I'm far from being an expert when it comes to malware, but I'm a very proficient computer user and I know suspicious activity when I see it...
Ever since around December 1st, I've been dealing with an infection of some sort on two different machines - my own desktop PC and a friend's laptop - both of which are bootable and usable but get BSODs very often and almost at random. I have a friend who had a badly infected laptop, which I cleaned up with Avast and Malwarebytes. I had agreed to backup her files, reformat the drive, and install Windows 10 instead of Windows 7. I took the hard drive out of the laptop and formatted it after connecting it to my own PC and making backups of important files. I then installed a version of Windows 10 on the laptop, using a USB keydrive.
There were multiple occasions in which I didn't consider that there might be some sort of lingering infection of the laptop (I had almost forgotten that it had been infected), and I had transferred files between the two machines frequently using USB drives, the laptop's own hard drive connected to my computer via USB, and a LAN cable bridging both machines directly. Oops.
Anyway, my own PC started crashing frequently not long after I started working on fixing up the laptop. It has never had an issue before and it's been at least a decade since I've had any lasting infection that I was aware of, and it seems almost impossible that this is a coincidence. I quickly realized that the laptop also had the same symptoms: at least 3 types of BSODs that are typically between 10 minutes and several hours apart. One is something like "CRITICAL STRUCTURE CORRUPTION," and another was "DRIVER IRQL NOT LESS OR EQUAL" and said that "kwwdapod.sys" had failed (a minute ago, I got the same error about "aswMBR.sys").
My working theory is that the infection originated from the laptop's hard drive before it was formatted, from some questionable software I downloaded to recover some corrupted files, or from something completely different. Regardless, it's quite an issue, and I've done lots of research, to no avail.
I decided to just focus on solving the issues on my desktop PC first, since the laptop is old and not as important. Malwarebytes found nothing after a full scan. Avast seems to be able to complete a "quick scan" but remains stuck at 0% for hours when I attempt to do a full system scan. I tried an Avast boot-time scan, which seemed to run fine, but does not detect anything. There is no way this is just a coincidence, though. The crashes surely come from either an infection or from inexplicably-corrupted system files.
I did a scan with tdsskiller and found a very suspicious driver that was hidden and had been created the same day I had started work on the laptop, called amdfx.sys. I understand the risks of deleting files like this, but I held my breath and decided to carefully remove it. I suspect this has helped somehow. I have otherwise tried to avoid touching any system files too much. I found several suspicious things with Pchunter and Gmer, which seem to be mostly gone now, but the BSODs persist - perhaps slightly less frequently, unless I'm imagining it. I noticed some odd behavior when I booted up the laptop that made me decide to do an MBR check on my desktop PC, which detected nonstandard code. I know that might have been normal, but I rewrote it to default using a Windows 10 installation disc and command prompt from the boot menu. I also tried using Avast's aswmbr.exe, but my PC instantly crashes when I click "Yes" when prompted if I wish to use Virtualization Technology for rootkit detection, which seems strange. Avast still will not do a full system scan after I boot, even after I reinstall Avast.
I'm not entirely sure what I'm looking for, but there is a definite problem of some sort. I've probably made some mistakes, but I've handled it as well as I could and I am running out of ideas. Any help would be incredibly appreciated!
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 30-11-2017
Ran by Isaac (administrator) on WINDOWS-M8GK56L (04-12-2017 16:19:20)
Running from C:\Users\42and_000\AppData\Local\Temp\scoped_dir7484_27194
Loaded Profiles: Isaac & Isaac 2 (Available Profiles: Isaac & Isaac 2)
Platform: Windows 10 Home Version 1703 15063.726 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Opera)
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
() C:\Program Files\CyberLink\Shared files\RichVideo64.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.9.604.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Opera Software) C:\Program Files\Opera\49.0.2725.47\opera.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Opera Software) C:\Program Files\Opera\49.0.2725.47\opera.exe
(Opera Software) C:\Program Files\Opera\49.0.2725.47\opera.exe
(Opera Software) C:\Program Files\Opera\49.0.2725.47\opera.exe
(Opera Software) C:\Program Files\Opera\49.0.2725.47\opera.exe
(Opera Software) C:\Program Files\Opera\49.0.2725.47\opera.exe
(Opera Software) C:\Program Files\Opera\49.0.2725.47\opera.exe
(Opera Software) C:\Program Files\Opera\49.0.2725.47\opera.exe
(Opera Software) C:\Program Files\Opera\49.0.2725.47\opera.exe
(Opera Software) C:\Program Files\Opera\49.0.2725.47\opera.exe
(Opera Software) C:\Program Files\Opera\49.0.2725.47\opera.exe
(Opera Software) C:\Program Files\Opera\49.0.2725.47\opera.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Opera Software) C:\Program Files\Opera\49.0.2725.47\opera.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
(Opera Software) C:\Program Files\Opera\49.0.2725.47\opera.exe
(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(Opera Software) C:\Program Files\Opera\49.0.2725.47\opera.exe
(Opera Software) C:\Program Files\Opera\49.0.2725.47\opera.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
(Opera Software) C:\Program Files\Opera\49.0.2725.47\opera.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [629152 2017-03-18] (Microsoft Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [499608 2011-03-15] (Adobe Systems Incorporated)
HKLM\...\Run: [ShadowPlay] => "C:\WINDOWS\system32\rundll32.exe" C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8512760 2015-08-03] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1411320 2015-08-03] (Realtek Semiconductor)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [253344 2017-12-04] (AVAST Software)
HKLM-x32\...\Run: [AdobeCS5.5ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe [1523360 2011-01-12] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [67896 2017-10-18] (Apple Inc.)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [3567928 2017-11-13] (Dropbox, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-09-05] (Oracle Corporation)
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
HKU\S-1-5-21-1114006664-966733769-2668947745-1002\...\Run: [Spotify Web Helper] => C:\Users\42and_000\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1446000 2017-06-23] (Spotify Ltd)
HKU\S-1-5-21-1114006664-966733769-2668947745-1002\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3074336 2017-09-27] (Valve Corporation)
HKU\S-1-5-21-1114006664-966733769-2668947745-1002\...\Policies\Explorer: [NoChangeStartMenu] 0
HKU\S-1-5-21-1114006664-966733769-2668947745-1002\...\Policies\Explorer: [NoLogOff] 0
HKU\S-1-5-21-1114006664-966733769-2668947745-1002\...\MountPoints2: E - "E:\autorun.exe"
HKU\S-1-5-21-1114006664-966733769-2668947745-1002\...\MountPoints2: {1e06d39f-81ed-11e7-bfd8-90b11ca5fa1f} - "E:\VerizonWirelessUpgradeAssistantSetup.exe" -a
HKU\S-1-5-21-1114006664-966733769-2668947745-1002\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\HYPERS~1.SCR [584192 2016-03-31] ()
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{9177fad2-2d39-40d0-aefa-16854a4a7493}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{9177fad2-2d39-40d0-aefa-16854a4a7493}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{af18d3d6-716d-4035-82c0-5ed5110bec8b}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{f4bfffaa-cccc-4a70-a334-d8de9f4beb5e}: [DhcpNameServer] 209.222.18.222 209.222.18.218
Internet Explorer:
==================
HKU\S-1-5-21-1114006664-966733769-2668947745-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.dell.com
HKU\S-1-5-21-1114006664-966733769-2668947745-1059\Software\Microsoft\Internet Explorer\Main,Start Page = www.dell.com
HKU\S-1-5-21-1114006664-966733769-2668947745-1059\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.dell.com
BHO: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_121\bin\ssv.dll [2017-02-01] (Oracle Corporation)
BHO: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_121\bin\jp2ssv.dll [2017-02-01] (Oracle Corporation)
BHO: avast! Ad Blocker -> {FFCB3198-32F3-4E8B-9539-4324694ED663} -> C:\Program Files (x86)\AVAST Software\avast! Ad Blocker IE\Adblocker64.dll [2013-02-18] (AVAST Software)
BHO-x32: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_151\bin\ssv.dll [2017-12-02] (Oracle Corporation)
BHO-x32: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_151\bin\jp2ssv.dll [2017-12-02] (Oracle Corporation)
BHO-x32: avast! Ad Blocker -> {FFCB3198-32F3-4E8B-9539-4324694ED663} -> C:\Program Files (x86)\AVAST Software\avast! Ad Blocker IE\Adblocker32.dll [2013-02-18] (AVAST Software)
Toolbar: HKLM - No Name - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File
DPF: HKLM-x32 {5AE58FCF-6F6A-49B2-B064-02492C66E3F4} hxxp://catalog.update.microsoft.com/v7/site/ClientControl/en/x86/MuCatalogWebControl.cab?1466051146976
FireFox:
========
FF ProfilePath: C:\Users\42and_000\AppData\Roaming\Mozilla\Firefox\Profiles\nlev5rvz.default [2017-12-04]
FF Homepage: Mozilla\Firefox\Profiles\nlev5rvz.default -> hxxp://www.yahoo.com/
FF Extension: (Classic Theme Restorer) - C:\Users\42and_000\AppData\Roaming\Mozilla\Firefox\Profiles\nlev5rvz.default\Extensions\
[email protected] [2017-10-21] [Lagacy]
FF Extension: (Cookie AutoDelete) - C:\Users\42and_000\AppData\Roaming\Mozilla\Firefox\Profiles\nlev5rvz.default\Extensions\
[email protected] [2017-10-21]
FF Extension: (1-Click Dailymotion Video Downloader) - C:\Users\42and_000\AppData\Roaming\Mozilla\Firefox\Profiles\nlev5rvz.default\Extensions\
[email protected] [2016-04-27] [Lagacy]
FF Extension: (YouTube Video and Audio Downloader) - C:\Users\42and_000\AppData\Roaming\Mozilla\Firefox\Profiles\nlev5rvz.default\Extensions\
[email protected] [2017-05-20] [Lagacy]
FF Extension: (Ghostery) - C:\Users\42and_000\AppData\Roaming\Mozilla\Firefox\Profiles\nlev5rvz.default\Extensions\
[email protected] [2017-09-01]
FF Extension: (Self-Destructing Cookies) - C:\Users\42and_000\AppData\Roaming\Mozilla\Firefox\Profiles\nlev5rvz.default\Extensions\
[email protected] [2017-03-25] [Lagacy]
FF Extension: (Ratings Preview for YouTube™) - C:\Users\42and_000\AppData\Roaming\Mozilla\Firefox\Profiles\nlev5rvz.default\Extensions\
[email protected] [2017-10-21]
FF Extension: (Private Tab) - C:\Users\42and_000\AppData\Roaming\Mozilla\Firefox\Profiles\nlev5rvz.default\Extensions\
[email protected] [2017-05-28] [Lagacy]
FF Extension: (SkipScreen) - C:\Users\42and_000\AppData\Roaming\Mozilla\Firefox\Profiles\nlev5rvz.default\Extensions\
[email protected] [2016-04-27] [Lagacy]
FF Extension: (Avast SafePrice) - C:\Users\42and_000\AppData\Roaming\Mozilla\Firefox\Profiles\nlev5rvz.default\Extensions\
[email protected] [2017-12-04]
FF Extension: (uBlock Origin) - C:\Users\42and_000\AppData\Roaming\Mozilla\Firefox\Profiles\nlev5rvz.default\Extensions\
[email protected] [2017-10-21]
FF Extension: (Avast Online Security) - C:\Users\42and_000\AppData\Roaming\Mozilla\Firefox\Profiles\nlev5rvz.default\Extensions\
[email protected] [2017-12-04]
FF Extension: (YouTube Auto Replay) - C:\Users\42and_000\AppData\Roaming\Mozilla\Firefox\Profiles\nlev5rvz.default\Extensions\
[email protected] [2016-04-27] [Lagacy]
FF Extension: (1-Click YouTube Video Downloader) - C:\Users\42and_000\AppData\Roaming\Mozilla\Firefox\Profiles\nlev5rvz.default\Extensions\
[email protected] [2017-10-21] [Lagacy]
FF Extension: (TV-Fox) - C:\Users\42and_000\AppData\Roaming\Mozilla\Firefox\Profiles\nlev5rvz.default\Extensions\{2f17f610-5e97-4fed-828f-9940b7b577a4} [2016-07-25] [Lagacy]
FF Extension: (FT DeepDark) - C:\Users\42and_000\AppData\Roaming\Mozilla\Firefox\Profiles\nlev5rvz.default\Extensions\{77d2ed30-4cd2-11e0-b8af-0800200c9a66} [2017-10-21] [Lagacy]
FF Extension: (All-in-One Gestures) - C:\Users\42and_000\AppData\Roaming\Mozilla\Firefox\Profiles\nlev5rvz.default\Extensions\{8b86149f-01fb-4842-9dd8-4d7eb02fd055} [2016-04-26] [Lagacy]
FF Extension: (Video DownloadHelper) - C:\Users\42and_000\AppData\Roaming\Mozilla\Firefox\Profiles\nlev5rvz.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2017-10-21] [Lagacy]
FF SearchPlugin: C:\Users\42and_000\AppData\Roaming\Mozilla\Firefox\Profiles\nlev5rvz.default\searchplugins\startpage-ssl.xml [2014-08-07]
FF SearchPlugin: C:\Users\42and_000\AppData\Roaming\Mozilla\Firefox\Profiles\nlev5rvz.default\searchplugins\youtube-video-search.xml [2015-01-19]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_27_0_0_187.dll [2017-11-15] ()
FF Plugin: @java.com/DTPlugin,version=11.121.2 -> C:\Program Files\Java\jre1.8.0_121\bin\dtplugin\npDeployJava1.dll [2017-02-01] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.121.2 -> C:\Program Files\Java\jre1.8.0_121\bin\plugin2\npjp2.dll [2017-02-01] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin: @unity3d.com/UnityPlayer64,version=1.0 -> C:\Program Files\Unity\WebPlayer64\loader-x64\npUnity3D64.dll [2015-06-08] (Unity Technologies ApS)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_27_0_0_187.dll [2017-11-15] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.151.2 -> C:\Program Files (x86)\Java\jre1.8.0_151\bin\dtplugin\npDeployJava1.dll [2017-12-02] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.151.2 -> C:\Program Files (x86)\Java\jre1.8.0_151\bin\plugin2\npjp2.dll [2017-12-02] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-09-12] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2017-10-27] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2017-10-27] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-13] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-13] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.7 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin HKU\S-1-5-21-1114006664-966733769-2668947745-1002: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\42and_000\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-07-16] (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-1114006664-966733769-2668947745-1002: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2012-10-17] (Ubisoft)
StartMenuInternet: FIREFOX.EXE - C:\Users\42and_000\Desktop\Firefox\firefox.exe
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\42and_000\AppData\Local\Google\Chrome\User Data\Default [2017-12-01]
CHR Extension: (Google Drive) - C:\Users\42and_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-11-11]
CHR Extension: (YouTube) - C:\Users\42and_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-10]
CHR Extension: (Google Search) - C:\Users\42and_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-11]
CHR Extension: (Video Downloader professional) - C:\Users\42and_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\elicpjhcidhpjomhibiffojpinpmmpil [2017-10-07]
CHR Extension: (Google Docs Offline) - C:\Users\42and_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-17]
CHR Extension: (Avast Online Security) - C:\Users\42and_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2017-07-16]
CHR Extension: (Video Downloader Pro) - C:\Users\42and_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\ilppkoakomgpcblpemgbloapenijdcho [2017-06-17]
CHR Extension: (Chrome Web Store Payments) - C:\Users\42and_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-10-07]
CHR Extension: (Adblock Pro) - C:\Users\42and_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\ocifcklkibdehekfnmflempfgjhbedch [2016-05-25]
CHR Extension: (Gmail) - C:\Users\42and_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-09]
CHR Extension: (Chrome Media Router) - C:\Users\42and_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-10-07]
CHR HKLM-x32\...\Chrome\Extension: [fplhdcjmbpfkejbhngmlngaecbjmoimd] - C:\Program Files\AVAST Software\Avast\AdBlocker\Chrome\avast-adblocker-chrome.crx <not found>
Opera:
=======
OPR Extension: (Flash Master) - C:\Users\42and_000\AppData\Roaming\Opera Software\Opera Stable\Extensions\cacfnookefkldifaigjdedpophfjkjeh [2017-10-21]
OPR Extension: (Ratings Preview for YouTube™) - C:\Users\42and_000\AppData\Roaming\Opera Software\Opera Stable\Extensions\cgbhdenfmgbagncdmgbholejjpmmiank [2017-10-20]
OPR Extension: (Bookmark Lock) - C:\Users\42and_000\AppData\Roaming\Opera Software\Opera Stable\Extensions\comgdpdblghhphamnlfjdmcpfekanbke [2017-10-28]
OPR Extension: (Extension source viewer) - C:\Users\42and_000\AppData\Roaming\Opera Software\Opera Stable\Extensions\ddlapbbeiljnagpkdmfegipfkeebgmnm [2017-11-23]
OPR Extension: (Vanilla Cookie Manager) - C:\Users\42and_000\AppData\Roaming\Opera Software\Opera Stable\Extensions\gieohaicffldbmiilohhggbidhephnjj [2017-10-10]
OPR Extension: (Avast Online Security) - C:\Users\42and_000\AppData\Roaming\Opera Software\Opera Stable\Extensions\gomekmidlodglbbmalcneegieacbdmki [2017-10-10]
OPR Extension: (Private Video Downloader) - C:\Users\42and_000\AppData\Roaming\Opera Software\Opera Stable\Extensions\ijeobnknkapadljpcbamidbdoankakaa [2017-11-23]
OPR Extension: (Download Chrome Extension) - C:\Users\42and_000\AppData\Roaming\Opera Software\Opera Stable\Extensions\kipjbhgniklcnglfaldilecjomjaddfi [2017-12-01]
OPR Extension: (Video Downloader professional) - C:\Users\42and_000\AppData\Roaming\Opera Software\Opera Stable\Extensions\kmdldgcmokdpmacblnehppgkjphcbpnn [2017-11-23]
OPR Extension: (Video DownloadHelper) - C:\Users\42and_000\AppData\Roaming\Opera Software\Opera Stable\Extensions\lmjnegcaeklhafolokijcfjliaokphfk [2017-10-10]
OPR Extension: (Ghostery) - C:\Users\42and_000\AppData\Roaming\Opera Software\Opera Stable\Extensions\mlomiejdfkolichcflejclcbmpeaniij [2017-12-01]
OPR Extension: (Stormcrow) - C:\Users\42and_000\AppData\Roaming\Opera Software\Opera Stable\Extensions\ofhehnfmgbgnkjaojifkmebjjgffjaeh [2017-11-13]
OPR Extension: (FastestTube - YouTube Video Downloader) - C:\Users\42and_000\AppData\Roaming\Opera Software\Opera Stable\Extensions\phahnhbgfdhgobenebnjbgmacgpbfaag [2017-12-01]
StartMenuInternet: (HKLM) Operabeta - C:\Program Files\Opera beta\Launcher.exe
StartMenuInternet: (HKLM) Operadeveloper - C:\Program Files\Opera developer\Launcher.exe
StartMenuInternet: (HKLM) OperaStable - C:\Program Files\Opera\Launcher.exe
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDevice.exe [55336 2015-07-03] ()
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2017-10-11] (Apple Inc.)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7549928 2017-12-04] (AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [281416 2017-12-04] (AVAST Software)
S3 BRSptStub; C:\ProgramData\BitRaider\BRSptStub.exe [363208 2017-05-09] (BitRaider, LLC)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-04] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-04] (Dropbox, Inc.)
R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [51016 2017-11-13] (Dropbox, Inc.)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-03] (Macrovision Corporation) [File not signed]
S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6058960 2017-08-07] (Malwarebytes)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [512960 2017-09-19] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [512960 2017-09-19] (NVIDIA Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [462968 2017-10-27] (NVIDIA Corporation)
R2 NvTelemetryContainer; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [449984 2017-09-19] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2120032 2017-10-04] (Electronic Arts)
S2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3000168 2017-10-04] (Electronic Arts)
S3 PRMonitorService; C:\Program Files (x86)\Personal Renamer\PRService1.exe [58368 2010-11-25] (VC) [File not signed]
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [390672 2012-09-11] ()
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [312056 2015-08-03] (Realtek Semiconductor)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5702416 2015-09-11] (TeamViewer GmbH)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [342264 2017-03-18] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [102816 2017-06-20] (Microsoft Corporation)
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 amdkmpfd; C:\WINDOWS\System32\drivers\amdkmpfd.sys [36520 2012-09-13] (Advanced Micro Devices, Inc.)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [183584 2017-12-04] (AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdrivera.sys [321032 2017-12-04] (AVAST Software s.r.o.)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsha.sys [198968 2017-12-04] (AVAST Software s.r.o.)
R0 aswblog; C:\WINDOWS\System32\drivers\aswbloga.sys [343288 2017-12-04] (AVAST Software s.r.o.)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniva.sys [57728 2017-12-04] (AVAST Software s.r.o.)
S3 aswHwid; C:\WINDOWS\System32\drivers\aswHwid.sys [47008 2017-12-04] (AVAST Software)
R2 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [148288 2017-12-04] (AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [110376 2017-12-04] (AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [84416 2017-12-04] (AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [1026232 2017-12-04] (AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [455376 2017-12-04] (AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [203976 2017-12-04] (AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [364464 2017-12-04] (AVAST Software)
R3 axscsibus; C:\WINDOWS\System32\drivers\axscsibus.sys [30352 2016-11-15] (Alcohol Soft Development Team)
S3 Hamachi; C:\WINDOWS\system32\DRIVERS\Hamdrv.sys [46136 2013-07-03] (LogMeIn Inc.)
S3 lehidmini; C:\WINDOWS\System32\drivers\leath_hid.sys [39704 2012-07-02] (Atheros)
S3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [252232 2017-12-03] (Malwarebytes)
R1 mrxsmb22; C:\WINDOWS\System32\drivers\mrxsmb22.sys [56824 2017-12-01] (Windows ® Win 7 DDK provider) [File not signed]
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_ref_pubwu.inf_amd64_2e7fa54192fe16d0\nvlddmkm.sys [16936048 2017-11-09] (NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30144 2017-09-19] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [48064 2017-08-17] (NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [57792 2017-09-19] (NVIDIA Corporation)
S3 qca_shb; C:\WINDOWS\System32\drivers\qca_shb.sys [99328 2012-07-02] (Qualcomm Atheros Communications Inc.) [File not signed]
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [604160 2017-03-18] (Realtek )
S3 SDFRd; C:\WINDOWS\System32\drivers\SDFRd.sys [31128 2017-03-18] ()
R3 VBoxNetAdp; C:\WINDOWS\system32\DRIVERS\VBoxNetAdp6.sys [196040 2017-09-13] (Oracle Corporation)
R1 VBoxNetLwf; C:\WINDOWS\system32\DRIVERS\VBoxNetLwf.sys [206976 2017-09-13] (Oracle Corporation)
S3 VBoxUSB; C:\WINDOWS\System32\Drivers\VBoxUSB.sys [138432 2017-09-13] (Oracle Corporation)
S3 vjoy; C:\WINDOWS\System32\drivers\vjoy.sys [45168 2014-03-06] (Shaul Eizikovich)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44632 2017-03-18] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [294816 2017-03-18] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [121248 2017-03-18] (Microsoft Corporation)
S3 YMIDUSBW; C:\WINDOWS\system32\drivers\ymidusbx64.sys [51016 2011-11-01] (Yamaha Corporation)
S3 BRDriver64_1_3_3_E02B25FC; \??\C:\ProgramData\BitRaider\support\1.3.3\E02B25FC\BRDriver64.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-12-04 16:19 - 2017-12-04 16:19 - 000000000 ____D C:\FRST
2017-12-04 16:18 - 2017-12-04 16:18 - 002391552 _____ (Farbar) C:\Users\42and_000\Desktop\FRST64.exe
2017-12-04 16:09 - 2017-12-04 16:10 - 000578892 _____ C:\WINDOWS\Minidump\120417-34250-01.dmp
2017-12-04 12:11 - 2017-12-04 12:11 - 000000000 ____D C:\ProgramData\SWCUTemp
2017-12-04 02:22 - 2017-12-04 16:19 - 000004268 _____ C:\WINDOWS\System32\Tasks\Avast Emergency Update
2017-12-04 02:22 - 2017-12-04 02:22 - 000001981 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Free Antivirus.lnk
2017-12-04 02:22 - 2017-12-04 02:22 - 000001969 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2017-12-04 02:22 - 2017-12-04 02:22 - 000000000 ____D C:\Users\42and_000\AppData\Roaming\AVAST Software
2017-12-04 02:21 - 2017-12-04 02:22 - 000455376 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2017-12-04 02:21 - 2017-12-04 02:21 - 000365168 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2017-12-04 02:21 - 2017-12-04 02:21 - 000364464 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2017-12-04 02:21 - 2017-12-04 02:21 - 000203976 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2017-12-04 02:21 - 2017-12-04 02:21 - 000183584 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2017-12-04 02:21 - 2017-12-04 02:21 - 000148288 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2017-12-04 02:21 - 2017-12-04 02:21 - 000110376 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2017-12-04 02:21 - 2017-12-04 02:21 - 000084416 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2017-12-04 02:21 - 2017-12-04 02:21 - 000047008 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHwid.sys
2017-12-04 02:21 - 2017-12-04 02:20 - 001026232 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2017-12-04 02:21 - 2017-12-04 02:20 - 000343288 _____ (AVAST Software s.r.o.) C:\WINDOWS\system32\Drivers\aswbloga.sys
2017-12-04 02:21 - 2017-12-04 02:20 - 000321032 _____ (AVAST Software s.r.o.) C:\WINDOWS\system32\Drivers\aswbidsdrivera.sys
2017-12-04 02:21 - 2017-12-04 02:20 - 000198968 _____ (AVAST Software s.r.o.) C:\WINDOWS\system32\Drivers\aswbidsha.sys
2017-12-04 02:21 - 2017-12-04 02:20 - 000057728 _____ (AVAST Software s.r.o.) C:\WINDOWS\system32\Drivers\aswbuniva.sys
2017-12-04 02:20 - 2017-12-04 02:20 - 000000000 ____D C:\Program Files\AVAST Software
2017-12-04 02:17 - 2017-12-04 02:19 - 000017060 _____ C:\Users\42and_000\Desktop\MBRCheck_12.04.17_02.17.44.txt
2017-12-04 01:56 - 2017-12-04 01:57 - 000000000 ____D C:\Users\42and_000\Desktop\Recovery Essentials
2017-12-04 01:33 - 2017-12-04 01:34 - 000016836 _____ C:\Users\42and_000\Desktop\MBRCheck_12.04.17_01.33.24.txt
2017-12-04 01:31 - 2017-12-04 01:32 - 000596124 _____ C:\WINDOWS\Minidump\120417-36515-01.dmp
2017-12-04 01:29 - 2017-12-04 01:29 - 000561196 _____ C:\WINDOWS\Minidump\120417-36218-01.dmp
2017-12-04 01:26 - 2017-12-04 01:27 - 000091260 _____ C:\TDSSKiller.3.1.0.15_04.12.2017_01.26.30_log.txt
2017-12-04 01:23 - 2017-12-04 01:25 - 000098576 _____ C:\TDSSKiller.3.1.0.15_04.12.2017_01.23.39_log.txt
2017-12-04 01:17 - 2017-12-04 01:24 - 000000000 ____D C:\TDSSKiller_Quarantine
2017-12-04 01:14 - 2017-12-04 01:23 - 000150858 _____ C:\TDSSKiller.3.1.0.15_04.12.2017_01.14.12_log.txt
2017-12-04 01:13 - 2017-12-04 01:14 - 004922400 _____ (AO Kaspersky Lab) C:\Users\42and_000\Desktop\tdsskiller.exe
2017-12-04 00:56 - 2017-12-04 02:32 - 000000000 ____D C:\Users\42and_000\Desktop\PCHunter_free
2017-12-04 00:55 - 2017-12-04 00:55 - 005908597 _____ C:\Users\42and_000\Desktop\PCHunter_free.zip
2017-12-04 00:36 - 2017-12-04 00:37 - 000554740 _____ C:\WINDOWS\Minidump\120417-30734-01.dmp
2017-12-03 23:41 - 2017-12-03 23:41 - 000380928 _____ C:\Users\42and_000\Desktop\f9lpic3r.exe
2017-12-03 23:33 - 2017-12-04 00:34 - 000192952 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2017-12-03 23:33 - 2017-12-04 00:29 - 000000000 ____D C:\Users\42and_000\Desktop\mbar
2017-12-03 23:33 - 2017-12-04 00:29 - 000000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2017-12-03 23:33 - 2017-12-03 23:33 - 014178840 _____ (Malwarebytes Corp.) C:\Users\42and_000\Desktop\mbar-1.10.3.1001.exe
2017-12-03 23:33 - 2017-12-03 23:33 - 000255928 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\56412493.sys
2017-12-03 23:25 - 2017-12-03 23:25 - 000533908 _____ C:\WINDOWS\Minidump\120317-30000-01.dmp
2017-12-03 23:22 - 2017-12-03 23:23 - 000546964 _____ C:\WINDOWS\Minidump\120317-28828-01.dmp
2017-12-03 23:21 - 2017-12-03 23:21 - 005200384 _____ (AVAST Software) C:\Users\42and_000\Desktop\aswmbr.exe
2017-12-03 23:16 - 2017-12-03 23:18 - 000019086 _____ C:\Users\42and_000\Desktop\MBRCheck_12.03.17_23.16.47.txt
2017-12-03 23:16 - 2017-12-03 23:16 - 000080384 _____ C:\Users\42and_000\Desktop\MBRCheck.exe
2017-12-03 22:24 - 2017-12-03 22:25 - 000000000 ____D C:\Users\42and_000\Desktop\Windows_7_Loader
2017-12-03 22:24 - 2017-12-03 22:24 - 002883863 _____ C:\Users\42and_000\Desktop\Windows_7_Loader.zip
2017-12-03 21:58 - 2017-12-03 21:58 - 000463500 _____ C:\WINDOWS\Minidump\120317-32484-01.dmp
2017-12-03 18:53 - 2017-12-03 18:54 - 000455836 _____ C:\WINDOWS\Minidump\120317-30703-01.dmp
2017-12-03 17:54 - 2017-12-03 17:54 - 000471076 _____ C:\WINDOWS\Minidump\120317-30203-01.dmp
2017-12-03 16:41 - 2017-12-03 16:41 - 000463972 _____ C:\WINDOWS\Minidump\120317-29968-01.dmp
2017-12-03 15:34 - 2017-12-03 15:39 - 000000000 ____D C:\Users\42and_000\Desktop\sw revisited ntsc dvd-5
2017-12-03 15:23 - 2017-12-03 15:30 - 147235103 _____ C:\Users\42and_000\Desktop\sw revisited ntsc dvd-5.zip
2017-12-03 09:19 - 2017-12-03 09:19 - 000450444 _____ C:\WINDOWS\Minidump\120317-30250-01.dmp
2017-12-03 08:34 - 2017-12-03 08:35 - 000462700 _____ C:\WINDOWS\Minidump\120317-36453-01.dmp
2017-12-03 01:55 - 2017-12-03 01:55 - 000005095 _____ C:\Users\42and_000\Desktop\download.jfif
2017-12-03 00:48 - 2017-12-03 00:48 - 000000165 ____H C:\Users\42and_000\Desktop\~$Twelve Monkeys.pptx
2017-12-03 00:47 - 2017-12-03 00:47 - 000463540 _____ C:\WINDOWS\Minidump\120317-27203-01.dmp
2017-12-02 22:42 - 2017-12-02 22:43 - 000458276 _____ C:\WINDOWS\Minidump\120217-34515-01.dmp
2017-12-02 22:40 - 2017-12-02 22:40 - 000460252 _____ C:\WINDOWS\Minidump\120217-27421-01.dmp
2017-12-02 22:07 - 2017-12-02 22:07 - 000456428 _____ C:\WINDOWS\Minidump\120217-27437-01.dmp
2017-12-02 21:32 - 2017-12-02 21:32 - 000450084 _____ C:\WINDOWS\Minidump\120217-28078-01.dmp
2017-12-02 21:25 - 2017-12-02 21:25 - 000002664 _____ C:\Users\42and_000\Desktop\Windows 7 USB DVD Download Tool.lnk
2017-12-02 21:25 - 2017-12-02 21:25 - 000000000 ____D C:\Users\42and_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows 7 USB DVD Download Tool
2017-12-02 21:25 - 2017-12-02 21:25 - 000000000 ____D C:\Users\42and_000\AppData\Local\Apps\Windows 7 USB DVD Download Tool
2017-12-02 21:24 - 2017-12-02 21:24 - 002721168 _____ (Microsoft Corporation) C:\Users\42and_000\Desktop\Windows7-USB-DVD-Download-Tool-Installer-en-US.exe
2017-12-02 19:53 - 2017-12-02 19:54 - 000459644 _____ C:\WINDOWS\Minidump\120217-29953-01.dmp
2017-12-02 18:17 - 2017-12-02 18:17 - 000443412 _____ C:\WINDOWS\Minidump\120217-28609-01.dmp
2017-12-02 15:15 - 2017-12-02 15:15 - 000441372 _____ C:\WINDOWS\Minidump\120217-29781-01.dmp
2017-12-02 13:41 - 2017-12-02 13:41 - 000460092 _____ C:\WINDOWS\Minidump\120217-37750-01.dmp
2017-12-02 13:22 - 2017-12-02 13:22 - 000459700 _____ C:\WINDOWS\Minidump\120217-118609-01.dmp
2017-12-02 12:32 - 2017-12-02 12:33 - 000460244 _____ C:\WINDOWS\Minidump\120217-33171-01.dmp
2017-12-02 10:42 - 2017-12-02 10:42 - 000477252 _____ C:\WINDOWS\Minidump\120217-26640-01.dmp
2017-12-02 09:28 - 2017-12-02 09:28 - 000459428 _____ C:\WINDOWS\Minidump\120217-27843-01.dmp
2017-12-02 07:39 - 2017-12-02 07:39 - 000453460 _____ C:\WINDOWS\Minidump\120217-45359-01.dmp
2017-12-02 07:03 - 2017-12-02 07:04 - 000464900 _____ C:\WINDOWS\Minidump\120217-28687-01.dmp
2017-12-02 05:11 - 2017-12-02 05:11 - 000000000 ___HD C:\$SysReset
2017-12-02 02:54 - 2017-12-02 02:55 - 000474276 _____ C:\WINDOWS\Minidump\120217-58578-01.dmp
2017-12-02 01:57 - 2017-12-02 01:57 - 000462028 _____ C:\WINDOWS\Minidump\120217-37625-01.dmp
2017-12-02 01:40 - 2017-12-02 01:40 - 244431952 _____ (AVAST Software) C:\Users\42and_000\Desktop\avast_free_antivirus_setup_offline.exe
2017-12-02 01:21 - 2017-12-02 01:22 - 000466012 _____ C:\WINDOWS\Minidump\120217-40578-01.dmp
2017-12-02 01:20 - 2017-12-02 01:20 - 000000000 ____D C:\Program Files\iTunes
2017-12-02 01:16 - 2017-12-02 01:16 - 000000000 ____D C:\WINDOWS\System32\Tasks\Apple
2017-12-02 00:33 - 2017-12-02 00:33 - 000468876 _____ C:\WINDOWS\Minidump\120217-28015-01.dmp
2017-12-01 23:05 - 2017-12-01 23:06 - 000000000 ____D C:\Users\42and_000\Desktop\twelve-monkeys-12-monkeys_english-1069349
2017-12-01 23:05 - 2017-12-01 23:05 - 000055268 _____ C:\Users\42and_000\Desktop\twelve-monkeys-12-monkeys_english-1069349.zip
2017-12-01 22:56 - 2017-12-01 22:56 - 000458300 _____ C:\WINDOWS\Minidump\120117-28078-02.dmp
2017-12-01 21:47 - 2017-12-01 21:48 - 000455508 _____ C:\WINDOWS\Minidump\120117-28062-01.dmp
2017-12-01 19:20 - 2017-12-04 16:09 - 1032995867 _____ C:\WINDOWS\MEMORY.DMP
2017-12-01 19:20 - 2017-12-01 19:22 - 000465244 _____ C:\WINDOWS\Minidump\120117-30390-01.dmp
2017-12-01 19:16 - 2017-12-02 01:35 - 000000000 ____D C:\Users\42and_000\Documents\CCleanerBackup
2017-12-01 17:51 - 2017-12-01 17:51 - 000000000 ____D C:\Users\42and_000\Desktop\twelve-monkeys-12-monkeys_english-1593661
2017-12-01 17:48 - 2017-12-01 17:48 - 000053731 _____ C:\Users\42and_000\Desktop\twelve-monkeys-12-monkeys_english-1593661.zip
2017-12-01 17:20 - 2017-12-04 00:37 - 003484072 _____ C:\WINDOWS\KeyHook64.dll
2017-12-01 16:04 - 2017-12-01 16:05 - 000000000 ____D C:\Users\42and_000\Desktop\DVD Files
2017-12-01 14:45 - 2017-12-01 14:45 - 000056824 ____H (Windows ® Win 7 DDK provider) C:\WINDOWS\system32\Drivers\mrxsmb22.sys
2017-12-01 11:18 - 2017-12-01 11:19 - 000000229 _____ C:\Users\42and_000\Documents\License1.reg
2017-12-01 11:17 - 2017-12-01 11:17 - 000000430 _____ C:\Users\42and_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\File Scavenger 3.2.lnk
2017-12-01 00:18 - 2017-12-03 02:14 - 000330704 _____ C:\Users\42and_000\Desktop\Twelve Monkeys.pptx
2017-11-30 00:38 - 2017-12-03 22:03 - 000000000 ____D C:\Users\42and_000\Desktop\New folder
2017-11-28 22:20 - 2017-12-01 16:05 - 000000000 ____D C:\Users\42and_000\Desktop\Song
2017-11-28 07:39 - 2017-11-28 07:39 - 000000000 ____D C:\Users\42and_000\Documents\MyHeritage
2017-11-28 07:39 - 2017-11-28 07:39 - 000000000 ____D C:\Users\42and_000\AppData\Roaming\MyHeritage
2017-11-28 07:39 - 2017-11-28 07:39 - 000000000 ____D C:\ProgramData\MyHeritage
2017-11-28 00:58 - 2017-11-28 01:51 - 000000000 ____D C:\Users\42and_000\AppData\Roaming\ImgBurn
2017-11-28 00:03 - 2017-11-28 01:14 - 000000000 ____D C:\Users\42and_000\Desktop\PS1
2017-11-27 22:16 - 2017-11-27 22:39 - 000000000 ____D C:\Users\42and_000\Desktop\PS2
2017-11-27 21:00 - 2017-11-27 21:00 - 000000000 ____D C:\Program Files (x86)\MSECache
2017-11-24 14:50 - 2017-11-24 14:50 - 000000000 ____D C:\Users\42and_000\AppData\Local\Fallout3
2017-11-23 22:04 - 2017-11-23 22:04 - 000000000 ____D C:\WINDOWS\LastGood.Tmp
2017-11-23 20:26 - 2017-11-23 20:26 - 000000000 ____D C:\Users\42and_000\Documents\Audacity
2017-11-23 20:10 - 2017-11-23 22:29 - 000001350 _____ C:\Users\42and_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\audacity.lnk
2017-11-23 19:53 - 2017-11-23 19:53 - 004979346 _____ C:\Users\42and_000\Desktop\Milky Chance - Stolen Dance (Album Version).m4a
2017-11-18 16:37 - 2017-11-18 16:37 - 000000000 ____D C:\Users\42and_000\Desktop\PRG007
2017-11-18 16:30 - 2017-11-18 16:34 - 000000000 ____D C:\Users\42and_000\Desktop\PRG006
2017-11-17 18:42 - 2017-11-17 18:42 - 000000000 ____D C:\Program Files (x86)\VulkanRT
2017-11-17 18:42 - 2017-10-27 10:06 - 000136312 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvStreaming.exe
2017-11-17 18:42 - 2017-09-13 17:20 - 000798008 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2017-11-17 18:42 - 2017-09-13 17:20 - 000490296 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2017-11-17 18:42 - 2017-09-13 17:19 - 000927544 _____ C:\WINDOWS\system32\vulkan-1.dll
2017-11-17 18:42 - 2017-09-13 17:19 - 000591160 _____ C:\WINDOWS\system32\vulkaninfo.exe
2017-11-15 16:09 - 2017-11-15 16:09 - 000000000 ____D C:\Users\42and_000\AppData\LocalLow\YandereDev
2017-11-15 15:04 - 2017-11-15 15:04 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2017-11-14 15:29 - 2017-11-01 23:04 - 001292360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2017-11-14 15:29 - 2017-11-01 22:45 - 000703056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2017-11-14 15:29 - 2017-11-01 22:44 - 005808640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2017-11-14 15:29 - 2017-11-01 22:43 - 020372896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2017-11-14 15:29 - 2017-11-01 22:30 - 002953216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2017-11-14 15:29 - 2017-11-01 22:30 - 000407040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werui.dll
2017-11-14 15:29 - 2017-11-01 22:30 - 000155136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWWIN.EXE
2017-11-14 15:29 - 2017-11-01 22:27 - 000080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2017-11-14 15:29 - 2017-11-01 22:27 - 000079872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2017-11-14 15:29 - 2017-11-01 22:27 - 000049152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertPKICmdlet.dll
2017-11-14 15:29 - 2017-11-01 22:26 - 002671616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2017-11-14 15:29 - 2017-11-01 22:25 - 000370688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FirewallAPI.dll
2017-11-14 15:29 - 2017-11-01 22:25 - 000364544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2017-11-14 15:29 - 2017-11-01 22:25 - 000339968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2017-11-14 15:29 - 2017-11-01 22:24 - 007598080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2017-11-14 15:29 - 2017-11-01 22:24 - 000506368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2017-11-14 15:29 - 2017-11-01 22:24 - 000463872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\efswrt.dll
2017-11-14 15:29 - 2017-11-01 22:24 - 000444928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.System.Launcher.dll
2017-11-14 15:29 - 2017-11-01 22:24 - 000358400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2017-11-14 15:29 - 2017-11-01 22:23 - 000590336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PCPKsp.dll
2017-11-14 15:29 - 2017-11-01 22:23 - 000476160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dsreg.dll
2017-11-14 15:29 - 2017-11-01 22:22 - 006254080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2017-11-14 15:29 - 2017-11-01 22:22 - 002859520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2017-11-14 15:29 - 2017-11-01 22:22 - 002009600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2017-11-14 15:29 - 2017-11-01 22:22 - 001884160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpdshext.dll
2017-11-14 15:29 - 2017-11-01 22:21 - 003653120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2017-11-14 15:29 - 2017-11-01 22:21 - 000787456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2017-11-14 15:29 - 2017-11-01 22:21 - 000658432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2017-11-14 15:29 - 2017-10-25 01:40 - 000339968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msexcl40.dll
2017-11-14 15:29 - 2017-10-15 09:03 - 006765728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2017-11-14 15:29 - 2017-10-15 08:51 - 000584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbonRes.dll
2017-11-14 15:29 - 2017-10-15 08:45 - 001248768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2017-11-14 15:29 - 2017-10-15 08:44 - 000636416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2017-11-14 15:29 - 2017-10-15 08:44 - 000050176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cldapi.dll
2017-11-14 15:29 - 2017-10-15 08:41 - 004559360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2017-11-14 15:29 - 2017-10-15 08:41 - 001019904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2017-11-14 15:29 - 2017-10-15 08:38 - 000089088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2017-11-14 15:28 - 2017-11-01 23:03 - 000223640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aepic.dll
2017-11-14 15:28 - 2017-11-01 22:49 - 001838848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2017-11-14 15:28 - 2017-11-01 22:45 - 000613136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2017-11-14 15:28 - 2017-11-01 22:45 - 000362144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll
2017-11-14 15:28 - 2017-11-01 22:45 - 000354360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
2017-11-14 15:28 - 2017-11-01 22:45 - 000283544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe
2017-11-14 15:28 - 2017-11-01 22:45 - 000172952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
2017-11-14 15:28 - 2017-11-01 22:45 - 000133896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFaultSecure.exe
2017-11-14 15:28 - 2017-11-01 22:44 - 000519680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2017-11-14 15:28 - 2017-11-01 22:31 - 020512256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2017-11-14 15:28 - 2017-11-01 22:29 - 019338240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2017-11-14 15:28 - 2017-11-01 22:28 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll
2017-11-14 15:28 - 2017-11-01 22:26 - 005963776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2017-11-14 15:28 - 2017-11-01 22:26 - 000371712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2017-11-14 15:28 - 2017-11-01 22:26 - 000068608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OnDemandConnRouteHelper.dll
2017-11-14 15:28 - 2017-11-01 22:25 - 012227072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2017-11-14 15:28 - 2017-11-01 22:25 - 011888128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2017-11-14 15:28 - 2017-11-01 22:23 - 000680960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.AccountsControl.dll
2017-11-14 15:28 - 2017-11-01 22:23 - 000664576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2017-11-14 15:28 - 2017-11-01 22:22 - 001494528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActiveSyncProvider.dll
2017-11-14 15:28 - 2017-11-01 22:21 - 004417024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2017-11-14 15:28 - 2017-10-15 09:09 - 002259760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2017-11-14 15:28 - 2017-10-15 09:01 - 000583160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2017-11-14 15:28 - 2017-10-15 08:49 - 000025088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\odbcconf.dll
2017-11-14 15:28 - 2017-10-15 08:45 - 001292288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVPXENC.dll
2017-11-14 15:28 - 2017-10-15 08:42 - 005225984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2017-11-14 15:28 - 2017-10-15 08:42 - 003667456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll
2017-11-14 15:25 - 2017-11-01 23:13 - 000095640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\stornvme.sys
2017-11-14 15:25 - 2017-11-01 22:35 - 000228352 _____ (Microsoft Corporation) C:\WINDOWS\system32\VPNv2CSP.dll
2017-11-14 15:25 - 2017-11-01 22:35 - 000128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2017-11-14 15:25 - 2017-11-01 22:30 - 000601088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.Launcher.dll
2017-11-14 15:25 - 2017-11-01 22:30 - 000229888 _____ (Microsoft Corporation) C:\WINDOWS\system32\SIHClient.exe
2017-11-14 15:25 - 2017-11-01 22:25 - 003377664 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2017-11-14 15:25 - 2017-11-01 22:25 - 000972288 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2017-11-14 15:24 - 2017-11-01 23:20 - 000469568 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64win.dll
2017-11-14 15:24 - 2017-11-01 23:13 - 001345600 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2017-11-14 15:24 - 2017-11-01 23:13 - 000546712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2017-11-14 15:24 - 2017-11-01 23:12 - 000714648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys
2017-11-14 15:24 - 2017-11-01 23:12 - 000026472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2017-11-14 15:24 - 2017-11-01 23:11 - 021353200 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2017-11-14 15:24 - 2017-11-01 23:10 - 006557520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2017-11-14 15:24 - 2017-11-01 23:05 - 000871408 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2017-11-14 15:24 - 2017-11-01 22:37 - 003668992 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2017-11-14 15:24 - 2017-11-01 22:37 - 000077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsqmcons.exe
2017-11-14 15:24 - 2017-11-01 22:36 - 000099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\utcutil.dll
2017-11-14 15:24 - 2017-11-01 22:35 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2017-11-14 15:24 - 2017-11-01 22:34 - 000438784 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedPCCSP.dll
2017-11-14 15:24 - 2017-11-01 22:34 - 000306176 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2017-11-14 15:24 - 2017-11-01 22:34 - 000168448 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2017-11-14 15:24 - 2017-11-01 22:34 - 000138240 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataUsageLiveTileTask.exe
2017-11-14 15:24 - 2017-11-01 22:34 - 000113152 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll
2017-11-14 15:24 - 2017-11-01 22:34 - 000110592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2017-11-14 15:24 - 2017-11-01 22:34 - 000095232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2017-11-14 15:24 - 2017-11-01 22:34 - 000033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuautoappupdate.dll
2017-11-14 15:24 - 2017-11-01 22:33 - 000324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataUsageHandlers.dll
2017-11-14 15:24 - 2017-11-01 22:33 - 000064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2017-11-14 15:24 - 2017-11-01 22:33 - 000061440 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertPKICmdlet.dll
2017-11-14 15:24 - 2017-11-01 22:32 - 008213504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2017-11-14 15:24 - 2017-11-01 22:32 - 000255488 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll
2017-11-14 15:24 - 2017-11-01 22:32 - 000125952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Storage.dll
2017-11-14 15:24 - 2017-11-01 22:31 - 000411648 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2017-11-14 15:24 - 2017-11-01 22:31 - 000153088 _____ (Microsoft Corporation) C:\WINDOWS\system32\RMapi.dll
2017-11-14 15:24 - 2017-11-01 22:30 - 000635392 _____ (Microsoft Corporation) C:\WINDOWS\system32\efswrt.dll
2017-11-14 15:24 - 2017-11-01 22:30 - 000165888 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2017-11-14 15:24 - 2017-11-01 22:29 - 000588800 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2017-11-14 15:24 - 2017-11-01 22:29 - 000415232 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2017-11-14 15:24 - 2017-11-01 22:28 - 000799744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2017-11-14 15:24 - 2017-11-01 22:27 - 000565248 _____ (Microsoft Corporation) C:\WINDOWS\system32\dsreg.dll
2017-11-14 15:24 - 2017-11-01 22:27 - 000537600 _____ (Microsoft Corporation) C:\WINDOWS\system32\ipnathlp.dll
2017-11-14 15:24 - 2017-11-01 22:26 - 008197120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2017-11-14 15:24 - 2017-11-01 22:26 - 004445696 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2017-11-14 15:24 - 2017-11-01 22:26 - 003060224 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2017-11-14 15:24 - 2017-11-01 22:26 - 001937408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpdshext.dll
2017-11-14 15:24 - 2017-11-01 22:26 - 000986624 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2017-11-14 15:24 - 2017-11-01 22:26 - 000755712 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2017-11-14 15:24 - 2017-11-01 22:25 - 004727808 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2017-11-14 15:24 - 2017-11-01 22:25 - 002052608 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2017-11-14 15:24 - 2017-11-01 22:25 - 000877568 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2017-11-14 15:24 - 2017-11-01 22:25 - 000684544 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2017-11-14 15:24 - 2017-11-01 22:23 - 002516480 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2017-11-14 15:24 - 2017-11-01 22:23 - 002449408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2017-11-14 15:24 - 2017-11-01 22:23 - 000407040 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2017-11-14 15:24 - 2017-10-15 08:55 - 007910960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2017-11-14 15:24 - 2017-10-15 08:49 - 000094616 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2017-11-14 15:24 - 2017-10-15 08:15 - 000584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll
2017-11-14 15:24 - 2017-10-15 08:09 - 001878016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2017-11-14 15:24 - 2017-10-15 08:09 - 000527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2017-11-14 15:24 - 2017-10-15 08:08 - 001260544 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe
2017-11-14 15:24 - 2017-10-15 08:07 - 000925696 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2017-11-14 15:24 - 2017-10-15 08:05 - 001293824 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2017-11-14 15:24 - 2017-10-15 08:04 - 005557760 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2017-11-14 15:24 - 2017-10-15 08:00 - 000061952 _____ (Microsoft Corporation) C:\WINDOWS\system32\vss_ps.dll
2017-11-14 15:23 - 2017-11-01 23:20 - 000484248 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcntel.dll
2017-11-14 15:23 - 2017-11-01 23:20 - 000034712 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2017-11-14 15:23 - 2017-11-01 23:16 - 008319384 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2017-11-14 15:23 - 2017-11-01 23:16 - 002398696 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2017-11-14 15:23 - 2017-11-01 23:16 - 002327448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2017-11-14 15:23 - 2017-11-01 23:15 - 001239448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2017-11-14 15:23 - 2017-11-01 23:13 - 005477088 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll
2017-11-14 15:23 - 2017-11-01 23:13 - 002443672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2017-11-14 15:23 - 2017-11-01 23:12 - 000727336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2017-11-14 15:23 - 2017-11-01 23:12 - 000643192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2017-11-14 15:23 - 2017-11-01 23:12 - 000412752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
2017-11-14 15:23 - 2017-11-01 23:12 - 000319384 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe
2017-11-14 15:23 - 2017-11-01 23:12 - 000144248 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFaultSecure.exe
2017-11-14 15:23 - 2017-11-01 23:12 - 000038808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Diskdump.sys
2017-11-14 15:23 - 2017-11-01 23:05 - 000187800 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2017-11-14 15:23 - 2017-11-01 22:44 - 023680000 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2017-11-14 15:23 - 2017-11-01 22:37 - 001278976 _____ (Microsoft Corporation) C:\WINDOWS\system32\werconcpl.dll
2017-11-14 15:23 - 2017-11-01 22:37 - 000465920 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll
2017-11-14 15:23 - 2017-11-01 22:37 - 000184320 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWWIN.EXE
2017-11-14 15:23 - 2017-11-01 22:36 - 000098816 _____ (Microsoft Corporation) C:\WINDOWS\system32\wercplsupport.dll
2017-11-14 15:23 - 2017-11-01 22:35 - 000025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Dumpstorport.sys
2017-11-14 15:23 - 2017-11-01 22:35 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
2017-11-14 15:23 - 2017-11-01 22:34 - 012803072 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2017-11-14 15:23 - 2017-11-01 22:33 - 000090112 _____ (Microsoft Corporation) C:\WINDOWS\system32\OnDemandConnRouteHelper.dll
2017-11-14 15:23 - 2017-11-01 22:31 - 000434176 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll
2017-11-14 15:23 - 2017-11-01 22:30 - 013381120 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2017-11-14 15:23 - 2017-11-01 22:30 - 007339008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2017-11-14 15:23 - 2017-11-01 22:30 - 000719872 _____ (Microsoft Corporation) C:\WINDOWS\system32\FlightSettings.dll
2017-11-14 15:23 - 2017-11-01 22:30 - 000388096 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2017-11-14 15:23 - 2017-11-01 22:30 - 000225792 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2017-11-14 15:23 - 2017-11-01 22:29 - 000805888 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2017-11-14 15:23 - 2017-11-01 22:29 - 000757248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys
2017-11-14 15:23 - 2017-11-01 22:29 - 000752640 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2017-11-14 15:23 - 2017-11-01 22:28 - 023684096 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2017-11-14 15:23 - 2017-11-01 22:28 - 000772096 _____ (Microsoft Corporation) C:\WINDOWS\system32\PCPKsp.dll
2017-11-14 15:23 - 2017-11-01 22:27 - 002078720 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2017-11-14 15:23 - 2017-11-01 22:27 - 000179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\wersvc.dll
2017-11-14 15:23 - 2017-11-01 22:25 - 003307008 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2017-11-14 15:23 - 2017-11-01 22:25 - 001713664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncProvider.dll
2017-11-14 15:23 - 2017-11-01 22:24 - 004707840 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2017-11-14 15:23 - 2017-11-01 22:19 - 000124928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\luafv.sys
2017-11-14 15:23 - 2017-10-15 08:57 - 000712600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2017-11-14 15:23 - 2017-10-15 08:57 - 000409496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2017-11-14 15:23 - 2017-10-15 08:53 - 000387928 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpps.dll
2017-11-14 15:23 - 2017-10-15 08:14 - 000037376 _____ (Microsoft Corporation) C:\WINDOWS\system32\SEMgrPS.dll
2017-11-14 15:23 - 2017-10-15 08:13 - 000029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\odbcconf.dll
2017-11-14 15:23 - 2017-10-15 08:10 - 001303040 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVPXENC.dll
2017-11-14 15:23 - 2017-10-15 08:05 - 004396032 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
2017-11-14 15:23 - 2017-10-15 08:02 - 000079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationFrameworkInternalPS.dll
2017-11-14 15:22 - 2017-11-01 23:21 - 001578904 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2017-11-14 15:22 - 2017-11-01 23:21 - 000678808 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2017-11-14 15:22 - 2017-11-01 23:21 - 000612248 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2017-11-14 15:22 - 2017-11-01 23:21 - 000379288 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2017-11-14 15:22 - 2017-11-01 23:21 - 000190360 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2017-11-14 15:22 - 2017-11-01 23:21 - 000136088 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2017-11-14 15:22 - 2017-11-01 23:20 - 002032536 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2017-11-14 15:22 - 2017-11-01 23:20 - 001144728 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2017-11-14 15:22 - 2017-11-01 23:20 - 001015704 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2017-11-14 15:22 - 2017-11-01 23:20 - 000965016 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.efi
2017-11-14 15:22 - 2017-11-01 23:20 - 000821656 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.exe
2017-11-14 15:22 - 2017-11-01 23:20 - 000613784 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2017-11-14 15:22 - 2017-11-01 23:20 - 000543640 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2017-11-14 15:22 - 2017-11-01 23:20 - 000259992 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2017-11-14 15:22 - 2017-11-01 23:15 - 000503704 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll
2017-11-14 15:22 - 2017-11-01 23:14 - 000667040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2017-11-14 15:22 - 2017-11-01 23:14 - 000067992 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32appinventorycsp.dll
2017-11-14 15:22 - 2017-11-01 23:13 - 000212888 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2017-11-14 15:22 - 2017-11-01 23:12 - 000654976 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2017-11-14 15:22 - 2017-11-01 23:12 - 000430848 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll
2017-11-14 15:22 - 2017-11-01 22:33 - 000529408 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2017-11-14 15:22 - 2017-11-01 22:28 - 001468416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2017-11-14 15:22 - 2017-11-01 22:28 - 000939008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.AccountsControl.dll
2017-11-14 15:22 - 2017-11-01 22:26 - 002809344 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2017-11-14 15:22 - 2017-11-01 22:25 - 001886208 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2017-11-14 15:22 - 2017-10-15 08:59 - 000923040 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2017-11-14 15:22 - 2017-10-15 08:56 - 000872464 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
2017-11-14 15:22 - 2017-10-15 08:53 - 002969880 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreUIComponents.dll
2017-11-14 15:22 - 2017-10-15 08:08 - 000056832 _____ (Microsoft Corporation) C:\WINDOWS\system32\cldapi.dll
2017-11-13 16:33 - 2017-11-13 16:33 - 000000000 ____D C:\Users\Isaac 2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2017-11-13 16:32 - 2017-11-13 16:32 - 000000000 ____D C:\Users\Isaac 2\AppData\Roaming\WinRAR
2017-11-13 16:11 - 2017-03-18 14:57 - 000271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\setth.exe
2017-11-13 16:06 - 2017-03-18 14:57 - 000273920 _____ (Microsoft Corporation) C:\sethc.exe
2017-11-13 11:14 - 2017-11-13 11:14 - 000003380 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1114006664-966733769-2668947745-1059
2017-11-13 11:08 - 2017-11-13 11:10 - 000000000 ____D C:\Users\Isaac 2\AppData\Local\NVIDIA Corporation
2017-11-13 11:08 - 2017-11-13 11:08 - 000000000 ____D C:\Users\Isaac 2\AppData\Local\CEF
2017-11-13 11:07 - 2017-11-13 11:07 - 000000000 ____D C:\Users\Isaac 2\AppData\Local\ConnectedDevicesPlatform
2017-11-13 11:06 - 2017-11-13 11:06 - 000000020 ___SH C:\Users\Isaac 2\ntuser.ini
2017-11-13 04:26 - 2017-11-13 04:26 - 000051016 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe
2017-11-13 04:26 - 2017-11-13 04:26 - 000045672 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-dev.sys
2017-11-13 04:26 - 2017-11-13 04:26 - 000045640 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-stable.sys
2017-11-13 04:26 - 2017-11-13 04:26 - 000045640 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-canary.sys
2017-11-12 18:31 - 2016-03-31 16:34 - 000584192 _____ C:\WINDOWS\system32\Hyperspace.scr
2017-11-09 04:40 - 2017-11-09 04:40 - 036248176 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2017-11-09 04:40 - 2017-11-09 04:40 - 029279672 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2017-11-09 04:40 - 2017-11-09 04:40 - 000624240 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2017-11-09 04:39 - 2017-11-09 04:39 - 000989808 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2017-11-09 04:39 - 2017-11-09 04:39 - 000940984 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2017-11-09 04:39 - 2017-11-09 04:39 - 000514672 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2017-11-09 04:39 - 2017-11-09 04:39 - 000054192 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdap64.dll
2017-11-09 04:38 - 2017-11-09 04:38 - 001997752 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6438813.dll
2017-11-09 04:38 - 2017-11-09 04:38 - 001682544 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6438813.dll
2017-11-09 04:38 - 2017-11-09 04:38 - 001108408 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2017-11-09 04:38 - 2017-11-09 04:38 - 001039800 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2017-11-09 04:38 - 2017-11-09 04:38 - 000748144 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvDecMFTMjpeg.dll
2017-11-09 04:38 - 2017-11-09 04:38 - 000607160 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvDecMFTMjpeg.dll
2017-11-09 04:37 - 2017-11-09 04:37 - 040246384 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcompiler.dll
2017-11-09 04:37 - 2017-11-09 04:37 - 035165624 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcompiler.dll
2017-11-09 04:37 - 2017-11-09 04:37 - 004210288 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2017-11-09 04:37 - 2017-11-09 04:37 - 003623024 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2017-11-09 04:30 - 2017-11-09 04:30 - 023474480 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2017-11-09 04:30 - 2017-11-09 04:30 - 019212720 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2017-11-09 04:30 - 2017-11-09 04:30 - 013379352 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvptxJitCompiler.dll
2017-11-09 04:30 - 2017-11-09 04:30 - 010986768 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll
2017-11-09 04:30 - 2017-11-09 04:30 - 000633256 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmcumd.dll
2017-11-09 04:26 - 2017-11-09 04:26 - 001154296 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvfatbinaryLoader.dll
2017-11-09 04:26 - 2017-11-09 04:26 - 000902312 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll
2017-11-09 04:26 - 2017-11-09 04:26 - 000810304 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2017-11-09 04:25 - 2017-11-09 04:25 - 013994136 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2017-11-09 04:25 - 2017-11-09 04:25 - 011891200 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2017-11-09 04:25 - 2017-11-09 04:25 - 001351792 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFThevc.dll
2017-11-09 04:25 - 2017-11-09 04:25 - 001342008 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFTH264.dll
2017-11-09 04:25 - 2017-11-09 04:25 - 001062920 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFThevc.dll
2017-11-09 04:25 - 2017-11-09 04:25 - 001056720 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFTH264.dll
2017-11-09 04:25 - 2017-11-09 04:25 - 000648728 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2017-11-09 03:57 - 2017-11-09 03:57 - 000000669 _____ C:\WINDOWS\SysWOW64\nv-vk32.json
2017-11-09 03:57 - 2017-11-09 03:57 - 000000669 _____ C:\WINDOWS\system32\nv-vk64.json
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-12-04 16:15 - 2017-06-28 04:36 - 000000000 ____D C:\ProgramData\NVIDIA
2017-12-04 16:10 - 2017-06-28 04:38 - 000000000 ____D C:\Users\42and_000
2017-12-04 16:09 - 2017-08-01 11:28 - 000000000 ____D C:\WINDOWS\Minidump
2017-12-04 16:09 - 2017-06-28 05:04 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-12-04 16:02 - 2017-06-28 04:32 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2017-12-04 11:47 - 2017-03-18 05:40 - 001048576 _____ C:\WINDOWS\system32\config\BBI
2017-12-04 05:21 - 2013-10-21 13:15 - 000000000 ____D C:\ProgramData\AVAST Software
2017-12-04 02:22 - 2017-06-17 16:24 - 000061304 _____ () C:\WINDOWS\system32\Drivers\lpsport.sys
2017-12-04 02:20 - 2017-03-18 15:03 - 000000000 ____D C:\WINDOWS\AppReadiness
2017-12-04 02:06 - 2013-09-03 17:26 - 000000000 ____D C:\Users\42and_000\AppData\Local\ElevatedDiagnostics
2017-12-04 01:56 - 2014-10-10 22:50 - 000000000 ____D C:\Users\42and_000\Downloads\bt
2017-12-04 01:23 - 2016-07-11 14:57 - 000000000 ____D C:\Users\42and_000\AppData\Local\CrashDumps
2017-12-03 23:56 - 2013-07-11 01:26 - 000000000 ____D C:\Users\42and_000\AppData\Roaming\vlc
2017-12-03 22:00 - 2014-12-12 00:42 - 000252232 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2017-12-03 15:42 - 2015-04-11 13:51 - 000000000 ____D C:\Users\42and_000\AppData\Roaming\dvdcss
2017-12-03 05:47 - 2017-03-18 15:03 - 000000000 ___HD C:\Program Files\WindowsApps
2017-12-02 22:29 - 2015-06-15 10:16 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2017-12-02 12:17 - 2013-10-06 21:52 - 000000000 ____D C:\Program Files (x86)\Activision
2017-12-02 04:10 - 2017-06-28 04:38 - 000000000 ____D C:\Users\Isaac 2
2017-12-02 02:18 - 2013-11-05 18:56 - 000545440 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2017-12-02 01:18 - 2017-03-18 15:01 - 000000000 ____D C:\WINDOWS\INF
2017-12-02 01:11 - 2017-02-01 13:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java Development Kit
2017-12-02 01:11 - 2016-11-17 15:24 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-12-02 01:11 - 2015-02-13 23:26 - 000097856 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2017-12-02 01:11 - 2015-02-13 23:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2017-12-02 01:11 - 2013-10-01 21:26 - 000000000 ____D C:\Program Files (x86)\Java
2017-12-01 18:58 - 2017-06-18 22:17 - 000000000 ____D C:\Program Files (x86)\Steam
2017-12-01 18:58 - 2016-03-01 06:28 - 000000000 ____D C:\Users\42and_000\AppData\Roaming\TeamViewer
2017-12-01 18:35 - 2016-08-17 21:58 - 000000000 ____D C:\Program Files (x86)\Tor Browser
2017-12-01 15:58 - 2013-10-21 13:17 - 000455384 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys.151216560535904
2017-12-01 13:36 - 2013-07-22 23:01 - 000000000 ____D C:\Program Files (x86)\Microsoft Works
2017-12-01 00:25 - 2013-07-09 16:54 - 000000000 ____D C:\Users\42and_000\AppData\Local\Packages
2017-12-01 00:14 - 2013-08-26 21:13 - 000000000 ____D C:\Program Files (x86)\Google
2017-11-30 16:21 - 2017-10-27 19:02 - 000000000 ____D C:\Users\42and_000\Desktop\Discovery
2017-11-30 16:10 - 2013-07-13 21:32 - 000000000 ____D C:\Users\42and_000\AppData\Roaming\Audacity
2017-11-28 22:21 - 2017-06-28 04:59 - 000005858 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-11-28 11:38 - 2017-10-11 21:05 - 000000000 ____D C:\Users\42and_000\Desktop\Teya
2017-11-24 14:50 - 2013-07-09 23:30 - 000000000 ____D C:\Users\42and_000\Documents\My Games
2017-11-24 14:38 - 2017-03-01 12:56 - 000000000 ____D C:\Users\42and_000\Desktop\For School
2017-11-23 22:31 - 2017-09-13 01:49 - 000000000 ____D C:\Program Files (x86)\Audacity 2.1.3
2017-11-23 22:05 - 2017-06-28 04:36 - 000849474 _____ C:\WINDOWS\system32\Drivers\rtwavesskdy.dat
2017-11-23 22:05 - 2017-06-28 04:36 - 000165026 _____ C:\WINDOWS\system32\Drivers\RTWAVES40.dat
2017-11-23 22:05 - 2017-06-28 04:36 - 000031095 _____ C:\WINDOWS\system32\Drivers\rtwavesEFX.dat
2017-11-23 22:05 - 2017-06-28 04:36 - 000010945 _____ C:\WINDOWS\system32\Drivers\rtwavesMFX.dat
2017-11-23 22:04 - 2017-06-28 04:35 - 000000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2017-11-23 21:39 - 2014-09-06 15:26 - 000000000 ____D C:\Users\42and_000\Documents\Bandicam
2017-11-23 18:18 - 2017-10-08 20:49 - 000003958 _____ C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1507517389
2017-11-23 18:18 - 2017-10-08 20:49 - 000001080 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera Browser.lnk
2017-11-23 18:18 - 2017-10-08 20:49 - 000000000 ____D C:\Program Files\Opera
2017-11-21 21:47 - 2013-08-10 21:43 - 000029696 _____ C:\Users\42and_000\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2017-11-20 21:30 - 2017-03-18 14:51 - 000000000 ____D C:\WINDOWS\CbsTemp
2017-11-20 20:52 - 2017-10-13 19:39 - 000000000 ____D C:\Users\42and_000\Downloads\TVM_ASTER
2017-11-17 23:08 - 2016-04-15 15:29 - 000000000 ____D C:\Users\42and_000\AppData\Local\NVIDIA
2017-11-17 18:43 - 2017-06-28 04:36 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2017-11-17 18:43 - 2016-09-09 09:27 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2017-11-17 18:40 - 2017-06-28 04:36 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2017-11-17 18:40 - 2017-06-28 04:36 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2017-11-17 07:33 - 2017-03-18 15:03 - 000000000 ____D C:\WINDOWS\rescache
2017-11-16 21:46 - 2017-03-18 15:03 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2017-11-15 23:39 - 2017-06-28 05:04 - 000004552 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player PPAPI Notifier
2017-11-15 23:39 - 2017-06-28 05:04 - 000004386 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2017-11-15 23:39 - 2017-03-18 15:03 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2017-11-15 23:39 - 2017-03-18 15:03 - 000000000 ____D C:\WINDOWS\system32\Macromed
2017-11-15 15:05 - 2015-06-15 09:12 - 000000000 ____D C:\Program Files (x86)\Dropbox
2017-11-14 17:52 - 2016-02-13 07:20 - 000000000 __RHD C:\Users\Public\AccountPictures
2017-11-14 17:49 - 2017-06-28 04:32 - 005046048 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-11-14 17:46 - 2017-03-18 15:03 - 000000000 ____D C:\WINDOWS\system32\appraiser
2017-11-14 17:46 - 2017-03-18 15:03 - 000000000 ____D C:\WINDOWS\ShellExperiences
2017-11-14 17:46 - 2017-03-18 15:03 - 000000000 ____D C:\WINDOWS\Provisioning
2017-11-14 17:46 - 2017-03-18 15:03 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2017-11-14 17:46 - 2017-03-18 15:03 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2017-11-14 15:44 - 2013-08-13 16:46 - 000000000 ____D C:\WINDOWS\system32\MRT
2017-11-14 15:36 - 2017-10-10 23:26 - 127017032 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT-KB890830.exe
2017-11-14 15:36 - 2013-07-10 13:49 - 127017032 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-11-14 04:18 - 2014-11-21 18:50 - 000000000 ____D C:\ProgramData\Skype
2017-11-13 20:05 - 2017-10-17 13:23 - 000023112 ____H C:\Users\42and_000\Desktop\~WRL2176.tmp
2017-11-13 16:33 - 2013-07-24 01:23 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2017-11-13 16:32 - 2016-04-18 10:26 - 000000000 ____D C:\Users\Isaac 2\AppData\Local\Packages
2017-11-13 16:08 - 2016-04-18 16:20 - 000000000 ____D C:\Users\Isaac 2\AppData\Local\MicrosoftEdge
2017-11-13 16:02 - 2017-06-28 05:04 - 000003416 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2017-11-13 16:02 - 2017-06-28 05:04 - 000003292 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2017-11-13 11:25 - 2017-03-18 15:03 - 000000000 ___RD C:\WINDOWS\PrintDialog
2017-11-13 11:25 - 2017-03-18 15:03 - 000000000 ___RD C:\WINDOWS\MiracastView
2017-11-13 11:14 - 2016-04-18 10:29 - 000002371 _____ C:\Users\Isaac 2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-11-13 11:14 - 2016-04-18 10:29 - 000000000 ___RD C:\Users\Isaac 2\OneDrive
2017-11-13 11:12 - 2016-04-18 10:28 - 000000000 ____D C:\Users\Isaac 2\AppData\Local\Dropbox
2017-11-13 10:59 - 2016-09-09 23:24 - 000000390 _____ C:\WINDOWS\Tasks\DriverToolkit Autorun.job
2017-11-13 10:59 - 2015-06-15 09:12 - 000000938 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job
2017-11-13 10:59 - 2015-06-15 09:12 - 000000934 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job
2017-11-13 10:59 - 2013-07-09 17:43 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-11-12 14:11 - 2017-10-17 23:42 - 000002588 _____ C:\WINDOWS\System32\Tasks\CreateExplorerShellUnelevatedTask
2017-11-12 14:11 - 2017-10-10 23:06 - 000003306 _____ C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1507698360
2017-11-12 14:11 - 2017-10-10 23:03 - 000003316 _____ C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1507698212
2017-11-12 14:11 - 2017-09-13 21:07 - 000003176 _____ C:\WINDOWS\System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-11-12 14:11 - 2017-07-27 04:05 - 000002856 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1114006664-966733769-2668947745-1002
2017-11-12 14:11 - 2017-06-28 05:04 - 000003452 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskMachineUA
2017-11-12 14:11 - 2017-06-28 05:04 - 000003398 _____ C:\WINDOWS\System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-11-12 14:11 - 2017-06-28 05:04 - 000003228 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskMachineCore
2017-11-12 14:11 - 2017-06-28 05:04 - 000002984 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-11-12 14:11 - 2017-06-28 05:04 - 000002968 _____ C:\WINDOWS\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-11-12 14:11 - 2017-06-28 05:04 - 000002956 _____ C:\WINDOWS\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-11-12 14:11 - 2017-06-28 05:04 - 000002838 _____ C:\WINDOWS\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-11-12 14:11 - 2017-06-28 05:04 - 000002786 _____ C:\WINDOWS\System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-11-12 14:11 - 2017-06-28 05:04 - 000002750 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1114006664-966733769-2668947745-1050
2017-11-12 14:11 - 2017-06-28 05:04 - 000002748 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1114006664-966733769-2668947745-500
2017-11-12 14:11 - 2017-06-28 05:04 - 000002744 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-11-12 14:11 - 2017-06-28 05:04 - 000002596 _____ C:\WINDOWS\System32\Tasks\
[email protected]
2017-11-12 14:11 - 2017-06-28 05:04 - 000002494 _____ C:\WINDOWS\System32\Tasks\Private Internet Access Startup
2017-11-12 14:11 - 2017-06-28 05:04 - 000002400 _____ C:\WINDOWS\System32\Tasks\DriverToolkit Autorun
2017-11-12 14:11 - 2017-06-28 05:04 - 000002180 _____ C:\WINDOWS\System32\Tasks\{B0CD8B6F-6242-43D3-8875-B546A801F713}
2017-11-12 14:11 - 2017-06-28 05:04 - 000002180 _____ C:\WINDOWS\System32\Tasks\{0E90B821-61CF-4670-B84D-0AD0BDC1E354}
2017-11-12 14:11 - 2017-06-28 05:04 - 000002080 _____ C:\WINDOWS\System32\Tasks\{C8BB1D76-9B82-4AC8-8899-C452752EC81E}
2017-11-12 14:11 - 2017-06-28 05:04 - 000001974 _____ C:\WINDOWS\System32\Tasks\{D2E90D36-A223-43D2-BF72-013B3FDEDF37}
2017-11-12 14:11 - 2017-06-28 05:04 - 000001970 _____ C:\WINDOWS\System32\Tasks\{E26D4F8A-B245-4074-B0D7-45E249850A55}
2017-11-11 03:58 - 2016-12-07 18:13 - 000000000 ____D C:\Users\42and_000\AppData\LocalLow\Mozilla
2017-11-11 03:35 - 2013-07-22 14:39 - 000000000 ____D C:\Users\42and_000\AppData\Local\WMTools Downloaded Files
2017-11-09 04:38 - 2017-05-19 17:03 - 001624168 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdagenco6420103.dll
2017-11-09 04:38 - 2017-05-19 17:03 - 000233904 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhda64v.sys
2017-11-09 04:25 - 2017-05-19 16:47 - 004533184 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2017-11-09 04:25 - 2017-05-19 16:47 - 003859848 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2017-11-09 03:57 - 2017-05-19 13:22 - 000048442 _____ C:\WINDOWS\system32\nvinfo.pb
2017-11-04 19:40 - 2017-03-18 15:06 - 000835568 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2017-11-04 19:40 - 2017-03-18 15:06 - 000177648 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
==================== Files in the root of some directories =======
2013-12-15 04:47 - 2013-12-15 04:45 - 004804670 _____ (tk102) C:\Program Files (x86)\kse_333.exe
2015-02-27 23:44 - 2011-07-27 03:40 - 005512538 _____ () C:\Program Files (x86)\Photobooth.exe
2013-11-13 21:54 - 2014-01-07 05:33 - 000000568 _____ () C:\Users\42and_000\AppData\Roaming\AutoGK.ini
2014-09-06 15:22 - 2014-09-06 15:22 - 000000057 _____ () C:\Users\42and_000\AppData\Roaming\Camdata.ini
2014-09-06 15:22 - 2014-09-06 15:22 - 000000408 _____ () C:\Users\42and_000\AppData\Roaming\CamLayout.ini
2014-09-06 15:22 - 2014-09-06 15:22 - 000000408 _____ () C:\Users\42and_000\AppData\Roaming\CamShapes.ini
2014-09-06 14:19 - 2014-09-06 15:22 - 000004534 _____ () C:\Users\42and_000\AppData\Roaming\CamStudio.cfg
2014-09-06 15:19 - 2014-09-06 15:19 - 000000098 _____ () C:\Users\42and_000\AppData\Roaming\CamStudio.Producer.command
2014-09-06 15:20 - 2014-09-06 15:20 - 000000000 _____ () C:\Users\42and_000\AppData\Roaming\CamStudio.Producer.Data.ini
2014-09-06 15:20 - 2014-09-06 15:20 - 000001206 _____ () C:\Users\42and_000\AppData\Roaming\CamStudio.Producer.ini
2016-04-30 17:09 - 2016-04-30 17:10 - 000276306 _____ () C:\Users\42and_000\AppData\Roaming\File.jar
2014-12-16 15:49 - 2014-12-19 00:31 - 000000143 _____ () C:\Users\42and_000\AppData\Roaming\mbam.context.scan
2014-09-06 14:18 - 2014-09-06 15:17 - 000000096 _____ () C:\Users\42and_000\AppData\Roaming\version2.xml
2013-08-10 21:43 - 2017-11-21 21:47 - 000029696 _____ () C:\Users\42and_000\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-07-04 10:32 - 2014-05-26 22:39 - 000056472 _____ (Microsoft Corporation) C:\Users\42and_000\AppData\Local\Microsoft.exe
Some files in TEMP:
====================
2017-12-01 01:08 - 2003-08-27 02:47 - 000286720 _____ (Electronic Arts, Inc.) C:\Users\42and_000\AppData\Local\Temp\eauninstall.exe
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2017-11-28 08:07
==================== End of FRST.txt ============================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 30-11-2017
Ran by Isaac (04-12-2017 16:22:26)
Running from C:\Users\42and_000\AppData\Local\Temp\scoped_dir7484_27194
Windows 10 Home Version 1703 15063.726 (X64) (2017-06-28 11:16:52)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-1114006664-966733769-2668947745-500 - Administrator - Disabled)
ASPNET (S-1-5-21-1114006664-966733769-2668947745-1060 - Limited - Enabled)
DefaultAccount (S-1-5-21-1114006664-966733769-2668947745-503 - Limited - Disabled)
Guest (S-1-5-21-1114006664-966733769-2668947745-501 - Limited - Enabled)
Isaac (S-1-5-21-1114006664-966733769-2668947745-1002 - Administrator - Enabled) => C:\Users\42and_000
Isaac 2 (S-1-5-21-1114006664-966733769-2668947745-1059 - Administrator - Enabled) => C:\Users\Isaac 2
UpdatusUser (S-1-5-21-1114006664-966733769-2668947745-1048 - Limited - Enabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
.NET Reflector Desktop (HKLM-x32\...\{067796E0-7973-4882-BB41-FE94453D4CAA}) (Version: 8.2.0.7 - Red Gate Software Ltd)
[MH] Star Wars Rogue Squadron 3D (HKLM-x32\...\{133DAA85-9CAC-4102-A33B-21701368DD4A}) (Version: 1.3 - Maverick Hunters)
1.0.2 (HKLM-x32\...\{18C94B21-9C7B-11D0-933A-00608CEA7318}_is1) (Version: 1.0.2 - microprose)
7-Zip 16.04 (HKLM-x32\...\{23170F69-40C1-2701-1604-000001000000}) (Version: 16.04.00.0 - Igor Pavlov)
7-Zip 16.04 (x64 edition) (HKLM\...\{23170F69-40C1-2702-1604-000001000000}) (Version: 16.04.00.0 - Igor Pavlov)
7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version: - )
Active@ File Recovery 15 (HKLM\...\{177608F6-F029-4301-B176-15BA7C605B73}_is1) (Version: 15 - LSoft Technologies Inc)
Adobe After Effects CS5.5 (HKLM-x32\...\{E82097B9-A3B8-404A-9A92-AC16A8AC9576}) (Version: 10.5 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 27.0.0.124 - Adobe Systems Incorporated)
Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.4.980 - Adobe Systems Incorporated.)
Adobe Flash Player 27 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 27.0.0.187 - Adobe Systems Incorporated)
Adobe Flash Player 27 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 27.0.0.187 - Adobe Systems Incorporated)
Adobe Flash Professional CS5.5 (HKLM-x32\...\{23E445D5-FD83-4C50-A211-EB26A2975317}) (Version: 11.5 - Adobe Systems Incorporated)
Adobe Story (HKLM-x32\...\com.adobe.AdobeStory.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.0.571 - Adobe Systems Incorporated)
Any Video Converter Professional 5.0.8 (HKLM-x32\...\Any Video Converter Professional_is1) (Version: - Any-Video-Converter.com)
Apple Application Support (32-bit) (HKLM-x32\...\{D811A40A-9791-497C-B9DC-2D89C8E95EA1}) (Version: 6.1 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{8B47B514-F5D2-4E0D-B951-6E250618A7CD}) (Version: 6.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{31A0B634-BCF4-4D3F-8336-87FEACFEE142}) (Version: 11.0.1.2 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Assassin's Creed ® III (HKLM-x32\...\{9D15E813-0C26-41E7-ABC5-3EB06FF1B3CF}) (Version: 1.01 - Ubisoft)
ASTER-V7 (HKLM\...\{FAE1618B-B66C-48B4-B183-7553B9FB0B38}) (Version: 1.0.0 - IBIK)
Audacity 2.1.3 (HKLM-x32\...\Audacity®_is1) (Version: 2.1.3 - Audacity Team)
Auto Clicker by Shocker (HKLM-x32\...\Auto Clicker by Shocker_is1) (Version: V3.0 - shockingsoft.com)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 17.8.2318 - AVAST Software)
avast! Ad Blocker (HKLM-x32\...\{021C6667-63D3-4416-B537-865E77F4DF4F}) (Version: 1.0.0.0 - AVAST Software)
AviSynth 2.5 (HKLM-x32\...\AviSynth) (Version: - )
Bandicam (HKLM-x32\...\Bandicam) (Version: 3.3.2.1195 - Bandicam.com)
Bandicam MPEG-1 Decoder (HKLM-x32\...\BandiMPEG1) (Version: - Bandicam.com)
BC-Mod Installer .NET - FINAL Version (HKLM-x32\...\BC-Mod Installer .NET) (Version: - )
Bethesda.net Launcher (HKLM-x32\...\{3448917E-E4FE-4E30-9502-9FD52EABB6F5}_is1) (Version: 1.12.3 - Bethesda Softworks)
BitRaider Streaming Client (HKLM-x32\...\BitRaider Streaming Client) (Version: 1.3.3.4098 - BitRaider, LLC)
BitTorrent (HKU\S-1-5-21-1114006664-966733769-2668947745-1002\...\BitTorrent) (Version: 7.9.2.32241 - BitTorrent Inc.)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
CamStudio 2.7.2 (HKLM\...\{04B83666-3A62-452B-85D3-70F8117F2329}_is1) (Version: 2.7.2 - CamStudio Open Source)
Cheat Engine 6.4 (HKLM-x32\...\Cheat Engine 6.4_is1) (Version: - Cheat Engine)
Convergence (HKLM-x32\...\Convergence) (Version: - )
Creation Kit: Skyrim (HKLM-x32\...\Creation Kit: Skyrim) (Version: - Bethesda Softworks)
CyberLink Media Suite Essentials (HKLM-x32\...\InstallShield_{8F14AA37-5193-4A14-BD5B-BDF9B361AEF7}) (Version: 10.0 - CyberLink Corp.)
CyberLink PowerDirector 11 (HKLM-x32\...\InstallShield_{551F492A-01B0-4DC4-866F-875EC4EDC0A8}) (Version: 11.0.0.2321 - CyberLink Corp.)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
DDS Converter 2.1 (HKLM-x32\...\DDS Converter 2.1) (Version: - )
Deep Space Nine The Fallen (HKLM-x32\...\{783E0AD7-C128-4398-9F74-99D3EFF2875D}) (Version: - )
Defcon v1.43 en-AU rtl (HKLM-x32\...\Defcon_is1) (Version: - Introversion Software Ltd)
Dell Backup and Recovery - Support Software (HKLM-x32\...\{A9668246-FB70-4103-A1E3-66C9BC2EFB49}) (Version: 1.0.0.1 - Dell Inc.)
Dell Backup and Recovery (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 1.0.0.1 - Dell Inc.)
Dell WLAN and Bluetooth Client Installation (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 9.0 - Dell Inc.)
Discord (HKU\S-1-5-21-1114006664-966733769-2668947745-1002\...\Discord) (Version: 0.0.298 - Discord Inc.)
Dolphin (HKLM-x32\...\Dolphin) (Version: 4.0.2 - Dolphin Development Team)
Dropbox (HKLM-x32\...\Dropbox) (Version: 39.4.49 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.59.1 - Dropbox, Inc.) Hidden
Empire at War Forces of Corruption Mappack 7.00 (HKLM-x32\...\Empire at War Forces of Corruption Mappack) (Version: 7.00 - Petroglyph Games Inc.)
ffdshow [rev 2583] [2009-01-05] (HKLM-x32\...\ffdshow_is1) (Version: 1.0 - )
File Scavenger 3.2 (en) (HKLM-x32\...\QueTek File Scavenger 3.2 (en)) (Version: 3.2.24.0 - QueTek Consulting Corporation)
FileASSASSIN (HKLM-x32\...\FileASSASSIN) (Version: 1.06 - Malwarebytes)
Fleet Operations version 3.2.7 (HKLM-x32\...\{F00C56DC-3121-42BC-A4CB-9233D2265EB5}_is1) (Version: 3.2.7 - )
Fraps (remove only) (HKLM-x32\...\Fraps) (Version: - )
Freemake Audio Converter version 1.1.0 (HKLM-x32\...\Freemake Audio Converter_is1) (Version: 1.1.0 - Ellora Assets Corporation)
Freemake Video Converter version 4.1.0 (HKLM-x32\...\Freemake Video Converter_is1) (Version: 4.1.0 - Ellora Assets Corporation)
GameRanger (HKU\S-1-5-21-1114006664-966733769-2668947745-1002\...\GameRanger) (Version: - GameRanger Technologies)
Google Earth Pro (HKLM-x32\...\{ECF2E224-42F5-4E50-B58E-94CA70E85697}) (Version: 7.3.0.3832 - Google)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.7 - Google Inc.) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
Gtk# for .Net 2.12.26 (HKLM-x32\...\{BC25B808-A11C-4C9F-9C0A-6682E47AAB83}) (Version: 2.12.26 - Xamarin, Inc.)
GtkRadiant-1.4.0 (HKLM-x32\...\{F3AE7331-7851-424E-BFD5-B46E8DA3F0D6}) (Version: - )
Haali Media Splitter (HKLM-x32\...\HaaliMkx) (Version: - )
HandBrake 0.9.9.1 (HKLM-x32\...\HandBrake) (Version: 0.9.9.1 - )
HF pAppLoc version 1.1.1 (HKLM-x32\...\{9143B17E-BBDE-4EA7-A4E3-20D384D9C8A5}_is1) (Version: 1.1.1 - Inquisitor)
Java 7 Update 76 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217076FF}) (Version: 7.0.760 - Oracle)
Java 8 Update 121 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180121F0}) (Version: 8.0.1210.13 - Oracle Corporation)
Java 8 Update 121 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180121F0}) (Version: 8.0.1210.13 - Oracle Corporation)
Java 8 Update 131 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180131F0}) (Version: 8.0.1310.11 - Oracle Corporation)
Java 8 Update 151 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180151F0}) (Version: 8.0.1510.12 - Oracle Corporation)
Java 8 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218045F0}) (Version: 8.0.450 - Oracle Corporation)
Java 8 Update 65 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218065F0}) (Version: 8.0.650.17 - Oracle Corporation)
Java 8 Update 91 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418091F0}) (Version: 8.0.910.15 - Oracle Corporation)
Java SE Development Kit 8 Update 121 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180121}) (Version: 8.0.1210.13 - Oracle Corporation)
JPEXS Free Flash Decompiler (HKLM-x32\...\{E618D276-6596-41F4-8A98-447D442A77DB}_is1) (Version: 10.0.0 - JPEXS)
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version: - )
LOOT version 0.9.2 (HKLM-x32\...\{BF634210-A0D4-443F-A657-0DCE38040374}_is1) (Version: 0.9.2 - LOOT Team)
Macromedia Flash 5 (HKLM-x32\...\{4C93C363-414E-11D4-9756-00C04F8EEB39}) (Version: 5 - Macromedia)
Malwarebytes version 3.2.2.2029 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.2.2.2029 - Malwarebytes)
Microsoft .NET Framework 1.1 (HKLM-x32\...\Microsoft .NET Framework 1.1 (1033)) (Version: - )
Microsoft AppLocale (HKLM-x32\...\{394BE3D9-7F57-4638-A8D1-1D88671913B7}) (Version: 1.0.0 - MS)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Chart Controls for Microsoft .NET Framework 3.5 (HKLM-x32\...\{41785C66-90F2-40CE-8CB5-1C94BFC97280}) (Version: 3.5.0.0 - Microsoft Corporation)
Microsoft Digital Image Library 9 (HKLM-x32\...\PictureIt_POD_v9) (Version: 9.00.0000 - Microsoft Corporation)
Microsoft Digital Image Pro 9 (HKLM-x32\...\PictureIt_v9) (Version: 9.0.0.0000 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office FrontPage 2003 (HKLM-x32\...\{90170409-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1114006664-966733769-2668947745-1002\...\OneDriveSetup.exe) (Version: 17.3.7076.1026 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1114006664-966733769-2668947745-1059\...\OneDriveSetup.exe) (Version: 17.3.7076.1026 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.10.25008 (HKLM-x32\...\{f1e7e313-06df-4c56-96a9-99fdfd149c51}) (Version: 14.10.25008.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.10.25008 (HKLM-x32\...\{c239cea1-d49e-4e16-8e87-8c055765f7ec}) (Version: 14.10.25008.0 - Microsoft Corporation)
Microsoft Visual Studio 2017 (HKLM-x32\...\{6F320B93-EE3C-4826-85E0-ADF79F8D4C61}) (Version: 1.10.30640.0 - Microsoft Corporation)
Microsoft Windows Application Compatibility Database (HKLM\...\{deb7008b-681e-4a4a-8aae-cc833e8216ce}.sdb) (Version: - )
Microsoft Works 6-9 Converter (HKLM-x32\...\{95140000-0137-0409-0000-0000000FF1CE}) (Version: 14.0.6120.5002 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
MKVToolNix 6.5.0 (HKLM-x32\...\MKVToolNix) (Version: 6.5.0 - Moritz Bunkus)
Movie Maker (HKLM-x32\...\{5BABDA39-61CF-41EE-992D-4054B6649A9B}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{ED6C77F9-4D7E-447C-9EC0-9A212D075535}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Mozilla Firefox 57.0.1 (x64 en-US) (HKLM\...\Mozilla Firefox 57.0.1 (x64 en-US)) (Version: 57.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 57.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 52.0 - Mozilla)
MSVC80_x64_v2 (HKLM\...\{4D668D4F-FAA2-4726-834C-31F4614F312E}) (Version: 1.0.3.0 - Nokia) Hidden
MSVC80_x86_v2 (HKLM-x32\...\{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}) (Version: 1.0.3.0 - Nokia) Hidden
MSVC90_x64 (HKLM\...\{AB071C8B-873C-459F-ACA9-9EBE03C3E89B}) (Version: 1.0.1.2 - Nokia) Hidden
MSVC90_x86 (HKLM-x32\...\{AF111648-99A1-453E-81DD-80DBBF6DAD0D}) (Version: 1.0.1.2 - Nokia) Hidden
MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
MultitrackStudio Lite 8.3.1 (64-bit) (HKLM\...\MultitrackStudio64_is1) (Version: - Bremmers Audio Design)
My Dell (HKLM\...\PC-Doctor for Windows) (Version: 3.3.6280.92 - PC-Doctor, Inc.)
Newblue Art Effects for PowerDirector (HKLM\...\NewBlue Art Effects for PowerDirector) (Version: 2.0 - NewBlue)
Nexus Mod Manager (HKLM\...\6af12c54-643b-4752-87d0-8335503010de_is1) (Version: 0.63.12 - Black Tree Gaming)
nGlide 1.05 (HKLM-x32\...\nGlide) (Version: 1.05 - Zeus Software)
Nokia Connectivity Cable Driver (HKLM-x32\...\{29373274-977E-413C-A4DE-DC0F8E80C429}) (Version: 7.1.172.0 - Nokia)
NVIDIA 3D Vision Controller Driver 369.04 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 369.04 - NVIDIA Corporation)
NVIDIA 3D Vision Driver 388.13 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 388.13 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.9.0.97 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.9.0.97 - NVIDIA Corporation)
NVIDIA Graphics Driver 388.13 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 388.13 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.35.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.35.1 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.17.0524 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0524 - NVIDIA Corporation)
Oblivion mod manager 1.1.12 (HKLM-x32\...\Oblivion mod manager_is1) (Version: - Timeslip)
Opera Stable 49.0.2725.47 (HKLM-x32\...\Opera 49.0.2725.47) (Version: 49.0.2725.47 - Opera Software)
Oracle VM VirtualBox 5.1.28 (HKLM\...\{11BAF690-37C7-4A56-B518-3696BD15592F}) (Version: 5.1.28 - Oracle Corporation)
Origin (HKLM-x32\...\Origin) (Version: 10.5.3.59240 - Electronic Arts, Inc.)
PC Connectivity Solution (HKLM-x32\...\{6D01D1B1-17BD-4F10-BB11-F08F0C47D42B}) (Version: 12.0.109.0 - Nokia)
PDF Settings CS5 (HKLM-x32\...\{A78FE97A-C0C8-49CE-89D0-EDD524A17392}) (Version: 10.0 - Adobe Systems Incorporated) Hidden
Personal Renamer (HKLM-x32\...\{D29BA5EE-70F9-475E-9B32-A1091716E271}) (Version: 3.0 - Balisteor)
PEXD (HKLM-x32\...\{39AB5850-7045-4A73-BE59-75E35ECE8667}) (Version: 1.0.0 - None provided)
PowerDirector (HKLM\...\{2599B6F1-92AC-472C-BE60-9F17565E4938}) (Version: 11.0 - CyberLink Corp.) Hidden
PowerISO (HKLM-x32\...\PowerISO) (Version: 5.7 - Power Software Ltd)
Private Internet Access Support Files (HKLM-x32\...\{7D72DAFF-DCB2-437B-BC22-4B2ABF21462B}) (Version: 1.0.0.0 - Private Internet Access)
QMP3Gain 0.9.0 (HKLM-x32\...\QMP3Gain) (Version: - )
QuickTime 7 (HKLM-x32\...\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 - Apple Inc.)
Ralink RT2870 Wireless LAN Card (HKLM-x32\...\{28DA7D8B-F9A4-4F18-8AA0-551B1E084D0D}) (Version: 1.5.19.0 - Ralink)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7544 - Realtek Semiconductor Corp.)
Respondus LockDown Browser 2 (HKLM-x32\...\{BBC7F69B-7A94-41E9-8A4B-B55A8D06431F}) (Version: 2.00.0000 - Respondus)
Ron's Editor (Remove Only) (HKLM-x32\...\Ron's Editor_is1) (Version: - )
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
SimCity 4 Deluxe (HKLM-x32\...\{A7A34FC9-DF24-4A36-00AD-D4EFE94CC116}) (Version: - )
SketchUp 2013 (HKLM-x32\...\{E74C0D09-8730-4714-8C6F-019FBF7F1B42}) (Version: 13.0.3689 - Trimble Navigation Limited)
Skype™ 7.40 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.40.151 - Skype Technologies S.A.)
Sothink Movie DVD Maker (HKLM-x32\...\{4F94119D-1B71-400e-9F04-B4E5CEAE71F8}_is1) (Version: 3.5 - SourceTec Software Co., LTD)
Sothink SWF Decompiler (HKLM-x32\...\{BCDB856C-D247-4DEE-9132-89C02F4D6B8C}_is1) (Version: 7.4 - SourceTec Software Co., LTD)
Spotify (HKU\S-1-5-21-1114006664-966733769-2668947745-1002\...\Spotify) (Version: 1.0.53.758.gde3fc4b2 - Spotify AB)
Star Trek (HKLM-x32\...\Star Trek_is1) (Version: - Namco Bandai)
Star Trek Armada II (HKLM-x32\...\Star Trek Armada II) (Version: - )
Star Trek Bridge Commander (HKLM-x32\...\Bridge Commander) (Version: - )
Star Trek Legacy (HKLM-x32\...\{287A4E96-AC57-4A19-9B51-C5EED2EAB382}) (Version: 1.00.0000 - Bethesda Softworks)
Star Trek Online (HKLM-x32\...\Star Trek Online) (Version: - Cryptic Studios)
Star Trek Starfleet Command III (HKLM-x32\...\Star Trek Starfleet Command III) (Version: - )
Star Trek Voyager Elite Force (HKLM-x32\...\Star Trek Voyager Elite Force) (Version: - )
Star Wars Battlefront (HKLM-x32\...\{C79CB9C7-10A4-4814-8402-F574672C2192}) (Version: 1.0 - LucasArts)
Star Wars Battlefront II (HKLM-x32\...\{3D374523-CFDE-461A-827E-2A102E2AB365}) (Version: 1.0 - LucasArts)
Star Wars Battlefront II Mod Tools (HKLM-x32\...\{F7D0A1C2-9CBA-4207-8138-DE9DDBFCFAA3}) (Version: 1.0 - )
Star Wars Empire at War (HKLM-x32\...\{99AE7207-8612-4DBA-A8F8-BAE5C633390D}) (Version: 1.0 - LucasArts)
Star Wars Empire at War Forces of Corruption (HKLM-x32\...\{6592FDEC-2C1A-413A-9985-25FEC2F0848D}) (Version: 1.0 - LucasArts)
Star Wars Jedi Knight Jedi Academy (HKLM-x32\...\{1EECBA68-8BE4-4076-94DF-E9ED206B1D21}) (Version: - )
Star Wars JK II Jedi Outcast (HKLM-x32\...\{8681B1E6-CD96-46EF-9065-CE0D1085ED99}) (Version: 1.0 - LucasArts)
Star Wars Knights of the Old Republic (HKLM-x32\...\{2A9A40C7-6670-4D5F-8F41-D12E2E08B48B}) (Version: 1.0 - LucasArts)
Star Wars Movie Duels - Version 1.01 (HKU\S-1-5-21-1114006664-966733769-2668947745-1002\...\Star Wars Movie Duels - Version 1.01) (Version: - )
Star Wars Republic Commando (HKLM-x32\...\{DFAE9340-E8BB-4433-9A08-C8334DAFE1B9}) (Version: 1.0 - LucasArts)
Star Wars Starfighter (HKLM-x32\...\{0C321D1F-2262-42C2-94C5-5E5765507C72}) (Version: - )
Star Wars X-Wing Alliance (HKLM-x32\...\{7AD8FE70-1A35-492C-9AA8-E9F9C1833040}) (Version: 1.0.0.0 - LucasArts, Totally Games)
Star Wars® Knights of the Old Republic® II: The Sith Lords (HKLM-x32\...\{629F65FB-7F3C-4D66-A1C0-20722744B7B6}) (Version: 1.00.0000 - Obsidian)
Star Wars: The Force Unleashed 2 (HKLM-x32\...\Star Wars: The Force Unleashed 2_is1) (Version: 1.0 - LucasArts)
Star Wars: The Old Republic (HKLM-x32\...\{3B11D799-48E0-48ED-BFD7-EA655676D8BB}) (Version: 1.00 - Electronic Arts, Inc.)
STAR WARS™ Battlefront™ (HKLM-x32\...\{E402D891-4E45-4ce9-B41F-DD35864EF170}) (Version: 1.0.7.64833 - Electronic Arts)
STARWARS: The Battle of Endor version 2.1 (HKLM-x32\...\STARWARS: The Battle of Endor v2.1_is1) (Version: - Bruno R. Marcos)
STARWARS: The Battle of Yavin version 1.1 (HKLM-x32\...\STARWARS: The Battle of Yavin v1.1_is1) (Version: - Bruno R. Marcos)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Subtitle Edit 3.3.9 (HKLM-x32\...\SubtitleEdit_is1) (Version: 3.3.9.2149 - Nikse)
Subtitle Workshop 6.0a (HKLM-x32\...\SubtitleWorkshop) (Version: - )
SWiX 1.3.0.1927 (HKLM-x32\...\SWiX_is1) (Version: 1.3.0.1927 - RichMedia Lab, Inc.)
Synthesia (HKLM-x32\...\Synthesia) (Version: 8.5 - Synthesia LLC)
TAP-Windows 9.9.2 (HKLM\...\TAP-Windows) (Version: 9.9.2 - )
TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.47484 - TeamViewer)
Total War Shogun 2 Complete Edition version 1.1.0.0 (HKLM-x32\...\Total War Shogun 2 Complete Edition_is1) (Version: 1.1.0.0 - Sega)
ULTIMATE UNIVERSE 1.0 FULL VERSION (HKLM-x32\...\ULTIMATE UNIVERSE 1.0 FULL VERSION) (Version: - )
Unity (HKLM-x32\...\Unity) (Version: 2017.1.0f3 - Unity Technologies ApS)
Unity Web Player (HKU\S-1-5-21-1114006664-966733769-2668947745-1002\...\UnityWebPlayer) (Version: 5.0.1f1 - Unity Technologies ApS)
Unity Web Player (x64) (All users) (HKLM\...\UnityWebPlayer) (Version: 4.6.6f2 - Unity Technologies ApS)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Uplay (HKLM-x32\...\Uplay) (Version: 2.0 - Ubisoft)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.6 - VideoLAN)
vs_communitymsi (HKLM-x32\...\{A041943F-C97B-48F6-8F23-C5078F99BB3A}) (Version: 15.0.26323 - Microsoft Corporation) Hidden
vs_communitymsires (HKLM-x32\...\{1210EE60-E253-407D-B537-D36898049CF0}) (Version: 15.0.26228 - Microsoft Corporation) Hidden
vs_devenvmsi (HKLM-x32\...\{581E5656-26E2-4A02-9711-48C8E4998310}) (Version: 15.0.26208 - Microsoft Corporation) Hidden
vs_filehandler_amd64 (HKLM-x32\...\{15D591B0-7B40-4957-B6C0-EB7452B5AAB6}) (Version: 15.0.26228 - Microsoft Corporation) Hidden
vs_filehandler_x86 (HKLM-x32\...\{DC296244-0701-4EDE-9696-05B9C1D017B3}) (Version: 15.0.26228 - Microsoft Corporation) Hidden
vs_FileTracker_Singleton (HKLM-x32\...\{11230C85-1813-4BC3-9C24-E0B74B59653E}) (Version: 15.0.26208 - Microsoft Corporation) Hidden
vs_minshellinteropmsi (HKLM-x32\...\{9477F337-FD16-4ACA-8217-E2D7A0F92603}) (Version: 15.0.26301 - Microsoft Corporation) Hidden
vs_minshellmsi (HKLM-x32\...\{497A5ACE-DA03-4412-A110-910B2C450720}) (Version: 15.0.26424 - Microsoft Corporation) Hidden
vs_minshellmsires (HKLM-x32\...\{A8B77523-13AB-46B9-B54F-5483E09668F9}) (Version: 15.0.26228 - Microsoft Corporation) Hidden
Vulkan Run Time Libraries 1.0.61.0 (HKLM\...\VulkanRT1.0.61.0) (Version: 1.0.61.0 - LunarG, Inc.) Hidden
Windows 10 Update and Privacy Settings (HKLM\...\{293F2009-0145-450B-B4AA-063D43FB368C}) (Version: 1.0.13.0 - Microsoft Corporation)
Windows 7 USB/DVD Download Tool (HKLM-x32\...\{CCF298AF-9CE1-4B26-B251-486E98A34789}) (Version: 1.0.30 - Microsoft Corporation)
Windows Driver Package - Nokia pccsmcfd LegacyDriver (05/31/2012 7.1.2.0) (HKLM\...\62BBD193ADFDBB228C7E1ADB56463F5732FF7F6F) (Version: 05/31/2012 7.1.2.0 - Nokia)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation)
Windows Movie Maker 2.6 (HKLM-x32\...\{B3DAF54F-DB25-4586-9EF1-96D24BB14088}) (Version: 2.6.4037.0 - Microsoft Corporation)
Windows Phone app for desktop (HKLM-x32\...\{5F71448B-88EB-4357-9A98-8658D4C49C48}) (Version: 1.1.2726.0 - Microsoft Corporation)
WinRAR 5.40 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH)
XviD MPEG4 Video Codec (remove only) (HKLM-x32\...\XviD MPEG4 Video Codec) (Version: - )
Yamaha USB-MIDI Driver (HKLM\...\{18369253-E53F-4A47-818E-082DFB950872}) (Version: 3.1.2.3 - Yamaha Corporation) Hidden
Yamaha USB-MIDI Driver (HKLM-x32\...\InstallShield_{18369253-E53F-4A47-818E-082DFB950872}) (Version: 3.1.2.3 - Yamaha Corporation)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2017-11-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2017-11-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2017-11-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2017-11-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2017-11-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2017-11-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2017-11-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2017-11-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2017-11-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2017-11-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-12-04] (AVAST Software)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-12-04] (AVAST Software)
ShellIconOverlayIdentifiers-x32: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2017-11-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2017-11-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2017-11-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2017-11-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2017-11-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2017-11-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2017-11-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2017-11-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2017-11-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2017-11-13] (Dropbox, Inc.)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files (x86)\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-12-04] (AVAST Software)
ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2017-11-13] (Dropbox, Inc.)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-12-04] (AVAST Software)
ContextMenuHandlers3-x32: [FAExt] -> {05672D66-9736-42F5-8BEB-FA1DD3CA51C4} => C:\Program Files (x86)\FileASSASSIN\FileASSASSINExt.dll [2007-03-30] (Malwarebytes)
ContextMenuHandlers3-x32: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-08-30] (Malwarebytes)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files (x86)\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov)
ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2017-11-13] (Dropbox, Inc.)
ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2017-11-13] (Dropbox, Inc.)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2017-10-27] (NVIDIA Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files (x86)\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-12-04] (AVAST Software)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-08-30] (Malwarebytes)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {031E77E5-51E3-4DFA-AF5F-3550AD4840AE} - System32\Tasks\Opera scheduled Autoupdate 1507698360 => C:\Program Files\Opera beta\launcher.exe
Task: {07171B10-D1E6-472F-8475-9539C99E497C} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-09-19] (NVIDIA Corporation)
Task: {07D5EE9A-F01B-44C5-AA3D-1E59D8AA85CA} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-09-19] (NVIDIA Corporation)
Task: {0AE3CB06-6331-4DAB-9793-221C55A114B1} - System32\Tasks\Private Internet Access Startup => C:\Program Files\pia_manager\pia_manager.exe [2016-12-13] ()
Task: {2E881B29-E67E-4D8D-9E01-D0DFC312A421} - System32\Tasks\
[email protected] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2011-03-15] (Adobe Systems Incorporated)
Task: {33C3EB86-27D1-4D85-BD42-C231E99577E4} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.)
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe
Task: {40D21A79-C11E-4F7B-80D0-D8D9BCA5062B} - \PCDEventLauncherTask -> No File <==== ATTENTION
Task: {5C1430C3-D2F4-480E-84B3-206481069B30} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-09-19] (NVIDIA Corporation)
Task: {5CCA4E72-0DAC-4C40-846D-29C544971932} - System32\Tasks\{B0CD8B6F-6242-43D3-8875-B546A801F713} => C:\WINDOWS\system32\pcalua.exe -a E:\setup.exe -d E:\
Task: {5EAB3088-4D48-43DD-9DBD-B5EEDF0D3FDC} - System32\Tasks\Opera scheduled Autoupdate 1507698212 => C:\Program Files\Opera developer\launcher.exe
Task: {5FDCB577-9F41-4C6D-B927-DF815110B812} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.)
Task: {6A57B288-9695-4E49-AFA6-C336588D0A65} - \PCDoctorBackgroundMonitorTask -> No File <==== ATTENTION
Task: {79CCE00C-3A8C-4CFB-9DB3-C28D42FEDF9B} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2017-09-19] (NVIDIA Corporation)
Task: {7D65D85E-4861-423C-8501-286ADCD1EFD7} - \SystemToolsDailyTest -> No File <==== ATTENTION
Task: {7FE35BCB-262B-4E1D-B861-4F3D4F94039C} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2017-12-04] (AVAST Software)
Task: {85EDB8AD-49DB-49AF-B610-3C104BAC37B2} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_27_0_0_187_pepper.exe [2017-11-15] (Adobe Systems Incorporated)
Task: {8CEB30CB-96BF-49B0-8231-0C84DDB3A6CB} - System32\Tasks\{0E90B821-61CF-4670-B84D-0AD0BDC1E354} => C:\WINDOWS\system32\pcalua.exe -a E:\setup.exe -d E:\
Task: {8DC5C602-E970-4C17-A7F3-072B572EAD01} - System32\Tasks\{E26D4F8A-B245-4074-B0D7-45E249850A55} => C:\windows\system32\pcalua.exe -a L:\Setup.exe -d L:\
Task: {97DF9ADE-5DEA-4343-A9DD-0E9E625D1474} - System32\Tasks\{D2E90D36-A223-43D2-BF72-013B3FDEDF37} => C:\windows\system32\pcalua.exe -a N:\AUTORUN.EXE -d N:\
Task: {9FF85301-1228-4040-8E2A-6E4E47EF7B4B} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2017-09-19] (NVIDIA Corporation)
Task: {A24F09FC-748C-46EF-8F44-E5F18FDD20CF} - System32\Tasks\Optimize Push Notification Data File-S-1-5-21-1114006664-966733769-2668947745-1002
Task: {AA9E4978-E117-4CE6-B162-57A4F255E5A0} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2017-09-19] (NVIDIA Corporation)
Task: {AB66A1FD-DBC7-4B13-A172-FC3D8157703E} - System32\Tasks\DriverToolkit Autorun => C:\Program Files (x86)\DriverToolkit\DriverToolkit.exe
Task: {AF7C9642-6538-4E8D-9993-EB76F0C3CF77} - System32\Tasks\{C8BB1D76-9B82-4AC8-8899-C452752EC81E} => C:\WINDOWS\system32\pcalua.exe -a C:\Users\42and_000\Desktop\ACB\SETUP.EXE -d C:\Users\42and_000\Desktop\ACB
Task: {C4125301-97C7-4D2E-9E2F-B1CD6CC6C420} - System32\Tasks\Opera scheduled Autoupdate 1507517389 => C:\Program Files\Opera\launcher.exe [2017-11-23] (Opera Software)
Task: {D08D5466-46B4-4626-9FC2-62916FFD45F2} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-09-19] (NVIDIA Corporation)
Task: {D4ABA7B0-7F5F-4E60-B594-6BD305CBA834} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\WINDOWS\explorer.exe /NOUACCHECK
Task: {DA0B26F9-7B18-4F9C-9809-DD255709AB71} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-11-04] (Dropbox, Inc.)
Task: {E0F979F7-A34A-42B0-86CE-3918EE0B1621} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2017-11-14] (Microsoft Corporation)
Task: {E56F63D1-DAB8-47F5-AAE1-D7B8030A9254} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-11-15] (Adobe Systems Incorporated)
Task: {E6E5D858-7D5C-4087-8E6F-AD3374AD88AD} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-11-04] (Dropbox, Inc.)
Task: {EAA72F0D-2F61-44D2-81CC-639887CAA2CE} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe
Task: {FDD1D40E-E731-40C9-A430-F4FBF2239F4F} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-09-19] (NVIDIA Corporation)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\DriverToolkit Autorun.job => C:\Program Files (x86)\DriverToolkit\DriverToolkit.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
==================== Loaded Modules (Whitelisted) ==============
2017-03-18 14:58 - 2017-03-18 14:58 - 000138000 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2017-01-13 12:56 - 2017-01-13 12:56 - 000092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2017-10-18 23:51 - 2017-10-18 23:51 - 001356088 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2016-09-09 09:27 - 2017-09-19 01:23 - 001267136 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
2013-11-06 17:03 - 2012-09-11 23:14 - 000390672 _____ () C:\Program Files\CyberLink\Shared files\RichVideo64.exe
2017-03-18 14:59 - 2017-03-18 20:31 - 001731072 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-11-30 11:58 - 2017-11-30 11:59 - 000087040 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.9.604.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2017-11-30 11:58 - 2017-11-30 11:59 - 000202752 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.9.604.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2017-11-30 11:58 - 2017-11-30 11:59 - 025600000 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.9.604.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2017-11-30 11:58 - 2017-11-30 11:59 - 002546176 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.9.604.0_x64__kzf8qxf38zg5c\skypert.dll
2017-11-23 18:18 - 2017-11-23 18:18 - 102314792 _____ () C:\Program Files\Opera\49.0.2725.47\opera_browser.dll
2017-11-23 18:18 - 2017-11-23 18:18 - 004328744 _____ () C:\Program Files\Opera\49.0.2725.47\libglesv2.dll
2017-11-23 18:18 - 2017-11-23 18:18 - 000109352 _____ () C:\Program Files\Opera\49.0.2725.47\libegl.dll
2017-12-04 02:20 - 2017-12-04 02:20 - 000067408 _____ () C:\Program Files\AVAST Software\Avast\x64\module_lifetime.dll
2017-12-04 02:20 - 2017-12-04 02:20 - 000169832 _____ () c:\Program Files\AVAST Software\Avast\x64\vaarclient.dll
2017-12-04 02:20 - 2017-12-04 02:20 - 000859216 _____ () C:\Program Files\AVAST Software\Avast\x64\ffl2.dll
2017-12-04 02:20 - 2017-12-04 02:20 - 000292408 _____ () c:\Program Files\AVAST Software\Avast\x64\StreamBack.dll
2017-12-04 02:20 - 2017-12-04 02:20 - 000059040 _____ () c:\program files\avast software\avast\module_lifetime.dll
2017-12-04 02:20 - 2017-12-04 02:20 - 000167096 _____ () c:\program files\avast software\avast\JsonRpcServer.dll
2017-12-04 02:20 - 2017-12-04 02:20 - 000237808 _____ () c:\program files\avast software\avast\event_routing_rpc.dll
2017-12-04 02:20 - 2017-12-04 02:20 - 000244584 _____ () c:\program files\avast software\avast\tasks_core.dll
2017-12-04 02:20 - 2017-12-04 02:20 - 000151104 _____ () c:\program files\avast software\avast\network_notifications.dll
2017-12-04 06:44 - 2017-12-04 06:44 - 005892848 _____ () c:\program files\avast software\avast\defs\17120402\algo.dll
2017-12-04 02:20 - 2017-12-04 02:20 - 000710056 _____ () c:\program files\avast software\avast\ffl2.dll
2017-12-04 02:20 - 2017-12-04 02:20 - 000245608 _____ () c:\program files\avast software\avast\streamback.dll
2017-12-04 02:21 - 2017-12-04 02:21 - 067109376 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2017-12-04 02:20 - 2017-12-04 02:20 - 000235816 _____ () C:\Program Files\AVAST Software\Avast\gaming_mode_ui.dll
2016-09-09 09:27 - 2017-09-19 01:23 - 001040320 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\Users\42and_000\10330385_237685733099680_313928488603830953_n.jpg:com.dropbox.attributes [420]
AlternateDataStreams: C:\Users\42and_000\Desktop\20938980_1456695624423251_131122973_n2.jpg:SummaryInformation [151]
AlternateDataStreams: C:\Users\42and_000\Desktop\20938980_1456695624423251_131122973_n2.jpg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} [0]
AlternateDataStreams: C:\Users\42and_000\Desktop\23030585_358391741282334_451577503_o.png:SummaryInformation [151]
AlternateDataStreams: C:\Users\42and_000\Desktop\23030585_358391741282334_451577503_o.png:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} [0]
AlternateDataStreams: C:\Users\42and_000\Desktop\23030585_358391741282334_451577503_o2.jpg:SummaryInformation [151]
AlternateDataStreams: C:\Users\42and_000\Desktop\23030585_358391741282334_451577503_o2.jpg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} [0]
AlternateDataStreams: C:\Users\42and_000\Desktop\23030585_358391741282334_451577503_o2.png:SummaryInformation [151]
AlternateDataStreams: C:\Users\42and_000\Desktop\23030585_358391741282334_451577503_o2.png:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} [0]
AlternateDataStreams: C:\Users\42and_000\Desktop\3UXLAel6.png:SummaryInformation [151]
AlternateDataStreams: C:\Users\42and_000\Desktop\3UXLAel6.png:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} [0]
AlternateDataStreams: C:\Users\42and_000\Desktop\Kano.Shuuya.full.1657364.jpg:SummaryInformation [151]
AlternateDataStreams: C:\Users\42and_000\Desktop\Kano.Shuuya.full.1657364.jpg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} [0]
AlternateDataStreams: C:\Users\42and_000\AppData\Local\502bQYMSiDBnU:P7lrltusurS8nfBeuJPJ2 [2082]
AlternateDataStreams: C:\ProgramData\Temp:BF3D62E7 [135]
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\57912081.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\57912081.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
HKU\S-1-5-21-1114006664-966733769-2668947745-1002\Software\Classes\exefile: <==== ATTENTION
HKU\S-1-5-21-1114006664-966733769-2668947745-1002\Software\Classes\.exe: exefile => <==== ATTENTION
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\S-1-5-21-1114006664-966733769-2668947745-1002\...\radicalplay.com -> radicalplay.com
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2013-08-22 07:25 - 2017-09-28 16:02 - 000000822 _____ C:\WINDOWS\system32\Drivers\etc\hosts
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-1114006664-966733769-2668947745-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\42and_000\Desktop\3UXLAel6.png
HKU\S-1-5-21-1114006664-966733769-2668947745-1059\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
HKLM\...\StartupApproved\Run: => "SecurityHealth"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run: => "ShadowPlay"
HKLM\...\StartupApproved\Run32: => "AdobeCS5.5ServiceManager"
HKLM\...\StartupApproved\Run32: => "SwitchBoard"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "APSDaemon"
HKLM\...\StartupApproved\Run32: => "Dropbox"
HKLM\...\StartupApproved\Run32: => "AdobeAAMUpdater-1.0"
HKU\S-1-5-21-1114006664-966733769-2668947745-1002\...\StartupApproved\StartupFolder: => "hide.me VPN.lnk"
HKU\S-1-5-21-1114006664-966733769-2668947745-1002\...\StartupApproved\Run: => "CyberGhost"
HKU\S-1-5-21-1114006664-966733769-2668947745-1002\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-1114006664-966733769-2668947745-1002\...\StartupApproved\Run: => "Spotify Web Helper"
HKU\S-1-5-21-1114006664-966733769-2668947745-1002\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-1114006664-966733769-2668947745-1002\...\StartupApproved\Run: => "CCleaner Monitoring"
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [UDP Query User{31944E41-46E3-4CD0-B630-4B2E01A5FECF}C:\program files (x86)\defcon\defcon.exe] => (Allow) C:\program files (x86)\defcon\defcon.exe
FirewallRules: [TCP Query User{80011CF7-CF83-4940-823B-21D17276A3AB}C:\program files (x86)\defcon\defcon.exe] => (Allow) C:\program files (x86)\defcon\defcon.exe
FirewallRules: [{89AF760E-B11B-47E0-991A-89F01C0B2287}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{B7258AEE-7B42-461C-8A18-238E5923300B}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{0912EBEF-F88C-4375-9D93-E78653A9F81F}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{728E53FA-11A8-49AE-AACA-F10777139516}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [UDP Query User{1CA73DA3-8715-4AE2-B620-9F129C3BE01B}C:\program files (x86)\the elder scrolls v skyrim special edition\creationkit.exe] => (Allow) C:\program files (x86)\the elder scrolls v skyrim special edition\creationkit.exe
FirewallRules: [TCP Query User{68BB0F8D-2A8F-4694-9D25-D3C458B8FE25}C:\program files (x86)\the elder scrolls v skyrim special edition\creationkit.exe] => (Allow) C:\program files (x86)\the elder scrolls v skyrim special edition\creationkit.exe
FirewallRules: [{D4B0F2F6-4405-4209-B06D-866C256C0FDA}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{7B714758-26F7-4C7E-85AE-73650BA7B86F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{B0997905-728A-4A6E-A75F-7D87D8DCC8FF}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe
FirewallRules: [{4F94FDB1-B2B8-413C-A922-1EF4E1DD1D83}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe
FirewallRules: [{48BB4C40-A85F-4C3C-A1EA-7CABD396A928}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{311097BA-E2FE-4324-A35D-6128FDEBCB23}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [UDP Query User{3281A46C-9F1A-43D0-9F39-924C3AA8076C}C:\program files (x86)\the elder scrolls v skyrim\creationkit.exe] => (Allow) C:\program files (x86)\the elder scrolls v skyrim\creationkit.exe
FirewallRules: [TCP Query User{0AB5D140-8A4A-4CFF-B4CA-1EFA4158F872}C:\program files (x86)\the elder scrolls v skyrim\creationkit.exe] => (Allow) C:\program files (x86)\the elder scrolls v skyrim\creationkit.exe
FirewallRules: [UDP Query User{BF694BDD-9F45-44FA-BAF5-42B9CB680DCF}C:\program files (x86)\sega\total war shogun 2 complete edition\shogun2.exe] => (Allow) C:\program files (x86)\sega\total war shogun 2 complete edition\shogun2.exe
FirewallRules: [TCP Query User{A2E65622-971B-47DB-85A2-1C85256D1CE4}C:\program files (x86)\sega\total war shogun 2 complete edition\shogun2.exe] => (Allow) C:\program files (x86)\sega\total war shogun 2 complete edition\shogun2.exe
FirewallRules: [UDP Query User{A9B0FBC1-3F9D-4A06-967D-DC979CB0B569}C:\users\42and_000\appdata\roaming\gameranger\gameranger\gameranger.exe] => (Allow) C:\users\42and_000\appdata\roaming\gameranger\gameranger\gameranger.exe
FirewallRules: [TCP Query User{9606BCF1-DAFE-4796-AC0A-366DF96DE6A0}C:\users\42and_000\appdata\roaming\gameranger\gameranger\gameranger.exe] => (Allow) C:\users\42and_000\appdata\roaming\gameranger\gameranger\gameranger.exe
FirewallRules: [UDP Query User{0096EFC7-C422-4AF1-8F43-2718761267BA}C:\windows\syswow64\dplaysvr.exe] => (Allow) C:\windows\syswow64\dplaysvr.exe
FirewallRules: [TCP Query User{32F39DE5-AAF6-4A03-BAA4-080B1DE28222}C:\windows\syswow64\dplaysvr.exe] => (Allow) C:\windows\syswow64\dplaysvr.exe
FirewallRules: [{B506CAC2-510D-46CA-BDD3-C64926E188B8}] => (Allow) %ProgramFiles% (x86)\Microsoft Games\Age of Empires II\age2_x1\age2_x1sp.exe
FirewallRules: [{824562AA-97E9-4A25-9245-63F4FB3D4D16}] => (Allow) %ProgramFiles% (x86)\Microsoft Games\Age of Empires II\age2_x1\age2_x1.exe
FirewallRules: [{AAAF1CF7-6E78-4723-B619-048FF42568E8}] => (Allow) %ProgramFiles% (x86)\Microsoft Games\Age of Empires II\empires2.EXE
FirewallRules: [{4C7975D4-3F91-4FF1-ADF2-EEC16FA809E7}] => (Allow) %ProgramFiles% (x86)\Microsoft Games\Age of Empires II\empires2.EXE
FirewallRules: [UDP Query User{5A4CB663-EFB1-4721-A801-344105973368}C:\program files (x86)\microsoft games\age of empires ii\age2_x1\age2_x1.exe] => (Allow) C:\program files (x86)\microsoft games\age of empires ii\age2_x1\age2_x1.exe
FirewallRules: [TCP Query User{CD55A054-57B5-4F5A-8A4E-6050636C33C2}C:\program files (x86)\microsoft games\age of empires ii\age2_x1\age2_x1.exe] => (Allow) C:\program files (x86)\microsoft games\age of empires ii\age2_x1\age2_x1.exe
FirewallRules: [{4AC1ECC8-C9D5-4A65-8D2C-467B891DD49A}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{344E8CFE-14F2-4642-9E29-E071CEE9DA1C}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [UDP Query User{AA481A76-140F-447F-8A08-F1A26E44FDB2}C:\program files (x86)\java\jre1.8.0_45\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_45\bin\javaw.exe
FirewallRules: [TCP Query User{419711D2-0DEA-4B6A-B019-E6BCCB896590}C:\program files (x86)\java\jre1.8.0_45\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_45\bin\javaw.exe
FirewallRules: [{5A8ECBED-9B8D-4891-9433-076AB2CCAFB1}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{8488FCF4-3D59-463E-A964-CA27B8696D42}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{5B6A8D6D-AD7C-485E-AF7F-9A71F56E9A1B}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{25D54588-647C-4A2B-8239-B929FA33BE54}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{488B6A5C-4980-4B45-803E-9DD7E87A6126}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{31873E7E-73A6-4D32-96D0-DEE78457E3DF}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [UDP Query User{1E45D5E4-04D2-45D2-8980-6EA01642F7DB}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [TCP Query User{9C0E3D3E-D2AF-4D0B-9364-24D3BFFE714E}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{49DC6ABB-BDE0-4A04-B98B-2F4DCCCC7A55}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{F44BB509-211D-456A-B8D9-55D3FF18A825}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [UDP Query User{A6A2566A-1B4E-41EE-B018-468358969B97}C:\program files (x86)\mozilla firefox\plugin-container.exe] => (Block) C:\program files (x86)\mozilla firefox\plugin-container.exe
FirewallRules: [TCP Query User{866FFF0C-8B42-4DE8-BBE9-176C9DCA4F0C}C:\program files (x86)\mozilla firefox\plugin-container.exe] => (Block) C:\program files (x86)\mozilla firefox\plugin-container.exe
FirewallRules: [UDP Query User{71F62694-A889-46D0-A446-1628A33FEBD7}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [TCP Query User{02F55BC1-6986-4BFD-BD6F-FF9875B96030}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{978F2293-0C11-4003-A94D-77F1ED02AAD2}C:\program files (x86)\sketchup\sketchup 2013\sketchup.exe] => (Block) C:\program files (x86)\sketchup\sketchup 2013\sketchup.exe
FirewallRules: [TCP Query User{3F0BE251-1926-4E46-9F99-7C48FDA406B5}C:\program files (x86)\sketchup\sketchup 2013\sketchup.exe] => (Block) C:\program files (x86)\sketchup\sketchup 2013\sketchup.exe
FirewallRules: [UDP Query User{AA645256-EE1C-4EF9-AB0E-FDFF26C935F5}C:\program files (x86)\lucasarts\star wars republic commando\gamedata\system\swrepubliccommando.exe] => (Allow) C:\program files (x86)\lucasarts\star wars republic commando\gamedata\system\swrepubliccommando.exe
FirewallRules: [TCP Query User{2A36AA44-0689-4E25-AC78-B1FA9166604D}C:\program files (x86)\lucasarts\star wars republic commando\gamedata\system\swrepubliccommando.exe] => (Allow) C:\program files (x86)\lucasarts\star wars republic commando\gamedata\system\swrepubliccommando.exe
FirewallRules: [{01B441D5-DE3C-42F9-9DE4-009A9EEB705D}] => (Allow) C:\Program Files (x86)\LucasArts\Star Wars Empire at War\GameData\sweaw.exe
FirewallRules: [{F0CC5957-4D9A-4AB4-9CB7-77816713C086}] => (Allow) C:\Program Files (x86)\LucasArts\Star Wars Empire at War\GameData\sweaw.exe
FirewallRules: [{13534C15-2F5E-4B44-9A64-2858A2A94BC8}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{63C0FCE2-80C4-419C-B7A9-D921EED35161}] => (Allow) LPort=2869
FirewallRules: [{482689C2-CB09-4082-9C7D-D8DF9469765F}] => (Allow) LPort=1900
FirewallRules: [{669461A9-A60E-438E-B8ED-972C1B0C8F5A}] => (Allow) C:\Program Files (x86)\LucasArts\Star Wars Republic Commando\GameData\System\SWRepublicCommando.exe
FirewallRules: [{BDF0A02C-A0F2-4E85-A0BC-8856D25A9583}] => (Allow) C:\Program Files (x86)\LucasArts\Star Wars Republic Commando\GameData\System\SWRepublicCommando.exe
FirewallRules: [{3BFC1EE3-BDE1-438E-AA08-972214ACBDBD}] => (Allow) C:\Program Files (x86)\LucasArts\Star Wars JK II Jedi Outcast\GameData\jk2mp.exe
FirewallRules: [{62F9CB89-0417-4C2A-AE23-70A0217AD053}] => (Allow) C:\Program Files (x86)\LucasArts\Star Wars JK II Jedi Outcast\GameData\jk2mp.exe
FirewallRules: [TCP Query User{5B96A38B-148B-4069-B968-B5B43E6D1E46}J:\games\star wars jedi knight jedi academy\gamedata\jamp.exe] => (Allow) J:\games\star wars jedi knight jedi academy\gamedata\jamp.exe
FirewallRules: [UDP Query User{C4E0202C-E882-4160-AB4B-56FEF952F9A8}J:\games\star wars jedi knight jedi academy\gamedata\jamp.exe] => (Allow) J:\games\star wars jedi knight jedi academy\gamedata\jamp.exe
FirewallRules: [TCP Query User{AFB95CDD-4D2A-4086-BE4E-CFC6109FB159}C:\users\public\games\cryptic studios\star trek online\live\gameclient.exe] => (Allow) C:\users\public\games\cryptic studios\star trek online\live\gameclient.exe
FirewallRules: [UDP Query User{8DBFDF8E-46EB-4400-A608-8191DE3D9A69}C:\users\public\games\cryptic studios\star trek online\live\gameclient.exe] => (Allow) C:\users\public\games\cryptic studios\star trek online\live\gameclient.exe
FirewallRules: [TCP Query User{2777E010-F98C-416B-A63D-95372533D09A}C:\users\public\games\cryptic studios\star trek online\live\gameclient.exe] => (Allow) C:\users\public\games\cryptic studios\star trek online\live\gameclient.exe
FirewallRules: [UDP Query User{8B2C47E4-C4BF-47BA-8C9C-90364C1D7B03}C:\users\public\games\cryptic studios\star trek online\live\gameclient.exe] => (Allow) C:\users\public\games\cryptic studios\star trek online\live\gameclient.exe
FirewallRules: [TCP Query User{9CE65CF5-8760-4003-8DE9-4ED2A6A4886C}C:\users\42and_000\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\42and_000\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{713C721F-EA0A-4C12-86C0-5E8D06ABB26B}C:\users\42and_000\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\42and_000\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{0FAC354D-12AF-4942-A8EE-613F16A46829}C:\program files (x86)\lucasarts\star wars jedi knight jedi academy\gamedata\jamp.exe] => (Allow) C:\program files (x86)\lucasarts\star wars jedi knight jedi academy\gamedata\jamp.exe
FirewallRules: [UDP Query User{7F45C813-FBBA-49B7-92A6-79C4B5A5BD41}C:\program files (x86)\lucasarts\star wars jedi knight jedi academy\gamedata\jamp.exe] => (Allow) C:\program files (x86)\lucasarts\star wars jedi knight jedi academy\gamedata\jamp.exe
FirewallRules: [TCP Query User{5E7FC8AF-A9EB-441C-A0AA-D59A684FA5D3}C:\program files (x86)\origin games\star wars battlefront\starwarsbattlefront.exe] => (Allow) C:\program files (x86)\origin games\star wars battlefront\starwarsbattlefront.exe
FirewallRules: [UDP Query User{F589335B-A5B5-4384-A45C-71BD28CD9E18}C:\program files (x86)\origin games\star wars battlefront\starwarsbattlefront.exe] => (Allow) C:\program files (x86)\origin games\star wars battlefront\starwarsbattlefront.exe
FirewallRules: [{9ECC10A6-6F48-4502-BA1D-E5F838E49C80}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{0DA814B1-A64D-4379-A2BA-80621D81BF76}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{12BF3E26-DB53-4884-BAA7-31B3ABD3F3B0}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{2BFF146C-10F7-415B-80A4-26BBE55EF3B9}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{ECDD5EEC-72BF-43CB-AC91-4E2D9B01B240}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [TCP QUERY USER{442E1BB4-851A-4EF0-9C81-1E45696E0B18}C:\PROGRAM FILES (X86)\LUCASARTS\STAR WARS BATTLEFRONT II\GAMEDATA\BATTLEFRONTII.EXE] => (Allow) C:\program files (x86)\lucasarts\star wars battlefront ii\gamedata\battlefrontii.exe
FirewallRules: [UDP QUERY USER{7CCE5D78-B3C5-4FE9-8D76-3D8A976A13C4}C:\PROGRAM FILES (X86)\LUCASARTS\STAR WARS BATTLEFRONT II\GAMEDATA\BATTLEFRONTII.EXE] => (Allow) C:\program files (x86)\lucasarts\star wars battlefront ii\gamedata\battlefrontii.exe
FirewallRules: [{DD7FB31E-480B-45CC-A1E2-4410323F5C9C}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{143BB080-708D-4DCB-8F90-AFF07D404126}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{66EC4B88-212B-4463-9BD8-75AF4708EE35}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{BBA3593C-18C9-41F6-B6B9-9536C8D06B63}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{C3DF09E3-EEFE-4635-8502-B20AE29CA4A1}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
FirewallRules: [{2D5BB540-B38C-42FA-BB44-D3949373CDE4}] => (Allow) C:\Program Files\Opera\49.0.2725.39\opera.exe
FirewallRules: [{5165F6E7-DB9B-4C59-B27E-12B7ED584401}] => (Allow) C:\Program Files\Opera\49.0.2725.47\opera.exe
FirewallRules: [{B39EBEDC-ECF9-47FB-B300-EB8BB4DFED0A}] => (Allow) E:\Games\Fallout 3\GeMM\fomm.exe
FirewallRules: [{482CB31E-9B69-4565-A388-78E3BF90618E}] => (Allow) E:\Games\Fallout 3\GeMM\fomm.exe
==================== Restore Points =========================
01-12-2017 19:17:22 Removed The Saboteur™
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (12/04/2017 02:35:49 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program PCHunter64.exe version 1.0.0.4 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.
Process ID: 1790
Start Time: 01d36cda6a424240
Termination Time: 36518
Application Path: C:\Users\42and_000\Desktop\PCHunter_free\PCHunter64.exe
Report Id: 31bfe097-7bee-41f0-bf37-401d9760dd6c
Faulting package full name:
Faulting package-relative application ID:
Error: (12/04/2017 02:08:09 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: WINDOWS-M8GK56L)
Description: Activation of app Microsoft.XboxApp_8wekyb3d8bbwe!Microsoft.XboxApp failed with error: -2144927141 See the Microsoft-Windows-TWinUI/Operational log for additional information.
Error: (12/04/2017 01:23:32 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: {2766CA96-764D-4783-A691-63EFB66419B2}.exe, version: 3.1.0.15, time stamp: 0x58f5cf94
Faulting module name: {2766CA96-764D-4783-A691-63EFB66419B2}.exe, version: 3.1.0.15, time stamp: 0x58f5cf94
Exception code: 0x40000015
Fault offset: 0x0014376c
Faulting process id: 0x157c
Faulting application start time: 0x01d36ccf7c1ae72e
Faulting application path: C:\Users\42AND_~1\AppData\Local\Temp\{6D26E628-F8D5-40E7-852A-535A2EF285E6}\{2766CA96-764D-4783-A691-63EFB66419B2}.exe
Faulting module path: C:\Users\42AND_~1\AppData\Local\Temp\{6D26E628-F8D5-40E7-852A-535A2EF285E6}\{2766CA96-764D-4783-A691-63EFB66419B2}.exe
Report Id: 5ceb878d-2bbc-454b-8ab8-13a6ab7bcb5f
Faulting package full name:
Faulting package-relative application ID:
Error: (12/04/2017 01:01:29 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program PCHunter64.exe version 1.0.0.4 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.
Process ID: 2140
Start Time: 01d36ccd7c9effa4
Termination Time: 18
Application Path: C:\Users\42and_000\Desktop\PCHunter_free\PCHunter64.exe
Report Id: 9406c88b-8ee1-44a0-9206-4f4ddc007548
Faulting package full name:
Faulting package-relative application ID:
Error: (12/04/2017 12:59:48 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program PCHunter64.exe version 1.0.0.4 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.
Process ID: 27bc
Start Time: 01d36ccd003bd2b7
Termination Time: 20
Application Path: C:\Users\42and_000\Desktop\PCHunter_free\PCHunter64.exe
Report Id: 45c82682-910e-445c-a37b-d205e4f08e68
Faulting package full name:
Faulting package-relative application ID:
Error: (12/04/2017 12:41:55 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: f9lpic3r.exe, version: 2.2.19882.0, time stamp: 0x56e2cdca
Faulting module name: f9lpic3r.exe, version: 2.2.19882.0, time stamp: 0x56e2cdca
Exception code: 0xc0000005
Fault offset: 0x0008de57
Faulting process id: 0xab8
Faulting application start time: 0x01d36cca5e6b4d7e
Faulting application path: C:\Users\42and_000\Desktop\f9lpic3r.exe
Faulting module path: C:\Users\42and_000\Desktop\f9lpic3r.exe
Report Id: a0fd21fa-52e4-4fcf-8322-d886bf88d176
Faulting package full name:
Faulting package-relative application ID:
Error: (12/03/2017 10:00:41 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: mbamservice.exe, version: 3.1.0.556, time stamp: 0x5988c3f1
Faulting module name: mbamservice.exe, version: 3.1.0.556, time stamp: 0x5988c3f1
Exception code: 0xc0000005
Fault offset: 0x00000000001b6596
Faulting process id: 0xae8
Faulting application start time: 0x01d36cb471727726
Faulting application path: C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
Faulting module path: C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
Report Id: 00b6d75a-726f-45f6-b0d2-19066499aa62
Faulting package full name:
Faulting package-relative application ID:
Error: (12/03/2017 09:52:33 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: mbamservice.exe, version: 3.1.0.556, time stamp: 0x5988c3f1
Faulting module name: mbamservice.exe, version: 3.1.0.556, time stamp: 0x5988c3f1
Exception code: 0xc0000005
Fault offset: 0x00000000001b6596
Faulting process id: 0x1640
Faulting application start time: 0x01d36cb350c447ef
Faulting application path: C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
Faulting module path: C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
Report Id: c4963f20-0041-4d65-aada-114dca6a69a5
Faulting package full name:
Faulting package-relative application ID:
Error: (12/02/2017 09:25:19 PM) (Source: MsiInstaller) (EventID: 11712) (User: WINDOWS-M8GK56L)
Description: Product: Windows 7 USB/DVD Download Tool -- Error 1712. One or more of the files required to restore your computer to its previous state could not be found. Restoration will not be possible.
Error: (12/02/2017 09:25:19 PM) (Source: MsiInstaller) (EventID: 11712) (User: WINDOWS-M8GK56L)
Description: Product: Windows 7 USB/DVD Download Tool -- Error 1712. One or more of the files required to restore your computer to its previous state could not be found. Restoration will not be possible.
System errors:
=============
Error: (12/04/2017 04:10:43 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Origin Web Helper Service service failed to start due to the following error:
The service did not respond to the start or control request in a timely fashion.
Error: (12/04/2017 04:10:43 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Origin Web Helper Service service to connect.
Error: (12/04/2017 04:10:42 PM) (Source: BugCheck) (EventID: 1001) (User: )
Description: The computer has rebooted from a bugcheck. The bugcheck was: 0x000000d1 (0xffff820129971010, 0x00000000000000ff, 0x0000000000000000, 0xfffff80037738bc8). A dump was saved in: C:\WINDOWS\MEMORY.DMP. Report Id: d03f8225-3209-49a1-8a28-227937f7dba9.
Error: (12/04/2017 04:10:14 PM) (Source: DCOM) (EventID: 10016) (User: WINDOWS-M8GK56L)
Description: The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID
{7022A3B3-D004-4F52-AF11-E9E987FEE25F}
and APPID
{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}
to the user WINDOWS-M8GK56L\Isaac SID (S-1-5-21-1114006664-966733769-2668947745-1002) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (12/04/2017 04:10:13 PM) (Source: DCOM) (EventID: 10016) (User: WINDOWS-M8GK56L)
Description: The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID
{7022A3B3-D004-4F52-AF11-E9E987FEE25F}
and APPID
{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}
to the user WINDOWS-M8GK56L\Isaac SID (S-1-5-21-1114006664-966733769-2668947745-1002) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (12/04/2017 04:09:59 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The CldFlt service failed to start due to the following error:
The request is not supported.
Error: (12/04/2017 04:09:59 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 4:07:57 PM on 12/4/2017 was unexpected.
Error: (12/04/2017 12:09:04 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Origin Web Helper Service service failed to start due to the following error:
The service did not respond to the start or control request in a timely fashion.
Error: (12/04/2017 12:09:04 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Origin Web Helper Service service to connect.
Error: (12/04/2017 12:08:02 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The CldFlt service failed to start due to the following error:
The request is not supported.
CodeIntegrity:
===================================
Date: 2017-12-04 02:17:35.869
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-12-04 02:17:35.867
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-12-04 01:49:21.491
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-12-04 01:49:21.489
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-12-04 01:33:22.759
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-12-04 01:33:22.757
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-12-04 01:26:30.228
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-12-04 01:26:30.226
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-12-04 00:56:05.513
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-12-04 00:56:05.511
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
==================== Memory info ===========================
Processor: Intel® Core i5-3350P CPU @ 3.10GHz
Percentage of memory in use: 42%
Total physical RAM: 8153.03 MB
Available physical RAM: 4688.48 MB
Total Virtual: 12751.03 MB
Available Virtual: 9034.57 MB
==================== Drives ================================
Drive c: (OS) (Fixed) (Total:921.07 GB) (Free:64.45 GB) NTFS
Drive d: (WINRETOOLS) (Fixed) (Total:2 GB) (Free:1.27 GB) NTFS
Drive e: () (Fixed) (Total:465.76 GB) (Free:42.65 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: AB297F61)
Partition: GPT.
==================== End of Addition.txt ============================