windir%\ServiceProfiles\NetworkService\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content
        %windir%\ServiceProfiles\NetworkService\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData

        LocalSystem:
        %windir%\System32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content
        %windir%\System32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData
 


  • 0

Advertisements


#26
promithius

promithius

    Member

  • Topic Starter
  • Member
  • PipPip
  • 25 posts

Okay I have run this: certutil -urlcache * delete under the elevated command prompt.

 

I went to the Windows directory, C:\Windows, but I am lost as far as where to find all this:

 

     LocalService:

        %windir%\ServiceProfiles\LocalService\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content
        %windir%\ServiceProfiles\LocalService\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData

        NetworkService:
        %windir%\ServiceProfiles\NetworkService\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content
        %windir%\ServiceProfiles\NetworkService\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData

        LocalSystem:
        %windir%\System32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content
        %windir%\System32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData

 

I do not see of those in there.

I did all of this as asked, Show hidden files and folders, clear the Hide extensions for known file types and clear the Hide protected operating system files.

There are many folders and other files in the C:\Windows  folder but I  can not locate the ones you are wanting.           

      
 


  • 0

#27
RKinner

RKinner

    Malware Expert

  • Expert
  • 24,598 posts
  • MVP

Let's see if FRST can get them for us:

 

Download the attached fixlist.txt to the same location as FRST



Run FRST and press Fix
A fix log will be generated please post that


Run FRST again as before.  Make sure Addition.txt is checked and hit Scan.  Post both logs.

 


  • 0

#28
RKinner

RKinner

    Malware Expert

  • Expert
  • 24,598 posts
  • MVP

Wait a second on the fixlist.  I need to make a change.


  • 0

#29
RKinner

RKinner

    Malware Expert

  • Expert
  • 24,598 posts
  • MVP

Here's the corrected Fixlist:

 

 

Attached Files


  • 0

#30
promithius

promithius

    Member

  • Topic Starter
  • Member
  • PipPip
  • 25 posts

The Fixlog:

 

Fix result of Farbar Recovery Scan Tool (x64) Version: 06.06.2018 01
Ran by SkyNet (10-06-2018 18:46:43) Run:4
Running from C:\Users\SkyNet\Desktop
Loaded Profiles: SkyNet (Available Profiles: SkyNet)
Boot Mode: Normal
==============================================
 
fixlist content:
*****************
C:\Windows\ServiceProfiles\LocalService\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\*
C:\Windows\ServiceProfiles\LocalService\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\*
C:\Windows\ServiceProfiles\NetworkService\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\*
C:\Windows\ServiceProfiles\NetworkService\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\*
C:\Windows\System32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\*
C:\Windows\System32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\*
CMD: FOR /F "usebackq delims==" %i IN (`wevtutil el`) DO wevtutil cl "%i"
reboot:
 
 
 
 
 
 
 
 
 
 
 
 
*****************
 
 
=========== "C:\Windows\ServiceProfiles\LocalService\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\*" ==========
 
not found
 
========= End -> "C:\Windows\ServiceProfiles\LocalService\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\*" ========
 
 
=========== "C:\Windows\ServiceProfiles\LocalService\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\*" ==========
 
not found
 
========= End -> "C:\Windows\ServiceProfiles\LocalService\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\*" ========
 
 
=========== "C:\Windows\ServiceProfiles\NetworkService\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\*" ==========
 
not found
 
========= End -> "C:\Windows\ServiceProfiles\NetworkService\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\*" ========
 
 
=========== "C:\Windows\ServiceProfiles\NetworkService\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\*" ==========
 
not found
 
========= End -> "C:\Windows\ServiceProfiles\NetworkService\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\*" ========
 
 
=========== "C:\Windows\System32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\*" ==========
 
C:\Windows\System32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\0E506CEBBC8B162CFB2D72DB4891DCAE => moved successfully
C:\Windows\System32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\1B1401C7EC8E96BC79CBFD92F9DF762D_E35D496D1CD0B884BEBCAFED0FE61600 => moved successfully
C:\Windows\System32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\1F356F4D07FE8C483E769E4586569404 => moved successfully
C:\Windows\System32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\229169D96B9C20761B929D428962A0A2_FC65190A8D1232A1711F16F9F20C5149 => moved successfully
C:\Windows\System32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3130B1871A126520A8C47861EFE3ED4D => moved successfully
C:\Windows\System32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\40C68D5626484A90937F0752C8B950AB => moved successfully
C:\Windows\System32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\472BC96E644745821BD57EA65406C816 => moved successfully
C:\Windows\System32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\616AD1AB067CFD351D6C0EF6F3E12F40 => moved successfully
C:\Windows\System32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\66AE3BFDF94A732B262342AD2154B86E_E27BEC23327CD79BB9859890C6C6DC2B => moved successfully
C:\Windows\System32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\696F3DE637E6DE85B458996D49D759AD => moved successfully
C:\Windows\System32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\7396C420A8E1BC1DA97F1AF0D10BAD21 => moved successfully
C:\Windows\System32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\76A6104AD5D7661815E18299392B9F65 => moved successfully
C:\Windows\System32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\782D7E2BFB036A849A99FFA65C652D39 => moved successfully
C:\Windows\System32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\7B2238AACCEDC3F1FFE8E7EB5F575EC9 => moved successfully
C:\Windows\System32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\7BD5521448F9309F5CEB0C75890FFABC => moved successfully
C:\Windows\System32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\7D266D9E1E69FA1EEFB9699B009B34C8_0A9BFDD75B598C2110CBF610C078E6E6 => moved successfully
C:\Windows\System32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\814CB6F3D92C7FE85DF73576F3F2785E => moved successfully
C:\Windows\System32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\8BD11C4A2318EC8E5A82462092971DEA => moved successfully
C:\Windows\System32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\8DFDF057024880D7A081AFBF6D26B92F => moved successfully
C:\Windows\System32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\8E4E510F44A56B8C8ECFEC352907C373_AE5DEC1208BFEC0DCB9E55221C9E82B5 => moved successfully
C:\Windows\System32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\8EDCF682921FE94F4A02A43CD1A28E6B => moved successfully
C:\Windows\System32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015 => moved successfully
C:\Windows\System32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\955CAB6FF6A24D5820D50B5BA1CF79C7_AD9E7615297A3A83320AACE5801A04F9 => moved successfully
C:\Windows\System32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\9A19ADAD9D098E039450ABBEDD5616EB_72351698A4665D440DC1D15902218AC7 => moved successfully
C:\Windows\System32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\A44F4E7CB3133FF765C39A53AD8FCFDD => moved successfully
C:\Windows\System32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\A89DFCC31C360BA5CBD616749B1B1C5D => moved successfully
C:\Windows\System32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\B69D763EB21649DA26F20618312DEE70 => moved successfully
C:\Windows\System32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\B90B117906B8A74C79D1BC450C2B94B1_A54F26A8A41DE52C237D54D67F12793F => moved successfully
C:\Windows\System32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\B90B117906B8A74C79D1BC450C2B94B1_D4A257FA65F272581CA61DD756EA3A4C => moved successfully
C:\Windows\System32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\BAEBE581FCB73249406FC21094EA252E_BC0CE803EF41A748738619ED7838EEFC => moved successfully
C:\Windows\System32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\C3E814D1CB223AFCD58214D14C3B7EAB => moved successfully
C:\Windows\System32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\C46E7B0F942663A1EDC8D9D6D7869173_6043FC604A395E1485AF7AC16D16B7CE => moved successfully
C:\Windows\System32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\CA4458E7366E94A3C3A9C1FE548B6D21_C2C3D990B393462F0B24251F41DF0EF5 => moved successfully
C:\Windows\System32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\CD9C747F40EEA288D73938D33144F716 => moved successfully
C:\Windows\System32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\D84E548583BE1EE7DB5A935821009D26_5B98B6CD6E69202676965CF5B0E2A7A7 => moved successfully
C:\Windows\System32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\E48DDEA3BF68DF580551FA0F27950B54 => moved successfully
C:\Windows\System32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\E6024EAC88E6B6165D49FE3C95ADD735 => moved successfully
C:\Windows\System32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\EA618097E393409AFA316F0F87E2C202_827C1B837652B048C4C84237D0838585 => moved successfully
C:\Windows\System32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\ECF3006D44DA211141391220EE5049F4 => moved successfully
C:\Windows\System32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\EE44ECA143B76F2B9F2A5AA75B5D1EC6_847118BE2683F0C241D1D702F3A3F5F9 => moved successfully
C:\Windows\System32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F4D9C889B7AEBCF4E1A2DAABC5C3628A_ECBC78EC9FB4EA93E9EE9921E46421B5 => moved successfully
C:\Windows\System32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F4EA555947766F67C3BB52DEDFD509C5 => moved successfully
C:\Windows\System32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F90F18257CBB4D84216AC1E1F3BB2C76 => moved successfully
C:\Windows\System32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\FE70EB9EF1676B9A470CBE90336E8C47 => moved successfully
 
========= End -> "C:\Windows\System32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\*" ========
 
 
=========== "C:\Windows\System32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\*" ==========
 
C:\Windows\System32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\0E506CEBBC8B162CFB2D72DB4891DCAE => moved successfully
C:\Windows\System32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\1B1401C7EC8E96BC79CBFD92F9DF762D_E35D496D1CD0B884BEBCAFED0FE61600 => moved successfully
C:\Windows\System32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\1F356F4D07FE8C483E769E4586569404 => moved successfully
C:\Windows\System32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\229169D96B9C20761B929D428962A0A2_FC65190A8D1232A1711F16F9F20C5149 => moved successfully
C:\Windows\System32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3130B1871A126520A8C47861EFE3ED4D => moved successfully
C:\Windows\System32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\40C68D5626484A90937F0752C8B950AB => moved successfully
C:\Windows\System32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\472BC96E644745821BD57EA65406C816 => moved successfully
C:\Windows\System32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\616AD1AB067CFD351D6C0EF6F3E12F40 => moved successfully
C:\Windows\System32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\66AE3BFDF94A732B262342AD2154B86E_E27BEC23327CD79BB9859890C6C6DC2B => moved successfully
C:\Windows\System32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\696F3DE637E6DE85B458996D49D759AD => moved successfully
C:\Windows\System32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\7396C420A8E1BC1DA97F1AF0D10BAD21 => moved successfully
C:\Windows\System32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\76A6104AD5D7661815E18299392B9F65 => moved successfully
C:\Windows\System32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\782D7E2BFB036A849A99FFA65C652D39 => moved successfully
C:\Windows\System32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\7B2238AACCEDC3F1FFE8E7EB5F575EC9 => moved successfully
C:\Windows\System32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\7BD5521448F9309F5CEB0C75890FFABC => moved successfully
C:\Windows\System32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\7D266D9E1E69FA1EEFB9699B009B34C8_0A9BFDD75B598C2110CBF610C078E6E6 => moved successfully
C:\Windows\System32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\814CB6F3D92C7FE85DF73576F3F2785E => moved successfully
C:\Windows\System32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\8BD11C4A2318EC8E5A82462092971DEA => moved successfully
C:\Windows\System32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\8DFDF057024880D7A081AFBF6D26B92F => moved successfully
C:\Windows\System32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\8E4E510F44A56B8C8ECFEC352907C373_AE5DEC1208BFEC0DCB9E55221C9E82B5 => moved successfully
C:\Windows\System32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\8EDCF682921FE94F4A02A43CD1A28E6B => moved successfully
C:\Windows\System32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015 => moved successfully
C:\Windows\System32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\955CAB6FF6A24D5820D50B5BA1CF79C7_AD9E7615297A3A83320AACE5801A04F9 => moved successfully
C:\Windows\System32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\9A19ADAD9D098E039450ABBEDD5616EB_72351698A4665D440DC1D15902218AC7 => moved successfully
C:\Windows\System32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\A44F4E7CB3133FF765C39A53AD8FCFDD => moved successfully
C:\Windows\System32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\A89DFCC31C360BA5CBD616749B1B1C5D => moved successfully
C:\Windows\System32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\B69D763EB21649DA26F20618312DEE70 => moved successfully
C:\Windows\System32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\B90B117906B8A74C79D1BC450C2B94B1_A54F26A8A41DE52C237D54D67F12793F => moved successfully
C:\Windows\System32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\B90B117906B8A74C79D1BC450C2B94B1_D4A257FA65F272581CA61DD756EA3A4C => moved successfully
C:\Windows\System32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\BAEBE581FCB73249406FC21094EA252E_BC0CE803EF41A748738619ED7838EEFC => moved successfully
C:\Windows\System32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\C3E814D1CB223AFCD58214D14C3B7EAB => moved successfully
C:\Windows\System32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\C46E7B0F942663A1EDC8D9D6D7869173_6043FC604A395E1485AF7AC16D16B7CE => moved successfully
C:\Windows\System32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\CA4458E7366E94A3C3A9C1FE548B6D21_C2C3D990B393462F0B24251F41DF0EF5 => moved successfully
C:\Windows\System32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\CD9C747F40EEA288D73938D33144F716 => moved successfully
C:\Windows\System32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\D84E548583BE1EE7DB5A935821009D26_5B98B6CD6E69202676965CF5B0E2A7A7 => moved successfully
C:\Windows\System32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\E48DDEA3BF68DF580551FA0F27950B54 => moved successfully
C:\Windows\System32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\E6024EAC88E6B6165D49FE3C95ADD735 => moved successfully
C:\Windows\System32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\EA618097E393409AFA316F0F87E2C202_827C1B837652B048C4C84237D0838585 => moved successfully
C:\Windows\System32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\ECF3006D44DA211141391220EE5049F4 => moved successfully
C:\Windows\System32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\EE44ECA143B76F2B9F2A5AA75B5D1EC6_847118BE2683F0C241D1D702F3A3F5F9 => moved successfully
C:\Windows\System32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F4D9C889B7AEBCF4E1A2DAABC5C3628A_ECBC78EC9FB4EA93E9EE9921E46421B5 => moved successfully
C:\Windows\System32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F4EA555947766F67C3BB52DEDFD509C5 => moved successfully
C:\Windows\System32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F90F18257CBB4D84216AC1E1F3BB2C76 => moved successfully
C:\Windows\System32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\FE70EB9EF1676B9A470CBE90336E8C47 => moved successfully
 
========= End -> "C:\Windows\System32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\*" ========
 
 
========= FOR /F "usebackq delims==" %i IN (`wevtutil el`) DO wevtutil cl "%i" =========
 
 
========= End of CMD: =========
 
 
 
The system needed a reboot.
 
==== End of Fixlog 18:47:02 ====
 
 
FRST:
 
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 06.06.2018 01
Ran by SkyNet (administrator) on SKYNET-SYSTEMS (10-06-2018 18:52:51)
Running from C:\Users\SkyNet\Desktop
Loaded Profiles: SkyNet (Available Profiles: SkyNet)
Platform: Windows 7 Ultimate Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 8 (Default browser: "C:\Users\SkyNet\AppData\Local\Epic Privacy Browser\Application\epic.exe" -- "%1")
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(ESET) C:\Program Files\ESET\ESET Smart Security\ekrn.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Corporation) C:\Windows\System32\DFDWiz.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
() C:\Program Files\pia_manager\pia_manager.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
() C:\Program Files (x86)\Paragon Software\HFS+ for Windows\apmwinsrv.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUSTek Computer Inc\Disk Unlocker\ASPFSVS64.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsusFanControlService\1.02.00\AsusFanControlService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(DTS, Inc) C:\Program Files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe
(Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Kinetic Jump Software, LLC) C:\Program Files (x86)\Common Files\AppLifeUpdateService2\kjsausvc.exe
(Nalpeiron Ltd.) C:\Windows\SysWOW64\nlssrv32.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
(Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
() C:\Program Files\Intel Driver Update Utility\SUR\SurSvc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
() C:\Program Files (x86)\RocketDock\RocketDock.exe
(Tonec Inc.) C:\Program Files (x86)\Internet Download Manager\IDMan.exe
(SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_YATINBE.EXE
(Epic Privacy Browser) C:\Users\SkyNet\AppData\Local\Epic Privacy Browser\Installer\EpicUpdate.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Elaborate Bytes AG) C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\egui.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(hxxp://www.ruby-lang.org/) C:\Users\SkyNet\AppData\Local\Temp\ocr5EE1.tmp\bin\rubyw.exe
() C:\Program Files\pia_manager\pia_manager.exe
(hxxp://www.ruby-lang.org/) C:\Users\SkyNet\AppData\Local\Temp\ocrFA84.tmp\bin\rubyw.exe
(The NWJS Community) C:\Program Files\pia_manager\nwjs\pia_nw.exe
(The NWJS Community) C:\Program Files\pia_manager\nwjs\pia_nw.exe
(The NWJS Community) C:\Program Files\pia_manager\nwjs\pia_nw.exe
(The NWJS Community) C:\Program Files\pia_manager\nwjs\pia_nw.exe
() C:\Program Files\Intel\SUR\QUEENCREEK\esrv.exe
() C:\Program Files\pia_manager\openvpn.exe
(Tweaking.com) C:\Program Files (x86)\Tweaking.com\Windows Repair (All in One)\WR_Tray_Icon.exe
() C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe
() C:\Program Files\Intel\SUR\QUEENCREEK\esrv_svc.exe
(Hidden Reflex Authors) C:\Users\SkyNet\AppData\Local\Epic Privacy Browser\Application\epic.exe
(Hidden Reflex Authors) C:\Users\SkyNet\AppData\Local\Epic Privacy Browser\Application\epic.exe
(Hidden Reflex Authors) C:\Users\SkyNet\AppData\Local\Epic Privacy Browser\Application\epic.exe
(Hidden Reflex Authors) C:\Users\SkyNet\AppData\Local\Epic Privacy Browser\Application\epic.exe
(Hidden Reflex Authors) C:\Users\SkyNet\AppData\Local\Epic Privacy Browser\Application\epic.exe
(Hidden Reflex Authors) C:\Users\SkyNet\AppData\Local\Epic Privacy Browser\Application\epic.exe
(Hidden Reflex Authors) C:\Users\SkyNet\AppData\Local\Epic Privacy Browser\Application\epic.exe
(Hidden Reflex Authors) C:\Users\SkyNet\AppData\Local\Epic Privacy Browser\Application\epic.exe
(Hidden Reflex Authors) C:\Users\SkyNet\AppData\Local\Epic Privacy Browser\Application\epic.exe
(Hidden Reflex Authors) C:\Users\SkyNet\AppData\Local\Epic Privacy Browser\Application\epic.exe
(Hidden Reflex Authors) C:\Users\SkyNet\AppData\Local\Epic Privacy Browser\Application\epic.exe
(Hidden Reflex Authors) C:\Users\SkyNet\AppData\Local\Epic Privacy Browser\Application\epic.exe
(Hidden Reflex Authors) C:\Users\SkyNet\AppData\Local\Epic Privacy Browser\Application\epic.exe
 
