Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Files won't open


  • Please log in to reply

#1
Vertigo59

Vertigo59

    New Member

  • Member
  • Pip
  • 1 posts

None of my files will open. Whenever I tried to click on the folder the entire screen would go black and then come back in a few seconds. After I changed the setting to launch folder windows in a separate process it doesn't go black anymore. Now it just shows the blue loading circle around my mouse and then nothing happens. I don't know if it's a virus. Please help.

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 02.08.2018
Ran by Isuru (administrator) on LAPTOP-PMR2PO2E (02-08-2018 18:52:01)
Running from C:\Users\Isuru\Desktop
Loaded Profiles: Isuru (Available Profiles: Isuru)
Platform: Windows 10 Home Version 1709 16299.431 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_82119d956c80af5a\igfxCUIService.exe
(Intel Corporation) C:\Windows\System32\IntelSSTAPO\ParameterService\ParameterService.exe
(Windows ® Win 7 DDK provider) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_82119d956c80af5a\IntelCpHDCPSvc.exe
(Bitdefender) C:\Program Files\Bitdefender Antivirus Free\bdredline.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Bitdefender) C:\Program Files\Bitdefender Agent\ProductAgentService.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Bitdefender) C:\Program Files\Bitdefender Antivirus Free\vsserv.exe
(NIKITA ONLINE) C:\Program Files (x86)\GameXPService\gamexpsvc.exe
(Bitdefender) C:\Program Files\Bitdefender Antivirus Free\vsservppl.exe
(Bitdefender) C:\Program Files\Bitdefender Antivirus Free\updatesrv.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_82119d956c80af5a\IntelCpHeciSvc.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QASvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QALSvc.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Program Files\rempl\sedsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
() C:\Program Files (x86)\RivaTuner Statistics Server\RTSS.exe
(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_82119d956c80af5a\igfxEM.exe
(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
() C:\Program Files (x86)\RivaTuner Statistics Server\EncoderServer.exe
() C:\Program Files (x86)\RivaTuner Statistics Server\RTSSHooksLoader64.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QAAgent.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QALockHandler.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QAAdminAgent.exe
(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_82119d956c80af5a\igfxext.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Pixart Imaging Inc) C:\Windows\System32\TiltWheelMouse.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Bitdefender) C:\Program Files\Bitdefender Antivirus Free\bdagent.exe
() C:\Program Files (x86)\Acer\Care Center\ACCStd.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_11807.1001.13.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Corporation) C:\Windows\System32\WWAHost.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.LockApp_cw5n1h2txyewy\LockApp.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [630168 2017-09-29] (Microsoft Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [16695816 2016-08-21] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_TrueHarmony] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1462792 2016-08-21] (Realtek Semiconductor)
HKLM\...\Run: [MouseDriver] => C:\Windows\system32\TiltWheelMouse.exe [241152 2013-04-09] (Pixart Imaging Inc)
HKU\S-1-5-21-2797589888-3889707670-1394007338-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3205920 2018-08-01] (Valve Corporation)
HKU\S-1-5-21-2797589888-3889707670-1394007338-1001\...\MountPoints2: {656a7541-ffe5-11e7-abaf-3ca0676d4dd6} - "E:\OnePlus_setup.exe" /s
GroupPolicy: Restriction ? <==== ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{3f4458e4-474f-4454-900e-e2fe4fc4a7fb}: [DhcpNameServer] 40.33.1.55
Tcpip\..\Interfaces\{9d96f3a2-f83d-4469-a90f-ac8066ebf88a}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{9d96f3a2-f83d-4469-a90f-ac8066ebf88a}: [DhcpNameServer] 192.168.0.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-2797589888-3889707670-1394007338-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKU\S-1-5-21-2797589888-3889707670-1394007338-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02&pc=UE00
SearchScopes: HKU\S-1-5-21-2797589888-3889707670-1394007338-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02&pc=UE00
SearchScopes: HKU\S-1-5-21-2797589888-3889707670-1394007338-1001 -> {7C4571CC-0619-4C0A-86FD-2C3180C629A3} URL =
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2018-07-22] (Microsoft Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2018-05-11] (Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-07-22] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-07-22] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-07-22] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-07-22] (Microsoft Corporation)

FireFox:
========
FF DefaultProfile: b8zp7akm.default
FF ProfilePath: C:\Users\Isuru\AppData\Roaming\Mozilla\Firefox\Profiles\b8zp7akm.default [2018-08-02]
FF Extension: (LanguageTool - Grammar and Style Checker) - C:\Users\Isuru\AppData\Roaming\Mozilla\Firefox\Profiles\b8zp7akm.default\Extensions\[email protected] [2018-08-02]
FF Extension: (uBlock Origin) - C:\Users\Isuru\AppData\Roaming\Mozilla\Firefox\Profiles\b8zp7akm.default\Extensions\[email protected] [2018-07-17]
FF Extension: (photobucket embed fix) - C:\Users\Isuru\AppData\Roaming\Mozilla\Firefox\Profiles\b8zp7akm.default\Extensions\{62fe3031-9260-4ae5-bc65-5aaf42870fff}.xpi [2018-03-19]
FF Extension: (Vimium) - C:\Users\Isuru\AppData\Roaming\Mozilla\Firefox\Profiles\b8zp7akm.default\Extensions\{d7742d87-e61d-4b78-b8a1-b469842139fa}.xpi [2018-04-01]
FF ProfilePath: C:\Users\Isuru\AppData\Roaming\Mozilla\Firefox\Profiles\9h9u6f6c.user [2018-08-02]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_26_0_0_151.dll [2017-08-24] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_26_0_0_151.dll [2017-08-24] ()
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2018-05-11] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2018-03-18] (Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-06-29] (Adobe Systems Inc.)

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [338312 2016-08-31] (Windows ® Win 7 DDK provider)
R2 bdredline; C:\Program Files\Bitdefender Antivirus Free\bdredline.exe [2195280 2018-06-06] (Bitdefender)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [8765104 2018-07-13] (Microsoft Corporation)
R2 gamexpsvc; C:\Program Files (x86)\GameXPService\gamexpsvc.exe [846656 2018-04-06] (NIKITA ONLINE)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [17976 2016-09-20] (Intel Corporation)
S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [987432 2016-07-26] (Intel® Corporation)
R2 IntelSSTSvc; C:\WINDOWS\system32\IntelSSTAPO\ParameterService\ParameterService.exe [26608 2016-07-12] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [177440 2016-08-30] (Intel Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6541008 2018-05-09] (Malwarebytes)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [764456 2018-07-19] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [764456 2018-07-19] (NVIDIA Corporation)
R2 osrss; C:\WINDOWS\system32\osrss.dll [130808 2018-06-08] (Microsoft Corporation)
R2 ProductAgentService; C:\Program Files\Bitdefender Agent\ProductAgentService.exe [1275776 2018-05-16] (Bitdefender)
R3 QALSvc; C:\Program Files\Acer\Acer Quick Access\QALSvc.exe [461616 2016-11-11] (Acer Incorporated)
R3 QASvc; C:\Program Files\Acer\Acer Quick Access\QASvc.exe [506672 2016-11-11] (Acer Incorporated)
R2 sedsvc; C:\Program Files\rempl\sedsvc.exe [295976 2018-07-16] (Microsoft Corporation)
R2 updatesrv; C:\Program Files\Bitdefender Antivirus Free\updatesrv.exe [239400 2018-06-06] (Bitdefender)
R2 vsserv; C:\Program Files\Bitdefender Antivirus Free\vsserv.exe [239400 2018-06-06] (Bitdefender)
R2 vsservppl; C:\Program Files\Bitdefender Antivirus Free\vsservppl.exe [239400 2018-06-06] (Bitdefender)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [355304 2017-09-29] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [105944 2017-09-29] (Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
R2 NvTelemetryContainer; "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugins" -r

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 atc; C:\WINDOWS\System32\DRIVERS\atc.sys [1283464 2018-06-06] (BitDefender S.R.L. Bucharest, ROMANIA)
R0 avc3; C:\WINDOWS\System32\DRIVERS\avc3.sys [1723552 2018-05-11] (BitDefender)
R0 BdDci; C:\WINDOWS\system32\DRIVERS\bddci.sys [152648 2018-05-11] (Bitdefender)
S0 bdelam; C:\WINDOWS\System32\drivers\bdelam.sys [23032 2018-05-11] (Bitdefender)
R3 edrsensor; C:\WINDOWS\System32\DRIVERS\edrsensor.sys [246064 2018-05-11] (BitDefender S.R.L. Bucharest, ROMANIA)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [152688 2018-06-19] (Malwarebytes)
R0 gzflt; C:\WINDOWS\System32\drivers\gzflt.sys [193184 2018-06-29] (BitDefender LLC)
R3 LMDriver; C:\WINDOWS\System32\drivers\LMDriver.sys [21344 2016-11-11] (Acer Incorporated)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [191208 2018-08-01] (Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [114920 2018-08-02] (Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [48360 2018-08-02] (Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [253664 2018-08-02] (Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [102632 2018-08-02] (Malwarebytes)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvaci.inf_amd64_05f20e62973804a9\nvlddmkm.sys [17211376 2018-08-01] (NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30656 2018-07-12] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [69544 2018-06-07] (NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [65792 2018-04-24] (NVIDIA Corporation)
R3 RadioShim; C:\WINDOWS\System32\drivers\RadioShim.sys [14688 2016-11-11] (Acer Incorporated)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [943112 2016-08-22] (Realtek )
S3 RTCore64; C:\Program Files (x86)\MSI Afterburner\RTCore64.sys [14024 2016-10-24] ()
R3 RTSPER; C:\WINDOWS\system32\DRIVERS\RtsPer.sys [779232 2016-08-04] (Realsil Semiconductor Corporation)
R3 ScpVBus; C:\WINDOWS\System32\drivers\ScpVBus.sys [39168 2013-05-19] (Scarlet.Crush Productions)
R3 SynRMIHID; C:\WINDOWS\system32\DRIVERS\SynRMIHID.sys [57432 2016-09-04] (Synaptics Incorporated)
R2 trufos; C:\WINDOWS\System32\drivers\trufos.sys [607640 2018-05-11] (Bitdefender)
R3 t_mouse.sys; C:\WINDOWS\system32\DRIVERS\t_mouse.sys [6144 2013-04-09] ()
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44608 2017-09-29] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [309144 2017-09-29] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [119192 2017-09-29] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-08-02 18:52 - 2018-08-02 18:52 - 000017609 _____ C:\Users\Isuru\Desktop\FRST.txt
2018-08-02 18:51 - 2018-08-02 18:52 - 000000000 ____D C:\FRST
2018-08-02 18:51 - 2018-08-02 18:51 - 002412544 _____ (Farbar) C:\Users\Isuru\Desktop\FRST64.exe
2018-08-02 14:58 - 2018-08-02 15:03 - 000000000 ___HD C:\$SysReset
2018-08-02 14:57 - 2018-08-02 15:03 - 000000000 ____D C:\Program Files\rempl
2018-08-02 14:57 - 2018-06-08 14:09 - 000130808 _____ (Microsoft Corporation) C:\WINDOWS\system32\osrss.dll
2018-08-02 14:49 - 2018-08-02 14:49 - 000029185 _____ C:\ProgramData\agent.update.1533239376.bdinstall.bin
2018-08-02 14:40 - 2018-08-02 14:40 - 000000000 ____D C:\Users\Isuru\Desktop\New folder
2018-08-02 12:52 - 2018-05-04 04:37 - 000278448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Notifier.exe
2018-08-01 16:06 - 2018-08-01 16:06 - 000000000 ____D C:\Program Files (x86)\VulkanRT
2018-08-01 16:05 - 2018-08-01 16:05 - 000000000 ____D C:\WINDOWS\system32\Drivers\NVIDIA Corporation
2018-08-01 16:05 - 2018-07-30 12:41 - 005947600 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2018-08-01 16:05 - 2018-07-30 12:41 - 002612264 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2018-08-01 16:05 - 2018-07-30 12:41 - 001767632 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2018-08-01 16:05 - 2018-07-30 12:41 - 000634352 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2018-08-01 16:05 - 2018-07-30 12:41 - 000450768 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2018-08-01 16:05 - 2018-07-30 12:41 - 000124216 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2018-08-01 16:05 - 2018-07-30 12:41 - 000082800 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2018-08-01 16:05 - 2018-07-24 04:03 - 008253772 _____ C:\WINDOWS\system32\nvcoproc.bin
2018-08-01 16:05 - 2018-06-20 14:46 - 000001951 _____ C:\WINDOWS\NvContainerRecovery.bat
2018-08-01 16:03 - 2018-08-01 04:50 - 004352880 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2018-08-01 16:03 - 2018-08-01 04:50 - 003769016 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2018-08-01 16:03 - 2018-08-01 04:50 - 002002448 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6439882.dll
2018-08-01 16:03 - 2018-08-01 04:50 - 001565048 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2018-08-01 16:03 - 2018-08-01 04:50 - 001467920 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6439882.dll
2018-08-01 16:03 - 2018-08-01 04:50 - 001420576 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2018-08-01 16:03 - 2018-08-01 04:50 - 001218528 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2018-08-01 16:03 - 2018-08-01 04:50 - 001094128 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2018-08-01 16:03 - 2018-08-01 04:50 - 000628920 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2018-08-01 16:03 - 2018-08-01 04:50 - 000518488 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2018-08-01 16:03 - 2018-08-01 04:49 - 040346808 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcompiler.dll
2018-08-01 16:03 - 2018-08-01 04:49 - 035250008 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcompiler.dll
2018-08-01 16:03 - 2018-08-01 04:49 - 031250184 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2018-08-01 16:03 - 2018-08-01 04:49 - 025966552 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2018-08-01 16:03 - 2018-08-01 04:49 - 013728728 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvptxJitCompiler.dll
2018-08-01 16:03 - 2018-08-01 04:49 - 011273816 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll
2018-08-01 16:03 - 2018-08-01 04:49 - 001159120 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvfatbinaryLoader.dll
2018-08-01 16:03 - 2018-08-01 04:49 - 000906808 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll
2018-08-01 16:03 - 2018-08-01 04:48 - 017756224 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2018-08-01 16:03 - 2018-08-01 04:48 - 015170808 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2018-08-01 16:03 - 2018-08-01 04:47 - 004858224 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2018-08-01 16:03 - 2018-08-01 04:47 - 004128280 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2018-08-01 16:03 - 2018-07-30 14:14 - 000044271 _____ C:\WINDOWS\system32\nvinfo.pb
2018-08-01 15:48 - 2018-08-02 18:30 - 000102632 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2018-08-01 15:48 - 2018-08-02 15:04 - 000114920 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2018-08-01 15:48 - 2018-08-02 15:04 - 000048360 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2018-08-01 15:48 - 2018-08-01 15:48 - 000191208 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2018-08-01 15:47 - 2018-08-02 15:04 - 000253664 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2018-08-01 15:47 - 2018-08-01 15:47 - 000001919 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2018-08-01 15:47 - 2018-08-01 15:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2018-08-01 15:47 - 2018-08-01 15:47 - 000000000 ____D C:\ProgramData\Malwarebytes
2018-08-01 15:47 - 2018-08-01 15:47 - 000000000 ____D C:\Program Files\Malwarebytes
2018-08-01 15:47 - 2018-06-19 14:09 - 000152688 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2018-07-27 13:27 - 2018-07-27 13:27 - 000183823 _____ C:\Users\Isuru\Downloads\Isuru Gamlath (Resume)_01.pdf
2018-07-22 22:27 - 2018-07-22 22:27 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-08-02 18:52 - 2017-07-13 21:02 - 000000000 ____D C:\Program Files\Bitdefender Antivirus Free
2018-08-02 18:36 - 2018-05-18 19:32 - 000000000 ____D C:\Users\Isuru\AppData\Local\CrashDumps
2018-08-02 18:25 - 2017-07-13 19:56 - 000000000 ____D C:\Users\Isuru\AppData\LocalLow\Mozilla
2018-08-02 16:09 - 2017-09-29 03:45 - 000065536 _____ C:\WINDOWS\system32\config\ELAM
2018-08-02 15:40 - 2017-09-29 08:46 - 000000000 ____D C:\WINDOWS\DeliveryOptimization
2018-08-02 15:39 - 2018-02-27 18:50 - 000000000 ____D C:\WINDOWS\Panther
2018-08-02 15:38 - 2017-10-22 20:28 - 000000000 ____D C:\Users\Isuru\AppData\Roaming\DS4Windows
2018-08-02 15:38 - 2017-07-13 20:03 - 000000000 ____D C:\Program Files (x86)\Steam
2018-08-02 15:33 - 2017-07-14 13:03 - 000000000 ____D C:\WINDOWS\system32\MRT
2018-08-02 15:31 - 2017-07-14 13:03 - 134675576 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2018-08-02 15:19 - 2017-09-29 08:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2018-08-02 15:19 - 2017-03-21 19:25 - 000000000 ____D C:\ProgramData\NVIDIA
2018-08-02 15:17 - 2017-07-13 19:42 - 000000000 __SHD C:\Users\Isuru\IntelGraphicsProfiles
2018-08-02 15:09 - 2018-02-14 23:16 - 001562616 _____ C:\WINDOWS\system32\perfh00A.dat
2018-08-02 15:09 - 2018-02-14 23:16 - 000380930 _____ C:\WINDOWS\system32\perfc00A.dat
2018-08-02 15:09 - 2017-11-27 23:28 - 004009412 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2018-08-02 15:04 - 2017-11-27 23:25 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2018-08-02 15:04 - 2017-09-29 03:45 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2018-08-02 15:03 - 2017-09-29 08:44 - 000000000 ____D C:\WINDOWS\INF
2018-08-02 15:01 - 2017-09-29 08:46 - 000000000 ____D C:\WINDOWS\registration
2018-08-02 14:49 - 2017-07-13 21:02 - 000000000 ____D C:\Program Files\Bitdefender Agent
2018-08-02 14:39 - 2017-11-27 23:25 - 000004168 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{C5B68224-EA98-4AC1-A56F-BBCA02849155}
2018-08-02 14:39 - 2017-07-13 19:43 - 000000000 ____D C:\Users\Isuru\AppData\Local\NVIDIA Corporation
2018-08-02 13:01 - 2017-09-29 08:46 - 000000000 ___HD C:\Program Files\WindowsApps
2018-08-02 13:01 - 2017-09-29 08:46 - 000000000 ____D C:\WINDOWS\AppReadiness
2018-08-02 12:58 - 2017-03-21 19:25 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2018-08-02 12:57 - 2017-10-22 19:49 - 000000000 ____D C:\Users\Isuru\AppData\Local\ElevatedDiagnostics
2018-08-02 12:57 - 2017-09-29 08:46 - 000000000 ____D C:\WINDOWS\system32\NDF
2018-08-01 16:58 - 2017-11-27 23:20 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2018-08-01 16:06 - 2017-07-13 20:42 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2018-08-01 16:05 - 2017-09-29 08:46 - 000000000 ____D C:\WINDOWS\Help
2018-08-01 16:05 - 2017-07-13 20:42 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2018-08-01 16:04 - 2017-07-13 19:42 - 000000000 ____D C:\Users\Isuru\AppData\Local\NVIDIA
2018-08-01 15:53 - 2018-05-21 20:59 - 000003976 _____ C:\WINDOWS\System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-08-01 15:53 - 2018-05-21 20:59 - 000003940 _____ C:\WINDOWS\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-08-01 15:53 - 2018-05-21 20:59 - 000003926 _____ C:\WINDOWS\System32\Tasks\NvTmRepCR3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-08-01 15:53 - 2018-05-21 20:59 - 000003926 _____ C:\WINDOWS\System32\Tasks\NvTmRepCR2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-08-01 15:53 - 2018-05-21 20:59 - 000003926 _____ C:\WINDOWS\System32\Tasks\NvTmRepCR1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-08-01 15:53 - 2018-05-21 20:56 - 000004106 _____ C:\WINDOWS\System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-08-01 15:53 - 2018-05-18 19:27 - 000004308 _____ C:\WINDOWS\System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-08-01 15:53 - 2018-05-18 19:26 - 000003894 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-08-01 15:53 - 2018-05-18 19:26 - 000003866 _____ C:\WINDOWS\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-08-01 15:53 - 2018-05-18 19:26 - 000003858 _____ C:\WINDOWS\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-08-01 15:53 - 2018-05-18 19:26 - 000003654 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-08-01 15:22 - 2018-05-21 09:11 - 000000000 ___RD C:\Users\Isuru\Desktop\Games
2018-07-31 22:51 - 2018-01-11 23:27 - 000000000 ____D C:\Users\Isuru\AppData\Roaming\Leonflix
2018-07-31 16:42 - 2018-05-15 17:49 - 000000000 ____D C:\Users\Isuru\AppData\Local\SnakeBite
2018-07-31 15:53 - 2018-05-23 22:26 - 000000000 ____D C:\Users\Isuru\Desktop\New folder (2)
2018-07-31 13:56 - 2018-05-15 17:57 - 000000000 ____D C:\Users\Isuru\Downloads\MGSV Mods
2018-07-31 13:53 - 2017-11-27 23:21 - 000000000 ____D C:\Users\Isuru
2018-07-25 19:43 - 2017-08-25 13:19 - 000000312 _____ C:\Users\Isuru\Desktop\To Do list.txt
2018-07-23 14:10 - 2017-08-03 22:55 - 000000000 ____D C:\Program Files (x86)\GameXPService
2018-07-22 22:27 - 2017-09-29 08:46 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2018-07-22 22:27 - 2017-08-27 00:53 - 000002505 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype for Business.lnk
2018-07-22 22:27 - 2017-03-21 18:43 - 000002500 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk
2018-07-22 22:27 - 2017-03-21 18:43 - 000002499 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk
2018-07-22 22:27 - 2017-03-21 18:43 - 000002463 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk
2018-07-22 22:27 - 2017-03-21 18:43 - 000002462 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk
2018-07-22 22:27 - 2017-03-21 18:43 - 000002456 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk
2018-07-22 22:27 - 2017-03-21 18:43 - 000002450 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher.lnk
2018-07-22 22:27 - 2017-03-21 18:43 - 000002442 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk
2018-07-22 22:26 - 2017-03-21 18:43 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2018-07-21 21:23 - 2018-02-14 16:55 - 000000000 ____D C:\Users\Isuru\AppData\Local\NFS Underground 2
2018-07-20 10:52 - 2017-11-27 23:25 - 000003378 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2797589888-3889707670-1394007338-1001
2018-07-20 10:52 - 2017-07-13 19:44 - 000002374 _____ C:\Users\Isuru\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2018-07-20 10:52 - 2017-07-13 19:44 - 000000000 ___RD C:\Users\Isuru\OneDrive
2018-07-19 15:20 - 2018-05-21 20:59 - 002340392 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll
2018-07-19 15:20 - 2018-05-21 20:59 - 001936424 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll
2018-07-19 15:20 - 2018-05-21 20:59 - 001311784 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvRtmpStreamer64.dll
2018-07-19 12:44 - 2018-05-18 19:26 - 000001951 _____ C:\WINDOWS\NvTelemetryContainerRecovery.bat
2018-07-18 23:48 - 2017-11-27 23:25 - 000003802 _____ C:\WINDOWS\System32\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864
2018-07-17 22:30 - 2018-05-17 20:21 - 000000000 ____D C:\Users\Isuru\Documents\American Truck Simulator
2018-07-14 21:02 - 2018-05-22 18:29 - 000000000 ____D C:\Users\Isuru\ansel
2018-07-11 21:00 - 2017-11-27 23:25 - 000004562 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2018-07-11 20:59 - 2017-10-09 10:25 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2018-07-08 18:54 - 2017-10-22 21:29 - 000001775 _____ C:\Users\Isuru\Desktop\DS4Windows.exe - Shortcut.lnk
2018-07-08 18:52 - 2018-05-25 20:43 - 000002065 _____ C:\Users\Isuru\Desktop\NVIDIA GeForce Experience.exe - Shortcut.lnk
2018-07-07 12:06 - 2017-07-13 19:56 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2018-07-07 12:06 - 2017-07-13 19:56 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2018-07-07 09:45 - 2017-11-27 23:22 - 000000000 ____D C:\Users\Isuru\AppData\Local\Packages
2018-07-06 16:43 - 2017-11-15 11:07 - 000001239 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk

==================== Files in the root of some directories =======

2017-09-13 17:34 - 2017-09-13 17:34 - 000003584 _____ () C:\Users\Isuru\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2018-05-25 09:47 - 2018-05-25 09:47 - 000007602 _____ () C:\Users\Isuru\AppData\Local\Resmon.ResmonCfg

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2018-07-31 23:02

==================== End of FRST.txt ============================

 

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 02.08.2018
Ran by Isuru (02-08-2018 18:52:56)
Running from C:\Users\Isuru\Desktop
Windows 10 Home Version 1709 16299.431 (X64) (2017-11-28 04:37:17)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-2797589888-3889707670-1394007338-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2797589888-3889707670-1394007338-503 - Limited - Disabled)
Guest (S-1-5-21-2797589888-3889707670-1394007338-501 - Limited - Disabled)
Isuru (S-1-5-21-2797589888-3889707670-1394007338-1001 - Administrator - Enabled) => C:\Users\Isuru
WDAGUtilityAccount (S-1-5-21-2797589888-3889707670-1394007338-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Bitdefender Antivirus Free Antimalware (Enabled - Up to date) {EA21BCE8-A461-99C3-3A0D-4C964E75494E}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Bitdefender Antivirus Free Antimalware (Enabled - Up to date) {51405D0C-825B-964D-00BD-77E435F203F3}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 16.04 (x64) (HKLM\...\7-Zip) (Version: 16.04 - Igor Pavlov)
Acer Care Center (HKLM\...\{1AF41E84-3408-499A-8C93-8891F0612719}) (Version: 2.00.3029 - Acer Incorporated)
Acer Quick Access (HKLM\...\{8BBF04F1-C68A-441C-B5EF-446EE9960EAF}) (Version: 2.01.3009 - Acer Incorporated)
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 18.011.20055 - Adobe Systems Incorporated)
Adobe Flash Player 26 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 26.0.0.151 - Adobe Systems Incorporated)
Anki (HKLM-x32\...\Anki) (Version:  - )
Bitdefender Agent (HKLM\...\Bitdefender Agent) (Version: 1.0.1 - Bitdefender)
Bitdefender Antivirus Free (HKLM\...\{1FCCF41D-5F00-4FE2-9653-162D0486C8B4}) (Version: 1.0.8.20 - Bitdefender)
CyberLink PowerDVD 12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.5917.02 - CyberLink Corp.)
Discord (HKU\S-1-5-21-2797589888-3889707670-1394007338-1001\...\Discord) (Version: 0.0.301 - Discord Inc.)
DisplayDriverAnalyzer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_DisplayDriverAnalyzer) (Version: 398.82 - NVIDIA Corporation) Hidden
Dolphin (HKLM-x32\...\Dolphin) (Version: 5.0 - Dolphin Team)
DriverSetupUtility (HKLM\...\{2B51C83A-465D-4EA9-9CDC-1ED95ED09AC6}) (Version: 1.00.3019 - Acer Incorporated)
Fallout Mod Manager 0.13.21 (HKLM-x32\...\Generic Mod Manager_is1) (Version:  - Q, Timeslip)
Intel® Chipset Device Software (HKLM-x32\...\{bb0592a7-5772-4736-9d55-2402740085db}) (Version: 10.1.1.38 - Intel® Corporation) Hidden
Intel® Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.6.0.1025 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 21.20.16.4534 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 15.2.0.1020 - Intel Corporation)
Intel® Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 30.100.1633.3 - Intel Corporation)
League of Legends (HKLM-x32\...\{E80C09B5-A296-47E9-BD4B-BCCF2FDCA13E}) (Version: 4.1.2 - Riot Games) Hidden
League of Legends (HKLM-x32\...\League of Legends 4.1.2) (Version: 4.1.2 - Riot Games)
Leonflix 0.4.7 (only current user) (HKU\S-1-5-21-2797589888-3889707670-1394007338-1001\...\8751db29-a017-5240-bf08-2c23a7d362b0) (Version: 0.4.7 - Leonflix)
Malwarebytes version 3.5.1.2522 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.5.1.2522 - Malwarebytes)
Microsoft Office 365 ProPlus - en-us (HKLM\...\O365ProPlusRetail - en-us) (Version: 16.0.10228.20134 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2797589888-3889707670-1394007338-1001\...\OneDriveSetup.exe) (Version: 18.111.0603.0006 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61186 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40664 (HKLM\...\{010792BA-551A-3AC0-A7EF-0FAB4156C382}) (Version: 12.0.40664 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40664 (HKLM\...\{53CF6934-A98D-3D84-9146-FC4EDF3D5641}) (Version: 12.0.40664 - Microsoft Corporation)
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40664 (HKLM-x32\...\{D401961D-3A20-3AC7-943B-6139D5BD490A}) (Version: 12.0.40664 - Microsoft Corporation)
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40664 (HKLM-x32\...\{8122DAB1-ED4D-3676-BB0A-CA368196543E}) (Version: 12.0.40664 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2017 x64 Additional Runtime - 14.12.25711 (HKLM\...\{7D02C46E-2953-3EB1-A5D5-7943C9D7684F}) (Version: 14.12.25711 - Microsoft Corporation)
Microsoft Visual C++ 2017 x64 Minimum Runtime - 14.12.25711 (HKLM\...\{043D5787-5988-3DE2-928D-3B6A75E2126E}) (Version: 14.12.25711 - Microsoft Corporation)
Microsoft Visual C++ 2017 x86 Additional Runtime - 14.12.25711 (HKLM-x32\...\{8FDCF95F-4756-34F4-9DA2-D708E7FAC504}) (Version: 14.12.25711 - Microsoft Corporation)
Microsoft Visual C++ 2017 x86 Minimum Runtime - 14.12.25711 (HKLM-x32\...\{6E894015-A182-3C1E-A7D2-3032CB2E1D43}) (Version: 14.12.25711 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\{FD9D64F4-CAF5-3D23-845A-B843C78CC1A5}) (Version: 10.0.60830 - Microsoft Corporation)
Mozilla Firefox 61.0.1 (x64 en-US) (HKLM\...\Mozilla Firefox 61.0.1 (x64 en-US)) (Version: 61.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 57.0 - Mozilla)
MSI Afterburner 4.3.0 (HKLM-x32\...\Afterburner) (Version: 4.3.0 - MSI Co., LTD)
Nexus Mod Manager (HKLM\...\6af12c54-643b-4752-87d0-8335503010de_is1) (Version: 0.63.14 - Black Tree Gaming)
NVIDIA GeForce Experience 3.14.1.48 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.14.1.48 - NVIDIA Corporation)
NVIDIA Graphics Driver 398.82 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 398.82 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.17.0524 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0524 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.10228.20134 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.10228.20134 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.10228.20134 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0409-0000-0000000FF1CE}) (Version: 16.0.10228.20134 - Microsoft Corporation) Hidden
OnePlus USB Drivers 1.00 (HKLM-x32\...\OnePlus USB Drivers 1.00) (Version: 1.00 - OnePlus, Inc)
qBittorrent 3.3.13 (HKLM-x32\...\qBittorrent) (Version: 3.3.13 - The qBittorrent project)
Qualcomm Atheros 11ac Wireless LAN Installer (HKLM-x32\...\{20CA507E-24AA-4741-87CF-CC1B250790B7}) (Version: 11.0.10388 - Qualcomm Atheros)
Qualcomm Atheros Bluetooth Installer (64) (HKLM\...\{628988B4-3FA5-4EA6-BAA3-DA640F6718BD}) (Version: 10.0.0.278 - Qualcomm Atheros)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.14393.21292 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.10.714.2016 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7910 - Realtek Semiconductor Corp.)
RivaTuner Statistics Server 7.0.0 Beta 19 (HKLM-x32\...\RTSS) (Version: 7.0.0 Beta 19 - Unwinder)
SimUText 2017-2018 (HKLM-x32\...\{4727CF2B-278F-4A05-91CE-C729B0FFA3E7}) (Version: 2.8.0 - SimBio)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Twitch (HKU\S-1-5-21-2797589888-3889707670-1394007338-1001\...\{DEE70742-F4E9-44CA-B2B9-EE95DCF37295}) (Version: 7.0.0.0 - Twitch Interactive, Inc.)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{479E8CC7-CD68-4EB4-BB04-34A5C2C74102}) (Version: 2.46.0.0 - Microsoft Corporation)
Viber (HKLM-x32\...\{E24B538B-12B9-4C7B-AE61-3C8A8A95BB75}) (Version: 7.9.5.8 - Viber Media Inc.) Hidden
Viber (HKU\S-1-5-21-2797589888-3889707670-1394007338-1001\...\{d238ef1a-5d58-4630-88bd-a257a12084b3}) (Version: 7.9.5.8 - Viber Media Inc.)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.6 - VideoLAN)
Windows 10 Upgrade Assistant (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22175 - Microsoft Corporation)
Windows Movie Maker 2.6 (HKLM-x32\...\{B3DAF54F-DB25-4586-9EF1-96D24BB14088}) (Version: 2.6.4037.0 - Microsoft Corporation)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-05-09] (Malwarebytes)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_82119d956c80af5a\igfxDTCM.dll [2017-02-07] (Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2018-07-30] (NVIDIA Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-05-09] (Malwarebytes)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {05A76085-1226-4341-980E-79E5AF02456B} - System32\Tasks\NvTmRepCR3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-07-19] (NVIDIA Corporation)
Task: {0684726B-6E6F-46DB-97A0-7A2B1FB88169} - System32\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864 => C:\Program Files\Bitdefender Agent\WatchDog.exe [2018-05-16] (Bitdefender)
Task: {088F3EA4-18F6-4B0B-A7ED-F5CD2CF890AA} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2018-07-13] (Microsoft Corporation)
Task: {0C40906A-0EA1-487F-B8DF-A85F196A61E7} - System32\Tasks\ACCBackgroundApplication => C:\Program Files (x86)\Acer\Care Center\ACCStd.exe [2017-05-24] ()
Task: {0C42D1CB-3288-4E89-8771-B255F8DBD972} - System32\Tasks\NvTmRepCR2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-07-19] (NVIDIA Corporation)
Task: {0EF7AD37-5859-4C77-8866-05D0451E43F3} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018-07-22] (Microsoft Corporation)
Task: {105751B4-DC48-4B3A-9545-21D685A40A47} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2018-07-19] (NVIDIA Corporation)
Task: {176DECB0-899F-443A-9E09-3E3D7B69D60C} - System32\Tasks\NvTmRepCR1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-07-19] (NVIDIA Corporation)
Task: {1AD6B126-5464-4388-93E1-46B837DFB5DB} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2018-07-22] (Microsoft Corporation)
Task: {31C7446B-0AB5-44C5-9034-BC327B255B2A} - System32\Tasks\ACCAgent => C:\Program Files (x86)\Acer\Care Center\LiveUpdateAgent.exe [2016-12-02] ()
Task: {3926A239-BEF9-4AF2-9283-FD495A0C3690} - System32\Tasks\Software Update Application => C:\ProgramData\OEM\UpgradeTool\ListCheck.exe [2016-12-02] (Acer Incorporated)
Task: {4810BDE9-2C1F-4477-B8E1-77C607EF7697} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2018-07-19] (NVIDIA Corporation)
Task: {69DE7578-29C6-499C-9130-D85C32836131} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2018-07-22] (Microsoft Corporation)
Task: {6D69D31F-E955-4081-A326-A8324AFFE34A} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2018-07-13] (Microsoft Corporation)
Task: {6DECEF48-8BCD-41AE-A5D8-589ACE3AAF33} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2018-07-19] (NVIDIA Corporation)
Task: {6E191465-B668-47F4-89BE-0342195F132A} - System32\Tasks\GameXPService Autoupdate => C:\Program Files (x86)\GameXPService\gamexpsvc.exe [2018-04-06] (NIKITA ONLINE)
Task: {73F54F33-C377-4962-9AD9-5B80E6EF181F} - System32\Tasks\FubToolByPLD => C:\OEM\Preload\FubTool\FubTool.exe [2015-05-14] ()
Task: {8121BC16-F461-43E5-8F92-89BD94FABA10} - System32\Tasks\Intel PTT EK Recertification => C:\Program Files\Intel\iCLS Client\IntelPTTEKRecertification.exe [2016-07-26] (Intel® Corporation)
Task: {9A0BD5D4-5E38-4789-9015-0966D68AF463} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2018-07-19] (NVIDIA Corporation)
Task: {9C1AB949-9869-40EE-A9B3-E6152BEC8F8F} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-03-21] (Adobe Systems Incorporated)
Task: {9DE27640-22E3-4152-9800-E3B17F5F6214} - System32\Tasks\Nvbackend_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
Task: {A64BDE5A-9EA0-4B21-9CC5-CDDA8BF2C103} - System32\Tasks\ACC => C:\Program Files (x86)\Acer\Care Center\LiveUpdateChecker.exe [2017-05-24] ()
Task: {AE42536E-339B-42AF-9D8D-B012ACB8A1A4} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018-07-22] (Microsoft Corporation)
Task: {BAC12D93-A810-4FF1-8C3A-0D451D02AD9A} - System32\Tasks\Microsoft\Office\OfficeOsfInstaller => C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\osfinstaller.exe [2018-07-22] (Microsoft Corporation)
Task: {BFB3CC13-C1AA-499A-A22D-1E2CFEB6FD11} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2018-07-19] (NVIDIA Corporation)
Task: {C1FD60C7-4B89-4547-B77E-EB00E009547E} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2018-07-19] (NVIDIA Corporation)
Task: {C8545DBC-B6E3-465B-BECD-8959B07B440C} - System32\Tasks\Microsoft\Windows\rempl\shell => C:\Program Files\rempl\sedlauncher.exe [2018-07-16] (Microsoft Corporation)
Task: {C991F6B1-6CAC-47F3-8257-948D3A8702DF} - System32\Tasks\RTSS => C:\Program Files (x86)\RivaTuner Statistics Server\RTSS.exe [2017-04-08] ()
Task: {D79930DF-04A3-48C0-A88B-D478552105AD} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2018-07-19] (NVIDIA Corporation)
Task: {E6217F8E-CE10-4355-BE68-9BD21DC1B34E} - System32\Tasks\Quick Access => C:\Program Files\Acer\Acer Quick Access\QALauncher.exe [2016-11-11] (Acer Incorporated)
Task: {EEE01AF5-92CE-45C8-819D-16C29A859AB2} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2018-07-22] (Microsoft Corporation)
Task: {F0A761D8-F839-4FAC-A19D-0EFD2DA345F8} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-07-19] (NVIDIA Corporation)
Task: {F81B4160-DD3B-4075-A34F-AC1250524385} - System32\Tasks\Power Button => C:\Program Files\Acer\Acer Quick Access\ePowerButton_NB.exe [2016-11-11] (Acer Incorporated)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============

2016-07-12 21:55 - 2016-07-12 21:55 - 001299952 _____ () C:\WINDOWS\system32\IntelSSTAPO\ParameterService\libxml2.dll
2018-05-21 20:59 - 2018-07-19 15:20 - 001314856 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
2018-05-03 11:50 - 2018-06-06 13:34 - 000278280 _____ () C:\Program Files\Bitdefender Antivirus Free\txmlutil.dll
2018-05-08 11:30 - 2018-05-08 11:30 - 000992704 _____ () C:\Program Files\Bitdefender Antivirus Free\Signatures\OTEngines\OTEngines_02639_001\ashttpbr.mdl
2018-05-08 11:30 - 2018-05-08 11:30 - 000543344 _____ () C:\Program Files\Bitdefender Antivirus Free\Signatures\OTEngines\OTEngines_02639_001\ashttpdsp.mdl
2018-05-08 11:30 - 2018-05-08 11:31 - 003228632 _____ () C:\Program Files\Bitdefender Antivirus Free\Signatures\OTEngines\OTEngines_02639_001\ashttpph.mdl
2018-05-08 11:30 - 2018-05-08 11:31 - 001527808 _____ () C:\Program Files\Bitdefender Antivirus Free\Signatures\OTEngines\OTEngines_02639_001\ashttprbl.mdl
2018-08-01 15:47 - 2018-06-18 13:32 - 002433744 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\SelfProtectionSdk.dll
2018-08-01 15:47 - 2018-07-03 12:59 - 002535120 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll
2017-09-29 08:41 - 2017-09-29 08:41 - 000184432 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2018-08-01 16:05 - 2018-07-30 12:41 - 000143056 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2016-10-20 17:55 - 2017-04-08 09:40 - 000428232 _____ () C:\Program Files (x86)\RivaTuner Statistics Server\RTSSHooks64.dll
2017-04-08 09:35 - 2017-04-08 09:35 - 000241152 _____ () C:\Program Files (x86)\RivaTuner Statistics Server\RTSS.exe
2018-03-18 12:27 - 2018-02-21 19:26 - 011044864 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2018-03-18 12:27 - 2018-02-21 19:21 - 001804288 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-04-08 09:35 - 2017-04-08 09:35 - 000027136 _____ () C:\Program Files (x86)\RivaTuner Statistics Server\EncoderServer.exe
2017-04-08 09:35 - 2017-04-08 09:35 - 000088576 _____ () C:\Program Files (x86)\RivaTuner Statistics Server\RTSSHooksLoader64.exe
2017-05-24 20:11 - 2017-05-24 20:11 - 004645168 _____ () C:\Program Files (x86)\Acer\Care Center\ACCStd.exe
2018-08-02 12:58 - 2018-08-02 13:01 - 000199168 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11807.1001.13.0_x64__8wekyb3d8bbwe\WinStore.Preview.dll
2018-08-02 12:58 - 2018-08-02 12:58 - 002447072 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11807.1001.13.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2018-08-02 12:58 - 2018-08-02 13:01 - 007814144 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11807.1001.13.0_x64__8wekyb3d8bbwe\WinStore.Entertainment.Mobile.dll
2016-08-30 02:19 - 2016-08-30 02:19 - 001243936 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\ACE.dll
2017-04-08 09:34 - 2017-04-08 09:34 - 000055808 _____ () C:\Program Files (x86)\RivaTuner Statistics Server\RTFC.dll
2017-04-08 09:35 - 2017-04-08 09:35 - 000353792 _____ () C:\Program Files (x86)\RivaTuner Statistics Server\RTUI.dll
2017-04-08 09:35 - 2017-04-08 09:35 - 000071680 _____ () C:\Program Files (x86)\RivaTuner Statistics Server\RTMUI.dll
2016-10-20 17:55 - 2017-04-08 09:40 - 000400072 _____ () C:\Program Files (x86)\RivaTuner Statistics Server\RTSSHooks.dll
2018-05-18 19:27 - 2018-07-19 15:19 - 001032744 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll
2017-07-13 20:04 - 2018-07-21 16:07 - 000854304 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2017-07-13 20:04 - 2016-08-31 20:02 - 004969248 _____ () C:\Program Files (x86)\Steam\v8.dll
2017-07-13 20:04 - 2018-08-01 18:37 - 002644768 _____ () C:\Program Files (x86)\Steam\video.dll
2017-07-13 20:04 - 2016-08-31 20:02 - 001563936 _____ () C:\Program Files (x86)\Steam\icui18n.dll
2017-07-13 20:04 - 2016-08-31 20:02 - 001195296 _____ () C:\Program Files (x86)\Steam\icuuc.dll
2017-12-14 20:08 - 2017-12-19 20:43 - 005137696 _____ () C:\Program Files (x86)\Steam\libavcodec-57.dll
2017-12-14 20:08 - 2017-12-19 20:43 - 000695584 _____ () C:\Program Files (x86)\Steam\libavformat-57.dll
2017-12-14 20:08 - 2017-12-19 20:43 - 000351520 _____ () C:\Program Files (x86)\Steam\libavresample-3.dll
2017-12-14 20:08 - 2017-12-19 20:43 - 000847136 _____ () C:\Program Files (x86)\Steam\libavutil-55.dll
2017-12-14 20:08 - 2017-12-19 20:43 - 000783648 _____ () C:\Program Files (x86)\Steam\libswscale-4.dll
2017-07-13 20:04 - 2018-08-01 18:37 - 001015072 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2017-07-13 20:04 - 2016-07-04 17:17 - 000266560 _____ () C:\Program Files (x86)\Steam\openvr_api.dll
2017-07-13 20:04 - 2018-08-01 18:37 - 005035296 _____ () C:\Program Files (x86)\Steam\bin\panorama\panorama.dll
2017-07-13 20:04 - 2018-08-01 18:37 - 000166176 _____ () C:\Program Files (x86)\Steam\bin\audio.dll
2017-07-13 20:04 - 2014-04-08 23:25 - 000071680 _____ () C:\Program Files (x86)\Steam\bin\mssmp3.asi
2017-07-13 20:04 - 2014-04-08 23:25 - 000153088 _____ () C:\Program Files (x86)\Steam\bin\mssvoice.asi
2017-07-13 20:05 - 2018-07-21 16:07 - 000854304 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.win7\SDL2.dll
2017-07-13 20:05 - 2018-07-20 17:24 - 083524896 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.win7\libcef.dll
2017-07-13 20:05 - 2018-07-20 17:24 - 003732256 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.win7\libglesv2.dll
2017-07-13 20:05 - 2018-07-20 17:24 - 000086304 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.win7\libegl.dll
2017-07-13 20:04 - 2018-07-03 16:58 - 000137504 _____ () C:\Program Files (x86)\Steam\winh264.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-2797589888-3889707670-1394007338-1001\...\sharepoint.com -> hxxps://mailmissouri-files.sharepoint.com

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2016-07-16 06:47 - 2016-07-16 06:45 - 000000824 _____ C:\WINDOWS\system32\Drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2797589888-3889707670-1394007338-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Isuru\AppData\Roaming\Mozilla\Firefox\Desktop Background.bmp
DNS Servers: 8.8.8.8 - 8.8.4.4
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

HKU\S-1-5-21-2797589888-3889707670-1394007338-1001\...\StartupApproved\Run: => "OneDrive"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [UDP Query User{39ABA7DB-FF23-4AD4-B426-3A749CE4C647}C:\program files (x86)\steam\steamapps\common\tekken 7\tekkengame\binaries\win64\tekkengame-win64-shipping.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\tekken 7\tekkengame\binaries\win64\tekkengame-win64-shipping.exe
FirewallRules: [TCP Query User{A9974A1F-92D7-40CD-8254-C4399FABEC4C}C:\program files (x86)\steam\steamapps\common\tekken 7\tekkengame\binaries\win64\tekkengame-win64-shipping.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\tekken 7\tekkengame\binaries\win64\tekkengame-win64-shipping.exe
FirewallRules: [{BF2A2D30-50FA-43A8-9144-6FA90F45990B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\TEKKEN 7\TEKKEN 7.exe
FirewallRules: [{16473A68-C9B0-43C8-A223-EA179C6D9007}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\TEKKEN 7\TEKKEN 7.exe
FirewallRules: [{D75524F6-95C0-46D3-9353-EF3664F3849D}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Tom Clancy's Splinter Cell\system\SplinterCell.exe
FirewallRules: [{328A023D-AB3E-4310-B7A7-1F5C0120E40D}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Tom Clancy's Splinter Cell\system\SplinterCell.exe
FirewallRules: [UDP Query User{CFF8E800-1B3E-44BA-953B-B076C4279F21}C:\program files (x86)\altitude\altitude.exe] => (Allow) C:\program files (x86)\altitude\altitude.exe
FirewallRules: [TCP Query User{12492354-18A8-4744-84C8-031446806D97}C:\program files (x86)\altitude\altitude.exe] => (Allow) C:\program files (x86)\altitude\altitude.exe
FirewallRules: [UDP Query User{122589E0-820C-48D9-BD41-056E651A86AD}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [TCP Query User{7A7272D3-F370-4329-981B-FC827463CA7A}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{14B1C0AD-371D-42B4-BE82-FB7240223DDC}] => (Allow) C:\Program Files (x86)\FlashIntegro\VideoEditor\Updater.exe
FirewallRules: [{2A314ABA-83A0-4E24-B6C7-6CC7C45028A8}] => (Allow) C:\Program Files (x86)\FlashIntegro\VideoEditor\Updater.exe
FirewallRules: [{6B09D8BF-C99C-4D64-8391-446205486A4D}] => (Allow) C:\Program Files (x86)\FlashIntegro\VideoEditor\Activation.exe
FirewallRules: [{4A03BD0B-8C59-4030-992C-27C35D42B9CA}] => (Allow) C:\Program Files (x86)\FlashIntegro\VideoEditor\Activation.exe
FirewallRules: [{33AE03DC-B258-465F-9465-D6DAD9DE0FD4}] => (Allow) C:\Program Files (x86)\FlashIntegro\VideoEditor\VideoEditor.exe
FirewallRules: [{0A767D39-E106-4173-AAD9-949BEFD4175C}] => (Allow) C:\Program Files (x86)\FlashIntegro\VideoEditor\VideoEditor.exe
FirewallRules: [{CA139321-324D-4475-A12E-1B854D6D2900}] => (Allow) C:\Program Files (x86)\qBittorrent\qbittorrent.exe
FirewallRules: [{09E74FD2-EA1C-4849-A465-7FAFBC1FC0C0}] => (Allow) C:\Program Files (x86)\qBittorrent\qbittorrent.exe
FirewallRules: [{1EFAE129-F5DA-485B-ACDF-F4F28BAD9C10}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\MountBlade Warband\mb_warband.exe
FirewallRules: [{99DE6F44-5BB9-4354-BC62-739CF82F8094}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\MountBlade Warband\mb_warband.exe
FirewallRules: [{44E3B44E-1F68-4F78-9EC3-444BA33FE2C5}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{3FA99FB8-29A8-4D4A-BAF0-B97EC4A80C9B}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{81A82674-AD70-4FE4-AA5D-08E8DA309461}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{685B5877-2FE4-46E3-A823-A8829E9E1F0E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{89E865B4-D445-47E7-8EC9-8A2A50951387}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{61DF010C-2C44-4C5E-8ABE-661C280AE448}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{E58CAACD-57C4-4901-B8B0-98AF892769D4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{024F91BA-1A51-41FE-A188-24A4561E269B}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12.exe
FirewallRules: [{568CD40D-8735-4C3F-B468-C656D90D759B}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe
FirewallRules: [{27E5FEF5-E865-4949-8629-F2B7B3151D9A}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe
FirewallRules: [{DC5AC932-11F5-4BE2-8F6B-7EF3AB98AA5E}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12Agent.exe
FirewallRules: [{2103A59C-F4DA-4346-89E6-4E4722BDD58E}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12ML.exe
FirewallRules: [{C004622B-F000-4C80-BBBD-2627AB3B06A1}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Movie\PowerDVD.exe
FirewallRules: [{4BBD114C-3B65-4CF9-ACAB-D8FB7BEDC796}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{D456916C-C1AB-44A2-A7B8-1584AD258860}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{76C00AC4-0E50-4B1C-8C6A-B4240B45DD6A}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{153F2218-44F6-4BC8-A3AB-96E90A0A0441}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{24F13EF9-DBE6-402C-8C30-11FC6679541F}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{8244CE38-3E59-4E1C-9393-65C94B54B22D}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [TCP Query User{36AB1622-D722-4D46-BEBA-69B4E921910B}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.129\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.129\deploy\leagueclient.exe
FirewallRules: [UDP Query User{66FC2AF9-0486-4978-983A-6DE9A9E8CDF6}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.129\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.129\deploy\leagueclient.exe
FirewallRules: [{724B2CCF-5E17-4E6B-ACF5-0E415F3EEB2F}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [TCP Query User{43DB61AB-340D-4E8A-A708-5032EC39247D}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.133\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.133\deploy\leagueclient.exe
FirewallRules: [UDP Query User{497E14EA-0F0E-4798-9A1D-4ED06253F68B}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.133\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.133\deploy\leagueclient.exe
FirewallRules: [TCP Query User{DDA7C1B1-B577-4564-82CD-455DFAF9955D}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.134\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.134\deploy\leagueclient.exe
FirewallRules: [UDP Query User{91C7BA28-4FF8-42C9-BC4E-CC8E8FFC5872}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.134\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.134\deploy\leagueclient.exe
FirewallRules: [TCP Query User{CB00C42F-7E63-4387-ABEB-6EB38721AA0E}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.137\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.137\deploy\leagueclient.exe
FirewallRules: [UDP Query User{C3E9201E-1660-4622-BB45-F70BB2620616}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.137\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.137\deploy\leagueclient.exe
FirewallRules: [{C69B80FE-DD19-439D-A8B1-9DBA32DD9658}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Get To The Orange Door\Get To The Orange Door.exe
FirewallRules: [{E94F1BF4-6B01-43D8-A082-CA2837FA30F1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Get To The Orange Door\Get To The Orange Door.exe
FirewallRules: [TCP Query User{90200858-9B5E-4BDC-8EBD-A6452BA2D991}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.138\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.138\deploy\leagueclient.exe
FirewallRules: [UDP Query User{9125964F-7F03-4934-8F77-321A5DB40FCE}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.138\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.138\deploy\leagueclient.exe
FirewallRules: [TCP Query User{E0562B86-1BC9-4B62-A4B1-49D48301830D}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.139\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.139\deploy\leagueclient.exe
FirewallRules: [UDP Query User{96E58551-18B4-4EE6-8EB7-93C25BE189AF}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.139\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.139\deploy\leagueclient.exe
FirewallRules: [TCP Query User{8C8BFFD6-62C9-4AC2-8D03-C855EFECFEA8}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.140\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.140\deploy\leagueclient.exe
FirewallRules: [UDP Query User{3BBDE269-55AA-4AB6-968F-1A26AE77A993}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.140\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.140\deploy\leagueclient.exe
FirewallRules: [TCP Query User{E55BA354-3CA6-46A8-8AFE-A1F21A2CA5B9}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.141\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.141\deploy\leagueclient.exe
FirewallRules: [UDP Query User{28FB5E97-F7DA-466E-8823-4E3927F685CF}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.141\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.141\deploy\leagueclient.exe
FirewallRules: [{D6469BB1-4465-49D5-98CD-F74055CFD0AB}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{8257C900-9AB3-4E19-8CA6-95B2BB0E377B}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{94F9019C-16B4-43EB-BAEC-C3FADA400BF9}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{7DEA024C-ABF9-4F96-99A8-DF4125C353D2}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [TCP Query User{773D37DA-9E60-4C87-8145-90FEE6C1CC23}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.141\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.141\deploy\leagueclient.exe
FirewallRules: [UDP Query User{4DB57F87-85CE-47CE-9A47-2FCC7B7B9978}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.141\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.141\deploy\leagueclient.exe
FirewallRules: [TCP Query User{990B83C1-E145-4CB6-9BAD-8D9921C2FA75}C:\program files (x86)\steam\steamapps\common\tekken 7\tekkengame\binaries\win64\tekkengame-win64-shipping.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\tekken 7\tekkengame\binaries\win64\tekkengame-win64-shipping.exe
FirewallRules: [UDP Query User{FDAAD3AE-5A4F-4F48-8A8E-5C018196F862}C:\program files (x86)\steam\steamapps\common\tekken 7\tekkengame\binaries\win64\tekkengame-win64-shipping.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\tekken 7\tekkengame\binaries\win64\tekkengame-win64-shipping.exe
FirewallRules: [{1C52DBDF-DC58-4917-8A63-EC370357A0A8}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{153D0EE0-AA18-4665-B88F-59B9B6AA307F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [TCP Query User{322A7683-FC40-4D30-B83E-8026023EA212}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.144\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.144\deploy\leagueclient.exe
FirewallRules: [UDP Query User{CE0F44DF-A2CA-4646-BBF6-40B1176470D8}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.144\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.144\deploy\leagueclient.exe
FirewallRules: [{A27318F8-F6D8-4470-B547-5F64BA0B9E21}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ShadowOfMordor\x64\ShadowOfMordor.exe
FirewallRules: [{1D3D468E-C3D6-452C-9F62-1BF44D04A440}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ShadowOfMordor\x64\ShadowOfMordor.exe
FirewallRules: [TCP Query User{EC073CDB-4599-456C-882F-FB1F48E1246D}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.149\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.149\deploy\leagueclient.exe
FirewallRules: [UDP Query User{F68B283E-B573-4A74-8888-67C02B07DD9E}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.149\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.149\deploy\leagueclient.exe
FirewallRules: [TCP Query User{EB66E311-27AE-4DF4-BF1D-A16DA3DFB799}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.150\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.150\deploy\leagueclient.exe
FirewallRules: [UDP Query User{DA357243-14BE-4C87-AA15-F60F659AD0CD}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.150\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.150\deploy\leagueclient.exe
FirewallRules: [TCP Query User{0E17EC66-A584-4DC0-B006-186B702C5EE7}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.151\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.151\deploy\leagueclient.exe
FirewallRules: [UDP Query User{A65F6550-6DDD-433E-80B6-48BCD57872C5}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.151\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.151\deploy\leagueclient.exe
FirewallRules: [{227EE285-93B1-43EB-9520-0F5E8F3A145B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dishonored\Binaries\Win32\Dishonored.exe
FirewallRules: [{44CC41E1-9460-4D42-9E0A-9FC2E9782051}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dishonored\Binaries\Win32\Dishonored.exe
FirewallRules: [TCP Query User{3FFAA798-CD0C-4F79-8A56-D7C939E9F255}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.154\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.154\deploy\leagueclient.exe
FirewallRules: [UDP Query User{B6A4ABE5-D5CC-4ED8-9487-C2636BCA2339}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.154\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.154\deploy\leagueclient.exe
FirewallRules: [{A143BFE7-5070-421B-8D9E-24F32242CE60}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\American Truck Simulator\bin\win_x64\amtrucks.exe
FirewallRules: [{000B182C-BBCE-4759-A216-635AF8ABBC61}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\American Truck Simulator\bin\win_x64\amtrucks.exe
FirewallRules: [TCP Query User{B7E97992-907B-45CD-B42B-B6C38DC857F4}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.155\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.155\deploy\leagueclient.exe
FirewallRules: [UDP Query User{CA75DED6-8849-4CAF-8C84-62506EA75B41}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.155\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.155\deploy\leagueclient.exe
FirewallRules: [TCP Query User{8B75FF8E-7570-4E15-B65A-FB5B3ABCE7B6}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.156\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.156\deploy\leagueclient.exe
FirewallRules: [UDP Query User{8103965B-D42C-4989-BD69-C2861F9BF14F}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.156\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.156\deploy\leagueclient.exe
FirewallRules: [{744A9821-8D3B-47DB-8D3C-CDB91725C23A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\MGS_TPP\mgsvtpp.exe
FirewallRules: [{03F3A7F3-DD5B-4553-A022-2DAFF46627B9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\MGS_TPP\mgsvtpp.exe
FirewallRules: [{B7776DEB-4590-47D7-BAA1-D49004B49DD4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\American Truck Simulator\bin\win_x64\amtrucks.exe
FirewallRules: [{C99D57C8-E180-44A5-9C3E-5EAD608012B1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\American Truck Simulator\bin\win_x64\amtrucks.exe
FirewallRules: [{945C6635-FF27-4D82-BCEE-068273E2BF1F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{6D2F7FA8-A35F-4F6B-ACDA-72A158A13465}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{8716D860-3CDA-4512-9A32-349C7CA4EB82}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{9A4E1BDF-821E-411D-8DC2-9EC667C8598A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe

==================== Restore Points =========================

02-08-2018 14:56:50 Windows Update
02-08-2018 14:57:07 Windows Update
02-08-2018 15:00:19 Restore Operation

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (08/02/2018 06:36:46 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: explorer.exe, version: 10.0.16299.402, time stamp: 0x67b5448f
Faulting module name: UIRibbon.dll, version: 10.0.16299.402, time stamp: 0x00b84383
Exception code: 0xc000041d
Fault offset: 0x0000000000004c2d
Faulting process id: 0x1c94
Faulting application start time: 0x01d42ab9ab104f1e
Faulting application path: C:\WINDOWS\explorer.exe
Faulting module path: C:\WINDOWS\system32\UIRibbon.dll
Report Id: 816a36b8-c655-44d8-9f22-6e8a5b41b196
Faulting package full name:
Faulting package-relative application ID:

Error: (08/02/2018 06:36:43 PM) (Source: Application Error) (EventID: 1005) (User: )
Description: Windows cannot access the file C:\Windows\System32\UIRibbon.dll for one of the following reasons:
there is a problem with the network connection, the disk that the file is stored on, or the storage
drivers installed on this computer; or the disk is missing.
Windows closed the program Windows Explorer because of this error.

Program: Windows Explorer
File: C:\Windows\System32\UIRibbon.dll

The error value is listed in the Additional Data section.
User Action
1. Open the file again.
This situation might be a temporary problem that corrects itself when the program runs again.
2.
If the file still cannot be accessed and
    - It is on the network,
your network administrator should verify that there is not a problem with the network and that the server can be contacted.
    - It is on a removable disk, for example, a floppy disk or CD-ROM, verify that the disk is fully inserted into the computer.
3. Check and repair the file system by running CHKDSK. To run CHKDSK, click Start, click Run, type CMD, and then click OK. At the command prompt, type CHKDSK /F, and then press ENTER.
4. If the problem persists, restore the file from a backup copy.
5. Determine whether other files on the same disk can be opened. If not, the disk might be damaged. If it is a hard disk, contact your administrator or computer hardware vendor for
further assistance.

Additional Data
Error value: C000009C
Disk type: 3

Error: (08/02/2018 06:36:43 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: explorer.exe, version: 10.0.16299.402, time stamp: 0x67b5448f
Faulting module name: UIRibbon.dll, version: 10.0.16299.402, time stamp: 0x00b84383
Exception code: 0xc0000006
Fault offset: 0x0000000000004c2d
Faulting process id: 0x1c94
Faulting application start time: 0x01d42ab9ab104f1e
Faulting application path: C:\WINDOWS\explorer.exe
Faulting module path: C:\WINDOWS\system32\UIRibbon.dll
Report Id: b663b597-6297-4fdf-99a7-638ee4dad5dd
Faulting package full name:
Faulting package-relative application ID:

Error: (08/02/2018 06:35:00 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: explorer.exe, version: 10.0.16299.402, time stamp: 0x67b5448f
Faulting module name: UIRibbon.dll, version: 10.0.16299.402, time stamp: 0x00b84383
Exception code: 0xc000041d
Fault offset: 0x0000000000004c2d
Faulting process id: 0x2d3c
Faulting application start time: 0x01d42ab96c5f2984
Faulting application path: C:\WINDOWS\explorer.exe
Faulting module path: C:\WINDOWS\system32\UIRibbon.dll
Report Id: 5f9c1a87-a4ca-4e46-ac77-4eff23503263
Faulting package full name:
Faulting package-relative application ID:

Error: (08/02/2018 06:34:58 PM) (Source: Application Error) (EventID: 1005) (User: )
Description: Windows cannot access the file C:\Windows\System32\UIRibbon.dll for one of the following reasons:
there is a problem with the network connection, the disk that the file is stored on, or the storage
drivers installed on this computer; or the disk is missing.
Windows closed the program Windows Explorer because of this error.

Program: Windows Explorer
File: C:\Windows\System32\UIRibbon.dll

The error value is listed in the Additional Data section.
User Action
1. Open the file again.
This situation might be a temporary problem that corrects itself when the program runs again.
2.
If the file still cannot be accessed and
    - It is on the network,
your network administrator should verify that there is not a problem with the network and that the server can be contacted.
    - It is on a removable disk, for example, a floppy disk or CD-ROM, verify that the disk is fully inserted into the computer.
3. Check and repair the file system by running CHKDSK. To run CHKDSK, click Start, click Run, type CMD, and then click OK. At the command prompt, type CHKDSK /F, and then press ENTER.
4. If the problem persists, restore the file from a backup copy.
5. Determine whether other files on the same disk can be opened. If not, the disk might be damaged. If it is a hard disk, contact your administrator or computer hardware vendor for
further assistance.

Additional Data
Error value: C000009C
Disk type: 3

Error: (08/02/2018 06:34:58 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: explorer.exe, version: 10.0.16299.402, time stamp: 0x67b5448f
Faulting module name: UIRibbon.dll, version: 10.0.16299.402, time stamp: 0x00b84383
Exception code: 0xc0000006
Fault offset: 0x0000000000004c2d
Faulting process id: 0x2d3c
Faulting application start time: 0x01d42ab96c5f2984
Faulting application path: C:\WINDOWS\explorer.exe
Faulting module path: C:\WINDOWS\system32\UIRibbon.dll
Report Id: f294b4ee-4f1a-4dfc-863a-f5417a70f624
Faulting package full name:
Faulting package-relative application ID:

Error: (08/02/2018 06:34:30 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: explorer.exe, version: 10.0.16299.402, time stamp: 0x67b5448f
Faulting module name: UIRibbon.dll, version: 10.0.16299.402, time stamp: 0x00b84383
Exception code: 0xc000041d
Fault offset: 0x0000000000004c2d
Faulting process id: 0x698
Faulting application start time: 0x01d42ab95a857fdb
Faulting application path: C:\WINDOWS\explorer.exe
Faulting module path: C:\WINDOWS\system32\UIRibbon.dll
Report Id: a740884b-44d2-4e87-b26a-0c21f1cbd08f
Faulting package full name:
Faulting package-relative application ID:

Error: (08/02/2018 06:34:28 PM) (Source: Application Error) (EventID: 1005) (User: )
Description: Windows cannot access the file C:\Windows\System32\UIRibbon.dll for one of the following reasons:
there is a problem with the network connection, the disk that the file is stored on, or the storage
drivers installed on this computer; or the disk is missing.
Windows closed the program Windows Explorer because of this error.

Program: Windows Explorer
File: C:\Windows\System32\UIRibbon.dll

The error value is listed in the Additional Data section.
User Action
1. Open the file again.
This situation might be a temporary problem that corrects itself when the program runs again.
2.
If the file still cannot be accessed and
    - It is on the network,
your network administrator should verify that there is not a problem with the network and that the server can be contacted.
    - It is on a removable disk, for example, a floppy disk or CD-ROM, verify that the disk is fully inserted into the computer.
3. Check and repair the file system by running CHKDSK. To run CHKDSK, click Start, click Run, type CMD, and then click OK. At the command prompt, type CHKDSK /F, and then press ENTER.
4. If the problem persists, restore the file from a backup copy.
5. Determine whether other files on the same disk can be opened. If not, the disk might be damaged. If it is a hard disk, contact your administrator or computer hardware vendor for
further assistance.

Additional Data
Error value: C000009C
Disk type: 3


System errors:
=============
Error: (08/02/2018 06:36:47 PM) (Source: Disk) (EventID: 7) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.

Error: (08/02/2018 06:36:47 PM) (Source: Disk) (EventID: 7) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.

Error: (08/02/2018 06:36:47 PM) (Source: Disk) (EventID: 7) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.

Error: (08/02/2018 06:36:47 PM) (Source: Disk) (EventID: 7) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.

Error: (08/02/2018 06:36:47 PM) (Source: Disk) (EventID: 7) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.

Error: (08/02/2018 06:36:47 PM) (Source: Disk) (EventID: 7) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.

Error: (08/02/2018 06:36:47 PM) (Source: Disk) (EventID: 7) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.

Error: (08/02/2018 06:36:47 PM) (Source: Disk) (EventID: 7) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.


CodeIntegrity:
===================================

Date: 2018-08-02 15:04:46.001
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Bitdefender Antivirus Free\vsservppl.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bitdefender Antivirus Free\agentctrl.exe that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2018-08-02 14:52:56.249
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Bitdefender Antivirus Free\vsservppl.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bitdefender Antivirus Free\agentctrl.exe that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2018-08-02 14:34:33.898
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Bitdefender Antivirus Free\vsservppl.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bitdefender Antivirus Free\agentctrl.exe that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2018-08-02 12:58:59.249
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Bitdefender Antivirus Free\vsservppl.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bitdefender Antivirus Free\agentctrl.exe that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2018-08-01 15:48:02.275
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

Date: 2018-08-01 15:48:02.273
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

Date: 2018-08-01 15:48:02.272
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

Date: 2018-08-01 15:48:02.272
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

==================== Memory info ===========================

Processor: Intel® Core™ i5-7200U CPU @ 2.50GHz
Percentage of memory in use: 56%
Total physical RAM: 8060.22 MB
Available physical RAM: 3505.51 MB
Total Virtual: 9916.22 MB
Available Virtual: 3801.43 MB

==================== Drives ================================

Drive c: (Windows) (Fixed) (Total:237.36 GB) (Free:28.19 GB) NTFS

\\?\Volume{5c91a6ff-61ce-4a7b-b975-101f3bb0f80d}\ (ESP) (Fixed) (Total:0.09 GB) (Free:0.05 GB) FAT32
\\?\Volume{0302dc3a-b125-47ef-af9f-4ed338403302}\ (Recovery) (Fixed) (Total:1 GB) (Free:0.6 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 238.5 GB) (Disk ID: 6820F6DD)

Partition: GPT.

==================== End of Addition.txt ============================


  • 0

Advertisements


#2
RKinner

RKinner

    Malware Expert

  • Expert
  • 21,172 posts
  • MVP
Error: (08/02/2018 06:36:47 PM) (Source: Disk) (EventID: 7) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.

 

 

 

Force Windows to run a disk check:

 

Open an elevated command prompt:

http://www.howtogeek...-in-windows-10/

(If you open an elevated Command Prompt properly it will say Administrator: Command Prompt in the margin at the top of the window)

Type:

chkdsk /f C:

Hit Enter.  Reboot if it tells you to.

 

 

If it doesn't require you to reboot do it anyway.

 

 

This is why it can't open files:

 

Description: Windows cannot access the file C:\Windows\System32\UIRibbon.dll for one of the following reasons:

 

 

 

So let's see if Windows can fix itself:

 

Once it reboots:

Open an elevated command prompt:

http://www.howtogeek...-in-windows-10/

(If you open an elevated Command Prompt properly it will say Administrator: Command Prompt in the margin at the top of the window)


Once you have an elevated command prompt:

Type:

 DISM  /Online  /Cleanup-Image  /RestoreHealth


 (I use two spaces so you can be sure to see where one space goes.)
Hit Enter.  This will take a while (10-20 minutes) to complete.  Once the prompt returns:

Reboot.  Open an elevated Command Prompt again and type (with an Enter after the line):

 

sfc  /scannow




This will also take a few minutes.  

When it finishes it will say one of the following:

Windows did not find any integrity violations (a good thing)
Windows Resource Protection found corrupt files and repaired them (a good thing)
Windows Resource Protection found corrupt files but was unable to fix some (or all) of them (not a good thing)

If you get the last result then type:

findstr  /c:"[SR]"  \windows\logs\cbs\cbs.log  >  %UserProfile%\desktop\junk.txt


Hit Enter.  Then type::
 

notepad %UserProfile%\desktop\junk.txt

Hit Enter.

 Copy the text from notepad and paste it into a reply.


After you finish SFC, regardless of the result:



1. Please download the Event Viewer Tool by Vino Rosso
http://images.malwar...om/vino/VEW.exe
and save it to your Desktop:
2. Right-click VEW.exe and Run AS Administrator
3. Under 'Select log to query', select:

* System
4. Under 'Select type to list', select:
* Error
* Warning


Then use the 'Number of events' as follows:


1. Click the radio button for 'Number of events'
Type 20 in the 1 to 20 box
Then click the Run button.
Notepad will open with the output log.


Please post the Output log in your next reply then repeat but select Application.  (Each time you run VEW it overwrites the log so copy the first one to a Reply or rename it before running it a second time.)

 

If it still won't open files and is still complaining about UIRibbon.dll then you can tell it not to use the file:

 

https://winaero.com/...ws-10-explorer/

 

You want the Ribbon Disabler not the garbage they recommend in the middle of the post.

 


  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP