Hi! My name is zep516 and Welcome to Geekstogo!
I'll do the best I can to resolve your computer issue
Please make sure to carefully read any instruction that I give you. If you're not sure, or if something unexpected happens, don't continue Stop and ask! Never be afraid to ask questions!
Everything gets download to the desktop and tools are "Run as administrator."
Please download Farbar Recovery Scan Tool and save it to your Desktop.
Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.
- Right click to run as administrator (XP users click run after receipt of Windows Security Warning - Open File). When the tool opens click Yes to disclaimer.
- Press Scan button.
- It will produce a log called FRST.txt in the same directory the tool is run from.
- Please copy and paste log back here.
- The first time the tool is run it generates another log (Addition.txt - also located in the same directory as FRST.exe/FRST64.exe). Please also paste that along with the FRST.txt into your reply.
This is everything that is in the FRST.txt file :
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 11-08-2016 01
Ran by Alex (administrator) on ALEXSPC (12-08-2016 23:31:42)
Running from C:\Users\Alex\Downloads
Loaded Profiles: Alex (Available Profiles: Alex)
Platform: Windows 10 Home Version 1511 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Advanced Micro Devices) C:\Program Files\AMD\{920DEC42-4CA5-4d1d-9487-67BE645CDDFC}\amdacpusrsvc.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\Bluestacks\HD-LogRotatorService.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe
() C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe
(Plays.tv, LLC) C:\Program Files (x86)\Raptr Inc\PlaysTV\plays_service.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(VertoAnalytics Oy) C:\Program Files (x86)\SmartApp\SmartAppMonitor.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.31.5\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.31.5\GoogleCrashHandler64.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Verto Analytics Inc) C:\Program Files (x86)\SmartApp\SmartApp.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\cnext.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(Valve Corporation) D:\Program Files\Steam.exe
(Razer Inc.) C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe
(Skillbrains) C:\Program Files (x86)\Skillbrains\lightshot\5.4.0.1\Lightshot.exe
(Corsair Components, Inc.) D:\Program Files\Corsair\Corsair Utility Engine\CorsairHID.exe
(Raptr, Inc) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe
(Valve Corporation) D:\Program Files\bin\steamwebhelper.exe
() C:\ProgramData\Razer\Synapse\RzStats\RzStats.Manager.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Raptr, Inc) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe
(Razer, Inc.) C:\Program Files (x86)\Razer\InGameEngine\32bit\RazerIngameEngine.exe
(Razer, Inc.) C:\Users\Alex\AppData\Local\Razer\InGameEngine\cache\RzStats.Manager\rzcefrenderprocess.exe
(Raptr Inc.) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_ep64.exe
(Microsoft Corporation) C:\Windows\HelpPane.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\Program Files\ATI Technologies\ATI.ACE\a4\AdaptiveSleepService.exe
(Microsoft Corporation) C:\Windows\System32\InstallAgent.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\Riot Games\League of Legends\RADS\system\rads_user_kernel.exe
() C:\Riot Games\League of Legends\RADS\projects\lol_launcher\releases\0.0.1.24\deploy\LoLLauncher.exe
() C:\Riot Games\League of Legends\RADS\projects\lol_patcher\releases\0.0.0.64\deploy\LoLPatcher.exe
() C:\Riot Games\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.211\deploy\LolClient.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Valve Corporation) D:\Program Files\bin\steamwebhelper.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [StartCN] => C:\Program Files\AMD\CNext\CNext\cnext.exe [4866760 2015-11-30] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [15033976 2015-11-20] (Logitech Inc.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Razer Synapse] => C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [596640 2016-07-07] (Razer Inc.)
HKLM-x32\...\Run: [Lightshot] => C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe [225944 2016-07-11] ()
HKLM-x32\...\Run: [PlaysTV] => C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv_launcher.exe [71440 2016-08-09] (Plays.tv, LLC)
HKLM-x32\...\Run: [Raptr] => C:\Program Files (x86)\Raptr Inc\Raptr\raptrstub.exe [58640 2016-08-04] (Raptr, Inc)
HKLM-x32\...\Run: [Corsair Utility Engine] => D:\Program Files\Corsair\Corsair Utility Engine\CorsairHID.exe [14885552 2016-03-23] (Corsair Components, Inc.)
HKU\S-1-5-21-482574108-2876646391-2450146034-1001\...\Run: [Steam] => D:\Program Files\steam.exe [2852128 2016-08-02] (Valve Corporation)
HKU\S-1-5-21-482574108-2876646391-2450146034-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [26424960 2016-06-29] (Skype Technologies S.A.)
HKU\S-1-5-21-482574108-2876646391-2450146034-1001\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\Bluestacks\HD-Agent.exe [970264 2016-07-04] (BlueStack Systems, Inc.)
HKU\S-1-5-21-482574108-2876646391-2450146034-1001\...\Run: [Discord] => C:\Users\Alex\AppData\Local\Discord\app-0.0.295\Discord.exe [62385336 2016-08-01] (Hammer & Chisel, Inc.)
HKU\S-1-5-21-482574108-2876646391-2450146034-1001\...\Run: [Uxbgmedia] => C:\Windows\SysWOW64\regsvr32.exe C:\Users\Alex\AppData\Local\YddrPack\sbciCprt54.dll
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
ProxyEnable: [S-1-5-21-482574108-2876646391-2450146034-1001] => Proxy is enabled.
ProxyServer: [S-1-5-21-482574108-2876646391-2450146034-1001] => http=127.0.0.1:64550;https=127.0.0.1:64550
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{19e1bb1a-4161-4c8e-b937-d7b1a33558e4}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{7c160b3a-5445-4256-9fc0-e44e6feddd46}: [NameServer] 173.244.211.97,8.8.8.8
ManualProxies:
Internet Explorer:
==================
SearchScopes: HKU\S-1-5-21-482574108-2876646391-2450146034-1001 -> DefaultScope {2f23ab71-4ac6-41f2-a955-ea576e553146} URL =
FireFox:
========
FF ProfilePath: C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\Profiles\xzezvwlb.default
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll [2013-05-13] ( Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-28] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-28] (Google Inc.)
FF Plugin HKU\S-1-5-21-482574108-2876646391-2450146034-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Alex\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2016-07-14] (Unity Technologies ApS)
FF Extension: All Aboard - C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\Profiles\xzezvwlb.default\Extensions\@all-aboard-v1 [2016-07-26]
Chrome:
=======
CHR HomePage: Default -> hxxp://mystart.incredibar.com/?a=6Oz8ZpUKl9&loc=skw
CHR StartupUrls: Default -> "","hxxp://mystart.incredibar.com/?a=6R9m9Z7cl4&i=26&loc=skw","hxxp://mysearch.avg.com?cid={EAC1DF63-03D4-4D08-AA9D-6884E1AF8A6D}&mid=115329c8301347d6a438b1a22fbcac4a-d47c504e3b45933e927aff2f306beaa1108f39d0&lang=en&ds=AVG&coid=avgtbavg&cmpid=&pr=pr&d=2013-09-26 19:46:02&v=18.0.5.292&pid=safeguard&sg=0&sap=hp","hxxp://mysearch.avg.com?cid={EAC1DF63-03D4-4D08-AA9D-6884E1AF8A6D}&mid=115329c8301347d6a438b1a22fbcac4a-d47c504e3b45933e927aff2f306beaa1108f39d0&lang=en&ds=AVG&coid=avgtbavg&cmpid=&pr=pr&d=2013-09-26 19:46:02&v=18.1.0.443&pid=safeguard&sg=0&sap=hp","hxxp://mysearch.avg.com?cid={EAC1DF63-03D4-4D08-AA9D-6884E1AF8A6D}&mid=115329c8301347d6a438b1a22fbcac4a-d47c504e3b45933e927aff2f306beaa1108f39d0&lang=en&ds=AVG&coid=avgtbavg&cmpid=&pr=pr&d=2013-09-26 19:46:02&v=18.1.5.512&pid=safeguard&sg=0&sap=hp","hxxp://mysearch.avg.com?cid={EAC1DF63-03D4-4D08-AA9D-6884E1AF8A6D}&mid=115329c8301347d6a438b1a22fbcac4a-d47c504e3b45933e927aff2f306beaa1108f39d0&lang=en&ds=AVG&coid=avgtbavg&cmpid=&pr=pr&d=2013-09-26 19:46:02&v=18.1.7.598&pid=safeguard&sg=0&sap=hp","hxxps://mysearch.avg.com?cid={EAC1DF63-03D4-4D08-AA9D-6884E1AF8A6D}&mid=115329c8301347d6a438b1a22fbcac4a-d47c504e3b45933e927aff2f306beaa1108f39d0&lang=en&ds=AVG&coid=avgtbavg&cmpid=&pr=pr&d=2013-09-26 19:46:02&v=18.1.9.786&pid=safeguard&sg=0&sap=hp","hxxps://mysearch.avg.com?cid={EAC1DF63-03D4-4D08-AA9D-6884E1AF8A6D}&mid=115329c8301347d6a438b1a22fbcac4a-d47c504e3b45933e927aff2f306beaa1108f39d0&lang=en&ds=AVG&coid=avgtbavg&cmpid=&pr=pr&d=2013-09-26 19:46:02&v=18.1.9.799&pid=safeguard&sg=0&sap=hp","hxxp://www.trovi.com/?gd=&ctid=CT3333887&octid=EB_ORIGINAL_CTID&ISID=ISID_ID&SearchSource=55&CUI=&UM=8&UP=SPDE37641D-D109-4BCC-9802-91C3E5978CAE&D=061215&SSPV="
CHR Profile: C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (BetterTTV) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajopnjidmegmdimjlfnijceegpefgped [2016-07-28]
CHR Extension: (Google Drive) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-06-23]
CHR Extension: (YouTube) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-06-23]
CHR Extension: (AdBlock) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-07-28]
CHR Extension: (KingsRoad) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbcbablgmkkdnioiekpgjfacejkfomlg [2016-06-23]
CHR Extension: (Reddit Enhancement Suite) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbmfpngjjgdllneeigpgjifpgocmfgmb [2016-06-23]
CHR Extension: (TwitchAlerts Stream Labels) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\kgmggmdngboajiakmbpdknfpdelbjbcg [2016-07-28]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-06-23]
CHR Extension: (Gmail) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-06-23]
CHR Extension: (Chrome Media Router) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-08-09]
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdaptiveSleepService; C:\Program Files\ATI Technologies\ATI.ACE\A4\AdaptiveSleepService.exe [138752 2015-11-30] () [File not signed]
R2 amdacpusrsvc; C:\Program Files\AMD\{920DEC42-4CA5-4d1d-9487-67BE645CDDFC}\amdacpusrsvc.exe [121856 2016-03-21] (Advanced Micro Devices) [File not signed]
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1362464 2016-07-11] ()
S3 BstHdAndroidSvc; C:\Program Files (x86)\Bluestacks\HD-Service.exe [441880 2016-07-04] (BlueStack Systems, Inc.)
R2 BstHdLogRotatorSvc; C:\Program Files (x86)\Bluestacks\HD-LogRotatorService.exe [421400 2016-07-04] (BlueStack Systems, Inc.)
S3 BstHdPlusAndroidSvc; C:\Program Files (x86)\Bluestacks\HD-Plus-Service.exe [458264 2016-07-04] (BlueStack Systems, Inc.)
R2 LogiRegistryService; C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe [193144 2015-11-20] (Logitech Inc.)
R2 PlaysService; C:\Program Files (x86)\Raptr Inc\PlaysTV\plays_service.exe [32528 2016-08-09] (Plays.tv, LLC)
R2 Razer Chroma SDK Service; C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe [69760 2016-06-19] (Razer Inc.)
R2 Razer Game Scanner Service; C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [188072 2015-11-04] ()
S3 VSStandardCollectorService140; D:\Program Files\Team Tools\DiagnosticsHub\Collector\StandardCollector.Service.exe [108776 2016-06-20] (Microsoft Corporation)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2016-07-01] (Microsoft Corporation)
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 amdacpksd; C:\WINDOWS\system32\drivers\amdacpksd.sys [305392 2016-04-05] (Advanced Micro Devices)
S0 amdkmafd; C:\Windows\System32\drivers\amdkmafd.sys [40720 2015-07-28] (Advanced Micro Devices, Inc.)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWT6.sys [111120 2016-03-01] (Advanced Micro Devices)
S3 BstHdDrv; C:\Program Files (x86)\Bluestacks\HD-Hypervisor-amd64.sys [152672 2016-07-04] (BlueStack Systems)
S3 BstkDrv; C:\Program Files (x86)\Bluestacks\BstkDrv.sys [270904 2016-07-04] (Bluestack System Inc. )
R3 CorsairVBusDriver; C:\Windows\System32\drivers\CorsairVBusDriver.sys [47840 2016-01-20] (Corsair)
R3 CorsairVHidDriver; C:\Windows\System32\drivers\CorsairVHidDriver.sys [21728 2016-01-20] (Corsair)
S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus.sys [129152 2016-04-25] (Samsung Electronics Co., Ltd.)
R2 LGCoreTemp; C:\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\lgcoretemp.sys [14184 2015-06-21] (Logitech)
R3 LGJoyXlCore; C:\Windows\system32\drivers\LGJoyXlCore.sys [68384 2015-06-10] (Logitech Inc.)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [129312 2014-09-30] (Intel Corporation)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [589824 2015-10-30] (Realtek )
S3 rzendpt; C:\Windows\System32\drivers\rzendpt.sys [50392 2015-08-13] (Razer Inc)
R2 rzpmgrk; C:\WINDOWS\system32\drivers\rzpmgrk.sys [37184 2015-09-22] (Razer, Inc.)
R2 rzpnk; C:\WINDOWS\system32\drivers\rzpnk.sys [130880 2015-12-14] (Razer, Inc.)
R3 SensorsSimulatorDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [216064 2015-10-30] (Microsoft Corporation)
S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [221824 2016-04-25] (Samsung Electronics Co., Ltd.)
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)
R3 XtuAcpiDriver; C:\Windows\System32\drivers\XtuAcpiDriver.sys [63840 2015-06-06] (Intel Corporation)
S3 C450CB54; \??\C:\ProgramData\00097215_tvn [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-08-12 23:31 - 2016-08-12 23:31 - 02393600 _____ (Farbar) C:\Users\Alex\Desktop\FRST64.exe
2016-08-12 23:31 - 2016-08-12 23:31 - 00016230 _____ C:\Users\Alex\Downloads\FRST.txt
2016-08-12 23:31 - 2016-08-12 23:31 - 00000000 ____D C:\FRST
2016-08-12 13:12 - 2016-08-12 13:12 - 00000000 ____D C:\Users\Alex\AppData\Roaming\HelloGames
2016-08-11 21:52 - 2016-08-11 21:52 - 00342617 _____ C:\Users\Alex\Downloads\SceneSwitcher.zip
2016-08-11 01:06 - 2016-08-11 01:06 - 00000000 ____D C:\Users\Alex\AppData\Local\ShooterGame
2016-08-10 15:45 - 2016-08-10 15:45 - 00798884 _____ C:\Users\Alex\Downloads\download (2).htm
2016-08-10 15:41 - 2016-08-10 15:41 - 00005018 _____ C:\Users\Alex\Downloads\OnlineBankingServlet.htm
2016-08-10 12:55 - 2016-08-10 12:55 - 00213611 _____ C:\Users\Alex\Downloads\order-details.htm
2016-08-10 12:45 - 2016-08-03 06:36 - 07469408 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-08-10 12:45 - 2016-08-03 06:36 - 00099680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2016-08-10 12:45 - 2016-08-03 06:30 - 00026408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2016-08-10 12:45 - 2016-08-03 06:23 - 00693600 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll
2016-08-10 12:45 - 2016-08-03 06:23 - 00115040 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupApi.dll
2016-08-10 12:45 - 2016-08-03 06:22 - 00808288 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2016-08-10 12:45 - 2016-08-03 06:22 - 00465248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2016-08-10 12:45 - 2016-08-03 06:22 - 00331616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2016-08-10 12:45 - 2016-08-03 06:21 - 03675512 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2016-08-10 12:45 - 2016-08-03 06:21 - 00566112 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2016-08-10 12:45 - 2016-08-03 06:20 - 01540224 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2016-08-10 12:45 - 2016-08-03 06:20 - 00692136 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppwinob.dll
2016-08-10 12:45 - 2016-08-03 06:19 - 00604928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2016-08-10 12:45 - 2016-08-03 06:19 - 00161632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2016-08-10 12:45 - 2016-08-03 06:13 - 01988448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2016-08-10 12:45 - 2016-08-03 06:13 - 00576864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2016-08-10 12:45 - 2016-08-03 06:13 - 00393056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2016-08-10 12:45 - 2016-08-03 05:51 - 00084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2016-08-10 12:45 - 2016-08-03 05:44 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2016-08-10 12:45 - 2016-08-03 05:44 - 00063488 _____ (Microsoft Corporation) C:\WINDOWS\system32\wshbth.dll
2016-08-10 12:45 - 2016-08-03 05:44 - 00044544 _____ (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll
2016-08-10 12:45 - 2016-08-03 05:43 - 16985088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2016-08-10 12:45 - 2016-08-03 05:41 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryClient.dll
2016-08-10 12:45 - 2016-08-03 05:41 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryBroker.dll
2016-08-10 12:45 - 2016-08-03 05:40 - 00058880 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2016-08-10 12:45 - 2016-08-03 05:40 - 00047616 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmTasks.dll
2016-08-10 12:45 - 2016-08-03 05:39 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2016-08-10 12:45 - 2016-08-03 05:39 - 00104448 _____ (Microsoft Corporation) C:\WINDOWS\system32\BluetoothApis.dll
2016-08-10 12:45 - 2016-08-03 05:38 - 00379392 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2016-08-10 12:45 - 2016-08-03 05:36 - 00211456 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll
2016-08-10 12:45 - 2016-08-03 05:36 - 00198144 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2016-08-10 12:45 - 2016-08-03 05:35 - 00200192 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFPlatform.dll
2016-08-10 12:45 - 2016-08-03 05:31 - 00247296 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtutil.exe
2016-08-10 12:45 - 2016-08-03 05:30 - 00515072 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
2016-08-10 12:45 - 2016-08-03 05:29 - 14252544 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2016-08-10 12:45 - 2016-08-03 05:29 - 01500160 _____ (Microsoft Corporation) C:\WINDOWS\system32\RecoveryDrive.exe
2016-08-10 12:45 - 2016-08-03 05:29 - 01387520 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2016-08-10 12:45 - 2016-08-03 05:28 - 01213440 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2016-08-10 12:45 - 2016-08-03 05:28 - 00848896 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2016-08-10 12:45 - 2016-08-03 05:27 - 07536640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2016-08-10 12:45 - 2016-08-03 05:27 - 01717760 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2016-08-10 12:45 - 2016-08-03 05:18 - 06974464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2016-08-10 12:45 - 2016-08-03 05:18 - 02067968 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2016-08-10 12:45 - 2016-08-03 05:18 - 01388032 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2016-08-10 12:45 - 2016-08-03 05:17 - 02175488 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2016-08-10 12:45 - 2016-08-03 05:16 - 05123072 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2016-08-10 12:45 - 2016-08-03 05:16 - 03589120 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-08-10 12:45 - 2016-08-03 05:16 - 02635776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2016-08-10 12:45 - 2016-08-03 05:16 - 01732096 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-08-10 12:45 - 2016-08-03 05:14 - 01997824 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncProvider.dll
2016-08-10 12:45 - 2016-08-03 05:13 - 03025920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-08-10 12:45 - 2016-08-03 05:13 - 02280960 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2016-08-10 12:45 - 2016-08-03 05:12 - 02746368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll
2016-08-10 12:45 - 2016-08-03 05:11 - 04171264 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2016-08-10 12:45 - 2016-08-03 01:52 - 00034088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wldp.dll
2016-08-10 12:45 - 2016-08-03 01:34 - 00501592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll
2016-08-10 12:45 - 2016-08-03 01:34 - 00084832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupApi.dll
2016-08-10 12:45 - 2016-08-03 01:33 - 00051128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsNativeApi.dll
2016-08-10 12:45 - 2016-08-03 01:31 - 02921368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2016-08-10 12:45 - 2016-08-03 01:31 - 00957608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2016-08-10 12:45 - 2016-08-03 01:31 - 00703840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2016-08-10 12:45 - 2016-08-03 01:30 - 21123320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2016-08-10 12:45 - 2016-08-03 00:57 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdlrecover.exe
2016-08-10 12:45 - 2016-08-03 00:48 - 00051712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wshbth.dll
2016-08-10 12:45 - 2016-08-03 00:47 - 13018112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2016-08-10 12:45 - 2016-08-03 00:44 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryClient.dll
2016-08-10 12:45 - 2016-08-03 00:44 - 00048128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryBroker.dll
2016-08-10 12:45 - 2016-08-03 00:42 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BluetoothApis.dll
2016-08-10 12:45 - 2016-08-03 00:37 - 00219136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEEventDispatcher.dll
2016-08-10 12:45 - 2016-08-03 00:35 - 00178688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wevtutil.exe
2016-08-10 12:45 - 2016-08-03 00:34 - 00792064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2016-08-10 12:45 - 2016-08-03 00:32 - 12585984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2016-08-10 12:45 - 2016-08-03 00:32 - 00434688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LogonController.dll
2016-08-10 12:45 - 2016-08-03 00:31 - 06743040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2016-08-10 12:45 - 2016-08-03 00:31 - 00705536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2016-08-10 12:45 - 2016-08-03 00:25 - 04078080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2016-08-10 12:45 - 2016-08-03 00:19 - 02180096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll
2016-08-10 12:44 - 2016-08-03 07:14 - 01505984 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2016-08-10 12:44 - 2016-08-03 07:14 - 00092352 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2016-08-10 12:44 - 2016-08-03 07:14 - 00050368 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2016-08-10 12:44 - 2016-08-03 06:36 - 00037744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wldp.dll
2016-08-10 12:44 - 2016-08-03 06:22 - 01322760 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2016-08-10 12:44 - 2016-08-03 06:22 - 00058408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsNativeApi.dll
2016-08-10 12:44 - 2016-08-03 06:21 - 22561256 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2016-08-10 12:44 - 2016-08-03 06:21 - 00303216 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppHost.exe
2016-08-10 12:44 - 2016-08-03 06:11 - 00422744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2016-08-10 12:44 - 2016-08-03 05:51 - 00123392 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdlrecover.exe
2016-08-10 12:44 - 2016-08-03 05:46 - 22384128 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-08-10 12:44 - 2016-08-03 05:40 - 00127488 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEDataLayerHelpers.dll
2016-08-10 12:44 - 2016-08-03 05:40 - 00091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\bthserv.dll
2016-08-10 12:44 - 2016-08-03 05:38 - 00412160 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2016-08-10 12:44 - 2016-08-03 05:37 - 00110080 _____ (Microsoft Corporation) C:\WINDOWS\system32\IdCtrls.dll
2016-08-10 12:44 - 2016-08-03 05:36 - 00221696 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2016-08-10 12:44 - 2016-08-03 05:35 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2016-08-10 12:44 - 2016-08-03 05:34 - 00383488 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2016-08-10 12:44 - 2016-08-03 05:33 - 00339968 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorService.dll
2016-08-10 12:44 - 2016-08-03 05:33 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEEventDispatcher.dll
2016-08-10 12:44 - 2016-08-03 05:31 - 00506880 _____ (Microsoft Corporation) C:\WINDOWS\system32\tileobjserver.dll
2016-08-10 12:44 - 2016-08-03 05:31 - 00359936 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsApi.dll
2016-08-10 12:44 - 2016-08-03 05:30 - 24613888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-08-10 12:44 - 2016-08-03 05:30 - 00970752 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2016-08-10 12:44 - 2016-08-03 05:29 - 02127360 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2016-08-10 12:44 - 2016-08-03 05:29 - 00784384 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2016-08-10 12:44 - 2016-08-03 05:28 - 00529920 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2016-08-10 12:44 - 2016-08-03 05:27 - 01752576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2016-08-10 12:44 - 2016-08-03 05:27 - 00381952 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2016-08-10 12:44 - 2016-08-03 05:20 - 13390336 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-08-10 12:44 - 2016-08-03 05:15 - 07833088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-08-10 12:44 - 2016-08-03 05:14 - 04895232 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-08-10 12:44 - 2016-08-03 01:30 - 00465760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2016-08-10 12:44 - 2016-08-03 01:30 - 00255168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppHost.exe
2016-08-10 12:44 - 2016-08-03 00:40 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IdCtrls.dll
2016-08-10 12:44 - 2016-08-03 00:39 - 19351040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-08-10 12:44 - 2016-08-03 00:37 - 00335872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2016-08-10 12:44 - 2016-08-03 00:35 - 00286208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsApi.dll
2016-08-10 12:44 - 2016-08-03 00:34 - 00400896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll
2016-08-10 12:44 - 2016-08-03 00:33 - 18677760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2016-08-10 12:44 - 2016-08-03 00:33 - 02050048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2016-08-10 12:44 - 2016-08-03 00:33 - 00687616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2016-08-10 12:44 - 2016-08-03 00:32 - 01526272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2016-08-10 12:44 - 2016-08-03 00:32 - 01467392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2016-08-10 12:44 - 2016-08-03 00:29 - 12133376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-08-10 12:44 - 2016-08-03 00:28 - 03663360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2016-08-10 12:44 - 2016-08-03 00:25 - 05323776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2016-08-10 12:44 - 2016-08-03 00:23 - 05660672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2016-08-10 12:44 - 2016-08-03 00:23 - 01799680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2016-08-10 12:44 - 2016-08-03 00:22 - 02501120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2016-08-10 12:44 - 2016-08-03 00:22 - 01502208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-08-10 12:44 - 2016-08-03 00:21 - 01708032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActiveSyncProvider.dll
2016-08-09 22:54 - 2016-08-09 22:54 - 00029951 _____ C:\Users\Alex\Downloads\theseemslegit.htm
2016-08-07 20:51 - 2016-08-07 20:51 - 04117216 _____ (Husdawg, LLC) C:\Users\Alex\Downloads\Detection (1).exe
2016-08-07 20:21 - 2016-08-07 20:21 - 00000000 ____D C:\Users\Alex\Desktop\Stream Lables
2016-08-07 20:20 - 2016-08-07 20:20 - 00002683 _____ C:\Users\Alex\Desktop\TwitchAlerts Stream Labels.lnk
2016-08-07 17:01 - 2016-08-07 17:01 - 00000000 ____D C:\Users\Alex\AppData\Roaming\Corsair
2016-08-07 17:01 - 2016-08-07 17:01 - 00000000 ____D C:\Users\Alex\AppData\Local\Corsair
2016-08-07 17:01 - 2016-08-07 17:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Corsair Utility Engine
2016-08-07 16:59 - 2016-08-07 16:59 - 61563797 _____ C:\Users\Alex\Downloads\Corsair-Utility-Engine-v1.16.42.zip
2016-08-06 23:45 - 2016-08-06 23:45 - 00000000 ____D C:\Users\Alex\AppData\Local\GMap.NET
2016-08-06 23:44 - 2016-08-06 23:45 - 04549415 _____ C:\Users\Alex\Downloads\MyGOBot (6).zip
2016-08-06 22:17 - 2016-08-06 22:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lightshot
2016-08-03 23:05 - 2016-08-03 23:05 - 00003328 _____ C:\WINDOWS\System32\Tasks\{48E24B94-D2FA-4A14-BC2B-C979A719A2B5}
2016-08-03 23:05 - 2016-08-03 23:05 - 00000000 ____D C:\Users\Alex\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bethesda.net Launcher
2016-08-03 23:04 - 2016-08-03 23:04 - 00000859 _____ C:\Users\Public\Desktop\Bethesda.net Launcher.lnk
2016-08-03 23:04 - 2016-08-03 23:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bethesda.net Launcher
2016-08-03 23:01 - 2016-08-03 23:01 - 04549415 _____ C:\Users\Alex\Downloads\MyGOBot (5).zip
2016-08-03 13:51 - 2016-08-03 13:51 - 00829601 _____ C:\Users\Alex\Downloads\download (1).htm
2016-08-03 12:04 - 2016-08-03 12:04 - 00000000 ____D C:\Users\Alex\AppData\LocalLow\Dire Wolf Digital
2016-08-03 11:59 - 2016-08-03 11:59 - 12895592 _____ (Bethesda Softworks ) C:\Users\Alex\Downloads\BethesdaNetLauncher_Setup (1).exe
2016-08-01 21:18 - 2016-08-12 23:18 - 00003386 _____ C:\WINDOWS\System32\Tasks\SmartAppMonitor
2016-08-01 21:18 - 2016-08-12 11:29 - 00004162 _____ C:\WINDOWS\System32\Tasks\SmartAppLiveUpdater
2016-08-01 21:12 - 2016-08-01 21:12 - 00000016 _____ C:\ProgramData\mntemp
2016-08-01 20:50 - 2016-08-01 20:51 - 12292096 _____ C:\Users\Alex\Downloads\SmartApp (2).msi
2016-07-31 19:46 - 2016-07-31 19:46 - 02223881 _____ C:\Users\Alex\Downloads\MyGOBot (4).zip
2016-07-30 23:03 - 2016-07-30 23:03 - 02223152 _____ C:\Users\Alex\Downloads\MyGOBot (3).zip
2016-07-29 13:11 - 2016-07-29 13:11 - 00001207 _____ C:\Users\Public\Desktop\Diablo III.lnk
2016-07-29 13:11 - 2016-07-29 13:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Diablo III
2016-07-29 12:35 - 2016-07-29 12:35 - 12292096 _____ C:\Users\Alex\Downloads\SmartApp (1).msi
2016-07-29 12:30 - 2016-08-03 00:59 - 00000000 ____D C:\Program Files (x86)\Diablo III
2016-07-29 12:09 - 2016-07-29 12:09 - 02222638 _____ C:\Users\Alex\Downloads\MyGOBot (2).zip
2016-07-29 00:46 - 2016-07-29 01:02 - 00000000 ____D C:\Users\Alex\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GitHub, Inc
2016-07-29 00:46 - 2016-07-29 01:02 - 00000000 ____D C:\Users\Alex\AppData\Local\pokemon
2016-07-29 00:46 - 2016-07-29 00:46 - 80835584 _____ (Mike Christopher) C:\Users\Alex\Downloads\PokemonGoMap-Win.exe
2016-07-29 00:46 - 2016-07-29 00:46 - 00000000 ____D C:\Users\Alex\AppData\Roaming\pokemon-go-map
2016-07-29 00:43 - 2016-08-06 23:45 - 00000000 ____D C:\Users\Alex\Desktop\POKEMON GO BOT
2016-07-29 00:43 - 2016-07-29 00:43 - 02221516 _____ C:\Users\Alex\Downloads\MyGOBot (1).zip
2016-07-27 23:30 - 2016-07-27 23:30 - 04174238 _____ C:\Users\Alex\Downloads\MyGOBot.zip
2016-07-27 23:30 - 2016-07-27 23:30 - 00000000 ____D C:\Users\Alex\GO Bot
2016-07-27 22:59 - 2016-07-27 22:59 - 00000000 ____D C:\Users\Alex\AppData\Local\ActiveSync
2016-07-27 14:22 - 2016-07-27 14:22 - 00000000 ____D C:\Users\Alex\AppData\LocalLow\Unity
2016-07-27 14:22 - 2016-07-27 14:22 - 00000000 ____D C:\Users\Alex\AppData\Local\Unity
2016-07-27 14:22 - 2016-07-27 14:22 - 00000000 ____D C:\Users\Alex\AppData\Local\Deployment
2016-07-27 14:22 - 2016-07-27 14:22 - 00000000 ____D C:\Users\Alex\AppData\Local\Apps\2.0
2016-07-27 14:02 - 2016-08-11 23:24 - 00000000 ____D C:\Users\Alex\AppData\Local\Battle.net
2016-07-27 14:00 - 2016-07-27 14:04 - 00000000 ____D C:\Users\Alex\AppData\Roaming\Battle.net
2016-07-27 13:59 - 2016-07-27 14:00 - 03012080 _____ (Blizzard Entertainment) C:\Users\Alex\Downloads\Battle.net-Setup (2).exe
2016-07-27 02:24 - 2016-07-27 02:24 - 00000000 ____D C:\Users\Alex\Documents\LoLReplay2
2016-07-27 02:22 - 2016-07-27 02:22 - 00000000 ____D C:\dev
2016-07-27 02:19 - 2016-07-27 02:19 - 28037582 _____ (Aequus Gaming Ltd. ) C:\Users\Alex\Downloads\LSI - LoL Summoner Information (v4.15.0) Setup.exe
2016-07-27 02:18 - 2016-07-27 02:18 - 00000000 ____D C:\Users\Alex\AppData\Local\GlimpseGame
2016-07-26 15:49 - 2016-07-26 15:49 - 00001979 _____ C:\Users\Alex\AppData\Roaming\SpeedRunnersLog.txt
2016-07-26 15:49 - 2016-07-26 15:49 - 00000000 ____D C:\Users\Alex\Documents\SavedGames
2016-07-26 15:49 - 2016-07-26 15:49 - 00000000 ____D C:\Program Files (x86)\Microsoft XNA
2016-07-26 15:25 - 2016-07-26 15:25 - 00000000 ____D C:\Users\Alex\AppData\Local\Mozilla
2016-07-26 15:17 - 2016-07-26 15:18 - 48521840 _____ C:\Users\Alex\Downloads\Firefox Setup 47.0.1.exe
2016-07-26 13:27 - 2016-07-26 13:29 - 00000000 ____D C:\Users\Alex\AppData\Local\PAYDAY 2
2016-07-26 13:27 - 2016-07-26 13:27 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2016-07-26 13:27 - 2016-07-26 13:27 - 00000000 ____D C:\Program Files (x86)\AGEIA Technologies
2016-07-26 12:43 - 2016-07-26 12:43 - 03970746 _____ C:\Users\Alex\Downloads\Battle.net-Agent-PC-Standalone.zip
2016-07-26 02:20 - 2016-07-26 02:20 - 00281380 _____ C:\WINDOWS\Minidump\072616-5390-01.dmp
2016-07-25 12:07 - 2016-07-25 12:07 - 00000000 ____D C:\Users\Alex\AppData\Local\My Games
2016-07-24 00:34 - 2016-07-24 00:34 - 00000000 ____D C:\Users\Alex\AppData\LocalLow\BlackLight Interactive
2016-07-23 23:50 - 2016-07-23 23:50 - 00022080 _____ C:\Users\Alex\Downloads\search.htm
2016-07-22 23:21 - 2016-07-22 23:21 - 00000000 ____D C:\Users\Alex\AppData\Roaming\11bitstudios
2016-07-22 13:53 - 2016-07-22 13:53 - 00000000 ____D C:\Users\Alex\AppData\Roaming\MMFApplications
2016-07-22 13:51 - 2016-07-22 14:55 - 00000000 ____D C:\Users\Alex\Documents\The Escapists
2016-07-22 12:00 - 2016-07-22 12:00 - 00000000 ____D C:\Users\Alex\AppData\Roaming\.mono
2016-07-22 12:00 - 2016-07-22 12:00 - 00000000 ____D C:\Users\Alex\AppData\LocalLow\Blizzard Entertainment
2016-07-22 12:00 - 2016-07-22 12:00 - 00000000 ____D C:\Users\Alex\AppData\Local\Blizzard
2016-07-22 12:00 - 2016-07-22 12:00 - 00000000 ____D C:\ProgramData\.mono
2016-07-22 00:40 - 2016-07-22 00:40 - 00000000 ____D C:\Users\Alex\Documents\FreeReign
2016-07-22 00:40 - 2016-07-22 00:40 - 00000000 ____D C:\Users\Alex\AppData\Local\FreeReign
2016-07-21 22:43 - 2016-07-21 22:44 - 00116154 _____ C:\Users\Alex\Downloads\adventure-rpg-games.htm
2016-07-20 16:30 - 2016-07-20 16:30 - 00500970 _____ C:\Users\Alex\Downloads\UCTILqOrnngHKgCono1R5bPw.htm
2016-07-20 15:17 - 2016-07-20 15:17 - 00003374 _____ C:\WINDOWS\System32\Tasks\{17D16A22-F131-4CD9-BBED-207B24FE040B}
2016-07-20 14:13 - 2016-08-03 23:03 - 00000000 ____D C:\Program Files\Rockstar Games
2016-07-20 14:13 - 2016-08-03 23:03 - 00000000 ____D C:\Program Files (x86)\Rockstar Games
2016-07-20 14:13 - 2016-07-20 14:13 - 00000000 ____D C:\Users\Alex\Documents\Rockstar Games
2016-07-20 14:13 - 2016-07-20 14:13 - 00000000 ____D C:\Users\Alex\AppData\Local\Rockstar Games
2016-07-20 11:57 - 2016-07-20 11:57 - 00003316 _____ C:\WINDOWS\System32\Tasks\{0AADCEBB-B6A9-43C6-A896-CE3BB8DF55B7}
2016-07-19 15:29 - 2016-07-19 15:30 - 00000000 ____D C:\Users\Alex\AppData\Local\Bethesda.net Launcher
2016-07-19 15:28 - 2016-07-19 15:28 - 07493336 _____ (Bethesda Softworks ) C:\Users\Alex\Downloads\BethesdaNetLauncher_Setup.exe
2016-07-18 20:16 - 2016-07-21 19:47 - 00000000 ____D C:\Users\Alex\AppData\Local\YddrPack
2016-07-18 20:16 - 2016-07-21 19:47 - 00000000 ____D C:\Users\Alex\AppData\Local\Oqdlics
2016-07-18 19:45 - 2016-07-18 19:46 - 00000000 ____D C:\Users\Alex\AppData\Roaming\FiraxisLive
2016-07-18 19:45 - 2016-07-18 19:45 - 00000000 ____D C:\Users\Alex\AppData\Roaming\Steam
2016-07-18 01:23 - 2016-07-18 01:23 - 00001260 _____ C:\Users\Alex\Desktop\pokemon go list.txt
2016-07-18 00:47 - 2016-07-18 00:47 - 00101723 _____ C:\Users\Alex\Downloads\205CDE55414BE81FE27F9E3EC3D7E28802B5BF4F.torrent
2016-07-18 00:44 - 2016-07-18 23:23 - 00000000 ____D C:\Users\Alex\AppData\LocalLow\BitTorrent
2016-07-17 23:34 - 2016-07-17 23:35 - 00000000 ____D C:\Users\Alex\Documents\Twitch Alerts
2016-07-17 19:40 - 2016-07-19 11:51 - 00002697 _____ C:\Users\Alex\Desktop\BitTorrent.lnk
2016-07-17 19:39 - 2016-07-18 23:23 - 00000000 ____D C:\Users\Alex\AppData\Roaming\BitTorrent
2016-07-17 19:39 - 2016-07-17 19:39 - 01972232 _____ (BitTorrent Inc.) C:\Users\Alex\Downloads\BitTorrent.exe
2016-07-16 11:17 - 2016-08-10 23:20 - 00000000 ___HD C:\$WINDOWS.~BT
2016-07-15 15:32 - 2016-07-15 15:32 - 00000000 ____D C:\Users\Alex\AppData\Roaming\NCSOFT
2016-07-15 15:32 - 2016-07-15 15:32 - 00000000 ____D C:\Users\Alex\AppData\Local\NCSOFT
2016-07-14 16:23 - 2016-07-14 16:23 - 00029696 _____ C:\Users\Alex\AppData\Roaming\SetCursor.dll
2016-07-13 01:19 - 2016-08-02 23:50 - 00002228 _____ C:\Users\Alex\Desktop\Discord.lnk
2016-07-13 01:19 - 2016-08-02 23:50 - 00000000 ____D C:\Users\Alex\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Hammer & Chisel, Inc
2016-07-13 01:19 - 2016-08-02 23:50 - 00000000 ____D C:\Users\Alex\AppData\Roaming\discord
2016-07-13 01:19 - 2016-08-02 23:50 - 00000000 ____D C:\Users\Alex\AppData\Local\Discord
2016-07-13 01:19 - 2016-07-29 00:46 - 00000000 ____D C:\Users\Alex\AppData\Local\SquirrelTemp
2016-07-13 01:18 - 2016-07-13 01:19 - 48565944 _____ (Hammer & Chisel, Inc.) C:\Users\Alex\Downloads\DiscordSetup.exe
2016-07-13 00:12 - 2016-07-13 00:12 - 60876068 _____ C:\Users\Alex\Downloads\Pok--mon GO_v0.29.0_apkpure.com (1).apk
2016-07-13 00:03 - 2016-07-13 00:03 - 01065671 _____ C:\Users\Alex\Downloads\com.incorporateapps.fakegps.v4.6-GlobalAPK.Co.apk
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-08-12 23:30 - 2015-10-30 03:24 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-08-12 23:29 - 2015-10-30 03:24 - 00000000 ___HD C:\Program Files\WindowsApps
2016-08-12 23:23 - 2016-06-23 00:01 - 00929278 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-08-12 23:23 - 2015-10-30 03:21 - 00000000 ____D C:\WINDOWS\INF
2016-08-12 23:21 - 2016-06-28 20:51 - 00004148 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{F3E06FFA-49C9-4D08-97C5-82290B18C47C}
2016-08-12 23:18 - 2016-06-23 00:03 - 00000918 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-08-12 23:18 - 2016-02-13 09:14 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-08-12 16:38 - 2016-06-22 23:55 - 00065536 _____ C:\WINDOWS\system32\spu_storage.bin
2016-08-12 16:38 - 2015-10-30 02:28 - 00524288 ___SH C:\WINDOWS\system32\config\BBI
2016-08-12 16:18 - 2016-06-23 00:03 - 00000922 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-08-12 15:17 - 2016-06-23 01:12 - 00000402 _____ C:\WINDOWS\Tasks\update-sys.job
2016-08-12 14:25 - 2016-06-23 01:12 - 00000402 _____ C:\WINDOWS\Tasks\update-S-1-5-21-482574108-2876646391-2450146034-1001.job
2016-08-12 13:46 - 2016-06-23 01:19 - 00000000 ____D C:\Users\Alex\AppData\Roaming\OBS
2016-08-12 11:29 - 2016-06-22 22:38 - 00000000 ____D C:\Users\Alex\AppData\Roaming\PlaysTV
2016-08-12 11:29 - 2016-06-22 22:33 - 00000000 ____D C:\Users\Alex\AppData\Roaming\Raptr
2016-08-12 00:57 - 2016-06-22 23:56 - 00000000 ____D C:\Users\Alex
2016-08-12 00:04 - 2016-06-27 11:46 - 00000000 ____D C:\Users\Alex\AppData\Roaming\Skype
2016-08-11 23:24 - 2016-06-22 22:27 - 00000000 ____D C:\Program Files (x86)\Battle.net
2016-08-11 20:52 - 2016-06-27 11:46 - 00000000 ___RD C:\Program Files (x86)\Skype
2016-08-11 20:52 - 2016-06-27 11:46 - 00000000 ____D C:\ProgramData\Skype
2016-08-11 18:13 - 2016-06-29 22:14 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 11.0
2016-08-11 18:13 - 2016-06-29 22:08 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 12.0
2016-08-10 23:21 - 2016-06-22 23:55 - 00000000 ___DC C:\WINDOWS\Panther
2016-08-10 23:01 - 2016-02-13 09:20 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-08-10 16:57 - 2016-02-13 09:03 - 00000000 ____D C:\Program Files\Windows Journal
2016-08-10 16:57 - 2015-10-30 03:24 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2016-08-10 16:57 - 2015-10-30 03:24 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-08-10 16:43 - 2016-06-23 00:03 - 00000000 ____D C:\Program Files (x86)\Overwatch
2016-08-10 15:58 - 2016-06-24 09:46 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-08-10 15:58 - 2015-10-30 03:24 - 00000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2016-08-10 15:58 - 2015-10-30 03:11 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-08-10 15:56 - 2016-06-24 09:46 - 147640136 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-08-10 12:44 - 2016-06-23 00:05 - 00000000 ____D C:\Users\Alex\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps
2016-08-09 15:08 - 2016-07-11 21:48 - 00000000 ____D C:\Program Files (x86)\Heroes of the Storm
2016-08-09 01:20 - 2016-06-22 22:30 - 00000000 ____D C:\Users\Alex\AppData\Local\Blizzard Entertainment
2016-08-09 01:20 - 2016-06-22 22:29 - 00000000 ____D C:\ProgramData\Blizzard Entertainment
2016-08-08 20:18 - 2016-06-23 00:04 - 00002272 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-08-08 20:18 - 2016-06-23 00:04 - 00002260 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-08-06 22:17 - 2016-06-23 01:12 - 00003388 _____ C:\WINDOWS\System32\Tasks\update-S-1-5-21-482574108-2876646391-2450146034-1001
2016-08-06 22:17 - 2016-06-23 01:12 - 00000424 _____ C:\Users\Alex\AppData\Local\UserProducts.xml
2016-08-03 23:00 - 2016-06-22 23:59 - 00000000 ____D C:\Users\Alex\AppData\Local\Packages
2016-08-01 21:20 - 2016-06-27 11:34 - 00000000 ____D C:\Program Files (x86)\SmartApp
2016-08-01 21:16 - 2016-02-13 09:11 - 00194200 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-07-30 01:17 - 2016-06-22 23:55 - 00000000 ____D C:\ProgramData\Package Cache
2016-07-29 12:28 - 2016-06-23 01:19 - 00000000 ____D C:\Program Files (x86)\OBS
2016-07-29 12:10 - 2016-06-24 09:19 - 00000000 ____D C:\ProgramData\BlueStacksSetup
2016-07-28 20:13 - 2016-06-23 00:03 - 00003980 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2016-07-28 20:13 - 2016-06-23 00:03 - 00003748 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2016-07-27 15:25 - 2016-06-24 00:00 - 00504488 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2016-07-27 02:18 - 2016-06-25 12:41 - 00000000 ____D C:\Users\Alex\AppData\Local\UnrealEngine
2016-07-26 15:25 - 2016-06-24 09:19 - 00000000 ____D C:\Users\Alex\AppData\Roaming\Mozilla
2016-07-26 02:31 - 2016-06-22 23:53 - 00000000 ____D C:\Windows.old
2016-07-26 02:20 - 2016-06-22 23:57 - 951927914 _____ C:\WINDOWS\MEMORY.DMP
2016-07-26 02:20 - 2016-06-22 23:57 - 00000000 ____D C:\WINDOWS\Minidump
2016-07-25 12:07 - 2015-12-15 05:32 - 00000000 ____D C:\Users\Alex\Documents\My Games
2016-07-21 19:47 - 2015-10-30 03:24 - 00000000 ____D C:\WINDOWS\Help
2016-07-21 19:40 - 2016-06-23 00:09 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2016-07-20 15:57 - 2016-07-09 19:26 - 00000000 ____D C:\Users\Alex\AppData\Local\ElevatedDiagnostics
2016-07-20 14:15 - 2016-06-23 00:00 - 00000000 ____D C:\Users\Alex\AppData\Local\AMD
2016-07-20 12:02 - 2016-07-09 23:05 - 00000000 ____D C:\Users\Alex\AppData\Roaming\.minecraft
2016-07-19 23:36 - 2015-10-30 03:24 - 00000000 ____D C:\WINDOWS\Web
2016-07-19 11:53 - 2016-06-27 11:34 - 00000000 ____D C:\Users\Alex\AppData\Local\VertoAnalytics
2016-07-19 11:51 - 2016-07-12 23:50 - 00000840 _____ C:\Users\Public\Desktop\BlueStacks.lnk
2016-07-19 11:51 - 2016-07-12 23:50 - 00000840 _____ C:\ProgramData\Microsoft\Windows\Start Menu\BlueStacks.lnk
2016-07-19 11:51 - 2016-07-09 23:05 - 00001024 _____ C:\Users\Public\Desktop\Minecraft.lnk
2016-07-19 11:51 - 2016-06-29 22:08 - 00000947 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Blend for Visual Studio 2015.lnk
2016-07-19 11:51 - 2016-06-29 22:07 - 00000954 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visual Studio 2015.lnk
2016-07-19 11:51 - 2016-06-27 11:46 - 00002634 _____ C:\Users\Public\Desktop\Skype.lnk
2016-07-19 11:51 - 2016-06-23 01:19 - 00001004 _____ C:\Users\Alex\Desktop\Open Broadcaster Software.lnk
2016-07-19 11:51 - 2016-06-23 01:19 - 00000612 _____ C:\Users\Public\Desktop\Steam.lnk
2016-07-19 11:51 - 2016-06-23 00:08 - 00000827 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2016-07-19 11:51 - 2016-06-23 00:05 - 00001219 _____ C:\Users\Alex\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CNext.lnk
2016-07-19 11:51 - 2016-06-23 00:00 - 00002358 _____ C:\Users\Alex\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2016-07-19 11:51 - 2016-06-22 22:38 - 00002086 _____ C:\Users\Public\Desktop\Raptr.lnk
2016-07-19 11:51 - 2015-12-15 06:44 - 00002761 _____ C:\Users\Public\Desktop\GIGABYTE OC_GURU.lnk
2016-07-19 11:51 - 2015-12-12 16:25 - 00001252 _____ C:\Users\Public\Desktop\Heroes of the Storm.lnk
2016-07-19 11:51 - 2015-12-12 16:22 - 00001579 _____ C:\Users\Public\Desktop\League of Legends.lnk
2016-07-17 20:46 - 2015-10-30 03:24 - 00000000 ____D C:\WINDOWS\rescache
2016-07-16 18:21 - 2016-06-22 22:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Gaming Evolved
2016-07-16 00:21 - 2016-01-19 20:52 - 00000000 ____D C:\Users\Alex\Documents\NCSOFT
2016-07-15 01:37 - 2015-10-30 03:24 - 00000000 ___RD C:\WINDOWS\PrintDialog
2016-07-15 01:37 - 2015-10-30 03:24 - 00000000 ___RD C:\WINDOWS\DevicesFlow
2016-07-15 01:37 - 2015-10-30 03:24 - 00000000 ____D C:\WINDOWS\system32\oobe
2016-07-15 01:37 - 2015-10-30 03:24 - 00000000 ____D C:\WINDOWS\Provisioning
2016-07-15 01:37 - 2015-10-30 03:24 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2016-07-15 01:37 - 2015-10-30 03:24 - 00000000 ____D C:\WINDOWS\bcastdvr
2016-07-15 01:37 - 2015-10-30 03:24 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2016-07-15 01:37 - 2015-10-30 03:24 - 00000000 ____D C:\Program Files\Windows Defender
2016-07-15 01:37 - 2015-10-30 03:24 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2016-07-15 01:37 - 2015-10-30 03:24 - 00000000 ____D C:\Program Files (x86)\Windows Defender
==================== Files in the root of some directories =======
2016-06-17 02:54 - 2016-06-17 02:54 - 0000217 _____ () C:\Users\Alex\AppData\Roaming\10-unhinted.conf
2016-06-17 02:54 - 2016-06-17 02:54 - 0000524 _____ () C:\Users\Alex\AppData\Roaming\159 dk orange bl 1.ADO
2016-06-17 02:54 - 2016-06-17 02:54 - 0000303 _____ () C:\Users\Alex\AppData\Roaming\3.png
2016-06-17 02:54 - 2016-06-17 02:54 - 0001283 _____ () C:\Users\Alex\AppData\Roaming\404-1.htm
2016-06-17 02:54 - 2016-06-17 02:54 - 0004365 _____ () C:\Users\Alex\AppData\Roaming\Adobe-CNS1-4
2016-06-26 13:35 - 2016-06-26 13:35 - 6870016 _____ () C:\Users\Alex\AppData\Roaming\agent.dat
2016-06-17 02:54 - 2016-06-17 02:54 - 0002190 _____ () C:\Users\Alex\AppData\Roaming\annotation.css.xml
2016-06-17 02:54 - 2016-06-17 02:54 - 0000379 _____ () C:\Users\Alex\AppData\Roaming\AsapiLoggerConfig.xml
2016-06-17 02:53 - 2016-06-17 02:53 - 0000027 _____ () C:\Users\Alex\AppData\Roaming\AST4
2016-06-17 02:53 - 2016-06-17 02:53 - 0004205 _____ () C:\Users\Alex\AppData\Roaming\back.png
2016-06-17 02:53 - 2016-06-17 02:53 - 0000430 _____ () C:\Users\Alex\AppData\Roaming\doc_to_epub.xsl
2016-06-17 02:53 - 2016-06-17 02:53 - 0002385 _____ () C:\Users\Alex\AppData\Roaming\dsfksvcsw2k.inf
2016-06-17 02:53 - 2016-06-17 02:53 - 0003749 _____ () C:\Users\Alex\AppData\Roaming\ExampleAWTViewer.java
2016-06-17 02:53 - 2016-06-17 02:53 - 0001194 _____ () C:\Users\Alex\AppData\Roaming\f39.png
2016-06-17 02:53 - 2016-06-17 02:53 - 0001150 _____ () C:\Users\Alex\AppData\Roaming\fast_forward.png
2016-06-17 02:53 - 2016-06-17 02:53 - 0003405 _____ () C:\Users\Alex\AppData\Roaming\finphon.env
2016-06-17 02:53 - 2016-06-17 02:53 - 0000935 _____ () C:\Users\Alex\AppData\Roaming\glossterm.width.xml
2016-06-17 02:52 - 2016-06-17 02:52 - 0000518 _____ () C:\Users\Alex\AppData\Roaming\goURL_lr_photoshop_fr.csv
2016-06-17 02:52 - 2016-06-17 02:52 - 0000518 _____ () C:\Users\Alex\AppData\Roaming\goURL_lr_photoshop_jp.csv
2016-06-17 02:52 - 2016-06-17 02:52 - 0000524 _____ () C:\Users\Alex\AppData\Roaming\gray 423 bl soft.ADO
2016-06-26 13:35 - 2016-06-26 13:35 - 0128512 _____ () C:\Users\Alex\AppData\Roaming\Installer.dat
2016-06-26 13:35 - 2016-06-26 13:35 - 0018432 _____ () C:\Users\Alex\AppData\Roaming\Main.dat
2013-11-13 04:00 - 2013-11-13 04:00 - 0049948 _____ () C:\Users\Alex\AppData\Roaming\Plangency.P
2016-07-14 16:23 - 2016-07-14 16:23 - 0029696 _____ () C:\Users\Alex\AppData\Roaming\SetCursor.dll
2016-07-26 15:49 - 2016-07-26 15:49 - 0001979 _____ () C:\Users\Alex\AppData\Roaming\SpeedRunnersLog.txt
1989-01-27 04:00 - 1989-01-27 04:00 - 0003406 _____ () C:\Users\Alex\AppData\Roaming\Stereophony.t
2016-06-23 01:12 - 2016-06-23 01:12 - 0000003 _____ () C:\Users\Alex\AppData\Local\updater.log
2016-06-23 01:12 - 2016-08-06 22:17 - 0000424 _____ () C:\Users\Alex\AppData\Local\UserProducts.xml
2016-07-09 19:11 - 2016-07-09 19:11 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2016-08-01 21:12 - 2016-08-01 21:12 - 0000016 _____ () C:\ProgramData\mntemp
Some files in TEMP:
====================
C:\Users\Alex\AppData\Local\Temp\BluestacksUninstaller.exe
C:\Users\Alex\AppData\Local\Temp\CIMManifest.exe
C:\Users\Alex\AppData\Local\Temp\HD-LibraryHandler.dll
C:\Users\Alex\AppData\Local\Temp\HD-Logger-Native.dll
C:\Users\Alex\AppData\Local\Temp\HD-ShortcutHandler.dll
C:\Users\Alex\AppData\Local\Temp\InstallHelper.exe
C:\Users\Alex\AppData\Local\Temp\mpam-2fbe7ee.exe
C:\Users\Alex\AppData\Local\Temp\playstv_patch.exe
C:\Users\Alex\AppData\Local\Temp\radeon-crimson-16.3.2-minimalsetup.exe
C:\Users\Alex\AppData\Local\Temp\raptrpatch.exe
C:\Users\Alex\AppData\Local\Temp\raptr_stub.exe
C:\Users\Alex\AppData\Local\Temp\uninstall.exe
C:\Users\Alex\AppData\Local\Temp\vcredist_x64.exe
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2016-08-09 13:04
==================== End of FRST.txt ============================
This is everything in the Addition.txt file :
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 11-08-2016 01
Ran by Alex (2016-08-12 23:32:12)
Running from C:\Users\Alex\Downloads
Windows 10 Home Version 1511 (X64) (2016-06-23 03:58:29)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-482574108-2876646391-2450146034-500 - Administrator - Disabled)
Alex (S-1-5-21-482574108-2876646391-2450146034-1001 - Administrator - Enabled) => C:\Users\Alex
DefaultAccount (S-1-5-21-482574108-2876646391-2450146034-503 - Limited - Disabled)
Guest (S-1-5-21-482574108-2876646391-2450146034-501 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
ACP Application (Version: 2016.0321.0955.20 - Advanced Micro Devices, Inc.) Hidden
Active Directory Authentication Library for SQL Server (Version: 13.0.1601.5 - Microsoft Corporation) Hidden
Active Directory Authentication Library for SQL Server (x86) (x32 Version: 13.0.1601.5 - Microsoft Corporation) Hidden
AMD Install Manager (HKLM\...\AMD Catalyst Install Manager) (Version: 9.0.000.4 - Advanced Micro Devices, Inc.)
AMD Settings (HKLM\...\WUCCCApp) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.)
Application Insights Tools for Visual Studio 2015 (HKLM-x32\...\{0E4C791E-B78E-477D-BD5A-CDD0985BA6EC}) (Version: 7.0.20622.1 - Microsoft Corporation)
Azure AD Authentication Connected Service (x32 Version: 14.0.25420 - Microsoft Corporation) Hidden
AzureTools.Notifications (x32 Version: 2.7.30611.1601 - Microsoft Corporation) Hidden
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Bethesda.net Launcher (HKLM-x32\...\{3448917E-E4FE-4E30-9502-9FD52EABB6F5}_is1) (Version: 1.0 - Bethesda Softworks)
BitTorrent (HKU\S-1-5-21-482574108-2876646391-2450146034-1001\...\BitTorrent) (Version: 7.9.7.42331 - BitTorrent Inc.)
Blend for Visual Studio SDK for .NET 4.5 (x32 Version: 3.0.40218.0 - Microsoft Corporation) Hidden
BlueStacks App Player (HKLM-x32\...\BlueStacks) (Version: 2.3.37.6239 - BlueStack Systems, Inc.)
Catalyst Control Center Next Localization BR (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Corsair Utility Engine (HKLM-x32\...\{46A3EEB3-8F6F-4BC4-9A53-CDE33D089D08}) (Version: 1.16.42 - Corsair)
Diablo III (HKLM-x32\...\Diablo III) (Version: - Blizzard Entertainment)
Discord (HKU\S-1-5-21-482574108-2876646391-2450146034-1001\...\Discord) (Version: 0.0.295 - Hammer & Chisel, Inc.)
Dotfuscator and Analytics Community Edition 5.22.0 (x32 Version: 5.22.0.3788 - PreEmptive Solutions) Hidden
Enter the Gungeon (HKLM\...\Steam App 311690) (Version: - Dodge Roll)
Entity Framework 6.1.3 Tools for Visual Studio 2015 Update 1 (HKLM-x32\...\{2A56910C-69C8-495D-8ED8-9080F0A14E58}) (Version: 14.0.41103.0 - Microsoft Corporation)
FTL: Faster Than Light (HKLM\...\Steam App 212680) (Version: - Subset Games)
Garry's Mod (HKLM\...\Steam App 4000) (Version: - Facepunch Studios)
Ghost in the Shell Stand Alone Complex First Assault Online (HKLM\...\Steam App 369200) (Version: - Neople)
Golf With Your Friends (HKLM\...\Steam App 431240) (Version: - Blacklight Interactive)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 52.0.2743.116 - Google Inc.)
Google Update Helper (x32 Version: 1.3.31.5 - Google Inc.) Hidden
Heroes of the Storm (HKLM-x32\...\Heroes of the Storm) (Version: - Blizzard Entertainment)
IIS 10.0 Express (HKLM\...\{13FD7E30-D2F1-498D-ABC2-A4242DB6610E}) (Version: 10.0.1736 - Microsoft Corporation)
IIS Express Application Compatibility Database for x64 (HKLM\...\{08274920-8908-45c2-9258-8ad67ff77b09}.sdb) (Version: - )
IIS Express Application Compatibility Database for x86 (HKLM\...\{ad846bae-d44b-4722-abad-f7420e08bcd9}.sdb) (Version: - )
League of Legends (HKLM-x32\...\League of Legends 4.1.2) (Version: 4.1.2 - Riot Games)
League of Legends (x32 Version: 4.1.2 - Riot Games) Hidden
Lightshot-5.4.0.1 (HKLM-x32\...\{30A5B3C9-2084-4063-A32A-628A98DE512B}_is1) (Version: 5.4.0.1 - Skillbrains)
Logitech Gaming Software 8.76 (HKLM\...\Logitech Gaming Software) (Version: 8.76.155 - Logitech Inc.)
LSI - LoL Summoner Information (HKLM-x32\...\{62B332E9-239D-4692-BDE2-0CC1CF2833DA}_is1) (Version: v4.15.0 - Aequus Gaming Ltd.)
Malwarebytes Anti-Malware version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Microsoft .NET Framework 4.5 Multi-Targeting Pack (HKLM-x32\...\{56E962F0-4FB0-3C67-88DB-9EAA6EEFC493}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (ENU) (HKLM-x32\...\{D3517C62-68A5-37CF-92F7-93C029A89681}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (HKLM-x32\...\{6A0C6700-EA93-372C-8871-DCCF13D160A4}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 SDK (HKLM-x32\...\{19A5926D-66E1-46FC-854D-163AA10A52D3}) (Version: 4.5.51641 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 Multi-Targeting Pack (ENU) (HKLM-x32\...\{290FC320-2F5A-329E-8840-C4193BD7A9EE}) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 Multi-Targeting Pack (HKLM-x32\...\{19E8AE59-4D4A-3534-B567-6CC08FA4102E}) (Version: 4.5.51651 - Microsoft Corporation)
Microsoft .NET Framework 4.6 SDK (HKLM-x32\...\{B5915D37-0637-4A26-A3AA-C5DC9F856370}) (Version: 4.6.00081 - Microsoft Corporation)
Microsoft .NET Framework 4.6 Targeting Pack (ENU) (HKLM-x32\...\{034547E9-D8FA-49E7-8B9C-4C9861FB9146}) (Version: 4.6.00127 - Microsoft Corporation)
Microsoft .NET Framework 4.6 Targeting Pack (HKLM-x32\...\{2CC6A4A7-AAC2-46C9-9DBB-3727B5954F65}) (Version: 4.6.00081 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 SDK (HKLM-x32\...\{2F0ECC80-B9E4-4485-8083-CD32F22ABD92}) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 Targeting Pack (ENU) (HKLM-x32\...\{8EEB28EE-5141-411C-9CF0-9952264FE4AF}) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 Targeting Pack (HKLM-x32\...\{8BC3EEC9-090F-4C53-A8DA-1BEC913040F9}) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Version Manager (x64) 1.0.0-beta5 (HKLM\...\{c5a4aba3-1aba-3ef8-b2d5-c3fa37f59738}) (Version: 1.0.10609.0 - Microsoft Corporation)
Microsoft Help Viewer 2.2 (HKLM-x32\...\Microsoft Help Viewer 2.2) (Version: 2.2.25420 - Microsoft Corporation)
Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.20513.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Command Line Utilities (HKLM\...\{9D573E71-1077-4C7E-B4DB-4E22A5D2B48B}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client (HKLM\...\{49D665A2-4C2A-476E-9AB8-FCC425F526FC}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2014 Management Objects (HKLM-x32\...\{2774595F-BC2A-4B12-A25B-0C37A37049B0}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 Management Objects (x64) (HKLM\...\{1F9EB3B6-AED7-4AA7-B8F1-8E314B74B2A5}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 Transact-SQL ScriptDom (HKLM\...\{020CDFE0-C127-4047-B571-37C82396B662}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 T-SQL Language Service (HKLM-x32\...\{47D08E7A-92A1-489B-B0BF-415516497BCE}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2016 LocalDB (HKLM\...\{E359515A-92E6-4FA3-A2C9-E1BA02D8DE6E}) (Version: 13.0.1601.5 - Microsoft Corporation)
Microsoft SQL Server 2016 Management Objects (HKLM-x32\...\{0F1C8E2F-199A-4946-B3BF-0906DACFD032}) (Version: 13.0.1601.5 - Microsoft Corporation)
Microsoft SQL Server 2016 Management Objects (x64) (HKLM\...\{20EA85AA-2A1D-4F11-B09F-4BA2BF3C8989}) (Version: 13.0.1601.5 - Microsoft Corporation)
Microsoft SQL Server 2016 T-SQL Language Service (HKLM-x32\...\{8BFDE775-C5B8-46DB-84EF-43FFC8A2E8AD}) (Version: 13.0.14500.10 - Microsoft Corporation)
Microsoft SQL Server 2016 T-SQL ScriptDom (HKLM\...\{D091DE8C-EA0F-49AF-8DE3-BD6C79737C6E}) (Version: 13.0.1601.5 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 SP1 x64 ENU (HKLM\...\{78909610-D229-459C-A936-25D92283D3FD}) (Version: 4.0.8876.1 - Microsoft Corporation)
Microsoft SQL Server Data Tools - enu (14.0.60519.0) (HKLM-x32\...\{4E27B0EF-7BAB-432A-AF3D-3FC8F3F7353F}) (Version: 14.0.60519.0 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2014 (HKLM\...\{FC3BB979-AA54-4B60-BBA3-2C4DA6E08D80}) (Version: 12.0.2402.29 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2014 (HKLM-x32\...\{091CE6AA-2753-4F6E-AD1C-0E875744EB54}) (Version: 12.0.2402.29 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2016 (HKLM\...\{96EB5054-C775-4BEF-B7B9-AA96A295EDCD}) (Version: 13.0.1601.5 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2016 (HKLM-x32\...\{84C23ECA-FE4D-494F-9247-3EBAD57E7F0C}) (Version: 13.0.1601.5 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 Redistributable - x64 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 Redistributable - x86 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24210 (HKLM-x32\...\{f144e08f-9cbe-4f09-9a8c-f2b858b7ee7f}) (Version: 14.0.24210.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24210 (HKLM-x32\...\{23658c02-145e-483d-ba6b-1eb82c580529}) (Version: 14.0.24210.0 - Microsoft Corporation)
Microsoft Visual Studio Community 2015 with Updates (HKLM-x32\...\{79b486b9-c5f0-4096-a00c-8351f59587c2}) (Version: 14.0.25420.1 - Microsoft Corporation)
Microsoft Web Deploy 3.6 (HKLM\...\{94E1227C-08A9-4962-B388-1F05D89AEA75}) (Version: 3.1238.1962 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Minecraft (HKLM-x32\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang)
MSBuild/NuGet Integration 14.0 (x86) (x32 Version: 14.0.25420 - Microsoft Corporation) Hidden
Multi-Device Hybrid Apps using C# - Templates - ENU (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden
Necropolis (HKLM\...\Steam App 384490) (Version: - Harebrained Schemes)
No Man's Sky (HKLM\...\Steam App 275850) (Version: - Hello Games)
NVIDIA PhysX (HKLM-x32\...\{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}) (Version: 9.12.1031 - NVIDIA Corporation)
Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version: - )
Overwatch (HKLM-x32\...\Overwatch) (Version: - Blizzard Entertainment)
PAYDAY 2 (HKLM\...\Steam App 218620) (Version: - OVERKILL - a Starbreeze Studio.)
PlaysTV (HKLM-x32\...\PlaysTV) (Version: 1.13.1-r115223-release - Plays.tv, LLC)
PreEmptive Analytics Visual Studio Components (x32 Version: 1.2.5134.1 - PreEmptive Solutions) Hidden
Prerequisites for SSDT (HKLM-x32\...\{21373064-AD95-48DB-A32E-0D9E08EF7355}) (Version: 12.0.2000.8 - Microsoft Corporation)
Prerequisites for SSDT (HKLM-x32\...\{B7E94916-7AE6-4F7F-A377-7A410A42BA19}) (Version: 13.0.1601.5 - Microsoft Corporation)
ProxyGate version 3.0.0.1180 (HKU\S-1-5-21-482574108-2876646391-2450146034-1001\...\{1EC095EE-8CA3-43D6-B9F5-0C55B82ED3D7}}_is1) (Version: 3.0.0.1180 - Gold Click Ltd)
Raptr (HKLM-x32\...\Raptr) (Version: 5.2.5-r115042-release - Raptr, Inc)
Razer Chroma SDK Core Components (HKLM-x32\...\Razer Chroma SDK) (Version: 1.7.8 - Razer Inc.)
Razer Synapse (HKLM-x32\...\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 2.20.15.707 - Razer Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7727 - Realtek Semiconductor Corp.)
Riders of Icarus (HKLM\...\Steam App 442080) (Version: - WeMade)
Roslyn Language Services - x86 (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden
Roslyn Language Services - x86 (x32 Version: 14.0.25421 - Microsoft Corporation) Hidden
Skype™ 7.25 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.25.106 - Skype Technologies S.A.)
SmartApp (HKLM-x32\...\{F3BA5FBF-7DDE-416E-85FB-3D19AFEC8E63}) (Version: 3.1.2.53 - SmartApp)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Team Explorer for Microsoft Visual Studio 2015 Update 3 CTP1 (x32 Version: 14.98.25331 - Microsoft) Hidden
Test Tools for Microsoft Visual Studio 2015 (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden
The Binding of Isaac (HKLM\...\Steam App 113200) (Version: - Edmund McMillen and Florian Himsl)
The Elder Scrolls Legends (HKLM-x32\...\The Elder Scrolls Legends) (Version: - Bethesda Softworks)
TypeScript Power Tool (x32 Version: 1.8.34.0 - Microsoft Corporation) Hidden
TypeScript Tools for Microsoft Visual Studio 2015 (x32 Version: 1.8.34.0 - Microsoft Corporation) Hidden
Unity Web Player (HKU\S-1-5-21-482574108-2876646391-2450146034-1001\...\UnityWebPlayer) (Version: 5.3.6f1 - Unity Technologies ApS)
Update for (KB2504637) (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}.KB2504637) (Version: 1 - Microsoft Corporation)
Visual Studio 2015 Update 3 (KB3022398) (HKLM-x32\...\{7a68448b-9cf2-4049-bd73-5875f1aa7ba2}) (Version: 14.0.25420 - Microsoft Corporation)
VS Update core components (x32 Version: 14.0.25421 - Microsoft Corporation) Hidden
vs_update3notification (x32 Version: 14.0.25421 - Microsoft Corporation) Hidden
Vulkan Run Time Libraries 1.0.3.1 (HKLM\...\VulkanRT1.0.3.1) (Version: 1.0.3.1 - LunarG, Inc.)
WCF Data Services 5.6.4 Runtime (x32 Version: 5.6.62175.4 - Microsoft Corporation) Hidden
WCF Data Services Tools for Microsoft Visual Studio 2015 (x32 Version: 5.6.62175.4 - Microsoft Corporation) Hidden
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-482574108-2876646391-2450146034-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Alex\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\FileCoAuth.exe (Microsoft Corporation)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {209783C5-01E2-4A4E-8496-5138EF147B34} - System32\Tasks\{72380271-88CC-44AF-8B13-3E63831FE6CA} => pcalua.exe -a "C:\Program Files (x86)\Bluestacks\BluestacksUninstaller.exe" -c :tmp
Task: {39376A87-E01B-46F0-9D71-D768DC86AAA7} - \SessionAgent -> No File <==== ATTENTION
Task: {4BCC9587-D8A4-4FBE-A66E-63F55EDFD1A7} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-06-23] (Google Inc.)
Task: {4F7E9507-DF71-47EA-8C33-6E04A8819370} - System32\Tasks\{48E24B94-D2FA-4A14-BC2B-C979A719A2B5} => pcalua.exe -a "d:\program files\bethesda.net launcher\bethesdanetlauncher.exe" -c bethesdanet://uninstall/5
Task: {5DCC4201-0C7C-4870-9BCB-C8AA73B4687E} - System32\Tasks\Microsoft\VisualStudio\VSIX Auto Update 14 => D:\Program Files\Common7\IDE\VSIXAutoUpdate.exe [2016-06-20] (Microsoft Corporation)
Task: {634F0C50-C7FD-498F-A4A7-4913EA7E2A27} - System32\Tasks\{0AADCEBB-B6A9-43C6-A896-CE3BB8DF55B7} => pcalua.exe -a "d:\mygames\bethesda.net launcher\bethesdanetlauncher.exe" -c bethesdanet://uninstall/8
Task: {7F1252E4-D377-4294-86FD-FEF4D310E766} - System32\Tasks\{17D16A22-F131-4CD9-BBED-207B24FE040B} => pcalua.exe -a "C:\ProgramData\Battle.net\Agent\Blizzard Uninstaller.exe" -c --lang=enUS --uid=prometheus --displayname="Overwatch"
Task: {84B855BF-E24A-427B-8E8E-FEA069601A07} - System32\Tasks\update-sys => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [2014-11-28] ()
Task: {8724B2B5-4EA9-460C-A800-30CC467FFD5D} - System32\Tasks\SmartAppLiveUpdater => C:\Program Files (x86)\SmartApp\SmartAppLiveUpdater.exe [2016-07-19] ()
Task: {B8D13665-E4C4-46CA-ABDD-DC88013D02BB} - System32\Tasks\update-S-1-5-21-482574108-2876646391-2450146034-1001 => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [2014-11-28] ()
Task: {C08287CD-9F2C-41CE-A46C-FC3E8FEFF4F5} - System32\Tasks\AMD Updater => C:\Program Files\AMD\CIM\\Bin64\InstallManagerApp.exe [2016-03-21] (Advanced Micro Devices, Inc.)
Task: {EB3AC53A-2154-4FF7-93B6-4E9281F4ED9D} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-06-23] (Google Inc.)
Task: {FCB31082-A7B6-424E-9531-6204CC7EBCFB} - System32\Tasks\SmartAppMonitor => C:\Program Files (x86)\SmartApp\SmartAppMonitor.exe [2016-07-19] (VertoAnalytics Oy)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\update-S-1-5-21-482574108-2876646391-2450146034-1001.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe
Task: C:\WINDOWS\Tasks\update-sys.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe
==================== Shortcuts =============================
(The entries could be listed to be restored or removed.)
ShortcutWithArgument: C:\Users\Alex\Desktop\TwitchAlerts Stream Labels.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=kgmggmdngboajiakmbpdknfpdelbjbcg
ShortcutWithArgument: C:\Users\Alex\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\TwitchAlerts Stream Labels.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=kgmggmdngboajiakmbpdknfpdelbjbcg
==================== Loaded Modules (Whitelisted) ==============
2015-10-30 03:18 - 2015-10-30 03:18 - 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2015-11-04 19:11 - 2015-11-04 19:12 - 00188072 _____ () C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
2016-07-12 23:50 - 2016-07-01 00:48 - 02656408 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-07-12 23:50 - 2016-07-01 00:48 - 02656408 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2016-06-23 00:00 - 2016-06-23 00:00 - 00959168 _____ () C:\Users\Alex\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64\ClientTelemetry.dll
2016-02-13 08:54 - 2016-02-13 08:54 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll
2016-07-12 23:51 - 2016-06-30 23:48 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2016-07-12 23:50 - 2016-06-30 23:27 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-07-12 23:50 - 2016-06-30 23:21 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-07-12 23:50 - 2016-06-30 23:22 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-07-12 23:50 - 2016-06-30 23:24 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2015-06-25 19:34 - 2015-06-25 19:34 - 00014336 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll
2015-06-25 19:37 - 2015-06-25 19:37 - 00739840 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll
2015-06-25 19:35 - 2015-06-25 19:35 - 00014336 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll
2015-06-25 19:38 - 2015-06-25 19:38 - 00071168 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll
2015-06-25 18:53 - 2015-06-25 18:53 - 00011776 _____ () C:\Program Files\AMD\CNext\CNext\libEGL.dll
2015-06-25 18:51 - 2015-06-25 18:51 - 02013696 _____ () C:\Program Files\AMD\CNext\CNext\libGLESv2.dll
2015-03-06 20:07 - 2015-03-06 20:07 - 00908568 _____ () C:\Program Files\Logitech Gaming Software\libGLESv2.dll
2015-11-20 17:41 - 2015-11-20 17:41 - 01095448 _____ () C:\Program Files\Logitech Gaming Software\platforms\qwindows.dll
2015-03-06 20:07 - 2015-03-06 20:07 - 00060184 _____ () C:\Program Files\Logitech Gaming Software\libEGL.dll
2015-11-20 17:41 - 2015-11-20 17:41 - 00240408 _____ () C:\Program Files\Logitech Gaming Software\imageformats\qjpeg.dll
2016-06-14 22:39 - 2016-06-14 22:39 - 00298448 _____ () C:\ProgramData\Razer\Synapse\RzStats\RzStats.Manager.exe
2016-08-08 20:18 - 2016-08-02 19:41 - 02366280 _____ () C:\Program Files (x86)\Google\Chrome\Application\52.0.2743.116\libglesv2.dll
2016-08-08 20:18 - 2016-08-02 19:40 - 00107848 _____ () C:\Program Files (x86)\Google\Chrome\Application\52.0.2743.116\libegl.dll
2015-11-30 02:07 - 2015-11-30 02:07 - 00138752 _____ () C:\Program Files\ATI Technologies\ATI.ACE\A4\AdaptiveSleepService.exe
2016-04-01 15:31 - 2016-04-01 15:31 - 01308224 _____ () C:\Riot Games\League of Legends\RADS\system\rads_user_kernel.exe
2016-07-26 12:28 - 2016-07-26 12:28 - 02417144 _____ () C:\Riot Games\League of Legends\RADS\projects\lol_launcher\releases\0.0.1.24\deploy\LoLLauncher.exe
2016-07-26 12:28 - 2016-07-26 12:28 - 04702712 _____ () C:\Riot Games\League of Legends\RADS\projects\lol_patcher\releases\0.0.0.64\deploy\LoLPatcher.exe
2015-12-12 16:34 - 2015-12-12 16:34 - 00074752 _____ () C:\Riot Games\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.211\deploy\LolClient.exe
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2015-10-30 03:24 - 2016-06-28 20:55 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-482574108-2876646391-2450146034-1001\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
HKLM\...\StartupApproved\Run32: => "PlaysTV"
HKU\S-1-5-21-482574108-2876646391-2450146034-1001\...\StartupApproved\Run: => "BlueStacks Agent"
HKU\S-1-5-21-482574108-2876646391-2450146034-1001\...\StartupApproved\Run: => "Skype"
HKU\S-1-5-21-482574108-2876646391-2450146034-1001\...\StartupApproved\Run: => "Discord"
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [TCP Query User{F3821F34-CC6E-4E36-80EB-7DBE3B27408B}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe
FirewallRules: [UDP Query User{109544A9-56C8-4CF4-8899-0660C345CD8F}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe
FirewallRules: [{E666E68B-CBAF-474F-956E-B678ACCA2BEE}] => (Allow) D:\Program Files\Steam.exe
FirewallRules: [{0EB782BD-70F3-4847-B4A2-58C58FFE54C2}] => (Allow) D:\Program Files\Steam.exe
FirewallRules: [{46A8F05A-D583-4C15-A9EC-1AFCA3B20344}] => (Allow) D:\Program Files\bin\steamwebhelper.exe
FirewallRules: [{795974DE-55F4-423D-B661-4A89FCA927B3}] => (Allow) D:\Program Files\bin\steamwebhelper.exe
FirewallRules: [TCP Query User{5C79A667-496E-4E53-8871-5596B8775263}C:\program files (x86)\overwatch\overwatch.exe] => (Allow) C:\program files (x86)\overwatch\overwatch.exe
FirewallRules: [UDP Query User{F1036AB9-80D3-4247-9972-662524568B80}C:\program files (x86)\overwatch\overwatch.exe] => (Allow) C:\program files (x86)\overwatch\overwatch.exe
FirewallRules: [{8053B95C-D354-48BB-BE1F-13D51294EC36}] => (Allow) C:\ProgramData\BlueStacksGameManager\OBS\HD-OBS.exe
FirewallRules: [{7D6BDA0A-7615-43A8-AB79-6003B3A15303}] => (Allow) C:\ProgramData\BlueStacksGameManager\OBS\HD-OBS.exe
FirewallRules: [{09CD4A7A-2336-4F6A-8E65-FD787D9F0338}] => (Allow) D:\Program Files\steamapps\common\H1Z1 King of the Kill\LaunchPad.exe
FirewallRules: [{3307C4F2-7DC6-4CAE-871D-E3C4E876640B}] => (Allow) D:\Program Files\steamapps\common\H1Z1 King of the Kill\LaunchPad.exe
FirewallRules: [{3BE52819-47BA-48A3-88CF-5794CA833FA8}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{1EEF1C58-36AA-4E37-973F-DE5E084036F6}] => (Allow) D:\Program Files\steamapps\common\Borderlands 2\Binaries\Win32\Launcher.exe
FirewallRules: [{E6170835-893A-4C71-8D54-C62CE5818BC7}] => (Allow) D:\Program Files\steamapps\common\Borderlands 2\Binaries\Win32\Launcher.exe
FirewallRules: [{1E1EAAA6-9F72-44CA-A622-9ABFDE8BDE0C}] => (Allow) D:\Program Files\steamapps\common\Borderlands 2\Binaries\Win32\Borderlands2.exe
FirewallRules: [{9C2D7E88-990C-4F95-AF62-F2B27E9B3CCF}] => (Allow) D:\Program Files\steamapps\common\Borderlands 2\Binaries\Win32\Borderlands2.exe
FirewallRules: [{95FA5F07-84C8-41E0-A96E-4363A4D6A9D5}] => (Allow) D:\Program Files\Common7\IDE\devenv.exe
FirewallRules: [{0F17E784-9FBF-473A-BB61-7CA7DA5FEC8D}] => (Allow) D:\Program Files\steamapps\common\Enter the Gungeon\EtG.exe
FirewallRules: [{51EE83C2-799F-4956-A0FE-665EBA3732D3}] => (Allow) D:\Program Files\steamapps\common\Enter the Gungeon\EtG.exe
FirewallRules: [TCP Query User{04BDC280-8B25-4DDF-8C9D-F1DA25995260}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{123E48FC-FF7C-4630-B553-8BC55F875E3C}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [{6FA80EAA-D7AD-4DD7-BDBF-857F10F40CFA}] => (Allow) D:\Program Files\steamapps\common\Necropolis\Necropolis.exe
FirewallRules: [{03262332-FD4F-44AF-90D5-1A13FF3747C0}] => (Allow) D:\Program Files\steamapps\common\Necropolis\Necropolis.exe
FirewallRules: [TCP Query User{11F09761-93E2-4CD6-AC69-1B345548F5DD}C:\program files (x86)\bitlord\bitlord.exe] => (Allow) C:\program files (x86)\bitlord\bitlord.exe
FirewallRules: [UDP Query User{6EFFB89E-9052-40AA-97B6-C9EDCF6922FF}C:\program files (x86)\bitlord\bitlord.exe] => (Allow) C:\program files (x86)\bitlord\bitlord.exe
FirewallRules: [{A840BD21-C554-4096-A815-761DA30984ED}] => (Allow) C:\Users\Alex\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{DEA6E8E0-0E9D-45B0-B60F-948EEA5B9423}] => (Allow) C:\Users\Alex\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{1423BF4C-23D8-47D4-86EE-A59486EDE905}] => (Allow) C:\Users\Alex\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{1E0FE48B-2D75-41CB-822D-9EB9F07D02AA}] => (Allow) C:\Users\Alex\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{4B4649A6-8BAC-40D0-9DB9-0DE4CB9D42C3}] => (Allow) C:\Users\Alex\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{5FCBA658-F134-43D3-8749-A1D7CD2E43B1}] => (Allow) C:\Users\Alex\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [TCP Query User{F90643C9-214B-4B64-B83E-5955D08EFABE}D:\r.g. catalyst\xcom 2\binaries\win64\xcom2.exe] => (Allow) D:\r.g. catalyst\xcom 2\binaries\win64\xcom2.exe
FirewallRules: [UDP Query User{3F6206DA-F60B-488D-B77F-42CCC05C0FF3}D:\r.g. catalyst\xcom 2\binaries\win64\xcom2.exe] => (Allow) D:\r.g. catalyst\xcom 2\binaries\win64\xcom2.exe
FirewallRules: [TCP Query User{DFBE9F09-A34E-4F2A-A32D-2BAAF3036928}D:\program files\steamapps\common\grand theft auto v\gta5.exe] => (Allow) D:\program files\steamapps\common\grand theft auto v\gta5.exe
FirewallRules: [UDP Query User{15178F20-B741-4595-8706-71B3109CAAA8}D:\program files\steamapps\common\grand theft auto v\gta5.exe] => (Allow) D:\program files\steamapps\common\grand theft auto v\gta5.exe
FirewallRules: [{89C63A50-D4D9-4749-802E-CC37975BA183}] => (Allow) D:\Program Files\steamapps\common\EvolveGame\bin64_SteamRetail\Evolve.exe
FirewallRules: [{F8FA1393-795D-4AA8-93D7-9DEDD2A96CC9}] => (Allow) D:\Program Files\steamapps\common\EvolveGame\bin64_SteamRetail\Evolve.exe
FirewallRules: [TCP Query User{43F6FB40-43BB-45D4-B311-073229C3E646}D:\program files\steamapps\common\shatteredskies\launcher.exe.new.exe] => (Allow) D:\program files\steamapps\common\shatteredskies\launcher.exe.new.exe
FirewallRules: [UDP Query User{A5A7998A-531C-433A-9517-84A3A6D9DBA3}D:\program files\steamapps\common\shatteredskies\launcher.exe.new.exe] => (Allow) D:\program files\steamapps\common\shatteredskies\launcher.exe.new.exe
FirewallRules: [TCP Query User{9A5921FE-A72C-483F-AB34-9DF49B5D205D}D:\program files\steamapps\common\shatteredskies\shatteredskies.exe] => (Allow) D:\program files\steamapps\common\shatteredskies\shatteredskies.exe
FirewallRules: [UDP Query User{81642C3F-1818-436C-B794-C362C9336226}D:\program files\steamapps\common\shatteredskies\shatteredskies.exe] => (Allow) D:\program files\steamapps\common\shatteredskies\shatteredskies.exe
FirewallRules: [TCP Query User{5A73C8AC-796E-450B-B49A-8EF51391CB53}D:\games\hearthstone\hearthstone.exe] => (Allow) D:\games\hearthstone\hearthstone.exe
FirewallRules: [UDP Query User{363E62CA-8251-4F17-B611-4FEE8154C13C}D:\games\hearthstone\hearthstone.exe] => (Allow) D:\games\hearthstone\hearthstone.exe
FirewallRules: [{B854A948-8B81-4E01-BC62-CACE71DBDB47}] => (Allow) D:\Program Files\steamapps\common\Golf With Your Friends\Golf With Your Friends.exe
FirewallRules: [{3B7CBB59-A35E-4FDD-B8EE-52A0B21ECFEB}] => (Allow) D:\Program Files\steamapps\common\Golf With Your Friends\Golf With Your Friends.exe
FirewallRules: [{2C34A8CE-5C63-427C-82B4-FE0A6C2AC285}] => (Allow) C:\Program Files (x86)\Battle.net\Agent\Agent.2328\Agent.exe
FirewallRules: [{9949C6E6-6E28-4266-8911-1D95BF514AB3}] => (Allow) C:\Program Files (x86)\Battle.net\Agent\Agent.2328\Agent.exe
FirewallRules: [{BB21843B-3825-4419-AEBF-2D1881411CFB}] => (Allow) D:\Program Files\steamapps\common\PAYDAY 2\payday2_win32_release.exe
FirewallRules: [{1EF9BE16-0819-42B6-9D00-A98001DFC34F}] => (Allow) D:\Program Files\steamapps\common\PAYDAY 2\payday2_win32_release.exe
FirewallRules: [TCP Query User{6432A5AF-7C9D-43FA-986D-1F0655C81307}C:\program files (x86)\heroes of the storm\versions\base44941\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base44941\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{997199BA-C68E-4917-913C-0AB4C860EB18}C:\program files (x86)\heroes of the storm\versions\base44941\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base44941\heroesofthestorm_x64.exe
FirewallRules: [{710AD082-CCE0-4BA5-975D-2A6079A9EE06}] => (Allow) D:\Program Files\steamapps\common\WeHappyFew\GlimpseGame\Binaries\Win64\GlimpseGame.exe
FirewallRules: [{1A8AE1FD-480E-46FD-8D18-A7F9383A9D9C}] => (Allow) D:\Program Files\steamapps\common\WeHappyFew\GlimpseGame\Binaries\Win64\GlimpseGame.exe
FirewallRules: [TCP Query User{3440BF39-FF11-4DD4-9430-646CD02849E8}C:\users\alex\appdata\local\pokemon\app-0.1.5\pokemon go live map.exe] => (Allow) C:\users\alex\appdata\local\pokemon\app-0.1.5\pokemon go live map.exe
FirewallRules: [UDP Query User{D7C8AB7B-7D41-4A12-9DBD-F75642190927}C:\users\alex\appdata\local\pokemon\app-0.1.5\pokemon go live map.exe] => (Allow) C:\users\alex\appdata\local\pokemon\app-0.1.5\pokemon go live map.exe
FirewallRules: [TCP Query User{B1AB9472-439F-4043-9572-451E25157900}C:\program files (x86)\diablo iii\diablo iii.exe] => (Allow) C:\program files (x86)\diablo iii\diablo iii.exe
FirewallRules: [UDP Query User{D26B4CBB-3919-44D3-91CB-9A10D2DEAA9A}C:\program files (x86)\diablo iii\diablo iii.exe] => (Allow) C:\program files (x86)\diablo iii\diablo iii.exe
FirewallRules: [{C874D096-EE94-4A65-BB26-18D8C8F1E752}] => (Allow) D:\Program Files\steamapps\common\GarrysMod\hl2.exe
FirewallRules: [{4372CBE1-C229-472C-980F-67740876D5F8}] => (Allow) D:\Program Files\steamapps\common\GarrysMod\hl2.exe
FirewallRules: [{05058520-6CA9-4835-BAE9-E2F05083B1E1}] => (Allow) D:\Program Files\steamapps\common\firstassault\Shipping\GAME.exe
FirewallRules: [{DBC74ABE-470A-4F9E-845A-EBB02995EA9C}] => (Allow) D:\Program Files\steamapps\common\firstassault\Shipping\GAME.exe
FirewallRules: [{FC1E674D-801F-4E6E-8E3F-BA60F26169AA}] => (Allow) D:\Program Files\steamapps\common\The Binding Of Isaac\Isaac.exe
FirewallRules: [{71C8696B-590C-4BD4-9E04-6F0E911F968D}] => (Allow) D:\Program Files\steamapps\common\The Binding Of Isaac\Isaac.exe
FirewallRules: [{D695799F-6F8A-4942-B508-6135FACB1A2B}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe
FirewallRules: [{55E2BD0C-2C2D-4793-92D9-8EA9F13B0E3E}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe
FirewallRules: [{E246C51E-D6E1-4C68-9372-5D8E977C8F80}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe
FirewallRules: [{D86EEABF-61C7-469E-ABC1-C898801A92EB}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe
FirewallRules: [{42A710E3-B797-4567-B4DD-55C9C40D8959}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [TCP Query User{53AEB4F6-BED8-4F8B-88BA-8DCB202E9A29}C:\program files (x86)\starcraft ii\versions\base44983\sc2_x64.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base44983\sc2_x64.exe
FirewallRules: [UDP Query User{9F4325B5-D02A-4483-91D0-5EC10DFC8B4E}C:\program files (x86)\starcraft ii\versions\base44983\sc2_x64.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base44983\sc2_x64.exe
FirewallRules: [{65E48A8E-AA8A-40BF-B5A1-55D6A098A58B}] => (Allow) D:\Program Files\steamapps\common\FTL Faster Than Light\FTLGame.exe
FirewallRules: [{1CCCC589-15E6-4049-BECD-78249F465FC4}] => (Allow) D:\Program Files\steamapps\common\FTL Faster Than Light\FTLGame.exe
FirewallRules: [{F821F898-C9B2-4195-BAA9-1EF43B49DD36}] => (Allow) C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv.exe
FirewallRules: [{CBD5C60D-77EA-4527-8D86-A8B2B4FF4515}] => (Allow) C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv.exe
FirewallRules: [{6FD091B4-4ED2-4CAE-A7BD-C581A6FBAD91}] => (Allow) D:\Program Files\steamapps\common\firstassault\Shipping\nxsteam.exe
FirewallRules: [{160BE9A6-43B6-43A1-8526-66E4698B3874}] => (Allow) D:\Program Files\steamapps\common\firstassault\Shipping\nxsteam.exe
FirewallRules: [{1F0E3D8E-564A-483B-BC9C-5B0C54885A2F}] => (Allow) D:\Program Files\steamapps\common\No Man's Sky\Binaries\NMS.exe
FirewallRules: [{7C0704A1-D58A-4021-8E3A-51379704204E}] => (Allow) D:\Program Files\steamapps\common\No Man's Sky\Binaries\NMS.exe
==================== Restore Points =========================
10-08-2016 15:54:41 Windows Update
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (08/12/2016 11:30:10 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: ALEXSPC)
Description: Activation of app Microsoft.WindowsMaps_8wekyb3d8bbwe!App failed with error: -2144927148 See the Microsoft-Windows-TWinUI/Operational log for additional information.
Error: (08/12/2016 01:23:35 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: NMS.exe, version: 0.1.0.0, time stamp: 0x57ade3e9
Faulting module name: ntdll.dll, version: 10.0.10586.306, time stamp: 0x571af2eb
Exception code: 0xc0000374
Fault offset: 0x00000000000ee6fc
Faulting process id: 0x10f0
Faulting application start time: 0xNMS.exe0
Faulting application path: NMS.exe1
Faulting module path: NMS.exe2
Report Id: NMS.exe3
Faulting package full name: NMS.exe4
Faulting package-relative application ID: NMS.exe5
Error: (08/12/2016 12:57:53 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: ALEXSPC)
Description: Activation of app Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy!App failed with error: -2144927141 See the Microsoft-Windows-TWinUI/Operational log for additional information.
Error: (08/10/2016 03:54:42 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol.
System Error:
Access is denied.
.
Error: (08/09/2016 01:50:02 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: ALEXSPC)
Description: Activation of app Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI failed with error: -2144927141 See the Microsoft-Windows-TWinUI/Operational log for additional information.
Error: (08/06/2016 11:50:53 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: WmiApRplC:\WINDOWS\system32\wbem\wmiaprpl.dll4
Error: (08/06/2016 11:50:53 PM) (Source: Perflib) (EventID: 1023) (User: )
Description: rdyboost4
Error: (08/06/2016 11:50:53 PM) (Source: PerfNet) (EventID: 2004) (User: )
Description:
Error: (08/06/2016 11:50:53 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: MSDTCC:\WINDOWS\system32\msdtcuiu.DLL4
Error: (08/06/2016 11:50:53 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: LsaC:\Windows\System32\Secur32.dll4
System errors:
=============
Error: (08/12/2016 04:38:11 PM) (Source: DCOM) (EventID: 10010) (User: ALEXSPC)
Description: {F9717507-6651-4EDB-BFF7-AE615179BCCF}
Error: (08/12/2016 04:38:11 PM) (Source: DCOM) (EventID: 10010) (User: ALEXSPC)
Description: {F9717507-6651-4EDB-BFF7-AE615179BCCF}
Error: (08/12/2016 04:38:09 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The User Data Access_3a7c5 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.
Error: (08/12/2016 04:38:09 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The User Data Storage_3a7c5 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.
Error: (08/12/2016 04:38:09 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Contact Data_3a7c5 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.
Error: (08/12/2016 04:38:09 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Sync Host_3a7c5 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.
Error: (08/12/2016 03:28:51 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The BlueStacks Log Rotator Service service terminated unexpectedly. It has done this 1 time(s).
Error: (08/12/2016 12:57:53 AM) (Source: DCOM) (EventID: 10010) (User: ALEXSPC)
Description: App.AppXryc2qd338f5728r9gzzazav8206ba77s.mca
Error: (08/12/2016 12:57:52 AM) (Source: DCOM) (EventID: 10010) (User: ALEXSPC)
Description: {F9717507-6651-4EDB-BFF7-AE615179BCCF}
Error: (08/12/2016 12:57:52 AM) (Source: DCOM) (EventID: 10010) (User: ALEXSPC)
Description: {F9717507-6651-4EDB-BFF7-AE615179BCCF}
CodeIntegrity:
===================================
Date: 2016-08-10 23:01:07.707
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-07-27 00:48:50.492
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-07-23 19:05:25.092
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-07-17 21:43:58.390
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-07-15 12:54:02.209
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-07-14 22:40:27.858
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-07-13 00:13:37.032
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Raptr Inc\Raptr\ltc_help64-112884.dll that did not meet the Store signing level requirements.
Date: 2016-07-09 18:48:59.483
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Raptr Inc\Raptr\ltc_help64-112884.dll that did not meet the Store signing level requirements.
Date: 2016-07-01 00:17:31.286
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-06-29 22:07:14.183
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
==================== Memory info ===========================
Processor: Intel® Core i7-4790 CPU @ 3.60GHz
Percentage of memory in use: 30%
Total physical RAM: 16295.52 MB
Available physical RAM: 11376.21 MB
Total Virtual: 18727.52 MB
Available Virtual: 12854.27 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:232.44 GB) (Free:115.22 GB) NTFS
Drive d: (System Reserved) (Fixed) (Total:931.51 GB) (Free:611.86 GB) NTFS ==>[system with boot components (obtained from drive)]
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 59C3683A)
Partition 1: (Active) - (Size=931.5 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 232.9 GB) (Disk ID: 59C36822)
Partition 1: (Not Active) - (Size=232.4 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=450 MB) - (Type=27)
==================== End of Addition.txt ============================Additional scan result of Farbar Recovery Scan Tool (x64) Version: 11-08-2016 01
Ran by Alex (2016-08-12 23:32:12)
Running from C:\Users\Alex\Downloads
Windows 10 Home Version 1511 (X64) (2016-06-23 03:58:29)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-482574108-2876646391-2450146034-500 - Administrator - Disabled)
Alex (S-1-5-21-482574108-2876646391-2450146034-1001 - Administrator - Enabled) => C:\Users\Alex
DefaultAccount (S-1-5-21-482574108-2876646391-2450146034-503 - Limited - Disabled)
Guest (S-1-5-21-482574108-2876646391-2450146034-501 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
ACP Application (Version: 2016.0321.0955.20 - Advanced Micro Devices, Inc.) Hidden
Active Directory Authentication Library for SQL Server (Version: 13.0.1601.5 - Microsoft Corporation) Hidden
Active Directory Authentication Library for SQL Server (x86) (x32 Version: 13.0.1601.5 - Microsoft Corporation) Hidden
AMD Install Manager (HKLM\...\AMD Catalyst Install Manager) (Version: 9.0.000.4 - Advanced Micro Devices, Inc.)
AMD Settings (HKLM\...\WUCCCApp) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.)
Application Insights Tools for Visual Studio 2015 (HKLM-x32\...\{0E4C791E-B78E-477D-BD5A-CDD0985BA6EC}) (Version: 7.0.20622.1 - Microsoft Corporation)
Azure AD Authentication Connected Service (x32 Version: 14.0.25420 - Microsoft Corporation) Hidden
AzureTools.Notifications (x32 Version: 2.7.30611.1601 - Microsoft Corporation) Hidden
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Bethesda.net Launcher (HKLM-x32\...\{3448917E-E4FE-4E30-9502-9FD52EABB6F5}_is1) (Version: 1.0 - Bethesda Softworks)
BitTorrent (HKU\S-1-5-21-482574108-2876646391-2450146034-1001\...\BitTorrent) (Version: 7.9.7.42331 - BitTorrent Inc.)
Blend for Visual Studio SDK for .NET 4.5 (x32 Version: 3.0.40218.0 - Microsoft Corporation) Hidden
BlueStacks App Player (HKLM-x32\...\BlueStacks) (Version: 2.3.37.6239 - BlueStack Systems, Inc.)
Catalyst Control Center Next Localization BR (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Corsair Utility Engine (HKLM-x32\...\{46A3EEB3-8F6F-4BC4-9A53-CDE33D089D08}) (Version: 1.16.42 - Corsair)
Diablo III (HKLM-x32\...\Diablo III) (Version: - Blizzard Entertainment)
Discord (HKU\S-1-5-21-482574108-2876646391-2450146034-1001\...\Discord) (Version: 0.0.295 - Hammer & Chisel, Inc.)
Dotfuscator and Analytics Community Edition 5.22.0 (x32 Version: 5.22.0.3788 - PreEmptive Solutions) Hidden
Enter the Gungeon (HKLM\...\Steam App 311690) (Version: - Dodge Roll)
Entity Framework 6.1.3 Tools for Visual Studio 2015 Update 1 (HKLM-x32\...\{2A56910C-69C8-495D-8ED8-9080F0A14E58}) (Version: 14.0.41103.0 - Microsoft Corporation)
FTL: Faster Than Light (HKLM\...\Steam App 212680) (Version: - Subset Games)
Garry's Mod (HKLM\...\Steam App 4000) (Version: - Facepunch Studios)
Ghost in the Shell Stand Alone Complex First Assault Online (HKLM\...\Steam App 369200) (Version: - Neople)
Golf With Your Friends (HKLM\...\Steam App 431240) (Version: - Blacklight Interactive)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 52.0.2743.116 - Google Inc.)
Google Update Helper (x32 Version: 1.3.31.5 - Google Inc.) Hidden
Heroes of the Storm (HKLM-x32\...\Heroes of the Storm) (Version: - Blizzard Entertainment)
IIS 10.0 Express (HKLM\...\{13FD7E30-D2F1-498D-ABC2-A4242DB6610E}) (Version: 10.0.1736 - Microsoft Corporation)
IIS Express Application Compatibility Database for x64 (HKLM\...\{08274920-8908-45c2-9258-8ad67ff77b09}.sdb) (Version: - )
IIS Express Application Compatibility Database for x86 (HKLM\...\{ad846bae-d44b-4722-abad-f7420e08bcd9}.sdb) (Version: - )
League of Legends (HKLM-x32\...\League of Legends 4.1.2) (Version: 4.1.2 - Riot Games)
League of Legends (x32 Version: 4.1.2 - Riot Games) Hidden
Lightshot-5.4.0.1 (HKLM-x32\...\{30A5B3C9-2084-4063-A32A-628A98DE512B}_is1) (Version: 5.4.0.1 - Skillbrains)
Logitech Gaming Software 8.76 (HKLM\...\Logitech Gaming Software) (Version: 8.76.155 - Logitech Inc.)
LSI - LoL Summoner Information (HKLM-x32\...\{62B332E9-239D-4692-BDE2-0CC1CF2833DA}_is1) (Version: v4.15.0 - Aequus Gaming Ltd.)
Malwarebytes Anti-Malware version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Microsoft .NET Framework 4.5 Multi-Targeting Pack (HKLM-x32\...\{56E962F0-4FB0-3C67-88DB-9EAA6EEFC493}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (ENU) (HKLM-x32\...\{D3517C62-68A5-37CF-92F7-93C029A89681}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (HKLM-x32\...\{6A0C6700-EA93-372C-8871-DCCF13D160A4}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 SDK (HKLM-x32\...\{19A5926D-66E1-46FC-854D-163AA10A52D3}) (Version: 4.5.51641 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 Multi-Targeting Pack (ENU) (HKLM-x32\...\{290FC320-2F5A-329E-8840-C4193BD7A9EE}) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 Multi-Targeting Pack (HKLM-x32\...\{19E8AE59-4D4A-3534-B567-6CC08FA4102E}) (Version: 4.5.51651 - Microsoft Corporation)
Microsoft .NET Framework 4.6 SDK (HKLM-x32\...\{B5915D37-0637-4A26-A3AA-C5DC9F856370}) (Version: 4.6.00081 - Microsoft Corporation)
Microsoft .NET Framework 4.6 Targeting Pack (ENU) (HKLM-x32\...\{034547E9-D8FA-49E7-8B9C-4C9861FB9146}) (Version: 4.6.00127 - Microsoft Corporation)
Microsoft .NET Framework 4.6 Targeting Pack (HKLM-x32\...\{2CC6A4A7-AAC2-46C9-9DBB-3727B5954F65}) (Version: 4.6.00081 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 SDK (HKLM-x32\...\{2F0ECC80-B9E4-4485-8083-CD32F22ABD92}) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 Targeting Pack (ENU) (HKLM-x32\...\{8EEB28EE-5141-411C-9CF0-9952264FE4AF}) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 Targeting Pack (HKLM-x32\...\{8BC3EEC9-090F-4C53-A8DA-1BEC913040F9}) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Version Manager (x64) 1.0.0-beta5 (HKLM\...\{c5a4aba3-1aba-3ef8-b2d5-c3fa37f59738}) (Version: 1.0.10609.0 - Microsoft Corporation)
Microsoft Help Viewer 2.2 (HKLM-x32\...\Microsoft Help Viewer 2.2) (Version: 2.2.25420 - Microsoft Corporation)
Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.20513.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Command Line Utilities (HKLM\...\{9D573E71-1077-4C7E-B4DB-4E22A5D2B48B}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client (HKLM\...\{49D665A2-4C2A-476E-9AB8-FCC425F526FC}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2014 Management Objects (HKLM-x32\...\{2774595F-BC2A-4B12-A25B-0C37A37049B0}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 Management Objects (x64) (HKLM\...\{1F9EB3B6-AED7-4AA7-B8F1-8E314B74B2A5}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 Transact-SQL ScriptDom (HKLM\...\{020CDFE0-C127-4047-B571-37C82396B662}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 T-SQL Language Service (HKLM-x32\...\{47D08E7A-92A1-489B-B0BF-415516497BCE}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2016 LocalDB (HKLM\...\{E359515A-92E6-4FA3-A2C9-E1BA02D8DE6E}) (Version: 13.0.1601.5 - Microsoft Corporation)
Microsoft SQL Server 2016 Management Objects (HKLM-x32\...\{0F1C8E2F-199A-4946-B3BF-0906DACFD032}) (Version: 13.0.1601.5 - Microsoft Corporation)
Microsoft SQL Server 2016 Management Objects (x64) (HKLM\...\{20EA85AA-2A1D-4F11-B09F-4BA2BF3C8989}) (Version: 13.0.1601.5 - Microsoft Corporation)
Microsoft SQL Server 2016 T-SQL Language Service (HKLM-x32\...\{8BFDE775-C5B8-46DB-84EF-43FFC8A2E8AD}) (Version: 13.0.14500.10 - Microsoft Corporation)
Microsoft SQL Server 2016 T-SQL ScriptDom (HKLM\...\{D091DE8C-EA0F-49AF-8DE3-BD6C79737C6E}) (Version: 13.0.1601.5 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 SP1 x64 ENU (HKLM\...\{78909610-D229-459C-A936-25D92283D3FD}) (Version: 4.0.8876.1 - Microsoft Corporation)
Microsoft SQL Server Data Tools - enu (14.0.60519.0) (HKLM-x32\...\{4E27B0EF-7BAB-432A-AF3D-3FC8F3F7353F}) (Version: 14.0.60519.0 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2014 (HKLM\...\{FC3BB979-AA54-4B60-BBA3-2C4DA6E08D80}) (Version: 12.0.2402.29 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2014 (HKLM-x32\...\{091CE6AA-2753-4F6E-AD1C-0E875744EB54}) (Version: 12.0.2402.29 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2016 (HKLM\...\{96EB5054-C775-4BEF-B7B9-AA96A295EDCD}) (Version: 13.0.1601.5 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2016 (HKLM-x32\...\{84C23ECA-FE4D-494F-9247-3EBAD57E7F0C}) (Version: 13.0.1601.5 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 Redistributable - x64 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 Redistributable - x86 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24210 (HKLM-x32\...\{f144e08f-9cbe-4f09-9a8c-f2b858b7ee7f}) (Version: 14.0.24210.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24210 (HKLM-x32\...\{23658c02-145e-483d-ba6b-1eb82c580529}) (Version: 14.0.24210.0 - Microsoft Corporation)
Microsoft Visual Studio Community 2015 with Updates (HKLM-x32\...\{79b486b9-c5f0-4096-a00c-8351f59587c2}) (Version: 14.0.25420.1 - Microsoft Corporation)
Microsoft Web Deploy 3.6 (HKLM\...\{94E1227C-08A9-4962-B388-1F05D89AEA75}) (Version: 3.1238.1962 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Minecraft (HKLM-x32\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang)
MSBuild/NuGet Integration 14.0 (x86) (x32 Version: 14.0.25420 - Microsoft Corporation) Hidden
Multi-Device Hybrid Apps using C# - Templates - ENU (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden
Necropolis (HKLM\...\Steam App 384490) (Version: - Harebrained Schemes)
No Man's Sky (HKLM\...\Steam App 275850) (Version: - Hello Games)
NVIDIA PhysX (HKLM-x32\...\{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}) (Version: 9.12.1031 - NVIDIA Corporation)
Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version: - )
Overwatch (HKLM-x32\...\Overwatch) (Version: - Blizzard Entertainment)
PAYDAY 2 (HKLM\...\Steam App 218620) (Version: - OVERKILL - a Starbreeze Studio.)
PlaysTV (HKLM-x32\...\PlaysTV) (Version: 1.13.1-r115223-release - Plays.tv, LLC)
PreEmptive Analytics Visual Studio Components (x32 Version: 1.2.5134.1 - PreEmptive Solutions) Hidden
Prerequisites for SSDT (HKLM-x32\...\{21373064-AD95-48DB-A32E-0D9E08EF7355}) (Version: 12.0.2000.8 - Microsoft Corporation)
Prerequisites for SSDT (HKLM-x32\...\{B7E94916-7AE6-4F7F-A377-7A410A42BA19}) (Version: 13.0.1601.5 - Microsoft Corporation)
ProxyGate version 3.0.0.1180 (HKU\S-1-5-21-482574108-2876646391-2450146034-1001\...\{1EC095EE-8CA3-43D6-B9F5-0C55B82ED3D7}}_is1) (Version: 3.0.0.1180 - Gold Click Ltd)
Raptr (HKLM-x32\...\Raptr) (Version: 5.2.5-r115042-release - Raptr, Inc)
Razer Chroma SDK Core Components (HKLM-x32\...\Razer Chroma SDK) (Version: 1.7.8 - Razer Inc.)
Razer Synapse (HKLM-x32\...\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 2.20.15.707 - Razer Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7727 - Realtek Semiconductor Corp.)
Riders of Icarus (HKLM\...\Steam App 442080) (Version: - WeMade)
Roslyn Language Services - x86 (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden
Roslyn Language Services - x86 (x32 Version: 14.0.25421 - Microsoft Corporation) Hidden
Skype™ 7.25 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.25.106 - Skype Technologies S.A.)
SmartApp (HKLM-x32\...\{F3BA5FBF-7DDE-416E-85FB-3D19AFEC8E63}) (Version: 3.1.2.53 - SmartApp)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Team Explorer for Microsoft Visual Studio 2015 Update 3 CTP1 (x32 Version: 14.98.25331 - Microsoft) Hidden
Test Tools for Microsoft Visual Studio 2015 (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden
The Binding of Isaac (HKLM\...\Steam App 113200) (Version: - Edmund McMillen and Florian Himsl)
The Elder Scrolls Legends (HKLM-x32\...\The Elder Scrolls Legends) (Version: - Bethesda Softworks)
TypeScript Power Tool (x32 Version: 1.8.34.0 - Microsoft Corporation) Hidden
TypeScript Tools for Microsoft Visual Studio 2015 (x32 Version: 1.8.34.0 - Microsoft Corporation) Hidden
Unity Web Player (HKU\S-1-5-21-482574108-2876646391-2450146034-1001\...\UnityWebPlayer) (Version: 5.3.6f1 - Unity Technologies ApS)
Update for (KB2504637) (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}.KB2504637) (Version: 1 - Microsoft Corporation)
Visual Studio 2015 Update 3 (KB3022398) (HKLM-x32\...\{7a68448b-9cf2-4049-bd73-5875f1aa7ba2}) (Version: 14.0.25420 - Microsoft Corporation)
VS Update core components (x32 Version: 14.0.25421 - Microsoft Corporation) Hidden
vs_update3notification (x32 Version: 14.0.25421 - Microsoft Corporation) Hidden
Vulkan Run Time Libraries 1.0.3.1 (HKLM\...\VulkanRT1.0.3.1) (Version: 1.0.3.1 - LunarG, Inc.)
WCF Data Services 5.6.4 Runtime (x32 Version: 5.6.62175.4 - Microsoft Corporation) Hidden
WCF Data Services Tools for Microsoft Visual Studio 2015 (x32 Version: 5.6.62175.4 - Microsoft Corporation) Hidden
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-482574108-2876646391-2450146034-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Alex\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\FileCoAuth.exe (Microsoft Corporation)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {209783C5-01E2-4A4E-8496-5138EF147B34} - System32\Tasks\{72380271-88CC-44AF-8B13-3E63831FE6CA} => pcalua.exe -a "C:\Program Files (x86)\Bluestacks\BluestacksUninstaller.exe" -c :tmp
Task: {39376A87-E01B-46F0-9D71-D768DC86AAA7} - \SessionAgent -> No File <==== ATTENTION
Task: {4BCC9587-D8A4-4FBE-A66E-63F55EDFD1A7} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-06-23] (Google Inc.)
Task: {4F7E9507-DF71-47EA-8C33-6E04A8819370} - System32\Tasks\{48E24B94-D2FA-4A14-BC2B-C979A719A2B5} => pcalua.exe -a "d:\program files\bethesda.net launcher\bethesdanetlauncher.exe" -c bethesdanet://uninstall/5
Task: {5DCC4201-0C7C-4870-9BCB-C8AA73B4687E} - System32\Tasks\Microsoft\VisualStudio\VSIX Auto Update 14 => D:\Program Files\Common7\IDE\VSIXAutoUpdate.exe [2016-06-20] (Microsoft Corporation)
Task: {634F0C50-C7FD-498F-A4A7-4913EA7E2A27} - System32\Tasks\{0AADCEBB-B6A9-43C6-A896-CE3BB8DF55B7} => pcalua.exe -a "d:\mygames\bethesda.net launcher\bethesdanetlauncher.exe" -c bethesdanet://uninstall/8
Task: {7F1252E4-D377-4294-86FD-FEF4D310E766} - System32\Tasks\{17D16A22-F131-4CD9-BBED-207B24FE040B} => pcalua.exe -a "C:\ProgramData\Battle.net\Agent\Blizzard Uninstaller.exe" -c --lang=enUS --uid=prometheus --displayname="Overwatch"
Task: {84B855BF-E24A-427B-8E8E-FEA069601A07} - System32\Tasks\update-sys => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [2014-11-28] ()
Task: {8724B2B5-4EA9-460C-A800-30CC467FFD5D} - System32\Tasks\SmartAppLiveUpdater => C:\Program Files (x86)\SmartApp\SmartAppLiveUpdater.exe [2016-07-19] ()
Task: {B8D13665-E4C4-46CA-ABDD-DC88013D02BB} - System32\Tasks\update-S-1-5-21-482574108-2876646391-2450146034-1001 => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [2014-11-28] ()
Task: {C08287CD-9F2C-41CE-A46C-FC3E8FEFF4F5} - System32\Tasks\AMD Updater => C:\Program Files\AMD\CIM\\Bin64\InstallManagerApp.exe [2016-03-21] (Advanced Micro Devices, Inc.)
Task: {EB3AC53A-2154-4FF7-93B6-4E9281F4ED9D} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-06-23] (Google Inc.)
Task: {FCB31082-A7B6-424E-9531-6204CC7EBCFB} - System32\Tasks\SmartAppMonitor => C:\Program Files (x86)\SmartApp\SmartAppMonitor.exe [2016-07-19] (VertoAnalytics Oy)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\update-S-1-5-21-482574108-2876646391-2450146034-1001.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe
Task: C:\WINDOWS\Tasks\update-sys.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe
==================== Shortcuts =============================
(The entries could be listed to be restored or removed.)
ShortcutWithArgument: C:\Users\Alex\Desktop\TwitchAlerts Stream Labels.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=kgmggmdngboajiakmbpdknfpdelbjbcg
ShortcutWithArgument: C:\Users\Alex\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\TwitchAlerts Stream Labels.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=kgmggmdngboajiakmbpdknfpdelbjbcg
==================== Loaded Modules (Whitelisted) ==============
2015-10-30 03:18 - 2015-10-30 03:18 - 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2015-11-04 19:11 - 2015-11-04 19:12 - 00188072 _____ () C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
2016-07-12 23:50 - 2016-07-01 00:48 - 02656408 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-07-12 23:50 - 2016-07-01 00:48 - 02656408 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2016-06-23 00:00 - 2016-06-23 00:00 - 00959168 _____ () C:\Users\Alex\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64\ClientTelemetry.dll
2016-02-13 08:54 - 2016-02-13 08:54 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll
2016-07-12 23:51 - 2016-06-30 23:48 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2016-07-12 23:50 - 2016-06-30 23:27 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-07-12 23:50 - 2016-06-30 23:21 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-07-12 23:50 - 2016-06-30 23:22 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-07-12 23:50 - 2016-06-30 23:24 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2015-06-25 19:34 - 2015-06-25 19:34 - 00014336 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll
2015-06-25 19:37 - 2015-06-25 19:37 - 00739840 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll
2015-06-25 19:35 - 2015-06-25 19:35 - 00014336 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll
2015-06-25 19:38 - 2015-06-25 19:38 - 00071168 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll
2015-06-25 18:53 - 2015-06-25 18:53 - 00011776 _____ () C:\Program Files\AMD\CNext\CNext\libEGL.dll
2015-06-25 18:51 - 2015-06-25 18:51 - 02013696 _____ () C:\Program Files\AMD\CNext\CNext\libGLESv2.dll
2015-03-06 20:07 - 2015-03-06 20:07 - 00908568 _____ () C:\Program Files\Logitech Gaming Software\libGLESv2.dll
2015-11-20 17:41 - 2015-11-20 17:41 - 01095448 _____ () C:\Program Files\Logitech Gaming Software\platforms\qwindows.dll
2015-03-06 20:07 - 2015-03-06 20:07 - 00060184 _____ () C:\Program Files\Logitech Gaming Software\libEGL.dll
2015-11-20 17:41 - 2015-11-20 17:41 - 00240408 _____ () C:\Program Files\Logitech Gaming Software\imageformats\qjpeg.dll
2016-06-14 22:39 - 2016-06-14 22:39 - 00298448 _____ () C:\ProgramData\Razer\Synapse\RzStats\RzStats.Manager.exe
2016-08-08 20:18 - 2016-08-02 19:41 - 02366280 _____ () C:\Program Files (x86)\Google\Chrome\Application\52.0.2743.116\libglesv2.dll
2016-08-08 20:18 - 2016-08-02 19:40 - 00107848 _____ () C:\Program Files (x86)\Google\Chrome\Application\52.0.2743.116\libegl.dll
2015-11-30 02:07 - 2015-11-30 02:07 - 00138752 _____ () C:\Program Files\ATI Technologies\ATI.ACE\A4\AdaptiveSleepService.exe
2016-04-01 15:31 - 2016-04-01 15:31 - 01308224 _____ () C:\Riot Games\League of Legends\RADS\system\rads_user_kernel.exe
2016-07-26 12:28 - 2016-07-26 12:28 - 02417144 _____ () C:\Riot Games\League of Legends\RADS\projects\lol_launcher\releases\0.0.1.24\deploy\LoLLauncher.exe
2016-07-26 12:28 - 2016-07-26 12:28 - 04702712 _____ () C:\Riot Games\League of Legends\RADS\projects\lol_patcher\releases\0.0.0.64\deploy\LoLPatcher.exe
2015-12-12 16:34 - 2015-12-12 16:34 - 00074752 _____ () C:\Riot Games\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.211\deploy\LolClient.exe
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2015-10-30 03:24 - 2016-06-28 20:55 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-482574108-2876646391-2450146034-1001\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
HKLM\...\StartupApproved\Run32: => "PlaysTV"
HKU\S-1-5-21-482574108-2876646391-2450146034-1001\...\StartupApproved\Run: => "BlueStacks Agent"
HKU\S-1-5-21-482574108-2876646391-2450146034-1001\...\StartupApproved\Run: => "Skype"
HKU\S-1-5-21-482574108-2876646391-2450146034-1001\...\StartupApproved\Run: => "Discord"
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [TCP Query User{F3821F34-CC6E-4E36-80EB-7DBE3B27408B}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe
FirewallRules: [UDP Query User{109544A9-56C8-4CF4-8899-0660C345CD8F}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe
FirewallRules: [{E666E68B-CBAF-474F-956E-B678ACCA2BEE}] => (Allow) D:\Program Files\Steam.exe
FirewallRules: [{0EB782BD-70F3-4847-B4A2-58C58FFE54C2}] => (Allow) D:\Program Files\Steam.exe
FirewallRules: [{46A8F05A-D583-4C15-A9EC-1AFCA3B20344}] => (Allow) D:\Program Files\bin\steamwebhelper.exe
FirewallRules: [{795974DE-55F4-423D-B661-4A89FCA927B3}] => (Allow) D:\Program Files\bin\steamwebhelper.exe
FirewallRules: [TCP Query User{5C79A667-496E-4E53-8871-5596B8775263}C:\program files (x86)\overwatch\overwatch.exe] => (Allow) C:\program files (x86)\overwatch\overwatch.exe
FirewallRules: [UDP Query User{F1036AB9-80D3-4247-9972-662524568B80}C:\program files (x86)\overwatch\overwatch.exe] => (Allow) C:\program files (x86)\overwatch\overwatch.exe
FirewallRules: [{8053B95C-D354-48BB-BE1F-13D51294EC36}] => (Allow) C:\ProgramData\BlueStacksGameManager\OBS\HD-OBS.exe
FirewallRules: [{7D6BDA0A-7615-43A8-AB79-6003B3A15303}] => (Allow) C:\ProgramData\BlueStacksGameManager\OBS\HD-OBS.exe
FirewallRules: [{09CD4A7A-2336-4F6A-8E65-FD787D9F0338}] => (Allow) D:\Program Files\steamapps\common\H1Z1 King of the Kill\LaunchPad.exe
FirewallRules: [{3307C4F2-7DC6-4CAE-871D-E3C4E876640B}] => (Allow) D:\Program Files\steamapps\common\H1Z1 King of the Kill\LaunchPad.exe
FirewallRules: [{3BE52819-47BA-48A3-88CF-5794CA833FA8}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{1EEF1C58-36AA-4E37-973F-DE5E084036F6}] => (Allow) D:\Program Files\steamapps\common\Borderlands 2\Binaries\Win32\Launcher.exe
FirewallRules: [{E6170835-893A-4C71-8D54-C62CE5818BC7}] => (Allow) D:\Program Files\steamapps\common\Borderlands 2\Binaries\Win32\Launcher.exe
FirewallRules: [{1E1EAAA6-9F72-44CA-A622-9ABFDE8BDE0C}] => (Allow) D:\Program Files\steamapps\common\Borderlands 2\Binaries\Win32\Borderlands2.exe
FirewallRules: [{9C2D7E88-990C-4F95-AF62-F2B27E9B3CCF}] => (Allow) D:\Program Files\steamapps\common\Borderlands 2\Binaries\Win32\Borderlands2.exe
FirewallRules: [{95FA5F07-84C8-41E0-A96E-4363A4D6A9D5}] => (Allow) D:\Program Files\Common7\IDE\devenv.exe
FirewallRules: [{0F17E784-9FBF-473A-BB61-7CA7DA5FEC8D}] => (Allow) D:\Program Files\steamapps\common\Enter the Gungeon\EtG.exe
FirewallRules: [{51EE83C2-799F-4956-A0FE-665EBA3732D3}] => (Allow) D:\Program Files\steamapps\common\Enter the Gungeon\EtG.exe
FirewallRules: [TCP Query User{04BDC280-8B25-4DDF-8C9D-F1DA25995260}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{123E48FC-FF7C-4630-B553-8BC55F875E3C}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [{6FA80EAA-D7AD-4DD7-BDBF-857F10F40CFA}] => (Allow) D:\Program Files\steamapps\common\Necropolis\Necropolis.exe
FirewallRules: [{03262332-FD4F-44AF-90D5-1A13FF3747C0}] => (Allow) D:\Program Files\steamapps\common\Necropolis\Necropolis.exe
FirewallRules: [TCP Query User{11F09761-93E2-4CD6-AC69-1B345548F5DD}C:\program files (x86)\bitlord\bitlord.exe] => (Allow) C:\program files (x86)\bitlord\bitlord.exe
FirewallRules: [UDP Query User{6EFFB89E-9052-40AA-97B6-C9EDCF6922FF}C:\program files (x86)\bitlord\bitlord.exe] => (Allow) C:\program files (x86)\bitlord\bitlord.exe
FirewallRules: [{A840BD21-C554-4096-A815-761DA30984ED}] => (Allow) C:\Users\Alex\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{DEA6E8E0-0E9D-45B0-B60F-948EEA5B9423}] => (Allow) C:\Users\Alex\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{1423BF4C-23D8-47D4-86EE-A59486EDE905}] => (Allow) C:\Users\Alex\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{1E0FE48B-2D75-41CB-822D-9EB9F07D02AA}] => (Allow) C:\Users\Alex\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{4B4649A6-8BAC-40D0-9DB9-0DE4CB9D42C3}] => (Allow) C:\Users\Alex\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{5FCBA658-F134-43D3-8749-A1D7CD2E43B1}] => (Allow) C:\Users\Alex\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [TCP Query User{F90643C9-214B-4B64-B83E-5955D08EFABE}D:\r.g. catalyst\xcom 2\binaries\win64\xcom2.exe] => (Allow) D:\r.g. catalyst\xcom 2\binaries\win64\xcom2.exe
FirewallRules: [UDP Query User{3F6206DA-F60B-488D-B77F-42CCC05C0FF3}D:\r.g. catalyst\xcom 2\binaries\win64\xcom2.exe] => (Allow) D:\r.g. catalyst\xcom 2\binaries\win64\xcom2.exe
FirewallRules: [TCP Query User{DFBE9F09-A34E-4F2A-A32D-2BAAF3036928}D:\program files\steamapps\common\grand theft auto v\gta5.exe] => (Allow) D:\program files\steamapps\common\grand theft auto v\gta5.exe
FirewallRules: [UDP Query User{15178F20-B741-4595-8706-71B3109CAAA8}D:\program files\steamapps\common\grand theft auto v\gta5.exe] => (Allow) D:\program files\steamapps\common\grand theft auto v\gta5.exe
FirewallRules: [{89C63A50-D4D9-4749-802E-CC37975BA183}] => (Allow) D:\Program Files\steamapps\common\EvolveGame\bin64_SteamRetail\Evolve.exe
FirewallRules: [{F8FA1393-795D-4AA8-93D7-9DEDD2A96CC9}] => (Allow) D:\Program Files\steamapps\common\EvolveGame\bin64_SteamRetail\Evolve.exe
FirewallRules: [TCP Query User{43F6FB40-43BB-45D4-B311-073229C3E646}D:\program files\steamapps\common\shatteredskies\launcher.exe.new.exe] => (Allow) D:\program files\steamapps\common\shatteredskies\launcher.exe.new.exe
FirewallRules: [UDP Query User{A5A7998A-531C-433A-9517-84A3A6D9DBA3}D:\program files\steamapps\common\shatteredskies\launcher.exe.new.exe] => (Allow) D:\program files\steamapps\common\shatteredskies\launcher.exe.new.exe
FirewallRules: [TCP Query User{9A5921FE-A72C-483F-AB34-9DF49B5D205D}D:\program files\steamapps\common\shatteredskies\shatteredskies.exe] => (Allow) D:\program files\steamapps\common\shatteredskies\shatteredskies.exe
FirewallRules: [UDP Query User{81642C3F-1818-436C-B794-C362C9336226}D:\program files\steamapps\common\shatteredskies\shatteredskies.exe] => (Allow) D:\program files\steamapps\common\shatteredskies\shatteredskies.exe
FirewallRules: [TCP Query User{5A73C8AC-796E-450B-B49A-8EF51391CB53}D:\games\hearthstone\hearthstone.exe] => (Allow) D:\games\hearthstone\hearthstone.exe
FirewallRules: [UDP Query User{363E62CA-8251-4F17-B611-4FEE8154C13C}D:\games\hearthstone\hearthstone.exe] => (Allow) D:\games\hearthstone\hearthstone.exe
FirewallRules: [{B854A948-8B81-4E01-BC62-CACE71DBDB47}] => (Allow) D:\Program Files\steamapps\common\Golf With Your Friends\Golf With Your Friends.exe
FirewallRules: [{3B7CBB59-A35E-4FDD-B8EE-52A0B21ECFEB}] => (Allow) D:\Program Files\steamapps\common\Golf With Your Friends\Golf With Your Friends.exe
FirewallRules: [{2C34A8CE-5C63-427C-82B4-FE0A6C2AC285}] => (Allow) C:\Program Files (x86)\Battle.net\Agent\Agent.2328\Agent.exe
FirewallRules: [{9949C6E6-6E28-4266-8911-1D95BF514AB3}] => (Allow) C:\Program Files (x86)\Battle.net\Agent\Agent.2328\Agent.exe
FirewallRules: [{BB21843B-3825-4419-AEBF-2D1881411CFB}] => (Allow) D:\Program Files\steamapps\common\PAYDAY 2\payday2_win32_release.exe
FirewallRules: [{1EF9BE16-0819-42B6-9D00-A98001DFC34F}] => (Allow) D:\Program Files\steamapps\common\PAYDAY 2\payday2_win32_release.exe
FirewallRules: [TCP Query User{6432A5AF-7C9D-43FA-986D-1F0655C81307}C:\program files (x86)\heroes of the storm\versions\base44941\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base44941\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{997199BA-C68E-4917-913C-0AB4C860EB18}C:\program files (x86)\heroes of the storm\versions\base44941\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base44941\heroesofthestorm_x64.exe
FirewallRules: [{710AD082-CCE0-4BA5-975D-2A6079A9EE06}] => (Allow) D:\Program Files\steamapps\common\WeHappyFew\GlimpseGame\Binaries\Win64\GlimpseGame.exe
FirewallRules: [{1A8AE1FD-480E-46FD-8D18-A7F9383A9D9C}] => (Allow) D:\Program Files\steamapps\common\WeHappyFew\GlimpseGame\Binaries\Win64\GlimpseGame.exe
FirewallRules: [TCP Query User{3440BF39-FF11-4DD4-9430-646CD02849E8}C:\users\alex\appdata\local\pokemon\app-0.1.5\pokemon go live map.exe] => (Allow) C:\users\alex\appdata\local\pokemon\app-0.1.5\pokemon go live map.exe
FirewallRules: [UDP Query User{D7C8AB7B-7D41-4A12-9DBD-F75642190927}C:\users\alex\appdata\local\pokemon\app-0.1.5\pokemon go live map.exe] => (Allow) C:\users\alex\appdata\local\pokemon\app-0.1.5\pokemon go live map.exe
FirewallRules: [TCP Query User{B1AB9472-439F-4043-9572-451E25157900}C:\program files (x86)\diablo iii\diablo iii.exe] => (Allow) C:\program files (x86)\diablo iii\diablo iii.exe
FirewallRules: [UDP Query User{D26B4CBB-3919-44D3-91CB-9A10D2DEAA9A}C:\program files (x86)\diablo iii\diablo iii.exe] => (Allow) C:\program files (x86)\diablo iii\diablo iii.exe
FirewallRules: [{C874D096-EE94-4A65-BB26-18D8C8F1E752}] => (Allow) D:\Program Files\steamapps\common\GarrysMod\hl2.exe
FirewallRules: [{4372CBE1-C229-472C-980F-67740876D5F8}] => (Allow) D:\Program Files\steamapps\common\GarrysMod\hl2.exe
FirewallRules: [{05058520-6CA9-4835-BAE9-E2F05083B1E1}] => (Allow) D:\Program Files\steamapps\common\firstassault\Shipping\GAME.exe
FirewallRules: [{DBC74ABE-470A-4F9E-845A-EBB02995EA9C}] => (Allow) D:\Program Files\steamapps\common\firstassault\Shipping\GAME.exe
FirewallRules: [{FC1E674D-801F-4E6E-8E3F-BA60F26169AA}] => (Allow) D:\Program Files\steamapps\common\The Binding Of Isaac\Isaac.exe
FirewallRules: [{71C8696B-590C-4BD4-9E04-6F0E911F968D}] => (Allow) D:\Program Files\steamapps\common\The Binding Of Isaac\Isaac.exe
FirewallRules: [{D695799F-6F8A-4942-B508-6135FACB1A2B}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe
FirewallRules: [{55E2BD0C-2C2D-4793-92D9-8EA9F13B0E3E}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe
FirewallRules: [{E246C51E-D6E1-4C68-9372-5D8E977C8F80}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe
FirewallRules: [{D86EEABF-61C7-469E-ABC1-C898801A92EB}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe
FirewallRules: [{42A710E3-B797-4567-B4DD-55C9C40D8959}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [TCP Query User{53AEB4F6-BED8-4F8B-88BA-8DCB202E9A29}C:\program files (x86)\starcraft ii\versions\base44983\sc2_x64.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base44983\sc2_x64.exe
FirewallRules: [UDP Query User{9F4325B5-D02A-4483-91D0-5EC10DFC8B4E}C:\program files (x86)\starcraft ii\versions\base44983\sc2_x64.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base44983\sc2_x64.exe
FirewallRules: [{65E48A8E-AA8A-40BF-B5A1-55D6A098A58B}] => (Allow) D:\Program Files\steamapps\common\FTL Faster Than Light\FTLGame.exe
FirewallRules: [{1CCCC589-15E6-4049-BECD-78249F465FC4}] => (Allow) D:\Program Files\steamapps\common\FTL Faster Than Light\FTLGame.exe
FirewallRules: [{F821F898-C9B2-4195-BAA9-1EF43B49DD36}] => (Allow) C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv.exe
FirewallRules: [{CBD5C60D-77EA-4527-8D86-A8B2B4FF4515}] => (Allow) C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv.exe
FirewallRules: [{6FD091B4-4ED2-4CAE-A7BD-C581A6FBAD91}] => (Allow) D:\Program Files\steamapps\common\firstassault\Shipping\nxsteam.exe
FirewallRules: [{160BE9A6-43B6-43A1-8526-66E4698B3874}] => (Allow) D:\Program Files\steamapps\common\firstassault\Shipping\nxsteam.exe
FirewallRules: [{1F0E3D8E-564A-483B-BC9C-5B0C54885A2F}] => (Allow) D:\Program Files\steamapps\common\No Man's Sky\Binaries\NMS.exe
FirewallRules: [{7C0704A1-D58A-4021-8E3A-51379704204E}] => (Allow) D:\Program Files\steamapps\common\No Man's Sky\Binaries\NMS.exe
==================== Restore Points =========================
10-08-2016 15:54:41 Windows Update
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (08/12/2016 11:30:10 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: ALEXSPC)
Description: Activation of app Microsoft.WindowsMaps_8wekyb3d8bbwe!App failed with error: -2144927148 See the Microsoft-Windows-TWinUI/Operational log for additional information.
Error: (08/12/2016 01:23:35 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: NMS.exe, version: 0.1.0.0, time stamp: 0x57ade3e9
Faulting module name: ntdll.dll, version: 10.0.10586.306, time stamp: 0x571af2eb
Exception code: 0xc0000374
Fault offset: 0x00000000000ee6fc
Faulting process id: 0x10f0
Faulting application start time: 0xNMS.exe0
Faulting application path: NMS.exe1
Faulting module path: NMS.exe2
Report Id: NMS.exe3
Faulting package full name: NMS.exe4
Faulting package-relative application ID: NMS.exe5
Error: (08/12/2016 12:57:53 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: ALEXSPC)
Description: Activation of app Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy!App failed with error: -2144927141 See the Microsoft-Windows-TWinUI/Operational log for additional information.
Error: (08/10/2016 03:54:42 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol.
System Error:
Access is denied.
.
Error: (08/09/2016 01:50:02 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: ALEXSPC)
Description: Activation of app Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI failed with error: -2144927141 See the Microsoft-Windows-TWinUI/Operational log for additional information.
Error: (08/06/2016 11:50:53 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: WmiApRplC:\WINDOWS\system32\wbem\wmiaprpl.dll4
Error: (08/06/2016 11:50:53 PM) (Source: Perflib) (EventID: 1023) (User: )
Description: rdyboost4
Error: (08/06/2016 11:50:53 PM) (Source: PerfNet) (EventID: 2004) (User: )
Description:
Error: (08/06/2016 11:50:53 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: MSDTCC:\WINDOWS\system32\msdtcuiu.DLL4
Error: (08/06/2016 11:50:53 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: LsaC:\Windows\System32\Secur32.dll4
System errors:
=============
Error: (08/12/2016 04:38:11 PM) (Source: DCOM) (EventID: 10010) (User: ALEXSPC)
Description: {F9717507-6651-4EDB-BFF7-AE615179BCCF}
Error: (08/12/2016 04:38:11 PM) (Source: DCOM) (EventID: 10010) (User: ALEXSPC)
Description: {F9717507-6651-4EDB-BFF7-AE615179BCCF}
Error: (08/12/2016 04:38:09 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The User Data Access_3a7c5 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.
Error: (08/12/2016 04:38:09 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The User Data Storage_3a7c5 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.
Error: (08/12/2016 04:38:09 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Contact Data_3a7c5 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.
Error: (08/12/2016 04:38:09 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Sync Host_3a7c5 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.
Error: (08/12/2016 03:28:51 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The BlueStacks Log Rotator Service service terminated unexpectedly. It has done this 1 time(s).
Error: (08/12/2016 12:57:53 AM) (Source: DCOM) (EventID: 10010) (User: ALEXSPC)
Description: App.AppXryc2qd338f5728r9gzzazav8206ba77s.mca
Error: (08/12/2016 12:57:52 AM) (Source: DCOM) (EventID: 10010) (User: ALEXSPC)
Description: {F9717507-6651-4EDB-BFF7-AE615179BCCF}
Error: (08/12/2016 12:57:52 AM) (Source: DCOM) (EventID: 10010) (User: ALEXSPC)
Description: {F9717507-6651-4EDB-BFF7-AE615179BCCF}
CodeIntegrity:
===================================
Date: 2016-08-10 23:01:07.707
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-07-27 00:48:50.492
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-07-23 19:05:25.092
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-07-17 21:43:58.390
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-07-15 12:54:02.209
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-07-14 22:40:27.858
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-07-13 00:13:37.032
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Raptr Inc\Raptr\ltc_help64-112884.dll that did not meet the Store signing level requirements.
Date: 2016-07-09 18:48:59.483
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Raptr Inc\Raptr\ltc_help64-112884.dll that did not meet the Store signing level requirements.
Date: 2016-07-01 00:17:31.286
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-06-29 22:07:14.183
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
==================== Memory info ===========================
Processor: Intel® Core i7-4790 CPU @ 3.60GHz
Percentage of memory in use: 30%
Total physical RAM: 16295.52 MB
Available physical RAM: 11376.21 MB
Total Virtual: 18727.52 MB
Available Virtual: 12854.27 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:232.44 GB) (Free:115.22 GB) NTFS
Drive d: (System Reserved) (Fixed) (Total:931.51 GB) (Free:611.86 GB) NTFS ==>[system with boot components (obtained from drive)]
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 59C3683A)
Partition 1: (Active) - (Size=931.5 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 232.9 GB) (Disk ID: 59C36822)
Partition 1: (Not Active) - (Size=232.4 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=450 MB) - (Type=27)
==================== End of Addition.txt ============================