==================== Registry (Whitelisted) ===========================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9246656 2018-05-27] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_DTS] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1505728 2018-05-27] (Realtek Semiconductor)
HKLM\...\Run: [Bluetooth Connection Assistant] => LBTWIZ.EXE -silent
HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayApp
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2397120 2016-08-25] (NVIDIA Corporation)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [316392 2018-05-11] (Adobe Systems, Incorporated)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Smart Security\ecmds.exe [178496 2018-04-19] (ESET)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [3643712 2018-06-04] (Dropbox, Inc.)
HKLM-x32\...\Run: [VirtualCloneDrive] => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [88984 2013-03-10] (Elaborate Bytes AG)
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [1087184 2016-01-20] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [421736 2012-03-06] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [588704 2018-03-28] (Oracle Corporation)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-407761387-3444271927-348064540-1000\...\Run: [RocketDock] => C:\Program Files (x86)\RocketDock\RocketDock.exe [495616 2007-09-02] ()
HKU\S-1-5-21-407761387-3444271927-348064540-1000\...\Run: [IDMan] => C:\Program Files (x86)\Internet Download Manager\IDMan.exe [4001848 2016-12-16] (Tonec Inc.)
HKU\S-1-5-21-407761387-3444271927-348064540-1000\...\Run: [EPLTarget\P0000000000000000] => C:\Windows\system32\spool\DRIVERS\x64\3\E_YATINBE.EXE [298560 2014-03-20] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-407761387-3444271927-348064540-1000\...\Run: [Epic Privacy Browser Installer] => C:\Users\SkyNet\AppData\Local\Epic Privacy Browser\Installer\EpicUpdate.exe [509096 2018-05-18] (Epic Privacy Browser)
HKU\S-1-5-21-407761387-3444271927-348064540-1000\...\MountPoints2: {e08f94a0-81e1-11e7-9180-7c5cf8efb1df} - O:\VerizonSWUpgradeAssistantLauncher.exe
Startup: C:\Users\SkyNet\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\privateinternetaccess - Shortcut.lnk [2016-11-01]
ShortcutTarget: privateinternetaccess - Shortcut.lnk -> C:\Program Files\pia_manager\privateinternetaccess.exe (No File)
GroupPolicy: Restriction ? <==== ATTENTION
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 209.222.18.222 209.222.18.218
Tcpip\..\Interfaces\{0106C499-AACA-48BE-AF96-B40332427A56}: [DhcpNameServer] 192.168.200.1
Tcpip\..\Interfaces\{7197BA45-B061-4503-A707-3ED2DFF23F36}: [DhcpNameServer] 209.222.18.222 209.222.18.218
Tcpip\..\Interfaces\{7D8893E0-C1FA-44BA-B6A2-3CD6574C780F}: [DhcpNameServer] 192.168.200.1
Tcpip\..\Interfaces\{BDF7F6CA-FCE0-463B-8573-872A301D511B}: [DhcpNameServer] 192.168.200.1
Tcpip\..\Interfaces\{C3273B72-6137-46B4-B56D-6577F37FD1CE}: [DhcpNameServer] 192.168.86.1
 
Internet Explorer:
==================
HKU\S-1-5-21-407761387-3444271927-348064540-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://us.yahoo.com/?fr=fp-comodo&type=42_25050004005_1.13.424807.562_u_hp
HKU\S-1-5-21-407761387-3444271927-348064540-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/?ocid=iehp
SearchScopes: HKU\S-1-5-21-407761387-3444271927-348064540-1000 -> DefaultScope {0AA24E16-07B3-4694-8357-3C21ACC5F516} URL = hxxps://us.search.yahoo.com/yhs/search?hspart=comodo&hsimp=yhs-com_chrome&type=42_25050004005_1.13.424807.562_u_ds&p={searchTerms}
SearchScopes: HKU\S-1-5-21-407761387-3444271927-348064540-1000 -> {0AA24E16-07B3-4694-8357-3C21ACC5F516} URL = hxxps://us.search.yahoo.com/yhs/search?hspart=comodo&hsimp=yhs-com_chrome&type=42_25050004005_1.13.424807.562_u_ds&p={searchTerms}
BHO: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll [2016-12-10] (Internet Download Manager, Tonec Inc.)
BHO-x32: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll [2016-12-10] (Internet Download Manager, Tonec Inc.)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_171\bin\ssv.dll [2018-04-20] (Oracle Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_171\bin\jp2ssv.dll [2018-04-20] (Oracle Corporation)
Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2010-11-20] (Microsoft Corporation)
Filter-x32: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2010-11-20] (Microsoft Corporation)
Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2010-11-20] (Microsoft Corporation)
Filter-x32: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2010-11-20] (Microsoft Corporation)
 
FireFox:
========
FF HKU\S-1-5-21-407761387-3444271927-348064540-1000\...\SeaMonkey\Extensions: [[email protected]] - C:\Users\SkyNet\AppData\Roaming\IDM\idmmzcc5
FF Extension: (IDM CC) - C:\Users\SkyNet\AppData\Roaming\IDM\idmmzcc5 [2018-06-10] [Legacy] [not signed]
FF HKU\S-1-5-21-407761387-3444271927-348064540-1000\...\SeaMonkey\Extensions: [[email protected]] - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi
FF Extension: (IDM integration) - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi [2016-11-16] [Legacy]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_27_0_0_130.dll [2017-09-12] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll [2013-01-24] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_27_0_0_130.dll [2017-09-12] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2012-03-06] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.171.2 -> C:\Program Files (x86)\Java\jre1.8.0_171\bin\dtplugin\npDeployJava1.dll [2018-04-20] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.171.2 -> C:\Program Files (x86)\Java\jre1.8.0_171\bin\plugin2\npjp2.dll [2018-04-20] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll [2013-01-24] ( Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-16] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-05-10] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-407761387-3444271927-348064540-1000: @updates.epicbrowser.com/Epic Privacy Browser Installer;version=3 -> C:\Users\SkyNet\AppData\Local\Epic Privacy Browser\Installer\1.3.27.13\npEpicUpdate3.dll [2018-05-18] (Epic Privacy Browser)
FF Plugin HKU\S-1-5-21-407761387-3444271927-348064540-1000: @updates.epicbrowser.com/Epic Privacy Browser Installer;version=9 -> C:\Users\SkyNet\AppData\Local\Epic Privacy Browser\Installer\1.3.27.13\npEpicUpdate3.dll [2018-05-18] (Epic Privacy Browser)
 
Chrome: 
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxp://drudgereport.com/
CHR StartupUrls: Default -> "hxxp://www.google.com"
CHR Profile: C:\Users\SkyNet\AppData\Local\Google\Chrome\User Data\Default [2018-06-09]
CHR Extension: (YouTube) - C:\Users\SkyNet\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-10-10]
CHR Extension: (Adblock Plus) - C:\Users\SkyNet\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2018-05-16]
CHR Extension: (Google Search) - C:\Users\SkyNet\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-10-10]
CHR Extension: (Notifier for Gmail™) - C:\Users\SkyNet\AppData\Local\Google\Chrome\User Data\Default\Extensions\dcjichoefijpinlfnjghokpkojhlhkgl [2018-05-02]
CHR Extension: (MightyText - SMS from PC & Text from Computer) - C:\Users\SkyNet\AppData\Local\Google\Chrome\User Data\Default\Extensions\dkfhfaphfkopdgpbfkebjfcblcafcmpi [2018-06-09]
CHR Extension: (Adobe Acrobat) - C:\Users\SkyNet\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-05-24]
CHR Extension: (uBlock) - C:\Users\SkyNet\AppData\Local\Google\Chrome\User Data\Default\Extensions\epcnnfbjfcgphgdmggkamkmgojdagdnn [2018-05-12]
CHR Extension: (Kindle Cloud Reader) - C:\Users\SkyNet\AppData\Local\Google\Chrome\User Data\Default\Extensions\icdipabjmbhpdkjaihfjoikhjjeneebd [2016-10-10]
CHR Extension: (Morpheon Dark) - C:\Users\SkyNet\AppData\Local\Google\Chrome\User Data\Default\Extensions\mafbdhjdkjnoafhfelkjpchpaepjknad [2018-02-21]
CHR Extension: (IDM Integration Module) - C:\Users\SkyNet\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngpampappnmepgilojfohadhhmbhlaek [2018-05-12]
CHR Extension: (Chrome Web Store Payments) - C:\Users\SkyNet\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-03]
CHR Extension: (Gmail) - C:\Users\SkyNet\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-10-10]
CHR Extension: (Chrome Media Router) - C:\Users\SkyNet\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-06-09]
CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2016-12-15]
CHR HKU\S-1-5-21-407761387-3444271927-348064540-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-407761387-3444271927-348064540-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [hcjjaajflhellmcfcecojihhmdbjmmlm] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2016-12-15]
 
==================== Services (Whitelisted) ====================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [2321384 2018-05-11] (Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2128872 2018-05-11] (Adobe Systems, Incorporated)
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2013-03-28] (Advanced Micro Devices, Inc.) [File not signed]
R2 apmwinsrv; C:\Program Files (x86)\Paragon Software\HFS+ for Windows\apmwinsrv.exe [1356624 2016-11-15] () [File not signed]
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe [920736 2013-09-17] ()
R2 ASDiskUnlocker; C:\Program Files (x86)\ASUSTek Computer Inc\Disk Unlocker\ASPFSVS64.exe [262816 2012-06-18] (ASUSTeK Computer Inc.)
R2 asHmComSvc; C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe [951936 2013-09-17] (ASUSTeK Computer Inc.)
R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe [149120 2012-02-16] (ASUSTeK Computer Inc.)
R2 AsusFanControlService; C:\Program Files (x86)\ASUS\AsusFanControlService\1.02.00\AsusFanControlService.exe [1632256 2012-11-09] (ASUSTeK Computer Inc.) [File not signed]
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2015-12-24] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2015-12-24] (Dropbox, Inc.)
R2 DbxSvc; C:\Windows\system32\DbxSvc.exe [51024 2018-06-04] (Dropbox, Inc.)
R2 DTSAudioSvc; C:\Program Files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe [249312 2017-12-20] (DTS, Inc)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [774272 2018-03-27] (EasyAntiCheat Ltd)
R2 ekrn; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [2240264 2018-04-19] (ESET)
R3 ekrnEpfw; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [2240264 2018-04-19] (ESET)
R2 EpsonScanSvc; C:\Windows\system32\EscSvc64.exe [144560 2012-05-17] (Seiko Epson Corporation)
R2 ESRV_SVC_QUEENCREEK; C:\Program Files\Intel\SUR\QUEENCREEK\esrv_svc.exe [805632 2016-11-17] ()
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1163712 2016-08-25] (NVIDIA Corporation)
R2 ibtsiva; C:\Windows\system32\ibtsiva.exe [183568 2017-06-30] (Intel Corporation)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 KjsUpdateService2; C:\Program Files (x86)\Common Files\AppLifeUpdateService2\kjsausvc.exe [12800 2012-04-18] (Kinetic Jump Software, LLC) [File not signed]
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6541008 2018-05-09] (Malwarebytes)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [273136 2013-06-13] ()
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1879488 2016-08-25] (NVIDIA Corporation)
R3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [3632576 2016-08-25] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2521024 2016-08-25] (NVIDIA Corporation)
R2 SystemUsageReportSvc_QUEENCREEK; C:\Program Files\Intel Driver Update Utility\SUR\SurSvc.exe [156928 2016-11-17] ()
S3 USER_ESRV_SVC_QUEENCREEK; C:\Program Files\Intel\SUR\QUEENCREEK\esrv_svc.exe [805632 2016-11-17] ()
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3376880 2013-06-13] (Intel® Corporation)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000 
 
===================== Drivers (Whitelisted) ======================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S3 AiChargerPlus; C:\Windows\SysWow64\drivers\AiChargerPlus.sys [14848 2013-01-28] (ASUSTek Computer Inc.)
R0 amdide64; C:\Windows\System32\drivers\amdide64.sys [11944 2016-07-12] (Advanced Micro Devices Inc.)
R0 apmwin; C:\Windows\System32\DRIVERS\apmwin.sys [37200 2016-09-23] (Paragon Software Group)
R3 ASFLTDrv.sys; C:\Program Files (x86)\ASUSTek Computer Inc\Disk Unlocker\ASFLTDrv64.sys [16512 2010-09-16] (ASUSTeK Computer Inc.)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2012-08-22] ()
R0 asstor64; C:\Windows\System32\drivers\asstor64.sys [83792 2015-06-17] (Asmedia Technology)
S3 ASUSFILTER; C:\Windows\SysWow64\drivers\ASUSFILTER.sys [46152 2011-09-20] (MCCI Corporation)
S3 Btcsrusb; C:\Windows\System32\Drivers\btcusb.sys [51264 2016-07-12] (IVT Corporation.)
R3 btmaudio; C:\Windows\System32\drivers\btmaud.sys [87864 2014-11-05] (Motorola Solutions, Inc.)
R3 btmaux; C:\Windows\System32\DRIVERS\btmaux.sys [141800 2015-05-12] (Motorola Solutions, Inc.)
R3 btmhsf; C:\Windows\System32\DRIVERS\btmhsf.sys [1560552 2017-12-20] (Motorola Solutions, Inc.)
S3 csvol; C:\Windows\System32\DRIVERS\csvol.sys [32080 2016-09-23] (Paragon Software Group)
S3 dg_ssudbus; C:\Windows\System32\DRIVERS\ssudbus.sys [131984 2017-12-20] (Samsung Electronics Co., Ltd.)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [137928 2018-04-12] (ESET)
R0 edevmon; C:\Windows\System32\DRIVERS\edevmon.sys [110432 2018-04-12] (ESET)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [196112 2018-04-12] (ESET)
R2 ekbdflt; C:\Windows\System32\DRIVERS\ekbdflt.sys [50136 2018-04-12] (ESET)
R1 epfw; C:\Windows\System32\DRIVERS\epfw.sys [82816 2018-04-12] (ESET)
R1 EpfwLWF; C:\Windows\System32\DRIVERS\EpfwLWF.sys [61520 2018-04-12] (ESET)
R1 epfwwfp; C:\Windows\system32\DRIVERS\epfwwfp.sys [108320 2018-04-12] (ESET)
R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae64.sys [152184 2018-06-08] (Malwarebytes)
R0 gpt_loader; C:\Windows\System32\DRIVERS\gpt_loader.sys [69456 2016-09-23] (Paragon Software Group)
S3 Hfsplus; C:\Windows\System32\DRIVERS\hfsplus.sys [213840 2016-09-23] (Paragon Software Group)
R3 HfsplusRec; C:\Windows\System32\DRIVERS\hfsplusrec.sys [23888 2016-09-23] (Paragon Software Group)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [27552 2016-07-12] (REALiX™)
R3 ibtusb; C:\Windows\System32\DRIVERS\ibtusb.sys [206344 2017-12-20] (Intel Corporation)
R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [190696 2018-06-10] (Malwarebytes)
R3 MBAMFarflt; C:\Windows\System32\DRIVERS\farflt.sys [112872 2018-06-10] (Malwarebytes)
R3 MBAMProtection; C:\Windows\System32\DRIVERS\mbam.sys [44768 2018-06-10] (Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [253664 2018-06-10] (Malwarebytes)
R3 MBAMWebProtection; C:\Windows\System32\DRIVERS\mwac.sys [94840 2018-06-10] (Malwarebytes)
R0 mounthlp; C:\Windows\System32\DRIVERS\mounthlp.sys [50512 2016-09-23] (Paragon Software Group)
R3 NETwNs64; C:\Windows\System32\DRIVERS\Netwsw02.sys [3427848 2017-12-20] (Intel Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [26560 2016-08-25] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [50808 2017-12-20] (NVIDIA Corporation)
S3 Revoflt; C:\Windows\SysWOW64\DRIVERS\revoflt.sys [40240 2016-12-21] (VS Revo Group)
S3 ssudmdm; C:\Windows\System32\DRIVERS\ssudmdm.sys [166288 2017-12-20] (Samsung Electronics Co., Ltd.)
R1 VDiskBus; C:\Windows\System32\DRIVERS\VDiskBus64.sys [42656 2012-06-01] (ASUSTeK Computer Inc.)
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2018-06-10 18:52 - 2018-06-10 18:53 - 000026787 _____ C:\Users\SkyNet\Desktop\FRST.txt
2018-06-10 18:46 - 2018-06-10 18:47 - 000016997 _____ C:\Users\SkyNet\Desktop\Fixlog.txt
2018-06-10 09:17 - 2018-06-10 18:50 - 000044768 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2018-06-10 09:17 - 2018-06-10 18:49 - 000253664 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2018-06-10 09:17 - 2018-06-10 18:49 - 000112872 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt.sys
2018-06-10 09:17 - 2018-06-10 18:49 - 000094840 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys
2018-06-10 09:17 - 2018-06-10 09:17 - 000190696 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamChameleon.sys
2018-06-06 21:06 - 2018-06-06 21:06 - 000000000 ____D C:\Windows\CheckSur
2018-06-05 21:16 - 2018-06-05 21:16 - 000000207 _____ C:\Windows\tweaking.com-regbackup-SKYNET-SYSTEMS-Windows-7-Ultimate-(64-bit).dat
2018-06-05 21:16 - 2018-06-05 21:16 - 000000000 ____D C:\RegBackup
2018-06-05 21:15 - 2018-06-05 21:15 - 000003668 _____ C:\Windows\System32\Tasks\Tweaking.com - Windows Repair Tray Icon
2018-06-05 21:15 - 2018-06-05 21:15 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tweaking.com
2018-06-05 21:15 - 2018-06-05 21:15 - 000000000 ____D C:\Program Files (x86)\Tweaking.com
2018-06-05 21:14 - 2018-06-05 21:15 - 000194324 _____ C:\Windows\Tweaking.com - Windows Repair Setup Log.txt
2018-06-05 15:33 - 2018-06-05 15:33 - 000000910 _____ C:\Users\SkyNet\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Reinstall TAP Driver.lnk
2018-06-05 15:33 - 2018-06-05 15:33 - 000000878 _____ C:\Users\SkyNet\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Private Internet Access.lnk
2018-06-05 15:33 - 2018-06-05 15:33 - 000000863 _____ C:\Users\SkyNet\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Uninstall Private Internet Access.lnk
2018-06-05 15:33 - 2018-06-05 15:33 - 000000000 ____D C:\Users\SkyNet\AppData\Local\PrivateInternetAccess
2018-06-05 15:01 - 2018-06-05 15:01 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2018-06-04 00:18 - 2018-06-04 00:18 - 000051024 _____ (Dropbox, Inc.) C:\Windows\system32\DbxSvc.exe
2018-06-04 00:18 - 2018-06-04 00:18 - 000050232 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-dev.sys
2018-06-04 00:18 - 2018-06-04 00:18 - 000045672 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-canary.sys
2018-06-04 00:18 - 2018-06-04 00:18 - 000045640 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-stable.sys
2018-06-03 16:37 - 2018-06-03 16:37 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Speccy
2018-06-03 16:37 - 2018-06-03 16:37 - 000000000 ____D C:\Program Files\Speccy
2018-06-02 14:53 - 2018-06-02 14:53 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DiskCheckup
2018-06-02 14:53 - 2018-06-02 14:53 - 000000000 ____D C:\Program Files (x86)\DiskCheckup
2018-06-02 13:02 - 2018-06-07 20:30 - 000000000 ____D C:\Users\SkyNet\Desktop\New folder
2018-06-02 12:56 - 2018-06-02 12:58 - 000001074 _____ C:\VEW.txt
2018-06-02 12:36 - 2018-06-02 12:36 - 000000000 ____D C:\Windows\system32\windfn.exe
2018-06-02 12:36 - 2018-06-02 12:36 - 000000000 ____D C:\Windows\system32\StartupCheckLibrary.dll
2018-06-02 12:36 - 2018-06-02 12:36 - 000000000 ____D C:\Windows\system32\diskdriver.exe
2018-06-01 20:04 - 2018-06-01 20:04 - 000000000 ____D C:\Users\SkyNet\Desktop\save3dmgames
2018-06-01 17:20 - 2018-06-07 20:23 - 002413056 _____ (Farbar) C:\Users\SkyNet\Desktop\FRST64.exe
2018-05-30 17:01 - 2018-06-08 17:16 - 000152184 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys
2018-05-30 17:01 - 2018-05-30 17:01 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2018-05-30 17:00 - 2018-05-30 17:00 - 000000000 ____D C:\ProgramData\MB2Migration
2018-05-30 17:00 - 2018-05-30 17:00 - 000000000 ____D C:\Program Files\Malwarebytes
2018-05-30 16:35 - 2018-06-10 18:52 - 000000000 ____D C:\FRST
2018-05-30 16:34 - 2018-05-30 16:34 - 000000000 ____D C:\ProgramData\GridinSoft
2018-05-30 16:26 - 2018-05-30 16:26 - 000007619 _____ C:\Users\SkyNet\AppData\Local\Resmon.ResmonCfg
2018-05-29 17:21 - 2018-05-29 17:21 - 000000000 ____D C:\Windows\SysWOW64\AGEIA
2018-05-29 17:21 - 2018-05-29 17:21 - 000000000 ____D C:\Program Files (x86)\AGEIA Technologies
2018-05-28 15:54 - 2018-05-28 15:54 - 000000000 ____D C:\Program Files (x86)\EasyAntiCheat
2018-05-28 13:12 - 2018-05-28 13:12 - 000000000 ____D C:\Program Files\ESET
2018-05-27 18:23 - 2018-05-27 18:23 - 000000000 __SHD C:\ProgramData\DSS
2018-05-27 18:23 - 2018-05-27 18:23 - 000000000 ____D C:\Users\SkyNet\Documents\EA Games
2018-05-27 18:23 - 2018-05-27 18:23 - 000000000 ____D C:\ProgramData\Electronic Arts
2018-05-27 17:47 - 2018-05-27 17:47 - 015211584 _____ (Yamaha Corporation) C:\Windows\system32\YamahaAE3.dll
2018-05-27 17:47 - 2018-05-27 17:47 - 007178432 _____ (Dolby Laboratories) C:\Windows\system32\R4EEP64A.dll
2018-05-27 17:47 - 2018-05-27 17:47 - 007101704 _____ (Dolby Laboratories) C:\Windows\system32\DDPP64A.dll
2018-05-27 17:47 - 2018-05-27 17:47 - 006463128 _____ (Nahimic Inc) C:\Windows\system32\NAHIMICV3apo.dll
2018-05-27 17:47 - 2018-05-27 17:47 - 006270152 _____ (Dolby Laboratories) C:\Windows\system32\DDPP64AF3.dll
2018-05-27 17:47 - 2018-05-27 17:47 - 006105024 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHD64.sys
2018-05-27 17:47 - 2018-05-27 17:47 - 005938872 _____ (Nahimic Inc) C:\Windows\system32\NAHIMICV2apo.dll
2018-05-27 17:47 - 2018-05-27 17:47 - 005593576 _____ (Nahimic Inc) C:\Windows\system32\NAHIMICAPOlfx.dll
2018-05-27 17:47 - 2018-05-27 17:47 - 005346960 _____ (Dolby Laboratories) C:\Windows\system32\DolbyDAX2APOv211.dll
2018-05-27 17:47 - 2018-05-27 17:47 - 003571504 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RltkAPO64.dll
2018-05-27 17:47 - 2018-05-27 17:47 - 003509160 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkApi64.dll
2018-05-27 17:47 - 2018-05-27 17:47 - 003410288 _____ (DTS, Inc.) C:\Windows\system32\slcnt64.dll
2018-05-27 17:47 - 2018-05-27 17:47 - 003299776 _____ (Yamaha Corporation) C:\Windows\system32\YamahaAE2.dll
2018-05-27 17:47 - 2018-05-27 17:47 - 003205568 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtPgEx64.dll
2018-05-27 17:47 - 2018-05-27 17:47 - 003145872 _____ (Realtek Semiconductor Corp.) C:\Windows\SysWOW64\RltkAPO.dll
2018-05-27 17:47 - 2018-05-27 17:47 - 003121080 _____ (DTS, Inc.) C:\Windows\system32\sltech64.dll
2018-05-27 17:47 - 2018-05-27 17:47 - 002992144 _____ (Audyssey Labs) C:\Windows\system32\AudysseyEfx.dll
2018-05-27 17:47 - 2018-05-27 17:47 - 002922944 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoInstII64.dll
2018-05-27 17:47 - 2018-05-27 17:47 - 002444648 _____ (Dolby Laboratories) C:\Windows\system32\DolbyDAX2APOv201.dll
2018-05-27 17:47 - 2018-05-27 17:47 - 002190944 _____ (Yamaha Corporation) C:\Windows\system32\YamahaAE.dll
2018-05-27 17:47 - 2018-05-27 17:47 - 001971328 _____ (Dolby Laboratories) C:\Windows\system32\DDPD64A.dll
2018-05-27 17:47 - 2018-05-27 17:47 - 001965120 _____ (Dolby Laboratories) C:\Windows\system32\DDPD64AF3.dll
2018-05-27 17:47 - 2018-05-27 17:47 - 001780584 _____ (DTS) C:\Windows\system32\DTSS2SpeakerDLL64.dll
2018-05-27 17:47 - 2018-05-27 17:47 - 001591016 _____ (DTS) C:\Windows\system32\DTSS2HeadphoneDLL64.dll
2018-05-27 17:47 - 2018-05-27 17:47 - 001544216 _____ (Dolby Laboratories) C:\Windows\system32\DAX3APOProp.dll
2018-05-27 17:47 - 2018-05-27 17:47 - 001508896 _____ (DTS) C:\Windows\system32\DTSBoostDLL64.dll
2018-05-27 17:47 - 2018-05-27 17:47 - 001435104 _____ (Synopsys, Inc.) C:\Windows\system32\SRRPTR64.dll
2018-05-27 17:47 - 2018-05-27 17:47 - 001382200 _____ (TOSHIBA Corporation) C:\Windows\system32\tosade.dll
2018-05-27 17:47 - 2018-05-27 17:47 - 001372352 _____ (Dolby Laboratories) C:\Windows\system32\DAX3APOv251.dll
2018-05-27 17:47 - 2018-05-27 17:47 - 001353280 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTCOM64.dll
2018-05-27 17:47 - 2018-05-27 17:47 - 001337600 _____ (Toshiba Client Solutions Co., Ltd.) C:\Windows\system32\tossaeapo64.dll
2018-05-27 17:47 - 2018-05-27 17:47 - 001259688 _____ (Dolby Laboratories) C:\Windows\system32\DolbyDAX2APOvlldp.dll
2018-05-27 17:47 - 2018-05-27 17:47 - 001242440 _____ (Sound Research, Corp.) C:\Windows\system32\SEHDHF64.dll
2018-05-27 17:47 - 2018-05-27 17:47 - 001159144 _____ (Dolby Laboratories) C:\Windows\system32\DolbyDAX2APOProp.dll
2018-05-27 17:47 - 2018-05-27 17:47 - 001154912 _____ (Sound Research, Corp.) C:\Windows\system32\SECOMN64.dll
2018-05-27 17:47 - 2018-05-27 17:47 - 001105920 _____ (Sound Research, Corp.) C:\Windows\system32\SEHDRA64.dll
2018-05-27 17:47 - 2018-05-27 17:47 - 001009544 _____ (Sound Research, Corp.) C:\Windows\system32\SEAPO64.dll
2018-05-27 17:47 - 2018-05-27 17:47 - 001003816 _____ (Nahimic Inc) C:\Windows\system32\NahimicAPONSControl.dll
2018-05-27 17:47 - 2018-05-27 17:47 - 000986960 _____ (DTS, Inc.) C:\Windows\system32\sl3apo64.dll
2018-05-27 17:47 - 2018-05-27 17:47 - 000973568 _____ (Sound Research, Corp.) C:\Windows\SysWOW64\SEHDHF32.dll
2018-05-27 17:47 - 2018-05-27 17:47 - 000964984 _____ (Sony Corporation) C:\Windows\system32\SFSS_APO.dll
2018-05-27 17:47 - 2018-05-27 17:47 - 000899488 _____ (Sound Research, Corp.) C:\Windows\SysWOW64\SECOMN32.dll
2018-05-27 17:47 - 2018-05-27 17:47 - 000873424 _____ (TOSHIBA Corporation) C:\Windows\system32\tadefxapo264.dll
2018-05-27 17:47 - 2018-05-27 17:47 - 000852096 _____ (Toshiba Client Solutions Co., Ltd.) C:\Windows\system32\tosasfapo64.dll
2018-05-27 17:47 - 2018-05-27 17:47 - 000743928 _____ (DTS) C:\Windows\system32\DTSBassEnhancementDLL64.dll
2018-05-27 17:47 - 2018-05-27 17:47 - 000727400 _____ (DTS) C:\Windows\system32\DTSSymmetryDLL64.dll
2018-05-27 17:47 - 2018-05-27 17:47 - 000708272 _____ (DTS) C:\Windows\system32\DTSVoiceClarityDLL64.dll
2018-05-27 17:47 - 2018-05-27 17:47 - 000691640 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtDataProc64.dll
2018-05-27 17:47 - 2018-05-27 17:47 - 000688936 _____ (ICEpower a/s) C:\Windows\system32\ICEsoundAPO64.dll
2018-05-27 17:47 - 2018-05-27 17:47 - 000604752 _____ (Toshiba Client Solutions Co., Ltd.) C:\Windows\system32\tossaemaxapo64.dll
2018-05-27 17:47 - 2018-05-27 17:47 - 000532336 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSX64.dll
2018-05-27 17:47 - 2018-05-27 17:47 - 000504272 _____ (DTS) C:\Windows\system32\DTSNeoPCDLL64.dll
2018-05-27 17:47 - 2018-05-27 17:47 - 000467120 _____ (Synopsys, Inc.) C:\Windows\system32\SRAPO64.dll
2018-05-27 17:47 - 2018-05-27 17:47 - 000453240 _____ (Dolby Laboratories) C:\Windows\system32\R4EED64A.dll
2018-05-27 17:47 - 2018-05-27 17:47 - 000447144 _____ (Toshiba Client Solutions Co., Ltd.) C:\Windows\system32\toseaeapo64.dll
2018-05-27 17:47 - 2018-05-27 17:47 - 000445360 _____ (DTS) C:\Windows\system32\DTSLimiterDLL64.dll
2018-05-27 17:47 - 2018-05-27 17:47 - 000441224 _____ (DTS) C:\Windows\system32\DTSGainCompensatorDLL64.dll
2018-05-27 17:47 - 2018-05-27 17:47 - 000416472 _____ (Harman) C:\Windows\system32\HMUI.dll
2018-05-27 17:47 - 2018-05-27 17:47 - 000406416 _____ (Dolby Laboratories) C:\Windows\system32\HiFiDAX2APIPCLL.dll
2018-05-27 17:47 - 2018-05-27 17:47 - 000392832 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEP64A.dll
2018-05-27 17:47 - 2018-05-27 17:47 - 000381368 _____ (Synopsys, Inc.) C:\Windows\system32\SRCOM64.dll
2018-05-27 17:47 - 2018-05-27 17:47 - 000378344 _____ (Dolby Laboratories) C:\Windows\system32\HiFiDAX2API.dll
2018-05-27 17:47 - 2018-05-27 17:47 - 000367576 _____ (Dolby Laboratories) C:\Windows\system32\DDPO64AF3.dll
2018-05-27 17:47 - 2018-05-27 17:47 - 000366080 _____ (Windows ® Win 7 DDK provider) C:\Windows\system32\HMAPO.dll
2018-05-27 17:47 - 2018-05-27 17:47 - 000360304 _____ (Harman) C:\Windows\system32\HMClariFi.dll
2018-05-27 17:47 - 2018-05-27 17:47 - 000343672 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtlCPAPI64.dll
2018-05-27 17:47 - 2018-05-27 17:47 - 000341112 _____ (Synopsys, Inc.) C:\Windows\SysWOW64\SRCOM.dll
2018-05-27 17:47 - 2018-05-27 17:47 - 000341112 _____ (Synopsys, Inc.) C:\Windows\system32\SRCOM.dll
2018-05-27 17:47 - 2018-05-27 17:47 - 000332976 _____ (Dolby Laboratories) C:\Windows\system32\DDPO64A.dll
2018-05-27 17:47 - 2018-05-27 17:47 - 000327232 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DHT64.dll
2018-05-27 17:47 - 2018-05-27 17:47 - 000327232 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DAA64.dll
2018-05-27 17:47 - 2018-05-27 17:47 - 000315936 _____ (Dolby Laboratories) C:\Windows\system32\DDPA64F3.dll
2018-05-27 17:47 - 2018-05-27 17:47 - 000278232 _____ (Dolby Laboratories) C:\Windows\system32\DDPA64.dll
2018-05-27 17:47 - 2018-05-27 17:47 - 000258824 _____ (TODO: <Company name>) C:\Windows\system32\slprp64.dll
2018-05-27 17:47 - 2018-05-27 17:47 - 000253864 _____ (DTS) C:\Windows\system32\DTSGFXAPO64.dll
2018-05-27 17:47 - 2018-05-27 17:47 - 000253824 _____ (DTS) C:\Windows\system32\DTSLFXAPO64.dll
2018-05-27 17:47 - 2018-05-27 17:47 - 000252840 _____ (DTS) C:\Windows\system32\DTSGFXAPONS64.dll
2018-05-27 17:47 - 2018-05-27 17:47 - 000231880 _____ (Synopsys, Inc.) C:\Windows\system32\SFNHK64.dll
2018-05-27 17:47 - 2018-05-27 17:47 - 000221928 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSH64.dll
2018-05-27 17:47 - 2018-05-27 17:47 - 000220352 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEED64A.dll
2018-05-27 17:47 - 2018-05-27 17:47 - 000209496 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSHP64.dll
2018-05-27 17:47 - 2018-05-27 17:47 - 000203800 _____ (Harman) C:\Windows\system32\HMHVS.dll
2018-05-27 17:47 - 2018-05-27 17:47 - 000192944 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCfg64.dll
2018-05-27 17:47 - 2018-05-27 17:47 - 000190896 _____ (Harman) C:\Windows\system32\HMEQ_Voice.dll
2018-05-27 17:47 - 2018-05-27 17:47 - 000190896 _____ (Harman) C:\Windows\system32\HMEQ.dll
2018-05-27 17:47 - 2018-05-27 17:47 - 000179560 _____ (Harman) C:\Windows\system32\HMLimiter.dll
2018-05-27 17:47 - 2018-05-27 17:47 - 000166160 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSWOW64.dll
2018-05-27 17:47 - 2018-05-27 17:47 - 000158656 _____ (TOSHIBA Corporation) C:\Windows\system32\tadefxapo.dll
2018-05-27 17:47 - 2018-05-27 17:47 - 000157304 _____ (Dolby Laboratories) C:\Windows\system32\R4EEL64A.dll
2018-05-27 17:47 - 2018-05-27 17:47 - 000154328 _____ (Harman) C:\Windows\system32\HarmanAudioInterface.dll
2018-05-27 17:47 - 2018-05-27 17:47 - 000139720 _____ (Dolby Laboratories) C:\Windows\system32\R4EEA64A.dll
2018-05-27 17:47 - 2018-05-27 17:47 - 000122280 _____ (Real Sound Lab SIA) C:\Windows\system32\CONEQMSAPOGUILibrary.dll
2018-05-27 17:47 - 2018-05-27 17:47 - 000118552 _____ C:\Windows\system32\AcpiServiceVnA64.dll
2018-05-27 17:47 - 2018-05-27 17:47 - 000116504 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEL64A.dll
2018-05-27 17:47 - 2018-05-27 17:47 - 000105272 _____ C:\Windows\system32\audioLibVc.dll
2018-05-27 17:47 - 2018-05-27 17:47 - 000093864 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEG64A.dll
2018-05-27 17:47 - 2018-05-27 17:47 - 000090880 _____ (Synopsys, Inc.) C:\Windows\system32\SFCOM64.dll
2018-05-27 17:47 - 2018-05-27 17:47 - 000090136 _____ (Dolby Laboratories) C:\Windows\system32\R4EEG64A.dll
2018-05-27 17:47 - 2018-05-27 17:47 - 000088280 _____ (Synopsys, Inc.) C:\Windows\system32\SFAPO64.dll
2018-05-27 17:47 - 2018-05-27 17:47 - 000083584 _____ (Virage Logic Corporation / Sonic Focus) C:\Windows\SysWOW64\SFCOM.dll
2018-05-27 17:47 - 2018-05-27 17:47 - 000075504 _____ (TOSHIBA CORPORATION.) C:\Windows\system32\tepeqapo64.dll
2018-05-27 17:47 - 2018-05-27 17:47 - 000023656 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCoLDR64.dll
2018-05-27 17:46 - 2018-05-27 17:46 - 072520672 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoRes64.dat
2018-05-27 17:46 - 2018-05-27 17:46 - 015464151 _____ C:\Windows\system32\Drivers\RTAIODAT.DAT
2018-05-27 17:46 - 2018-05-27 17:46 - 003677120 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTSnMg64.cpl
2018-05-27 17:42 - 2018-05-27 17:42 - 000226280 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
2018-05-27 17:42 - 2018-05-27 17:42 - 000046064 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll
2018-05-27 17:40 - 2018-05-27 17:41 - 000000000 ____D C:\Windows\system32\unknown
2018-05-27 17:40 - 2018-05-27 17:40 - 040346984 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2018-05-27 17:40 - 2018-05-27 17:40 - 038468128 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2018-05-27 17:40 - 2018-05-27 17:40 - 035250776 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2018-05-27 17:40 - 2018-05-27 17:40 - 031271232 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2018-05-27 17:40 - 2018-05-27 17:40 - 030741024 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2018-05-27 17:40 - 2018-05-27 17:40 - 025984920 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2018-05-27 17:40 - 2018-05-27 17:40 - 020264848 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2018-05-27 17:40 - 2018-05-27 17:40 - 019009672 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2018-05-27 17:40 - 2018-05-27 17:40 - 017776824 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2018-05-27 17:40 - 2018-05-27 17:40 - 016973216 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2018-05-27 17:40 - 2018-05-27 17:40 - 015619736 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2018-05-27 17:40 - 2018-05-27 17:40 - 015189168 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2018-05-27 17:40 - 2018-05-27 17:40 - 013725744 _____ (NVIDIA Corporation) C:\Windows\system32\nvptxJitCompiler.dll
2018-05-27 17:40 - 2018-05-27 17:40 - 011271400 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvptxJitCompiler.dll
2018-05-27 17:40 - 2018-05-27 17:40 - 004046088 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2018-05-27 17:40 - 2018-05-27 17:40 - 003962272 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2018-05-27 17:40 - 2018-05-27 17:40 - 003495000 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2018-05-27 17:40 - 2018-05-27 17:40 - 001990688 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6439764.dll
2018-05-27 17:40 - 2018-05-27 17:40 - 001561536 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2018-05-27 17:40 - 2018-05-27 17:40 - 001467992 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6439764.dll
2018-05-27 17:40 - 2018-05-27 17:40 - 001417304 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2018-05-27 17:40 - 2018-05-27 17:40 - 001215424 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2018-05-27 17:40 - 2018-05-27 17:40 - 001157392 _____ (NVIDIA Corporation) C:\Windows\system32\nvfatbinaryLoader.dll
2018-05-27 17:40 - 2018-05-27 17:40 - 001091616 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2018-05-27 17:40 - 2018-05-27 17:40 - 000904712 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvfatbinaryLoader.dll
2018-05-27 17:40 - 2018-05-27 17:40 - 000626592 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2018-05-27 17:40 - 2018-05-27 17:40 - 000544472 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2018-05-27 17:40 - 2018-05-27 17:40 - 000518176 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2018-05-27 17:40 - 2018-05-27 17:40 - 000462648 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2018-05-27 17:40 - 2018-05-27 17:40 - 000420184 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2018-05-27 17:40 - 2018-05-27 17:40 - 000182776 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2018-05-27 17:40 - 2018-05-27 17:40 - 000165136 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2018-05-27 17:40 - 2018-05-27 17:40 - 000159896 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2018-05-27 17:40 - 2018-05-27 17:40 - 000142632 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2018-05-27 17:40 - 2018-05-27 17:40 - 000000669 _____ C:\Windows\SysWOW64\nv-vk32.json
2018-05-27 17:40 - 2018-05-27 17:40 - 000000669 _____ C:\Windows\system32\nv-vk64.json
2018-05-27 17:40 - 2018-05-27 17:40 - 000000000 ____D C:\Windows\system32\Drivers\NVIDIA Corporation
2018-05-27 13:45 - 2015-07-18 03:08 - 000984448 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll
2018-05-27 13:45 - 2015-07-18 03:08 - 000901264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll
2018-05-27 13:45 - 2015-07-18 03:08 - 000066400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-private-l1-1-0.dll
2018-05-27 13:45 - 2015-07-18 03:08 - 000063840 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll
2018-05-27 13:45 - 2015-07-18 03:08 - 000022368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-math-l1-1-0.dll
2018-05-27 13:45 - 2015-07-18 03:08 - 000020832 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
2018-05-27 13:45 - 2015-07-18 03:08 - 000019808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
2018-05-27 13:45 - 2015-07-18 03:08 - 000019808 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2018-05-27 13:45 - 2015-07-18 03:08 - 000017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-string-l1-1-0.dll
2018-05-27 13:45 - 2015-07-18 03:08 - 000017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-stdio-l1-1-0.dll
2018-05-27 13:45 - 2015-07-18 03:08 - 000017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
2018-05-27 13:45 - 2015-07-18 03:08 - 000017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2018-05-27 13:45 - 2015-07-18 03:08 - 000016224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2018-05-27 13:45 - 2015-07-18 03:08 - 000016224 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2018-05-27 13:45 - 2015-07-18 03:08 - 000015712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-convert-l1-1-0.dll
2018-05-27 13:45 - 2015-07-18 03:08 - 000015712 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2018-05-27 13:45 - 2015-07-18 03:08 - 000014176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-time-l1-1-0.dll
2018-05-27 13:45 - 2015-07-18 03:08 - 000014176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-2-0.dll
2018-05-27 13:45 - 2015-07-18 03:08 - 000014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
2018-05-27 13:45 - 2015-07-18 03:08 - 000014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-2-0.dll
2018-05-27 13:45 - 2015-07-18 03:08 - 000013664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
2018-05-27 13:45 - 2015-07-18 03:08 - 000013664 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2018-05-27 13:45 - 2015-07-18 03:08 - 000012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-process-l1-1-0.dll
2018-05-27 13:45 - 2015-07-18 03:08 - 000012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll
2018-05-27 13:45 - 2015-07-18 03:08 - 000012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-conio-l1-1-0.dll
2018-05-27 13:45 - 2015-07-18 03:08 - 000012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll
2018-05-27 13:45 - 2015-07-18 03:08 - 000012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2018-05-27 13:45 - 2015-07-18 03:08 - 000012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2018-05-27 13:45 - 2015-07-18 03:08 - 000012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-utility-l1-1-0.dll
2018-05-27 13:45 - 2015-07-18 03:08 - 000012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll
2018-05-27 13:45 - 2015-07-18 03:08 - 000012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-environment-l1-1-0.dll
2018-05-27 13:45 - 2015-07-18 03:08 - 000012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-2-0.dll
2018-05-27 13:45 - 2015-07-18 03:08 - 000012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-1.dll
2018-05-27 13:45 - 2015-07-18 03:08 - 000012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2018-05-27 13:45 - 2015-07-18 03:08 - 000012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2018-05-27 13:45 - 2015-07-18 03:08 - 000012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2018-05-27 13:45 - 2015-07-18 03:08 - 000012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-2-0.dll
2018-05-27 13:45 - 2015-07-18 03:08 - 000012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-1.dll
2018-05-27 13:45 - 2015-07-18 03:08 - 000011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-eventing-provider-l1-1-0.dll
2018-05-27 13:45 - 2015-07-18 03:08 - 000011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l2-1-0.dll
2018-05-27 13:45 - 2015-07-18 03:08 - 000011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-timezone-l1-1-0.dll
2018-05-27 13:45 - 2015-07-18 03:08 - 000011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l2-1-0.dll
2018-05-27 13:45 - 2015-07-18 03:08 - 000011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-2-0.dll
2018-05-27 13:45 - 2015-07-18 03:08 - 000011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-eventing-provider-l1-1-0.dll
2018-05-27 13:45 - 2015-07-18 03:08 - 000011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l2-1-0.dll
2018-05-27 13:45 - 2015-07-18 03:08 - 000011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-timezone-l1-1-0.dll
2018-05-27 13:45 - 2015-07-18 03:08 - 000011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l2-1-0.dll
2018-05-27 13:45 - 2015-07-18 03:08 - 000011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-2-0.dll
2018-05-27 13:32 - 2018-04-29 05:27 - 000024512 _____ C:\Windows\system32\7B296FC0-376B-497d-B013-58F4D9633A22-5P-1.B5841A4C-A289-439d-8115-50AB69CD450B
2018-05-27 13:32 - 2018-01-28 13:09 - 000000000 _____ C:\Windows\system32\setup4.2.6.tmp
2018-05-25 17:06 - 2018-05-25 17:06 - 000000000 ____D C:\Users\SkyNet\AppData\Roaming\EasyAntiCheat
2018-05-18 16:07 - 2018-05-18 16:08 - 000000000 ____D C:\Users\SkyNet\Documents\Flight Simulator X Files
2018-05-18 09:50 - 2018-05-18 09:50 - 000002384 _____ C:\Users\SkyNet\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Epic Privacy Browser.lnk
2018-05-18 09:49 - 2018-05-18 09:50 - 000000000 ____D C:\Users\SkyNet\AppData\Local\Epic Privacy Browser
2018-05-18 09:49 - 2018-05-18 09:49 - 000000000 ____D C:\ProgramData\Epic Privacy Browser
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2018-06-10 18:49 - 2017-01-11 19:06 - 000000000 ____D C:\ProgramData\NVIDIA
2018-06-10 18:49 - 2009-07-13 19:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2018-06-10 18:47 - 2015-12-29 09:36 - 000000000 ____D C:\Users\SkyNet\AppData\Roaming\DMCache
2018-06-10 18:47 - 2015-12-23 21:32 - 000000000 ____D C:\Users\SkyNet\AppData\Roaming\tixati
2018-06-10 18:46 - 2015-12-24 08:48 - 000000000 ____D C:\Incoming
2018-06-10 18:06 - 2009-07-13 19:13 - 000794646 _____ C:\Windows\system32\PerfStringBackup.INI
2018-06-10 18:06 - 2009-07-13 17:20 - 000000000 ____D C:\Windows\inf
2018-06-10 09:24 - 2009-07-13 18:45 - 000028976 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2018-06-10 09:24 - 2009-07-13 18:45 - 000028976 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2018-06-09 21:53 - 2017-09-28 17:26 - 000000000 ____D C:\Users\SkyNet\AppData\Roaming\brave
2018-06-09 16:39 - 2018-05-02 22:08 - 000013312 _____ C:\Users\SkyNet\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2018-06-09 10:37 - 2017-09-28 17:26 - 000000000 ____D C:\Users\SkyNet\AppData\Local\brave
2018-06-07 20:12 - 2015-12-23 09:34 - 000002224 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-06-06 21:04 - 2016-10-10 11:58 - 000416816 _____ C:\Users\SkyNet\AppData\Local\GDIPFONTCACHEV1.DAT
2018-06-06 21:03 - 2016-04-13 11:05 - 000000398 __RSH C:\ProgramData\ntuser.pol
2018-06-06 21:03 - 2009-07-13 18:45 - 005920168 _____ C:\Windows\system32\FNTCACHE.DAT
2018-06-06 20:59 - 2009-07-13 16:34 - 000000514 _____ C:\Windows\win.ini
2018-06-05 21:23 - 2017-01-12 18:28 - 000000000 ____D C:\Users\SkyNet\AppData\Local\CrashDumps
2018-06-05 17:48 - 2015-12-24 08:31 - 000000000 ___RD C:\Users\SkyNet\Dropbox
2018-06-05 15:33 - 2016-03-20 12:45 - 000003230 _____ C:\Windows\System32\Tasks\Private Internet Access Startup
2018-06-05 15:33 - 2016-03-20 12:45 - 000000000 ____D C:\Program Files\pia_manager
2018-06-05 15:01 - 2015-12-24 08:29 - 000000000 ____D C:\Program Files (x86)\Dropbox
2018-06-02 12:49 - 2009-07-13 17:20 - 000000000 ____D C:\Program Files (x86)\Windows NT
2018-06-01 21:45 - 2017-03-18 17:08 - 000000000 ____D C:\Users\SkyNet\AppData\Local\Fallout4
2018-06-01 20:07 - 2016-10-26 17:45 - 000000000 ____D C:\Windows\SysWOW64\directx
2018-05-31 19:21 - 2018-01-27 17:40 - 000000000 ____D C:\ProgramData\XLN Audio
2018-05-31 19:21 - 2018-01-27 17:40 - 000000000 ____D C:\Program Files\XLN Audio
2018-05-31 19:20 - 2018-01-27 17:39 - 000000000 ____D C:\Users\SkyNet\Documents\XLN Online Installer
2018-05-31 18:40 - 2015-12-23 20:04 - 000000000 ____D C:\Program Files (x86)\ASUS
2018-05-31 18:40 - 2015-12-23 20:01 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS
2018-05-31 18:40 - 2015-12-23 19:50 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2018-05-31 15:50 - 2015-12-23 20:23 - 001048576 _____ C:\Windows\PE_Rom.dll
2018-05-30 17:00 - 2015-12-24 08:10 - 000000000 ____D C:\ProgramData\Malwarebytes
2018-05-30 17:00 - 2015-12-24 08:10 - 000000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2018-05-29 17:21 - 2017-01-11 19:06 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2018-05-28 15:37 - 2017-12-28 09:24 - 000000000 ____D C:\Program Files\Rockstar Games
2018-05-28 15:37 - 2017-12-28 09:24 - 000000000 ____D C:\Program Files (x86)\Rockstar Games
2018-05-27 17:49 - 2009-07-13 19:32 - 000000000 ____D C:\Program Files\Windows Defender
2018-05-27 17:47 - 2016-12-24 19:51 - 000000000 ____D C:\Windows\system32\DAX3
2018-05-27 17:47 - 2016-10-10 16:36 - 000000000 ____D C:\Windows\system32\DAX2
2018-05-27 17:47 - 2016-10-10 11:32 - 000000000 ____D C:\Windows\SysWOW64\RTCOM
2018-05-27 17:42 - 2017-01-11 19:04 - 001688104 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco6420103.dll
2018-05-27 17:40 - 2017-01-12 19:12 - 000505928 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2018-05-27 17:40 - 2017-01-11 19:04 - 023241960 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2018-05-27 17:40 - 2017-01-11 19:04 - 004573960 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2018-05-27 17:40 - 2017-01-11 19:04 - 000041598 _____ C:\Windows\system32\nvinfo.pb
2018-05-27 17:30 - 2016-07-12 16:43 - 000000000 ____D C:\ProgramData\ProductData
2018-05-27 17:29 - 2016-10-10 16:46 - 000002900 _____ C:\Windows\System32\Tasks\Driver Booster SkipUAC (SkyNet)
2018-05-27 13:45 - 2015-12-23 20:55 - 000000000 ____D C:\ProgramData\Package Cache
2018-05-25 17:07 - 2015-12-28 17:56 - 000000000 ____D C:\Users\SkyNet\Documents\My Games
2018-05-20 12:54 - 2016-07-12 12:45 - 000000000 ____D C:\Users\SkyNet\AppData\Local\ElevatedDiagnostics
2018-05-19 22:14 - 2016-07-05 18:12 - 000000000 ____D C:\Users\SkyNet\AppData\Local\CAPCOM
2018-05-19 09:32 - 2018-05-06 16:15 - 000000000 ____D C:\Users\SkyNet\Desktop\100NCD90
2018-05-18 16:17 - 2015-12-24 08:29 - 000003904 _____ C:\Windows\System32\Tasks\DropboxUpdateTaskMachineUA
2018-05-18 16:17 - 2015-12-24 08:29 - 000003652 _____ C:\Windows\System32\Tasks\DropboxUpdateTaskMachineCore
2018-05-18 16:07 - 2009-07-13 19:32 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2018-05-18 16:02 - 2016-10-23 18:55 - 000000000 ____D C:\Program Files (x86)\Microsoft Games
2018-05-16 18:37 - 2015-12-23 09:33 - 000003332 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2018-05-16 18:37 - 2015-12-23 09:33 - 000003204 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2018-05-15 18:38 - 2017-05-16 11:32 - 000004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2018-05-15 18:38 - 2017-05-16 11:32 - 000002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2018-05-14 20:18 - 2017-12-21 19:01 - 000000000 ____D C:\Users\SkyNet\Documents\Manuals
2018-05-14 20:18 - 2016-10-18 22:37 - 000000000 ____D C:\Users\SkyNet\Documents\PDFs
 
==================== Files in the root of some directories =======
 
2017-05-06 17:54 - 2017-05-06 17:54 - 000000087 _____ () C:\Users\SkyNet\AppData\Roaming\1de0de73-de3e-46c6-81b0-f6455f081644
2018-01-12 21:12 - 2018-01-12 21:12 - 000000171 _____ () C:\Users\SkyNet\AppData\Roaming\1eb766f2-fed1-4d33-9c39-2c8a972fd11f
2018-01-12 21:12 - 2018-01-12 21:12 - 000000304 _____ () C:\Users\SkyNet\AppData\Roaming\4e93aa11-2d46-4980-a421-0a4ac759e5bf
2018-01-12 21:12 - 2018-01-12 21:12 - 000000175 _____ () C:\Users\SkyNet\AppData\Roaming\fc19ece2-6b3f-4f22-8758-9651ab9ca388
2017-01-26 17:41 - 2017-01-26 17:42 - 000001456 _____ () C:\Users\SkyNet\AppData\Local\Adobe Save for Web 13.0 Prefs
2018-05-02 22:08 - 2018-06-09 16:39 - 000013312 _____ () C:\Users\SkyNet\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2018-05-30 16:26 - 2018-05-30 16:26 - 000007619 _____ () C:\Users\SkyNet\AppData\Local\Resmon.ResmonCfg
2017-03-02 21:07 - 2017-03-02 21:07 - 000000000 _____ () C:\Users\SkyNet\AppData\Local\{86098965-5FBF-4491-9F48-24AD67142EBD}
2017-01-14 12:42 - 2017-01-14 12:42 - 000000000 _____ () C:\Users\SkyNet\AppData\Local\{F371B246-82C8-4076-8EF4-244595164BBE}
 
Some zero byte size files/folders:
==========================
C:\Windows\System32\diskdriver.exe
C:\Windows\System32\StartupCheckLibrary.dll
C:\Windows\System32\windfn.exe
 
==================== Bamital & volsnap ======================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
 
