Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Avast Error: Access denied (5)

Malware VBS Malware Gen Avast Malware bytes

  • Please log in to reply

#1
bartdavy

bartdavy

    New Member

  • Member
  • Pip
  • 2 posts

I downloaded a mod for a game that came with a .Exe and ran that to install the mod, 5 seconds later i get all of these Avast popups saying threat detect/blocked.  I immediately stop what i'm doing and do a full system scan, turns out the malware spread its self to directory in all of my opened programs and in windows files. I turned out to have 300 infected files and was able to eliminated all of them except for 14 of them, The ones i couldn't delete gave me the Avast Error: access denied (5), and Avast Error: Could not find the system files (2). I'm not exactly sure what it means Access denied, i tried looking up the problem and couldn't find much around uninstalling the whole thing, ( my guess is there are many different ways this can infect you and where it is located).

 

So far I've done a full system scan on Avast and a Boot scan, I also did a Threat scan in Malware bytes. I ran a FRST Scan like it suggested here on step 3, and saw that there is a program in the additions.txt files that is a bit suspicious to me, It stuck out to me because one the name "ph" I've downloaded anything on my computer with that name, it also had a version of 1.0.0, when i went to go see if i could find it in my programs and features i couldn't find it i'm not sure if it is a background program that could be harmful so i thought it would be worth talking about to get an opinion on it. 

 

I was wanting to know if i should even be worried about these files duplicating again, or if i should worry about deleting them or just leaving them? How would i go about removing them?

 

Screenshots of Errors:

https://gyazo.com/f5...f4053af16c93d2f

 

Operating system: Windows 10

 

Thanks for the help.


  • 0

Advertisements


#2
bartdavy

bartdavy

    New Member

  • Topic Starter
  • Member
  • Pip
  • 2 posts
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 23-02-2017 01
Ran by Bartdavy (administrator) on DESKTOP-LQ9RNMB (23-02-2017 15:53:05)
Running from C:\Users\Bartdavy\Desktop
Loaded Profiles: Bartdavy (Available Profiles: Bartdavy)
Platform: Windows 10 Education (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(The Within Network, LLC) C:\Windows\unsignedthemes.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\WTabletServicePro.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
() C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
() C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe
(Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
() C:\Windows\System32\PnkBstrA.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TabletUser.exe
(Wacom Technology) C:\Program Files\Tablet\Wacom\WacomHost.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TouchUser.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_Tablet.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Logitech Inc.) C:\Program Files\Logitech\Gaming Software\LWEMon.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
() C:\Program Files\ASUSTeKcomputer.Inc\SS2\UserInterface\SS2UILauncher.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
() C:\Program Files\ASUSTeKcomputer.Inc\SS2\UserInterface\SS2Svc32.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Nota Inc.) C:\Program Files (x86)\Gyazo\GyStation.exe
() C:\Program Files\ASUSTeKcomputer.Inc\SS2\UserInterface\x64\SS2Svc64.exe
(Hammer & Chisel, Inc.) C:\Users\Bartdavy\AppData\Local\Discord\app-0.0.297\Discord.exe
(Corsair Components, Inc.) C:\Program Files (x86)\CorsairLink4\CorsairLink4.exe
(Razer Inc.) C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe
(Acronis) C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
(Acronis International GmbH) C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Corsair Components, Inc.) C:\Program Files (x86)\CorsairLink4\CorsairLink4.Service.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
() C:\ProgramData\Razer\Synapse\RzStats\RzStats.Manager.exe
(Hammer & Chisel, Inc.) C:\Users\Bartdavy\AppData\Local\Discord\app-0.0.297\Discord.exe
(Razer, Inc.) C:\Program Files (x86)\Razer\InGameEngine\32bit\RazerIngameEngine.exe
(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\Taskmgr.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
==================== Registry (Whitelisted) ====================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [Start WingMan Profiler] => C:\Program Files\Logitech\Gaming Software\LWEMon.exe [190536 2010-06-14] (Logitech Inc.)
HKLM\...\Run: [Acronis Scheduler2 Service] => C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [570152 2014-08-14] (Acronis)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-07-01] (Adobe Systems Incorporated)
HKLM\...\Run: [ShadowPlay] => "C:\Windows\system32\rundll32.exe" C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [16293496 2016-09-29] (Logitech Inc.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8822528 2016-05-25] (Realtek Semiconductor)
HKLM\...\Run: [SS2UILauncher] => C:\Program Files\ASUSTeKcomputer.Inc\SS2\UserInterface\SS2UILauncher.exe [557072 2016-07-01] ()
HKLM\...\Run: [Malwarebytes TrayApp] => C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [2780112 2017-01-20] (Malwarebytes)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Razer Synapse] => C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [596640 2016-08-22] (Razer Inc.)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [26220296 2017-02-06] (Dropbox, Inc.)
HKLM-x32\...\Run: [Agile1pAgent] => C:\Program Files (x86)\1Password 4\Agile1pAgent.exe [4882360 2016-02-23] (AgileBits)
HKLM-x32\...\Run: [TrueImageMonitor.exe] => C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe [5319576 2015-09-15] (Acronis)
HKLM-x32\...\Run: [AcronisTibMounterMonitor] => C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe [691056 2015-07-19] (Acronis International GmbH)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2383040 2016-10-25] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2016-09-22] (Oracle Corporation)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [9080768 2017-01-26] (AVAST Software)
HKU\S-1-5-21-867934242-1038925789-3082475248-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27427808 2017-02-08] (Skype Technologies S.A.)
HKU\S-1-5-21-867934242-1038925789-3082475248-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2881824 2017-01-18] (Valve Corporation)
HKU\S-1-5-21-867934242-1038925789-3082475248-1001\...\Run: [MediaFire Tray] => C:\Users\Bartdavy\AppData\Local\MediaFire Desktop\mf_watch.exe [4075008 2016-05-06] () <===== ATTENTION
HKU\S-1-5-21-867934242-1038925789-3082475248-1001\...\Run: [Spotify Web Helper] => C:\Users\Bartdavy\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1555056 2016-09-19] (Spotify Ltd)
HKU\S-1-5-21-867934242-1038925789-3082475248-1001\...\Run: [Spotify] => C:\Users\Bartdavy\AppData\Roaming\Spotify\Spotify.exe [6937200 2016-09-19] (Spotify Ltd)
HKU\S-1-5-21-867934242-1038925789-3082475248-1001\...\Run: [TeamSpeak 3 Client] => C:\Program Files\TeamSpeak 3 Client\ts3client_win64.exe [14729496 2017-02-20] (TeamSpeak Systems GmbH)
HKU\S-1-5-21-867934242-1038925789-3082475248-1001\...\Run: [EvolveClient] => C:\Program Files\Echobit\Evolve\EvolveClient.exe [3334528 2016-01-23] (Echobit LLC)
HKU\S-1-5-21-867934242-1038925789-3082475248-1001\...\Run: [Gyazo] => C:\Program Files (x86)\Gyazo\GyStation.exe [5077792 2017-02-03] (Nota Inc.)
HKU\S-1-5-21-867934242-1038925789-3082475248-1001\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3044848 2017-01-20] (Electronic Arts)
HKU\S-1-5-21-867934242-1038925789-3082475248-1001\...\Run: [Overwolf] => C:\Program Files (x86)\Overwolf\OverwolfLauncher.exe [1057848 2017-02-20] ()
HKU\S-1-5-21-867934242-1038925789-3082475248-1001\...\Run: [CyberGhost] => "C:\Program Files\CyberGhost 5\CyberGhost.exe" /autostart /min
HKU\S-1-5-21-867934242-1038925789-3082475248-1001\...\Run: [Discord] => C:\Users\Bartdavy\AppData\Local\Discord\app-0.0.297\Discord.exe [64290304 2017-01-04] (Hammer & Chisel, Inc.)
HKU\S-1-5-21-867934242-1038925789-3082475248-1001\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-867934242-1038925789-3082475248-1001\...\Run: [CorsairLink4] => C:\Program Files (x86)\CorsairLink4\CorsairLink4.exe [17064656 2016-08-31] (Corsair Components, Inc.)
HKU\S-1-5-21-867934242-1038925789-3082475248-1001\...\Run: [TSMApplication] => C:\Program Files (x86)\TradeSkillMaster Application\app\TSMApplication.exe [1623040 2016-08-16] ()
HKU\S-1-5-21-867934242-1038925789-3082475248-1001\...\RunOnce: [Uninstall C:\Users\Bartdavy\AppData\Local\Microsoft\OneDrive\17.3.6302.0225\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Bartdavy\AppData\Local\Microsoft\OneDrive\17.3.6302.0225\amd64"
HKU\S-1-5-21-867934242-1038925789-3082475248-1001\...\RunOnce: [Uninstall C:\Users\Bartdavy\AppData\Local\Microsoft\OneDrive\17.3.6386.0412\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Bartdavy\AppData\Local\Microsoft\OneDrive\17.3.6386.0412\amd64"
ShellIconOverlayIdentifiers: [] -> {b5458932-3c8c-4131-ba1e-f0b5350e4e1e} => C:\Users\Bartdavy\AppData\Local\MediaFire Desktop\x64\MFShellIconOverlayError.dll [2016-05-06] ()
ShellIconOverlayIdentifiers: [] -> {b5458930-3c8c-4131-ba1e-f0b5350e4e1e} => C:\Users\Bartdavy\AppData\Local\MediaFire Desktop\x64\MFShellIconOverlaySynced.dll [2016-05-06] ()
ShellIconOverlayIdentifiers: [] -> {b5458934-3c8c-4131-ba1e-f0b5350e4e1e} => C:\Users\Bartdavy\AppData\Local\MediaFire Desktop\x64\MFShellIconOverlayReadOnly.dll [2016-05-06] ()
ShellIconOverlayIdentifiers: [] -> {b5458933-3c8c-4131-ba1e-f0b5350e4e1e} => C:\Users\Bartdavy\AppData\Local\MediaFire Desktop\x64\MFShellIconOverlayLock.dll [2016-05-06] ()
ShellIconOverlayIdentifiers: [] -> {b5458931-3c8c-4131-ba1e-f0b5350e4e1e} => C:\Users\Bartdavy\AppData\Local\MediaFire Desktop\x64\MFShellIconOverlaySyncing.dll [2016-05-06] ()
ShellIconOverlayIdentifiers: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-02-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-02-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-02-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-02-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-02-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-02-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-02-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-02-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-02-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-02-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-10-25] ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-10-25] ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-10-25] ()
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-01-26] (AVAST Software)
ShellIconOverlayIdentifiers: [AcronisSyncError] -> {934BC6C0-FEC2-4df5-A100-961DE2C8A0ED} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2014-09-09] (Acronis)
ShellIconOverlayIdentifiers: [AcronisSyncInProgress] -> {00F848DC-B1D4-4892-9C25-CAADC86A215D} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2014-09-09] (Acronis)
ShellIconOverlayIdentifiers: [AcronisSyncOk] -> {71573297-552E-46fc-BE3D-3DFAF88D47B7} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2014-09-09] (Acronis)
ShellIconOverlayIdentifiers-x32: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-02-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-02-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-02-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-02-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-02-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-02-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-02-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-02-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-02-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-02-06] (Dropbox, Inc.)
Startup: C:\Users\Bartdavy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Curse.lnk [2017-01-22]
ShortcutTarget: Curse.lnk -> C:\Users\Bartdavy\AppData\Roaming\Curse Client\Bin\Curse.exe (Curse, Inc)
GroupPolicy: Restriction <======= ATTENTION
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Tcpip\Parameters: [DhcpNameServer] 209.18.47.61 209.18.47.62
Tcpip\..\Interfaces\{abbd68f7-94c2-4cb8-b9a9-a5ea51e37961}: [DhcpNameServer] 209.18.47.61 209.18.47.62
Tcpip\..\Interfaces\{e277cfff-d1c3-4e03-955e-4c9c22a94008}: [DhcpNameServer] 209.18.47.61 209.18.47.62
 
Internet Explorer:
==================
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.com/?bcutc=sp-006
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxps://www.google.com/search?bcutc=sp-006&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKU\S-1-5-21-867934242-1038925789-3082475248-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://www.google.com/search?bcutc=sp-006&q={searchTerms}
HKU\S-1-5-21-867934242-1038925789-3082475248-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.com/?bcutc=sp-006
SearchScopes: HKLM-x32 -> DefaultScope {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?bcutc=sp-006&q={searchTerms}
SearchScopes: HKLM-x32 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?bcutc=sp-006&q={searchTerms}
SearchScopes: HKU\S-1-5-21-867934242-1038925789-3082475248-1001 -> DefaultScope {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?bcutc=sp-006&q={searchTerms}
SearchScopes: HKU\S-1-5-21-867934242-1038925789-3082475248-1001 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?bcutc=sp-006&q={searchTerms}
BHO: 1Password -> {037C06D5-3893-49E8-9AC0-41F7524AFBF5} -> C:\Program Files (x86)\1Password 4\x64\Agile1pIE4.dll [2016-02-23] (AgileBits)
BHO: No Name -> {27DD0F8B-3E0E-4ADC-A78A-66047E71ADC5} -> C:\Users\Bartdavy\Desktop\OldNewExplorer\OldNewExplorer64.dll => No File
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_101\bin\ssv.dll [2016-12-15] (Oracle Corporation)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_101\bin\jp2ssv.dll [2016-12-15] (Oracle Corporation)
BHO-x32: 1Password -> {037C06D5-3893-49E8-9AC0-41F7524AFBF5} -> C:\Program Files (x86)\1Password 4\x86\Agile1pIE4.dll [2016-02-23] (AgileBits)
BHO-x32: No Name -> {27DD0F8B-3E0E-4ADC-A78A-66047E71ADC5} -> C:\Users\Bartdavy\Desktop\OldNewExplorer\OldNewExplorer32.dll => No File
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\ssv.dll [2016-12-09] (Oracle Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\jp2ssv.dll [2016-12-09] (Oracle Corporation)
 
FireFox:
========
FF DefaultProfile: sdtl0b02.default
FF ProfilePath: C:\Users\Bartdavy\AppData\Roaming\Mozilla\Firefox\Profiles\sdtl0b02.default [2017-02-20]
FF DefaultSearchEngine: Mozilla\Firefox\Profiles\sdtl0b02.default -> Yahoo!
FF SelectedSearchEngine: Mozilla\Firefox\Profiles\sdtl0b02.default -> Yahoo!
FF Homepage: Mozilla\Firefox\Profiles\sdtl0b02.default -> hxxps://search.yahoo.com/?type=639975&fr=spigot-yhp-ff
FF Keyword.URL: Mozilla\Firefox\Profiles\sdtl0b02.default -> hxxps://search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=639975&p=
FF Extension: (Dark Revisited) - C:\Users\Bartdavy\AppData\Roaming\Mozilla\Firefox\Profiles\sdtl0b02.default\Extensions\[email protected] [2016-05-31] [not signed]
FF Extension: (Firefox Hotfix) - C:\Users\Bartdavy\AppData\Roaming\Mozilla\Firefox\Profiles\sdtl0b02.default\Extensions\[email protected] [2016-09-14]
FF Extension: (LavaFox V2) - C:\Users\Bartdavy\AppData\Roaming\Mozilla\Firefox\Profiles\sdtl0b02.default\Extensions\[email protected] [2016-11-19]
FF Extension: (Night Mode Pro) - C:\Users\Bartdavy\AppData\Roaming\Mozilla\Firefox\Profiles\sdtl0b02.default\Extensions\[email protected] [2016-11-19]
FF Extension: (NASA Night Launch) - C:\Users\Bartdavy\AppData\Roaming\Mozilla\Firefox\Profiles\sdtl0b02.default\Extensions\[email protected] [2016-05-31]
FF Extension: (Adblock Plus) - C:\Users\Bartdavy\AppData\Roaming\Mozilla\Firefox\Profiles\sdtl0b02.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-11-19]
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Extension: (Avast SafePrice) - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2017-01-26]
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: (Avast Online Security) - C:\Program Files\AVAST Software\Avast\WebRep\FF [2017-01-26]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_24_0_0_221.dll [2017-02-14] ()
FF Plugin: @java.com/DTPlugin,version=11.101.2 -> C:\Program Files\Java\jre1.8.0_101\bin\dtplugin\npDeployJava1.dll [2016-12-15] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.101.2 -> C:\Program Files\Java\jre1.8.0_101\bin\plugin2\npjp2.dll [2016-12-15] (Oracle Corporation)
FF Plugin: @wacom.com/wtPlugin,version=2.1.0.7 -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2016-10-25] (Adobe Systems)
FF Plugin: wacom.com/WacomTabletPlugin -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_24_0_0_221.dll [2017-02-14] ()
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 -> C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll [2011-11-03] (ESN Social Software AB)
FF Plugin-x32: @esn/esnlaunch,version=2.3.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll [2013-09-16] (ESN Social Software AB)
FF Plugin-x32: @java.com/DTPlugin,version=11.111.2 -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\dtplugin\npDeployJava1.dll [2016-12-09] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.111.2 -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\plugin2\npjp2.dll [2016-12-09] (Oracle Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-12-29] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-12-29] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-16] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @wacom.com/wtPlugin,version=2.1.0.7 -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2016-10-25] (Adobe Systems)
FF Plugin-x32: wacom.com/WacomTabletPlugin -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom)
 
Chrome: 
=======
CHR HomePage: Default -> hxxp://search.conduit.com/?gd=&ctid=CT3322283&octid=EB_ORIGINAL_CTID&ISID=M081B3A40-E431-481F-AC6F-6F06296B52DF&SearchSource=55&CUI=&UM=5&UP=SPCDA74A38-553C-48EF-9A2E-64BDD78FA7D9&SSPV=
CHR Session Restore: Default -> is enabled.
CHR Profile: C:\Users\Bartdavy\AppData\Local\Google\Chrome\User Data\Default [2017-02-23]
CHR Extension: (BetterTTV) - C:\Users\Bartdavy\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajopnjidmegmdimjlfnijceegpefgped [2016-06-27]
CHR Extension: (Theme Creator) - C:\Users\Bartdavy\AppData\Local\Google\Chrome\User Data\Default\Extensions\akpelnjfckgfiplcikojhomllgombffc [2016-06-27]
CHR Extension: (Google Drive) - C:\Users\Bartdavy\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-10-20]
CHR Extension: (Turn Off the Lights) - C:\Users\Bartdavy\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfbmjmiodbnnpllbbbfblcplfjjepjdn [2017-02-03]
CHR Extension: (ColorZilla) - C:\Users\Bartdavy\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhlhnicpbhignbdhedgjhgdocnmhomnp [2016-12-26]
CHR Extension: (Audiotool) - C:\Users\Bartdavy\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkgoccjhfjgjedhkiefaclppgbmoobnk [2016-06-27]
CHR Extension: (YouTube) - C:\Users\Bartdavy\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-06-27]
CHR Extension: (Steam Inventory Helper) - C:\Users\Bartdavy\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmeakgjggjdlcpncigglobpjbkabhmjl [2017-02-22]
CHR Extension: (Spotify - Music for every moment) - C:\Users\Bartdavy\AppData\Local\Google\Chrome\User Data\Default\Extensions\cnkjkdjlofllcpbemipjbcpfnglbgieh [2016-06-27]
CHR Extension: (Gmail™ Notifier) - C:\Users\Bartdavy\AppData\Local\Google\Chrome\User Data\Default\Extensions\dcjichoefijpinlfnjghokpkojhlhkgl [2017-01-17]
CHR Extension: (Netflix) - C:\Users\Bartdavy\AppData\Local\Google\Chrome\User Data\Default\Extensions\deceagebecbceejblnlcjooeohmmeldh [2016-06-27]
CHR Extension: (Tampermonkey) - C:\Users\Bartdavy\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2016-12-21]
CHR Extension: (Dark YouTube Theme) - C:\Users\Bartdavy\AppData\Local\Google\Chrome\User Data\Default\Extensions\djhcepodfooinnfhfccmoeabagbjchhg [2016-11-11]
CHR Extension: (Dark Theme v3) - C:\Users\Bartdavy\AppData\Local\Google\Chrome\User Data\Default\Extensions\djlgdeklopcjagknhlchbdjekgpgenad [2016-09-20]
CHR Extension: (Avast Passwords) - C:\Users\Bartdavy\AppData\Local\Google\Chrome\User Data\Default\Extensions\emhginjpijfggbofeediiojmdlmlkoik [2017-02-15]
CHR Extension: (Avast SafePrice) - C:\Users\Bartdavy\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2017-01-27]
CHR Extension: (Pandora) - C:\Users\Bartdavy\AppData\Local\Google\Chrome\User Data\Default\Extensions\fbangkleohkafngihneedemihgfeikcl [2016-06-27]
CHR Extension: (Night Mode Pro) - C:\Users\Bartdavy\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbilbeoogenjmnabenfjfoockmpfnjoh [2016-12-21]
CHR Extension: (LoungeDestroyer) - C:\Users\Bartdavy\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghahcnmfjfckcedfajbhekgknjdplfcl [2017-02-03]
CHR Extension: (Google Docs Offline) - C:\Users\Bartdavy\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-02-23]
CHR Extension: (AdBlock) - C:\Users\Bartdavy\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2017-02-22]
CHR Extension: (SwagButton) - C:\Users\Bartdavy\AppData\Local\Google\Chrome\User Data\Default\Extensions\gngocbkfmikdgphklgmmehbjjlfgdemm [2016-12-15]
CHR Extension: (Avast Online Security) - C:\Users\Bartdavy\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2017-01-26]
CHR Extension: (TweetDeck by Twitter) - C:\Users\Bartdavy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hbdpomandigafcibbmofojjchbcdagbl [2016-06-27]
CHR Extension: (Eye Dropper) - C:\Users\Bartdavy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmdcmlfkchdmnmnmheododdhjedfccka [2016-10-06]
CHR Extension: (Deluminate) - C:\Users\Bartdavy\AppData\Local\Google\Chrome\User Data\Default\Extensions\iebboopaeangfpceklajfohhbpkkfiaa [2017-01-26]
CHR Extension: (Moo.do) - C:\Users\Bartdavy\AppData\Local\Google\Chrome\User Data\Default\Extensions\iffimmolghilclfndeiebgppddmagofk [2016-10-27]
CHR Extension: (Steam Market Float Checker) - C:\Users\Bartdavy\AppData\Local\Google\Chrome\User Data\Default\Extensions\imjcjjbacacnhoibdbghilhicllgegcf [2016-06-27]
CHR Extension: (Color Picker) - C:\Users\Bartdavy\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcmgligingjhdnhdhgepemlckgcgmgaj [2016-06-27]
CHR Extension: (CS:GO Lounge Bump Bot) - C:\Users\Bartdavy\AppData\Local\Google\Chrome\User Data\Default\Extensions\jhfkidfnhjcjjamcbdepeohblphlamgk [2016-06-27]
CHR Extension: (StumbleUpon) - C:\Users\Bartdavy\AppData\Local\Google\Chrome\User Data\Default\Extensions\kcahibnffhnnjcedflmchmokndkjnhpg [2016-06-27]
CHR Extension: (Steam Database) - C:\Users\Bartdavy\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdbmhfkmnlmbkgbabkdealhhbfhlmmon [2017-02-22]
CHR Extension: (Awesome Facebook Video Downloader) - C:\Users\Bartdavy\AppData\Local\Google\Chrome\User Data\Default\Extensions\kmminjooemmhhbpkbfmjhknffplmjkfi [2017-02-22]
CHR Extension: (Until AM Web App) - C:\Users\Bartdavy\AppData\Local\Google\Chrome\User Data\Default\Extensions\kodigjkcpaoeodlnmcnekemakpnmegnk [2016-06-27]
CHR Extension: (Momentum) - C:\Users\Bartdavy\AppData\Local\Google\Chrome\User Data\Default\Extensions\laookkfknpbbblfpciffpaejjkokdgca [2017-01-06]
CHR Extension: (Ghostery) - C:\Users\Bartdavy\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij [2017-02-15]
CHR Extension: (JustBeamIt) - C:\Users\Bartdavy\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmikgkdknaammcapbklcdaakpphfilgg [2016-06-27]
CHR Extension: (Moqups · Mockups, Wireframes & Prototyping) - C:\Users\Bartdavy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nlfbhphohgafllkjnakmdppmmkjfbnke [2016-06-27]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Bartdavy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-01-21]
CHR Extension: (Battlelog Emblem Editor Extended) - C:\Users\Bartdavy\AppData\Local\Google\Chrome\User Data\Default\Extensions\noagedoiolkfaoaknohhepocfeooibjb [2016-06-27]
CHR Extension: (My Chrome Theme) - C:\Users\Bartdavy\AppData\Local\Google\Chrome\User Data\Default\Extensions\oehpjpccmlcalbenfhnacjeocbjdonic [2016-06-27]
CHR Extension: (Currently) - C:\Users\Bartdavy\AppData\Local\Google\Chrome\User Data\Default\Extensions\ojhmphdkpgbibohbnpbfiefkgieacjmh [2016-06-27]
CHR Extension: (Tab Snooze) - C:\Users\Bartdavy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdiebiamhaleloakpcgmpnenggpjbcbm [2016-06-27]
CHR Extension: (Gmail) - C:\Users\Bartdavy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-06-27]
CHR Extension: (Chrome Media Router) - C:\Users\Bartdavy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-02-09]
CHR Extension: (Twitch Giveaways) - C:\Users\Bartdavy\AppData\Local\Google\Chrome\User Data\Default\Extensions\poohjpljfecljomfhhimjhddddlidhdd [2017-02-09]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx
 
==================== Services (Whitelisted) ====================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [744640 2016-10-25] (Adobe Systems Incorporated)
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe [936728 2016-12-26] ()
R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe [1360016 2014-04-24] () [File not signed]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [197128 2017-01-26] (AVAST Software)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1486344 2017-01-23] ()
R3 CLink4Service; C:\Program Files (x86)\CorsairLink4\CorsairLink4.Service.exe [83152 2016-08-31] (Corsair Components, Inc.)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-01-03] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-01-03] (Dropbox, Inc.)
R2 DbxSvc; C:\Windows\system32\DbxSvc.exe [46400 2017-02-06] (Dropbox, Inc.)
S3 EasyAntiCheat; C:\Windows\SysWOW64\EasyAntiCheat.exe [234856 2016-01-01] (EasyAntiCheat Ltd)
S3 EvoSvc; C:\Program Files\Echobit\Evolve\EvoSvc.exe [1583488 2016-01-23] (Echobit LLC)
R2 LogiRegistryService; C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe [193656 2016-09-29] (Logitech Inc.)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4355024 2017-01-20] (Malwarebytes)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [462784 2017-01-20] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [462784 2017-01-20] (NVIDIA Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [458176 2016-12-29] (NVIDIA Corporation)
R2 NvTelemetryContainer; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [425408 2017-01-20] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2119176 2017-01-20] (Electronic Arts)
R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [2181648 2017-01-20] (Electronic Arts)
S3 OverwolfUpdater; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [1325112 2017-02-20] (Overwolf LTD)
R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76152 2016-08-03] ()
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2016-07-26] ()
S2 Razer Game Scanner Service; C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [187824 2016-07-19] ()
R2 UnsignedThemes; C:\Windows\unsignedthemes.exe [22184 2015-03-01] (The Within Network, LLC)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [362928 2016-10-25] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2016-11-19] (Microsoft Corporation)
R2 WTabletServicePro; C:\Program Files\Tablet\Wacom\WTabletServicePro.exe [672208 2017-01-17] (Wacom Technology, Corp.)
S2 AGSService; "C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe" [X]
S2 NVIDIA Wireless Controller Service; "C:\Program Files\NVIDIA Corporation\GeForce Experience Service\nvwirelesscontroller.exe" [X]
 
===================== Drivers (Whitelisted) ======================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2015-05-08] ()
S3 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [37656 2017-01-26] (AVAST Software)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [37144 2017-01-26] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [108816 2017-01-26] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [103064 2017-01-26] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [74544 2017-01-26] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [969184 2017-01-26] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [513632 2017-01-26] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [163416 2017-01-26] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [293352 2017-01-26] (AVAST Software)
S3 BEDaisy; C:\Program Files (x86)\Common Files\BattlEye\BEDaisy.sys [401896 2017-02-18] ()
R3 cpuz139; C:\Windows\TEMP\cpuz139\cpuz139_x64.sys [43328 2017-02-23] (CPUID)
R3 e1dexpress; C:\Windows\system32\DRIVERS\e1d65x64.sys [559080 2016-12-26] (Intel Corporation)
R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae64.sys [77416 2017-01-20] ()
R3 EvolveVirtualAdapter; C:\Windows\System32\drivers\evolve.sys [21656 2016-01-23] (Echobit, LLC)
R0 file_tracker; C:\Windows\System32\DRIVERS\file_tracker.sys [296736 2016-06-27] (Acronis International GmbH)
S3 Hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [45680 2015-11-12] (LogMeIn Inc.)
R2 LGCoreTemp; C:\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\lgcoretemp.sys [14184 2015-06-21] (Logitech)
R3 LGJoyXlCore; C:\Windows\system32\drivers\LGJoyXlCore.sys [67736 2016-09-29] (Logitech Inc.)
S3 lgLowAudio; C:\Windows\system32\drivers\lgLowAudio.sys [26264 2015-11-20] (Logitech Inc.)
R3 LGSHidFilt; C:\Windows\system32\DRIVERS\LGSHidFilt.Sys [64280 2013-05-30] (Logitech Inc.)
R2 MBAMChameleon; C:\Windows\system32\drivers\MBAMChameleon.sys [176584 2017-02-21] (Malwarebytes)
R3 MBAMFarflt; C:\Windows\system32\drivers\farflt.sys [110536 2017-02-23] (Malwarebytes)
R3 MBAMProtection; C:\Windows\system32\drivers\mbam.sys [43968 2017-02-23] (Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [251848 2017-02-23] (Malwarebytes)
R3 MBAMWebProtection; C:\Windows\system32\drivers\mwac.sys [91584 2017-02-23] (Malwarebytes)
R2 mfmonitor; C:\Windows\System32\DRIVERS\mfmonitor_x64.sys [20696 2016-05-06] (Windows ® Win 7 DDK provider)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [27584 2017-01-20] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [46016 2017-01-20] (NVIDIA Corporation)
R3 nvvhci; C:\Windows\System32\drivers\nvvhci.sys [57792 2017-01-20] (NVIDIA Corporation)
R0 PxHlpa64; C:\Windows\System32\Drivers\PxHlpa64.sys [56336 2012-06-22] (Corel Corporation)
S3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [587264 2015-07-10] (Realtek                                            )
R3 rzendpt; C:\Windows\System32\drivers\rzendpt.sys [50392 2015-08-13] (Razer Inc)
R2 rzpmgrk; C:\Windows\system32\drivers\rzpmgrk.sys [44144 2016-05-06] (Razer, Inc.)
R2 rzpnk; C:\Windows\system32\drivers\rzpnk.sys [136312 2016-06-27] (Razer, Inc.)
R2 tib; C:\Windows\system32\DRIVERS\tib.sys [1058632 2016-06-27] (Acronis International GmbH)
R2 tib_mounter; C:\Windows\system32\DRIVERS\tib_mounter.sys [248648 2016-06-27] (Acronis International GmbH)
S3 UdeCx; C:\Windows\System32\drivers\udecx.sys [44032 2015-07-10] ()
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2015-06-17] (Apple, Inc.) [File not signed]
S3 USBPcap; C:\Windows\system32\DRIVERS\USBPcap.sys [41720 2016-04-05] (USBPcap)
R2 uxstyle; C:\Windows\system32\Drivers\elytsxu.sys [32424 2015-03-01] (The Within Network, LLC)
S3 VBAudioVMVAIOMME; C:\Windows\system32\DRIVERS\vbaudio_vmvaio64_win7.sys [41192 2016-03-16] (Windows ® Win 7 DDK provider)
R1 VBoxNetAdp; C:\Windows\system32\DRIVERS\VBoxNetAdp6.sys [119712 2016-04-28] (Oracle Corporation)
R1 VBoxNetLwf; C:\Windows\system32\DRIVERS\VBoxNetLwf.sys [192352 2016-04-28] (Oracle Corporation)
S3 WacHidRouterPro; C:\Windows\System32\drivers\wachidrouter.sys [120472 2017-01-17] (Wacom Technology)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-07-10] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [291680 2015-07-10] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [119648 2015-07-10] (Microsoft Corporation)
S3 dbx; system32\DRIVERS\dbx.sys [X]
S3 vmci; \SystemRoot\System32\drivers\vmci.sys [X]
S3 VMnetAdapter; \SystemRoot\system32\DRIVERS\vmnetadapter.sys [X]
S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X]
S3 WinRing0_1_2_0; \??\C:\Program Files (x86)\Overwolf\0.92.21.0\OverwolfBenchmarking.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2017-02-23 15:53 - 2017-02-23 15:53 - 00042364 _____ C:\Users\Bartdavy\Desktop\FRST.txt
2017-02-23 15:53 - 2017-02-23 15:53 - 00000000 ____D C:\FRST
2017-02-23 15:52 - 2017-02-23 15:52 - 02423296 _____ (Farbar) C:\Users\Bartdavy\Desktop\FRST64.exe
2017-02-23 15:36 - 2017-02-23 15:36 - 00016148 _____ C:\Windows\system32\DESKTOP-LQ9RNMB_Bartdavy_HistoryPrediction.bin
2017-02-22 19:34 - 2017-02-23 14:06 - 00091584 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys
2017-02-21 22:37 - 2017-02-21 22:37 - 00176584 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMChameleon.sys
2017-02-21 22:36 - 2017-02-23 00:03 - 00251848 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2017-02-21 22:36 - 2017-02-23 00:03 - 00110536 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt.sys
2017-02-21 22:36 - 2017-02-23 00:03 - 00043968 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2017-02-21 22:36 - 2017-02-21 22:36 - 00001912 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2017-02-21 22:36 - 2017-02-21 22:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2017-02-21 22:36 - 2017-02-21 22:36 - 00000000 ____D C:\ProgramData\Malwarebytes
2017-02-21 22:36 - 2017-02-21 22:36 - 00000000 ____D C:\Program Files\Malwarebytes
2017-02-21 22:36 - 2017-01-20 07:47 - 00077416 _____ C:\Windows\system32\Drivers\mbae64.sys
2017-02-21 22:34 - 2017-02-21 22:35 - 55566792 _____ (Malwarebytes ) C:\Users\Bartdavy\Downloads\mb3-setup-consumer-3.0.6.1469.exe
2017-02-21 22:03 - 2017-02-21 22:06 - 25307047 _____ C:\Users\Bartdavy\Downloads\FlatGrass R09.exe
2017-02-20 18:24 - 2017-02-20 18:24 - 00614520 _____ C:\Users\Bartdavy\Downloads\PBE_Client_Shell.zip
2017-02-20 17:20 - 2017-02-20 17:20 - 00001153 _____ C:\Users\Bartdavy\Desktop\blender.lnk
2017-02-20 17:20 - 2017-02-20 17:20 - 00000000 ____D C:\Users\Bartdavy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Blender
2017-02-20 17:20 - 2017-02-20 17:20 - 00000000 ____D C:\Program Files\Blender Foundation
2017-02-20 17:19 - 2017-02-20 17:20 - 89964920 _____ C:\Users\Bartdavy\Downloads\blender-2.78b-windows64.msi
2017-02-20 14:08 - 2017-02-20 14:08 - 00000000 ____D C:\Users\Bartdavy\AppData\Local\TeamSpeak 3
2017-02-20 14:08 - 2017-02-20 14:08 - 00000000 ____D C:\Users\Bartdavy\.TeamSpeak 3
2017-02-19 20:43 - 2017-02-19 20:43 - 00000000 ____D C:\Users\Bartdavy\AppData\Local\Tempzxpsignde4852fef10c9666
2017-02-19 20:23 - 2017-02-19 20:23 - 00000000 ____D C:\Users\Bartdavy\AppData\Local\Tempzxpsigne427da714d4a388b
2017-02-19 20:23 - 2017-02-19 20:23 - 00000000 ____D C:\Users\Bartdavy\AppData\Local\Tempzxpsigndb43ab9548d666f0
2017-02-19 20:23 - 2017-02-19 20:23 - 00000000 ____D C:\Users\Bartdavy\AppData\Local\Tempzxpsign63ee9d7b8deb17e2
2017-02-19 20:23 - 2017-02-19 20:23 - 00000000 ____D C:\Users\Bartdavy\AppData\Local\Tempzxpsign3b59cc5459e32a09
2017-02-18 22:51 - 2017-02-18 23:00 - 202302574 _____ C:\Users\Bartdavy\Desktop\12037536_630709503734895_1030002423_n.mp4
2017-02-18 22:40 - 2017-02-18 22:40 - 00914061 _____ C:\Users\Bartdavy\Desktop\1187512_4734534936214_50300_n.mp4
2017-02-18 19:01 - 2017-02-18 19:01 - 00063061 _____ C:\Users\Bartdavy\Desktop\PayPal_ Transaction Details.pdf
2017-02-18 18:22 - 2017-02-18 18:22 - 00000000 ____D C:\Users\Bartdavy\AppData\Local\Tempzxpsign58b29a27359dd9c6
2017-02-18 17:58 - 2017-02-18 17:58 - 00000000 ____D C:\Users\Bartdavy\Downloads\BD0.2.82Windows
2017-02-18 17:57 - 2017-02-18 17:57 - 00282071 _____ C:\Users\Bartdavy\Downloads\BD0.2.82Windows (1).zip
2017-02-18 17:25 - 2017-02-18 17:25 - 00000000 ____D C:\Users\Bartdavy\AppData\Local\Tempzxpsign5d97e2e9bacc7521
2017-02-18 17:25 - 2017-02-18 17:25 - 00000000 ____D C:\Users\Bartdavy\AppData\Local\Tempzxpsign4217333e400b8f3e
2017-02-18 17:23 - 2017-02-18 17:23 - 00000000 ____D C:\Users\Bartdavy\AppData\Local\Tempzxpsignd5087641b79bd6d0
2017-02-18 17:23 - 2017-02-18 17:23 - 00000000 ____D C:\Users\Bartdavy\AppData\Local\Tempzxpsign920192ab984e08f4
2017-02-18 17:23 - 2017-02-18 17:23 - 00000000 ____D C:\Users\Bartdavy\AppData\Local\Tempzxpsign4de8c91f26608f66
2017-02-18 17:23 - 2017-02-18 17:23 - 00000000 ____D C:\Users\Bartdavy\AppData\Local\Tempzxpsign02c024192170ef12
2017-02-18 13:59 - 2017-02-18 13:59 - 32019840 _____ (TeamSpeak Systems GmbH) C:\Users\Bartdavy\Downloads\TeamSpeak3-Client-win64-3.0.19.4 (1).exe
2017-02-18 12:27 - 2017-02-18 12:28 - 16444003 _____ C:\Users\Bartdavy\Downloads\@BurnesLCAC_v2.rar
2017-02-18 12:26 - 2017-02-18 12:27 - 21717607 _____ C:\Users\Bartdavy\Downloads\txt_lcs1.rar
2017-02-18 12:25 - 2017-02-18 12:25 - 05225899 _____ C:\Users\Bartdavy\Downloads\@Blue-Angels-Fictional-Super-Hornet-RC4.7z
2017-02-16 19:05 - 2017-02-16 20:07 - 1565191266 _____ C:\Users\Bartdavy\Downloads\United-States-Air-Force-v053.7z
2017-02-15 21:56 - 2016-12-29 06:43 - 00133056 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2017-02-13 15:51 - 2016-11-08 08:08 - 02302976 _____ C:\Users\Bartdavy\Desktop\SaberInstaller_1.0.39_Win_2017.exe
2017-02-11 18:31 - 2017-02-11 18:31 - 00000000 ____D C:\Users\Bartdavy\AppData\Local\Tempzxpsign4b87467c513cce41
2017-02-11 18:30 - 2017-02-11 18:30 - 00000000 ____D C:\Users\Bartdavy\AppData\Local\Tempzxpsign764c30a46c1e22fa
2017-02-11 18:30 - 2017-02-11 18:30 - 00000000 ____D C:\Users\Bartdavy\AppData\Local\Tempzxpsign2831ecdbc5d62651
2017-02-11 14:31 - 2017-02-11 14:31 - 00001163 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Media Encoder CC 2017.lnk
2017-02-11 14:28 - 2017-02-11 14:28 - 00001021 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Muse CC 2017.lnk
2017-02-11 14:28 - 2017-02-11 14:28 - 00000000 ____D C:\Users\Bartdavy\AppData\Roaming\com.adobe.AdobeMuseCC.2017.0
2017-02-11 14:24 - 2017-02-11 14:24 - 00001109 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Dreamweaver CC 2017.lnk
2017-02-11 14:22 - 2017-02-11 14:22 - 00001118 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Audition CC 2017.lnk
2017-02-11 14:20 - 2017-02-11 14:20 - 00001377 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Character Animator CC (Beta).lnk
2017-02-11 14:18 - 2017-02-11 14:18 - 00001271 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe After Effects CC 2017.lnk
2017-02-11 14:14 - 2017-02-11 14:14 - 00001151 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Premiere Pro CC 2017.lnk
2017-02-11 14:08 - 2017-02-11 14:08 - 00001047 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge CC 2017.lnk
2017-02-11 14:06 - 2017-02-11 14:06 - 00002520 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Illustrator CC 2017.lnk
2017-02-11 14:01 - 2017-02-11 14:01 - 00000000 ____D C:\Users\Bartdavy\AppData\Local\Tempzxpsignbbb05cdf66530fa3
2017-02-11 14:00 - 2017-02-11 14:00 - 00001085 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CC 2017.lnk
2017-02-11 13:55 - 2017-02-11 13:55 - 00001226 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Creative Cloud.lnk
2017-02-11 13:55 - 2017-02-11 13:55 - 00001214 _____ C:\Users\Public\Desktop\Adobe Creative Cloud.lnk
2017-02-11 13:50 - 2017-02-11 13:50 - 04442378 _____ C:\Users\Bartdavy\Downloads\Rain_Drop_Project.zip
2017-02-11 12:51 - 2017-02-11 12:51 - 00000000 ____D C:\Users\Bartdavy\Documents\VideoCopilot
2017-02-11 12:47 - 2017-02-11 12:51 - 00000000 ____D C:\ProgramData\VideoCopilot
2017-02-11 12:46 - 2017-02-11 12:46 - 03131392 _____ C:\Users\Bartdavy\Desktop\FXConsoleInstaller_1.0.1_Win_2017.exe
2017-02-11 12:46 - 2017-02-11 12:46 - 01514603 _____ C:\Users\Bartdavy\Downloads\FXConsoleInstaller_1.0.1_Win_2017.zip
2017-02-11 12:38 - 2017-02-11 12:38 - 68979791 _____ C:\Users\Bartdavy\Desktop\675026652.mp4
2017-02-11 12:38 - 2017-02-11 12:38 - 36766333 _____ C:\Users\Bartdavy\Desktop\675072394.mp4
2017-02-11 12:38 - 2017-02-11 12:38 - 23174072 _____ C:\Users\Bartdavy\Desktop\674890527.mp4
2017-02-10 18:49 - 2017-02-10 18:49 - 00000000 ____D C:\Users\Bartdavy\AppData\Local\Tempzxpsignef2e7bb3d58e54ad
2017-02-10 18:49 - 2017-02-10 18:49 - 00000000 ____D C:\Users\Bartdavy\AppData\Local\Tempzxpsign0d1a4610bdf3c36b
2017-02-08 23:45 - 2017-02-08 23:45 - 40132536 _____ C:\Windows\system32\nvcompiler.dll
2017-02-08 23:45 - 2017-02-08 23:45 - 35231160 _____ C:\Windows\SysWOW64\nvcompiler.dll
2017-02-08 23:45 - 2017-02-08 23:45 - 34719288 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2017-02-08 23:45 - 2017-02-08 23:45 - 17749624 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2017-02-08 23:45 - 2017-02-08 23:45 - 11016832 _____ (NVIDIA Corporation) C:\Windows\system32\nvptxJitCompiler.dll
2017-02-08 23:45 - 2017-02-08 23:45 - 10907184 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2017-02-08 23:45 - 2017-02-08 23:45 - 10453336 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2017-02-08 23:45 - 2017-02-08 23:45 - 09247528 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2017-02-08 23:45 - 2017-02-08 23:45 - 09000152 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvptxJitCompiler.dll
2017-02-08 23:45 - 2017-02-08 23:45 - 08846832 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2017-02-08 23:45 - 2017-02-08 23:45 - 02957240 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2017-02-08 23:45 - 2017-02-08 23:45 - 02594744 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2017-02-08 23:45 - 2017-02-08 23:45 - 01964600 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6437653.dll
2017-02-08 23:45 - 2017-02-08 23:45 - 01604160 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco6420103.dll
2017-02-08 23:45 - 2017-02-08 23:45 - 01600056 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6437653.dll
2017-02-08 23:45 - 2017-02-08 23:45 - 01047088 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2017-02-08 23:45 - 2017-02-08 23:45 - 00985136 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2017-02-08 23:45 - 2017-02-08 23:45 - 00951224 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2017-02-08 23:45 - 2017-02-08 23:45 - 00903096 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2017-02-08 23:45 - 2017-02-08 23:45 - 00818496 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncMFTH264.dll
2017-02-08 23:45 - 2017-02-08 23:45 - 00817472 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncMFThevc.dll
2017-02-08 23:45 - 2017-02-08 23:45 - 00698728 _____ (NVIDIA Corporation) C:\Windows\system32\nvfatbinaryLoader.dll
2017-02-08 23:45 - 2017-02-08 23:45 - 00658400 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncMFTH264.dll
2017-02-08 23:45 - 2017-02-08 23:45 - 00657048 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncMFThevc.dll
2017-02-08 23:45 - 2017-02-08 23:45 - 00631992 _____ (NVIDIA Corporation) C:\Windows\system32\nvmcumd.dll
2017-02-08 23:45 - 2017-02-08 23:45 - 00586968 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvfatbinaryLoader.dll
2017-02-08 23:45 - 2017-02-08 23:45 - 00483584 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2017-02-08 23:45 - 2017-02-08 23:45 - 00448560 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2017-02-08 23:45 - 2017-02-08 23:45 - 00407240 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2017-02-08 23:45 - 2017-02-08 23:45 - 00397240 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2017-02-08 23:45 - 2017-02-08 23:45 - 00394800 _____ (NVIDIA Corporation) C:\Windows\system32\nvDecMFTMjpeg.dll
2017-02-08 23:45 - 2017-02-08 23:45 - 00355768 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvDecMFTMjpeg.dll
2017-02-08 23:45 - 2017-02-08 23:45 - 00338960 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2017-02-08 23:45 - 2017-02-08 23:45 - 00221640 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
2017-02-08 23:45 - 2017-02-08 23:45 - 00183328 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2017-02-08 23:45 - 2017-02-08 23:45 - 00163448 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2017-02-08 23:45 - 2017-02-08 23:45 - 00160824 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2017-02-08 23:45 - 2017-02-08 23:45 - 00141584 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2017-02-08 23:45 - 2017-02-08 23:45 - 00054720 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll
2017-02-08 02:43 - 2017-02-08 02:43 - 00001023 _____ C:\Users\Bartdavy\Desktop\VirtualDJ 8.lnk
2017-02-08 02:42 - 2017-02-08 03:43 - 00000000 ____D C:\Users\Bartdavy\Documents\VirtualDJ
2017-02-08 02:42 - 2017-02-08 02:43 - 00000000 ____D C:\Users\Bartdavy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VirtualDJ
2017-02-08 02:42 - 2017-02-08 02:42 - 39120896 _____ C:\Users\Bartdavy\Downloads\install_virtualdj_pc_v8.2.3573.msi
2017-02-08 02:42 - 2017-02-08 02:42 - 00000000 ____D C:\Program Files (x86)\VirtualDJ
2017-02-07 21:01 - 2017-02-07 21:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2017-02-06 23:41 - 2017-01-20 12:39 - 00156608 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll
2017-02-06 23:41 - 2017-01-20 12:39 - 00124352 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2017-02-06 23:41 - 2017-01-20 12:39 - 00057792 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvhci.sys
2017-02-06 22:38 - 2017-02-06 22:38 - 00046400 _____ (Dropbox, Inc.) C:\Windows\system32\DbxSvc.exe
2017-02-06 22:38 - 2017-02-06 22:38 - 00046192 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-stable.sys
2017-02-06 22:38 - 2017-02-06 22:38 - 00046192 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-dev.sys
2017-02-06 22:38 - 2017-02-06 22:38 - 00046192 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-canary.sys
2017-02-05 15:28 - 2017-02-05 15:29 - 00000000 ____D C:\Users\Bartdavy\AppData\Roaming\Trove
2017-02-04 00:40 - 2017-02-04 00:40 - 00000000 ____D C:\Users\Bartdavy\AppData\Local\Tempzxpsign5688cce49ad09311
2017-02-04 00:40 - 2017-02-04 00:40 - 00000000 ____D C:\Users\Bartdavy\AppData\Local\Tempzxpsign14cb22c26a095581
2017-02-03 21:10 - 2017-02-03 21:10 - 00000000 ____D C:\Users\Bartdavy\AppData\Roaming\WTablet
2017-02-01 23:09 - 2017-02-01 23:09 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wacom Tablet
2017-02-01 23:09 - 2017-01-17 15:24 - 02274256 _____ (Wacom Technology, Corp.) C:\Windows\system32\Wacom_Tablet.dll
2017-02-01 23:09 - 2017-01-17 15:24 - 02267600 _____ (Wacom Technology, Corp.) C:\Windows\system32\Wacom_Touch_Tablet.dll
2017-02-01 23:09 - 2017-01-17 15:24 - 02173392 _____ (Wacom Technology, Corp.) C:\Windows\system32\WacomMT.dll
2017-02-01 23:09 - 2017-01-17 15:24 - 02111952 _____ (Wacom Technology, Corp.) C:\Windows\system32\Wintab32.dll
2017-02-01 23:09 - 2017-01-17 15:24 - 01787856 _____ (Wacom Technology, Corp.) C:\Windows\SysWOW64\Wacom_Tablet.dll
2017-02-01 23:09 - 2017-01-17 15:24 - 01781200 _____ (Wacom Technology, Corp.) C:\Windows\SysWOW64\Wacom_Touch_Tablet.dll
2017-02-01 23:09 - 2017-01-17 15:24 - 01673168 _____ (Wacom Technology, Corp.) C:\Windows\SysWOW64\WacomMT.dll
2017-02-01 23:09 - 2017-01-17 15:24 - 01632720 _____ (Wacom Technology, Corp.) C:\Windows\SysWOW64\Wintab32.dll
2017-02-01 23:09 - 2017-01-17 14:26 - 00120472 _____ (Wacom Technology) C:\Windows\system32\Drivers\wachidrouter.sys
2017-02-01 23:09 - 2016-11-15 15:43 - 00033960 _____ (Wacom Technology) C:\Windows\system32\Drivers\wacomrouterfilter.sys
2017-02-01 23:09 - 2012-12-11 16:12 - 01721576 _____ (Microsoft Corporation) C:\Windows\system32\wdfcoinstaller01009.dll
2017-02-01 23:08 - 2017-02-01 23:09 - 00000000 ____D C:\Program Files\Tablet
2017-02-01 23:08 - 2017-02-01 23:08 - 76026400 _____ C:\Users\Bartdavy\Downloads\WacomTablet_6.3.20-5.exe
2017-02-01 22:21 - 2017-02-01 22:21 - 00000000 ____D C:\Users\Bartdavy\AppData\Local\Tempzxpsignfe556408449c86fe
2017-02-01 22:21 - 2017-02-01 22:21 - 00000000 ____D C:\Users\Bartdavy\AppData\Local\Tempzxpsign05421a7e97e780cd
2017-02-01 21:21 - 2017-02-02 23:30 - 00000000 ____D C:\Users\Bartdavy\Desktop\Stupid Project for DIM
2017-02-01 18:48 - 2017-02-01 18:48 - 00000000 ____D C:\Users\Bartdavy\AppData\Local\Tempzxpsign24004c5bc1839a26
2017-02-01 18:48 - 2017-02-01 18:48 - 00000000 ____D C:\Users\Bartdavy\AppData\Local\Tempzxpsign0a978516a6bc1b39
2017-01-31 22:52 - 2017-01-31 22:52 - 00000000 ____D C:\Users\Bartdavy\AppData\Local\Tempzxpsignd07621cd1fdf69a4
2017-01-31 22:52 - 2017-01-31 22:52 - 00000000 ____D C:\Users\Bartdavy\AppData\Local\Tempzxpsign04b2f06a695d7ec8
2017-01-30 20:15 - 2017-01-30 20:16 - 00002258 _____ C:\Users\Bartdavy\.kdiff3rc
2017-01-30 20:12 - 2017-01-30 20:12 - 00026377 _____ C:\Users\Bartdavy\Downloads\Set XP Multiplier 1.7-967-1-7.zip
2017-01-28 22:34 - 2017-01-28 22:34 - 00000000 ____D C:\Users\Bartdavy\AppData\Local\Tempzxpsignad4a9925b3e39a8a
2017-01-28 22:34 - 2017-01-28 22:34 - 00000000 ____D C:\Users\Bartdavy\AppData\Local\Tempzxpsign8ec55ea1f6a12321
2017-01-28 19:01 - 2017-01-28 19:01 - 00000000 ____D C:\Users\Bartdavy\AppData\Roaming\ModLauncherWPF
2017-01-28 19:01 - 2017-01-28 19:01 - 00000000 ____D C:\Users\Bartdavy\AppData\Roaming\FiraxisLive
2017-01-27 17:20 - 2017-01-27 17:20 - 00000000 ____D C:\Users\Bartdavy\AppData\Local\Tempzxpsigncd2b2c5002b1ee7f
2017-01-27 17:20 - 2017-01-27 17:20 - 00000000 ____D C:\Users\Bartdavy\AppData\Local\Tempzxpsign281fb3d19fdf0694
2017-01-27 16:37 - 2017-01-27 16:37 - 00000000 ____D C:\Users\Bartdavy\AppData\Local\Tempzxpsign63f79959bec3a8c7
2017-01-27 16:37 - 2017-01-27 16:37 - 00000000 ____D C:\Users\Bartdavy\AppData\Local\Tempzxpsign59e163972875e71a
2017-01-27 15:17 - 2017-01-27 15:17 - 00000000 ____D C:\Windows\System32\Tasks\AVAST Software
2017-01-27 15:17 - 2017-01-27 15:17 - 00000000 ____D C:\Program Files\Common Files\AV
2017-01-26 20:01 - 2017-01-26 20:01 - 00000000 ____D C:\Users\Bartdavy\AppData\Local\Tempzxpsignb8062305a1a7be85
2017-01-26 20:01 - 2017-01-26 20:01 - 00000000 ____D C:\Users\Bartdavy\AppData\Local\Tempzxpsign924a99092423f3e9
2017-01-26 18:36 - 2017-01-26 18:36 - 00009845 _____ C:\Users\Bartdavy\Desktop\Arma3Launcher_Exception_20170127T003624.txt
2017-01-26 15:19 - 2017-01-26 15:19 - 00000000 ____D C:\Users\Bartdavy\AppData\Roaming\AVAST Software
2017-01-26 15:18 - 2017-01-27 15:18 - 00004020 _____ C:\Windows\System32\Tasks\SafeZone scheduled Autoupdate 1485465506
2017-01-26 15:18 - 2017-01-27 15:18 - 00001088 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast SafeZone Browser.lnk
2017-01-26 15:18 - 2017-01-26 15:18 - 00001979 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Free Antivirus.lnk
2017-01-26 15:18 - 2017-01-26 15:18 - 00001967 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2017-01-26 15:18 - 2017-01-26 15:18 - 00001088 _____ C:\Users\Public\Desktop\Avast SafeZone Browser.lnk
2017-01-26 15:17 - 2017-01-26 15:17 - 00969184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys
2017-01-26 15:17 - 2017-01-26 15:17 - 00513632 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2017-01-26 15:17 - 2017-01-26 15:17 - 00293352 _____ (AVAST Software) C:\Windows\system32\Drivers\aswvmm.sys
2017-01-26 15:17 - 2017-01-26 15:17 - 00004004 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2017-01-26 15:17 - 2017-01-26 15:14 - 00163416 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2017-01-26 15:17 - 2017-01-26 15:14 - 00108816 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2017-01-26 15:17 - 2017-01-26 15:14 - 00103064 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2017-01-26 15:17 - 2017-01-26 15:14 - 00074544 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2017-01-26 15:17 - 2017-01-26 15:14 - 00037656 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2017-01-26 15:17 - 2017-01-26 15:13 - 00037144 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2017-01-26 15:14 - 2017-01-26 15:14 - 00391496 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2017-01-26 15:14 - 2017-01-26 15:14 - 00053208 _____ (AVAST Software) C:\Windows\avastSS.scr
2017-01-26 15:13 - 2017-01-26 15:13 - 00000000 ____D C:\Program Files\AVAST Software
2017-01-25 00:22 - 2017-01-25 00:23 - 231192896 _____ (AVAST Software) C:\Users\Bartdavy\Downloads\avast_free_antivirus_setup_offline.exe
2017-01-25 00:22 - 2017-01-25 00:22 - 06253640 _____ (AVAST Software) C:\Users\Bartdavy\Downloads\avast_free_antivirus_setup_online_cnet_2.exe
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2017-02-23 15:54 - 2015-12-31 21:22 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2017-02-23 15:53 - 2015-12-20 18:49 - 00000000 ____D C:\Users\Bartdavy\AppData\Roaming\Skype
2017-02-23 15:50 - 2015-07-10 05:04 - 00000000 ____D C:\Windows\AppReadiness
2017-02-23 15:45 - 2015-07-10 05:04 - 00000000 ___HD C:\Program Files\WindowsApps
2017-02-23 15:42 - 2015-12-20 18:49 - 00000000 ____D C:\Program Files (x86)\Steam
2017-02-23 15:39 - 2015-12-20 18:22 - 00000000 ____D C:\ProgramData\NVIDIA
2017-02-23 15:36 - 2016-01-03 19:25 - 00000940 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job
2017-02-23 15:01 - 2015-12-31 22:04 - 00000426 _____ C:\Windows\Tasks\update-sys.job
2017-02-23 14:59 - 2016-01-03 19:25 - 00000944 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job
2017-02-23 14:11 - 2015-12-31 22:04 - 00000426 _____ C:\Windows\Tasks\update-S-1-5-21-867934242-1038925789-3082475248-1001.job
2017-02-23 00:16 - 2015-12-20 21:21 - 00000000 ____D C:\Windows\system32\MRT
2017-02-23 00:14 - 2015-12-20 21:21 - 138020592 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2017-02-23 00:02 - 2015-07-10 06:21 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2017-02-22 23:14 - 2016-05-27 19:53 - 00000000 ____D C:\Users\Bartdavy\Downloads\GTA V MODS
2017-02-22 19:55 - 2015-07-10 03:05 - 00524288 ___SH C:\Windows\system32\config\BBI
2017-02-22 19:34 - 2015-12-20 18:24 - 00000000 ____D C:\Users\Bartdavy
2017-02-22 19:11 - 2016-01-01 20:31 - 00004172 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{9821FF61-BF20-41E3-87AE-92E0B824C9B0}
2017-02-22 15:40 - 2016-12-26 02:31 - 00000000 ____D C:\ProgramData\CLink4
2017-02-22 12:15 - 2016-03-10 00:14 - 00000000 ____D C:\Program Files (x86)\Overwolf
2017-02-22 02:01 - 2016-07-18 11:23 - 00000000 ____D C:\Users\Bartdavy\AppData\Local\Adobe
2017-02-21 22:52 - 2015-12-20 19:02 - 00000000 ____D C:\Users\Bartdavy\AppData\Roaming\TS3Client
2017-02-21 21:38 - 2015-12-21 01:50 - 00000000 ____D C:\Users\Bartdavy\AppData\Local\CrashDumps
2017-02-21 18:52 - 2016-04-17 00:51 - 00000000 ____D C:\Users\Bartdavy\Documents\Flight Simulator X Files
2017-02-21 17:35 - 2015-07-10 04:55 - 00000000 ____D C:\Windows\CbsTemp
2017-02-21 17:31 - 2015-12-20 18:24 - 00000000 ____D C:\Users\Bartdavy\AppData\Local\Packages
2017-02-20 20:37 - 2013-12-03 15:30 - 00000000 ____D C:\Users\Bartdavy\Desktop\PBE
2017-02-20 14:08 - 2016-07-21 15:14 - 00000000 ____D C:\Program Files\TeamSpeak 3 Client
2017-02-19 23:23 - 2017-01-20 22:12 - 00000000 ____D C:\Users\Bartdavy\AppData\Local\Battle.net
2017-02-19 23:09 - 2016-01-08 19:39 - 00000000 ____D C:\Program Files (x86)\Battle.net
2017-02-18 18:52 - 2016-10-04 19:45 - 00000892 _____ C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job
2017-02-18 17:59 - 2016-11-03 17:48 - 00000000 ____D C:\Users\Bartdavy\AppData\Roaming\BetterDiscord
2017-02-18 17:58 - 2015-12-25 21:29 - 00000000 ___HD C:\Users\Bartdavy\.mediafire
2017-02-18 17:03 - 2015-12-22 03:44 - 00000000 ____D C:\Users\Bartdavy\AppData\Local\Arma 3
2017-02-18 17:03 - 2015-12-22 03:33 - 00000000 ____D C:\Users\Bartdavy\AppData\Local\Arma 3 Launcher
2017-02-18 16:19 - 2015-12-22 03:44 - 00000000 ____D C:\Users\Bartdavy\Documents\Arma 3
2017-02-18 13:59 - 2016-07-21 15:14 - 00001008 _____ C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk
2017-02-18 13:59 - 2016-07-21 15:14 - 00000970 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client.lnk
2017-02-16 17:45 - 2015-12-20 20:29 - 00000000 ____D C:\Users\Bartdavy\AppData\Local\NVIDIA Corporation
2017-02-15 21:57 - 2015-12-20 20:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2017-02-15 21:57 - 2015-12-20 18:21 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2017-02-15 21:57 - 2015-07-10 05:02 - 00000000 ____D C:\Windows\INF
2017-02-15 21:56 - 2016-07-22 00:18 - 00000000 ____D C:\Program Files (x86)\VulkanRT
2017-02-15 21:49 - 2015-12-20 18:49 - 00000000 ____D C:\ProgramData\Skype
2017-02-15 21:40 - 2016-06-06 20:11 - 00000000 ____D C:\Users\Bartdavy\AppData\Roaming\discord
2017-02-14 21:54 - 2016-10-04 19:45 - 00003988 _____ C:\Windows\System32\Tasks\Adobe Flash Player PPAPI Notifier
2017-02-14 21:54 - 2015-07-10 05:04 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2017-02-14 21:54 - 2015-07-10 05:04 - 00000000 ____D C:\Windows\system32\Macromed
2017-02-13 17:10 - 2016-02-05 20:47 - 00003556 _____ C:\Windows\System32\Tasks\GyazoUpdateTaskMachineDaily
2017-02-13 17:10 - 2016-02-05 20:47 - 00003420 _____ C:\Windows\System32\Tasks\GyazoUpdateTaskMachine
2017-02-13 17:10 - 2016-02-05 20:46 - 00000000 ____D C:\Program Files (x86)\Gyazo
2017-02-11 15:16 - 2017-01-13 14:45 - 00000000 ____D C:\Users\Bartdavy\Desktop\Realistic Rain Drops Project
2017-02-11 14:38 - 2015-12-27 02:32 - 00000000 ____D C:\Users\Bartdavy\Documents\Adobe
2017-02-11 14:31 - 2016-07-18 11:37 - 00000000 ____D C:\Program Files\Adobe
2017-02-11 14:28 - 2016-07-18 11:37 - 00000000 ____D C:\Users\Bartdavy\AppData\Roaming\Adobe
2017-02-11 14:14 - 2016-05-21 22:28 - 00000000 ____D C:\Users\Public\Documents\Adobe
2017-02-11 14:08 - 2016-07-18 11:38 - 00000000 ____D C:\Program Files\Common Files\Adobe
2017-02-11 13:55 - 2016-07-18 11:37 - 00000000 ___RD C:\Users\Bartdavy\Creative Cloud Files
2017-02-11 13:55 - 2015-12-27 02:23 - 00000000 ____D C:\ProgramData\boost_interprocess
2017-02-11 13:54 - 2016-07-18 11:35 - 00000000 ____D C:\Program Files (x86)\Adobe
2017-02-10 15:44 - 2016-03-27 00:24 - 00000000 ____D C:\Program Files\Rockstar Games
2017-02-10 15:44 - 2016-03-27 00:24 - 00000000 ____D C:\Program Files (x86)\Rockstar Games
2017-02-08 23:45 - 2017-01-06 23:42 - 28211768 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2017-02-08 23:45 - 2017-01-06 23:42 - 24611488 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2017-02-08 23:45 - 2017-01-06 23:42 - 20938544 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2017-02-08 23:45 - 2017-01-06 23:42 - 14665544 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2017-02-08 23:45 - 2017-01-06 23:42 - 14199224 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2017-02-08 23:45 - 2017-01-06 23:42 - 03977632 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2017-02-08 23:45 - 2017-01-06 23:42 - 03513632 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2017-02-08 23:45 - 2017-01-06 23:42 - 00586336 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2017-02-08 23:45 - 2017-01-06 23:42 - 00042286 _____ C:\Windows\system32\nvinfo.pb
2017-02-08 03:55 - 2016-04-08 21:15 - 00000000 ____D C:\Users\Bartdavy\AppData\Roaming\Audacity
2017-02-07 21:01 - 2016-01-03 19:25 - 00000000 ____D C:\Program Files (x86)\Dropbox
2017-02-06 23:45 - 2015-12-20 18:22 - 00875126 _____ C:\Windows\system32\PerfStringBackup.INI
2017-02-06 23:42 - 2016-09-24 16:15 - 00001485 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2017-02-06 23:41 - 2016-12-26 14:46 - 00004308 _____ C:\Windows\System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-02-06 23:41 - 2016-09-24 16:15 - 00003884 _____ C:\Windows\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-02-06 23:41 - 2016-09-24 16:14 - 00003894 _____ C:\Windows\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-02-06 23:41 - 2016-09-24 16:14 - 00003866 _____ C:\Windows\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-02-06 23:41 - 2016-09-24 16:14 - 00003858 _____ C:\Windows\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-02-06 23:41 - 2016-09-24 16:14 - 00003696 _____ C:\Windows\System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-02-06 23:41 - 2016-09-24 16:14 - 00003654 _____ C:\Windows\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-02-06 23:41 - 2015-12-20 18:21 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2017-02-06 23:41 - 2015-12-20 18:21 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2017-02-06 21:21 - 2015-12-20 18:47 - 00002272 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-02-06 15:09 - 2016-06-04 20:39 - 00000000 ____D C:\Users\Bartdavy\AppData\Local\Ubisoft Game Launcher
2017-02-06 13:43 - 2016-04-16 17:38 - 00835576 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2017-02-06 13:43 - 2016-04-16 17:38 - 00177656 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2017-02-03 21:17 - 2016-12-26 14:47 - 00005110 _____ C:\ProgramData\NvTelemetryContainer.log_backup1
2017-02-03 21:09 - 2015-07-10 06:20 - 05375928 _____ C:\Windows\system32\FNTCACHE.DAT
2017-02-03 21:06 - 2017-01-22 11:19 - 00000000 ____D C:\Users\Bartdavy\AppData\Roaming\Curse Client
2017-02-02 16:42 - 2015-12-20 18:49 - 00000000 ___RD C:\Program Files (x86)\Skype
2017-02-01 23:10 - 2015-12-25 23:57 - 00000000 ____D C:\Program Files\TabletPlugins
2017-02-01 23:10 - 2015-12-25 23:57 - 00000000 ____D C:\Program Files (x86)\TabletPlugins
2017-01-30 22:37 - 2016-07-05 19:50 - 00000000 ____D C:\Users\Bartdavy\Desktop\Witcher Script Merger v0.6.2-484-0-6-2
2017-01-30 20:17 - 2016-06-29 13:46 - 00000000 ____D C:\Users\Bartdavy\Documents\The Witcher 3
2017-01-28 19:01 - 2016-03-07 00:33 - 00000000 ____D C:\Users\Bartdavy\Documents\My Games
2017-01-26 15:14 - 2015-12-27 16:18 - 00000000 ____D C:\ProgramData\AVAST Software
 
==================== Files in the root of some directories =======
 
2016-05-25 03:39 - 2016-10-07 21:22 - 0000033 _____ () C:\Users\Bartdavy\AppData\Roaming\AdobeWLCMCache.dat
2016-02-23 21:35 - 2016-03-16 22:09 - 0000755 _____ () C:\Users\Bartdavy\AppData\Roaming\Coolorus 2
2016-03-18 01:04 - 2016-04-17 23:50 - 0003312 _____ () C:\Users\Bartdavy\AppData\Roaming\VoiceMeeterDefault.xml
2016-02-28 00:57 - 2016-02-28 03:42 - 0002850 _____ () C:\Users\Bartdavy\AppData\Roaming\ZeroBraneStudio.ini
2016-01-03 18:31 - 2016-07-26 15:50 - 0001456 _____ () C:\Users\Bartdavy\AppData\Local\Adobe Save for Web 13.0 Prefs
2016-12-26 21:53 - 2016-12-26 21:53 - 0000291 _____ () C:\Users\Bartdavy\AppData\Local\ledConfiguration.config
2016-01-06 01:43 - 2016-12-13 23:03 - 0007617 _____ () C:\Users\Bartdavy\AppData\Local\Resmon.ResmonCfg
2015-12-31 22:04 - 2015-12-31 22:04 - 0000003 _____ () C:\Users\Bartdavy\AppData\Local\updater.log
2015-12-31 22:04 - 2017-01-22 11:17 - 0000059 _____ () C:\Users\Bartdavy\AppData\Local\UserProducts.xml
2016-01-17 22:53 - 2016-01-17 22:53 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2016-12-26 14:47 - 2017-02-06 23:41 - 0006776 _____ () C:\ProgramData\NvTelemetryContainer.log
2016-12-26 14:47 - 2017-02-03 21:17 - 0005110 _____ () C:\ProgramData\NvTelemetryContainer.log_backup1
 
Files to move or delete:
====================
C:\Users\Bartdavy\AppData\Local\MediaFire Desktop\mf_watch.exe
 
 
Some files in TEMP:
====================
2016-06-27 16:03 - 2016-06-27 16:03 - 0637104 _____ (Acronis) C:\Users\Bartdavy\AppData\Local\Temp\917b0b87-3358-4e79-93de-3dfc2fc99ed0.exe
2016-12-14 21:49 - 2016-12-14 21:49 - 0019968 ____N (Red Hat®, Inc.) C:\Users\Bartdavy\AppData\Local\Temp\jansi-64-5233396759419485504.dll
2016-03-23 18:19 - 2016-03-23 18:19 - 0736320 _____ (Oracle Corporation) C:\Users\Bartdavy\AppData\Local\Temp\jre-8u77-windows-au.exe
2016-01-19 16:39 - 2016-01-12 11:37 - 0036352 _____ (TODO: <Company name>) C:\Users\Bartdavy\AppData\Local\Temp\MFDesktopShellStatic_x64.dll
2016-05-07 10:32 - 2016-05-07 10:32 - 6356696 _____ (Black Tree Gaming                                           ) C:\Users\Bartdavy\AppData\Local\Temp\Nexus Mod Manager-0.61.22.exe
2016-11-18 18:31 - 2016-11-18 18:31 - 6453608 _____ (Black Tree Gaming                                           ) C:\Users\Bartdavy\AppData\Local\Temp\Nexus Mod Manager-0.63.9.exe
2015-12-20 18:22 - 2016-12-01 11:05 - 0747464 _____ (NVIDIA Corporation) C:\Users\Bartdavy\AppData\Local\Temp\nvSCPAPI.dll
2015-12-20 18:22 - 2015-07-13 11:18 - 1367048 _____ (NVIDIA Corporation) C:\Users\Bartdavy\AppData\Local\Temp\nvSCPAPI64.dll
2016-07-22 00:16 - 2016-12-01 11:04 - 0353336 _____ (NVIDIA Corporation) C:\Users\Bartdavy\AppData\Local\Temp\nvStInst.exe
2016-09-24 16:14 - 2016-11-17 07:45 - 1135552 _____ (NVIDIA Corporation) C:\Users\Bartdavy\AppData\Local\Temp\NvTelemetry.dll
2016-09-24 16:14 - 2016-12-12 17:36 - 0253376 _____ (NVIDIA Corporation) C:\Users\Bartdavy\AppData\Local\Temp\NvTelemetryAPI32.dll
2016-09-24 16:14 - 2016-12-12 17:36 - 0334272 _____ (NVIDIA Corporation) C:\Users\Bartdavy\AppData\Local\Temp\NvTelemetryAPI64.dll
2015-12-23 09:40 - 2015-12-23 09:40 - 1672512 _____ () C:\Users\Bartdavy\AppData\Local\Temp\openvpninstall.exe
2015-12-23 01:24 - 2016-01-15 19:52 - 0016896 _____ (PingBuster) C:\Users\Bartdavy\AppData\Local\Temp\pb-updater.exe
2015-12-25 23:54 - 2015-12-25 23:54 - 82101240 _____ () C:\Users\Bartdavy\AppData\Local\Temp\Setup-Wacom.exe
2016-05-21 18:04 - 2016-05-21 18:04 - 45196928 _____ (Skype Technologies S.A.) C:\Users\Bartdavy\AppData\Local\Temp\SkypeSetup.exe
2011-11-03 08:13 - 2011-11-03 08:13 - 1786688 _____ () C:\Users\Bartdavy\AppData\Local\Temp\sonarinst.exe
2016-03-10 00:13 - 2016-05-31 02:56 - 0065280 _____ () C:\Users\Bartdavy\AppData\Local\Temp\utils.dll
2016-06-17 23:12 - 2016-06-17 23:12 - 18665472 _____ () C:\Users\Bartdavy\AppData\Local\Temp\vlc-2.2.4-win32.exe
2016-05-14 23:28 - 2016-05-14 23:28 - 0010472 ____N () C:\Users\Bartdavy\AppData\Local\Temp\winp8522522195271693661.dll
2015-08-02 17:58 - 2015-08-02 17:58 - 0118784 _____ () C:\Users\Bartdavy\AppData\Local\Temp\xmlUpdater.exe
2016-06-12 02:57 - 2016-06-12 02:57 - 0682688 _____ () C:\Users\Bartdavy\AppData\Local\Temp\~sp8C72.tmp.exe
 
==================== Bamital & volsnap ======================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
 
LastRegBack: 2017-02-15 07:22
 
==================== End of FRST.txt ============================
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 23-02-2017 01
Ran by Bartdavy (23-02-2017 15:54:08)
Running from C:\Users\Bartdavy\Desktop
Windows 10 Education (X64) (2015-12-21 00:17:23)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-867934242-1038925789-3082475248-500 - Administrator - Disabled)
Bartdavy (S-1-5-21-867934242-1038925789-3082475248-1001 - Administrator - Enabled) => C:\Users\Bartdavy
DefaultAccount (S-1-5-21-867934242-1038925789-3082475248-503 - Limited - Disabled)
Guest (S-1-5-21-867934242-1038925789-3082475248-501 - Limited - Disabled)
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avast Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
1Password 4.6.0.604 (HKLM-x32\...\1Password4_is1) (Version: 4.0 - AgileBits)
Ableton Live 9 Trial (HKLM\...\{8D34AC1C-17FA-476F-8450-4DE134C8060C}) (Version: 9.0.0.0 - Ableton)
Acronis True Image WD Edition (HKLM-x32\...\{18C886B4-AE66-41C9-BD4D-B5AEDF52A4C1}) (Version: 18.0.6126 - Acronis)
Adobe After Effects CC 2017 (HKLM-x32\...\AEFT_14_1_0) (Version: 14.1.0 - Adobe Systems Incorporated)
Adobe Audition CC 2017 (HKLM-x32\...\AUDT_10_0_2) (Version: 10.0.2 - Adobe Systems Incorporated)
Adobe Bridge CC 2017 (HKLM-x32\...\KBRG_7_0) (Version: 7.0 - Adobe Systems Incorporated)
Adobe Character Animator CC (Beta) (HKLM-x32\...\ANMLBETA_1_0_5) (Version: 1.0.5 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 3.9.1.335 - Adobe Systems Incorporated)
Adobe Dreamweaver CC 2017 (HKLM-x32\...\DRWV_17_0_1) (Version: 17.0.1 - Adobe Systems Incorporated)
Adobe Extension Manager CC (HKLM-x32\...\{244FD30F-63F1-49B9-9D98-1150FF4FFCB1}) (Version: 7.3.2 - Adobe Systems Incorporated)
Adobe Flash Player 24 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 24.0.0.221 - Adobe Systems Incorporated)
Adobe Flash Player 24 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 24.0.0.221 - Adobe Systems Incorporated)
Adobe Illustrator CC 2017 (HKLM-x32\...\ILST_21_0_2) (Version: 21.0.2 - Adobe Systems Incorporated)
Adobe Lightroom (HKLM-x32\...\{8048A5DF-8A70-5BE1-954B-E0FDE1BD0D0D}) (Version: 6.8 - Adobe Systems Incorporated)
Adobe Media Encoder CC 2015.3 (HKLM-x32\...\AME_10_4_0) (Version: 10.4.0 - Adobe Systems Incorporated)
Adobe Media Encoder CC 2017 (HKLM-x32\...\AME_11_0_2) (Version: 11.0.2 - Adobe Systems Incorporated)
Adobe Muse CC 2017 (HKLM-x32\...\MUSE_2017_0_1) (Version: 2017.0.1.13 - Adobe Systems Incorporated)
Adobe Photoshop CC 2017 (HKLM-x32\...\PHSP_18_0_1) (Version: 18.0.1 - Adobe Systems Incorporated)
Adobe Premiere Pro CC 2017 (HKLM-x32\...\PPRO_11_0_2) (Version: 11.0.2 - Adobe Systems Incorporated)
Ansel (Version: 376.33 - NVIDIA Corporation) Hidden
Apple Application Support (64-bit) (HKLM\...\{691F30EB-9009-475A-B8A9-E1BF39598FD5}) (Version: 4.1.2 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{FFD1F7F1-1AC9-4BC4-A908-0686D635ABAF}) (Version: 2.1.4.131 - Apple Inc.)
Arma 3 (HKLM\...\Steam App 107410) (Version:  - Bohemia Interactive)
Asmedia USB Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.16.35.1 - Asmedia Technology)
Asus Sonic Suite Plugins (HKLM-x32\...\{79f16b22-d9d0-480a-88bf-daea8e983129}) (Version: 2.2.2501 - ASUSTeKcomputer.Inc)
Audacity 2.1.2 (HKLM-x32\...\Audacity®_is1) (Version: 2.1.2 - Audacity Team)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 12.3.2280 - AVAST Software)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.6.0.0 - Electronic Arts)
Battlefield 4™ (HKLM-x32\...\{ABADE36E-EC37-413B-8179-B432AD3FACE7}) (Version: 1.7.2.45672 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.3.0 - EA Digital Illusions CE AB)
Betternet for Windows (HKLM-x32\...\{2E77104D-96E1-4A9C-86F2-C7CF4C70EB35}) (Version: 3.6.0.0 - Betternet Technologies Inc.)
bl (x32 Version: 1.0.0 - Your Company Name) Hidden
Blender (HKLM\...\{2BBF253B-4DC9-49DA-AE78-5991452AC317}) (Version: 2.78.2 - Blender Foundation)
Blood and Bacon (HKLM\...\Steam App 434570) (Version:  - Big Corporation)
Cain & Abel 4.9.56 (HKLM-x32\...\Cain & Abel 4.9.56) (Version:  - )
Cheat Engine 6.4 (HKLM-x32\...\Cheat Engine 6.4_is1) (Version:  - Cheat Engine)
CheckDevicesConfigurator (Version: 2.2.2501 - ASUSTeKcomputer.Inc) Hidden
ComicRack v0.9.178 (HKLM\...\ComicRack) (Version: v0.9.178 - cYo Soft)
Corsair Link 4 (HKLM-x32\...\{43242464-db63-47fb-b75c-706bc0dcd863}) (Version: 4.3.0.154 - Corsair Components, Inc.)
Corsair Link 4 (x32 Version: 4.3.0.154 - Corsair Components, Inc.) Hidden
Corsair Link™ USB Dongle (Driver Removal) (HKLM-x32\...\SIUSBXP&1B1C&1C00) (Version:  - Corsair Memory, Inc.)
Counter-Strike: Global Offensive (HKLM\...\Steam App 730) (Version:  - Valve)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version:  - Valve)
Curse (HKLM-x32\...\{DEE70742-F4E9-44CA-B2B9-EE95DCF37295}) (Version: 6.0.0.0 - Curse)
Dead by Daylight: BETA (HKLM\...\Steam App 471230) (Version:  - )
Diablo III (HKLM-x32\...\Diablo III) (Version:  - Blizzard Entertainment)
Discord (HKU\S-1-5-21-867934242-1038925789-3082475248-1001\...\Discord) (Version: 0.0.297 - Hammer & Chisel, Inc.)
Dropbox (HKLM-x32\...\Dropbox) (Version: 19.4.13 - Dropbox, Inc.)
Dropbox Update Helper (x32 Version: 1.3.59.1 - Dropbox, Inc.) Hidden
Else Heart.Break() (HKLM\...\Steam App 400110) (Version:  - Erik Svedäng)
Epic Games Launcher (HKLM-x32\...\{CA4F7840-CC89-451D-8453-392F2EDAA605}) (Version: 1.1.70.0 - Epic Games, Inc.)
ESN Sonar (HKLM-x32\...\ESN Sonar-0.70.4) (Version: 0.70.4 - ESN Social Software AB)
Evolve (HKLM\...\{670B1B49-9FD3-4827-9B41-471EFF580AA8}) (Version: 1.8.18 - Echobit, LLC)
Garry's Mod (HKLM\...\Steam App 4000) (Version:  - Facepunch Studios)
Ghost Recon Wildlands Beta (HKLM-x32\...\Uplay Install 2970) (Version:  - Ubisoft)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 56.0.2924.87 - Google Inc.)
Google Update Helper (x32 Version: 1.3.32.7 - Google Inc.) Hidden
Grand Theft Auto V (HKLM\...\Steam App 271590) (Version:  - Rockstar North)
Gyazo 3.3.0 (HKLM-x32\...\{6DB8C365-E719-4BA5-9594-10DFC244D3FD}_is1) (Version:  - Nota Inc.)
Intel® Network Connections 20.2.4001.0 (HKLM\...\PROSetDX) (Version: 20.2.4001.0 - Intel)
Java 8 Update 101 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180101F0}) (Version: 8.0.1010.13 - Oracle Corporation)
Java 8 Update 111 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180111F0}) (Version: 8.0.1110.14 - Oracle Corporation)
JetBrains PyCharm Community Edition 2016.1.3 (HKLM-x32\...\PyCharm Community Edition 2016.1.3) (Version: 145.971.25 - JetBrains s.r.o.)
KeePass Password Safe 1.31 (HKLM-x32\...\KeePass Password Safe_is1) (Version: 1.31 - Dominik Reichl)
Kerbal Space Program (HKLM\...\Steam App 220200) (Version:  - Squad)
Kodi (HKU\S-1-5-21-867934242-1038925789-3082475248-1001\...\Kodi) (Version:  - XBMC-Foundation)
L3DT Professional v16.05.3.1 x64 (remove only) (HKU\S-1-5-21-867934242-1038925789-3082475248-1001\...\L3DT Professional (v16.05.3.1 x64)) (Version:  - )
Launcher Prerequisites (x64) (x32 Version: 1.0.0.0 - Epic Games, Inc.) Hidden
LauncherSetup (Version: 2.2.2501 - ASUSTeKcomputer.Inc) Hidden
League of Legends (HKLM-x32\...\League of Legends 4.1.2) (Version: 4.1.2 - Riot Games)
League of Legends (x32 Version: 4.1.2 - Riot Games) Hidden
Logitech Gaming Software 5.10 (HKLM\...\{1444D2EE-C7AD-44A8-844F-2634B49353D1}) (Version: 5.10.127 - Logitech)
Logitech Gaming Software 8.88 (HKLM\...\Logitech Gaming Software) (Version: 8.88.30 - Logitech Inc.)
Malwarebytes version 3.0.6.1469 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.0.6.1469 - Malwarebytes)
MediaFire Desktop (HKLM-x32\...\MediaFire Desktop 1.8.12.11026) (Version: 1.9.11.11059 - MediaFire)
Microsoft .NET Framework 4.6.1 SDK (HKLM-x32\...\{2F0ECC80-B9E4-4485-8083-CD32F22ABD92}) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 Targeting Pack (ENU) (HKLM-x32\...\{8EEB28EE-5141-411C-9CF0-9952264FE4AF}) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 Targeting Pack (HKLM-x32\...\{8BC3EEC9-090F-4C53-A8DA-1BEC913040F9}) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Flight Simulator SimConnect Client v10.0.61259.0 (HKLM-x32\...\{D61CA184-3F6D-4A50-B2CC-7A18447D6A8D}) (Version: 10.0.61259.0 - Microsoft Corporation)
Microsoft Flight Simulator SimConnect Client v10.0.62615.0 (HKLM-x32\...\{33D89314-361A-4495-A1E1-0ACBCE08F78D}) (Version: 10.0.62615.0 - Microsoft Corporation)
Microsoft Flight Simulator X: Steam Edition (HKLM\...\Steam App 314160) (Version:  - Microsoft Game Studios)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24210 (HKLM-x32\...\{f144e08f-9cbe-4f09-9a8c-f2b858b7ee7f}) (Version: 14.0.24210.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24210 (HKLM-x32\...\{23658c02-145e-483d-ba6b-1eb82c580529}) (Version: 14.0.24210.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Minecraft (HKLM-x32\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang)
Mozilla Firefox 46.0.1 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 46.0.1 (x86 en-US)) (Version: 46.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 46.0.1.5966 - Mozilla)
MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
Mumble 1.2.13 (HKLM-x32\...\{AB6B69F9-1A90-44EC-AE6C-A6BEA2C4F0CB}) (Version: 1.2.13 - Thorvald Natvig)
NahimicSettingsConfigurator (Version: 2.2.2501 - ASUSTeKcomputer.Inc) Hidden
Nexus Mod Manager (HKLM\...\6af12c54-643b-4752-87d0-8335503010de_is1) (Version: 0.63.9 - Black Tree Gaming)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.8.8 - Notepad++ Team)
NVIDIA 3D Vision Controller Driver 369.04 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 369.04 - NVIDIA Corporation)
NVIDIA 3D Vision Driver 376.53 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 376.53 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.3.0.95 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.3.0.95 - NVIDIA Corporation)
NVIDIA Graphics Driver 376.53 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 376.53 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.34.17 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.17 - NVIDIA Corporation)
NVIDIA LED Visualizer 1.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.LEDVisualizer) (Version: 1.0 - NVIDIA Corporation)
NVIDIA PhysX (HKLM-x32\...\{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}) (Version: 9.10.0513 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation)
NvNodejs (Version: 3.3.0.95 - NVIDIA Corporation) Hidden
NvTelemetry (Version: 2.3.5.0 - NVIDIA Corporation) Hidden
NvvHci (Version: 2.02.0.5 - NVIDIA Corporation) Hidden
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 0.13.2 - OBS Project)
Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version:  - )
OpenIV (HKU\S-1-5-21-867934242-1038925789-3082475248-1001\...\OpenIV) (Version: 2.8.703 - .black/OpenIV Team)
Oracle VM VirtualBox 5.0.20 (HKLM\...\{8209969B-9A31-4021-B0D8-E6F719F7F995}) (Version: 5.0.20 - Oracle Corporation)
Origin (HKLM-x32\...\Origin) (Version: 10.3.5.6379 - Electronic Arts, Inc.)
Overwatch (HKLM-x32\...\Overwatch) (Version:  - Blizzard Entertainment)
Overwolf (HKLM-x32\...\Overwolf) (Version: 0.102.217.0 - Overwolf Ltd.)
PaintTool SAI Ver.1 (HKLM-x32\...\PaintToolSAI) (Version:  - )
PAYDAY 2 (HKLM\...\Steam App 218620) (Version:  - OVERKILL - a Starbreeze Studio.)
ph (x32 Version: 1.0.0 - Your Company Name) Hidden
Prison Architect (HKLM\...\Steam App 233450) (Version:  - Introversion Software)
Prison Architect (HKLM-x32\...\Steam App 233450) (Version:  - Introversion Software)
ProductDaemonSetup (Version: 2.2.2501 - ASUSTeKcomputer.Inc) Hidden
Project CARS (HKLM\...\Steam App 234630) (Version:  - Slightly Mad Studios)
PS4 Remote Play (HKLM-x32\...\{1F1AAC07-945B-451F-9CE6-1C7E7BB9CBF2}) (Version: 1.0.0.15181 - Sony Interactive Entertainment Inc.)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)
Python 3.5.1 (32-bit) (HKU\S-1-5-21-867934242-1038925789-3082475248-1001\...\{c39d559b-aa83-4476-ba20-988a35a1199a}) (Version: 3.5.1150.0 - Python Software Foundation)
Python 3.5.1 Core Interpreter (32-bit) (x32 Version: 3.5.1150.0 - Python Software Foundation) Hidden
Python 3.5.1 Development Libraries (32-bit) (x32 Version: 3.5.1150.0 - Python Software Foundation) Hidden
Python 3.5.1 Documentation (32-bit) (x32 Version: 3.5.1150.0 - Python Software Foundation) Hidden
Python 3.5.1 Executables (32-bit) (x32 Version: 3.5.1150.0 - Python Software Foundation) Hidden
Python 3.5.1 Launcher (32-bit) (HKLM-x32\...\{17778F7B-FB5A-4A93-9719-D75BAF673498}) (Version: 3.5.150.0 - Python Software Foundation)
Python 3.5.1 pip Bootstrap (32-bit) (x32 Version: 3.5.1150.0 - Python Software Foundation) Hidden
Python 3.5.1 Standard Library (32-bit) (x32 Version: 3.5.1150.0 - Python Software Foundation) Hidden
Python 3.5.1 Tcl/Tk Support (32-bit) (x32 Version: 3.5.1150.0 - Python Software Foundation) Hidden
Python 3.5.1 Test Suite (32-bit) (x32 Version: 3.5.1150.0 - Python Software Foundation) Hidden
Python 3.5.1 Utility Scripts (32-bit) (x32 Version: 3.5.1150.0 - Python Software Foundation) Hidden
QuickTime Alternative 3.2.2 (HKLM-x32\...\QuicktimeAlt_is1) (Version: 3.2.2 - )
Razer Synapse (HKLM-x32\...\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 2.20.15.822 - Razer Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7829 - Realtek Semiconductor Corp.)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.2.1.4 - Rockstar Games)
SafeZone Stable 1.51.2220.62 (x32 Version: 1.51.2220.62 - Avast Software) Hidden
Scribblenauts Unlimited (HKLM\...\Steam App 218680) (Version:  - 5th Cell Media)
SHIELD Streaming (Version: 7.1.0351 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 3.3.0.95 - NVIDIA Corporation) Hidden
Skype™ 7.32 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.32.104 - Skype Technologies S.A.)
Skyrim Creation Kit (HKLM\...\Steam App 202480) (Version:  - bgs.bethsoft.com)
Skyrim Script Extender (SKSE) (HKLM\...\Steam App 365720) (Version:  - The SKSE Team)
SonicRadarSetup (Version: 1.0.0.0 - ASUSTeKcomputer.Inc) Hidden
SonicStudioSetup (Version: 2.2.2501 - ASUSTeKcomputer.Inc) Hidden
Source Filmmaker (HKLM\...\Steam App 1840) (Version:  - Valve)
Spotify (HKU\S-1-5-21-867934242-1038925789-3082475248-1001\...\Spotify) (Version: 1.0.34.146.g28f9eda2 - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Survival Launcher (HKLM-x32\...\{0FE0A042-8D15-497C-BB00-9C02D18E83D2}) (Version: 1.0.0.6 - Survival Launcher)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.19 - TeamSpeak Systems GmbH)
The Elder Scrolls V: Skyrim (HKLM\...\Steam App 72850) (Version:  - Bethesda Game Studios)
The Witcher 3: Wild Hunt (HKLM\...\Steam App 292030) (Version:  - CD PROJEKT RED)
Total War: ROME II - Emperor Edition (HKLM\...\Steam App 214950) (Version:  - Creative Assembly)
TradeSkillMaster Application version 1.0 (HKLM-x32\...\{c44da794-b956-4d50-8733-346d56ae63c7}_is1) (Version: 1.0 - TradeSkillMaster)
Trove (HKLM\...\Steam App 304050) (Version:  - Trion Worlds)
UE4 Prerequisites (x64) (Version: 1.0.11.0 - Epic Games, Inc.) Hidden
UE4 Prerequisites (x64) (x32 Version: 1.0.13.0 - Epic Games, Inc.) Hidden
UltraUXThemePatcher (HKLM-x32\...\UltraUXThemePatcher) (Version: 3.0.4.0 - Manuel Hoefs (Zottel))
Uplay (HKLM-x32\...\Uplay) (Version: 19.1 - Ubisoft)
USBPcap 1.1.0.0-g794bf26-3 (HKLM\...\USBPcap) (Version: 1.1.0.0-g794bf26-3 - )
UxStyle (HKLM-x32\...\{6bf90d91-c5db-454e-a7b4-81bc6cbbe13f}) (Version: 0.2.4.2 - The Within Network, LLC)
UxStyle (Version: 0.2.4.2 - The Within Network, LLC) Hidden
VirtualDJ 8 (HKLM-x32\...\{B7D6C720-CB38-41AA-9804-0AA2090BE1B5}) (Version: 8.2.3573.0 - Atomix Productions)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
Voicemeeter, The Virtual Mixing Console (HKLM-x32\...\VB:Voicemeeter {17359A74-1236-5467}) (Version:  - VB-Audio Software)
Vulkan Run Time Libraries 1.0.26.0 (HKLM\...\VulkanRT1.0.26.0) (Version: 1.0.26.0 - LunarG, Inc.)
Wacom Tablet (HKLM\...\Wacom Tablet Driver) (Version: 6.3.20-5 - Wacom Technology Corp.)
WebTablet FB Plugin 32 bit (HKLM-x32\...\Wacom WebTabletPlugin for Internet Explorer and Netscape) (Version: 2.1.0.7 - Wacom Technology Corp.)
WebTablet FB Plugin 64 bit (HKLM\...\Wacom WebTabletPlugin for Internet Explorer and Netscape) (Version: 2.1.0.7 - Wacom Technology Corp.)
Windows Driver Package - Corsair Components, Inc. (SIUSBXP) USB  (10/30/2015 3.6) (HKLM\...\689CB8E4310D795D383E65C05A8F13A05D92E771) (Version: 10/30/2015 3.6 - Corsair Components, Inc.)
WinRAR 5.30 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.30.0 - win.rar GmbH)
Wireshark 2.0.3 (64-bit) (HKLM-x32\...\Wireshark) (Version: 2.0.3 - The Wireshark developer community, hxxps://www.wireshark.org)
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version:  - Blizzard Entertainment)
World of Warships (HKU\S-1-5-21-867934242-1038925789-3082475248-1001\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C814na}_is1) (Version:  - Wargaming.net)
XCOM 2 (HKLM\...\Steam App 268500) (Version:  - Firaxis)
 
==================== Custom CLSID (Whitelisted): ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
CustomCLSID: HKU\S-1-5-21-867934242-1038925789-3082475248-1001_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-271D3080DFBB}\InprocServer32 -> %%systemroot%%\system32\shell32.dll => No File
CustomCLSID: HKU\S-1-5-21-867934242-1038925789-3082475248-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
 
==================== Scheduled Tasks (Whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {0504AF2F-F36C-44EC-85CF-1A081FC02138} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2017-01-20] (NVIDIA Corporation)
Task: {0D0CECDE-7169-4DB1-B54E-055704059C1E} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2017-01-26] (AVAST Software)
Task: {185E4499-8841-486B-B921-2F2C73808BAC} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_24_0_0_221_pepper.exe [2017-02-14] (Adobe Systems Incorporated)
Task: {1A415608-C390-4557-A26A-A9B162032507} - System32\Tasks\update-sys => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [2014-11-28] ()
Task: {2478BDDA-D7D6-4D86-AFB0-2642BBCF73D0} - System32\Tasks\SS2Svc32Run => C:\Program Files\ASUSTeKcomputer.Inc\SS2\UserInterface\SS2Svc32.exe [2016-07-01] ()
Task: {3497C8AF-45C7-4109-890C-3AA0087175CF} - System32\Tasks\GyazoUpdateTaskMachine => C:\Program Files (x86)\Gyazo\GyazoUpdate.exe [2017-02-03] ()
Task: {38099CB9-114A-4D07-B656-A79E07E55E4F} - System32\Tasks\SafeZone scheduled Autoupdate 1485465506 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe [2016-09-06] (Avast Software)
Task: {38E36453-AFCB-4BD2-83A0-6CCB77A12F54} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2015-08-27] (Apple Inc.)
Task: {4524C7E6-D824-46C3-94C5-E5A2AFBD403A} - System32\Tasks\{E1E033A6-00D9-4440-AF21-BAA38CA5E57A} => pcalua.exe -a "C:\ProgramData\Battle.net\Agent\Blizzard Uninstaller.exe" -c --lang=enUS --uid=battle.net --displayname="Battle.net"
Task: {50E1810B-3018-4388-A036-DF6F75AA3556} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-12-20] (Google Inc.)
Task: {54420BFF-CC1E-4DA9-9605-96ED3F71821E} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-01-03] (Dropbox, Inc.)
Task: {568921EF-B19F-4B78-BCC4-17FE7DD5191A} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-02-14] (Adobe Systems Incorporated)
Task: {5D323009-D8B5-4548-88EF-90B13D5BF030} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-01-03] (Dropbox, Inc.)
Task: {5E1E5042-02D5-4659-BD34-6E19768853A8} - System32\Tasks\GyazoUpdateTaskMachineDaily => C:\Program Files (x86)\Gyazo\GyazoUpdate.exe [2017-02-03] ()
Task: {5EBC4B1B-541F-4D0E-B2BC-FBF4C917DDF2} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-01-20] (NVIDIA Corporation)
Task: {64A76B2A-9810-482C-8F57-1EB75D63777A} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2017-02-23] (Microsoft Corporation)
Task: {6B82AA0D-D27A-411E-A199-275F07B1F25D} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2017-01-27] (AVAST Software)
Task: {70BAE118-6097-4712-9DA2-5726FFC9D386} - System32\Tasks\SS2Svc64Run => C:\Program Files\ASUSTeKcomputer.Inc\SS2\UserInterface\x64\SS2Svc64.exe [2016-07-01] ()
Task: {7F216024-F360-4598-A8BD-B3E7CDFB6A68} - System32\Tasks\[email protected] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2016-07-01] (Adobe Systems Incorporated)
Task: {825F5138-C0F7-4AFC-8947-6DAD7CE500F2} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-01-20] (NVIDIA Corporation)
Task: {827272DA-E7A3-4DBF-A1C5-53A30A26DC8B} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-01-20] (NVIDIA Corporation)
Task: {87AF5E84-2D3B-4C57-BF4D-4E3FCB01E9ED} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-01-20] (NVIDIA Corporation)
Task: {A217EE96-409B-46D7-BFE8-3A62B16A63FC} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-01-20] (NVIDIA Corporation)
Task: {A795DB1E-F705-44DC-9720-D42BB7E5F3FF} - System32\Tasks\SS2UILauncherRun => C:\Program Files\ASUSTeKcomputer.Inc\SS2\UserInterface\SS2UILauncher.exe [2016-07-01] ()
Task: {B09789E0-1865-48B6-B03A-BBB3E3DB6892} - System32\Tasks\update-S-1-5-21-867934242-1038925789-3082475248-1001 => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [2014-11-28] ()
Task: {B10B2836-13ED-40DB-91A2-23758051B3CB} - System32\Tasks\CreateExplorerShellUnelevatedTask
Task: {CB9915B7-AAE5-4DD4-A342-A75A89322B13} - System32\Tasks\Red Giant Link => C:\Program Files\Red Giant Link\Red Giant Link.exe 
Task: {CF3534FC-AB08-4920-AA5C-AC1D36E43A32} - System32\Tasks\{000480E8-FC31-4A73-A164-27AB331D3EAC} => pcalua.exe -a "C:\Program Files (x86)\PP助手5.0\uninst.exe"
Task: {E08465FD-66BA-4B63-A5A2-7F6393AEDE07} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-12-20] (Google Inc.)
Task: {E652D2C0-C582-4813-A16B-D6318738BFE0} - System32\Tasks\Overwolf Updater Task => C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [2017-02-20] (Overwolf LTD)
Task: {FD9CEB9F-697D-4908-9746-8E562A175517} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2017-01-20] (NVIDIA Corporation)
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_24_0_0_221_pepper.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\update-S-1-5-21-867934242-1038925789-3082475248-1001.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe
Task: C:\Windows\Tasks\update-sys.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe
 
==================== Shortcuts =============================
 
(The entries could be listed to be restored or removed.)
 
Shortcut: C:\Users\Bartdavy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VirtualDJ\Online Help.lnk -> hxxp://www.virtualdj.com/wiki
Shortcut: C:\Users\Bartdavy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VirtualDJ\www.virtualdj.com.lnk -> hxxp://www.virtualdj.com
 
ShortcutWithArgument: C:\Users\Bartdavy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Moo.do.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) ->  --profile-directory=Default --app-id=iffimmolghilclfndeiebgppddmagofk
 
==================== Loaded Modules (Whitelisted) ==============
 
2015-07-10 05:00 - 2015-07-10 05:00 - 00028160 _____ () C:\Windows\SYSTEM32\efsext.dll
2015-12-20 20:58 - 2015-07-14 20:04 - 00032768 _____ () C:\Windows\SYSTEM32\licensemanagerapi.dll
2016-12-26 14:29 - 2014-04-24 00:29 - 01360016 _____ () C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe
2016-12-26 14:29 - 2016-12-26 14:29 - 00936728 _____ () C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe
2016-11-10 20:24 - 2016-10-25 01:15 - 00404480 _____ () C:\Windows\System32\diagtrack_wininternal.dll
2017-02-21 22:36 - 2017-01-20 07:47 - 02264352 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\PoliciesControllerImpl.dll
2017-02-21 22:36 - 2017-01-20 07:47 - 02829776 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\arwlib.dll
2017-02-21 22:36 - 2017-01-20 07:47 - 02254800 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll
2016-09-24 16:14 - 2017-01-20 12:39 - 04489152 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\Poco.dll
2016-09-24 16:14 - 2017-01-20 12:39 - 01147328 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
2016-05-06 19:34 - 2016-08-03 22:55 - 00076152 _____ () C:\Windows\system32\PnkBstrA.exe
2016-12-13 17:13 - 2016-11-19 04:24 - 02495776 _____ () C:\Windows\system32\CoreUIComponents.dll
2016-07-01 11:36 - 2016-07-01 11:36 - 00287760 _____ () C:\Program Files\ASUSTeKcomputer.Inc\SS2\UserInterface\x64\SS2OSD.dll
2016-07-01 11:36 - 2016-07-01 11:36 - 00209424 _____ () C:\Program Files\ASUSTeKcomputer.Inc\SS2\UserInterface\x64\SS2DevProps.dll
2016-12-13 17:13 - 2016-11-19 04:24 - 02495776 _____ () C:\Windows\System32\CoreUIComponents.dll
2016-05-18 16:49 - 2016-05-06 10:41 - 00235008 _____ () C:\Users\Bartdavy\AppData\Local\MediaFire Desktop\x64\MFShellIconOverlayError.dll
2016-05-18 16:49 - 2016-05-06 10:41 - 00235008 _____ () C:\Users\Bartdavy\AppData\Local\MediaFire Desktop\x64\MFShellIconOverlaySynced.dll
2016-05-18 16:49 - 2016-05-06 10:41 - 00235008 _____ () C:\Users\Bartdavy\AppData\Local\MediaFire Desktop\x64\MFShellIconOverlayReadOnly.dll
2016-05-18 16:49 - 2016-05-06 10:41 - 00235008 _____ () C:\Users\Bartdavy\AppData\Local\MediaFire Desktop\x64\MFShellIconOverlayLock.dll
2016-05-18 16:49 - 2016-05-06 10:41 - 00235008 _____ () C:\Users\Bartdavy\AppData\Local\MediaFire Desktop\x64\MFShellIconOverlaySyncing.dll
2016-10-25 09:57 - 2016-10-25 09:57 - 00491184 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll
2016-05-23 21:20 - 2016-05-23 21:20 - 00959168 _____ () C:\Users\Bartdavy\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64\ClientTelemetry.dll
2016-03-28 17:27 - 2016-05-06 10:41 - 00312832 _____ () C:\Program Files (x86)\MediaFire Desktop\bin\MFDesktopShellExtx64.dll
2017-02-01 23:09 - 2017-01-17 15:24 - 01658320 _____ () C:\Program Files\Tablet\Wacom\libxml2.dll
2015-12-20 20:54 - 2015-09-16 23:48 - 00429056 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2016-12-13 17:14 - 2016-11-19 00:09 - 06569472 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-12-13 17:13 - 2016-11-19 00:06 - 00471040 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-12-13 17:14 - 2016-11-19 00:06 - 01808384 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2015-12-20 20:56 - 2015-09-16 23:43 - 02274816 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2015-03-06 18:07 - 2015-03-06 18:07 - 00908568 _____ () C:\Program Files\Logitech Gaming Software\libGLESv2.dll
2016-09-29 15:13 - 2016-09-29 15:13 - 01096824 _____ () C:\Program Files\Logitech Gaming Software\platforms\qwindows.dll
2015-03-06 18:07 - 2015-03-06 18:07 - 00060184 _____ () C:\Program Files\Logitech Gaming Software\libEGL.dll
2016-09-29 15:13 - 2016-09-29 15:13 - 00241784 _____ () C:\Program Files\Logitech Gaming Software\imageformats\qjpeg.dll
2017-01-07 00:25 - 2016-05-25 10:00 - 00105312 _____ () C:\Windows\SYSTEM32\audioLibVc.dll
2016-07-01 11:34 - 2016-07-01 11:34 - 00557072 _____ () C:\Program Files\ASUSTeKcomputer.Inc\SS2\UserInterface\SS2UILauncher.exe
2016-07-01 11:34 - 2016-07-01 11:34 - 02741760 _____ () C:\Program Files\ASUSTeKcomputer.Inc\SS2\UserInterface\SS2svc32.exe
2016-07-01 11:37 - 2016-07-01 11:37 - 00485888 _____ () C:\Program Files\ASUSTeKcomputer.Inc\SS2\UserInterface\x64\SS2svc64.exe
2016-08-19 02:12 - 2016-08-19 02:12 - 00298448 _____ () C:\ProgramData\Razer\Synapse\RzStats\RzStats.Manager.exe
2017-01-26 15:13 - 2017-01-26 15:13 - 00169064 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2017-01-26 15:14 - 2017-01-26 15:14 - 00482928 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll
2017-02-23 12:04 - 2017-02-23 12:04 - 05884928 _____ () C:\Program Files\AVAST Software\Avast\defs\17022300\algo.dll
2016-12-26 14:29 - 2017-02-23 00:03 - 00041768 _____ () C:\Program Files (x86)\ASUS\AXSP\1.02.00\PEbiosinterface32.dll
2016-12-26 14:29 - 2015-05-08 00:26 - 00104448 _____ () C:\Program Files (x86)\ASUS\AXSP\1.02.00\ATKEX.dll
2016-09-14 15:48 - 2017-01-20 22:21 - 02493440 _____ () C:\Program Files (x86)\Origin\libGLESv2.dll
2016-09-24 16:14 - 2017-01-20 12:39 - 00018880 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2016-09-24 16:14 - 2017-01-20 12:39 - 03774400 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\Poco.dll
2016-09-24 16:14 - 2017-01-20 12:39 - 00900032 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll
2016-07-01 11:33 - 2016-07-01 11:33 - 00256016 _____ () C:\Program Files\ASUSTeKcomputer.Inc\SS2\UserInterface\SS2OSD.dll
2016-07-01 11:33 - 2016-07-01 11:33 - 00178704 _____ () C:\Program Files\ASUSTeKcomputer.Inc\SS2\UserInterface\SS2DevProps.dll
2016-07-01 11:34 - 2016-07-01 11:34 - 00098816 _____ () C:\Program Files\ASUSTeKcomputer.Inc\SS2\UserInterface\sradarlauncher.dll
2015-12-20 18:51 - 2016-12-23 12:28 - 00657184 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2015-12-20 18:51 - 2016-08-31 19:02 - 04969248 _____ () C:\Program Files (x86)\Steam\v8.dll
2015-12-20 18:51 - 2017-01-18 19:30 - 02327840 _____ () C:\Program Files (x86)\Steam\video.dll
2015-12-20 18:51 - 2016-08-31 19:02 - 01563936 _____ () C:\Program Files (x86)\Steam\icui18n.dll
2015-12-20 18:51 - 2016-08-31 19:02 - 01195296 _____ () C:\Program Files (x86)\Steam\icuuc.dll
2015-12-20 18:51 - 2016-01-27 01:49 - 02549760 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll
2015-12-20 18:51 - 2016-01-27 01:49 - 00491008 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll
2015-12-20 18:51 - 2016-01-27 01:49 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll
2015-12-20 18:51 - 2016-01-27 01:49 - 00442880 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll
2015-12-20 18:51 - 2016-01-27 01:49 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll
2015-12-20 18:51 - 2017-01-18 19:30 - 00838432 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2016-03-09 01:56 - 2016-07-04 16:17 - 00266560 _____ () C:\Program Files (x86)\Steam\openvr_api.dll
2017-01-16 10:33 - 2017-01-04 14:28 - 01958912 _____ () C:\Users\Bartdavy\AppData\Local\Discord\app-0.0.297\ffmpeg.dll
2017-01-16 10:36 - 2017-01-16 10:36 - 01082880 _____ () \\?\C:\Users\Bartdavy\AppData\Roaming\discord\0.0.297\modules\discord_voice\discord_voice.node
2017-01-16 10:36 - 2017-01-16 10:36 - 03750400 _____ () \\?\C:\Users\Bartdavy\AppData\Roaming\discord\0.0.297\modules\discord_voice\libdiscord.dll
2017-01-16 10:36 - 2017-01-16 10:36 - 00914432 _____ () \\?\C:\Users\Bartdavy\AppData\Roaming\discord\0.0.297\modules\discord_utils\discord_utils.node
2017-01-16 10:36 - 2017-01-16 10:36 - 01127424 _____ () \\?\C:\Users\Bartdavy\AppData\Roaming\discord\0.0.297\modules\discord_toaster\discord_toaster.node
2017-01-28 19:27 - 2017-01-28 19:27 - 01311744 _____ () \\?\C:\Users\Bartdavy\AppData\Roaming\discord\0.0.297\modules\discord_overlay\discord_overlay.node
2016-06-22 20:34 - 2016-06-22 20:34 - 00143824 _____ () C:\ProgramData\Razer\Synapse\CrashReporter\CrashRpt1402.dll
2015-09-15 16:56 - 2015-09-15 16:56 - 00037328 _____ () C:\Program Files (x86)\Acronis\TrueImageHome\qt_icontray_ex.dll
2015-09-15 16:56 - 2015-09-15 16:56 - 00034256 _____ () C:\Program Files (x86)\Common Files\Acronis\Home\thread_pool.dll
2017-01-26 15:14 - 2017-01-26 15:14 - 48936448 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2016-11-10 18:13 - 2017-01-04 21:12 - 68813088 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.win7\libcef.dll
2015-12-20 18:51 - 2017-01-18 19:30 - 00383776 _____ () C:\Program Files (x86)\Steam\steam.dll
2016-10-07 17:53 - 2016-06-27 15:57 - 50663704 _____ () C:\Users\Bartdavy\AppData\Local\razer\InGameEngine\cache\RzStats.Manager\cef\libcef.dll
2017-02-18 17:58 - 2017-02-18 17:58 - 00148992 _____ () \\?\C:\Users\Bartdavy\AppData\Local\Discord\app-0.0.297\resources\app\node_modules\erlpack\build\Release\erlpack.node
2017-01-16 10:36 - 2017-01-16 10:36 - 02658304 _____ () \\?\C:\Users\Bartdavy\AppData\Roaming\discord\0.0.297\modules\discord_rpc\discord_rpc.node
2016-09-24 16:14 - 2017-01-20 07:36 - 00338488 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVAccountAPINode.node
2016-09-24 16:14 - 2017-01-20 07:36 - 00254008 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\DriverInstall.node
2016-09-24 16:14 - 2017-01-20 07:36 - 02808888 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\Downloader.node
2016-09-24 16:14 - 2017-01-20 07:36 - 00384568 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvGameShareAPINode.node
2016-09-24 16:14 - 2017-01-20 07:36 - 00537656 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvSpCapsAPINode.node
2016-09-24 16:14 - 2017-01-20 07:36 - 00468024 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvGalleryAPINode.node
2016-09-24 16:14 - 2017-01-20 07:36 - 01066552 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvCameraAPINode.node
2016-12-26 14:46 - 2017-01-20 07:36 - 01014840 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvSDKAPINode.node
2016-05-23 21:20 - 2016-05-23 21:20 - 00679624 _____ () C:\Users\Bartdavy\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\ClientTelemetry.dll
 
==================== Alternate Data Streams (Whitelisted) =========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 
AlternateDataStreams: C:\Users\Bartdavy\Downloads\Pyro is a rat.jpg:com.dropbox.attributes [424]
 
==================== Safe Mode (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
 
==================== Association (Whitelisted) ===============
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
 
HKU\S-1-5-21-867934242-1038925789-3082475248-1001\Software\Classes\regfile: regedit.exe "%1" <===== ATTENTION
 
==================== Internet Explorer trusted/restricted ===============
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
 
==================== Hosts content: ===============================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2015-07-10 05:04 - 2015-07-10 05:02 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
 
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-867934242-1038925789-3082475248-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\resources\themes\Void Dark\Void.jpg
DNS Servers: 209.18.47.61 - 209.18.47.62
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud"
HKLM\...\StartupApproved\Run32: => "Dropbox"
HKLM\...\StartupApproved\Run32: => "LogMeIn Hamachi Ui"
HKLM\...\StartupApproved\Run32: => "Lightshot"
HKLM\...\StartupApproved\Run32: => "Agile1pAgent"
HKU\S-1-5-21-867934242-1038925789-3082475248-1001\...\StartupApproved\StartupFolder: => "Rainmeter.lnk"
HKU\S-1-5-21-867934242-1038925789-3082475248-1001\...\StartupApproved\StartupFolder: => "Curse.lnk"
HKU\S-1-5-21-867934242-1038925789-3082475248-1001\...\StartupApproved\Run: => "EvolveClient"
HKU\S-1-5-21-867934242-1038925789-3082475248-1001\...\StartupApproved\Run: => "MediaFire Tray"
HKU\S-1-5-21-867934242-1038925789-3082475248-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-867934242-1038925789-3082475248-1001\...\StartupApproved\Run: => "Spotify"
HKU\S-1-5-21-867934242-1038925789-3082475248-1001\...\StartupApproved\Run: => "Spotify Web Helper"
HKU\S-1-5-21-867934242-1038925789-3082475248-1001\...\StartupApproved\Run: => "TeamSpeak 3 Client"
HKU\S-1-5-21-867934242-1038925789-3082475248-1001\...\StartupApproved\Run: => "EADM"
HKU\S-1-5-21-867934242-1038925789-3082475248-1001\...\StartupApproved\Run: => "Overwolf"
HKU\S-1-5-21-867934242-1038925789-3082475248-1001\...\StartupApproved\Run: => "CyberGhost"
HKU\S-1-5-21-867934242-1038925789-3082475248-1001\...\StartupApproved\Run: => "TSMApplication"
 
==================== FirewallRules (Whitelisted) ===============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{31E1EC1F-F249-421C-93E0-E34BF4C0DABF}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{22195B76-8533-4E92-868D-FE554A4E7D9D}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{02928FAB-B307-4BDC-88A6-CCB34705FB75}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{3489F6F1-3A96-4A8E-8E23-D1DC1A575E70}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{A317D0AC-791D-4487-98A0-CE394ADAD2CA}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [TCP Query User{09E54301-1620-4D87-98D8-08A0FF013D46}C:\program files (x86)\steam\steamapps\common\arma 3\arma3.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\arma 3\arma3.exe
FirewallRules: [UDP Query User{5AAD0890-059E-41AA-A334-A0049B2C4369}C:\program files (x86)\steam\steamapps\common\arma 3\arma3.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\arma 3\arma3.exe
FirewallRules: [{747F645D-1A9E-480A-875A-5C50D2865BE3}] => (Block) C:\program files (x86)\steam\steamapps\common\arma 3\arma3.exe
FirewallRules: [{D67F89C4-12E5-49DB-A5DF-82840BE932A8}] => (Block) C:\program files (x86)\steam\steamapps\common\arma 3\arma3.exe
FirewallRules: [TCP Query User{75776A47-2D59-4090-B6CA-34196456F5D3}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe
FirewallRules: [UDP Query User{F2C783ED-2B57-4052-8A8C-2F50480944C8}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe
FirewallRules: [{CF4C1D48-DAC3-4A72-B3AF-699829FB805D}] => (Block) C:\program files\logitech gaming software\lcore.exe
FirewallRules: [{E47488F4-316C-47EC-9FCF-0AA4F941FEFD}] => (Block) C:\program files\logitech gaming software\lcore.exe
FirewallRules: [TCP Query User{DCE71D3A-8D14-4C9F-AB9C-35C9E2A72742}C:\users\bartdavy\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\bartdavy\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{B4AC83F9-79D3-424F-9775-262D66BFDFE8}C:\users\bartdavy\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\bartdavy\appdata\roaming\spotify\spotify.exe
FirewallRules: [{0AE3F450-CB56-4279-B52D-ADF811FBDFFA}] => (Block) C:\users\bartdavy\appdata\roaming\spotify\spotify.exe
FirewallRules: [{D5E6BBE5-F80C-4004-B9F0-0FED5297819E}] => (Block) C:\users\bartdavy\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{4E328A96-9AB8-4B5F-9BB9-1EFB7281278D}C:\program files (x86)\kodi\kodi.exe] => (Allow) C:\program files (x86)\kodi\kodi.exe
FirewallRules: [UDP Query User{D96A12AE-2229-4BE5-B0F9-A9B539EB3CDB}C:\program files (x86)\kodi\kodi.exe] => (Allow) C:\program files (x86)\kodi\kodi.exe
FirewallRules: [{29A81BDC-8BB3-4DC1-B40A-4C2CA912EE00}] => (Block) C:\program files (x86)\kodi\kodi.exe
FirewallRules: [{ECE84BF0-BE8A-4FBA-945C-D299528D78D5}] => (Block) C:\program files (x86)\kodi\kodi.exe
FirewallRules: [TCP Query User{55B81F89-2629-4CF1-9166-6A38E170DB4B}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{551EED3A-3E31-41E0-8DB1-CB0299E02F9A}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [{FD396C13-3128-451A-A1B2-6FDE9501D4F4}] => (Block) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [{AB64A08C-3830-4C60-AB08-18F41ABAC5DD}] => (Block) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [TCP Query User{EFCDD2C5-CCFC-4B7E-8B81-4ED769B90136}C:\program files\bitcoin\bitcoin-qt.exe] => (Allow) C:\program files\bitcoin\bitcoin-qt.exe
FirewallRules: [UDP Query User{658BD1BC-4389-4A49-BAEF-B2688AFE0EB9}C:\program files\bitcoin\bitcoin-qt.exe] => (Allow) C:\program files\bitcoin\bitcoin-qt.exe
FirewallRules: [TCP Query User{189E8357-71B9-4322-8672-2230AE38FDAD}C:\program files\bitcoin\bitcoin-qt.exe] => (Block) C:\program files\bitcoin\bitcoin-qt.exe
FirewallRules: [UDP Query User{446BD467-280E-46F6-8DB3-EC9FE28A2C24}C:\program files\bitcoin\bitcoin-qt.exe] => (Block) C:\program files\bitcoin\bitcoin-qt.exe
FirewallRules: [TCP Query User{DA153626-D170-4A16-93DB-558DBFB029DD}C:\program files (x86)\java\jre1.8.0_66\bin\java.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_66\bin\java.exe
FirewallRules: [UDP Query User{25660479-F96D-436F-9579-5A50CCB2278F}C:\program files (x86)\java\jre1.8.0_66\bin\java.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_66\bin\java.exe
FirewallRules: [{B0A43D5E-824F-48F0-AC3A-9D3B85C81840}] => (Allow) C:\Program Files\Echobit\Evolve\EvoSvc.exe
FirewallRules: [{CF6859E5-0484-40EB-9CC6-50881599D738}] => (Allow) C:\Program Files\Echobit\Evolve\EvolveClient.exe
FirewallRules: [{FFD91E8D-8998-4B11-BBEF-FFA992146BF3}] => (Allow) C:\Program Files\Ventrilo\Ventrilo.exe
FirewallRules: [{4107F5BD-DAE2-4E9F-B7D1-25743E2CF060}] => (Allow) C:\Program Files\Ventrilo\Ventrilo.exe
FirewallRules: [{6B3AAD91-17E1-47DA-93A5-05FABC851D3B}] => (Allow) %ProgramFiles% (x86)\Cain\Cain.exe
FirewallRules: [{D52A265F-27F2-44D4-A29B-9937F512AB54}] => (Allow) D:\SteamLibrary\steamapps\common\Prison Architect\Prison Architect.exe
FirewallRules: [{18A00AD7-63E0-4A8B-8B02-2924FF83CFA2}] => (Allow) D:\SteamLibrary\steamapps\common\Prison Architect\Prison Architect.exe
FirewallRules: [{EF3DF275-ADA9-422B-82FD-7D6321D08EF2}] => (Allow) D:\SteamLibrary\steamapps\common\Total War Rome II\launcher\launcher.exe
FirewallRules: [{E17C0CBE-876B-4BE5-A555-01859D706375}] => (Allow) D:\SteamLibrary\steamapps\common\Total War Rome II\launcher\launcher.exe
FirewallRules: [TCP Query User{EA529319-466E-45AD-B91C-C18731E37590}D:\steamlibrary\steamapps\common\total war rome ii\rome2.exe] => (Allow) D:\steamlibrary\steamapps\common\total war rome ii\rome2.exe
FirewallRules: [UDP Query User{FA68EAD4-D398-4F16-B1AF-BAC95FCAB479}D:\steamlibrary\steamapps\common\total war rome ii\rome2.exe] => (Allow) D:\steamlibrary\steamapps\common\total war rome ii\rome2.exe
FirewallRules: [{12EB799B-0169-406C-9757-72E0C11410E3}] => (Block) D:\steamlibrary\steamapps\common\total war rome ii\rome2.exe
FirewallRules: [{1A1F20A9-3FA1-4601-BCF7-158E0840FBC0}] => (Block) D:\steamlibrary\steamapps\common\total war rome ii\rome2.exe
FirewallRules: [{3023538D-D9E3-4BD9-AF4B-ECAA64DA9557}] => (Allow) D:\Orgin Games\Battlefield 3\bf3.exe
FirewallRules: [{4C50757B-B5A5-4581-A9BF-9C96BAF11FAB}] => (Allow) D:\Orgin Games\Battlefield 3\bf3.exe
FirewallRules: [{6DFE8635-5A38-4C6E-BBF8-AC6B26DE5432}] => (Allow) D:\SteamLibrary\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{6D99BE61-1D31-4A05-89E5-EAD7FB3FF301}] => (Allow) D:\SteamLibrary\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{3D63575B-05F6-4AFA-B34B-046C36F1309F}] => (Allow) D:\SteamLibrary\steamapps\common\ShadowOfMordor\x64\ShadowOfMordor.exe
FirewallRules: [{EFD530EB-54D4-4D8D-BE4D-CB3A8BA317FB}] => (Allow) D:\SteamLibrary\steamapps\common\ShadowOfMordor\x64\ShadowOfMordor.exe
FirewallRules: [TCP Query User{F58677F6-C267-4C24-BA8D-EBF8B2439216}C:\program files (x86)\vb\voicemeeter\voicemeeter.exe] => (Block) C:\program files (x86)\vb\voicemeeter\voicemeeter.exe
FirewallRules: [UDP Query User{56E6ECAA-F35A-4FE4-BFB2-60000AA6CEB9}C:\program files (x86)\vb\voicemeeter\voicemeeter.exe] => (Block) C:\program files (x86)\vb\voicemeeter\voicemeeter.exe
FirewallRules: [{88B45146-DB6D-4B10-9C84-BCB8C5BD6817}] => (Allow) D:\SteamLibrary\steamapps\common\Prison Architect\Prison Architect Safe Mode.exe
FirewallRules: [{AE38694D-5B55-4B8D-AAA8-FAF1EA2798E7}] => (Allow) D:\SteamLibrary\steamapps\common\Prison Architect\Prison Architect Safe Mode.exe
FirewallRules: [TCP Query User{F8916A04-6E6E-4E10-89AB-BACAB03BC9C0}D:\steamlibrary\steamapps\common\grand theft auto v\gta5.exe] => (Allow) D:\steamlibrary\steamapps\common\grand theft auto v\gta5.exe
FirewallRules: [UDP Query User{C25C4CC2-A196-43CA-9590-EC3C0D53455C}D:\steamlibrary\steamapps\common\grand theft auto v\gta5.exe] => (Allow) D:\steamlibrary\steamapps\common\grand theft auto v\gta5.exe
FirewallRules: [{AEB70EAD-ED85-410F-BFD4-51BF94B2C47C}] => (Allow) D:\SteamLibrary\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame_BE.exe
FirewallRules: [{9DD002F7-F202-4349-B41F-C374224AC4A2}] => (Allow) D:\SteamLibrary\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame_BE.exe
FirewallRules: [{3D99E801-DF91-4A8D-8219-9AFE5F4B17EF}] => (Allow) D:\SteamLibrary\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame.exe
FirewallRules: [{F14425A1-F39D-4DE6-8935-A07C80BE9506}] => (Allow) D:\SteamLibrary\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame.exe
FirewallRules: [{9FE71A95-0AFD-4528-BFA4-0053FA742D8B}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{D2AFA145-884B-4F3F-B042-AE1D312FDDD7}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{76188C83-0C7D-4DC9-BA8B-3216043E4033}] => (Allow) D:\SteamLibrary\steamapps\common\Dark Souls II Scholar of the First Sin\Game\DarkSoulsII.exe
FirewallRules: [{2B3FE226-BA15-4412-9825-0C6DCA68B6BC}] => (Allow) D:\SteamLibrary\steamapps\common\Dark Souls II Scholar of the First Sin\Game\DarkSoulsII.exe
FirewallRules: [{305D0305-C3C9-478F-AE66-D9260958B79D}] => (Allow) D:\SteamLibrary\steamapps\common\Kerbal Space Program\KSP.exe
FirewallRules: [{5116A947-B3BA-4580-9EB5-F638617B1964}] => (Allow) D:\SteamLibrary\steamapps\common\Kerbal Space Program\KSP.exe
FirewallRules: [{845E762B-206C-4E45-848E-C5800EC741B5}] => (Allow) D:\SteamLibrary\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{5300F81E-3F8D-4833-A95E-2BD12DF0644E}] => (Allow) D:\SteamLibrary\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{8255D2C6-1155-4E44-A36C-A8FC3D20581F}] => (Allow) D:\SteamLibrary\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe
FirewallRules: [{FCB0012D-665F-4215-B978-7A1D82A28C2C}] => (Allow) D:\SteamLibrary\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe
FirewallRules: [{9DC10A9E-8E21-4FFA-A2BA-253EEEE80455}] => (Allow) D:\SteamLibrary\steamapps\common\Arma 3\arma3launcher.exe
FirewallRules: [{A006DD83-CBA1-46A3-A5A5-0E0232DFB6BD}] => (Allow) D:\SteamLibrary\steamapps\common\Arma 3\arma3launcher.exe
FirewallRules: [TCP Query User{7DF69C21-88EB-4F6D-BD27-15999D0A69B3}D:\steamlibrary\steamapps\common\arma 3\arma3.exe] => (Allow) D:\steamlibrary\steamapps\common\arma 3\arma3.exe
FirewallRules: [UDP Query User{9B39D36B-13BD-4B78-96E8-8AE4D8B514DA}D:\steamlibrary\steamapps\common\arma 3\arma3.exe] => (Allow) D:\steamlibrary\steamapps\common\arma 3\arma3.exe
FirewallRules: [{3F733ECC-C213-4C57-A07C-5DB100770D54}] => (Allow) D:\SteamLibrary\steamapps\common\Kerbal Space Program\KSP_x64.exe
FirewallRules: [{A4EAF572-75D7-41FB-97A8-47C1197B01AF}] => (Allow) D:\SteamLibrary\steamapps\common\Kerbal Space Program\KSP_x64.exe
FirewallRules: [TCP Query User{9B300718-BBC8-43FF-BEE5-0D213AD4116D}D:\orgin games\battlefield 4\bf4.exe] => (Allow) D:\orgin games\battlefield 4\bf4.exe
FirewallRules: [UDP Query User{63E86EF9-1FCA-4982-9FCE-AE51FE6909C3}D:\orgin games\battlefield 4\bf4.exe] => (Allow) D:\orgin games\battlefield 4\bf4.exe
FirewallRules: [{2393FD57-BA1A-4567-8468-CB9AFD2054E3}] => (Allow) D:\SteamLibrary\steamapps\common\Skyrim\skse_steam_boot.exe
FirewallRules: [{A56824E1-753D-4E55-A37D-9CFB9DBEBC80}] => (Allow) D:\SteamLibrary\steamapps\common\Skyrim\skse_steam_boot.exe
FirewallRules: [TCP Query User{C91F9AF3-A23E-478C-98F4-102A4798A670}C:\program files\comicrack\comicrack.exe] => (Allow) C:\program files\comicrack\comicrack.exe
FirewallRules: [UDP Query User{0B4AA12D-5F53-4125-BBCA-EF251502BEFD}C:\program files\comicrack\comicrack.exe] => (Allow) C:\program files\comicrack\comicrack.exe
FirewallRules: [TCP Query User{8ACAD706-6870-47F7-B014-4DCD94E11478}C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe
FirewallRules: [UDP Query User{F6C6B8A0-AA78-4E4B-8077-399F0B563FBE}C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe
FirewallRules: [TCP Query User{08E75C0D-916B-4FCB-AF5A-49EE906D895E}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe
FirewallRules: [UDP Query User{F540848A-1425-45D3-A357-351ABA951934}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe
FirewallRules: [{FE0DBC24-6E9E-417F-B2AC-EFC778B6F029}] => (Allow) D:\SteamLibrary\steamapps\common\Scribblenauts\Scribble.exe
FirewallRules: [{14810973-194B-4AD2-AF1E-917652D4EC95}] => (Allow) D:\SteamLibrary\steamapps\common\Scribblenauts\Scribble.exe
FirewallRules: [{69B1E2E8-8BB4-4C13-9298-2FB513A3E53C}] => (Allow) D:\SteamLibrary\steamapps\common\Skyrim\CreationKit.exe
FirewallRules: [{95502921-A9CF-4E94-9949-2F2201B333E1}] => (Allow) D:\SteamLibrary\steamapps\common\Skyrim\CreationKit.exe
FirewallRules: [TCP Query User{DD514CE1-1C72-4191-93C4-21B8BCDE27F0}C:\program files (x86)\jetbrains\pycharm community edition 2016.1.3\bin\pycharm.exe] => (Block) C:\program files (x86)\jetbrains\pycharm community edition 2016.1.3\bin\pycharm.exe
FirewallRules: [UDP Query User{8CCBD2D5-6B00-45F9-AF0E-50DE1C66C093}C:\program files (x86)\jetbrains\pycharm community edition 2016.1.3\bin\pycharm.exe] => (Block) C:\program files (x86)\jetbrains\pycharm community edition 2016.1.3\bin\pycharm.exe
FirewallRules: [TCP Query User{A7418EA0-C01B-4162-8235-5FF2D4835298}C:\program files (x86)\epic games\4.11\engine\binaries\win64\ue4editor.exe] => (Allow) C:\program files (x86)\epic games\4.11\engine\binaries\win64\ue4editor.exe
FirewallRules: [UDP Query User{646F9C9E-FB86-4B8A-B266-E49FD1BCBAEB}C:\program files (x86)\epic games\4.11\engine\binaries\win64\ue4editor.exe] => (Allow) C:\program files (x86)\epic games\4.11\engine\binaries\win64\ue4editor.exe
FirewallRules: [{8B50549F-9889-4A43-9BB5-34ED9FA75B1C}] => (Block) C:\program files (x86)\epic games\4.11\engine\binaries\win64\ue4editor.exe
FirewallRules: [{56C380C3-72E9-4F4F-B585-A59CBED8A1F7}] => (Block) C:\program files (x86)\epic games\4.11\engine\binaries\win64\ue4editor.exe
FirewallRules: [TCP Query User{25F86908-812A-4E33-98C6-A160F5CDE983}D:\new folder\diablo iii\diablo iii.exe] => (Allow) D:\new folder\diablo iii\diablo iii.exe
FirewallRules: [UDP Query User{AFCBBF16-76D9-4809-994A-0AA35A9B187E}D:\new folder\diablo iii\diablo iii.exe] => (Allow) D:\new folder\diablo iii\diablo iii.exe
FirewallRules: [{D9BE207B-BE5F-4293-84AC-66A39BDF85E2}] => (Allow) D:\SteamLibrary\steamapps\common\ElseHeartbreak\ElseHeartbreak.exe
FirewallRules: [{1A98877F-2DC8-463B-BB42-A59890A3FEF1}] => (Allow) D:\SteamLibrary\steamapps\common\ElseHeartbreak\ElseHeartbreak.exe
FirewallRules: [{902E2630-BDFD-44FD-B71E-0E5FAFE3D979}] => (Allow) C:\Program Files (x86)\Sony\PS4 Remote Play\RemotePlay.exe
FirewallRules: [{A5F653A0-B895-4346-ADCD-35753AB05C27}] => (Allow) D:\SteamLibrary\steamapps\common\Grand Theft Auto V\GTAVLauncher.exe
FirewallRules: [{4C30EC10-B4BB-4794-BB12-C98AE31C5A4A}] => (Allow) D:\SteamLibrary\steamapps\common\Grand Theft Auto V\GTAVLauncher.exe
FirewallRules: [{A03BCB50-88B8-487A-83DE-1CF6EAFD3D2B}] => (Block) D:\SteamLibrary\steamapps\common\Grand Theft Auto V\GTA5.exe
FirewallRules: [{B3714940-4A77-4AFE-8AAF-14473ECB1122}] => (Allow) D:\SteamLibrary\steamapps\common\3DMark\3DMarkLauncher.exe
FirewallRules: [{11B2AF69-69F2-41EE-8CED-E95484AEE3DA}] => (Allow) D:\SteamLibrary\steamapps\common\3DMark\3DMarkLauncher.exe
FirewallRules: [{0C2E6E27-8A86-43D5-9C60-5AE064989C4F}] => (Allow) D:\SteamLibrary\steamapps\common\PAYDAY 2\payday2_win32_release.exe
FirewallRules: [{ECCA97B9-0016-4662-B9A5-0F1679674CCE}] => (Allow) D:\SteamLibrary\steamapps\common\PAYDAY 2\payday2_win32_release.exe
FirewallRules: [{8785C546-AE23-4383-8B3D-BEDDC95B9FD1}] => (Allow) D:\SteamLibrary\steamapps\common\MGS_TPP\mgsvtpp.exe
FirewallRules: [{C65DDA33-D500-4CC3-9E74-45A453BB4D9E}] => (Allow) D:\SteamLibrary\steamapps\common\MGS_TPP\mgsvtpp.exe
FirewallRules: [{68614EAB-1AB2-45E7-A4CD-191EDF012632}] => (Allow) D:\SteamLibrary\steamapps\common\Dead by Daylight Alpha Access\DeadByDaylight.exe
FirewallRules: [{B73AF055-FEB6-41AA-AF16-ACAA69AB9559}] => (Allow) D:\SteamLibrary\steamapps\common\Dead by Daylight Alpha Access\DeadByDaylight.exe
FirewallRules: [{72E6A90E-0D96-4D90-B200-B684446878B3}] => (Allow) D:\SteamLibrary\steamapps\common\Rust\Rust.exe
FirewallRules: [{8BA13884-B136-40C1-AB9D-E6DBB894D7CB}] => (Allow) D:\SteamLibrary\steamapps\common\Rust\Rust.exe
FirewallRules: [TCP Query User{5B9D25C2-8038-4C4A-8135-BB0E3501517B}D:\steamlibrary\steamapps\common\dead by daylight alpha access\deadbydaylight\binaries\win64\deadbydaylight-win64-shipping.exe] => (Allow) D:\steamlibrary\steamapps\common\dead by daylight alpha access\deadbydaylight\binaries\win64\deadbydaylight-win64-shipping.exe
FirewallRules: [UDP Query User{51CA0652-1891-46EF-B89E-6550D78D7B34}D:\steamlibrary\steamapps\common\dead by daylight alpha access\deadbydaylight\binaries\win64\deadbydaylight-win64-shipping.exe] => (Allow) D:\steamlibrary\steamapps\common\dead by daylight alpha access\deadbydaylight\binaries\win64\deadbydaylight-win64-shipping.exe
FirewallRules: [{F452B940-DFC7-41E0-BC10-A3F364960CA1}] => (Allow) D:\SteamLibrary\steamapps\common\3DMark\bin\x86\3DMark.exe
FirewallRules: [{564989FF-FEC8-4373-B0E7-090E8921F359}] => (Allow) D:\SteamLibrary\steamapps\common\3DMark\bin\x86\3DMark.exe
FirewallRules: [{6B3CBABE-EB5B-4D70-95D8-49B2A8076FC6}] => (Allow) D:\SteamLibrary\steamapps\common\3DMark\bin\x64\3DMark.exe
FirewallRules: [{03B5132C-5F2B-4482-BE53-3602F672001F}] => (Allow) D:\SteamLibrary\steamapps\common\3DMark\bin\x64\3DMark.exe
FirewallRules: [{ACE2D345-54C0-4D9C-950D-D9ED89C2A0F2}] => (Allow) D:\SteamLibrary\steamapps\common\War Thunder\launcher.exe
FirewallRules: [{697781B2-801A-4CAB-8A2D-C36145447F21}] => (Allow) D:\SteamLibrary\steamapps\common\War Thunder\launcher.exe
FirewallRules: [TCP Query User{0E939696-0B83-4A80-931B-060BC22703F2}D:\steamlibrary\steamapps\common\war thunder\win64\aces.exe] => (Allow) D:\steamlibrary\steamapps\common\war thunder\win64\aces.exe
FirewallRules: [UDP Query User{88AF8F0E-6C68-48CF-B4D5-74E9ABD8F4E6}D:\steamlibrary\steamapps\common\war thunder\win64\aces.exe] => (Allow) D:\steamlibrary\steamapps\common\war thunder\win64\aces.exe
FirewallRules: [TCP Query User{14147FB7-A06E-4D89-B2F6-56BABF4A9EC7}C:\games\world_of_warships\wowslauncher.exe] => (Allow) C:\games\world_of_warships\wowslauncher.exe
FirewallRules: [UDP Query User{5FAB71ED-6CA5-44ED-ABE6-2EF9D4601468}C:\games\world_of_warships\wowslauncher.exe] => (Allow) C:\games\world_of_warships\wowslauncher.exe
FirewallRules: [TCP Query User{1955BCD8-BDF7-4FA7-ABCE-A850D0CFF5FB}D:\world_of_warships\wowslauncher.exe] => (Allow) D:\world_of_warships\wowslauncher.exe
FirewallRules: [UDP Query User{C574DE1C-0A0D-4916-A57A-A2CD5A3ED27C}D:\world_of_warships\wowslauncher.exe] => (Allow) D:\world_of_warships\wowslauncher.exe
FirewallRules: [{2C99805B-B8CE-49D3-AC3E-52CE68CEA75C}] => (Allow) D:\SteamLibrary\steamapps\common\Sid Meier's Civilization V\Launcher.exe
FirewallRules: [{01ABB039-FE23-4896-8D81-C3CBF6D1A853}] => (Allow) D:\SteamLibrary\steamapps\common\Sid Meier's Civilization V\Launcher.exe
FirewallRules: [TCP Query User{7A20C46F-75FC-44CF-97BA-9AB403F0F0FE}C:\program files (x86)\steam\steamapps\common\war thunder\win64\aces.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\war thunder\win64\aces.exe
FirewallRules: [UDP Query User{F6FA96F6-A6BC-4A52-B9CD-A7CFBF001DC7}C:\program files (x86)\steam\steamapps\common\war thunder\win64\aces.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\war thunder\win64\aces.exe
FirewallRules: [{62C8AA00-A783-44BE-ABF2-667667DA501B}] => (Allow) I:\SteamLibrary\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{6648D102-4A83-43C6-9AF8-808AAB7FB096}] => (Allow) I:\SteamLibrary\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{D0AEA74F-F714-4441-B754-FB12436A1012}] => (Allow) I:\SteamLibrary\steamapps\common\Grand Theft Auto V\GTAVLauncher.exe
FirewallRules: [{368DCEC0-E82A-40E1-A57F-0172A7B1FDEC}] => (Allow) I:\SteamLibrary\steamapps\common\Grand Theft Auto V\GTAVLauncher.exe
FirewallRules: [{FFF3E6AD-FCB2-4B4E-B37D-C261A0FF8C85}] => (Allow) I:\SteamLibrary\steamapps\common\pCars\pCARS64.exe
FirewallRules: [{01B23FF9-27D8-4443-AB0F-EFFE664230BF}] => (Allow) I:\SteamLibrary\steamapps\common\pCars\pCARS64.exe
FirewallRules: [{22400620-3413-47FA-A9D0-1DAFA92A819F}] => (Allow) I:\SteamLibrary\steamapps\common\Arma 3\arma3launcher.exe
FirewallRules: [{3EEB877D-6950-406E-94F7-A4CE55EEE61D}] => (Allow) I:\SteamLibrary\steamapps\common\Arma 3\arma3launcher.exe
FirewallRules: [{959660DA-B4E6-4E90-ADDE-4E67FEAFD3C6}] => (Allow) I:\SteamLibrary\steamapps\common\Dark Souls II Scholar of the First Sin\Game\DarkSoulsII.exe
FirewallRules: [{616E8869-1683-4E98-9673-2B050599BD1D}] => (Allow) I:\SteamLibrary\steamapps\common\Dark Souls II Scholar of the First Sin\Game\DarkSoulsII.exe
FirewallRules: [{BDF13E56-575C-4F1B-96D5-CF151605DAAA}] => (Allow) I:\SteamLibrary\steamapps\common\PAYDAY 2\payday2_win32_release.exe
FirewallRules: [{B6D00C86-AB2E-4F44-86EE-62C9CCAB54A2}] => (Allow) I:\SteamLibrary\steamapps\common\PAYDAY 2\payday2_win32_release.exe
FirewallRules: [{BD3CA83E-C579-44AC-BCEC-D75E954C3D43}] => (Allow) I:\SteamLibrary\steamapps\common\Total War Rome II\launcher\launcher.exe
FirewallRules: [{6D86AD55-758D-4D7D-AB9F-325E2102B5B9}] => (Allow) I:\SteamLibrary\steamapps\common\Total War Rome II\launcher\launcher.exe
FirewallRules: [{70C76D6B-9B99-40EF-88A2-4F9B57151F71}] => (Allow) I:\SteamLibrary\steamapps\common\ShadowOfMordor\x64\ShadowOfMordor.exe
FirewallRules: [{FD427294-FE99-4CDE-A46D-B35BC0CB2F2F}] => (Allow) I:\SteamLibrary\steamapps\common\ShadowOfMordor\x64\ShadowOfMordor.exe
FirewallRules: [{77E4E94A-0F79-4883-87C7-CB4348E125F5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame_BE.exe
FirewallRules: [{988BF24E-D78B-4011-86AD-23894B4569BA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame_BE.exe
FirewallRules: [{9AC6917D-A72C-469D-90A3-DCFB4E0492A3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame.exe
FirewallRules: [{4D753139-C493-4872-92F4-DC531A5D186A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame.exe
FirewallRules: [TCP Query User{C3754E0E-EAA9-42F0-985D-CEEA27591A02}C:\users\bartdavy\desktop\teamspeak3-server_win64-3.0.12.4\teamspeak3-server_win64\ts3server.exe] => (Allow) C:\users\bartdavy\desktop\teamspeak3-server_win64-3.0.12.4\teamspeak3-server_win64\ts3server.exe
FirewallRules: [UDP Query User{2B606AEF-2FB4-4631-9473-A6DADA722A47}C:\users\bartdavy\desktop\teamspeak3-server_win64-3.0.12.4\teamspeak3-server_win64\ts3server.exe] => (Allow) C:\users\bartdavy\desktop\teamspeak3-server_win64-3.0.12.4\teamspeak3-server_win64\ts3server.exe
FirewallRules: [{27624C65-F1CC-47CB-9D3F-4D9D9AAE3A28}] => (Allow) I:\SteamLibrary\steamapps\common\Blood and Bacon\BloodandBacon.exe
FirewallRules: [{1E280C9C-DFD4-442D-BBE5-42690E5897CD}] => (Allow) I:\SteamLibrary\steamapps\common\Blood and Bacon\BloodandBacon.exe
FirewallRules: [TCP Query User{3ED2847F-2551-46D6-8152-4006CA390561}C:\program files\adobe\adobe after effects cc 2015.3\support files\afterfx.exe] => (Allow) C:\program files\adobe\adobe after effects cc 2015.3\support files\afterfx.exe
FirewallRules: [UDP Query User{3D82CFB3-AFEB-45BC-A35E-0CE320CBB4E2}C:\program files\adobe\adobe after effects cc 2015.3\support files\afterfx.exe] => (Allow) C:\program files\adobe\adobe after effects cc 2015.3\support files\afterfx.exe
FirewallRules: [{654DDE41-2B2E-4428-83C9-097A7561825B}] => (Block) C:\program files\adobe\adobe after effects cc 2015.3\support files\afterfx.exe
FirewallRules: [{EE807F41-A7CA-4F1F-A83F-C361D5A59DB3}] => (Block) C:\program files\adobe\adobe after effects cc 2015.3\support files\afterfx.exe
FirewallRules: [TCP Query User{A2EF3F15-1B9B-45FB-A209-99F67D64856E}C:\program files (x86)\pp助手5.0\pphelper5.exe] => (Allow) C:\program files (x86)\pp助手5.0\pphelper5.exe
FirewallRules: [UDP Query User{F2A9FEFE-8A47-4E88-8C71-F11A62A723DF}C:\program files (x86)\pp助手5.0\pphelper5.exe] => (Allow) C:\program files (x86)\pp助手5.0\pphelper5.exe
FirewallRules: [TCP Query User{CBF0C072-075D-4CD9-8C14-57EC1D34F661}C:\program files (x86)\pp助手5.0\adevicehelpermon.exe] => (Allow) C:\program files (x86)\pp助手5.0\adevicehelpermon.exe
FirewallRules: [UDP Query User{8B8BA94A-7426-4686-AF5B-E2AA15C09A5C}C:\program files (x86)\pp助手5.0\adevicehelpermon.exe] => (Allow) C:\program files (x86)\pp助手5.0\adevicehelpermon.exe
FirewallRules: [{45A3EFFC-DC2C-49E0-9832-F856F883B334}] => (Block) C:\program files (x86)\pp助手5.0\adevicehelpermon.exe
FirewallRules: [{988D275F-C6AD-45D2-A6C7-6B8C91DBCA45}] => (Block) C:\program files (x86)\pp助手5.0\adevicehelpermon.exe
FirewallRules: [{B7D3BF7D-28E1-4D6E-A277-64B492C362C5}] => (Block) C:\program files (x86)\pp助手5.0\pphelper5.exe
FirewallRules: [{053E46FC-C9D7-4228-BB9D-31B47760152D}] => (Block) C:\program files (x86)\pp助手5.0\pphelper5.exe
FirewallRules: [{7351D3F3-957C-499F-9F0D-C8AC0CCE09BF}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{1077466B-495A-4E04-98C0-0583812F2275}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{AF3622C1-962F-4654-90DE-4BFDD28F5AB1}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{F33B8513-71E3-4B57-8654-C059D5D6FBB8}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{E639E790-C399-4838-AA43-7135CD9D7948}] => (Allow) C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe
FirewallRules: [{B2E875FF-69AD-4E32-A9AD-C59A51D2402A}] => (Allow) C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe
FirewallRules: [{1F5026A9-F09B-41E5-BB49-845E57FC7ED8}] => (Allow) I:\Orgin Games\Battlefield 4\BF4WebHelper.exe
FirewallRules: [{7DC3EB2C-720C-4D38-8B20-8A17B793D128}] => (Allow) I:\Orgin Games\Battlefield 4\BF4WebHelper.exe
FirewallRules: [{67F36B47-3265-46F0-A4E9-82BAD3BB104A}] => (Allow) I:\Orgin Games\Battlefield 4\BF4X86WebHelper.exe
FirewallRules: [{DEEFBACA-F954-4F9E-8549-D46E1F96855D}] => (Allow) I:\Orgin Games\Battlefield 4\BF4X86WebHelper.exe
FirewallRules: [TCP Query User{20AF91A2-0418-4FB1-97E8-639AE3741D72}I:\steamlibrary\steamapps\common\grand theft auto v\gta5.exe] => (Allow) I:\steamlibrary\steamapps\common\grand theft auto v\gta5.exe
FirewallRules: [UDP Query User{CCC55CBD-3F13-4A1F-873F-675EA9654DFF}I:\steamlibrary\steamapps\common\grand theft auto v\gta5.exe] => (Allow) I:\steamlibrary\steamapps\common\grand theft auto v\gta5.exe
FirewallRules: [TCP Query User{278E7FCA-F94E-45C8-A8E1-7DB103428CD6}I:\orgin games\battlefield 4\bf4.exe] => (Allow) I:\orgin games\battlefield 4\bf4.exe
FirewallRules: [UDP Query User{5435AA6B-D233-4326-AACF-0E3B9AF66031}I:\orgin games\battlefield 4\bf4.exe] => (Allow) I:\orgin games\battlefield 4\bf4.exe
FirewallRules: [{EE401CBD-48B8-4CFA-95DA-C61F226F32D0}] => (Allow) I:\SteamLibrary\steamapps\common\SourceFilmmaker\game\sfm.exe
FirewallRules: [{F2A02B11-64C2-4327-BBEF-01FDEA4D1132}] => (Allow) I:\SteamLibrary\steamapps\common\SourceFilmmaker\game\sfm.exe
FirewallRules: [{DF6B8A12-FAD8-48F7-9612-F7A329BBB786}] => (Allow) I:\SteamLibrary\steamapps\common\SourceFilmmaker\game\bin\qsdklauncher.exe
FirewallRules: [{79872487-214F-46AD-837B-790BF4C1F6CC}] => (Allow) I:\SteamLibrary\steamapps\common\SourceFilmmaker\game\bin\qsdklauncher.exe
FirewallRules: [{9FDCB246-3DC8-48F6-9542-0E6B17106B58}] => (Allow) I:\SteamLibrary\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{0A1C4574-B4E7-44CF-A3C5-CAAE3676A28D}] => (Allow) I:\SteamLibrary\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{7F3D40D7-ED59-44C3-B39F-2C752440C5AB}] => (Allow) I:\SteamLibrary\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe
FirewallRules: [{5BD67711-108E-4D83-8C26-AC62D5141218}] => (Allow) I:\SteamLibrary\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe
FirewallRules: [TCP Query User{E233A581-824C-4935-9B5B-1EE3107A5437}I:\steamlibrary\steamapps\common\arma 3\arma3.exe] => (Allow) I:\steamlibrary\steamapps\common\arma 3\arma3.exe
FirewallRules: [UDP Query User{477DE575-1BBF-446E-8AFB-5845C5B4E765}I:\steamlibrary\steamapps\common\arma 3\arma3.exe] => (Allow) I:\steamlibrary\steamapps\common\arma 3\arma3.exe
FirewallRules: [TCP Query User{EEF14729-E4BA-426F-814E-A929DFBFF0AA}I:\steamlibrary\steamapps\common\dayz\dayz.exe] => (Allow) I:\steamlibrary\steamapps\common\dayz\dayz.exe
FirewallRules: [UDP Query User{C71489AA-B408-4B24-BBB9-917C570C5016}I:\steamlibrary\steamapps\common\dayz\dayz.exe] => (Allow) I:\steamlibrary\steamapps\common\dayz\dayz.exe
FirewallRules: [TCP Query User{CA9B4C11-3D8C-4144-9F0D-C223C1A28CB3}I:\wow\diablo iii\diablo iii.exe] => (Allow) I:\wow\diablo iii\diablo iii.exe
FirewallRules: [UDP Query User{96C7FCA3-91E0-4EDF-997A-6F9442316D99}I:\wow\diablo iii\diablo iii.exe] => (Allow) I:\wow\diablo iii\diablo iii.exe
FirewallRules: [{0C2D604C-DF17-41F7-951C-26DEBC3E33B3}] => (Allow) I:\Games\Tom Clancy's Rainbow Six Siege\RainbowSix.exe
FirewallRules: [{FF8D977D-DAFB-43CE-8490-7B2633888FFA}] => (Allow) I:\Games\Tom Clancy's Rainbow Six Siege\RainbowSix.exe
FirewallRules: [{90949F38-DCD1-4A4F-B104-8A6F77A91C80}] => (Allow) I:\Games\Tom Clancy's Rainbow Six Siege\RainbowSixGame.exe
FirewallRules: [{26C216F6-F0DC-4FCB-A80A-6817C5DE5A69}] => (Allow) I:\Games\Tom Clancy's Rainbow Six Siege\RainbowSixGame.exe
FirewallRules: [{BD8734C1-D246-44EC-87E7-3AE3503B42CF}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{D7F785D5-7D71-478B-8BA7-9B19020AEE9E}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{9321D8E4-FCD8-4F60-8005-F007E42F5827}] => (Allow) I:\SteamLibrary\steamapps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [{522B8506-3A33-429A-A68E-089DD7C13B93}] => (Allow) I:\SteamLibrary\steamapps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [TCP Query User{60554061-5CAF-49BF-B364-B19ECD1CE4D0}I:\wow\overwatch\overwatch.exe] => (Allow) I:\wow\overwatch\overwatch.exe
FirewallRules: [UDP Query User{70209A7B-18EE-4661-93C4-3FFFB6D269F2}I:\wow\overwatch\overwatch.exe] => (Allow) I:\wow\overwatch\overwatch.exe
FirewallRules: [TCP Query User{92088C04-CD71-4A36-B809-0C11119CD4B5}I:\steamlibrary\steamapps\common\eve online\sharedcache\tq\bin\exefile.exe] => (Allow) I:\steamlibrary\steamapps\common\eve online\sharedcache\tq\bin\exefile.exe
FirewallRules: [UDP Query User{FAFD86C2-A000-4D0E-9372-34EFCB503A07}I:\steamlibrary\steamapps\common\eve online\sharedcache\tq\bin\exefile.exe] => (Allow) I:\steamlibrary\steamapps\common\eve online\sharedcache\tq\bin\exefile.exe
FirewallRules: [{568209E9-D2A9-467C-9888-B042587A8B6F}] => (Allow) I:\SteamLibrary\steamapps\common\GarrysMod\hl2.exe
FirewallRules: [{3D04C6C0-6117-4E98-80EE-499D544EA46F}] => (Allow) I:\SteamLibrary\steamapps\common\GarrysMod\hl2.exe
FirewallRules: [{35251313-CB7B-458A-939E-5C728C7D6E38}] => (Allow) I:\SteamLibrary\steamapps\common\The Witcher 3\bin\x64\witcher3.exe
FirewallRules: [{0E9F79DD-D043-4A88-8C63-EFB5C805BDE4}] => (Allow) I:\SteamLibrary\steamapps\common\The Witcher 3\bin\x64\witcher3.exe
FirewallRules: [TCP Query User{0D38F78A-B602-4BAE-9DAE-018B4CBE08D7}I:\wow\heroes of the storm\versions\base48760\heroesofthestorm_x64.exe] => (Allow) I:\wow\heroes of the storm\versions\base48760\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{A8F2CC4A-47E5-46BE-A482-471058F4F5E1}I:\wow\heroes of the storm\versions\base48760\heroesofthestorm_x64.exe] => (Allow) I:\wow\heroes of the storm\versions\base48760\heroesofthestorm_x64.exe
FirewallRules: [{1C077850-56EB-4CA5-B2A6-CD2EDAAB065E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe
FirewallRules: [{DAA7C698-9BD7-42E9-9F26-22A7248D029D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe
FirewallRules: [{AE8F205F-CB9E-4F3D-9890-BEEBC513BA93}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{E4C15976-0612-4EB1-83B4-54750561F7D6}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{F2E10D5D-CEF1-451C-8A51-D40732AD88CE}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{7544058C-6ECD-4DD5-9B2A-1AEF6098FE6E}] => (Allow) I:\SteamLibrary\steamapps\common\Prison Architect\Prison Architect.exe
FirewallRules: [{D1CCBC2F-F080-4909-81A7-52F6132E6A53}] => (Allow) I:\SteamLibrary\steamapps\common\Prison Architect\Prison Architect.exe
FirewallRules: [{2AE54531-3B39-4C69-B3DF-DC73656289C1}] => (Allow) I:\SteamLibrary\steamapps\common\Prison Architect\Prison Architect Safe Mode.exe
FirewallRules: [{588C0332-2E98-4D36-95C3-8BB59285496C}] => (Allow) I:\SteamLibrary\steamapps\common\Prison Architect\Prison Architect Safe Mode.exe
FirewallRules: [{36508704-43C8-455D-A488-452A7EB09B8A}] => (Allow) I:\SteamLibrary\steamapps\common\XCOM 2\Binaries\Win64\Launcher\ModLauncherWPF.exe
FirewallRules: [{218CF8D6-544E-40BF-8356-5768A7334313}] => (Allow) I:\SteamLibrary\steamapps\common\XCOM 2\Binaries\Win64\Launcher\ModLauncherWPF.exe
FirewallRules: [TCP Query User{E9BBFD71-ADD1-442D-AD69-65B7F35039B4}I:\steamlibrary\steamapps\common\xcom 2\binaries\win64\xcom2.exe] => (Allow) I:\steamlibrary\steamapps\common\xcom 2\binaries\win64\xcom2.exe
FirewallRules: [UDP Query User{069DA7E2-DF99-4767-840C-A1033A3F21F0}I:\steamlibrary\steamapps\common\xcom 2\binaries\win64\xcom2.exe] => (Allow) I:\steamlibrary\steamapps\common\xcom 2\binaries\win64\xcom2.exe
FirewallRules: [{08D38F3B-9D90-49AE-8947-81C3E37DF7C8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Total War Rome II\launcher\launcher.exe
FirewallRules: [{143AE9FE-2766-4B59-B57C-C9CD33975C02}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Total War Rome II\launcher\launcher.exe
FirewallRules: [TCP Query User{FDF24556-FC9D-49FB-BF86-FC707B26F048}C:\program files (x86)\steam\steamapps\common\total war rome ii\rome2.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\total war rome ii\rome2.exe
FirewallRules: [UDP Query User{BA04AD87-5F9E-4B30-AAF8-1B32FF9842E6}C:\program files (x86)\steam\steamapps\common\total war rome ii\rome2.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\total war rome ii\rome2.exe
FirewallRules: [{3901A783-DBBD-4FDE-9D27-81DD3E2D198A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Trove\GlyphClient.exe
FirewallRules: [{A9C4C804-7349-4E87-8813-7BFD497D7DC8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Trove\GlyphClient.exe
FirewallRules: [{43409671-174F-4748-A426-AC6EF4BE5291}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{061F8248-D479-43FE-A555-C7A1925A8A43}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
FirewallRules: [{3C5A5B86-1D80-4D2C-8F22-320D81946322}] => (Allow) I:\SteamLibrary\steamapps\common\FSX\fsx.exe
FirewallRules: [{D60FF97C-250B-46A8-8D26-4654CD3AD1E1}] => (Allow) I:\SteamLibrary\steamapps\common\FSX\fsx.exe
 
==================== Restore Points =========================
 
 
==================== Faulty Device Manager Devices =============
 
Name: 
Description: 
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
 
Name: NVIDIA GeForce GTX 960
Description: NVIDIA GeForce GTX 960
Class Guid: {4d36e968-e325-11ce-bfc1-08002be10318}
Manufacturer: NVIDIA
Service: nvlddmkm
Problem: : Windows has stopped this device because it has reported problems. (Code 43)
Resolution: One of the drivers controlling the device notified the operating system that the device failed in some manner. For more information about how to diagnose the problem, see the hardware documentation. 
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (02/23/2017 08:02:35 AM) (Source: System Restore) (EventID: 8193) (User: )
Description: Failed to create restore point (Process = C:\Windows\system32\srtasks.exe ExecuteScheduledSPPCreation; Description = Scheduled Checkpoint; Error = 0x80070422).
 
Error: (02/23/2017 07:24:46 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: rundll32.exe_invagent.dll, version: 10.0.10240.16384, time stamp: 0x559f39d6
Faulting module name: aeinv.dll, version: 10.0.10240.17202, time stamp: 0x582feb95
Exception code: 0xc0000005
Fault offset: 0x000000000000b9b7
Faulting process id: 0x6d8
Faulting application start time: 0x01d28dd5180fa843
Faulting application path: C:\Windows\system32\rundll32.exe
Faulting module path: C:\Windows\system32\aeinv.dll
Report Id: 0e7b6ce9-078b-49cb-ba14-e7cea6aa2eed
Faulting package full name: 
Faulting package-relative application ID:
 
Error: (02/23/2017 12:14:02 AM) (Source: System Restore) (EventID: 8193) (User: )
Description: Failed to create restore point (Process = C:\Windows\system32\svchost.exe -k netsvcs; Description = Windows Update; Error = 0x80070422).
 
Error: (02/23/2017 12:03:08 AM) (Source: DbxSvc) (EventID: 320) (User: )
Description: Failed to connect to the driver: (-2147024894) The system cannot find the file specified.
 
Error: (02/22/2017 07:34:21 PM) (Source: DbxSvc) (EventID: 320) (User: )
Description: Failed to connect to the driver: (-2147024894) The system cannot find the file specified.
 
Error: (02/22/2017 07:32:28 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-LQ9RNMB)
Description: Activation of app Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI failed with error: -2144927141 See the Microsoft-Windows-TWinUI/Operational log for additional information.
 
Error: (02/22/2017 06:16:11 PM) (Source: ESENT) (EventID: 454) (User: )
Description: SettingSyncHost (6332) {A5F3E421-9616-4C8F-9C99-412460E79013}: Database recovery/restore failed with unexpected error -515.
 
Error: (02/22/2017 06:16:01 PM) (Source: ESENT) (EventID: 490) (User: )
Description: SettingSyncHost (6332) {A5F3E421-9616-4C8F-9C99-412460E79013}: An attempt to open the file "C:\Users\Bartdavy\AppData\Local\Microsoft\Windows\SettingSync\metastore\meta.edb" for read / write access failed with system error 32 (0x00000020): "The process cannot access the file because it is being used by another process. ".  The open file operation will fail with error -1032 (0xfffffbf8).
 
Error: (02/22/2017 06:15:46 PM) (Source: ESENT) (EventID: 455) (User: )
Description: SettingSyncHost (6332) {A5F3E421-9616-4C8F-9C99-412460E79013}: Error -1032 (0xfffffbf8) occurred while opening logfile C:\Users\Bartdavy\AppData\Local\Microsoft\Windows\SettingSync\metastore\edb.log.
 
Error: (02/22/2017 06:15:46 PM) (Source: ESENT) (EventID: 489) (User: )
Description: SettingSyncHost (6332) {A5F3E421-9616-4C8F-9C99-412460E79013}: An attempt to open the file "C:\Users\Bartdavy\AppData\Local\Microsoft\Windows\SettingSync\metastore\edb.log" for read only access failed with system error 32 (0x00000020): "The process cannot access the file because it is being used by another process. ".  The open file operation will fail with error -1032 (0xfffffbf8).
 
 
System errors:
=============
Error: (02/23/2017 03:44:07 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: The Xbox Live Auth Manager service terminated with the following service-specific error: 
The operation completed successfully.
 
Error: (02/23/2017 12:03:37 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Razer Game Scanner service failed to start due to the following error: 
The service did not respond to the start or control request in a timely fashion.
 
Error: (02/23/2017 12:03:37 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Razer Game Scanner service to connect.
 
Error: (02/23/2017 12:03:06 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Adobe Genuine Software Integrity Service service failed to start due to the following error: 
The system cannot find the file specified.
 
Error: (02/22/2017 07:55:32 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The User Data Access_Session1 service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 10000 milliseconds: Restart the service.
 
Error: (02/22/2017 07:55:32 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The User Data Storage_Session1 service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 10000 milliseconds: Restart the service.
 
Error: (02/22/2017 07:55:32 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Contact Data_Session1 service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 10000 milliseconds: Restart the service.
 
Error: (02/22/2017 07:55:32 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Sync Host_Session1 service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 10000 milliseconds: Restart the service.
 
Error: (02/22/2017 07:49:14 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-LQ9RNMB)
Description: The machine-default permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{5DC4F9AD-3A2B-4DF4-AC39-3FF5A19FCF4C}
 and APPID 
{CE79BC8B-2980-4CA9-9570-6E0BF5B93BF2}
 to the user DESKTOP-LQ9RNMB\Bartdavy SID (S-1-5-21-867934242-1038925789-3082475248-1001) from address LocalHost (Using LRPC) running in the application container Microsoft.WindowsStore_11602.1.26.0_x64__8wekyb3d8bbwe SID (S-1-15-2-1609473798-1231923017-684268153-4268514328-882773646-2760585773-1760938157). This security permission can be modified using the Component Services administrative tool.
 
Error: (02/22/2017 07:45:04 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: The Xbox Live Auth Manager service terminated with the following service-specific error: 
The operation completed successfully.
 
 
CodeIntegrity:
===================================
  Date: 2017-02-08 03:44:30.941
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\nvspcap64.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2017-02-08 03:44:30.919
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\nvspcap64.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2016-04-04 16:51:17.188
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume1\Users\Bartdavy\Desktop\OldNewExplorer\OldNewExplorer64.dll that did not meet the Windows signing level requirements.
 
  Date: 2016-04-04 16:50:56.340
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume1\Users\Bartdavy\Desktop\OldNewExplorer\OldNewExplorer64.dll that did not meet the Windows signing level requirements.
 
  Date: 2016-04-04 16:50:34.839
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume1\Users\Bartdavy\Desktop\OldNewExplorer\OldNewExplorer64.dll that did not meet the Windows signing level requirements.
 
  Date: 2016-04-04 16:50:07.714
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume1\Users\Bartdavy\Desktop\OldNewExplorer\OldNewExplorer64.dll that did not meet the Windows signing level requirements.
 
  Date: 2016-04-04 16:49:46.001
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume1\Users\Bartdavy\Desktop\OldNewExplorer\OldNewExplorer64.dll that did not meet the Windows signing level requirements.
 
  Date: 2016-04-04 16:46:59.952
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume1\Users\Bartdavy\Desktop\OldNewExplorer\OldNewExplorer64.dll that did not meet the Windows signing level requirements.
 
  Date: 2016-04-04 16:46:29.489
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume1\Users\Bartdavy\Desktop\OldNewExplorer\OldNewExplorer64.dll that did not meet the Windows signing level requirements.
 
  Date: 2016-04-04 16:46:07.061
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume1\Users\Bartdavy\Desktop\OldNewExplorer\OldNewExplorer64.dll that did not meet the Windows signing level requirements.
 
 
==================== Memory info =========================== 
 
Processor: Intel® Core™ i7-6700K CPU @ 4.00GHz
Percentage of memory in use: 29%
Total physical RAM: 16296.23 MB
Available physical RAM: 11518.67 MB
Total Virtual: 25512.23 MB
Available Virtual: 20699.64 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:931.07 GB) (Free:415.07 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive f: () (Removable) (Total:29.06 GB) (Free:13.77 GB) FAT32
Drive g: (ESD-USB) (Removable) (Total:14.54 GB) (Free:14.41 GB) FAT32
Drive i: (WD Black) (Fixed) (Total:931.39 GB) (Free:215.99 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 6D9131FD)
Partition 1: (Active) - (Size=931.1 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=450 MB) - (Type=27)
 Could not read MBR for disk 1.
 
========================================================
Disk: 2 (Size: 931.5 GB) (Disk ID: 1871DB20)
 
Partition: GPT.
 
========================================================
Disk: 3 (Size: 29.1 GB) (Disk ID: 73696D20)
No partition Table on disk 3.
 
========================================================
Disk: 4 (MBR Code: Windows 7 or 8) (Size: 14.6 GB) (Disk ID: 561DD346)
Partition 1: (Active) - (Size=14.6 GB) - (Type=0C)
 
==================== End of Addition.txt ============================

  • 0






Similar Topics


Also tagged with one or more of these keywords: Malware, VBS Malware Gen, Avast, Malware bytes

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP