Blue Screens and other Crashes - Page 3

evanandrew3333 · #31 March 2nd, 2019, 03:15 PM

2019-02-13 09:39 - 2019-01-08 22:06 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2019-02-13 09:39 - 2019-01-08 22:06 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2019-02-13 09:39 - 2019-01-08 22:06 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2019-02-13 09:39 - 2019-01-08 22:06 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2019-02-13 09:39 - 2019-01-08 22:06 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2019-02-13 09:39 - 2019-01-08 22:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2019-02-13 09:39 - 2019-01-08 22:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2019-02-13 09:39 - 2019-01-08 22:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2019-02-13 09:39 - 2019-01-08 22:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2019-02-13 09:39 - 2019-01-08 22:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2019-02-13 09:39 - 2019-01-08 22:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2019-02-13 09:39 - 2019-01-08 22:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2019-02-13 09:39 - 2019-01-08 22:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2019-02-13 09:39 - 2019-01-08 22:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2019-02-13 09:39 - 2019-01-08 22:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2019-02-13 09:39 - 2019-01-08 22:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2019-02-13 09:39 - 2019-01-08 22:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2019-02-13 09:39 - 2019-01-08 22:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2019-02-13 09:39 - 2019-01-08 21:58 - 004055784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2019-02-13 09:39 - 2019-01-08 21:58 - 003960552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2019-02-13 09:39 - 2019-01-08 21:57 - 001314112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2019-02-13 09:39 - 2019-01-08 21:55 - 001114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2019-02-13 09:39 - 2019-01-08 21:55 - 000644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2019-02-13 09:39 - 2019-01-08 21:55 - 000275968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2019-02-13 09:39 - 2019-01-08 21:55 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2019-02-13 09:39 - 2019-01-08 21:55 - 000043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2019-02-13 09:39 - 2019-01-08 21:55 - 000007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2019-02-13 09:39 - 2019-01-08 21:55 - 000005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2019-02-13 09:39 - 2019-01-08 21:55 - 000005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2019-02-13 09:39 - 2019-01-08 21:55 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2019-02-13 09:39 - 2019-01-08 21:55 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2019-02-13 09:39 - 2019-01-08 21:55 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2019-02-13 09:39 - 2019-01-08 21:55 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2019-02-13 09:39 - 2019-01-08 21:55 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2019-02-13 09:39 - 2019-01-08 21:55 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2019-02-13 09:39 - 2019-01-08 21:55 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2019-02-13 09:39 - 2019-01-08 21:55 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2019-02-13 09:39 - 2019-01-08 21:55 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2019-02-13 09:39 - 2019-01-08 21:55 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2019-02-13 09:39 - 2019-01-08 21:55 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2019-02-13 09:39 - 2019-01-08 21:55 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2019-02-13 09:39 - 2019-01-08 21:55 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2019-02-13 09:39 - 2019-01-08 21:55 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2019-02-13 09:39 - 2019-01-08 21:55 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2019-02-13 09:39 - 2019-01-08 21:55 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll

evanandrew3333 · #32 March 2nd, 2019, 03:16 PM

2019-02-13 09:39 - 2019-01-08 21:55 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2019-02-13 09:39 - 2019-01-08 21:55 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2019-02-13 09:39 - 2019-01-08 21:55 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2019-02-13 09:39 - 2019-01-08 21:55 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2019-02-13 09:39 - 2019-01-08 21:55 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2019-02-13 09:39 - 2019-01-08 21:55 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2019-02-13 09:39 - 2019-01-08 21:55 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2019-02-13 09:39 - 2019-01-08 21:45 - 000076800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys
2019-02-13 09:39 - 2019-01-08 21:45 - 000033408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys
2019-02-13 09:39 - 2019-01-08 21:45 - 000030208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidusb.sys
2019-02-13 09:39 - 2019-01-08 21:41 - 000148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2019-02-13 09:39 - 2019-01-08 21:41 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2019-02-13 09:39 - 2019-01-08 21:41 - 000017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2019-02-13 09:39 - 2019-01-08 21:38 - 000338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2019-02-13 09:39 - 2019-01-08 21:38 - 000296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2019-02-13 09:39 - 2019-01-08 21:38 - 000129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\videoprt.sys
2019-02-13 09:39 - 2019-01-08 21:37 - 000009728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sscore.dll
2019-02-13 09:39 - 2019-01-08 21:35 - 000464384 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2019-02-13 09:39 - 2019-01-08 21:35 - 000406016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2019-02-13 09:39 - 2019-01-08 21:35 - 000169984 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2019-02-13 09:39 - 2019-01-08 21:34 - 000112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2019-02-13 09:39 - 2019-01-08 21:34 - 000064512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdk8.sys
2019-02-13 09:39 - 2019-01-08 21:34 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\intelppm.sys
2019-02-13 09:39 - 2019-01-08 21:34 - 000060928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\processr.sys
2019-02-13 09:39 - 2019-01-08 21:34 - 000060928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdppm.sys
2019-02-13 09:39 - 2019-01-08 21:34 - 000025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2019-02-13 09:39 - 2019-01-08 21:34 - 000014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2019-02-13 09:39 - 2019-01-08 21:34 - 000007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2019-02-13 09:39 - 2019-01-08 21:34 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2019-02-13 09:39 - 2019-01-08 21:33 - 000006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2019-02-13 09:39 - 2019-01-08 21:33 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2019-02-13 09:39 - 2019-01-08 21:33 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2019-02-13 09:39 - 2019-01-08 21:33 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2019-02-13 09:39 - 2019-01-07 12:19 - 003228160 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2019-02-13 09:39 - 2019-01-01 11:08 - 000114408 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2019-02-13 09:39 - 2019-01-01 11:05 - 003247104 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2019-02-13 09:39 - 2019-01-01 11:05 - 000504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2019-02-13 09:39 - 2019-01-01 11:05 - 000025088 _____ (Microsoft Corporation) C:\Windows\system32\msimsg.dll
2019-02-13 09:39 - 2019-01-01 11:04 - 001942016 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2019-02-13 09:39 - 2019-01-01 11:04 - 000070144 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2019-02-13 09:39 - 2019-01-01 10:58 - 002368000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2019-02-13 09:39 - 2019-01-01 10:58 - 000337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2019-02-13 09:39 - 2019-01-01 10:58 - 000025088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimsg.dll
2019-02-13 09:39 - 2019-01-01 10:57 - 001806848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2019-02-13 09:39 - 2019-01-01 10:39 - 000128512 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2019-02-13 09:39 - 2019-01-01 10:39 - 000073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe
2019-02-13 09:39 - 2018-12-28 14:59 - 002072576 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2019-02-13 09:39 - 2018-12-28 14:59 - 000876032 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2019-02-13 09:39 - 2018-12-28 14:59 - 000516608 _____ (Microsoft Corporation) C:\Windows\system32\rpcss.dll
2019-02-13 09:39 - 2018-12-28 14:59 - 000026112 _____ (Microsoft Corporation) C:\Windows\system32\oleres.dll
2019-02-13 09:39 - 2018-12-28 14:59 - 000008704 _____ (Microsoft Corporation) C:\Windows\system32\comcat.dll
2019-02-13 09:39 - 2018-12-28 14:48 - 001425920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2019-02-13 09:39 - 2018-12-28 14:48 - 000582144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2019-02-13 09:39 - 2018-12-28 14:48 - 000026112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleres.dll
2019-02-13 09:39 - 2018-12-28 14:32 - 000007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comcat.dll
2019-02-13 09:39 - 2018-12-04 11:07 - 000194048 _____ (Microsoft Corporation) C:\Windows\system32\itircl.dll
2019-02-13 09:39 - 2018-12-04 11:07 - 000170496 _____ (Microsoft Corporation) C:\Windows\system32\itss.dll
2019-02-13 09:39 - 2018-12-04 10:55 - 000158720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\itircl.dll
2019-02-13 09:39 - 2018-12-04 10:55 - 000142848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\itss.dll
2019-02-13 09:39 - 2018-12-02 11:06 - 000687616 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2019-02-13 09:39 - 2018-10-12 08:05 - 000998480 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll
2019-02-13 09:39 - 2018-10-12 08:05 - 000918408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll
2019-02-13 09:39 - 2018-10-12 08:05 - 000066000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-private-l1-1-0.dll
2019-02-13 09:39 - 2018-10-12 08:05 - 000063936 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll
2019-02-13 09:39 - 2018-10-12 08:05 - 000021968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-math-l1-1-0.dll
2019-02-13 09:39 - 2018-10-12 08:05 - 000020944 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
2019-02-13 09:39 - 2018-10-12 08:05 - 000019408 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2019-02-13 09:39 - 2018-10-12 08:05 - 000018880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
2019-02-13 09:39 - 2018-10-12 08:05 - 000017872 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2019-02-13 09:39 - 2018-10-12 08:05 - 000017856 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
2019-02-13 09:39 - 2018-10-12 08:05 - 000017360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-stdio-l1-1-0.dll
2019-02-13 09:39 - 2018-10-12 08:05 - 000017352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-string-l1-1-0.dll
2019-02-13 09:39 - 2018-10-12 08:05 - 000016336 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2019-02-13 09:39 - 2018-10-12 08:05 - 000015824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2019-02-13 09:39 - 2018-10-12 08:05 - 000015808 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2019-02-13 09:39 - 2018-10-12 08:05 - 000015296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-convert-l1-1-0.dll
2019-02-13 09:39 - 2018-10-12 08:05 - 000014312 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
2019-02-13 09:39 - 2018-10-12 08:05 - 000014272 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-2-0.dll
2019-02-13 09:39 - 2018-10-12 08:05 - 000013768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-time-l1-1-0.dll
2019-02-13 09:39 - 2018-10-12 08:05 - 000013760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-2-0.dll
2019-02-13 09:39 - 2018-10-12 08:05 - 000013760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2019-02-13 09:39 - 2018-10-12 08:05 - 000013264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
2019-02-13 09:39 - 2018-10-12 08:05 - 000012752 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll
2019-02-13 09:39 - 2018-10-12 08:05 - 000012736 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2019-02-13 09:39 - 2018-10-12 08:05 - 000012264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-conio-l1-1-0.dll
2019-02-13 09:39 - 2018-10-12 08:05 - 000012240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-process-l1-1-0.dll
2019-02-13 09:39 - 2018-10-12 08:05 - 000012240 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2019-02-13 09:39 - 2018-10-12 08:05 - 000012240 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-2-0.dll
2019-02-13 09:39 - 2018-10-12 08:05 - 000012232 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll

evanandrew3333 · #33 March 2nd, 2019, 03:17 PM

2019-02-13 09:39 - 2018-10-12 08:05 - 000012224 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2019-02-13 09:39 - 2018-10-12 08:05 - 000012224 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-1.dll
2019-02-13 09:39 - 2018-10-12 08:05 - 000012024 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2019-02-13 09:39 - 2018-10-12 08:05 - 000011752 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-2-0.dll
2019-02-13 09:39 - 2018-10-12 08:05 - 000011728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll
2019-02-13 09:39 - 2018-10-12 08:05 - 000011728 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-timezone-l1-1-0.dll
2019-02-13 09:39 - 2018-10-12 08:05 - 000011712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-utility-l1-1-0.dll
2019-02-13 09:39 - 2018-10-12 08:05 - 000011712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll
2019-02-13 09:39 - 2018-10-12 08:05 - 000011712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-environment-l1-1-0.dll
2019-02-13 09:39 - 2018-10-12 08:05 - 000011712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-2-0.dll
2019-02-13 09:39 - 2018-10-12 08:05 - 000011712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-1.dll
2019-02-13 09:39 - 2018-10-12 08:05 - 000011712 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l2-1-0.dll
2019-02-13 09:39 - 2018-10-12 08:05 - 000011512 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l2-1-0.dll
2019-02-13 09:39 - 2018-10-12 08:05 - 000011216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l2-1-0.dll
2019-02-13 09:39 - 2018-10-12 08:05 - 000011216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-timezone-l1-1-0.dll
2019-02-13 09:39 - 2018-10-12 08:05 - 000011216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l2-1-0.dll
2019-02-13 09:39 - 2018-10-12 08:05 - 000011200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-2-0.dll
2019-02-11 20:52 - 2019-02-11 20:52 - 000003210 _____ C:\Windows\System32\Tasks\{ADF537E3-EB3B-4A5C-8F58-C02B56E634C4}
2019-02-10 19:17 - 2019-02-10 19:17 - 000000221 _____ C:\Users\beatcat\Desktop\Men of War Assault Squad.url
2019-02-10 18:26 - 2019-02-10 18:26 - 000000222 _____ C:\Users\beatcat\Desktop\Men of War Assault Squad 2.url
2019-02-10 17:25 - 2019-02-10 17:25 - 005112480 _____ (Husdawg, LLC) C:\Users\beatcat\Downloads\Detection (6).exe
2019-02-09 11:29 - 2019-02-09 11:29 - 000135189 _____ C:\Users\beatcat\Documents\second Mike test.wma
2019-02-09 11:27 - 2019-02-09 11:27 - 000139679 _____ C:\Users\beatcat\Desktop\A Mike test.wma
2019-02-09 11:26 - 2019-02-09 11:26 - 000099269 _____ C:\Users\beatcat\Documents\test of sound recorder.wma
2019-02-09 11:17 - 2019-02-09 11:17 - 000000981 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity.lnk
2019-02-09 11:17 - 2019-02-09 11:17 - 000000969 _____ C:\Users\Public\Desktop\Audacity.lnk
2019-02-09 11:17 - 2019-02-09 11:17 - 000000000 ____D C:\Users\beatcat\AppData\Local\Audacity
2019-02-09 11:15 - 2019-02-09 11:17 - 000000000 ____D C:\Program Files (x86)\Audacity
2019-02-09 11:15 - 2019-02-09 11:15 - 026693160 _____ (Audacity Team ) C:\Users\beatcat\Downloads\audacity-win-2.3.0.exe
2019-02-09 10:45 - 2019-02-09 10:45 - 001794829 _____ C:\Users\beatcat\Desktop\microphone manual.pdf
2019-02-09 10:32 - 2019-02-09 10:32 - 000001268 _____ C:\Users\Public\Desktop\Skype.lnk
2019-02-09 10:32 - 2019-02-09 10:32 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2019-02-09 10:23 - 2019-02-09 10:23 - 063927520 _____ (Skype Technologies S.A.) C:\Users\beatcat\Downloads\Skype-8.38.0.161.exe
2019-02-09 05:37 - 2019-02-09 10:27 - 000000000 ___RD C:\Program Files (x86)\Skype
2019-02-08 12:06 - 2019-02-08 12:06 - 000021267 _____ C:\Users\beatcat\Documents\tinder transcript.txt
2019-02-08 10:38 - 2019-02-08 10:39 - 000623334 _____ C:\Users\beatcat\Downloads\IMG_4223.jpeg
2019-02-06 21:53 - 2019-02-06 21:53 - 002557797 _____ C:\Users\beatcat\Downloads\IMG_3778 (3).jpeg
2019-02-06 21:52 - 2019-02-06 21:52 - 000412635 _____ C:\Users\beatcat\Downloads\IMG_4701 (5).jpeg
2019-02-06 20:21 - 2019-02-06 20:21 - 000412635 _____ C:\Users\beatcat\Downloads\IMG_4701 (4).jpeg
2019-02-06 20:21 - 2019-02-06 20:21 - 000412635 _____ C:\Users\beatcat\Downloads\IMG_4701 (3).jpeg
2019-02-06 20:20 - 2019-02-06 20:20 - 002557797 _____ C:\Users\beatcat\Downloads\IMG_3778 (2).jpeg
2019-02-06 20:20 - 2019-02-06 20:20 - 002552536 _____ C:\Users\beatcat\Downloads\IMG_4401 (1).jpeg
2019-02-06 20:20 - 2019-02-06 20:20 - 001610171 _____ C:\Users\beatcat\Downloads\81A878EB-B164-4D35-9575-E666B0837BA2 (4).jpeg
2019-02-06 20:20 - 2019-02-06 20:20 - 000987731 _____ C:\Users\beatcat\Downloads\Facetune_27-05-2018-21-45-17 (2).jpeg
2019-02-06 20:20 - 2019-02-06 20:20 - 000917474 _____ C:\Users\beatcat\Downloads\IMG_4846.jpeg
2019-02-06 20:20 - 2019-02-06 20:20 - 000412635 _____ C:\Users\beatcat\Downloads\IMG_4701 (2).jpeg
2019-02-06 20:20 - 2019-02-06 20:20 - 000295608 _____ C:\Users\beatcat\Downloads\IMG_4234 (2).jpeg
2019-02-06 20:19 - 2019-02-06 20:19 - 002557797 _____ C:\Users\beatcat\Downloads\IMG_3778.jpeg
2019-02-06 20:19 - 2019-02-06 20:19 - 002557797 _____ C:\Users\beatcat\Downloads\IMG_3778 (1).jpeg
2019-02-06 20:19 - 2019-02-06 20:19 - 001610171 _____ C:\Users\beatcat\Downloads\81A878EB-B164-4D35-9575-E666B0837BA2 (3).jpeg
2019-02-06 20:19 - 2019-02-06 20:19 - 001610171 _____ C:\Users\beatcat\Downloads\81A878EB-B164-4D35-9575-E666B0837BA2 (2).jpeg
2019-02-06 20:19 - 2019-02-06 20:19 - 001610171 _____ C:\Users\beatcat\Downloads\81A878EB-B164-4D35-9575-E666B0837BA2 (1).jpeg
2019-02-06 20:18 - 2019-02-06 20:18 - 000987731 _____ C:\Users\beatcat\Downloads\Facetune_27-05-2018-21-45-17.jpeg
2019-02-06 20:18 - 2019-02-06 20:18 - 000987731 _____ C:\Users\beatcat\Downloads\Facetune_27-05-2018-21-45-17 (1).jpeg
2019-02-06 20:18 - 2019-02-06 20:18 - 000412635 _____ C:\Users\beatcat\Downloads\IMG_4701.jpeg
2019-02-06 20:18 - 2019-02-06 20:18 - 000412635 _____ C:\Users\beatcat\Downloads\IMG_4701 (1).jpeg
2019-02-06 20:17 - 2019-02-06 20:17 - 001610171 _____ C:\Users\beatcat\Downloads\81A878EB-B164-4D35-9575-E666B0837BA2.jpeg
2019-02-06 20:17 - 2019-02-06 20:17 - 000295608 _____ C:\Users\beatcat\Downloads\IMG_4234.jpeg
2019-02-06 20:17 - 2019-02-06 20:17 - 000295608 _____ C:\Users\beatcat\Downloads\IMG_4234 (1).jpeg
2019-02-06 20:16 - 2019-02-06 20:16 - 002552536 _____ C:\Users\beatcat\Downloads\IMG_4401.jpeg
2019-02-06 09:31 - 2019-02-06 09:31 - 019317944 _____ (AnchorFree Inc.) C:\Users\beatcat\Downloads\HotspotShield-7.15.1-plain-773-plain.exe
2019-02-06 08:43 - 2019-02-06 08:43 - 060933528 _____ (HP Development Company, L.P. ) C:\Users\beatcat\Downloads\sp93457.exe
2019-02-06 08:04 - 2019-02-06 08:04 - 003088472 _____ C:\Users\beatcat\Desktop\A document to Recertify for medical assistance.pdf
2019-02-05 16:03 - 2019-02-28 07:32 - 000000340 _____ C:\Windows\Tasks\HPCeeScheduleForbeatcat.job
2019-02-05 16:03 - 2019-02-27 23:06 - 000003198 _____ C:\Windows\System32\Tasks\HPCeeScheduleForbeatcat
2019-02-05 13:20 - 2019-02-05 13:22 - 058977120 _____ (HP Development Company, L.P. ) C:\Users\beatcat\Downloads\sp92393.exe
2019-02-05 09:45 - 2019-02-05 09:49 - 000000000 ___RD C:\Users\beatcat\Desktop\New Briefcase
2019-02-05 08:46 - 2019-02-06 08:44 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP Help and Support
2019-02-05 08:46 - 2019-02-05 08:46 - 000002189 _____ C:\Users\Public\Desktop\HP Support Assistant.lnk
2019-02-05 08:34 - 2019-02-05 08:34 - 000000000 ____D C:\Users\beatcat\AppData\Local\PC_Drivers_Headquar ters
2019-02-05 08:09 - 2019-02-05 08:09 - 000032832 _____ C:\Windows\SysWOW64\rnd_chunk.bin
2019-02-05 08:07 - 2019-02-12 20:23 - 000000000 ____D C:\Program Files (x86)\Driver Support
2019-02-05 08:07 - 2019-02-05 08:07 - 000000000 ____D C:\ProgramData\Driver Support
2019-02-04 07:45 - 2019-02-04 07:45 - 000001141 _____ C:\Users\beatcat\Desktop\Continue Front Mission 3 Installation.lnk
2019-01-29 09:30 - 2019-01-29 09:30 - 000000000 ____D C:\Windows\SysWOW64\xlive
2019-01-29 09:30 - 2019-01-29 09:30 - 000000000 ____D C:\Program Files (x86)\Microsoft Games for Windows - LIVE
2019-01-29 09:28 - 2019-01-29 09:28 - 021598208 _____ C:\Users\beatcat\Downloads\xliveredist(2).msi
2019-01-29 08:39 - 2019-01-29 08:39 - 000000221 _____ C:\Users\beatcat\Desktop\Fallout 3 - Game of the Year Edition.url
2019-01-29 08:01 - 2019-01-29 08:02 - 160497952 _____ (Advanced Micro Devices, Inc.) C:\Users\beatcat\Downloads\13-9-legacy_vista_win7_64_dd_ccc_whql.exe
2019-01-29 08:01 - 2019-01-29 08:02 - 160497952 _____ (Advanced Micro Devices, Inc.) C:\Users\beatcat\Downloads\13-9-legacy_vista_win7_64_dd_ccc_whql (1).exe
2019-01-28 22:31 - 2019-01-28 22:31 - 005112480 _____ (Husdawg, LLC) C:\Users\beatcat\Downloads\Detection (5).exe
2019-01-28 20:49 - 2019-01-28 20:49 - 000000220 _____ C:\Users\beatcat\Desktop\Company of Heroes - Legacy Edition.url
2019-01-27 14:59 - 2019-01-27 14:59 - 000000000 ____D C:\Windows\system32\Codecs
2019-01-27 14:56 - 2019-01-27 15:00 - 000000000 ____D C:\Windows\SysWOW64\Codecs
2019-01-27 14:56 - 2019-01-27 15:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Player - Codec Pack
2019-01-27 14:54 - 2019-01-27 14:54 - 045802032 _____ (Cole Williams Software Limited) C:\Users\beatcat\Downloads\media.player.codec.pack .v4.5.2.setup.exe
2019-01-27 14:53 - 2019-01-27 14:53 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LAV Filters
2019-01-27 14:53 - 2019-01-27 14:53 - 000000000 ____D C:\Program Files (x86)\LAV Filters
2019-01-27 14:52 - 2019-01-27 14:52 - 011984520 _____ (1f0.de ) C:\Users\beatcat\Downloads\LAVFilters-0.73.1-Installer.exe
2019-01-27 09:15 - 2019-01-27 09:15 - 000000000 ____D C:\Users\beatcat\AppData\LocalLow\Wales Interactive
2019-01-26 15:47 - 2019-01-26 15:47 - 005112480 _____ (Husdawg, LLC) C:\Users\beatcat\Downloads\Detection (4).exe
2019-01-25 20:42 - 2019-01-25 20:42 - 003378203 _____ C:\Users\beatcat\Desktop\mbst-clean-results.txt
2019-01-25 20:42 - 2019-01-25 20:42 - 000000000 ____D C:\Users\beatcat\AppData\Local\mbamtray
2019-01-25 20:42 - 2019-01-25 20:42 - 000000000 ____D C:\Users\beatcat\AppData\Local\mbam
2019-01-25 20:16 - 2019-01-25 20:16 - 072967448 _____ (Malwarebytes ) C:\Windows\SysWOW64\mb-setup.exe
2019-01-25 09:58 - 2012-06-11 17:48 - 000003938 _____ C:\Users\beatcat\Downloads\ZeroHistory-56163 - Copy.odm
2019-01-25 07:55 - 2019-01-25 07:55 - 003571440 _____ C:\Users\beatcat\Downloads\mb-support-1.3.1.553.exe
2019-01-25 07:55 - 2019-01-25 07:55 - 002428416 _____ (Farbar) C:\Users\beatcat\Downloads\FRSTEnglish.exe
2019-01-24 12:08 - 2019-01-24 12:08 - 000001597 _____ C:\Users\beatcat\Desktop\annabelle_leevid2 - Shortcut.lnk
2019-01-24 12:08 - 2019-01-24 12:08 - 000001597 _____ C:\Users\beatcat\Desktop\annabelle_leevid2 - Shortcut (2).lnk
2019-01-24 12:08 - 2019-01-24 12:08 - 000001597 _____ C:\Users\beatcat\Desktop\annabelle_leevid1 - Shortcut.lnk
2019-01-24 12:08 - 2019-01-24 12:08 - 000001597 _____ C:\Users\beatcat\Desktop\annabelle_leevid1 - Shortcut (2).lnk
2019-01-23 20:10 - 2019-01-23 20:10 - 000002173 _____ C:\Users\beatcat\Desktop\Discord.lnk
2019-01-23 20:10 - 2019-01-23 20:10 - 000000000 ____D C:\Users\beatcat\AppData\Roaming\Microsoft\Windows \Start Menu\Programs\Discord Inc
2019-01-23 20:09 - 2019-02-05 21:57 - 000000000 ____D C:\Users\beatcat\AppData\Roaming\Discord
2019-01-23 20:09 - 2019-01-23 20:09 - 000000000 ____D C:\Users\beatcat\AppData\Local\Discord
2019-01-23 20:08 - 2019-01-23 20:10 - 000000000 ____D C:\Users\beatcat\AppData\Local\SquirrelTemp
2019-01-23 20:08 - 2019-01-23 20:08 - 061394264 _____ (Discord Inc.) C:\Users\beatcat\Downloads\DiscordSetup.exe
2019-01-20 13:40 - 2019-01-20 13:40 - 000003031 _____ C:\Users\beatcat\Documents\notepad Jessicat januarey 20.txt

evanandrew3333 · #34 March 2nd, 2019, 03:17 PM

2019-01-18 06:05 - 2019-01-18 06:06 - 005112480 _____ (Husdawg, LLC) C:\Users\beatcat\Downloads\Detection (3).exe
2019-01-14 20:31 - 2019-01-14 20:31 - 000025635 _____ C:\Users\beatcat\Documents\Sibley complaint letter january 14.odt
2019-01-14 09:48 - 2019-01-14 09:48 - 000005784 _____ C:\Users\beatcat\Documents\NH prison abuse.txt
2019-01-12 20:52 - 2019-01-12 20:52 - 005112480 _____ (Husdawg, LLC) C:\Users\beatcat\Downloads\Detection (2).exe
2019-01-12 09:35 - 2019-02-06 08:34 - 000749972 _____ C:\Windows\ntbtlog.txt
2019-01-10 23:47 - 2019-01-10 23:47 - 000031805 _____ C:\Users\beatcat\Documents\aunt gerry bbbb.odt
2019-01-09 04:06 - 2019-01-11 00:02 - 000005748 _____ C:\Users\beatcat\Documents\another youtube list list.txt
2019-01-08 21:07 - 2018-12-28 15:02 - 001680616 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2019-01-08 21:06 - 2018-12-28 13:09 - 000419608 _____ C:\Windows\SysWOW64\locale.nls
2019-01-08 21:06 - 2018-12-28 13:09 - 000419608 _____ C:\Windows\system32\locale.nls
2019-01-08 21:06 - 2018-12-07 22:08 - 000095744 _____ (Microsoft Corporation) C:\Windows\system32\rascfg.dll
2019-01-08 21:06 - 2018-12-07 22:08 - 000076288 _____ (Microsoft Corporation) C:\Windows\system32\rasdiag.dll
2019-01-08 21:06 - 2018-12-07 22:08 - 000060928 _____ (Microsoft Corporation) C:\Windows\system32\ndptsp.tsp
2019-01-08 21:06 - 2018-12-07 22:08 - 000047104 _____ (Microsoft Corporation) C:\Windows\system32\kmddsp.tsp
2019-01-08 21:06 - 2018-12-07 22:08 - 000041472 _____ (Microsoft Corporation) C:\Windows\system32\rasmxs.dll
2019-01-08 21:06 - 2018-12-07 22:08 - 000029696 _____ (Microsoft Corporation) C:\Windows\system32\rasser.dll
2019-01-08 21:06 - 2018-12-07 21:56 - 000081408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rascfg.dll
2019-01-08 21:06 - 2018-12-07 21:56 - 000061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rasdiag.dll
2019-01-08 21:06 - 2018-12-07 21:56 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ndptsp.tsp
2019-01-08 21:06 - 2018-12-07 21:47 - 000088576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wanarp.sys
2019-01-08 21:06 - 2018-12-07 21:47 - 000058368 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndproxy.sys
2019-01-08 21:06 - 2018-12-07 21:47 - 000024064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndistapi.sys
2019-01-08 21:06 - 2018-12-07 21:41 - 000038912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kmddsp.tsp
2019-01-08 21:06 - 2018-12-07 21:41 - 000033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rasmxs.dll
2019-01-08 21:06 - 2018-12-07 21:41 - 000022528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rasser.dll
2019-01-08 09:09 - 2019-01-11 00:02 - 000001838 _____ C:\Users\beatcat\Documents\Youtube burn links tuesday.txt
2019-01-08 08:56 - 2019-01-08 08:56 - 000000000 ____D C:\Users\beatcat\Documents\Ashampoo Burning Studio FREE
2019-01-08 01:58 - 2019-01-08 01:58 - 000000000 ____D C:\Users\beatcat\AppData\Roaming\Ashampoo
2019-01-08 01:56 - 2019-01-08 01:58 - 000000000 ____D C:\Users\beatcat\AppData\Local\ashampoo
2019-01-08 01:55 - 2019-01-08 01:55 - 000001265 _____ C:\Users\Public\Desktop\Ashampoo Burning Studio FREE.lnk
2019-01-08 01:55 - 2019-01-08 01:55 - 000000221 _____ C:\Users\Public\Desktop\Ashampoo Deals.url
2019-01-08 01:55 - 2019-01-08 01:55 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ashampoo
2019-01-08 01:54 - 2019-01-08 01:56 - 000000000 ____D C:\ProgramData\Ashampoo
2019-01-08 01:54 - 2019-01-08 01:54 - 000000000 ____D C:\Program Files (x86)\Ashampoo
2019-01-08 01:51 - 2019-01-08 01:52 - 031803320 _____ (Ashampoo GmbH & Co. KG ) C:\Users\beatcat\Downloads\ashampoo_burning_studio _free_21850.exe
2019-01-08 01:51 - 2019-01-08 01:52 - 031803320 _____ (Ashampoo GmbH & Co. KG ) C:\Users\beatcat\Downloads\ashampoo_burning_studio _free_21850 (1).exe
2019-01-08 00:47 - 2019-01-08 00:47 - 000001022 _____ C:\Users\beatcat\AppData\Roaming\Microsoft\Windows \Start Menu\Programs\4K Video Downloader.lnk
2019-01-08 00:47 - 2019-01-08 00:47 - 000000992 _____ C:\Users\beatcat\Desktop\4K Video Downloader.lnk
2019-01-08 00:47 - 2019-01-08 00:47 - 000000000 ____D C:\Program Files\4KDownload
2019-01-08 00:41 - 2019-01-08 00:42 - 025133056 _____ C:\Users\beatcat\Downloads\4kvideodownloader_4.4.1 1_x64.msi
2019-01-07 23:28 - 2019-01-14 12:47 - 000023116 _____ C:\Users\beatcat\Documents\EMT nightmare 2019.odt
2019-01-07 23:21 - 2019-01-07 23:21 - 000001703 _____ C:\Users\beatcat\Documents\newest youtube for burn links.txt
2019-01-07 12:58 - 2019-01-07 12:58 - 001009588 _____ C:\Users\beatcat\Downloads\Privacy Release Form senator.pdf
2019-01-07 12:57 - 2019-01-07 12:57 - 000972524 _____ C:\Users\beatcat\Downloads\Privacy Release Form.pdf
2019-01-06 13:49 - 2019-01-06 13:49 - 000038785 _____ C:\Users\beatcat\Downloads\image1.jpeg
2019-01-06 11:52 - 2019-01-06 11:52 - 000000000 ____D C:\Users\beatcat\AppData\Local\FreemakeVideoConver ter
2019-01-05 23:17 - 2019-01-05 23:18 - 001011240 _____ (Ellora Assets Corporation ) C:\Users\beatcat\Downloads\FreemakeVideoDownloader Setup (2).exe
2019-01-05 23:17 - 2019-01-05 23:18 - 001010984 _____ (Mixbyte Inc. ) C:\Users\beatcat\Downloads\FreemakeVideoConverterS etup (1).exe
2019-01-05 22:04 - 2019-01-05 22:04 - 001010984 _____ (Mixbyte Inc. ) C:\Users\beatcat\Downloads\FreemakeVideoConverterS etup.exe
2019-01-05 21:58 - 2019-01-05 21:58 - 000000000 ____D C:\Users\beatcat\AppData\Local\FreemakeVideoDownlo ader
2019-01-05 21:56 - 2019-01-08 00:46 - 000000000 ____D C:\ProgramData\Freemake
2019-01-05 21:56 - 2019-01-06 11:51 - 000000000 ____D C:\Users\beatcat\Documents\Freemake
2019-01-05 21:54 - 2019-01-08 00:46 - 000000000 ____D C:\Program Files (x86)\Freemake
2019-01-05 21:54 - 2019-01-05 21:54 - 001011240 _____ (Ellora Assets Corporation ) C:\Users\beatcat\Downloads\FreemakeVideoDownloader Setup (1).exe
2019-01-05 21:53 - 2019-01-05 21:53 - 001011240 _____ (Ellora Assets Corporation ) C:\Users\beatcat\Downloads\FreemakeVideoDownloader Setup.exe
2019-01-04 23:28 - 2019-01-04 23:28 - 000183578 _____ C:\Users\beatcat\Downloads\em relocayion (1).pdf
2019-01-01 07:37 - 2019-01-01 07:37 - 001687259 _____ C:\Users\beatcat\Downloads\_Crocodile Rock_ Unisex T-Shirt by cooperp23 _ Redbubble.html
2019-01-01 07:37 - 2019-01-01 07:37 - 000000000 ____D C:\Users\beatcat\Downloads\_Crocodile Rock_ Unisex T-Shirt by cooperp23 _ Redbubble_files
2018-12-19 17:50 - 2018-12-19 17:50 - 000052616 _____ C:\Windows\SysWOW64\DiscHandler.exe
2018-12-13 04:48 - 2018-12-13 04:48 - 000003020 _____ C:\Windows\System32\Tasks\{88C91B33-B1C2-478C-A1CC-119AA5222976}
2018-12-13 04:10 - 2019-01-26 14:13 - 000001679 _____ C:\Users\beatcat\Downloads\Add_Compatibility_tab_t o_properties (3) - Shortcut.lnk
2018-12-13 04:10 - 2018-12-13 04:10 - 000000616 _____ C:\Users\beatcat\Downloads\Add_Compatibility_tab_t o_properties (3).reg
2018-12-13 04:00 - 2018-12-13 04:00 - 000000616 _____ C:\Users\beatcat\Downloads\Add_Compatibility_tab_t o_properties (2).reg
2018-12-13 03:59 - 2018-12-13 03:59 - 000000644 _____ C:\Users\beatcat\Downloads\Remove_Compatibility_ta b_from_properties.reg
2018-12-13 03:59 - 2018-12-13 03:59 - 000000616 _____ C:\Users\beatcat\Downloads\Add_Compatibility_tab_t o_properties (1).reg
2018-12-13 03:58 - 2018-12-13 03:58 - 000000616 _____ C:\Users\beatcat\Downloads\Add_Compatibility_tab_t o_properties.reg
2018-12-12 18:58 - 2018-12-12 18:58 - 000029053 _____ C:\Users\beatcat\Desktop\DxDiag dec 2018.txt
2018-12-12 18:03 - 2018-12-12 18:03 - 005112480 _____ (Husdawg, LLC) C:\Users\beatcat\Downloads\Detection(2).exe
2018-12-12 18:00 - 2018-12-12 18:00 - 021598208 _____ C:\Users\beatcat\Downloads\xliveredist(1).msi
2018-12-11 19:50 - 2018-11-28 17:02 - 014635520 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2018-12-11 19:50 - 2018-11-28 17:02 - 012574720 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2018-12-11 19:50 - 2018-11-28 17:02 - 000009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2018-12-11 19:50 - 2018-11-28 17:02 - 000005632 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2018-12-11 19:50 - 2018-11-28 17:02 - 000005632 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2018-12-11 19:50 - 2018-11-28 16:50 - 012574208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2018-12-11 19:50 - 2018-11-28 16:50 - 011411968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2018-12-11 19:50 - 2018-11-28 16:38 - 000008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2018-12-11 19:50 - 2018-11-28 16:38 - 000004608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2018-12-11 19:50 - 2018-11-28 16:38 - 000004608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2018-12-11 19:50 - 2018-11-11 12:01 - 000366824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msrpc.sys
2018-12-11 19:50 - 2018-11-11 11:58 - 000405504 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2018-12-11 19:50 - 2018-11-11 11:45 - 000313344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2018-12-11 19:50 - 2018-11-08 11:58 - 002009600 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2018-12-11 19:50 - 2018-11-08 11:58 - 001889280 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2018-12-11 19:50 - 2018-11-08 11:43 - 001391104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2018-12-11 19:50 - 2018-11-08 11:43 - 001241088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2018-12-11 19:50 - 2018-11-05 23:36 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2018-12-11 19:50 - 2018-11-05 23:20 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2018-12-11 19:50 - 2018-10-06 11:03 - 000383720 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2018-12-11 19:50 - 2018-10-06 10:59 - 000151552 _____ (Microsoft Corporation) C:\Windows\system32\t2embed.dll
2018-12-11 19:50 - 2018-10-06 10:59 - 000041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2018-12-11 19:50 - 2018-10-06 10:58 - 000100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2018-12-11 19:50 - 2018-10-06 10:58 - 000046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2018-12-11 19:50 - 2018-10-06 10:58 - 000014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2018-12-11 19:50 - 2018-10-06 10:50 - 000309480 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2018-12-11 19:50 - 2018-10-06 10:44 - 000111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\t2embed.dll
2018-12-11 19:50 - 2018-10-06 10:44 - 000025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2018-12-11 19:50 - 2018-10-06 10:43 - 000071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2018-12-11 19:50 - 2018-10-06 10:43 - 000010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2018-12-11 19:50 - 2018-10-06 10:16 - 000034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2018-12-11 19:49 - 2018-11-08 11:58 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2018-12-11 19:49 - 2018-11-08 11:58 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2018-12-11 19:49 - 2018-11-08 11:43 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2018-12-11 19:49 - 2018-11-08 11:43 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2018-12-11 07:37 - 2018-12-11 07:37 - 000183578 _____ C:\Users\beatcat\Downloads\em relocayion.pdf
2018-12-10 15:49 - 2018-12-10 15:49 - 003393120 _____ C:\Users\beatcat\Downloads\McClendon to realase to Law Students in Court 1 0f 2.pdf
2018-12-10 15:44 - 2018-12-10 15:44 - 003527157 _____ C:\Users\beatcat\Downloads\McClendon to realase to Law Students in Court 2 0f 2.pdf
2018-12-07 12:07 - 2018-12-07 12:07 - 000026488 _____ C:\Users\beatcat\Documents\SECTION 8 HOUSING 22.odt
2018-12-07 12:02 - 2018-12-07 12:02 - 000031093 _____ C:\Users\beatcat\Documents\catholic girl and two nuns.odt
2018-12-07 08:13 - 2018-12-07 08:13 - 000023290 _____ C:\Users\beatcat\Documents\dec 2018 letter to postmaster.odt
2018-12-07 08:12 - 2018-12-07 08:12 - 000026286 _____ C:\Users\beatcat\Documents\DEc 2018 pro se motion to dismiss.odt
2018-12-07 08:05 - 2018-12-07 08:05 - 000029724 _____ C:\Users\beatcat\Documents\letter to Aunt Gerry Dec 2018.odt
2018-12-06 19:41 - 2018-12-06 19:41 - 000018365 _____ C:\Users\beatcat\Desktop\Wills NH page one.pdf
2018-12-03 22:49 - 2018-12-03 22:49 - 000000031 _____ C:\Users\beatcat\Documents\Mom medicare number.txt

evanandrew3333 · #35 March 2nd, 2019, 03:18 PM

==================== Three months (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-03-02 08:55 - 2011-01-27 01:03 - 000000000 ____D C:\ProgramData\Temp
2019-03-02 08:31 - 2011-01-27 00:53 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2019-03-02 03:25 - 2009-07-13 23:45 - 000015792 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2019-03-02 03:25 - 2009-07-13 23:45 - 000015792 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2019-03-01 20:39 - 2018-10-21 10:42 - 000000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2019-03-01 20:39 - 2009-07-14 00:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2019-02-28 21:24 - 2011-04-03 06:45 - 000000000 ____D C:\Program Files (x86)\Steam
2019-02-28 20:37 - 2011-05-06 10:12 - 000000000 ____D C:\Windows\Minidump
2019-02-28 20:35 - 2012-03-10 08:24 - 000336125 ____N C:\Windows\Minidump\022819-146625-01.dmp
2019-02-28 07:32 - 2012-03-10 08:24 - 000287045 ____N C:\Windows\Minidump\022819-20748-01.dmp
2019-02-26 09:13 - 2014-12-07 09:01 - 000000000 ____D C:\ProgramData\Package Cache
2019-02-25 12:57 - 2012-03-10 08:24 - 000287101 ____N C:\Windows\Minidump\022519-277510-01.dmp
2019-02-25 04:26 - 2018-06-08 20:08 - 000002186 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-02-25 04:26 - 2018-06-08 20:08 - 000002145 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2019-02-25 01:18 - 2013-03-20 08:40 - 000000000 ____D C:\Users\countzeppelin
2019-02-25 01:18 - 2009-07-13 22:20 - 000000000 ____D C:\Windows\registration
2019-02-25 01:18 - 2009-07-13 22:20 - 000000000 ____D C:\Windows\inf
2019-02-24 22:43 - 2017-12-14 22:50 - 000002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2019-02-24 22:21 - 2011-04-02 10:34 - 000000000 ____D C:\Users\beatcat
2019-02-24 16:02 - 2011-04-03 06:05 - 000000000 ____D C:\Users\beatcat\AppData\Local\CrashDumps
2019-02-19 23:41 - 2011-04-11 11:43 - 000000000 ____D C:\Users\beatcat\AppData\Local\ElevatedDiagnostics
2019-02-17 08:43 - 2016-11-16 10:20 - 000000000 ____D C:\Users\beatcat\AppData\LocalLow\Mozilla
2019-02-16 12:49 - 2017-12-13 07:34 - 000000000 ____D C:\Program Files\Malwarebytes
2019-02-14 17:05 - 2017-12-13 10:35 - 000000000 ____D C:\Windows\rescache
2019-02-14 08:01 - 2009-07-14 00:13 - 000796812 _____ C:\Windows\system32\PerfStringBackup.INI
2019-02-14 07:54 - 2009-07-13 23:45 - 000367456 _____ C:\Windows\system32\FNTCACHE.DAT
2019-02-13 23:05 - 2011-04-03 03:54 - 000788934 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2019-02-13 22:58 - 2013-07-22 02:01 - 000000000 ____D C:\Windows\system32\MRT
2019-02-13 22:51 - 2011-04-13 18:55 - 129330784 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2019-02-13 22:09 - 2012-03-10 08:24 - 000330237 ____N C:\Windows\Minidump\021319-32651-01.dmp
2019-02-13 21:00 - 2015-01-07 06:00 - 000004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2019-02-12 13:59 - 2018-03-13 20:59 - 000004464 _____ C:\Windows\System32\Tasks\Adobe Flash Player NPAPI Notifier
2019-02-12 13:59 - 2012-04-30 11:04 - 000842240 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2019-02-12 13:59 - 2012-04-30 11:04 - 000004312 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2019-02-12 13:59 - 2012-02-04 18:18 - 000000000 ____D C:\Windows\system32\Macromed
2019-02-12 13:59 - 2011-05-16 19:50 - 000175104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2019-02-11 05:07 - 2012-03-10 08:24 - 000287045 ____N C:\Windows\Minidump\021119-94162-01.dmp
2019-02-10 19:48 - 2011-04-06 16:00 - 000000000 ____D C:\Users\beatcat\Documents\My Games
2019-02-10 19:17 - 2016-02-03 14:56 - 000000000 ____D C:\Users\beatcat\AppData\Roaming\Microsoft\Windows \Start Menu\Programs\Steam
2019-02-09 12:44 - 2012-03-10 08:24 - 000287045 ____N C:\Windows\Minidump\020919-91510-01.dmp
2019-02-09 11:30 - 2011-08-16 08:23 - 000000000 ____D C:\Users\beatcat\AppData\Roaming\Audacity
2019-02-09 10:32 - 2011-04-07 09:39 - 000000000 ____D C:\Users\beatcat\AppData\Roaming\Skype
2019-02-09 10:27 - 2011-04-07 09:38 - 000000000 ____D C:\ProgramData\Skype
2019-02-09 03:11 - 2012-08-27 09:09 - 000000000 ____D C:\ProgramData\McAfee
2019-02-06 18:32 - 2012-05-03 17:55 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2019-02-06 10:11 - 2009-07-13 22:20 - 000000000 ____D C:\Windows\system32\NDF
2019-02-06 10:01 - 2016-12-25 15:08 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2019-02-06 10:01 - 2012-05-03 17:55 - 000000000 ____D C:\ProgramData\Mozilla
2019-02-06 08:44 - 2011-01-27 01:03 - 000000000 ____D C:\Program Files (x86)\Hp
2019-02-06 08:43 - 2010-06-14 21:07 - 000000000 ____D C:\swsetup
2019-02-06 07:49 - 2011-01-27 00:54 - 000000000 ____D C:\ProgramData\Hewlett-Packard
2019-02-05 10:55 - 2013-02-23 11:22 - 000000000 ____D C:\Users\beatcat\Desktop\Pics of Evan full Rez
2019-02-05 10:43 - 2011-04-02 10:34 - 000000000 ____D C:\Users\beatcat\AppData\Local\Hewlett-Packard
2019-02-05 09:08 - 2009-07-13 22:20 - 000000000 ____D C:\Windows\Help
2019-02-05 08:31 - 2011-01-27 00:53 - 000000000 ____D C:\Program Files (x86)\Hewlett-Packard
2019-02-05 08:29 - 2011-01-27 00:54 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2019-02-04 13:44 - 2011-08-03 20:50 - 000000000 ____D C:\Program Files\CCleaner
2019-01-31 08:12 - 2011-08-03 20:59 - 000000000 ____D C:\Windows\pss

evanandrew3333 · #36 March 2nd, 2019, 03:18 PM

==================== Files in the root of some directories =======

2011-04-03 00:06 - 2006-01-20 14:43 - 000193024 ____R () C:\Program Files (x86)\binkw32.dll
2011-04-03 00:06 - 2006-01-20 15:00 - 000139264 ____R (Creative Technology Ltd) C:\Program Files (x86)\eax.dll
2011-04-03 00:06 - 2006-01-20 15:00 - 000061440 ____R (Creative Labs) C:\Program Files (x86)\EaxAc3.dll
2011-04-03 00:06 - 2006-01-20 15:00 - 000150528 ____R (Sony Computer Entertainment Inc.) C:\Program Files (x86)\encvag.dll
2011-04-03 00:06 - 2006-01-20 15:00 - 000161280 ____R (Firelight Technologies Pty, Ltd) C:\Program Files (x86)\fmod.dll
2011-04-03 00:06 - 2006-01-20 15:00 - 000429568 ____R (Firelight Technologies Pty, Ltd) C:\Program Files (x86)\fmod64.dll
2011-04-03 00:06 - 2006-01-20 15:00 - 000010101 ____R () C:\Program Files (x86)\HumanMotion.mss
2011-04-03 00:06 - 2006-01-20 15:00 - 000047602 ____R () C:\Program Files (x86)\ike.sdf
2012-06-25 08:50 - 2012-06-25 08:50 - 000001121 _____ () C:\Program Files (x86)\InstLog.txt
2011-04-03 00:06 - 2006-01-20 15:00 - 001047552 ____R (Microsoft Corporation) C:\Program Files (x86)\MFC71u.dll
2011-04-03 00:06 - 2006-01-20 15:00 - 000499712 ____R (Microsoft Corporation) C:\Program Files (x86)\msvcp71.dll
2011-04-03 00:06 - 2006-01-20 15:00 - 000348160 ____R (Microsoft Corporation) C:\Program Files (x86)\msvcr71.dll
2011-04-03 00:06 - 2006-01-19 03:06 - 001259520 ____R () C:\Program Files (x86)\NED Guide.doc
2011-04-03 00:06 - 2006-01-19 04:26 - 014618624 _____ (Red Storm Entertainment) C:\Program Files (x86)\NedPC.exe
2011-04-03 00:06 - 2006-01-20 18:58 - 000254938 _____ (UbiSoft) C:\Program Files (x86)\protect.dll
2011-04-03 00:06 - 2006-01-20 15:00 - 000021562 ____R () C:\Program Files (x86)\r6logo.ico
2011-04-03 00:26 - 2006-01-20 15:00 - 000020622 ____R () C:\Program Files (x86)\readme.txt
2011-04-03 00:06 - 2006-01-20 19:00 - 000024000 _____ () C:\Program Files (x86)\resource0.dat
2011-04-03 00:06 - 2006-01-20 15:00 - 000022528 ____R (Microsoft Corporation) C:\Program Files (x86)\SHFOLDER.DLL
2011-04-03 00:06 - 2006-01-20 15:00 - 000159744 ____R (Ubisoft) C:\Program Files (x86)\UbiStats.dll
2011-08-14 14:33 - 2011-08-23 05:57 - 000001854 _____ () C:\Users\beatcat\AppData\Roaming\GhostObjGAFix.xml
2012-06-11 20:10 - 2019-01-25 01:27 - 000012800 _____ () C:\Users\beatcat\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2012-03-05 14:45 - 2012-03-05 14:45 - 000000095 _____ () C:\Users\beatcat\AppData\Local\fusioncache.dat
2019-03-01 05:35 - 2019-03-01 05:35 - 000007609 _____ () C:\Users\beatcat\AppData\Local\Resmon.ResmonCfg

evanandrew3333 · #37 March 2nd, 2019, 03:19 PM

Some files in TEMP:
====================
2019-03-01 11:04 - 2019-03-01 11:04 - 001240456 _____ (BlueStack Systems Inc.) C:\Users\beatcat\AppData\Local\Temp\BlueStacksExec utable.exe
2019-03-01 11:05 - 2019-02-12 02:21 - 001160712 _____ (BlueStack Systems, Inc.) C:\Users\beatcat\AppData\Local\Temp\BlueStacksUnin staller.exe
2019-03-01 11:05 - 2019-02-12 02:22 - 001042952 _____ (BlueStack Systems, Inc.) C:\Users\beatcat\AppData\Local\Temp\HD-Common.dll
2019-03-01 11:05 - 2019-01-29 06:48 - 000421344 _____ (CodeTitans) C:\Users\beatcat\AppData\Local\Temp\JSon.dll

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\dllhost.exe => File is digitally signed
C:\Windows\SysWOW64\dllhost.exe => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

==================== BCD ================================

Windows Boot Manager
--------------------
identifier {bootmgr}
device partition=\Device\HarddiskVolume1
description Windows Boot Manager
locale en-US
inherit {globalsettings}
extendedinput Yes
default {current}
resumeobject {5312aa06-7887-11de-b1db-001321be213f}
displayorder {current}
toolsdisplayorder {memdiag}
timeout 30
customactions 0x1000085000001
0x5400000f
custom:5400000f {9a56d4f0-5d3d-11e0-9091-78acc0ab88c9}

Windows Boot Loader
-------------------
identifier {current}
device partition=C:
path \Windows\system32\winload.exe
description Windows 7
locale en-US
inherit {bootloadersettings}
recoverysequence {9a56d4f0-5d3d-11e0-9091-78acc0ab88c9}
recoveryenabled Yes
osdevice partition=C:
systemroot \Windows
resumeobject {5312aa06-7887-11de-b1db-001321be213f}
nx OptIn

Windows Boot Loader
-------------------
identifier {9a56d4f0-5d3d-11e0-9091-78acc0ab88c9}
device ramdisk=[D:]\Recovery\WindowsRE\Winre.wim,{9a56d4f1-5d3d-11e0-9091-78acc0ab88c9}
path \windows\system32\winload.exe
description Windows Recovery Environment
inherit {bootloadersettings}
osdevice ramdisk=[D:]\Recovery\WindowsRE\Winre.wim,{9a56d4f1-5d3d-11e0-9091-78acc0ab88c9}
systemroot \windows
nx OptIn
winpe Yes

Resume from Hibernate
---------------------
identifier {5312aa06-7887-11de-b1db-001321be213f}
device partition=C:
path \Windows\system32\winresume.exe
description Windows Resume Application
locale en-US
inherit {resumeloadersettings}
filedevice partition=C:
filepath \hiberfil.sys
debugoptionenabled No

Windows Memory Tester
---------------------
identifier {memdiag}
device partition=\Device\HarddiskVolume1
path \boot\memtest.exe
description Windows Memory Diagnostic
locale en-US
inherit {globalsettings}
badmemoryaccess Yes

EMS Settings
------------
identifier {emssettings}
bootems Yes

Debugger Settings
-----------------
identifier {dbgsettings}
debugtype Serial
debugport 1
baudrate 115200

RAM Defects
-----------
identifier {badmemory}

Global Settings
---------------
identifier {globalsettings}
inherit {dbgsettings}
{emssettings}
{badmemory}

Boot Loader Settings
--------------------
identifier {bootloadersettings}
inherit {globalsettings}
{hypervisorsettings}

Hypervisor Settings
-------------------
identifier {hypervisorsettings}
hypervisordebugtype Serial
hypervisordebugport 1
hypervisorbaudrate 115200

Resume Loader Settings
----------------------
identifier {resumeloadersettings}
inherit {globalsettings}

Device options
--------------
identifier {9a56d4f1-5d3d-11e0-9091-78acc0ab88c9}
description Ramdisk Options
ramdisksdidevice partition=D:
ramdisksdipath \Recovery\WindowsRE\boot.sdi

LastRegBack: 2019-02-22 17:45

==================== End of FRST.txt ============================

evanandrew3333 · #38 March 2nd, 2019, 03:20 PM

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 01.03.2019
Ran by beatcat (02-03-2019 08:56:02)
Running from C:\Users\beatcat\Downloads
Windows 7 Home Premium Service Pack 1 (X64) (2011-04-02 15:34:01)
Boot Mode: Normal
================================================== ========

==================== Accounts: =============================

Administrator (S-1-5-21-1214944576-273379327-1179527443-500 - Administrator - Disabled)
ASPNET (S-1-5-21-1214944576-273379327-1179527443-1008 - Limited - Enabled)
beatcat (S-1-5-21-1214944576-273379327-1179527443-1000 - Administrator - Enabled) => C:\Users\beatcat
countzeppelin (S-1-5-21-1214944576-273379327-1179527443-1010 - Administrator - Enabled) => C:\Users\countzeppelin
Guest (S-1-5-21-1214944576-273379327-1179527443-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1214944576-273379327-1179527443-1002 - Limited - Enabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Microsoft Security Essentials (Disabled - Up to date) {71A27EC9-3DA6-45FC-60A7-004F623C6189}
AS: Spybot - Search and Destroy (Enabled - Out of date) {4C1D9672-63FE-5C90-371E-8FDA591C5B75}
AS: Microsoft Security Essentials (Disabled - Up to date) {CAC39F2D-1B9C-4A72-5A17-3B3D19BB2B34}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

1400 (HKLM-x32\...\{22DD005D-0EF1-4E3E-92F8-49D89E31479A}) (Version: 130.0.365.000 - Hewlett-Packard) Hidden
1400_Help (HKLM-x32\...\{6FBE200D-1F00-40B7-BF48-FEB265AADE94}) (Version: 82.0.242.000 - Hewlett-Packard) Hidden
1400Trb (HKLM-x32\...\{6A3C2391-BCE2-4D28-A336-73B953B4502F}) (Version: 82.0.242.000 - Hewlett-Packard) Hidden
4K Video Downloader 4.4 (HKLM\...\{62C59C21-F5F5-41A1-B575-DE37FEAA285B}) (Version: 4.4.11.2412 - Open Media LLC)
64 Bit HP CIO Components Installer (HKLM\...\{FF21C3E6-97FD-474F-9518-8DCBE94C2854}) (Version: 7.2.8 - Hewlett-Packard) Hidden
Adblock Plus for IE (32-bit and 64-bit) (HKLM\...\{F6FCA281-09CC-4753-990C-937B93A52C94}) (Version: 1.6 - Eyeo GmbH)
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 19.010.20098 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.4.0.2540 - Adobe Systems Incorporated)
Adobe Flash Player 32 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 32.0.0.142 - Adobe Systems Incorporated)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.142 - Adobe Systems Incorporated)
Agatha Christie - Peril at End House (HKLM-x32\...\WT089362) (Version: 2.2.0.95 - WildTangent) Hidden
AIO_CDB_ProductContext (HKLM-x32\...\{E7112940-5F8E-4918-B9FE-251F2F8DC81F}) (Version: 130.0.365.000 - Hewlett-Packard) Hidden
AIO_CDB_Software (HKLM-x32\...\{9F6B13E2-B93F-4203-9BD4-5DC18C9F9DEB}) (Version: 130.0.365.000 - Hewlett-Packard) Hidden
AIO_Scan (HKLM-x32\...\{104066F4-5897-4067-85D3-4C88B67CCF75}) (Version: 130.0.421.000 - Hewlett-Packard) Hidden
alien_crossfire (HKLM\...\{fa451eea-8a73-486b-9ea0-9628c2c2c3ad}.sdb) (Version: - )
alpha_centauri (HKLM\...\{fe81cd48-2ed2-4e7d-886c-b65767350095}.sdb) (Version: - )
AMD Install Manager (HKLM\...\AMD Catalyst Install Manager) (Version: 9.0.000.4 - Advanced Micro Devices, Inc.)
AnyDVD (HKLM-x32\...\AnyDVD) (Version: 7.1.6.0 - SlySoft)
Apple Application Support (32-bit) (HKLM-x32\...\{308F2F8C-9D33-4B22-8A6C-D9C13DBEF8C6}) (Version: 7.0.2 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{0CB84A7D-9697-4526-A819-60FB050E8F05}) (Version: 7.0.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{77F8C879-88CD-4145-945A-541C35285285}) (Version: 12.0.0.1039 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{A30EA700-5515-48F0-88B0-9E99DC356B88}) (Version: 2.6.0.1 - Apple Inc.)
Application Profiles (HKLM-x32\...\{EA374A45-BF30-0849-7A00-BD8A0BC8CE3E}) (Version: 2.0.4504.34814 - Advanced Micro Devices, Inc.)
Ashampoo Burning Studio FREE (HKLM-x32\...\{91B33C97-91F8-FFB3-581B-BC952C901685}_is1) (Version: 1.14.5 - Ashampoo GmbH & Co. KG)
ATI AVIVO64 Codecs (HKLM\...\{6A7F7056-14E1-D8E4-0B87-BC3F18EAC8AC}) (Version: 11.6.0.10627 - ATI Technologies Inc.) Hidden
Audacity 2.3.0 (HKLM-x32\...\Audacity_is1) (Version: 2.3.0 - Audacity Team)
Bejeweled 2 Deluxe (HKLM-x32\...\WT087428) (Version: 2.2.0.95 - WildTangent) Hidden
Big Fish: Game Manager (HKLM-x32\...\BFGC) (Version: 3.2.0.7 - )
Bing Rewards Client Installer (HKLM-x32\...\{61EDBE71-5D3E-4AB7-AD95-E53FEAF68C17}) (Version: 16.0.345.0 - Microsoft Corporation) Hidden
Blackhawk Striker 2 (HKLM-x32\...\WT087328) (Version: 2.2.0.95 - WildTangent) Hidden
Blasterball 3 (HKLM-x32\...\WT089308) (Version: 2.2.0.95 - WildTangent) Hidden
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Bounce Symphony (HKLM-x32\...\WT087330) (Version: 2.2.0.95 - WildTangent) Hidden
BufferChm (HKLM-x32\...\{2EEA7AA4-C203-4b90-A34F-19FB7EF1C81C}) (Version: 130.0.331.000 - Hewlett-Packard) Hidden
Build-a-lot 2 (HKLM-x32\...\WT087335) (Version: 2.2.0.95 - WildTangent) Hidden
Cake Mania (HKLM-x32\...\WT089359) (Version: 2.2.0.95 - WildTangent) Hidden
calibre (HKLM-x32\...\{DF1CF60D-3193-4602-970E-8B0D776D0E31}) (Version: 3.33.1 - Kovid Goyal)
Call To Power 2 (HKLM-x32\...\Call To Power 2_is1) (Version: - GOG.com)
CCleaner (HKLM\...\CCleaner) (Version: 5.47 - Piriform)
Chuzzle Deluxe (HKLM-x32\...\WT087453) (Version: 2.2.0.95 - WildTangent) Hidden
Cisco Connect (HKLM-x32\...\Cisco Connect) (Version: 1.4.11299.0 - Cisco Consumer Products LLC)
Civilization III (HKLM-x32\...\{0AD84416-63A4-4CF3-BDDF-8FA866711FB0}) (Version: - )
CloneDVD2 (HKLM-x32\...\CloneDVD2) (Version: 2.9.3.0 - Elaborate Bytes)
Company of Heroes - FAKEMSI (HKLM-x32\...\{14574B7F-75D1-4718-B7F2-EBF6E2862A35}) (Version: 2.0.0.0 - THQ Inc.) Hidden
Company of Heroes - FAKEMSI (HKLM-x32\...\{199E6632-EB28-4F73-AECB-3E192EB92D18}) (Version: 2.0.0.0 - THQ Inc.) Hidden
Company of Heroes - FAKEMSI (HKLM-x32\...\{25724802-CC14-4B90-9F3B-3D6955EE27B1}) (Version: 2.0.0.0 - THQ Inc.) Hidden
Company of Heroes - FAKEMSI (HKLM-x32\...\{32C4A4EB-C97D-414E-99C5-38F8DFD31D5D}) (Version: 2.0.0.0 - THQ Inc.) Hidden
Company of Heroes - FAKEMSI (HKLM-x32\...\{50193078-F553-4EBA-AA77-64C9FAA12F98}) (Version: 2.0.0.0 - THQ Inc.) Hidden
Company of Heroes - FAKEMSI (HKLM-x32\...\{51D718D1-DA81-4FAD-919F-5C1CE3C33379}) (Version: 2.0.0.0 - THQ Inc.) Hidden
Company of Heroes - FAKEMSI (HKLM-x32\...\{66F78C51-D108-4F0C-A93C-1CBE74CE338F}) (Version: 2.0.0.0 - THQ Inc.) Hidden
Company of Heroes - FAKEMSI (HKLM-x32\...\{7F4B1592-222F-4E5F-A100-E5AFD61A0BB3}) (Version: 2.0.0.0 - THQ Inc.) Hidden
Company of Heroes - FAKEMSI (HKLM-x32\...\{80D03817-7943-4839-8E96-B9F924C5E67D}) (Version: 2.0.0.0 - THQ Inc.) Hidden
Company of Heroes - FAKEMSI (HKLM-x32\...\{97E5205F-EA4F-438F-B211-F1846419F1C1}) (Version: 2.0.0.0 - THQ Inc.) Hidden
Company of Heroes - FAKEMSI (HKLM-x32\...\{99A7722D-9ACB-43F3-A222-ABC7133F159E}) (Version: 2.0.0.0 - THQ Inc.) Hidden
Company of Heroes - FAKEMSI (HKLM-x32\...\{BA801B94-C28D-46EE-B806-E1E021A3D519}) (Version: 2.0.0.0 - THQ Inc.) Hidden
Company of Heroes - FAKEMSI (HKLM-x32\...\{D4D244D1-05E0-4D24-86A2-B2433C435671}) (Version: 2.0.0.0 - THQ Inc.) Hidden
Company of Heroes - FAKEMSI (HKLM-x32\...\{EAF636A9-F664-4703-A659-85A894DA264F}) (Version: 2.0.0.0 - THQ Inc.) Hidden
Company of Heroes (HKLM-x32\...\Company of Heroes) (Version: 2.602.0 - THQ Inc.)
Copy (HKLM-x32\...\{3C92B2E6-380D-4fef-B4DF-4A3B4B669771}) (Version: 130.0.428.000 - Hewlett-Packard) Hidden
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Dawn of War - Dark Crusade (HKLM-x32\...\{FF39FC01-819B-42E4-AE49-1968AF12DDD4}) (Version: 1.00.0000 - THQ)
Dawn of War - Soulstorm (HKLM-x32\...\{20533183-D42D-4261-A125-956736FBEA8C}) (Version: 1.00.0000 - THQ)
Destinations (HKLM-x32\...\{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}) (Version: 130.0.0.0 - Hewlett-Packard) Hidden
DeviceDiscovery (HKLM-x32\...\{2FF8C687-DB7D-4adc-A5DC-57983EC25046}) (Version: 130.0.465.000 - Hewlett-Packard) Hidden
Diner Dash 2 Restaurant Rescue (HKLM-x32\...\WT087536) (Version: 2.2.0.95 - WildTangent) Hidden
Discord (HKU\S-1-5-21-1214944576-273379327-1179527443-1000\...\Discord) (Version: 0.0.304 - Discord Inc.)
Dora's World Adventure (HKLM-x32\...\WT087343) (Version: 2.2.0.95 - WildTangent) Hidden
Empire Earth - The Art of Conquest (HKLM-x32\...\{B49C924C-A651-4378-94F6-5D9BF44A959F}) (Version: - )
Empire Earth Gold Edition (HKLM-x32\...\Empire Earth Gold Edition_is1) (Version: - GOG.com)
Escape Rosecliff Island (HKLM-x32\...\WT087360) (Version: 2.2.0.95 - WildTangent) Hidden
Farm Frenzy (HKLM-x32\...\WT089328) (Version: 2.2.0.95 - WildTangent) Hidden
FATE (HKLM-x32\...\WT087361) (Version: 2.2.0.95 - WildTangent) Hidden
Fax (HKLM-x32\...\{440B915A-0C85-45DB-92AE-75AE14704A64}) (Version: 130.0.418.000 - Hewlett-Packard) Hidden
Final Drive Nitro (HKLM-x32\...\WT087362) (Version: 2.2.0.95 - WildTangent) Hidden
FLV Player (HKLM-x32\...\FLV Player2.0.25) (Version: 2.0.25 - Martijn de Visser Software)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 72.0.3626.119 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.23 - Google Inc.) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
GPBaseService2 (HKLM-x32\...\{63FF21C9-A810-464F-B60A-3111747B1A6D}) (Version: 130.0.371.000 - Hewlett-Packard) Hidden
Heroes of Hellas 2 - Olympia (HKLM-x32\...\WT087372) (Version: 2.2.0.95 - WildTangent) Hidden
HP Customer Participation Program 13.0 (HKLM\...\HPExtendedCapabilities) (Version: 13.0 - HP)
HP Deskjet 1510 series Basic Device Software (HKLM\...\{C9064E5C-D5AB-4EEB-86A6-50756901038A}) (Version: 32.0.1180.44630 - Hewlett-Packard Co.)
HP Deskjet 1510 series Help (HKLM-x32\...\{2E25FCEB-EFCB-4696-AA01-D3CBAC721831}) (Version: 30.0.0 - Hewlett Packard)
HP Imaging Device Functions 13.0 (HKLM\...\HP Imaging Device Functions) (Version: 13.0 - HP)
HP MediaSmart SmartMenu (HKLM\...\{A40F60B1-F1E1-452E-96A5-FF97F9A2D102}) (Version: 3.1.2.4 - Hewlett-Packard)
HP Odometer (HKLM-x32\...\{B8AC1A89-FFD1-4F97-8051-E505A160F562}) (Version: 2.10.0000 - Hewlett-Packard)
HP PC Hardware Diagnostics Windows (HKLM-x32\...\{F21290AC-4D41-4059-BD79-6557312662DE}) (Version: 1.5.5.0 - HP Inc.)
HP Photosmart Essential 3.5 (HKLM\...\HP Photosmart Essential) (Version: 3.5 - HP)
HP Photosmart Officejet and Deskjet All-In-One Driver Software 13.0 Rel. B (HKLM\...\{B61ED343-0B14-4241-999C-490CB1A20DA4}) (Version: 13.0 - HP)
HP Product Detection (HKLM-x32\...\{A436F67F-687E-4736-BD2B-537121A804CF}) (Version: 11.14.0001 - HP)
HP Setup (HKLM-x32\...\{53469506-A37E-4314-A9D9-38724EC23A75}) (Version: 8.4.4400.3525 - Hewlett-Packard Company)
HP Setup Manager (HKLM-x32\...\{AE856388-AFAD-4753-81DF-D96B19D0A17C}) (Version: 1.0.12844.3519 - Hewlett-Packard Company)
HP Smart Web Printing 4.51 (HKLM\...\HP Smart Web Printing) (Version: 4.51 - HP)
HP Solution Center 13.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 13.0 - HP)
HP Support Assistant (HKLM-x32\...\{1E14ACF0-1480-4467-A73D-67C4FD35A5F4}) (Version: 8.7.50.3 - HP Inc.)
HP Support Information (HKLM-x32\...\{7F2A11F4-EAE8-4325-83EC-E3E99F85169E}) (Version: 10.1.1000 - Hewlett-Packard)
HP Support Solutions Framework (HKLM-x32\...\{EBD077C6-0032-4309-AA04-C67836D717DA}) (Version: 12.10.49.21 - HP Inc.)
HP Touchpoint Analytics Client (HKLM\...\{E5FB98E0-0784-44F0-8CEC-95CD4690C43F}) (Version: 4.0.2.1439 - HP Inc.)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HP Vision Hardware Diagnostics (HKLM\...\{D79A02E9-6713-4335-9668-AAC7474C0C0E}) (Version: 2.1.6.0 - Hewlett-Packard)
HPDiagnosticAlert (HKLM-x32\...\{846B5DED-DC8C-4E1A-B5B4-9F5B39A0CACE}) (Version: 1.00.0000 - Microsoft) Hidden
HPPhotoGadget (HKLM-x32\...\{CAE4213F-F797-439D-BD9E-79B71D115BE3}) (Version: 130.0.282.000 - Hewlett-Packard) Hidden
HPPhotoSmartDiscLabelContent1 (HKLM-x32\...\{681B698F-C997-42C3-B184-B489C6CA24C9}) (Version: 2.04.0000 - Hewlett-Packard) Hidden
HPPhotosmartEssential (HKLM-x32\...\{D79113E7-274C-470B-BD46-01B10219DF6A}) (Version: 2.04.0000 - Hewlett-Packard) Hidden
HPProductAssistant (HKLM-x32\...\{C43326F5-F135-4551-8270-7F7ABA0462E1}) (Version: 130.0.371.000 - Hewlett-Packard) Hidden
IMVU Avatar Chat Software (HKU\S-1-5-21-1214944576-273379327-1179527443-1000\...\IMVU Avatar chat client software BETA) (Version: - )
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.35 - Irfan Skiljan)
iTunes (HKLM\...\{645877C4-2AB6-46B6-BD32-B251B0666F63}) (Version: 12.9.0.167 - Apple Inc.)
Java 8 Update 191 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180191F0}) (Version: 8.0.1910.12 - Oracle Corporation)
Jewel Quest Solitaire 2 (HKLM-x32\...\WT087379) (Version: 2.2.0.95 - WildTangent) Hidden
Junk Mail filter update (HKLM-x32\...\{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
LAME v3.98.3 for Audacity (HKLM-x32\...\LAME for Audacity_is1) (Version: - )
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version: - )
LAV Filters 0.73.1 (HKLM-x32\...\lavfilters_is1) (Version: 0.73.1 - Hendrik Leppkes)
MarketResearch (HKLM-x32\...\{175F0111-2968-4935-8F70-33108C6A4DE3}) (Version: 130.0.374.000 - Hewlett-Packard) Hidden
Media Player Codec Pack 4.5.2 (HKLM-x32\...\Media Player - Codec Pack) (Version: 4.5.2 - Media Player Codec Pack)
Microsoft .NET Framework 1.1 (HKLM-x32\...\{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}) (Version: 1.1.4322 - Microsoft)
Microsoft .NET Framework 4.7.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.03062 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation)
Microsoft IntelliPoint 8.2 (HKLM\...\Microsoft IntelliPoint 8.2) (Version: 8.20.468.0 - Microsoft Corporation)
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Click-to-Run 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Starter 2010 - English (HKLM-x32\...\{90140011-0066-0409-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.10.209.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Works 2001 Setup Launcher (HKLM-x32\...\Works2001Setup) (Version: - )
Microsoft Works 6.0 (HKLM-x32\...\{F8D0829C-9C6F-11D3-8080-00C04FA329AA}) (Version: 06.00.1829 - Microsoft Corporation)
Monopoly ® (HKLM-x32\...\BFG-Monopoly) (Version: - )
Mozilla Firefox 65.0 (x64 en-US) (HKLM\...\Mozilla Firefox 65.0 (x64 en-US)) (Version: 65.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 65.0.0.6963 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML4 Parser (HKLM-x32\...\{01501EBA-EC35-4F9F-8889-3BE346E5DA13}) (Version: 1.0.0 - Microsoft Game Studios)
Mystery P.I. - The London Caper (HKLM-x32\...\WT089299) (Version: 2.2.0.95 - WildTangent) Hidden
Network64 (HKLM\...\{05EFBF37-0E52-4579-875C-7EEF0DFB4FCB}) (Version: 130.0.572.000 - Hewlett-Packard) Hidden
NVIDIA PhysX (HKLM-x32\...\{DA909E62-3B45-4BA1-8B58-FCAEBA4BCEC9}) (Version: 9.12.0213 - NVIDIA Corporation)
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
OpenOffice 4.1.3 (HKLM-x32\...\{EEA30AEB-8BA7-465B-85D4-098BB99733E7}) (Version: 4.13.9783 - Apache Software Foundation)
PANZERS - Phase1 (HKLM-x32\...\PANZERS - Phase1) (Version: - )
Password Safe (HKLM-x32\...\Password Safe) (Version: - )
Penguins! (HKLM-x32\...\WT087394) (Version: 2.2.0.95 - WildTangent) Hidden
Plants vs. Zombies (HKLM-x32\...\WT087501) (Version: 2.2.0.95 - WildTangent) Hidden
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
PlayReady PC Runtime x86 (HKLM-x32\...\{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}) (Version: 1.3.0 - Microsoft Corporation)
Poker Superstars III (HKLM-x32\...\WT087395) (Version: 2.2.0.95 - WildTangent) Hidden
Polar Bowler (HKLM-x32\...\WT087396) (Version: 2.2.0.95 - WildTangent) Hidden
Polar Golfer (HKLM-x32\...\WT087397) (Version: 2.2.0.95 - WildTangent) Hidden
QuickTime 7 (HKLM-x32\...\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 - Apple Inc.)
Qwirkle (HKU\S-1-5-21-1214944576-273379327-1179527443-1000\...\488f01a1f6d3252d) (Version: 1.0.0.6 - Microsoft)
Ralink RT2860 Wireless LAN Card (HKLM-x32\...\{8FC4F1DD-F7FD-4766-804D-3C8FF1D309B0}) (Version: - Ralink)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6196 - Realtek Semiconductor Corp.)
Recovery Manager (HKLM-x32\...\{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}) (Version: 5.5.3219 - CyberLink Corp.) Hidden
Red Baron Pack (HKLM-x32\...\Red Baron Pack_is1) (Version: - GOG.com)
Risk (HKLM-x32\...\Risk) (Version: - )
Rogue Spear (HKLM-x32\...\Rogue Spear) (Version: - )
Scan (HKLM-x32\...\{0F367CA3-3B2F-43F9-A44A-25A8EE69E45D}) (Version: 13.0.0.0 - Hewlett-Packard) Hidden
Secret Weapons Over Normandy (HKLM-x32\...\{A1981877-5B9F-4001-A070-A05DD352EA23}) (Version: 1.0 - )
SecuROM Diagnostic Tool (HKLM-x32\...\SecuROM Diagnostic Tool) (Version: - Sony DADC Austria)
Shattered Union (HKLM-x32\...\{5BAC798E-FA02-4251-B850-FF37E1FA7CC4}) (Version: 0.0.2 - )
Sid Meier's Alpha Centauri (HKLM-x32\...\GOGPACKSIDMEIERSALPHACENTAURI_is1) (Version: 2.0.2.23 - GOG.com)
Sid Meier's Civilization 4 (HKLM-x32\...\{1CF028E5-705D-4B62-AC1D-A59593B7C0BB}) (Version: 1.74 - Firaxis Games)
Skype Click to Call (HKLM-x32\...\{873F8E7C-10E6-449F-BD7E-5FBA7C8E1C9B}) (Version: 8.5.0.9167 - Microsoft Corporation)
Skype version 8.38 (HKLM-x32\...\Skype_is1) (Version: 8.38 - Skype Technologies S.A.)
SmartWebPrinting (HKLM-x32\...\{DC635845-46D3-404B-BCB1-FC4A91091AFA}) (Version: 130.0.457.000 - Hewlett-Packard) Hidden
SolutionCenter (HKLM-x32\...\{4A70EF07-7F88-4434-BB61-D1DE8AE93DD4}) (Version: 130.0.373.000 - Hewlett-Packard) Hidden
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.7.64.0 - Safer-Networking Ltd.)
Status (HKLM-x32\...\{0EF5BEA9-B9D3-46d7-8958-FB69A0BAEACC}) (Version: 130.0.469.000 - Hewlett-Packard) Hidden
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Strategic Command - European Theater (HKLM-x32\...\Strategic Command - European Theater_is1) (Version: - GOG.com)
System Requirements Lab (HKLM-x32\...\{0C976EC5-842F-4313-B2AB-EDDBCCD3A222}) (Version: 4.5.1.0 - Husdawg, LLC)
System Requirements Lab (HKLM-x32\...\{FEE1F166-EAE4-4C4B-8988-D82521F9F63F}) (Version: 6.1.5.0 - Husdawg, LLC)
System Requirements Lab Detection (HKLM-x32\...\{12293F73-4E32-4288-8D0B-19332335984E}) (Version: 6.1.4.0 - Husdawg, LLC)
The Last Express (HKLM-x32\...\The Last Express_is1) (Version: - GOG.com)
Tom Clancy's Rainbow Six: Lockdown (HKLM-x32\...\{3BB33584-3860-4772-AEE9-D8E61F552896}) (Version: 1.00.000 - )
Toolbox (HKLM-x32\...\{6BBA26E9-AB03-4FE7-831A-3535584CA002}) (Version: 130.0.648.000 - Hewlett-Packard) Hidden
TrayApp (HKLM-x32\...\{1EC71BFB-01A3-4239-B6AF-B1AE656B15C0}) (Version: 130.0.422.000 - Hewlett-Packard) Hidden
UE4 Prerequisites (x64) (HKLM\...\{36EAD5CF-44EF-4FCF-8BE1-D96C4835D7A4}) (Version: 1.0.11.0 - Epic Games, Inc.) Hidden
UE4 Prerequisites (x64) (HKLM-x32\...\{2890ae6b-90e9-448d-b3e6-97e43c21e2fd}) (Version: 1.0.13.0 - Epic Games, Inc.) Hidden
UnloadSupport (HKLM-x32\...\{4E7C28C7-D5DA-4E9F-A1CA-60490B54AE35}) (Version: 11.0.0 - Hewlett-Packard) Hidden
Uplay (HKLM-x32\...\Uplay) (Version: 45.0 - Ubisoft)
VASSAL (3.1.15) (HKLM-x32\...\VASSAL (3.1.15)) (Version: 3.1.15 - vassalengine.org)
VC80CRTRedist - 8.0.50727.6195 (HKLM-x32\...\{933B4015-4618-4716-A828-5289FC03165F}) (Version: 1.2.0 - DivX, Inc) Hidden
Virtual Families (HKLM-x32\...\WT087414) (Version: 2.2.0.95 - WildTangent) Hidden
Virtual Villagers 4 - The Tree of Life (HKLM-x32\...\WT089307) (Version: 2.2.0.95 - WildTangent) Hidden
Visual Studio 2008 x64 Redistributables (HKLM-x32\...\{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}) (Version: 10.0.0.2 - AVG Technologies)
Visual Studio 2010 x64 Redistributables (HKLM\...\{21B133D6-5979-47F0-BE1C-F6A6B304693F}) (Version: 13.0.0.1 - AVG Technologies)
WebReg (HKLM-x32\...\{43CDF946-F5D9-4292-B006-BA0D92013021}) (Version: 130.0.132.017 - Hewlett-Packard) Hidden
Wheel of Fortune 2 (HKLM-x32\...\WT087415) (Version: 2.2.0.95 - WildTangent) Hidden
Windows 7 Codec Pack 4.0.2 (HKLM-x32\...\Windows 7 - Codec Pack) (Version: 4.0.2 - Windows 7 Codec Pack)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3502.0922 - Microsoft Corporation)
Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
Works Suite OS Pack (HKLM-x32\...\{FAF7F1D7-C0E7-47EA-8AAA-84E4F9EA3C94}) (Version: 1.0.0.0000 - Microsoft Corporation) Hidden
Works Synchronization (HKLM-x32\...\{BD3DCAB0-3FE5-44FB-90DA-EFB0A2CD1387}) (Version: 1.0.0.0000 - Your Company Name) Hidden
Xvid Video Codec (HKLM-x32\...\Xvid Video Codec 1.3.1) (Version: 1.3.2 - Xvid Team)
Zinio Reader 4 (HKLM-x32\...\{465210C4-595A-BD80-44E8-E0457D9D8432}) (Version: 4.0.3184 - Zinio LLC) Hidden
Zinio Reader 4 (HKLM-x32\...\ZinioReader4.9310D8F796442B71068C511E15D70 529A702D19D.1) (Version: 4.0.3184 - Zinio LLC)
ZOMBI (HKLM-x32\...\Uplay Install 1653) (Version: - Ubisoft)
Zuma Deluxe (HKLM-x32\...\WT087533) (Version: 2.2.0.95 - WildTangent) Hidden

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers1: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => c:\Program Files\Microsoft Security Client\shellext.dll [2016-11-14] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [SDECon32] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2018-03-23] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
ContextMenuHandlers1: [SDECon64] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2018-03-23] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
ContextMenuHandlers2: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => c:\Program Files\Microsoft Security Client\shellext.dll [2016-11-14] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers4: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => c:\Program Files\Microsoft Security Client\shellext.dll [2016-11-14] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiacm64.dll [2013-04-29] (Advanced Micro Devices, Inc.) [File not signed]
ContextMenuHandlers6: [SDECon32] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2018-03-23] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
ContextMenuHandlers6: [SDECon64] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2018-03-23] (Safer-Networking Ltd. -> Safer-Networking Ltd.)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0206FF3D-1FEC-48D3-8706-14D75348ABCC} - System32\Tasks\{66549709-8D6C-4320-9CA9-EAF7ED712276} => C:\Program Files (x86)\Infogrames Interactive\Civilization III\Civilization3.exe () [File not signed]
Task: {027281B0-2ECE-4061-B2E5-E3143AA81234} - System32\Tasks\{51B14561-6308-498D-88C4-F4AB30381AF2} => C:\Windows\system32\pcalua.exe -a C:\Windows\IsUninst.exe -c -fj:\Uninst.isu
Task: {089CF36E-5BB0-4D18-A400-FEB1F7361E69} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe (Safer-Networking Ltd. -> Safer-Networking Ltd.)
Task: {09A8D55C-0678-4ECE-87D3-00D1B89FE7FB} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChec ker.exe (HP Inc. -> HP Inc.)
Task: {106B0910-8851-4A37-96DE-8D1DA8FD49F2} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe (HP Inc. -> HP Inc.)
Task: {172C99CE-CA08-445F-9D31-07AAD793BF83} - System32\Tasks\{3EE8A097-6C03-428F-A090-32FD775CD9A6} => C:\Windows\system32\pcalua.exe -a C:\Users\beatcat\AppData\Local\Temp\Temp1_CompanyO fHeroesOpposingFronts_English_ddmf.zip\Setup.exe <==== ATTENTION
Task: {1836F492-CBDE-422C-B8ED-255FA0408F5B} - System32\Tasks\{14B6D0F1-7E11-4089-96B2-B3E521E0B09D} => C:\Windows\system32\pcalua.exe -a C:\Windows\system32\pcwrun.exe -c "C:\Program Files (x86)\OpenOffice.org 3\program\swriter.exe"
Task: {235368E9-8232-4B27-84AD-82E9160501BC} - System32\Tasks\{9EA92A84-4D09-4600-9CC6-6EE013467AD9} => "c:\program files (x86)\mozilla firefox\firefox.exe" hxxp://ui.skype.com/ui/0/6.9.59.106/en/abandoninstall?page=tsProgressBar
Task: {23EBF1B4-6B28-4D54-9F98-C38E872E698F} - System32\Tasks\{253ED6CA-3391-4CF4-B25E-0BDCEA868CDB} => C:\Users\beatcat\Downloads\CompanyOfHeroesOpposing Fronts_English_ddmf\Setup.exe (THQ Canada Inc. -> THQ Canada Inc.)
Task: {25E401E2-9053-4A0D-8DF8-FC03225CABD5} - System32\Tasks\{A4E4FE33-F67E-4F1A-B15C-238CE364A82F} => C:\Program Files (x86)\GOG.com\Call To Power 2\ctp2_program\ctp\ctp2.exe (Activision Studios) [File not signed]
Task: {289847DE-3FBE-4007-B8D6-A14B21079F71} - System32\Tasks\{1E899B66-2DAE-4E8C-895B-C3B4C8E836B8} => C:\Program Files (x86)\Infogrames Interactive\Civilization III\Civilization3.exe () [File not signed]
Task: {2B393A15-6232-4D23-96CE-DBB066219266} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChec ker.exe (HP Inc. -> HP Inc.)
Task: {2B8F3CE4-6634-4AB1-ABE1-D13CB7866D32} - System32\Tasks\{5285099F-618D-4B19-BF41-FEDBD7CEE566} => C:\Program Files (x86)\Lionhead Studios Ltd\Black & White\runblack.exe
Task: {2FF9A6BB-FDDC-4216-A596-90929D039014} - System32\Tasks\{8AC73B83-AD96-496D-B513-5A35D14A0E8C} => C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe
Task: {31BA9934-9323-4B34-8E3A-5B6282DB073A} - System32\Tasks\{0A3F988D-72AE-474B-B004-DE16E0C2F35E} => C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\InstallShield Installation Information\{1CF028E5-705D-4B62-AC1D-A59593B7C0BB}\setup.exe" -c -runfromtemp -l0x0009 -removeonly
Task: {31D5CB65-F6FA-464D-9427-A7AE733F14AF} - System32\Tasks\{F60A6E15-39F5-49B2-8DB4-3608CC9427A1} => "c:\program files (x86)\mozilla firefox\firefox.exe" hxxp://ui.skype.com/ui/0/4.2.0.166.272/en/abandoninstall?page=tsMain&installinfo=google-toolbar:notoffered;notincluded,google-chrome:notoffered;notincluded
Task: {32D9BCC2-76F5-49E7-841B-274EB132DBAA} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
Task: {33F8044D-7044-4DAC-A8C9-8F7800A072B2} - System32\Tasks\{B6CDCF5B-711F-4F7B-870C-ADDA6C2ABD25} => C:\Program Files (x86)\Infogrames Interactive\Civilization III\Civilization3.exe () [File not signed]
Task: {375BFBC0-4D92-4E95-ADAD-F1F3BD6A739C} - System32\Tasks\{879EA77C-2346-4B96-AED2-37A47B399648} => C:\Users\beatcat\Desktop\Empire Earth\Empire Earth.exe
Task: {38899EB9-CC63-4357-AD2D-89ECCEDDB481} - System32\Tasks\{7096A575-91EA-42F0-AA12-D95BD3106F3D} => C:\Program Files (x86)\GOG.com\Imperial Glory\ImperialGlory.exe
Task: {3E07C23B-745F-4222-8191-12C627908C39} - System32\Tasks\{AB09A2C9-5818-468B-8854-276A3D9D2C98} => C:\Windows\system32\pcalua.exe -a C:\Users\beatcat\AppData\Local\Temp\Temp1_Qwirklev 1.0.0.5.zip\Qwirkle\setup.exe <==== ATTENTION
Task: {4C6D0C92-BAC1-4C84-829C-C92A7AB875F4} - System32\Tasks\{ADF537E3-EB3B-4A5C-8F58-C02B56E634C4} => C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\Hotspot Shield\bin\HssInstaller.exe" -d "C:\Program Files (x86)\Hotspot Shield\bin"
Task: {4E58F9E3-C31A-48E2-BB90-49779B2CCC71} - System32\Tasks\{3466BAA0-F1A7-4B37-8820-5EA850A4E331} => C:\Windows\system32\pcalua.exe -a C:\Users\beatcat\Downloads\OOo_3.3.0_Win_x86_insta ll-wJRE_en-US.exe -d "C:\Program Files (x86)\Mozilla Firefox"
Task: {4F4855E8-87A9-41BB-AF2F-B8EB733AF9A7} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe (HP Inc. -> HP Inc.)
Task: {53C21EAF-C1F9-4660-A9B2-F1EECE4B1849} - System32\Tasks\{BB0D19D5-20A8-4950-8BF3-3FFE45226911} => C:\Program Files (x86)\Infogrames Interactive\Civilization III\Civilization3.exe () [File not signed]
Task: {545109F5-28CD-4BFB-9854-8D0AB76344D1} - System32\Tasks\{B4125462-8D93-4BFF-B4D3-FF0F01D51AA0} => C:\Windows\system32\pcalua.exe -a C:\Users\beatcat\Desktop\ShaDOW\ShadowWatch.part00 1.exe -d C:\Users\beatcat\Desktop\ShaDOW
Task: {5579BB68-91F7-4F63-8BF6-75662D3E65A7} - System32\Tasks\Microsoft_Hardware_Launch_IPoint_ex e => C:\Program Files\Microsoft IntelliPoint\IPoint.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {56677CAE-57DD-441A-8A3A-2D4CB3A1182C} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe (Safer-Networking Ltd. -> Safer-Networking Ltd.)
Task: {56B3E583-4E7A-451C-8B7B-66037D7607D3} - System32\Tasks\AMD Updater => C:\Program Files\AMD\CIM\\Bin64\InstallManagerApp.exe (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {58DA8E8D-39E7-423A-98EE-517BC8DE93AA} - System32\Tasks\{9F820062-9560-46CF-9CBB-3513314B42AE} => C:\Program Files (x86)\Lionhead Studios Ltd\Black & White\runblack.exe
Task: {59AD55CC-EFD9-4C66-B0D2-C7D8D49D730C} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-1214944576-273379327-1179527443-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe
Task: {5AE58F61-A0F6-460F-A3DB-4B2514D5688B} - System32\Tasks\{02DA4EFE-81CF-446D-99E9-D9F4E69F2248} => "c:\program files (x86)\mozilla firefox\firefox.exe" hxxp://ui.skype.com/ui/0/4.2.0.166.272/en/abandoninstall?page=tsMain&installinfo=google-toolbar:notoffered;notincluded,google-chrome:notoffered;notincluded
Task: {5FC4881D-E74D-48C8-A91D-ABD8DF4D6C0D} - System32\Tasks\{EA4E8199-02C1-4958-A737-66149FD75B98} => C:\Users\beatcat\Desktop\Games\ctp2.exe
Task: {631C4D71-5B4F-4D59-BECB-35866405F689} - System32\Tasks\{1015304F-15AB-46F7-BCD2-39E06527BBB3} => C:\Windows\system32\pcalua.exe -a C:\PROGRA~2\PANZER~1\UNINST~1\UNWISE.EXE -c C:\PROGRA~2\PANZER~1\UNINST~1\INSTALL.LOG
Task: {63E35B80-C5A7-4E75-9C84-C14A351D0BC5} - System32\Tasks\{264BDF28-2708-458F-84D3-A9C0C6A65CC8} => C:\Program Files (x86)\Lionhead Studios Ltd\Black & White\runblack.exe
Task: {670EC6BE-65AB-49A8-8D20-AF3877BCF453} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe (Safer-Networking Ltd. -> Safer-Networking Ltd.)
Task: {68602AF9-DF51-410C-AC86-4E8C1081492E} - System32\Tasks\{5157BE18-CCB2-47DF-82FD-72BBA84DB500} => C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\Download Manager\uninst.exe"
Task: {6A7788D7-2D60-4A8E-8C75-D9A93DB39746} - System32\Tasks\{F446373B-191C-4D28-AC47-F6498DC31237} => C:\Program Files (x86)\Microsoft Games\Rise Of Legends\legends.exe
Task: {6AD810DE-821C-4493-AE06-841D916754CA} - System32\Tasks\Microsoft\Windows\MemDiag => C:\Windows\system32\mdres.exe (Microsoft Windows -> Microsoft Corporation)
Task: {6C086654-11B1-4D2A-8B01-4B6CED2A7F49} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.ex e (HP Inc. -> HP Inc.)
Task: {6C58ECF9-5D86-4B58-AF2E-E2632F10EA36} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.)
Task: {6F959CA6-A1CE-4981-9D2F-CA412CDCF83C} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpda teService.exe (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {73D89E1C-A2CE-4079-80F8-B845B1565C0F} - System32\Tasks\{2723C127-C9D3-403E-8D39-9E8E4883369B} => "c:\program files (x86)\mozilla firefox\firefox.exe" hxxp://ui.skype.com/ui/0/4.2.0.166.272/en/abandoninstall?page=tsMain&installinfo=google-toolbar:notoffered;notincluded,google-chrome:notoffered;notincluded
Task: {7504DF0F-E41D-4D42-90B1-4B1CDDDDE6F5} - System32\Tasks\{E44D51D3-F8A1-468E-B088-C4F170F09EBC} => C:\Users\beatcat\Desktop\Empire Earth\Empire Earth.exe
Task: {77E7BE06-98B9-4D02-9484-95BD3B8E6B9F} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Task: {7A37D85B-D375-4115-AA49-072233CA068D} - System32\Tasks\{ECC6DABF-C911-43CE-9516-731575A7CEF2} => C:\Users\beatcat\Desktop\Games\ctp2.exe
Task: {7B22466A-01C0-44A4-B41C-62E4ABF67991} - System32\Tasks\{0F4A0B0E-AF18-4DC7-B66B-10EF612A1BA3} => C:\Program Files (x86)\GOG.com\IL-2 Sturmovik 1946\il2fb.exe
Task: {7F9E7DC9-2DA9-472B-8311-01F98BC05768} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater – Install HPSA => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe (HP Inc. -> HP Inc.)
Task: {7FB2A62A-9CCC-4EB8-A5A4-3A1A4DB51858} - System32\Tasks\{1C7B8792-97AB-4A39-86A3-F298FF0750DA} => C:\Users\beatcat\Desktop\Games\ctp2.exe
Task: {81589346-F564-4535-AA71-5537A76E44B3} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Opt-in For HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF_Utils.exe (HP Inc. -> HP Inc.)
Task: {81F5C930-0D85-43A6-8390-87015582D477} - System32\Tasks\{31A81E03-E45A-4DC7-A027-5A9D634FA0C7} => C:\Windows\system32\pcalua.exe -a C:\Users\beatcat\Downloads\Civilization4_ddsetup\s etup.exe -d C:\Users\beatcat\Downloads\Civilization4_ddsetup
Task: {8D831934-EC2D-4273-BCEC-0CFC02A5665E} - System32\Tasks\{9B51CAFD-936C-402E-B0C0-F93C217F2C16} => C:\Windows\system32\pcalua.exe -a E:\setup.exe -d E:\
Task: {8E08EDF1-946C-4FE4-BAE3-01AAF13422F7} - System32\Tasks\{5706475C-D633-436E-9058-C34EEBE59A5E} => C:\Windows\system32\pcalua.exe -a "C:\Users\beatcat\Desktop\Games\DawnOfWar_Soulstor m_dd_setupclient\Dawn of War Soulstorm\setup.exe" -d "C:\Users\beatcat\Desktop\Games\DawnOfWar_Soulstor m_dd_setupclient\Dawn of War Soulstorm"
Task: {8E9C0CD1-E2AD-4F4F-8504-7CFEAEBC6EB9} - System32\Tasks\{4A7E56F5-ABDA-4079-8095-EBA7C0FD4EB9} => C:\Program Files (x86)\GOG.com\Call To Power 2\ctp2_program\ctp\ctp2.exe (Activision Studios) [File not signed]
Task: {8F19B137-E99F-4189-8F94-EF03C9E77AE2} - System32\Tasks\{17978592-1638-42A0-8D45-F4CD7935531D} => C:\Windows\system32\pcalua.exe -a E:\setup.exe -d E:\
Task: {8F54A0A8-8FE7-474D-BA6A-9DC2848DA4CE} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater - Resources => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe (HP Inc. -> HP Inc.)

evanandrew3333 · #39 March 2nd, 2019, 03:21 PM

Task: {931BFB6B-43B7-48FD-ABBD-BBE9F8E87B19} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-1214944576-273379327-1179527443-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe
Task: {98643E9A-3100-4C82-B8F2-2479E6D0CD79} - System32\Tasks\{D075CA06-AD03-4A8F-A6C2-80849C413FE7} => C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe
Task: {9926F9E7-085E-4357-8802-CFD443A58E87} - System32\Tasks\{C48EE6B2-B124-4668-99B3-32FE44C84236} => C:\Windows\system32\pcalua.exe -a E:\setup.exe -d E:\
Task: {9B2C4C46-85A6-4E37-9DDB-0C759EBB5DD2} - System32\Tasks\{22AB7CB5-E2D6-47FB-89CB-F7DD4645C3D0} => C:\Program Files (x86)\Infogrames Interactive\Civilization III\Civilization3.exe () [File not signed]
Task: {9C8C785D-6236-4CFB-8C1F-672EDA75AB3F} - System32\Tasks\{5E551F7B-6C63-4A60-B16C-F7139979B0FC} => C:\Program Files (x86)\GOG.com\Imperial Glory\ImperialGlory.exe
Task: {9D3D9A68-16EE-40B4-9F69-1962FCF5C974} - System32\Tasks\{1853B9A2-B520-42EA-8540-8D11FBD4550A} => C:\Windows\system32\pcalua.exe -a C:\Users\beatcat\Downloads\JavaSetup6u30.exe -d C:\Windows\system32
Task: {9EDCA184-073F-4723-962F-9E4944A17DDE} - System32\Tasks\{C6B2519B-FD6F-42D0-9921-BBD29210F098} => C:\Windows\system32\pcalua.exe -a C:\Users\beatcat\Downloads\CompanyOfHeroesOpposing Fronts_English_ddmf\Setup.exe -d C:\Users\beatcat\Downloads\CompanyOfHeroesOpposing Fronts_English_ddmf
Task: {A5E30CFD-D984-4449-B5B7-8D4BD44F21B4} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_ 0_0_142_Plugin.exe (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {A9544911-6457-4023-B0ED-B6C3914E8B6D} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe (AVAST Software s.r.o. -> AVAST Software)
Task: {AA1C1554-4C46-476B-B90B-D77EA92EA72A} - System32\Tasks\{294337F2-906B-49FB-BE87-B9BEA7AE8D74} => C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\InstallShield Installation Information\{5BAC798E-FA02-4251-B850-FF37E1FA7CC4}\setup.exe" -d "C:\Program Files (x86)\InstallShield Installation Information\{5BAC798E-FA02-4251-B850-FF37E1FA7CC4}"
Task: {ABA1791F-492F-42F5-832B-936BAC84D4B3} - System32\Tasks\{08F30E53-59FB-4B06-AF7D-3F1755874511} => C:\Windows\system32\pcalua.exe -a C:\Users\beatcat\Downloads\Civ4v161.exe -d C:\Windows\system32
Task: {AC350091-875E-43F4-A72A-ED4D524E3840} - System32\Tasks\{7DAECC71-F0B4-4F66-A8A7-92D755D560EB} => C:\Users\beatcat\Desktop\Games\ctp2.exe
Task: {ADF8B210-75CF-40FC-AD30-3BF4B5783353} - System32\Tasks\{62B6BB08-9DF6-430C-AB6F-B3AFE449E9AB} => C:\Program Files (x86)\Infogrames Interactive\Civilization III\Civilization3.exe () [File not signed]
Task: {B3B041B6-A0B3-4858-AF1C-B2AA02DCEB24} - System32\Tasks\{EFAC76D2-CBD2-48F2-BFDE-B69355B790EE} => C:\Users\beatcat\Downloads\CompanyOfHeroesOpposing Fronts_English_ddmf\Setup.exe (THQ Canada Inc. -> THQ Canada Inc.)
Task: {B592A8D6-D56B-4A6C-ACC6-A9227447A38B} - System32\Tasks\{6D50D271-AF03-416C-AA26-D3F45DAACD03} => C:\Program Files (x86)\PANZERS - Phase2\Run\Panzers_Phase_2.exe
Task: {B6619EE6-852A-4B31-B142-09AA3886E15E} - System32\Tasks\{7FCEF96A-C000-4D67-B40E-CD8B35DED455} => C:\Windows\system32\pcalua.exe -a C:\Users\beatcat\Downloads\GameRangerSetup(1).exe -d "C:\Program Files (x86)\Mozilla Firefox"
Task: {B8B5ECE2-D5AE-48A2-A694-CED2EDA5394E} - System32\Tasks\{0CF645FF-1AF6-4E05-B815-C4F159C80A58} => C:\Windows\system32\pcalua.exe -a "C:\Users\beatcat\Desktop\Company of Heroes- Tales of Valor\Setup.exe" -d "C:\Users\beatcat\Desktop\Company of Heroes- Tales of Valor"
Task: {BB9E20F0-A4AA-41C4-93E6-22FE76FA8465} - System32\Tasks\{D1F4CF87-99D5-471F-8B1B-AD48ECCE7BC6} => C:\Users\beatcat\Desktop\Games\ctp2.exe
Task: {BD1244CA-E1AA-4CDF-A9C1-9AB3153AE5D3} - System32\Tasks\{6D45DF5E-380D-4A7D-8F59-DE34CB67E7B2} => C:\Program Files (x86)\GOG.com\IL-2 Sturmovik 1946\il2fb.exe
Task: {BDD55C4B-FEDC-4FE6-BA3C-DCCDC9F371AB} - System32\Tasks\{55DF7917-9717-4224-AF45-87F86A5949DC} => C:\Windows\system32\pcalua.exe -a E:\Setup.exe -d E:\
Task: {BE9D874F-8DAE-4F23-A13C-5FA812D28553} - System32\Tasks\{36E76C9C-33D6-441C-9B14-305A6A21995A} => C:\Program Files (x86)\Microsoft Games\Rise Of Legends\legends.exe
Task: {C080811C-87FA-4A92-B746-3BDE1729A281} - System32\Tasks\{227D324E-ADD9-4714-89F6-44D9A524B6B9} => C:\Program Files (x86)\GOG.com\Imperial Glory\ImperialGlory.exe
Task: {C0D237EB-E8F8-4C0F-BBE2-70B5137EB121} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => c:\Program Files\Microsoft Security Client\\MpCmdRun.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {C2D5B192-8DED-4F5D-838D-5A50DE0FD58C} - System32\Tasks\{40009517-DF8E-4047-80DC-F8C35193DCFF} => C:\Windows\system32\pcalua.exe -a E:\setup.exe -d E:\
Task: {C3A9DC12-0C55-4371-A150-4CBF3C8C9C9B} - System32\Tasks\{C0806817-6357-4165-9292-6F63F70C8D05} => C:\Windows\system32\pcalua.exe -a "J:\Program Files\AnyDVD more trouble\AnyDVD\ExecuteWithUAC.exe" -d "J:\Program Files\AnyDVD more trouble\AnyDVD"
Task: {C76447E4-E159-47BC-A44F-44BE8426FB4A} - System32\Tasks\{DB5719FF-E3BC-49B6-92F8-CDA3CDEF5F0D} => C:\Users\beatcat\Desktop\Empire Earth\Empire Earth.exe
Task: {C92A0933-951C-4418-859E-C95EAF0341EC} - System32\Tasks\{2D8A58DF-350F-4D4C-8656-FBF49D348B07} => C:\Windows\system32\pcalua.exe -a E:\Setup.exe -d E:\
Task: {D202BBC3-6F96-451B-A61A-C6572478EAE4} - System32\Tasks\{5418C855-C725-4C78-9D32-8F51277B5898} => E:\SETUP\ENGLISH\SETUP.EXE
Task: {D5453437-9C88-4A37-AA9F-A0936351E9F4} - System32\Tasks\{F70334A4-7013-4D99-8A12-573A82B222D1} => C:\Program Files (x86)\Infogrames Interactive\Civilization III\Civilization3.exe () [File not signed]
Task: {D7718B91-ABA1-474C-8C7A-CB33448B8E0F} - System32\Tasks\{71410954-DF81-41DE-8716-9E7932A6F958} => C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\Steam\steam.exe" -c steam://uninstall/15230
Task: {D8A93CB9-8B03-4BE9-880F-3DE4F1A494A2} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe (HP Inc. -> HP Inc.)
Task: {DDC3F84E-F745-46E9-9A16-BF13ED7E8D85} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe (Piriform Ltd -> Piriform Ltd)
Task: {E0B7446A-3013-40FE-A6BF-70B368315BBE} - System32\Tasks\{5AAE3448-273D-46A6-A153-9CA366B348F0} => C:\Windows\system32\pcalua.exe -a C:\Users\beatcat\Downloads\GameRangerSetup(2).exe -d "C:\Program Files (x86)\Mozilla Firefox"
Task: {E0F5AC29-D2A8-4E47-AAAE-486C96D99E22} - System32\Tasks\HPCeeScheduleForbeatcat => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe (HP Inc. -> HP Inc.)
Task: {E12BADB3-5E12-4158-A214-6BD18CD6C24F} - System32\Tasks\{75C58183-7560-4756-B2C1-915BD9EAC739} => C:\Windows\system32\pcalua.exe -a C:\Users\beatcat\Downloads\Xvid-1.2.1-04122008(1).exe -d "C:\Program Files (x86)\Mozilla Firefox"
Task: {E1708AC4-E23A-4B6C-B336-E57FF56E6CA8} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.)
Task: {E2BE4015-97F8-46F1-87DA-80EAE1461857} - System32\Tasks\{2ECBE3DE-547E-4D77-BAA9-C34825E45C9E} => C:\Program Files (x86)\Microsoft Games\Rise Of Legends\legends.exe
Task: {E32079F9-8603-4B2B-8ACC-435EF18D06B8} - System32\Tasks\{A8896C4F-726B-4373-ACAA-CEC30076B462} => E:\SETUP\ENGLISH\SETUP.EXE
Task: {E3F4A74B-83F8-4744-9BFD-08B4AB5FACE6} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe (HP Inc. -> HP Inc.)
Task: {E4BB2CF1-D570-4E1B-8430-43BE662C1505} - System32\Tasks\{20BB2548-64D3-4C51-8FEB-87205A54ACE4} => C:\Program Files (x86)\Infogrames Interactive\Civilization III\Civilization3.exe () [File not signed]
Task: {E9EEE5D6-69AA-44F4-8588-A1C0E13F2A57} - System32\Tasks\{1A2A40F3-0775-4C08-8BAD-FB525B06CB4A} => C:\Users\beatcat\Downloads\CompanyOfHeroesOpposing Fronts_English_ddmf\Setup.exe (THQ Canada Inc. -> THQ Canada Inc.)
Task: {EEDAE7BB-909E-4702-B14C-035F61ACD0FF} - System32\Tasks\{7DEC482E-5A65-4F83-BC3D-DE9DBD4E2D94} => C:\Program Files (x86)\Microsoft Games\Rise Of Legends\legends.exe
Task: {EEF94BB0-E476-4E42-A281-411997F591CC} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe (HP Inc. -> HP Inc.)
Task: {EFE6AF4D-BCE2-4F5E-8FFF-51D49AB8E546} - System32\Tasks\{B69F8BA5-E10B-4BA9-9CF2-1D0350CD0222} => "c:\program files (x86)\mozilla firefox\firefox.exe" hxxp://ui.skype.com/ui/0/4.2.0.166.272/en/abandoninstall?page=tsMain&installinfo=google-toolbar:notoffered;notincluded,google-chrome:notoffered;notincluded
Task: {F61B920E-C4A3-4853-AF97-B3BC5C669F82} - System32\Tasks\{B8D753B3-1B82-4CA4-B541-F30C28572291} => C:\Program Files (x86)\Infogrames Interactive\Civilization III\Civilization3.exe () [File not signed]
Task: {FCA5CE8F-7865-488A-B9A6-38D0CEF45C78} - System32\Tasks\{06B2CA6E-D09A-40C3-B278-31D59B50850A} => C:\Program Files (x86)\Microsoft Games\Rise Of Legends\legends.exe
Task: {FD6FABCB-CBAE-4D7B-8FEE-A075C4CF8D95} - System32\Tasks\{88C91B33-B1C2-478C-A1CC-119AA5222976} => C:\Users\beatcat\Desktop\Games\Company of Heroes- Tales of Valor\Autorun.exe (THQ Canada Inc. -> THQ Canada Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\HPCeeScheduleForbeatcat.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

==================== Loaded Modules (Whitelisted) ==============

2010-08-06 10:15 - 2010-08-06 10:15 - 000071680 _____ (Hewlett-Packard) [File not signed] c:\windows\system32\hpzinw12.dll
2010-08-06 10:15 - 2010-08-06 10:15 - 000089600 _____ (Hewlett-Packard) [File not signed] c:\windows\system32\hpzipm12.dll
2012-09-18 12:15 - 2012-09-18 12:15 - 008525728 ____H (Error3: CryptCATAdminCalcHashFromFileHandle failed to return cbHash, #2 -> Electronic Arts, Inc.) [File not signed] C:\Program Files (x86)\Monopoly\monopolywin.exe
2009-09-20 11:24 - 2009-09-20 11:24 - 000133120 _____ (Hewlett-Packard Co.) [File not signed] c:\program files (x86)\hp\digital imaging\bin\hpqddsvc.dll
2009-09-20 11:24 - 2009-09-20 11:24 - 000213504 _____ (Hewlett-Packard Co.) [File not signed] c:\program files (x86)\hp\digital imaging\bin\hpqddcmn.dll
2009-09-20 11:36 - 2009-09-20 11:36 - 000249344 _____ (Hewlett-Packard Co.) [File not signed] c:\program files (x86)\hp\digital imaging\bin\hpqcxs08.dll
2014-01-08 11:00 - 2012-09-13 19:05 - 000138752 _____ () [File not signed] C:\Program Files (x86)\Monopoly\libpng15.dll
2014-01-08 11:00 - 2012-09-13 19:05 - 000075264 _____ (Zlib) [File not signed] C:\Program Files (x86)\Monopoly\zlib1.dll
2014-01-08 11:00 - 2012-09-13 19:05 - 000032768 _____ () [File not signed] C:\Program Files (x86)\Monopoly\alut.dll
2014-01-08 11:00 - 2012-09-13 19:05 - 000029184 _____ () [File not signed] C:\Program Files (x86)\Monopoly\libvorbisfile.dll
2014-01-08 11:00 - 2012-09-13 19:05 - 000017920 _____ () [File not signed] C:\Program Files (x86)\Monopoly\libogg.dll
2014-01-08 11:00 - 2012-09-13 19:05 - 001624576 _____ () [File not signed] C:\Program Files (x86)\Monopoly\libvorbis.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\Temp:2CB9631F [134]
AlternateDataStreams: C:\ProgramData\Temp:6764D965 [460]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Min imal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Net work\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com
IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com
IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com
IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com
IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com
IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com
IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com
IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com

There are 7942 more sites.

IE restricted site: HKU\S-1-5-21-1214944576-273379327-1179527443-1000\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-1214944576-273379327-1179527443-1000\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-1214944576-273379327-1179527443-1000\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-1214944576-273379327-1179527443-1000\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-1214944576-273379327-1179527443-1000\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-1214944576-273379327-1179527443-1000\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-1214944576-273379327-1179527443-1000\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-1214944576-273379327-1179527443-1000\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-1214944576-273379327-1179527443-1000\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-1214944576-273379327-1179527443-1000\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-1214944576-273379327-1179527443-1000\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-1214944576-273379327-1179527443-1000\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-1214944576-273379327-1179527443-1000\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-1214944576-273379327-1179527443-1000\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-1214944576-273379327-1179527443-1000\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-1214944576-273379327-1179527443-1000\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-1214944576-273379327-1179527443-1000\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-1214944576-273379327-1179527443-1000\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-1214944576-273379327-1179527443-1000\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-1214944576-273379327-1179527443-1000\...\123simsen.com -> www.123simsen.com

There are 7942 more sites.

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 21:34 - 2018-10-21 11:16 - 000454816 ____R C:\Windows\system32\drivers\etc\hosts

127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 1000gratisproben.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com
127.0.0.1 www.100sexlinks.com
127.0.0.1 100sexlinks.com
127.0.0.1 10sek.com
127.0.0.1 www.10sek.com
127.0.0.1 www.1-2005-search.com
127.0.0.1 1-2005-search.com
127.0.0.1 123fporn.info
127.0.0.1 www.123fporn.info
127.0.0.1 123haustiereundmehr.com
127.0.0.1 www.123haustiereundmehr.com
127.0.0.1 123moviedownload.com
127.0.0.1 www.123moviedownload.com

There are 15609 more lines.

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path: C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\ProgramData\Oracle\J ava\javapath;C:\Program Files (x86)\AMD APP\bin\x86_64;C:\Program Files (x86)\AMD APP\bin\x86;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\Common Files\Microsoft Shared\Windows Live;C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live;%SystemRoot%\system32;%SystemRoot%;%SystemRoo t%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowe rShell\v1.0\;c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static;c:\Program Files (x86)\Common Files\Roxio Shared\DLLShared\;c:\Program Files (x86)\Common Files\Roxio Shared\12.0\DLLShared\;C:\Program Files (x86)\Windows Live\Shared;C:\Program Files (x86)\QuickTime\QTSystem\;C:\Program Files (x86)\Calibre2\
HKU\S-1-5-21-1214944576-273379327-1179527443-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\beatcat\AppData\Roaming\Microsoft\Windows \Themes\TranscodedWallpaper.jpg
DNS Servers: 209.222.18.222 - 209.222.18.218
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Pol icies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.

MSCONFIG\Services: ACDaemon => 2
MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: AMD External Events Utility => 2
MSCONFIG\Services: AMD FUEL Service => 2
MSCONFIG\Services: Apple Mobile Device Service => 2
MSCONFIG\Services: Bonjour Service => 2
MSCONFIG\Services: bthserv => 2
MSCONFIG\Services: Fax => 3
MSCONFIG\Services: GalaxyCommunication => 3
MSCONFIG\Services: GameConsoleService => 3
MSCONFIG\Services: HPClientSvc => 2
MSCONFIG\Services: HPSLPSVC => 2
MSCONFIG\Services: HPSupportSolutionsFrameworkService => 2
MSCONFIG\Services: IDriverT => 3
MSCONFIG\Services: iPod Service => 3
MSCONFIG\Services: pdfcDispatcher => 2
MSCONFIG\Services: RoxioNow Service => 2
MSCONFIG\Services: SkypeUpdate => 2
MSCONFIG\Services: TabletInputService => 3
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^CodecPackTrayMenu.lnk => C:\Windows\pss\CodecPackTrayMenu.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk => C:\Windows\pss\HP Digital Imaging Monitor.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Microsoft Works Calendar Reminders.lnk => C:\Windows\pss\Microsoft Works Calendar Reminders.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Snapfish PictureMover.lnk => C:\Windows\pss\Snapfish PictureMover.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^beatcat^AppData^Roaming^Microsoft^Windows ^Start Menu^Programs^Startup^OpenOffice.org 3.3.lnk => C:\Windows\pss\OpenOffice.org 3.3.lnk.Startup
MSCONFIG\startupreg: AnyDVD => C:\Program Files (x86)\SlySoft\AnyDVD\AnyDVDtray.exe
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: ArcSoft Connection Service => C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
MSCONFIG\startupreg: CCleaner Smart Cleaning => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
MSCONFIG\startupreg: Codec Pack Update Checker => "C:\Windows\system32\Codecs\UpdateChecker.exe"
MSCONFIG\startupreg: Codec Settings UAC Manager => "C:\Windows\system32\Codecs\CodecUACManager.ex e"
MSCONFIG\startupreg: Comrade.exe => C:\Program Files (x86)\GameSpy\Comrade\Comrade.exe
MSCONFIG\startupreg: Discord => C:\Users\beatcat\AppData\Local\Discord\app-0.0.304\Discord.exe
MSCONFIG\startupreg: DivXUpdate => "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
MSCONFIG\startupreg: GOGDownloader => "C:\Users\beatcat\Documents\gogdownloader_0901376\ GOGDownloader.exe" /minimized
MSCONFIG\startupreg: HP Software Update => c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
MSCONFIG\startupreg: hpqSRMon => C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe
MSCONFIG\startupreg: hpsysdrv => c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe
MSCONFIG\startupreg: iCloudDrive => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
MSCONFIG\startupreg: igndlm.exe => C:\Program Files (x86)\Download Manager\DLM.exe /windowsstart /startifwork
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: Microsoft Works Portfolio => C:\Program Files (x86)\Microsoft Works\WksSb.exe /AllUsers
MSCONFIG\startupreg: Microsoft Works Update Detection => C:\Program Files (x86)\Microsoft Works\WkDetect.exe
MSCONFIG\startupreg: PDF Complete => C:\Program Files (x86)\PDF Complete\pdfsty.exe
MSCONFIG\startupreg: SDTray => "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /nosplash /minimized
MSCONFIG\startupreg: Skype for Desktop => C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
MSCONFIG\startupreg: SmartMenu => C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe /background
MSCONFIG\startupreg: snp2std => C:\Windows\vsnp2std.exe
MSCONFIG\startupreg: StartCCC => "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
MSCONFIG\startupreg: Steam => "C:\Program Files (x86)\Steam\Steam.exe" -silent
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: TkBellExe => "C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe" -osboot
MSCONFIG\startupreg: vProt => "C:\Program Files (x86)\AVG Secure Search\vprot.exe"
MSCONFIG\startupreg: WorksFUD => C:\Program Files (x86)\Microsoft Works\wkfud.exe
MSCONFIG\startupreg: Xvid => C:\Program Files (x86)\Xvid\CheckUpdate.exe

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{3B1A0EB0-0BE1-44D5-827B-8A812E7ABF55}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{8C81FF89-5A54-4F52-A8C0-BFC192E63DEB}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{C3CA126B-1BF3-4259-975D-EC04BEEDE89D}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{9DD09435-9489-49B7-A123-170C355456E1}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{5F425BFC-9B1E-453C-86CB-0D6F3A6D6D6A}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [{85EADD90-6157-4418-871A-EAA3276C603D}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [{E082A3C7-EB39-4813-9EE8-A043F27B3D4C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Ogre\Ogre.exe () [File not signed]
FirewallRules: [{5AC52F89-BFD8-4B3B-8FE9-2A91379C94AF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Ogre\Ogre.exe () [File not signed]
FirewallRules: [{29D31D65-7441-4FDF-9C8E-AAE61A9AECD5}] => (Allow) C:\Program Files\pia_manager\pia_manager.exe No File
FirewallRules: [{15AECC1F-74B4-4FB8-A14D-9ED0F59707B3}] => (Allow) C:\Program Files\pia_manager\pia_manager.exe No File
FirewallRules: [{74BFBCA3-1429-42AD-BE0F-BF663709C735}] => (Allow) C:\Program Files\pia_manager\pia_manager.exe No File
FirewallRules: [{68B2EBF1-DDCC-449C-8A80-5853D39AA595}] => (Allow) C:\Program Files\pia_manager\pia_manager.exe No File
FirewallRules: [{B7A95BAB-6480-4FD2-95ED-EF5ADA72ED3F}] => (Allow) C:\Program Files (x86)\Apowersoft\Apowersoft Free Screen Recorder\Apowersoft Free Screen Recorder.exe No File
FirewallRules: [{8DF47870-117A-4DDD-ADAF-11A17E0E3C81}] => (Allow) C:\Program Files (x86)\Apowersoft\Apowersoft Free Screen Recorder\Apowersoft Free Screen Recorder.exe No File
FirewallRules: [TCP Query User{6EBD9521-ED82-4D80-A883-2DAA8B8FB7D5}C:\program files\itunes\itunes.exe] => (Block) C:\program files\itunes\itunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [UDP Query User{B7376F44-6E20-45AF-AB59-457704035BBF}C:\program files\itunes\itunes.exe] => (Block) C:\program files\itunes\itunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{F20DD5AE-E6C9-4FC5-8F49-18A4CCD6C525}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{F2D18ED8-D5EF-44D0-B116-2734D0E78231}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{AC4545FB-B44D-4854-B680-8A3B5E3618E4}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{1347BB47-0B9C-486D-A3B1-1A8E7A0A527E}] => (Allow) C:\Program Files\iTunes\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{5FD114F2-D6EF-4715-B200-E18BE36AA220}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{02AB7049-B922-492D-BDF9-0F221FDE0694}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{AF03FED6-2163-45D9-A2D6-62D56FC16C0E}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe No File
FirewallRules: [{ADAD7637-E182-412E-9CE9-12576C22C19E}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe No File
FirewallRules: [TCP Query User{63114C7A-C437-440F-BEBB-58E386B6151E}C:\program files (x86)\steam\steamapps\common\company of heroes\relicdownloader\relicdownloader.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\company of heroes\relicdownloader\relicdownloader.exe (THQ Canada Inc.) [File not signed]
FirewallRules: [UDP Query User{3A582666-12D6-4E6A-82E9-B4981273BBFC}C:\program files (x86)\steam\steamapps\common\company of heroes\relicdownloader\relicdownloader.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\company of heroes\relicdownloader\relicdownloader.exe (THQ Canada Inc.) [File not signed]
FirewallRules: [{9352A71D-B0E9-41B9-B2AC-3FD26EA7A764}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\company of heroes\RelicCOH.exe (THQ Canada Inc. -> THQ Canada Inc.)
FirewallRules: [{0E1F4F55-2FA6-4042-97F4-5F1391DC4BA8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\company of heroes\RelicCOH.exe (THQ Canada Inc. -> THQ Canada Inc.)
FirewallRules: [{54103766-1CCF-463F-8C4F-7F5CA47DCB46}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Fallout 3 goty\FalloutLauncher.exe (Bethesda Softworks) [File not signed]
FirewallRules: [{5C09489C-FD22-496B-B613-016FA234FDBF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Fallout 3 goty\FalloutLauncher.exe (Bethesda Softworks) [File not signed]
FirewallRules: [{939F0445-1284-477E-B01C-A66AC7A7F783}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dawn of War Soulstorm\Soulstorm.exe (Relic Entertainment, Inc. -> Sega Corporation)
FirewallRules: [{8764215F-9D0B-4AF4-9E17-7A2754221495}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dawn of War Soulstorm\Soulstorm.exe (Relic Entertainment, Inc. -> Sega Corporation)
FirewallRules: [{E3547861-2332-4F1D-92A8-43932B2ADD4A}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe No File
FirewallRules: [{CA66F132-36A9-4634-9320-50C77AB0F762}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{6582149F-C93D-412D-8BAD-4B15E57E5313}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{A926A5B3-F822-4FE2-8984-10839B80AC93}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Men of War Assault Squad 2\mowas_2.exe (Digitalmindsoft) [File not signed]
FirewallRules: [{8F8D7659-F2CD-4F82-A785-13411860A3C1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Men of War Assault Squad 2\mowas_2.exe (Digitalmindsoft) [File not signed]
FirewallRules: [{80A93997-E474-48BF-9C02-D6784AF40718}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Men of War Assault Squad 2\mowas_2_ed.exe (Digitalmindsoft) [File not signed]
FirewallRules: [{8AACAE9F-E470-43D2-A7B1-D66ABA58248D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Men of War Assault Squad 2\mowas_2_ed.exe (Digitalmindsoft) [File not signed]
FirewallRules: [{5337273C-CE64-4AD1-BAAF-20A216D8744E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Men of War Assault Squad\mow_assault_squad.exe (Digitalmindsoft) [File not signed]
FirewallRules: [{3DC898BA-5668-4D71-842F-EC20C497E816}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Men of War Assault Squad\mow_assault_squad.exe (Digitalmindsoft) [File not signed]
FirewallRules: [{31AB5CBA-A855-4FC5-AF29-2ECAC395A81E}] => (Allow) C:\Program Files\BlueStacks\HD-Player.exe No File
FirewallRules: [{00EB342C-ECC5-4834-867D-D13583F359CB}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google Inc.)
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service

==================== Restore Points =========================

23-02-2019 14:58:59 Windows Update
24-02-2019 22:37:31 Windows Update
28-02-2019 05:56:01 Windows Update

==================== Faulty Device Manager Devices =============

Name: X5XSEx_Pr143
Description: X5XSEx_Pr143
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: X5XSEx_Pr143
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

==================== Event log errors: =========================

Application errors:
==================
Error: (03/01/2019 05:08:45 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program SDScan.exe version 2.7.64.191 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 1bf4

Start Time: 01d4cfefd067afbe

Termination Time: 190

Application Path: C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe

Report Id:

Error: (02/28/2019 08:32:04 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program IEXPLORE.EXE version 11.0.9600.19267 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 19c

Start Time: 01d4cf6231f5039d

Termination Time: 54

Application Path: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

Report Id:

Error: (02/24/2019 04:49:37 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program IEXPLORE.EXE version 11.0.9600.19267 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 1c8c

Start Time: 01d4cc8aa903c4f4

Termination Time: 6

Application Path: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

Report Id:

Error: (02/24/2019 04:02:04 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: IEXPLORE.EXE, version: 11.0.9600.19267, time stamp: 0x5c4b95a4
Faulting module name: KERNELBASE.dll, version: 6.1.7601.24354, time stamp: 0x5c356365
Exception code: 0xc0000005
Fault offset: 0x0003612f
Faulting process id: 0xf68
Faulting application start time: 0x01d4cc4624a25ece
Faulting application path: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
Faulting module path: C:\Windows\syswow64\KERNELBASE.dll
Report Id: 6f69a267-3877-11e9-a0b0-78acc0ab88c9

Error: (02/19/2019 10:42:28 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program IEXPLORE.EXE version 11.0.9600.19267 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 1900

Start Time: 01d4c8cd48abab4d

Termination Time: 80

Application Path: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

Report Id:

Error: (02/19/2019 09:24:42 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: AdblockPlusEngine.exe, version: 1.6.0.0, time stamp: 0x586bc0f5
Faulting module name: AdblockPlusEngine.exe, version: 1.6.0.0, time stamp: 0x586bc0f5
Exception code: 0x40000015
Fault offset: 0x00000000002cbaee
Faulting process id: 0x660
Faulting application start time: 0x01d4c8bd0b3644ec
Faulting application path: C:\Program Files\Adblock Plus for IE\AdblockPlusEngine.exe
Faulting module path: C:\Program Files\Adblock Plus for IE\AdblockPlusEngine.exe
Report Id: ad9c5b38-34b6-11e9-96c4-78acc0ab88c9

Error: (02/18/2019 07:59:21 AM) (Source: HPSupportSolutionsFrameworkService) (EventID: 0) (User: )
Description: Service cannot be started. The service process could not connect to the service controller

Error: (02/17/2019 04:40:41 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program IEXPLORE.EXE version 11.0.9600.19267 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 111c

Start Time: 01d4c6cb0e3a06c0

Termination Time: 4500

Application Path: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

Report Id:

System errors:
=============
Error: (03/01/2019 08:39:47 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The X5XSEx_Pr143 service failed to start due to the following error:
The system cannot find the path specified.

Error: (03/01/2019 08:39:41 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Spybot-S&D 2 Scanner Service service failed to start due to the following error:
The service did not respond to the start or control request in a timely fashion.

Error: (03/01/2019 08:39:41 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Spybot-S&D 2 Scanner Service service to connect.

Error: (03/01/2019 08:39:10 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The AODDriver4.1 service failed to start due to the following error:
The system cannot find the file specified.

Error: (03/01/2019 08:39:05 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 8:37:44 PM on ‎3/‎1/‎2019 was unexpected.

Error: (03/01/2019 12:06:50 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The X5XSEx_Pr143 service failed to start due to the following error:
The system cannot find the path specified.

Error: (03/01/2019 12:06:48 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Spybot-S&D 2 Scanner Service service failed to start due to the following error:
The service did not respond to the start or control request in a timely fashion.

Error: (03/01/2019 12:06:48 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Spybot-S&D 2 Scanner Service service to connect.

Windows Defender:
===================================
Date: 2016-01-14 14:25:06.926
Description:
Windows Defender has detected spyware or other potentially unwanted software.
For more information please see the following:
http://go.microsoft.com/fwlink/?link...threatid=17559
Name:MonitoringTool:Win32/TotalSpy
ID:17559
Severity:Severe
Category:Monitoring Software
Path Found:file:C:\Program Files (x86)\FK_Monitor\service.exe;process

id:872,Proce ssStart:130972728286255228;regkey:HKCU@S-1-5-21-1214944576-273379327-1179527443-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN \\service.exe;runkey:HKCU@S-1-5-21-1214944576-273379327-1179527443-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN \\service.exe
Detection Type:Concrete
Detection Source:System
Status:Unknown
Process Name:

Date: 2015-12-29 12:08:05.389
Description:
Windows Defender has detected spyware or other potentially unwanted software.
For more information please see the following:
http://go.microsoft.com/fwlink/?link...threatid=17559
Name:MonitoringTool:Win32/TotalSpy
ID:17559
Severity:Severe
Category:Monitoring Software
Path Found:file:C:\Program Files (x86)\FK_Monitor\service.exe;process

id:3992,Proc essStart:130958821948117540;regkey:HKCU@S-1-5-21-1214944576-273379327-1179527443-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN \\service.exe;runkey:HKCU@S-1-5-21-1214944576-273379327-1179527443-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN \\service.exe
Detection Type:Concrete
Detection Source:System
Status:Unknown
Process Name:

Date: 2015-12-29 03:35:52.455
Description:
Windows Defender has detected spyware or other potentially unwanted software.
For more information please see the following:
http://go.microsoft.com/fwlink/?link...threatid=17559
Name:MonitoringTool:Win32/TotalSpy
ID:17559
Severity:Severe
Category:Monitoring Software
Path Found:file:C:\Program Files (x86)\FK_Monitor\service.exe;process

id:3044,Proc essStart:130952885708360678;regkey:HKCU@S-1-5-21-1214944576-273379327-1179527443-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN \\service.exe;runkey:HKCU@S-1-5-21-1214944576-273379327-1179527443-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN \\service.exe
Detection Type:Concrete
Detection Source:System
Status:Unknown
Process Name:C:\Windows\System32\svchost.exe

Date: 2015-12-29 02:53:23.369
Description:
Windows Defender has detected spyware or other potentially unwanted software.
For more information please see the following:
http://go.microsoft.com/fwlink/?link...threatid=17559
Name:MonitoringTool:Win32/TotalSpy
ID:17559
Severity:Severe
Category:Monitoring Software
Path Found:file:C:\Program Files (x86)\FK_Monitor\service.exe;process

id:3044,Proc essStart:130952885708360678
Detection Type:Concrete
Detection Source:System
Status:Unknown
Process Name:C:\Windows\System32\svchost.exe

Date: 2016-05-12 03:42:06.789
Description:
%1 engine has been terminated due to an unexpected error.
Failure Type:%5
Exception code:%6
Resource:%3

Date: 2012-02-04 14:31:21.303
Description:
Windows Defender has encountered an error trying to load signatures and will attempt reverting back to a known-good set of signatures.
Signatures Attempted:Current
Error Code:0x80070002
Error description:The system cannot find the file specified.
Signature version:0.0.0.0
Engine version:0.0.0.0

Date: 2011-09-16 12:52:29.082
Description:
Windows Defender has encountered an error trying to load signatures and will attempt reverting back to a known-good set of signatures.
Signatures Attempted:Current
Error Code:0x80070002
Error description:The system cannot find the file specified.
Signature version:0.0.0.0
Engine version:0.0.0.0

==================== Memory info ===========================

Processor: AMD Athlon(tm) II X4 640 Processor
Percentage of memory in use: 95%
Total physical RAM: 3839.29 MB
Available physical RAM: 182.59 MB
Total Virtual: 9595.43 MB
Available Virtual: 4307.13 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:918.5 GB) (Free:9.61 GB) NTFS
Drive d: (HP_RECOVERY) (Fixed) (Total:12.91 GB) (Free:1.53 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive e: (MAD_MAX_FURY_ROAD) (CDROM) (Total:7.67 GB) (Free:0 GB) UDF

\\?\Volume{7a04a5c1-5d3d-11e0-9091-806e6f6e6963}\ (SYSTEM) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS

==================== MBR & Partition Table ==================

================================================== ======
Disk: 0 (Size: 931.5 GB) (Disk ID: 49087E48)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=918.5 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=12.9 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================

evanandrew3333 · #40 March 2nd, 2019, 03:22 PM

\\?\Volume{7a04a5c1-5d3d-11e0-9091-806e6f6e6963}\ (SYSTEM) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS

==================== MBR & Partition Table ==================

================================================== ======
Disk: 0 (Size: 931.5 GB) (Disk ID: 49087E48)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=918.5 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=12.9 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================

evanandrew3333 · #41 March 2nd, 2019, 03:23 PM

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 01.03.2019
Ran by beatcat (02-03-2019 08:56:02)
Running from C:\Users\beatcat\Downloads
Windows 7 Home Premium Service Pack 1 (X64) (2011-04-02 15:34:01)
Boot Mode: Normal
================================================== ========

==================== Accounts: =============================

Administrator (S-1-5-21-1214944576-273379327-1179527443-500 - Administrator - Disabled)
ASPNET (S-1-5-21-1214944576-273379327-1179527443-1008 - Limited - Enabled)
beatcat (S-1-5-21-1214944576-273379327-1179527443-1000 - Administrator - Enabled) => C:\Users\beatcat
countzeppelin (S-1-5-21-1214944576-273379327-1179527443-1010 - Administrator - Enabled) => C:\Users\countzeppelin
Guest (S-1-5-21-1214944576-273379327-1179527443-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1214944576-273379327-1179527443-1002 - Limited - Enabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Microsoft Security Essentials (Disabled - Up to date) {71A27EC9-3DA6-45FC-60A7-004F623C6189}
AS: Spybot - Search and Destroy (Enabled - Out of date) {4C1D9672-63FE-5C90-371E-8FDA591C5B75}
AS: Microsoft Security Essentials (Disabled - Up to date) {CAC39F2D-1B9C-4A72-5A17-3B3D19BB2B34}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

1400 (HKLM-x32\...\{22DD005D-0EF1-4E3E-92F8-49D89E31479A}) (Version: 130.0.365.000 - Hewlett-Packard) Hidden
1400_Help (HKLM-x32\...\{6FBE200D-1F00-40B7-BF48-FEB265AADE94}) (Version: 82.0.242.000 - Hewlett-Packard) Hidden
1400Trb (HKLM-x32\...\{6A3C2391-BCE2-4D28-A336-73B953B4502F}) (Version: 82.0.242.000 - Hewlett-Packard) Hidden
4K Video Downloader 4.4 (HKLM\...\{62C59C21-F5F5-41A1-B575-DE37FEAA285B}) (Version: 4.4.11.2412 - Open Media LLC)
64 Bit HP CIO Components Installer (HKLM\...\{FF21C3E6-97FD-474F-9518-8DCBE94C2854}) (Version: 7.2.8 - Hewlett-Packard) Hidden
Adblock Plus for IE (32-bit and 64-bit) (HKLM\...\{F6FCA281-09CC-4753-990C-937B93A52C94}) (Version: 1.6 - Eyeo GmbH)
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 19.010.20098 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.4.0.2540 - Adobe Systems Incorporated)
Adobe Flash Player 32 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 32.0.0.142 - Adobe Systems Incorporated)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.142 - Adobe Systems Incorporated)
Agatha Christie - Peril at End House (HKLM-x32\...\WT089362) (Version: 2.2.0.95 - WildTangent) Hidden
AIO_CDB_ProductContext (HKLM-x32\...\{E7112940-5F8E-4918-B9FE-251F2F8DC81F}) (Version: 130.0.365.000 - Hewlett-Packard) Hidden
AIO_CDB_Software (HKLM-x32\...\{9F6B13E2-B93F-4203-9BD4-5DC18C9F9DEB}) (Version: 130.0.365.000 - Hewlett-Packard) Hidden
AIO_Scan (HKLM-x32\...\{104066F4-5897-4067-85D3-4C88B67CCF75}) (Version: 130.0.421.000 - Hewlett-Packard) Hidden
alien_crossfire (HKLM\...\{fa451eea-8a73-486b-9ea0-9628c2c2c3ad}.sdb) (Version: - )
alpha_centauri (HKLM\...\{fe81cd48-2ed2-4e7d-886c-b65767350095}.sdb) (Version: - )
AMD Install Manager (HKLM\...\AMD Catalyst Install Manager) (Version: 9.0.000.4 - Advanced Micro Devices, Inc.)
AnyDVD (HKLM-x32\...\AnyDVD) (Version: 7.1.6.0 - SlySoft)
Apple Application Support (32-bit) (HKLM-x32\...\{308F2F8C-9D33-4B22-8A6C-D9C13DBEF8C6}) (Version: 7.0.2 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{0CB84A7D-9697-4526-A819-60FB050E8F05}) (Version: 7.0.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{77F8C879-88CD-4145-945A-541C35285285}) (Version: 12.0.0.1039 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{A30EA700-5515-48F0-88B0-9E99DC356B88}) (Version: 2.6.0.1 - Apple Inc.)
Application Profiles (HKLM-x32\...\{EA374A45-BF30-0849-7A00-BD8A0BC8CE3E}) (Version: 2.0.4504.34814 - Advanced Micro Devices, Inc.)
Ashampoo Burning Studio FREE (HKLM-x32\...\{91B33C97-91F8-FFB3-581B-BC952C901685}_is1) (Version: 1.14.5 - Ashampoo GmbH & Co. KG)
ATI AVIVO64 Codecs (HKLM\...\{6A7F7056-14E1-D8E4-0B87-BC3F18EAC8AC}) (Version: 11.6.0.10627 - ATI Technologies Inc.) Hidden
Audacity 2.3.0 (HKLM-x32\...\Audacity_is1) (Version: 2.3.0 - Audacity Team)
Bejeweled 2 Deluxe (HKLM-x32\...\WT087428) (Version: 2.2.0.95 - WildTangent) Hidden
Big Fish: Game Manager (HKLM-x32\...\BFGC) (Version: 3.2.0.7 - )
Bing Rewards Client Installer (HKLM-x32\...\{61EDBE71-5D3E-4AB7-AD95-E53FEAF68C17}) (Version: 16.0.345.0 - Microsoft Corporation) Hidden
Blackhawk Striker 2 (HKLM-x32\...\WT087328) (Version: 2.2.0.95 - WildTangent) Hidden
Blasterball 3 (HKLM-x32\...\WT089308) (Version: 2.2.0.95 - WildTangent) Hidden
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Bounce Symphony (HKLM-x32\...\WT087330) (Version: 2.2.0.95 - WildTangent) Hidden
BufferChm (HKLM-x32\...\{2EEA7AA4-C203-4b90-A34F-19FB7EF1C81C}) (Version: 130.0.331.000 - Hewlett-Packard) Hidden
Build-a-lot 2 (HKLM-x32\...\WT087335) (Version: 2.2.0.95 - WildTangent) Hidden
Cake Mania (HKLM-x32\...\WT089359) (Version: 2.2.0.95 - WildTangent) Hidden
calibre (HKLM-x32\...\{DF1CF60D-3193-4602-970E-8B0D776D0E31}) (Version: 3.33.1 - Kovid Goyal)
Call To Power 2 (HKLM-x32\...\Call To Power 2_is1) (Version: - GOG.com)
CCleaner (HKLM\...\CCleaner) (Version: 5.47 - Piriform)
Chuzzle Deluxe (HKLM-x32\...\WT087453) (Version: 2.2.0.95 - WildTangent) Hidden
Cisco Connect (HKLM-x32\...\Cisco Connect) (Version: 1.4.11299.0 - Cisco Consumer Products LLC)
Civilization III (HKLM-x32\...\{0AD84416-63A4-4CF3-BDDF-8FA866711FB0}) (Version: - )
CloneDVD2 (HKLM-x32\...\CloneDVD2) (Version: 2.9.3.0 - Elaborate Bytes)
Company of Heroes - FAKEMSI (HKLM-x32\...\{14574B7F-75D1-4718-B7F2-EBF6E2862A35}) (Version: 2.0.0.0 - THQ Inc.) Hidden
Company of Heroes - FAKEMSI (HKLM-x32\...\{199E6632-EB28-4F73-AECB-3E192EB92D18}) (Version: 2.0.0.0 - THQ Inc.) Hidden
Company of Heroes - FAKEMSI (HKLM-x32\...\{25724802-CC14-4B90-9F3B-3D6955EE27B1}) (Version: 2.0.0.0 - THQ Inc.) Hidden
Company of Heroes - FAKEMSI (HKLM-x32\...\{32C4A4EB-C97D-414E-99C5-38F8DFD31D5D}) (Version: 2.0.0.0 - THQ Inc.) Hidden
Company of Heroes - FAKEMSI (HKLM-x32\...\{50193078-F553-4EBA-AA77-64C9FAA12F98}) (Version: 2.0.0.0 - THQ Inc.) Hidden
Company of Heroes - FAKEMSI (HKLM-x32\...\{51D718D1-DA81-4FAD-919F-5C1CE3C33379}) (Version: 2.0.0.0 - THQ Inc.) Hidden
Company of Heroes - FAKEMSI (HKLM-x32\...\{66F78C51-D108-4F0C-A93C-1CBE74CE338F}) (Version: 2.0.0.0 - THQ Inc.) Hidden
Company of Heroes - FAKEMSI (HKLM-x32\...\{7F4B1592-222F-4E5F-A100-E5AFD61A0BB3}) (Version: 2.0.0.0 - THQ Inc.) Hidden
Company of Heroes - FAKEMSI (HKLM-x32\...\{80D03817-7943-4839-8E96-B9F924C5E67D}) (Version: 2.0.0.0 - THQ Inc.) Hidden
Company of Heroes - FAKEMSI (HKLM-x32\...\{97E5205F-EA4F-438F-B211-F1846419F1C1}) (Version: 2.0.0.0 - THQ Inc.) Hidden
Company of Heroes - FAKEMSI (HKLM-x32\...\{99A7722D-9ACB-43F3-A222-ABC7133F159E}) (Version: 2.0.0.0 - THQ Inc.) Hidden
Company of Heroes - FAKEMSI (HKLM-x32\...\{BA801B94-C28D-46EE-B806-E1E021A3D519}) (Version: 2.0.0.0 - THQ Inc.) Hidden
Company of Heroes - FAKEMSI (HKLM-x32\...\{D4D244D1-05E0-4D24-86A2-B2433C435671}) (Version: 2.0.0.0 - THQ Inc.) Hidden
Company of Heroes - FAKEMSI (HKLM-x32\...\{EAF636A9-F664-4703-A659-85A894DA264F}) (Version: 2.0.0.0 - THQ Inc.) Hidden
Company of Heroes (HKLM-x32\...\Company of Heroes) (Version: 2.602.0 - THQ Inc.)
Copy (HKLM-x32\...\{3C92B2E6-380D-4fef-B4DF-4A3B4B669771}) (Version: 130.0.428.000 - Hewlett-Packard) Hidden
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Dawn of War - Dark Crusade (HKLM-x32\...\{FF39FC01-819B-42E4-AE49-1968AF12DDD4}) (Version: 1.00.0000 - THQ)
Dawn of War - Soulstorm (HKLM-x32\...\{20533183-D42D-4261-A125-956736FBEA8C}) (Version: 1.00.0000 - THQ)
Destinations (HKLM-x32\...\{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}) (Version: 130.0.0.0 - Hewlett-Packard) Hidden
DeviceDiscovery (HKLM-x32\...\{2FF8C687-DB7D-4adc-A5DC-57983EC25046}) (Version: 130.0.465.000 - Hewlett-Packard) Hidden
Diner Dash 2 Restaurant Rescue (HKLM-x32\...\WT087536) (Version: 2.2.0.95 - WildTangent) Hidden
Discord (HKU\S-1-5-21-1214944576-273379327-1179527443-1000\...\Discord) (Version: 0.0.304 - Discord Inc.)
Dora's World Adventure (HKLM-x32\...\WT087343) (Version: 2.2.0.95 - WildTangent) Hidden
Empire Earth - The Art of Conquest (HKLM-x32\...\{B49C924C-A651-4378-94F6-5D9BF44A959F}) (Version: - )
Empire Earth Gold Edition (HKLM-x32\...\Empire Earth Gold Edition_is1) (Version: - GOG.com)
Escape Rosecliff Island (HKLM-x32\...\WT087360) (Version: 2.2.0.95 - WildTangent) Hidden
Farm Frenzy (HKLM-x32\...\WT089328) (Version: 2.2.0.95 - WildTangent) Hidden
FATE (HKLM-x32\...\WT087361) (Version: 2.2.0.95 - WildTangent) Hidden
Fax (HKLM-x32\...\{440B915A-0C85-45DB-92AE-75AE14704A64}) (Version: 130.0.418.000 - Hewlett-Packard) Hidden
Final Drive Nitro (HKLM-x32\...\WT087362) (Version: 2.2.0.95 - WildTangent) Hidden
FLV Player (HKLM-x32\...\FLV Player2.0.25) (Version: 2.0.25 - Martijn de Visser Software)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 72.0.3626.119 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.23 - Google Inc.) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
GPBaseService2 (HKLM-x32\...\{63FF21C9-A810-464F-B60A-3111747B1A6D}) (Version: 130.0.371.000 - Hewlett-Packard) Hidden
Heroes of Hellas 2 - Olympia (HKLM-x32\...\WT087372) (Version: 2.2.0.95 - WildTangent) Hidden
HP Customer Participation Program 13.0 (HKLM\...\HPExtendedCapabilities) (Version: 13.0 - HP)
HP Deskjet 1510 series Basic Device Software (HKLM\...\{C9064E5C-D5AB-4EEB-86A6-50756901038A}) (Version: 32.0.1180.44630 - Hewlett-Packard Co.)
HP Deskjet 1510 series Help (HKLM-x32\...\{2E25FCEB-EFCB-4696-AA01-D3CBAC721831}) (Version: 30.0.0 - Hewlett Packard)
HP Imaging Device Functions 13.0 (HKLM\...\HP Imaging Device Functions) (Version: 13.0 - HP)
HP MediaSmart SmartMenu (HKLM\...\{A40F60B1-F1E1-452E-96A5-FF97F9A2D102}) (Version: 3.1.2.4 - Hewlett-Packard)
HP Odometer (HKLM-x32\...\{B8AC1A89-FFD1-4F97-8051-E505A160F562}) (Version: 2.10.0000 - Hewlett-Packard)
HP PC Hardware Diagnostics Windows (HKLM-x32\...\{F21290AC-4D41-4059-BD79-6557312662DE}) (Version: 1.5.5.0 - HP Inc.)
HP Photosmart Essential 3.5 (HKLM\...\HP Photosmart Essential) (Version: 3.5 - HP)
HP Photosmart Officejet and Deskjet All-In-One Driver Software 13.0 Rel. B (HKLM\...\{B61ED343-0B14-4241-999C-490CB1A20DA4}) (Version: 13.0 - HP)
HP Product Detection (HKLM-x32\...\{A436F67F-687E-4736-BD2B-537121A804CF}) (Version: 11.14.0001 - HP)
HP Setup (HKLM-x32\...\{53469506-A37E-4314-A9D9-38724EC23A75}) (Version: 8.4.4400.3525 - Hewlett-Packard Company)
HP Setup Manager (HKLM-x32\...\{AE856388-AFAD-4753-81DF-D96B19D0A17C}) (Version: 1.0.12844.3519 - Hewlett-Packard Company)
HP Smart Web Printing 4.51 (HKLM\...\HP Smart Web Printing) (Version: 4.51 - HP)
HP Solution Center 13.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 13.0 - HP)
HP Support Assistant (HKLM-x32\...\{1E14ACF0-1480-4467-A73D-67C4FD35A5F4}) (Version: 8.7.50.3 - HP Inc.)
HP Support Information (HKLM-x32\...\{7F2A11F4-EAE8-4325-83EC-E3E99F85169E}) (Version: 10.1.1000 - Hewlett-Packard)
HP Support Solutions Framework (HKLM-x32\...\{EBD077C6-0032-4309-AA04-C67836D717DA}) (Version: 12.10.49.21 - HP Inc.)
HP Touchpoint Analytics Client (HKLM\...\{E5FB98E0-0784-44F0-8CEC-95CD4690C43F}) (Version: 4.0.2.1439 - HP Inc.)

evanandrew3333 · #42 March 2nd, 2019, 03:23 PM

HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HP Vision Hardware Diagnostics (HKLM\...\{D79A02E9-6713-4335-9668-AAC7474C0C0E}) (Version: 2.1.6.0 - Hewlett-Packard)
HPDiagnosticAlert (HKLM-x32\...\{846B5DED-DC8C-4E1A-B5B4-9F5B39A0CACE}) (Version: 1.00.0000 - Microsoft) Hidden
HPPhotoGadget (HKLM-x32\...\{CAE4213F-F797-439D-BD9E-79B71D115BE3}) (Version: 130.0.282.000 - Hewlett-Packard) Hidden
HPPhotoSmartDiscLabelContent1 (HKLM-x32\...\{681B698F-C997-42C3-B184-B489C6CA24C9}) (Version: 2.04.0000 - Hewlett-Packard) Hidden
HPPhotosmartEssential (HKLM-x32\...\{D79113E7-274C-470B-BD46-01B10219DF6A}) (Version: 2.04.0000 - Hewlett-Packard) Hidden
HPProductAssistant (HKLM-x32\...\{C43326F5-F135-4551-8270-7F7ABA0462E1}) (Version: 130.0.371.000 - Hewlett-Packard) Hidden
IMVU Avatar Chat Software (HKU\S-1-5-21-1214944576-273379327-1179527443-1000\...\IMVU Avatar chat client software BETA) (Version: - )
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.35 - Irfan Skiljan)
iTunes (HKLM\...\{645877C4-2AB6-46B6-BD32-B251B0666F63}) (Version: 12.9.0.167 - Apple Inc.)
Java 8 Update 191 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180191F0}) (Version: 8.0.1910.12 - Oracle Corporation)
Jewel Quest Solitaire 2 (HKLM-x32\...\WT087379) (Version: 2.2.0.95 - WildTangent) Hidden
Junk Mail filter update (HKLM-x32\...\{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
LAME v3.98.3 for Audacity (HKLM-x32\...\LAME for Audacity_is1) (Version: - )
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version: - )
LAV Filters 0.73.1 (HKLM-x32\...\lavfilters_is1) (Version: 0.73.1 - Hendrik Leppkes)
MarketResearch (HKLM-x32\...\{175F0111-2968-4935-8F70-33108C6A4DE3}) (Version: 130.0.374.000 - Hewlett-Packard) Hidden
Media Player Codec Pack 4.5.2 (HKLM-x32\...\Media Player - Codec Pack) (Version: 4.5.2 - Media Player Codec Pack)
Microsoft .NET Framework 1.1 (HKLM-x32\...\{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}) (Version: 1.1.4322 - Microsoft)
Microsoft .NET Framework 4.7.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.03062 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation)
Microsoft IntelliPoint 8.2 (HKLM\...\Microsoft IntelliPoint 8.2) (Version: 8.20.468.0 - Microsoft Corporation)
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Click-to-Run 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Starter 2010 - English (HKLM-x32\...\{90140011-0066-0409-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.10.209.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Works 2001 Setup Launcher (HKLM-x32\...\Works2001Setup) (Version: - )
Microsoft Works 6.0 (HKLM-x32\...\{F8D0829C-9C6F-11D3-8080-00C04FA329AA}) (Version: 06.00.1829 - Microsoft Corporation)
Monopoly ® (HKLM-x32\...\BFG-Monopoly) (Version: - )
Mozilla Firefox 65.0 (x64 en-US) (HKLM\...\Mozilla Firefox 65.0 (x64 en-US)) (Version: 65.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 65.0.0.6963 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML4 Parser (HKLM-x32\...\{01501EBA-EC35-4F9F-8889-3BE346E5DA13}) (Version: 1.0.0 - Microsoft Game Studios)
Mystery P.I. - The London Caper (HKLM-x32\...\WT089299) (Version: 2.2.0.95 - WildTangent) Hidden
Network64 (HKLM\...\{05EFBF37-0E52-4579-875C-7EEF0DFB4FCB}) (Version: 130.0.572.000 - Hewlett-Packard) Hidden
NVIDIA PhysX (HKLM-x32\...\{DA909E62-3B45-4BA1-8B58-FCAEBA4BCEC9}) (Version: 9.12.0213 - NVIDIA Corporation)
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
OpenOffice 4.1.3 (HKLM-x32\...\{EEA30AEB-8BA7-465B-85D4-098BB99733E7}) (Version: 4.13.9783 - Apache Software Foundation)
PANZERS - Phase1 (HKLM-x32\...\PANZERS - Phase1) (Version: - )
Password Safe (HKLM-x32\...\Password Safe) (Version: - )
Penguins! (HKLM-x32\...\WT087394) (Version: 2.2.0.95 - WildTangent) Hidden

evanandrew3333 · #43 March 2nd, 2019, 03:24 PM

Plants vs. Zombies (HKLM-x32\...\WT087501) (Version: 2.2.0.95 - WildTangent) Hidden
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
PlayReady PC Runtime x86 (HKLM-x32\...\{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}) (Version: 1.3.0 - Microsoft Corporation)
Poker Superstars III (HKLM-x32\...\WT087395) (Version: 2.2.0.95 - WildTangent) Hidden
Polar Bowler (HKLM-x32\...\WT087396) (Version: 2.2.0.95 - WildTangent) Hidden
Polar Golfer (HKLM-x32\...\WT087397) (Version: 2.2.0.95 - WildTangent) Hidden
QuickTime 7 (HKLM-x32\...\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 - Apple Inc.)
Qwirkle (HKU\S-1-5-21-1214944576-273379327-1179527443-1000\...\488f01a1f6d3252d) (Version: 1.0.0.6 - Microsoft)
Ralink RT2860 Wireless LAN Card (HKLM-x32\...\{8FC4F1DD-F7FD-4766-804D-3C8FF1D309B0}) (Version: - Ralink)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6196 - Realtek Semiconductor Corp.)
Recovery Manager (HKLM-x32\...\{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}) (Version: 5.5.3219 - CyberLink Corp.) Hidden
Red Baron Pack (HKLM-x32\...\Red Baron Pack_is1) (Version: - GOG.com)
Risk (HKLM-x32\...\Risk) (Version: - )
Rogue Spear (HKLM-x32\...\Rogue Spear) (Version: - )
Scan (HKLM-x32\...\{0F367CA3-3B2F-43F9-A44A-25A8EE69E45D}) (Version: 13.0.0.0 - Hewlett-Packard) Hidden
Secret Weapons Over Normandy (HKLM-x32\...\{A1981877-5B9F-4001-A070-A05DD352EA23}) (Version: 1.0 - )
SecuROM Diagnostic Tool (HKLM-x32\...\SecuROM Diagnostic Tool) (Version: - Sony DADC Austria)
Shattered Union (HKLM-x32\...\{5BAC798E-FA02-4251-B850-FF37E1FA7CC4}) (Version: 0.0.2 - )
Sid Meier's Alpha Centauri (HKLM-x32\...\GOGPACKSIDMEIERSALPHACENTAURI_is1) (Version: 2.0.2.23 - GOG.com)
Sid Meier's Civilization 4 (HKLM-x32\...\{1CF028E5-705D-4B62-AC1D-A59593B7C0BB}) (Version: 1.74 - Firaxis Games)
Skype Click to Call (HKLM-x32\...\{873F8E7C-10E6-449F-BD7E-5FBA7C8E1C9B}) (Version: 8.5.0.9167 - Microsoft Corporation)
Skype version 8.38 (HKLM-x32\...\Skype_is1) (Version: 8.38 - Skype Technologies S.A.)
SmartWebPrinting (HKLM-x32\...\{DC635845-46D3-404B-BCB1-FC4A91091AFA}) (Version: 130.0.457.000 - Hewlett-Packard) Hidden
SolutionCenter (HKLM-x32\...\{4A70EF07-7F88-4434-BB61-D1DE8AE93DD4}) (Version: 130.0.373.000 - Hewlett-Packard) Hidden
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.7.64.0 - Safer-Networking Ltd.)
Status (HKLM-x32\...\{0EF5BEA9-B9D3-46d7-8958-FB69A0BAEACC}) (Version: 130.0.469.000 - Hewlett-Packard) Hidden
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Strategic Command - European Theater (HKLM-x32\...\Strategic Command - European Theater_is1) (Version: - GOG.com)
System Requirements Lab (HKLM-x32\...\{0C976EC5-842F-4313-B2AB-EDDBCCD3A222}) (Version: 4.5.1.0 - Husdawg, LLC)
System Requirements Lab (HKLM-x32\...\{FEE1F166-EAE4-4C4B-8988-D82521F9F63F}) (Version: 6.1.5.0 - Husdawg, LLC)
System Requirements Lab Detection (HKLM-x32\...\{12293F73-4E32-4288-8D0B-19332335984E}) (Version: 6.1.4.0 - Husdawg, LLC)
The Last Express (HKLM-x32\...\The Last Express_is1) (Version: - GOG.com)
Tom Clancy's Rainbow Six: Lockdown (HKLM-x32\...\{3BB33584-3860-4772-AEE9-D8E61F552896}) (Version: 1.00.000 - )
Toolbox (HKLM-x32\...\{6BBA26E9-AB03-4FE7-831A-3535584CA002}) (Version: 130.0.648.000 - Hewlett-Packard) Hidden
TrayApp (HKLM-x32\...\{1EC71BFB-01A3-4239-B6AF-B1AE656B15C0}) (Version: 130.0.422.000 - Hewlett-Packard) Hidden
UE4 Prerequisites (x64) (HKLM\...\{36EAD5CF-44EF-4FCF-8BE1-D96C4835D7A4}) (Version: 1.0.11.0 - Epic Games, Inc.) Hidden
UE4 Prerequisites (x64) (HKLM-x32\...\{2890ae6b-90e9-448d-b3e6-97e43c21e2fd}) (Version: 1.0.13.0 - Epic Games, Inc.) Hidden
UnloadSupport (HKLM-x32\...\{4E7C28C7-D5DA-4E9F-A1CA-60490B54AE35}) (Version: 11.0.0 - Hewlett-Packard) Hidden
Uplay (HKLM-x32\...\Uplay) (Version: 45.0 - Ubisoft)
VASSAL (3.1.15) (HKLM-x32\...\VASSAL (3.1.15)) (Version: 3.1.15 - vassalengine.org)
VC80CRTRedist - 8.0.50727.6195 (HKLM-x32\...\{933B4015-4618-4716-A828-5289FC03165F}) (Version: 1.2.0 - DivX, Inc) Hidden
Virtual Families (HKLM-x32\...\WT087414) (Version: 2.2.0.95 - WildTangent) Hidden
Virtual Villagers 4 - The Tree of Life (HKLM-x32\...\WT089307) (Version: 2.2.0.95 - WildTangent) Hidden
Visual Studio 2008 x64 Redistributables (HKLM-x32\...\{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}) (Version: 10.0.0.2 - AVG Technologies)
Visual Studio 2010 x64 Redistributables (HKLM\...\{21B133D6-5979-47F0-BE1C-F6A6B304693F}) (Version: 13.0.0.1 - AVG Technologies)
WebReg (HKLM-x32\...\{43CDF946-F5D9-4292-B006-BA0D92013021}) (Version: 130.0.132.017 - Hewlett-Packard) Hidden
Wheel of Fortune 2 (HKLM-x32\...\WT087415) (Version: 2.2.0.95 - WildTangent) Hidden
Windows 7 Codec Pack 4.0.2 (HKLM-x32\...\Windows 7 - Codec Pack) (Version: 4.0.2 - Windows 7 Codec Pack)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3502.0922 - Microsoft Corporation)
Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
Works Suite OS Pack (HKLM-x32\...\{FAF7F1D7-C0E7-47EA-8AAA-84E4F9EA3C94}) (Version: 1.0.0.0000 - Microsoft Corporation) Hidden
Works Synchronization (HKLM-x32\...\{BD3DCAB0-3FE5-44FB-90DA-EFB0A2CD1387}) (Version: 1.0.0.0000 - Your Company Name) Hidden
Xvid Video Codec (HKLM-x32\...\Xvid Video Codec 1.3.1) (Version: 1.3.2 - Xvid Team)
Zinio Reader 4 (HKLM-x32\...\{465210C4-595A-BD80-44E8-E0457D9D8432}) (Version: 4.0.3184 - Zinio LLC) Hidden
Zinio Reader 4 (HKLM-x32\...\ZinioReader4.9310D8F796442B71068C511E15D70 529A702D19D.1) (Version: 4.0.3184 - Zinio LLC)
ZOMBI (HKLM-x32\...\Uplay Install 1653) (Version: - Ubisoft)
Zuma Deluxe (HKLM-x32\...\WT087533) (Version: 2.2.0.95 - WildTangent) Hidden

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers1: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => c:\Program Files\Microsoft Security Client\shellext.dll [2016-11-14] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [SDECon32] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2018-03-23] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
ContextMenuHandlers1: [SDECon64] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2018-03-23] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
ContextMenuHandlers2: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => c:\Program Files\Microsoft Security Client\shellext.dll [2016-11-14] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers4: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => c:\Program Files\Microsoft Security Client\shellext.dll [2016-11-14] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiacm64.dll [2013-04-29] (Advanced Micro Devices, Inc.) [File not signed]
ContextMenuHandlers6: [SDECon32] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2018-03-23] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
ContextMenuHandlers6: [SDECon64] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2018-03-23] (Safer-Networking Ltd. -> Safer-Networking Ltd.)

evanandrew3333 · #44 March 2nd, 2019, 03:25 PM

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0206FF3D-1FEC-48D3-8706-14D75348ABCC} - System32\Tasks\{66549709-8D6C-4320-9CA9-EAF7ED712276} => C:\Program Files (x86)\Infogrames Interactive\Civilization III\Civilization3.exe () [File not signed]
Task: {027281B0-2ECE-4061-B2E5-E3143AA81234} - System32\Tasks\{51B14561-6308-498D-88C4-F4AB30381AF2} => C:\Windows\system32\pcalua.exe -a C:\Windows\IsUninst.exe -c -fj:\Uninst.isu
Task: {089CF36E-5BB0-4D18-A400-FEB1F7361E69} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe (Safer-Networking Ltd. -> Safer-Networking Ltd.)
Task: {09A8D55C-0678-4ECE-87D3-00D1B89FE7FB} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChec ker.exe (HP Inc. -> HP Inc.)
Task: {106B0910-8851-4A37-96DE-8D1DA8FD49F2} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe (HP Inc. -> HP Inc.)
Task: {172C99CE-CA08-445F-9D31-07AAD793BF83} - System32\Tasks\{3EE8A097-6C03-428F-A090-32FD775CD9A6} => C:\Windows\system32\pcalua.exe -a C:\Users\beatcat\AppData\Local\Temp\Temp1_CompanyO fHeroesOpposingFronts_English_ddmf.zip\Setup.exe <==== ATTENTION
Task: {1836F492-CBDE-422C-B8ED-255FA0408F5B} - System32\Tasks\{14B6D0F1-7E11-4089-96B2-B3E521E0B09D} => C:\Windows\system32\pcalua.exe -a C:\Windows\system32\pcwrun.exe -c "C:\Program Files (x86)\OpenOffice.org 3\program\swriter.exe"
Task: {235368E9-8232-4B27-84AD-82E9160501BC} - System32\Tasks\{9EA92A84-4D09-4600-9CC6-6EE013467AD9} => "c:\program files (x86)\mozilla firefox\firefox.exe" hxxp://ui.skype.com/ui/0/6.9.59.106/en/abandoninstall?page=tsProgressBar
Task: {23EBF1B4-6B28-4D54-9F98-C38E872E698F} - System32\Tasks\{253ED6CA-3391-4CF4-B25E-0BDCEA868CDB} => C:\Users\beatcat\Downloads\CompanyOfHeroesOpposing Fronts_English_ddmf\Setup.exe (THQ Canada Inc. -> THQ Canada Inc.)
Task: {25E401E2-9053-4A0D-8DF8-FC03225CABD5} - System32\Tasks\{A4E4FE33-F67E-4F1A-B15C-238CE364A82F} => C:\Program Files (x86)\GOG.com\Call To Power 2\ctp2_program\ctp\ctp2.exe (Activision Studios) [File not signed]
Task: {289847DE-3FBE-4007-B8D6-A14B21079F71} - System32\Tasks\{1E899B66-2DAE-4E8C-895B-C3B4C8E836B8} => C:\Program Files (x86)\Infogrames Interactive\Civilization III\Civilization3.exe () [File not signed]
Task: {2B393A15-6232-4D23-96CE-DBB066219266} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChec ker.exe (HP Inc. -> HP Inc.)
Task: {2B8F3CE4-6634-4AB1-ABE1-D13CB7866D32} - System32\Tasks\{5285099F-618D-4B19-BF41-FEDBD7CEE566} => C:\Program Files (x86)\Lionhead Studios Ltd\Black & White\runblack.exe
Task: {2FF9A6BB-FDDC-4216-A596-90929D039014} - System32\Tasks\{8AC73B83-AD96-496D-B513-5A35D14A0E8C} => C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe
Task: {31BA9934-9323-4B34-8E3A-5B6282DB073A} - System32\Tasks\{0A3F988D-72AE-474B-B004-DE16E0C2F35E} => C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\InstallShield Installation Information\{1CF028E5-705D-4B62-AC1D-A59593B7C0BB}\setup.exe" -c -runfromtemp -l0x0009 -removeonly
Task: {31D5CB65-F6FA-464D-9427-A7AE733F14AF} - System32\Tasks\{F60A6E15-39F5-49B2-8DB4-3608CC9427A1} => "c:\program files (x86)\mozilla firefox\firefox.exe" hxxp://ui.skype.com/ui/0/4.2.0.166.272/en/abandoninstall?page=tsMain&installinfo=google-toolbar:notoffered;notincluded,google-chrome:notoffered;notincluded
Task: {32D9BCC2-76F5-49E7-841B-274EB132DBAA} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
Task: {33F8044D-7044-4DAC-A8C9-8F7800A072B2} - System32\Tasks\{B6CDCF5B-711F-4F7B-870C-ADDA6C2ABD25} => C:\Program Files (x86)\Infogrames Interactive\Civilization III\Civilization3.exe () [File not signed]
Task: {375BFBC0-4D92-4E95-ADAD-F1F3BD6A739C} - System32\Tasks\{879EA77C-2346-4B96-AED2-37A47B399648} => C:\Users\beatcat\Desktop\Empire Earth\Empire Earth.exe
Task: {38899EB9-CC63-4357-AD2D-89ECCEDDB481} - System32\Tasks\{7096A575-91EA-42F0-AA12-D95BD3106F3D} => C:\Program Files (x86)\GOG.com\Imperial Glory\ImperialGlory.exe
Task: {3E07C23B-745F-4222-8191-12C627908C39} - System32\Tasks\{AB09A2C9-5818-468B-8854-276A3D9D2C98} => C:\Windows\system32\pcalua.exe -a C:\Users\beatcat\AppData\Local\Temp\Temp1_Qwirklev 1.0.0.5.zip\Qwirkle\setup.exe <==== ATTENTION
Task: {4C6D0C92-BAC1-4C84-829C-C92A7AB875F4} - System32\Tasks\{ADF537E3-EB3B-4A5C-8F58-C02B56E634C4} => C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\Hotspot Shield\bin\HssInstaller.exe" -d "C:\Program Files (x86)\Hotspot Shield\bin"
Task: {4E58F9E3-C31A-48E2-BB90-49779B2CCC71} - System32\Tasks\{3466BAA0-F1A7-4B37-8820-5EA850A4E331} => C:\Windows\system32\pcalua.exe -a C:\Users\beatcat\Downloads\OOo_3.3.0_Win_x86_insta ll-wJRE_en-US.exe -d "C:\Program Files (x86)\Mozilla Firefox"
Task: {4F4855E8-87A9-41BB-AF2F-B8EB733AF9A7} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe (HP Inc. -> HP Inc.)
Task: {53C21EAF-C1F9-4660-A9B2-F1EECE4B1849} - System32\Tasks\{BB0D19D5-20A8-4950-8BF3-3FFE45226911} => C:\Program Files (x86)\Infogrames Interactive\Civilization III\Civilization3.exe () [File not signed]
Task: {545109F5-28CD-4BFB-9854-8D0AB76344D1} - System32\Tasks\{B4125462-8D93-4BFF-B4D3-FF0F01D51AA0} => C:\Windows\system32\pcalua.exe -a C:\Users\beatcat\Desktop\ShaDOW\ShadowWatch.part00 1.exe -d C:\Users\beatcat\Desktop\ShaDOW
Task: {5579BB68-91F7-4F63-8BF6-75662D3E65A7} - System32\Tasks\Microsoft_Hardware_Launch_IPoint_ex e => C:\Program Files\Microsoft IntelliPoint\IPoint.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {56677CAE-57DD-441A-8A3A-2D4CB3A1182C} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe (Safer-Networking Ltd. -> Safer-Networking Ltd.)
Task: {56B3E583-4E7A-451C-8B7B-66037D7607D3} - System32\Tasks\AMD Updater => C:\Program Files\AMD\CIM\\Bin64\InstallManagerApp.exe (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {58DA8E8D-39E7-423A-98EE-517BC8DE93AA} - System32\Tasks\{9F820062-9560-46CF-9CBB-3513314B42AE} => C:\Program Files (x86)\Lionhead Studios Ltd\Black & White\runblack.exe
Task: {59AD55CC-EFD9-4C66-B0D2-C7D8D49D730C} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-1214944576-273379327-1179527443-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe
Task: {5AE58F61-A0F6-460F-A3DB-4B2514D5688B} - System32\Tasks\{02DA4EFE-81CF-446D-99E9-D9F4E69F2248} => "c:\program files (x86)\mozilla firefox\firefox.exe" hxxp://ui.skype.com/ui/0/4.2.0.166.272/en/abandoninstall?page=tsMain&installinfo=google-toolbar:notoffered;notincluded,google-chrome:notoffered;notincluded
Task: {5FC4881D-E74D-48C8-A91D-ABD8DF4D6C0D} - System32\Tasks\{EA4E8199-02C1-4958-A737-66149FD75B98} => C:\Users\beatcat\Desktop\Games\ctp2.exe
Task: {631C4D71-5B4F-4D59-BECB-35866405F689} - System32\Tasks\{1015304F-15AB-46F7-BCD2-39E06527BBB3} => C:\Windows\system32\pcalua.exe -a C:\PROGRA~2\PANZER~1\UNINST~1\UNWISE.EXE -c C:\PROGRA~2\PANZER~1\UNINST~1\INSTALL.LOG
Task: {63E35B80-C5A7-4E75-9C84-C14A351D0BC5} - System32\Tasks\{264BDF28-2708-458F-84D3-A9C0C6A65CC8} => C:\Program Files (x86)\Lionhead Studios Ltd\Black & White\runblack.exe
Task: {670EC6BE-65AB-49A8-8D20-AF3877BCF453} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe (Safer-Networking Ltd. -> Safer-Networking Ltd.)
Task: {68602AF9-DF51-410C-AC86-4E8C1081492E} - System32\Tasks\{5157BE18-CCB2-47DF-82FD-72BBA84DB500} => C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\Download Manager\uninst.exe"
Task: {6A7788D7-2D60-4A8E-8C75-D9A93DB39746} - System32\Tasks\{F446373B-191C-4D28-AC47-F6498DC31237} => C:\Program Files (x86)\Microsoft Games\Rise Of Legends\legends.exe
Task: {6AD810DE-821C-4493-AE06-841D916754CA} - System32\Tasks\Microsoft\Windows\MemDiag => C:\Windows\system32\mdres.exe (Microsoft Windows -> Microsoft Corporation)
Task: {6C086654-11B1-4D2A-8B01-4B6CED2A7F49} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.ex e (HP Inc. -> HP Inc.)
Task: {6C58ECF9-5D86-4B58-AF2E-E2632F10EA36} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.)
Task: {6F959CA6-A1CE-4981-9D2F-CA412CDCF83C} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpda teService.exe (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {73D89E1C-A2CE-4079-80F8-B845B1565C0F} - System32\Tasks\{2723C127-C9D3-403E-8D39-9E8E4883369B} => "c:\program files (x86)\mozilla firefox\firefox.exe" hxxp://ui.skype.com/ui/0/4.2.0.166.272/en/abandoninstall?page=tsMain&installinfo=google-toolbar:notoffered;notincluded,google-chrome:notoffered;notincluded
Task: {7504DF0F-E41D-4D42-90B1-4B1CDDDDE6F5} - System32\Tasks\{E44D51D3-F8A1-468E-B088-C4F170F09EBC} => C:\Users\beatcat\Desktop\Empire Earth\Empire Earth.exe
Task: {77E7BE06-98B9-4D02-9484-95BD3B8E6B9F} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Task: {7A37D85B-D375-4115-AA49-072233CA068D} - System32\Tasks\{ECC6DABF-C911-43CE-9516-731575A7CEF2} => C:\Users\beatcat\Desktop\Games\ctp2.exe
Task: {7B22466A-01C0-44A4-B41C-62E4ABF67991} - System32\Tasks\{0F4A0B0E-AF18-4DC7-B66B-10EF612A1BA3} => C:\Program Files (x86)\GOG.com\IL-2 Sturmovik 1946\il2fb.exe
Task: {7F9E7DC9-2DA9-472B-8311-01F98BC05768} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater – Install HPSA => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe (HP Inc. -> HP Inc.)
Task: {7FB2A62A-9CCC-4EB8-A5A4-3A1A4DB51858} - System32\Tasks\{1C7B8792-97AB-4A39-86A3-F298FF0750DA} => C:\Users\beatcat\Desktop\Games\ctp2.exe
Task: {81589346-F564-4535-AA71-5537A76E44B3} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Opt-in For HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF_Utils.exe (HP Inc. -> HP Inc.)
Task: {81F5C930-0D85-43A6-8390-87015582D477} - System32\Tasks\{31A81E03-E45A-4DC7-A027-5A9D634FA0C7} => C:\Windows\system32\pcalua.exe -a C:\Users\beatcat\Downloads\Civilization4_ddsetup\s etup.exe -d C:\Users\beatcat\Downloads\Civilization4_ddsetup
Task: {8D831934-EC2D-4273-BCEC-0CFC02A5665E} - System32\Tasks\{9B51CAFD-936C-402E-B0C0-F93C217F2C16} => C:\Windows\system32\pcalua.exe -a E:\setup.exe -d E:\
Task: {8E08EDF1-946C-4FE4-BAE3-01AAF13422F7} - System32\Tasks\{5706475C-D633-436E-9058-C34EEBE59A5E} => C:\Windows\system32\pcalua.exe -a "C:\Users\beatcat\Desktop\Games\DawnOfWar_Soulstor m_dd_setupclient\Dawn of War Soulstorm\setup.exe" -d "C:\Users\beatcat\Desktop\Games\DawnOfWar_Soulstor m_dd_setupclient\Dawn of War Soulstorm"
Task: {8E9C0CD1-E2AD-4F4F-8504-7CFEAEBC6EB9} - System32\Tasks\{4A7E56F5-ABDA-4079-8095-EBA7C0FD4EB9} => C:\Program Files (x86)\GOG.com\Call To Power 2\ctp2_program\ctp\ctp2.exe (Activision Studios) [File not signed]
Task: {8F19B137-E99F-4189-8F94-EF03C9E77AE2} - System32\Tasks\{17978592-1638-42A0-8D45-F4CD7935531D} => C:\Windows\system32\pcalua.exe -a E:\setup.exe -d E:\
Task: {8F54A0A8-8FE7-474D-BA6A-9DC2848DA4CE} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater - Resources => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe (HP Inc. -> HP Inc.)
Task: {931BFB6B-43B7-48FD-ABBD-BBE9F8E87B19} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-1214944576-273379327-1179527443-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe
Task: {98643E9A-3100-4C82-B8F2-2479E6D0CD79} - System32\Tasks\{D075CA06-AD03-4A8F-A6C2-80849C413FE7} => C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe
Task: {9926F9E7-085E-4357-8802-CFD443A58E87} - System32\Tasks\{C48EE6B2-B124-4668-99B3-32FE44C84236} => C:\Windows\system32\pcalua.exe -a E:\setup.exe -d E:\
Task: {9B2C4C46-85A6-4E37-9DDB-0C759EBB5DD2} - System32\Tasks\{22AB7CB5-E2D6-47FB-89CB-F7DD4645C3D0} => C:\Program Files (x86)\Infogrames Interactive\Civilization III\Civilization3.exe () [File not signed]
Task: {9C8C785D-6236-4CFB-8C1F-672EDA75AB3F} - System32\Tasks\{5E551F7B-6C63-4A60-B16C-F7139979B0FC} => C:\Program Files (x86)\GOG.com\Imperial Glory\ImperialGlory.exe
Task: {9D3D9A68-16EE-40B4-9F69-1962FCF5C974} - System32\Tasks\{1853B9A2-B520-42EA-8540-8D11FBD4550A} => C:\Windows\system32\pcalua.exe -a C:\Users\beatcat\Downloads\JavaSetup6u30.exe -d C:\Windows\system32
Task: {9EDCA184-073F-4723-962F-9E4944A17DDE} - System32\Tasks\{C6B2519B-FD6F-42D0-9921-BBD29210F098} => C:\Windows\system32\pcalua.exe -a C:\Users\beatcat\Downloads\CompanyOfHeroesOpposing Fronts_English_ddmf\Setup.exe -d C:\Users\beatcat\Downloads\CompanyOfHeroesOpposing Fronts_English_ddmf
Task: {A5E30CFD-D984-4449-B5B7-8D4BD44F21B4} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_ 0_0_142_Plugin.exe (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {A9544911-6457-4023-B0ED-B6C3914E8B6D} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe (AVAST Software s.r.o. -> AVAST Software)
Task: {AA1C1554-4C46-476B-B90B-D77EA92EA72A} - System32\Tasks\{294337F2-906B-49FB-BE87-B9BEA7AE8D74} => C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\InstallShield Installation Information\{5BAC798E-FA02-4251-B850-FF37E1FA7CC4}\setup.exe" -d "C:\Program Files (x86)\InstallShield Installation Information\{5BAC798E-FA02-4251-B850-FF37E1FA7CC4}"
Task: {ABA1791F-492F-42F5-832B-936BAC84D4B3} - System32\Tasks\{08F30E53-59FB-4B06-AF7D-3F1755874511} => C:\Windows\system32\pcalua.exe -a C:\Users\beatcat\Downloads\Civ4v161.exe -d C:\Windows\system32
Task: {AC350091-875E-43F4-A72A-ED4D524E3840} - System32\Tasks\{7DAECC71-F0B4-4F66-A8A7-92D755D560EB} => C:\Users\beatcat\Desktop\Games\ctp2.exe
Task: {ADF8B210-75CF-40FC-AD30-3BF4B5783353} - System32\Tasks\{62B6BB08-9DF6-430C-AB6F-B3AFE449E9AB} => C:\Program Files (x86)\Infogrames Interactive\Civilization III\Civilization3.exe () [File not signed]
Task: {B3B041B6-A0B3-4858-AF1C-B2AA02DCEB24} - System32\Tasks\{EFAC76D2-CBD2-48F2-BFDE-B69355B790EE} => C:\Users\beatcat\Downloads\CompanyOfHeroesOpposing Fronts_English_ddmf\Setup.exe (THQ Canada Inc. -> THQ Canada Inc.)
Task: {B592A8D6-D56B-4A6C-ACC6-A9227447A38B} - System32\Tasks\{6D50D271-AF03-416C-AA26-D3F45DAACD03} => C:\Program Files (x86)\PANZERS - Phase2\Run\Panzers_Phase_2.exe
Task: {B6619EE6-852A-4B31-B142-09AA3886E15E} - System32\Tasks\{7FCEF96A-C000-4D67-B40E-CD8B35DED455} => C:\Windows\system32\pcalua.exe -a C:\Users\beatcat\Downloads\GameRangerSetup(1).exe -d "C:\Program Files (x86)\Mozilla Firefox"
Task: {B8B5ECE2-D5AE-48A2-A694-CED2EDA5394E} - System32\Tasks\{0CF645FF-1AF6-4E05-B815-C4F159C80A58} => C:\Windows\system32\pcalua.exe -a "C:\Users\beatcat\Desktop\Company of Heroes- Tales of Valor\Setup.exe" -d "C:\Users\beatcat\Desktop\Company of Heroes- Tales of Valor"
Task: {BB9E20F0-A4AA-41C4-93E6-22FE76FA8465} - System32\Tasks\{D1F4CF87-99D5-471F-8B1B-AD48ECCE7BC6} => C:\Users\beatcat\Desktop\Games\ctp2.exe
Task: {BD1244CA-E1AA-4CDF-A9C1-9AB3153AE5D3} - System32\Tasks\{6D45DF5E-380D-4A7D-8F59-DE34CB67E7B2} => C:\Program Files (x86)\GOG.com\IL-2 Sturmovik 1946\il2fb.exe
Task: {BDD55C4B-FEDC-4FE6-BA3C-DCCDC9F371AB} - System32\Tasks\{55DF7917-9717-4224-AF45-87F86A5949DC} => C:\Windows\system32\pcalua.exe -a E:\Setup.exe -d E:\
Task: {BE9D874F-8DAE-4F23-A13C-5FA812D28553} - System32\Tasks\{36E76C9C-33D6-441C-9B14-305A6A21995A} => C:\Program Files (x86)\Microsoft Games\Rise Of Legends\legends.exe
Task: {C080811C-87FA-4A92-B746-3BDE1729A281} - System32\Tasks\{227D324E-ADD9-4714-89F6-44D9A524B6B9} => C:\Program Files (x86)\GOG.com\Imperial Glory\ImperialGlory.exe
Task: {C0D237EB-E8F8-4C0F-BBE2-70B5137EB121} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => c:\Program Files\Microsoft Security Client\\MpCmdRun.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {C2D5B192-8DED-4F5D-838D-5A50DE0FD58C} - System32\Tasks\{40009517-DF8E-4047-80DC-F8C35193DCFF} => C:\Windows\system32\pcalua.exe -a E:\setup.exe -d E:\
Task: {C3A9DC12-0C55-4371-A150-4CBF3C8C9C9B} - System32\Tasks\{C0806817-6357-4165-9292-6F63F70C8D05} => C:\Windows\system32\pcalua.exe -a "J:\Program Files\AnyDVD more trouble\AnyDVD\ExecuteWithUAC.exe" -d "J:\Program Files\AnyDVD more trouble\AnyDVD"
Task: {C76447E4-E159-47BC-A44F-44BE8426FB4A} - System32\Tasks\{DB5719FF-E3BC-49B6-92F8-CDA3CDEF5F0D} => C:\Users\beatcat\Desktop\Empire Earth\Empire Earth.exe
Task: {C92A0933-951C-4418-859E-C95EAF0341EC} - System32\Tasks\{2D8A58DF-350F-4D4C-8656-FBF49D348B07} => C:\Windows\system32\pcalua.exe -a E:\Setup.exe -d E:\
Task: {D202BBC3-6F96-451B-A61A-C6572478EAE4} - System32\Tasks\{5418C855-C725-4C78-9D32-8F51277B5898} => E:\SETUP\ENGLISH\SETUP.EXE
Task: {D5453437-9C88-4A37-AA9F-A0936351E9F4} - System32\Tasks\{F70334A4-7013-4D99-8A12-573A82B222D1} => C:\Program Files (x86)\Infogrames Interactive\Civilization III\Civilization3.exe () [File not signed]
Task: {D7718B91-ABA1-474C-8C7A-CB33448B8E0F} - System32\Tasks\{71410954-DF81-41DE-8716-9E7932A6F958} => C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\Steam\steam.exe" -c steam://uninstall/15230
Task: {D8A93CB9-8B03-4BE9-880F-3DE4F1A494A2} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe (HP Inc. -> HP Inc.)
Task: {DDC3F84E-F745-46E9-9A16-BF13ED7E8D85} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe (Piriform Ltd -> Piriform Ltd)
Task: {E0B7446A-3013-40FE-A6BF-70B368315BBE} - System32\Tasks\{5AAE3448-273D-46A6-A153-9CA366B348F0} => C:\Windows\system32\pcalua.exe -a C:\Users\beatcat\Downloads\GameRangerSetup(2).exe -d "C:\Program Files (x86)\Mozilla Firefox"
Task: {E0F5AC29-D2A8-4E47-AAAE-486C96D99E22} - System32\Tasks\HPCeeScheduleForbeatcat => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe (HP Inc. -> HP Inc.)
Task: {E12BADB3-5E12-4158-A214-6BD18CD6C24F} - System32\Tasks\{75C58183-7560-4756-B2C1-915BD9EAC739} => C:\Windows\system32\pcalua.exe -a C:\Users\beatcat\Downloads\Xvid-1.2.1-04122008(1).exe -d "C:\Program Files (x86)\Mozilla Firefox"
Task: {E1708AC4-E23A-4B6C-B336-E57FF56E6CA8} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.)
Task: {E2BE4015-97F8-46F1-87DA-80EAE1461857} - System32\Tasks\{2ECBE3DE-547E-4D77-BAA9-C34825E45C9E} => C:\Program Files (x86)\Microsoft Games\Rise Of Legends\legends.exe
Task: {E32079F9-8603-4B2B-8ACC-435EF18D06B8} - System32\Tasks\{A8896C4F-726B-4373-ACAA-CEC30076B462} => E:\SETUP\ENGLISH\SETUP.EXE
Task: {E3F4A74B-83F8-4744-9BFD-08B4AB5FACE6} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe (HP Inc. -> HP Inc.)
Task: {E4BB2CF1-D570-4E1B-8430-43BE662C1505} - System32\Tasks\{20BB2548-64D3-4C51-8FEB-87205A54ACE4} => C:\Program Files (x86)\Infogrames Interactive\Civilization III\Civilization3.exe () [File not signed]
Task: {E9EEE5D6-69AA-44F4-8588-A1C0E13F2A57} - System32\Tasks\{1A2A40F3-0775-4C08-8BAD-FB525B06CB4A} => C:\Users\beatcat\Downloads\CompanyOfHeroesOpposing Fronts_English_ddmf\Setup.exe (THQ Canada Inc. -> THQ Canada Inc.)
Task: {EEDAE7BB-909E-4702-B14C-035F61ACD0FF} - System32\Tasks\{7DEC482E-5A65-4F83-BC3D-DE9DBD4E2D94} => C:\Program Files (x86)\Microsoft Games\Rise Of Legends\legends.exe
Task: {EEF94BB0-E476-4E42-A281-411997F591CC} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe (HP Inc. -> HP Inc.)
Task: {EFE6AF4D-BCE2-4F5E-8FFF-51D49AB8E546} - System32\Tasks\{B69F8BA5-E10B-4BA9-9CF2-1D0350CD0222} => "c:\program files (x86)\mozilla firefox\firefox.exe"

evanandrew3333 · #45 March 2nd, 2019, 03:25 PM

hxxp://ui.skype.com/ui/0/4.2.0.166.272/en/abandoninstall?page=tsMain&installinfo=google-toolbar:notoffered;notincluded,google-chrome:notoffered;notincluded
Task: {F61B920E-C4A3-4853-AF97-B3BC5C669F82} - System32\Tasks\{B8D753B3-1B82-4CA4-B541-F30C28572291} => C:\Program Files (x86)\Infogrames Interactive\Civilization III\Civilization3.exe () [File not signed]
Task: {FCA5CE8F-7865-488A-B9A6-38D0CEF45C78} - System32\Tasks\{06B2CA6E-D09A-40C3-B278-31D59B50850A} => C:\Program Files (x86)\Microsoft Games\Rise Of Legends\legends.exe
Task: {FD6FABCB-CBAE-4D7B-8FEE-A075C4CF8D95} - System32\Tasks\{88C91B33-B1C2-478C-A1CC-119AA5222976} => C:\Users\beatcat\Desktop\Games\Company of Heroes- Tales of Valor\Autorun.exe (THQ Canada Inc. -> THQ Canada Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\HPCeeScheduleForbeatcat.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

==================== Loaded Modules (Whitelisted) ==============

2010-08-06 10:15 - 2010-08-06 10:15 - 000071680 _____ (Hewlett-Packard) [File not signed] c:\windows\system32\hpzinw12.dll
2010-08-06 10:15 - 2010-08-06 10:15 - 000089600 _____ (Hewlett-Packard) [File not signed] c:\windows\system32\hpzipm12.dll
2012-09-18 12:15 - 2012-09-18 12:15 - 008525728 ____H (Error3: CryptCATAdminCalcHashFromFileHandle failed to return cbHash, #2 -> Electronic Arts, Inc.) [File not signed] C:\Program Files (x86)\Monopoly\monopolywin.exe
2009-09-20 11:24 - 2009-09-20 11:24 - 000133120 _____ (Hewlett-Packard Co.) [File not signed] c:\program files (x86)\hp\digital imaging\bin\hpqddsvc.dll
2009-09-20 11:24 - 2009-09-20 11:24 - 000213504 _____ (Hewlett-Packard Co.) [File not signed] c:\program files (x86)\hp\digital imaging\bin\hpqddcmn.dll
2009-09-20 11:36 - 2009-09-20 11:36 - 000249344 _____ (Hewlett-Packard Co.) [File not signed] c:\program files (x86)\hp\digital imaging\bin\hpqcxs08.dll
2014-01-08 11:00 - 2012-09-13 19:05 - 000138752 _____ () [File not signed] C:\Program Files (x86)\Monopoly\libpng15.dll
2014-01-08 11:00 - 2012-09-13 19:05 - 000075264 _____ (Zlib) [File not signed] C:\Program Files (x86)\Monopoly\zlib1.dll
2014-01-08 11:00 - 2012-09-13 19:05 - 000032768 _____ () [File not signed] C:\Program Files (x86)\Monopoly\alut.dll
2014-01-08 11:00 - 2012-09-13 19:05 - 000029184 _____ () [File not signed] C:\Program Files (x86)\Monopoly\libvorbisfile.dll
2014-01-08 11:00 - 2012-09-13 19:05 - 000017920 _____ () [File not signed] C:\Program Files (x86)\Monopoly\libogg.dll
2014-01-08 11:00 - 2012-09-13 19:05 - 001624576 _____ () [File not signed] C:\Program Files (x86)\Monopoly\libvorbis.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\Temp:2CB9631F [134]
AlternateDataStreams: C:\ProgramData\Temp:6764D965 [460]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Min imal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Net work\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com
IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com
IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com
IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com
IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com
IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com
IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com
IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com

There are 7942 more sites.

IE restricted site: HKU\S-1-5-21-1214944576-273379327-1179527443-1000\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-1214944576-273379327-1179527443-1000\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-1214944576-273379327-1179527443-1000\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-1214944576-273379327-1179527443-1000\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-1214944576-273379327-1179527443-1000\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-1214944576-273379327-1179527443-1000\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-1214944576-273379327-1179527443-1000\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-1214944576-273379327-1179527443-1000\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-1214944576-273379327-1179527443-1000\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-1214944576-273379327-1179527443-1000\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-1214944576-273379327-1179527443-1000\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-1214944576-273379327-1179527443-1000\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-1214944576-273379327-1179527443-1000\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-1214944576-273379327-1179527443-1000\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-1214944576-273379327-1179527443-1000\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-1214944576-273379327-1179527443-1000\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-1214944576-273379327-1179527443-1000\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-1214944576-273379327-1179527443-1000\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-1214944576-273379327-1179527443-1000\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-1214944576-273379327-1179527443-1000\...\123simsen.com -> www.123simsen.com

There are 7942 more sites.

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 21:34 - 2018-10-21 11:16 - 000454816 ____R C:\Windows\system32\drivers\etc\hosts

127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 1000gratisproben.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com
127.0.0.1 www.100sexlinks.com
127.0.0.1 100sexlinks.com
127.0.0.1 10sek.com
127.0.0.1 www.10sek.com
127.0.0.1 www.1-2005-search.com
127.0.0.1 1-2005-search.com
127.0.0.1 123fporn.info
127.0.0.1 www.123fporn.info
127.0.0.1 123haustiereundmehr.com
127.0.0.1 www.123haustiereundmehr.com
127.0.0.1 123moviedownload.com
127.0.0.1 www.123moviedownload.com

There are 15609 more lines.

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path: C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\ProgramData\Oracle\J ava\javapath;C:\Program Files (x86)\AMD APP\bin\x86_64;C:\Program Files (x86)\AMD APP\bin\x86;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\Common Files\Microsoft Shared\Windows Live;C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live;%SystemRoot%\system32;%SystemRoot%;%SystemRoo t%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowe rShell\v1.0\;c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static;c:\Program Files (x86)\Common Files\Roxio Shared\DLLShared\;c:\Program Files (x86)\Common Files\Roxio Shared\12.0\DLLShared\;C:\Program Files (x86)\Windows Live\Shared;C:\Program Files (x86)\QuickTime\QTSystem\;C:\Program Files (x86)\Calibre2\
HKU\S-1-5-21-1214944576-273379327-1179527443-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\beatcat\AppData\Roaming\Microsoft\Windows \Themes\TranscodedWallpaper.jpg
DNS Servers: 209.222.18.222 - 209.222.18.218
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Pol icies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.

MSCONFIG\Services: ACDaemon => 2
MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: AMD External Events Utility => 2
MSCONFIG\Services: AMD FUEL Service => 2
MSCONFIG\Services: Apple Mobile Device Service => 2
MSCONFIG\Services: Bonjour Service => 2
MSCONFIG\Services: bthserv => 2
MSCONFIG\Services: Fax => 3
MSCONFIG\Services: GalaxyCommunication => 3
MSCONFIG\Services: GameConsoleService => 3
MSCONFIG\Services: HPClientSvc => 2
MSCONFIG\Services: HPSLPSVC => 2
MSCONFIG\Services: HPSupportSolutionsFrameworkService => 2
MSCONFIG\Services: IDriverT => 3
MSCONFIG\Services: iPod Service => 3
MSCONFIG\Services: pdfcDispatcher => 2
MSCONFIG\Services: RoxioNow Service => 2
MSCONFIG\Services: SkypeUpdate => 2
MSCONFIG\Services: TabletInputService => 3
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^CodecPackTrayMenu.lnk => C:\Windows\pss\CodecPackTrayMenu.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk => C:\Windows\pss\HP Digital Imaging Monitor.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Microsoft Works Calendar Reminders.lnk => C:\Windows\pss\Microsoft Works Calendar Reminders.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Snapfish PictureMover.lnk => C:\Windows\pss\Snapfish PictureMover.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^beatcat^AppData^Roaming^Microsoft^Windows ^Start Menu^Programs^Startup^OpenOffice.org 3.3.lnk => C:\Windows\pss\OpenOffice.org 3.3.lnk.Startup
MSCONFIG\startupreg: AnyDVD => C:\Program Files (x86)\SlySoft\AnyDVD\AnyDVDtray.exe
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: ArcSoft Connection Service => C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
MSCONFIG\startupreg: CCleaner Smart Cleaning => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
MSCONFIG\startupreg: Codec Pack Update Checker => "C:\Windows\system32\Codecs\UpdateChecker.exe"
MSCONFIG\startupreg: Codec Settings UAC Manager => "C:\Windows\system32\Codecs\CodecUACManager.ex e"
MSCONFIG\startupreg: Comrade.exe => C:\Program Files (x86)\GameSpy\Comrade\Comrade.exe
MSCONFIG\startupreg: Discord => C:\Users\beatcat\AppData\Local\Discord\app-0.0.304\Discord.exe
MSCONFIG\startupreg: DivXUpdate => "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
MSCONFIG\startupreg: GOGDownloader => "C:\Users\beatcat\Documents\gogdownloader_0901376\ GOGDownloader.exe" /minimized
MSCONFIG\startupreg: HP Software Update => c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
MSCONFIG\startupreg: hpqSRMon => C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe
MSCONFIG\startupreg: hpsysdrv => c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe
MSCONFIG\startupreg: iCloudDrive => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
MSCONFIG\startupreg: igndlm.exe => C:\Program Files (x86)\Download Manager\DLM.exe /windowsstart /startifwork
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: Microsoft Works Portfolio => C:\Program Files (x86)\Microsoft Works\WksSb.exe /AllUsers
MSCONFIG\startupreg: Microsoft Works Update Detection => C:\Program Files (x86)\Microsoft Works\WkDetect.exe
MSCONFIG\startupreg: PDF Complete => C:\Program Files (x86)\PDF Complete\pdfsty.exe
MSCONFIG\startupreg: SDTray => "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /nosplash /minimized
MSCONFIG\startupreg: Skype for Desktop => C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
MSCONFIG\startupreg: SmartMenu => C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe /background
MSCONFIG\startupreg: snp2std => C:\Windows\vsnp2std.exe
MSCONFIG\startupreg: StartCCC => "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
MSCONFIG\startupreg: Steam => "C:\Program Files (x86)\Steam\Steam.exe" -silent
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: TkBellExe => "C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe" -osboot
MSCONFIG\startupreg: vProt => "C:\Program Files (x86)\AVG Secure Search\vprot.exe"
MSCONFIG\startupreg: WorksFUD => C:\Program Files (x86)\Microsoft Works\wkfud.exe
MSCONFIG\startupreg: Xvid => C:\Program Files (x86)\Xvid\CheckUpdate.exe

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{3B1A0EB0-0BE1-44D5-827B-8A812E7ABF55}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{8C81FF89-5A54-4F52-A8C0-BFC192E63DEB}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{C3CA126B-1BF3-4259-975D-EC04BEEDE89D}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{9DD09435-9489-49B7-A123-170C355456E1}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{5F425BFC-9B1E-453C-86CB-0D6F3A6D6D6A}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [{85EADD90-6157-4418-871A-EAA3276C603D}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [{E082A3C7-EB39-4813-9EE8-A043F27B3D4C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Ogre\Ogre.exe () [File not signed]
FirewallRules: [{5AC52F89-BFD8-4B3B-8FE9-2A91379C94AF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Ogre\Ogre.exe () [File not signed]
FirewallRules: [{29D31D65-7441-4FDF-9C8E-AAE61A9AECD5}] => (Allow) C:\Program Files\pia_manager\pia_manager.exe No File
FirewallRules: [{15AECC1F-74B4-4FB8-A14D-9ED0F59707B3}] => (Allow) C:\Program Files\pia_manager\pia_manager.exe No File
FirewallRules: [{74BFBCA3-1429-42AD-BE0F-BF663709C735}] => (Allow) C:\Program Files\pia_manager\pia_manager.exe No File
FirewallRules: [{68B2EBF1-DDCC-449C-8A80-5853D39AA595}] => (Allow) C:\Program Files\pia_manager\pia_manager.exe No File
FirewallRules: [{B7A95BAB-6480-4FD2-95ED-EF5ADA72ED3F}] => (Allow) C:\Program Files (x86)\Apowersoft\Apowersoft Free Screen Recorder\Apowersoft Free Screen Recorder.exe No File
FirewallRules: [{8DF47870-117A-4DDD-ADAF-11A17E0E3C81}] => (Allow) C:\Program Files (x86)\Apowersoft\Apowersoft Free Screen Recorder\Apowersoft Free Screen Recorder.exe No File
FirewallRules: [TCP Query User{6EBD9521-ED82-4D80-A883-2DAA8B8FB7D5}C:\program files\itunes\itunes.exe] => (Block) C:\program files\itunes\itunes.exe (Apple Inc. -> Apple Inc.)

Similar Topics
Topic	Topic Starter	Forum	Replies	Last Post
Blue Screens	bcorz	Hardware	5	April 18th, 2007 10:42 PM
More Blue Screens	Pi rules	Windows XP	1	August 27th, 2005 03:51 PM
blue screens	phoenix	Hardware	3	February 23rd, 2003 11:10 AM
blue screens	30111987	Windows ME	3	September 6th, 2002 04:57 PM
Blue screens	Golgo-13	Windows 98	4	January 7th, 2001 02:54 AM