LastRegBack: 2018-06-08 18:18
 
==================== End of FRST.txt ============================
 
 
Addition Text:
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 06.06.2018 01
Ran by SkyNet (10-06-2018 18:53:24)
Running from C:\Users\SkyNet\Desktop
Windows 7 Ultimate Service Pack 1 (X64) (2016-10-10 21:58:01)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-407761387-3444271927-348064540-500 - Administrator - Disabled)
ASPNET (S-1-5-21-407761387-3444271927-348064540-1006 - Limited - Enabled)
Guest (S-1-5-21-407761387-3444271927-348064540-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-407761387-3444271927-348064540-1008 - Limited - Enabled)
SkyNet (S-1-5-21-407761387-3444271927-348064540-1000 - Administrator - Enabled) => C:\Users\SkyNet
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AV: ESET Internet Security (Enabled - Up to date) {EC1D6F37-E411-475A-DF50-12FF7FE4AC70}
AS: ESET Internet Security (Enabled - Up to date) {577C8ED3-C22B-48D4-E5E0-298D0463E6CD}
AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: ESET Firewall (Enabled) {D426EE12-AE7E-4602-F40F-BBCA8137EB0B}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
. . . (HKLM\...\{DCAFF63A-A26F-4809-A00D-27AD6733ACB3}) (Version: 2.1.28.3 - Intel) Hidden
. . . (HKLM-x32\...\{C7B0C705-9987-44A2-B495-4101DAEDBFE0}) (Version: 2.6.2.4 - Intel) Hidden
300 Modpack 2.1 (HKLM-x32\...\300 Modpack 2.1) (Version:  - )
7-Zip 15.12 (HKLM-x32\...\7-Zip) (Version: 15.12 - Igor Pavlov)
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 18.011.20040 - Adobe Systems Incorporated)
Adobe Audition 1.5 (HKLM-x32\...\{86EF9FC4-F209-4520-B7E1-C7FF0EEBDFFF}) (Version: 1.5 - Adobe Systems)
Adobe Bridge CC (64 Bit) (HKLM-x32\...\{359F8007-6486-429C-A8C5-D67F6897C88C}) (Version: 6.1.1 - Adobe Systems Incorporated)
Adobe Flash Player 27 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 27.0.0.130 - Adobe Systems Incorporated)
Adobe Flash Player 27 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 27.0.0.130 - Adobe Systems Incorporated)
Adobe Flash Player 27 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 27.0.0.183 - Adobe Systems Incorporated)
Adobe Photoshop CC 2015 (HKLM-x32\...\{793C2BF7-A4FE-4608-91C9-9282C5801C21}) (Version: 16.0 - Adobe Systems Incorporated)
Adobe Premiere Pro CC 2015 (HKLM-x32\...\{38C72D42-0672-43B1-9E05-E7631684F9A1}) (Version: 9.0.0 - Adobe Systems Incorporated)
Age of Mythology Gold Edition 1.00 (HKLM-x32\...\Age of Mythology Gold Edition 1.00) (Version:  - )
Aliens vs. Predator (HKLM-x32\...\Aliens vs. Predator_R.G. Mechanics_is1) (Version:  - R.G. Mechanics, spider91)
AMD Catalyst Install Manager (HKLM\...\{5DDB9EF7-1BC0-C9C1-9829-6B9CF68AC357}) (Version: 8.0.903.0 - Advanced Micro Devices, Inc.)
Ansel (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Ansel) (Version: 376.33 - NVIDIA Corporation) Hidden
Apple Application Support (HKLM-x32\...\{63EC2120-1742-4625-AA47-C6A8AEC9C64C}) (Version: 2.2.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{7446FE8D-C1F9-4D42-AAAE-5DBCE58605A6}) (Version: 6.0.0.59 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Asmedia ASM104x USB 3.0 Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.16.12.0 - Asmedia Technology)
Asmedia ASM106x SATA Host Controller Driver (HKLM-x32\...\{61942EF5-2CD8-47D4-869C-2E9A8BB085F1}) (Version: 2.0.8.0000 - Asmedia Technology)
Asmedia ASM106x SATA Host Controller Driver (HKLM-x32\...\{DF6C3726-7E53-4772-9763-E9F147769F51}) (Version: 3.1.6.0000 - Asmedia Technology)
ASUS GPU TweakII (HKLM-x32\...\{0075AAC2-EA9F-490E-83F7-5D5F81EB2A43}) (Version: 1.4.0.8 - ASUSTek COMPUTER INC.) Hidden
ASUS GPU TweakII (HKLM-x32\...\InstallShield_{0075AAC2-EA9F-490E-83F7-5D5F81EB2A43}) (Version: 1.4.0.8 - ASUSTek COMPUTER INC.)
Battlefield 1 v.версия 1.0.u3 (HKLM-x32\...\Battlefield 1_is1) (Version:  - )
BleachBit (HKLM-x32\...\BleachBit) (Version: 2.0 - BleachBit)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Brave (HKU\S-1-5-21-407761387-3444271927-348064540-1000\...\Brave) (Version: 0.22.727 - Brave Software)
Bridge Commander MW (HKLM-x32\...\{304D46E1-364B-45AB-9170-53E200DB4E85}) (Version: 1.1.0000 - Activision) Hidden
Bridge Commander MW (HKLM-x32\...\InstallShield_{304D46E1-364B-45AB-9170-53E200DB4E85}) (Version: 1.1.0000 - Activision)
Call of Duty Modern Warfare Remastered (HKLM-x32\...\Call of Duty Modern Warfare Remastered_is1) (Version:  - )
Call Of Duty World At War version 1.7.1263.0 (HKLM-x32\...\Call Of Duty World At War_is1) (Version: 1.7.1263.0 - Mr DJ)
CPUID CPU-Z 1.82.1 (HKLM\...\CPUID CPU-Z_is1) (Version: 1.82.1 - ) <==== ATTENTION
Crysis (HKLM-x32\...\1809223221_is1) (Version: 2.0.0.7 - GOG.com)
Crysis version 1.21.0.0 (HKLM-x32\...\Crysis_is1) (Version: 1.21.0.0 - Mr DJ)
Crysis Warhead version 1.1.0.0 (HKLM-x32\...\Crysis Warhead_is1) (Version: 1.1.0.0 - Mr DJ)
CRYZENX 1.00 (HKLM-x32\...\CRYZENX 1.00) (Version:  - )
Dirt.4.v1.04-ENG.repack version 1.04 (HKLM-x32\...\{32FFCB8E-23C9-435F-AFC0-7CE64F696FC2}}_is1) (Version: 1.04 - Ali213.net)
Disk Unlocker (HKLM-x32\...\{AE4DB5AB-CD91-4D63-8AD5-33EBADCCC4F2}) (Version: 2.1.3 - ASUSTek Computer Inc.)
DiskCheckup v3.3 (HKLM-x32\...\DiskCheckup_is1) (Version: 3.3.1000 - PassMark Software)
Dragon UnPACKer 5 (HKLM-x32\...\DragonUnPACKer5_is1) (Version: 5.6.2 Exedra Chac - Alexandre Devilliers (aka Elbereth))
Driver Booster 4.0 (HKLM-x32\...\Driver Booster_is1) (Version: 4.0.4 - IObit)
Dropbox (HKLM-x32\...\Dropbox) (Version: 51.4.66 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.75.1 - Dropbox, Inc.) Hidden
DVD Shrink 3.2 (HKLM-x32\...\DVD Shrink_is1) (Version:  - DVD Shrink)
Dying Light (HKLM-x32\...\Dying Light_is1) (Version: 1.3.0 - Релиз от R.G. Steamgames)
Easy Photo Scan (HKLM-x32\...\{BB6241FF-8B76-45A5-95B9-888EDE8E47DC}) (Version: 1.00.0010 - Seiko Epson Corporation)
Epic Privacy Browser (HKU\S-1-5-21-407761387-3444271927-348064540-1000\...\Epic) (Version: 62.0.3202.94 - Epic)
Epson Event Manager (HKLM-x32\...\{9F205E94-9E42-4486-A92A-DF3F6CB85444}) (Version: 3.10.0061 - Seiko Epson Corporation)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version:  - Seiko Epson Corporation)
Epson Software Updater (HKLM-x32\...\{B55DB65D-EF6E-4E04-89D5-B03603BF681B}) (Version: 4.4.5 - SEIKO EPSON CORPORATION)
EPSON XP-320 Series Printer Uninstall (HKLM\...\EPSON XP-320 Series) (Version:  - SEIKO EPSON Corporation)
Epson XP-320 User’s Guide version 1.0 (HKLM-x32\...\UsersGuideEpson XP-320 User’s Guide_is1) (Version: 1.0 - )
EpsonNet Print (HKLM\...\{96ED1D58-440C-4345-8FEE-C4781366C67F}) (Version: 3.1.4.0 - SEIKO EPSON Corporation)
ESET Security (HKLM\...\{BEFBE0CD-6723-4D98-8263-9A2C376BC6CD}) (Version: 11.1.54.0 - ESET, spol. s r.o.)
Far Cry 3 (HKLM-x32\...\Far Cry 3_R.G. Mechanics_is1) (Version:  - R.G. Mechanics, spider91)
Far Cry Primal (HKLM-x32\...\{80BD47AF-CF13-49B2-99BF-7E78FBA26124}_is1) (Version:  - Ubisoft)
FlacSquisher 1.3.6 (HKLM-x32\...\FlacSquisher) (Version: 1.3.6 - FlacSquisher)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 67.0.3396.79 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.17 - Google Inc.) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.21.115 - Google Inc.) Hidden
Grand Theft Auto V (HKLM-x32\...\R3JhbmRUaGVmdEF1dG9W_is1) (Version: 1 - )
Halo 2 for Windows Vista (HKLM-x32\...\{0CA38F52-F0FA-4B9F-8A36-EC8A9609FBBC}) (Version: 1.0.0.0 - Microsoft Corporation) Hidden
Halo 2 for Windows Vista (HKLM-x32\...\Halo 2) (Version:  - Microsoft Game Studios)
HandBrake Nightly (HKLM-x32\...\HandBrake Nightly) (Version: Nightly - )
Hawaiian HI Fonts (HKLM\...\{9128B5D4-6CB4-4090-A09B-D4CF850AD5A1}) (Version: 1.0.3.40 - Hale Kuamoo, University of Hawaii at Hilo)
IDM Crack 6.27 build 1 (HKLM-x32\...\IDM Crack 6.27 build 1) (Version: build 2 - Crackingpatching.com Team)
Ignition (HKLM\...\{50DC22E6-B3C7-4C24-B96C-2939DB5AC0D9}) (Version: 1.50.20324.4505 - Powerteq) Hidden
Ignition (HKLM-x32\...\{e44b92d0-30d5-49aa-950e-a01e2fce0811}) (Version: 1.50.20324.4505 - Powerteq)
ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!)
Intel® Wireless Bluetooth®(patch version 17.1.1531.1764) (HKLM\...\{302600C1-6BDF-4FD1-1507-148929CC1385}) (Version: 17.1.1507.0532 - Intel Corporation)
Intel® Driver Update Utility (HKLM-x32\...\{66307462-7d19-4f1a-af82-aa04b6017f05}) (Version: 2.6.2.4 - Intel)
Intel® PROSet/Wireless Software (HKLM-x32\...\{fd9db181-00fa-4117-82e2-cf920d564253}) (Version: 16.1.0 - Intel Corporation)
Internet Download Manager (HKLM-x32\...\Internet Download Manager) (Version:  - Tonec Inc.)
iTunes (HKLM\...\{4BDE7544-0A08-4AD9-8A8F-4B7944471C36}) (Version: 10.6.0.40 - Apple Inc.)
Java 8 Update 171 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180171F0}) (Version: 8.0.1710.11 - Oracle Corporation)
Klingon Academy (HKLM-x32\...\Klingon Academy) (Version:  - )
K-Lite Codec Pack 14.1.0 Full (HKLM-x32\...\KLiteCodecPack_is1) (Version: 14.1.0 - KLCP)
Lara Croft and the Guardian of Light (HKLM-x32\...\Lara Croft and the Guardian of Light_is1) (Version:  - )
Little Nightmares (HKLM-x32\...\Little Nightmares_is1) (Version:  - )
LIVE gaming on Windows Runtime Version 1.0.6027 (HKLM-x32\...\{839916F4-D8B5-4407-BE6D-6D4EB9D96AF4}) (Version: 1.0.6027 - Microsoft Corporation)
LockHunter 3.1, 32/64 bit (HKLM\...\LockHunter_is1) (Version:  - Crystal Rich Ltd)
Mad Max (HKLM-x32\...\Mad Max_is1) (Version:  - )
MakeMKV v1.10.5 (HKLM-x32\...\MakeMKV) (Version: v1.10.5 - GuinpinSoft inc)
Malwarebytes version 3.5.1.2522 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.5.1.2522 - Malwarebytes)
Microsoft .NET Framework 1.1 (HKLM-x32\...\Microsoft .NET Framework 1.1  (1033)) (Version:  - )
Microsoft .NET Framework 4.7.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.03062 - Microsoft Corporation)
Microsoft Flight Simulator X (HKLM-x32\...\InstallShield_{9527A496-5DF9-412A-ADC7-168BA5379CA6}) (Version: 10.0.61355.0 - Microsoft Game Studios)
Microsoft Flight Simulator X Service Pack 1 (HKLM-x32\...\SP1_9527A496-5DF9-412A-ADC7-168BA5379CA6) (Version: 10.0.61355.0 - Microsoft Game Studios)
Microsoft Halo Custom Edition (HKLM-x32\...\Halo CE) (Version:  - )
Microsoft Hyperlapse Pro (HKLM\...\{33503317-BA83-44C8-873E-581B3D8EB837}) (Version: 1.3.5764 - Microsoft Corporation)
Microsoft Office Professional Plus 2007 (HKLM-x32\...\PROPLUS) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.20125.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable - x86 8.0.61001 (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 Redistributable - x64 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 Redistributable - x86 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Minecraft1.7.2 (HKLM-x32\...\Minecraft1.7.2) (Version:  - )
MKVToolNix 23.0.0 (64-bit) (HKLM-x32\...\MKVToolNix) (Version: 23.0.0 - Moritz Bunkus)
Mojo Jojo's Pet Project (HKLM-x32\...\{BD09FCE9-9D5F-11D5-9E0F-0050FC0220CE}) (Version:  - )
Monkey for Winamp 2x (remove only) (HKLM-x32\...\vis_monkey.dllWinamp) (Version:  - )
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
Nexus Mod Manager (HKLM\...\6af12c54-643b-4752-87d0-8335503010de_is1) (Version: 0.63.13 - Black Tree Gaming)
Nik Collection (HKLM-x32\...\Nik Collection) (Version: 1.2.11 - Google)
NVIDIA 3D Vision Controller Driver 369.04 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 369.04 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.11.4.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.11.4.0 - NVIDIA Corporation)
NVIDIA PhysX (HKLM-x32\...\{1C4551A6-4743-4093-91E4-1477CD655043}) (Version: 9.09.0203 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation)
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
Paragon HFS+ for Windows (HKLM-x32\...\{429D6E81-8E1E-42E6-8AB9-025DD9157F9B}) (Version: 11.0.0.0 - Paragon Software)
Perfect Photo Suite 8 (HKLM-x32\...\{54F3375C-5F19-4DE6-957B-EDE4EFEA5F23}) (Version: 8.0.0 - onOne Software)
Private Internet Access v80 (HKLM-x32\...\{148169C2-5558-4C3E-B38A-7B1813A264CA}_is1) (Version: 80 - London Trust Media, Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.67.1226.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8339 - Realtek Semiconductor Corp.)
Revo Uninstaller Pro 3.2.0 (HKLM-x32\...\Revo Uninstaller Pro 3.2.0) (Version:  - )
RocketDock 1.3.5 (HKLM-x32\...\RocketDock_is1) (Version:  - Punk Software)
SDFormatter (HKLM-x32\...\{179324FF-7B16-4BA8-9836-055CAAEE4F08}) (Version: 4.0.0 - SD Association)
SHIELD Streaming (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv) (Version: 7.1.0280 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShieldWirelessController) (Version: 2.11.4.0 - NVIDIA Corporation) Hidden
SketchUp 2017 (HKLM\...\{F1E181BD-01D6-4754-92CC-DB8C259B9B28}) (Version: 17.0.18899 - Trimble, Inc.)
Sniper - Ghost Warrior 2 — Repacked by R.G. Revenants (HKLM-x32\...\Sniper - Ghost Warrior 2_R.G. Revenants) (Version: 3.4.1.4621 - City Interactive)
SolveigMM AVI Trimmer+ version 5.0.1509.11 (HKLM-x32\...\SolveigMM AVI Trimmer_is1) (Version: 5.0.1509.11 - Solveig Multimedia)
SolveigMM Video Splitter Business Edition (HKLM-x32\...\SolveigMM Video Splitter Business Edition 6.1.1611.7) (Version: 6.1.1611.7 - Solveig Multimedia)
Speccy (HKLM\...\Speccy) (Version: 1.32 - Piriform)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version:  - )
Star Trek Voyager Elite Force (HKLM-x32\...\Star Trek Voyager Elite Force) (Version:  - )
STAR WARS - The Force Unleashed II (HKLM-x32\...\STAR WARS - The Force Unleashed II_is1) (Version:  - )
Star wars Battlefront II version 1.3 (HKLM-x32\...\{2EF34761-F147-4984-8AF1-BB9F8DA76CDD}_is1) (Version: 1.3 - )
Star Wars Empire at War (HKLM-x32\...\{99AE7207-8612-4DBA-A8F8-BAE5C633390D}) (Version: 1.0 - LucasArts)
Star Wars: The Force Unleashed (HKLM-x32\...\Star Wars: The Force Unleashed_is1) (Version: 1.1 - Aspyr)
STAR WARS® - Knights of the Old Republic™ II - The Sith Lords (HKLM-x32\...\1421404581_is1) (Version: 2.0.0.2 - GOG.com)
Subtitle Edit 3.3.5 (HKLM-x32\...\SubtitleEdit_is1) (Version: 3.3.5.1862 - Nikse)
TagScanner 6.0.27 (HKLM-x32\...\TagScanner_is1) (Version:  - Sergey Serkov)
TAP-Windows 9.9.2 (HKLM\...\TAP-Windows) (Version: 9.9.2 - )
The Battle for Middle-earth ™ II (HKLM-x32\...\{2A9F95AB-65A3-432c-8631-B8BC5BF7477A}) (Version:  - )
The Lord of the Rings The Battle for Middle-Earth Collection MULTi9 - ElAmigos version 2.01 (HKLM-x32\...\{5EE9E528-FC92-4C4F-AEE4-BCAFA7A2F6CF}_is1) (Version: 2.01 - Electronic Arts)
The Lord of the Rings, The Rise of the Witch-king (HKLM-x32\...\{B931FB80-537A-4600-00AD-AC5DEDB6C25B}) (Version:  - )
Tixati (HKLM-x32\...\tixati) (Version:  - )
Tomb Raider GOTY version 1.1.748.0 (HKLM-x32\...\Tomb Raider GOTY_is1) (Version: 1.1.748.0 - Mr DJ)
Tomb Raider: Anniversary 1.0 (HKLM-x32\...\Tomb Raider: Anniversary) (Version:  - )
Tomb Raider: Legend 1.2 (HKLM-x32\...\Tomb Raider: Legend) (Version:  - )
Tomb Raider: Underworld 1.1 (HKLM-x32\...\Tomb Raider: Underworld) (Version:  - )
Tweaking.com - Windows Repair (HKLM-x32\...\Tweaking.com - Windows Repair) (Version: 4.0.19 - Tweaking.com)
VidCoder 2.31 Beta (x86) (HKLM-x32\...\VidCoder-Beta-x86_is1) (Version: 2.31 - RandomEngy)
VirtualCloneDrive (HKLM-x32\...\VirtualCloneDrive) (Version: 5.4.9.0 - Elaborate Bytes)
Vulkan Run Time Libraries 1.0.26.0 (HKLM\...\VulkanRT1.0.26.0) (Version: 1.0.26.0 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.3.1 (HKLM\...\VulkanRT1.0.3.1) (Version: 1.0.3.1 - LunarG, Inc.)
WIDCOMM Bluetooth Software (HKLM\...\{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}) (Version: 6.2.1.500 - Broadcom Corporation)
Win32DiskImager version 0.9.5 (HKLM-x32\...\{D074CE74-912A-4AD3-A0BF-3937D9D01F17}_is1) (Version: 0.9.5 - ImageWriter Developers)
Winamp (HKLM-x32\...\Winamp) (Version: 5.666  - Nullsoft, Inc)
Windows Driver Package - Broadcom Bluetooth  (06/15/2009 6.2.0.9000) (HKLM\...\6B8550A319DDC8B17F35F4A89988705E4592349B) (Version: 06/15/2009 6.2.0.9000 - Broadcom)
Windows Driver Package - Broadcom Bluetooth  (07/30/2009 6.2.0.9405) (HKLM\...\6B6B5E96843E55CF5CF8C7E45FB457F1FE642FF1) (Version: 07/30/2009 6.2.0.9405 - Broadcom)
Windows Driver Package - Broadcom HIDClass  (07/28/2009 6.2.0.9800) (HKLM\...\3BA80AB4C7E9F8497C115C844953A3D4BEB84D21) (Version: 07/28/2009 6.2.0.9800 - Broadcom)
WinRAR 4.00 (64-bit) (HKLM\...\WinRAR archiver) (Version: 4.00.0 - win.rar GmbH)
World in Conflict (HKLM-x32\...\World in Conflict) (Version: 1.011 - Ubisoft)
 
==================== Custom CLSID (Whitelisted): ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
ShellIconOverlayIdentifiers: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.22.0.dll [2018-06-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.22.0.dll [2018-06-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.22.0.dll [2018-06-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.22.0.dll [2018-06-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.22.0.dll [2018-06-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.22.0.dll [2018-06-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.22.0.dll [2018-06-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.22.0.dll [2018-06-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.22.0.dll [2018-06-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.22.0.dll [2018-06-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   IDM Shell Extension] -> {CDC95B92-E27C-4745-A8C5-64A52A78855D} => C:\Program Files (x86)\Internet Download Manager\IDMShellExt64.dll [2015-08-14] (Tonec Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.22.0.dll [2018-06-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.22.0.dll [2018-06-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.22.0.dll [2018-06-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.22.0.dll [2018-06-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.22.0.dll [2018-06-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.22.0.dll [2018-06-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.22.0.dll [2018-06-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.22.0.dll [2018-06-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.22.0.dll [2018-06-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.22.0.dll [2018-06-04] (Dropbox, Inc.)
ContextMenuHandlers1-x32: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files (x86)\7-Zip\7-zip.dll [2015-11-19] (Igor Pavlov)
ContextMenuHandlers1-x32: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.22.0.dll [2018-06-04] (Dropbox, Inc.)
ContextMenuHandlers1-x32: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Smart Security\shellExt.dll [2018-04-19] (ESET)
ContextMenuHandlers1-x32: [LockHunterShellExt] -> {0BB27CDA-7029-4C0E-9C56-D922B229F0EB} => C:\Program Files\LockHunter\LHShellExt64.dll [2013-11-21] (Crystal Rich Ltd)
ContextMenuHandlers1-x32: [VirtualCloneDrive] -> {B7056B8E-4F99-44f8-8CBD-282390FE5428} => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\ElbyVCDShell1.dll [2009-12-14] (Elaborate Bytes AG)
ContextMenuHandlers1-x32: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2011-03-02] ()
ContextMenuHandlers1-x32-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2011-03-02] ()
ContextMenuHandlers2: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Smart Security\shellExt.dll [2018-04-19] (ESET)
ContextMenuHandlers2: [LockHunterShellExt] -> {0BB27CDA-7029-4C0E-9C56-D922B229F0EB} => C:\Program Files\LockHunter\LHShellExt64.dll [2013-11-21] (Crystal Rich Ltd)
ContextMenuHandlers2: [VirtualCloneDrive] -> {B7056B8E-4F99-44f8-8CBD-282390FE5428} => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\ElbyVCDShell1.dll [2009-12-14] (Elaborate Bytes AG)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-05-09] (Malwarebytes)
ContextMenuHandlers4-x32: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files (x86)\7-Zip\7-zip.dll [2015-11-19] (Igor Pavlov)
ContextMenuHandlers4-x32: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.22.0.dll [2018-06-04] (Dropbox, Inc.)
ContextMenuHandlers4-x32: [LockHunterShellExt] -> {0BB27CDA-7029-4C0E-9C56-D922B229F0EB} => C:\Program Files\LockHunter\LHShellExt64.dll [2013-11-21] (Crystal Rich Ltd)
ContextMenuHandlers4-x32: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2011-03-02] ()
ContextMenuHandlers4-x32-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2011-03-02] ()
ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.22.0.dll [2018-06-04] (Dropbox, Inc.)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2018-05-07] (NVIDIA Corporation)
ContextMenuHandlers6-x32: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files (x86)\7-Zip\7-zip.dll [2015-11-19] (Igor Pavlov)
ContextMenuHandlers6-x32: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Smart Security\shellExt.dll [2018-04-19] (ESET)
ContextMenuHandlers6-x32: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-05-09] (Malwarebytes)
ContextMenuHandlers6-x32: [RUShellExt] -> {2C5515DC-2A7E-4BFD-B813-CACC2B685EB7} => C:\Program Files\Revo Uninstaller Pro\RUExt.dll [2016-12-14] (VS Revo Group)
ContextMenuHandlers6-x32: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2011-03-02] ()
ContextMenuHandlers6-x32-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2011-03-02] ()
 
==================== Scheduled Tasks (Whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {35A211AB-6D3B-4078-B5B6-9F2E85876676} - System32\Tasks\HFS+ Updater => C:\Program Files (x86)\Paragon Software\HFS+ for Windows\updater\Updater.exe [2016-08-25] (Paragon Software Group)
Task: {3E31366C-E675-44C5-8BC0-6CECADC0704F} - System32\Tasks\klcp_update => C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe [2018-04-11] ()
Task: {40C324BC-D7AD-4882-9673-8F3018FA8405} - System32\Tasks\Tweaking.com - Windows Repair Tray Icon => C:\Program Files (x86)\Tweaking.com\Windows Repair (All in One)\WR_Tray_Icon.exe [2017-05-02] (Tweaking.com)
Task: {425C10DD-2470-48C2-BE24-5F9771B87385} - System32\Tasks\HFS+ Activator => C:\Program Files (x86)\Paragon Software\HFS+ for Windows\activation\OnlineActivator.exe [2016-11-15] (Paragon Software)
Task: {44F446AE-529D-481A-BB08-A900F3A53B41} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_27_0_0_130_pepper.exe
Task: {574D6353-DED6-45DC-BD0C-0D75768F3630} - System32\Tasks\EPSON XP-320 Series Update {2F5A4C44-C787-4243-BF67-47A7A6576221} => C:\Windows\system32\spool\DRIVERS\x64\3\E_YTSNBE.EXE [2013-11-22] (SEIKO EPSON CORPORATION)
Task: {598F1E22-D974-4931-BA4E-1185077E61C9} - System32\Tasks\Private Internet Access Startup => C:/Program Files/pia_manager/pia_manager.exe [2018-05-22] ()
Task: {5A5E1C32-CA20-4DB2-AE5A-C67104C2E8CE} - System32\Tasks\Driver Booster SkipUAC (SkyNet) => C:\Program Files (x86)\IObit\Driver Booster\4.0.4\DriverBooster.exe [2016-10-09] (IObit)
Task: {74A5618A-58B9-49F2-8AAE-D60EB9997BDA} - System32\Tasks\EPSON XP-320 Series Update {9EE9851F-1ACE-4793-8F9F-F6086C9F532B} => C:\Windows\system32\spool\DRIVERS\x64\3\E_YTSNBE.EXE [2013-11-22] (SEIKO EPSON CORPORATION)
Task: {784298BF-2A08-41E5-82FC-C7AB0A863860} - System32\Tasks\Driver Booster Scheduler => C:\Program Files (x86)\IObit\Driver Booster\4.0.4\Scheduler.exe [2016-09-20] (IObit)
Task: {79C655A7-B86E-480A-A906-6D51938C93AE} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-12-23] (Google Inc.)
Task: {B4501B30-6D73-49B8-9145-05858DA45F6E} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-12-24] (Dropbox, Inc.)
Task: {BBCD4906-AD2E-4AC3-AF14-89B0ABC94F44} - System32\Tasks\AdobeGCInvoker-1.0-SKYNET-SYSTEMS-SkyNet => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2018-05-11] (Adobe Systems, Incorporated)
Task: {BE763E74-85F7-4612-B459-06BD2D5EB115} - System32\Tasks\Intel\Intel Telemetry 2 => C:\Program Files\Intel\Telemetry 2.0\lrio.exe [2016-03-17] (Intel Corporation)
Task: {CE3C1698-CD65-49E2-AB60-D2231AA5D0E5} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-12-23] (Google Inc.)
Task: {DCA0EAAC-887C-433D-BDEB-13FAA45979E0} - System32\Tasks\USER_ESRV_SVC_QUEENCREEK => "C:\Windows\System32\Wscript.exe" //B //NoLogo "C:\Program Files\Intel\SUR\QUEENCREEK\task.vbs"
Task: {E3942701-4DA4-446F-A47A-4884A026C1B3} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-12-24] (Dropbox, Inc.)
Task: {F839542E-ABE6-4270-A40A-8DC32F621586} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-02-09] (Adobe Systems Incorporated)
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
 
==================== Shortcuts & WMI ========================
 
(The entries could be listed to be restored or removed.)
 
