About a week ago i started having multiple issues with my laptop (ASUS, Win10 home) which started almost simultaneously: first, my keyboard stopped working, not all at once but several keys at a time (I'm using a USB kb currently). Second, I started experiencing very frequent freezing and crashing in Windows Explorer but not other programs. Lastly (as far as i've noticed) any video i try to watch "stutters", flipping rapidly between the pause and play state, on all media players. I have reason to believe this is a virus but I've run multiple scans from multiple companies (AVG, bitdefender, lavasoft) and they've found nothing. I'm really hoping I don't have to format as I don't have an external HD to back up my important files currently so I'm really hoping there's a less drastic solution.
presumed virus, can't find the sucker
Started by
J Artemis
, Jun 26 2018 12:25 PM
#2
Posted 27 June 2018 - 07:25 AM
RKinner
-
- Expert
-
- 24,624 posts
Malware Expert
- Get FRST from http://www.bleepingc...very-scan-tool/You need to download the appropriate tool for your PC. If you don't know if you have a 32 or 64 bit system get them both. Only one will work and that's the right one.
- Right click to run as administrator (XP users click run after receipt of Windows Security Warning - Open File). When the tool opens click Yes to disclaimer.
- Check the Addition.txt box
- Press Scan button.
- It will produce a log called FRST.txt in the same directory the tool is run from.
- Please copy and paste log back here.
- It will generate another log (Addition.txt - also located in the same directory as FRST.exe/FRST64.exe). Please also paste that along with the FRST.txt into your reply.
Get Process Explorer
http://live.sysinter...com/procexp.exe
Save it to your desktop then run it (Vista or Win7+ - right click and Run As Administrator).
View, Select Column, check Verified Signer, OK
Options, Verify Image Signatures
Click twice on the CPU column header to sort things by CPU usage with the big hitters at the top.
Wait a full minute then:
File, Save As, Save. Note the file name. Open the file on your desktop and copy and paste the text to a reply.
Copy the next 2 lines:
TASKLIST /SVC > \junk.txt
notepad \junk.txt
Open an Elevated Command Prompt:
Win 7: Start, All Programs, Accessories then right click on Command Prompt and Run as Administrator
Win 8: http://www.eightforu...indows-8-a.html
win 10: http://www.howtogeek...-in-windows-10/
Right click and Paste (or Edit then Paste) and the copied lines should appear.
Hit Enter if notepad does not open. Copy and paste the text from notepad into a reply.
Get the free version of Speccy:
http://www.filehippo...ownload_speccy/
(Look in the upper right for the Download
Latest Version button - Do NOT press the large Start Download button on the upper left!)
Download, Save and Install it. Tell it you do not need CCLEANER. Run Speccy. When it finishes (the little icon in the bottom left will stop moving),
File, Save as Text File, (to your desktop) note the name it gives. OK. Open the file in notepad and delete the line that gives the serial number of your Operating System.
(It will be near the top, 10-20 lines down.) Save the file. Attach the file to your next post. Attaching the log is the best option as it is too big for the forum. Attaching is a multi step process.
First click on More Reply Options
Then scroll down to where you see
Choose File and click on it. Point it at the file and hit Open.
Now click on Attach this file.
Latency Monitor:
Go to
http://www.resplendence.com/downloads
Scroll down to
System Monitoring Tools
and then find
LatencyMon 6.51
Click on Download free home edition
Save it then right click and Run As Admin. It will install and then start the program.
It will tell you to click on the Start button but there isn't one.
Instead click on the green arrowhead (looks like a Play button). Let it run for at least 20 seconds. Then hit the red box to stop it.
Edit, Copy Report text to Clipboard then move to a REPLY and Ctrl + v to paste the text into a reply.
Best to post the logs as you get them instead of saving up and trying to post them all at one time.
#3
Posted 02 July 2018 - 05:07 AM
J Artemis
- Topic Starter
-
- Member
-
- 10 posts
Member
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 20.06.2018
Ran by Turd Fergusson (administrator) on LAPTOP-LL9IITL0 (02-07-2018 06:02:29)
Running from C:\Users\Turd Fergusson\AppData\Local\Temp\scoped_dir13324_20861
Loaded Profiles: Turd Fergusson (Available Profiles: Turd Fergusson)
Platform: Windows 10 Home Version 1803 17134.112 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Opera)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Broadcom Corporation.) C:\Windows\System32\BtwRSupportService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(DEVGURU Co., LTD.) C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe
(Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1806.18062-0\MsMpEng.exe
(Bitdefender) C:\Program Files\Bitdefender Agent\ProductAgentService.exe
(Microsoft Corporation) C:\Windows\System32\WirelessKB850NotificationService.exe
(Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1806.18062-0\NisSrv.exe
(WildTangent) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
(HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(HP Inc.) C:\Program Files\HP\HP Touchpoint Analytics Client\TouchpointAnalyticsClientService.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.209.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\YouCam6\YouCamService6.exe
(© 2015 Microsoft Corporation) C:\Users\Turd Fergusson\AppData\Local\Microsoft\BingSvc\BingSvc.exe
(Spotify Ltd) C:\Users\Turd Fergusson\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Rainmeter) C:\Program Files\Rainmeter\Rainmeter.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Windows\System32\Taskmgr.exe
(Opera Software) C:\Program Files\Opera\53.0.2907.99\opera.exe
(Opera Software) C:\Program Files\Opera\53.0.2907.99\opera_crashreporter.exe
(Opera Software) C:\Program Files\Opera\53.0.2907.99\opera.exe
(Opera Software) C:\Program Files\Opera\53.0.2907.99\opera.exe
(Opera Software) C:\Program Files\Opera\53.0.2907.99\opera.exe
(Opera Software) C:\Program Files\Opera\53.0.2907.99\opera.exe
(Opera Software) C:\Program Files\Opera\53.0.2907.99\opera.exe
(Opera Software) C:\Program Files\Opera\53.0.2907.99\opera.exe
(Opera Software) C:\Program Files\Opera\53.0.2907.99\opera.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.SecHealthUI_cw5n1h2txyewy\SecHealthUI.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.MicrosoftOfficeHub_17.9328.1700.0_x64__8wekyb3d8bbwe\Office16\OfficeHubTaskHost.exe
(Opera Software) C:\Program Files\Opera\53.0.2907.99\opera.exe
(Opera Software) C:\Program Files\Opera\53.0.2907.99\opera.exe
(Opera Software) C:\Program Files\Opera\53.0.2907.99\opera.exe
(Opera Software) C:\Program Files\Opera\53.0.2907.99\opera.exe
(Opera Software) C:\Program Files\Opera\53.0.2907.99\opera.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-11] (Microsoft Corporation)
HKLM\...\Run: [DeliveryAndStatusCheck] => C:\Program Files\HP\HP ePrint\HP.DeliveryAndStatus.Desktop.App.exe [301832 2015-11-10] (HP)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8911872 2016-10-15] (Realtek Semiconductor)
HKLM-x32\...\Run: [HPMessageService] => C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe [654088 2015-02-17] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [StartCCC] => c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-08-07] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [3752768 2018-06-25] (Dropbox, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [596504 2016-04-01] (Oracle Corporation)
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-11] (Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-11] (Microsoft Corporation)
HKU\S-1-5-21-1113577436-1958664147-1972585464-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3201312 2018-06-08] (Valve Corporation)
HKU\S-1-5-21-1113577436-1958664147-1972585464-1001\...\Run: [uTorrent] => C:\Users\Turd Fergusson\AppData\Roaming\uTorrent\uTorrent.exe [1984184 2018-06-23] (BitTorrent Inc.)
HKU\S-1-5-21-1113577436-1958664147-1972585464-1001\...\Run: [f.lux] => C:\Users\Turd Fergusson\AppData\Local\FluxSoftware\Flux\flux.exe [1017224 2013-10-23] (Flux Software LLC)
HKU\S-1-5-21-1113577436-1958664147-1972585464-1001\...\Run: [Discord] => C:\Users\Turd Fergusson\AppData\Local\Discord\app-0.0.300\Discord.exe [57821176 2018-01-08] (Discord Inc.)
HKU\S-1-5-21-1113577436-1958664147-1972585464-1001\...\Run: [TIDAL] => C:\Users\Turd Fergusson\AppData\Local\TIDAL\update.exe [1888992 2017-11-29] ()
HKU\S-1-5-21-1113577436-1958664147-1972585464-1001\...\Run: [BingSvc] => C:\Users\Turd Fergusson\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008 2015-11-05] (© 2015 Microsoft Corporation)
HKU\S-1-5-21-1113577436-1958664147-1972585464-1001\...\Run: [Spotify] => C:\Users\Turd Fergusson\AppData\Roaming\Spotify\Spotify.exe [22454160 2018-04-26] (Spotify Ltd)
HKU\S-1-5-21-1113577436-1958664147-1972585464-1001\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3100456 2018-02-14] (Electronic Arts)
HKU\S-1-5-21-1113577436-1958664147-1972585464-1001\...\Run: [Chromium] => c:\users\turd fergusson\appdata\local\chromium\application\chrome.exe [828416 2017-01-20] (The Chromium Authors)
HKU\S-1-5-21-1113577436-1958664147-1972585464-1001\...\Run: [bLend] => C:\Windows\Resources\Themes\bLend.exe [93853 2018-01-05] (eXXtreme)
HKU\S-1-5-21-1113577436-1958664147-1972585464-1001\...\Run: [GoogleChromeAutoLaunch_1935AE86F0405469EE67D8CF6AD592B5] => C:\Users\Turd Fergusson\AppData\Local\Chromium\Application\chrome.exe [828416 2017-01-20] (The Chromium Authors)
HKU\S-1-5-21-1113577436-1958664147-1972585464-1001\...\Run: [Spotify Web Helper] => C:\Users\Turd Fergusson\AppData\Roaming\Spotify\SpotifyWebHelper.exe [782736 2018-04-26] (Spotify Ltd)
Startup: C:\Users\Turd Fergusson\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Rainmeter.lnk [2016-11-29]
ShortcutTarget: Rainmeter.lnk -> C:\Program Files\Rainmeter\Rainmeter.exe (Rainmeter)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{9359093b-3e03-4c34-9a41-ee58809c8eb3}: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{f65840aa-c42a-49b9-b963-860b9b013d08}: [DhcpNameServer] 192.168.1.254
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.bing.com/search?FORM=INCOH1&PC=IC05&PTAG=ICO-53e93272
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://hp15-comm.msn.com/?pc=HRTE
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp15-comm.msn.com/?pc=HRTE
HKU\S-1-5-21-1113577436-1958664147-1972585464-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.bing.com/search?FORM=INCOH1&PC=IC05&PTAG=ICO-53e93272
HKU\S-1-5-21-1113577436-1958664147-1972585464-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp15-comm.msn.com/?pc=HRTE
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://www.bing.com/search?FORM=INCOH2&PC=IC05&PTAG=ICO-53e93272&q={searchTerms}
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://www.bing.com/search?FORM=INCOH2&PC=IC05&PTAG=ICO-53e93272&q={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://www.bing.com/search?FORM=INCOH2&PC=IC05&PTAG=ICO-53e93272&q={searchTerms}
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://www.bing.com/search?FORM=INCOH2&PC=IC05&PTAG=ICO-53e93272&q={searchTerms}
SearchScopes: HKLM-x32 -> {53295C55-9D16-487F-BA02-A4C0A5CC08B1} URL = hxxp://www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us2-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKU\S-1-5-21-1113577436-1958664147-1972585464-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://www.bing.com/search?FORM=INCOH2&PC=IC05&PTAG=ICO-53e93272&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1113577436-1958664147-1972585464-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://www.bing.com/search?FORM=INCOH2&PC=IC05&PTAG=ICO-53e93272&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1113577436-1958664147-1972585464-1001 -> {53295C55-9D16-487F-BA02-A4C0A5CC08B1} URL = hxxp://www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us2-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
BHO: No Name -> {27DD0F8B-3E0E-4ADC-A78A-66047E71ADC5} -> C:\Users\Turd Fergusson\Downloads\OldNewExplorer\OldNewExplorer64.dll [2017-08-16] (www.startisback.com)
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_91\bin\ssv.dll [2016-05-04] (Oracle Corporation)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_91\bin\jp2ssv.dll [2016-05-04] (Oracle Corporation)
BHO-x32: No Name -> {27DD0F8B-3E0E-4ADC-A78A-66047E71ADC5} -> C:\Users\Turd Fergusson\Downloads\OldNewExplorer\OldNewExplorer32.dll [2017-08-16] (www.startisback.com)
BHO-x32: Evernote extension -> {92EF2EAD-A7CE-4424-B0DB-499CF856608E} -> C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll [2015-07-01] (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2016-12-17] (Sun Microsystems, Inc.)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2016-07-21] (HP Inc.)
FireFox:
========
FF DefaultProfile: ey543um1.default
FF ProfilePath: C:\Users\Turd Fergusson\AppData\Roaming\Mozilla\Firefox\Profiles\ey543um1.default [2018-07-01]
FF Homepage: Mozilla\Firefox\Profiles\ey543um1.default -> hxxps://www.bing.com/search?FORM=INCOH1&PC=IC04&PTAG=ICO-ffe9c8a0
FF Extension: (Bing Search) - C:\Users\Turd Fergusson\AppData\Roaming\Mozilla\Firefox\Profiles\ey543um1.default\Extensions\[email protected] [2017-05-28] [Legacy]
FF Extension: (Exhentai Passport) - C:\Users\Turd Fergusson\AppData\Roaming\Mozilla\Firefox\Profiles\ey543um1.default\Extensions\[email protected] [2017-12-25]
FF Extension: (ExHentai Easy 2) - C:\Users\Turd Fergusson\AppData\Roaming\Mozilla\Firefox\Profiles\ey543um1.default\Extensions\[email protected] [2016-08-16] [Legacy]
FF Extension: (Reddit Enhancement Suite) - C:\Users\Turd Fergusson\AppData\Roaming\Mozilla\Firefox\Profiles\ey543um1.default\Extensions\[email protected] [2018-06-22]
FF Extension: (LastPass: Free Password Manager) - C:\Users\Turd Fergusson\AppData\Roaming\Mozilla\Firefox\Profiles\ey543um1.default\Extensions\[email protected] [2018-07-01]
FF Extension: (Thumbnail Zoom Plus) - C:\Users\Turd Fergusson\AppData\Roaming\Mozilla\Firefox\Profiles\ey543um1.default\Extensions\[email protected] [2017-06-10] [Legacy]
FF Extension: (Image Search Options) - C:\Users\Turd Fergusson\AppData\Roaming\Mozilla\Firefox\Profiles\ey543um1.default\Extensions\{4a313247-8330-4a81-948e-b79936516f78}.xpi [2018-03-13]
FF Extension: (Video DownloadHelper) - C:\Users\Turd Fergusson\AppData\Roaming\Mozilla\Firefox\Profiles\ey543um1.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2018-06-05]
FF Extension: (Search By Image (by Google)) - C:\Users\Turd Fergusson\AppData\Roaming\Mozilla\Firefox\Profiles\ey543um1.default\Extensions\{ce7e73df-6a44-4028-8079-5927a588c948}.xpi [2016-10-25] [Legacy]
FF Extension: (Adblock Plus) - C:\Users\Turd Fergusson\AppData\Roaming\Mozilla\Firefox\Profiles\ey543um1.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2018-05-23]
FF SearchPlugin: C:\Users\Turd Fergusson\AppData\Roaming\Mozilla\Firefox\Profiles\ey543um1.default\searchplugins\bing search engine.xml [2018-04-08]
FF SearchPlugin: C:\Users\Turd Fergusson\AppData\Roaming\Mozilla\Firefox\Profiles\ey543um1.default\searchplugins\bing-.xml [2017-05-28]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_30_0_0_113.dll [2018-06-10] ()
FF Plugin: @java.com/DTPlugin,version=11.91.2 -> C:\Program Files\Java\jre1.8.0_91\bin\dtplugin\npDeployJava1.dll [2016-05-04] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.91.2 -> C:\Program Files\Java\jre1.8.0_91\bin\plugin2\npjp2.dll [2016-05-04] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_30_0_0_113.dll [2018-06-10] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\windows\SysWOW64\Adobe\Director\np32dsw_1217157.dll [2015-02-05] (Adobe Systems, Inc.)
FF Plugin-x32: @java.com/JavaPlugin -> C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll [2016-12-17] (Sun Microsystems, Inc.)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-17] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2015-10-12] ()
StartMenuInternet: FIREFOX.EXE - firefox.exe
Chrome:
=======
CHR HomePage: Default -> msn.com
CHR NewTab: Default -> Active:"chrome-extension://nkgmhpdhaaijoaeaokmhdpfegfmbmfjg/dashboard.html"
CHR DefaultSearchURL: Default -> hxxp://www.bing.com/search?FORM=__PARAM__DF&PC=__PARAM__&q={searchTerms}
CHR DefaultSearchKeyword: Default -> bing.com
CHR DefaultSuggestURL: Default -> hxxp://www.bing.com/osjson.aspx?FORM=__PARAM__DF&PC=__PARAM__&query={searchTerms}
CHR Profile: C:\Users\Turd Fergusson\AppData\Local\Google\Chrome\User Data\Default [2018-06-13]
CHR Extension: (Slides) - C:\Users\Turd Fergusson\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-14]
CHR Extension: (Docs) - C:\Users\Turd Fergusson\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-14]
CHR Extension: (Google Drive) - C:\Users\Turd Fergusson\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-08-07]
CHR Extension: (AdGuard AdBlocker) - C:\Users\Turd Fergusson\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnkhhnnamicmpeenaelnjfhikgbkllg [2018-04-11]
CHR Extension: (YouTube) - C:\Users\Turd Fergusson\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-08-07]
CHR Extension: (Free Chrome VPN proxy) - C:\Users\Turd Fergusson\AppData\Local\Google\Chrome\User Data\Default\Extensions\domgapgimficjfpblhbihklajoofkijh [2018-03-01]
CHR Extension: (Sheets) - C:\Users\Turd Fergusson\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-14]
CHR Extension: (Google Docs Offline) - C:\Users\Turd Fergusson\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-08-09]
CHR Extension: (LastPass: Free Password Manager) - C:\Users\Turd Fergusson\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd [2018-06-12]
CHR Extension: (Reddit Enhancement Suite) - C:\Users\Turd Fergusson\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbmfpngjjgdllneeigpgjifpgocmfgmb [2018-06-12]
CHR Extension: (Pixlr Today) - C:\Users\Turd Fergusson\AppData\Local\Google\Chrome\User Data\Default\Extensions\nkgmhpdhaaijoaeaokmhdpfegfmbmfjg [2018-02-25]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Turd Fergusson\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-05]
CHR Extension: (Evernote Web Clipper) - C:\Users\Turd Fergusson\AppData\Local\Google\Chrome\User Data\Default\Extensions\pioclpoplcdbaefihamjohnefbikjilc [2018-06-12]
CHR Extension: (Gmail) - C:\Users\Turd Fergusson\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-08-07]
CHR Extension: (Chrome Media Router) - C:\Users\Turd Fergusson\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-06-12]
CHR HKU\S-1-5-21-1113577436-1958664147-1972585464-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [fcfenmboojpjinhpgggodefccipikbpd] - hxxps://clients2.google.com/service/update2/crx
Opera:
=======
OPR Extension: (Reddit Enhancement Suite) - C:\Users\Turd Fergusson\AppData\Roaming\Opera Software\Opera Stable\Extensions\gfdcmdcpehpkengmkhkbpifajmbhfgae [2018-05-22]
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S2 AdaptiveSleepService; c:\Program Files\ATI Technologies\ATI.ACE\A4\AdaptiveSleepService.exe [138752 2015-08-06] () [File not signed]
R2 AMD FUEL Service; c:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2015-08-06] (Advanced Micro Devices, Inc.) [File not signed]
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1465352 2017-01-21] ()
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-05-04] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-05-04] (Dropbox, Inc.)
R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [51024 2018-06-25] (Dropbox, Inc.)
R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [349728 2015-10-12] (WildTangent)
R2 HPSupportSolutionsFrameworkService; c:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [332656 2018-05-02] (HP Inc.)
R2 HPTouchpointAnalyticsService; C:\Program Files\HP\HP Touchpoint Analytics Client\TouchpointAnalyticsClientService.exe [332216 2017-11-21] (HP Inc.)
R2 HPWMISVC; c:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe [608520 2015-02-17] (Hewlett-Packard Development Company, L.P.)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2156864 2018-02-14] (Electronic Arts)
S2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3026760 2018-02-14] (Electronic Arts)
R2 ProductAgentService; C:\Program Files\Bitdefender Agent\ProductAgentService.exe [1275776 2018-05-16] (Bitdefender)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [326656 2016-10-15] (Realtek Semiconductor)
S4 ssh-agent; C:\WINDOWS\System32\OpenSSH\ssh-agent.exe [495616 2018-03-10] ()
R2 ss_conn_service; C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe [741640 2014-06-16] (DEVGURU Co., LTD.)
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [278616 2017-08-18] (Synaptics Incorporated)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1806.18062-0\NisSrv.exe [3925648 2018-06-26] (Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1806.18062-0\MsMpEng.exe [100080 2018-06-26] (Microsoft Corporation)
R2 WirelessKB850NotificationService; C:\WINDOWS\system32\WirelessKB850NotificationService.exe [176624 2018-05-14] (Microsoft Corporation)
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 AmdAS4; C:\WINDOWS\System32\drivers\AmdAS4.sys [18968 2015-10-29] (Advanced Micro Devices, INC.)
R2 APXACC; C:\WINDOWS\system32\DRIVERS\appexDrv.sys [229056 2015-04-03] (AppEx Networks Corporation)
S3 aswTap; C:\WINDOWS\System32\drivers\aswTap.sys [44640 2014-09-05] (The OpenVPN Project)
R3 AtiHDAudioService; C:\WINDOWS\system32\drivers\AtihdWT6.sys [102400 2016-02-26] (Advanced Micro Devices)
R3 clwvd6; C:\WINDOWS\system32\DRIVERS\clwvd6.sys [41400 2015-08-31] (CyberLink Corporation)
R3 Microsoft_Bluetooth_AvrcpTransport; C:\WINDOWS\system32\DRIVERS\Microsoft.Bluetooth.AvrcpTransport.sys [46592 2018-04-11] (Microsoft Corporation)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [895256 2015-06-18] (Realtek )
S3 RTSUER; C:\WINDOWS\system32\Drivers\RtsUer.sys [411712 2015-05-21] (Realsil Semiconductor Corporation)
R3 SmbDrv; C:\WINDOWS\system32\DRIVERS\Smb_driver_AMDASF.sys [53848 2017-08-18] (Synaptics Incorporated)
S3 SmbDrvI; C:\WINDOWS\System32\drivers\Smb_driver_Intel.sys [33960 2015-07-13] (Synaptics Incorporated)
R3 SteamStreamingMicrophone; C:\WINDOWS\system32\drivers\SteamStreamingMicrophone.sys [40736 2017-07-28] ()
R3 SteamStreamingSpeakers; C:\WINDOWS\system32\drivers\SteamStreamingSpeakers.sys [40736 2017-07-21] ()
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [46592 2018-06-26] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [340008 2018-06-26] (Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [59944 2018-06-26] (Microsoft Corporation)
R3 WirelessButtonDriver64; C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys [34960 2018-02-02] (HP)
U3 aspnet_state; no ImagePath
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2018-07-02 06:02 - 2018-07-02 06:02 - 000000000 ____D C:\FRST
2018-07-01 22:06 - 2018-07-01 22:07 - 001283308 _____ C:\WINDOWS\Minidump\070118-49328-01.dmp
2018-07-01 22:05 - 2018-07-01 22:05 - 754072776 _____ C:\WINDOWS\MEMORY.DMP
2018-07-01 20:49 - 2018-07-01 20:57 - 266953502 ____R C:\Users\Turd Fergusson\Downloads\Preacher.S03E01.HDTV.x264-LucidTV[eztv].mkv
2018-06-26 18:19 - 2018-06-26 18:19 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2018-06-26 13:42 - 2018-06-26 13:47 - 313912851 ____R C:\Users\Turd Fergusson\Downloads\Legion.S02E11.HDTV.x264-SVA[eztv].mkv
2018-06-26 13:42 - 2018-06-26 13:42 - 000048106 _____ C:\Users\Turd Fergusson\Downloads\FE34838250FBA4F70BD47081533FBBC24B0E58A3.torrent
2018-06-26 13:35 - 2018-06-26 13:41 - 424217870 ____R C:\Users\Turd Fergusson\Downloads\Westworld.S02E06.WEB.H264-DEFLATE[eztv].mkv
2018-06-26 13:26 - 2018-06-26 13:27 - 042400096 _____ (EaseUS ) C:\Users\Turd Fergusson\Downloads\drw.exe
2018-06-25 12:24 - 2018-06-25 12:24 - 000051024 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe
2018-06-25 12:24 - 2018-06-25 12:24 - 000050232 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-dev.sys
2018-06-25 12:24 - 2018-06-25 12:24 - 000045672 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-canary.sys
2018-06-25 12:24 - 2018-06-25 12:24 - 000045640 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-stable.sys
2018-06-24 08:57 - 2018-06-24 08:57 - 000021898 _____ C:\Users\Turd Fergusson\Downloads\jmres(1) (1).odt
2018-06-24 08:57 - 2018-06-24 08:57 - 000000139 ____H C:\Users\Turd Fergusson\Downloads\.~lock.jmres(1) (1).odt#
2018-06-24 08:53 - 2018-06-24 08:53 - 000000139 ____H C:\Users\Turd Fergusson\Documents\.~lock.Work History.ods#
2018-06-24 08:52 - 2018-06-24 08:53 - 000011897 _____ C:\Users\Turd Fergusson\Documents\Work History.ods
2018-06-24 08:40 - 2018-06-24 08:40 - 000000139 ____H C:\Users\Turd Fergusson\Documents\.~lock.jmres(1).odt#
2018-06-23 13:52 - 2018-07-02 05:50 - 000000000 ____D C:\Users\Turd Fergusson\AppData\LocalLow\uTorrent
2018-06-13 19:34 - 2018-06-08 14:02 - 004527680 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2018-06-13 19:34 - 2018-06-08 04:29 - 007520000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2018-06-13 19:34 - 2018-06-08 04:13 - 025846784 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2018-06-13 19:34 - 2018-06-08 04:09 - 006569960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2018-06-13 19:34 - 2018-06-08 04:02 - 022713856 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2018-06-13 19:34 - 2018-05-20 11:59 - 023862784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2018-06-13 19:34 - 2018-05-20 06:34 - 016592384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2018-06-13 19:33 - 2018-06-08 14:01 - 002395056 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVCORE.DLL
2018-06-13 19:33 - 2018-06-08 13:45 - 012712448 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2018-06-13 19:33 - 2018-06-08 13:45 - 004392448 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2018-06-13 19:33 - 2018-06-08 13:43 - 002922496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2018-06-13 19:33 - 2018-06-08 13:42 - 003653120 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2018-06-13 19:33 - 2018-06-08 11:51 - 011903488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2018-06-13 19:33 - 2018-06-08 05:38 - 005821544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
2018-06-13 19:33 - 2018-06-08 05:37 - 002417840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2018-06-13 19:33 - 2018-06-08 05:31 - 007900984 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
2018-06-13 19:33 - 2018-06-08 05:31 - 003180176 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2018-06-13 19:33 - 2018-06-08 04:33 - 001034632 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2018-06-13 19:33 - 2018-06-08 04:30 - 009148320 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2018-06-13 19:33 - 2018-06-08 04:30 - 003296896 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2018-06-13 19:33 - 2018-06-08 04:30 - 001798552 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2018-06-13 19:33 - 2018-06-08 04:30 - 001017080 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2adec.dll
2018-06-13 19:33 - 2018-06-08 04:29 - 006817384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2018-06-13 19:33 - 2018-06-08 04:29 - 004970360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll
2018-06-13 19:33 - 2018-06-08 04:29 - 004403280 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2018-06-13 19:33 - 2018-06-08 04:29 - 003283408 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreUIComponents.dll
2018-06-13 19:33 - 2018-06-08 04:29 - 002753048 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2018-06-13 19:33 - 2018-06-08 04:29 - 002570712 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2018-06-13 19:33 - 2018-06-08 04:29 - 002462272 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2018-06-13 19:33 - 2018-06-08 04:29 - 002371392 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2018-06-13 19:33 - 2018-06-08 04:29 - 001784584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2018-06-13 19:33 - 2018-06-08 04:29 - 001611592 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetsrc.dll
2018-06-13 19:33 - 2018-06-08 04:29 - 000416144 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSAudDecMFT.dll
2018-06-13 19:33 - 2018-06-08 04:12 - 000861616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2adec.dll
2018-06-13 19:33 - 2018-06-08 04:11 - 001461744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2018-06-13 19:33 - 2018-06-08 04:10 - 002479272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2018-06-13 19:33 - 2018-06-08 04:10 - 002331584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2018-06-13 19:33 - 2018-06-08 04:10 - 001988072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2018-06-13 19:33 - 2018-06-08 04:10 - 000457152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSAudDecMFT.dll
2018-06-13 19:33 - 2018-06-08 04:09 - 006527064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2018-06-13 19:33 - 2018-06-08 04:09 - 004788512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2018-06-13 19:33 - 2018-06-08 04:09 - 004469832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll
2018-06-13 19:33 - 2018-06-08 04:09 - 002242216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2018-06-13 19:33 - 2018-06-08 04:09 - 001980872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2018-06-13 19:33 - 2018-06-08 04:09 - 001709720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll
2018-06-13 19:33 - 2018-06-08 04:09 - 001620880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2018-06-13 19:33 - 2018-06-08 04:09 - 001380200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2018-06-13 19:33 - 2018-06-08 04:09 - 001020168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2018-06-13 19:33 - 2018-06-08 04:04 - 004706816 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2018-06-13 19:33 - 2018-06-08 04:03 - 022005760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2018-06-13 19:33 - 2018-06-08 04:01 - 004563456 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2018-06-13 19:33 - 2018-06-08 04:00 - 019404288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2018-06-13 19:33 - 2018-06-08 04:00 - 004372992 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2018-06-13 19:33 - 2018-06-08 04:00 - 003320320 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2018-06-13 19:33 - 2018-06-08 03:59 - 006032384 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2018-06-13 19:33 - 2018-06-08 03:59 - 004867072 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2018-06-13 19:33 - 2018-06-08 03:59 - 003392512 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2018-06-13 19:33 - 2018-06-08 03:59 - 001767936 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2018-06-13 19:33 - 2018-06-08 03:58 - 007581696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2018-06-13 19:33 - 2018-06-08 03:58 - 003712512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2018-06-13 19:33 - 2018-06-08 03:58 - 001676800 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreShell.dll
2018-06-13 19:33 - 2018-06-08 03:56 - 005780992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2018-06-13 19:33 - 2018-06-08 03:56 - 005307392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2018-06-13 19:33 - 2018-06-08 03:56 - 002900480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2018-06-13 19:33 - 2018-06-08 03:56 - 002364928 _____ (Microsoft Corporation) C:\WINDOWS\system32\OpcServices.dll
2018-06-13 19:33 - 2018-06-08 03:56 - 001804288 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2018-06-13 19:33 - 2018-06-08 03:55 - 003441152 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2018-06-13 19:33 - 2018-06-08 03:55 - 002248192 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2018-06-13 19:33 - 2018-06-08 03:55 - 002061824 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2018-06-13 19:33 - 2018-06-08 03:55 - 001854976 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2018-06-13 19:33 - 2018-06-08 03:55 - 001371648 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2018-06-13 19:33 - 2018-06-08 03:54 - 003016192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2018-06-13 19:33 - 2018-06-08 03:54 - 001627136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2018-06-13 19:33 - 2018-06-06 13:57 - 003733320 _____ C:\WINDOWS\system32\Windows.Mirage.dll
2018-06-13 19:33 - 2018-06-05 23:20 - 002841312 _____ C:\WINDOWS\SysWOW64\Windows.Mirage.dll
2018-06-13 19:33 - 2018-05-20 14:43 - 021389360 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2018-06-13 19:33 - 2018-05-20 14:42 - 001649760 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9.dll
2018-06-13 19:33 - 2018-05-20 14:23 - 000947712 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmsys.cpl
2018-06-13 19:33 - 2018-05-20 14:23 - 000899072 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2018-06-13 19:33 - 2018-05-20 14:22 - 001665024 _____ (Microsoft Corporation) C:\WINDOWS\system32\comsvcs.dll
2018-06-13 19:33 - 2018-05-20 14:22 - 000804352 _____ (Microsoft Corporation) C:\WINDOWS\system32\SndVolSSO.dll
2018-06-13 19:33 - 2018-05-20 13:14 - 020383712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2018-06-13 19:33 - 2018-05-20 13:00 - 000864768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmsys.cpl
2018-06-13 19:33 - 2018-05-20 11:45 - 001271296 _____ (Microsoft Corporation) C:\WINDOWS\system32\HoloSI.PCShell.dll
2018-06-13 19:33 - 2018-05-20 06:53 - 002178136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2018-06-13 19:33 - 2018-05-20 06:53 - 001012408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfreadwrite.dll
2018-06-13 19:33 - 2018-05-20 06:52 - 007436632 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2018-06-13 19:33 - 2018-05-20 06:52 - 000735560 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2018-06-13 19:33 - 2018-05-20 06:33 - 001665920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2018-06-13 19:33 - 2018-05-20 06:32 - 006044104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2018-06-13 19:33 - 2018-05-20 06:31 - 001456640 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcDesktopMonSvc.dll
2018-06-13 19:33 - 2018-05-20 06:30 - 008188928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2018-06-13 19:33 - 2018-05-20 06:26 - 003392512 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2018-06-13 19:33 - 2018-05-20 06:24 - 000625152 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2018-06-13 19:33 - 2018-05-20 06:23 - 013873152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2018-06-13 19:33 - 2018-05-20 06:23 - 002366976 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2018-06-13 19:33 - 2018-05-20 06:23 - 000847360 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2018-06-13 19:33 - 2018-05-20 06:21 - 001303040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Vpn.dll
2018-06-13 19:33 - 2018-05-20 06:21 - 001210880 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll
2018-06-13 19:33 - 2018-05-20 06:17 - 002699776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2018-06-13 19:33 - 2018-05-20 06:16 - 006661120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2018-06-13 19:33 - 2018-05-20 06:11 - 001005568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll
2018-06-13 19:33 - 2018-04-28 06:17 - 019525120 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
2018-06-13 19:33 - 2018-04-27 22:58 - 003086336 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2018-06-13 19:33 - 2018-04-27 21:43 - 001953280 _____ C:\WINDOWS\system32\rdpnano.dll
2018-06-13 19:32 - 2018-06-08 14:07 - 000506184 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemreset.exe
2018-06-13 19:32 - 2018-06-08 14:05 - 000094112 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2018-06-13 19:32 - 2018-06-08 14:02 - 001634808 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2018-06-13 19:32 - 2018-06-08 14:02 - 000661160 _____ (Microsoft Corporation) C:\WINDOWS\system32\GenValObj.exe
2018-06-13 19:32 - 2018-06-08 14:01 - 001046944 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgent.dll
2018-06-13 19:32 - 2018-06-08 13:47 - 000144384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxdav.sys
2018-06-13 19:32 - 2018-06-08 13:45 - 000808960 _____ C:\WINDOWS\system32\MBR2GPT.EXE
2018-06-13 19:32 - 2018-06-08 13:44 - 001121792 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll
2018-06-13 19:32 - 2018-06-08 13:44 - 000625152 _____ (Microsoft Corporation) C:\WINDOWS\system32\BootMenuUX.dll
2018-06-13 19:32 - 2018-06-08 13:44 - 000340992 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcGenral.dll
2018-06-13 19:32 - 2018-06-08 13:43 - 003640832 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstsc.exe
2018-06-13 19:32 - 2018-06-08 13:43 - 001719808 _____ (Microsoft Corporation) C:\WINDOWS\system32\dui70.dll
2018-06-13 19:32 - 2018-06-08 13:43 - 001659904 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsPrint.dll
2018-06-13 19:32 - 2018-06-08 13:43 - 001543680 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtctm.dll
2018-06-13 19:32 - 2018-06-08 13:43 - 001364992 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvruserservice.dll
2018-06-13 19:32 - 2018-06-08 13:42 - 003999232 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbon.dll
2018-06-13 19:32 - 2018-06-08 13:42 - 001605632 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2018-06-13 19:32 - 2018-06-08 13:42 - 000503296 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcext.dll
2018-06-13 19:32 - 2018-06-08 13:41 - 001180672 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2018-06-13 19:32 - 2018-06-08 13:41 - 000878080 _____ (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll
2018-06-13 19:32 - 2018-06-08 13:41 - 000758272 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2018-06-13 19:32 - 2018-06-08 13:41 - 000577024 _____ (Microsoft Corporation) C:\WINDOWS\system32\SppExtComObj.Exe
2018-06-13 19:32 - 2018-06-08 13:41 - 000182272 _____ (Microsoft Corporation) C:\WINDOWS\system32\easwrt.dll
2018-06-13 19:32 - 2018-06-08 13:40 - 000465920 _____ (Microsoft Corporation) C:\WINDOWS\system32\DXP.dll
2018-06-13 19:32 - 2018-06-08 12:04 - 001454024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2018-06-13 19:32 - 2018-06-08 11:58 - 002206544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVCORE.DLL
2018-06-13 19:32 - 2018-06-08 11:58 - 000917408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgent.dll
2018-06-13 19:32 - 2018-06-08 11:47 - 003492864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbon.dll
2018-06-13 19:32 - 2018-06-08 11:47 - 002895872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2018-06-13 19:32 - 2018-06-08 11:47 - 001462784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dui70.dll
2018-06-13 19:32 - 2018-06-08 11:47 - 001032704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsPrint.dll
2018-06-13 19:32 - 2018-06-08 11:47 - 000703488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll
2018-06-13 19:32 - 2018-06-08 11:47 - 000231936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidcredprov.dll
2018-06-13 19:32 - 2018-06-08 11:46 - 003444224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstsc.exe
2018-06-13 19:32 - 2018-06-08 11:46 - 000908288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TSWorkspace.dll
2018-06-13 19:32 - 2018-06-08 11:45 - 002401280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcGenral.dll
2018-06-13 19:32 - 2018-06-08 11:06 - 000976384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Spectrum.exe
2018-06-13 19:32 - 2018-06-08 11:05 - 001008640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MixedRealityCapture.dll
2018-06-13 19:32 - 2018-06-08 11:05 - 000944640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Mirage.Internal.dll
2018-06-13 19:32 - 2018-06-08 09:00 - 000868864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.MixedRealityCapture.dll
2018-06-13 19:32 - 2018-06-08 09:00 - 000658432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.Internal.dll
2018-06-13 19:32 - 2018-06-08 05:35 - 001613200 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3D12.dll
2018-06-13 19:32 - 2018-06-08 05:35 - 000613144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2018-06-13 19:32 - 2018-06-08 05:34 - 001299056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3D12.dll
2018-06-13 19:32 - 2018-06-08 05:34 - 000748512 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2018-06-13 19:32 - 2018-06-08 05:31 - 000029600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\uefi.sys
2018-06-13 19:32 - 2018-06-08 05:30 - 000705440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2018-06-13 19:32 - 2018-06-08 04:34 - 001140576 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2018-06-13 19:32 - 2018-06-08 04:34 - 000983016 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2018-06-13 19:32 - 2018-06-08 04:33 - 001213368 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipUp.exe
2018-06-13 19:32 - 2018-06-08 04:33 - 000272296 _____ (Microsoft Corporation) C:\WINDOWS\system32\SgrmEnclave.dll
2018-06-13 19:32 - 2018-06-08 04:33 - 000269224 _____ (Microsoft Corporation) C:\WINDOWS\system32\SgrmEnclave_secure.dll
2018-06-13 19:32 - 2018-06-08 04:31 - 001174432 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2018-06-13 19:32 - 2018-06-08 04:31 - 001012640 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2018-06-13 19:32 - 2018-06-08 04:31 - 000226720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Ucx01000.sys
2018-06-13 19:32 - 2018-06-08 04:30 - 001363632 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2018-06-13 19:32 - 2018-06-08 04:30 - 001063328 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2018-06-13 19:32 - 2018-06-08 04:30 - 000723360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimgapi.dll
2018-06-13 19:32 - 2018-06-08 04:30 - 000722808 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2018-06-13 19:32 - 2018-06-08 04:30 - 000709824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2018-06-13 19:32 - 2018-06-08 04:30 - 000567184 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2018-06-13 19:32 - 2018-06-08 04:30 - 000565152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2018-06-13 19:32 - 2018-06-08 04:30 - 000527264 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimserv.exe
2018-06-13 19:32 - 2018-06-08 04:30 - 000491328 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2018-06-13 19:32 - 2018-06-08 04:30 - 000194456 _____ (Microsoft Corporation) C:\WINDOWS\system32\skci.dll
2018-06-13 19:32 - 2018-06-08 04:30 - 000170912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2018-06-13 19:32 - 2018-06-08 04:30 - 000137568 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcrypt.dll
2018-06-13 19:32 - 2018-06-08 04:30 - 000134584 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2018-06-13 19:32 - 2018-06-08 04:29 - 002836384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2018-06-13 19:32 - 2018-06-08 04:29 - 002590400 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVDECOD.DLL
2018-06-13 19:32 - 2018-06-08 04:29 - 002564984 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2018-06-13 19:32 - 2018-06-08 04:29 - 002546592 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateAgent.dll
2018-06-13 19:32 - 2018-06-08 04:29 - 002422688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2018-06-13 19:32 - 2018-06-08 04:29 - 001946328 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2018-06-13 19:32 - 2018-06-08 04:29 - 001934400 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2018-06-13 19:32 - 2018-06-08 04:29 - 001921952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refs.sys
2018-06-13 19:32 - 2018-06-08 04:29 - 001792808 _____ (Microsoft Corporation) C:\WINDOWS\system32\propsys.dll
2018-06-13 19:32 - 2018-06-08 04:29 - 001457136 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2018-06-13 19:32 - 2018-06-08 04:29 - 001364184 _____ (Microsoft Corporation) C:\WINDOWS\system32\webservices.dll
2018-06-13 19:32 - 2018-06-08 04:29 - 001288816 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2018-06-13 19:32 - 2018-06-08 04:29 - 001258288 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2018-06-13 19:32 - 2018-06-08 04:29 - 001209800 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2018-06-13 19:32 - 2018-06-08 04:29 - 001190152 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2018-06-13 19:32 - 2018-06-08 04:29 - 001150416 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVP9DEC.dll
2018-06-13 19:32 - 2018-06-08 04:29 - 001148808 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2018-06-13 19:32 - 2018-06-08 04:29 - 001112608 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll
2018-06-13 19:32 - 2018-06-08 04:29 - 001097648 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2018-06-13 19:32 - 2018-06-08 04:29 - 001026976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2018-06-13 19:32 - 2018-06-08 04:29 - 000945568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refsv1.sys
2018-06-13 19:32 - 2018-06-08 04:29 - 000885880 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2018-06-13 19:32 - 2018-06-08 04:29 - 000792992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2018-06-13 19:32 - 2018-06-08 04:29 - 000678840 _____ (Microsoft Corporation) C:\WINDOWS\system32\SHCore.dll
2018-06-13 19:32 - 2018-06-08 04:29 - 000659096 _____ (Microsoft Corporation) C:\WINDOWS\system32\StateRepository.Core.dll
2018-06-13 19:32 - 2018-06-08 04:29 - 000594128 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2018-06-13 19:32 - 2018-06-08 04:29 - 000413824 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2018-06-13 19:32 - 2018-06-08 04:29 - 000413088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2018-06-13 19:32 - 2018-06-08 04:29 - 000375712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msrpc.sys
2018-06-13 19:32 - 2018-06-08 04:29 - 000313592 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsensorgroup.dll
2018-06-13 19:32 - 2018-06-08 04:29 - 000266656 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2018-06-13 19:32 - 2018-06-08 04:29 - 000260896 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2018-06-13 19:32 - 2018-06-08 04:29 - 000164768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wfplwfs.sys
2018-06-13 19:32 - 2018-06-08 04:29 - 000158720 _____ (Microsoft Corporation) C:\WINDOWS\system32\vertdll.dll
2018-06-13 19:32 - 2018-06-08 04:29 - 000084288 _____ (Microsoft Corporation) C:\WINDOWS\system32\LanguageOverlayUtil.dll
2018-06-13 19:32 - 2018-06-08 04:29 - 000057960 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel.appcore.dll
2018-06-13 19:32 - 2018-06-08 04:12 - 000786176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2018-06-13 19:32 - 2018-06-08 04:11 - 000550616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll
2018-06-13 19:32 - 2018-06-08 04:10 - 002307336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVDECOD.DLL
2018-06-13 19:32 - 2018-06-08 04:10 - 001397200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVP9DEC.dll
2018-06-13 19:32 - 2018-06-08 04:10 - 001011992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2018-06-13 19:32 - 2018-06-08 04:10 - 000880152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2018-06-13 19:32 - 2018-06-08 04:10 - 000097176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcrypt.dll
2018-06-13 19:32 - 2018-06-08 04:09 - 002535552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2018-06-13 19:32 - 2018-06-08 04:09 - 002486992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2018-06-13 19:32 - 2018-06-08 04:09 - 001805776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2018-06-13 19:32 - 2018-06-08 04:09 - 001584128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\propsys.dll
2018-06-13 19:32 - 2018-06-08 04:09 - 001129648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
2018-06-13 19:32 - 2018-06-08 04:09 - 001077504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webservices.dll
2018-06-13 19:32 - 2018-06-08 04:09 - 000988136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2018-06-13 19:32 - 2018-06-08 04:09 - 000770160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfds.dll
2018-06-13 19:32 - 2018-06-08 04:09 - 000607648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wimgapi.dll
2018-06-13 19:32 - 2018-06-08 04:09 - 000568720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryPS.dll
2018-06-13 19:32 - 2018-06-08 04:09 - 000567144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2018-06-13 19:32 - 2018-06-08 04:09 - 000553248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SHCore.dll
2018-06-13 19:32 - 2018-06-08 04:09 - 000356960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
2018-06-13 19:32 - 2018-06-08 04:09 - 000064648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LanguageOverlayUtil.dll
2018-06-13 19:32 - 2018-06-08 04:09 - 000050208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel.appcore.dll
2018-06-13 19:32 - 2018-06-08 04:03 - 000185344 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallServiceTasks.dll
2018-06-13 19:32 - 2018-06-08 04:03 - 000032256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mskssrv.sys
2018-06-13 19:32 - 2018-06-08 04:01 - 002961408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2018-06-13 19:32 - 2018-06-08 04:01 - 000342528 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserexport.exe
2018-06-13 19:32 - 2018-06-08 04:01 - 000295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\FSClient.dll
2018-06-13 19:32 - 2018-06-08 04:01 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidparse.sys
2018-06-13 19:32 - 2018-06-08 04:00 - 001285120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Maps.dll
2018-06-13 19:32 - 2018-06-08 04:00 - 000329216 _____ (Microsoft Corporation) C:\WINDOWS\system32\credprovs.dll
2018-06-13 19:32 - 2018-06-08 03:59 - 001318400 _____ (Microsoft Corporation) C:\WINDOWS\system32\ISM.dll
2018-06-13 19:32 - 2018-06-08 03:59 - 000983040 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbiosrvc.dll
2018-06-13 19:32 - 2018-06-08 03:59 - 000673792 _____ (Microsoft Corporation) C:\WINDOWS\system32\FrameServer.dll
2018-06-13 19:32 - 2018-06-08 03:59 - 000564736 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2018-06-13 19:32 - 2018-06-08 03:59 - 000174080 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll
2018-06-13 19:32 - 2018-06-08 03:58 - 000898560 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2018-06-13 19:32 - 2018-06-08 03:58 - 000894464 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2018-06-13 19:32 - 2018-06-08 03:58 - 000813568 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2018-06-13 19:32 - 2018-06-08 03:58 - 000781824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys
2018-06-13 19:32 - 2018-06-08 03:58 - 000239104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FSClient.dll
2018-06-13 19:32 - 2018-06-08 03:57 - 003348992 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2018-06-13 19:32 - 2018-06-08 03:57 - 002172416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2018-06-13 19:32 - 2018-06-08 03:57 - 001708544 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSPhotography.dll
2018-06-13 19:32 - 2018-06-08 03:57 - 001485312 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallService.dll
2018-06-13 19:32 - 2018-06-08 03:57 - 000483328 _____ (Microsoft Corporation) C:\WINDOWS\system32\RTMediaFrame.dll
2018-06-13 19:32 - 2018-06-08 03:57 - 000401920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ks.sys
2018-06-13 19:32 - 2018-06-08 03:56 - 004336128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2018-06-13 19:32 - 2018-06-08 03:56 - 003293696 _____ (Microsoft Corporation) C:\WINDOWS\system32\esent.dll
2018-06-13 19:32 - 2018-06-08 03:56 - 002902016 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2018-06-13 19:32 - 2018-06-08 03:56 - 001550848 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2018-06-13 19:32 - 2018-06-08 03:56 - 001395200 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2018-06-13 19:32 - 2018-06-08 03:56 - 001361408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSPhotography.dll
2018-06-13 19:32 - 2018-06-08 03:56 - 000916480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2018-06-13 19:32 - 2018-06-08 03:56 - 000908800 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSMPEG2ENC.DLL
2018-06-13 19:32 - 2018-06-08 03:56 - 000871424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.BackgroundMediaPlayback.dll
2018-06-13 19:32 - 2018-06-08 03:56 - 000869376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Playback.BackgroundMediaPlayer.dll
2018-06-13 19:32 - 2018-06-08 03:56 - 000858112 _____ (Microsoft Corporation) C:\WINDOWS\system32\FlightSettings.dll
2018-06-13 19:32 - 2018-06-08 03:56 - 000715776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.dll
2018-06-13 19:32 - 2018-06-08 03:56 - 000684544 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2018-06-13 19:32 - 2018-06-08 03:56 - 000615424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2018-06-13 19:32 - 2018-06-08 03:56 - 000389632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2018-06-13 19:32 - 2018-06-08 03:56 - 000331264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2018-06-13 19:32 - 2018-06-08 03:56 - 000264704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credprovs.dll
2018-06-13 19:32 - 2018-06-08 03:55 - 002236928 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2018-06-13 19:32 - 2018-06-08 03:55 - 001242112 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmkvsrcsnk.dll
2018-06-13 19:32 - 2018-06-08 03:55 - 001192448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Maps.dll
2018-06-13 19:32 - 2018-06-08 03:55 - 001171968 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2018-06-13 19:32 - 2018-06-08 03:55 - 001160192 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2018-06-13 19:32 - 2018-06-08 03:55 - 001070080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll
2018-06-13 19:32 - 2018-06-08 03:55 - 001033728 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2018-06-13 19:32 - 2018-06-08 03:55 - 000932352 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2018-06-13 19:32 - 2018-06-08 03:55 - 000849408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Playback.MediaPlayer.dll
2018-06-13 19:32 - 2018-06-08 03:55 - 000776192 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2018-06-13 19:32 - 2018-06-08 03:55 - 000667648 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll
2018-06-13 19:32 - 2018-06-08 03:55 - 000652800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
2018-06-13 19:32 - 2018-06-08 03:55 - 000630784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Playback.MediaPlayer.dll
2018-06-13 19:32 - 2018-06-08 03:55 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2018-06-13 19:32 - 2018-06-08 03:54 - 002789376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2018-06-13 19:32 - 2018-06-08 03:54 - 001586176 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2018-06-13 19:32 - 2018-06-08 03:54 - 001128448 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApiPublic.dll
2018-06-13 19:32 - 2018-06-08 03:54 - 000999936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2018-06-13 19:32 - 2018-06-08 03:54 - 000950272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2018-06-13 19:32 - 2018-06-08 03:54 - 000857088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSMPEG2ENC.DLL
2018-06-13 19:32 - 2018-06-08 03:54 - 000842240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmkvsrcsnk.dll
2018-06-13 19:32 - 2018-06-08 03:54 - 000729088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FlightSettings.dll
2018-06-13 19:32 - 2018-06-08 03:54 - 000646656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Playback.BackgroundMediaPlayer.dll
2018-06-13 19:32 - 2018-06-08 03:54 - 000619520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2018-06-13 19:32 - 2018-06-08 03:54 - 000593408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.dll
2018-06-13 19:32 - 2018-06-08 03:54 - 000505344 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2018-06-13 19:32 - 2018-06-08 03:54 - 000375808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RTMediaFrame.dll
2018-06-13 19:32 - 2018-06-08 03:54 - 000251904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2018-06-13 19:32 - 2018-06-08 03:54 - 000208384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSAC3ENC.DLL
2018-06-13 19:32 - 2018-06-08 03:53 - 001675264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2018-06-13 19:32 - 2018-06-08 03:53 - 001466368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2018-06-13 19:32 - 2018-06-08 03:53 - 001108992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallService.dll
2018-06-13 19:32 - 2018-06-08 03:53 - 000873472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Streaming.dll
2018-06-13 19:32 - 2018-06-08 03:53 - 000677888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2018-06-13 19:32 - 2018-06-08 03:53 - 000669696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2018-06-13 19:32 - 2018-06-08 03:53 - 000648192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.BackgroundMediaPlayback.dll
2018-06-13 19:32 - 2018-06-08 03:53 - 000528384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActivationManager.dll
2018-06-13 19:32 - 2018-06-01 18:24 - 000713376 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll
2018-06-13 19:32 - 2018-06-01 17:54 - 001825792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.CloudStore.dll
2018-06-13 19:32 - 2018-05-24 22:24 - 000340480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msexcl40.dll
2018-06-13 19:32 - 2018-05-20 14:45 - 000308408 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2018-06-13 19:32 - 2018-05-20 14:42 - 000759192 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicensingWinRT.dll
2018-06-13 19:32 - 2018-05-20 14:26 - 000486912 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasplap.dll
2018-06-13 19:32 - 2018-05-20 14:22 - 000941056 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasdlg.dll
2018-06-13 19:32 - 2018-05-20 13:15 - 000653208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicensingWinRT.dll
2018-06-13 19:32 - 2018-05-20 13:14 - 001490144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d9.dll
2018-06-13 19:32 - 2018-05-20 13:02 - 000461312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasplap.dll
2018-06-13 19:32 - 2018-05-20 12:59 - 000863232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasdlg.dll
2018-06-13 19:32 - 2018-05-20 12:59 - 000747520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SndVolSSO.dll
2018-06-13 19:32 - 2018-05-20 11:35 - 000677376 _____ (Microsoft Corporation) C:\WINDOWS\system32\HeadTrackerStorage.dll
2018-06-13 19:32 - 2018-05-20 11:34 - 000238592 _____ (Microsoft Corporation) C:\WINDOWS\system32\HoloShellRuntime.dll
2018-06-13 19:32 - 2018-05-20 07:33 - 000105368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\stornvme.sys
2018-06-13 19:32 - 2018-05-20 06:53 - 001947808 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2018-06-13 19:32 - 2018-05-20 06:53 - 001017088 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyDecMFT.dll
2018-06-13 19:32 - 2018-05-20 06:53 - 000131232 _____ (Microsoft Corporation) C:\WINDOWS\system32\rmclient.dll
2018-06-13 19:32 - 2018-05-20 06:53 - 000088472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\crashdmp.sys
2018-06-13 19:32 - 2018-05-20 06:52 - 000347704 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll
2018-06-13 19:32 - 2018-05-20 06:52 - 000130456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvsocket.sys
2018-06-13 19:32 - 2018-05-20 06:52 - 000089984 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompPkgSup.dll
2018-06-13 19:32 - 2018-05-20 06:34 - 000861096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DolbyDecMFT.dll
2018-06-13 19:32 - 2018-05-20 06:33 - 000101288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rmclient.dll
2018-06-13 19:32 - 2018-05-20 06:32 - 001559368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2018-06-13 19:32 - 2018-05-20 06:32 - 001034096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfreadwrite.dll
2018-06-13 19:32 - 2018-05-20 06:32 - 000560488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2018-06-13 19:32 - 2018-05-20 06:32 - 000286200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wintrust.dll
2018-06-13 19:32 - 2018-05-20 06:32 - 000077040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CompPkgSup.dll
2018-06-13 19:32 - 2018-05-20 06:28 - 000119296 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
2018-06-13 19:32 - 2018-05-20 06:28 - 000111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppHostRegistrationVerifier.exe
2018-06-13 19:32 - 2018-05-20 06:26 - 001307648 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVPXENC.dll
2018-06-13 19:32 - 2018-05-20 06:26 - 000356352 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafWfdProvider.dll
2018-06-13 19:32 - 2018-05-20 06:26 - 000266752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2018-06-13 19:32 - 2018-05-20 06:26 - 000236032 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtutil.exe
2018-06-13 19:32 - 2018-05-20 06:26 - 000098816 _____ (Microsoft Corporation) C:\WINDOWS\system32\TelephonyInteractiveUser.dll
2018-06-13 19:32 - 2018-05-20 06:25 - 000384000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Phoneutil.dll
2018-06-13 19:32 - 2018-05-20 06:24 - 000234496 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyMATEnc.dll
2018-06-13 19:32 - 2018-05-20 06:23 - 000933376 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
2018-06-13 19:32 - 2018-05-20 06:21 - 000960512 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2018-06-13 19:32 - 2018-05-20 06:21 - 000783360 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyHrtfEnc.dll
2018-06-13 19:32 - 2018-05-20 06:16 - 000094720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll
2018-06-13 19:32 - 2018-05-20 06:15 - 000142848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallServiceTasks.dll
2018-06-13 19:32 - 2018-05-20 06:14 - 001295360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVPXENC.dll
2018-06-13 19:32 - 2018-05-20 06:14 - 000167936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wevtutil.exe
2018-06-13 19:32 - 2018-05-20 06:13 - 000317440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Phoneutil.dll
2018-06-13 19:32 - 2018-05-20 06:12 - 000992768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Vpn.dll
2018-06-13 19:32 - 2018-05-20 06:12 - 000860160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll
2018-06-13 19:32 - 2018-04-28 09:03 - 000171520 _____ (Microsoft Corporation) C:\WINDOWS\system32\itss.dll
2018-06-13 19:32 - 2018-04-28 09:03 - 000150528 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedPCCSP.dll
2018-06-13 19:32 - 2018-04-28 09:00 - 000695296 _____ (Microsoft Corporation) C:\WINDOWS\system32\hhctrl.ocx
2018-06-13 19:32 - 2018-04-28 08:58 - 001855488 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2018-06-13 19:32 - 2018-04-28 08:18 - 000150016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\itss.dll
2018-06-13 19:32 - 2018-04-28 08:17 - 012500992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2018-06-13 19:32 - 2018-04-28 08:14 - 000581120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hhctrl.ocx
2018-06-13 19:32 - 2018-04-28 08:12 - 001380864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comsvcs.dll
2018-06-13 19:32 - 2018-04-28 05:58 - 000159744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Cortana.Analog.dll
2018-06-13 19:32 - 2018-04-27 23:31 - 000473496 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcntel.dll
2018-06-13 19:32 - 2018-04-27 23:29 - 001565592 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxPackaging.dll
2018-06-13 19:32 - 2018-04-27 23:29 - 000788216 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2018-06-13 19:32 - 2018-04-27 23:29 - 000776880 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2018-06-13 19:32 - 2018-04-27 23:29 - 000494488 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe
2018-06-13 19:32 - 2018-04-27 23:29 - 000382872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2018-06-13 19:32 - 2018-04-27 23:27 - 000604568 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2018-06-13 19:32 - 2018-04-27 23:14 - 000434584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe
2018-06-13 19:32 - 2018-04-27 23:13 - 001426328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxPackaging.dll
2018-06-13 19:32 - 2018-04-27 23:13 - 000665320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2018-06-13 19:32 - 2018-04-27 23:12 - 000606448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2018-06-13 19:32 - 2018-04-27 23:02 - 000046592 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcimage.dll
2018-06-13 19:32 - 2018-04-27 22:59 - 000553984 _____ (Microsoft Corporation) C:\WINDOWS\system32\PerceptionSimulationExtensions.dll
2018-06-13 19:32 - 2018-04-27 22:55 - 000596480 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2018-06-13 19:32 - 2018-04-27 22:55 - 000543744 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2018-06-13 19:32 - 2018-04-27 22:53 - 000117760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TSpkg.dll
2018-06-13 19:32 - 2018-04-27 22:52 - 000836608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2018-06-13 19:32 - 2018-04-27 22:51 - 000524800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2018-06-13 19:31 - 2018-06-08 13:48 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\iemigplugin.dll
2018-06-13 19:31 - 2018-06-08 13:46 - 000584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll
2018-06-13 19:31 - 2018-06-08 13:45 - 001560576 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdt.exe
2018-06-13 19:31 - 2018-06-08 13:44 - 000285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidcredprov.dll
2018-06-13 19:31 - 2018-06-08 13:43 - 000392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2018-06-13 19:31 - 2018-06-08 13:42 - 002084864 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2018-06-13 19:31 - 2018-06-08 13:41 - 002019840 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll
2018-06-13 19:31 - 2018-06-08 11:50 - 001508352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdt.exe
2018-06-13 19:31 - 2018-06-08 11:48 - 000668672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2018-06-13 19:31 - 2018-06-08 11:48 - 000344064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2018-06-13 19:31 - 2018-06-08 11:46 - 002016256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2018-06-13 19:31 - 2018-06-08 04:03 - 000906752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Globalization.PhoneNumberFormatting.dll
2018-06-13 19:31 - 2018-06-08 04:03 - 000038400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryCore.dll
2018-06-13 19:31 - 2018-06-08 04:02 - 000096768 _____ (Microsoft Corporation) C:\WINDOWS\system32\usoapi.dll
2018-06-13 19:31 - 2018-06-08 04:02 - 000059904 _____ (Microsoft Corporation) C:\WINDOWS\system32\edpnotify.exe
2018-06-13 19:31 - 2018-06-08 04:02 - 000035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBrokerCookies.exe
2018-06-13 19:31 - 2018-06-08 04:01 - 000294912 _____ (Microsoft Corporation) C:\WINDOWS\system32\TDLMigration.dll
2018-06-13 19:31 - 2018-06-08 04:01 - 000209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2018-06-13 19:31 - 2018-06-08 04:01 - 000182272 _____ (Microsoft Corporation) C:\WINDOWS\system32\BitLockerCsp.dll
2018-06-13 19:31 - 2018-06-08 04:01 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\system32\tbauth.dll
2018-06-13 19:31 - 2018-06-08 04:00 - 000275456 _____ (Microsoft Corporation) C:\WINDOWS\system32\SIHClient.exe
2018-06-13 19:31 - 2018-06-08 04:00 - 000149504 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll
2018-06-13 19:31 - 2018-06-08 04:00 - 000100864 _____ (Microsoft Corporation) C:\WINDOWS\system32\CapabilityAccessManagerClient.dll
2018-06-13 19:31 - 2018-06-08 04:00 - 000075776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mpsdrv.sys
2018-06-13 19:31 - 2018-06-08 03:59 - 000456704 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDEServer.exe
2018-06-13 19:31 - 2018-06-08 03:59 - 000177152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryUpgrade.dll
2018-06-13 19:31 - 2018-06-08 03:58 - 000266752 _____ (Microsoft Corporation) C:\WINDOWS\system32\CapabilityAccessManager.dll
2018-06-13 19:31 - 2018-06-08 03:58 - 000029184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBrokerCookies.exe
2018-06-13 19:31 - 2018-06-08 03:57 - 000310272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincorlib.dll
2018-06-13 19:31 - 2018-06-08 03:57 - 000150016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryUpgrade.dll
2018-06-13 19:31 - 2018-06-08 03:57 - 000038400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tbauth.dll
2018-06-13 19:31 - 2018-06-08 03:56 - 000466432 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2018-06-13 19:31 - 2018-06-08 03:55 - 000778752 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL
2018-06-13 19:31 - 2018-06-08 03:55 - 000401920 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll
2018-06-13 19:31 - 2018-06-08 03:54 - 001348096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OpcServices.dll
2018-06-13 19:31 - 2018-06-08 02:41 - 000001310 _____ C:\WINDOWS\system32\tcbres.wim
2018-06-13 19:31 - 2018-05-20 14:23 - 004070400 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2018-06-13 19:31 - 2018-05-20 14:22 - 001292288 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe
2018-06-13 19:31 - 2018-05-20 11:39 - 000788480 _____ (Microsoft Corporation) C:\WINDOWS\system32\DHolographicDisplay.dll
2018-06-13 19:31 - 2018-05-20 09:54 - 000184320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\HoloShellRuntime.dll
2018-06-13 19:31 - 2018-05-20 06:28 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
2018-06-13 19:31 - 2018-05-20 06:27 - 000344576 _____ (Microsoft Corporation) C:\WINDOWS\system32\RasMediaManager.dll
2018-06-13 19:31 - 2018-05-20 06:27 - 000109568 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApiSetHost.AppExecutionAlias.dll
2018-06-13 19:31 - 2018-05-20 06:26 - 000154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2018-06-13 19:31 - 2018-05-20 06:26 - 000033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSHEIF.dll
2018-06-13 19:31 - 2018-05-20 06:25 - 000835584 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneService.dll
2018-06-13 19:31 - 2018-05-20 06:24 - 000726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2018-06-13 19:31 - 2018-05-20 06:23 - 005951488 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2018-06-13 19:31 - 2018-05-20 06:21 - 001371136 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2018-06-13 19:31 - 2018-05-20 06:16 - 000081920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ApiSetHost.AppExecutionAlias.dll
2018-06-13 19:31 - 2018-05-20 06:16 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll
2018-06-13 19:31 - 2018-05-20 06:15 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSHEIF.dll
2018-06-13 19:31 - 2018-05-20 06:13 - 004929024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2018-06-13 19:31 - 2018-05-20 06:11 - 001036288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2018-06-13 19:31 - 2018-05-20 03:26 - 000018716 _____ C:\WINDOWS\system32\srms-apr.dat
2018-06-13 19:31 - 2018-05-18 12:08 - 000018716 _____ C:\WINDOWS\SysWOW64\srms-apr.dat
2018-06-13 19:31 - 2018-04-28 09:03 - 013570560 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2018-06-13 19:31 - 2018-04-28 09:02 - 008623104 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2018-06-13 19:31 - 2018-04-28 09:01 - 000256000 _____ (Microsoft Corporation) C:\WINDOWS\system32\MixedReality.Broker.dll
2018-06-13 19:31 - 2018-04-28 08:16 - 007987712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2018-06-13 19:31 - 2018-04-28 08:13 - 001585664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2018-06-13 19:31 - 2018-04-27 23:03 - 000585728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.rs3.dll
2018-06-13 19:31 - 2018-04-27 23:03 - 000444416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.rs1.dll
2018-06-13 19:31 - 2018-04-27 23:03 - 000288256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.th.dll
2018-06-13 19:31 - 2018-04-27 23:03 - 000241664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.win81.dll
2018-06-13 19:31 - 2018-04-27 23:02 - 000613376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.rs4.dll
2018-06-13 19:31 - 2018-04-27 23:02 - 000474624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.rs2.dll
2018-06-13 19:31 - 2018-04-27 23:02 - 000144384 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2018-06-13 19:31 - 2018-04-27 23:02 - 000142336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.win8rtm.dll
2018-06-13 19:31 - 2018-04-27 23:01 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\credssp.dll
2018-06-13 19:31 - 2018-04-27 23:00 - 000143360 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSpkg.dll
2018-06-13 19:31 - 2018-04-27 22:57 - 001534976 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2018-06-13 19:31 - 2018-04-27 22:57 - 000019968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credssp.dll
2018-06-13 19:31 - 2018-04-27 22:56 - 000917504 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2018-06-13 19:31 - 2018-04-27 22:55 - 001421312 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpbase.dll
2018-06-13 19:31 - 2018-04-27 22:54 - 000561664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2018-06-13 19:31 - 2018-04-27 22:53 - 001235968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpbase.dll
2018-06-13 17:55 - 2018-06-13 17:55 - 000000000 ____D C:\Program Files\KeyboardNotification
2018-06-13 17:28 - 2018-06-13 17:28 - 000000000 ____D C:\Program Files\Bitdefender Antivirus Free
2018-06-13 17:11 - 2018-06-13 17:11 - 000003802 _____ C:\WINDOWS\System32\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864
2018-06-13 17:09 - 2018-06-14 00:14 - 000000000 ____D C:\Program Files\Bitdefender Agent
2018-06-13 17:09 - 2018-06-13 17:09 - 000043421 _____ C:\ProgramData\agent.1528927792.bdinstall.bin
2018-06-13 17:09 - 2018-06-13 17:09 - 000000000 ____D C:\ProgramData\Bitdefender Agent
2018-06-13 17:08 - 2018-06-13 17:09 - 009986176 _____ C:\Users\Turd Fergusson\Downloads\bitdefender_online.exe
2018-06-13 16:53 - 2018-07-01 22:06 - 000000000 ____D C:\WINDOWS\Minidump
2018-06-13 15:13 - 2018-06-13 15:13 - 000000000 ____D C:\WINDOWS\PCHEALTH
2018-06-13 15:08 - 2018-06-13 15:08 - 000000000 ____D C:\Program Files\Malwarebytes
2018-06-13 15:06 - 2018-06-13 15:07 - 077668920 _____ (Malwarebytes ) C:\Users\Turd Fergusson\Downloads\mb3-setup-consumer-3.5.1.2522-1.0.374-1.0.5464.exe
2018-06-13 15:05 - 2018-06-13 15:06 - 016001408 _____ (Microsoft Corporation) C:\Users\Turd Fergusson\Downloads\ITPx64_1033_7.10.344.0.exe
2018-06-13 14:47 - 2018-06-13 14:47 - 000000000 ____D C:\Users\Turd Fergusson\AppData\Local\D3DSCache
2018-06-13 07:49 - 2018-06-13 07:55 - 000000000 ____D C:\WINDOWS\system32\config\bbimigrate
2018-06-13 07:46 - 2018-06-13 07:48 - 000000000 ____D C:\WINDOWS\ServiceProfiles
2018-06-13 07:46 - 2018-06-13 07:46 - 000008192 _____ C:\WINDOWS\system32\config\userdiff
2018-06-13 07:43 - 2018-04-11 09:48 - 000100352 _____ (Microsoft Corporation) C:\WINDOWS\system32\XPSSHHDR.dll
2018-06-13 07:43 - 2018-04-11 09:45 - 004492288 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsrchvw.exe
2018-06-13 07:43 - 2018-04-11 09:41 - 000925696 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsFilt.dll
2018-06-13 07:43 - 2018-04-11 08:14 - 000082432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XPSSHHDR.dll
2018-06-13 07:43 - 2018-04-11 08:12 - 003398144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsrchvw.exe
2018-06-13 07:43 - 2018-04-11 08:09 - 000575488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsFilt.dll
2018-06-13 07:43 - 2017-10-29 21:03 - 000076060 _____ C:\WINDOWS\system32\xpsrchvw.xml
2018-06-13 07:43 - 2017-10-29 19:42 - 000076060 _____ C:\WINDOWS\SysWOW64\xpsrchvw.xml
2018-06-13 07:42 - 2018-06-13 07:42 - 000000000 ____D C:\Program Files\Reference Assemblies
2018-06-13 07:42 - 2018-06-13 07:42 - 000000000 ____D C:\Program Files\MSBuild
2018-06-13 07:42 - 2018-06-13 07:42 - 000000000 ____D C:\Program Files (x86)\Reference Assemblies
2018-06-13 07:42 - 2018-06-13 07:42 - 000000000 ____D C:\Program Files (x86)\MSBuild
2018-06-13 07:41 - 2018-03-05 19:07 - 000778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2018-06-13 07:41 - 2018-03-05 19:07 - 000103120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2018-06-13 07:41 - 2018-03-05 19:07 - 000035456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2018-06-13 07:41 - 2018-02-14 19:21 - 001166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2018-06-13 07:41 - 2018-02-14 19:21 - 000124624 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2018-06-13 07:41 - 2018-02-14 19:21 - 000035456 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2018-06-13 06:53 - 2018-06-13 06:53 - 000000000 ____D C:\Users\Turd Fergusson\AppData\Local\PlaceholderTileLogoFolder
2018-06-13 05:45 - 2018-06-13 05:45 - 000000000 ____D C:\ProgramData\Microsoft OneDrive
2018-06-13 05:41 - 2018-06-13 05:41 - 000000020 ___SH C:\Users\Turd Fergusson\ntuser.ini
2018-06-13 05:39 - 2018-07-02 05:56 - 000004186 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{A550EA7D-D648-481C-BE13-E21B7ADDBA15}
2018-06-13 05:39 - 2018-07-02 04:56 - 000004210 _____ C:\WINDOWS\System32\Tasks\CCleaner Update
2018-06-13 05:39 - 2018-07-01 22:06 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2018-06-13 05:39 - 2018-06-23 17:45 - 000003396 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1113577436-1958664147-1972585464-1001
2018-06-13 05:39 - 2018-06-13 17:43 - 000003958 _____ C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1523458184
2018-06-13 05:39 - 2018-06-13 05:40 - 000003764 _____ C:\WINDOWS\System32\Tasks\AMD Updater
2018-06-13 05:39 - 2018-06-13 05:40 - 000003764 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player PPAPI Notifier
2018-06-13 05:39 - 2018-06-13 05:40 - 000003752 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player NPAPI Notifier
2018-06-13 05:39 - 2018-06-13 05:40 - 000003458 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskMachineUA
2018-06-13 05:39 - 2018-06-13 05:40 - 000003346 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2018-06-13 05:39 - 2018-06-13 05:40 - 000003278 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2018-06-13 05:39 - 2018-06-13 05:40 - 000002856 _____ C:\WINDOWS\System32\Tasks\HPCeeScheduleForTurd Fergusson
2018-06-13 05:39 - 2018-06-13 05:40 - 000002590 _____ C:\WINDOWS\System32\Tasks\CreateExplorerShellUnelevatedTask
2018-06-13 05:39 - 2018-06-13 05:40 - 000002296 _____ C:\WINDOWS\System32\Tasks\{3FFB3D74-55B2-44DE-BE03-8EB74E56D67D}
2018-06-13 05:39 - 2018-06-13 05:40 - 000002220 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2018-06-13 05:39 - 2018-06-13 05:39 - 000003234 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskMachineCore
2018-06-13 05:39 - 2018-06-13 05:39 - 000003122 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2018-06-13 05:39 - 2018-06-13 05:39 - 000002490 _____ C:\WINDOWS\System32\Tasks\YCMServiceAgent
2018-06-13 05:39 - 2018-06-13 05:39 - 000002406 _____ C:\WINDOWS\System32\Tasks\Connect
2018-06-13 05:39 - 2018-06-13 05:39 - 000000000 ____D C:\WINDOWS\System32\Tasks\S-1-5-21-1113577436-1958664147-1972585464-1001
2018-06-13 05:39 - 2018-06-13 05:39 - 000000000 ____D C:\WINDOWS\System32\Tasks\Hewlett-Packard
2018-06-13 05:37 - 2018-06-13 05:39 - 000007623 _____ C:\WINDOWS\diagwrn.xml
