Solved Random audio sounds on laptop

[Balanced]

A couple days ago I had the steam notification sound but steam wasn't open.
And just now today I heard a weird audio Queue play while I was playing a game.
What happened during my game was that my drawing tablet got unplugged and replugged in so I got really curious checking if my tablet driver was the problem and theres was some minor instances of people saying they got chinese rootkits.
So I downloaded TDSS kaspersky rootkit killer and it immediatly attacked my Tablet Drivers and prompted me to delete them.
So I ended up downloading the drivers from the offcial website instead of the Disc but im still curious and would like help in my situation.

 

[Broni]

You've been here before so you should know the drill.

Please, complete all steps listed here: https://www.techspot.com/community/...lware-removal-preliminary-instructions.58138/
Make sure, you PASTE all logs. If some log exceeds 50,000 characters post limit, split it between couple of replies.
Attached logs won't be reviewed.

Please, observe following rules:

• Read all of my instructions very carefully. Your mistakes during cleaning process may have very serious consequences, like unbootable computer.
• If you're stuck, or you're not sure about certain step, always ask before doing anything else.
• Please refrain from running any tools, fixes or applying any changes to your computer other than those I suggest.
• Never run more than one scan at a time.
• Keep updating me regarding your computer behavior, good, or bad.
• The cleaning process, once started, has to be completed. Even if your computer appears to act better, it may still be infected. Once the computer is totally clean, I'll certainly let you know.
• If you leave the topic without explanation in the middle of a cleaning process, you may not be eligible to receive any more help in malware removal forum.
• I close my topics if you have not replied in 5 days. If you need more time, simply let me know. If I closed your topic and you need it to be reopened, simply PM me.

 

[Balanced]

Is it okay if we can pause this for the moment, I uninstalled a VPN that might have been the culprit.
heres my logs just in case

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 05-07-2017
Ran by Nick (administrator) on NICK (07-07-2017 13:49:24)
Running from C:\Users\Nick\Downloads
Loaded Profiles: Nick (Available Profiles: Nick & Banana)
Platform: Windows 10 Home Version 1607 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool:

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Mr. John aka japamd) C:\Users\Nick\Desktop\RadeonPro\RadeonProSupport.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
() C:\Program Files (x86)\RocketDock\RocketDock.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.12.112.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Microsoft Corporation) C:\Windows\System32\SndVol.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunes.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceHelper.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\distnoted.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Microsoft® Windows® Operating System) C:\Windows\System32\Taskmgr.exe
(Picorover3) C:\Xlide\Xlideit.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Skype Technologies) C:\Program Files (x86)\Skype\Browser\SkypeBrowserHost.exe
() C:\Program Files\PureRef\PureRef.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Skype Technologies) C:\Program Files (x86)\Skype\Browser\SkypeBrowserHost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [WindowsDefender] => C:\Program Files\Windows Defender\MSASCuiL.exe [631808 2016-11-02] (Microsoft Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-07-01] (Adobe Systems Incorporated)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8911872 2016-10-15] (Realtek Semiconductor)
HKLM\...\Run: [TabletDriver] => C:\PenTabletDriver\TabletDriver.exe [655368 2017-04-19] (Graphic Tablet Company Shenzhen)
HKLM-x32\...\Run: [Raptr] => C:\Program Files (x86)\Raptr Inc\Raptr\raptrstub.exe [58584 2016-09-28] (Raptr, Inc)
HKLM-x32\...\Run: [PlaysTV] => C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv_launcher.exe [71440 2016-06-06] (Plays.tv, LLC)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [157456 2015-09-12] (Apple Inc.)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2404952 2017-03-27] (Adobe Systems Incorporated)
HKLM\...\Policies\Explorer: [ForceActiveDesktopOn] 0 [67688 2017-07-06] ()
HKLM\...\Policies\Explorer: [NoRecentDocsHistory] 0 [67688 2017-07-06] ()
HKLM\...\Policies\Explorer: [NoFolderOptions] 0 [67688 2017-07-06] ()
HKLM\...\Policies\Explorer: [NoViewOnDrive] 0 [67688 2017-07-06] ()
HKLM\...\Policies\Explorer: [NoDrives] 0 [67688 2017-07-06] ()
HKLM\...\Policies\Explorer: [NoControlPanel] 0 [67688 2017-07-06] ()
HKLM\...\Policies\Explorer: [DisableLocalMachineRun] 0 [67688 2017-07-06] ()
HKLM\...\Policies\Explorer: [DisableLocalMachineRunOnce] 0 [67688 2017-07-06] ()
HKLM\...\Policies\Explorer: [DisableCurrentUserRun] 0 [67688 2017-07-06] ()
HKLM\...\Policies\Explorer: [DisableCurrentUserRunOnce] 0 [67688 2017-07-06] ()
HKLM\...\Policies\Explorer: [NoDriveTypeAutoRun] 0 [67688 2017-07-06] ()
HKLM\...\Policies\Explorer: [NoViewContextMenu] 0 [67688 2017-07-06] ()
HKLM\...\Policies\Explorer: [NoShellSearchButton] 0 [67688 2017-07-06] ()
HKLM\...\Policies\Explorer: [NoFind] 0 [67688 2017-07-06] ()
HKLM\...\Policies\Explorer: [NoFile] 0 [67688 2017-07-06] ()
HKLM\...\Policies\Explorer: [NoRun] 0 [67688 2017-07-06] ()
HKLM\...\Policies\Explorer: [HideClock] 0 [67688 2017-07-06] ()
HKLM\...\Policies\Explorer: [NoTrayContextMenu] 0 [67688 2017-07-06] ()
HKLM\...\Policies\Explorer: [NoTrayItemsDisplay] 0 [67688 2017-07-06] ()
HKLM\...\Policies\Explorer: [NoSetFolders] 0 [67688 2017-07-06] ()
HKLM\...\Policies\Explorer: [NoDevMgrUpdate] 0 [67688 2017-07-06] ()
HKLM\...\Policies\Explorer: [NoClose] 0 [67688 2017-07-06] ()
HKLM\...\Policies\Explorer: [NoSetTaskbar] 0 [67688 2017-07-06] ()
HKLM\...\Policies\Explorer: [NoDeletePrinter] 0 [67688 2017-07-06] ()
HKLM\...\Policies\Explorer: [NoDFSTab] 0 [67688 2017-07-06] ()
HKLM\...\Policies\Explorer: [NoChangeStartMenu] 0 [67688 2017-07-06] ()
HKLM\...\Policies\Explorer: [NoLogoff] 0 [67688 2017-07-06] ()
HKLM\...\Policies\Explorer: [StartMenuLogoff] 0 [67688 2017-07-06] ()
HKLM\...\Policies\Explorer: [NoWindowsUpdate] 0 [67688 2017-07-06] ()
HKLM\...\Policies\Explorer: [NoEncryptOnMove] 0 [67688 2017-07-06] ()
HKLM\...\Policies\Explorer: [NoRunasInstallPrompt] 0 [67688 2017-07-06] ()
HKLM\...\Policies\Explorer: [NoResolveSearch] 0 [67688 2017-07-06] ()
HKLM\...\Policies\Explorer: [NoResolveTrack] 0 [67688 2017-07-06] ()
HKLM\...\Policies\Explorer: [NoSaveSettings] 0 [67688 2017-07-06] ()
HKLM\...\Policies\Explorer: [NoHardwareTab] 0 [67688 2017-07-06] ()
HKLM\...\Policies\Explorer: [NoStartMenuSubFolders] 0 [67688 2017-07-06] ()
HKLM\...\Policies\Explorer: [NoDesktop] 0 [67688 2017-07-06] ()
HKLM\...\Policies\Explorer: [NoActiveDesktopChanges] 0 [67688 2017-07-06] ()
HKU\S-1-5-21-1919207557-622674961-3464858116-1002\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3042592 2017-06-08] (Valve Corporation)
HKU\S-1-5-21-1919207557-622674961-3464858116-1002\...\Run: [RocketDock] => C:\Program Files (x86)\RocketDock\RocketDock.exe [495616 2007-09-02] ()
HKU\S-1-5-21-1919207557-622674961-3464858116-1002\...\Run: [Discord] => C:\Users\Nick\AppData\Local\Discord\app-0.0.297\Discord.exe [64290304 2017-01-04] (Hammer & Chisel, Inc.)
HKU\S-1-5-21-1919207557-622674961-3464858116-1002\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-1919207557-622674961-3464858116-1002\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27742168 2017-06-07] (Skype Technologies S.A.)
HKU\S-1-5-21-1919207557-622674961-3464858116-1002\...\Policies\system: [DisableCMD] 0
HKU\S-1-5-21-1919207557-622674961-3464858116-1002\...\Policies\system: [NoDispAppearancePage] 0
HKU\S-1-5-21-1919207557-622674961-3464858116-1002\...\Policies\system: [NoDispBackgroundPage] 0
HKU\S-1-5-21-1919207557-622674961-3464858116-1002\...\Policies\system: [NoDispSettingsPage] 0
HKU\S-1-5-21-1919207557-622674961-3464858116-1002\...\Policies\Explorer: [NoViewOnDrive] 0
HKU\S-1-5-21-1919207557-622674961-3464858116-1002\...\Policies\Explorer: [DisableLocalMachineRun] 0
HKU\S-1-5-21-1919207557-622674961-3464858116-1002\...\Policies\Explorer: [DisableLocalMachineRunOnce] 0
HKU\S-1-5-21-1919207557-622674961-3464858116-1002\...\Policies\Explorer: [DisableCurrentUserRun] 0
HKU\S-1-5-21-1919207557-622674961-3464858116-1002\...\Policies\Explorer: [DisableCurrentUserRunOnce] 0
HKU\S-1-5-21-1919207557-622674961-3464858116-1002\...\Policies\Explorer: [NoViewContextMenu] 0
HKU\S-1-5-21-1919207557-622674961-3464858116-1002\...\Policies\Explorer: [NoShellSearchButton] 0
HKU\S-1-5-21-1919207557-622674961-3464858116-1002\...\Policies\Explorer: [NoFind] 0
HKU\S-1-5-21-1919207557-622674961-3464858116-1002\...\Policies\Explorer: [NoFile] 0
HKU\S-1-5-21-1919207557-622674961-3464858116-1002\...\Policies\Explorer: [HideClock] 0
HKU\S-1-5-21-1919207557-622674961-3464858116-1002\...\Policies\Explorer: [NoTrayContextMenu] 0
HKU\S-1-5-21-1919207557-622674961-3464858116-1002\...\Policies\Explorer: [NoTrayItemsDisplay] 0
HKU\S-1-5-21-1919207557-622674961-3464858116-1002\...\Policies\Explorer: [NoSetFolders] 0
HKU\S-1-5-21-1919207557-622674961-3464858116-1002\...\Policies\Explorer: [NoDevMgrUpdate] 0
HKU\S-1-5-21-1919207557-622674961-3464858116-1002\...\Policies\Explorer: [NoSetTaskbar] 0
HKU\S-1-5-21-1919207557-622674961-3464858116-1002\...\Policies\Explorer: [NoDeletePrinter] 0
HKU\S-1-5-21-1919207557-622674961-3464858116-1002\...\Policies\Explorer: [NoDFSTab] 0
HKU\S-1-5-21-1919207557-622674961-3464858116-1002\...\Policies\Explorer: [NoChangeStartMenu] 0
HKU\S-1-5-21-1919207557-622674961-3464858116-1002\...\Policies\Explorer: [NoLogoff] 0
HKU\S-1-5-21-1919207557-622674961-3464858116-1002\...\Policies\Explorer: [NoWindowsUpdate] 0
HKU\S-1-5-21-1919207557-622674961-3464858116-1002\...\Policies\Explorer: [NoEncryptOnMove] 0
HKU\S-1-5-21-1919207557-622674961-3464858116-1002\...\Policies\Explorer: [NoRunasInstallPrompt] 0
HKU\S-1-5-21-1919207557-622674961-3464858116-1002\...\Policies\Explorer: [NoResolveSearch] 0
HKU\S-1-5-21-1919207557-622674961-3464858116-1002\...\Policies\Explorer: [NoSaveSettings] 0
HKU\S-1-5-21-1919207557-622674961-3464858116-1002\...\Policies\Explorer: [NoHardwareTab] 0
HKU\S-1-5-21-1919207557-622674961-3464858116-1002\...\Policies\Explorer: [NoStartMenuSubFolders] 0
HKU\S-1-5-18\Control Panel\Desktop\\SCRNSAVE.EXE ->
AppInit_DLLs: prio.dll => No File
AppInit_DLLs-x32: prio32.dll => No File
Startup: C:\Users\Nick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Curse.lnk [2016-07-22]
ShortcutTarget: Curse.lnk -> C:\Users\Nick\AppData\Roaming\Curse Client\Bin\Curse.exe (Curse, Inc)
Startup: C:\Users\Nick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ShareX.lnk [2017-06-24]
ShortcutTarget: ShareX.lnk -> C:\ShareX\ShareX.exe (ShareX Team)
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 75.75.75.75 75.75.76.76
Tcpip\..\Interfaces\{0176a071-34bd-487e-91ba-0ad426176add}: [DhcpNameServer] 10.0.0.1
Tcpip\..\Interfaces\{d08b08d9-9e90-44de-9d15-3d140b96ca49}: [DhcpNameServer] 75.75.75.75 75.75.76.76

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://hp15-comm.msn.com/?pc=HRTE
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp15-comm.msn.com/?pc=HRTE
HKU\S-1-5-21-1919207557-622674961-3464858116-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp15-comm.msn.com/?pc=HRTE
SearchScopes: HKLM-x32 -> {8E663C5B-B546-41B9-BD2D-6727090C6731} URL = hxxp://www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us2-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2016-07-21] (HP Inc.)

FireFox:
========
FF DefaultProfile: tbp5edt3.default
FF ProfilePath: C:\Users\Nick\AppData\Roaming\Mozilla\Firefox\Profiles\tbp5edt3.default [2017-06-23]
FF Extension: (Imagus) - C:\Users\Nick\AppData\Roaming\Mozilla\Firefox\Profiles\tbp5edt3.default\Extensions\{00000f2a-7cde-4f20-83ed-434fcb420d71}.xpi [2017-04-27]
FF Extension: (Adblock Plus) - C:\Users\Nick\AppData\Roaming\Mozilla\Firefox\Profiles\tbp5edt3.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2017-04-27]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_25_0_0_127.dll [2017-04-09] ()
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2017-03-27] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_25_0_0_127.dll [2017-04-09] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\windows\SysWOW64\Adobe\Director\np32dsw_1225195.dll [2016-09-20] (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-09-04] ()
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-27] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-27] (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\1\NP_wtapp.dll [2016-04-18] ()
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-04-04] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2017-03-27] (Adobe Systems)
FF Plugin HKU\S-1-5-21-1919207557-622674961-3464858116-1002: @nsroblox.roblox.com/launcher -> C:\Users\Nick\AppData\Local\Roblox\Versions\version-6da8969024ca4410\\NPRobloxProxy.dll [2013-01-01] ( ROBLOX Corporation)
FF Plugin HKU\S-1-5-21-1919207557-622674961-3464858116-1002: @nsroblox.roblox.com/launcher64 -> C:\Users\Nick\AppData\Local\Roblox\Versions\version-6da8969024ca4410\\NPRobloxProxy64.dll [2013-01-01] ( ROBLOX Corporation)
FF Plugin HKU\S-1-5-21-1919207557-622674961-3464858116-1002: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Nick\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2016-07-14] (Unity Technologies ApS)

Chrome:
=======
CHR Profile: C:\Users\Nick\AppData\Local\Google\Chrome\User Data\Default [2017-07-07]
CHR Extension: (Google Drive) - C:\Users\Nick\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-04-27]
CHR Extension: (YouTube) - C:\Users\Nick\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-04-27]
CHR Extension: (uBlock Origin) - C:\Users\Nick\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2017-06-21]
CHR Extension: (Betternet Unlimited Free VPN Proxy) - C:\Users\Nick\AppData\Local\Google\Chrome\User Data\Default\Extensions\gjknjjomckknofjidppipffbpoekiipm [2017-07-07]
CHR Extension: (Imagus) - C:\Users\Nick\AppData\Local\Google\Chrome\User Data\Default\Extensions\immpkjjlgappgfkkfieppnmlhakdmaab [2017-05-30]
CHR Extension: (GaiaUpgrade) - C:\Users\Nick\AppData\Local\Google\Chrome\User Data\Default\Extensions\njdjoeklfbahijdoadnlpagipchldkea [2017-07-06]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Nick\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-04-27]
CHR Extension: (Fullscreen Anything) - C:\Users\Nick\AppData\Local\Google\Chrome\User Data\Default\Extensions\olcfgpmjldkkjdclidhcbonieibfhhdh [2017-05-08]
CHR Extension: (Gmail) - C:\Users\Nick\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-04-27]
CHR Extension: (Chrome Media Router) - C:\Users\Nick\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-06-11]
CHR Extension: (Save Image Router) - C:\Users\Nick\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkimacjjcahflldkhofmdjlelllacbil [2017-07-03]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx

Opera:
=======
OPR Extension: (Adguard AdBlocker) - C:\Users\Nick\AppData\Roaming\Opera Software\Opera Stable\Extensions\bopfaehpakahokaelnomggbohfbimcia [2017-02-15]
OPR Extension: (Imagus) - C:\Users\Nick\AppData\Roaming\Opera Software\Opera Stable\Extensions\immpkjjlgappgfkkfieppnmlhakdmaab [2017-06-13]
OPR Extension: (Download Chrome Extension) - C:\Users\Nick\AppData\Roaming\Opera Software\Opera Stable\Extensions\kipjbhgniklcnglfaldilecjomjaddfi [2017-02-14]
OPR Extension: (Fullscreen Anything) - C:\Users\Nick\AppData\Roaming\Opera Software\Opera Stable\Extensions\olcfgpmjldkkjdclidhcbonieibfhhdh [2017-02-14]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [771672 2017-03-14] (Adobe Systems Incorporated)
S3 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2246256 2017-05-18] (Adobe Systems, Incorporated)
S3 EasyAntiCheat; C:\windows\SysWOW64\EasyAntiCheat.exe [238376 2016-04-27] (EasyAntiCheat Ltd)
S3 fussvc; C:\Program Files (x86)\Windows Kits\8.1\App Certification Kit\fussvc.exe [143872 2014-10-24] (Microsoft Corporation) [File not signed]
S4 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [350064 2016-04-18] (WildTangent)
S3 HiPatchService; C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [9728 2016-09-23] (Hi-Rez Studios) [File not signed]
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [321056 2017-06-01] (HP Inc.)
S4 HPWMISVC; c:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe [608520 2015-02-17] (Hewlett-Packard Development Company, L.P.)
S3 npggsvc; C:\WINDOWS\SysWOW64\GameMon.des [4362656 2016-02-24] (INCA Internet Co., Ltd.) [File not signed]
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2122248 2016-07-10] (Electronic Arts)
S3 PAExec; C:\windows\PAExec.exe [189112 2016-10-12] (Power Admin LLC)
S4 PlaysService; C:\Program Files (x86)\Raptr Inc\PlaysTV\plays_service.exe [32528 2016-06-06] (Plays.tv, LLC)
R2 RadeonPro Support Service; C:\Users\Nick\Desktop\RadeonPro\RadeonProSupport.exe [20608 2013-11-04] (Mr. John aka japamd) [File not signed]
S4 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [389896 2014-04-14] ()
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [326656 2016-10-15] (Realtek Semiconductor)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [269400 2016-10-05] (Synaptics Incorporated)
S3 Te.Service; C:\Program Files (x86)\Windows Kits\8.1\Testing\Runtimes\TAEF\Wex.Services.exe [122368 2015-02-26] (Microsoft Corporation) [File not signed]
S3 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [10884848 2017-05-23] (TeamViewer GmbH)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103712 2017-03-04] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 AmdAS4; C:\WINDOWS\System32\drivers\AmdAS4.sys [27376 2016-08-12] (Advanced Micro Devices, INC.)
S0 amdkmafd; C:\WINDOWS\System32\drivers\amdkmafd.sys [49448 2016-08-18] (Advanced Micro Devices, Inc.)
R3 amdkmdag; C:\WINDOWS\System32\DriverStore\FileRepository\c0313745.inf_amd64_133311ca362c9cc6\atikmdag.sys [36558232 2017-05-03] (Advanced Micro Devices, Inc.)
R3 amdkmdap; C:\WINDOWS\System32\DriverStore\FileRepository\c0313745.inf_amd64_133311ca362c9cc6\atikmpag.sys [528792 2017-05-03] (Advanced Micro Devices, Inc.)
R2 APXACC; C:\WINDOWS\system32\DRIVERS\appexDrv.sys [229056 2015-04-03] (AppEx Networks Corporation)
R3 AtiHDAudioService; C:\WINDOWS\system32\drivers\AtihdWT6.sys [101376 2016-12-08] (Advanced Micro Devices)
R3 clwvd6; C:\WINDOWS\system32\DRIVERS\clwvd6.sys [41400 2015-08-31] (CyberLink Corporation)
S3 DFX11_1; C:\WINDOWS\system32\drivers\dfx11_1x64.sys [28008 2017-06-19] (Windows (R) Win 7 DDK provider)
S3 DFX12; C:\WINDOWS\system32\drivers\dfx12x64.sys [39048 2017-06-19] (Windows (R) Win 7 DDK provider)
S3 mbamchameleon; C:\WINDOWS\system32\drivers\mbamchameleon.sys [109272 2017-07-04] (Malwarebytes)
S3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [192216 2017-07-04] (Malwarebytes)
R1 MpKsl60eaeca7; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{BAFFCFFE-3FEF-45D3-A25F-3C89B3290A83}\MpKsl60eaeca7.sys [44928 2017-07-07] (Microsoft Corporation)
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [936192 2016-04-29] (Realtek )
S3 RTSUER; C:\WINDOWS\system32\Drivers\RtsUer.sys [411712 2015-05-21] (Realsil Semiconductor Corporation)
R3 RTWlanE; C:\WINDOWS\system32\DRIVERS\rtwlane.sys [6294016 2017-02-01] (Realtek Semiconductor Corporation )
R3 SmbDrv; C:\WINDOWS\system32\DRIVERS\Smb_driver_AMDASF.sys [76376 2016-10-05] (Synaptics Incorporated)
S3 SmbDrvI; C:\WINDOWS\System32\drivers\Smb_driver_Intel.sys [33960 2015-07-13] (Synaptics Incorporated)
R3 vmulti; C:\WINDOWS\System32\drivers\vmulti.sys [10752 2014-09-17] (Windows (R) Win 7 DDK provider)
S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
R3 WirelessButtonDriver64; C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys [30544 2015-08-13] (HP)
S3 xhunter1; C:\WINDOWS\xhunter1.sys [36832 2017-03-20] (Wellbia.com Co., Ltd.)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-07-07 13:49 - 2017-07-07 13:58 - 00024626 _____ C:\Users\Nick\Downloads\FRST.txt
2017-07-07 13:48 - 2017-07-07 13:49 - 00000000 ____D C:\FRST
2017-07-07 13:48 - 2017-07-07 13:48 - 02436608 _____ (Farbar) C:\Users\Nick\Downloads\FRST64.exe
2017-07-07 13:48 - 2017-07-07 13:48 - 01782272 _____ (Farbar) C:\Users\Nick\Downloads\FRST.exe
2017-07-07 00:05 - 2017-07-07 00:05 - 00001145 _____ C:\Users\Nick\AppData\Roaming\PureRef.ini
2017-07-06 22:00 - 2017-07-06 22:00 - 00000719 _____ C:\Users\Public\Desktop\PenTabletDriver.lnk
2017-07-06 22:00 - 2017-07-06 22:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PenTabletDriver
2017-07-06 22:00 - 2017-04-18 17:09 - 00062984 _____ (Graphics Tablet) C:\WINDOWS\system32\wintab32.dll
2017-07-06 22:00 - 2017-04-18 17:09 - 00057864 _____ (Graphics Tablet) C:\WINDOWS\SysWOW64\wintab32.dll
2017-07-06 21:59 - 2017-07-06 22:04 - 00000000 ____D C:\PenTabletDriver
2017-07-06 21:47 - 2017-07-06 21:48 - 21159334 _____ C:\Users\Nick\Downloads\WIN_1060pro_H610pro_H610_Driver12.3.7.zip
2017-07-06 21:41 - 2014-09-17 10:47 - 00010752 _____ (Windows (R) Win 7 DDK provider) C:\WINDOWS\system32\Drivers\vmulti.sys
2017-07-06 21:41 - 2014-09-17 10:47 - 00007680 _____ (Windows (R) Win 7 DDK provider) C:\WINDOWS\system32\Drivers\hidkmdf.sys
2017-07-06 21:31 - 2017-07-06 21:32 - 08099476 _____ C:\Users\Nick\Downloads\HUION_WIN_G10T_GT156HD_v13.6.2.161226.zip
2017-07-06 20:15 - 2017-07-06 20:15 - 00033332 _____ C:\Users\Nick\Downloads\0 (1)
2017-07-06 20:13 - 2017-07-06 20:13 - 00067688 _____ C:\Users\Nick\Downloads\0
2017-07-06 16:25 - 2017-07-06 16:25 - 00000000 ____D C:\Users\Nick\AppData\LocalLow\Abrakam
2017-07-06 15:14 - 2017-07-06 15:16 - 07306358 _____ C:\Users\Nick\Downloads\xvideos.com_aebbac161063537bf697b0169d91c02a.mp4
2017-07-06 11:59 - 2017-07-06 12:00 - 00420420 _____ C:\WINDOWS\Minidump\070617-26812-01.dmp
2017-07-05 16:11 - 2017-07-05 16:11 - 00000000 ____D C:\Users\Nick\AppData\LocalLow\SmashGames
2017-07-05 16:09 - 2017-07-05 16:09 - 00000222 _____ C:\Users\Nick\Desktop\Warframe.url
2017-07-05 04:42 - 2017-07-05 04:42 - 00000000 ____D C:\Users\Nick\AppData\LocalLow\uTorrent
2017-07-04 21:52 - 2017-07-04 21:52 - 02558935 _____ C:\Users\Nick\Downloads\win10-10.0.0.341-whql.zip
2017-07-04 19:40 - 2016-01-13 13:35 - 01011504 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinUsbCoInstaller2.dll
2017-07-04 19:40 - 2016-01-13 13:34 - 01730360 _____ (Microsoft Corporation) C:\WINDOWS\system32\WdfCoInstaller01009.dll
2017-07-04 19:36 - 2017-07-04 19:39 - 21136092 _____ C:\Users\Nick\Downloads\WIN_Driver12.2.16.zip
2017-07-04 19:23 - 2017-07-04 19:23 - 07098268 _____ (Huion Animation ) C:\Users\Nick\Downloads\Windows8.exe
2017-07-04 19:15 - 2017-07-04 19:16 - 07098268 _____ (Huion Animation ) C:\Users\Nick\Downloads\Windows10 (1).exe
2017-07-04 18:57 - 2017-07-04 19:00 - 00521948 _____ C:\TDSSKiller.3.1.0.15_04.07.2017_18.57.11_log.txt
2017-07-04 18:55 - 2017-07-04 18:56 - 00008162 _____ C:\TDSSKiller.3.1.0.15_04.07.2017_18.55.29_log.txt
2017-07-04 18:50 - 2017-07-04 18:53 - 00267926 _____ C:\TDSSKiller.3.1.0.15_04.07.2017_18.50.43_log.txt
2017-07-04 18:45 - 2017-07-04 18:49 - 00184656 _____ C:\TDSSKiller.3.1.0.15_04.07.2017_18.45.33_log.txt
2017-07-04 18:43 - 2017-07-04 18:47 - 00416516 _____ C:\WINDOWS\Minidump\070417-25671-01.dmp
2017-07-04 18:22 - 2017-07-04 18:23 - 05198336 _____ (AVAST Software) C:\Users\Nick\Downloads\aswMBR.exe
2017-07-04 17:48 - 2017-07-04 17:48 - 07098268 _____ (Huion Animation ) C:\Users\Nick\Downloads\Windows10.exe
2017-07-04 16:54 - 2017-07-04 16:58 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2017-07-04 16:47 - 2017-07-04 16:47 - 16563352 _____ (Malwarebytes Corp.) C:\Users\Nick\Downloads\mbar-1.09.3.1001.exe
2017-07-04 16:39 - 2017-07-04 18:53 - 00000000 ____D C:\TDSSKiller_Quarantine
2017-07-04 16:35 - 2017-07-04 16:44 - 00529140 _____ C:\TDSSKiller.3.1.0.15_04.07.2017_16.35.40_log.txt
2017-07-04 16:34 - 2017-07-04 16:35 - 04922400 _____ (AO Kaspersky Lab) C:\Users\Nick\Downloads\tdsskiller.exe
2017-07-03 11:47 - 2017-07-03 11:47 - 00000000 ____D C:\Xlide
2017-07-03 10:19 - 2017-07-03 10:19 - 00470837 _____ C:\Users\Nick\Downloads\88874d9ab3d8c6f727743d0e5ec0e1ff.png.old
2017-07-03 07:55 - 2017-07-03 07:56 - 17252144 _____ C:\Users\Nick\Downloads\RedLightCenterSetup.exe
2017-07-02 21:47 - 2017-07-02 21:47 - 00000222 _____ C:\Users\Nick\Desktop\Kindergarten.url
2017-07-02 00:51 - 2017-07-02 00:51 - 00234384 _____ C:\Users\Nick\Downloads\f992b26a9b8ccc4bb88e5b0dba4b3a42.jpeg
2017-07-01 12:05 - 2017-07-01 12:05 - 00001127 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera Browser.lnk
2017-07-01 11:10 - 2017-07-01 11:10 - 01971103 _____ C:\Users\Nick\Downloads\1498913291850.webm
2017-06-30 22:04 - 2017-06-30 22:04 - 00000000 ____D C:\Users\Nick\AppData\Local\Tempzxpsign5d0e75bdcdd61b6e
2017-06-30 13:10 - 2017-06-30 13:10 - 00000000 ____D C:\Users\Nick\AppData\Local\DFX
2017-06-30 13:10 - 2017-06-30 13:10 - 00000000 ____D C:\ProgramData\DFX
2017-06-30 13:08 - 2017-06-30 13:08 - 00000000 ____D C:\Users\Guest\AppData\Roaming\vlc
2017-06-30 13:08 - 2017-06-30 13:08 - 00000000 ____D C:\Users\Guest
2017-06-30 13:08 - 2017-06-30 13:08 - 00000000 ____D C:\Users\DefaultAccount\AppData\Roaming\vlc
2017-06-30 13:08 - 2017-06-30 13:08 - 00000000 ____D C:\Users\DefaultAccount
2017-06-30 13:08 - 2017-06-30 13:08 - 00000000 ____D C:\Users\Banana\AppData\Roaming\vlc
2017-06-30 13:08 - 2017-06-30 13:08 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\vlc
2017-06-30 13:08 - 2017-06-30 13:08 - 00000000 ____D C:\Users\Administrator
2017-06-30 13:07 - 2017-06-30 13:07 - 04867672 _____ (FxSound) C:\Users\Nick\Downloads\fxsound_13.007_setup.exe
2017-06-30 13:06 - 2017-06-30 13:07 - 02433992 _____ (DivX, LLC) C:\Users\Nick\Downloads\DivXInstaller.exe
2017-06-29 21:31 - 2017-06-29 21:33 - 167777153 _____ (Realtek Semiconductor Corp.) C:\Users\Nick\Downloads\0008-32bit_Win7_Win8_Win81_Win10_R281.exe
2017-06-28 21:32 - 2017-06-28 21:32 - 00218306 _____ C:\Users\Nick\Downloads\19054312_243780706103592_7218227831292035072_n.mp4
2017-06-28 19:13 - 2017-06-28 19:13 - 00000000 ____D C:\Users\Nick\AppData\Roaming\Imagine
2017-06-28 18:39 - 2017-06-28 18:39 - 00969388 _____ C:\Users\Nick\Downloads\Imagine_1.0.9_x64_Unicode.exe
2017-06-28 14:02 - 2017-06-28 14:02 - 05681862 _____ C:\Users\Nick\Desktop\5654165464.psd
2017-06-28 10:34 - 2017-06-28 10:34 - 00000000 ____D C:\Users\Nick\AppData\Local\Tempzxpsign58b56f9318dfcc93
2017-06-27 20:44 - 2017-06-27 20:44 - 00000000 ____D C:\Users\Nick\AppData\Local\Tempzxpsign7629264ef594f75e
2017-06-27 20:44 - 2017-06-27 20:44 - 00000000 ____D C:\Users\Nick\AppData\Local\Tempzxpsign340a75688aa69487
2017-06-27 15:41 - 2017-06-27 15:41 - 00000000 ____D C:\Users\Nick\AppData\Local\Tempzxpsign4270bd05285f9e84
2017-06-27 13:59 - 2017-06-27 14:02 - 247558712 _____ (Hewlett-Packard ) C:\Users\Nick\Downloads\sp74726.exe
2017-06-27 13:29 - 2017-06-27 13:30 - 18759824 _____ C:\Users\Nick\Downloads\nomacs-setup.exe
2017-06-27 13:15 - 2017-06-27 13:15 - 13223048 _____ (Duong Dieu Phap ) C:\Users\Nick\Downloads\ImageGlass_4.0.4.15.exe
2017-06-27 01:12 - 2017-06-27 01:31 - 00000000 ____D C:\Users\Nick\AppData\Roaming\PotPlayerMini64
2017-06-27 01:09 - 2017-06-27 01:09 - 00001025 _____ C:\Users\Nick\Desktop\PotPlayer 64 bit.lnk
2017-06-27 01:09 - 2017-06-27 01:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Daum
2017-06-27 01:09 - 2017-06-27 01:09 - 00000000 ____D C:\Program Files\DAUM
2017-06-27 01:06 - 2017-06-27 01:08 - 22018200 _____ (Kakao) C:\Users\Nick\Downloads\PotPlayerSetup64.exe
2017-06-27 00:53 - 2017-06-27 01:25 - 00000000 ____D C:\Users\Nick\Desktop\Fun
2017-06-27 00:48 - 2017-06-27 01:28 - 00000000 ____D C:\Users\Nick\Downloads\New folder (2)
2017-06-26 19:26 - 2017-06-26 19:26 - 00228804 _____ C:\Users\Nick\Downloads\full.jpeg
2017-06-25 15:50 - 2017-06-25 15:50 - 00040212 _____ C:\Users\Nick\Downloads\FN-TalentAvatar-Guy-Fieri-800x800.jpg.rend.hgtvcom.616.616.jpeg
2017-06-25 12:16 - 2017-06-25 12:16 - 00000000 ____D C:\Users\Nick\AppData\Local\Tempzxpsign1523467ffd011c54
2017-06-24 22:06 - 2017-06-24 22:06 - 00000844 _____ C:\Users\Nick\Desktop\PureRef.lnk
2017-06-24 22:06 - 2017-06-24 22:06 - 00000000 ____D C:\Users\Nick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PureRef
2017-06-24 22:06 - 2017-06-24 22:06 - 00000000 ____D C:\Program Files\PureRef
2017-06-23 20:00 - 2017-06-27 14:10 - 00000000 ____D C:\WINDOWS\LastGood
2017-06-23 19:58 - 2017-06-23 19:58 - 00001661 _____ C:\Users\Public\Desktop\Costume Quest.lnk
2017-06-23 19:58 - 2017-06-23 19:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Costume Quest [GOG.com]
2017-06-23 19:14 - 2017-06-23 19:22 - 342999048 _____ (InstallShield Software Corporation ) C:\Users\Nick\Downloads\sp77787.exe
2017-06-23 16:16 - 2017-06-23 16:16 - 00066815 _____ C:\Users\Nick\Downloads\32f52e58268a8be5806a0727a1172f48.jpeg
2017-06-23 10:55 - 2017-06-23 19:54 - 00000000 ____D C:\Users\Nick\Desktop\Costume Quest (October 15, 2011)
2017-06-21 22:31 - 2017-06-21 22:31 - 00000000 ____D C:\Users\Nick\Downloads\Picarto.TV -Modeseven_2017.06.05.22.06.07.flv's Video popout_files
2017-06-21 16:30 - 2017-06-27 20:11 - 00000000 ____D C:\Users\Nick\AppData\Roaming\.minecraft
2017-06-21 16:30 - 2017-06-21 16:30 - 00001037 _____ C:\Users\Public\Desktop\Minecraft.lnk
2017-06-21 16:30 - 2017-06-21 16:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Minecraft
2017-06-19 13:44 - 2017-06-19 13:44 - 00039048 _____ (Windows (R) Win 7 DDK provider) C:\WINDOWS\system32\Drivers\dfx12x64.sys
2017-06-19 13:44 - 2017-06-19 13:44 - 00028008 _____ (Windows (R) Win 7 DDK provider) C:\WINDOWS\system32\Drivers\dfx11_1x64.sys
2017-06-19 09:40 - 2017-06-19 09:41 - 01436580 _____ C:\Users\Nick\Downloads\2143519 - Dragon_Quest Dragon_Quest_VIII Gerph Jessica_Albert.jpeg
2017-06-19 09:11 - 2017-06-19 09:11 - 00351367 _____ C:\Users\Nick\Downloads\2031196%20-%20Padme_Amidala%20Star_Wars%20Turk128.jpeg
2017-06-19 09:10 - 2017-06-19 09:10 - 00349908 _____ C:\Users\Nick\Downloads\1909836%20-%20Anakin_Solo%20Princess_Leia_Organa%20Star_Wars%20Turk128%20Winter_Celchu.jpeg
2017-06-19 09:10 - 2017-06-19 09:10 - 00222418 _____ C:\Users\Nick\Downloads\1915715%20-%20Danny_Phantom%20Madeline_Fenton%20Turk128.jpeg
2017-06-19 09:08 - 2017-06-19 09:08 - 00237761 _____ C:\Users\Nick\Downloads\1909675%20-%20Atomic_Betty%20Betty_Barrett%20Space_Ace%20Turk128%20borf%20crossover.jpeg
2017-06-16 22:27 - 2017-06-16 22:27 - 00000000 ____D C:\Users\Nick\AppData\Local\Tempzxpsign3eea5cb35c34132c
2017-06-16 11:02 - 2017-06-16 11:02 - 00412332 _____ C:\WINDOWS\Minidump\061617-32234-01.dmp
2017-06-12 17:40 - 2017-06-16 10:12 - 00000000 ____D C:\Users\Nick\Desktop\Totally Spies
2017-06-12 17:33 - 2017-06-19 14:38 - 00000000 ____D C:\Users\Nick\Desktop\Doug
2017-06-12 14:19 - 2017-06-12 14:19 - 00000000 ____D C:\Users\Nick\Downloads\New folder
2017-06-12 12:22 - 2017-06-12 12:24 - 00000011 _____ C:\Users\Nick\Desktop\New Text Document.txt
2017-06-11 02:30 - 2017-06-11 02:30 - 10127400 _____ (HP Inc ) C:\Users\Nick\Downloads\sp80569.exe
2017-06-11 01:47 - 2017-06-11 01:47 - 00000000 ____D C:\Users\Nick\AppData\LocalLow\AMD
2017-06-11 01:43 - 2017-06-11 01:45 - 00412404 _____ C:\WINDOWS\Minidump\061117-29937-01.dmp
2017-06-10 01:51 - 2017-06-10 01:51 - 03956442 _____ C:\Users\Nick\Downloads\..2020.psd
2017-06-09 21:46 - 2017-06-09 21:46 - 00000946 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIMP 2.lnk
2017-06-09 21:46 - 2017-06-09 21:46 - 00000934 _____ C:\Users\Public\Desktop\GIMP 2.lnk
2017-06-09 21:43 - 2017-06-09 21:45 - 00000000 ____D C:\Program Files\GIMP 2
2017-06-09 21:41 - 2017-06-09 21:42 - 89579672 _____ (The GIMP Team ) C:\Users\Nick\Downloads\gimp-2.8.22-setup.exe
2017-06-07 11:28 - 2017-06-07 19:38 - 00000000 ____D C:\Users\Nick\Desktop\New folder

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-07-07 14:00 - 2016-04-11 14:46 - 00000000 ____D C:\Users\Nick\AppData\Roaming\Skype
2017-07-07 13:27 - 2016-11-01 23:09 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2017-07-07 02:00 - 2016-04-13 04:38 - 00000000 ____D C:\Users\Nick\AppData\Local\Adobe
2017-07-06 22:51 - 2016-04-11 14:27 - 00000000 ____D C:\Program Files (x86)\Steam
2017-07-06 22:00 - 2016-07-16 07:45 - 00000000 ____D C:\WINDOWS\INF
2017-07-06 21:30 - 2016-04-23 19:28 - 00000000 ____D C:\Users\Nick\AppData\Local\Warframe
2017-07-06 21:18 - 2016-11-01 23:17 - 01249522 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-07-06 12:19 - 2016-11-01 23:19 - 00000000 ____D C:\Users\Nick
2017-07-06 11:59 - 2017-04-03 21:31 - 516052243 _____ C:\WINDOWS\MEMORY.DMP
2017-07-06 11:59 - 2017-01-23 20:40 - 00000000 ____D C:\WINDOWS\Minidump
2017-07-06 11:59 - 2016-11-01 23:58 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-07-05 15:59 - 2016-12-08 12:29 - 00000000 ____D C:\Users\Nick\AppData\Local\CrashDumps
2017-07-05 15:59 - 2016-04-12 12:23 - 00000000 ____D C:\Users\Nick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2017-07-05 15:57 - 2016-05-10 16:53 - 00000000 ____D C:\ModOrganizer
2017-07-05 06:24 - 2016-04-11 20:01 - 00000000 ____D C:\Users\Nick\AppData\Roaming\uTorrent
2017-07-04 23:07 - 2016-04-20 01:15 - 00000000 ____D C:\Users\Nick\AppData\Local\ElevatedDiagnostics
2017-07-04 18:54 - 2016-11-01 23:13 - 00065536 _____ C:\WINDOWS\system32\spu_storage.bin
2017-07-04 18:54 - 2016-07-16 02:04 - 00524288 _____ C:\WINDOWS\system32\config\BBI
2017-07-04 16:52 - 2016-11-30 11:15 - 00000000 ____D C:\Users\Nick\AppData\Roaming\IMVU
2017-07-04 16:52 - 2016-06-27 21:42 - 00109272 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2017-07-04 16:35 - 2016-06-27 21:42 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2017-07-04 16:27 - 2017-04-04 11:38 - 00000000 ____D C:\Rito
2017-07-03 11:47 - 2016-04-27 18:38 - 00000000 ____D C:\Users\Nick\Documents\Stuff
2017-07-02 19:49 - 2016-12-13 01:50 - 00000000 ____D C:\Users\Nick\Documents\ShareX
2017-07-02 11:25 - 2016-08-26 00:57 - 00000000 ____D C:\Users\Nick\AppData\Roaming\MacroCreator
2017-07-01 12:05 - 2016-11-01 23:58 - 00003948 _____ C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1460536304
2017-07-01 12:05 - 2016-04-13 04:31 - 00000000 ____D C:\Program Files (x86)\Opera
2017-06-30 11:23 - 2016-04-28 00:32 - 00000000 ____D C:\Users\Nick\Documents\Eventually
2017-06-29 23:35 - 2016-11-01 23:13 - 00001851 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DTS Audio Control.lnk
2017-06-29 23:33 - 2016-11-01 23:13 - 00021910 _____ C:\WINDOWS\system32\Drivers\rtkhdasetting.zip
2017-06-29 23:33 - 2016-11-01 23:13 - 00000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2017-06-29 23:29 - 2016-03-25 07:41 - 00000000 ___HD C:\Program Files (x86)\Temp
2017-06-29 21:24 - 2016-03-25 07:42 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Music, Photos and Videos
2017-06-29 18:04 - 2016-04-11 14:45 - 00000000 ____D C:\ProgramData\Skype
2017-06-29 18:03 - 2016-10-23 08:49 - 00000000 ___RD C:\Program Files (x86)\Skype
2017-06-27 14:21 - 2017-05-23 18:33 - 00000000 ____D C:\Users\Nick\Downloads\Randoms
2017-06-27 14:21 - 2017-01-21 01:41 - 00000000 ____D C:\Users\Nick\Downloads\web
2017-06-27 14:04 - 2015-12-14 12:28 - 00000000 ____D C:\SWSetup
2017-06-27 02:19 - 2016-12-17 15:39 - 00000000 ____D C:\Users\Nick\Downloads\Flock mod
2017-06-27 01:40 - 2016-05-07 20:59 - 00000000 ____D C:\Users\Nick\AppData\Roaming\vlc
2017-06-26 17:01 - 2017-04-27 16:14 - 00002279 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-06-26 17:01 - 2017-04-27 16:14 - 00002267 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2017-06-26 09:07 - 2016-11-29 22:27 - 00000000 ____D C:\flockmod-tablet
2017-06-23 19:54 - 2016-07-14 14:03 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-06-23 19:52 - 2016-10-29 07:35 - 00000000 ____D C:\GOG Games
2017-06-21 16:32 - 2016-11-07 06:00 - 00000000 ____D C:\Program Files (x86)\Minecraft
2017-06-18 18:16 - 2016-07-16 07:47 - 00000000 ____D C:\WINDOWS\system32\NDF
2017-06-15 19:18 - 2016-06-18 19:58 - 00000000 ____D C:\Users\Nick\AppData\Roaming\discord
2017-06-13 20:32 - 2016-07-16 17:16 - 00000000 ____D C:\Program Files (x86)\Bethesda.net Launcher
2017-06-13 19:31 - 2016-04-12 12:27 - 00000000 ____D C:\Users\Nick\Documents\My Games
2017-06-12 19:55 - 2016-10-13 01:17 - 00000000 ____D C:\Program Files (x86)\Hearthstone
2017-06-12 19:53 - 2016-07-06 21:11 - 00000000 ____D C:\Users\Nick\AppData\Roaming\Battle.net
2017-06-12 19:46 - 2016-07-06 21:11 - 00000000 ____D C:\Program Files (x86)\Battle.net
2017-06-12 01:04 - 2016-09-05 20:07 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2017-06-09 23:23 - 2017-04-27 16:05 - 00000000 ____D C:\PaintToolSAI
2017-06-08 00:01 - 2017-06-05 18:31 - 00000000 ____D C:\Users\Nick\AppData\Local\Lazy Nezumi Pro
2017-06-07 01:06 - 2016-12-16 15:00 - 00000000 ____D C:\Users\Banana

==================== Files in the root of some directories =======

2017-03-18 22:36 - 2017-03-18 22:40 - 0000132 _____ () C:\Users\Nick\AppData\Roaming\Adobe GIF Format CS6 Prefs
2016-11-17 17:40 - 2017-05-06 13:12 - 0000132 _____ () C:\Users\Nick\AppData\Roaming\Adobe PNG Format CS6 Prefs
2017-07-07 00:05 - 2017-07-07 00:05 - 0001145 _____ () C:\Users\Nick\AppData\Roaming\PureRef.ini
2016-07-22 18:12 - 2016-02-17 23:30 - 15384576 _____ () C:\Users\Nick\AppData\Roaming\Sandra.mdb
2017-03-23 18:30 - 2017-03-23 18:45 - 0001456 _____ () C:\Users\Nick\AppData\Local\Adobe Save for Web 13.0 Prefs
2016-04-23 18:12 - 2016-04-23 18:12 - 0000218 _____ () C:\Users\Nick\AppData\Local\recently-used.xbel
2017-06-04 22:35 - 2017-06-04 22:35 - 0000060 _____ () C:\ProgramData\SoftwareUpdateTemp.xml

Some files in TEMP:
====================
2017-07-04 17:06 - 2017-07-04 17:06 - 0510848 _____ (Sysinternals - www.sysinternals.com) C:\Users\Nick\AppData\Local\Temp\DGPSOD.exe
2017-04-26 06:11 - 2017-04-26 06:11 - 1292712 _____ (Bandisoft.com) C:\Users\Nick\AppData\Local\Temp\HVShell64.dll
2017-05-16 18:44 - 2017-06-24 03:48 - 58684896 _____ (Skype Technologies S.A.) C:\Users\Nick\AppData\Local\Temp\SkypeSetup.exe
2017-07-04 17:00 - 2017-07-04 17:00 - 0424832 _____ (Sysinternals - www.sysinternals.com) C:\Users\Nick\AppData\Local\Temp\YATBLN.exe

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2017-07-02 05:31

==================== End of FRST.txt ============================

 

[Balanced]

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 05-07-2017
Ran by Nick (07-07-2017 14:02:13)
Running from C:\Users\Nick\Downloads
Windows 10 Home Version 1607 (X64) (2016-11-02 04:03:08)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1919207557-622674961-3464858116-500 - Administrator - Disabled)
Banana (S-1-5-21-1919207557-622674961-3464858116-1003 - Limited - Enabled) => C:\Users\Banana
DefaultAccount (S-1-5-21-1919207557-622674961-3464858116-503 - Limited - Disabled)
Guest (S-1-5-21-1919207557-622674961-3464858116-501 - Limited - Disabled)
Nick (S-1-5-21-1919207557-622674961-3464858116-1002 - Administrator - Enabled) => C:\Users\Nick

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-1919207557-622674961-3464858116-1002\...\uTorrent) (Version: 3.5.0.43804 - BitTorrent Inc.)
12 Labours of Hercules III: Girl Power (HKLM-x32\...\WTA-ece06a69-ff6c-4cc3-bc29-20e5dbfe706d) (Version: 3.0.2.118 - WildTangent) Hidden
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 17.009.20044 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 26.0.0.118 - Adobe Systems Incorporated)
Adobe Animate CC 2017 (HKLM-x32\...\FLPR_16_2) (Version: 16.2 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 4.0.1.188 - Adobe Systems Incorporated)
Adobe Flash Player 24 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 24.0.0.221 - Adobe Systems Incorporated)
Adobe Flash Player 25 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 25.0.0.127 - Adobe Systems Incorporated)
Adobe Media Encoder CC 2017 (HKLM-x32\...\AME_11_1_0) (Version: 11.1.0 - Adobe Systems Incorporated)
Adobe Photoshop CC 2017 (HKLM-x32\...\PHSP_18_1_1) (Version: 18.1.1 - Adobe Systems Incorporated)
Adobe Photoshop CS6 (HKLM-x32\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated)
Adobe Premiere Pro CC 2017 (HKLM-x32\...\PPRO_11_1_0) (Version: 11.1.0 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.2 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.2.5.195 - Adobe Systems, Inc.)
AMD Quick Stream (HKLM\...\{E9EED4AE-682B-4501-9574-D09A21717599}_is1) (Version: 4.0.0.0 - AppEx Networks)
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 9.0.000.8 - Advanced Micro Devices, Inc.)
Apple Application Support (32-bit) (HKLM-x32\...\{AFA1153A-F547-409B-B837-3A0D6C5A3FEC}) (Version: 3.1.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{316BFAA9-B213-4A4C-AF39-AC4D7EA99B54}) (Version: 9.0.0.26 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{FFD1F7F1-1AC9-4BC4-A908-0686D635ABAF}) (Version: 2.1.4.131 - Apple Inc.)
Application Profiles (HKLM-x32\...\{F3EBDF29-2413-AABB-55A2-2AA43E5C6B1C}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Application Verifier x64 External Package (HKLM\...\{77F3D72C-465F-BD51-890E-CC3914B1365F}) (Version: 8.100.26936 - Microsoft) Hidden
Audacity 2.1.3 (HKLM-x32\...\Audacity®_is1) (Version: 2.1.3 - Audacity Team)
Azkend 2: The World Beneath (HKLM-x32\...\WTA-f9d5d242-2856-49fb-9f9f-8a04baa2b7db) (Version: 2.2.0.98 - WildTangent) Hidden
Banished (HKLM-x32\...\1207660783_is1) (Version: 2.3.0.7 - GOG.com)
Barn Yarn Collector's Edition (HKLM-x32\...\WTA-2400d441-28f5-4df3-911e-3bed572d52ef) (Version: 3.0.2.48 - WildTangent) Hidden
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Bethesda.net Launcher (HKLM-x32\...\{3448917E-E4FE-4E30-9502-9FD52EABB6F5}_is1) (Version: 1.0 - Bethesda Softworks)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Brawlhalla (HKLM\...\Steam App 291550) (Version: - Blue Mammoth Games)
Catalyst Control Center Next Localization BR (HKLM\...\{D6823E97-B396-927D-D651-AFB82BE03523}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (HKLM\...\{4B01C6D5-4693-6CA8-ECF7-A0F9E7FEC6DB}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (HKLM\...\{50DBC6DD-C2A2-2C38-FE37-A48208474155}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (HKLM\...\{BF26ACAF-6D09-023B-5FB7-8A848874A724}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (HKLM\...\{9DB37D05-F855-5D7D-08C2-25E00E2CCDBC}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (HKLM\...\{87250370-0A99-4ED9-DCE4-970DAC325FA5}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (HKLM\...\{1F815C78-D31E-53FD-C8BF-3215E4F022A3}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (HKLM\...\{79F58747-D616-4CDB-7D8B-4BC580D99153}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (HKLM\...\{02E80355-64BF-6C1E-B0B7-76857D62A86D}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (HKLM\...\{77158555-E271-A561-ECDA-611639388B5C}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (HKLM\...\{97673BD1-8CA0-53EF-C4E7-282CD8748F1C}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (HKLM\...\{F1AD64B3-4114-8EF7-407C-F9F9122EDA68}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (HKLM\...\{ED28D75F-557C-39C9-5004-F8F17C8BC279}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (HKLM\...\{41268A73-D680-48C5-DE5E-CF67C05CBBBB}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (HKLM\...\{9655DE76-0987-9159-5A7E-FCE18409D004}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (HKLM\...\{CD73EC8B-9F04-5EA1-8FD4-AEE4DAC51267}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (HKLM\...\{397C2EE5-B514-0CC5-53C3-2FBE46CE6EDF}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (HKLM\...\{45FA39D2-8AEB-AFF8-2FA6-96891732CB80}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (HKLM\...\{B3EA6CCB-F44C-DC35-94F5-1B9CC18FE598}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (HKLM\...\{AEE4C0AE-CDAF-5D37-2DA3-A2B3FDFE6E81}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (HKLM\...\{BE064737-1F2C-ECDD-916C-798E3D18C263}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.22 - Piriform)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{AF312B06-5C5C-468E-89B3-BE6DE2645722}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{0A4EF0E6-A912-4CDE-A7F3-6E56E7C13A2F}) (Version: 1.1.6 - Cisco Systems, Inc.)
Costume Quest (HKLM-x32\...\GOGPACKCOSTUMEQUEST_is1) (Version: 2.0.0.20 - GOG.com)
Counter-Strike: Global Offensive (HKLM\...\Steam App 730) (Version: - Valve)
Coyote The Outlander (HKLM-x32\...\WTA-157e546f-e635-4d3e-9db2-1e0ed67810a6) (Version: 3.0.2.59 - WildTangent) Hidden
Curse (HKLM-x32\...\{DEE70742-F4E9-44CA-B2B9-EE95DCF37295}) (Version: 6.0.0.0 - Curse)
CyberLink PhotoDirector (HKLM\...\{5A454EC5-217A-42a5-8CE1-2DDEC4E70E01}) (Version: 5.0.6.7006 - CyberLink Corp.) Hidden
CyberLink PhotoDirector (HKLM-x32\...\InstallShield_{5A454EC5-217A-42a5-8CE1-2DDEC4E70E01}) (Version: 5.0.6.7006 - CyberLink Corp.)
CyberLink Power Media Player 14 (HKLM-x32\...\{32C8E300-BDB4-4398-92C2-E9B7D8A233DB}) (Version: 14.0.2.5829 - CyberLink Corp.)
CyberLink PowerDirector 12 (HKLM\...\{E1646825-D391-42A0-93AA-27FA810DA093}) (Version: 12.0.5.4601 - CyberLink Corp.) Hidden
CyberLink PowerDirector 12 (HKLM-x32\...\InstallShield_{E1646825-D391-42A0-93AA-27FA810DA093}) (Version: 12.0.5.4601 - CyberLink Corp.)
CyberLink YouCam (HKLM-x32\...\{A9CEDD6E-4792-493e-BB35-D86D2E188A5A}) (Version: 6.0.2.4627 - CyberLink Corp.)
Defraggler (HKLM\...\Defraggler) (Version: 2.21 - Piriform)
Delicious: Emily's Wonder Wedding Premium Edition (HKLM-x32\...\WTA-e6c476ff-2a69-4b0b-be28-22c7d513fb06) (Version: 3.0.2.59 - WildTangent) Hidden
DisableMSDefender (HKLM\...\{74FE39A0-FB76-47CD-84BA-91E2BBB17EF2}) (Version: 1.0.0 - Hewlett-Packard Company) Hidden
Discord (HKU\S-1-5-21-1919207557-622674961-3464858116-1002\...\Discord) (Version: 0.0.297 - Hammer & Chisel, Inc.)
Don't Starve (HKLM\...\Steam App 219740) (Version: - Klei Entertainment)
Don't Starve Together (HKLM\...\Steam App 322330) (Version: - Klei Entertainment)
Duelyst (HKLM\...\Steam App 291410) (Version: - Counterplay Games Inc.)
Energy Star (HKLM\...\{465CA2B6-98AF-4E77-BE22-A908C34BB9EC}) (Version: 1.0.9 - Hewlett-Packard Company)
Enter the Gungeon (HKLM-x32\...\1456912569_is1) (Version: 2.7.0.9 - GOG.com)
Entwined: The Perfect Murder (HKLM-x32\...\WTA-f9136d72-cb95-4723-a102-d29bf79aca3b) (Version: 3.0.2.59 - WildTangent) Hidden
Epic Games Launcher (HKLM-x32\...\{C8E7C575-FCFA-46B2-8FC0-E8AC65501350}) (Version: 1.1.78.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Fallout Shelter (HKLM-x32\...\Fallout Shelter) (Version: - Bethesda Softworks)
Family Vacation 2: Road Trip (HKLM-x32\...\WTA-fa7dcea8-6142-4326-9aa8-84f72bac785f) (Version: 3.0.2.59 - WildTangent) Hidden
FastStone Image Viewer 6.0 (HKLM-x32\...\FastStone Image Viewer) (Version: 6.0 - FastStone Soft)
FireAlpaca 1.6.1 (HKLM-x32\...\FireAlpaca_is1) (Version: 1.6.1 - firealpaca.com)
flockmod tablet edition (HKLM-x32\...\{E7EBFA5B-A624-9B45-4F1A-D9AB4F56D53A}) (Version: 1.4.0 - UNKNOWN) Hidden
flockmod tablet edition (HKLM-x32\...\flockmod-air-tablet-ed) (Version: 1.4.0 - UNKNOWN)
Garry's Mod (HKLM\...\Steam App 4000) (Version: - Facepunch Studios)
GIMP 2.8.22 (HKLM\...\GIMP-2_is1) (Version: 2.8.22 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 59.0.3071.115 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.5 - Google Inc.) Hidden
Gyazo 3.2.1 (HKLM-x32\...\{6DB8C365-E719-4BA5-9594-10DFC244D3FD}_is1) (Version: - Nota Inc.)
Hammerwatch (HKLM\...\Steam App 239070) (Version: - Crackshell)
Happy Wars (HKLM\...\Steam App 246280) (Version: - Toylogic inc.)
Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment)
Hero Siege (HKLM\...\Steam App 269210) (Version: - Elias Viglione)
Hi-Rez Studios Authenticate and Update Service (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}) (Version: 3.0.0.0 - Hi-Rez Studios)
Home Makeover (HKLM-x32\...\WTA-2ae03d5a-8140-4ea7-9baf-b74137f4bbcd) (Version: 3.0.2.59 - WildTangent) Hidden
how do you Do It? (HKLM\...\Steam App 353360) (Version: - Nina Freeman)
HP Documentation (HKLM\...\HP_Documentation) (Version: - HP)
HP Registration Service (HKLM\...\{D1E8F2D7-7794-4245-B286-87ED86C1893C}) (Version: 1.2.8305.5282 - Hewlett-Packard)
HP Support Assistant (HKLM-x32\...\{61EB474B-67A6-47F4-B1B7-386851BAB3D0}) (Version: 8.4.19.3 - Hewlett-Packard Company)
HP Support Solutions Framework (HKLM-x32\...\{CE7447C2-EF12-4EF3-BE51-BFC3B049C0F6}) (Version: 12.7.22.13 - HP)
HP System Event Utility (HKLM-x32\...\{D17A3B70-B75E-4C49-83D6-C17DDF65B35F}) (Version: 1.3.4 - Hewlett-Packard Company)
HP Welcome (HKLM\...\HPWelcome) (Version: 1.0 - HP Inc.)
HP Wireless Button Driver (HKLM-x32\...\{DD21DBC9-2A74-44DA-A543-B1F4AF3ABFCA}) (Version: 1.1.8.1 - HP)
IGT Slots: Paradise Garden (HKLM-x32\...\WTA-68b293b3-24ea-4ce0-9414-a2d963c06c62) (Version: 3.0.2.59 - WildTangent) Hidden
Imperial Island: Birth of an Empire (HKLM-x32\...\WTA-b6b684f1-1e99-4986-9a24-e0e13cf8c44d) (Version: 3.0.2.59 - WildTangent) Hidden
iTunes (HKLM\...\{CBE6C79D-BBCE-430C-AC1F-FB3F484927A3}) (Version: 12.1.3.6 - Apple Inc.)
Jewel Match Snowscapes (HKLM-x32\...\WTA-fcd4929c-fe03-4fa1-b9ab-0f4fc8387a37) (Version: 3.0.2.118 - WildTangent) Hidden
Kindergarten (HKLM\...\Steam App 589590) (Version: - Connor Boyle)
Kits Configuration Installer (HKLM-x32\...\{B74E65FD-CC47-41C5-4B89-791A3F61942D}) (Version: 8.100.25984 - Microsoft) Hidden
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Lazy Nezumi Pro 17.3.25.1950 (HKLM-x32\...\Lazy Nezumi Pro_is1) (Version: 17.3.25.1950 - Guillaume Stordeur)
League of Legends (HKLM-x32\...\{E80C09B5-A296-47E9-BD4B-BCCF2FDCA13E}) (Version: 4.1.2 - Riot Games) Hidden
League of Legends (HKLM-x32\...\League of Legends 4.1.2) (Version: 4.1.2 - Riot Games)
Levelator (HKLM-x32\...\Levelator_is1) (Version: - The Conversations Network)
Living Legends: Frozen Beauty Collector's Edition (HKLM-x32\...\WTA-4803a263-90b1-45c8-91a9-ae9e4d46baef) (Version: 3.0.2.59 - WildTangent) Hidden
Lost Lands: Dark Overlord Collector's Edition (HKLM-x32\...\WTA-e714e1b6-14e0-4ddb-9d02-21f95f6a8aec) (Version: 3.0.2.59 - WildTangent) Hidden
Lost Souls: Timeless Fables Collector's Edition (HKLM-x32\...\WTA-95621522-3587-48ea-bbc4-cc03cb0f8c34) (Version: 3.0.2.59 - WildTangent) Hidden
Magic Heroes: Save Our Park (HKLM-x32\...\WTA-2d17d93e-2d19-4218-a666-f3af0d4ca7ae) (Version: 3.0.2.59 - WildTangent) Hidden
Magicka (HKLM\...\Steam App 42910) (Version: - Arrowhead Game Studios)
Magicka 2 (HKLM\...\Steam App 238370) (Version: - Pieces Interactive)
Magicka 2: Spell Balance Beta (HKLM\...\Steam App 397080) (Version: - )
Magicka: Wizard Wars (HKLM\...\Steam App 202090) (Version: - Paradox North)
Malwarebytes Anti-Malware version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Manor Memoirs Collector's Edition (HKLM-x32\...\WTA-df604f07-8c77-44fe-87b2-cb1aae521460) (Version: 3.0.2.59 - WildTangent) Hidden
MapleStory (HKLM\...\Steam App 216150) (Version: - Nexon)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (HKLM-x32\...\{D1D37853-0004-3E36-A7AA-74F4EEA35F64}) (Version: 4.5.50930 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 SDK (HKLM-x32\...\{19A5926D-66E1-46FC-854D-163AA10A52D3}) (Version: 4.5.51641 - Microsoft Corporation)
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4693.1005 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24210 (HKLM-x32\...\{f144e08f-9cbe-4f09-9a8c-f2b858b7ee7f}) (Version: 14.0.24210.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 3.1 (HKLM-x32\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Minecraft (HKLM-x32\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang)
Mozilla Firefox 48.0.2 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 48.0.2 (x86 en-US)) (Version: 48.0.2 - Mozilla)
MSI Development Tools (HKLM-x32\...\{CF3A1CA6-5E5E-B4BD-6CF1-363056816CA2}) (Version: 8.100.26898 - Microsoft Corporation) Hidden
Mystery Expedition: Prisoners of Ice (HKLM-x32\...\WTA-05807911-9546-4f99-b4d2-7018746b90c9) (Version: 3.0.2.59 - WildTangent) Hidden
NVIDIA PhysX (HKLM-x32\...\{B455E95A-B804-439F-B533-336B1635AE97}) (Version: 9.14.0702 - NVIDIA Corporation)
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 18.0.1 - OBS Project)
OEM Application Profile (HKLM-x32\...\{B4B7FD8F-06FC-E277-4F29-8F75F8281D8F}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
Opera Stable 46.0.2597.32 (HKLM-x32\...\Opera 46.0.2597.32) (Version: 46.0.2597.32 - Opera Software)
Origin (HKLM-x32\...\Origin) (Version: 9.12.1.43352 - Electronic Arts, Inc.)
Overwatch (HKLM-x32\...\Overwatch) (Version: - Blizzard Entertainment)
Paladins (HKLM\...\Steam App 444090) (Version: - Hi-Rez Studios)
Path of Exile (HKLM\...\Steam App 238960) (Version: - Grinding Gear Games)
PCSX2 - Playstation 2 Emulator (HKLM-x32\...\pcsx2) (Version: - )
PDF Settings CS6 (HKLM-x32\...\{BFEAAE77-BD7F-4534-B286-9C5CB4697EB1}) (Version: 11.0 - Adobe Systems Incorporated) Hidden
Plagiarii (HKLM-x32\...\WTA-5711b2b5-c4b3-45a9-a632-e2b08c678cd6) (Version: 3.0.2.59 - WildTangent) Hidden
PlaysTV (HKLM-x32\...\PlaysTV) (Version: 1.11.2-r113542-release - Plays.tv, LLC)
Polar Bowler 1st Frame (HKLM-x32\...\WTA-b7e3e02e-0be1-4dae-9333-f3406f4fe85c) (Version: 3.0.2.59 - WildTangent) Hidden
Portal 2 (HKLM\...\Steam App 620) (Version: - Valve)
PotPlayer-64 bit (HKLM\...\PotPlayer64) (Version: - Kakao Corp.)
Prince of Persia Sands of Time (HKLM-x32\...\Uplay Install 111) (Version: - Ubisoft)
Process Hacker 2.39 (r124) (HKLM\...\Process_Hacker2_is1) (Version: 2.39.0.124 - wj32)
Pulover's Macro Creator version 5.0.5 (HKLM\...\{223FFB42-2D49-4AF6-9EF2-82B7D0CAF8B4}_is1) (Version: 5.0.5 - Rodolfo U. Batista)
PureRef (HKLM-x32\...\PureRef) (Version: 1.9.2 - Idyllic Pixel)
RadeonPro 1.0 (Build 1.1.1.0) (HKLM-x32\...\RadeonPro_is1) (Version: - )
Raptr (HKLM-x32\...\Raptr) (Version: 5.2.7-r116720-release - Raptr, Inc)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.9600.31213 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.8.311.2016 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7944 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN Driver (HKLM-x32\...\{A5107464-AA9B-4177-8129-5FF2F42DD322}) (Version: 1.0.0.64 - REALTEK Semiconductor Corp.)
Recuva (HKLM\...\Recuva) (Version: 1.53 - Piriform)
Relic Hunters Zero (HKLM\...\Steam App 382490) (Version: - Rogue Snail)
ROBLOX Player for Nick (HKU\S-1-5-21-1919207557-622674961-3464858116-1002\...\{373B1718-8CC5-4567-8EE2-9033AD08A680}) (Version: - ROBLOX Corporation)
Rocket League (HKLM\...\Steam App 252950) (Version: - Psyonix, Inc.)
RocketDock 1.3.5 (HKLM-x32\...\RocketDock_is1) (Version: - Punk Software)
Runefall (HKLM-x32\...\WTA-855c1085-a844-4179-9a01-ae5b1c664089) (Version: 3.0.2.126 - WildTangent) Hidden
Rush Hour! Gas Station (HKLM-x32\...\WTA-79f43b25-ad10-4334-b458-7232b11f7c87) (Version: 3.0.2.59 - WildTangent) Hidden
SDK Debuggers (HKLM-x32\...\{9274C832-3D8A-A294-FDE8-8B9272357098}) (Version: 8.100.26936 - Microsoft Corporation) Hidden
ShareX (HKLM\...\82E6AC09-0FEF-4390-AD9F-0DD3F5561EFC_is1) (Version: 11.4.1 - ShareX Team)
Sky High Farm (HKLM-x32\...\WTA-6c4aab36-626c-4779-beaf-e479f0d9d5d6) (Version: 3.0.2.59 - WildTangent) Hidden
Skype™ 7.37 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.37.103 - Skype Technologies S.A.)
Skyrim Script Extender (SKSE) (HKLM\...\Steam App 365720) (Version: - The SKSE Team)
SlimDrivers (HKLM-x32\...\{746AB259-6474-4111-8966-1C62F9A6E063}) (Version: 2.3.1 - SlimWare Utilities, Inc.)
Speccy (HKLM\...\Speccy) (Version: 1.29 - Piriform)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.2.4.10 - Synaptics Incorporated)
Team Fortress 2 (HKLM\...\Steam App 440) (Version: - Valve)
TeamViewer 12 (HKLM-x32\...\TeamViewer) (Version: 12.0.78313 - TeamViewer)
Terraria (HKLM\...\Steam App 105600) (Version: - Re-Logic)
The Elder Scrolls V: Skyrim (HKLM\...\Steam App 72850) (Version: - Bethesda Game Studios)
TreeSize Free V3.4.5 (HKLM-x32\...\TreeSize Free_is1) (Version: 3.4.5 - JAM Software)
Undertale (HKLM-x32\...\1456487183_is1) (Version: 2.0.0.2 - GOG.com)
UninstallTabletDeviceDriver (HKLM\...\{39089688-F09E-4DAD-8C80-647D3DF68630}_is1) (Version: 12.3.7 - )
Unity Web Player (HKU\S-1-5-21-1919207557-622674961-3464858116-1002\...\UnityWebPlayer) (Version: 5.3.6f1 - Unity Technologies ApS)
Update Installer for WildTangent Games App (HKLM-x32\...\{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App) (Version: - WildTangent) Hidden
Uplay (HKLM-x32\...\Uplay) (Version: 20.2 - Ubisoft)
Visual Studio 2010 SP1 Runtime x64 (HKLM\...\{F6305232-7952-4CCE-BDCD-9B2E66591C4A}) (Version: 1.0.0 - Microsoft Corporation)
Visual Studio 2010 SP1 Runtime x86 (HKLM-x32\...\{AEA163A5-BA2F-4E63-9529-DE8606AC82A4}) (Version: 1.0.0 - Microsoft Corporation)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.3 - VideoLAN)
Vulkan Run Time Libraries 1.0.26.0 (HKLM\...\VulkanRT1.0.26.0) (Version: 1.0.26.0 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.26.0 (HKLM\...\VulkanRT1.0.26.0-2) (Version: 1.0.26.0 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.39.1 (HKLM\...\VulkanRT1.0.39.1) (Version: 1.0.39.1 - LunarG, Inc.)
Warframe (HKLM\...\Steam App 230410) (Version: - Digital Extremes)
WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.4.0 - WildTangent)
WildTangent Games App for HP (HKLM-x32\...\{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-hp) (Version: 4.0.11.16 - WildTangent) Hidden
Windows 10 Upgrade Assistant (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.17364 - Microsoft Corporation)
Windows Driver Package - Graphics Tablet (WinUsb) USBDevice (04/10/2014 8.33.30.0) (HKLM\...\142118DF51345EA02D2B1583E102C8FB95FD6D52) (Version: 04/10/2014 8.33.30.0 - Graphics Tablet)
Windows Software Development Kit for Windows 8.1 (HKLM-x32\...\{ed3a6e6d-9661-4357-abe4-fcc03dc57a07}) (Version: 8.100.26936 - Microsoft Corporation)
WinRAR 5.31 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.31.0 - win.rar GmbH)
WPT Redistributables (HKLM-x32\...\{64F3FB9A-9250-B2D6-00B4-50BE0358AEE8}) (Version: 8.100.26936 - Microsoft) Hidden
WPTx64 (HKLM-x32\...\{BFF81CB5-E8C7-4184-FBB4-74ADFBC6CCCB}) (Version: 8.100.26936 - Microsoft) Hidden
Xlideit Image Viewer (HKU\S-1-5-21-1919207557-622674961-3464858116-1002\...\Xlideit Image Viewer) (Version: - Picorover3)
You Have to Win the Game (HKLM\...\Steam App 286100) (Version: - Minor Key Games)

 

[Balanced]

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1919207557-622674961-3464858116-1002_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-AD1CF0E732C5}\InprocServer32 -> %%systemroot%%\system32\shell32.dll => No File
CustomCLSID: HKU\S-1-5-21-1919207557-622674961-3464858116-1002_Classes\CLSID\{9B6D38F3-8EF4-48A5-AD30-FFFFFFFFFFFF}\InprocServer32 -> C:\Program Files\Honeyview\HVShell64.dll => No File
CustomCLSID: HKU\S-1-5-21-1919207557-622674961-3464858116-1002_Classes\CLSID\{DEE03C2B-0C0C-41A9-9877-FD4B4D7B6EA3}\InprocServer32 -> C:\Users\Nick\AppData\Local\Roblox\Versions\version-6da8969024ca4410\RobloxProxy64.dll (ROBLOX Corporation)
CustomCLSID: HKU\S-1-5-21-1919207557-622674961-3464858116-1002_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-10-25] ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-10-25] ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-10-25] ()
ContextMenuHandlers01: [0HVContext] -> {9B6D38F3-8EF4-48A5-AD30-FFFFFFFFFFFF} => C:\Program Files\Honeyview\HVShell64.dll -> No File
ContextMenuHandlers01: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-10-25] ()
ContextMenuHandlers01: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File
ContextMenuHandlers01: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2016-02-04] (Alexander Roshal)
ContextMenuHandlers01: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => -> No File
ContextMenuHandlers03: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamext.dll [2016-03-10] (Malwarebytes)
ContextMenuHandlers04: [0HVContext] -> {9B6D38F3-8EF4-48A5-AD30-FFFFFFFFFFFF} => C:\Program Files\Honeyview\HVShell64.dll -> No File
ContextMenuHandlers04: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2016-06-06] (Piriform Ltd)
ContextMenuHandlers05: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files\AMD\CNext\CNext\atiacm64.dll [2017-04-24] (Advanced Micro Devices, Inc.)
ContextMenuHandlers06: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-10-25] ()
ContextMenuHandlers06: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamext.dll [2016-03-10] (Malwarebytes)
ContextMenuHandlers06: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2016-06-06] (Piriform Ltd)
ContextMenuHandlers06: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2016-02-04] (Alexander Roshal)
ContextMenuHandlers06: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => -> No File
ContextMenuHandlers1_S-1-5-21-1919207557-622674961-3464858116-1002: [0HVContext] -> {9B6D38F3-8EF4-48A5-AD30-FFFFFFFFFFFF} => C:\Program Files\Honeyview\HVShell64.dll -> No File
ContextMenuHandlers4_S-1-5-21-1919207557-622674961-3464858116-1002: [0HVContext] -> {9B6D38F3-8EF4-48A5-AD30-FFFFFFFFFFFF} => C:\Program Files\Honeyview\HVShell64.dll -> No File

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0A63DB01-68E9-4846-916F-5E4ACFB3F644} - System32\Tasks\{4B0B5A0E-FEEC-4808-92D6-7BB7AF9945AC} => launchwinapp.exe hxxp://ui.skype.com/ui/0/7.22.0.108/en/abandoninstall?page=tsBing
Task: {11EF8237-224D-4CF9-9039-61D08754EA5D} - System32\Tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater => C:\WINDOWS\system32\compattelrunner.exe
Task: {18CA2043-AB46-4C3D-BB16-88065B9A3862} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [2017-04-24] (Advanced Micro Devices, Inc.)
Task: {1A5D76F4-43F8-4DA8-929B-1FEB793C57A9} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-08-26] (Piriform Ltd)
Task: {1B6A6D57-BF02-4710-AF84-2F7EA35BC9FC} - System32\Tasks\GyazoUpdateTaskMachine => C:\Program Files (x86)\Gyazo\GyazoUpdate.exe [2016-02-17] ()
Task: {3253DEFA-7581-4EC6-81D2-24E64E6898F8} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [2016-11-07] (HP Inc.)
Task: {43DF67E8-D733-48FA-98F2-4E6D341E4A79} - System32\Tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser => C:\WINDOWS\system32\compattelrunner.exe
Task: {51B545F1-4331-45E2-B36C-E8FA754CD3C7} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [2017-06-22] (HP Inc.)
Task: {5603EEF8-7ACE-4D81-9EB2-320F74273756} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-04-27] (Google Inc.)
Task: {58937186-AC49-442D-9921-35647C48A369} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\Program Files\Windows Defender\\MpCmdRun.exe [2017-03-04] (Microsoft Corporation)
Task: {6064F1F8-6584-4359-8AE0-D672B6DD2CF2} - System32\Tasks\Opera scheduled Autoupdate 1460536304 => C:\Program Files (x86)\Opera\launcher.exe [2017-06-27] (Opera Software)
Task: {697C9856-8E76-4BCF-8708-927F581FE272} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\Program Files\Windows Defender\\MpCmdRun.exe [2017-03-04] (Microsoft Corporation)
Task: {6DD5934B-C901-473B-84F6-55EE92112474} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\Program Files\Windows Defender\\MpCmdRun.exe [2017-03-04] (Microsoft Corporation)
Task: {884C8A38-9F41-498D-92B7-D0F4E24E5DA3} - System32\Tasks\GyazoUpdateTaskMachineDaily => C:\Program Files (x86)\Gyazo\GyazoUpdate.exe [2016-02-17] ()
Task: {B40193EA-7C5C-490E-A64B-3BC9164CDCC1} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\Program Files\Windows Defender\\MpCmdRun.exe [2017-03-04] (Microsoft Corporation)
Task: {BB47DB5D-7F3D-4CED-A0A9-384FFA2F8451} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWoW64\Macromed\Flash\FlashUtil32_24_0_0_221_pepper.exe [2017-02-14] (Adobe Systems Incorporated)
Task: {BD145347-B0F2-483F-97B6-F5A1B9A1CCCB} - System32\Tasks\AdobeAAMUpdater-1.0-NICK-Nick => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2016-07-01] (Adobe Systems Incorporated)
Task: {BF9A38A0-42D1-45D6-B66A-7C289CBBF509} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-04-27] (Google Inc.)
Task: {C2DE86A4-4A73-4B4D-A66E-77DDE30D7EC3} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2016-12-07] (HP Inc.)
Task: {DDA3F625-73AA-4202-BC8A-18F8EC13B34A} - System32\Tasks\HP Metrics => C:\Program Files\HP\HP Welcome\Garage.Container.exe
Task: {DDB04C53-F507-43C6-965E-A3E187AB7827} - System32\Tasks\YCMServiceAgent => C:\Program Files (x86)\CyberLink\YouCam6\YouCamService6.exe
Task: {FF2E72BC-2C24-4A01-BAB0-7EA458C2A4C2} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-04-25] (Adobe Systems Incorporated)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\Adobe Flash Player PPAPI Notifier.job => C:\WINDOWS\SysWoW64\Macromed\Flash\FlashUtil32_24_0_0_221_pepper.exe
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\windows\explorer.exe
Task: C:\WINDOWS\Tasks\HPCeeScheduleForNick.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============

2016-07-16 07:42 - 2016-07-16 07:42 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2017-03-15 09:10 - 2017-03-04 03:19 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-10-25 09:57 - 2016-10-25 09:57 - 00491184 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll
2016-11-02 10:23 - 2016-11-02 10:23 - 00959168 _____ () C:\Users\Nick\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64\ClientTelemetry.dll
2016-11-02 02:51 - 2016-11-02 02:51 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2017-03-15 09:12 - 2017-03-04 02:31 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2016-04-11 15:24 - 2007-09-02 13:58 - 00495616 _____ () C:\Program Files (x86)\RocketDock\RocketDock.exe
2017-03-13 11:32 - 2017-03-13 11:32 - 00077312 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.12.112.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2017-03-13 11:32 - 2017-03-13 11:32 - 00182784 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.12.112.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2017-06-26 17:00 - 2017-06-22 23:21 - 03807064 _____ () C:\Program Files (x86)\Google\Chrome\Application\59.0.3071.115\libglesv2.dll
2017-06-26 17:00 - 2017-06-22 23:21 - 00100184 _____ () C:\Program Files (x86)\Google\Chrome\Application\59.0.3071.115\libegl.dll
2017-06-10 09:21 - 2017-06-10 09:21 - 20164608 _____ () C:\Program Files\PureRef\PureRef.exe
2016-04-11 15:24 - 2007-09-02 13:57 - 00069632 _____ () C:\Program Files (x86)\RocketDock\RocketDock.dll
2017-05-31 11:41 - 2017-05-31 11:41 - 01982976 ____R () C:\Program Files (x86)\Skype\Phone\skypert.dll
2016-04-11 14:46 - 2017-05-16 21:54 - 00678176 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2016-04-11 14:46 - 2016-08-31 21:02 - 04969248 _____ () C:\Program Files (x86)\Steam\v8.dll
2016-04-11 14:46 - 2017-06-08 01:42 - 02485536 _____ () C:\Program Files (x86)\Steam\video.dll
2016-04-11 14:46 - 2016-08-31 21:02 - 01195296 _____ () C:\Program Files (x86)\Steam\icuuc.dll
2016-04-11 14:46 - 2016-08-31 21:02 - 01563936 _____ () C:\Program Files (x86)\Steam\icui18n.dll
2016-04-11 14:46 - 2016-01-27 03:49 - 02549760 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll
2016-04-11 14:46 - 2016-01-27 03:49 - 00491008 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll
2016-04-11 14:46 - 2016-01-27 03:49 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll
2016-04-11 14:46 - 2016-01-27 03:49 - 00442880 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll
2016-04-11 14:46 - 2016-01-27 03:49 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll
2016-04-11 14:46 - 2017-06-08 01:42 - 00877856 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2016-04-11 14:46 - 2016-07-04 18:17 - 00266560 _____ () C:\Program Files (x86)\Steam\openvr_api.dll
2017-06-11 12:33 - 2017-05-16 21:54 - 00678176 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.win7\SDL2.dll
2016-12-16 04:54 - 2017-05-08 15:45 - 69516064 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.win7\libcef.dll
2016-04-11 14:46 - 2017-06-08 01:42 - 00385312 _____ () C:\Program Files (x86)\Steam\steam.dll
2015-03-20 18:12 - 2015-03-20 18:12 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2015-03-20 18:12 - 2015-03-20 18:12 - 00237352 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxslt.dll
2015-03-20 18:12 - 2015-03-20 18:12 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2016-04-11 14:46 - 2015-09-24 19:52 - 00119208 _____ () C:\Program Files (x86)\Steam\winh264.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\72416916.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\74193179.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PAexec => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\72416916.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\74193179.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PAexec => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WRkrn => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WRSVC => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

HKU\S-1-5-21-1919207557-622674961-3464858116-1002\Software\Classes\exefile: "%1" %* <==== ATTENTION
HKU\S-1-5-21-1919207557-622674961-3464858116-1002\Software\Classes\.exe: exefile => "%1" %* <==== ATTENTION

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE restricted site: HKU\S-1-5-21-1919207557-622674961-3464858116-1002\...\skype.com -> hxxps://apps.skype.com

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2015-10-30 03:24 - 2015-10-30 03:21 - 00000824 _____ C:\WINDOWS\system32\Drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1919207557-622674961-3464858116-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\Nick\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 75.75.75.75 - 75.75.76.76
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

MSCONFIG\Services: Fax => 3
MSCONFIG\Services: PrintNotify => 3
MSCONFIG\Services: RasAuto => 3
MSCONFIG\Services: RasMan => 3
MSCONFIG\Services: SessionEnv => 3
MSCONFIG\Services: Spooler => 3
MSCONFIG\Services: TermService => 3
MSCONFIG\Services: UmRdpService => 3
HKLM\...\StartupApproved\Run: => "RTHDVCPL"
HKLM\...\StartupApproved\Run: => "DeliveryAndStatusCheck"
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run: => "StartCN"
HKLM\...\StartupApproved\Run: => "WindowsDefender"
HKLM\...\StartupApproved\Run32: => "HPMessageService"
HKLM\...\StartupApproved\Run32: => "PowerDVD14Agent"
HKLM\...\StartupApproved\Run32: => "AdobeCS6ServiceManager"
HKLM\...\StartupApproved\Run32: => "SwitchBoard"
HKLM\...\StartupApproved\Run32: => "PlaysTV"
HKLM\...\StartupApproved\Run32: => "Raptr"
HKLM\...\StartupApproved\Run32: => "iTunesHelper"
HKLM\...\StartupApproved\Run32: => "WindowsDefender"
HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud"
HKU\S-1-5-21-1919207557-622674961-3464858116-1002\...\StartupApproved\StartupFolder: => "IMVU.lnk"
HKU\S-1-5-21-1919207557-622674961-3464858116-1002\...\StartupApproved\StartupFolder: => "Curse.lnk"
HKU\S-1-5-21-1919207557-622674961-3464858116-1002\...\StartupApproved\StartupFolder: => "ShareX.lnk"
HKU\S-1-5-21-1919207557-622674961-3464858116-1002\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-1919207557-622674961-3464858116-1002\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-1919207557-622674961-3464858116-1002\...\StartupApproved\Run: => "Gyazo"
HKU\S-1-5-21-1919207557-622674961-3464858116-1002\...\StartupApproved\Run: => "HiAlgoBOOST"
HKU\S-1-5-21-1919207557-622674961-3464858116-1002\...\StartupApproved\Run: => "AppEx Accelerator UI"
HKU\S-1-5-21-1919207557-622674961-3464858116-1002\...\StartupApproved\Run: => "Discord"
HKU\S-1-5-21-1919207557-622674961-3464858116-1002\...\StartupApproved\Run: => "AdobeBridge"
HKU\S-1-5-21-1919207557-622674961-3464858116-1002\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-1919207557-622674961-3464858116-1002\...\StartupApproved\Run: => "MurGee.com Auto Clicker"

 

[Balanced]

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{E2976D0F-0C37-4655-A3CE-EC8CD1A6FC39}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{AFA7C818-E543-47C0-AF91-A65013B78608}] => (Block) C:\program files (x86)\hearthstone\hearthstone.exe
FirewallRules: [{316C01A7-FBF8-407F-8798-164E3677858B}] => (Block) C:\program files (x86)\hearthstone\hearthstone.exe
FirewallRules: [UDP Query User{42EE9500-66C3-4711-A013-05DCBAFC5BBC}C:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) C:\program files (x86)\hearthstone\hearthstone.exe
FirewallRules: [TCP Query User{A09F522E-EF8C-42B3-BF2F-5532A31B729C}C:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) C:\program files (x86)\hearthstone\hearthstone.exe
FirewallRules: [{98F3BC70-4392-4D3C-8F74-A4C7AC967A66}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Duelyst\Duelyst.exe
FirewallRules: [{6C258ABD-7C86-4E9B-91D6-A9E9E08F330F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Duelyst\Duelyst.exe
FirewallRules: [{A44E5F2C-FA08-4B3F-B18D-8007BB461B92}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe
FirewallRules: [{823DACAB-0FEE-4CC3-9263-E6C3B54BC31B}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe
FirewallRules: [{6B636CBF-BBF8-41E1-BBA4-385572C9D428}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe
FirewallRules: [{7CD1C99A-780C-4675-97A0-C9747C8F0C4C}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe
FirewallRules: [UDP Query User{345288F5-72AA-453D-BE32-45C3AC655770}C:\windows\system32\runtimebroker.exe] => (Block) C:\windows\system32\runtimebroker.exe
FirewallRules: [TCP Query User{2443CD54-787F-4F57-8EDA-EC5EAF5F3F50}C:\windows\system32\runtimebroker.exe] => (Block) C:\windows\system32\runtimebroker.exe
FirewallRules: [{1326D897-A4BB-4509-A247-CD724F687A1A}] => (Block) C:\koggames\herowarz\binaries\win32\mcgame-final.exe
FirewallRules: [{0D81D012-2BAC-469B-81AB-BF40A0FED2BB}] => (Block) C:\koggames\herowarz\binaries\win32\mcgame-final.exe
FirewallRules: [UDP Query User{AC8A097B-B6F4-4333-91A8-F43FA33E71E6}C:\koggames\herowarz\binaries\win32\mcgame-final.exe] => (Allow) C:\koggames\herowarz\binaries\win32\mcgame-final.exe
FirewallRules: [TCP Query User{02B69E51-3081-4FAC-8219-3770A904746B}C:\koggames\herowarz\binaries\win32\mcgame-final.exe] => (Allow) C:\koggames\herowarz\binaries\win32\mcgame-final.exe
FirewallRules: [UDP Query User{3499D0D5-46E8-4843-A1C3-B66DCD33CB15}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe
FirewallRules: [TCP Query User{52CCB1E6-D2FE-4E2D-9589-D78C1B79C8CF}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe
FirewallRules: [UDP Query User{1FA03D48-E2FC-4D7A-A6E9-441DA4BE002A}C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe
FirewallRules: [TCP Query User{B0F091FE-7882-48A9-9509-F2C05A9A817B}C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe
FirewallRules: [{C037A078-888C-4BFC-A276-D35C88642CD8}] => (Block) C:\program files (x86)\steam\steamapps\common\paladins\binaries\win32\paladins.exe
FirewallRules: [{E0BF8D76-756D-4B23-BD6C-A728117BFFF7}] => (Block) C:\program files (x86)\steam\steamapps\common\paladins\binaries\win32\paladins.exe
FirewallRules: [UDP Query User{43153AFB-5C20-45B7-8559-F503C9271991}C:\program files (x86)\steam\steamapps\common\paladins\binaries\win32\paladins.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\paladins\binaries\win32\paladins.exe
FirewallRules: [TCP Query User{86BF7B1D-D92C-4746-88DF-457AC7223A78}C:\program files (x86)\steam\steamapps\common\paladins\binaries\win32\paladins.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\paladins\binaries\win32\paladins.exe
FirewallRules: [{D6834434-89D6-4D1A-A885-050F8790E433}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Paladins\Binaries\Win32\HirezBridge.exe
FirewallRules: [{C913CE2F-E7F1-4061-BA0B-BA485AF5DB9D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Paladins\Binaries\Win32\HirezBridge.exe
FirewallRules: [{E3FB8619-FB4A-4EF9-A27B-F65152035D46}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\MapleStory\nxsteam.exe
FirewallRules: [{656FA36A-1890-44BC-9D95-C3A2883F688E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\MapleStory\nxsteam.exe
FirewallRules: [{5BF40A91-A378-4684-AEF2-BB063F020A98}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Magicka 2 beta\engine\Magicka2.exe
FirewallRules: [{A7B5BBDE-A9AA-46EB-846D-13C250DADA3D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Magicka 2 beta\engine\Magicka2.exe
FirewallRules: [{D9B67279-7E40-4F4A-802A-4A588BBC082B}] => (Allow) C:\Program Files (x86)\iTunes\iTunes.exe
FirewallRules: [{DBDA50EF-724D-4448-93F3-3FC1EE64DDD3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Hammerwatch\editor\HammerEditor.exe
FirewallRules: [{8F70CEC8-FABA-4071-AA0E-CD7841558B61}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Hammerwatch\editor\HammerEditor.exe
FirewallRules: [{C2C3B0CB-0116-4241-B208-39C71063A5C9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Hammerwatch\Hammerwatch.exe
FirewallRules: [{1223415E-CCEC-40E6-BC1F-7E8C63437FF5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Hammerwatch\Hammerwatch.exe
FirewallRules: [{E9316707-4D10-4570-B3C1-64CC56E16D29}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{DBF85C5E-DBB6-4240-8643-C510165F2F86}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{58BC420F-3E97-4881-8E06-06BF6E6EDB9B}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{FF14807B-5534-49FB-AFAE-0D3FB50D6F3C}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{B270F95D-77E5-4FD3-9510-CEAA66D29F8B}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{E915D3E4-AC01-4BDE-AAAB-AA837AE372FE}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{8D2068B4-A2DC-4A77-88BC-43F5B5AB0AA6}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Prince of Persia Sands of Time\POP.EXE
FirewallRules: [{1E3FBBBA-7BC9-46CF-9D60-DBB6BB530520}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Prince of Persia Sands of Time\POP.EXE
FirewallRules: [{93B0BAF7-6181-4F11-8F60-135866AB9F7E}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Prince of Persia Sands of Time\PrinceOfPersia.EXE
FirewallRules: [{BED9EE1A-AA99-47FD-B188-E13BE5B1C6A8}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Prince of Persia Sands of Time\PrinceOfPersia.EXE
FirewallRules: [{DDC0B08A-2B1B-48A7-A7EC-E74FBE5FCECF}] => (Block) C:\program files (x86)\overwatch\overwatch.exe
FirewallRules: [{E3219C40-2927-430F-94F2-D747B817011D}] => (Block) C:\program files (x86)\overwatch\overwatch.exe
FirewallRules: [UDP Query User{EA4368C8-94E7-43F8-BDAB-D5E1EF77E42E}C:\program files (x86)\overwatch\overwatch.exe] => (Allow) C:\program files (x86)\overwatch\overwatch.exe
FirewallRules: [TCP Query User{216026C5-E1FD-467C-B5E9-30C9CD810C3B}C:\program files (x86)\overwatch\overwatch.exe] => (Allow) C:\program files (x86)\overwatch\overwatch.exe
FirewallRules: [{C1D26162-5486-4AAB-A4FC-5AD8B41A56F4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Portal 2\portal2.exe
FirewallRules: [{44D905BF-F445-426C-B5E5-4E63445F781C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Portal 2\portal2.exe
FirewallRules: [{543DFBB4-ED10-40B2-9F79-2AEDC7519C0C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\how do you Do It\how_do_you_Do_It\how do you Do It.exe
FirewallRules: [{446615AE-0C44-4C96-B9CE-4AED8C0ABA96}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\how do you Do It\how_do_you_Do_It\how do you Do It.exe
FirewallRules: [{A7CD8231-63DA-41D0-AB50-77AE31B82E49}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Magicka 2\engine\Magicka2.exe
FirewallRules: [{B6CA7646-7527-4A30-8B43-970774FC2914}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Magicka 2\engine\Magicka2.exe
FirewallRules: [{1B5C65A4-6E25-4067-BA91-ABE2881C86CA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\You Have to Win the Game\TheGame.exe
FirewallRules: [{EF503A09-A923-42AF-88C5-A0CB0F5F2AFC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\You Have to Win the Game\TheGame.exe
FirewallRules: [{C306D8F2-08E9-4352-9BD9-1566E1B6F00E}] => (Block) C:\program files (x86)\steam\steamapps\common\happywars\happywars.exe
FirewallRules: [{FDCCBDBD-618F-4945-BA2E-7EF6773BC1E9}] => (Block) C:\program files (x86)\steam\steamapps\common\happywars\happywars.exe
FirewallRules: [UDP Query User{AAD55263-81E1-452C-9017-96DE488C2D93}C:\program files (x86)\steam\steamapps\common\happywars\happywars.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\happywars\happywars.exe
FirewallRules: [TCP Query User{3BF9B90D-AC7C-495A-91CE-3E0D037C4231}C:\program files (x86)\steam\steamapps\common\happywars\happywars.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\happywars\happywars.exe
FirewallRules: [{D491C641-AC8C-4863-85FC-6B76EE8BD633}] => (Allow) C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv.exe
FirewallRules: [{B718867A-AD82-42B7-9B92-0DB095591DF9}] => (Allow) C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv.exe
FirewallRules: [{17D26F6D-B44E-4250-A90F-3D5D2748DF57}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Team Fortress 2\hl2.exe
FirewallRules: [{8FF985F6-BA90-4E34-8874-9954F15CD179}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Team Fortress 2\hl2.exe
FirewallRules: [{C2E0185A-45D9-43AC-B3FA-F2DC77FBAA3C}] => (Block) C:\program files (x86)\steam\steamapps\common\magickawizardwars\bitsquid_win32_dev.exe
FirewallRules: [{29F67E73-3F62-4148-84E0-AA15D5DA1FC5}] => (Block) C:\program files (x86)\steam\steamapps\common\magickawizardwars\bitsquid_win32_dev.exe
FirewallRules: [UDP Query User{8F5D4997-5A0C-4F79-8CFE-898C5E4CF6B4}C:\program files (x86)\steam\steamapps\common\magickawizardwars\bitsquid_win32_dev.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\magickawizardwars\bitsquid_win32_dev.exe
FirewallRules: [TCP Query User{96AA9444-9A35-4828-A3D3-0529D9FDCFF1}C:\program files (x86)\steam\steamapps\common\magickawizardwars\bitsquid_win32_dev.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\magickawizardwars\bitsquid_win32_dev.exe
FirewallRules: [UDP Query User{BD47D33D-DC06-4DE4-A1E5-08906B901D47}C:\program files (x86)\videolan\vlc\vlc.exe] => (Block) C:\program files (x86)\videolan\vlc\vlc.exe
FirewallRules: [TCP Query User{AE706586-C393-4A59-B939-2D869051D9F9}C:\program files (x86)\videolan\vlc\vlc.exe] => (Block) C:\program files (x86)\videolan\vlc\vlc.exe
FirewallRules: [{8123619F-27A4-41F9-A55D-9D319DF978BF}] => (Block) C:\program files (x86)\steam\steamapps\common\don't starve together\bin\dontstarve_dedicated_server_nullrenderer.exe
FirewallRules: [{DDFA04B8-5D71-427F-BCD3-F6B00941F4B3}] => (Block) C:\program files (x86)\steam\steamapps\common\don't starve together\bin\dontstarve_dedicated_server_nullrenderer.exe
FirewallRules: [UDP Query User{FA4E73F1-BAAE-4014-A0C9-00554C66E9A5}C:\program files (x86)\steam\steamapps\common\don't starve together\bin\dontstarve_dedicated_server_nullrenderer.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\don't starve together\bin\dontstarve_dedicated_server_nullrenderer.exe
FirewallRules: [TCP Query User{A686BD55-8BD8-4317-81C9-532760F6BB54}C:\program files (x86)\steam\steamapps\common\don't starve together\bin\dontstarve_dedicated_server_nullrenderer.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\don't starve together\bin\dontstarve_dedicated_server_nullrenderer.exe
FirewallRules: [{A86E9B9D-01CB-457A-B0AB-E26549E27721}] => (Block) C:\steamcmd\steamapps\common\don't starve together dedicated server\bin\dontstarve_dedicated_server_nullrenderer.exe
FirewallRules: [{B3A827CF-4190-46CE-BCCE-8723E197EFE7}] => (Block) C:\steamcmd\steamapps\common\don't starve together dedicated server\bin\dontstarve_dedicated_server_nullrenderer.exe
FirewallRules: [UDP Query User{6403B887-C29B-449E-A5C9-95CB31B874A2}C:\steamcmd\steamapps\common\don't starve together dedicated server\bin\dontstarve_dedicated_server_nullrenderer.exe] => (Allow) C:\steamcmd\steamapps\common\don't starve together dedicated server\bin\dontstarve_dedicated_server_nullrenderer.exe
FirewallRules: [TCP Query User{69A5D617-FBC7-4B1D-B10B-221589FFB057}C:\steamcmd\steamapps\common\don't starve together dedicated server\bin\dontstarve_dedicated_server_nullrenderer.exe] => (Allow) C:\steamcmd\steamapps\common\don't starve together dedicated server\bin\dontstarve_dedicated_server_nullrenderer.exe
FirewallRules: [{11310F05-A91E-4325-BEE1-0347068F75DB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Brawlhalla\Brawlhalla.exe
FirewallRules: [{F3224F42-B810-410C-A698-64E7AFDDDA7B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Brawlhalla\Brawlhalla.exe
FirewallRules: [{19152FFF-AB2D-4894-BBDF-DC67F412731F}] => (Block) C:\program files (x86)\steam\steamapps\common\terraria\terrariaserver.exe
FirewallRules: [{BAA290AE-6446-4E3D-9B34-7E554441F761}] => (Block) C:\program files (x86)\steam\steamapps\common\terraria\terrariaserver.exe
FirewallRules: [UDP Query User{4D6C70A4-DC49-472A-AF25-E6BFF3362409}C:\program files (x86)\steam\steamapps\common\terraria\terrariaserver.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\terraria\terrariaserver.exe
FirewallRules: [TCP Query User{E49DF392-8E67-4D84-B932-26C12F800923}C:\program files (x86)\steam\steamapps\common\terraria\terrariaserver.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\terraria\terrariaserver.exe
FirewallRules: [{26B194E2-F697-4ED0-941B-4D1CA4BEA704}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Relic Hunters Zero\RelicHuntersZero.exe
FirewallRules: [{C299E1C5-5FB0-44EE-AB60-B32B7C82CFAC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Relic Hunters Zero\RelicHuntersZero.exe
FirewallRules: [{92EF681F-71BF-4C44-9B91-B42F58754D0C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Skyrim\skse_steam_boot.exe
FirewallRules: [{83B3BC75-4A81-4974-9E15-EB11374B7241}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Skyrim\skse_steam_boot.exe
FirewallRules: [{05597ECF-44B6-4090-A371-4CD531DBB373}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\MagickaWizardWars\WizardWarsLauncher.exe
FirewallRules: [{0E758609-3C19-4481-8A63-5BB7814E1E19}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\MagickaWizardWars\WizardWarsLauncher.exe
FirewallRules: [{77ECEFAE-D21B-49F9-BA9B-D3565681BE6D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Magicka\Magicka.exe
FirewallRules: [{6AE660FF-3E0B-4289-B7D1-5C6FBFFD464A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Magicka\Magicka.exe
FirewallRules: [{140F1A61-EBF4-46F2-9FF2-DD75E074046A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [{8A74F02C-8EB6-4725-9992-42857B618F3B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [{B764CC17-4E28-45EA-BC53-15B8B5D2823E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{23B30BFB-0CC2-4B52-BDF7-1EBDAD4C871D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{99E38E8B-2F8B-4DEC-A436-58DE805810E4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Path of Exile\PathOfExileSteam.exe
FirewallRules: [{22A5E9AB-0017-41C4-9812-131AD7A15CCA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Path of Exile\PathOfExileSteam.exe
FirewallRules: [{C5CD4752-0A76-4E88-A250-21C46C6B51AE}] => (Allow) C:\Users\Nick\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{83ADAE84-CA85-4B25-906B-8D71B0166176}] => (Allow) C:\Users\Nick\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{B84B5A9D-F90B-4C55-BA5A-8815964DEAB5}] => (Allow) C:\Users\Nick\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{EF83ED09-8C7B-44C7-8B28-B401E9ABF325}] => (Allow) C:\Users\Nick\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{68FDC33E-462B-4CEF-B00A-1007BD5F7B64}] => (Allow) C:\Users\Nick\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{B7F476F6-001C-443C-AFF6-2F2349852BAF}] => (Allow) C:\Users\Nick\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{AEEA3E3F-FF9A-4511-9B9D-8913287676AF}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{7DA80BBA-4EE6-4A84-A904-4684DA1ACE4E}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{37CB5903-7DE8-47A2-8E7B-1F3236D6F735}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\Movie\PowerDVD Cinema\PowerDVDCinema.exe
FirewallRules: [{131C24DF-B8EF-42D3-8A6D-20A3E1DAE834}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\Movie\PowerDVDMovie.exe
FirewallRules: [{8917183E-E38A-4E36-9604-C451B386D270}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\PowerDVD14Agent.exe
FirewallRules: [{5C42D9F3-D651-420A-81AF-683A33262280}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\Kernel\DMS\CLMSServerPDVD14.exe
FirewallRules: [{D46B11CF-BAB8-46E9-A37F-6B47B4609BFA}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\PowerDVD.exe
FirewallRules: [{5CA9C5F2-A1DC-4A25-B193-98C7A9438D0A}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPSOCKSVC.exe
FirewallRules: [TCP Query User{63DAC87B-A008-45E9-ADC9-E03E7CD4F722}C:\program files (x86)\steam\steamapps\common\hungerdungeon\hungerdungeon.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\hungerdungeon\hungerdungeon.exe
FirewallRules: [UDP Query User{92F56408-F416-418B-BDCC-255B233CCCC1}C:\program files (x86)\steam\steamapps\common\hungerdungeon\hungerdungeon.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\hungerdungeon\hungerdungeon.exe
FirewallRules: [TCP Query User{D30B6E9C-3941-4DAF-B122-B30ECB027676}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{D890BA19-1313-4030-B9FD-A3749EF555A0}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [{B144D090-F56A-4C6C-A18A-47E7AA3ACAB1}] => (Allow) C:\Riot Games\League of Legends\lol.launcher.exe
FirewallRules: [{60483323-14BB-48F4-A362-CA41B260D852}] => (Allow) C:\Riot Games\League of Legends\lol.launcher.exe
FirewallRules: [{870F74B6-C86B-4B19-BAEF-AF8C5FB83CC8}] => (Allow) C:\Riot Games\League of Legends\lol.launcher.exe
FirewallRules: [{B3A5F4C9-F1E9-442E-B422-B260548F675C}] => (Allow) C:\Riot Games\League of Legends\lol.launcher.exe
FirewallRules: [{7EFF8822-62EC-4A4B-8DF6-31CFB49805C6}] => (Allow) C:\Riot Games\League of Legends\lol.launcher.admin.exe
FirewallRules: [{428D005C-D558-47AF-A2A0-E940DFE43FA6}] => (Allow) C:\Riot Games\League of Legends\lol.launcher.admin.exe
FirewallRules: [{90135BD7-E349-409B-AD2C-B8750304DFE9}] => (Allow) C:\Riot Games\League of Legends\lol.launcher.admin.exe
FirewallRules: [{33CEF2E1-1258-4050-8D52-56C5D4D6B61B}] => (Allow) C:\Riot Games\League of Legends\lol.launcher.admin.exe
FirewallRules: [{FE14F790-63A4-4A24-9703-D077C64D7822}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Path of Exile\PathOfExile_x64Steam.exe
FirewallRules: [{91AC6656-3ED3-4AAE-AFF4-2617AFB18FFD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Path of Exile\PathOfExile_x64Steam.exe
FirewallRules: [TCP Query User{197303E0-B964-48C6-9E60-0E51205AF5BB}C:\flockmod-tablet\flockmod-tablet.exe] => (Allow) C:\flockmod-tablet\flockmod-tablet.exe
FirewallRules: [UDP Query User{082EC317-B2BA-4BFB-9204-5ED51D4B8B5D}C:\flockmod-tablet\flockmod-tablet.exe] => (Allow) C:\flockmod-tablet\flockmod-tablet.exe
FirewallRules: [{809E9A15-44D9-457F-B8EF-B99965609B38}] => (Block) C:\flockmod-tablet\flockmod-tablet.exe
FirewallRules: [{358C6D18-011F-4296-B0F8-01F380152952}] => (Block) C:\flockmod-tablet\flockmod-tablet.exe
FirewallRules: [{39BC6093-6994-437C-A6ED-854010582E94}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{60FD082D-3304-4B9F-A4A5-6B0EE20C19F4}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{2484F83A-A488-4182-B07C-66A0E79203D0}] => (Allow) C:\Users\Nick\AppData\Local\Warframe\Downloaded\Public\Tools\Launcher.exe
FirewallRules: [{F5ADEF14-629A-4521-A92C-EE2E6DFDCA58}] => (Allow) C:\Users\Nick\AppData\Local\Warframe\Downloaded\Public\Tools\Launcher.exe
FirewallRules: [{80F86C9A-0481-47D7-8243-81C28330861C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Terraria\Terraria.exe
FirewallRules: [{7B35A84B-0102-4142-B912-0122FAEB662C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Terraria\Terraria.exe
FirewallRules: [{A064F437-56E2-44CA-8E30-28597C0102B0}] => (Allow) C:\Riot Games\League of Legends\RADS\solutions\lol_game_client_sln\releases\0.0.1.167\deploy\League of Legends.exe
FirewallRules: [{9043E852-7887-40C3-8E3C-3DE71989CFB4}] => (Allow) C:\Riot Games\League of Legends\RADS\solutions\lol_game_client_sln\releases\0.0.1.167\deploy\League of Legends.exe
FirewallRules: [{FF273A47-901F-4869-B479-59DF0D6F8D4D}] => (Allow) C:\Riot Games\League of Legends\RADS\solutions\lol_game_client_sln\releases\0.0.1.167\deploy\League of Legends.exe
FirewallRules: [{ACD82FA4-7932-4D5D-9A4B-F3BE2A24C39D}] => (Allow) C:\Riot Games\League of Legends\RADS\solutions\lol_game_client_sln\releases\0.0.1.167\deploy\League of Legends.exe
FirewallRules: [TCP Query User{4C725262-55EA-4C27-AA29-43B978E84124}C:\program files (x86)\flockmod-tablet\flockmod-tablet.exe] => (Allow) C:\program files (x86)\flockmod-tablet\flockmod-tablet.exe
FirewallRules: [UDP Query User{3D353FB4-AEC7-4931-9273-C474155A5A6D}C:\program files (x86)\flockmod-tablet\flockmod-tablet.exe] => (Allow) C:\program files (x86)\flockmod-tablet\flockmod-tablet.exe
FirewallRules: [{8EC9771C-CCC2-4FF0-8903-F76C4CC0E5B3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\GarrysMod\hl2.exe
FirewallRules: [{2D9D8E52-8584-48AD-9BA3-E9FA65DE2341}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\GarrysMod\hl2.exe
FirewallRules: [{0DFC39C5-CACF-4640-9B9E-294ECE31ACD2}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{21B24435-ECC1-47D0-AA85-6370A4D20E70}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{37C34656-6CB9-46BD-8348-1576CD2793AC}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{BBF4E663-6FA6-4EEE-9DBC-BCC9F9D16833}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [TCP Query User{4B08DD40-BEA7-4993-9839-E0D2D34E69E6}C:\users\nick\appdata\local\temp\rar$exa0.407\roguechecker.exe] => (Allow) C:\users\nick\appdata\local\temp\rar$exa0.407\roguechecker.exe
FirewallRules: [UDP Query User{D3C5D5FC-1A90-4C16-A549-375C539A365C}C:\users\nick\appdata\local\temp\rar$exa0.407\roguechecker.exe] => (Allow) C:\users\nick\appdata\local\temp\rar$exa0.407\roguechecker.exe
FirewallRules: [TCP Query User{F3C14044-A30F-4370-BD94-1FFAB7191A5B}C:\users\nick\appdata\local\temp\rar$exa0.297\roguechecker.exe] => (Allow) C:\users\nick\appdata\local\temp\rar$exa0.297\roguechecker.exe
FirewallRules: [UDP Query User{CDD9DDE5-D00C-4866-8150-8A0A9E06B82E}C:\users\nick\appdata\local\temp\rar$exa0.297\roguechecker.exe] => (Allow) C:\users\nick\appdata\local\temp\rar$exa0.297\roguechecker.exe
FirewallRules: [TCP Query User{2345DC72-3CF8-4428-95AB-C7EF39D63F4E}C:\users\nick\appdata\local\temp\rar$exa0.324\dhcpfind.exe] => (Allow) C:\users\nick\appdata\local\temp\rar$exa0.324\dhcpfind.exe
FirewallRules: [UDP Query User{892829EE-4DE5-47C9-B091-F909280E9F0B}C:\users\nick\appdata\local\temp\rar$exa0.324\dhcpfind.exe] => (Allow) C:\users\nick\appdata\local\temp\rar$exa0.324\dhcpfind.exe
FirewallRules: [TCP Query User{02DCB7D7-224C-4A08-9298-946AB9AE9A45}C:\users\nick\appdata\local\temp\rar$exa0.332\dhcpfind.exe] => (Allow) C:\users\nick\appdata\local\temp\rar$exa0.332\dhcpfind.exe
FirewallRules: [UDP Query User{F845EB4D-9471-4495-9635-659D03E6655B}C:\users\nick\appdata\local\temp\rar$exa0.332\dhcpfind.exe] => (Allow) C:\users\nick\appdata\local\temp\rar$exa0.332\dhcpfind.exe
FirewallRules: [TCP Query User{DC00B0D2-FC9D-4E30-AC56-71F4E6F91F45}C:\users\nick\appdata\local\temp\rar$exa0.279\roguechecker.exe] => (Allow) C:\users\nick\appdata\local\temp\rar$exa0.279\roguechecker.exe
FirewallRules: [UDP Query User{5E3B667F-C26E-4B9F-BB3F-97757DE9D905}C:\users\nick\appdata\local\temp\rar$exa0.279\roguechecker.exe] => (Allow) C:\users\nick\appdata\local\temp\rar$exa0.279\roguechecker.exe
FirewallRules: [TCP Query User{F7878540-3190-4941-8CAE-EE868763438B}C:\users\nick\appdata\local\temp\rar$exa0.532\roguechecker.exe] => (Allow) C:\users\nick\appdata\local\temp\rar$exa0.532\roguechecker.exe
FirewallRules: [UDP Query User{3E81CDDE-CFA8-4EE2-BF52-45D5ED871D8F}C:\users\nick\appdata\local\temp\rar$exa0.532\roguechecker.exe] => (Allow) C:\users\nick\appdata\local\temp\rar$exa0.532\roguechecker.exe
FirewallRules: [{FA329F86-7294-45F9-9D2E-57F46F2F9DF3}] => (Allow) C:\Program Files (x86)\Opera\45.0.2552.898\opera.exe
FirewallRules: [{AF91CAE6-7A80-4157-83EE-94CA71E69B1C}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{2522A6AD-247B-4C66-B688-5C0DFEF93DD5}] => (Allow) C:\Program Files\DAUM\PotPlayer\PotPlayerMini64.exe
FirewallRules: [{1F307334-8D8C-42F6-9B9B-3E297A866DE9}] => (Allow) C:\Program Files\DAUM\PotPlayer\PotPlayerMini64.exe
FirewallRules: [{DFCB4AD3-5256-4662-9CD2-F0C8946CAFA3}] => (Allow) C:\Program Files (x86)\Opera\46.0.2597.32\opera.exe
FirewallRules: [{82A59E80-C42B-4EA1-9121-85A61B81FC18}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Don't Starve Together\bin\dontstarve_steam.exe
FirewallRules: [{C6866D1C-6A8D-434E-8C90-4E31DB2CAE2C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Don't Starve Together\bin\dontstarve_steam.exe
FirewallRules: [{0A1E9E09-8954-461F-B47A-18E73CAE6E9E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Kindergarten\Kindergarten.exe
FirewallRules: [{C5014D75-8BFC-4BFC-8E71-B9ABBCD62B62}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Kindergarten\Kindergarten.exe
FirewallRules: [{A52329E9-7161-471E-A81A-F985DBE97692}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dont_starve\bin\dontstarve_steam.exe
FirewallRules: [{9E0AF4EE-42DE-4E2C-B0C1-883474C9152D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dont_starve\bin\dontstarve_steam.exe
FirewallRules: [{D075AE59-322B-4EC8-A135-B188495BC4F2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [{70A76F5D-7DD7-433A-8581-3B076EA622B9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [{1BC253F7-1982-48DD-89C8-660D14123E27}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\HeroSiege\bin\Hero_Siege.exe
FirewallRules: [{4F5A5ADE-8A3D-4E12-B375-4927A4E043A3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\HeroSiege\bin\Hero_Siege.exe
FirewallRules: [{6A5A05FA-E84E-4FCF-8043-5AE1C7AF0723}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.exe
FirewallRules: [{2D74EB7E-7E8A-409C-8DE7-9B6CD0F89AE2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.x64.exe
FirewallRules: [{AD75F66E-0293-4569-8060-4ED4004755C6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.exe
FirewallRules: [{6FC5DBDB-5BE3-4096-B3C5-01E97EFAF261}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.x64.exe
FirewallRules: [{3527C5A5-B86A-4041-AB4A-85732460478E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Tools\Launcher.exe
FirewallRules: [{ED52AC99-F34F-4F29-A6FA-F88D01466F3F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Tools\RemoteCrashSender.exe
FirewallRules: [{24D908F8-4B8F-4E73-A28F-764F397192A6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.exe
FirewallRules: [{3CB67D12-6C82-4C7C-A2C2-45DEF8039C9B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.x64.exe
FirewallRules: [{F3F12C38-7A0B-4E72-A61B-DF4D6F69BEED}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.exe
FirewallRules: [{7EEFD1BE-93A0-490B-AD43-43C16F727F45}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.x64.exe
FirewallRules: [{7208450B-337F-4DF1-A2A2-AD1525117AC5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Tools\Launcher.exe
FirewallRules: [{CEB0FE71-FFD7-4657-8F1D-898B1FEDDB4F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Tools\RemoteCrashSender.exe

==================== Restore Points =========================

29-06-2017 21:29:09 Removed Realtek Ethernet Controller Driver

==================== Faulty Device Manager Devices =============

Name: Remote Desktop Device Redirector Bus
Description: Remote Desktop Device Redirector Bus
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: rdpbus
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (07/07/2017 01:27:47 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: NICK)
Description: Activation of app Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI failed with error: -2147024629 See the Microsoft-Windows-TWinUI/Operational log for additional information.

Error: (07/06/2017 10:00:48 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: NICK)
Description: Activation of app Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI failed with error: -2147024629 See the Microsoft-Windows-TWinUI/Operational log for additional information.

Error: (07/06/2017 10:00:18 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: NICK)
Description: Activation of app Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI failed with error: -2147024629 See the Microsoft-Windows-TWinUI/Operational log for additional information.

Error: (07/06/2017 09:48:46 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: NICK)
Description: Activation of app Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI failed with error: -2147024629 See the Microsoft-Windows-TWinUI/Operational log for additional information.

Error: (07/06/2017 09:43:16 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: NICK)
Description: Activation of app Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI failed with error: -2147024629 See the Microsoft-Windows-TWinUI/Operational log for additional information.

Error: (07/06/2017 09:42:29 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: NICK)
Description: Activation of app Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI failed with error: -2147024629 See the Microsoft-Windows-TWinUI/Operational log for additional information.

Error: (07/06/2017 09:41:59 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: NICK)
Description: Activation of app Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI failed with error: -2147024629 See the Microsoft-Windows-TWinUI/Operational log for additional information.

Error: (07/06/2017 09:30:50 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: NICK)
Description: Activation of app Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI failed with error: -2147024629 See the Microsoft-Windows-TWinUI/Operational log for additional information.

Error: (07/06/2017 09:10:59 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Activation context generation failed for "C:\Program Files (x86)\Audacity\audacity.exe".Error in manifest or policy file "" on line .
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.953_none_42151e83c686086b.manifest.
Component 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.953_none_89c2555adb023171.manifest.

Error: (07/06/2017 04:27:24 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: NICK)
Description: Activation of app Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI failed with error: -2147024629 See the Microsoft-Windows-TWinUI/Operational log for additional information.


System errors:
=============
Error: (07/07/2017 01:27:47 PM) (Source: DCOM) (EventID: 10001) (User: NICK)
Description: Unable to start a DCOM Server: CortanaUI.AppX360dyffbd5crx5cph6sy881bkkccrbr0.mca as Unavailable/Unavailable. The error:
"267"
Happened while starting this command:
"C:\WINDOWS\system32\backgroundTaskHost.exe" -ServerName:CortanaUI.AppXy7vb4pc2dr3kc93kfc509b1d0arkfb2x.mca

Error: (07/07/2017 10:02:45 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (07/06/2017 10:00:48 PM) (Source: DCOM) (EventID: 10001) (User: NICK)
Description: Unable to start a DCOM Server: CortanaUI.AppXtpp90jhw9p0njjb85kvhxpppgrqfp117.mca as Unavailable/Unavailable. The error:
"267"
Happened while starting this command:
"C:\WINDOWS\system32\backgroundTaskHost.exe" -ServerName:CortanaUI.AppXy7vb4pc2dr3kc93kfc509b1d0arkfb2x.mca

Error: (07/06/2017 10:00:18 PM) (Source: DCOM) (EventID: 10001) (User: NICK)
Description: Unable to start a DCOM Server: CortanaUI.AppXtpp90jhw9p0njjb85kvhxpppgrqfp117.mca as Unavailable/Unavailable. The error:
"267"
Happened while starting this command:
"C:\WINDOWS\system32\backgroundTaskHost.exe" -ServerName:CortanaUI.AppXy7vb4pc2dr3kc93kfc509b1d0arkfb2x.mca

Error: (07/06/2017 09:48:46 PM) (Source: DCOM) (EventID: 10001) (User: NICK)
Description: Unable to start a DCOM Server: CortanaUI.AppXtpp90jhw9p0njjb85kvhxpppgrqfp117.mca as Unavailable/Unavailable. The error:
"267"
Happened while starting this command:
"C:\WINDOWS\system32\backgroundTaskHost.exe" -ServerName:CortanaUI.AppXy7vb4pc2dr3kc93kfc509b1d0arkfb2x.mca

Error: (07/06/2017 09:43:16 PM) (Source: DCOM) (EventID: 10001) (User: NICK)
Description: Unable to start a DCOM Server: CortanaUI as Unavailable/Unavailable. The error:
"267"
Happened while starting this command:
"C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe" -ServerName:CortanaUI.AppXa50dqqa5gqv4a428c9y1jjw7m3btvepj.mca

Error: (07/06/2017 09:42:29 PM) (Source: DCOM) (EventID: 10001) (User: NICK)
Description: Unable to start a DCOM Server: CortanaUI.AppXtpp90jhw9p0njjb85kvhxpppgrqfp117.mca as Unavailable/Unavailable. The error:
"267"
Happened while starting this command:
"C:\WINDOWS\system32\backgroundTaskHost.exe" -ServerName:CortanaUI.AppXy7vb4pc2dr3kc93kfc509b1d0arkfb2x.mca

Error: (07/06/2017 09:41:59 PM) (Source: DCOM) (EventID: 10001) (User: NICK)
Description: Unable to start a DCOM Server: CortanaUI.AppXtpp90jhw9p0njjb85kvhxpppgrqfp117.mca as Unavailable/Unavailable. The error:
"267"
Happened while starting this command:
"C:\WINDOWS\system32\backgroundTaskHost.exe" -ServerName:CortanaUI.AppXy7vb4pc2dr3kc93kfc509b1d0arkfb2x.mca

Error: (07/06/2017 09:30:50 PM) (Source: DCOM) (EventID: 10001) (User: NICK)
Description: Unable to start a DCOM Server: CortanaUI.AppXtpp90jhw9p0njjb85kvhxpppgrqfp117.mca as Unavailable/Unavailable. The error:
"267"
Happened while starting this command:
"C:\WINDOWS\system32\backgroundTaskHost.exe" -ServerName:CortanaUI.AppXy7vb4pc2dr3kc93kfc509b1d0arkfb2x.mca

Error: (07/06/2017 09:14:30 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 4003) (User: NT AUTHORITY)
Description: WLAN AutoConfig detected limit connectivity, performing Reset/Recover.adapter.

Code: 8 0x0 0x0


CodeIntegrity:
===================================
Date: 2017-05-13 11:02:37.268
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2017-05-13 11:02:37.246
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2017-05-02 09:42:35.260
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\amdihk64.dll that did not meet the Store signing level requirements.

Date: 2017-04-27 16:05:17.906
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\amdihk64.dll that did not meet the Store signing level requirements.

Date: 2017-03-28 12:56:20.807
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\amdihk64.dll that did not meet the Store signing level requirements.

Date: 2017-03-28 12:56:20.525
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\amdihk64.dll that did not meet the Store signing level requirements.


==================== Memory info ===========================

Processor: AMD A6-5200 APU with Radeon(TM) HD Graphics
Percentage of memory in use: 85%
Total physical RAM: 3537.01 MB
Available physical RAM: 523.46 MB
Total Virtual: 5138.74 MB
Available Virtual: 1066.79 MB

==================== Drives ================================

Drive c: (Windows) (Fixed) (Total:444.61 GB) (Free:98.4 GB) NTFS
Drive d: (RECOVERY) (Fixed) (Total:20.06 GB) (Free:2.34 GB) NTFS ==>[system with boot components (obtained from drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 7198C9C0)

Partition: GPT.

==================== End of Addition.txt ============================

 

[Broni]

What do you mean by "pause this for the moment"?

 

[Balanced]

I wanted to see if it would happen again but it would be safer if I just continued.
just ignore that.

 

[Broni]

Download RogueKiller from one of the following links and save it to your Desktop:

Link 1
Link 2

• Close all the running programs
• Double click on downloaded setup.exe file to install the program.
• Click on Start Scan button.
• Click on another Start Scan button.
• Wait until the Status box shows Scan Finished
• Click on Delete.
• Wait until the Status box shows Deleting Finished.
• Click on Report and copy/paste the content of the Notepad into your next reply.
• RKreport.txt could also be found on your desktop.
• If more than one log is produced post all logs.

Please download Malwarebytes to your desktop.

• Double-click mb3-setup-consumer-{version}.exe and follow the prompts to install the program.
• Then click Finish.
• Once the program has fully updated, select Scan Now on the Dashboard. Or select the Threat Scan from the Scan menu.
• If another update of the definitions is available, it will be implemented before the rest of the scanning procedure.
• When the scan is complete, make sure that all Threats are selected, and click Remove Selected.
• Restart your computer when prompted to do so.
• The Scan log is available throughout History ->Application logs. Please post it contents in your next reply.

Please download AdwCleaner by Xplode and save to your Desktop.

• Double click on AdwCleaner.exe to run the tool.
  Vista/Windows 7/8 users right-click and select Run As Administrator
• The tool will start to update the database if one is required.
• Click on the Scan button.
• AdwCleaner will begin...be patient as the scan may take some time to complete.
• After the scan has finished, click on the Logfile button.
• A window will open which lists the logs of your scans.
• Click on the Scan tab.
• Double-click the most recent scan which will be at the top of the list....the log will appear.
• Review the results...see note below
• After reviewing the log, click on the Clean button.
• Press OK when asked to close all programs and follow the onscreen prompts.
• Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
• After rebooting, a logfile report (AdwCleaner[CX].txt) will open automatically (where the largest value of X represents the most recent report).
• To open a Cleaning log, launch AdwareClearer, click on the Logfile button, click on the Cleaning tab and double-click the log at the top of the list.
• Copy and paste the contents of AdwCleaner[CX].txt in your next reply.
• A copy of all logfiles are saved to C:\AdwCleaner.

-- Note: The contents of the AdwCleaner log file may be confusing. Unless you see a program name or entry that you recognize and know should not be removed, don't worry about it. If you see an entry you want to keep, return to AdwCleaner before cleaning...all detected items will be listed (and checked) in each tab. Click on and uncheck any items you want to keep.

Please download Junkware Removal Tool to your desktop.

• Shut down your protection software now to avoid potential conflicts.
• Run the tool by double-clicking it. If you are using Windows Vista or Seven, right-mouse click it and select Run as Administrator.
• The tool will open and start scanning your system.
• Please be patient as this can take a while to complete depending on your system's specifications.
• On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
• Post the contents of JRT.txt into your next message.

 

[Balanced]

RogueKiller V12.11.6.0 (x64) [Jul 10 2017] (Free) by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : https://forum.adlice.com
Website : http://www.adlice.com/download/roguekiller/
Blog : http://www.adlice.com

Operating System : Windows 10 (10.0.14393) 64 bits version
Started in : Normal mode
User : Nick [Administrator]
Started from : C:\Program Files\RogueKiller\RogueKiller64.exe
Mode : Delete -- Date : 07/10/2017 20:18:51 (Duration : 04:23:16)
Switches : -refid

¤¤¤ Processes : 0 ¤¤¤

¤¤¤ Registry : 15 ¤¤¤
[PUP.Gen1] (X86) HKEY_LOCAL_MACHINE\Software\SlimWare Utilities Inc -> Deleted
[PUP.Gen1] (X64) HKEY_USERS\S-1-5-21-1919207557-622674961-3464858116-1002\Software\SlimWare Utilities Inc -> Deleted
[PUP.Gen1] (X86) HKEY_USERS\S-1-5-21-1919207557-622674961-3464858116-1002\Software\SlimWare Utilities Inc -> Deleted
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | TCP Query User{4B08DD40-BEA7-4993-9839-E0D2D34E69E6}C:\users\nick\appdata\local\temp\rar$exa0.407\roguechecker.exe : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\users\nick\appdata\local\temp\rar$exa0.407\roguechecker.exe|Name=roguechecker.exe|Desc=roguechecker.exe|Defer=User| [x] -> Deleted
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | UDP Query User{D3C5D5FC-1A90-4C16-A549-375C539A365C}C:\users\nick\appdata\local\temp\rar$exa0.407\roguechecker.exe : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\users\nick\appdata\local\temp\rar$exa0.407\roguechecker.exe|Name=roguechecker.exe|Desc=roguechecker.exe|Defer=User| [x] -> Deleted
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | TCP Query User{F3C14044-A30F-4370-BD94-1FFAB7191A5B}C:\users\nick\appdata\local\temp\rar$exa0.297\roguechecker.exe : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\users\nick\appdata\local\temp\rar$exa0.297\roguechecker.exe|Name=roguechecker.exe|Desc=roguechecker.exe|Defer=User| [x] -> Deleted
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | UDP Query User{CDD9DDE5-D00C-4866-8150-8A0A9E06B82E}C:\users\nick\appdata\local\temp\rar$exa0.297\roguechecker.exe : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\users\nick\appdata\local\temp\rar$exa0.297\roguechecker.exe|Name=roguechecker.exe|Desc=roguechecker.exe|Defer=User| [x] -> Deleted
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | TCP Query User{2345DC72-3CF8-4428-95AB-C7EF39D63F4E}C:\users\nick\appdata\local\temp\rar$exa0.324\dhcpfind.exe : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|Profile=Public|App=C:\users\nick\appdata\local\temp\rar$exa0.324\dhcpfind.exe|Name=dhcpfind.exe|Desc=dhcpfind.exe|Defer=User| [x] -> Deleted
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | UDP Query User{892829EE-4DE5-47C9-B091-F909280E9F0B}C:\users\nick\appdata\local\temp\rar$exa0.324\dhcpfind.exe : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|Profile=Public|App=C:\users\nick\appdata\local\temp\rar$exa0.324\dhcpfind.exe|Name=dhcpfind.exe|Desc=dhcpfind.exe|Defer=User| [x] -> Deleted
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | TCP Query User{02DCB7D7-224C-4A08-9298-946AB9AE9A45}C:\users\nick\appdata\local\temp\rar$exa0.332\dhcpfind.exe : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\users\nick\appdata\local\temp\rar$exa0.332\dhcpfind.exe|Name=dhcpfind.exe|Desc=dhcpfind.exe|Defer=User| [x] -> Deleted
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | UDP Query User{F845EB4D-9471-4495-9635-659D03E6655B}C:\users\nick\appdata\local\temp\rar$exa0.332\dhcpfind.exe : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\users\nick\appdata\local\temp\rar$exa0.332\dhcpfind.exe|Name=dhcpfind.exe|Desc=dhcpfind.exe|Defer=User| [x] -> Deleted
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | TCP Query User{DC00B0D2-FC9D-4E30-AC56-71F4E6F91F45}C:\users\nick\appdata\local\temp\rar$exa0.279\roguechecker.exe : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\users\nick\appdata\local\temp\rar$exa0.279\roguechecker.exe|Name=roguechecker.exe|Desc=roguechecker.exe|Defer=User| [x] -> Deleted
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | UDP Query User{5E3B667F-C26E-4B9F-BB3F-97757DE9D905}C:\users\nick\appdata\local\temp\rar$exa0.279\roguechecker.exe : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\users\nick\appdata\local\temp\rar$exa0.279\roguechecker.exe|Name=roguechecker.exe|Desc=roguechecker.exe|Defer=User| [x] -> Deleted
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | TCP Query User{F7878540-3190-4941-8CAE-EE868763438B}C:\users\nick\appdata\local\temp\rar$exa0.532\roguechecker.exe : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\users\nick\appdata\local\temp\rar$exa0.532\roguechecker.exe|Name=roguechecker.exe|Desc=roguechecker.exe|Defer=User| [x] -> Deleted
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | UDP Query User{3E81CDDE-CFA8-4EE2-BF52-45D5ED871D8F}C:\users\nick\appdata\local\temp\rar$exa0.532\roguechecker.exe : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\users\nick\appdata\local\temp\rar$exa0.532\roguechecker.exe|Name=roguechecker.exe|Desc=roguechecker.exe|Defer=User| [x] -> Deleted

¤¤¤ Tasks : 0 ¤¤¤

¤¤¤ Files : 9 ¤¤¤
[PUP.Gen1][Folder] C:\ProgramData\Babylon -> Deleted
[PUP.Gen1][Folder] C:\Users\Nick\AppData\Roaming\Babylon -> Deleted
[PUP.Gen1][File] C:\Users\Nick\AppData\Roaming\Babylon\log_file.txt -> Deleted
[Tr.Gen0][File] C:\Users\Nick\AppData\Roaming\uTorrent\updates\3.4.6_42178\utorrentie.exe -> Deleted
[Tr.Gen0][File] C:\Users\Nick\AppData\Roaming\uTorrent\updates\3.4.7_42330\utorrentie.exe -> Deleted
[Tr.Gen0][File] C:\Users\Nick\AppData\Roaming\uTorrent\updates\3.4.9_43388\utorrentie.exe -> Deleted
[Tr.Gen0][File] C:\Users\Nick\AppData\Roaming\uTorrent\updates\3.5.0_43580\utorrentie.exe -> Deleted
[Tr.Gen0][File] C:\Users\Nick\AppData\Roaming\uTorrent\updates\3.5.0_43804\utorrentie.exe -> Deleted
[PUP.Gen1][Folder] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc -> Deleted
[PUP.Gen1][File] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20160909T172403345288\acpi\acpi0003\cmbatt.inf -> Deleted
[PUP.Gen1][File] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20160909T172403345288\acpi\acpi0003\cmbatt.PNF -> Deleted
[PUP.Gen1][File] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20160909T172403345288\acpi\acpi0003\CmBatt.sys -> Deleted
[PUP.Gen1][Folder] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20160909T172403345288\acpi\acpi0003 -> Deleted
[PUP.Gen1][File] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20160909T172403345288\acpi\asd0001\AmdAS4.cat -> Deleted
[PUP.Gen1][File] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20160909T172403345288\acpi\asd0001\amdas4.inf -> Deleted
[PUP.Gen1][File] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20160909T172403345288\acpi\asd0001\amdas4.PNF -> Deleted
[PUP.Gen1][File] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20160909T172403345288\acpi\asd0001\AmdAS4.sys -> Deleted
[PUP.Gen1][Folder] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20160909T172403345288\acpi\asd0001 -> Deleted
[PUP.Gen1][File] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20160909T172403345288\acpi\authenticamd_-_amd64\amdppm.sys -> Deleted
[PUP.Gen1][File] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20160909T172403345288\acpi\authenticamd_-_amd64\cpu.inf -> Deleted
[PUP.Gen1][File] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20160909T172403345288\acpi\authenticamd_-_amd64\cpu.PNF -> Deleted
[PUP.Gen1][Folder] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20160909T172403345288\acpi\authenticamd_-_amd64 -> Deleted
[PUP.Gen1][File] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20160909T172403345288\acpi\hpq6001\wirelessbuttondriver.inf -> Deleted
[PUP.Gen1][File] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20160909T172403345288\acpi\hpq6001\wirelessbuttondriver.PNF -> Deleted
[PUP.Gen1][File] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20160909T172403345288\acpi\hpq6001\wirelessbuttondriver64.cat -> Deleted
[PUP.Gen1][File] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20160909T172403345288\acpi\hpq6001\WirelessButtonDriver64.sys -> Deleted
[PUP.Gen1][Folder] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20160909T172403345288\acpi\hpq6001 -> Deleted
[PUP.Gen1][File] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20160909T172403345288\acpi\pnp0c0a\cmbatt.inf -> Deleted
[PUP.Gen1][File] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20160909T172403345288\acpi\pnp0c0a\cmbatt.PNF -> Deleted
[PUP.Gen1][File] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20160909T172403345288\acpi\pnp0c0a\CmBatt.sys -> Deleted
[PUP.Gen1][Folder] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20160909T172403345288\acpi\pnp0c0a -> Deleted
[PUP.Gen1][Folder] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20160909T172403345288\acpi -> Deleted
[PUP.Gen1][File] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20160909T172403345288\acpi_hal\uefi\uefi.inf -> Deleted
[PUP.Gen1][File] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20160909T172403345288\acpi_hal\uefi\uefi.PNF -> Deleted
[PUP.Gen1][File] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20160909T172403345288\acpi_hal\uefi\uefi.sys -> Deleted
[PUP.Gen1][Folder] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20160909T172403345288\acpi_hal\uefi -> Deleted
[PUP.Gen1][Folder] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20160909T172403345288\acpi_hal -> Deleted
[PUP.Gen1][File] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20160909T172403345288\gencdrom\cdrom.inf -> Deleted
[PUP.Gen1][File] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20160909T172403345288\gencdrom\cdrom.PNF -> Deleted
[PUP.Gen1][File] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20160909T172403345288\gencdrom\cdrom.sys -> Deleted
[PUP.Gen1][Folder] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20160909T172403345288\gencdrom -> Deleted
[PUP.Gen1][File] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20160909T172403345288\gendisk\disk.inf -> Deleted
[PUP.Gen1][File] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20160909T172403345288\gendisk\disk.PNF -> Deleted
[PUP.Gen1][File] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20160909T172403345288\gendisk\disk.sys -> Deleted
[PUP.Gen1][Folder] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20160909T172403345288\gendisk -> Deleted
[PUP.Gen1][File] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20160909T172403345288\hdaudio\func_01&ven_1002&dev_aa01&subsys_00aa0100&rev_1005\AtihdWT6.cat -> Deleted
[PUP.Gen1][File] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20160909T172403345288\hdaudio\func_01&ven_1002&dev_aa01&subsys_00aa0100&rev_1005\atihdwt6.inf -> Deleted
[PUP.Gen1][File] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20160909T172403345288\hdaudio\func_01&ven_1002&dev_aa01&subsys_00aa0100&rev_1005\atihdwt6.PNF -> Deleted
[PUP.Gen1][File] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20160909T172403345288\hdaudio\func_01&ven_1002&dev_aa01&subsys_00aa0100&rev_1005\AtihdWT6.sys -> Deleted
[PUP.Gen1][File] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20160909T172403345288\hdaudio\func_01&ven_1002&dev_aa01&subsys_00aa0100&rev_1005\DelayAPO.dll -> Deleted
[PUP.Gen1][Folder] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20160909T172403345288\hdaudio\func_01&ven_1002&dev_aa01&subsys_00aa0100&rev_1005 -> Deleted
[PUP.Gen1][Folder] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20160909T172403345288\hdaudio -> Deleted
[PUP.Gen1][File] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20160909T172403345288\hid_device_system_keyboard\kbdhid.sys -> Deleted
[PUP.Gen1][File] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20160909T172403345288\hid_device_system_keyboard\keyboard.inf -> Deleted
[PUP.Gen1][File] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20160909T172403345288\hid_device_system_keyboard\keyboard.PNF -> Deleted
[PUP.Gen1][Folder] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20160909T172403345288\hid_device_system_keyboard -> Deleted
[PUP.Gen1][File] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20160909T172403345288\hid_device_system_mouse\mouclass.sys -> Deleted
[PUP.Gen1][File] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20160909T172403345288\hid_device_system_mouse\mouhid.sys -> Deleted
[PUP.Gen1][File] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20160909T172403345288\hid_device_system_mouse\msmouse.inf -> Deleted
[PUP.Gen1][File] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20160909T172403345288\hid_device_system_mouse\msmouse.PNF -> Deleted
[PUP.Gen1][Folder] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20160909T172403345288\hid_device_system_mouse -> Deleted
[PUP.Gen1][File] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20160909T172403345288\module_info -> Deleted
[PUP.Gen1][File] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20160909T172403345288\pci\cc_0403\hdaudbus.inf -> Deleted
[PUP.Gen1][File] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20160909T172403345288\pci\cc_0403\hdaudbus.PNF -> Deleted
[PUP.Gen1][File] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20160909T172403345288\pci\cc_0403\hdaudbus.sys -> Deleted
[PUP.Gen1][Folder] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20160909T172403345288\pci\cc_0403 -> Deleted
[PUP.Gen1][File] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20160909T172403345288\pci\cc_0601\machine.inf -> Deleted
[PUP.Gen1][File] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20160909T172403345288\pci\cc_0601\machine.PNF -> Deleted
[PUP.Gen1][File] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20160909T172403345288\pci\cc_0601\msisadrv.sys -> Deleted
[PUP.Gen1][Folder] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20160909T172403345288\pci\cc_0601 -> Deleted
[PUP.Gen1][File] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20160909T172403345288\pci\cc_0604\pci.inf -> Deleted
[PUP.Gen1][File] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20160909T172403345288\pci\cc_0604\pci.PNF -> Deleted
[PUP.Gen1][File] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20160909T172403345288\pci\cc_0604\pci.sys -> Deleted
[PUP.Gen1][Folder] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20160909T172403345288\pci\cc_0604 -> Deleted
[PUP.Gen1][File] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20160909T172403345288\pci\cc_080501\dumpsd.sys -> Deleted
[PUP.Gen1][File] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20160909T172403345288\pci\cc_080501\sdbus.inf -> Deleted
[PUP.Gen1][File] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20160909T172403345288\pci\cc_080501\sdbus.PNF -> Deleted
[PUP.Gen1][File] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20160909T172403345288\pci\cc_080501\sdbus.sys -> Deleted
[PUP.Gen1][Folder] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20160909T172403345288\pci\cc_080501 -> Deleted
[PUP.Gen1][File] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20160909T172403345288\pci\cc_0c0310\usbhub.sys -> Deleted
[PUP.Gen1][File] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20160909T172403345288\pci\cc_0c0310\usbohci.sys -> Deleted
[PUP.Gen1][File] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20160909T172403345288\pci\cc_0c0310\usbport.inf -> Deleted
[PUP.Gen1][File] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20160909T172403345288\pci\cc_0c0310\usbport.PNF -> Deleted
[PUP.Gen1][File] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20160909T172403345288\pci\cc_0c0310\usbport.sys -> Deleted
[PUP.Gen1][Folder] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20160909T172403345288\pci\cc_0c0310 -> Deleted
[PUP.Gen1][File] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20160909T172403345288\pci\cc_0c0320\usbehci.sys -> Deleted
[PUP.Gen1][File] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20160909T172403345288\pci\cc_0c0320\usbhub.sys -> Deleted
[PUP.Gen1][File] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20160909T172403345288\pci\cc_0c0320\usbport.inf -> Deleted
[PUP.Gen1][File] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20160909T172403345288\pci\cc_0c0320\usbport.PNF -> Deleted
[PUP.Gen1][File] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20160909T172403345288\pci\cc_0c0320\usbport.sys -> Deleted
[PUP.Gen1][Folder] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20160909T172403345288\pci\cc_0c0320 -> Deleted
[PUP.Gen1][File] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20160909T172403345288\pci\cc_0c0330\usbxhci.inf -> Deleted
[PUP.Gen1][File] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20160909T172403345288\pci\cc_0c0330\usbxhci.PNF -> Deleted
[PUP.Gen1][File] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20160909T172403345288\pci\cc_0c0330\USBXHCI.SYS -> Deleted
[PUP.Gen1][Folder] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20160909T172403345288\pci\cc_0c0330 -> Deleted
[PUP.Gen1][File] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20160909T172403345288\pci\ven_1002&cc_040300\amdkmafd.cat -> Deleted
[PUP.Gen1][File] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20160909T172403345288\pci\ven_1002&cc_040300\amdkmafd.inf -> Deleted
[PUP.Gen1][File] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20160909T172403345288\pci\ven_1002&cc_040300\amdkmafd.PNF -> Deleted
[PUP.Gen1][File] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20160909T172403345288\pci\ven_1002&cc_040300\amdkmafd.sys -> Deleted
[PUP.Gen1][Folder] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20160909T172403345288\pci\ven_1002&cc_040300 -> Deleted
[PUP.Gen1][File] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20160909T172403345288\pci\ven_1022&dev_7804&cc_0106\amdsata.inf -> Deleted
[PUP.Gen1][File] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20160909T172403345288\pci\ven_1022&dev_7804&cc_0106\amdsata.PNF -> Deleted
[PUP.Gen1][File] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20160909T172403345288\pci\ven_1022&dev_7804&cc_0106\amdsata.sys -> Deleted
[PUP.Gen1][File] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20160909T172403345288\pci\ven_1022&dev_7804&cc_0106\amdxata.sys -> Deleted
[PUP.Gen1][Folder] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20160909T172403345288\pci\ven_1022&dev_7804&cc_0106 -> Deleted
[PUP.Gen1][File] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20160909T172403345288\pci\ven_10ec&dev_8136&subsys_8137103c&rev_07\rt640x64.inf -> Deleted
[PUP.Gen1][File] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20160909T172403345288\pci\ven_10ec&dev_8136&subsys_8137103c&rev_07\rt640x64.PNF -> Deleted
[PUP.Gen1][File] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20160909T172403345288\pci\ven_10ec&dev_8136&subsys_8137103c&rev_07\rt640x64.sys -> Deleted
[PUP.Gen1][File] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20160909T172403345288\pci\ven_10ec&dev_8136&subsys_8137103c&rev_07\RtNicProp64.dll -> Deleted
[PUP.Gen1][Folder] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20160909T172403345288\pci\ven_10ec&dev_8136&subsys_8137103c&rev_07 -> Deleted
[PUP.Gen1][File] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20160909T172403345288\pci\ven_10ec&dev_8179&subsys_804b103c\netrtwlane.cat -> Deleted
[PUP.Gen1][File] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20160909T172403345288\pci\ven_10ec&dev_8179&subsys_804b103c\netrtwlane.inf -> Deleted
[PUP.Gen1][File] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20160909T172403345288\pci\ven_10ec&dev_8179&subsys_804b103c\netrtwlane.PNF -> Deleted
[PUP.Gen1][File] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20160909T172403345288\pci\ven_10ec&dev_8179&subsys_804b103c\Rtlihvs.dll -> Deleted
[PUP.Gen1][File] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20160909T172403345288\pci\ven_10ec&dev_8179&subsys_804b103c\rtwlane.sys -> Deleted
[PUP.Gen1][Folder] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20160909T172403345288\pci\ven_10ec&dev_8179&subsys_804b103c -> Deleted
[PUP.Gen1][Folder] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20160909T172403345288\pci -> Deleted
[PUP.Gen1][File] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20160909T172403345288\root\basicdisplay\basicdisplay.inf -> Deleted
[PUP.Gen1][File] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20160909T172403345288\root\basicdisplay\basicdisplay.PNF -> Deleted
[PUP.Gen1][File] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20160909T172403345288\root\basicdisplay\BasicDisplay.sys -> Deleted
[PUP.Gen1][Folder] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20160909T172403345288\root\basicdisplay -> Deleted
[PUP.Gen1][File] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20160909T172403345288\root\basicrender\basicrender.inf -> Deleted
[PUP.Gen1][File] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20160909T172403345288\root\basicrender\basicrender.PNF -> Deleted
[PUP.Gen1][File] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20160909T172403345288\root\basicrender\BasicRender.sys -> Deleted
[PUP.Gen1][Folder] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20160909T172403345288\root\basicrender -> Deleted
[PUP.Gen1][File] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20160909T172403345288\root\clwvd6\clwvd6.cat -> Deleted
[PUP.Gen1][File] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20160909T172403345288\root\clwvd6\clwvd6.inf -> Deleted
[PUP.Gen1][File] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20160909T172403345288\root\clwvd6\clwvd6.PNF -> Deleted
[PUP.Gen1][File] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20160909T172403345288\root\clwvd6\clwvd6.sys -> Deleted
[PUP.Gen1][Folder] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20160909T172403345288\root\clwvd6 -> Deleted
[PUP.Gen1][File] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20160909T172403345288\root\compositebus\compositebus.inf -> Deleted
[PUP.Gen1][File] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20160909T172403345288\root\compositebus\compositebus.PNF -> Deleted
[PUP.Gen1][File] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20160909T172403345288\root\compositebus\CompositeBus.sys -> Deleted
[PUP.Gen1][Folder] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20160909T172403345288\root\compositebus -> Deleted
[PUP.Gen1][File] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20160909T172403345288\root\kdnic\kdnic.inf -> Deleted
[PUP.Gen1][File] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20160909T172403345288\root\kdnic\kdnic.PNF -> Deleted
[PUP.Gen1][File] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20160909T172403345288\root\kdnic\kdnic.sys -> Deleted
[PUP.Gen1][Folder] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20160909T172403345288\root\kdnic -> Deleted
[PUP.Gen1][File] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20160909T172403345288\root\mssmbios\mssmbios.inf -> Deleted
[

 

[Balanced]

PUP.Gen1][File] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20160909T172403345288\root\mssmbios\mssmbios.PNF -> Deleted
[PUP.Gen1][File] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20160909T172403345288\root\mssmbios\mssmbios.sys -> Deleted
[PUP.Gen1][Folder] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20160909T172403345288\root\mssmbios -> Deleted
[PUP.Gen1][File] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20160909T172403345288\root\rdpbus\rdpbus.inf -> Deleted
[PUP.Gen1][File] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20160909T172403345288\root\rdpbus\rdpbus.PNF -> Deleted
[PUP.Gen1][File] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20160909T172403345288\root\rdpbus\rdpbus.sys -> Deleted
[PUP.Gen1][Folder] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20160909T172403345288\root\rdpbus -> Deleted
[PUP.Gen1][File] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20160909T172403345288\root\spaceport\spaceport.inf -> Deleted
[PUP.Gen1][File] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20160909T172403345288\root\spaceport\spaceport.PNF -> Deleted
[PUP.Gen1][File] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20160909T172403345288\root\spaceport\spaceport.sys -> Deleted
[PUP.Gen1][Folder] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20160909T172403345288\root\spaceport -> Deleted
[PUP.Gen1][File] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20160909T172403345288\root\swenum\streamci.dll -> Deleted
[PUP.Gen1][File] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20160909T172403345288\root\swenum\swenum.inf -> Deleted
[PUP.Gen1][File] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20160909T172403345288\root\swenum\swenum.PNF -> Deleted
[PUP.Gen1][File] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20160909T172403345288\root\swenum\swenum.sys -> Deleted
[PUP.Gen1][Folder] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20160909T172403345288\root\swenum -> Deleted
[PUP.Gen1][File] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20160909T172403345288\root\umbus\umbus.inf -> Deleted
[PUP.Gen1][File] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20160909T172403345288\root\umbus\umbus.PNF -> Deleted
[PUP.Gen1][File] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20160909T172403345288\root\umbus\umbus.sys -> Deleted
[PUP.Gen1][Folder] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20160909T172403345288\root\umbus -> Deleted
[PUP.Gen1][File] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20160909T172403345288\root\vdrvroot\vdrvroot.inf -> Deleted
[PUP.Gen1][File] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20160909T172403345288\root\vdrvroot\vdrvroot.PNF -> Deleted
[PUP.Gen1][File] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20160909T172403345288\root\vdrvroot\vdrvroot.sys -> Deleted
[PUP.Gen1][Folder] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20160909T172403345288\root\vdrvroot -> Deleted
[PUP.Gen1][File] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20160909T172403345288\root\volmgr\volmgr.inf -> Deleted
[PUP.Gen1][File] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20160909T172403345288\root\volmgr\volmgr.PNF -> Deleted
[PUP.Gen1][File] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20160909T172403345288\root\volmgr\volmgr.sys -> Deleted
[PUP.Gen1][Folder] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20160909T172403345288\root\volmgr -> Deleted
[PUP.Gen1][Folder] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20160909T172403345288\root -> Deleted
[PUP.Gen1][File] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20160909T172403345288\storage\volume\volsnap.sys -> Deleted
[PUP.Gen1][File] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20160909T172403345288\storage\volume\volume.inf -> Deleted
[PUP.Gen1][File] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20160909T172403345288\storage\volume\volume.PNF -> Deleted
[PUP.Gen1][Folder] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20160909T172403345288\storage\volume -> Deleted
[PUP.Gen1][Folder] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20160909T172403345288\storage -> Deleted
[PUP.Gen1][File] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20160909T172403345288\usb\class_03&subclass_01\hidclass.sys -> Deleted
[PUP.Gen1][File] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20160909T172403345288\usb\class_03&subclass_01\hidparse.sys -> Deleted
[PUP.Gen1][File] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20160909T172403345288\usb\class_03&subclass_01\hidusb.sys -> Deleted
[PUP.Gen1][File] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20160909T172403345288\usb\class_03&subclass_01\input.inf -> Deleted
[PUP.Gen1][File] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20160909T172403345288\usb\class_03&subclass_01\input.PNF -> Deleted
[PUP.Gen1][Folder] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20160909T172403345288\usb\class_03&subclass_01 -> Deleted
[PUP.Gen1][File] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20160909T172403345288\usb\class_0e\usbvideo.inf -> Deleted
[PUP.Gen1][File] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20160909T172403345288\usb\class_0e\usbvideo.PNF -> Deleted
[PUP.Gen1][File] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20160909T172403345288\usb\class_0e\usbvideo.sys -> Deleted
[PUP.Gen1][Folder] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20160909T172403345288\usb\class_0e -> Deleted
[PUP.Gen1][File] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20160909T172403345288\usb\composite\usb.inf -> Deleted
[PUP.Gen1][File] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20160909T172403345288\usb\composite\usb.PNF -> Deleted
[PUP.Gen1][File] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20160909T172403345288\usb\composite\usbccgp.sys -> Deleted
[PUP.Gen1][Folder] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20160909T172403345288\usb\composite -> Deleted
[PUP.Gen1][File] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20160909T172403345288\usb\root_hub\usbd.sys -> Deleted
[PUP.Gen1][File] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20160909T172403345288\usb\root_hub\usbhub.sys -> Deleted
[PUP.Gen1][File] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20160909T172403345288\usb\root_hub\usbport.inf -> Deleted
[PUP.Gen1][File] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20160909T172403345288\usb\root_hub\usbport.PNF -> Deleted
[PUP.Gen1][Folder] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20160909T172403345288\usb\root_hub -> Deleted
[PUP.Gen1][File] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20160909T172403345288\usb\root_hub20\usbd.sys -> Deleted
[PUP.Gen1][File] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20160909T172403345288\usb\root_hub20\usbhub.sys -> Deleted
[PUP.Gen1][File] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20160909T172403345288\usb\root_hub20\usbport.inf -> Deleted
[PUP.Gen1][File] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20160909T172403345288\usb\root_hub20\usbport.PNF -> Deleted
[PUP.Gen1][Folder] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20160909T172403345288\usb\root_hub20 -> Deleted
[PUP.Gen1][File] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20160909T172403345288\usb\root_hub30\usbhub3.inf -> Deleted
[PUP.Gen1][File] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20160909T172403345288\usb\root_hub30\usbhub3.PNF -> Deleted
[PUP.Gen1][File] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20160909T172403345288\usb\root_hub30\USBHUB3.SYS -> Deleted
[PUP.Gen1][Folder] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20160909T172403345288\usb\root_hub30 -> Deleted
[PUP.Gen1][Folder] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20160909T172403345288\usb -> Deleted
[PUP.Gen1][Folder] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20160909T172403345288 -> Deleted
[PUP.Gen1][File] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20161010T154737082627\acpi\acpi0003\cmbatt.inf -> Deleted
[PUP.Gen1][File] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20161010T154737082627\acpi\acpi0003\cmbatt.PNF -> Deleted
[PUP.Gen1][File] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20161010T154737082627\acpi\acpi0003\CmBatt.sys -> Deleted
[PUP.Gen1][Folder] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20161010T154737082627\acpi\acpi0003 -> Deleted
[PUP.Gen1][File] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20161010T154737082627\acpi\asd0001\AmdAS4.cat -> Deleted
[PUP.Gen1][File] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20161010T154737082627\acpi\asd0001\amdas4.inf -> Deleted
[PUP.Gen1][File] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20161010T154737082627\acpi\asd0001\amdas4.PNF -> Deleted
[PUP.Gen1][File] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20161010T154737082627\acpi\asd0001\AmdAS4.sys -> Deleted
[PUP.Gen1][Folder] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20161010T154737082627\acpi\asd0001 -> Deleted
[PUP.Gen1][File] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20161010T154737082627\acpi\authenticamd_-_amd64\amdppm.sys -> Deleted
[PUP.Gen1][File] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20161010T154737082627\acpi\authenticamd_-_amd64\cpu.inf -> Deleted
[PUP.Gen1][File] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20161010T154737082627\acpi\authenticamd_-_amd64\cpu.PNF -> Deleted
[PUP.Gen1][Folder] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20161010T154737082627\acpi\authenticamd_-_amd64 -> Deleted
[PUP.Gen1][File] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20161010T154737082627\acpi\hpq6001\wirelessbuttondriver.inf -> Deleted
[PUP.Gen1][File] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20161010T154737082627\acpi\hpq6001\wirelessbuttondriver.PNF -> Deleted
[PUP.Gen1][File] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20161010T154737082627\acpi\hpq6001\wirelessbuttondriver64.cat -> Deleted
[PUP.Gen1][File] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20161010T154737082627\acpi\hpq6001\WirelessButtonDriver64.sys -> Deleted
[PUP.Gen1][Folder] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20161010T154737082627\acpi\hpq6001 -> Deleted
[PUP.Gen1][File] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20161010T154737082627\acpi\pnp0c0a\cmbatt.inf -> Deleted
[PUP.Gen1][File] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20161010T154737082627\acpi\pnp0c0a\cmbatt.PNF -> Deleted
[PUP.Gen1][File] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20161010T154737082627\acpi\pnp0c0a\CmBatt.sys -> Deleted
[PUP.Gen1][Folder] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20161010T154737082627\acpi\pnp0c0a -> Deleted
[PUP.Gen1][Folder] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20161010T154737082627\acpi -> Deleted
[PUP.Gen1][File] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20161010T154737082627\acpi_hal\uefi\uefi.inf -> Deleted
[PUP.Gen1][File] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20161010T154737082627\acpi_hal\uefi\uefi.PNF -> Deleted
[PUP.Gen1][File] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20161010T154737082627\acpi_hal\uefi\uefi.sys -> Deleted
[PUP.Gen1][Folder] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20161010T154737082627\acpi_hal\uefi -> Deleted
[PUP.Gen1][Folder] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20161010T154737082627\acpi_hal -> Deleted
[PUP.Gen1][File] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20161010T154737082627\gencdrom\cdrom.inf -> Deleted
[PUP.Gen1][File] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20161010T154737082627\gencdrom\cdrom.PNF -> Deleted
[PUP.Gen1][File] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20161010T154737082627\gencdrom\cdrom.sys -> Deleted
[PUP.Gen1][Folder] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20161010T154737082627\gencdrom -> Deleted
[PUP.Gen1][File] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20161010T154737082627\gendisk\disk.inf -> Deleted
[PUP.Gen1][File] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20161010T154737082627\gendisk\disk.PNF -> Deleted
[PUP.Gen1][File] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20161010T154737082627\gendisk\disk.sys -> Deleted
[PUP.Gen1][Folder] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20161010T154737082627\gendisk -> Deleted
[PUP.Gen1][File] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20161010T154737082627\hdaudio\func_01&ven_1002&dev_aa01&subsys_00aa0100&rev_1005\AtihdWT6.cat -> Deleted
[PUP.Gen1][File] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20161010T154737082627\hdaudio\func_01&ven_1002&dev_aa01&subsys_00aa0100&rev_1005\atihdwt6.inf -> Deleted
[PUP.Gen1][File] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20161010T154737082627\hdaudio\func_01&ven_1002&dev_aa01&subsys_00aa0100&rev_1005\atihdwt6.PNF -> Deleted
[PUP.Gen1][File] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20161010T154737082627\hdaudio\func_01&ven_1002&dev_aa01&subsys_00aa0100&rev_1005\AtihdWT6.sys -> Deleted
[PUP.Gen1][File] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20161010T154737082627\hdaudio\func_01&ven_1002&dev_aa01&subsys_00aa0100&rev_1005\DelayAPO.dll -> Deleted
[PUP.Gen1][Folder] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20161010T154737082627\hdaudio\func_01&ven_1002&dev_aa01&subsys_00aa0100&rev_1005 -> Deleted
[PUP.Gen1][Folder] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20161010T154737082627\hdaudio -> Deleted
[PUP.Gen1][File] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20161010T154737082627\hid_device_system_keyboard\kbdhid.sys -> Deleted
[PUP.Gen1][File] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20161010T154737082627\hid_device_system_keyboard\keyboard.inf -> Deleted
[PUP.Gen1][File] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20161010T154737082627\hid_device_system_keyboard\keyboard.PNF -> Deleted
[PUP.Gen1][Folder] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20161010T154737082627\hid_device_system_keyboard -> Deleted
[PUP.Gen1][File] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20161010T154737082627\hid_device_system_mouse\mouclass.sys -> Deleted
[PUP.Gen1][File] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20161010T154737082627\hid_device_system_mouse\mouhid.sys -> Deleted
[PUP.Gen1][File] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20161010T154737082627\hid_device_system_mouse\msmouse.inf -> Deleted
[PUP.Gen1][File] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20161010T154737082627\hid_device_system_mouse\msmouse.PNF -> Deleted
[PUP.Gen1][Folder] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20161010T154737082627\hid_device_system_mouse -> Deleted
[PUP.Gen1][File] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20161010T154737082627\module_info -> Deleted
[PUP.Gen1][File] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20161010T154737082627\pci\cc_0403\hdaudbus.inf -> Deleted
[PUP.Gen1][File] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20161010T154737082627\pci\cc_0403\hdaudbus.PNF -> Deleted
[PUP.Gen1][File] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20161010T154737082627\pci\cc_0403\hdaudbus.sys -> Deleted
[PUP.Gen1][Folder] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20161010T154737082627\pci\cc_0403 -> Deleted
[PUP.Gen1][File] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20161010T154737082627\pci\cc_0601\machine.inf -> Deleted
[PUP.Gen1][File] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20161010T154737082627\pci\cc_0601\machine.PNF -> Deleted
[PUP.Gen1][File] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20161010T154737082627\pci\cc_0601\msisadrv.sys -> Deleted
[PUP.Gen1][Folder] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20161010T154737082627\pci\cc_0601 -> Deleted
[PUP.Gen1][File] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20161010T154737082627\pci\cc_0604\pci.inf -> Deleted
[PUP.Gen1][File] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20161010T154737082627\pci\cc_0604\pci.PNF -> Deleted
[PUP.Gen1][File] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20161010T154737082627\pci\cc_0604\pci.sys -> Deleted
[PUP.Gen1][Folder] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20161010T154737082627\pci\cc_0604 -> Deleted
[PUP.Gen1][File] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20161010T154737082627\pci\cc_080501\dumpsd.sys -> Deleted
[PUP.Gen1][File] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20161010T154737082627\pci\cc_080501\sdbus.inf -> Deleted
[PUP.Gen1][File] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20161010T154737082627\pci\cc_080501\sdbus.PNF -> Deleted
[PUP.Gen1][File] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20161010T154737082627\pci\cc_080501\sdbus.sys -> Deleted
[PUP.Gen1][Folder] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20161010T154737082627\pci\cc_080501 -> Deleted
[PUP.Gen1][File] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20161010T154737082627\pci\cc_0c0310\usbhub.sys -> Deleted
[PUP.Gen1][File] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20161010T154737082627\pci\cc_0c0310\usbohci.sys -> Deleted
[PUP.Gen1][File] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20161010T154737082627\pci\cc_0c0310\usbport.inf -> Deleted
[PUP.Gen1][File] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20161010T154737082627\pci\cc_0c0310\usbport.PNF -> Deleted
[PUP.Gen1][File] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20161010T154737082627\pci\cc_0c0310\usbport.sys -> Deleted
[PUP.Gen1][Folder] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20161010T154737082627\pci\cc_0c0310 -> Deleted
[PUP.Gen1][File] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20161010T154737082627\pci\cc_0c0320\usbehci.sys -> Deleted
[PUP.Gen1][File] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20161010T154737082627\pci\cc_0c0320\usbhub.sys -> Deleted
[PUP.Gen1][File] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20161010T154737082627\pci\cc_0c0320\usbport.inf -> Deleted
[PUP.Gen1][File] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20161010T154737082627\pci\cc_0c0320\usbport.PNF -> Deleted
[PUP.Gen1][File] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20161010T154737082627\pci\cc_0c0320\usbport.sys -> Deleted
[PUP.Gen1][Folder] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20161010T154737082627\pci\cc_0c0320 -> Deleted
[PUP.Gen1][File] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20161010T154737082627\pci\cc_0c0330\usbxhci.inf -> Deleted
[PUP.Gen1][File] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20161010T154737082627\pci\cc_0c0330\usbxhci.PNF -> Deleted
[PUP.Gen1][File] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20161010T154737082627\pci\cc_0c0330\USBXHCI.SYS -> Deleted
[PUP.Gen1][Folder] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20161010T154737082627\pci\cc_0c0330 -> Deleted
[PUP.Gen1][File] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20161010T154737082627\pci\ven_1002&cc_040300\amdkmafd.cat -> Deleted
[PUP.Gen1][File] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20161010T154737082627\pci\ven_1002&cc_040300\amdkmafd.inf -> Deleted
[PUP.Gen1][File] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20161010T154737082627\pci\ven_1002&cc_040300\amdkmafd.PNF -> Deleted
[PUP.Gen1][File] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20161010T154737082627\pci\ven_1002&cc_040300\amdkmafd.sys -> Deleted
[PUP.Gen1][Folder] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20161010T154737082627\pci\ven_1002&cc_040300 -> Deleted
[PUP.Gen1][File] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20161010T154737082627\pci\ven_1022&dev_7804&cc_0106\amdsata.inf -> Deleted
[PUP.Gen1][File] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20161010T154737082627\pci\ven_1022&dev_7804&cc_0106\amdsata.PNF -> Deleted
[PUP.Gen1][File] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20161010T154737082627\pci\ven_1022&dev_7804&cc_0106\amdsata.sys -> Deleted
[PUP.Gen1][File] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20161010T154737082627\pci\ven_1022&dev_7804&cc_0106\amdxata.sys -> Deleted
[PUP.Gen1][Folder] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20161010T154737082627\pci\ven_1022&dev_7804&cc_0106 -> Deleted
[PUP.Gen1][File] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20161010T154737082627\pci\ven_10ec&dev_8136&subsys_8137103c&rev_07\rt640x64.inf -> Deleted
[PUP.Gen1][File] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20161010T154737082627\pci\ven_10ec&dev_8136&subsys_8137103c&rev_07\rt640x64.PNF -> Deleted
[PUP.Gen1][File] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20161010T154737082627\pci\ven_10ec&dev_8136&subsys_8137103c&rev_07\rt640x64.sys -> Deleted
[PUP.Gen1][File] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20161010T154737082627\pci\ven_10ec&dev_8136&subsys_8137103c&rev_07\RtNicProp64.dll -> Deleted
[PUP.Gen1][Folder] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20161010T154737082627\pci\ven_10ec&dev_8136&subsys_8137103c&rev_07 -> Deleted
[PUP.Gen1][File] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20161010T154737082627\pci\ven_10ec&dev_8179&subsys_804b103c\netrtwlane.cat -> Deleted
[PUP.Gen1][File] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20161010T154737082627\pci\ven_10ec&dev_8179&subsys_804b103c\netrtwlane.inf -> Deleted
[PUP.Gen1][File] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20161010T154737082627\pci\ven_10ec&dev_8179&subsys_804b103c\netrtwlane.PNF -> Deleted
[PUP.Gen1][File] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20161010T154737082627\pci\ven_10ec&dev_8179&subsys_804b103c\Rtlihvs.dll -> Deleted
[PUP.Gen1][File] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20161010T154737082627\pci\ven_10ec&dev_8179&subsys_804b103c\rtwlane.sys -> Deleted
[PUP.Gen1][Folder] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20161010T154737082627\pci\ven_10ec&dev_8179&subsys_804b103c -> Deleted
[PUP.Gen1][Folder] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20161010T154737082627\pci -> Deleted
[PUP.Gen1][File] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20161010T154737082627\root\basicdisplay\basicdisplay.inf -> Deleted
[PUP.Gen1][File] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20161010T154737082627\root\basicdisplay\basicdisplay.PNF -> Deleted
[PUP.Gen1][File] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20161010T154737082627\root\basicdisplay\BasicDisplay.sys -> Deleted
[PUP.Gen1][Folder] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20161010T154737082627\root\basicdisplay -> Deleted
[PUP.Gen1][File] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20161010T154737082627\root\basicrender\basicrender.inf -> Deleted
[PUP.Gen1][File] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20161010T154737082627\root\basicrender\basicrender.PNF -> Deleted
[PUP.Gen1][File] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20161010T154737082627\root\basicrender\BasicRender.sys -> Deleted
[PUP.Gen1][Folder] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20161010T154737082627\root\basicrender -> Deleted
[PUP.Gen1][File] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20161010T154737082627\root\clwvd6\clwvd6.cat -> Deleted
[PUP.Gen1][File] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20161010T154737082627\root\clwvd6\clwvd6.inf -> Deleted
[PUP.Gen1][File] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20161010T154737082627\root\clwvd6\clwvd6.PNF -> Deleted
[PUP.Gen1][File] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20161010T154737082627\root\clwvd6\clwvd6.sys -> Deleted
[PUP.Gen1][Folder] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20161010T154737082627\root\clwvd6 -> Deleted
[PUP.Gen1][File] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20161010T154737082627\root\compositebus\compositebus.inf -> Deleted
[PUP.Gen1][File] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20161010T154737082627\root\compositebus\compositebus.PNF -> Deleted
[PUP.Gen1][File] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20161010T154737082627\root\compositebus\CompositeBus.sys -> Deleted
[PUP.Gen1][Folder] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20161010T154737082627\root\compositebus -> Deleted
[PUP.Gen1][File] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20161010T154737082627\root\kdnic\kdnic.inf -> Deleted
[PUP.Gen1][File] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20161010T154737082627\root\kdnic\kdnic.PNF -> Deleted
[PUP.Gen1][File] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20161010T154737082627\root\kdnic\kdnic.sys -> Deleted
[PUP.Gen1][Folder] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20161010T154737082627\root\kdnic -> Deleted
[PUP.Gen1][File] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20161010T154737082627\root\mssmbios\mssmbios.inf -> Deleted
[PUP.Gen1][File] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20161010T154737082627\root\mssmbios\mssmbios.PNF -> Deleted
[PUP.Gen1][File] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20161010T154737082627\root\mssmbios\mssmbios.sys -> Deleted
[PUP.Gen1][Folder] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20161010T154737082627\root\mssmbios -> Deleted
[PUP.Gen1][File] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20161010T154737082627\root\rdpbus\rdpbus.inf -> Deleted
[PUP.Gen1][File] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20161010T154737082627\root\rdpbus\rdpbus.PNF -> Deleted
[PUP.Gen1][File] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20161010T154737082627\root\rdpbus\rdpbus.sys -> Deleted
[PUP.Gen1][Folder] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20161010T154737082627\root\rdpbus -> Deleted
[PUP.Gen1][File] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20161010T154737082627\root\spaceport\spaceport.inf -> Deleted
[PUP.Gen1][File] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20161010T154737082627\root\spaceport\spaceport.PNF -> Deleted
[PUP.Gen1][File] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20161010T154737082627\root\spaceport\spaceport.sys -> Deleted
[PUP.Gen1][Folder] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20161010T154737082627\root\spaceport -> Deleted
[PUP.Gen1][File] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20161010T154737082627\root\swenum\streamci.dll -> Deleted
[PUP.Gen1][File] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20161010T154737082627\root\swenum\swenum.inf -> Deleted
[PUP.Gen1][File] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20161010T154737082627\root\swenum\swenum.PNF -> Deleted
[PUP.Gen1][File] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20161010T154737082627\root\swenum\swenum.sys -> Deleted
[PUP.Gen1][Folder] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20161010T154737082627\root\swenum -> Deleted
[PUP.Gen1][File] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20161010T154737082627\root\umbus\umbus.inf -> Deleted
[PUP.Gen1][File] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20161010T154737082627\root\umbus\umbus.PNF -> Deleted
[PUP.Gen1][File] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20161010T154737082627\root\umbus\umbus.sys -> Deleted
[PUP.Gen1][Folder] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20161010T154737082627\root\umbus -> Deleted
[PUP.Gen1][File] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20161010T154737082627\root\vdrvroot\vdrvroot.inf -> Deleted
[PUP.Gen1][File] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20161010T154737082627\root\vdrvroot\vdrvroot.PNF -> Deleted
[PUP.Gen1][File] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20161010T154737082627\root\vdrvroot\vdrvroot.sys -> Deleted
[PUP.Gen1][Folder] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20161010T154737082627\root\vdrvroot -> Deleted
[PUP.Gen1][File] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20161010T154737082627\root\volmgr\volmgr.inf -> Deleted
[PUP.Gen1][File] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20161010T154737082627\root\volmgr\volmgr.PNF -> Deleted
[PUP.Gen1][File] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20161010T154737082627\root\volmgr\volmgr.sys -> Deleted
[PUP.Gen1][Folder] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20161010T154737082627\root\volmgr -> Deleted
[PUP.Gen1][Folder] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20161010T154737082627\root -> Deleted
[PUP.Gen1][File] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20161010T154737082627\storage\volume\volsnap.sys -> Deleted
[PUP.Gen1][File] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20161010T154737082627\storage\volume\volume.inf -> Deleted
[PUP.Gen1][File] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20161010T154737082627\storage\volume\volume.PNF -> Deleted
[PUP.Gen1][Folder] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20161010T154737082627\storage\volume -> Deleted
[PUP.Gen1][Folder] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20161010T154737082627\storage -> Deleted
[PUP.Gen1][File] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20161010T154737082627\usb\class_03&subclass_01\hidclass.sys -> Deleted
[PUP.Gen1][File] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20161010T154737082627\usb\class_03&subclass_01\hidparse.sys -> Deleted
[PUP.Gen1][File] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20161010T154737082627\usb\class_03&subclass_01\hidusb.sys -> Deleted
[PUP.Gen1][File] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20161010T154737082627\usb\class_03&subclass_01\input.inf -> Deleted
[PUP.Gen1][File] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20161010T154737082627\usb\class_03&subclass_01\input.PNF -> Deleted
[PUP.Gen1][Folder] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20161010T154737082627\usb\class_03&subclass_01 -> Deleted
[PUP.Gen1][File] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20161010T154737082627\usb\class_0e\usbvideo.inf -> Deleted
[PUP.Gen1][File] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20161010T154737082627\usb\class_0e\usbvideo.PNF -> Deleted
[PUP.Gen1][File] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20161010T154737082627\usb\class_0e\usbvideo.sys -> Deleted
[PUP.Gen1][Folder] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20161010T154737082627\usb\class_0e -> Deleted
[PUP.Gen1][File] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20161010T154737082627\usb\composite\usb.inf -> Deleted
[PUP.Gen1][File] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20161010T154737082627\usb\composite\usb.PNF -> Deleted
[PUP.Gen1][File] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20161010T154737082627\usb\composite\usbccgp.sys -> Deleted
[PUP.Gen1][Folder] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20161010T154737082627\usb\composite -> Deleted
[PUP.Gen1][File] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20161010T154737082627\usb\root_hub\usbd.sys -> Deleted
[PUP.Gen1][File] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20161010T154737082627\usb\root_hub\usbhub.sys -> Deleted
[PUP.Gen1][File] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20161010T154737082627\usb\root_hub\usbport.inf -> Deleted
[PUP.Gen1][File] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20161010T154737082627\usb\root_hub\usbport.PNF -> Deleted
[PUP.Gen1][Folder] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20161010T154737082627\usb\root_hub -> Deleted
[PUP.Gen1][File] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20161010T154737082627\usb\root_hub20\usbd.sys -> Deleted
[PUP.Gen1][File] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20161010T154737082627\usb\root_hub20\usbhub.sys -> Deleted
[PUP.Gen1][File] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20161010T154737082627\usb\root_hub20\usbport.inf -> Deleted
[PUP.Gen1][File] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20161010T154737082627\usb\root_hub20\usbport.PNF -> Deleted
[PUP.Gen1][Folder] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20161010T154737082627\usb\root_hub20 -> Deleted
[PUP.Gen1][File] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20161010T154737082627\usb\root_hub30\usbhub3.inf -> Deleted
[PUP.Gen1][File] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20161010T154737082627\usb\root_hub30\usbhub3.PNF -> Deleted
[PUP.Gen1][File] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20161010T154737082627\usb\root_hub30\USBHUB3.SYS -> Deleted
[PUP.Gen1][Folder] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20161010T154737082627\usb\root_hub30 -> Deleted
[PUP.Gen1][Folder] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20161010T154737082627\usb -> Deleted
[PUP.Gen1][Folder] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20161010T154737082627 -> Deleted
[PUP.Gen1][Folder] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups -> Deleted
[PUP.Gen1][File] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\ignores.dat -> Deleted
[PUP.Gen1][File] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Images\acer.png -> Deleted
[PUP.Gen1][Folder] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Images -> Deleted
[PUP.Gen1][File] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Logs\2016-09-09 13-21-27 0.log -> Deleted
[PUP.Gen1][File] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Logs\2016-10-10 11-45-32 0.log -> Deleted
[PUP.Gen1][File] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Logs\2016-10-22 13-10-04 0.log -> Deleted
[PUP.Gen1][Folder] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Logs -> Deleted
[PUP.Gen1][File] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\rupdates.db -> Deleted
[PUP.Gen1][File] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\settings.db -> Deleted
[PUP.Gen1][File] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\supdates.db -> Deleted
[PUP.Gen1][File] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\SWDUMon.cat -> Deleted
[PUP.Gen1][File] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\SWDUMon.inf -> Deleted
[PUP.Gen1][File] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers\SWDUMon.sys -> Deleted
[PUP.Gen1][Folder] C:\Users\Nick\AppData\Local\SlimWare Utilities Inc\SlimDrivers -> Deleted
[PUP.Gen1][Folder] C:\ProgramData\Babylon -> ERROR [3]

¤¤¤ WMI : 0 ¤¤¤

¤¤¤ Hosts File : 0 ¤¤¤

¤¤¤ Antirootkit : 0 (Driver: Loaded) ¤¤¤

¤¤¤ Web browsers : 0 ¤¤¤

¤¤¤ MBR Check : ¤¤¤
+++++ PhysicalDrive0: +++++
--- User ---
[MBR] 3808095bc97c4b21f478709d628b3a20
[BSP] 603a288f10d24c4bb7949e69e7ecee77 : Empty MBR Code
Partition table:
0 - [MAN-MOUNT] EFI system partition | Offset (sectors): 2048 | Size: 260 MB
1 - [MAN-MOUNT] Microsoft reserved partition | Offset (sectors): 534528 | Size: 16 MB
2 - Basic data partition | Offset (sectors): 567296 | Size: 455276 MB
3 - [SYSTEM][MAN-MOUNT] | Offset (sectors): 932974592 | Size: 835 MB
4 - [SYSTEM] Basic data partition | Offset (sectors): 934684672 | Size: 20546 MB
User = LL1 ... OK
User = LL2 ... OK

 

[Broni]

Go on....

 

[Balanced]

Malwarebytes
www.malwarebytes.com

-Log Details-
Scan Date: 7/13/17
Scan Time: 2:56 AM
Log File: 12312.txt
Administrator: Yes

-Software Information-
Version: 3.1.2.1733
Components Version: 1.0.160
Update Package Version: 1.0.2352
License: Trial

-System Information-
OS: Windows 10 (Build 14393.1358)
CPU: x64
File System: NTFS
User: NICK\Nick

-Scan Summary-
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 538804
Threats Detected: 0
(No malicious items detected)
Threats Quarantined: 0
(No malicious items detected)
Time Elapsed: 1 hr, 42 min, 0 sec

-Scan Options-
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

-Scan Details-
Process: 0
(No malicious items detected)

Module: 0
(No malicious items detected)

Registry Key: 0
(No malicious items detected)

Registry Value: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Data Stream: 0
(No malicious items detected)

Folder: 0
(No malicious items detected)

File: 0
(No malicious items detected)

Physical Sector: 0
(No malicious items detected)


(end)

 

[Balanced]

# AdwCleaner v6.047 - Logfile created 13/07/2017 at 05:00:57
# Updated on 19/05/2017 by Malwarebytes
# Database : 2017-07-11.1 [Server]
# Operating System : Windows 10 Home (X64)
# Username : Nick - NICK
# Running from : C:\Users\Nick\Downloads\AdwCleaner.exe
# Mode: Clean
# Support : https://www.malwarebytes.com/support



***** [ Services ] *****



***** [ Folders ] *****

[-] Folder deleted: C:\Users\Public\Documents\Downloaded Installers


***** [ Files ] *****



***** [ DLL ] *****



***** [ WMI ] *****



***** [ Shortcuts ] *****



***** [ Scheduled Tasks ] *****

[-] Task deleted: YCMServiceAgent


***** [ Registry ] *****

[-] Key deleted: HKLM\SOFTWARE\Classes\Prod.cap
[#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\Prod.cap
[-] Key deleted: HKLM\SOFTWARE\Classes\Interface\{FA7B2795-C0C8-4A58-8672-3F8D80CC0270}
[-] Key deleted: HKLM\SOFTWARE\Classes\Interface\{47A1DF02-BCE4-40C3-AE47-E3EA09A65E4A}
[-] Key deleted: HKLM\SOFTWARE\Classes\TypeLib\{1112F282-7099-4624-A439-DB29D6551552}
[-] Key deleted: HKU\S-1-5-21-1919207557-622674961-3464858116-1002\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[-] Data restored: HKU\S-1-5-21-1919207557-622674961-3464858116-1002\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope] {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[-] Key deleted: HKU\S-1-5-21-1919207557-622674961-3464858116-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07132017044840194\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[-] Data restored: HKU\S-1-5-21-1919207557-622674961-3464858116-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07132017044840194\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope] {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[#] Key deleted on reboot: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[-] Data restored: HKCU\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope] {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[#] Key deleted on reboot: [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[-] Data restored: [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope] {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[-] Key deleted: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\chrome.en.softonic.com
[-] Key deleted: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\softonic.com
[-] Key deleted: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\chrome.en.softonic.com
[-] Key deleted: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\softonic.com
[#] Key deleted on reboot: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\chrome.en.softonic.com
[#] Key deleted on reboot: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\softonic.com
[#] Key deleted on reboot: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\chrome.en.softonic.com
[#] Key deleted on reboot: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\softonic.com


***** [ Web browsers ] *****

[-] Firefox preferences cleaned:


*************************

:: "Tracing" keys deleted
:: Winsock settings cleared

*************************

C:\AdwCleaner\AdwCleaner[C0].txt - [4324 Bytes] - [13/07/2017 05:00:57]
C:\AdwCleaner\AdwCleaner[S0].txt - [4440 Bytes] - [13/07/2017 04:58:36]

########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [4470 Bytes] ##########

 

[Balanced]

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.1.3 (04.10.2017)
Operating System: Windows 10 Home x64
Ran by Nick (Administrator) on Thu 07/13/2017 at 13:20:47.32
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




File System: 0


Deleted the following from C:\Users\Nick\AppData\Roaming\Mozilla\Firefox\Profiles\tbp5edt3.default\prefs.js
user_pref(extensions.Imagus.tls, {\advanced\:false,\sieveAutoUpdate\:true,\sieveCacheRes\:true,\opzoom\:true,\sendToHosts\:[[\+TinEye\,\hxxps://www.tineye.com/



Registry: 2

Successfully deleted: HKLM\SYSTEM\CurrentControlSet\services\74193179 (Registry Key)
Successfully deleted: HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{8E663C5B-B546-41B9-BD2D-6727090C6731} (Registry Key)




~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Thu 07/13/2017 at 13:35:32.58
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

[Broni]

Re-run Farbar Recovery Scan Tool (FRST/FRST64) you ran at the very beginning of this topic.

• Double click to run it.
• Make sure you checkmark Addition.txt box.
• Press Scan button.
• Scan will create two logs, FRST.txt and Addition.txt in the same directory the tool is run. Please copy and paste them to your reply.

 

[Balanced]

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 13-07-2017
Ran by Nick (administrator) on NICK (15-07-2017 02:34:22)
Running from C:\Users\Nick\Downloads
Loaded Profiles: Nick (Available Profiles: Nick & Banana)
Platform: Windows 10 Home Version 1607 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool:

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Mr. John aka japamd) C:\Users\Nick\Desktop\RadeonPro\RadeonProSupport.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
() C:\Program Files (x86)\RocketDock\RocketDock.exe
(HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft® Windows® Operating System) C:\Windows\System32\Taskmgr.exe
(Microsoft Corporation) C:\Windows\System32\SndVol.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Skype Technologies) C:\Program Files (x86)\Skype\Browser\SkypeBrowserHost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Skype Technologies) C:\Program Files (x86)\Skype\Browser\SkypeBrowserHost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [WindowsDefender] => C:\Program Files\Windows Defender\MSASCuiL.exe [631808 2017-04-27] (Microsoft Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-07-01] (Adobe Systems Incorporated)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8911872 2016-10-15] (Realtek Semiconductor)
HKLM\...\Run: [TabletDriver] => C:\PenTabletDriver\TabletDriver.exe [655368 2017-04-19] (Graphic Tablet Company Shenzhen)
HKLM\...\Run: [Malwarebytes TrayApp] => C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [3146704 2017-05-09] (Malwarebytes)
HKLM-x32\...\Run: [Raptr] => C:\Program Files (x86)\Raptr Inc\Raptr\raptrstub.exe [58584 2016-09-28] (Raptr, Inc)
HKLM-x32\...\Run: [PlaysTV] => C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv_launcher.exe [71440 2016-06-06] (Plays.tv, LLC)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [157456 2015-09-12] (Apple Inc.)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2404952 2017-03-27] (Adobe Systems Incorporated)
HKLM\...\Policies\Explorer: [ForceActiveDesktopOn] 0 [67688 2017-07-06] ()
HKLM\...\Policies\Explorer: [NoRecentDocsHistory] 0 [67688 2017-07-06] ()
HKLM\...\Policies\Explorer: [NoFolderOptions] 0 [67688 2017-07-06] ()
HKLM\...\Policies\Explorer: [NoViewOnDrive] 0 [67688 2017-07-06] ()
HKLM\...\Policies\Explorer: [NoDrives] 0 [67688 2017-07-06] ()
HKLM\...\Policies\Explorer: [NoControlPanel] 0 [67688 2017-07-06] ()
HKLM\...\Policies\Explorer: [DisableLocalMachineRun] 0 [67688 2017-07-06] ()
HKLM\...\Policies\Explorer: [DisableLocalMachineRunOnce] 0 [67688 2017-07-06] ()
HKLM\...\Policies\Explorer: [DisableCurrentUserRun] 0 [67688 2017-07-06] ()
HKLM\...\Policies\Explorer: [DisableCurrentUserRunOnce] 0 [67688 2017-07-06] ()
HKLM\...\Policies\Explorer: [NoDriveTypeAutoRun] 0 [67688 2017-07-06] ()
HKLM\...\Policies\Explorer: [NoViewContextMenu] 0 [67688 2017-07-06] ()
HKLM\...\Policies\Explorer: [NoShellSearchButton] 0 [67688 2017-07-06] ()
HKLM\...\Policies\Explorer: [NoFind] 0 [67688 2017-07-06] ()
HKLM\...\Policies\Explorer: [NoFile] 0 [67688 2017-07-06] ()
HKLM\...\Policies\Explorer: [NoRun] 0 [67688 2017-07-06] ()
HKLM\...\Policies\Explorer: [HideClock] 0 [67688 2017-07-06] ()
HKLM\...\Policies\Explorer: [NoTrayContextMenu] 0 [67688 2017-07-06] ()
HKLM\...\Policies\Explorer: [NoTrayItemsDisplay] 0 [67688 2017-07-06] ()
HKLM\...\Policies\Explorer: [NoSetFolders] 0 [67688 2017-07-06] ()
HKLM\...\Policies\Explorer: [NoDevMgrUpdate] 0 [67688 2017-07-06] ()
HKLM\...\Policies\Explorer: [NoClose] 0 [67688 2017-07-06] ()
HKLM\...\Policies\Explorer: [NoSetTaskbar] 0 [67688 2017-07-06] ()
HKLM\...\Policies\Explorer: [NoDeletePrinter] 0 [67688 2017-07-06] ()
HKLM\...\Policies\Explorer: [NoDFSTab] 0 [67688 2017-07-06] ()
HKLM\...\Policies\Explorer: [NoChangeStartMenu] 0 [67688 2017-07-06] ()
HKLM\...\Policies\Explorer: [NoLogoff] 0 [67688 2017-07-06] ()
HKLM\...\Policies\Explorer: [StartMenuLogoff] 0 [67688 2017-07-06] ()
HKLM\...\Policies\Explorer: [NoWindowsUpdate] 0 [67688 2017-07-06] ()
HKLM\...\Policies\Explorer: [NoEncryptOnMove] 0 [67688 2017-07-06] ()
HKLM\...\Policies\Explorer: [NoRunasInstallPrompt] 0 [67688 2017-07-06] ()
HKLM\...\Policies\Explorer: [NoResolveSearch] 0 [67688 2017-07-06] ()
HKLM\...\Policies\Explorer: [NoResolveTrack] 0 [67688 2017-07-06] ()
HKLM\...\Policies\Explorer: [NoSaveSettings] 0 [67688 2017-07-06] ()
HKLM\...\Policies\Explorer: [NoHardwareTab] 0 [67688 2017-07-06] ()
HKLM\...\Policies\Explorer: [NoStartMenuSubFolders] 0 [67688 2017-07-06] ()
HKLM\...\Policies\Explorer: [NoDesktop] 0 [67688 2017-07-06] ()
HKLM\...\Policies\Explorer: [NoActiveDesktopChanges] 0 [67688 2017-07-06] ()
HKU\S-1-5-21-1919207557-622674961-3464858116-1002\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3062048 2017-07-11] (Valve Corporation)
HKU\S-1-5-21-1919207557-622674961-3464858116-1002\...\Run: [RocketDock] => C:\Program Files (x86)\RocketDock\RocketDock.exe [495616 2007-09-02] ()
HKU\S-1-5-21-1919207557-622674961-3464858116-1002\...\Run: [Discord] => C:\Users\Nick\AppData\Local\Discord\app-0.0.297\Discord.exe [64290304 2017-01-04] (Hammer & Chisel, Inc.)
HKU\S-1-5-21-1919207557-622674961-3464858116-1002\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-1919207557-622674961-3464858116-1002\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27742168 2017-06-07] (Skype Technologies S.A.)
HKU\S-1-5-21-1919207557-622674961-3464858116-1002\...\Policies\system: [DisableCMD] 0
HKU\S-1-5-21-1919207557-622674961-3464858116-1002\...\Policies\system: [NoDispAppearancePage] 0
HKU\S-1-5-21-1919207557-622674961-3464858116-1002\...\Policies\system: [NoDispBackgroundPage] 0
HKU\S-1-5-21-1919207557-622674961-3464858116-1002\...\Policies\system: [NoDispSettingsPage] 0
HKU\S-1-5-21-1919207557-622674961-3464858116-1002\...\Policies\Explorer: [NoViewOnDrive] 0
HKU\S-1-5-21-1919207557-622674961-3464858116-1002\...\Policies\Explorer: [DisableLocalMachineRun] 0
HKU\S-1-5-21-1919207557-622674961-3464858116-1002\...\Policies\Explorer: [DisableLocalMachineRunOnce] 0
HKU\S-1-5-21-1919207557-622674961-3464858116-1002\...\Policies\Explorer: [DisableCurrentUserRun] 0
HKU\S-1-5-21-1919207557-622674961-3464858116-1002\...\Policies\Explorer: [DisableCurrentUserRunOnce] 0
HKU\S-1-5-21-1919207557-622674961-3464858116-1002\...\Policies\Explorer: [NoViewContextMenu] 0
HKU\S-1-5-21-1919207557-622674961-3464858116-1002\...\Policies\Explorer: [NoShellSearchButton] 0
HKU\S-1-5-21-1919207557-622674961-3464858116-1002\...\Policies\Explorer: [NoFind] 0
HKU\S-1-5-21-1919207557-622674961-3464858116-1002\...\Policies\Explorer: [NoFile] 0
HKU\S-1-5-21-1919207557-622674961-3464858116-1002\...\Policies\Explorer: [HideClock] 0
HKU\S-1-5-21-1919207557-622674961-3464858116-1002\...\Policies\Explorer: [NoTrayContextMenu] 0
HKU\S-1-5-21-1919207557-622674961-3464858116-1002\...\Policies\Explorer: [NoTrayItemsDisplay] 0
HKU\S-1-5-21-1919207557-622674961-3464858116-1002\...\Policies\Explorer: [NoSetFolders] 0
HKU\S-1-5-21-1919207557-622674961-3464858116-1002\...\Policies\Explorer: [NoDevMgrUpdate] 0
HKU\S-1-5-21-1919207557-622674961-3464858116-1002\...\Policies\Explorer: [NoSetTaskbar] 0
HKU\S-1-5-21-1919207557-622674961-3464858116-1002\...\Policies\Explorer: [NoDeletePrinter] 0
HKU\S-1-5-21-1919207557-622674961-3464858116-1002\...\Policies\Explorer: [NoDFSTab] 0
HKU\S-1-5-21-1919207557-622674961-3464858116-1002\...\Policies\Explorer: [NoChangeStartMenu] 0
HKU\S-1-5-21-1919207557-622674961-3464858116-1002\...\Policies\Explorer: [NoLogoff] 0
HKU\S-1-5-21-1919207557-622674961-3464858116-1002\...\Policies\Explorer: [NoWindowsUpdate] 0
HKU\S-1-5-21-1919207557-622674961-3464858116-1002\...\Policies\Explorer: [NoEncryptOnMove] 0
HKU\S-1-5-21-1919207557-622674961-3464858116-1002\...\Policies\Explorer: [NoRunasInstallPrompt] 0
HKU\S-1-5-21-1919207557-622674961-3464858116-1002\...\Policies\Explorer: [NoResolveSearch] 0
HKU\S-1-5-21-1919207557-622674961-3464858116-1002\...\Policies\Explorer: [NoSaveSettings] 0
HKU\S-1-5-21-1919207557-622674961-3464858116-1002\...\Policies\Explorer: [NoHardwareTab] 0
HKU\S-1-5-21-1919207557-622674961-3464858116-1002\...\Policies\Explorer: [NoStartMenuSubFolders] 0
HKU\S-1-5-18\Control Panel\Desktop\\SCRNSAVE.EXE ->
AppInit_DLLs: prio.dll => No File
AppInit_DLLs-x32: prio32.dll => No File
Startup: C:\Users\Nick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Curse.lnk [2016-07-22]
ShortcutTarget: Curse.lnk -> C:\Users\Nick\AppData\Roaming\Curse Client\Bin\Curse.exe (Curse, Inc)
Startup: C:\Users\Nick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ShareX.lnk [2017-06-24]
ShortcutTarget: ShareX.lnk -> C:\ShareX\ShareX.exe (ShareX Team)
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 75.75.75.75 75.75.76.76
Tcpip\..\Interfaces\{0176a071-34bd-487e-91ba-0ad426176add}: [DhcpNameServer] 10.0.0.1
Tcpip\..\Interfaces\{d08b08d9-9e90-44de-9d15-3d140b96ca49}: [DhcpNameServer] 75.75.75.75 75.75.76.76

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://hp15-comm.msn.com/?pc=HRTE
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp15-comm.msn.com/?pc=HRTE
HKU\S-1-5-21-1919207557-622674961-3464858116-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp15-comm.msn.com/?pc=HRTE
SearchScopes: HKU\S-1-5-21-1919207557-622674961-3464858116-1002 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2016-07-21] (HP Inc.)

FireFox:
========
FF DefaultProfile: tbp5edt3.default
FF ProfilePath: C:\Users\Nick\AppData\Roaming\Mozilla\Firefox\Profiles\tbp5edt3.default [2017-06-23]
FF Extension: (Imagus) - C:\Users\Nick\AppData\Roaming\Mozilla\Firefox\Profiles\tbp5edt3.default\Extensions\{00000f2a-7cde-4f20-83ed-434fcb420d71}.xpi [2017-04-27]
FF Extension: (Adblock Plus) - C:\Users\Nick\AppData\Roaming\Mozilla\Firefox\Profiles\tbp5edt3.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2017-04-27]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_25_0_0_127.dll [2017-04-09] ()
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2017-03-27] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_25_0_0_127.dll [2017-04-09] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\windows\SysWOW64\Adobe\Director\np32dsw_1225195.dll [2016-09-20] (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-09-04] ()
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-27] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-27] (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\1\NP_wtapp.dll [2016-04-18] ()
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-04-04] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2017-03-27] (Adobe Systems)
FF Plugin HKU\S-1-5-21-1919207557-622674961-3464858116-1002: @nsroblox.roblox.com/launcher -> C:\Users\Nick\AppData\Local\Roblox\Versions\version-6da8969024ca4410\\NPRobloxProxy.dll [2013-01-01] ( ROBLOX Corporation)
FF Plugin HKU\S-1-5-21-1919207557-622674961-3464858116-1002: @nsroblox.roblox.com/launcher64 -> C:\Users\Nick\AppData\Local\Roblox\Versions\version-6da8969024ca4410\\NPRobloxProxy64.dll [2013-01-01] ( ROBLOX Corporation)
FF Plugin HKU\S-1-5-21-1919207557-622674961-3464858116-1002: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Nick\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2016-07-14] (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-1919207557-622674961-3464858116-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07152017023854162: @nsroblox.roblox.com/launcher -> C:\Users\Nick\AppData\Local\Roblox\Versions\version-6da8969024ca4410\\NPRobloxProxy.dll [2013-01-01] ( ROBLOX Corporation)
FF Plugin HKU\S-1-5-21-1919207557-622674961-3464858116-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07152017023854162: @nsroblox.roblox.com/launcher64 -> C:\Users\Nick\AppData\Local\Roblox\Versions\version-6da8969024ca4410\\NPRobloxProxy64.dll [2013-01-01] ( ROBLOX Corporation)
FF Plugin HKU\S-1-5-21-1919207557-622674961-3464858116-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07152017023854162: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Nick\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2016-07-14] (Unity Technologies ApS)

Chrome:
=======
CHR Profile: C:\Users\Nick\AppData\Local\Google\Chrome\User Data\Default [2017-07-15]
CHR Extension: (Google Drive) - C:\Users\Nick\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-04-27]
CHR Extension: (YouTube) - C:\Users\Nick\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-04-27]
CHR Extension: (uBlock Origin) - C:\Users\Nick\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2017-06-21]
CHR Extension: (Imagus) - C:\Users\Nick\AppData\Local\Google\Chrome\User Data\Default\Extensions\immpkjjlgappgfkkfieppnmlhakdmaab [2017-05-30]
CHR Extension: (Hoxx VPN Proxy) - C:\Users\Nick\AppData\Local\Google\Chrome\User Data\Default\Extensions\nbcojefnccbanplpoffopkoepjmhgdgh [2017-07-09]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Nick\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-04-27]
CHR Extension: (Fullscreen Anything) - C:\Users\Nick\AppData\Local\Google\Chrome\User Data\Default\Extensions\olcfgpmjldkkjdclidhcbonieibfhhdh [2017-05-08]
CHR Extension: (Gmail) - C:\Users\Nick\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-04-27]
CHR Extension: (Chrome Media Router) - C:\Users\Nick\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-07-14]
CHR Extension: (Save Image Router) - C:\Users\Nick\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkimacjjcahflldkhofmdjlelllacbil [2017-07-03]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx

Opera:
=======
OPR Extension: (Adguard AdBlocker) - C:\Users\Nick\AppData\Roaming\Opera Software\Opera Stable\Extensions\bopfaehpakahokaelnomggbohfbimcia [2017-07-14]
OPR Extension: (Imagus) - C:\Users\Nick\AppData\Roaming\Opera Software\Opera Stable\Extensions\immpkjjlgappgfkkfieppnmlhakdmaab [2017-06-13]
OPR Extension: (Download Chrome Extension) - C:\Users\Nick\AppData\Roaming\Opera Software\Opera Stable\Extensions\kipjbhgniklcnglfaldilecjomjaddfi [2017-02-14]
OPR Extension: (Fullscreen Anything) - C:\Users\Nick\AppData\Roaming\Opera Software\Opera Stable\Extensions\olcfgpmjldkkjdclidhcbonieibfhhdh [2017-02-14]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [771672 2017-03-14] (Adobe Systems Incorporated)
S3 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2246256 2017-05-18] (Adobe Systems, Incorporated)
S3 EasyAntiCheat; C:\windows\SysWOW64\EasyAntiCheat.exe [238376 2016-04-27] (EasyAntiCheat Ltd)
S3 fussvc; C:\Program Files (x86)\Windows Kits\8.1\App Certification Kit\fussvc.exe [143872 2014-10-24] (Microsoft Corporation) [File not signed]
S4 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [350064 2016-04-18] (WildTangent)
S3 HiPatchService; C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [9728 2016-09-23] (Hi-Rez Studios) [File not signed]
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [321896 2017-07-06] (HP Inc.)
S4 HPWMISVC; c:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe [608520 2015-02-17] (Hewlett-Packard Development Company, L.P.)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4470736 2017-05-09] (Malwarebytes)
S3 npggsvc; C:\WINDOWS\SysWOW64\GameMon.des [4362656 2016-02-24] (INCA Internet Co., Ltd.) [File not signed]
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2122248 2016-07-10] (Electronic Arts)
S3 PAExec; C:\windows\PAExec.exe [189112 2016-10-12] (Power Admin LLC)
S4 PlaysService; C:\Program Files (x86)\Raptr Inc\PlaysTV\plays_service.exe [32528 2016-06-06] (Plays.tv, LLC)
R2 RadeonPro Support Service; C:\Users\Nick\Desktop\RadeonPro\RadeonProSupport.exe [20608 2013-11-04] (Mr. John aka japamd) [File not signed]
S4 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [389896 2014-04-14] ()
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [326656 2016-10-15] (Realtek Semiconductor)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [269400 2016-10-05] (Synaptics Incorporated)
S3 Te.Service; C:\Program Files (x86)\Windows Kits\8.1\Testing\Runtimes\TAEF\Wex.Services.exe [122368 2015-02-26] (Microsoft Corporation) [File not signed]
S3 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [10884848 2017-05-23] (TeamViewer GmbH)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347320 2017-04-27] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103712 2017-04-27] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 AmdAS4; C:\WINDOWS\System32\drivers\AmdAS4.sys [27376 2016-08-12] (Advanced Micro Devices, INC.)
S0 amdkmafd; C:\WINDOWS\System32\drivers\amdkmafd.sys [49448 2016-08-18] (Advanced Micro Devices, Inc.)
R3 amdkmdag; C:\WINDOWS\System32\DriverStore\FileRepository\c0313745.inf_amd64_133311ca362c9cc6\atikmdag.sys [36558232 2017-05-03] (Advanced Micro Devices, Inc.)
R3 amdkmdap; C:\WINDOWS\System32\DriverStore\FileRepository\c0313745.inf_amd64_133311ca362c9cc6\atikmpag.sys [528792 2017-05-03] (Advanced Micro Devices, Inc.)
R2 APXACC; C:\WINDOWS\system32\DRIVERS\appexDrv.sys [229056 2015-04-03] (AppEx Networks Corporation)
R3 AtiHDAudioService; C:\WINDOWS\system32\drivers\AtihdWT6.sys [101376 2016-12-08] (Advanced Micro Devices)
R3 clwvd6; C:\WINDOWS\system32\DRIVERS\clwvd6.sys [41400 2015-08-31] (CyberLink Corporation)
S3 DFX11_1; C:\WINDOWS\system32\drivers\dfx11_1x64.sys [28008 2017-06-19] (Windows (R) Win 7 DDK provider)
S3 DFX12; C:\WINDOWS\system32\drivers\dfx12x64.sys [39048 2017-06-19] (Windows (R) Win 7 DDK provider)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [77376 2017-06-27] ()
R2 MBAMChameleon; C:\WINDOWS\system32\drivers\MBAMChameleon.sys [188352 2017-07-13] (Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\system32\drivers\farflt.sys [101784 2017-07-14] (Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\drivers\mbam.sys [45472 2017-07-14] (Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [253856 2017-07-14] (Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\drivers\mwac.sys [93600 2017-07-15] (Malwarebytes)
R1 MpKsl65e43d8f; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{28E10C89-85B6-458C-AB9A-D4E55BC86299}\MpKsl65e43d8f.sys [44928 2017-07-12] (Microsoft Corporation)
S1 MpKslde585b90; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{B5BFC2BF-BDE3-4E29-81FD-1E95F61B9AD5}\MpKslde585b90.sys [44928 2017-07-14] () [File not signed]
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [936192 2016-04-29] (Realtek )
S3 RTSUER; C:\WINDOWS\system32\Drivers\RtsUer.sys [411712 2015-05-21] (Realsil Semiconductor Corporation)
R3 RTWlanE; C:\WINDOWS\system32\DRIVERS\rtwlane.sys [6804480 2017-05-03] (Realtek Semiconductor Corporation )
R3 SmbDrv; C:\WINDOWS\system32\DRIVERS\Smb_driver_AMDASF.sys [76376 2016-10-05] (Synaptics Incorporated)
S3 SmbDrvI; C:\WINDOWS\System32\drivers\Smb_driver_Intel.sys [33960 2015-07-13] (Synaptics Incorporated)
R3 vmulti; C:\WINDOWS\System32\drivers\vmulti.sys [10752 2014-09-17] (Windows (R) Win 7 DDK provider)
S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
R3 WirelessButtonDriver64; C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys [30544 2015-08-13] (HP)
S3 xhunter1; C:\WINDOWS\xhunter1.sys [36832 2017-03-20] (Wellbia.com Co., Ltd.)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-07-15 02:34 - 2017-07-15 02:34 - 00000000 ____D C:\Users\Nick\Downloads\FRST-OlderVersion
2017-07-13 15:05 - 2017-07-13 15:05 - 00000222 _____ C:\Users\Nick\Desktop\Unturned.url
2017-07-13 13:35 - 2017-07-13 13:35 - 00001045 _____ C:\Users\Nick\Desktop\JRT.txt
2017-07-13 13:15 - 2017-07-13 13:15 - 01663672 _____ (Malwarebytes) C:\Users\Nick\Downloads\JRT.exe
2017-07-13 05:00 - 2017-07-13 05:00 - 00253856 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\5A1C02A8.sys
2017-07-13 04:49 - 2017-07-13 05:00 - 00000000 ____D C:\AdwCleaner
2017-07-13 04:47 - 2017-07-13 04:48 - 04110280 _____ C:\Users\Nick\Downloads\AdwCleaner.exe
2017-07-13 04:47 - 2017-07-13 04:47 - 00001210 _____ C:\Users\Nick\Desktop\12312.txt
2017-07-12 20:22 - 2017-07-12 20:22 - 03023142 _____ C:\Users\Nick\Downloads\sQGvON5.mp4
2017-07-12 19:28 - 2017-07-12 19:28 - 00001144 _____ C:\Users\Nick\AppData\Roaming\PureRef.ini
2017-07-12 18:22 - 2017-07-12 18:22 - 01139837 _____ C:\Users\Nick\Downloads\VapidExaltedChuckwalla-mobile.mp4
2017-07-11 16:15 - 2017-07-11 16:16 - 00000000 ___SD C:\WINDOWS\UpdateAssistantV2
2017-07-11 14:30 - 2017-07-11 14:30 - 00000222 _____ C:\Users\Nick\Desktop\Tree of Savior (English Ver.).url
2017-07-11 03:33 - 2017-07-13 02:55 - 00188352 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMChameleon.sys
2017-07-11 03:32 - 2017-07-15 02:33 - 00093600 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2017-07-11 03:32 - 2017-07-14 18:24 - 00253856 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2017-07-11 03:32 - 2017-07-14 18:24 - 00101784 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2017-07-11 03:32 - 2017-07-14 18:24 - 00045472 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2017-07-11 03:32 - 2017-07-11 03:32 - 00001919 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2017-07-11 03:32 - 2017-07-11 03:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2017-07-11 03:32 - 2017-06-27 12:06 - 00077376 _____ C:\WINDOWS\system32\Drivers\mbae64.sys
2017-07-11 03:31 - 2017-07-11 03:31 - 00000000 ____D C:\Program Files\Malwarebytes
2017-07-11 02:26 - 2017-07-11 02:28 - 65033984 _____ (Malwarebytes ) C:\Users\Nick\Downloads\mb3-setup-consumer-3.1.2.1733-1.0.160-1.0.2251.exe
2017-07-11 02:14 - 2017-07-11 02:14 - 00134850 _____ C:\Users\Nick\Desktop\httpsdiscordggeDSEeFd
2017-07-10 20:18 - 2017-07-10 20:18 - 00028272 _____ C:\WINDOWS\system32\Drivers\TrueSight.sys
2017-07-10 20:15 - 2017-07-11 02:18 - 00000000 ____D C:\ProgramData\RogueKiller
2017-07-10 20:14 - 2017-07-11 03:55 - 00000000 ____D C:\Users\Nick\Desktop\New folder (2)
2017-07-10 20:13 - 2017-07-10 20:13 - 00000906 _____ C:\Users\Public\Desktop\RogueKiller.lnk
2017-07-10 20:13 - 2017-07-10 20:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RogueKiller
2017-07-10 20:13 - 2017-07-10 20:13 - 00000000 ____D C:\Program Files\RogueKiller
2017-07-10 20:11 - 2017-07-10 20:11 - 35612552 _____ (Adlice Software ) C:\Users\Nick\Downloads\RogueKiller_setup_ref3.exe
2017-07-10 08:37 - 2017-07-10 08:37 - 00001417 _____ C:\Users\Nick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Update and Privacy Settings.lnk
2017-07-10 08:37 - 2017-07-10 08:37 - 00000000 ____D C:\Users\Nick\AppData\Local\UNP
2017-07-10 04:09 - 2017-07-10 04:09 - 04674307 _____ C:\Users\Nick\Downloads\叔叔不要.mp4
2017-07-09 21:33 - 2017-07-09 21:33 - 01230892 _____ C:\Users\Nick\Downloads\1499649317586.webm
2017-07-09 21:33 - 2017-07-09 21:33 - 01230892 _____ C:\Users\Nick\Downloads\1499649317586 (1).webm
2017-07-09 12:14 - 2017-07-09 12:14 - 00000000 ____D C:\Users\Nick\AppData\Local\Tempzxpsign1a02d8122a7d5e55
2017-07-09 11:59 - 2017-07-09 11:59 - 19898306 _____ C:\Users\Nick\Downloads\Sai Paint Tool 1.1.0.zip
2017-07-09 03:09 - 2017-07-09 12:27 - 00000000 ____D C:\Program Files\UNP
2017-07-09 03:09 - 2017-07-09 03:09 - 00000000 ____D C:\WINDOWS\system32\UNP
2017-07-09 02:59 - 2017-04-21 17:53 - 00029376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aspnet_counters.dll
2017-07-09 02:59 - 2017-04-21 17:50 - 00030912 _____ (Microsoft Corporation) C:\WINDOWS\system32\aspnet_counters.dll
2017-07-09 02:59 - 2017-04-21 17:50 - 00018592 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcr100_clr0400.dll
2017-07-09 02:58 - 2017-04-21 17:53 - 00018600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcr100_clr0400.dll
2017-07-09 02:58 - 2017-04-11 14:27 - 00993632 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcr120_clr0400.dll
2017-07-09 02:58 - 2017-04-11 14:27 - 00690008 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcp120_clr0400.dll
2017-07-09 02:58 - 2017-03-15 14:15 - 00987840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcr120_clr0400.dll
2017-07-09 02:58 - 2017-03-15 14:15 - 00485576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcp120_clr0400.dll
2017-07-09 02:24 - 2017-06-03 05:49 - 20967840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2017-07-09 02:24 - 2017-06-03 05:39 - 05686272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2017-07-09 02:24 - 2017-06-03 05:08 - 02643968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2017-07-09 02:24 - 2017-06-03 05:03 - 01988096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2017-07-09 02:24 - 2017-06-03 05:02 - 02997760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2017-07-09 02:24 - 2017-04-27 20:46 - 05722320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2017-07-09 02:24 - 2017-04-27 20:40 - 06665952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2017-07-09 02:24 - 2017-04-27 20:39 - 04312248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2017-07-09 02:24 - 2017-04-27 20:13 - 13873664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2017-07-09 02:24 - 2017-04-27 20:08 - 07626752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2017-07-09 02:24 - 2017-04-27 20:06 - 04614656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2017-07-09 02:24 - 2017-04-27 20:02 - 03307008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2017-07-09 02:24 - 2017-04-27 20:00 - 02749440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll
2017-07-09 02:24 - 2017-04-27 19:58 - 07468544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2017-07-09 02:24 - 2017-03-28 01:17 - 06109696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2017-07-09 02:23 - 2017-06-03 06:50 - 00315744 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2017-07-09 02:23 - 2017-06-03 06:16 - 00279904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2017-07-09 02:23 - 2017-06-03 06:06 - 02048496 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2017-07-09 02:23 - 2017-06-03 05:58 - 00340832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2017-07-09 02:23 - 2017-06-03 05:55 - 00780640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2017-07-09 02:23 - 2017-06-03 05:54 - 00187232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2017-07-09 02:23 - 2017-06-03 05:52 - 01021784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxPackaging.dll
2017-07-09 02:23 - 2017-06-03 05:52 - 00607072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll
2017-07-09 02:23 - 2017-06-03 05:52 - 00111968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupApi.dll
2017-07-09 02:23 - 2017-06-03 05:50 - 00857440 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2017-07-09 02:23 - 2017-06-03 05:50 - 00381792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2017-07-09 02:23 - 2017-06-03 05:45 - 22220864 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2017-07-09 02:23 - 2017-06-03 05:44 - 01412640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2017-07-09 02:23 - 2017-06-03 05:44 - 00545944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2017-07-09 02:23 - 2017-06-03 05:33 - 00095232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll
2017-07-09 02:23 - 2017-06-03 05:32 - 00002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll
2017-07-09 02:23 - 2017-06-03 05:31 - 00224256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExSMime.dll
2017-07-09 02:23 - 2017-06-03 05:31 - 00037376 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2017-07-09 02:23 - 2017-06-03 05:28 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.BlockedShutdown.dll
2017-07-09 02:23 - 2017-06-03 05:28 - 00232448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edputil.dll
2017-07-09 02:23 - 2017-06-03 05:26 - 00231936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.LockScreen.dll
2017-07-09 02:23 - 2017-06-03 05:26 - 00100352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AuthBrokerUI.dll
2017-07-09 02:23 - 2017-06-03 05:22 - 00364544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupShim.dll
2017-07-09 02:23 - 2017-06-03 05:22 - 00327168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netcorehc.dll
2017-07-09 02:23 - 2017-06-03 05:22 - 00181760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tcpipcfg.dll
2017-07-09 02:23 - 2017-06-03 05:20 - 00755712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2017-07-09 02:23 - 2017-06-03 05:19 - 01164288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certutil.exe
2017-07-09 02:23 - 2017-06-03 05:16 - 00709120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll
2017-07-09 02:23 - 2017-06-03 05:15 - 00886272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2017-07-09 02:23 - 2017-06-03 05:15 - 00041472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BasicRender.sys
2017-07-09 02:23 - 2017-06-03 05:14 - 00124416 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2017-07-09 02:23 - 2017-06-03 05:12 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fdProxy.dll
2017-07-09 02:23 - 2017-06-03 05:08 - 01221120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Audio.dll
2017-07-09 02:23 - 2017-06-03 05:07 - 00552960 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2017-07-09 02:23 - 2017-06-03 05:05 - 01883648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2017-07-09 02:23 - 2017-06-03 05:05 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hnetcfg.dll
2017-07-09 02:23 - 2017-06-03 05:04 - 02006528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2017-07-09 02:23 - 2017-06-03 05:04 - 00773120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2017-07-09 02:23 - 2017-06-03 04:52 - 03403264 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2017-07-09 02:23 - 2017-06-03 04:50 - 02538496 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2017-07-09 02:23 - 2017-06-03 04:49 - 00903680 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2017-07-09 02:23 - 2017-06-03 04:48 - 00391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2017-07-09 02:23 - 2017-06-03 04:40 - 00483840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2017-07-09 02:23 - 2017-04-27 21:28 - 00965472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgent.dll
2017-07-09 02:23 - 2017-04-27 20:59 - 00601712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2017-07-09 02:23 - 2017-04-27 20:55 - 00088416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\scmbus.sys
2017-07-09 02:23 - 2017-04-27 20:53 - 00616048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll
2017-07-09 02:23 - 2017-04-27 20:48 - 00263472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.ApplicationData.dll
2017-07-09 02:23 - 2017-04-27 20:46 - 01504056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2017-07-09 02:23 - 2017-04-27 20:46 - 01431232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2017-07-09 02:23 - 2017-04-27 20:45 - 02263832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2017-07-09 02:23 - 2017-04-27 20:45 - 00975744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2017-07-09 02:23 - 2017-04-27 20:45 - 00861024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2017-07-09 02:23 - 2017-04-27 20:45 - 00493920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2017-07-09 02:23 - 2017-04-27 20:45 - 00116576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostCommon.dll
2017-07-09 02:23 - 2017-04-27 20:43 - 02168288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2017-07-09 02:23 - 2017-04-27 20:43 - 01980768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2017-07-09 02:23 - 2017-04-27 20:43 - 01557224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
2017-07-09 02:23 - 2017-04-27 20:43 - 00846560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2017-07-09 02:23 - 2017-04-27 20:41 - 00361104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsmf.dll
2017-07-09 02:23 - 2017-04-27 20:40 - 04023008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2017-07-09 02:23 - 2017-04-27 20:40 - 01851696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2017-07-09 02:23 - 2017-04-27 20:40 - 01360456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll
2017-07-09 02:23 - 2017-04-27 20:40 - 01277856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2017-07-09 02:23 - 2017-04-27 20:40 - 01202936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2017-07-09 02:23 - 2017-04-27 20:40 - 00981888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetcore.dll
2017-07-09 02:23 - 2017-04-27 20:40 - 00352760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MMDevAPI.dll
2017-07-09 02:23 - 2017-04-27 20:39 - 00962760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2017-07-09 02:23 - 2017-04-27 20:39 - 00715104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2017-07-09 02:23 - 2017-04-27 20:38 - 00557408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2017-07-09 02:23 - 2017-04-27 20:35 - 08170600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2017-07-09 02:23 - 2017-04-27 20:35 - 00276832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\input.dll
2017-07-09 02:23 - 2017-04-27 20:23 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll
2017-07-09 02:23 - 2017-04-27 20:22 - 00165376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReInfo.dll
2017-07-09 02:23 - 2017-04-27 20:22 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\odbcconf.dll
2017-07-09 02:23 - 2017-04-27 20:21 - 00027648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BthTelemetry.dll
2017-07-09 02:23 - 2017-04-27 20:20 - 00141824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Radios.dll
2017-07-09 02:23 - 2017-04-27 20:20 - 00044032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\virtdisk.dll
2017-07-09 02:23 - 2017-04-27 20:19 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDeviceRegistration.dll
2017-07-09 02:23 - 2017-04-27 20:19 - 00138240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DisplayManager.dll
2017-07-09 02:23 - 2017-04-27 20:18 - 00450560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastls.dll
2017-07-09 02:23 - 2017-04-27 20:18 - 00255488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\unimdm.tsp
2017-07-09 02:23 - 2017-04-27 20:17 - 00328192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2017-07-09 02:23 - 2017-04-27 20:17 - 00142336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.WiFi.dll
2017-07-09 02:23 - 2017-04-27 20:17 - 00136192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinRtTracing.dll
2017-07-09 02:23 - 2017-04-27 20:17 - 00095232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BluetoothApis.dll
2017-07-09 02:23 - 2017-04-27 20:17 - 00094208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryClient.dll
2017-07-09 02:23 - 2017-04-27 20:16 - 00392192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Gaming.Input.dll
2017-07-09 02:23 - 2017-04-27 20:16 - 00374784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.LowLevel.dll
2017-07-09 02:23 - 2017-04-27 20:16 - 00315904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Gaming.XboxLive.Storage.dll
2017-07-09 02:23 - 2017-04-27 20:16 - 00203776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credprovhost.dll
2017-07-09 02:23 - 2017-04-27 20:16 - 00184320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserMgrProxy.dll
2017-07-09 02:23 - 2017-04-27 20:16 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2017-07-09 02:23 - 2017-04-27 20:16 - 00113152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Lights.dll
2017-07-09 02:23 - 2017-04-27 20:15 - 00557568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2017-07-09 02:23 - 2017-04-27 20:15 - 00404992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dsreg.dll
2017-07-09 02:23 - 2017-04-27 20:15 - 00334848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastlsext.dll
2017-07-09 02:23 - 2017-04-27 20:15 - 00237568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncSettings.dll
2017-07-09 02:23 - 2017-04-27 20:15 - 00206336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bthprops.cpl
2017-07-09 02:23 - 2017-04-27 20:15 - 00117760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AuthBroker.dll
2017-07-09 02:23 - 2017-04-27 20:15 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Core.dll
2017-07-09 02:23 - 2017-04-27 20:14 - 00670208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.PointOfService.dll
2017-07-09 02:23 - 2017-04-27 20:14 - 00483840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.AllJoyn.dll
2017-07-09 02:23 - 2017-04-27 20:14 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe
2017-07-09 02:23 - 2017-04-27 20:13 - 01755136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DeviceFlows.DataModel.dll
2017-07-09 02:23 - 2017-04-27 20:13 - 01243136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.FaceAnalysis.dll
2017-07-09 02:23 - 2017-04-27 20:13 - 00562176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.SmartCards.dll
2017-07-09 02:23 - 2017-04-27 20:13 - 00506880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DevicePairing.dll
2017-07-09 02:23 - 2017-04-27 20:13 - 00426496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Wallet.dll
2017-07-09 02:23 - 2017-04-27 20:13 - 00386048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.WiFiDirect.dll
2017-07-09 02:23 - 2017-04-27 20:13 - 00332288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Bluetooth.dll
2017-07-09 02:23 - 2017-04-27 20:13 - 00325120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleacc.dll
2017-07-09 02:23 - 2017-04-27 20:13 - 00298496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2017-07-09 02:23 - 2017-04-27 20:13 - 00271360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\deviceaccess.dll
2017-07-09 02:23 - 2017-04-27 20:13 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WwaApi.dll
2017-07-09 02:23 - 2017-04-27 20:13 - 00206336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vaultcli.dll
2017-07-09 02:23 - 2017-04-27 20:13 - 00202752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.HumanInterfaceDevice.dll
2017-07-09 02:23 - 2017-04-27 20:13 - 00185856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Identity.Provider.dll
2017-07-09 02:23 - 2017-04-27 20:13 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Scanners.dll
2017-07-09 02:23 - 2017-04-27 20:13 - 00125952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepapi.dll
2017-07-09 02:23 - 2017-04-27 20:13 - 00114176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setupugc.exe

 

[Balanced]

2017-07-09 02:23 - 2017-04-27 20:12 - 00498688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mbsmsapi.dll
2017-07-09 02:23 - 2017-04-27 20:12 - 00431616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\efswrt.dll
2017-07-09 02:23 - 2017-04-27 20:12 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepsync.dll
2017-07-09 02:23 - 2017-04-27 20:12 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Picker.dll
2017-07-09 02:23 - 2017-04-27 20:11 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WebcamUi.dll
2017-07-09 02:23 - 2017-04-27 20:11 - 00747520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Ocr.dll
2017-07-09 02:23 - 2017-04-27 20:11 - 00075776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
2017-07-09 02:23 - 2017-04-27 20:10 - 00857600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EmailApis.dll
2017-07-09 02:23 - 2017-04-27 20:10 - 00819200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppContracts.dll
2017-07-09 02:23 - 2017-04-27 20:10 - 00816640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NaturalLanguage6.dll
2017-07-09 02:23 - 2017-04-27 20:10 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mprddm.dll
2017-07-09 02:23 - 2017-04-27 20:10 - 00314368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Usb.dll
2017-07-09 02:23 - 2017-04-27 20:10 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.dll
2017-07-09 02:23 - 2017-04-27 20:10 - 00238080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AboveLockAppHost.dll
2017-07-09 02:23 - 2017-04-27 20:09 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2017-07-09 02:23 - 2017-04-27 20:09 - 00525824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintDialogs.dll
2017-07-09 02:23 - 2017-04-27 20:09 - 00509440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2017-07-09 02:23 - 2017-04-27 20:09 - 00352256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Enumeration.dll
2017-07-09 02:23 - 2017-04-27 20:08 - 01534464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.3D.dll
2017-07-09 02:23 - 2017-04-27 20:08 - 01228288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usercpl.dll
2017-07-09 02:23 - 2017-04-27 20:08 - 00653312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.AccountsControl.dll
2017-07-09 02:23 - 2017-04-27 20:08 - 00288256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CryptoWinRT.dll
2017-07-09 02:23 - 2017-04-27 20:07 - 03689984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2017-07-09 02:23 - 2017-04-27 20:07 - 00525312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LogonController.dll
2017-07-09 02:23 - 2017-04-27 20:07 - 00256512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\thumbcache.dll
2017-07-09 02:23 - 2017-04-27 20:06 - 02333184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmSvc.dll
2017-07-09 02:23 - 2017-04-27 20:06 - 00901120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Bluetooth.dll
2017-07-09 02:23 - 2017-04-27 20:06 - 00675840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.dll
2017-07-09 02:23 - 2017-04-27 20:05 - 03733504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll
2017-07-09 02:23 - 2017-04-27 20:05 - 00589312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Sensors.dll
2017-07-09 02:23 - 2017-04-27 20:04 - 01323008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_fs.dll
2017-07-09 02:23 - 2017-04-27 20:03 - 01137152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_health.dll
2017-07-09 02:23 - 2017-04-27 20:03 - 01077760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Editing.dll
2017-07-09 02:23 - 2017-04-27 20:03 - 00355328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RTMediaFrame.dll
2017-07-09 02:23 - 2017-04-27 20:03 - 00318464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LocationApi.dll
2017-07-09 02:23 - 2017-04-27 20:03 - 00291328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\adsnt.dll
2017-07-09 02:23 - 2017-04-27 20:03 - 00134656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Energy.dll
2017-07-09 02:23 - 2017-04-27 20:01 - 00795648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MiracastReceiver.dll
2017-07-09 02:23 - 2017-04-27 20:01 - 00713216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll
2017-07-09 02:23 - 2017-04-27 20:01 - 00343040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToDevice.dll
2017-07-09 02:23 - 2017-04-27 20:01 - 00248832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dlnashext.dll
2017-07-09 02:23 - 2017-04-27 20:01 - 00141312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dialclient.dll
2017-07-09 02:23 - 2017-04-27 20:00 - 01255936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2017-07-09 02:23 - 2017-04-27 20:00 - 00193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinRtTracing.dll
2017-07-09 02:23 - 2017-04-27 20:00 - 00149504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Core.dll
2017-07-09 02:23 - 2017-04-27 19:59 - 02154496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\storagewmi.dll
2017-07-09 02:23 - 2017-04-27 19:59 - 00895488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Streaming.dll
2017-07-09 02:23 - 2017-04-27 19:59 - 00467968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Gaming.XboxLive.Storage.dll
2017-07-09 02:23 - 2017-04-27 19:59 - 00220672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToReceiver.dll
2017-07-09 02:23 - 2017-04-27 19:58 - 04596224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VsGraphicsDesktopEngine.exe
2017-07-09 02:23 - 2017-04-27 19:58 - 00546304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uReFS.dll
2017-07-09 02:23 - 2017-04-27 19:58 - 00433664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imapi2.dll
2017-07-09 02:23 - 2017-04-27 19:58 - 00134144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ErrorDetails.dll
2017-07-09 02:23 - 2017-04-27 19:58 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2017-07-09 02:23 - 2017-04-27 19:57 - 01507840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.FaceAnalysis.dll
2017-07-09 02:23 - 2017-04-27 19:57 - 01247232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Globalization.dll
2017-07-09 02:23 - 2017-04-27 19:57 - 00719872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_sr.dll
2017-07-09 02:23 - 2017-04-27 19:57 - 00641024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCRecvSrc.dll
2017-07-09 02:23 - 2017-04-27 19:57 - 00089600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CameraCaptureUI.dll
2017-07-09 02:23 - 2017-04-27 19:56 - 00400384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToManager.dll
2017-07-09 02:23 - 2017-04-27 19:56 - 00358912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.dll
2017-07-09 02:23 - 2017-04-27 19:56 - 00357376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Geolocation.dll
2017-07-09 02:23 - 2017-04-27 19:56 - 00333312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsApi.dll
2017-07-09 02:23 - 2017-04-27 19:56 - 00103936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Devices.dll
2017-07-09 02:23 - 2017-04-27 19:55 - 01993216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2017-07-09 02:23 - 2017-04-27 19:55 - 01656320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Perception.dll
2017-07-09 02:23 - 2017-04-27 19:55 - 01413632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OpcServices.dll
2017-07-09 02:23 - 2017-04-27 19:55 - 01232384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Maps.dll
2017-07-09 02:23 - 2017-04-27 19:55 - 01170944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll
2017-07-09 02:23 - 2017-04-27 19:55 - 01004544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Input.Inking.dll
2017-07-09 02:23 - 2017-04-27 19:55 - 00561664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Wallet.dll
2017-07-09 02:23 - 2017-04-27 19:54 - 02747904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpcore.dll
2017-07-09 02:23 - 2017-04-27 19:54 - 02646528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertEnroll.dll
2017-07-09 02:23 - 2017-04-27 19:54 - 02483200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2017-07-09 02:23 - 2017-04-27 19:54 - 01013248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.Http.dll
2017-07-09 02:23 - 2017-04-27 19:54 - 00654336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApiPublic.dll
2017-07-09 02:23 - 2017-04-27 19:54 - 00598528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.dll
2017-07-09 02:23 - 2017-04-27 19:54 - 00566784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ShareHost.dll
2017-07-09 02:23 - 2017-04-27 19:54 - 00348160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Midi.dll
2017-07-09 02:23 - 2017-04-27 19:53 - 01170944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Phone.dll
2017-07-09 02:23 - 2017-04-27 19:53 - 00798208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2017-07-09 02:23 - 2017-04-27 19:53 - 00751104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.BackgroundTransfer.dll
2017-07-09 02:23 - 2017-04-27 19:53 - 00621056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2017-07-09 02:23 - 2017-04-27 19:53 - 00245760 _____ (Microsoft Corporation) C:\WINDOWS\system32\WwaApi.dll
2017-07-09 02:23 - 2017-04-27 19:52 - 03106304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstsc.exe
2017-07-09 02:23 - 2017-04-27 19:52 - 01600000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2017-07-09 02:23 - 2017-04-27 19:50 - 00783360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TSWorkspace.dll
2017-07-09 02:23 - 2017-04-27 19:43 - 00963584 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebcamUi.dll
2017-07-09 02:23 - 2017-04-27 19:41 - 01080320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Ocr.dll
2017-07-09 02:23 - 2017-04-27 19:40 - 00816640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2017-07-09 02:23 - 2017-04-27 19:39 - 04596224 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsrchvw.exe
2017-07-09 02:23 - 2017-04-27 19:38 - 02424320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Perception.dll
2017-07-09 02:23 - 2017-04-27 19:37 - 01424896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Maps.dll
2017-07-09 02:23 - 2017-04-27 19:37 - 01266176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Input.Inking.dll
2017-07-09 02:23 - 2017-03-28 02:21 - 00167848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscapi.dll
2017-07-09 02:23 - 2017-03-28 02:04 - 00277344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msiscsi.sys
2017-07-09 02:23 - 2017-03-28 02:04 - 00136032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostUser.dll
2017-07-09 02:23 - 2017-03-28 02:02 - 00576408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2017-07-09 02:23 - 2017-03-28 01:58 - 01344448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll
2017-07-09 02:23 - 2017-03-28 01:52 - 00306800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.MediaControl.dll
2017-07-09 02:23 - 2017-03-28 01:42 - 00051712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usoapi.dll
2017-07-09 02:23 - 2017-03-28 01:40 - 00049664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XblAuthManagerProxy.dll
2017-07-09 02:23 - 2017-03-28 01:39 - 00040960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBrokerUI.dll
2017-07-09 02:23 - 2017-03-28 01:38 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XblAuthTokenBrokerExt.dll
2017-07-09 02:23 - 2017-03-28 01:37 - 00215552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apds.dll
2017-07-09 02:23 - 2017-03-28 01:37 - 00177664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.Diagnostics.dll
2017-07-09 02:23 - 2017-03-28 01:37 - 00123904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.HostName.dll
2017-07-09 02:23 - 2017-03-28 01:37 - 00097792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.System.SystemManagement.dll
2017-07-09 02:23 - 2017-03-28 01:36 - 00769024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ipsecsnp.dll
2017-07-09 02:23 - 2017-03-28 01:36 - 00237568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Diagnostics.dll
2017-07-09 02:23 - 2017-03-28 01:36 - 00129024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.SerialCommunication.dll
2017-07-09 02:23 - 2017-03-28 01:36 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.ServiceDiscovery.Dnssd.dll
2017-07-09 02:23 - 2017-03-28 01:36 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.System.UserDeviceAssociation.dll
2017-07-09 02:23 - 2017-03-28 01:36 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BasicDisplay.sys
2017-07-09 02:23 - 2017-03-28 01:35 - 00505856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.exe
2017-07-09 02:23 - 2017-03-28 01:35 - 00092672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Background.SystemEventsBroker.dll
2017-07-09 02:23 - 2017-03-28 01:33 - 00609280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Import.dll
2017-07-09 02:23 - 2017-03-28 01:33 - 00436736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ipsmsnap.dll
2017-07-09 02:23 - 2017-03-28 01:31 - 00711680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2017-07-09 02:23 - 2017-03-28 01:31 - 00390656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProvDataModel.dll
2017-07-09 02:23 - 2017-03-28 01:30 - 00787968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sbe.dll
2017-07-09 02:23 - 2017-03-28 01:26 - 00642048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.InkControls.dll
2017-07-09 02:23 - 2017-03-28 01:26 - 00468992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.InkControls.dll
2017-07-09 02:23 - 2017-03-28 01:26 - 00313856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2017-07-09 02:23 - 2017-03-28 01:25 - 01196544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscui.cpl
2017-07-09 02:23 - 2017-03-28 01:24 - 06474752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspaint.exe
2017-07-09 02:23 - 2017-03-28 01:23 - 00395264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmenrollengine.dll
2017-07-09 02:23 - 2017-03-28 01:22 - 00516096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidcli.dll
2017-07-09 02:23 - 2017-03-28 01:22 - 00157696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\enrollmentapi.dll
2017-07-09 02:23 - 2017-03-28 01:20 - 00078336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmjpegdec.dll
2017-07-09 02:23 - 2017-03-28 01:19 - 00746496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdtcprx.dll
2017-07-09 02:23 - 2017-03-28 01:16 - 03198464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2017-07-09 02:23 - 2017-03-28 01:13 - 02138112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2017-07-09 02:23 - 2017-03-28 01:13 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\asycfilt.dll
2017-07-09 02:23 - 2017-03-28 01:12 - 02682880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netshell.dll
2017-07-09 02:23 - 2017-03-28 01:12 - 00862208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2017-07-09 02:23 - 2017-03-28 01:12 - 00542208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Connectivity.dll
2017-07-09 02:23 - 2017-03-28 01:11 - 01576448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2017-07-09 02:23 - 2017-03-28 01:08 - 01564160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\quartz.dll
2017-07-09 02:23 - 2017-03-28 01:08 - 00299008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RADCUI.dll
2017-07-09 02:23 - 2017-03-16 00:38 - 00034088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CompPkgSup.dll
2017-07-09 02:22 - 2017-06-03 06:11 - 01706488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2017-07-09 02:22 - 2017-06-03 06:09 - 02213760 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2017-07-09 02:22 - 2017-06-03 06:08 - 07783256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2017-07-09 02:22 - 2017-06-03 05:59 - 01181024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2017-07-09 02:22 - 2017-06-03 05:59 - 00118112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tdx.sys
2017-07-09 02:22 - 2017-06-03 05:51 - 02187104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2017-07-09 02:22 - 2017-06-03 05:48 - 00857952 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll
2017-07-09 02:22 - 2017-06-03 05:48 - 00148832 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupApi.dll
2017-07-09 02:22 - 2017-06-03 05:39 - 02532192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2017-07-09 02:22 - 2017-06-03 05:18 - 22569984 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2017-07-09 02:22 - 2017-06-03 05:16 - 00119808 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
2017-07-09 02:22 - 2017-06-03 05:15 - 19414016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2017-07-09 02:22 - 2017-06-03 05:15 - 18364928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2017-07-09 02:22 - 2017-06-03 05:15 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll
2017-07-09 02:22 - 2017-06-03 05:14 - 00238592 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2017-07-09 02:22 - 2017-06-03 05:14 - 00098304 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2017-07-09 02:22 - 2017-06-03 05:09 - 00441344 _____ (Microsoft Corporation) C:\WINDOWS\system32\netcorehc.dll
2017-07-09 02:22 - 2017-06-03 05:08 - 12187648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2017-07-09 02:22 - 2017-06-03 05:07 - 00456192 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll
2017-07-09 02:22 - 2017-06-03 05:06 - 03664384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2017-07-09 02:22 - 2017-06-03 05:04 - 06042624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2017-07-09 02:22 - 2017-06-03 05:00 - 23677440 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2017-07-09 02:22 - 2017-06-03 04:56 - 13091840 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2017-07-09 02:22 - 2017-06-03 04:54 - 01217024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Audio.dll
2017-07-09 02:22 - 2017-06-03 04:53 - 08125440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2017-07-09 02:22 - 2017-06-03 04:51 - 00266752 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll
2017-07-09 02:22 - 2017-06-03 04:50 - 04744704 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2017-07-09 02:22 - 2017-06-03 04:49 - 02691072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2017-07-09 02:22 - 2017-06-03 04:49 - 02475520 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2017-07-09 02:22 - 2017-06-03 04:49 - 01845248 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2017-07-09 02:22 - 2017-06-03 04:48 - 01131008 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2017-07-09 02:22 - 2017-06-03 04:48 - 00834048 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2017-07-09 02:22 - 2017-05-25 01:56 - 00038752 _____ (Microsoft Corporation) C:\WINDOWS\system32\OOBEUpdater.exe
2017-07-09 02:22 - 2017-04-27 20:57 - 00794928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
2017-07-09 02:22 - 2017-04-27 20:53 - 00774224 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2017-07-09 02:22 - 2017-04-27 20:40 - 07220184 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2017-07-09 02:22 - 2017-04-27 20:40 - 02759704 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2017-07-09 02:22 - 2017-04-27 20:40 - 01860288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2017-07-09 02:22 - 2017-04-27 20:40 - 01738560 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2017-07-09 02:22 - 2017-04-27 20:36 - 00408600 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsmf.dll
2017-07-09 02:22 - 2017-04-27 20:36 - 00092512 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2017-07-09 02:22 - 2017-04-27 20:35 - 04260576 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2017-07-09 02:22 - 2017-04-27 20:35 - 01988048 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2017-07-09 02:22 - 2017-04-27 20:35 - 01702392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2017-07-09 02:22 - 2017-04-27 20:35 - 01302136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2017-07-09 02:22 - 2017-04-27 20:35 - 00596040 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2017-07-09 02:22 - 2017-04-27 20:34 - 01072248 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll
2017-07-09 02:22 - 2017-04-27 20:34 - 00443232 _____ (Microsoft Corporation) C:\WINDOWS\system32\MMDevAPI.dll
2017-07-09 02:22 - 2017-04-27 20:34 - 00244824 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2017-07-09 02:22 - 2017-04-27 20:28 - 00453536 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2017-07-09 02:22 - 2017-04-27 20:28 - 00387864 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpps.dll
2017-07-09 02:22 - 2017-04-27 20:07 - 00372736 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXTaskFactory.dll
2017-07-09 02:22 - 2017-04-27 20:02 - 00040448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vwifimp.sys
2017-07-09 02:22 - 2017-04-27 20:01 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\unimdm.tsp
2017-07-09 02:22 - 2017-04-27 20:00 - 12349440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2017-07-09 02:22 - 2017-04-27 20:00 - 00165376 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2017-07-09 02:22 - 2017-04-27 19:58 - 00418304 _____ C:\WINDOWS\system32\Windows.Perception.Stub.dll
2017-07-09 02:22 - 2017-04-27 19:58 - 00360448 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpencom.dll
2017-07-09 02:22 - 2017-04-27 19:58 - 00211968 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2017-07-09 02:22 - 2017-04-27 19:57 - 00502784 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll
2017-07-09 02:22 - 2017-04-27 19:57 - 00216576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Scanners.dll
2017-07-09 02:22 - 2017-04-27 19:57 - 00132096 _____ (Microsoft Corporation) C:\WINDOWS\system32\PrintWSDAHost.dll
2017-07-09 02:22 - 2017-04-27 19:56 - 00748544 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2017-07-09 02:22 - 2017-04-27 19:56 - 00590336 _____ (Microsoft Corporation) C:\WINDOWS\system32\efswrt.dll
2017-07-09 02:22 - 2017-04-27 19:56 - 00293888 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2017-07-09 02:22 - 2017-04-27 19:56 - 00260608 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgentUserBroker.exe
2017-07-09 02:22 - 2017-04-27 19:55 - 00307200 _____ (Microsoft Corporation) C:\WINDOWS\system32\PrintDialogs3D.dll
2017-07-09 02:22 - 2017-04-27 19:55 - 00252416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Identity.Provider.dll
2017-07-09 02:22 - 2017-04-27 19:54 - 00284160 _____ (Microsoft Corporation) C:\WINDOWS\system32\AboveLockAppHost.dll
2017-07-09 02:22 - 2017-04-27 19:53 - 06288384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2017-07-09 02:22 - 2017-04-27 19:53 - 03059200 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2017-07-09 02:22 - 2017-04-27 19:53 - 00671744 _____ (Microsoft Corporation) C:\WINDOWS\system32\mbsmsapi.dll
2017-07-09 02:22 - 2017-04-27 19:53 - 00579584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.UX.EapRequestHandler.dll
2017-07-09 02:22 - 2017-04-27 19:51 - 00713216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2017-07-09 02:22 - 2017-04-27 19:51 - 00458752 _____ (Microsoft Corporation) C:\WINDOWS\system32\RTMediaFrame.dll
2017-07-09 02:22 - 2017-04-27 19:51 - 00409600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2017-07-09 02:22 - 2017-04-27 19:50 - 03778048 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2017-07-09 02:22 - 2017-04-27 19:50 - 00329728 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvecpl.dll
2017-07-09 02:22 - 2017-04-27 19:49 - 17198592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2017-07-09 02:22 - 2017-04-27 19:49 - 00864256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll
2017-07-09 02:22 - 2017-04-27 19:47 - 01908224 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2017-07-09 02:22 - 2017-04-27 19:47 - 01078784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll
2017-07-09 02:22 - 2017-04-27 19:47 - 00796672 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvewiz.dll
2017-07-09 02:22 - 2017-04-27 19:47 - 00627200 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpaceControl.dll
2017-07-09 02:22 - 2017-04-27 19:45 - 00411648 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsApi.dll
2017-07-09 02:22 - 2017-04-27 19:44 - 01366016 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2017-07-09 02:22 - 2017-04-27 19:44 - 01145344 _____ (Microsoft Corporation) C:\WINDOWS\system32\EmailApis.dll
2017-07-09 02:22 - 2017-04-27 19:44 - 00583680 _____ (Microsoft Corporation) C:\WINDOWS\system32\PrintDialogs.dll
2017-07-09 02:22 - 2017-04-27 19:44 - 00548864 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2017-07-09 02:22 - 2017-04-27 19:43 - 01184256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll
2017-07-09 02:22 - 2017-04-27 19:43 - 00646656 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiaservc.dll
2017-07-09 02:22 - 2017-04-27 19:43 - 00526336 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2017-07-09 02:22 - 2017-04-27 19:43 - 00331264 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnrSvc.dll
2017-07-09 02:22 - 2017-04-27 19:42 - 13441536 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2017-07-09 02:22 - 2017-04-27 19:42 - 08076288 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2017-07-09 02:22 - 2017-04-27 19:42 - 02390016 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreen.exe
2017-07-09 02:22 - 2017-04-27 19:41 - 00983040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcsvc.dll
2017-07-09 02:22 - 2017-04-27 19:41 - 00860160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mprddm.dll
2017-07-09 02:22 - 2017-04-27 19:41 - 00611328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.dll
2017-07-09 02:22 - 2017-04-27 19:39 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApiPublic.dll
2017-07-09 02:22 - 2017-04-27 19:38 - 01359360 _____ (Microsoft Corporation) C:\WINDOWS\system32\usercpl.dll
2017-07-09 02:22 - 2017-04-27 19:38 - 00765440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Sensors.dll
2017-07-09 02:22 - 2017-04-27 19:37 - 04149248 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2017-07-09 02:22 - 2017-04-27 19:37 - 03134976 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcore.dll
2017-07-09 02:22 - 2017-04-27 19:37 - 02895872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2017-07-09 02:22 - 2017-04-27 19:37 - 02286592 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2017-07-09 02:22 - 2017-04-27 19:37 - 01984000 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2017-07-09 02:22 - 2017-04-27 19:37 - 01783296 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2017-07-09 02:22 - 2017-04-27 19:35 - 03299840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstsc.exe
2017-07-09 02:22 - 2017-04-27 19:34 - 00999424 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll
2017-07-09 02:22 - 2017-04-27 19:34 - 00439296 _____ (Microsoft Corporation) C:\WINDOWS\system32\wksprt.exe
2017-07-09 02:22 - 2017-04-27 19:34 - 00394240 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpclip.exe
2017-07-09 02:22 - 2017-03-28 02:32 - 00198856 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscapi.dll
2017-07-09 02:22 - 2017-03-28 02:26 - 00218520 _____ (Microsoft Corporation) C:\WINDOWS\system32\LsaIso.exe
2017-07-09 02:22 - 2017-03-28 02:11 - 00360040 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2017-07-09 02:22 - 2017-03-28 02:09 - 00097128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Credentials.UI.CredentialPicker.dll
2017-07-09 02:22 - 2017-03-28 02:05 - 01848584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
2017-07-09 02:22 - 2017-03-28 01:36 - 00216576 _____ (Microsoft Corporation) C:\WINDOWS\system32\RdpRelayTransport.dll
2017-07-09 02:22 - 2017-03-28 01:34 - 00113664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.ServiceDiscovery.Dnssd.dll
2017-07-09 02:22 - 2017-03-28 01:27 - 00441856 _____ (Microsoft Corporation) C:\WINDOWS\system32\AccountsRt.dll
2017-07-09 02:22 - 2017-03-28 01:24 - 01220096 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscui.cpl
2017-07-09 02:22 - 2017-03-28 01:22 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.DeviceEncryptionHandlers.dll
2017-07-09 02:22 - 2017-03-28 01:19 - 07655424 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2017-07-09 02:22 - 2017-03-28 01:14 - 00947712 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVP9DEC.dll
2017-07-09 02:21 - 2017-06-03 06:50 - 00192856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aepic.dll
2017-07-09 02:21 - 2017-06-03 06:14 - 01564512 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2017-07-09 02:21 - 2017-06-03 06:14 - 01214816 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2017-07-09 02:21 - 2017-06-03 06:14 - 00629088 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2017-07-09 02:21 - 2017-06-03 06:14 - 00544096 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2017-07-09 02:21 - 2017-06-03 06:14 - 00379232 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2017-07-09 02:21 - 2017-06-03 06:14 - 00335712 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcntel.dll
2017-07-09 02:21 - 2017-06-03 06:14 - 00334176 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2017-07-09 02:21 - 2017-06-03 06:14 - 00233824 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2017-07-09 02:21 - 2017-06-03 06:14 - 00136032 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2017-07-09 02:21 - 2017-06-03 06:14 - 00136024 _____ (Microsoft Corporation) C:\WINDOWS\system32\ImplatSetup.dll
2017-07-09 02:21 - 2017-06-03 06:14 - 00096608 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2017-07-09 02:21 - 2017-06-03 06:14 - 00034648 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2017-07-09 02:21 - 2017-06-03 06:11 - 00128864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tm.sys
2017-07-09 02:21 - 2017-06-03 06:01 - 02681200 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2017-07-09 02:21 - 2017-06-03 05:59 - 00764392 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2017-07-09 02:21 - 2017-06-03 05:53 - 00404824 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2017-07-09 02:21 - 2017-06-03 05:51 - 00402272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2017-07-09 02:21 - 2017-06-03 05:49 - 00624048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2017-07-09 02:21 - 2017-06-03 05:49 - 00509280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2017-07-09 02:21 - 2017-06-03 05:48 - 01112416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxPackaging.dll
2017-07-09 02:21 - 2017-06-03 05:48 - 01100128 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2017-07-09 02:21 - 2017-06-03 05:48 - 00989024 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2017-07-09 02:21 - 2017-06-03 05:44 - 01600624 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2017-07-09 02:21 - 2017-06-03 05:40 - 01566552 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2017-07-09 02:21 - 2017-06-03 05:40 - 00628552 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2017-07-09 02:21 - 2017-06-03 05:39 - 00455520 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2017-07-09 02:21 - 2017-06-03 05:23 - 00306688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2017-07-09 02:21 - 2017-06-03 05:22 - 07217152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2017-07-09 02:21 - 2017-06-03 05:16 - 00002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
2017-07-09 02:21 - 2017-06-03 05:14 - 00045056 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2017-07-09 02:21 - 2017-06-03 05:11 - 00353792 _____ (Microsoft Corporation) C:\WINDOWS\system32\cloudAP.dll
2017-07-09 02:21 - 2017-06-03 05:10 - 00418304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BlockedShutdown.dll
2017-07-09 02:21 - 2017-06-03 05:10 - 00252928 _____ (Microsoft Corporation) C:\WINDOWS\system32\edputil.dll
2017-07-09 02:21 - 2017-06-03 05:10 - 00117760 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuthBrokerUI.dll
2017-07-09 02:21 - 2017-06-03 05:09 - 00489472 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupShim.dll
2017-07-09 02:21 - 2017-06-03 05:09 - 00337408 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkBindingEngineMigPlugin.dll
2017-07-09 02:21 - 2017-06-03 05:08 - 00691200 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2017-07-09 02:21 - 2017-06-03 05:08 - 00324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll
2017-07-09 02:21 - 2017-06-03 05:08 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2017-07-09 02:21 - 2017-06-03 05:07 - 00255488 _____ (Microsoft Corporation) C:\WINDOWS\system32\HNetCfgClient.dll
2017-07-09 02:21 - 2017-06-03 05:06 - 00198144 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpapisrv.dll
2017-07-09 02:21 - 2017-06-03 05:03 - 00932864 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2017-07-09 02:21 - 2017-06-03 05:01 - 00856064 _____ (Microsoft Corporation) C:\WINDOWS\system32\efscore.dll
2017-07-09 02:21 - 2017-06-03 04:58 - 00064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdProxy.dll
2017-07-09 02:21 - 2017-06-03 04:52 - 02510848 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2017-07-09 02:21 - 2017-06-03 04:52 - 00975872 _____ (Microsoft Corporation) C:\WINDOWS\HelpPane.exe
2017-07-09 02:21 - 2017-06-03 04:52 - 00886784 _____ (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll
2017-07-09 02:21 - 2017-06-03 04:51 - 01418240 _____ (Microsoft Corporation) C:\WINDOWS\system32\certutil.exe
2017-07-09 02:21 - 2017-06-03 04:49 - 03615744 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2017-07-09 02:21 - 2017-06-03 04:49 - 02318848 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2017-07-09 02:21 - 2017-06-03 04:49 - 01513472 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2017-07-09 02:21 - 2017-06-03 04:49 - 00351744 _____ (Microsoft Corporation) C:\WINDOWS\system32\hnetcfg.dll
2017-07-09 02:21 - 2017-06-03 04:48 - 01490432 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2017-07-09 02:21 - 2017-06-03 04:46 - 01121280 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2017-07-09 02:21 - 2017-06-03 02:08 - 00080078 _____ C:\WINDOWS\system32\normidna.nls
2017-07-09 02:21 - 2017-04-27 20:57 - 00603488 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll
2017-07-09 02:21 - 2017-04-27 20:56 - 01117024 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgent.dll
2017-07-09 02:21 - 2017-04-27 20:52 - 02255712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2017-07-09 02:21 - 2017-04-27 20:49 - 00700936 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2017-07-09 02:21 - 2017-04-27 20:47 - 00699744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimgapi.dll
2017-07-09 02:21 - 2017-04-27 20:47 - 00501088 _____ (Microsoft Corporation) C:\WINDOWS\system32\spwizeng.dll
2017-07-09 02:21 - 2017-04-27 20:46 - 00410464 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinSetupUI.dll
2017-07-09 02:21 - 2017-04-27 20:44 - 00062816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fsdepends.sys
2017-07-09 02:21 - 2017-04-27 20:42 - 00526176 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimserv.exe
2017-07-09 02:21 - 2017-04-27 20:42 - 00328008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll
2017-07-09 02:21 - 2017-04-27 20:40 - 01157000 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2017-07-09 02:21 - 2017-04-27 20:40 - 00578400 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2017-07-09 02:21 - 2017-04-27 20:40 - 00146784 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostCommon.dll
2017-07-09 02:21 - 2017-04-27 20:40 - 00026976 _____ (Microsoft Corporation) C:\WINDOWS\system32\browser_broker.exe
2017-07-09 02:21 - 2017-04-27 20:38 - 02915704 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2017-07-09 02:21 - 2017-04-27 20:38 - 02446704 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2017-07-09 02:21 - 2017-04-27 20:38 - 01852200 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2017-07-09 02:21 - 2017-04-27 20:38 - 01267512 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2017-07-09 02:21 - 2017-04-27 20:38 - 00431968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2017-07-09 02:21 - 2017-04-27 20:34 - 04674360 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2017-07-09 02:21 - 2017-04-27 20:34 - 01277824 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2017-07-09 02:21 - 2017-04-27 20:34 - 00241504 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll
2017-07-09 02:21 - 2017-04-27 20:30 - 00322912 _____ (Microsoft Corporation) C:\WINDOWS\system32\input.dll
2017-07-09 02:21 - 2017-04-27 20:21 - 00073728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdc.ocx
2017-07-09 02:21 - 2017-04-27 20:19 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbonRes.dll
2017-07-09 02:21 - 2017-04-27 20:19 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2017-07-09 02:21 - 2017-04-27 20:15 - 00126464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2017-07-09 02:21 - 2017-04-27 20:14 - 00270336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2017-07-09 02:21 - 2017-04-27 20:12 - 00236544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2017-07-09 02:21 - 2017-04-27 20:11 - 00340480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2017-07-09 02:21 - 2017-04-27 20:10 - 00661504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2017-07-09 02:21 - 2017-04-27 20:06 - 00691712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2017-07-09 02:21 - 2017-04-27 20:05 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2017-07-09 02:21 - 2017-04-27 20:03 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll
2017-07-09 02:21 - 2017-04-27 20:03 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdc.ocx
2017-07-09 02:21 - 2017-04-27 20:03 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\raspppoe.sys
2017-07-09 02:21 - 2017-04-27 20:03 - 00032256 _____ (Microsoft Corporation) C:\WINDOWS\system32\BthTelemetry.dll
2017-07-09 02:21 - 2017-04-27 20:03 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\odbcconf.dll
2017-07-09 02:21 - 2017-04-27 20:02 - 00115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bridge.sys
2017-07-09 02:21 - 2017-04-27 20:02 - 00019456 _____ (Microsoft Corporation) C:\WINDOWS\system32\appidcertstorecheck.exe
2017-07-09 02:21 - 2017-04-27 20:01 - 00259072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Family.SyncEngine.dll
2017-07-09 02:21 - 2017-04-27 20:01 - 00185344 _____ (Microsoft Corporation) C:\WINDOWS\system32\DisplayManager.dll
2017-07-09 02:21 - 2017-04-27 20:01 - 00156160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Family.Client.dll
2017-07-09 02:21 - 2017-04-27 20:01 - 00129536 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_ClosedCaptioning.dll
2017-07-09 02:21 - 2017-04-27 20:01 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Printers.dll
2017-07-09 02:21 - 2017-04-27 20:01 - 00051712 _____ (Microsoft Corporation) C:\WINDOWS\system32\virtdisk.dll
2017-07-09 02:21 - 2017-04-27 20:00 - 00196096 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDeviceRegistration.dll
2017-07-09 02:21 - 2017-04-27 20:00 - 00193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.WiFi.dll
2017-07-09 02:21 - 2017-04-27 20:00 - 00148480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.Profile.RetailInfo.dll
2017-07-09 02:21 - 2017-04-27 20:00 - 00120832 _____ (Microsoft Corporation) C:\WINDOWS\system32\BluetoothApis.dll
2017-07-09 02:21 - 2017-04-27 20:00 - 00101888 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDeviceRegistration.Ngc.dll
2017-07-09 02:21 - 2017-04-27 20:00 - 00099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2017-07-09 02:21 - 2017-04-27 20:00 - 00073216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryBroker.dll
2017-07-09 02:21 - 2017-04-27 19:59 - 00635904 _____ (Microsoft Corporation) C:\WINDOWS\system32\FlightSettings.dll
2017-07-09 02:21 - 2017-04-27 19:59 - 00567296 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicePairing.dll
2017-07-09 02:21 - 2017-04-27 19:59 - 00375296 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastlsext.dll
2017-07-09 02:21 - 2017-04-27 19:59 - 00186368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Radios.dll
2017-07-09 02:21 - 2017-04-27 19:59 - 00124416 _____ (Microsoft Corporation) C:\WINDOWS\system32\appidsvc.dll
2017-07-09 02:21 - 2017-04-27 19:59 - 00122880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryClient.dll
2017-07-09 02:21 - 2017-04-27 19:58 - 00547840 _____ (Microsoft Corporation)

 

[Balanced]

C:\WINDOWS\system32\Windows.Gaming.Input.dll
2017-07-09 02:21 - 2017-04-27 19:58 - 00289792 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeveloperOptionsSettingsHandlers.dll
2017-07-09 02:21 - 2017-04-27 19:58 - 00276992 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2017-07-09 02:21 - 2017-04-27 19:58 - 00231424 _____ (Microsoft Corporation) C:\WINDOWS\system32\shutdownux.dll
2017-07-09 02:21 - 2017-04-27 19:58 - 00150016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.AppDefaults.dll
2017-07-09 02:21 - 2017-04-27 19:58 - 00144896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Lights.dll
2017-07-09 02:21 - 2017-04-27 19:58 - 00130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConsentUX.dll
2017-07-09 02:21 - 2017-04-27 19:57 - 00651264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.AllJoyn.dll
2017-07-09 02:21 - 2017-04-27 19:57 - 00568320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.LowLevel.dll
2017-07-09 02:21 - 2017-04-27 19:57 - 00505856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.WiFiDirect.dll
2017-07-09 02:21 - 2017-04-27 19:57 - 00279552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.HumanInterfaceDevice.dll
2017-07-09 02:21 - 2017-04-27 19:57 - 00268800 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserMgrProxy.dll
2017-07-09 02:21 - 2017-04-27 19:57 - 00243712 _____ (Microsoft Corporation) C:\WINDOWS\system32\credprovhost.dll
2017-07-09 02:21 - 2017-04-27 19:57 - 00241152 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafBth.dll
2017-07-09 02:21 - 2017-04-27 19:57 - 00223744 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2017-07-09 02:21 - 2017-04-27 19:57 - 00157184 _____ (Microsoft Corporation) C:\WINDOWS\system32\bthserv.dll
2017-07-09 02:21 - 2017-04-27 19:57 - 00139264 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2017-07-09 02:21 - 2017-04-27 19:56 - 00947712 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2017-07-09 02:21 - 2017-04-27 19:56 - 00912384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.SmartCards.dll
2017-07-09 02:21 - 2017-04-27 19:56 - 00692224 _____ (Microsoft Corporation) C:\WINDOWS\system32\CellularAPI.dll
2017-07-09 02:21 - 2017-04-27 19:56 - 00387584 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2017-07-09 02:21 - 2017-04-27 19:56 - 00379904 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepsync.dll
2017-07-09 02:21 - 2017-04-27 19:56 - 00311296 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncSettings.dll
2017-07-09 02:21 - 2017-04-27 19:56 - 00267264 _____ (Microsoft Corporation) C:\WINDOWS\system32\vaultcli.dll
2017-07-09 02:21 - 2017-04-27 19:56 - 00146432 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuthBroker.dll
2017-07-09 02:21 - 2017-04-27 19:56 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2017-07-09 02:21 - 2017-04-27 19:55 - 02084352 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceFlows.DataModel.dll
2017-07-09 02:21 - 2017-04-27 19:55 - 00657920 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2017-07-09 02:21 - 2017-04-27 19:55 - 00431616 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
2017-07-09 02:21 - 2017-04-27 19:55 - 00407552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2017-07-09 02:21 - 2017-04-27 19:55 - 00391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleacc.dll
2017-07-09 02:21 - 2017-04-27 19:55 - 00337408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Picker.dll
2017-07-09 02:21 - 2017-04-27 19:55 - 00231424 _____ (Microsoft Corporation) C:\WINDOWS\system32\bthprops.cpl
2017-07-09 02:21 - 2017-04-27 19:55 - 00176128 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepapi.dll
2017-07-09 02:21 - 2017-04-27 19:54 - 02027008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2017-07-09 02:21 - 2017-04-27 19:54 - 01509376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2017-07-09 02:21 - 2017-04-27 19:54 - 00949248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.PointOfService.dll
2017-07-09 02:21 - 2017-04-27 19:54 - 00472064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll
2017-07-09 02:21 - 2017-04-27 19:54 - 00425984 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2017-07-09 02:21 - 2017-04-27 19:54 - 00339456 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConhostV2.dll
2017-07-09 02:21 - 2017-04-27 19:54 - 00329728 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceaccess.dll
2017-07-09 02:21 - 2017-04-27 19:54 - 00091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2017-07-09 02:21 - 2017-04-27 19:53 - 00458752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Enumeration.dll
2017-07-09 02:21 - 2017-04-27 19:53 - 00437248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Usb.dll
2017-07-09 02:21 - 2017-04-27 19:51 - 02104320 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2017-07-09 02:21 - 2017-04-27 19:51 - 01913856 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_fs.dll
2017-07-09 02:21 - 2017-04-27 19:51 - 01589760 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtctm.dll
2017-07-09 02:21 - 2017-04-27 19:51 - 01584128 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_health.dll
2017-07-09 02:21 - 2017-04-27 19:51 - 00169984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Energy.dll
2017-07-09 02:21 - 2017-04-27 19:50 - 01476608 _____ (Microsoft Corporation) C:\WINDOWS\system32\RecoveryDrive.exe
2017-07-09 02:21 - 2017-04-27 19:50 - 00380416 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationApi.dll
2017-07-09 02:21 - 2017-04-27 19:50 - 00338944 _____ (Microsoft Corporation) C:\WINDOWS\system32\adsnt.dll
2017-07-09 02:21 - 2017-04-27 19:49 - 01105408 _____ (Microsoft Corporation) C:\WINDOWS\system32\MiracastReceiver.dll
2017-07-09 02:21 - 2017-04-27 19:49 - 00442368 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToDevice.dll
2017-07-09 02:21 - 2017-04-27 19:48 - 00337920 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2017-07-09 02:21 - 2017-04-27 19:48 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\dlnashext.dll
2017-07-09 02:21 - 2017-04-27 19:48 - 00187904 _____ (Microsoft Corporation) C:\WINDOWS\system32\dialclient.dll
2017-07-09 02:21 - 2017-04-27 19:47 - 09131008 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2017-07-09 02:21 - 2017-04-27 19:47 - 03290112 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2017-07-09 02:21 - 2017-04-27 19:47 - 01790464 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationFramework.dll
2017-07-09 02:21 - 2017-04-27 19:47 - 00942080 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2017-07-09 02:21 - 2017-04-27 19:47 - 00649216 _____ (Microsoft Corporation) C:\WINDOWS\system32\vds.exe
2017-07-09 02:21 - 2017-04-27 19:46 - 02861056 _____ (Microsoft Corporation) C:\WINDOWS\system32\storagewmi.dll
2017-07-09 02:21 - 2017-04-27 19:46 - 01547264 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbengine.exe
2017-07-09 02:21 - 2017-04-27 19:46 - 01443328 _____ (Microsoft Corporation) C:\WINDOWS\system32\VSSVC.exe
2017-07-09 02:21 - 2017-04-27 19:46 - 00501248 _____ (Microsoft Corporation) C:\WINDOWS\system32\imapi2.dll
2017-07-09 02:21 - 2017-04-27 19:46 - 00374784 _____ (Microsoft Corporation) C:\WINDOWS\system32\resutils.dll
2017-07-09 02:21 - 2017-04-27 19:46 - 00279552 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToReceiver.dll
2017-07-09 02:21 - 2017-04-27 19:46 - 00049664 _____ (Microsoft Corporation) C:\WINDOWS\system32\catsrvps.dll
2017-07-09 02:21 - 2017-04-27 19:45 - 00946688 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_sr.dll
2017-07-09 02:21 - 2017-04-27 19:45 - 00628736 _____ (Microsoft Corporation) C:\WINDOWS\system32\uReFS.dll
2017-07-09 02:21 - 2017-04-27 19:45 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2017-07-09 02:21 - 2017-04-27 19:45 - 00167936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ErrorDetails.dll
2017-07-09 02:21 - 2017-04-27 19:45 - 00130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpaceAgent.exe
2017-07-09 02:21 - 2017-04-27 19:45 - 00112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\CameraCaptureUI.dll
2017-07-09 02:21 - 2017-04-27 19:44 - 04749824 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2017-07-09 02:21 - 2017-04-27 19:44 - 01010176 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2017-07-09 02:21 - 2017-04-27 19:44 - 00937984 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll
2017-07-09 02:21 - 2017-04-27 19:44 - 00896512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.AccountsControl.dll
2017-07-09 02:21 - 2017-04-27 19:44 - 00775168 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe
2017-07-09 02:21 - 2017-04-27 19:44 - 00410112 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicesFlowBroker.dll
2017-07-09 02:21 - 2017-04-27 19:44 - 00139776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Devices.dll
2017-07-09 02:21 - 2017-04-27 19:43 - 00634368 _____ (Microsoft Corporation) C:\WINDOWS\system32\StructuredQuery.dll
2017-07-09 02:21 - 2017-04-27 19:43 - 00600576 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptui.dll
2017-07-09 02:21 - 2017-04-27 19:43 - 00560128 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll
2017-07-09 02:21 - 2017-04-27 19:43 - 00539136 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToManager.dll
2017-07-09 02:21 - 2017-04-27 19:43 - 00467968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Geolocation.dll
2017-07-09 02:21 - 2017-04-27 19:43 - 00460800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Midi.dll
2017-07-09 02:21 - 2017-04-27 19:43 - 00320512 _____ (Microsoft Corporation) C:\WINDOWS\system32\thumbcache.dll
2017-07-09 02:21 - 2017-04-27 19:42 - 05850624 _____ (Microsoft Corporation) C:\WINDOWS\system32\VsGraphicsDesktopEngine.exe
2017-07-09 02:21 - 2017-04-27 19:42 - 01692160 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2017-07-09 02:21 - 2017-04-27 19:42 - 01021440 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgr.dll
2017-07-09 02:21 - 2017-04-27 19:42 - 00945664 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2017-07-09 02:21 - 2017-04-27 19:42 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2017-07-09 02:21 - 2017-04-27 19:41 - 01359872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
2017-07-09 02:21 - 2017-04-27 19:41 - 00890368 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2017-07-09 02:21 - 2017-04-27 19:41 - 00828416 _____ (Microsoft Corporation) C:\WINDOWS\system32\appwiz.cpl
2017-07-09 02:21 - 2017-04-27 19:41 - 00759296 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2017-07-09 02:21 - 2017-04-27 19:41 - 00650752 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2017-07-09 02:21 - 2017-04-27 19:41 - 00591360 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2017-07-09 02:21 - 2017-04-27 19:41 - 00376832 _____ (Microsoft Corporation) C:\WINDOWS\system32\CryptoWinRT.dll
2017-07-09 02:21 - 2017-04-27 19:40 - 04474368 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
2017-07-09 02:21 - 2017-04-27 19:40 - 02914816 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnroll.dll
2017-07-09 02:21 - 2017-04-27 19:40 - 02208768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.3D.dll
2017-07-09 02:21 - 2017-04-27 19:40 - 02096640 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2017-07-09 02:21 - 2017-04-27 19:40 - 01643008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
2017-07-09 02:21 - 2017-04-27 19:40 - 01586176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Globalization.dll
2017-07-09 02:21 - 2017-04-27 19:40 - 01040896 _____ (Microsoft Corporation) C:\WINDOWS\system32\NaturalLanguage6.dll
2017-07-09 02:21 - 2017-04-27 19:40 - 00971264 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2017-07-09 02:21 - 2017-04-27 19:40 - 00913920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.dll
2017-07-09 02:21 - 2017-04-27 19:40 - 00770560 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2017-07-09 02:21 - 2017-04-27 19:39 - 00673792 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2017-07-09 02:21 - 2017-04-27 19:38 - 05611008 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2017-07-09 02:21 - 2017-04-27 19:38 - 01275392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll
2017-07-09 02:21 - 2017-04-27 19:37 - 02216960 _____ (Microsoft Corporation) C:\WINDOWS\system32\OpcServices.dll
2017-07-09 02:21 - 2017-04-27 19:37 - 01637888 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2017-07-09 02:21 - 2017-04-27 19:37 - 00881664 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2017-07-09 02:21 - 2017-04-27 19:37 - 00875520 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2017-07-09 02:21 - 2017-04-27 19:36 - 01328640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Http.dll
2017-07-09 02:21 - 2017-04-27 19:36 - 00774656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.dll
2017-07-09 02:21 - 2017-04-27 19:36 - 00735744 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2017-07-09 02:21 - 2017-04-27 19:36 - 00716800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ShareHost.dll
2017-07-09 02:21 - 2017-04-27 19:35 - 00924672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.dll
2017-07-09 02:21 - 2017-04-27 19:34 - 00035328 _____ (Microsoft Corporation) C:\WINDOWS\system32\spaceman.exe
2017-07-09 02:21 - 2017-04-27 19:33 - 01817088 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll
2017-07-09 02:21 - 2017-03-28 02:10 - 00178528 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostUser.dll
2017-07-09 02:21 - 2017-03-28 02:09 - 00682816 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2017-07-09 02:21 - 2017-03-28 02:04 - 00160088 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostBroker.dll
2017-07-09 02:21 - 2017-03-28 01:58 - 00372440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MediaControl.dll
2017-07-09 02:21 - 2017-03-28 01:37 - 00078848 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthManagerProxy.dll
2017-07-09 02:21 - 2017-03-28 01:37 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\system32\DdcWnsListener.dll
2017-07-09 02:21 - 2017-03-28 01:35 - 00124416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.SystemManagement.dll
2017-07-09 02:21 - 2017-03-28 01:34 - 00162304 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcertinst.exe
2017-07-09 02:21 - 2017-03-28 01:34 - 00088064 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthTokenBrokerExt.dll
2017-07-09 02:21 - 2017-03-28 01:33 - 00182272 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceDirectoryClient.dll
2017-07-09 02:21 - 2017-03-28 01:33 - 00082432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.UserDeviceAssociation.dll
2017-07-09 02:21 - 2017-03-28 01:31 - 00343552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.SmartCards.Phone.dll
2017-07-09 02:21 - 2017-03-28 01:31 - 00257024 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudDomainJoinDataModelServer.dll
2017-07-09 02:21 - 2017-03-28 01:31 - 00171520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.SerialCommunication.dll
2017-07-09 02:21 - 2017-03-28 01:30 - 00239104 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafpos.dll
2017-07-09 02:21 - 2017-03-28 01:30 - 00049664 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBrokerUI.dll
2017-07-09 02:21 - 2017-03-28 01:29 - 00852480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Import.dll
2017-07-09 02:21 - 2017-03-28 01:29 - 00206336 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2017-07-09 02:21 - 2017-03-28 01:27 - 00645120 _____ (Microsoft Corporation) C:\WINDOWS\system32\qedit.dll
2017-07-09 02:21 - 2017-03-28 01:25 - 00966144 _____ (Microsoft Corporation) C:\WINDOWS\system32\sbe.dll
2017-07-09 02:21 - 2017-03-28 01:24 - 00410112 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2017-07-09 02:21 - 2017-03-28 01:21 - 00104960 _____ (Microsoft Corporation) C:\WINDOWS\system32\CastLaunch.dll
2017-07-09 02:21 - 2017-03-28 01:20 - 00090112 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmjpegdec.dll
2017-07-09 02:21 - 2017-03-28 01:19 - 00235520 _____ (Microsoft Corporation) C:\WINDOWS\system32\flvprophandler.dll
2017-07-09 02:21 - 2017-03-28 01:17 - 05114368 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2017-07-09 02:21 - 2017-03-28 01:16 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\system32\vss_ps.dll
2017-07-09 02:21 - 2017-03-28 01:15 - 00981504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.OnlineId.dll
2017-07-09 02:21 - 2017-03-28 01:14 - 00869888 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2017-07-09 02:21 - 2017-03-28 01:14 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\asycfilt.dll
2017-07-09 02:21 - 2017-03-28 01:10 - 01231872 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2017-07-09 02:21 - 2017-03-28 01:09 - 01064448 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2017-07-09 02:21 - 2017-03-28 01:08 - 03542016 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2017-07-09 02:21 - 2017-03-28 01:08 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll
2017-07-09 02:21 - 2017-03-28 01:07 - 00908800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2017-07-09 02:21 - 2017-03-28 01:07 - 00701952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Connectivity.dll
2017-07-09 02:21 - 2017-03-28 01:07 - 00122368 _____ (Microsoft Corporation) C:\WINDOWS\system32\FontProvider.dll
2017-07-09 02:21 - 2017-03-28 01:05 - 01633792 _____ (Microsoft Corporation) C:\WINDOWS\system32\quartz.dll
2017-07-09 02:21 - 2017-03-18 12:50 - 00956416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2017-07-09 02:21 - 2017-03-18 12:35 - 02278400 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2017-07-09 02:21 - 2017-03-16 00:47 - 00038768 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompPkgSup.dll
2017-07-09 00:36 - 2017-07-09 00:36 - 05229566 _____ C:\Users\Nick\Downloads\tumblr_oj31jmzPC31vmij97.mp4
2017-07-09 00:28 - 2017-07-09 00:28 - 04962263 _____ C:\Users\Nick\Downloads\tumblr_ohk1x8OTh51vd2k01.mp4
2017-07-09 00:21 - 2017-07-09 00:21 - 02627796 _____ C:\Users\Nick\Downloads\tumblr_osekq2llVZ1w40twu.mp4
2017-07-08 04:34 - 2017-07-08 04:34 - 00412300 _____ C:\WINDOWS\Minidump\070817-30734-01.dmp
2017-07-07 14:02 - 2017-07-07 14:04 - 00084718 _____ C:\Users\Nick\Downloads\Addition.txt
2017-07-07 13:49 - 2017-07-15 02:44 - 00025116 _____ C:\Users\Nick\Downloads\FRST.txt
2017-07-07 13:48 - 2017-07-15 02:34 - 02435584 _____ (Farbar) C:\Users\Nick\Downloads\FRST64.exe
2017-07-07 13:48 - 2017-07-15 02:34 - 00000000 ____D C:\FRST
2017-07-06 22:00 - 2017-07-06 22:00 - 00000719 _____ C:\Users\Public\Desktop\PenTabletDriver.lnk
2017-07-06 22:00 - 2017-07-06 22:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PenTabletDriver
2017-07-06 22:00 - 2017-04-18 17:09 - 00062984 _____ (Graphics Tablet) C:\WINDOWS\system32\wintab32.dll
2017-07-06 22:00 - 2017-04-18 17:09 - 00057864 _____ (Graphics Tablet) C:\WINDOWS\SysWOW64\wintab32.dll
2017-07-06 21:59 - 2017-07-12 14:24 - 00000000 ____D C:\PenTabletDriver
2017-07-06 21:47 - 2017-07-06 21:48 - 21159334 _____ C:\Users\Nick\Downloads\WIN_1060pro_H610pro_H610_Driver12.3.7.zip
2017-07-06 21:41 - 2014-09-17 10:47 - 00010752 _____ (Windows (R) Win 7 DDK provider) C:\WINDOWS\system32\Drivers\vmulti.sys
2017-07-06 21:41 - 2014-09-17 10:47 - 00007680 _____ (Windows (R) Win 7 DDK provider) C:\WINDOWS\system32\Drivers\hidkmdf.sys
2017-07-06 21:31 - 2017-07-06 21:32 - 08099476 _____ C:\Users\Nick\Downloads\HUION_WIN_G10T_GT156HD_v13.6.2.161226.zip
2017-07-06 20:15 - 2017-07-06 20:15 - 00033332 _____ C:\Users\Nick\Downloads\0 (1)
2017-07-06 20:13 - 2017-07-06 20:13 - 00067688 _____ C:\Users\Nick\Downloads\0
2017-07-06 16:25 - 2017-07-06 16:25 - 00000000 ____D C:\Users\Nick\AppData\LocalLow\Abrakam
2017-07-06 15:14 - 2017-07-06 15:16 - 07306358 _____ C:\Users\Nick\Downloads\xvideos.com_aebbac161063537bf697b0169d91c02a.mp4
2017-07-06 11:59 - 2017-07-06 12:00 - 00420420 _____ C:\WINDOWS\Minidump\070617-26812-01.dmp
2017-07-05 16:11 - 2017-07-05 16:11 - 00000000 ____D C:\Users\Nick\AppData\LocalLow\SmashGames
2017-07-05 16:09 - 2017-07-05 16:09 - 00000222 _____ C:\Users\Nick\Desktop\Warframe.url
2017-07-05 04:42 - 2017-07-05 04:42 - 00000000 ____D C:\Users\Nick\AppData\LocalLow\uTorrent
2017-07-04 21:52 - 2017-07-04 21:52 - 02558935 _____ C:\Users\Nick\Downloads\win10-10.0.0.341-whql.zip
2017-07-04 19:40 - 2016-01-13 13:35 - 01011504 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinUsbCoInstaller2.dll
2017-07-04 19:40 - 2016-01-13 13:34 - 01730360 _____ (Microsoft Corporation) C:\WINDOWS\system32\WdfCoInstaller01009.dll
2017-07-04 19:36 - 2017-07-04 19:39 - 21136092 _____ C:\Users\Nick\Downloads\WIN_Driver12.2.16.zip
2017-07-04 18:57 - 2017-07-04 19:00 - 00521948 _____ C:\TDSSKiller.3.1.0.15_04.07.2017_18.57.11_log.txt
2017-07-04 18:55 - 2017-07-04 18:56 - 00008162 _____ C:\TDSSKiller.3.1.0.15_04.07.2017_18.55.29_log.txt
2017-07-04 18:50 - 2017-07-04 18:53 - 00267926 _____ C:\TDSSKiller.3.1.0.15_04.07.2017_18.50.43_log.txt
2017-07-04 18:45 - 2017-07-04 18:49 - 00184656 _____ C:\TDSSKiller.3.1.0.15_04.07.2017_18.45.33_log.txt
2017-07-04 18:43 - 2017-07-04 18:47 - 00416516 _____ C:\WINDOWS\Minidump\070417-25671-01.dmp
2017-07-04 16:54 - 2017-07-04 16:58 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2017-07-04 16:39 - 2017-07-04 18:53 - 00000000 ____D C:\TDSSKiller_Quarantine
2017-07-04 16:35 - 2017-07-04 16:44 - 00529140 _____ C:\TDSSKiller.3.1.0.15_04.07.2017_16.35.40_log.txt
2017-07-03 11:47 - 2017-07-03 11:47 - 00000000 ____D C:\Xlide
2017-07-03 10:19 - 2017-07-03 10:19 - 00470837 _____ C:\Users\Nick\Downloads\88874d9ab3d8c6f727743d0e5ec0e1ff.png.old
2017-07-02 21:47 - 2017-07-02 21:47 - 00000222 _____ C:\Users\Nick\Desktop\Kindergarten.url
2017-07-02 00:51 - 2017-07-02 00:51 - 00234384 _____ C:\Users\Nick\Downloads\f992b26a9b8ccc4bb88e5b0dba4b3a42.jpeg
2017-07-01 12:05 - 2017-07-13 12:06 - 00001127 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera Browser.lnk
2017-07-01 11:10 - 2017-07-01 11:10 - 01971103 _____ C:\Users\Nick\Downloads\1498913291850.webm
2017-06-30 22:04 - 2017-06-30 22:04 - 00000000 ____D C:\Users\Nick\AppData\Local\Tempzxpsign5d0e75bdcdd61b6e
2017-06-30 13:10 - 2017-06-30 13:10 - 00000000 ____D C:\Users\Nick\AppData\Local\DFX
2017-06-30 13:10 - 2017-06-30 13:10 - 00000000 ____D C:\ProgramData\DFX
2017-06-30 13:08 - 2017-06-30 13:08 - 00000000 ____D C:\Users\Guest\AppData\Roaming\vlc
2017-06-30 13:08 - 2017-06-30 13:08 - 00000000 ____D C:\Users\Guest
2017-06-30 13:08 - 2017-06-30 13:08 - 00000000 ____D C:\Users\DefaultAccount\AppData\Roaming\vlc
2017-06-30 13:08 - 2017-06-30 13:08 - 00000000 ____D C:\Users\DefaultAccount
2017-06-30 13:08 - 2017-06-30 13:08 - 00000000 ____D C:\Users\Banana\AppData\Roaming\vlc
2017-06-30 13:08 - 2017-06-30 13:08 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\vlc
2017-06-30 13:08 - 2017-06-30 13:08 - 00000000 ____D C:\Users\Administrator
2017-06-30 13:06 - 2017-06-30 13:07 - 02433992 _____ (DivX, LLC) C:\Users\Nick\Downloads\DivXInstaller.exe
2017-06-28 21:32 - 2017-06-28 21:32 - 00218306 _____ C:\Users\Nick\Downloads\19054312_243780706103592_7218227831292035072_n.mp4
2017-06-28 19:13 - 2017-06-28 19:13 - 00000000 ____D C:\Users\Nick\AppData\Roaming\Imagine
2017-06-28 14:02 - 2017-07-09 13:49 - 06089902 _____ C:\Users\Nick\Desktop\5654165464.psd
2017-06-28 10:34 - 2017-06-28 10:34 - 00000000 ____D C:\Users\Nick\AppData\Local\Tempzxpsign58b56f9318dfcc93
2017-06-27 20:44 - 2017-06-27 20:44 - 00000000 ____D C:\Users\Nick\AppData\Local\Tempzxpsign7629264ef594f75e
2017-06-27 20:44 - 2017-06-27 20:44 - 00000000 ____D C:\Users\Nick\AppData\Local\Tempzxpsign340a75688aa69487
2017-06-27 15:41 - 2017-06-27 15:41 - 00000000 ____D C:\Users\Nick\AppData\Local\Tempzxpsign4270bd05285f9e84
2017-06-27 01:12 - 2017-06-27 01:31 - 00000000 ____D C:\Users\Nick\AppData\Roaming\PotPlayerMini64
2017-06-27 01:09 - 2017-06-27 01:09 - 00001025 _____ C:\Users\Nick\Desktop\PotPlayer 64 bit.lnk
2017-06-27 01:09 - 2017-06-27 01:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Daum
2017-06-27 01:09 - 2017-06-27 01:09 - 00000000 ____D C:\Program Files\DAUM
2017-06-27 00:53 - 2017-06-27 01:25 - 00000000 ____D C:\Users\Nick\Desktop\Fun
2017-06-27 00:48 - 2017-06-27 01:28 - 00000000 ____D C:\Users\Nick\Downloads\New folder (2)
2017-06-26 19:26 - 2017-06-26 19:26 - 00228804 _____ C:\Users\Nick\Downloads\full.jpeg
2017-06-25 15:50 - 2017-06-25 15:50 - 00040212 _____ C:\Users\Nick\Downloads\FN-TalentAvatar-Guy-Fieri-800x800.jpg.rend.hgtvcom.616.616.jpeg
2017-06-25 12:16 - 2017-06-25 12:16 - 00000000 ____D C:\Users\Nick\AppData\Local\Tempzxpsign1523467ffd011c54
2017-06-24 22:06 - 2017-06-24 22:06 - 00000844 _____ C:\Users\Nick\Desktop\PureRef.lnk
2017-06-24 22:06 - 2017-06-24 22:06 - 00000000 ____D C:\Users\Nick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PureRef
2017-06-24 22:06 - 2017-06-24 22:06 - 00000000 ____D C:\Program Files\PureRef
2017-06-23 19:58 - 2017-06-23 19:58 - 00001661 _____ C:\Users\Public\Desktop\Costume Quest.lnk
2017-06-23 19:58 - 2017-06-23 19:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Costume Quest [GOG.com]
2017-06-23 16:16 - 2017-06-23 16:16 - 00066815 _____ C:\Users\Nick\Downloads\32f52e58268a8be5806a0727a1172f48.jpeg
2017-06-23 10:55 - 2017-06-23 19:54 - 00000000 ____D C:\Users\Nick\Desktop\Costume Quest (October 15, 2011)
2017-06-21 22:31 - 2017-06-21 22:31 - 00000000 ____D C:\Users\Nick\Downloads\Picarto.TV -Modeseven_2017.06.05.22.06.07.flv's Video popout_files
2017-06-21 16:30 - 2017-07-11 18:52 - 00000000 ____D C:\Users\Nick\AppData\Roaming\.minecraft
2017-06-21 16:30 - 2017-06-21 16:30 - 00001037 _____ C:\Users\Public\Desktop\Minecraft.lnk
2017-06-21 16:30 - 2017-06-21 16:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Minecraft
2017-06-19 13:44 - 2017-06-19 13:44 - 00039048 _____ (Windows (R) Win 7 DDK provider) C:\WINDOWS\system32\Drivers\dfx12x64.sys
2017-06-19 13:44 - 2017-06-19 13:44 - 00028008 _____ (Windows (R) Win 7 DDK provider) C:\WINDOWS\system32\Drivers\dfx11_1x64.sys
2017-06-19 09:40 - 2017-06-19 09:41 - 01436580 _____ C:\Users\Nick\Downloads\2143519 - Dragon_Quest Dragon_Quest_VIII Gerph Jessica_Albert.jpeg
2017-06-19 09:11 - 2017-06-19 09:11 - 00351367 _____ C:\Users\Nick\Downloads\2031196%20-%20Padme_Amidala%20Star_Wars%20Turk128.jpeg
2017-06-19 09:10 - 2017-06-19 09:10 - 00349908 _____ C:\Users\Nick\Downloads\1909836%20-%20Anakin_Solo%20Princess_Leia_Organa%20Star_Wars%20Turk128%20Winter_Celchu.jpeg
2017-06-19 09:10 - 2017-06-19 09:10 - 00222418 _____ C:\Users\Nick\Downloads\1915715%20-%20Danny_Phantom%20Madeline_Fenton%20Turk128.jpeg
2017-06-19 09:08 - 2017-06-19 09:08 - 00237761 _____ C:\Users\Nick\Downloads\1909675%20-%20Atomic_Betty%20Betty_Barrett%20Space_Ace%20Turk128%20borf%20crossover.jpeg
2017-06-16 22:27 - 2017-06-16 22:27 - 00000000 ____D C:\Users\Nick\AppData\Local\Tempzxpsign3eea5cb35c34132c
2017-06-16 11:02 - 2017-06-16 11:02 - 00412332 _____ C:\WINDOWS\Minidump\061617-32234-01.dmp

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-07-15 02:47 - 2016-04-11 14:46 - 00000000 ____D C:\Users\Nick\AppData\Roaming\Skype
2017-07-15 02:30 - 2016-11-01 23:09 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2017-07-15 02:16 - 2017-04-04 11:38 - 00000000 ____D C:\Rito
2017-07-15 02:00 - 2016-04-13 04:38 - 00000000 ____D C:\Users\Nick\AppData\Local\Adobe
2017-07-14 23:06 - 2016-07-16 07:47 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-07-14 18:30 - 2016-11-01 23:17 - 01327706 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-07-14 18:24 - 2016-11-01 23:19 - 00000000 ____D C:\Users\Nick
2017-07-14 18:23 - 2016-11-01 23:58 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-07-14 18:22 - 2016-07-16 07:47 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2017-07-14 14:48 - 2016-04-11 14:27 - 00000000 ____D C:\Program Files (x86)\Steam
2017-07-13 16:52 - 2016-05-09 20:08 - 00000000 ____D C:\Users\Nick\BrawlhallaReplays
2017-07-13 12:06 - 2016-11-01 23:58 - 00003948 _____ C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1460536304
2017-07-13 12:06 - 2016-04-13 04:31 - 00000000 ____D C:\Program Files (x86)\Opera
2017-07-13 09:49 - 2016-07-16 07:47 - 00000000 ____D C:\WINDOWS\rescache
2017-07-13 05:01 - 2016-11-01 23:13 - 00065536 _____ C:\WINDOWS\system32\spu_storage.bin
2017-07-13 05:01 - 2016-07-16 02:04 - 00524288 _____ C:\WINDOWS\system32\config\BBI
2017-07-12 18:38 - 2016-07-16 07:45 - 00000000 ____D C:\WINDOWS\INF
2017-07-11 18:35 - 2016-04-20 01:15 - 00000000 ____D C:\Users\Nick\AppData\Local\ElevatedDiagnostics
2017-07-11 16:25 - 2015-11-02 14:02 - 00000000 __RHD C:\Users\Public\AccountPictures
2017-07-11 16:20 - 2017-04-01 23:10 - 04832488 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-07-11 16:16 - 2016-07-16 07:47 - 00000000 ___SD C:\WINDOWS\SysWOW64\F12
2017-07-11 16:16 - 2016-07-16 07:47 - 00000000 ___SD C:\WINDOWS\system32\F12
2017-07-11 16:16 - 2016-07-16 07:47 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2017-07-11 16:16 - 2016-07-16 07:47 - 00000000 ___RD C:\Program Files\Windows Defender
2017-07-11 16:16 - 2016-07-16 07:47 - 00000000 ____D C:\WINDOWS\SysWOW64\setup
2017-07-11 16:16 - 2016-07-16 07:47 - 00000000 ____D C:\WINDOWS\SysWOW64\inetsrv
2017-07-11 16:16 - 2016-07-16 07:47 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2017-07-11 16:16 - 2016-07-16 07:47 - 00000000 ____D C:\WINDOWS\system32\setup
2017-07-11 16:16 - 2016-07-16 07:47 - 00000000 ____D C:\WINDOWS\system32\oobe
2017-07-11 16:16 - 2016-07-16 07:47 - 00000000 ____D C:\WINDOWS\system32\inetsrv
2017-07-11 16:16 - 2016-07-16 07:47 - 00000000 ____D C:\WINDOWS\system32\appraiser
2017-07-11 16:16 - 2016-07-16 07:47 - 00000000 ____D C:\WINDOWS\ShellExperiences
2017-07-11 16:16 - 2016-07-16 07:47 - 00000000 ____D C:\WINDOWS\Provisioning
2017-07-11 16:16 - 2016-07-16 07:47 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2017-07-11 16:16 - 2016-07-16 07:47 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2017-07-11 16:16 - 2016-07-16 07:47 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2017-07-11 16:16 - 2016-07-16 07:47 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2017-07-11 16:16 - 2016-07-16 02:04 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism
2017-07-11 16:16 - 2016-07-16 02:04 - 00000000 ____D C:\WINDOWS\system32\Dism
2017-07-11 16:15 - 2016-07-16 07:47 - 00000000 ____D C:\WINDOWS\SystemApps
2017-07-11 12:02 - 2017-05-14 12:20 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2017-07-11 12:01 - 2017-05-14 12:22 - 00004562 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2017-07-11 05:12 - 2016-12-13 01:50 - 00000000 ____D C:\Users\Nick\Documents\ShareX
2017-07-11 03:31 - 2016-06-27 21:42 - 00000000 ____D C:\ProgramData\Malwarebytes
2017-07-09 17:52 - 2016-12-08 12:29 - 00000000 ____D C:\Users\Nick\AppData\Local\CrashDumps
2017-07-09 03:06 - 2016-07-16 07:36 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-07-09 02:57 - 2016-04-12 15:04 - 00000000 ____D C:\WINDOWS\system32\MRT
2017-07-09 02:48 - 2016-04-12 15:04 - 133627792 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-07-09 01:32 - 2016-04-11 17:07 - 00565416 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2017-07-09 01:25 - 2016-07-16 07:47 - 00000000 ___HD C:\Program Files\WindowsApps
2017-07-08 18:48 - 2016-12-17 15:39 - 00000000 ____D C:\Users\Nick\Downloads\Flock mod
2017-07-08 16:48 - 2017-05-23 18:33 - 00000000 ____D C:\Users\Nick\Downloads\Randoms
2017-07-08 14:48 - 2016-04-23 19:28 - 00000000 ____D C:\Users\Nick\AppData\Local\Warframe
2017-07-08 04:34 - 2017-04-03 21:31 - 487008827 _____ C:\WINDOWS\MEMORY.DMP
2017-07-08 04:34 - 2017-01-23 20:40 - 00000000 ____D C:\WINDOWS\Minidump
2017-07-05 15:59 - 2016-04-12 12:23 - 00000000 ____D C:\Users\Nick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2017-07-05 15:57 - 2016-05-10 16:53 - 00000000 ____D C:\ModOrganizer
2017-07-05 06:24 - 2016-04-11 20:01 - 00000000 ____D C:\Users\Nick\AppData\Roaming\uTorrent
2017-07-04 16:52 - 2016-11-30 11:15 - 00000000 ____D C:\Users\Nick\AppData\Roaming\IMVU
2017-07-03 11:47 - 2016-04-27 18:38 - 00000000 ____D C:\Users\Nick\Documents\Stuff
2017-07-02 11:25 - 2016-08-26 00:57 - 00000000 ____D C:\Users\Nick\AppData\Roaming\MacroCreator
2017-06-30 11:23 - 2016-04-28 00:32 - 00000000 ____D C:\Users\Nick\Documents\Eventually
2017-06-29 23:35 - 2016-11-01 23:13 - 00001851 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DTS Audio Control.lnk
2017-06-29 23:33 - 2016-11-01 23:13 - 00021910 _____ C:\WINDOWS\system32\Drivers\rtkhdasetting.zip
2017-06-29 23:33 - 2016-11-01 23:13 - 00000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2017-06-29 23:29 - 2016-03-25 07:41 - 00000000 ___HD C:\Program Files (x86)\Temp
2017-06-29 21:24 - 2016-03-25 07:42 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Music, Photos and Videos
2017-06-29 18:04 - 2016-04-11 14:45 - 00000000 ____D C:\ProgramData\Skype
2017-06-29 18:03 - 2016-10-23 08:49 - 00000000 ___RD C:\Program Files (x86)\Skype
2017-06-27 14:21 - 2017-01-21 01:41 - 00000000 ____D C:\Users\Nick\Downloads\web
2017-06-27 14:04 - 2015-12-14 12:28 - 00000000 ____D C:\SWSetup
2017-06-27 01:40 - 2016-05-07 20:59 - 00000000 ____D C:\Users\Nick\AppData\Roaming\vlc
2017-06-26 17:01 - 2017-04-27 16:14 - 00002279 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-06-26 17:01 - 2017-04-27 16:14 - 00002267 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2017-06-26 09:07 - 2016-11-29 22:27 - 00000000 ____D C:\flockmod-tablet
2017-06-23 19:54 - 2016-07-14 14:03 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-06-23 19:52 - 2016-10-29 07:35 - 00000000 ____D C:\GOG Games
2017-06-21 16:32 - 2016-11-07 06:00 - 00000000 ____D C:\Program Files (x86)\Minecraft
2017-06-19 14:38 - 2017-06-12 17:33 - 00000000 ____D C:\Users\Nick\Desktop\Doug
2017-06-18 18:16 - 2016-07-16 07:47 - 00000000 ____D C:\WINDOWS\system32\NDF
2017-06-16 10:12 - 2017-06-12 17:40 - 00000000 ____D C:\Users\Nick\Desktop\Totally Spies
2017-06-15 19:18 - 2016-06-18 19:58 - 00000000 ____D C:\Users\Nick\AppData\Roaming\discord

==================== Files in the root of some directories =======

2017-03-18 22:36 - 2017-03-18 22:40 - 0000132 _____ () C:\Users\Nick\AppData\Roaming\Adobe GIF Format CS6 Prefs
2016-11-17 17:40 - 2017-05-06 13:12 - 0000132 _____ () C:\Users\Nick\AppData\Roaming\Adobe PNG Format CS6 Prefs
2017-07-12 19:28 - 2017-07-12 19:28 - 0001144 _____ () C:\Users\Nick\AppData\Roaming\PureRef.ini
2016-07-22 18:12 - 2016-02-17 23:30 - 15384576 _____ () C:\Users\Nick\AppData\Roaming\Sandra.mdb
2017-03-23 18:30 - 2017-03-23 18:45 - 0001456 _____ () C:\Users\Nick\AppData\Local\Adobe Save for Web 13.0 Prefs
2016-04-23 18:12 - 2016-04-23 18:12 - 0000218 _____ () C:\Users\Nick\AppData\Local\recently-used.xbel
2017-06-04 22:35 - 2017-06-04 22:35 - 0000060 _____ () C:\ProgramData\SoftwareUpdateTemp.xml

Some files in TEMP:
====================
2017-07-04 17:06 - 2017-07-04 17:06 - 0510848 _____ (Sysinternals - www.sysinternals.com) C:\Users\Nick\AppData\Local\Temp\DGPSOD.exe
2017-07-10 20:15 - 2016-11-11 06:13 - 1886344 _____ (Microsoft Corporation) C:\Users\Nick\AppData\Local\Temp\dllnt_dump.dll
2017-04-26 06:11 - 2017-04-26 06:11 - 1292712 _____ (Bandisoft.com) C:\Users\Nick\AppData\Local\Temp\HVShell64.dll
2017-05-16 18:44 - 2017-06-24 03:48 - 58684896 _____ (Skype Technologies S.A.) C:\Users\Nick\AppData\Local\Temp\SkypeSetup.exe
2017-07-04 17:00 - 2017-07-04 17:00 - 0424832 _____ (Sysinternals - www.sysinternals.com) C:\Users\Nick\AppData\Local\Temp\YATBLN.exe

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2017-07-13 08:26

==================== End of FRST.txt ============================

 

[Balanced]

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 13-07-2017
Ran by Nick (15-07-2017 02:48:34)
Running from C:\Users\Nick\Downloads
Windows 10 Home Version 1607 (X64) (2016-11-02 04:03:08)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1919207557-622674961-3464858116-500 - Administrator - Disabled)
Banana (S-1-5-21-1919207557-622674961-3464858116-1003 - Limited - Enabled) => C:\Users\Banana
DefaultAccount (S-1-5-21-1919207557-622674961-3464858116-503 - Limited - Disabled)
Guest (S-1-5-21-1919207557-622674961-3464858116-501 - Limited - Disabled)
Nick (S-1-5-21-1919207557-622674961-3464858116-1002 - Administrator - Enabled) => C:\Users\Nick

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-1919207557-622674961-3464858116-1002\...\uTorrent) (Version: 3.5.0.43804 - BitTorrent Inc.)
µTorrent (HKU\S-1-5-21-1919207557-622674961-3464858116-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07152017023854162\...\uTorrent) (Version: 3.5.0.43804 - BitTorrent Inc.)
12 Labours of Hercules III: Girl Power (HKLM-x32\...\WTA-ece06a69-ff6c-4cc3-bc29-20e5dbfe706d) (Version: 3.0.2.118 - WildTangent) Hidden
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 17.009.20058 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 26.0.0.127 - Adobe Systems Incorporated)
Adobe Animate CC 2017 (HKLM-x32\...\FLPR_16_2) (Version: 16.2 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 4.0.1.188 - Adobe Systems Incorporated)
Adobe Flash Player 24 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 24.0.0.221 - Adobe Systems Incorporated)
Adobe Flash Player 25 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 25.0.0.127 - Adobe Systems Incorporated)
Adobe Media Encoder CC 2017 (HKLM-x32\...\AME_11_1_0) (Version: 11.1.0 - Adobe Systems Incorporated)
Adobe Photoshop CC 2017 (HKLM-x32\...\PHSP_18_1_1) (Version: 18.1.1 - Adobe Systems Incorporated)
Adobe Photoshop CS6 (HKLM-x32\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated)
Adobe Premiere Pro CC 2017 (HKLM-x32\...\PPRO_11_1_0) (Version: 11.1.0 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.2 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.2.5.195 - Adobe Systems, Inc.)
AMD Quick Stream (HKLM\...\{E9EED4AE-682B-4501-9574-D09A21717599}_is1) (Version: 4.0.0.0 - AppEx Networks)
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 9.0.000.8 - Advanced Micro Devices, Inc.)
Apple Application Support (32-bit) (HKLM-x32\...\{AFA1153A-F547-409B-B837-3A0D6C5A3FEC}) (Version: 3.1.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{316BFAA9-B213-4A4C-AF39-AC4D7EA99B54}) (Version: 9.0.0.26 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{FFD1F7F1-1AC9-4BC4-A908-0686D635ABAF}) (Version: 2.1.4.131 - Apple Inc.)
Application Profiles (HKLM-x32\...\{F3EBDF29-2413-AABB-55A2-2AA43E5C6B1C}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Application Verifier x64 External Package (HKLM\...\{77F3D72C-465F-BD51-890E-CC3914B1365F}) (Version: 8.100.26936 - Microsoft) Hidden
Audacity 2.1.3 (HKLM-x32\...\Audacity®_is1) (Version: 2.1.3 - Audacity Team)
Azkend 2: The World Beneath (HKLM-x32\...\WTA-f9d5d242-2856-49fb-9f9f-8a04baa2b7db) (Version: 2.2.0.98 - WildTangent) Hidden
Banished (HKLM-x32\...\1207660783_is1) (Version: 2.3.0.7 - GOG.com)
Barn Yarn Collector's Edition (HKLM-x32\...\WTA-2400d441-28f5-4df3-911e-3bed572d52ef) (Version: 3.0.2.48 - WildTangent) Hidden
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Bethesda.net Launcher (HKLM-x32\...\{3448917E-E4FE-4E30-9502-9FD52EABB6F5}_is1) (Version: 1.0 - Bethesda Softworks)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Brawlhalla (HKLM\...\Steam App 291550) (Version: - Blue Mammoth Games)
Catalyst Control Center Next Localization BR (HKLM\...\{D6823E97-B396-927D-D651-AFB82BE03523}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (HKLM\...\{4B01C6D5-4693-6CA8-ECF7-A0F9E7FEC6DB}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (HKLM\...\{50DBC6DD-C2A2-2C38-FE37-A48208474155}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (HKLM\...\{BF26ACAF-6D09-023B-5FB7-8A848874A724}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (HKLM\...\{9DB37D05-F855-5D7D-08C2-25E00E2CCDBC}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (HKLM\...\{87250370-0A99-4ED9-DCE4-970DAC325FA5}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (HKLM\...\{1F815C78-D31E-53FD-C8BF-3215E4F022A3}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (HKLM\...\{79F58747-D616-4CDB-7D8B-4BC580D99153}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (HKLM\...\{02E80355-64BF-6C1E-B0B7-76857D62A86D}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (HKLM\...\{77158555-E271-A561-ECDA-611639388B5C}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (HKLM\...\{97673BD1-8CA0-53EF-C4E7-282CD8748F1C}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (HKLM\...\{F1AD64B3-4114-8EF7-407C-F9F9122EDA68}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (HKLM\...\{ED28D75F-557C-39C9-5004-F8F17C8BC279}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (HKLM\...\{41268A73-D680-48C5-DE5E-CF67C05CBBBB}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (HKLM\...\{9655DE76-0987-9159-5A7E-FCE18409D004}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (HKLM\...\{CD73EC8B-9F04-5EA1-8FD4-AEE4DAC51267}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (HKLM\...\{397C2EE5-B514-0CC5-53C3-2FBE46CE6EDF}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (HKLM\...\{45FA39D2-8AEB-AFF8-2FA6-96891732CB80}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (HKLM\...\{B3EA6CCB-F44C-DC35-94F5-1B9CC18FE598}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (HKLM\...\{AEE4C0AE-CDAF-5D37-2DA3-A2B3FDFE6E81}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (HKLM\...\{BE064737-1F2C-ECDD-916C-798E3D18C263}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.22 - Piriform)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{AF312B06-5C5C-468E-89B3-BE6DE2645722}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{0A4EF0E6-A912-4CDE-A7F3-6E56E7C13A2F}) (Version: 1.1.6 - Cisco Systems, Inc.)
Costume Quest (HKLM-x32\...\GOGPACKCOSTUMEQUEST_is1) (Version: 2.0.0.20 - GOG.com)
Counter-Strike: Global Offensive (HKLM\...\Steam App 730) (Version: - Valve)
Coyote The Outlander (HKLM-x32\...\WTA-157e546f-e635-4d3e-9db2-1e0ed67810a6) (Version: 3.0.2.59 - WildTangent) Hidden
Curse (HKLM-x32\...\{DEE70742-F4E9-44CA-B2B9-EE95DCF37295}) (Version: 6.0.0.0 - Curse)
CyberLink PhotoDirector (HKLM\...\{5A454EC5-217A-42a5-8CE1-2DDEC4E70E01}) (Version: 5.0.6.7006 - CyberLink Corp.) Hidden
CyberLink PhotoDirector (HKLM-x32\...\InstallShield_{5A454EC5-217A-42a5-8CE1-2DDEC4E70E01}) (Version: 5.0.6.7006 - CyberLink Corp.)
CyberLink Power Media Player 14 (HKLM-x32\...\{32C8E300-BDB4-4398-92C2-E9B7D8A233DB}) (Version: 14.0.2.5829 - CyberLink Corp.)
CyberLink PowerDirector 12 (HKLM\...\{E1646825-D391-42A0-93AA-27FA810DA093}) (Version: 12.0.5.4601 - CyberLink Corp.) Hidden
CyberLink PowerDirector 12 (HKLM-x32\...\InstallShield_{E1646825-D391-42A0-93AA-27FA810DA093}) (Version: 12.0.5.4601 - CyberLink Corp.)
CyberLink YouCam (HKLM-x32\...\{A9CEDD6E-4792-493e-BB35-D86D2E188A5A}) (Version: 6.0.2.4627 - CyberLink Corp.)
Defraggler (HKLM\...\Defraggler) (Version: 2.21 - Piriform)
Delicious: Emily's Wonder Wedding Premium Edition (HKLM-x32\...\WTA-e6c476ff-2a69-4b0b-be28-22c7d513fb06) (Version: 3.0.2.59 - WildTangent) Hidden
DisableMSDefender (HKLM\...\{74FE39A0-FB76-47CD-84BA-91E2BBB17EF2}) (Version: 1.0.0 - Hewlett-Packard Company) Hidden
Discord (HKU\S-1-5-21-1919207557-622674961-3464858116-1002\...\Discord) (Version: 0.0.297 - Hammer & Chisel, Inc.)
Discord (HKU\S-1-5-21-1919207557-622674961-3464858116-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07152017023854162\...\Discord) (Version: 0.0.297 - Hammer & Chisel, Inc.)
Don't Starve (HKLM\...\Steam App 219740) (Version: - Klei Entertainment)
Don't Starve Together (HKLM\...\Steam App 322330) (Version: - Klei Entertainment)
Duelyst (HKLM\...\Steam App 291410) (Version: - Counterplay Games Inc.)
Energy Star (HKLM\...\{465CA2B6-98AF-4E77-BE22-A908C34BB9EC}) (Version: 1.0.9 - Hewlett-Packard Company)
Enter the Gungeon (HKLM-x32\...\1456912569_is1) (Version: 2.7.0.9 - GOG.com)
Entwined: The Perfect Murder (HKLM-x32\...\WTA-f9136d72-cb95-4723-a102-d29bf79aca3b) (Version: 3.0.2.59 - WildTangent) Hidden
Epic Games Launcher (HKLM-x32\...\{C8E7C575-FCFA-46B2-8FC0-E8AC65501350}) (Version: 1.1.78.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Fallout Shelter (HKLM-x32\...\Fallout Shelter) (Version: - Bethesda Softworks)
Family Vacation 2: Road Trip (HKLM-x32\...\WTA-fa7dcea8-6142-4326-9aa8-84f72bac785f) (Version: 3.0.2.59 - WildTangent) Hidden
FastStone Image Viewer 6.0 (HKLM-x32\...\FastStone Image Viewer) (Version: 6.0 - FastStone Soft)
FireAlpaca 1.6.1 (HKLM-x32\...\FireAlpaca_is1) (Version: 1.6.1 - firealpaca.com)
flockmod tablet edition (HKLM-x32\...\{E7EBFA5B-A624-9B45-4F1A-D9AB4F56D53A}) (Version: 1.4.0 - UNKNOWN) Hidden
flockmod tablet edition (HKLM-x32\...\flockmod-air-tablet-ed) (Version: 1.4.0 - UNKNOWN)
Garry's Mod (HKLM\...\Steam App 4000) (Version: - Facepunch Studios)
GIMP 2.8.22 (HKLM\...\GIMP-2_is1) (Version: 2.8.22 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 59.0.3071.115 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.5 - Google Inc.) Hidden
Hammerwatch (HKLM\...\Steam App 239070) (Version: - Crackshell)
Happy Wars (HKLM\...\Steam App 246280) (Version: - Toylogic inc.)
Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment)
Hero Siege (HKLM\...\Steam App 269210) (Version: - Elias Viglione)
Hi-Rez Studios Authenticate and Update Service (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}) (Version: 3.0.0.0 - Hi-Rez Studios)
Home Makeover (HKLM-x32\...\WTA-2ae03d5a-8140-4ea7-9baf-b74137f4bbcd) (Version: 3.0.2.59 - WildTangent) Hidden
how do you Do It? (HKLM\...\Steam App 353360) (Version: - Nina Freeman)
HP Documentation (HKLM\...\HP_Documentation) (Version: - HP)
HP Registration Service (HKLM\...\{D1E8F2D7-7794-4245-B286-87ED86C1893C}) (Version: 1.2.8305.5282 - Hewlett-Packard)
HP Support Assistant (HKLM-x32\...\{61EB474B-67A6-47F4-B1B7-386851BAB3D0}) (Version: 8.4.19.3 - Hewlett-Packard Company)
HP Support Solutions Framework (HKLM-x32\...\{CE7447C2-EF12-4EF3-BE51-BFC3B049C0F6}) (Version: 12.7.27.15 - HP)
HP System Event Utility (HKLM-x32\...\{D17A3B70-B75E-4C49-83D6-C17DDF65B35F}) (Version: 1.3.4 - Hewlett-Packard Company)
HP Welcome (HKLM\...\HPWelcome) (Version: 1.0 - HP Inc.)
HP Wireless Button Driver (HKLM-x32\...\{DD21DBC9-2A74-44DA-A543-B1F4AF3ABFCA}) (Version: 1.1.8.1 - HP)
IGT Slots: Paradise Garden (HKLM-x32\...\WTA-68b293b3-24ea-4ce0-9414-a2d963c06c62) (Version: 3.0.2.59 - WildTangent) Hidden
Imperial Island: Birth of an Empire (HKLM-x32\...\WTA-b6b684f1-1e99-4986-9a24-e0e13cf8c44d) (Version: 3.0.2.59 - WildTangent) Hidden
iTunes (HKLM\...\{CBE6C79D-BBCE-430C-AC1F-FB3F484927A3}) (Version: 12.1.3.6 - Apple Inc.)
Jewel Match Snowscapes (HKLM-x32\...\WTA-fcd4929c-fe03-4fa1-b9ab-0f4fc8387a37) (Version: 3.0.2.118 - WildTangent) Hidden
Kindergarten (HKLM\...\Steam App 589590) (Version: - Connor Boyle)
Kits Configuration Installer (HKLM-x32\...\{B74E65FD-CC47-41C5-4B89-791A3F61942D}) (Version: 8.100.25984 - Microsoft) Hidden
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Lazy Nezumi Pro 17.3.25.1950 (HKLM-x32\...\Lazy Nezumi Pro_is1) (Version: 17.3.25.1950 - Guillaume Stordeur)
Levelator (HKLM-x32\...\Levelator_is1) (Version: - The Conversations Network)
Living Legends: Frozen Beauty Collector's Edition (HKLM-x32\...\WTA-4803a263-90b1-45c8-91a9-ae9e4d46baef) (Version: 3.0.2.59 - WildTangent) Hidden
Lost Lands: Dark Overlord Collector's Edition (HKLM-x32\...\WTA-e714e1b6-14e0-4ddb-9d02-21f95f6a8aec) (Version: 3.0.2.59 - WildTangent) Hidden
Lost Souls: Timeless Fables Collector's Edition (HKLM-x32\...\WTA-95621522-3587-48ea-bbc4-cc03cb0f8c34) (Version: 3.0.2.59 - WildTangent) Hidden
Magic Heroes: Save Our Park (HKLM-x32\...\WTA-2d17d93e-2d19-4218-a666-f3af0d4ca7ae) (Version: 3.0.2.59 - WildTangent) Hidden
Magicka (HKLM\...\Steam App 42910) (Version: - Arrowhead Game Studios)
Magicka 2 (HKLM\...\Steam App 238370) (Version: - Pieces Interactive)
Magicka 2: Spell Balance Beta (HKLM\...\Steam App 397080) (Version: - )
Magicka: Wizard Wars (HKLM\...\Steam App 202090) (Version: - Paradox North)
Malwarebytes version 3.1.2.1733 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.1.2.1733 - Malwarebytes)
Manor Memoirs Collector's Edition (HKLM-x32\...\WTA-df604f07-8c77-44fe-87b2-cb1aae521460) (Version: 3.0.2.59 - WildTangent) Hidden
MapleStory (HKLM\...\Steam App 216150) (Version: - Nexon)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (HKLM-x32\...\{D1D37853-0004-3E36-A7AA-74F4EEA35F64}) (Version: 4.5.50930 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 SDK (HKLM-x32\...\{19A5926D-66E1-46FC-854D-163AA10A52D3}) (Version: 4.5.51641 - Microsoft Corporation)
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4693.1005 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24210 (HKLM-x32\...\{f144e08f-9cbe-4f09-9a8c-f2b858b7ee7f}) (Version: 14.0.24210.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 3.1 (HKLM-x32\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Minecraft (HKLM-x32\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang)
Mozilla Firefox 48.0.2 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 48.0.2 (x86 en-US)) (Version: 48.0.2 - Mozilla)
MSI Development Tools (HKLM-x32\...\{CF3A1CA6-5E5E-B4BD-6CF1-363056816CA2}) (Version: 8.100.26898 - Microsoft Corporation) Hidden
Mystery Expedition: Prisoners of Ice (HKLM-x32\...\WTA-05807911-9546-4f99-b4d2-7018746b90c9) (Version: 3.0.2.59 - WildTangent) Hidden
NVIDIA PhysX (HKLM-x32\...\{B455E95A-B804-439F-B533-336B1635AE97}) (Version: 9.14.0702 - NVIDIA Corporation)
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 18.0.1 - OBS Project)
OEM Application Profile (HKLM-x32\...\{B4B7FD8F-06FC-E277-4F29-8F75F8281D8F}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
Opera Stable 46.0.2597.46 (HKLM-x32\...\Opera 46.0.2597.46) (Version: 46.0.2597.46 - Opera Software)
Origin (HKLM-x32\...\Origin) (Version: 9.12.1.43352 - Electronic Arts, Inc.)
Overwatch (HKLM-x32\...\Overwatch) (Version: - Blizzard Entertainment)
Paladins (HKLM\...\Steam App 444090) (Version: - Hi-Rez Studios)
Path of Exile (HKLM\...\Steam App 238960) (Version: - Grinding Gear Games)
PCSX2 - Playstation 2 Emulator (HKLM-x32\...\pcsx2) (Version: - )
PDF Settings CS6 (HKLM-x32\...\{BFEAAE77-BD7F-4534-B286-9C5CB4697EB1}) (Version: 11.0 - Adobe Systems Incorporated) Hidden
Plagiarii (HKLM-x32\...\WTA-5711b2b5-c4b3-45a9-a632-e2b08c678cd6) (Version: 3.0.2.59 - WildTangent) Hidden
PlaysTV (HKLM-x32\...\PlaysTV) (Version: 1.11.2-r113542-release - Plays.tv, LLC)
Polar Bowler 1st Frame (HKLM-x32\...\WTA-b7e3e02e-0be1-4dae-9333-f3406f4fe85c) (Version: 3.0.2.59 - WildTangent) Hidden
Portal 2 (HKLM\...\Steam App 620) (Version: - Valve)
PotPlayer-64 bit (HKLM\...\PotPlayer64) (Version: - Kakao Corp.)
Prince of Persia Sands of Time (HKLM-x32\...\Uplay Install 111) (Version: - Ubisoft)
Process Hacker 2.39 (r124) (HKLM\...\Process_Hacker2_is1) (Version: 2.39.0.124 - wj32)
Pulover's Macro Creator version 5.0.5 (HKLM\...\{223FFB42-2D49-4AF6-9EF2-82B7D0CAF8B4}_is1) (Version: 5.0.5 - Rodolfo U. Batista)
PureRef (HKLM-x32\...\PureRef) (Version: 1.9.2 - Idyllic Pixel)
RadeonPro 1.0 (Build 1.1.1.0) (HKLM-x32\...\RadeonPro_is1) (Version: - )
Raptr (HKLM-x32\...\Raptr) (Version: 5.2.7-r116720-release - Raptr, Inc)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.9600.31213 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.8.311.2016 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7944 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN Driver (HKLM-x32\...\{A5107464-AA9B-4177-8129-5FF2F42DD322}) (Version: 1.0.0.64 - REALTEK Semiconductor Corp.)
Recuva (HKLM\...\Recuva) (Version: 1.53 - Piriform)
Relic Hunters Zero (HKLM\...\Steam App 382490) (Version: - Rogue Snail)
ROBLOX Player for Nick (HKU\S-1-5-21-1919207557-622674961-3464858116-1002\...\{373B1718-8CC5-4567-8EE2-9033AD08A680}) (Version: - ROBLOX Corporation)
ROBLOX Player for Nick (HKU\S-1-5-21-1919207557-622674961-3464858116-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07152017023854162\...\{373B1718-8CC5-4567-8EE2-9033AD08A680}) (Version: - ROBLOX Corporation)
Rocket League (HKLM\...\Steam App 252950) (Version: - Psyonix, Inc.)
RocketDock 1.3.5 (HKLM-x32\...\RocketDock_is1) (Version: - Punk Software)
RogueKiller version 12.11.6.0 (HKLM\...\8B3D7924-ED89-486B-8322-E8594065D5CB_is1) (Version: 12.11.6.0 - Adlice Software)
Runefall (HKLM-x32\...\WTA-855c1085-a844-4179-9a01-ae5b1c664089) (Version: 3.0.2.126 - WildTangent) Hidden
Rush Hour! Gas Station (HKLM-x32\...\WTA-79f43b25-ad10-4334-b458-7232b11f7c87) (Version: 3.0.2.59 - WildTangent) Hidden
SDK Debuggers (HKLM-x32\...\{9274C832-3D8A-A294-FDE8-8B9272357098}) (Version: 8.100.26936 - Microsoft Corporation) Hidden
ShareX (HKLM\...\82E6AC09-0FEF-4390-AD9F-0DD3F5561EFC_is1) (Version: 11.4.1 - ShareX Team)
Sky High Farm (HKLM-x32\...\WTA-6c4aab36-626c-4779-beaf-e479f0d9d5d6) (Version: 3.0.2.59 - WildTangent) Hidden
Skype™ 7.37 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.37.103 - Skype Technologies S.A.)
Skyrim Script Extender (SKSE) (HKLM\...\Steam App 365720) (Version: - The SKSE Team)
Speccy (HKLM\...\Speccy) (Version: 1.29 - Piriform)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.2.4.10 - Synaptics Incorporated)
Team Fortress 2 (HKLM\...\Steam App 440) (Version: - Valve)
TeamViewer 12 (HKLM-x32\...\TeamViewer) (Version: 12.0.78313 - TeamViewer)
Terraria (HKLM\...\Steam App 105600) (Version: - Re-Logic)
The Elder Scrolls V: Skyrim (HKLM\...\Steam App 72850) (Version: - Bethesda Game Studios)
Tree of Savior (English Ver.) (HKLM\...\Steam App 372000) (Version: - IMCGAMES Co.,Ltd.)
TreeSize Free V3.4.5 (HKLM-x32\...\TreeSize Free_is1) (Version: 3.4.5 - JAM Software)
Undertale (HKLM-x32\...\1456487183_is1) (Version: 2.0.0.2 - GOG.com)
UninstallTabletDeviceDriver (HKLM\...\{39089688-F09E-4DAD-8C80-647D3DF68630}_is1) (Version: 12.3.7 - )
Unity Web Player (HKU\S-1-5-21-1919207557-622674961-3464858116-1002\...\UnityWebPlayer) (Version: 5.3.6f1 - Unity Technologies ApS)
Unity Web Player (HKU\S-1-5-21-1919207557-622674961-3464858116-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07152017023854162\...\UnityWebPlayer) (Version: 5.3.6f1 - Unity Technologies ApS)
Unturned (HKLM\...\Steam App 304930) (Version: - Smartly Dressed Games)
Update Installer for WildTangent Games App (HKLM-x32\...\{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App) (Version: - WildTangent) Hidden
Uplay (HKLM-x32\...\Uplay) (Version: 20.2 - Ubisoft)
Visual Studio 2010 SP1 Runtime x64 (HKLM\...\{F6305232-7952-4CCE-BDCD-9B2E66591C4A}) (Version: 1.0.0 - Microsoft Corporation)
Visual Studio 2010 SP1 Runtime x86 (HKLM-x32\...\{AEA163A5-BA2F-4E63-9529-DE8606AC82A4}) (Version: 1.0.0 - Microsoft Corporation)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.3 - VideoLAN)
Vulkan Run Time Libraries 1.0.26.0 (HKLM\...\VulkanRT1.0.26.0) (Version: 1.0.26.0 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.26.0 (HKLM\...\VulkanRT1.0.26.0-2) (Version: 1.0.26.0 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.39.1 (HKLM\...\VulkanRT1.0.39.1) (Version: 1.0.39.1 - LunarG, Inc.)
Warframe (HKLM\...\Steam App 230410) (Version: - Digital Extremes)
WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.4.0 - WildTangent)
WildTangent Games App for HP (HKLM-x32\...\{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-hp) (Version: 4.0.11.16 - WildTangent) Hidden
Windows 10 Update and Privacy Settings (HKLM\...\{4DFCD818-036A-4229-A67D-CF17DC461D92}) (Version: 1.0.14.0 - Microsoft Corporation)
Windows 10 Upgrade Assistant (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.17364 - Microsoft Corporation)
Windows Driver Package - Graphics Tablet (WinUsb) USBDevice (04/10/2014 8.33.30.0) (HKLM\...\142118DF51345EA02D2B1583E102C8FB95FD6D52) (Version: 04/10/2014 8.33.30.0 - Graphics Tablet)
Windows Software Development Kit for Windows 8.1 (HKLM-x32\...\{ed3a6e6d-9661-4357-abe4-fcc03dc57a07}) (Version: 8.100.26936 - Microsoft Corporation)
WinRAR 5.31 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.31.0 - win.rar GmbH)
WPT Redistributables (HKLM-x32\...\{64F3FB9A-9250-B2D6-00B4-50BE0358AEE8}) (Version: 8.100.26936 - Microsoft) Hidden
WPTx64 (HKLM-x32\...\{BFF81CB5-E8C7-4184-FBB4-74ADFBC6CCCB}) (Version: 8.100.26936 - Microsoft) Hidden
Xlideit Image Viewer (HKU\S-1-5-21-1919207557-622674961-3464858116-1002\...\Xlideit Image Viewer) (Version: - Picorover3)
Xlideit Image Viewer (HKU\S-1-5-21-1919207557-622674961-3464858116-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07152017023854162\...\Xlideit Image Viewer) (Version: - Picorover3)
You Have to Win the Game (HKLM\...\Steam App 286100) (Version: - Minor Key Games)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1919207557-622674961-3464858116-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07152017023854162_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-AD1CF0E732C5}\InprocServer32 -> %%systemroot%%\system32\shell32.dll => No File
CustomCLSID: HKU\S-1-5-21-1919207557-622674961-3464858116-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07152017023854162_Classes\CLSID\{9B6D38F3-8EF4-48A5-AD30-FFFFFFFFFFFF}\InprocServer32 -> C:\Program Files\Honeyview\HVShell64.dll => No File
CustomCLSID: HKU\S-1-5-21-1919207557-622674961-3464858116-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07152017023854162_Classes\CLSID\{DEE03C2B-0C0C-41A9-9877-FD4B4D7B6EA3}\InprocServer32 -> C:\Users\Nick\AppData\Local\Roblox\Versions\version-6da8969024ca4410\RobloxProxy64.dll (ROBLOX Corporation)
CustomCLSID: HKU\S-1-5-21-1919207557-622674961-3464858116-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07152017023854162_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
CustomCLSID: HKU\S-1-5-21-1919207557-622674961-3464858116-1002_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-AD1CF0E732C5}\InprocServer32 -> %%systemroot%%\system32\shell32.dll => No File
CustomCLSID: HKU\S-1-5-21-1919207557-622674961-3464858116-1002_Classes\CLSID\{9B6D38F3-8EF4-48A5-AD30-FFFFFFFFFFFF}\InprocServer32 -> C:\Program Files\Honeyview\HVShell64.dll => No File
CustomCLSID: HKU\S-1-5-21-1919207557-622674961-3464858116-1002_Classes\CLSID\{DEE03C2B-0C0C-41A9-9877-FD4B4D7B6EA3}\InprocServer32 -> C:\Users\Nick\AppData\Local\Roblox\Versions\version-6da8969024ca4410\RobloxProxy64.dll (ROBLOX Corporation)
CustomCLSID: HKU\S-1-5-21-1919207557-622674961-3464858116-1002_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-10-25] ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-10-25] ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-10-25] ()
ContextMenuHandlers01: [0HVContext] -> {9B6D38F3-8EF4-48A5-AD30-FFFFFFFFFFFF} => C:\Program Files\Honeyview\HVShell64.dll -> No File
ContextMenuHandlers01: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-10-25] ()
ContextMenuHandlers01: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File
ContextMenuHandlers01: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2016-02-04] (Alexander Roshal)
ContextMenuHandlers01: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => -> No File
ContextMenuHandlers03: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-05-09] (Malwarebytes)
ContextMenuHandlers04: [0HVContext] -> {9B6D38F3-8EF4-48A5-AD30-FFFFFFFFFFFF} => C:\Program Files\Honeyview\HVShell64.dll -> No File
ContextMenuHandlers04: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2016-06-06] (Piriform Ltd)
ContextMenuHandlers05: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files\AMD\CNext\CNext\atiacm64.dll [2017-04-24] (Advanced Micro Devices, Inc.)
ContextMenuHandlers06: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-10-25] ()
ContextMenuHandlers06: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-05-09] (Malwarebytes)
ContextMenuHandlers06: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2016-06-06] (Piriform Ltd)
ContextMenuHandlers06: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2016-02-04] (Alexander Roshal)
ContextMenuHandlers06: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => -> No File
ContextMenuHandlers1_S-1-5-21-1919207557-622674961-3464858116-1002: [0HVContext] -> {9B6D38F3-8EF4-48A5-AD30-FFFFFFFFFFFF} => C:\Program Files\Honeyview\HVShell64.dll -> No File
ContextMenuHandlers4_S-1-5-21-1919207557-622674961-3464858116-1002: [0HVContext] -> {9B6D38F3-8EF4-48A5-AD30-FFFFFFFFFFFF} => C:\Program Files\Honeyview\HVShell64.dll -> No File

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0A63DB01-68E9-4846-916F-5E4ACFB3F644} - System32\Tasks\{4B0B5A0E-FEEC-4808-92D6-7BB7AF9945AC} => launchwinapp.exe hxxp://ui.skype.com/ui/0/7.22.0.108/en/abandoninstall?page=tsBing
Task: {18CA2043-AB46-4C3D-BB16-88065B9A3862} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [2017-04-24] (Advanced Micro Devices, Inc.)
Task: {1A5D76F4-43F8-4DA8-929B-1FEB793C57A9} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-08-26] (Piriform Ltd)
Task: {3253DEFA-7581-4EC6-81D2-24E64E6898F8} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [2016-11-07] (HP Inc.)
Task: {51B545F1-4331-45E2-B36C-E8FA754CD3C7} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [2017-06-22] (HP Inc.)
Task: {5603EEF8-7ACE-4D81-9EB2-320F74273756} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-04-27] (Google Inc.)
Task: {58937186-AC49-442D-9921-35647C48A369} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\Program Files\Windows Defender\\MpCmdRun.exe [2017-04-27] (Microsoft Corporation)
Task: {697C9856-8E76-4BCF-8708-927F581FE272} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\Program Files\Windows Defender\\MpCmdRun.exe [2017-04-27] (Microsoft Corporation)
Task: {6DD5934B-C901-473B-84F6-55EE92112474} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\Program Files\Windows Defender\\MpCmdRun.exe [2017-04-27] (Microsoft Corporation)
Task: {85D14344-C4AC-4643-8E95-02365E373735} - System32\Tasks\Opera scheduled Autoupdate 1460536304 => C:\Program Files (x86)\Opera\launcher.exe [2017-07-11] (Opera Software)
Task: {AA7FAD7A-D478-4722-877A-0F530302B0DF} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-04-25] (Adobe Systems Incorporated)
Task: {B40193EA-7C5C-490E-A64B-3BC9164CDCC1} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\Program Files\Windows Defender\\MpCmdRun.exe [2017-04-27] (Microsoft Corporation)
Task: {BB47DB5D-7F3D-4CED-A0A9-384FFA2F8451} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWoW64\Macromed\Flash\FlashUtil32_24_0_0_221_pepper.exe [2017-02-14] (Adobe Systems Incorporated)
Task: {BD145347-B0F2-483F-97B6-F5A1B9A1CCCB} - System32\Tasks\AdobeAAMUpdater-1.0-NICK-Nick => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2016-07-01] (Adobe Systems Incorporated)
Task: {BF9A38A0-42D1-45D6-B66A-7C289CBBF509} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-04-27] (Google Inc.)
Task: {C2DE86A4-4A73-4B4D-A66E-77DDE30D7EC3} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2016-12-07] (HP Inc.)
Task: {DDA3F625-73AA-4202-BC8A-18F8EC13B34A} - System32\Tasks\HP Metrics => C:\Program Files\HP\HP Welcome\Garage.Container.exe

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\Adobe Flash Player PPAPI Notifier.job => C:\WINDOWS\SysWoW64\Macromed\Flash\FlashUtil32_24_0_0_221_pepper.exe
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\windows\explorer.exe
Task: C:\WINDOWS\Tasks\HPCeeScheduleForNick.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============

2016-07-16 07:42 - 2016-07-16 07:42 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2017-07-09 02:21 - 2017-06-03 06:01 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2017-07-11 03:32 - 2017-06-27 12:06 - 02260432 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll
2016-10-25 09:57 - 2016-10-25 09:57 - 00491184 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll
2016-11-02 10:23 - 2016-11-02 10:23 - 00959168 _____ () C:\Users\Nick\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64\ClientTelemetry.dll
2016-09-14 03:00 - 2016-09-14 03:00 - 00014336 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll
2016-09-14 03:00 - 2016-09-14 03:00 - 00739840 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll
2016-09-14 03:00 - 2016-09-14 03:00 - 00014336 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll
2016-09-14 03:00 - 2016-09-14 03:00 - 00071168 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll
2016-09-14 02:59 - 2016-09-14 02:59 - 00011776 _____ () C:\Program Files\AMD\CNext\CNext\libEGL.dll
2016-09-14 02:59 - 2016-09-14 02:59 - 02013696 _____ () C:\Program Files\AMD\CNext\CNext\libGLESv2.dll
2016-09-14 03:00 - 2016-09-14 03:00 - 00191488 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Dialogs\dialogplugin.dll
2016-11-02 02:51 - 2016-11-02 02:51 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2017-03-15 09:12 - 2017-03-04 02:31 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2016-04-11 15:24 - 2007-09-02 13:58 - 00495616 _____ () C:\Program Files (x86)\RocketDock\RocketDock.exe
2017-06-26 17:00 - 2017-06-22 23:21 - 03807064 _____ () C:\Program Files (x86)\Google\Chrome\Application\59.0.3071.115\libglesv2.dll
2017-06-26 17:00 - 2017-06-22 23:21 - 00100184 _____ () C:\Program Files (x86)\Google\Chrome\Application\59.0.3071.115\libegl.dll
2016-04-11 15:24 - 2007-09-02 13:57 - 00069632 _____ () C:\Program Files (x86)\RocketDock\RocketDock.dll
2017-05-31 11:41 - 2017-05-31 11:41 - 01982976 ____R () C:\Program Files (x86)\Skype\Phone\skypert.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\72416916.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\74193179.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PAexec => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\72416916.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\74193179.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PAexec => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WRkrn => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WRSVC => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

HKU\S-1-5-21-1919207557-622674961-3464858116-1002\Software\Classes\exefile: "%1" %* <==== ATTENTION
HKU\S-1-5-21-1919207557-622674961-3464858116-1002\Software\Classes\.exe: exefile => "%1" %* <==== ATTENTION

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE restricted site: HKU\S-1-5-21-1919207557-622674961-3464858116-1002\...\skype.com -> hxxps://apps.skype.com
IE restricted site: HKU\S-1-5-21-1919207557-622674961-3464858116-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07152017023854162\...\skype.com -> hxxps://apps.skype.com

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2015-10-30 03:24 - 2015-10-30 03:21 - 00000824 _____ C:\WINDOWS\system32\Drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07152017023852698\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07152017023853683\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
HKU\S-1-5-21-1919207557-622674961-3464858116-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\Nick\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
HKU\S-1-5-21-1919207557-622674961-3464858116-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07152017023854162\Control Panel\Desktop\\Wallpaper -> C:\Users\Nick\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
HKU\S-1-5-21-1919207557-622674961-3464858116-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07152017023856706\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg
DNS Servers: 75.75.75.75 - 75.75.76.76
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

MSCONFIG\Services: Fax => 3
MSCONFIG\Services: PrintNotify => 3
MSCONFIG\Services: RasAuto => 3
MSCONFIG\Services: RasMan => 3
MSCONFIG\Services: SessionEnv => 3
MSCONFIG\Services: Spooler => 3
MSCONFIG\Services: TermService => 3

 

[Broni]

The second log is incomplete.

 

[Balanced]

MSCONFIG\Services: UmRdpService => 3
HKLM\...\StartupApproved\Run: => "RTHDVCPL"
HKLM\...\StartupApproved\Run: => "DeliveryAndStatusCheck"
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run: => "StartCN"
HKLM\...\StartupApproved\Run: => "WindowsDefender"
HKLM\...\StartupApproved\Run: => "TabletDriver"
HKLM\...\StartupApproved\Run: => "Malwarebytes TrayApp"
HKLM\...\StartupApproved\Run32: => "HPMessageService"
HKLM\...\StartupApproved\Run32: => "PowerDVD14Agent"
HKLM\...\StartupApproved\Run32: => "AdobeCS6ServiceManager"
HKLM\...\StartupApproved\Run32: => "SwitchBoard"
HKLM\...\StartupApproved\Run32: => "PlaysTV"
HKLM\...\StartupApproved\Run32: => "Raptr"
HKLM\...\StartupApproved\Run32: => "iTunesHelper"
HKLM\...\StartupApproved\Run32: => "WindowsDefender"
HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud"
HKU\S-1-5-21-1919207557-622674961-3464858116-1002\...\StartupApproved\StartupFolder: => "IMVU.lnk"
HKU\S-1-5-21-1919207557-622674961-3464858116-1002\...\StartupApproved\StartupFolder: => "Curse.lnk"
HKU\S-1-5-21-1919207557-622674961-3464858116-1002\...\StartupApproved\StartupFolder: => "ShareX.lnk"
HKU\S-1-5-21-1919207557-622674961-3464858116-1002\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-1919207557-622674961-3464858116-1002\...\StartupApproved\Run: => "Skype"
HKU\S-1-5-21-1919207557-622674961-3464858116-1002\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-1919207557-622674961-3464858116-1002\...\StartupApproved\Run: => "Gyazo"
HKU\S-1-5-21-1919207557-622674961-3464858116-1002\...\StartupApproved\Run: => "HiAlgoBOOST"
HKU\S-1-5-21-1919207557-622674961-3464858116-1002\...\StartupApproved\Run: => "AppEx Accelerator UI"
HKU\S-1-5-21-1919207557-622674961-3464858116-1002\...\StartupApproved\Run: => "Discord"
HKU\S-1-5-21-1919207557-622674961-3464858116-1002\...\StartupApproved\Run: => "AdobeBridge"
HKU\S-1-5-21-1919207557-622674961-3464858116-1002\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-1919207557-622674961-3464858116-1002\...\StartupApproved\Run: => "MurGee.com Auto Clicker"
HKU\S-1-5-21-1919207557-622674961-3464858116-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07152017023854162\...\StartupApproved\StartupFolder: => "IMVU.lnk"
HKU\S-1-5-21-1919207557-622674961-3464858116-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07152017023854162\...\StartupApproved\StartupFolder: => "Curse.lnk"
HKU\S-1-5-21-1919207557-622674961-3464858116-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07152017023854162\...\StartupApproved\StartupFolder: => "ShareX.lnk"
HKU\S-1-5-21-1919207557-622674961-3464858116-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07152017023854162\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-1919207557-622674961-3464858116-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07152017023854162\...\StartupApproved\Run: => "Skype"
HKU\S-1-5-21-1919207557-622674961-3464858116-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07152017023854162\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-1919207557-622674961-3464858116-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07152017023854162\...\StartupApproved\Run: => "Gyazo"
HKU\S-1-5-21-1919207557-622674961-3464858116-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07152017023854162\...\StartupApproved\Run: => "HiAlgoBOOST"
HKU\S-1-5-21-1919207557-622674961-3464858116-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07152017023854162\...\StartupApproved\Run: => "AppEx Accelerator UI"
HKU\S-1-5-21-1919207557-622674961-3464858116-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07152017023854162\...\StartupApproved\Run: => "Discord"
HKU\S-1-5-21-1919207557-622674961-3464858116-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07152017023854162\...\StartupApproved\Run: => "AdobeBridge"
HKU\S-1-5-21-1919207557-622674961-3464858116-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07152017023854162\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-1919207557-622674961-3464858116-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07152017023854162\...\StartupApproved\Run: => "MurGee.com Auto Clicker"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{E2976D0F-0C37-4655-A3CE-EC8CD1A6FC39}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{AFA7C818-E543-47C0-AF91-A65013B78608}] => (Block) C:\program files (x86)\hearthstone\hearthstone.exe
FirewallRules: [{316C01A7-FBF8-407F-8798-164E3677858B}] => (Block) C:\program files (x86)\hearthstone\hearthstone.exe
FirewallRules: [UDP Query User{42EE9500-66C3-4711-A013-05DCBAFC5BBC}C:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) C:\program files (x86)\hearthstone\hearthstone.exe
FirewallRules: [TCP Query User{A09F522E-EF8C-42B3-BF2F-5532A31B729C}C:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) C:\program files (x86)\hearthstone\hearthstone.exe
FirewallRules: [{98F3BC70-4392-4D3C-8F74-A4C7AC967A66}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Duelyst\Duelyst.exe
FirewallRules: [{6C258ABD-7C86-4E9B-91D6-A9E9E08F330F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Duelyst\Duelyst.exe
FirewallRules: [{A44E5F2C-FA08-4B3F-B18D-8007BB461B92}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe
FirewallRules: [{823DACAB-0FEE-4CC3-9263-E6C3B54BC31B}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe
FirewallRules: [{6B636CBF-BBF8-41E1-BBA4-385572C9D428}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe
FirewallRules: [{7CD1C99A-780C-4675-97A0-C9747C8F0C4C}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe
FirewallRules: [UDP Query User{345288F5-72AA-453D-BE32-45C3AC655770}C:\windows\system32\runtimebroker.exe] => (Block) C:\windows\system32\runtimebroker.exe
FirewallRules: [TCP Query User{2443CD54-787F-4F57-8EDA-EC5EAF5F3F50}C:\windows\system32\runtimebroker.exe] => (Block) C:\windows\system32\runtimebroker.exe
FirewallRules: [{1326D897-A4BB-4509-A247-CD724F687A1A}] => (Block) C:\koggames\herowarz\binaries\win32\mcgame-final.exe
FirewallRules: [{0D81D012-2BAC-469B-81AB-BF40A0FED2BB}] => (Block) C:\koggames\herowarz\binaries\win32\mcgame-final.exe
FirewallRules: [UDP Query User{AC8A097B-B6F4-4333-91A8-F43FA33E71E6}C:\koggames\herowarz\binaries\win32\mcgame-final.exe] => (Allow) C:\koggames\herowarz\binaries\win32\mcgame-final.exe
FirewallRules: [TCP Query User{02B69E51-3081-4FAC-8219-3770A904746B}C:\koggames\herowarz\binaries\win32\mcgame-final.exe] => (Allow) C:\koggames\herowarz\binaries\win32\mcgame-final.exe
FirewallRules: [UDP Query User{3499D0D5-46E8-4843-A1C3-B66DCD33CB15}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe
FirewallRules: [TCP Query User{52CCB1E6-D2FE-4E2D-9589-D78C1B79C8CF}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe
FirewallRules: [UDP Query User{1FA03D48-E2FC-4D7A-A6E9-441DA4BE002A}C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe
FirewallRules: [TCP Query User{B0F091FE-7882-48A9-9509-F2C05A9A817B}C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe
FirewallRules: [{C037A078-888C-4BFC-A276-D35C88642CD8}] => (Block) C:\program files (x86)\steam\steamapps\common\paladins\binaries\win32\paladins.exe
FirewallRules: [{E0BF8D76-756D-4B23-BD6C-A728117BFFF7}] => (Block) C:\program files (x86)\steam\steamapps\common\paladins\binaries\win32\paladins.exe
FirewallRules: [UDP Query User{43153AFB-5C20-45B7-8559-F503C9271991}C:\program files (x86)\steam\steamapps\common\paladins\binaries\win32\paladins.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\paladins\binaries\win32\paladins.exe
FirewallRules: [TCP Query User{86BF7B1D-D92C-4746-88DF-457AC7223A78}C:\program files (x86)\steam\steamapps\common\paladins\binaries\win32\paladins.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\paladins\binaries\win32\paladins.exe
FirewallRules: [{D6834434-89D6-4D1A-A885-050F8790E433}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Paladins\Binaries\Win32\HirezBridge.exe
FirewallRules: [{C913CE2F-E7F1-4061-BA0B-BA485AF5DB9D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Paladins\Binaries\Win32\HirezBridge.exe
FirewallRules: [{E3FB8619-FB4A-4EF9-A27B-F65152035D46}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\MapleStory\nxsteam.exe
FirewallRules: [{656FA36A-1890-44BC-9D95-C3A2883F688E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\MapleStory\nxsteam.exe
FirewallRules: [{5BF40A91-A378-4684-AEF2-BB063F020A98}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Magicka 2 beta\engine\Magicka2.exe
FirewallRules: [{A7B5BBDE-A9AA-46EB-846D-13C250DADA3D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Magicka 2 beta\engine\Magicka2.exe
FirewallRules: [{D9B67279-7E40-4F4A-802A-4A588BBC082B}] => (Allow) C:\Program Files (x86)\iTunes\iTunes.exe
FirewallRules: [{DBDA50EF-724D-4448-93F3-3FC1EE64DDD3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Hammerwatch\editor\HammerEditor.exe
FirewallRules: [{8F70CEC8-FABA-4071-AA0E-CD7841558B61}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Hammerwatch\editor\HammerEditor.exe
FirewallRules: [{C2C3B0CB-0116-4241-B208-39C71063A5C9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Hammerwatch\Hammerwatch.exe
FirewallRules: [{1223415E-CCEC-40E6-BC1F-7E8C63437FF5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Hammerwatch\Hammerwatch.exe
FirewallRules: [{E9316707-4D10-4570-B3C1-64CC56E16D29}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{DBF85C5E-DBB6-4240-8643-C510165F2F86}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{58BC420F-3E97-4881-8E06-06BF6E6EDB9B}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{FF14807B-5534-49FB-AFAE-0D3FB50D6F3C}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{B270F95D-77E5-4FD3-9510-CEAA66D29F8B}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{E915D3E4-AC01-4BDE-AAAB-AA837AE372FE}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{8D2068B4-A2DC-4A77-88BC-43F5B5AB0AA6}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Prince of Persia Sands of Time\POP.EXE
FirewallRules: [{1E3FBBBA-7BC9-46CF-9D60-DBB6BB530520}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Prince of Persia Sands of Time\POP.EXE
FirewallRules: [{93B0BAF7-6181-4F11-8F60-135866AB9F7E}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Prince of Persia Sands of Time\PrinceOfPersia.EXE
FirewallRules: [{BED9EE1A-AA99-47FD-B188-E13BE5B1C6A8}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Prince of Persia Sands of Time\PrinceOfPersia.EXE
FirewallRules: [{DDC0B08A-2B1B-48A7-A7EC-E74FBE5FCECF}] => (Block) C:\program files (x86)\overwatch\overwatch.exe
FirewallRules: [{E3219C40-2927-430F-94F2-D747B817011D}] => (Block) C:\program files (x86)\overwatch\overwatch.exe
FirewallRules: [UDP Query User{EA4368C8-94E7-43F8-BDAB-D5E1EF77E42E}C:\program files (x86)\overwatch\overwatch.exe] => (Allow) C:\program files (x86)\overwatch\overwatch.exe
FirewallRules: [TCP Query User{216026C5-E1FD-467C-B5E9-30C9CD810C3B}C:\program files (x86)\overwatch\overwatch.exe] => (Allow) C:\program files (x86)\overwatch\overwatch.exe
FirewallRules: [{C1D26162-5486-4AAB-A4FC-5AD8B41A56F4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Portal 2\portal2.exe
FirewallRules: [{44D905BF-F445-426C-B5E5-4E63445F781C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Portal 2\portal2.exe
FirewallRules: [{543DFBB4-ED10-40B2-9F79-2AEDC7519C0C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\how do you Do It\how_do_you_Do_It\how do you Do It.exe
FirewallRules: [{446615AE-0C44-4C96-B9CE-4AED8C0ABA96}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\how do you Do It\how_do_you_Do_It\how do you Do It.exe
FirewallRules: [{A7CD8231-63DA-41D0-AB50-77AE31B82E49}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Magicka 2\engine\Magicka2.exe
FirewallRules: [{B6CA7646-7527-4A30-8B43-970774FC2914}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Magicka 2\engine\Magicka2.exe
FirewallRules: [{1B5C65A4-6E25-4067-BA91-ABE2881C86CA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\You Have to Win the Game\TheGame.exe
FirewallRules: [{EF503A09-A923-42AF-88C5-A0CB0F5F2AFC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\You Have to Win the Game\TheGame.exe
FirewallRules: [{C306D8F2-08E9-4352-9BD9-1566E1B6F00E}] => (Block) C:\program files (x86)\steam\steamapps\common\happywars\happywars.exe
FirewallRules: [{FDCCBDBD-618F-4945-BA2E-7EF6773BC1E9}] => (Block) C:\program files (x86)\steam\steamapps\common\happywars\happywars.exe
FirewallRules: [UDP Query User{AAD55263-81E1-452C-9017-96DE488C2D93}C:\program files (x86)\steam\steamapps\common\happywars\happywars.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\happywars\happywars.exe
FirewallRules: [TCP Query User{3BF9B90D-AC7C-495A-91CE-3E0D037C4231}C:\program files (x86)\steam\steamapps\common\happywars\happywars.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\happywars\happywars.exe
FirewallRules: [{D491C641-AC8C-4863-85FC-6B76EE8BD633}] => (Allow) C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv.exe
FirewallRules: [{B718867A-AD82-42B7-9B92-0DB095591DF9}] => (Allow) C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv.exe
FirewallRules: [{17D26F6D-B44E-4250-A90F-3D5D2748DF57}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Team Fortress 2\hl2.exe
FirewallRules: [{8FF985F6-BA90-4E34-8874-9954F15CD179}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Team Fortress 2\hl2.exe
FirewallRules: [{C2E0185A-45D9-43AC-B3FA-F2DC77FBAA3C}] => (Block) C:\program files (x86)\steam\steamapps\common\magickawizardwars\bitsquid_win32_dev.exe
FirewallRules: [{29F67E73-3F62-4148-84E0-AA15D5DA1FC5}] => (Block) C:\program files (x86)\steam\steamapps\common\magickawizardwars\bitsquid_win32_dev.exe
FirewallRules: [UDP Query User{8F5D4997-5A0C-4F79-8CFE-898C5E4CF6B4}C:\program files (x86)\steam\steamapps\common\magickawizardwars\bitsquid_win32_dev.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\magickawizardwars\bitsquid_win32_dev.exe
FirewallRules: [TCP Query User{96AA9444-9A35-4828-A3D3-0529D9FDCFF1}C:\program files (x86)\steam\steamapps\common\magickawizardwars\bitsquid_win32_dev.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\magickawizardwars\bitsquid_win32_dev.exe
FirewallRules: [UDP Query User{BD47D33D-DC06-4DE4-A1E5-08906B901D47}C:\program files (x86)\videolan\vlc\vlc.exe] => (Block) C:\program files (x86)\videolan\vlc\vlc.exe
FirewallRules: [TCP Query User{AE706586-C393-4A59-B939-2D869051D9F9}C:\program files (x86)\videolan\vlc\vlc.exe] => (Block) C:\program files (x86)\videolan\vlc\vlc.exe
FirewallRules: [{8123619F-27A4-41F9-A55D-9D319DF978BF}] => (Block) C:\program files (x86)\steam\steamapps\common\don't starve together\bin\dontstarve_dedicated_server_nullrenderer.exe
FirewallRules: [{DDFA04B8-5D71-427F-BCD3-F6B00941F4B3}] => (Block) C:\program files (x86)\steam\steamapps\common\don't starve together\bin\dontstarve_dedicated_server_nullrenderer.exe
FirewallRules: [UDP Query User{FA4E73F1-BAAE-4014-A0C9-00554C66E9A5}C:\program files (x86)\steam\steamapps\common\don't starve together\bin\dontstarve_dedicated_server_nullrenderer.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\don't starve together\bin\dontstarve_dedicated_server_nullrenderer.exe
FirewallRules: [TCP Query User{A686BD55-8BD8-4317-81C9-532760F6BB54}C:\program files (x86)\steam\steamapps\common\don't starve together\bin\dontstarve_dedicated_server_nullrenderer.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\don't starve together\bin\dontstarve_dedicated_server_nullrenderer.exe
FirewallRules: [{A86E9B9D-01CB-457A-B0AB-E26549E27721}] => (Block) C:\steamcmd\steamapps\common\don't starve together dedicated server\bin\dontstarve_dedicated_server_nullrenderer.exe
FirewallRules: [{B3A827CF-4190-46CE-BCCE-8723E197EFE7}] => (Block) C:\steamcmd\steamapps\common\don't starve together dedicated server\bin\dontstarve_dedicated_server_nullrenderer.exe
FirewallRules: [UDP Query User{6403B887-C29B-449E-A5C9-95CB31B874A2}C:\steamcmd\steamapps\common\don't starve together dedicated server\bin\dontstarve_dedicated_server_nullrenderer.exe] => (Allow) C:\steamcmd\steamapps\common\don't starve together dedicated server\bin\dontstarve_dedicated_server_nullrenderer.exe
FirewallRules: [TCP Query User{69A5D617-FBC7-4B1D-B10B-221589FFB057}C:\steamcmd\steamapps\common\don't starve together dedicated server\bin\dontstarve_dedicated_server_nullrenderer.exe] => (Allow) C:\steamcmd\steamapps\common\don't starve together dedicated server\bin\dontstarve_dedicated_server_nullrenderer.exe
FirewallRules: [{11310F05-A91E-4325-BEE1-0347068F75DB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Brawlhalla\Brawlhalla.exe
FirewallRules: [{F3224F42-B810-410C-A698-64E7AFDDDA7B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Brawlhalla\Brawlhalla.exe
FirewallRules: [{19152FFF-AB2D-4894-BBDF-DC67F412731F}] => (Block) C:\program files (x86)\steam\steamapps\common\terraria\terrariaserver.exe
FirewallRules: [{BAA290AE-6446-4E3D-9B34-7E554441F761}] => (Block) C:\program files (x86)\steam\steamapps\common\terraria\terrariaserver.exe
FirewallRules: [UDP Query User{4D6C70A4-DC49-472A-AF25-E6BFF3362409}C:\program files (x86)\steam\steamapps\common\terraria\terrariaserver.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\terraria\terrariaserver.exe
FirewallRules: [TCP Query User{E49DF392-8E67-4D84-B932-26C12F800923}C:\program files (x86)\steam\steamapps\common\terraria\terrariaserver.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\terraria\terrariaserver.exe
FirewallRules: [{26B194E2-F697-4ED0-941B-4D1CA4BEA704}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Relic Hunters Zero\RelicHuntersZero.exe
FirewallRules: [{C299E1C5-5FB0-44EE-AB60-B32B7C82CFAC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Relic Hunters Zero\RelicHuntersZero.exe
FirewallRules: [{92EF681F-71BF-4C44-9B91-B42F58754D0C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Skyrim\skse_steam_boot.exe
FirewallRules: [{83B3BC75-4A81-4974-9E15-EB11374B7241}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Skyrim\skse_steam_boot.exe
FirewallRules: [{05597ECF-44B6-4090-A371-4CD531DBB373}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\MagickaWizardWars\WizardWarsLauncher.exe
FirewallRules: [{0E758609-3C19-4481-8A63-5BB7814E1E19}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\MagickaWizardWars\WizardWarsLauncher.exe
FirewallRules: [{77ECEFAE-D21B-49F9-BA9B-D3565681BE6D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Magicka\Magicka.exe
FirewallRules: [{6AE660FF-3E0B-4289-B7D1-5C6FBFFD464A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Magicka\Magicka.exe
FirewallRules: [{140F1A61-EBF4-46F2-9FF2-DD75E074046A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [{8A74F02C-8EB6-4725-9992-42857B618F3B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [{B764CC17-4E28-45EA-BC53-15B8B5D2823E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{23B30BFB-0CC2-4B52-BDF7-1EBDAD4C871D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{99E38E8B-2F8B-4DEC-A436-58DE805810E4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Path of Exile\PathOfExileSteam.exe
FirewallRules: [{22A5E9AB-0017-41C4-9812-131AD7A15CCA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Path of Exile\PathOfExileSteam.exe
FirewallRules: [{C5CD4752-0A76-4E88-A250-21C46C6B51AE}] => (Allow) C:\Users\Nick\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{83ADAE84-CA85-4B25-906B-8D71B0166176}] => (Allow) C:\Users\Nick\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{B84B5A9D-F90B-4C55-BA5A-8815964DEAB5}] => (Allow) C:\Users\Nick\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{EF83ED09-8C7B-44C7-8B28-B401E9ABF325}] => (Allow) C:\Users\Nick\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{68FDC33E-462B-4CEF-B00A-1007BD5F7B64}] => (Allow) C:\Users\Nick\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{B7F476F6-001C-443C-AFF6-2F2349852BAF}] => (Allow) C:\Users\Nick\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{AEEA3E3F-FF9A-4511-9B9D-8913287676AF}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{7DA80BBA-4EE6-4A84-A904-4684DA1ACE4E}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{37CB5903-7DE8-47A2-8E7B-1F3236D6F735}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\Movie\PowerDVD Cinema\PowerDVDCinema.exe
FirewallRules: [{131C24DF-B8EF-42D3-8A6D-20A3E1DAE834}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\Movie\PowerDVDMovie.exe
FirewallRules: [{8917183E-E38A-4E36-9604-C451B386D270}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\PowerDVD14Agent.exe
FirewallRules: [{5C42D9F3-D651-420A-81AF-683A33262280}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\Kernel\DMS\CLMSServerPDVD14.exe
FirewallRules: [{D46B11CF-BAB8-46E9-A37F-6B47B4609BFA}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\PowerDVD.exe
FirewallRules: [{5CA9C5F2-A1DC-4A25-B193-98C7A9438D0A}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPSOCKSVC.exe
FirewallRules: [TCP Query User{63DAC87B-A008-45E9-ADC9-E03E7CD4F722}C:\program files (x86)\steam\steamapps\common\hungerdungeon\hungerdungeon.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\hungerdungeon\hungerdungeon.exe
FirewallRules: [UDP Query User{92F56408-F416-418B-BDCC-255B233CCCC1}C:\program files (x86)\steam\steamapps\common\hungerdungeon\hungerdungeon.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\hungerdungeon\hungerdungeon.exe
FirewallRules: [TCP Query User{D30B6E9C-3941-4DAF-B122-B30ECB027676}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{D890BA19-1313-4030-B9FD-A3749EF555A0}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [{B144D090-F56A-4C6C-A18A-47E7AA3ACAB1}] => (Allow) C:\Riot Games\League of Legends\lol.launcher.exe
FirewallRules: [{60483323-14BB-48F4-A362-CA41B260D852}] => (Allow) C:\Riot Games\League of Legends\lol.launcher.exe
FirewallRules: [{870F74B6-C86B-4B19-BAEF-AF8C5FB83CC8}] => (Allow) C:\Riot Games\League of Legends\lol.launcher.exe
FirewallRules: [{B3A5F4C9-F1E9-442E-B422-B260548F675C}] => (Allow) C:\Riot Games\League of Legends\lol.launcher.exe
FirewallRules: [{7EFF8822-62EC-4A4B-8DF6-31CFB49805C6}] => (Allow) C:\Riot Games\League of Legends\lol.launcher.admin.exe
FirewallRules: [{428D005C-D558-47AF-A2A0-E940DFE43FA6}] => (Allow) C:\Riot Games\League of Legends\lol.launcher.admin.exe
FirewallRules: [{90135BD7-E349-409B-AD2C-B8750304DFE9}] => (Allow) C:\Riot Games\League of Legends\lol.launcher.admin.exe
FirewallRules: [{33CEF2E1-1258-4050-8D52-56C5D4D6B61B}] => (Allow) C:\Riot Games\League of Legends\lol.launcher.admin.exe
FirewallRules: [{FE14F790-63A4-4A24-9703-D077C64D7822}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Path of Exile\PathOfExile_x64Steam.exe
FirewallRules: [{91AC6656-3ED3-4AAE-AFF4-2617AFB18FFD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Path of Exile\PathOfExile_x64Steam.exe
FirewallRules: [TCP Query User{197303E0-B964-48C6-9E60-0E51205AF5BB}C:\flockmod-tablet\flockmod-tablet.exe] => (Allow) C:\flockmod-tablet\flockmod-tablet.exe
FirewallRules: [UDP Query User{082EC317-B2BA-4BFB-9204-5ED51D4B8B5D}C:\flockmod-tablet\flockmod-tablet.exe] => (Allow) C:\flockmod-tablet\flockmod-tablet.exe
FirewallRules: [{809E9A15-44D9-457F-B8EF-B99965609B38}] => (Block) C:\flockmod-tablet\flockmod-tablet.exe
FirewallRules: [{358C6D18-011F-4296-B0F8-01F380152952}] => (Block) C:\flockmod-tablet\flockmod-tablet.exe
FirewallRules: [{39BC6093-6994-437C-A6ED-854010582E94}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{60FD082D-3304-4B9F-A4A5-6B0EE20C19F4}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{2484F83A-A488-4182-B07C-66A0E79203D0}] => (Allow) C:\Users\Nick\AppData\Local\Warframe\Downloaded\Public\Tools\Launcher.exe
FirewallRules: [{F5ADEF14-629A-4521-A92C-EE2E6DFDCA58}] => (Allow) C:\Users\Nick\AppData\Local\Warframe\Downloaded\Public\Tools\Launcher.exe
FirewallRules: [{80F86C9A-0481-47D7-8243-81C28330861C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Terraria\Terraria.exe
FirewallRules: [{7B35A84B-0102-4142-B912-0122FAEB662C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Terraria\Terraria.exe
FirewallRules: [{A064F437-56E2-44CA-8E30-28597C0102B0}] => (Allow) C:\Riot Games\League of Legends\RADS\solutions\lol_game_client_sln\releases\0.0.1.167\deploy\League of Legends.exe
FirewallRules: [{9043E852-7887-40C3-8E3C-3DE71989CFB4}] => (Allow) C:\Riot Games\League of Legends\RADS\solutions\lol_game_client_sln\releases\0.0.1.167\deploy\League of Legends.exe
FirewallRules: [{FF273A47-901F-4869-B479-59DF0D6F8D4D}] => (Allow) C:\Riot Games\League of Legends\RADS\solutions\lol_game_client_sln\releases\0.0.1.167\deploy\League of Legends.exe
FirewallRules: [{ACD82FA4-7932-4D5D-9A4B-F3BE2A24C39D}] => (Allow) C:\Riot Games\League of Legends\RADS\solutions\lol_game_client_sln\releases\0.0.1.167\deploy\League of Legends.exe
FirewallRules: [TCP Query User{4C725262-55EA-4C27-AA29-43B978E84124}C:\program files (x86)\flockmod-tablet\flockmod-tablet.exe] => (Allow) C:\program files (x86)\flockmod-tablet\flockmod-tablet.exe
FirewallRules: [UDP Query User{3D353FB4-AEC7-4931-9273-C474155A5A6D}C:\program files (x86)\flockmod-tablet\flockmod-tablet.exe] => (Allow) C:\program files (x86)\flockmod-tablet\flockmod-tablet.exe
FirewallRules: [{8EC9771C-CCC2-4FF0-8903-F76C4CC0E5B3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\GarrysMod\hl2.exe
FirewallRules: [{2D9D8E52-8584-48AD-9BA3-E9FA65DE2341}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\GarrysMod\hl2.exe
FirewallRules: [{0DFC39C5-CACF-4640-9B9E-294ECE31ACD2}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{21B24435-ECC1-47D0-AA85-6370A4D20E70}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{37C34656-6CB9-46BD-8348-1576CD2793AC}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{BBF4E663-6FA6-4EEE-9DBC-BCC9F9D16833}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{AF91CAE6-7A80-4157-83EE-94CA71E69B1C}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{2522A6AD-247B-4C66-B688-5C0DFEF93DD5}] => (Allow) C:\Program Files\DAUM\PotPlayer\PotPlayerMini64.exe
FirewallRules: [{1F307334-8D8C-42F6-9B9B-3E297A866DE9}] => (Allow) C:\Program Files\DAUM\PotPlayer\PotPlayerMini64.exe
FirewallRules: [{DFCB4AD3-5256-4662-9CD2-F0C8946CAFA3}] => (Allow) C:\Program Files (x86)\Opera\46.0.2597.32\opera.exe
FirewallRules: [{0A1E9E09-8954-461F-B47A-18E73CAE6E9E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Kindergarten\Kindergarten.exe
FirewallRules: [{C5014D75-8BFC-4BFC-8E71-B9ABBCD62B62}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Kindergarten\Kindergarten.exe
FirewallRules: [{A52329E9-7161-471E-A81A-F985DBE97692}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dont_starve\bin\dontstarve_steam.exe
FirewallRules: [{9E0AF4EE-42DE-4E2C-B0C1-883474C9152D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dont_starve\bin\dontstarve_steam.exe
FirewallRules: [{1BC253F7-1982-48DD-89C8-660D14123E27}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\HeroSiege\bin\Hero_Siege.exe
FirewallRules: [{4F5A5ADE-8A3D-4E12-B375-4927A4E043A3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\HeroSiege\bin\Hero_Siege.exe
FirewallRules: [{6A5A05FA-E84E-4FCF-8043-5AE1C7AF0723}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.exe
FirewallRules: [{2D74EB7E-7E8A-409C-8DE7-9B6CD0F89AE2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.x64.exe
FirewallRules: [{AD75F66E-0293-4569-8060-4ED4004755C6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.exe
FirewallRules: [{6FC5DBDB-5BE3-4096-B3C5-01E97EFAF261}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.x64.exe
FirewallRules: [{3527C5A5-B86A-4041-AB4A-85732460478E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Tools\Launcher.exe
FirewallRules: [{ED52AC99-F34F-4F29-A6FA-F88D01466F3F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Tools\RemoteCrashSender.exe
FirewallRules: [{24D908F8-4B8F-4E73-A28F-764F397192A6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.exe
FirewallRules: [{3CB67D12-6C82-4C7C-A2C2-45DEF8039C9B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.x64.exe
FirewallRules: [{F3F12C38-7A0B-4E72-A61B-DF4D6F69BEED}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.exe
FirewallRules: [{7EEFD1BE-93A0-490B-AD43-43C16F727F45}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.x64.exe
FirewallRules: [{7208450B-337F-4DF1-A2A2-AD1525117AC5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Tools\Launcher.exe
FirewallRules: [{CEB0FE71-FFD7-4657-8F1D-898B1FEDDB4F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Tools\RemoteCrashSender.exe
FirewallRules: [{CD858DB8-EDC3-40F5-B6DB-65062C9926C1}] => (Allow) C:\Program Files (x86)\Opera\46.0.2597.46\opera.exe
FirewallRules: [{D7F1AA3D-7711-43F2-B845-CBE9A028809C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Unturned\Unturned_BE.exe
FirewallRules: [{96397AAC-BC7D-4E24-8ACF-BEACBE80EE7C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Unturned\Unturned_BE.exe
FirewallRules: [{EE273B29-7C44-44BC-9379-58E55D82F8F3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Unturned\Unturned.exe
FirewallRules: [{9C7D4B13-C943-4751-9517-BEED1D9B9A38}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Unturned\Unturned.exe
FirewallRules: [{DDB31269-4299-4B33-9F77-DEFE09848C96}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [{4FCA9D04-1FC0-4D6B-98A6-23A743BB887A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [{427BEAD8-24CA-4789-AD93-3A21947E87CE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Don't Starve Together\bin\dontstarve_steam.exe
FirewallRules: [{38912D10-A7AD-4C55-BA7C-26C019009604}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Don't Starve Together\bin\dontstarve_steam.exe

==================== Restore Points =========================


==================== Faulty Device Manager Devices =============

Name: Remote Desktop Device Redirector Bus
Description: Remote Desktop Device Redirector Bus
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: rdpbus
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (07/14/2017 11:01:47 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Activation context generation failed for "C:\Program Files (x86)\Audacity\audacity.exe".Error in manifest or policy file "" on line .
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.953_none_42151e83c686086b.manifest.
Component 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.953_none_89c2555adb023171.manifest.

Error: (07/14/2017 06:26:00 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Activation context generation failed for "C:\Program Files (x86)\Audacity\audacity.exe".Error in manifest or policy file "" on line .
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.953_none_42151e83c686086b.manifest.
Component 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.953_none_89c2555adb023171.manifest.

Error: (07/14/2017 06:25:53 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Activation context generation failed for "C:\Program Files (x86)\Audacity\audacity.exe".Error in manifest or policy file "" on line .
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.953_none_42151e83c686086b.manifest.
Component 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.953_none_89c2555adb023171.manifest.

Error: (07/14/2017 06:18:57 PM) (Source: ATIeRecord) (EventID: 16387) (User: )
Description: ATI EEU Service event error

Error: (07/14/2017 06:17:02 PM) (Source: ATIeRecord) (EventID: 16387) (User: )
Description: ATI EEU Service event error

Error: (07/14/2017 06:16:35 PM) (Source: ATIeRecord) (EventID: 16387) (User: )
Description: ATI EEU Service event error

Error: (07/14/2017 06:10:49 PM) (Source: ATIeRecord) (EventID: 16387) (User: )
Description: ATI EEU Service event error

Error: (07/14/2017 06:10:32 PM) (Source: ATIeRecord) (EventID: 16387) (User: )
Description: ATI EEU Service event error

Error: (07/14/2017 06:10:17 PM) (Source: ATIeRecord) (EventID: 16387) (User: )
Description: ATI EEU Service event error

Error: (07/14/2017 06:09:40 PM) (Source: ATIeRecord) (EventID: 16387) (User: )
Description: ATI EEU Service event error


System errors:
=============
Error: (07/14/2017 06:23:47 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 6:22:07 PM on ‎7/‎14/‎2017 was unexpected.

Error: (07/14/2017 04:40:24 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (07/14/2017 12:40:19 AM) (Source: DCOM) (EventID: 10000) (User: NICK)
Description: Unable to start a DCOM Server: {063D34A4-BF84-4B8D-B699-E8CA06504DDE}. The error:
"740"
Happened while starting this command:
"C:\Program Files\iPod\bin\iPodService.exe" -Embedding

Error: (07/13/2017 10:54:11 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (07/13/2017 08:50:26 AM) (Source: volsnap) (EventID: 36) (User: )
Description: The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.

Error: (07/13/2017 08:41:27 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (07/13/2017 05:07:02 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 5:05:32 AM on ‎7/‎13/‎2017 was unexpected.

Error: (07/13/2017 05:01:39 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has stopped unexpectedly.

Module Path: C:\WINDOWS\system32\Rtlihvs.dll

Error: (07/13/2017 05:01:39 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has stopped unexpectedly.

Module Path: C:\WINDOWS\system32\Rtlihvs.dll

Error: (07/13/2017 05:01:32 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has stopped unexpectedly.

Module Path: C:\WINDOWS\system32\Rtlihvs.dll


CodeIntegrity:
===================================
Date: 2017-05-13 11:02:37.268
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2017-05-13 11:02:37.246
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2017-05-02 09:42:35.260
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\amdihk64.dll that did not meet the Store signing level requirements.

Date: 2017-04-27 16:05:17.906
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\amdihk64.dll that did not meet the Store signing level requirements.

Date: 2017-03-28 12:56:20.807
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\amdihk64.dll that did not meet the Store signing level requirements.

Date: 2017-03-28 12:56:20.525
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\amdihk64.dll that did not meet the Store signing level requirements.


==================== Memory info ===========================

Processor: AMD A6-5200 APU with Radeon(TM) HD Graphics
Percentage of memory in use: 79%
Total physical RAM: 3537.01 MB
Available physical RAM: 714.1 MB
Total Virtual: 6333.77 MB
Available Virtual: 2089.35 MB

==================== Drives ================================

Drive c: (Windows) (Fixed) (Total:444.61 GB) (Free:82.41 GB) NTFS
Drive d: (RECOVERY) (Fixed) (Total:20.06 GB) (Free:2.34 GB) NTFS ==>[system with boot components (obtained from drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 7198C9C0)

Partition: GPT.

==================== End of Addition.txt ============================

 

[Broni]

Download attached fixlist.txt file and save it to the Desktop.
NOTE. It's important that both files, FRST and fixlist.txt are in the same location or the fix will not work.

NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

Run FRST(FRST64) and press the Fix button just once and wait.
The tool will make a log on the Desktop (Fixlog.txt). Please post it to your reply.

 

[Balanced]

Fix result of Farbar Recovery Scan Tool (x64) Version: 15-07-2017
Ran by Nick (15-07-2017 23:53:49) Run:1
Running from C:\Users\Nick\Downloads
Loaded Profiles: Nick (Available Profiles: Nick & Banana)
Boot Mode: Normal
==============================================

fixlist content:
*****************
HKU\S-1-5-21-1919207557-622674961-3464858116-1002\...\Run: [AdobeBridge] => [X]
AppInit_DLLs: prio.dll => No File
AppInit_DLLs-x32: prio32.dll => No File
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
2017-03-18 22:36 - 2017-03-18 22:40 - 0000132 _____ () C:\Users\Nick\AppData\Roaming\Adobe GIF Format CS6 Prefs
2016-11-17 17:40 - 2017-05-06 13:12 - 0000132 _____ () C:\Users\Nick\AppData\Roaming\Adobe PNG Format CS6 Prefs
2017-07-12 19:28 - 2017-07-12 19:28 - 0001144 _____ () C:\Users\Nick\AppData\Roaming\PureRef.ini
2016-07-22 18:12 - 2016-02-17 23:30 - 15384576 _____ () C:\Users\Nick\AppData\Roaming\Sandra.mdb
2017-03-23 18:30 - 2017-03-23 18:45 - 0001456 _____ () C:\Users\Nick\AppData\Local\Adobe Save for Web 13.0 Prefs
2016-04-23 18:12 - 2016-04-23 18:12 - 0000218 _____ () C:\Users\Nick\AppData\Local\recently-used.xbel
2017-06-04 22:35 - 2017-06-04 22:35 - 0000060 _____ () C:\ProgramData\SoftwareUpdateTemp.xml
2017-07-04 17:06 - 2017-07-04 17:06 - 0510848 _____ (Sysinternals - www.sysinternals.com) C:\Users\Nick\AppData\Local\Temp\DGPSOD.exe
2017-07-10 20:15 - 2016-11-11 06:13 - 1886344 _____ (Microsoft Corporation) C:\Users\Nick\AppData\Local\Temp\dllnt_dump.dll
2017-04-26 06:11 - 2017-04-26 06:11 - 1292712 _____ (Bandisoft.com) C:\Users\Nick\AppData\Local\Temp\HVShell64.dll
2017-05-16 18:44 - 2017-06-24 03:48 - 58684896 _____ (Skype Technologies S.A.) C:\Users\Nick\AppData\Local\Temp\SkypeSetup.exe
2017-07-04 17:00 - 2017-07-04 17:00 - 0424832 _____ (Sysinternals - www.sysinternals.com) C:\Users\Nick\AppData\Local\Temp\YATBLN.exe
CustomCLSID: HKU\S-1-5-21-1919207557-622674961-3464858116-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07152017023854162_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-AD1CF0E732C5}\InprocServer32 -> %%systemroot%%\system32\shell32.dll => No File
CustomCLSID: HKU\S-1-5-21-1919207557-622674961-3464858116-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07152017023854162_Classes\CLSID\{9B6D38F3-8EF4-48A5-AD30-FFFFFFFFFFFF}\InprocServer32 -> C:\Program Files\Honeyview\HVShell64.dll => No File
CustomCLSID: HKU\S-1-5-21-1919207557-622674961-3464858116-1002_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-AD1CF0E732C5}\InprocServer32 -> %%systemroot%%\system32\shell32.dll => No File
CustomCLSID: HKU\S-1-5-21-1919207557-622674961-3464858116-1002_Classes\CLSID\{9B6D38F3-8EF4-48A5-AD30-FFFFFFFFFFFF}\InprocServer32 -> C:\Program Files\Honeyview\HVShell64.dll => No File
ContextMenuHandlers01: [0HVContext] -> {9B6D38F3-8EF4-48A5-AD30-FFFFFFFFFFFF} => C:\Program Files\Honeyview\HVShell64.dll -> No File
ContextMenuHandlers01: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File
ContextMenuHandlers01: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => -> No File
ContextMenuHandlers04: [0HVContext] -> {9B6D38F3-8EF4-48A5-AD30-FFFFFFFFFFFF} => C:\Program Files\Honeyview\HVShell64.dll -> No File
ContextMenuHandlers06: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => -> No File
ContextMenuHandlers1_S-1-5-21-1919207557-622674961-3464858116-1002: [0HVContext] -> {9B6D38F3-8EF4-48A5-AD30-FFFFFFFFFFFF} => C:\Program Files\Honeyview\HVShell64.dll -> No File
ContextMenuHandlers4_S-1-5-21-1919207557-622674961-3464858116-1002: [0HVContext] -> {9B6D38F3-8EF4-48A5-AD30-FFFFFFFFFFFF} => C:\Program Files\Honeyview\HVShell64.dll -> No File
HKU\S-1-5-21-1919207557-622674961-3464858116-1002\Software\Classes\exefile: "%1" %* <==== ATTENTION
HKU\S-1-5-21-1919207557-622674961-3464858116-1002\Software\Classes\.exe: exefile => "%1" %* <==== ATTENTION

*****************

HKU\S-1-5-21-1919207557-622674961-3464858116-1002\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeBridge => value removed successfully
"prio.dll" => Value data removed successfully.
"prio32.dll" => Value data removed successfully.
HKLM\SOFTWARE\Policies\Google => key removed successfully
C:\Users\Nick\AppData\Roaming\Adobe GIF Format CS6 Prefs => moved successfully
C:\Users\Nick\AppData\Roaming\Adobe PNG Format CS6 Prefs => moved successfully
C:\Users\Nick\AppData\Roaming\PureRef.ini => moved successfully
C:\Users\Nick\AppData\Roaming\Sandra.mdb => moved successfully
C:\Users\Nick\AppData\Local\Adobe Save for Web 13.0 Prefs => moved successfully
C:\Users\Nick\AppData\Local\recently-used.xbel => moved successfully
C:\ProgramData\SoftwareUpdateTemp.xml => moved successfully
C:\Users\Nick\AppData\Local\Temp\DGPSOD.exe => moved successfully
C:\Users\Nick\AppData\Local\Temp\dllnt_dump.dll => moved successfully
C:\Users\Nick\AppData\Local\Temp\HVShell64.dll => moved successfully
C:\Users\Nick\AppData\Local\Temp\SkypeSetup.exe => moved successfully
C:\Users\Nick\AppData\Local\Temp\YATBLN.exe => moved successfully
CustomCLSID: HKU\S-1-5-21-1919207557-622674961-3464858116-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07152017023854162_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-AD1CF0E732C5}\InprocServer32 -> %%systemroot%%\system32\shell32.dll => No File => Error: No automatic fix found for this entry.
CustomCLSID: HKU\S-1-5-21-1919207557-622674961-3464858116-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07152017023854162_Classes\CLSID\{9B6D38F3-8EF4-48A5-AD30-FFFFFFFFFFFF}\InprocServer32 -> C:\Program Files\Honeyview\HVShell64.dll => No File => Error: No automatic fix found for this entry.
HKU\S-1-5-21-1919207557-622674961-3464858116-1002_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-AD1CF0E732C5} => key removed successfully
HKU\S-1-5-21-1919207557-622674961-3464858116-1002_Classes\CLSID\{9B6D38F3-8EF4-48A5-AD30-FFFFFFFFFFFF} => key removed successfully
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\0HVContext => key removed successfully
HKLM\Software\Classes\CLSID\{9B6D38F3-8EF4-48A5-AD30-FFFFFFFFFFFF} => key removed successfully
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\ANotepad++64 => key removed successfully
HKLM\Software\Classes\CLSID\{B298D29A-A6ED-11DE-BA8C-A68E55D89593} => key not found.
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\WinRAR32 => key removed successfully
HKLM\Software\Classes\CLSID\{B41DB860-8EE4-11D2-9906-E49FADC173CA} => key not found.
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\0HVContext => key removed successfully
HKLM\Software\Classes\CLSID\{9B6D38F3-8EF4-48A5-AD30-FFFFFFFFFFFF} => key not found.
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\WinRAR32 => key removed successfully
HKLM\Software\Classes\CLSID\{B41DB860-8EE4-11D2-9906-E49FADC173CA} => key not found.
HKU\S-1-5-21-1919207557-622674961-3464858116-1002\Software\Classes\*\ShellEx\ContextMenuHandlers\0HVContext => key removed successfully
HKU\S-1-5-21-1919207557-622674961-3464858116-1002\SOFTWARE\Classes\CLSID\{9B6D38F3-8EF4-48A5-AD30-FFFFFFFFFFFF} => key not found.
HKU\S-1-5-21-1919207557-622674961-3464858116-1002\Software\Classes\Directory\ShellEx\ContextMenuHandlers\0HVContext => key removed successfully
HKU\S-1-5-21-1919207557-622674961-3464858116-1002\SOFTWARE\Classes\CLSID\{9B6D38F3-8EF4-48A5-AD30-FFFFFFFFFFFF} => key not found.
HKU\S-1-5-21-1919207557-622674961-3464858116-1002\Software\Classes\exefile => key removed successfully
HKU\S-1-5-21-1919207557-622674961-3464858116-1002\Software\Classes\.exe => key removed successfully

==== End of Fixlog 23:54:28 ====

 

[Broni]

Last scans...

Download Security Check from here or here and save it to your Desktop.

• Double-click SecurityCheck.exe
• Follow the onscreen instructions inside of the black box.
• A Notepad document should open automatically called checkup.txt; please post the contents of that document.

NOTE 1. If one of your security applications (e.g., third-party firewall) requests permission to allow DIG.EXE access the Internet, allow it to do so.
NOTE 2. SecurityCheck may produce some false warning(s), so leave the results reading to me.
NOTE 3. If you receive UNSUPPORTED OPERATING SYSTEM! ABORTED! message restart computer and Security Check should run

Please download Farbar Service Scanner (FSS) and run it on the computer with the issue.
Make sure the following options are checked:

• Internet Services
• Windows Firewall
• System Restore
• Security Center
• Windows Update
• Windows Defender
• Other Services

Press "Scan".
It will create a log (FSS.txt) in the same directory the tool is run.
Please copy and paste the log to your reply.

Download Temp File Cleaner (TFC)
Alternate download: http://www.itxassociates.com/OT-Tools/TFC.exe

• Double click on TFC.exe to run the program.
• Click on Start button to begin cleaning process.
• TFC will close all running programs, and it may ask you to restart computer.

Download Sophos Free Virus Removal Tool and save it to your desktop.

• Double click the icon and select Run
• Click Next
• Select I accept the terms in this license agreement, then click Next twice
• Click Install
• Click Finish to launch the program
• Once the virus database has been updated click Start Scanning
• If any threats are found click Details, then View log file... (bottom left hand corner)
• Copy and paste the results in your reply
• Close the Notepad document, close the Threat Details screen, then click Start cleanup
• Click Exit to close the program