 
==================== Loaded Modules (Whitelisted) ==============
 
2016-03-20 12:45 - 2018-05-22 10:23 - 016129048 _____ () C:\Program Files\pia_manager\pia_manager.exe
2013-03-28 22:31 - 2013-03-28 22:31 - 000210944 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.PerformanceTuning.dll
2012-09-23 13:53 - 2012-09-23 13:53 - 000748544 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Device.dll
2012-09-23 13:53 - 2012-09-23 13:53 - 003645952 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Platform.dll
2013-03-28 22:30 - 2013-03-28 22:30 - 000073728 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.Wlan.dll
2016-09-23 14:55 - 2016-11-15 07:52 - 001356624 _____ () C:\Program Files (x86)\Paragon Software\HFS+ for Windows\apmwinsrv.exe
2017-01-11 19:06 - 2016-08-25 13:28 - 000367552 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\MessageBus.dll
2017-01-11 19:06 - 2016-08-25 13:28 - 001147328 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\libprotobuf.dll
2017-01-11 19:06 - 2016-08-25 13:28 - 003611584 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Poco.dll
2017-01-11 19:06 - 2016-08-25 13:28 - 000288192 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamBase.dll
2016-11-17 22:05 - 2016-11-17 22:05 - 000156928 _____ () C:\Program Files\Intel Driver Update Utility\SUR\SurSvc.exe
2015-12-24 08:31 - 2007-09-02 13:58 - 000495616 _____ () C:\Program Files (x86)\RocketDock\RocketDock.exe
2018-05-30 17:01 - 2018-06-08 17:16 - 002493648 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll
2018-05-30 17:01 - 2018-06-08 17:16 - 002297040 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\SelfProtectionSdk.dll
2017-01-11 19:06 - 2016-08-25 13:28 - 001988544 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\NvPortForwardPlugin.dll
2017-01-11 19:06 - 2016-08-25 13:28 - 002665920 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\NvMdnsPlugin.dll
2017-01-11 19:06 - 2016-08-25 13:28 - 001840576 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\RtspPlugin.dll
2017-01-11 19:06 - 2016-08-25 13:28 - 000207296 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\RtspServer.dll
2017-01-11 19:06 - 2016-08-25 13:28 - 000034240 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\boost_system-vc120-mt-1_58.dll
2017-01-11 19:06 - 2016-08-25 13:28 - 000920000 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\boost_regex-vc120-mt-1_58.dll
2017-01-09 18:08 - 2016-11-17 22:14 - 000730880 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\esrv.exe
2017-01-09 18:08 - 2016-11-17 22:18 - 001981184 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\intel_modeler.dll
2017-01-09 18:08 - 2016-11-17 22:12 - 000237824 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\foreground_window_input.dll
2017-01-09 18:08 - 2016-11-17 22:08 - 000217344 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\intel_user_waiting_input.dll
2016-03-20 12:45 - 2018-05-22 10:23 - 000696600 _____ () C:\Program Files\pia_manager\openvpn.exe
2016-03-20 12:45 - 2018-05-22 10:23 - 000199736 _____ () C:\Program Files\pia_manager\liblzo2-2.dll
2016-03-20 12:45 - 2018-05-22 10:23 - 000114304 _____ () C:\Program Files\pia_manager\libpkcs11-helper-1.dll
2016-03-20 12:45 - 2018-05-22 10:23 - 000148248 _____ () C:\Program Files\pia_manager\pia-openvpn.dll
2013-09-17 00:58 - 2013-09-17 18:58 - 000920736 _____ () C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe
2017-01-09 18:08 - 2016-11-17 22:16 - 000805632 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\esrv_svc.exe
2017-01-09 18:08 - 2016-11-17 22:11 - 000247552 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\acpi_battery_input.dll
2017-01-09 18:08 - 2016-11-17 22:10 - 000212736 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\wifi_input.dll
2017-01-09 18:08 - 2016-11-17 22:11 - 000174848 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\devices_use_input.dll
2017-01-09 18:08 - 2016-11-17 22:10 - 000203520 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\intel_system_power_state_input.dll
2017-01-09 18:08 - 2016-11-17 22:09 - 000206592 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\intel_disktrace_input.dll
2017-01-09 18:08 - 2016-11-17 22:09 - 000336640 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\intel_process_input.dll
2017-01-09 18:08 - 2016-11-17 22:06 - 000147712 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\intel_winstat_input.dll
2017-01-09 18:08 - 2016-11-17 22:11 - 000213248 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\sema_thermal_input.dll
2017-01-09 18:08 - 2016-11-17 22:07 - 000229120 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\intel_quality_and_reliability_input.dll
2017-01-09 18:08 - 2016-11-17 22:08 - 000224000 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\intel_sampler_input.dll
2017-01-09 18:08 - 2016-11-17 22:06 - 000211712 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\intel_stress_odometer_input.dll
2017-01-09 18:08 - 2016-11-17 22:08 - 000219904 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\intel_turbo_input.dll
2012-08-27 21:33 - 2012-08-27 21:33 - 000087912 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2012-08-27 21:33 - 2012-08-27 21:33 - 001242512 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2017-01-11 19:06 - 2016-08-25 13:28 - 000018880 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2015-12-24 08:31 - 2007-09-02 13:57 - 000069632 _____ () C:\Program Files (x86)\RocketDock\RocketDock.dll
2018-06-05 15:01 - 2018-06-04 00:18 - 001107272 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_watchdog.dll
2018-06-05 15:01 - 2018-06-04 00:18 - 002079048 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_crashpad.dll
2015-12-24 08:30 - 2018-06-04 00:21 - 000106816 _____ () C:\Program Files (x86)\Dropbox\Client\_ctypes.pyd
2015-12-24 08:30 - 2018-06-04 00:20 - 000025408 _____ () C:\Program Files (x86)\Dropbox\Client\select.pyd
2015-12-24 08:30 - 2018-06-04 00:20 - 000020808 _____ () C:\Program Files (x86)\Dropbox\Client\tornado.speedups.pyd
2015-12-24 08:30 - 2018-06-04 00:21 - 000042312 _____ () C:\Program Files (x86)\Dropbox\Client\_multiprocessing.pyd
2015-12-24 08:30 - 2018-06-04 00:20 - 000700736 _____ () C:\Program Files (x86)\Dropbox\Client\unicodedata.pyd
2018-06-05 15:01 - 2018-06-04 00:19 - 000021856 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._constant_time.pyd
2015-12-24 08:30 - 2018-06-04 00:21 - 000137032 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_backend.pyd
2018-06-05 15:01 - 2018-06-04 00:19 - 001845600 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._openssl.pyd
2018-06-05 15:01 - 2018-06-04 00:19 - 000022880 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._padding.pyd
2018-06-05 15:01 - 2018-06-04 00:20 - 000123200 _____ () C:\Program Files (x86)\Dropbox\Client\pywintypes27.dll
2015-12-24 08:30 - 2018-06-04 00:20 - 000112448 _____ () C:\Program Files (x86)\Dropbox\Client\win32api.pyd
2016-08-05 18:18 - 2018-06-04 00:21 - 000022872 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.crt.compiled._winffi_crt.pyd
2018-06-05 15:01 - 2018-06-04 00:19 - 000063312 _____ () C:\Program Files (x86)\Dropbox\Client\psutil._psutil_windows.pyd
2015-12-24 08:30 - 2018-06-04 00:20 - 000031040 _____ () C:\Program Files (x86)\Dropbox\Client\win32event.pyd
2018-06-05 15:01 - 2018-06-04 00:19 - 000077120 _____ () C:\Program Files (x86)\Dropbox\Client\fastpath.pyd
2018-06-05 15:01 - 2018-06-04 00:20 - 000399168 _____ () C:\Program Files (x86)\Dropbox\Client\pythoncom27.dll
2015-12-24 08:30 - 2018-06-04 00:21 - 000049984 _____ () C:\Program Files (x86)\Dropbox\Client\win32process.pyd
2018-06-05 15:01 - 2018-06-04 00:19 - 000027456 _____ () C:\Program Files (x86)\Dropbox\Client\mmapfile.pyd
2015-12-24 08:30 - 2018-06-04 00:20 - 000131392 _____ () C:\Program Files (x86)\Dropbox\Client\win32file.pyd
2015-12-24 08:30 - 2018-06-04 00:21 - 000120648 _____ () C:\Program Files (x86)\Dropbox\Client\win32security.pyd
2015-12-24 08:30 - 2018-06-04 00:20 - 000392520 _____ () C:\Program Files (x86)\Dropbox\Client\win32com.shell.shell.pyd
2016-08-05 18:18 - 2018-06-04 00:21 - 000028000 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.kernel32.compiled._winffi_kernel32.pyd
2015-12-24 08:30 - 2018-06-04 00:20 - 000030536 _____ () C:\Program Files (x86)\Dropbox\Client\win32clipboard.pyd
2015-12-24 08:30 - 2018-06-04 00:20 - 000182080 _____ () C:\Program Files (x86)\Dropbox\Client\win32gui.pyd
2015-12-24 08:30 - 2018-06-04 00:20 - 000036672 _____ () C:\Program Files (x86)\Dropbox\Client\win32pipe.pyd
2017-09-21 10:59 - 2018-06-04 00:20 - 000032576 _____ () C:\Program Files (x86)\Dropbox\Client\win32job.pyd
2015-12-24 08:30 - 2018-06-04 00:21 - 000055104 _____ () C:\Program Files (x86)\Dropbox\Client\win32service.pyd
2015-12-24 08:30 - 2018-06-04 00:20 - 000064320 _____ () C:\Program Files (x86)\Dropbox\Client\win32evtlog.pyd
2017-09-08 12:35 - 2018-06-04 00:21 - 000023376 _____ () C:\Program Files (x86)\Dropbox\Client\winshell.compiled._winshell.pyd
2018-06-05 15:01 - 2018-06-04 00:19 - 000021840 _____ () C:\Program Files (x86)\Dropbox\Client\cpuid.compiled._cpuid.pyd
2018-06-05 15:01 - 2018-06-04 00:19 - 000022864 _____ () C:\Program Files (x86)\Dropbox\Client\crashpad.compiled._Crashpad.pyd
2017-05-17 15:33 - 2018-06-04 00:21 - 000066400 _____ () C:\Program Files (x86)\Dropbox\Client\winenumhandles.compiled._WinEnumHandles.pyd
2015-12-24 08:30 - 2018-06-04 00:21 - 000025440 _____ () C:\Program Files (x86)\Dropbox\Client\winscreenshot.compiled._CaptureScreenshot.pyd
2018-06-05 15:01 - 2018-06-04 00:19 - 000152384 _____ () C:\Program Files (x86)\Dropbox\Client\pyexpat.pyd
2018-06-05 15:01 - 2018-06-04 00:20 - 003863880 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWidgets.pyd
2015-12-24 08:30 - 2018-06-04 00:20 - 000091448 _____ () C:\Program Files (x86)\Dropbox\Client\sip.pyd
2018-06-05 15:01 - 2018-06-04 00:20 - 001798464 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtCore.pyd
2018-06-05 15:01 - 2018-06-04 00:20 - 001959232 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtGui.pyd
2015-12-24 08:30 - 2018-06-04 00:21 - 000035136 _____ () C:\Program Files (x86)\Dropbox\Client\win32ts.pyd
2018-06-05 15:01 - 2018-06-04 00:20 - 000155472 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngineWidgets.pyd
2018-06-05 15:01 - 2018-06-04 00:20 - 000521544 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtNetwork.pyd
2018-06-05 15:01 - 2018-06-04 00:20 - 000051024 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngineCore.pyd
2018-06-05 15:01 - 2018-06-04 00:20 - 000043336 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebChannel.pyd
2018-06-05 15:01 - 2018-06-04 00:20 - 000131400 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKit.pyd
2018-06-05 15:01 - 2018-06-04 00:20 - 000219984 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKitWidgets.pyd
2018-06-05 15:01 - 2018-06-04 00:20 - 000204104 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtPrintSupport.pyd
2015-12-24 08:30 - 2018-06-04 00:21 - 000067392 _____ () C:\Program Files (x86)\Dropbox\Client\win32print.pyd
2017-02-27 15:01 - 2018-06-04 00:21 - 000054616 _____ () C:\Program Files (x86)\Dropbox\Client\winrpcserver.compiled._RPCServer.pyd
2015-12-24 08:30 - 2018-06-04 00:21 - 000030528 _____ () C:\Program Files (x86)\Dropbox\Client\win32profile.pyd
2017-01-20 09:53 - 2018-06-04 00:21 - 000022880 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.user32.compiled._winffi_user32.pyd
2017-01-20 09:53 - 2018-06-04 00:21 - 000022368 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.iphlpapi.compiled._winffi_iphlpapi.pyd
2017-01-20 09:53 - 2018-06-04 00:21 - 000021856 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winerror.compiled._winffi_winerror.pyd
2017-01-20 09:53 - 2018-06-04 00:21 - 000022368 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.wininet.compiled._winffi_wininet.pyd
2018-06-05 15:01 - 2018-06-04 00:19 - 000027496 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox.infinite.win.compiled._driverinstallation.pyd
2015-12-24 08:30 - 2018-06-04 00:21 - 000355648 _____ () C:\Program Files (x86)\Dropbox\Client\winxpgui.pyd
2016-02-18 19:36 - 2018-06-04 00:21 - 000023904 _____ () C:\Program Files (x86)\Dropbox\Client\winverifysignature.compiled._VerifySignature.pyd
2018-06-05 15:01 - 2018-06-04 00:19 - 000025432 _____ () C:\Program Files (x86)\Dropbox\Client\librsyncffi.compiled._librsyncffi.pyd
2018-06-05 15:01 - 2018-06-04 00:18 - 000036312 _____ () C:\Program Files (x86)\Dropbox\Client\librsync.dll
2018-01-11 15:36 - 2018-06-04 00:21 - 000021856 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.advapi32.compiled._winffi_advapi32.pyd
2018-06-05 15:01 - 2018-06-04 00:19 - 000181064 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_sqlite_ext.DLL
2016-07-11 14:11 - 2018-06-04 00:21 - 000030544 _____ () C:\Program Files (x86)\Dropbox\Client\wind3d11.compiled._wind3d11.pyd
2018-06-05 15:01 - 2018-06-04 00:19 - 000024384 _____ () C:\Program Files (x86)\Dropbox\Client\libEGL.DLL
2018-06-05 15:01 - 2018-06-04 00:19 - 001638208 _____ () C:\Program Files (x86)\Dropbox\Client\libGLESv2.dll
2016-08-05 18:18 - 2018-06-04 00:21 - 000026464 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winhttp.compiled._winffi_winhttp.pyd
2018-06-05 15:01 - 2018-06-04 00:20 - 000546632 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQuick.pyd
2018-06-05 15:01 - 2018-06-04 00:20 - 000359744 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQml.pyd
2018-06-10 18:49 - 2018-06-10 18:49 - 000521228 _____ () C:\Users\SkyNet\AppData\Local\Temp\ocr5EE1.tmp\bin\ruby_builtin_dlls\libgmp-10.dll
2018-06-10 18:49 - 2018-06-10 18:49 - 000121524 _____ () C:\Users\SkyNet\AppData\Local\Temp\ocr5EE1.tmp\bin\ruby_builtin_dlls\libgcc_s_dw2-1.dll
2018-06-10 18:49 - 2018-06-10 18:50 - 000023294 _____ () C:\Users\SkyNet\AppData\Local\Temp\ocr5EE1.tmp\lib\ruby\2.4.0\i386-mingw32\enc\encdb.so
2018-06-10 18:49 - 2018-06-10 18:50 - 000025094 _____ () C:\Users\SkyNet\AppData\Local\Temp\ocr5EE1.tmp\lib\ruby\2.4.0\i386-mingw32\enc\trans\transdb.so
2018-06-10 18:49 - 2018-06-10 18:50 - 000020138 _____ () C:\Users\SkyNet\AppData\Local\Temp\ocr5EE1.tmp\lib\ruby\2.4.0\i386-mingw32\enc\windows_1252.so
2018-06-10 18:49 - 2018-06-10 18:49 - 000042802 _____ () C:\Users\SkyNet\AppData\Local\Temp\ocr5EE1.tmp\lib\ruby\2.4.0\i386-mingw32\stringio.so
2018-06-10 18:49 - 2018-06-10 18:49 - 000076988 _____ () C:\Users\SkyNet\AppData\Local\Temp\ocr5EE1.tmp\lib\ruby\2.4.0\i386-mingw32\fiddle.so
2018-06-10 18:49 - 2018-06-10 18:49 - 000034874 _____ () C:\Users\SkyNet\AppData\Local\Temp\ocr5EE1.tmp\bin\ruby_builtin_dlls\libffi-6.dll
2018-06-10 18:49 - 2018-06-10 18:50 - 000019080 _____ () C:\Users\SkyNet\AppData\Local\Temp\ocr5EE1.tmp\lib\ruby\2.4.0\i386-mingw32\enc\utf_16le.so
2018-06-10 18:49 - 2018-06-10 18:50 - 000024071 _____ () C:\Users\SkyNet\AppData\Local\Temp\ocr5EE1.tmp\lib\ruby\2.4.0\i386-mingw32\enc\trans\utf_16_32.so
2018-06-10 18:49 - 2018-06-10 18:50 - 000107527 _____ () C:\Users\SkyNet\AppData\Local\Temp\ocr5EE1.tmp\lib\ruby\2.4.0\i386-mingw32\enc\trans\single_byte.so
2018-06-10 18:49 - 2018-06-10 18:49 - 000086447 _____ () C:\Users\SkyNet\AppData\Local\Temp\ocr5EE1.tmp\src\build\windows\pia_manager\bin\rgloader\rgloader24.mingw.so
2018-06-10 18:49 - 2018-06-10 18:49 - 000164238 _____ () C:\Users\SkyNet\AppData\Local\Temp\ocr5EE1.tmp\lib\ruby\2.4.0\i386-mingw32\socket.so
2018-06-10 18:49 - 2018-06-10 18:49 - 000020278 _____ () C:\Users\SkyNet\AppData\Local\Temp\ocr5EE1.tmp\lib\ruby\2.4.0\i386-mingw32\io\wait.so
2018-06-10 18:49 - 2018-06-10 18:49 - 000036004 _____ () C:\Users\SkyNet\AppData\Local\Temp\ocr5EE1.tmp\lib\ruby\2.4.0\i386-mingw32\json\ext\parser.so
2018-06-10 18:49 - 2018-06-10 18:49 - 000043738 _____ () C:\Users\SkyNet\AppData\Local\Temp\ocr5EE1.tmp\lib\ruby\2.4.0\i386-mingw32\json\ext\generator.so
2018-06-10 18:49 - 2018-06-10 18:49 - 000023715 _____ () C:\Users\SkyNet\AppData\Local\Temp\ocr5EE1.tmp\lib\ruby\2.4.0\i386-mingw32\etc.so
2018-06-10 18:50 - 2018-06-10 18:50 - 000238686 _____ () C:\Users\SkyNet\AppData\Local\Temp\ocr5EE1.tmp\lib\ruby\gems\2.4.0\gems\ffi-1.9.23-x86-mingw32\lib\2.4\ffi_c.so
2018-06-10 18:49 - 2018-06-10 18:49 - 000204591 _____ () C:\Users\SkyNet\AppData\Local\Temp\ocr5EE1.tmp\lib\ruby\2.4.0\i386-mingw32\date_core.so
2018-06-10 18:50 - 2018-06-10 18:50 - 000521228 _____ () C:\Users\SkyNet\AppData\Local\Temp\ocrFA84.tmp\bin\ruby_builtin_dlls\libgmp-10.dll
2018-06-10 18:50 - 2018-06-10 18:50 - 000121524 _____ () C:\Users\SkyNet\AppData\Local\Temp\ocrFA84.tmp\bin\ruby_builtin_dlls\libgcc_s_dw2-1.dll
2018-06-10 18:50 - 2018-06-10 18:50 - 000023294 _____ () C:\Users\SkyNet\AppData\Local\Temp\ocrFA84.tmp\lib\ruby\2.4.0\i386-mingw32\enc\encdb.so
2018-06-10 18:50 - 2018-06-10 18:50 - 000025094 _____ () C:\Users\SkyNet\AppData\Local\Temp\ocrFA84.tmp\lib\ruby\2.4.0\i386-mingw32\enc\trans\transdb.so
2018-06-10 18:50 - 2018-06-10 18:50 - 000020138 _____ () C:\Users\SkyNet\AppData\Local\Temp\ocrFA84.tmp\lib\ruby\2.4.0\i386-mingw32\enc\windows_1252.so
2018-06-10 18:50 - 2018-06-10 18:50 - 000042802 _____ () C:\Users\SkyNet\AppData\Local\Temp\ocrFA84.tmp\lib\ruby\2.4.0\i386-mingw32\stringio.so
2018-06-10 18:50 - 2018-06-10 18:50 - 000076988 _____ () C:\Users\SkyNet\AppData\Local\Temp\ocrFA84.tmp\lib\ruby\2.4.0\i386-mingw32\fiddle.so
2018-06-10 18:50 - 2018-06-10 18:50 - 000034874 _____ () C:\Users\SkyNet\AppData\Local\Temp\ocrFA84.tmp\bin\ruby_builtin_dlls\libffi-6.dll
2018-06-10 18:50 - 2018-06-10 18:50 - 000019080 _____ () C:\Users\SkyNet\AppData\Local\Temp\ocrFA84.tmp\lib\ruby\2.4.0\i386-mingw32\enc\utf_16le.so
2018-06-10 18:50 - 2018-06-10 18:50 - 000024071 _____ () C:\Users\SkyNet\AppData\Local\Temp\ocrFA84.tmp\lib\ruby\2.4.0\i386-mingw32\enc\trans\utf_16_32.so
2018-06-10 18:50 - 2018-06-10 18:50 - 000107527 _____ () C:\Users\SkyNet\AppData\Local\Temp\ocrFA84.tmp\lib\ruby\2.4.0\i386-mingw32\enc\trans\single_byte.so
2018-06-10 18:50 - 2018-06-10 18:50 - 000086447 _____ () C:\Users\SkyNet\AppData\Local\Temp\ocrFA84.tmp\src\build\windows\pia_manager\bin\rgloader\rgloader24.mingw.so
2018-06-10 18:50 - 2018-06-10 18:50 - 000164238 _____ () C:\Users\SkyNet\AppData\Local\Temp\ocrFA84.tmp\lib\ruby\2.4.0\i386-mingw32\socket.so
2018-06-10 18:50 - 2018-06-10 18:50 - 000020278 _____ () C:\Users\SkyNet\AppData\Local\Temp\ocrFA84.tmp\lib\ruby\2.4.0\i386-mingw32\io\wait.so
2018-06-10 18:50 - 2018-06-10 18:50 - 000036004 _____ () C:\Users\SkyNet\AppData\Local\Temp\ocrFA84.tmp\lib\ruby\2.4.0\i386-mingw32\json\ext\parser.so
2018-06-10 18:50 - 2018-06-10 18:50 - 000043738 _____ () C:\Users\SkyNet\AppData\Local\Temp\ocrFA84.tmp\lib\ruby\2.4.0\i386-mingw32\json\ext\generator.so
2018-06-10 18:50 - 2018-06-10 18:50 - 000023715 _____ () C:\Users\SkyNet\AppData\Local\Temp\ocrFA84.tmp\lib\ruby\2.4.0\i386-mingw32\etc.so
2018-06-10 18:50 - 2018-06-10 18:50 - 000238686 _____ () C:\Users\SkyNet\AppData\Local\Temp\ocrFA84.tmp\lib\ruby\gems\2.4.0\gems\ffi-1.9.23-x86-mingw32\lib\2.4\ffi_c.so
2018-06-10 18:50 - 2018-06-10 18:50 - 000204591 _____ () C:\Users\SkyNet\AppData\Local\Temp\ocrFA84.tmp\lib\ruby\2.4.0\i386-mingw32\date_core.so
2018-06-10 18:50 - 2018-06-10 18:50 - 000096686 _____ () C:\Users\SkyNet\AppData\Local\Temp\ocrFA84.tmp\lib\ruby\2.4.0\i386-mingw32\zlib.so
2018-06-10 18:50 - 2018-06-10 18:50 - 000098626 _____ () C:\Users\SkyNet\AppData\Local\Temp\ocrFA84.tmp\bin\ruby_builtin_dlls\zlib1.dll
2018-06-10 18:50 - 2018-06-10 18:50 - 000023870 _____ () C:\Users\SkyNet\AppData\Local\Temp\ocrFA84.tmp\lib\ruby\2.4.0\i386-mingw32\enc\windows_31j.so
2018-06-10 18:50 - 2018-06-10 18:50 - 000433264 _____ () C:\Users\SkyNet\AppData\Local\Temp\ocrFA84.tmp\lib\ruby\2.4.0\i386-mingw32\openssl.so
2018-06-10 18:50 - 2018-06-10 18:50 - 000027213 _____ () C:\Users\SkyNet\AppData\Local\Temp\ocrFA84.tmp\lib\ruby\2.4.0\i386-mingw32\digest.so
2018-06-10 18:50 - 2018-06-10 18:50 - 000018967 _____ () C:\Users\SkyNet\AppData\Local\Temp\ocrFA84.tmp\lib\ruby\2.4.0\i386-mingw32\io\nonblock.so
2018-06-10 18:50 - 2018-06-10 18:50 - 000024368 _____ () C:\Users\SkyNet\AppData\Local\Temp\ocrFA84.tmp\lib\ruby\2.4.0\i386-mingw32\cgi\escape.so
2018-06-05 15:33 - 2018-05-22 10:23 - 000096920 _____ () C:\Program Files\pia_manager\packet_filter.dll
2018-06-05 15:33 - 2018-05-22 10:23 - 001287960 _____ () C:\Program Files\pia_manager\nwjs\ffmpeg.dll
2018-06-05 15:33 - 2018-05-22 10:22 - 002232832 _____ () C:\Program Files\pia_manager\nwjs\swiftshader\libglesv2.dll
2018-06-05 15:33 - 2018-05-22 10:22 - 000101888 _____ () C:\Program Files\pia_manager\nwjs\swiftshader\libegl.dll
2018-06-05 15:33 - 2018-05-22 10:23 - 005968664 _____ () C:\Program Files\pia_manager\nwjs\node.dll
2015-12-23 20:04 - 2018-06-10 18:51 - 000035840 _____ () C:\Program Files (x86)\ASUS\AXSP\1.00.19\PEbiosinterface32.dll
2015-12-23 20:04 - 2010-06-29 10:58 - 000104448 _____ () C:\Program Files (x86)\ASUS\AXSP\1.00.19\ATKEX.dll
 
==================== Alternate Data Streams (Whitelisted) =========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 
 
==================== Safe Mode (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppXSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BFE => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BITS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\camsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ClipSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\dps => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\lfsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MpsSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\msiserver => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\semgrsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SharedAccess => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\shellhwdetection => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TokenBroker => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRemoveSafeBoot => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vss => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WSService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AppXSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BITS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\camsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ClipSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\dps => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\lfsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\msiserver => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SamSs => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\semgrsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\shellhwdetection => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\srv => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\srv2 => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\srvnet => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TokenBroker => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRemoveSafeBoot => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vss => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WSService => ""="Service"
 
==================== Association (Whitelisted) ===============
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
 
 
==================== Internet Explorer trusted/restricted ===============
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
 
==================== Hosts content: ==========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2015-12-25 23:50 - 2018-01-12 11:15 - 000001298 _____ C:\Windows\system32\Drivers\etc\hosts
 
127.0.0.1 na1r.services.adobe.com
127.0.0.1 hlrcv.stage.adobe.com
127.0.0.1 practivate.adobe.com 
127.0.0.1 activate.adobe.com
127.0.0.1                   lmlicenses.wip4.adobe.com
127.0.0.1                   lm.licenses.adobe.com
127.0.0.1 16.217.0.0
127.0.0.1 rosettastone.com
127.0.0.1 launch.rosettastone.com
127.0.0.1 amp.rosettastone.com
127.0.0.1 resources.rosettastone.com
127.0.0.1 updates.rosettastone.com
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-407761387-3444271927-348064540-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\SkyNet\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 209.222.18.222 - 209.222.18.218
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth.lnk => C:\Windows\pss\Bluetooth.lnk.CommonStartup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: EPLTarget => 
MSCONFIG\startupreg: ShadowPlay => "C:\Windows\system32\rundll32.exe" C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
MSCONFIG\startupreg: StartCN => "C:\Program Files\AMD\CNext\CNext\cnext.exe" atlogon
 
==================== FirewallRules (Whitelisted) ===============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [{FB7C27F5-BB80-4ED8-A52E-F204BD37C316}] => (Block) C:\program files\onone software\perfect photo suite 8\perfect photo suite 8.exe
FirewallRules: [{9542AAF1-188F-4C71-861A-E752ABC11CFA}] => (Block) C:\program files\onone software\perfect photo suite 8\perfect photo suite 8.exe
FirewallRules: [UDP Query User{1CCE33FB-AEEA-4ED8-AF19-C2B396B5D814}C:\program files\onone software\perfect photo suite 8\perfect photo suite 8.exe] => (Allow) C:\program files\onone software\perfect photo suite 8\perfect photo suite 8.exe
FirewallRules: [TCP Query User{E1342536-15D0-452F-8FF9-EF3578728F2D}C:\program files\onone software\perfect photo suite 8\perfect photo suite 8.exe] => (Allow) C:\program files\onone software\perfect photo suite 8\perfect photo suite 8.exe
FirewallRules: [{5175D9CD-A3FD-4EF4-A80D-AA46C01BD890}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe
FirewallRules: [{6E5EF3EA-31F2-402C-B458-BB016DB34BB0}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe
FirewallRules: [UDP Query User{B378563C-33B4-49E2-912D-D7C231DB1E6F}C:\program files\tixati\tixati.exe] => (Allow) C:\program files\tixati\tixati.exe
FirewallRules: [TCP Query User{AE11614C-C137-4DF6-86D1-F4C76816BD63}C:\program files\tixati\tixati.exe] => (Allow) C:\program files\tixati\tixati.exe
FirewallRules: [{0452BC5E-4D0C-43D9-9A5E-28F4028CBAF1}] => (Allow) C:\Program Files (x86)\Electronic Arts\Crysis Warhead\Bin64\Crysis.exe
FirewallRules: [{0ADE0E85-BFE0-482B-A20A-4887E9751D9E}] => (Allow) C:\Program Files (x86)\Electronic Arts\Crysis Warhead\Bin64\Crysis.exe
FirewallRules: [{F616906F-6237-47D8-A0C5-AF3BA54D97E4}] => (Allow) C:\Program Files (x86)\Electronic Arts\Crysis Warhead\Bin32\Crysis.exe
FirewallRules: [{99C0B5F5-7B51-4D07-A8D2-0AE91146DB40}] => (Allow) C:\Program Files (x86)\Electronic Arts\Crysis Warhead\Bin32\Crysis.exe
FirewallRules: [{B0C5662F-C649-4A36-8792-48537527A83C}] => (Allow) C:\Program Files (x86)\Electronic Arts\Crytek\Crysis\Bin64\Crysis.exe
FirewallRules: [{141273CE-5FDD-402E-B222-9E13759563E7}] => (Allow) C:\Program Files (x86)\Electronic Arts\Crytek\Crysis\Bin64\Crysis.exe
FirewallRules: [{35A350FD-94D7-4440-AAD5-82F0C4ACA246}] => (Allow) C:\Program Files (x86)\Electronic Arts\Crytek\Crysis\Bin32\crysis.exe
FirewallRules: [{8C3DE5BB-FF61-4E70-9A47-8F85DEE903AB}] => (Allow) C:\Program Files (x86)\Electronic Arts\Crytek\Crysis\Bin32\crysis.exe
FirewallRules: [{007968BD-260C-4DCE-8A9F-1EA6AF72400E}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{D5685863-D18B-4099-820C-F472BF3D84CA}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{96E7BE0E-D304-403C-A275-5DCA2FB0302B}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{941F3F54-2BD5-4E85-BD36-7BEA0B435FF2}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{DDE5C324-684C-4E79-B3BB-C08BBB124967}] => (Block) %ProgramFiles%\Adobe\Adobe Photoshop CC 2015\Photoshop.exe
FirewallRules: [{959BB1F3-A68E-4E0E-A5F2-1DEEB86CC41C}] => (Block) %ProgramFiles%\Adobe\Adobe Photoshop CC 2015\Photoshop.exe
FirewallRules: [{59D8FE2C-0564-4023-8C40-102475C74732}] => (Allow) D:\Network\EpsonNetSetup\ENEasyApp.exe
FirewallRules: [{8D54B22B-A954-496F-901D-9C08FC8A0D19}] => (Allow) D:\Network\EpsonNetSetup\ENEasyApp.exe
FirewallRules: [{079FC4F4-FAD0-4813-8938-95AC8E0DE885}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{0628F2CA-7F4B-4A6C-ABAB-E88127310AB7}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{D1749864-6003-46D3-B48D-FA91635A074D}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{27FBBF6F-8789-44F7-AF44-DDB719F236E4}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{7D796CF0-0B6B-4123-9EE5-FB3045FDEFB1}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe
FirewallRules: [TCP Query User{C2106B5E-D166-4C23-A572-00D2114EAF76}C:\program files\tixati\tixati.exe] => (Allow) C:\program files\tixati\tixati.exe
FirewallRules: [UDP Query User{9DA04F3C-ADD7-4DE9-B271-60981EC6B6A2}C:\program files\tixati\tixati.exe] => (Allow) C:\program files\tixati\tixati.exe
FirewallRules: [{011BAD99-FD9F-4C9D-932A-C3FD26172956}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\4.0.4\DriverBooster.exe
FirewallRules: [{C9417F31-5112-40C5-9643-CFB0F537EAA9}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\4.0.4\DriverBooster.exe
FirewallRules: [{881B987B-391D-4938-B34E-E74A2D2CBE2A}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\4.0.4\DBDownloader.exe
FirewallRules: [{8D8F7100-8302-4698-A5C6-0EF070A51474}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\4.0.4\DBDownloader.exe
FirewallRules: [{8678EAE2-2D5F-45E6-9E2C-DB644A80DF28}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\4.0.4\AutoUpdate.exe
FirewallRules: [{2CC957B7-C991-4E8B-B4A4-3B023D395393}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\4.0.4\AutoUpdate.exe
FirewallRules: [TCP Query User{BE7382CB-95AE-429A-821A-60400273278C}C:\program files (x86)\microsoft games\halo custom edition\haloce.exe] => (Allow) C:\program files (x86)\microsoft games\halo custom edition\haloce.exe
FirewallRules: [UDP Query User{0044A1D1-3464-42E8-B96E-9BAD626BC7CC}C:\program files (x86)\microsoft games\halo custom edition\haloce.exe] => (Allow) C:\program files (x86)\microsoft games\halo custom edition\haloce.exe
FirewallRules: [TCP Query User{5F9A971F-F2B5-47FB-94CB-2E3C972A5242}C:\program files (x86)\raven\star trek voyager elite force\stvoyhm.exe] => (Allow) C:\program files (x86)\raven\star trek voyager elite force\stvoyhm.exe
FirewallRules: [UDP Query User{2292E954-049F-4D9F-8F1B-4D3B6D27CC33}C:\program files (x86)\raven\star trek voyager elite force\stvoyhm.exe] => (Allow) C:\program files (x86)\raven\star trek voyager elite force\stvoyhm.exe
FirewallRules: [{A33F7BB0-D522-4AE5-8DC5-822325B276C9}] => (Block) C:\program files (x86)\raven\star trek voyager elite force\stvoyhm.exe
FirewallRules: [{E00F54FA-48A5-4A6D-AA1C-8464791B6010}] => (Block) C:\program files (x86)\raven\star trek voyager elite force\stvoyhm.exe
FirewallRules: [{A895B6AE-F13E-4174-A79E-FD8347F917CA}] => (Allow) H:\Games\Tomb Raider GOTY\TombRaider.exe
FirewallRules: [{35730279-BF13-4671-8E81-82A1CCB63E1C}] => (Allow) H:\Games\Tomb Raider GOTY\TombRaider.exe
FirewallRules: [{B7D557E8-EF05-4895-9868-C2BE5DEAA4E6}] => (Allow) C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe
FirewallRules: [{D91D1AE7-F21D-426C-83D1-AB43FEBC5502}] => (Allow) C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe
FirewallRules: [TCP Query User{0DA2D116-B31F-44F4-96BC-D5BCCB9D8296}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files (x86)\epson software\event manager\eeventmanager.exe
FirewallRules: [UDP Query User{B50FF09C-5F9A-47E9-92F3-166A2CFC1570}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files (x86)\epson software\event manager\eeventmanager.exe
FirewallRules: [TCP Query User{BFB25B55-7634-4A79-9B85-238CBDB85E50}H:\games\age of mythology gold edition\aom.exe] => (Allow) H:\games\age of mythology gold edition\aom.exe
FirewallRules: [UDP Query User{D02F7EB6-3E5C-4E37-8347-6FBDAF3D6096}H:\games\age of mythology gold edition\aom.exe] => (Allow) H:\games\age of mythology gold edition\aom.exe
FirewallRules: [{35AECB37-E4C5-4F08-B6BE-A6AFF2AA660D}] => (Block) H:\games\age of mythology gold edition\aom.exe
FirewallRules: [{E6656235-82B1-4D03-A36F-29703812A191}] => (Block) H:\games\age of mythology gold edition\aom.exe
FirewallRules: [{D0A6F404-E401-460D-8761-283D847FB16C}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [TCP Query User{F5A48009-9391-4A75-82E0-64C42C095BDA}H:\games\far cry 3\bin\farcry3_d3d11.exe] => (Allow) H:\games\far cry 3\bin\farcry3_d3d11.exe
FirewallRules: [UDP Query User{E9AA2D51-8AF4-49CF-92EC-EAB695FE018B}H:\games\far cry 3\bin\farcry3_d3d11.exe] => (Allow) H:\games\far cry 3\bin\farcry3_d3d11.exe
FirewallRules: [{F6F0223E-E183-4BFC-9720-E2B9C1867171}] => (Block) H:\games\far cry 3\bin\farcry3_d3d11.exe
FirewallRules: [{169B5F1A-E12A-4DD4-9B61-5EAF08F0313C}] => (Block) H:\games\far cry 3\bin\farcry3_d3d11.exe
FirewallRules: [{564BABF5-3AC7-49A0-B215-14B7DC093BA7}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{0575828A-DA83-4013-94FE-52C030651860}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{388BDF3E-E23C-4484-8E2B-0AAFDEB573C9}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{E4F7CBCA-974E-4DEE-97FA-7AF1D6043384}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{F5C4D4BA-DC5D-415E-81C0-4C38D08EA927}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{D229850E-8137-47F5-8B6D-6BA99B5728B3}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{1672625E-8396-4437-AFA1-2544812F7448}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{561E2E6D-9290-4365-8807-BAC94A32B0CE}] => (Allow) LPort=2869
FirewallRules: [{6ED08D25-6A52-4ECD-9CEF-889328ED4F63}] => (Allow) LPort=1900
FirewallRules: [{00F530C6-AE3A-442C-962D-CC9C8C54085C}] => (Allow) LPort=2869
FirewallRules: [{60031D35-ED6F-49C7-97A7-58F109F7534D}] => (Allow) LPort=1900
FirewallRules: [TCP Query User{9F8DFD05-4F5B-4ED3-9C99-5528A983C57A}H:\games\battlefield 1\bf1.exe] => (Block) H:\games\battlefield 1\bf1.exe
FirewallRules: [UDP Query User{AA747C07-FD9B-4589-A2A3-9DFE290EAE7F}H:\games\battlefield 1\bf1.exe] => (Block) H:\games\battlefield 1\bf1.exe
FirewallRules: [{8B8D43CC-23C4-4883-9A76-889CBAD0B7C8}] => (Allow) C:\Program Files (x86)\LucasArts\Star Wars Empire at War\GameData\sweaw.exe
FirewallRules: [{AE899E63-7251-4A22-9243-2B18B09C5785}] => (Allow) C:\Program Files (x86)\LucasArts\Star Wars Empire at War\GameData\sweaw.exe
FirewallRules: [TCP Query User{287CFD38-8173-4AF5-8A11-32591DCC48A2}H:\games\call of duty modern warfare remastered\h1_sp64_ship.exe] => (Allow) H:\games\call of duty modern warfare remastered\h1_sp64_ship.exe
FirewallRules: [UDP Query User{C342F57F-EDB6-42F1-9BE3-E86F57FF46C9}H:\games\call of duty modern warfare remastered\h1_sp64_ship.exe] => (Allow) H:\games\call of duty modern warfare remastered\h1_sp64_ship.exe
FirewallRules: [{77EE1476-DCB7-4A85-A781-1B6E945C05A9}] => (Block) H:\games\call of duty modern warfare remastered\h1_sp64_ship.exe
FirewallRules: [{6773DDC3-60BD-49A5-B978-81AE305A348B}] => (Block) H:\games\call of duty modern warfare remastered\h1_sp64_ship.exe
FirewallRules: [{3A8B1383-5526-44B4-8314-B01CB83DD6F2}] => (Block) LPort=445
FirewallRules: [{3CAA6FC2-FA59-40FF-AD08-369F2AEC17B4}] => (Block) LPort=445
FirewallRules: [{43DD8E92-1050-4FEF-AE3B-46C92AC691AC}] => (Allow) H:\Games\Call Of Duty World At War\CoDWaW.exe
FirewallRules: [{381B961A-83D5-42ED-AD65-C80A4FBCF5EB}] => (Allow) H:\Games\Call Of Duty World At War\CoDWaW.exe
FirewallRules: [TCP Query User{4908AA1F-EC3F-42DD-8A96-F114ED067D2A}H:\games\halo 2\halo 2\halo2.exe] => (Allow) H:\games\halo 2\halo 2\halo2.exe
FirewallRules: [UDP Query User{8C50542A-44EE-4306-A90D-93AB8DB8B74B}H:\games\halo 2\halo 2\halo2.exe] => (Allow) H:\games\halo 2\halo 2\halo2.exe
FirewallRules: [{834AD21D-8A0E-42A9-874E-2F96D2691D57}] => (Block) H:\games\halo 2\halo 2\halo2.exe
FirewallRules: [{69AC1BDD-9F1D-4CF0-9EFD-7703A250A674}] => (Block) H:\games\halo 2\halo 2\halo2.exe
FirewallRules: [{A5DE2541-A865-4489-835B-F7152B3E8DAB}] => (Allow) H:\Games\Halo 2\halo2.exe
FirewallRules: [{97625A2F-03C2-4658-9704-4639321E880A}] => (Allow) H:\Games\Halo 2\halo2.exe
FirewallRules: [{1E29B81A-BD2E-49AF-A713-F2C0B358D9B2}] => (Allow) H:\Games\Halo 2\halo2.exe
FirewallRules: [{F02C1FE6-8E5E-47FE-921E-00192642F714}] => (Allow) H:\Games\Halo 2\halo2.exe
FirewallRules: [TCP Query User{C40DCABF-7228-4B5B-92CB-30E629DB7F9E}C:\program files (x86)\java\jre1.8.0_131\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre1.8.0_131\bin\javaw.exe
FirewallRules: [UDP Query User{9D0D49D9-32A3-4EAC-B64B-B21DC60B4156}C:\program files (x86)\java\jre1.8.0_131\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre1.8.0_131\bin\javaw.exe
FirewallRules: [{F5A98A22-AB34-4F42-8722-0664C26CC0D8}] => (Allow) H:\Games\Crysis\Bin32\crysis.exe
FirewallRules: [{C1700217-77DD-4025-BDAC-361288581F78}] => (Allow) H:\Games\Crysis\Bin32\crysis.exe
FirewallRules: [{4665A9A8-260F-4AAE-AFA9-79334C1FF388}] => (Allow) H:\Games\Crysis\Bin64\Crysis.exe
FirewallRules: [{BBC7C6C9-A363-4950-897A-BD192F1EE47E}] => (Allow) H:\Games\Crysis\Bin64\Crysis.exe
FirewallRules: [TCP Query User{92078F10-6042-4519-B1B4-26BBFD9ACEF5}H:\games\prey\prey\binaries\danielle\x64\release\prey.exe] => (Allow) H:\games\prey\prey\binaries\danielle\x64\release\prey.exe
FirewallRules: [UDP Query User{F1C038E9-0383-460F-84B2-77C4D534DD9E}H:\games\prey\prey\binaries\danielle\x64\release\prey.exe] => (Allow) H:\games\prey\prey\binaries\danielle\x64\release\prey.exe
FirewallRules: [{4D561CC5-30A1-4E9E-96E2-F3EAF3DD9AAC}] => (Block) H:\games\prey\prey\binaries\danielle\x64\release\prey.exe
FirewallRules: [{DC245F4A-3DC3-40CE-AFD2-9DD7026F5F6C}] => (Block) H:\games\prey\prey\binaries\danielle\x64\release\prey.exe
FirewallRules: [{0F417FB7-9F17-410B-8960-4DE17AAEB626}] => (Block) %ProgramFiles% (x86)\Solveig Multimedia\SolveigMM Video Splitter Business Edition\SMMVSplitter_Business.exe
FirewallRules: [{D55F24A3-EB8B-42FB-8771-31FD56C0F857}] => (Block) %ProgramFiles% (x86)\Solveig Multimedia\SolveigMM Video Splitter Business Edition\SMMVSplitter_Business.exe
FirewallRules: [{284784CA-48D1-4BF7-A81A-529C35A052E9}] => (Block) %ProgramFiles% (x86)\Solveig Multimedia\SolveigMM Video Splitter Business Edition\SMM_BatchSplit.exe
FirewallRules: [{BDBC5E1C-0C1A-4ABA-B5EB-82B0D54465F4}] => (Block) %ProgramFiles% (x86)\Solveig Multimedia\SolveigMM Video Splitter Business Edition\SMM_BatchSplit.exe
FirewallRules: [TCP Query User{956666EC-7408-4005-97D3-4458F7A6535D}H:\games\counter strike\hl.exe] => (Allow) H:\games\counter strike\hl.exe
FirewallRules: [UDP Query User{6ED08CF2-2311-4CD9-B003-D9C78C3B03DD}H:\games\counter strike\hl.exe] => (Allow) H:\games\counter strike\hl.exe
FirewallRules: [{D732A50E-88AA-44B8-BE55-964BD4FB659D}] => (Block) H:\games\counter strike\hl.exe
FirewallRules: [{96AE1DED-8908-42B2-B433-90732895E166}] => (Block) H:\games\counter strike\hl.exe
FirewallRules: [TCP Query User{16514BDC-2796-487A-B1A2-1F687775A690}H:\games\counter strike\hlds.exe] => (Allow) H:\games\counter strike\hlds.exe
FirewallRules: [UDP Query User{9839D3C7-6CF6-469E-B71C-4EE3D491B333}H:\games\counter strike\hlds.exe] => (Allow) H:\games\counter strike\hlds.exe
FirewallRules: [{C9692BB1-278C-4FA9-B181-A5A8A1EC8927}] => (Block) H:\games\counter strike\hlds.exe
FirewallRules: [{ED308862-E600-48A2-9A93-932A8CBE1A6D}] => (Block) H:\games\counter strike\hlds.exe
FirewallRules: [TCP Query User{E0C34252-11D0-4CA7-8ED0-A48B8C2CF3BA}H:\games\counter strike\hltv.exe] => (Allow) H:\games\counter strike\hltv.exe
FirewallRules: [UDP Query User{A097959E-765B-49CD-9205-08A0DF668759}H:\games\counter strike\hltv.exe] => (Allow) H:\games\counter strike\hltv.exe
FirewallRules: [{4987A6DB-1650-4C11-B488-3FCD3282BB10}] => (Block) H:\games\counter strike\hltv.exe
FirewallRules: [{6F2A6423-539B-4DD6-AB5A-D77A7A51A8C9}] => (Block) H:\games\counter strike\hltv.exe
FirewallRules: [TCP Query User{090E6C1D-3F2A-439A-A8C7-2D049A9E59CE}H:\games\call of duty 2\cod2mp_s.exe] => (Allow) H:\games\call of duty 2\cod2mp_s.exe
FirewallRules: [UDP Query User{43D41ECF-63AC-4D38-8A66-DFDDC6CEDEA2}H:\games\call of duty 2\cod2mp_s.exe] => (Allow) H:\games\call of duty 2\cod2mp_s.exe
FirewallRules: [{FC3CDEA3-8B96-4847-A0A5-05A8D06BDC90}] => (Block) H:\games\call of duty 2\cod2mp_s.exe
FirewallRules: [{8A01975A-BDC8-4198-8AD6-5762D3D6144A}] => (Block) H:\games\call of duty 2\cod2mp_s.exe
FirewallRules: [TCP Query User{BA0CC5F1-8891-4784-8727-FDD6FEFE9A72}H:\games\sniper - ghost warrior 2\bin32\sniperghostwarrior2.exe] => (Allow) H:\games\sniper - ghost warrior 2\bin32\sniperghostwarrior2.exe
FirewallRules: [UDP Query User{AF5F8BA9-B4C3-4FBB-AF81-DABB907CF037}H:\games\sniper - ghost warrior 2\bin32\sniperghostwarrior2.exe] => (Allow) H:\games\sniper - ghost warrior 2\bin32\sniperghostwarrior2.exe
FirewallRules: [{DE486E41-348B-4867-AD4C-AF539F02A5D3}] => (Block) H:\games\sniper - ghost warrior 2\bin32\sniperghostwarrior2.exe
FirewallRules: [{47D0FEEA-A4FC-4D1C-9286-7443E5F0AC10}] => (Block) H:\games\sniper - ghost warrior 2\bin32\sniperghostwarrior2.exe
FirewallRules: [{9C468828-A775-4BD6-9D0C-A062C8A68FED}] => (Block) %ProgramFiles% (x86)\Paragon Software\HFS+ for Windows  10.0\activation\hfsactivator.exe
FirewallRules: [{298F078E-DF83-4D6E-BE6F-1F3B0EBEADFD}] => (Block) %ProgramFiles% (x86)\Paragon Software\HFS+ for Windows  10.0\activation\hfshelper.exe
FirewallRules: [{77086B90-99CE-4C7B-99C7-C92B46989ADA}] => (Block) %ProgramFiles% (x86)\Paragon Software\HFS+ for Windows  10.0\apmwinsrv.exe
FirewallRules: [{F21326C8-627D-4C0D-AA15-F8313BCA9942}] => (Block) %ProgramFiles% (x86)\Paragon Software\HFS+ for Windows  10.0\mounthfs.exe
FirewallRules: [{57AD44DC-9194-42C2-8492-DF0F6A5A785D}] => (Block) %ProgramFiles% (x86)\Paragon Software\HFS+ for Windows  10.0\mounthfs.exe
FirewallRules: [{50C77D90-6314-46DA-922D-1BA9A5199B11}] => (Block) %ProgramFiles% (x86)\Paragon Software\HFS+ for Windows  10.0\apmwinsrv.exe
FirewallRules: [{11AE5B51-3D43-4137-AB1E-B5DBAE22B266}] => (Block) %ProgramFiles% (x86)\Paragon Software\HFS+ for Windows  10.0\activation\hfsactivator.exe
FirewallRules: [{A1437E5F-4A3D-494B-B95F-EE3917147B2F}] => (Block) %ProgramFiles% (x86)\Paragon Software\HFS+ for Windows  10.0\activation\hfshelper.exe
FirewallRules: [{15BFE731-6C42-426C-817A-A1AB2670C275}] => (Block) %ProgramFiles% (x86)\Paragon Software\HFS+ for Windows\apmwinsrv.exe
FirewallRules: [{023B99DE-D2C5-4E0F-83BC-14E91FDE9421}] => (Block) %ProgramFiles% (x86)\Paragon Software\HFS+ for Windows\mounthfs.exe
FirewallRules: [{C1737EC2-E06B-4CB0-9CBD-E92C68D36362}] => (Block) %ProgramFiles% (x86)\Paragon Software\HFS+ for Windows\activation\OnlineActivator.exe
FirewallRules: [{55428380-F572-4B81-B89F-65C7CBF7A512}] => (Block) %ProgramFiles% (x86)\Paragon Software\HFS+ for Windows\activation\OnlineActivator.exe
FirewallRules: [{08C66253-AB20-4EEB-A2AE-3F41D0AB9EC0}] => (Block) %ProgramFiles% (x86)\Paragon Software\HFS+ for Windows\apmwinsrv.exe
FirewallRules: [{0668A9A4-816F-45FC-8FF2-077C44C8A428}] => (Block) %ProgramFiles% (x86)\Paragon Software\HFS+ for Windows\mounthfs.exe
FirewallRules: [TCP Query User{84E28F8B-CA08-4DC8-BB8A-9DF711280C7B}C:\users\skynet\appdata\local\brave\app-0.18.36\brave.exe] => (Block) C:\users\skynet\appdata\local\brave\app-0.18.36\brave.exe
FirewallRules: [UDP Query User{ABC15052-4E47-460E-85CC-248154B9CECA}C:\users\skynet\appdata\local\brave\app-0.18.36\brave.exe] => (Block) C:\users\skynet\appdata\local\brave\app-0.18.36\brave.exe
FirewallRules: [TCP Query User{D35B6580-F1D8-4196-B6F3-DAED0186E7DC}H:\games\far cry primal\bin\fcprimal.exe] => (Block) H:\games\far cry primal\bin\fcprimal.exe
FirewallRules: [UDP Query User{F2E0036E-6785-46F5-AA59-A5C0DCBA15B9}H:\games\far cry primal\bin\fcprimal.exe] => (Block) H:\games\far cry primal\bin\fcprimal.exe
FirewallRules: [TCP Query User{C28438FE-5764-4FA6-865A-ECBA98BCC0CF}C:\program files (x86)\java\jre1.8.0_151\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre1.8.0_151\bin\javaw.exe
FirewallRules: [UDP Query User{AE9A1FCC-2806-47B6-A412-EB50EB01E56C}C:\program files (x86)\java\jre1.8.0_151\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre1.8.0_151\bin\javaw.exe
FirewallRules: [{911084A3-0070-4ADE-A49C-2931D8126CE9}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe
FirewallRules: [{6A60088F-03B3-4F02-8568-BAEA4680A035}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe
FirewallRules: [{738E9E66-F20A-4847-B8DC-90CFC2B47F73}] => (Allow) C:\Program Files (x86)\iTunes\iTunes.exe
FirewallRules: [TCP Query User{9AFC4B02-19C5-49F9-888C-950953E2716B}H:\games\klingon academy\ka.exe] => (Block) H:\games\klingon academy\ka.exe
FirewallRules: [UDP Query User{EEC425FC-0A96-45D3-9BF4-83988C9E2B0F}H:\games\klingon academy\ka.exe] => (Block) H:\games\klingon academy\ka.exe
FirewallRules: [{3D7354DA-94D6-4AD0-A028-53D0BEF45007}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
FirewallRules: [{AD03BF01-99A0-4CB2-93A0-913EF99CB5BD}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
==================== Restore Points =========================
 
02-06-2018 20:00:59 Revo Uninstaller Pro's restore point - Call of Duty: Ghosts Update 3
03-06-2018 17:03:09 Installed DirectX
06-06-2018 21:06:21 Windows Update
 
==================== Faulty Device Manager Devices =============
 
Name: Bluetooth Peripheral Device
Description: Bluetooth Peripheral Device
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
 
Name: Bluetooth Peripheral Device
Description: Bluetooth Peripheral Device
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
 
Name: Bluetooth Hands-free Audio
Description: Bluetooth Hands-free Audio
Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318}
Manufacturer: Broadcom
Service: btwaudio
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (06/10/2018 06:51:38 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download....uthrootstl.cab>with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
.
 
Error: (06/10/2018 06:49:56 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download....uthrootstl.cab>with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
.
 
 
System errors:
=============
Error: (06/10/2018 06:52:44 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: The following fatal alert was received: 40.
 
Error: (06/10/2018 06:52:44 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: The following fatal alert was received: 70.
 
Error: (06/10/2018 06:50:43 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: The following fatal alert was received: 40.
 
Error: (06/10/2018 06:50:43 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: The following fatal alert was received: 70.
 
Error: (06/10/2018 06:49:52 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: The following fatal alert was received: 40.
 
Error: (06/10/2018 06:49:52 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: The following fatal alert was received: 70.
 
 
CodeIntegrity:
===================================
 
Date: 2018-06-10 18:49:41.199
Description: 
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\sxs.dll because the set of per-page image hashes could not be found on the system.
 
==================== Memory info =========================== 
 
Processor: AMD FX™-6300 Six-Core Processor 
Percentage of memory in use: 20%
Total physical RAM: 16283.5 MB
Available physical RAM: 12939.34 MB
Total Virtual: 32565.19 MB
Available Virtual: 28608.12 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:465.66 GB) (Free:175.23 GB) NTFS
Drive f: (Mars) (Fixed) (Total:465.76 GB) (Free:381.76 GB) NTFS
Drive g: (Pluto) (Fixed) (Total:200 GB) (Free:106.32 GB) NTFS
Drive h: (Hoth) (Fixed) (Total:931.51 GB) (Free:351.67 GB) NTFS
Drive i: (Saturn) (Fixed) (Total:1062.89 GB) (Free:200.65 GB) NTFS
Drive q: (Ryloth) (Fixed) (Total:1953.12 GB) (Free:1718.23 GB) NTFS
Drive r: (Scarif) (Fixed) (Total:1772.77 GB) (Free:583.87 GB) NTFS
Drive s: (Mercury) (Fixed) (Total:600 GB) (Free:57.37 GB) NTFS
 
\\?\Volume{92252ac3-a9cc-11e5-aced-806e6f6e6963}\ (System Reserved) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 1549F232)
Partition 1: (Not Active) - (Size=465.8 GB) - (Type=07 NTFS)
 
========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: D6C2710D)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=465.7 GB) - (Type=07 NTFS)
 
========================================================
Disk: 2 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: D7729B52)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)
 
========================================================
Disk: 3 (Protective MBR) (Size: 1863 GB) (Disk ID: 00000000)
 
Partition: GPT.
 
========================================================
Disk: 4 (Protective MBR) (Size: 3726 GB) (Disk ID: 00000000)
 
Partition: GPT.
 
==================== End of Addition.txt ============================

  • 0






Similar Topics


Also tagged with one or more of these keywords: coinminer, diskdriver, virus, infection, russian

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP