Go Back   Tech Support Forum > Security Center > Virus/Trojan/Spyware Help

User Tag List

JoniCoupon File Type

This is a discussion on JoniCoupon File Type within the Virus/Trojan/Spyware Help forums, part of the Tech Support Forum category. I had a JoniCoupon infection at some point, years ago. Since then, I was under the impression I had killed


Closed Thread
 
Thread Tools Search this Thread
Old 07-24-2016, 01:57 PM   #1
Registered Member
 
MentalParadox's Avatar
 
Join Date: Mar 2013
Location: Brasschaat, Belgium.
Posts: 131
OS: Windows 10 Home, 64bit


EEK!

I had a JoniCoupon infection at some point, years ago. Since then, I was under the impression I had killed it (using SuperAntiSpyware and others). But bizarrely, it has someone infected filed and has become a file type!

More specifically, it has been infecting savegames from... games. If you hover over them, it'll say "type: JoniCoupon". I added a jpg to demonstrate what I mean. My games are failing to load the savegames as they of course don't recognize the .JoniCoupon extension.

Note: this game is the last game I have to finish before I will wipe my PC and get Windows XP instead of the 7 that is currently installed. It will become a PC with no internet connection used for playing old games. So if all else fails, I'll just nuke the whole thing and be done with it.


DDS:

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.9600.18377 BrowserJavaVersion: 11.25.2
Run by User at 22:49:45 on 2016-07-24
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.32.1043.18.12268.7698 [GMT 2:00]
.
AV: Microsoft Security Essentials *Enabled/Updated* {768124D7-F5F7-6D2F-DDC2-94DFA4017C95}
SP: Microsoft Security Essentials *Enabled/Updated* {CDE0C533-D3CD-62A1-E772-AFADDF863628}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Program Files\IDT\WDM\STacSV64.exe
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\IDT\WDM\AESTSr64.exe
C:\Program Files (x86)\Bonjour\mDNSResponder.exe
C:\Windows\System32\svchost.exe -k utcsvc
C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
C:\Program Files\Intel\iCLS Client\HeciServer.exe
C:\Program Files (x86)\Raptr Inc\PlaysTV\plays_service.exe
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files\Microsoft Security Client\NisSrv.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\System32\WUDFHost.exe
C:\Windows\system32\atieclxx.exe
C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\GWX\GWX.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Users\User\AppData\Local\Microsoft\OneDrive\OneDrive.exe
C:\Users\User\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\MOM.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\CCC.exe
C:\PROGRA~2\RAPTRI~1\Raptr\raptr.exe
C:\PROGRA~2\RAPTRI~1\Raptr\raptr_im.exe
C:\PROGRA~2\RAPTRI~1\Raptr\raptr_ep64.exe
C:\PROGRA~2\RAPTRI~1\PlaysTV\playstv.exe
C:\PROGRA~2\RAPTRI~1\PlaysTV\plays_ep64.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\system32\taskhost.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\Adblock Plus for IE\AdblockPlusEngine.exe
C:\Windows\system32\svchost.exe -k SDRSVC
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = about:Tabs
mWinlogon: Userinit = userinit.exe
BHO: MSS+ Identifier: {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.141\McAfeeMSS_IE.dll
BHO: Canon Easy-WebPrint EX BHO: {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll
BHO: GoSave: {397a4a95-ebca-4775-9cd4-3ea401c7d7fc} -
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll
BHO: YoutubeAdBlocke: {7df28b6a-ad67-4f89-8d87-01ae25a07ad9} -
BHO: Aanmeldhulp voor Microsoft-account: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll
BHO: Adblock Plus for IE Browser Helper Object: {FFCB3198-32F3-4E8B-9539-4324694ED664} - C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll
TB: Canon Easy-WebPrint EX: {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll
TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
EB: Canon Easy-WebPrint EX: {21347690-EC41-4F9A-8887-1F4AEE672439} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll
uRun: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
uRun: [GoogleChromeAutoLaunch_BCEA24321E5E4F1401136BBEDFB545FE] "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window
uRun: [OneDrive] "C:\Users\User\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
uRun: [Dropbox Update] "C:\Users\User\AppData\Local\Dropbox\Update\DropboxUpdate.exe" /c
mRun: [StartCCC] "C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun
mRun: [PlaysTV] "C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv_launcher.exe" --startup
mRun: [Raptr] "C:\Program Files (x86)\Raptr Inc\Raptr\raptrstub.exe" --startup
dRun: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
StartupFolder: C:\Users\User\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Dropbox.lnk - C:\Users\User\AppData\Roaming\Dropbox\bin\Dropbox.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: PromptOnSecureDesktop = dword:0
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~4\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~4\Office14\ONBttnIE.dll/105
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
Trusted Zone: aeriagames.com
Trusted Zone: aeriagames.com
Trusted Zone: clonewarsadventures.com
Trusted Zone: freerealms.com
Trusted Zone: soe.com
Trusted Zone: sony.com
TCP: NameServer = 195.130.131.4 195.130.130.4
TCP: Interfaces\{EC97E7CA-C890-4DAC-B57F-F53D727D38B7} : DHCPNameServer = 195.130.131.4 195.130.130.4
TCP: Interfaces\{EC97E7CA-C890-4DAC-B57F-F53D727D38B7}\4554C454E4544584F4D4543505F445 : DHCPNameServer = 195.130.130.141 195.130.131.141
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
AppInit_DLLs=
SSODL: WebCheck - <orphaned>
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\51.0.2704.103\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
mASetup: {A6EADE66-0000-0000-484E-7E8A45000000} - "C:\Windows\SysWOW64\Rundll32.exe" "C:\Program Files (x86)\Adobe\Acrobat Reader DC\Esl\AiodLite.dll",CreateReaderUserSettings
x64-BHO: GoSave: {397a4a95-ebca-4775-9cd4-3ea401c7d7fc} -
x64-BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL
x64-BHO: YoutubeAdBlocke: {7df28b6a-ad67-4f89-8d87-01ae25a07ad9} -
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL
x64-BHO: Adblock Plus for IE Browser Helper Object: {FFCB3198-32F3-4E8B-9539-4324694ED664} - C:\Program Files\Adblock Plus for IE\AdblockPlus64.dll
x64-TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
x64-Run: [Fences] "C:\Program Files (x86)\Stardock\Fences\Fences.exe" /startup
x64-Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-SSODL: WebCheck - <orphaned>
x64-STS: FencesShlExt Class - {1984DD45-52CF-49cd-AB77-18F378FEA264} - C:\Program Files (x86)\Stardock\Fences\FencesMenu64.dll
x64-SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL
.
============= SERVICES / DRIVERS ===============
.
R0 amdkmpfd;AMD PCI Root Bus Lower Filter;C:\Windows\System32\drivers\amdkmpfd.sys [2014-10-28 62152]
R0 iaStorA;iaStorA;C:\Windows\System32\drivers\iaStorA.sys [2013-1-31 652784]
R0 iaStorF;iaStorF;C:\Windows\System32\drivers\iaStorF.sys [2013-1-31 28656]
R0 MpFilter;Microsoft Malware Protection Driver;C:\Windows\System32\drivers\MpFilter.sys [2015-11-13 289120]
R1 SASDIFSV;SASDIFSV;C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys [2011-7-22 14928]
R1 SASKUTIL;SASKUTIL;C:\Program Files\SUPERAntiSpyware\saskutil64.sys [2011-7-12 12368]
R2 !SASCORE;SAS Core Service;C:\Program Files\SUPERAntiSpyware\SASCore64.exe [2014-7-23 172344]
R2 AESTFilters;Andrea ST Filters Service;C:\Program Files\IDT\WDM\AESTSr64.exe [2013-3-13 89600]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2015-8-4 246784]
R2 DiagTrack;Diagnostics Tracking Service;C:\Windows\System32\svchost.exe -k utcsvc [2009-7-14 27136]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2013-1-31 15344]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-12-10 732160]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe [2013-3-18 169432]
R2 PlaysService;Plays.tv Update Service;C:\Program Files (x86)\Raptr Inc\PlaysTV\plays_service.exe [2016-7-13 32528]
R2 StarWindServiceAE;StarWind AE Service;C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [2007-5-28 275968]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;C:\Windows\System32\drivers\AtihdW76.sys [2015-7-15 96256]
R3 AVer7231_x64;AVerMedia 7231 capture service;C:\Windows\System32\drivers\AVer7231_x64.sys [2012-6-27 1873024]
R3 netr28x;Ralink 802.11n Extensible Wireless Driver;C:\Windows\System32\drivers\netr28x.sys [2012-12-6 2350176]
R3 NisDrv;Microsoft Network Inspection System;C:\Windows\System32\drivers\NisDrvWFP.sys [2013-1-20 133816]
R3 NisSrv;Microsoft Netwerkinspectie;C:\Program Files\Microsoft Security Client\NisSrv.exe [2016-1-29 374344]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2011-5-16 533096]
R3 tihub3;TI USB3 Hub Service;C:\Windows\System32\drivers\tihub3.sys [2012-5-2 136512]
R3 tixhci;TI XHCI Service;C:\Windows\System32\drivers\tixhci.sys [2012-5-2 413504]
S2 CLKMSVC10_38F51D56;CyberLink Product - 2013/03/18 09:19:17;C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe [2011-1-25 241648]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2014-4-11 103608]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2014-4-11 124088]
S2 HPSupportSolutionsFrameworkService;HP Support Solutions Framework Service;C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe [2014-7-7 72992]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2014-12-11 315496]
S3 GemCCID;GemCCID;C:\Windows\System32\drivers\GemCCID.sys [2014-11-10 130944]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2016-7-20 114688]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface;C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2012-12-10 803872]
S3 McComponentHostService;McAfee Security Scan Component Host Service;C:\Program Files\McAfee Security Scan\3.8.141\McCHSvc.exe [2014-1-16 289256]
S3 OCUSBVID;Oculus Positional Tracker Service;C:\Windows\System32\drivers\OCUSBVID.sys [2014-7-22 45488]
S3 Origin Client Service;Origin Client Service;C:\Program Files (x86)\Origin\OriginClientService.exe [2015-2-11 2004488]
S3 OverwolfUpdater;Overwolf Updater Windows SCM;C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [2016-7-17 1309936]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2013-3-18 19456]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2014-8-5 56832]
S3 WatAdminSvc;Windows Activation Technologies-service;C:\Windows\System32\Wat\WatAdminSvc.exe [2013-3-13 1255736]
.
=============== File Associations ===============
.
FileExt: .reg: regfile=regedit.exe "%1" [UserChoice]
.
=============== Created Last 30 ================
.
2016-07-24 02:05:57 12007136 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{354EA79D-4477-4AD4-A15A-6159FC26FF0E}\mpengine.dll
2016-07-23 23:43:28 12007136 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2016-07-21 01:46:07 -------- d-----w- C:\Windows\EOONotify
2016-07-20 23:37:57 8192 ----a-w- C:\Windows\System32\drivers\nl-NL\tpm.sys.mui
2016-07-20 23:37:57 451080 ----a-w- C:\Windows\System32\fveapi.dll
2016-07-20 23:37:57 312600 ----a-w- C:\Windows\System32\wbem\Win32_Tpm.dll
2016-07-20 23:37:57 257864 ----a-w- C:\Windows\SysWow64\wbem\Win32_Tpm.dll
2016-07-20 23:37:57 20480 ----a-w- C:\Windows\System32\tbs.dll
2016-07-20 23:37:57 15360 ----a-w- C:\Windows\SysWow64\tbs.dll
2016-07-20 23:37:57 109568 ----a-w- C:\Windows\System32\fveapibase.dll
2016-07-20 23:37:55 1648128 ----a-w- C:\Windows\System32\DWrite.dll
2016-07-20 23:37:53 1251328 ----a-w- C:\Windows\SysWow64\DWrite.dll
2016-07-20 23:37:53 1180160 ----a-w- C:\Windows\System32\FntCache.dll
2016-07-20 23:37:53 1008640 ----a-w- C:\Windows\System32\user32.dll
2016-07-20 23:37:52 833024 ----a-w- C:\Windows\SysWow64\user32.dll
2016-07-20 02:29:44 91648 ----a-w- C:\Windows\System32\mapistub.dll
2016-07-20 02:29:44 76800 ----a-w- C:\Windows\SysWow64\mapistub.dll
2016-07-20 02:29:44 17920 ----a-w- C:\Windows\System32\fixmapi.exe
2016-07-20 02:29:44 14336 ----a-w- C:\Windows\SysWow64\fixmapi.exe
2016-07-20 02:29:21 156672 ----a-w- C:\Windows\System32\mtxoci.dll
2016-07-20 02:29:21 111616 ----a-w- C:\Windows\SysWow64\mtxoci.dll
2016-07-20 02:29:20 176128 ----a-w- C:\Windows\SysWow64\msorcl32.dll
2016-07-20 02:29:17 286720 ----a-w- C:\Program Files (x86)\Common Files\System\Ole DB\msdaora.dll
2016-07-20 02:28:27 511488 ----a-w- C:\Windows\System32\rpcss.dll
2016-07-20 02:28:11 2048 ----a-w- C:\Windows\SysWow64\msxml3r.dll
2016-07-20 02:28:11 2048 ----a-w- C:\Windows\System32\msxml3r.dll
2016-07-20 02:28:11 1885696 ----a-w- C:\Windows\System32\msxml3.dll
2016-07-20 02:28:11 1240576 ----a-w- C:\Windows\SysWow64\msxml3.dll
2016-07-20 02:27:46 2084864 ----a-w- C:\Windows\System32\ole32.dll
2016-07-20 02:27:39 1414144 ----a-w- C:\Windows\SysWow64\ole32.dll
2016-07-20 02:25:59 572416 ----a-w- C:\Windows\System32\vbscript.dll
2016-07-20 02:24:45 970240 ----a-w- C:\Windows\System32\localspl.dll
2016-07-20 02:23:54 14176 ----a-w- C:\Windows\SysWow64\api-ms-win-core-localization-l1-2-0.dll
2016-07-20 02:22:32 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
2016-07-20 02:22:32 2048 ----a-w- C:\Windows\System32\tzres.dll
2016-07-20 02:22:08 986344 ----a-w- C:\Windows\System32\drivers\dxgkrnl.sys
2016-07-20 02:22:07 264936 ----a-w- C:\Windows\System32\drivers\dxgmms1.sys
2016-07-20 02:22:07 144384 ----a-w- C:\Windows\System32\cdd.dll
2016-07-20 02:22:04 1684416 ----a-w- C:\Windows\System32\drivers\ntfs.sys
2016-07-20 02:21:53 141312 ----a-w- C:\Windows\System32\drivers\mrxdav.sys
2016-07-20 02:21:44 3180544 ----a-w- C:\Windows\System32\rdpcorets.dll
2016-07-20 02:21:44 16384 ----a-w- C:\Windows\System32\RdpGroupPolicyExtension.dll
2016-07-20 02:21:43 243200 ----a-w- C:\Windows\System32\rdpudd.dll
2016-07-20 02:21:39 17408 ----a-w- C:\Windows\System32\wshrm.dll
2016-07-20 02:21:39 14848 ----a-w- C:\Windows\SysWow64\wshrm.dll
2016-07-20 02:21:39 146944 ----a-w- C:\Windows\System32\drivers\rmcast.sys
2016-07-20 02:04:55 -------- d-----w- C:\Users\User\AppData\Roaming\PlaysTV
2016-07-20 02:00:07 -------- d-----w- C:\Program Files (x86)\Raptr Inc
2016-07-20 00:59:57 624640 ----a-w- C:\Windows\System32\qedit.dll
2016-07-20 00:57:22 96256 ----a-w- C:\Windows\System32\gpapi.dll
2016-07-20 00:57:22 794624 ----a-w- C:\Windows\System32\gpsvc.dll
2016-07-20 00:57:22 79360 ----a-w- C:\Windows\SysWow64\gpapi.dll
2016-07-20 00:57:22 502272 ----a-w- C:\Windows\System32\IPSECSVC.DLL
2016-07-20 00:57:22 373760 ----a-w- C:\Windows\System32\polstore.dll
2016-07-20 00:57:22 274944 ----a-w- C:\Windows\SysWow64\polstore.dll
2016-07-20 00:57:21 75776 ----a-w- C:\Windows\System32\FwRemoteSvr.dll
2016-07-20 00:57:21 70144 ----a-w- C:\Windows\SysWow64\winipsec.dll
2016-07-20 00:57:21 44032 ----a-w- C:\Windows\SysWow64\FwRemoteSvr.dll
2016-07-20 00:57:21 105472 ----a-w- C:\Windows\System32\winipsec.dll
2016-07-20 00:55:34 2104320 ----a-w- C:\Program Files\Common Files\Microsoft Shared\ink\InkObj.dll
2016-07-20 00:54:21 3243520 ----a-w- C:\Windows\System32\msi.dll
2016-07-19 19:22:13 1167568 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{15695A78-4F24-4C21-AF4B-EA06A61382B4}\gapaengine.dll
2016-07-19 19:19:39 -------- d--h--w- C:\OneDriveTemp
.
==================== Find3M ====================
.
2016-07-19 21:07:52 796352 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2016-07-19 21:07:52 142528 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2016-07-07 00:39:37 485032 ------w- C:\Windows\System32\MpSigStub.exe
2016-06-26 00:35:09 41704 ----a-w- C:\Windows\System32\CompatTelRunner.exe
2016-06-26 00:27:39 756736 ----a-w- C:\Windows\System32\win32spl.dll
2016-06-26 00:27:32 344576 ----a-w- C:\Windows\System32\ntprint.dll
2016-06-26 00:27:25 22528 ----a-w- C:\Windows\System32\inetppui.dll
2016-06-26 00:27:25 166400 ----a-w- C:\Windows\System32\inetpp.dll
2016-06-26 00:27:07 1208320 ----a-w- C:\Windows\System32\aeinv.dll
2016-06-25 19:54:03 497152 ----a-w- C:\Windows\SysWow64\win32spl.dll
2016-06-25 19:53:56 297472 ----a-w- C:\Windows\SysWow64\ntprint.dll
2016-06-25 19:53:05 48640 ----a-w- C:\Windows\System32\wpnpinst.exe
2016-06-25 19:53:04 61952 ----a-w- C:\Windows\System32\ntprint.exe
2016-06-25 19:41:53 61952 ----a-w- C:\Windows\SysWow64\ntprint.exe
2016-06-22 1329 268800 ----a-w- C:\Windows\System32\centel.dll
2016-06-17 18:24:29 571904 ----a-w- C:\Windows\System32\generaltel.dll
2016-06-17 18:24:29 544256 ----a-w- C:\Windows\System32\devinv.dll
2016-06-17 18:24:29 294912 ----a-w- C:\Windows\System32\invagent.dll
2016-06-17 18:24:28 76800 ----a-w- C:\Windows\System32\acmigration.dll
2016-06-17 18:24:28 219136 ----a-w- C:\Windows\System32\aepic.dll
2016-06-17 18:24:28 1490432 ----a-w- C:\Windows\System32\appraiser.dll
2016-06-14 15:21:17 2560 ----a-w- C:\Windows\apppatch\AcRes.dll
2016-06-14 15:03:37 3217408 ----a-w- C:\Windows\System32\win32k.sys
2016-06-10 21:38:26 2724864 ----a-w- C:\Windows\System32\mshtml.tlb
2016-06-10 21:38:13 4096 ----a-w- C:\Windows\System32\ieetwcollectorres.dll
2016-06-10 21:20:37 66560 ----a-w- C:\Windows\System32\iesetup.dll
2016-06-10 21:19:33 48640 ----a-w- C:\Windows\System32\ieetwproxystub.dll
2016-06-10 21:19:24 417792 ----a-w- C:\Windows\System32\html.iec
2016-06-10 21:18:57 88064 ----a-w- C:\Windows\System32\MshtmlDac.dll
2016-06-10 21:03:14 114688 ----a-w- C:\Windows\System32\ieetwcollector.exe
2016-06-10 21:03:13 144384 ----a-w- C:\Windows\System32\ieUnatt.exe
2016-06-10 21:02:53 814080 ----a-w- C:\Windows\System32\jscript9diag.dll
2016-06-10 20:53:59 968704 ----a-w- C:\Windows\System32\MsSpellCheckingFacility.exe
2016-06-10 20:49:29 6047744 ----a-w- C:\Windows\System32\jscript9.dll
2016-06-10 20:40:41 77824 ----a-w- C:\Windows\System32\JavaScriptCollectionAgent.dll
2016-06-10 20:11:27 1359360 ----a-w- C:\Windows\System32\mshtmlmedia.dll
2016-06-10 20:10:46 2131456 ----a-w- C:\Windows\System32\inetcpl.cpl
2016-06-10 19:44:23 2869248 ----a-w- C:\Windows\System32\wininet.dll
2016-06-10 19:09:24 2724864 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2016-06-10 18:54:17 62464 ----a-w- C:\Windows\SysWow64\iesetup.dll
2016-06-10 18:53:35 497664 ----a-w- C:\Windows\SysWow64\vbscript.dll
2016-06-10 18:53:30 47616 ----a-w- C:\Windows\SysWow64\ieetwproxystub.dll
2016-06-10 18:53:13 341504 ----a-w- C:\Windows\SysWow64\html.iec
2016-06-10 18:52:06 64000 ----a-w- C:\Windows\SysWow64\MshtmlDac.dll
2016-06-10 18:41:44 115712 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
2016-06-10 18:41:22 620032 ----a-w- C:\Windows\SysWow64\jscript9diag.dll
2016-06-10 18:27:48 60416 ----a-w- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
2016-06-10 18:14:52 4608000 ----a-w- C:\Windows\SysWow64\jscript9.dll
2016-06-10 18:09:13 2055680 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2016-06-10 18:09:07 1155072 ----a-w- C:\Windows\SysWow64\mshtmlmedia.dll
2016-06-10 17:45:19 2392576 ----a-w- C:\Windows\SysWow64\wininet.dll
2016-05-20 01:13:22 875712 ----a-w- C:\Windows\SysWow64\msvcr120_clr0400.dll
2016-05-20 01:13:22 536768 ----a-w- C:\Windows\SysWow64\msvcp120_clr0400.dll
2016-05-20 01:03:04 869568 ----a-w- C:\Windows\System32\msvcr120_clr0400.dll
2016-05-20 01:03:04 678592 ----a-w- C:\Windows\System32\msvcp120_clr0400.dll
2016-05-18 16:10:23 312832 ----a-w- C:\Windows\SysWow64\gdi32.dll
2016-05-18 16:09:22 405504 ----a-w- C:\Windows\System32\gdi32.dll
2016-05-13 22:15:24 382184 ----a-w- C:\Windows\System32\atmfd.dll
2016-05-13 22:09:19 41472 ----a-w- C:\Windows\System32\lpk.dll
2016-05-13 22:09:16 100864 ----a-w- C:\Windows\System32\fontsub.dll
2016-05-13 22:09:13 14336 ----a-w- C:\Windows\System32\dciman32.dll
2016-05-13 22:09:10 46080 ----a-w- C:\Windows\System32\atmlib.dll
2016-05-13 21:54:26 308456 ----a-w- C:\Windows\SysWow64\atmfd.dll
2016-05-13 21:50:05 25600 ----a-w- C:\Windows\SysWow64\lpk.dll
2016-05-13 21:49:48 70656 ----a-w- C:\Windows\SysWow64\fontsub.dll
2016-05-13 21:49:46 10240 ----a-w- C:\Windows\SysWow64\dciman32.dll
2016-05-13 21:27:06 34304 ----a-w- C:\Windows\SysWow64\atmlib.dll
2016-05-12 17:20:14 95464 ----a-w- C:\Windows\System32\drivers\ksecdd.sys
2016-05-12 17:20:14 154856 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys
2016-05-12 17:15:03 86528 ----a-w- C:\Windows\System32\TSpkg.dll
2016-05-12 17:15:03 210432 ----a-w- C:\Windows\System32\wdigest.dll
2016-05-12 17:15:02 28672 ----a-w- C:\Windows\System32\sspisrv.dll
2016-05-12 17:15:02 135680 ----a-w- C:\Windows\System32\sspicli.dll
2016-05-12 15:18:40 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll
2016-05-12 15:05:40 64000 ----a-w- C:\Windows\System32\auditpol.exe
2016-05-12 14:58:45 159744 ----a-w- C:\Windows\System32\drivers\mrxsmb.sys
2016-05-12 14:58:32 464896 ----a-w- C:\Windows\System32\drivers\srv.sys
2016-05-12 14:58:25 405504 ----a-w- C:\Windows\System32\drivers\srv2.sys
2016-05-12 14:58:18 168960 ----a-w- C:\Windows\System32\drivers\srvnet.sys
2016-05-12 14:58:12 291328 ----a-w- C:\Windows\System32\drivers\mrxsmb10.sys
2016-05-12 14:58:10 129536 ----a-w- C:\Windows\System32\drivers\mrxsmb20.sys
2016-05-12 14:57:27 30720 ----a-w- C:\Windows\System32\lsass.exe
2016-05-12 14:56:15 50176 ----a-w- C:\Windows\SysWow64\auditpol.exe
2016-05-12 14:51:38 36352 ----a-w- C:\Windows\SysWow64\cryptbase.dll
2016-05-12 13:05:59 459640 ----a-w- C:\Windows\System32\drivers\cng.sys
2016-05-12 13:05:59 297984 ----a-w- C:\Windows\System32\bcryptprimitives.dll
2016-05-12 13:04:55 249352 ----a-w- C:\Windows\SysWow64\bcryptprimitives.dll
2016-05-11 17:02:50 296448 ----a-w- C:\Windows\System32\ws2_32.dll
2016-05-11 17:02:49 444928 ----a-w- C:\Windows\System32\winhttp.dll
2016-05-11 17:02:48 483840 ----a-w- C:\Windows\System32\StructuredQuery.dll
2016-05-11 17:02:42 327168 ----a-w- C:\Windows\System32\mswsock.dll
2016-05-11 15:19:26 206336 ----a-w- C:\Windows\SysWow64\ws2_32.dll
2016-05-11 15:19:25 351744 ----a-w- C:\Windows\SysWow64\winhttp.dll
2016-05-11 15:19:24 363520 ----a-w- C:\Windows\SysWow64\StructuredQuery.dll
2016-05-11 15:19:16 231424 ----a-w- C:\Windows\SysWow64\mswsock.dll
2016-05-11 15:11:34 25088 ----a-w- C:\Windows\System32\netbtugc.exe
2016-05-11 15:01:19 26624 ----a-w- C:\Windows\SysWow64\netbtugc.exe
2016-05-11 14:58:23 262144 ----a-w- C:\Windows\System32\drivers\netbt.sys
.
============= FINISH: 22:50:21,46 ===============
Attached Thumbnails
Click image for larger version

Name:	JoniCoupon.jpg
Views:	270
Size:	89.7 KB
ID:	288225  
Attached Files
File Type: txt attach.txt (14.6 KB, 294 views)
MentalParadox is offline  
Sponsored Links
Advertisement
 
Old 07-25-2016, 01:06 AM   #2
Security Team
Analyst
 
tekir06's Avatar
 
Join Date: Oct 2010
Location: Turkiye
Posts: 1,859
OS: Windows 7 (32 Bit)



Hello MentalParadox,

My name is Tolga and I will assist you with your malware related problems.

Before we move on, please read the following points carefully.

If you haven't already, please Subscribe to this Thread to get immediate notification of replies as soon as they are posted. To do this click Thread Tools, then click Subscribe to this Thread. Make sure it is set to Instant notification by email, then click Add Subscription.
First, read my instructions completely. If there is anything that you do not understand kindly ask before proceeding.
Please download to and run all requested tools from your Desktop.
Perform everything in the correct order. Sometimes one step requires the previous one.
If you have any problems while following my instructions, Stop there and tell me the exact nature of your problem.
Do not run any other scans without instruction or add/remove software unless I tell you to do so. This would change the output of our tools and could be confusing for me.
Post all logfiles as a reply rather than as an attachment unless I specifically ask you. If you can not post all logfiles in one reply, feel free to use more posts.
If I don't hear from you within 3 days from this initial or any subsequent post, then this thread will be closed.
Stay with me. I will give you some advice about prevention after the cleanup process. Absence of symptoms does not always mean the computer is clean.
My native language is not english. So please do not use slang or idioms. It could be hard for me to read. Thanks for your understanding.

Now, let's get started, shall we? Please do the below steps.

STEP 1

Please download AdwCleaner from here and save it to your desktop.

Click the green 'Download now @bleepingcomputer' button.
Run AdwCleaner and select Scan
Once the Scan is done, select Clean
Once done it will ask to reboot, please allow the reboot.
On reboot, a log will be produced. It can also be found at C:\AdwCleaner\AdwCleaner[C#].txt
Please copy/paste the contents of the log in your next reply.

STEP 2

Please download Farbar Recovery Scan Tool and save it to your desktop.

Double-click FRST64 to run it. When the tool opens click Yes to the disclaimer.
Make sure the Addition.txt button is ticked.
Press Scan button.
It will make a log (FRST.txt) in the same directory the tool is run. Please attach it to your reply.
The first time the tool is run, it also makes another log (Addition.txt). Please attach it to your reply.

=========================================================

Things I need to see in your next post:

  • AdwCleaner[C#].txt
  • FRST.txt
  • Addition.txt
__________________
tekir06 is offline  
Old 07-25-2016, 04:11 AM   #3
Registered Member
 
MentalParadox's Avatar
 
Join Date: Mar 2013
Location: Brasschaat, Belgium.
Posts: 131
OS: Windows 10 Home, 64bit



Alright, done. Sadly, the files are all in Dutch, as the OS of that computer is in Dutch. I hope that won't be a problem...

I see in the log that adwCleaner removed something JoniCoupon related in ProgramData, but the JoniCoupon extensions remain as they are.

adwCleaner:

# AdwCleaner v5.201 - Logbestand aangemaakt 25/07/2016 op 12:48:16
# Laatste update 30/06/2016 door ToolsLib
# Database : 2016-07-24.1 [Server]
# Besturingssysteem : Windows 7 Home Premium Service Pack 1 (X64)
# Gebruikersnaam : User - USER-PC
# Gestart vanuit : C:\Users\User\OneDrive\AdwCleaner.exe
# Optie : Verwijderen
# Ondersteuning : https://toolslib.net/forum

***** [ Services ] *****


***** [ Mappen ] *****

[-] Map verwijderd : C:\ProgramData\Trusted Publisher
[#] Map verwijderd : C:\ProgramData\trusted publisher
[-] Map verwijderd : C:\ProgramData\bf9dff9dc9ee5609
[-] Map verwijderd : C:\ProgramData\JoniCoupon
[#] Map verwijderd : C:\ProgramData\Application Data\Trusted Publisher
[#] Map verwijderd : C:\ProgramData\Application Data\trusted publisher
[#] Map verwijderd : C:\ProgramData\Application Data\bf9dff9dc9ee5609
[#] Map verwijderd : C:\ProgramData\Application Data\JoniCoupon
[-] Map verwijderd : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DriverTuner
[-] Map verwijderd : C:\Program Files (x86)\DriverTuner
[-] Map verwijderd : C:\Program Files (x86)\LiveSupport
[-] Map verwijderd : C:\Users\User\AppData\Local\Chromatic Browser
[-] Map verwijderd : C:\Users\User\AppData\Local\DriverTuner
[-] Map verwijderd : C:\Users\User\AppData\Local\torch
[-] Map verwijderd : C:\Users\User\AppData\Local\28050
[-] Map verwijderd : C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\fnijgkdahkbdgcbeablcmfjophbhfgji
[#] Map verwijderd : C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\fnijgkdahkbdgcbeablcmfjophbhfgji
[#] Map verwijderd : C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\fnijgkdahkbdgcbeablcmfjophbhfgji
[-] Map verwijderd : C:\Users\User\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg
[-] Map verwijderd : C:\Users\User\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\fnijgkdahkbdgcbeablcmfjophbhfgji
[#] Map verwijderd : C:\Users\User\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg
[#] Map verwijderd : C:\Users\User\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\fnijgkdahkbdgcbeablcmfjophbhfgji
[#] Map verwijderd : C:\Users\User\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg
[#] Map verwijderd : C:\Users\User\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\fnijgkdahkbdgcbeablcmfjophbhfgji
[-] Map verwijderd : C:\Users\User\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg
[-] Map verwijderd : C:\Users\User\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\fnijgkdahkbdgcbeablcmfjophbhfgji
[#] Map verwijderd : C:\Users\User\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg
[#] Map verwijderd : C:\Users\User\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\fnijgkdahkbdgcbeablcmfjophbhfgji
[#] Map verwijderd : C:\Users\User\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg
[#] Map verwijderd : C:\Users\User\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\fnijgkdahkbdgcbeablcmfjophbhfgji
[-] Map verwijderd : C:\Users\User\AppData\Local\CEF

***** [ Bestanden ] *****

[-] Bestand verwijderd : C:\END
[-] Bestand verwijderd : C:\Users\Public\Desktop\DriverTuner.lnk
[-] Bestand verwijderd : C:\Users\User\AppData\Roaming\LiveSupport.exe_log.txt
[-] Bestand verwijderd : C:\Users\User\AppData\Roaming\regsvr32.exe_log.txt
[-] Bestand verwijderd : C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_metrovideogame.wikia.com_0.localstorage
[-] Bestand verwijderd : C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_metrovideogame.wikia.com_0.localstorage-journal
[-] Bestand verwijderd : C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.azlyrics.com_0.localstorage
[-] Bestand verwijderd : C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.azlyrics.com_0.localstorage-journal
[-] Bestand verwijderd : C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.metrolyrics.com_0.localstorage
[-] Bestand verwijderd : C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.metrolyrics.com_0.localstorage-journal

***** [ DLLs ] *****


***** [ WMI ] *****


***** [ Snelkoppelingen ] *****


***** [ Geplande taken ] *****

[-] Taak verwijderd : GS_Booster-S-576482620
[-] Taak verwijderd : GS_Booster-S-576482620

***** [ Register ] *****

[-] Sleutel verwijderd : HKCU\Software\AppDataLow\{5F189DF5-2D05-472B-9091-84D9848AE48B}
[-] Sleutel verwijderd : HKCU\Software\Microsoft\Internet Explorer\DOMStorage\ads.clipconverter.cc
[-] Sleutel verwijderd : HKCU\Software\Microsoft\Internet Explorer\DOMStorage\clipconverter.cc
[-] Sleutel verwijderd : HKCU\Software\Microsoft\Internet Explorer\DOMStorage\www.clipconverter.cc
[-] Sleutel verwijderd : HKLM\SOFTWARE\Google\Chrome\Extensions\bopakagnckmlgajfccecajhnimjiiedh
[-] Sleutel verwijderd : HKLM\SOFTWARE\Classes\protector_dll.Protector
[-] Sleutel verwijderd : HKLM\SOFTWARE\Classes\protector_dll.Protector.1
[-] Sleutel verwijderd : HKLM\SOFTWARE\Classes\protector_dll.ProtectorBho
[-] Sleutel verwijderd : HKLM\SOFTWARE\Classes\protector_dll.ProtectorBho.1
[-] Sleutel verwijderd : HKLM\SOFTWARE\Classes\protector_dll.ProtectorLib
[-] Sleutel verwijderd : HKLM\SOFTWARE\Classes\protector_dll.ProtectorLib.1
[-] Sleutel verwijderd : HKCU\Software\Classes\CLSID\{F28C2F70-47DE-4EA5-8F6D-7D1476CD1EF5}
[-] Sleutel verwijderd : HKLM\SOFTWARE\Classes\CLSID\{3CCC052E-BDEE-408A-BEA7-90914EF2964B}
[-] Sleutel verwijderd : HKLM\SOFTWARE\Classes\CLSID\{61F47056-E400-43D3-AF1E-AB7DFFD4C4AD}
[-] Sleutel verwijderd : HKLM\SOFTWARE\Classes\CLSID\{E2B98EEA-EE55-4E9B-A8C1-6E5288DF785A}
[-] Sleutel verwijderd : HKLM\SOFTWARE\Classes\Interface\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}
[-] Sleutel verwijderd : HKCU\Software\Classes\TypeLib\{157B1AA6-3E5C-404A-9118-C1D91F537040}
[-] Sleutel verwijderd : HKCU\Software\DownLite
[-] Sleutel verwijderd : HKCU\Software\DriverTuner
[-] Sleutel verwijderd : HKCU\Software\DriverTuner_Init
[-] Sleutel verwijderd : HKCU\Software\Softonic
[-] Sleutel verwijderd : HKCU\Software\WEBAPP
[-] Sleutel verwijderd : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
[-] Sleutel verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{520C1D80-935C-42B9-9340-E883849D804F}_is1
[-] Sleutel verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{AD11DADE-C597-45D9-D8C5-1D2EB0B89613}
[-] Sleutel verwijderd : HKU\.DEFAULT\Software\AppDataLow\{5F189DF5-2D05-472B-9091-84D9848AE48B}
[-] Sleutel verwijderd : HKU\S-1-5-19\Software\AppDataLow\{5F189DF5-2D05-472B-9091-84D9848AE48B}
[-] Sleutel verwijderd : HKU\S-1-5-20\Software\AppDataLow\{5F189DF5-2D05-472B-9091-84D9848AE48B}
[-] Sleutel verwijderd : HKCU\Software\Microsoft\Internet Explorer\DOMStorage\metrolyrics.com
[-] Sleutel verwijderd : HKCU\Software\Microsoft\Internet Explorer\DOMStorage\Song Lyrics | MetroLyrics
[-] Sleutel verwijderd : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\9to5myway.com
[-] Sleutel verwijderd : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\superfish.com
[-] Sleutel verwijderd : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\veoh.com
[-] Sleutel verwijderd : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\www.superfish.com
[-] Sleutel verwijderd : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\Watch Movies Online For Free | Your #1 Online Movie Experience | Veoh

***** [ Internetbrowsers ] *****

[-] [C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] verwijderd : fnijgkdahkbdgcbeablcmfjophbhfgji
[-] [C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] verwijderd : fnijgkdahkbdgcbeablcmfjophbhfgji
[-] [C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] verwijderd : fnijgkdahkbdgcbeablcmfjophbhfgji

*************************

:: "Tracing" sleutels verwijderd
:: Winsock instellingen gereset

*************************

C:\AdwCleaner\AdwCleaner[C1].txt - [8427 bytes] - [25/07/2016 12:48:16]
C:\AdwCleaner\AdwCleaner[S1].txt - [8750 bytes] - [25/07/2016 12:47:01]

########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [8573 bytes] ##########
Attached Files
File Type: txt AdwCleaner[C1].txt (8.4 KB, 29 views)
File Type: txt FRST.txt (91.3 KB, 27 views)
File Type: txt Addition.txt (135.5 KB, 31 views)
MentalParadox is offline  
Sponsored Links
Advertisement
 
Old 07-25-2016, 04:13 AM   #4
Registered Member
 
MentalParadox's Avatar
 
Join Date: Mar 2013
Location: Brasschaat, Belgium.
Posts: 131
OS: Windows 10 Home, 64bit



FRST:

Scanresultaten van Farbar Recovery Scan Tool (FRST) (x64) Versie: 24-07-2016
Gestart door User (Beheerder) op USER-PC (25-07-2016 13:02:33)
Gestart vanaf C:\Users\User\OneDrive
Geladen Profielen: User (Beschikbare Profielen: User)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Taal: Nederlands (Nederland)
Internet Explorer Versie 11 (Standaardbrowser: IE)
Boot Modus: Normal
Handleiding voor Farbar Recovery Scan Tool: FRST Tutorial - How to use Farbar Recovery Scan Tool - Malware Removal Guides and Tutorials

==================== Processen (gefilterd) =================

(Als een item is opgenomen in de fixlist, het proces zal worden gesloten. Het bestand zal niet worden verplaatst.)

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(AMD) C:\Windows\System32\atieclxx.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe
(Andrea Electronics Corporation) C:\Program Files\IDT\WDM\AESTSr64.exe
(Apple Computer, Inc.) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe
() C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Rocket Division Software) C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Dropbox, Inc.) C:\Users\User\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\MOM.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\CCC.exe
(Plays.tv, LLC) C:\Program Files (x86)\Raptr Inc\PlaysTV\plays_service.exe
(Raptr, Inc) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe
(Plays.tv, LLC) C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv.exe
(Raptr, Inc) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe
(Raptr Inc.) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_ep64.exe
(Raptr Inc.) C:\Program Files (x86)\Raptr Inc\PlaysTV\plays_ep64.exe
(Microsoft Corporation) C:\Windows\System32\prevhost.exe


==================== Register (gefilterd) ===========================

(Als een item is opgenomen in de fixlist, het registry item zal worden teruggezet naar de standaardwaarden of verwijderd. Het bestand zal niet worden verplaatst.)

HKLM\...\Run: [Fences] => C:\Program Files (x86)\Stardock\Fences\Fences.exe [3992208 2014-10-03] (Stardock Corporation)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1340192 2016-01-29] (Microsoft Corporation)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-08-04] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [PlaysTV] => C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv_launcher.exe [71440 2016-07-21] (Plays.tv, LLC)
HKLM-x32\...\Run: [Raptr] => C:\Program Files (x86)\Raptr Inc\Raptr\raptrstub.exe [58640 2016-07-21] (Raptr, Inc)
HKU\S-1-5-21-2689027922-2357379931-3514953091-1000\...\Run: [GoogleChromeAutoLaunch_BCEA24321E5E4F1401136BBEDFB545FE] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [941720 2016-06-15] (Google Inc.)
HKU\S-1-5-21-2689027922-2357379931-3514953091-1000\...\Run: [Dropbox Update] => C:\Users\User\AppData\Local\Dropbox\Update\DropboxUpdate.exe [136048 2015-08-19] (Dropbox, Inc.)
HKU\S-1-5-21-2689027922-2357379931-3514953091-1000\...\MountPoints2: {c22f7bcb-8f9f-11e2-80e8-806e6f6e6963} - D:\autorun.exe
HKU\S-1-5-21-2689027922-2357379931-3514953091-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\LIVING~1.SCR
ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\User\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll [2016-07-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\User\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll [2016-07-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\User\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll [2016-07-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\User\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll [2016-07-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\User\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll [2016-07-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\User\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll [2016-07-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\User\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll [2016-07-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\User\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll [2016-07-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\User\AppData\Roaming\Dropbox\bin\DropboxExt.34.dll [2016-07-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\User\AppData\Roaming\Dropbox\bin\DropboxExt.34.dll [2016-07-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\User\AppData\Roaming\Dropbox\bin\DropboxExt.34.dll [2016-07-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\User\AppData\Roaming\Dropbox\bin\DropboxExt.34.dll [2016-07-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\User\AppData\Roaming\Dropbox\bin\DropboxExt.34.dll [2016-07-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\User\AppData\Roaming\Dropbox\bin\DropboxExt.34.dll [2016-07-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\User\AppData\Roaming\Dropbox\bin\DropboxExt.34.dll [2016-07-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\User\AppData\Roaming\Dropbox\bin\DropboxExt.34.dll [2016-07-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\User\AppData\Roaming\Dropbox\bin\DropboxExt.34.dll [2016-07-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\User\AppData\Roaming\Dropbox\bin\DropboxExt.34.dll [2016-07-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\User\AppData\Roaming\Dropbox\bin\DropboxExt.34.dll [2016-07-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\User\AppData\Roaming\Dropbox\bin\DropboxExt.34.dll [2016-07-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\User\AppData\Roaming\Dropbox\bin\DropboxExt.34.dll [2016-07-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\User\AppData\Roaming\Dropbox\bin\DropboxExt.34.dll [2016-07-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\User\AppData\Roaming\Dropbox\bin\DropboxExt.34.dll [2016-07-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\User\AppData\Roaming\Dropbox\bin\DropboxExt.34.dll [2016-07-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\User\AppData\Roaming\Dropbox\bin\DropboxExt.34.dll [2016-07-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\User\AppData\Roaming\Dropbox\bin\DropboxExt.34.dll [2016-07-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\User\AppData\Roaming\Dropbox\bin\DropboxExt.34.dll [2016-07-05] (Dropbox, Inc.)
Startup: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2016-07-20]
ShortcutTarget: Dropbox.lnk -> C:\Users\User\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
GroupPolicy: Restrictie - Chrome <======= AANDACHT
CHR HKLM\SOFTWARE\Policies\Google: Restrictie <======= AANDACHT

==================== Internet (gefilterd) ====================

(Als een item is opgenomen in de fixlist, als het een registry item is wordt verwijderd of hersteld naar de standaard.)

Tcpip\Parameters: [DhcpNameServer] 195.130.131.4 195.130.130.4
Tcpip\..\Interfaces\{EC97E7CA-C890-4DAC-B57F-F53D727D38B7}: [DhcpNameServer] 195.130.131.4 195.130.130.4

Internet Explorer:
==================
HKU\S-1-5-21-2689027922-2357379931-3514953091-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:Tabs
SearchScopes: HKU\S-1-5-21-2689027922-2357379931-3514953091-1000 -> DefaultScope {34B6A8A2-1021-460C-BF06-31ECD2F127D6} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
SearchScopes: HKU\S-1-5-21-2689027922-2357379931-3514953091-1000 -> {2040D25E-FD30-42E7-BE27-2BA88365B103} URL = hxxps://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-2689027922-2357379931-3514953091-1000 -> {34B6A8A2-1021-460C-BF06-31ECD2F127D6} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
BHO: GoSave -> {397a4a95-ebca-4775-9cd4-3ea401c7d7fc} -> C:\Program Files (x86)\GoSave\iAE6vcHfewkA9s.x64.dll => Geen bestand
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO: YoutubeAdBlocke -> {7df28b6a-ad67-4f89-8d87-01ae25a07ad9} -> C:\Program Files (x86)\YoutubeAdBlocke\bicj1w5kcaP66P.x64.dll => Geen bestand
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-07-19] (Google Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus64.dll [2015-09-22] (Eyeo GmbH)
BHO-x32: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.141\McAfeeMSS_IE.dll [2014-01-16] (McAfee, Inc.)
BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2010-11-08] (CANON INC.)
BHO-x32: GoSave -> {397a4a95-ebca-4775-9cd4-3ea401c7d7fc} -> C:\Program Files (x86)\GoSave\iAE6vcHfewkA9s.dll => Geen bestand
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll [2014-11-13] (Oracle Corporation)
BHO-x32: YoutubeAdBlocke -> {7df28b6a-ad67-4f89-8d87-01ae25a07ad9} -> C:\Program Files (x86)\YoutubeAdBlocke\bicj1w5kcaP66P.dll => Geen bestand
BHO-x32: Aanmeldhulp voor Microsoft-account -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-07-19] (Google Inc.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll [2014-11-13] (Oracle Corporation)
BHO-x32: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll [2015-09-22] (Eyeo GmbH)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-07-19] (Google Inc.)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2010-11-08] (CANON INC.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-07-19] (Google Inc.)
IE Session Restore: HKU\S-1-5-21-2689027922-2357379931-3514953091-1000 -> is ingeschakeld.

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_22_0_0_209.dll [2016-07-19] ()
FF Plugin: @microsoft.com/GENUINE -> disabled [Geen bestand]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~4\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_22_0_0_209.dll [2016-07-19] ()
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll [2011-11-30] (CANON INC.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.0.72 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-01-23] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-01-23] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll [2014-11-13] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll [2014-11-13] (Oracle Corporation)
FF Plugin-x32: @mcafee.com/McAfeeMssPlugin -> C:\Program Files\McAfee Security Scan\3.8.141\npMcAfeeMss.dll [2014-01-16] (McAfee, Inc.)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Geen bestand]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-07-19] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-07-19] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-12-18] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2689027922-2357379931-3514953091-1000: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2015-05-17] ()
FF Plugin HKU\S-1-5-21-2689027922-2357379931-3514953091-1000: vasco.com/VascoCardReaderPlugin -> C:\Users\User\AppData\Roaming\VASCO\VascoCardReaderPlugin\3.2.3.4\npVascoCardReaderPlugin.dll [2014-10-27] (VASCO Data Security)
FF Plugin HKU\S-1-5-21-2689027922-2357379931-3514953091-1000: vasco.com/VascoCardReaderPlugin64 -> C:\Users\User\AppData\Roaming\VASCO\VascoCardReaderPlugin\3.2.3.4\npVascoCardReaderPlugin64.dll [2014-10-27] (VASCO Data Security)
FF Extension: Belgium eID - C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected] [2014-06-18] [ niet getekend]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files\Mozilla Firefox\extensions\[email protected] => niet gevonden

Chrome:
=======
CHR HomePage: Default -> hxxp://www.igoogle.be/
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR Session Restore: Default -> is ingeschakeld.
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\51.0.2704.103\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\51.0.2704.103\ppGoogleNaClPluginChrome.dll => Geen bestand
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\51.0.2704.103\pdf.dll => Geen bestand
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL (Microsoft Corporation)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll => Geen bestand
CHR Plugin: (CANON iMAGE GATEWAY Album Plugin Utility for IJ) - C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll (CANON INC.)
CHR Plugin: (Silverlight Plug-In) - C:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll => Geen bestand
CHR Plugin: (Uplay PC) - C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll ()
CHR Plugin: (Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Google Update) - C:\Users\User\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll => Geen bestand
CHR Plugin: (Google Talk Plugin) - C:\Users\User\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll => Geen bestand
CHR Plugin: (Google Talk Plugin Video Accelerator) - C:\Users\User\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll => Geen bestand
CHR Plugin: (Google Talk Plugin Video Renderer) - C:\Users\User\AppData\Roaming\Mozilla\plugins\npo1d.dll => Geen bestand
CHR Profile: C:\Users\User\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (YouTube) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-07-18]
CHR Extension: (Google Search) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-03-28]
CHR Extension: (ZenMate VPN - Beste Cyber Security & Unblock) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdcgdnkidjaadafnichfpabhfomcebme [2016-07-21]
CHR Extension: (AdBlock) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-07-21]
CHR Extension: (Auto Replay for YouTube™) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\kanbnempkjnhadplbfgdaagijdbdbjeb [2015-08-09]
CHR Extension: (Betalingen via Chrome Web Store) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-07-21]
CHR Extension: (Gmail) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-28]

==================== Services (gefilterd) ========================

(Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.)

R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [172344 2014-07-23] (SUPERAntiSpyware.com)
R2 Bonjour Service; C:\Program Files (x86)\Bonjour\mDNSResponder.exe [229376 2006-02-28] (Apple Computer, Inc.) [Bestand niet getekend]
S2 CLKMSVC10_38F51D56; C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe [241648 2011-01-25] (CyberLink)
S3 FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [654848 2013-06-26] (Macrovision Europe Ltd.) [Bestand niet getekend]
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe [72992 2014-07-07] (Hewlett-Packard Company)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15344 2013-01-31] (Intel Corporation)
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [140456 2012-03-28] ()
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [732160 2012-12-10] (Intel(R) Corporation) [Bestand niet getekend]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [803872 2012-12-10] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-01-23] (Intel Corporation)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.141\McCHSvc.exe [289256 2014-01-16] (McAfee, Inc.)
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2016-01-29] (Microsoft Corporation)
R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [374344 2016-01-29] (Microsoft Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2004488 2015-07-11] (Electronic Arts)
S3 OverwolfUpdater; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [1309936 2016-07-17] (Overwolf LTD)
R2 PlaysService; C:\Program Files (x86)\Raptr Inc\PlaysTV\plays_service.exe [32528 2016-07-21] (Plays.tv, LLC)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2015-05-17] ()
R2 StarWindServiceAE; C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [275968 2007-05-28] (Rocket Division Software) [Bestand niet getekend]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

===================== Drivers (gefilterd) ==========================

(Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.)

R0 amdkmpfd; C:\Windows\System32\DRIVERS\amdkmpfd.sys [62152 2014-10-28] (Advanced Micro Devices, Inc.)
R3 AVer7231_x64; C:\Windows\System32\DRIVERS\AVer7231_x64.sys [1873024 2012-06-27] (AVerMedia TECHNOLOGIES, Inc.)
S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
S3 GemCCID; C:\Windows\System32\DRIVERS\GemCCID.sys [130944 2014-11-10] (Gemalto)
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28656 2013-01-31] (Intel Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [289120 2015-11-13] (Microsoft Corporation)
R3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [133816 2015-11-13] (Microsoft Corporation)
S3 OCUSBVID; C:\Windows\System32\DRIVERS\OCUSBVID.sys [45488 2014-07-22] (Oculus VR)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [868848 2013-03-31] () [Bestand niet getekend]
U3 aahtrj3t; C:\Windows\System32\Drivers\aahtrj3t.sys [0 ] (Microsoft Corporation) <==== AANDACHT (nul byte bestand/map)
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]

==================== NetSvcs (gefilterd) ===================

(Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.)


==================== Een Maand Aangemaakt bestanden en mappen ========

(Als een item is opgenomen in de fixlist, het bestand/map wordt verplaatst.)

2016-07-25 13:02 - 2016-07-25 13:02 - 00000000 ____D C:\FRST
2016-07-25 12:46 - 2016-07-25 12:48 - 00000000 ____D C:\AdwCleaner
2016-07-21 03:46 - 2016-07-21 03:46 - 00000000 ____D C:\Windows\EOONotify
2016-07-21 01:37 - 2016-02-05 20:56 - 00020480 _____ (Microsoft Corporation) C:\Windows\system32\tbs.dll
2016-07-21 01:37 - 2016-02-05 20:54 - 00109568 _____ (Microsoft Corporation) C:\Windows\system32\fveapibase.dll
2016-07-21 01:37 - 2016-02-05 19:33 - 00015360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tbs.dll
2016-07-21 01:37 - 2015-11-10 20:55 - 01648128 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2016-07-21 01:37 - 2015-11-10 20:55 - 01180160 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2016-07-21 01:37 - 2015-11-10 20:55 - 01008640 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
2016-07-21 01:37 - 2015-11-10 20:39 - 01251328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2016-07-21 01:37 - 2015-11-10 20:37 - 00833024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
2016-07-21 01:37 - 2015-06-03 22:21 - 00451080 _____ (Microsoft Corporation) C:\Windows\system32\fveapi.dll
2016-07-20 04:29 - 2016-03-16 20:50 - 00156672 _____ (Microsoft Corporation) C:\Windows\system32\mtxoci.dll
2016-07-20 04:29 - 2016-03-16 20:28 - 00176128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msorcl32.dll
2016-07-20 04:29 - 2016-03-16 20:28 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mtxoci.dll
2016-07-20 04:29 - 2015-11-14 01:09 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\mapistub.dll
2016-07-20 04:29 - 2015-11-14 01:09 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\mapi32.dll
2016-07-20 04:29 - 2015-11-14 01:08 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\fixmapi.exe
2016-07-20 04:29 - 2015-11-14 00:50 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mapistub.dll
2016-07-20 04:29 - 2015-11-14 00:50 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mapi32.dll
2016-07-20 04:29 - 2015-11-14 00:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fixmapi.exe
2016-07-20 04:28 - 2016-03-06 20:53 - 01885696 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2016-07-20 04:28 - 2016-03-06 20:53 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2016-07-20 04:28 - 2016-03-06 20:38 - 01240576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2016-07-20 04:28 - 2016-03-06 20:38 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2016-07-20 04:28 - 2016-02-02 20:57 - 00511488 _____ (Microsoft Corporation) C:\Windows\system32\rpcss.dll
2016-07-20 04:27 - 2016-03-18 00:56 - 02084864 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2016-07-20 04:27 - 2016-03-18 00:28 - 01414144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2016-07-20 04:26 - 2016-06-11 08:57 - 00394448 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2016-07-20 04:26 - 2016-06-11 06:48 - 00346320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2016-07-20 04:26 - 2016-06-10 23:38 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2016-07-20 04:26 - 2016-06-10 23:38 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2016-07-20 04:26 - 2016-06-10 23:20 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2016-07-20 04:26 - 2016-06-10 23:19 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2016-07-20 04:26 - 2016-06-10 23:17 - 02895360 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-07-20 04:26 - 2016-06-10 23:08 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2016-07-20 04:26 - 2016-06-10 23:03 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2016-07-20 04:26 - 2016-06-10 22:53 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2016-07-20 04:26 - 2016-06-10 22:40 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-07-20 04:26 - 2016-06-10 22:38 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2016-07-20 04:26 - 2016-06-10 22:31 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2016-07-20 04:26 - 2016-06-10 22:28 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2016-07-20 04:26 - 2016-06-10 22:13 - 00724992 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2016-07-20 04:26 - 2016-06-10 22:12 - 00806400 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-07-20 04:26 - 2016-06-10 22:10 - 02131456 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-07-20 04:26 - 2016-06-10 21:30 - 01550848 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-07-20 04:26 - 2016-06-10 21:21 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2016-07-20 04:26 - 2016-06-10 21:09 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2016-07-20 04:26 - 2016-06-10 20:54 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2016-07-20 04:26 - 2016-06-10 20:53 - 00497664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2016-07-20 04:26 - 2016-06-10 20:53 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2016-07-20 04:26 - 2016-06-10 20:52 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2016-07-20 04:26 - 2016-06-10 20:47 - 02287104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2016-07-20 04:26 - 2016-06-10 20:46 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2016-07-20 04:26 - 2016-06-10 20:45 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2016-07-20 04:26 - 2016-06-10 20:42 - 20348928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-07-20 04:26 - 2016-06-10 20:42 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2016-07-20 04:26 - 2016-06-10 20:41 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2016-07-20 04:26 - 2016-06-10 20:41 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2016-07-20 04:26 - 2016-06-10 20:41 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2016-07-20 04:26 - 2016-06-10 20:32 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2016-07-20 04:26 - 2016-06-10 20:27 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2016-07-20 04:26 - 2016-06-10 20:26 - 00091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2016-07-20 04:26 - 2016-06-10 20:23 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2016-07-20 04:26 - 2016-06-10 20:21 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2016-07-20 04:26 - 2016-06-10 20:19 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2016-07-20 04:26 - 2016-06-10 20:10 - 00692736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2016-07-20 04:26 - 2016-06-10 20:09 - 02055680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2016-07-20 04:26 - 2016-06-10 20:09 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2016-07-20 04:26 - 2016-06-10 19:58 - 13806080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-07-20 04:26 - 2016-06-10 19:42 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2016-07-20 04:26 - 2016-06-10 19:41 - 01315840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2016-07-20 04:26 - 2015-11-03 21:04 - 00802304 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2016-07-20 04:26 - 2015-11-03 20:56 - 00627712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2016-07-20 04:25 - 2016-06-10 23:19 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2016-07-20 04:25 - 2016-06-10 23:18 - 00572416 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-07-20 04:25 - 2016-06-10 23:18 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2016-07-20 04:25 - 2016-06-10 23:10 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2016-07-20 04:25 - 2016-06-10 23:05 - 25814016 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-07-20 04:25 - 2016-06-10 23:04 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2016-07-20 04:25 - 2016-06-10 23:03 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2016-07-20 04:25 - 2016-06-10 23:02 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-07-20 04:25 - 2016-06-10 23:02 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2016-07-20 04:25 - 2016-06-10 22:50 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2016-07-20 04:25 - 2016-06-10 22:49 - 06047744 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-07-20 04:25 - 2016-06-10 22:35 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2016-07-20 04:25 - 2016-06-10 22:34 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2016-07-20 04:25 - 2016-06-10 22:15 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2016-07-20 04:25 - 2016-06-10 22:11 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2016-07-20 04:25 - 2016-06-10 21:45 - 15409664 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-07-20 04:25 - 2016-06-10 21:44 - 02869248 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-07-20 04:25 - 2016-06-10 20:53 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2016-07-20 04:25 - 2016-06-10 20:24 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2016-07-20 04:25 - 2016-06-10 20:14 - 04608000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2016-07-20 04:25 - 2016-06-10 20:12 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2016-07-20 04:25 - 2016-06-10 19:45 - 02392576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2016-07-20 04:24 - 2016-06-26 02:27 - 00970240 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2016-07-20 04:24 - 2016-06-26 02:27 - 00756736 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2016-07-20 04:24 - 2016-06-26 02:27 - 00344576 _____ (Microsoft Corporation) C:\Windows\system32\ntprint.dll
2016-07-20 04:24 - 2016-06-26 02:27 - 00166400 _____ (Microsoft Corporation) C:\Windows\system32\inetpp.dll
2016-07-20 04:24 - 2016-06-26 02:27 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\inetppui.dll
2016-07-20 04:24 - 2016-06-25 21:54 - 00497152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32spl.dll
2016-07-20 04:24 - 2016-06-25 21:53 - 00297472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntprint.dll
2016-07-20 04:24 - 2016-06-25 21:53 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\ntprint.exe
2016-07-20 04:24 - 2016-06-25 21:53 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\wpnpinst.exe
2016-07-20 04:24 - 2016-06-25 21:41 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntprint.exe
2016-07-20 04:24 - 2016-05-12 19:20 - 00154856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2016-07-20 04:24 - 2016-05-12 19:20 - 00095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2016-07-20 04:24 - 2016-05-12 19:15 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2016-07-20 04:24 - 2016-05-12 19:15 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2016-07-20 04:24 - 2016-05-12 19:15 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2016-07-20 04:24 - 2016-05-12 19:15 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2016-07-20 04:24 - 2016-05-12 19:14 - 01464320 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-07-20 04:24 - 2016-05-12 19:14 - 01212928 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2016-07-20 04:24 - 2016-05-12 19:14 - 00730624 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-07-20 04:24 - 2016-05-12 19:14 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2016-07-20 04:24 - 2016-05-12 19:14 - 00463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2016-07-20 04:24 - 2016-05-12 19:14 - 00344064 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2016-07-20 04:24 - 2016-05-12 19:14 - 00316416 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2016-07-20 04:24 - 2016-05-12 19:14 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2016-07-20 04:24 - 2016-05-12 19:14 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2016-07-20 04:24 - 2016-05-12 19:14 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2016-07-20 04:24 - 2016-05-12 19:14 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2016-07-20 04:24 - 2016-05-12 19:14 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2016-07-20 04:24 - 2016-05-12 19:14 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2016-07-20 04:24 - 2016-05-12 19:14 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2016-07-20 04:24 - 2016-05-12 17:18 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2016-07-20 04:24 - 2016-05-12 17:18 - 00666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2016-07-20 04:24 - 2016-05-12 17:18 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2016-07-20 04:24 - 2016-05-12 17:18 - 00342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2016-07-20 04:24 - 2016-05-12 17:18 - 00260608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2016-07-20 04:24 - 2016-05-12 17:18 - 00251392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2016-07-20 04:24 - 2016-05-12 17:18 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2016-07-20 04:24 - 2016-05-12 17:18 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2016-07-20 04:24 - 2016-05-12 17:18 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2016-07-20 04:24 - 2016-05-12 17:18 - 00141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2016-07-20 04:24 - 2016-05-12 17:18 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2016-07-20 04:24 - 2016-05-12 17:18 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2016-07-20 04:24 - 2016-05-12 17:18 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2016-07-20 04:24 - 2016-05-12 17:18 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2016-07-20 04:24 - 2016-05-12 17:18 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2016-07-20 04:24 - 2016-05-12 17:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2016-07-20 04:24 - 2016-05-12 16:58 - 00464896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2016-07-20 04:24 - 2016-05-12 16:58 - 00405504 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2016-07-20 04:24 - 2016-05-12 16:58 - 00291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2016-07-20 04:24 - 2016-05-12 16:58 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2016-07-20 04:24 - 2016-05-12 16:58 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2016-07-20 04:24 - 2016-05-12 16:58 - 00129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2016-07-20 04:24 - 2016-05-12 16:57 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2016-07-20 04:24 - 2016-05-12 16:56 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2016-07-20 04:24 - 2016-05-12 16:51 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2016-07-20 04:24 - 2016-05-12 15:05 - 00459640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2016-07-20 04:24 - 2016-05-12 15:05 - 00297984 _____ (Microsoft Corporation) C:\Windows\system32\bcryptprimitives.dll
2016-07-20 04:24 - 2016-05-12 15:04 - 00249352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcryptprimitives.dll
2016-07-20 04:23 - 2016-02-12 20:52 - 03169792 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2016-07-20 04:23 - 2016-02-12 20:52 - 00192512 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2016-07-20 04:23 - 2016-02-12 20:52 - 00098816 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2016-07-20 04:23 - 2016-02-12 20:44 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2016-07-20 04:23 - 2016-02-12 20:39 - 00174080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2016-07-20 04:23 - 2016-02-12 20:22 - 02610688 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2016-07-20 04:23 - 2016-02-12 20:19 - 00709120 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2016-07-20 04:23 - 2016-02-12 20:18 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2016-07-20 04:23 - 2016-02-12 20:18 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2016-07-20 04:23 - 2016-02-12 20:18 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2016-07-20 04:23 - 2016-02-12 20:18 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2016-07-20 04:23 - 2016-02-12 20:18 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2016-07-20 04:23 - 2016-02-12 20:06 - 00573440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2016-07-20 04:23 - 2016-02-12 20:05 - 00093696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2016-07-20 04:23 - 2016-02-12 20:05 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2016-07-20 04:23 - 2016-02-12 20:05 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2016-07-20 04:23 - 2016-01-21 02:51 - 00073664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\disk.sys
2016-07-20 04:23 - 2015-11-19 16:07 - 00994760 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll
2016-07-20 04:23 - 2015-11-19 16:07 - 00063840 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll
2016-07-20 04:23 - 2015-11-19 16:07 - 00020832 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
2016-07-20 04:23 - 2015-11-19 16:07 - 00019808 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2016-07-20 04:23 - 2015-11-19 16:07 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
2016-07-20 04:23 - 2015-11-19 16:07 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2016-07-20 04:23 - 2015-11-19 16:07 - 00016224 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2016-07-20 04:23 - 2015-11-19 16:07 - 00015712 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2016-07-20 04:23 - 2015-11-19 16:07 - 00014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
2016-07-20 04:23 - 2015-11-19 16:07 - 00014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-2-0.dll
2016-07-20 04:23 - 2015-11-19 16:07 - 00013664 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2016-07-20 04:23 - 2015-11-19 16:07 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll
2016-07-20 04:23 - 2015-11-19 16:07 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2016-07-20 04:23 - 2015-11-19 16:07 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2016-07-20 04:23 - 2015-11-19 16:07 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2016-07-20 04:23 - 2015-11-19 16:07 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2016-07-20 04:23 - 2015-11-19 16:07 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2016-07-20 04:23 - 2015-11-19 16:07 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-2-0.dll
2016-07-20 04:23 - 2015-11-19 16:07 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-1.dll
2016-07-20 04:23 - 2015-11-19 16:07 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l2-1-0.dll
2016-07-20 04:23 - 2015-11-19 16:07 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-timezone-l1-1-0.dll
2016-07-20 04:23 - 2015-11-19 16:07 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l2-1-0.dll
2016-07-20 04:23 - 2015-11-19 16:07 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-2-0.dll
2016-07-20 04:23 - 2015-11-19 16:06 - 00922432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll
2016-07-20 04:23 - 2015-11-19 16:06 - 00066400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-private-l1-1-0.dll
2016-07-20 04:23 - 2015-11-19 16:06 - 00022368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-math-l1-1-0.dll
2016-07-20 04:23 - 2015-11-19 16:06 - 00019808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
2016-07-20 04:23 - 2015-11-19 16:06 - 00017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-string-l1-1-0.dll
2016-07-20 04:23 - 2015-11-19 16:06 - 00017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-stdio-l1-1-0.dll
2016-07-20 04:23 - 2015-11-19 16:06 - 00016224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2016-07-20 04:23 - 2015-11-19 16:06 - 00015712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-convert-l1-1-0.dll
2016-07-20 04:23 - 2015-11-19 16:06 - 00014176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-time-l1-1-0.dll
2016-07-20 04:23 - 2015-11-19 16:06 - 00014176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-2-0.dll
2016-07-20 04:23 - 2015-11-19 16:06 - 00013664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
2016-07-20 04:23 - 2015-11-19 16:06 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-process-l1-1-0.dll
2016-07-20 04:23 - 2015-11-19 16:06 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll
2016-07-20 04:23 - 2015-11-19 16:06 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-conio-l1-1-0.dll
2016-07-20 04:23 - 2015-11-19 16:06 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-utility-l1-1-0.dll
2016-07-20 04:23 - 2015-11-19 16:06 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll
2016-07-20 04:23 - 2015-11-19 16:06 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-environment-l1-1-0.dll
2016-07-20 04:23 - 2015-11-19 16:06 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-2-0.dll
2016-07-20 04:23 - 2015-11-19 16:06 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-1.dll
2016-07-20 04:23 - 2015-11-19 16:06 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l2-1-0.dll
2016-07-20 04:23 - 2015-11-19 16:06 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-timezone-l1-1-0.dll
2016-07-20 04:23 - 2015-11-19 16:06 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l2-1-0.dll
2016-07-20 04:23 - 2015-11-19 16:06 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-2-0.dll
2016-07-20 04:22 - 2016-05-12 19:15 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2016-07-20 04:22 - 2016-05-12 17:18 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2016-07-20 04:22 - 2016-04-09 09:01 - 00986344 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2016-07-20 04:22 - 2016-04-09 09:01 - 00264936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2016-07-20 04:22 - 2016-04-09 08:57 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
2016-07-20 04:22 - 2016-02-03 20:07 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBSTOR.SYS
2016-07-20 04:22 - 2016-01-11 21:11 - 01684416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2016-07-20 04:21 - 2016-01-07 19:42 - 00141312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2016-07-20 04:21 - 2015-12-20 20:50 - 03180544 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2016-07-20 04:21 - 2015-12-20 20:50 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll
2016-07-20 04:21 - 2015-12-20 16:08 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2016-07-20 04:21 - 2015-11-05 21:05 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\wshrm.dll
2016-07-20 04:21 - 2015-11-05 21:02 - 00014848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshrm.dll
2016-07-20 04:21 - 2015-11-05 11:53 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rmcast.sys
2016-07-20 04:18 - 2016-06-26 02:35 - 00041704 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2016-07-20 04:18 - 2016-06-26 02:27 - 01208320 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2016-07-20 04:18 - 2016-06-22 15:06 - 00268800 _____ (Microsoft Corporation) C:\Windows\system32\centel.dll
2016-07-20 04:18 - 2016-06-17 20:24 - 01490432 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2016-07-20 04:18 - 2016-06-17 20:24 - 00571904 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2016-07-20 04:18 - 2016-06-17 20:24 - 00544256 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2016-07-20 04:18 - 2016-06-17 20:24 - 00294912 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2016-07-20 04:18 - 2016-06-17 20:24 - 00219136 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2016-07-20 04:18 - 2016-06-17 20:24 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2016-07-20 04:18 - 2016-03-16 02:16 - 00760320 _____ (Microsoft Corporation) C:\Windows\system32\samsrv.dll
2016-07-20 04:18 - 2016-03-16 02:16 - 00106496 _____ (Microsoft Corporation) C:\Windows\system32\samlib.dll
2016-07-20 04:18 - 2016-03-16 01:53 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\samlib.dll
2016-07-20 04:18 - 2016-02-05 03:19 - 00381440 _____ (Microsoft Corporation) C:\Windows\system32\mfds.dll
2016-07-20 04:18 - 2016-02-04 20:41 - 00296448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfds.dll
2016-07-20 04:18 - 2016-02-03 20:58 - 00862208 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2016-07-20 04:18 - 2016-02-03 20:52 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\asycfilt.dll
2016-07-20 04:18 - 2016-02-03 20:49 - 00572416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2016-07-20 04:18 - 2016-02-03 20:43 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\asycfilt.dll
2016-07-20 04:18 - 2015-11-11 20:53 - 01735680 _____ (Microsoft Corporation) C:\Windows\system32\comsvcs.dll
2016-07-20 04:18 - 2015-11-11 20:53 - 00525312 _____ (Microsoft Corporation) C:\Windows\system32\catsrvut.dll
2016-07-20 04:18 - 2015-11-11 20:39 - 01242624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comsvcs.dll
2016-07-20 04:18 - 2015-11-11 20:39 - 00487936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\catsrvut.dll
2016-07-20 04:18 - 2015-10-13 18:41 - 00497664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2016-07-20 04:18 - 2015-10-13 18:40 - 00118272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2016-07-20 04:05 - 2016-07-20 04:05 - 00002023 _____ C:\Users\Public\Desktop\Raptr.lnk
2016-07-20 04:04 - 2016-07-25 12:58 - 00000000 ____D C:\Users\User\AppData\Roaming\PlaysTV
2016-07-20 04:00 - 2016-07-20 04:01 - 00000000 ____D C:\Program Files (x86)\Raptr Inc
2016-07-20 03:00 - 2016-05-14 00:15 - 00382184 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2016-07-20 03:00 - 2016-05-14 00:09 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2016-07-20 03:00 - 2016-05-14 00:09 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2016-07-20 03:00 - 2016-05-14 00:09 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2016-07-20 03:00 - 2016-05-14 00:09 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2016-07-20 03:00 - 2016-05-13 23:54 - 00308456 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2016-07-20 03:00 - 2016-05-13 23:50 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2016-07-20 03:00 - 2016-05-13 23:49 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2016-07-20 03:00 - 2016-05-13 23:49 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2016-07-20 03:00 - 2016-05-13 23:27 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2016-07-20 03:00 - 2016-05-11 19:02 - 00483840 _____ (Microsoft Corporation) C:\Windows\system32\StructuredQuery.dll
2016-07-20 03:00 - 2016-05-11 17:19 - 00363520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\StructuredQuery.dll
2016-07-20 03:00 - 2015-10-29 19:50 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\apphelp.dll
2016-07-20 03:00 - 2015-10-29 19:50 - 00072192 _____ (Microsoft Corporation) C:\Windows\system32\aelupsvc.dll
2016-07-20 03:00 - 2015-10-29 19:50 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\sdbinst.exe
2016-07-20 03:00 - 2015-10-29 19:50 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\shimeng.dll
2016-07-20 03:00 - 2015-10-29 19:50 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shimeng.dll
2016-07-20 03:00 - 2015-10-29 19:49 - 00295936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apphelp.dll
2016-07-20 03:00 - 2015-10-29 19:49 - 00020992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sdbinst.exe
2016-07-20 02:59 - 2016-06-14 17:03 - 03217408 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-07-20 02:59 - 2016-05-11 19:02 - 00444928 _____ (Microsoft Corporation) C:\Windows\system32\winhttp.dll
2016-07-20 02:59 - 2016-05-11 19:02 - 00327168 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll
2016-07-20 02:59 - 2016-05-11 19:02 - 00296448 _____ (Microsoft Corporation) C:\Windows\system32\ws2_32.dll
2016-07-20 02:59 - 2016-05-11 17:19 - 00351744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winhttp.dll
2016-07-20 02:59 - 2016-05-11 17:19 - 00231424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswsock.dll
2016-07-20 02:59 - 2016-05-11 17:19 - 00206336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ws2_32.dll
2016-07-20 02:59 - 2016-05-11 17:11 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\netbtugc.exe
2016-07-20 02:59 - 2016-05-11 17:01 - 00026624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netbtugc.exe
2016-07-20 02:59 - 2016-05-11 16:58 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netbt.sys
2016-07-20 02:59 - 2016-04-14 15:49 - 00603648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll
2016-07-20 02:59 - 2016-04-14 15:21 - 00647680 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
2016-07-20 02:59 - 2016-02-09 11:55 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\seclogon.dll
2016-07-20 02:59 - 2016-01-22 08:18 - 00961024 _____ (Microsoft Corporation) C:\Windows\system32\CPFilters.dll
2016-07-20 02:59 - 2016-01-22 08:18 - 00723968 _____ (Microsoft Corporation) C:\Windows\system32\EncDec.dll
2016-07-20 02:59 - 2016-01-22 08:04 - 00642048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CPFilters.dll
2016-07-20 02:59 - 2016-01-22 08:04 - 00535040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\EncDec.dll
2016-07-20 02:59 - 2015-12-08 23:54 - 02285056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2016-07-20 02:59 - 2015-12-08 23:54 - 01620992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2016-07-20 02:59 - 2015-12-08 23:54 - 01568768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVENCOD.DLL
2016-07-20 02:59 - 2015-12-08 23:54 - 01325056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMSPDMOE.DLL
2016-07-20 02:59 - 2015-12-08 23:54 - 00902144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMADMOD.DLL
2016-07-20 02:59 - 2015-12-08 23:54 - 00815616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMADMOE.DLL
2016-07-20 02:59 - 2015-12-08 23:54 - 00740352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmpmde.dll
2016-07-20 02:59 - 2015-12-08 23:54 - 00739328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMSPDMOD.DLL
2016-07-20 02:59 - 2015-12-08 23:54 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVXENCD.DLL
2016-07-20 02:59 - 2015-12-08 23:54 - 00541184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVSDECD.DLL
2016-07-20 02:59 - 2015-12-08 23:54 - 00358400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVSENCD.DLL
2016-07-20 02:59 - 2015-12-08 23:54 - 00154112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\VIDRESZR.DLL
2016-07-20 02:59 - 2015-12-08 23:53 - 03209728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2016-07-20 02:59 - 2015-12-08 23:53 - 01329664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2016-07-20 02:59 - 2015-12-08 23:53 - 00970240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2adec.dll
2016-07-20 02:59 - 2015-12-08 23:53 - 00829952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSMPEG2ENC.DLL
2016-07-20 02:59 - 2015-12-08 23:53 - 00609280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFWMAAEC.DLL
2016-07-20 02:59 - 2015-12-08 23:53 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2016-07-20 02:59 - 2015-12-08 23:53 - 00509952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2016-07-20 02:59 - 2015-12-08 23:53 - 00489984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\evr.dll
2016-07-20 02:59 - 2015-12-08 23:53 - 00415744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MP4SDECD.DLL
2016-07-20 02:59 - 2015-12-08 23:53 - 00354816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2016-07-20 02:59 - 2015-12-08 23:53 - 00241152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MPG4DECD.DLL
2016-07-20 02:59 - 2015-12-08 23:53 - 00241152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MP43DECD.DLL
2016-07-20 02:59 - 2015-12-08 23:53 - 00206848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RESAMPLEDMO.DLL
2016-07-20 02:59 - 2015-12-08 23:53 - 00206848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qasf.dll
2016-07-20 02:59 - 2015-12-08 23:53 - 00193536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ksproxy.ax
2016-07-20 02:59 - 2015-12-08 23:53 - 00153600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\COLORCNV.DLL
2016-07-20 02:59 - 2015-12-08 23:53 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2016-07-20 02:59 - 2015-12-08 23:53 - 00079872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MP3DMOD.DLL
2016-07-20 02:59 - 2015-12-08 23:53 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\devenum.dll
2016-07-20 02:59 - 2015-12-08 23:53 - 00053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfvdsp.dll
2016-07-20 02:59 - 2015-12-08 23:53 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2016-07-20 02:59 - 2015-12-08 23:53 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2016-07-20 02:59 - 2015-12-08 23:53 - 00004608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ksuser.dll
2016-07-20 02:59 - 2015-12-08 23:50 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2016-07-20 02:59 - 2015-12-08 21:07 - 04121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2016-07-20 02:59 - 2015-12-08 21:07 - 02777088 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2016-07-20 02:59 - 2015-12-08 21:07 - 01955328 _____ (Microsoft Corporation) C:\Windows\system32\WMVENCOD.DLL
2016-07-20 02:59 - 2015-12-08 21:07 - 01888768 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2016-07-20 02:59 - 2015-12-08 21:07 - 01575424 _____ (Microsoft Corporation) C:\Windows\system32\WMSPDMOE.DLL
2016-07-20 02:59 - 2015-12-08 21:07 - 01573888 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2016-07-20 02:59 - 2015-12-08 21:07 - 01307136 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2adec.dll
2016-07-20 02:59 - 2015-12-08 21:07 - 01232896 _____ (Microsoft Corporation) C:\Windows\system32\WMADMOD.DLL
2016-07-20 02:59 - 2015-12-08 21:07 - 01160192 _____ (Microsoft Corporation) C:\Windows\system32\MSMPEG2ENC.DLL
2016-07-20 02:59 - 2015-12-08 21:07 - 01153024 _____ (Microsoft Corporation) C:\Windows\system32\WMADMOE.DLL
2016-07-20 02:59 - 2015-12-08 21:07 - 01026048 _____ (Microsoft Corporation) C:\Windows\system32\wmpmde.dll
2016-07-20 02:59 - 2015-12-08 21:07 - 01010688 _____ (Microsoft Corporation) C:\Windows\system32\mcmde.dll
2016-07-20 02:59 - 2015-12-08 21:07 - 00978944 _____ (Microsoft Corporation) C:\Windows\system32\WMSPDMOD.DLL
2016-07-20 02:59 - 2015-12-08 21:07 - 00666112 _____ (Microsoft Corporation) C:\Windows\system32\WMVSDECD.DLL
2016-07-20 02:59 - 2015-12-08 21:07 - 00653824 _____ (Microsoft Corporation) C:\Windows\system32\MP4SDECD.DLL
2016-07-20 02:59 - 2015-12-08 21:07 - 00642048 _____ (Microsoft Corporation) C:\Windows\system32\WMVXENCD.DLL
2016-07-20 02:59 - 2015-12-08 21:07 - 00632320 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
2016-07-20 02:59 - 2015-12-08 21:07 - 00624640 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2016-07-20 02:59 - 2015-12-08 21:07 - 00484864 _____ (Microsoft Corporation) C:\Windows\system32\MFWMAAEC.DLL
2016-07-20 02:59 - 2015-12-08 21:07 - 00447488 _____ (Microsoft Corporation) C:\Windows\system32\WMVSENCD.DLL
2016-07-20 02:59 - 2015-12-08 21:07 - 00432128 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2016-07-20 02:59 - 2015-12-08 21:07 - 00378880 _____ (Microsoft Corporation) C:\Windows\system32\SysFxUI.dll
2016-07-20 02:59 - 2015-12-08 21:07 - 00371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2016-07-20 02:59 - 2015-12-08 21:07 - 00292352 _____ (Microsoft Corporation) C:\Windows\system32\VIDRESZR.DLL
2016-07-20 02:59 - 2015-12-08 21:07 - 00254464 _____ (Microsoft Corporation) C:\Windows\system32\qasf.dll
2016-07-20 02:59 - 2015-12-08 21:07 - 00225792 _____ (Microsoft Corporation) C:\Windows\system32\RESAMPLEDMO.DLL
2016-07-20 02:59 - 2015-12-08 21:07 - 00224768 _____ (Microsoft Corporation) C:\Windows\system32\MPG4DECD.DLL
2016-07-20 02:59 - 2015-12-08 21:07 - 00223744 _____ (Microsoft Corporation) C:\Windows\system32\MP43DECD.DLL
2016-07-20 02:59 - 2015-12-08 21:07 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2016-07-20 02:59 - 2015-12-08 21:07 - 00189952 _____ (Microsoft Corporation) C:\Windows\system32\COLORCNV.DLL
2016-07-20 02:59 - 2015-12-08 21:07 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\MP3DMOD.DLL
2016-07-20 02:59 - 2015-12-08 21:07 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\devenum.dll
2016-07-20 02:59 - 2015-12-08 21:07 - 00070144 _____ (Microsoft Corporation) C:\Windows\system32\mfvdsp.dll
2016-07-20 02:59 - 2015-12-08 21:07 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2016-07-20 02:59 - 2015-12-08 21:07 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\ksuser.dll
2016-07-20 02:59 - 2015-12-08 21:06 - 00250880 _____ (Microsoft Corporation) C:\Windows\system32\ksproxy.ax
2016-07-20 02:59 - 2015-12-08 21:06 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2016-07-20 02:59 - 2015-12-08 21:04 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2016-07-20 02:59 - 2015-12-08 20:54 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys
2016-07-20 02:59 - 2015-12-08 20:12 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys
2016-07-20 02:59 - 2015-12-08 20:11 - 00005632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmkaud.sys
2016-07-20 02:57 - 2016-05-12 19:15 - 00105472 _____ (Microsoft Corporation) C:\Windows\system32\winipsec.dll
2016-07-20 02:57 - 2016-05-12 19:14 - 00794624 _____ (Microsoft Corporation) C:\Windows\system32\gpsvc.dll
2016-07-20 02:57 - 2016-05-12 19:14 - 00502272 _____ (Microsoft Corporation) C:\Windows\system32\IPSECSVC.DLL
2016-07-20 02:57 - 2016-05-12 19:14 - 00373760 _____ (Microsoft Corporation) C:\Windows\system32\polstore.dll
2016-07-20 02:57 - 2016-05-12 19:14 - 00096256 _____ (Microsoft Corporation) C:\Windows\system32\gpapi.dll
2016-07-20 02:57 - 2016-05-12 19:14 - 00075776 _____ (Microsoft Corporation) C:\Windows\system32\FwRemoteSvr.dll
2016-07-20 02:57 - 2016-05-12 17:18 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\polstore.dll
2016-07-20 02:57 - 2016-05-12 17:18 - 00079360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gpapi.dll
2016-07-20 02:57 - 2016-05-12 17:18 - 00070144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winipsec.dll
2016-07-20 02:57 - 2016-05-12 17:18 - 00044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FwRemoteSvr.dll
2016-07-20 02:56 - 2016-05-18 18:10 - 00312832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2016-07-20 02:56 - 2016-05-18 18:09 - 00405504 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2016-07-20 02:56 - 2016-04-09 08:58 - 14186496 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2016-07-20 02:56 - 2016-04-09 08:57 - 01867776 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2016-07-20 02:56 - 2016-04-09 08:54 - 12881408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2016-07-20 02:56 - 2016-04-09 08:54 - 01499648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll
2016-07-20 02:56 - 2016-04-09 07:53 - 03231232 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2016-07-20 02:56 - 2016-04-09 07:44 - 02973184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2016-07-20 02:56 - 2016-04-06 17:27 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\jnwmon.dll
2016-07-20 02:56 - 2016-03-09 21:00 - 00396800 _____ (Microsoft Corporation) C:\Windows\system32\webio.dll
2016-07-20 02:56 - 2016-03-09 20:40 - 00316416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webio.dll
2016-07-20 02:56 - 2016-02-09 11:57 - 14634496 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2016-07-20 02:56 - 2016-02-09 11:57 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2016-07-20 02:56 - 2016-02-09 11:56 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2016-07-20 02:56 - 2016-02-09 11:56 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2016-07-20 02:56 - 2016-02-09 11:54 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2016-07-20 02:56 - 2016-02-09 11:51 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2016-07-20 02:56 - 2016-02-09 11:51 - 11411456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2016-07-20 02:56 - 2016-02-09 11:13 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2016-07-20 02:56 - 2016-02-09 11:13 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2016-07-20 02:56 - 2016-02-09 11:13 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2016-07-20 02:56 - 2015-10-13 06:57 - 00950720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2016-07-20 02:55 - 2016-04-09 09:02 - 00631176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2016-07-20 02:55 - 2016-04-09 09:01 - 05546216 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-07-20 02:55 - 2016-04-09 09:01 - 00706280 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2016-07-20 02:55 - 2016-04-09 08:59 - 03998952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2016-07-20 02:55 - 2016-04-09 08:59 - 03943144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2016-07-20 02:55 - 2016-04-09 08:59 - 01732864 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2016-07-20 02:55 - 2016-04-09 08:58 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2016-07-20 02:55 - 2016-04-09 08:58 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2016-07-20 02:55 - 2016-04-09 08:58 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2016-07-20 02:55 - 2016-04-09 08:58 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2016-07-20 02:55 - 2016-04-09 08:58 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2016-07-20 02:55 - 2016-04-09 08:58 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2016-07-20 02:55 - 2016-04-09 08:58 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2016-07-20 02:55 - 2016-04-09 08:57 - 01314112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2016-07-20 02:55 - 2016-04-09 08:57 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2016-07-20 02:55 - 2016-04-09 08:57 - 00880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2016-07-20 02:55 - 2016-04-09 08:57 - 00419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2016-07-20 02:55 - 2016-04-09 08:57 - 00059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2016-07-20 02:55 - 2016-04-09 08:57 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2016-07-20 02:55 - 2016-04-09 08:57 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2016-07-20 02:55 - 2016-04-09 08:57 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2016-07-20 02:55 - 2016-04-09 08:57 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2016-07-20 02:55 - 2016-04-09 08:57 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-07-20 02:55 - 2016-04-09 08:57 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-07-20 02:55 - 2016-04-09 08:57 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-07-20 02:55 - 2016-04-09 08:57 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-07-20 02:55 - 2016-04-09 08:57 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-07-20 02:55 - 2016-04-09 08:57 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-07-20 02:55 - 2016-04-09 08:57 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-07-20 02:55 - 2016-04-09 08:57 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-07-20 02:55 - 2016-04-09 08:57 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-07-20 02:55 - 2016-04-09 08:57 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-07-20 02:55 - 2016-04-09 08:57 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-07-20 02:55 - 2016-04-09 08:57 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-07-20 02:55 - 2016-04-09 08:57 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-07-20 02:55 - 2016-04-09 08:57 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-07-20 02:55 - 2016-04-09 08:57 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-07-20 02:55 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-07-20 02:55 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-07-20 02:55 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-07-20 02:55 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-07-20 02:55 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-07-20 02:55 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-07-20 02:55 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-07-20 02:55 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-07-20 02:55 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-07-20 02:55 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-07-20 02:55 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-07-20 02:55 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-07-20 02:55 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-07-20 02:55 - 2016-04-09 08:54 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2016-07-20 02:55 - 2016-04-09 08:54 - 00644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2016-07-20 02:55 - 2016-04-09 08:54 - 00275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2016-07-20 02:55 - 2016-04-09 08:54 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2016-07-20 02:55 - 2016-04-09 08:54 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2016-07-20 02:55 - 2016-04-09 08:54 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2016-07-20 02:55 - 2016-04-09 08:54 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2016-07-20 02:55 - 2016-04-09 08:54 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2016-07-20 02:55 - 2016-04-09 08:54 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-07-20 02:55 - 2016-04-09 08:54 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-07-20 02:55 - 2016-04-09 08:54 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-07-20 02:55 - 2016-04-09 08:54 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-07-20 02:55 - 2016-04-09 08:54 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-07-20 02:55 - 2016-04-09 08:54 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-07-20 02:55 - 2016-04-09 08:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-07-20 02:55 - 2016-04-09 08:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-07-20 02:55 - 2016-04-09 08:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-07-20 02:55 - 2016-04-09 08:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-07-20 02:55 - 2016-04-09 08:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-07-20 02:55 - 2016-04-09 08:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-07-20 02:55 - 2016-04-09 08:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2016-07-20 02:55 - 2016-04-09 08:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-07-20 02:55 - 2016-04-09 08:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-07-20 02:55 - 2016-04-09 08:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2016-07-20 02:55 - 2016-04-09 08:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-07-20 02:55 - 2016-04-09 08:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-07-20 02:55 - 2016-04-09 08:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-07-20 02:55 - 2016-04-09 08:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-07-20 02:55 - 2016-04-09 08:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-07-20 02:55 - 2016-04-09 08:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-07-20 02:55 - 2016-04-09 08:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2016-07-20 02:55 - 2016-04-09 07:52 - 00148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2016-07-20 02:55 - 2016-04-09 07:52 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2016-07-20 02:55 - 2016-04-09 07:52 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2016-07-20 02:55 - 2016-04-09 07:48 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2016-07-20 02:55 - 2016-04-09 07:47 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2016-07-20 02:55 - 2016-04-09 07:43 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2016-07-20 02:55 - 2016-04-09 07:38 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2016-07-20 02:55 - 2016-04-09 07:38 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2016-07-20 02:55 - 2016-04-09 07:38 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2016-07-20 02:55 - 2016-04-09 07:38 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2016-07-20 02:55 - 2016-04-09 07:37 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2016-07-20 02:55 - 2016-04-09 07:37 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-07-20 02:55 - 2016-04-09 07:37 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-07-20 02:55 - 2016-04-09 07:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2016-07-20 02:55 - 2016-03-24 00:40 - 00634432 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2016-07-20 02:55 - 2016-03-09 20:54 - 00275456 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2016-07-20 02:55 - 2016-03-09 20:34 - 00216064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InkEd.dll
2016-07-20 02:55 - 2015-11-03 21:04 - 00241664 _____ (Microsoft Corporation) C:\Windows\system32\els.dll
2016-07-20 02:55 - 2015-11-03 20:55 - 00179712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\els.dll
2016-07-20 02:54 - 2016-04-14 18:46 - 00114408 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2016-07-20 02:54 - 2016-04-14 18:42 - 03243520 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2016-07-20 02:54 - 2016-04-14 18:42 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2016-07-20 02:54 - 2016-04-14 18:42 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2016-07-20 02:54 - 2016-04-14 18:42 - 00070144 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2016-07-20 02:54 - 2016-04-14 18:42 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\msimsg.dll
2016-07-20 02:54 - 2016-04-14 17:33 - 02365440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2016-07-20 02:54 - 2016-04-14 17:33 - 01806848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2016-07-20 02:54 - 2016-04-14 17:33 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2016-07-20 02:54 - 2016-04-14 17:33 - 00025088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimsg.dll
2016-07-20 02:54 - 2016-04-14 17:19 - 00128000 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2016-07-20 02:54 - 2016-04-14 17:11 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe
2016-07-20 02:54 - 2016-04-09 06:20 - 01230848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2016-07-20 02:54 - 2016-04-09 05:52 - 01424896 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2016-07-19 21:50 - 2016-07-19 21:51 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-07-19 21:50 - 2016-07-19 21:50 - 00002047 _____ C:\Users\Public\Desktop\Acrobat Reader DC.lnk
2016-07-19 21:19 - 2016-07-19 21:19 - 00000000 ___HD C:\OneDriveTemp
2016-07-19 20:35 - 2016-07-19 20:35 - 00000000 ____D C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox

==================== Een Maand Gewijzigd bestanden en mappen ========

(Als een item is opgenomen in de fixlist, het bestand/map wordt verplaatst.)

2016-07-25 13:02 - 2014-08-09 13:54 - 00000000 ___RD C:\Users\User\OneDrive
2016-07-25 13:02 - 2009-07-14 06:45 - 00023376 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-07-25 13:02 - 2009-07-14 06:45 - 00023376 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-07-25 12:59 - 2014-08-03 13:53 - 00000000 ____D C:\Users\User\AppData\Roaming\Raptr
2016-07-25 12:58 - 2015-08-19 00:12 - 00000000 ____D C:\Users\User\AppData\Local\Dropbox
2016-07-25 12:57 - 2013-03-23 01:24 - 00000000 ___RD C:\Users\User\Dropbox
2016-07-25 12:56 - 2009-07-14 11:16 - 00757504 _____ C:\Windows\system32\perfh013.dat
2016-07-25 12:56 - 2009-07-14 11:16 - 00159628 _____ C:\Windows\system32\perfc013.dat
2016-07-25 12:56 - 2009-07-14 07:13 - 01705236 _____ C:\Windows\system32\PerfStringBackup.INI
2016-07-25 12:56 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\inf
2016-07-25 12:49 - 2014-11-04 18:58 - 00000000 ____D C:\Program Files\SUPERAntiSpyware
2016-07-25 12:49 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-07-25 12:18 - 2015-08-19 00:13 - 00001020 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2689027922-2357379931-3514953091-1000UA.job
2016-07-25 12:07 - 2014-12-09 21:27 - 00000940 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-07-25 00:43 - 2013-03-13 15:47 - 00003950 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{9F8AEA8F-2F13-4B07-B8E0-317C5054EBFD}
2016-07-25 00:17 - 2015-08-19 00:12 - 00000968 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2689027922-2357379931-3514953091-1000Core.job
2016-07-24 22:20 - 2014-07-18 23:50 - 00000000 ____D C:\Users\User\AppData\LocalLow\Adblock Plus for IE
2016-07-21 22:14 - 2014-12-13 22:14 - 00000000 ____D C:\Program Files (x86)\Overwolf
2016-07-21 04:30 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2016-07-21 03:48 - 2009-07-14 06:45 - 02342376 _____ C:\Windows\system32\FNTCACHE.DAT
2016-07-21 03:46 - 2009-07-14 11:56 - 00000000 ____D C:\Program Files\Windows Journal
2016-07-21 03:45 - 2015-04-05 03:00 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2016-07-21 03:45 - 2015-04-05 03:00 - 00000000 ___SD C:\Windows\system32\GWX
2016-07-21 03:45 - 2014-12-11 04:30 - 00000000 ____D C:\Windows\system32\appraiser
2016-07-21 03:45 - 2014-05-07 03:00 - 00000000 ___SD C:\Windows\system32\CompatTel
2016-07-21 03:22 - 2013-03-22 15:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2016-07-21 03:21 - 2013-08-15 03:00 - 00000000 ____D C:\Windows\system32\MRT
2016-07-21 03:21 - 2013-03-22 15:57 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2016-07-21 03:21 - 2013-03-22 15:57 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2016-07-21 03:14 - 2014-11-14 04:02 - 144749672 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-07-21 03:10 - 2013-03-18 09:42 - 01678968 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2016-07-20 04:05 - 2015-04-15 18:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Gaming Evolved
2016-07-20 03:59 - 2014-03-13 19:18 - 00000000 ____D C:\Windows\pss
2016-07-20 03:59 - 2013-11-30 18:26 - 00000000 ____D C:\Users\User\AppData\Roaming\Spotify
2016-07-20 03:59 - 2013-11-30 18:26 - 00000000 ____D C:\Users\User\AppData\Local\Spotify
2016-07-20 03:58 - 2013-03-22 16:44 - 00000000 ____D C:\Users\User\AppData\Roaming\BitTorrent
2016-07-20 02:50 - 2013-03-22 15:42 - 00001912 _____ C:\Windows\epplauncher.mif
2016-07-20 02:50 - 2013-03-22 15:41 - 00002117 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
2016-07-20 02:49 - 2013-03-22 15:41 - 00000000 ____D C:\Program Files\Microsoft Security Client
2016-07-20 02:49 - 2013-03-22 15:41 - 00000000 ____D C:\Program Files (x86)\Microsoft Security Client
2016-07-20 02:45 - 2009-07-14 04:34 - 00000478 _____ C:\Windows\win.ini
2016-07-19 23:07 - 2014-12-09 21:27 - 00003878 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-07-19 23:07 - 2014-09-24 21:59 - 00796352 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-07-19 23:07 - 2014-09-24 21:59 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-07-19 22:07 - 2013-03-22 14:04 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2016-07-19 22:07 - 2013-03-22 14:04 - 00000000 ____D C:\Windows\system32\Macromed
2016-07-19 21:51 - 2015-05-13 00:14 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2016-07-19 21:50 - 2013-03-22 14:38 - 00000000 ____D C:\Program Files (x86)\Adobe
2016-07-19 21:50 - 2013-03-22 14:37 - 00000000 ____D C:\ProgramData\Adobe
2016-07-19 21:34 - 2013-06-01 19:36 - 00002215 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-07-19 21:19 - 2014-08-09 13:54 - 00002176 _____ C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
2016-07-19 21:00 - 2013-06-01 19:36 - 00004052 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2016-07-19 21:00 - 2013-06-01 19:36 - 00003800 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2016-07-19 21:00 - 2013-06-01 19:36 - 00001056 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-07-19 21:00 - 2013-06-01 19:36 - 00001052 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-07-19 20:40 - 2015-05-17 18:49 - 00000000 ____D C:\Program Files\Adblock Plus for IE
2016-07-19 20:38 - 2013-03-23 01:18 - 00000000 ____D C:\Users\User\AppData\Roaming\Dropbox
2016-07-19 20:33 - 2014-11-13 18:56 - 00000000 __SHD C:\Users\User\AppData\LocalLow\EmieBrowserModeList
2016-07-19 20:33 - 2014-04-23 12:00 - 00000000 __SHD C:\Users\User\AppData\LocalLow\EmieUserList
2016-07-19 20:33 - 2014-04-23 12:00 - 00000000 __SHD C:\Users\User\AppData\LocalLow\EmieSiteList
2016-07-07 02:39 - 2013-03-13 16:01 - 00485032 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe

==================== Bestanden in de root van sommige mappen =======

2015-01-02 16:18 - 2015-01-02 16:54 - 0000098 _____ () C:\Users\User\AppData\Roaming\theHunterPrimal_LauncherSettings_live.cfg
2015-01-02 16:24 - 2015-01-02 16:24 - 0006849 _____ () C:\Users\User\AppData\Roaming\TheHunterPrimevalSettings_live.bin
2015-01-02 16:16 - 2015-01-02 16:19 - 0000040 _____ () C:\Users\User\AppData\Roaming\TheHunterPrimevalSettings_live.cfg

Sommige bestanden in TEMP:
====================
C:\Users\User\AppData\Local\Temp\libeay32.dll
C:\Users\User\AppData\Local\Temp\msvcr120.dll
C:\Users\User\AppData\Local\Temp\RDtemp.exe
C:\Users\User\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap =================

(Er is geen automatische fix voor bestanden die de verificatie niet doorkomen.)

C:\Windows\system32\winlogon.exe => Bestand is getekend
C:\Windows\system32\wininit.exe => Bestand is getekend
C:\Windows\SysWOW64\wininit.exe => Bestand is getekend
C:\Windows\explorer.exe => Bestand is getekend
C:\Windows\SysWOW64\explorer.exe => Bestand is getekend
C:\Windows\system32\svchost.exe => Bestand is getekend
C:\Windows\SysWOW64\svchost.exe => Bestand is getekend
C:\Windows\system32\services.exe => Bestand is getekend
C:\Windows\system32\User32.dll => Bestand is getekend
C:\Windows\SysWOW64\User32.dll => Bestand is getekend
C:\Windows\system32\userinit.exe => Bestand is getekend
C:\Windows\SysWOW64\userinit.exe => Bestand is getekend
C:\Windows\system32\rpcss.dll => Bestand is getekend
C:\Windows\system32\dnsapi.dll => Bestand is getekend
C:\Windows\SysWOW64\dnsapi.dll => Bestand is getekend
C:\Windows\system32\Drivers\volsnap.sys => Bestand is getekend


LastRegBack: 2016-07-18 21:49

==================== Eind van FRST.txt ============================
MentalParadox is offline  
Old 07-25-2016, 04:15 AM   #5
Registered Member
 
MentalParadox's Avatar
 
Join Date: Mar 2013
Location: Brasschaat, Belgium.
Posts: 131
OS: Windows 10 Home, 64bit



Addition part 1:

Extra scanresultaten van Farbar Recovery Scan Tool (x64) Versie: 24-07-2016
Gestart door User (2016-07-25 13:05:44)
Gestart vanaf C:\Users\User\OneDrive
Windows 7 Home Premium Service Pack 1 (X64) (2013-03-13 12:55:29)
Boot Modus: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-2689027922-2357379931-3514953091-500 - Administrator - Disabled)
ASPNET (S-1-5-21-2689027922-2357379931-3514953091-1004 - Limited - Enabled)
Gast (S-1-5-21-2689027922-2357379931-3514953091-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2689027922-2357379931-3514953091-1002 - Limited - Enabled)
User (S-1-5-21-2689027922-2357379931-3514953091-1000 - Administrator - Enabled) => C:\Users\User

==================== Security Center ========================

(Als een item is opgenomen in de fixlist, zal het worden verwijderd.)

AV: Microsoft Security Essentials (Enabled - Up to date) {768124D7-F5F7-6D2F-DDC2-94DFA4017C95}
AS: Microsoft Security Essentials (Enabled - Up to date) {CDE0C533-D3CD-62A1-E772-AFADDF863628}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Geïnstalleerde programma's ======================

(Alleen de adware-programma's met 'verborgen' vlag zou kunnen worden toegevoegd aan de fixlist om ze zichtbaar te maken. De adware-programma's moeten handmatig gedeinstallerd worden.)

(HKLM\...\UDK-2d36c30c-529c-489e-9567-a42822d2c91c) (Version: - RuneStorm
Adblock Plus voor IE (32-bit en 64-bit) (HKLM\...\{EAB6B77C-0E46-48EF-8660-7ABA400F7FB4}) (Version: 1.5 - Eyeo GmbH)
Adobe Acrobat Reader DC - Nederlands (HKLM-x32\...\{AC76BA86-7AD7-1043-7B44-AC0F074E4100}) (Version: 15.010.20056 - Adobe Systems Incorporated)
Adobe Flash Player 22 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 22.0.0.210 - Adobe Systems Incorporated)
Adobe Flash Player 22 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 22.0.0.209 - Adobe Systems Incorporated)
Adobe Illustrator CS3 (HKLM-x32\...\Adobe_a04a925a57548091300ada368235fc6) (Version: 13.0 - Adobe Systems Incorporated)
Age of Conan: Unchained - EU version (HKLM-x32\...\Steam App 217750) (Version: - Funcom)
Akamai NetSession Interface (HKU\S-1-5-21-2689027922-2357379931-3514953091-1000\...\Akamai) (Version: - Akamai Technologies, Inc)
Alcor Micro USB Card Reader (HKLM-x32\...\AmUStor) (Version: 3.10.142.72249 - Alcor Micro Corp.)
Alcor Micro USB Card Reader (x32 Version: 3.10.142.72249 - Alcor Micro Corp.) Hidden
Aliens vs. Predator (HKLM-x32\...\Steam App 10680) (Version: - Rebellion)
AMD Catalyst Install Manager (HKLM\...\{7E5DC2C5-115A-322B-976C-219237FAED66}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
ArcaniA – Gothic 4 (HKLM-x32\...\Steam App 39690) (Version: - Spellbound Studios)
Archeage (HKLM-x32\...\Glyph Archeage) (Version: - Trion Worlds, Inc.)
Assistent content manager voor PlayStation(R) (HKLM-x32\...\{961D5D7E-3DEC-4E3B-9065-EA8074923B18}) (Version: 3.31.7643.1 - Sony Computer Entertainment Inc.)
AVS Update Manager 1.0 (HKLM-x32\...\AVS Update Manager_is1) (Version: - Online Media Technologies Ltd.)
AVS Video Converter 8 (HKLM-x32\...\AVS4YOU Video Converter 7_is1) (Version: - Online Media Technologies Ltd.)
AVS4YOU Software Navigator 1.4 (HKLM-x32\...\AVS4YOU Software Navigator_is1) (Version: - Online Media Technologies Ltd.)
Battlefield: Bad Company 2 (HKLM-x32\...\Steam App 24960) (Version: - DICE)
Belgium e-ID middleware 4.0.7 (build 7466) (HKLM\...\{824563DE-75AD-4166-9DC0-B6482F207466}) (Version: 4.0.7466 - Belgian Government)
BioShock Infinite (HKLM-x32\...\Steam App 8870) (Version: - Irrational Games)
BitTorrent (HKU\S-1-5-21-2689027922-2357379931-3514953091-1000\...\BitTorrent) (Version: 7.9.4.40912 - BitTorrent Inc.)
Black Mesa (HKLM-x32\...\Steam App 362890) (Version: - )
Black Mesa Dedicated Server (HKLM-x32\...\Steam App 346680) (Version: - )
Braid (HKLM-x32\...\Steam App 26800) (Version: - Number None, Inc.)
Bully: Scholarship Edition (HKLM-x32\...\Steam App 12200) (Version: - Rockstar)
Call of Duty (HKLM-x32\...\Steam App 2620) (Version: - Infinity Ward)
Call of Duty(R) 4 - Modern Warfare(TM) (HKLM-x32\...\InstallShield_{E48469CC-635E-4FD5-A122-1497C286D217}) (Version: 1.00.0000 - Activision)
Call of Duty(R) 4 - Modern Warfare(TM) (x32 Version: 1.00.0000 - Activision) Hidden
Call of Duty: World at War (HKLM-x32\...\Steam App 10090) (Version: - Treyarch)
Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: - )
Canon IJ Network Scanner Selector EX (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX) (Version: - ‪Canon Inc.‬)
Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: 3.1.0 - Canon Inc.)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: - ‪Canon Inc.‬)
Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version: 4.0.0 - Canon Inc.)
Canon MG3200 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG3200_series) (Version: 1.01 - Canon Inc.)
Canon MG3200 series On-screen Manual (HKLM-x32\...\Canon MG3200 series On-screen Manual) (Version: 7.5.0 - Canon Inc.)
Canon My Image Garden (HKLM-x32\...\Canon My Image Garden) (Version: 1.0.0 - Canon Inc.)
Canon My Image Garden Design Files (HKLM-x32\...\Canon My Image Garden Design Files) (Version: 1.0.0 - Canon Inc.)
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.0.0 - Canon Inc.)
Canon Quick Menu (HKLM-x32\...\CanonQuickMenu) (Version: 2.0.0 - Canon Inc.)
Carmageddon Max Pack (HKLM-x32\...\Steam App 282010) (Version: - )
Colin McRae Rally 04 (HKLM-x32\...\{F8718F95-21A1-44B9-97EC-679C93020BAE}) (Version: 1.00.000 - )
Copa Petrobras de Marcas (HKLM-x32\...\Steam App 359800) (Version: - Reiza Studios)
Counter-Strike: Source (HKLM-x32\...\Steam App 240) (Version: - Valve)
Crysis (HKLM-x32\...\Steam App 17300) (Version: - Crytek)
Crysis 2 Maximum Edition (HKLM-x32\...\Steam App 108800) (Version: - Crytek Studios)
CyberLink PowerDVD 10 (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.3.2815 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dear Esther (HKLM-x32\...\Steam App 203810) (Version: - )
Deus Ex: Game of the Year Edition (HKLM-x32\...\Steam App 6910) (Version: - Ion Storm)
Deus Ex: Human Revolution - The Missing Link (HKLM-x32\...\Steam App 201280) (Version: - Eidos Montreal)
Deus Ex: Human Revolution (HKLM-x32\...\Steam App 28050) (Version: - Eidos Montreal)
Deus Ex: The Fall (HKLM-x32\...\Steam App 258180) (Version: - Square Enix)
DiRT 3 (HKLM-x32\...\Steam App 44320) (Version: - Codemasters)
Dishonored (HKLM-x32\...\Steam App 205100) (Version: 1.0 - Bethesda Softworks)
DOOM 3: BFG Edition (HKLM-x32\...\Steam App 208200) (Version: - id Software)
DOOM II: Hell on Earth (HKLM-x32\...\Steam App 2300) (Version: - id Software)
Dropbox (HKU\S-1-5-21-2689027922-2357379931-3514953091-1000\...\Dropbox) (Version: 6.4.14 - Dropbox, Inc.)
Duke Nukem 3D: Megaton Edition (HKLM-x32\...\Steam App 225140) (Version: - 3D Realms)
Duke Nukem Forever (HKLM-x32\...\Steam App 57900) (Version: - Gearbox Software)
Dxtory version 2.0.122 (HKLM-x32\...\Dxtory2.0_is1) (Version: 2.0.122 - Dxtory Software)
EAX Unified (HKLM-x32\...\EAX Unified) (Version: - )
Elite Dangerous Launcher version 0.4.1765.0 (HKLM-x32\...\{696F8871-C91D-4CB1-825D-36BE18065575}_is1) (Version: 0.4.1765.0 - Frontier Developments)
Enemy Territory: Quake Wars (HKLM-x32\...\Steam App 10000) (Version: - id Software)
EVE Online (HKLM-x32\...\{3CFB737E-3099-4A69-AD77-4985C72AE13D}) (Version: 3.0.0 - CCP Games Ltd.)
F.E.A.R. (HKLM-x32\...\Steam App 21090) (Version: - Monolith Productions, Inc.)
F1 2010 (x32 Version: 1.0.0001.132 - Codemasters) Hidden
Far Cry (HKLM-x32\...\Steam App 13520) (Version: - Crytek Studios)
Far Cry® 3 (HKLM-x32\...\Steam App 220240) (Version: - Ubisoft)
Far Cry® 3 Blood Dragon (HKLM-x32\...\Steam App 233270) (Version: - )
Final DOOM (HKLM-x32\...\Steam App 2290) (Version: - id Software)
FormatFactory 3.6.0.0 (HKLM-x32\...\FormatFactory) (Version: 3.6.0.0 - Format Factory)
Fraps (remove only) (HKLM-x32\...\Fraps) (Version: - )
Free WMA to MP3 Converter 1.16 (HKLM-x32\...\Free WMA to MP3 Converter_is1) (Version: - Jodix Technologies Ltd.)
GameSpy Comrade (HKLM-x32\...\{5F4C776F-8CBD-4C4F-892F-B568ABDD70C8}) (Version: 1.5.0.156 - GameSpy)
Garry's Mod (HKLM-x32\...\Steam App 4000) (Version: - Team Garry)
Gebruikersregistratie voor Canon MG3200 series (HKLM-x32\...\Gebruikersregistratie voor Canon MG3200 series) (Version: - Canon Inc.‎)
Glyph (HKLM-x32\...\Glyph) (Version: - Trion Worlds, Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 51.0.2704.103 - Google Inc.)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.7619.1252 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.30.3 - Google Inc.) Hidden
Grand Theft Auto III (HKLM-x32\...\Steam App 12100) (Version: - Rockstar)
Grand Theft Auto IV (HKLM-x32\...\Steam App 12210) (Version: - Rockstar)
Grand Theft Auto: Episodes from Liberty City (HKLM-x32\...\Steam App 12220) (Version: - Rockstar)
Grand Theft Auto: San Andreas (HKLM-x32\...\Steam App 12120) (Version: - Rockstar)
Grand Theft Auto: Vice City (HKLM-x32\...\Steam App 12110) (Version: - Rockstar)
Half-Life 2 (HKLM-x32\...\Steam App 220) (Version: - Valve)
Half-Life 2: Episode One (HKLM-x32\...\Steam App 380) (Version: - Valve)
Half-Life 2: Episode Two (HKLM-x32\...\Steam App 420) (Version: - Valve)
Half-Life 2: Lost Coast (HKLM-x32\...\Steam App 340) (Version: - Valve)
Half-Life: Blue Shift (HKLM-x32\...\Steam App 130) (Version: - Gearbox Software)
Half-Life: Opposing Force (HKLM-x32\...\Steam App 50) (Version: - Gearbox Software)
Hitman: Sniper Challenge (HKLM-x32\...\Steam App 205930) (Version: - IO Interactive)
HP Support Solutions Framework (HKLM-x32\...\{C43602FE-988C-47BA-9F9F-B95FDDAFB624}) (Version: 11.50.0031 - Hewlett-Packard Company)
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6325.0 - IDT)
Infestation: Survivor Stories (HKLM-x32\...\Steam App 226700) (Version: - Hammerpoint Interactive)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.0.0.1310 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.0.0.1083 - Intel Corporation)
Java 7 Update 67 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217067FF}) (Version: 7.0.670 - Oracle)
Java 8 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218025F0}) (Version: 8.0.250 - Oracle Corporation)
K-Lite Codec Pack 9.8.0 (Basic) (HKLM-x32\...\KLiteCodecPack_is1) (Version: 9.8.0 - )
L.A. Noire (HKLM-x32\...\Steam App 110800) (Version: - Rockstar)
Left 4 Dead (HKLM-x32\...\Steam App 500) (Version: - Valve)
Life Is Strange™ (HKLM-x32\...\Steam App 319630) (Version: - DONTNOD Entertainment)
LIMBO (HKLM-x32\...\Steam App 48000) (Version: - )
MagicDisc 2.7.106 (HKLM-x32\...\MagicDisc 2.7.106) (Version: - )
Mass Effect™ 3 (HKLM-x32\...\{534A31BD-20F4-46b0-85CE-09778379663C}) (Version: 1.05.0.0 - Electronic Arts)
Max Payne (HKLM-x32\...\Steam App 12140) (Version: - Remedy Entertainment)
Max Payne 2: The Fall of Max Payne (HKLM-x32\...\Steam App 12150) (Version: - Remedy Entertainment)
Max Payne 3 (HKLM-x32\...\Steam App 204100) (Version: - Rockstar Studios)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.141.11 - McAfee, Inc.)
Medal of Honor: Airborne (HKLM-x32\...\Steam App 24840) (Version: - EA Los Angeles)
Microsoft .NET Framework 1.1 (HKLM-x32\...\{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}) (Version: 1.1.4322 - Microsoft)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (Nederlands) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1043) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Flight Simulator SimConnect Client v10.0.62608.0 (HKLM-x32\...\{33D89314-361A-4495-A1E1-0ACBCE08F78D}) (Version: 10.0.62608.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{42AA4CA8-DCD8-4308-BCAB-0B6D75856A9D}) (Version: 3.5.95.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{67F42018-F647-4D3C-BE62-F8CB4FE2FCD5}) (Version: 3.5.67.0 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2689027922-2357379931-3514953091-1000\...\OneDriveSetup.exe) (Version: 17.3.6390.0509 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.9.218.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50428.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Xbox 360 Accessories 1.2 (HKLM\...\{D9C50188-12D5-4D3E-8F00-682346C2AA5F}) (Version: 1.20.146.0 - Microsoft)
Mirror's Edge (HKLM-x32\...\Steam App 17410) (Version: - DICE)
Mortal Kombat Komplete Edition (HKLM-x32\...\Mortal Kombat Komplete Edition_is1) (Version: - )
Mortal Kombat Komplete Edition (HKLM-x32\...\Steam App 237110) (Version: - NetherRealm Studios)
Mortal Kombat X (HKLM-x32\...\Steam App 307780) (Version: - NetherRealm Studios)
MotoGP™13 Demo (HKLM-x32\...\Steam App 243820) (Version: - Milestone S.r.l.)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
MovieWriterPro (HKLM-x32\...\Steam App 250360) (Version: - REYNES MARTIAL)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
MXGP - The Official Motocross Videogame Demo (HKLM-x32\...\Steam App 286650) (Version: - Milestone S.r.l.)
Need for Speed: Hot Pursuit (HKLM-x32\...\Steam App 47870) (Version: - Electronic Arts)
Need for Speed™ The Run (HKLM-x32\...\{0EDC9BA0-016E-406a-86DA-04FC1BE00C21}) (Version: 1.1.0.0 - Electronic Arts)
NVIDIA PhysX (HKLM-x32\...\{B455E95A-B804-439F-B533-336B1635AE97}) (Version: 9.14.0702 - NVIDIA Corporation)
NVIDIA PhysX (Legacy) (HKLM-x32\...\{FAAC26AD-73BA-40CE-86AA-C9213F9E064A}) (Version: 9.13.0604 - NVIDIA Corporation)
Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version: - )
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
Origin (HKLM-x32\...\Origin) (Version: 9.5.5.2850 - Electronic Arts, Inc.)
Outerra - Anteworld - Outerra Anteworld Demo (HKLM-x32\...\Outerra Anteworld) (Version: "0.8.1-4480" - "Outerra")
Overwolf (HKLM-x32\...\Overwolf) (Version: 0.96.218.0 - Overwolf Ltd.)
PDF Settings (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Pimsleur Course Manager (HKLM-x32\...\{2D9E812B-F901-4FC5-873B-ACC3DF33F8DC}) (Version: 1.3.4 - Simon & Schuster Digital Sales, Inc)
PlaysTV (HKLM-x32\...\PlaysTV) (Version: 1.12.4-r114636-release - Plays.tv, LLC)
Portal (HKLM-x32\...\Steam App 400) (Version: - Valve)
Portal 2 (HKLM-x32\...\Steam App 620) (Version: - Valve)
PrintKey2000 (HKLM-x32\...\PrintKey2000) (Version: - )
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.988 - Even Balance, Inc.)
Quake 4 (HKLM-x32\...\Steam App 2210) (Version: - )
Race Driver (HKLM-x32\...\InstallShield_{8E309767-4214-4A04-AB88-FE86155FC151}) (Version: 1.00.0000 - Codemasters)
Race Driver (x32 Version: 1.00.0000 - Codemasters) Hidden
RAGE (HKLM-x32\...\Steam App 9200) (Version: - id Software)
Raptr (HKLM-x32\...\Raptr) (Version: 5.2.3-r114633-release - Raptr, Inc)
Rapture3D 2.4.4 Game (HKLM-x32\...\{D2FCA41E-AC01-4DCD-B3A7-DC9E32363065}}_is1) (Version: - Blue Ripple Sound)
Realtek USB Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.2.9200.33045 - Realtek Semiconductor Corp.)
Resident Evil 5 (HKLM-x32\...\Steam App 21690) (Version: - Capcom)
Resident Evil 6 / Biohazard 6 (HKLM-x32\...\Steam App 221040) (Version: - Capcom)
Resident Evil Revelations 2 / Biohazard Revelations 2 (HKLM-x32\...\Steam App 287290) (Version: - CAPCOM Co., Ltd.)
Return to Castle Wolfenstein (HKLM-x32\...\Steam App 9010) (Version: - Gray Matter Studios)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.5.6 - Rockstar Games)
S.T.A.L.K.E.R.: Shadow of Chernobyl (HKLM-x32\...\Steam App 4500) (Version: - GSC Game World)
Saints Row IV (HKLM-x32\...\Steam App 206420) (Version: - Deep Silver Volition)
Saints Row IV (HKLM-x32\...\U2FpbnRzUm93SVY=_is1) (Version: 1 - )
Saints Row IV Inauguration Station (HKLM-x32\...\Steam App 242590) (Version: - )
Saints Row: The Third (HKLM-x32\...\Steam App 55230) (Version: - Volition)
Serious Sam 2 (HKLM-x32\...\Steam App 204340) (Version: - Croteam)
Serious Sam 3: BFE (HKLM-x32\...\Steam App 41070) (Version: - Croteam)
Serious Sam Classic: The First Encounter (HKLM-x32\...\Steam App 41050) (Version: - )
Serious Sam Classic: The Second Encounter (HKLM-x32\...\Steam App 41060) (Version: - Croteam)
Serious Sam HD: The First Encounter (HKLM-x32\...\Steam App 41000) (Version: - Croteam)
Serious Sam HD: The Second Encounter (HKLM-x32\...\Steam App 41010) (Version: - Croteam)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
Shadow Warrior (HKLM-x32\...\Steam App 233130) (Version: - Flying Wild Hog)
Simple Port Forwarding (HKLM-x32\...\Simple Port Forwarding) (Version: 3.8.1 - PcWinTech.com)
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
Sleeping Dogs™ (HKLM-x32\...\Steam App 202170) (Version: - United Front Games)
Spec Ops: The Line (HKLM-x32\...\Steam App 50300) (Version: - YAGER)
Spotify (HKU\S-1-5-21-2689027922-2357379931-3514953091-1000\...\Spotify) (Version: 1.0.12.161.g64b0797c - Spotify AB)
Star Wars - Battlefront II (HKLM-x32\...\Steam App 6060) (Version: - Pandemic Studios)
Star Wars Jedi Knight: Jedi Academy (HKLM-x32\...\Steam App 6020) (Version: - Raven Software)
Stardock Fences 2 (HKLM-x32\...\Stardock Fences 2) (Version: 2.13 - Stardock Software, Inc.)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Stuurprogrammapakket voor Windows - Fedict SmartCard (04/30/2014 4.0.7.5) (HKLM\...\C5357B4AD7C02B3F6EF45765A07E5B725E50BBF7) (Version: 04/30/2014 4.0.7.5 - Fedict)
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 6.0.1158 - SUPERAntiSpyware.com)
Taalpakket voor Microsoft Visual Studio 2010 Tools for Office Runtime (x64) - NLD (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - NLD) (Version: 10.0.50903 - Microsoft Corporation)
Team Fortress 2 (HKLM-x32\...\Steam App 440) (Version: - Valve)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
TERA (HKLM-x32\...\{0FCDA0F8-F3E5-402E-B9B6-13CB2B01182B}) (Version: 1.6 - En Masse Entertainment)
Test Drive Unlimited 2 (HKLM-x32\...\Steam App 9930) (Version: - Eden Studios)
The Crew (Beta) (HKLM-x32\...\Uplay Install 750) (Version: - Ubisoft)
The Secret World (HKLM-x32\...\The Secret World_is1) (Version: 1.0.0 - Funcom)
The Talos Principle Demo (HKLM-x32\...\Steam App 330710) (Version: - Croteam)
The Ultimate DOOM (HKLM-x32\...\Steam App 2280) (Version: - id Software)
This War of Mine (HKLM-x32\...\Steam App 282070) (Version: - 11 bit studios)
TI USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{28595CA6-8179-40E8-A68E-3630125C5D05}) (Version: 1.12.24.0 - Texas Instruments Inc.)
TI USB3 Host Driver (x32 Version: 1.12.24.0 - Texas Instruments Inc.) Hidden
Tomb Raider (HKLM-x32\...\Steam App 203160) (Version: - Crystal Dynamics)
TSP_CODEC (HKLM-x32\...\{A90C03D6-08E1-4C59-B93B-6919A6C0AC19}) (Version: 1.00.0000 - Bytescribe)
UE4 Prerequisites (x64) (HKLM-x32\...\{9514471f-b41e-41f7-af03-7da1d05b279e}) (Version: 1.0.8.0 - Epic Games, Inc.)
UE4 Prerequisites (x64) (Version: 1.0.8.0 - Epic Games, Inc.) Hidden
Uplay (HKLM-x32\...\Uplay) (Version: 4.8 - Ubisoft)
VASCO Card Reader Plug-In (64-Bit) (Version: 3.2.3.4 - VASCO Data Security) Hidden
VASCO Smart Card Reader Plug-In (User) (HKU\S-1-5-21-2689027922-2357379931-3514953091-1000\...\{c77cb28d-ddd3-46f7-b51a-14a599127ba7}) (Version: 3.2.3.4 - VASCO Data Security)
Viscera Cleanup Detail: Shadow Warrior
Viscera Cleanup Detail: Shadow Warrior (HKLM-x32\...\Steam App 255520) (Version: - RuneStorm)
VRtitties 15 (HKLM-x32\...\VRtitties 15) (Version: - )
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
WinRAR 4.00 (64-bit) (HKLM\...\WinRAR archiver) (Version: 4.00.0 - win.rar GmbH)
Wolfenstein: The New Order (HKLM-x32\...\Steam App 201810) (Version: - Machine Games)
Wolfenstein: The Old Blood (HKLM-x32\...\Steam App 350080) (Version: - MachineGames)

==================== Aangepaste CLSID (gefilterd): ==========================

(Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.)

CustomCLSID: HKU\S-1-5-21-2689027922-2357379931-3514953091-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\User\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2689027922-2357379931-3514953091-1000_Classes\CLSID\{162C6FB5-44D3-435B-903D-E613FA093FB5}\InprocServer32 -> C:\Users\User\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64\FileCoAuthLib64.dll ()
CustomCLSID: HKU\S-1-5-21-2689027922-2357379931-3514953091-1000_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\User\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\FileCoAuth.exe (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2689027922-2357379931-3514953091-1000_Classes\CLSID\{9E436272-69C3-5FBA-9C1D-15694337F4AC}\InprocServer32 -> C:\Users\User\AppData\Roaming\VASCO\VascoCardReaderPlugin\3.2.3.4\npVascoCardReaderPlugin64.dll (VASCO Data Security)
CustomCLSID: HKU\S-1-5-21-2689027922-2357379931-3514953091-1000_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\User\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2689027922-2357379931-3514953091-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\User\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2689027922-2357379931-3514953091-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\User\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2689027922-2357379931-3514953091-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\User\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2689027922-2357379931-3514953091-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\User\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2689027922-2357379931-3514953091-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\User\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2689027922-2357379931-3514953091-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\User\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2689027922-2357379931-3514953091-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\User\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2689027922-2357379931-3514953091-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\User\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2689027922-2357379931-3514953091-1000_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\User\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)

==================== Geplande Taken (gefilterd) =============

(Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.)

Task: {0D44A9A6-8AC2-4734-A0E0-C2B2116E6674} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-14] (Adobe Systems Incorporated)
Task: {1F4774E1-6FE4-4B9F-9CB2-7CEB65447738} - System32\Tasks\Microsoft\Windows\Setup\EOONotify => C:\Windows\EOONotify\EOONotify.exe [2016-07-08] (Microsoft Corporation)
Task: {24801866-4CC9-4ECA-B774-B0960CF2E081} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-2689027922-2357379931-3514953091-1000UA => C:\Users\User\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-08-19] (Dropbox, Inc.)
Task: {356C47CB-AF4B-4890-8BCB-0417A3DA3A56} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-07-19] (Adobe Systems Incorporated)
Task: {38EFACC8-261A-49EE-A8E1-C9DB0A83AFE3} - System32\Tasks\{D2AFC72E-BD2A-447B-A87E-5071EF3AF8A0} => pcalua.exe -a C:\Users\User\Desktop\sp57873.exe -d C:\Users\User\Desktop
Task: {3931AF9E-B83A-4FA6-B33E-4E8DA302209F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.)
Task: {3F611352-9516-47BA-B7EB-9F6833131F0A} - System32\Tasks\Overwolf Updater Task => C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [2016-07-17] (Overwolf LTD)
Task: {4042F6CB-465F-45EF-B090-63943FA9AF9E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.)
Task: {6DFD8E70-B3EE-4C65-9DA1-FF04EB9F2839} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-2689027922-2357379931-3514953091-1000Core => C:\Users\User\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-08-19] (Dropbox, Inc.)
Task: {82FCFD67-0BBB-4774-BD71-3478929965B1} - System32\Tasks\{BFE7371B-1100-49D0-99EA-0E47C9071233} => C:\Program Files (x86)\Steam\SteamApps\common\Deus Ex Invisible War\System\DX2Main.exe

(Als een item is opgenomen in de fixlist, de taak (job) bestand wordt verplaatst. Het bestand dat wordt uitgevoerd door de taak zal niet worden verplaatst.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2689027922-2357379931-3514953091-1000Core.job => C:\Users\User\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2689027922-2357379931-3514953091-1000UA.job => C:\Users\User\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Snelkoppelingen =============================

(De items kunnen worden opgenomen in de fixlist.txt om hersteld of verwijderd te worden.)

Shortcut: C:\Users\User\AppData\Local\Microsoft\Windows\GameExplorer\{FB8F41C2-CBF2-4465-865F-313C1EAF3C19}\SupportTasks\0\Meer spellen van Microsoft.lnk -> hxxp://www.rockstargames.com/vicecity/
Shortcut: C:\Users\User\AppData\Local\Microsoft\Windows\GameExplorer\{EE67F050-FA33-46BD-A5D3-E7A798538C72}\SupportTasks\0\Meer spellen van Microsoft.lnk -> hxxp://www.maxpayne.com/
Shortcut: C:\Users\User\AppData\Local\Microsoft\Windows\GameExplorer\{ED4F1219-8606-4EA1-B15D-D8EBB30A4940}\SupportTasks\1\Ondersteuning.lnk -> hxxp://www.xicat.com/
Shortcut: C:\Users\User\AppData\Local\Microsoft\Windows\GameExplorer\{ED4F1219-8606-4EA1-B15D-D8EBB30A4940}\SupportTasks\0\Meer spellen van Microsoft.lnk -> hxxp://www.piranha-bytes.com/
Shortcut: C:\Users\User\AppData\Local\Microsoft\Windows\GameExplorer\{D52D6B1D-C1CB-4989-BD6E-D19993BBAC28}\SupportTasks\1\Ondersteuning.lnk -> hxxp://www.activision.com/support/
Shortcut: C:\Users\User\AppData\Local\Microsoft\Windows\GameExplorer\{D52D6B1D-C1CB-4989-BD6E-D19993BBAC28}\SupportTasks\0\Meer spellen van Microsoft.lnk -> hxxp://www.callofduty.com/
Shortcut: C:\Users\User\AppData\Local\Microsoft\Windows\GameExplorer\{D1D34BF6-5F8D-4915-85A2-18C8EA61B1C9}\SupportTasks\0\Meer spellen van Microsoft.lnk -> hxxp://www.croteam.com/game_overview.shtml/
Shortcut: C:\Users\User\AppData\Local\Microsoft\Windows\GameExplorer\{D136C71D-6BE3-418E-AB38-F59AC97733AD}\SupportTasks\0\Ondersteuning.lnk -> hxxp://www.rockstargames.com/
Shortcut: C:\Users\User\AppData\Local\Microsoft\Windows\GameExplorer\{A39D1E08-935B-4842-9938-5FA443F384F2}\SupportTasks\0\Meer spellen van Microsoft.lnk -> hxxp://www.croteam.com/game_overview.shtml/
Shortcut: C:\Users\User\AppData\Local\Microsoft\Windows\GameExplorer\{7F84F6EE-C5E4-4516-A0B8-38B0643F685B}\SupportTasks\1\Ondersteuning.lnk -> hxxp://www.eidosinteractive.com/techsupp/index.htm/
Shortcut: C:\Users\User\AppData\Local\Microsoft\Windows\GameExplorer\{7F84F6EE-C5E4-4516-A0B8-38B0643F685B}\SupportTasks\0\Meer spellen van Microsoft.lnk -> hxxp://www.deusex.com/
Shortcut: C:\Users\User\AppData\Local\Microsoft\Windows\GameExplorer\{717E4DBF-C435-4CFB-8613-AE4105C668D5}\SupportTasks\1\Ondersteuning.lnk -> hxxp://www.activision.com/
Shortcut: C:\Users\User\AppData\Local\Microsoft\Windows\GameExplorer\{717E4DBF-C435-4CFB-8613-AE4105C668D5}\SupportTasks\0\Meer spellen van Microsoft.lnk -> hxxp://www.activision.com/games/wolfenstein/
Shortcut: C:\Users\User\AppData\Local\Microsoft\Windows\GameExplorer\{69F2B70F-B674-4EB7-AF68-3AB5D3C85985}\SupportTasks\1\Ondersteuning.lnk -> hxxp://www.activision.com/support/
Shortcut: C:\Users\User\AppData\Local\Microsoft\Windows\GameExplorer\{69F2B70F-B674-4EB7-AF68-3AB5D3C85985}\SupportTasks\0\Meer spellen van Microsoft.lnk -> hxxp://www.quake4game.com/
Shortcut: C:\Users\User\AppData\Local\Microsoft\Windows\GameExplorer\{603054CE-8640-44A0-9A90-4563B357E161}\SupportTasks\1\Ondersteuning.lnk -> hxxp://www.atarisupport.com/
Shortcut: C:\Users\User\AppData\Local\Microsoft\Windows\GameExplorer\{603054CE-8640-44A0-9A90-4563B357E161}\SupportTasks\0\Meer spellen van Microsoft.lnk -> hxxp://www.microsoft.com/games/crimsonskies/
Shortcut: C:\Users\User\AppData\Local\Microsoft\Windows\GameExplorer\{4F24373E-5CDC-4EA6-8AD1-89C13825E486}\SupportTasks\0\Meer spellen van Microsoft.lnk -> hxxp://www.maxpayne2.com/
Shortcut: C:\Users\User\AppData\Local\Microsoft\Windows\GameExplorer\{44D0F1A2-3A4B-46E0-B2A0-77BE996495DB}\SupportTasks\1\Ondersteuning.lnk -> hxxp://support.guildwars.com/
Shortcut: C:\Users\User\AppData\Local\Microsoft\Windows\GameExplorer\{44D0F1A2-3A4B-46E0-B2A0-77BE996495DB}\SupportTasks\0\Meer spellen van Microsoft.lnk -> hxxp://www.guildwars.com/
Shortcut: C:\Users\User\AppData\Local\Microsoft\Windows\GameExplorer\{2763BAFC-E61B-41C9-8CDD-4F18AFEB37FC}\SupportTasks\0\Meer spellen van Microsoft.lnk -> hxxp://www.guildwars.com/
Shortcut: C:\Users\User\AppData\Local\Microsoft\Windows\GameExplorer\{2157E225-76E2-409C-AD5F-74EB0E4581EA}\SupportTasks\1\Ondersteuning.lnk -> hxxp://www.activision.com/
Shortcut: C:\Users\User\AppData\Local\Microsoft\Windows\GameExplorer\{2157E225-76E2-409C-AD5F-74EB0E4581EA}\SupportTasks\0\Meer spellen van Microsoft.lnk -> hxxp://www.activision.com/games/wolfenstein/
Shortcut: C:\Users\User\AppData\Local\Microsoft\Windows\GameExplorer\{17E5E1EB-E18C-4451-A229-4ED83CCD776D}\SupportTasks\1\Ondersteuning.lnk -> hxxp://support.ubi.com/
Shortcut: C:\Users\User\AppData\Local\Microsoft\Windows\GameExplorer\{17E5E1EB-E18C-4451-A229-4ED83CCD776D}\SupportTasks\0\Meer spellen van Microsoft.lnk -> hxxp://www.farcrygame.com/
Shortcut: C:\Users\User\AppData\Local\Microsoft\Windows\GameExplorer\{0F325B60-868D-4117-8CCD-38BCCABB7DC1}\SupportTasks\1\Ondersteuning.lnk -> hxxp://www.activision.com/
Shortcut: C:\Users\User\AppData\Local\Microsoft\Windows\GameExplorer\{0F325B60-868D-4117-8CCD-38BCCABB7DC1}\SupportTasks\0\Meer spellen van Microsoft.lnk -> hxxp://www.idsoftware.com/
Shortcut: C:\Users\User\AppData\Local\Microsoft\Windows\GameExplorer\{0AF187E7-E6A1-402E-A901-FDAD22163CAA}\SupportTasks\1\Ondersteuning.lnk -> hxxp://www.support.vugames.com/
Shortcut: C:\Users\User\AppData\Local\Microsoft\Windows\GameExplorer\{0AF187E7-E6A1-402E-A901-FDAD22163CAA}\SupportTasks\0\Meer spellen van Microsoft.lnk -> hxxp://www.whatisfear.com/
Shortcut: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MaxBatch.lnk -> C:\Program Files (x86)\Steam\SteamApps\common\Max Payne\MaxBatch.bat ()
Shortcut: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Simple Port Forwarding\SPF - Basic UI Mode.lnk -> C:\Program Files (x86)\Simple Port Forwarding\basic_ui.bat ()

==================== Geladen Modules (gefilterd) ==============

2013-04-10 20:54 - 2012-03-28 14:49 - 00140456 _____ () C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
2013-05-05 21:42 - 2015-05-17 19:05 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2016-07-19 21:19 - 2016-07-19 21:19 - 00959168 _____ () C:\Users\User\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64\ClientTelemetry.dll
2013-03-31 18:49 - 2011-03-02 12:40 - 00164864 _____ () C:\Program Files\WinRAR\rarext.dll
2010-10-20 15:23 - 2010-10-20 15:23 - 08801632 _____ () C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll
2013-09-05 01:17 - 2013-09-05 01:17 - 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2013-03-18 09:43 - 2013-01-23 23:57 - 01199576 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2016-07-19 21:18 - 2016-07-19 21:18 - 00679624 _____ () C:\Users\User\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\ClientTelemetry.dll
2016-07-19 20:35 - 2016-06-07 03:58 - 00034768 _____ () C:\Users\User\AppData\Roaming\Dropbox\bin\_multiprocessing.pyd
2016-07-19 20:34 - 2016-06-07 03:58 - 00134088 _____ () C:\Users\User\AppData\Roaming\Dropbox\bin\pyexpat.pyd
2016-07-19 20:34 - 2016-06-07 03:59 - 00019408 _____ () C:\Users\User\AppData\Roaming\Dropbox\bin\faulthandler.pyd
2016-07-19 20:34 - 2016-06-07 03:58 - 00116688 _____ () C:\Users\User\AppData\Roaming\Dropbox\bin\pywintypes27.dll
2016-07-19 20:35 - 2016-06-07 03:58 - 00093640 _____ () C:\Users\User\AppData\Roaming\Dropbox\bin\_ctypes.pyd
2016-07-19 20:34 - 2016-06-07 03:58 - 00018376 _____ () C:\Users\User\AppData\Roaming\Dropbox\bin\select.pyd
2016-07-19 20:34 - 2016-07-05 20:00 - 00019760 _____ () C:\Users\User\AppData\Roaming\Dropbox\bin\tornado.speedups.pyd
2016-07-19 20:34 - 2016-06-07 04:00 - 00105928 _____ () C:\Users\User\AppData\Roaming\Dropbox\bin\win32api.pyd
2016-07-19 20:34 - 2016-06-07 03:58 - 00392144 _____ () C:\Users\User\AppData\Roaming\Dropbox\bin\pythoncom27.dll
2016-07-19 20:34 - 2016-07-05 20:00 - 00381752 _____ () C:\Users\User\AppData\Roaming\Dropbox\bin\win32com.shell.shell.pyd
2016-07-19 20:34 - 2016-06-07 03:58 - 00692688 _____ () C:\Users\User\AppData\Roaming\Dropbox\bin\unicodedata.pyd
2016-07-19 20:34 - 2016-07-05 19:59 - 00020816 _____ () C:\Users\User\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._constant_time.pyd
2016-07-19 20:34 - 2016-06-07 03:59 - 00123856 _____ () C:\Users\User\AppData\Roaming\Dropbox\bin\_cffi_backend.pyd
2016-07-19 20:34 - 2016-07-05 19:59 - 01682760 _____ () C:\Users\User\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._openssl.pyd
2016-07-19 20:34 - 2016-07-05 19:59 - 00020808 _____ () C:\Users\User\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._padding.pyd
2016-07-19 20:34 - 2016-07-05 20:00 - 00021840 _____ () C:\Users\User\AppData\Roaming\Dropbox\bin\_cffi_unicode_environ_win32_x8bf8e68bx9968e850.pyd
2016-07-19 20:34 - 2016-07-05 20:00 - 00052024 _____ () C:\Users\User\AppData\Roaming\Dropbox\bin\psutil._psutil_windows.pyd
2016-07-19 20:34 - 2016-07-05 20:00 - 00038696 _____ () C:\Users\User\AppData\Roaming\Dropbox\bin\fastpath.pyd
2016-07-19 20:34 - 2016-06-07 04:00 - 00020936 _____ () C:\Users\User\AppData\Roaming\Dropbox\bin\mmapfile.pyd
2016-07-19 20:34 - 2016-06-07 04:00 - 00024528 _____ () C:\Users\User\AppData\Roaming\Dropbox\bin\win32event.pyd
2016-07-19 20:34 - 2016-06-07 04:00 - 00114640 _____ () C:\Users\User\AppData\Roaming\Dropbox\bin\win32security.pyd
2016-07-19 20:34 - 2016-06-07 04:00 - 00124880 _____ () C:\Users\User\AppData\Roaming\Dropbox\bin\win32file.pyd
2016-07-19 20:34 - 2016-07-05 20:00 - 00021832 _____ () C:\Users\User\AppData\Roaming\Dropbox\bin\_cffi_pywin_kernel32_x64d8f881xc8c369be.pyd
2016-07-19 20:34 - 2016-06-07 04:00 - 00024016 _____ () C:\Users\User\AppData\Roaming\Dropbox\bin\win32clipboard.pyd
2016-07-19 20:34 - 2016-06-07 04:00 - 00175560 _____ () C:\Users\User\AppData\Roaming\Dropbox\bin\win32gui.pyd
2016-07-19 20:34 - 2016-06-07 04:00 - 00030160 _____ () C:\Users\User\AppData\Roaming\Dropbox\bin\win32pipe.pyd
2016-07-19 20:34 - 2016-06-07 04:00 - 00043472 _____ () C:\Users\User\AppData\Roaming\Dropbox\bin\win32process.pyd
2016-07-19 20:34 - 2016-06-07 04:00 - 00048592 _____ () C:\Users\User\AppData\Roaming\Dropbox\bin\win32service.pyd
2016-07-19 20:34 - 2016-07-05 20:00 - 00023872 _____ () C:\Users\User\AppData\Roaming\Dropbox\bin\winffi.kernel32._winffi_kernel32.pyd
2016-07-19 20:34 - 2016-07-05 20:00 - 00026456 _____ () C:\Users\User\AppData\Roaming\Dropbox\bin\dropbox.infinite.win.compiled._driverinstallation.pyd
2016-07-19 20:34 - 2016-06-07 04:00 - 00057808 _____ () C:\Users\User\AppData\Roaming\Dropbox\bin\win32evtlog.pyd
2016-07-19 20:34 - 2016-06-07 04:00 - 00024016 _____ () C:\Users\User\AppData\Roaming\Dropbox\bin\win32profile.pyd
2016-07-19 20:34 - 2016-07-05 19:59 - 00246592 _____ () C:\Users\User\AppData\Roaming\Dropbox\bin\breakpad.client.windows.handler.pyd
2016-07-19 20:34 - 2016-06-07 04:00 - 00028616 _____ () C:\Users\User\AppData\Roaming\Dropbox\bin\win32ts.pyd
2016-07-19 20:34 - 2016-07-05 20:00 - 00020800 _____ () C:\Users\User\AppData\Roaming\Dropbox\bin\winffi.iphlpapi._winffi_iphlpapi.pyd
2016-07-19 20:34 - 2016-07-05 20:00 - 00019776 _____ () C:\Users\User\AppData\Roaming\Dropbox\bin\winffi.winerror._winffi_winerror.pyd
2016-07-19 20:34 - 2016-07-05 20:00 - 00020800 _____ () C:\Users\User\AppData\Roaming\Dropbox\bin\winffi.wininet._winffi_wininet.pyd
2016-07-19 20:35 - 2016-06-07 03:58 - 00134608 _____ () C:\Users\User\AppData\Roaming\Dropbox\bin\_elementtree.pyd
2016-07-19 20:34 - 2016-06-07 03:59 - 00240584 _____ () C:\Users\User\AppData\Roaming\Dropbox\bin\jpegtran.pyd
2016-07-19 20:34 - 2016-07-05 19:59 - 00020280 _____ () C:\Users\User\AppData\Roaming\Dropbox\bin\cpuid.compiled._cpuid.pyd
2016-07-19 20:34 - 2016-07-05 20:00 - 00023376 _____ () C:\Users\User\AppData\Roaming\Dropbox\bin\winscreenshot.compiled._CaptureScreenshot.pyd
2016-07-19 20:34 - 2016-06-07 04:00 - 00350152 _____ () C:\Users\User\AppData\Roaming\Dropbox\bin\winxpgui.pyd
2016-07-19 20:34 - 2016-07-05 20:00 - 00022352 _____ () C:\Users\User\AppData\Roaming\Dropbox\bin\winverifysignature.compiled._VerifySignature.pyd
2016-07-19 20:34 - 2016-07-05 20:00 - 00024392 _____ () C:\Users\User\AppData\Roaming\Dropbox\bin\librsyncffi.compiled._librsyncffi.pyd
2016-07-19 20:34 - 2016-06-07 04:01 - 00036296 _____ () C:\Users\User\AppData\Roaming\Dropbox\bin\librsync.dll
2016-07-19 20:34 - 2016-07-05 20:00 - 00084280 _____ () C:\Users\User\AppData\Roaming\Dropbox\bin\dropbox_sqlite_ext.DLL
2016-07-19 20:34 - 2016-07-05 20:00 - 01826096 _____ () C:\Users\User\AppData\Roaming\Dropbox\bin\PyQt5.QtCore.pyd
2016-07-19 20:34 - 2016-06-07 03:59 - 00083912 _____ () C:\Users\User\AppData\Roaming\Dropbox\bin\sip.pyd
2016-07-19 20:34 - 2016-07-05 20:00 - 03928880 _____ () C:\Users\User\AppData\Roaming\Dropbox\bin\PyQt5.QtWidgets.pyd
2016-07-19 20:34 - 2016-07-05 20:00 - 01971504 _____ () C:\Users\User\AppData\Roaming\Dropbox\bin\PyQt5.QtGui.pyd
2016-07-19 20:34 - 2016-07-05 20:00 - 00531248 _____ () C:\Users\User\AppData\Roaming\Dropbox\bin\PyQt5.QtNetwork.pyd
2016-07-19 20:34 - 2016-07-05 20:00 - 00132912 _____ () C:\Users\User\AppData\Roaming\Dropbox\bin\PyQt5.QtWebKit.pyd
2016-07-19 20:34 - 2016-07-05 20:00 - 00223544 _____ () C:\Users\User\AppData\Roaming\Dropbox\bin\PyQt5.QtWebKitWidgets.pyd
2016-07-19 20:34 - 2016-07-05 20:00 - 00207672 _____ () C:\Users\User\AppData\Roaming\Dropbox\bin\PyQt5.QtPrintSupport.pyd
2016-07-19 20:34 - 2016-06-07 04:00 - 00060880 _____ () C:\Users\User\AppData\Roaming\Dropbox\bin\win32print.pyd
2016-07-19 20:34 - 2016-07-05 20:00 - 00024904 _____ () C:\Users\User\AppData\Roaming\Dropbox\bin\_cffi_wpad_proxy_win_x752e3d61xdcfdcc84.pyd
2016-07-19 20:34 - 2016-07-05 20:00 - 00546096 _____ () C:\Users\User\AppData\Roaming\Dropbox\bin\PyQt5.QtQuick.pyd
2016-07-19 20:34 - 2016-07-05 20:00 - 00357680 _____ () C:\Users\User\AppData\Roaming\Dropbox\bin\PyQt5.QtQml.pyd
2015-11-24 22:48 - 2015-11-24 22:48 - 00028160 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\servicemanager.pyd
2015-11-24 22:46 - 2015-11-24 22:46 - 00110592 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\pywintypes26.dll
2015-11-24 22:48 - 2015-11-24 22:48 - 00041472 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\win32service.pyd
2015-11-24 22:48 - 2015-11-24 22:48 - 00096256 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\win32api.pyd
2015-11-24 22:43 - 2015-11-24 22:43 - 00356864 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\_hashlib.pyd
2015-11-24 22:48 - 2015-11-24 22:48 - 00017920 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\win32event.pyd
2015-11-24 22:48 - 2015-11-24 22:48 - 00019968 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\win32evtlog.pyd
2015-11-24 22:48 - 2015-11-24 22:48 - 00036352 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\win32process.pyd
2015-11-24 22:43 - 2015-11-24 22:43 - 00043008 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\_socket.pyd
2015-11-24 22:43 - 2015-11-24 22:43 - 00805376 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\_ssl.pyd
2015-11-24 22:43 - 2015-11-24 22:43 - 00087040 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\_ctypes.pyd
2015-11-24 22:46 - 2015-11-24 22:46 - 00354304 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\pythoncom26.dll
2015-11-24 22:48 - 2015-11-24 22:48 - 00167936 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\win32gui.pyd
2015-11-24 22:47 - 2015-11-24 22:47 - 01980928 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\PyQt5.QtGui.pyd
2015-12-07 22:57 - 2015-12-07 22:57 - 00077824 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\sip.pyd
2015-11-24 22:47 - 2015-11-24 22:47 - 01862144 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\PyQt5.QtCore.pyd
2015-11-24 22:47 - 2015-11-24 22:47 - 00516608 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\PyQt5.QtNetwork.pyd
2015-11-24 22:47 - 2015-11-24 22:47 - 04060160 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\PyQt5.QtWidgets.pyd
2015-11-24 22:43 - 2015-11-24 22:43 - 00010240 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\select.pyd
2010-11-23 00:56 - 2010-11-23 00:56 - 00087040 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\_ctypes.pyd
2010-11-23 00:56 - 2010-11-23 00:56 - 00043008 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\_socket.pyd
2010-11-23 00:56 - 2010-11-23 00:56 - 00805376 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\_ssl.pyd
2014-05-14 01:26 - 2014-05-14 01:26 - 05812736 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\PyQt4.QtGui.pyd
2014-05-14 01:26 - 2014-05-14 01:26 - 00067584 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\sip.pyd
2014-05-14 01:26 - 2014-05-14 01:26 - 01662464 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\PyQt4.QtCore.pyd
2014-05-14 01:26 - 2014-05-14 01:26 - 00494592 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\PyQt4.QtNetwork.pyd
2010-11-23 00:57 - 2010-11-23 00:57 - 00096256 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\win32api.pyd
2010-11-23 00:56 - 2010-11-23 00:56 - 00110592 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\pywintypes26.dll
2010-11-23 00:56 - 2010-11-23 00:56 - 00010240 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\select.pyd
2010-11-23 00:56 - 2010-11-23 00:56 - 00356864 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\_hashlib.pyd
2010-11-23 00:57 - 2010-11-23 00:57 - 00036352 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\win32process.pyd
2010-11-23 00:57 - 2010-11-23 00:57 - 00111104 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\win32file.pyd
2010-11-23 00:56 - 2010-11-23 00:56 - 00044544 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\_sqlite3.pyd
2011-02-15 20:17 - 2011-02-15 20:17 - 00417501 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\sqlite3.dll
2010-11-23 00:57 - 2010-11-23 00:57 - 00167936 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\win32gui.pyd
2014-05-14 01:26 - 2014-05-14 01:26 - 00313856 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\PyQt4.QtWebKit.pyd
2010-11-23 00:56 - 2010-11-23 00:56 - 00127488 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\pyexpat.pyd
2010-11-23 00:56 - 2010-11-23 00:56 - 00009216 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\winsound.pyd
2015-10-21 22:29 - 2015-10-21 22:29 - 00113171 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\libvlc.dll
2015-10-21 22:29 - 2015-10-21 22:29 - 02396691 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\libvlccore.dll
2010-11-23 00:56 - 2010-11-23 00:56 - 00583680 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\unicodedata.pyd
2010-11-23 00:56 - 2010-11-23 00:56 - 00324608 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\PIL._imaging.pyd
2015-06-27 01:09 - 2015-06-27 01:09 - 00271872 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\amd_ags.dll
2015-11-24 22:43 - 2015-11-24 22:43 - 00044544 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\_sqlite3.pyd
2015-11-24 22:43 - 2015-11-24 22:43 - 00387072 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\sqlite3.dll
2015-10-21 22:29 - 2015-10-21 22:29 - 00113171 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\libvlc.dll
2015-10-21 22:29 - 2015-10-21 22:29 - 02396691 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\libvlccore.dll
2015-11-24 22:48 - 2015-11-24 22:48 - 00111104 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\win32file.pyd
2015-11-24 22:47 - 2015-11-24 22:47 - 00216064 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\PyQt5.QtWebKitWidgets.pyd
2015-11-24 22:47 - 2015-11-24 22:47 - 00118784 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\PyQt5.QtWebKit.pyd
2015-11-24 22:47 - 2015-11-24 22:47 - 00199680 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\PyQt5.QtPrintSupport.pyd
2015-11-24 22:47 - 2015-11-24 22:47 - 00263168 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\win32com.shell.shell.pyd
2015-11-24 22:43 - 2015-11-24 22:43 - 00583680 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\unicodedata.pyd
2015-10-21 22:29 - 2015-10-21 22:29 - 00027667 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\plugins\audio_output\libdirectsound_plugin.dll
2015-10-21 22:29 - 2015-10-21 22:29 - 00031251 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\plugins\audio_output\libwaveout_plugin.dll
2015-10-21 22:29 - 2015-10-21 22:29 - 00066579 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\plugins\video_output\libdirectdraw_plugin.dll
2016-07-21 02:08 - 2016-07-21 02:08 - 02619144 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\ltc_host_ex.DLL
2010-11-23 00:57 - 2010-11-23 00:57 - 00141312 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\gobject._gobject.pyd
2016-04-19 19:08 - 2016-04-19 19:08 - 02717595 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\heliotrope._purple.pyd
2011-02-15 20:17 - 2011-02-15 20:17 - 01213633 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\libxml2-2.dll
2010-11-23 01:06 - 2010-11-23 01:06 - 00055808 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\zlib1.dll
2013-05-10 01:52 - 2013-05-10 01:52 - 00495680 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\plugins\libaim.dll
2013-05-10 01:52 - 2013-05-10 01:52 - 01183699 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\liboscar.dll
2013-05-10 01:52 - 2013-05-10 01:52 - 00483306 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\plugins\libicq.dll
2013-05-03 20:57 - 2013-05-03 20:57 - 00655356 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\plugins\libirc.dll
2013-05-03 20:56 - 2013-05-03 20:56 - 01306387 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\plugins\libmsn.dll
2013-05-03 20:56 - 2013-05-03 20:56 - 00565461 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\plugins\libxmpp.dll
2013-05-03 20:57 - 2013-05-03 20:57 - 01640221 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\libjabber.dll
2013-05-03 20:56 - 2013-05-03 20:56 - 00506276 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\plugins\libyahoo.dll
2013-05-03 20:57 - 2013-05-03 20:57 - 01053730 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\libymsg.dll
2013-05-03 20:57 - 2013-05-03 20:57 - 00497782 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\plugins\libyahoojp.dll
2013-05-03 20:57 - 2013-05-03 20:57 - 00603326 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\plugins\ssl-nss.dll
2013-05-03 20:57 - 2013-05-03 20:57 - 00474199 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\plugins\ssl.dll

==================== Alternate Data Streams (gefilterd) =========

(Als een item is opgenomen in de fixlist, alleen de ADS wordt verwijderd.)


==================== Veilige Modus (gefilterd) ===================

(Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. De "AlternateShell" waarde wordt hersteld.)


==================== Bestandskoppeling (gefilterd) ===============

(Als een item is opgenomen in de fixlist, het registry item zal worden teruggezet naar de standaardwaarden of verwijderd.)


==================== Internet Explorer vertrouwde/beperkte toegang ===============

(Als een item is opgenomen in de fixlist, wordt uit het register verwijderd.)

IE trusted site: HKU\.DEFAULT\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\.DEFAULT\...\freerealms.com -> freerealms.com
IE trusted site: HKU\.DEFAULT\...\soe.com -> soe.com
IE trusted site: HKU\.DEFAULT\...\sony.com -> sony.com
IE trusted site: HKU\S-1-5-19\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\S-1-5-19\...\freerealms.com -> freerealms.com
IE trusted site: HKU\S-1-5-19\...\soe.com -> soe.com
IE trusted site: HKU\S-1-5-19\...\sony.com -> sony.com
IE trusted site: HKU\S-1-5-20\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\S-1-5-20\...\freerealms.com -> freerealms.com
IE trusted site: HKU\S-1-5-20\...\soe.com -> soe.com
IE trusted site: HKU\S-1-5-20\...\sony.com -> sony.com
IE trusted site: HKU\S-1-5-21-2689027922-2357379931-3514953091-1000\...\aeriagames.com -> hxxps://aeriagames.com
IE trusted site: HKU\S-1-5-21-2689027922-2357379931-3514953091-1000\...\aeriagames.com -> hxxp://aeriagames.com
IE trusted site: HKU\S-1-5-21-2689027922-2357379931-3514953091-1000\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\S-1-5-21-2689027922-2357379931-3514953091-1000\...\freerealms.com -> freerealms.com
IE trusted site: HKU\S-1-5-21-2689027922-2357379931-3514953091-1000\...\soe.com -> soe.com
IE trusted site: HKU\S-1-5-21-2689027922-2357379931-3514953091-1000\...\sony.com -> sony.com

==================== Hosts inhoud: ===============================

(Als nodig Hosts: opdracht kan worden opgenomen in de fixlist om Hosts te resetten.)

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts
MentalParadox is offline  
Old 07-25-2016, 04:15 AM   #6
Registered Member
 
MentalParadox's Avatar
 
Join Date: Mar 2013
Location: Brasschaat, Belgium.
Posts: 131
OS: Windows 10 Home, 64bit



Addition part 2:

==================== Andere gebieden ============================

(Momenteel is er geen automatische fix voor dit onderdeel.)

HKU\S-1-5-21-2689027922-2357379931-3514953091-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\User\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 195.130.131.4 - 195.130.130.4
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is ingeschakeld.

==================== MSCONFIG/TASK MANAGER Uitgeschakelde items ==

(Momenteel is er geen automatische fix voor dit onderdeel.)

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Assistent content manager voor PlayStation(R).lnk => C:\Windows\pss\Assistent content manager voor PlayStation(R).lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk => C:\Windows\pss\McAfee Security Scan Plus.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^OculusConfigUtil.lnk => C:\Windows\pss\OculusConfigUtil.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Printkey2000.lnk => C:\Windows\pss\Printkey2000.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^User^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk => C:\Windows\pss\Dropbox.lnk.Startup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Aeria Ignite => "C:\Program Files (x86)\Aeria Games\Ignite\aeriaignite.exe" silent
MSCONFIG\startupreg: Akamai NetSession Interface => "C:\Users\User\AppData\Local\Akamai\netsession_win.exe"
MSCONFIG\startupreg: AlcoholAutomount => "C:\Program Files (x86)\Alcohol Soft\Alcohol 120\axcmd.exe" /automount
MSCONFIG\startupreg: BCSSync => "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
MSCONFIG\startupreg: BDRegion => C:\Program Files (x86)\Cyberlink\Shared files\brs.exe
MSCONFIG\startupreg: BeatsOSDApp => C:\Program Files\IDT\WDM\beats64.exe
MSCONFIG\startupreg: beid => "C:\Program Files (x86)\Belgium Identity Card\beid35gui.exe" /startup
MSCONFIG\startupreg: BitTorrent => "C:\Users\User\AppData\Roaming\BitTorrent\BitTorrent.exe" /MINIMIZED
MSCONFIG\startupreg: CanonQuickMenu => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE /logon
MSCONFIG\startupreg: HydraVisionDesktopManager => "C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe"
MSCONFIG\startupreg: IAStorIcon => "C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe" "C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" 60
MSCONFIG\startupreg: IJNetworkScannerSelectorEX => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe /FORCE
MSCONFIG\startupreg: MSC => "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
MSCONFIG\startupreg: Overwolf => C:\Program Files (x86)\Overwolf\Overwolf.exe -silent
MSCONFIG\startupreg: Raptr => "C:\Program Files (x86)\Raptr\raptrstub.exe" --startup
MSCONFIG\startupreg: RemoteControl10 => "C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"
MSCONFIG\startupreg: Spotify => "C:\Users\User\AppData\Roaming\Spotify\Spotify.exe" -autostart -minimized
MSCONFIG\startupreg: Spotify Web Helper => "C:\Users\User\AppData\Roaming\Spotify\SpotifyWebHelper.exe"
MSCONFIG\startupreg: StartCCC => "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun
MSCONFIG\startupreg: Steam => "C:\Program Files (x86)\Steam\steam.exe" -silent
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: SUPERAntiSpyware => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
MSCONFIG\startupreg: SysTrayApp => C:\Program Files\IDT\WDM\sttray64.exe
MSCONFIG\startupreg: XboxStat => "C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe" silentrun

==================== Firewall regels (gefilterd) ===============

(Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.)

FirewallRules: [{2DDC02A7-7E16-4682-852D-F5DDFD6D2CBF}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD10.EXE
FirewallRules: [{97189963-D4E1-4A47-817D-AD7AC3FAF40B}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{9721B4C2-A590-4587-B82A-031DCB514DE7}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{28A1F113-F932-4297-BD44-C78181AED561}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Deus Ex - Human Revolution\dxhr.exe
FirewallRules: [{B4C77EE8-74B8-48A9-A89A-D98744E3BE22}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Deus Ex - Human Revolution\dxhr.exe
FirewallRules: [{3D1D60A0-2258-47A8-90F7-CEE583987BB3}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Grand Theft Auto 3\gta3.exe
FirewallRules: [{6EBE4CFD-48A9-43A3-B0A8-4C3729E93437}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Grand Theft Auto 3\gta3.exe
FirewallRules: [{30AAD952-FD64-47A8-BA8E-99162E120062}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\DXHRML\dxhrml.exe
FirewallRules: [{82337091-04F6-4479-9FE7-6AEFF4885F61}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\DXHRML\dxhrml.exe
FirewallRules: [{E59E3B5B-FF71-4289-87C4-49339B5FAF2D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dear Esther\dearesther.exe
FirewallRules: [{3C0A71C2-E467-4AAF-8C0F-762497BA4821}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dear Esther\dearesther.exe
FirewallRules: [{B8A1CC5F-6556-414B-B7A7-3BC52D95486D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Final Doom\base\dosbox.exe
FirewallRules: [{8F66E9E7-50FF-433C-9330-4153564A9746}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Final Doom\base\dosbox.exe
FirewallRules: [{5114DF54-0758-4686-A9DE-5403FE340C9F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Bully Scholarship Edition\Bully.exe
FirewallRules: [{ED9F8C27-4503-4911-ADD4-260175569553}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Bully Scholarship Edition\Bully.exe
FirewallRules: [{A1F825B8-FAB2-49E1-965C-1EA2B2D91780}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Braid\braid.exe
FirewallRules: [{BE161BAC-AD51-40AA-A281-E04A071D5C5B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Braid\braid.exe
FirewallRules: [{802FD1D7-13A8-48A8-8336-774718B5B2C9}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\duke nukem forever\System\DukeForever.exe
FirewallRules: [{095F1320-54C1-45F8-8592-960575149F7B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\duke nukem forever\System\DukeForever.exe
FirewallRules: [{EF5A77AA-252F-4E88-A5D1-140EF0F3A649}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Need for Speed Hot Pursuit\NFS11.exe
FirewallRules: [{FD58CE47-52A7-4989-8988-8EECDFB26163}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Need for Speed Hot Pursuit\NFS11.exe
FirewallRules: [{C024F776-4D91-4470-B748-0FC6CA6223FF}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Need for Speed Hot Pursuit\Support\EA Help\Electronic_Arts_Technical_Support.htm
FirewallRules: [{BBCDD061-4399-4C18-8B36-4AC2D9ECC20A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Need for Speed Hot Pursuit\Support\EA Help\Electronic_Arts_Technical_Support.htm
FirewallRules: [{AD91AA15-2A0F-473C-9510-DEA4BCDC51EF}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Aliens vs Predator\AvP_Launcher.exe
FirewallRules: [{4F572AE7-C5E0-4089-BF36-C49C3D490A6B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Aliens vs Predator\AvP_Launcher.exe
FirewallRules: [{6997664D-9EE1-4DEF-9CF2-5576FA2F0A98}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Aliens vs Predator\AvP_DX11.exe
FirewallRules: [{8FEF4B34-4F9A-4A3D-BABC-2816C58BF88A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Aliens vs Predator\AvP_DX11.exe
FirewallRules: [{C59F1198-014C-4947-9EB6-8AAF72C8298E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Aliens vs Predator\AvP.exe
FirewallRules: [{9173DC38-93E5-4CC1-A551-AEF8814A6461}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Aliens vs Predator\AvP.exe
FirewallRules: [{C000F051-CF56-433F-8ECD-1A26FE3667E9}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Quake 4\Quake4.exe
FirewallRules: [{05F8D73C-0F3B-4BC3-B4A5-BABDF4F218EF}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Quake 4\Quake4.exe
FirewallRules: [{E855C477-713E-4363-9925-3322AF5D37D3}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Doom 2\doom2 + mouse.bat
FirewallRules: [{3D77DCAF-30FB-40C0-8478-23B2814BE4CF}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Doom 2\doom2 + mouse.bat
FirewallRules: [{ADCF90D5-5119-4BAA-8F79-24FA0DC36EC4}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Doom 2\doom2.bat
FirewallRules: [{2053A0D8-69D7-4771-9BB1-EE161E1D9203}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Doom 2\doom2.bat
FirewallRules: [{40BCEFD5-1654-45D1-9C0F-EC34A9F5FBD5}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Ultimate Doom\base\dosbox.exe
FirewallRules: [{4C98B8F9-5D0D-4F36-AA0D-47A947A7D0CE}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Ultimate Doom\base\dosbox.exe
FirewallRules: [{04C479C6-F3B1-45F1-880E-CF7144ED7915}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Limbo\limbo.exe
FirewallRules: [{BAF7C269-5A66-405C-B49E-80C17E7C1A93}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Limbo\limbo.exe
FirewallRules: [{C4B4E63B-DDF8-4F1D-A0AC-56E19B8B8715}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{06790FD2-C1A7-4042-ADDA-26DF797A8D40}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{DF35957A-D7E2-4820-9D11-BB27F7E5B554}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\saints row the third\saintsrowthethird.exe
FirewallRules: [{A8D1B638-A401-40CD-9DE2-5440511E42D0}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\saints row the third\saintsrowthethird.exe
FirewallRules: [{9F99BFFC-744E-46BC-950F-961C95C1832E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\saints row the third\saintsrowthethird_dx11.exe
FirewallRules: [{A5C8A561-3AFF-445E-822D-EEF08494329C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\saints row the third\saintsrowthethird_dx11.exe
FirewallRules: [{10C58C98-38AA-4C6F-AFAC-7D2C47CFBA07}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{84A8ECC0-3D76-47D6-9A5A-1605411D1477}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [TCP Query User{936B7212-214C-43B0-9C4A-5EEB912183B5}C:\program files (x86)\steam\steamapps\kortsluiting_tim\counter-strike source\hl2.exe] => (Allow) C:\program files (x86)\steam\steamapps\kortsluiting_tim\counter-strike source\hl2.exe
FirewallRules: [UDP Query User{E9D29179-4A16-4958-AF7C-627D88BE4C1C}C:\program files (x86)\steam\steamapps\kortsluiting_tim\counter-strike source\hl2.exe] => (Allow) C:\program files (x86)\steam\steamapps\kortsluiting_tim\counter-strike source\hl2.exe
FirewallRules: [{400D206E-F2AC-4566-8E0B-C11895D5B4AB}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{783B8D98-7130-43BE-A1F8-BFC6B4E32525}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Grand Theft Auto Vice City\gta-vc.exe
FirewallRules: [{674C46D3-594A-44FD-8592-9114EE907504}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Grand Theft Auto Vice City\gta-vc.exe
FirewallRules: [{A5B9A2E5-2367-4ED2-A399-D731A0E079B2}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Serious Sam Classic The First Encounter\Bin\SeriousSam.exe
FirewallRules: [{BE9E4C48-5325-429B-BA1F-3621D6651EFD}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Serious Sam Classic The First Encounter\Bin\SeriousSam.exe
FirewallRules: [{EC396768-EA22-41E0-977E-BAE34187A8B3}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Serious Sam Classic The First Encounter\Bin\SeriousEditor.exe
FirewallRules: [{F960191A-6456-48D3-A96F-4CFC78E14800}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Serious Sam Classic The First Encounter\Bin\SeriousEditor.exe
FirewallRules: [{67EBCB17-FE41-4CBD-8D27-973FBA72C22E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Serious Sam Classic The First Encounter\Bin\SeriousModeler.exe
FirewallRules: [{E60A3741-AD15-4772-826D-B97043230EE0}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Serious Sam Classic The First Encounter\Bin\SeriousModeler.exe
FirewallRules: [{7B4FA25B-0BDA-421D-B0BB-B6E8A6D693AA}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Stalker Call of Pripyat\Stalker-COP.exe
FirewallRules: [{823E7C5F-2F32-402C-BC4C-1CABD48DD445}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Stalker Call of Pripyat\Stalker-COP.exe
FirewallRules: [{C534C926-6DCC-4038-960F-40AEA1F76E3D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\L.A.Noire\LANLauncher.exe
FirewallRules: [{261713AC-6156-48C6-90EB-4CD7341E9735}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\L.A.Noire\LANLauncher.exe
FirewallRules: [{0AC36C7F-2DA3-4B40-A635-25B646ADCE7E}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{71E091A8-4377-4A10-A5BE-DA3C76DCE43D}] => (Allow) C:\Users\User\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{5315B6E8-BB69-48A0-84C3-DD4B371F5E0D}] => (Allow) C:\Users\User\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{731B1DD1-D46F-4B67-ABC1-C5A7BB2A0AA0}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [TCP Query User{28837AB2-3EE3-45FD-9766-2443D24731D0}C:\users\user\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\user\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [UDP Query User{945605BF-3030-427B-9CBC-F431A9D0EA54}C:\users\user\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\user\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [{9F3D10BA-EB1E-4584-B39E-C90CCA20C759}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\DiRT 3\dirt3.exe
FirewallRules: [{13970BC4-6075-451D-9F8C-D8A340AE1571}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\DiRT 3\dirt3.exe
FirewallRules: [{A78D0056-BC12-46BD-989D-1C0E8B5E7C90}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Far Cry 3 Blood Dragon\bin\fc3_blooddragon.exe
FirewallRules: [{AA303ABF-BBC0-4022-9360-17F8F3C0F7A1}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Far Cry 3 Blood Dragon\bin\fc3_blooddragon.exe
FirewallRules: [{E615E4F3-51AD-477E-8EE1-C2717373401A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Far Cry 3 Blood Dragon\bin\fc3_blooddragon_d3d11.exe
FirewallRules: [{714E6230-1795-4E19-B88E-AC47E97767A8}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Far Cry 3 Blood Dragon\bin\fc3_blooddragon_d3d11.exe
FirewallRules: [{114195C2-47A6-4977-9173-ED69FB2D0979}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Grand Theft Auto San Andreas\gta-sa.exe
FirewallRules: [{C2C0DD1E-86C9-4A79-A455-8BBC449F2DCB}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Grand Theft Auto San Andreas\gta-sa.exe
FirewallRules: [{D71B861D-48E7-42E8-B237-33D48F09C274}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Grand Theft Auto IV\GTAIV\LaunchGTAIV.exe
FirewallRules: [{77D10C65-ABDC-40C1-9203-F32919234F1D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Grand Theft Auto IV\GTAIV\LaunchGTAIV.exe
FirewallRules: [{EBBCF538-4AFA-4B15-90BB-74D3645A9F0D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Far Cry 3\bin\FC3UpdaterSteam.exe
FirewallRules: [{BDE2B9DA-B09F-4327-A4A9-4F0186992933}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Far Cry 3\bin\FC3UpdaterSteam.exe
FirewallRules: [{EF3FE84A-2B25-408C-AFC1-20895B9E4750}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Far Cry 3\bin\farcry3.exe
FirewallRules: [{735C4AD8-6A1B-4696-BD8A-08C356C86729}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Far Cry 3\bin\farcry3.exe
FirewallRules: [{867092BB-3113-403A-8409-77D124C77A15}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Far Cry 3\bin\farcry3_d3d11.exe
FirewallRules: [{2CB59698-B8B5-47A1-9E7E-B8071826C3D4}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Far Cry 3\bin\farcry3_d3d11.exe
FirewallRules: [{C369C678-DB4B-467D-AFE6-9BF70EDA545B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\mirrors edge\Binaries\MirrorsEdge.exe
FirewallRules: [{7901AE9B-2CDC-410E-B713-7D3AAC753244}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\mirrors edge\Binaries\MirrorsEdge.exe
FirewallRules: [{FFA17563-52DC-43A4-95BB-F187E5B5933C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\mirrors edge\Support\EA Help\Electronic_Arts_Technical_Support.htm
FirewallRules: [{3AA55091-7AA4-4970-AA73-923ADB8D34CA}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\mirrors edge\Support\EA Help\Electronic_Arts_Technical_Support.htm
FirewallRules: [{D52571F2-4D9C-476C-9B56-63552A6D4320}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Arcania Gothic 4\Arcania.exe
FirewallRules: [{3E150FCC-87AB-4C0D-900D-765B27417543}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Arcania Gothic 4\Arcania.exe
FirewallRules: [{442D8436-4050-4F8F-B098-BB4533245F2C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\saints row the third\game_launcher.exe
FirewallRules: [{8D3F1D16-DB20-47FD-ACAD-EBC35F67E834}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\saints row the third\game_launcher.exe
FirewallRules: [TCP Query User{6F305182-A7A1-40FE-979F-DE25AEFE5CB4}C:\program files (x86)\steam\steamapps\common\grand theft auto iv\gtaiv\gtaiv.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\grand theft auto iv\gtaiv\gtaiv.exe
FirewallRules: [UDP Query User{544ADF98-0F7F-494E-A823-4DBFD0508192}C:\program files (x86)\steam\steamapps\common\grand theft auto iv\gtaiv\gtaiv.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\grand theft auto iv\gtaiv\gtaiv.exe
FirewallRules: [{9D083F8C-1A88-40E2-A96A-D52C4CFDB9EF}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Grand Theft Auto IV Episodes from Liberty City\EFLC\LaunchEFLC.exe
FirewallRules: [{2B017B07-CF8F-45AC-A210-CC5AE4D242E0}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Grand Theft Auto IV Episodes from Liberty City\EFLC\LaunchEFLC.exe
FirewallRules: [TCP Query User{0B966C3D-FBA4-46B0-B8B2-01EA83FE3127}C:\program files (x86)\steam\steamapps\common\grand theft auto iv episodes from liberty city\eflc\eflc.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\grand theft auto iv episodes from liberty city\eflc\eflc.exe
FirewallRules: [UDP Query User{8B939160-39B0-4E69-A3EB-E985B3F00ED8}C:\program files (x86)\steam\steamapps\common\grand theft auto iv episodes from liberty city\eflc\eflc.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\grand theft auto iv episodes from liberty city\eflc\eflc.exe
FirewallRules: [{80E8D6FB-CBA6-45DB-8CEB-50F0CC321BC6}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [TCP Query User{15D025EC-E544-4A95-AC63-C1A9D9E78121}C:\program files (x86)\steam\steamapps\common\dirt 3\dirt3_game.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\dirt 3\dirt3_game.exe
FirewallRules: [UDP Query User{038E9D59-269F-4A1D-A121-27B4CD954036}C:\program files (x86)\steam\steamapps\common\dirt 3\dirt3_game.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\dirt 3\dirt3_game.exe
FirewallRules: [{5B790005-85FB-40B4-9702-0F835D2402D3}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\FarCry\Bin32\FarCry.exe
FirewallRules: [{1D155D42-2DFB-442C-AAED-36A9F2222620}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\FarCry\Bin32\FarCry.exe
FirewallRules: [{89A6005D-B9FF-44A3-B26A-280FBE7DC51D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\FarCry\Bin32\FarCryConfigurator.exe
FirewallRules: [{34045A4C-6185-4A11-B691-266276E969ED}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\FarCry\Bin32\FarCryConfigurator.exe
FirewallRules: [{877D8FF8-7368-4E01-B706-E8981421D0AF}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Test Drive Unlimited 2\UpLauncher.exe
FirewallRules: [{6DA03E26-F858-4D55-B3CC-24F8949B7E9E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Test Drive Unlimited 2\UpLauncher.exe
FirewallRules: [TCP Query User{88437009-CAFA-4D9D-8986-D48FCAE0E242}C:\program files (x86)\steam\steamapps\common\test drive unlimited 2\_uplauncher.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\test drive unlimited 2\_uplauncher.exe
FirewallRules: [UDP Query User{FA86F561-9535-405F-89A5-433FE6B5E4C9}C:\program files (x86)\steam\steamapps\common\test drive unlimited 2\_uplauncher.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\test drive unlimited 2\_uplauncher.exe
FirewallRules: [TCP Query User{022C96B2-F1FE-497F-A64D-998FA9733A94}C:\program files (x86)\steam\steamapps\common\test drive unlimited 2\testdrive2.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\test drive unlimited 2\testdrive2.exe
FirewallRules: [UDP Query User{D109077E-E95C-49C7-9F61-DD55B96788BE}C:\program files (x86)\steam\steamapps\common\test drive unlimited 2\testdrive2.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\test drive unlimited 2\testdrive2.exe
FirewallRules: [{0A126146-95A1-4F9A-829F-F9A1BED62044}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\left 4 dead\left4dead.exe
FirewallRules: [{A38E6C37-D6DB-48EE-9CE8-564B0B01B841}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\left 4 dead\left4dead.exe
FirewallRules: [TCP Query User{BCA16E04-4A14-4670-AB0D-1AC66447378B}C:\program files (x86)\steam\steamapps\common\left 4 dead\left4dead.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\left 4 dead\left4dead.exe
FirewallRules: [UDP Query User{99719FF1-1D7D-474B-A83F-ED8D6285ED84}C:\program files (x86)\steam\steamapps\common\left 4 dead\left4dead.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\left 4 dead\left4dead.exe
FirewallRules: [TCP Query User{33F90606-D25E-44CD-BFBC-7341883BD672}C:\users\user\appdata\local\temp\gw2.exe] => (Allow) C:\users\user\appdata\local\temp\gw2.exe
FirewallRules: [UDP Query User{04DA68C7-700E-4888-BD1B-E425A860123E}C:\users\user\appdata\local\temp\gw2.exe] => (Allow) C:\users\user\appdata\local\temp\gw2.exe
FirewallRules: [TCP Query User{8CB9FF33-5F99-42F2-AD55-91DD9ECD5DD8}C:\program files (x86)\guild wars 2\gw2.exe] => (Allow) C:\program files (x86)\guild wars 2\gw2.exe
FirewallRules: [UDP Query User{3A0E080A-42EA-408B-852F-C984201FB5BE}C:\program files (x86)\guild wars 2\gw2.exe] => (Allow) C:\program files (x86)\guild wars 2\gw2.exe
FirewallRules: [TCP Query User{7C81CCE8-0706-48BA-936D-ED2AB87269A4}C:\program files (x86)\steam\steamapps\common\f1 2010\f1_2010_game.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\f1 2010\f1_2010_game.exe
FirewallRules: [UDP Query User{D2B7C466-4FEB-415A-9DA4-FCAF01DFBEE9}C:\program files (x86)\steam\steamapps\common\f1 2010\f1_2010_game.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\f1 2010\f1_2010_game.exe
FirewallRules: [{5B80A997-5C6E-46BF-ADED-E2A4F807ED04}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\MotoGP 13 Demo\MotoGP13.exe
FirewallRules: [{5F878606-6258-46FA-869C-407EACE74D9B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\MotoGP 13 Demo\MotoGP13.exe
FirewallRules: [{A5C0DC4E-8D22-4E63-B595-A08A45D67A01}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Far Cry 3 Blood Dragon\bin\FC3BDUpdaterSteam.exe
FirewallRules: [{E63171B9-7D84-4520-9225-3A5CBA754039}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Far Cry 3 Blood Dragon\bin\FC3BDUpdaterSteam.exe
FirewallRules: [{F8CBBDA0-40C5-4D5F-A244-62C928958D32}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The War Z\WarZlauncher.exe
FirewallRules: [{A8B6AB10-8620-400D-88F4-47DC50CE7A1D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The War Z\WarZlauncher.exe
FirewallRules: [TCP Query User{2681315B-FFE4-41EB-BD9B-F03CB433C130}C:\program files (x86)\steam\steamapps\common\the war z\infestation.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\the war z\infestation.exe
FirewallRules: [UDP Query User{C748A9EF-5633-4EBD-A6DD-21522AB59D30}C:\program files (x86)\steam\steamapps\common\the war z\infestation.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\the war z\infestation.exe
FirewallRules: [TCP Query User{F03AB6A6-1265-4119-801A-A36512B67160}C:\program files (x86)\bethesda softworks\dishonored\binaries\win32\dishonored.exe] => (Allow) C:\program files (x86)\bethesda softworks\dishonored\binaries\win32\dishonored.exe
FirewallRules: [UDP Query User{74DCD27D-C335-47AA-AC6D-460C473B64B9}C:\program files (x86)\bethesda softworks\dishonored\binaries\win32\dishonored.exe] => (Allow) C:\program files (x86)\bethesda softworks\dishonored\binaries\win32\dishonored.exe
FirewallRules: [TCP Query User{31F839CA-F54D-4B34-9C76-C74B0CC05AF2}C:\program files (x86)\outerra\anteworld\outerra.exe] => (Allow) C:\program files (x86)\outerra\anteworld\outerra.exe
FirewallRules: [UDP Query User{ECE2D6C8-2E94-4140-B3B9-F6D17109B01C}C:\program files (x86)\outerra\anteworld\outerra.exe] => (Allow) C:\program files (x86)\outerra\anteworld\outerra.exe
FirewallRules: [TCP Query User{E677172F-20A2-4F6E-9C75-76909F9D13E2}C:\program files (x86)\mortal kombat komplete edition\disccontentpc\mkke.exe] => (Allow) C:\program files (x86)\mortal kombat komplete edition\disccontentpc\mkke.exe
FirewallRules: [UDP Query User{55389E7A-6180-411D-A732-8BF6C2CF64D3}C:\program files (x86)\mortal kombat komplete edition\disccontentpc\mkke.exe] => (Allow) C:\program files (x86)\mortal kombat komplete edition\disccontentpc\mkke.exe
FirewallRules: [TCP Query User{CAAE0135-225B-4FB2-A69D-545E8DF06E25}C:\program files (x86)\resident evil 6\bh6.exe] => (Allow) C:\program files (x86)\resident evil 6\bh6.exe
FirewallRules: [UDP Query User{BD973B7D-82C3-4641-945F-3F5707DDCB7B}C:\program files (x86)\resident evil 6\bh6.exe] => (Allow) C:\program files (x86)\resident evil 6\bh6.exe
FirewallRules: [TCP Query User{860A5DD9-B5A9-44DC-A6FE-24FEFEFDD8FD}C:\program files (x86)\resident evil 6\bh6.exe] => (Allow) C:\program files (x86)\resident evil 6\bh6.exe
FirewallRules: [UDP Query User{0350EE94-0071-42A2-BE89-856BAC8E67B4}C:\program files (x86)\resident evil 6\bh6.exe] => (Allow) C:\program files (x86)\resident evil 6\bh6.exe
FirewallRules: [TCP Query User{24995E74-9092-479E-B170-6722514F7BE3}C:\program files (x86)\saints row iv\saintsrowiv.exe] => (Allow) C:\program files (x86)\saints row iv\saintsrowiv.exe
FirewallRules: [UDP Query User{D452A7FB-DB62-4CE4-83D3-B54ACBB475DB}C:\program files (x86)\saints row iv\saintsrowiv.exe] => (Allow) C:\program files (x86)\saints row iv\saintsrowiv.exe
FirewallRules: [TCP Query User{3EDCCB89-FE29-4615-BDBF-FDDC55E3A984}C:\program files (x86)\saints row iv\saintsrowiv.exe] => (Allow) C:\program files (x86)\saints row iv\saintsrowiv.exe
FirewallRules: [UDP Query User{96DF1603-D84D-473C-9331-7E54B6890D12}C:\program files (x86)\saints row iv\saintsrowiv.exe] => (Allow) C:\program files (x86)\saints row iv\saintsrowiv.exe
FirewallRules: [{A5BE5516-A8E5-4B33-BEB5-2FAD34060079}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\STALKER Shadow of Chernobyl\bin\XR_3DA.exe
FirewallRules: [{4B7B92B5-3B13-4387-9A67-C33D89E664D5}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\STALKER Shadow of Chernobyl\bin\XR_3DA.exe
FirewallRules: [TCP Query User{53BE9A15-56F6-426F-9DA4-71B79C87C81D}C:\program files (x86)\medal of honor warfighter\mohw.exe] => (Allow) C:\program files (x86)\medal of honor warfighter\mohw.exe
FirewallRules: [UDP Query User{321E50AB-15F3-4A14-9CD9-692095965C2A}C:\program files (x86)\medal of honor warfighter\mohw.exe] => (Allow) C:\program files (x86)\medal of honor warfighter\mohw.exe
FirewallRules: [{9329D70B-53DA-4C51-9126-F58380A8AA06}] => (Allow) C:\Users\User\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{9B55BA4C-E16C-4FC9-81B3-7499F585BEE6}] => (Allow) C:\Users\User\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{65F78D57-FC4A-42C1-A219-C1B4EC2B2ADF}] => (Allow) C:\Program Files (x86)\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe
FirewallRules: [{A205C0EC-C664-4B20-9E36-9E6400C26CEF}] => (Allow) C:\Program Files (x86)\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe
FirewallRules: [{36FE19C5-A4C3-463A-AF00-CBBF86751A5B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\SpecOps_TheLine\Binaries\Win32\SpecOpsTheLine.exe
FirewallRules: [{2DDFC2F2-7E01-46D2-BB86-18317C045F71}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\SpecOps_TheLine\Binaries\Win32\SpecOpsTheLine.exe
FirewallRules: [{53E1603F-8FB7-42B4-9B39-95F6779427DE}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Saints Row IV Inauguration Station\SaintsRowIV_InaugurationStation.exe
FirewallRules: [{2438001D-238C-402D-B4F4-A62F2222ACF3}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Saints Row IV Inauguration Station\SaintsRowIV_InaugurationStation.exe
FirewallRules: [TCP Query User{0DC37695-397B-459F-9377-E3F309095F33}C:\program files (x86)\bitcoin\bitcoin-qt.exe] => (Allow) C:\program files (x86)\bitcoin\bitcoin-qt.exe
FirewallRules: [UDP Query User{89BD7344-8C3A-4F37-8EAD-D4F17A12ED9A}C:\program files (x86)\bitcoin\bitcoin-qt.exe] => (Allow) C:\program files (x86)\bitcoin\bitcoin-qt.exe
FirewallRules: [TCP Query User{52F8199A-E04B-4902-9962-F68A7AB9316C}C:\program files (x86)\easy miner\bfgminer\bfgminer.exe] => (Allow) C:\program files (x86)\easy miner\bfgminer\bfgminer.exe
FirewallRules: [UDP Query User{C391E565-9EEE-4E96-A6D2-7FFF3B8A9807}C:\program files (x86)\easy miner\bfgminer\bfgminer.exe] => (Allow) C:\program files (x86)\easy miner\bfgminer\bfgminer.exe
FirewallRules: [{0805BF5F-78D5-48FE-9022-2270D64988D7}] => (Allow) C:\Program Files (x86)\Simple Port Forwarding\spf.exe
FirewallRules: [{FB4CD4A4-1D0F-4DA2-BF75-C65D46AEB644}] => (Allow) C:\Program Files (x86)\Simple Port Forwarding\spf.exe
FirewallRules: [{C60E92C8-E752-4532-AEE9-F14EE284497C}] => (Allow) C:\Program Files (x86)\Simple Port Forwarding\spf.exe
FirewallRules: [{E1A27CC3-70B9-4537-9AC2-33F797CADADA}] => (Allow) C:\Program Files (x86)\Simple Port Forwarding\spf.exe
FirewallRules: [TCP Query User{1A4CC29D-237D-4857-910D-526AF25610CD}C:\users\user\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\user\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{71CEA31A-4E57-41CD-8274-E01301CEFF20}C:\users\user\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\user\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{8D9A4043-7DE8-4B4C-A891-C9949F92A8E0}C:\users\user\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\user\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{BE8C7002-93EF-4DF7-85DB-1AF112D40E89}C:\users\user\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\user\appdata\roaming\spotify\spotify.exe
FirewallRules: [{0D9EB4EB-AE6E-47E8-B5BA-ACA3210F7555}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Serious Sam HD The First Encounter\Bin\SamHD.exe
FirewallRules: [{F7DF5D79-9136-4D4F-8F6B-477E7D13E771}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Serious Sam HD The First Encounter\Bin\SamHD.exe
FirewallRules: [{577BBB21-DF68-4FF8-A8E8-FBCB581A92CC}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Serious Sam HD The Second Encounter\Bin\SamHD_TSE.exe
FirewallRules: [{3D37B466-24E5-4349-A2D8-D8094CC37722}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Serious Sam HD The Second Encounter\Bin\SamHD_TSE.exe
FirewallRules: [{D293EE5E-1397-4FED-923F-E874E7F4E297}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Serious Sam HD The Second Encounter\Bin\SamHD_TSE_Unrestricted.exe
FirewallRules: [{79F38C5A-CE3A-42BF-8DA0-58D997F483B5}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Serious Sam HD The Second Encounter\Bin\SamHD_TSE_Unrestricted.exe
FirewallRules: [{A2DCCDA3-1C77-4B75-AF93-4090E202E8E0}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\kortsluiting_tim\garrysmod\hl2.exe
FirewallRules: [{47F0B566-8665-4A42-A81B-8DC43D97633A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\kortsluiting_tim\garrysmod\hl2.exe
FirewallRules: [{6F812068-2813-429A-B16F-D81EF7BDA548}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Half-Life 2\hl2.exe
FirewallRules: [{B92A5553-A77D-4A2B-A6F9-EDE321B66C29}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Half-Life 2\hl2.exe
FirewallRules: [{EBDBE44B-06E4-49C7-A7DE-F82209360FA3}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\MovieWriterPro\MovieWriterPro.exe
FirewallRules: [{E457E547-35B2-41FA-8639-97E7C22DFB9D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\MovieWriterPro\MovieWriterPro.exe
FirewallRules: [{E884D3BE-0AB5-4155-8DDF-9758046384E7}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\hl2.exe
FirewallRules: [{347D94C0-45EB-4E97-8888-9FED1436EE0E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\hl2.exe
FirewallRules: [{9AEA1114-7B46-4063-8E8F-F849231CA51D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Alan Wake\AlanWake.exe
FirewallRules: [{252EC3D6-C522-47EF-AE8C-DAF6E21E780B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Alan Wake\AlanWake.exe
FirewallRules: [{E4F97230-3E0A-421D-B5A6-1BFEDD62C814}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Serious Sam 3\Bin\Sam3.exe
FirewallRules: [{C19649DE-8FBE-4B71-B3B9-0C3991F458B1}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Serious Sam 3\Bin\Sam3.exe
FirewallRules: [{AB080F42-728F-474D-B3C2-9B730027E113}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Serious Sam 3\Bin\Sam3_Unrestricted.exe
FirewallRules: [{788C7A8D-09DF-478E-8395-D3F077E99DB6}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Serious Sam 3\Bin\Sam3_Unrestricted.exe
FirewallRules: [{70BE135D-0B19-4C1D-8DA8-DEAB41C36CAA}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\hl2.exe
FirewallRules: [{4CFDBB05-56E6-432D-8BA5-2DFA4C126CFC}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\hl2.exe
FirewallRules: [{73840418-B414-491D-AF6A-5D4B645F7C95}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Resident Evil 5\Launcher.exe
FirewallRules: [{2CDDDBE5-A8E1-4BFB-A6A3-DA49A4C00447}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Resident Evil 5\Launcher.exe
FirewallRules: [{C53D7053-71EA-4649-A533-B97697A673A7}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Shadow Warrior\sw.exe
FirewallRules: [{945614A5-E7E0-41DE-97AB-B8618662C500}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Shadow Warrior\sw.exe
FirewallRules: [{887BF446-93D4-44B4-9AC2-A571C2947394}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Shadow Warrior\sw.exe
FirewallRules: [{EBB1C622-34BA-4CA3-ACC2-162C1F09DCEB}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Shadow Warrior\sw.exe
FirewallRules: [{379EAA60-D938-4919-85EB-66C286E584D1}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Serious Sam 3\Bin\Sam3.exe
FirewallRules: [{E607DFA5-258A-4F7A-A651-86BB1552CDEE}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Serious Sam 3\Bin\Sam3.exe
FirewallRules: [{D3985A95-4F83-4EE0-8CF1-ECD0D03F4B74}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Serious Sam 3\Bin\Sam3_Unrestricted.exe
FirewallRules: [{F831E937-CD14-4A76-83DC-8704D7013A7C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Serious Sam 3\Bin\Sam3_Unrestricted.exe
FirewallRules: [TCP Query User{D7D122C8-5599-4EE3-8697-0C5EC5C68E49}C:\program files (x86)\steam\steamapps\common\resident evil 5\re5dx10.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\resident evil 5\re5dx10.exe
FirewallRules: [UDP Query User{2F4DC199-D6D6-4864-B349-C87F879F8862}C:\program files (x86)\steam\steamapps\common\resident evil 5\re5dx10.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\resident evil 5\re5dx10.exe
FirewallRules: [{BB199D52-6714-463B-AD02-7F5439E49359}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\MovieWriterPro\MovieWriterPro.exe
FirewallRules: [{A78DD98B-38F9-4512-904C-BD05D4859818}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\MovieWriterPro\MovieWriterPro.exe
FirewallRules: [TCP Query User{55E297E4-B52F-401A-8F76-F55F35BEED10}C:\users\user\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\user\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{A2EA35F5-419B-475A-8535-5A96655814E4}C:\users\user\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\user\appdata\local\akamai\netsession_win.exe
FirewallRules: [{962D3AF4-FF3C-4066-BC1B-8EFC3F28BD18}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\SleepingDogs\HKShip.exe
FirewallRules: [{1B93F111-44AB-46C7-AEBC-B48FB4570459}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\SleepingDogs\HKShip.exe
FirewallRules: [{FDBC6184-D577-4B43-B90F-C7904AD3DCCC}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Max Payne 3\Max Payne 3\MaxPayne3.exe
FirewallRules: [{FF632282-8549-4328-91FF-775768F245DC}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Max Payne 3\Max Payne 3\MaxPayne3.exe
FirewallRules: [{A440E446-4B4D-432E-8F96-D703F53E63F7}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Max Payne\maxpayne.exe
FirewallRules: [{9602C76E-6318-42B1-B36B-4BFD4E405C02}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Max Payne\maxpayne.exe
FirewallRules: [TCP Query User{8DDE1C4B-CABF-4332-A15F-241F61DC6370}C:\users\user\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\user\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{6117F057-A5CD-49ED-85D5-583B4CE3A6BF}C:\users\user\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\user\appdata\local\akamai\netsession_win.exe
FirewallRules: [TCP Query User{A81E0C6E-AAF7-423C-8516-80FA41CA7B39}C:\program files (x86)\tera\tera-launcher.exe] => (Allow) C:\program files (x86)\tera\tera-launcher.exe
FirewallRules: [UDP Query User{96FB39AE-C3AA-47E5-8A3D-7F8FF87556E9}C:\program files (x86)\tera\tera-launcher.exe] => (Allow) C:\program files (x86)\tera\tera-launcher.exe
FirewallRules: [{3F1C4BCC-7A22-49D5-BA4A-CCF91F78A7AB}] => (Allow) C:\Program Files (x86)\TERA NA\TERA-Launcher.exe
FirewallRules: [{1C5F3C92-9B6F-46CE-A080-879D2EDE56BA}] => (Allow) C:\Program Files (x86)\TERA NA\TERA-Launcher.exe
FirewallRules: [{B39C18D5-79BD-4789-AE58-2B08504DF93B}] => (Allow) C:\Program Files (x86)\TERA NA\TERA-Launcher.exe
FirewallRules: [{5DBA3655-6549-46C6-9EB0-8578F219F2AB}] => (Allow) C:\Program Files (x86)\TERA NA\TERA-Launcher.exe
FirewallRules: [{FA92C626-CCA4-46FF-9955-F9701C5C43CA}] => (Allow) C:\Program Files (x86)\TERA NA\Client\TERA.exe
FirewallRules: [{36063DF7-F80F-4D9A-A6CB-A6610DCB9BF5}] => (Allow) C:\Program Files (x86)\TERA NA\Client\TERA.exe
FirewallRules: [{8BED5A6A-5942-4E1C-96B5-2D82682F4145}] => (Allow) C:\Program Files (x86)\TERA NA\Client\TERA.exe
FirewallRules: [{5B355C0B-3967-4713-8CB6-309C121AABB6}] => (Allow) C:\Program Files (x86)\TERA NA\Client\TERA.exe
FirewallRules: [{7BE449A1-DADD-4027-A2E1-D90D0AC628CE}] => (Allow) C:\Program Files (x86)\TERA NA\Client\TL.exe
FirewallRules: [{8A34FAC3-603B-4598-A93B-121670FC341A}] => (Allow) C:\Program Files (x86)\TERA NA\Client\TL.exe
FirewallRules: [{5D3C5E37-7C7A-4E05-81E9-50266C4457B0}] => (Allow) C:\Program Files (x86)\TERA NA\Client\TL.exe
FirewallRules: [{53C40385-6A39-4D06-8143-0A45933B33F8}] => (Allow) C:\Program Files (x86)\TERA NA\Client\TL.exe
FirewallRules: [{18DD442B-262C-47CF-A3FC-9C74C328E1B6}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Portal 2\portal2.exe
FirewallRules: [{F1962C91-F5AA-4012-8936-681C5EF7C3E2}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Portal 2\portal2.exe
FirewallRules: [{31768371-99A4-49E5-8CE0-3F227C4D9E25}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Portal\hl2.exe
FirewallRules: [{8EFBD27F-2FBA-419F-9C23-FFFCD5F250AD}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Portal\hl2.exe
FirewallRules: [{CAAC19CE-3B78-4E1C-AA41-6FA0A6154DA4}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\BioShock Infinite\Binaries\Win32\BioShockInfinite.exe
FirewallRules: [{3FCF4FB5-C0FC-4099-A6CB-5F52624461B4}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\BioShock Infinite\Binaries\Win32\BioShockInfinite.exe
FirewallRules: [{CE558D0A-A93B-474C-9CA8-6BD658965B1D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\DayZ\DayZ.exe
FirewallRules: [{6DCC2A81-8EBD-4BD3-8421-56A350226FB9}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\DayZ\DayZ.exe
FirewallRules: [{6B51303B-3CD4-466C-A86B-701FA983ECD7}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\NASCAR The Game 2013\bin\NTG2013.exe
FirewallRules: [{7DD75FE7-7A83-459C-99C5-A1EDC5D86B32}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\NASCAR The Game 2013\bin\NTG2013.exe
FirewallRules: [{3F4E0653-FCF7-48C8-9F95-C363578E7A4D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Age of Conan\ConanPatcher.exe
FirewallRules: [{705DED0C-8FFB-41CA-B924-06D843272F70}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Age of Conan\ConanPatcher.exe
FirewallRules: [TCP Query User{AA644433-6F05-4FB8-8949-2242ABB5CF13}C:\program files (x86)\steam\steamapps\common\age of conan\ageofconan.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\age of conan\ageofconan.exe
FirewallRules: [UDP Query User{1A985565-401E-4C85-8892-65B28F67EE0D}C:\program files (x86)\steam\steamapps\common\age of conan\ageofconan.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\age of conan\ageofconan.exe
FirewallRules: [TCP Query User{C84DE6D0-4B5E-4689-9DCA-A026F9B720AF}C:\program files (x86)\steam\steamapps\common\resident evil 5\re5dx9.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\resident evil 5\re5dx9.exe
FirewallRules: [UDP Query User{F427E6CD-B9BE-41C2-919E-48A2BD6FA98E}C:\program files (x86)\steam\steamapps\common\resident evil 5\re5dx9.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\resident evil 5\re5dx9.exe
FirewallRules: [{8243270D-7F6A-4FDB-B38C-3F9CEF84DD67}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Deus Ex\System\DeusEx.exe
FirewallRules: [{ECF24DF5-D5BE-49D9-A4B3-3B94F598C268}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Deus Ex\System\DeusEx.exe
FirewallRules: [{0445F8BF-EDF0-4C5D-B98B-1FABD07CA70F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Max Payne 2 The Fall of Max Payne\maxpayne2.exe
FirewallRules: [{4D38A708-D8D6-43F8-B245-E4FF7993EDC2}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Max Payne 2 The Fall of Max Payne\maxpayne2.exe
FirewallRules: [{5BCC0003-0CC7-4E28-9251-008F5793FD49}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Deus Ex The Fall\DeusEx_steam.exe
FirewallRules: [{1A8F974D-C888-458B-B314-50E20C50AF4A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Deus Ex The Fall\DeusEx_steam.exe
FirewallRules: [TCP Query User{56090A8B-D14E-4DED-86EE-A580D1015C47}X:\anteworld\outerra.exe] => (Allow) X:\anteworld\outerra.exe
FirewallRules: [UDP Query User{64C53D35-7D77-4DAC-A3CF-803B5E904959}X:\anteworld\outerra.exe] => (Allow) X:\anteworld\outerra.exe
FirewallRules: [{E24BED6D-8DD5-46E9-BFDF-3A62E935FBE3}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\MXGP - The Official Motocross Videogame Demo\MXGP.exe
FirewallRules: [{4DCCFDB8-E449-4FB1-8167-266E52FAD520}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\MXGP - The Official Motocross Videogame Demo\MXGP.exe
FirewallRules: [{A69D7409-77E3-4677-B9B2-054259617BFF}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Star Wars Battlefront II\GameData\BattlefrontII.exe
FirewallRules: [{C3C9A823-9824-4117-8F37-983F5BF5BAC6}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Star Wars Battlefront II\GameData\BattlefrontII.exe
FirewallRules: [{56BE633E-3F0C-40FE-AD43-9AFDCB60435F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Return to Castle Wolfenstein\WolfSP.exe
FirewallRules: [{D3618353-2F41-4B1C-B148-B7F94049CEFB}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Return to Castle Wolfenstein\WolfSP.exe
FirewallRules: [{1422D6E8-B070-4C6A-B09B-DE3899C6A209}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Return to Castle Wolfenstein\WolfMP.exe
FirewallRules: [{9F345935-894C-48F6-805B-9358CCDA9C5E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Return to Castle Wolfenstein\WolfMP.exe
FirewallRules: [{31855B75-CCEB-49DA-B8EA-A74E786DF996}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Enemy Territory QUAKE Wars\etqw.exe
FirewallRules: [{8DCEF841-3C1D-40CF-8BC4-BE28D76F0CEC}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Enemy Territory QUAKE Wars\etqw.exe
FirewallRules: [TCP Query User{CBFCA5E4-ECBB-43C1-8729-CD44EDCB6170}C:\program files (x86)\unity\editor\unity.exe] => (Allow) C:\program files (x86)\unity\editor\unity.exe
FirewallRules: [UDP Query User{B0C982D3-5FDF-42B2-84A5-92491FA18110}C:\program files (x86)\unity\editor\unity.exe] => (Allow) C:\program files (x86)\unity\editor\unity.exe
FirewallRules: [{C843806C-8AE3-4961-9C1B-536B8BDE36B1}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Tomb Raider\TombRaider.exe
FirewallRules: [{A4085B6C-A365-415E-B2C1-E2353B7FEC5C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Tomb Raider\TombRaider.exe
FirewallRules: [{5D9C7C56-D2E1-4DA4-9012-B2481CC46D97}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Fuse Basic\Code\Build\Output\bin\Release\Fuse.exe
FirewallRules: [{95FEBDFF-0B2D-4E18-ADDE-A55406705A3C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Fuse Basic\Code\Build\Output\bin\Release\Fuse.exe
FirewallRules: [{815A1EAF-312B-4DAD-BB3E-8CC2A0CE0183}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dishonored\Binaries\Win32\Dishonored.exe
FirewallRules: [{670F8A8A-891D-4324-B421-A1BE9B8F82FE}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dishonored\Binaries\Win32\Dishonored.exe
FirewallRules: [{54B6DA0D-850A-4A08-AF58-5348CC936A9D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Hitman Sniper Challenge\HMSC.exe
FirewallRules: [{8DCB325E-ABB7-44B7-A353-D0DFFB502CA0}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Hitman Sniper Challenge\HMSC.exe
FirewallRules: [{0F4523EB-3185-40B5-A811-919C4A21FDC2}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Saints Row IV\SaintsRowIV.exe
FirewallRules: [{F0AA5C69-9EB0-4B8E-BF3B-9B3FCD37771C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Saints Row IV\SaintsRowIV.exe
FirewallRules: [{9AB0A4D5-5F85-4BF9-A2B9-326F6C281C32}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Duke Nukem 3D\bin\duke3d.exe
FirewallRules: [{BF512E55-C293-4E2D-8A34-27F3965BA63F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Duke Nukem 3D\bin\duke3d.exe
FirewallRules: [{008F4170-6811-4EE8-ADC3-3B1D764C9ECE}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Duke Nukem 3D\bin\build.exe
FirewallRules: [{F71D7522-61F2-48ED-89AA-258ACA2D5A10}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Duke Nukem 3D\bin\build.exe
FirewallRules: [{6FD8142C-0905-46AB-8498-910A706024D0}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Carmageddon1\DOSBOX\dosbox.exe
FirewallRules: [{F194FF02-55B9-45FB-9C0B-D116E9E06746}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Carmageddon1\DOSBOX\dosbox.exe
FirewallRules: [{4795F523-BD3E-44CD-A982-D86AF335C15A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Serious Sam 2\Bin\Sam2.exe
FirewallRules: [{78934063-39B2-46DB-B097-9C086CFEF6EB}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Serious Sam 2\Bin\Sam2.exe
FirewallRules: [{2DCE7516-A332-43C2-8DB3-C588864B87E3}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Serious Sam Revolution\Bin\SeriousSam.exe
FirewallRules: [{8085D0FF-02C7-482D-BCF0-F3B9AD04E79A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Serious Sam Revolution\Bin\SeriousSam.exe
FirewallRules: [TCP Query User{C2926A47-6E25-487A-999C-5206B5F51C7A}C:\program files (x86)\guild wars 2\gw2.exe] => (Allow) C:\program files (x86)\guild wars 2\gw2.exe
FirewallRules: [UDP Query User{AB6110C4-3E95-4CAF-B7E3-847F8604CA3F}C:\program files (x86)\guild wars 2\gw2.exe] => (Allow) C:\program files (x86)\guild wars 2\gw2.exe
FirewallRules: [TCP Query User{40A7DB67-9B76-4072-A155-4819D784469E}C:\program files (x86)\wolfenstein the new order\wolfneworder_x64.exe] => (Allow) C:\program files (x86)\wolfenstein the new order\wolfneworder_x64.exe
FirewallRules: [UDP Query User{E5FFE001-CC4B-49C1-9CB7-DCD17B85EA01}C:\program files (x86)\wolfenstein the new order\wolfneworder_x64.exe] => (Allow) C:\program files (x86)\wolfenstein the new order\wolfneworder_x64.exe
FirewallRules: [TCP Query User{2C93FA94-9B54-4829-82FE-4C75F9DD63B7}C:\program files (x86)\wolfenstein the new order\wolfneworder_x32.exe] => (Allow) C:\program files (x86)\wolfenstein the new order\wolfneworder_x32.exe
FirewallRules: [UDP Query User{E749B202-B005-44AC-99A5-DC4A46DA0668}C:\program files (x86)\wolfenstein the new order\wolfneworder_x32.exe] => (Allow) C:\program files (x86)\wolfenstein the new order\wolfneworder_x32.exe
FirewallRules: [{32FCF1E8-72DD-4E71-BD9D-2EF4975DECCE}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Crysis\Bin32\Crysis.exe
FirewallRules: [{F2A568EF-4AFE-4702-B576-994D6DB89DC0}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Crysis\Bin32\Crysis.exe
FirewallRules: [{3863FADA-B7DF-4F00-8C87-A43C930388B8}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\MortalKombat_KompleteEdition\DiscContentPC\MKKE.exe
FirewallRules: [{5E78DAAF-1019-47B7-87A1-64BE6CCA4618}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\MortalKombat_KompleteEdition\DiscContentPC\MKKE.exe
FirewallRules: [{8C21EF6C-B46D-4739-AF5A-6246986D444F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\MortalKombat_KompleteEdition\DiscContentPC\MKLauncher.exe
FirewallRules: [{A2BD4D61-5531-4E60-A48F-FA80B853B141}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\MortalKombat_KompleteEdition\DiscContentPC\MKLauncher.exe
FirewallRules: [{350DFEEF-CB86-47B4-8A74-F757319D659F}] => (Allow) C:\Users\User\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
FirewallRules: [{7BBC272C-9BC8-4E02-A056-8D16EA63370D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Crysis 2 Game of the Year\bin32\Crysis2Launcher.exe
FirewallRules: [{819072C6-9635-4E70-BC79-019CE4E72EFB}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Crysis 2 Game of the Year\bin32\Crysis2Launcher.exe
FirewallRules: [TCP Query User{51F90A35-B112-47C3-8366-8441CF8C3B53}C:\program files (x86)\steam\steamapps\common\crysis 2 game of the year\bin32\crysis2.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\crysis 2 game of the year\bin32\crysis2.exe
FirewallRules: [UDP Query User{B771790A-04BE-4E0F-B535-E2F81A92A97D}C:\program files (x86)\steam\steamapps\common\crysis 2 game of the year\bin32\crysis2.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\crysis 2 game of the year\bin32\crysis2.exe
FirewallRules: [TCP Query User{48C12BBD-2E8B-44AF-A16B-47B6AB752AE3}K:\oculus rift\dk1\space walk 0.63\spacewalk.exe] => (Allow) K:\oculus rift\dk1\space walk 0.63\spacewalk.exe
FirewallRules: [UDP Query User{6B8A69A9-2BC7-41CF-9B19-B8125D1419B4}K:\oculus rift\dk1\space walk 0.63\spacewalk.exe] => (Allow) K:\oculus rift\dk1\space walk 0.63\spacewalk.exe
FirewallRules: [{D2D8E469-5687-4557-808C-9461D97908B9}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\The Crew (Beta)\TheCrew.exe
FirewallRules: [{01F8C901-3AB3-4DE9-85A3-67C4A689DCFD}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\The Crew (Beta)\TheCrew.exe
FirewallRules: [{B2BA3AB2-AD81-4E17-A0F5-0AD697401868}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{102E7486-62D3-4F44-850C-677D0BF5A47C}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{A02F9E5A-3D16-467F-A4AC-79769C123349}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Call of Duty\CoDSP.exe
FirewallRules: [{86619471-8757-4E1F-B48A-2126A3597B55}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Call of Duty\CoDSP.exe
FirewallRules: [{FAA9F6F5-AF51-4FB0-BC27-14D40B86F7F8}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Call of Duty\CoDMP.exe
FirewallRules: [{453C04B2-6F0A-4FA0-88CE-7A6A1EE2C5B0}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Call of Duty\CoDMP.exe
FirewallRules: [{6F6EFB6F-E40C-476A-9A9F-3EA9DB819EFF}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Resident Evil 6\BH6.exe
FirewallRules: [{69ACAA7D-3A2D-43B6-954B-F199B5F1D327}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Resident Evil 6\BH6.exe
FirewallRules: [{7E2C8B55-F26D-4893-907E-C19CDB768663}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Source\hl2.exe
FirewallRules: [{354E6C9D-32A7-4130-8BE7-59DCA2436592}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Source\hl2.exe
FirewallRules: [{B426886B-9F2A-4CB9-A9CD-5B3E14A54858}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Jedi Academy\GameData\jasp.exe
FirewallRules: [{C37A7422-53C5-4E66-976E-D915B3E571E1}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Jedi Academy\GameData\jasp.exe
FirewallRules: [{466BE341-6324-4450-A5AA-5F6C4B68A7D6}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Jedi Academy\GameData\jamp.exe
FirewallRules: [{E9D87A4A-9EF6-4BDF-BD03-B213D47194DE}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Jedi Academy\GameData\jamp.exe
FirewallRules: [{E2E93AA1-3A7D-4A3B-A5DF-9CE1667C3723}] => (Allow) C:\Program Files (x86)\Funcom\The Secret World\ClientPatcher.exe
FirewallRules: [{ED972BD6-0A63-4DCB-BF14-04B38DA0D2DF}] => (Allow) C:\Program Files (x86)\Funcom\The Secret World\ClientPatcher.exe
FirewallRules: [{AB90D612-843D-4099-AC81-EEB9132F1714}] => (Allow) C:\Users\User\Downloads\Daum Games\Black Desert\BlackDesert_Downloader.exe
FirewallRules: [{5439C96D-E625-4045-9B8E-E97EA9A7B4B6}] => (Allow) C:\Program Files (x86)\Black Desert\bin\BlackDesert32.exe
FirewallRules: [{A4038835-0105-4175-B58A-248B89D2D65A}] => (Allow) C:\Program Files (x86)\Black Desert\bin64\BlackDesert64.exe
FirewallRules: [{F22DEC36-8CC3-49F1-8AEF-A0690ADC101D}] => (Allow) C:\Program Files (x86)\Black Desert\BlackDesert_Launcher.exe
FirewallRules: [{6010B4A9-DFD1-433D-ABC9-3A1CC5C2B91C}] => (Allow) C:\Program Files (x86)\Black Desert\BlackDesert_Downloader.exe
FirewallRules: [{A95D16CB-14A5-4E2A-B992-C0DC9572E4CA}] => (Allow) C:\Program Files (x86)\Black Desert\BlackDesert_Launcher.exe
FirewallRules: [{128107AC-79C3-4367-AD6F-C736E60CCCC5}] => (Allow) C:\Program Files (x86)\Black Desert\BlackDesert_Launcher.exe
FirewallRules: [{EAE70B45-5A64-446D-9D3E-6F9943A90C5E}] => (Allow) C:\Program Files (x86)\Black Desert\BlackDesert_Downloader.exe
FirewallRules: [{24B226CB-2016-4D60-9E47-661A9B4C5B5D}] => (Allow) C:\Program Files (x86)\Black Desert\BlackDesert_Downloader.exe
FirewallRules: [TCP Query User{8C5CD1E4-0541-4D3F-8B3D-1BBB6582F872}C:\program files (x86)\frontier\edlaunch\products\forc-fdev-d-1010\elitedangerous32.exe] => (Allow) C:\program files (x86)\frontier\edlaunch\products\forc-fdev-d-1010\elitedangerous32.exe
FirewallRules: [UDP Query User{E7349101-B9BE-4EC5-B4D1-49A88FC80E7C}C:\program files (x86)\frontier\edlaunch\products\forc-fdev-d-1010\elitedangerous32.exe] => (Allow) C:\program files (x86)\frontier\edlaunch\products\forc-fdev-d-1010\elitedangerous32.exe
FirewallRules: [TCP Query User{686CDE70-27A1-4ACD-8891-5ECADD747404}C:\program files (x86)\frontier\edlaunch\products\combat_tutorial_demo\elitedangerous32.exe] => (Allow) C:\program files (x86)\frontier\edlaunch\products\combat_tutorial_demo\elitedangerous32.exe
FirewallRules: [UDP Query User{B1E1C239-AC9A-4547-9BE8-3161DAD3E025}C:\program files (x86)\frontier\edlaunch\products\combat_tutorial_demo\elitedangerous32.exe] => (Allow) C:\program files (x86)\frontier\edlaunch\products\combat_tutorial_demo\elitedangerous32.exe
FirewallRules: [{875168AE-0CB8-48E1-996E-3449EE8CBC8C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Call of Duty World at War\CoDWaW.exe
FirewallRules: [{61ABD6CD-28CA-4CA6-9801-2F01E653C156}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Call of Duty World at War\CoDWaW.exe
FirewallRules: [{CC799DF4-245B-4B91-AEAA-2F5A5FDE6D35}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Call of Duty World at War\CoDWaWmp.exe
FirewallRules: [{A7B33D55-CCC7-4D7C-86AE-2FF376BB5B8B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Call of Duty World at War\CoDWaWmp.exe
FirewallRules: [{8A391BF5-C34C-479F-916D-A5E1CBFD0A24}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\This War of Mine\This War of Mine.exe
FirewallRules: [{B13B6981-11A5-476A-8A87-2D0B8E0B448B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\This War of Mine\This War of Mine.exe
FirewallRules: [TCP Query User{17DAEE43-3212-46BB-AB17-926528D3D978}C:\program files (x86)\steam\steamapps\common\thehunterprimal\game\thehunterprimal.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\thehunterprimal\game\thehunterprimal.exe
FirewallRules: [UDP Query User{6CD82E08-CE27-4159-A62E-E0CAA0170C83}C:\program files (x86)\steam\steamapps\common\thehunterprimal\game\thehunterprimal.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\thehunterprimal\game\thehunterprimal.exe
FirewallRules: [{1C058DFC-E404-4C2B-BD5E-C28C38447806}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Wolfenstein.The.New.Order\WolfNewOrder_x64.exe
FirewallRules: [{0F583AC3-475C-41A7-B6EF-4C90DAC4568D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Wolfenstein.The.New.Order\WolfNewOrder_x64.exe
FirewallRules: [{DA658FDE-1A64-449E-A3C0-5600CAA8893D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\RAGE\Rage.exe
FirewallRules: [{86C33668-9EFB-41B4-B648-0D3329488353}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\RAGE\Rage.exe
FirewallRules: [{6B086B69-D15F-4305-A3BD-B96A96465C56}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\RAGE\Rage64.exe
FirewallRules: [{E1D2D61A-3A94-484A-83E7-5DB402EAB5D2}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\RAGE\Rage64.exe
FirewallRules: [{28A0EFC4-8F86-47B5-9FEA-CA13B0FB944E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\DOOM 3 BFG Edition\Doom3BFG.exe
FirewallRules: [{24C016CE-EBDC-4423-9991-C33BD5532097}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\DOOM 3 BFG Edition\Doom3BFG.exe
FirewallRules: [{FD734CB2-809E-4594-B981-D5F25F32D39A}] => (Allow) C:\Program Files (x86)\Origin Games\Need for Speed The Run\Need For Speed The Run.exe
FirewallRules: [{B8CC1D55-D03D-47BF-9F9A-1D79B1AF0A2C}] => (Allow) C:\Program Files (x86)\Origin Games\Need for Speed The Run\Need For Speed The Run.exe
FirewallRules: [{7B004823-4C5C-49ED-A985-89F4BFA9DA34}] => (Allow) C:\Program Files (x86)\Origin Games\Mass Effect 3\Binaries\Win32\MassEffect3.exe
FirewallRules: [{B96B4602-3DD1-4385-83A8-68AD21BF5820}] => (Allow) C:\Program Files (x86)\Origin Games\Mass Effect 3\Binaries\Win32\MassEffect3.exe
FirewallRules: [{A87AEF94-AB13-4121-A236-4D34EDF68B74}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Fuse\Code\Build\Output\bin\Release\Fuse.exe
FirewallRules: [{44A17F9B-5D51-49C5-BD82-81CC39521B4A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Fuse\Code\Build\Output\bin\Release\Fuse.exe
FirewallRules: [TCP Query User{4A37210E-9170-45B5-B46B-FAE712D3B350}C:\program files (x86)\steam\steamapps\common\woolfetrhd\beta\binaries\win64\woolfegame.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\woolfetrhd\beta\binaries\win64\woolfegame.exe
FirewallRules: [UDP Query User{333C1553-6DCE-4725-A897-9B69691E4365}C:\program files (x86)\steam\steamapps\common\woolfetrhd\beta\binaries\win64\woolfegame.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\woolfetrhd\beta\binaries\win64\woolfegame.exe
FirewallRules: [{70D54AAD-3D48-4AE6-8463-B531CF3CC2AA}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\RESIDENT EVIL REVELATIONS 2\rerev2.exe
FirewallRules: [{1024483D-0C5E-4D15-811B-6E79AEFF497A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\RESIDENT EVIL REVELATIONS 2\rerev2.exe
FirewallRules: [{D8C16374-F746-4717-A886-E0E062E392CA}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Shadow Warrior\dx11\launcher.exe
FirewallRules: [{C5FBEF9B-451E-4D34-A130-9D772C2DCBA7}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Shadow Warrior\dx11\launcher.exe
FirewallRules: [{5E7BFD08-9E22-40DC-A341-40D438D416E9}] => (Allow) X:\SteamLibrary\steamapps\common\Medal of Honor Airborne\UnrealEngine3\Binaries\MOHA.exe
FirewallRules: [{9298ED05-5FC0-4309-B12F-AE4463B53DF6}] => (Allow) X:\SteamLibrary\steamapps\common\Medal of Honor Airborne\UnrealEngine3\Binaries\MOHA.exe
FirewallRules: [{BB44348F-1AA2-4F21-B201-F8E51B6C145D}] => (Allow) X:\SteamLibrary\steamapps\common\Copa Petrobras de Marcas\Marcas.exe
FirewallRules: [{0C6CA115-D6B8-45CC-83DD-027DC237D4BE}] => (Allow) X:\SteamLibrary\steamapps\common\Copa Petrobras de Marcas\Marcas.exe
FirewallRules: [{1318E0B5-23C5-4F86-81E0-40DF5BEE21DE}] => (Allow) X:\SteamLibrary\steamapps\common\Copa Petrobras de Marcas\Config.exe
FirewallRules: [{261DF98E-DE69-4501-97DE-8E637A200CCF}] => (Allow) X:\SteamLibrary\steamapps\common\Copa Petrobras de Marcas\Config.exe
FirewallRules: [{86470308-57D0-49EB-8B7D-32667A6AD46B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\APB Reloaded\Binaries\APB.exe
FirewallRules: [{83470F7B-B53D-44B9-9DFC-574EB9487F55}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\APB Reloaded\Binaries\APB.exe
FirewallRules: [{F46C53AC-47CA-40A4-90A9-743BC71B6F04}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\APB Reloaded\Binaries\VivoxVoiceService.exe
FirewallRules: [{73F7D2D9-DBBD-4A72-A5B7-1A2AA1BC34C6}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\APB Reloaded\Binaries\VivoxVoiceService.exe
FirewallRules: [TCP Query User{FD12951B-267B-495B-ADC9-BCEE5D871A9F}X:\steamlibrary\steamapps\common\grand theft auto v\gta5.exe] => (Allow) X:\steamlibrary\steamapps\common\grand theft auto v\gta5.exe
FirewallRules: [UDP Query User{DD1579B4-1C92-436B-B2A3-FA931F0A1343}X:\steamlibrary\steamapps\common\grand theft auto v\gta5.exe] => (Allow) X:\steamlibrary\steamapps\common\grand theft auto v\gta5.exe
FirewallRules: [{2F344949-2F9A-4E9A-B7A3-5D87A0155B45}] => (Allow) X:\SteamLibrary\steamapps\common\MK10\Binaries\Retail\MK10.exe
FirewallRules: [{E00558CF-6909-40FE-93BE-2A99E7335D1D}] => (Allow) X:\SteamLibrary\steamapps\common\MK10\Binaries\Retail\MK10.exe
FirewallRules: [{D568E2E4-D216-440D-AE7E-3CB1BF66263C}] => (Allow) X:\SteamLibrary\steamapps\common\MK10\Binaries\Retail\MKXLauncher.exe
FirewallRules: [{040C9328-C242-476C-9A22-453FC071A14F}] => (Allow) X:\SteamLibrary\steamapps\common\MK10\Binaries\Retail\MKXLauncher.exe
FirewallRules: [{638C87A9-9046-4251-AF79-DE436DB80033}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Serious Sam Revolution\Bin\SeriousSam.exe
FirewallRules: [{C2B08E04-C431-430D-9BE3-6298BCCD11CB}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Serious Sam Revolution\Bin\SeriousSam.exe
FirewallRules: [{A1D83827-233E-4042-9EEC-502747D95C71}] => (Allow) X:\SteamLibrary\steamapps\common\Wolfenstein The Old Blood\WolfOldBlood_x64.exe
FirewallRules: [{47F0DE51-A4A2-45EF-A3BF-8AB853E74FDF}] => (Allow) X:\SteamLibrary\steamapps\common\Wolfenstein The Old Blood\WolfOldBlood_x64.exe
FirewallRules: [{694C9721-B4EA-4CAC-A2E3-7F53CFD09CDF}] => (Allow) X:\SteamLibrary\steamapps\common\Black Mesa\bms.exe
FirewallRules: [{D8B040C9-C2F2-4546-9EC0-D85136DF3BC6}] => (Allow) X:\SteamLibrary\steamapps\common\Black Mesa\bms.exe
FirewallRules: [{5D1F435C-D681-4B9B-8386-3E3AFB167EA2}] => (Allow) X:\SteamLibrary\steamapps\common\Battlefield Bad Company 2\BFBC2Game.exe
FirewallRules: [{B8808FF5-BD97-4F90-A761-2C0ACD06B96F}] => (Allow) X:\SteamLibrary\steamapps\common\Battlefield Bad Company 2\BFBC2Game.exe
FirewallRules: [{B4FC22F9-B27E-4BFF-A90F-20241DED92F5}] => (Allow) X:\SteamLibrary\steamapps\common\Black Mesa Dedicated Server\srcds.exe
FirewallRules: [{C3906869-439A-4D64-B480-6023CB3CF78E}] => (Allow) X:\SteamLibrary\steamapps\common\Black Mesa Dedicated Server\srcds.exe
FirewallRules: [TCP Query User{F0CBA2DA-096E-47AC-AE19-9A7FF263464F}C:\users\user\downloads\vrtitties 0.142\vrtitties\binaries\win64\vrtitties.exe] => (Allow) C:\users\user\downloads\vrtitties 0.142\vrtitties\binaries\win64\vrtitties.exe
FirewallRules: [UDP Query User{2CE3FC18-BDD2-40D4-B20B-A35690AAF9E0}C:\users\user\downloads\vrtitties 0.142\vrtitties\binaries\win64\vrtitties.exe] => (Allow) C:\users\user\downloads\vrtitties 0.142\vrtitties\binaries\win64\vrtitties.exe
FirewallRules: [{9B0776DE-3AB9-4BD2-BCCB-846B2FBF4001}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{F97C2992-DEB9-45D4-B556-3766954601E3}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{1A25C461-6B31-40C8-878E-32FF0E81446A}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{42764F8B-103A-4F8D-BDEB-4293923B1DEF}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [TCP Query User{729113B1-FEAF-4F14-81AF-19577CBE7C05}X:\ccp\bin\exefile.exe] => (Allow) X:\ccp\bin\exefile.exe
FirewallRules: [UDP Query User{466C69A9-7051-4B82-9A10-C2861B372FE5}X:\ccp\bin\exefile.exe] => (Allow) X:\ccp\bin\exefile.exe
FirewallRules: [TCP Query User{459A775B-011B-491D-8CEE-CE67A8BF779D}X:\c9\dp_x64.exe] => (Allow) X:\c9\dp_x64.exe
FirewallRules: [UDP Query User{FF970F8B-9B3C-41A0-BEF9-C7C9321C5852}X:\c9\dp_x64.exe] => (Allow) X:\c9\dp_x64.exe
FirewallRules: [{02BCFCD9-49B6-41A6-9D6E-BF99F6F6E47C}] => (Allow) X:\SteamLibrary\steamapps\common\Dragon's Prophet (EU)\dp_x86.exe
FirewallRules: [{0CA26C65-3FD1-46E8-84E5-DD362572FA06}] => (Allow) X:\SteamLibrary\steamapps\common\Dragon's Prophet (EU)\launcher.exe
FirewallRules: [{5E092275-36AB-4DEB-8F8A-8F1E0E686ACE}] => (Allow) X:\SteamLibrary\steamapps\common\Dragon's Prophet (EU)\dp_x64.exe
FirewallRules: [{4316ED6E-F69D-40EE-986E-958F90E82B9D}] => (Allow) X:\SteamLibrary\steamapps\common\Dragon's Prophet (EU)\dp_x86.exe
FirewallRules: [{856B94E3-FF45-4472-BA03-92BBDA59B7E5}] => (Allow) X:\SteamLibrary\steamapps\common\Dragon's Prophet (EU)\launcher.exe
FirewallRules: [{C014F511-19BB-4B4E-9117-9791321B578A}] => (Allow) X:\SteamLibrary\steamapps\common\Dragon's Prophet (EU)\dp_x64.exe
FirewallRules: [{4BC3690F-F136-4032-A432-955D5B8130F2}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Duke Nukem 3D\bin\dosbox\dosbox.exe
FirewallRules: [{6C02FC3A-CF6E-4951-B399-AD1BA2A1312A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Duke Nukem 3D\bin\dosbox\dosbox.exe
FirewallRules: [{8E3DF02A-7336-4282-8C0F-6890958B6993}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{3B6F1692-5990-4C1C-B8E9-17086FDE1E0B}] => (Allow) LPort=2869
FirewallRules: [{F1ECD3D6-C5B7-4D3E-B0CE-920C5EC58248}] => (Allow) LPort=1900
FirewallRules: [{5D13FBF6-8775-46B9-8BC4-7F4E3C764363}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{ECC8651C-4194-4976-BA79-FE629DAF61BB}] => (Allow) X:\SteamLibrary\steamapps\common\Half-Life\hl.exe
FirewallRules: [{E7CBD59A-567F-4FD7-9FBA-A53172424CAE}] => (Allow) X:\SteamLibrary\steamapps\common\Half-Life\hl.exe
FirewallRules: [{17686042-6BAE-4F0D-947B-92E1DCD7C3E5}] => (Allow) X:\SteamLibrary\steamapps\common\FEAR Ultimate Shooter Edition\FEAR.exe
FirewallRules: [{C987599A-D3BF-45F9-BD46-87571C375BA7}] => (Allow) X:\SteamLibrary\steamapps\common\FEAR Ultimate Shooter Edition\FEAR.exe
FirewallRules: [{04724FB2-3DFC-4235-9F4A-B79E0C209896}] => (Allow) X:\SteamLibrary\steamapps\common\Serious Sam Classic The Second Encounter\Bin\SeriousSam.exe
FirewallRules: [{2C90A030-5A6E-496C-9850-9AAA968A9447}] => (Allow) X:\SteamLibrary\steamapps\common\Serious Sam Classic The Second Encounter\Bin\SeriousSam.exe
FirewallRules: [{299E38C1-9EC3-4FB5-9D50-7B734EBB961C}] => (Allow) X:\SteamLibrary\steamapps\common\Serious Sam Classic The Second Encounter\Bin\SeriousEditor.exe
FirewallRules: [{A689CE76-5A31-4EFE-8730-4BCBA53E88D6}] => (Allow) X:\SteamLibrary\steamapps\common\Serious Sam Classic The Second Encounter\Bin\SeriousEditor.exe
FirewallRules: [{CFC54000-5213-4C16-9B4F-0039DA1495C7}] => (Allow) X:\SteamLibrary\steamapps\common\Serious Sam Classic The Second Encounter\Bin\SeriousModeler.exe
FirewallRules: [{C5D54EBF-A58E-491B-B8A3-A1CC071502D3}] => (Allow) X:\SteamLibrary\steamapps\common\Serious Sam Classic The Second Encounter\Bin\SeriousModeler.exe
FirewallRules: [{34260F95-06E6-45D0-88AD-23CD28B17035}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Viscera Cleanup Detail Shadow Warrior\Binaries\Win32\UDK.exe
FirewallRules: [{5209DC9D-7A5D-4ACC-B3B9-EE415DA4A1C8}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Viscera Cleanup Detail Shadow Warrior\Binaries\Win32\UDK.exe
FirewallRules: [{CB3A8C4B-CA51-492E-B1D2-65A498420A18}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Viscera Cleanup Detail Shadow Warrior\Binaries\Win64\UDK.exe
FirewallRules: [{001249B2-9281-4A3D-BDD3-7F67C650E32C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Viscera Cleanup Detail Shadow Warrior\Binaries\Win64\UDK.exe
FirewallRules: [{6395F5F9-C493-48ED-8A9A-66294215FD42}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Life Is Strange\Binaries\Win32\LifeIsStrange.exe
FirewallRules: [{35F2EC84-A7BC-4B10-8552-24425D03205A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Life Is Strange\Binaries\Win32\LifeIsStrange.exe
FirewallRules: [{7C84B9F0-7A9C-48D1-940E-9D6C4C733BA3}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{2C83FD10-E52B-4900-8758-AF05233D415B}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{DCB3E7DF-FF24-4380-8A4A-B5E37AED4528}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [{26B5B102-7CD8-436C-A69B-C6BFB004ABA8}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [{3E8827C6-AC11-4186-93BB-A81596123578}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\theHunterPrimal\launcher\launcher.exe
FirewallRules: [{1BC97CE8-30C8-4128-B794-77735B66588B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\theHunterPrimal\launcher\launcher.exe
FirewallRules: [{236528DE-7D13-45C3-8C66-3F4B375462BB}] => (Allow) X:\SteamLibrary\steamapps\common\The Talos Principle Demo\Bin\Talos_Demo.exe
FirewallRules: [{9A829F8B-DBBB-40A4-A43A-F0DCE5632F40}] => (Allow) X:\SteamLibrary\steamapps\common\The Talos Principle Demo\Bin\Talos_Demo.exe
FirewallRules: [{AB751AD4-7060-427C-85BE-372E505B5952}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{6837B8E4-F575-417D-A9D0-4B4344CE205E}] => (Allow) C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv.exe
FirewallRules: [{C25477B3-055F-4E28-BA14-F29EE0C2C096}] => (Allow) C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv.exe
FirewallRules: [{29F4332F-25F4-4FD1-83B2-2FBE5E7F10DA}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe
FirewallRules: [{5728F3CA-90C9-4022-84DE-C52EA1758920}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe
FirewallRules: [{3E06514E-6B2E-470F-A137-8746B82CAC61}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe
FirewallRules: [{A27E4E26-9148-4F46-89B8-E3B54E866A3D}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe

==================== Herstelpunten =========================

24-07-2016 00:00:00 Gepland controlepunt
25-07-2016 04:05:49 Windows Update

==================== Defecte Apparaatbeheer Apparaten =============


==================== Eventlog fouten: =========================

Applicatiefouten:
==================
Error: (07/22/2016 04:17:26 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Naam van toepassing met fout: GWXUX.exe, versie: 6.3.9600.18407, tijdstempel: 0x578254e8
Naam van module met fout: RPCRT4.dll, versie: 6.1.7601.23452, tijdstempel: 0x5734ba1c
Uitzonderingscode: 0xc0000005
Foutoffset: 0x00000000000475b8
Id van proces met fout: 0x1548
Starttijd van toepassing met fout: 0xGWXUX.exe0
Pad naar toepassing met fout: GWXUX.exe1
Pad naar module met fout: GWXUX.exe2
Rapport-id: GWXUX.exe3

Error: (07/19/2016 09:32:28 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Naam van toepassing met fout: OneDrive.exe, versie: 17.3.6390.509, tijdstempel: 0x5730e595
Naam van module met fout: KERNELBASE.dll, versie: 6.1.7601.18939, tijdstempel: 0x55afd8e7
Uitzonderingscode: 0x80000003
Foutoffset: 0x0001322c
Id van proces met fout: 0x1214
Starttijd van toepassing met fout: 0xOneDrive.exe0
Pad naar toepassing met fout: OneDrive.exe1
Pad naar module met fout: OneDrive.exe2
Rapport-id: OneDrive.exe3

Error: (07/19/2016 08:53:21 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Naam van toepassing met fout: IEXPLORE.EXE, versie: 11.0.9600.18015, tijdstempel: 0x55cec14a
Naam van module met fout: KERNELBASE.dll, versie: 6.1.7601.18939, tijdstempel: 0x55afd8e7
Uitzonderingscode: 0xe06d7363
Foutoffset: 0x0000c42d
Id van proces met fout: 0x10f0
Starttijd van toepassing met fout: 0xIEXPLORE.EXE0
Pad naar toepassing met fout: IEXPLORE.EXE1
Pad naar module met fout: IEXPLORE.EXE2
Rapport-id: IEXPLORE.EXE3

Error: (07/19/2016 08:53:16 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Naam van toepassing met fout: IEXPLORE.EXE, versie: 11.0.9600.18015, tijdstempel: 0x55cec14a
Naam van module met fout: KERNELBASE.dll, versie: 6.1.7601.18939, tijdstempel: 0x55afd8e7
Uitzonderingscode: 0xc000041d
Foutoffset: 0x0000c42d
Id van proces met fout: 0x13a4
Starttijd van toepassing met fout: 0xIEXPLORE.EXE0
Pad naar toepassing met fout: IEXPLORE.EXE1
Pad naar module met fout: IEXPLORE.EXE2
Rapport-id: IEXPLORE.EXE3

Error: (07/19/2016 08:53:13 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Naam van toepassing met fout: IEXPLORE.EXE, versie: 11.0.9600.18015, tijdstempel: 0x55cec14a
Naam van module met fout: KERNELBASE.dll, versie: 6.1.7601.18939, tijdstempel: 0x55afd8e7
Uitzonderingscode: 0xe06d7363
Foutoffset: 0x0000c42d
Id van proces met fout: 0x13a4
Starttijd van toepassing met fout: 0xIEXPLORE.EXE0
Pad naar toepassing met fout: IEXPLORE.EXE1
Pad naar module met fout: IEXPLORE.EXE2
Rapport-id: IEXPLORE.EXE3

Error: (07/19/2016 08:53:04 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Naam van toepassing met fout: IEXPLORE.EXE, versie: 11.0.9600.18015, tijdstempel: 0x55cec14a
Naam van module met fout: KERNELBASE.dll, versie: 6.1.7601.18939, tijdstempel: 0x55afd8e7
Uitzonderingscode: 0xe06d7363
Foutoffset: 0x0000c42d
Id van proces met fout: 0x1b10
Starttijd van toepassing met fout: 0xIEXPLORE.EXE0
Pad naar toepassing met fout: IEXPLORE.EXE1
Pad naar module met fout: IEXPLORE.EXE2
Rapport-id: IEXPLORE.EXE3

Error: (07/19/2016 08:53:01 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Naam van toepassing met fout: IEXPLORE.EXE, versie: 11.0.9600.18015, tijdstempel: 0x55cec14a
Naam van module met fout: KERNELBASE.dll, versie: 6.1.7601.18939, tijdstempel: 0x55afd8e7
Uitzonderingscode: 0xc000041d
Foutoffset: 0x0000c42d
Id van proces met fout: 0x1860
Starttijd van toepassing met fout: 0xIEXPLORE.EXE0
Pad naar toepassing met fout: IEXPLORE.EXE1
Pad naar module met fout: IEXPLORE.EXE2
Rapport-id: IEXPLORE.EXE3

Error: (07/19/2016 08:52:58 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Naam van toepassing met fout: IEXPLORE.EXE, versie: 11.0.9600.18015, tijdstempel: 0x55cec14a
Naam van module met fout: KERNELBASE.dll, versie: 6.1.7601.18939, tijdstempel: 0x55afd8e7
Uitzonderingscode: 0xe06d7363
Foutoffset: 0x0000c42d
Id van proces met fout: 0x1860
Starttijd van toepassing met fout: 0xIEXPLORE.EXE0
Pad naar toepassing met fout: IEXPLORE.EXE1
Pad naar module met fout: IEXPLORE.EXE2
Rapport-id: IEXPLORE.EXE3

Error: (07/19/2016 08:41:02 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Naam van toepassing met fout: GWXUX.exe, versie: 6.3.9600.18064, tijdstempel: 0x56042d8f
Naam van module met fout: ntdll.dll, versie: 6.1.7601.18939, tijdstempel: 0x55b02e88
Uitzonderingscode: 0xc0000005
Foutoffset: 0x000000000004ac04
Id van proces met fout: 0x1ba0
Starttijd van toepassing met fout: 0xGWXUX.exe0
Pad naar toepassing met fout: GWXUX.exe1
Pad naar module met fout: GWXUX.exe2
Rapport-id: GWXUX.exe3

Error: (10/10/2015 11:27:10 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Naam van toepassing met fout: GWXUX.exe, versie: 6.3.9600.18064, tijdstempel: 0x56042d8f
Naam van module met fout: ntdll.dll, versie: 6.1.7601.18939, tijdstempel: 0x55b02e88
Uitzonderingscode: 0xc0000005
Foutoffset: 0x000000000004ac04
Id van proces met fout: 0x853c
Starttijd van toepassing met fout: 0xGWXUX.exe0
Pad naar toepassing met fout: GWXUX.exe1
Pad naar module met fout: GWXUX.exe2
Rapport-id: GWXUX.exe3


Systeemfouten:
=============
Error: (07/25/2016 12:48:45 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: De Windows Search-service kan vanwege de volgende fout niet worden gestart:
%%1069 = De service is niet gestart vanwege een aanmeldingsfout.


Error: (07/25/2016 12:48:45 PM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: De WSearch-service kan niet als NT AUTHORITY\SYSTEM met het huidig ingestelde wachtwoord worden aangemeld vanwege de volgende fout:
%%50 = De aanvraag wordt niet ondersteund.


Gebruik de module Services in de Microsoft Management Console (MMC) om te controleren of de service juist is geconfigureerd.

Error: (07/25/2016 12:48:45 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: De Windows Media Player Network Sharing Service-service kan vanwege de volgende fout niet worden gestart:
%%1069 = De service is niet gestart vanwege een aanmeldingsfout.


Error: (07/25/2016 12:48:45 PM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: De WMPNetworkSvc-service kan niet als NT AUTHORITY\NetworkService met het huidig ingestelde wachtwoord worden aangemeld vanwege de volgende fout:
%%50 = De aanvraag wordt niet ondersteund.


Gebruik de module Services in de Microsoft Management Console (MMC) om te controleren of de service juist is geconfigureerd.

Error: (07/25/2016 12:48:15 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: De Windows Search-service is onverwacht gestopt. Dit is 1 keer gebeurd. De volgende herstelbewerking zal over 30000 milliseconden worden uitgevoerd: Service opnieuw starten.

Error: (07/25/2016 12:48:15 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: De Windows Media Player Network Sharing Service-service is onverwacht gestopt. Dit is 1 keer gebeurd. De volgende herstelbewerking zal over 30000 milliseconden worden uitgevoerd: Service opnieuw starten.

Error: (07/25/2016 12:48:15 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: De Intel(R) Dynamic Application Loader Host Interface Service-service is onverwacht beëindigd. Dit is nu 1 keer gebeurd.

Error: (07/25/2016 12:48:15 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: De Intel(R) Rapid Storage Technology-service is onverwacht beëindigd. Dit is nu 1 keer gebeurd.

Error: (07/25/2016 12:48:15 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: De Windows Live ID Sign-in Assistant-service is onverwacht gestopt. Dit is 1 keer gebeurd. De volgende herstelbewerking zal over 10000 milliseconden worden uitgevoerd: Service opnieuw starten.

Error: (07/25/2016 12:48:15 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: De StarWind AE Service-service is onverwacht beëindigd. Dit is nu 1 keer gebeurd.


==================== Geheugen info ===========================

Processor: Intel(R) Core(TM) i7-2600 CPU @ 3.40GHz
Percentage geheugen in gebruik: 24%
Totaal fysiek RAM-geheugen: 12268.31 MB
Beschikbaar fysiek RAM-geheugen: 9222.27 MB
Totaal Virtueel geheugen: 24534.81 MB
Beschikbaar Virtual geheugen: 21131.22 MB

==================== Schijven ================================

Drive c: () (Fixed) (Total:1472.29 GB) (Free:542.87 GB) NTFS
Drive d: (RACEDRIVER) (CDROM) (Total:0.62 GB) (Free:0 GB) CDFS
Drive i: (Tim) (Fixed) (Total:10.04 GB) (Free:9.91 GB) NTFS
Drive x: (C-Extension) (Fixed) (Total:380.58 GB) (Free:223.98 GB) NTFS

==================== MBR & Partitietabel ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: 2F17BFB6)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=1472.3 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=10 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=380.6 GB) - (Type=OF Extended)

==================== Eind van Addition.txt ============================
MentalParadox is offline  
Old 07-26-2016, 04:17 AM   #7
Security Team
Analyst
 
tekir06's Avatar
 
Join Date: Oct 2010
Location: Turkiye
Posts: 1,859
OS: Windows 7 (32 Bit)



Hello MentalParadox,
Quote:
Sadly, the files are all in Dutch, as the OS of that computer is in Dutch. I hope that won't be a problem...
No problem

Thanks for the logs. Lets continue.

I see you have P2P software ( BitTorrent ) installed on your machine. We are not here to pass judgment on file-sharing as a concept. However, we will warn you that engaging in this activity and having this kind of software installed on your machine will always make you more susceptible to re-infections. It may be contributing to your current situation. This page will give you further information.

Please note: Even if you are using a "safe" P2P program, it is only the program that is safe. You will be sharing files from uncertified sources, and these are often infected. The bad guys use P2P filesharing as a major conduit to spread their wares.

A reference for the risk of these programs is here

I would strongly recommend that you uninstall it. You can do so via Control Panel >> Programs and Features

=========================================================

Please do the below steps.

STEP 1

Open Notepad (Start > All Programs > Accessories > Notepad).
Please copy all the text in the codebox below. (To do this highlight the contents of the box, right-click on it and select Copy. Right-click in the open Notepad and select Paste).
Save it as fixlist.txt next to FRST64.exe

NOTE: Both FRST64.exe and the fixlist.txt must be in the same location or the fix will not work.

Code:
CreateRestorePoint:
HKU\S-1-5-21-2689027922-2357379931-3514953091-1000\...\MountPoints2: {c22f7bcb-8f9f-11e2-80e8-806e6f6e6963} - D:\autorun.exe
GroupPolicy: Restrictie - Chrome <======= AANDACHT
CHR HKLM\SOFTWARE\Policies\Google: Restrictie <======= AANDACHT
BHO: GoSave -> {397a4a95-ebca-4775-9cd4-3ea401c7d7fc} -> C:\Program Files (x86)\GoSave\iAE6vcHfewkA9s.x64.dll => Geen bestand
BHO: YoutubeAdBlocke -> {7df28b6a-ad67-4f89-8d87-01ae25a07ad9} -> C:\Program Files (x86)\YoutubeAdBlocke\bicj1w5kcaP66P.x64.dll => Geen bestand
BHO-x32: GoSave -> {397a4a95-ebca-4775-9cd4-3ea401c7d7fc} -> C:\Program Files (x86)\GoSave\iAE6vcHfewkA9s.dll => Geen bestand
BHO-x32: YoutubeAdBlocke -> {7df28b6a-ad67-4f89-8d87-01ae25a07ad9} -> C:\Program Files (x86)\YoutubeAdBlocke\bicj1w5kcaP66P.dll => Geen bestand
FF Plugin: @microsoft.com/GENUINE -> disabled [Geen bestand]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Geen bestand]
U3 aahtrj3t; C:\Windows\System32\Drivers\aahtrj3t.sys [0 ] (Microsoft Corporation) <==== AANDACHT (nul byte bestand/map)
RemoveProxy:
CMD: bitsadmin /reset /allusers
EmptyTemp:
Double-click FRST64 to run the tool. If the tool warns you the version is outdated, please download and run the updated version.
Click the Fix button just once, and wait.
If you receive a message that a reboot is required, please make sure you allow it to restart normally.
The tool will complete its run after the restart.
When finished, the tool will make a log (Fixlog.txt) in the same location from where it was run. Please post the Fixlog.txt log in your reply.


NOTE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

STEP 2

Please download Junkware Removal Tool to your desktop.

Shut down your protection software now to avoid potential conflicts.
Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
The tool will open and start scanning your system.
Please be patient as this can take a while to complete depending on your system's specifications.
On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
Post the contents of JRT.txt into your next message.

=========================================================

Things I need to see in your next post:
  • Fixlog.txt
  • JRT.txt
__________________
tekir06 is offline  
Old 07-26-2016, 11:15 AM   #8
Registered Member
 
MentalParadox's Avatar
 
Join Date: Mar 2013
Location: Brasschaat, Belgium.
Posts: 131
OS: Windows 10 Home, 64bit



Fixlog:

Fix resultaat van Farbar Recovery Scan Tool (x64) Versie: 25-07-2016
Gestart door User (2016-07-26 19:53:10) Run:1
Gestart vanaf I:\
Geladen Profielen: User (Beschikbare Profielen: User)
Boot Modus: Normal
==============================================

fixlist inhoud:
*****************
CreateRestorePoint:
HKU\S-1-5-21-2689027922-2357379931-3514953091-1000\...\MountPoints2: {c22f7bcb-8f9f-11e2-80e8-806e6f6e6963} - D:\autorun.exe
GroupPolicy: Restrictie - Chrome <======= AANDACHT
CHR HKLM\SOFTWARE\Policies\Google: Restrictie <======= AANDACHT
BHO: GoSave -> {397a4a95-ebca-4775-9cd4-3ea401c7d7fc} -> C:\Program Files (x86)\GoSave\iAE6vcHfewkA9s.x64.dll => Geen bestand
BHO: YoutubeAdBlocke -> {7df28b6a-ad67-4f89-8d87-01ae25a07ad9} -> C:\Program Files (x86)\YoutubeAdBlocke\bicj1w5kcaP66P.x64.dll => Geen bestand
BHO-x32: GoSave -> {397a4a95-ebca-4775-9cd4-3ea401c7d7fc} -> C:\Program Files (x86)\GoSave\iAE6vcHfewkA9s.dll => Geen bestand
BHO-x32: YoutubeAdBlocke -> {7df28b6a-ad67-4f89-8d87-01ae25a07ad9} -> C:\Program Files (x86)\YoutubeAdBlocke\bicj1w5kcaP66P.dll => Geen bestand
FF Plugin: @microsoft.com/GENUINE -> disabled [Geen bestand]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Geen bestand]
U3 aahtrj3t; C:\Windows\System32\Drivers\aahtrj3t.sys [0 ] (Microsoft Corporation) <==== AANDACHT (nul byte bestand/map)
RemoveProxy:
CMD: bitsadmin /reset /allusers
EmptyTemp:
*****************

Herstelpunt is succesfol gemaakt.
"HKU\S-1-5-21-2689027922-2357379931-3514953091-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{c22f7bcb-8f9f-11e2-80e8-806e6f6e6963}" => sleutel is succesvol verwijderd.
HKCR\CLSID\{c22f7bcb-8f9f-11e2-80e8-806e6f6e6963} => sleutel niet gevonden.
C:\Windows\system32\GroupPolicy\Machine => is succesvol verplaatst.
C:\Windows\system32\GroupPolicy\GPT.ini => is succesvol verplaatst.
C:\Windows\SysWOW64\GroupPolicy\GPT.ini => is succesvol verplaatst.
"HKLM\SOFTWARE\Policies\Google" => sleutel is succesvol verwijderd.
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{397a4a95-ebca-4775-9cd4-3ea401c7d7fc}" => sleutel is succesvol verwijderd.
"HKCR\CLSID\{397a4a95-ebca-4775-9cd4-3ea401c7d7fc}" => sleutel is succesvol verwijderd.
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7df28b6a-ad67-4f89-8d87-01ae25a07ad9}" => sleutel is succesvol verwijderd.
"HKCR\CLSID\{7df28b6a-ad67-4f89-8d87-01ae25a07ad9}" => sleutel is succesvol verwijderd.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{397a4a95-ebca-4775-9cd4-3ea401c7d7fc}" => sleutel is succesvol verwijderd.
"HKCR\Wow6432Node\CLSID\{397a4a95-ebca-4775-9cd4-3ea401c7d7fc}" => sleutel is succesvol verwijderd.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7df28b6a-ad67-4f89-8d87-01ae25a07ad9}" => sleutel is succesvol verwijderd.
"HKCR\Wow6432Node\CLSID\{7df28b6a-ad67-4f89-8d87-01ae25a07ad9}" => sleutel is succesvol verwijderd.
"HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE" => sleutel is succesvol verwijderd.
"HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE" => sleutel is succesvol verwijderd.
aahtrj3t => dienst is succesvol verwijderd.

========= RemoveProxy: =========

HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => waarde is succesvol verwijderd.
HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => waarde is succesvol verwijderd.
HKU\S-1-5-21-2689027922-2357379931-3514953091-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => waarde is succesvol verwijderd.
HKU\S-1-5-21-2689027922-2357379931-3514953091-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => waarde is succesvol verwijderd.


========= Eind van RemoveProxy: =========


========= bitsadmin /reset /allusers =========


BITSADMIN version 3.0 [ 7.5.7601 ]
BITS administration utility.
(C) Copyright 2000-2006 Microsoft Corp.

BITSAdmin is deprecated and is not guaranteed to be available in future versions of Windows.
Administrative tools for the BITS service are now provided by BITS PowerShell cmdlets.

Unable to cancel {DB538F4A-966E-4E0B-827E-337E545BFBCD}.
Unable to cancel {06010D9C-2620-4D18-A111-5903D15FD62E}.
0 out of 2 jobs canceled.

========= Eind vanCMD: =========


=========== EmptyTemp: ==========

BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 186869310 B
Java, Flash, Steam htmlcache => 381662162 B
Windows/system/drivers => 634424392 B
Edge => 0 B
Chrome => 751782083 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Public => 0 B
ProgramData => 0 B
systemprofile => 33186 B
systemprofile32 => 76368 B
LocalService => 33058 B
NetworkService => 195224 B
User => 383319127 B

RecycleBin => 5165834 B
EmptyTemp: => 2.2 GB tijdelijke gegevens verwijderd.

================================


Het systeem moest herstart worden.

==== Eind van Fixlog 19:54:17 ====
MentalParadox is offline  
Old 07-26-2016, 11:15 AM   #9
Registered Member
 
MentalParadox's Avatar
 
Join Date: Mar 2013
Location: Brasschaat, Belgium.
Posts: 131
OS: Windows 10 Home, 64bit



JRT:

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.0.7 (07.03.2016)
Operating System: Windows 7 Home Premium x64
Ran by User (Administrator) on di 26/07/2016 at 2040,50
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




File System: 11

Successfully deleted: C:\ProgramData\drivergenius (Folder)
Successfully deleted: C:\ProgramData\summersoft (Folder)
Successfully deleted: C:\Users\User\AppData\Local\crashrpt (Folder)
Successfully deleted: C:\Users\User\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CQ6SIC9J (Temporary Internet Files Folder)
Successfully deleted: C:\Users\User\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\POSPMHM7 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\User\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\RV5W1TRZ (Temporary Internet Files Folder)
Successfully deleted: C:\Users\User\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZTSZRQ8B (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CQ6SIC9J (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\POSPMHM7 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\RV5W1TRZ (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZTSZRQ8B (Temporary Internet Files Folder)



Registry: 1

Successfully deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\GoogleChromeAutoLaunch_BCEA24321E5E4F1401136BBEDFB545FE (Registry Value)




~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on di 26/07/2016 at 20:11:27,15
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
MentalParadox is offline  
Old 07-27-2016, 03:56 AM   #10
Security Team
Analyst
 
tekir06's Avatar
 
Join Date: Oct 2010
Location: Turkiye
Posts: 1,859
OS: Windows 7 (32 Bit)



Hello MentalParadox,

Thanks for the logs. Please do the steps. Then please tell me How is the machine behaving now? What problems do you still have?

STEP 1

Please download Malwarebytes Anti-Malware and save it to your desktop.

Double-click mbam-setup-2.2.1.1043.exe and follow the prompts to install the program.
At the end, be sure a checkmark is placed next to the following:

  • Launch Malwarebytes Anti-Malware
  • A 14 day trial of the Premium features is pre-selected. You may deselect this if you wish, and it will not diminish the scanning and removal capabilities of the program.

Click Finish.
At the end of the installation, a database update will be performed.
Click on Scan Now.
A Threat Scan will begin.
When the scan is complete, if there have been detections, click Remove Selected to allow MBAM to clean what was detected.
In most cases, a restart will be required and a prompt will be shown.
Wait for the prompt to restart the computer to appear, then click on Yes.

Posting the Malwarebytes log:

After the restart once you are back at your desktop, open MBAM once more.
Click on the History tab > Application Logs.
Double click on the scan log which shows the Date and time of the scan just performed.
Click Export.
Click Text file (*.txt)
In the Save File dialog box which appears, click on Desktop.
In the File name: box type a name for your scan log.
A message box named File Saved should appear stating "Your file has been successfully exported".
Click Ok
Attach that saved log to your next reply.

STEP 2

Go here and click 'SCAN NOW' under 'ESET Online Scanner' to check for remnants.

You will be prompted to download and install esetonlinescanner_enu.exe. Click on the link and save the file to a convenient location.
Double-click on esetonlinescanner_enu.exe to install and a new window will open. Follow the prompts.
Turn off the real-time scanner of any existing antivirus program before performing the online scan. Here's how
At the bottom of the Terms of use window, tick the option Download latest version of ESET Online Scanner then click Accept
When/if prompted by UAC, 'Do you want to allow this app to make changes to your PC?', please choose Yes
Tick the option Enable detection of potentially unwanted applications
Click on Advanced settings
Make sure that the option Clean threats automatically is unticked.
Ensure these options are ticked:
  • Enable detection of potentially unsafe applications
  • Enable detection of suspicious applications
  • Scan archives
  • Enable Anti-Stealth technology

Click Scan
Wait for the scan to finish.
When the scan is done, if it shows a screen that says Threats found, click Save to text file... then name it and save it to your desktop.
Do NOT be alarmed by what you see in the report. Many of the finds have likely been quarantined.
Please copy/paste the contents of the log in your next reply.
To close ESET Online Scanner, select Do not clean then Finish


=======================================================

Things I need to see in your next post:
  • MBAM log
  • ESET log
  • Information about the status of the computer
__________________
tekir06 is offline  
Old 07-27-2016, 03:20 PM   #11
Registered Member
 
MentalParadox's Avatar
 
Join Date: Mar 2013
Location: Brasschaat, Belgium.
Posts: 131
OS: Windows 10 Home, 64bit



I'll execute those steps first thing in the morning. To answer your question: the initial problem is still there. The savegame files are still "JoniCoupon files".
MentalParadox is offline  
Old 07-28-2016, 10:04 AM   #12
Registered Member
 
MentalParadox's Avatar
 
Join Date: Mar 2013
Location: Brasschaat, Belgium.
Posts: 131
OS: Windows 10 Home, 64bit



Malwarebytes Anti-Malware:

www.malwarebytes.org

Scan Date: 28/07/2016
Scan Time: 16:20
Logfile: Malwarebytes Scan Log.txt
Administrator: Yes

Version: 2.2.1.1043
Malware Database: v2016.07.28.03
Rootkit Database: v2016.05.27.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled

OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: User

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 343465
Time Elapsed: 10 min, 59 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 9
PUP.Optional.MultiPlug, HKLM\SOFTWARE\CLASSES\INTERFACE\{7041156A-0D2B-4DCD-A8EE-D0608BFCB2D0}, Quarantined, [89dad455a4f663d32ec998fc43bf0bf5],
PUP.Optional.MultiPlug, HKLM\SOFTWARE\CLASSES\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755}, Quarantined, [6102b0793169a78f00f7cdc757abec14],
PUP.Optional.MultiPlug, HKLM\SOFTWARE\CLASSES\INTERFACE\{9B41579A-1996-42F9-8F84-7B7786818CEF}, Quarantined, [6102b0793169a78f00f7cdc757abec14],
PUP.Optional.MultiPlug, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{7041156A-0D2B-4DCD-A8EE-D0608BFCB2D0}, Quarantined, [6102b0793169a78f00f7cdc757abec14],
PUP.Optional.MultiPlug, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{9B41579A-1996-42F9-8F84-7B7786818CEF}, Quarantined, [6102b0793169a78f00f7cdc757abec14],
PUP.Optional.MultiPlug, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{7041156A-0D2B-4DCD-A8EE-D0608BFCB2D0}, Quarantined, [6102b0793169a78f00f7cdc757abec14],
PUP.Optional.MultiPlug, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{9B41579A-1996-42F9-8F84-7B7786818CEF}, Quarantined, [6102b0793169a78f00f7cdc757abec14],
PUP.Optional.MultiPlug, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755}, Quarantined, [1b4867c25b3f65d19562276dcd356898],
PUP.Optional.MultiPlug, HKLM\SOFTWARE\CLASSES\WOW6432NODE\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755}, Quarantined, [1f44f732abef2b0b0bec3460e220ed13],

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 96
PUP.Optional.MultiPlug, C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\120, Quarantined, [e87b41e8a5f5ea4c874fb81ed2305aa6],
PUP.Optional.MultiPlug, C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg, Quarantined, [e87b41e8a5f5ea4c874fb81ed2305aa6],
PUP.Optional.MultiPlug, C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\fnijgkdahkbdgcbeablcmfjophbhfgji\2.0, Quarantined, [62011910485255e10cca0acccb3702fe],
PUP.Optional.MultiPlug, C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\fnijgkdahkbdgcbeablcmfjophbhfgji, Quarantined, [62011910485255e10cca0acccb3702fe],
PUP.Optional.MultiPlug, C:\Users\ASPNET\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\120, Quarantined, [a2c154d57d1d072f5581a5313ec49f61],
PUP.Optional.MultiPlug, C:\Users\ASPNET\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg, Quarantined, [a2c154d57d1d072f5581a5313ec49f61],
PUP.Optional.MultiPlug, C:\Users\ASPNET\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\fnijgkdahkbdgcbeablcmfjophbhfgji\2.0, Quarantined, [f46fae7b8f0bbd795581bd1960a22dd3],
PUP.Optional.MultiPlug, C:\Users\ASPNET\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\fnijgkdahkbdgcbeablcmfjophbhfgji, Quarantined, [f46fae7b8f0bbd795581bd1960a22dd3],
PUP.Optional.MultiPlug, C:\Users\Gast\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\120, Quarantined, [60030e1bfaa07cba18be20b619e9fe02],
PUP.Optional.MultiPlug, C:\Users\Gast\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg, Quarantined, [60030e1bfaa07cba18be20b619e9fe02],
PUP.Optional.MultiPlug, C:\Users\Gast\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\fnijgkdahkbdgcbeablcmfjophbhfgji\2.0, Quarantined, [82e1939681197abcc5111eb88d75c63a],
PUP.Optional.MultiPlug, C:\Users\Gast\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\fnijgkdahkbdgcbeablcmfjophbhfgji, Quarantined, [82e1939681197abcc5111eb88d75c63a],
PUP.Optional.MultiPlug, C:\Users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\120, Quarantined, [99ca0425e8b2df579f37f4e2ec16ed13],
PUP.Optional.MultiPlug, C:\Users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg, Quarantined, [99ca0425e8b2df579f37f4e2ec16ed13],
PUP.Optional.MultiPlug, C:\Users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\fnijgkdahkbdgcbeablcmfjophbhfgji\2.0, Quarantined, [65fe2801e2b868cef4e207cfd42e6d93],
PUP.Optional.MultiPlug, C:\Users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\fnijgkdahkbdgcbeablcmfjophbhfgji, Quarantined, [65fe2801e2b868cef4e207cfd42e6d93],
PUP.Optional.MultiPlug, C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\120, Quarantined, [ff642ffa0e8ca78f6473855159a9bd43],
PUP.Optional.MultiPlug, C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg, Quarantined, [ff642ffa0e8ca78f6473855159a9bd43],
PUP.Optional.MultiPlug, C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\fnijgkdahkbdgcbeablcmfjophbhfgji\2.0, Quarantined, [b7acc0691783ad891cbb3e98c33f7f81],
PUP.Optional.MultiPlug, C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\fnijgkdahkbdgcbeablcmfjophbhfgji, Quarantined, [b7acc0691783ad891cbb3e98c33f7f81],
PUP.Optional.MultiPlug, C:\Users\ASPNET\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\120, Quarantined, [74efc1689ffb92a42cabe5f118ea0000],
PUP.Optional.MultiPlug, C:\Users\ASPNET\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg, Quarantined, [74efc1689ffb92a42cabe5f118ea0000],
PUP.Optional.MultiPlug, C:\Users\ASPNET\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\fnijgkdahkbdgcbeablcmfjophbhfgji\2.0, Quarantined, [b2b137f2b5e581b5686fbc1a12f043bd],
PUP.Optional.MultiPlug, C:\Users\ASPNET\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\fnijgkdahkbdgcbeablcmfjophbhfgji, Quarantined, [b2b137f2b5e581b5686fbc1a12f043bd],
PUP.Optional.MultiPlug, C:\Users\Gast\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\120, Quarantined, [b5aef4353f5b14227d5a9d399e64dd23],
PUP.Optional.MultiPlug, C:\Users\Gast\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg, Quarantined, [b5aef4353f5b14227d5a9d399e64dd23],
PUP.Optional.MultiPlug, C:\Users\Gast\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\fnijgkdahkbdgcbeablcmfjophbhfgji\2.0, Quarantined, [0360c465b1e9f83ea532a4324eb40af6],
PUP.Optional.MultiPlug, C:\Users\Gast\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\fnijgkdahkbdgcbeablcmfjophbhfgji, Quarantined, [0360c465b1e9f83ea532a4324eb40af6],
PUP.Optional.MultiPlug, C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\120, Quarantined, [66fd9c8d6a307bbb22b511c5e41e3fc1],
PUP.Optional.MultiPlug, C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg, Quarantined, [66fd9c8d6a307bbb22b511c5e41e3fc1],
PUP.Optional.MultiPlug, C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\fnijgkdahkbdgcbeablcmfjophbhfgji\2.0, Quarantined, [0d5673b6504aef47e4f35f77eb179868],
PUP.Optional.MultiPlug, C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\fnijgkdahkbdgcbeablcmfjophbhfgji, Quarantined, [0d5673b6504aef47e4f35f77eb179868],
PUP.Optional.MultiPlug, C:\Users\Administrator\AppData\Local\Torch\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\120, Quarantined, [0162a8816f2b8caa0ccc587e08faa759],
PUP.Optional.MultiPlug, C:\Users\Administrator\AppData\Local\Torch\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg, Quarantined, [0162a8816f2b8caa0ccc587e08faa759],
PUP.Optional.MultiPlug, C:\Users\Administrator\AppData\Local\Torch\User Data\Default\Extensions\fnijgkdahkbdgcbeablcmfjophbhfgji\2.0, Quarantined, [372c15140c8eba7c8850e0f6dc26d030],
PUP.Optional.MultiPlug, C:\Users\Administrator\AppData\Local\Torch\User Data\Default\Extensions\fnijgkdahkbdgcbeablcmfjophbhfgji, Quarantined, [372c15140c8eba7c8850e0f6dc26d030],
PUP.Optional.MultiPlug, C:\Users\ASPNET\AppData\Local\Torch\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\120, Quarantined, [c69d0425108ab97dd0088a4c986a639d],
PUP.Optional.MultiPlug, C:\Users\ASPNET\AppData\Local\Torch\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg, Quarantined, [c69d0425108ab97dd0088a4c986a639d],
PUP.Optional.MultiPlug, C:\Users\ASPNET\AppData\Local\Torch\User Data\Default\Extensions\fnijgkdahkbdgcbeablcmfjophbhfgji\2.0, Quarantined, [b0b34edb881201359b3dca0cd929867a],
PUP.Optional.MultiPlug, C:\Users\ASPNET\AppData\Local\Torch\User Data\Default\Extensions\fnijgkdahkbdgcbeablcmfjophbhfgji, Quarantined, [b0b34edb881201359b3dca0cd929867a],
PUP.Optional.MultiPlug, C:\Users\Gast\AppData\Local\Torch\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\120, Quarantined, [c59e7aaf207a2c0a4791c610936f40c0],
PUP.Optional.MultiPlug, C:\Users\Gast\AppData\Local\Torch\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg, Quarantined, [c59e7aaf207a2c0a4791c610936f40c0],
PUP.Optional.MultiPlug, C:\Users\Gast\AppData\Local\Torch\User Data\Default\Extensions\fnijgkdahkbdgcbeablcmfjophbhfgji\2.0, Quarantined, [fe65ed3c96040036f6e2e5f1eb175ba5],
PUP.Optional.MultiPlug, C:\Users\Gast\AppData\Local\Torch\User Data\Default\Extensions\fnijgkdahkbdgcbeablcmfjophbhfgji, Quarantined, [fe65ed3c96040036f6e2e5f1eb175ba5],
PUP.Optional.MultiPlug, C:\Users\HomeGroupUser$\AppData\Local\Torch\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\120, Quarantined, [53100c1d7822112504d41cbaa55ddb25],
PUP.Optional.MultiPlug, C:\Users\HomeGroupUser$\AppData\Local\Torch\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg, Quarantined, [53100c1d7822112504d41cbaa55ddb25],
PUP.Optional.MultiPlug, C:\Users\HomeGroupUser$\AppData\Local\Torch\User Data\Default\Extensions\fnijgkdahkbdgcbeablcmfjophbhfgji\2.0, Quarantined, [ca99cf5a8d0d0e28fcdc24b2a55d946c],
PUP.Optional.MultiPlug, C:\Users\HomeGroupUser$\AppData\Local\Torch\User Data\Default\Extensions\fnijgkdahkbdgcbeablcmfjophbhfgji, Quarantined, [ca99cf5a8d0d0e28fcdc24b2a55d946c],
PUP.Optional.MultiPlug, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\120, Quarantined, [144f14154c4e5bdb39941e8e34cf21df],
PUP.Optional.MultiPlug, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg, Quarantined, [144f14154c4e5bdb39941e8e34cf21df],
PUP.Optional.MultiPlug, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\fnijgkdahkbdgcbeablcmfjophbhfgji\2.0, Quarantined, [8fd412179109e452b518b3f92ad99f61],
PUP.Optional.MultiPlug, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\fnijgkdahkbdgcbeablcmfjophbhfgji, Quarantined, [8fd412179109e452b518b3f92ad99f61],
PUP.Optional.MultiPlug, C:\Users\ASPNET\AppData\Local\Google\Chrome\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\120, Quarantined, [cd9657d2faa0e74fbe0f2e7e24df857b],
PUP.Optional.MultiPlug, C:\Users\ASPNET\AppData\Local\Google\Chrome\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg, Quarantined, [cd9657d2faa0e74fbe0f2e7e24df857b],
PUP.Optional.MultiPlug, C:\Users\ASPNET\AppData\Local\Google\Chrome\User Data\Default\Extensions\fnijgkdahkbdgcbeablcmfjophbhfgji\2.0, Quarantined, [e97ad356f9a147ef8f3e57558281ee12],
PUP.Optional.MultiPlug, C:\Users\ASPNET\AppData\Local\Google\Chrome\User Data\Default\Extensions\fnijgkdahkbdgcbeablcmfjophbhfgji, Quarantined, [e97ad356f9a147ef8f3e57558281ee12],
PUP.Optional.MultiPlug, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\120, Quarantined, [d78c002919811026e8e5189437cc6a96],
PUP.Optional.MultiPlug, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg, Quarantined, [d78c002919811026e8e5189437cc6a96],
PUP.Optional.MultiPlug, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\fnijgkdahkbdgcbeablcmfjophbhfgji\2.0, Quarantined, [71f284a5bae045f1d4f94b612cd76f91],
PUP.Optional.MultiPlug, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\fnijgkdahkbdgcbeablcmfjophbhfgji, Quarantined, [71f284a5bae045f1d4f94b612cd76f91],
PUP.Optional.MultiPlug, C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\120, Quarantined, [590a9594fd9d14228e3f7834dc278a76],
PUP.Optional.MultiPlug, C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg, Quarantined, [590a9594fd9d14228e3f7834dc278a76],
PUP.Optional.MultiPlug, C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\fnijgkdahkbdgcbeablcmfjophbhfgji\2.0, Quarantined, [ef7412174b4f40f6bf0ee2ca44bf0af6],
PUP.Optional.MultiPlug, C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\fnijgkdahkbdgcbeablcmfjophbhfgji, Quarantined, [ef7412174b4f40f6bf0ee2ca44bf0af6],
PUP.Optional.Chromatic, C:\Users\Administrator\AppData\Local\Chromatic Browser, Quarantined, [f86be742adeddd599b0903bfcf3310f0],
PUP.Optional.Chromatic, C:\Users\Administrator\AppData\Local\Chromatic Browser\User Data, Quarantined, [f86be742adeddd599b0903bfcf3310f0],
PUP.Optional.Chromatic, C:\Users\Administrator\AppData\Local\Chromatic Browser\User Data\Default, Quarantined, [f86be742adeddd599b0903bfcf3310f0],
PUP.Optional.Chromatic, C:\Users\Administrator\AppData\Local\Chromatic Browser\User Data\Default\Extensions, Quarantined, [f86be742adeddd599b0903bfcf3310f0],
PUP.Optional.Chromatic, C:\Users\Administrator\AppData\Local\Chromatic Browser\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg, Quarantined, [f86be742adeddd599b0903bfcf3310f0],
PUP.Optional.Chromatic, C:\Users\Administrator\AppData\Local\Chromatic Browser\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\120, Quarantined, [f86be742adeddd599b0903bfcf3310f0],
PUP.Optional.Chromatic, C:\Users\Administrator\AppData\Local\Chromatic Browser\User Data\Default\Extensions\fnijgkdahkbdgcbeablcmfjophbhfgji, Quarantined, [f86be742adeddd599b0903bfcf3310f0],
PUP.Optional.Chromatic, C:\Users\Administrator\AppData\Local\Chromatic Browser\User Data\Default\Extensions\fnijgkdahkbdgcbeablcmfjophbhfgji\2.0, Quarantined, [f86be742adeddd599b0903bfcf3310f0],
PUP.Optional.Chromatic, C:\Users\ASPNET\AppData\Local\Chromatic Browser, Quarantined, [422115141288ec4a188cc6fc4ab820e0],
PUP.Optional.Chromatic, C:\Users\ASPNET\AppData\Local\Chromatic Browser\User Data, Quarantined, [422115141288ec4a188cc6fc4ab820e0],
PUP.Optional.Chromatic, C:\Users\ASPNET\AppData\Local\Chromatic Browser\User Data\Default, Quarantined, [422115141288ec4a188cc6fc4ab820e0],
PUP.Optional.Chromatic, C:\Users\ASPNET\AppData\Local\Chromatic Browser\User Data\Default\Extensions, Quarantined, [422115141288ec4a188cc6fc4ab820e0],
PUP.Optional.Chromatic, C:\Users\ASPNET\AppData\Local\Chromatic Browser\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg, Quarantined, [422115141288ec4a188cc6fc4ab820e0],
PUP.Optional.Chromatic, C:\Users\ASPNET\AppData\Local\Chromatic Browser\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\120, Quarantined, [422115141288ec4a188cc6fc4ab820e0],
PUP.Optional.Chromatic, C:\Users\ASPNET\AppData\Local\Chromatic Browser\User Data\Default\Extensions\fnijgkdahkbdgcbeablcmfjophbhfgji, Quarantined, [422115141288ec4a188cc6fc4ab820e0],
PUP.Optional.Chromatic, C:\Users\ASPNET\AppData\Local\Chromatic Browser\User Data\Default\Extensions\fnijgkdahkbdgcbeablcmfjophbhfgji\2.0, Quarantined, [422115141288ec4a188cc6fc4ab820e0],
PUP.Optional.Chromatic, C:\Users\Gast\AppData\Local\Chromatic Browser, Quarantined, [99ca8e9b564466d0f0b4f7cba65c6898],
PUP.Optional.Chromatic, C:\Users\Gast\AppData\Local\Chromatic Browser\User Data, Quarantined, [99ca8e9b564466d0f0b4f7cba65c6898],
PUP.Optional.Chromatic, C:\Users\Gast\AppData\Local\Chromatic Browser\User Data\Default, Quarantined, [99ca8e9b564466d0f0b4f7cba65c6898],
PUP.Optional.Chromatic, C:\Users\Gast\AppData\Local\Chromatic Browser\User Data\Default\Extensions, Quarantined, [99ca8e9b564466d0f0b4f7cba65c6898],
PUP.Optional.Chromatic, C:\Users\Gast\AppData\Local\Chromatic Browser\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg, Quarantined, [99ca8e9b564466d0f0b4f7cba65c6898],
PUP.Optional.Chromatic, C:\Users\Gast\AppData\Local\Chromatic Browser\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\120, Quarantined, [99ca8e9b564466d0f0b4f7cba65c6898],
PUP.Optional.Chromatic, C:\Users\Gast\AppData\Local\Chromatic Browser\User Data\Default\Extensions\fnijgkdahkbdgcbeablcmfjophbhfgji, Quarantined, [99ca8e9b564466d0f0b4f7cba65c6898],
PUP.Optional.Chromatic, C:\Users\Gast\AppData\Local\Chromatic Browser\User Data\Default\Extensions\fnijgkdahkbdgcbeablcmfjophbhfgji\2.0, Quarantined, [99ca8e9b564466d0f0b4f7cba65c6898],
PUP.Optional.Chromatic, C:\Users\HomeGroupUser$\AppData\Local\Chromatic Browser, Quarantined, [cd961a0fe6b4bf77079dc7fb9b671ee2],
PUP.Optional.Chromatic, C:\Users\HomeGroupUser$\AppData\Local\Chromatic Browser\User Data, Quarantined, [cd961a0fe6b4bf77079dc7fb9b671ee2],
PUP.Optional.Chromatic, C:\Users\HomeGroupUser$\AppData\Local\Chromatic Browser\User Data\Default, Quarantined, [cd961a0fe6b4bf77079dc7fb9b671ee2],
PUP.Optional.Chromatic, C:\Users\HomeGroupUser$\AppData\Local\Chromatic Browser\User Data\Default\Extensions, Quarantined, [cd961a0fe6b4bf77079dc7fb9b671ee2],
PUP.Optional.Chromatic, C:\Users\HomeGroupUser$\AppData\Local\Chromatic Browser\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg, Quarantined, [cd961a0fe6b4bf77079dc7fb9b671ee2],
PUP.Optional.Chromatic, C:\Users\HomeGroupUser$\AppData\Local\Chromatic Browser\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\120, Quarantined, [cd961a0fe6b4bf77079dc7fb9b671ee2],
PUP.Optional.Chromatic, C:\Users\HomeGroupUser$\AppData\Local\Chromatic Browser\User Data\Default\Extensions\fnijgkdahkbdgcbeablcmfjophbhfgji, Quarantined, [cd961a0fe6b4bf77079dc7fb9b671ee2],
PUP.Optional.Chromatic, C:\Users\HomeGroupUser$\AppData\Local\Chromatic Browser\User Data\Default\Extensions\fnijgkdahkbdgcbeablcmfjophbhfgji\2.0, Quarantined, [cd961a0fe6b4bf77079dc7fb9b671ee2],

Files: 203
Adware.Agent, C:\ProgramData\InstallMate\{E60F9239-C060-4B4D-A9A6-88423DECB0CF}\Custom.dll, Quarantined, [293a7aaf6f2bd6605e14bafba45cea16],
VirTool.Obfuscator, C:\Program Files (x86)\Saints Row IV\steam_api.dll, Quarantined, [b8ab3deccfcb94a25b6326837789e31d],
RiskWare.GameHack, C:\Program Files (x86)\Wolfenstein The New Order\steam_api64.dll, Quarantined, [a6bdbd6cb0ea04324d0cffa97b898d73],
PUP.Optional.MultiPlug, C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\120\lsdb.js, Quarantined, [e87b41e8a5f5ea4c874fb81ed2305aa6],
PUP.Optional.MultiPlug, C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\120\background.html, Quarantined, [e87b41e8a5f5ea4c874fb81ed2305aa6],
PUP.Optional.MultiPlug, C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\120\content.js, Quarantined, [e87b41e8a5f5ea4c874fb81ed2305aa6],
PUP.Optional.MultiPlug, C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\120\ezWq5HefLQ.js, Quarantined, [e87b41e8a5f5ea4c874fb81ed2305aa6],
PUP.Optional.MultiPlug, C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\120\manifest.json, Quarantined, [e87b41e8a5f5ea4c874fb81ed2305aa6],
PUP.Optional.MultiPlug, C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\fnijgkdahkbdgcbeablcmfjophbhfgji\2.0\lsdb.js, Quarantined, [62011910485255e10cca0acccb3702fe],
PUP.Optional.MultiPlug, C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\fnijgkdahkbdgcbeablcmfjophbhfgji\2.0\background.html, Quarantined, [62011910485255e10cca0acccb3702fe],
PUP.Optional.MultiPlug, C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\fnijgkdahkbdgcbeablcmfjophbhfgji\2.0\content.js, Quarantined, [62011910485255e10cca0acccb3702fe],
PUP.Optional.MultiPlug, C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\fnijgkdahkbdgcbeablcmfjophbhfgji\2.0\EJF.js, Quarantined, [62011910485255e10cca0acccb3702fe],
PUP.Optional.MultiPlug, C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\fnijgkdahkbdgcbeablcmfjophbhfgji\2.0\manifest.json, Quarantined, [62011910485255e10cca0acccb3702fe],
PUP.Optional.MultiPlug, C:\Users\ASPNET\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\120\lsdb.js, Quarantined, [a2c154d57d1d072f5581a5313ec49f61],
PUP.Optional.MultiPlug, C:\Users\ASPNET\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\120\background.html, Quarantined, [a2c154d57d1d072f5581a5313ec49f61],
PUP.Optional.MultiPlug, C:\Users\ASPNET\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\120\content.js, Quarantined, [a2c154d57d1d072f5581a5313ec49f61],
PUP.Optional.MultiPlug, C:\Users\ASPNET\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\120\ezWq5HefLQ.js, Quarantined, [a2c154d57d1d072f5581a5313ec49f61],
PUP.Optional.MultiPlug, C:\Users\ASPNET\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\120\manifest.json, Quarantined, [a2c154d57d1d072f5581a5313ec49f61],
PUP.Optional.MultiPlug, C:\Users\ASPNET\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\fnijgkdahkbdgcbeablcmfjophbhfgji\2.0\lsdb.js, Quarantined, [f46fae7b8f0bbd795581bd1960a22dd3],
PUP.Optional.MultiPlug, C:\Users\ASPNET\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\fnijgkdahkbdgcbeablcmfjophbhfgji\2.0\background.html, Quarantined, [f46fae7b8f0bbd795581bd1960a22dd3],
PUP.Optional.MultiPlug, C:\Users\ASPNET\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\fnijgkdahkbdgcbeablcmfjophbhfgji\2.0\content.js, Quarantined, [f46fae7b8f0bbd795581bd1960a22dd3],
PUP.Optional.MultiPlug, C:\Users\ASPNET\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\fnijgkdahkbdgcbeablcmfjophbhfgji\2.0\EJF.js, Quarantined, [f46fae7b8f0bbd795581bd1960a22dd3],
PUP.Optional.MultiPlug, C:\Users\ASPNET\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\fnijgkdahkbdgcbeablcmfjophbhfgji\2.0\manifest.json, Quarantined, [f46fae7b8f0bbd795581bd1960a22dd3],
PUP.Optional.MultiPlug, C:\Users\Gast\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\120\lsdb.js, Quarantined, [60030e1bfaa07cba18be20b619e9fe02],
PUP.Optional.MultiPlug, C:\Users\Gast\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\120\background.html, Quarantined, [60030e1bfaa07cba18be20b619e9fe02],
PUP.Optional.MultiPlug, C:\Users\Gast\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\120\content.js, Quarantined, [60030e1bfaa07cba18be20b619e9fe02],
PUP.Optional.MultiPlug, C:\Users\Gast\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\120\ezWq5HefLQ.js, Quarantined, [60030e1bfaa07cba18be20b619e9fe02],
PUP.Optional.MultiPlug, C:\Users\Gast\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\120\manifest.json, Quarantined, [60030e1bfaa07cba18be20b619e9fe02],
PUP.Optional.MultiPlug, C:\Users\Gast\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\fnijgkdahkbdgcbeablcmfjophbhfgji\2.0\lsdb.js, Quarantined, [82e1939681197abcc5111eb88d75c63a],
PUP.Optional.MultiPlug, C:\Users\Gast\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\fnijgkdahkbdgcbeablcmfjophbhfgji\2.0\background.html, Quarantined, [82e1939681197abcc5111eb88d75c63a],
PUP.Optional.MultiPlug, C:\Users\Gast\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\fnijgkdahkbdgcbeablcmfjophbhfgji\2.0\content.js, Quarantined, [82e1939681197abcc5111eb88d75c63a],
PUP.Optional.MultiPlug, C:\Users\Gast\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\fnijgkdahkbdgcbeablcmfjophbhfgji\2.0\EJF.js, Quarantined, [82e1939681197abcc5111eb88d75c63a],
PUP.Optional.MultiPlug, C:\Users\Gast\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\fnijgkdahkbdgcbeablcmfjophbhfgji\2.0\manifest.json, Quarantined, [82e1939681197abcc5111eb88d75c63a],
PUP.Optional.MultiPlug, C:\Users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\120\lsdb.js, Quarantined, [99ca0425e8b2df579f37f4e2ec16ed13],
PUP.Optional.MultiPlug, C:\Users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\120\background.html, Quarantined, [99ca0425e8b2df579f37f4e2ec16ed13],
PUP.Optional.MultiPlug, C:\Users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\120\content.js, Quarantined, [99ca0425e8b2df579f37f4e2ec16ed13],
PUP.Optional.MultiPlug, C:\Users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\120\ezWq5HefLQ.js, Quarantined, [99ca0425e8b2df579f37f4e2ec16ed13],
PUP.Optional.MultiPlug, C:\Users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\120\manifest.json, Quarantined, [99ca0425e8b2df579f37f4e2ec16ed13],
PUP.Optional.MultiPlug, C:\Users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\fnijgkdahkbdgcbeablcmfjophbhfgji\2.0\lsdb.js, Quarantined, [65fe2801e2b868cef4e207cfd42e6d93],
PUP.Optional.MultiPlug, C:\Users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\fnijgkdahkbdgcbeablcmfjophbhfgji\2.0\background.html, Quarantined, [65fe2801e2b868cef4e207cfd42e6d93],
PUP.Optional.MultiPlug, C:\Users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\fnijgkdahkbdgcbeablcmfjophbhfgji\2.0\content.js, Quarantined, [65fe2801e2b868cef4e207cfd42e6d93],
PUP.Optional.MultiPlug, C:\Users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\fnijgkdahkbdgcbeablcmfjophbhfgji\2.0\EJF.js, Quarantined, [65fe2801e2b868cef4e207cfd42e6d93],
PUP.Optional.MultiPlug, C:\Users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\fnijgkdahkbdgcbeablcmfjophbhfgji\2.0\manifest.json, Quarantined, [65fe2801e2b868cef4e207cfd42e6d93],
PUP.Optional.MultiPlug, C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\120\lsdb.js, Quarantined, [ff642ffa0e8ca78f6473855159a9bd43],
PUP.Optional.MultiPlug, C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\120\background.html, Quarantined, [ff642ffa0e8ca78f6473855159a9bd43],
PUP.Optional.MultiPlug, C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\120\content.js, Quarantined, [ff642ffa0e8ca78f6473855159a9bd43],
PUP.Optional.MultiPlug, C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\120\ezWq5HefLQ.js, Quarantined, [ff642ffa0e8ca78f6473855159a9bd43],
PUP.Optional.MultiPlug, C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\120\manifest.json, Quarantined, [ff642ffa0e8ca78f6473855159a9bd43],
PUP.Optional.MultiPlug, C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\fnijgkdahkbdgcbeablcmfjophbhfgji\2.0\lsdb.js, Quarantined, [b7acc0691783ad891cbb3e98c33f7f81],
PUP.Optional.MultiPlug, C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\fnijgkdahkbdgcbeablcmfjophbhfgji\2.0\background.html, Quarantined, [b7acc0691783ad891cbb3e98c33f7f81],
PUP.Optional.MultiPlug, C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\fnijgkdahkbdgcbeablcmfjophbhfgji\2.0\content.js, Quarantined, [b7acc0691783ad891cbb3e98c33f7f81],
PUP.Optional.MultiPlug, C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\fnijgkdahkbdgcbeablcmfjophbhfgji\2.0\EJF.js, Quarantined, [b7acc0691783ad891cbb3e98c33f7f81],
PUP.Optional.MultiPlug, C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\fnijgkdahkbdgcbeablcmfjophbhfgji\2.0\manifest.json, Quarantined, [b7acc0691783ad891cbb3e98c33f7f81],
PUP.Optional.MultiPlug, C:\Users\ASPNET\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\120\lsdb.js, Quarantined, [74efc1689ffb92a42cabe5f118ea0000],
PUP.Optional.MultiPlug, C:\Users\ASPNET\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\120\background.html, Quarantined, [74efc1689ffb92a42cabe5f118ea0000],
PUP.Optional.MultiPlug, C:\Users\ASPNET\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\120\content.js, Quarantined, [74efc1689ffb92a42cabe5f118ea0000],
PUP.Optional.MultiPlug, C:\Users\ASPNET\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\120\ezWq5HefLQ.js, Quarantined, [74efc1689ffb92a42cabe5f118ea0000],
PUP.Optional.MultiPlug, C:\Users\ASPNET\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\120\manifest.json, Quarantined, [74efc1689ffb92a42cabe5f118ea0000],
PUP.Optional.MultiPlug, C:\Users\ASPNET\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\fnijgkdahkbdgcbeablcmfjophbhfgji\2.0\lsdb.js, Quarantined, [b2b137f2b5e581b5686fbc1a12f043bd],
PUP.Optional.MultiPlug, C:\Users\ASPNET\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\fnijgkdahkbdgcbeablcmfjophbhfgji\2.0\background.html, Quarantined, [b2b137f2b5e581b5686fbc1a12f043bd],
PUP.Optional.MultiPlug, C:\Users\ASPNET\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\fnijgkdahkbdgcbeablcmfjophbhfgji\2.0\content.js, Quarantined, [b2b137f2b5e581b5686fbc1a12f043bd],
PUP.Optional.MultiPlug, C:\Users\ASPNET\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\fnijgkdahkbdgcbeablcmfjophbhfgji\2.0\EJF.js, Quarantined, [b2b137f2b5e581b5686fbc1a12f043bd],
PUP.Optional.MultiPlug, C:\Users\ASPNET\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\fnijgkdahkbdgcbeablcmfjophbhfgji\2.0\manifest.json, Quarantined, [b2b137f2b5e581b5686fbc1a12f043bd],
PUP.Optional.MultiPlug, C:\Users\Gast\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\120\lsdb.js, Quarantined, [b5aef4353f5b14227d5a9d399e64dd23],
PUP.Optional.MultiPlug, C:\Users\Gast\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\120\background.html, Quarantined, [b5aef4353f5b14227d5a9d399e64dd23],
PUP.Optional.MultiPlug, C:\Users\Gast\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\120\content.js, Quarantined, [b5aef4353f5b14227d5a9d399e64dd23],
PUP.Optional.MultiPlug, C:\Users\Gast\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\120\ezWq5HefLQ.js, Quarantined, [b5aef4353f5b14227d5a9d399e64dd23],
PUP.Optional.MultiPlug, C:\Users\Gast\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\120\manifest.json, Quarantined, [b5aef4353f5b14227d5a9d399e64dd23],
PUP.Optional.MultiPlug, C:\Users\Gast\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\fnijgkdahkbdgcbeablcmfjophbhfgji\2.0\lsdb.js, Quarantined, [0360c465b1e9f83ea532a4324eb40af6],
PUP.Optional.MultiPlug, C:\Users\Gast\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\fnijgkdahkbdgcbeablcmfjophbhfgji\2.0\background.html, Quarantined, [0360c465b1e9f83ea532a4324eb40af6],
PUP.Optional.MultiPlug, C:\Users\Gast\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\fnijgkdahkbdgcbeablcmfjophbhfgji\2.0\content.js, Quarantined, [0360c465b1e9f83ea532a4324eb40af6],
PUP.Optional.MultiPlug, C:\Users\Gast\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\fnijgkdahkbdgcbeablcmfjophbhfgji\2.0\EJF.js, Quarantined, [0360c465b1e9f83ea532a4324eb40af6],
PUP.Optional.MultiPlug, C:\Users\Gast\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\fnijgkdahkbdgcbeablcmfjophbhfgji\2.0\manifest.json, Quarantined, [0360c465b1e9f83ea532a4324eb40af6],
PUP.Optional.MultiPlug, C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\120\lsdb.js, Quarantined, [66fd9c8d6a307bbb22b511c5e41e3fc1],
PUP.Optional.MultiPlug, C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\120\background.html, Quarantined, [66fd9c8d6a307bbb22b511c5e41e3fc1],
PUP.Optional.MultiPlug, C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\120\content.js, Quarantined, [66fd9c8d6a307bbb22b511c5e41e3fc1],
PUP.Optional.MultiPlug, C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\120\ezWq5HefLQ.js, Quarantined, [66fd9c8d6a307bbb22b511c5e41e3fc1],
PUP.Optional.MultiPlug, C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\120\manifest.json, Quarantined, [66fd9c8d6a307bbb22b511c5e41e3fc1],
PUP.Optional.MultiPlug, C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\fnijgkdahkbdgcbeablcmfjophbhfgji\2.0\lsdb.js, Quarantined, [0d5673b6504aef47e4f35f77eb179868],
PUP.Optional.MultiPlug, C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\fnijgkdahkbdgcbeablcmfjophbhfgji\2.0\background.html, Quarantined, [0d5673b6504aef47e4f35f77eb179868],
PUP.Optional.MultiPlug, C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\fnijgkdahkbdgcbeablcmfjophbhfgji\2.0\content.js, Quarantined, [0d5673b6504aef47e4f35f77eb179868],
PUP.Optional.MultiPlug, C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\fnijgkdahkbdgcbeablcmfjophbhfgji\2.0\EJF.js, Quarantined, [0d5673b6504aef47e4f35f77eb179868],
PUP.Optional.MultiPlug, C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\fnijgkdahkbdgcbeablcmfjophbhfgji\2.0\manifest.json, Quarantined, [0d5673b6504aef47e4f35f77eb179868],
PUP.Optional.MultiPlug, C:\Users\Administrator\AppData\Local\Torch\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\120\lsdb.js, Quarantined, [0162a8816f2b8caa0ccc587e08faa759],
PUP.Optional.MultiPlug, C:\Users\Administrator\AppData\Local\Torch\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\120\background.html, Quarantined, [0162a8816f2b8caa0ccc587e08faa759],
PUP.Optional.MultiPlug, C:\Users\Administrator\AppData\Local\Torch\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\120\content.js, Quarantined, [0162a8816f2b8caa0ccc587e08faa759],
PUP.Optional.MultiPlug, C:\Users\Administrator\AppData\Local\Torch\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\120\ezWq5HefLQ.js, Quarantined, [0162a8816f2b8caa0ccc587e08faa759],
PUP.Optional.MultiPlug, C:\Users\Administrator\AppData\Local\Torch\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\120\manifest.json, Quarantined, [0162a8816f2b8caa0ccc587e08faa759],
PUP.Optional.MultiPlug, C:\Users\Administrator\AppData\Local\Torch\User Data\Default\Extensions\fnijgkdahkbdgcbeablcmfjophbhfgji\2.0\lsdb.js, Quarantined, [372c15140c8eba7c8850e0f6dc26d030],
PUP.Optional.MultiPlug, C:\Users\Administrator\AppData\Local\Torch\User Data\Default\Extensions\fnijgkdahkbdgcbeablcmfjophbhfgji\2.0\background.html, Quarantined, [372c15140c8eba7c8850e0f6dc26d030],
PUP.Optional.MultiPlug, C:\Users\Administrator\AppData\Local\Torch\User Data\Default\Extensions\fnijgkdahkbdgcbeablcmfjophbhfgji\2.0\content.js, Quarantined, [372c15140c8eba7c8850e0f6dc26d030],
PUP.Optional.MultiPlug, C:\Users\Administrator\AppData\Local\Torch\User Data\Default\Extensions\fnijgkdahkbdgcbeablcmfjophbhfgji\2.0\EJF.js, Quarantined, [372c15140c8eba7c8850e0f6dc26d030],
PUP.Optional.MultiPlug, C:\Users\Administrator\AppData\Local\Torch\User Data\Default\Extensions\fnijgkdahkbdgcbeablcmfjophbhfgji\2.0\manifest.json, Quarantined, [372c15140c8eba7c8850e0f6dc26d030],
PUP.Optional.MultiPlug, C:\Users\ASPNET\AppData\Local\Torch\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\120\lsdb.js, Quarantined, [c69d0425108ab97dd0088a4c986a639d],
PUP.Optional.MultiPlug, C:\Users\ASPNET\AppData\Local\Torch\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\120\background.html, Quarantined, [c69d0425108ab97dd0088a4c986a639d],
PUP.Optional.MultiPlug, C:\Users\ASPNET\AppData\Local\Torch\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\120\content.js, Quarantined, [c69d0425108ab97dd0088a4c986a639d],
PUP.Optional.MultiPlug, C:\Users\ASPNET\AppData\Local\Torch\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\120\ezWq5HefLQ.js, Quarantined, [c69d0425108ab97dd0088a4c986a639d],
PUP.Optional.MultiPlug, C:\Users\ASPNET\AppData\Local\Torch\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\120\manifest.json, Quarantined, [c69d0425108ab97dd0088a4c986a639d],
PUP.Optional.MultiPlug, C:\Users\ASPNET\AppData\Local\Torch\User Data\Default\Extensions\fnijgkdahkbdgcbeablcmfjophbhfgji\2.0\lsdb.js, Quarantined, [b0b34edb881201359b3dca0cd929867a],
PUP.Optional.MultiPlug, C:\Users\ASPNET\AppData\Local\Torch\User Data\Default\Extensions\fnijgkdahkbdgcbeablcmfjophbhfgji\2.0\background.html, Quarantined, [b0b34edb881201359b3dca0cd929867a],
PUP.Optional.MultiPlug, C:\Users\ASPNET\AppData\Local\Torch\User Data\Default\Extensions\fnijgkdahkbdgcbeablcmfjophbhfgji\2.0\content.js, Quarantined, [b0b34edb881201359b3dca0cd929867a],
PUP.Optional.MultiPlug, C:\Users\ASPNET\AppData\Local\Torch\User Data\Default\Extensions\fnijgkdahkbdgcbeablcmfjophbhfgji\2.0\EJF.js, Quarantined, [b0b34edb881201359b3dca0cd929867a],
PUP.Optional.MultiPlug, C:\Users\ASPNET\AppData\Local\Torch\User Data\Default\Extensions\fnijgkdahkbdgcbeablcmfjophbhfgji\2.0\manifest.json, Quarantined, [b0b34edb881201359b3dca0cd929867a],
PUP.Optional.MultiPlug, C:\Users\Gast\AppData\Local\Torch\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\120\lsdb.js, Quarantined, [c59e7aaf207a2c0a4791c610936f40c0],
PUP.Optional.MultiPlug, C:\Users\Gast\AppData\Local\Torch\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\120\background.html, Quarantined, [c59e7aaf207a2c0a4791c610936f40c0],
PUP.Optional.MultiPlug, C:\Users\Gast\AppData\Local\Torch\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\120\content.js, Quarantined, [c59e7aaf207a2c0a4791c610936f40c0],
PUP.Optional.MultiPlug, C:\Users\Gast\AppData\Local\Torch\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\120\ezWq5HefLQ.js, Quarantined, [c59e7aaf207a2c0a4791c610936f40c0],
PUP.Optional.MultiPlug, C:\Users\Gast\AppData\Local\Torch\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\120\manifest.json, Quarantined, [c59e7aaf207a2c0a4791c610936f40c0],
PUP.Optional.MultiPlug, C:\Users\Gast\AppData\Local\Torch\User Data\Default\Extensions\fnijgkdahkbdgcbeablcmfjophbhfgji\2.0\lsdb.js, Quarantined, [fe65ed3c96040036f6e2e5f1eb175ba5],
PUP.Optional.MultiPlug, C:\Users\Gast\AppData\Local\Torch\User Data\Default\Extensions\fnijgkdahkbdgcbeablcmfjophbhfgji\2.0\background.html, Quarantined, [fe65ed3c96040036f6e2e5f1eb175ba5],
PUP.Optional.MultiPlug, C:\Users\Gast\AppData\Local\Torch\User Data\Default\Extensions\fnijgkdahkbdgcbeablcmfjophbhfgji\2.0\content.js, Quarantined, [fe65ed3c96040036f6e2e5f1eb175ba5],
PUP.Optional.MultiPlug, C:\Users\Gast\AppData\Local\Torch\User Data\Default\Extensions\fnijgkdahkbdgcbeablcmfjophbhfgji\2.0\EJF.js, Quarantined, [fe65ed3c96040036f6e2e5f1eb175ba5],
PUP.Optional.MultiPlug, C:\Users\Gast\AppData\Local\Torch\User Data\Default\Extensions\fnijgkdahkbdgcbeablcmfjophbhfgji\2.0\manifest.json, Quarantined, [fe65ed3c96040036f6e2e5f1eb175ba5],
PUP.Optional.MultiPlug, C:\Users\HomeGroupUser$\AppData\Local\Torch\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\120\lsdb.js, Quarantined, [53100c1d7822112504d41cbaa55ddb25],
PUP.Optional.MultiPlug, C:\Users\HomeGroupUser$\AppData\Local\Torch\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\120\background.html, Quarantined, [53100c1d7822112504d41cbaa55ddb25],
PUP.Optional.MultiPlug, C:\Users\HomeGroupUser$\AppData\Local\Torch\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\120\content.js, Quarantined, [53100c1d7822112504d41cbaa55ddb25],
PUP.Optional.MultiPlug, C:\Users\HomeGroupUser$\AppData\Local\Torch\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\120\ezWq5HefLQ.js, Quarantined, [53100c1d7822112504d41cbaa55ddb25],
PUP.Optional.MultiPlug, C:\Users\HomeGroupUser$\AppData\Local\Torch\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\120\manifest.json, Quarantined, [53100c1d7822112504d41cbaa55ddb25],
PUP.Optional.MultiPlug, C:\Users\HomeGroupUser$\AppData\Local\Torch\User Data\Default\Extensions\fnijgkdahkbdgcbeablcmfjophbhfgji\2.0\lsdb.js, Quarantined, [ca99cf5a8d0d0e28fcdc24b2a55d946c],
PUP.Optional.MultiPlug, C:\Users\HomeGroupUser$\AppData\Local\Torch\User Data\Default\Extensions\fnijgkdahkbdgcbeablcmfjophbhfgji\2.0\background.html, Quarantined, [ca99cf5a8d0d0e28fcdc24b2a55d946c],
PUP.Optional.MultiPlug, C:\Users\HomeGroupUser$\AppData\Local\Torch\User Data\Default\Extensions\fnijgkdahkbdgcbeablcmfjophbhfgji\2.0\content.js, Quarantined, [ca99cf5a8d0d0e28fcdc24b2a55d946c],
PUP.Optional.MultiPlug, C:\Users\HomeGroupUser$\AppData\Local\Torch\User Data\Default\Extensions\fnijgkdahkbdgcbeablcmfjophbhfgji\2.0\EJF.js, Quarantined, [ca99cf5a8d0d0e28fcdc24b2a55d946c],
PUP.Optional.MultiPlug, C:\Users\HomeGroupUser$\AppData\Local\Torch\User Data\Default\Extensions\fnijgkdahkbdgcbeablcmfjophbhfgji\2.0\manifest.json, Quarantined, [ca99cf5a8d0d0e28fcdc24b2a55d946c],
PUP.Optional.MultiPlug, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\120\lsdb.js, Quarantined, [144f14154c4e5bdb39941e8e34cf21df],
PUP.Optional.MultiPlug, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\120\background.html, Quarantined, [144f14154c4e5bdb39941e8e34cf21df],
PUP.Optional.MultiPlug, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\120\content.js, Quarantined, [144f14154c4e5bdb39941e8e34cf21df],
PUP.Optional.MultiPlug, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\120\ezWq5HefLQ.js, Quarantined, [144f14154c4e5bdb39941e8e34cf21df],
PUP.Optional.MultiPlug, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\120\manifest.json, Quarantined, [144f14154c4e5bdb39941e8e34cf21df],
PUP.Optional.MultiPlug, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\fnijgkdahkbdgcbeablcmfjophbhfgji\2.0\lsdb.js, Quarantined, [8fd412179109e452b518b3f92ad99f61],
PUP.Optional.MultiPlug, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\fnijgkdahkbdgcbeablcmfjophbhfgji\2.0\background.html, Quarantined, [8fd412179109e452b518b3f92ad99f61],
PUP.Optional.MultiPlug, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\fnijgkdahkbdgcbeablcmfjophbhfgji\2.0\content.js, Quarantined, [8fd412179109e452b518b3f92ad99f61],
PUP.Optional.MultiPlug, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\fnijgkdahkbdgcbeablcmfjophbhfgji\2.0\EJF.js, Quarantined, [8fd412179109e452b518b3f92ad99f61],
PUP.Optional.MultiPlug, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\fnijgkdahkbdgcbeablcmfjophbhfgji\2.0\manifest.json, Quarantined, [8fd412179109e452b518b3f92ad99f61],
PUP.Optional.MultiPlug, C:\Users\ASPNET\AppData\Local\Google\Chrome\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\120\lsdb.js, Quarantined, [cd9657d2faa0e74fbe0f2e7e24df857b],
PUP.Optional.MultiPlug, C:\Users\ASPNET\AppData\Local\Google\Chrome\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\120\background.html, Quarantined, [cd9657d2faa0e74fbe0f2e7e24df857b],
PUP.Optional.MultiPlug, C:\Users\ASPNET\AppData\Local\Google\Chrome\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\120\content.js, Quarantined, [cd9657d2faa0e74fbe0f2e7e24df857b],
PUP.Optional.MultiPlug, C:\Users\ASPNET\AppData\Local\Google\Chrome\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\120\ezWq5HefLQ.js, Quarantined, [cd9657d2faa0e74fbe0f2e7e24df857b],
PUP.Optional.MultiPlug, C:\Users\ASPNET\AppData\Local\Google\Chrome\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\120\manifest.json, Quarantined, [cd9657d2faa0e74fbe0f2e7e24df857b],
PUP.Optional.MultiPlug, C:\Users\ASPNET\AppData\Local\Google\Chrome\User Data\Default\Extensions\fnijgkdahkbdgcbeablcmfjophbhfgji\2.0\lsdb.js, Quarantined, [e97ad356f9a147ef8f3e57558281ee12],
PUP.Optional.MultiPlug, C:\Users\ASPNET\AppData\Local\Google\Chrome\User Data\Default\Extensions\fnijgkdahkbdgcbeablcmfjophbhfgji\2.0\background.html, Quarantined, [e97ad356f9a147ef8f3e57558281ee12],
PUP.Optional.MultiPlug, C:\Users\ASPNET\AppData\Local\Google\Chrome\User Data\Default\Extensions\fnijgkdahkbdgcbeablcmfjophbhfgji\2.0\content.js, Quarantined, [e97ad356f9a147ef8f3e57558281ee12],
PUP.Optional.MultiPlug, C:\Users\ASPNET\AppData\Local\Google\Chrome\User Data\Default\Extensions\fnijgkdahkbdgcbeablcmfjophbhfgji\2.0\EJF.js, Quarantined, [e97ad356f9a147ef8f3e57558281ee12],
PUP.Optional.MultiPlug, C:\Users\ASPNET\AppData\Local\Google\Chrome\User Data\Default\Extensions\fnijgkdahkbdgcbeablcmfjophbhfgji\2.0\manifest.json, Quarantined, [e97ad356f9a147ef8f3e57558281ee12],
PUP.Optional.MultiPlug, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\120\lsdb.js, Quarantined, [d78c002919811026e8e5189437cc6a96],
PUP.Optional.MultiPlug, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\120\background.html, Quarantined, [d78c002919811026e8e5189437cc6a96],
PUP.Optional.MultiPlug, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\120\content.js, Quarantined, [d78c002919811026e8e5189437cc6a96],
PUP.Optional.MultiPlug, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\120\ezWq5HefLQ.js, Quarantined, [d78c002919811026e8e5189437cc6a96],
PUP.Optional.MultiPlug, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\120\manifest.json, Quarantined, [d78c002919811026e8e5189437cc6a96],
PUP.Optional.MultiPlug, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\fnijgkdahkbdgcbeablcmfjophbhfgji\2.0\lsdb.js, Quarantined, [71f284a5bae045f1d4f94b612cd76f91],
PUP.Optional.MultiPlug, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\fnijgkdahkbdgcbeablcmfjophbhfgji\2.0\background.html, Quarantined, [71f284a5bae045f1d4f94b612cd76f91],
PUP.Optional.MultiPlug, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\fnijgkdahkbdgcbeablcmfjophbhfgji\2.0\content.js, Quarantined, [71f284a5bae045f1d4f94b612cd76f91],
PUP.Optional.MultiPlug, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\fnijgkdahkbdgcbeablcmfjophbhfgji\2.0\EJF.js, Quarantined, [71f284a5bae045f1d4f94b612cd76f91],
PUP.Optional.MultiPlug, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\fnijgkdahkbdgcbeablcmfjophbhfgji\2.0\manifest.json, Quarantined, [71f284a5bae045f1d4f94b612cd76f91],
PUP.Optional.MultiPlug, C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\120\lsdb.js, Quarantined, [590a9594fd9d14228e3f7834dc278a76],
PUP.Optional.MultiPlug, C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\120\background.html, Quarantined, [590a9594fd9d14228e3f7834dc278a76],
PUP.Optional.MultiPlug, C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\120\content.js, Quarantined, [590a9594fd9d14228e3f7834dc278a76],
PUP.Optional.MultiPlug, C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\120\ezWq5HefLQ.js, Quarantined, [590a9594fd9d14228e3f7834dc278a76],
PUP.Optional.MultiPlug, C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\120\manifest.json, Quarantined, [590a9594fd9d14228e3f7834dc278a76],
PUP.Optional.MultiPlug, C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\fnijgkdahkbdgcbeablcmfjophbhfgji\2.0\lsdb.js, Quarantined, [ef7412174b4f40f6bf0ee2ca44bf0af6],
PUP.Optional.MultiPlug, C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\fnijgkdahkbdgcbeablcmfjophbhfgji\2.0\background.html, Quarantined, [ef7412174b4f40f6bf0ee2ca44bf0af6],
PUP.Optional.MultiPlug, C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\fnijgkdahkbdgcbeablcmfjophbhfgji\2.0\content.js, Quarantined, [ef7412174b4f40f6bf0ee2ca44bf0af6],
PUP.Optional.MultiPlug, C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\fnijgkdahkbdgcbeablcmfjophbhfgji\2.0\EJF.js, Quarantined, [ef7412174b4f40f6bf0ee2ca44bf0af6],
PUP.Optional.MultiPlug, C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\fnijgkdahkbdgcbeablcmfjophbhfgji\2.0\manifest.json, Quarantined, [ef7412174b4f40f6bf0ee2ca44bf0af6],
PUP.Optional.Chromatic, C:\Users\Administrator\AppData\Local\Chromatic Browser\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\120\background.html, Quarantined, [f86be742adeddd599b0903bfcf3310f0],
PUP.Optional.Chromatic, C:\Users\Administrator\AppData\Local\Chromatic Browser\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\120\content.js, Quarantined, [f86be742adeddd599b0903bfcf3310f0],
PUP.Optional.Chromatic, C:\Users\Administrator\AppData\Local\Chromatic Browser\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\120\ezWq5HefLQ.js, Quarantined, [f86be742adeddd599b0903bfcf3310f0],
PUP.Optional.Chromatic, C:\Users\Administrator\AppData\Local\Chromatic Browser\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\120\lsdb.js, Quarantined, [f86be742adeddd599b0903bfcf3310f0],
PUP.Optional.Chromatic, C:\Users\Administrator\AppData\Local\Chromatic Browser\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\120\manifest.json, Quarantined, [f86be742adeddd599b0903bfcf3310f0],
PUP.Optional.Chromatic, C:\Users\Administrator\AppData\Local\Chromatic Browser\User Data\Default\Extensions\fnijgkdahkbdgcbeablcmfjophbhfgji\2.0\background.html, Quarantined, [f86be742adeddd599b0903bfcf3310f0],
PUP.Optional.Chromatic, C:\Users\Administrator\AppData\Local\Chromatic Browser\User Data\Default\Extensions\fnijgkdahkbdgcbeablcmfjophbhfgji\2.0\content.js, Quarantined, [f86be742adeddd599b0903bfcf3310f0],
PUP.Optional.Chromatic, C:\Users\Administrator\AppData\Local\Chromatic Browser\User Data\Default\Extensions\fnijgkdahkbdgcbeablcmfjophbhfgji\2.0\EJF.js, Quarantined, [f86be742adeddd599b0903bfcf3310f0],
PUP.Optional.Chromatic, C:\Users\Administrator\AppData\Local\Chromatic Browser\User Data\Default\Extensions\fnijgkdahkbdgcbeablcmfjophbhfgji\2.0\lsdb.js, Quarantined, [f86be742adeddd599b0903bfcf3310f0],
PUP.Optional.Chromatic, C:\Users\Administrator\AppData\Local\Chromatic Browser\User Data\Default\Extensions\fnijgkdahkbdgcbeablcmfjophbhfgji\2.0\manifest.json, Quarantined, [f86be742adeddd599b0903bfcf3310f0],
PUP.Optional.Chromatic, C:\Users\ASPNET\AppData\Local\Chromatic Browser\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\120\background.html, Quarantined, [422115141288ec4a188cc6fc4ab820e0],
PUP.Optional.Chromatic, C:\Users\ASPNET\AppData\Local\Chromatic Browser\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\120\content.js, Quarantined, [422115141288ec4a188cc6fc4ab820e0],
PUP.Optional.Chromatic, C:\Users\ASPNET\AppData\Local\Chromatic Browser\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\120\ezWq5HefLQ.js, Quarantined, [422115141288ec4a188cc6fc4ab820e0],
PUP.Optional.Chromatic, C:\Users\ASPNET\AppData\Local\Chromatic Browser\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\120\lsdb.js, Quarantined, [422115141288ec4a188cc6fc4ab820e0],
PUP.Optional.Chromatic, C:\Users\ASPNET\AppData\Local\Chromatic Browser\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\120\manifest.json, Quarantined, [422115141288ec4a188cc6fc4ab820e0],
PUP.Optional.Chromatic, C:\Users\ASPNET\AppData\Local\Chromatic Browser\User Data\Default\Extensions\fnijgkdahkbdgcbeablcmfjophbhfgji\2.0\background.html, Quarantined, [422115141288ec4a188cc6fc4ab820e0],
PUP.Optional.Chromatic, C:\Users\ASPNET\AppData\Local\Chromatic Browser\User Data\Default\Extensions\fnijgkdahkbdgcbeablcmfjophbhfgji\2.0\content.js, Quarantined, [422115141288ec4a188cc6fc4ab820e0],
PUP.Optional.Chromatic, C:\Users\ASPNET\AppData\Local\Chromatic Browser\User Data\Default\Extensions\fnijgkdahkbdgcbeablcmfjophbhfgji\2.0\EJF.js, Quarantined, [422115141288ec4a188cc6fc4ab820e0],
PUP.Optional.Chromatic, C:\Users\ASPNET\AppData\Local\Chromatic Browser\User Data\Default\Extensions\fnijgkdahkbdgcbeablcmfjophbhfgji\2.0\lsdb.js, Quarantined, [422115141288ec4a188cc6fc4ab820e0],
PUP.Optional.Chromatic, C:\Users\ASPNET\AppData\Local\Chromatic Browser\User Data\Default\Extensions\fnijgkdahkbdgcbeablcmfjophbhfgji\2.0\manifest.json, Quarantined, [422115141288ec4a188cc6fc4ab820e0],
PUP.Optional.Chromatic, C:\Users\Gast\AppData\Local\Chromatic Browser\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\120\background.html, Quarantined, [99ca8e9b564466d0f0b4f7cba65c6898],
PUP.Optional.Chromatic, C:\Users\Gast\AppData\Local\Chromatic Browser\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\120\content.js, Quarantined, [99ca8e9b564466d0f0b4f7cba65c6898],
PUP.Optional.Chromatic, C:\Users\Gast\AppData\Local\Chromatic Browser\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\120\ezWq5HefLQ.js, Quarantined, [99ca8e9b564466d0f0b4f7cba65c6898],
PUP.Optional.Chromatic, C:\Users\Gast\AppData\Local\Chromatic Browser\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\120\lsdb.js, Quarantined, [99ca8e9b564466d0f0b4f7cba65c6898],
PUP.Optional.Chromatic, C:\Users\Gast\AppData\Local\Chromatic Browser\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\120\manifest.json, Quarantined, [99ca8e9b564466d0f0b4f7cba65c6898],
PUP.Optional.Chromatic, C:\Users\Gast\AppData\Local\Chromatic Browser\User Data\Default\Extensions\fnijgkdahkbdgcbeablcmfjophbhfgji\2.0\background.html, Quarantined, [99ca8e9b564466d0f0b4f7cba65c6898],
PUP.Optional.Chromatic, C:\Users\Gast\AppData\Local\Chromatic Browser\User Data\Default\Extensions\fnijgkdahkbdgcbeablcmfjophbhfgji\2.0\content.js, Quarantined, [99ca8e9b564466d0f0b4f7cba65c6898],
PUP.Optional.Chromatic, C:\Users\Gast\AppData\Local\Chromatic Browser\User Data\Default\Extensions\fnijgkdahkbdgcbeablcmfjophbhfgji\2.0\EJF.js, Quarantined, [99ca8e9b564466d0f0b4f7cba65c6898],
PUP.Optional.Chromatic, C:\Users\Gast\AppData\Local\Chromatic Browser\User Data\Default\Extensions\fnijgkdahkbdgcbeablcmfjophbhfgji\2.0\lsdb.js, Quarantined, [99ca8e9b564466d0f0b4f7cba65c6898],
PUP.Optional.Chromatic, C:\Users\Gast\AppData\Local\Chromatic Browser\User Data\Default\Extensions\fnijgkdahkbdgcbeablcmfjophbhfgji\2.0\manifest.json, Quarantined, [99ca8e9b564466d0f0b4f7cba65c6898],
PUP.Optional.Chromatic, C:\Users\HomeGroupUser$\AppData\Local\Chromatic Browser\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\120\background.html, Quarantined, [cd961a0fe6b4bf77079dc7fb9b671ee2],
PUP.Optional.Chromatic, C:\Users\HomeGroupUser$\AppData\Local\Chromatic Browser\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\120\content.js, Quarantined, [cd961a0fe6b4bf77079dc7fb9b671ee2],
PUP.Optional.Chromatic, C:\Users\HomeGroupUser$\AppData\Local\Chromatic Browser\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\120\ezWq5HefLQ.js, Quarantined, [cd961a0fe6b4bf77079dc7fb9b671ee2],
PUP.Optional.Chromatic, C:\Users\HomeGroupUser$\AppData\Local\Chromatic Browser\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\120\lsdb.js, Quarantined, [cd961a0fe6b4bf77079dc7fb9b671ee2],
PUP.Optional.Chromatic, C:\Users\HomeGroupUser$\AppData\Local\Chromatic Browser\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\120\manifest.json, Quarantined, [cd961a0fe6b4bf77079dc7fb9b671ee2],
PUP.Optional.Chromatic, C:\Users\HomeGroupUser$\AppData\Local\Chromatic Browser\User Data\Default\Extensions\fnijgkdahkbdgcbeablcmfjophbhfgji\2.0\background.html, Quarantined, [cd961a0fe6b4bf77079dc7fb9b671ee2],
PUP.Optional.Chromatic, C:\Users\HomeGroupUser$\AppData\Local\Chromatic Browser\User Data\Default\Extensions\fnijgkdahkbdgcbeablcmfjophbhfgji\2.0\content.js, Quarantined, [cd961a0fe6b4bf77079dc7fb9b671ee2],
PUP.Optional.Chromatic, C:\Users\HomeGroupUser$\AppData\Local\Chromatic Browser\User Data\Default\Extensions\fnijgkdahkbdgcbeablcmfjophbhfgji\2.0\EJF.js, Quarantined, [cd961a0fe6b4bf77079dc7fb9b671ee2],
PUP.Optional.Chromatic, C:\Users\HomeGroupUser$\AppData\Local\Chromatic Browser\User Data\Default\Extensions\fnijgkdahkbdgcbeablcmfjophbhfgji\2.0\lsdb.js, Quarantined, [cd961a0fe6b4bf77079dc7fb9b671ee2],
PUP.Optional.Chromatic, C:\Users\HomeGroupUser$\AppData\Local\Chromatic Browser\User Data\Default\Extensions\fnijgkdahkbdgcbeablcmfjophbhfgji\2.0\manifest.json, Quarantined, [cd961a0fe6b4bf77079dc7fb9b671ee2],

Physical Sectors: 0
(No malicious items detected)


(end)
MentalParadox is offline  
Old 07-28-2016, 10:08 AM   #13
Registered Member
 
MentalParadox's Avatar
 
Join Date: Mar 2013
Location: Brasschaat, Belgium.
Posts: 131
OS: Windows 10 Home, 64bit



Malwarebytes Anti-Malware:

www.malwarebytes.org

Scan Date: 28/07/2016
Scan Time: 16:20
Logfile: Malwarebytes Scan Log.txt
Administrator: Yes

Version: 2.2.1.1043
Malware Database: v2016.07.28.03
Rootkit Database: v2016.05.27.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled

OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: User

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 343465
Time Elapsed: 10 min, 59 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 9
PUP.Optional.MultiPlug, HKLM\SOFTWARE\CLASSES\INTERFACE\{7041156A-0D2B-4DCD-A8EE-D0608BFCB2D0}, Quarantined, [89dad455a4f663d32ec998fc43bf0bf5],
PUP.Optional.MultiPlug, HKLM\SOFTWARE\CLASSES\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755}, Quarantined, [6102b0793169a78f00f7cdc757abec14],
PUP.Optional.MultiPlug, HKLM\SOFTWARE\CLASSES\INTERFACE\{9B41579A-1996-42F9-8F84-7B7786818CEF}, Quarantined, [6102b0793169a78f00f7cdc757abec14],
PUP.Optional.MultiPlug, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{7041156A-0D2B-4DCD-A8EE-D0608BFCB2D0}, Quarantined, [6102b0793169a78f00f7cdc757abec14],
PUP.Optional.MultiPlug, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{9B41579A-1996-42F9-8F84-7B7786818CEF}, Quarantined, [6102b0793169a78f00f7cdc757abec14],
PUP.Optional.MultiPlug, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{7041156A-0D2B-4DCD-A8EE-D0608BFCB2D0}, Quarantined, [6102b0793169a78f00f7cdc757abec14],
PUP.Optional.MultiPlug, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{9B41579A-1996-42F9-8F84-7B7786818CEF}, Quarantined, [6102b0793169a78f00f7cdc757abec14],
PUP.Optional.MultiPlug, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755}, Quarantined, [1b4867c25b3f65d19562276dcd356898],
PUP.Optional.MultiPlug, HKLM\SOFTWARE\CLASSES\WOW6432NODE\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755}, Quarantined, [1f44f732abef2b0b0bec3460e220ed13],

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 96
PUP.Optional.MultiPlug, C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\120, Quarantined, [e87b41e8a5f5ea4c874fb81ed2305aa6],
PUP.Optional.MultiPlug, C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg, Quarantined, [e87b41e8a5f5ea4c874fb81ed2305aa6],
PUP.Optional.MultiPlug, C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\fnijgkdahkbdgcbeablcmfjophbhfgji\2.0, Quarantined, [62011910485255e10cca0acccb3702fe],
PUP.Optional.MultiPlug, C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\fnijgkdahkbdgcbeablcmfjophbhfgji, Quarantined, [62011910485255e10cca0acccb3702fe],
PUP.Optional.MultiPlug, C:\Users\ASPNET\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\120, Quarantined, [a2c154d57d1d072f5581a5313ec49f61],
PUP.Optional.MultiPlug, C:\Users\ASPNET\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg, Quarantined, [a2c154d57d1d072f5581a5313ec49f61],
PUP.Optional.MultiPlug, C:\Users\ASPNET\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\fnijgkdahkbdgcbeablcmfjophbhfgji\2.0, Quarantined, [f46fae7b8f0bbd795581bd1960a22dd3],
PUP.Optional.MultiPlug, C:\Users\ASPNET\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\fnijgkdahkbdgcbeablcmfjophbhfgji, Quarantined, [f46fae7b8f0bbd795581bd1960a22dd3],
PUP.Optional.MultiPlug, C:\Users\Gast\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\120, Quarantined, [60030e1bfaa07cba18be20b619e9fe02],
PUP.Optional.MultiPlug, C:\Users\Gast\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg, Quarantined, [60030e1bfaa07cba18be20b619e9fe02],
PUP.Optional.MultiPlug, C:\Users\Gast\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\fnijgkdahkbdgcbeablcmfjophbhfgji\2.0, Quarantined, [82e1939681197abcc5111eb88d75c63a],
PUP.Optional.MultiPlug, C:\Users\Gast\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\fnijgkdahkbdgcbeablcmfjophbhfgji, Quarantined, [82e1939681197abcc5111eb88d75c63a],
PUP.Optional.MultiPlug, C:\Users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\120, Quarantined, [99ca0425e8b2df579f37f4e2ec16ed13],
PUP.Optional.MultiPlug, C:\Users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg, Quarantined, [99ca0425e8b2df579f37f4e2ec16ed13],
PUP.Optional.MultiPlug, C:\Users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\fnijgkdahkbdgcbeablcmfjophbhfgji\2.0, Quarantined, [65fe2801e2b868cef4e207cfd42e6d93],
PUP.Optional.MultiPlug, C:\Users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\fnijgkdahkbdgcbeablcmfjophbhfgji, Quarantined, [65fe2801e2b868cef4e207cfd42e6d93],
PUP.Optional.MultiPlug, C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\120, Quarantined, [ff642ffa0e8ca78f6473855159a9bd43],
PUP.Optional.MultiPlug, C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg, Quarantined, [ff642ffa0e8ca78f6473855159a9bd43],
PUP.Optional.MultiPlug, C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\fnijgkdahkbdgcbeablcmfjophbhfgji\2.0, Quarantined, [b7acc0691783ad891cbb3e98c33f7f81],
PUP.Optional.MultiPlug, C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\fnijgkdahkbdgcbeablcmfjophbhfgji, Quarantined, [b7acc0691783ad891cbb3e98c33f7f81],
PUP.Optional.MultiPlug, C:\Users\ASPNET\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\120, Quarantined, [74efc1689ffb92a42cabe5f118ea0000],
PUP.Optional.MultiPlug, C:\Users\ASPNET\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg, Quarantined, [74efc1689ffb92a42cabe5f118ea0000],
PUP.Optional.MultiPlug, C:\Users\ASPNET\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\fnijgkdahkbdgcbeablcmfjophbhfgji\2.0, Quarantined, [b2b137f2b5e581b5686fbc1a12f043bd],
PUP.Optional.MultiPlug, C:\Users\ASPNET\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\fnijgkdahkbdgcbeablcmfjophbhfgji, Quarantined, [b2b137f2b5e581b5686fbc1a12f043bd],
PUP.Optional.MultiPlug, C:\Users\Gast\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\120, Quarantined, [b5aef4353f5b14227d5a9d399e64dd23],
PUP.Optional.MultiPlug, C:\Users\Gast\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg, Quarantined, [b5aef4353f5b14227d5a9d399e64dd23],
PUP.Optional.MultiPlug, C:\Users\Gast\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\fnijgkdahkbdgcbeablcmfjophbhfgji\2.0, Quarantined, [0360c465b1e9f83ea532a4324eb40af6],
PUP.Optional.MultiPlug, C:\Users\Gast\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\fnijgkdahkbdgcbeablcmfjophbhfgji, Quarantined, [0360c465b1e9f83ea532a4324eb40af6],
PUP.Optional.MultiPlug, C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\120, Quarantined, [66fd9c8d6a307bbb22b511c5e41e3fc1],
PUP.Optional.MultiPlug, C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg, Quarantined, [66fd9c8d6a307bbb22b511c5e41e3fc1],
PUP.Optional.MultiPlug, C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\fnijgkdahkbdgcbeablcmfjophbhfgji\2.0, Quarantined, [0d5673b6504aef47e4f35f77eb179868],
PUP.Optional.MultiPlug, C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\fnijgkdahkbdgcbeablcmfjophbhfgji, Quarantined, [0d5673b6504aef47e4f35f77eb179868],
PUP.Optional.MultiPlug, C:\Users\Administrator\AppData\Local\Torch\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\120, Quarantined, [0162a8816f2b8caa0ccc587e08faa759],
PUP.Optional.MultiPlug, C:\Users\Administrator\AppData\Local\Torch\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg, Quarantined, [0162a8816f2b8caa0ccc587e08faa759],
PUP.Optional.MultiPlug, C:\Users\Administrator\AppData\Local\Torch\User Data\Default\Extensions\fnijgkdahkbdgcbeablcmfjophbhfgji\2.0, Quarantined, [372c15140c8eba7c8850e0f6dc26d030],
PUP.Optional.MultiPlug, C:\Users\Administrator\AppData\Local\Torch\User Data\Default\Extensions\fnijgkdahkbdgcbeablcmfjophbhfgji, Quarantined, [372c15140c8eba7c8850e0f6dc26d030],
PUP.Optional.MultiPlug, C:\Users\ASPNET\AppData\Local\Torch\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\120, Quarantined, [c69d0425108ab97dd0088a4c986a639d],
PUP.Optional.MultiPlug, C:\Users\ASPNET\AppData\Local\Torch\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg, Quarantined, [c69d0425108ab97dd0088a4c986a639d],
PUP.Optional.MultiPlug, C:\Users\ASPNET\AppData\Local\Torch\User Data\Default\Extensions\fnijgkdahkbdgcbeablcmfjophbhfgji\2.0, Quarantined, [b0b34edb881201359b3dca0cd929867a],
PUP.Optional.MultiPlug, C:\Users\ASPNET\AppData\Local\Torch\User Data\Default\Extensions\fnijgkdahkbdgcbeablcmfjophbhfgji, Quarantined, [b0b34edb881201359b3dca0cd929867a],
PUP.Optional.MultiPlug, C:\Users\Gast\AppData\Local\Torch\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\120, Quarantined, [c59e7aaf207a2c0a4791c610936f40c0],
PUP.Optional.MultiPlug, C:\Users\Gast\AppData\Local\Torch\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg, Quarantined, [c59e7aaf207a2c0a4791c610936f40c0],
PUP.Optional.MultiPlug, C:\Users\Gast\AppData\Local\Torch\User Data\Default\Extensions\fnijgkdahkbdgcbeablcmfjophbhfgji\2.0, Quarantined, [fe65ed3c96040036f6e2e5f1eb175ba5],
PUP.Optional.MultiPlug, C:\Users\Gast\AppData\Local\Torch\User Data\Default\Extensions\fnijgkdahkbdgcbeablcmfjophbhfgji, Quarantined, [fe65ed3c96040036f6e2e5f1eb175ba5],
PUP.Optional.MultiPlug, C:\Users\HomeGroupUser$\AppData\Local\Torch\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\120, Quarantined, [53100c1d7822112504d41cbaa55ddb25],
PUP.Optional.MultiPlug, C:\Users\HomeGroupUser$\AppData\Local\Torch\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg, Quarantined, [53100c1d7822112504d41cbaa55ddb25],
PUP.Optional.MultiPlug, C:\Users\HomeGroupUser$\AppData\Local\Torch\User Data\Default\Extensions\fnijgkdahkbdgcbeablcmfjophbhfgji\2.0, Quarantined, [ca99cf5a8d0d0e28fcdc24b2a55d946c],
PUP.Optional.MultiPlug, C:\Users\HomeGroupUser$\AppData\Local\Torch\User Data\Default\Extensions\fnijgkdahkbdgcbeablcmfjophbhfgji, Quarantined, [ca99cf5a8d0d0e28fcdc24b2a55d946c],
PUP.Optional.MultiPlug, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\120, Quarantined, [144f14154c4e5bdb39941e8e34cf21df],
PUP.Optional.MultiPlug, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg, Quarantined, [144f14154c4e5bdb39941e8e34cf21df],
PUP.Optional.MultiPlug, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\fnijgkdahkbdgcbeablcmfjophbhfgji\2.0, Quarantined, [8fd412179109e452b518b3f92ad99f61],
PUP.Optional.MultiPlug, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\fnijgkdahkbdgcbeablcmfjophbhfgji, Quarantined, [8fd412179109e452b518b3f92ad99f61],
PUP.Optional.MultiPlug, C:\Users\ASPNET\AppData\Local\Google\Chrome\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\120, Quarantined, [cd9657d2faa0e74fbe0f2e7e24df857b],
PUP.Optional.MultiPlug, C:\Users\ASPNET\AppData\Local\Google\Chrome\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg, Quarantined, [cd9657d2faa0e74fbe0f2e7e24df857b],
PUP.Optional.MultiPlug, C:\Users\ASPNET\AppData\Local\Google\Chrome\User Data\Default\Extensions\fnijgkdahkbdgcbeablcmfjophbhfgji\2.0, Quarantined, [e97ad356f9a147ef8f3e57558281ee12],
PUP.Optional.MultiPlug, C:\Users\ASPNET\AppData\Local\Google\Chrome\User Data\Default\Extensions\fnijgkdahkbdgcbeablcmfjophbhfgji, Quarantined, [e97ad356f9a147ef8f3e57558281ee12],
PUP.Optional.MultiPlug, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\120, Quarantined, [d78c002919811026e8e5189437cc6a96],
PUP.Optional.MultiPlug, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg, Quarantined, [d78c002919811026e8e5189437cc6a96],
PUP.Optional.MultiPlug, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\fnijgkdahkbdgcbeablcmfjophbhfgji\2.0, Quarantined, [71f284a5bae045f1d4f94b612cd76f91],
PUP.Optional.MultiPlug, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\fnijgkdahkbdgcbeablcmfjophbhfgji, Quarantined, [71f284a5bae045f1d4f94b612cd76f91],
PUP.Optional.MultiPlug, C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\120, Quarantined, [590a9594fd9d14228e3f7834dc278a76],
PUP.Optional.MultiPlug, C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg, Quarantined, [590a9594fd9d14228e3f7834dc278a76],
PUP.Optional.MultiPlug, C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\fnijgkdahkbdgcbeablcmfjophbhfgji\2.0, Quarantined, [ef7412174b4f40f6bf0ee2ca44bf0af6],
PUP.Optional.MultiPlug, C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\fnijgkdahkbdgcbeablcmfjophbhfgji, Quarantined, [ef7412174b4f40f6bf0ee2ca44bf0af6],
PUP.Optional.Chromatic, C:\Users\Administrator\AppData\Local\Chromatic Browser, Quarantined, [f86be742adeddd599b0903bfcf3310f0],
PUP.Optional.Chromatic, C:\Users\Administrator\AppData\Local\Chromatic Browser\User Data, Quarantined, [f86be742adeddd599b0903bfcf3310f0],
PUP.Optional.Chromatic, C:\Users\Administrator\AppData\Local\Chromatic Browser\User Data\Default, Quarantined, [f86be742adeddd599b0903bfcf3310f0],
PUP.Optional.Chromatic, C:\Users\Administrator\AppData\Local\Chromatic Browser\User Data\Default\Extensions, Quarantined, [f86be742adeddd599b0903bfcf3310f0],
PUP.Optional.Chromatic, C:\Users\Administrator\AppData\Local\Chromatic Browser\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg, Quarantined, [f86be742adeddd599b0903bfcf3310f0],
PUP.Optional.Chromatic, C:\Users\Administrator\AppData\Local\Chromatic Browser\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\120, Quarantined, [f86be742adeddd599b0903bfcf3310f0],
PUP.Optional.Chromatic, C:\Users\Administrator\AppData\Local\Chromatic Browser\User Data\Default\Extensions\fnijgkdahkbdgcbeablcmfjophbhfgji, Quarantined, [f86be742adeddd599b0903bfcf3310f0],
PUP.Optional.Chromatic, C:\Users\Administrator\AppData\Local\Chromatic Browser\User Data\Default\Extensions\fnijgkdahkbdgcbeablcmfjophbhfgji\2.0, Quarantined, [f86be742adeddd599b0903bfcf3310f0],
PUP.Optional.Chromatic, C:\Users\ASPNET\AppData\Local\Chromatic Browser, Quarantined, [422115141288ec4a188cc6fc4ab820e0],
PUP.Optional.Chromatic, C:\Users\ASPNET\AppData\Local\Chromatic Browser\User Data, Quarantined, [422115141288ec4a188cc6fc4ab820e0],
PUP.Optional.Chromatic, C:\Users\ASPNET\AppData\Local\Chromatic Browser\User Data\Default, Quarantined, [422115141288ec4a188cc6fc4ab820e0],
PUP.Optional.Chromatic, C:\Users\ASPNET\AppData\Local\Chromatic Browser\User Data\Default\Extensions, Quarantined, [422115141288ec4a188cc6fc4ab820e0],
PUP.Optional.Chromatic, C:\Users\ASPNET\AppData\Local\Chromatic Browser\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg, Quarantined, [422115141288ec4a188cc6fc4ab820e0],
PUP.Optional.Chromatic, C:\Users\ASPNET\AppData\Local\Chromatic Browser\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\120, Quarantined, [422115141288ec4a188cc6fc4ab820e0],
PUP.Optional.Chromatic, C:\Users\ASPNET\AppData\Local\Chromatic Browser\User Data\Default\Extensions\fnijgkdahkbdgcbeablcmfjophbhfgji, Quarantined, [422115141288ec4a188cc6fc4ab820e0],
PUP.Optional.Chromatic, C:\Users\ASPNET\AppData\Local\Chromatic Browser\User Data\Default\Extensions\fnijgkdahkbdgcbeablcmfjophbhfgji\2.0, Quarantined, [422115141288ec4a188cc6fc4ab820e0],
PUP.Optional.Chromatic, C:\Users\Gast\AppData\Local\Chromatic Browser, Quarantined, [99ca8e9b564466d0f0b4f7cba65c6898],
PUP.Optional.Chromatic, C:\Users\Gast\AppData\Local\Chromatic Browser\User Data, Quarantined, [99ca8e9b564466d0f0b4f7cba65c6898],
PUP.Optional.Chromatic, C:\Users\Gast\AppData\Local\Chromatic Browser\User Data\Default, Quarantined, [99ca8e9b564466d0f0b4f7cba65c6898],
PUP.Optional.Chromatic, C:\Users\Gast\AppData\Local\Chromatic Browser\User Data\Default\Extensions, Quarantined, [99ca8e9b564466d0f0b4f7cba65c6898],
PUP.Optional.Chromatic, C:\Users\Gast\AppData\Local\Chromatic Browser\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg, Quarantined, [99ca8e9b564466d0f0b4f7cba65c6898],
PUP.Optional.Chromatic, C:\Users\Gast\AppData\Local\Chromatic Browser\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\120, Quarantined, [99ca8e9b564466d0f0b4f7cba65c6898],
PUP.Optional.Chromatic, C:\Users\Gast\AppData\Local\Chromatic Browser\User Data\Default\Extensions\fnijgkdahkbdgcbeablcmfjophbhfgji, Quarantined, [99ca8e9b564466d0f0b4f7cba65c6898],
PUP.Optional.Chromatic, C:\Users\Gast\AppData\Local\Chromatic Browser\User Data\Default\Extensions\fnijgkdahkbdgcbeablcmfjophbhfgji\2.0, Quarantined, [99ca8e9b564466d0f0b4f7cba65c6898],
PUP.Optional.Chromatic, C:\Users\HomeGroupUser$\AppData\Local\Chromatic Browser, Quarantined, [cd961a0fe6b4bf77079dc7fb9b671ee2],
PUP.Optional.Chromatic, C:\Users\HomeGroupUser$\AppData\Local\Chromatic Browser\User Data, Quarantined, [cd961a0fe6b4bf77079dc7fb9b671ee2],
PUP.Optional.Chromatic, C:\Users\HomeGroupUser$\AppData\Local\Chromatic Browser\User Data\Default, Quarantined, [cd961a0fe6b4bf77079dc7fb9b671ee2],
PUP.Optional.Chromatic, C:\Users\HomeGroupUser$\AppData\Local\Chromatic Browser\User Data\Default\Extensions, Quarantined, [cd961a0fe6b4bf77079dc7fb9b671ee2],
PUP.Optional.Chromatic, C:\Users\HomeGroupUser$\AppData\Local\Chromatic Browser\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg, Quarantined, [cd961a0fe6b4bf77079dc7fb9b671ee2],
PUP.Optional.Chromatic, C:\Users\HomeGroupUser$\AppData\Local\Chromatic Browser\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\120, Quarantined, [cd961a0fe6b4bf77079dc7fb9b671ee2],
PUP.Optional.Chromatic, C:\Users\HomeGroupUser$\AppData\Local\Chromatic Browser\User Data\Default\Extensions\fnijgkdahkbdgcbeablcmfjophbhfgji, Quarantined, [cd961a0fe6b4bf77079dc7fb9b671ee2],
PUP.Optional.Chromatic, C:\Users\HomeGroupUser$\AppData\Local\Chromatic Browser\User Data\Default\Extensions\fnijgkdahkbdgcbeablcmfjophbhfgji\2.0, Quarantined, [cd961a0fe6b4bf77079dc7fb9b671ee2],

Files: 203
Adware.Agent, C:\ProgramData\InstallMate\{E60F9239-C060-4B4D-A9A6-88423DECB0CF}\Custom.dll, Quarantined, [293a7aaf6f2bd6605e14bafba45cea16],
VirTool.Obfuscator, C:\Program Files (x86)\Saints Row IV\steam_api.dll, Quarantined, [b8ab3deccfcb94a25b6326837789e31d],
RiskWare.GameHack, C:\Program Files (x86)\Wolfenstein The New Order\steam_api64.dll, Quarantined, [a6bdbd6cb0ea04324d0cffa97b898d73],
PUP.Optional.MultiPlug, C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\120\lsdb.js, Quarantined, [e87b41e8a5f5ea4c874fb81ed2305aa6],
PUP.Optional.MultiPlug, C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\120\background.html, Quarantined, [e87b41e8a5f5ea4c874fb81ed2305aa6],
PUP.Optional.MultiPlug, C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\120\content.js, Quarantined, [e87b41e8a5f5ea4c874fb81ed2305aa6],
PUP.Optional.MultiPlug, C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\120\ezWq5HefLQ.js, Quarantined, [e87b41e8a5f5ea4c874fb81ed2305aa6],
PUP.Optional.MultiPlug, C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\120\manifest.json, Quarantined, [e87b41e8a5f5ea4c874fb81ed2305aa6],
PUP.Optional.MultiPlug, C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\fnijgkdahkbdgcbeablcmfjophbhfgji\2.0\lsdb.js, Quarantined, [62011910485255e10cca0acccb3702fe],
PUP.Optional.MultiPlug, C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\fnijgkdahkbdgcbeablcmfjophbhfgji\2.0\background.html, Quarantined, [62011910485255e10cca0acccb3702fe],
PUP.Optional.MultiPlug, C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\fnijgkdahkbdgcbeablcmfjophbhfgji\2.0\content.js, Quarantined, [62011910485255e10cca0acccb3702fe],
PUP.Optional.MultiPlug, C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\fnijgkdahkbdgcbeablcmfjophbhfgji\2.0\EJF.js, Quarantined, [62011910485255e10cca0acccb3702fe],
PUP.Optional.MultiPlug, C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\fnijgkdahkbdgcbeablcmfjophbhfgji\2.0\manifest.json, Quarantined, [62011910485255e10cca0acccb3702fe],
PUP.Optional.MultiPlug, C:\Users\ASPNET\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\120\lsdb.js, Quarantined, [a2c154d57d1d072f5581a5313ec49f61],
PUP.Optional.MultiPlug, C:\Users\ASPNET\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\120\background.html, Quarantined, [a2c154d57d1d072f5581a5313ec49f61],
PUP.Optional.MultiPlug, C:\Users\ASPNET\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\120\content.js, Quarantined, [a2c154d57d1d072f5581a5313ec49f61],
PUP.Optional.MultiPlug, C:\Users\ASPNET\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\120\ezWq5HefLQ.js, Quarantined, [a2c154d57d1d072f5581a5313ec49f61],
PUP.Optional.MultiPlug, C:\Users\ASPNET\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\120\manifest.json, Quarantined, [a2c154d57d1d072f5581a5313ec49f61],
PUP.Optional.MultiPlug, C:\Users\ASPNET\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\fnijgkdahkbdgcbeablcmfjophbhfgji\2.0\lsdb.js, Quarantined, [f46fae7b8f0bbd795581bd1960a22dd3],
PUP.Optional.MultiPlug, C:\Users\ASPNET\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\fnijgkdahkbdgcbeablcmfjophbhfgji\2.0\background.html, Quarantined, [f46fae7b8f0bbd795581bd1960a22dd3],
PUP.Optional.MultiPlug, C:\Users\ASPNET\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\fnijgkdahkbdgcbeablcmfjophbhfgji\2.0\content.js, Quarantined, [f46fae7b8f0bbd795581bd1960a22dd3],
PUP.Optional.MultiPlug, C:\Users\ASPNET\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\fnijgkdahkbdgcbeablcmfjophbhfgji\2.0\EJF.js, Quarantined, [f46fae7b8f0bbd795581bd1960a22dd3],
PUP.Optional.MultiPlug, C:\Users\ASPNET\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\fnijgkdahkbdgcbeablcmfjophbhfgji\2.0\manifest.json, Quarantined, [f46fae7b8f0bbd795581bd1960a22dd3],
PUP.Optional.MultiPlug, C:\Users\Gast\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\120\lsdb.js, Quarantined, [60030e1bfaa07cba18be20b619e9fe02],
PUP.Optional.MultiPlug, C:\Users\Gast\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\120\background.html, Quarantined, [60030e1bfaa07cba18be20b619e9fe02],
PUP.Optional.MultiPlug, C:\Users\Gast\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\120\content.js, Quarantined, [60030e1bfaa07cba18be20b619e9fe02],
PUP.Optional.MultiPlug, C:\Users\Gast\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\120\ezWq5HefLQ.js, Quarantined, [60030e1bfaa07cba18be20b619e9fe02],
PUP.Optional.MultiPlug, C:\Users\Gast\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\120\manifest.json, Quarantined, [60030e1bfaa07cba18be20b619e9fe02],
PUP.Optional.MultiPlug, C:\Users\Gast\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\fnijgkdahkbdgcbeablcmfjophbhfgji\2.0\lsdb.js, Quarantined, [82e1939681197abcc5111eb88d75c63a],
PUP.Optional.MultiPlug, C:\Users\Gast\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\fnijgkdahkbdgcbeablcmfjophbhfgji\2.0\background.html, Quarantined, [82e1939681197abcc5111eb88d75c63a],
PUP.Optional.MultiPlug, C:\Users\Gast\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\fnijgkdahkbdgcbeablcmfjophbhfgji\2.0\content.js, Quarantined, [82e1939681197abcc5111eb88d75c63a],
PUP.Optional.MultiPlug, C:\Users\Gast\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\fnijgkdahkbdgcbeablcmfjophbhfgji\2.0\EJF.js, Quarantined, [82e1939681197abcc5111eb88d75c63a],
PUP.Optional.MultiPlug, C:\Users\Gast\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\fnijgkdahkbdgcbeablcmfjophbhfgji\2.0\manifest.json, Quarantined, [82e1939681197abcc5111eb88d75c63a],
PUP.Optional.MultiPlug, C:\Users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\120\lsdb.js, Quarantined, [99ca0425e8b2df579f37f4e2ec16ed13],
PUP.Optional.MultiPlug, C:\Users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\120\background.html, Quarantined, [99ca0425e8b2df579f37f4e2ec16ed13],
PUP.Optional.MultiPlug, C:\Users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\120\content.js, Quarantined, [99ca0425e8b2df579f37f4e2ec16ed13],
PUP.Optional.MultiPlug, C:\Users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\120\ezWq5HefLQ.js, Quarantined, [99ca0425e8b2df579f37f4e2ec16ed13],
PUP.Optional.MultiPlug, C:\Users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\120\manifest.json, Quarantined, [99ca0425e8b2df579f37f4e2ec16ed13],
PUP.Optional.MultiPlug, C:\Users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\fnijgkdahkbdgcbeablcmfjophbhfgji\2.0\lsdb.js, Quarantined, [65fe2801e2b868cef4e207cfd42e6d93],
PUP.Optional.MultiPlug, C:\Users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\fnijgkdahkbdgcbeablcmfjophbhfgji\2.0\background.html, Quarantined, [65fe2801e2b868cef4e207cfd42e6d93],
PUP.Optional.MultiPlug, C:\Users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\fnijgkdahkbdgcbeablcmfjophbhfgji\2.0\content.js, Quarantined, [65fe2801e2b868cef4e207cfd42e6d93],
PUP.Optional.MultiPlug, C:\Users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\fnijgkdahkbdgcbeablcmfjophbhfgji\2.0\EJF.js, Quarantined, [65fe2801e2b868cef4e207cfd42e6d93],
PUP.Optional.MultiPlug, C:\Users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\fnijgkdahkbdgcbeablcmfjophbhfgji\2.0\manifest.json, Quarantined, [65fe2801e2b868cef4e207cfd42e6d93],
PUP.Optional.MultiPlug, C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\120\lsdb.js, Quarantined, [ff642ffa0e8ca78f6473855159a9bd43],
PUP.Optional.MultiPlug, C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\120\background.html, Quarantined, [ff642ffa0e8ca78f6473855159a9bd43],
PUP.Optional.MultiPlug, C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\120\content.js, Quarantined, [ff642ffa0e8ca78f6473855159a9bd43],
PUP.Optional.MultiPlug, C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\120\ezWq5HefLQ.js, Quarantined, [ff642ffa0e8ca78f6473855159a9bd43],
PUP.Optional.MultiPlug, C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\120\manifest.json, Quarantined, [ff642ffa0e8ca78f6473855159a9bd43],
PUP.Optional.MultiPlug, C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\fnijgkdahkbdgcbeablcmfjophbhfgji\2.0\lsdb.js, Quarantined, [b7acc0691783ad891cbb3e98c33f7f81],
PUP.Optional.MultiPlug, C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\fnijgkdahkbdgcbeablcmfjophbhfgji\2.0\background.html, Quarantined, [b7acc0691783ad891cbb3e98c33f7f81],
PUP.Optional.MultiPlug, C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\fnijgkdahkbdgcbeablcmfjophbhfgji\2.0\content.js, Quarantined, [b7acc0691783ad891cbb3e98c33f7f81],
PUP.Optional.MultiPlug, C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\fnijgkdahkbdgcbeablcmfjophbhfgji\2.0\EJF.js, Quarantined, [b7acc0691783ad891cbb3e98c33f7f81],
PUP.Optional.MultiPlug, C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\fnijgkdahkbdgcbeablcmfjophbhfgji\2.0\manifest.json, Quarantined, [b7acc0691783ad891cbb3e98c33f7f81],
PUP.Optional.MultiPlug, C:\Users\ASPNET\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\120\lsdb.js, Quarantined, [74efc1689ffb92a42cabe5f118ea0000],
PUP.Optional.MultiPlug, C:\Users\ASPNET\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\120\background.html, Quarantined, [74efc1689ffb92a42cabe5f118ea0000],
PUP.Optional.MultiPlug, C:\Users\ASPNET\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\120\content.js, Quarantined, [74efc1689ffb92a42cabe5f118ea0000],
PUP.Optional.MultiPlug, C:\Users\ASPNET\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\120\ezWq5HefLQ.js, Quarantined, [74efc1689ffb92a42cabe5f118ea0000],
PUP.Optional.MultiPlug, C:\Users\ASPNET\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\120\manifest.json, Quarantined, [74efc1689ffb92a42cabe5f118ea0000],
PUP.Optional.MultiPlug, C:\Users\ASPNET\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\fnijgkdahkbdgcbeablcmfjophbhfgji\2.0\lsdb.js, Quarantined, [b2b137f2b5e581b5686fbc1a12f043bd],
PUP.Optional.MultiPlug, C:\Users\ASPNET\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\fnijgkdahkbdgcbeablcmfjophbhfgji\2.0\background.html, Quarantined, [b2b137f2b5e581b5686fbc1a12f043bd],
PUP.Optional.MultiPlug, C:\Users\ASPNET\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\fnijgkdahkbdgcbeablcmfjophbhfgji\2.0\content.js, Quarantined, [b2b137f2b5e581b5686fbc1a12f043bd],
PUP.Optional.MultiPlug, C:\Users\ASPNET\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\fnijgkdahkbdgcbeablcmfjophbhfgji\2.0\EJF.js, Quarantined, [b2b137f2b5e581b5686fbc1a12f043bd],
PUP.Optional.MultiPlug, C:\Users\ASPNET\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\fnijgkdahkbdgcbeablcmfjophbhfgji\2.0\manifest.json, Quarantined, [b2b137f2b5e581b5686fbc1a12f043bd],
PUP.Optional.MultiPlug, C:\Users\Gast\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\120\lsdb.js, Quarantined, [b5aef4353f5b14227d5a9d399e64dd23],
PUP.Optional.MultiPlug, C:\Users\Gast\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\120\background.html, Quarantined, [b5aef4353f5b14227d5a9d399e64dd23],
PUP.Optional.MultiPlug, C:\Users\Gast\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\120\content.js, Quarantined, [b5aef4353f5b14227d5a9d399e64dd23],
PUP.Optional.MultiPlug, C:\Users\Gast\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\120\ezWq5HefLQ.js, Quarantined, [b5aef4353f5b14227d5a9d399e64dd23],
PUP.Optional.MultiPlug, C:\Users\Gast\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\120\manifest.json, Quarantined, [b5aef4353f5b14227d5a9d399e64dd23],
PUP.Optional.MultiPlug, C:\Users\Gast\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\fnijgkdahkbdgcbeablcmfjophbhfgji\2.0\lsdb.js, Quarantined, [0360c465b1e9f83ea532a4324eb40af6],
PUP.Optional.MultiPlug, C:\Users\Gast\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\fnijgkdahkbdgcbeablcmfjophbhfgji\2.0\background.html, Quarantined, [0360c465b1e9f83ea532a4324eb40af6],
PUP.Optional.MultiPlug, C:\Users\Gast\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\fnijgkdahkbdgcbeablcmfjophbhfgji\2.0\content.js, Quarantined, [0360c465b1e9f83ea532a4324eb40af6],
PUP.Optional.MultiPlug, C:\Users\Gast\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\fnijgkdahkbdgcbeablcmfjophbhfgji\2.0\EJF.js, Quarantined, [0360c465b1e9f83ea532a4324eb40af6],
PUP.Optional.MultiPlug, C:\Users\Gast\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\fnijgkdahkbdgcbeablcmfjophbhfgji\2.0\manifest.json, Quarantined, [0360c465b1e9f83ea532a4324eb40af6],
PUP.Optional.MultiPlug, C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\120\lsdb.js, Quarantined, [66fd9c8d6a307bbb22b511c5e41e3fc1],
PUP.Optional.MultiPlug, C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\120\background.html, Quarantined, [66fd9c8d6a307bbb22b511c5e41e3fc1],
PUP.Optional.MultiPlug, C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\120\content.js, Quarantined, [66fd9c8d6a307bbb22b511c5e41e3fc1],
PUP.Optional.MultiPlug, C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\120\ezWq5HefLQ.js, Quarantined, [66fd9c8d6a307bbb22b511c5e41e3fc1],
PUP.Optional.MultiPlug, C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\120\manifest.json, Quarantined, [66fd9c8d6a307bbb22b511c5e41e3fc1],
PUP.Optional.MultiPlug, C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\fnijgkdahkbdgcbeablcmfjophbhfgji\2.0\lsdb.js, Quarantined, [0d5673b6504aef47e4f35f77eb179868],
PUP.Optional.MultiPlug, C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\fnijgkdahkbdgcbeablcmfjophbhfgji\2.0\background.html, Quarantined, [0d5673b6504aef47e4f35f77eb179868],
PUP.Optional.MultiPlug, C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\fnijgkdahkbdgcbeablcmfjophbhfgji\2.0\content.js, Quarantined, [0d5673b6504aef47e4f35f77eb179868],
PUP.Optional.MultiPlug, C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\fnijgkdahkbdgcbeablcmfjophbhfgji\2.0\EJF.js, Quarantined, [0d5673b6504aef47e4f35f77eb179868],
PUP.Optional.MultiPlug, C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\fnijgkdahkbdgcbeablcmfjophbhfgji\2.0\manifest.json, Quarantined, [0d5673b6504aef47e4f35f77eb179868],
PUP.Optional.MultiPlug, C:\Users\Administrator\AppData\Local\Torch\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\120\lsdb.js, Quarantined, [0162a8816f2b8caa0ccc587e08faa759],
PUP.Optional.MultiPlug, C:\Users\Administrator\AppData\Local\Torch\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\120\background.html, Quarantined, [0162a8816f2b8caa0ccc587e08faa759],
PUP.Optional.MultiPlug, C:\Users\Administrator\AppData\Local\Torch\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\120\content.js, Quarantined, [0162a8816f2b8caa0ccc587e08faa759],
PUP.Optional.MultiPlug, C:\Users\Administrator\AppData\Local\Torch\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\120\ezWq5HefLQ.js, Quarantined, [0162a8816f2b8caa0ccc587e08faa759],
PUP.Optional.MultiPlug, C:\Users\Administrator\AppData\Local\Torch\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\120\manifest.json, Quarantined, [0162a8816f2b8caa0ccc587e08faa759],
PUP.Optional.MultiPlug, C:\Users\Administrator\AppData\Local\Torch\User Data\Default\Extensions\fnijgkdahkbdgcbeablcmfjophbhfgji\2.0\lsdb.js, Quarantined, [372c15140c8eba7c8850e0f6dc26d030],
PUP.Optional.MultiPlug, C:\Users\Administrator\AppData\Local\Torch\User Data\Default\Extensions\fnijgkdahkbdgcbeablcmfjophbhfgji\2.0\background.html, Quarantined, [372c15140c8eba7c8850e0f6dc26d030],
PUP.Optional.MultiPlug, C:\Users\Administrator\AppData\Local\Torch\User Data\Default\Extensions\fnijgkdahkbdgcbeablcmfjophbhfgji\2.0\content.js, Quarantined, [372c15140c8eba7c8850e0f6dc26d030],
PUP.Optional.MultiPlug, C:\Users\Administrator\AppData\Local\Torch\User Data\Default\Extensions\fnijgkdahkbdgcbeablcmfjophbhfgji\2.0\EJF.js, Quarantined, [372c15140c8eba7c8850e0f6dc26d030],
PUP.Optional.MultiPlug, C:\Users\Administrator\AppData\Local\Torch\User Data\Default\Extensions\fnijgkdahkbdgcbeablcmfjophbhfgji\2.0\manifest.json, Quarantined, [372c15140c8eba7c8850e0f6dc26d030],
PUP.Optional.MultiPlug, C:\Users\ASPNET\AppData\Local\Torch\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\120\lsdb.js, Quarantined, [c69d0425108ab97dd0088a4c986a639d],
PUP.Optional.MultiPlug, C:\Users\ASPNET\AppData\Local\Torch\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\120\background.html, Quarantined, [c69d0425108ab97dd0088a4c986a639d],
PUP.Optional.MultiPlug, C:\Users\ASPNET\AppData\Local\Torch\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\120\content.js, Quarantined, [c69d0425108ab97dd0088a4c986a639d],
PUP.Optional.MultiPlug, C:\Users\ASPNET\AppData\Local\Torch\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\120\ezWq5HefLQ.js, Quarantined, [c69d0425108ab97dd0088a4c986a639d],
PUP.Optional.MultiPlug, C:\Users\ASPNET\AppData\Local\Torch\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\120\manifest.json, Quarantined, [c69d0425108ab97dd0088a4c986a639d],
PUP.Optional.MultiPlug, C:\Users\ASPNET\AppData\Local\Torch\User Data\Default\Extensions\fnijgkdahkbdgcbeablcmfjophbhfgji\2.0\lsdb.js, Quarantined, [b0b34edb881201359b3dca0cd929867a],
PUP.Optional.MultiPlug, C:\Users\ASPNET\AppData\Local\Torch\User Data\Default\Extensions\fnijgkdahkbdgcbeablcmfjophbhfgji\2.0\background.html, Quarantined, [b0b34edb881201359b3dca0cd929867a],
PUP.Optional.MultiPlug, C:\Users\ASPNET\AppData\Local\Torch\User Data\Default\Extensions\fnijgkdahkbdgcbeablcmfjophbhfgji\2.0\content.js, Quarantined, [b0b34edb881201359b3dca0cd929867a],
PUP.Optional.MultiPlug, C:\Users\ASPNET\AppData\Local\Torch\User Data\Default\Extensions\fnijgkdahkbdgcbeablcmfjophbhfgji\2.0\EJF.js, Quarantined, [b0b34edb881201359b3dca0cd929867a],
PUP.Optional.MultiPlug, C:\Users\ASPNET\AppData\Local\Torch\User Data\Default\Extensions\fnijgkdahkbdgcbeablcmfjophbhfgji\2.0\manifest.json, Quarantined, [b0b34edb881201359b3dca0cd929867a],
PUP.Optional.MultiPlug, C:\Users\Gast\AppData\Local\Torch\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\120\lsdb.js, Quarantined, [c59e7aaf207a2c0a4791c610936f40c0],
PUP.Optional.MultiPlug, C:\Users\Gast\AppData\Local\Torch\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\120\background.html, Quarantined, [c59e7aaf207a2c0a4791c610936f40c0],
PUP.Optional.MultiPlug, C:\Users\Gast\AppData\Local\Torch\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\120\content.js, Quarantined, [c59e7aaf207a2c0a4791c610936f40c0],
PUP.Optional.MultiPlug, C:\Users\Gast\AppData\Local\Torch\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\120\ezWq5HefLQ.js, Quarantined, [c59e7aaf207a2c0a4791c610936f40c0],
PUP.Optional.MultiPlug, C:\Users\Gast\AppData\Local\Torch\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\120\manifest.json, Quarantined, [c59e7aaf207a2c0a4791c610936f40c0],
PUP.Optional.MultiPlug, C:\Users\Gast\AppData\Local\Torch\User Data\Default\Extensions\fnijgkdahkbdgcbeablcmfjophbhfgji\2.0\lsdb.js, Quarantined, [fe65ed3c96040036f6e2e5f1eb175ba5],
PUP.Optional.MultiPlug, C:\Users\Gast\AppData\Local\Torch\User Data\Default\Extensions\fnijgkdahkbdgcbeablcmfjophbhfgji\2.0\background.html, Quarantined, [fe65ed3c96040036f6e2e5f1eb175ba5],
PUP.Optional.MultiPlug, C:\Users\Gast\AppData\Local\Torch\User Data\Default\Extensions\fnijgkdahkbdgcbeablcmfjophbhfgji\2.0\content.js, Quarantined, [fe65ed3c96040036f6e2e5f1eb175ba5],
PUP.Optional.MultiPlug, C:\Users\Gast\AppData\Local\Torch\User Data\Default\Extensions\fnijgkdahkbdgcbeablcmfjophbhfgji\2.0\EJF.js, Quarantined, [fe65ed3c96040036f6e2e5f1eb175ba5],
PUP.Optional.MultiPlug, C:\Users\Gast\AppData\Local\Torch\User Data\Default\Extensions\fnijgkdahkbdgcbeablcmfjophbhfgji\2.0\manifest.json, Quarantined, [fe65ed3c96040036f6e2e5f1eb175ba5],
PUP.Optional.MultiPlug, C:\Users\HomeGroupUser$\AppData\Local\Torch\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\120\lsdb.js, Quarantined, [53100c1d7822112504d41cbaa55ddb25],
PUP.Optional.MultiPlug, C:\Users\HomeGroupUser$\AppData\Local\Torch\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\120\background.html, Quarantined, [53100c1d7822112504d41cbaa55ddb25],
PUP.Optional.MultiPlug, C:\Users\HomeGroupUser$\AppData\Local\Torch\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\120\content.js, Quarantined, [53100c1d7822112504d41cbaa55ddb25],
PUP.Optional.MultiPlug, C:\Users\HomeGroupUser$\AppData\Local\Torch\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\120\ezWq5HefLQ.js, Quarantined, [53100c1d7822112504d41cbaa55ddb25],
PUP.Optional.MultiPlug, C:\Users\HomeGroupUser$\AppData\Local\Torch\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\120\manifest.json, Quarantined, [53100c1d7822112504d41cbaa55ddb25],
PUP.Optional.MultiPlug, C:\Users\HomeGroupUser$\AppData\Local\Torch\User Data\Default\Extensions\fnijgkdahkbdgcbeablcmfjophbhfgji\2.0\lsdb.js, Quarantined, [ca99cf5a8d0d0e28fcdc24b2a55d946c],
PUP.Optional.MultiPlug, C:\Users\HomeGroupUser$\AppData\Local\Torch\User Data\Default\Extensions\fnijgkdahkbdgcbeablcmfjophbhfgji\2.0\background.html, Quarantined, [ca99cf5a8d0d0e28fcdc24b2a55d946c],
PUP.Optional.MultiPlug, C:\Users\HomeGroupUser$\AppData\Local\Torch\User Data\Default\Extensions\fnijgkdahkbdgcbeablcmfjophbhfgji\2.0\content.js, Quarantined, [ca99cf5a8d0d0e28fcdc24b2a55d946c],
PUP.Optional.MultiPlug, C:\Users\HomeGroupUser$\AppData\Local\Torch\User Data\Default\Extensions\fnijgkdahkbdgcbeablcmfjophbhfgji\2.0\EJF.js, Quarantined, [ca99cf5a8d0d0e28fcdc24b2a55d946c],
PUP.Optional.MultiPlug, C:\Users\HomeGroupUser$\AppData\Local\Torch\User Data\Default\Extensions\fnijgkdahkbdgcbeablcmfjophbhfgji\2.0\manifest.json, Quarantined, [ca99cf5a8d0d0e28fcdc24b2a55d946c],
PUP.Optional.MultiPlug, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\120\lsdb.js, Quarantined, [144f14154c4e5bdb39941e8e34cf21df],
PUP.Optional.MultiPlug, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\120\background.html, Quarantined, [144f14154c4e5bdb39941e8e34cf21df],
PUP.Optional.MultiPlug, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\120\content.js, Quarantined, [144f14154c4e5bdb39941e8e34cf21df],
PUP.Optional.MultiPlug, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\120\ezWq5HefLQ.js, Quarantined, [144f14154c4e5bdb39941e8e34cf21df],
PUP.Optional.MultiPlug, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\120\manifest.json, Quarantined, [144f14154c4e5bdb39941e8e34cf21df],
PUP.Optional.MultiPlug, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\fnijgkdahkbdgcbeablcmfjophbhfgji\2.0\lsdb.js, Quarantined, [8fd412179109e452b518b3f92ad99f61],
PUP.Optional.MultiPlug, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\fnijgkdahkbdgcbeablcmfjophbhfgji\2.0\background.html, Quarantined, [8fd412179109e452b518b3f92ad99f61],
PUP.Optional.MultiPlug, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\fnijgkdahkbdgcbeablcmfjophbhfgji\2.0\content.js, Quarantined, [8fd412179109e452b518b3f92ad99f61],
PUP.Optional.MultiPlug, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\fnijgkdahkbdgcbeablcmfjophbhfgji\2.0\EJF.js, Quarantined, [8fd412179109e452b518b3f92ad99f61],
PUP.Optional.MultiPlug, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\fnijgkdahkbdgcbeablcmfjophbhfgji\2.0\manifest.json, Quarantined, [8fd412179109e452b518b3f92ad99f61],
PUP.Optional.MultiPlug, C:\Users\ASPNET\AppData\Local\Google\Chrome\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\120\lsdb.js, Quarantined, [cd9657d2faa0e74fbe0f2e7e24df857b],
PUP.Optional.MultiPlug, C:\Users\ASPNET\AppData\Local\Google\Chrome\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\120\background.html, Quarantined, [cd9657d2faa0e74fbe0f2e7e24df857b],
PUP.Optional.MultiPlug, C:\Users\ASPNET\AppData\Local\Google\Chrome\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\120\content.js, Quarantined, [cd9657d2faa0e74fbe0f2e7e24df857b],
PUP.Optional.MultiPlug, C:\Users\ASPNET\AppData\Local\Google\Chrome\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\120\ezWq5HefLQ.js, Quarantined, [cd9657d2faa0e74fbe0f2e7e24df857b],
PUP.Optional.MultiPlug, C:\Users\ASPNET\AppData\Local\Google\Chrome\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\120\manifest.json, Quarantined, [cd9657d2faa0e74fbe0f2e7e24df857b],
PUP.Optional.MultiPlug, C:\Users\ASPNET\AppData\Local\Google\Chrome\User Data\Default\Extensions\fnijgkdahkbdgcbeablcmfjophbhfgji\2.0\lsdb.js, Quarantined, [e97ad356f9a147ef8f3e57558281ee12],
PUP.Optional.MultiPlug, C:\Users\ASPNET\AppData\Local\Google\Chrome\User Data\Default\Extensions\fnijgkdahkbdgcbeablcmfjophbhfgji\2.0\background.html, Quarantined, [e97ad356f9a147ef8f3e57558281ee12],
PUP.Optional.MultiPlug, C:\Users\ASPNET\AppData\Local\Google\Chrome\User Data\Default\Extensions\fnijgkdahkbdgcbeablcmfjophbhfgji\2.0\content.js, Quarantined, [e97ad356f9a147ef8f3e57558281ee12],
PUP.Optional.MultiPlug, C:\Users\ASPNET\AppData\Local\Google\Chrome\User Data\Default\Extensions\fnijgkdahkbdgcbeablcmfjophbhfgji\2.0\EJF.js, Quarantined, [e97ad356f9a147ef8f3e57558281ee12],
PUP.Optional.MultiPlug, C:\Users\ASPNET\AppData\Local\Google\Chrome\User Data\Default\Extensions\fnijgkdahkbdgcbeablcmfjophbhfgji\2.0\manifest.json, Quarantined, [e97ad356f9a147ef8f3e57558281ee12],
PUP.Optional.MultiPlug, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\120\lsdb.js, Quarantined, [d78c002919811026e8e5189437cc6a96],
PUP.Optional.MultiPlug, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\120\background.html, Quarantined, [d78c002919811026e8e5189437cc6a96],
PUP.Optional.MultiPlug, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\120\content.js, Quarantined, [d78c002919811026e8e5189437cc6a96],
PUP.Optional.MultiPlug, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\120\ezWq5HefLQ.js, Quarantined, [d78c002919811026e8e5189437cc6a96],
PUP.Optional.MultiPlug, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\120\manifest.json, Quarantined, [d78c002919811026e8e5189437cc6a96],
PUP.Optional.MultiPlug, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\fnijgkdahkbdgcbeablcmfjophbhfgji\2.0\lsdb.js, Quarantined, [71f284a5bae045f1d4f94b612cd76f91],
PUP.Optional.MultiPlug, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\fnijgkdahkbdgcbeablcmfjophbhfgji\2.0\background.html, Quarantined, [71f284a5bae045f1d4f94b612cd76f91],
PUP.Optional.MultiPlug, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\fnijgkdahkbdgcbeablcmfjophbhfgji\2.0\content.js, Quarantined, [71f284a5bae045f1d4f94b612cd76f91],
PUP.Optional.MultiPlug, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\fnijgkdahkbdgcbeablcmfjophbhfgji\2.0\EJF.js, Quarantined, [71f284a5bae045f1d4f94b612cd76f91],
PUP.Optional.MultiPlug, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\fnijgkdahkbdgcbeablcmfjophbhfgji\2.0\manifest.json, Quarantined, [71f284a5bae045f1d4f94b612cd76f91],
PUP.Optional.MultiPlug, C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\120\lsdb.js, Quarantined, [590a9594fd9d14228e3f7834dc278a76],
PUP.Optional.MultiPlug, C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\120\background.html, Quarantined, [590a9594fd9d14228e3f7834dc278a76],
PUP.Optional.MultiPlug, C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\120\content.js, Quarantined, [590a9594fd9d14228e3f7834dc278a76],
PUP.Optional.MultiPlug, C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\120\ezWq5HefLQ.js, Quarantined, [590a9594fd9d14228e3f7834dc278a76],
PUP.Optional.MultiPlug, C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\120\manifest.json, Quarantined, [590a9594fd9d14228e3f7834dc278a76],
PUP.Optional.MultiPlug, C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\fnijgkdahkbdgcbeablcmfjophbhfgji\2.0\lsdb.js, Quarantined, [ef7412174b4f40f6bf0ee2ca44bf0af6],
PUP.Optional.MultiPlug, C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\fnijgkdahkbdgcbeablcmfjophbhfgji\2.0\background.html, Quarantined, [ef7412174b4f40f6bf0ee2ca44bf0af6],
PUP.Optional.MultiPlug, C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\fnijgkdahkbdgcbeablcmfjophbhfgji\2.0\content.js, Quarantined, [ef7412174b4f40f6bf0ee2ca44bf0af6],
PUP.Optional.MultiPlug, C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\fnijgkdahkbdgcbeablcmfjophbhfgji\2.0\EJF.js, Quarantined, [ef7412174b4f40f6bf0ee2ca44bf0af6],
PUP.Optional.MultiPlug, C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\fnijgkdahkbdgcbeablcmfjophbhfgji\2.0\manifest.json, Quarantined, [ef7412174b4f40f6bf0ee2ca44bf0af6],
PUP.Optional.Chromatic, C:\Users\Administrator\AppData\Local\Chromatic Browser\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\120\background.html, Quarantined, [f86be742adeddd599b0903bfcf3310f0],
PUP.Optional.Chromatic, C:\Users\Administrator\AppData\Local\Chromatic Browser\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\120\content.js, Quarantined, [f86be742adeddd599b0903bfcf3310f0],
PUP.Optional.Chromatic, C:\Users\Administrator\AppData\Local\Chromatic Browser\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\120\ezWq5HefLQ.js, Quarantined, [f86be742adeddd599b0903bfcf3310f0],
PUP.Optional.Chromatic, C:\Users\Administrator\AppData\Local\Chromatic Browser\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\120\lsdb.js, Quarantined, [f86be742adeddd599b0903bfcf3310f0],
PUP.Optional.Chromatic, C:\Users\Administrator\AppData\Local\Chromatic Browser\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\120\manifest.json, Quarantined, [f86be742adeddd599b0903bfcf3310f0],
PUP.Optional.Chromatic, C:\Users\Administrator\AppData\Local\Chromatic Browser\User Data\Default\Extensions\fnijgkdahkbdgcbeablcmfjophbhfgji\2.0\background.html, Quarantined, [f86be742adeddd599b0903bfcf3310f0],
PUP.Optional.Chromatic, C:\Users\Administrator\AppData\Local\Chromatic Browser\User Data\Default\Extensions\fnijgkdahkbdgcbeablcmfjophbhfgji\2.0\content.js, Quarantined, [f86be742adeddd599b0903bfcf3310f0],
PUP.Optional.Chromatic, C:\Users\Administrator\AppData\Local\Chromatic Browser\User Data\Default\Extensions\fnijgkdahkbdgcbeablcmfjophbhfgji\2.0\EJF.js, Quarantined, [f86be742adeddd599b0903bfcf3310f0],
PUP.Optional.Chromatic, C:\Users\Administrator\AppData\Local\Chromatic Browser\User Data\Default\Extensions\fnijgkdahkbdgcbeablcmfjophbhfgji\2.0\lsdb.js, Quarantined, [f86be742adeddd599b0903bfcf3310f0],
PUP.Optional.Chromatic, C:\Users\Administrator\AppData\Local\Chromatic Browser\User Data\Default\Extensions\fnijgkdahkbdgcbeablcmfjophbhfgji\2.0\manifest.json, Quarantined, [f86be742adeddd599b0903bfcf3310f0],
PUP.Optional.Chromatic, C:\Users\ASPNET\AppData\Local\Chromatic Browser\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\120\background.html, Quarantined, [422115141288ec4a188cc6fc4ab820e0],
PUP.Optional.Chromatic, C:\Users\ASPNET\AppData\Local\Chromatic Browser\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\120\content.js, Quarantined, [422115141288ec4a188cc6fc4ab820e0],
PUP.Optional.Chromatic, C:\Users\ASPNET\AppData\Local\Chromatic Browser\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\120\ezWq5HefLQ.js, Quarantined, [422115141288ec4a188cc6fc4ab820e0],
PUP.Optional.Chromatic, C:\Users\ASPNET\AppData\Local\Chromatic Browser\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\120\lsdb.js, Quarantined, [422115141288ec4a188cc6fc4ab820e0],
PUP.Optional.Chromatic, C:\Users\ASPNET\AppData\Local\Chromatic Browser\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\120\manifest.json, Quarantined, [422115141288ec4a188cc6fc4ab820e0],
PUP.Optional.Chromatic, C:\Users\ASPNET\AppData\Local\Chromatic Browser\User Data\Default\Extensions\fnijgkdahkbdgcbeablcmfjophbhfgji\2.0\background.html, Quarantined, [422115141288ec4a188cc6fc4ab820e0],
PUP.Optional.Chromatic, C:\Users\ASPNET\AppData\Local\Chromatic Browser\User Data\Default\Extensions\fnijgkdahkbdgcbeablcmfjophbhfgji\2.0\content.js, Quarantined, [422115141288ec4a188cc6fc4ab820e0],
PUP.Optional.Chromatic, C:\Users\ASPNET\AppData\Local\Chromatic Browser\User Data\Default\Extensions\fnijgkdahkbdgcbeablcmfjophbhfgji\2.0\EJF.js, Quarantined, [422115141288ec4a188cc6fc4ab820e0],
PUP.Optional.Chromatic, C:\Users\ASPNET\AppData\Local\Chromatic Browser\User Data\Default\Extensions\fnijgkdahkbdgcbeablcmfjophbhfgji\2.0\lsdb.js, Quarantined, [422115141288ec4a188cc6fc4ab820e0],
PUP.Optional.Chromatic, C:\Users\ASPNET\AppData\Local\Chromatic Browser\User Data\Default\Extensions\fnijgkdahkbdgcbeablcmfjophbhfgji\2.0\manifest.json, Quarantined, [422115141288ec4a188cc6fc4ab820e0],
PUP.Optional.Chromatic, C:\Users\Gast\AppData\Local\Chromatic Browser\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\120\background.html, Quarantined, [99ca8e9b564466d0f0b4f7cba65c6898],
PUP.Optional.Chromatic, C:\Users\Gast\AppData\Local\Chromatic Browser\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\120\content.js, Quarantined, [99ca8e9b564466d0f0b4f7cba65c6898],
PUP.Optional.Chromatic, C:\Users\Gast\AppData\Local\Chromatic Browser\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\120\ezWq5HefLQ.js, Quarantined, [99ca8e9b564466d0f0b4f7cba65c6898],
PUP.Optional.Chromatic, C:\Users\Gast\AppData\Local\Chromatic Browser\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\120\lsdb.js, Quarantined, [99ca8e9b564466d0f0b4f7cba65c6898],
PUP.Optional.Chromatic, C:\Users\Gast\AppData\Local\Chromatic Browser\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\120\manifest.json, Quarantined, [99ca8e9b564466d0f0b4f7cba65c6898],
PUP.Optional.Chromatic, C:\Users\Gast\AppData\Local\Chromatic Browser\User Data\Default\Extensions\fnijgkdahkbdgcbeablcmfjophbhfgji\2.0\background.html, Quarantined, [99ca8e9b564466d0f0b4f7cba65c6898],
PUP.Optional.Chromatic, C:\Users\Gast\AppData\Local\Chromatic Browser\User Data\Default\Extensions\fnijgkdahkbdgcbeablcmfjophbhfgji\2.0\content.js, Quarantined, [99ca8e9b564466d0f0b4f7cba65c6898],
PUP.Optional.Chromatic, C:\Users\Gast\AppData\Local\Chromatic Browser\User Data\Default\Extensions\fnijgkdahkbdgcbeablcmfjophbhfgji\2.0\EJF.js, Quarantined, [99ca8e9b564466d0f0b4f7cba65c6898],
PUP.Optional.Chromatic, C:\Users\Gast\AppData\Local\Chromatic Browser\User Data\Default\Extensions\fnijgkdahkbdgcbeablcmfjophbhfgji\2.0\lsdb.js, Quarantined, [99ca8e9b564466d0f0b4f7cba65c6898],
PUP.Optional.Chromatic, C:\Users\Gast\AppData\Local\Chromatic Browser\User Data\Default\Extensions\fnijgkdahkbdgcbeablcmfjophbhfgji\2.0\manifest.json, Quarantined, [99ca8e9b564466d0f0b4f7cba65c6898],
PUP.Optional.Chromatic, C:\Users\HomeGroupUser$\AppData\Local\Chromatic Browser\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\120\background.html, Quarantined, [cd961a0fe6b4bf77079dc7fb9b671ee2],
PUP.Optional.Chromatic, C:\Users\HomeGroupUser$\AppData\Local\Chromatic Browser\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\120\content.js, Quarantined, [cd961a0fe6b4bf77079dc7fb9b671ee2],
PUP.Optional.Chromatic, C:\Users\HomeGroupUser$\AppData\Local\Chromatic Browser\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\120\ezWq5HefLQ.js, Quarantined, [cd961a0fe6b4bf77079dc7fb9b671ee2],
PUP.Optional.Chromatic, C:\Users\HomeGroupUser$\AppData\Local\Chromatic Browser\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\120\lsdb.js, Quarantined, [cd961a0fe6b4bf77079dc7fb9b671ee2],
PUP.Optional.Chromatic, C:\Users\HomeGroupUser$\AppData\Local\Chromatic Browser\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\120\manifest.json, Quarantined, [cd961a0fe6b4bf77079dc7fb9b671ee2],
PUP.Optional.Chromatic, C:\Users\HomeGroupUser$\AppData\Local\Chromatic Browser\User Data\Default\Extensions\fnijgkdahkbdgcbeablcmfjophbhfgji\2.0\background.html, Quarantined, [cd961a0fe6b4bf77079dc7fb9b671ee2],
PUP.Optional.Chromatic, C:\Users\HomeGroupUser$\AppData\Local\Chromatic Browser\User Data\Default\Extensions\fnijgkdahkbdgcbeablcmfjophbhfgji\2.0\content.js, Quarantined, [cd961a0fe6b4bf77079dc7fb9b671ee2],
PUP.Optional.Chromatic, C:\Users\HomeGroupUser$\AppData\Local\Chromatic Browser\User Data\Default\Extensions\fnijgkdahkbdgcbeablcmfjophbhfgji\2.0\EJF.js, Quarantined, [cd961a0fe6b4bf77079dc7fb9b671ee2],
PUP.Optional.Chromatic, C:\Users\HomeGroupUser$\AppData\Local\Chromatic Browser\User Data\Default\Extensions\fnijgkdahkbdgcbeablcmfjophbhfgji\2.0\lsdb.js, Quarantined, [cd961a0fe6b4bf77079dc7fb9b671ee2],
PUP.Optional.Chromatic, C:\Users\HomeGroupUser$\AppData\Local\Chromatic Browser\User Data\Default\Extensions\fnijgkdahkbdgcbeablcmfjophbhfgji\2.0\manifest.json, Quarantined, [cd961a0fe6b4bf77079dc7fb9b671ee2],

Physical Sectors: 0
(No malicious items detected)


(end)
MentalParadox is offline  
Old 07-28-2016, 10:14 AM   #14
Registered Member
 
MentalParadox's Avatar
 
Join Date: Mar 2013
Location: Brasschaat, Belgium.
Posts: 131
OS: Windows 10 Home, 64bit



Unfortunately ESET scanner never worked. AT some point, text becomes "black" and unreadable, and it just freezes at about 75%. It DID detect 23 threats before freezing. I have attached a JPG image to show what I mean.

As for the computer status, well... As I explained in the OP, there was never a problem with the exception of those files that have "JoniCoupon" as their extension. This problem remains.
Attached Thumbnails
Click image for larger version

Name:	Bug.jpg
Views:	161
Size:	117.7 KB
ID:	288433   Click image for larger version

Name:	JoniCoupon.jpg
Views:	167
Size:	160.7 KB
ID:	288441  
MentalParadox is offline  
Old 07-30-2016, 02:11 PM   #15
Security Team
Analyst
 
tekir06's Avatar
 
Join Date: Oct 2010
Location: Turkiye
Posts: 1,859
OS: Windows 7 (32 Bit)



Hello again,

Thanks for the log. Please do the following.

Please download SystemLook from one of the links below and save it to your Desktop.
Download Mirror #1
Download Mirror #2


Double-click SystemLook_x64.exe to run it. (Vista/Win7/Win8 users, right-click > Run as Administrator)
Copy/paste the contents of the following codebox into the main textfield:
Code:
:folderfind
JoniCoupon

:filefind
JoniCoupon

:regfind 
JoniCoupon
Click the Look button to start the scan.
Please be patient, as it may take a while.
:aarowr: When finished, a Notepad file will open with the results of the scan.
Please post this log in your next reply.

Note: The log can also be found on your Desktop entitled SystemLook.txt
__________________
tekir06 is offline  
Old 07-31-2016, 03:14 AM   #16
Registered Member
 
MentalParadox's Avatar
 
Join Date: Mar 2013
Location: Brasschaat, Belgium.
Posts: 131
OS: Windows 10 Home, 64bit



IMPORTANT NOTE: JoniCoupon.jpg, located in OneDrive, is simply the JPG I attached to my OP, the picture I used to demonstrate the problem. It's not malicious.
---

SystemLook 30.07.11 by jpshortstuff
Log created at 12:08 on 31/07/2016 by User
Administrator - Elevation successful

========== folderfind ==========

Searching for "JoniCoupon"
No folders found.

========== filefind ==========

Searching for "JoniCoupon"
No files found.

========== regfind ==========

Searching for "JoniCoupon"
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Applets\Paint\Recent File List]
"File1"="C:\Users\User\OneDrive\JoniCoupon.jpg"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.]
@="JoniCoupon"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\..9]
@="JoniCoupon"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{857a4026-267c-42ed-8c34-a6adabfa58a4}]
@="JoniCoupon"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{857a4026-267c-42ed-8c34-a6adabfa58a4}\InprocServer32]
@="C:\ProgramData\JoniCoupon\bPK9Hs7Caxj5OB.x64.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{857a4026-267c-42ed-8c34-a6adabfa58a4}]
@="JoniCoupon"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{857a4026-267c-42ed-8c34-a6adabfa58a4}\InprocServer32]
@="C:\ProgramData\JoniCoupon\bPK9Hs7Caxj5OB.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\CLSID\{857a4026-267c-42ed-8c34-a6adabfa58a4}]
@="JoniCoupon"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\CLSID\{857a4026-267c-42ed-8c34-a6adabfa58a4}\InprocServer32]
@="C:\ProgramData\JoniCoupon\bPK9Hs7Caxj5OB.dll"
[HKEY_USERS\S-1-5-21-2689027922-2357379931-3514953091-1000\Software\Microsoft\Windows\CurrentVersion\Applets\Paint\Recent File List]
"File1"="C:\Users\User\OneDrive\JoniCoupon.jpg"

-= EOF =-
MentalParadox is offline  
Old 08-04-2016, 04:00 AM   #17
Security Team
Analyst
 
tekir06's Avatar
 
Join Date: Oct 2010
Location: Turkiye
Posts: 1,859
OS: Windows 7 (32 Bit)



Hello MentalParadox,

Please do the following.

Open Notepad and copy/paste the entire contents of the codebox below into Notepad. Don't forget to copy and paste REGEDIT4:

Code:
REGEDIT4

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Applets\Paint\Recent File List]
"File1"=-

[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.]

[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\..9]

[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{857a4026-267c-42ed-8c34-a6adabfa58a4}]

[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{857a4026-267c-42ed-8c34-a6adabfa58a4}]

[-HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\CLSID\{857a4026-267c-42ed-8c34-a6adabfa58a4}]

[HKEY_USERS\S-1-5-21-2689027922-2357379931-3514953091-1000\Software\Microsoft\Windows\CurrentVersion\Applets\Paint\Recent File List]
"File1"=-
__________________
tekir06 is offline  
Old 08-04-2016, 03:41 PM   #18
Registered Member
 
MentalParadox's Avatar
 
Join Date: Mar 2013
Location: Brasschaat, Belgium.
Posts: 131
OS: Windows 10 Home, 64bit



Done!
MentalParadox is offline  
Old 08-05-2016, 12:30 AM   #19
Security Team
Analyst
 
tekir06's Avatar
 
Join Date: Oct 2010
Location: Turkiye
Posts: 1,859
OS: Windows 7 (32 Bit)



Hello MentalParadox,

Sorry. I wrote Missing. Please do the following.

Open Notepad and copy/paste the entire contents of the codebox below into Notepad. Don't forget to copy and paste REGEDIT4:

Code:
REGEDIT4

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Applets\Paint\Recent File List]
"File1"=-

[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.]

[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\..9]

[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{857a4026-267c-42ed-8c34-a6adabfa58a4}]

[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{857a4026-267c-42ed-8c34-a6adabfa58a4}]

[-HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\CLSID\{857a4026-267c-42ed-8c34-a6adabfa58a4}]

[HKEY_USERS\S-1-5-21-2689027922-2357379931-3514953091-1000\Software\Microsoft\Windows\CurrentVersion\Applets\Paint\Recent File List]
"File1"=-
Save the file as fix.reg and choose to Save as type: - All Files then close the Notepad file.
It should look like this:

Double-click on fix.reg and choose Yes to merge/add it to the registry. Please delete the file afterwards.
__________________
tekir06 is offline  
Old 08-07-2016, 05:01 AM   #20
Registered Member
 
MentalParadox's Avatar
 
Join Date: Mar 2013
Location: Brasschaat, Belgium.
Posts: 131
OS: Windows 10 Home, 64bit



That did it! It updated the registry, and now the ".JoniCoupon" extensions are gone. The files are just "files" now, with no extension whatsoever.

I guess it's fixed! Thank you =)
MentalParadox is offline  
Closed Thread

Thread Tools Search this Thread
Search this Thread:

Advanced Search

Similar Threads
Thread Thread Starter Forum Replies Last Post
Diagnostics policy service won't start
I can access wifi with all devices except my laptop. Problem started first thing this morning. I have run virus scans, reboot router and computer, also tried instructions that were given in another post on this site a to no avail. When I click start the service it says error 5 access denied. This...
kmarion Windows 7 , Windows Vista Support 48 02-16-2014 04:27 PM
Internet works but internet browsers won't open...
My internet browsers and internet browsing related software (such as updaters and uninstallers and installers) just won't open... I only have two internet browsers Firefox(Mostly used) and Google Chrome. Everytime I try to open it, the cursor will turn into the "Working in desktop" cursor...
ZenNaari Networking Support 10 12-28-2012 02:39 AM
Beeping Sounds in the Background
I went to a site today and immediately realized it was a "bad" site, but was on a browser without WoT. (I was searching for the difference between a wet and a dry cappuccinno and ended up at some file server.) Anyway, shortly after, I could hear background sounds that sounded like a virus was...
flourcollie Inactive Malware Help Topics 26 12-02-2012 11:43 PM
Win32/Rootkit.Whistler.A
So i got an old computer with xp as OS. My AntiVirus, Eset NOD32 detected this Virus but couldnt remove it. I cant say i have runningproblems with the virus, ok it freezes some times but no problem. But i read they can steal password an so on, so no god at all. :sad: Ive checked out the NEW...
Vallentino Resolved HJT Threads 31 04-04-2012 01:26 PM
Antivirus programs and Windows updates blocked
Hello to the Forum. I have got this problem: it is impossible to update antivirus programs and windows. Regarding the latter, I can't perform windows update neither from the start menu (error code 80072EFE) neither from internet (can't connect to windows update page). Other than this I can't...
beppe1968 Resolved HJT Threads 25 10-06-2011 02:24 AM

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is on
Smilies are on
[IMG] code is on
HTML code is Off
Trackbacks are Off
Pingbacks are Off
Refbacks are Off


Post a Question


» Site Navigation
 > FAQ
  > 10.0.0.2
Powered by vBadvanced CMPS v3.2.3


All times are GMT -7. The time now is 11:37 AM.


Powered by vBulletin® Version 3.8.8
Copyright ©2000 - 2020, vBulletin Solutions, Inc.
vBulletin Security provided by vBSecurity v2.2.2 (Pro) - vBulletin Mods & Addons Copyright © 2020 DragonByte Technologies Ltd.
User Alert System provided by Advanced User Tagging v3.1.0 (Pro) - vBulletin Mods & Addons Copyright © 2020 DragonByte Technologies Ltd.
Copyright 2001 - 2018, Tech Support Forum

Windows 10 - Windows 7 - Windows XP - Windows Vista - Trojan Removal - Spyware Removal - Virus Removal - Networking - Security - Top Web Hosts