Solved Prsetup.exe malware tries to run at startup

B

Brad Aarssen

Posts: 19   +0
Every time I startup my pc a window pops up asking to run prsetup.exe.
I use panda free antivirus, ran a scan and it found nothing.
here are the logs from FRST

FRST.txt

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:04-10-2015
Ran by Brad (administrator) on GAMING_RIG (03-12-2016 09:46:08)
Running from C:\Users\Brad\Desktop\techspot help
Loaded Profiles: Brad (Available Profiles: Brad)
Platform: Windows 10 Home (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool:

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
(ASUS Cloud Corporation) C:\Program Files (x86)\ASUS\WebStorage\2.1.1.265\AsusWSWinService.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
(Visicom Media Inc.) C:\Program Files\Panda Security URL Filtering\Panda_URL_Filteringb.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
() C:\Program Files\CyberLink\Shared files\RichVideo64.exe
(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAService.exe
(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe
Failed to access process -> Memory Compression
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
() C:\Program Files (x86)\ASUS\ASUS Manager\PC Cleanup\SecureDeleteBackground.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Manager\AsHKService.exe
(ASUSTeK) C:\Program Files (x86)\ASUS\ASUS Manager\Ai Charger II\Ai_ChargerII_TrayIcon(ASUS_Manager).exe
(ASUSTeK) C:\Program Files (x86)\ASUS\ASUS Manager\Power Manager\Power Manager_background.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\InstallShield Installation Information\{9AF45D7C-34F1-4BA0-B799-825C8C04494C}\AiChargerDT.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.9.261.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Curse, Inc) C:\Users\Brad\AppData\Roaming\Curse Client\Bin\Curse.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-Agent.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvspcaps64.exe
(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe
() C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.winxp\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Microsoft Corporation) C:\Windows\System32\LocationNotificationWindows.exe
(MAGIX AG) C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
(Curse, Inc.) C:\Users\Brad\AppData\Roaming\Curse Client\Bin\Electron\CurseUI.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Curse, Inc.) C:\Users\Brad\AppData\Roaming\Curse Client\Bin\Electron\CurseUI.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Curse, Inc.) C:\Users\Brad\AppData\Roaming\Curse Client\Bin\Electron\CurseUI.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Curse, Inc.) C:\Users\Brad\AppData\Roaming\Curse Client\Bin\Electron\CurseUI.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8492800 2015-06-24] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1402624 2015-06-24] (Realtek Semiconductor)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2787264 2016-01-11] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => "C:\WINDOWS\system32\rundll32.exe" C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [176440 2016-10-13] (Apple Inc.)
HKLM-x32\...\Run: [ASUSPRP] => C:\Program Files (x86)\ASUS\APRP\APRP.EXE [3216032 2014-09-11] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [WebStorage] => C:\Program Files (x86)\ASUS\WebStorage\2.2.0.496\ASUSWSLoader.exe [63272 2015-02-12] ()
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1021128 2014-12-03] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\BlueStacks\HD-Agent.exe [888344 2016-01-07] (BlueStack Systems, Inc.)
HKLM-x32\...\Run: [PSUAMain] => C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe [54520 2015-10-22] (Panda Security, S.L.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [595504 2016-01-29] (Oracle Corporation)
HKU\S-1-5-21-87857065-1652397247-1537311187-1002\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2860832 2016-10-12] (Valve Corporation)
HKU\S-1-5-21-87857065-1652397247-1537311187-1002\...\Run: [GoogleChromeAutoLaunch_486A54232E7A6A76188CD6D03A70FC2E] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [921192 2016-11-08] (Google Inc.)
HKU\S-1-5-21-87857065-1652397247-1537311187-1002\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27011712 2016-10-17] (Skype Technologies S.A.)
HKU\S-1-5-21-87857065-1652397247-1537311187-1002\...\Run: [prsetup.exe] => C:\Users\Brad\AppData\Local\Temp\is-EVQ74.tmp\prsetup.exe [538747 2016-08-20] (Systemax ) <===== ATTENTION
SSODL: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\system32\CbFsMntNtf3.dll (EldoS Corporation)
SSODL-x32: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\SysWow64\CbFsMntNtf3.dll (EldoS Corporation)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7191} => C:\Program Files (x86)\Common Files\AWS\2.2.0.496\ASUSWSShellExt64.dll [2014-11-18] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D809} => C:\Program Files (x86)\Common Files\AWS\2.2.0.496\ASUSWSShellExt64.dll [2014-11-18] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_U] -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4E} => C:\Program Files (x86)\Common Files\AWS\2.2.0.496\ASUSWSShellExt64.dll [2014-11-18] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [EldosIconOverlay] -> {5BB532A2-BF14-4CCC-86B7-71B81EF6F8BC} => C:\Windows\system32\CbFsMntNtf3.dll [2012-04-09] (EldoS Corporation)
ShellIconOverlayIdentifiers-x32: [EldosIconOverlay] -> {5BB532A2-BF14-4CCC-86B7-71B81EF6F8BC} => C:\Windows\SysWow64\CbFsMntNtf3.dll [2012-04-09] (EldoS Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Audible Download Manager.lnk [2015-03-14]
ShortcutTarget: Audible Download Manager.lnk -> C:\Program Files (x86)\Audible\Bin\AudibleDownloadHelper.exe (Audible, Inc.)
Startup: C:\Users\Brad\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Curse.lnk [2016-10-02]
ShortcutTarget: Curse.lnk -> C:\Users\Brad\AppData\Roaming\Curse Client\Bin\Curse.exe (Curse, Inc)
GroupPolicyScripts-x32: Restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{2ac45ed6-4c79-46ec-b1cd-af5947581d19}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{6d5ed102-63f8-4d9c-8f1e-8f325a48d2b4}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{99d036a0-bcc9-405f-b387-821e1b72cf68}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKU\S-1-5-21-87857065-1652397247-1537311187-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus13.msn.com/?pc=ASJB
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-87857065-1652397247-1537311187-1002 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_73\bin\ssv.dll [2016-02-29] (Oracle Corporation)
BHO: Panda Security Toolbar -> {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} -> C:\Program Files (x86)\pandasecuritytb\pandasecurityDx64.dll [2015-10-05] ()
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_73\bin\jp2ssv.dll [2016-02-29] (Oracle Corporation)
BHO-x32: Panda Security Toolbar -> {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} -> C:\Program Files (x86)\pandasecuritytb\pandasecurityDx.dll [2015-10-05] ()
Toolbar: HKLM - Panda Security Toolbar - {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} - C:\Program Files (x86)\pandasecuritytb\pandasecurityDx64.dll [2015-10-05] ()
Toolbar: HKLM-x32 - Panda Security Toolbar - {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} - C:\Program Files (x86)\pandasecuritytb\pandasecurityDx.dll [2015-10-05] ()
Handler: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\System32\tbauth.dll [2016-07-16] (Microsoft Corporation)
Handler-x32: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll [2016-07-16] (Microsoft Corporation)

FireFox:
========
FF Plugin: @java.com/DTPlugin,version=11.73.2 -> C:\Program Files\Java\jre1.8.0_73\bin\dtplugin\npDeployJava1.dll [2016-02-29] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.73.2 -> C:\Program Files\Java\jre1.8.0_73\bin\plugin2\npjp2.dll [2016-02-29] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3522.0110 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-01-10] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-07-22] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-07-22] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-27] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-27] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-87857065-1652397247-1537311187-1002: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2016-09-15] ()
FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor => not found

Chrome:
=======
CHR HomePage: Profile 2 -> hxxp://www.msn.com/?pc=AV01
CHR StartupUrls: Profile 2 -> "hxxps://www.google.ca/"
CHR Profile: C:\Users\Brad\AppData\Local\Google\Chrome\User Data\Default
CHR Profile: C:\Users\Brad\AppData\Local\Google\Chrome\User Data\Profile 1
CHR Extension: (Google Slides) - C:\Users\Brad\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-06-21]
CHR Extension: (Google Docs) - C:\Users\Brad\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2016-06-21]
CHR Extension: (Google Drive) - C:\Users\Brad\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-06-21]
CHR Extension: (YouTube) - C:\Users\Brad\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-06-21]
CHR Extension: (Google Sheets) - C:\Users\Brad\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-06-21]
CHR Extension: (YouTube) - C:\Users\Brad\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gdmkfaibephdbmhdhagncpnpjenbccdl [2016-10-28]
CHR Extension: (Google Docs Offline) - C:\Users\Brad\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-06-21]
CHR Extension: (Skype) - C:\Users\Brad\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2016-06-21]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Brad\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-06-21]
CHR Extension: (Gmail) - C:\Users\Brad\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-06-21]
CHR Extension: (Chrome Media Router) - C:\Users\Brad\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-09-22]
CHR Profile: C:\Users\Brad\AppData\Local\Google\Chrome\User Data\Profile 2
CHR Extension: (Sky map) - C:\Users\Brad\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\acnecepeneiomaebkkagcfbbakcfljdc [2016-09-22]
CHR Extension: (Forge of Empires) - C:\Users\Brad\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\anaphblkfplenhkephgneolhnmjminjg [2016-09-22]
CHR Extension: (Google Drive) - C:\Users\Brad\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-09-22]
CHR Extension: (Galaxy Aero 1440p) - C:\Users\Brad\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\baobdjafbehnhgceapbejnfcfebhoafb [2016-09-22]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Brad\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2016-09-22]
CHR Extension: (Web Developer) - C:\Users\Brad\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\bfbameneiokkgbdmiekhjnmfkcnldhhm [2016-09-22]
CHR Extension: (Adguard AdBlocker) - C:\Users\Brad\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\bgnkhhnnamicmpeenaelnjfhikgbkllg [2016-09-22]
CHR Extension: (YouTube) - C:\Users\Brad\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-09-22]
CHR Extension: (Space Quest II) - C:\Users\Brad\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\fdkjigcnhkpoaoaocloplokpcalfbdoj [2016-09-22]
CHR Extension: (Google Docs Offline) - C:\Users\Brad\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-09-22]
CHR Extension: (Read&Write for Google Chrome™) - C:\Users\Brad\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\inoeonmfapjbbkmdafoankkfajkcphgd [2016-09-22]
CHR Extension: (SparkChess 9) - C:\Users\Brad\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\khgabmflimjjbclkmljlpmgaleanedem [2016-09-22]
CHR Extension: (Little Alchemy) - C:\Users\Brad\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\knkapnclbofjjgicpkfoagdjohlfjhpd [2016-09-22]
CHR Extension: (Skype) - C:\Users\Brad\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2016-10-25]
CHR Extension: (Solitaire) - C:\Users\Brad\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\lkbhppfbabandkdmgjmifahoabeodiep [2016-09-22]
CHR Extension: (Sudoku) - C:\Users\Brad\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\lmffbboaikebpjkkgmoeodnhjkkbeice [2016-09-22]
CHR Extension: (HUMAN 3.0) - C:\Users\Brad\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\meefjekipolcgabfgaclcpdkbghhmoah [2016-09-22]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Brad\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-09-22]
CHR Extension: (Gmail) - C:\Users\Brad\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-09-22]
CHR Extension: (Chrome Media Router) - C:\Users\Brad\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-09-22]
CHR Profile: C:\Users\Brad\AppData\Local\Google\Chrome\User Data\Profile 3
CHR Extension: (Google Slides) - C:\Users\Brad\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-09-22]
CHR Extension: (BIODIGITAL HUMAN) - C:\Users\Brad\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\agoenciogemlojlhccbcpcfflicgnaak [2016-09-22]
CHR Extension: (Google Docs) - C:\Users\Brad\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\aohghmighlieiainnegkcijnfilokake [2016-09-22]
CHR Extension: (Google Drive) - C:\Users\Brad\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-09-22]
CHR Extension: (YouTube) - C:\Users\Brad\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-09-22]
CHR Extension: (Google Sheets) - C:\Users\Brad\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-09-22]
CHR Extension: (Google Docs Offline) - C:\Users\Brad\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-09-22]
CHR Extension: (Little Alchemy) - C:\Users\Brad\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\knkapnclbofjjgicpkfoagdjohlfjhpd [2016-09-22]
CHR Extension: (Skype) - C:\Users\Brad\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2016-09-22]
CHR Extension: (Zelda Dark) - C:\Users\Brad\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\lilddpnkkhkcjkdaaglfminjopbijomp [2016-09-22]
CHR Extension: (Solitaire) - C:\Users\Brad\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\lkbhppfbabandkdmgjmifahoabeodiep [2016-09-22]
CHR Extension: (HUMAN 3.0) - C:\Users\Brad\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\meefjekipolcgabfgaclcpdkbghhmoah [2016-09-22]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Brad\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-09-22]
CHR Extension: (Gmail) - C:\Users\Brad\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-09-22]
CHR Extension: (Chrome Media Router) - C:\Users\Brad\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-09-22]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2014-04-15] (Advanced Micro Devices, Inc.) [File not signed]
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-09-22] (Apple Inc.)
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe [920736 2013-11-06] ()
R2 Asus WebStorage Windows Service; C:\Program Files (x86)\ASUS\WebStorage\2.1.1.265\AsusWSWinService.exe [71680 2014-01-14] (ASUS Cloud Corporation) [File not signed]
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1404936 2016-08-02] ()
S3 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [433688 2016-01-07] (BlueStack Systems, Inc.)
R2 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [413208 2016-01-07] (BlueStack Systems, Inc.)
R2 BstHdUpdaterSvc; C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe [859672 2016-01-07] (BlueStack Systems, Inc.)
S2 CDPUserSvc; C:\Windows\System32\CDPUserSvc.dll [339456 2016-10-14] (Microsoft Corporation)
R2 CDPUserSvc_a1175; C:\WINDOWS\system32\svchost.exe [44496 2016-07-16] (Microsoft Corporation)
R2 CDPUserSvc_a1175; C:\WINDOWS\SysWOW64\svchost.exe [38792 2016-07-16] (Microsoft Corporation)
S3 EasyAntiCheat; C:\WINDOWS\SysWOW64\EasyAntiCheat.exe [240416 2016-04-29] (EasyAntiCheat Ltd)
R2 Fabs; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [1858048 2012-01-23] (MAGIX AG) [File not signed]
S3 FirebirdServerMAGIXInstance; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [2702848 2011-04-26] (MAGIX®) [File not signed]
S3 FrameServer; C:\Windows\system32\FrameServer.dll [805888 2016-11-02] (Microsoft Corporation)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1163200 2016-01-11] (NVIDIA Corporation)
S3 HvHost; C:\Windows\System32\hvhostsvc.dll [67584 2016-07-16] (Microsoft Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1514464 2016-03-10] (Malwarebytes)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1136608 2016-03-10] (Malwarebytes)
S3 MessagingService; C:\Windows\System32\MessagingService.dll [52224 2016-07-16] (Microsoft Corporation)
S3 MessagingService_a1175; C:\WINDOWS\system32\svchost.exe [44496 2016-07-16] (Microsoft Corporation)
S3 MessagingService_a1175; C:\WINDOWS\SysWOW64\svchost.exe [38792 2016-07-16] (Microsoft Corporation)
R2 NanoServiceMain; C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe [142072 2015-10-18] (Panda Security, S.L.)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1879488 2016-01-11] (NVIDIA Corporation)
R3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [6308288 2016-01-11] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [4812736 2016-01-11] (NVIDIA Corporation)
R2 OneSyncSvc_a1175; C:\WINDOWS\system32\svchost.exe [44496 2016-07-16] (Microsoft Corporation)
R2 OneSyncSvc_a1175; C:\WINDOWS\SysWOW64\svchost.exe [38792 2016-07-16] (Microsoft Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2104840 2015-12-26] (Electronic Arts)
R2 PandaAgent; C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe [73176 2016-02-22] (Panda Security, S.L.)
R2 panda_url_filtering; C:\Program Files\Panda Security URL Filtering\Panda_URL_Filteringb.exe [287752 2015-10-02] (Visicom Media Inc.)
R3 PimIndexMaintenanceSvc_a1175; C:\WINDOWS\system32\svchost.exe [44496 2016-07-16] (Microsoft Corporation)
R3 PimIndexMaintenanceSvc_a1175; C:\WINDOWS\SysWOW64\svchost.exe [38792 2016-07-16] (Microsoft Corporation)
R2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [75136 2016-09-15] ()
R2 PSUAService; C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAService.exe [38136 2015-10-22] (Panda Security, S.L.)
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [390632 2012-04-24] ()
S3 RmSvc; C:\Windows\System32\RMapi.dll [140800 2016-09-15] (Microsoft Corporation)
S4 shpamsvc; C:\Windows\system32\Windows.SharedPC.AccountManager.dll [161792 2016-07-16] (Microsoft Corporation)
S3 TieringEngineService; C:\Windows\system32\TieringEngineService.exe [287744 2016-07-16] (Microsoft Corporation)
R3 TimeBrokerSvc; C:\Windows\System32\TimeBrokerServer.dll [177664 2016-07-16] (Microsoft Corporation)
S4 tzautoupdate; C:\Windows\system32\tzautoupdate.dll [95232 2016-09-06] (Microsoft Corporation)
R3 UnistoreSvc_a1175; C:\WINDOWS\System32\svchost.exe [44496 2016-07-16] (Microsoft Corporation)
R3 UnistoreSvc_a1175; C:\WINDOWS\SysWOW64\svchost.exe [38792 2016-07-16] (Microsoft Corporation)
R3 UserDataSvc_a1175; C:\WINDOWS\system32\svchost.exe [44496 2016-07-16] (Microsoft Corporation)
R3 UserDataSvc_a1175; C:\WINDOWS\SysWOW64\svchost.exe [38792 2016-07-16] (Microsoft Corporation)
S3 vmicrdv; C:\Windows\System32\icsvcext.dll [349696 2016-09-15] (Microsoft Corporation)
S3 vmicvss; C:\Windows\System32\icsvcext.dll [349696 2016-09-15] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation)
S3 wisvc; C:\Windows\system32\flightsettings.dll [635904 2016-11-02] (Microsoft Corporation)
S3 WpnUserService; C:\Windows\System32\WpnUserService.dll [74240 2016-07-16] (Microsoft Corporation)
S3 WpnUserService_a1175; C:\WINDOWS\system32\svchost.exe [44496 2016-07-16] (Microsoft Corporation)
S3 WpnUserService_a1175; C:\WINDOWS\SysWOW64\svchost.exe [38792 2016-07-16] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AcpiDev; C:\Windows\System32\drivers\AcpiDev.sys [18432 2016-07-16] (Microsoft Corporation)
R2 AODDriver4.3; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59648 2013-11-04] (Advanced Micro Devices)
S3 applockerfltr; C:\Windows\System32\drivers\applockerfltr.sys [15360 2016-07-16] (Microsoft Corporation)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2012-08-22] ()
R0 assdv2; C:\Windows\System32\Drivers\assdv2.sys [21816 2013-12-05] ()
R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [14464 2010-08-03] ()
S0 b06bdrv; C:\Windows\System32\drivers\bxvbda.sys [533856 2016-07-16] (QLogic Corporation)
S3 bcmfn; C:\Windows\System32\drivers\bcmfn.sys [9728 2016-07-16] (Windows (R) Win 7 DDK provider)
S2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [154680 2016-01-07] (BlueStack Systems)
R3 BthLEEnum; C:\Windows\System32\drivers\BthLEEnum.sys [249856 2016-09-15] (Microsoft Corporation)
R3 cbfs3; C:\Windows\System32\drivers\cbfs3.sys [352144 2012-04-09] (EldoS Corporation)
S3 cht4iscsi; C:\Windows\System32\drivers\cht4sx64.sys [346976 2016-07-16] (Chelsio Communications)
S3 cht4vbd; C:\Windows\System32\drivers\cht4vx64.sys [2104160 2016-07-16] (Chelsio Communications)
R2 clreg; C:\Windows\System32\drivers\registry.sys [70144 2016-07-16] (Microsoft Corporation)
S3 hvservice; C:\Windows\System32\drivers\hvservice.sys [73568 2016-08-05] (Microsoft Corporation)
S3 iagpio; C:\Windows\System32\drivers\iagpio.sys [33280 2016-07-16] (Intel(R) Corporation)
S3 iai2c; C:\Windows\System32\drivers\iai2c.sys [81408 2016-07-16] (Intel(R) Corporation)
S3 iaLPSS2i_GPIO2; C:\Windows\System32\drivers\iaLPSS2i_GPIO2.sys [64512 2016-07-16] (Intel Corporation)
S3 iaLPSS2i_I2C; C:\Windows\System32\drivers\iaLPSS2i_I2C.sys [176384 2016-07-16] (Intel Corporation)
S3 IndirectKmd; C:\Windows\System32\drivers\IndirectKmd.sys [35840 2016-07-16] (Microsoft Corporation)
R0 iorate; C:\Windows\System32\drivers\iorate.sys [48992 2016-11-02] (Microsoft Corporation)
R3 LifeCamTrueColor; C:\Windows\system32\DRIVERS\LifeCamTrueColor.sys [37928 2016-07-27] (Microsoft Corporation)
S3 ManyCam; C:\Windows\system32\DRIVERS\mcvidrv.sys [49272 2014-12-28] (Visicom Media Inc.)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [27008 2016-03-10] (Malwarebytes)
R4 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [192216 2016-12-03] (Malwarebytes)
R3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [65408 2016-03-10] (Malwarebytes Corporation)
S3 mcaudrv_simple; C:\Windows\system32\drivers\mcaudrv_x64.sys [35960 2014-12-28] (Visicom Media Inc.)
S0 megasas2i; C:\Windows\System32\drivers\MegaSas2i.sys [64352 2016-10-05] (Avago Technologies)
S3 NetAdapterCx; C:\Windows\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R1 NNSALPC; C:\Windows\system32\DRIVERS\NNSALPC.sys [103824 2015-07-16] (Panda Security, S.L.)
R1 NNSHTTP; C:\Windows\system32\DRIVERS\NNSHTTP.sys [211352 2015-07-16] (Panda Security, S.L.)
R1 NNSHTTPS; C:\Windows\system32\DRIVERS\NNSHTTPS.sys [120216 2015-07-16] (Panda Security, S.L.)
R1 NNSIDS; C:\Windows\system32\DRIVERS\NNSIDS.sys [120208 2015-07-16] (Panda Security, S.L.)
R1 NNSNAHSL; C:\Windows\system32\DRIVERS\NNSNAHSL.sys [58616 2015-06-19] (Panda Security, S.L.)
R1 NNSPICC; C:\Windows\system32\DRIVERS\NNSPICC.sys [112536 2015-07-16] (Panda Security, S.L.)
R1 NNSPIHSW; C:\Windows\system32\DRIVERS\NNSPIHSW.sys [89472 2015-09-01] (Panda Security, S.L.)
R1 NNSPOP3; C:\Windows\system32\DRIVERS\NNSPOP3.sys [133528 2015-07-16] (Panda Security, S.L.)
R1 NNSPROT; C:\Windows\system32\DRIVERS\NNSPROT.sys [309648 2015-07-16] (Panda Security, S.L.)
R1 NNSPRV; C:\Windows\system32\DRIVERS\NNSPRV.sys [179608 2015-07-16] (Panda Security, S.L.)
R1 NNSSMTP; C:\Windows\system32\DRIVERS\NNSSMTP.sys [122776 2015-07-16] (Panda Security, S.L.)
R1 NNSSTRM; C:\Windows\system32\DRIVERS\NNSSTRM.sys [267160 2015-07-16] (Panda Security, S.L.)
R1 NNSTLSC; C:\Windows\system32\DRIVERS\NNSTLSC.sys [115600 2015-07-16] (Panda Security, S.L.)
R3 nvlddmkm; C:\Windows\System32\DriverStore\FileRepository\nv_dispiwu.inf_amd64_9ff5ab165faead52\nvlddmkm.sys [13754936 2016-08-26] (NVIDIA Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [26560 2016-01-11] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [47760 2015-12-18] (NVIDIA Corporation)
S0 percsas2i; C:\Windows\System32\drivers\percsas2i.sys [58720 2016-07-16] (Avago Technologies)
R2 PSINAflt; C:\Windows\System32\DRIVERS\PSINAflt.sys [173464 2015-07-21] (Panda Security, S.L.)
R2 PSINFile; C:\Windows\System32\DRIVERS\PSINFile.sys [130968 2015-07-21] (Panda Security, S.L.)
R1 PSINKNC; C:\Windows\system32\DRIVERS\PSINKNC.sys [207256 2015-07-21] (Panda Security, S.L.)
R2 PSINProc; C:\Windows\System32\DRIVERS\PSINProc.sys [133528 2015-07-21] (Panda Security, S.L.)
R2 PSINProt; C:\Windows\System32\DRIVERS\PSINProt.sys [143768 2015-07-21] (Panda Security, S.L.)
R2 PSINReg; C:\Windows\system32\DRIVERS\PSINReg.sys [117144 2015-07-21] (Panda Security, S.L.)
R3 PSKMAD; C:\Windows\System32\DRIVERS\PSKMAD.sys [62080 2015-06-16] (Panda Security, S.L.)
S3 RimVSerPort; C:\Windows\system32\DRIVERS\RimSerial_AMD64.sys [31744 2009-01-09] (Research in Motion Ltd)
R3 RtkBtFilter; C:\Windows\system32\DRIVERS\RtkBtfilter.sys [593624 2015-12-15] (Realtek Semiconductor Corporation)
R3 RTWlanE; C:\Windows\System32\drivers\rtwlane.sys [5144064 2016-07-16] (Realtek Semiconductor Corporation )
S0 scmbus; C:\Windows\System32\drivers\scmbus.sys [88416 2016-07-16] (Microsoft Corporation)
S3 scmdisk0101; C:\Windows\System32\drivers\scmdisk0101.sys [123904 2016-07-16] (Microsoft Corporation)
S3 UcmTcpciCx0101; C:\Windows\System32\Drivers\UcmTcpciCx.sys [108544 2016-07-16] (Microsoft Corporation)
S3 UdeCx; C:\Windows\System32\drivers\udecx.sys [45568 2016-07-16] (Microsoft Corporation)
S3 vmgid; C:\Windows\System32\drivers\vmgid.sys [10240 2016-07-16] (Microsoft Corporation)
R0 volume; C:\Windows\System32\drivers\volume.sys [16224 2016-07-16] (Microsoft Corporation)
R2 wcifs; C:\Windows\system32\drivers\wcifs.sys [119648 2016-09-15] (Microsoft Corporation)
R2 wcnfs; C:\Windows\system32\drivers\wcnfs.sys [66560 2016-07-16] (Microsoft Corporation)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

NETSVC: shpamsvc -> C:\Windows\system32\Windows.SharedPC.AccountManager.dll (Microsoft Corporation)
NETSVC: WpnService -> C:\Windows\system32\WpnService.dll (Microsoft Corporation)
NETSVC: wisvc -> C:\Windows\system32\flightsettings.dll (Microsoft Corporation)
 
Here is the remainder of FRST.txt

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-12-03 09:45 - 2016-12-03 09:46 - 00000000 ____D C:\Users\Brad\Desktop\techspot help
2016-12-03 09:45 - 2016-12-03 09:46 - 00000000 ____D C:\FRST
2016-12-03 09:30 - 2016-12-03 09:30 - 00000000 ___HD C:\OneDriveTemp
2016-12-03 08:34 - 2016-12-03 09:29 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2016-12-03 08:33 - 2016-12-03 09:31 - 00001178 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2016-12-03 08:33 - 2016-12-03 08:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2016-12-03 08:33 - 2016-12-03 08:33 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-12-03 08:33 - 2016-12-03 08:33 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2016-12-03 08:33 - 2016-03-10 14:09 - 00065408 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2016-12-03 08:33 - 2016-03-10 14:08 - 00140672 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2016-12-03 08:33 - 2016-03-10 14:08 - 00027008 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2016-11-29 16:54 - 2016-11-29 16:54 - 00000000 ____D C:\Users\Brad\AppData\LocalLow\Landfall
2016-11-29 16:52 - 2016-11-29 16:52 - 00000000 ____D C:\Users\Brad\Desktop\TotallyAccurateBattleSimulator_Data
2016-11-26 11:53 - 2016-11-26 11:53 - 00000148 _____ C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc
2016-11-26 11:53 - 2016-11-26 11:53 - 00000000 ____D C:\Users\Brad\AppData\Roaming\Fatshark
2016-11-16 16:14 - 2016-11-16 16:14 - 00000000 _____ C:\WINDOWS\SysWOW64\track
2016-11-14 21:27 - 2016-11-14 21:27 - 00000000 ____D C:\Program Files (x86)\PaintToolSAI
2016-11-14 21:21 - 2016-11-14 21:21 - 00000000 ____D C:\Users\Brad\AppData\Roaming\SYSTEMAX Software Development
2016-11-14 21:21 - 2016-11-14 21:21 - 00000000 ____D C:\ProgramData\SYSTEMAX Software Development
2016-11-13 08:53 - 2016-11-13 08:53 - 00000000 ____D C:\Users\Brad\AppData\LocalLow\CampoSanto
2016-11-08 17:15 - 2016-11-02 07:01 - 00484584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2016-11-08 17:15 - 2016-11-02 07:01 - 00315744 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2016-11-08 17:15 - 2016-11-02 06:13 - 00773720 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2016-11-08 17:15 - 2016-11-02 06:12 - 00376672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2016-11-08 17:15 - 2016-11-02 06:12 - 00341344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2016-11-08 17:15 - 2016-11-02 06:10 - 02323728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
2016-11-08 17:15 - 2016-11-02 06:09 - 02257104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2016-11-08 17:15 - 2016-11-02 06:08 - 00576408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2016-11-08 17:15 - 2016-11-02 06:08 - 00186424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\weretw.dll
2016-11-08 17:15 - 2016-11-02 06:05 - 03892352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2016-11-08 17:15 - 2016-11-02 06:05 - 00959112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2016-11-08 17:15 - 2016-11-02 06:05 - 00951904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2016-11-08 17:15 - 2016-11-02 06:02 - 00682816 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2016-11-08 17:15 - 2016-11-02 06:02 - 00238056 _____ (Microsoft Corporation) C:\WINDOWS\system32\weretw.dll
2016-11-08 17:15 - 2016-11-02 06:01 - 01263856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2016-11-08 17:15 - 2016-11-02 06:01 - 00545936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2016-11-08 17:15 - 2016-11-02 06:00 - 08156080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2016-11-08 17:15 - 2016-11-02 06:00 - 01274712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2016-11-08 17:15 - 2016-11-02 05:49 - 00037376 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2016-11-08 17:15 - 2016-11-02 05:47 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Shell.Search.UriHandler.dll
2016-11-08 17:15 - 2016-11-02 05:46 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininetlui.dll
2016-11-08 17:15 - 2016-11-02 05:39 - 00348672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\zipfldr.dll
2016-11-08 17:15 - 2016-11-02 05:33 - 03307520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2016-11-08 17:15 - 2016-11-02 05:31 - 00226304 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcTok.exe
2016-11-08 17:15 - 2016-11-02 05:31 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSpkg.dll
2016-11-08 17:15 - 2016-11-02 05:30 - 00109056 _____ (Microsoft Corporation) C:\WINDOWS\system32\dab.dll
2016-11-08 17:15 - 2016-11-02 05:30 - 00058880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.Search.UriHandler.dll
2016-11-08 17:15 - 2016-11-02 05:29 - 00884224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2016-11-08 17:15 - 2016-11-02 05:29 - 00336896 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkBindingEngineMigPlugin.dll
2016-11-08 17:15 - 2016-11-02 05:29 - 00122368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NPSM.dll
2016-11-08 17:15 - 2016-11-02 05:28 - 04423680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2016-11-08 17:15 - 2016-11-02 05:28 - 00566784 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActionCenterCPL.dll
2016-11-08 17:15 - 2016-11-02 05:28 - 00432128 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
2016-11-08 17:15 - 2016-11-02 05:28 - 00252928 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll
2016-11-08 17:15 - 2016-11-02 05:28 - 00109568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\chartv.dll
2016-11-08 17:15 - 2016-11-02 05:27 - 01388544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Cred.dll
2016-11-08 17:15 - 2016-11-02 05:26 - 00712192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2016-11-08 17:15 - 2016-11-02 05:26 - 00579072 _____ (Microsoft Corporation) C:\WINDOWS\system32\ddraw.dll
2016-11-08 17:15 - 2016-11-02 05:26 - 00278016 _____ (Microsoft Corporation) C:\WINDOWS\system32\netplwiz.dll
2016-11-08 17:15 - 2016-11-02 05:23 - 00101888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bowser.sys
2016-11-08 17:15 - 2016-11-02 05:22 - 13441024 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2016-11-08 17:15 - 2016-11-02 05:19 - 00130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\chartv.dll
2016-11-08 17:15 - 2016-11-02 05:19 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\asycfilt.dll
2016-11-08 17:15 - 2016-11-02 05:18 - 00836608 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcRefreshTask.dll
2016-11-08 17:15 - 2016-11-02 05:17 - 00909824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2016-11-08 17:15 - 2016-11-02 05:16 - 01359360 _____ (Microsoft Corporation) C:\WINDOWS\system32\usercpl.dll
2016-11-08 17:15 - 2016-11-02 05:16 - 00308736 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActionCenter.dll
2016-11-08 17:15 - 2016-11-02 03:20 - 00446896 _____ C:\WINDOWS\system32\ApnDatabase.xml
2016-11-08 17:14 - 2016-11-02 06:22 - 01570672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2016-11-08 17:14 - 2016-11-02 06:20 - 00590960 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2016-11-08 17:14 - 2016-11-02 06:13 - 01883784 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2016-11-08 17:14 - 2016-11-02 06:12 - 02255712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2016-11-08 17:14 - 2016-11-02 06:05 - 06657176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2016-11-08 17:14 - 2016-11-02 06:05 - 00405856 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2016-11-08 17:14 - 2016-11-02 06:04 - 04312248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2016-11-08 17:14 - 2016-11-02 06:03 - 00714592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2016-11-08 17:14 - 2016-11-02 06:00 - 00534096 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2016-11-08 17:14 - 2016-11-02 05:59 - 04673304 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2016-11-08 17:14 - 2016-11-02 05:50 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe
2016-11-08 17:14 - 2016-11-02 05:49 - 00147968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2016-11-08 17:14 - 2016-11-02 05:44 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2016-11-08 17:14 - 2016-11-02 05:44 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AuthExt.dll
2016-11-08 17:14 - 2016-11-02 05:43 - 00557568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2016-11-08 17:14 - 2016-11-02 05:42 - 00632832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sud.dll
2016-11-08 17:14 - 2016-11-02 05:42 - 00506880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DevicePairing.dll
2016-11-08 17:14 - 2016-11-02 05:42 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe
2016-11-08 17:14 - 2016-11-02 05:40 - 00896512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontext.dll
2016-11-08 17:14 - 2016-11-02 05:38 - 00760832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appwiz.cpl
2016-11-08 17:14 - 2016-11-02 05:36 - 07626752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2016-11-08 17:14 - 2016-11-02 05:34 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2016-11-08 17:14 - 2016-11-02 05:33 - 12349952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2016-11-08 17:14 - 2016-11-02 05:32 - 00040448 _____ (Microsoft Corporation) C:\WINDOWS\system32\efsext.dll
2016-11-08 17:14 - 2016-11-02 05:31 - 01228288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usercpl.dll
2016-11-08 17:14 - 2016-11-02 05:31 - 00097792 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2016-11-08 17:14 - 2016-11-02 05:30 - 09131008 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2016-11-08 17:14 - 2016-11-02 05:30 - 00567296 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicePairing.dll
2016-11-08 17:14 - 2016-11-02 05:29 - 07469056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2016-11-08 17:14 - 2016-11-02 05:28 - 00411136 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCenter.dll
2016-11-08 17:14 - 2016-11-02 05:28 - 00324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll
2016-11-08 17:14 - 2016-11-02 05:28 - 00274432 _____ (Microsoft Corporation) C:\WINDOWS\system32\ListSvc.dll
2016-11-08 17:14 - 2016-11-02 05:28 - 00240640 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkDesktopSettings.dll
2016-11-08 17:14 - 2016-11-02 05:28 - 00115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\IdCtrls.dll
2016-11-08 17:14 - 2016-11-02 05:27 - 02458112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\themecpl.dll
2016-11-08 17:14 - 2016-11-02 05:27 - 00631296 _____ (Microsoft Corporation) C:\WINDOWS\system32\WlanMediaManager.dll
2016-11-08 17:14 - 2016-11-02 05:27 - 00580608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hgcpl.dll
2016-11-08 17:14 - 2016-11-02 05:27 - 00545792 _____ (Microsoft Corporation) C:\WINDOWS\system32\timedate.cpl
2016-11-08 17:14 - 2016-11-02 05:27 - 00495104 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataSenseHandlers.dll
2016-11-08 17:14 - 2016-11-02 05:27 - 00422400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.dll
2016-11-08 17:14 - 2016-11-02 05:26 - 02747392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpcore.dll
2016-11-08 17:14 - 2016-11-02 05:26 - 02484736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gameux.dll
2016-11-08 17:14 - 2016-11-02 05:26 - 00912896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2016-11-08 17:14 - 2016-11-02 05:26 - 00388608 _____ (Microsoft Corporation) C:\WINDOWS\system32\zipfldr.dll
2016-11-08 17:14 - 2016-11-02 05:26 - 00358912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\stobject.dll
2016-11-08 17:14 - 2016-11-02 05:26 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2016-11-08 17:14 - 2016-11-02 05:25 - 02998272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2016-11-08 17:14 - 2016-11-02 05:25 - 01556480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2016-11-08 17:14 - 2016-11-02 05:25 - 00655872 _____ (Microsoft Corporation) C:\WINDOWS\system32\sud.dll
2016-11-08 17:14 - 2016-11-02 05:25 - 00496128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.UserAccountsHandlers.dll
2016-11-08 17:14 - 2016-11-02 05:24 - 00940032 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontext.dll
2016-11-08 17:14 - 2016-11-02 05:23 - 03106304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstsc.exe
2016-11-08 17:14 - 2016-11-02 05:23 - 02104320 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2016-11-08 17:14 - 2016-11-02 05:22 - 04749312 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2016-11-08 17:14 - 2016-11-02 05:22 - 00337920 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2016-11-08 17:14 - 2016-11-02 05:21 - 00942080 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2016-11-08 17:14 - 2016-11-02 05:19 - 00981504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.OnlineId.dll
2016-11-08 17:14 - 2016-11-02 05:19 - 00154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\NPSM.dll
2016-11-08 17:14 - 2016-11-02 05:18 - 00991232 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2016-11-08 17:14 - 2016-11-02 05:17 - 01282048 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2016-11-08 17:14 - 2016-11-02 05:17 - 00828416 _____ (Microsoft Corporation) C:\WINDOWS\system32\appwiz.cpl
2016-11-08 17:14 - 2016-11-02 05:17 - 00389632 _____ (Microsoft Corporation) C:\WINDOWS\system32\stobject.dll
2016-11-08 17:14 - 2016-11-02 05:16 - 03400192 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncCenter.dll
2016-11-08 17:14 - 2016-11-02 05:16 - 03133440 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcore.dll
2016-11-08 17:14 - 2016-11-02 05:16 - 02512384 _____ (Microsoft Corporation) C:\WINDOWS\system32\themecpl.dll
2016-11-08 17:14 - 2016-11-02 05:16 - 00881664 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2016-11-08 17:14 - 2016-11-02 05:16 - 00629248 _____ (Microsoft Corporation) C:\WINDOWS\system32\hgcpl.dll
2016-11-08 17:14 - 2016-11-02 05:15 - 02611200 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameux.dll
2016-11-08 17:14 - 2016-11-02 05:15 - 00483328 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.dll
2016-11-08 17:14 - 2016-11-02 05:14 - 01726976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2016-11-08 17:13 - 2016-11-02 06:22 - 00601712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2016-11-08 17:13 - 2016-11-02 06:03 - 02750936 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2016-11-08 17:13 - 2016-11-02 06:01 - 01425000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d9.dll
2016-11-08 17:13 - 2016-11-02 06:01 - 01415744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2016-11-08 17:13 - 2016-11-02 06:00 - 22223968 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2016-11-08 17:13 - 2016-11-02 05:48 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2016-11-08 17:13 - 2016-11-02 05:43 - 00270336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2016-11-08 17:13 - 2016-11-02 05:42 - 00549376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActionCenterCPL.dll
2016-11-08 17:13 - 2016-11-02 05:42 - 00306176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2016-11-08 17:13 - 2016-11-02 05:40 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\indexeddbserver.dll
2016-11-08 17:13 - 2016-11-02 05:39 - 00465920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppBroker.dll
2016-11-08 17:13 - 2016-11-02 05:38 - 22563840 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-11-08 17:13 - 2016-11-02 05:37 - 19415040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2016-11-08 17:13 - 2016-11-02 05:36 - 19415552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-11-08 17:13 - 2016-11-02 05:31 - 03196416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2016-11-08 17:13 - 2016-11-02 05:31 - 00159232 _____ (Microsoft Corporation) C:\WINDOWS\system32\ACPBackgroundManagerPolicy.dll
2016-11-08 17:13 - 2016-11-02 05:31 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2016-11-08 17:13 - 2016-11-02 05:30 - 12175360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-11-08 17:13 - 2016-11-02 05:30 - 00321536 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2016-11-08 17:13 - 2016-11-02 05:29 - 03666432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2016-11-08 17:13 - 2016-11-02 05:29 - 01247232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Globalization.dll
2016-11-08 17:13 - 2016-11-02 05:29 - 00314880 _____ (Microsoft Corporation) C:\WINDOWS\system32\FSClient.dll
2016-11-08 17:13 - 2016-11-02 05:29 - 00296960 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsensorgroup.dll
2016-11-08 17:13 - 2016-11-02 05:28 - 06044160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2016-11-08 17:13 - 2016-11-02 05:28 - 00690176 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2016-11-08 17:13 - 2016-11-02 05:28 - 00279552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.HumanInterfaceDevice.dll
2016-11-08 17:13 - 2016-11-02 05:28 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2016-11-08 17:13 - 2016-11-02 05:28 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\asycfilt.dll
2016-11-08 17:13 - 2016-11-02 05:27 - 23677952 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-11-08 17:13 - 2016-11-02 05:27 - 00261632 _____ (Microsoft Corporation) C:\WINDOWS\system32\indexeddbserver.dll
2016-11-08 17:13 - 2016-11-02 05:26 - 01509376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2016-11-08 17:13 - 2016-11-02 05:25 - 00956416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2016-11-08 17:13 - 2016-11-02 05:22 - 13081600 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-11-08 17:13 - 2016-11-02 05:21 - 05111296 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2016-11-08 17:13 - 2016-11-02 05:20 - 02273792 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2016-11-08 17:13 - 2016-11-02 05:20 - 00167936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ErrorDetails.dll
2016-11-08 17:13 - 2016-11-02 05:19 - 08127488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-11-08 17:13 - 2016-11-02 05:19 - 08075776 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2016-11-08 17:13 - 2016-11-02 05:19 - 01586176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Globalization.dll
2016-11-08 17:13 - 2016-11-02 05:19 - 00805888 _____ (Microsoft Corporation) C:\WINDOWS\system32\FrameServer.dll
2016-11-08 17:13 - 2016-11-02 05:18 - 01690112 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2016-11-08 17:13 - 2016-11-02 05:18 - 00243712 _____ (Microsoft Corporation) C:\WINDOWS\system32\shdocvw.dll
2016-11-08 17:13 - 2016-11-02 05:17 - 04746752 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-11-08 17:13 - 2016-11-02 05:17 - 00982528 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2016-11-08 17:13 - 2016-11-02 05:16 - 02688512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2016-11-08 17:13 - 2016-11-02 05:16 - 02669056 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-11-08 17:13 - 2016-11-02 05:16 - 01779712 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-11-08 17:13 - 2016-11-02 05:16 - 01637888 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2016-11-08 17:13 - 2016-11-02 05:16 - 00770560 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2016-11-08 17:13 - 2016-11-02 05:16 - 00579072 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppBroker.dll
2016-11-08 17:13 - 2016-11-02 05:15 - 04708864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2016-11-08 17:13 - 2016-11-02 05:15 - 01513472 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2016-11-08 17:13 - 2016-11-02 05:15 - 01348608 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2016-11-08 17:13 - 2016-11-02 05:15 - 00842240 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntshrui.dll
2016-11-08 17:13 - 2016-11-02 05:13 - 03496960 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVidCtl.dll
2016-11-08 17:13 - 2016-08-01 23:30 - 00822784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2016-11-08 17:12 - 2016-11-02 06:20 - 00378720 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2016-11-08 17:12 - 2016-11-02 06:15 - 01051112 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2016-11-08 17:12 - 2016-11-02 06:15 - 00894096 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2016-11-08 17:12 - 2016-11-02 06:14 - 07816544 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-11-08 17:12 - 2016-11-02 06:13 - 01354320 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2016-11-08 17:12 - 2016-11-02 06:13 - 01173496 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2016-11-08 17:12 - 2016-11-02 06:13 - 00423776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifitask.exe
2016-11-08 17:12 - 2016-11-02 06:08 - 00602464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll
2016-11-08 17:12 - 2016-11-02 06:08 - 00111968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupApi.dll
2016-11-08 17:12 - 2016-11-02 06:05 - 20969928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2016-11-08 17:12 - 2016-11-02 06:04 - 02678056 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
2016-11-08 17:12 - 2016-11-02 06:04 - 00596832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comctl32.dll
2016-11-08 17:12 - 2016-11-02 06:02 - 00848736 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll
2016-11-08 17:12 - 2016-11-02 06:02 - 00148832 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupApi.dll
2016-11-08 17:12 - 2016-11-02 06:01 - 00276832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\input.dll
2016-11-08 17:12 - 2016-11-02 06:01 - 00092512 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2016-11-08 17:12 - 2016-11-02 06:00 - 04130432 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2016-11-08 17:12 - 2016-11-02 06:00 - 01061968 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2016-11-08 17:12 - 2016-11-02 05:56 - 01609920 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9.dll
2016-11-08 17:12 - 2016-11-02 05:56 - 01572768 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2016-11-08 17:12 - 2016-11-02 05:56 - 01418312 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2016-11-08 17:12 - 2016-11-02 05:56 - 00628552 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2016-11-08 17:12 - 2016-11-02 05:56 - 00322912 _____ (Microsoft Corporation) C:\WINDOWS\system32\input.dll
2016-11-08 17:12 - 2016-11-02 05:55 - 00048992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\iorate.sys
2016-11-08 17:12 - 2016-11-02 05:48 - 00095232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TSpkg.dll
2016-11-08 17:12 - 2016-11-02 05:48 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\efsext.dll
2016-11-08 17:12 - 2016-11-02 05:47 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BcastDVRHelper.dll
2016-11-08 17:12 - 2016-11-02 05:45 - 00492032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.exe
2016-11-08 17:12 - 2016-11-02 05:45 - 00182784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsensorgroup.dll
2016-11-08 17:12 - 2016-11-02 05:44 - 00231936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.LockScreen.dll
2016-11-08 17:12 - 2016-11-02 05:43 - 00731136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d8.dll
2016-11-08 17:12 - 2016-11-02 05:43 - 00198144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FSClient.dll
2016-11-08 17:12 - 2016-11-02 05:43 - 00126464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2016-11-08 17:12 - 2016-11-02 05:42 - 00202752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.HumanInterfaceDevice.dll
2016-11-08 17:12 - 2016-11-02 05:41 - 00635904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2016-11-08 17:12 - 2016-11-02 05:40 - 00548352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ddraw.dll
2016-11-08 17:12 - 2016-11-02 05:39 - 00236544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAnimation.dll
2016-11-08 17:12 - 2016-11-02 05:36 - 00063488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ErrorDetailsUpdate.dll
2016-11-08 17:12 - 2016-11-02 05:35 - 00336896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msinfo32.exe
2016-11-08 17:12 - 2016-11-02 05:34 - 00327168 _____ (Microsoft Corporation) C:\WINDOWS\system32\microsoft-windows-system-events.dll
2016-11-08 17:12 - 2016-11-02 05:33 - 00206848 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2016-11-08 17:12 - 2016-11-02 05:31 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\system32\BcastDVRHelper.dll
2016-11-08 17:12 - 2016-11-02 05:31 - 00170496 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppCapture.dll
2016-11-08 17:12 - 2016-11-02 05:31 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininetlui.dll
2016-11-08 17:12 - 2016-11-02 05:30 - 00635904 _____ (Microsoft Corporation) C:\WINDOWS\system32\FlightSettings.dll
2016-11-08 17:12 - 2016-11-02 05:30 - 00363520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BioFeedback.dll
2016-11-08 17:12 - 2016-11-02 05:30 - 00134144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ErrorDetails.dll
2016-11-08 17:12 - 2016-11-02 05:29 - 00418304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BlockedShutdown.dll
2016-11-08 17:12 - 2016-11-02 05:29 - 00276992 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2016-11-08 17:12 - 2016-11-02 05:29 - 00211968 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2016-11-08 17:12 - 2016-11-02 05:29 - 00139264 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2016-11-08 17:12 - 2016-11-02 05:28 - 00807424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.OnlineId.dll
2016-11-08 17:12 - 2016-11-02 05:28 - 00748544 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2016-11-08 17:12 - 2016-11-02 05:28 - 00321024 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkUXBroker.dll
2016-11-08 17:12 - 2016-11-02 05:28 - 00260608 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgentUserBroker.exe
2016-11-08 17:12 - 2016-11-02 05:27 - 00605184 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe
2016-11-08 17:12 - 2016-11-02 05:26 - 01880576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2016-11-08 17:12 - 2016-11-02 05:26 - 01595392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-11-08 17:12 - 2016-11-02 05:26 - 00798208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2016-11-08 17:12 - 2016-11-02 05:26 - 00273920 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAnimation.dll
2016-11-08 17:12 - 2016-11-02 05:25 - 02256384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2016-11-08 17:12 - 2016-11-02 05:25 - 00772608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntshrui.dll
2016-11-08 17:12 - 2016-11-02 05:25 - 00541696 _____ (Microsoft Corporation) C:\WINDOWS\system32\ipnathlp.dll
2016-11-08 17:12 - 2016-11-02 05:24 - 03778560 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2016-11-08 17:12 - 2016-11-02 05:23 - 02356736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVidCtl.dll
2016-11-08 17:12 - 2016-11-02 05:23 - 00199680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GlobCollationHost.dll
2016-11-08 17:12 - 2016-11-02 05:23 - 00072704 _____ (Microsoft Corporation) C:\WINDOWS\system32\ErrorDetailsUpdate.dll
2016-11-08 17:12 - 2016-11-02 05:22 - 00369664 _____ (Microsoft Corporation) C:\WINDOWS\system32\msinfo32.exe
2016-11-08 17:12 - 2016-11-02 05:16 - 04148736 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2016-11-08 17:12 - 2016-11-02 05:16 - 01490944 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2016-11-08 17:12 - 2016-11-02 05:16 - 00265728 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll
2016-11-08 17:12 - 2016-11-02 05:15 - 03616768 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-11-08 17:12 - 2016-11-02 05:13 - 03299840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstsc.exe
2016-11-08 17:12 - 2016-11-02 05:13 - 00322048 _____ (Microsoft Corporation) C:\WINDOWS\system32\GlobCollationHost.dll
2016-11-08 17:12 - 2016-11-02 04:11 - 00788624 _____ C:\WINDOWS\SysWOW64\locale.nls
2016-11-08 17:12 - 2016-11-02 04:11 - 00788624 _____ C:\WINDOWS\system32\locale.nls
2016-11-08 17:11 - 2016-11-02 05:47 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.BlockedShutdown.dll
2016-11-08 17:11 - 2016-11-02 05:46 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppCapture.dll
2016-11-08 17:11 - 2016-11-02 05:45 - 00253952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.BioFeedback.dll
2016-11-08 17:11 - 2016-11-02 05:42 - 00866816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Cred.dll
2016-11-08 17:11 - 2016-11-02 05:32 - 00045056 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-12-03 09:42 - 2016-09-04 13:11 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2016-12-03 09:33 - 2015-08-07 08:36 - 01260710 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-12-03 09:32 - 2016-01-17 14:45 - 00000000 ____D C:\ProgramData\BlueStacksSetup
2016-12-03 09:31 - 2016-10-02 11:00 - 00001112 _____ C:\Users\Brad\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Curse.lnk
2016-12-03 09:31 - 2016-10-02 10:59 - 00000000 ____D C:\Users\Brad\AppData\Roaming\Curse Client
2016-12-03 09:31 - 2016-09-04 16:12 - 00001054 _____ C:\Users\Brad\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Optional Features.lnk
2016-12-03 09:31 - 2016-07-01 09:51 - 00001059 _____ C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk
2016-12-03 09:31 - 2016-01-17 14:47 - 00001749 _____ C:\Users\Brad\AppData\Roaming\Microsoft\Windows\Start Menu\BlueStacks.lnk
2016-12-03 09:31 - 2015-08-07 08:47 - 00002408 _____ C:\Users\Brad\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2016-12-03 09:31 - 2015-08-04 16:17 - 00000000 ____D C:\Users\Brad\AppData\Roaming\Skype
2016-12-03 09:31 - 2015-03-15 20:06 - 00001099 _____ C:\Users\Public\Desktop\paint.net.lnk
2016-12-03 09:31 - 2015-03-11 19:16 - 00000945 _____ C:\Users\Public\Desktop\MAGIX Movie Edit Pro 2015 Plus.lnk
2016-12-03 09:30 - 2016-10-28 17:18 - 00001829 _____ C:\Users\Public\Desktop\iTunes.lnk
2016-12-03 09:30 - 2016-09-04 13:16 - 00000000 ____D C:\Users\Brad
2016-12-03 09:30 - 2016-09-04 13:12 - 00001288 _____ C:\Users\Public\Desktop\AudioWizard.lnk
2016-12-03 09:30 - 2016-01-17 14:47 - 00001725 _____ C:\Users\Public\Desktop\BlueStacks.lnk
2016-12-03 09:30 - 2015-03-13 20:04 - 00001457 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2016-12-03 09:30 - 2015-03-11 16:47 - 00001151 _____ C:\Users\Public\Desktop\Greenfish Icon Editor Pro.lnk
2016-12-03 09:30 - 2015-03-06 21:30 - 00000000 __RDO C:\Users\Brad\OneDrive
2016-12-03 09:29 - 2016-06-11 18:35 - 00001442 _____ C:\Users\Brad\Desktop\Steam.lnk
2016-12-03 09:29 - 2015-07-10 07:22 - 00000275 _____ C:\WINDOWS\WindowsUpdate.log
2016-12-03 09:29 - 2015-06-27 10:53 - 00001964 _____ C:\Users\Brad\Desktop\Blender.lnk
2016-12-03 09:29 - 2015-05-28 20:53 - 00001073 _____ C:\Users\Brad\Desktop\Piskel-0.5.2.exe - Shortcut.lnk
2016-12-03 09:29 - 2015-03-13 00:57 - 00001007 _____ C:\Users\Brad\Desktop\Bandicam.lnk
2016-12-03 09:29 - 2015-03-06 21:38 - 00000000 ____D C:\Program Files (x86)\Steam
2016-12-03 09:27 - 2016-09-04 13:32 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-12-03 09:27 - 2016-09-04 13:26 - 00011810 _____ C:\WINDOWS\PFRO.log
2016-12-03 09:27 - 2016-09-04 13:13 - 00000000 ____D C:\ProgramData\NVIDIA
2016-12-03 09:27 - 2016-07-16 06:47 - 00000000 ____D C:\WINDOWS\system32\sru
2016-12-03 09:27 - 2016-07-16 01:04 - 00786432 _____ C:\WINDOWS\system32\config\BBI
2016-12-03 09:27 - 2015-05-09 21:27 - 00000000 ____D C:\ProgramData\panda_url_filtering
2016-12-03 09:24 - 2016-09-04 13:23 - 00001576 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2016-12-03 09:24 - 2016-09-04 13:12 - 00001300 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AudioWizard.lnk
2016-12-03 09:24 - 2016-07-01 09:51 - 00001021 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client.lnk
2016-12-03 09:24 - 2016-01-23 12:50 - 00002276 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Panda Free Antivirus.lnk
2016-12-03 09:24 - 2015-03-15 20:06 - 00001111 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\paint.net.lnk
2016-12-03 09:24 - 2015-03-14 10:53 - 00002535 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2016-12-03 09:24 - 2015-03-13 06:34 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2016-12-03 09:24 - 2015-03-07 21:24 - 00002279 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-12-03 09:24 - 2014-09-11 23:55 - 00001392 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Photo Gallery.lnk
2016-12-03 09:24 - 2014-09-11 23:55 - 00001323 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Movie Maker.lnk
2016-12-03 09:24 - 2014-09-11 23:47 - 00001998 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office.lnk
2016-12-02 16:12 - 2016-07-16 06:47 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-12-01 20:15 - 2016-07-16 06:47 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2016-11-27 09:29 - 2015-03-11 16:23 - 00000000 ___RD C:\Users\Brad\Desktop\Games
2016-11-21 20:52 - 2015-03-06 21:23 - 00000000 ____D C:\Users\Brad\AppData\Local\Packages
2016-11-17 18:07 - 2016-10-26 19:35 - 00011264 _____ C:\Users\Brad\Documents\Curling Schedule 2016-2017 round robin.xls
2016-11-10 18:22 - 2016-07-16 06:47 - 00000000 ____D C:\WINDOWS\rescache
2016-11-09 16:10 - 2015-08-04 16:17 - 00000000 ___RD C:\Program Files (x86)\Skype
2016-11-09 16:10 - 2015-08-04 16:16 - 00000000 ____D C:\ProgramData\Skype
2016-11-09 16:02 - 2016-09-04 13:10 - 00406776 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-11-08 18:31 - 2016-07-16 06:47 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2016-11-08 18:31 - 2016-07-16 06:47 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2016-11-08 18:31 - 2016-07-16 06:47 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2016-11-08 18:31 - 2016-07-16 06:47 - 00000000 ____D C:\WINDOWS\system32\oobe
2016-11-08 18:31 - 2016-07-16 06:47 - 00000000 ____D C:\WINDOWS\system32\migwiz
2016-11-08 18:31 - 2016-07-16 06:47 - 00000000 ____D C:\WINDOWS\ShellExperiences
2016-11-08 18:31 - 2016-07-16 06:47 - 00000000 ____D C:\WINDOWS\bcastdvr
2016-11-08 17:46 - 2016-07-16 06:36 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-11-08 17:37 - 2015-03-10 05:53 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-11-08 17:34 - 2015-03-10 05:53 - 141011376 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe

==================== Files in the root of some directories =======

2015-07-23 16:50 - 2015-07-23 17:36 - 0000154 _____ () C:\Users\Brad\AppData\Roaming\Rim.Desktop.Exception.log
2015-07-23 16:49 - 2015-07-23 17:43 - 0001937 _____ () C:\Users\Brad\AppData\Roaming\Rim.Desktop.HttpServerSetup.log
2015-07-23 16:50 - 2015-07-23 17:36 - 0000154 _____ () C:\Users\Brad\AppData\Roaming\Rim.DesktopHelper.Exception.log
2015-03-06 21:23 - 2015-08-07 07:57 - 0324696 _____ () C:\Users\Brad\AppData\Local\BTServer.log
2015-07-23 16:51 - 2015-07-23 17:36 - 0009216 _____ () C:\Users\Brad\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2016-09-04 13:12 - 2016-09-04 13:12 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2016-11-26 11:53 - 2016-11-26 11:53 - 0000148 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc

Files to move or delete:
====================
C:\Users\Brad\AppData\Local\Temp\is-EVQ74.tmp\prsetup.exe


==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2016-11-28 17:28

==================== End of FRST.txt ============================
 
addition.txt

Additional scan result of Farbar Recovery Scan Tool (x64) Version:04-10-2015
Ran by Brad (2016-12-03 09:46:45)
Running from C:\Users\Brad\Desktop\techspot help
Windows 10 Home (X64) (2016-09-04 18:42:21)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-87857065-1652397247-1537311187-500 - Administrator - Disabled)
Brad (S-1-5-21-87857065-1652397247-1537311187-1002 - Administrator - Enabled) => C:\Users\Brad
DefaultAccount (S-1-5-21-87857065-1652397247-1537311187-503 - Limited - Disabled)
Guest (S-1-5-21-87857065-1652397247-1537311187-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-87857065-1652397247-1537311187-1004 - Limited - Enabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Panda Free Antivirus (Enabled - Up to date) {AAF74A68-8713-CDF1-004F-30003398BE9E}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Panda Free Antivirus (Enabled - Up to date) {1196AB8C-A129-C27F-3AFF-0B72481FF423}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Panda Firewall (Disabled) {92CCCB4D-CD7C-CCA9-2B10-9935CD4BF9E5}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Reader XI (11.0.10) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
Age of Wonders III (HKLM\...\Steam App 226840) (Version: - Triumph Studios)
Alcor Micro USB Card Reader Driver (HKLM-x32\...\InstallShield_{261ED3C4-356F-4810-80B9-EDD0992ED5AA}) (Version: 20.3.44.03963 - Alcor Micro Corp.)
Alcor Micro USB Card Reader Driver (x32 Version: 20.3.44.03963 - Alcor Micro Corp.) Hidden
AMD Catalyst Install Manager (HKLM\...\{B5550B26-CD14-054D-FF0A-83405AE096B9}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
Apple Application Support (32-bit) (HKLM-x32\...\{F2871C89-C8A5-42EE-8D45-0F02506385A6}) (Version: 5.1 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{9BC93467-75D1-4AA4-BD58-D9C51D88DFAB}) (Version: 5.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{55BB2110-FB43-49B3-93F4-945A0CFB0A6C}) (Version: 10.0.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
ARK: Survival Evolved (HKLM-x32\...\Steam App 346110) (Version: - Studio Wildcard)
Assassin's Creed Brotherhood (HKLM-x32\...\{BE4BA698-8533-4F77-9559-C7F3F78C0B05}) (Version: 1.03 - Ubisoft)
Assassin's Creed® III (HKLM-x32\...\Steam App 208480) (Version: - Ubisoft Montreal)
ASUS Manager - Ai Booting (HKLM-x32\...\{2DCE446C-D090-4458-8782-8F16DF94351E}) (Version: 2.01.14 - ASUSTeK Computer Inc.)
ASUS Manager - Ai Charger II (HKLM-x32\...\{9AF45D7C-34F1-4BA0-B799-825C8C04494C}) (Version: 2.00.13 - ASUSTeK Computer Inc.)
ASUS Manager - Backup & Recovery (HKLM-x32\...\{34D67DE5-2ECF-4E6B-A243-2C16E2792787}) (Version: 2.01.11 - ASUSTeK Computer Inc.)
ASUS Manager - Family Safety (HKLM-x32\...\{016AFF97-4E18-4560-B8E5-B684BB124E32}) (Version: 2.00.05 - ASUSTeK Computer Inc.)
ASUS Manager - PC Cleanup (HKLM-x32\...\{E22A19AE-7DDB-4959-B1DB-A0996294352A}) (Version: 2.01.11 - ASUSTeK Computer Inc.)
ASUS Manager - Power Manager (HKLM-x32\...\{DD248BEE-E925-4720-A775-9A42276BB6EA}) (Version: 2.02.03 - ASUSTeK Computer Inc.)
ASUS Manager - Update (HKLM-x32\...\{675BBE8A-0ED3-4048-8723-BA51EAB8E1A8}) (Version: 2.02.06 - ASUSTeK Computer Inc.)
ASUS Manager (HKLM-x32\...\{F5E5AD85-4A90-4604-A887-464D3818D8FD}) (Version: 2.09.01 - ASUSTeK Computer Inc.)
ASUS Music Maker (HKLM-x32\...\MAGIX_{AB515018-7F9D-4047-B0C0-F26BAC30F3E1}) (Version: 18.0.4.1 - MAGIX AG)
ASUS Music Maker (Version: 18.0.4.1 - MAGIX AG) Hidden
Audible Download Manager (HKLM-x32\...\AudibleDownloadManager) (Version: 6.6.0.19 - Audible, Inc.)
Bandicam (HKLM-x32\...\Bandicam) (Version: 2.1.3.757 - Bandisoft.com)
Bandisoft MPEG-1 Decoder (HKLM-x32\...\BandiMPEG1) (Version: - Bandisoft.com)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Besiege (HKLM-x32\...\Steam App 346010) (Version: - Spiderling Studios)
BioShock Infinite (HKLM-x32\...\Steam App 8870) (Version: - Irrational Games)
Blender (HKLM\...\{3ABDE236-0A3F-4D0D-BECB-DB67EE21C593}) (Version: 2.77.0 - Blender Foundation)
Blender (HKLM\...\Blender) (Version: 2.74 - Blender Foundation)
BlueStacks App Player (HKLM-x32\...\{4047E0FE-CBD8-4915-BBB1-45F6CBF417AC}) (Version: 2.0.4.5627 - BlueStack Systems, Inc.)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Call of Duty: World at War (HKLM-x32\...\Steam App 10090) (Version: - Treyarch)
Chapter and Verse (HKLM-x32\...\{56C796A7-9C34-4DD9-9EC5-42DBDAF8DC89}) (Version: 1.5.3.0 - Loden Software)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{AF312B06-5C5C-468E-89B3-BE6DE2645722}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{0A4EF0E6-A912-4CDE-A7F3-6E56E7C13A2F}) (Version: 1.1.6 - Cisco Systems, Inc.)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version: - Valve)
Creativerse (HKLM-x32\...\Steam App 280790) (Version: - Playful Corporation)
Curse (HKLM-x32\...\{DEE70742-F4E9-44CA-B2B9-EE95DCF37295}) (Version: 6.0.0.0 - Curse)
CyberLink PhotoDirector 3 (HKLM-x32\...\InstallShield_{39337565-330E-4ab6-A9AE-AC81E0720B10}) (Version: 3.0.1.5501 - CyberLink Corp.)
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.0.4307 - CyberLink Corp.)
CyberLink PowerDirector 10 (Version: 10.0.0.4307 - CyberLink Corp.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Diablo III (HKLM-x32\...\Diablo III) (Version: - Blizzard Entertainment)
Double Action: Boogaloo (HKLM-x32\...\Steam App 317360) (Version: - Double Action Factory)
Dying Light (HKLM-x32\...\Steam App 239140) (Version: - Techland)
Elite Dangerous Launcher version 0.4.5499.0 (HKLM-x32\...\{696F8871-C91D-4CB1-825D-36BE18065575}_is1) (Version: 0.4.5499.0 - Frontier Developments)
Elite: Dangerous (HKLM-x32\...\Steam App 359320) (Version: - Frontier Developments)
eManual (HKLM-x32\...\{0C84E634-EB68-4A54-B21E-A05EC87A4CC5}) (Version: 1.00.07 - ASUSTeK Computer Inc.)
ffdshow v1.3.4532 [2014-07-17] (HKLM-x32\...\ffdshow_is1) (Version: 1.3.4532.0 - )
Firebird SQL Server - MAGIX Edition (HKLM-x32\...\{39AB2E37-1A55-4292-A5D3-971E9F70D0F8}) (Version: 2.1.32.0 - MAGIX AG)
Firewatch (HKLM\...\Steam App 383870) (Version: - Campo Santo)
Five Nights at Freddy's 3 (HKLM-x32\...\Steam App 354140) (Version: - Scott Cawthon)
Fotogalerie (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Fotogalleriet (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Fotoğraf Galerisi (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Fraps (remove only) (HKLM-x32\...\Fraps) (Version: - )
Freelancer (HKLM-x32\...\Freelancer 1.0) (Version: - )
Galeria de Fotografias (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Galería de fotos (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Galerie de photos (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Garry's Mod (HKLM-x32\...\Steam App 4000) (Version: - Facepunch Studios)
Gloria Victis (HKLM\...\Steam App 327070) (Version: - Black Eye Games)
Goat Simulator (HKLM\...\Steam App 265930) (Version: - Coffee Stain Studios)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 54.0.2840.99 - Google Inc.)
Google Update Helper (x32 Version: 1.3.31.5 - Google Inc.) Hidden
Greenfish Icon Editor Pro 3.1 (HKLM-x32\...\{27135B83-5AFF-42A3-BCEB-E689BE9E2090}_is1) (Version: - Greenfish Corporation)
I am Bread (HKLM-x32\...\Steam App 327890) (Version: - Bossa Studios)
iExplorer 3.9.2.0 (HKLM-x32\...\{7FD8B0C1-CDDA-4B4D-A577-B2E3570EA3A3}_is1) (Version: - Macroplant LLC)
iTunes (HKLM\...\{F11677B7-0D8E-4F34-BEBB-6869FE861CDF}) (Version: 12.5.2.36 - Apple Inc.)
Java 8 Update 73 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418073F0}) (Version: 8.0.730.2 - Oracle Corporation)
Kerbal Space Program (HKLM-x32\...\Steam App 220200) (Version: - Squad)
KogamaLauncher-WWW (HKLM-x32\...\{1CC9F278-D898-43D2-BBED-B3B765045888}) (Version: 1.0.3.0 - Multiverse ApS)
Left 4 Dead 2 (HKLM-x32\...\Steam App 550) (Version: - Valve)
LOOT (HKLM-x32\...\LOOT) (Version: 0.6.1 - LOOT Development Team)
MAGIX Movie Edit Pro 2015 Plus (HKLM\...\MX.{0797C499-48E8-46E2-9C97-90034F46F5E6}) (Version: 14.0.0.140 - MAGIX Software GmbH)
MAGIX Movie Edit Pro 2015 Plus (Version: 14.0.0.140 - MAGIX Software GmbH) Hidden
MAGIX Speed burnR (MSI) (HKLM-x32\...\MX.{819DE91E-229A-4DB4-8281-ECB3651FA0DA}) (Version: 7.0.1.27 - MAGIX Software GmbH)
MAGIX Speed burnR (MSI) (Version: 7.0.1.27 - MAGIX Software GmbH) Hidden
Malwarebytes Anti-Malware version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Mass Effect (HKLM\...\Steam App 17460) (Version: - BioWare)
Mass Effect 2 (HKLM\...\Steam App 24980) (Version: - BioWare)
Maxx Audio Installer (x64) (Version: 2.6.6168.8 - Waves Audio Ltd.) Hidden
Metro: Last Light (HKLM-x32\...\Steam App 43160) (Version: - 4A Games)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft LifeCam (HKLM\...\{8EC9E7BB-2443-49B1-8476-490EBF932C2E}) (Version: 4.25.512.0 - Microsoft Corporation)
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Middle-earth: Shadow of Mordor (HKLM-x32\...\Steam App 241930) (Version: - Monolith Productions, Inc.)
Movie Maker (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
Nexus Mod Manager (HKLM\...\6af12c54-643b-4752-87d0-8335503010de_is1) (Version: 0.60.0 - Black Tree Gaming)
No Man's Sky (HKLM\...\Steam App 275850) (Version: - Hello Games)
NVIDIA 3D Vision Controller Driver 352.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 352.65 - NVIDIA Corporation)
NVIDIA 3D Vision Driver 353.62 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 353.62 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.9.1.22 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.9.1.22 - NVIDIA Corporation)
NVIDIA Graphics Driver 353.62 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 353.62 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.34.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.3 - NVIDIA Corporation)
NVIDIA Miracast Virtual Audio 353.30 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Miracast.VirtualAudio) (Version: 353.30 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
OpenOffice 4.1.1 (HKLM-x32\...\{9395F41D-0F80-432E-9A59-B8E477E7E163}) (Version: 4.11.9775 - Apache Software Foundation)
Origin (HKLM-x32\...\Origin) (Version: 9.11.2.10120 - Electronic Arts, Inc.)
paint.net (HKLM\...\{DF3A46D9-67B3-44B2-9D01-25C8BA772C8A}) (Version: 4.0.6 - dotPDN LLC)
Panda Devices Agent (x32 Version: 1.03.07 - Panda Security) Hidden
Panda Devices Agent (x32 Version: 1.06.00 - Panda Security) Hidden
Panda Free Antivirus (HKLM-x32\...\Panda Universal Agent Endpoint) (Version: 16.0.2 - Panda Security)
Panda Free Antivirus (Version: 8.04.00.0000 - Panda Security) Hidden
Panda Security Toolbar (HKLM-x32\...\pandasecuritytb) (Version: 4.3.1.9 - Panda Security and Visicom Media Inc.)
PAYDAY 2 (HKLM-x32\...\Steam App 218620) (Version: - OVERKILL - a Starbreeze Studio.)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.990 - Even Balance, Inc.)
QuickTime 7 (HKLM-x32\...\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 - Apple Inc.)
Raccolta foto (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
REALTEK Bluetooth Driver (HKLM-x32\...\{9D3D8C60-A5EF-4123-B2B9-172095903AB}) (Version: 3.769.769.092613 - REALTEK Semiconductor Corp.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.9600.30179 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.29.314.2014 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7535 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN Driver (HKLM-x32\...\{9DAABC60-A5EF-41FF-B2B9-17329590CD5}) (Version: 1.00.0224 - REALTEK Semiconductor Corp.)
Rust (HKLM-x32\...\Steam App 252490) (Version: - Facepunch Studios)
Saints Row IV (HKLM-x32\...\Steam App 206420) (Version: - Deep Silver Volition)
SHIELD Streaming (Version: 4.1.0260 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.9.1.22 - NVIDIA Corporation) Hidden
Skype Click to Call (HKLM-x32\...\{873F8E7C-10E6-449F-BD7E-5FBA7C8E1C9B}) (Version: 8.5.0.9167 - Microsoft Corporation)
Skype™ 7.29 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.29.102 - Skype Technologies S.A.)
SOL: Exodus (HKLM\...\Steam App 200410) (Version: - Bit Planet Games, LLC)
Spore (HKLM-x32\...\Steam App 17390) (Version: - Maxis™)
Spore: Creepy & Cute Parts Pack (HKLM-x32\...\Steam App 17440) (Version: - Maxis™)
Spore: Galactic Adventures (HKLM-x32\...\Steam App 24720) (Version: - EA - Maxis)
Starpoint Gemini 2 (HKLM\...\Steam App 236150) (Version: - Little Green Men Games)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Subnautica (HKLM-x32\...\Steam App 264710) (Version: - Unknown Worlds Entertainment)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.19 - TeamSpeak Systems GmbH)
The Elder Scrolls V: Skyrim (HKLM-x32\...\Steam App 72850) (Version: - Bethesda Game Studios)
The Stanley Parable (HKLM\...\Steam App 221910) (Version: - Galactic Cafe)
The Witcher 2 (HKLM-x32\...\{F0A209B7-7F85-4BDD-8F1F-B98EEAD9E04B}) (Version: 1.00.0000 - CD Projekt Red)
There's Poop In My Soup (HKLM\...\Steam App 449540) (Version: - Rudder Games)
Tiger Knight: Empire War (HKLM\...\Steam App 534500) (Version: - NetDragon Websoft Holdings Limited)
Total War: ROME II - Emperor Edition (HKLM-x32\...\Steam App 214950) (Version: - Creative Assembly)
Undertale (HKLM\...\Steam App 391540) (Version: - tobyfox)
Uplay (HKLM-x32\...\Uplay) (Version: 2.0 - Ubisoft)
Valokuvavalikoima (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Verizon Wireless Software Upgrade Assistant - SAMSUNG (TL-PC) (HKLM-x32\...\{F02C6726-D7AA-472F-8706-9A1F3D8FB1DE}) (Version: 1.13.0103 - SAMSUNG)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
Warhammer: End Times - Vermintide (HKLM\...\Steam App 235540) (Version: - Fatshark)
WebStorage (HKLM-x32\...\WebStorage) (Version: 2.2.0.496 - ASUS Cloud Corporation)
Who's Your Daddy (HKLM\...\Steam App 427730) (Version: - Evil Tortilla Games)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3522.0110 - Microsoft Corporation)
WinRAR 5.21 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
Wolfenstein: The New Order (HKLM-x32\...\Steam App 201810) (Version: - Machine Games)
ZOTAC FireStorm (HKLM-x32\...\ZOTAC FireStorm) (Version: - )
Συλλογή φωτογραφιών (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
影像中心 (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
照片库 (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-87857065-1652397247-1537311187-1002_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Brad\AppData\Local\Microsoft\OneDrive\17.3.6517.0809_1\FileCoAuth.exe (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-87857065-1652397247-1537311187-1002_Classes\CLSID\{D45F043D-F17F-4e8a-8435-70971D9FA46D}\InprocServer32 -> C:\Program Files\Blender Foundation\Blender\BlendThumb64.dll ()

==================== Restore Points =========================

02-12-2016 18:12:25 Scheduled Checkpoint

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 08:25 - 2013-08-22 08:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {03896D04-23AB-4F74-A27D-B1B71EE41E2C} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\MDMMaintenenceTask => C:\Windows\system32\MDMAgent.exe [2016-07-16] (Microsoft Corporation)
Task: {0AF11BCF-36AC-4135-A633-784574D35EEC} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {0C7CB440-07DB-4523-8AA4-A07F8B7FA337} - System32\Tasks\ASUS\ASUS Manager - PC Cleanup - SecureDeleteBackground => C:\Program Files (x86)\ASUS\ASUS Manager\PC Cleanup\SecureDeleteBackground.exe [2014-06-03] ()
Task: {0D92C8C4-B52C-4824-9A1A-2A7812640DB5} - \WPD\SqmUpload_S-1-5-21-87857065-1652397247-1537311187-1002 -> No File <==== ATTENTION
Task: {11EF8237-224D-4CF9-9039-61D08754EA5D} - System32\Tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater => C:\Windows\system32\compattelrunner.exe [2016-10-14] (Microsoft Corporation)
Task: {1300AF09-5D37-4903-9EF8-260DC04A9938} - System32\Tasks\OneDrive Standalone Update Task => C:\Users\Brad\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\OneDriveStandaloneUpdater.exe [2016-08-24] (Microsoft Corporation)
Task: {16DEA092-FB0C-40D0-AE20-0536BECC21D9} - System32\Tasks\Microsoft\Windows\EDP\EDP App Launch Task
Task: {18378B62-856A-4B14-86F1-947A07D4EFCE} - System32\Tasks\ASUS\ASUS Manager BackgroundWindow => C:\Program Files (x86)\ASUS\ASUS Manager\BackgroundWindow.exe [2013-08-23] ()
Task: {184784E2-6ACB-4154-BD0F-A955BE13F177} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterDevicePolicyChange
Task: {1B65DD58-D16B-45E8-BEB4-94D7E4D64DF7} - System32\Tasks\Microsoft\Windows\EDP\EDP Auth Task
Task: {22F0C0A0-FA8F-4D61-9864-01ACBA3875B4} - System32\Tasks\ASUS\ASUS Update Checker => C:\Program Files (x86)\ASUS\ASUS Manager\Application Update\ASUSUpdateChecker.exe [2014-03-18] ()
Task: {2614689B-5AEA-46E8-B270-E30AE0C3CDE0} - System32\Tasks\ASUS\ASUS Updater => C:\Program Files (x86)\ASUS\ASUS Manager\Application Update\ASUSFourceUpdater.exe [2014-03-20] ()
Task: {2D1620AA-F39C-43C0-9607-476B5BE52DD6} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {310D21ED-1086-47B4-9E64-0716E35DE70C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-03-07] (Google Inc.)
Task: {32993286-670A-49AE-BF30-68A657C708C8} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\Windows\System32\AutoWorkplace.exe
Task: {43DF67E8-D733-48FA-98F2-4E6D341E4A79} - System32\Tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser => C:\Windows\system32\compattelrunner.exe [2016-10-14] (Microsoft Corporation)
Task: {4B92C058-6918-44FD-BA14-99FC9A1BEFA0} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2016-11-08] (Microsoft Corporation)
Task: {51B7FB15-4DCB-400E-9A98-10E802F21FB3} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterDeviceScreenOnOff
Task: {52107243-CB48-4679-ADAC-EF4F27238A0A} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {5654DFBB-E797-4758-B9A0-8BAE94A91F1D} - System32\Tasks\Microsoft\Windows\DUSM\dusmtask => C:\Windows\System32\dusmtask.exe [2016-07-16] (Microsoft Corporation)
Task: {5B340A8F-7F13-4F86-ADF8-FBC0BED531D2} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {5F5E675A-EDB6-4985-BFFF-FB65084C8FC4} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {5FAAF530-ED1B-4F7B-AD7B-1694AA0B202B} - System32\Tasks\Microsoft\Windows\CertificateServicesClient\CryptoPolicyTask
Task: {6232090F-3BD0-4E1F-960B-78CBA797F685} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\HandleWnsCommand
Task: {6AFC80EC-F164-4C49-928B-79148EAEE309} - \GenericSettingsHandler\Windows-Credentials\RetrySyncTask_for_S-1-5-21-87857065-1652397247-1537311187-1002 -> No File <==== ATTENTION
Task: {6B1AE720-1359-4B9E-9C0F-60167361EF01} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyRefreshTask
Task: {6B3696C4-F754-4B0F-970F-2884EBD0DD78} - \PaintTool SAI -> No File <==== ATTENTION
Task: {6D1C0035-5CAD-4340-A533-D63C9853BCC9} - System32\Tasks\Microsoft\Windows\Storage Tiers Management\Storage Tiers Management Initialization
Task: {6E8AE752-C5D2-4B34-B351-338B4370A342} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\HandleCommand
Task: {7AC5E1E2-2FD3-40CD-8842-88CE53A3609C} - System32\Tasks\Microsoft\Windows\DiskFootprint\StorageSense
Task: {82CB7EA4-EDD8-4917-9778-8C4C65925F28} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {8911480E-FA4E-438E-912E-BD222CB0D265} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-03-07] (Google Inc.)
Task: {8D791FAA-0257-4EBC-A6DD-74E842528806} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterDeviceSettingChange
Task: {9851188E-AC07-4F36-BA28-6D00BB2C9C46} - System32\Tasks\Microsoft\Windows\Device Information\Device => C:\Windows\system32\devicecensus.exe [2016-10-14] (Microsoft Corporation)
Task: {9F3184C6-D17F-4E22-867F-A7BA48C7E018} - System32\Tasks\Microsoft\Windows\Management\Provisioning\Logon => C:\Windows\system32\ProvTool.exe [2016-09-04] (Microsoft Corporation)
Task: {9F410FCD-368C-48B2-AFA1-A932E3150F8D} - System32\Tasks\ASUS\ASUS Manager HotKey Service => C:\Program Files (x86)\ASUS\ASUS Manager\AsHKService.exe [2014-03-19] (ASUSTeK Computer Inc.)
Task: {A43D038F-B8A3-49A9-8F85-F6FE5D7AE275} - System32\Tasks\Microsoft\Windows\ErrorDetails\EnableErrorDetailsUpdate
Task: {B320E058-C6FA-413F-876B-0C9B4428AE66} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterDevicePeriodic6
Task: {B6EE76B2-4F82-4E15-9345-C867A29CBAD0} - System32\Tasks\Microsoft\Windows\Speech\SpeechModelDownloadTask => C:\Windows\system32\speech_onecore\common\SpeechModelDownload.exe [2016-08-05] (Microsoft Corporation)
Task: {B8ABB6C3-F264-490B-A33B-8D1729DCAFD4} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {BDDEF317-2692-422F-AEA2-FFD67DC7CEA3} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterUserDevice
Task: {C125018F-0B81-4B64-B7DC-0E01220E5D0E} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterDeviceAccountChange
Task: {C24D5056-264E-455F-8AE1-6CA7CB717B87} - System32\Tasks\Microsoft\XblGameSave\XblGameSaveTask => C:\Windows\System32\XblGameSaveTask.exe [2016-07-16] (Microsoft Corporation)
Task: {C6B2579B-4962-4D12-883D-BBD420573A6C} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterDevicePeriodic1
Task: {C8F1E9D3-0E01-49F1-8A09-9797C651B5CC} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {CB7AD0F7-7719-4625-B257-ADB38FF8A2D8} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {CC636E49-0109-402B-A40B-A37C29069A95} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\LocateCommandUserSession
Task: {D085C19C-C229-43DE-832F-1342961E869A} - System32\Tasks\ASUS\Power_Manager_background => C:\Program Files (x86)\ASUS\ASUS Manager\Power Manager\Power Manager_background.exe [2014-02-20] (ASUSTeK)
Task: {D19A2726-897E-4F7D-9CE4-0773B449CE9E} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterDeviceConnectedToNetwork
Task: {D1E0F471-4827-49DE-88A4-ED40E2306F33} - System32\Tasks\ASUS\ASUS AiCharger_Desktop Execute => C:\Program Files (x86)\InstallShield Installation Information\{9AF45D7C-34F1-4BA0-B799-825C8C04494C}\AiChargerDT.exe [2013-04-02] (ASUSTek Computer Inc.)
Task: {D394BE25-2E16-45D4-AAB2-3E8861A09351} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyMonitorToastTask
Task: {D3C4106A-D511-42C6-9716-465644534C87} - System32\Tasks\microsoft\windows\applicationdata\appuriverifierinstall => C:\Windows\system32\AppHostRegistrationVerifier.exe [2016-07-16] (Microsoft Corporation)
Task: {D8604FA1-6F97-41DE-A1B0-990E5ECC99CA} - System32\Tasks\ASUS\ASUS AiCharger_II TrayIcon => C:\Program Files (x86)\ASUS\ASUS Manager\Ai Charger II\Ai_ChargerII_TrayIcon(ASUS_Manager).exe [2014-03-20] (ASUSTeK)
Task: {D8BCD53D-53CC-45BF-865A-D763432A558C} - System32\Tasks\Microsoft\Windows\License Manager\TempSignedLicenseExchange
Task: {D941F53F-7907-4FBE-B1E7-69EBD5B3A5D8} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterDeviceLocationRightsChange
Task: {DCF7C8F7-5057-45B9-9181-E1D404F59424} - System32\Tasks\Microsoft\Windows\ErrorDetails\ErrorDetailsUpdate
Task: {DDAECFC0-67E3-4062-BF25-CD685F73B394} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\IntegrityCheck
Task: {DEDFA5F4-F880-443B-B34C-3972D5DC985F} - System32\Tasks\Microsoft\XblGameSave\XblGameSaveTaskLogon => C:\Windows\System32\XblGameSaveTask.exe [2016-07-16] (Microsoft Corporation)
Task: {E0432AC2-46F4-4BEA-968C-162361B79C67} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {E25FFF60-8E5E-44F7-B86E-EA1B89F4BD06} - System32\Tasks\Microsoft\Windows\SpacePort\SpaceManagerTask => C:\Windows\system32\spaceman.exe [2016-09-15] (Microsoft Corporation)
Task: {E7836CCA-F69B-4240-B183-236A5AA4B99E} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2016-02-23] (Apple Inc.)
Task: {E7B04252-97CA-42C6-9920-F58B76B2C3E1} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterDevicePeriodic24
Task: {EA9BAA00-6604-4A27-8A73-AFA65F0EE1B3} - System32\Tasks\Microsoft\Windows\SharedPC\Account Cleanup => Rundll32.exe %windir%\System32\Windows.SharedPC.AccountManager.dll,StartMaintenance
Task: {ECEDC57D-8965-4EB1-BD6F-84791D928E23} - System32\Tasks\microsoft\windows\applicationdata\appuriverifierdaily => C:\Windows\system32\AppHostRegistrationVerifier.exe [2016-07-16] (Microsoft Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (Whitelisted) ==============

2016-07-16 06:42 - 2016-07-16 06:42 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-09-29 17:04 - 2016-09-15 12:25 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-09-04 13:13 - 2016-08-01 07:54 - 00133056 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-04-15 18:07 - 2014-04-15 18:07 - 00127488 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.Wlan.dll
2016-09-01 17:12 - 2016-09-01 17:12 - 00092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2016-10-05 17:17 - 2016-10-05 17:17 - 01353528 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2016-01-09 16:52 - 2016-01-11 23:43 - 00291264 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamBase.dll
2015-05-17 10:52 - 2016-09-15 16:12 - 00075136 _____ () C:\WINDOWS\SysWoW64\PnkBstrA.exe
2014-09-11 23:42 - 2012-04-24 05:43 - 00390632 _____ () C:\Program Files\CyberLink\Shared files\RichVideo64.exe
2014-10-25 05:06 - 2014-06-03 17:59 - 00930448 _____ () C:\Program Files (x86)\ASUS\ASUS Manager\PC Cleanup\SecureDeleteBackground.exe
2016-09-29 17:04 - 2016-09-15 12:25 - 02681200 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll
2016-09-04 16:15 - 2016-09-04 16:15 - 01864384 _____ () C:\Users\Brad\AppData\Local\Microsoft\OneDrive\17.3.6517.0809_1\amd64\ClientTelemetry.dll
2016-09-13 16:34 - 2016-09-06 23:56 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2016-11-08 17:14 - 2016-11-02 05:30 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2016-11-08 17:13 - 2016-11-02 05:21 - 09760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-11-08 17:13 - 2016-11-02 05:15 - 01401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-11-08 17:13 - 2016-11-02 05:14 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2016-11-08 17:13 - 2016-11-02 05:15 - 01033216 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll
2016-11-08 17:13 - 2016-11-02 05:16 - 02424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-11-08 17:13 - 2016-11-02 05:17 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2016-11-17 16:15 - 2016-11-17 16:16 - 00072192 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.9.261.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2016-11-17 16:15 - 2016-11-17 16:16 - 00178688 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.9.261.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2016-11-17 16:15 - 2016-11-17 16:16 - 41609728 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.9.261.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2015-03-13 20:04 - 2016-01-11 23:43 - 00715712 _____ () C:\Program Files\NVIDIA Corporation\ShadowPlay\gamecaster64.dll
2015-03-13 20:04 - 2016-01-11 23:43 - 00861120 _____ () C:\Program Files\NVIDIA Corporation\ShadowPlay\twitchsdk64.dll
2014-10-25 05:04 - 2013-11-06 05:58 - 00920736 ____R () C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe
2013-04-12 12:23 - 2013-04-12 12:23 - 00612664 _____ () C:\Program Files (x86)\Panda Security\Panda Security Protection\SQLite3.dll
2015-05-18 10:47 - 2016-01-11 23:43 - 00018880 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2015-03-06 21:42 - 2016-09-07 22:14 - 00784672 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2015-03-06 21:42 - 2016-08-31 20:02 - 04969248 _____ () C:\Program Files (x86)\Steam\v8.dll
2015-03-06 21:42 - 2016-10-12 20:58 - 02321696 _____ () C:\Program Files (x86)\Steam\video.dll
2015-03-06 21:42 - 2016-01-27 02:49 - 02549760 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll
2015-03-06 21:42 - 2016-01-27 02:49 - 00491008 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll
2015-03-06 21:42 - 2016-01-27 02:49 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll
2015-03-06 21:42 - 2016-01-27 02:49 - 00442880 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll
2015-03-06 21:42 - 2016-01-27 02:49 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll
2015-03-06 21:42 - 2016-08-31 20:02 - 01563936 _____ () C:\Program Files (x86)\Steam\icui18n.dll
2015-03-06 21:42 - 2016-08-31 20:02 - 01195296 _____ () C:\Program Files (x86)\Steam\icuuc.dll
2015-03-06 21:42 - 2016-10-12 20:58 - 00836896 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2016-03-10 07:25 - 2016-07-04 17:17 - 00266560 _____ () C:\Program Files (x86)\Steam\openvr_api.dll
2016-09-04 16:15 - 2016-09-04 16:15 - 01383616 _____ () C:\Users\Brad\AppData\Local\Microsoft\OneDrive\17.3.6517.0809_1\ClientTelemetry.dll
2016-09-04 16:15 - 2016-09-04 16:15 - 00118976 _____ () C:\Users\Brad\AppData\Local\Microsoft\OneDrive\17.3.6517.0809_1\FileSyncViews.dll
2016-04-05 10:57 - 2016-04-05 10:57 - 00393608 _____ () C:\Users\Brad\AppData\Roaming\Curse Client\Bin\opus.dll
2016-09-29 19:26 - 2016-11-16 16:10 - 00534408 _____ () C:\Users\Brad\AppData\Roaming\Curse Client\Bin\Curse.Presto.Interface.dll
2016-01-07 08:53 - 2016-01-17 14:46 - 03306496 _____ () C:\Program Files (x86)\BlueStacks\libGLESv2.dll
2014-10-25 05:04 - 2016-12-03 09:30 - 00026624 _____ () C:\Program Files (x86)\ASUS\AXSP\1.00.19\PEbiosinterface32.dll
2014-10-25 05:04 - 2010-06-28 21:58 - 00104448 ____R () C:\Program Files (x86)\ASUS\AXSP\1.00.19\ATKEX.dll
2016-10-15 20:52 - 2016-08-04 15:56 - 49825056 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.winxp\libcef.dll
2016-05-02 16:26 - 2016-05-02 16:26 - 01690504 _____ () C:\Users\Brad\AppData\Roaming\Curse Client\Bin\Electron\libglesv2.dll
2016-05-02 16:26 - 2016-05-02 16:26 - 00018312 _____ () C:\Users\Brad\AppData\Roaming\Curse Client\Bin\Electron\libegl.dll
2016-11-14 16:05 - 2016-11-08 15:29 - 01819240 _____ () C:\Program Files (x86)\Google\Chrome\Application\54.0.2840.99\libglesv2.dll
2016-11-14 16:05 - 2016-11-08 15:29 - 00093288 _____ () C:\Program Files (x86)\Google\Chrome\Application\54.0.2840.99\libegl.dll
 
Remainder of addition.txt

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Program Files\ATI Technologies:Win32App_1
AlternateDataStreams: C:\Program Files\Bonjour:Win32App_1
AlternateDataStreams: C:\Program Files\iTunes:Win32App_1
AlternateDataStreams: C:\Program Files\Microsoft LifeCam:Win32App_1
AlternateDataStreams: C:\Program Files\Nexus Mod Manager:Win32App_1
AlternateDataStreams: C:\Program Files\Panda Security URL Filtering:Win32App_1
AlternateDataStreams: C:\Program Files\TeamSpeak 3 Client:Win32App_1
AlternateDataStreams: C:\Program Files\WinRAR:Win32App_1
AlternateDataStreams: C:\Program Files (x86)\AmUStor:Win32App_1
AlternateDataStreams: C:\Program Files (x86)\Apple Software Update:Win32App_1
AlternateDataStreams: C:\Program Files (x86)\ATI Technologies:Win32App_1
AlternateDataStreams: C:\Program Files (x86)\Battle.net:Win32App_1
AlternateDataStreams: C:\Program Files (x86)\BlueStacks:Win32App_1
AlternateDataStreams: C:\Program Files (x86)\Bonjour:Win32App_1
AlternateDataStreams: C:\Program Files (x86)\Chapter and Verse:Win32App_1
AlternateDataStreams: C:\Program Files (x86)\Diablo III:Win32App_1
AlternateDataStreams: C:\Program Files (x86)\ffdshow:Win32App_1
AlternateDataStreams: C:\Program Files (x86)\Greenfish Icon Editor Pro 3.1:Win32App_1
AlternateDataStreams: C:\Program Files (x86)\iExplorer:Win32App_1
AlternateDataStreams: C:\Program Files (x86)\Microsoft LifeCam:Win32App_1
AlternateDataStreams: C:\Program Files (x86)\Microsoft SQL Server Compact Edition:Win32App_1
AlternateDataStreams: C:\Program Files (x86)\MSXML 4.0:Win32App_1
AlternateDataStreams: C:\Program Files (x86)\OpenOffice 4:Win32App_1
AlternateDataStreams: C:\Program Files (x86)\Origin:Win32App_1
AlternateDataStreams: C:\Program Files (x86)\pandasecuritytb:Win32App_1
AlternateDataStreams: C:\Program Files (x86)\QuickTime:Win32App_1
AlternateDataStreams: C:\Program Files (x86)\REALTEK PCIE Wireless LAN Driver:Win32App_1
AlternateDataStreams: C:\Program Files (x86)\The Witcher 2:Win32App_1
AlternateDataStreams: C:\Program Files (x86)\Windows Live:Win32App_1
AlternateDataStreams: C:\WINDOWS\SysWOW64:Win32App_1
AlternateDataStreams: C:\ProgramData\BlueStacks:Win32App_1
AlternateDataStreams: C:\ProgramData\regid.1991-06.com.microsoft:Win32App_1
AlternateDataStreams: C:\Users\Brad\OneDrive:ms-properties
AlternateDataStreams: C:\Users\Brad\AppData\Roaming\Curse Client:Win32App_1

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iai2c.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SpbCx.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\uefi.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52} => ""="Firmware"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SpbCx.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\uefi.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52} => ""="Firmware"

==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-87857065-1652397247-1537311187-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\Brad\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\cool-wallpapers-2015 (1).jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

HKLM\...\StartupApproved\StartupFolder: => "Audible Download Manager.lnk"
HKLM\...\StartupApproved\Run: => "Logitech Download Assistant"
HKLM\...\StartupApproved\Run: => "BtServer"
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run32: => "StartCCC"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [WirelessDisplay-Infra-In-TCP] => (Allow) %systemroot%\system32\CastSrv.exe
FirewallRules: [{FD7FA108-6D6E-4EF2-B14A-C4B063A43D8B}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\Mass Effect 2\MassEffect2Launcher.exe
FirewallRules: [{5D8EE44B-D298-4024-BDF4-FE4620D72B95}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\Mass Effect 2\MassEffect2Launcher.exe
FirewallRules: [{C501F941-2913-458F-93CC-D133041D12D0}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\Mass Effect 2\Binaries\MassEffect2.exe
FirewallRules: [{E9C4D597-C0CF-4CFE-AE51-0F5653874A6C}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\Mass Effect 2\Binaries\MassEffect2.exe
FirewallRules: [{D52BD1BD-79C4-47E9-9EE6-546884AD82B6}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\Mass Effect\Binaries\MassEffect.exe
FirewallRules: [{026A1224-FD9E-4E0B-87BA-D6765957968E}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\Mass Effect\Binaries\MassEffect.exe
FirewallRules: [{F04D8AF1-E550-48A4-A990-38A436792E5B}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\No Man's Sky\Binaries\NMS.exe
FirewallRules: [{A4B0E13C-3A34-4F55-A1F9-067395D3D46F}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\No Man's Sky\Binaries\NMS.exe
FirewallRules: [UDP Query User{E7745687-946C-4C06-B825-4373441FD4A6}C:\program files (x86)\diablo iii\diablo iii.exe] => (Block) C:\program files (x86)\diablo iii\diablo iii.exe
FirewallRules: [TCP Query User{8FA6B061-8BB5-4EFD-8AF7-64FC7D2CE48C}C:\program files (x86)\diablo iii\diablo iii.exe] => (Block) C:\program files (x86)\diablo iii\diablo iii.exe
FirewallRules: [{E714F4EE-6114-478F-91F0-98C1807A6D64}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\Gloria Victis\gv.exe
FirewallRules: [{139EF27B-03FC-4F8D-8E7A-869E2A891C92}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\Gloria Victis\gv.exe
FirewallRules: [{879B5265-8E68-4E68-920C-20E053CB2045}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\Whos Your Daddy\WhosYourDaddy.exe
FirewallRules: [{C1DEB955-797B-4D64-A7A3-DE6458B9B402}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\Whos Your Daddy\WhosYourDaddy.exe
FirewallRules: [{C3D9A6FD-B14E-412E-9BD5-F46310E87A3B}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\Undertale\UNDERTALE.exe
FirewallRules: [{E95DCB81-CE2A-44DE-B17E-9D615794B712}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\Undertale\UNDERTALE.exe
FirewallRules: [{0ECF37E4-E0AC-4A0D-B764-ADBAB930F136}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\AoW3\AoW3_Debug.exe
FirewallRules: [{204B5C8F-1138-49FA-B85B-A67FA62E1CB9}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\AoW3\AoW3_Debug.exe
FirewallRules: [{3644C81C-52B1-4357-A626-77F8B6247035}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\AoW3\AoW3.exe
FirewallRules: [{A2939D75-8C70-4D6E-9E93-0EE50FE535CF}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\AoW3\AoW3.exe
FirewallRules: [{6B829317-9D5C-4B29-815C-1680E49BD7A8}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\AoW3\AoW3Launcher.exe
FirewallRules: [{FA635E5A-99AC-49FC-8C7C-3A64F74D06C8}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\AoW3\AoW3Launcher.exe
FirewallRules: [UDP Query User{3EA6E349-92A7-4455-A76D-68954C6EF9D6}D:\program files (x86)\steamlibrary\steamapps\common\total war rome ii\rome2.exe] => (Allow) D:\program files (x86)\steamlibrary\steamapps\common\total war rome ii\rome2.exe
FirewallRules: [TCP Query User{5AA84595-8043-4988-A0B8-2140C1AC0169}D:\program files (x86)\steamlibrary\steamapps\common\total war rome ii\rome2.exe] => (Allow) D:\program files (x86)\steamlibrary\steamapps\common\total war rome ii\rome2.exe
FirewallRules: [{6C7FA9D1-B4A7-44F7-BCC4-4A71D3102E9C}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\There's Poop In My Soup\PoopInMySoup.exe
FirewallRules: [{D3512B7A-F61E-4DFC-ADA9-8D9EACB5D9F9}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\There's Poop In My Soup\PoopInMySoup.exe
FirewallRules: [{B6633643-478C-44C8-AF5D-F80B3402D8E9}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\Dying Light\DevTools\DyingLightPlayer.exe
FirewallRules: [{003E745B-5F5D-4ECD-A713-46FCD9309C69}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\Dying Light\DevTools\DyingLightPlayer.exe
FirewallRules: [{F931E38C-B4EE-4A0B-B707-E2ED6A3E76C5}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\Sol Exodus\Binaries\Win32\SOLExodus.exe
FirewallRules: [{1D500FC9-78AC-47A7-B2D1-C7BFD94824D0}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\Sol Exodus\Binaries\Win32\SOLExodus.exe
FirewallRules: [{66B9D1FB-1CB3-4066-B5B4-1192A2FE64A7}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\Starpoint Gemini 2\StarpointGemini2.exe
FirewallRules: [{35B742C3-D391-491A-A86A-7BC65B26CEBA}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\Starpoint Gemini 2\StarpointGemini2.exe
FirewallRules: [UDP Query User{13EE75D6-289E-4AC1-909A-09C9BCDC1EF9}D:\program files\cloud imperium games\starcitizen\public\bin64\starcitizen.exe] => (Allow) D:\program files\cloud imperium games\starcitizen\public\bin64\starcitizen.exe
FirewallRules: [TCP Query User{289EC01C-9E57-471F-873B-DFD85B467EF7}D:\program files\cloud imperium games\starcitizen\public\bin64\starcitizen.exe] => (Allow) D:\program files\cloud imperium games\starcitizen\public\bin64\starcitizen.exe
FirewallRules: [UDP Query User{5953F793-FADA-4637-A03D-BC98AD603D47}D:\program files\cloud imperium games\patcher\cigpatcher.exe] => (Allow) D:\program files\cloud imperium games\patcher\cigpatcher.exe
FirewallRules: [TCP Query User{07A61C72-7E0C-4D7D-94DB-B6125C7342C5}D:\program files\cloud imperium games\patcher\cigpatcher.exe] => (Allow) D:\program files\cloud imperium games\patcher\cigpatcher.exe
FirewallRules: [{41EB07CE-1B46-45C4-8F1D-554CA375C1E6}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\Kerbal Space Program\KSP_x64.exe
FirewallRules: [{839DABED-862D-437C-B1C9-2A95177C536E}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\Kerbal Space Program\KSP_x64.exe
FirewallRules: [{9B4EA84D-EA74-4CDE-9088-AB058A79CC0F}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\Metro Last Light\MetroLL.exe
FirewallRules: [{9DC789BC-D1C9-4405-9BC9-C57559B51B3A}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\Metro Last Light\MetroLL.exe
FirewallRules: [{15C2743A-47A9-4D49-9FD0-46F96DFDD536}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\ShadowOfMordor\x64\ShadowOfMordor.exe
FirewallRules: [{53186DF6-2894-4FEF-9932-8449E7FCD15F}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\ShadowOfMordor\x64\ShadowOfMordor.exe
FirewallRules: [UDP Query User{B161E441-1828-4278-8A1E-981D553BC68B}C:\users\brad\appdata\local\frontier_developments\products\combat_tutorial_demo\elitedangerous32.exe] => (Allow) C:\users\brad\appdata\local\frontier_developments\products\combat_tutorial_demo\elitedangerous32.exe
FirewallRules: [TCP Query User{443E3D95-ACC6-4071-A729-C92E41406CB2}C:\users\brad\appdata\local\frontier_developments\products\combat_tutorial_demo\elitedangerous32.exe] => (Allow) C:\users\brad\appdata\local\frontier_developments\products\combat_tutorial_demo\elitedangerous32.exe
FirewallRules: [UDP Query User{5E25A5F9-07E6-42A4-81B8-A04E2DC4B85D}D:\program files (x86)\steamlibrary\steamapps\common\elite dangerous\products\elite-dangerous-64\elitedangerous64.exe] => (Allow) D:\program files (x86)\steamlibrary\steamapps\common\elite dangerous\products\elite-dangerous-64\elitedangerous64.exe
FirewallRules: [TCP Query User{AA0476B2-B61B-46C0-B450-80B08DFE740C}D:\program files (x86)\steamlibrary\steamapps\common\elite dangerous\products\elite-dangerous-64\elitedangerous64.exe] => (Allow) D:\program files (x86)\steamlibrary\steamapps\common\elite dangerous\products\elite-dangerous-64\elitedangerous64.exe
FirewallRules: [UDP Query User{43F53460-66DC-4019-9DA9-C944EF36F20D}C:\users\brad\appdata\local\frontier_developments\products\elite-dangerous-64\elitedangerous64.exe] => (Allow) C:\users\brad\appdata\local\frontier_developments\products\elite-dangerous-64\elitedangerous64.exe
FirewallRules: [TCP Query User{253EC5B8-8F42-4989-B770-28CFC41274B3}C:\users\brad\appdata\local\frontier_developments\products\elite-dangerous-64\elitedangerous64.exe] => (Allow) C:\users\brad\appdata\local\frontier_developments\products\elite-dangerous-64\elitedangerous64.exe
FirewallRules: [{6606FE1A-1335-43D4-B3BF-633F895C1EF7}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\GoatSimulator\Binaries\Win32\GoatGame-Win32-Shipping.exe
FirewallRules: [{DC2A561A-88F7-4635-A442-7AA775FBDBDF}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\GoatSimulator\Binaries\Win32\GoatGame-Win32-Shipping.exe
FirewallRules: [{CC759BE9-2EF2-4D24-9C0A-745FD29A502E}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\iambread\IamBread.exe
FirewallRules: [{FE38B6E0-A33E-4188-B724-E514B383ECAF}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\iambread\IamBread.exe
FirewallRules: [{F403F37A-BDEB-40B5-9A81-06F06C8CE692}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame_BE.exe
FirewallRules: [{1123A85F-96D3-4E4B-A7A3-4CE5BDD289C6}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame_BE.exe
FirewallRules: [{62BF58B4-CE73-4CAC-85C2-397B0F27F310}] => (Allow) C:\Program Files (x86)\pandasecuritytb\ToolbarCleaner.exe
FirewallRules: [{C46C7871-F900-4AA8-967D-CD3079B64EA7}] => (Allow) C:\Program Files (x86)\pandasecuritytb\ToolbarCleaner.exe
FirewallRules: [{8738B40A-9F87-44D9-A64E-5CC5574CE487}] => (Allow) C:\Program Files (x86)\pandasecuritytb\cleanupie.exe
FirewallRules: [{3CD73411-B351-4198-8148-D5B96D5B84C0}] => (Allow) C:\Program Files (x86)\pandasecuritytb\cleanupie.exe
FirewallRules: [{BE18DFBA-E558-4D37-BF1C-695BBA681C23}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\Double Action\bin\hlmv.exe
FirewallRules: [{540B5E2F-302E-4371-B389-9A101F6B5514}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\Double Action\bin\hlmv.exe
FirewallRules: [{72E15DEF-3523-4215-A37E-CDA60EC29234}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\Subnautica\Subnautica.exe
FirewallRules: [{46B83677-30FE-45AE-8D42-F9097C19FCD6}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\Subnautica\Subnautica.exe
FirewallRules: [UDP Query User{8E629DEE-8999-4CBE-BF56-136D68373701}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [TCP Query User{9965D2AB-9556-4660-897C-58D9198D5596}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{BB9A6275-C615-4F79-99DA-D5D8D44380C0}D:\program files (x86)\steamlibrary\steamapps\common\ark\shootergame\binaries\win64\shootergameserver.exe] => (Block) D:\program files (x86)\steamlibrary\steamapps\common\ark\shootergame\binaries\win64\shootergameserver.exe
FirewallRules: [TCP Query User{0FBBFE29-2FFA-46D4-8825-872F212E6AA9}D:\program files (x86)\steamlibrary\steamapps\common\ark\shootergame\binaries\win64\shootergameserver.exe] => (Block) D:\program files (x86)\steamlibrary\steamapps\common\ark\shootergame\binaries\win64\shootergameserver.exe
FirewallRules: [{F478D37C-A908-467E-BDC4-45E4D7073221}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame.exe
FirewallRules: [{20699B1B-BB3C-421B-A9F4-6E8B40D36BBB}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame.exe
FirewallRules: [{6343B2FC-0AC7-4C44-A029-CB8AF4EC46FC}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\Rust\Rust.exe
FirewallRules: [{A320756E-D5F9-4D12-8FB7-23080AF1A300}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\Rust\Rust.exe
FirewallRules: [{1D953AB8-D4FA-40E4-ACCA-792C2E33BAEF}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\Double Action\hl2.exe
FirewallRules: [{C855ADFA-3F63-43D1-9395-DA463F97BB34}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\Double Action\hl2.exe
FirewallRules: [{C84730B9-637A-40CC-A0E3-0EE376314BD0}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\PAYDAY 2\payday2_win32_release.exe
FirewallRules: [{77AD4C04-F787-405E-AC6A-5BBADAE78A04}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\PAYDAY 2\payday2_win32_release.exe
FirewallRules: [UDP Query User{52612F36-5605-414A-9A29-3766E19E7F41}D:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) D:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [TCP Query User{7240DEEC-8B14-4886-863B-FBD0D1392A3B}D:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) D:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [{A5BD78AB-2F52-43CE-8738-194A89039243}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\BioShock Infinite\Binaries\Win32\BioShockInfinite.exe
FirewallRules: [{6703B5F9-C398-4CC7-95B6-0EFBF7745ADC}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\BioShock Infinite\Binaries\Win32\BioShockInfinite.exe
FirewallRules: [{B11E7C72-D50F-4CC7-8D90-DCF51DC9B973}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\Assassin's Creed 3\AC3MP.exe
FirewallRules: [{E4C89464-E3A8-4399-8AF2-93BE8EA07934}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\Assassin's Creed 3\AC3MP.exe
FirewallRules: [{7C6DF882-7AFB-4AF8-BD8E-A40276A4CAE3}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\Assassin's Creed 3\AC3SP.exe
FirewallRules: [{21C1DA96-1568-4CD9-B66E-E8FE05B23625}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\Assassin's Creed 3\AC3SP.exe
FirewallRules: [{8F3B6732-6B20-49A8-A59A-7EFC04BBECB0}] => (Allow) C:\Program Files (x86)\pandasecuritytb\dtUser.exe
FirewallRules: [{5A31A31E-5D33-458B-81E3-9AC31FBDA137}] => (Allow) C:\Program Files (x86)\pandasecuritytb\dtUser.exe
FirewallRules: [{89B81687-4988-4ADD-8806-106730566A16}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\Call of Duty World at War\CoDWaWmp.exe
FirewallRules: [{F9ADCC3B-9FB4-47E9-A236-C118981E0021}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\Call of Duty World at War\CoDWaWmp.exe
FirewallRules: [{6B5CDA66-CBAE-4EB5-B48E-CC8438E3CE16}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\Call of Duty World at War\CoDWaW.exe
FirewallRules: [{6450EEC5-99CC-4AE1-8A4E-74941E5A92CF}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\Call of Duty World at War\CoDWaW.exe
FirewallRules: [{7537D7D7-D4F8-4346-B4FC-870A981A3784}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\GarrysMod\hl2.exe
FirewallRules: [{CC1C41F8-35CD-4D3A-8750-B051FD95A71F}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\GarrysMod\hl2.exe
FirewallRules: [{71E2388D-A329-492E-8DCA-E6EC93EB5AFB}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\Dying Light\DevTools\DyingLightPlayer.exe
FirewallRules: [{EA3E41E8-D2A1-4DFF-8FBD-98FACBA23C7D}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\Dying Light\DevTools\DyingLightPlayer.exe
FirewallRules: [{43E7B047-0412-49FA-8904-EE246DA031AA}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\Elite Dangerous\EDLaunch.exe
FirewallRules: [{3A2798E8-423B-40C4-8121-93502E0FF4F9}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\Elite Dangerous\EDLaunch.exe
FirewallRules: [{BF2CC9B8-3C2A-4DA6-B873-E61AB8331B46}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\Creativerse\Creativerse.exe
FirewallRules: [{6C0B08C3-1985-4E3C-8D31-B49668AE662A}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\Creativerse\Creativerse.exe
FirewallRules: [{5B341CB5-9523-4BD2-B984-67F79E421874}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\Wolfenstein.The.New.Order\WolfNewOrder_x64.exe
FirewallRules: [{391947C5-0E7A-49CE-BBF1-2C5B0E060D5F}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\Wolfenstein.The.New.Order\WolfNewOrder_x64.exe
FirewallRules: [{D32CE20E-35FB-44A3-9571-8E9BFCC09499}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{1856723A-D053-4209-A3EA-F55F11FEC0C2}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{6FF91C2B-F24B-4088-BD2E-EFCA8F033557}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\Five Nights at Freddy's 3\FiveNightsatFreddys3.exe
FirewallRules: [{388695DE-30A9-4A04-A9B7-AA02BB709B9D}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\Five Nights at Freddy's 3\FiveNightsatFreddys3.exe
FirewallRules: [{0273FDC2-C6F1-407F-9C78-E5D12AD896D1}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [{2552EBC6-4FC0-4AD5-A59E-34431A8CE6DE}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [{9C906C2B-731E-4520-B7AB-D6EE982141C5}] => (Allow) D:\Program Files (x86)\MAGIX\Movie Edit Pro Plus 2015\Videodeluxe.exe
FirewallRules: [{A0D295BE-5A0B-4213-9E7E-51D9CE5369EA}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\Kerbal Space Program\KSP.exe
FirewallRules: [{B74ABFD0-55F1-458A-A7EC-29D4DBC1F3A6}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\Kerbal Space Program\KSP.exe
FirewallRules: [{FDAE7E8A-CCD3-4C18-AAF3-9E1C77CD5791}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\Dying Light\DyingLightGame.exe
FirewallRules: [{6FD87114-7869-45F7-89B9-FD0D19A0677E}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\Dying Light\DyingLightGame.exe
FirewallRules: [{02AB8052-514D-47CF-A4C8-78C67862A48C}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\Spore\SporebinEP1\SporeApp.exe
FirewallRules: [{7EEC777D-9FBE-4CDE-8692-B4004C83611E}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\Spore\SporebinEP1\SporeApp.exe
FirewallRules: [{419A5F97-E1A6-41DF-85EA-C575F667D8FD}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [{05C5038B-AAAA-4E59-B316-32A4DDE71544}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [{A8D8A3FA-8A03-4045-98F2-8FBB41449B28}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ShadowOfMordor\x64\ShadowOfMordor.exe
FirewallRules: [{4F2667FE-C19E-4674-82F2-15D3E5B31D0A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ShadowOfMordor\x64\ShadowOfMordor.exe
FirewallRules: [{9812F379-52C1-49DC-9C7E-08DA8D07641C}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{FFA56B16-0830-4036-A5EC-5133ED417912}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{B0D469A3-B513-48F0-A0F4-F40D191AFC9A}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{E1DEAFF5-2A31-4ECB-917C-E7BA9AEE765A}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{8655B431-EBA2-4A79-BE4C-F792E28F53FF}] => (Allow) LPort=1900
FirewallRules: [{CC7BDC64-BF65-439B-AB9C-615622B2511A}] => (Allow) LPort=2869
FirewallRules: [{7863A705-53AA-4D7C-BF74-76EF8141ADD5}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{1D9C79E8-F90F-4E7A-AD6E-6149E8D7833F}] => (Allow) C:\Program Files\CyberLink\PowerDirector10\PDR10.EXE
FirewallRules: [{CBE06FFD-3C7C-46E6-89F1-EB8173BA7364}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{456415DA-51FD-45E4-AD1B-794195D15EF1}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{5BC141E2-6EFD-43DB-BBD4-9BC281C82E08}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{973F0F0E-639D-407B-85F4-C26CA46587A5}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{B4281BF7-F46B-4797-BD7B-09F28E93FEEA}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{1676D645-66E7-4E96-8156-C6D242C4D49F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [TCP Query User{B7DBD7AD-61D2-4B0D-9082-8B14E0AA9BEC}C:\users\brad\appdata\local\frontier_developments\products\forc-fdev-d-1010\elitedangerous32.exe] => (Allow) C:\users\brad\appdata\local\frontier_developments\products\forc-fdev-d-1010\elitedangerous32.exe
FirewallRules: [UDP Query User{78D7BD0D-AD50-4E17-9FF2-B8AEE9C56059}C:\users\brad\appdata\local\frontier_developments\products\forc-fdev-d-1010\elitedangerous32.exe] => (Allow) C:\users\brad\appdata\local\frontier_developments\products\forc-fdev-d-1010\elitedangerous32.exe
FirewallRules: [{221079D4-86B4-48B5-99B6-05710FEBC4D9}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\Saints Row IV\SaintsRowIV.exe
FirewallRules: [{13F55B59-03CF-4E5F-A680-F69B7D82DA92}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\Saints Row IV\SaintsRowIV.exe
FirewallRules: [{A3D57B0F-5031-4A66-8251-E417DE16F6D8}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{C3808DF4-46F5-4E2C-BD1B-7B4398B4B0A4}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{0E964BA2-1811-4103-AFCB-57F816D96904}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{5D0F1046-14AD-4DA1-9DB6-33C8192C49B1}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{3EA294BB-50A5-4D24-9414-013A8A548092}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\Total War Rome II\launcher\launcher.exe
FirewallRules: [{FE14DFA0-30B7-4125-B343-7983AB672A57}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\Total War Rome II\launcher\launcher.exe
FirewallRules: [{80254282-3277-4C38-9307-2B1832F26D14}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{71F6D9AD-71A8-464F-9C90-3D6823AC71D5}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{3800ED9E-4D6E-4FC5-8E8D-D90AB2959858}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\Besiege\Besiege.exe
FirewallRules: [{173F194C-E163-499C-A215-FB3B94F4FC8F}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\Besiege\Besiege.exe
FirewallRules: [TCP Query User{53A517BC-3BEC-4585-92F7-4C05A9DA2172}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{D63E2A60-6324-4537-AD39-1395EA3A2675}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{D191D7A3-C5F2-4590-B2B2-F6A2FE1A8C4B}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{E15A0304-539D-4778-A527-52C6AA6DF4FC}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{A4F055E2-57FB-4DFE-BFFC-E346CAEEFD81}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{F19D9295-4AE1-48B1-A677-D5B6B0657E7D}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{C2C6C97A-4224-466E-AB30-E194977D3178}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed Brotherhood\ACBSP.exe
FirewallRules: [{372E3892-4279-4FA7-8FB4-78553F107114}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed Brotherhood\ACBSP.exe
FirewallRules: [{36E7668C-AB74-4B2F-B2EF-284EFB934D42}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed Brotherhood\ACBMP.exe
FirewallRules: [{382EC472-28A2-4E07-870E-41544A0D5FDB}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed Brotherhood\ACBMP.exe
FirewallRules: [{F216DDFD-4084-43E3-BF32-D1AE6844B812}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed Brotherhood\AssassinsCreedBrotherhood.exe
FirewallRules: [{A399EC2E-0980-4E7B-B9D3-0355CB194F64}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed Brotherhood\AssassinsCreedBrotherhood.exe
FirewallRules: [{B5F3D0A5-8D06-4174-8D14-2F6BA4DE2FBB}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed Brotherhood\UPlayBrowser.exe
FirewallRules: [{5975FDAD-E6B7-4D0C-B7DF-697DBAD42459}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed Brotherhood\UPlayBrowser.exe
FirewallRules: [TCP Query User{A1334F68-6DA3-4B32-8C16-F6E42A3A5766}C:\users\brad\appdata\roaming\mjusbsp\magicjack.exe] => (Allow) C:\users\brad\appdata\roaming\mjusbsp\magicjack.exe
FirewallRules: [UDP Query User{FA2D4AB3-B7F5-4F30-A163-03D32890381A}C:\users\brad\appdata\roaming\mjusbsp\magicjack.exe] => (Allow) C:\users\brad\appdata\roaming\mjusbsp\magicjack.exe
FirewallRules: [TCP Query User{07A29E1B-62B3-4713-B060-38563486B732}C:\users\brad\documents\curse\minecraft\install\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\users\brad\documents\curse\minecraft\install\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{502A556B-A82C-41A6-8F73-51DEB482A627}C:\users\brad\documents\curse\minecraft\install\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\users\brad\documents\curse\minecraft\install\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [{FDF03BC4-8FF1-4DFA-89B6-27FDE3DD12D3}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\Double Action\bin\hammer.exe
FirewallRules: [{2C4C3F1E-0247-45CF-9ED7-73B4005A6C8D}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\Double Action\bin\hammer.exe
FirewallRules: [TCP Query User{A51C40B6-3B81-43F5-B425-6BBEEFB9E9CA}C:\program files\java\jre1.8.0_73\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_73\bin\javaw.exe
FirewallRules: [UDP Query User{DF080982-57C4-4E63-A4CA-ED7833A94301}C:\program files\java\jre1.8.0_73\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_73\bin\javaw.exe
FirewallRules: [{90FD4E19-CE87-4C05-A986-DC1F8A2C01D2}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{2B118DA8-2555-4C4B-A342-587A25FED9B2}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\Firewatch\Firewatch.exe
FirewallRules: [{C05C53F4-3BDB-4142-91EC-8A0F1DA74A3A}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\Firewatch\Firewatch.exe
FirewallRules: [{C2C149E6-7EF2-48E8-AA40-8E7DB2A051D8}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\The Stanley Parable\stanley.exe
FirewallRules: [{A5829422-8AD6-465E-BBC4-17D4AC005CEA}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\The Stanley Parable\stanley.exe
FirewallRules: [{0B7D58A6-3B01-4D45-A904-82AA6E6389E7}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{47ACB1F9-B964-4328-B01D-E22E06705C9A}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\Warhammer End Times Vermintide\launcher\launcher.exe
FirewallRules: [{CB76068B-372C-4513-A3E9-24EEDCAF6172}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\Warhammer End Times Vermintide\launcher\launcher.exe
FirewallRules: [{A1723076-9A04-42D4-B9FB-A5D6A7A6A308}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\Warhammer End Times Vermintide\binaries\vermintide.exe
FirewallRules: [{C54A2F40-DA8D-4C27-BB48-6207C122FD2E}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\Warhammer End Times Vermintide\binaries\vermintide.exe
FirewallRules: [{03AB3F19-C8E1-46D1-B578-3453D54C35A5}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\TigerKnight_EW\frontend\bin\frontend.exe
FirewallRules: [{631DCF06-232E-4F6C-A030-12F67858FC08}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\TigerKnight_EW\frontend\bin\frontend.exe

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (12/03/2016 09:42:51 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: PSUAMain.exe, version: 4.0.0.646, time stamp: 0x56291049
Faulting module name: CC3290MT.DLL, version: 9.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x000193ee
Faulting process id: 0x33a4
Faulting application start time: 0xPSUAMain.exe0
Faulting application path: PSUAMain.exe1
Faulting module path: PSUAMain.exe2
Report Id: PSUAMain.exe3
Faulting package full name: PSUAMain.exe4
Faulting package-relative application ID: PSUAMain.exe5

Error: (12/03/2016 09:30:13 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: WmiApRplC:\WINDOWS\system32\wbem\wmiaprpl.dll4

Error: (12/03/2016 09:30:09 AM) (Source: Perflib) (EventID: 1023) (User: )
Description: rdyboost4

Error: (12/03/2016 09:30:08 AM) (Source: PerfNet) (EventID: 2004) (User: )
Description:

Error: (12/03/2016 09:30:06 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: MSDTCC:\WINDOWS\system32\msdtcuiu.DLL4

Error: (12/03/2016 09:30:04 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: LsaC:\Windows\System32\Secur32.dll4

Error: (12/03/2016 09:30:03 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: ESENTC:\WINDOWS\system32\esentprf.dll4

Error: (12/03/2016 09:13:21 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: WmiApRplC:\WINDOWS\system32\wbem\wmiaprpl.dll4

Error: (12/03/2016 09:13:21 AM) (Source: Perflib) (EventID: 1023) (User: )
Description: rdyboost4

Error: (12/03/2016 09:13:21 AM) (Source: PerfNet) (EventID: 2004) (User: )
Description:


System errors:
=============
Error: (12/03/2016 09:31:55 AM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: {784E29F4-5EBE-4279-9948-1E8FE941646D}

Error: (12/03/2016 09:31:50 AM) (Source: DCOM) (EventID: 10016) (User: GAMING_RIG)
Description: machine-defaultLocalActivation{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}Gaming_rigBradS-1-5-21-87857065-1652397247-1537311187-1002LocalHost (Using LRPC)Microsoft.Windows.Cortana_1.7.0.14393_neutral_neutral_cw5n1h2txyewyS-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742

Error: (12/03/2016 09:28:58 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalActivation{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (Using LRPC)UnavailableUnavailable

Error: (12/03/2016 09:28:58 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalActivation{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (Using LRPC)UnavailableUnavailable

Error: (12/03/2016 09:28:56 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalActivation{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}{F72671A9-012C-4725-9D2F-2A4D32D65169}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)UnavailableUnavailable

Error: (12/03/2016 09:27:52 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The BstHdDrv service failed to start due to the following error:
%%2

Error: (12/03/2016 09:27:51 AM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: The HomeGroupListener service terminated with the following service-specific error:
%%2147944153

Error: (12/03/2016 08:15:05 AM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: {784E29F4-5EBE-4279-9948-1E8FE941646D}

Error: (12/03/2016 08:12:07 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalActivation{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (Using LRPC)UnavailableUnavailable

Error: (12/03/2016 08:12:07 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalActivation{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (Using LRPC)UnavailableUnavailable


==================== Memory info ===========================

Processor: AMD A10-6700 APU with Radeon(tm) HD Graphics
Percentage of memory in use: 30%
Total physical RAM: 12227.93 MB
Available physical RAM: 8544.34 MB
Total Virtual: 14083.93 MB
Available Virtual: 9645.16 MB

==================== Drives ================================

Drive c: (Windows) (Fixed) (Total:150 GB) (Free:6.99 GB) NTFS
Drive d: (Data) (Fixed) (Total:762.98 GB) (Free:240.36 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 5D8B4C82)

Partition: GPT.

==================== End of Addition.txt ============================
 
Welcome aboard

Please, observe following rules:
  • Read all of my instructions very carefully. Your mistakes during cleaning process may have very serious consequences, like unbootable computer.
  • If you're stuck, or you're not sure about certain step, always ask before doing anything else.
  • Please refrain from running any tools, fixes or applying any changes to your computer other than those I suggest.
  • Never run more than one scan at a time.
  • Keep updating me regarding your computer behavior, good, or bad.
  • The cleaning process, once started, has to be completed. Even if your computer appears to act better, it may still be infected. Once the computer is totally clean, I'll certainly let you know.
  • If you leave the topic without explanation in the middle of a cleaning process, you may not be eligible to receive any more help in malware removal forum.
  • I close my topics if you have not replied in 5 days. If you need more time, simply let me know. If I closed your topic and you need it to be reopened, simply PM me.

==================================

I see that file running at startup so we shouldn't have any problem take care of it.

redtarget.gif
Download RogueKiller from one of the following links and save it to your Desktop:

Link 1
Link 2
  • Close all the running programs
  • Double click on downloaded setup.exe file to install the program.
  • Click on Start Scan button.
  • Click on another Start Scan button.
  • Wait until the Status box shows Scan Finished
  • Click on Delete.
  • Wait until the Status box shows Deleting Finished.
  • Click on Report and copy/paste the content of the Notepad into your next reply.
  • RKreport.txt could also be found on your desktop.
  • If more than one log is produced post all logs.

redtarget.gif
Please download Malwarebytes Anti-Malware to your desktop.
  • Double-click mbam-setup-2.0.0.1000.exe and follow the prompts to install the program.
  • At the end, be sure a checkmark is placed next to the following:
  • Launch Malwarebytes Anti-Malware
  • A 14 day trial of the Premium features is pre-selected. You may deselect this if you wish, and it will not diminish the scanning and removal capabilities of the program.
  • Click Finish.
  • On the Dashboard, click the 'Update Now >>' link
  • After the update completes, click the 'Scan Now >>' button.
  • Or, on the Dashboard, click the Scan Now >> button.
  • If an update is available, click the Update Now button.
  • A Threat Scan will begin.
  • When the scan is complete, if there have been detections, click Apply Actions to allow MBAM to clean what was detected.
  • In most cases, a restart will be required.
  • Wait for the prompt to restart the computer to appear, then click on Yes.

Already installed:
2.0 Threat Scan
  • On the Dashboard, click the 'Update Now >>' link
  • After the update completes, click the 'Scan Now >>' button.
  • Or, on the Dashboard, click the Scan Now >> button.
  • If an update is available, click the Update Now button.
  • A Threat Scan will begin.
  • When the scan is complete, if there have been detections, click Apply Actions to allow MBAM to clean what was detected.
  • In most cases, a restart will be required.
  • Wait for the prompt to restart the computer to appear, then click on Yes.
How to get logs:
(Export log to save as txt)
  • After the restart once you are back at your desktop, open MBAM once more.
  • Click on the History tab > Application Logs.
  • Double click on the scan log which shows the Date and time of the scan just performed.
  • Click 'Export'.
  • Click 'Text file (*.txt)'
  • In the Save File dialog box which appears, click on Desktop.
  • In the File name: box type a name for your scan log.
  • A message box named 'File Saved' should appear stating "Your file has been successfully exported".
  • Click Ok
  • Attach that saved log to your next reply.
(Copy to clipboard for pasting into forum replies or tickets)
  • After the restart once you are back at your desktop, open MBAM once more.
  • Click on the History tab > Application Logs.
  • Double click on the scan log which shows the Date and time of the scan just performed.
  • Click 'Copy to Clipboard'
  • Paste the contents of the clipboard into your reply.

redtarget.gif
Please download AdwCleaner by Xplode and save to your Desktop.
  • Double click on AdwCleaner.exe to run the tool.
    Vista/Windows 7/8 users right-click and select [URL='https://www.techspot.com/guides/1718-run-as-administrator-explained/]Run As Administrator[/URL]
  • The tool will start to update the database if one is required.
  • Click on the Scan button.
  • AdwCleaner will begin...be patient as the scan may take some time to complete.
  • After the scan has finished, click on the Logfile button.
  • A window will open which lists the logs of your scans.
  • Click on the Scan tab.
  • Double-click the most recent scan which will be at the top of the list....the log will appear.
  • Review the results...see note below
  • After reviewing the log, click on the Clean button.
  • Press OK when asked to close all programs and follow the onscreen prompts.
  • Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
  • After rebooting, a logfile report (AdwCleaner[CX].txt) will open automatically (where the largest value of X represents the most recent report).
  • To open a Cleaning log, launch AdwareClearer, click on the Logfile button, click on the Cleaning tab and double-click the log at the top of the list.
  • Copy and paste the contents of AdwCleaner[CX].txt in your next reply.
  • A copy of all logfiles are saved to C:\AdwCleaner.

-- Note: The contents of the AdwCleaner log file may be confusing. Unless you see a program name or entry that you recognize and know should not be removed, don't worry about it. If you see an entry you want to keep, return to AdwCleaner before cleaning...all detected items will be listed (and checked) in each tab. Click on and uncheck any items you want to keep.


redtarget.gif
Please download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista or Seven, right-mouse click it and select Run as Administrator.
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.
 
Here is the report from roguekiller

RogueKiller V12.8.3.0 (x64) [Nov 28 2016] (Free) by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : http://forum.adlice.com
Website : http://www.adlice.com/download/roguekiller/
Blog : http://www.adlice.com

Operating System : Windows 10 (10.0.14393) 64 bits version
Started in : Normal mode
User : Brad [Administrator]
Started from : C:\Program Files\RogueKiller\RogueKiller64.exe
Mode : Delete -- Date : 12/04/2016 06:45:54 (Duration : 00:53:12)

¤¤¤ Processes : 0 ¤¤¤

¤¤¤ Registry : 15 ¤¤¤
[PUP] (X64) HKEY_CLASSES_ROOT\CLSID\{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} (C:\Program Files (x86)\pandasecuritytb\pandasecurityDx64.dll) -> Not selected
[PUP] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} (C:\Program Files (x86)\pandasecuritytb\pandasecurityDx64.dll) -> Not selected
[PUP] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} (C:\Program Files (x86)\pandasecuritytb\pandasecurityDx64.dll) -> Not selected
[PUP] (X64) HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar | {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} : Panda Security Toolbar (C:\Program Files (x86)\pandasecuritytb\pandasecurityDx64.dll) -> Not selected
[PUP] (X86) HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar | {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} : Panda Security Toolbar (C:\Program Files (x86)\pandasecuritytb\pandasecurityDx64.dll) -> Not selected
[Suspicious.Path|VT.UDS:DangerousObject.Multi.Generic] (X64) HKEY_USERS\S-1-5-21-87857065-1652397247-1537311187-1002\Software\Microsoft\Windows\CurrentVersion\Run | prsetup.exe : "C:\Users\Brad\AppData\Local\Temp\is-EVQ74.tmp\prsetup.exe" /logon [-] -> Deleted
[Suspicious.Path|VT.UDS:DangerousObject.Multi.Generic] (X86) HKEY_USERS\S-1-5-21-87857065-1652397247-1537311187-1002\Software\Microsoft\Windows\CurrentVersion\Run | prsetup.exe : "C:\Users\Brad\AppData\Local\Temp\is-EVQ74.tmp\prsetup.exe" /logon [-] -> ERROR [2]
[PUM.HomePage] (X64) HKEY_USERS\S-1-5-21-87857065-1652397247-1537311187-1002\Software\Microsoft\Internet Explorer\Main | Default_Page_URL : http://asus13.msn.com/?pc=ASJB -> Not selected
[PUM.HomePage] (X86) HKEY_USERS\S-1-5-21-87857065-1652397247-1537311187-1002\Software\Microsoft\Internet Explorer\Main | Default_Page_URL : http://asus13.msn.com/?pc=ASJB -> Not selected
[PUP|VT.not-a-virus:WebToolbar.Win32.Visicom.a] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {62BF58B4-CE73-4CAC-85C2-397B0F27F310} : v2.25|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\Program Files (x86)\pandasecuritytb\ToolbarCleaner.exe|Name=ToolbarCleaner| [7] -> Deleted
[PUP|VT.not-a-virus:WebToolbar.Win32.Visicom.a] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {C46C7871-F900-4AA8-967D-CD3079B64EA7} : v2.25|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\Program Files (x86)\pandasecuritytb\ToolbarCleaner.exe|Name=ToolbarCleaner| [7] -> Deleted
[PUP] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {8738B40A-9F87-44D9-A64E-5CC5574CE487} : v2.25|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\Program Files (x86)\pandasecuritytb\cleanupie.exe|Name=Panda Security Toolbar IE Cleaner| [7] -> Not selected
[PUP] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {3CD73411-B351-4198-8148-D5B96D5B84C0} : v2.25|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\Program Files (x86)\pandasecuritytb\cleanupie.exe|Name=Panda Security Toolbar IE Cleaner| [7] -> Not selected
[PUP] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {8F3B6732-6B20-49A8-A59A-7EFC04BBECB0} : v2.22|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\Program Files (x86)\pandasecuritytb\dtUser.exe|Name=Panda Security Toolbar DTX Broker| [x] -> Not selected
[PUP] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {5A31A31E-5D33-458B-81E3-9AC31FBDA137} : v2.22|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\Program Files (x86)\pandasecuritytb\dtUser.exe|Name=Panda Security Toolbar DTX Broker| [x] -> Not selected

¤¤¤ Tasks : 0 ¤¤¤

¤¤¤ Files : 3 ¤¤¤
[Tr.Generic][File] C:\Users\Brad\Desktop\Piskel-0.5.2.exe - Shortcut.lnk [LNK@] C:\Users\Brad\Pictures\PISKEL~1\piskel\PISKEL~1.EXE -> Deleted
[PUP][Folder] C:\Program Files (x86)\pandasecuritytb -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\content\custom.js -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\content\lib\about.xml -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\content\lib\emailnotifierproviders.xml -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\content\lib\external.js -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\content\lib\externalFF.js -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\content\lib\neterror.xhtml -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\content\lib\rsspreview.html -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\content\lib\rsswin.xml -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\content\lib\rsswin.xsl -> Deleted
[PUP][Folder] C:\Program Files (x86)\pandasecuritytb\chrome\content\lib -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\content\modules\datastore.jsm -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\content\modules\nsDragAndDrop.js -> Deleted
[PUP][Folder] C:\Program Files (x86)\pandasecuritytb\chrome\content\modules -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\content\newtab\images\btn_search.gif -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\content\newtab\images\bullet.gif -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\content\newtab\images\field_bg.gif -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\content\newtab\images\powered_by_yahoo.gif -> Deleted
[PUP][Folder] C:\Program Files (x86)\pandasecuritytb\chrome\content\newtab\images -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\content\newtab\newtab.html -> Deleted
[PUP][Folder] C:\Program Files (x86)\pandasecuritytb\chrome\content\newtab -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\content\partner.xml -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\content\preferences.xml -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\content\toolbar.htm -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\content\widgets\com.mystart.BrowserHistoryCleaner\tb_icon-over.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\content\widgets\com.mystart.BrowserHistoryCleaner\tb_icon.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\content\widgets\com.mystart.BrowserHistoryCleaner\widget.js -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\content\widgets\com.mystart.BrowserHistoryCleaner\widget.xml -> Deleted
[PUP][Folder] C:\Program Files (x86)\pandasecuritytb\chrome\content\widgets\com.mystart.BrowserHistoryCleaner -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\content\widgets\net.vmn.www.BrowserDataCleaner\ClearBrowserDataDialog.xml -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\content\widgets\net.vmn.www.BrowserDataCleaner\tb_icon.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\content\widgets\net.vmn.www.BrowserDataCleaner\widget.js -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\content\widgets\net.vmn.www.BrowserDataCleaner\widget.xml -> Deleted
[PUP][Folder] C:\Program Files (x86)\pandasecuritytb\chrome\content\widgets\net.vmn.www.BrowserDataCleaner -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\content\widgets\net.vmn.www.Coupons_v5\images\alert_default.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\content\widgets\net.vmn.www.Coupons_v5\images\alert_notification.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\content\widgets\net.vmn.www.Coupons_v5\images\coupon-alert.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\content\widgets\net.vmn.www.Coupons_v5\images\coupon-default.png -> Deleted
[PUP][Folder] C:\Program Files (x86)\pandasecuritytb\chrome\content\widgets\net.vmn.www.Coupons_v5\images -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\content\widgets\net.vmn.www.Coupons_v5\widget.js -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\content\widgets\net.vmn.www.Coupons_v5\widget.xml -> Deleted
[PUP][Folder] C:\Program Files (x86)\pandasecuritytb\chrome\content\widgets\net.vmn.www.Coupons_v5 -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\content\widgets\net.vmn.www.ToolbarCleaner\tb_icon.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\content\widgets\net.vmn.www.ToolbarCleaner\widget.js -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\content\widgets\net.vmn.www.ToolbarCleaner\widget.xml -> Deleted
[PUP][Folder] C:\Program Files (x86)\pandasecuritytb\chrome\content\widgets\net.vmn.www.ToolbarCleaner -> Deleted
[PUP][Folder] C:\Program Files (x86)\pandasecuritytb\chrome\content\widgets -> Deleted
[PUP][Folder] C:\Program Files (x86)\pandasecuritytb\chrome\content -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\data\search\engines.xml -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\data\search\search.xsl -> Deleted
[PUP][Folder] C:\Program Files (x86)\pandasecuritytb\chrome\data\search -> Deleted
[PUP][Folder] C:\Program Files (x86)\pandasecuritytb\chrome\data -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\locale\lib\de.js -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\locale\lib\en.js -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\locale\lib\es.js -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\locale\lib\fr.js -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\locale\lib\it.js -> Deleted
[PUP][Folder] C:\Program Files (x86)\pandasecuritytb\chrome\locale\lib -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\locale\toolbar\de.js -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\locale\toolbar\en.js -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\locale\toolbar\es.js -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\locale\toolbar\fr.js -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\locale\toolbar\it.js -> Deleted
[PUP][Folder] C:\Program Files (x86)\pandasecuritytb\chrome\locale\toolbar -> Deleted
[PUP][Folder] C:\Program Files (x86)\pandasecuritytb\chrome\locale -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\ActiveScan-over.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\ActiveScan.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\blekko16.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\bluelite.gif -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\bluelite.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\bluesky.gif -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\bluesky.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\btn-safe-de.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\btn-safe-en.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\btn-safe-es.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\btn-safe-fr.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\btn-safe-it.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\btn-safe.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\btn-search-de-over.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\btn-search-de.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\btn-search-en-over.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\btn-search-en.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\btn-search-es-over.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\btn-search-es.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\btn-search-fr-over.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\btn-search-fr.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\btn-search-it-over.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\btn-search-it.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\btn-settings-over.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\btn-settings.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\btn-unsafe-de.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\btn-unsafe-en.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\btn-unsafe-es.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\btn-unsafe-fr.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\btn-unsafe-it.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\btn-unsafe.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\custom.css -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\dictionary.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\downloadcom.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\facebook.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\games.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\grey.gif -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\grey.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\ico\ico-toolbar-cleaner-over.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\ico\ico-toolbar-cleaner.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\ico\searchbar-bg-de.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\ico\searchbar-bg-en.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\ico\searchbar-bg-es.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\ico\searchbar-bg-fr.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\ico\searchbar-bg-it.png -> Deleted
[PUP][Folder] C:\Program Files (x86)\pandasecuritytb\chrome\skin\ico -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\ico-cleaner.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\ico-clear.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\images.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\add.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\aol.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\arrow-dn.gif -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\arrow-right-disabled.gif -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\arrow-right.gif -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\arrow-up.gif -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\bg-btn-end.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\bg-btn-mdl.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\bg-btn-mdl_ff.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\bg-btn-start.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\bg-btnover-end.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\bg-btnover-mdl.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\bg-btnover-mdl_ff.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\bg-btnover-start.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\blank.gif -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\btnback-down-vista.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\btnback-vista.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\btnleft-down-vista.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\btnleft-vista.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\btnright-down-vista.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\btnright-vista.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\button-splitter-down-vista.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\button-splitter-vista.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\checkmark.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\chevron.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\collapse.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\comcast.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\dtx.css -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\edit-back-hot.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\edit-back.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\expand.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\found.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\gmail.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\highlight.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\highlight_blue.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\highlight_cyan.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\highlight_lime.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\highlight_magenta.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\highlight_yellow.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\hotmail.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\imap.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\lastsearch-thumb-back.gif -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\loadingMid.gif -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\lock.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\mailcom.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\menuitem-splitter.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\menuitemback-down-vista.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\menuitemback-vista.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\menuitemleft-down-vista.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\menuitemleft-vista.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\menuitemright-down-vista.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\menuitemright-vista.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\menu_bg-basic.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\menu_separator_bar.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\misc-panel-config-tab-icon.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\modify.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\move.gif -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\movetarget.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\notifylabel-left.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\notifylabel-middle.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\notifylabel-right.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\notifylabel_ff.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\panels\css\ie-only.css -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\panels\css\ie7-only.css -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\panels\css\jquery.fancybox.css -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\panels\css\jquery.qtip.css -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\panels\css\popupAbout.css -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\panels\css\popupWidgets.css -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\panels\css\popupWidgets2.css -> Deleted
[PUP][Folder] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\panels\css -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\panels\default\css\dialog.css -> Deleted
[PUP][Folder] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\panels\default\css -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\panels\default\images\bg.gif -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\panels\default\images\btn-close-over.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\panels\default\images\btn-close.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\panels\default\images\btn-wide-close-over.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\panels\default\images\btn-wide-close.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\panels\default\images\default.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\panels\default\images\footer-short-left.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\panels\default\images\footer-short-middle.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\panels\default\images\footer-short-right.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\panels\default\images\titlebar-left.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\panels\default\images\titlebar-middle.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\panels\default\images\titlebar-right.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\panels\default\images\transparent.gif -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\panels\default\images\win-btm-left.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\panels\default\images\win-btm-mdl.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\panels\default\images\win-btm-right-resize.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\panels\default\images\win-btm-right.png -> Deleted
[PUP][Folder] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\panels\default\images -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\panels\default\main.html -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\panels\default\scripts\defscript.js -> Deleted
[PUP][Folder] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\panels\default\scripts -> Deleted
[PUP][Folder] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\panels\default -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\panels\images\35x35_information_icon.gif -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\panels\images\add-custom-over.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\panels\images\add-custom.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\panels\images\ajax-loader.gif -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\panels\images\apps-bg-gradient-grid.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\panels\images\apps-hover.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\panels\images\appsfeatured-bg-gradient-grid.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\panels\images\arrow-down-white.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\panels\images\arrow-grey.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\panels\images\arrow-left.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\panels\images\arrow-right.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\panels\images\arrow-sml-drop.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\panels\images\arrow-sml.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\panels\images\arrowr-bluew5.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\panels\images\back-arr.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\panels\images\bg-aboutbox.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\panels\images\bg-btnover.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\panels\images\bg-pnl520x390.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\panels\images\bg-scrollbar-thumb-y.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\panels\images\bg-scrollbar-track-y.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\panels\images\bg-scrollbar-trackend-y.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\panels\images\btn-add-icon.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\panels\images\btn-add-over.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\panels\images\btn-add.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\panels\images\btn-addtoolbar-left-over.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\panels\images\btn-addtoolbar-left.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\panels\images\btn-addtoolbar-right.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\panels\images\btn-back.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\panels\images\btn-close-grey-over.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\panels\images\btn-close-grey.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\panels\images\btn-close-greyover.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\panels\images\btn-close-over.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\panels\images\btn-close.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\panels\images\btn-dark-left22-over.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\panels\images\btn-dark-left22.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\panels\images\btn-dark-middle22-over.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\panels\images\btn-dark-middle22.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\panels\images\btn-dark-right22-over.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\panels\images\btn-dark-right22.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\panels\images\btn-drag.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\panels\images\btn-install.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\panels\images\btn-launch-over.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\panels\images\btn-launch.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\panels\images\btn-mdl-over.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\panels\images\btn-mdl.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\panels\images\btn-next-over.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\panels\images\btn-next.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\panels\images\btn-previous-over.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\panels\images\btn-previous.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\panels\images\btn-right-over.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\panels\images\btn-search-pnlbtm-over.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\panels\images\btn-search-pnlbtm.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\panels\images\categories-bg-gradient-grid.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\panels\images\close-over.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\panels\images\close.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\panels\images\close8.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\panels\images\details-arr.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\panels\images\dislike.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\panels\images\dislike_over.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\panels\images\fancy_close.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\panels\images\featured-bg-btm-gradient.png -> Deleted
 
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\panels\images\footer-short-left.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\panels\images\footer-short-middle.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\panels\images\footer-short-right.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\panels\images\gamethumb-on.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\panels\images\header-shadow.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\panels\images\ico-added.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\panels\images\ico-box-next.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\panels\images\ico-calendar.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\panels\images\ico-download.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\panels\images\ico-info-over.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\panels\images\ico-info.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\panels\images\ico-pref-over.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\panels\images\ico-pref.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\panels\images\ico-tags.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\panels\images\ico-user-monitor.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\panels\images\icon-Add.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\panels\images\icon-feedback-on.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\panels\images\icon-feedback.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\panels\images\icon-info-on.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\panels\images\icon-Info.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\panels\images\icon-report-on.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\panels\images\icon-report.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\panels\images\icon-request-on.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\panels\images\icon-request.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\panels\images\icon-settings-on.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\panels\images\icon-settings.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\panels\images\left-menu-hover.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\panels\images\like.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\panels\images\like_over.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\panels\images\logo-mystart.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\panels\images\logo-mystart_h30.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\panels\images\menul-bgon.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\panels\images\menul-bgover.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\panels\images\mystart-app-logow216.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\panels\images\mystart-pass-logo.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\panels\images\overlay.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\panels\images\panel-botm-noscroll.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\panels\images\scroll-bg-206.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\panels\images\scroll-bg.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\panels\images\scroll-topwin.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\panels\images\scrollb-disable.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\panels\images\scrollb-down.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\panels\images\scrollb-over.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\panels\images\scrollb.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\panels\images\scrollt-disable.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\panels\images\scrollt-down.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\panels\images\scrollt-over.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\panels\images\scrollt.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\panels\images\search-icon.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\panels\images\searchbox-pnlbtm.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\panels\images\searchbox.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\panels\images\searchboxlite.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\panels\images\searchboxlite_end.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\panels\images\selector-arr-active.gif -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\panels\images\selector-arr-on.gif -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\panels\images\selector-arr.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\panels\images\shadow-leftmenu.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\panels\images\sprite-dropdown.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\panels\images\star.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\panels\images\star_blank.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\panels\images\star_x_grey.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\panels\images\star_x_orange.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\panels\images\throbber.gif -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\panels\images\thumb-up.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\panels\images\titlebar-left.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\panels\images\titlebar-middle.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\panels\images\titlebar-right.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\panels\images\topbar-inside-gradient.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\panels\images\TRUSTe_about.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\panels\images\view-detailed-on.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\panels\images\view-detailed-over.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\panels\images\view-thumb-on.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\panels\images\view-thumb-over.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\panels\images\widgets-square-16px.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\panels\images\widgets-square-24px.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\panels\images\win-bottom-middleglow.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\panels\images\win-left-bottomglow.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\panels\images\win-left-middleglow.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\panels\images\win-left-topglow.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\panels\images\win-right-bottomglow.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\panels\images\win-right-middleglow.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\panels\images\win-right-topglow.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\panels\images\win-top-middleglow.png -> Deleted
[PUP][Folder] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\panels\images -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\panels\js\default.js -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\panels\js\default2.js -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\panels\js\fancybox\blank.gif -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\panels\js\fancybox\fancybox-x.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\panels\js\fancybox\fancybox-y.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\panels\js\fancybox\fancybox.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\panels\js\fancybox\fancybox_loading.gif -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\panels\js\fancybox\fancybox_loading@2x.gif -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\panels\js\fancybox\fancybox_overlay.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\panels\js\fancybox\fancybox_sprite.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\panels\js\fancybox\fancybox_sprite@2x.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\panels\js\fancybox\fancy_close.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\panels\js\fancybox\fancy_loading.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\panels\js\fancybox\fancy_nav_left.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\panels\js\fancybox\fancy_nav_right.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\panels\js\fancybox\fancy_shadow_e.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\panels\js\fancybox\fancy_shadow_n.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\panels\js\fancybox\fancy_shadow_ne.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\panels\js\fancybox\fancy_shadow_nw.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\panels\js\fancybox\fancy_shadow_s.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\panels\js\fancybox\fancy_shadow_se.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\panels\js\fancybox\fancy_shadow_sw.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\panels\js\fancybox\fancy_shadow_w.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\panels\js\fancybox\fancy_title_left.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\panels\js\fancybox\fancy_title_main.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\panels\js\fancybox\fancy_title_over.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\panels\js\fancybox\fancy_title_right.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\panels\js\fancybox\helpers\fancybox_buttons.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\panels\js\fancybox\helpers\jquery.fancybox-buttons.css -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\panels\js\fancybox\helpers\jquery.fancybox-buttons.js -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\panels\js\fancybox\helpers\jquery.fancybox-media.js -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\panels\js\fancybox\helpers\jquery.fancybox-thumbs.css -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\panels\js\fancybox\helpers\jquery.fancybox-thumbs.js -> Deleted
[PUP][Folder] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\panels\js\fancybox\helpers -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\panels\js\fancybox\jquery.easing-1.3.pack.js -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\panels\js\fancybox\jquery.fancybox-1.3.4.css -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\panels\js\fancybox\jquery.fancybox-1.3.4.js -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\panels\js\fancybox\jquery.fancybox-1.3.4.pack.js -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\panels\js\fancybox\jquery.fancybox.css -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\panels\js\fancybox\jquery.fancybox.js -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\panels\js\fancybox\jquery.fancybox.pack.js -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\panels\js\fancybox\jquery.mousewheel-3.0.4.pack.js -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\panels\js\fancybox\_notes\dwsync.xml -> Deleted
[PUP][Folder] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\panels\js\fancybox\_notes -> Deleted
[PUP][Folder] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\panels\js\fancybox -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\panels\js\jquery-1.10.2.min.js -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\panels\js\jquery-migrate-1.2.1.min.js -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\panels\js\jquery-ui.js -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\panels\js\jquery.cookie.js -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\panels\js\jquery.js -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\panels\js\jquery.qtip.min.js -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\panels\js\jquery.tinyscrollbar.js -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\panels\js\jquery.tinyscrollbar.min.js -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\panels\js\jquery.uniform.min.js -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\panels\js\jquery.url.js -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\panels\js\kendo.all.min.js -> Deleted
[PUP][Folder] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\panels\js -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\panels\popupWidgets.html -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\panels\popupWidgets2.html -> Deleted
[PUP][Folder] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\panels -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\pop.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\radio.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\reload.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\remove.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\rename.gif -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\resize-box.gif -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\rss.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\rsschannelback.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\RSSLogo.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\rsstabdivider.gif -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\scroll-left.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\scroll-right.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\search-go.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\search.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\text-ellipsis.xml -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\throbber.gif -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\toolbarsplitter.gif -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\transparent_1px.gif -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\uwa\border_02.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\uwa\border_03.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\uwa\border_04.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\uwa\border_06.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\uwa\border_07.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\uwa\border_08.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\uwa\border_09.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\uwa\border_10.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\uwa\border_11.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\uwa\border_12.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\uwa\border_13.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\uwa\border_14.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\uwa\border_15.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\uwa\border_16.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\uwa\border_18.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\uwa\border_19.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\uwa\border_20.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\uwa\border_21.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\uwa\btn-close-grey.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\uwa\btn-close-greyover.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\uwa\close-hot.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\uwa\close-normal.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\uwa\loadingMid.gif -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\uwa\paneltemplate.html -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\uwa\proxy.html -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\uwa\template.html -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\uwa\template.xml -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\uwa\templateFF.html -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\uwa\throbber.gif -> Deleted
[PUP][Folder] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\uwa -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\weatherbutton\icons\cond999.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\weatherbutton\icons\icons.xml -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\weatherbutton\icons\na-s.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\weatherbutton\icons\na.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\weatherbutton\icons\weather.png -> Deleted
[PUP][Folder] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\weatherbutton\icons -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\weatherbutton\panels\images\add.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\weatherbutton\panels\images\arrowr-bluew5.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\weatherbutton\panels\images\bg-pnl.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\weatherbutton\panels\images\bg-pnl520x350blue-whitebg.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\weatherbutton\panels\images\bg-pnl520x350blue.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\weatherbutton\panels\images\box-check.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\weatherbutton\panels\images\box-uncheck.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\weatherbutton\panels\images\btn-close-grey.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\weatherbutton\panels\images\btn-close-greyover.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\weatherbutton\panels\images\btn-delete.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\weatherbutton\panels\images\btn-search-pnlbtm.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\weatherbutton\panels\images\btnarrow-next-off.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\weatherbutton\panels\images\btnarrow-next.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\weatherbutton\panels\images\btnarrow-previous-off.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\weatherbutton\panels\images\btnarrow-previous.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\weatherbutton\panels\images\ico-check.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\weatherbutton\panels\images\ico-hotandhumid-s.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\weatherbutton\panels\images\ico-hotandhumid.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\weatherbutton\panels\images\na-s.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\weatherbutton\panels\images\options-weather.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\weatherbutton\panels\images\over-blue.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\weatherbutton\panels\images\over-orange.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\weatherbutton\panels\images\powered-by-weatherbug.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\weatherbutton\panels\images\powered-by-weatherbug2.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\weatherbutton\panels\images\radio-checked.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\weatherbutton\panels\images\radio-unchecked.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\weatherbutton\panels\images\searchbox-pnlbtm.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\weatherbutton\panels\images\weather-contour.png -> Deleted
[PUP][Folder] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\weatherbutton\panels\images -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\weatherbutton\panels\popupWeather.css -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\weatherbutton\panels\popupWeather.html -> Deleted
[PUP][Folder] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\weatherbutton\panels -> Deleted
[PUP][Folder] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\weatherbutton -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib\yahoo.png -> Deleted
[PUP][Folder] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lib -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lichen.gif -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\lichen.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\logo-about.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\logo-over.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\logo.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\modify-save.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\modify.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\music.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\news.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\options\options-main.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\options\options-search.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\options\options-weather.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\options\options-widgets.png -> Deleted
[PUP][Folder] C:\Program Files (x86)\pandasecuritytb\chrome\skin\options -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\orange.gif -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\orange.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\panda_small-over.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\panda_small.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\search-background-de.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\search-background-en.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\search-background-es.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\search-background-fr.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\search-background-it.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\search-background.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\searchbar-left.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\shopping.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\skin-bluelite.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\skin-bluesky.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\skin-grey.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\skin-lichen.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\skin-orange.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\skin-yellow.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\slider-bluelite.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\slider-bluesky.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\slider-lichen.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\slider-orange.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\slider-yellow.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\technorati.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\throbber.gif -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\toolbarsplitter.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\vertical_separator.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\video.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\web.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\wikipedia.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\yellow.gif -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\yellow.png -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\chrome\skin\youtube.png -> Deleted
[PUP][Folder] C:\Program Files (x86)\pandasecuritytb\chrome\skin -> Deleted
[PUP][Folder] C:\Program Files (x86)\pandasecuritytb\chrome -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\cleanupie.exe -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\components\windowmediator.js -> Deleted
[PUP][Folder] C:\Program Files (x86)\pandasecuritytb\components -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\ffHelper.exe -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\ieUtils.exe -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\install.ico -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\manifest.xml -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\pandasecurityDx.dll -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\pandasecurityDx64.dll -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\pandasecuritytb.dll -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\pandasecuritytb64.dll -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\ToolbarCleaner.exe -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\toolbarcleaner.ini -> Deleted
[PUP][File] C:\Program Files (x86)\pandasecuritytb\uninstall.exe -> Deleted
[Tr.Generic][File] C:\Users\Brad\Desktop\Piskel-0.5.2.exe - Shortcut.lnk [LNK@] C:\Users\Brad\Pictures\PISKEL~1\piskel\PISKEL~1.EXE -> Removed at reboot [2]

¤¤¤ WMI : 0 ¤¤¤

¤¤¤ Hosts File : 0 ¤¤¤

¤¤¤ Antirootkit : 0 (Driver: Loaded) ¤¤¤

¤¤¤ Web browsers : 0 ¤¤¤

¤¤¤ MBR Check : ¤¤¤
+++++ PhysicalDrive0: WDC WD10EZEX-22BN5A0 +++++
--- User ---
[MBR] d20c12accd80b62bb8c7403b7bdf21c5
[BSP] 41d30dc4f3beb1cc8e6b4e1d9b7b6621 : Empty MBR Code
Partition table:
0 - [SYSTEM][MAN-MOUNT] Basic data partition | Offset (sectors): 2048 | Size: 800 MB
1 - [MAN-MOUNT] EFI system partition | Offset (sectors): 1640448 | Size: 260 MB
2 - [MAN-MOUNT] Microsoft reserved partition | Offset (sectors): 2172928 | Size: 128 MB
3 - Basic data partition | Offset (sectors): 2435072 | Size: 153600 MB
4 - Basic data partition | Offset (sectors): 317007872 | Size: 781295 MB
5 - [SYSTEM][MAN-MOUNT] Basic data partition | Offset (sectors): 1917100032 | Size: 17785 MB
User = LL1 ... OK
User = LL2 ... OK
 
Here are the logs from Malwarebytes Anti-malware

scan log

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 2016-12-04
Scan Time: 7:54 AM
Logfile: scan log.txt
Administrator: Yes

Version: 2.2.1.1043
Malware Database: v2016.12.04.05
Rootkit Database: v2016.11.20.01
License: Trial
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Disabled

OS: Windows 10
CPU: x64
File System: NTFS
User: Brad

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 371398
Time Elapsed: 18 min, 56 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 0
(No malicious items detected)

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 0
(No malicious items detected)

Files: 0
(No malicious items detected)

Physical Sectors: 0
(No malicious items detected)


(end)


protection log

Malwarebytes Anti-Malware
www.malwarebytes.org


Detection, 2016-12-04 6:56 AM, SYSTEM, GAMING_RIG, Protection, Malicious Website Protection, Domain, 23.9.123.27, sv.symcd.com, 61909, Outbound, C:\Program Files\RogueKiller\RogueKiller64.exe,
Detection, 2016-12-04 6:56 AM, SYSTEM, GAMING_RIG, Protection, Malicious Website Protection, Domain, 23.9.123.27, sv.symcd.com, 61909, Outbound, C:\Program Files\RogueKiller\RogueKiller64.exe,
Detection, 2016-12-04 6:57 AM, SYSTEM, GAMING_RIG, Protection, Malicious Website Protection, Domain, 23.9.123.27, sv.symcd.com, 61912, Outbound, C:\Program Files\RogueKiller\RogueKiller64.exe,
Update, 2016-12-04 6:58 AM, SYSTEM, GAMING_RIG, Scheduler, Domain Database, 2016.12.3.3, 2016.12.4.1,
Update, 2016-12-04 6:58 AM, SYSTEM, GAMING_RIG, Scheduler, Malware Database, 2016.12.4.1, 2016.12.4.4,
Protection, 2016-12-04 6:58 AM, SYSTEM, GAMING_RIG, Protection, Refresh, Starting,
Protection, 2016-12-04 6:58 AM, SYSTEM, GAMING_RIG, Protection, Malicious Website Protection, Stopping,
Protection, 2016-12-04 6:58 AM, SYSTEM, GAMING_RIG, Protection, Malicious Website Protection, Stopped,
Protection, 2016-12-04 6:58 AM, SYSTEM, GAMING_RIG, Protection, Refresh, Success,
Protection, 2016-12-04 6:58 AM, SYSTEM, GAMING_RIG, Protection, Malicious Website Protection, Starting,
Protection, 2016-12-04 6:58 AM, SYSTEM, GAMING_RIG, Protection, Malicious Website Protection, Started,
Update, 2016-12-04 7:48 AM, SYSTEM, GAMING_RIG, Scheduler, Malware Database, 2016.12.4.4, 2016.12.4.5,
Protection, 2016-12-04 7:48 AM, SYSTEM, GAMING_RIG, Protection, Refresh, Starting,
Protection, 2016-12-04 7:48 AM, SYSTEM, GAMING_RIG, Protection, Malicious Website Protection, Stopping,
Protection, 2016-12-04 7:48 AM, SYSTEM, GAMING_RIG, Protection, Malicious Website Protection, Stopped,
Protection, 2016-12-04 7:48 AM, SYSTEM, GAMING_RIG, Protection, Refresh, Success,
Protection, 2016-12-04 7:48 AM, SYSTEM, GAMING_RIG, Protection, Malicious Website Protection, Starting,
Protection, 2016-12-04 7:48 AM, SYSTEM, GAMING_RIG, Protection, Malicious Website Protection, Started,
Protection, 2016-12-04 7:49 AM, SYSTEM, GAMING_RIG, Protection, Malware Protection, Starting,
Protection, 2016-12-04 7:49 AM, SYSTEM, GAMING_RIG, Protection, Malware Protection, Started,
Protection, 2016-12-04 7:49 AM, SYSTEM, GAMING_RIG, Protection, Malicious Website Protection, Starting,
Protection, 2016-12-04 7:49 AM, SYSTEM, GAMING_RIG, Protection, Malicious Website Protection, Started,
Scan, 2016-12-04 7:54 AM, SYSTEM, GAMING_RIG, Manual, Start:2016-12-04 7:54 AM, Duration:0 min 23 sec, Threat Scan, Cancelled, 0 Malware Detections, 0 Non-Malware Detections,
Scan, 2016-12-04 8:13 AM, SYSTEM, GAMING_RIG, Manual, Start:2016-12-04 7:54 AM, Duration:18 min 56 sec, Threat Scan, Completed, 0 Malware Detections, 0 Non-Malware Detections,

(end)
 
Adwcleaner[c0].txt

# AdwCleaner v6.040 - Logfile created 04/12/2016 at 08:29:54
# Updated on 02/12/2016 by Malwarebytes
# Database : 2016-12-04.1 [Server]
# Operating System : Windows 10 Home (X64)
# Username : Brad - GAMING_RIG
# Running from : C:\Users\Brad\Downloads\AdwCleaner.exe
# Mode: Clean
# Support : https://www.malwarebytes.com/support



***** [ Services ] *****



***** [ Folders ] *****

[-] Folder deleted: C:\Users\Brad\AppData\LocalLow\pandasecuritytb


***** [ Files ] *****

[-] File deleted: C:\Users\Brad\AppData\Local\Google\Chrome\User Data\Profile 2\Local Storage\hxxps_mycam.en.softonic.com_0.localstorage
[-] File deleted: C:\Users\Brad\AppData\Local\Google\Chrome\User Data\Profile 2\Local Storage\hxxps_mycam.en.softonic.com_0.localstorage-journal
[-] File deleted: C:\Users\Brad\AppData\Local\Google\Chrome\User Data\Profile 2\Local Storage\hxxps_painttool-sai.en.softonic.com_0.localstorage
[-] File deleted: C:\Users\Brad\AppData\Local\Google\Chrome\User Data\Profile 2\Local Storage\hxxps_painttool-sai.en.softonic.com_0.localstorage-journal


***** [ DLL ] *****



***** [ WMI ] *****



***** [ Shortcuts ] *****



***** [ Scheduled Tasks ] *****



***** [ Registry ] *****

[-] Key deleted: HKLM\SOFTWARE\Classes\CLSID\{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4}
[-] Key deleted: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4}
[-] Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4}
[-] Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4}
[-] Key deleted: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4}
[-] Value deleted: HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4}]
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\castplatform.com
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\cdn.castplatform.com
[#] Key deleted on reboot: [x64] HKCU\Software\Microsoft\Internet Explorer\DOMStorage\castplatform.com
[#] Key deleted on reboot: [x64] HKCU\Software\Microsoft\Internet Explorer\DOMStorage\cdn.castplatform.com


***** [ Web browsers ] *****

[-] [C:\Users\Brad\AppData\Local\Google\Chrome\User Data\Profile 1\Web data] [Search Provider] Deleted: ask.com
[-] [C:\Users\Brad\AppData\Local\Google\Chrome\User Data\Profile 2\Web data] [Search Provider] Deleted: ask.com
[-] [C:\Users\Brad\AppData\Local\Google\Chrome\User Data\Profile 2\Web data] [Search Provider] Deleted: pdfill-pdf-editor.en.softonic.com
[-] [C:\Users\Brad\AppData\Local\Google\Chrome\User Data\Profile 2\Web data] [Search Provider] Deleted: blender.en.softonic.com
[-] [C:\Users\Brad\AppData\Local\Google\Chrome\User Data\Profile 2\Web data] [Search Provider] Deleted: search.yahoo.com
[-] [C:\Users\Brad\AppData\Local\Google\Chrome\User Data\Profile 3\Web data] [Search Provider] Deleted: ask.com


*************************

:: "Tracing" keys deleted
:: Winsock settings cleared

*************************

C:\AdwCleaner\AdwCleaner[C0].txt - [3194 Bytes] - [04/12/2016 08:29:54]
C:\AdwCleaner\AdwCleaner[S0].txt - [3301 Bytes] - [04/12/2016 08:26:18]

########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [3340 Bytes] ##########
 
Here is the log from JRT

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.0.9 (09.30.2016)
Operating System: Windows 10 Home x64
Ran by Brad (Administrator) on 2016-12-04 at 8:37:16.67
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




File System: 4

Successfully deleted: C:\Users\Brad\AppData\Local\{00D32F73-ED04-44D6-B12C-E538EB691C30} (Empty Folder)
Successfully deleted: C:\WINDOWS\SysWOW64\REN7843.tmp (File)
Successfully deleted: C:\WINDOWS\SysWOW64\REN9EE1.tmp (File)
Successfully deleted: C:\WINDOWS\SysWOW64\RENDF44.tmp (File)



Registry: 1

Successfully deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\GoogleChromeAutoLaunch_486A54232E7A6A76188CD6D03A70FC2E (Registry Value)




~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 2016-12-04 at 8:38:53.08
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
Thank you for your quick reply Broni

After running Roguekiller the popup asking to run prsetup.exe disappeared when I booted up my computer.
The other programs did still find some threats and removed them. The problem seems to be solved. Let me know what you think.
 
Good news but we must finish whole process.

Re-run Farbar Recovery Scan Tool (FRST/FRST64) you ran at the very beginning of this topic.

  • Double click to run it.
  • Make sure you checkmark Addition.txt box.
  • Press Scan button.
  • Scan will create two logs, FRST.txt and Addition.txt in the same directory the tool is run. Please copy and paste them to your reply.
 
frst.txt

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:04-10-2015
Ran by Brad (administrator) on GAMING_RIG (06-12-2016 18:35:31)
Running from C:\Users\Brad\Desktop\techspot help
Loaded Profiles: Brad (Available Profiles: Brad)
Platform: Windows 10 Home (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool:

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
(ASUS Cloud Corporation) C:\Program Files (x86)\ASUS\WebStorage\2.1.1.265\AsusWSWinService.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(Visicom Media Inc.) C:\Program Files\Panda Security URL Filtering\Panda_URL_Filteringb.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
() C:\Program Files\CyberLink\Shared files\RichVideo64.exe
(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAService.exe
(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe
Failed to access process -> Memory Compression
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
() C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe
(MAGIX AG) C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
() C:\Program Files (x86)\ASUS\ASUS Manager\PC Cleanup\SecureDeleteBackground.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Manager\AsHKService.exe
(ASUSTeK) C:\Program Files (x86)\ASUS\ASUS Manager\Power Manager\Power Manager_background.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\InstallShield Installation Information\{9AF45D7C-34F1-4BA0-B799-825C8C04494C}\AiChargerDT.exe
(ASUSTeK) C:\Program Files (x86)\ASUS\ASUS Manager\Ai Charger II\Ai_ChargerII_TrayIcon(ASUS_Manager).exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.9.261.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-Agent.exe
(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvspcaps64.exe
(Microsoft Corporation) C:\Windows\System32\LocationNotificationWindows.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.winxp\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.winxp\steamwebhelper.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.1118.10000.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
() C:\Program Files\WindowsApps\Microsoft.XboxApp_22.24.1006.0_x64__8wekyb3d8bbwe\XboxApp.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8492800 2015-06-24] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1402624 2015-06-24] (Realtek Semiconductor)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2787264 2016-01-11] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => "C:\WINDOWS\system32\rundll32.exe" C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [176440 2016-11-01] (Apple Inc.)
HKLM-x32\...\Run: [ASUSPRP] => C:\Program Files (x86)\ASUS\APRP\APRP.EXE [3216032 2014-09-11] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [WebStorage] => C:\Program Files (x86)\ASUS\WebStorage\2.2.0.496\ASUSWSLoader.exe [63272 2015-02-12] ()
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1021128 2014-12-03] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\BlueStacks\HD-Agent.exe [888344 2016-01-07] (BlueStack Systems, Inc.)
HKLM-x32\...\Run: [PSUAMain] => C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe [54520 2015-10-22] (Panda Security, S.L.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [595504 2016-01-29] (Oracle Corporation)
HKU\S-1-5-21-87857065-1652397247-1537311187-1002\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2860832 2016-10-12] (Valve Corporation)
HKU\S-1-5-21-87857065-1652397247-1537311187-1002\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27011712 2016-10-17] (Skype Technologies S.A.)
SSODL: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\system32\CbFsMntNtf3.dll (EldoS Corporation)
SSODL-x32: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\SysWow64\CbFsMntNtf3.dll (EldoS Corporation)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7191} => C:\Program Files (x86)\Common Files\AWS\2.2.0.496\ASUSWSShellExt64.dll [2014-11-18] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D809} => C:\Program Files (x86)\Common Files\AWS\2.2.0.496\ASUSWSShellExt64.dll [2014-11-18] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_U] -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4E} => C:\Program Files (x86)\Common Files\AWS\2.2.0.496\ASUSWSShellExt64.dll [2014-11-18] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [EldosIconOverlay] -> {5BB532A2-BF14-4CCC-86B7-71B81EF6F8BC} => C:\Windows\system32\CbFsMntNtf3.dll [2012-04-09] (EldoS Corporation)
ShellIconOverlayIdentifiers-x32: [EldosIconOverlay] -> {5BB532A2-BF14-4CCC-86B7-71B81EF6F8BC} => C:\Windows\SysWow64\CbFsMntNtf3.dll [2012-04-09] (EldoS Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Audible Download Manager.lnk [2015-03-14]
ShortcutTarget: Audible Download Manager.lnk -> C:\Program Files (x86)\Audible\Bin\AudibleDownloadHelper.exe (Audible, Inc.)
Startup: C:\Users\Brad\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Curse.lnk [2016-10-02]
ShortcutTarget: Curse.lnk -> C:\Users\Brad\AppData\Roaming\Curse Client\Bin\Curse.exe (Curse, Inc)
GroupPolicyScripts-x32: Restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{2ac45ed6-4c79-46ec-b1cd-af5947581d19}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{6d5ed102-63f8-4d9c-8f1e-8f325a48d2b4}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{99d036a0-bcc9-405f-b387-821e1b72cf68}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKU\S-1-5-21-87857065-1652397247-1537311187-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus13.msn.com/?pc=ASJB
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-87857065-1652397247-1537311187-1002 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_73\bin\ssv.dll [2016-02-29] (Oracle Corporation)
BHO: Panda Security Toolbar -> {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} -> C:\Program Files (x86)\pandasecuritytb\pandasecurityDx64.dll No File
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_73\bin\jp2ssv.dll [2016-02-29] (Oracle Corporation)
Toolbar: HKLM - Panda Security Toolbar - {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} - C:\Program Files (x86)\pandasecuritytb\pandasecurityDx64.dll No File
Handler: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\System32\tbauth.dll [2016-07-16] (Microsoft Corporation)
Handler-x32: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll [2016-07-16] (Microsoft Corporation)

FireFox:
========
FF Plugin: @java.com/DTPlugin,version=11.73.2 -> C:\Program Files\Java\jre1.8.0_73\bin\dtplugin\npDeployJava1.dll [2016-02-29] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.73.2 -> C:\Program Files\Java\jre1.8.0_73\bin\plugin2\npjp2.dll [2016-02-29] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3522.0110 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-01-10] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-07-22] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-07-22] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-27] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-27] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-87857065-1652397247-1537311187-1002: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2016-09-15] ()
FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor => not found

Chrome:
=======
CHR HomePage: Profile 2 -> hxxp://www.msn.com/?pc=AV01
CHR StartupUrls: Profile 2 -> "hxxps://www.google.ca/"
CHR Profile: C:\Users\Brad\AppData\Local\Google\Chrome\User Data\Default
CHR Profile: C:\Users\Brad\AppData\Local\Google\Chrome\User Data\Profile 1
CHR Extension: (Google Slides) - C:\Users\Brad\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-06-21]
CHR Extension: (Google Docs) - C:\Users\Brad\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2016-06-21]
CHR Extension: (Google Drive) - C:\Users\Brad\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-06-21]
CHR Extension: (YouTube) - C:\Users\Brad\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-06-21]
CHR Extension: (Google Sheets) - C:\Users\Brad\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-06-21]
CHR Extension: (YouTube) - C:\Users\Brad\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gdmkfaibephdbmhdhagncpnpjenbccdl [2016-10-28]
CHR Extension: (Google Docs Offline) - C:\Users\Brad\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-06-21]
CHR Extension: (Skype) - C:\Users\Brad\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2016-06-21]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Brad\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-06-21]
CHR Extension: (Gmail) - C:\Users\Brad\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-06-21]
CHR Extension: (Chrome Media Router) - C:\Users\Brad\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-09-22]
CHR Profile: C:\Users\Brad\AppData\Local\Google\Chrome\User Data\Profile 2
CHR Extension: (Sky map) - C:\Users\Brad\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\acnecepeneiomaebkkagcfbbakcfljdc [2016-09-22]
CHR Extension: (Forge of Empires) - C:\Users\Brad\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\anaphblkfplenhkephgneolhnmjminjg [2016-09-22]
CHR Extension: (Google Drive) - C:\Users\Brad\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-09-22]
CHR Extension: (Galaxy Aero 1440p) - C:\Users\Brad\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\baobdjafbehnhgceapbejnfcfebhoafb [2016-09-22]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Brad\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2016-09-22]
CHR Extension: (Web Developer) - C:\Users\Brad\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\bfbameneiokkgbdmiekhjnmfkcnldhhm [2016-09-22]
CHR Extension: (Adguard AdBlocker) - C:\Users\Brad\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\bgnkhhnnamicmpeenaelnjfhikgbkllg [2016-09-22]
CHR Extension: (YouTube) - C:\Users\Brad\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-09-22]
CHR Extension: (Space Quest II) - C:\Users\Brad\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\fdkjigcnhkpoaoaocloplokpcalfbdoj [2016-09-22]
CHR Extension: (Google Docs Offline) - C:\Users\Brad\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-09-22]
CHR Extension: (Read&Write for Google Chrome™) - C:\Users\Brad\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\inoeonmfapjbbkmdafoankkfajkcphgd [2016-09-22]
CHR Extension: (SparkChess 9) - C:\Users\Brad\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\khgabmflimjjbclkmljlpmgaleanedem [2016-09-22]
CHR Extension: (Little Alchemy) - C:\Users\Brad\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\knkapnclbofjjgicpkfoagdjohlfjhpd [2016-09-22]
CHR Extension: (Skype) - C:\Users\Brad\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2016-10-25]
CHR Extension: (Solitaire) - C:\Users\Brad\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\lkbhppfbabandkdmgjmifahoabeodiep [2016-09-22]
CHR Extension: (Sudoku) - C:\Users\Brad\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\lmffbboaikebpjkkgmoeodnhjkkbeice [2016-09-22]
CHR Extension: (HUMAN 3.0) - C:\Users\Brad\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\meefjekipolcgabfgaclcpdkbghhmoah [2016-09-22]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Brad\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-09-22]
CHR Extension: (Gmail) - C:\Users\Brad\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-09-22]
CHR Extension: (Chrome Media Router) - C:\Users\Brad\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-09-22]
CHR Profile: C:\Users\Brad\AppData\Local\Google\Chrome\User Data\Profile 3
CHR Extension: (Google Slides) - C:\Users\Brad\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-09-22]
CHR Extension: (BIODIGITAL HUMAN) - C:\Users\Brad\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\agoenciogemlojlhccbcpcfflicgnaak [2016-09-22]
CHR Extension: (Google Docs) - C:\Users\Brad\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\aohghmighlieiainnegkcijnfilokake [2016-09-22]
CHR Extension: (Google Drive) - C:\Users\Brad\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-09-22]
CHR Extension: (YouTube) - C:\Users\Brad\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-09-22]
CHR Extension: (Google Sheets) - C:\Users\Brad\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-09-22]
CHR Extension: (Google Docs Offline) - C:\Users\Brad\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-09-22]
CHR Extension: (Little Alchemy) - C:\Users\Brad\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\knkapnclbofjjgicpkfoagdjohlfjhpd [2016-09-22]
CHR Extension: (Skype) - C:\Users\Brad\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2016-09-22]
CHR Extension: (Zelda Dark) - C:\Users\Brad\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\lilddpnkkhkcjkdaaglfminjopbijomp [2016-09-22]
CHR Extension: (Solitaire) - C:\Users\Brad\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\lkbhppfbabandkdmgjmifahoabeodiep [2016-09-22]
CHR Extension: (HUMAN 3.0) - C:\Users\Brad\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\meefjekipolcgabfgaclcpdkbghhmoah [2016-09-22]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Brad\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-09-22]
CHR Extension: (Gmail) - C:\Users\Brad\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-09-22]
CHR Extension: (Chrome Media Router) - C:\Users\Brad\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-09-22]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2014-04-15] (Advanced Micro Devices, Inc.) [File not signed]
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-09-22] (Apple Inc.)
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe [920736 2013-11-06] ()
R2 Asus WebStorage Windows Service; C:\Program Files (x86)\ASUS\WebStorage\2.1.1.265\AsusWSWinService.exe [71680 2014-01-14] (ASUS Cloud Corporation) [File not signed]
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1404936 2016-08-02] ()
S3 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [433688 2016-01-07] (BlueStack Systems, Inc.)
R2 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [413208 2016-01-07] (BlueStack Systems, Inc.)
R2 BstHdUpdaterSvc; C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe [859672 2016-01-07] (BlueStack Systems, Inc.)
S2 CDPUserSvc; C:\Windows\System32\CDPUserSvc.dll [339456 2016-10-14] (Microsoft Corporation)
R2 CDPUserSvc_3a8b6aa; C:\WINDOWS\system32\svchost.exe [44496 2016-07-16] (Microsoft Corporation)
R2 CDPUserSvc_3a8b6aa; C:\WINDOWS\SysWOW64\svchost.exe [38792 2016-07-16] (Microsoft Corporation)
S3 EasyAntiCheat; C:\WINDOWS\SysWOW64\EasyAntiCheat.exe [240416 2016-04-29] (EasyAntiCheat Ltd)
R2 Fabs; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [1858048 2012-01-23] (MAGIX AG) [File not signed]
S3 FirebirdServerMAGIXInstance; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [2702848 2011-04-26] (MAGIX®) [File not signed]
S3 FrameServer; C:\Windows\system32\FrameServer.dll [805888 2016-11-02] (Microsoft Corporation)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1163200 2016-01-11] (NVIDIA Corporation)
S3 HvHost; C:\Windows\System32\hvhostsvc.dll [67584 2016-07-16] (Microsoft Corporation)
S2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1514464 2016-03-10] (Malwarebytes)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1136608 2016-03-10] (Malwarebytes)
S3 MessagingService; C:\Windows\System32\MessagingService.dll [52224 2016-07-16] (Microsoft Corporation)
S3 MessagingService_3a8b6aa; C:\WINDOWS\system32\svchost.exe [44496 2016-07-16] (Microsoft Corporation)
S3 MessagingService_3a8b6aa; C:\WINDOWS\SysWOW64\svchost.exe [38792 2016-07-16] (Microsoft Corporation)
R2 NanoServiceMain; C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe [142072 2015-10-18] (Panda Security, S.L.)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1879488 2016-01-11] (NVIDIA Corporation)
R3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [6308288 2016-01-11] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [4812736 2016-01-11] (NVIDIA Corporation)
R2 OneSyncSvc_3a8b6aa; C:\WINDOWS\system32\svchost.exe [44496 2016-07-16] (Microsoft Corporation)
R2 OneSyncSvc_3a8b6aa; C:\WINDOWS\SysWOW64\svchost.exe [38792 2016-07-16] (Microsoft Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2104840 2015-12-26] (Electronic Arts)
R2 PandaAgent; C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe [73176 2016-02-22] (Panda Security, S.L.)
R2 panda_url_filtering; C:\Program Files\Panda Security URL Filtering\Panda_URL_Filteringb.exe [287752 2015-10-02] (Visicom Media Inc.)
R3 PimIndexMaintenanceSvc_3a8b6aa; C:\WINDOWS\system32\svchost.exe [44496 2016-07-16] (Microsoft Corporation)
R3 PimIndexMaintenanceSvc_3a8b6aa; C:\WINDOWS\SysWOW64\svchost.exe [38792 2016-07-16] (Microsoft Corporation)
R2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [75136 2016-09-15] ()
R2 PSUAService; C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAService.exe [38136 2015-10-22] (Panda Security, S.L.)
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [390632 2012-04-24] ()
S3 RmSvc; C:\Windows\System32\RMapi.dll [140800 2016-09-15] (Microsoft Corporation)
S4 shpamsvc; C:\Windows\system32\Windows.SharedPC.AccountManager.dll [161792 2016-07-16] (Microsoft Corporation)
S3 TieringEngineService; C:\Windows\system32\TieringEngineService.exe [287744 2016-07-16] (Microsoft Corporation)
R3 TimeBrokerSvc; C:\Windows\System32\TimeBrokerServer.dll [177664 2016-07-16] (Microsoft Corporation)
S4 tzautoupdate; C:\Windows\system32\tzautoupdate.dll [95232 2016-09-06] (Microsoft Corporation)
R3 UnistoreSvc_3a8b6aa; C:\WINDOWS\System32\svchost.exe [44496 2016-07-16] (Microsoft Corporation)
R3 UnistoreSvc_3a8b6aa; C:\WINDOWS\SysWOW64\svchost.exe [38792 2016-07-16] (Microsoft Corporation)
R3 UserDataSvc_3a8b6aa; C:\WINDOWS\system32\svchost.exe [44496 2016-07-16] (Microsoft Corporation)
R3 UserDataSvc_3a8b6aa; C:\WINDOWS\SysWOW64\svchost.exe [38792 2016-07-16] (Microsoft Corporation)
S3 vmicrdv; C:\Windows\System32\icsvcext.dll [349696 2016-09-15] (Microsoft Corporation)
S3 vmicvss; C:\Windows\System32\icsvcext.dll [349696 2016-09-15] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation)
S3 wisvc; C:\Windows\system32\flightsettings.dll [635904 2016-11-02] (Microsoft Corporation)
S3 WpnUserService; C:\Windows\System32\WpnUserService.dll [74240 2016-07-16] (Microsoft Corporation)
S3 WpnUserService_3a8b6aa; C:\WINDOWS\system32\svchost.exe [44496 2016-07-16] (Microsoft Corporation)
S3 WpnUserService_3a8b6aa; C:\WINDOWS\SysWOW64\svchost.exe [38792 2016-07-16] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AcpiDev; C:\Windows\System32\drivers\AcpiDev.sys [18432 2016-07-16] (Microsoft Corporation)
R2 AODDriver4.3; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59648 2013-11-04] (Advanced Micro Devices)
S3 applockerfltr; C:\Windows\System32\drivers\applockerfltr.sys [15360 2016-07-16] (Microsoft Corporation)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2012-08-22] ()
R0 assdv2; C:\Windows\System32\Drivers\assdv2.sys [21816 2013-12-05] ()
R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [14464 2010-08-03] ()
S0 b06bdrv; C:\Windows\System32\drivers\bxvbda.sys [533856 2016-07-16] (QLogic Corporation)
S3 bcmfn; C:\Windows\System32\drivers\bcmfn.sys [9728 2016-07-16] (Windows (R) Win 7 DDK provider)
S2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [154680 2016-01-07] (BlueStack Systems)
R3 BthLEEnum; C:\Windows\System32\drivers\BthLEEnum.sys [249856 2016-09-15] (Microsoft Corporation)
R3 cbfs3; C:\Windows\System32\drivers\cbfs3.sys [352144 2012-04-09] (EldoS Corporation)
S3 cht4iscsi; C:\Windows\System32\drivers\cht4sx64.sys [346976 2016-07-16] (Chelsio Communications)
S3 cht4vbd; C:\Windows\System32\drivers\cht4vx64.sys [2104160 2016-07-16] (Chelsio Communications)
R2 clreg; C:\Windows\System32\drivers\registry.sys [70144 2016-07-16] (Microsoft Corporation)
S3 hvservice; C:\Windows\System32\drivers\hvservice.sys [73568 2016-08-05] (Microsoft Corporation)
S3 iagpio; C:\Windows\System32\drivers\iagpio.sys [33280 2016-07-16] (Intel(R) Corporation)
S3 iai2c; C:\Windows\System32\drivers\iai2c.sys [81408 2016-07-16] (Intel(R) Corporation)
S3 iaLPSS2i_GPIO2; C:\Windows\System32\drivers\iaLPSS2i_GPIO2.sys [64512 2016-07-16] (Intel Corporation)
S3 iaLPSS2i_I2C; C:\Windows\System32\drivers\iaLPSS2i_I2C.sys [176384 2016-07-16] (Intel Corporation)
S3 IndirectKmd; C:\Windows\System32\drivers\IndirectKmd.sys [35840 2016-07-16] (Microsoft Corporation)
R0 iorate; C:\Windows\System32\drivers\iorate.sys [48992 2016-11-02] (Microsoft Corporation)
R3 LifeCamTrueColor; C:\Windows\system32\DRIVERS\LifeCamTrueColor.sys [37928 2016-07-27] (Microsoft Corporation)
S3 ManyCam; C:\Windows\system32\DRIVERS\mcvidrv.sys [49272 2014-12-28] (Visicom Media Inc.)
S3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [27008 2016-03-10] (Malwarebytes)
S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [65408 2016-03-10] (Malwarebytes Corporation)
S3 mcaudrv_simple; C:\Windows\system32\drivers\mcaudrv_x64.sys [35960 2014-12-28] (Visicom Media Inc.)
S0 megasas2i; C:\Windows\System32\drivers\MegaSas2i.sys [64352 2016-10-05] (Avago Technologies)
S3 NetAdapterCx; C:\Windows\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R1 NNSALPC; C:\Windows\system32\DRIVERS\NNSALPC.sys [103824 2015-07-16] (Panda Security, S.L.)
R1 NNSHTTP; C:\Windows\system32\DRIVERS\NNSHTTP.sys [211352 2015-07-16] (Panda Security, S.L.)
R1 NNSHTTPS; C:\Windows\system32\DRIVERS\NNSHTTPS.sys [120216 2015-07-16] (Panda Security, S.L.)
R1 NNSIDS; C:\Windows\system32\DRIVERS\NNSIDS.sys [120208 2015-07-16] (Panda Security, S.L.)
R1 NNSNAHSL; C:\Windows\system32\DRIVERS\NNSNAHSL.sys [58616 2015-06-19] (Panda Security, S.L.)
R1 NNSPICC; C:\Windows\system32\DRIVERS\NNSPICC.sys [112536 2015-07-16] (Panda Security, S.L.)
R1 NNSPIHSW; C:\Windows\system32\DRIVERS\NNSPIHSW.sys [89472 2015-09-01] (Panda Security, S.L.)
R1 NNSPOP3; C:\Windows\system32\DRIVERS\NNSPOP3.sys [133528 2015-07-16] (Panda Security, S.L.)
R1 NNSPROT; C:\Windows\system32\DRIVERS\NNSPROT.sys [309648 2015-07-16] (Panda Security, S.L.)
R1 NNSPRV; C:\Windows\system32\DRIVERS\NNSPRV.sys [179608 2015-07-16] (Panda Security, S.L.)
R1 NNSSMTP; C:\Windows\system32\DRIVERS\NNSSMTP.sys [122776 2015-07-16] (Panda Security, S.L.)
R1 NNSSTRM; C:\Windows\system32\DRIVERS\NNSSTRM.sys [267160 2015-07-16] (Panda Security, S.L.)
R1 NNSTLSC; C:\Windows\system32\DRIVERS\NNSTLSC.sys [115600 2015-07-16] (Panda Security, S.L.)
R3 nvlddmkm; C:\Windows\System32\DriverStore\FileRepository\nv_dispiwu.inf_amd64_9ff5ab165faead52\nvlddmkm.sys [13754936 2016-08-26] (NVIDIA Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [26560 2016-01-11] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [47760 2015-12-18] (NVIDIA Corporation)
R3 panda_url_filteringd; C:\Program Files\Panda Security URL Filtering\panda_url_filteringd.sys [51288 2014-03-19] (Visicom Media Inc.)
S0 percsas2i; C:\Windows\System32\drivers\percsas2i.sys [58720 2016-07-16] (Avago Technologies)
R2 PSINAflt; C:\Windows\System32\DRIVERS\PSINAflt.sys [173464 2015-07-21] (Panda Security, S.L.)
R2 PSINFile; C:\Windows\System32\DRIVERS\PSINFile.sys [130968 2015-07-21] (Panda Security, S.L.)
R1 PSINKNC; C:\Windows\system32\DRIVERS\PSINKNC.sys [207256 2015-07-21] (Panda Security, S.L.)
R2 PSINProc; C:\Windows\System32\DRIVERS\PSINProc.sys [133528 2015-07-21] (Panda Security, S.L.)
R2 PSINProt; C:\Windows\System32\DRIVERS\PSINProt.sys [143768 2015-07-21] (Panda Security, S.L.)
R2 PSINReg; C:\Windows\system32\DRIVERS\PSINReg.sys [117144 2015-07-21] (Panda Security, S.L.)
U3 PSKMAD; C:\Windows\System32\DRIVERS\PSKMAD.sys [62080 2015-06-16] (Panda Security, S.L.)
S3 RimVSerPort; C:\Windows\system32\DRIVERS\RimSerial_AMD64.sys [31744 2009-01-09] (Research in Motion Ltd)
R3 RtkBtFilter; C:\Windows\system32\DRIVERS\RtkBtfilter.sys [593624 2015-12-15] (Realtek Semiconductor Corporation)
R3 RTWlanE; C:\Windows\System32\drivers\rtwlane.sys [5144064 2016-07-16] (Realtek Semiconductor Corporation )
S0 scmbus; C:\Windows\System32\drivers\scmbus.sys [88416 2016-07-16] (Microsoft Corporation)
S3 scmdisk0101; C:\Windows\System32\drivers\scmdisk0101.sys [123904 2016-07-16] (Microsoft Corporation)
S3 UcmTcpciCx0101; C:\Windows\System32\Drivers\UcmTcpciCx.sys [108544 2016-07-16] (Microsoft Corporation)
S3 UdeCx; C:\Windows\System32\drivers\udecx.sys [45568 2016-07-16] (Microsoft Corporation)
S3 vmgid; C:\Windows\System32\drivers\vmgid.sys [10240 2016-07-16] (Microsoft Corporation)
R0 volume; C:\Windows\System32\drivers\volume.sys [16224 2016-07-16] (Microsoft Corporation)
R2 wcifs; C:\Windows\system32\drivers\wcifs.sys [119648 2016-09-15] (Microsoft Corporation)
R2 wcnfs; C:\Windows\system32\drivers\wcnfs.sys [66560 2016-07-16] (Microsoft Corporation)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

NETSVC: shpamsvc -> C:\Windows\system32\Windows.SharedPC.AccountManager.dll (Microsoft Corporation)
NETSVC: WpnService -> C:\Windows\system32\WpnService.dll (Microsoft Corporation)
NETSVC: wisvc -> C:\Windows\system32\flightsettings.dll (Microsoft Corporation)
 
Remainder of frst.txt

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-12-06 16:05 - 2016-12-06 16:05 - 00000000 ___HD C:\OneDriveTemp
2016-12-05 18:08 - 2016-12-05 18:08 - 00001829 _____ C:\Users\Public\Desktop\iTunes.lnk
2016-12-05 18:08 - 2016-12-05 18:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2016-12-05 18:07 - 2016-12-05 18:08 - 00000000 ____D C:\Program Files\iTunes
2016-12-05 18:07 - 2016-12-05 18:07 - 00000000 ____D C:\Program Files\iPod
2016-12-04 08:24 - 2016-12-04 08:29 - 00000000 ____D C:\AdwCleaner
2016-12-04 06:45 - 2016-12-04 06:45 - 00028272 _____ C:\WINDOWS\system32\Drivers\TrueSight.sys
2016-12-04 06:44 - 2016-12-04 07:45 - 00000000 ____D C:\ProgramData\RogueKiller
2016-12-04 06:44 - 2016-12-04 06:44 - 00000906 _____ C:\Users\Public\Desktop\RogueKiller.lnk
2016-12-04 06:44 - 2016-12-04 06:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RogueKiller
2016-12-04 06:44 - 2016-12-04 06:44 - 00000000 ____D C:\Program Files\RogueKiller
2016-12-03 09:45 - 2016-12-06 18:35 - 00000000 ____D C:\FRST
2016-12-03 09:45 - 2016-12-04 08:54 - 00000000 ____D C:\Users\Brad\Desktop\techspot help
2016-12-03 08:34 - 2016-12-04 08:32 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2016-12-03 08:33 - 2016-12-03 09:31 - 00001178 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2016-12-03 08:33 - 2016-12-03 08:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2016-12-03 08:33 - 2016-12-03 08:33 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-12-03 08:33 - 2016-12-03 08:33 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2016-12-03 08:33 - 2016-03-10 14:09 - 00065408 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2016-12-03 08:33 - 2016-03-10 14:08 - 00140672 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2016-12-03 08:33 - 2016-03-10 14:08 - 00027008 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2016-11-29 16:54 - 2016-11-29 16:54 - 00000000 ____D C:\Users\Brad\AppData\LocalLow\Landfall
2016-11-29 16:52 - 2016-11-29 16:52 - 00000000 ____D C:\Users\Brad\Desktop\TotallyAccurateBattleSimulator_Data
2016-11-26 11:53 - 2016-11-26 11:53 - 00000148 _____ C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc
2016-11-26 11:53 - 2016-11-26 11:53 - 00000000 ____D C:\Users\Brad\AppData\Roaming\Fatshark
2016-11-16 16:14 - 2016-11-16 16:14 - 00000000 _____ C:\WINDOWS\SysWOW64\track
2016-11-14 21:27 - 2016-11-14 21:27 - 00000000 ____D C:\Program Files (x86)\PaintToolSAI
2016-11-14 21:21 - 2016-11-14 21:21 - 00000000 ____D C:\Users\Brad\AppData\Roaming\SYSTEMAX Software Development
2016-11-14 21:21 - 2016-11-14 21:21 - 00000000 ____D C:\ProgramData\SYSTEMAX Software Development
2016-11-13 08:53 - 2016-11-13 08:53 - 00000000 ____D C:\Users\Brad\AppData\LocalLow\CampoSanto
2016-11-08 17:15 - 2016-11-02 07:01 - 00484584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2016-11-08 17:15 - 2016-11-02 07:01 - 00315744 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2016-11-08 17:15 - 2016-11-02 06:13 - 00773720 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2016-11-08 17:15 - 2016-11-02 06:12 - 00376672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2016-11-08 17:15 - 2016-11-02 06:12 - 00341344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2016-11-08 17:15 - 2016-11-02 06:10 - 02323728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
2016-11-08 17:15 - 2016-11-02 06:09 - 02257104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2016-11-08 17:15 - 2016-11-02 06:08 - 00576408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2016-11-08 17:15 - 2016-11-02 06:08 - 00186424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\weretw.dll
2016-11-08 17:15 - 2016-11-02 06:05 - 03892352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2016-11-08 17:15 - 2016-11-02 06:05 - 00959112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2016-11-08 17:15 - 2016-11-02 06:05 - 00951904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2016-11-08 17:15 - 2016-11-02 06:02 - 00682816 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2016-11-08 17:15 - 2016-11-02 06:02 - 00238056 _____ (Microsoft Corporation) C:\WINDOWS\system32\weretw.dll
2016-11-08 17:15 - 2016-11-02 06:01 - 01263856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2016-11-08 17:15 - 2016-11-02 06:01 - 00545936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2016-11-08 17:15 - 2016-11-02 06:00 - 08156080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2016-11-08 17:15 - 2016-11-02 06:00 - 01274712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2016-11-08 17:15 - 2016-11-02 05:49 - 00037376 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2016-11-08 17:15 - 2016-11-02 05:47 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Shell.Search.UriHandler.dll
2016-11-08 17:15 - 2016-11-02 05:46 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininetlui.dll
2016-11-08 17:15 - 2016-11-02 05:39 - 00348672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\zipfldr.dll
2016-11-08 17:15 - 2016-11-02 05:33 - 03307520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2016-11-08 17:15 - 2016-11-02 05:31 - 00226304 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcTok.exe
2016-11-08 17:15 - 2016-11-02 05:31 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSpkg.dll
2016-11-08 17:15 - 2016-11-02 05:30 - 00109056 _____ (Microsoft Corporation) C:\WINDOWS\system32\dab.dll
2016-11-08 17:15 - 2016-11-02 05:30 - 00058880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.Search.UriHandler.dll
2016-11-08 17:15 - 2016-11-02 05:29 - 00884224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2016-11-08 17:15 - 2016-11-02 05:29 - 00336896 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkBindingEngineMigPlugin.dll
2016-11-08 17:15 - 2016-11-02 05:29 - 00122368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NPSM.dll
2016-11-08 17:15 - 2016-11-02 05:28 - 04423680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2016-11-08 17:15 - 2016-11-02 05:28 - 00566784 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActionCenterCPL.dll
2016-11-08 17:15 - 2016-11-02 05:28 - 00432128 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
2016-11-08 17:15 - 2016-11-02 05:28 - 00252928 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll
2016-11-08 17:15 - 2016-11-02 05:28 - 00109568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\chartv.dll
2016-11-08 17:15 - 2016-11-02 05:27 - 01388544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Cred.dll
2016-11-08 17:15 - 2016-11-02 05:26 - 00712192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2016-11-08 17:15 - 2016-11-02 05:26 - 00579072 _____ (Microsoft Corporation) C:\WINDOWS\system32\ddraw.dll
2016-11-08 17:15 - 2016-11-02 05:26 - 00278016 _____ (Microsoft Corporation) C:\WINDOWS\system32\netplwiz.dll
2016-11-08 17:15 - 2016-11-02 05:23 - 00101888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bowser.sys
2016-11-08 17:15 - 2016-11-02 05:22 - 13441024 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2016-11-08 17:15 - 2016-11-02 05:19 - 00130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\chartv.dll
2016-11-08 17:15 - 2016-11-02 05:19 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\asycfilt.dll
2016-11-08 17:15 - 2016-11-02 05:18 - 00836608 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcRefreshTask.dll
2016-11-08 17:15 - 2016-11-02 05:17 - 00909824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2016-11-08 17:15 - 2016-11-02 05:16 - 01359360 _____ (Microsoft Corporation) C:\WINDOWS\system32\usercpl.dll
2016-11-08 17:15 - 2016-11-02 05:16 - 00308736 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActionCenter.dll
2016-11-08 17:15 - 2016-11-02 03:20 - 00446896 _____ C:\WINDOWS\system32\ApnDatabase.xml
2016-11-08 17:14 - 2016-11-02 06:22 - 01570672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2016-11-08 17:14 - 2016-11-02 06:20 - 00590960 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2016-11-08 17:14 - 2016-11-02 06:13 - 01883784 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2016-11-08 17:14 - 2016-11-02 06:12 - 02255712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2016-11-08 17:14 - 2016-11-02 06:05 - 06657176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2016-11-08 17:14 - 2016-11-02 06:05 - 00405856 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2016-11-08 17:14 - 2016-11-02 06:04 - 04312248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2016-11-08 17:14 - 2016-11-02 06:03 - 00714592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2016-11-08 17:14 - 2016-11-02 06:00 - 00534096 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2016-11-08 17:14 - 2016-11-02 05:59 - 04673304 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2016-11-08 17:14 - 2016-11-02 05:50 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe
2016-11-08 17:14 - 2016-11-02 05:49 - 00147968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2016-11-08 17:14 - 2016-11-02 05:44 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2016-11-08 17:14 - 2016-11-02 05:44 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AuthExt.dll
2016-11-08 17:14 - 2016-11-02 05:43 - 00557568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2016-11-08 17:14 - 2016-11-02 05:42 - 00632832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sud.dll
2016-11-08 17:14 - 2016-11-02 05:42 - 00506880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DevicePairing.dll
2016-11-08 17:14 - 2016-11-02 05:42 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe
2016-11-08 17:14 - 2016-11-02 05:40 - 00896512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontext.dll
2016-11-08 17:14 - 2016-11-02 05:38 - 00760832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appwiz.cpl
2016-11-08 17:14 - 2016-11-02 05:36 - 07626752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2016-11-08 17:14 - 2016-11-02 05:34 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2016-11-08 17:14 - 2016-11-02 05:33 - 12349952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2016-11-08 17:14 - 2016-11-02 05:32 - 00040448 _____ (Microsoft Corporation) C:\WINDOWS\system32\efsext.dll
2016-11-08 17:14 - 2016-11-02 05:31 - 01228288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usercpl.dll
2016-11-08 17:14 - 2016-11-02 05:31 - 00097792 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2016-11-08 17:14 - 2016-11-02 05:30 - 09131008 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2016-11-08 17:14 - 2016-11-02 05:30 - 00567296 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicePairing.dll
2016-11-08 17:14 - 2016-11-02 05:29 - 07469056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2016-11-08 17:14 - 2016-11-02 05:28 - 00411136 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCenter.dll
2016-11-08 17:14 - 2016-11-02 05:28 - 00324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll
2016-11-08 17:14 - 2016-11-02 05:28 - 00274432 _____ (Microsoft Corporation) C:\WINDOWS\system32\ListSvc.dll
2016-11-08 17:14 - 2016-11-02 05:28 - 00240640 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkDesktopSettings.dll
2016-11-08 17:14 - 2016-11-02 05:28 - 00115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\IdCtrls.dll
2016-11-08 17:14 - 2016-11-02 05:27 - 02458112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\themecpl.dll
2016-11-08 17:14 - 2016-11-02 05:27 - 00631296 _____ (Microsoft Corporation) C:\WINDOWS\system32\WlanMediaManager.dll
2016-11-08 17:14 - 2016-11-02 05:27 - 00580608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hgcpl.dll
2016-11-08 17:14 - 2016-11-02 05:27 - 00545792 _____ (Microsoft Corporation) C:\WINDOWS\system32\timedate.cpl
2016-11-08 17:14 - 2016-11-02 05:27 - 00495104 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataSenseHandlers.dll
2016-11-08 17:14 - 2016-11-02 05:27 - 00422400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.dll
2016-11-08 17:14 - 2016-11-02 05:26 - 02747392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpcore.dll
2016-11-08 17:14 - 2016-11-02 05:26 - 02484736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gameux.dll
2016-11-08 17:14 - 2016-11-02 05:26 - 00912896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2016-11-08 17:14 - 2016-11-02 05:26 - 00388608 _____ (Microsoft Corporation) C:\WINDOWS\system32\zipfldr.dll
2016-11-08 17:14 - 2016-11-02 05:26 - 00358912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\stobject.dll
2016-11-08 17:14 - 2016-11-02 05:26 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2016-11-08 17:14 - 2016-11-02 05:25 - 02998272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2016-11-08 17:14 - 2016-11-02 05:25 - 01556480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2016-11-08 17:14 - 2016-11-02 05:25 - 00655872 _____ (Microsoft Corporation) C:\WINDOWS\system32\sud.dll
2016-11-08 17:14 - 2016-11-02 05:25 - 00496128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.UserAccountsHandlers.dll
2016-11-08 17:14 - 2016-11-02 05:24 - 00940032 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontext.dll
2016-11-08 17:14 - 2016-11-02 05:23 - 03106304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstsc.exe
2016-11-08 17:14 - 2016-11-02 05:23 - 02104320 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2016-11-08 17:14 - 2016-11-02 05:22 - 04749312 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2016-11-08 17:14 - 2016-11-02 05:22 - 00337920 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2016-11-08 17:14 - 2016-11-02 05:21 - 00942080 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2016-11-08 17:14 - 2016-11-02 05:19 - 00981504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.OnlineId.dll
2016-11-08 17:14 - 2016-11-02 05:19 - 00154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\NPSM.dll
2016-11-08 17:14 - 2016-11-02 05:18 - 00991232 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2016-11-08 17:14 - 2016-11-02 05:17 - 01282048 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2016-11-08 17:14 - 2016-11-02 05:17 - 00828416 _____ (Microsoft Corporation) C:\WINDOWS\system32\appwiz.cpl
2016-11-08 17:14 - 2016-11-02 05:17 - 00389632 _____ (Microsoft Corporation) C:\WINDOWS\system32\stobject.dll
2016-11-08 17:14 - 2016-11-02 05:16 - 03400192 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncCenter.dll
2016-11-08 17:14 - 2016-11-02 05:16 - 03133440 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcore.dll
2016-11-08 17:14 - 2016-11-02 05:16 - 02512384 _____ (Microsoft Corporation) C:\WINDOWS\system32\themecpl.dll
2016-11-08 17:14 - 2016-11-02 05:16 - 00881664 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2016-11-08 17:14 - 2016-11-02 05:16 - 00629248 _____ (Microsoft Corporation) C:\WINDOWS\system32\hgcpl.dll
2016-11-08 17:14 - 2016-11-02 05:15 - 02611200 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameux.dll
2016-11-08 17:14 - 2016-11-02 05:15 - 00483328 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.dll
2016-11-08 17:14 - 2016-11-02 05:14 - 01726976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2016-11-08 17:13 - 2016-11-02 06:22 - 00601712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2016-11-08 17:13 - 2016-11-02 06:03 - 02750936 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2016-11-08 17:13 - 2016-11-02 06:01 - 01425000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d9.dll
2016-11-08 17:13 - 2016-11-02 06:01 - 01415744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2016-11-08 17:13 - 2016-11-02 06:00 - 22223968 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2016-11-08 17:13 - 2016-11-02 05:48 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2016-11-08 17:13 - 2016-11-02 05:43 - 00270336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2016-11-08 17:13 - 2016-11-02 05:42 - 00549376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActionCenterCPL.dll
2016-11-08 17:13 - 2016-11-02 05:42 - 00306176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2016-11-08 17:13 - 2016-11-02 05:40 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\indexeddbserver.dll
2016-11-08 17:13 - 2016-11-02 05:39 - 00465920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppBroker.dll
2016-11-08 17:13 - 2016-11-02 05:38 - 22563840 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-11-08 17:13 - 2016-11-02 05:37 - 19415040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2016-11-08 17:13 - 2016-11-02 05:36 - 19415552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-11-08 17:13 - 2016-11-02 05:31 - 03196416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2016-11-08 17:13 - 2016-11-02 05:31 - 00159232 _____ (Microsoft Corporation) C:\WINDOWS\system32\ACPBackgroundManagerPolicy.dll
2016-11-08 17:13 - 2016-11-02 05:31 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2016-11-08 17:13 - 2016-11-02 05:30 - 12175360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-11-08 17:13 - 2016-11-02 05:30 - 00321536 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2016-11-08 17:13 - 2016-11-02 05:29 - 03666432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2016-11-08 17:13 - 2016-11-02 05:29 - 01247232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Globalization.dll
2016-11-08 17:13 - 2016-11-02 05:29 - 00314880 _____ (Microsoft Corporation) C:\WINDOWS\system32\FSClient.dll
2016-11-08 17:13 - 2016-11-02 05:29 - 00296960 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsensorgroup.dll
2016-11-08 17:13 - 2016-11-02 05:28 - 06044160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2016-11-08 17:13 - 2016-11-02 05:28 - 00690176 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2016-11-08 17:13 - 2016-11-02 05:28 - 00279552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.HumanInterfaceDevice.dll
2016-11-08 17:13 - 2016-11-02 05:28 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2016-11-08 17:13 - 2016-11-02 05:28 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\asycfilt.dll
2016-11-08 17:13 - 2016-11-02 05:27 - 23677952 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-11-08 17:13 - 2016-11-02 05:27 - 00261632 _____ (Microsoft Corporation) C:\WINDOWS\system32\indexeddbserver.dll
2016-11-08 17:13 - 2016-11-02 05:26 - 01509376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2016-11-08 17:13 - 2016-11-02 05:25 - 00956416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2016-11-08 17:13 - 2016-11-02 05:22 - 13081600 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-11-08 17:13 - 2016-11-02 05:21 - 05111296 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2016-11-08 17:13 - 2016-11-02 05:20 - 02273792 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2016-11-08 17:13 - 2016-11-02 05:20 - 00167936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ErrorDetails.dll
2016-11-08 17:13 - 2016-11-02 05:19 - 08127488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-11-08 17:13 - 2016-11-02 05:19 - 08075776 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2016-11-08 17:13 - 2016-11-02 05:19 - 01586176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Globalization.dll
2016-11-08 17:13 - 2016-11-02 05:19 - 00805888 _____ (Microsoft Corporation) C:\WINDOWS\system32\FrameServer.dll
2016-11-08 17:13 - 2016-11-02 05:18 - 01690112 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2016-11-08 17:13 - 2016-11-02 05:18 - 00243712 _____ (Microsoft Corporation) C:\WINDOWS\system32\shdocvw.dll
2016-11-08 17:13 - 2016-11-02 05:17 - 04746752 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-11-08 17:13 - 2016-11-02 05:17 - 00982528 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2016-11-08 17:13 - 2016-11-02 05:16 - 02688512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2016-11-08 17:13 - 2016-11-02 05:16 - 02669056 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-11-08 17:13 - 2016-11-02 05:16 - 01779712 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-11-08 17:13 - 2016-11-02 05:16 - 01637888 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2016-11-08 17:13 - 2016-11-02 05:16 - 00770560 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2016-11-08 17:13 - 2016-11-02 05:16 - 00579072 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppBroker.dll
2016-11-08 17:13 - 2016-11-02 05:15 - 04708864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2016-11-08 17:13 - 2016-11-02 05:15 - 01513472 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2016-11-08 17:13 - 2016-11-02 05:15 - 01348608 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2016-11-08 17:13 - 2016-11-02 05:15 - 00842240 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntshrui.dll
2016-11-08 17:13 - 2016-11-02 05:13 - 03496960 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVidCtl.dll
2016-11-08 17:13 - 2016-08-01 23:30 - 00822784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2016-11-08 17:12 - 2016-11-02 06:20 - 00378720 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2016-11-08 17:12 - 2016-11-02 06:15 - 01051112 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2016-11-08 17:12 - 2016-11-02 06:15 - 00894096 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2016-11-08 17:12 - 2016-11-02 06:14 - 07816544 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-11-08 17:12 - 2016-11-02 06:13 - 01354320 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2016-11-08 17:12 - 2016-11-02 06:13 - 01173496 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2016-11-08 17:12 - 2016-11-02 06:13 - 00423776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifitask.exe
2016-11-08 17:12 - 2016-11-02 06:08 - 00602464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll
2016-11-08 17:12 - 2016-11-02 06:08 - 00111968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupApi.dll
2016-11-08 17:12 - 2016-11-02 06:05 - 20969928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2016-11-08 17:12 - 2016-11-02 06:04 - 02678056 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
2016-11-08 17:12 - 2016-11-02 06:04 - 00596832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comctl32.dll
2016-11-08 17:12 - 2016-11-02 06:02 - 00848736 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll
2016-11-08 17:12 - 2016-11-02 06:02 - 00148832 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupApi.dll
2016-11-08 17:12 - 2016-11-02 06:01 - 00276832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\input.dll
2016-11-08 17:12 - 2016-11-02 06:01 - 00092512 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2016-11-08 17:12 - 2016-11-02 06:00 - 04130432 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2016-11-08 17:12 - 2016-11-02 06:00 - 01061968 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2016-11-08 17:12 - 2016-11-02 05:56 - 01609920 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9.dll
2016-11-08 17:12 - 2016-11-02 05:56 - 01572768 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2016-11-08 17:12 - 2016-11-02 05:56 - 01418312 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2016-11-08 17:12 - 2016-11-02 05:56 - 00628552 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2016-11-08 17:12 - 2016-11-02 05:56 - 00322912 _____ (Microsoft Corporation) C:\WINDOWS\system32\input.dll
2016-11-08 17:12 - 2016-11-02 05:55 - 00048992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\iorate.sys
2016-11-08 17:12 - 2016-11-02 05:48 - 00095232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TSpkg.dll
2016-11-08 17:12 - 2016-11-02 05:48 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\efsext.dll
2016-11-08 17:12 - 2016-11-02 05:47 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BcastDVRHelper.dll
2016-11-08 17:12 - 2016-11-02 05:45 - 00492032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.exe
2016-11-08 17:12 - 2016-11-02 05:45 - 00182784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsensorgroup.dll
2016-11-08 17:12 - 2016-11-02 05:44 - 00231936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.LockScreen.dll
2016-11-08 17:12 - 2016-11-02 05:43 - 00731136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d8.dll
2016-11-08 17:12 - 2016-11-02 05:43 - 00198144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FSClient.dll
2016-11-08 17:12 - 2016-11-02 05:43 - 00126464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2016-11-08 17:12 - 2016-11-02 05:42 - 00202752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.HumanInterfaceDevice.dll
2016-11-08 17:12 - 2016-11-02 05:41 - 00635904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2016-11-08 17:12 - 2016-11-02 05:40 - 00548352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ddraw.dll
2016-11-08 17:12 - 2016-11-02 05:39 - 00236544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAnimation.dll
2016-11-08 17:12 - 2016-11-02 05:36 - 00063488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ErrorDetailsUpdate.dll
2016-11-08 17:12 - 2016-11-02 05:35 - 00336896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msinfo32.exe
2016-11-08 17:12 - 2016-11-02 05:34 - 00327168 _____ (Microsoft Corporation) C:\WINDOWS\system32\microsoft-windows-system-events.dll
2016-11-08 17:12 - 2016-11-02 05:33 - 00206848 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2016-11-08 17:12 - 2016-11-02 05:31 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\system32\BcastDVRHelper.dll
2016-11-08 17:12 - 2016-11-02 05:31 - 00170496 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppCapture.dll
2016-11-08 17:12 - 2016-11-02 05:31 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininetlui.dll
2016-11-08 17:12 - 2016-11-02 05:30 - 00635904 _____ (Microsoft Corporation) C:\WINDOWS\system32\FlightSettings.dll
2016-11-08 17:12 - 2016-11-02 05:30 - 00363520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BioFeedback.dll
2016-11-08 17:12 - 2016-11-02 05:30 - 00134144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ErrorDetails.dll
2016-11-08 17:12 - 2016-11-02 05:29 - 00418304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BlockedShutdown.dll
2016-11-08 17:12 - 2016-11-02 05:29 - 00276992 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2016-11-08 17:12 - 2016-11-02 05:29 - 00211968 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2016-11-08 17:12 - 2016-11-02 05:29 - 00139264 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2016-11-08 17:12 - 2016-11-02 05:28 - 00807424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.OnlineId.dll
2016-11-08 17:12 - 2016-11-02 05:28 - 00748544 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2016-11-08 17:12 - 2016-11-02 05:28 - 00321024 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkUXBroker.dll
2016-11-08 17:12 - 2016-11-02 05:28 - 00260608 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgentUserBroker.exe
2016-11-08 17:12 - 2016-11-02 05:27 - 00605184 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe
2016-11-08 17:12 - 2016-11-02 05:26 - 01880576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2016-11-08 17:12 - 2016-11-02 05:26 - 01595392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-11-08 17:12 - 2016-11-02 05:26 - 00798208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2016-11-08 17:12 - 2016-11-02 05:26 - 00273920 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAnimation.dll
2016-11-08 17:12 - 2016-11-02 05:25 - 02256384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2016-11-08 17:12 - 2016-11-02 05:25 - 00772608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntshrui.dll
2016-11-08 17:12 - 2016-11-02 05:25 - 00541696 _____ (Microsoft Corporation) C:\WINDOWS\system32\ipnathlp.dll
2016-11-08 17:12 - 2016-11-02 05:24 - 03778560 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2016-11-08 17:12 - 2016-11-02 05:23 - 02356736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVidCtl.dll
2016-11-08 17:12 - 2016-11-02 05:23 - 00199680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GlobCollationHost.dll
2016-11-08 17:12 - 2016-11-02 05:23 - 00072704 _____ (Microsoft Corporation) C:\WINDOWS\system32\ErrorDetailsUpdate.dll
2016-11-08 17:12 - 2016-11-02 05:22 - 00369664 _____ (Microsoft Corporation) C:\WINDOWS\system32\msinfo32.exe
2016-11-08 17:12 - 2016-11-02 05:16 - 04148736 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2016-11-08 17:12 - 2016-11-02 05:16 - 01490944 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2016-11-08 17:12 - 2016-11-02 05:16 - 00265728 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll
2016-11-08 17:12 - 2016-11-02 05:15 - 03616768 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-11-08 17:12 - 2016-11-02 05:13 - 03299840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstsc.exe
2016-11-08 17:12 - 2016-11-02 05:13 - 00322048 _____ (Microsoft Corporation) C:\WINDOWS\system32\GlobCollationHost.dll
2016-11-08 17:12 - 2016-11-02 04:11 - 00788624 _____ C:\WINDOWS\SysWOW64\locale.nls
2016-11-08 17:12 - 2016-11-02 04:11 - 00788624 _____ C:\WINDOWS\system32\locale.nls
2016-11-08 17:11 - 2016-11-02 05:47 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.BlockedShutdown.dll
2016-11-08 17:11 - 2016-11-02 05:46 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppCapture.dll
2016-11-08 17:11 - 2016-11-02 05:45 - 00253952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.BioFeedback.dll
2016-11-08 17:11 - 2016-11-02 05:42 - 00866816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Cred.dll
2016-11-08 17:11 - 2016-11-02 05:32 - 00045056 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-12-06 18:34 - 2015-08-04 16:17 - 00000000 ____D C:\Users\Brad\AppData\Roaming\Skype
2016-12-06 18:33 - 2016-10-02 10:59 - 00000000 ____D C:\Users\Brad\AppData\Roaming\Curse Client
2016-12-06 18:23 - 2016-09-04 13:11 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2016-12-06 18:05 - 2016-07-16 06:47 - 00000000 ____D C:\WINDOWS\system32\sru
2016-12-06 17:08 - 2015-07-10 07:22 - 00000275 _____ C:\WINDOWS\WindowsUpdate.log
2016-12-06 16:23 - 2015-03-06 21:38 - 00000000 ____D C:\Program Files (x86)\Steam
2016-12-06 16:11 - 2016-07-16 06:47 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-12-06 16:05 - 2015-03-06 21:30 - 00000000 __RDO C:\Users\Brad\OneDrive
2016-12-06 16:04 - 2016-09-04 13:16 - 00000000 ____D C:\Users\Brad
2016-12-06 16:03 - 2015-05-09 21:27 - 00000000 ____D C:\ProgramData\panda_url_filtering
2016-12-05 18:13 - 2016-01-16 19:51 - 00000000 ____D C:\Users\Brad\AppData\Local\CrashDumps
2016-12-05 18:07 - 2015-03-14 10:52 - 00000000 ____D C:\Program Files\Common Files\Apple
2016-12-04 10:59 - 2016-07-16 06:47 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2016-12-04 08:37 - 2015-08-07 08:36 - 01278006 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-12-04 08:36 - 2016-01-17 14:45 - 00000000 ____D C:\ProgramData\BlueStacksSetup
2016-12-04 08:31 - 2016-09-04 13:32 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-12-04 08:31 - 2016-09-04 13:13 - 00000000 ____D C:\ProgramData\NVIDIA
2016-12-04 08:30 - 2016-07-16 01:04 - 00786432 _____ C:\WINDOWS\system32\config\BBI
2016-12-04 07:49 - 2016-09-04 13:26 - 00012368 _____ C:\WINDOWS\PFRO.log
2016-12-04 07:38 - 2013-08-22 10:36 - 00000000 ___HD C:\WINDOWS\system32\GroupPolicy
2016-12-03 20:27 - 2016-10-26 19:35 - 00011264 _____ C:\Users\Brad\Documents\Curling Schedule 2016-2017 round robin.xls
2016-12-03 15:04 - 2015-03-11 16:23 - 00000000 ___RD C:\Users\Brad\Desktop\Games
2016-12-03 09:31 - 2016-10-02 11:00 - 00001112 _____ C:\Users\Brad\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Curse.lnk
2016-12-03 09:31 - 2016-09-04 16:12 - 00001054 _____ C:\Users\Brad\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Optional Features.lnk
2016-12-03 09:31 - 2016-07-01 09:51 - 00001059 _____ C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk
2016-12-03 09:31 - 2016-01-17 14:47 - 00001749 _____ C:\Users\Brad\AppData\Roaming\Microsoft\Windows\Start Menu\BlueStacks.lnk
2016-12-03 09:31 - 2015-08-07 08:47 - 00002408 _____ C:\Users\Brad\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2016-12-03 09:31 - 2015-03-15 20:06 - 00001099 _____ C:\Users\Public\Desktop\paint.net.lnk
2016-12-03 09:31 - 2015-03-11 19:16 - 00000945 _____ C:\Users\Public\Desktop\MAGIX Movie Edit Pro 2015 Plus.lnk
2016-12-03 09:30 - 2016-09-04 13:12 - 00001288 _____ C:\Users\Public\Desktop\AudioWizard.lnk
2016-12-03 09:30 - 2016-01-17 14:47 - 00001725 _____ C:\Users\Public\Desktop\BlueStacks.lnk
2016-12-03 09:30 - 2015-03-13 20:04 - 00001457 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2016-12-03 09:30 - 2015-03-11 16:47 - 00001151 _____ C:\Users\Public\Desktop\Greenfish Icon Editor Pro.lnk
2016-12-03 09:29 - 2016-06-11 18:35 - 00001442 _____ C:\Users\Brad\Desktop\Steam.lnk
2016-12-03 09:29 - 2015-06-27 10:53 - 00001964 _____ C:\Users\Brad\Desktop\Blender.lnk
2016-12-03 09:29 - 2015-03-13 00:57 - 00001007 _____ C:\Users\Brad\Desktop\Bandicam.lnk
2016-12-03 09:24 - 2016-09-04 13:23 - 00001576 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2016-12-03 09:24 - 2016-09-04 13:12 - 00001300 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AudioWizard.lnk
2016-12-03 09:24 - 2016-07-01 09:51 - 00001021 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client.lnk
2016-12-03 09:24 - 2016-01-23 12:50 - 00002276 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Panda Free Antivirus.lnk
2016-12-03 09:24 - 2015-03-15 20:06 - 00001111 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\paint.net.lnk
2016-12-03 09:24 - 2015-03-14 10:53 - 00002535 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2016-12-03 09:24 - 2015-03-13 06:34 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2016-12-03 09:24 - 2015-03-07 21:24 - 00002279 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-12-03 09:24 - 2014-09-11 23:55 - 00001392 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Photo Gallery.lnk
2016-12-03 09:24 - 2014-09-11 23:55 - 00001323 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Movie Maker.lnk
2016-12-03 09:24 - 2014-09-11 23:47 - 00001998 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office.lnk
2016-11-21 20:52 - 2015-03-06 21:23 - 00000000 ____D C:\Users\Brad\AppData\Local\Packages
2016-11-10 18:22 - 2016-07-16 06:47 - 00000000 ____D C:\WINDOWS\rescache
2016-11-09 16:10 - 2015-08-04 16:17 - 00000000 ___RD C:\Program Files (x86)\Skype
2016-11-09 16:10 - 2015-08-04 16:16 - 00000000 ____D C:\ProgramData\Skype
2016-11-09 16:02 - 2016-09-04 13:10 - 00406776 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-11-08 18:31 - 2016-07-16 06:47 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2016-11-08 18:31 - 2016-07-16 06:47 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2016-11-08 18:31 - 2016-07-16 06:47 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2016-11-08 18:31 - 2016-07-16 06:47 - 00000000 ____D C:\WINDOWS\system32\oobe
2016-11-08 18:31 - 2016-07-16 06:47 - 00000000 ____D C:\WINDOWS\system32\migwiz
2016-11-08 18:31 - 2016-07-16 06:47 - 00000000 ____D C:\WINDOWS\ShellExperiences
2016-11-08 18:31 - 2016-07-16 06:47 - 00000000 ____D C:\WINDOWS\bcastdvr
2016-11-08 17:46 - 2016-07-16 06:36 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-11-08 17:37 - 2015-03-10 05:53 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-11-08 17:34 - 2015-03-10 05:53 - 141011376 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe

==================== Files in the root of some directories =======

2015-07-23 16:50 - 2015-07-23 17:36 - 0000154 _____ () C:\Users\Brad\AppData\Roaming\Rim.Desktop.Exception.log
2015-07-23 16:49 - 2015-07-23 17:43 - 0001937 _____ () C:\Users\Brad\AppData\Roaming\Rim.Desktop.HttpServerSetup.log
2015-07-23 16:50 - 2015-07-23 17:36 - 0000154 _____ () C:\Users\Brad\AppData\Roaming\Rim.DesktopHelper.Exception.log
2015-03-06 21:23 - 2015-08-07 07:57 - 0324696 _____ () C:\Users\Brad\AppData\Local\BTServer.log
2015-07-23 16:51 - 2015-07-23 17:36 - 0009216 _____ () C:\Users\Brad\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2016-09-04 13:12 - 2016-09-04 13:12 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2016-11-26 11:53 - 2016-11-26 11:53 - 0000148 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc

Some files in TEMP:
====================
C:\Users\Brad\AppData\Local\Temp\dllnt_dump.dll
C:\Users\Brad\AppData\Local\Temp\libeay32.dll
C:\Users\Brad\AppData\Local\Temp\msvcr120.dll
C:\Users\Brad\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2016-11-28 17:28

==================== End of FRST.txt ============================
 
addition.txt

Additional scan result of Farbar Recovery Scan Tool (x64) Version:04-10-2015
Ran by Brad (2016-12-06 18:36:20)
Running from C:\Users\Brad\Desktop\techspot help
Windows 10 Home (X64) (2016-09-04 18:42:21)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-87857065-1652397247-1537311187-500 - Administrator - Disabled)
Brad (S-1-5-21-87857065-1652397247-1537311187-1002 - Administrator - Enabled) => C:\Users\Brad
DefaultAccount (S-1-5-21-87857065-1652397247-1537311187-503 - Limited - Disabled)
Guest (S-1-5-21-87857065-1652397247-1537311187-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-87857065-1652397247-1537311187-1004 - Limited - Enabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Panda Free Antivirus (Enabled - Up to date) {AAF74A68-8713-CDF1-004F-30003398BE9E}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Panda Free Antivirus (Enabled - Up to date) {1196AB8C-A129-C27F-3AFF-0B72481FF423}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Panda Firewall (Disabled) {92CCCB4D-CD7C-CCA9-2B10-9935CD4BF9E5}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Reader XI (11.0.10) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
Age of Wonders III (HKLM\...\Steam App 226840) (Version: - Triumph Studios)
Alcor Micro USB Card Reader Driver (HKLM-x32\...\InstallShield_{261ED3C4-356F-4810-80B9-EDD0992ED5AA}) (Version: 20.3.44.03963 - Alcor Micro Corp.)
Alcor Micro USB Card Reader Driver (x32 Version: 20.3.44.03963 - Alcor Micro Corp.) Hidden
AMD Catalyst Install Manager (HKLM\...\{B5550B26-CD14-054D-FF0A-83405AE096B9}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
Apple Application Support (32-bit) (HKLM-x32\...\{F2871C89-C8A5-42EE-8D45-0F02506385A6}) (Version: 5.1 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{9BC93467-75D1-4AA4-BD58-D9C51D88DFAB}) (Version: 5.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{55BB2110-FB43-49B3-93F4-945A0CFB0A6C}) (Version: 10.0.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
ARK: Survival Evolved (HKLM-x32\...\Steam App 346110) (Version: - Studio Wildcard)
Assassin's Creed Brotherhood (HKLM-x32\...\{BE4BA698-8533-4F77-9559-C7F3F78C0B05}) (Version: 1.03 - Ubisoft)
Assassin's Creed® III (HKLM-x32\...\Steam App 208480) (Version: - Ubisoft Montreal)
ASUS Manager - Ai Booting (HKLM-x32\...\{2DCE446C-D090-4458-8782-8F16DF94351E}) (Version: 2.01.14 - ASUSTeK Computer Inc.)
ASUS Manager - Ai Charger II (HKLM-x32\...\{9AF45D7C-34F1-4BA0-B799-825C8C04494C}) (Version: 2.00.13 - ASUSTeK Computer Inc.)
ASUS Manager - Backup & Recovery (HKLM-x32\...\{34D67DE5-2ECF-4E6B-A243-2C16E2792787}) (Version: 2.01.11 - ASUSTeK Computer Inc.)
ASUS Manager - Family Safety (HKLM-x32\...\{016AFF97-4E18-4560-B8E5-B684BB124E32}) (Version: 2.00.05 - ASUSTeK Computer Inc.)
ASUS Manager - PC Cleanup (HKLM-x32\...\{E22A19AE-7DDB-4959-B1DB-A0996294352A}) (Version: 2.01.11 - ASUSTeK Computer Inc.)
ASUS Manager - Power Manager (HKLM-x32\...\{DD248BEE-E925-4720-A775-9A42276BB6EA}) (Version: 2.02.03 - ASUSTeK Computer Inc.)
ASUS Manager - Update (HKLM-x32\...\{675BBE8A-0ED3-4048-8723-BA51EAB8E1A8}) (Version: 2.02.06 - ASUSTeK Computer Inc.)
ASUS Manager (HKLM-x32\...\{F5E5AD85-4A90-4604-A887-464D3818D8FD}) (Version: 2.09.01 - ASUSTeK Computer Inc.)
ASUS Music Maker (HKLM-x32\...\MAGIX_{AB515018-7F9D-4047-B0C0-F26BAC30F3E1}) (Version: 18.0.4.1 - MAGIX AG)
ASUS Music Maker (Version: 18.0.4.1 - MAGIX AG) Hidden
Audible Download Manager (HKLM-x32\...\AudibleDownloadManager) (Version: 6.6.0.19 - Audible, Inc.)
Bandicam (HKLM-x32\...\Bandicam) (Version: 2.1.3.757 - Bandisoft.com)
Bandisoft MPEG-1 Decoder (HKLM-x32\...\BandiMPEG1) (Version: - Bandisoft.com)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Besiege (HKLM-x32\...\Steam App 346010) (Version: - Spiderling Studios)
BioShock Infinite (HKLM-x32\...\Steam App 8870) (Version: - Irrational Games)
Blender (HKLM\...\{3ABDE236-0A3F-4D0D-BECB-DB67EE21C593}) (Version: 2.77.0 - Blender Foundation)
Blender (HKLM\...\Blender) (Version: 2.74 - Blender Foundation)
BlueStacks App Player (HKLM-x32\...\{4047E0FE-CBD8-4915-BBB1-45F6CBF417AC}) (Version: 2.0.4.5627 - BlueStack Systems, Inc.)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Call of Duty: World at War (HKLM-x32\...\Steam App 10090) (Version: - Treyarch)
Chapter and Verse (HKLM-x32\...\{56C796A7-9C34-4DD9-9EC5-42DBDAF8DC89}) (Version: 1.5.3.0 - Loden Software)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{AF312B06-5C5C-468E-89B3-BE6DE2645722}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{0A4EF0E6-A912-4CDE-A7F3-6E56E7C13A2F}) (Version: 1.1.6 - Cisco Systems, Inc.)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version: - Valve)
Creativerse (HKLM-x32\...\Steam App 280790) (Version: - Playful Corporation)
Curse (HKLM-x32\...\{DEE70742-F4E9-44CA-B2B9-EE95DCF37295}) (Version: 6.0.0.0 - Curse)
CyberLink PhotoDirector 3 (HKLM-x32\...\InstallShield_{39337565-330E-4ab6-A9AE-AC81E0720B10}) (Version: 3.0.1.5501 - CyberLink Corp.)
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.0.4307 - CyberLink Corp.)
CyberLink PowerDirector 10 (Version: 10.0.0.4307 - CyberLink Corp.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Diablo III (HKLM-x32\...\Diablo III) (Version: - Blizzard Entertainment)
Double Action: Boogaloo (HKLM-x32\...\Steam App 317360) (Version: - Double Action Factory)
Dying Light (HKLM-x32\...\Steam App 239140) (Version: - Techland)
Elite Dangerous Launcher version 0.4.5499.0 (HKLM-x32\...\{696F8871-C91D-4CB1-825D-36BE18065575}_is1) (Version: 0.4.5499.0 - Frontier Developments)
Elite: Dangerous (HKLM-x32\...\Steam App 359320) (Version: - Frontier Developments)
eManual (HKLM-x32\...\{0C84E634-EB68-4A54-B21E-A05EC87A4CC5}) (Version: 1.00.07 - ASUSTeK Computer Inc.)
ffdshow v1.3.4532 [2014-07-17] (HKLM-x32\...\ffdshow_is1) (Version: 1.3.4532.0 - )
Firebird SQL Server - MAGIX Edition (HKLM-x32\...\{39AB2E37-1A55-4292-A5D3-971E9F70D0F8}) (Version: 2.1.32.0 - MAGIX AG)
Firewatch (HKLM\...\Steam App 383870) (Version: - Campo Santo)
Five Nights at Freddy's 3 (HKLM-x32\...\Steam App 354140) (Version: - Scott Cawthon)
Fotogalerie (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Fotogalleriet (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Fotoğraf Galerisi (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Fraps (remove only) (HKLM-x32\...\Fraps) (Version: - )
Freelancer (HKLM-x32\...\Freelancer 1.0) (Version: - )
Galeria de Fotografias (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Galería de fotos (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Galerie de photos (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Garry's Mod (HKLM-x32\...\Steam App 4000) (Version: - Facepunch Studios)
Gloria Victis (HKLM\...\Steam App 327070) (Version: - Black Eye Games)
Goat Simulator (HKLM\...\Steam App 265930) (Version: - Coffee Stain Studios)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 54.0.2840.99 - Google Inc.)
Google Update Helper (x32 Version: 1.3.31.5 - Google Inc.) Hidden
Greenfish Icon Editor Pro 3.1 (HKLM-x32\...\{27135B83-5AFF-42A3-BCEB-E689BE9E2090}_is1) (Version: - Greenfish Corporation)
I am Bread (HKLM-x32\...\Steam App 327890) (Version: - Bossa Studios)
iExplorer 3.9.2.0 (HKLM-x32\...\{7FD8B0C1-CDDA-4B4D-A577-B2E3570EA3A3}_is1) (Version: - Macroplant LLC)
iTunes (HKLM\...\{554C62C7-E6BB-40F1-892B-F0AE02D3C135}) (Version: 12.5.3.17 - Apple Inc.)
Java 8 Update 73 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418073F0}) (Version: 8.0.730.2 - Oracle Corporation)
Kerbal Space Program (HKLM-x32\...\Steam App 220200) (Version: - Squad)
KogamaLauncher-WWW (HKLM-x32\...\{1CC9F278-D898-43D2-BBED-B3B765045888}) (Version: 1.0.3.0 - Multiverse ApS)
Left 4 Dead 2 (HKLM-x32\...\Steam App 550) (Version: - Valve)
LOOT (HKLM-x32\...\LOOT) (Version: 0.6.1 - LOOT Development Team)
MAGIX Movie Edit Pro 2015 Plus (HKLM\...\MX.{0797C499-48E8-46E2-9C97-90034F46F5E6}) (Version: 14.0.0.140 - MAGIX Software GmbH)
MAGIX Movie Edit Pro 2015 Plus (Version: 14.0.0.140 - MAGIX Software GmbH) Hidden
MAGIX Speed burnR (MSI) (HKLM-x32\...\MX.{819DE91E-229A-4DB4-8281-ECB3651FA0DA}) (Version: 7.0.1.27 - MAGIX Software GmbH)
MAGIX Speed burnR (MSI) (Version: 7.0.1.27 - MAGIX Software GmbH) Hidden
Malwarebytes Anti-Malware version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Mass Effect (HKLM\...\Steam App 17460) (Version: - BioWare)
Mass Effect 2 (HKLM\...\Steam App 24980) (Version: - BioWare)
Maxx Audio Installer (x64) (Version: 2.6.6168.8 - Waves Audio Ltd.) Hidden
Metro: Last Light (HKLM-x32\...\Steam App 43160) (Version: - 4A Games)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft LifeCam (HKLM\...\{8EC9E7BB-2443-49B1-8476-490EBF932C2E}) (Version: 4.25.512.0 - Microsoft Corporation)
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Middle-earth: Shadow of Mordor (HKLM-x32\...\Steam App 241930) (Version: - Monolith Productions, Inc.)
Movie Maker (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
Nexus Mod Manager (HKLM\...\6af12c54-643b-4752-87d0-8335503010de_is1) (Version: 0.60.0 - Black Tree Gaming)
No Man's Sky (HKLM\...\Steam App 275850) (Version: - Hello Games)
NVIDIA 3D Vision Controller Driver 352.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 352.65 - NVIDIA Corporation)
NVIDIA 3D Vision Driver 353.62 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 353.62 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.9.1.22 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.9.1.22 - NVIDIA Corporation)
NVIDIA Graphics Driver 353.62 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 353.62 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.34.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.3 - NVIDIA Corporation)
NVIDIA Miracast Virtual Audio 353.30 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Miracast.VirtualAudio) (Version: 353.30 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
OpenOffice 4.1.1 (HKLM-x32\...\{9395F41D-0F80-432E-9A59-B8E477E7E163}) (Version: 4.11.9775 - Apache Software Foundation)
Origin (HKLM-x32\...\Origin) (Version: 9.11.2.10120 - Electronic Arts, Inc.)
paint.net (HKLM\...\{DF3A46D9-67B3-44B2-9D01-25C8BA772C8A}) (Version: 4.0.6 - dotPDN LLC)
Panda Devices Agent (x32 Version: 1.03.07 - Panda Security) Hidden
Panda Devices Agent (x32 Version: 1.06.00 - Panda Security) Hidden
Panda Free Antivirus (HKLM-x32\...\Panda Universal Agent Endpoint) (Version: 16.0.2 - Panda Security)
Panda Free Antivirus (Version: 8.04.00.0000 - Panda Security) Hidden
Panda Security Toolbar (HKLM-x32\...\pandasecuritytb) (Version: 4.3.1.9 - Panda Security and Visicom Media Inc.)
PAYDAY 2 (HKLM-x32\...\Steam App 218620) (Version: - OVERKILL - a Starbreeze Studio.)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.990 - Even Balance, Inc.)
QuickTime 7 (HKLM-x32\...\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 - Apple Inc.)
Raccolta foto (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
REALTEK Bluetooth Driver (HKLM-x32\...\{9D3D8C60-A5EF-4123-B2B9-172095903AB}) (Version: 3.769.769.092613 - REALTEK Semiconductor Corp.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.9600.30179 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.29.314.2014 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7535 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN Driver (HKLM-x32\...\{9DAABC60-A5EF-41FF-B2B9-17329590CD5}) (Version: 1.00.0224 - REALTEK Semiconductor Corp.)
RogueKiller version 12.8.3.0 (HKLM\...\8B3D7924-ED89-486B-8322-E8594065D5CB_is1) (Version: 12.8.3.0 - Adlice Software)
Rust (HKLM-x32\...\Steam App 252490) (Version: - Facepunch Studios)
Saints Row IV (HKLM-x32\...\Steam App 206420) (Version: - Deep Silver Volition)
SHIELD Streaming (Version: 4.1.0260 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.9.1.22 - NVIDIA Corporation) Hidden
Skype Click to Call (HKLM-x32\...\{873F8E7C-10E6-449F-BD7E-5FBA7C8E1C9B}) (Version: 8.5.0.9167 - Microsoft Corporation)
Skype™ 7.29 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.29.102 - Skype Technologies S.A.)
SOL: Exodus (HKLM\...\Steam App 200410) (Version: - Bit Planet Games, LLC)
Spore (HKLM-x32\...\Steam App 17390) (Version: - Maxis™)
Spore: Creepy & Cute Parts Pack (HKLM-x32\...\Steam App 17440) (Version: - Maxis™)
Spore: Galactic Adventures (HKLM-x32\...\Steam App 24720) (Version: - EA - Maxis)
Starpoint Gemini 2 (HKLM\...\Steam App 236150) (Version: - Little Green Men Games)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Subnautica (HKLM-x32\...\Steam App 264710) (Version: - Unknown Worlds Entertainment)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.19 - TeamSpeak Systems GmbH)
The Elder Scrolls V: Skyrim (HKLM-x32\...\Steam App 72850) (Version: - Bethesda Game Studios)
The Stanley Parable (HKLM\...\Steam App 221910) (Version: - Galactic Cafe)
The Witcher 2 (HKLM-x32\...\{F0A209B7-7F85-4BDD-8F1F-B98EEAD9E04B}) (Version: 1.00.0000 - CD Projekt Red)
There's Poop In My Soup (HKLM\...\Steam App 449540) (Version: - Rudder Games)
Tiger Knight: Empire War (HKLM\...\Steam App 534500) (Version: - NetDragon Websoft Holdings Limited)
Total War: ROME II - Emperor Edition (HKLM-x32\...\Steam App 214950) (Version: - Creative Assembly)
Undertale (HKLM\...\Steam App 391540) (Version: - tobyfox)
Uplay (HKLM-x32\...\Uplay) (Version: 2.0 - Ubisoft)
Valokuvavalikoima (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Verizon Wireless Software Upgrade Assistant - SAMSUNG (TL-PC) (HKLM-x32\...\{F02C6726-D7AA-472F-8706-9A1F3D8FB1DE}) (Version: 1.13.0103 - SAMSUNG)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
Warhammer: End Times - Vermintide (HKLM\...\Steam App 235540) (Version: - Fatshark)
WebStorage (HKLM-x32\...\WebStorage) (Version: 2.2.0.496 - ASUS Cloud Corporation)
Who's Your Daddy (HKLM\...\Steam App 427730) (Version: - Evil Tortilla Games)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3522.0110 - Microsoft Corporation)
WinRAR 5.21 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
Wolfenstein: The New Order (HKLM-x32\...\Steam App 201810) (Version: - Machine Games)
ZOTAC FireStorm (HKLM-x32\...\ZOTAC FireStorm) (Version: - )
Συλλογή φωτογραφιών (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
影像中心 (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
照片库 (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-87857065-1652397247-1537311187-1002_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Brad\AppData\Local\Microsoft\OneDrive\17.3.6517.0809_1\FileCoAuth.exe (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-87857065-1652397247-1537311187-1002_Classes\CLSID\{D45F043D-F17F-4e8a-8435-70971D9FA46D}\InprocServer32 -> C:\Program Files\Blender Foundation\Blender\BlendThumb64.dll ()

==================== Restore Points =========================


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 08:25 - 2013-08-22 08:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {03896D04-23AB-4F74-A27D-B1B71EE41E2C} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\MDMMaintenenceTask => C:\Windows\system32\MDMAgent.exe [2016-07-16] (Microsoft Corporation)
Task: {0AF11BCF-36AC-4135-A633-784574D35EEC} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {0C7CB440-07DB-4523-8AA4-A07F8B7FA337} - System32\Tasks\ASUS\ASUS Manager - PC Cleanup - SecureDeleteBackground => C:\Program Files (x86)\ASUS\ASUS Manager\PC Cleanup\SecureDeleteBackground.exe [2014-06-03] ()
Task: {0D92C8C4-B52C-4824-9A1A-2A7812640DB5} - \WPD\SqmUpload_S-1-5-21-87857065-1652397247-1537311187-1002 -> No File <==== ATTENTION
Task: {11EF8237-224D-4CF9-9039-61D08754EA5D} - System32\Tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater => C:\Windows\system32\compattelrunner.exe [2016-10-14] (Microsoft Corporation)
Task: {1300AF09-5D37-4903-9EF8-260DC04A9938} - System32\Tasks\OneDrive Standalone Update Task => C:\Users\Brad\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\OneDriveStandaloneUpdater.exe [2016-08-24] (Microsoft Corporation)
Task: {16DEA092-FB0C-40D0-AE20-0536BECC21D9} - System32\Tasks\Microsoft\Windows\EDP\EDP App Launch Task
Task: {18378B62-856A-4B14-86F1-947A07D4EFCE} - System32\Tasks\ASUS\ASUS Manager BackgroundWindow => C:\Program Files (x86)\ASUS\ASUS Manager\BackgroundWindow.exe [2013-08-23] ()
Task: {184784E2-6ACB-4154-BD0F-A955BE13F177} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterDevicePolicyChange
Task: {1B65DD58-D16B-45E8-BEB4-94D7E4D64DF7} - System32\Tasks\Microsoft\Windows\EDP\EDP Auth Task
Task: {22F0C0A0-FA8F-4D61-9864-01ACBA3875B4} - System32\Tasks\ASUS\ASUS Update Checker => C:\Program Files (x86)\ASUS\ASUS Manager\Application Update\ASUSUpdateChecker.exe [2014-03-18] ()
Task: {2614689B-5AEA-46E8-B270-E30AE0C3CDE0} - System32\Tasks\ASUS\ASUS Updater => C:\Program Files (x86)\ASUS\ASUS Manager\Application Update\ASUSFourceUpdater.exe [2014-03-20] ()
Task: {2D1620AA-F39C-43C0-9607-476B5BE52DD6} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {310D21ED-1086-47B4-9E64-0716E35DE70C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-03-07] (Google Inc.)
Task: {32993286-670A-49AE-BF30-68A657C708C8} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\Windows\System32\AutoWorkplace.exe
Task: {43DF67E8-D733-48FA-98F2-4E6D341E4A79} - System32\Tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser => C:\Windows\system32\compattelrunner.exe [2016-10-14] (Microsoft Corporation)
Task: {4B92C058-6918-44FD-BA14-99FC9A1BEFA0} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2016-11-08] (Microsoft Corporation)
Task: {51B7FB15-4DCB-400E-9A98-10E802F21FB3} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterDeviceScreenOnOff
Task: {52107243-CB48-4679-ADAC-EF4F27238A0A} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {5654DFBB-E797-4758-B9A0-8BAE94A91F1D} - System32\Tasks\Microsoft\Windows\DUSM\dusmtask => C:\Windows\System32\dusmtask.exe [2016-07-16] (Microsoft Corporation)
Task: {5B340A8F-7F13-4F86-ADF8-FBC0BED531D2} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {5F5E675A-EDB6-4985-BFFF-FB65084C8FC4} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {5FAAF530-ED1B-4F7B-AD7B-1694AA0B202B} - System32\Tasks\Microsoft\Windows\CertificateServicesClient\CryptoPolicyTask
Task: {6232090F-3BD0-4E1F-960B-78CBA797F685} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\HandleWnsCommand
Task: {6AFC80EC-F164-4C49-928B-79148EAEE309} - \GenericSettingsHandler\Windows-Credentials\RetrySyncTask_for_S-1-5-21-87857065-1652397247-1537311187-1002 -> No File <==== ATTENTION
Task: {6B1AE720-1359-4B9E-9C0F-60167361EF01} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyRefreshTask
Task: {6B3696C4-F754-4B0F-970F-2884EBD0DD78} - \PaintTool SAI -> No File <==== ATTENTION
Task: {6D1C0035-5CAD-4340-A533-D63C9853BCC9} - System32\Tasks\Microsoft\Windows\Storage Tiers Management\Storage Tiers Management Initialization
Task: {6E8AE752-C5D2-4B34-B351-338B4370A342} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\HandleCommand
Task: {7AC5E1E2-2FD3-40CD-8842-88CE53A3609C} - System32\Tasks\Microsoft\Windows\DiskFootprint\StorageSense
Task: {82CB7EA4-EDD8-4917-9778-8C4C65925F28} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {8911480E-FA4E-438E-912E-BD222CB0D265} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-03-07] (Google Inc.)
Task: {8D791FAA-0257-4EBC-A6DD-74E842528806} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterDeviceSettingChange
Task: {9851188E-AC07-4F36-BA28-6D00BB2C9C46} - System32\Tasks\Microsoft\Windows\Device Information\Device => C:\Windows\system32\devicecensus.exe [2016-10-14] (Microsoft Corporation)
Task: {9F3184C6-D17F-4E22-867F-A7BA48C7E018} - System32\Tasks\Microsoft\Windows\Management\Provisioning\Logon => C:\Windows\system32\ProvTool.exe [2016-09-04] (Microsoft Corporation)
Task: {9F410FCD-368C-48B2-AFA1-A932E3150F8D} - System32\Tasks\ASUS\ASUS Manager HotKey Service => C:\Program Files (x86)\ASUS\ASUS Manager\AsHKService.exe [2014-03-19] (ASUSTeK Computer Inc.)
Task: {A43D038F-B8A3-49A9-8F85-F6FE5D7AE275} - System32\Tasks\Microsoft\Windows\ErrorDetails\EnableErrorDetailsUpdate
Task: {B320E058-C6FA-413F-876B-0C9B4428AE66} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterDevicePeriodic6
Task: {B6EE76B2-4F82-4E15-9345-C867A29CBAD0} - System32\Tasks\Microsoft\Windows\Speech\SpeechModelDownloadTask => C:\Windows\system32\speech_onecore\common\SpeechModelDownload.exe [2016-08-05] (Microsoft Corporation)
Task: {B8ABB6C3-F264-490B-A33B-8D1729DCAFD4} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {BDDEF317-2692-422F-AEA2-FFD67DC7CEA3} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterUserDevice
Task: {C125018F-0B81-4B64-B7DC-0E01220E5D0E} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterDeviceAccountChange
Task: {C24D5056-264E-455F-8AE1-6CA7CB717B87} - System32\Tasks\Microsoft\XblGameSave\XblGameSaveTask => C:\Windows\System32\XblGameSaveTask.exe [2016-07-16] (Microsoft Corporation)
Task: {C6B2579B-4962-4D12-883D-BBD420573A6C} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterDevicePeriodic1
Task: {C8F1E9D3-0E01-49F1-8A09-9797C651B5CC} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {CB7AD0F7-7719-4625-B257-ADB38FF8A2D8} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {CC636E49-0109-402B-A40B-A37C29069A95} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\LocateCommandUserSession
Task: {D085C19C-C229-43DE-832F-1342961E869A} - System32\Tasks\ASUS\Power_Manager_background => C:\Program Files (x86)\ASUS\ASUS Manager\Power Manager\Power Manager_background.exe [2014-02-20] (ASUSTeK)
Task: {D19A2726-897E-4F7D-9CE4-0773B449CE9E} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterDeviceConnectedToNetwork
Task: {D1E0F471-4827-49DE-88A4-ED40E2306F33} - System32\Tasks\ASUS\ASUS AiCharger_Desktop Execute => C:\Program Files (x86)\InstallShield Installation Information\{9AF45D7C-34F1-4BA0-B799-825C8C04494C}\AiChargerDT.exe [2013-04-02] (ASUSTek Computer Inc.)
Task: {D394BE25-2E16-45D4-AAB2-3E8861A09351} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyMonitorToastTask
Task: {D3C4106A-D511-42C6-9716-465644534C87} - System32\Tasks\microsoft\windows\applicationdata\appuriverifierinstall => C:\Windows\system32\AppHostRegistrationVerifier.exe [2016-07-16] (Microsoft Corporation)
Task: {D8604FA1-6F97-41DE-A1B0-990E5ECC99CA} - System32\Tasks\ASUS\ASUS AiCharger_II TrayIcon => C:\Program Files (x86)\ASUS\ASUS Manager\Ai Charger II\Ai_ChargerII_TrayIcon(ASUS_Manager).exe [2014-03-20] (ASUSTeK)
Task: {D8BCD53D-53CC-45BF-865A-D763432A558C} - System32\Tasks\Microsoft\Windows\License Manager\TempSignedLicenseExchange
Task: {D941F53F-7907-4FBE-B1E7-69EBD5B3A5D8} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterDeviceLocationRightsChange
Task: {DCF7C8F7-5057-45B9-9181-E1D404F59424} - System32\Tasks\Microsoft\Windows\ErrorDetails\ErrorDetailsUpdate
Task: {DDAECFC0-67E3-4062-BF25-CD685F73B394} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\IntegrityCheck
Task: {DEDFA5F4-F880-443B-B34C-3972D5DC985F} - System32\Tasks\Microsoft\XblGameSave\XblGameSaveTaskLogon => C:\Windows\System32\XblGameSaveTask.exe [2016-07-16] (Microsoft Corporation)
Task: {E0432AC2-46F4-4BEA-968C-162361B79C67} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {E25FFF60-8E5E-44F7-B86E-EA1B89F4BD06} - System32\Tasks\Microsoft\Windows\SpacePort\SpaceManagerTask => C:\Windows\system32\spaceman.exe [2016-09-15] (Microsoft Corporation)
Task: {E7836CCA-F69B-4240-B183-236A5AA4B99E} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2016-02-23] (Apple Inc.)
Task: {E7B04252-97CA-42C6-9920-F58B76B2C3E1} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterDevicePeriodic24
Task: {EA9BAA00-6604-4A27-8A73-AFA65F0EE1B3} - System32\Tasks\Microsoft\Windows\SharedPC\Account Cleanup => Rundll32.exe %windir%\System32\Windows.SharedPC.AccountManager.dll,StartMaintenance
Task: {ECEDC57D-8965-4EB1-BD6F-84791D928E23} - System32\Tasks\microsoft\windows\applicationdata\appuriverifierdaily => C:\Windows\system32\AppHostRegistrationVerifier.exe [2016-07-16] (Microsoft Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (Whitelisted) ==============

2014-04-15 18:07 - 2014-04-15 18:07 - 00127488 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.Wlan.dll
2016-09-01 17:12 - 2016-09-01 17:12 - 00092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2016-10-05 17:17 - 2016-10-05 17:17 - 01353528 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2016-01-09 16:52 - 2016-01-11 23:43 - 00291264 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamBase.dll
2015-05-17 10:52 - 2016-09-15 16:12 - 00075136 _____ () C:\WINDOWS\SysWoW64\PnkBstrA.exe
2014-09-11 23:42 - 2012-04-24 05:43 - 00390632 _____ () C:\Program Files\CyberLink\Shared files\RichVideo64.exe
2014-10-25 05:04 - 2013-11-06 05:58 - 00920736 ____R () C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe
2016-07-16 06:42 - 2016-07-16 06:42 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-09-29 17:04 - 2016-09-15 12:25 - 02681200 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2016-09-04 13:13 - 2016-08-01 07:54 - 00133056 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2016-09-29 17:04 - 2016-09-15 12:25 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2014-10-25 05:06 - 2014-06-03 17:59 - 00930448 _____ () C:\Program Files (x86)\ASUS\ASUS Manager\PC Cleanup\SecureDeleteBackground.exe
2016-09-29 17:04 - 2016-09-15 12:25 - 02681200 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll
2016-09-04 16:15 - 2016-09-04 16:15 - 01864384 _____ () C:\Users\Brad\AppData\Local\Microsoft\OneDrive\17.3.6517.0809_1\amd64\ClientTelemetry.dll
2016-09-13 16:34 - 2016-09-06 23:56 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2016-11-08 17:14 - 2016-11-02 05:30 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2016-11-08 17:13 - 2016-11-02 05:21 - 09760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-11-08 17:13 - 2016-11-02 05:15 - 01401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-11-08 17:13 - 2016-11-02 05:14 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2016-11-08 17:13 - 2016-11-02 05:15 - 01033216 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll
2016-11-08 17:13 - 2016-11-02 05:16 - 02424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-11-08 17:13 - 2016-11-02 05:17 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2016-11-17 16:15 - 2016-11-17 16:16 - 00072192 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.9.261.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2016-11-17 16:15 - 2016-11-17 16:16 - 00178688 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.9.261.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2016-11-17 16:15 - 2016-11-17 16:16 - 41609728 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.9.261.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2015-03-13 20:04 - 2016-01-11 23:43 - 00715712 _____ () C:\Program Files\NVIDIA Corporation\ShadowPlay\gamecaster64.dll
2015-03-13 20:04 - 2016-01-11 23:43 - 00861120 _____ () C:\Program Files\NVIDIA Corporation\ShadowPlay\twitchsdk64.dll
2016-11-22 20:50 - 2016-11-22 20:51 - 00019456 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.1118.10000.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
2016-11-22 20:50 - 2016-11-22 20:51 - 20433408 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.1118.10000.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll
2016-06-03 15:27 - 2016-06-03 15:28 - 00680448 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.1118.10000.0_x64__8wekyb3d8bbwe\Microsoft.DesignCore.dll
2016-11-22 20:50 - 2016-11-22 20:51 - 01046528 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.1118.10000.0_x64__8wekyb3d8bbwe\Microsoft.Sharing.dll
2016-11-22 20:50 - 2016-11-22 20:51 - 00353792 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.1118.10000.0_x64__8wekyb3d8bbwe\Photos.Inking.dll
2016-12-06 16:11 - 2016-12-06 16:11 - 00017408 _____ () C:\Program Files\WindowsApps\Microsoft.XboxApp_22.24.1006.0_x64__8wekyb3d8bbwe\XboxApp.exe
2016-12-06 16:11 - 2016-12-06 16:11 - 36747264 _____ () C:\Program Files\WindowsApps\Microsoft.XboxApp_22.24.1006.0_x64__8wekyb3d8bbwe\XboxApp.dll
2016-11-10 16:16 - 2016-11-10 16:16 - 00879104 _____ () C:\Program Files\WindowsApps\Microsoft.XboxApp_22.24.1006.0_x64__8wekyb3d8bbwe\sqlite3.dll
2016-07-30 14:47 - 2016-07-30 14:47 - 01651112 _____ () C:\Program Files\WindowsApps\Microsoft.XboxApp_22.24.1006.0_x64__8wekyb3d8bbwe\winsdkfb.dll
2013-04-12 12:23 - 2013-04-12 12:23 - 00612664 _____ () C:\Program Files (x86)\Panda Security\Panda Security Protection\SQLite3.dll
2014-10-25 05:04 - 2016-12-04 08:33 - 00026624 _____ () C:\Program Files (x86)\ASUS\AXSP\1.00.19\PEbiosinterface32.dll
2014-10-25 05:04 - 2010-06-28 21:58 - 00104448 ____R () C:\Program Files (x86)\ASUS\AXSP\1.00.19\ATKEX.dll
2015-05-18 10:47 - 2016-01-11 23:43 - 00018880 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2015-03-06 21:42 - 2016-08-31 20:02 - 04969248 _____ () C:\Program Files (x86)\Steam\v8.dll
2015-03-06 21:42 - 2016-10-12 20:58 - 02321696 _____ () C:\Program Files (x86)\Steam\video.dll
2015-03-06 21:42 - 2016-01-27 02:49 - 02549760 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll
2015-03-06 21:42 - 2016-01-27 02:49 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll
2015-03-06 21:42 - 2016-09-07 22:14 - 00784672 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2015-03-06 21:42 - 2016-01-27 02:49 - 00442880 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll
2015-03-06 21:42 - 2016-01-27 02:49 - 00491008 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll
2015-03-06 21:42 - 2016-01-27 02:49 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll
2015-03-06 21:42 - 2016-08-31 20:02 - 01563936 _____ () C:\Program Files (x86)\Steam\icui18n.dll
2015-03-06 21:42 - 2016-08-31 20:02 - 01195296 _____ () C:\Program Files (x86)\Steam\icuuc.dll
2015-03-06 21:42 - 2016-10-12 20:58 - 00836896 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2016-03-10 07:25 - 2016-07-04 17:17 - 00266560 _____ () C:\Program Files (x86)\Steam\openvr_api.dll
2016-09-04 16:15 - 2016-09-04 16:15 - 01383616 _____ () C:\Users\Brad\AppData\Local\Microsoft\OneDrive\17.3.6517.0809_1\ClientTelemetry.dll
2016-09-04 16:15 - 2016-09-04 16:15 - 00118976 _____ () C:\Users\Brad\AppData\Local\Microsoft\OneDrive\17.3.6517.0809_1\FileSyncViews.dll
2016-01-07 08:53 - 2016-01-17 14:46 - 03306496 _____ () C:\Program Files (x86)\BlueStacks\libGLESv2.dll
2016-10-15 20:52 - 2016-08-04 15:56 - 49825056 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.winxp\libcef.dll
2015-03-06 21:42 - 2015-09-24 18:52 - 00119208 _____ () C:\Program Files (x86)\Steam\winh264.dll
2016-11-14 16:05 - 2016-11-08 15:29 - 01819240 _____ () C:\Program Files (x86)\Google\Chrome\Application\54.0.2840.99\libglesv2.dll
2016-11-14 16:05 - 2016-11-08 15:29 - 00093288 _____ () C:\Program Files (x86)\Google\Chrome\Application\54.0.2840.99\libegl.dll
2016-11-08 16:37 - 2016-11-08 16:37 - 17772736 _____ () C:\Users\Brad\AppData\Local\Google\Chrome\User Data\PepperFlash\23.0.0.207\pepflashplayer.dll
 
Remainder of addition.txt

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Program Files\ATI Technologies:Win32App_1
AlternateDataStreams: C:\Program Files\Bonjour:Win32App_1
AlternateDataStreams: C:\Program Files\iTunes:Win32App_1
AlternateDataStreams: C:\Program Files\Microsoft LifeCam:Win32App_1
AlternateDataStreams: C:\Program Files\Nexus Mod Manager:Win32App_1
AlternateDataStreams: C:\Program Files\Panda Security URL Filtering:Win32App_1
AlternateDataStreams: C:\Program Files\RogueKiller:Win32App_1
AlternateDataStreams: C:\Program Files\TeamSpeak 3 Client:Win32App_1
AlternateDataStreams: C:\Program Files\WinRAR:Win32App_1
AlternateDataStreams: C:\Program Files (x86)\AmUStor:Win32App_1
AlternateDataStreams: C:\Program Files (x86)\Apple Software Update:Win32App_1
AlternateDataStreams: C:\Program Files (x86)\ATI Technologies:Win32App_1
AlternateDataStreams: C:\Program Files (x86)\Battle.net:Win32App_1
AlternateDataStreams: C:\Program Files (x86)\BlueStacks:Win32App_1
AlternateDataStreams: C:\Program Files (x86)\Bonjour:Win32App_1
AlternateDataStreams: C:\Program Files (x86)\Chapter and Verse:Win32App_1
AlternateDataStreams: C:\Program Files (x86)\Diablo III:Win32App_1
AlternateDataStreams: C:\Program Files (x86)\ffdshow:Win32App_1
AlternateDataStreams: C:\Program Files (x86)\Greenfish Icon Editor Pro 3.1:Win32App_1
AlternateDataStreams: C:\Program Files (x86)\iExplorer:Win32App_1
AlternateDataStreams: C:\Program Files (x86)\Malwarebytes Anti-Malware:Win32App_1
AlternateDataStreams: C:\Program Files (x86)\Microsoft LifeCam:Win32App_1
AlternateDataStreams: C:\Program Files (x86)\Microsoft SQL Server Compact Edition:Win32App_1
AlternateDataStreams: C:\Program Files (x86)\MSXML 4.0:Win32App_1
AlternateDataStreams: C:\Program Files (x86)\OpenOffice 4:Win32App_1
AlternateDataStreams: C:\Program Files (x86)\Origin:Win32App_1
AlternateDataStreams: C:\Program Files (x86)\QuickTime:Win32App_1
AlternateDataStreams: C:\Program Files (x86)\REALTEK PCIE Wireless LAN Driver:Win32App_1
AlternateDataStreams: C:\Program Files (x86)\The Witcher 2:Win32App_1
AlternateDataStreams: C:\Program Files (x86)\Windows Live:Win32App_1
AlternateDataStreams: C:\WINDOWS\SysWOW64:Win32App_1
AlternateDataStreams: C:\ProgramData\BlueStacks:Win32App_1
AlternateDataStreams: C:\ProgramData\regid.1991-06.com.microsoft:Win32App_1
AlternateDataStreams: C:\Users\Brad\OneDrive:ms-properties
AlternateDataStreams: C:\Users\Brad\AppData\Roaming\Curse Client:Win32App_1

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iai2c.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SpbCx.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\uefi.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52} => ""="Firmware"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SpbCx.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\uefi.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52} => ""="Firmware"

==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-87857065-1652397247-1537311187-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\Brad\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\cool-wallpapers-2015 (1).jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

HKLM\...\StartupApproved\StartupFolder: => "Audible Download Manager.lnk"
HKLM\...\StartupApproved\Run: => "Logitech Download Assistant"
HKLM\...\StartupApproved\Run: => "BtServer"
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run32: => "StartCCC"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [WirelessDisplay-Infra-In-TCP] => (Allow) %systemroot%\system32\CastSrv.exe
FirewallRules: [{FD7FA108-6D6E-4EF2-B14A-C4B063A43D8B}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\Mass Effect 2\MassEffect2Launcher.exe
FirewallRules: [{5D8EE44B-D298-4024-BDF4-FE4620D72B95}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\Mass Effect 2\MassEffect2Launcher.exe
FirewallRules: [{C501F941-2913-458F-93CC-D133041D12D0}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\Mass Effect 2\Binaries\MassEffect2.exe
FirewallRules: [{E9C4D597-C0CF-4CFE-AE51-0F5653874A6C}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\Mass Effect 2\Binaries\MassEffect2.exe
FirewallRules: [{D52BD1BD-79C4-47E9-9EE6-546884AD82B6}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\Mass Effect\Binaries\MassEffect.exe
FirewallRules: [{026A1224-FD9E-4E0B-87BA-D6765957968E}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\Mass Effect\Binaries\MassEffect.exe
FirewallRules: [{F04D8AF1-E550-48A4-A990-38A436792E5B}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\No Man's Sky\Binaries\NMS.exe
FirewallRules: [{A4B0E13C-3A34-4F55-A1F9-067395D3D46F}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\No Man's Sky\Binaries\NMS.exe
FirewallRules: [UDP Query User{E7745687-946C-4C06-B825-4373441FD4A6}C:\program files (x86)\diablo iii\diablo iii.exe] => (Block) C:\program files (x86)\diablo iii\diablo iii.exe
FirewallRules: [TCP Query User{8FA6B061-8BB5-4EFD-8AF7-64FC7D2CE48C}C:\program files (x86)\diablo iii\diablo iii.exe] => (Block) C:\program files (x86)\diablo iii\diablo iii.exe
FirewallRules: [{E714F4EE-6114-478F-91F0-98C1807A6D64}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\Gloria Victis\gv.exe
FirewallRules: [{139EF27B-03FC-4F8D-8E7A-869E2A891C92}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\Gloria Victis\gv.exe
FirewallRules: [{879B5265-8E68-4E68-920C-20E053CB2045}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\Whos Your Daddy\WhosYourDaddy.exe
FirewallRules: [{C1DEB955-797B-4D64-A7A3-DE6458B9B402}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\Whos Your Daddy\WhosYourDaddy.exe
FirewallRules: [{C3D9A6FD-B14E-412E-9BD5-F46310E87A3B}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\Undertale\UNDERTALE.exe
FirewallRules: [{E95DCB81-CE2A-44DE-B17E-9D615794B712}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\Undertale\UNDERTALE.exe
FirewallRules: [{0ECF37E4-E0AC-4A0D-B764-ADBAB930F136}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\AoW3\AoW3_Debug.exe
FirewallRules: [{204B5C8F-1138-49FA-B85B-A67FA62E1CB9}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\AoW3\AoW3_Debug.exe
FirewallRules: [{3644C81C-52B1-4357-A626-77F8B6247035}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\AoW3\AoW3.exe
FirewallRules: [{A2939D75-8C70-4D6E-9E93-0EE50FE535CF}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\AoW3\AoW3.exe
FirewallRules: [{6B829317-9D5C-4B29-815C-1680E49BD7A8}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\AoW3\AoW3Launcher.exe
FirewallRules: [{FA635E5A-99AC-49FC-8C7C-3A64F74D06C8}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\AoW3\AoW3Launcher.exe
FirewallRules: [UDP Query User{3EA6E349-92A7-4455-A76D-68954C6EF9D6}D:\program files (x86)\steamlibrary\steamapps\common\total war rome ii\rome2.exe] => (Allow) D:\program files (x86)\steamlibrary\steamapps\common\total war rome ii\rome2.exe
FirewallRules: [TCP Query User{5AA84595-8043-4988-A0B8-2140C1AC0169}D:\program files (x86)\steamlibrary\steamapps\common\total war rome ii\rome2.exe] => (Allow) D:\program files (x86)\steamlibrary\steamapps\common\total war rome ii\rome2.exe
FirewallRules: [{6C7FA9D1-B4A7-44F7-BCC4-4A71D3102E9C}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\There's Poop In My Soup\PoopInMySoup.exe
FirewallRules: [{D3512B7A-F61E-4DFC-ADA9-8D9EACB5D9F9}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\There's Poop In My Soup\PoopInMySoup.exe
FirewallRules: [{B6633643-478C-44C8-AF5D-F80B3402D8E9}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\Dying Light\DevTools\DyingLightPlayer.exe
FirewallRules: [{003E745B-5F5D-4ECD-A713-46FCD9309C69}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\Dying Light\DevTools\DyingLightPlayer.exe
FirewallRules: [{F931E38C-B4EE-4A0B-B707-E2ED6A3E76C5}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\Sol Exodus\Binaries\Win32\SOLExodus.exe
FirewallRules: [{1D500FC9-78AC-47A7-B2D1-C7BFD94824D0}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\Sol Exodus\Binaries\Win32\SOLExodus.exe
FirewallRules: [{66B9D1FB-1CB3-4066-B5B4-1192A2FE64A7}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\Starpoint Gemini 2\StarpointGemini2.exe
FirewallRules: [{35B742C3-D391-491A-A86A-7BC65B26CEBA}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\Starpoint Gemini 2\StarpointGemini2.exe
FirewallRules: [UDP Query User{13EE75D6-289E-4AC1-909A-09C9BCDC1EF9}D:\program files\cloud imperium games\starcitizen\public\bin64\starcitizen.exe] => (Allow) D:\program files\cloud imperium games\starcitizen\public\bin64\starcitizen.exe
FirewallRules: [TCP Query User{289EC01C-9E57-471F-873B-DFD85B467EF7}D:\program files\cloud imperium games\starcitizen\public\bin64\starcitizen.exe] => (Allow) D:\program files\cloud imperium games\starcitizen\public\bin64\starcitizen.exe
FirewallRules: [UDP Query User{5953F793-FADA-4637-A03D-BC98AD603D47}D:\program files\cloud imperium games\patcher\cigpatcher.exe] => (Allow) D:\program files\cloud imperium games\patcher\cigpatcher.exe
FirewallRules: [TCP Query User{07A61C72-7E0C-4D7D-94DB-B6125C7342C5}D:\program files\cloud imperium games\patcher\cigpatcher.exe] => (Allow) D:\program files\cloud imperium games\patcher\cigpatcher.exe
FirewallRules: [{41EB07CE-1B46-45C4-8F1D-554CA375C1E6}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\Kerbal Space Program\KSP_x64.exe
FirewallRules: [{839DABED-862D-437C-B1C9-2A95177C536E}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\Kerbal Space Program\KSP_x64.exe
FirewallRules: [{9B4EA84D-EA74-4CDE-9088-AB058A79CC0F}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\Metro Last Light\MetroLL.exe
FirewallRules: [{9DC789BC-D1C9-4405-9BC9-C57559B51B3A}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\Metro Last Light\MetroLL.exe
FirewallRules: [{15C2743A-47A9-4D49-9FD0-46F96DFDD536}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\ShadowOfMordor\x64\ShadowOfMordor.exe
FirewallRules: [{53186DF6-2894-4FEF-9932-8449E7FCD15F}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\ShadowOfMordor\x64\ShadowOfMordor.exe
FirewallRules: [UDP Query User{B161E441-1828-4278-8A1E-981D553BC68B}C:\users\brad\appdata\local\frontier_developments\products\combat_tutorial_demo\elitedangerous32.exe] => (Allow) C:\users\brad\appdata\local\frontier_developments\products\combat_tutorial_demo\elitedangerous32.exe
FirewallRules: [TCP Query User{443E3D95-ACC6-4071-A729-C92E41406CB2}C:\users\brad\appdata\local\frontier_developments\products\combat_tutorial_demo\elitedangerous32.exe] => (Allow) C:\users\brad\appdata\local\frontier_developments\products\combat_tutorial_demo\elitedangerous32.exe
FirewallRules: [UDP Query User{5E25A5F9-07E6-42A4-81B8-A04E2DC4B85D}D:\program files (x86)\steamlibrary\steamapps\common\elite dangerous\products\elite-dangerous-64\elitedangerous64.exe] => (Allow) D:\program files (x86)\steamlibrary\steamapps\common\elite dangerous\products\elite-dangerous-64\elitedangerous64.exe
FirewallRules: [TCP Query User{AA0476B2-B61B-46C0-B450-80B08DFE740C}D:\program files (x86)\steamlibrary\steamapps\common\elite dangerous\products\elite-dangerous-64\elitedangerous64.exe] => (Allow) D:\program files (x86)\steamlibrary\steamapps\common\elite dangerous\products\elite-dangerous-64\elitedangerous64.exe
FirewallRules: [UDP Query User{43F53460-66DC-4019-9DA9-C944EF36F20D}C:\users\brad\appdata\local\frontier_developments\products\elite-dangerous-64\elitedangerous64.exe] => (Allow) C:\users\brad\appdata\local\frontier_developments\products\elite-dangerous-64\elitedangerous64.exe
FirewallRules: [TCP Query User{253EC5B8-8F42-4989-B770-28CFC41274B3}C:\users\brad\appdata\local\frontier_developments\products\elite-dangerous-64\elitedangerous64.exe] => (Allow) C:\users\brad\appdata\local\frontier_developments\products\elite-dangerous-64\elitedangerous64.exe
FirewallRules: [{6606FE1A-1335-43D4-B3BF-633F895C1EF7}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\GoatSimulator\Binaries\Win32\GoatGame-Win32-Shipping.exe
FirewallRules: [{DC2A561A-88F7-4635-A442-7AA775FBDBDF}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\GoatSimulator\Binaries\Win32\GoatGame-Win32-Shipping.exe
FirewallRules: [{CC759BE9-2EF2-4D24-9C0A-745FD29A502E}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\iambread\IamBread.exe
FirewallRules: [{FE38B6E0-A33E-4188-B724-E514B383ECAF}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\iambread\IamBread.exe
FirewallRules: [{F403F37A-BDEB-40B5-9A81-06F06C8CE692}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame_BE.exe
FirewallRules: [{1123A85F-96D3-4E4B-A7A3-4CE5BDD289C6}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame_BE.exe
FirewallRules: [{8738B40A-9F87-44D9-A64E-5CC5574CE487}] => (Allow) C:\Program Files (x86)\pandasecuritytb\cleanupie.exe
FirewallRules: [{3CD73411-B351-4198-8148-D5B96D5B84C0}] => (Allow) C:\Program Files (x86)\pandasecuritytb\cleanupie.exe
FirewallRules: [{BE18DFBA-E558-4D37-BF1C-695BBA681C23}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\Double Action\bin\hlmv.exe
FirewallRules: [{540B5E2F-302E-4371-B389-9A101F6B5514}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\Double Action\bin\hlmv.exe
FirewallRules: [{72E15DEF-3523-4215-A37E-CDA60EC29234}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\Subnautica\Subnautica.exe
FirewallRules: [{46B83677-30FE-45AE-8D42-F9097C19FCD6}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\Subnautica\Subnautica.exe
FirewallRules: [UDP Query User{8E629DEE-8999-4CBE-BF56-136D68373701}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [TCP Query User{9965D2AB-9556-4660-897C-58D9198D5596}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{BB9A6275-C615-4F79-99DA-D5D8D44380C0}D:\program files (x86)\steamlibrary\steamapps\common\ark\shootergame\binaries\win64\shootergameserver.exe] => (Block) D:\program files (x86)\steamlibrary\steamapps\common\ark\shootergame\binaries\win64\shootergameserver.exe
FirewallRules: [TCP Query User{0FBBFE29-2FFA-46D4-8825-872F212E6AA9}D:\program files (x86)\steamlibrary\steamapps\common\ark\shootergame\binaries\win64\shootergameserver.exe] => (Block) D:\program files (x86)\steamlibrary\steamapps\common\ark\shootergame\binaries\win64\shootergameserver.exe
FirewallRules: [{F478D37C-A908-467E-BDC4-45E4D7073221}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame.exe
FirewallRules: [{20699B1B-BB3C-421B-A9F4-6E8B40D36BBB}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame.exe
FirewallRules: [{6343B2FC-0AC7-4C44-A029-CB8AF4EC46FC}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\Rust\Rust.exe
FirewallRules: [{A320756E-D5F9-4D12-8FB7-23080AF1A300}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\Rust\Rust.exe
FirewallRules: [{1D953AB8-D4FA-40E4-ACCA-792C2E33BAEF}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\Double Action\hl2.exe
FirewallRules: [{C855ADFA-3F63-43D1-9395-DA463F97BB34}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\Double Action\hl2.exe
FirewallRules: [{C84730B9-637A-40CC-A0E3-0EE376314BD0}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\PAYDAY 2\payday2_win32_release.exe
FirewallRules: [{77AD4C04-F787-405E-AC6A-5BBADAE78A04}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\PAYDAY 2\payday2_win32_release.exe
FirewallRules: [UDP Query User{52612F36-5605-414A-9A29-3766E19E7F41}D:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) D:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [TCP Query User{7240DEEC-8B14-4886-863B-FBD0D1392A3B}D:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) D:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [{A5BD78AB-2F52-43CE-8738-194A89039243}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\BioShock Infinite\Binaries\Win32\BioShockInfinite.exe
FirewallRules: [{6703B5F9-C398-4CC7-95B6-0EFBF7745ADC}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\BioShock Infinite\Binaries\Win32\BioShockInfinite.exe
FirewallRules: [{B11E7C72-D50F-4CC7-8D90-DCF51DC9B973}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\Assassin's Creed 3\AC3MP.exe
FirewallRules: [{E4C89464-E3A8-4399-8AF2-93BE8EA07934}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\Assassin's Creed 3\AC3MP.exe
FirewallRules: [{7C6DF882-7AFB-4AF8-BD8E-A40276A4CAE3}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\Assassin's Creed 3\AC3SP.exe
FirewallRules: [{21C1DA96-1568-4CD9-B66E-E8FE05B23625}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\Assassin's Creed 3\AC3SP.exe
FirewallRules: [{8F3B6732-6B20-49A8-A59A-7EFC04BBECB0}] => (Allow) C:\Program Files (x86)\pandasecuritytb\dtUser.exe
FirewallRules: [{5A31A31E-5D33-458B-81E3-9AC31FBDA137}] => (Allow) C:\Program Files (x86)\pandasecuritytb\dtUser.exe
FirewallRules: [{89B81687-4988-4ADD-8806-106730566A16}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\Call of Duty World at War\CoDWaWmp.exe
FirewallRules: [{F9ADCC3B-9FB4-47E9-A236-C118981E0021}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\Call of Duty World at War\CoDWaWmp.exe
FirewallRules: [{6B5CDA66-CBAE-4EB5-B48E-CC8438E3CE16}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\Call of Duty World at War\CoDWaW.exe
FirewallRules: [{6450EEC5-99CC-4AE1-8A4E-74941E5A92CF}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\Call of Duty World at War\CoDWaW.exe
FirewallRules: [{7537D7D7-D4F8-4346-B4FC-870A981A3784}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\GarrysMod\hl2.exe
FirewallRules: [{CC1C41F8-35CD-4D3A-8750-B051FD95A71F}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\GarrysMod\hl2.exe
FirewallRules: [{71E2388D-A329-492E-8DCA-E6EC93EB5AFB}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\Dying Light\DevTools\DyingLightPlayer.exe
FirewallRules: [{EA3E41E8-D2A1-4DFF-8FBD-98FACBA23C7D}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\Dying Light\DevTools\DyingLightPlayer.exe
FirewallRules: [{43E7B047-0412-49FA-8904-EE246DA031AA}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\Elite Dangerous\EDLaunch.exe
FirewallRules: [{3A2798E8-423B-40C4-8121-93502E0FF4F9}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\Elite Dangerous\EDLaunch.exe
FirewallRules: [{BF2CC9B8-3C2A-4DA6-B873-E61AB8331B46}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\Creativerse\Creativerse.exe
FirewallRules: [{6C0B08C3-1985-4E3C-8D31-B49668AE662A}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\Creativerse\Creativerse.exe
FirewallRules: [{5B341CB5-9523-4BD2-B984-67F79E421874}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\Wolfenstein.The.New.Order\WolfNewOrder_x64.exe
FirewallRules: [{391947C5-0E7A-49CE-BBF1-2C5B0E060D5F}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\Wolfenstein.The.New.Order\WolfNewOrder_x64.exe
FirewallRules: [{D32CE20E-35FB-44A3-9571-8E9BFCC09499}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{1856723A-D053-4209-A3EA-F55F11FEC0C2}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{6FF91C2B-F24B-4088-BD2E-EFCA8F033557}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\Five Nights at Freddy's 3\FiveNightsatFreddys3.exe
FirewallRules: [{388695DE-30A9-4A04-A9B7-AA02BB709B9D}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\Five Nights at Freddy's 3\FiveNightsatFreddys3.exe
FirewallRules: [{0273FDC2-C6F1-407F-9C78-E5D12AD896D1}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [{2552EBC6-4FC0-4AD5-A59E-34431A8CE6DE}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [{9C906C2B-731E-4520-B7AB-D6EE982141C5}] => (Allow) D:\Program Files (x86)\MAGIX\Movie Edit Pro Plus 2015\Videodeluxe.exe
FirewallRules: [{A0D295BE-5A0B-4213-9E7E-51D9CE5369EA}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\Kerbal Space Program\KSP.exe
FirewallRules: [{B74ABFD0-55F1-458A-A7EC-29D4DBC1F3A6}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\Kerbal Space Program\KSP.exe
FirewallRules: [{FDAE7E8A-CCD3-4C18-AAF3-9E1C77CD5791}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\Dying Light\DyingLightGame.exe
FirewallRules: [{6FD87114-7869-45F7-89B9-FD0D19A0677E}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\Dying Light\DyingLightGame.exe
FirewallRules: [{02AB8052-514D-47CF-A4C8-78C67862A48C}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\Spore\SporebinEP1\SporeApp.exe
FirewallRules: [{7EEC777D-9FBE-4CDE-8692-B4004C83611E}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\Spore\SporebinEP1\SporeApp.exe
FirewallRules: [{419A5F97-E1A6-41DF-85EA-C575F667D8FD}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [{05C5038B-AAAA-4E59-B316-32A4DDE71544}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [{A8D8A3FA-8A03-4045-98F2-8FBB41449B28}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ShadowOfMordor\x64\ShadowOfMordor.exe
FirewallRules: [{4F2667FE-C19E-4674-82F2-15D3E5B31D0A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ShadowOfMordor\x64\ShadowOfMordor.exe
FirewallRules: [{9812F379-52C1-49DC-9C7E-08DA8D07641C}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{FFA56B16-0830-4036-A5EC-5133ED417912}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{B0D469A3-B513-48F0-A0F4-F40D191AFC9A}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{E1DEAFF5-2A31-4ECB-917C-E7BA9AEE765A}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{8655B431-EBA2-4A79-BE4C-F792E28F53FF}] => (Allow) LPort=1900
FirewallRules: [{CC7BDC64-BF65-439B-AB9C-615622B2511A}] => (Allow) LPort=2869
FirewallRules: [{7863A705-53AA-4D7C-BF74-76EF8141ADD5}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{1D9C79E8-F90F-4E7A-AD6E-6149E8D7833F}] => (Allow) C:\Program Files\CyberLink\PowerDirector10\PDR10.EXE
FirewallRules: [{CBE06FFD-3C7C-46E6-89F1-EB8173BA7364}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{456415DA-51FD-45E4-AD1B-794195D15EF1}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{5BC141E2-6EFD-43DB-BBD4-9BC281C82E08}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{973F0F0E-639D-407B-85F4-C26CA46587A5}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{B4281BF7-F46B-4797-BD7B-09F28E93FEEA}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{1676D645-66E7-4E96-8156-C6D242C4D49F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [TCP Query User{B7DBD7AD-61D2-4B0D-9082-8B14E0AA9BEC}C:\users\brad\appdata\local\frontier_developments\products\forc-fdev-d-1010\elitedangerous32.exe] => (Allow) C:\users\brad\appdata\local\frontier_developments\products\forc-fdev-d-1010\elitedangerous32.exe
FirewallRules: [UDP Query User{78D7BD0D-AD50-4E17-9FF2-B8AEE9C56059}C:\users\brad\appdata\local\frontier_developments\products\forc-fdev-d-1010\elitedangerous32.exe] => (Allow) C:\users\brad\appdata\local\frontier_developments\products\forc-fdev-d-1010\elitedangerous32.exe
FirewallRules: [{221079D4-86B4-48B5-99B6-05710FEBC4D9}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\Saints Row IV\SaintsRowIV.exe
FirewallRules: [{13F55B59-03CF-4E5F-A680-F69B7D82DA92}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\Saints Row IV\SaintsRowIV.exe
FirewallRules: [{A3D57B0F-5031-4A66-8251-E417DE16F6D8}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{C3808DF4-46F5-4E2C-BD1B-7B4398B4B0A4}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{0E964BA2-1811-4103-AFCB-57F816D96904}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{5D0F1046-14AD-4DA1-9DB6-33C8192C49B1}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{3EA294BB-50A5-4D24-9414-013A8A548092}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\Total War Rome II\launcher\launcher.exe
FirewallRules: [{FE14DFA0-30B7-4125-B343-7983AB672A57}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\Total War Rome II\launcher\launcher.exe
FirewallRules: [{80254282-3277-4C38-9307-2B1832F26D14}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{71F6D9AD-71A8-464F-9C90-3D6823AC71D5}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{3800ED9E-4D6E-4FC5-8E8D-D90AB2959858}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\Besiege\Besiege.exe
FirewallRules: [{173F194C-E163-499C-A215-FB3B94F4FC8F}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\Besiege\Besiege.exe
FirewallRules: [TCP Query User{53A517BC-3BEC-4585-92F7-4C05A9DA2172}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{D63E2A60-6324-4537-AD39-1395EA3A2675}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{D191D7A3-C5F2-4590-B2B2-F6A2FE1A8C4B}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{E15A0304-539D-4778-A527-52C6AA6DF4FC}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{A4F055E2-57FB-4DFE-BFFC-E346CAEEFD81}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{F19D9295-4AE1-48B1-A677-D5B6B0657E7D}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{C2C6C97A-4224-466E-AB30-E194977D3178}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed Brotherhood\ACBSP.exe
FirewallRules: [{372E3892-4279-4FA7-8FB4-78553F107114}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed Brotherhood\ACBSP.exe
FirewallRules: [{36E7668C-AB74-4B2F-B2EF-284EFB934D42}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed Brotherhood\ACBMP.exe
FirewallRules: [{382EC472-28A2-4E07-870E-41544A0D5FDB}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed Brotherhood\ACBMP.exe
FirewallRules: [{F216DDFD-4084-43E3-BF32-D1AE6844B812}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed Brotherhood\AssassinsCreedBrotherhood.exe
FirewallRules: [{A399EC2E-0980-4E7B-B9D3-0355CB194F64}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed Brotherhood\AssassinsCreedBrotherhood.exe
FirewallRules: [{B5F3D0A5-8D06-4174-8D14-2F6BA4DE2FBB}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed Brotherhood\UPlayBrowser.exe
FirewallRules: [{5975FDAD-E6B7-4D0C-B7DF-697DBAD42459}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed Brotherhood\UPlayBrowser.exe
FirewallRules: [TCP Query User{A1334F68-6DA3-4B32-8C16-F6E42A3A5766}C:\users\brad\appdata\roaming\mjusbsp\magicjack.exe] => (Allow) C:\users\brad\appdata\roaming\mjusbsp\magicjack.exe
FirewallRules: [UDP Query User{FA2D4AB3-B7F5-4F30-A163-03D32890381A}C:\users\brad\appdata\roaming\mjusbsp\magicjack.exe] => (Allow) C:\users\brad\appdata\roaming\mjusbsp\magicjack.exe
FirewallRules: [TCP Query User{07A29E1B-62B3-4713-B060-38563486B732}C:\users\brad\documents\curse\minecraft\install\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\users\brad\documents\curse\minecraft\install\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{502A556B-A82C-41A6-8F73-51DEB482A627}C:\users\brad\documents\curse\minecraft\install\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\users\brad\documents\curse\minecraft\install\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [{FDF03BC4-8FF1-4DFA-89B6-27FDE3DD12D3}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\Double Action\bin\hammer.exe
FirewallRules: [{2C4C3F1E-0247-45CF-9ED7-73B4005A6C8D}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\Double Action\bin\hammer.exe
FirewallRules: [TCP Query User{A51C40B6-3B81-43F5-B425-6BBEEFB9E9CA}C:\program files\java\jre1.8.0_73\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_73\bin\javaw.exe
FirewallRules: [UDP Query User{DF080982-57C4-4E63-A4CA-ED7833A94301}C:\program files\java\jre1.8.0_73\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_73\bin\javaw.exe
FirewallRules: [{2B118DA8-2555-4C4B-A342-587A25FED9B2}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\Firewatch\Firewatch.exe
FirewallRules: [{C05C53F4-3BDB-4142-91EC-8A0F1DA74A3A}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\Firewatch\Firewatch.exe
FirewallRules: [{C2C149E6-7EF2-48E8-AA40-8E7DB2A051D8}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\The Stanley Parable\stanley.exe
FirewallRules: [{A5829422-8AD6-465E-BBC4-17D4AC005CEA}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\The Stanley Parable\stanley.exe
FirewallRules: [{0B7D58A6-3B01-4D45-A904-82AA6E6389E7}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{47ACB1F9-B964-4328-B01D-E22E06705C9A}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\Warhammer End Times Vermintide\launcher\launcher.exe
FirewallRules: [{CB76068B-372C-4513-A3E9-24EEDCAF6172}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\Warhammer End Times Vermintide\launcher\launcher.exe
FirewallRules: [{A1723076-9A04-42D4-B9FB-A5D6A7A6A308}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\Warhammer End Times Vermintide\binaries\vermintide.exe
FirewallRules: [{C54A2F40-DA8D-4C27-BB48-6207C122FD2E}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\Warhammer End Times Vermintide\binaries\vermintide.exe
FirewallRules: [{EB9ED21F-1659-4690-9E42-DCC092B61DA0}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{F194FE9A-ED0D-4324-8F70-A28E3BF68836}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\TigerKnight_EW\frontend\bin\frontend.exe
FirewallRules: [{E6152755-A150-4F59-9439-FE74D04BB08C}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\TigerKnight_EW\frontend\bin\frontend.exe

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (12/06/2016 06:05:28 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: BITSC:\Windows\System32\bitsperf.dll8

Error: (12/06/2016 05:07:21 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: WmiApRplC:\WINDOWS\system32\wbem\wmiaprpl.dll4

Error: (12/06/2016 05:07:21 PM) (Source: Perflib) (EventID: 1023) (User: )
Description: rdyboost4

Error: (12/06/2016 05:07:21 PM) (Source: PerfNet) (EventID: 2004) (User: )
Description:

Error: (12/06/2016 05:07:21 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: MSDTCC:\WINDOWS\system32\msdtcuiu.DLL4

Error: (12/06/2016 05:07:21 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: LsaC:\Windows\System32\Secur32.dll4

Error: (12/06/2016 05:07:21 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: ESENTC:\WINDOWS\system32\esentprf.dll4

Error: (12/06/2016 05:07:21 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: BITSC:\Windows\System32\bitsperf.dll4

Error: (12/06/2016 05:07:21 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: .NETFrameworkC:\WINDOWS\system32\mscoree.dll4

Error: (12/06/2016 04:05:03 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: WmiApRplC:\WINDOWS\system32\wbem\wmiaprpl.dll4


System errors:
=============
Error: (12/06/2016 04:07:21 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: {784E29F4-5EBE-4279-9948-1E8FE941646D}

Error: (12/06/2016 04:07:16 PM) (Source: volsnap) (EventID: 35) (User: )
Description: The shadow copies of volume C: were aborted because the shadow copy storage failed to grow.

Error: (12/06/2016 04:04:21 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalActivation{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (Using LRPC)UnavailableUnavailable

Error: (12/06/2016 04:04:21 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalActivation{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (Using LRPC)UnavailableUnavailable

Error: (12/06/2016 04:04:21 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalActivation{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}{F72671A9-012C-4725-9D2F-2A4D32D65169}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)UnavailableUnavailable

Error: (12/05/2016 04:05:20 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: {784E29F4-5EBE-4279-9948-1E8FE941646D}

Error: (12/05/2016 04:02:17 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalActivation{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}{F72671A9-012C-4725-9D2F-2A4D32D65169}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)UnavailableUnavailable

Error: (12/05/2016 04:02:17 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalActivation{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (Using LRPC)UnavailableUnavailable

Error: (12/05/2016 04:02:17 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalActivation{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (Using LRPC)UnavailableUnavailable

Error: (12/04/2016 08:58:00 PM) (Source: volsnap) (EventID: 35) (User: )
Description: The shadow copies of volume C: were aborted because the shadow copy storage failed to grow.


==================== Memory info ===========================

Processor: AMD A10-6700 APU with Radeon(tm) HD Graphics
Percentage of memory in use: 23%
Total physical RAM: 12227.93 MB
Available physical RAM: 9323.87 MB
Total Virtual: 14083.93 MB
Available Virtual: 10589.75 MB

==================== Drives ================================

Drive c: (Windows) (Fixed) (Total:150 GB) (Free:6.62 GB) NTFS
Drive d: (Data) (Fixed) (Total:762.98 GB) (Free:240.35 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 5D8B4C82)

Partition: GPT.

==================== End of Addition.txt ============================
 
Download attached fixlist.txt file and save it to the Desktop.
NOTE. It's important that both files, FRST and fixlist.txt are in the same location or the fix will not work.

NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

Run FRST(FRST64) and press the Fix button just once and wait.
The tool will make a log on the Desktop (Fixlog.txt). Please post it to your reply.
 

Attachments

  • fixlist.txt
    5.5 KB · Views: 1
fixlog.txt

Fix result of Farbar Recovery Scan Tool (x64) Version:04-10-2015
Ran by Brad (2016-12-09 23:41:55) Run:1
Running from C:\Users\Brad\Desktop\techspot help
Loaded Profiles: Brad (Available Profiles: Brad)
Boot Mode: Normal
==============================================

fixlist content:
*****************
GroupPolicyScripts-x32: Restriction <======= ATTENTION
BHO: Panda Security Toolbar -> {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} -> C:\Program Files (x86)\pandasecuritytb\pandasecurityDx64.dll No File
Toolbar: HKLM - Panda Security Toolbar - {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} - C:\Program Files (x86)\pandasecuritytb\pandasecurityDx64.dll No File
FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor => not found
2015-07-23 16:50 - 2015-07-23 17:36 - 0000154 _____ () C:\Users\Brad\AppData\Roaming\Rim.Desktop.Exception.log
2015-07-23 16:49 - 2015-07-23 17:43 - 0001937 _____ () C:\Users\Brad\AppData\Roaming\Rim.Desktop.HttpServerSetup.log
2015-07-23 16:50 - 2015-07-23 17:36 - 0000154 _____ () C:\Users\Brad\AppData\Roaming\Rim.DesktopHelper.Exception.log
2015-03-06 21:23 - 2015-08-07 07:57 - 0324696 _____ () C:\Users\Brad\AppData\Local\BTServer.log
2015-07-23 16:51 - 2015-07-23 17:36 - 0009216 _____ () C:\Users\Brad\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2016-09-04 13:12 - 2016-09-04 13:12 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2016-11-26 11:53 - 2016-11-26 11:53 - 0000148 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc
C:\Users\Brad\AppData\Local\Temp\dllnt_dump.dll
C:\Users\Brad\AppData\Local\Temp\libeay32.dll
C:\Users\Brad\AppData\Local\Temp\msvcr120.dll
C:\Users\Brad\AppData\Local\Temp\sqlite3.dll
Task: {0AF11BCF-36AC-4135-A633-784574D35EEC} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {0D92C8C4-B52C-4824-9A1A-2A7812640DB5} - \WPD\SqmUpload_S-1-5-21-87857065-1652397247-1537311187-1002 -> No File <==== ATTENTION
Task: {2D1620AA-F39C-43C0-9607-476B5BE52DD6} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {32993286-670A-49AE-BF30-68A657C708C8} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {52107243-CB48-4679-ADAC-EF4F27238A0A} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {5B340A8F-7F13-4F86-ADF8-FBC0BED531D2} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {5F5E675A-EDB6-4985-BFFF-FB65084C8FC4} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {6AFC80EC-F164-4C49-928B-79148EAEE309} - \GenericSettingsHandler\Windows-Credentials\RetrySyncTask_for_S-1-5-21-87857065-1652397247-1537311187-1002 -> No File <==== ATTENTION
Task: {6B3696C4-F754-4B0F-970F-2884EBD0DD78} - \PaintTool SAI -> No File <==== ATTENTION
Task: {82CB7EA4-EDD8-4917-9778-8C4C65925F28} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {B8ABB6C3-F264-490B-A33B-8D1729DCAFD4} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {C8F1E9D3-0E01-49F1-8A09-9797C651B5CC} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {CB7AD0F7-7719-4625-B257-ADB38FF8A2D8} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {E0432AC2-46F4-4BEA-968C-162361B79C67} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
AlternateDataStreams: C:\Program Files\ATI Technologies:Win32App_1
AlternateDataStreams: C:\Program Files\Bonjour:Win32App_1
AlternateDataStreams: C:\Program Files\iTunes:Win32App_1
AlternateDataStreams: C:\Program Files\Microsoft LifeCam:Win32App_1
AlternateDataStreams: C:\Program Files\Nexus Mod Manager:Win32App_1
AlternateDataStreams: C:\Program Files\Panda Security URL Filtering:Win32App_1
AlternateDataStreams: C:\Program Files\RogueKiller:Win32App_1
AlternateDataStreams: C:\Program Files\TeamSpeak 3 Client:Win32App_1
AlternateDataStreams: C:\Program Files\WinRAR:Win32App_1
AlternateDataStreams: C:\Program Files (x86)\AmUStor:Win32App_1
AlternateDataStreams: C:\Program Files (x86)\Apple Software Update:Win32App_1
AlternateDataStreams: C:\Program Files (x86)\ATI Technologies:Win32App_1
AlternateDataStreams: C:\Program Files (x86)\Battle.net:Win32App_1
AlternateDataStreams: C:\Program Files (x86)\BlueStacks:Win32App_1
AlternateDataStreams: C:\Program Files (x86)\Bonjour:Win32App_1
AlternateDataStreams: C:\Program Files (x86)\Chapter and Verse:Win32App_1
AlternateDataStreams: C:\Program Files (x86)\Diablo III:Win32App_1
AlternateDataStreams: C:\Program Files (x86)\ffdshow:Win32App_1
AlternateDataStreams: C:\Program Files (x86)\Greenfish Icon Editor Pro 3.1:Win32App_1
AlternateDataStreams: C:\Program Files (x86)\iExplorer:Win32App_1
AlternateDataStreams: C:\Program Files (x86)\Malwarebytes Anti-Malware:Win32App_1
AlternateDataStreams: C:\Program Files (x86)\Microsoft LifeCam:Win32App_1
AlternateDataStreams: C:\Program Files (x86)\Microsoft SQL Server Compact Edition:Win32App_1
AlternateDataStreams: C:\Program Files (x86)\MSXML 4.0:Win32App_1
AlternateDataStreams: C:\Program Files (x86)\OpenOffice 4:Win32App_1
AlternateDataStreams: C:\Program Files (x86)\Origin:Win32App_1
AlternateDataStreams: C:\Program Files (x86)\QuickTime:Win32App_1
AlternateDataStreams: C:\Program Files (x86)\REALTEK PCIE Wireless LAN Driver:Win32App_1
AlternateDataStreams: C:\Program Files (x86)\The Witcher 2:Win32App_1
AlternateDataStreams: C:\Program Files (x86)\Windows Live:Win32App_1
AlternateDataStreams: C:\WINDOWS\SysWOW64:Win32App_1
AlternateDataStreams: C:\ProgramData\BlueStacks:Win32App_1
AlternateDataStreams: C:\ProgramData\regid.1991-06.com.microsoft:Win32App_1
AlternateDataStreams: C:\Users\Brad\OneDrive:ms-properties
AlternateDataStreams: C:\Users\Brad\AppData\Roaming\Curse Client:Win32App_1

*****************

C:\WINDOWS\SysWOW64\GroupPolicy\Machine => moved successfully
C:\WINDOWS\SysWOW64\GroupPolicy\GPT.ini => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4}" => key removed successfully
"HKCR\CLSID\{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4}" => key removed successfully
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} => value removed successfully
HKCR\CLSID\{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} => key not found.
HKLM\Software\Mozilla\Firefox\Extensions\\{4ED1F68A-5463-4931-9384-8FFF5ED91D92} => value removed successfully
C:\Users\Brad\AppData\Roaming\Rim.Desktop.Exception.log => moved successfully
C:\Users\Brad\AppData\Roaming\Rim.Desktop.HttpServerSetup.log => moved successfully
C:\Users\Brad\AppData\Roaming\Rim.DesktopHelper.Exception.log => moved successfully
C:\Users\Brad\AppData\Local\BTServer.log => moved successfully
C:\Users\Brad\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini => moved successfully
C:\ProgramData\DP45977C.lfl => moved successfully
C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc => moved successfully
C:\Users\Brad\AppData\Local\Temp\dllnt_dump.dll => moved successfully
C:\Users\Brad\AppData\Local\Temp\libeay32.dll => moved successfully
C:\Users\Brad\AppData\Local\Temp\msvcr120.dll => moved successfully
C:\Users\Brad\AppData\Local\Temp\sqlite3.dll => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{0AF11BCF-36AC-4135-A633-784574D35EEC}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0AF11BCF-36AC-4135-A633-784574D35EEC}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfig" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{0D92C8C4-B52C-4824-9A1A-2A7812640DB5}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0D92C8C4-B52C-4824-9A1A-2A7812640DB5}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\WPD\SqmUpload_S-1-5-21-87857065-1652397247-1537311187-1002" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{2D1620AA-F39C-43C0-9607-476B5BE52DD6}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2D1620AA-F39C-43C0-9607-476B5BE52DD6}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{32993286-670A-49AE-BF30-68A657C708C8}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{32993286-670A-49AE-BF30-68A657C708C8}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{52107243-CB48-4679-ADAC-EF4F27238A0A}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{52107243-CB48-4679-ADAC-EF4F27238A0A}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5B340A8F-7F13-4F86-ADF8-FBC0BED531D2}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5B340A8F-7F13-4F86-ADF8-FBC0BED531D2}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5F5E675A-EDB6-4985-BFFF-FB65084C8FC4}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5F5E675A-EDB6-4985-BFFF-FB65084C8FC4}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6AFC80EC-F164-4C49-928B-79148EAEE309}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6AFC80EC-F164-4C49-928B-79148EAEE309}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GenericSettingsHandler\Windows-Credentials\RetrySyncTask_for_S-1-5-21-87857065-1652397247-1537311187-1002" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{6B3696C4-F754-4B0F-970F-2884EBD0DD78}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6B3696C4-F754-4B0F-970F-2884EBD0DD78}" => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\PaintTool SAI => key not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{82CB7EA4-EDD8-4917-9778-8C4C65925F28}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{82CB7EA4-EDD8-4917-9778-8C4C65925F28}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Logon-5d" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B8ABB6C3-F264-490B-A33B-8D1729DCAFD4}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B8ABB6C3-F264-490B-A33B-8D1729DCAFD4}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Time-5d" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C8F1E9D3-0E01-49F1-8A09-9797C651B5CC}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C8F1E9D3-0E01-49F1-8A09-9797C651B5CC}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxcontent" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{CB7AD0F7-7719-4625-B257-ADB38FF8A2D8}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CB7AD0F7-7719-4625-B257-ADB38FF8A2D8}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\launchtrayprocess" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E0432AC2-46F4-4BEA-968C-162361B79C67}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E0432AC2-46F4-4BEA-968C-162361B79C67}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B" => key removed successfully
C:\Program Files\ATI Technologies => ":Win32App_1" ADS removed successfully.
C:\Program Files\Bonjour => ":Win32App_1" ADS removed successfully.
C:\Program Files\iTunes => ":Win32App_1" ADS removed successfully.
C:\Program Files\Microsoft LifeCam => ":Win32App_1" ADS removed successfully.
C:\Program Files\Nexus Mod Manager => ":Win32App_1" ADS removed successfully.
C:\Program Files\Panda Security URL Filtering => ":Win32App_1" ADS removed successfully.
C:\Program Files\RogueKiller => ":Win32App_1" ADS removed successfully.
C:\Program Files\TeamSpeak 3 Client => ":Win32App_1" ADS removed successfully.
C:\Program Files\WinRAR => ":Win32App_1" ADS removed successfully.
C:\Program Files (x86)\AmUStor => ":Win32App_1" ADS removed successfully.
C:\Program Files (x86)\Apple Software Update => ":Win32App_1" ADS removed successfully.
C:\Program Files (x86)\ATI Technologies => ":Win32App_1" ADS removed successfully.
C:\Program Files (x86)\Battle.net => ":Win32App_1" ADS removed successfully.
C:\Program Files (x86)\BlueStacks => ":Win32App_1" ADS removed successfully.
C:\Program Files (x86)\Bonjour => ":Win32App_1" ADS removed successfully.
C:\Program Files (x86)\Chapter and Verse => ":Win32App_1" ADS removed successfully.
C:\Program Files (x86)\Diablo III => ":Win32App_1" ADS removed successfully.
C:\Program Files (x86)\ffdshow => ":Win32App_1" ADS removed successfully.
C:\Program Files (x86)\Greenfish Icon Editor Pro 3.1 => ":Win32App_1" ADS removed successfully.
C:\Program Files (x86)\iExplorer => ":Win32App_1" ADS removed successfully.
C:\Program Files (x86)\Malwarebytes Anti-Malware => ":Win32App_1" ADS removed successfully.
C:\Program Files (x86)\Microsoft LifeCam => ":Win32App_1" ADS removed successfully.
C:\Program Files (x86)\Microsoft SQL Server Compact Edition => ":Win32App_1" ADS removed successfully.
C:\Program Files (x86)\MSXML 4.0 => ":Win32App_1" ADS removed successfully.
C:\Program Files (x86)\OpenOffice 4 => ":Win32App_1" ADS removed successfully.
C:\Program Files (x86)\Origin => ":Win32App_1" ADS removed successfully.
C:\Program Files (x86)\QuickTime => ":Win32App_1" ADS removed successfully.
C:\Program Files (x86)\REALTEK PCIE Wireless LAN Driver => ":Win32App_1" ADS removed successfully.
C:\Program Files (x86)\The Witcher 2 => ":Win32App_1" ADS removed successfully.
C:\Program Files (x86)\Windows Live => ":Win32App_1" ADS removed successfully.
C:\WINDOWS\SysWOW64 => ":Win32App_1" ADS removed successfully.
C:\ProgramData\BlueStacks => ":Win32App_1" ADS removed successfully.
C:\ProgramData\regid.1991-06.com.microsoft => ":Win32App_1" ADS removed successfully.
"C:\Users\Brad\OneDrive" => ":ms-properties" ADS not found.
C:\Users\Brad\AppData\Roaming\Curse Client => ":Win32App_1" ADS removed successfully.


The system needed a reboot..

==== End of Fixlog 23:41:56 ====
 
Last scans...

redtarget.gif
Download Security Check from here or here and save it to your Desktop.
  • Double-click SecurityCheck.exe
  • Follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.

NOTE 1. If one of your security applications (e.g., third-party firewall) requests permission to allow DIG.EXE access the Internet, allow it to do so.
NOTE 2. SecurityCheck may produce some false warning(s), so leave the results reading to me.
NOTE 3. If you receive UNSUPPORTED OPERATING SYSTEM! ABORTED! message restart computer and Security Check should run


redtarget.gif
Please download Farbar Service Scanner (FSS) and run it on the computer with the issue.
Make sure the following options are checked:
  • Internet Services
  • Windows Firewall
  • System Restore
  • Security Center
  • Windows Update
  • Windows Defender
  • Other Services

Press "Scan".
It will create a log (FSS.txt) in the same directory the tool is run.
Please copy and paste the log to your reply.


redtarget.gif
Download Temp File Cleaner (TFC)
Alternate download: http://www.itxassociates.com/OT-Tools/TFC.exe
  • Double click on TFC.exe to run the program.
  • Click on Start button to begin cleaning process.
  • TFC will close all running programs, and it may ask you to restart computer.


redtarget.gif
Download Sophos Free Virus Removal Tool and save it to your desktop.
  • Double click the icon and select Run
  • Click Next
  • Select I accept the terms in this license agreement, then click Next twice
  • Click Install
  • Click Finish to launch the program
  • Once the virus database has been updated click Start Scanning
  • If any threats are found click Details, then View log file... (bottom left hand corner)
  • Copy and paste the results in your reply
  • Close the Notepad document, close the Threat Details screen, then click Start cleanup
  • Click Exit to close the program
 
Security check log

Results of screen317's Security Check version 1.014 --- 12/23/15
x64 (UAC is enabled)
Internet Explorer 11
``````````````Antivirus/Firewall Check:``````````````
Windows Firewall Enabled!
Panda Free Antivirus
Windows Defender
[size=1]WMI entry may not exist for antivirus; attempting automatic update.[/size]
`````````Anti-malware/Other Utilities Check:`````````
Java version 32-bit out of Date!
Adobe Reader XI
Google Chrome (54.0.2840.71)
Google Chrome (54.0.2840.99)
Google Chrome (SetupMetrics...)
````````Process Check: objlist.exe by Laurent````````
Malwarebytes Anti-Malware mbamservice.exe
Malwarebytes Anti-Malware mbam.exe
Malwarebytes Anti-Malware mbamscheduler.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: %
````````````````````End of Log``````````````````````
 
Sorry been away a few days

here is fss.txt

Farbar Service Scanner Version: 27-01-2016
Ran by Brad (administrator) on 15-12-2016 at 22:54:12
Running from "C:\Users\Brad\Desktop\techspot help"
Microsoft Windows 10 Home (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Policy:
========================


Security Center:
============


Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend service is OK.


Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


Other Services:
==============


File Check:
========
C:\Windows\System32\nsisvc.dll => File is digitally signed
C:\Windows\System32\drivers\nsiproxy.sys => File is digitally signed
C:\Windows\System32\drivers\afd.sys => File is digitally signed
C:\Windows\System32\drivers\tdx.sys => File is digitally signed
C:\Windows\System32\Drivers\tcpip.sys => File is digitally signed
C:\Windows\System32\dnsrslvr.dll => File is digitally signed
C:\Windows\System32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\System32\mpssvc.dll => File is digitally signed
C:\Windows\System32\bfe.dll => File is digitally signed
C:\Windows\System32\drivers\mpsdrv.sys => File is digitally signed
C:\Windows\System32\SDRSVC.dll => File is digitally signed
C:\Windows\System32\vssvc.exe => File is digitally signed
C:\Windows\System32\wscsvc.dll => File is digitally signed
C:\Windows\System32\wbem\WMIsvc.dll => File is digitally signed
C:\Windows\System32\wuaueng.dll => File is digitally signed
C:\Windows\System32\qmgr.dll => File is digitally signed
C:\Windows\System32\es.dll => File is digitally signed
C:\Windows\System32\cryptsvc.dll => File is digitally signed
C:\Program Files\Windows Defender\MpSvc.dll => File is digitally signed
C:\Windows\System32\ipnathlp.dll => File is digitally signed
C:\Windows\System32\iphlpsvc.dll => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed


**** End of log ****
 
Your computer is clean

1. This step will remove all cleaning tools we used, it'll reset restore points (so you won't get reinfected by accidentally using some older restore point) and it'll make some other minor adjustments...
This is a very crucial step so make sure you don't skip it.
Download
51a5ce45263de-delfix.png
DelFix by Xplode to your desktop. Delfix will delete all the used tools and logfiles.

Double-click Delfix.exe to start the tool.
Make sure the following items are checked:
  • Activate UAC (optional; some users prefer to keep it off)
  • Remove disinfection tools
  • Create registry backup
  • Purge System Restore
  • Reset system settings
Now click "Run" and wait patiently.
Once finished a logfile will be created. You don't have to attach it to your next reply.

2. Make sure Windows Updates are current.

3. If any trojans, rootkits or bootkits were listed among your infection(s), make sure, you change all of your on-line important passwords (bank account(s), secured web sites, etc.) immediately!

4. Check if your browser plugins are up to date.
Firefox - https://www.mozilla.org/en-US/plugincheck/
other browsers: https://browsercheck.qualys.com/ (click on "Scan without installing plugin" and then on "Scan now")

5. Run Malwarebytes "Quick scan" once in a while to assure safety of your computer.

6. Run Temporary File Cleaner (TFC), AdwCleaner and Junkware Removal Tool (JRT) weekly (you need to redownload these tools since they were removed by DelFix).

7. Download and install Secunia Personal Software Inspector (PSI): https://www.techspot.com/downloads/4898-secunia-personal-software-inspector-psi.html. The Secunia PSI is a FREE security tool designed to detect vulnerable and out-dated programs and plug-ins which expose your PC to attacks. Run it weekly.

8. (optional) If you want to keep all your programs up to date, download and install FileHippo Update Checker.
The Update Checker will scan your computer for installed software, check the versions and then send this information to FileHippo.com to see if there are any newer releases.

9. When installing\updating ANY program, make sure you always select "Custom " installation, so you can UN-check any possible "drive-by-install" (foistware), like toolbars etc., which may try to install along with the legitimate program. Do NOT click "Next" button without looking at any given page.

10. Read:
How did I get infected?, With steps so it does not happen again!: http://www.bleepingcomputer.com/forums/topic2520.html
Simple and easy ways to keep your computer safe and secure on the Internet: http://www.bleepingcomputer.com/tutorials/keep-your-computer-safe-online/
About those Toolbars and Add-ons - Potentially Unwanted Programs (PUPs) which change your browser settings: http://www.bleepingcomputer.com/for...curity-questions-best-practices/#entry3187642

11. Please, let me know, how your computer is doing.
 
You must log in or register to reply here.

Similar threads

uber_beetle
Infected with fake ad pop-ups - posting FRST and Addition
Replies
12
Views
785
uber_beetle
uber_beetle
E
Solved Svchost.exe launching multiple iexplore.exe - unknown cause
Replies
23
Views
3K
Broni
Broni
A
Infected: Antivirus says it's Trojan:Script/Wacatac.H!ml
Replies
12
Views
2K
adidaman27
A

Latest posts

Back