Javascript Disabled Detected

You currently have javascript disabled. Several functions may not work. Please re-enable javascript to access full functionality.

Spring "Cleaning" time

Started by Wolfie , Mar 28 2018 10:56 PM

This topic is locked

#1
Wolfie

Posted 28 March 2018 - 10:56 PM

Member

Member
74 posts

This is mostly just a cautionary check, as I've been running this install for a few years now and would rather be safe than sorry. There is a small bit of concern as I tried to install an android emulator recently, but after the install completed, I couldn't find it anywhere on my system. So either it just failed to install, or it was a trojan. One thing that I did happen to notice recently was that what appeared to be a command (DOS) window opened up for a very brief moment (half a second at most). I can think of one way that it was legit, but would rather cover my bases. As I said before, been running this install for a few years now, and despite having had anti-virus software available, I know things can still sneak in.

Edit: Also, when I started FRST, some error popped up, though it continued to run just fine. See attached. Not mentioning this as a bug report, but rather, in case it is a symptom of malware or something.

Log files:

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 14.03.2018

Ran by Wolfie (administrator) on WOLF10 (29-03-2018 00:49:04)

Running from S:\

Loaded Profiles: Wolfie (Available Profiles: Wolfie & Other)

Platform: Windows 10 Education Version 1703 15063.850 (X64) Language: English (United States)

Internet Explorer Version 11 (Default browser: Chrome)

Boot Mode: Normal

Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe

(Intel Corporation) C:\Windows\System32\igfxCUIService.exe

() C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe

(AOMEI Tech Co., Ltd.) C:\Program Files (x86)\AOMEI Backupper\ABService.exe

(Actual Tools) C:\Program Files (x86)\Actual Window Manager\LogonScreenService.exe

(Division-M Pty Ltd) C:\Program Files\Division-M\Cloud Xtender\CloudXtenderService.exe

(Broadcom Corporation.) C:\Windows\System32\BtwRSupportService.exe

(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe

(DTS, Inc) C:\Program Files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe

(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe

(Symantec Corporation) C:\Program Files (x86)\Norton Security\Engine\22.12.1.15\nortonsecurity.exe

(DEVGURU Co., LTD.) C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe

(Tangentix Ltd) C:\Program Files\Tangentix\Runtime\x64\TDDService.exe

(Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.12.17007.18022-0\MsMpEng.exe

(Microsoft Corporation) C:\Windows\System32\vmms.exe

(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe

(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe

(Microsoft Corporation) C:\Windows\System32\vmcompute.exe

(Symantec Corporation) C:\Program Files (x86)\Norton Security\Engine\22.12.1.15\nortonsecurity.exe

(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe

(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe

(Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.12.17007.18022-0\NisSrv.exe

(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe

(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe

(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe

(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe

(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe

(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe

(Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe

(Logitech, Inc.) C:\Program Files\Common Files\logishrd\KHAL3\KHALMNPR.exe

(Highresolution Enterprises) C:\Program Files\Highresolution Enterprises\X-Mouse Button Control\XMouseButtonControl.exe

(Tangentix Ltd) C:\Program Files\Tangentix\Runtime\x64\GSTray.exe

(Valve Corporation) S:\Steam\Steam.exe

(Actual Tools) C:\Program Files (x86)\Actual Window Manager\ActualWindowManagerCenter.exe

(Actual Tools) C:\Program Files (x86)\Actual Window Manager\ActualWindowManagerCenter64.exe

(Oracle Corporation) C:\Program Files\Java\jre1.8.0_161\bin\javaw.exe

(Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet Pro 8600\Bin\ScanToPCActivationApp.exe

(Actual Tools) C:\Program Files (x86)\Actual Window Manager\ActualWindowManagerShellCenter64.exe

(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe

(Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet Pro 8600\Bin\HPNetworkCommunicator.exe

(Wondershare) C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe

(Valve Corporation) S:\Steam\bin\cef\cef.win7\steamwebhelper.exe

(GIGABYTE Technology Co.,Ltd.) C:\Program Files (x86)\GIGABYTE\XTREME GAMING ENGINE\Xtreme.exe

(Logitech Inc.) C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe

(Valve Corporation) S:\Steam\bin\cef\cef.win7\steamwebhelper.exe

() C:\Program Files (x86)\Logitech\LWS\Webcam Software\CameraHelperShell.exe

(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe

() C:\Program Files (x86)\EaseUS\EaseUS Partition Master 12.0\bin\TrayPopupE\TrayTipAgentE.exe

(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe

(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

() C:\Program Files (x86)\AOMEI Backupper\ABNotify.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe

(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe

(Coupons.com Inc.) C:\Program Files (x86)\Coupons\CouponPrinterService.exe

(Microsoft Corporation) C:\Windows\System32\cmd.exe

(Robert Chartier) C:\Program Files (x86)\Terminals\Terminals.exe

(Microsoft Corporation) C:\Windows\System32\dllhost.exe

(Don HO [email protected]) C:\Program Files (x86)\Notepad++\notepad++.exe

(Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe

() C:\Program Files (x86)\obs-studio\bin\64bit\obs64.exe

() C:\Program Files (x86)\obs-studio\obs-plugins\64bit\cef-bootstrap.exe

(Valve Corporation) S:\Steam\bin\cef\cef.win7\steamwebhelper.exe

Failed to access process -> explorer.exe

(Microsoft Corporation) C:\Windows\System32\dllhost.exe

(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe

(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVShNotify.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Microsoft Corporation) C:\Windows\System32\DataExchangeHost.exe

(Discord Inc.) C:\Users\Wolfie\AppData\Local\Discord\app-0.0.300\Discord.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe

(Microsoft Corporation) C:\Windows\System32\browser_broker.exe

(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Oracle Corporation) C:\Program Files\Oracle\VirtualBox\VirtualBox.exe

(Oracle Corporation) C:\Program Files\Oracle\VirtualBox\VBoxSVC.exe

(Oracle Corporation) C:\Program Files\Oracle\VirtualBox\VirtualBox.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe

() C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1709.2703.0_x64__8wekyb3d8bbwe\Calculator.exe

(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_11802.1001.11.0_x64__8wekyb3d8bbwe\WinStore.App.exe

(Microsoft Corporation) C:\Windows\System32\bcastdvr.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Microsoft Corporation) C:\Windows\System32\smartscreen.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [629152 2017-03-18] (Microsoft Corporation)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8483032 2015-05-28] (Realtek Semiconductor)

HKLM\...\Run: [RtHDVBg_DTS] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1393880 2015-04-28] (Realtek Semiconductor)

HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch

HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [15053944 2016-01-06] (Logitech Inc.)

HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500208 2010-03-06] (Adobe Systems Incorporated)

HKLM\...\Run: [Cloud Xtender Tray] => C:\Program Files\Division-M\Cloud Xtender\CloudXtenderTray.exe [7703632 2016-02-02] (Division-M)

HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [3113592 2015-08-25] (Logitech, Inc.)

HKLM\...\Run: [XMouseButtonControl] => C:\Program Files\Highresolution Enterprises\X-Mouse Button Control\XMouseButtonControl.exe [1570512 2017-12-23] (Highresolution Enterprises)

HKLM\...\Run: [GameSessionsTray] => C:\Program Files\Tangentix\Runtime\x64\GSTray.exe [161168 2018-02-18] (Tangentix Ltd)

HKLM\...\Run: [WindowsDefender] => C:\Program Files\Windows Defender\MSASCuiL.exe [629152 2017-03-18] (Microsoft Corporation)

HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)

HKLM-x32\...\Run: [AdobeCS5ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [406992 2010-02-22] (Adobe Systems Incorporated)

HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)

HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [3567936 2018-03-15] (Dropbox, Inc.)

HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2131344 2016-06-20] (Wondershare)

HKLM-x32\...\Run: [DelaypluginInstall] => C:\ProgramData\Wondershare\AllMyTube\DelayPluginI.exe [1971856 2016-04-22] ()

HKLM-x32\...\Run: [LWS] => C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe [204136 2012-09-13] (Logitech Inc.)

HKLM-x32\...\Run: [EaseUS EPM Tray Agent] => C:\Program Files (x86)\EaseUS\EaseUS Partition Master 12.0\bin\TrayPopupE\TrayTipAgentE.exe [255072 2014-11-18] ()

HKLM-x32\...\Run: [KiesTrayAgent] => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [318128 2016-11-16] (Samsung Electronics Co., Ltd.)

HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-12-19] (Oracle Corporation)

HKLM-x32\...\Run: [ABNotify] => C:\Program Files (x86)\AOMEI Backupper\ABNotify.exe [89960 2017-03-25] ()

Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)

HKU\S-1-5-21-1850599263-3589281596-2263528853-1001\...\Run: [Steam] => S:\Steam\steam.exe [3111712 2017-12-15] (Valve Corporation)

HKU\S-1-5-21-1850599263-3589281596-2263528853-1001\...\Run: [Actual Window Manager] => C:\Program Files (x86)\Actual Window Manager\ActualWindowManagerCenter.exe [2120216 2016-03-31] (Actual Tools)

HKU\S-1-5-21-1850599263-3589281596-2263528853-1001\...\Run: [Discord] => C:\Users\Wolfie\AppData\Local\Discord\app-0.0.300\Discord.exe [57821176 2018-01-08] (Discord Inc.)

HKU\S-1-5-21-1850599263-3589281596-2263528853-1001\...\Run: [HP Officejet Pro 8600 (NET)] => C:\Program Files\HP\HP Officejet Pro 8600\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.)

HKU\S-1-5-21-1850599263-3589281596-2263528853-1001\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [1421736 2017-03-28] (Garmin Ltd. or its subsidiaries)

HKU\S-1-5-21-1850599263-3589281596-2263528853-1001\...\Run: [AdobeBridge] => [X]

HKU\S-1-5-21-1850599263-3589281596-2263528853-1001\...\Run: [GoogleChromeAutoLaunch_898CD2791DAB22B2E3089862E29E5AE3] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1589592 2018-03-20] (Google Inc.)

HKU\S-1-5-21-1850599263-3589281596-2263528853-1001\...\MountPoints2: {09ca2d96-5d0c-11e7-a932-806e6f6e6963} - "D:\setup.exe"

HKU\S-1-5-18\...\RunOnce: [Application Restart #0] => C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe [391040 2017-03-18] (Microsoft Corporation)

HKU\S-1-5-18\...\RunOnce: [Application Restart #1] => C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe [391040 2017-03-18] (Microsoft Corporation)

SSODL: EldosMountNotificator-VHyperDrive5 - {E9C784FE-38EA-42BB-84CC-50BA6A19ECA0} - C:\Windows\system32\VHyperDriveMntNtf5.dll (Division-M)

SSODL-x32: EldosMountNotificator-VHyperDrive5 - {E9C784FE-38EA-42BB-84CC-50BA6A19ECA0} - C:\Windows\SysWOW64\VHyperDriveMntNtf5.dll (Division-M)

Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Install LastPass IE RunOnce.lnk [2016-01-21]

ShortcutTarget: Install LastPass IE RunOnce.lnk -> C:\Program Files (x86)\Common Files\lpuninstall.exe ()

Startup: C:\Users\Wolfie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\GIGABYTE XTREME GAMING ENGINE.lnk [2018-03-12]

ShortcutTarget: GIGABYTE XTREME GAMING ENGINE.lnk -> C:\Program Files (x86)\GIGABYTE\XTREME GAMING ENGINE\autorun.exe ()

GroupPolicy: Restriction <==== ATTENTION

CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

ProxyServer: [S-1-5-21-1850599263-3589281596-2263528853-1001] => 192.168.0.1:8118

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1

Tcpip\..\Interfaces\{5b628578-c875-45b4-a685-3536ad22de67}: [DhcpNameServer] 192.168.42.129

Tcpip\..\Interfaces\{644d245f-6167-4c7c-b15f-bb1307d79781}: [DhcpNameServer] 192.168.42.129

Tcpip\..\Interfaces\{885a82d1-b59e-40b4-8c9d-86df7c4458d0}: [DhcpNameServer] 192.168.0.1

Tcpip\..\Interfaces\{afe3f64b-7f60-4ab2-bfec-24660064df3d}: [DhcpNameServer] 192.168.42.129

Internet Explorer:

==================

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION

HKU\S-1-5-21-1850599263-3589281596-2263528853-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:Tabs

BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2018-02-20] (Microsoft Corporation)

BHO: Norton Identity Safety -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Security\Engine\22.12.1.15\coIEPlg.dll [2018-03-02] (Symantec Corporation)

BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_161\bin\ssv.dll [2018-02-23] (Oracle Corporation)

BHO: LastPass Vault -> {95D9ECF5-2A4D-4550-BE49-70D42F71296E} -> C:\Program Files (x86)\LastPass\LPToolbar_x64.dll [2016-01-21] (LastPass)

BHO: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll [2015-08-25] (Logitech, Inc.)

BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\root\Office16\GROOVEEX.DLL [2018-01-20] (Microsoft Corporation)

BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_161\bin\jp2ssv.dll [2018-02-23] (Oracle Corporation)

BHO-x32: Wondershare AllMyTube 4.9.0 -> {067DF9EC-26B7-40DC-8DB8-CD8BE85AE367} -> C:\ProgramData\Wondershare\AllMyTube\WSBrowserAppMgr.dll [2016-04-22] ()

BHO-x32: ContributeBHO Class -> {074C1DC5-9320-4A9A-947D-C042949C6216} -> C:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll [2010-03-27] (Adobe Systems, Inc.)

BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2018-01-20] (Microsoft Corporation)

BHO-x32: Norton Identity Safety -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Security\Engine32\22.12.1.15\coIEPlg.dll [2018-03-02] (Symantec Corporation)

BHO-x32: LastPass Vault -> {95D9ECF5-2A4D-4550-BE49-70D42F71296E} -> C:\Program Files (x86)\LastPass\LPToolbar.dll [2016-01-21] (LastPass)

BHO-x32: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll [2015-08-25] (Logitech, Inc.)

BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\GROOVEEX.DLL [2018-01-20] (Microsoft Corporation)

Toolbar: HKLM - LastPass Toolbar - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPToolbar_x64.dll [2016-01-21] (LastPass)

Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security\Engine\22.12.1.15\coIEPlg.dll [2018-03-02] (Symantec Corporation)

Toolbar: HKLM-x32 - LastPass Toolbar - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPToolbar.dll [2016-01-21] (LastPass)

Toolbar: HKLM-x32 - Contribute Toolbar - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll [2010-03-27] (Adobe Systems, Inc.)

Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security\Engine32\22.12.1.15\coIEPlg.dll [2018-03-02] (Symantec Corporation)

IE Session Restore: HKU\S-1-5-21-1850599263-3589281596-2263528853-1001 -> is enabled.

Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2018-01-20] (Microsoft Corporation)

Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2018-01-20] (Microsoft Corporation)

Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2018-01-20] (Microsoft Corporation)

Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2018-01-20] (Microsoft Corporation)

Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2018-01-20] (Microsoft Corporation)

Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2018-01-20] (Microsoft Corporation)

Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2018-01-20] (Microsoft Corporation)

Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2018-01-20] (Microsoft Corporation)

Handler: WSAllMyTubechrome - {0A0C95CF-A116-4C74 - No File

Edge:

======

Edge Session Restore: HKU\S-1-5-21-1850599263-3589281596-2263528853-1001 -> is enabled.

FireFox:

========

FF HKLM-x32\...\Firefox\Extensions: [{01A8CA0A-4C96-465b-A49B-65C46FAD54F9}] - C:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\FirefoxPlugin\{01A8CA0A-4C96-465b-A49B-65C46FAD54F9}

FF Extension: (Adobe Contribute Toolbar) - C:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\FirefoxPlugin\{01A8CA0A-4C96-465b-A49B-65C46FAD54F9} [2016-02-22] [Legacy] [not signed]

FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\ProgramData\Wondershare\AllMyTube\[email protected]_xpi

FF Extension: (Wondershare AllMyTube) - C:\ProgramData\Wondershare\AllMyTube\[email protected]_xpi [2016-07-23] [Legacy]

FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt

FF Extension: (Logitech SetPoint) - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2017-02-03] [Legacy] [not signed]

FF Plugin: @java.com/DTPlugin,version=11.161.2 -> C:\Program Files\Java\jre1.8.0_161\bin\dtplugin\npDeployJava1.dll [2018-02-23] (Oracle Corporation)

FF Plugin: @java.com/JavaPlugin,version=11.161.2 -> C:\Program Files\Java\jre1.8.0_161\bin\plugin2\npjp2.dll [2018-02-23] (Oracle Corporation)

FF Plugin: @lastpass.com/NPLastPass -> C:\Program Files (x86)\LastPass\nplastpass64.dll [2016-01-21] (LastPass)

FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)

FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2018-01-20] (Microsoft Corporation)

FF Plugin: @videolan.org/vlc,version=2.2.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)

FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)

FF Plugin: @videolan.org/vlc,version=2.2.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)

FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll [2016-02-22] ()

FF Plugin-x32: @lastpass.com/NPLastPass -> C:\Program Files (x86)\LastPass\nplastpass64.dll [2016-01-21] (LastPass)

FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2018-01-20] (Microsoft Corporation)

FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)

FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2018-01-20] (Microsoft Corporation)

FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2018-01-23] (NVIDIA Corporation)

FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2018-01-23] (NVIDIA Corporation)

FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-13] (Google Inc.)

FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-13] (Google Inc.)

Chrome:

=======

CHR DefaultProfile: Default

CHR HomePage: Default -> hxxp://search.conduit.com/?ctid=CT3289663&SearchSource=48&CUI=UN84588741223312693&UM=2

CHR StartupUrls: Default -> "hxxp://search.conduit.com/?ctid=CT3289663&SearchSource=48&CUI=UN84588741223312693&UM=2"

CHR DefaultSearchKeyword: Default -> lp

CHR Session Restore: Default -> is enabled.

CHR Profile: C:\Users\Wolfie\AppData\Local\Google\Chrome\User Data\Default [2018-03-29]

CHR Extension: (Instrumente) - C:\Users\Wolfie\AppData\Local\Google\Chrome\User Data\Default\Extensions\ahchimdkljhhfjkklkafookapgikdhkk [2017-06-29]

CHR Extension: (BetterTTV) - C:\Users\Wolfie\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajopnjidmegmdimjlfnijceegpefgped [2017-11-19]

CHR Extension: (Google Drive) - C:\Users\Wolfie\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-06-29]

CHR Extension: (Regex Search) - C:\Users\Wolfie\AppData\Local\Google\Chrome\User Data\Default\Extensions\bcdabfmndggphffkchfdcekcokmbnkjl [2017-06-29]

CHR Extension: (Gliffy Diagrams) - C:\Users\Wolfie\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmicilclplefnflapjmnngmkkkkpfad [2017-08-10]

CHR Extension: (Honey) - C:\Users\Wolfie\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmnlcjabgnpnenekpadlanbbkooimhnj [2018-03-08]

CHR Extension: (Adblock Plus) - C:\Users\Wolfie\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2018-01-28]

CHR Extension: (OkCupid (for the Non-Mainstream User)) - C:\Users\Wolfie\AppData\Local\Google\Chrome\User Data\Default\Extensions\cgdblghohnaeeejaoincmbcdkdnodkei [2017-06-29]

CHR Extension: (OneTab) - C:\Users\Wolfie\AppData\Local\Google\Chrome\User Data\Default\Extensions\chphlpgkkbolifaimnlloiipkdnihall [2017-06-29]

CHR Extension: (uBlock Origin) - C:\Users\Wolfie\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2018-03-24]

CHR Extension: (Image Downloader) - C:\Users\Wolfie\AppData\Local\Google\Chrome\User Data\Default\Extensions\cnpniohnfphhjihaiiggeabnkjhpaldj [2018-03-24]

CHR Extension: (FLV Player) - C:\Users\Wolfie\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhogabmliblgpadclikpkjfnnipeebjm [2017-12-08]

CHR Extension: (Plex) - C:\Users\Wolfie\AppData\Local\Google\Chrome\User Data\Default\Extensions\fpniocchabmgenibceglhnfeimmdhdfm [2017-10-12]

CHR Extension: (Google Docs Offline) - C:\Users\Wolfie\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-07-02]

CHR Extension: (Unlimited Free VPN - Hola) - C:\Users\Wolfie\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkojfkhlekighikafcpjkiklfbnlmeio [2018-03-12]

CHR Extension: (Toontown Rewritten Playline) - C:\Users\Wolfie\AppData\Local\Google\Chrome\User Data\Default\Extensions\glljcnlcdodcflalcmclfcagkbnkmcga [2017-06-29]

CHR Extension: (LastPass: Free Password Manager) - C:\Users\Wolfie\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd [2018-03-24]

CHR Extension: (Enable right click) - C:\Users\Wolfie\AppData\Local\Google\Chrome\User Data\Default\Extensions\hhojmcideegachlhfgfdhailpfhgknjm [2017-06-29]

CHR Extension: (Vine for Chrome) - C:\Users\Wolfie\AppData\Local\Google\Chrome\User Data\Default\Extensions\hnfkidejapghjmjphojdbnchkdphccno [2017-06-29]

CHR Extension: (Crackle) - C:\Users\Wolfie\AppData\Local\Google\Chrome\User Data\Default\Extensions\ibfamoapbmmmlknoopmmfofgladlinic [2017-06-29]

CHR Extension: (Social Fixer for Facebook) - C:\Users\Wolfie\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifmhoabcaeehkljcfclfiieohkohdgbb [2017-11-16]

CHR Extension: (SoundCloud) - C:\Users\Wolfie\AppData\Local\Google\Chrome\User Data\Default\Extensions\ipebkipbeggmmkjjljenoblnfaenambp [2017-06-29]

CHR Extension: (Send Your Email to SMS (text)) - C:\Users\Wolfie\AppData\Local\Google\Chrome\User Data\Default\Extensions\ipghnlmkjdejhibmialipjeaoobhaofe [2018-02-28]

CHR Extension: (BeFrugal Add-On) - C:\Users\Wolfie\AppData\Local\Google\Chrome\User Data\Default\Extensions\kcdcneeneoifbeenbbnjodcflhdbaggp [2018-01-12]

CHR Extension: (Google Voice (by Google)) - C:\Users\Wolfie\AppData\Local\Google\Chrome\User Data\Default\Extensions\kcnhkahnjcbndmmehfkdnkjomaanaooo [2017-06-29]

CHR Extension: (SoundCloud Downloader Free) - C:\Users\Wolfie\AppData\Local\Google\Chrome\User Data\Default\Extensions\libedajeiljdoodmokbppgapcfbignci [2017-06-29]

CHR Extension: (Take Webpage Screenshots Entirely - FireShot) - C:\Users\Wolfie\AppData\Local\Google\Chrome\User Data\Default\Extensions\mcbpblocgmgfnpjjppndjkmgjaogfceg [2017-12-08]

CHR Extension: (Chrono Download Manager) - C:\Users\Wolfie\AppData\Local\Google\Chrome\User Data\Default\Extensions\mciiogijehkdemklbdcbfkefimifhecn [2017-06-29]

CHR Extension: (Video Downloader GetThemAll) - C:\Users\Wolfie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nbkekaeindpfpcoldfckljplboolgkfm [2017-08-10]

CHR Extension: (Office Online) - C:\Users\Wolfie\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndjpnladcallmjemlbaebfadecfhkepb [2018-03-24]

CHR Extension: (Awesome Window & Tab Manager) - C:\Users\Wolfie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfjaddknccljfohoaekkibpcceeenkah [2017-06-29]

CHR Extension: (MetaMask) - C:\Users\Wolfie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nkbihfbeogaeaoehlefnkodbefgpgknn [2018-03-26]

CHR Extension: (Chrome Web Store Payments) - C:\Users\Wolfie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-08-22]

CHR Extension: (Better History) - C:\Users\Wolfie\AppData\Local\Google\Chrome\User Data\Default\Extensions\obciceimmggglbmelaidpjlmodcebijb [2017-06-29]

CHR Extension: (Soundload) - C:\Users\Wolfie\AppData\Local\Google\Chrome\User Data\Default\Extensions\obeamklhbmaapccdahgeafnpfkdkbimo [2017-06-29]

CHR Extension: (Print Edit WE) - C:\Users\Wolfie\AppData\Local\Google\Chrome\User Data\Default\Extensions\olnblpmehglpcallpnbgmikjblmkopia [2018-03-24]

CHR Extension: (Recently Closed Tabs) - C:\Users\Wolfie\AppData\Local\Google\Chrome\User Data\Default\Extensions\opefiliglgllmponlmoajkfbcaigocfc [2017-06-29]

CHR Extension: (Amazon Assistant for Chrome) - C:\Users\Wolfie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbjikboenpfhbbejgkoklgkhjpfogcam [2018-03-12]

CHR Extension: (uBlock Origin Extra) - C:\Users\Wolfie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgdnlhfefecpicbbihgmbmffkjpaplco [2018-03-25]

CHR Extension: (Chrome Media Router) - C:\Users\Wolfie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-03-24]

CHR Extension: (Twitch Giveaways) - C:\Users\Wolfie\AppData\Local\Google\Chrome\User Data\Default\Extensions\poohjpljfecljomfhhimjhddddlidhdd [2018-03-02]

CHR Profile: C:\Users\Wolfie\AppData\Local\Google\Chrome\User Data\Default1 [2017-06-16] <==== ATTENTION

CHR Extension: (Docs) - C:\Users\Wolfie\AppData\Local\Google\Chrome\User Data\Default1\Extensions\aohghmighlieiainnegkcijnfilokake [2017-06-16]

CHR Extension: (Google Drive) - C:\Users\Wolfie\AppData\Local\Google\Chrome\User Data\Default1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-06-16]

CHR Extension: (YouTube) - C:\Users\Wolfie\AppData\Local\Google\Chrome\User Data\Default1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-06-16]

CHR Extension: (Google Search) - C:\Users\Wolfie\AppData\Local\Google\Chrome\User Data\Default1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2017-06-16]

CHR Extension: (Avast SafePrice) - C:\Users\Wolfie\AppData\Local\Google\Chrome\User Data\Default1\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2017-06-16]

CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Wolfie\AppData\Local\Google\Chrome\User Data\Default1\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2017-06-16]

CHR Extension: (Aimersoft Video Converter Ultimate) - C:\Users\Wolfie\AppData\Local\Google\Chrome\User Data\Default1\Extensions\mapcejffhcbidcjmomhalabpcbaeimcb [2017-06-16]

CHR Extension: (Gmail) - C:\Users\Wolfie\AppData\Local\Google\Chrome\User Data\Default1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-06-16]

CHR Profile: C:\Users\Wolfie\AppData\Local\Google\Chrome\User Data\Profile 1 [2018-03-24]

CHR Extension: (Norton Security Toolbar) - C:\Users\Wolfie\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\cjabmdjcfcfdmffimndhafhblfmpjdpe [2018-03-17]

CHR Extension: (LastPass: Free Password Manager) - C:\Users\Wolfie\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\hdokiejnpimakedhajhdlcegeplioahd [2018-03-17]

CHR Extension: (Chrome Web Store Payments) - C:\Users\Wolfie\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-03-17]

CHR Extension: (Chrome Media Router) - C:\Users\Wolfie\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-03-17]

CHR Profile: C:\Users\Wolfie\AppData\Local\Google\Chrome\User Data\Profile 3 [2017-09-06]

CHR Extension: (Google Slides) - C:\Users\Wolfie\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-05-14]

CHR Extension: (Google Docs) - C:\Users\Wolfie\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\aohghmighlieiainnegkcijnfilokake [2016-05-14]

CHR Extension: (Google Drive) - C:\Users\Wolfie\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-05-14]

CHR Extension: (YouTube) - C:\Users\Wolfie\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-05-14]

CHR Extension: (Google Sheets) - C:\Users\Wolfie\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-05-14]

CHR Extension: (Google Docs Offline) - C:\Users\Wolfie\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-05-25]

CHR Extension: (LastPass: Free Password Manager) - C:\Users\Wolfie\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\hdokiejnpimakedhajhdlcegeplioahd [2017-09-03]

CHR Extension: (Norton Identity Safe) - C:\Users\Wolfie\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\iikflkcanblccfahdhdonehdalibjnif [2016-09-25]

CHR Extension: (Chrome Web Store Payments) - C:\Users\Wolfie\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-09-03]

CHR Extension: (Gmail) - C:\Users\Wolfie\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-05-14]

CHR Extension: (Chrome Media Router) - C:\Users\Wolfie\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-09-03]

CHR Profile: C:\Users\Wolfie\AppData\Local\Google\Chrome\User Data\Profile 4 [2017-08-10]

CHR Extension: (Google Slides) - C:\Users\Wolfie\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-05-14]

CHR Extension: (Google Docs) - C:\Users\Wolfie\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\aohghmighlieiainnegkcijnfilokake [2016-05-14]

CHR Extension: (Google Drive) - C:\Users\Wolfie\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-05-14]

CHR Extension: (YouTube) - C:\Users\Wolfie\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-05-14]

CHR Extension: (Norton Security Toolbar) - C:\Users\Wolfie\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\cjabmdjcfcfdmffimndhafhblfmpjdpe [2017-07-23]

CHR Extension: (Google Sheets) - C:\Users\Wolfie\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-05-14]

CHR Extension: (Google Docs Offline) - C:\Users\Wolfie\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-05-15]

CHR Extension: (LastPass: Free Password Manager) - C:\Users\Wolfie\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\hdokiejnpimakedhajhdlcegeplioahd [2017-08-01]

CHR Extension: (Norton Identity Safe) - C:\Users\Wolfie\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\iikflkcanblccfahdhdonehdalibjnif [2016-09-25]

CHR Extension: (Chrome Web Store Payments) - C:\Users\Wolfie\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-04-26]

CHR Extension: (Gmail) - C:\Users\Wolfie\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-05-14]

CHR Extension: (Chrome Media Router) - C:\Users\Wolfie\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-07-23]

CHR Profile: C:\Users\Wolfie\AppData\Local\Google\Chrome\User Data\System Profile [2016-12-11]

CHR HKLM\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files (x86)\Norton Security\Engine\22.12.1.15\Exts\Chrome.crx <not found>

CHR HKLM\...\Chrome\Extension: [hdokiejnpimakedhajhdlcegeplioahd] - hxxp://clients2.google.com/service/update2/crx

CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx

CHR HKLM-x32\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files (x86)\Norton Security\Engine\22.12.1.15\Exts\Chrome.crx <not found>

CHR HKLM-x32\...\Chrome\Extension: [hdokiejnpimakedhajhdlcegeplioahd] - hxxp://clients2.google.com/service/update2/crx

CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 aim_LSService; C:\Program Files (x86)\Actual Window Manager\LogonScreenService.exe [95256 2016-03-31] (Actual Tools)

R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe [936728 2013-07-04] ()

R2 Backupper Service; C:\Program Files (x86)\AOMEI Backupper\ABService.exe [122736 2017-03-25] (AOMEI Tech Co., Ltd.)

R2 BcmBtRSupport; C:\WINDOWS\system32\BtwRSupportService.exe [2278152 2015-07-28] (Broadcom Corporation.)

S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [7013384 2018-02-12] ()

R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [7761584 2018-03-03] (Microsoft Corporation)

R2 CloudXtender; C:\Program Files\Division-M\Cloud Xtender\CloudXtenderService.exe [11746928 2016-02-03] (Division-M Pty Ltd)

R2 CouponPrinterService; C:\Program Files (x86)\Coupons\CouponPrinterService.exe [1413736 2016-09-13] (Coupons.com Inc.)

S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-04-20] (Dropbox, Inc.)

S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-04-20] (Dropbox, Inc.)

R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [51024 2018-03-15] (Dropbox, Inc.)

R2 DTSAudioSvc; C:\Program Files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe [240576 2013-10-06] (DTS, Inc)

S3 Garmin Device Interaction Service; C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe [1099280 2017-03-28] (Garmin Ltd. or its subsidiaries)

R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [373744 2016-11-01] (Intel Corporation)

R2 LogiRegistryService; C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe [193144 2016-01-06] (Logitech Inc.)

R2 NortonSecurity; C:\Program Files (x86)\Norton Security\Engine\22.12.1.15\NortonSecurity.exe [328712 2018-03-03] (Symantec Corporation)

R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [521608 2018-02-21] (NVIDIA Corporation)

S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [521608 2018-02-21] (NVIDIA Corporation)

S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [118520 2013-02-28] (Riverbed Technology, Inc.)

S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [3913064 2017-03-18] (Microsoft Corporation)

R2 ss_conn_service; C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [752224 2017-01-16] (DEVGURU Co., LTD.)

S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]

R2 TDDService; C:\Program Files\Tangentix\Runtime\x64\TDDService.exe [14736 2018-02-18] (Tangentix Ltd)

R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [10945776 2017-12-15] (TeamViewer GmbH)

R3 vmcompute; C:\WINDOWS\system32\vmcompute.exe [2232832 2017-12-31] (Microsoft Corporation)

R2 vmms; C:\WINDOWS\system32\vmms.exe [14415360 2017-12-31] (Microsoft Corporation)

R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18022-0\NisSrv.exe [356152 2018-03-01] (Microsoft Corporation)

R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18022-0\MsMpEng.exe [106280 2018-03-01] (Microsoft Corporation)

S2 EraserSvc11720; "C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\NS.exe" /h ccCommon [X]

R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000

R2 NvTelemetryContainer; "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugins" -r

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 ambakdrv; C:\WINDOWS\System32\ambakdrv.sys [51120 2016-12-23] ()

R2 ammntdrv; C:\WINDOWS\system32\ammntdrv.sys [171952 2016-12-23] ()

S3 ampa; C:\WINDOWS\system32\ampa.sys [38320 2016-12-25] ()

S3 ampa; C:\WINDOWS\SysWOW64\ampa.sys [38320 2016-12-25] ()

R2 amwrtdrv; C:\WINDOWS\system32\amwrtdrv.sys [38320 2016-12-23] ()

R3 AnyDVD; C:\WINDOWS\System32\Drivers\AnyDVD.sys [150440 2015-12-28] (SlySoft, Inc.)

R3 AnyDVD; C:\Windows\SysWOW64\Drivers\AnyDVD.sys [150440 2015-12-28] (SlySoft, Inc.)

R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2013-07-04] ()

S3 bcbtums; C:\WINDOWS\system32\drivers\bcbtums.sys [199472 2015-07-28] (Broadcom Corporation.)

R1 BHDrvx64; C:\Program Files (x86)\Norton Security\NortonData\22.7.1.32\Definitions\BASHDefs\20171016.001\BHDrvx64.sys [1872024 2017-10-11] (Symantec Corporation)

R1 ccSet_NGC; C:\WINDOWS\system32\drivers\NGCx64\160C010.00F\ccSetx64.sys [187544 2018-03-02] (Symantec Corporation)

S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131712 2017-01-16] (Samsung Electronics Co., Ltd.)

R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [507984 2017-12-27] (Symantec Corporation)

S3 epmntdrv; C:\WINDOWS\system32\epmntdrv.sys [33448 2016-12-07] ()

S3 epmntdrv; C:\WINDOWS\SysWOW64\epmntdrv.sys [21496 2016-01-14] ()

U3 EraserUtilDrv11730; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilDrv11730.sys [152656 2017-12-27] (Symantec Corporation)

S3 EuGdiDrv; C:\WINDOWS\system32\EuGdiDrv.sys [10848 2016-07-11] () [File not signed]

S3 EuGdiDrv; C:\WINDOWS\SysWOW64\EuGdiDrv.sys [10208 2016-07-11] () [File not signed]

R3 hvsocketcontrol; C:\WINDOWS\system32\drivers\hvsocketcontrol.sys [22016 2017-12-31] (Microsoft Corporation)

R1 IDSVia64; C:\Program Files (x86)\Norton Security\NortonData\22.7.1.32\Definitions\IPSDefs\20171016.001\IDSvia64.sys [1056920 2017-10-13] (Symantec Corporation)

R2 LGCoreTemp; C:\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\lgcoretemp.sys [14184 2015-06-21] (Logitech)

R3 LGJoyXlCore; C:\WINDOWS\system32\drivers\LGJoyXlCore.sys [68384 2015-06-10] (Logitech Inc.)

S3 lunparser; C:\WINDOWS\System32\drivers\lunparser.sys [23552 2017-12-31] (Microsoft Corporation)

R1 MpKsla17deebb; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{9361BF5E-074B-4711-A0F4-6EF2F6572A67}\MpKsla17deebb.sys [58120 2018-03-11] (Microsoft Corporation)

R1 MpKsld4ee806c; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{D8DA44CA-7248-4C91-93D4-58A62D043B63}\MpKsld4ee806c.sys [58120 2018-03-28] (Microsoft Corporation)

R2 NPF; C:\WINDOWS\System32\drivers\npf.sys [36600 2013-02-28] (Riverbed Technology, Inc.)

R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_7a39871618b19f06\nvlddmkm.sys [17493824 2018-01-24] (NVIDIA Corporation)

S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [31624 2018-02-21] (NVIDIA Corporation)

R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [59240 2017-12-14] (NVIDIA Corporation)

R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [57928 2018-01-23] (NVIDIA Corporation)

S3 passthruparser; C:\WINDOWS\System32\drivers\passthruparser.sys [25088 2017-12-31] (Microsoft Corporation)

S3 pcip; C:\WINDOWS\System32\drivers\pcip.sys [47616 2017-12-31] (Microsoft Corporation)

S3 pvhdparser; C:\WINDOWS\System32\drivers\pvhdparser.sys [51712 2017-12-31] (Microsoft Corporation)

R0 pwdrvio; C:\WINDOWS\System32\pwdrvio.sys [19912 2009-12-21] ()

S3 pwdspio; C:\Windows\system32\pwdspio.sys [13264 2009-12-21] ()

S3 ramparser; C:\WINDOWS\System32\drivers\ramparser.sys [31232 2017-12-31] (Microsoft Corporation)

S3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [604160 2017-03-18] (Realtek )

S3 SDFRd; C:\WINDOWS\System32\drivers\SDFRd.sys [31128 2017-03-18] ()

R1 se64a; C:\WINDOWS\System32\Drivers\se64a.sys [14032 2007-05-03] (EnTech Taiwan)

S3 SRTSP; C:\WINDOWS\System32\Drivers\NGCx64\160C010.00F\SRTSP64.SYS [817816 2018-03-02] (Symantec Corporation)

R1 SRTSPX; C:\WINDOWS\system32\drivers\NGCx64\160C010.00F\SRTSPX64.SYS [49304 2018-03-02] (Symantec Corporation)

S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [165504 2017-01-16] (Samsung Electronics Co., Ltd.)

R0 SymEFASI; C:\WINDOWS\System32\drivers\NGCx64\160C010.00F\SYMEFASI64.SYS [1942168 2018-03-02] (Symantec Corporation)

S4 SymELAM; C:\WINDOWS\system32\drivers\NGCx64\160C010.00F\SymELAM.sys [24608 2018-03-02] (Symantec Corporation)

R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [102552 2018-02-14] (Symantec Corporation)

R1 SymIRON; C:\WINDOWS\system32\drivers\NGCx64\160C010.00F\Ironx64.SYS [307864 2018-03-02] (Symantec Corporation)

R1 SymNetS; C:\WINDOWS\System32\Drivers\NGCx64\160C010.00F\SYMNETS.SYS [566936 2018-03-02] (Symantec Corporation)

R3 Synth3dVsp; C:\WINDOWS\System32\drivers\Synth3dVsp.sys [104448 2017-12-31] (Microsoft Corporation)

R3 VBAudioVACMME; C:\WINDOWS\system32\DRIVERS\vbaudio_cable64_win7.sys [41192 2014-09-02] (Windows ® Win 7 DDK provider)

R3 VBoxNetAdp; C:\WINDOWS\system32\DRIVERS\VBoxNetAdp6.sys [203328 2018-02-26] (Oracle Corporation)

R1 VBoxNetLwf; C:\WINDOWS\system32\DRIVERS\VBoxNetLwf.sys [213632 2018-02-26] (Oracle Corporation)

S3 vhdparser; C:\WINDOWS\System32\drivers\vhdparser.sys [31232 2017-12-31] (Microsoft Corporation)

R1 VHyperDrive5; C:\Windows\system32\drivers\VHyperDrive5.sys [418928 2015-10-28] (Division-M Pty Ltd)

R3 VHyperPnPBus; C:\WINDOWS\System32\drivers\VHyperPnPBus.sys [18032 2014-02-04] (EldoS Corporation)

R3 vmsmp; C:\WINDOWS\System32\drivers\vmswitch.sys [1652736 2017-12-31] (Microsoft Corporation)

S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [46072 2018-03-01] (Microsoft Corporation)

R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [288296 2018-03-01] (Microsoft Corporation)

S3 wdm_usb; C:\WINDOWS\system32\DRIVERS\usb2ser.sys [151184 2016-07-15] (MBB)

R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [129568 2018-03-01] (Microsoft Corporation)

S3 cpuz140; \??\C:\Users\Wolfie\AppData\Local\Temp\cpuz140\cpuz140_x64.sys [X] <==== ATTENTION

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-03-29 00:48 - 2018-03-29 00:49 - 000000000 ____D C:\FRST

2018-03-27 22:29 - 2018-03-27 22:29 - 000000000 ____D C:\WINDOWS\System32\Tasks\Remediation

2018-03-23 05:10 - 2018-03-23 05:10 - 000000000 ____D C:\Program Files\Common Files\DESIGNER

2018-03-16 19:44 - 2018-03-16 19:44 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox

2018-03-15 07:50 - 2018-03-15 07:50 - 000051024 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe

2018-03-15 07:50 - 2018-03-15 07:50 - 000045672 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-dev.sys

2018-03-15 07:50 - 2018-03-15 07:50 - 000045640 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-stable.sys

2018-03-15 07:50 - 2018-03-15 07:50 - 000045640 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-canary.sys

2018-03-09 02:29 - 2018-03-09 02:29 - 000000000 ___HD C:\OneDriveTemp

2018-03-08 18:00 - 2018-03-08 18:00 - 000000000 ____D C:\Users\Wolfie\VirtualBox VMs

2018-03-08 17:58 - 2018-03-08 17:58 - 000003388 _____ C:\WINDOWS\System32\Tasks\Norton WSC Integration

2018-03-08 17:58 - 2018-03-08 17:58 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Security

2018-03-08 17:19 - 2018-03-28 15:00 - 000000000 ____D C:\Users\Wolfie\.VirtualBox

2018-03-08 17:19 - 2018-03-08 17:19 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Oracle VM VirtualBox

2018-03-08 17:19 - 2018-03-08 17:19 - 000000000 ____D C:\Program Files\Oracle

2018-03-08 17:19 - 2018-02-26 17:45 - 000975144 _____ (Oracle Corporation) C:\WINDOWS\system32\Drivers\VBoxDrv.sys

2018-03-08 17:19 - 2018-02-26 17:45 - 000159664 _____ (Oracle Corporation) C:\WINDOWS\system32\Drivers\VBoxUSBMon.sys

2018-03-08 04:16 - 2018-03-08 04:16 - 000000000 ____D C:\Users\Wolfie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Andy

2018-03-08 04:15 - 2018-03-08 04:17 - 000000000 ____D C:\Users\Wolfie\AppData\Roaming\Andy

2018-03-08 04:15 - 2018-03-08 04:17 - 000000000 ____D C:\Users\Wolfie\Andy

2018-03-07 20:23 - 2018-03-07 20:23 - 000000000 ____D C:\Users\Wolfie\ApkProjects

2018-03-07 20:03 - 2018-03-07 20:03 - 000000000 ____D C:\Users\Wolfie\AppData\Local\Android

2018-03-07 20:01 - 2018-03-07 20:44 - 000000000 ____D C:\Users\Wolfie\.android

2018-03-07 20:01 - 2018-03-07 20:01 - 000000000 ____D C:\Users\Wolfie\.AndroidStudio3.0

2018-03-07 20:01 - 2018-03-07 20:01 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Android Studio

2018-03-07 20:00 - 2018-03-07 20:00 - 000000000 ____D C:\Program Files\Android

2018-03-05 17:39 - 2018-03-05 17:40 - 000000000 ____D C:\Users\Wolfie\AppData\Roaming\BetterDiscord

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-03-29 00:42 - 2017-03-18 17:01 - 000000000 ____D C:\WINDOWS\INF

2018-03-28 23:24 - 2017-05-22 00:50 - 000000000 ____D C:\WINDOWS\system32\SleepStudy

2018-03-28 23:23 - 2017-06-01 12:13 - 000004152 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{D9BE9605-A86F-4FD5-9213-0D6805A461A2}

2018-03-28 22:18 - 2017-03-18 17:03 - 000000000 ____D C:\WINDOWS\AppReadiness

2018-03-28 21:55 - 2015-12-12 12:21 - 000000000 ____D C:\Users\Wolfie\Documents\Wizard101

2018-03-28 21:41 - 2016-01-21 03:23 - 000000000 ____D C:\Users\Wolfie\AppData\Local\CrashDumps

2018-03-28 12:25 - 2017-05-22 00:51 - 000000000 ____D C:\ProgramData\NVIDIA

2018-03-28 02:53 - 2016-01-23 12:57 - 000000600 _____ C:\Users\Wolfie\winscp.RND

2018-03-28 02:53 - 2016-01-23 12:48 - 000057108 _____ C:\Users\Wolfie\AppData\Roaming\WinSCP.ini

2018-03-27 01:31 - 2017-03-18 17:03 - 000000000 ___HD C:\Program Files\WindowsApps

2018-03-24 17:49 - 2018-02-17 05:36 - 000000000 ____D C:\Program Files\rempl

2018-03-23 05:10 - 2017-03-18 17:03 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft

2018-03-23 05:10 - 2017-03-18 17:03 - 000000000 ____D C:\Program Files\Common Files\microsoft shared

2018-03-23 05:09 - 2016-01-26 05:53 - 000000000 ____D C:\Program Files\Microsoft Office

2018-03-23 01:46 - 2016-01-21 03:10 - 000000000 ____D C:\Users\Wolfie\AppData\Roaming\vlc

2018-03-22 19:58 - 2016-01-20 23:11 - 000002307 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk

2018-03-22 19:58 - 2016-01-20 23:11 - 000002266 _____ C:\Users\Public\Desktop\Google Chrome.lnk

2018-03-22 14:45 - 2017-03-18 17:03 - 000000000 ____D C:\WINDOWS\LiveKernelReports

2018-03-22 10:14 - 2017-10-20 04:53 - 000000000 ____D C:\Users\Wolfie\AppData\Roaming\CDisplayEx

2018-03-20 15:19 - 2016-01-21 01:51 - 000000000 ___RD C:\Users\Wolfie\OneDrive

2018-03-19 10:27 - 2016-03-15 03:14 - 000001285 _____ C:\Users\Public\Desktop\OBS Studio.lnk

2018-03-19 10:16 - 2016-01-22 04:42 - 000000000 ____D C:\Users\Wolfie\AppData\Roaming\obs-studio

2018-03-17 12:42 - 2017-03-18 17:03 - 000000000 ____D C:\WINDOWS\system32\NDF

2018-03-17 12:42 - 2017-03-18 17:03 - 000000000 ____D C:\WINDOWS\system32\MsDtc

2018-03-16 19:44 - 2016-04-20 23:21 - 000000000 ____D C:\Program Files (x86)\Dropbox

2018-03-15 14:41 - 2017-03-18 16:51 - 000000000 ____D C:\WINDOWS\CbsTemp

2018-03-15 14:39 - 2016-01-22 02:46 - 000000000 ____D C:\WINDOWS\system32\MRT

2018-03-15 14:37 - 2017-11-09 01:27 - 130067560 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT-KB890830.exe

2018-03-15 14:37 - 2016-01-22 02:46 - 130067560 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe

2018-03-15 13:04 - 2018-02-15 01:07 - 000000000 ____D C:\WINDOWS\System32\Tasks\Norton Security

2018-03-12 16:51 - 2017-05-22 01:00 - 001954648 _____ C:\WINDOWS\system32\PerfStringBackup.INI

2018-03-12 16:47 - 2017-06-01 12:10 - 000003448 _____ C:\WINDOWS\System32\Tasks\Launcher GIGABYTE XTREME GAMING ENGINE

2018-03-12 16:46 - 2016-01-22 00:21 - 000000000 ____D C:\Users\Wolfie\AppData\Roaming\discord

2018-03-12 16:45 - 2017-05-22 00:56 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT

2018-03-12 16:45 - 2017-05-22 00:51 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat

2018-03-12 16:45 - 2016-12-01 19:24 - 000000082 _____ C:\WINDOWS\SysWOW64\winsevr.dat

2018-03-11 09:39 - 2016-02-22 21:41 - 000001456 _____ C:\Users\Wolfie\AppData\Local\Adobe Save for Web 12.0 Prefs

2018-03-11 01:43 - 2016-01-23 03:28 - 000001152 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinSCP.lnk

2018-03-11 01:43 - 2016-01-23 03:28 - 000000000 ____D C:\Program Files (x86)\WinSCP

2018-03-09 13:49 - 2018-01-20 01:33 - 000000000 ____D C:\WINDOWS\Minidump

2018-03-09 02:29 - 2017-07-26 06:20 - 000003362 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1850599263-3589281596-2263528853-1001

2018-03-09 02:29 - 2016-01-21 01:51 - 000002414 _____ C:\Users\Wolfie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk

2018-03-08 21:16 - 2016-01-21 01:59 - 000000000 ____D C:\Users\Wolfie\AppData\Local\NVIDIA

2018-03-08 18:22 - 2016-09-16 13:36 - 000000000 ____D C:\Program Files\Common Files\AV

2018-03-08 18:01 - 2017-05-22 00:52 - 000000000 ____D C:\Users\Wolfie

2018-03-08 17:58 - 2018-02-20 19:02 - 000002386 _____ C:\Users\Public\Desktop\Norton Security.lnk

2018-03-08 17:58 - 2018-02-12 18:02 - 000000000 ____D C:\WINDOWS\system32\Drivers\NGCx64

2018-03-08 17:58 - 2017-06-29 05:33 - 000000000 ____D C:\Users\Wolfie\.chatty

2018-03-08 17:58 - 2017-05-22 00:51 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation

2018-03-08 17:58 - 2017-05-15 01:25 - 000000000 ____D C:\Program Files (x86)\AOMEI Backupper

2018-03-08 17:58 - 2017-03-18 07:40 - 000786432 _____ C:\WINDOWS\system32\config\BBI

2018-03-08 17:58 - 2017-03-18 07:40 - 000032768 _____ C:\WINDOWS\system32\config\ELAM

2018-03-08 17:58 - 2016-01-21 02:51 - 000000000 ____D C:\Program Files\Java

2018-03-08 04:17 - 2016-01-21 03:22 - 000000000 ____D C:\ProgramData\Package Cache

2018-03-01 19:13 - 2018-02-20 19:02 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd

2018-03-01 19:12 - 2017-03-18 17:03 - 000000000 ___RD C:\Program Files\Windows Defender

==================== Files in the root of some directories =======

2016-01-20 23:14 - 2016-01-21 04:00 - 014147584 _____ () C:\Program Files (x86)\Common Files\lpuninstall.exe

2016-02-28 03:26 - 2017-06-30 19:32 - 000000132 _____ () C:\Users\Wolfie\AppData\Roaming\Adobe PNG Format CS5 Prefs

2016-01-23 12:48 - 2018-03-28 02:53 - 000057108 _____ () C:\Users\Wolfie\AppData\Roaming\WinSCP.ini

2016-02-22 21:41 - 2018-03-11 09:39 - 000001456 _____ () C:\Users\Wolfie\AppData\Local\Adobe Save for Web 12.0 Prefs

2016-06-14 01:09 - 2016-06-23 19:35 - 000000293 _____ () C:\Users\Wolfie\AppData\Local\config.ini

2016-06-23 16:51 - 2016-06-23 16:53 - 000000013 _____ () C:\Users\Wolfie\AppData\Local\Phonebook.txt

2016-03-16 21:53 - 2016-03-16 21:53 - 000001569 _____ () C:\Users\Wolfie\AppData\Local\recently-used.xbel

2016-12-01 03:14 - 2017-03-27 06:54 - 000007605 _____ () C:\Users\Wolfie\AppData\Local\Resmon.ResmonCfg

2016-06-14 00:55 - 2016-06-23 16:52 - 000000000 _____ () C:\Users\Wolfie\AppData\Local\simedit.log

Some files in TEMP:

====================

2017-05-22 01:00 - 2016-03-31 22:59 - 000813592 ____N (Actual Tools) C:\Users\Wolfie\AppData\Local\Temp\aimemb.dll

2017-05-22 01:00 - 2016-03-31 22:59 - 002296856 ____N (Actual Tools) C:\Users\Wolfie\AppData\Local\Temp\aimemb64.dll

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed

C:\WINDOWS\system32\wininit.exe => File is digitally signed

C:\WINDOWS\explorer.exe => File is digitally signed

C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed

C:\WINDOWS\system32\svchost.exe => File is digitally signed

C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed

C:\WINDOWS\system32\services.exe => File is digitally signed

C:\WINDOWS\system32\User32.dll => File is digitally signed

C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed

C:\WINDOWS\system32\userinit.exe => File is digitally signed

C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed

C:\WINDOWS\system32\rpcss.dll => File is digitally signed

C:\WINDOWS\system32\dnsapi.dll => File is digitally signed

C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed

C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2018-03-22 07:23

==================== End of FRST.txt ============================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 14.03.2018

Ran by Wolfie (29-03-2018 00:49:41)

Running from S:\

Windows 10 Education Version 1703 15063.850 (X64) (2017-05-22 04:59:12)

Boot Mode: Normal

==========================================================

==================== Accounts: =============================

Administrator (S-1-5-21-1850599263-3589281596-2263528853-500 - Administrator - Disabled)

DefaultAccount (S-1-5-21-1850599263-3589281596-2263528853-503 - Limited - Disabled)

Guest (S-1-5-21-1850599263-3589281596-2263528853-501 - Limited - Disabled)

HomeGroupUser$ (S-1-5-21-1850599263-3589281596-2263528853-1005 - Limited - Enabled)

Other (S-1-5-21-1850599263-3589281596-2263528853-1006 - Administrator - Enabled) => C:\Users\Other

Wolfie (S-1-5-21-1850599263-3589281596-2263528853-1001 - Administrator - Enabled) => C:\Users\Wolfie

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

AV: Norton Security (Disabled - Out of date) {E3FDBD9F-8140-1400-F32B-8B58923F7C4D}

AS: Norton Security (Disabled - Out of date) {589C5C7B-A77A-1B8E-C99B-B02AE9B836F0}

AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

FW: Norton Security (Disabled) {DBC63CBA-CB2F-1558-D874-226D6CEC3B36}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Active@ Disk Editor 6 (HKLM\...\{F40165C8-BD5B-4E42-A40D-396BB707E5B7}_is1) (Version: 6 - LSoft Technologies Inc)

Actual Window Manager 8.8 (HKLM-x32\...\Actual Windows Manager_is1) (Version: 8.8 - Actual Tools)

Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.5.3.9120 - Adobe Systems Inc.)

Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.0.0.400 - Adobe Systems Incorporated)

Adobe Creative Suite 5 Master Collection (HKLM-x32\...\{288DB08D-0708-4A94-B055-55B99E39EB62}) (Version: 5.0 - Adobe Systems Incorporated)

Adobe Digital Editions 4.5 (HKLM-x32\...\Adobe Digital Editions 4.5) (Version: 4.5.1 - Adobe Systems Incorporated)

Adobe Flash Player 10 ActiveX (HKLM-x32\...\{6E9EF98E-259E-416D-B5F8-0ABDB99942CE}) (Version: 10.1.52.14 - Adobe Systems, Inc.)

Adobe Flash Player 10 Plugin (HKLM-x32\...\{BC41C09D-FAA9-4346-9FE6-1E0017BC551A}) (Version: 10.1.52.14 - Adobe Systems, Inc.)

Adobe Media Player (HKLM-x32\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.8 - Adobe Systems Incorporated)

Android Studio (HKLM\...\Android Studio) (Version: 1.0 - Google Inc.)

ANT Drivers Installer x64 (HKLM\...\{7664AF65-7B0D-4171-9F0F-50455278B428}) (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden

AnyDVD (HKLM-x32\...\AnyDVD) (Version: 7.6.9.5 - RedFox)

AOMEI Backupper Standard (HKLM-x32\...\{A83692F5-3E9B-4E95-9E7E-B5DF5536CE9D}_is1) (Version: - AOMEI Technology Co., Ltd.)

AOMEI Partition Assistant Standard Edition 6.3 (HKLM-x32\...\{02F850ED-FD0E-4ED1-BE0B-54981f5BD3D4}_is1) (Version: - AOMEI Technology Co., Ltd.)

Audacity 2.1.2 (HKLM-x32\...\Audacity®_is1) (Version: 2.1.2 - Audacity Team)

Blender (HKLM\...\{3ABDE236-0A3F-4D0D-BECB-DB67EE21C593}) (Version: 2.77.0 - Blender Foundation)

calibre 64bit (HKLM\...\{32019BE2-E62F-48CF-B274-2521588B83D8}) (Version: 2.54.0 - Kovid Goyal)

CameraHelperMsi (HKLM-x32\...\{15634701-BACE-4449-8B25-1567DA8C9FD3}) (Version: 13.51.815.0 - Logitech) Hidden

Car DV Player version 1.119 (HKLM-x32\...\{DC92E62C-4A63-44C7-AC9B-5EDA965E3271}_is1) (Version: 1.119 - )

CCleaner (HKLM\...\CCleaner) (Version: 5.36 - Piriform)

CDBurnerXP (64 bit) (HKLM\...\{CF0609C1-687B-4133-9AB9-D6DE00D20715}) (Version: 4.5.7.6389 - Canneverbe Limited)

CDisplayEx 1.10.29 (HKLM\...\CDisplayEx_is1) (Version: - Progdigy Software S.A.R.L.)

Cheat Engine 6.5 (HKLM-x32\...\Cheat Engine 6.5_is1) (Version: - Cheat Engine)

Cities in Motion - GameSessions Edition (HKLM-x32\...\{099bdd1c-11a7-419d-bda4-c2035e076b0b}) (Version: 2.2.6617.32019 - GameSessions)

Cities in Motion (HKLM-x32\...\{2DCB4C4F-E71D-4F00-B898-8AF45C254DD1}) (Version: 2.2.0.0 - GameSessions) Hidden

ClipGrab 3.5.6 (HKLM-x32\...\{8A1033B0-EF33-4FB5-97A1-C47A7DCDD7E6}_is1) (Version: - Philipp Schmieder Medien)

ClipMagic Lite 4.1 (HKLM-x32\...\ClipMagic_3.1) (Version: 4.1 - MJT Net Ltd)

Cloud Xtender (HKLM\...\{1B1D400C-2ACE-4343-8DB5-CB1E58F10B69}) (Version: 1.8.0.0 - Division-M)

Combined Community Codec Pack 64bit 2015-10-18 (HKLM\...\Combined Community Codec Pack 64bit_is1) (Version: 2015.10.19.0 - CCCP Project)

Coupon Printer for Windows (HKLM-x32\...\Coupon Printer for Windows5.0.2.1) (Version: 5.0.2.1 - Coupons.com Incorporated)

CPUID HWMonitor 1.31 (HKLM\...\CPUID HWMonitor_is1) (Version: - )

Crafty 1.0.2 (HKLM-x32\...\Crafty_is1) (Version: - Ryan Gregg)

CrystalDiskInfo 7.0.0 Shizuku Edition (HKLM-x32\...\CrystalDiskInfo_is1) (Version: 7.0.0 - Crystal Dew World)

Data Lifeguard Diagnostic for Windows 1.29 (HKLM-x32\...\{519C4DB6-B53B-4F5C-8297-89B2BE949FA5}_is1) (Version: - Western Digital Corporation)

DeepBot - Twitch Streamer Assistant (HKLM-x32\...\{3BB0A983-66D8-4C96-A469-2DA19F013075}) (Version: 0.7.5.0 - DeepBot.tv)

Defraggler (HKLM\...\Defraggler) (Version: 2.21 - Piriform)

Dell System Detect (HKU\S-1-5-21-1850599263-3589281596-2263528853-1001\...\58d94f3ce2c27db0) (Version: 7.6.0.17 - Dell)

Discord (HKU\S-1-5-21-1850599263-3589281596-2263528853-1001\...\Discord) (Version: 0.0.300 - Discord Inc.)

DisplayDriverAnalyzer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_DisplayDriverAnalyzer) (Version: 390.77 - NVIDIA Corporation) Hidden

Doom Builder 2.1 (HKLM-x32\...\Doom Builder 2_is1) (Version: - CodeImp)

Dropbox (HKLM-x32\...\Dropbox) (Version: 45.4.92 - Dropbox, Inc.)

Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.59.1 - Dropbox, Inc.) Hidden

EaseUS Data Recovery Wizard (HKLM\...\EaseUS Data Recovery Wizard_is1) (Version: - EaseUS)

EaseUS Partition Master 12.0 (HKLM-x32\...\EaseUS Partition Master_is1) (Version: - EaseUS)

EasyBCD 2.3 (HKLM-x32\...\EasyBCD) (Version: 2.3 - NeoSmart Technologies)

Elevated Installer (HKLM-x32\...\{1052502B-4C91-43F9-B160-AE39ED57C9F0}) (Version: 5.3.1.0 - Garmin Ltd or its subsidiaries) Hidden

erLT (HKLM-x32\...\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}) (Version: 1.20.138.34 - Logitech, Inc.) Hidden

GameSessions Data Delivery x64 (HKLM\...\{78FA680E-5545-46C5-9B02-65FD55DBB1B7}) (Version: 2.0.413.0 - Tangentix Ltd)

GameSessions Data Delivery x86 (HKLM-x32\...\{9F391C28-AE0C-473E-92C6-8CC792002A4B}) (Version: 1.28.493.0 - Tangentix Ltd)

GameSessions Data Delivery x86 (HKLM-x32\...\{A817FEBD-CE3C-46E6-B919-C85EF434E593}) (Version: 2.0.413.0 - Tangentix Ltd)

GameSessions Runtime x64 (HKLM\...\{70863560-5C71-45DA-AE35-3397F5C08638}) (Version: 2.0.377.0 - Tangentix Ltd)

Garmin Express (HKLM-x32\...\{BCC7CA85-E57F-452D-BB44-15A1CE018BD0}) (Version: 5.3.1.0 - Garmin Ltd or its subsidiaries) Hidden

Garmin Express (HKLM-x32\...\{bd8bd200-9a60-4969-b267-6b565f36e3da}) (Version: 5.3.1.0 - Garmin Ltd or its subsidiaries)

Garmin Express Tray (HKLM-x32\...\{DA9C865D-6762-4931-8588-0B13B7A0796B}) (Version: 5.3.1.0 - Garmin Ltd or its subsidiaries) Hidden

GetFLV 9.3118.918 (HKLM-x32\...\GetFLV_is1) (Version: - GetFLV, Inc.)

GIMP 2.8.16 (HKLM\...\GIMP-2_is1) (Version: 2.8.16 - The GIMP Team)

Git version 2.7.4 (HKLM\...\Git_is1) (Version: 2.7.4 - The Git Development Community)

Google Chrome (HKLM-x32\...\Google Chrome) (Version: 65.0.3325.181 - Google Inc.)

Google Drive (HKLM-x32\...\{9BC95947-92FD-438B-A168-C01F9A5B7292}) (Version: 2.34.7529.6838 - Google, Inc.)

Google Earth Pro (HKLM\...\{D9EF644E-2FAE-493B-8180-5617CC774C4F}) (Version: 7.3.1.4507 - Google)

Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.7 - Google Inc.) Hidden

GSmartControl (HKLM-x32\...\GSmartControl) (Version: 0.8.7 - Alexander Shaduri)

HandBrake 1.0.7 (HKLM-x32\...\HandBrake) (Version: 1.0.7 - )

HeavyLoad V3.4 (64 bit) (HKLM\...\HeavyLoad_is1) (Version: 3.4 - JAM Software)

HiDownloadPlatinum (HKLM-x32\...\HiDownload Platinum_is1) (Version: - )

HP Officejet Pro 8600 Basic Device Software (HKLM\...\{791A06E2-340F-43B0-8FAB-62D151339362}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)

HP Officejet Pro 8600 Help (HKLM-x32\...\{46235FF7-2CBE-4A84-BEDA-87348D1F7850}) (Version: 28.0.0 - Hewlett Packard)

HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)

HxD Hex Editor version 1.7.7.0 (HKLM-x32\...\HxD Hex Editor_is1) (Version: 1.7.7.0 - Maël Hörz)

I.R.I.S. OCR (HKLM-x32\...\{CA6BCA2F-EDEB-408F-850B-31404BE16A61}) (Version: 12.3.4.0 - HP)

ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!)

InfraRecorder 0.53 (x64 edition) (HKLM\...\{2C22EA92-CB30-4932-0053-000001000000}) (Version: 0.53.00.00 - Christian Kindahl)

Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4531 - Intel Corporation)

Java 8 Update 161 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180161F0}) (Version: 8.0.1610.12 - Oracle Corporation)

LastPass (uninstall only) (HKLM-x32\...\LastPass) (Version: - LastPass)

Livestreamer 1.12.2 (HKLM-x32\...\Livestreamer) (Version: - )

Logitech Gaming Software 8.78 (HKLM\...\Logitech Gaming Software) (Version: 8.78.129 - Logitech Inc.)

Logitech SetPoint 6.67 (HKLM\...\sp6) (Version: 6.67.83 - Logitech)

Logitech Webcam Software (HKLM-x32\...\{D40EB009-0499-459c-A8AF-C9C110766215}) (Version: 2.80 - Logitech Inc.)

Mahjong Platinum 5 Deluxe (HKLM-x32\...\Mahjong Platinum 5 Deluxe) (Version: 1.0 - Viva Media, LLC)

Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)

Microsoft Mouse and Keyboard Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.8.106.0 - Microsoft Corporation)

Microsoft Office 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 16.0.8431.2236 - Microsoft Corporation)

Microsoft Office 365 ProPlus - en-us (HKLM\...\O365ProPlusRetail - en-us) (Version: 16.0.8431.2236 - Microsoft Corporation)

Microsoft OneDrive (HKU\S-1-5-21-1850599263-3589281596-2263528853-1001\...\OneDriveSetup.exe) (Version: 18.025.0204.0009 - Microsoft Corporation)

Microsoft RichCopy 4.0 (HKLM-x32\...\{86F4F32B-77C7-4951-B33C-05D41A8190C1}) (Version: 4.0.216 - Microsoft Corporation)

Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)

Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)

Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)

Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)

Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)

Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)

Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)

Minecraft (HKLM-x32\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang)

MiniTool Partition Wizard Free 9.1 (HKLM\...\{05D996FA-ADCB-4D23-BA3C-A7C184A8FAC6}_is1) (Version: - MiniTool Solution Ltd.)

Minutor (HKLM-x32\...\{4F34B0A4-1E8A-436E-9616-B1F715583A74}) (Version: 2.1.0 - Sean Kasun)

Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 45.1.0 - Mozilla)

Mozilla Thunderbird 45.1.0 (x86 en-US) (HKLM-x32\...\Mozilla Thunderbird 45.1.0 (x86 en-US)) (Version: 45.1.0 - Mozilla)

MultiPar version 1.2.9.8 (HKU\S-1-5-21-1850599263-3589281596-2263528853-1001\...\{AAFC96BF-C615-4D77-9A55-C692A7B26FC5}_is1) (Version: 1.2.9.8 - Yutaka Sawada)

MyDefrag v4.3.1 (HKLM\...\MyDefrag v4.3.1_is1) (Version: 4.0.0.0 - J.C. Kessels)

NBTExplorer (HKLM-x32\...\{FC4C8FDD-384C-471F-9E9A-C25B57ABE7A8}) (Version: 2.7.6.0 - Justin Aquadro)

Norton Security (HKLM-x32\...\NGC) (Version: 22.12.1.15 - Symantec Corporation)

Notepad++ (32-bit x86) (HKLM-x32\...\Notepad++) (Version: 7.5.4 - Notepad++ Team)

NVIDIA 3D Vision Controller Driver 390.41 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 390.41 - NVIDIA Corporation)

NVIDIA 3D Vision Driver 390.77 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 390.77 - NVIDIA Corporation)

NVIDIA GeForce Experience 3.13.0.85 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.13.0.85 - NVIDIA Corporation)

NVIDIA Graphics Driver 390.77 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 390.77 - NVIDIA Corporation)

NVIDIA HD Audio Driver 1.3.36.6 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.36.6 - NVIDIA Corporation)

NVIDIA PhysX System Software 9.17.0524 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0524 - NVIDIA Corporation)

OBS Multiplatform (HKLM-x32\...\OBS Multiplatform) (Version: 0.12.3 - OBS Project)

OBS Studio (HKLM-x32\...\OBS Studio) (Version: 21.1.0 - OBS Project)

Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.8431.2236 - Microsoft Corporation) Hidden

Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.8431.2236 - Microsoft Corporation) Hidden

Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0409-1000-0000000FF1CE}) (Version: 16.0.8326.2076 - Microsoft Corporation) Hidden

Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version: - )

Oracle VM VirtualBox 5.2.8 (HKLM\...\{A7F49FA5-9FCA-4936-8652-CD00206D9300}) (Version: 5.2.8 - Oracle Corporation)

PDF Settings CS5 (HKLM-x32\...\{A78FE97A-C0C8-49CE-89D0-EDD524A17392}) (Version: 10.0 - Adobe Systems Incorporated) Hidden

Port Forward Network Utilities 2.0.16c (HKLM-x32\...\Port Forward Network Utilities) (Version: 2.0.16c - Portforward.com)

PxMergeModule (HKLM-x32\...\{024521CF-C07E-4F8E-8481-0D75695E03AF}) (Version: 1.00.0000 - Your Company Name) Hidden

Python 3.5.1 (64-bit) (HKU\S-1-5-21-1850599263-3589281596-2263528853-1001\...\{b8440650-9dbe-4b7d-8167-6e0e3dcdf5d0}) (Version: 3.5.1150.0 - Python Software Foundation)

Python 3.5.1 Add to Path (64-bit) (HKLM\...\{495EFF61-4949-4304-872E-441B48022991}) (Version: 3.5.1150.0 - Python Software Foundation) Hidden

Python 3.5.1 Core Interpreter (64-bit) (HKLM\...\{2690DE23-49CD-4973-AA74-F77C4C852189}) (Version: 3.5.1150.0 - Python Software Foundation) Hidden

Python 3.5.1 Development Libraries (64-bit) (HKLM\...\{70D9C8DA-F1A1-43B0-B325-6263CD21E535}) (Version: 3.5.1150.0 - Python Software Foundation) Hidden

Python 3.5.1 Documentation (64-bit) (HKLM\...\{5C8D887B-998A-4708-9120-CE040C4A5B47}) (Version: 3.5.1150.0 - Python Software Foundation) Hidden

Python 3.5.1 Executables (64-bit) (HKLM\...\{39F30A3E-99D9-46E3-8582-7422FE54A1FB}) (Version: 3.5.1150.0 - Python Software Foundation) Hidden

Python 3.5.1 Launcher (32-bit) (HKLM-x32\...\{EC00AEF9-6544-4FEC-8152-C8949CDDCC85}) (Version: 3.5.150.0 - Python Software Foundation)

Python 3.5.1 pip Bootstrap (64-bit) (HKLM\...\{E98CFF92-01E0-4E30-8C72-3C82111091C2}) (Version: 3.5.1150.0 - Python Software Foundation) Hidden

Python 3.5.1 Standard Library (64-bit) (HKLM\...\{0F774261-D55F-4180-B266-A9E1C6F4CD7A}) (Version: 3.5.1150.0 - Python Software Foundation) Hidden

Python 3.5.1 Tcl/Tk Support (64-bit) (HKLM\...\{A47BAF5B-53CC-4E60-847A-E13CAF26F467}) (Version: 3.5.1150.0 - Python Software Foundation) Hidden

Python 3.5.1 Test Suite (64-bit) (HKLM\...\{A1B06412-F898-47C9-968F-D3B331ABB202}) (Version: 3.5.1150.0 - Python Software Foundation) Hidden

Python 3.5.1 Utility Scripts (64-bit) (HKLM\...\{34E72E6D-77E8-4C17-99B8-42497B7308C8}) (Version: 3.5.1150.0 - Python Software Foundation) Hidden

RaceRender 3 version 3.4.4 (HKLM-x32\...\{552F30AA-362C-4EFD-90D2-3AC35287F48A}_is1) (Version: 3.4.4 - RaceRender LLC)

RAMDisk (HKLM-x32\...\{08051769-4EA7-48EA-BB07-8BB683433F62}) (Version: 4.4.0.36 - Dataram, Inc.)

Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7525 - Realtek Semiconductor Corp.)

Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.00042 - Realtek Semiconductor Corp.)

Recuva (HKLM\...\Recuva) (Version: 1.53 - Piriform)

Samsung Kies (HKLM-x32\...\{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.4.16113.3 - Samsung Electronics Co., Ltd.) Hidden

Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.4.16113.3 - Samsung Electronics Co., Ltd.)

Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.63.0 - Samsung Electronics Co., Ltd.)

Secure Download Manager (HKLM-x32\...\{E040B65B-8683-4228-8C33-D44A141E40EA}) (Version: 3.1.60 - Kivuto Solutions Inc.)

SharpKeys (HKLM-x32\...\{636E94DA-99C0-448F-A931-3DAD83B4975F}) (Version: 3.5.0000 - RandyRants.com)

SLADE version 3.1.1.1 (HKLM-x32\...\{3EFD0AA9-5156-40DB-9646-360180FF5DFA}_is1) (Version: 3.1.1.1 - )

SlimDX Runtime .NET 2.0 (January 2012) (HKLM-x32\...\{014A2868-BE56-4888-A16C-693989B8F153}) (Version: 2.0.13.43 - SlimDX Group)

Smart Switch (HKLM-x32\...\{74FA5314-85C8-4E2A-907D-D9ECCCB770A7}) (Version: 4.1.17054.16 - Samsung Electronics Co., Ltd.) Hidden

Smart Switch (HKLM-x32\...\InstallShield_{74FA5314-85C8-4E2A-907D-D9ECCCB770A7}) (Version: 4.1.17054.16 - Samsung Electronics Co., Ltd.)

smartmontools (HKLM-x32\...\smartmontools) (Version: 6.5 2016-05-07 r4318 (sf-6.5-1) - smartmontools.org)

softMCCS (HKLM-x32\...\{D7D4A4A0-6D24-4337-BFD9-069E957222F6}_is1) (Version: - EnTech Taiwan)

Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)

SumatraPDF (HKLM\...\SumatraPDF) (Version: 3.1.2 - Krzysztof Kowalczyk)

SWF Extractor 2.4 (HKLM-x32\...\SWF Extractor_is1) (Version: 2.4 - GlobFX Technologies)

SWFRIP 0.4 (HKLM-x32\...\SWFRIP) (Version: - )

TeamViewer 13 (HKLM-x32\...\TeamViewer) (Version: 13.0.6447 - TeamViewer)

Terminals (HKLM-x32\...\{FA611492-D483-4F3B-A22E-EA414BCF6A91}) (Version: 4.0.0.0 - Robert Chartier)

Twitch (HKU\S-1-5-21-1850599263-3589281596-2263528853-1001\...\{DEE70742-F4E9-44CA-B2B9-EE95DCF37295}) (Version: 7.0.0.0 - Twitch Interactive, Inc.)

Ultra Defragmenter (HKLM-x32\...\UltraDefrag) (Version: 6.1.2 - UltraDefrag Development Team)

Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{E345A108-D9E8-456B-9550-435132D5C9CE}) (Version: 2.13.0.0 - Microsoft Corporation)

Uplay (HKLM-x32\...\Uplay) (Version: 15.0 - Ubisoft)

URL Helper (HKLM-x32\...\URL Helper_is1) (Version: - )

VanDyke Software SecureCRT 7.3 (HKLM\...\{CDFA2F21-13F8-4103-9CF6-5F6F98EEC3AA}) (Version: 7.3.6 - VanDyke Software, Inc.)

VBCABLE, The Virtual Audio Cable (HKLM\...\VB:VBCABLE {87459874-1236-4469}) (Version: - VB-Audio Software)

VLC media player (HKLM\...\VLC media player) (Version: 2.2.6 - VideoLAN)

Vulkan Run Time Libraries 1.0.65.0 (HKLM\...\VulkanRT1.0.65.0) (Version: 1.0.65.0 - LunarG, Inc.) Hidden

Windows 10 Update and Privacy Settings (HKLM\...\{293F2009-0145-450B-B4AA-063D43FB368C}) (Version: 1.0.13.0 - Microsoft Corporation)

Windows 10 Upgrade Assistant (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.17354 - Microsoft Corporation)

Windows 7 USB/DVD Download Tool (HKLM-x32\...\{CCF298AF-9CE1-4B26-B251-486E98A34789}) (Version: 1.0.30 - Microsoft Corporation)

Windows Driver Package - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.)

Windows Driver Package - Silicon Labs Software (DSI_SiUSBXp_3_1) USB (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software)

Windows Setup Remediations (x64) (KB4023057) (HKLM\...\{5534e02f-0f5d-40dd-ba92-bea38d22384d}.sdb) (Version: - )

WinPcap 4.1.3 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2980 - Riverbed Technology, Inc.)

WinRAR 5.31 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.31.0 - win.rar GmbH)

WinSCP 5.13 (HKLM-x32\...\winscp3_is1) (Version: 5.13 - Martin Prikryl)

Wizard101 (HKU\S-1-5-21-1850599263-3589281596-2263528853-1001\...\{A9E27FF5-6294-46A8-B8FD-77B1DECA3021}) (Version: 1.0.0 - KingsIsle Entertainment, Inc.)

Wondershare AllMyTube(Build 4.9.1.1) (HKLM-x32\...\Wondershare AllMyTube_is1) (Version: 4.9.1.1 - Wondershare Software)

Wondershare Helper Compact 2.5.0 (HKLM-x32\...\{5363CE84-5F09-48A1-8B6C-6BB590FFEDF2}_is1) (Version: 2.5.0 - Wondershare)

X-Mouse Button Control 2.17 (HKLM-x32\...\X-Mouse Button Control) (Version: 2.17 - Highresolution Enterprises)

XTREME GAMING ENGINE (HKLM-x32\...\GIGABYTE XTREME GAMING ENGINE_is1) (Version: 1.2.5.1 - GIGABYTE Technology Co.,Inc.)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1850599263-3589281596-2263528853-1001_Classes\CLSID\{3D3B1846-CC43-42AE-BFF9-D914083C2BA3}\InprocServer32 -> C:\Program Files\SumatraPDF\PdfPreview.dll ()

ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-03-15] (Dropbox, Inc.)

ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-03-15] (Dropbox, Inc.)

ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-03-15] (Dropbox, Inc.)

ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-03-15] (Dropbox, Inc.)

ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-03-15] (Dropbox, Inc.)

ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-03-15] (Dropbox, Inc.)

ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-03-15] (Dropbox, Inc.)

ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-03-15] (Dropbox, Inc.)

ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-03-15] (Dropbox, Inc.)

ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-03-15] (Dropbox, Inc.)

ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2017-11-10] (Google)

ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2017-11-10] (Google)

ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2017-11-10] (Google)

ShellIconOverlayIdentifiers: [ OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files (x86)\Norton Security\Engine\22.12.1.15\buShell.dll [2018-03-02] (Symantec Corporation)

ShellIconOverlayIdentifiers: [ OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files (x86)\Norton Security\Engine\22.12.1.15\buShell.dll [2018-03-02] (Symantec Corporation)

ShellIconOverlayIdentifiers: [ OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files (x86)\Norton Security\Engine\22.12.1.15\buShell.dll [2018-03-02] (Symantec Corporation)

ShellIconOverlayIdentifiers: [ 1CloudXtenderDefaultRule] -> {CEE47142-BE37-4FD7-93BA-126815096FC3} => C:\Program Files\Division-M\Cloud Xtender\CloudXtenderContextX64.dll [2016-02-04] (Division-M Pty Ltd)

ShellIconOverlayIdentifiers: [ 1CloudXtenderNoSync] -> {D5C93FCE-7621-41A1-8B61-F03E85882E37} => C:\Program Files\Division-M\Cloud Xtender\CloudXtenderContextX64.dll [2016-02-04] (Division-M Pty Ltd)

ShellIconOverlayIdentifiers: [ 1CloudXtenderRule] -> {ACB154A1-6250-4534-BD1A-FE77F8B52E60} => C:\Program Files\Division-M\Cloud Xtender\CloudXtenderContextX64.dll [2016-02-04] (Division-M Pty Ltd)

ShellIconOverlayIdentifiers: [ 1CloudXtenderSync] -> {9FC8FD2C-1928-4065-9F59-AB0BD45E45B5} => C:\Program Files\Division-M\Cloud Xtender\CloudXtenderContextX64.dll [2016-02-04] (Division-M Pty Ltd)

ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File

ShellIconOverlayIdentifiers: [EldosIconOverlay-VHyperDrive5] -> {9C52C09A-D7B6-4778-AC38-8B6B678A50E2} => C:\Windows\system32\VHyperDriveMntNtf5.dll [2015-08-17] (Division-M)

ShellIconOverlayIdentifiers-x32: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-03-15] (Dropbox, Inc.)

ShellIconOverlayIdentifiers-x32: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-03-15] (Dropbox, Inc.)

ShellIconOverlayIdentifiers-x32: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-03-15] (Dropbox, Inc.)

ShellIconOverlayIdentifiers-x32: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-03-15] (Dropbox, Inc.)

ShellIconOverlayIdentifiers-x32: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-03-15] (Dropbox, Inc.)

ShellIconOverlayIdentifiers-x32: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-03-15] (Dropbox, Inc.)

ShellIconOverlayIdentifiers-x32: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-03-15] (Dropbox, Inc.)

ShellIconOverlayIdentifiers-x32: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-03-15] (Dropbox, Inc.)

ShellIconOverlayIdentifiers-x32: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-03-15] (Dropbox, Inc.)

ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-03-15] (Dropbox, Inc.)

ShellIconOverlayIdentifiers-x32: [ OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files (x86)\Norton Security\Engine\22.12.1.15\buShell.dll [2018-03-02] (Symantec Corporation)

ShellIconOverlayIdentifiers-x32: [ OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files (x86)\Norton Security\Engine\22.12.1.15\buShell.dll [2018-03-02] (Symantec Corporation)

ShellIconOverlayIdentifiers-x32: [ OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files (x86)\Norton Security\Engine\22.12.1.15\buShell.dll [2018-03-02] (Symantec Corporation)

ShellIconOverlayIdentifiers-x32: [ 1CloudXtenderDefaultRule] -> {CEE47142-BE37-4FD7-93BA-126815096FC3} => C:\Program Files\Division-M\Cloud Xtender\CloudXtenderContextX64.dll [2016-02-04] (Division-M Pty Ltd)

ShellIconOverlayIdentifiers-x32: [ 1CloudXtenderNoSync] -> {D5C93FCE-7621-41A1-8B61-F03E85882E37} => C:\Program Files\Division-M\Cloud Xtender\CloudXtenderContextX64.dll [2016-02-04] (Division-M Pty Ltd)

ShellIconOverlayIdentifiers-x32: [ 1CloudXtenderRule] -> {ACB154A1-6250-4534-BD1A-FE77F8B52E60} => C:\Program Files\Division-M\Cloud Xtender\CloudXtenderContextX64.dll [2016-02-04] (Division-M Pty Ltd)

ShellIconOverlayIdentifiers-x32: [ 1CloudXtenderSync] -> {9FC8FD2C-1928-4065-9F59-AB0BD45E45B5} => C:\Program Files\Division-M\Cloud Xtender\CloudXtenderContextX64.dll [2016-02-04] (Division-M Pty Ltd)

ShellIconOverlayIdentifiers-x32: [EldosIconOverlay-VHyperDrive5] -> {9C52C09A-D7B6-4778-AC38-8B6B678A50E2} => C:\Windows\system32\VHyperDriveMntNtf5.dll [2015-08-17] (Division-M)

ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files (x86)\Notepad++\NppShell_06.dll [2017-12-31] ()

ContextMenuHandlers1: [BUContextMenu] -> {F7CAA2A1-67A2-44BB-B20F-202FD8EB1DAB} => C:\Program Files (x86)\Norton Security\Engine\22.12.1.15\buShell.dll [2018-03-02] (Symantec Corporation)

ContextMenuHandlers1: [DefragglerShellExtension] -> {4380C993-0C43-4E02-9A7A-0D40B6EA7590} => C:\Program Files\Defraggler\DefragglerShell64.dll [2016-03-08] (Piriform Ltd)

ContextMenuHandlers1: [Division-M Cloud Xtender] -> {ADF1BCA3-3A63-4017-B1BB-8E98E2455157} => C:\Program Files\Division-M\Cloud Xtender\CloudXtenderContextX64.dll [2016-02-04] (Division-M Pty Ltd)

ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-03-15] (Dropbox, Inc.)

ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files (x86)\Google\Drive\contextmenu64.dll [2017-11-10] (Google)

ContextMenuHandlers1: [Symantec.Norton.Antivirus.IEContextMenu] -> {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} => C:\Program Files (x86)\Norton Security\Engine\22.12.1.15\NavShExt.dll [2018-03-02] (Symantec Corporation)

ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-02-04] (Alexander Roshal)

ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-02-04] (Alexander Roshal)

ContextMenuHandlers2: [Symantec.Norton.Antivirus.IEContextMenu] -> {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} => C:\Program Files (x86)\Norton Security\Engine\22.12.1.15\NavShExt.dll [2018-03-02] (Symantec Corporation)

ContextMenuHandlers3: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File

ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-03-15] (Dropbox, Inc.)

ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files (x86)\Google\Drive\contextmenu64.dll [2017-11-10] (Google)

ContextMenuHandlers4: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2016-06-06] (Piriform Ltd)

ContextMenuHandlers5: [Actual Window Manager] -> {CE577978-3FCA-430D-B0CE-D637788F9C5A} => C:\Program Files (x86)\Actual Window Manager\ActualWindowManagerShellExtension64.dll [2016-03-31] (Actual Tools)

ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-03-15] (Dropbox, Inc.)

ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File

ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2016-11-01] (Intel Corporation)

ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2018-01-23] (NVIDIA Corporation)

ContextMenuHandlers6: [BUContextMenu] -> {F7CAA2A1-67A2-44BB-B20F-202FD8EB1DAB} => C:\Program Files (x86)\Norton Security\Engine\22.12.1.15\buShell.dll [2018-03-02] (Symantec Corporation)

ContextMenuHandlers6: [DefragglerShellExtension] -> {4380C993-0C43-4E02-9A7A-0D40B6EA7590} => C:\Program Files\Defraggler\DefragglerShell64.dll [2016-03-08] (Piriform Ltd)

ContextMenuHandlers6: [Division-M Cloud Xtender] -> {ADF1BCA3-3A63-4017-B1BB-8E98E2455157} => C:\Program Files\Division-M\Cloud Xtender\CloudXtenderContextX64.dll [2016-02-04] (Division-M Pty Ltd)

ContextMenuHandlers6: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2016-06-06] (Piriform Ltd)

ContextMenuHandlers6: [Symantec.Norton.Antivirus.IEContextMenu] -> {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} => C:\Program Files (x86)\Norton Security\Engine\22.12.1.15\NavShExt.dll [2018-03-02] (Symantec Corporation)

ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-02-04] (Alexander Roshal)

ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-02-04] (Alexander Roshal)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {000E9049-22C6-4201-A6EC-EDE9ADDE53A2} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2018-03-23] (Microsoft Corporation)

Task: {08EAAA7D-B85D-40E2-9A73-B27DE064EEAA} - \Microsoft\Windows\UpdateOrchestrator\Maintenance Install -> No File <==== ATTENTION

Task: {0F67EA54-60F9-49B2-BE68-D545EF378CF9} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18022-0\MpCmdRun.exe [2018-03-01] (Microsoft Corporation)

Task: {100EC8B9-B16E-46F7-890B-8AD268DBC3CC} - System32\Tasks\Norton Security\Norton Security Error Processor => C:\Program Files (x86)\Norton Security\Engine\22.12.1.15\SymErr.exe [2018-03-02] (Symantec Corporation)

Task: {13C0E4B8-A08F-42B3-AB2E-BE604F06D2EC} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [2018-03-23] (Microsoft Corporation)

Task: {1E351299-1971-45EE-9AD5-FF57CCC922E6} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18022-0\MpCmdRun.exe [2018-03-01] (Microsoft Corporation)

Task: {1FADAABA-B913-417C-A9FB-1EFA0C3F1ADE} - \GarminUpdaterTask -> No File <==== ATTENTION

Task: {2264DD2F-F817-4DB9-847E-E65FAC48EF18} - \Microsoft\Windows\ErrorDetails\ErrorDetailsUpdate -> No File <==== ATTENTION

Task: {25E1A252-115C-4A2E-9523-A8285CB6660F} - System32\Tasks\Remediation\AntimalwareMigrationTask => C:\Program Files\Common Files\AV\Norton Security\Upgrade.exe [2018-03-02] (Symantec Corporation)

Task: {2AFE2B9D-12C5-44B2-AB9B-402793CDE196} - \Microsoft\Windows\ErrorDetails\EnableErrorDetailsUpdate -> No File <==== ATTENTION

Task: {2CCAE715-D986-4ABA-BFA4-918549EB2125} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018-01-20] ()

Task: {380AB2A4-072C-4908-BAE0-5CDE90347F99} - \Microsoft_Hardware_Launch_mousekeyboardcenter_exe -> No File <==== ATTENTION

Task: {3E39626F-728B-4D5A-BE54-0BACA9475763} - System32\Tasks\Norton Security\Norton Security Autofix => C:\Program Files (x86)\Norton Security\Engine\22.12.1.15\SymErr.exe [2018-03-02] (Symantec Corporation)

Task: {41FB4067-A9E3-4119-BBB9-4D01310635BB} - \Microsoft\XblGameSave\XblGameSaveTaskLogon -> No File <==== ATTENTION

Task: {434A9D28-284D-4642-A385-3F68C97FD99B} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2017-10-18] (Piriform Ltd)

Task: {4520E8A9-AF06-4122-859B-E4B655B29B36} - \Microsoft\Windows\AppID\SmartScreenSpecific -> No File <==== ATTENTION

Task: {4795A5F7-831F-4543-AAD7-34E88FCE6A06} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe [2018-02-21] (NVIDIA Corporation)

Task: {4D9BCF74-E5A4-48DB-8430-7D57D2D6D384} - \Microsoft\Windows\UpdateOrchestrator\USO_UxBroker_ReadyToReboot -> No File <==== ATTENTION

Task: {51B7FB15-4DCB-400E-9A98-10E802F21FB3} - \Microsoft\Windows\DeviceDirectoryClient\RegisterDeviceScreenOnOff -> No File <==== ATTENTION

Task: {5989B565-82F7-4B06-B67B-344EBD6E8DCF} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2018-02-21] (NVIDIA Corporation)

Task: {6EB1A71A-0C58-455F-B2A3-78AF2F3F1936} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2018-02-21] (NVIDIA Corporation)

Task: {733C04CB-EAEA-4B98-B839-C5757D70B7FF} - \Microsoft_Hardware_Launch_ipoint_exe -> No File <==== ATTENTION

Task: {7687E1F0-D340-4667-BCEA-2E8191B4BB4D} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18022-0\MpCmdRun.exe [2018-03-01] (Microsoft Corporation)

Task: {796592C7-15D9-466B-9410-F234727FF074} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018-01-20] ()

Task: {852760AE-68A4-4899-9EB3-887058FDA051} - System32\Tasks\Norton Security\Norton Security Error Analyzer => C:\Program Files (x86)\Norton Security\Engine\22.12.1.15\SymErr.exe [2018-03-02] (Symantec Corporation)

Task: {945F63FE-A469-40B3-A706-3B8FD1FA132E} - \HP AR Program Upload - 98ac4bcf70d14607bddacad62c9ee21e3a01a12256a04784bb0ea70e04b3ebd8 -> No File <==== ATTENTION

Task: {981D8CD1-CF11-4A52-BE16-4CE5BFF8F90A} - \Microsoft_MKC_Logon_Task_itype.exe -> No File <==== ATTENTION

Task: {98C5EA44-3DE1-40B7-A06A-8ED5C05BDE91} - \Microsoft\Windows\UpdateOrchestrator\USO_UxBroker_Display -> No File <==== ATTENTION

Task: {9E51C4AD-6AC6-4E2B-9BA5-65B86209653F} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2018-02-21] (NVIDIA Corporation)

Task: {A0D1DB95-7ADF-4370-9C48-70CB2E47F6AD} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-01-20] (Google Inc.)

Task: {A255D818-DE31-478E-8EC6-2B71F9AEC8AF} - System32\Tasks\Microsoft\Windows\Display\Brightness\BrightnessReset

Task: {A9C453A8-F56D-48C9-A76F-775E2E5E5098} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION

Task: {AC962DC6-1A87-4DE4-A14A-D5E23EA91C35} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [2018-03-23] (Microsoft Corporation)

Task: {AE75E943-370D-43BD-8961-0170B75FFE23} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18022-0\MpCmdRun.exe [2018-03-01] (Microsoft Corporation)

Task: {AF1E6F6F-D06A-407E-81B4-118AEFF4DDF5} - \AdobeAAMUpdater-1.0-WOLF10-Wolfie -> No File <==== ATTENTION

Task: {B320E058-C6FA-413F-876B-0C9B4428AE66} - \Microsoft\Windows\DeviceDirectoryClient\RegisterDevicePeriodic6 -> No File <==== ATTENTION

Task: {B33FB711-7FCB-4C89-A6CE-1C3BF44B1C9F} - \Microsoft\Windows\UpdateOrchestrator\Policy Install -> No File <==== ATTENTION

Task: {B3BCFE76-D08E-4345-A21B-BDA24ACC784A} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2018-02-21] (NVIDIA Corporation)

Task: {B65DDC0A-E740-4F33-9D7D-162747FD16DB} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-02-21] (NVIDIA Corporation)

Task: {BA01EE8A-F64E-4061-B296-22CBA0880A2A} - \HP AR Program Upload - 02102edaeb1d4da8bf1317ef10e3914f9d60a2b6c7484641bb5186d03f8e7939 -> No File <==== ATTENTION

Task: {C1816AB5-0E6B-4AB0-810B-261340FC136E} - System32\Tasks\Launcher GIGABYTE XTREME GAMING ENGINE => C:\Program Files (x86)\GIGABYTE\XTREME GAMING ENGINE\Xtreme.exe [2017-04-12] (GIGABYTE Technology Co.,Ltd.)

Task: {C1AF4A86-FC4E-413B-9A3B-1EE3806F66E5} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2018-02-21] (NVIDIA Corporation)

Task: {C4811969-29DD-4C2D-8931-8744279CA030} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2018-02-21] (NVIDIA Corporation)

Task: {C6B2579B-4962-4D12-883D-BBD420573A6C} - \Microsoft\Windows\DeviceDirectoryClient\RegisterDevicePeriodic1 -> No File <==== ATTENTION

Task: {C99BDDD2-B186-4AC4-8EDA-F9B5FE12CB58} - \DropboxUpdateTaskMachineCore -> No File <==== ATTENTION

Task: {C9ACBFD2-20AA-4A3F-BE1A-A3D5279BB1BB} - \Microsoft\Windows\Plug and Play\Plug and Play Cleanup -> No File <==== ATTENTION

Task: {D0F123A0-4E1F-45C7-B5CB-E3F7D4EA7346} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2018-03-03] (Microsoft Corporation)

Task: {D19A2726-897E-4F7D-9CE4-0773B449CE9E} - \Microsoft\Windows\DeviceDirectoryClient\RegisterDeviceConnectedToNetwork -> No File <==== ATTENTION

Task: {DA61618B-D192-49D1-83F1-CCCAB9475164} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-01-20] (Google Inc.)

Task: {DD21B060-8929-4740-885F-C0AB575BDA90} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton Security\Engine\22.12.1.15\WSCStub.exe [2018-03-02] (Symantec Corporation)

Task: {DD7E69BD-5FFC-447F-A4E5-F1C7F4666D36} - \DropboxUpdateTaskMachineUA -> No File <==== ATTENTION

Task: {E75BED39-83E9-4E3A-9B5D-A2F2FCEC8788} - \Microsoft_Hardware_Launch_itype_exe -> No File <==== ATTENTION

Task: {EA1B69EB-2B48-4CAD-9C32-F5006D3DFF0A} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2018-03-03] (Microsoft Corporation)

Task: {EEEEC83C-1DAA-4798-A52E-7D2A8D0F06E0} - \HP AR Program Upload - 3edb4b72ab2b40739becb69293c06cc2663cfb2aac0a45df95040ccfe4a39d79 -> No File <==== ATTENTION

Task: {F7BA8D6D-3111-4A2D-A7A8-337D7609DDEE} - \Microsoft_MKC_Logon_Task_ipoint.exe -> No File <==== ATTENTION

Task: {FAAD3F00-3D8B-402F-954D-9CAF0689562C} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2017-10-18] (Piriform Ltd)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe

Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\Wolfie\Desktop\Profile 2007 - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 3"

ShortcutWithArgument: C:\Users\Wolfie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\FLV Player.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=dhogabmliblgpadclikpkjfnnipeebjm

ShortcutWithArgument: C:\Users\Wolfie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gliffy Diagrams.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=bhmicilclplefnflapjmnngmkkkkpfad

ShortcutWithArgument: C:\Users\Wolfie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Plex.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=fpniocchabmgenibceglhnfeimmdhdfm

ShortcutWithArgument: C:\Users\Wolfie\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\69639df789022856\Profile 2 - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 1"

ShortcutWithArgument: C:\Users\Wolfie\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\5d696d521de238c3\Fangs - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default

ShortcutWithArgument: C:\Users\Wolfie\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\48499db33039e897\Profile 2010 N Raged - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 4"

==================== Loaded Modules (Whitelisted) ==============

2018-01-26 06:34 - 2018-01-23 20:23 - 000544240 _____ () C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem\DisplayDriverAnalyzer\_DisplayDriverCrashAnalyzer64.dll

2017-05-22 00:51 - 2013-07-04 04:32 - 000936728 _____ () C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe

2017-05-11 17:41 - 2018-02-21 03:51 - 001268616 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll

2017-03-18 16:58 - 2017-03-18 16:58 - 000138000 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll

2016-11-25 05:24 - 2018-01-20 01:52 - 008929480 _____ () C:\Program Files\Microsoft Office\root\Office16\1033\GrooveIntlResource.dll

2017-10-20 04:52 - 2015-11-25 00:39 - 000210944 _____ () C:\Program Files\CDisplayEx\unrarshell.dll

2017-10-20 04:52 - 2015-11-25 00:39 - 000402944 _____ () C:\Program Files\CDisplayEx\libwebp.dll

2017-10-20 04:52 - 2015-11-25 00:39 - 000044544 _____ () C:\Program Files\CDisplayEx\libwebpdemux.dll

2017-12-31 21:07 - 2017-12-31 21:07 - 000230064 _____ () C:\Program Files (x86)\Notepad++\NppShell_06.dll

2017-03-18 16:59 - 2017-03-18 22:28 - 001731072 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll

2015-03-06 20:07 - 2015-03-06 20:07 - 000908568 _____ () C:\Program Files\Logitech Gaming Software\libGLESv2.dll

2016-01-06 15:43 - 2016-01-06 15:43 - 001095448 _____ () C:\Program Files\Logitech Gaming Software\platforms\qwindows.dll

2015-03-06 20:07 - 2015-03-06 20:07 - 000060184 _____ () C:\Program Files\Logitech Gaming Software\libEGL.dll

2016-01-06 15:43 - 2016-01-06 15:43 - 000240408 _____ () C:\Program Files\Logitech Gaming Software\imageformats\qjpeg.dll

2017-12-26 18:30 - 2016-04-14 22:17 - 000468704 _____ () S:\Program Files (x86)\chatty\JIntellitype.dll

2012-09-13 01:38 - 2012-09-13 01:38 - 000264040 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\CameraHelperShell.exe

2017-05-15 01:21 - 2014-11-18 14:44 - 000255072 _____ () C:\Program Files (x86)\EaseUS\EaseUS Partition Master 12.0\bin\TrayPopupE\TrayTipAgentE.exe

2017-05-15 01:25 - 2017-03-25 16:26 - 000089960 _____ () C:\Program Files (x86)\AOMEI Backupper\ABNotify.exe

2018-03-18 20:19 - 2018-03-18 20:19 - 002613184 _____ () C:\Program Files (x86)\obs-studio\bin\64bit\obs64.exe

2018-03-18 20:19 - 2018-03-18 20:19 - 000068032 _____ () C:\Program Files (x86)\obs-studio\bin\64bit\obs-frontend-api.dll

2018-03-18 20:19 - 2018-03-18 20:19 - 000884160 _____ () C:\Program Files (x86)\obs-studio\bin\64bit\obs.dll

2018-03-18 20:19 - 2018-03-18 20:19 - 000460240 _____ () C:\Program Files (x86)\obs-studio\bin\64bit\zlib.dll

2018-03-18 20:19 - 2018-03-18 20:19 - 000084416 _____ () C:\Program Files (x86)\obs-studio\bin\64bit\w32-pthreads.dll

2018-03-18 20:19 - 2018-03-18 20:19 - 000654224 _____ () C:\Program Files (x86)\obs-studio\bin\64bit\libvorbis-0.dll

2018-03-18 20:19 - 2018-03-18 20:19 - 001022640 _____ () C:\Program Files (x86)\obs-studio\bin\64bit\libvorbisenc-2.dll

2018-03-18 20:18 - 2018-03-18 20:18 - 002523024 _____ () C:\Program Files (x86)\obs-studio\bin\64bit\libopus-0.dll

2018-03-18 20:18 - 2018-03-18 20:18 - 002661824 _____ () C:\Program Files (x86)\obs-studio\bin\64bit\libGLESv2.dll

2018-03-18 20:18 - 2018-03-18 20:18 - 000397360 _____ () C:\Program Files (x86)\obs-studio\bin\64bit\libogg-0.dll

2018-03-18 20:19 - 2018-03-18 20:19 - 003218456 _____ () C:\Program Files (x86)\obs-studio\bin\64bit\libvpx-1.dll

2018-03-18 20:18 - 2018-03-18 20:18 - 000214464 _____ () C:\Program Files (x86)\obs-studio\bin\64bit\libobs-d3d11.dll

2018-03-18 20:19 - 2018-03-18 20:19 - 000110016 _____ () C:\Program Files (x86)\obs-studio\obs-plugins\64bit\coreaudio-encoder.dll

2016-12-21 07:57 - 2013-11-23 10:29 - 000029696 _____ () C:\Program Files (x86)\obs-studio\obs-plugins\64bit\DateTimePlugin.dll

2018-03-18 20:19 - 2018-03-18 20:19 - 000559552 _____ () C:\Program Files (x86)\obs-studio\obs-plugins\64bit\enc-amf.dll

2018-03-18 20:19 - 2018-03-18 20:19 - 000527296 _____ () C:\Program Files (x86)\obs-studio\obs-plugins\64bit\frontend-tools.dll

2018-03-18 20:19 - 2018-03-18 20:19 - 000175040 _____ () C:\Program Files (x86)\obs-studio\bin\64bit\obs-scripting.dll

2018-03-18 20:19 - 2018-03-18 20:19 - 000466368 _____ () C:\Program Files (x86)\obs-studio\bin\64bit\lua51.dll

2018-03-18 20:19 - 2018-03-18 20:19 - 000061888 _____ () C:\Program Files (x86)\obs-studio\obs-plugins\64bit\image-source.dll

2018-03-18 20:19 - 2018-03-18 20:19 - 094256064 _____ () C:\Program Files (x86)\obs-studio\obs-plugins\64bit\libcef.dll

2018-03-18 20:19 - 2018-03-18 20:19 - 004150208 _____ () C:\Program Files (x86)\obs-studio\obs-plugins\64bit\libGLESv2.dll

2018-03-18 20:19 - 2018-03-18 20:19 - 002383296 _____ () C:\Program Files (x86)\obs-studio\obs-plugins\64bit\obs-browser.dll

2018-03-18 20:19 - 2018-03-18 20:19 - 000125888 _____ () C:\Program Files (x86)\obs-studio\obs-plugins\64bit\obs-ffmpeg.dll

2018-03-18 20:19 - 2018-03-18 20:19 - 000149440 _____ () C:\Program Files (x86)\obs-studio\obs-plugins\64bit\obs-filters.dll

2018-03-18 20:19 - 2018-03-18 20:19 - 000276416 _____ () C:\Program Files (x86)\obs-studio\obs-plugins\64bit\obs-outputs.dll

2018-03-18 20:19 - 2018-03-18 20:19 - 000205760 _____ () C:\Program Files (x86)\obs-studio\obs-plugins\64bit\obs-qsv11.dll

2018-03-18 20:19 - 2018-03-18 20:19 - 000078272 _____ () C:\Program Files (x86)\obs-studio\obs-plugins\64bit\obs-text.dll

2018-03-18 20:19 - 2018-03-18 20:19 - 000063424 _____ () C:\Program Files (x86)\obs-studio\obs-plugins\64bit\obs-transitions.dll

2018-03-18 20:19 - 2018-03-18 20:19 - 000089024 _____ () C:\Program Files (x86)\obs-studio\obs-plugins\64bit\obs-vst.dll

2018-03-18 20:19 - 2018-03-18 20:19 - 000062400 _____ () C:\Program Files (x86)\obs-studio\obs-plugins\64bit\obs-x264.dll

2018-03-18 20:19 - 2018-03-18 20:19 - 000100800 _____ () C:\Program Files (x86)\obs-studio\obs-plugins\64bit\rtmp-services.dll

2018-03-18 20:19 - 2018-03-18 20:19 - 000772032 _____ () C:\Program Files (x86)\obs-studio\obs-plugins\64bit\text-freetype2.dll

2018-03-18 20:19 - 2018-03-18 20:19 - 000062912 _____ () C:\Program Files (x86)\obs-studio\obs-plugins\64bit\vlc-video.dll

2018-03-18 20:19 - 2018-03-18 20:19 - 000112064 _____ () C:\Program Files (x86)\obs-studio\obs-plugins\64bit\win-capture.dll

2018-03-18 20:19 - 2018-03-18 20:19 - 000102336 _____ () C:\Program Files (x86)\obs-studio\obs-plugins\64bit\win-decklink.dll

2018-03-18 20:19 - 2018-03-18 20:19 - 000325056 _____ () C:\Program Files (x86)\obs-studio\obs-plugins\64bit\win-dshow.dll

2018-03-18 20:19 - 2018-03-18 20:19 - 000039360 _____ () C:\Program Files (x86)\obs-studio\obs-plugins\64bit\win-mf.dll

2018-03-18 20:19 - 2018-03-18 20:19 - 000081856 _____ () C:\Program Files (x86)\obs-studio\obs-plugins\64bit\win-wasapi.dll

2018-03-18 20:19 - 2018-03-18 20:19 - 001820096 _____ () C:\Program Files (x86)\obs-studio\obs-plugins\64bit\cef-bootstrap.exe

2018-03-22 19:58 - 2018-03-20 02:00 - 004435288 _____ () C:\Program Files (x86)\Google\Chrome\Application\65.0.3325.181\libglesv2.dll

2018-03-22 19:58 - 2018-03-20 02:00 - 000099672 _____ () C:\Program Files (x86)\Google\Chrome\Application\65.0.3325.181\libegl.dll

2018-03-13 22:52 - 2018-02-28 16:59 - 031228928 _____ () C:\Users\Wolfie\AppData\Local\Google\Chrome\User Data\PepperFlash\29.0.0.113\pepflashplayer.dll

2017-10-09 21:57 - 2017-10-09 21:57 - 004252672 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1709.2703.0_x64__8wekyb3d8bbwe\Calculator.exe

2017-09-26 03:17 - 2017-09-26 03:17 - 003553704 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1709.2703.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll

2018-03-16 01:38 - 2018-03-16 01:39 - 000173568 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11802.1001.11.0_x64__8wekyb3d8bbwe\WinStore.Preview.dll

2018-03-09 14:39 - 2018-03-09 14:39 - 002250240 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11802.1001.11.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll

2018-03-16 01:38 - 2018-03-16 01:39 - 007910912 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11802.1001.11.0_x64__8wekyb3d8bbwe\WinStore.Entertainment.Mobile.dll

2017-05-22 00:51 - 2018-03-12 16:45 - 000039720 _____ () C:\Program Files (x86)\ASUS\AXSP\1.01.02\PEbiosinterface32.dll

2017-05-22 00:51 - 2013-07-04 04:32 - 000104448 _____ () C:\Program Files (x86)\ASUS\AXSP\1.01.02\ATKEX.dll

2017-05-15 01:25 - 2017-03-25 16:28 - 000954216 _____ () C:\Program Files (x86)\AOMEI Backupper\UiLogic.dll

2017-05-15 01:25 - 2017-03-25 16:27 - 000253808 _____ () C:\Program Files (x86)\AOMEI Backupper\diskmgr.dll

2017-05-15 01:25 - 2017-03-25 16:27 - 000331632 _____ () C:\Program Files (x86)\AOMEI Backupper\Comn.dll

2017-05-15 01:25 - 2017-03-25 16:27 - 000143208 _____ () C:\Program Files (x86)\AOMEI Backupper\FuncLogic.dll

2017-05-15 01:25 - 2017-03-25 16:27 - 000360296 _____ () C:\Program Files (x86)\AOMEI Backupper\ImgFile.dll

2017-05-15 01:25 - 2017-03-25 16:27 - 000040808 _____ () C:\Program Files (x86)\AOMEI Backupper\Encrypt.dll

2017-05-15 01:25 - 2017-03-25 16:27 - 000495472 _____ () C:\Program Files (x86)\AOMEI Backupper\EnumFolder.dll

2017-05-15 01:25 - 2017-03-25 16:27 - 000114544 _____ () C:\Program Files (x86)\AOMEI Backupper\BrLog.dll

2017-05-15 01:25 - 2017-03-25 16:27 - 000081776 _____ () C:\Program Files (x86)\AOMEI Backupper\Compress.dll

2017-05-15 01:25 - 2015-05-21 14:32 - 002403504 _____ () C:\Program Files (x86)\AOMEI Backupper\QtCore4.dll

2017-05-15 01:25 - 2017-03-25 16:27 - 000089960 _____ () C:\Program Files (x86)\AOMEI Backupper\Ldm.dll

2017-05-15 01:25 - 2017-03-25 16:27 - 000073584 _____ () C:\Program Files (x86)\AOMEI Backupper\Device.dll

2017-05-15 01:25 - 2017-03-25 16:27 - 000298856 _____ () C:\Program Files (x86)\AOMEI Backupper\BrFat.dll

2017-05-15 01:25 - 2017-03-25 16:27 - 000978800 _____ () C:\Program Files (x86)\AOMEI Backupper\BrNtfs.dll

2017-05-15 01:25 - 2017-03-25 16:27 - 000339816 _____ () C:\Program Files (x86)\AOMEI Backupper\Clone.dll

2017-05-15 01:25 - 2017-03-25 16:28 - 000724848 _____ () C:\Program Files (x86)\AOMEI Backupper\Sync.dll

2017-05-15 01:25 - 2017-03-25 16:27 - 000130920 _____ () C:\Program Files (x86)\AOMEI Backupper\Backup.dll

2017-05-15 01:25 - 2017-03-25 16:27 - 000171888 _____ () C:\Program Files (x86)\AOMEI Backupper\FlBackup.dll

2017-05-15 01:25 - 2017-03-25 16:27 - 000114536 _____ () C:\Program Files (x86)\AOMEI Backupper\BrVol.dll

2017-05-15 01:25 - 2017-03-25 16:27 - 000188264 _____ () C:\Program Files (x86)\AOMEI Backupper\DeviceMgr.dll

2017-05-15 01:25 - 2017-03-25 16:27 - 000266088 _____ () C:\Program Files (x86)\AOMEI Backupper\GptBcd.dll

2017-05-11 17:41 - 2018-02-21 03:51 - 001041800 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll

2014-09-25 22:29 - 2017-11-29 01:09 - 000781088 _____ () S:\Steam\SDL2.dll

2014-09-25 22:29 - 2017-12-15 15:59 - 002558752 _____ () S:\Steam\video.dll

2014-12-03 00:57 - 2016-08-31 21:02 - 004969248 _____ () S:\Steam\v8.dll

2017-12-15 07:13 - 2017-11-03 21:54 - 000351520 _____ () S:\Steam\libavresample-3.dll

2017-12-15 07:13 - 2017-11-03 21:54 - 000695584 _____ () S:\Steam\libavformat-57.dll

2017-12-15 07:13 - 2017-11-03 21:54 - 000847136 _____ () S:\Steam\libavutil-55.dll

2017-12-15 07:13 - 2017-11-03 21:54 - 000783648 _____ () S:\Steam\libswscale-4.dll

2014-12-03 00:57 - 2016-08-31 21:02 - 001195296 _____ () S:\Steam\icuuc.dll

2014-12-03 00:57 - 2016-08-31 21:02 - 001563936 _____ () S:\Steam\icui18n.dll

2017-12-15 07:13 - 2017-11-03 21:54 - 005137696 _____ () S:\Steam\libavcodec-57.dll

2014-09-25 22:29 - 2017-12-15 15:59 - 000904992 _____ () S:\Steam\bin\chromehtml.DLL

2016-03-16 14:49 - 2016-07-04 18:17 - 000266560 _____ () S:\Steam\openvr_api.dll

2016-07-23 13:09 - 2014-05-19 17:19 - 000137728 _____ () C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\CBSCreateVC.dll

2016-07-25 19:38 - 2016-06-20 14:48 - 001506304 _____ () C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\DAQExp.dll

2017-06-08 01:45 - 2017-09-06 22:04 - 000678400 _____ () S:\Steam\bin\cef\cef.win7\SDL2.dll

2016-12-25 11:25 - 2017-10-31 00:44 - 071471904 _____ () S:\Steam\bin\cef\cef.win7\libcef.dll

2017-05-11 21:41 - 2016-08-18 20:26 - 000225792 _____ () C:\Program Files (x86)\GIGABYTE\XTREME GAMING ENGINE\GvFireware.dll

2017-05-11 21:41 - 2014-05-01 02:49 - 000025088 _____ () C:\Program Files (x86)\GIGABYTE\XTREME GAMING ENGINE\BSL430.dll

2012-09-13 01:38 - 2012-09-13 01:38 - 002144104 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtCore4.dll

2012-09-13 01:38 - 2012-09-13 01:38 - 007955304 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtGui4.dll

2012-09-13 01:38 - 2012-09-13 01:38 - 000341352 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtXml4.dll

2012-09-13 01:38 - 2012-09-13 01:38 - 000028008 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\imageformats\QGif4.dll

2012-09-13 01:38 - 2012-09-13 01:38 - 000127336 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\imageformats\QJpeg4.dll

2014-12-16 08:57 - 2015-09-24 19:52 - 000119208 _____ () S:\Steam\winh264.dll

2012-09-13 01:39 - 2012-09-13 01:39 - 000336232 _____ () C:\Program Files (x86)\Common Files\logishrd\LWSPlugins\LWS\Applets\CameraHelper\DevManagerCore.dll

2017-05-15 01:21 - 2014-02-13 15:27 - 000222792 _____ () C:\Program Files (x86)\EaseUS\EaseUS Partition Master 12.0\bin\TrayPopupE\traynet.dll

2017-05-15 01:21 - 2014-02-13 15:27 - 000275528 _____ () C:\Program Files (x86)\EaseUS\EaseUS Partition Master 12.0\bin\TrayPopupE\libcurl.dll

2017-05-15 01:21 - 2014-02-13 15:27 - 000113166 _____ () C:\Program Files (x86)\EaseUS\EaseUS Partition Master 12.0\bin\TrayPopupE\zlib1.dll

2017-05-15 01:21 - 2014-02-13 15:27 - 000249928 _____ () C:\Program Files (x86)\EaseUS\EaseUS Partition Master 12.0\bin\TrayPopupE\uexper.dll

2017-05-11 17:42 - 2018-02-21 03:51 - 071673736 _____ () C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\libcef.dll

2017-12-31 21:07 - 2017-12-31 21:07 - 000021680 _____ () C:\Program Files (x86)\Notepad++\plugins\NppExport.dll

2018-01-09 01:11 - 2018-01-08 18:52 - 001891832 _____ () C:\Users\Wolfie\AppData\Local\Discord\app-0.0.300\ffmpeg.dll

2018-01-13 16:19 - 2018-02-09 22:21 - 001780216 _____ () \\?\C:\Users\Wolfie\AppData\Roaming\discord\0.0.300\modules\discord_overlay2\discord_overlay2.node

2018-01-09 01:11 - 2018-01-08 18:52 - 001937912 _____ () C:\Users\Wolfie\AppData\Local\Discord\app-0.0.300\libglesv2.dll

2018-01-09 01:11 - 2018-01-08 18:52 - 000095736 _____ () C:\Users\Wolfie\AppData\Local\Discord\app-0.0.300\libegl.dll

2018-02-20 19:03 - 2018-02-20 19:03 - 001910264 _____ () \\?\C:\Users\Wolfie\AppData\Roaming\discord\0.0.300\modules\discord_spellcheck\node_modules\cld\build\Release\cld.node

2018-02-20 19:03 - 2018-02-20 19:03 - 000422392 _____ () \\?\C:\Users\Wolfie\AppData\Roaming\discord\0.0.300\modules\discord_spellcheck\node_modules\spellchecker\build\Release\spellchecker.node

2018-02-20 19:03 - 2018-02-20 19:03 - 000145400 _____ () \\?\C:\Users\Wolfie\AppData\Roaming\discord\0.0.300\modules\discord_spellcheck\node_modules\keyboard-layout\build\Release\keyboard-layout-manager.node

2018-01-13 16:19 - 2018-03-21 02:37 - 009623896 _____ () \\?\C:\Users\Wolfie\AppData\Roaming\discord\0.0.300\modules\discord_voice\discord_voice.node

2018-01-13 16:19 - 2018-02-01 20:31 - 001508344 _____ () \\?\C:\Users\Wolfie\AppData\Roaming\discord\0.0.300\modules\discord_utils\discord_utils.node

2018-01-13 16:19 - 2018-01-13 16:19 - 000513016 _____ () \\?\C:\Users\Wolfie\AppData\Roaming\discord\0.0.300\modules\discord_erlpack\discord_erlpack.node

2018-01-13 16:19 - 2018-03-13 17:41 - 001517560 _____ () \\?\C:\Users\Wolfie\AppData\Roaming\discord\0.0.300\modules\discord_game_utils\discord_game_utils.node

2018-01-13 16:19 - 2018-01-13 16:19 - 002662904 _____ () \\?\C:\Users\Wolfie\AppData\Roaming\discord\0.0.300\modules\discord_rpc\discord_rpc.node

2018-01-13 16:19 - 2018-03-08 17:59 - 002749944 _____ () \\?\C:\Users\Wolfie\AppData\Roaming\discord\0.0.300\modules\discord_contact_import\discord_contact_import.node

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Users\Wolfie\Cookies:4kGGPjvqg7bCB45wgCr7gr [2522]

AlternateDataStreams: C:\Users\Wolfie\Cookies:BNPO8mn3lc6bA1xek4lA7oXD [2452]

AlternateDataStreams: C:\Users\Wolfie\Cookies:fwKdHx6Yf2E11cn7tb6NztgQTtN [2314]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-1850599263-3589281596-2263528853-1001\...\sharepoint.com -> hxxps://vccsstudents-files.sharepoint.com

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2015-10-30 03:24 - 2016-05-02 23:20 - 000000944 ____N C:\WINDOWS\system32\Drivers\etc\hosts

127.0.0.1 activate.adobe.com

127.0.0.1 practivate.adobe.com

127.0.0.1 1459f4a279.pw

127.0.0.1 2f782a4fa1.pw

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1850599263-3589281596-2263528853-1001\Control Panel\Desktop\\Wallpaper ->

DNS Servers: 192.168.0.1

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)

Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

HKLM\...\StartupApproved\Run: => "Logitech Download Assistant"

HKLM\...\StartupApproved\Run: => "Cloud Xtender Tray"

HKLM\...\StartupApproved\Run32: => "Dropbox"

HKU\S-1-5-21-1850599263-3589281596-2263528853-1001\...\StartupApproved\Run: => "GarminExpressTrayApp"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [VIRT-REMOTEDESKTOP-In-TCP-NoScope] => (Allow) %systemroot%\system32\vmms.exe

FirewallRules: [VIRT-MIGL-In-TCP-NoScope] => (Allow) %systemroot%\system32\vmms.exe

FirewallRules: [{D2CBA3EB-861E-4D3B-8297-142C92D2DAA9}] => (Allow) H:\SteamLibrary\steamapps\common\H1Z1 King of the Kill\LaunchPad.exe

FirewallRules: [{623E227E-F100-4D1C-BA62-1A151AFD67F0}] => (Allow) H:\SteamLibrary\steamapps\common\H1Z1 King of the Kill\LaunchPad.exe

FirewallRules: [{8346E22C-97A3-4664-A9B1-64E56DB2E2EA}] => (Allow) S:\Steam\SteamApps\common\Cities_Skylines\Cities.exe

FirewallRules: [{716828F2-5D7A-442C-8122-534180BF4FD6}] => (Allow) S:\Steam\SteamApps\common\Cities_Skylines\Cities.exe

FirewallRules: [{435DF150-711C-4DB0-97F9-826397C88A8B}] => (Allow) S:\Steam\SteamApps\common\DeadRealm\DeadRealm.exe

FirewallRules: [{A3CF0311-722A-496E-B54E-7D5B98C17AD2}] => (Allow) S:\Steam\SteamApps\common\DeadRealm\DeadRealm.exe

FirewallRules: [{50E0345C-930B-4AB0-AA0B-47B3C5630E3D}] => (Allow) S:\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe

FirewallRules: [{2F28FB55-2563-46E0-A913-9BF720EA60C4}] => (Allow) S:\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe

FirewallRules: [{E7D10632-8081-47DF-ADEA-D3E1EE792713}] => (Allow) S:\Steam\Steam.exe

FirewallRules: [{CCFFDC85-C9CB-43BB-A057-AB4D11DC48FF}] => (Allow) S:\Steam\Steam.exe

FirewallRules: [{06CA6B0A-2BC7-4DAD-8B7F-FB3883ECC3DF}] => (Allow) S:\Steam\bin\cef\cef.win7\steamwebhelper.exe

FirewallRules: [{7A8C7C31-6C8F-4BBB-96AB-84E793806491}] => (Allow) S:\Steam\bin\cef\cef.win7\steamwebhelper.exe

FirewallRules: [{BB169840-2414-479F-8EB4-56A87B59A5F9}] => (Allow) S:\Steam\SteamApps\common\MurderMiners\Murder Miners.exe

FirewallRules: [{ABE47DB4-DFA3-4746-86CA-A28468391608}] => (Allow) S:\Steam\SteamApps\common\MurderMiners\Murder Miners.exe

FirewallRules: [{E20990A9-EC55-409A-AAEE-FF4C79CDF807}] => (Allow) S:\Steam\SteamApps\common\PinballArcade\PinballArcade.exe

FirewallRules: [{36335D16-B3E6-4B28-8FF1-C6145F60FD8B}] => (Allow) S:\Steam\SteamApps\common\PinballArcade\PinballArcade.exe

FirewallRules: [{64EB82BC-543C-4831-8870-2D140A31DA59}] => (Allow) S:\Steam\SteamApps\common\PinballArcade\PinballArcade11.exe

FirewallRules: [{0CD62F33-4E46-46F2-B35F-A234338E7A95}] => (Allow) S:\Steam\SteamApps\common\PinballArcade\PinballArcade11.exe

FirewallRules: [{C130CCCE-5227-40A4-9744-66A25C3168E1}] => (Allow) S:\Steam\SteamApps\common\PinballArcade\PBAConfig.exe

FirewallRules: [{4D163CFF-5A2C-4267-8EC2-43A87285A1CB}] => (Allow) S:\Steam\SteamApps\common\PinballArcade\PBAConfig.exe

FirewallRules: [{078BEF60-5F62-45A9-8972-D2473486066D}] => (Allow) S:\Steam\SteamApps\common\The Journey Down\JourneyDown1.exe

FirewallRules: [{535FB123-2613-4B45-B806-031DD7E9C0C5}] => (Allow) S:\Steam\SteamApps\common\The Journey Down\JourneyDown1.exe

FirewallRules: [TCP Query User{256EF1E1-5A61-4D11-866A-B0594249EAEB}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe

FirewallRules: [UDP Query User{B8414AA1-D5CA-42A4-8E32-9A70D6DA7FFA}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe

FirewallRules: [TCP Query User{3AFA21DA-26C6-470D-A4EA-30E6BF74C032}C:\program files\hp\hp officejet pro 8600\bin\hpnetworkcommunicator.exe] => (Allow) C:\program files\hp\hp officejet pro 8600\bin\hpnetworkcommunicator.exe

FirewallRules: [UDP Query User{DB7CC961-20E0-4769-BE13-7EE7DAB830FB}C:\program files\hp\hp officejet pro 8600\bin\hpnetworkcommunicator.exe] => (Allow) C:\program files\hp\hp officejet pro 8600\bin\hpnetworkcommunicator.exe

FirewallRules: [{8010339A-6F3C-4BA4-BE30-1681F674B7B9}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe

FirewallRules: [{902621EF-2EE0-4EDE-BF6F-3416C2C565C1}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe

FirewallRules: [{9BD98ED4-3397-4DDA-9404-086DB62B876B}] => (Allow) S:\Steam\SteamApps\common\STAR WARS X-Wing vs TIE Fighter\xwingtie.exe

FirewallRules: [{C7F75241-2902-4744-B808-323FA46CC091}] => (Allow) S:\Steam\SteamApps\common\STAR WARS X-Wing vs TIE Fighter\xwingtie.exe

FirewallRules: [{D54D329A-E375-4BEA-AEE3-A8D6253FB5F6}] => (Allow) S:\Steam\SteamApps\common\Jedi Knight Mysteries of the Sith\JKM.EXE

FirewallRules: [{969BEEC5-F5F0-4F5A-9767-CBEC582F8933}] => (Allow) S:\Steam\SteamApps\common\Jedi Knight Mysteries of the Sith\JKM.EXE

FirewallRules: [{A7119A0B-13CE-41E9-8223-30A11418B9EE}] => (Allow) S:\Steam\SteamApps\common\Star Wars Jedi Knight\JK.EXE

FirewallRules: [{B0E72CC1-3DF5-4326-934E-78A8BD7A7828}] => (Allow) S:\Steam\SteamApps\common\Star Wars Jedi Knight\JK.EXE

FirewallRules: [{37C6434E-75C9-4B36-9DD2-B8C12B5DDF71}] => (Allow) H:\SteamLibrary\steamapps\common\H1Z1\LaunchPad.exe

FirewallRules: [{50A417D7-D53A-4BC8-B4C9-FEDF89744C7F}] => (Allow) H:\SteamLibrary\steamapps\common\H1Z1\LaunchPad.exe

FirewallRules: [{80B87492-B012-4BA1-BFCF-36FA61BC1393}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe

FirewallRules: [{C887E347-B8AA-49C3-BBC4-B66811A65CC0}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe

FirewallRules: [{CE46D086-4788-47E7-9334-CE5B9387B2EF}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe

FirewallRules: [{99B57B45-2C7F-45D5-A554-DEC55C97D396}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe

FirewallRules: [{066D3AA0-46CA-46C5-BD47-2F4803C28F25}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe

FirewallRules: [TCP Query User{61C21DB1-927C-459F-A119-CA0463C8ADEA}C:\program files (x86)\google\chrome\application\chrome.exe] => (Allow) C:\program files (x86)\google\chrome\application\chrome.exe

FirewallRules: [UDP Query User{43DABBCA-D49D-4A45-9E8E-D97EFC8EFA02}C:\program files (x86)\google\chrome\application\chrome.exe] => (Allow) C:\program files (x86)\google\chrome\application\chrome.exe

FirewallRules: [TCP Query User{C48DE4B5-D0FB-43F7-8F3D-11FF1F60A005}C:\program files\hp\hp officejet pro 8600\bin\hpnetworkcommunicator.exe] => (Allow) C:\program files\hp\hp officejet pro 8600\bin\hpnetworkcommunicator.exe

FirewallRules: [UDP Query User{4B8A21D8-8F1B-4EDF-99BE-81388F033012}C:\program files\hp\hp officejet pro 8600\bin\hpnetworkcommunicator.exe] => (Allow) C:\program files\hp\hp officejet pro 8600\bin\hpnetworkcommunicator.exe

FirewallRules: [{597852B4-6326-4CC6-89E1-587516EA94E4}] => (Allow) S:\Steam\SteamApps\common\Half-Life\hl.exe

FirewallRules: [{7A0AB6E8-2A5D-4229-9982-BDCBB0C53156}] => (Allow) S:\Steam\SteamApps\common\Half-Life\hl.exe

FirewallRules: [{00F41F5D-F42C-4BC3-A378-5097B87D12B1}] => (Allow) S:\Steam\SteamApps\common\Tropico 3\Tropico3.exe

FirewallRules: [{D9443748-E815-4F95-8D8A-A4F18828636C}] => (Allow) S:\Steam\SteamApps\common\Tropico 3\Tropico3.exe

FirewallRules: [{6403354D-6E4F-46A8-B005-896C3176CD87}] => (Allow) S:\Steam\SteamApps\common\FaceRig\Bin\Launcher.exe

FirewallRules: [{BF00BB56-DBA1-4F5E-AC1F-3F3AAB45B9C2}] => (Allow) S:\Steam\SteamApps\common\FaceRig\Bin\Launcher.exe

FirewallRules: [{77BEE1C5-3894-483E-8794-B387A8CA26AC}] => (Allow) S:\Steam\SteamApps\common\FaceRig\Bin\FaceRig.exe

FirewallRules: [{7B32034C-4D88-48E8-864C-14F05B67CA30}] => (Allow) S:\Steam\SteamApps\common\FaceRig\Bin\FaceRig.exe

FirewallRules: [{088AEF8F-B6E5-4179-963A-7C96EC5EF84E}] => (Allow) H:\SteamLibrary\steamapps\common\H1Z1 Test\LaunchPad.exe

FirewallRules: [{7AC0A5F3-3876-4F92-9CC4-12F7B9C53AE6}] => (Allow) H:\SteamLibrary\steamapps\common\H1Z1 Test\LaunchPad.exe

FirewallRules: [{A62AA847-D5C9-4A59-970A-0F61C85ACA84}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe

FirewallRules: [{93154873-3BB3-460B-9335-E156659EE0D2}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe

FirewallRules: [{4A30BA90-EDD0-4C66-8E70-FB8C816B6F39}] => (Allow) S:\Steam\SteamApps\common\Zombie Solitaire\Zombie Solitaire.exe

FirewallRules: [{5A8400BD-6694-4D1D-B6F9-2EB385C52F9B}] => (Allow) S:\Steam\SteamApps\common\Zombie Solitaire\Zombie Solitaire.exe

FirewallRules: [{47156753-8B94-43E4-9877-B6599C4A5E1A}] => (Allow) S:\Steam\SteamApps\common\dont_starve\bin\dontstarve_steam.exe

FirewallRules: [{44286A8A-DF85-4CFA-B313-062ED5E5CF90}] => (Allow) S:\Steam\SteamApps\common\dont_starve\bin\dontstarve_steam.exe

FirewallRules: [{934E361F-01ED-4103-A7DF-8795E4B2B664}] => (Allow) S:\Steam\SteamApps\common\Star Wars Jedi Knight\JediKnight.EXE

FirewallRules: [{91B859CD-E614-4E19-A974-55DFE14B94AD}] => (Allow) S:\Steam\SteamApps\common\Star Wars Jedi Knight\JediKnight.EXE

FirewallRules: [{2ED4774F-EE9D-4535-8F9B-5F55A1F49FAD}] => (Allow) S:\Steam\SteamApps\common\Jedi Knight Mysteries of the Sith\JediKnightM.EXE

FirewallRules: [{3E458DFF-CEFD-460B-A864-52F8512054AD}] => (Allow) S:\Steam\SteamApps\common\Jedi Knight Mysteries of the Sith\JediKnightM.EXE

FirewallRules: [{6D90D036-C030-49F7-85E7-1C887921C03C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe

FirewallRules: [{B6947ECF-1D0E-47E0-A15A-80E2E15B0B52}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe

FirewallRules: [{D46BC138-A638-4FFC-90FB-CBE04636A052}] => (Allow) S:\Steam\SteamApps\common\Pinball FX2\Pinball FX2.exe

FirewallRules: [{470A2BA6-D3D5-47BC-84CA-72091B0A57F9}] => (Allow) S:\Steam\SteamApps\common\Pinball FX2\Pinball FX2.exe

FirewallRules: [{A3CB2F5D-8F1D-4CDD-B7EE-39AB3E92A06C}] => (Allow) S:\Steam\SteamApps\common\Anarchy Arcade\frontend\bin\arcade_launcher.exe

FirewallRules: [{707D444B-A8A5-46D4-B1AF-897A9DE3341D}] => (Allow) S:\Steam\SteamApps\common\Anarchy Arcade\frontend\bin\arcade_launcher.exe

FirewallRules: [{D5A9E26C-6B71-4750-B036-206571C20141}] => (Allow) S:\Steam\SteamApps\common\rocketleague\Binaries\Win32\RocketLeague.exe

FirewallRules: [{ABE9E016-5CE5-427D-9B55-0FB492A414AE}] => (Allow) S:\Steam\SteamApps\common\rocketleague\Binaries\Win32\RocketLeague.exe

FirewallRules: [{7939A241-A95A-495A-89FE-640CB6E27D73}] => (Allow) S:\Steam\SteamApps\common\SS2\SS2.exe

FirewallRules: [{88590554-E686-462D-A857-7C658CC1E3BE}] => (Allow) S:\Steam\SteamApps\common\SS2\SS2.exe

FirewallRules: [{EA060D98-A2B8-4043-BCC8-156647C8BC68}] => (Allow) S:\Steam\SteamApps\common\Dark Fall Lost Souls\DarkFallLostSouls.exe

FirewallRules: [{4D7BFC11-4A3B-4518-9EC9-5D5391A936AC}] => (Allow) S:\Steam\SteamApps\common\Dark Fall Lost Souls\DarkFallLostSouls.exe

FirewallRules: [TCP Query User{61F43810-1D91-4A6C-B660-81E40EB9C89C}H:\steamlibrary\steamapps\common\h1z1\h1z1.exe] => (Allow) H:\steamlibrary\steamapps\common\h1z1\h1z1.exe

FirewallRules: [UDP Query User{163CCA82-74A9-4EE7-A38A-C3A90DE3C146}H:\steamlibrary\steamapps\common\h1z1\h1z1.exe] => (Allow) H:\steamlibrary\steamapps\common\h1z1\h1z1.exe

FirewallRules: [TCP Query User{3C446A38-03A7-4E16-8414-B4290EF6AFE0}C:\program files (x86)\livestreamer\livestreamer.exe] => (Allow) C:\program files (x86)\livestreamer\livestreamer.exe

FirewallRules: [UDP Query User{98A653AF-0411-46D1-BE07-6705078A5657}C:\program files (x86)\livestreamer\livestreamer.exe] => (Allow) C:\program files (x86)\livestreamer\livestreamer.exe

FirewallRules: [TCP Query User{5D35EC4E-C99C-490D-AC9F-5D308428CE58}C:\program files\hp\hp officejet pro 8600\bin\hpnetworkcommunicatorcom.exe] => (Allow) C:\program files\hp\hp officejet pro 8600\bin\hpnetworkcommunicatorcom.exe

FirewallRules: [UDP Query User{C332D9EC-1A28-4F03-A03D-FDDBAB2EDF81}C:\program files\hp\hp officejet pro 8600\bin\hpnetworkcommunicatorcom.exe] => (Allow) C:\program files\hp\hp officejet pro 8600\bin\hpnetworkcommunicatorcom.exe

FirewallRules: [TCP Query User{121A863B-B20B-4D63-9DE3-19A31AB12D3F}H:\steamlibrary\steamapps\common\h1z1 test\h1z1.exe] => (Allow) H:\steamlibrary\steamapps\common\h1z1 test\h1z1.exe

FirewallRules: [UDP Query User{E08AF868-CBDA-4DD1-93AA-9C21BE006C2D}H:\steamlibrary\steamapps\common\h1z1 test\h1z1.exe] => (Allow) H:\steamlibrary\steamapps\common\h1z1 test\h1z1.exe

FirewallRules: [{467A73A3-B70B-40E7-990B-C36A0E491D41}] => (Allow) S:\Steam\SteamApps\common\Game Character Hub\GameCharacterHub.exe

FirewallRules: [{98450F4F-DF4A-41A4-ABC7-E6806E7CE966}] => (Allow) S:\Steam\SteamApps\common\Game Character Hub\GameCharacterHub.exe

FirewallRules: [TCP Query User{78F95106-81E0-4C9B-B6E8-E21B5AF36952}C:\program files\java\jre1.8.0_144\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_144\bin\javaw.exe

FirewallRules: [UDP Query User{55808619-1363-4A5F-8EEC-00ED1256BF99}C:\program files\java\jre1.8.0_144\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_144\bin\javaw.exe

FirewallRules: [TCP Query User{0DE8D043-FC4D-4872-A711-63C19B6DF58A}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe

FirewallRules: [UDP Query User{D26A770C-CB6E-4C78-9DB0-58BBE1C5856D}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe

FirewallRules: [{0320EA2B-CBCB-44A3-9724-3ECEB06AE43C}] => (Allow) S:\Steam\SteamApps\common\PAC-MAN\PAC-MAN.exe

FirewallRules: [{D87E542A-B513-46C0-B9F1-6ABFBA8B4AE0}] => (Allow) S:\Steam\SteamApps\common\PAC-MAN\PAC-MAN.exe

FirewallRules: [{51B307C6-8437-49CD-A5D8-7C28E9523795}] => (Allow) S:\Steam\SteamApps\common\DIG DUG\DIG DUG.exe

FirewallRules: [{BBB11654-335E-4B4E-AC28-D4C1A4094E93}] => (Allow) S:\Steam\SteamApps\common\DIG DUG\DIG DUG.exe

FirewallRules: [{039D1E0E-9BA3-4ED5-9B89-FC3012519E88}] => (Allow) S:\Steam\SteamApps\common\Ms. PAC-MAN\Ms. PAC-MAN.exe

FirewallRules: [{F6198765-DCC0-4E48-87A3-CF4AC884C491}] => (Allow) S:\Steam\SteamApps\common\Ms. PAC-MAN\Ms. PAC-MAN.exe

FirewallRules: [{3570EE56-A76E-4AE0-92F5-340B490EAC94}] => (Allow) S:\Steam\SteamApps\common\ToySoldiersWarChest\Game.exe

FirewallRules: [{608025CB-AF65-40A9-904B-51AD561BDA94}] => (Allow) S:\Steam\SteamApps\common\ToySoldiersWarChest\Game.exe

FirewallRules: [{7B532966-E5FC-4016-AD2F-94B2D95F4446}] => (Allow) S:\Steam\SteamApps\common\GALAGA\GALAGA.exe

FirewallRules: [{AFD79AF1-D557-402B-9530-2DC1A2F51805}] => (Allow) S:\Steam\SteamApps\common\GALAGA\GALAGA.exe

FirewallRules: [{02DF2CCD-CDCE-40B6-AEF0-9DF714A587E3}] => (Allow) S:\Steam\SteamApps\common\King's Quest\Binaries\Win\KingsQuest.exe

FirewallRules: [{F63EE0BC-8725-46DC-887D-C4099F8C7F65}] => (Allow) S:\Steam\SteamApps\common\King's Quest\Binaries\Win\KingsQuest.exe

FirewallRules: [{B31F00E9-354E-4044-BDFD-DFBCFABCA4E4}] => (Allow) S:\Steam\SteamApps\common\Lara Croft and the Temple of Osiris\LC2.exe

FirewallRules: [{34630893-82D2-4D85-A325-0314318B8126}] => (Allow) S:\Steam\SteamApps\common\Lara Croft and the Temple of Osiris\LC2.exe

FirewallRules: [{8380408B-E045-44A4-9105-98F2E428F035}] => (Allow) S:\Steam\SteamApps\common\CostumeQuest2\CostumeQuest2.exe

FirewallRules: [{1B3E2E9E-7E22-4790-A473-A4915B6AC052}] => (Allow) S:\Steam\SteamApps\common\CostumeQuest2\CostumeQuest2.exe

FirewallRules: [{6EACF5D0-D31B-45EC-B454-CC0E3A07E4D3}] => (Allow) S:\Steam\SteamApps\common\CostumeQuest2\CostumeQuest2_DX9.exe

FirewallRules: [{A68DF861-F44F-41CE-9E32-C025897C26AF}] => (Allow) S:\Steam\SteamApps\common\CostumeQuest2\CostumeQuest2_DX9.exe

FirewallRules: [{60C9E205-BF7B-4819-B11A-ABED1D4D1652}] => (Allow) S:\Steam\SteamApps\common\The Mighty Quest For Epic Loot\Launcher\PublicLauncher.exe

FirewallRules: [{A0BB492D-E263-483D-A5B3-E8FC0675EDF0}] => (Allow) S:\Steam\SteamApps\common\The Mighty Quest For Epic Loot\Launcher\PublicLauncher.exe

FirewallRules: [{480E87B4-A33A-48C0-A4D3-889CC7E4D84B}] => (Allow) S:\Steam\SteamApps\common\The Mighty Quest For Epic Loot\Launcher\MQELDiagnostics.exe

FirewallRules: [{DF00F68A-B6B9-434D-AB41-A2CC7E42D3C6}] => (Allow) S:\Steam\SteamApps\common\The Mighty Quest For Epic Loot\Launcher\MQELDiagnostics.exe

FirewallRules: [{2F6C3BF4-736D-4EF5-A6E1-56141592ABC2}] => (Allow) S:\Steam\SteamApps\common\MagickaWizardWars\WizardWarsLauncher.exe

FirewallRules: [{38C732F6-02A4-40EE-8B71-1454CE2A09FB}] => (Allow) S:\Steam\SteamApps\common\MagickaWizardWars\WizardWarsLauncher.exe

FirewallRules: [{1B801BDB-9DC5-4BBC-8BD0-BB47ACA107D8}] => (Allow) S:\Steam\SteamApps\common\nosgoth\NosgothLauncher.exe

FirewallRules: [{D9D2721B-F0BF-44AA-B2BE-D82A6B68C65E}] => (Allow) S:\Steam\SteamApps\common\nosgoth\NosgothLauncher.exe

FirewallRules: [{28D79E7C-EFA7-440C-A97B-40128555667A}] => (Allow) S:\Steam\SteamApps\common\Sega Classics\SEGAGameRoom.exe

FirewallRules: [{182932BE-E082-4522-9CA6-8AD46C615F5D}] => (Allow) S:\Steam\SteamApps\common\Sega Classics\SEGAGameRoom.exe

FirewallRules: [{AF35B8F7-7F8C-4F14-8600-B0D22F189653}] => (Allow) S:\Steam\SteamApps\common\Sega Classics\SEGAGenesisClassics.exe

FirewallRules: [{1A05CC15-5EB0-4B01-9A1F-4D9E160CC399}] => (Allow) S:\Steam\SteamApps\common\Sega Classics\SEGAGenesisClassics.exe

FirewallRules: [TCP Query User{9D10C785-E2E8-4CC0-9268-7E6DF398755A}C:\program files (x86)\streamingstar\hidownload_platinum\flvfilter.exe] => (Allow) C:\program files (x86)\streamingstar\hidownload_platinum\flvfilter.exe

FirewallRules: [UDP Query User{0190364A-051D-4288-8FBE-54FCD842C043}C:\program files (x86)\streamingstar\hidownload_platinum\flvfilter.exe] => (Allow) C:\program files (x86)\streamingstar\hidownload_platinum\flvfilter.exe

FirewallRules: [TCP Query User{9A60E6C1-3DFB-4722-A7FF-AEBD9008E999}H:\steamlibrary\steamapps\common\h1z1 king of the kill\h1z1.exe] => (Allow) H:\steamlibrary\steamapps\common\h1z1 king of the kill\h1z1.exe

FirewallRules: [UDP Query User{B966DE7F-F4AF-452F-A534-0E4B7DC3F1DE}H:\steamlibrary\steamapps\common\h1z1 king of the kill\h1z1.exe] => (Allow) H:\steamlibrary\steamapps\common\h1z1 king of the kill\h1z1.exe

FirewallRules: [{0ADC538B-157B-4F77-994F-5F0484FEEEE5}] => (Allow) S:\Steam\SteamApps\common\PAYDAY The Heist\payday_win32_release.exe

FirewallRules: [{A1377DAA-5B86-417B-97A4-60C5BEE53530}] => (Allow) S:\Steam\SteamApps\common\PAYDAY The Heist\payday_win32_release.exe

FirewallRules: [{E6470E23-E47B-4FD8-8D83-44C872708292}] => (Allow) S:\Steam\SteamApps\common\LEGO Batman 3 Beyond Gotham\LEGOBatman3.exe

FirewallRules: [{F37789E0-88E3-42E4-9461-82AADDF68F59}] => (Allow) S:\Steam\SteamApps\common\LEGO Batman 3 Beyond Gotham\LEGOBatman3.exe

FirewallRules: [{69C09D27-4E27-4682-A27C-DFB419F0F11D}] => (Allow) S:\Steam\SteamApps\common\Spiral Knights\java_vm\bin\javaw.exe

FirewallRules: [{A9124E7E-0B3D-4AAE-BBAB-31F2D57DFD86}] => (Allow) S:\Steam\SteamApps\common\Spiral Knights\java_vm\bin\javaw.exe

FirewallRules: [{EB8A2928-E000-492E-9A73-3BE72681A6E5}] => (Allow) S:\Steam\SteamApps\common\dont_starve\bin\dontstarve_steam.exe

FirewallRules: [{72291486-213A-41F5-827E-15EC4C097839}] => (Allow) S:\Steam\SteamApps\common\dont_starve\bin\dontstarve_steam.exe

FirewallRules: [{E80957BB-8EB4-4A92-8A45-94E1473EA1F3}] => (Allow) S:\Steam\SteamApps\common\KillingFloor\System\KillingFloor.exe

FirewallRules: [{4D4334AE-A497-4798-BAA1-711617DEE374}] => (Allow) S:\Steam\SteamApps\common\KillingFloor\System\KillingFloor.exe

FirewallRules: [{7E491BF4-83DE-4C4D-9EFF-5E533E28CD46}] => (Allow) S:\Steam\SteamApps\common\Quake\Winquake.exe

FirewallRules: [{5B18CC02-0A0A-48EB-AAF7-4743F33BDECA}] => (Allow) S:\Steam\SteamApps\common\Quake\Winquake.exe

FirewallRules: [{C788747C-5F1A-49BE-B914-5A9F6E0A013B}] => (Allow) S:\Steam\SteamApps\common\Quake\qwcl.exe

FirewallRules: [{AE3B7FF6-4731-48AC-AB35-D356A9093D2B}] => (Allow) S:\Steam\SteamApps\common\Quake\qwcl.exe

FirewallRules: [{0DD32DD4-0B35-4FA6-ACB4-24800DB7618F}] => (Allow) S:\Steam\SteamApps\common\Quake\Glquake.exe

FirewallRules: [{EE54796B-A6D1-4753-8942-2B19FF73F829}] => (Allow) S:\Steam\SteamApps\common\Quake\Glquake.exe

FirewallRules: [{C7C595DA-0C9E-4C95-A42F-E1C6985F5277}] => (Allow) S:\Steam\SteamApps\common\Quake\glqwcl.exe

FirewallRules: [{5D9E25E4-0F03-40C0-9E02-AA44544E7C6D}] => (Allow) S:\Steam\SteamApps\common\Quake\glqwcl.exe

FirewallRules: [{A99BC75F-A962-44E9-B4AE-5E9B88501E09}] => (Allow) S:\Steam\SteamApps\common\Penguins Arena\PenguinsArena.exe

FirewallRules: [{53910400-D54F-4154-BBD0-B0265F5D303D}] => (Allow) S:\Steam\SteamApps\common\Penguins Arena\PenguinsArena.exe

FirewallRules: [{84C3D193-759F-4518-BDF1-50BBFCAF03EA}] => (Allow) S:\Steam\SteamApps\common\Worms Reloaded\WormsReloaded.exe

FirewallRules: [{4FD9F1AA-9A0C-418E-89A9-73F5D97634CA}] => (Allow) S:\Steam\SteamApps\common\Worms Reloaded\WormsReloaded.exe

FirewallRules: [{80F729AD-AA0A-484A-B67B-48546A68F061}] => (Allow) S:\Steam\SteamApps\common\WormsXHD\Launcher.exe

FirewallRules: [{5F0B415A-D69D-47D0-8A6D-116B37A10016}] => (Allow) S:\Steam\SteamApps\common\WormsXHD\Launcher.exe

FirewallRules: [{5FFD9663-6CD0-48F5-A47F-BCD3217EFDA8}] => (Allow) S:\Steam\SteamApps\common\WormsGolf2010\WormsCrazyGolf.exe

FirewallRules: [{D04194B5-C6A3-4A5F-A4A4-CBB8BAAD75EE}] => (Allow) S:\Steam\SteamApps\common\WormsGolf2010\WormsCrazyGolf.exe

FirewallRules: [{57705B7A-A647-4184-B845-5EFDA9B7C16C}] => (Allow) S:\Steam\SteamApps\common\ibbandobb\ibbobb.exe

FirewallRules: [{9A892529-0C0A-4DFF-B696-9F1AB120E645}] => (Allow) S:\Steam\SteamApps\common\ibbandobb\ibbobb.exe

FirewallRules: [{EF8B53BE-7A7C-4ADD-A0C0-85D62CCF15B8}] => (Allow) S:\Steam\SteamApps\common\MDK 2 HD\mdk2hd.exe

FirewallRules: [{0C505160-3F3D-4C97-85D5-953E3DC4D67C}] => (Allow) S:\Steam\SteamApps\common\MDK 2 HD\mdk2hd.exe

FirewallRules: [{32153F6B-8B0B-408F-AE95-87FBFBD1A4F0}] => (Allow) S:\Steam\SteamApps\common\Super Hexagon\superhexagon.exe

FirewallRules: [{BD50D9D8-BE73-49AC-8A28-434F65272D74}] => (Allow) S:\Steam\SteamApps\common\Super Hexagon\superhexagon.exe

FirewallRules: [{FA04063E-36DD-4DD9-8C9B-3035C9ECAF8B}] => (Allow) S:\Steam\SteamApps\common\Tomb Raider (I)\dosbox.exe

FirewallRules: [{AA57171E-3CB5-4C41-89A9-80ABC2E80FCE}] => (Allow) S:\Steam\SteamApps\common\Tomb Raider (I)\dosbox.exe

FirewallRules: [{45C2BF4D-46A3-45A9-856C-94FBBEFEEF0A}] => (Allow) S:\Steam\SteamApps\common\Weird Worlds\weirdworlds.exe

FirewallRules: [{DBE1AF31-F670-49FB-9CAD-F1F6B01B8FA6}] => (Allow) S:\Steam\SteamApps\common\Weird Worlds\weirdworlds.exe

FirewallRules: [{929E7C19-17FB-44C4-A65F-8146A4B0B0DE}] => (Allow) S:\Steam\SteamApps\common\911 First Responders\Em4.exe

FirewallRules: [{F627AB39-A3C7-47DA-AD47-9B83B324EFBD}] => (Allow) S:\Steam\SteamApps\common\911 First Responders\Em4.exe

FirewallRules: [{35F7B18D-CCAC-466E-A00D-97D7511947D4}] => (Allow) S:\Steam\SteamApps\common\3DMark\3DMarkLauncher.exe

FirewallRules: [{D918AED3-A4F9-49EE-A63B-C6AC0A6F2D45}] => (Allow) S:\Steam\SteamApps\common\3DMark\3DMarkLauncher.exe

FirewallRules: [{CD5C10FC-7BF6-483D-9262-928E9E88FAEF}] => (Allow) S:\Steam\SteamApps\common\3DMark\bin\x86\3DMark.exe

FirewallRules: [{73760B5A-2D22-42BF-A707-4736F290BE76}] => (Allow) S:\Steam\SteamApps\common\3DMark\bin\x86\3DMark.exe

FirewallRules: [{3010B40C-A95F-4557-AD68-3FDFF92D1D80}] => (Allow) S:\Steam\SteamApps\common\3DMark\bin\x64\3DMark.exe

FirewallRules: [{190AA24D-6E82-4321-B341-9C867B74523D}] => (Allow) S:\Steam\SteamApps\common\3DMark\bin\x64\3DMark.exe

FirewallRules: [{B1E8A57C-0385-462D-8BD8-00831A01F652}] => (Allow) S:\Steam\SteamApps\common\Emergency 2014\bin.x86\em2014.exe

FirewallRules: [{1554A7F8-8C36-418F-8896-9F5B88DAEE6F}] => (Allow) S:\Steam\SteamApps\common\Emergency 2014\bin.x86\em2014.exe

FirewallRules: [{9795A3D7-BDD1-4C33-A257-937D5F347C57}] => (Allow) S:\Steam\SteamApps\common\Game Guru\GameGuru.exe

FirewallRules: [{955703E7-8FB0-44FB-828B-4A612370FD64}] => (Allow) S:\Steam\SteamApps\common\Game Guru\GameGuru.exe

FirewallRules: [{5229662A-318E-4B00-983A-A86D1D1F791D}] => (Allow) S:\Steam\SteamApps\common\Mad Games Tycoon\MadGamesTycoon.exe

FirewallRules: [{E80579C8-6913-4C55-9DC0-A2D8B4C94905}] => (Allow) S:\Steam\SteamApps\common\Mad Games Tycoon\MadGamesTycoon.exe

FirewallRules: [{2652FC61-59FE-4D55-87F5-8F6DFEC2CB36}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe

FirewallRules: [{82B5E7CB-F07F-4F7C-8123-2899B6FB46AD}] => (Allow) H:\SteamLibrary\steamapps\common\H1Z1 King of the Kill\H1Z1_BE.exe

FirewallRules: [{33DC6155-DA55-4F23-A7AA-F9ECB8EF01EE}] => (Allow) H:\SteamLibrary\steamapps\common\H1Z1 King of the Kill\H1Z1_BE.exe

FirewallRules: [{FD2BFA33-E481-41ED-9A71-1368BB979742}] => (Allow) S:\Steam\SteamApps\common\Tracks - The Train Set Game\TrainSet.exe

FirewallRules: [{EA80837F-3C19-4A03-986A-14672854B93D}] => (Allow) S:\Steam\SteamApps\common\Tracks - The Train Set Game\TrainSet.exe

FirewallRules: [TCP Query User{F1FD3202-BF57-4CD1-8F54-99633E642849}S:\steam\steamapps\common\tracks - the train set game\trainset\binaries\win64\trainset.exe] => (Allow) S:\steam\steamapps\common\tracks - the train set game\trainset\binaries\win64\trainset.exe

FirewallRules: [UDP Query User{C41F3B3D-6133-4686-A026-CEE511FD9040}S:\steam\steamapps\common\tracks - the train set game\trainset\binaries\win64\trainset.exe] => (Allow) S:\steam\steamapps\common\tracks - the train set game\trainset\binaries\win64\trainset.exe

FirewallRules: [{F4CB5A83-B176-44D4-A251-D9036043221F}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe

FirewallRules: [{4905494B-F681-42CA-A544-9A1BCA3FC6E7}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe

FirewallRules: [{6D28C592-3B38-4ABB-88DC-12B4B267776B}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe

FirewallRules: [{A28CFC54-4DBE-46BD-8B85-932567CB6EA8}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe

FirewallRules: [{6F817699-587A-4675-9A13-48DB525E07D9}] => (Allow) C:\Program Files (x86)\GameSessions\Cities In Motion\DataTools\DLM.exe

FirewallRules: [{11DB5119-6540-433F-8723-04A763F84EFF}] => (Allow) C:\Program Files\Tangentix\Runtime\x64\GSLauncher.exe

FirewallRules: [{8256D2A3-4DC8-463B-8524-171F6840F201}] => (Allow) C:\Program Files\Tangentix\Runtime\x86\GSLauncher.exe

FirewallRules: [{2C024803-4DD4-4E08-AAC9-D19F96D5FE9A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe

FirewallRules: [{250D933F-BAAA-46F0-98BD-7694F04396B8}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe

FirewallRules: [{5B960A12-8DA0-46A4-8EAC-86E6A6EBA029}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe

FirewallRules: [{64CB80C3-483A-4156-837F-82B12AE73397}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe

FirewallRules: [{A3D1C352-4975-4BF8-87A2-6C0B6603D2D8}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe

FirewallRules: [{A11CF7BC-A7A4-469A-88C3-E6F454B17116}] => (Allow) S:\Steam\SteamApps\common\Dark Forces\DosBox\dosbox.exe

FirewallRules: [{42BA7968-F48E-4B3C-A760-9027F7167981}] => (Allow) S:\Steam\SteamApps\common\Dark Forces\DosBox\dosbox.exe

FirewallRules: [{FB79B9A3-866F-4B66-82A6-299A7AFBFD15}] => (Allow) S:\Steam\SteamApps\common\rocketleague\Binaries\Win32\RocketLeague.exe

FirewallRules: [{92B5FAE8-00E0-415C-9465-66D22245778B}] => (Allow) S:\Steam\SteamApps\common\rocketleague\Binaries\Win32\RocketLeague.exe

FirewallRules: [{08670411-0244-4CDD-925F-F7AC15143768}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

FirewallRules: [{455C3A99-B9C3-4908-A9F5-4286BFEEA12B}] => (Allow) S:\Steam\SteamApps\common\Anarchy Arcade\frontend\bin\arcade_launcher.exe

FirewallRules: [{7760EDE0-3D43-468B-A6EE-DE22B6CC5CF6}] => (Allow) S:\Steam\SteamApps\common\Anarchy Arcade\frontend\bin\arcade_launcher.exe

==================== Restore Points =========================

08-03-2018 04:15:21 Andy OS

15-03-2018 14:36:54 Windows Update

24-03-2018 17:49:46 Windows Update

==================== Faulty Device Manager Devices =============

==================== Event log errors: =========================

Application errors:

==================

Error: (03/28/2018 09:41:19 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: Faulting application name: MicrosoftEdgeCP.exe, version: 11.0.15063.674, time stamp: 0x59cdf479

Faulting module name: msvcrt.dll, version: 7.0.15063.0, time stamp: 0x3280d1b7

Exception code: 0xc00000fd

Fault offset: 0x0000000000055063

Faulting process id: 0xd4ac

Faulting application start time: 0x01d3c499686aa889

Faulting application path: C:\WINDOWS\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe

Faulting module path: C:\WINDOWS\System32\msvcrt.dll

Report Id: 2fb6175b-cd49-4b83-b045-fb0b5a133155

Faulting package full name: Microsoft.MicrosoftEdge_40.15063.674.0_neutral__8wekyb3d8bbwe

Faulting package-relative application ID: ContentProcess

Error: (03/28/2018 10:41:22 AM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )

Description: Event-ID 0

Error: (03/28/2018 02:29:40 AM) (Source: ESENT) (EventID: 104) (User: )

Description: qmgr.dll (2788) QmgrDatabaseInstance: The database engine stopped the instance (0) with error (-1090).

Internal Timing Sequence:

[1] 0.000002 +J(0)

[2] 0.000009 +J(0) +M(C:0K, Fs:1, WS:4K # 0K, PF:0K # 0K, P:0K)

[3] 0.000001 +J(0)

[4] 0.000004 +J(0) +M(C:0K, Fs:2, WS:8K # 0K, PF:0K # 0K, P:0K)

[5] 0.0 +J(0)

[6] 0.000370 +J(0) +M(C:0K, Fs:4, WS:-48K # 0K, PF:-64K # 0K, P:-64K)

[7] -

[8] 0.000007 +J(0) +M(C:0K, Fs:3, WS:12K # 0K, PF:0K # 0K, P:0K)

[9] 0.002073 +J(0) +M(C:0K, Fs:12, WS:8K # 0K, PF:-56K # 0K, P:-56K)

[10] -

[11] 0.000006 +J(0) +M(C:0K, Fs:2, WS:8K # 0K, PF:0K # 0K, P:0K)

[12] -

[13] 0.000027 +J(0) +M(C:0K, Fs:17, WS:64K # 0K, PF:-4K # 0K, P:-4K)

[14] 0.000283 +J(0) +M(C:0K, Fs:0, WS:-16K # 0K, PF:-20K # 0K, P:-20K)

[15] 0.000006 +J(0) +M(C:0K, Fs:0, WS:-12K # 0K, PF:-12K # 0K, P:-12K)

[16] 0.000005 +J(0) +M(C:0K, Fs:1, WS:0K # 0K, PF:-4K # 0K, P:-4K).

Error: (03/28/2018 02:29:40 AM) (Source: ESENT) (EventID: 471) (User: )

Description: qmgr.dll (2788) QmgrDatabaseInstance: Unable to rollback operation #4225 on database C:\ProgramData\Microsoft\Network\Downloader\qmgr.db. Error: -510. All future database updates will be rejected.

Error: (03/28/2018 02:29:40 AM) (Source: ESENT) (EventID: 492) (User: )

Description: qmgr.dll (2788) QmgrDatabaseInstance: The logfile sequence in "C:\ProgramData\Microsoft\Network\Downloader\" has been halted due to a fatal error. No further updates are possible for the databases that use this logfile sequence. Please correct the problem and restart or restore from backup.

Error: (03/28/2018 02:29:40 AM) (Source: ESENT) (EventID: 413) (User: )

Description: qmgr.dll (2788) QmgrDatabaseInstance: Unable to create a new logfile because the database cannot write to the log drive. The drive may be read-only, out of disk space, misconfigured, or corrupted. Error -1032.

Error: (03/28/2018 02:29:40 AM) (Source: ESENT) (EventID: 486) (User: )

Description: qmgr.dll (2788) QmgrDatabaseInstance: An attempt to move the file "C:\ProgramData\Microsoft\Network\Downloader\edb.log" to "C:\ProgramData\Microsoft\Network\Downloader\edb00007.log" failed with system error 5 (0x00000005): "Access is denied. ". The move file operation will fail with error -1032 (0xfffffbf8).

Error: (03/28/2018 02:12:10 AM) (Source: Application Error) (EventID: 1000) (User: )

Description: Faulting application name: esu.exe, version: 1.0.0.0, time stamp: 0x58dac8d5

Faulting module name: KERNELBASE.dll, version: 10.0.15063.726, time stamp: 0x32774c02

Exception code: 0xe0434352

Fault offset: 0x000ecbb2

Faulting process id: 0x3bd4

Faulting application start time: 0x01d3c65bb47abe6f

Faulting application path: C:\Program Files (x86)\Garmin\Express SelfUpdater\esu.exe

Faulting module path: C:\WINDOWS\System32\KERNELBASE.dll

Report Id: b856b909-5d26-4cbd-8919-ffdda4c44ef8

Faulting package full name:

Faulting package-relative application ID:

System errors:

=============

Error: (03/28/2018 02:09:26 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)

Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID

{D63B10C5-BB46-4990-A94F-E40B9D520160}

and APPID

{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}

to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (03/27/2018 11:53:48 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)

Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID

{D63B10C5-BB46-4990-A94F-E40B9D520160}

and APPID

{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}

Error: (03/26/2018 11:26:25 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)

Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID

{D63B10C5-BB46-4990-A94F-E40B9D520160}

and APPID

{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}

Error: (03/25/2018 09:47:03 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)

Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID

{D63B10C5-BB46-4990-A94F-E40B9D520160}

and APPID

{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}

Error: (03/25/2018 05:32:30 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)

Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID

{D63B10C5-BB46-4990-A94F-E40B9D520160}

and APPID

{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}

Error: (03/25/2018 02:00:03 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)

Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID

{D63B10C5-BB46-4990-A94F-E40B9D520160}

and APPID

{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}

Error: (03/24/2018 05:49:52 PM) (Source: Service Control Manager) (EventID: 7023) (User: )

Description: The Interactive Services Detection service terminated with the following error:

Incorrect function.

Error: (03/24/2018 05:49:52 PM) (Source: Service Control Manager) (EventID: 7023) (User: )

Description: The Interactive Services Detection service terminated with the following error:

Incorrect function.

Windows Defender:

===================================

Date: 2018-03-12 23:00:16.706

Description:

Windows Defender Antivirus scan has been stopped before completion.

Scan ID: {F7DD1F47-00D5-41CD-BC1C-F625F23FB559}

Scan Type: Antimalware

Scan Parameters: Quick Scan

CodeIntegrity:

===================================

Date: 2018-03-24 20:57:27.690

Description:

Code Integrity determined that a process (\Device\HarddiskVolume9\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume9\Program Files\NVIDIA Corporation\Ansel\Tools\NvCameraWhitelisting64.dll that did not meet the Store signing level requirements.

Date: 2018-03-24 20:57:27.479

Description:

Date: 2018-03-24 14:29:22.684

Description:

Code Integrity determined that a process (\Device\HarddiskVolume9\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume9\Program Files\NVIDIA Corporation\Ansel\Tools\NvCameraWhitelisting64.dll that did not meet the Microsoft signing level requirements.

Date: 2018-03-24 01:05:20.428

Description:

Date: 2018-03-24 01:05:01.844

Description:

Date: 2018-03-24 00:57:47.679

Description:

Date: 2018-03-24 00:50:00.367

Description:

Date: 2018-03-24 00:42:52.698

Description:

==================== Memory info ===========================

Processor: Intel® Core™ i7-4790K CPU @ 4.00GHz

Percentage of memory in use: 49%

Total physical RAM: 32709.45 MB

Available physical RAM: 16533.07 MB

Total Virtual: 33733.45 MB

Available Virtual: 6650.46 MB

==================== Drives ================================

Drive c: (W10E64) (Fixed) (Total:120 GB) (Free:16.21 GB) NTFS

Drive d: (TurboTax 2017) (CDROM) (Total:0.48 GB) (Free:0 GB) CDFS

Drive f: (Recovery) (Fixed) (Total:0.44 GB) (Free:0.1 GB) NTFS

Drive h: (h1z1) (Fixed) (Total:64 GB) (Free:18.07 GB) NTFS

Drive n: (CX713) (Fixed) (Total:27.74 GB) (Free:27.5 GB) NTFS

Drive p: (PLEX) (Network) (Total:64 GB) (Free:32.69 GB) NTFS

Drive r: (Photos) (Fixed) (Total:256 GB) (Free:92.1 GB) NTFS

Drive s: (s;ProgramFiles) (Fixed) (Total:2026.39 GB) (Free:166 GB) NTFS

Drive u: (UsersT) (Fixed) (Total:300 GB) (Free:123.7 GB) NTFS

Drive x: (W10E64) (Network) (Total:120 GB) (Free:16.21 GB) NTFS

Drive z: (00-WDH1BCCP) (Network) (Total:3725.88 GB) (Free:465.33 GB) ReFS

==================== MBR & Partition Table ==================

========================================================

Disk: 0 (MBR Code: Windows 7/8/10) (Size: 2794.5 GB) (Disk ID: 0F4A6E93)

Partition: GPT.

========================================================

Disk: 1 (MBR Code: Windows 7/8/10) (Size: 223.6 GB) (Disk ID: 0EC3ED86)

Partition: GPT.

==================== End of Addition.txt ============================

Attached Thumbnails

Edited by Wolfie, 28 March 2018 - 11:16 PM.

#2
zep516

Posted 01 April 2018 - 10:08 AM

Trusted Helper

Malware Removal
8,090 posts

Your log shows signs of pirated software

127.0.0.1 activate.adobe.com
127.0.0.1 practivate.adobe.com

Assisting with these types of entries is against forum policy.

#3
Wolfie

Posted 01 April 2018 - 11:31 AM

Member

Topic Starter
Member
74 posts

I have removed those entries.

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 14.03.2018

Ran by Wolfie (administrator) on WOLF10 (01-04-2018 13:28:55)