2018-06-13 05:37 - 2018-06-13 05:39 - 000007623 _____ C:\WINDOWS\diagerr.xml
2018-06-13 05:09 - 2018-06-13 05:09 - 000001576 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2018-06-13 05:05 - 2018-07-02 05:46 - 000000000 ____D C:\Users\Turd Fergusson
2018-06-13 05:05 - 2018-06-23 17:45 - 000002401 _____ C:\Users\Turd Fergusson\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2018-06-13 05:05 - 2018-06-13 05:21 - 000000000 ____D C:\Users\Turd Fergusson\Documents\hp.system.package.metadata
2018-06-13 05:05 - 2017-04-28 07:10 - 000000000 ____D C:\Users\Turd Fergusson\AppData\Roaming\Macromedia
2018-06-13 05:05 - 2016-12-08 04:44 - 000000000 ____D C:\Users\Turd Fergusson\Documents\hp.applications.package.appdata
2018-06-13 05:04 - 2018-07-02 05:51 - 000881386 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2018-06-13 05:02 - 2018-06-13 05:02 - 000000000 ____D C:\ProgramData\USOShared
2018-06-13 05:02 - 2018-04-11 18:33 - 002752000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2018-06-13 04:57 - 2018-07-02 05:45 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2018-06-13 04:57 - 2018-06-14 00:23 - 000381496 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2018-06-13 03:06 - 2018-06-13 03:06 - 000000000 ___HD C:\$AV_AVG
2018-06-13 02:12 - 2018-06-14 00:21 - 000000000 ____D C:\Users\Turd Fergusson\AppData\Local\Avg
2018-06-13 02:04 - 2018-06-13 02:04 - 000000000 ____D C:\Program Files\Common Files\AVG
2018-06-13 02:00 - 2018-06-14 00:21 - 000000000 ____D C:\ProgramData\AVG
2018-06-13 02:00 - 2018-06-13 02:00 - 007391672 _____ (AVG Technologies CZ, s.r.o.) C:\Users\Turd Fergusson\Downloads\avg_antivirus_free_setup_b2f.exe
2018-06-05 04:08 - 2018-06-05 04:08 - 000052968 _____ C:\Users\Turd Fergusson\Downloads\90e745bf4bd5ec85062d121f19cbac8d.webp
2018-06-05 02:17 - 2018-06-13 05:42 - 000000000 ___DC C:\WINDOWS\Panther
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2018-07-02 05:52 - 2018-04-11 18:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2018-07-02 05:51 - 2018-04-11 18:36 - 000000000 ____D C:\WINDOWS\INF
2018-07-02 05:50 - 2017-11-01 20:01 - 000000000 ____D C:\ProgramData\Origin
2018-07-02 05:50 - 2016-09-26 12:49 - 000000000 ____D C:\Users\Turd Fergusson\Documents\YouCam
2018-07-02 05:50 - 2016-05-04 08:26 - 000000000 ____D C:\Users\Turd Fergusson\AppData\Roaming\uTorrent
2018-07-02 05:49 - 2016-05-04 08:26 - 000000000 ____D C:\Program Files (x86)\Steam
2018-07-02 05:46 - 2018-04-11 18:38 - 000000000 ____D C:\WINDOWS\AppReadiness
2018-07-01 22:11 - 2018-04-11 18:38 - 000000000 ___HD C:\Program Files\WindowsApps
2018-07-01 21:04 - 2017-03-04 13:18 - 000000000 ____D C:\Users\Turd Fergusson\AppData\LocalLow\Mozilla
2018-06-26 20:44 - 2018-02-25 01:25 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2018-06-26 18:20 - 2016-03-25 08:14 - 000000000 ____D C:\Program Files (x86)\Dropbox
2018-06-26 14:31 - 2016-05-04 09:39 - 000000000 ____D C:\Users\Turd Fergusson\AppData\Roaming\vlc
2018-06-26 12:29 - 2016-05-04 00:23 - 000000000 ____D C:\WINDOWS\SysWOW64\sda
2018-06-25 21:49 - 2016-08-07 22:46 - 000002308 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-06-23 17:45 - 2016-05-03 22:45 - 000000000 ___RD C:\Users\Turd Fergusson\OneDrive
2018-06-22 18:20 - 2018-04-11 18:38 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2018-06-22 18:20 - 2018-04-11 18:30 - 000000000 ____D C:\WINDOWS\CbsTemp
2018-06-22 02:21 - 2016-11-29 00:47 - 000000000 ____D C:\Users\Turd Fergusson\AppData\Local\Spotify
2018-06-22 02:21 - 2016-11-29 00:46 - 000000000 ____D C:\Users\Turd Fergusson\AppData\Roaming\Spotify
2018-06-14 00:25 - 2016-05-04 09:36 - 000000000 ___RD C:\Users\Turd Fergusson\3D Objects
2018-06-14 00:25 - 2015-11-02 13:02 - 000000000 __RHD C:\Users\Public\AccountPictures
2018-06-14 00:20 - 2018-04-11 16:04 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2018-06-14 00:20 - 2016-12-08 04:29 - 000065536 _____ C:\WINDOWS\system32\spu_storage.bin
2018-06-14 00:18 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\SysWOW64\zu-ZA
2018-06-14 00:18 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\SysWOW64\yo-NG
2018-06-14 00:18 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\SysWOW64\xh-ZA
2018-06-14 00:18 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\SysWOW64\wo-SN
2018-06-14 00:18 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\SysWOW64\vi-VN
2018-06-14 00:18 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\SysWOW64\uz-Latn-UZ
2018-06-14 00:18 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\SysWOW64\ur-PK
2018-06-14 00:18 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\SysWOW64\ug-CN
2018-06-14 00:18 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\SysWOW64\tt-RU
2018-06-14 00:18 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\SysWOW64\tn-ZA
2018-06-14 00:18 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\SysWOW64\tk-TM
2018-06-14 00:18 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\SysWOW64\ti-ET
2018-06-14 00:18 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\SysWOW64\tg-Cyrl-TJ
2018-06-14 00:18 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\SysWOW64\te-IN
2018-06-14 00:18 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\SysWOW64\ta-IN
2018-06-14 00:18 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\SysWOW64\sw-KE
2018-06-14 00:18 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\SysWOW64\sr-Cyrl-RS
2018-06-14 00:18 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\SysWOW64\sr-Cyrl-BA
2018-06-14 00:18 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\SysWOW64\sq-AL
2018-06-14 00:18 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\SysWOW64\si-LK
2018-06-14 00:18 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\SysWOW64\sd-Arab-PK
2018-06-14 00:18 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\SysWOW64\rw-RW
2018-06-14 00:18 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\SysWOW64\quz-PE
2018-06-14 00:18 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\SysWOW64\quc-Latn-GT
2018-06-14 00:18 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\SysWOW64\prs-AF
2018-06-14 00:18 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\SysWOW64\pa-IN
2018-06-14 00:18 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\SysWOW64\pa-Arab-PK
2018-06-14 00:18 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\SysWOW64\or-IN
2018-06-14 00:18 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\SysWOW64\nso-ZA
2018-06-14 00:18 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\SysWOW64\nn-NO
2018-06-14 00:18 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\SysWOW64\ne-NP
2018-06-14 00:18 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\SysWOW64\mt-MT
2018-06-14 00:18 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\SysWOW64\mr-IN
2018-06-14 00:18 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\SysWOW64\mn-MN
2018-06-14 00:18 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\SysWOW64\ml-IN
2018-06-14 00:18 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\SysWOW64\mk-MK
2018-06-14 00:18 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\SysWOW64\mi-NZ
2018-06-14 00:18 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\SysWOW64\lo-LA
2018-06-14 00:18 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\SysWOW64\lb-LU
2018-06-14 00:18 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\SysWOW64\ky-KG
2018-06-14 00:18 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\SysWOW64\ku-Arab-IQ
2018-06-14 00:18 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\SysWOW64\kok-IN
2018-06-14 00:18 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\SysWOW64\kn-IN
2018-06-14 00:18 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\SysWOW64\km-KH
2018-06-14 00:18 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\SysWOW64\kk-KZ
2018-06-14 00:18 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\SysWOW64\ka-GE
2018-06-14 00:18 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\SysWOW64\is-IS
2018-06-14 00:18 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\SysWOW64\ig-NG
2018-06-14 00:18 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\SysWOW64\id-ID
2018-06-14 00:18 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\SysWOW64\hy-AM
2018-06-14 00:18 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\SysWOW64\ha-Latn-NG
2018-06-14 00:18 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\SysWOW64\gu-IN
2018-06-14 00:18 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\SysWOW64\gd-GB
2018-06-14 00:18 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\SysWOW64\ga-IE
2018-06-14 00:18 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\SysWOW64\fil-PH
2018-06-14 00:18 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\SysWOW64\fa-IR
2018-06-14 00:18 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\SysWOW64\cy-GB
2018-06-14 00:18 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\SysWOW64\chr-CHER-US
2018-06-14 00:18 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\SysWOW64\ca-ES-valencia
2018-06-14 00:18 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\SysWOW64\bs-Latn-BA
2018-06-14 00:18 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\SysWOW64\bn-IN
2018-06-14 00:18 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\SysWOW64\bn-BD
2018-06-14 00:18 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\SysWOW64\be-BY
2018-06-14 00:18 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\SysWOW64\az-Latn-AZ
2018-06-14 00:18 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\SysWOW64\as-IN
2018-06-14 00:18 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\SysWOW64\am-ET
2018-06-14 00:18 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\SysWOW64\af-ZA
2018-06-14 00:18 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\system32\zu-ZA
2018-06-14 00:18 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\system32\yo-NG
2018-06-14 00:18 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\system32\xh-ZA
2018-06-14 00:18 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\system32\wo-SN
2018-06-14 00:18 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\system32\vi-VN
2018-06-14 00:18 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\system32\uz-Latn-UZ
2018-06-14 00:18 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\system32\ur-PK
2018-06-14 00:18 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\system32\ug-CN
2018-06-14 00:18 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\system32\tt-RU
2018-06-14 00:18 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\system32\tn-ZA
2018-06-14 00:18 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\system32\tk-TM
2018-06-14 00:18 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\system32\ti-ET
2018-06-14 00:18 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\system32\tg-Cyrl-TJ
2018-06-14 00:18 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\system32\te-IN
2018-06-14 00:18 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\system32\sw-KE
2018-06-14 00:18 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\system32\sr-Cyrl-RS
2018-06-14 00:18 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\system32\sr-Cyrl-BA
2018-06-14 00:18 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\system32\sq-AL
2018-06-14 00:18 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\system32\sd-Arab-PK
2018-06-14 00:18 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\system32\rw-RW
2018-06-14 00:18 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\system32\quz-PE
2018-06-14 00:18 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\system32\quc-Latn-GT
2018-06-14 00:18 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\system32\prs-AF
2018-06-14 00:18 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\system32\pa-IN
2018-06-14 00:18 - 2018-04-11 18:38 - 000000000 ____D C:\WINDOWS\TextInput
2018-06-14 00:18 - 2018-04-11 18:38 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2018-06-14 00:18 - 2018-04-11 18:38 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2018-06-14 00:18 - 2018-04-11 18:38 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2018-06-14 00:18 - 2018-04-11 18:38 - 000000000 ____D C:\WINDOWS\system32\ta-in
2018-06-14 00:18 - 2018-04-11 18:38 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2018-06-14 00:18 - 2018-04-11 18:38 - 000000000 ____D C:\WINDOWS\system32\si-lk
2018-06-14 00:18 - 2018-04-11 18:38 - 000000000 ____D C:\WINDOWS\system32\setup
2018-06-14 00:17 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\system32\pa-Arab-PK
2018-06-14 00:17 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\system32\or-IN
2018-06-14 00:17 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\system32\nso-ZA
2018-06-14 00:17 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\system32\nn-NO
2018-06-14 00:17 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\system32\ne-NP
2018-06-14 00:17 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\system32\mt-MT
2018-06-14 00:17 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\system32\mr-IN
2018-06-14 00:17 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\system32\mn-MN
2018-06-14 00:17 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\system32\ml-IN
2018-06-14 00:17 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\system32\mk-MK
2018-06-14 00:17 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\system32\mi-NZ
2018-06-14 00:17 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\system32\lo-LA
2018-06-14 00:17 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\system32\lb-LU
2018-06-14 00:17 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\system32\ky-KG
2018-06-14 00:17 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\system32\ku-Arab-IQ
2018-06-14 00:17 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\system32\kok-IN
2018-06-14 00:17 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\system32\kn-IN
2018-06-14 00:17 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\system32\km-KH
2018-06-14 00:17 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\system32\kk-KZ
2018-06-14 00:17 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\system32\ka-GE
2018-06-14 00:17 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\system32\is-IS
2018-06-14 00:17 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\system32\ig-NG
2018-06-14 00:17 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\system32\id-ID
2018-06-14 00:17 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\system32\hy-AM
2018-06-14 00:17 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\system32\ha-Latn-NG
2018-06-14 00:17 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\system32\gu-IN
2018-06-14 00:17 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\system32\gd-GB
2018-06-14 00:17 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\system32\ga-IE
2018-06-14 00:17 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\system32\fil-PH
2018-06-14 00:17 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\system32\fa-IR
2018-06-14 00:17 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\system32\cy-GB
2018-06-14 00:17 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\system32\chr-CHER-US
2018-06-14 00:17 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\system32\ca-ES-valencia
2018-06-14 00:17 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\system32\bs-Latn-BA
2018-06-14 00:17 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\system32\bn-IN
2018-06-14 00:17 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\system32\bn-BD
2018-06-14 00:17 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\system32\be-BY
2018-06-14 00:17 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\system32\az-Latn-AZ
2018-06-14 00:17 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\system32\as-IN
2018-06-14 00:17 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\system32\af-ZA
2018-06-14 00:17 - 2018-04-11 18:38 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2018-06-14 00:17 - 2018-04-11 18:38 - 000000000 ____D C:\WINDOWS\system32\oobe
2018-06-14 00:17 - 2018-04-11 18:38 - 000000000 ____D C:\WINDOWS\system32\appraiser
2018-06-14 00:17 - 2018-04-11 18:38 - 000000000 ____D C:\WINDOWS\system32\am-et
2018-06-14 00:17 - 2018-04-11 18:38 - 000000000 ____D C:\WINDOWS\ShellExperiences
2018-06-14 00:17 - 2018-04-11 18:38 - 000000000 ____D C:\WINDOWS\Provisioning
2018-06-14 00:17 - 2018-04-11 18:38 - 000000000 ____D C:\WINDOWS\bcastdvr
2018-06-14 00:17 - 2018-04-11 18:38 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2018-06-14 00:17 - 2018-04-11 18:38 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2018-06-14 00:17 - 2018-04-11 16:04 - 000000000 ____D C:\WINDOWS\system32\Dism
2018-06-13 17:43 - 2018-04-11 09:49 - 000001085 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera Browser.lnk
2018-06-13 17:43 - 2018-04-11 09:46 - 000000000 ____D C:\Program Files\Opera
2018-06-13 15:53 - 2018-04-11 18:38 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2018-06-13 15:39 - 2017-01-24 08:04 - 000000000 ____D C:\Program Files (x86)\DriverToolkit
2018-06-13 15:23 - 2018-04-08 00:16 - 000000000 ____D C:\Users\Turd Fergusson\AppData\Local\Pesiboc
2018-06-13 15:13 - 2018-04-11 18:38 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2018-06-13 15:00 - 2018-04-11 18:38 - 000000000 ____D C:\WINDOWS\appcompat
2018-06-13 07:56 - 2018-04-11 18:38 - 000028672 _____ C:\WINDOWS\system32\config\BCD-Template
2018-06-13 07:55 - 2018-04-11 18:41 - 000000000 ____D C:\WINDOWS\Setup
2018-06-13 07:55 - 2018-04-11 18:38 - 000000000 __RHD C:\Users\Public\Libraries
2018-06-13 07:55 - 2018-04-11 18:38 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2018-06-13 07:55 - 2018-04-11 18:38 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase
2018-06-13 07:55 - 2018-04-11 18:38 - 000000000 ____D C:\WINDOWS\system32\spool
2018-06-13 07:55 - 2018-04-11 18:38 - 000000000 ____D C:\WINDOWS\system32\NDF
2018-06-13 07:55 - 2018-04-11 18:38 - 000000000 ____D C:\WINDOWS\system32\Macromed
2018-06-13 07:55 - 2018-03-27 21:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Final Fantasy XII - The Zodiac Age
2018-06-13 07:55 - 2018-03-22 12:51 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2018-06-13 07:55 - 2018-01-20 07:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CDisplayEx
2018-06-13 07:55 - 2017-11-29 12:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Recuva
2018-06-13 07:55 - 2017-11-27 04:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EaseUS Data Recovery Wizard
2018-06-13 07:55 - 2017-11-01 23:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Sims 3
2018-06-13 07:55 - 2017-11-01 20:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin
2018-06-13 07:55 - 2017-09-29 08:46 - 000000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2018-06-13 07:55 - 2017-09-19 00:27 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spelunky [GOG.com]
2018-06-13 07:55 - 2017-09-18 19:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gnomoria [GOG.com]
2018-06-13 07:55 - 2017-09-06 08:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nexus Mod Manager
2018-06-13 07:55 - 2017-07-10 06:49 - 000000000 ____D C:\Program Files\UNP
2018-06-13 07:55 - 2017-05-28 07:23 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2018-06-13 07:55 - 2017-04-13 04:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Just Cause 3
2018-06-13 07:55 - 2017-03-05 17:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cockatrice
2018-06-13 07:55 - 2017-01-24 08:05 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DriverToolkit
2018-06-13 07:55 - 2016-12-08 04:30 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Music, Photos and Videos
2018-06-13 07:55 - 2016-12-08 04:29 - 000000000 ____D C:\Program Files\AMD
2018-06-13 07:55 - 2016-12-08 03:59 - 000000000 ____D C:\WINDOWS\SysWOW64\BestPractices
2018-06-13 07:55 - 2016-08-16 21:45 - 000000000 ___SD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.2
2018-06-13 07:55 - 2016-08-09 16:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Stardew Valley [GOG.com]
2018-06-13 07:55 - 2016-06-25 03:44 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Comical
2018-06-13 07:55 - 2016-06-21 03:02 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\calibre - E-book Management
2018-06-13 07:55 - 2016-05-04 12:28 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2018-06-13 07:55 - 2016-05-04 09:51 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2018-06-13 07:55 - 2016-05-04 09:44 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2018-06-13 07:55 - 2016-05-04 08:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2018-06-13 07:55 - 2016-05-04 08:25 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Minecraft
2018-06-13 07:55 - 2016-05-04 01:33 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2018-06-13 07:55 - 2016-03-25 08:07 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2018-06-13 07:55 - 2016-03-25 08:04 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Security and Protection
2018-06-13 07:55 - 2016-03-25 07:54 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Productivity and Tools
2018-06-13 07:55 - 2016-03-25 07:49 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center
2018-06-13 07:55 - 2016-03-25 07:45 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP Help and Support
2018-06-13 07:55 - 2015-12-18 15:19 - 000000000 ____D C:\WINDOWS\SysWOW64\Adobe
2018-06-13 07:55 - 2015-12-18 15:19 - 000000000 ____D C:\Program Files (x86)\HP
2018-06-13 07:49 - 2018-03-20 09:51 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Seagate
2018-06-13 07:49 - 2018-01-20 03:08 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mr DJ
2018-06-13 07:49 - 2017-12-15 05:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MAGIX
2018-06-13 07:49 - 2016-12-17 20:02 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hotline Miami [GOG.com]
2018-06-13 07:49 - 2016-12-08 04:30 - 000000000 ____D C:\WINDOWS\system32\SRSLabs
2018-06-13 07:49 - 2016-12-08 04:29 - 000000000 ____D C:\Program Files\Realtek
2018-06-13 07:49 - 2016-12-08 04:29 - 000000000 ____D C:\Program Files\Common Files\ATI Technologies
2018-06-13 07:49 - 2016-12-08 04:28 - 000000000 ____D C:\Program Files\Synaptics
2018-06-13 07:49 - 2016-12-08 03:59 - 000000000 ____D C:\WINDOWS\system32\BestPractices
2018-06-13 07:49 - 2016-08-15 18:37 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Klei Entertainment
2018-06-13 07:49 - 2016-07-01 13:33 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\R.G. Mechanics
2018-06-13 07:43 - 2018-04-11 18:38 - 000000000 ____D C:\WINDOWS\SysWOW64\lv-LV
2018-06-13 07:43 - 2018-04-11 18:38 - 000000000 ____D C:\WINDOWS\SysWOW64\lt-LT
2018-06-13 07:43 - 2018-04-11 18:38 - 000000000 ____D C:\WINDOWS\SysWOW64\et-EE
2018-06-13 07:43 - 2018-04-11 18:38 - 000000000 ____D C:\WINDOWS\SysWOW64\es-MX
2018-06-13 07:43 - 2018-04-11 18:38 - 000000000 ____D C:\WINDOWS\SysWOW64\en-GB
2018-06-13 07:43 - 2018-04-11 18:38 - 000000000 ____D C:\WINDOWS\system32\lv-LV
2018-06-13 07:43 - 2018-04-11 18:38 - 000000000 ____D C:\WINDOWS\system32\lt-LT
2018-06-13 07:43 - 2018-04-11 18:38 - 000000000 ____D C:\WINDOWS\system32\et-EE
2018-06-13 07:43 - 2018-04-11 18:38 - 000000000 ____D C:\WINDOWS\system32\es-MX
2018-06-13 07:43 - 2018-04-11 18:38 - 000000000 ____D C:\WINDOWS\system32\en-GB
2018-06-13 06:51 - 2018-03-22 19:57 - 000000000 ____D C:\Users\Turd Fergusson\AppData\Local\ElevatedDiagnostics
2018-06-13 06:01 - 2017-12-19 00:22 - 000000000 ____D C:\Users\Turd Fergusson\AppData\Local\Packages
2018-06-13 05:41 - 2018-04-11 18:38 - 000000000 ____D C:\WINDOWS\Registration
2018-06-13 05:41 - 2018-04-11 16:04 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2018-06-13 05:39 - 2018-04-11 18:38 - 000000000 ___RD C:\Program Files\Windows Defender
2018-06-13 05:27 - 2016-05-04 00:05 - 000022840 _____ C:\WINDOWS\system32\emptyregdb.dat
2018-06-13 05:26 - 2018-04-11 18:38 - 000000000 __RSD C:\WINDOWS\media
2018-06-13 05:12 - 2018-01-05 04:10 - 000000000 ____D C:\Users\Turd Fergusson\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\UltraUXThemePatcher
2018-06-13 05:12 - 2017-12-29 01:25 - 000000000 ____D C:\Users\Turd Fergusson\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Black_Chocobo
2018-06-13 05:12 - 2017-08-10 10:12 - 000000000 ____D C:\Users\Turd Fergusson\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ASIO4ALL v2
2018-06-13 05:12 - 2016-05-04 09:57 - 000000000 ____D C:\Users\Turd Fergusson\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2018-06-13 05:12 - 2016-05-04 09:45 - 000000000 ____D C:\Users\Turd Fergusson\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Flux
2018-06-13 05:07 - 2017-08-10 10:12 - 000000000 ____D C:\Users\Turd Fergusson\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Image-Line
2018-06-13 05:07 - 2017-05-08 22:26 - 000000000 ____D C:\Users\Turd Fergusson\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\KellySoftware
2018-06-13 05:07 - 2017-04-27 08:50 - 000000000 ____D C:\Users\Turd Fergusson\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\The Klub 17
2018-06-13 05:07 - 2017-03-30 17:38 - 000000000 ____D C:\Users\Turd Fergusson\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TIDAL
2018-06-13 05:07 - 2017-03-28 13:17 - 000000000 ____D C:\Users\Turd Fergusson\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft
2018-06-13 05:07 - 2017-03-09 18:23 - 000000000 ____D C:\Users\Turd Fergusson\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Hammer & Chisel, Inc
2018-06-13 05:04 - 2015-11-03 01:05 - 000838560 _____ C:\WINDOWS\SysWOW64\PerfStringBackup.INI
2018-06-13 05:03 - 2016-12-08 04:30 - 000021910 _____ C:\WINDOWS\system32\Drivers\rtkhdasetting.zip
2018-06-13 05:03 - 2016-12-02 13:29 - 000001851 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DTS Audio Control.lnk
2018-06-13 05:02 - 2018-04-11 18:38 - 000000000 ____D C:\ProgramData\USOPrivate
2018-06-13 05:02 - 2016-12-08 04:29 - 000000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2018-06-13 03:23 - 2018-05-02 07:06 - 000000000 ____D C:\Users\Turd Fergusson\AppData\Local\Ceduroca
2018-06-13 03:06 - 2018-01-20 07:06 - 000000000 ____D C:\ProgramData\{8CB749D4-06F5-C312-8033-5D501A71D69E}
2018-06-13 02:17 - 2016-05-04 01:28 - 000000000 ____D C:\WINDOWS\system32\MRT
2018-06-13 02:02 - 2017-10-12 10:27 - 133315992 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT-KB890830.exe
2018-06-13 02:02 - 2016-05-04 01:28 - 133315992 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2018-06-13 01:18 - 2018-04-26 09:13 - 000000400 _____ C:\WINDOWS\Tasks\HPCeeScheduleForTurd Fergusson.job
2018-06-13 01:18 - 2016-03-25 08:14 - 000000944 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job
2018-06-13 01:18 - 2016-03-25 08:14 - 000000940 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job
2018-06-05 18:29 - 2018-04-11 18:41 - 000835056 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2018-06-05 18:29 - 2018-04-11 18:41 - 000179704 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2018-06-04 04:06 - 2016-06-21 02:55 - 000000000 ____D C:\Users\Turd Fergusson\Documents\books
==================== Files in the root of some directories =======
2018-01-21 23:06 - 2018-05-30 00:06 - 000000340 _____ () C:\Users\Turd Fergusson\AppData\Roaming\WB.CFG
2018-01-26 15:07 - 2018-01-30 23:07 - 000000068 _____ () C:\Users\Turd Fergusson\AppData\Local\bpDLTbpDLT
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2018-06-13 04:57
==================== End of FRST.txt ============================
#4
Posted 02 July 2018 - 05:08 AM
J Artemis
- Topic Starter
-
- Member
-
- 10 posts
Member
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 20.06.2018
Ran by Turd Fergusson (02-07-2018 06:04:58)
Running from C:\Users\Turd Fergusson\AppData\Local\Temp\scoped_dir13324_20861
Windows 10 Home Version 1803 17134.112 (X64) (2018-06-13 10:41:56)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-1113577436-1958664147-1972585464-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1113577436-1958664147-1972585464-503 - Limited - Disabled)
Guest (S-1-5-21-1113577436-1958664147-1972585464-501 - Limited - Disabled)
Turd Fergusson (S-1-5-21-1113577436-1958664147-1972585464-1001 - Administrator - Enabled) => C:\Users\Turd Fergusson
WDAGUtilityAccount (S-1-5-21-1113577436-1958664147-1972585464-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
µTorrent (HKU\S-1-5-21-1113577436-1958664147-1972585464-1001\...\uTorrent) (Version: 3.5.3.44494 - BitTorrent Inc.)
12 Labours of Hercules III: Girl Power (HKLM-x32\...\WTA-b9e7a306-e2b6-46cd-9be9-285d572e2466) (Version: 3.0.2.118 - WildTangent) Hidden
7-Zip 15.14 (x64) (HKLM\...\7-Zip) (Version: 15.14 - Igor Pavlov)
7-Zip 16.04 (HKLM-x32\...\7-Zip) (Version: 16.04 - Igor Pavlov)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 25.0.0.134 - Adobe Systems Incorporated)
Adobe Flash Player 30 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 30.0.0.113 - Adobe Systems Incorporated)
Adobe Flash Player 30 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 30.0.0.113 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.7.157 - Adobe Systems, Inc.)
AMD Install Manager (HKLM\...\AMD Catalyst Install Manager) (Version: 5.00 - Advanced Micro Devices, Inc.)
AMD Quick Stream (HKLM\...\{E9EED4AE-682B-4501-9574-D09A21717599}_is1) (Version: 4.0.0.0 - AppEx Networks)
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.10 - Michael Tippach)
Audacity 2.1.3 (HKLM-x32\...\Audacity®_is1) (Version: 2.1.3 - Audacity Team)
Azkend 2: The World Beneath (HKLM-x32\...\WTA-6caebc57-a376-40ae-add7-fec6e83d2f59) (Version: 2.2.0.98 - WildTangent) Hidden
Barn Yarn Collector's Edition (HKLM-x32\...\WTA-ec5f8385-00a0-4e3e-8ea7-649de3bf57e4) (Version: 3.0.2.48 - WildTangent) Hidden
Bing Search Engine (HKLM-x32\...\{C92221E2-99A2-F062-2822-80E2F8A25362}) (Version: - )
Bitdefender Agent (HKLM\...\Bitdefender Agent) (Version: 1.0.1 - Bitdefender)
Black Chocobo (HKLM-x32\...\Black_Chocobo) (Version: - )
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Broadcom 802.11 Network Adapter (HKLM\...\Broadcom 802.11 Network Adapter) (Version: - Broadcom Corporation)
Broadcom Bluetooth Drivers (HKLM\...\{0A1B4690-E176-4533-8058-939480AEE1D0}) (Version: 12.0.1.720 - Broadcom Corporation)
calibre (HKLM-x32\...\{3830B39A-45FE-4C68-9492-32762860BDB3}) (Version: 2.59.0 - Kovid Goyal)
CCleaner (HKLM\...\CCleaner) (Version: 5.41 - Piriform)
CDisplayEx 1.10.29 (HKLM-x32\...\CDisplayEx_is1) (Version: - Progdigy Software S.A.R.L.)
Cockatrice (HKLM-x32\...\Cockatrice) (Version: - )
Comical 0.8 (HKLM-x32\...\Comical_is1) (Version: - James Athey)
Connect (HKLM-x32\...\MAGIX_connector_is1) (Version: 2.6.1.117 - MAGIX Software GmbH)
Coyote The Outlander (HKLM-x32\...\WTA-9520e94e-b35e-427e-8e05-4c4b82be97a4) (Version: 3.0.2.59 - WildTangent) Hidden
CyberLink YouCam (HKLM-x32\...\{A9CEDD6E-4792-493e-BB35-D86D2E188A5A}) (Version: 6.0.2.4627 - CyberLink Corp.)
Delicious: Emily's Wonder Wedding Premium Edition (HKLM-x32\...\WTA-b834f960-216e-4559-91d3-74d60e8ec7cc) (Version: 3.0.2.59 - WildTangent) Hidden
DisableMSDefender (HKLM\...\{74FE39A0-FB76-47CD-84BA-91E2BBB17EF2}) (Version: 1.0.0 - Hewlett-Packard Company) Hidden
Discord (HKU\S-1-5-21-1113577436-1958664147-1972585464-1001\...\Discord) (Version: 0.0.300 - Discord Inc.)
Dishonored - Game of the Year Edition (HKLM-x32\...\Dishonored - Game of the Year Edition_R.G. Mechanics_is1) (Version: - R.G. Mechanics, Panky)
Dont Starve - Shipwrecked (HKLM-x32\...\Dont Starve - Shipwrecked_is1) (Version: - )
Dropbox (HKLM-x32\...\Dropbox) (Version: 52.4.60 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.75.1 - Dropbox, Inc.) Hidden
EaseUS Data Recovery Wizard (HKLM\...\EaseUS Data Recovery Wizard_is1) (Version: - EaseUS)
Energy Star (HKLM\...\{465CA2B6-98AF-4E77-BE22-A908C34BB9EC}) (Version: 1.0.9 - Hewlett-Packard Company)
Entwined: The Perfect Murder (HKLM-x32\...\WTA-a37704d0-df12-458f-af85-19344c071160) (Version: 3.0.2.59 - WildTangent) Hidden
Eva Clock (HKLM-x32\...\Eva Clock_is1) (Version: 2.0 - joppu)
Evernote v. 5.8.13 (HKLM-x32\...\{A229420E-204B-11E5-B844-0050569584E9}) (Version: 5.8.13.8152 - Evernote Corp.)
f.lux (HKU\S-1-5-21-1113577436-1958664147-1972585464-1001\...\Flux) (Version: - )
Fable III version 1.1.1.3 (HKLM-x32\...\Fable III_is1) (Version: 1.1.1.3 - Mr DJ)
Family Vacation 2: Road Trip (HKLM-x32\...\WTA-77b890bb-9dc3-4702-a3b1-d24d2fe4038d) (Version: 3.0.2.59 - WildTangent) Hidden
Final Fantasy XII - The Zodiac Age (HKLM-x32\...\{20EA4981-644C-4C79-AE0A-032D0B706E75}_is1) (Version: - Square Enix)
FL Studio 10 (HKLM-x32\...\FL Studio 10) (Version: - Image-Line)
G4E (HKLM-x32\...\{D42540BE-EB5A-9420-8101-6D87DCDACD9E}) (Version: 1.7 - UNKNOWN) Hidden
G4E (HKLM-x32\...\G4E) (Version: 1.7 - UNKNOWN)
Gnomoria (HKLM-x32\...\1460101597_is1) (Version: 2.0.0.2 - GOG.com)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 67.0.3396.99 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.17 - Google Inc.) Hidden
HAL 9000 [Console] Basic Screen Saver (HKLM-x32\...\HAL 9000 [Console] Basic) (Version: - )
Home Makeover (HKLM-x32\...\WTA-de791269-f45c-4252-847b-f6f628560252) (Version: 3.0.2.59 - WildTangent) Hidden
Hotline Miami (HKLM-x32\...\1207659118_is1) (Version: 2.2.0.8 - GOG.com)
HP Documentation (HKLM\...\HP_Documentation) (Version: - HP)
HP ePrint SW (HKLM-x32\...\{88970959-baf7-4864-a39a-69a58e8ae5cf}) (Version: 5.0.18701 - HP)
HP Registration Service (HKLM\...\{D1E8F2D7-7794-4245-B286-87ED86C1893C}) (Version: 1.2.8305.5282 - Hewlett-Packard)
HP Support Assistant (HKLM-x32\...\{61EB474B-67A6-47F4-B1B7-386851BAB3D0}) (Version: 8.6.18.11 - Hewlett-Packard Company)
HP Support Solutions Framework (HKLM-x32\...\{D7D5F438-26EF-45AB-AB89-C476FBCF8584}) (Version: 12.9.18.3 - Hewlett-Packard Company)
HP System Event Utility (HKLM-x32\...\{D17A3B70-B75E-4C49-83D6-C17DDF65B35F}) (Version: 1.3.4 - Hewlett-Packard Company)
HP Touchpoint Analytics Client (HKLM\...\{E5FB98E0-0784-44F0-8CEC-95CD4690C43F}) (Version: 4.0.2.1439 - HP Inc.)
HP Welcome (HKLM\...\HPWelcome) (Version: 1.0 - HP Inc.)
IGT Slots: Paradise Garden (HKLM-x32\...\WTA-0890e5ba-45ea-4a1e-ac1a-036ca5805d39) (Version: 3.0.2.59 - WildTangent) Hidden
IL Download Manager (HKLM-x32\...\IL Download Manager) (Version: - Image-Line)
Imperial Island: Birth of an Empire (HKLM-x32\...\WTA-4665da05-1964-4bc0-b751-58f47ee9f0da) (Version: 3.0.2.59 - WildTangent) Hidden
Java 8 Update 91 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418091F0}) (Version: 8.0.910.14 - Oracle Corporation)
Java™ 6 Update 23 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216023FF}) (Version: 6.0.230 - Oracle)
Jewel Match Snowscapes (HKLM-x32\...\WTA-c6806084-4f90-4ac3-b3e1-db98b7544534) (Version: 3.0.2.118 - WildTangent) Hidden
Living Legends: Frozen Beauty Collector's Edition (HKLM-x32\...\WTA-c406d73d-044e-497d-9f72-d83b55fe7358) (Version: 3.0.2.59 - WildTangent) Hidden
Lost Lands: Dark Overlord Collector's Edition (HKLM-x32\...\WTA-25f0581a-08c4-4dd8-bfe6-4da243203eab) (Version: 3.0.2.59 - WildTangent) Hidden
Lost Souls: Timeless Fables Collector's Edition (HKLM-x32\...\WTA-bcc03a65-a52e-4b7f-98b1-d3056fdf7395) (Version: 3.0.2.59 - WildTangent) Hidden
Magic Heroes: Save Our Park (HKLM-x32\...\WTA-3d7f72c4-5893-4cc4-8820-27f0e873eb5a) (Version: 3.0.2.59 - WildTangent) Hidden
MAGIX Content and Soundpools (HKLM-x32\...\MAGIX_GlobalContent) (Version: 1.0.0.0 - MAGIX Software GmbH)
MAGIX Soundpool Music Maker - Feel good (HKLM\...\{B81E4C1B-92CC-40CD-830C-E63B57188066}) (Version: 1.0.0.0 - MAGIX Software GmbH) Hidden
Manor Memoirs Collector's Edition (HKLM-x32\...\WTA-a2ff23c5-02e3-4ab8-be28-e5dd78fea28b) (Version: 3.0.2.59 - WildTangent) Hidden
Matrix-ks (HKLM-x32\...\{16F0EE77-B2B1-4417-A8CC-07E06C78CCC4}) (Version: 3.6 - KellySoftware)
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4693.1005 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1113577436-1958664147-1972585464-1001\...\OneDriveSetup.exe) (Version: 18.091.0506.0007 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Minecraft (HKLM-x32\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang)
Mozilla Firefox 59.0.2 (x64 en-US) (HKLM\...\Mozilla Firefox 59.0.2 (x64 en-US)) (Version: 59.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 59.0.2.6656 - Mozilla)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
Music Maker (HKLM\...\{23399C04-4801-47A7-846E-37CAA780DC80}) (Version: 25.1.0.59 - MAGIX Software GmbH) Hidden
Music Maker (HKLM-x32\...\MX.{23399C04-4801-47A7-846E-37CAA780DC80}) (Version: 25.1.0.59 - MAGIX Software GmbH)
My Game Long Name (HKLM\...\UDK-b4e28d2e-ba7b-4bd1-9d92-83f9048376c8) (Version: - Epic Games, Inc.)
Mystery Expedition: Prisoners of Ice (HKLM-x32\...\WTA-844a9046-15d3-40eb-b11d-69eba05247b1) (Version: 3.0.2.59 - WildTangent) Hidden
Nexus Mod Manager (HKLM\...\6af12c54-643b-4752-87d0-8335503010de_is1) (Version: 0.63.14 - Black Tree Gaming)
No Mans Sky (HKLM-x32\...\No Mans Sky_is1) (Version: - )
NVIDIA PhysX (HKLM-x32\...\{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}) (Version: 9.12.1031 - NVIDIA Corporation)
OEM Application Profile (HKLM-x32\...\{B4B7FD8F-06FC-E277-4F29-8F75F8281D8F}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.)
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
OpenOffice 4.1.2 (HKLM-x32\...\{E6AD67BB-1C33-4AB3-A387-E0D48137AB70}) (Version: 4.12.9782 - Apache Software Foundation)
Opera Stable 53.0.2907.99 (HKLM-x32\...\Opera 53.0.2907.99) (Version: 53.0.2907.99 - Opera Software)
Origin (HKLM-x32\...\Origin) (Version: 10.5.11.27975 - Electronic Arts, Inc.)
paint.net (HKLM\...\{6AC1101E-7561-43C9-BEEA-4AB1D220D8FF}) (Version: 4.0.13 - dotPDN LLC)
Plagiarii (HKLM-x32\...\WTA-2ed1cbe8-bf46-4b87-bcb2-ade08abb79e0) (Version: 3.0.2.59 - WildTangent) Hidden
Polar Bowler 1st Frame (HKLM-x32\...\WTA-33c5e85e-7662-46e3-b842-affc98440141) (Version: 3.0.2.59 - WildTangent) Hidden
Rainmeter (HKLM-x32\...\Rainmeter) (Version: 4.0 beta r2720 - )
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.9600.31213 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.1.505.2015 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7944 - Realtek Semiconductor Corp.)
Recuva (HKLM\...\Recuva) (Version: 1.53 - Piriform)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.2.3.1 - Rockstar Games)
RPG MAKER VX Ace RTP (HKLM-x32\...\RPGVXAce_RTP_is1) (Version: 1.00 - Enterbrain)
Runefall (HKLM-x32\...\WTA-7061f1b7-7124-4261-924d-139c8b291494) (Version: 3.0.2.126 - WildTangent) Hidden
Rush Hour! Gas Station (HKLM-x32\...\WTA-ab4ac84a-103d-499b-a1b7-0e99a16e336c) (Version: 3.0.2.59 - WildTangent) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.45.0 - SAMSUNG Electronics Co., Ltd.)
SeaTools for Windows 1.4.0.6 (HKLM-x32\...\SeaTools for Windows) (Version: 1.4.0.6 - Seagate Technology)
Sid Meier's Civilization V (HKLM-x32\...\steam app 8930) (Version: - 2K Games, Inc.)
Sky High Farm (HKLM-x32\...\WTA-1829153c-5796-4935-bef2-7917c6fd2fd6) (Version: 3.0.2.59 - WildTangent) Hidden
Skype™ 7.36 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.36.101 - Skype Technologies S.A.)
Spelunky (HKLM-x32\...\1207659257_is1) (Version: 2.1.0.9 - GOG.com)
Spotify (HKU\S-1-5-21-1113577436-1958664147-1972585464-1001\...\Spotify) (Version: 1.0.77.338.g758ebd78 - Spotify AB)
Stardew Valley (HKLM-x32\...\1453375253_is1) (Version: 2.2.0.4 - GOG.com)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.3.31.31 - Synaptics Incorporated)
The Sims™ 3 (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}) (Version: 1.69.43.024017 - Electronic Arts Inc.)
The Sims™ 3 Ambitions (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}_The Sims 3 Ambitions) (Version: 1.0.0.0 - Electronic Arts Inc.)
The Sims™ 3 Late Night (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}_The Sims 3 Late Night) (Version: 1.0.0.0 - Electronic Arts Inc.)
The Sims™ 3 Pets (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}_The Sims 3 Pets) (Version: 1.0.0.0 - Electronic Arts Inc.)
The Sims™ 3 Supernatural (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}_The Sims 3 Supernatural) (Version: 1.0.0.0 - Electronic Arts Inc.)
TIDAL (HKU\S-1-5-21-1113577436-1958664147-1972585464-1001\...\TIDAL) (Version: 2.1.12 - TIDAL Music AS)
TSEV Skyrim LE (HKLM-x32\...\TSEV Skyrim LE_is1) (Version: 2.0.0.0 - )
UE4 Prerequisites (x64) (HKLM\...\{36EAD5CF-44EF-4FCF-8BE1-D96C4835D7A4}) (Version: 1.0.11.0 - Epic Games, Inc.) Hidden
UE4 Prerequisites (x64) (HKLM-x32\...\{2890ae6b-90e9-448d-b3e6-97e43c21e2fd}) (Version: 1.0.13.0 - Epic Games, Inc.) Hidden
UltraUXThemePatcher (HKLM-x32\...\UltraUXThemePatcher) (Version: 3.3.2.0 - Manuel Hoefs (Zottel))
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{DE083343-D24D-4495-919E-18C65EC0F289}) (Version: 2.8.0.0 - Microsoft Corporation)
Update Installer for WildTangent Games App (HKLM-x32\...\{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App) (Version: - WildTangent) Hidden
Uplay (HKLM-x32\...\Uplay) (Version: 4.0 - Ubisoft)
Vita Concert Grand LE (HKLM\...\{F3796103-C82B-423A-895D-D94E8398CDD2}) (Version: 2.4.0.95 - MAGIX Software GmbH) Hidden
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.6 - VideoLAN)
WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.4.0 - WildTangent)
WildTangent Games App for HP (HKLM-x32\...\{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-hp) (Version: 4.0.11.16 - WildTangent) Hidden
Winremix iPACK (HKLM\...\Winremix iPACK) (Version: - Unisira)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.22.0.dll [2018-06-25] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.22.0.dll [2018-06-25] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.22.0.dll [2018-06-25] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.22.0.dll [2018-06-25] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.22.0.dll [2018-06-25] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.22.0.dll [2018-06-25] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.22.0.dll [2018-06-25] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.22.0.dll [2018-06-25] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.22.0.dll [2018-06-25] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.22.0.dll [2018-06-25] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ShellIconOverlayIdentifiers-x32: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.22.0.dll [2018-06-25] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.22.0.dll [2018-06-25] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.22.0.dll [2018-06-25] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.22.0.dll [2018-06-25] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.22.0.dll [2018-06-25] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.22.0.dll [2018-06-25] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.22.0.dll [2018-06-25] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.22.0.dll [2018-06-25] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.22.0.dll [2018-06-25] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.22.0.dll [2018-06-25] (Dropbox, Inc.)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2015-12-31] (Igor Pavlov)
ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.22.0.dll [2018-06-25] (Dropbox, Inc.)
ContextMenuHandlers1: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} => C:\Program Files (x86)\Glary Utilities 5\x64\ContextHandler.dll -> No File
ContextMenuHandlers2: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} => C:\Program Files (x86)\Glary Utilities 5\x64\ContextHandler.dll -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2015-12-31] (Igor Pavlov)
ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.22.0.dll [2018-06-25] (Dropbox, Inc.)
ContextMenuHandlers4: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll -> No File
ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.22.0.dll [2018-06-25] (Dropbox, Inc.)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2015-12-31] (Igor Pavlov)
ContextMenuHandlers6: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} => C:\Program Files (x86)\Glary Utilities 5\x64\ContextHandler.dll -> No File
ContextMenuHandlers6: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll -> No File
FolderExtensions: [] -> {27DD0F8B-3E0E-4ADC-A78A-66047E71ADC5} => C:\Users\Turd Fergusson\Downloads\OldNewExplorer\OldNewExplorer64.dll [2017-08-16] (www.startisback.com)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {01A97F88-D4BC-4A6C-8668-B6A057AF5C5B} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [2017-11-16] ()
Task: {02192848-48BE-4AFC-8C76-6674C9431BE1} - System32\Tasks\YCMServiceAgent => C:\Program Files (x86)\CyberLink\YouCam6\YouCamService6.exe [2015-10-29] (CyberLink Corp.)
Task: {066F0F67-3F30-481C-BA94-891AD5132C2A} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2018-05-02] (HP Inc.)
Task: {0FB63B7F-A454-40EC-ACE2-70F3EC3F7B3D} - System32\Tasks\Connect => C:\Program Files (x86)\MAGIX\Connect\connect.exe [2017-08-02] (MAGIX Software GmbH)
Task: {10F3D9E9-05C0-440D-8976-8D67665ECC26} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-05-04] (Dropbox, Inc.)
Task: {1147E13E-020E-46C7-8D35-3649664D08E4} - System32\Tasks\S-1-5-21-1113577436-1958664147-1972585464-1001\DataSenseLiveTileTask => C:\WINDOWS\System32\DataUsageLiveTileTask.exe [2018-04-11] (Microsoft Corporation)
Task: {1ABE5A3C-4F4A-403E-83EA-00315C7E03E8} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe [2018-05-11] (HP Inc.)
Task: {2E47662B-DDF2-4EA3-8618-F9C97677A189} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-08-07] (Google Inc.)
Task: {3849C51E-EFB8-4D72-93E3-E62F48BE4F8C} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2017-09-20] (HP Inc.)
Task: {39E83FA8-9B2B-46D2-91F2-8CBC482895DB} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1806.18062-0\MpCmdRun.exe [2018-06-26] (Microsoft Corporation)
Task: {3B4A8641-BDF8-42BA-8F80-4F521862DFDE} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2018-05-04] (HP Inc.)
Task: {4B1D5086-EA5F-4BE8-8034-BF5FE2F22077} - System32\Tasks\HPCeeScheduleForTurd Fergusson => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2015-06-16] (Hewlett-Packard)
Task: {4B4658FC-4420-4595-B21C-B8457FBA6B74} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [2017-06-22] (HP Inc.)
Task: {4DE9C6C8-1E0D-4B8E-8059-8F8AED64024E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-08-07] (Google Inc.)
Task: {51EB2B6F-D783-4535-B978-842CE8CD5252} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_30_0_0_113_pepper.exe [2018-06-10] (Adobe Systems Incorporated)
Task: {598170DD-08E3-4D3A-AADF-A8760BA02F08} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\WINDOWS\explorer.exe /NOUACCHECK
Task: {656EE8E9-B2E7-4D34-AFB5-11E175C62297} - System32\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864 => C:\Program Files\Bitdefender Agent\WatchDog.exe [2018-05-16] (Bitdefender)
Task: {65B85F6F-35B3-4459-A179-28255D5B7B25} - System32\Tasks\Microsoft\Windows\HelloFace\FODCleanupTask => C:\WINDOWS\System32\WinBioPlugIns\FaceFodUninstaller.exe [2018-04-11] ()
Task: {664235D2-3B82-48D2-B784-34C11EAC5E67} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2018-05-02] (HP Inc.)
Task: {8FC50157-AB30-4B9D-86CB-7BD67F65D07F} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2018-03-06] (Piriform Ltd)
Task: {AD69A71D-09AF-4E19-ABA1-0B6409798C71} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2018-06-10] (Adobe Systems Incorporated)
Task: {AF79881B-0789-4E9A-8FAA-811241CB75A3} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1806.18062-0\MpCmdRun.exe [2018-06-26] (Microsoft Corporation)
Task: {B3A8E1F7-03B1-4538-AA98-898E3D908AE3} - System32\Tasks\{3FFB3D74-55B2-44DE-BE03-8EB74E56D67D} => "c:\program files (x86)\mozilla firefox\firefox.exe" hxxp://www.skype.com/go/downloading?source=lightinstaller&ver=7.22.0.109&LastError=12002
Task: {B60DBE74-3A8A-4374-B800-9A8934CC1212} - System32\Tasks\AMD Updater => C:\Program Files\AMD\CIM\\Bin64\InstallManagerApp.exe [2016-02-26] (Advanced Micro Devices, Inc.)
Task: {B7C5BB1D-CF9D-473E-9308-C025A2AB3B60} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1806.18062-0\MpCmdRun.exe [2018-06-26] (Microsoft Corporation)
Task: {BA59DFE1-8965-4C0F-96F3-FA0D78360AEA} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-05-04] (Dropbox, Inc.)
Task: {C16B769F-6CE2-4C6E-8EAE-610BD81E0A5B} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2018-03-06] (Piriform Ltd)
Task: {CC50F8C2-CC62-4523-8856-15BEBA196134} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_30_0_0_113_Plugin.exe [2018-06-10] (Adobe Systems Incorporated)
Task: {CFCAFF62-C52B-45E1-8E2F-149DA6C4F03C} - System32\Tasks\Opera scheduled Autoupdate 1523458184 => C:\Program Files\Opera\launcher.exe [2018-06-12] (Opera Software)
Task: {DCAF2BEE-2202-49B8-871A-10B9BCFCEF54} - System32\Tasks\Microsoft\Windows\Setup\Notifier => C:\WINDOWS\system32\Notifier.exe
Task: {F5182BB6-7C73-47CF-905B-E36B371A5098} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1806.18062-0\MpCmdRun.exe [2018-06-26] (Microsoft Corporation)
Task: {F72BD710-FE82-4421-9512-E902241E7D2E} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2018-05-04] (HP Inc.)
Task: {FECC8868-E10F-48A3-A755-C86A1BCD97E7} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\Connect.job => C:\Program Files (x86)\MAGIX\Connect\connect.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\HPCeeScheduleForTurd Fergusson.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
Shortcut: C:\Users\Turd Fergusson\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Image-Line\FL Studio 10\Image-Line website.lnk -> hxxp://www.image-line.com
Shortcut: C:\Users\Turd Fergusson\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Image-Line\FL Studio 10\Advanced\Diagnostic.lnk -> hxxp://www.image-line.com/diagnosti
Shortcut: C:\Users\Turd Fergusson\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Image-Line\FL Studio 10\Additional\Download Deckadance.lnk -> hxxp://www.deckadance.com
Shortcut: C:\Users\Turd Fergusson\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Image-Line\FL Studio 10\Additional\SynthMaker website.lnk -> hxxp://www.synthmaker.co.uk
ShortcutWithArgument: C:\Users\Turd Fergusson\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\9fa67dbd4f217751\Evernote Web Clipper.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=pioclpoplcdbaefihamjohnefbikjilc
ShortcutWithArgument: C:\Users\Turd Fergusson\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\588bca4700aecad0\Montaro.lnk -> C:\Program Files (x86)\Steam\steamapps\common\Montaro\nw.exe (The NWJS Community) -> --user-data-dir="C:\Users\Turd Fergusson\AppData\Local\Montaro\User Data" --profile-directory=Default --app-id=pionmdlpdbkonlgpimjbaminkcbdgjnm
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Priceline.com.lnk -> C:\Program Files (x86)\Hewlett-Packard\Shared\WizLink.exe () -> hxxp://www.priceline.com/?refid=PLHBC6240OPQ&refclickid=square
==================== Loaded Modules (Whitelisted) ==============
2018-04-11 18:34 - 2018-04-11 18:34 - 000491744 _____ () C:\Windows\System32\InputHost.dll
2015-08-06 23:39 - 2015-08-06 23:39 - 000127488 _____ () c:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.Wlan.dll
2018-05-22 11:57 - 2018-05-22 12:01 - 000086528 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.209.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2018-05-22 11:57 - 2018-05-22 12:01 - 000195072 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.209.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2018-05-22 11:57 - 2018-05-22 12:01 - 022374400 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.209.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2018-05-22 11:57 - 2018-05-22 12:01 - 002610176 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.209.0_x64__kzf8qxf38zg5c\skypert.dll
2018-05-22 11:57 - 2018-05-22 12:01 - 000654848 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.209.0_x64__kzf8qxf38zg5c\RtmMvrUap.dll
2015-08-06 23:39 - 2015-08-06 23:39 - 000102400 _____ () c:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll
2018-04-11 18:34 - 2018-04-11 18:34 - 000472064 _____ () C:\Windows\ShellExperiences\TileControl.dll
2018-04-11 18:34 - 2018-04-11 18:34 - 002759168 _____ () C:\Windows\ShellComponents\TaskFlowUI.dll
2018-06-13 19:33 - 2018-06-08 03:56 - 002185216 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2018-06-13 17:42 - 2018-06-13 17:42 - 101426776 _____ () C:\Program Files\Opera\53.0.2907.99\opera_browser.dll
2018-06-13 17:42 - 2018-06-13 17:41 - 004447832 _____ () C:\Program Files\Opera\53.0.2907.99\libglesv2.dll
2018-06-13 17:42 - 2018-06-13 17:41 - 000100440 _____ () C:\Program Files\Opera\53.0.2907.99\libegl.dll
2018-04-11 18:34 - 2018-04-11 18:34 - 005471232 _____ () C:\Windows\SystemApps\Microsoft.Windows.SecHealthUI_cw5n1h2txyewy\SecHealthUIDataModel.dll
2018-04-11 18:34 - 2018-04-11 18:34 - 000047616 _____ () C:\Windows\SystemApps\Microsoft.Windows.SecHealthUI_cw5n1h2txyewy\SecHealthUITelemetry.dll
2018-06-13 19:33 - 2018-05-20 06:22 - 005082112 _____ () C:\Windows\SystemApps\Microsoft.Windows.SecHealthUI_cw5n1h2txyewy\SecHealthUIViewModels.dll
2018-04-17 06:59 - 2018-04-17 07:01 - 001922232 _____ () C:\Program Files\WindowsApps\Microsoft.MicrosoftOfficeHub_17.9328.1700.0_x64__8wekyb3d8bbwe\Microsoft.Applications.Telemetry.Windows.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\S-1-5-21-1113577436-1958664147-1972585464-1001\...\hola.org -> hxxp://hola.org
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2015-10-30 02:24 - 2018-01-20 07:19 - 000002103 _____ C:\WINDOWS\system32\Drivers\etc\hosts
0.0.0.0 0.0.0.0 # fix for traceroute and netstat display anomaly
0.0.0.0 tracking.opencandy.com.s3.amazonaws.com
0.0.0.0 media.opencandy.com
0.0.0.0 cdn.opencandy.com
0.0.0.0 tracking.opencandy.com
0.0.0.0 api.opencandy.com
0.0.0.0 api.recommendedsw.com
0.0.0.0 rp.yefeneri2.com
0.0.0.0 os.yefeneri2.com
0.0.0.0 os2.yefeneri2.com
0.0.0.0 installer.betterinstaller.com
0.0.0.0 installer.filebulldog.com
0.0.0.0 d3oxtn1x3b8d7i.cloudfront.net
0.0.0.0 inno.bisrv.com
0.0.0.0 nsis.bisrv.com
0.0.0.0 cdn.file2desktop.com
0.0.0.0 cdn.goateastcach.us
0.0.0.0 cdn.guttastatdk.us
0.0.0.0 cdn.inskinmedia.com
0.0.0.0 cdn.insta.oibundles2.com
0.0.0.0 cdn.insta.playbryte.com
0.0.0.0 cdn.llogetfastcach.us
0.0.0.0 cdn.montiera.com
0.0.0.0 cdn.msdwnld.com
0.0.0.0 cdn.mypcbackup.com
0.0.0.0 cdn.ppdownload.com
0.0.0.0 cdn.riceateastcach.us
0.0.0.0 cdn.shyapotato.us
0.0.0.0 cdn.solimba.com
0.0.0.0 cdn.tuto4pc.com
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-1113577436-1958664147-1972585464-1001\Control Panel\Desktop\\Wallpaper -> c:\users\turd fergusson\appdata\local\packages\microsoft.windows.photos_8wekyb3d8bbwe\localstate\photosappbackground\1nb920x1080.png
DNS Servers: 192.168.1.254
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
HKLM\...\StartupApproved\Run32: => "PowerDVD14Agent"
HKLM\...\StartupApproved\Run32: => "Dropbox"
HKLM\...\StartupApproved\Run32: => "PlaysTV"
HKLM\...\StartupApproved\Run32: => "WinampAgent"
HKU\S-1-5-21-1113577436-1958664147-1972585464-1001\...\StartupApproved\Run: => "Discord"
HKU\S-1-5-21-1113577436-1958664147-1972585464-1001\...\StartupApproved\Run: => "f.lux"
HKU\S-1-5-21-1113577436-1958664147-1972585464-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-1113577436-1958664147-1972585464-1001\...\StartupApproved\Run: => "TIDAL"
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{1392F5BA-6614-4EE0-BDDC-716B8D63FBF3}] => (Allow) C:\Program Files\Opera\53.0.2907.68\opera.exe
FirewallRules: [{D99DA102-56B4-4EB5-B54B-219E5C0A55B6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Flat Kingdom\FlatKingdom.exe
FirewallRules: [{6779D44C-A322-4EA3-85A2-12257823675A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Flat Kingdom\FlatKingdom.exe
FirewallRules: [{27C45E42-A94D-44D6-8747-54906BDFDEB0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Fairy Fencer F\FairyFencer.exe
FirewallRules: [{72F8A3EA-7DF0-48A0-B70D-C2C42118A2C0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Fairy Fencer F\FairyFencer.exe
FirewallRules: [{CF8E0FA9-DE68-4188-AC22-5A436F3B5A49}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\King Exit\Game.exe
FirewallRules: [{754CF1CB-E6E8-49EA-B085-47C523DB85FB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\King Exit\Game.exe
FirewallRules: [{FBF65F04-4956-4F4B-8B84-9F87198C210F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dig Dog\DigDog.exe
FirewallRules: [{4E065A89-DDA3-4455-BAEB-0D87684E1FD5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dig Dog\DigDog.exe
FirewallRules: [{CF29BCB4-FBCE-4586-9A72-5C04BA3BF1A3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Eternal Senia\Game.exe
FirewallRules: [{C413A715-F87E-4507-8AC9-0F3614183E48}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Eternal Senia\Game.exe
FirewallRules: [{DF024F01-2080-4B10-AF2A-2DA42F4430FD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\How to Survive 2\Exe\Detect.exe
FirewallRules: [{6AE6B75A-D798-4312-9816-5B013562CED0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\How to Survive 2\Exe\Detect.exe
FirewallRules: [{B5748E2D-5EA7-4ADA-8379-14F550B14653}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\How to Survive 2\Exe\HowToSurvive2.exe
FirewallRules: [{E999735A-04EB-4C44-BD39-C14974123D4D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\How to Survive 2\Exe\HowToSurvive2.exe
FirewallRules: [{7B874B57-B00D-40B0-8409-AEA075889781}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Kingdom New Lands\Kingdom.exe
FirewallRules: [{DB1213D9-AC09-4D08-B9FC-D4DCDAF08FB7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Kingdom New Lands\Kingdom.exe
FirewallRules: [{90146787-94FD-43BC-937A-397EE99D44CC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Tropico 5\Tropico5Steam.exe
FirewallRules: [{A8EB2062-1377-4DF7-AD30-4CE973309844}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Tropico 5\Tropico5Steam.exe
FirewallRules: [{F43846CC-DDF7-4A44-A467-6B04A9764E41}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Rise of the Tomb Raider\ROTTR.exe
FirewallRules: [{E169421E-3ABA-4013-BAE2-A1287464383D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Rise of the Tomb Raider\ROTTR.exe
FirewallRules: [{3757C11D-CE49-4D8F-9ADE-2D21E907694F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\FINAL FANTASY XIII\FFXiiiLauncher.exe
FirewallRules: [{ACF38B1C-6DE1-4474-9C16-55161B046E67}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\FINAL FANTASY XIII\FFXiiiLauncher.exe
FirewallRules: [{C0E88FB7-4B46-47DC-A75D-1A81D68B95A1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\LiEat\LiEat_Launcher.exe
FirewallRules: [{E98C672D-688F-42C9-87F0-DCF6DB4FCE1A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\LiEat\LiEat_Launcher.exe
FirewallRules: [{973AC3FE-4B60-4E1A-B5F6-53A29262F2CD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\TheFall\TheFall.exe
FirewallRules: [{7B220A9F-8BCC-4CC2-8EC2-A8A1FF8BB821}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\TheFall\TheFall.exe
FirewallRules: [{CAE226DB-2979-4954-B711-2762905AB9AF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Portal Knights\portal_knights_x64.exe
FirewallRules: [{281D94B4-CE9F-4665-8758-2A62CDB638F2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Portal Knights\portal_knights_x64.exe
FirewallRules: [UDP Query User{CA4EFC79-DE88-4C5C-8D3E-F8D08212C893}C:\program files (x86)\steam\steamapps\common\fallout 4\fallout4.exe] => (Block) C:\program files (x86)\steam\steamapps\common\fallout 4\fallout4.exe
FirewallRules: [TCP Query User{F4672CBB-E823-484D-9A9A-81478E7AD373}C:\program files (x86)\steam\steamapps\common\fallout 4\fallout4.exe] => (Block) C:\program files (x86)\steam\steamapps\common\fallout 4\fallout4.exe
FirewallRules: [{669E5E54-4FCB-471D-A9E4-2486208CE74E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Fallout 4\Fallout4Launcher.exe
FirewallRules: [{0662FD18-368A-4F1C-A9BC-DE2F4B7CB716}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Fallout 4\Fallout4Launcher.exe
FirewallRules: [UDP Query User{3D8639BA-4FDB-4AB9-93FA-95330A232850}C:\program files (x86)\mr dj\fable iii\fable3.exe] => (Allow) C:\program files (x86)\mr dj\fable iii\fable3.exe
FirewallRules: [TCP Query User{5323BD0A-C8B2-4519-A4A4-4AC165C5E156}C:\program files (x86)\mr dj\fable iii\fable3.exe] => (Allow) C:\program files (x86)\mr dj\fable iii\fable3.exe
FirewallRules: [{B5BFFF6D-2FF2-4B23-AC84-89E819E1E9C2}] => (Allow) C:\Users\Turd Fergusson\AppData\Local\Chromium\Application\chrome.exe
FirewallRules: [{52CDE83D-DBBB-4A0F-B01F-81C234084B0B}] => (Allow) C:\Program Files (x86)\Mr DJ\Fable III\FableLauncher.exe
FirewallRules: [{B36E591A-84FB-49BD-B534-DDFD050EC022}] => (Allow) C:\Program Files (x86)\Mr DJ\Fable III\FableLauncher.exe
FirewallRules: [{A3E012DA-A783-4141-B731-CCD4929648A3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Aragami\Aragami.exe
FirewallRules: [{2CBFF7FF-60ED-4CE3-96E4-6EEB6FE2DC59}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Aragami\Aragami.exe
FirewallRules: [{DBDCDC1B-DBF2-446A-B716-FA2215C4D9BF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Fallout New Vegas\FalloutNVLauncher.exe
FirewallRules: [{DB3054FE-1EC0-402F-B943-C665482C1CD6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Fallout New Vegas\FalloutNVLauncher.exe
FirewallRules: [{F859E70A-8E47-4C5C-A99E-F3C1B371AF70}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Wolfenstein 3D\base\dosbox.exe
FirewallRules: [{3BFD7B1B-D7F6-4CD5-8945-F0BC770CD954}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Wolfenstein 3D\base\dosbox.exe
FirewallRules: [{B1CFA89F-7281-42D5-94C3-D5CAE501ED1D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\NEO Scavenger\NEOScavenger.exe
FirewallRules: [{E0998878-CB08-49F0-BB7E-879CF3F19330}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\NEO Scavenger\NEOScavenger.exe
FirewallRules: [{2BE4F09B-F147-4DF7-9D6A-A58960223478}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\FINAL FANTASY VII\FF7_Launcher.exe
FirewallRules: [{57E2DB32-2096-4FF9-AB80-C3520A6C2B46}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\FINAL FANTASY VII\FF7_Launcher.exe
FirewallRules: [UDP Query User{8AFDF162-6B04-4CCF-91D1-F1231B492B1C}C:\users\turd fergusson\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\turd fergusson\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{67E67C91-211C-4605-AC94-8EDA627EC8B2}C:\users\turd fergusson\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\turd fergusson\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{9B9B3406-39CD-4ABF-8122-ED3085847B2E}C:\program files\java\jre1.8.0_91\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_91\bin\javaw.exe
FirewallRules: [TCP Query User{15BCCE73-62E3-413A-B420-1A9AD238A572}C:\program files\java\jre1.8.0_91\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_91\bin\javaw.exe
FirewallRules: [UDP Query User{8E86D84E-1E50-497C-95A6-B293B85DAD52}C:\program files (x86)\r.g. mechanics\dishonored - game of the year edition\binaries\win32\dishonored.exe] => (Allow) C:\program files (x86)\r.g. mechanics\dishonored - game of the year edition\binaries\win32\dishonored.exe
FirewallRules: [TCP Query User{0B1AAA13-F1EB-417A-B6BD-92AC58D7CAC1}C:\program files (x86)\r.g. mechanics\dishonored - game of the year edition\binaries\win32\dishonored.exe] => (Allow) C:\program files (x86)\r.g. mechanics\dishonored - game of the year edition\binaries\win32\dishonored.exe
FirewallRules: [{891B94FA-2F34-4EAD-A443-D05EC2BD1D7A}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{01C0269B-4FC2-44B9-80FB-B62A77093F73}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{7F546377-B3A7-4CDB-9E79-4CCCFC7A0407}] => (Allow) C:\Users\Turd Fergusson\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{DE7D3DFE-3E37-44B3-849E-902563C70654}] => (Allow) C:\Users\Turd Fergusson\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{DD041E37-B710-4562-9F86-D5358F5CD144}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{062278B8-DA02-4CA3-B171-C307FCC7D1F8}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{B201392F-A1E7-4558-8065-10ECE18FA5EA}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{A096CA1A-EBAA-4E08-ADA4-4277137A052C}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{5CA9C5F2-A1DC-4A25-B193-98C7A9438D0A}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPSOCKSVC.exe
FirewallRules: [{8DFDBAAB-ECE9-4D97-9C32-77E0C7CB1E55}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{52F009B1-BE90-47FF-9F22-1B498C10DC32}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{C47EAC3D-2CEC-4013-A9D4-02BC50B4DDB6}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{7AE363A1-8DEC-410C-B8B4-C66AF81B8897}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{1C470538-35FD-49D0-84B6-50E3D3187E97}] => (Allow) c:\Program Files\CyberLink\PowerDirector12\PDR10.EXE
FirewallRules: [{FFA9A517-0339-4022-8D60-F091F5DDAD01}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\hotline_miami\HotlineMiami.exe
FirewallRules: [{5E3B22E1-22D3-4BF9-B94C-D8FD8C7A20BE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\hotline_miami\HotlineMiami.exe
FirewallRules: [{65F12400-2F52-4843-A9A0-ADB6D56ADA96}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ASTRONEER Early Access\Astro.exe
FirewallRules: [{841F5EC0-AD99-468F-A640-734D1D908863}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ASTRONEER Early Access\Astro.exe
FirewallRules: [{7DF1D243-3244-4A12-B443-7FAF8AF126C6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\FTL Faster Than Light\FTLGame.exe
FirewallRules: [{B44DBDEC-2CA6-42CF-BBAF-A5A833AD3001}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\FTL Faster Than Light\FTLGame.exe
FirewallRules: [{E08628D7-CAD0-4572-8AB3-3E0BA418377E}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{186AD8A4-C3BF-46ED-9779-D8DB3D228E89}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [TCP Query User{281714A5-A091-4235-95A0-6AC77D0FC3DB}C:\program files (x86)\steam\steamapps\common\terraria\terrariaserver.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\terraria\terrariaserver.exe
FirewallRules: [UDP Query User{75206764-A78E-43C1-BD8F-EB875D15B51A}C:\program files (x86)\steam\steamapps\common\terraria\terrariaserver.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\terraria\terrariaserver.exe
FirewallRules: [TCP Query User{2DF3755F-E33B-418B-8E3E-C0F84536BE1F}C:\program files (x86)\steam\steamapps\common\astroneer early access\astro\binaries\win64\astro-win64-shipping.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\astroneer early access\astro\binaries\win64\astro-win64-shipping.exe
FirewallRules: [UDP Query User{05BE0D29-4E4C-4B3F-8670-EB8ABE091F92}C:\program files (x86)\steam\steamapps\common\astroneer early access\astro\binaries\win64\astro-win64-shipping.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\astroneer early access\astro\binaries\win64\astro-win64-shipping.exe
FirewallRules: [{1DE180C8-9FF7-4210-AD00-BA42745149F6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Borderlands 2\Binaries\Win32\Launcher.exe
FirewallRules: [{B3B781FB-E055-46D5-BF37-C7246C1B00DA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Borderlands 2\Binaries\Win32\Launcher.exe
FirewallRules: [{759311D9-848B-4DB8-8D2C-BB6EF796BC84}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Borderlands 2\Binaries\Win32\Borderlands2.exe
FirewallRules: [{16306C87-0CBD-4CBE-8DFA-D8335E072649}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Borderlands 2\Binaries\Win32\Borderlands2.exe
FirewallRules: [{1C7A2F72-86F5-4907-AC82-8817CC51C252}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Saints Row the Third\game_launcher.exe
FirewallRules: [{9B4E3999-55AA-49E5-8874-46E5A5634187}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Saints Row the Third\game_launcher.exe
FirewallRules: [{11B7780C-9AD8-43BD-8CFF-F6B579D2EC31}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Montaro\nw.exe
FirewallRules: [{32851BF0-B491-4FED-B0E7-62783FE6E225}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Montaro\nw.exe
FirewallRules: [{DA6CF217-02AA-46C5-84BA-3F50D1DDFC21}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Half-Life 2\hl2.exe
FirewallRules: [{CE4300E2-608C-4B5E-8CEC-C01A105104A6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Half-Life 2\hl2.exe
FirewallRules: [{E7DC5272-A802-4223-99AE-B28C76669730}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Abandoned\AbandonedHD.exe
FirewallRules: [{0DCB7354-2C7E-4EB6-99C9-EA7120E55D31}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Abandoned\AbandonedHD.exe
FirewallRules: [{94EBA47C-55FE-4853-9906-750F224C619C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Waveform\Waveform.exe
FirewallRules: [{636CBC8B-0114-497A-9493-715D093D3120}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Waveform\Waveform.exe
FirewallRules: [{98BECEF0-9BA8-4CBD-A95F-082043B0AE6F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Transistor\x64\Transistor.exe
FirewallRules: [{0BACDF93-89F7-45CF-85A2-2A8FE03E4B67}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Transistor\x64\Transistor.exe
FirewallRules: [{9CD658CB-4A85-4D2A-9158-F983DC868B4D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Stardew Valley\Stardew Valley.exe
FirewallRules: [{FFA4D51E-0CC8-41C6-B3F7-6569AC80606F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Stardew Valley\Stardew Valley.exe
FirewallRules: [{CE79F1A4-0A47-4D79-A78D-F3909A44137E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Besiege\Besiege.exe
FirewallRules: [{41D8C634-8723-4CCF-9266-AA79F1DA2B89}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Besiege\Besiege.exe
FirewallRules: [{5D138AB9-A95F-41A8-B974-8DC3E170B8D5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Antichamber\Binaries\Win32\UDK.exe
FirewallRules: [{602E56E5-6CAD-48A1-AFEE-553435AD91B3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Antichamber\Binaries\Win32\UDK.exe
FirewallRules: [{9F463134-D26E-444C-A4D4-8F3D0284DB94}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Airscape\nw.exe
FirewallRules: [{FEB36334-AD5E-4095-9075-D0D2F575737C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Airscape\nw.exe
FirewallRules: [{D10A7E6A-C5EA-4F7E-9A34-0ABDBC27B21E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Momodora III\Momodora3.exe
FirewallRules: [{1AC2B8F7-1384-41ED-9EB5-DD5B9C3FA56B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Momodora III\Momodora3.exe
FirewallRules: [{1275C9F0-E334-4A9B-AAF9-B0E268C11719}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\VA-11 HALL-A\VA-11 Hall A.exe
FirewallRules: [{61A2D4B4-E221-4A6A-BA14-690E908BBBE4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\VA-11 HALL-A\VA-11 Hall A.exe
FirewallRules: [{CC2A33E7-AEA2-405E-A87F-A2E82C67175D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\DEADBOLT\deadbolt_game.exe
FirewallRules: [{02EAC036-D8C6-4928-A671-871013FADB01}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\DEADBOLT\deadbolt_game.exe
FirewallRules: [{148878C9-66BB-4619-94E4-394DADE30BA4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Shantae and the Pirate's Curse\ShantaeCurse.exe
FirewallRules: [{0FA15161-5C7A-4F30-B883-EE768E76F359}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Shantae and the Pirate's Curse\ShantaeCurse.exe
FirewallRules: [{AE169E4A-D4F5-4D85-9095-42C2DCE5B6A6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\HacknSlash\Hack.exe
FirewallRules: [{EF786557-94E4-4346-9497-6F939BC248D5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\HacknSlash\Hack.exe
FirewallRules: [{E9403C35-7007-437C-BBD1-0532B6A10CF6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\L.A.Noire\LANLauncher.exe
FirewallRules: [{134C8A22-D8E3-472F-B5E2-43E8570A057C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\L.A.Noire\LANLauncher.exe
FirewallRules: [{0148451E-B4A1-41F4-AF03-87ED119CF58C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Valkyria Chronicles\Launcher.exe
FirewallRules: [{52F397ED-137D-4A6D-AB31-6FFD5CCCEF79}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Valkyria Chronicles\Launcher.exe
FirewallRules: [{E6058F17-EB3B-443E-AC65-B9F83346EC34}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ElseHeartbreak\ElseHeartbreak.exe
FirewallRules: [{694AB64A-3E85-486C-8A55-92F8E90B166F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ElseHeartbreak\ElseHeartbreak.exe
FirewallRules: [{C20D4E94-ECA6-4A3F-A698-DF40C887A550}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Brothers - A Tale of Two Sons\Binaries\Win32\Brothers.exe
FirewallRules: [{0F66B602-2AB5-45CC-9E6B-4204367ABC18}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Brothers - A Tale of Two Sons\Binaries\Win32\Brothers.exe
FirewallRules: [{6A5613C8-25E9-49C6-B539-306E01BB6F20}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Brothers - A Tale of Two Sons\Binaries\Win32\BrothersLauncher.exe
FirewallRules: [{46C936F0-594C-464E-8993-EB2CD5116EE9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Brothers - A Tale of Two Sons\Binaries\Win32\BrothersLauncher.exe
FirewallRules: [TCP Query User{34D82CD5-5665-45B9-AC8D-15E80532DF02}C:\program files (x86)\steam\steamapps\common\drop alive\drop alive.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\drop alive\drop alive.exe
FirewallRules: [UDP Query User{E6681176-1FE3-4097-9B3C-70636E220C09}C:\program files (x86)\steam\steamapps\common\drop alive\drop alive.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\drop alive\drop alive.exe
FirewallRules: [{1161C5B3-2B3E-4D74-97CD-5AAA61CC831B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Refunct\Refunct\Binaries\Win32\Refunct-Win32-Shipping.exe
FirewallRules: [{E0F07F92-9406-4A46-814F-AA4C06DEEBA9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Refunct\Refunct\Binaries\Win32\Refunct-Win32-Shipping.exe
FirewallRules: [{2931C2D6-7F3C-470C-AD4D-BD1516932E40}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sid Meier's Civilization V\Launcher.exe
FirewallRules: [{5E246C63-110A-453E-8222-78DB5997F2C5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sid Meier's Civilization V\Launcher.exe
FirewallRules: [{5E7A55FD-D498-4511-9D67-EB3A4AFE5F2E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Starseed Pilgrim\Starseed Pilgrim.exe
FirewallRules: [{C1697326-F5E9-401D-8A71-478F2B055312}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Starseed Pilgrim\Starseed Pilgrim.exe
FirewallRules: [{F8793A94-BDAA-46A8-A871-392514A32306}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Pixel Piracy\PixelPiracy.exe
FirewallRules: [{E23D85A4-C968-4607-940E-188AF5E7F15F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Pixel Piracy\PixelPiracy.exe
FirewallRules: [{A1E95E02-7525-4950-8085-B9550BF5F2CF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\FINAL FANTASY VIII\FF8_Launcher.exe
FirewallRules: [{26B4A6BE-A4DE-4A8B-B268-A27483DF296A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\FINAL FANTASY VIII\FF8_Launcher.exe
FirewallRules: [{36CBD9C2-425A-4D81-B8B2-F69AFB9BB825}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\XCom-Enemy-Unknown\Binaries\Win32\XComGame.exe
FirewallRules: [{9E903BB3-635B-494A-BE66-F3ABC132B0F7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\XCom-Enemy-Unknown\Binaries\Win32\XComGame.exe
FirewallRules: [{F6052744-3E35-4EEA-AD2E-0FFE49B8942E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Geometry Wars\GeometryWars.exe
FirewallRules: [{CEBFBF5B-1626-462F-A32E-AD0CE42BC5E4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Geometry Wars\GeometryWars.exe
FirewallRules: [{59EED9E2-EB49-484F-B0BE-43B4D5B4C2EF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Slime Rancher\SlimeRancher.exe
FirewallRules: [{82F4C9F1-543F-4587-8763-7CE4DEF935B0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Slime Rancher\SlimeRancher.exe
FirewallRules: [{D917829B-AFA0-4911-B9C9-1B075D294C50}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Starbound - Unstable\win64\starbound.exe
FirewallRules: [{80508171-95CD-4C9B-A04C-4FFCC16FD9D6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Starbound - Unstable\win64\starbound.exe
FirewallRules: [{069A2ADF-CE14-4BCE-BABE-5DA421F13D34}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Starbound - Unstable\win64\starbound_server.exe
FirewallRules: [{D33C246E-B12E-4E88-B037-5E697A38EED8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Starbound - Unstable\win64\starbound_server.exe
FirewallRules: [{4F8506C4-BEBC-4CEB-B537-06C59C02DA69}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Starbound - Unstable\win64\mod_uploader.exe
FirewallRules: [{2865D60C-5A64-4BC6-B5F7-9174DA4AF4B8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Starbound - Unstable\win64\mod_uploader.exe
FirewallRules: [{1065E779-3E9D-42E7-B31D-1B48BE7D8EC8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Starbound - Unstable\win32\starbound.exe
FirewallRules: [{4D6DBADE-2C8B-44F6-A0D6-03D25AD12FA2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Starbound - Unstable\win32\starbound.exe
FirewallRules: [{6A6645AF-2D57-4085-A415-92CB3EDA457B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Rememoried\rememoried.exe
FirewallRules: [{734E4071-84DF-4930-A01B-B7E6E4B3F173}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Rememoried\rememoried.exe
FirewallRules: [{4C7901F9-650A-43ED-A9A2-5F7509A5814E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Mad Max\MadMax.exe
FirewallRules: [{6600C41F-DD61-4976-9610-E91292ABA116}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Mad Max\MadMax.exe
FirewallRules: [TCP Query User{285171C5-CBD4-4A80-9C68-AE47606AFB4B}C:\program files (x86)\steam\steamapps\common\abzu\abzugame\binaries\win64\abzugame-win64-shipping.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\abzu\abzugame\binaries\win64\abzugame-win64-shipping.exe
FirewallRules: [UDP Query User{24D0CF64-5CD2-48E2-901B-34E304560C05}C:\program files (x86)\steam\steamapps\common\abzu\abzugame\binaries\win64\abzugame-win64-shipping.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\abzu\abzugame\binaries\win64\abzugame-win64-shipping.exe
FirewallRules: [{354CBBFD-71E4-4758-82F7-17BAF7859F5A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Magic Duels\MagicDuels.exe
FirewallRules: [{8769497F-5F95-4511-BBF8-6A0BE2DB19B8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Magic Duels\MagicDuels.exe
FirewallRules: [{1A951D02-0077-41FA-B067-A9C5569A8A08}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Road to Ballhalla\Game\RoadToBallhallaUE4.exe
FirewallRules: [{2D491216-13C0-46B8-B1AB-40216EC6BF65}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Road to Ballhalla\Game\RoadToBallhallaUE4.exe
FirewallRules: [{2BB6BE95-7D86-48F9-9F80-AD1799A30020}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Road to Ballhalla\Editor\rtbtiled.exe
FirewallRules: [{C9AC3CA1-5196-4B4D-B0D2-CC78CCE9D114}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Road to Ballhalla\Editor\rtbtiled.exe
FirewallRules: [TCP Query User{A9D1AD02-8617-41FE-929D-7B3E067DF67C}C:\program files (x86)\steam\steamapps\common\road to ballhalla\game\roadtoballhallaue4\binaries\win64\rollplayinggameue4-win64-shipping.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\road to ballhalla\game\roadtoballhallaue4\binaries\win64\rollplayinggameue4-win64-shipping.exe
FirewallRules: [UDP Query User{B05D9BBD-A089-4AC6-93A8-61B239A72BA3}C:\program files (x86)\steam\steamapps\common\road to ballhalla\game\roadtoballhallaue4\binaries\win64\rollplayinggameue4-win64-shipping.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\road to ballhalla\game\roadtoballhallaue4\binaries\win64\rollplayinggameue4-win64-shipping.exe
FirewallRules: [{B2B2E3BB-D981-4E84-A71C-8ED78F0A6C98}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe
FirewallRules: [{185E7A30-DCF8-4EE8-9C6A-8058E6F6FCA0}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe
FirewallRules: [{D7FC2075-2C91-4089-90AE-AFA98D998E24}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe
FirewallRules: [{C6187A2E-B687-4794-8040-EED1B1FE8677}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe
FirewallRules: [{DDBC4E7D-3C6A-4D2C-A959-AEC6EB0C5092}] => (Allow) C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv.exe
FirewallRules: [{81CBD2C3-64DB-432B-BDDA-052780BC19AD}] => (Allow) C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv.exe
FirewallRules: [{9A1C5813-986B-42D8-86B9-0E13E30CE9A2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Saints Row the Third\SaintsRowTheThird.exe
FirewallRules: [{E7EDF902-7562-408B-BD07-2BB3320043B4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Saints Row the Third\SaintsRowTheThird.exe
FirewallRules: [{E24D258B-9569-47BD-8BA6-FA585AE010A9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Saints Row the Third\SaintsRowTheThird_DX11.exe
FirewallRules: [{78C7DA54-C92D-4A48-9EF1-6BDAF156542B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Saints Row the Third\SaintsRowTheThird_DX11.exe
FirewallRules: [{FF8CB188-C56B-4E8B-9292-5D5A12666417}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{79B15987-1380-47BB-B8E4-9FB1FEB27B32}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Small Radios Big Televisions\SRBT.exe
FirewallRules: [{49610770-697C-4EC6-AC0E-674A3A02B64F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Small Radios Big Televisions\SRBT.exe
FirewallRules: [{4AF00788-4563-49B7-A7D1-D659BF1AC2EE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dont_starve\bin\dontstarve_steam.exe
FirewallRules: [{8C1B8620-CA44-4976-902F-DB23AC735820}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dont_starve\bin\dontstarve_steam.exe
FirewallRules: [TCP Query User{F75F3481-F9AF-4FBA-BC54-BCB623A1B043}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{3FE4E1C2-4E81-44D6-8E0F-523D8FF19CEA}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{571E9F4C-4775-43C9-A3FE-ACD0DE28D677}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Deadlight Director’s Cut\Binaries\Win64\LOTDGame.exe
FirewallRules: [{A2F7A0AD-988F-4CD4-B774-222779BB4991}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Deadlight Director’s Cut\Binaries\Win64\LOTDGame.exe
FirewallRules: [{06E0DE75-8BFA-4315-8FDB-EE2B803E2DBC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Skyrim Special Edition\SkyrimSELauncher.exe
FirewallRules: [{261F7C8E-A7BF-4934-B4C6-A4DC3F2BEEE7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Skyrim Special Edition\SkyrimSELauncher.exe
FirewallRules: [{DBA92869-BF32-42BE-BDA7-213E643E12D4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\FlameInTheFlood\RiverGame.exe
FirewallRules: [{0D2E2E3D-30D6-4814-886F-D93B66AD96ED}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\FlameInTheFlood\RiverGame.exe
FirewallRules: [{C9FCCCE6-1EB7-4724-8A2D-E085856BEAE6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Human Fall Flat\Human.exe
FirewallRules: [{CD964274-CD4C-4CF4-84A6-DC83C5FABC35}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Human Fall Flat\Human.exe
FirewallRules: [{137DDCCC-F6A8-430C-969A-1148A95A1178}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Neon Chrome\NeonChrome.exe
FirewallRules: [{42DB0302-79AC-4237-B2CC-5F7169BD0930}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Neon Chrome\NeonChrome.exe
FirewallRules: [{781336BF-8934-4424-A3FF-65392282EB36}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Grand Theft Auto San Andreas\gta-sa.exe
FirewallRules: [{436FCC22-8C0A-4F2D-9A56-2FCAD6E9BD62}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Grand Theft Auto San Andreas\gta-sa.exe
FirewallRules: [{EEF47E8F-6010-4EFA-A111-58640A4AD75B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Borderlands\Binaries\Borderlands.exe
FirewallRules: [{8C680261-89EF-4E37-9F59-EF163278E0C1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Borderlands\Binaries\Borderlands.exe
FirewallRules: [{C4479278-D4BA-48F4-9EE4-CF7CAB08C223}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Starbound\win64\starbound.exe
FirewallRules: [{DF1CF892-A3BF-4018-9B50-57E86CEECF23}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Starbound\win64\starbound.exe
FirewallRules: [{F4E66FA9-6D7F-4962-9198-2AED1C42AB46}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Starbound\win64\starbound_server.exe
FirewallRules: [{ECF4D170-73F5-4B6F-A27E-FBEB0248B44F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Starbound\win64\starbound_server.exe
FirewallRules: [{ACD48B86-078C-4D6E-808D-D9A37BF06428}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Starbound\win64\mod_uploader.exe
FirewallRules: [{EEBF8ED3-DA8F-4736-8A2B-E9327614B516}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Starbound\win64\mod_uploader.exe
FirewallRules: [{CA1AF6ED-20A2-4454-9548-9F302DC19978}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Starbound\win32\starbound.exe
FirewallRules: [{EDF9F35E-81B1-4D2A-B4A1-8F217757B8DB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Starbound\win32\starbound.exe
FirewallRules: [TCP Query User{1B9B4238-E187-4ACD-8865-4D880F0A6274}C:\program files (x86)\steam\steamapps\common\flameintheflood\rivergame\binaries\win64\rivergame-win64-shipping.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\flameintheflood\rivergame\binaries\win64\rivergame-win64-shipping.exe
FirewallRules: [UDP Query User{0C847C0E-E893-446C-88D7-EFCEB8401857}C:\program files (x86)\steam\steamapps\common\flameintheflood\rivergame\binaries\win64\rivergame-win64-shipping.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\flameintheflood\rivergame\binaries\win64\rivergame-win64-shipping.exe
FirewallRules: [{C4C563E9-7283-40AF-9DFD-7AC373CB3267}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Terraria\Terraria.exe
FirewallRules: [{8C2B0E9C-3598-4A83-A380-F0BA1930581D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Terraria\Terraria.exe
FirewallRules: [{22A0B874-7249-4E8D-8D9F-15600576C097}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Incredible Adventures of Van Helsing Final Cut\VanHelsing.exe
FirewallRules: [{D4D5BAC9-9A9F-47C2-86DB-1BFF9579EAB7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Incredible Adventures of Van Helsing Final Cut\VanHelsing.exe
FirewallRules: [{0831DF44-F59B-48B7-B21B-8F700D97D153}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Life Is Strange\Binaries\Win32\LifeIsStrange.exe
FirewallRules: [{5D795513-4268-4ADA-B80A-49F07AD3B8E3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Life Is Strange\Binaries\Win32\LifeIsStrange.exe
FirewallRules: [{781D3A45-441C-4B2F-9008-B74893A417BF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Turing Test\TheTuringTest\Binaries\Win64\TheTuringTest.exe
FirewallRules: [{F12E9682-37DD-4468-9B4A-D87A34C643DD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Turing Test\TheTuringTest\Binaries\Win64\TheTuringTest.exe
FirewallRules: [{14C0BD27-8CCA-45AF-8605-B7330BA41F59}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Crea\crea.exe
FirewallRules: [{9F339828-4715-4AF5-9D5D-0017434E07CE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Crea\crea.exe
FirewallRules: [{9A85EC37-4260-4F5E-B84D-A55E38DD8578}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Deus Ex Human Revolution Director's Cut\DXHRDC.exe
FirewallRules: [{E61C0DB2-E580-40A9-8DDE-D970EAF80172}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Deus Ex Human Revolution Director's Cut\DXHRDC.exe
FirewallRules: [{FA37D49D-C0AC-47A1-85EA-5CD5DA5338C7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Oddworld New n Tasty\NNT.exe
FirewallRules: [{91288B49-8A57-428D-9EAA-DB63546C0231}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Oddworld New n Tasty\NNT.exe
FirewallRules: [{A24DF2A1-8F4A-4F54-BECD-4B2EEB10E3BD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Rust\Rust.exe
FirewallRules: [{94708895-F09D-47D5-AD8E-B10C6E864797}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Rust\Rust.exe
FirewallRules: [{E23ECE06-E63E-4502-B8DD-3FEA0043DC90}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\DmC Devil May Cry\Binaries\Win32\DMC-DevilMayCry.exe
FirewallRules: [{C326159A-6543-4A1F-9EA8-D837D55C53D3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\DmC Devil May Cry\Binaries\Win32\DMC-DevilMayCry.exe
FirewallRules: [{43EC04C3-79F6-46F5-A61E-746638DDA4CB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\TumbleSeed\TumbleSeed.exe
FirewallRules: [{CA3F473F-1EE6-4EBC-8B4A-7554A320AECB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\TumbleSeed\TumbleSeed.exe
FirewallRules: [{E924E98D-61EA-4F19-8B27-FFDB321AAE5D}] => (Allow) C:\Program Files (x86)\MAGIX\Music Maker\25\MusicMaker.exe
FirewallRules: [{58FDFB30-1194-4456-966E-1212B25D61DC}] => (Allow) C:\Program Files\Opera\53.0.2907.99\opera.exe
FirewallRules: [{D2930870-9A08-4FEB-AC91-DCCCBE985C5E}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{3880257F-164D-4039-AC3D-588717043FA5}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
FirewallRules: [{691CA5A0-885E-4293-BA93-3C76D536B08A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Don't Starve Together\bin\dontstarve_steam.exe
FirewallRules: [{3893AEB6-7F80-4CBA-9583-7C6EA431CD23}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Don't Starve Together\bin\dontstarve_steam.exe
==================== Restore Points =========================
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (07/02/2018 05:55:34 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Local Hostname LAPTOP-LL9IITL0.local already in use; will try LAPTOP-LL9IITL0-2.local instead
Error: (07/02/2018 05:55:34 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: ProbeCount 0; will deregister 4 LAPTOP-LL9IITL0.local. Addr 192.168.1.69
Error: (07/02/2018 05:55:34 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Received from 192.168.1.69:5353 16 LAPTOP-LL9IITL0.local. AAAA 2600:1700:0F40:A8C0:0000:0000:0000:0047
Error: (07/02/2018 05:51:41 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Activation context generation failed for "C:\Program Files (x86)\Audacity\audacity.exe".Error in manifest or policy file "" on line .
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.112_none_fb3f961b30681c12.manifest.
Component 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.112_none_42ecccf244e44518.manifest.
Error: (07/02/2018 05:51:13 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: wmplayer.exe, version: 12.0.17134.1, time stamp: 0x854a1b2d
Faulting module name: ntdll.dll, version: 10.0.17134.112, time stamp: 0xcfe5bd82
Exception code: 0xc0000005
Fault offset: 0x00053563
Faulting process id: 0x1cfc
Faulting application start time: 0x01d411f290d69ac0
Faulting application path: C:\Program Files (x86)\Windows Media Player\wmplayer.exe
Faulting module path: C:\WINDOWS\SYSTEM32\ntdll.dll
Report Id: 6519d605-8060-4900-996f-5a148afe47de
Faulting package full name:
Faulting package-relative application ID:
Error: (07/02/2018 05:51:09 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: wmplayer.exe, version: 12.0.17134.1, time stamp: 0x854a1b2d
Faulting module name: RPCRT4.dll, version: 10.0.17134.112, time stamp: 0xc7775403
Exception code: 0xc00000fd
Fault offset: 0x00006edb
Faulting process id: 0x1cfc
Faulting application start time: 0x01d411f290d69ac0
Faulting application path: C:\Program Files (x86)\Windows Media Player\wmplayer.exe
Faulting module path: C:\WINDOWS\System32\RPCRT4.dll
Report Id: fc739189-7f52-4622-82e6-feaf5ca5604d
Faulting package full name:
Faulting package-relative application ID:
Error: (07/02/2018 05:49:01 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Activation context generation failed for "C:\Program Files (x86)\Audacity\audacity.exe".Error in manifest or policy file "" on line .
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.112_none_fb3f961b30681c12.manifest.
Component 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.112_none_42ecccf244e44518.manifest.
Error: (07/02/2018 05:48:17 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: wmplayer.exe, version: 12.0.17134.1, time stamp: 0x854a1b2d
Faulting module name: combase.dll, version: 10.0.17134.112, time stamp: 0xcdc43ef4
Exception code: 0xc00000fd
Fault offset: 0x000b5bc1
Faulting process id: 0x2170
Faulting application start time: 0x01d411f2294d2f26
Faulting application path: C:\Program Files (x86)\Windows Media Player\wmplayer.exe
Faulting module path: C:\WINDOWS\System32\combase.dll
Report Id: a549c09e-6aab-4fef-8f54-35453f92b799
Faulting package full name:
Faulting package-relative application ID:
System errors:
=============
Error: (07/02/2018 06:05:34 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (07/02/2018 05:55:50 AM) (Source: DCOM) (EventID: 10016) (User: LAPTOP-LL9IITL0)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
and APPID
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
to the user LAPTOP-LL9IITL0\Turd Fergusson SID (S-1-5-21-1113577436-1958664147-1972585464-1001) from address LocalHost (Using LRPC) running in the application container Microsoft.Windows.ContentDeliveryManager_10.0.17134.1_neutral_neutral_cw5n1h2txyewy SID (S-1-15-2-350187224-1905355452-1037786396-3028148496-2624191407-3283318427-1255436723). This security permission can be modified using the Component Services administrative tool.
Error: (07/02/2018 05:52:17 AM) (Source: DCOM) (EventID: 10016) (User: LAPTOP-LL9IITL0)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user LAPTOP-LL9IITL0\Turd Fergusson SID (S-1-5-21-1113577436-1958664147-1972585464-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (07/02/2018 05:48:26 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Origin Web Helper Service service failed to start due to the following error:
The service did not respond to the start or control request in a timely fashion.
Error: (07/02/2018 05:48:26 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Origin Web Helper Service service to connect.
Error: (07/02/2018 05:47:52 AM) (Source: DCOM) (EventID: 10016) (User: LAPTOP-LL9IITL0)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user LAPTOP-LL9IITL0\Turd Fergusson SID (S-1-5-21-1113577436-1958664147-1972585464-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (07/02/2018 05:46:34 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
and APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (07/02/2018 05:46:34 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
and APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Windows Defender:
===================================
Date: 2018-06-29 06:43:44.875
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {45B5A898-96F7-4657-B6D6-7DA252A3F412}
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2018-06-26 15:20:46.059
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {94C67205-66D3-46C4-B9A0-3D425427465D}
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2018-06-26 15:17:03.528
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {C4B93502-E0C1-4EB8-B53F-C0AAB8F425AD}
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2018-06-26 15:14:37.910
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {DD50BE06-73C2-4ACC-AA5F-6106CDB02774}
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2018-06-26 15:03:37.485
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {65AB903A-E2CD-4E04-8AA8-7E9ABF966DE7}
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2018-07-01 22:16:53.598
Description:
Windows Defender Antivirus has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 1.271.325.0
Update Source: Microsoft Update Server
Signature Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.15000.2
Error code: 0x800704cf
Error description: The network location cannot be reached. For information about network troubleshooting, see Windows Help.
Date: 2018-06-18 07:25:27.720
Description:
Windows Defender Antivirus has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 1.269.1420.0
Update Source: Microsoft Update Server
Signature Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.14901.4
Error code: 0x8024402c
Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.
Date: 2018-06-17 07:25:32.263
Description:
Windows Defender Antivirus has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 1.269.1420.0
Update Source: Microsoft Update Server
Signature Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.14901.4
Error code: 0x800704cf
Error description: The network location cannot be reached. For information about network troubleshooting, see Windows Help.
CodeIntegrity:
===================================
Date: 2018-07-01 09:50:35.157
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.18.1806.18062-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Users\Turd Fergusson\Downloads\OldNewExplorer\OldNewExplorer64.dll that did not meet the Microsoft signing level requirements.
Date: 2018-07-01 04:14:22.511
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.18.1806.18062-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Users\Turd Fergusson\Downloads\OldNewExplorer\OldNewExplorer64.dll that did not meet the Microsoft signing level requirements.
Date: 2018-06-30 11:30:52.611
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\browser_broker.exe) attempted to load \Device\HarddiskVolume3\Users\Turd Fergusson\Downloads\OldNewExplorer\OldNewExplorer64.dll that did not meet the Microsoft signing level requirements.
Date: 2018-06-30 11:30:52.600
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\browser_broker.exe) attempted to load \Device\HarddiskVolume3\Users\Turd Fergusson\Downloads\OldNewExplorer\OldNewExplorer64.dll that did not meet the Microsoft signing level requirements.
Date: 2018-06-30 11:30:52.596
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\browser_broker.exe) attempted to load \Device\HarddiskVolume3\Users\Turd Fergusson\Downloads\OldNewExplorer\OldNewExplorer64.dll that did not meet the Microsoft signing level requirements.
Date: 2018-06-30 11:30:52.590
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\browser_broker.exe) attempted to load \Device\HarddiskVolume3\Users\Turd Fergusson\Downloads\OldNewExplorer\OldNewExplorer64.dll that did not meet the Microsoft signing level requirements.
Date: 2018-06-30 11:30:52.578
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\browser_broker.exe) attempted to load \Device\HarddiskVolume3\Users\Turd Fergusson\Downloads\OldNewExplorer\OldNewExplorer64.dll that did not meet the Microsoft signing level requirements.
Date: 2018-06-30 11:30:52.573
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\browser_broker.exe) attempted to load \Device\HarddiskVolume3\Users\Turd Fergusson\Downloads\OldNewExplorer\OldNewExplorer64.dll that did not meet the Microsoft signing level requirements.
==================== Memory info ===========================
Processor: AMD A6-5200 APU with Radeon™ HD Graphics
Percentage of memory in use: 47%
Total physical RAM: 7633.01 MB
Available physical RAM: 3988.6 MB
Total Virtual: 15313.01 MB
Available Virtual: 11589.16 MB
==================== Drives ================================
Drive c: (Windows) (Fixed) (Total:909.59 GB) (Free:42.77 GB) NTFS
Drive d: (RECOVERY) (Fixed) (Total:20.06 GB) (Free:2.31 GB) NTFS ==>[system with boot components (obtained from drive)]
\\?\Volume{1e4065cc-9389-4de4-aaaa-476fbf5d8b67}\ () (Fixed) (Total:0.91 GB) (Free:0.41 GB) NTFS
\\?\Volume{82da5195-4b02-4bc5-8125-2f0f87a62f6e}\ (SYSTEM) (Fixed) (Total:0.25 GB) (Free:0.2 GB) FAT32
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 7198C9C0)
Partition: GPT.
==================== End of Addition.txt ============================
#5
Posted 02 July 2018 - 05:17 AM
J Artemis
- Topic Starter
-
- Member
-
- 10 posts
Member
Process CPU Private Bytes Working Set PID Description Company Name Verified Signer
System Idle Process 68.57 52 K 8 K 0
procexp64.exe 13.60 49,928 K 64,312 K 6448 Sysinternals Process Explorer Sysinternals - www.sysinternals.com (Verified) Microsoft Corporation
MsMpEng.exe 3.88 133,164 K 129,632 K 3660 Antimalware Service Executable Microsoft Corporation (Verified) Microsoft Corporation
dwm.exe 2.25 55,932 K 64,664 K 1060
TouchpointAnalyticsClientService.exe 2.01 44,624 K 44,892 K 3504 HP Touchpoint Analytics Client Service HP Inc. (Verified) HP Inc.
opera.exe 1.47 245,120 K 285,920 K 20172 Opera Internet Browser Opera Software (Verified) Opera Software AS
Taskmgr.exe 1.41 25,424 K 59,548 K 9036
System 1.18 192 K 272 K 4
Interrupts 1.16 0 K 0 K n/a Hardware Interrupts and DPCs
opera.exe 0.83 201,056 K 266,400 K 21960 Opera Internet Browser Opera Software (Verified) Opera Software AS
csrss.exe 0.78 5,564 K 6,156 K 688
ctfmon.exe 0.71 5,664 K 21,400 K 7096
explorer.exe 0.70 113,436 K 163,808 K 9148 Windows Explorer Microsoft Corporation (Verified) Microsoft Windows
FRST64.exe 0.31 28,000 K 50,332 K 17144
svchost.exe 0.27 71,600 K 77,568 K 1964 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
GamesAppIntegrationService.exe 0.19 1,604 K 7,668 K 4084 WildTangent Games App Integration Service WildTangent (Verified) WildTangent Inc
opera.exe 0.15 92,940 K 125,380 K 18184 Opera Internet Browser Opera Software (Verified) Opera Software AS
opera.exe 0.11 132,776 K 207,464 K 13324 Opera Internet Browser Opera Software (Verified) Opera Software AS
svchost.exe 0.08 11,320 K 17,060 K 524 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
opera.exe 0.07 259,496 K 294,908 K 19724 Opera Internet Browser Opera Software (Verified) Opera Software AS
svchost.exe 0.06 6,800 K 15,172 K 2744 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
TabTip.exe 0.06 3,692 K 15,312 K 7136
opera.exe 0.04 7,704 K 22,912 K 22168 Opera Internet Browser Opera Software (Verified) Opera Software AS
opera.exe 0.03 149,472 K 91,188 K 7472 Opera Internet Browser Opera Software (Verified) Opera Software AS
MOM.exe 0.03 24,652 K 4,640 K 8540 Catalyst Control Center: Monitoring program Advanced Micro Devices Inc. (Verified) Advanced Micro Devices
svchost.exe 0.01 5,264 K 16,304 K 3136 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 0.01 12,732 K 22,372 K 1592 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 0.01 20,028 K 31,140 K 3876 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
Rainmeter.exe 0.01 2,816 K 13,236 K 8576 Rainmeter desktop customization tool Rainmeter (Verified) Open Source Developer
SearchIndexer.exe < 0.01 31,200 K 35,876 K 5136 Microsoft Windows Search Indexer Microsoft Corporation (Verified) Microsoft Windows
SynTPEnh.exe < 0.01 6,184 K 21,116 K 1036 Synaptics TouchPad 64-bit Enhancements Synaptics Incorporated (Verified) Synaptics Incorporated
svchost.exe < 0.01 12,092 K 29,244 K 1008 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
YouCamService6.exe < 0.01 4,924 K 832 K 3980 CyberLink YouCam Service CyberLink Corp. (Verified) CyberLink Corp.
fontdrvhost.exe < 0.01 5,256 K 10,652 K 1016
Memory Compression < 0.01 180 K 19,660 K 1780
ss_conn_service.exe < 0.01 2,000 K 6,552 K 3596 MSS CS Connectivity Service DEVGURU Co., LTD. (Verified) DEVGURU CO LTD
svchost.exe < 0.01 6,904 K 16,380 K 3676 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe < 0.01 4,352 K 15,448 K 5192 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe < 0.01 3,700 K 12,704 K 4564 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe < 0.01 13,016 K 29,532 K 3840 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
WmiPrvSE.exe 2,840 K 9,208 K 7756
wlanext.exe 1,416 K 5,732 K 3208
WirelessKB850NotificationService.exe 1,412 K 5,924 K 3832 WirelessKB850NotificationService.exe Microsoft Corporation (Verified) Microsoft Corporation
winlogon.exe 2,552 K 10,132 K 776
wininit.exe 1,344 K 6,524 K 672
taskhostw.exe 7,356 K 17,984 K 4100 Host Process for Windows Tasks Microsoft Corporation (Verified) Microsoft Windows
SynTPHelper.exe 1,028 K 4,508 K 5268
SynTPEnhService.exe 1,224 K 4,984 K 3588 64-bit Synaptics Pointing Enhance Service Synaptics Incorporated (Verified) Synaptics Incorporated
svchost.exe 6,736 K 21,436 K 5572 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 14,228 K 31,852 K 68 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 5,584 K 20,936 K 3764 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 2,300 K 11,756 K 3192 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 3,764 K 13,180 K 2680 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 3,276 K 9,784 K 2568 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 6,308 K 15,388 K 1320 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 4,712 K 12,224 K 2384 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 1,988 K 7,876 K 2000 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 2,100 K 8,080 K 2392 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 2,184 K 7,500 K 2060 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 1,340 K 5,800 K 1948 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 2,540 K 10,552 K 1280 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 2,388 K 10,960 K 1604 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 4,640 K 8,772 K 1924 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 2,124 K 9,100 K 2292 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 4,160 K 17,864 K 2192 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 2,344 K 10,728 K 2352 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 1,476 K 6,568 K 1492 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 1,892 K 8,160 K 2400 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 1,780 K 7,932 K 2028 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 2,792 K 8,180 K 744 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 2,120 K 9,520 K 1232 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 1,572 K 7,072 K 1408 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 1,744 K 6,024 K 1376 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 2,560 K 9,204 K 1400 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 2,028 K 11,396 K 1640 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 14,836 K 18,324 K 1628 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 1,700 K 7,680 K 1624 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 976 K 3,932 K 980 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 3,504 K 14,604 K 1532 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 2,000 K 8,048 K 3420 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 2,384 K 8,844 K 3960 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 2,156 K 7,108 K 4240 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 3,752 K 12,856 K 3868 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 2,680 K 11,532 K 15756 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 3,448 K 12,776 K 2248 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 4,576 K 19,820 K 3888 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 2,304 K 8,492 K 17924 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 1,876 K 6,696 K 2452 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 4,044 K 9,280 K 2596 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 8,172 K 33,932 K 2344 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 1,380 K 5,484 K 21832 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 2,668 K 10,916 K 8744 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 1,852 K 7,952 K 5700 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 2,008 K 7,364 K 2264 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 6,176 K 22,988 K 15780 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 1,780 K 7,888 K 3036 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 1,308 K 5,600 K 3696 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 1,620 K 6,512 K 3856 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 3,684 K 12,116 K 4220 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 2,544 K 10,964 K 4336 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 1,732 K 8,376 K 784 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 2,112 K 7,268 K 3744 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 2,212 K 8,836 K 2288 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 2,028 K 5,904 K 5628 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 3,896 K 8,924 K 2052 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 1,776 K 6,824 K 5904 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 1,448 K 6,004 K 3068 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 1,964 K 10,040 K 6296 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 1,304 K 5,672 K 7452 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 2,436 K 7,264 K 9932 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
SpotifyWebHelper.exe 1,704 K 7,648 K 8500 SpotifyWebHelper Spotify Ltd (Verified) Spotify AB
spoolsv.exe 5,532 K 14,632 K 3356 Spooler SubSystem App Microsoft Corporation (Verified) Microsoft Windows
smss.exe 488 K 1,152 K 396
SkypeHost.exe Suspended 52,664 K 33,988 K 6412 Microsoft Skype Microsoft Corporation (No signature was present in the subject) Microsoft Corporation
sihost.exe 39,080 K 69,224 K 4496 Shell Infrastructure Host Microsoft Corporation (Verified) Microsoft Windows
ShellExperienceHost.exe Suspended 36,168 K 90,928 K 11800 Windows Shell Experience Host Microsoft Corporation (Verified) Microsoft Windows
SgrmBroker.exe 2,188 K 4,528 K 1944 System Guard Runtime Monitor Broker Service Microsoft Corporation (Verified) Microsoft Windows Publisher
SettingSyncHost.exe 8,968 K 4,120 K 6472 Host Process for Setting Synchronization Microsoft Corporation (Verified) Microsoft Windows
services.exe 5,100 K 9,828 K 796
SecurityHealthService.exe 4,888 K 16,116 K 3772 Windows Security Health Service Microsoft Corporation (Verified) Microsoft Windows Publisher
SecHealthUI.exe Suspended 24,132 K 62,696 K 19676 Windows Defender application Microsoft Corporation (Verified) Microsoft Windows
SearchUI.exe Suspended 61,136 K 111,136 K 484 Search and Cortana application Microsoft Corporation (Verified) Microsoft Windows
SearchProtocolHost.exe 2,564 K 12,380 K 5604
SearchFilterHost.exe 2,156 K 8,532 K 10256
RuntimeBroker.exe 7,212 K 28,528 K 2188 Runtime Broker Microsoft Corporation (Verified) Microsoft Windows
RuntimeBroker.exe 2,880 K 12,524 K 21476 Runtime Broker Microsoft Corporation (Verified) Microsoft Windows
RuntimeBroker.exe 2,928 K 13,224 K 336 Runtime Broker Microsoft Corporation (Verified) Microsoft Windows
RuntimeBroker.exe 5,628 K 12,356 K 8424 Runtime Broker Microsoft Corporation (Verified) Microsoft Windows
RtkNGUI64.exe 8,164 K 17,424 K 8068 Realtek HD Audio Manager Realtek Semiconductor (Verified) Realtek Semiconductor Corp.
RtkAudioService64.exe 1,952 K 8,308 K 3028 Realtek Audio Service Realtek Semiconductor (Verified) Realtek Semiconductor Corp.
Registry 4,624 K 101,228 K 104
RAVBg64.exe 6,588 K 15,468 K 3320
ProductAgentService.exe 4,088 K 13,472 K 3716 Bitdefender Agent Bitdefender (Verified) Bitdefender SRL
procexp.exe 3,080 K 10,012 K 7884 Sysinternals Process Explorer Sysinternals - www.sysinternals.com (Verified) Microsoft Corporation
opera_crashreporter.exe 1,728 K 7,696 K 13956 Opera crash-reporter Opera Software (Verified) Opera Software AS
opera.exe 20,716 K 33,944 K 9520 Opera Internet Browser Opera Software (Verified) Opera Software AS
opera.exe 34,876 K 48,076 K 21980 Opera Internet Browser Opera Software (Verified) Opera Software AS
opera.exe 24,620 K 38,588 K 20672 Opera Internet Browser Opera Software (Verified) Opera Software AS
opera.exe 39,576 K 64,396 K 21808 Opera Internet Browser Opera Software (Verified) Opera Software AS
opera.exe 25,464 K 41,548 K 22176 Opera Internet Browser Opera Software (Verified) Opera Software AS
OfficeHubTaskHost.exe Suspended 8,596 K 24,148 K 18556 Office Hub Task Host Microsoft Corporation (No signature was present in the subject) Microsoft Corporation
notepad.exe 3,084 K 16,380 K 9632
notepad.exe 3,236 K 16,456 K 20620
NisSrv.exe 8,336 K 11,360 K 700 Microsoft Network Realtime Inspection Service Microsoft Corporation (Verified) Microsoft Corporation
MSASCuiL.exe 2,036 K 12,344 K 7904 Windows Defender notification icon Microsoft Corporation (Verified) Microsoft Windows
mDNSResponder.exe 1,820 K 6,552 K 3564 Bonjour Service Apple Inc. (Verified) Apple Inc.
lsass.exe 6,800 K 18,512 K 860 Local Security Authority Process Microsoft Corporation (Verified) Microsoft Windows Publisher
jusched.exe 2,240 K 13,420 K 6108 Java Update Scheduler Oracle Corporation (Verified) Oracle America
HPWMISVC.exe 1,644 K 8,248 K 3572 HP WMI Service Hewlett-Packard Development Company, L.P. (Verified) Hewlett-Packard Company
HPSupportSolutionsFrameworkService.exe 35,504 K 46,424 K 4200 HP Support Solutions Framework Service HP Inc. (Verified) HP Inc.
HPMSGSVC.exe 1,600 K 8,192 K 8888 HP Message Service Hewlett-Packard Development Company, L.P. (Verified) Hewlett-Packard Company
Fuel.Service.exe 2,176 K 9,604 K 3540 AMD Fuel Service Advanced Micro Devices, Inc. (No signature was present in the subject) Advanced Micro Devices, Inc.
fontdrvhost.exe 1,740 K 4,092 K 1020
dllhost.exe 2,216 K 8,360 K 18788 COM Surrogate Microsoft Corporation (Verified) Microsoft Windows
DbxSvc.exe 2,548 K 6,460 K 3640 Dropbox Service Dropbox, Inc. (Verified) Dropbox
csrss.exe 1,700 K 5,128 K 556
conhost.exe 5,312 K 8,200 K 3228
CCC.exe 77,172 K 6,128 K 9144 Catalyst Control Center: Host application Advanced Micro Devices Inc. (Verified) Advanced Micro Devices
BtwRSupportService.exe 2,004 K 7,908 K 3548 Bluetooth Radio Management Support Broadcom Corporation. (Verified) Broadcom Corporation
BingSvc.exe 3,688 K 16,968 K 6244 Microsoft Bing Service © 2015 Microsoft Corporation (Verified) Microsoft Corporation
audiodg.exe 15,448 K 20,020 K 21380
atiesrxx.exe 1,352 K 5,728 K 1676 AMD External Events Service Module AMD (Verified) Microsoft Windows Hardware Compatibility Publisher
atieclxx.exe 2,372 K 9,672 K 1884
ApplicationFrameHost.exe 9,796 K 39,592 K 19820 Application Frame Host Microsoft Corporation (Verified) Microsoft Windows
#6
Posted 02 July 2018 - 05:21 AM
J Artemis
- Topic Starter
-
- Member
-
- 10 posts
Member
Image Name PID Services
========================= ======== ============================================
System Idle Process 0 N/A
System 4 N/A
Registry 104 N/A
smss.exe 396 N/A
csrss.exe 556 N/A
wininit.exe 672 N/A
csrss.exe 688 N/A
winlogon.exe 776 N/A
services.exe 796 N/A
lsass.exe 860 KeyIso, SamSs, VaultSvc
svchost.exe 980 PlugPlay
svchost.exe 1008 BrokerInfrastructure, DcomLaunch, Power,
SystemEventsBroker
fontdrvhost.exe 1020 N/A
fontdrvhost.exe 1016 N/A
svchost.exe 524 RpcEptMapper, RpcSs
svchost.exe 744 LSM
dwm.exe 1060 N/A
svchost.exe 1232 NcbService
svchost.exe 1280 ProfSvc
svchost.exe 1320 Schedule
svchost.exe 1376 hidserv
svchost.exe 1400 UserManager
svchost.exe 1408 NgcSvc
svchost.exe 1592 BFE, CoreMessagingRegistrar, mpssvc
svchost.exe 1604 bthserv
svchost.exe 1628 EventLog
svchost.exe 1624 BthAvctpSvc
svchost.exe 1640 TimeBrokerSvc
atiesrxx.exe 1676 AMD External Events Utility
atieclxx.exe 1884 N/A
svchost.exe 1924 nsi
svchost.exe 1948 Themes
svchost.exe 1964 SysMain
svchost.exe 2000 EventSystem
svchost.exe 2028 BTAGService
svchost.exe 1492 DeviceAssociationService
Memory Compression 1780 N/A
svchost.exe 2060 Dhcp
svchost.exe 2192 lfsvc
svchost.exe 2292 SENS
svchost.exe 2352 PhoneSvc
svchost.exe 2384 NlaSvc
svchost.exe 2392 AudioEndpointBuilder
svchost.exe 2400 FontCache
svchost.exe 2568 netprofm
svchost.exe 2680 Audiosrv
svchost.exe 2744 StateRepository
RtkAudioService64.exe 3028 RtkAudioService
svchost.exe 3036 TabletInputService
svchost.exe 2248 Wcmsvc
svchost.exe 2452 DusmSvc
svchost.exe 2596 Dnscache
svchost.exe 2264 WinHttpAutoProxySvc
svchost.exe 3136 WlanSvc
svchost.exe 3192 ShellHWDetection
wlanext.exe 3208 N/A
conhost.exe 3228 N/A
RAVBg64.exe 3320 N/A
spoolsv.exe 3356 Spooler
svchost.exe 3420 LanmanWorkstation
Fuel.Service.exe 3540 AMD FUEL Service
BtwRSupportService.exe 3548 BcmBtRSupport
mDNSResponder.exe 3564 Bonjour Service
HPWMISVC.exe 3572 HPWMISVC
SynTPEnhService.exe 3588 SynTPEnhService
ss_conn_service.exe 3596 ss_conn_service
DbxSvc.exe 3640 DbxSvc
MsMpEng.exe 3660 WinDefend
svchost.exe 3676 Winmgmt
svchost.exe 3696 TrkWks
ProductAgentService.exe 3716 ProductAgentService
SecurityHealthService.exe 3772 SecurityHealthService
WirelessKB850Notification 3832 WirelessKB850NotificationService
svchost.exe 3840 DiagTrack
svchost.exe 3856 SstpSvc
svchost.exe 3868 CryptSvc
svchost.exe 3876 DPS
svchost.exe 3888 WpnService
svchost.exe 3960 LanmanServer
svchost.exe 4220 iphlpsvc
svchost.exe 4240 TapiSrv
svchost.exe 4336 WdiServiceHost
svchost.exe 4564 RasMan
NisSrv.exe 700 WdNisSvc
svchost.exe 784 NgcCtnrSvc
svchost.exe 3744 SSDPSRV
svchost.exe 3764 CDPSvc
GamesAppIntegrationServic 4084 GamesAppIntegrationService
HPSupportSolutionsFramewo 4200 HPSupportSolutionsFrameworkService
TouchpointAnalyticsClient 3504 HPTouchpointAnalyticsService
SgrmBroker.exe 1944 SgrmBroker
svchost.exe 68 UsoSvc, wuauserv
svchost.exe 2288 wscsvc
SearchIndexer.exe 5136 WSearch
svchost.exe 5628 WdiSystemHost
svchost.exe 2052 PcaSvc
svchost.exe 5700 camsvc
svchost.exe 5192 wlidsvc
sihost.exe 4496 N/A
svchost.exe 5572 CDPUserSvc_1a53f3
svchost.exe 2344 WpnUserService_1a53f3
taskhostw.exe 4100 N/A
svchost.exe 1532 TokenBroker
SynTPEnh.exe 1036 N/A
svchost.exe 3068 Appinfo
SynTPHelper.exe 5268 N/A
RuntimeBroker.exe 2188 N/A
RuntimeBroker.exe 336 N/A
svchost.exe 6296 LicenseManager
SkypeHost.exe 6412 N/A
SettingSyncHost.exe 6472 N/A
ctfmon.exe 7096 N/A
TabTip.exe 7136 N/A
svchost.exe 7452 seclogon
MSASCuiL.exe 7904 N/A
RtkNGUI64.exe 8068 N/A
YouCamService6.exe 3980 N/A
BingSvc.exe 6244 N/A
SpotifyWebHelper.exe 8500 N/A
svchost.exe 8744 upnphost
HPMSGSVC.exe 8888 N/A
WmiPrvSE.exe 7756 N/A
jusched.exe 6108 N/A
MOM.exe 8540 N/A
Rainmeter.exe 8576 N/A
CCC.exe 9144 N/A
svchost.exe 15780 OneSyncSvc_1a53f3,
PimIndexMaintenanceSvc_1a53f3,
UnistoreSvc_1a53f3, UserDataSvc_1a53f3
RuntimeBroker.exe 8424 N/A
Taskmgr.exe 9036 N/A
explorer.exe 9148 N/A
ShellExperienceHost.exe 11800 N/A
SearchUI.exe 484 N/A
opera.exe 13324 N/A
opera_crashreporter.exe 13956 N/A
opera.exe 7472 N/A
opera.exe 22176 N/A
opera.exe 21980 N/A
opera.exe 9520 N/A
opera.exe 21960 N/A
opera.exe 21808 N/A
opera.exe 20672 N/A
ApplicationFrameHost.exe 19820 N/A
SecHealthUI.exe 19676 N/A
dllhost.exe 18788 N/A
svchost.exe 17924 RmSvc
svchost.exe 15756 StorSvc
svchost.exe 21832 lmhosts
OfficeHubTaskHost.exe 18556 N/A
RuntimeBroker.exe 21476 N/A
svchost.exe 9932 QWAVE
opera.exe 18184 N/A
opera.exe 22168 N/A
smartscreen.exe 15980 N/A
svchost.exe 9352 XblAuthManager
opera.exe 17156 N/A
opera.exe 20204 N/A
svchost.exe 3080 BITS
dllhost.exe 17492 N/A
RuntimeBroker.exe 11960 N/A
cmd.exe 14664 N/A
conhost.exe 12184 N/A
audiodg.exe 8316 N/A
tasklist.exe 11140 N/A
WmiPrvSE.exe 12044 N/A
#8
Posted 02 July 2018 - 05:52 AM
J Artemis
- Topic Starter
-
- Member
-
- 10 posts
Member
ok lets try that again..
#9
Posted 02 July 2018 - 05:53 AM
J Artemis
- Topic Starter
-
- Member
-
- 10 posts
Member
x
File deleted. You did not remove the serial number. I have downloaded the file so no need to repost.
#10
Posted 02 July 2018 - 06:13 AM
J Artemis
- Topic Starter
-
- Member
-
- 10 posts
Member
_________________________________________________________________________________________________________
CONCLUSION
_________________________________________________________________________________________________________
Your system appears to be suitable for handling real-time audio and other tasks without dropouts.
LatencyMon has been analyzing your system for 0:00:23 (h:mm:ss) on all processors.
_________________________________________________________________________________________________________
SYSTEM INFORMATION
_________________________________________________________________________________________________________
Computer name: LAPTOP-LL9IITL0
OS version: Windows 10 , 10.0, build: 17134 (x64)
Hardware: HP Notebook, HP, 8137
CPU: AuthenticAMD AMD A6-5200 APU with Radeon™ HD Graphics
Logical processors: 4
Processor groups: 1
RAM: 7633 MB total
_________________________________________________________________________________________________________
CPU SPEED
_________________________________________________________________________________________________________
Reported CPU speed: 1996 MHz
Note: reported execution times may be calculated based on a fixed reported CPU speed. Disable variable speed settings like Intel Speed Step and AMD Cool N Quiet in the BIOS setup for more accurate results.
_________________________________________________________________________________________________________
MEASURED INTERRUPT TO USER PROCESS LATENCIES
_________________________________________________________________________________________________________
The interrupt to process latency reflects the measured interval that a usermode process needed to respond to a hardware request from the moment the interrupt service routine started execution. This includes the scheduling and execution of a DPC routine, the signaling of an event and the waking up of a usermode thread from an idle wait state in response to that event.
Highest measured interrupt to process latency (µs): 267.765222
Average measured interrupt to process latency (µs): 8.322224
Highest measured interrupt to DPC latency (µs): 259.044899
Average measured interrupt to DPC latency (µs): 2.527020
_________________________________________________________________________________________________________
REPORTED ISRs
_________________________________________________________________________________________________________
Interrupt service routines are routines installed by the OS and device drivers that execute in response to a hardware interrupt signal.
Highest ISR routine execution time (µs): 109.420341
Driver with highest ISR routine execution time: ndis.sys - Network Driver Interface Specification (NDIS), Microsoft Corporation
Highest reported total ISR routine time (%): 0.016154
Driver with highest ISR total time: ndis.sys - Network Driver Interface Specification (NDIS), Microsoft Corporation
Total time spent in ISRs (%) 0.048142
ISR count (execution time <250 µs): 4754
ISR count (execution time 250-500 µs): 0
ISR count (execution time 500-999 µs): 0
ISR count (execution time 1000-1999 µs): 0
ISR count (execution time 2000-3999 µs): 0
ISR count (execution time >=4000 µs): 0
_________________________________________________________________________________________________________
REPORTED DPCs
_________________________________________________________________________________________________________
DPC routines are part of the interrupt servicing dispatch mechanism and disable the possibility for a process to utilize the CPU while it is interrupted until the DPC has finished execution.
Highest DPC routine execution time (µs): 315.903808
Driver with highest DPC routine execution time: ntoskrnl.exe - NT Kernel & System, Microsoft Corporation
Highest reported total DPC routine time (%): 0.083995
Driver with highest DPC total execution time: dxgkrnl.sys - DirectX Graphics Kernel, Microsoft Corporation
Total time spent in DPCs (%) 0.209882
DPC count (execution time <250 µs): 29855
DPC count (execution time 250-500 µs): 0
DPC count (execution time 500-999 µs): 1
DPC count (execution time 1000-1999 µs): 0
DPC count (execution time 2000-3999 µs): 0
DPC count (execution time >=4000 µs): 0
_________________________________________________________________________________________________________
REPORTED HARD PAGEFAULTS
_________________________________________________________________________________________________________
Hard pagefaults are events that get triggered by making use of virtual memory that is not resident in RAM but backed by a memory mapped file on disk. The process of resolving the hard pagefault requires reading in the memory from disk while the process is interrupted and blocked from execution.
NOTE: some processes were hit by hard pagefaults. If these were programs producing audio, they are likely to interrupt the audio stream resulting in dropouts, clicks and pops. Check the Processes tab to see which programs were hit.
Process with highest pagefault count: msmpeng.exe
Total number of hard pagefaults 9
Hard pagefault count of hardest hit process: 9
Number of processes hit: 1
_________________________________________________________________________________________________________
PER CPU DATA
_________________________________________________________________________________________________________
CPU 0 Interrupt cycle time (s): 0.803194
CPU 0 ISR highest execution time (µs): 109.420341
CPU 0 ISR total execution time (s): 0.044351
CPU 0 ISR count: 4743
CPU 0 DPC highest execution time (µs): 315.903808
CPU 0 DPC total execution time (s): 0.181918
CPU 0 DPC count: 28847
_________________________________________________________________________________________________________
CPU 1 Interrupt cycle time (s): 0.123566
CPU 1 ISR highest execution time (µs): 0.0
CPU 1 ISR total execution time (s): 0.0
CPU 1 ISR count: 0
CPU 1 DPC highest execution time (µs): 202.007014
CPU 1 DPC total execution time (s): 0.003827
CPU 1 DPC count: 227
_________________________________________________________________________________________________________
CPU 2 Interrupt cycle time (s): 0.112266
CPU 2 ISR highest execution time (µs): 2.944389
CPU 2 ISR total execution time (s): 0.000003
CPU 2 ISR count: 1
CPU 2 DPC highest execution time (µs): 120.532064
CPU 2 DPC total execution time (s): 0.004439
CPU 2 DPC count: 420
_________________________________________________________________________________________________________
CPU 3 Interrupt cycle time (s): 0.148662
CPU 3 ISR highest execution time (µs): 37.828657
CPU 3 ISR total execution time (s): 0.000146
CPU 3 ISR count: 10
CPU 3 DPC highest execution time (µs): 58.943888
CPU 3 DPC total execution time (s): 0.003822
CPU 3 DPC count: 362
_________________________________________________________________________________________________________
#12
Posted 02 July 2018 - 07:54 AM
RKinner
-
- Expert
-
- 24,624 posts
Malware Expert
Nothing obvious.
I would uninstall:
Audacity 2.1.3 (This version has a bug and creates errors. Try the latest which is 2.2.2 https://www.audacityteam.org/download/ )
Bonjour. Apple can't seem to get this to work on Win 10. You probably don't need it anyway. It just helps Apple stuff talk to other Apple stuff. You can get a new version if you download itunes.
Connect (This is adware installed without asking - probably by Music Maker)
OldNewExplorer (latest version of Windows 10 broke your version. You can try a new version: http://www.softpedia.com/get/Tweak/System-Tweak/OldNewExplorer.shtml or replace with Classic Shell which still works as ot 7/2/2018: http://www.classicshell.net/ )
Windows Defender is not happy for some reason. I would try replacing it with the free Avast (which will shut down Windows Defender when it installs)
http://www.avast.com/index
Click on Download then choose the free version.
Uncheck any optional software they offer and avoid the trial. You want the free basic version. Once you get it installed and updating then tonight while you sleep let it run a boot-time scan.
Click on the Avast ball. Then click on Protection, then on Antivirus, then on Other Scans then on Boot-time Scan. Click on Install Special Definitions. Click on Run on Next PC Reboot.
Reboot and let it run a scan. It may take hours.
Once it finishes it should load windows. Mute your speakers so it doesn't wake you up when Windows boots.
When you reboot you will see the scan start. It will tell you where it saves its log. Usually it's C:\ProgramData\AVAST Software\Avast\report\aswBoot.txt but it might change so verify the location. This is a hidden location so you will need to tell Windows to let you see it:
http://www.howtogeek...-windows-vista/
Copy and paste the text from the log to a Reply when done.
Speccy seems to think the PC is a bit warm but Speccy is often wrong. Let's get a second opinion:
Run Speedfan to monitor your temps in real time:
http://www.filehippo...nload_speedfan/
Download, save and Install it (Win 7+ or Vista right click and Run As Admin.) then run it (Win 7+ or Vista right click and Run As Admin.).
It will tell you your temps in real time tho the default is to show the hard drive temp in the systray. You can change it: Hit Configure then click on the highest temp and check Show in tray. With no other programs running what is the highest temp you see? Run an anti-virus scan, play one of your games or watch a video for at least 5 minutes. What is the highest temp now?
We don't really want it to go over about 65 under load. If it does it usually means either the fan is defective (speedfan should tell you your fan speed so you can see if it is running) or (most likely) the interface between the fan and the heatsink is clogged with dust. The best fix for a clogged heatsink is to remove the fan (not the heatsink or heatpipe) and vacuum out the heatsink. However on some PCs this is major surgery. Sometimes you can blow air backwards through the exhaust vent while vacuuming at the input vent and if you are lucky it may clear the heatsink. Don't do it too long as the fan may overrev.
I see some memory dumps. This may be caused by overheating but let's look and see:
Download BlueScreenView
http://www.nirsoft.n...creen_view.html
Double click on BlueScreenView.exe file to run the program.
When scanning is done, go Edit, Select All.
Go File, Save Selected Items, and save the report as BSOD.txt.
Open BSOD.txt in Notepad, copy all content, and paste it into your next reply.
Similar Topics
0 user(s) are reading this topic
0 members, 0 guests, 0 anonymous users
As Featured On:
Sign In
Create Account
