-
March 24th, 2017, 02:51 PM
#1
Malware problem computer workings slowly. There are processes that i didn't install.
I have opened my computer after long time found out that it is infected. There are processes that I didn't do anything to install such as "domino.exe" "vmsnap3.exe" I used malwarebytes anti-rootkit I get the error "The system volume seems inaccessible or encrypted. Scan can't continue."
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 15-03-2017
Ran by Asce (administrator) on FIRE_FIST (24-03-2017 14:08:41)
Running from C:\Users\Asce\Desktop
Loaded Profiles: Asce & (Available Profiles: Asce)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Opera)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic...ery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SbieSvc.exe
(AMD) C:\Windows\System32\atieclxx.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgwdsvcx.exe
() C:\Program Files (x86)\Gigabyte\EnergySaver2\des2svr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Hi-Rez Studios) C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
() C:\Windows\SysWOW64\XSrvSetup.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(SoftEther VPN Project at University of Tsukuba, Japan.) C:\Program Files\SoftEther VPN Client\vpnclient_x64.exe
(Gigabyte Technology CO., LTD.) C:\Program Files (x86)\Gigabyte\smart6\timelock\TimeMgmtDaemon.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(AVG Secure Search) C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\3.5.0\ToolbarUpdater.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
() C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\3.5.0\loggingserver.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(SoftEther VPN Project at University of Tsukuba, Japan.) C:\Program Files\SoftEther VPN Client\vpnclient_x64.exe
(Logitech Inc.) C:\Program Files\Logitech\Gaming Software\LWEMon.exe
(Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SbieCtrl.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgui.exe
() C:\Program Files (x86)\AVG Web TuneUp\vprot.exe
(NEC Electronics Corporation) C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(InstallShield Software Corporation) C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe
() C:\Users\Asce\AppData\Local\MalwareProtectionLive\MalwareProtectionClient.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\MOM.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avguix.exe
(Gigabyte Technology CO., LTD.) C:\Program Files (x86)\Gigabyte\smart6\timelock\AlarmClock.exe
(ATI Technologies Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\CCC.exe
() C:\Program Files\Sublime Text 3\sublime_text.exe
(Blizzard Entertainment) C:\Program Files (x86)\Battle.net\Battle.net.8554\Battle.net.exe
(Valve Corporation) C:\Steam\Steam.exe
() C:\Program Files (x86)\Battle.net\Battle.net.8554\Battle.net Helper.exe
(Valve Corporation) C:\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Valve Corporation) C:\Steam\bin\steamwebhelper.exe
(Opera Software) C:\Program Files (x86)\Opera\42.0.2393.137\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\42.0.2393.137\opera_crashreporter.exe
(Opera Software) C:\Program Files (x86)\Opera\42.0.2393.137\opera.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Opera Software) C:\Program Files (x86)\Opera\42.0.2393.137\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\42.0.2393.137\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\42.0.2393.137\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\42.0.2393.137\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\42.0.2393.137\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\42.0.2393.137\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\42.0.2393.137\opera.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Opera Software) C:\Program Files (x86)\Opera\42.0.2393.137\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\42.0.2393.137\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\42.0.2393.137\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\42.0.2393.137\opera.exe
(Malwarebytes Corp.) C:\Users\Asce\Downloads\mbar-1.09.3.1001.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Malwarebytes) C:\Users\Asce\Desktop\mbar\mbar.exe
(Opera Software) C:\Program Files (x86)\Opera\42.0.2393.137\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\42.0.2393.137\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\42.0.2393.137\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\42.0.2393.137\opera.exe
(Blizzard Entertainment) C:\ProgramData\Battle.net\Agent\Agent.5485\Agent.exe
(Opera Software) C:\Program Files (x86)\Opera\42.0.2393.137\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\42.0.2393.137\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\42.0.2393.137\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\42.0.2393.137\opera.exe
() C:\Program Files (x86)\Battle.net\Battle.net.8554\Battle.net Helper.exe
(Opera Software) C:\Program Files (x86)\Opera\42.0.2393.137\opera.exe
==================== Registry (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [10464536 2014-07-02] (Logitech Inc.)
HKLM\...\Run: [VMSnap3] => C:\Windows\VMSnap3.exe [49152 2006-07-18] (Vimicro)
HKLM\...\Run: [Domino] => C:\Windows\Domino.exe [49152 2006-07-04] ()
HKLM\...\Run: [SoftEther VPN Client UI Helper] => C:\Program Files\SoftEther VPN Client\vpnclient_x64.exe [5189176 2015-05-02] (SoftEther VPN Project at University of Tsukuba, Japan.)
HKLM\...\Run: [Start WingMan Profiler] => C:\Program Files\Logitech\Gaming Software\LWEMon.exe [190536 2010-06-14] (Logitech Inc.)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2787264 2016-01-23] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => "C:\Windows\system32\rundll32.exe" C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [Malwarebytes TrayApp] => C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [2780112 2017-01-20] (Malwarebytes)
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\Av\avgui.exe [3855272 2015-11-20] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [vProt] => C:\Program Files (x86)\AVG Web TuneUp\vprot.exe [2569104 2015-12-11] ()
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2014-11-20] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [JMB36X IDE Setup] => C:\Windows\RaidTool\xInsIDE.exe [43632 2010-01-19] ()
HKLM-x32\...\Run: [NUSB3MON] => C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [106496 2009-11-20] (NEC Electronics Corporation)
HKLM-x32\...\Run: [ISUSScheduler] => C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe [81920 2005-02-17] (InstallShield Software Corporation)
HKLM-x32\...\Run: [EasyTuneVI] => C:\Program Files (x86)\GIGABYTE\ET6\ETcall.exe [20480 2007-07-26] ()
HKLM-x32\...\Run: [SoliCallPro] => C:\Program Files (x86)\SoliCall\bin\SoliCall_Pro.exe [1940584 2015-05-30] ()
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [5565448 2015-11-12] (LogMeIn Inc.)
HKLM-x32\...\Run: [AvgUi] => C:\Program Files (x86)\AVG\Framework\Common\avguix.exe [1139112 2015-12-08] (AVG Technologies CZ, s.r.o.)
HKU\S-1-5-21-1292172697-4276861399-4271014393-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
HKU\S-1-5-21-1292172697-4276861399-4271014393-1000\...\Run: [Octoshape Streaming Services] => C:\Users\Asce\AppData\Roaming\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe [107800 2011-03-24] (Octoshape ApS)
HKU\S-1-5-21-1292172697-4276861399-4271014393-1000\...\Run: [f.lux] => C:\Users\Asce\AppData\Local\FluxSoftware\Flux\flux.exe [1017224 2013-10-24] (Flux Software LLC)
HKU\S-1-5-21-1292172697-4276861399-4271014393-1000\...\Run: [GNE_SwapScreen] => C:\Users\Asce\Desktop\SwapScreen.exe
HKU\S-1-5-21-1292172697-4276861399-4271014393-1000\...\Run: [Voobly] => C:\Program Files (x86)\Voobly\voobly.exe [159744 2015-01-19] (Voobly)
HKU\S-1-5-21-1292172697-4276861399-4271014393-1000\...\Run: [ISUSPM Startup] => C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe [221184 2005-02-17] (InstallShield Software Corporation)
HKU\S-1-5-21-1292172697-4276861399-4271014393-1000\...\Run: [SandboxieControl] => C:\Program Files\Sandboxie\SbieCtrl.exe [787592 2015-05-28] (Sandboxie Holdings, LLC)
HKU\S-1-5-21-1292172697-4276861399-4271014393-1000\...\Run: [Steam] => C:\Steam\steam.exe [3013200 2016-01-02] (Valve Corporation)
HKU\S-1-5-21-1292172697-4276861399-4271014393-1000\...\Run: [Spotify Web Helper] => C:\Users\Asce\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2346096 2015-12-17] (Spotify Ltd)
HKU\S-1-5-21-1292172697-4276861399-4271014393-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [50378880 2015-12-17] (Skype Technologies S.A.)
HKU\S-1-5-21-1292172697-4276861399-4271014393-1000\...\Run: [GoogleChromeAutoLaunch_869D1C098422C3FF363196C3B970F3FA] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [945496 2017-02-01] (Google Inc.)
HKU\S-1-5-21-1292172697-4276861399-4271014393-1000\...\MountPoints2: {03f5a58e-0cdf-11e4-9364-fa05310c68ca} - F:\AutoRun.exe
HKU\S-1-5-21-1292172697-4276861399-4271014393-1000\...\MountPoints2: {10963882-1014-11e4-ba5d-c05a936a09ba} - F:\setup.exe
HKU\S-1-5-21-1292172697-4276861399-4271014393-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
HKU\S-1-5-21-1292172697-4276861399-4271014393-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Octoshape Streaming Services] => C:\Users\Asce\AppData\Roaming\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe [107800 2011-03-24] (Octoshape ApS)
HKU\S-1-5-21-1292172697-4276861399-4271014393-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [f.lux] => C:\Users\Asce\AppData\Local\FluxSoftware\Flux\flux.exe [1017224 2013-10-24] (Flux Software LLC)
HKU\S-1-5-21-1292172697-4276861399-4271014393-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [GNE_SwapScreen] => C:\Users\Asce\Desktop\SwapScreen.exe
HKU\S-1-5-21-1292172697-4276861399-4271014393-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Voobly] => C:\Program Files (x86)\Voobly\voobly.exe [159744 2015-01-19] (Voobly)
HKU\S-1-5-21-1292172697-4276861399-4271014393-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [ISUSPM Startup] => C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe [221184 2005-02-17] (InstallShield Software Corporation)
HKU\S-1-5-21-1292172697-4276861399-4271014393-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [SandboxieControl] => C:\Program Files\Sandboxie\SbieCtrl.exe [787592 2015-05-28] (Sandboxie Holdings, LLC)
HKU\S-1-5-21-1292172697-4276861399-4271014393-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Steam] => C:\Steam\steam.exe [3013200 2016-01-02] (Valve Corporation)
HKU\S-1-5-21-1292172697-4276861399-4271014393-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Spotify Web Helper] => C:\Users\Asce\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2346096 2015-12-17] (Spotify Ltd)
HKU\S-1-5-21-1292172697-4276861399-4271014393-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [50378880 2015-12-17] (Skype Technologies S.A.)
HKU\S-1-5-21-1292172697-4276861399-4271014393-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [GoogleChromeAutoLaunch_869D1C098422C3FF363196C3B970F3FA] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [945496 2017-02-01] (Google Inc.)
HKU\S-1-5-21-1292172697-4276861399-4271014393-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {03f5a58e-0cdf-11e4-9364-fa05310c68ca} - F:\AutoRun.exe
HKU\S-1-5-21-1292172697-4276861399-4271014393-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {10963882-1014-11e4-ba5d-c05a936a09ba} - F:\setup.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\CheVolume.lnk [2015-06-03]
ShortcutTarget: CheVolume.lnk -> C:\Program Files (x86)\WellWeWeb\CheVolume\CheVolume.exe (WellWeWeb)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SoftEther VPN Client Manager Startup.lnk [2015-05-02]
ShortcutTarget: SoftEther VPN Client Manager Startup.lnk -> C:\Program Files\SoftEther VPN Client\vpncmgr_x64.exe (SoftEther VPN Project at University of Tsukuba, Japan.)
GroupPolicy: Restriction <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
ProxyServer: [S-1-5-21-1292172697-4276861399-4271014393-1000] => 37.239.46.50:80
ProxyServer: [S-1-5-21-1292172697-4276861399-4271014393-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0] => 37.239.46.50:80
Tcpip\Parameters: [DhcpNameServer] 139.179.30.24 139.179.10.13
Tcpip\..\Interfaces\{002F3112-3E11-4216-8254-E6C7BFD34FE5}: [DhcpNameServer] 85.25.83.11 8.8.8.8
Tcpip\..\Interfaces\{0A87EDDF-4DA3-45DE-9CF4-4DF1736A9197}: [DhcpNameServer] 85.25.83.11 8.8.8.8
Tcpip\..\Interfaces\{0BE02F3D-1738-4A38-ABA4-74E12809B258}: [DhcpNameServer] 85.25.83.11 8.8.8.8
Tcpip\..\Interfaces\{60B144C7-C780-4A62-8526-3B93ADD31C4A}: [DhcpNameServer] 85.25.83.11 8.8.8.8
Tcpip\..\Interfaces\{A31C4A9E-95FD-4295-92BE-02C9E1287228}: [DhcpNameServer] 85.25.83.11 8.8.8.8
Tcpip\..\Interfaces\{D38BF8D7-4BA9-4FB1-B438-564050461773}: [DhcpNameServer] 85.25.83.11 8.8.8.8
Tcpip\..\Interfaces\{DA2D582E-7FDF-4CC8-A295-2DB4EC3588B7}: [DhcpNameServer] 139.179.30.24 139.179.10.13
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKU\S-1-5-21-1292172697-4276861399-4271014393-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.yandex.com.tr/?clid=1818323
HKU\S-1-5-21-1292172697-4276861399-4271014393-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://tr.msn.com/?rd=1&ucc=TR&dcc=TR&opt=0&ocid=iehp
HKU\S-1-5-21-1292172697-4276861399-4271014393-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.yandex.com.tr/?clid=1818323
HKU\S-1-5-21-1292172697-4276861399-4271014393-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://tr.msn.com/?rd=1&ucc=TR&dcc=TR&opt=0&ocid=iehp
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\ssv.dll [2015-03-28] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\jp2ssv.dll [2015-03-28] (Oracle Corporation)
Handler-x32: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\3.5.0\ViProtocol.dll [2015-12-11] (AVG Secure Search)
FireFox:
========
FF HKU\S-1-5-21-1292172697-4276861399-4271014393-1000\...\SeaMonkey\Extensions: [mozilla_cc2@internetdownloadmanager.com] - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi => not found
FF HKU\S-1-5-21-1292172697-4276861399-4271014393-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\SeaMonkey\Extensions: [mozilla_cc2@internetdownloadmanager.com] - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi => not found
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_25_0_0_127.dll [2017-03-24] ()
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_25_0_0_127.dll [2017-03-24] ()
FF Plugin-x32: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\3.5.0\\npsitesafety.dll [No File]
FF Plugin-x32: @java.com/DTPlugin,version=11.40.2 -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\dtplugin\npDeployJava1.dll [2015-03-28] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.40.2 -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\plugin2\npjp2.dll [2015-03-28] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\4.0.60310.0\npctrl.dll [2011-03-09] ( Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-01-23] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-01-23] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2020-04-03] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2020-04-03] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-09-27] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1292172697-4276861399-4271014393-1000: @octoshape.com/Octoshape Streaming Services,version=1.0 -> C:\Users\Asce\AppData\Roaming\Octoshape\Octoshape Streaming Services\sua-1702150-0-npoctoshape.dll [2017-02-15] (Octoshape ApS)
FF Plugin HKU\S-1-5-21-1292172697-4276861399-4271014393-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0: @octoshape.com/Octoshape Streaming Services,version=1.0 -> C:\Users\Asce\AppData\Roaming\Octoshape\Octoshape Streaming Services\sua-1702150-0-npoctoshape.dll [2017-02-15] (Octoshape ApS)
FF Plugin ProgramFiles/Appdata: C:\Users\Asce\AppData\Roaming\mozilla\plugins\npoctoshape.dll [2014-07-30] (Octoshape ApS)
Chrome:
=======
CHR DefaultProfile: Default
CHR StartupUrls: Default -> "hxxp://www.google.com.tr/"
CHR Session Restore: Default -> is enabled.
CHR Profile: C:\Users\Asce\AppData\Local\Google\Chrome\User Data\Default [2017-03-24]
CHR Extension: (Google Translate) - C:\Users\Asce\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2015-11-18]
CHR Extension: (Google Docs) - C:\Users\Asce\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-05]
CHR Extension: (Google Drive) - C:\Users\Asce\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-23]
CHR Extension: (YouTube) - C:\Users\Asce\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-25]
CHR Extension: (Google Search) - C:\Users\Asce\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-28]
CHR Extension: (imgur Extension by Metronomik) - C:\Users\Asce\AppData\Local\Google\Chrome\User Data\Default\Extensions\ehoopddfhgaehhmphfcooacjdpmbjlao [2017-03-24]
CHR Extension: (ZenMate VPN - Best Cyber Security & Unblock) - C:\Users\Asce\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdcgdnkidjaadafnichfpabhfomcebme [2017-03-24]
CHR Extension: (Google Docs Offline) - C:\Users\Asce\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-03-24]
CHR Extension: (AdBlock) - C:\Users\Asce\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2017-03-24]
CHR Extension: (Document online) - C:\Users\Asce\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcdogoocenkoogpajficlnleblfoelph [2015-09-25]
CHR Extension: (Reddit Enhancement Suite) - C:\Users\Asce\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbmfpngjjgdllneeigpgjifpgocmfgmb [2017-03-24]
CHR Extension: (TwitchAlerts Stream Labels) - C:\Users\Asce\AppData\Local\Google\Chrome\User Data\Default\Extensions\kgmggmdngboajiakmbpdknfpdelbjbcg [2017-03-24]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Asce\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-03-24]
CHR Extension: (Hover Zoom) - C:\Users\Asce\AppData\Local\Google\Chrome\User Data\Default\Extensions\nonjdcjchghhkdoolnlbekcfllmednbl [2017-03-24]
CHR Extension: (Enhanced Steam) - C:\Users\Asce\AppData\Local\Google\Chrome\User Data\Default\Extensions\okadibdjfemgnhjiembecghcbfknbfhg [2017-03-24]
CHR Extension: (Gmail) - C:\Users\Asce\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-29]
CHR Extension: (Chrome Media Router) - C:\Users\Asce\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-03-24]
CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx <not found>
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 AppleChargerSrv; C:\Windows\System32\AppleChargerSrv.exe [31272 2010-04-06] ()
S3 AvgAMPS; C:\Program Files (x86)\AVG\Av\avgamps.exe [615584 2015-11-20] (AVG Technologies CZ, s.r.o.)
S2 AVGIDSAgent; C:\Program Files (x86)\AVG\Av\avgidsagent.exe [3857272 2015-11-20] (AVG Technologies CZ, s.r.o.)
R2 avgsvc; C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe [1049000 2015-12-08] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\Av\avgwdsvcx.exe [579776 2015-11-20] (AVG Technologies CZ, s.r.o.)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1257504 2015-12-03] ()
R2 DES2 Service; C:\Program Files (x86)\Gigabyte\EnergySaver2\des2svr.exe [68136 2009-06-17] ()
S3 EasyAntiCheat; C:\Windows\SysWOW64\EasyAntiCheat.exe [236832 2015-12-25] (EasyAntiCheat Ltd)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1163200 2016-01-23] (NVIDIA Corporation)
U2 HiPatchService; C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [8704 2015-09-02] (Hi-Rez Studios) [File not signed]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-03] (Macrovision Corporation) [File not signed]
R2 JMB36X; C:\Windows\SysWOW64\XSrvSetup.exe [72304 2010-01-19] ()
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [417552 2015-11-12] (LogMeIn, Inc.)
S2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4355024 2017-01-20] (Malwarebytes)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1879488 2016-01-23] (NVIDIA Corporation)
R3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [6308288 2016-01-23] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [4812736 2016-01-23] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2104840 2015-12-08] (Electronic Arts)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76152 2015-10-08] ()
R2 SbieSvc; C:\Program Files\Sandboxie\SbieSvc.exe [176264 2015-05-28] (Sandboxie Holdings, LLC)
R2 SEVPNCLIENT; C:\Program Files\SoftEther VPN Client\vpnclient_x64.exe [5189176 2015-05-02] (SoftEther VPN Project at University of Tsukuba, Japan.)
R2 Smart TimeLock; C:\Program Files (x86)\GIGABYTE\Smart6\Timelock\TimeMgmtDaemon.exe [114688 2009-10-13] (Gigabyte Technology CO., LTD.) [File not signed]
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5491984 2015-05-20] (TeamViewer GmbH)
R2 vToolbarUpdater3.5.0; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\3.5.0\ToolbarUpdater.exe [1829776 2015-12-11] (AVG Secure Search)
S2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R1 AppleCharger; C:\Windows\System32\DRIVERS\AppleCharger.sys [21544 2010-04-22] ()
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [184240 2015-11-06] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [313776 2015-11-06] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [298416 2015-08-20] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [284080 2015-10-21] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [398256 2015-08-14] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [256432 2015-11-06] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [42416 2015-08-10] (AVG Technologies CZ, s.r.o.)
R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [302000 2015-10-08] (AVG Technologies CZ, s.r.o.)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-07-20] (Disc Soft Ltd)
R3 LGSHidFilt; C:\Windows\System32\DRIVERS\LGSHidFilt.Sys [64280 2013-05-30] (Logitech Inc.)
R2 mbamchameleon; C:\Windows\system32\drivers\mbamchameleon.sys [109272 2017-03-24] (Malwarebytes)
R3 MBAMProtection; C:\Windows\system32\drivers\mbam.sys [43968 2017-03-24] (Malwarebytes)
S3 msvad_simple; C:\Windows\System32\solicall.sys [40664 2010-10-30] (SoliCall)
R3 Neo_braz; C:\Windows\System32\DRIVERS\Neo_0005.sys [28640 2015-05-02] (SoftEther VPN Project at University of Tsukuba, Japan.)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [26560 2016-01-23] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [47760 2015-12-18] (NVIDIA Corporation)
R3 SbieDrv; C:\Program Files\Sandboxie\SbieDrv.sys [188552 2015-05-28] (Sandboxie Holdings, LLC)
S3 VASDeviceDrm; C:\Windows\System32\drivers\vasdDev.sys [1454896 2015-07-21] (ShiningMorning Inc.)
S3 vvftav303; C:\Windows\System32\drivers\vvftav303.sys [308096 2007-06-23] (Vimicro Corporation)
S3 ZSMC0303; C:\Windows\System32\Drivers\usbVM303.sys [1494656 2007-03-25] (Vimicro Corporation)
S3 IntcAzAudAddService; system32\drivers\RTKVHD64.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2020-04-03 08:39 - 2020-04-03 08:41 - 00524288 ___SH C:\Users\Asce\ntuser.dat{da51557c-7575-11ea-8411-00aca320a6d8}.TMContainer00000000000000000002.regtrans-ms
2020-04-03 08:39 - 2020-04-03 08:41 - 00524288 ___SH C:\Users\Asce\ntuser.dat{da51557c-7575-11ea-8411-00aca320a6d8}.TMContainer00000000000000000001.regtrans-ms
2020-04-03 08:39 - 2020-04-03 08:41 - 00065536 ___SH C:\Users\Asce\ntuser.dat{da51557c-7575-11ea-8411-00aca320a6d8}.TM.blf
2017-03-24 14:08 - 2017-03-24 14:09 - 00029678 _____ C:\Users\Asce\Desktop\FRST.txt
2017-03-24 14:08 - 2017-03-24 14:08 - 00000000 ____D C:\FRST
2017-03-24 14:08 - 2011-06-26 08:45 - 00256000 _____ C:\Windows\PEV.exe
2017-03-24 14:08 - 2010-11-07 19:20 - 00208896 _____ C:\Windows\MBR.exe
2017-03-24 14:08 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2017-03-24 14:08 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2017-03-24 14:08 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2017-03-24 14:08 - 2000-08-31 02:00 - 00098816 _____ C:\Windows\sed.exe
2017-03-24 14:08 - 2000-08-31 02:00 - 00080412 _____ C:\Windows\grep.exe
2017-03-24 14:08 - 2000-08-31 02:00 - 00068096 _____ C:\Windows\zip.exe
2017-03-24 14:07 - 2017-03-24 14:08 - 00000000 ___SD C:\ComboFix
2017-03-24 13:05 - 2017-03-24 13:05 - 02424832 _____ (Farbar) C:\Users\Asce\Desktop\FRST64.exe
2017-03-24 12:58 - 2017-03-24 14:07 - 00000000 ____D C:\Qoobox
2017-03-24 12:57 - 2017-03-24 14:07 - 00000000 ___SD C:\32788R22FWJFW
2017-03-24 12:57 - 2017-03-24 12:57 - 05659269 ____R (Swearware) C:\Users\Asce\Downloads\ComboFix.exe
2017-03-24 12:57 - 2017-03-24 12:57 - 00000000 ____D C:\Windows\erdnt
2017-03-24 12:38 - 2017-03-24 12:38 - 00000880 _____ C:\Users\Public\Desktop\Overwatch.lnk
2017-03-24 12:38 - 2017-03-24 12:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Overwatch
2017-03-24 12:10 - 2017-03-24 12:12 - 00082208 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys
2017-03-24 12:10 - 2017-03-24 12:10 - 00111544 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt.sys
2017-03-24 12:10 - 2017-03-24 12:10 - 00043968 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2017-03-24 12:09 - 2017-03-24 13:59 - 00000000 ____D C:\Users\Asce\Desktop\mbar
2017-03-24 12:09 - 2017-03-24 13:59 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2017-03-24 12:09 - 2017-03-24 12:10 - 00000000 ____D C:\ProgramData\Malwarebytes
2017-03-24 12:09 - 2017-03-24 12:09 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2017-03-24 12:09 - 2017-03-24 12:09 - 00109272 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2017-03-24 12:09 - 2017-03-24 12:09 - 00001875 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2017-03-24 12:09 - 2017-03-24 12:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2017-03-24 12:09 - 2017-03-24 12:09 - 00000000 ____D C:\Program Files\Malwarebytes
2017-03-24 12:09 - 2017-02-24 06:23 - 00077408 _____ C:\Windows\system32\Drivers\mbae64.sys
2017-03-24 12:07 - 2017-03-24 12:38 - 00000000 ____D C:\Program Files (x86)\Overwatch
2017-03-24 12:07 - 2017-03-24 12:07 - 57131432 _____ (Malwarebytes ) C:\Users\Asce\Downloads\mb3-setup-consumer-3.0.6.1469-1075.exe
2017-03-24 12:06 - 2017-03-24 12:06 - 16563352 _____ (Malwarebytes Corp.) C:\Users\Asce\Downloads\mbar-1.09.3.1001.exe
2017-03-24 12:05 - 2017-03-24 12:05 - 05788712 _____ C:\Users\Asce\Downloads\qssetup.exe
2017-03-24 11:58 - 2017-03-24 11:58 - 00004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2017-03-24 11:43 - 2017-03-24 11:43 - 00000000 ____D C:\Users\Asce\AppData\Local\NVIDIA Corporation
2017-03-24 11:40 - 2017-03-24 11:40 - 00001389 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2017-03-24 11:37 - 2017-03-24 11:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2017-03-24 11:37 - 2017-03-24 11:37 - 00000000 ____D C:\Users\Asce\AppData\Local\NVIDIA
2017-03-24 11:37 - 2016-01-23 04:54 - 01542600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2017-03-24 11:37 - 2016-01-23 04:54 - 01316184 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll
2017-03-24 11:37 - 2016-01-23 04:53 - 01859936 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2017-03-24 11:37 - 2016-01-23 04:53 - 01756608 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll
2017-03-24 11:37 - 2016-01-23 04:53 - 00112216 _____ C:\Windows\system32\NvRtmpStreamer64.dll
2017-03-24 11:35 - 2017-03-24 11:43 - 00000000 ____D C:\ProgramData\NVIDIA
2017-03-24 11:35 - 2016-01-23 03:12 - 00110016 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2017-03-24 11:34 - 2017-03-24 11:40 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2017-03-24 11:34 - 2016-01-23 03:04 - 06368312 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2017-03-24 11:34 - 2016-01-23 03:04 - 02992064 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2017-03-24 11:34 - 2016-01-23 03:04 - 02563128 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2017-03-24 11:34 - 2016-01-23 03:04 - 01263040 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2017-03-24 11:34 - 2016-01-23 03:04 - 00532024 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshext.dll
2017-03-24 11:34 - 2016-01-23 03:04 - 00393784 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2017-03-24 11:34 - 2016-01-23 03:04 - 00083512 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshextr.dll
2017-03-24 11:34 - 2016-01-23 03:04 - 00071224 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2017-03-24 11:34 - 2016-01-22 23:07 - 06125650 _____ C:\Windows\system32\nvcoproc.bin
2017-03-24 11:33 - 2016-01-23 05:42 - 42983992 _____ C:\Windows\system32\nvcompiler.dll
2017-03-24 11:33 - 2016-01-23 05:42 - 37614528 _____ C:\Windows\SysWOW64\nvcompiler.dll
2017-03-24 11:33 - 2016-01-23 05:42 - 31079992 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2017-03-24 11:33 - 2016-01-23 05:42 - 24911296 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2017-03-24 11:33 - 2016-01-23 05:42 - 21193544 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2017-03-24 11:33 - 2016-01-23 05:42 - 20733832 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2017-03-24 11:33 - 2016-01-23 05:42 - 18758400 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2017-03-24 11:33 - 2016-01-23 05:42 - 17626352 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2017-03-24 11:33 - 2016-01-23 05:42 - 17218792 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2017-03-24 11:33 - 2016-01-23 05:42 - 16995064 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2017-03-24 11:33 - 2016-01-23 05:42 - 16327896 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2017-03-24 11:33 - 2016-01-23 05:42 - 14016576 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2017-03-24 11:33 - 2016-01-23 05:42 - 12379072 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2017-03-24 11:33 - 2016-01-23 05:42 - 03683560 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2017-03-24 11:33 - 2016-01-23 05:42 - 03258664 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2017-03-24 11:33 - 2016-01-23 05:42 - 03145272 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2017-03-24 11:33 - 2016-01-23 05:42 - 02721216 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2017-03-24 11:33 - 2016-01-23 05:42 - 01924152 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6436175.dll
2017-03-24 11:33 - 2016-01-23 05:42 - 01573432 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6436175.dll
2017-03-24 11:33 - 2016-01-23 05:42 - 01572496 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco6420103.dll
2017-03-24 11:33 - 2016-01-23 05:42 - 00948672 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2017-03-24 11:33 - 2016-01-23 05:42 - 00880576 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2017-03-24 11:33 - 2016-01-23 05:42 - 00747064 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2017-03-24 11:33 - 2016-01-23 05:42 - 00689600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2017-03-24 11:33 - 2016-01-23 05:42 - 00501896 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2017-03-24 11:33 - 2016-01-23 05:42 - 00468960 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2017-03-24 11:33 - 2016-01-23 05:42 - 00425016 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2017-03-24 11:33 - 2016-01-23 05:42 - 00423080 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2017-03-24 11:33 - 2016-01-23 05:42 - 00388560 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2017-03-24 11:33 - 2016-01-23 05:42 - 00377792 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2017-03-24 11:33 - 2016-01-23 05:42 - 00205456 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
2017-03-24 11:33 - 2016-01-23 05:42 - 00175368 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2017-03-24 11:33 - 2016-01-23 05:42 - 00153392 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2017-03-24 11:33 - 2016-01-23 05:42 - 00151368 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2017-03-24 11:33 - 2016-01-23 05:42 - 00128512 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2017-03-24 11:33 - 2016-01-23 05:42 - 00039240 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll
2017-03-24 11:33 - 2016-01-23 05:42 - 00034905 _____ C:\Windows\system32\nvinfo.pb
2017-03-24 11:33 - 2015-12-18 08:11 - 00047760 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2017-03-24 11:33 - 2015-12-18 08:10 - 00099472 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll
2017-03-24 11:33 - 2015-12-18 08:10 - 00090768 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2017-03-24 11:10 - 2017-03-24 11:37 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2017-03-24 11:10 - 2017-03-24 11:10 - 00000000 ____D C:\NVIDIA
2017-03-24 11:08 - 2017-03-24 11:09 - 385746880 _____ (NVIDIA Corporation) C:\Users\Asce\Downloads\361.75-desktop-win8-win7-winvista-64bit-international-whql.exe
2017-03-24 11:08 - 2017-03-24 11:08 - 20647512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2020-04-03 18:38 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\wfp
2020-04-03 18:38 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\config\systemprofile
2020-04-03 18:37 - 2011-04-12 10:28 - 00000000 ___RD C:\Users\Public\Recorded TV
2020-04-03 18:37 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\wbem
2020-04-03 18:37 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\Drivers\UMDF
2020-04-03 18:37 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\registration
2020-04-03 18:34 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\LogFiles
2020-04-03 10:05 - 2014-07-12 08:43 - 00003330 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2020-04-03 10:05 - 2014-07-12 08:43 - 00003202 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2020-04-03 08:39 - 2014-07-12 08:23 - 00000000 ____D C:\Users\Asce
2020-04-03 08:39 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\config\TxR
2017-03-24 14:09 - 2014-11-20 22:11 - 00000000 ____D C:\Users\Asce\AppData\Local\Battle.net
2017-03-24 13:47 - 2015-11-10 21:15 - 00000000 ____D C:\Users\Asce\AppData\Local\MalwareProtectionLive
2017-03-24 13:43 - 2009-07-14 06:45 - 00016832 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-03-24 13:43 - 2009-07-14 06:45 - 00016832 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-03-24 12:58 - 2015-01-19 23:51 - 00000000 ____D C:\Users\Asce\AppData\Local\LogMeIn Hamachi
2017-03-24 12:48 - 2016-01-04 23:02 - 00003848 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1451941354
2017-03-24 12:48 - 2016-01-04 23:02 - 00000000 ____D C:\Program Files (x86)\Opera
2017-03-24 12:02 - 2014-11-20 22:12 - 00000000 ____D C:\Program Files (x86)\Hearthstone
2017-03-24 11:57 - 2014-07-25 01:09 - 00000000 ____D C:\ProgramData\Package Cache
2017-03-24 11:54 - 2014-11-20 22:11 - 00000000 ____D C:\Program Files (x86)\Battle.net
2017-03-24 11:54 - 2014-07-13 00:17 - 00000000 ____D C:\Steam
2017-03-24 11:52 - 2014-11-20 22:11 - 00000000 ____D C:\Users\Asce\AppData\Roaming\Battle.net
2017-03-24 11:52 - 2014-11-20 22:08 - 00000000 ____D C:\ProgramData\Battle.net
2017-03-24 11:51 - 2015-11-05 00:14 - 00007608 _____ C:\Users\Asce\AppData\Local\Resmon.ResmonCfg
2017-03-24 11:48 - 2014-07-12 08:44 - 00002203 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-03-24 11:47 - 2014-08-05 23:24 - 00000000 ____D C:\Users\Asce\AppData\Roaming\Skype
2017-03-24 11:47 - 2014-07-12 22:38 - 00000000 ____D C:\ProgramData\MFAData
2017-03-24 11:47 - 2009-07-14 07:13 - 00783062 _____ C:\Windows\system32\PerfStringBackup.INI
2017-03-24 11:47 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\inf
2017-03-24 11:44 - 2015-05-02 15:26 - 00000000 ____D C:\Program Files\SoftEther VPN Client
2017-03-24 11:43 - 2015-05-18 14:56 - 00025640 _____ (Windows (R) Server 2003 DDK provider) C:\Windows\gdrv.sys
2017-03-24 11:43 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2017-03-24 11:37 - 2015-07-29 19:24 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2017-03-24 11:36 - 2015-06-02 15:04 - 00001766 _____ C:\Windows\Sandboxie.ini
2017-03-24 11:34 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\Help
2017-03-24 11:08 - 2015-10-04 22:42 - 00802904 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2017-03-24 11:08 - 2015-10-04 22:42 - 00144472 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2017-03-24 11:08 - 2015-10-04 22:42 - 00004312 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2017-03-24 11:08 - 2015-10-04 22:42 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2017-03-24 11:08 - 2015-10-04 22:42 - 00000000 ____D C:\Windows\system32\Macromed
==================== Files in the root of some directories =======
2015-12-25 09:42 - 2015-12-26 01:41 - 0002136 _____ () C:\Users\Asce\AppData\Roaming\SpeedRunnersLog.txt
2015-11-05 00:14 - 2017-03-24 11:51 - 0007608 _____ () C:\Users\Asce\AppData\Local\Resmon.ResmonCfg
2015-12-11 21:02 - 2015-12-11 21:02 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
Some files in TEMP:
====================
2015-10-23 19:47 - 2015-10-23 19:47 - 2892128 _____ (AVG Technologies) C:\Users\Asce\AppData\Local\Temp\avg-ae9d4a66-87be-4c57-9f03-a23b13fdc342.exe
2016-01-05 20:18 - 2015-11-12 16:54 - 0091048 _____ (AVG Technologies CZ, s.r.o.) C:\Users\Asce\AppData\Local\Temp\avguirn_0899728453.exe
2015-10-08 19:45 - 2015-10-08 19:49 - 0204800 _____ (Sony DADC Austria AG) C:\Users\Asce\AppData\Local\Temp\drm_dyndata_7400009.dll
2015-11-10 21:16 - 2015-11-10 23:19 - 0035680 _____ () C:\Users\Asce\AppData\Local\Temp\i4jdel0.exe
2015-07-18 15:30 - 2015-07-18 15:30 - 0011264 _____ ( ) C:\Users\Asce\AppData\Local\Temp\iuo4idyi.dll
2015-10-24 21:18 - 2015-12-08 22:45 - 56061688 _____ (Rockstar Games) C:\Users\Asce\AppData\Local\Temp\Social%20Club%20v1.1.6.8%20Setup.exe
2015-12-21 03:39 - 2015-12-21 03:39 - 56838704 _____ (Rockstar Games) C:\Users\Asce\AppData\Local\Temp\Social%20Club%20v1.1.6.9%20Setup.exe
2017-03-24 11:48 - 2017-03-24 11:48 - 14456872 _____ (Microsoft Corporation) C:\Users\Asce\AppData\Local\Temp\vc_redist.x86.exe
2015-08-03 01:58 - 2015-08-03 01:58 - 0118784 _____ () C:\Users\Asce\AppData\Local\Temp\xmlUpdater.exe
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2017-03-24 13:35
==================== End of FRST.txt ============================
-
March 24th, 2017, 03:28 PM
#2
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 15-03-2017
Ran by Asce (24-03-2017 14:09:52)
Running from C:\Users\Asce\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2014-07-12 06:23:31)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-1292172697-4276861399-4271014393-500 - Administrator - Disabled)
Asce (S-1-5-21-1292172697-4276861399-4271014393-1000 - Administrator - Enabled) => C:\Users\Asce
Guest (S-1-5-21-1292172697-4276861399-4271014393-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1292172697-4276861399-4271014393-1002 - Limited - Enabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AV: AVG AntiVirus Free Edition (Disabled - Up to date) {4D41356F-32AD-7C42-C820-63775EE4F413}
AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG AntiVirus Free Edition (Disabled - Up to date) {F620D48B-1497-73CC-F290-58052563BEAE}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
@BIOS Ver.2.06 (HKLM-x32\...\{B2DC3F08-2EB2-49A5-AA24-15DFC8B1CB83}) (Version: 2.06 - GIGABYTE)
µTorrent (HKU\S-1-5-21-1292172697-4276861399-4271014393-1000\...\uTorrent) (Version: 3.4.3.40298 - BitTorrent Inc.)
µTorrent (HKU\S-1-5-21-1292172697-4276861399-4271014393-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\uTorrent) (Version: 3.4.3.40298 - BitTorrent Inc.)
A4 TECH PC Camera H (HKLM\...\{ADE16A9D-FBDC-4ecc-B6BD-9C31E51D303B}) (Version: - )
A4 TECH PC Camera H (HKLM-x32\...\{CE3B8E96-B0AF-4871-9178-1519B58E3A93}) (Version: 2007.11.12 - A4 TECH)
Acoustica MP3 CD Burner (HKLM-x32\...\Acoustica MP3 CD Burner) (Version: - Acoustica, Inc)
Adobe Flash Player 25 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 25.0.0.127 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.13) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.13 - Adobe Systems Incorporated)
Aegisub 3.0.2 (HKLM-x32\...\{24BC8B57-716C-444F-B46B-A3349B9164C5}_is1) (Version: 3.0.2 - Aegisub Team)
Age of Empires II: HD Edition (HKLM-x32\...\Steam App 221380) (Version: - Hidden Path Entertainment, Ensemble Studios)
AMD Catalyst Install Manager (HKLM\...\{F2A7CE36-57BF-5C86-952D-90DBF3746D82}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
AoE II HD Compatibility Patch version 1.0c (HKLM-x32\...\AoE II HD Compatibility Patch_is1) (Version: 1.0c - )
AutoGreen B09.1014.2 (HKLM-x32\...\InstallShield_{C75FAD21-EC08-42F3-92D6-C9C0AB355345}) (Version: 1.00.0000 - GIGABYTE)
AutoGreen B09.1014.2 (x32 Version: 1.00.0000 - GIGABYTE) Hidden
AVG (HKLM\...\AvgZen) (Version: 1.31.1.48846 - AVG Technologies)
AVG (Version: 16.12.7294 - AVG Technologies) Hidden
AVG 2016 (Version: 16.0.4767 - AVG Technologies) Hidden
AVG Protection (HKLM\...\AVG) (Version: 2016.12.7294 - AVG Technologies)
AVG Web TuneUp (HKLM-x32\...\AVG Web TuneUp) (Version: 3.5.0.0 - AVG Technologies)
AVG Zen (Version: 1.31.9 - AVG Technologies) Hidden
Bastion (HKLM-x32\...\Steam App 107100) (Version: - Supergiant Games)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Battlefield 1942â„¢ (HKLM-x32\...\{5BE7BD06-512B-43bf-AD78-3BD2A5F5F7B3}) (Version: 1.6.20.0 - Electronic Arts)
Battlefield 3â„¢ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.6.0.0 - Electronic Arts)
Beat Hazard (HKLM-x32\...\Steam App 49600) (Version: - Cold Beam Games)
Besiege (HKLM-x32\...\Steam App 346010) (Version: - Spiderling Studios)
Brawlhalla (HKLM-x32\...\Steam App 291550) (Version: - Blue Mammoth Games)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.5.5642 - CDBurnerXP)
Cheat Engine 6.4 (HKLM-x32\...\Cheat Engine 6.4_is1) (Version: - Cheat Engine)
CheVolume 0.3.0.0 (HKLM-x32\...\CheVolume_0) (Version: 0.3.0.0 - WellWeWeb)
Command & Conquer™ Red Alert 2 and Yuri’s Revenge (HKLM-x32\...\{F5275D1C-D133-486D-8F07-D6C571F0A8EC}) (Version: 1.0.0.0 - Electronic Arts, Inc.)
Commandos 2: Men of Courage (HKLM-x32\...\Steam App 6830) (Version: - Pyro Studios)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version: - Valve)
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd)
DayZ (HKLM-x32\...\Steam App 221100) (Version: - Bohemia Interactive)
Dead Island: Epidemic (HKLM-x32\...\Steam App 222900) (Version: - Stunlock Studios)
Dead Spaceâ„¢ 3 (HKLM-x32\...\{D4329609-4102-4F8C-B83F-7FE024EEA314}) (Version: 1.0.0.0 - Electronic Arts, Inc.)
DES 2.0 (HKLM-x32\...\{675F86A8-E093-4002-87D5-915CC2C45571}) (Version: 1.00.0000 - Gigabyte)
Don't Starve Together Beta (HKLM-x32\...\Steam App 322330) (Version: - Klei Entertainment)
Dota 2 Workshop Tools Alpha (HKLM-x32\...\Steam App 316570) (Version: - )
Easy Tune 6 B10.0420.1 (HKLM-x32\...\InstallShield_{457D7505-D665-4F95-91C3-ECB8C56E9ACA}) (Version: 1.00.0000 - GIGABYTE)
Easy Tune 6 B10.0420.1 (x32 Version: 1.00.0000 - GIGABYTE) Hidden
Emily is Away (HKLM-x32\...\Steam App 417860) (Version: - Kyle Seeley)
Europa Universalis IV (HKLM-x32\...\Steam App 236850) (Version: - Paradox Development Studio)
f.lux (HKU\S-1-5-21-1292172697-4276861399-4271014393-1000\...\Flux) (Version: - )
f.lux (HKU\S-1-5-21-1292172697-4276861399-4271014393-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Flux) (Version: - )
Fallout 4 (HKLM-x32\...\Fallout 4_is1) (Version: - )
Fallout: New Vegas (HKLM-x32\...\Steam App 22380) (Version: - Obsidian Entertainment)
FileZilla Client 3.14.1 (HKLM-x32\...\FileZilla Client) (Version: 3.14.1 - Tim Kosse)
FMW 1 (Version: 1.42.1 - AVG Technologies) Hidden
FTL: Faster Than Light (HKLM-x32\...\Steam App 212680) (Version: - Subset Games)
Geometry Dash (HKLM-x32\...\Steam App 322170) (Version: - RobTop Games)
Gigabyte Raid Configurer (HKLM-x32\...\{3A1B5D40-41E9-43FA-8C7B-A8667F5586EF}) (Version: 1.00.0001 - GIGABYTE Technologies, Inc.)
Goat Simulator (HKLM-x32\...\Steam App 265930) (Version: - Coffee Stain Studios)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 56.0.2924.87 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.32.7 - Google Inc.) Hidden
Grand Theft Auto III (HKLM-x32\...\Steam App 12100) (Version: - Rockstar Games)
Grand Theft Auto V (HKLM-x32\...\{E01FA564-2094-4833-8F2F-1FFEC6AFCC46}) (Version: "1.00.0000" - Rockstar Games)
Grand Theft Auto: Vice City (HKLM-x32\...\Steam App 12110) (Version: - Rockstar Games)
Grim Fandango Remastered (HKLM-x32\...\Steam App 316790) (Version: - Double Fine Productions)
GS Auto Clicker (HKLM-x32\...\GS Auto Clicker_is1) (Version: V3.1.3 - goldensoft.org)
Guacamelee! Gold Edition (HKLM-x32\...\Steam App 214770) (Version: - DrinkBox Studios)
Guacamelee! Super Turbo Championship Edition (HKLM-x32\...\Steam App 275390) (Version: - DrinkBox Studios)
Guild Wars 2 (HKLM-x32\...\Guild Wars 2) (Version: - NCsoft Corporation, Ltd.)
Guns of Icarus Online (HKLM-x32\...\Steam App 209080) (Version: - Muse Games)
H1Z1 (HKLM-x32\...\Steam App 295110) (Version: - Daybreak Games)
Half-Life 2 (HKLM-x32\...\Steam App 220) (Version: - Valve)
Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment)
HexChat (HKLM\...\HexChat_is1) (Version: 2.10.2 - HexChat)
HLSW v1.4.0.2 (HKLM-x32\...\HLSW_is1) (Version: - Stripf Software)
Hurtworld (HKLM-x32\...\Steam App 393420) (Version: - Bankroll Studios)
InstallShieldHiRezCurrent (HKLM-x32\...\{9433FC1C-7405-433C-A26D-81076293BBCE}) (Version: 3.0.0.0 - Hi-Rez Studios)
Insurgency (HKLM-x32\...\Steam App 222880) (Version: - New World Interactive)
Java 8 Update 40 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218040F0}) (Version: 8.0.400 - Oracle Corporation)
Just Cause 2: Multiplayer Mod (HKLM-x32\...\Steam App 259080) (Version: - Avalanche Studios)
King's Quest (HKLM-x32\...\Steam App 345390) (Version: - The Odd Gentlemen)
Left 4 Dead 2 (HKLM-x32\...\Steam App 550) (Version: - Valve)
Lethal League (HKLM-x32\...\Steam App 261180) (Version: - Team Reptile)
Logitech Gaming Software 5.10 (HKLM\...\{1444D2EE-C7AD-44A8-844F-2634B49353D1}) (Version: 5.10.127 - Logitech)
Logitech Gaming Software 8.53 (HKLM\...\Logitech Gaming Software) (Version: 8.53.186 - Logitech Inc.)
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.410 - LogMeIn, Inc.)
LogMeIn Hamachi (x32 Version: 2.2.0.410 - LogMeIn, Inc.) Hidden
Lua for Windows 5.1.4-46 (HKLM-x32\...\Lua_is1) (Version: 5.1.4.46 - The Lua for Windows Project and Lua and Tecgraf, PUC-Rio)
Magicka (HKLM-x32\...\Steam App 42910) (Version: - Arrowhead Game Studios)
Malwarebytes version 3.0.6.1469 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.0.6.1469 - Malwarebytes)
MAMEUIFX32 (HKLM-x32\...\MAMEUIFX32) (Version: 0.145 - Mamesick)
Microsoft .NET Framework 4.5 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 4.0.60310.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 Redistributable - x64 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 Redistributable - x86 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23026 (HKLM-x32\...\{e46eca4f-393b-40df-9f49-076faf788d83}) (Version: 14.0.23026.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 3.1 (HKLM-x32\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Minecraft1.7.8 (HKLM-x32\...\Minecraft1.7.8) (Version: - )
Mount&Blade Warband (HKLM-x32\...\Mount&Blade Warband) (Version: - )
MSI Afterburner 3.0.1 (HKLM-x32\...\Afterburner) (Version: 3.0.1 - MSI Co., LTD)
Mumble 1.2.7 (HKLM-x32\...\{CF8BBFA2-5502-4904-A9E9-8D5CAA8DF785}) (Version: 1.2.7 - Thorvald Natvig)
NEC Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{D7BF9739-8A68-4335-BBEE-37752AD9E86B}) (Version: 1.0.18.0 - NEC Electronics Corporation)
NEC Electronics USB 3.0 Host Controller Driver (x32 Version: 1.0.18.0 - NEC Electronics Corporation) Hidden
Need for Speed Underground 2 (HKLM-x32\...\Need for Speed Underground 2) (Version: - )
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.8.6 - Notepad++ Team)
NVIDIA 3D Vision Controller Driver 352.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 352.65 - NVIDIA Corporation)
NVIDIA 3D Vision Driver 361.75 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 361.75 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.9.1.35 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.9.1.35 - NVIDIA Corporation)
NVIDIA Graphics Driver 361.75 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 361.75 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.34.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.4 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
Octoshape Streaming Services (HKU\S-1-5-21-1292172697-4276861399-4271014393-1000\...\Octoshape Streaming Services) (Version: - Octoshape ApS)
Octoshape Streaming Services (HKU\S-1-5-21-1292172697-4276861399-4271014393-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Octoshape Streaming Services) (Version: - Octoshape ApS)
ON_OFF Charge B10.0422.2 (HKLM-x32\...\{3DECD372-76A1-4483-BF10-B547790A3261}) (Version: 1.00.0001 - GIGABYTE)
Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version: - )
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
Opera Stable 44.0.2510.857 (HKLM-x32\...\Opera 44.0.2510.857) (Version: 44.0.2510.857 - Opera Software)
Origin (HKLM-x32\...\Origin) (Version: 9.4.11.2806 - Electronic Arts, Inc.)
osu! (HKLM-x32\...\{dd2cc895-8ae6-4b9e-b42a-9aa908c1dca5}) (Version: latest - ppy Pty Ltd)
Outlast (HKLM-x32\...\Outlast_R.G. Mechanics_is1) (Version: - R.G. Mechanics, spider91)
Overwatch (HKLM-x32\...\Overwatch) (Version: - Blizzard Entertainment)
Peggle (HKLM-x32\...\{715AD72D-887A-459E-988B-D4F3E87FA24B}) (Version: 1.04.0.0 - PopCap Games)
Portal 2 (HKLM-x32\...\Steam App 620) (Version: - Valve)
Power MP3 Recorder Cutter v6.5 (HKLM-x32\...\Power MP3 Recorder Cutter_is1) (Version: 6.5 - CooolSoft, Inc.)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.991 - Even Balance, Inc.)
Python 3.4.2 (HKLM-x32\...\{2583CDBA-8A53-4622-BB67-1D163714C1B4}) (Version: 3.4.16349 - Python Software Foundation)
Quake Live (HKLM-x32\...\Steam App 282440) (Version: - id Software)
Realtek Ethernet Controller Driver For Windows 7 (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.17.304.2010 - Realtek)
Realtek HDMI Audio Driver for ATI (HKLM-x32\...\{5449FB4F-1802-4D5B-A6D8-087DB1142147}) (Version: 6.0.1.6650 - Realtek Semiconductor Corp.)
Reflex (HKLM-x32\...\Steam App 328070) (Version: - Turbo Pixel Studios)
Risk of Rain (HKLM-x32\...\Steam App 248820) (Version: - )
RivaTuner Statistics Server 6.1.2 (HKLM-x32\...\RTSS) (Version: 6.1.2 - Unwinder)
Rocket League (HKLM-x32\...\Steam App 252950) (Version: - Psyonix)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.6.9 - Rockstar Games)
Rust (HKLM-x32\...\Steam App 252490) (Version: - Facepunch Studios)
Saints Row IV (HKLM-x32\...\Steam App 206420) (Version: - Deep Silver Volition)
Sandboxie 4.18 (64-bit) (HKLM\...\Sandboxie) (Version: 4.18 - Sandboxie Holdings, LLC)
Serious Sam 2 (HKLM-x32\...\Steam App 204340) (Version: - Croteam)
Serious Sam 2 Dedicated Server Utility (HKLM-x32\...\SS2DedServerUtility) (Version: - )
Shadow Warrior Classic Redux (HKLM-x32\...\Steam App 225160) (Version: - 3D Realms)
SHIELD Streaming (Version: 4.1.0260 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.9.1.35 - NVIDIA Corporation) Hidden
ShiftWindow 1.02 (HKLM-x32\...\ShiftWindow_is1) (Version: - Grismar)
Sid Meier's Civilization V (HKLM-x32\...\Steam App 8930) (Version: - 2K Games, Inc.)
Simply Chess (HKLM-x32\...\Steam App 312280) (Version: - BlueLine Games)
Skypeâ„¢ 7.17 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.17.105 - Skype Technologies S.A.)
Smart 6 B10.0422.1 (HKLM-x32\...\{3B35725F-C623-4A1E-B5CC-99C0868679E3}) (Version: 1.00.0000 - GIGABYTE)
SMITE (HKLM-x32\...\Steam App 386360) (Version: - Hi-Rez Studios)
Snaz version 1.9.4.0 (HKLM-x32\...\{70A76031-FDC6-4F9B-BB5C-33776703F45A}_is1) (Version: 1.9.4.0 - JimsApps)
SoftEther VPN Client (HKLM\...\softether_sevpnclient) (Version: 4.15.9546 - SoftEther VPN Project)
SoliCall Pro (HKLM-x32\...\SoliCall Pro) (Version: - SoliCall)
Source Dedicated Server (HKLM-x32\...\Steam App 205) (Version: - Valve)
SpeedRunners (HKLM-x32\...\Steam App 207140) (Version: - DoubleDutch Games)
Spotify (HKU\S-1-5-21-1292172697-4276861399-4271014393-1000\...\Spotify) (Version: 1.0.20.94.g8f8543b3 - Spotify AB)
Spotify (HKU\S-1-5-21-1292172697-4276861399-4271014393-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Spotify) (Version: 1.0.20.94.g8f8543b3 - Spotify AB)
Star Wars Jedi Knight: Jedi Academy (HKLM-x32\...\Steam App 6020) (Version: - Raven Software)
Sublime Text Build 3083 (HKLM\...\Sublime Text 3_is1) (Version: - Sublime HQ Pty Ltd)
Super Meat Boy (HKLM-x32\...\Steam App 40800) (Version: - Team Meat)
SWF Extractor 2.2 (HKLM-x32\...\SWF Extractor_is1) (Version: 2.2 - GlobFX Technologies)
TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: 3.0.15 - TeamSpeak Systems GmbH)
TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.42849 - TeamViewer)
Terraria (HKLM-x32\...\1207665503_is1) (Version: 2.7.0.9 - GOG.com)
The Crew Trial (HKLM-x32\...\Steam App 366310) (Version: - Ivory Tower in collaboration with Ubisoft Reflections)
The Mean Greens - Plastic Warfare (HKLM-x32\...\Steam App 360940) (Version: - Virtual Basement LLC)
The Sims 2: Ultimate Collection (HKLM-x32\...\{04450C18-F039-4B81-A621-70C3B0F523D5}) (Version: 1.0.0.0 - Electronic Arts)
The Stanley Parable (HKLM-x32\...\The Stanley Parable_is1) (Version: - )
The Witcher: Enhanced Edition (HKLM-x32\...\Steam App 20900) (Version: - CD PROJEKT RED)
Transistor (HKLM-x32\...\Steam App 237930) (Version: - Supergiant Games)
Unturned (HKLM-x32\...\Steam App 304930) (Version: - Nelson Sexton)
Uplay (HKLM-x32\...\Uplay) (Version: 5.2 - Ubisoft)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player 2.1.3 (HKLM-x32\...\VLC media player) (Version: 2.1.3 - VideoLAN)
Voobly Game Data (HKLM-x32\...\Voobly_is1) (Version: Voobly Game Datas - Voobly)
Vuze (HKLM-x32\...\8461-7759-5462-8226) (Version: 5.6.2.0 - Azureus Software, Inc.)
WestwoodOnline (HKLM-x32\...\{BBCD6D56-8A26-4DDE-9482-DBC9C7B7341D}) (Version: 1.0.0.0 - WestwoodOnline)
WinRAR 5.10 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.10.0 - win.rar GmbH)
Worms Reloaded (HKLM-x32\...\Steam App 22600) (Version: - Team17 Digital Ltd)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {103C58DC-6A11-4132-B128-61354501B69A} - System32\Tasks\{A3DE1E29-CB5E-436B-872E-BB799B0C8DF1} => Chrome.exe hxxp://www.skype.com/go/downloading?source=lightinstaller&ver=6.18.0.105&LastError=404
Task: {1C19EF2B-55CE-4B9A-9751-508F7C410743} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-12-19] (Adobe Systems Incorporated)
Task: {275442C4-D16A-4192-AF24-7596AD12785C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-13] (Google Inc.)
Task: {28BB728F-23D1-4B05-920F-7E52ECBF1D92} - System32\Tasks\Microsoft\Windows\SmartRecovery\SRFilter => Rundll32.exe CommCmd.dll,RunScript "%ProgramFiles%\GIGABYTE\Smart6\Recovery\SRFilter.exe" /GBSMART6 -kdl
Task: {316804F2-ABEA-4E91-840A-33A1AA0FBE0C} - System32\Tasks\Opera scheduled Autoupdate 1451941354 => C:\Program Files (x86)\Opera\launcher.exe [2017-03-21] (Opera Software)
Task: {7336F5F1-868C-4651-96B7-E0A2FE1108BB} - System32\Tasks\{533EB031-BF25-4683-BA64-C3FE54B89C09} => pcalua.exe -a "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCCInstall.exe" -d "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static"
Task: {88532493-8D42-4E75-9103-E36AC36EDDE5} - System32\Tasks\{136F545B-0559-4304-96C4-F4550D4EB7AF} => Chrome.exe hxxp://www.skype.com/go/downloading?source=lightinstaller&ver=6.18.0.105&LastError=404
Task: {89E90A11-F5AA-4165-A2EF-2F15D9118E6E} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-03-24] (Adobe Systems Incorporated)
Task: {ABEDF6F5-C1DC-4CF9-9135-14D209677214} - System32\Tasks\Microsoft\Windows\SmartRecovery\SRCreate => Rundll32.exe CommCmd.dll,RunScript "%ProgramFiles%\GIGABYTE\Smart6\Recovery\SrCmdCLR.exe" -c 1
Task: {D9DB1260-259C-49D3-8DC4-DCC47C5390EC} - System32\Tasks\{07F404C9-2511-4B82-AB56-2D81B19FE727} => pcalua.exe -a C:\Users\Asce\Downloads\lgs510.exe -d C:\Users\Asce\Downloads
Task: {FCB7ED30-AA59-4222-9914-0D20871C1F89} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-13] (Google Inc.)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Shortcuts =============================
(The entries could be listed to be restored or removed.)
ShortcutWithArgument: C:\Users\Asce\Desktop\Hand + Wrist Exercises For Gamers - YouTube.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --app=hxxps://www.youtube.com/watch?v=EiRC80FJbHU
ShortcutWithArgument: C:\Users\Asce\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\TwitchAlerts Stream Labels.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=kgmggmdngboajiakmbpdknfpdelbjbcg
==================== Loaded Modules (Whitelisted) ==============
2017-03-24 11:34 - 2016-01-23 03:04 - 00133056 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2015-05-18 14:41 - 2009-06-17 15:13 - 00068136 _____ () C:\Program Files (x86)\Gigabyte\EnergySaver2\des2svr.exe
2015-05-18 14:45 - 2010-01-19 04:31 - 00072304 ____R () C:\Windows\SysWOW64\XSrvSetup.exe
2017-03-24 11:36 - 2016-01-23 04:55 - 00291264 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamBase.dll
2015-10-08 00:47 - 2015-10-08 17:56 - 00076152 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2015-12-11 02:00 - 2015-12-11 02:00 - 00168336 _____ () C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\3.5.0\loggingserver.exe
2015-10-16 12:02 - 2015-10-16 12:02 - 00043480 _____ () C:\Program Files\FileZilla FTP Client\fzshellext_64.dll
2014-08-30 08:28 - 2015-12-11 02:00 - 02569104 _____ () C:\Program Files (x86)\AVG Web TuneUp\vprot.exe
2015-11-05 21:23 - 2015-11-05 21:23 - 00851488 _____ () C:\Users\Asce\AppData\Local\MalwareProtectionLive\MalwareProtectionClient.exe
2017-03-24 11:53 - 2017-03-24 11:53 - 01477096 _____ () C:\Program Files (x86)\Battle.net\Battle.net.8554\Battle.net Helper.exe
2015-05-18 14:42 - 2009-05-04 16:56 - 00102400 _____ () C:\Program Files (x86)\Gigabyte\EnergySaver2\ycc.dll
2017-03-24 11:36 - 2016-01-23 04:55 - 00018880 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2015-12-11 02:00 - 2015-12-11 02:00 - 00528272 _____ () C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\3.5.0\log4cplusU.dll
2015-11-23 22:18 - 2015-11-23 22:17 - 40500224 _____ () C:\Program Files (x86)\AVG\UiDll\2171\libcef.dll
2017-03-24 11:53 - 2017-03-24 11:53 - 00540336 _____ () C:\Program Files (x86)\Battle.net\Battle.net.8554\ortp.dll
2017-03-24 11:53 - 2017-03-24 11:53 - 55758824 _____ () C:\Program Files (x86)\Battle.net\Battle.net.8554\libcef.dll
2017-03-24 11:53 - 2017-03-24 11:53 - 00133632 _____ () C:\Program Files (x86)\Battle.net\Battle.net.8554\libEGL.dll
2017-03-24 11:53 - 2017-03-24 11:53 - 03384832 _____ () C:\Program Files (x86)\Battle.net\Battle.net.8554\libGLESv2.dll
2014-07-13 00:17 - 2015-12-15 07:54 - 00782336 _____ () C:\Steam\SDL2.dll
2014-12-07 01:58 - 2015-07-03 18:12 - 04962816 _____ () C:\Steam\v8.dll
2014-12-07 01:58 - 2015-07-03 18:12 - 01556992 _____ () C:\Steam\icui18n.dll
2014-12-07 01:58 - 2015-07-03 18:12 - 01187840 _____ () C:\Steam\icuuc.dll
2014-07-13 00:17 - 2016-01-02 01:35 - 02546768 _____ () C:\Steam\video.dll
2014-08-22 17:27 - 2015-09-24 02:33 - 02549248 _____ () C:\Steam\libavcodec-56.dll
2014-08-22 17:27 - 2015-09-24 02:33 - 00442880 _____ () C:\Steam\libavutil-54.dll
2014-08-22 17:27 - 2015-09-24 02:33 - 00491008 _____ () C:\Steam\libavformat-56.dll
2014-08-22 17:27 - 2015-09-24 02:33 - 00332800 _____ () C:\Steam\libavresample-2.dll
2014-08-22 17:27 - 2015-09-24 02:33 - 00485888 _____ () C:\Steam\libswscale-3.dll
2014-07-13 00:17 - 2016-01-02 01:35 - 00802896 _____ () C:\Steam\bin\chromehtml.DLL
2015-07-08 11:50 - 2015-12-30 03:51 - 00208896 _____ () C:\Steam\bin\openvr_api.dll
2017-03-24 11:53 - 2017-03-24 11:53 - 03384832 _____ () C:\Program Files (x86)\Battle.net\Battle.net.8554\libglesv2.dll
2017-03-24 11:53 - 2017-03-24 11:53 - 00133632 _____ () C:\Program Files (x86)\Battle.net\Battle.net.8554\libegl.dll
2014-07-13 00:17 - 2015-12-15 07:54 - 47846688 _____ () C:\Steam\bin\libcef.dll
2015-10-16 12:02 - 2015-10-16 12:02 - 00039384 _____ () C:\Program Files\FileZilla FTP Client\fzshellext.dll
2014-12-28 18:32 - 2015-09-25 01:56 - 00119208 _____ () C:\Steam\winh264.dll
2017-03-24 12:02 - 2017-01-16 09:32 - 68769880 _____ () C:\Program Files (x86)\Opera\42.0.2393.137\opera.dll
2017-03-24 11:59 - 2017-01-16 09:32 - 01895000 _____ () C:\Program Files (x86)\Opera\42.0.2393.137\libglesv2.dll
2017-03-24 11:59 - 2017-01-16 09:32 - 00087128 _____ () C:\Program Files (x86)\Opera\42.0.2393.137\libegl.dll
2017-03-24 11:44 - 2017-02-01 11:01 - 01870168 _____ () C:\Program Files (x86)\Google\Chrome\Application\56.0.2924.87\libglesv2.dll
2017-03-24 11:44 - 2017-02-01 11:01 - 00085848 _____ () C:\Program Files (x86)\Google\Chrome\Application\56.0.2924.87\libegl.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\procexp90.Sys => ""="Driver"
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\S-1-5-21-1292172697-4276861399-4271014393-1000\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\S-1-5-21-1292172697-4276861399-4271014393-1000\...\freerealms.com -> freerealms.com
IE trusted site: HKU\S-1-5-21-1292172697-4276861399-4271014393-1000\...\soe.com -> soe.com
IE trusted site: HKU\S-1-5-21-1292172697-4276861399-4271014393-1000\...\sony.com -> sony.com
IE trusted site: HKU\S-1-5-21-1292172697-4276861399-4271014393-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\S-1-5-21-1292172697-4276861399-4271014393-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\freerealms.com -> freerealms.com
IE trusted site: HKU\S-1-5-21-1292172697-4276861399-4271014393-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\soe.com -> soe.com
IE trusted site: HKU\S-1-5-21-1292172697-4276861399-4271014393-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\sony.com -> sony.com
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-1292172697-4276861399-4271014393-1000\Control Panel\Desktop\\Wallpaper ->
HKU\S-1-5-21-1292172697-4276861399-4271014393-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\Wallpaper ->
DNS Servers: 139.179.30.24 - 139.179.10.13
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{458A164A-2A83-40A9-9CF6-F09DEB5C42F6}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgmfapx.exe
FirewallRules: [{1B9BD2ED-A2F3-4669-9678-CB099CADDAB3}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgmfapx.exe
FirewallRules: [{B92839D7-E05D-4DEE-8FBA-520A41FF0AE5}] => (Allow) C:\Steam\Steam.exe
FirewallRules: [{BAA787D1-92B7-4D3F-B05F-073A0C3FB212}] => (Allow) C:\Steam\Steam.exe
FirewallRules: [{790DD38B-2D8C-465B-95D4-6249283345C9}] => (Allow) C:\Steam\SteamApps\common\DayZ\DayZ.exe
FirewallRules: [{06424155-76A8-442F-B0E2-346B71524333}] => (Allow) C:\Steam\SteamApps\common\DayZ\DayZ.exe
FirewallRules: [{453E5431-9948-44F6-B71F-030129F475B3}] => (Allow) C:\Steam\SteamApps\common\Team Fortress 2\hl2.exe
FirewallRules: [{0B711E6A-71F6-4981-8A00-4BEF21486E5B}] => (Allow) C:\Steam\SteamApps\common\Team Fortress 2\hl2.exe
FirewallRules: [{12D57C11-4036-480D-8628-06C3DAB5D7F2}] => (Allow) C:\Steam\SteamApps\common\Spacewar\SteamworksExample.exe
FirewallRules: [{F2A34E0E-A7E3-4978-9FC7-7545C750967D}] => (Allow) C:\Steam\SteamApps\common\Spacewar\SteamworksExample.exe
FirewallRules: [{B24E8689-9375-4979-9F58-9556DFDD7FE7}] => (Allow) C:\Steam\SteamApps\common\GarrysMod\hl2.exe
FirewallRules: [{32EA9E2F-F816-44BA-ADA7-5F8B1FDE2B6A}] => (Allow) C:\Steam\SteamApps\common\GarrysMod\hl2.exe
FirewallRules: [{B8ABE8D7-5376-477C-8A90-D4B5F592ABA3}] => (Allow) C:\Users\Asce\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{D46BA8D8-D7AC-48FE-9F6C-708180DF7F6E}] => (Allow) C:\Users\Asce\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{75FD7C1B-D0C9-4085-ADE9-BF37F93A5D53}] => (Allow) C:\Steam\SteamApps\common\Unturned\Unturned.exe
FirewallRules: [{AE8E5E33-7B66-415E-84FA-1642DA83A2CF}] => (Allow) C:\Steam\SteamApps\common\Unturned\Unturned.exe
FirewallRules: [{9287F43D-18EB-46BD-A913-37FD1BC1FF29}] => (Allow) C:\Steam\SteamApps\common\Call of Duty Black Ops II\t6mp.exe
FirewallRules: [{884E7D36-4B6B-4D3E-8D80-CAD1B60CCEFC}] => (Allow) C:\Steam\SteamApps\common\Call of Duty Black Ops II\t6mp.exe
FirewallRules: [{8A6B68FF-0820-4845-9BF3-F3DB3C3F304F}] => (Allow) C:\Steam\SteamApps\common\call of duty modern warfare 2\iw4sp.exe
FirewallRules: [{13579D56-CA61-4549-B417-482C6BD3C6F7}] => (Allow) C:\Steam\SteamApps\common\call of duty modern warfare 2\iw4sp.exe
FirewallRules: [{0AAD6341-F368-4FAB-B66C-817FF697BA9C}] => (Allow) C:\Steam\SteamApps\common\Dead Island Epidemic\Dead Island Epidemic - Launcher.exe
FirewallRules: [{FDAF864E-C168-49D1-8D38-37692F42C572}] => (Allow) C:\Steam\SteamApps\common\Dead Island Epidemic\Dead Island Epidemic - Launcher.exe
FirewallRules: [TCP Query User{768D7918-BAE8-456C-94ED-11EE827FBC68}C:\users\asce\appdata\roaming\octoshape\octoshape streaming services\octoshapeclient.exe] => (Allow) C:\users\asce\appdata\roaming\octoshape\octoshape streaming services\octoshapeclient.exe
FirewallRules: [UDP Query User{F538583C-9828-4C5B-A80C-544AF6AC1D02}C:\users\asce\appdata\roaming\octoshape\octoshape streaming services\octoshapeclient.exe] => (Allow) C:\users\asce\appdata\roaming\octoshape\octoshape streaming services\octoshapeclient.exe
FirewallRules: [{E83EB416-9480-48F0-B4C1-4906165AF845}] => (Allow) C:\Program Files (x86)\Origin Games\Command and Conquer Red Alert II\RA2Launcher.exe
FirewallRules: [{482EF486-1DB9-463A-B689-30230EF651A5}] => (Allow) C:\Program Files (x86)\Origin Games\Command and Conquer Red Alert II\RA2Launcher.exe
FirewallRules: [{63E62E53-04C2-4159-946D-780877E67A53}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{E0EA29A9-FAAC-479C-8C17-9DECC449766F}] => (Allow) C:\Steam\bin\steamwebhelper.exe
FirewallRules: [{D1360145-78D8-4529-B7C6-58CB74D8A9E9}] => (Allow) C:\Steam\bin\steamwebhelper.exe
FirewallRules: [TCP Query User{65778332-9DF7-4531-AB4E-87620C256401}C:\program files (x86)\origin games\command and conquer red alert ii\game.exe] => (Allow) C:\program files (x86)\origin games\command and conquer red alert ii\game.exe
FirewallRules: [UDP Query User{97158542-D407-4939-A8F9-30EDA29DCD95}C:\program files (x86)\origin games\command and conquer red alert ii\game.exe] => (Allow) C:\program files (x86)\origin games\command and conquer red alert ii\game.exe
FirewallRules: [TCP Query User{50AE6C6D-1F9C-42F5-B1A6-2C0234462B74}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{5AAC0DEE-0AF7-4937-8946-30C4901D1D8C}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [{9DFC48D2-942F-4E37-897C-329190B5BCB6}] => (Allow) C:\Steam\SteamApps\common\Just Cause 2\JustCause2.exe
FirewallRules: [{37563006-1568-43B9-B42F-CF30A98DAB87}] => (Allow) C:\Steam\SteamApps\common\Just Cause 2\JustCause2.exe
FirewallRules: [{FA4C023D-27E3-46A6-94D0-6480170087F0}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3526\Agent.exe
FirewallRules: [{7784A54E-6C08-4034-8024-AF8AA49A8F64}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3526\Agent.exe
FirewallRules: [{627B7053-78CE-4024-8534-37A1941E7C53}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{50E11F07-1D4D-4714-A917-E0B427FB9D4D}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{2E9B195F-C120-4732-AB75-E5D9B91AC561}] => (Allow) C:\Program Files (x86)\Hearthstone\Hearthstone.exe
FirewallRules: [{21EB7C6D-561D-4AA1-87F8-B187160F0CE7}] => (Allow) C:\Program Files (x86)\Hearthstone\Hearthstone.exe
FirewallRules: [{8CEAC588-0974-4388-AE41-6A92077AF354}] => (Allow) C:\Steam\SteamApps\common\DayZ\DayZ_BE.exe
FirewallRules: [{85D49392-4EC9-49D7-BDC9-08479635021C}] => (Allow) C:\Steam\SteamApps\common\DayZ\DayZ_BE.exe
FirewallRules: [{A891EF7A-AD93-473F-9AAF-A5CC84E1CD98}] => (Allow) C:\Steam\SteamApps\common\FTL Faster Than Light\FTLGame.exe
FirewallRules: [{A8A09009-989F-444F-A192-5B391A25BC20}] => (Allow) C:\Steam\SteamApps\common\FTL Faster Than Light\FTLGame.exe
FirewallRules: [{0C0AB31E-BF19-4E69-8C98-5911AF046FEF}] => (Allow) C:\Steam\SteamApps\common\Terraria\Terraria.exe
FirewallRules: [{14908FA5-273F-439C-8C30-A267B52B0222}] => (Allow) C:\Steam\SteamApps\common\Terraria\Terraria.exe
FirewallRules: [TCP Query User{845A900A-6D0D-4608-AB2E-66CE50C7CCB1}C:\steam\steamapps\common\war thunder\launcher.exe] => (Allow) C:\steam\steamapps\common\war thunder\launcher.exe
FirewallRules: [UDP Query User{356874B1-6180-4C84-87A8-0E5B4651CEEA}C:\steam\steamapps\common\war thunder\launcher.exe] => (Allow) C:\steam\steamapps\common\war thunder\launcher.exe
FirewallRules: [{CBE7D417-75D2-4327-B789-0EBC0E25DB39}] => (Allow) C:\Steam\SteamApps\common\Age2HD\Launcher.exe
FirewallRules: [{348873A4-7388-40EA-A6A6-1CC2A615CB2B}] => (Allow) C:\Steam\SteamApps\common\Age2HD\Launcher.exe
FirewallRules: [TCP Query User{D3C85D33-E008-4269-AADC-3D8403C8B26C}C:\steam\steamapps\common\age2hd\age2_x1\age2_x1.exe] => (Allow) C:\steam\steamapps\common\age2hd\age2_x1\age2_x1.exe
FirewallRules: [UDP Query User{BB7ADB34-833F-4734-9609-189E9B43CF72}C:\steam\steamapps\common\age2hd\age2_x1\age2_x1.exe] => (Allow) C:\steam\steamapps\common\age2hd\age2_x1\age2_x1.exe
FirewallRules: [TCP Query User{A08EE83E-FD86-4F98-AD8C-CD0D45F2E7C1}C:\program files (x86)\voobly\voobly.exe] => (Allow) C:\program files (x86)\voobly\voobly.exe
FirewallRules: [UDP Query User{DF08D976-FAF6-43AF-BCBA-C131F3016B41}C:\program files (x86)\voobly\voobly.exe] => (Allow) C:\program files (x86)\voobly\voobly.exe
FirewallRules: [TCP Query User{839BB445-A274-4919-88EF-D036D5855D79}C:\windows\syswow64\dplaysvr.exe] => (Allow) C:\windows\syswow64\dplaysvr.exe
FirewallRules: [UDP Query User{B2333D85-D96E-4A70-8571-2E3F3F996556}C:\windows\syswow64\dplaysvr.exe] => (Allow) C:\windows\syswow64\dplaysvr.exe
FirewallRules: [TCP Query User{5CF18D48-96B1-48EB-B1A5-2EA725EA6E0A}C:\programdata\battle.net\agent\agent.3715\agent.exe] => (Allow) C:\programdata\battle.net\agent\agent.3715\agent.exe
FirewallRules: [UDP Query User{8E12136B-DC50-4AA2-8B90-AB95AB7F545B}C:\programdata\battle.net\agent\agent.3715\agent.exe] => (Allow)
-
March 24th, 2017, 03:28 PM
#3
C:\programdata\battle.net\agent\agent.3715\agent.exe
FirewallRules: [TCP Query User{5E48CF9B-3A6C-48A4-92EB-0C046617D9EB}C:\steam\steamapps\common\call of duty modern warfare 2\iw4mp.exe] => (Allow) C:\steam\steamapps\common\call of duty modern warfare 2\iw4mp.exe
FirewallRules: [UDP Query User{F47D2C14-5D86-4544-B219-7BB623201125}C:\steam\steamapps\common\call of duty modern warfare 2\iw4mp.exe] => (Allow) C:\steam\steamapps\common\call of duty modern warfare 2\iw4mp.exe
FirewallRules: [TCP Query User{D8C08E9A-6FCE-443E-BEA1-176DFF4A8922}C:\steam\steamapps\common\terraria\terrariaserver.exe] => (Allow) C:\steam\steamapps\common\terraria\terrariaserver.exe
FirewallRules: [UDP Query User{607A5763-C6F7-467F-806E-5B124435373F}C:\steam\steamapps\common\terraria\terrariaserver.exe] => (Allow) C:\steam\steamapps\common\terraria\terrariaserver.exe
FirewallRules: [{4CBA86BD-46D4-4137-AFDA-6C14BADCAB7B}] => (Allow) C:\Steam\SteamApps\common\Magicka\Magicka.exe
FirewallRules: [{20553E12-A9A2-405D-BF6A-FC75A27D4BA0}] => (Allow) C:\Steam\SteamApps\common\Magicka\Magicka.exe
FirewallRules: [{3FE5DB57-0CEF-4D11-89B2-9DED2F66604E}] => (Allow) C:\Steam\SteamApps\common\Sid Meier's Civilization V\Launcher.exe
FirewallRules: [{064EA017-88CA-4CAC-B5FC-D13B43D029D0}] => (Allow) C:\Steam\SteamApps\common\Sid Meier's Civilization V\Launcher.exe
FirewallRules: [{DCC914F5-0E9E-402E-B1BB-0C28F526D94B}] => (Allow) C:\Steam\SteamApps\common\Bastion\Bastion.exe
FirewallRules: [{CC87A59B-86FA-4A28-A52E-FA12B2FC4FCD}] => (Allow) C:\Steam\SteamApps\common\Bastion\Bastion.exe
FirewallRules: [{337D0EF2-F120-42CE-8CC5-62B392FB42DD}] => (Allow) C:\Steam\SteamApps\common\Quake Live\quakelive_steam.exe
FirewallRules: [{A9A3592E-223C-4A6D-B5B0-1FAEB81437BA}] => (Allow) C:\Steam\SteamApps\common\Quake Live\quakelive_steam.exe
FirewallRules: [{6D760926-C82D-420E-A861-F18D0AC677E1}] => (Allow) C:\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{3651B532-0C04-4917-9036-3C7C892052B5}] => (Allow) C:\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{A440F110-CF58-4FA0-919E-7DA6030B2B48}] => (Allow) C:\Program Files\SoftEther VPN Client\vpnclient.exe
FirewallRules: [{B3FBAD54-C776-48E5-96FC-8C59D7F51AB2}] => (Allow) C:\Program Files\SoftEther VPN Client\vpnclient_x64.exe
FirewallRules: [{39E13DC8-BD4C-4095-93EA-8C7027A83620}] => (Allow) C:\Program Files\SoftEther VPN Client\vpncmgr.exe
FirewallRules: [{7A5C0495-050F-4100-BFF8-B90CC3A6F240}] => (Allow) C:\Program Files\SoftEther VPN Client\vpncmgr_x64.exe
FirewallRules: [{E9E309E2-E2E6-49BF-86B0-43F36EF54DD7}] => (Allow) C:\Program Files\SoftEther VPN Client\vpncmd.exe
FirewallRules: [{F56DB718-D6DA-4D4C-A51C-B71D4C4F066C}] => (Allow) C:\Program Files\SoftEther VPN Client\vpncmd_x64.exe
FirewallRules: [TCP Query User{4EB4B49F-7C22-4EED-9A65-07A8435BE692}C:\program files\rockstar games\grand theft auto v\gta5.exe] => (Allow) C:\program files\rockstar games\grand theft auto v\gta5.exe
FirewallRules: [UDP Query User{259A3B69-E6F3-4A3F-8379-06FF4D50FC0D}C:\program files\rockstar games\grand theft auto v\gta5.exe] => (Allow) C:\program files\rockstar games\grand theft auto v\gta5.exe
FirewallRules: [{E02CC463-48D1-420D-BCD0-948A83B0FB9A}] => (Allow) C:\Steam\SteamApps\common\Fallout New Vegas\FalloutNVLauncher.exe
FirewallRules: [{75B148F3-EDB5-46FC-BFD4-03ACECCAD858}] => (Allow) C:\Steam\SteamApps\common\Fallout New Vegas\FalloutNVLauncher.exe
FirewallRules: [{EBC98A17-83DE-4EA9-AE90-AFA020F78C98}] => (Allow) C:\Steam\SteamApps\common\Just Cause 2 - Multiplayer Mod\JcmpLauncher.exe
FirewallRules: [{26EB3412-85B3-4BD4-8543-E281738C45DC}] => (Allow) C:\Steam\SteamApps\common\Just Cause 2 - Multiplayer Mod\JcmpLauncher.exe
FirewallRules: [{4028C7BE-6823-4B7A-BF03-C0B5FDB2FC70}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{63F54E8A-464E-4C05-834F-53378A25565A}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{7ECD9E37-E671-49C2-89CC-0CE1FCEA1D0B}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [{B9E11AA8-989B-457E-8412-FED0C09FAA7B}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [{52C178C9-9383-4E4D-AB6F-0EFACA21B481}] => (Allow) C:\Steam\SteamApps\common\H1Z1\LaunchPad.exe
FirewallRules: [{EB8D9685-B910-4A3F-A3BA-22F09ED80BB1}] => (Allow) C:\Steam\SteamApps\common\H1Z1\LaunchPad.exe
FirewallRules: [{1F653092-0193-4E9D-A4A9-D9BAB23A62B3}] => (Allow) C:\Steam\SteamApps\common\Guns of Icarus Online\GunsOfIcarusOnline.exe
FirewallRules: [{00E7DAF6-55C8-4464-AC17-9EAE73F5E4E3}] => (Allow) C:\Steam\SteamApps\common\Guns of Icarus Online\GunsOfIcarusOnline.exe
FirewallRules: [{F99637CA-952B-47AD-AD14-AF6DC74905AB}] => (Allow) C:\Steam\SteamApps\common\Half-Life 2\hl2.exe
FirewallRules: [{A364DEA6-23BA-401C-B80C-CAD40B226383}] => (Allow) C:\Steam\SteamApps\common\Half-Life 2\hl2.exe
FirewallRules: [{B5641A06-9510-4386-8D3B-9B965EFB5459}] => (Allow) C:\Steam\SteamApps\common\The Witcher Enhanced Edition\System\witcher.exe
FirewallRules: [{04E1DCA9-D488-4A35-9AF9-DB6F2FC757EB}] => (Allow) C:\Steam\SteamApps\common\The Witcher Enhanced Edition\System\witcher.exe
FirewallRules: [{44422A73-CAA9-4137-A451-384E7B7C1A22}] => (Allow) C:\Steam\SteamApps\common\The Witcher Enhanced Edition\System\djinni!.exe
FirewallRules: [{40C4CD7D-3523-4B43-AF57-B73701C12215}] => (Allow) C:\Steam\SteamApps\common\The Witcher Enhanced Edition\System\djinni!.exe
FirewallRules: [{12A921F1-2A9D-40CA-9456-FA194BFCB4F7}] => (Allow) C:\Steam\SteamApps\common\The Witcher Enhanced Edition\Digital Comic\DigitalComic.exe
FirewallRules: [{AA0A859B-07F0-4BA3-9E7A-A59240502D6B}] => (Allow) C:\Steam\SteamApps\common\The Witcher Enhanced Edition\Digital Comic\DigitalComic.exe
FirewallRules: [{D39FD8B2-9260-4187-8BCD-180D1A121F24}] => (Allow) C:\Steam\SteamApps\common\Beat Hazard\BeatHazard.exe
FirewallRules: [{9468B3F8-6539-4430-9E8F-7A56FC000EEA}] => (Allow) C:\Steam\SteamApps\common\Beat Hazard\BeatHazard.exe
FirewallRules: [{5660E3DB-1CD1-4F30-BBC7-4D5BC135E208}] => (Allow) C:\Steam\SteamApps\common\Beat Hazard\runme.exe
FirewallRules: [{793BB8AF-E93F-414D-B6DA-268BA0DA5ADD}] => (Allow) C:\Steam\SteamApps\common\Beat Hazard\runme.exe
FirewallRules: [TCP Query User{1005A1D9-6A03-4EFA-A654-F3AAAC65B81A}C:\steam\steamapps\common\counter-strike source\hl2.exe] => (Allow) C:\steam\steamapps\common\counter-strike source\hl2.exe
FirewallRules: [UDP Query User{DA3D4B21-A3AC-491B-BBB2-09911F8ED5AF}C:\steam\steamapps\common\counter-strike source\hl2.exe] => (Allow) C:\steam\steamapps\common\counter-strike source\hl2.exe
FirewallRules: [{977241C8-6B2A-43ED-99CD-251F5387F0A4}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{BB40CF8B-46CF-424C-9BEB-C3E69EA66CF7}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{7E06EBD3-8902-429D-96E9-4F4704626099}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{B28CDDCB-DB4E-4120-AC00-F74C750EAEA0}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [TCP Query User{40477175-FB13-4A91-8F71-4C0863E7261A}C:\program files (x86)\jack\jackd.exe] => (Allow) C:\program files (x86)\jack\jackd.exe
FirewallRules: [UDP Query User{00D46205-F72E-4088-93AE-69F501AC46C9}C:\program files (x86)\jack\jackd.exe] => (Allow) C:\program files (x86)\jack\jackd.exe
FirewallRules: [{F8105125-8BA8-4A51-8E57-93B087A3DFE0}] => (Allow) C:\Steam\SteamApps\common\Gotham City Impostors F2P\Engine.exe
FirewallRules: [{F96FEC7E-5A55-43BA-817D-7678852B4247}] => (Allow) C:\Steam\SteamApps\common\Gotham City Impostors F2P\Engine.exe
FirewallRules: [TCP Query User{F6369E5B-2513-4ECD-969E-FE348930B4EA}C:\steam\steamapps\common\h1z1\h1z1.exe] => (Allow) C:\steam\steamapps\common\h1z1\h1z1.exe
FirewallRules: [UDP Query User{B9CD162F-7332-44EF-829F-152DC5664223}C:\steam\steamapps\common\h1z1\h1z1.exe] => (Allow) C:\steam\steamapps\common\h1z1\h1z1.exe
FirewallRules: [{9DCBFD6F-2999-4FBC-BA55-AF1BF04B1488}] => (Allow) C:\Steam\SteamApps\common\Super Meat Boy\SuperMeatBoy.exe
FirewallRules: [{ED753236-A68E-4324-BBA7-64AC97142180}] => (Allow) C:\Steam\SteamApps\common\Super Meat Boy\SuperMeatBoy.exe
FirewallRules: [{53ACA7E4-2CF2-4D1B-A6B1-3944E1442245}] => (Allow) C:\Steam\SteamApps\common\Shadow Warrior Classic\bin\sw.exe
FirewallRules: [{C1391A5A-991E-44F6-8A08-1D6D8B94D319}] => (Allow) C:\Steam\SteamApps\common\Shadow Warrior Classic\bin\sw.exe
FirewallRules: [{21609DDB-E13E-424C-BA99-562DC521697F}] => (Allow) C:\Steam\SteamApps\common\Shadow Warrior Classic\bin\dosbox\DOSBox.exe
FirewallRules: [{163A9E33-7DA5-4B92-B5D7-146A89D1017D}] => (Allow) C:\Steam\SteamApps\common\Shadow Warrior Classic\bin\dosbox\DOSBox.exe
FirewallRules: [{89F8D722-ED46-49BC-88E7-79EC3D18ED84}] => (Allow) C:\Steam\SteamApps\common\Shadow Warrior Classic\bin\build.exe
FirewallRules: [{54B6E249-05C8-4DF3-A11E-533A4B0630B2}] => (Allow) C:\Steam\SteamApps\common\Shadow Warrior Classic\bin\build.exe
FirewallRules: [{91BD5A96-25B6-469B-8214-045D3D45E0AB}] => (Allow) C:\Steam\SteamApps\common\Serious Sam 2\Bin\Sam2.exe
FirewallRules: [{D76CF486-0176-486E-8E63-D89919DD2C4F}] => (Allow) C:\Steam\SteamApps\common\Serious Sam 2\Bin\Sam2.exe
FirewallRules: [TCP Query User{E79AEF5B-CDF5-4D93-B863-28426B8864DF}C:\steam\steamapps\common\serious sam 2\bin\dedicatedserver.exe] => (Allow) C:\steam\steamapps\common\serious sam 2\bin\dedicatedserver.exe
FirewallRules: [UDP Query User{2EE07E21-D533-4262-9A98-ED26CC072427}C:\steam\steamapps\common\serious sam 2\bin\dedicatedserver.exe] => (Allow) C:\steam\steamapps\common\serious sam 2\bin\dedicatedserver.exe
FirewallRules: [{F8969FFB-6159-4A43-B0BB-05734FD1BBB5}] => (Allow) C:\Steam\SteamApps\common\Commandos 2 Men of Courage\comm2.exe
FirewallRules: [{D63320BC-3121-4027-BA43-55BCF9AEDDEF}] => (Allow) C:\Steam\SteamApps\common\Commandos 2 Men of Courage\comm2.exe
FirewallRules: [{A5648C60-C137-4E82-B8A6-4C7C44402AE3}] => (Allow) C:\Steam\SteamApps\common\Grand Theft Auto Vice City\gta-vc.exe
FirewallRules: [{B4F72047-6506-4246-91ED-932D9E6AB248}] => (Allow) C:\Steam\SteamApps\common\Grand Theft Auto Vice City\gta-vc.exe
FirewallRules: [{25FE4756-9D28-47DE-91A2-47AED6C8D3F4}] => (Allow) C:\Steam\SteamApps\common\Europa Universalis IV\eu4.exe
FirewallRules: [{5C7295D5-8895-477A-A561-0CD5A5E28DF2}] => (Allow) C:\Steam\SteamApps\common\Europa Universalis IV\eu4.exe
FirewallRules: [{BD2BB551-17DB-4F57-AD9A-A407C6C9ED68}] => (Allow) C:\Steam\SteamApps\common\dota 2 beta\game\bin\win32\dota2.exe
FirewallRules: [{FEE3A5B0-87D2-4CEC-8A2B-F4F4608181AC}] => (Allow) C:\Steam\SteamApps\common\dota 2 beta\game\bin\win32\dota2.exe
FirewallRules: [{2DF41A9A-25EB-4EF2-BE02-621B5742448F}] => (Allow) C:\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2cfg.exe
FirewallRules: [{19D82A3F-6D85-4DE5-A0D9-494896E22E55}] => (Allow) C:\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2cfg.exe
FirewallRules: [TCP Query User{4FC09390-68F5-44A3-AE5C-DC9CBECB5CBF}C:\program files\hexchat\hexchat.exe] => (Allow) C:\program files\hexchat\hexchat.exe
FirewallRules: [UDP Query User{BCFC344D-0FAA-4581-9D72-FDF142AA8F06}C:\program files\hexchat\hexchat.exe] => (Allow) C:\program files\hexchat\hexchat.exe
FirewallRules: [{E82AAA06-A582-4049-BE22-2F7B4CE6EDAC}] => (Allow) C:\Steam\SteamApps\common\Guns of Icarus Online\workshop\Workshop.exe
FirewallRules: [{2C449822-5CFE-467F-92C0-E18790451F8E}] => (Allow) C:\Steam\SteamApps\common\Guns of Icarus Online\workshop\Workshop.exe
FirewallRules: [TCP Query User{30D5AB24-1CEA-4142-9A25-6CF3F14E8E07}C:\program files (x86)\galactic cafe\the stanley parable\thestanleyparable.exe] => (Allow) C:\program files (x86)\galactic cafe\the stanley parable\thestanleyparable.exe
FirewallRules: [UDP Query User{CD2B38B6-00E4-4CE3-A83F-A7769712EC2F}C:\program files (x86)\galactic cafe\the stanley parable\thestanleyparable.exe] => (Allow) C:\program files (x86)\galactic cafe\the stanley parable\thestanleyparable.exe
FirewallRules: [{F1DE7916-2403-43E6-981A-16398A49CF26}] => (Allow) C:\Steam\SteamApps\common\The Crew\TheCrew.exe
FirewallRules: [{8A3392D1-C171-4102-86EB-FCDFFCD4566E}] => (Allow) C:\Steam\SteamApps\common\The Crew\TheCrew.exe
FirewallRules: [TCP Query User{9BD545FF-621A-4652-B07B-B8F63FDAA3BF}C:\steam\steamapps\common\burnout(tm) paradise the ultimate box\burnoutparadise.exe] => (Allow) C:\steam\steamapps\common\burnout(tm) paradise the ultimate box\burnoutparadise.exe
FirewallRules: [UDP Query User{D97670D7-40C8-4411-8BA2-5614DF28E8DD}C:\steam\steamapps\common\burnout(tm) paradise the ultimate box\burnoutparadise.exe] => (Allow) C:\steam\steamapps\common\burnout(tm) paradise the ultimate box\burnoutparadise.exe
FirewallRules: [{9A3D033A-FCD6-4FBD-921D-AFC138AB1FB2}] => (Allow) D:\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{92A8D395-8F33-464A-BC17-7115E1DE793F}] => (Allow) D:\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{14D86838-3752-48AF-989D-5E5A42CF3788}] => (Allow) D:\Steam\steamapps\common\Grand Theft Auto 3\gta3.exe
FirewallRules: [{12379673-21C0-465D-A44D-78D53B36A81A}] => (Allow) D:\Steam\steamapps\common\Grand Theft Auto 3\gta3.exe
FirewallRules: [{D0F6C4AE-F57E-4EC9-8BDF-87D8D4950EAF}] => (Allow) C:\Steam\SteamApps\common\AirMech\AirMech.exe
FirewallRules: [{A4A6D63A-E11D-445A-B0D8-B7D3A6115A2A}] => (Allow) C:\Steam\SteamApps\common\AirMech\AirMech.exe
FirewallRules: [TCP Query User{D403AD49-AEA0-4C63-9BF5-16F1BDDC701C}C:\program files (x86)\r.g. mechanics\outlast\binaries\win64\olgame.exe] => (Allow) C:\program files (x86)\r.g. mechanics\outlast\binaries\win64\olgame.exe
FirewallRules: [UDP Query User{12D09060-16DB-44BB-A094-7725AF3CC4EE}C:\program files (x86)\r.g. mechanics\outlast\binaries\win64\olgame.exe] => (Allow) C:\program files (x86)\r.g. mechanics\outlast\binaries\win64\olgame.exe
FirewallRules: [{C69DF29F-F81E-4265-8ACC-92A85E08EDFD}] => (Allow) D:\Steam\steamapps\common\Dirty Bomb\Binaries\Win32\ShooterGame-Win32-Shipping.exe
FirewallRules: [{EFAE076E-AEF6-47E7-95EA-A835E2BBB425}] => (Allow) D:\Steam\steamapps\common\Dirty Bomb\Binaries\Win32\ShooterGame-Win32-Shipping.exe
FirewallRules: [{FC4E9CEB-A979-454F-A1FF-C8A98F699476}] => (Allow) C:\Steam\SteamApps\common\Medal of Honor\MP\mohmpgame.exe
FirewallRules: [{C5385961-ED96-40FD-A3C1-D6F29ECE5904}] => (Allow) C:\Steam\SteamApps\common\Medal of Honor\MP\mohmpgame.exe
FirewallRules: [{ABEEC177-9161-4546-83B5-D09D820A3999}] => (Allow) D:\Steam\steamapps\common\SMITE\Binaries\Win32\HirezBridge.exe
FirewallRules: [{1E441118-B489-47A1-83A2-E3DFF93C5798}] => (Allow) D:\Steam\steamapps\common\SMITE\Binaries\Win32\HirezBridge.exe
FirewallRules: [{7DB421E5-9D8B-4BDE-AF0A-CEFA08DCB8BE}] => (Allow) C:\Program Files (x86)\Origin Games\Peggle Deluxe\Peggle.exe
FirewallRules: [{3B3E78BA-5353-4B0B-9FA0-55AFFDBDAFDC}] => (Allow) C:\Program Files (x86)\Origin Games\Peggle Deluxe\Peggle.exe
FirewallRules: [{4796D9DA-8E27-4597-9653-3A14889D8F57}] => (Allow) C:\Program Files (x86)\Origin Games\The Sims 2 Ultimate Collection\Fun with Pets\SP9\TSBin\Sims2EP9.exe
FirewallRules: [{418656AB-1D20-44EC-BEDB-E29EA925C85F}] => (Allow) C:\Program Files (x86)\Origin Games\The Sims 2 Ultimate Collection\Fun with Pets\SP9\TSBin\Sims2EP9.exe
FirewallRules: [{AAE20059-60B3-4B80-8D00-3295B2C2B0E1}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{4A466575-55FC-4D2C-B2AA-4D3660566503}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{B87F36AA-842A-40EF-B6E8-27548798E9C5}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{A8555116-534A-428D-B04C-636A71E24141}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{0EDBC1A7-923D-4FD2-BF33-FE783C7B8904}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 3\bf3.exe
FirewallRules: [{A9BD6E62-3F3F-49C9-91DA-48AE22A97E21}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 3\bf3.exe
FirewallRules: [TCP Query User{BC0D9FB8-87BE-476D-9F44-9ADA26398327}C:\users\asce\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\asce\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{7C06F8F0-F62B-4781-AB2E-F3AED079BA0A}C:\users\asce\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\asce\appdata\roaming\spotify\spotify.exe
FirewallRules: [{79DAE8A2-005F-4664-81F3-638F983ABA34}] => (Allow) D:\Steam\steamapps\common\Besiege\Besiege.exe
FirewallRules: [{4632AB5C-9892-4C41-B459-95F9D2C9F23E}] => (Allow) D:\Steam\steamapps\common\Besiege\Besiege.exe
FirewallRules: [{BF4E11DC-8684-456B-9BF5-9BDFAAC81F4F}] => (Allow) D:\Steam\steamapps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [{3AD1EF6F-E286-4E94-B6FC-242CB9CB2680}] => (Allow) D:\Steam\steamapps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [{C152F5B1-83A3-4782-B426-6A4F10E8F7A0}] => (Allow) D:\Steam\steamapps\common\Portal 2\portal2.exe
FirewallRules: [{9980EB2B-52CC-4000-A12F-16DF86E1215E}] => (Allow) D:\Steam\steamapps\common\Portal 2\portal2.exe
FirewallRules: [{8A31570E-B9A6-4F32-AA89-0D4B82BE23BC}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 1942\BF1942.exe
FirewallRules: [{F4B49610-13E0-4433-B5D3-A2E9BA3D8848}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 1942\BF1942.exe
FirewallRules: [TCP Query User{F3C73510-4E31-4969-807C-0A9CAA20E395}C:\program files (x86)\java\jre1.8.0_40\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_40\bin\javaw.exe
FirewallRules: [UDP Query User{BA230D1B-712D-47BA-B8E7-570C1CB997F7}C:\program files (x86)\java\jre1.8.0_40\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_40\bin\javaw.exe
FirewallRules: [TCP Query User{0B12062F-ED8A-426D-8C34-9C1B55949527}C:\program files (x86)\origin games\command and conquer red alert ii\gamemd-spawn.exe] => (Allow) C:\program files (x86)\origin games\command and conquer red alert ii\gamemd-spawn.exe
FirewallRules: [UDP Query User{05AE1AC8-DD09-4CF9-837B-2EE0231AF0F8}C:\program files (x86)\origin games\command and conquer red alert ii\gamemd-spawn.exe] => (Allow) C:\program files (x86)\origin games\command and conquer red alert ii\gamemd-spawn.exe
FirewallRules: [{B020C7DA-D5D0-4233-AEDD-7169A8E4BB52}] => (Allow) C:\Program Files (x86)\Vuze\Azureus.exe
FirewallRules: [{FE62A208-9F35-4442-976D-2FEEDA4445D7}] => (Allow) C:\Program Files (x86)\Vuze\Azureus.exe
FirewallRules: [TCP Query User{4E45818F-FED2-49A6-9CBD-51D5CC162753}C:\program files (x86)\hlsw\hlsw.exe] => (Allow) C:\program files (x86)\hlsw\hlsw.exe
FirewallRules: [UDP Query User{B454EA65-1E22-486F-8A36-8CEC156E7D24}C:\program files (x86)\hlsw\hlsw.exe] => (Allow) C:\program files (x86)\hlsw\hlsw.exe
FirewallRules: [{B454E9C7-03B1-4B93-8E94-0359454D7D22}] => (Allow) D:\Steam\steamapps\common\Chess\Chess.exe
FirewallRules: [{C88A73B2-8CAF-4C03-8882-3C61E8D1BA29}] => (Allow) D:\Steam\steamapps\common\Chess\Chess.exe
FirewallRules: [{B83943CE-D73A-4598-8DD4-4F5D5AE7248C}] => (Allow) D:\Steam\steamapps\common\Emily is Away\emily is away.exe
FirewallRules: [{7B75273B-A9B8-4F2A-805E-47DD6C574767}] => (Allow) D:\Steam\steamapps\common\Emily is Away\emily is away.exe
FirewallRules: [{A2F396A7-B2CF-42CA-AFD9-95D562155303}] => (Allow) C:\Program Files (x86)\AVG\Av\avgmfapx.exe
FirewallRules: [{BD86AFE3-7A08-4CBD-8E3C-70F275EC7633}] => (Allow) C:\Program Files (x86)\AVG\Av\avgmfapx.exe
FirewallRules: [{FB1DB392-1FBB-470E-A284-A14C21B77E2F}] => (Allow) C:\Program Files (x86)\Origin Games\Dead Space 3\deadspace3.exe
FirewallRules: [{6E4E64A9-BD73-48AB-B9CA-D5069F57BD02}] => (Allow) C:\Program Files (x86)\Origin Games\Dead Space 3\deadspace3.exe
FirewallRules: [{0E2E05FB-A6AC-46EF-B8C9-FC8954FD2E73}] => (Allow) C:\Program Files (x86)\AVG\Av\avgnsa.exe
FirewallRules: [{980162A5-6975-462C-8AAD-CC2293BEE9F6}] => (Allow) C:\Program Files (x86)\AVG\Av\avgnsa.exe
FirewallRules: [{16CDBB4C-66AF-46A4-9755-2DEADC4C6069}] => (Allow) C:\Program Files (x86)\AVG\Av\avgdiagex.exe
FirewallRules: [{AE7C9832-305E-46B4-9F12-F4EF8EA468B2}] => (Allow) C:\Program Files (x86)\AVG\Av\avgdiagex.exe
FirewallRules: [{904FFE87-6E67-4438-915C-4FB2E6F1B4FC}] => (Allow) C:\Program Files (x86)\AVG\Av\avgemca.exe
FirewallRules: [{A9591A25-332D-41B8-B65C-6ADAE423BED6}] => (Allow) C:\Program Files (x86)\AVG\Av\avgemca.exe
FirewallRules: [TCP Query User{C0584E31-3065-4474-AA88-C3D2CED601E7}C:\gog games\terraria\terrariaserver.exe] => (Allow) C:\gog games\terraria\terrariaserver.exe
FirewallRules: [UDP Query User{12453E44-3186-4CE2-A32F-0D8D5B419BA8}C:\gog games\terraria\terrariaserver.exe] => (Allow) C:\gog games\terraria\terrariaserver.exe
FirewallRules: [{080F8DDD-54E9-43D3-836E-6EBFB404542C}] => (Allow) D:\Steam\steamapps\common\Hurtworld\Hurtworld.exe
FirewallRules: [{331F7D72-D517-49C1-B759-60B72E382F3D}] => (Allow) D:\Steam\steamapps\common\Hurtworld\Hurtworld.exe
FirewallRules: [{10BF1FEB-6697-49DB-8595-E4D1E2E8B83D}] => (Allow) D:\Steam\steamapps\common\Brawlhalla\Brawlhalla.exe
FirewallRules: [{A62301DE-D76B-4513-B3E3-A17BAEDF9566}] => (Allow) D:\Steam\steamapps\common\Brawlhalla\Brawlhalla.exe
FirewallRules: [{03614493-9155-4642-8BCD-76B5E4E58C06}] => (Allow) D:\Steam\steamapps\common\insurgency2\insurgency.exe
FirewallRules: [{A82C9D23-53BF-4AA1-95D0-69CFEDF188AC}] => (Allow) D:\Steam\steamapps\common\insurgency2\insurgency.exe
FirewallRules: [{9392E0AC-BA83-4155-999C-15EB4741B59C}] => (Allow) C:\Steam\SteamApps\common\dont_starve\bin\dontstarve_steam.exe
FirewallRules: [{037A7B93-0AC1-4E8E-95CB-E1EAFD0947A2}] => (Allow) C:\Steam\SteamApps\common\dont_starve\bin\dontstarve_steam.exe
FirewallRules: [{A17C01CD-8D5D-4417-A7EE-445BB4F45D49}] => (Allow) D:\Steam\steamapps\common\Jedi Academy\GameData\jasp.exe
FirewallRules: [{83CA53FF-A8E9-4C1C-9061-4E09E4B68BA7}] => (Allow) D:\Steam\steamapps\common\Jedi Academy\GameData\jasp.exe
FirewallRules: [{AD60D0CB-D079-40B7-AB63-A9DFA29B12B9}] => (Allow) D:\Steam\steamapps\common\Jedi Academy\GameData\jamp.exe
FirewallRules: [{81CB5D6C-2744-431F-8A83-34309192E094}] => (Allow) D:\Steam\steamapps\common\Jedi Academy\GameData\jamp.exe
FirewallRules: [{95C4C220-2428-4436-87C7-331BE8F96D80}] => (Allow) D:\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [{46D42169-680A-4110-80D5-C8F381764AF5}] => (Allow) D:\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [{F3C6CB40-EBA7-46F7-A5A4-5077C91240FE}] => (Allow) D:\Steam\steamapps\common\Hurtworld\HurtworldClient.exe
FirewallRules: [{B987E40A-2C59-4489-B0C1-0B408DEB8521}] => (Allow) D:\Steam\steamapps\common\Hurtworld\HurtworldClient.exe
FirewallRules: [{33E3B8C7-D825-40D4-B88E-26C9C9E26D8C}] => (Allow) D:\Steam\steamapps\common\Risk of Rain\Risk of Rain.exe
FirewallRules: [{1E4EE38F-AC94-4307-901E-DA37617F72DE}] => (Allow) D:\Steam\steamapps\common\Risk of Rain\Risk of Rain.exe
FirewallRules: [{B5D7C706-2A1B-429F-90A7-E0220107A5CD}] => (Allow) D:\Steam\steamapps\common\Rust\Rust.exe
FirewallRules: [{4C03A861-6A96-4C12-B277-300070550356}] => (Allow) D:\Steam\steamapps\common\Rust\Rust.exe
FirewallRules: [{324A5F0A-2635-4A82-BD38-F34624679746}] => (Allow) D:\Steam\steamapps\common\SpeedRunners\SpeedRunners.exe
FirewallRules: [{E862CBC5-EFB8-4398-A891-354D4DA629EC}] => (Allow) D:\Steam\steamapps\common\SpeedRunners\SpeedRunners.exe
FirewallRules: [{1F801F28-19EA-46A0-B39F-28F144AF3F61}] => (Allow) D:\Steam\steamapps\common\The Mean Greens - Plastic Warfare\TheMeanGreens\Binaries\Win64\TheMeanGreens-Win64-Shipping.exe
FirewallRules: [{528F2B1E-E34E-4E4C-B767-0C993677A83B}] => (Allow) D:\Steam\steamapps\common\The Mean Greens - Plastic Warfare\TheMeanGreens\Binaries\Win64\TheMeanGreens-Win64-Shipping.exe
FirewallRules: [{92B7EAB7-A8C0-4A30-9E7D-F90A1CFB1F59}] => (Allow) D:\Steam\steamapps\common\Transistor\x64\Transistor.exe
FirewallRules: [{B694DBF6-C326-4C3B-9863-1C59EAD89BA4}] => (Allow) D:\Steam\steamapps\common\Transistor\x64\Transistor.exe
FirewallRules: [{EBE38983-40BD-4F75-BD97-CC6E2B112299}] => (Allow) D:\Steam\steamapps\common\lethalleague\LethalLeague.exe
FirewallRules: [{1EC91F64-C926-4A17-BE09-D4AAA1CE2DE8}] => (Allow) D:\Steam\steamapps\common\lethalleague\LethalLeague.exe
FirewallRules: [{736DEABA-05F3-4543-8315-47A10349735F}] => (Allow) D:\Steam\steamapps\common\King's Quest\Binaries\Win\KingsQuest.exe
FirewallRules: [{E70C31A8-AD26-47B4-A688-C9F944865EF5}] => (Allow) D:\Steam\steamapps\common\King's Quest\Binaries\Win\KingsQuest.exe
FirewallRules: [{31B84675-81BF-4394-947F-815AD32A6288}] => (Allow) D:\Steam\steamapps\common\DrinkBox_Game4\Game.exe
FirewallRules: [{D9BC3167-5066-43F0-9FD7-7CDD7910DA8E}] => (Allow) D:\Steam\steamapps\common\DrinkBox_Game4\Game.exe
FirewallRules: [{D4ECB153-C424-4CD0-A70D-401F67D30A5D}] => (Allow) D:\Steam\steamapps\common\Guacamelee\Guac.exe
FirewallRules: [{C00B9462-0FC5-4A42-95C1-1E15D4C62618}] => (Allow) D:\Steam\steamapps\common\Guacamelee\Guac.exe
FirewallRules: [{29DD87A8-F8FC-4BC4-B8D3-E7B2DD2F3D01}] => (Allow) D:\Steam\steamapps\common\Grim Fandango Remastered\GrimFandango.exe
FirewallRules: [{C54E50EF-498D-4683-AC04-FAAE44EBD024}] => (Allow) D:\Steam\steamapps\common\Grim Fandango Remastered\GrimFandango.exe
FirewallRules: [{5E70CF38-D185-4002-B7BE-4B443D898E0B}] => (Allow) D:\Steam\steamapps\common\Geometry Dash\GeometryDash.exe
FirewallRules: [{03B1D084-A9F2-4B6F-A0EF-EF3FB6635E23}] => (Allow) D:\Steam\steamapps\common\Geometry Dash\GeometryDash.exe
FirewallRules: [{2B991ECD-52B7-42EE-96D9-84554DE21821}] => (Allow) D:\Steam\steamapps\common\GoatSimulator\Binaries\Win32\GoatGame-Win32-Shipping.exe
FirewallRules: [{3F46213D-A04D-443E-8290-D3120206002D}] => (Allow) D:\Steam\steamapps\common\GoatSimulator\Binaries\Win32\GoatGame-Win32-Shipping.exe
FirewallRules: [{48708460-942D-40F8-BB4B-8ECBB4A35B88}] => (Allow) D:\Steam\steamapps\common\Saints Row IV\SaintsRowIV.exe
FirewallRules: [{A591C18D-231C-4A0B-B179-192968E526C3}] => (Allow) D:\Steam\steamapps\common\Saints Row IV\SaintsRowIV.exe
FirewallRules: [{8CD86956-F917-418A-A12D-6F18519E71E9}] => (Allow) C:\Steam\SteamApps\common\Worms Reloaded\WormsReloaded.exe
FirewallRules: [{28DBF86F-8E00-4FFA-94DA-CD3B0A53A87E}] => (Allow) C:\Steam\SteamApps\common\Worms Reloaded\WormsReloaded.exe
FirewallRules: [{430AD443-9620-473B-AB15-DCF9A7FC71EE}] => (Allow) D:\Steam\steamapps\common\reflexfps\reflex.exe
FirewallRules: [{F979A09A-9AC2-48BC-B7E4-CAADB4F65927}] => (Allow) D:\Steam\steamapps\common\reflexfps\reflex.exe
FirewallRules: [{C2F0BBC3-A299-46B1-86B2-451BDDD55AE0}] => (Allow) C:\Steam\SteamApps\common\Don't Starve Together\bin\dontstarve_steam.exe
FirewallRules: [{FDEDC4C5-44BB-4930-B0E4-D33F88B22B5E}] => (Allow) C:\Steam\SteamApps\common\Don't Starve Together\bin\dontstarve_steam.exe
FirewallRules: [{E82311DF-100B-4D06-B9F9-88964D641101}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{ED9FA859-D372-4FAD-B2F7-6AD001F63E47}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{77D5DD51-D142-4054-9894-DBD4EC410A3E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{12A6A3CA-AB57-46C7-A81A-F608F506D56A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{09D96CB5-E737-49C2-A555-9537B8E7BFF7}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{B7251954-FBB2-4B13-9B8D-CCBB3D232548}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{75719BF4-A39A-4CFA-A06B-F6CD00557C9C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{0A7FC381-B8ED-46DD-A6E5-D01F427F135E}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{0B89F618-F543-47B1-A5ED-218FC68B5732}] => (Allow) C:\Program Files (x86)\Opera\42.0.2393.137\opera.exe
FirewallRules: [{563A0BB8-703F-4E57-8260-B5B696CB0014}] => (Allow) C:\Program Files (x86)\Opera\44.0.2510.857\opera.exe
==================== Restore Points =========================
06-01-2016 12:05:31 Automatic creation
07-01-2016 22:50:49 Automatic creation
24-03-2017 12:14:43 Automatic creation
==================== Faulty Device Manager Devices =============
Name: Marvell 91xx Config ATA Device
Description: Marvell 91xx Config ATA Device
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Event log errors: =========================
Application errors:
==================
Error: (03/24/2017 12:58:55 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: mbamservice.exe, version: 3.1.0.415, time stamp: 0x5881b7a1
Faulting module name: mbae-api-na.dll_unloaded, version: 0.0.0.0, time stamp: 0x589c7ca9
Exception code: 0xc0000005
Fault offset: 0x000007fed28634b3
Faulting process id: 0x730
Faulting application start time: 0x01d2a486bc64de24
Faulting application path: C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
Faulting module path: mbae-api-na.dll
Report Id: df1e402e-1080-11e7-b841-00aca320a6d8
Error: (03/24/2017 11:57:45 AM) (Source: System Restore) (EventID: 8193) (User: )
Description: Failed to create restore point (Process = C:\ProgramData\Package Cache\{74d0e5db-b326-4dae-a6b2-445b9de1836e}\VC_redist.x86.exe Cache\{74d0e5db-b326-4dae-a6b2-445b9de1836e}\VC_redist.x86.exe" -uninstall -quiet -burn.related.upgrade -burn.ancestors={e2803110-78b3-4664-a479-3611a381656a} -burn.embedded BurnPipe.{D34D8BF8-4B4B-4FF2-AF40-8AE44B2C483C} {CA48A597-D0FF-4749-9D52-580227C90A12} 7412; Description = Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026; Error = 0x80070514).
Error: (03/24/2017 11:52:22 AM) (Source: System Restore) (EventID: 8193) (User: )
Description: Failed to create restore point (Process = C:\Users\Asce\AppData\Local\Temp\vc_redist.x86.exe /install /quiet /norestart; Description = Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215; Error = 0x80070514).
Error: (03/24/2017 11:44:02 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (04/03/2020 10:05:50 AM) (Source: Software Protection Platform Service) (EventID: 8208) (User: )
Description: Acquisition of genuine ticket failed (hr=0x80072F8F) for template Id 66c92734-d682-4d71-983e-d6ec3f16059f
Error: (04/03/2020 10:05:50 AM) (Source: Software Protection Platform Service) (EventID: 8200) (User: )
Description: License acquisition failure details.
hr=0x80072F8F
Error: (04/03/2020 10:00:10 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (04/03/2020 09:57:05 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (04/03/2020 09:56:18 AM) (Source: Winlogon) (EventID: 4103) (User: )
Description: Windows license activation failed. Error 0x00000000.
Error: (04/03/2020 08:41:31 AM) (Source: Winlogon) (EventID: 4103) (User: )
Description: Windows license activation failed. Error 0x00000000.
System errors:
=============
Error: (03/24/2017 12:59:18 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Malwarebytes Service service terminated unexpectedly. It has done this 1 time(s).
Error: (03/24/2017 11:51:22 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: The server {9B1F122C-2982-4E91-AA8B-E071D54F2A4D} did not register with DCOM within the required timeout.
Error: (03/24/2017 11:48:39 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: The Windows Update service hung on starting.
Error: (03/24/2017 11:41:04 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: The server {F9717507-6651-4EDB-BFF7-AE615179BCCF} did not register with DCOM within the required timeout.
Error: (04/03/2020 10:06:00 AM) (Source: Microsoft-Windows-Time-Service) (EventID: 34) (User: NT AUTHORITY)
Description: The time service has detected that the system time needs to be changed by -95531948 seconds. The time service will not change the system time by more than 54000 seconds. Verify that your time and time zone are correct, and that the time source time.windows.com,0x9 (ntp.m|0x9|0.0.0.0:123->52.178.223.23:123) is working properly.
Error: (04/03/2020 10:05:01 AM) (Source: Schannel) (EventID: 4113) (User: NT AUTHORITY)
Description: The certificate received from the remote server has either expired or is not yet valid. The SSL connection request has failed. The attached data contains the server certificate.
Error: (04/03/2020 10:05:01 AM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
Description: The following fatal alert was generated: 45. The internal error state is 552.
Error: (04/03/2020 10:04:46 AM) (Source: Schannel) (EventID: 4113) (User: NT AUTHORITY)
Description: The certificate received from the remote server has either expired or is not yet valid. The SSL connection request has failed. The attached data contains the server certificate.
Error: (04/03/2020 10:04:46 AM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
Description: The following fatal alert was generated: 45. The internal error state is 552.
Error: (04/03/2020 10:04:36 AM) (Source: Schannel) (EventID: 4113) (User: NT AUTHORITY)
Description: The certificate received from the remote server has either expired or is not yet valid. The SSL connection request has failed. The attached data contains the server certificate.
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i7 CPU 950 @ 3.07GHz
Percentage of memory in use: 62%
Total physical RAM: 6142.43 MB
Available physical RAM: 2297.29 MB
Total Virtual: 12283.07 MB
Available Virtual: 6800.8 MB
==================== Drives ================================
Drive c: (HDD Main) (Fixed) (Total:931.41 GB) (Free:237.21 GB) NTFS
Drive d: (SSD) (Fixed) (Total:223.57 GB) (Free:55.74 GB) NTFS
Drive f: (Fallout 4) (CDROM) (Total:24.47 GB) (Free:0 GB) UDF
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: C232954D)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=931.4 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 223.6 GB) (Disk ID: E9CEE9B3)
Partition 1: (Not Active) - (Size=223.6 GB) - (Type=07 NTFS)
==================== End of Addition.txt ============================
-
March 24th, 2017, 10:19 PM
#4
Welcome aboard
Please, observe following rules:
- Read all of my instructions very carefully. Your mistakes during cleaning process may have very serious consequences, like unbootable computer.
- If you're stuck, or you're not sure about certain step, always ask before doing anything else.
- Please refrain from running any tools, fixes or applying any changes to your computer other than those I suggest.
- Never run more than one scan at a time.
- Keep updating me regarding your computer behavior, good, or bad.
- The cleaning process, once started, has to be completed. Even if your computer appears to act better, it may still be infected. Once the computer is totally clean, I'll certainly let you know.
- If you leave the topic without explanation in the middle of a cleaning process, you may not be eligible to receive any more help in malware removal forum.
- I close my topics if you have not replied in 5 days. If you need more time, simply let me know. If I closed your topic and you need it to be reopened, simply PM me.
================================
Download RogueKiller from one of the following links and save it to your Desktop:
Link 1
Link 2
- Close all the running programs
- Double click on downloaded setup.exe file to install the program.
- Click on Start Scan button.
- Click on another Start Scan button.
- Wait until the Status box shows Scan Finished
- Click on Delete.
- Wait until the Status box shows Deleting Finished.
- Click on Report and copy/paste the content of the Notepad into your next reply.
- RKreport.txt could also be found on your desktop.
- If more than one log is produced post all logs.
Please download Malwarebytes to your desktop.
- Double-click mb3-setup-consumer-{version}.exe and follow the prompts to install the program.
- Then click Finish.
- Once the program has fully updated, select Scan Now on the Dashboard. Or select the Threat Scan from the Scan menu.
- If another update of the definitions is available, it will be implemented before the rest of the scanning procedure.
- When the scan is complete, make sure that all Threats are selected, and click Remove Selected.
- Restart your computer when prompted to do so.
- The Scan log is available throughout History ->Application logs. Please post it contents in your next reply.
Please download AdwCleaner by Xplode and save to your Desktop.
- Double click on AdwCleaner.exe to run the tool.
Vista/Windows 7/8 users right-click and select Run As Administrator - The tool will start to update the database if one is required.
- Click on the Scan button.
- AdwCleaner will begin...be patient as the scan may take some time to complete.
- After the scan has finished, click on the Logfile button.
- A window will open which lists the logs of your scans.
- Click on the Scan tab.
- Double-click the most recent scan which will be at the top of the list....the log will appear.
- Review the results...see note below
- After reviewing the log, click on the Clean button.
- Press OK when asked to close all programs and follow the onscreen prompts.
- Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
- After rebooting, a logfile report (AdwCleaner[CX].txt) will open automatically (where the largest value of X represents the most recent report).
- To open a Cleaning log, launch AdwareClearer, click on the Logfile button, click on the Cleaning tab and double-click the log at the top of the list.
- Copy and paste the contents of AdwCleaner[CX].txt in your next reply.
- A copy of all logfiles are saved to C:\AdwCleaner.
-- Note: The contents of the AdwCleaner log file may be confusing. Unless you see a program name or entry that you recognize and know should not be removed, don't worry about it. If you see an entry you want to keep, return to AdwCleaner before cleaning...all detected items will be listed (and checked) in each tab. Click on and uncheck any items you want to keep.
Please download Junkware Removal Tool to your desktop.
- Shut down your protection software now to avoid potential conflicts.
- Run the tool by double-clicking it. If you are using Windows Vista or Seven, right-mouse click it and select Run as Administrator.
- The tool will open and start scanning your system.
- Please be patient as this can take a while to complete depending on your system's specifications.
- On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
- Post the contents of JRT.txt into your next message.
-
March 25th, 2017, 06:49 AM
#5
roguekiller wasn't starting I ended processes from the taskmengaer "WMsnap3.exe" "domino.exe" then roguekiller started and scanned the pc. roguekiller restarted the pc. I tried to open malwarebytes it didn't open there were still those processes "WMsnap3.exe" "domino.exe" I killed domino exe and malwarebytes started (It might be a consequence) it completed the scan. Malware bytes restarted the computer. There were still the "wmsnap" and "domino" processes USed adw scanned restarted the pc "wmsnap3" was gone domino.exe was still there on task menager. Used JRT it completed the scan restarted the computer domino is gone aswell. Pc is still abit slower than normal.
RogueKiller V12.10.1.0 (x64) [Mar 20 2017] (Free) by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : https://forum.adlice.com
Website : http://www.adlice.com/download/roguekiller/
Blog : http://www.adlice.com
Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User : Asce [Administrator]
Started from : C:\Program Files\RogueKiller\RogueKiller64.exe
Mode : Delete -- Date : 03/25/2017 04:03:52 (Duration : 00:47:56)
¤¤¤ Processes : 0 ¤¤¤
¤¤¤ Registry : 22 ¤¤¤
[PUP.Gen1] (X86) HKEY_LOCAL_MACHINE\Software\AVG Tuneup -> Deleted
[PUP.Gen1] (X64) HKEY_USERS\S-1-5-21-1292172697-4276861399-4271014393-1000\Software\Softonic -> Deleted
[PUP.Gen1] (X86) HKEY_USERS\S-1-5-21-1292172697-4276861399-4271014393-1000\Software\Softonic -> Deleted
[PUM.Proxy] (X64) HKEY_USERS\S-1-5-21-1292172697-4276861399-4271014393-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyServer : 37.239.46.50:80 -> Deleted
[PUM.Proxy] (X86) HKEY_USERS\S-1-5-21-1292172697-4276861399-4271014393-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyServer : 37.239.46.50:80 -> ERROR [2]
[PUM.HomePage] (X64) HKEY_USERS\S-1-5-21-1292172697-4276861399-4271014393-1000\Software\Microsoft\Internet Explorer\Main | Start Page : http://www.yandex.com.tr/?clid=1818323 -> Replaced (http://go.microsoft.com/fwlink/p/?LinkId=255141)
[PUM.HomePage] (X86) HKEY_USERS\S-1-5-21-1292172697-4276861399-4271014393-1000\Software\Microsoft\Internet Explorer\Main | Start Page : http://www.yandex.com.tr/?clid=1818323 -> Replaced (http://go.microsoft.com/fwlink/p/?LinkId=255141)
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\Tcpip\Parameters | DhcpNameServer : 139.179.30.24 139.179.10.13 ([Turkey][-]) -> Replaced ()
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{002F3112-3E11-4216-8254-E6C7BFD34FE5} | DhcpNameServer : 85.25.83.11 8.8.8.8 ([Germany][-]) -> Replaced ()
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{0A87EDDF-4DA3-45DE-9CF4-4DF1736A9197} | DhcpNameServer : 85.25.83.11 8.8.8.8 ([Germany][-]) -> Replaced ()
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{0BE02F3D-1738-4A38-ABA4-74E12809B258} | DhcpNameServer : 85.25.83.11 8.8.8.8 ([Germany][-]) -> Replaced ()
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{60B144C7-C780-4A62-8526-3B93ADD31C4A} | DhcpNameServer : 85.25.83.11 8.8.8.8 ([Germany][-]) -> Replaced ()
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{A31C4A9E-95FD-4295-92BE-02C9E1287228} | DhcpNameServer : 85.25.83.11 8.8.8.8 ([Germany][-]) -> Replaced ()
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{D38BF8D7-4BA9-4FB1-B438-564050461773} | DhcpNameServer : 85.25.83.11 8.8.8.8 ([Germany][-]) -> Replaced ()
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{DA2D582E-7FDF-4CC8-A295-2DB4EC3588B7} | DhcpNameServer : 139.179.30.24 139.179.10.13 ([Turkey][-]) -> Replaced ()
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\Tcpip\Parameters\Interfaces\{002F3112-3E11-4216-8254-E6C7BFD34FE5} | DhcpNameServer : 85.25.83.11 8.8.8.8 ([Germany][-]) -> Replaced ()
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\Tcpip\Parameters\Interfaces\{0A87EDDF-4DA3-45DE-9CF4-4DF1736A9197} | DhcpNameServer : 85.25.83.11 8.8.8.8 ([Germany][-]) -> Replaced ()
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\Tcpip\Parameters\Interfaces\{0BE02F3D-1738-4A38-ABA4-74E12809B258} | DhcpNameServer : 85.25.83.11 8.8.8.8 ([Germany][-]) -> Replaced ()
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\Tcpip\Parameters\Interfaces\{60B144C7-C780-4A62-8526-3B93ADD31C4A} | DhcpNameServer : 85.25.83.11 8.8.8.8 ([Germany][-]) -> Replaced ()
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\Tcpip\Parameters\Interfaces\{A31C4A9E-95FD-4295-92BE-02C9E1287228} | DhcpNameServer : 85.25.83.11 8.8.8.8 ([Germany][-]) -> Replaced ()
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\Tcpip\Parameters\Interfaces\{D38BF8D7-4BA9-4FB1-B438-564050461773} | DhcpNameServer : 85.25.83.11 8.8.8.8 ([Germany][-]) -> Replaced ()
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\Tcpip\Parameters\Interfaces\{DA2D582E-7FDF-4CC8-A295-2DB4EC3588B7} | DhcpNameServer : 139.179.30.24 139.179.10.13 ([Turkey][-]) -> Replaced ()
¤¤¤ Tasks : 0 ¤¤¤
¤¤¤ Files : 7 ¤¤¤
[PUP.Gen1][Folder] C:\ProgramData\AVG Secure Search -> Removed at reboot [91]
[PUP.Gen1][Folder] C:\ProgramData\AVG Secure Search\Logger -> ERROR [5]
[PUP.Gen1][Folder] C:\ProgramData\AVG Web TuneUp -> Removed at reboot [91]
[PUP.Gen1][Folder] C:\ProgramData\AVG Web TuneUp\ChromeExt -> ERROR [5]
[PUP.Gen1][Folder] C:\ProgramData\AVG Web TuneUp\CrashReport -> ERROR [5]
[PUP.Gen1][Folder] C:\Users\Asce\AppData\Local\AVG Web TuneUp -> Deleted
[PUP.Gen1][Folder] C:\Users\Asce\AppData\Local\AVG Web TuneUp\DNT -> Deleted
[PUP.Gen1][Folder] C:\Users\Asce\AppData\Local\AVG Web TuneUp\Statistics -> Deleted
[PUP.MalwareProtection|PUP.Gen1][Folder] C:\Users\Asce\AppData\Local\MalwareProtectionLive -> Deleted
[PUP.MalwareProtection|PUP.Gen1][File] C:\Users\Asce\AppData\Local\MalwareProtectionLive\certificates -> Deleted
[PUP.MalwareProtection|PUP.Gen1][File] C:\Users\Asce\AppData\Local\MalwareProtectionLive\certificates_filter -> Deleted
[PUP.MalwareProtection|PUP.Gen1][File] C:\Users\Asce\AppData\Local\MalwareProtectionLive\extensions -> Deleted
[PUP.MalwareProtection|PUP.Gen1][File] C:\Users\Asce\AppData\Local\MalwareProtectionLive\extensions_filter -> Deleted
[PUP.MalwareProtection|PUP.Gen1][File] C:\Users\Asce\AppData\Local\MalwareProtectionLive\MalwareProtectionClient.exe -> Deleted
[PUP.Gen1][Folder] C:\ProgramData\AVG Secure Search -> Deleted
[PUP.Gen1][File] C:\ProgramData\AVG Secure Search\Logger\logger.properties -> Deleted
[PUP.Gen1][Folder] C:\ProgramData\AVG Secure Search\Logger -> Deleted
[PUP.Gen1][Folder] C:\ProgramData\AVG Web TuneUp -> Removed at reboot [91]
[PUP.Gen1][Folder] C:\ProgramData\AVG Web TuneUp\ChromeExt\3.2.0.14 -> ERROR [5]
[PUP.Gen1][File] C:\ProgramData\AVG Web TuneUp\ChromeExt\3.2.0.18\avg.crx -> Deleted
[PUP.Gen1][File] C:\ProgramData\AVG Web TuneUp\ChromeExt\3.2.0.18\ExtensionTemplate.txt -> Deleted
[PUP.Gen1][Folder] C:\ProgramData\AVG Web TuneUp\ChromeExt\3.2.0.18 -> Deleted
[PUP.Gen1][File] C:\ProgramData\AVG Web TuneUp\ChromeExt\3.2.0.51\avg.crx -> Deleted
[PUP.Gen1][File] C:\ProgramData\AVG Web TuneUp\ChromeExt\3.2.0.51\ExtensionTemplate.txt -> Deleted
[PUP.Gen1][Folder] C:\ProgramData\AVG Web TuneUp\ChromeExt\3.2.0.51 -> Deleted
[PUP.Gen1][File] C:\ProgramData\AVG Web TuneUp\ChromeExt\3.2.0.52\avg.crx -> Deleted
[PUP.Gen1][File] C:\ProgramData\AVG Web TuneUp\ChromeExt\3.2.0.52\ExtensionTemplate.txt -> Deleted
[PUP.Gen1][Folder] C:\ProgramData\AVG Web TuneUp\ChromeExt\3.2.0.52 -> Deleted
[PUP.Gen1][File] C:\ProgramData\AVG Web TuneUp\ChromeExt\3.3.0.11\avg.crx -> Deleted
[PUP.Gen1][File] C:\ProgramData\AVG Web TuneUp\ChromeExt\3.3.0.11\ExtensionTemplate.txt -> Deleted
[PUP.Gen1][Folder] C:\ProgramData\AVG Web TuneUp\ChromeExt\3.3.0.11 -> Deleted
[PUP.Gen1][File] C:\ProgramData\AVG Web TuneUp\ChromeExt\3.4.0.1\avg.crx -> Deleted
[PUP.Gen1][File] C:\ProgramData\AVG Web TuneUp\ChromeExt\3.4.0.1\ExtensionTemplate.txt -> Deleted
[PUP.Gen1][Folder] C:\ProgramData\AVG Web TuneUp\ChromeExt\3.4.0.1 -> Deleted
[PUP.Gen1][File] C:\ProgramData\AVG Web TuneUp\ChromeExt\3.5.0.0\avg.crx -> Deleted
[PUP.Gen1][File] C:\ProgramData\AVG Web TuneUp\ChromeExt\3.5.0.0\ExtensionTemplate.txt -> Deleted
[PUP.Gen1][Folder] C:\ProgramData\AVG Web TuneUp\ChromeExt\3.5.0.0 -> Deleted
[PUP.Gen1][Folder] C:\ProgramData\AVG Web TuneUp\ChromeExt -> Removed at reboot [91]
[PUP.Gen1][File] C:\ProgramData\AVG Web TuneUp\CrashReport\crash.avgdx -> Deleted
[PUP.Gen1][Folder] C:\ProgramData\AVG Web TuneUp\CrashReport -> Deleted
[PUP.Gen1][Folder] C:\Program Files (x86)\AVG Web TuneUp -> Removed at reboot [91]
[PUP.Gen1][Folder] C:\Program Files (x86)\AVG Web TuneUp\3.2.0.14 -> ERROR [5]
[PUP.Gen1][File] C:\Program Files (x86)\AVG Web TuneUp\3.2.0.18\AVG Web TuneUp_toolbar.dll -> Deleted
[PUP.Gen1][File] C:\Program Files (x86)\AVG Web TuneUp\3.2.0.18\install.ini -> Deleted
[PUP.Gen1][Folder] C:\Program Files (x86)\AVG Web TuneUp\3.2.0.18 -> Deleted
[PUP.Gen1][File] C:\Program Files (x86)\AVG Web TuneUp\3.2.0.51\AVG Web TuneUp_toolbar.dll -> Deleted
[PUP.Gen1][File] C:\Program Files (x86)\AVG Web TuneUp\3.2.0.51\install.ini -> Deleted
[PUP.Gen1][Folder] C:\Program Files (x86)\AVG Web TuneUp\3.2.0.51 -> Deleted
[PUP.Gen1][File] C:\Program Files (x86)\AVG Web TuneUp\3.2.0.52\AVG Web TuneUp_toolbar.dll -> Deleted
[PUP.Gen1][File] C:\Program Files (x86)\AVG Web TuneUp\3.2.0.52\install.ini -> Deleted
[PUP.Gen1][Folder] C:\Program Files (x86)\AVG Web TuneUp\3.2.0.52 -> Deleted
[PUP.Gen1][File] C:\Program Files (x86)\AVG Web TuneUp\3.3.0.11\AVG Web TuneUp_toolbar.dll -> Deleted
[PUP.Gen1][File] C:\Program Files (x86)\AVG Web TuneUp\3.3.0.11\install.ini -> Deleted
[PUP.Gen1][Folder] C:\Program Files (x86)\AVG Web TuneUp\3.3.0.11 -> Deleted
[PUP.Gen1][File] C:\Program Files (x86)\AVG Web TuneUp\3.4.0.1\AVG Web TuneUp_toolbar.dll -> Deleted
[PUP.Gen1][File] C:\Program Files (x86)\AVG Web TuneUp\3.4.0.1\install.ini -> Deleted
[PUP.Gen1][Folder] C:\Program Files (x86)\AVG Web TuneUp\3.4.0.1 -> Deleted
[PUP.Gen1][File] C:\Program Files (x86)\AVG Web TuneUp\3.5.0.0\AVG Web TuneUp_toolbar.dll -> Deleted
[PUP.Gen1][File] C:\Program Files (x86)\AVG Web TuneUp\3.5.0.0\install.ini -> Deleted
[PUP.Gen1][Folder] C:\Program Files (x86)\AVG Web TuneUp\3.5.0.0 -> Deleted
[PUP.Gen1][File] C:\Program Files (x86)\AVG Web TuneUp\about.gif -> Deleted
[PUP.Gen1][File] C:\Program Files (x86)\AVG Web TuneUp\AvgComponents.manifest -> Deleted
[PUP.Gen1][File] C:\Program Files (x86)\AVG Web TuneUp\avgMozXPCOM.js -> Deleted
[PUP.Gen1][Folder] C:\Program Files (x86)\AVG Web TuneUp\BundleInstall -> ERROR [5]
[PUP.Gen1][File] C:\Program Files (x86)\AVG Web TuneUp\BundleInstall.exe -> Deleted
[PUP.Gen1][File] C:\Program Files (x86)\AVG Web TuneUp\BundleInstaller.ini -> Deleted
[PUP.Gen1][Folder] C:\Program Files (x86)\AVG Web TuneUp\ChConfirmHelperRes -> ERROR [5]
[PUP.Gen1][Folder] C:\Program Files (x86)\AVG Web TuneUp\Chrome -> ERROR [5]
[PUP.Gen1][Folder] C:\Program Files (x86)\AVG Web TuneUp\ChromeGuardRes -> ERROR [5]
[PUP.Gen1][Folder] C:\Program Files (x86)\AVG Web TuneUp\ChromeRes -> ERROR [5]
[PUP.Gen1][File] C:\Program Files (x86)\AVG Web TuneUp\configuration.xml -> Deleted
[PUP.Gen1][File] C:\Program Files (x86)\AVG Web TuneUp\crash.avgdx -> Deleted
[PUP.Gen1][File] C:\Program Files (x86)\AVG Web TuneUp\current.gif -> Deleted
[PUP.Gen1][File] C:\Program Files (x86)\AVG Web TuneUp\data.zip -> Deleted
[PUP.Gen1][Folder] C:\Program Files (x86)\AVG Web TuneUp\DSPDlg_IE -> ERROR [5]
[PUP.Gen1][Folder] C:\Program Files (x86)\AVG Web TuneUp\EnableHelperRes -> ERROR [5]
[PUP.Gen1][File] C:\Program Files (x86)\AVG Web TuneUp\EULA.gif -> Deleted
[PUP.Gen1][File] C:\Program Files (x86)\AVG Web TuneUp\Eula.txt -> Deleted
[PUP.Gen1][File] C:\Program Files (x86)\AVG Web TuneUp\favicon.ico -> Deleted
[PUP.Gen1][File] C:\Program Files (x86)\AVG Web TuneUp\feedback.gif -> Deleted
[PUP.Gen1][File] C:\Program Files (x86)\AVG Web TuneUp\FireFoxSearchXml.tmp -> Deleted
[PUP.Gen1][File] C:\Program Files (x86)\AVG Web TuneUp\help.gif -> Deleted
[PUP.Gen1][File] C:\Program Files (x86)\AVG Web TuneUp\icon18.gif -> Deleted
[PUP.Gen1][File] C:\Program Files (x86)\AVG Web TuneUp\labs.gif -> Deleted
[PUP.Gen1][Folder] C:\Program Files (x86)\AVG Web TuneUp\Licenses -> ERROR [5]
[PUP.Gen1][File] C:\Program Files (x86)\AVG Web TuneUp\lip.exe -> Deleted
[PUP.Gen1][File] C:\Program Files (x86)\AVG Web TuneUp\privacy.gif -> Deleted
[PUP.Gen1][File] C:\Program Files (x86)\AVG Web TuneUp\remote_configuration.xml -> Deleted
[PUP.Gen1][File] C:\Program Files (x86)\AVG Web TuneUp\search.gif -> Deleted
[PUP.Gen1][File] C:\Program Files (x86)\AVG Web TuneUp\setup.bmp -> Deleted
[PUP.Gen1][File] C:\Program Files (x86)\AVG Web TuneUp\TBAPI.dll -> Deleted
[PUP.Gen1][File] C:\Program Files (x86)\AVG Web TuneUp\Uninstall.exe -> Deleted
[PUP.Gen1][File] C:\Program Files (x86)\AVG Web TuneUp\uninstall.gif -> Deleted
[PUP.Gen1][Folder] C:\Program Files (x86)\AVG Web TuneUp\UninstallRes -> ERROR [5]
[PUP.Gen1][File] C:\Program Files (x86)\AVG Web TuneUp\vprot.exe -> ERROR [5]
¤¤¤ WMI : 0 ¤¤¤
¤¤¤ Hosts File : 0 ¤¤¤
¤¤¤ Antirootkit : 0 (Driver: Loaded) ¤¤¤
¤¤¤ Web browsers : 2 ¤¤¤
[PUP.Gen0][Chrome:Addon] Default : imgur Extension by Metronomik [ehoopddfhgaehhmphfcooacjdpmbjlao] -> Deleted
[PUP.Gen0][Chrome:Addon] Default : Hover Zoom [nonjdcjchghhkdoolnlbekcfllmednbl] -> ERROR [2]
¤¤¤ MBR Check : ¤¤¤
+++++ PhysicalDrive0: ST1000DM003-1CH162 ATA Device +++++
--- User ---
[MBR] d6e5c82e2d7828297061f4c856568d1e
[BSP] 18f9625dfb54a60bda0bb2dfbf755baf : Windows Vista/7/8|VT.Unknown MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 100 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
1 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 206848 | Size: 953767 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
User = LL1 ... OK
User = LL2 ... OK
+++++ PhysicalDrive1: KINGSTON SV300S37A240G ATA Device +++++
--- User ---
[MBR] ab9e2d687fedabef83bd283f2d9cbd0c
[BSP] 29f263dd347b1542e965a2ff9c6d7fa3 : Windows Vista/7/8|VT.Unknown MBR Code
Partition table:
0 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 228934 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
User = LL1 ... OK
User = LL2 ... OK
Malwarebytes
www.malwarebytes.com
-Log Details-
Scan Date: 3/25/17
Scan Time: 5:30 AM
Logfile: rapor.txt
Administrator: Yes
-Software Information-
Version: 3.0.6.1469
Components Version: 1.0.75
Update Package Version: 1.0.1590
License: Trial
-System Information-
OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: Fire_Fist\Asce
-Scan Summary-
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 359361
Time Elapsed: 8 min, 11 sec
-Scan Options-
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled
-Scan Details-
Process: 0
(No malicious items detected)
Module: 0
(No malicious items detected)
Registry Key: 0
(No malicious items detected)
Registry Value: 0
(No malicious items detected)
Registry Data: 0
(No malicious items detected)
Data Stream: 0
(No malicious items detected)
Folder: 0
(No malicious items detected)
File: 1
PUP.Optional.MalwareProtection, C:\PROGRAMDATA\ROGUEKILLER\QUARANTINE\9953981C859EC2BF.VIR, Quarantined, [1190], [82505],1.0.1590
Physical Sector: 0
(No malicious items detected)
(end)
# AdwCleaner v6.044 - Logfile created 25/03/2017 at 06:02:19
# Updated on 28/02/2017 by Malwarebytes
# Database : 2017-03-23.2 [Server]
# Operating System : Windows 7 Home Premium Service Pack 1 (X64)
# Username : Asce - FIRE_FIST
# Running from : C:\Users\Asce\Desktop\AdwCleaner.exe
# Mode: Clean
# Support : https://www.malwarebytes.com/support
***** [ Services ] *****
[-] Service deleted: vToolbarUpdater3.5.0
***** [ Folders ] *****
[-] Folder deleted: C:\Users\Asce\AppData\LocalLow\avg web tuneup
[-] Folder deleted: C:\ProgramData\AVG Secure Search
[-] Folder deleted: C:\ProgramData\avg web tuneup
[#] Folder deleted on reboot: C:\ProgramData\Application Data\AVG Secure Search
[#] Folder deleted on reboot: C:\ProgramData\Application Data\avg web tuneup
[-] Folder deleted: C:\Program Files (x86)\avg web tuneup
[-] Folder deleted: C:\Program Files (x86)\Common Files\AVG Secure Search
[-] Folder deleted: C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\avg web tuneup
[-] Folder deleted: C:\Users\Asce\AppData\Local\Google\Chrome\User Data\Default\Extensions\ehoopddfhgaehhmphfcooacjdpmbjlao
[-] Folder deleted: C:\Users\Asce\AppData\Local\Google\Chrome\User Data\Default\Extensions\nonjdcjchghhkdoolnlbekcfllmednbl
***** [ Files ] *****
[-] File deleted: C:\Users\Asce\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_ehoopddfhgaehhmphfcooacjdpmbjlao_0.localstorage
[-] File deleted: C:\Users\Asce\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_ehoopddfhgaehhmphfcooacjdpmbjlao_0.localstorage-journal
[-] File deleted: C:\Users\Asce\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_nonjdcjchghhkdoolnlbekcfllmednbl_0.localstorage
[-] File deleted: C:\Users\Asce\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_nonjdcjchghhkdoolnlbekcfllmednbl_0.localstorage-journal
***** [ DLL ] *****
***** [ WMI ] *****
***** [ Shortcuts ] *****
***** [ Scheduled Tasks ] *****
***** [ Registry ] *****
[-] Key deleted: HKLM\SOFTWARE\Classes\ScriptHelper.GenericWnd
[-] Key deleted: HKLM\SOFTWARE\Classes\ScriptHelper.GenericWnd.1
[-] Key deleted: HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
[-] Key deleted: HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
[-] Key deleted: HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE
[-] Key deleted: HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1
[#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\ScriptHelper.GenericWnd
[#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\ScriptHelper.GenericWnd.1
[#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
[#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
[#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE
[#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1
[-] Key deleted: HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
[-] Key deleted: HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
[-] Key deleted: HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}
[-] Key deleted: HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
[-] Key deleted: HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
[-] Key deleted: HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
[-] Key deleted: HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
[-] Key deleted: HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
[-] Key deleted: HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
[-] Key deleted: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\castplatform.com
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\cdn.castplatform.com
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\sweet-page.com
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\www.sweet-page.com
[#] Key deleted on reboot: [x64] HKCU\Software\Microsoft\Internet Explorer\DOMStorage\castplatform.com
[#] Key deleted on reboot: [x64] HKCU\Software\Microsoft\Internet Explorer\DOMStorage\cdn.castplatform.com
[#] Key deleted on reboot: [x64] HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\sweet-page.com
[#] Key deleted on reboot: [x64] HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\www.sweet-page.com
[-] Value deleted: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [vProt]
[-] Key deleted: HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL
[-] Key deleted: HKLM\SOFTWARE\Classes\PROTOCOLS\handler\viprotocol
[-] Key deleted: HKLM\SOFTWARE\Google\Chrome\NativeMessagingHosts\avgsh
[-] Key deleted: HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
[#] Key deleted on reboot: HKLM\SOFTWARE\Classes\protocols\handler\viprotocol
***** [ Web browsers ] *****
[-] [C:\Users\Asce\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Deleted: aol.com
[-] [C:\Users\Asce\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Deleted: ask.com
[-] [C:\Users\Asce\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Deleted: hamachi.en.softonic.com
[-] [C:\Users\Asce\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Deleted: sweet-page
[-] [C:\Users\Asce\AppData\Local\Google\Chrome\User Data\Default] [favicon_url] Deleted: hxxp://www.sweet-page.com/webfavicon.ico
[-] [C:\Users\Asce\AppData\Local\Google\Chrome\User Data\Default] [extension] Deleted: ehoopddfhgaehhmphfcooacjdpmbjlao
[-] [C:\Users\Asce\AppData\Local\Google\Chrome\User Data\Default] [extension] Deleted: nonjdcjchghhkdoolnlbekcfllmednbl
*************************
:: "Tracing" keys deleted
:: Winsock settings cleared
*************************
C:\AdwCleaner\AdwCleaner[C0].txt - [6173 Bytes] - [25/03/2017 06:02:19]
C:\AdwCleaner\AdwCleaner[S0].txt - [6058 Bytes] - [25/03/2017 05:57:42]
########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [6319 Bytes] ##########
-
March 25th, 2017, 06:49 AM
#6
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.1.2 (03.10.2017)
Operating System: Windows 7 Home Premium x64
Ran by Asce (Administrator) on Sat 03/25/2017 at 6:17:15.84
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
File System: 41
Successfully deleted: C:\Users\Asce\AppData\Roaming\speedrunnerslog.txt (File)
Successfully deleted: C:\Users\Asce\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0PS72R2M (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Asce\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1LRXM1HH (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Asce\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4T8VGUSD (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Asce\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\62AXOPQ5 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Asce\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\96WSY0GP (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Asce\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\BREWAR6T (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Asce\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CKD2JHO4 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Asce\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FZG8CKJ5 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Asce\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\IPYCNJL1 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Asce\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\JYJL3YF4 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Asce\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\L2P7PLFM (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Asce\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LIXMVQOA (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Asce\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\M96HJ377 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Asce\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SXX7B4E4 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Asce\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VDY709OZ (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Asce\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\X1H2826I (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Asce\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Y18H9XRB (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Asce\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YJLUED8Y (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Asce\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZON7WYJ5 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Asce\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZU5K3PI9 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0PS72R2M (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1LRXM1HH (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4T8VGUSD (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\62AXOPQ5 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\96WSY0GP (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\BREWAR6T (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CKD2JHO4 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FZG8CKJ5 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\IPYCNJL1 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\JYJL3YF4 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\L2P7PLFM (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LIXMVQOA (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\M96HJ377 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SXX7B4E4 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VDY709OZ (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\X1H2826I (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Y18H9XRB (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YJLUED8Y (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZON7WYJ5 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZU5K3PI9 (Temporary Internet Files Folder)
Registry: 1
Successfully deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\GoogleChromeAutoLaunch_869D1C098422C3FF363196C3B970F3FA (Registry Value)
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Sat 03/25/2017 at 6:20:22.30
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-
March 25th, 2017, 02:32 PM
#7
Please download ComboFix from Here, Here or Here to your Desktop.
**Note: In the event you already have Combofix, this is a new version that I need you to download. It is important that it is saved directly to your desktop**
- Never rename Combofix unless instructed.
- Close any open browsers.
- Very Important! Temporarily disable your anti-virus and any anti-malware real-time protection before performing a scan. They can interfere with ComboFix or remove some of its embedded files which may cause "unpredictable results".
- Click on this link to see a list of programs that should be disabled. The list is not all inclusive. If yours is not listed and you don't know how to disable it, please ask.
- Close any open browsers.
- WARNING: Combofix will disconnect your machine from the Internet as soon as it starts
- Please do not attempt to re-connect your machine back to the Internet until Combofix has completely finished.
- If there is no internet connection after running Combofix, then restart your computer to restore back your connection.
If the connection is not there use restore point you created prior to running Combofix. - Double click on combofix.exe & follow the prompts.
- NOTE1. If Combofix asks you to install Recovery Console, please allow it.
NOTE 2. If Combofix asks you to update the program, always do so.
- When finished, it will produce a report for you.
- Please post the "C:\ComboFix.txt"
**Note 1: Do not mouseclick combofix's window while it's running. That may cause it to stall
**Note 2 for AVG and CA Internet Security (Total Defense Internet Security) users: ComboFix will not run until AVG/CA Internet Security is uninstalled as a protective measure against the anti-virus. This is because AVG/CA Internet Security "falsely" detects ComboFix (or its embedded files) as a threat and may remove them resulting in the tool not working correctly which in turn can cause "unpredictable results". Since AVG/CA Internet Security cannot be effectively disabled before running ComboFix, the author recommends you to uninstall AVG/CA Internet Security first.
Use AppRemover to uninstall it: http://www.appremover.com/
We can reinstall it when we're done with CF.
**Note 3: If you receive an error Illegal operation attempted on a registery key that has been marked for deletion, restart computer to fix the issue.
**Note 4: Some infections may take some significant time to be cured. As long as your computer clock is running Combofix is still working. Be patient.
Make sure, you re-enable your security programs, when you're done with Combofix.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
NOTE.
If, for some reason, Combofix refuses to run, try the following...
Delete Combofix file, download fresh one, but rename combofix.exe to your_name.exe BEFORE saving it to your desktop.
Do NOT run it yet.
Download Rkill (courtesy of BleepingComputer.com) to your desktop.
There are 2 different versions. If one of them won't run then download and try to run the other one.
You only need to get one of these to run, not all of them. You may get warnings from your antivirus about this tool, ignore them or shutdown your antivirus.
rKill.exe: http://www.bleepingcomputer.com/download/rkill/dl/10/
iExplore.exe (renamed rKill.exe): http://www.bleepingcomputer.com/download/rkill/dl/11/
Restart computer in safe mode
- Double-click on the Rkill desktop icon to run the tool.
- If using Windows Vista, 7 or 8 right-click on it and choose Run As Administrator.
- A black DOS box will briefly flash and then disappear. This is normal and indicates the tool ran successfully.
- If not, delete the file, then download and use the one provided in Link 2.
- Do not reboot until instructed.
- If the tool does not run from any of the links provided, please let me know.
When the scan is done Notepad will open with rKill.txt log.
NOTE. rKill.txt log will also be present on your desktop.
Once you've gotten one of them to run, immediately run your_name.exe by double clicking on it.
IF you had to run rKill post BOTH logs, rKill.txt and Combofix.txt.
-
March 27th, 2017, 05:02 PM
#8
I have tried to run combofix it gave some errors, eventually it said redownload it. I did it like you stated and didn't execute.
I rebooted in safemode tried to run rkill . There was a dos screen saying no malware and in the bottom it said checking other things.
I assumed it didn't work and tried to run the iexplore. it didn't work aswell. same thing. I tried to run combofix anyway. It didn't work again.
first error combofix gave was something like this
Error opening file for writing c:\32788R22FWJFW\swxcads.3XE
click abort retry skip.
I tried to retry same error pressed skip.
second error ERDNT.E_E not found.
I tried to reformat the computer with usb stick iso. It didn't work... I need help
-
March 27th, 2017, 08:33 PM
#9
Re-run Farbar Recovery Scan Tool (FRST/FRST64) you ran at the very beginning of this topic.
- Double click to run it.
- Make sure you checkmark Addition.txt box.
- Press Scan button.
- Scan will create two logs, FRST.txt and Addition.txt in the same directory the tool is run. Please copy and paste them to your reply.
-
March 28th, 2017, 05:33 AM
#10
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 15-03-2017
Ran by Asce (administrator) on FIRE_FIST (28-03-2017 06:03:54)
Running from C:\Users\Asce\Desktop
Loaded Profiles: Asce (Available Profiles: Asce)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Opera)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic...ery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SbieSvc.exe
(AMD) C:\Windows\System32\atieclxx.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 17.0.0\avp.exe
() C:\Program Files (x86)\Gigabyte\EnergySaver2\des2svr.exe
(Hi-Rez Studios) C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
() C:\Windows\SysWOW64\XSrvSetup.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(SoftEther VPN Project at University of Tsukuba, Japan.) C:\Program Files\SoftEther VPN Client\vpnclient_x64.exe
(Gigabyte Technology CO., LTD.) C:\Program Files (x86)\Gigabyte\smart6\timelock\TimeMgmtDaemon.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 17.0.0\avpui.exe
(SoftEther VPN Project at University of Tsukuba, Japan.) C:\Program Files\SoftEther VPN Client\vpnclient_x64.exe
(Octoshape ApS) C:\Users\Asce\AppData\Roaming\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe
(Flux Software LLC) C:\Users\Asce\AppData\Local\FluxSoftware\Flux\flux.exe
(Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SbieCtrl.exe
(Spotify Ltd) C:\Users\Asce\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 1.0\ksde.exe
(SoftEther VPN Project at University of Tsukuba, Japan.) C:\Program Files\SoftEther VPN Client\vpncmgr_x64.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 1.0\ksdeui.exe
(NEC Electronics Corporation) C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(InstallShield Software Corporation) C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\MOM.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
(Gigabyte Technology CO., LTD.) C:\Program Files (x86)\Gigabyte\smart6\timelock\AlarmClock.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avguix.exe
(ATI Technologies Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\CCC.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Microsoft Corporation) C:\Windows\System32\taskmgr.exe
(Microsoft Corporation) C:\Windows\System32\taskmgr.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [10464536 2014-07-03] (Logitech Inc.)
HKLM\...\Run: [VMSnap3] => C:\Windows\VMSnap3.exe
HKLM\...\Run: [Domino] => C:\Windows\Domino.exe
HKLM\...\Run: [SoftEther VPN Client UI Helper] => C:\Program Files\SoftEther VPN Client\vpnclient_x64.exe [5189176 2015-05-02] (SoftEther VPN Project at University of Tsukuba, Japan.)
HKLM\...\Run: [Start WingMan Profiler] => C:\Program Files\Logitech\Gaming Software\LWEMon.exe [190536 2010-06-14] (Logitech Inc.)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2398776 2016-06-15] (NVIDIA Corporation)
HKLM\...\Run: [Malwarebytes TrayApp] => C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [2780112 2017-01-20] (Malwarebytes)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2014-11-20] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [JMB36X IDE Setup] => C:\Windows\RaidTool\xInsIDE.exe [43632 2010-01-19] ()
HKLM-x32\...\Run: [NUSB3MON] => C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [106496 2009-11-20] (NEC Electronics Corporation)
HKLM-x32\...\Run: [ISUSScheduler] => C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe [81920 2005-02-17] (InstallShield Software Corporation)
HKLM-x32\...\Run: [EasyTuneVI] => C:\Program Files (x86)\GIGABYTE\ET6\ETcall.exe [20480 2007-07-26] ()
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [5565448 2015-11-12] (LogMeIn Inc.)
HKLM-x32\...\Run: [AvgUi] => C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe [240400 2016-12-06] (AVG Technologies CZ, s.r.o.)
HKU\S-1-5-21-1292172697-4276861399-4271014393-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
HKU\S-1-5-21-1292172697-4276861399-4271014393-1000\...\Run: [Octoshape Streaming Services] => C:\Users\Asce\AppData\Roaming\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe [107800 2011-03-24] (Octoshape ApS)
HKU\S-1-5-21-1292172697-4276861399-4271014393-1000\...\Run: [f.lux] => C:\Users\Asce\AppData\Local\FluxSoftware\Flux\flux.exe [1017224 2013-10-24] (Flux Software LLC)
HKU\S-1-5-21-1292172697-4276861399-4271014393-1000\...\Run: [GNE_SwapScreen] => C:\Users\Asce\Desktop\SwapScreen.exe
HKU\S-1-5-21-1292172697-4276861399-4271014393-1000\...\Run: [Voobly] => C:\Program Files (x86)\Voobly\voobly.exe [159744 2015-01-19] (Voobly)
HKU\S-1-5-21-1292172697-4276861399-4271014393-1000\...\Run: [ISUSPM Startup] => C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe [221184 2005-02-17] (InstallShield Software Corporation)
HKU\S-1-5-21-1292172697-4276861399-4271014393-1000\...\Run: [SandboxieControl] => C:\Program Files\Sandboxie\SbieCtrl.exe [787592 2015-05-28] (Sandboxie Holdings, LLC)
HKU\S-1-5-21-1292172697-4276861399-4271014393-1000\...\Run: [Steam] => C:\Steam\steam.exe [3019552 2017-03-24] (Valve Corporation)
HKU\S-1-5-21-1292172697-4276861399-4271014393-1000\...\Run: [Spotify Web Helper] => C:\Users\Asce\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2346096 2015-12-17] (Spotify Ltd)
HKU\S-1-5-21-1292172697-4276861399-4271014393-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [50378880 2015-12-17] (Skype Technologies S.A.)
HKU\S-1-5-21-1292172697-4276861399-4271014393-1000\...\MountPoints2: {03f5a58e-0cdf-11e4-9364-fa05310c68ca} - F:\AutoRun.exe
HKU\S-1-5-21-1292172697-4276861399-4271014393-1000\...\MountPoints2: {10963882-1014-11e4-ba5d-c05a936a09ba} - F:\setup.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SoftEther VPN Client Manager Startup.lnk [2015-05-02]
ShortcutTarget: SoftEther VPN Client Manager Startup.lnk -> C:\Program Files\SoftEther VPN Client\vpncmgr_x64.exe (SoftEther VPN Project at University of Tsukuba, Japan.)
GroupPolicy: Restriction <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 139.179.30.24 139.179.10.13
Tcpip\..\Interfaces\{DA2D582E-7FDF-4CC8-A295-2DB4EC3588B7}: [DhcpNameServer] 139.179.30.24 139.179.10.13
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
BHO: Kaspersky Protection -> {2E38825B-8815-42CF-9126-C58BC28D4591} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 17.0.0\x64\IEExt\ie_plugin.dll [2016-12-26] (AO Kaspersky Lab)
BHO-x32: Kaspersky Protection -> {2E38825B-8815-42CF-9126-C58BC28D4591} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 17.0.0\IEExt\ie_plugin.dll [2016-12-26] (AO Kaspersky Lab)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\ssv.dll [2015-03-28] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\jp2ssv.dll [2015-03-28] (Oracle Corporation)
Toolbar: HKLM - Kaspersky Protection Toolbar - {093F479D-712E-46CD-9E06-62E734A05F68} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 17.0.0\x64\IEExt\ie_plugin.dll [2016-12-26] (AO Kaspersky Lab)
Toolbar: HKLM-x32 - Kaspersky Protection Toolbar - {093F479D-712E-46CD-9E06-62E734A05F68} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 17.0.0\IEExt\ie_plugin.dll [2016-12-26] (AO Kaspersky Lab)
FireFox:
========
FF HKLM\...\Firefox\Extensions: [light_plugin_F6F079488B53499DB99380A7E11A93F6@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 17.0.0\FFExt\light_plugin_firefox\addon.xpi
FF Extension: (Kaspersky Protection) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 17.0.0\FFExt\light_plugin_firefox\addon.xpi [2016-12-26]
FF HKLM-x32\...\Firefox\Extensions: [light_plugin_F6F079488B53499DB99380A7E11A93F6@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 17.0.0\FFExt\light_plugin_firefox\addon.xpi
FF HKU\S-1-5-21-1292172697-4276861399-4271014393-1000\...\SeaMonkey\Extensions: [mozilla_cc2@internetdownloadmanager.com] - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi => not found
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_25_0_0_127.dll [2017-03-24] ()
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_25_0_0_127.dll [2017-03-24] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.40.2 -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\dtplugin\npDeployJava1.dll [2015-03-28] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.40.2 -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\plugin2\npjp2.dll [2015-03-28] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\4.0.60310.0\npctrl.dll [2011-03-09] ( Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-01-23] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-01-23] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2020-04-03] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2020-04-03] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-09-27] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1292172697-4276861399-4271014393-1000: @octoshape.com/Octoshape Streaming Services,version=1.0 -> C:\Users\Asce\AppData\Roaming\Octoshape\Octoshape Streaming Services\sua-1702150-0-npoctoshape.dll [2017-02-15] (Octoshape ApS)
FF Plugin ProgramFiles/Appdata: C:\Users\Asce\AppData\Roaming\mozilla\plugins\npoctoshape.dll [2014-07-30] (Octoshape ApS)
Chrome:
=======
CHR DefaultProfile: Default
CHR StartupUrls: Default -> "hxxp://www.google.com.tr/"
CHR Session Restore: Default -> is enabled.
CHR Profile: C:\Users\Asce\AppData\Local\Google\Chrome\User Data\Default [2017-03-28]
CHR Extension: (Google Translate) - C:\Users\Asce\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2015-11-18]
CHR Extension: (Google Slides) - C:\Users\Asce\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-03-25]
CHR Extension: (Google Docs) - C:\Users\Asce\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-05]
CHR Extension: (Google Drive) - C:\Users\Asce\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-23]
CHR Extension: (YouTube) - C:\Users\Asce\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-25]
CHR Extension: (Google Search) - C:\Users\Asce\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-28]
CHR Extension: (ZenMate VPN - Best Cyber Security & Unblock) - C:\Users\Asce\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdcgdnkidjaadafnichfpabhfomcebme [2017-03-24]
CHR Extension: (Google Sheets) - C:\Users\Asce\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-03-25]
CHR Extension: (Kaspersky Protection) - C:\Users\Asce\AppData\Local\Google\Chrome\User Data\Default\Extensions\fhoibnponjcgjgcnfacekaijdbbplhib [2017-03-25]
CHR Extension: (Google Docs Offline) - C:\Users\Asce\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-03-24]
CHR Extension: (AdBlock) - C:\Users\Asce\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2017-03-24]
CHR Extension: (Document online) - C:\Users\Asce\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcdogoocenkoogpajficlnleblfoelph [2015-09-25]
CHR Extension: (Reddit Enhancement Suite) - C:\Users\Asce\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbmfpngjjgdllneeigpgjifpgocmfgmb [2017-03-24]
CHR Extension: (TwitchAlerts Stream Labels) - C:\Users\Asce\AppData\Local\Google\Chrome\User Data\Default\Extensions\kgmggmdngboajiakmbpdknfpdelbjbcg [2017-03-24]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Asce\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-03-24]
CHR Extension: (Enhanced Steam) - C:\Users\Asce\AppData\Local\Google\Chrome\User Data\Default\Extensions\okadibdjfemgnhjiembecghcbfknbfhg [2017-03-24]
CHR Extension: (Gmail) - C:\Users\Asce\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-29]
CHR Extension: (Chrome Media Router) - C:\Users\Asce\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-03-24]
CHR HKLM\...\Chrome\Extension: [fhoibnponjcgjgcnfacekaijdbbplhib] - hxxps://chrome.google.com/webstore/detail/fhoibnponjcgjgcnfacekaijdbbplhib
CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [fhoibnponjcgjgcnfacekaijdbbplhib] - hxxps://chrome.google.com/webstore/detail/fhoibnponjcgjgcnfacekaijdbbplhib
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 AppleChargerSrv; C:\Windows\System32\AppleChargerSrv.exe [31272 2010-04-06] ()
R2 avgsvc; C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe [1146128 2016-12-06] (AVG Technologies CZ, s.r.o.)
R2 AVP17.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 17.0.0\avp.exe [241544 2016-06-28] (AO Kaspersky Lab)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1257504 2015-12-03] ()
R2 DES2 Service; C:\Program Files (x86)\Gigabyte\EnergySaver2\des2svr.exe [68136 2009-06-17] ()
S3 EasyAntiCheat; C:\Windows\SysWOW64\EasyAntiCheat.exe [236832 2015-12-25] (EasyAntiCheat Ltd)
U2 HiPatchService; C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [8704 2015-09-02] (Hi-Rez Studios) [File not signed]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 JMB36X; C:\Windows\SysWOW64\XSrvSetup.exe [72304 2010-01-19] ()
S3 klvssbrigde64; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 17.0.0\x64\vssbridge64.exe [77328 2016-06-28] (AO Kaspersky Lab)
R2 KSDE1.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 1.0\ksde.exe [241544 2016-06-28] (AO Kaspersky Lab)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [417552 2015-11-12] (LogMeIn, Inc.)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4355024 2017-01-20] (Malwarebytes)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1881144 2016-06-15] (NVIDIA Corporation)
R3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [3634232 2016-06-15] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2522680 2016-06-15] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2104840 2015-12-08] (Electronic Arts)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76152 2015-10-08] ()
R2 SbieSvc; C:\Program Files\Sandboxie\SbieSvc.exe [176264 2015-05-28] (Sandboxie Holdings, LLC)
R2 SEVPNCLIENT; C:\Program Files\SoftEther VPN Client\vpnclient_x64.exe [5189176 2015-05-02] (SoftEther VPN Project at University of Tsukuba, Japan.)
R2 Smart TimeLock; C:\Program Files (x86)\GIGABYTE\Smart6\Timelock\TimeMgmtDaemon.exe [114688 2009-10-13] (Gigabyte Technology CO., LTD.) [File not signed]
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5491984 2015-05-20] (TeamViewer GmbH)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R1 AppleCharger; C:\Windows\System32\DRIVERS\AppleCharger.sys [21544 2010-04-22] ()
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R0 cm_km; C:\Windows\System32\DRIVERS\cm_km.sys [238936 2016-06-10] (AO Kaspersky Lab)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-07-20] (Disc Soft Ltd)
R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae64.sys [77408 2017-02-24] ()
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [554416 2016-06-02] (AO Kaspersky Lab)
R0 klbackupdisk; C:\Windows\System32\DRIVERS\klbackupdisk.sys [63920 2016-06-08] (AO Kaspersky Lab)
R1 klbackupflt; C:\Windows\System32\DRIVERS\klbackupflt.sys [86352 2016-06-15] (AO Kaspersky Lab)
R2 kldisk; C:\Windows\System32\DRIVERS\kldisk.sys [78216 2016-06-01] (AO Kaspersky Lab)
R3 klflt; C:\Windows\System32\DRIVERS\klflt.sys [195296 2017-03-25] (AO Kaspersky Lab)
R1 klhk; C:\Windows\System32\DRIVERS\klhk.sys [313112 2017-03-25] (AO Kaspersky Lab)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [1035488 2017-03-25] (AO Kaspersky Lab)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [57936 2016-12-26] (AO Kaspersky Lab)
R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [52144 2016-05-19] (AO Kaspersky Lab)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [41648 2015-06-07] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [45488 2016-06-01] (AO Kaspersky Lab)
R3 kltap; C:\Windows\System32\DRIVERS\kltap.sys [52152 2016-06-07] (The OpenVPN Project)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [75696 2016-05-18] (AO Kaspersky Lab)
R1 Klwtp; C:\Windows\System32\DRIVERS\klwtp.sys [135904 2017-03-25] (AO Kaspersky Lab)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [199392 2017-03-25] (AO Kaspersky Lab)
R3 LGSHidFilt; C:\Windows\System32\DRIVERS\LGSHidFilt.Sys [64280 2013-05-30] (Logitech Inc.)
R2 MBAMChameleon; C:\Windows\system32\drivers\MBAMChameleon.sys [186304 2017-03-28] (Malwarebytes)
R3 MBAMProtection; C:\Windows\system32\drivers\mbam.sys [43968 2017-03-28] (Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [251840 2017-03-28] (Malwarebytes)
R3 MBAMWebProtection; C:\Windows\system32\drivers\mwac.sys [82208 2017-03-28] (Malwarebytes)
S3 msvad_simple; C:\Windows\System32\solicall.sys [40664 2010-10-30] (SoliCall)
R3 Neo_braz; C:\Windows\System32\DRIVERS\Neo_0005.sys [28640 2015-05-02] (SoftEther VPN Project at University of Tsukuba, Japan.)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [28216 2016-06-15] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [56384 2016-04-14] (NVIDIA Corporation)
R3 SbieDrv; C:\Program Files\Sandboxie\SbieDrv.sys [188552 2015-05-28] (Sandboxie Holdings, LLC)
U3 TrueSight; C:\Windows\System32\drivers\TrueSight.sys [28272 2017-03-25] ()
S3 VASDeviceDrm; C:\Windows\System32\drivers\vasdDev.sys [1454896 2015-07-21] (ShiningMorning Inc.)
S3 vvftav303; C:\Windows\System32\drivers\vvftav303.sys [308096 2007-06-23] (Vimicro Corporation)
S3 ZSMC0303; C:\Windows\System32\Drivers\usbVM303.sys [1494656 2007-03-25] (Vimicro Corporation)
S3 IntcAzAudAddService; system32\drivers\RTKVHD64.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2020-04-03 09:39 - 2020-04-03 09:41 - 00524288 ___SH C:\Users\Asce\ntuser.dat{da51557c-7575-11ea-8411-00aca320a6d8}.TMContainer00000000000000000002.regtrans-ms
2020-04-03 09:39 - 2020-04-03 09:41 - 00524288 ___SH C:\Users\Asce\ntuser.dat{da51557c-7575-11ea-8411-00aca320a6d8}.TMContainer00000000000000000001.regtrans-ms
2020-04-03 09:39 - 2020-04-03 09:41 - 00065536 ___SH C:\Users\Asce\ntuser.dat{da51557c-7575-11ea-8411-00aca320a6d8}.TM.blf
2017-03-28 06:02 - 2017-03-28 06:04 - 00023648 _____ C:\Users\Asce\Desktop\FRST.txt
2017-03-27 17:36 - 2017-03-27 17:36 - 02030536 _____ (Bleeping Computer, LLC) C:\Users\Asce\Desktop\rkill.exe
2017-03-27 17:35 - 2017-03-27 17:35 - 05659269 _____ (Swearware) C:\Users\Asce\Desktop\asce.exe
2017-03-27 17:35 - 2017-03-27 17:35 - 02030536 _____ (Bleeping Computer, LLC) C:\Users\Asce\Desktop\iExplore.exe
2017-03-27 16:32 - 2017-03-27 16:35 - 00000000 ___SD C:\ComboFix
2017-03-27 16:31 - 2017-03-27 16:31 - 00000984 _____ C:\Users\Public\Desktop\AVG.lnk
2017-03-27 16:26 - 2017-03-27 16:26 - 00003600 _____ C:\Windows\System32\Tasks\AVG EUpdate Task
2017-03-25 10:53 - 2017-03-25 10:53 - 00000948 _____ C:\Users\Public\Desktop\GPU Temp.lnk
2017-03-25 10:53 - 2017-03-25 10:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GPU Temp
2017-03-25 10:53 - 2017-03-25 10:53 - 00000000 ____D C:\Program Files (x86)\GPU Temp
2017-03-25 10:52 - 2017-03-25 10:52 - 00606048 _____ (gputemp.com ) C:\Users\Asce\Desktop\gputemp_setup.exe
2017-03-25 10:49 - 2017-03-25 10:49 - 00004474 _____ C:\Windows\System32\Tasks\Adobe Flash Player PPAPI Notifier
2017-03-25 10:06 - 2017-03-28 05:41 - 00003032 _____ C:\Windows\System32\Tasks\Kaspersky_Upgrade_Launcher_{278ADC42-419D-4547-A6CA-5B74BE0AD901}
2017-03-25 08:20 - 2017-03-25 09:17 - 00000000 ____D C:\Users\Asce\Desktop\mbar
2017-03-25 08:20 - 2017-03-25 08:20 - 16563352 _____ (Malwarebytes Corp.) C:\Users\Asce\Desktop\mbar-1.09.3.1001.exe
2017-03-25 08:01 - 2016-04-14 08:38 - 00113216 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll
2017-03-25 08:01 - 2016-04-14 08:38 - 00102976 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2017-03-25 08:01 - 2016-04-14 08:38 - 00056384 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2017-03-25 07:59 - 2017-03-25 07:59 - 00001488 _____ C:\Users\Asce\Desktop\Battle.net.lnk
2017-03-25 07:50 - 2017-03-25 07:50 - 00000515 _____ C:\Users\Public\Desktop\Overwatch.lnk
2017-03-25 07:41 - 2017-03-25 07:50 - 00000000 ____D C:\Windows\system32\MRT
2017-03-25 07:40 - 2017-03-25 07:40 - 138634176 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2017-03-25 07:38 - 2017-03-25 07:38 - 00002091 _____ C:\Users\Public\Desktop\Kaspersky Anti-Virus.lnk
2017-03-25 07:38 - 2017-03-25 07:38 - 00001382 _____ C:\Users\Public\Desktop\Kaspersky Secure Connection.lnk
2017-03-25 07:38 - 2017-03-25 07:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Secure Connection
-
March 28th, 2017, 05:34 AM
#11
2017-03-25 07:38 - 2017-03-25 07:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Anti-Virus
2017-03-25 07:37 - 2017-03-25 07:37 - 00000000 ____D C:\Windows\ELAMBKUP
2017-03-25 07:37 - 2013-05-06 09:13 - 00110176 _____ (Kaspersky Lab ZAO) C:\Windows\system32\klfphc.dll
2017-03-25 07:36 - 2017-03-28 05:40 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2017-03-25 07:36 - 2017-03-25 08:10 - 01035488 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klif.sys
2017-03-25 07:36 - 2017-03-25 08:10 - 00195296 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klflt.sys
2017-03-25 07:36 - 2017-03-25 07:38 - 00000000 ____D C:\Program Files (x86)\Kaspersky Lab
2017-03-25 07:34 - 2017-03-25 07:35 - 00000000 ____D C:\ProgramData\Kaspersky Lab Setup Files
2017-03-25 07:31 - 2017-03-25 07:32 - 175941664 _____ (Kaspersky Lab) C:\Users\Asce\Desktop\kav17.0.0.611en_11479.exe
2017-03-25 07:11 - 2017-03-25 07:11 - 01663904 _____ (Malwarebytes) C:\Users\Asce\Desktop\JRT.exe
2017-03-25 07:09 - 2017-03-25 07:09 - 00003094 _____ C:\Windows\System32\Tasks\{9920CA20-B02B-48F7-80EB-96FBB5119F13}
2017-03-25 06:54 - 2017-03-25 07:14 - 00000000 ____D C:\AdwCleaner
2017-03-25 05:03 - 2017-03-25 05:03 - 00028272 _____ C:\Windows\system32\Drivers\TrueSight.sys
2017-03-25 05:02 - 2017-03-25 05:02 - 00000000 ____D C:\ProgramData\RogueKiller
2017-03-25 04:58 - 2017-03-25 05:01 - 00001023 _____ C:\Users\Public\Desktop\RogueKiller.lnk
2017-03-25 04:58 - 2017-03-25 04:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RogueKiller
2017-03-25 04:58 - 2017-03-25 04:58 - 00000000 ____D C:\Program Files\RogueKiller
2017-03-25 04:56 - 2017-03-25 04:56 - 04031440 _____ C:\Users\Asce\Desktop\AdwCleaner.exe
2017-03-24 17:02 - 2017-03-24 17:02 - 00000000 ____D C:\Users\Asce\Desktop\resimler yedek
2017-03-24 16:10 - 2017-03-24 16:18 - 00000000 ____D C:\Users\Asce\Documents\Overwatch
2017-03-24 15:08 - 2017-03-28 06:03 - 00000000 ____D C:\FRST
2017-03-24 15:08 - 2011-06-26 09:45 - 00256000 _____ C:\Windows\PEV.exe
2017-03-24 15:08 - 2010-11-07 20:20 - 00208896 _____ C:\Windows\MBR.exe
2017-03-24 15:08 - 2009-04-20 07:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2017-03-24 15:08 - 2000-08-31 03:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2017-03-24 15:08 - 2000-08-31 03:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2017-03-24 15:08 - 2000-08-31 03:00 - 00098816 _____ C:\Windows\sed.exe
2017-03-24 15:08 - 2000-08-31 03:00 - 00080412 _____ C:\Windows\grep.exe
2017-03-24 15:08 - 2000-08-31 03:00 - 00068096 _____ C:\Windows\zip.exe
2017-03-24 14:05 - 2017-03-24 14:05 - 02424832 _____ (Farbar) C:\Users\Asce\Desktop\FRST64.exe
2017-03-24 13:58 - 2017-03-24 15:07 - 00000000 ____D C:\Qoobox
2017-03-24 13:57 - 2017-03-27 16:54 - 00000000 ___SD C:\32788R22FWJFW
2017-03-24 13:57 - 2017-03-27 16:33 - 00000000 ____D C:\Windows\erdnt
2017-03-24 13:57 - 2017-03-24 13:57 - 05659269 _____ (Swearware) C:\Users\Asce\Downloads\ComboFix.exe
2017-03-24 13:38 - 2017-03-24 13:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Overwatch
2017-03-24 13:10 - 2017-03-28 05:34 - 00082208 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys
2017-03-24 13:10 - 2017-03-28 05:25 - 00043968 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2017-03-24 13:10 - 2017-03-27 16:41 - 00111544 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt.sys
2017-03-24 13:09 - 2017-03-28 05:25 - 00251840 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2017-03-24 13:09 - 2017-03-28 05:25 - 00186304 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2017-03-24 13:09 - 2017-03-25 09:17 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2017-03-24 13:09 - 2017-03-25 07:46 - 00001919 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2017-03-24 13:09 - 2017-03-25 06:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2017-03-24 13:09 - 2017-03-24 13:10 - 00000000 ____D C:\ProgramData\Malwarebytes
2017-03-24 13:09 - 2017-03-24 13:09 - 00000000 ____D C:\Program Files\Malwarebytes
2017-03-24 13:09 - 2017-02-24 07:23 - 00077408 _____ C:\Windows\system32\Drivers\mbae64.sys
2017-03-24 13:07 - 2017-03-24 13:07 - 57131432 _____ (Malwarebytes ) C:\Users\Asce\Downloads\mb3-setup-consumer-3.0.6.1469-1075.exe
2017-03-24 13:06 - 2017-03-24 13:06 - 16563352 _____ (Malwarebytes Corp.) C:\Users\Asce\Downloads\mbar-1.09.3.1001.exe
2017-03-24 13:05 - 2017-03-24 13:05 - 05788712 _____ C:\Users\Asce\Downloads\qssetup.exe
2017-03-24 12:58 - 2017-03-24 12:58 - 00004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2017-03-24 12:55 - 2015-07-18 16:08 - 00984448 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll
2017-03-24 12:55 - 2015-07-18 16:08 - 00901264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll
2017-03-24 12:55 - 2015-07-18 16:08 - 00066400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-private-l1-1-0.dll
2017-03-24 12:55 - 2015-07-18 16:08 - 00063840 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll
2017-03-24 12:55 - 2015-07-18 16:08 - 00022368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-math-l1-1-0.dll
2017-03-24 12:55 - 2015-07-18 16:08 - 00020832 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
2017-03-24 12:55 - 2015-07-18 16:08 - 00019808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
2017-03-24 12:55 - 2015-07-18 16:08 - 00019808 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2017-03-24 12:55 - 2015-07-18 16:08 - 00017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-string-l1-1-0.dll
2017-03-24 12:55 - 2015-07-18 16:08 - 00017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-stdio-l1-1-0.dll
2017-03-24 12:55 - 2015-07-18 16:08 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
2017-03-24 12:55 - 2015-07-18 16:08 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2017-03-24 12:55 - 2015-07-18 16:08 - 00016224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2017-03-24 12:55 - 2015-07-18 16:08 - 00016224 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2017-03-24 12:55 - 2015-07-18 16:08 - 00015712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-convert-l1-1-0.dll
2017-03-24 12:55 - 2015-07-18 16:08 - 00015712 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2017-03-24 12:55 - 2015-07-18 16:08 - 00014176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-time-l1-1-0.dll
2017-03-24 12:55 - 2015-07-18 16:08 - 00014176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-2-0.dll
2017-03-24 12:55 - 2015-07-18 16:08 - 00014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
2017-03-24 12:55 - 2015-07-18 16:08 - 00014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-2-0.dll
2017-03-24 12:55 - 2015-07-18 16:08 - 00013664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
2017-03-24 12:55 - 2015-07-18 16:08 - 00013664 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2017-03-24 12:55 - 2015-07-18 16:08 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-process-l1-1-0.dll
2017-03-24 12:55 - 2015-07-18 16:08 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll
2017-03-24 12:55 - 2015-07-18 16:08 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-conio-l1-1-0.dll
2017-03-24 12:55 - 2015-07-18 16:08 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll
2017-03-24 12:55 - 2015-07-18 16:08 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2017-03-24 12:55 - 2015-07-18 16:08 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2017-03-24 12:55 - 2015-07-18 16:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-utility-l1-1-0.dll
2017-03-24 12:55 - 2015-07-18 16:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll
2017-03-24 12:55 - 2015-07-18 16:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-environment-l1-1-0.dll
2017-03-24 12:55 - 2015-07-18 16:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-2-0.dll
2017-03-24 12:55 - 2015-07-18 16:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-1.dll
2017-03-24 12:55 - 2015-07-18 16:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2017-03-24 12:55 - 2015-07-18 16:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2017-03-24 12:55 - 2015-07-18 16:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2017-03-24 12:55 - 2015-07-18 16:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-2-0.dll
2017-03-24 12:55 - 2015-07-18 16:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-1.dll
2017-03-24 12:55 - 2015-07-18 16:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-eventing-provider-l1-1-0.dll
2017-03-24 12:55 - 2015-07-18 16:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l2-1-0.dll
2017-03-24 12:55 - 2015-07-18 16:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-timezone-l1-1-0.dll
2017-03-24 12:55 - 2015-07-18 16:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l2-1-0.dll
2017-03-24 12:55 - 2015-07-18 16:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-2-0.dll
2017-03-24 12:55 - 2015-07-18 16:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-eventing-provider-l1-1-0.dll
2017-03-24 12:55 - 2015-07-18 16:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l2-1-0.dll
2017-03-24 12:55 - 2015-07-18 16:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-timezone-l1-1-0.dll
2017-03-24 12:55 - 2015-07-18 16:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l2-1-0.dll
2017-03-24 12:55 - 2015-07-18 16:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-2-0.dll
2017-03-24 12:43 - 2017-03-27 16:20 - 00000000 ____D C:\Users\Asce\AppData\Local\NVIDIA Corporation
2017-03-24 12:37 - 2017-03-27 16:20 - 00000000 ____D C:\Users\Asce\AppData\Local\NVIDIA
2017-03-24 12:37 - 2017-03-25 10:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2017-03-24 12:35 - 2017-03-28 05:24 - 00000000 ____D C:\ProgramData\NVIDIA
2017-03-24 12:35 - 2016-01-23 04:12 - 00110016 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2017-03-24 12:34 - 2017-03-25 10:51 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2017-03-24 12:34 - 2016-01-23 04:04 - 06368312 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2017-03-24 12:34 - 2016-01-23 04:04 - 02992064 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2017-03-24 12:34 - 2016-01-23 04:04 - 02563128 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2017-03-24 12:34 - 2016-01-23 04:04 - 01263040 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2017-03-24 12:34 - 2016-01-23 04:04 - 00532024 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshext.dll
2017-03-24 12:34 - 2016-01-23 04:04 - 00393784 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2017-03-24 12:34 - 2016-01-23 04:04 - 00083512 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshextr.dll
2017-03-24 12:34 - 2016-01-23 04:04 - 00071224 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2017-03-24 12:34 - 2016-01-23 00:07 - 06125650 _____ C:\Windows\system32\nvcoproc.bin
2017-03-24 12:33 - 2016-06-26 03:27 - 00970240 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2017-03-24 12:33 - 2016-06-26 03:27 - 00344576 _____ (Microsoft Corporation) C:\Windows\system32\ntprint.dll
2017-03-24 12:33 - 2016-06-26 03:27 - 00166400 _____ (Microsoft Corporation) C:\Windows\system32\inetpp.dll
2017-03-24 12:33 - 2016-06-26 03:27 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\inetppui.dll
2017-03-24 12:33 - 2016-06-25 22:53 - 00297472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntprint.dll
2017-03-24 12:33 - 2016-06-25 22:53 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\ntprint.exe
2017-03-24 12:33 - 2016-06-25 22:53 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\wpnpinst.exe
2017-03-24 12:33 - 2016-06-25 22:41 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntprint.exe
2017-03-24 12:33 - 2016-03-18 01:56 - 02084864 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2017-03-24 12:33 - 2016-03-18 01:28 - 01414144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2017-03-24 12:33 - 2016-01-23 06:42 - 42983992 _____ C:\Windows\system32\nvcompiler.dll
2017-03-24 12:33 - 2016-01-23 06:42 - 37614528 _____ C:\Windows\SysWOW64\nvcompiler.dll
2017-03-24 12:33 - 2016-01-23 06:42 - 31079992 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2017-03-24 12:33 - 2016-01-23 06:42 - 24911296 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2017-03-24 12:33 - 2016-01-23 06:42 - 21193544 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2017-03-24 12:33 - 2016-01-23 06:42 - 20733832 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2017-03-24 12:33 - 2016-01-23 06:42 - 18758400 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2017-03-24 12:33 - 2016-01-23 06:42 - 17626352 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2017-03-24 12:33 - 2016-01-23 06:42 - 17218792 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2017-03-24 12:33 - 2016-01-23 06:42 - 16995064 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2017-03-24 12:33 - 2016-01-23 06:42 - 16327896 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2017-03-24 12:33 - 2016-01-23 06:42 - 14016576 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2017-03-24 12:33 - 2016-01-23 06:42 - 12379072 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2017-03-24 12:33 - 2016-01-23 06:42 - 03683560 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2017-03-24 12:33 - 2016-01-23 06:42 - 03258664 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2017-03-24 12:33 - 2016-01-23 06:42 - 03145272 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2017-03-24 12:33 - 2016-01-23 06:42 - 02721216 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2017-03-24 12:33 - 2016-01-23 06:42 - 01924152 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6436175.dll
2017-03-24 12:33 - 2016-01-23 06:42 - 01573432 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6436175.dll
2017-03-24 12:33 - 2016-01-23 06:42 - 01572496 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco6420103.dll
2017-03-24 12:33 - 2016-01-23 06:42 - 00948672 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2017-03-24 12:33 - 2016-01-23 06:42 - 00880576 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2017-03-24 12:33 - 2016-01-23 06:42 - 00747064 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2017-03-24 12:33 - 2016-01-23 06:42 - 00689600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2017-03-24 12:33 - 2016-01-23 06:42 - 00501896 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2017-03-24 12:33 - 2016-01-23 06:42 - 00468960 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2017-03-24 12:33 - 2016-01-23 06:42 - 00425016 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2017-03-24 12:33 - 2016-01-23 06:42 - 00423080 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2017-03-24 12:33 - 2016-01-23 06:42 - 00388560 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2017-03-24 12:33 - 2016-01-23 06:42 - 00377792 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2017-03-24 12:33 - 2016-01-23 06:42 - 00205456 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
2017-03-24 12:33 - 2016-01-23 06:42 - 00175368 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2017-03-24 12:33 - 2016-01-23 06:42 - 00153392 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2017-03-24 12:33 - 2016-01-23 06:42 - 00151368 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2017-03-24 12:33 - 2016-01-23 06:42 - 00128512 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2017-03-24 12:33 - 2016-01-23 06:42 - 00039240 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll
2017-03-24 12:33 - 2016-01-23 06:42 - 00034905 _____ C:\Windows\system32\nvinfo.pb
2017-03-24 12:33 - 2016-01-06 22:02 - 00275456 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2017-03-24 12:33 - 2016-01-06 21:41 - 00216064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InkEd.dll
2017-03-24 12:33 - 2015-12-09 00:54 - 02285056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2017-03-24 12:33 - 2015-12-09 00:54 - 01620992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2017-03-24 12:33 - 2015-12-09 00:54 - 01568768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVENCOD.DLL
2017-03-24 12:33 - 2015-12-09 00:54 - 01325056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMSPDMOE.DLL
2017-03-24 12:33 - 2015-12-09 00:54 - 00902144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMADMOD.DLL
2017-03-24 12:33 - 2015-12-09 00:54 - 00815616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMADMOE.DLL
2017-03-24 12:33 - 2015-12-09 00:54 - 00740352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmpmde.dll
2017-03-24 12:33 - 2015-12-09 00:54 - 00739328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMSPDMOD.DLL
2017-03-24 12:33 - 2015-12-09 00:54 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVXENCD.DLL
2017-03-24 12:33 - 2015-12-09 00:54 - 00541184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVSDECD.DLL
2017-03-24 12:33 - 2015-12-09 00:54 - 00358400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVSENCD.DLL
2017-03-24 12:33 - 2015-12-09 00:54 - 00154112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\VIDRESZR.DLL
2017-03-24 12:33 - 2015-12-09 00:53 - 00970240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2adec.dll
2017-03-24 12:33 - 2015-12-09 00:53 - 00829952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSMPEG2ENC.DLL
2017-03-24 12:33 - 2015-12-09 00:53 - 00609280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFWMAAEC.DLL
2017-03-24 12:33 - 2015-12-09 00:53 - 00415744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MP4SDECD.DLL
2017-03-24 12:33 - 2015-12-09 00:53 - 00241152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MPG4DECD.DLL
2017-03-24 12:33 - 2015-12-09 00:53 - 00241152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MP43DECD.DLL
2017-03-24 12:33 - 2015-12-09 00:53 - 00206848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RESAMPLEDMO.DLL
2017-03-24 12:33 - 2015-12-09 00:53 - 00206848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qasf.dll
2017-03-24 12:33 - 2015-12-09 00:53 - 00193536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ksproxy.ax
2017-03-24 12:33 - 2015-12-09 00:53 - 00153600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\COLORCNV.DLL
2017-03-24 12:33 - 2015-12-09 00:53 - 00079872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MP3DMOD.DLL
2017-03-24 12:33 - 2015-12-09 00:53 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\devenum.dll
2017-03-24 12:33 - 2015-12-09 00:53 - 00053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfvdsp.dll
2017-03-24 12:33 - 2015-12-09 00:53 - 00004608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ksuser.dll
2017-03-24 12:33 - 2015-12-08 22:07 - 02777088 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2017-03-24 12:33 - 2015-12-08 22:07 - 01955328 _____ (Microsoft Corporation) C:\Windows\system32\WMVENCOD.DLL
2017-03-24 12:33 - 2015-12-08 22:07 - 01888768 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2017-03-24 12:33 - 2015-12-08 22:07 - 01575424 _____ (Microsoft Corporation) C:\Windows\system32\WMSPDMOE.DLL
2017-03-24 12:33 - 2015-12-08 22:07 - 01307136 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2adec.dll
2017-03-24 12:33 - 2015-12-08 22:07 - 01232896 _____ (Microsoft Corporation) C:\Windows\system32\WMADMOD.DLL
2017-03-24 12:33 - 2015-12-08 22:07 - 01160192 _____ (Microsoft Corporation) C:\Windows\system32\MSMPEG2ENC.DLL
2017-03-24 12:33 - 2015-12-08 22:07 - 01153024 _____ (Microsoft Corporation) C:\Windows\system32\WMADMOE.DLL
2017-03-24 12:33 - 2015-12-08 22:07 - 01026048 _____ (Microsoft Corporation) C:\Windows\system32\wmpmde.dll
2017-03-24 12:33 - 2015-12-08 22:07 - 01010688 _____ (Microsoft Corporation) C:\Windows\system32\mcmde.dll
2017-03-24 12:33 - 2015-12-08 22:07 - 00978944 _____ (Microsoft Corporation) C:\Windows\system32\WMSPDMOD.DLL
2017-03-24 12:33 - 2015-12-08 22:07 - 00666112 _____ (Microsoft Corporation) C:\Windows\system32\WMVSDECD.DLL
2017-03-24 12:33 - 2015-12-08 22:07 - 00653824 _____ (Microsoft Corporation) C:\Windows\system32\MP4SDECD.DLL
2017-03-24 12:33 - 2015-12-08 22:07 - 00642048 _____ (Microsoft Corporation) C:\Windows\system32\WMVXENCD.DLL
2017-03-24 12:33 - 2015-12-08 22:07 - 00484864 _____ (Microsoft Corporation) C:\Windows\system32\MFWMAAEC.DLL
2017-03-24 12:33 - 2015-12-08 22:07 - 00447488 _____ (Microsoft Corporation) C:\Windows\system32\WMVSENCD.DLL
2017-03-24 12:33 - 2015-12-08 22:07 - 00378880 _____ (Microsoft Corporation) C:\Windows\system32\SysFxUI.dll
2017-03-24 12:33 - 2015-12-08 22:07 - 00292352 _____ (Microsoft Corporation) C:\Windows\system32\VIDRESZR.DLL
2017-03-24 12:33 - 2015-12-08 22:07 - 00254464 _____ (Microsoft Corporation) C:\Windows\system32\qasf.dll
2017-03-24 12:33 - 2015-12-08 22:07 - 00225792 _____ (Microsoft Corporation) C:\Windows\system32\RESAMPLEDMO.DLL
2017-03-24 12:33 - 2015-12-08 22:07 - 00224768 _____ (Microsoft Corporation) C:\Windows\system32\MPG4DECD.DLL
2017-03-24 12:33 - 2015-12-08 22:07 - 00223744 _____ (Microsoft Corporation) C:\Windows\system32\MP43DECD.DLL
2017-03-24 12:33 - 2015-12-08 22:07 - 00189952 _____ (Microsoft Corporation) C:\Windows\system32\COLORCNV.DLL
2017-03-24 12:33 - 2015-12-08 22:07 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\MP3DMOD.DLL
2017-03-24 12:33 - 2015-12-08 22:07 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\devenum.dll
2017-03-24 12:33 - 2015-12-08 22:07 - 00070144 _____ (Microsoft Corporation) C:\Windows\system32\mfvdsp.dll
2017-03-24 12:33 - 2015-12-08 22:07 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\ksuser.dll
2017-03-24 12:33 - 2015-12-08 22:06 - 00250880 _____ (Microsoft Corporation) C:\Windows\system32\ksproxy.ax
2017-03-24 12:33 - 2015-12-08 21:54 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys
2017-03-24 12:33 - 2015-12-08 21:12 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys
2017-03-24 12:33 - 2015-12-08 21:11 - 00005632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmkaud.sys
2017-03-24 12:33 - 2015-11-14 02:09 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\mapistub.dll
2017-03-24 12:33 - 2015-11-14 02:09 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\mapi32.dll
2017-03-24 12:33 - 2015-11-14 02:08 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\fixmapi.exe
2017-03-24 12:33 - 2015-11-14 01:50 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mapistub.dll
2017-03-24 12:33 - 2015-11-14 01:50 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mapi32.dll
2017-03-24 12:33 - 2015-11-14 01:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fixmapi.exe
2017-03-24 12:32 - 2017-03-04 20:24 - 00394448 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2017-03-24 12:32 - 2017-03-04 19:39 - 00346320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2017-03-24 12:32 - 2017-03-04 11:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2017-03-24 12:32 - 2017-03-04 11:20 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2017-03-24 12:32 - 2017-03-04 11:02 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2017-03-24 12:32 - 2017-03-04 11:01 - 00576512 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2017-03-24 12:32 - 2017-03-04 11:01 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2017-03-24 12:32 - 2017-03-04 11:01 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2017-03-24 12:32 - 2017-03-04 11:01 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2017-03-24 12:32 - 2017-03-04 10:59 - 02895360 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2017-03-24 12:32 - 2017-03-04 10:52 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2017-03-24 12:32 - 2017-03-04 10:51 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2017-03-24 12:32 - 2017-03-04 10:48 - 25746944 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2017-03-24 12:32 - 2017-03-04 10:46 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2017-03-24 12:32 - 2017-03-04 10:45 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2017-03-24 12:32 - 2017-03-04 10:45 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2017-03-24 12:32 - 2017-03-04 10:45 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2017-03-24 12:32 - 2017-03-04 10:44 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2017-03-24 12:32 - 2017-03-04 10:36 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2017-03-24 12:32 - 2017-03-04 10:32 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2017-03-24 12:32 - 2017-03-04 10:31 - 06045696 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2017-03-24 12:32 - 2017-03-04 10:23 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2017-03-24 12:32 - 2017-03-04 10:21 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2017-03-24 12:32 - 2017-03-04 10:16 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2017-03-24 12:32 - 2017-03-04 10:16 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2017-03-24 12:32 - 2017-03-04 10:13 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2017-03-24 12:32 - 2017-03-04 10:11 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2017-03-24 12:32 - 2017-03-04 09:57 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2017-03-24 12:32 - 2017-03-04 09:55 - 00725504 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2017-03-24 12:32 - 2017-03-04 09:54 - 00806912 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2017-03-24 12:32 - 2017-03-04 09:52 - 02131456 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2017-03-24 12:32 - 2017-03-04 09:52 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2017-03-24 12:32 - 2017-03-04 09:26 - 15259648 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2017-03-24 12:32 - 2017-03-04 09:25 - 03241984 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2017-03-24 12:32 - 2017-03-04 09:12 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2017-03-24 12:32 - 2017-03-04 09:02 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2017-03-24 12:32 - 2017-03-04 07:18 - 20281856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2017-03-24 12:32 - 2017-03-02 21:16 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2017-03-24 12:32 - 2017-03-02 21:02 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2017-03-24 12:32 - 2017-03-02 21:01 - 00499200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2017-03-24 12:32 - 2017-03-02 21:01 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2017-03-24 12:32 - 2017-03-02 21:01 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2017-03-24 12:32 - 2017-03-02 21:00 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2017-03-24 12:32 - 2017-03-02 20:55 - 02287104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2017-03-24 12:32 - 2017-03-02 20:54 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2017-03-24 12:32 - 2017-03-02 20:53 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2017-03-24 12:32 - 2017-03-02 20:51 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2017-03-24 12:32 - 2017-03-02 20:50 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2017-03-24 12:32 - 2017-03-02 20:49 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2017-03-24 12:32 - 2017-03-02 20:49 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2017-03-24 12:32 - 2017-03-02 20:41 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2017-03-24 12:32 - 2017-03-02 20:36 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2017-03-24 12:32 - 2017-03-02 20:35 - 00091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2017-03-24 12:32 - 2017-03-02 20:32 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2017-03-24 12:32 - 2017-03-02 20:31 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2017-03-24 12:32 - 2017-03-02 20:29 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2017-03-24 12:32 - 2017-03-02 20:28 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2017-03-24 12:32 - 2017-03-02 20:22 - 04604416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2017-03-24 12:32 - 2017-03-02 20:21 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2017-03-24 12:32 - 2017-03-02 20:19 - 00693248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2017-03-24 12:32 - 2017-03-02 20:17 - 02055680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2017-03-24 12:32 - 2017-03-02 20:17 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2017-03-24 12:32 - 2017-03-02 20:11 - 13654528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2017-03-24 12:32 - 2017-03-02 19:53 - 02767360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2017-03-24 12:32 - 2017-03-02 19:50 - 01312768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2017-03-24 12:32 - 2017-03-02 19:50 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2017-03-24 12:32 - 2017-02-11 18:58 - 00462848 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2017-03-24 12:32 - 2017-02-11 18:58 - 00405504 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2017-03-24 12:32 - 2017-02-11 18:58 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2017-03-24 12:32 - 2017-02-10 19:32 - 00803328 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2017-03-24 12:32 - 2017-02-10 19:32 - 00405504 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2017-03-24 12:32 - 2017-02-10 19:17 - 00628736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2017-03-24 12:32 - 2017-02-10 19:17 - 00312832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2017-03-24 12:32 - 2017-02-10 17:33 - 01251328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2017-03-24 12:32 - 2017-02-09 19:36 - 00631176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2017-03-24 12:32 - 2017-02-09 19:35 - 05548264 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2017-03-24 12:32 - 2017-02-09 19:35 - 00706792 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2017-03-24 12:32 - 2017-02-09 19:35 - 00154856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2017-03-24 12:32 - 2017-02-09 19:35 - 00095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2017-03-24 12:32 - 2017-02-09 19:33 - 01732864 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2017-03-24 12:32 - 2017-02-09 19:32 - 01212928 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2017-03-24 12:32 - 2017-02-09 19:32 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2017-03-24 12:32 - 2017-02-09 19:32 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2017-03-24 12:32 - 2017-02-09 19:32 - 00345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2017-03-24 12:32 - 2017-02-09 19:32 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2017-03-24 12:32 - 2017-02-09 19:32 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2017-03-24 12:32 - 2017-02-09 19:32 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2017-03-24 12:32 - 2017-02-09 19:32 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2017-03-24 12:32 - 2017-02-09 19:32 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2017-03-24 12:32 - 2017-02-09 19:32 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2017-03-24 12:32 - 2017-02-09 19:32 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2017-03-24 12:32 - 2017-02-09 19:32 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2017-03-24 12:32 - 2017-02-09 19:32 - 00040960 _____ (Microsoft Corporation) C:\Windows\system32\WcsPlugInService.dll
2017-03-24 12:32 - 2017-02-09 19:32 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2017-03-24 12:32 - 2017-02-09 19:32 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2017-03-24 12:32 - 2017-02-09 19:32 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2017-03-24 12:32 - 2017-02-09 19:32 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2017-03-24 12:32 - 2017-02-09 19:31 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2017-03-24 12:32 - 2017-02-09 19:31 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2017-03-24 12:32 - 2017-02-09 19:31 - 00880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2017-03-24 12:32 - 2017-02-09 19:31 - 00730624 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2017-03-24 12:32 - 2017-02-09 19:31 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2017-03-24 12:32 - 2017-02-09 19:31 - 00625664 _____ (Microsoft Corporation) C:\Windows\system32\mscms.dll
2017-03-24 12:32 - 2017-02-09 19:31 - 00463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2017-03-24 12:32 - 2017-02-09 19:31 - 00419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2017-03-24 12:32 - 2017-02-09 19:31 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2017-03-24 12:32 - 2017-02-09 19:31 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2017-03-24 12:32 - 2017-02-09 19:31 - 00250880 _____ (Microsoft Corporation) C:\Windows\system32\icm32.dll
2017-03-24 12:32 - 2017-02-09 19:31 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2017-03-24 12:32 - 2017-02-09 19:31 - 00123904 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
2017-03-24 12:32 - 2017-02-09 19:31 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2017-03-24 12:32 - 2017-02-09 19:31 - 00059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2017-03-24 12:32 - 2017-02-09 19:31 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2017-03-24 12:32 - 2017-02-09 19:31 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2017-03-24 12:32 - 2017-02-09 19:31 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2017-03-24 12:32 - 2017-02-09 19:31 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2017-03-24 12:32 - 2017-02-09 19:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2017-03-24 12:32 - 2017-02-09 19:31 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2017-03-24 12:32 - 2017-02-09 19:31 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2017-03-24 12:32 - 2017-02-09 19:31 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2017-03-24 12:32 - 2017-02-09 19:31 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2017-03-24 12:32 - 2017-02-09 19:31 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2017-03-24 12:32 - 2017-02-09 19:31 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2017-03-24 12:32 - 2017-02-09 19:31 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2017-03-24 12:32 - 2017-02-09 19:31 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2017-03-24 12:32 - 2017-02-09 19:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2017-03-24 12:32 - 2017-02-09 19:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2017-03-24 12:32 - 2017-02-09 19:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2017-03-24 12:32 - 2017-02-09 19:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2017-03-24 12:32 - 2017-02-09 19:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2017-03-24 12:32 - 2017-02-09 19:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2017-03-24 12:32 - 2017-02-09 19:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
-
March 28th, 2017, 05:34 AM
#12
2017-03-24 12:32 - 2017-02-09 19:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2017-03-24 12:32 - 2017-02-09 19:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2017-03-24 12:32 - 2017-02-09 19:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2017-03-24 12:32 - 2017-02-09 19:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2017-03-24 12:32 - 2017-02-09 19:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2017-03-24 12:32 - 2017-02-09 19:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2017-03-24 12:32 - 2017-02-09 19:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2017-03-24 12:32 - 2017-02-09 19:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2017-03-24 12:32 - 2017-02-09 19:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2017-03-24 12:32 - 2017-02-09 19:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2017-03-24 12:32 - 2017-02-09 19:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2017-03-24 12:32 - 2017-02-09 19:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2017-03-24 12:32 - 2017-02-09 19:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2017-03-24 12:32 - 2017-02-09 19:19 - 04000488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2017-03-24 12:32 - 2017-02-09 19:19 - 03945192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2017-03-24 12:32 - 2017-02-09 19:16 - 01314112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2017-03-24 12:32 - 2017-02-09 19:14 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2017-03-24 12:32 - 2017-02-09 19:14 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2017-03-24 12:32 - 2017-02-09 19:14 - 00666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2017-03-24 12:32 - 2017-02-09 19:14 - 00644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2017-03-24 12:32 - 2017-02-09 19:14 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2017-03-24 12:32 - 2017-02-09 19:14 - 00481792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscms.dll
2017-03-24 12:32 - 2017-02-09 19:14 - 00342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2017-03-24 12:32 - 2017-02-09 19:14 - 00275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2017-03-24 12:32 - 2017-02-09 19:14 - 00261120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2017-03-24 12:32 - 2017-02-09 19:14 - 00254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2017-03-24 12:32 - 2017-02-09 19:14 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2017-03-24 12:32 - 2017-02-09 19:14 - 00215040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icm32.dll
2017-03-24 12:32 - 2017-02-09 19:14 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2017-03-24 12:32 - 2017-02-09 19:14 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2017-03-24 12:32 - 2017-02-09 19:14 - 00141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2017-03-24 12:32 - 2017-02-09 19:14 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2017-03-24 12:32 - 2017-02-09 19:14 - 00082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcrypt.dll
2017-03-24 12:32 - 2017-02-09 19:14 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2017-03-24 12:32 - 2017-02-09 19:14 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2017-03-24 12:32 - 2017-02-09 19:14 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2017-03-24 12:32 - 2017-02-09 19:14 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2017-03-24 12:32 - 2017-02-09 19:14 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2017-03-24 12:32 - 2017-02-09 19:14 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2017-03-24 12:32 - 2017-02-09 19:14 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2017-03-24 12:32 - 2017-02-09 19:14 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2017-03-24 12:32 - 2017-02-09 19:14 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2017-03-24 12:32 - 2017-02-09 19:14 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2017-03-24 12:32 - 2017-02-09 19:14 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2017-03-24 12:32 - 2017-02-09 19:14 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2017-03-24 12:32 - 2017-02-09 19:14 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2017-03-24 12:32 - 2017-02-09 19:14 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2017-03-24 12:32 - 2017-02-09 19:14 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2017-03-24 12:32 - 2017-02-09 19:14 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2017-03-24 12:32 - 2017-02-09 19:14 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2017-03-24 12:32 - 2017-02-09 19:14 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2017-03-24 12:32 - 2017-02-09 19:14 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2017-03-24 12:32 - 2017-02-09 19:14 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2017-03-24 12:32 - 2017-02-09 19:14 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2017-03-24 12:32 - 2017-02-09 19:14 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2017-03-24 12:32 - 2017-02-09 19:14 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2017-03-24 12:32 - 2017-02-09 19:14 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2017-03-24 12:32 - 2017-02-09 19:14 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2017-03-24 12:32 - 2017-02-09 19:14 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2017-03-24 12:32 - 2017-02-09 19:14 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2017-03-24 12:32 - 2017-02-09 19:14 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2017-03-24 12:32 - 2017-02-09 19:14 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2017-03-24 12:32 - 2017-02-09 19:14 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2017-03-24 12:32 - 2017-02-09 19:14 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2017-03-24 12:32 - 2017-02-09 19:14 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2017-03-24 12:32 - 2017-02-09 19:03 - 00148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2017-03-24 12:32 - 2017-02-09 19:03 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2017-03-24 12:32 - 2017-02-09 19:03 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2017-03-24 12:32 - 2017-02-09 19:02 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2017-03-24 12:32 - 2017-02-09 19:00 - 03220480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2017-03-24 12:32 - 2017-02-09 18:59 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2017-03-24 12:32 - 2017-02-09 18:58 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2017-03-24 12:32 - 2017-02-09 18:55 - 00291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2017-03-24 12:32 - 2017-02-09 18:55 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2017-03-24 12:32 - 2017-02-09 18:55 - 00129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2017-03-24 12:32 - 2017-02-09 18:54 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2017-03-24 12:32 - 2017-02-09 18:54 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2017-03-24 12:32 - 2017-02-09 18:53 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2017-03-24 12:32 - 2017-02-09 18:51 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WcsPlugInService.dll
2017-03-24 12:32 - 2017-02-09 18:50 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2017-03-24 12:32 - 2017-02-09 18:50 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2017-03-24 12:32 - 2017-02-09 18:50 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2017-03-24 12:32 - 2017-02-09 18:50 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2017-03-24 12:32 - 2017-02-09 18:49 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2017-03-24 12:32 - 2017-02-09 18:49 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2017-03-24 12:32 - 2017-02-09 18:49 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2017-03-24 12:32 - 2017-02-09 18:49 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2017-03-24 12:32 - 2017-02-09 18:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2017-03-24 12:32 - 2017-02-09 17:06 - 01648128 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2017-03-24 12:32 - 2017-02-09 17:06 - 01180160 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2017-03-24 12:32 - 2017-02-06 19:14 - 00733696 _____ (Microsoft Corporation) C:\Windows\HelpPane.exe
2017-03-24 12:32 - 2017-01-13 21:00 - 00976896 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2017-03-24 12:32 - 2017-01-13 21:00 - 00084480 _____ (Microsoft Corporation) C:\Windows\system32\INETRES.dll
2017-03-24 12:32 - 2017-01-13 20:45 - 00741888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2017-03-24 12:32 - 2017-01-13 20:45 - 00084480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\INETRES.dll
2017-03-24 12:32 - 2017-01-11 21:01 - 01887744 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2017-03-24 12:32 - 2017-01-11 21:01 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2017-03-24 12:32 - 2017-01-11 20:43 - 01241088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2017-03-24 12:32 - 2017-01-11 20:43 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2017-03-24 12:32 - 2017-01-06 21:00 - 01574912 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2017-03-24 12:32 - 2017-01-06 20:44 - 01329664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2017-03-24 12:32 - 2016-11-21 21:12 - 00109568 _____ (Microsoft Corporation) C:\Windows\system32\hlink.dll
2017-03-24 12:32 - 2016-11-20 19:19 - 00084992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hlink.dll
2017-03-24 12:32 - 2016-11-20 17:07 - 00467392 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2017-03-24 12:32 - 2016-11-17 19:41 - 00370920 _____ (Microsoft Corporation) C:\Windows\system32\clfs.sys
2017-03-24 12:32 - 2016-11-10 19:32 - 01009152 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
2017-03-24 12:32 - 2016-11-10 19:19 - 00833024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
2017-03-24 12:32 - 2016-11-09 19:41 - 00114408 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2017-03-24 12:32 - 2016-11-09 19:33 - 03244032 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2017-03-24 12:32 - 2016-11-09 19:33 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2017-03-24 12:32 - 2016-11-09 19:33 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2017-03-24 12:32 - 2016-11-09 19:33 - 00070144 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2017-03-24 12:32 - 2016-11-09 19:33 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\msimsg.dll
2017-03-24 12:32 - 2016-11-09 19:33 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2017-03-24 12:32 - 2016-11-09 19:17 - 02365440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2017-03-24 12:32 - 2016-11-09 19:17 - 01806848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2017-03-24 12:32 - 2016-11-09 19:17 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2017-03-24 12:32 - 2016-11-09 19:17 - 00025088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimsg.dll
2017-03-24 12:32 - 2016-11-09 19:17 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2017-03-24 12:32 - 2016-11-09 19:02 - 00128512 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2017-03-24 12:32 - 2016-11-09 18:55 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe
2017-03-24 12:32 - 2016-11-02 18:36 - 00382696 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2017-03-24 12:32 - 2016-11-02 18:32 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2017-03-24 12:32 - 2016-11-02 18:32 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2017-03-24 12:32 - 2016-11-02 18:32 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2017-03-24 12:32 - 2016-11-02 18:32 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2017-03-24 12:32 - 2016-11-02 18:22 - 00308456 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2017-03-24 12:32 - 2016-11-02 18:16 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2017-03-24 12:32 - 2016-11-02 18:16 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2017-03-24 12:32 - 2016-11-02 18:16 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2017-03-24 12:32 - 2016-11-02 17:53 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2017-03-24 12:32 - 2016-10-11 18:32 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\nlsbres.dll
2017-03-24 12:32 - 2016-10-11 18:31 - 01148416 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10.IME
2017-03-24 12:32 - 2016-10-11 18:31 - 01068544 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2017-03-24 12:32 - 2016-10-11 18:31 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10K.DLL
2017-03-24 12:32 - 2016-10-11 18:31 - 00457216 _____ (Microsoft Corporation) C:\Windows\system32\imkr80.ime
2017-03-24 12:32 - 2016-10-11 18:31 - 00246784 _____ (Microsoft Corporation) C:\Windows\system32\input.dll
2017-03-24 12:32 - 2016-10-11 18:31 - 00176128 _____ (Microsoft Corporation) C:\Windows\system32\tintlgnt.ime
2017-03-24 12:32 - 2016-10-11 18:31 - 00175104 _____ (Microsoft Corporation) C:\Windows\system32\quick.ime
2017-03-24 12:32 - 2016-10-11 18:31 - 00175104 _____ (Microsoft Corporation) C:\Windows\system32\qintlgnt.ime
2017-03-24 12:32 - 2016-10-11 18:31 - 00175104 _____ (Microsoft Corporation) C:\Windows\system32\phon.ime
2017-03-24 12:32 - 2016-10-11 18:31 - 00175104 _____ (Microsoft Corporation) C:\Windows\system32\cintlgnt.ime
2017-03-24 12:32 - 2016-10-11 18:31 - 00175104 _____ (Microsoft Corporation) C:\Windows\system32\chajei.ime
2017-03-24 12:32 - 2016-10-11 18:31 - 00132608 _____ (Microsoft Corporation) C:\Windows\system32\pintlgnt.ime
2017-03-24 12:32 - 2016-10-11 18:18 - 01027584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IMJP10.IME
2017-03-24 12:32 - 2016-10-11 18:18 - 00829952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
2017-03-24 12:32 - 2016-10-11 18:18 - 00701440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IMJP10K.DLL
2017-03-24 12:32 - 2016-10-11 18:18 - 00430080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imkr80.ime
2017-03-24 12:32 - 2016-10-11 18:18 - 00202240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\input.dll
2017-03-24 12:32 - 2016-10-11 18:18 - 00126976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tintlgnt.ime
2017-03-24 12:32 - 2016-10-11 18:18 - 00125952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quick.ime
2017-03-24 12:32 - 2016-10-11 18:18 - 00125952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qintlgnt.ime
2017-03-24 12:32 - 2016-10-11 18:18 - 00125952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\phon.ime
2017-03-24 12:32 - 2016-10-11 18:18 - 00125952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cintlgnt.ime
2017-03-24 12:32 - 2016-10-11 18:18 - 00125952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\chajei.ime
2017-03-24 12:32 - 2016-10-11 18:18 - 00090112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pintlgnt.ime
2017-03-24 12:32 - 2016-10-11 18:18 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlsbres.dll
2017-03-24 12:32 - 2016-10-11 17:55 - 00346112 _____ (Microsoft Corporation) C:\Windows\system32\bcdedit.exe
2017-03-24 12:32 - 2016-10-11 16:33 - 00187392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIAnimation.dll
2017-03-24 12:32 - 2016-10-11 16:18 - 00419648 _____ C:\Windows\SysWOW64\locale.nls
2017-03-24 12:32 - 2016-10-11 16:17 - 00419648 _____ C:\Windows\system32\locale.nls
2017-03-24 12:32 - 2016-10-11 16:06 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\UIAnimation.dll
2017-03-24 12:32 - 2016-10-08 16:06 - 00633296 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2017-03-24 12:32 - 2016-10-07 18:32 - 03649536 _____ (Microsoft Corporation) C:\Windows\system32\MSVidCtl.dll
2017-03-24 12:32 - 2016-10-07 18:32 - 00877056 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2017-03-24 12:32 - 2016-10-07 18:32 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\asycfilt.dll
2017-03-24 12:32 - 2016-10-07 18:12 - 02291712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSVidCtl.dll
2017-03-24 12:32 - 2016-10-07 18:12 - 00581632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2017-03-24 12:32 - 2016-10-07 18:12 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\asycfilt.dll
2017-03-24 12:32 - 2016-10-05 17:54 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bowser.sys
2017-03-24 12:32 - 2016-10-04 18:31 - 01483264 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2017-03-24 12:32 - 2016-10-04 18:31 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2017-03-24 12:32 - 2016-10-04 18:31 - 00190976 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2017-03-24 12:32 - 2016-10-04 18:31 - 00141824 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2017-03-24 12:32 - 2016-10-04 18:13 - 01176064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2017-03-24 12:32 - 2016-10-04 18:13 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2017-03-24 12:32 - 2016-10-04 18:13 - 00145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2017-03-24 12:32 - 2016-10-04 18:13 - 00106496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2017-03-24 12:32 - 2016-09-15 17:56 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
2017-03-24 12:32 - 2016-09-13 00:08 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\adsmsext.dll
2017-03-24 12:32 - 2016-09-12 23:49 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adsmsext.dll
2017-03-24 12:32 - 2016-09-09 21:20 - 00756736 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2017-03-24 12:32 - 2016-09-09 21:00 - 00497152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32spl.dll
2017-03-24 12:32 - 2016-09-08 23:34 - 00263680 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2017-03-24 12:32 - 2016-09-08 23:34 - 00208896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2017-03-24 12:32 - 2016-09-08 23:34 - 00108544 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2017-03-24 12:32 - 2016-09-08 23:34 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll
2017-03-24 12:32 - 2016-09-08 17:55 - 00142336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2017-03-24 12:32 - 2016-09-08 17:55 - 00106496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dfsc.sys
2017-03-24 12:32 - 2016-08-22 19:19 - 01386496 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2017-03-24 12:32 - 2016-08-12 20:02 - 14632960 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2017-03-24 12:32 - 2016-08-12 20:02 - 12574720 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2017-03-24 12:32 - 2016-08-12 20:02 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2017-03-24 12:32 - 2016-08-12 20:02 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2017-03-24 12:32 - 2016-08-12 20:02 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2017-03-24 12:32 - 2016-08-12 19:47 - 12574208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2017-03-24 12:32 - 2016-08-12 19:47 - 11410432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2017-03-24 12:32 - 2016-08-12 19:31 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2017-03-24 12:32 - 2016-08-12 19:31 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2017-03-24 12:32 - 2016-08-12 19:31 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2017-03-24 12:32 - 2016-08-12 19:26 - 00461312 _____ (Microsoft Corporation) C:\Windows\system32\scavengeui.dll
2017-03-24 12:32 - 2016-08-06 18:31 - 02023424 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
2017-03-24 12:32 - 2016-08-06 18:31 - 00347136 _____ (Microsoft Corporation) C:\Windows\system32\WSManMigrationPlugin.dll
2017-03-24 12:32 - 2016-08-06 18:31 - 00310784 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll
2017-03-24 12:32 - 2016-08-06 18:31 - 00182272 _____ (Microsoft Corporation) C:\Windows\system32\WsmAuto.dll
2017-03-24 12:32 - 2016-08-06 18:31 - 00054272 _____ (Microsoft Corporation) C:\Windows\system32\WsmRes.dll
2017-03-24 12:32 - 2016-08-06 18:31 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\wsmplpxy.dll
2017-03-24 12:32 - 2016-08-06 18:15 - 01178112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll
2017-03-24 12:32 - 2016-08-06 18:15 - 00249344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManMigrationPlugin.dll
2017-03-24 12:32 - 2016-08-06 18:15 - 00214016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmWmiPl.dll
2017-03-24 12:32 - 2016-08-06 18:15 - 00146944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmAuto.dll
2017-03-24 12:32 - 2016-08-06 18:15 - 00054272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmRes.dll
2017-03-24 12:32 - 2016-08-06 18:01 - 00266752 _____ (Microsoft Corporation) C:\Windows\system32\WSManHTTPConfig.exe
2017-03-24 12:32 - 2016-08-06 18:01 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\wsmprovhost.exe
2017-03-24 12:32 - 2016-08-06 17:53 - 00199168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManHTTPConfig.exe
2017-03-24 12:32 - 2016-08-06 17:53 - 00012288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wsmprovhost.exe
2017-03-24 12:32 - 2016-08-06 17:53 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wsmplpxy.dll
2017-03-24 12:32 - 2016-06-14 20:21 - 00094440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2017-03-24 12:32 - 2016-06-14 20:16 - 04121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2017-03-24 12:32 - 2016-06-14 20:16 - 01202176 _____ (Microsoft Corporation) C:\Windows\system32\drmv2clt.dll
2017-03-24 12:32 - 2016-06-14 20:16 - 01068544 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll
2017-03-24 12:32 - 2016-06-14 20:16 - 00842240 _____ (Microsoft Corporation) C:\Windows\system32\blackbox.dll
2017-03-24 12:32 - 2016-06-14 20:16 - 00782848 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmsdk.dll
2017-03-24 12:32 - 2016-06-14 20:16 - 00680448 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2017-03-24 12:32 - 2016-06-14 20:16 - 00641024 _____ (Microsoft Corporation) C:\Windows\system32\msscp.dll
2017-03-24 12:32 - 2016-06-14 20:16 - 00632320 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
2017-03-24 12:32 - 2016-06-14 20:16 - 00499712 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2017-03-24 12:32 - 2016-06-14 20:16 - 00497664 _____ (Microsoft Corporation) C:\Windows\system32\drmmgrtn.dll
2017-03-24 12:32 - 2016-06-14 20:16 - 00440320 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2017-03-24 12:32 - 2016-06-14 20:16 - 00433152 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2017-03-24 12:32 - 2016-06-14 20:16 - 00371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2017-03-24 12:32 - 2016-06-14 20:16 - 00325632 _____ (Microsoft Corporation) C:\Windows\system32\msnetobj.dll
2017-03-24 12:32 - 2016-06-14 20:16 - 00295936 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2017-03-24 12:32 - 2016-06-14 20:16 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2017-03-24 12:32 - 2016-06-14 20:16 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2017-03-24 12:32 - 2016-06-14 20:16 - 00187904 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
2017-03-24 12:32 - 2016-06-14 20:16 - 00081920 _____ (Microsoft Corporation) C:\Windows\system32\cryptsp.dll
2017-03-24 12:32 - 2016-06-14 20:16 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\pcadm.dll
2017-03-24 12:32 - 2016-06-14 20:16 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll
2017-03-24 12:32 - 2016-06-14 20:16 - 00008704 _____ (Microsoft Corporation) C:\Windows\system32\pcaevts.dll
2017-03-24 12:32 - 2016-06-14 20:16 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2017-03-24 12:32 - 2016-06-14 20:11 - 00663552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys
2017-03-24 12:32 - 2016-06-14 18:21 - 03209216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2017-03-24 12:32 - 2016-06-14 18:21 - 01005056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptui.dll
2017-03-24 12:32 - 2016-06-14 18:21 - 00988160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmv2clt.dll
2017-03-24 12:32 - 2016-06-14 18:21 - 00744960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\blackbox.dll
2017-03-24 12:32 - 2016-06-14 18:21 - 00617984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmdrmsdk.dll
2017-03-24 12:32 - 2016-06-14 18:21 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2017-03-24 12:32 - 2016-06-14 18:21 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscp.dll
2017-03-24 12:32 - 2016-06-14 18:21 - 00489984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\evr.dll
2017-03-24 12:32 - 2016-06-14 18:21 - 00442368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2017-03-24 12:32 - 2016-06-14 18:21 - 00406016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmmgrtn.dll
2017-03-24 12:32 - 2016-06-14 18:21 - 00374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2017-03-24 12:32 - 2016-06-14 18:21 - 00354816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2017-03-24 12:32 - 2016-06-14 18:21 - 00265216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msnetobj.dll
2017-03-24 12:32 - 2016-06-14 18:21 - 00195072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2017-03-24 12:32 - 2016-06-14 18:21 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2017-03-24 12:32 - 2016-06-14 18:21 - 00080896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsp.dll
2017-03-24 12:32 - 2016-06-14 18:21 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2017-03-24 12:32 - 2016-06-14 18:15 - 00125952 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2017-03-24 12:32 - 2016-06-14 18:15 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2017-03-24 12:32 - 2016-06-14 18:15 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2017-03-24 12:32 - 2016-06-14 18:05 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2017-03-24 12:32 - 2016-06-14 18:05 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2017-03-24 12:32 - 2016-06-14 18:00 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\pcawrk.exe
2017-03-24 12:32 - 2016-06-14 18:00 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\pcalua.exe
2017-03-24 12:32 - 2016-05-12 16:05 - 00297984 _____ (Microsoft Corporation) C:\Windows\system32\bcryptprimitives.dll
2017-03-24 12:32 - 2016-05-12 16:04 - 00249352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcryptprimitives.dll
2017-03-24 12:32 - 2016-04-09 10:01 - 00986344 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2017-03-24 12:32 - 2016-04-09 10:01 - 00264936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2017-03-24 12:32 - 2016-04-09 09:57 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
2017-03-24 12:32 - 2016-03-16 03:16 - 00760320 _____ (Microsoft Corporation) C:\Windows\system32\samsrv.dll
2017-03-24 12:32 - 2016-03-16 03:16 - 00106496 _____ (Microsoft Corporation) C:\Windows\system32\samlib.dll
2017-03-24 12:32 - 2016-03-16 02:53 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\samlib.dll
2017-03-24 12:32 - 2016-02-12 21:52 - 03169792 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2017-03-24 12:32 - 2016-02-12 21:52 - 00192512 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2017-03-24 12:32 - 2016-02-12 21:52 - 00098816 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2017-03-24 12:32 - 2016-02-12 21:44 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2017-03-24 12:32 - 2016-02-12 21:39 - 00174080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2017-03-24 12:32 - 2016-02-12 21:22 - 02610688 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2017-03-24 12:32 - 2016-02-12 21:19 - 00709120 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2017-03-24 12:32 - 2016-02-12 21:18 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2017-03-24 12:32 - 2016-02-12 21:18 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2017-03-24 12:32 - 2016-02-12 21:18 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2017-03-24 12:32 - 2016-02-12 21:18 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2017-03-24 12:32 - 2016-02-12 21:18 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2017-03-24 12:32 - 2016-02-12 21:06 - 00573440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2017-03-24 12:32 - 2016-02-12 21:05 - 00093696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2017-03-24 12:32 - 2016-02-12 21:05 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2017-03-24 12:32 - 2016-02-12 21:05 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2017-03-24 12:32 - 2016-02-05 04:19 - 00381440 _____ (Microsoft Corporation) C:\Windows\system32\mfds.dll
2017-03-24 12:32 - 2016-02-04 21:41 - 00296448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfds.dll
2017-03-24 12:32 - 2016-02-03 21:07 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBSTOR.SYS
2017-03-24 12:31 - 2016-05-12 20:15 - 00105472 _____ (Microsoft Corporation) C:\Windows\system32\winipsec.dll
2017-03-24 12:31 - 2016-05-12 20:14 - 00794624 _____ (Microsoft Corporation) C:\Windows\system32\gpsvc.dll
2017-03-24 12:31 - 2016-05-12 20:14 - 00502272 _____ (Microsoft Corporation) C:\Windows\system32\IPSECSVC.DLL
2017-03-24 12:31 - 2016-05-12 20:14 - 00373760 _____ (Microsoft Corporation) C:\Windows\system32\polstore.dll
2017-03-24 12:31 - 2016-05-12 20:14 - 00096256 _____ (Microsoft Corporation) C:\Windows\system32\gpapi.dll
2017-03-24 12:31 - 2016-05-12 20:14 - 00075776 _____ (Microsoft Corporation) C:\Windows\system32\FwRemoteSvr.dll
2017-03-24 12:31 - 2016-05-12 18:18 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\polstore.dll
2017-03-24 12:31 - 2016-05-12 18:18 - 00079360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gpapi.dll
2017-03-24 12:31 - 2016-05-12 18:18 - 00070144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winipsec.dll
2017-03-24 12:31 - 2016-05-12 18:18 - 00044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FwRemoteSvr.dll
2017-03-24 12:31 - 2016-05-11 20:02 - 00483840 _____ (Microsoft Corporation) C:\Windows\system32\StructuredQuery.dll
2017-03-24 12:31 - 2016-05-11 20:02 - 00444928 _____ (Microsoft Corporation) C:\Windows\system32\winhttp.dll
2017-03-24 12:31 - 2016-05-11 20:02 - 00327168 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll
2017-03-24 12:31 - 2016-05-11 20:02 - 00296448 _____ (Microsoft Corporation) C:\Windows\system32\ws2_32.dll
2017-03-24 12:31 - 2016-05-11 18:19 - 00363520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\StructuredQuery.dll
2017-03-24 12:31 - 2016-05-11 18:19 - 00351744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winhttp.dll
2017-03-24 12:31 - 2016-05-11 18:19 - 00231424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswsock.dll
2017-03-24 12:31 - 2016-05-11 18:19 - 00206336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ws2_32.dll
2017-03-24 12:31 - 2016-05-11 18:11 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\netbtugc.exe
2017-03-24 12:31 - 2016-05-11 18:01 - 00026624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netbtugc.exe
2017-03-24 12:31 - 2016-05-11 17:58 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netbt.sys
2017-03-24 12:31 - 2016-04-14 16:49 - 00603648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll
2017-03-24 12:31 - 2016-04-14 16:21 - 00647680 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
2017-03-24 12:31 - 2016-02-09 12:55 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\seclogon.dll
2017-03-24 12:31 - 2016-01-22 09:18 - 00961024 _____ (Microsoft Corporation) C:\Windows\system32\CPFilters.dll
2017-03-24 12:31 - 2016-01-22 09:18 - 00723968 _____ (Microsoft Corporation) C:\Windows\system32\EncDec.dll
2017-03-24 12:31 - 2016-01-22 09:17 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\mtxoci.dll
2017-03-24 12:31 - 2016-01-22 09:04 - 00642048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CPFilters.dll
2017-03-24 12:31 - 2016-01-22 09:04 - 00535040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\EncDec.dll
2017-03-24 12:31 - 2016-01-22 09:02 - 00176128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msorcl32.dll
2017-03-24 12:31 - 2016-01-22 09:02 - 00114176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mtxoci.dll
2017-03-24 12:31 - 2015-12-09 00:53 - 00509952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2017-03-24 12:31 - 2015-12-08 22:07 - 00624640 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2017-03-24 12:30 - 2016-04-09 07:20 - 01230848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2017-03-24 12:30 - 2016-04-09 06:52 - 01424896 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2017-03-24 12:30 - 2016-04-06 18:27 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\jnwmon.dll
2017-03-24 12:25 - 2016-07-22 17:58 - 00142336 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2017-03-24 12:25 - 2016-07-22 17:51 - 00123904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2017-03-24 12:10 - 2017-03-25 10:51 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2017-03-24 12:10 - 2017-03-24 12:10 - 00000000 ____D C:\NVIDIA
2017-03-24 12:08 - 2017-03-24 12:09 - 385746880 _____ (NVIDIA Corporation) C:\Users\Asce\Downloads\361.75-desktop-win8-win7-winvista-64bit-international-whql.exe
2017-03-24 12:08 - 2017-03-24 12:08 - 20647512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2020-04-03 19:38 - 2009-07-14 06:20 - 00000000 ____D C:\Windows\system32\wfp
2020-04-03 19:38 - 2009-07-14 06:20 - 00000000 ____D C:\Windows\system32\config\systemprofile
2020-04-03 19:37 - 2011-04-12 11:28 - 00000000 ___RD C:\Users\Public\Recorded TV
2020-04-03 19:37 - 2009-07-14 06:20 - 00000000 ____D C:\Windows\system32\Drivers\UMDF
2020-04-03 19:37 - 2009-07-14 06:20 - 00000000 ____D C:\Windows\registration
2020-04-03 19:34 - 2009-07-14 06:20 - 00000000 ____D C:\Windows\system32\LogFiles
2020-04-03 11:05 - 2014-07-12 09:43 - 00003330 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2020-04-03 11:05 - 2014-07-12 09:43 - 00003202 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2020-04-03 09:39 - 2014-07-12 09:23 - 00000000 ____D C:\Users\Asce
2020-04-03 09:39 - 2009-07-14 06:20 - 00000000 ____D C:\Windows\system32\config\TxR
2017-03-28 05:55 - 2014-08-06 00:24 - 00000000 ____D C:\Users\Asce\AppData\Roaming\Skype
2017-03-28 05:52 - 2014-07-13 01:17 - 00000000 ____D C:\Steam
2017-03-28 05:30 - 2009-07-14 08:13 - 00783062 _____ C:\Windows\system32\PerfStringBackup.INI
2017-03-28 05:30 - 2009-07-14 06:20 - 00000000 ____D C:\Windows\inf
2017-03-28 05:27 - 2015-01-20 00:51 - 00000000 ____D C:\Users\Asce\AppData\Local\LogMeIn Hamachi
2017-03-28 05:25 - 2015-05-02 16:26 - 00000000 ____D C:\Program Files\SoftEther VPN Client
2017-03-28 05:24 - 2015-05-18 15:56 - 00025640 _____ (Windows (R) Server 2003 DDK provider) C:\Windows\gdrv.sys
2017-03-28 05:24 - 2009-07-14 08:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2017-03-27 18:19 - 2009-07-14 07:45 - 00016832 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-03-27 18:19 - 2009-07-14 07:45 - 00016832 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-03-27 16:54 - 2015-10-03 03:41 - 00776868 _____ C:\Windows\ntbtlog.txt
2017-03-27 16:31 - 2015-11-23 23:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG Zen
2017-03-25 11:16 - 2015-05-04 22:23 - 00000080 _____ C:\Users\Asce\AppData\Local剜捯獫慴慇敭屳呇⁁屖湥楴汴浥湥湩潦
2017-03-25 10:52 - 2015-11-10 23:49 - 00000000 ____D C:\Users\Asce\AppData\Local\CrashDumps
2017-03-25 10:51 - 2015-07-29 20:24 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2017-03-25 10:49 - 2015-10-04 23:42 - 00802904 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2017-03-25 10:49 - 2015-10-04 23:42 - 00144472 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2017-03-25 10:49 - 2015-10-04 23:42 - 00000000 ____D C:\Windows\system32\Macromed
2017-03-25 10:48 - 2015-10-04 23:42 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2017-03-25 10:48 - 2015-02-09 00:28 - 00000000 ____D C:\Users\Asce\AppData\Local\Adobe
2017-03-25 10:18 - 2015-12-24 04:05 - 00000000 ____D C:\Users\Asce\AppData\Local\UnrealEngine
2017-03-25 10:18 - 2014-07-25 02:09 - 00000000 ____D C:\ProgramData\Package Cache
2017-03-25 09:44 - 2014-11-20 23:11 - 00000000 ____D C:\Users\Asce\AppData\Local\Battle.net
2017-03-25 09:39 - 2015-02-05 20:18 - 00000000 ____D C:\Users\Asce\AppData\Local\Steam
2017-03-25 08:30 - 2015-05-04 21:40 - 00000000 ____D C:\Program Files (x86)\Rockstar Games
2017-03-25 08:29 - 2015-05-04 21:40 - 00000000 ____D C:\Program Files\Rockstar Games
2017-03-25 08:10 - 2016-12-26 23:03 - 00313112 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klhk.sys
2017-03-25 08:10 - 2016-12-26 23:03 - 00135904 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klwtp.sys
2017-03-25 08:10 - 2016-06-14 18:47 - 00199392 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\kneps.sys
2017-03-25 08:00 - 2014-11-20 23:11 - 00000000 ____D C:\Program Files (x86)\Battle.net
2017-03-25 07:56 - 2015-06-02 16:04 - 00001806 _____ C:\Windows\Sandboxie.ini
2017-03-25 07:53 - 2015-11-23 23:18 - 00000000 ____D C:\ProgramData\Avg
2017-03-25 07:53 - 2015-06-25 14:23 - 00000000 ____D C:\Program Files\Common Files\AV
2017-03-25 07:53 - 2014-11-28 13:11 - 00000000 ____D C:\Users\Asce\AppData\Local\Avg
2017-03-25 07:53 - 2014-07-13 00:15 - 00000000 ____D C:\Program Files (x86)\AVG
2017-03-25 07:53 - 2014-07-12 23:38 - 00000000 ____D C:\ProgramData\MFAData
2017-03-25 07:12 - 2015-05-18 15:42 - 00000000 ____D C:\ProgramData\InstallShield
2017-03-25 07:12 - 2014-11-09 02:08 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2017-03-25 06:10 - 2009-07-14 07:45 - 00268448 _____ C:\Windows\system32\FNTCACHE.DAT
2017-03-25 06:07 - 2009-07-14 08:32 - 00000000 ____D C:\Program Files\DVD Maker
2017-03-25 06:07 - 2009-07-14 06:20 - 00000000 ____D C:\Windows\SysWOW64\Dism
2017-03-25 06:07 - 2009-07-14 06:20 - 00000000 ____D C:\Windows\system32\Dism
2017-03-25 06:06 - 2011-04-12 11:28 - 00000000 ____D C:\Program Files\Windows Journal
2017-03-24 17:03 - 2014-07-19 23:09 - 00000000 ____D C:\Users\Asce\AppData\Roaming\vlc
2017-03-24 13:48 - 2016-01-05 00:02 - 00003848 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1451941354
2017-03-24 13:48 - 2016-01-05 00:02 - 00000000 ____D C:\Program Files (x86)\Opera
2017-03-24 13:02 - 2014-11-20 23:12 - 00000000 ____D C:\Program Files (x86)\Hearthstone
2017-03-24 12:52 - 2014-11-20 23:11 - 00000000 ____D C:\Users\Asce\AppData\Roaming\Battle.net
2017-03-24 12:52 - 2014-11-20 23:08 - 00000000 ____D C:\ProgramData\Battle.net
2017-03-24 12:51 - 2015-11-05 01:14 - 00007608 _____ C:\Users\Asce\AppData\Local\Resmon.ResmonCfg
2017-03-24 12:48 - 2014-07-12 09:44 - 00002203 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-03-24 12:34 - 2009-07-14 06:20 - 00000000 ____D C:\Windows\Help
==================== Files in the root of some directories =======
2015-11-05 01:14 - 2017-03-24 12:51 - 0007608 _____ () C:\Users\Asce\AppData\Local\Resmon.ResmonCfg
2015-12-11 22:02 - 2015-12-11 22:02 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
Some files in TEMP:
====================
2015-10-23 20:47 - 2015-10-23 20:47 - 2892128 _____ (AVG Technologies) C:\Users\Asce\AppData\Local\Temp\avg-ae9d4a66-87be-4c57-9f03-a23b13fdc342.exe
2016-01-05 21:18 - 2015-11-12 17:54 - 0091048 _____ (AVG Technologies CZ, s.r.o.) C:\Users\Asce\AppData\Local\Temp\avguirn_0899728453.exe
2017-03-25 05:02 - 2015-10-20 04:09 - 1730496 _____ (Microsoft Corporation) C:\Users\Asce\AppData\Local\Temp\dllnt_dump.dll
2015-10-08 20:45 - 2015-10-08 20:49 - 0204800 _____ (Sony DADC Austria AG) C:\Users\Asce\AppData\Local\Temp\drm_dyndata_7400009.dll
2015-11-10 22:16 - 2015-11-11 00:19 - 0035680 _____ () C:\Users\Asce\AppData\Local\Temp\i4jdel0.exe
2015-07-18 16:30 - 2015-07-18 16:30 - 0011264 _____ ( ) C:\Users\Asce\AppData\Local\Temp\iuo4idyi.dll
2015-10-24 22:18 - 2015-12-08 23:45 - 56061688 _____ (Rockstar Games) C:\Users\Asce\AppData\Local\Temp\Social%20Club%20v1.1.6.8%20Setup.exe
2015-12-21 04:39 - 2015-12-21 04:39 - 56838704 _____ (Rockstar Games) C:\Users\Asce\AppData\Local\Temp\Social%20Club%20v1.1.6.9%20Setup.exe
2017-03-24 12:48 - 2017-03-24 12:48 - 14456872 _____ (Microsoft Corporation) C:\Users\Asce\AppData\Local\Temp\vc_redist.x86.exe
2015-08-03 02:58 - 2015-08-03 02:58 - 0118784 _____ () C:\Users\Asce\AppData\Local\Temp\xmlUpdater.exe
2017-03-25 07:46 - 2017-03-25 07:46 - 0503808 _____ () C:\Users\Asce\AppData\Local\Temp\xuninst.exe
2017-03-25 07:09 - 2015-02-08 18:49 - 0455600 _____ (Macrovision Corporation) C:\Users\Asce\AppData\Local\Temp\_isFB2F.exe
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2017-03-24 14:35
==================== End of FRST.txt ============================
-
March 28th, 2017, 05:36 AM
#13
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 15-03-2017
Ran by Asce (28-03-2017 06:04:16)
Running from C:\Users\Asce\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2014-07-12 06:23:31)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-1292172697-4276861399-4271014393-500 - Administrator - Disabled)
Asce (S-1-5-21-1292172697-4276861399-4271014393-1000 - Administrator - Enabled) => C:\Users\Asce
Guest (S-1-5-21-1292172697-4276861399-4271014393-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1292172697-4276861399-4271014393-1002 - Limited - Enabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Kaspersky Anti-Virus (Enabled - Up to date) {86367591-4BE4-AE08-2FD9-7FCB8259CD98}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Kaspersky Anti-Virus (Enabled - Up to date) {3D579475-6DDE-A186-1569-44B9F9DE8725}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
@BIOS Ver.2.06 (HKLM-x32\...\{B2DC3F08-2EB2-49A5-AA24-15DFC8B1CB83}) (Version: 2.06 - GIGABYTE)
µTorrent (HKU\S-1-5-21-1292172697-4276861399-4271014393-1000\...\uTorrent) (Version: 3.4.3.40298 - BitTorrent Inc.)
Adobe Flash Player 25 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 25.0.0.127 - Adobe Systems Incorporated)
Adobe Flash Player 25 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 25.0.0.127 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.13) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.13 - Adobe Systems Incorporated)
Aegisub 3.0.2 (HKLM-x32\...\{24BC8B57-716C-444F-B46B-A3349B9164C5}_is1) (Version: 3.0.2 - Aegisub Team)
Age of Empires II: HD Edition (HKLM-x32\...\Steam App 221380) (Version: - Hidden Path Entertainment, Ensemble Studios)
AMD Catalyst Install Manager (HKLM\...\{F2A7CE36-57BF-5C86-952D-90DBF3746D82}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
AoE II HD Compatibility Patch version 1.0c (HKLM-x32\...\AoE II HD Compatibility Patch_is1) (Version: 1.0c - )
AutoGreen B09.1014.2 (HKLM-x32\...\InstallShield_{C75FAD21-EC08-42F3-92D6-C9C0AB355345}) (Version: 1.00.0000 - GIGABYTE)
AutoGreen B09.1014.2 (x32 Version: 1.00.0000 - GIGABYTE) Hidden
AVG (HKLM\...\AvgZen) (Version: 1.113.2.50020 - AVG Technologies)
AVG Zen (Version: 1.113.1 - AVG Technologies) Hidden
Bastion (HKLM-x32\...\Steam App 107100) (Version: - Supergiant Games)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Battlefield 1942™ (HKLM-x32\...\{5BE7BD06-512B-43bf-AD78-3BD2A5F5F7B3}) (Version: 1.6.20.0 - Electronic Arts)
Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.6.0.0 - Electronic Arts)
Beat Hazard (HKLM-x32\...\Steam App 49600) (Version: - Cold Beam Games)
Besiege (HKLM-x32\...\Steam App 346010) (Version: - Spiderling Studios)
Brawlhalla (HKLM-x32\...\Steam App 291550) (Version: - Blue Mammoth Games)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.5.5642 - CDBurnerXP)
Cheat Engine 6.4 (HKLM-x32\...\Cheat Engine 6.4_is1) (Version: - Cheat Engine)
Command & Conquer™ Red Alert 2 and Yuri’s Revenge (HKLM-x32\...\{F5275D1C-D133-486D-8F07-D6C571F0A8EC}) (Version: 1.0.0.0 - Electronic Arts, Inc.)
Commandos 2: Men of Courage (HKLM-x32\...\Steam App 6830) (Version: - Pyro Studios)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version: - Valve)
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd)
DayZ (HKLM-x32\...\Steam App 221100) (Version: - Bohemia Interactive)
Dead Island: Epidemic (HKLM-x32\...\Steam App 222900) (Version: - Stunlock Studios)
Dead Space™ 3 (HKLM-x32\...\{D4329609-4102-4F8C-B83F-7FE024EEA314}) (Version: 1.0.0.0 - Electronic Arts, Inc.)
DES 2.0 (HKLM-x32\...\{675F86A8-E093-4002-87D5-915CC2C45571}) (Version: 1.00.0000 - Gigabyte)
Don't Starve Together Beta (HKLM-x32\...\Steam App 322330) (Version: - Klei Entertainment)
Dota 2 Workshop Tools Alpha (HKLM-x32\...\Steam App 316570) (Version: - )
Easy Tune 6 B10.0420.1 (HKLM-x32\...\InstallShield_{457D7505-D665-4F95-91C3-ECB8C56E9ACA}) (Version: 1.00.0000 - GIGABYTE)
Easy Tune 6 B10.0420.1 (x32 Version: 1.00.0000 - GIGABYTE) Hidden
Emily is Away (HKLM-x32\...\Steam App 417860) (Version: - Kyle Seeley)
Europa Universalis IV (HKLM-x32\...\Steam App 236850) (Version: - Paradox Development Studio)
f.lux (HKU\S-1-5-21-1292172697-4276861399-4271014393-1000\...\Flux) (Version: - )
Fallout 4 (HKLM-x32\...\Fallout 4_is1) (Version: - )
Fallout: New Vegas (HKLM-x32\...\Steam App 22380) (Version: - Obsidian Entertainment)
FileZilla Client 3.14.1 (HKLM-x32\...\FileZilla Client) (Version: 3.14.1 - Tim Kosse)
FMW 1 (Version: 1.143.3 - AVG Technologies) Hidden
FTL: Faster Than Light (HKLM-x32\...\Steam App 212680) (Version: - Subset Games)
Geometry Dash (HKLM-x32\...\Steam App 322170) (Version: - RobTop Games)
Gigabyte Raid Configurer (HKLM-x32\...\{3A1B5D40-41E9-43FA-8C7B-A8667F5586EF}) (Version: 1.00.0001 - GIGABYTE Technologies, Inc.)
Goat Simulator (HKLM-x32\...\Steam App 265930) (Version: - Coffee Stain Studios)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 56.0.2924.87 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.32.7 - Google Inc.) Hidden
GPU Temp version 1.0 (HKLM-x32\...\{8C8711FD-0FC8-4801-B33E-ED19BB0350B1}_is1) (Version: 1.0 - gputemp.com)
Grand Theft Auto III (HKLM-x32\...\Steam App 12100) (Version: - Rockstar Games)
Grand Theft Auto V (HKLM-x32\...\{E01FA564-2094-4833-8F2F-1FFEC6AFCC46}) (Version: "1.00.0000" - Rockstar Games)
Grand Theft Auto: Vice City (HKLM-x32\...\Steam App 12110) (Version: - Rockstar Games)
Grim Fandango Remastered (HKLM-x32\...\Steam App 316790) (Version: - Double Fine Productions)
GS Auto Clicker (HKLM-x32\...\GS Auto Clicker_is1) (Version: V3.1.3 - goldensoft.org)
Guacamelee! Gold Edition (HKLM-x32\...\Steam App 214770) (Version: - DrinkBox Studios)
Guacamelee! Super Turbo Championship Edition (HKLM-x32\...\Steam App 275390) (Version: - DrinkBox Studios)
Guild Wars 2 (HKLM-x32\...\Guild Wars 2) (Version: - NCsoft Corporation, Ltd.)
Guns of Icarus Online (HKLM-x32\...\Steam App 209080) (Version: - Muse Games)
H1Z1 (HKLM-x32\...\Steam App 295110) (Version: - Daybreak Games)
Half-Life 2 (HKLM-x32\...\Steam App 220) (Version: - Valve)
Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment)
HexChat (HKLM\...\HexChat_is1) (Version: 2.10.2 - HexChat)
HLSW v1.4.0.2 (HKLM-x32\...\HLSW_is1) (Version: - Stripf Software)
Hurtworld (HKLM-x32\...\Steam App 393420) (Version: - Bankroll Studios)
InstallShieldHiRezCurrent (HKLM-x32\...\{9433FC1C-7405-433C-A26D-81076293BBCE}) (Version: 3.0.0.0 - Hi-Rez Studios)
Insurgency (HKLM-x32\...\Steam App 222880) (Version: - New World Interactive)
Java 8 Update 40 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218040F0}) (Version: 8.0.400 - Oracle Corporation)
Just Cause 2: Multiplayer Mod (HKLM-x32\...\Steam App 259080) (Version: - Avalanche Studios)
Kaspersky Anti-Virus (HKLM-x32\...\InstallWIX_{E27B1D7B-3B34-43A2-9FC0-9828D5DF46E2}) (Version: 17.0.0.611 - Kaspersky Lab)
Kaspersky Anti-Virus (x32 Version: 17.0.0.611 - Kaspersky Lab) Hidden
Kaspersky Secure Connection (HKLM-x32\...\InstallWIX_{1CF84962-50F8-48CA-9082-B70F3A02C686}) (Version: 17.0.0.611 - Kaspersky Lab)
Kaspersky Secure Connection (x32 Version: 17.0.0.611 - Kaspersky Lab) Hidden
King's Quest (HKLM-x32\...\Steam App 345390) (Version: - The Odd Gentlemen)
Left 4 Dead 2 (HKLM-x32\...\Steam App 550) (Version: - Valve)
Lethal League (HKLM-x32\...\Steam App 261180) (Version: - Team Reptile)
Logitech Gaming Software 5.10 (HKLM\...\{1444D2EE-C7AD-44A8-844F-2634B49353D1}) (Version: 5.10.127 - Logitech)
Logitech Gaming Software 8.53 (HKLM\...\Logitech Gaming Software) (Version: 8.53.186 - Logitech Inc.)
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.410 - LogMeIn, Inc.)
LogMeIn Hamachi (x32 Version: 2.2.0.410 - LogMeIn, Inc.) Hidden
Lua for Windows 5.1.4-46 (HKLM-x32\...\Lua_is1) (Version: 5.1.4.46 - The Lua for Windows Project and Lua and Tecgraf, PUC-Rio)
Magicka (HKLM-x32\...\Steam App 42910) (Version: - Arrowhead Game Studios)
Malwarebytes version 3.0.6.1469 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.0.6.1469 - Malwarebytes)
MAMEUIFX32 (HKLM-x32\...\MAMEUIFX32) (Version: 0.145 - Mamesick)
Microsoft .NET Framework 4.5 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 4.0.60310.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 Redistributable - x64 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 Redistributable - x86 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 3.1 (HKLM-x32\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Minecraft1.7.8 (HKLM-x32\...\Minecraft1.7.8) (Version: - )
Mount&Blade Warband (HKLM-x32\...\Mount&Blade Warband) (Version: - )
MSI Afterburner 3.0.1 (HKLM-x32\...\Afterburner) (Version: 3.0.1 - MSI Co., LTD)
Mumble 1.2.7 (HKLM-x32\...\{CF8BBFA2-5502-4904-A9E9-8D5CAA8DF785}) (Version: 1.2.7 - Thorvald Natvig)
NEC Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{D7BF9739-8A68-4335-BBEE-37752AD9E86B}) (Version: 1.0.18.0 - NEC Electronics Corporation)
NEC Electronics USB 3.0 Host Controller Driver (x32 Version: 1.0.18.0 - NEC Electronics Corporation) Hidden
Need for Speed Underground 2 (HKLM-x32\...\Need for Speed Underground 2) (Version: - )
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.8.6 - Notepad++ Team)
NVIDIA 3D Vision Controller Driver 352.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 352.65 - NVIDIA Corporation)
NVIDIA 3D Vision Driver 361.75 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 361.75 - NVIDIA Corporation)
NVIDIA Graphics Driver 361.75 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 361.75 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.34.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.4 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
Octoshape Streaming Services (HKU\S-1-5-21-1292172697-4276861399-4271014393-1000\...\Octoshape Streaming Services) (Version: - Octoshape ApS)
ON_OFF Charge B10.0422.2 (HKLM-x32\...\{3DECD372-76A1-4483-BF10-B547790A3261}) (Version: 1.00.0001 - GIGABYTE)
Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version: - )
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
Opera Stable 44.0.2510.857 (HKLM-x32\...\Opera 44.0.2510.857) (Version: 44.0.2510.857 - Opera Software)
Origin (HKLM-x32\...\Origin) (Version: 9.4.11.2806 - Electronic Arts, Inc.)
osu! (HKLM-x32\...\{dd2cc895-8ae6-4b9e-b42a-9aa908c1dca5}) (Version: latest - ppy Pty Ltd)
Outlast (HKLM-x32\...\Outlast_R.G. Mechanics_is1) (Version: - R.G. Mechanics, spider91)
Overwatch (HKLM-x32\...\Overwatch) (Version: - Blizzard Entertainment)
Peggle (HKLM-x32\...\{715AD72D-887A-459E-988B-D4F3E87FA24B}) (Version: 1.04.0.0 - PopCap Games)
Portal 2 (HKLM-x32\...\Steam App 620) (Version: - Valve)
Power MP3 Recorder Cutter v6.5 (HKLM-x32\...\Power MP3 Recorder Cutter_is1) (Version: 6.5 - CooolSoft, Inc.)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.991 - Even Balance, Inc.)
Python 3.4.2 (HKLM-x32\...\{2583CDBA-8A53-4622-BB67-1D163714C1B4}) (Version: 3.4.16349 - Python Software Foundation)
Quake Live (HKLM-x32\...\Steam App 282440) (Version: - id Software)
Realtek Ethernet Controller Driver For Windows 7 (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.17.304.2010 - Realtek)
Realtek HDMI Audio Driver for ATI (HKLM-x32\...\{5449FB4F-1802-4D5B-A6D8-087DB1142147}) (Version: 6.0.1.6650 - Realtek Semiconductor Corp.)
Reflex (HKLM-x32\...\Steam App 328070) (Version: - Turbo Pixel Studios)
Risk of Rain (HKLM-x32\...\Steam App 248820) (Version: - )
RivaTuner Statistics Server 6.1.2 (HKLM-x32\...\RTSS) (Version: 6.1.2 - Unwinder)
Rocket League (HKLM-x32\...\Steam App 252950) (Version: - Psyonix)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.7.8 - Rockstar Games)
RogueKiller version 12.10.1.0 (HKLM\...\8B3D7924-ED89-486B-8322-E8594065D5CB_is1) (Version: 12.10.1.0 - Adlice Software)
Rust (HKLM-x32\...\Steam App 252490) (Version: - Facepunch Studios)
Saints Row IV (HKLM-x32\...\Steam App 206420) (Version: - Deep Silver Volition)
Sandboxie 4.18 (64-bit) (HKLM\...\Sandboxie) (Version: 4.18 - Sandboxie Holdings, LLC)
Serious Sam 2 (HKLM-x32\...\Steam App 204340) (Version: - Croteam)
Serious Sam 2 Dedicated Server Utility (HKLM-x32\...\SS2DedServerUtility) (Version: - )
Shadow Warrior Classic Redux (HKLM-x32\...\Steam App 225160) (Version: - 3D Realms)
SHIELD Streaming (Version: 7.1.0280 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.11.4.1 - NVIDIA Corporation) Hidden
ShiftWindow 1.02 (HKLM-x32\...\ShiftWindow_is1) (Version: - Grismar)
Sid Meier's Civilization V (HKLM-x32\...\Steam App 8930) (Version: - 2K Games, Inc.)
Simply Chess (HKLM-x32\...\Steam App 312280) (Version: - BlueLine Games)
Skype™ 7.17 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.17.105 - Skype Technologies S.A.)
Smart 6 B10.0422.1 (HKLM-x32\...\{3B35725F-C623-4A1E-B5CC-99C0868679E3}) (Version: 1.00.0000 - GIGABYTE)
SMITE (HKLM-x32\...\Steam App 386360) (Version: - Hi-Rez Studios)
Snaz version 1.9.4.0 (HKLM-x32\...\{70A76031-FDC6-4F9B-BB5C-33776703F45A}_is1) (Version: 1.9.4.0 - JimsApps)
SoftEther VPN Client (HKLM\...\softether_sevpnclient) (Version: 4.15.9546 - SoftEther VPN Project)
Source Dedicated Server (HKLM-x32\...\Steam App 205) (Version: - Valve)
SpeedRunners (HKLM-x32\...\Steam App 207140) (Version: - DoubleDutch Games)
Spotify (HKU\S-1-5-21-1292172697-4276861399-4271014393-1000\...\Spotify) (Version: 1.0.20.94.g8f8543b3 - Spotify AB)
Star Wars Jedi Knight: Jedi Academy (HKLM-x32\...\Steam App 6020) (Version: - Raven Software)
Sublime Text Build 3083 (HKLM\...\Sublime Text 3_is1) (Version: - Sublime HQ Pty Ltd)
Super Meat Boy (HKLM-x32\...\Steam App 40800) (Version: - Team Meat)
SWF Extractor 2.2 (HKLM-x32\...\SWF Extractor_is1) (Version: 2.2 - GlobFX Technologies)
TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: 3.0.15 - TeamSpeak Systems GmbH)
TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.42849 - TeamViewer)
Terraria (HKLM-x32\...\1207665503_is1) (Version: 2.7.0.9 - GOG.com)
The Crew Trial (HKLM-x32\...\Steam App 366310) (Version: - Ivory Tower in collaboration with Ubisoft Reflections)
The Mean Greens - Plastic Warfare (HKLM-x32\...\Steam App 360940) (Version: - Virtual Basement LLC)
The Sims 2: Ultimate Collection (HKLM-x32\...\{04450C18-F039-4B81-A621-70C3B0F523D5}) (Version: 1.0.0.0 - Electronic Arts)
The Stanley Parable (HKLM-x32\...\The Stanley Parable_is1) (Version: - )
The Witcher: Enhanced Edition (HKLM-x32\...\Steam App 20900) (Version: - CD PROJEKT RED)
Transistor (HKLM-x32\...\Steam App 237930) (Version: - Supergiant Games)
Unturned (HKLM-x32\...\Steam App 304930) (Version: - Nelson Sexton)
Uplay (HKLM-x32\...\Uplay) (Version: 5.2 - Ubisoft)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player 2.1.3 (HKLM-x32\...\VLC media player) (Version: 2.1.3 - VideoLAN)
Voobly Game Data (HKLM-x32\...\Voobly_is1) (Version: Voobly Game Datas - Voobly)
Vuze (HKLM-x32\...\8461-7759-5462-8226) (Version: 5.6.2.0 - Azureus Software, Inc.)
WestwoodOnline (HKLM-x32\...\{BBCD6D56-8A26-4DDE-9482-DBC9C7B7341D}) (Version: 1.0.0.0 - WestwoodOnline)
WinRAR 5.10 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.10.0 - win.rar GmbH)
Worms Reloaded (HKLM-x32\...\Steam App 22600) (Version: - Team17 Digital Ltd)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {103C58DC-6A11-4132-B128-61354501B69A} - System32\Tasks\{A3DE1E29-CB5E-436B-872E-BB799B0C8DF1} => Chrome.exe hxxp://www.skype.com/go/downloading?source=lightinstaller&ver=6.18.0.105&LastError=404
Task: {1C19EF2B-55CE-4B9A-9751-508F7C410743} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-12-19] (Adobe Systems Incorporated)
Task: {275442C4-D16A-4192-AF24-7596AD12785C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-13] (Google Inc.)
Task: {28BB728F-23D1-4B05-920F-7E52ECBF1D92} - System32\Tasks\Microsoft\Windows\SmartRecovery\SRFilter => Rundll32.exe CommCmd.dll,RunScript "%ProgramFiles%\GIGABYTE\Smart6\Recovery\SRFilter.exe" /GBSMART6 -kdl
Task: {316804F2-ABEA-4E91-840A-33A1AA0FBE0C} - System32\Tasks\Opera scheduled Autoupdate 1451941354 => C:\Program Files (x86)\Opera\launcher.exe [2017-03-21] (Opera Software)
Task: {4377BAD7-A1FF-459D-96C7-1313B870D5B4} - System32\Tasks\Kaspersky_Upgrade_Launcher_{278ADC42-419D-4547-A6CA-5B74BE0AD901} => C:\Program Files\Common Files\AV\Kaspersky Lab\upgrade_launcher.exe [2016-08-23] (AO Kaspersky Lab)
Task: {7336F5F1-868C-4651-96B7-E0A2FE1108BB} - System32\Tasks\{533EB031-BF25-4683-BA64-C3FE54B89C09} => pcalua.exe -a "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCCInstall.exe" -d "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static"
Task: {86AA7017-6FEB-478D-8EBC-CF6531AF3297} - System32\Tasks\AVG EUpdate Task => avgsetupx.exe
Task: {88532493-8D42-4E75-9103-E36AC36EDDE5} - System32\Tasks\{136F545B-0559-4304-96C4-F4550D4EB7AF} => Chrome.exe hxxp://www.skype.com/go/downloading?source=lightinstaller&ver=6.18.0.105&LastError=404
Task: {9EB9F456-028D-4948-BD25-F0D547AEB831} - System32\Tasks\{9920CA20-B02B-48F7-80EB-96FBB5119F13} => pcalua.exe -a C:\Windows\rm303b.exe -c usb\vid_0ac8&pid_303B
Task: {ABEDF6F5-C1DC-4CF9-9135-14D209677214} - System32\Tasks\Microsoft\Windows\SmartRecovery\SRCreate => Rundll32.exe CommCmd.dll,RunScript "%ProgramFiles%\GIGABYTE\Smart6\Recovery\SrCmdCLR.exe" -c 1
Task: {D9DB1260-259C-49D3-8DC4-DCC47C5390EC} - System32\Tasks\{07F404C9-2511-4B82-AB56-2D81B19FE727} => pcalua.exe -a C:\Users\Asce\Downloads\lgs510.exe -d C:\Users\Asce\Downloads
Task: {E1B3A64A-77D7-4D99-BDD7-7F9D27C5E5D8} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_25_0_0_127_pepper.exe [2017-03-25] (Adobe Systems Incorporated)
Task: {FCB7ED30-AA59-4222-9914-0D20871C1F89} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-13] (Google Inc.)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Shortcuts =============================
(The entries could be listed to be restored or removed.)
ShortcutWithArgument: C:\Users\Asce\Desktop\Hand + Wrist Exercises For Gamers - YouTube.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --app=hxxps://www.youtube.com/watch?v=EiRC80FJbHU
ShortcutWithArgument: C:\Users\Asce\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\TwitchAlerts Stream Labels.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=kgmggmdngboajiakmbpdknfpdelbjbcg
==================== Loaded Modules (Whitelisted) ==============
2017-03-24 12:34 - 2016-01-23 04:04 - 00133056 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2015-05-18 15:41 - 2009-06-17 16:13 - 00068136 _____ () C:\Program Files (x86)\Gigabyte\EnergySaver2\des2svr.exe
2015-05-18 15:45 - 2010-01-19 05:31 - 00072304 ____R () C:\Windows\SysWOW64\XSrvSetup.exe
2017-03-25 08:02 - 2016-06-15 04:14 - 00369208 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\MessageBus.dll
2017-03-25 08:02 - 2016-06-15 04:14 - 01148984 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\libprotobuf.dll
2017-03-25 08:02 - 2016-06-15 04:14 - 03613240 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Poco.dll
2017-03-24 12:36 - 2016-06-15 04:14 - 00289848 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamBase.dll
2015-10-08 01:47 - 2015-10-08 18:56 - 00076152 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2017-03-24 13:09 - 2017-02-24 07:23 - 02264352 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\PoliciesControllerImpl.dll
2017-03-24 13:09 - 2017-02-24 07:23 - 02264528 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll
2017-03-25 08:02 - 2016-06-15 04:14 - 02667576 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\NvMdnsPlugin.dll
2017-03-25 08:02 - 2016-06-15 04:14 - 01990200 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\NvPortForwardPlugin.dll
2017-03-25 08:02 - 2016-06-15 04:14 - 01842232 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\RtspPlugin.dll
2017-03-24 12:37 - 2016-06-15 04:14 - 00208952 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\RtspServer.dll
2017-03-25 08:02 - 2016-06-15 04:14 - 00035896 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\boost_system-vc120-mt-1_58.dll
2017-03-25 08:02 - 2016-06-15 04:14 - 00921656 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\boost_regex-vc120-mt-1_58.dll
2015-10-16 13:02 - 2015-10-16 13:02 - 00043480 _____ () C:\Program Files\FileZilla FTP Client\fzshellext_64.dll
2016-06-28 01:19 - 2016-06-28 01:19 - 00865232 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 17.0.0\kpcengine.2.3.dll
2015-05-18 15:42 - 2009-05-04 17:56 - 00102400 _____ () C:\Program Files (x86)\Gigabyte\EnergySaver2\ycc.dll
2017-03-24 12:36 - 2016-06-15 04:14 - 00020536 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2017-03-27 16:25 - 2017-03-27 16:24 - 48920064 _____ () C:\Program Files (x86)\AVG\UiDll\2623\libcef.dll
2017-03-24 13:47 - 2017-03-21 09:53 - 63944280 _____ () C:\Program Files (x86)\Opera\44.0.2510.857\opera_browser.dll
2017-03-24 13:47 - 2017-03-21 09:53 - 02101336 _____ () C:\Program Files (x86)\Opera\44.0.2510.857\libglesv2.dll
2017-03-24 13:47 - 2017-03-21 09:53 - 00087128 _____ () C:\Program Files (x86)\Opera\44.0.2510.857\libegl.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\procexp90.Sys => ""="Driver"
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\S-1-5-21-1292172697-4276861399-4271014393-1000\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\S-1-5-21-1292172697-4276861399-4271014393-1000\...\freerealms.com -> freerealms.com
IE trusted site: HKU\S-1-5-21-1292172697-4276861399-4271014393-1000\...\soe.com -> soe.com
IE trusted site: HKU\S-1-5-21-1292172697-4276861399-4271014393-1000\...\sony.com -> sony.com
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 05:34 - 2009-06-11 00:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-1292172697-4276861399-4271014393-1000\Control Panel\Desktop\\Wallpaper ->
DNS Servers: 139.179.30.24 - 139.179.10.13
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
-
March 28th, 2017, 05:37 AM
#14
==================== MSCONFIG/TASK MANAGER disabled items ==
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{458A164A-2A83-40A9-9CF6-F09DEB5C42F6}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgmfapx.exe
FirewallRules: [{1B9BD2ED-A2F3-4669-9678-CB099CADDAB3}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgmfapx.exe
FirewallRules: [{B92839D7-E05D-4DEE-8FBA-520A41FF0AE5}] => (Allow) C:\Steam\Steam.exe
FirewallRules: [{BAA787D1-92B7-4D3F-B05F-073A0C3FB212}] => (Allow) C:\Steam\Steam.exe
FirewallRules: [{790DD38B-2D8C-465B-95D4-6249283345C9}] => (Allow) C:\Steam\SteamApps\common\DayZ\DayZ.exe
FirewallRules: [{06424155-76A8-442F-B0E2-346B71524333}] => (Allow) C:\Steam\SteamApps\common\DayZ\DayZ.exe
FirewallRules: [{453E5431-9948-44F6-B71F-030129F475B3}] => (Allow) C:\Steam\SteamApps\common\Team Fortress 2\hl2.exe
FirewallRules: [{0B711E6A-71F6-4981-8A00-4BEF21486E5B}] => (Allow) C:\Steam\SteamApps\common\Team Fortress 2\hl2.exe
FirewallRules: [{12D57C11-4036-480D-8628-06C3DAB5D7F2}] => (Allow) C:\Steam\SteamApps\common\Spacewar\SteamworksExample.exe
FirewallRules: [{F2A34E0E-A7E3-4978-9FC7-7545C750967D}] => (Allow) C:\Steam\SteamApps\common\Spacewar\SteamworksExample.exe
FirewallRules: [{B24E8689-9375-4979-9F58-9556DFDD7FE7}] => (Allow) C:\Steam\SteamApps\common\GarrysMod\hl2.exe
FirewallRules: [{32EA9E2F-F816-44BA-ADA7-5F8B1FDE2B6A}] => (Allow) C:\Steam\SteamApps\common\GarrysMod\hl2.exe
FirewallRules: [{B8ABE8D7-5376-477C-8A90-D4B5F592ABA3}] => (Allow) C:\Users\Asce\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{D46BA8D8-D7AC-48FE-9F6C-708180DF7F6E}] => (Allow) C:\Users\Asce\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{75FD7C1B-D0C9-4085-ADE9-BF37F93A5D53}] => (Allow) C:\Steam\SteamApps\common\Unturned\Unturned.exe
FirewallRules: [{AE8E5E33-7B66-415E-84FA-1642DA83A2CF}] => (Allow) C:\Steam\SteamApps\common\Unturned\Unturned.exe
FirewallRules: [{9287F43D-18EB-46BD-A913-37FD1BC1FF29}] => (Allow) C:\Steam\SteamApps\common\Call of Duty Black Ops II\t6mp.exe
FirewallRules: [{884E7D36-4B6B-4D3E-8D80-CAD1B60CCEFC}] => (Allow) C:\Steam\SteamApps\common\Call of Duty Black Ops II\t6mp.exe
FirewallRules: [{8A6B68FF-0820-4845-9BF3-F3DB3C3F304F}] => (Allow) C:\Steam\SteamApps\common\call of duty modern warfare 2\iw4sp.exe
FirewallRules: [{13579D56-CA61-4549-B417-482C6BD3C6F7}] => (Allow) C:\Steam\SteamApps\common\call of duty modern warfare 2\iw4sp.exe
FirewallRules: [{0AAD6341-F368-4FAB-B66C-817FF697BA9C}] => (Allow) C:\Steam\SteamApps\common\Dead Island Epidemic\Dead Island Epidemic - Launcher.exe
FirewallRules: [{FDAF864E-C168-49D1-8D38-37692F42C572}] => (Allow) C:\Steam\SteamApps\common\Dead Island Epidemic\Dead Island Epidemic - Launcher.exe
FirewallRules: [TCP Query User{768D7918-BAE8-456C-94ED-11EE827FBC68}C:\users\asce\appdata\roaming\octoshape\octoshape streaming services\octoshapeclient.exe] => (Allow) C:\users\asce\appdata\roaming\octoshape\octoshape streaming services\octoshapeclient.exe
FirewallRules: [UDP Query User{F538583C-9828-4C5B-A80C-544AF6AC1D02}C:\users\asce\appdata\roaming\octoshape\octoshape streaming services\octoshapeclient.exe] => (Allow) C:\users\asce\appdata\roaming\octoshape\octoshape streaming services\octoshapeclient.exe
FirewallRules: [{E83EB416-9480-48F0-B4C1-4906165AF845}] => (Allow) C:\Program Files (x86)\Origin Games\Command and Conquer Red Alert II\RA2Launcher.exe
FirewallRules: [{482EF486-1DB9-463A-B689-30230EF651A5}] => (Allow) C:\Program Files (x86)\Origin Games\Command and Conquer Red Alert II\RA2Launcher.exe
FirewallRules: [{63E62E53-04C2-4159-946D-780877E67A53}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{E0EA29A9-FAAC-479C-8C17-9DECC449766F}] => (Allow) C:\Steam\bin\steamwebhelper.exe
FirewallRules: [{D1360145-78D8-4529-B7C6-58CB74D8A9E9}] => (Allow) C:\Steam\bin\steamwebhelper.exe
FirewallRules: [TCP Query User{65778332-9DF7-4531-AB4E-87620C256401}C:\program files (x86)\origin games\command and conquer red alert ii\game.exe] => (Allow) C:\program files (x86)\origin games\command and conquer red alert ii\game.exe
FirewallRules: [UDP Query User{97158542-D407-4939-A8F9-30EDA29DCD95}C:\program files (x86)\origin games\command and conquer red alert ii\game.exe] => (Allow) C:\program files (x86)\origin games\command and conquer red alert ii\game.exe
FirewallRules: [TCP Query User{50AE6C6D-1F9C-42F5-B1A6-2C0234462B74}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{5AAC0DEE-0AF7-4937-8946-30C4901D1D8C}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [{9DFC48D2-942F-4E37-897C-329190B5BCB6}] => (Allow) C:\Steam\SteamApps\common\Just Cause 2\JustCause2.exe
FirewallRules: [{37563006-1568-43B9-B42F-CF30A98DAB87}] => (Allow) C:\Steam\SteamApps\common\Just Cause 2\JustCause2.exe
FirewallRules: [{FA4C023D-27E3-46A6-94D0-6480170087F0}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3526\Agent.exe
FirewallRules: [{7784A54E-6C08-4034-8024-AF8AA49A8F64}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3526\Agent.exe
FirewallRules: [{627B7053-78CE-4024-8534-37A1941E7C53}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{50E11F07-1D4D-4714-A917-E0B427FB9D4D}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{2E9B195F-C120-4732-AB75-E5D9B91AC561}] => (Allow) C:\Program Files (x86)\Hearthstone\Hearthstone.exe
FirewallRules: [{21EB7C6D-561D-4AA1-87F8-B187160F0CE7}] => (Allow) C:\Program Files (x86)\Hearthstone\Hearthstone.exe
FirewallRules: [{8CEAC588-0974-4388-AE41-6A92077AF354}] => (Allow) C:\Steam\SteamApps\common\DayZ\DayZ_BE.exe
FirewallRules: [{85D49392-4EC9-49D7-BDC9-08479635021C}] => (Allow) C:\Steam\SteamApps\common\DayZ\DayZ_BE.exe
FirewallRules: [{A891EF7A-AD93-473F-9AAF-A5CC84E1CD98}] => (Allow) C:\Steam\SteamApps\common\FTL Faster Than Light\FTLGame.exe
FirewallRules: [{A8A09009-989F-444F-A192-5B391A25BC20}] => (Allow) C:\Steam\SteamApps\common\FTL Faster Than Light\FTLGame.exe
FirewallRules: [{0C0AB31E-BF19-4E69-8C98-5911AF046FEF}] => (Allow) C:\Steam\SteamApps\common\Terraria\Terraria.exe
FirewallRules: [{14908FA5-273F-439C-8C30-A267B52B0222}] => (Allow) C:\Steam\SteamApps\common\Terraria\Terraria.exe
FirewallRules: [TCP Query User{845A900A-6D0D-4608-AB2E-66CE50C7CCB1}C:\steam\steamapps\common\war thunder\launcher.exe] => (Allow) C:\steam\steamapps\common\war thunder\launcher.exe
FirewallRules: [UDP Query User{356874B1-6180-4C84-87A8-0E5B4651CEEA}C:\steam\steamapps\common\war thunder\launcher.exe] => (Allow) C:\steam\steamapps\common\war thunder\launcher.exe
FirewallRules: [{CBE7D417-75D2-4327-B789-0EBC0E25DB39}] => (Allow) C:\Steam\SteamApps\common\Age2HD\Launcher.exe
FirewallRules: [{348873A4-7388-40EA-A6A6-1CC2A615CB2B}] => (Allow) C:\Steam\SteamApps\common\Age2HD\Launcher.exe
FirewallRules: [TCP Query User{D3C85D33-E008-4269-AADC-3D8403C8B26C}C:\steam\steamapps\common\age2hd\age2_x1\age2_x1.exe] => (Allow) C:\steam\steamapps\common\age2hd\age2_x1\age2_x1.exe
FirewallRules: [UDP Query User{BB7ADB34-833F-4734-9609-189E9B43CF72}C:\steam\steamapps\common\age2hd\age2_x1\age2_x1.exe] => (Allow) C:\steam\steamapps\common\age2hd\age2_x1\age2_x1.exe
FirewallRules: [TCP Query User{A08EE83E-FD86-4F98-AD8C-CD0D45F2E7C1}C:\program files (x86)\voobly\voobly.exe] => (Allow) C:\program files (x86)\voobly\voobly.exe
FirewallRules: [UDP Query User{DF08D976-FAF6-43AF-BCBA-C131F3016B41}C:\program files (x86)\voobly\voobly.exe] => (Allow) C:\program files (x86)\voobly\voobly.exe
FirewallRules: [TCP Query User{839BB445-A274-4919-88EF-D036D5855D79}C:\windows\syswow64\dplaysvr.exe] => (Allow) C:\windows\syswow64\dplaysvr.exe
FirewallRules: [UDP Query User{B2333D85-D96E-4A70-8571-2E3F3F996556}C:\windows\syswow64\dplaysvr.exe] => (Allow) C:\windows\syswow64\dplaysvr.exe
FirewallRules: [TCP Query User{5CF18D48-96B1-48EB-B1A5-2EA725EA6E0A}C:\programdata\battle.net\agent\agent.3715\agent.exe] => (Allow) C:\programdata\battle.net\agent\agent.3715\agent.exe
FirewallRules: [UDP Query User{8E12136B-DC50-4AA2-8B90-AB95AB7F545B}C:\programdata\battle.net\agent\agent.3715\agent.exe] => (Allow) C:\programdata\battle.net\agent\agent.3715\agent.exe
FirewallRules: [TCP Query User{5E48CF9B-3A6C-48A4-92EB-0C046617D9EB}C:\steam\steamapps\common\call of duty modern warfare 2\iw4mp.exe] => (Allow) C:\steam\steamapps\common\call of duty modern warfare 2\iw4mp.exe
FirewallRules: [UDP Query User{F47D2C14-5D86-4544-B219-7BB623201125}C:\steam\steamapps\common\call of duty modern warfare 2\iw4mp.exe] => (Allow) C:\steam\steamapps\common\call of duty modern warfare 2\iw4mp.exe
FirewallRules: [TCP Query User{D8C08E9A-6FCE-443E-BEA1-176DFF4A8922}C:\steam\steamapps\common\terraria\terrariaserver.exe] => (Allow) C:\steam\steamapps\common\terraria\terrariaserver.exe
FirewallRules: [UDP Query User{607A5763-C6F7-467F-806E-5B124435373F}C:\steam\steamapps\common\terraria\terrariaserver.exe] => (Allow) C:\steam\steamapps\common\terraria\terrariaserver.exe
FirewallRules: [{4CBA86BD-46D4-4137-AFDA-6C14BADCAB7B}] => (Allow) C:\Steam\SteamApps\common\Magicka\Magicka.exe
FirewallRules: [{20553E12-A9A2-405D-BF6A-FC75A27D4BA0}] => (Allow) C:\Steam\SteamApps\common\Magicka\Magicka.exe
FirewallRules: [{3FE5DB57-0CEF-4D11-89B2-9DED2F66604E}] => (Allow) C:\Steam\SteamApps\common\Sid Meier's Civilization V\Launcher.exe
FirewallRules: [{064EA017-88CA-4CAC-B5FC-D13B43D029D0}] => (Allow) C:\Steam\SteamApps\common\Sid Meier's Civilization V\Launcher.exe
FirewallRules: [{DCC914F5-0E9E-402E-B1BB-0C28F526D94B}] => (Allow) C:\Steam\SteamApps\common\Bastion\Bastion.exe
FirewallRules: [{CC87A59B-86FA-4A28-A52E-FA12B2FC4FCD}] => (Allow) C:\Steam\SteamApps\common\Bastion\Bastion.exe
FirewallRules: [{337D0EF2-F120-42CE-8CC5-62B392FB42DD}] => (Allow) C:\Steam\SteamApps\common\Quake Live\quakelive_steam.exe
FirewallRules: [{A9A3592E-223C-4A6D-B5B0-1FAEB81437BA}] => (Allow) C:\Steam\SteamApps\common\Quake Live\quakelive_steam.exe
FirewallRules: [{6D760926-C82D-420E-A861-F18D0AC677E1}] => (Allow) C:\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{3651B532-0C04-4917-9036-3C7C892052B5}] => (Allow) C:\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{A440F110-CF58-4FA0-919E-7DA6030B2B48}] => (Allow) C:\Program Files\SoftEther VPN Client\vpnclient.exe
FirewallRules: [{B3FBAD54-C776-48E5-96FC-8C59D7F51AB2}] => (Allow) C:\Program Files\SoftEther VPN Client\vpnclient_x64.exe
FirewallRules: [{39E13DC8-BD4C-4095-93EA-8C7027A83620}] => (Allow) C:\Program Files\SoftEther VPN Client\vpncmgr.exe
FirewallRules: [{7A5C0495-050F-4100-BFF8-B90CC3A6F240}] => (Allow) C:\Program Files\SoftEther VPN Client\vpncmgr_x64.exe
FirewallRules: [{E9E309E2-E2E6-49BF-86B0-43F36EF54DD7}] => (Allow) C:\Program Files\SoftEther VPN Client\vpncmd.exe
FirewallRules: [{F56DB718-D6DA-4D4C-A51C-B71D4C4F066C}] => (Allow) C:\Program Files\SoftEther VPN Client\vpncmd_x64.exe
FirewallRules: [TCP Query User{4EB4B49F-7C22-4EED-9A65-07A8435BE692}C:\program files\rockstar games\grand theft auto v\gta5.exe] => (Allow) C:\program files\rockstar games\grand theft auto v\gta5.exe
FirewallRules: [UDP Query User{259A3B69-E6F3-4A3F-8379-06FF4D50FC0D}C:\program files\rockstar games\grand theft auto v\gta5.exe] => (Allow) C:\program files\rockstar games\grand theft auto v\gta5.exe
FirewallRules: [{E02CC463-48D1-420D-BCD0-948A83B0FB9A}] => (Allow) C:\Steam\SteamApps\common\Fallout New Vegas\FalloutNVLauncher.exe
FirewallRules: [{75B148F3-EDB5-46FC-BFD4-03ACECCAD858}] => (Allow) C:\Steam\SteamApps\common\Fallout New Vegas\FalloutNVLauncher.exe
FirewallRules: [{EBC98A17-83DE-4EA9-AE90-AFA020F78C98}] => (Allow) C:\Steam\SteamApps\common\Just Cause 2 - Multiplayer Mod\JcmpLauncher.exe
FirewallRules: [{26EB3412-85B3-4BD4-8543-E281738C45DC}] => (Allow) C:\Steam\SteamApps\common\Just Cause 2 - Multiplayer Mod\JcmpLauncher.exe
FirewallRules: [{4028C7BE-6823-4B7A-BF03-C0B5FDB2FC70}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{63F54E8A-464E-4C05-834F-53378A25565A}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{7ECD9E37-E671-49C2-89CC-0CE1FCEA1D0B}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [{B9E11AA8-989B-457E-8412-FED0C09FAA7B}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [{52C178C9-9383-4E4D-AB6F-0EFACA21B481}] => (Allow) C:\Steam\SteamApps\common\H1Z1\LaunchPad.exe
FirewallRules: [{EB8D9685-B910-4A3F-A3BA-22F09ED80BB1}] => (Allow) C:\Steam\SteamApps\common\H1Z1\LaunchPad.exe
FirewallRules: [{1F653092-0193-4E9D-A4A9-D9BAB23A62B3}] => (Allow) C:\Steam\SteamApps\common\Guns of Icarus Online\GunsOfIcarusOnline.exe
FirewallRules: [{00E7DAF6-55C8-4464-AC17-9EAE73F5E4E3}] => (Allow) C:\Steam\SteamApps\common\Guns of Icarus Online\GunsOfIcarusOnline.exe
FirewallRules: [{F99637CA-952B-47AD-AD14-AF6DC74905AB}] => (Allow) C:\Steam\SteamApps\common\Half-Life 2\hl2.exe
FirewallRules: [{A364DEA6-23BA-401C-B80C-CAD40B226383}] => (Allow) C:\Steam\SteamApps\common\Half-Life 2\hl2.exe
FirewallRules: [{B5641A06-9510-4386-8D3B-9B965EFB5459}] => (Allow) C:\Steam\SteamApps\common\The Witcher Enhanced Edition\System\witcher.exe
FirewallRules: [{04E1DCA9-D488-4A35-9AF9-DB6F2FC757EB}] => (Allow) C:\Steam\SteamApps\common\The Witcher Enhanced Edition\System\witcher.exe
FirewallRules: [{44422A73-CAA9-4137-A451-384E7B7C1A22}] => (Allow) C:\Steam\SteamApps\common\The Witcher Enhanced Edition\System\djinni!.exe
FirewallRules: [{40C4CD7D-3523-4B43-AF57-B73701C12215}] => (Allow) C:\Steam\SteamApps\common\The Witcher Enhanced Edition\System\djinni!.exe
FirewallRules: [{12A921F1-2A9D-40CA-9456-FA194BFCB4F7}] => (Allow) C:\Steam\SteamApps\common\The Witcher Enhanced Edition\Digital Comic\DigitalComic.exe
FirewallRules: [{AA0A859B-07F0-4BA3-9E7A-A59240502D6B}] => (Allow) C:\Steam\SteamApps\common\The Witcher Enhanced Edition\Digital Comic\DigitalComic.exe
FirewallRules: [{D39FD8B2-9260-4187-8BCD-180D1A121F24}] => (Allow) C:\Steam\SteamApps\common\Beat Hazard\BeatHazard.exe
FirewallRules: [{9468B3F8-6539-4430-9E8F-7A56FC000EEA}] => (Allow) C:\Steam\SteamApps\common\Beat Hazard\BeatHazard.exe
FirewallRules: [{5660E3DB-1CD1-4F30-BBC7-4D5BC135E208}] => (Allow) C:\Steam\SteamApps\common\Beat Hazard\runme.exe
FirewallRules: [{793BB8AF-E93F-414D-B6DA-268BA0DA5ADD}] => (Allow) C:\Steam\SteamApps\common\Beat Hazard\runme.exe
FirewallRules: [TCP Query User{1005A1D9-6A03-4EFA-A654-F3AAAC65B81A}C:\steam\steamapps\common\counter-strike source\hl2.exe] => (Allow) C:\steam\steamapps\common\counter-strike source\hl2.exe
FirewallRules: [UDP Query User{DA3D4B21-A3AC-491B-BBB2-09911F8ED5AF}C:\steam\steamapps\common\counter-strike source\hl2.exe] => (Allow) C:\steam\steamapps\common\counter-strike source\hl2.exe
FirewallRules: [{977241C8-6B2A-43ED-99CD-251F5387F0A4}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{BB40CF8B-46CF-424C-9BEB-C3E69EA66CF7}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{7E06EBD3-8902-429D-96E9-4F4704626099}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{B28CDDCB-DB4E-4120-AC00-F74C750EAEA0}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [TCP Query User{40477175-FB13-4A91-8F71-4C0863E7261A}C:\program files (x86)\jack\jackd.exe] => (Allow) C:\program files (x86)\jack\jackd.exe
FirewallRules: [UDP Query User{00D46205-F72E-4088-93AE-69F501AC46C9}C:\program files (x86)\jack\jackd.exe] => (Allow) C:\program files (x86)\jack\jackd.exe
FirewallRules: [{F8105125-8BA8-4A51-8E57-93B087A3DFE0}] => (Allow) C:\Steam\SteamApps\common\Gotham City Impostors F2P\Engine.exe
FirewallRules: [{F96FEC7E-5A55-43BA-817D-7678852B4247}] => (Allow) C:\Steam\SteamApps\common\Gotham City Impostors F2P\Engine.exe
FirewallRules: [TCP Query User{F6369E5B-2513-4ECD-969E-FE348930B4EA}C:\steam\steamapps\common\h1z1\h1z1.exe] => (Allow) C:\steam\steamapps\common\h1z1\h1z1.exe
FirewallRules: [UDP Query User{B9CD162F-7332-44EF-829F-152DC5664223}C:\steam\steamapps\common\h1z1\h1z1.exe] => (Allow) C:\steam\steamapps\common\h1z1\h1z1.exe
FirewallRules: [{9DCBFD6F-2999-4FBC-BA55-AF1BF04B1488}] => (Allow) C:\Steam\SteamApps\common\Super Meat Boy\SuperMeatBoy.exe
FirewallRules: [{ED753236-A68E-4324-BBA7-64AC97142180}] => (Allow) C:\Steam\SteamApps\common\Super Meat Boy\SuperMeatBoy.exe
FirewallRules: [{53ACA7E4-2CF2-4D1B-A6B1-3944E1442245}] => (Allow) C:\Steam\SteamApps\common\Shadow Warrior Classic\bin\sw.exe
FirewallRules: [{C1391A5A-991E-44F6-8A08-1D6D8B94D319}] => (Allow) C:\Steam\SteamApps\common\Shadow Warrior Classic\bin\sw.exe
FirewallRules: [{21609DDB-E13E-424C-BA99-562DC521697F}] => (Allow) C:\Steam\SteamApps\common\Shadow Warrior Classic\bin\dosbox\DOSBox.exe
FirewallRules: [{163A9E33-7DA5-4B92-B5D7-146A89D1017D}] => (Allow) C:\Steam\SteamApps\common\Shadow Warrior Classic\bin\dosbox\DOSBox.exe
FirewallRules: [{89F8D722-ED46-49BC-88E7-79EC3D18ED84}] => (Allow) C:\Steam\SteamApps\common\Shadow Warrior Classic\bin\build.exe
FirewallRules: [{54B6E249-05C8-4DF3-A11E-533A4B0630B2}] => (Allow) C:\Steam\SteamApps\common\Shadow Warrior Classic\bin\build.exe
FirewallRules: [{91BD5A96-25B6-469B-8214-045D3D45E0AB}] => (Allow) C:\Steam\SteamApps\common\Serious Sam 2\Bin\Sam2.exe
FirewallRules: [{D76CF486-0176-486E-8E63-D89919DD2C4F}] => (Allow) C:\Steam\SteamApps\common\Serious Sam 2\Bin\Sam2.exe
FirewallRules: [TCP Query User{E79AEF5B-CDF5-4D93-B863-28426B8864DF}C:\steam\steamapps\common\serious sam 2\bin\dedicatedserver.exe] => (Allow) C:\steam\steamapps\common\serious sam 2\bin\dedicatedserver.exe
FirewallRules: [UDP Query User{2EE07E21-D533-4262-9A98-ED26CC072427}C:\steam\steamapps\common\serious sam 2\bin\dedicatedserver.exe] => (Allow) C:\steam\steamapps\common\serious sam 2\bin\dedicatedserver.exe
FirewallRules: [{F8969FFB-6159-4A43-B0BB-05734FD1BBB5}] => (Allow) C:\Steam\SteamApps\common\Commandos 2 Men of Courage\comm2.exe
FirewallRules: [{D63320BC-3121-4027-BA43-55BCF9AEDDEF}] => (Allow) C:\Steam\SteamApps\common\Commandos 2 Men of Courage\comm2.exe
FirewallRules: [{A5648C60-C137-4E82-B8A6-4C7C44402AE3}] => (Allow) C:\Steam\SteamApps\common\Grand Theft Auto Vice City\gta-vc.exe
FirewallRules: [{B4F72047-6506-4246-91ED-932D9E6AB248}] => (Allow) C:\Steam\SteamApps\common\Grand Theft Auto Vice City\gta-vc.exe
FirewallRules: [{25FE4756-9D28-47DE-91A2-47AED6C8D3F4}] => (Allow) C:\Steam\SteamApps\common\Europa Universalis IV\eu4.exe
FirewallRules: [{5C7295D5-8895-477A-A561-0CD5A5E28DF2}] => (Allow) C:\Steam\SteamApps\common\Europa Universalis IV\eu4.exe
FirewallRules: [{BD2BB551-17DB-4F57-AD9A-A407C6C9ED68}] => (Allow) C:\Steam\SteamApps\common\dota 2 beta\game\bin\win32\dota2.exe
FirewallRules: [{FEE3A5B0-87D2-4CEC-8A2B-F4F4608181AC}] => (Allow) C:\Steam\SteamApps\common\dota 2 beta\game\bin\win32\dota2.exe
FirewallRules: [{2DF41A9A-25EB-4EF2-BE02-621B5742448F}] => (Allow) C:\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2cfg.exe
FirewallRules: [{19D82A3F-6D85-4DE5-A0D9-494896E22E55}] => (Allow) C:\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2cfg.exe
FirewallRules: [TCP Query User{4FC09390-68F5-44A3-AE5C-DC9CBECB5CBF}C:\program files\hexchat\hexchat.exe] => (Allow) C:\program files\hexchat\hexchat.exe
FirewallRules: [UDP Query User{BCFC344D-0FAA-4581-9D72-FDF142AA8F06}C:\program files\hexchat\hexchat.exe] => (Allow) C:\program files\hexchat\hexchat.exe
FirewallRules: [{E82AAA06-A582-4049-BE22-2F7B4CE6EDAC}] => (Allow) C:\Steam\SteamApps\common\Guns of Icarus Online\workshop\Workshop.exe
FirewallRules: [{2C449822-5CFE-467F-92C0-E18790451F8E}] => (Allow) C:\Steam\SteamApps\common\Guns of Icarus Online\workshop\Workshop.exe
FirewallRules: [TCP Query User{30D5AB24-1CEA-4142-9A25-6CF3F14E8E07}C:\program files (x86)\galactic cafe\the stanley parable\thestanleyparable.exe] => (Allow) C:\program files (x86)\galactic cafe\the stanley parable\thestanleyparable.exe
FirewallRules: [UDP Query User{CD2B38B6-00E4-4CE3-A83F-A7769712EC2F}C:\program files (x86)\galactic cafe\the stanley parable\thestanleyparable.exe] => (Allow) C:\program files (x86)\galactic cafe\the stanley parable\thestanleyparable.exe
FirewallRules: [{F1DE7916-2403-43E6-981A-16398A49CF26}] => (Allow) C:\Steam\SteamApps\common\The Crew\TheCrew.exe
FirewallRules: [{8A3392D1-C171-4102-86EB-FCDFFCD4566E}] => (Allow) C:\Steam\SteamApps\common\The Crew\TheCrew.exe
FirewallRules: [TCP Query User{9BD545FF-621A-4652-B07B-B8F63FDAA3BF}C:\steam\steamapps\common\burnout(tm) paradise the ultimate box\burnoutparadise.exe] => (Allow) C:\steam\steamapps\common\burnout(tm) paradise the ultimate box\burnoutparadise.exe
FirewallRules: [UDP Query User{D97670D7-40C8-4411-8BA2-5614DF28E8DD}C:\steam\steamapps\common\burnout(tm) paradise the ultimate box\burnoutparadise.exe] => (Allow) C:\steam\steamapps\common\burnout(tm) paradise the ultimate box\burnoutparadise.exe
FirewallRules: [{9A3D033A-FCD6-4FBD-921D-AFC138AB1FB2}] => (Allow) D:\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{92A8D395-8F33-464A-BC17-7115E1DE793F}] => (Allow) D:\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{14D86838-3752-48AF-989D-5E5A42CF3788}] => (Allow) D:\Steam\steamapps\common\Grand Theft Auto 3\gta3.exe
FirewallRules: [{12379673-21C0-465D-A44D-78D53B36A81A}] => (Allow) D:\Steam\steamapps\common\Grand Theft Auto 3\gta3.exe
FirewallRules: [{D0F6C4AE-F57E-4EC9-8BDF-87D8D4950EAF}] => (Allow) C:\Steam\SteamApps\common\AirMech\AirMech.exe
FirewallRules: [{A4A6D63A-E11D-445A-B0D8-B7D3A6115A2A}] => (Allow) C:\Steam\SteamApps\common\AirMech\AirMech.exe
FirewallRules: [TCP Query User{D403AD49-AEA0-4C63-9BF5-16F1BDDC701C}C:\program files (x86)\r.g. mechanics\outlast\binaries\win64\olgame.exe] => (Allow) C:\program files (x86)\r.g. mechanics\outlast\binaries\win64\olgame.exe
FirewallRules: [UDP Query User{12D09060-16DB-44BB-A094-7725AF3CC4EE}C:\program files (x86)\r.g. mechanics\outlast\binaries\win64\olgame.exe] => (Allow) C:\program files (x86)\r.g. mechanics\outlast\binaries\win64\olgame.exe
FirewallRules: [{C69DF29F-F81E-4265-8ACC-92A85E08EDFD}] => (Allow) D:\Steam\steamapps\common\Dirty Bomb\Binaries\Win32\ShooterGame-Win32-Shipping.exe
FirewallRules: [{EFAE076E-AEF6-47E7-95EA-A835E2BBB425}] => (Allow) D:\Steam\steamapps\common\Dirty Bomb\Binaries\Win32\ShooterGame-Win32-Shipping.exe
FirewallRules: [{FC4E9CEB-A979-454F-A1FF-C8A98F699476}] => (Allow) C:\Steam\SteamApps\common\Medal of Honor\MP\mohmpgame.exe
FirewallRules: [{C5385961-ED96-40FD-A3C1-D6F29ECE5904}] => (Allow) C:\Steam\SteamApps\common\Medal of Honor\MP\mohmpgame.exe
FirewallRules: [{ABEEC177-9161-4546-83B5-D09D820A3999}] => (Allow) D:\Steam\steamapps\common\SMITE\Binaries\Win32\HirezBridge.exe
FirewallRules: [{1E441118-B489-47A1-83A2-E3DFF93C5798}] => (Allow) D:\Steam\steamapps\common\SMITE\Binaries\Win32\HirezBridge.exe
FirewallRules: [{7DB421E5-9D8B-4BDE-AF0A-CEFA08DCB8BE}] => (Allow) C:\Program Files (x86)\Origin Games\Peggle Deluxe\Peggle.exe
FirewallRules: [{3B3E78BA-5353-4B0B-9FA0-55AFFDBDAFDC}] => (Allow) C:\Program Files (x86)\Origin Games\Peggle Deluxe\Peggle.exe
FirewallRules: [{4796D9DA-8E27-4597-9653-3A14889D8F57}] => (Allow) C:\Program Files (x86)\Origin Games\The Sims 2 Ultimate Collection\Fun with Pets\SP9\TSBin\Sims2EP9.exe
FirewallRules: [{418656AB-1D20-44EC-BEDB-E29EA925C85F}] => (Allow) C:\Program Files (x86)\Origin Games\The Sims 2 Ultimate Collection\Fun with Pets\SP9\TSBin\Sims2EP9.exe
FirewallRules: [{AAE20059-60B3-4B80-8D00-3295B2C2B0E1}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{4A466575-55FC-4D2C-B2AA-4D3660566503}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{B87F36AA-842A-40EF-B6E8-27548798E9C5}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{A8555116-534A-428D-B04C-636A71E24141}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{0EDBC1A7-923D-4FD2-BF33-FE783C7B8904}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 3\bf3.exe
FirewallRules: [{A9BD6E62-3F3F-49C9-91DA-48AE22A97E21}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 3\bf3.exe
FirewallRules: [TCP Query User{BC0D9FB8-87BE-476D-9F44-9ADA26398327}C:\users\asce\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\asce\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{7C06F8F0-F62B-4781-AB2E-F3AED079BA0A}C:\users\asce\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\asce\appdata\roaming\spotify\spotify.exe
FirewallRules: [{79DAE8A2-005F-4664-81F3-638F983ABA34}] => (Allow) D:\Steam\steamapps\common\Besiege\Besiege.exe
FirewallRules: [{4632AB5C-9892-4C41-B459-95F9D2C9F23E}] => (Allow) D:\Steam\steamapps\common\Besiege\Besiege.exe
FirewallRules: [{BF4E11DC-8684-456B-9BF5-9BDFAAC81F4F}] => (Allow) D:\Steam\steamapps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [{3AD1EF6F-E286-4E94-B6FC-242CB9CB2680}] => (Allow) D:\Steam\steamapps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [{C152F5B1-83A3-4782-B426-6A4F10E8F7A0}] => (Allow) D:\Steam\steamapps\common\Portal 2\portal2.exe
FirewallRules: [{9980EB2B-52CC-4000-A12F-16DF86E1215E}] => (Allow) D:\Steam\steamapps\common\Portal 2\portal2.exe
FirewallRules: [{8A31570E-B9A6-4F32-AA89-0D4B82BE23BC}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 1942\BF1942.exe
FirewallRules: [{F4B49610-13E0-4433-B5D3-A2E9BA3D8848}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 1942\BF1942.exe
FirewallRules: [TCP Query User{F3C73510-4E31-4969-807C-0A9CAA20E395}C:\program files (x86)\java\jre1.8.0_40\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_40\bin\javaw.exe
FirewallRules: [UDP Query User{BA230D1B-712D-47BA-B8E7-570C1CB997F7}C:\program files (x86)\java\jre1.8.0_40\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_40\bin\javaw.exe
FirewallRules: [TCP Query User{0B12062F-ED8A-426D-8C34-9C1B55949527}C:\program files (x86)\origin games\command and conquer red alert ii\gamemd-spawn.exe] => (Allow) C:\program files (x86)\origin games\command and conquer red alert ii\gamemd-spawn.exe
FirewallRules: [UDP Query User{05AE1AC8-DD09-4CF9-837B-2EE0231AF0F8}C:\program files (x86)\origin games\command and conquer red alert ii\gamemd-spawn.exe] => (Allow) C:\program files (x86)\origin games\command and conquer red alert ii\gamemd-spawn.exe
FirewallRules: [{B020C7DA-D5D0-4233-AEDD-7169A8E4BB52}] => (Allow) C:\Program Files (x86)\Vuze\Azureus.exe
FirewallRules: [{FE62A208-9F35-4442-976D-2FEEDA4445D7}] => (Allow) C:\Program Files (x86)\Vuze\Azureus.exe
FirewallRules: [TCP Query User{4E45818F-FED2-49A6-9CBD-51D5CC162753}C:\program files (x86)\hlsw\hlsw.exe] => (Allow) C:\program files (x86)\hlsw\hlsw.exe
FirewallRules: [UDP Query User{B454EA65-1E22-486F-8A36-8CEC156E7D24}C:\program files (x86)\hlsw\hlsw.exe] => (Allow) C:\program files (x86)\hlsw\hlsw.exe
FirewallRules: [{B454E9C7-03B1-4B93-8E94-0359454D7D22}] => (Allow) D:\Steam\steamapps\common\Chess\Chess.exe
FirewallRules: [{C88A73B2-8CAF-4C03-8882-3C61E8D1BA29}] => (Allow) D:\Steam\steamapps\common\Chess\Chess.exe
FirewallRules: [{B83943CE-D73A-4598-8DD4-4F5D5AE7248C}] => (Allow) D:\Steam\steamapps\common\Emily is Away\emily is away.exe
FirewallRules: [{7B75273B-A9B8-4F2A-805E-47DD6C574767}] => (Allow) D:\Steam\steamapps\common\Emily is Away\emily is away.exe
FirewallRules: [{A2F396A7-B2CF-42CA-AFD9-95D562155303}] => (Allow) C:\Program Files (x86)\AVG\Av\avgmfapx.exe
FirewallRules: [{BD86AFE3-7A08-4CBD-8E3C-70F275EC7633}] => (Allow) C:\Program Files (x86)\AVG\Av\avgmfapx.exe
FirewallRules: [{FB1DB392-1FBB-470E-A284-A14C21B77E2F}] => (Allow) C:\Program Files (x86)\Origin Games\Dead Space 3\deadspace3.exe
FirewallRules: [{6E4E64A9-BD73-48AB-B9CA-D5069F57BD02}] => (Allow) C:\Program Files (x86)\Origin Games\Dead Space 3\deadspace3.exe
FirewallRules: [TCP Query User{C0584E31-3065-4474-AA88-C3D2CED601E7}C:\gog games\terraria\terrariaserver.exe] => (Allow) C:\gog games\terraria\terrariaserver.exe
FirewallRules: [UDP Query User{12453E44-3186-4CE2-A32F-0D8D5B419BA8}C:\gog games\terraria\terrariaserver.exe] => (Allow) C:\gog games\terraria\terrariaserver.exe
FirewallRules: [{080F8DDD-54E9-43D3-836E-6EBFB404542C}] => (Allow) D:\Steam\steamapps\common\Hurtworld\Hurtworld.exe
FirewallRules: [{331F7D72-D517-49C1-B759-60B72E382F3D}] => (Allow) D:\Steam\steamapps\common\Hurtworld\Hurtworld.exe
FirewallRules: [{10BF1FEB-6697-49DB-8595-E4D1E2E8B83D}] => (Allow) D:\Steam\steamapps\common\Brawlhalla\Brawlhalla.exe
FirewallRules: [{A62301DE-D76B-4513-B3E3-A17BAEDF9566}] => (Allow) D:\Steam\steamapps\common\Brawlhalla\Brawlhalla.exe
FirewallRules: [{03614493-9155-4642-8BCD-76B5E4E58C06}] => (Allow) D:\Steam\steamapps\common\insurgency2\insurgency.exe
FirewallRules: [{A82C9D23-53BF-4AA1-95D0-69CFEDF188AC}] => (Allow) D:\Steam\steamapps\common\insurgency2\insurgency.exe
FirewallRules: [{9392E0AC-BA83-4155-999C-15EB4741B59C}] => (Allow) C:\Steam\SteamApps\common\dont_starve\bin\dontstarve_steam.exe
FirewallRules: [{037A7B93-0AC1-4E8E-95CB-E1EAFD0947A2}] => (Allow) C:\Steam\SteamApps\common\dont_starve\bin\dontstarve_steam.exe
FirewallRules: [{A17C01CD-8D5D-4417-A7EE-445BB4F45D49}] => (Allow) D:\Steam\steamapps\common\Jedi Academy\GameData\jasp.exe
FirewallRules: [{83CA53FF-A8E9-4C1C-9061-4E09E4B68BA7}] => (Allow) D:\Steam\steamapps\common\Jedi Academy\GameData\jasp.exe
FirewallRules: [{AD60D0CB-D079-40B7-AB63-A9DFA29B12B9}] => (Allow) D:\Steam\steamapps\common\Jedi Academy\GameData\jamp.exe
FirewallRules: [{81CB5D6C-2744-431F-8A83-34309192E094}] => (Allow) D:\Steam\steamapps\common\Jedi Academy\GameData\jamp.exe
FirewallRules: [{95C4C220-2428-4436-87C7-331BE8F96D80}] => (Allow) D:\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [{46D42169-680A-4110-80D5-C8F381764AF5}] => (Allow) D:\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [{F3C6CB40-EBA7-46F7-A5A4-5077C91240FE}] => (Allow) D:\Steam\steamapps\common\Hurtworld\HurtworldClient.exe
FirewallRules: [{B987E40A-2C59-4489-B0C1-0B408DEB8521}] => (Allow) D:\Steam\steamapps\common\Hurtworld\HurtworldClient.exe
FirewallRules: [{33E3B8C7-D825-40D4-B88E-26C9C9E26D8C}] => (Allow) D:\Steam\steamapps\common\Risk of Rain\Risk of Rain.exe
FirewallRules: [{1E4EE38F-AC94-4307-901E-DA37617F72DE}] => (Allow) D:\Steam\steamapps\common\Risk of Rain\Risk of Rain.exe
FirewallRules: [{B5D7C706-2A1B-429F-90A7-E0220107A5CD}] => (Allow) D:\Steam\steamapps\common\Rust\Rust.exe
FirewallRules: [{4C03A861-6A96-4C12-B277-300070550356}] => (Allow) D:\Steam\steamapps\common\Rust\Rust.exe
FirewallRules: [{324A5F0A-2635-4A82-BD38-F34624679746}] => (Allow) D:\Steam\steamapps\common\SpeedRunners\SpeedRunners.exe
FirewallRules: [{E862CBC5-EFB8-4398-A891-354D4DA629EC}] => (Allow) D:\Steam\steamapps\common\SpeedRunners\SpeedRunners.exe
FirewallRules: [{1F801F28-19EA-46A0-B39F-28F144AF3F61}] => (Allow) D:\Steam\steamapps\common\The Mean Greens - Plastic Warfare\TheMeanGreens\Binaries\Win64\TheMeanGreens-Win64-Shipping.exe
FirewallRules: [{528F2B1E-E34E-4E4C-B767-0C993677A83B}] => (Allow) D:\Steam\steamapps\common\The Mean Greens - Plastic Warfare\TheMeanGreens\Binaries\Win64\TheMeanGreens-Win64-Shipping.exe
FirewallRules: [{92B7EAB7-A8C0-4A30-9E7D-F90A1CFB1F59}] => (Allow) D:\Steam\steamapps\common\Transistor\x64\Transistor.exe
FirewallRules: [{B694DBF6-C326-4C3B-9863-1C59EAD89BA4}] => (Allow) D:\Steam\steamapps\common\Transistor\x64\Transistor.exe
FirewallRules: [{EBE38983-40BD-4F75-BD97-CC6E2B112299}] => (Allow) D:\Steam\steamapps\common\lethalleague\LethalLeague.exe
FirewallRules: [{1EC91F64-C926-4A17-BE09-D4AAA1CE2DE8}] => (Allow) D:\Steam\steamapps\common\lethalleague\LethalLeague.exe
FirewallRules: [{736DEABA-05F3-4543-8315-47A10349735F}] => (Allow) D:\Steam\steamapps\common\King's Quest\Binaries\Win\KingsQuest.exe
FirewallRules: [{E70C31A8-AD26-47B4-A688-C9F944865EF5}] => (Allow) D:\Steam\steamapps\common\King's Quest\Binaries\Win\KingsQuest.exe
FirewallRules: [{31B84675-81BF-4394-947F-815AD32A6288}] => (Allow) D:\Steam\steamapps\common\DrinkBox_Game4\Game.exe
FirewallRules: [{D9BC3167-5066-43F0-9FD7-7CDD7910DA8E}] => (Allow) D:\Steam\steamapps\common\DrinkBox_Game4\Game.exe
FirewallRules: [{D4ECB153-C424-4CD0-A70D-401F67D30A5D}] => (Allow) D:\Steam\steamapps\common\Guacamelee\Guac.exe
FirewallRules: [{C00B9462-0FC5-4A42-95C1-1E15D4C62618}] => (Allow) D:\Steam\steamapps\common\Guacamelee\Guac.exe
FirewallRules: [{29DD87A8-F8FC-4BC4-B8D3-E7B2DD2F3D01}] => (Allow) D:\Steam\steamapps\common\Grim Fandango Remastered\GrimFandango.exe
FirewallRules: [{C54E50EF-498D-4683-AC04-FAAE44EBD024}] => (Allow) D:\Steam\steamapps\common\Grim Fandango Remastered\GrimFandango.exe
FirewallRules: [{5E70CF38-D185-4002-B7BE-4B443D898E0B}] => (Allow) D:\Steam\steamapps\common\Geometry Dash\GeometryDash.exe
FirewallRules: [{03B1D084-A9F2-4B6F-A0EF-EF3FB6635E23}] => (Allow) D:\Steam\steamapps\common\Geometry Dash\GeometryDash.exe
FirewallRules: [{2B991ECD-52B7-42EE-96D9-84554DE21821}] => (Allow) D:\Steam\steamapps\common\GoatSimulator\Binaries\Win32\GoatGame-Win32-Shipping.exe
FirewallRules: [{3F46213D-A04D-443E-8290-D3120206002D}] => (Allow) D:\Steam\steamapps\common\GoatSimulator\Binaries\Win32\GoatGame-Win32-Shipping.exe
FirewallRules: [{48708460-942D-40F8-BB4B-8ECBB4A35B88}] => (Allow) D:\Steam\steamapps\common\Saints Row IV\SaintsRowIV.exe
FirewallRules: [{A591C18D-231C-4A0B-B179-192968E526C3}] => (Allow) D:\Steam\steamapps\common\Saints Row IV\SaintsRowIV.exe
FirewallRules: [{8CD86956-F917-418A-A12D-6F18519E71E9}] => (Allow) C:\Steam\SteamApps\common\Worms Reloaded\WormsReloaded.exe
FirewallRules: [{28DBF86F-8E00-4FFA-94DA-CD3B0A53A87E}] => (Allow) C:\Steam\SteamApps\common\Worms Reloaded\WormsReloaded.exe
FirewallRules: [{430AD443-9620-473B-AB15-DCF9A7FC71EE}] => (Allow) D:\Steam\steamapps\common\reflexfps\reflex.exe
FirewallRules: [{F979A09A-9AC2-48BC-B7E4-CAADB4F65927}] => (Allow) D:\Steam\steamapps\common\reflexfps\reflex.exe
FirewallRules: [{C2F0BBC3-A299-46B1-86B2-451BDDD55AE0}] => (Allow) C:\Steam\SteamApps\common\Don't Starve Together\bin\dontstarve_steam.exe
FirewallRules: [{FDEDC4C5-44BB-4930-B0E4-D33F88B22B5E}] => (Allow) C:\Steam\SteamApps\common\Don't Starve Together\bin\dontstarve_steam.exe
FirewallRules: [{E82311DF-100B-4D06-B9F9-88964D641101}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{ED9FA859-D372-4FAD-B2F7-6AD001F63E47}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{77D5DD51-D142-4054-9894-DBD4EC410A3E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{12A6A3CA-AB57-46C7-A81A-F608F506D56A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{09D96CB5-E737-49C2-A555-9537B8E7BFF7}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{B7251954-FBB2-4B13-9B8D-CCBB3D232548}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{75719BF4-A39A-4CFA-A06B-F6CD00557C9C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{0A7FC381-B8ED-46DD-A6E5-D01F427F135E}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{0B89F618-F543-47B1-A5ED-218FC68B5732}] => (Allow) C:\Program Files (x86)\Opera\42.0.2393.137\opera.exe
FirewallRules: [{563A0BB8-703F-4E57-8260-B5B696CB0014}] => (Allow) C:\Program Files (x86)\Opera\44.0.2510.857\opera.exe
FirewallRules: [TCP Query User{6F3DB904-B82C-46FA-8C66-A9E01D6DCB0E}D:\ow\overwatch\overwatch.exe] => (Allow) D:\ow\overwatch\overwatch.exe
FirewallRules: [UDP Query User{D63BB14E-CD94-4310-9696-37C2BB06A177}D:\ow\overwatch\overwatch.exe] => (Allow) D:\ow\overwatch\overwatch.exe
FirewallRules: [{7AF4F977-4977-4BB6-B518-9BCE476995EA}] => (Allow) C:\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{D4E3A1E6-490D-4E2B-A62B-90308146D692}] => (Allow) C:\Steam\bin\cef\cef.win7\steamwebhelper.exe
==================== Restore Points =========================
24-03-2017 17:14:26 Automatic creation
25-03-2017 10:22:06 Automatic creation
27-03-2017 17:59:52 Automatic creation
28-03-2017 05:55:56 Automatic creation
==================== Faulty Device Manager Devices =============
Name: Marvell 91xx Config ATA Device
Description: Marvell 91xx Config ATA Device
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Event log errors: =========================
Application errors:
==================
Error: (03/28/2017 05:55:56 AM) (Source: VSS) (EventID: 8194) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface. hr = 0x80070005, Access is denied.
.
This is often caused by incorrect security settings in either the writer or requestor process.
Operation:
Gathering Writer Data
Context:
Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
Writer Name: System Writer
Writer Instance ID: {d6814828-49f9-49a0-a49d-c7c9bb31b339}
Error: (03/28/2017 05:26:08 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (03/27/2017 05:59:52 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface. hr = 0x80070005, Access is denied.
.
This is often caused by incorrect security settings in either the writer or requestor process.
Operation:
Gathering Writer Data
Context:
Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
Writer Name: System Writer
Writer Instance ID: {5996f260-61ff-4735-a7c0-c774b818d91b}
Error: (03/27/2017 05:30:52 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (03/27/2017 05:10:07 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (03/27/2017 04:58:41 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (03/27/2017 04:54:36 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (03/27/2017 04:47:25 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (03/27/2017 04:42:40 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (03/27/2017 04:28:34 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program CCC.exe version 4.5.0.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
Process ID: 14c8
Start Time: 01d2a6fd68245436
Termination Time: 7
Application Path: C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\CCC.exe
Report Id: 3d46833c-12f1-11e7-9ba3-00aca320a6d8
System errors:
=============
Error: (03/27/2017 05:29:20 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 5:12:31 PM on 3/27/2017 was unexpected.
Error: (03/27/2017 04:56:46 PM) (Source: volmgr) (EventID: 46) (User: )
Description: Crash dump initialization failed!
Error: (03/27/2017 04:53:24 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error:
The dependency service or group failed to start.
Error: (03/27/2017 04:53:24 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error:
The dependency service or group failed to start.
Error: (03/27/2017 04:53:25 PM) (Source: DCOM) (EventID: 10005) (User: )
Description: DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server:
{9E175B6D-F52A-11D8-B9A5-505054503030}
Error: (03/27/2017 04:53:25 PM) (Source: DCOM) (EventID: 10005) (User: )
Description: DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server:
{7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
Error: (03/27/2017 04:53:24 PM) (Source: DCOM) (EventID: 10005) (User: )
Description: DCOM got error "1068" attempting to start the service netprofm with arguments "" in order to run the server:
{A47979D2-C419-11D9-A5B4-001185AD2B89}
Error: (03/27/2017 04:53:24 PM) (Source: DCOM) (EventID: 10005) (User: )
Description: DCOM got error "1068" attempting to start the service netman with arguments "" in order to run the server:
{BA126AD1-2166-11D1-B1D0-00805FC1270E}
Error: (03/27/2017 04:53:23 PM) (Source: DCOM) (EventID: 10005) (User: )
Description: DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server:
{1BE1F766-5536-11D1-B726-00C04FB926AF}
Error: (03/27/2017 04:53:15 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
AFD
AppleCharger
DfsC
discache
ESProtectionDriver
klbackupflt
klhk
KLIF
KLIM6
klpd
kltdi
Klwtp
kneps
NetBIOS
NetBT
nsiproxy
Psched
rdbss
spldr
tdx
vwififlt
Wanarpv6
WfpLwf
ws2ifsl
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i7 CPU 950 @ 3.07GHz
Percentage of memory in use: 46%
Total physical RAM: 6142.43 MB
Available physical RAM: 3304.15 MB
Total Virtual: 12283.04 MB
Available Virtual: 9110.91 MB
==================== Drives ================================
Drive c: (HDD Main) (Fixed) (Total:931.41 GB) (Free:247.51 GB) NTFS
Drive d: (SSD) (Fixed) (Total:223.57 GB) (Free:46.9 GB) NTFS
Drive f: (Fallout 4) (CDROM) (Total:24.47 GB) (Free:0 GB) UDF
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: C232954D)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=931.4 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 223.6 GB) (Disk ID: E9CEE9B3)
Partition 1: (Not Active) - (Size=223.6 GB) - (Type=07 NTFS)
==================== End of Addition.txt ============================
-
March 28th, 2017, 06:16 AM
#15
I have realized my computer is constantly using 3gbs of ram even while idle. and cpu fan is making sounds all the time i guess because of trojan.
Thread Information
Users Browsing this Thread
There are currently 1 users browsing this thread. (0 members and 1 guests)
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|