Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

svchost virus cant remove please help


  • This topic is locked This topic is locked
6 replies to this topic

#1 Xnitro67

Xnitro67

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:11:50 PM

Posted 01 November 2017 - 05:01 PM

recently my exe files no longer work but some work as admin. i have tried fixing registry but everytime safe mode or not it resets to C:\WINDOWS\svchost.com "%1" %* safe mode did however when i set it back to "%1"%* and sign back in programs work. malewarebytes does find the reg issue but doesnt really do anything after reboot. id really not want to reinstall wiindows so please help.



BC AdBot (Login to Remove)

 


#2 JSntgRvr

JSntgRvr

    Master Surgeon General


  • Malware Response Team
  • 11,198 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto Rico
  • Local time:12:50 AM

Posted 01 November 2017 - 06:45 PM

Hi

Welcome :)

I'll be helping you with your computer.

Please read this post completely before beginning. If there's anything that you do not understand, please don't hesitate to ask before proceeding.

Please take note of the guidelines for this fix:

  • Please note that I am a volunteer. I do have a family, a career, and other endeavors that may prevent immediate responses that meet your schedule. Do note that the differences in time zones could present a problem as well. Your patience and understanding will be greatly appreciated.
  • First of all, the procedures we are about to perform are specific to your problem and should only be used on this specific computer.
  • Do not make any changes to your computer that include installing/uninstalling programs, deleting files, modifying the registry, nor running scanners or tools of any kind unless specifically requested by me.
  • Please read ALL instructions carefully and perform the steps fully and in the order they are written.
  • If things appear to be better, let me know. Just because the symptoms no longer exist as before, does not mean that you are clean.
  • Continue to read and follow my instructions until I tell you that your machine is clean.
  • If you have any questions at all, please do not hesitate to ask before performing the task that I ask of you, and please wait for my reply before you proceed.
  • Scanning with programs and reading the logs do take a fair amount of time. Again, your patience will be necessary. :)

Let's begin... :)
 

 

Please download Farbar Recovery Scan Tool and save it to your desktop.

Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.

  • Double-click to run it. When the tool opens click Yes to disclaimer.
  • Make sure that under Optional Scans, there is a checkmark on Addition.txt.
  • Press Scan button.
  • It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
  • The tool will also produce another log (Addition.txt ). Please attach this to your reply.

 


No request for help throughout private messaging will be attended.

If I have helped you, consider making a donation to help me continue the fight against Malware!
btn_donate_SM.gif


#3 Xnitro67

Xnitro67
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:11:50 PM

Posted 01 November 2017 - 08:01 PM

heres the log files didnt take very long

 

 

No log file

 
==================== Services (Whitelisted) ====================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [173472 2017-01-30] (SUPERAntiSpyware.com)
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [753240 2016-12-09] (Adobe Systems Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2257016 2017-08-23] (Adobe Systems, Incorporated)
R2 Apache CouchDB; E:\CouchDB\bin\nssm.exe [331264 2016-07-19] () [File not signed]
S3 AppleChargerSrv; C:\WINDOWS\System32\AppleChargerSrv.exe [31272 2010-04-06] ()
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1506824 2017-11-01] () [File not signed]
R2 chromoting; C:\Program Files (x86)\Google\Chrome Remote Desktop\63.0.3239.17\remoting_host.exe [71512 2017-10-24] (Google Inc.)
S3 Creative ALchemy AL6 Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [79360 2017-11-01] (Creative Labs) [File not signed]
S3 Creative Audio Engine Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [120832 2017-11-01] () [File not signed]
R2 CTAudSvcService; C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe [406016 2011-09-14] (Creative Technology Ltd) [File not signed]
R2 DevMgmtService; C:\Program Files\Bitdefender\Bitdefender Device Management\DevMgmtService.exe [103072 2017-08-17] (Bitdefender)
S3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [1471168 2017-02-06] (Disc Soft Ltd)
R2 Ds3Service; C:\Users\Xnitro67\Desktop\bin\ScpService.exe [381952 2017-11-01] (Scarlet.Crush Productions) [File not signed]
R2 gadjservice; C:\Program Files (x86)\GIGABYTE\AppCenter\AdjustService.exe [17920 2015-06-25] () [File not signed]
S3 HwmRecordService; C:\Program Files (x86)\GIGABYTE\SIV\HwmRecordService.exe [118192 2017-11-01] (GIGA-BYTE TECHNOLOGY CO., LTD.)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [19440 2015-11-04] (Intel Corporation)
R2 IpOverUsbSvc; C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe [21184 2017-01-06] (Microsoft Corporation)
R2 LogiRegistryService; C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe [193656 2016-09-29] (Logitech Inc.)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6058960 2017-08-07] (Malwarebytes)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [518080 2017-10-10] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [518080 2017-10-10] (NVIDIA Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [462968 2017-10-12] (NVIDIA Corporation)
R2 NvTelemetryContainer; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [460736 2017-10-10] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2123104 2017-11-01] (Electronic Arts)
R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3002720 2017-10-27] (Electronic Arts)
R2 PlexUpdateService; C:\Program Files (x86)\Plex\Plex Media Server\Plex Update Service.exe [2092008 2017-09-25] (Plex, Inc.)
R2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [66872 2017-08-24] ()
R2 ProductAgentService; C:\Program Files\Bitdefender Agent\ProductAgentService.exe [1230824 2017-02-22] (Bitdefender)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [3913064 2017-03-18] (Microsoft Corporation)
S3 Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [1682720 2017-11-01] () [File not signed]
S3 Te.Service; C:\Program Files (x86)\Windows Kits\10\Testing\Runtimes\TAEF\Wex.Services.exe [139264 2017-11-01] (Microsoft Corporation) [File not signed]
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [10351856 2016-12-15] (TeamViewer GmbH)
S3 ThunderboltService; C:\Program Files (x86)\Intel\Thunderbolt Software\tbtsvc.exe [1830088 2017-11-01] (Intel Corporation)
S3 TunngleService; C:\Program Files (x86)\Tunngle\TnglCtrl.exe [838128 2017-11-01] (Tunngle.net GmbH)
R2 UPDATESRV; C:\Program Files\Bitdefender\Bitdefender 2017\updatesrv.exe [218416 2017-11-01] (Bitdefender)
R2 VSSERV; C:\Program Files\Bitdefender\Bitdefender 2017\vsserv.exe [1445008 2017-11-01] (Bitdefender)
R2 vsservp; C:\Program Files\Bitdefender\Bitdefender 2017\vsservp.exe [524872 2016-08-25] (Bitdefender)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [342264 2017-03-18] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [102816 2017-07-11] (Microsoft Corporation)
 
===================== Drivers (Whitelisted) ======================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S3 anvsnddrv; C:\WINDOWS\system32\drivers\anvsnddrv.sys [34416 2016-03-24] (AnvSoft Inc.)
R1 AppleCharger; C:\WINDOWS\System32\DRIVERS\AppleCharger.sys [22240 2013-10-28] ()
R0 avc3; C:\WINDOWS\System32\DRIVERS\avc3.sys [1612648 2017-04-19] (BitDefender)
R3 avckf; C:\WINDOWS\System32\DRIVERS\avckf.sys [879600 2017-04-19] (BitDefender)
S0 bdelam; C:\WINDOWS\System32\drivers\bdelam.sys [23672 2016-03-14] (Bitdefender)
R1 bdfwfpf; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys [133088 2017-11-01] (BitDefender LLC)
R1 BDVEDISK; C:\WINDOWS\system32\DRIVERS\bdvedisk.sys [87912 2015-12-04] (BitDefender)
R1 BfLwf; C:\WINDOWS\system32\DRIVERS\bwcW10x64.sys [145736 2016-09-19] (Rivet Networks, LLC.)
R3 CorsairGamingAudioService; C:\WINDOWS\system32\DRIVERS\CorsairGamingAudioamd64.sys [95224 2017-09-15] (Corsair Components, Inc.)
R3 CorsairVBusDriver; C:\WINDOWS\System32\drivers\CorsairVBusDriver.sys [45528 2017-06-07] (Corsair)
R3 CorsairVHidDriver; C:\WINDOWS\System32\drivers\CorsairVHidDriver.sys [21968 2017-06-07] (Corsair)
S3 csravrcp; C:\WINDOWS\System32\drivers\csravrcp.sys [26304 2012-03-22] (Cambridge Silicon Radio Limited)
S3 CsrBtPort; C:\WINDOWS\system32\DRIVERS\CsrBtPort.sys [2784968 2012-03-22] (Cambridge Silicon Radio Limited)
S3 csrpan; C:\WINDOWS\System32\drivers\csrpan.sys [39616 2012-03-22] (Cambridge Silicon Radio Limited)
S3 csrserial; C:\WINDOWS\system32\DRIVERS\csrserial.sys [61128 2012-03-22] (Cambridge Silicon Radio Limited)
S3 csrusb; C:\WINDOWS\System32\Drivers\csrusb.sys [47296 2012-03-22] (Cambridge Silicon Radio Limited)
S3 csrusbfilter; C:\WINDOWS\System32\Drivers\csrusbfilter.sys [23752 2012-03-22] (Cambridge Silicon Radio Limited)
S3 csr_bthav; C:\WINDOWS\system32\drivers\csrbthav.sys [99520 2012-03-22] (Cambridge Silicon Radio Limited)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131984 2017-05-18] (Samsung Electronics Co., Ltd.)
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2017-04-02] (Disc Soft Ltd)
R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [47672 2017-04-02] (Disc Soft Ltd)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [77440 2017-10-10] ()
R0 gzflt; C:\WINDOWS\System32\DRIVERS\gzflt.sys [182944 2016-10-29] (BitDefender LLC)
S3 hitmanpro37; C:\WINDOWS\system32\drivers\hitmanpro37.sys [55232 2017-11-01] ()
R1 HWiNFO32; C:\Windows\system32\drivers\HWiNFO64A.SYS [27552 2016-10-27] (REALiX™)
R0 Ignis; C:\WINDOWS\system32\DRIVERS\ignis.sys [305120 2017-03-15] (Bitdefender)
R1 ISODrive; C:\Program Files (x86)\UltraISO\drivers\ISODrv64.sys [115448 2013-11-21] (EZB Systems, Inc.)
R3 KillerEth; C:\WINDOWS\System32\drivers\e2xw10x64.sys [145920 2017-03-18] (Qualcomm Atheros, Inc.)
S3 ladfGSS; C:\WINDOWS\system32\drivers\ladfGSS.sys [45208 2016-09-29] (Logitech Inc.)
R2 LGCoreTemp; C:\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\lgcoretemp.sys [14184 2015-06-21] (Logitech)
R3 LGJoyXlCore; C:\WINDOWS\system32\drivers\LGJoyXlCore.sys [67736 2016-09-29] (Logitech Inc.)
R3 LGSHidFilt; C:\WINDOWS\system32\DRIVERS\LGSHidFilt.Sys [64280 2016-09-29] (Logitech Inc.)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [192952 2017-10-10] (Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\system32\DRIVERS\farflt.sys [110016 2017-11-01] (Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [45504 2017-11-01] (Malwarebytes)
R0 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [252232 2017-11-01] (Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [94144 2017-11-01] (Malwarebytes)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_2e44aad2706ac9ff\nvlddmkm.sys [16924088 2017-10-13] (NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30144 2017-10-10] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [50624 2017-10-10] (NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [57792 2017-10-12] (NVIDIA Corporation)
R3 Phosgene; C:\WINDOWS\system32\DRIVERS\Phosgene.sys [34136 2015-09-02] (Adoriasoft LLC)
R0 pwdrvio; C:\WINDOWS\System32\pwdrvio.sys [19152 2013-09-30] ()
S3 pwdspio; C:\Windows\system32\pwdspio.sys [12504 2013-09-30] ()
R3 RTCore64; C:\Program Files (x86)\MSI Afterburner\RTCore64.sys [14024 2017-06-28] ()
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R3 ScpVBus; C:\WINDOWS\System32\drivers\ScpVBus.sys [39168 2013-05-19] (Scarlet.Crush Productions)
S3 SDFRd; C:\WINDOWS\System32\drivers\SDFRd.sys [31128 2017-03-18] ()
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.)
R3 tap0901t; C:\WINDOWS\System32\drivers\tap0901t.sys [48824 2016-04-26] (Tunngle.net GmbH)
U3 TrueSight; C:\Windows\System32\drivers\TrueSight.sys [28272 2017-11-01] ()
R0 trufos; C:\WINDOWS\System32\DRIVERS\trufos.sys [520032 2016-06-22] (BitDefender S.R.L.)
S1 UsbCharger; C:\WINDOWS\System32\DRIVERS\UsbCharger.sys [22240 2013-10-24] ()
R3 UsbDk; C:\Windows\System32\Drivers\UsbDk.sys [85296 2016-09-04] (Red Hat Inc.)
S3 usbrndis6; C:\WINDOWS\System32\drivers\usb80236.sys [23040 2017-03-18] (Microsoft Corporation)
R1 VBoxNetAdp; C:\WINDOWS\system32\DRIVERS\VBoxNetAdp6.sys [131144 2017-03-15] (Oracle Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44632 2017-03-18] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [294816 2017-03-18] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [121248 2017-03-18] (Microsoft Corporation)
R1 YSDrv; C:\Program Files (x86)\Bignox\BigNoxVM\RT\YSDrv.sys [270608 2017-08-12] (BigNox Corporation)
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2017-11-01 19:33 - 2017-11-01 19:33 - 000002348 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-11-01 19:33 - 2017-11-01 19:33 - 000002336 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2017-11-01 19:32 - 2017-11-01 19:32 - 001130328 _____ (Google Inc.) C:\Users\Xnitro67\Downloads\ChromeSetup.exe
2017-11-01 19:30 - 2017-11-01 19:30 - 000057196 _____ C:\ProgramData\dm.1509579025.bdinstall.bin
2017-11-01 19:30 - 2017-11-01 19:30 - 000000000 ____D C:\ProgramData\Bitdefender Device Management
2017-11-01 19:29 - 2017-11-01 19:29 - 000029983 _____ C:\ProgramData\agent.update.1509578937.bdinstall.bin
2017-11-01 19:27 - 2017-11-01 19:43 - 000003406 _____ C:\WINDOWS\System32\Tasks\Bitdefender AgentTask_AD394AE64E874073B10A89FEEC305A3C
2017-11-01 19:27 - 2017-11-01 19:27 - 000450951 _____ C:\ProgramData\cl.1509578767.bdinstall.bin
2017-11-01 19:27 - 2017-11-01 19:27 - 000000385 _____ C:\WINDOWS\system32\user_gensett.xml
2017-11-01 19:26 - 2017-11-01 19:43 - 000000000 ____D C:\ProgramData\Bitdefender
2017-11-01 19:26 - 2017-11-01 19:30 - 000000000 ____D C:\Users\Xnitro67\AppData\Roaming\Bitdefender
2017-11-01 19:26 - 2017-11-01 19:26 - 000002303 _____ C:\Users\Public\Desktop\Bitdefender 2017.lnk
2017-11-01 19:26 - 2017-11-01 19:26 - 000000000 ____D C:\Users\Xnitro67\AppData\Roaming\QuickScan
2017-11-01 19:26 - 2017-11-01 19:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bitdefender 2017
2017-11-01 19:26 - 2017-11-01 19:26 - 000000000 ____D C:\ProgramData\BDLogging
2017-11-01 19:26 - 2017-04-19 07:19 - 001612648 _____ (BitDefender) C:\WINDOWS\system32\Drivers\avc3.sys
2017-11-01 19:26 - 2017-04-19 07:19 - 000879600 _____ (BitDefender) C:\WINDOWS\system32\Drivers\avckf.sys
2017-11-01 19:26 - 2017-03-15 08:03 - 000305120 _____ (Bitdefender) C:\WINDOWS\system32\Drivers\ignis.sys
2017-11-01 19:26 - 2016-03-14 22:04 - 000023672 _____ (Bitdefender) C:\WINDOWS\system32\Drivers\bdelam.sys
2017-11-01 19:26 - 2015-12-04 19:27 - 000087912 _____ (BitDefender) C:\WINDOWS\system32\Drivers\bdvedisk.sys
2017-11-01 19:26 - 2007-04-11 11:11 - 000511328 _____ (Microsoft Corporation) C:\WINDOWS\capicom.dll
2017-11-01 19:25 - 2017-11-01 19:25 - 000003794 _____ C:\WINDOWS\System32\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864
2017-11-01 19:23 - 2017-11-01 20:51 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-11-01 19:22 - 2017-01-13 11:50 - 001566863 _____ C:\Users\Xnitro67\Desktop\Trial Reset.zip
2017-11-01 19:18 - 2017-11-01 19:30 - 000000000 ____D C:\Program Files\Bitdefender
2017-11-01 19:18 - 2016-10-29 09:54 - 000182944 ____N (BitDefender LLC) C:\WINDOWS\system32\Drivers\gzflt.sys
2017-11-01 19:18 - 2016-06-22 15:40 - 000520032 _____ (BitDefender S.R.L.) C:\WINDOWS\system32\Drivers\trufos.sys
2017-11-01 19:17 - 2017-11-01 20:52 - 000000000 ____D C:\Program Files\Bitdefender Agent
2017-11-01 19:17 - 2017-11-01 19:17 - 000046860 _____ C:\ProgramData\agent.1509578231.bdinstall.bin
2017-11-01 19:17 - 2017-11-01 19:17 - 000028401 _____ C:\ProgramData\agent.1509578251.bdinstall.bin
2017-11-01 19:17 - 2017-11-01 19:17 - 000000000 ____D C:\ProgramData\Bitdefender Agent
2017-11-01 19:17 - 2017-05-30 15:20 - 387255184 _____ C:\Users\Xnitro67\Desktop\Setup.exe
2017-11-01 19:17 - 2017-01-11 17:56 - 011842648 _____ C:\Users\Xnitro67\Desktop\Agent.exe
2017-11-01 19:16 - 2017-11-01 19:26 - 000000000 ____D C:\Program Files\Common Files\Bitdefender
2017-11-01 19:14 - 2017-11-01 19:15 - 000000000 ____D C:\Users\Xnitro67\Downloads\Bitdefender Total Security 2017 v21.0.25.92 Final + Trial Reset
2017-11-01 19:13 - 2017-11-01 19:13 - 000015916 _____ C:\Users\Xnitro67\Downloads\[katcr.co]Bitdefender Total Security 2017 v21.0.25.92 Final + Trial Reset(1).torrent
2017-11-01 19:07 - 2017-11-01 19:07 - 000015916 _____ C:\Users\Xnitro67\Downloads\[katcr.co]Bitdefender Total Security 2017 v21.0.25.92 Final + Trial Reset.torrent
2017-11-01 19:02 - 2017-11-01 19:23 - 000000548 _____ C:\WINDOWS\Tasks\SUPERAntiSpyware Scheduled Task e200a3b1-44ee-456f-9faa-c801766b9faf.job
2017-11-01 19:02 - 2017-11-01 19:23 - 000000548 _____ C:\WINDOWS\Tasks\SUPERAntiSpyware Scheduled Task 1191ba73-0ad2-4860-9757-8a1ecd435da4.job
2017-11-01 19:02 - 2017-11-01 19:02 - 000003798 _____ C:\WINDOWS\System32\Tasks\SUPERAntiSpyware Scheduled Task e200a3b1-44ee-456f-9faa-c801766b9faf
2017-11-01 19:02 - 2017-11-01 19:02 - 000003716 _____ C:\WINDOWS\System32\Tasks\SUPERAntiSpyware Scheduled Task 1191ba73-0ad2-4860-9757-8a1ecd435da4
2017-11-01 19:02 - 2017-11-01 19:02 - 000001849 _____ C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
2017-11-01 19:02 - 2017-11-01 19:02 - 000000000 ____D C:\Users\Xnitro67\AppData\Roaming\SUPERAntiSpyware.com
2017-11-01 19:02 - 2017-11-01 19:02 - 000000000 ____D C:\ProgramData\SUPERAntiSpyware.com
2017-11-01 19:02 - 2017-11-01 19:02 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
2017-11-01 19:02 - 2017-11-01 19:02 - 000000000 ____D C:\Program Files\SUPERAntiSpyware
2017-11-01 19:00 - 2017-11-01 19:00 - 000208744 _____ C:\TDSSKiller.2.8.16.0_01.11.2017_19.00.14_log.txt
2017-11-01 19:00 - 2017-11-01 19:00 - 000208216 _____ (Kaspersky Lab, GERT) C:\WINDOWS\system32\Drivers\36183788.sys
2017-11-01 19:00 - 2017-11-01 19:00 - 000000000 ____D C:\TDSSKiller_Quarantine
2017-11-01 18:55 - 2017-11-01 20:54 - 003001296 _____ C:\Users\Xnitro67\Downloads\SecurityTaskManager_Setup.exe
2017-11-01 18:55 - 2017-11-01 19:25 - 000000000 ____D C:\ProgramData\SecTaskMan
2017-11-01 18:55 - 2017-11-01 18:55 - 000001231 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spy Protector.lnk
2017-11-01 18:55 - 2017-11-01 18:55 - 000001220 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Security Task Manager.lnk
2017-11-01 18:55 - 2017-11-01 18:55 - 000001208 _____ C:\Users\Public\Desktop\Security Task Manager.lnk
2017-11-01 18:55 - 2017-11-01 18:55 - 000000000 ____D C:\Program Files (x86)\Security Task Manager
2017-11-01 18:45 - 2017-11-01 18:45 - 000000000 ____D C:\Users\Xnitro67\AppData\Roaming\Curiolab
2017-11-01 18:44 - 2017-11-01 18:50 - 000000000 ____D C:\Program Files (x86)\Exterminate It!
2017-11-01 18:44 - 2017-11-01 18:44 - 000001154 _____ C:\Users\Public\Desktop\Exterminate It!.lnk
2017-11-01 18:44 - 2017-11-01 18:44 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Exterminate It!
2017-11-01 18:33 - 2017-11-01 18:33 - 000000336 _____ C:\WINDOWS\system32\.crusader
2017-11-01 18:24 - 2017-11-01 18:34 - 000055232 _____ C:\WINDOWS\system32\Drivers\hitmanpro37.sys
2017-11-01 18:24 - 2017-11-01 18:33 - 000000000 ____D C:\ProgramData\HitmanPro
2017-11-01 18:22 - 2017-11-01 18:22 - 000028272 _____ C:\WINDOWS\system32\Drivers\TrueSight.sys
2017-11-01 18:22 - 2017-11-01 18:22 - 000000899 _____ C:\Users\Public\Desktop\RogueKiller.lnk
2017-11-01 18:22 - 2017-11-01 18:22 - 000000000 ____D C:\ProgramData\RogueKiller
2017-11-01 18:22 - 2017-11-01 18:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RogueKiller
2017-11-01 18:22 - 2017-11-01 18:22 - 000000000 ____D C:\Program Files\RogueKiller
2017-11-01 18:20 - 2017-11-01 18:20 - 000000000 ____D C:\ProgramData\Sophos
2017-11-01 18:19 - 2017-11-01 18:19 - 000002775 _____ C:\Users\Public\Desktop\Sophos Virus Removal Tool.lnk
2017-11-01 18:19 - 2017-11-01 18:19 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sophos
2017-11-01 18:19 - 2017-11-01 18:19 - 000000000 ____D C:\Program Files (x86)\Sophos
2017-11-01 18:16 - 2017-11-01 18:16 - 000000000 ____D C:\KVRT_Data
2017-11-01 18:15 - 2017-11-01 18:16 - 100264280 _____ (Kaspersky Lab ZAO) C:\Users\Xnitro67\Downloads\KVRT.exe
2017-11-01 18:13 - 2017-11-01 18:13 - 000001750 _____ C:\Users\Xnitro67\Desktop\FixExec.txt
2017-11-01 18:12 - 2017-11-01 20:54 - 000457632 _____ (Bleeping Computer, LLC) C:\Users\Xnitro67\Downloads\FixExec.exe
2017-11-01 17:45 - 2017-11-01 20:54 - 006754944 _____ (ESET spol. s r.o.) C:\Users\Xnitro67\Downloads\esetonlinescanner_enu.exe
2017-11-01 17:45 - 2017-11-01 17:52 - 000000000 ____D C:\Users\Xnitro67\AppData\Local\ESET
2017-11-01 17:42 - 2017-11-01 20:56 - 000011559 _____ C:\Users\Xnitro67\Desktop\FRST.txt
2017-11-01 17:42 - 2017-11-01 20:56 - 000000000 ____D C:\FRST
2017-11-01 17:42 - 2017-11-01 19:33 - 002403328 _____ (Farbar) C:\Users\Xnitro67\Desktop\FRST64.exe
2017-11-01 17:36 - 2017-11-01 17:36 - 000002259 _____ C:\WINDOWS\epplauncher.mif
2017-11-01 17:35 - 2017-11-01 17:35 - 015065792 _____ (Microsoft Corporation) C:\Users\Xnitro67\Downloads\mseinstall.exe
2017-11-01 17:17 - 2017-11-01 19:18 - 000609752 _____ C:\WINDOWS\ntbtlog.txt
2017-11-01 17:14 - 2017-11-01 19:33 - 001792640 _____ (Bleeping Computer, LLC) C:\Users\Xnitro67\Desktop\rkill.exe
2017-11-01 17:06 - 2017-11-01 17:29 - 000002218 _____ C:\Users\Xnitro67\Desktop\Rkill.txt
2017-11-01 17:05 - 2017-11-01 20:54 - 001780224 _____ (Bleeping Computer, LLC) C:\Users\Xnitro67\Downloads\rkill-unsigned.exe
2017-11-01 16:14 - 2017-11-01 19:33 - 000292864 _____ (The Windows Club) C:\Users\Xnitro67\Desktop\FAF x64.exe
2017-11-01 16:08 - 2011-06-24 01:46 - 000003646 _____ C:\Users\Xnitro67\Desktop\EXE_Fix_TWC.reg
2017-11-01 15:50 - 2017-11-01 19:25 - 000000000 _____ C:\WINDOWS\directx.sys
2017-11-01 14:49 - 2017-11-01 14:52 - 496086967 ____R C:\Users\Xnitro67\Downloads\Rick.and.Morty.Virtual.Rick.ality.rar
2017-11-01 14:47 - 2017-11-01 14:48 - 003254253 ____R C:\Users\Xnitro67\Downloads\Wifi WPS Unlocker v2.2.3 [Unlocked]-[android] - MrCracks.com.apk.zip
2017-11-01 14:46 - 2017-11-01 14:46 - 000000000 ____D C:\Users\Xnitro67\Downloads\Truecaller- Caller ID, SMS Spam Blocking & Dialer Pro v8.62.6 Mod Apk [CracksNow]
2017-11-01 14:42 - 2017-11-01 14:46 - 528439613 ____R C:\Users\Xnitro67\Downloads\Acronis True Image 2018 Build 9850 + patch - Crackingpatching.com.zip
2017-11-01 14:32 - 2017-11-01 14:32 - 000000000 ____D C:\Users\Xnitro67\Downloads\BlueStacks 3.50.56.2506 [CracksMind]
2017-11-01 00:44 - 2017-11-01 00:44 - 000001385 _____ C:\Users\Xnitro67\Downloads\[katcr.co]Truecaller- Caller ID, SMS Spam Blocking & Dialer Pro v8.62.6 Mod Apk [CracksNow].torrent
2017-10-27 23:22 - 2017-11-01 20:51 - 000094144 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2017-10-27 19:46 - 2017-10-27 19:46 - 000000000 ____D C:\Program Files (x86)\VulkanRT
2017-10-27 19:46 - 2017-10-12 17:38 - 000531904 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2017-10-27 19:46 - 2017-10-12 15:59 - 000136128 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvStreaming.exe
2017-10-27 19:46 - 2017-09-13 19:20 - 000798008 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2017-10-27 19:46 - 2017-09-13 19:20 - 000490296 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2017-10-27 19:46 - 2017-09-13 19:19 - 000927544 _____ C:\WINDOWS\system32\vulkan-1.dll
2017-10-27 19:46 - 2017-09-13 19:19 - 000591160 _____ C:\WINDOWS\system32\vulkaninfo.exe
2017-10-27 19:45 - 2017-10-12 17:38 - 040237176 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcompiler.dll
2017-10-27 19:45 - 2017-10-12 17:38 - 036230080 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2017-10-27 19:45 - 2017-10-12 17:38 - 035156600 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcompiler.dll
2017-10-27 19:45 - 2017-10-12 17:38 - 029263992 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2017-10-27 19:45 - 2017-10-12 17:38 - 023261440 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2017-10-27 19:45 - 2017-10-12 17:38 - 019035344 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2017-10-27 19:45 - 2017-10-12 17:38 - 013863184 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2017-10-27 19:45 - 2017-10-12 17:38 - 013251240 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvptxJitCompiler.dll
2017-10-27 19:45 - 2017-10-12 17:38 - 011777768 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2017-10-27 19:45 - 2017-10-12 17:38 - 010880856 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll
2017-10-27 19:45 - 2017-10-12 17:38 - 004201408 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2017-10-27 19:45 - 2017-10-12 17:38 - 003614328 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2017-10-27 19:45 - 2017-10-12 17:38 - 001988032 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6438800.dll
2017-10-27 19:45 - 2017-10-12 17:38 - 001606592 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6438800.dll
2017-10-27 19:45 - 2017-10-12 17:38 - 001331016 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFThevc.dll
2017-10-27 19:45 - 2017-10-12 17:38 - 001321448 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFTH264.dll
2017-10-27 19:45 - 2017-10-12 17:38 - 001135464 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvfatbinaryLoader.dll
2017-10-27 19:45 - 2017-10-12 17:38 - 001098872 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2017-10-27 19:45 - 2017-10-12 17:38 - 001044848 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFThevc.dll
2017-10-27 19:45 - 2017-10-12 17:38 - 001038496 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFTH264.dll
2017-10-27 19:45 - 2017-10-12 17:38 - 001030080 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2017-10-27 19:45 - 2017-10-12 17:38 - 000980928 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2017-10-27 19:45 - 2017-10-12 17:38 - 000932288 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2017-10-27 19:45 - 2017-10-12 17:38 - 000885496 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll
2017-10-27 19:45 - 2017-10-12 17:38 - 000794392 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2017-10-27 19:45 - 2017-10-12 17:38 - 000739264 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvDecMFTMjpeg.dll
2017-10-27 19:45 - 2017-10-12 17:38 - 000632848 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2017-10-27 19:45 - 2017-10-12 17:38 - 000618744 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmcumd.dll
2017-10-27 19:45 - 2017-10-12 17:38 - 000615360 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2017-10-27 19:45 - 2017-10-12 17:38 - 000598464 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvDecMFTMjpeg.dll
2017-10-27 19:45 - 2017-10-12 17:38 - 000505976 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2017-10-27 19:45 - 2017-10-12 17:38 - 000045496 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdap64.dll
2017-10-27 19:45 - 2017-10-12 17:38 - 000000669 _____ C:\WINDOWS\SysWOW64\nv-vk32.json
2017-10-27 19:45 - 2017-10-12 17:38 - 000000669 _____ C:\WINDOWS\system32\nv-vk64.json
2017-10-27 12:15 - 2017-10-27 12:15 - 000299023 _____ C:\Users\Xnitro67\Downloads\[katcr.co]DESTINY 2-FULL UNLOCKED RePack.torrent
2017-10-26 17:02 - 2017-10-26 17:02 - 000000000 ____D C:\Users\Xnitro67\AppData\Roaming\Cuphead
2017-10-26 17:01 - 2017-10-26 17:01 - 000000619 _____ C:\Users\Xnitro67\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Cuphead.lnk
2017-10-26 16:30 - 2017-10-26 16:30 - 000000485 _____ C:\Users\Public\Desktop\Cuphead.lnk
2017-10-26 15:09 - 2017-10-26 15:09 - 000032793 _____ C:\Users\Xnitro67\Downloads\[katcr.co]FD53AA24D97980EAD39E7D4035BB387935E5A7D5.torrent
2017-10-26 14:58 - 2017-10-26 14:59 - 020875955 _____ C:\Users\Xnitro67\Downloads\Playstation.2.BIOS.Collecti.7z
2017-10-26 14:57 - 2017-10-26 14:57 - 000016768 _____ C:\Users\Xnitro67\Downloads\289e99f96f3a2307.html
2017-10-26 12:47 - 2017-10-26 12:47 - 000100033 _____ C:\Users\Xnitro67\Downloads\[katcr.co]Cars.3.2017.BRRip.XviD.AC3-EVO.torrent
2017-10-26 12:47 - 2017-10-26 12:47 - 000031751 _____ C:\Users\Xnitro67\Downloads\[katcr.co]Cars 3 (2017) [1080p] [YTS.PE].torrent
2017-10-25 13:32 - 2017-10-25 13:32 - 000021022 _____ C:\Users\Xnitro67\Downloads\[katcr.co]BlueStacks 3.50.56.2506 [CracksMind].torrent
2017-10-23 14:36 - 2017-10-23 14:36 - 000001199 _____ C:\Users\Public\Desktop\Corsair Utility Engine.lnk
2017-10-23 14:36 - 2017-10-23 14:36 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Corsair Utility Engine
2017-10-23 14:35 - 2017-10-23 14:35 - 000000000 ____D C:\Program Files (x86)\Corsair
2017-10-23 14:33 - 2017-10-23 14:33 - 001048576 _____ C:\new.sdb
2017-10-23 14:33 - 2017-10-23 14:33 - 000016384 _____ C:\new.jfm
2017-10-23 14:33 - 2017-10-23 14:33 - 000016114 _____ C:\securityconfig.cfg
2017-10-23 14:33 - 2017-10-23 14:33 - 000016032 _____ C:\securityconfig1.cfg
2017-10-23 14:26 - 2017-10-23 14:59 - 000000000 ____D C:\Program Files (x86)\Windows Password Recovery Tool Ultimate
2017-10-22 17:36 - 2017-10-22 17:37 - 353494520 _____ C:\Users\Xnitro67\Downloads\Episode 12- Blue vs. Red.TS
2017-10-21 15:16 - 2017-10-21 15:18 - 000000000 ____D C:\Program Files (x86)\Account Hacker
2017-10-20 11:28 - 2017-10-20 11:28 - 000003212 _____ C:\Users\Xnitro67\Downloads\[katcr.co]Acronis True Image 2018 Build 9850 + patch - Crackingpatching.com.zip.torrent
2017-10-18 16:38 - 2017-10-18 16:38 - 000054680 _____ C:\Users\Xnitro67\Documents\redvsblueS15.veg
2017-10-17 11:37 - 2017-10-17 11:37 - 000001422 _____ C:\Users\Xnitro67\Downloads\[katcr.co]pubg-keygen Oct. 2017 by robozak.torrent
2017-10-11 19:54 - 2017-09-30 01:49 - 001004136 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase.dll
2017-10-11 19:54 - 2017-09-30 01:45 - 000511896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbhub.sys
2017-10-11 19:54 - 2017-09-30 01:42 - 000820120 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2017-10-11 19:54 - 2017-09-30 01:40 - 000336320 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthService.exe
2017-10-11 19:54 - 2017-09-30 01:40 - 000173976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbccgp.sys
2017-10-11 19:54 - 2017-09-30 01:36 - 002672024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2017-10-11 19:54 - 2017-09-29 22:29 - 001408536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2017-10-11 19:54 - 2017-09-29 22:29 - 000804784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2017-10-11 19:54 - 2017-09-29 22:26 - 001333136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2017-10-11 19:54 - 2017-09-29 22:26 - 001292872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2017-10-11 19:54 - 2017-09-29 22:10 - 001839872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2017-10-11 19:54 - 2017-09-29 22:10 - 000606072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2017-10-11 19:54 - 2017-09-29 22:10 - 000508344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2017-10-11 19:54 - 2017-09-29 22:10 - 000480920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\advapi32.dll
2017-10-11 19:54 - 2017-09-29 22:09 - 002259760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2017-10-11 19:54 - 2017-09-29 22:09 - 000787712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2017-10-11 19:54 - 2017-09-29 22:06 - 004471368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2017-10-11 19:54 - 2017-09-29 22:05 - 005827744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2017-10-11 19:54 - 2017-09-29 22:05 - 002603744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneCoreUAPCommonProxyStub.dll
2017-10-11 19:54 - 2017-09-29 22:05 - 001266544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2017-10-11 19:54 - 2017-09-29 22:05 - 000750488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2017-10-11 19:54 - 2017-09-29 22:05 - 000559000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2017-10-11 19:54 - 2017-09-29 22:04 - 004215184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll
2017-10-11 19:54 - 2017-09-29 22:04 - 000612120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2017-10-11 19:54 - 2017-09-29 22:04 - 000519680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2017-10-11 19:54 - 2017-09-29 22:04 - 000438096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.dll
2017-10-11 19:54 - 2017-09-29 22:04 - 000347544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2017-10-11 19:54 - 2017-09-29 22:04 - 000182680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2017-10-11 19:54 - 2017-09-29 22:03 - 020373408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2017-10-11 19:54 - 2017-09-29 22:03 - 006768288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2017-10-11 19:54 - 2017-09-29 22:03 - 001439032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll
2017-10-11 19:54 - 2017-09-29 22:02 - 001624096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Microsoft.Uev.AppAgent.dll
2017-10-11 19:54 - 2017-09-29 22:02 - 001517464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppVEntSubsystems32.dll
2017-10-11 19:54 - 2017-09-29 22:02 - 000175512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\basecsp.dll
2017-10-11 19:54 - 2017-09-29 22:01 - 000124544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sspicli.dll
2017-10-11 19:54 - 2017-09-29 03:45 - 002953216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2017-10-11 19:54 - 2017-09-29 03:44 - 000133120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\t2embed.dll
2017-10-11 19:54 - 2017-09-29 03:43 - 002199552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll
2017-10-11 19:54 - 2017-09-29 03:43 - 000142336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\smartscreenps.dll
2017-10-11 19:54 - 2017-09-29 03:43 - 000060928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usoapi.dll
2017-10-11 19:54 - 2017-09-29 03:42 - 000018944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mgmtapi.dll
2017-10-11 19:54 - 2017-09-29 03:41 - 013844992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2017-10-11 19:54 - 2017-09-29 03:41 - 000110080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BitLockerCsp.dll
2017-10-11 19:54 - 2017-09-29 03:40 - 006728192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2017-10-11 19:54 - 2017-09-29 03:40 - 000371200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2017-10-11 19:54 - 2017-09-29 03:40 - 000086528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
2017-10-11 19:54 - 2017-09-29 03:39 - 000364032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2017-10-11 19:54 - 2017-09-29 03:38 - 005721600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2017-10-11 19:54 - 2017-09-29 03:38 - 002671616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2017-10-11 19:54 - 2017-09-29 03:38 - 001135616 ____R (The ICU Project) C:\WINDOWS\SysWOW64\icuuc.dll
2017-10-11 19:54 - 2017-09-29 03:38 - 000498688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Microsoft.Uev.Office2013CustomActions.dll
2017-10-11 19:54 - 2017-09-29 03:38 - 000471040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TpmCoreProvisioning.dll
2017-10-11 19:54 - 2017-09-29 03:38 - 000463360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webio.dll
2017-10-11 19:54 - 2017-09-29 03:38 - 000370688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FirewallAPI.dll
2017-10-11 19:54 - 2017-09-29 03:38 - 000308224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptngc.dll
2017-10-11 19:54 - 2017-09-29 03:38 - 000229376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scksp.dll
2017-10-11 19:54 - 2017-09-29 03:37 - 000306688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.dll
2017-10-11 19:54 - 2017-09-29 03:37 - 000038400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBrokerUI.dll
2017-10-11 19:54 - 2017-09-29 03:36 - 000590336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PCPKsp.dll
2017-10-11 19:54 - 2017-09-29 03:34 - 002859520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2017-10-11 19:54 - 2017-09-29 03:34 - 000798720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2017-10-11 19:54 - 2017-09-29 03:34 - 000787456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2017-10-11 19:54 - 2017-09-29 03:34 - 000434176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.dll
2017-10-11 19:54 - 2017-09-29 03:33 - 007598080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2017-10-11 19:54 - 2017-09-29 03:33 - 004559360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2017-10-11 19:54 - 2017-09-29 03:33 - 001506816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\quartz.dll
2017-10-11 19:54 - 2017-09-29 03:32 - 002782720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2017-10-11 19:54 - 2017-09-29 03:32 - 002340864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2017-10-11 19:54 - 2017-09-29 03:32 - 001627136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2017-10-11 19:54 - 2017-09-29 03:32 - 001244160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Phone.dll
2017-10-11 19:54 - 2017-09-29 03:32 - 000128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2017-10-11 19:54 - 2017-09-29 03:32 - 000035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BasicRender.sys
2017-10-11 19:54 - 2017-09-29 03:31 - 003107328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstsc.exe
2017-10-11 19:54 - 2017-09-29 03:29 - 001460736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_fs.dll
2017-10-11 19:54 - 2017-09-29 03:29 - 001318912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_health.dll
2017-10-11 19:54 - 2017-09-29 03:29 - 000157696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpchttp.dll
2017-10-11 19:54 - 2017-09-29 03:28 - 000681472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clusapi.dll
2017-10-11 19:54 - 2017-09-29 03:28 - 000473088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\resutils.dll
2017-10-11 19:54 - 2017-09-29 03:28 - 000297984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mcbuilder.exe
2017-10-11 19:54 - 2017-09-29 03:28 - 000104448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Robocopy.exe
2017-10-11 19:54 - 2017-09-29 03:28 - 000040448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cipher.exe
2017-10-11 19:54 - 2017-09-29 03:26 - 008213504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2017-10-11 19:54 - 2017-09-29 03:24 - 003377664 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2017-10-11 19:54 - 2017-09-29 03:21 - 000414208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2017-10-11 19:54 - 2017-09-29 03:20 - 000286208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb10.sys
2017-10-11 19:54 - 2017-09-29 01:40 - 000804312 _____ C:\WINDOWS\SysWOW64\locale.nls
2017-10-11 19:54 - 2017-09-29 01:40 - 000804312 _____ C:\WINDOWS\system32\locale.nls
2017-10-11 19:54 - 2017-09-20 11:08 - 000640512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mswstr10.dll
2017-10-11 19:54 - 2017-09-20 11:08 - 000345088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msexcl40.dll
2017-10-11 19:54 - 2017-09-20 11:08 - 000008704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjint40.dll
2017-10-11 19:54 - 2017-09-18 19:09 - 000554400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2017-10-11 19:54 - 2017-09-18 18:20 - 000049664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tetheringclient.dll
2017-10-11 19:54 - 2017-09-18 18:15 - 000648704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApiPublic.dll
2017-10-11 19:53 - 2017-09-30 01:52 - 001595152 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2017-10-11 19:53 - 2017-09-30 01:51 - 001458320 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2017-10-11 19:53 - 2017-09-30 01:51 - 001147288 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2017-10-11 19:53 - 2017-09-30 01:51 - 000661224 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2017-10-11 19:53 - 2017-09-30 01:50 - 001346112 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2017-10-11 19:53 - 2017-09-30 01:50 - 001068208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2017-10-11 19:53 - 2017-09-30 01:50 - 001024920 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2017-10-11 19:53 - 2017-09-30 01:49 - 000777400 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2017-10-11 19:53 - 2017-09-30 01:49 - 000135576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecdd.sys
2017-10-11 19:53 - 2017-09-30 01:48 - 008319384 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2017-10-11 19:53 - 2017-09-30 01:48 - 002399728 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2017-10-11 19:53 - 2017-09-30 01:48 - 002327448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2017-10-11 19:53 - 2017-09-30 01:48 - 000644696 _____ (Microsoft Corporation) C:\WINDOWS\system32\advapi32.dll
2017-10-11 19:53 - 2017-09-30 01:47 - 002969880 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreUIComponents.dll
2017-10-11 19:53 - 2017-09-30 01:47 - 001194792 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2017-10-11 19:53 - 2017-09-30 01:44 - 000712600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2017-10-11 19:53 - 2017-09-30 01:44 - 000181912 _____ (Microsoft Corporation) C:\WINDOWS\system32\sspicli.dll
2017-10-11 19:53 - 2017-09-30 01:43 - 007318888 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2017-10-11 19:53 - 2017-09-30 01:43 - 002442136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2017-10-11 19:53 - 2017-09-30 01:42 - 004848952 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2017-10-11 19:53 - 2017-09-30 01:42 - 001506712 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2017-10-11 19:53 - 2017-09-30 01:41 - 005477600 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll
2017-10-11 19:53 - 2017-09-30 01:41 - 005304496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll
2017-10-11 19:53 - 2017-09-30 01:41 - 002086808 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateAgent.dll
2017-10-11 19:53 - 2017-09-30 01:41 - 000961944 _____ (Microsoft Corporation) C:\WINDOWS\system32\efscore.dll
2017-10-11 19:53 - 2017-09-30 01:41 - 000654976 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2017-10-11 19:53 - 2017-09-30 01:41 - 000651672 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2017-10-11 19:53 - 2017-09-30 01:41 - 000259400 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotifyIcon.exe
2017-10-11 19:53 - 2017-09-30 01:41 - 000257432 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2017-10-11 19:53 - 2017-09-30 01:41 - 000228248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2017-10-11 19:53 - 2017-09-30 01:40 - 000849816 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVClient.exe
2017-10-11 19:53 - 2017-09-30 01:40 - 000724704 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2017-10-11 19:53 - 2017-09-30 01:40 - 000701336 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVCatalog.dll
2017-10-11 19:53 - 2017-09-30 01:40 - 000642680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2017-10-11 19:53 - 2017-09-30 01:40 - 000558912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.dll
2017-10-11 19:53 - 2017-09-30 01:40 - 000408984 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2017-10-11 19:53 - 2017-09-30 01:40 - 000184728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\appid.sys
2017-10-11 19:53 - 2017-09-30 01:40 - 000072944 _____ (Microsoft Corporation) C:\WINDOWS\system32\easinvoker.exe
2017-10-11 19:53 - 2017-09-30 01:39 - 021351760 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2017-10-11 19:53 - 2017-09-30 01:39 - 001694104 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVIntegration.dll
2017-10-11 19:53 - 2017-09-30 01:39 - 000203672 _____ (Microsoft Corporation) C:\WINDOWS\system32\basecsp.dll
2017-10-11 19:53 - 2017-09-30 01:38 - 007910072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2017-10-11 19:53 - 2017-09-30 01:38 - 002239136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
2017-10-11 19:53 - 2017-09-30 01:38 - 001854872 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntVirtualization.dll
2017-10-11 19:53 - 2017-09-30 01:37 - 002377112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.AppAgent.dll
2017-10-11 19:53 - 2017-09-30 01:37 - 002229144 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystems64.dll
2017-10-11 19:53 - 2017-09-30 01:37 - 001464728 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystemController.dll
2017-10-11 19:53 - 2017-09-30 01:36 - 000855960 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVOrchestration.dll
2017-10-11 19:53 - 2017-09-30 01:36 - 000675224 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVPublishing.dll
2017-10-11 19:53 - 2017-09-30 01:36 - 000057976 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsass.exe
2017-10-11 19:53 - 2017-09-29 22:10 - 001150776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ucrtbase.dll
2017-10-11 19:53 - 2017-09-29 03:46 - 023678976 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2017-10-11 19:53 - 2017-09-29 03:39 - 020511232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2017-10-11 19:53 - 2017-09-29 03:39 - 011888640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2017-10-11 19:53 - 2017-09-29 03:36 - 019337216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2017-10-11 19:53 - 2017-09-29 03:35 - 003654656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2017-10-11 19:53 - 2017-09-29 03:34 - 017370624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2017-10-11 19:53 - 2017-09-29 03:34 - 006255616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2017-10-11 19:53 - 2017-09-29 03:34 - 003669504 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2017-10-11 19:53 - 2017-09-29 03:33 - 000658944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2017-10-11 19:53 - 2017-09-29 03:33 - 000175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\t2embed.dll
2017-10-11 19:53 - 2017-09-29 03:32 - 002199552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2017-10-11 19:53 - 2017-09-29 03:32 - 000209920 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreenps.dll
2017-10-11 19:53 - 2017-09-29 03:32 - 000087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\usoapi.dll
2017-10-11 19:53 - 2017-09-29 03:32 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2017-10-11 19:53 - 2017-09-29 03:32 - 000029184 _____ (Microsoft Corporation) C:\WINDOWS\system32\sspisrv.dll
2017-10-11 19:53 - 2017-09-29 03:32 - 000023040 _____ (Microsoft Corporation) C:\WINDOWS\system32\mgmtapi.dll
2017-10-11 19:53 - 2017-09-29 03:31 - 000306176 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2017-10-11 19:53 - 2017-09-29 03:31 - 000168448 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2017-10-11 19:53 - 2017-09-29 03:31 - 000113152 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll
2017-10-11 19:53 - 2017-09-29 03:31 - 000057344 _____ (Microsoft Corporation) C:\WINDOWS\system32\efssvc.dll
2017-10-11 19:53 - 2017-09-29 03:31 - 000052736 _____ (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll
2017-10-11 19:53 - 2017-09-29 03:30 - 023686144 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2017-10-11 19:53 - 2017-09-29 03:30 - 007931392 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2017-10-11 19:53 - 2017-09-29 03:30 - 000529408 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2017-10-11 19:53 - 2017-09-29 03:30 - 000179200 _____ (Microsoft Corporation) C:\WINDOWS\system32\BitLockerCsp.dll
2017-10-11 19:53 - 2017-09-29 03:30 - 000064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2017-10-11 19:53 - 2017-09-29 03:30 - 000043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmTasks.dll
2017-10-11 19:53 - 2017-09-29 03:29 - 008333312 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2017-10-11 19:53 - 2017-09-29 03:29 - 000724992 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2017-10-11 19:53 - 2017-09-29 03:29 - 000550400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys
2017-10-11 19:53 - 2017-09-29 03:29 - 000461824 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll
2017-10-11 19:53 - 2017-09-29 03:29 - 000433152 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll
2017-10-11 19:53 - 2017-09-29 03:29 - 000304640 _____ (Microsoft Corporation) C:\WINDOWS\system32\dusmsvc.dll
2017-10-11 19:53 - 2017-09-29 03:29 - 000102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2017-10-11 19:53 - 2017-09-29 03:29 - 000083456 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpdbusenum.dll
2017-10-11 19:53 - 2017-09-29 03:29 - 000052736 _____ (Microsoft Corporation) C:\WINDOWS\system32\ServiceWorkerHost.exe
2017-10-11 19:53 - 2017-09-29 03:28 - 000699904 _____ (Microsoft Corporation) C:\WINDOWS\system32\FlightSettings.dll
2017-10-11 19:53 - 2017-09-29 03:28 - 000556032 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmCoreProvisioning.dll
2017-10-11 19:53 - 2017-09-29 03:28 - 000527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2017-10-11 19:53 - 2017-09-29 03:28 - 000458752 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnr.dll
2017-10-11 19:53 - 2017-09-29 03:28 - 000256000 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2017-10-11 19:53 - 2017-09-29 03:28 - 000254976 _____ (Microsoft Corporation) C:\WINDOWS\system32\scksp.dll
2017-10-11 19:53 - 2017-09-29 03:27 - 012803072 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2017-10-11 19:53 - 2017-09-29 03:27 - 001321984 ____R (The ICU Project) C:\WINDOWS\system32\icuuc.dll
2017-10-11 19:53 - 2017-09-29 03:27 - 000616960 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowManagement.dll
2017-10-11 19:53 - 2017-09-29 03:27 - 000565760 _____ (Microsoft Corporation) C:\WINDOWS\system32\webio.dll
2017-10-11 19:53 - 2017-09-29 03:27 - 000538624 _____ (Microsoft Corporation) C:\WINDOWS\system32\FirewallAPI.dll
2017-10-11 19:53 - 2017-09-29 03:27 - 000524800 _____ (Microsoft Corporation) C:\WINDOWS\system32\TileDataRepository.dll
2017-10-11 19:53 - 2017-09-29 03:27 - 000412160 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2017-10-11 19:53 - 2017-09-29 03:27 - 000409600 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptngc.dll
2017-10-11 19:53 - 2017-09-29 03:27 - 000350720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.dll
2017-10-11 19:53 - 2017-09-29 03:26 - 002809344 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2017-10-11 19:53 - 2017-09-29 03:26 - 001468928 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2017-10-11 19:53 - 2017-09-29 03:26 - 001269760 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2017-10-11 19:53 - 2017-09-29 03:26 - 001197568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.CommonBridge.dll
2017-10-11 19:53 - 2017-09-29 03:26 - 001141760 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplySettingsTemplateCatalog.exe
2017-10-11 19:53 - 2017-09-29 03:26 - 000772096 _____ (Microsoft Corporation) C:\WINDOWS\system32\PCPKsp.dll
2017-10-11 19:53 - 2017-09-29 03:26 - 000356864 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapibase.dll
2017-10-11 19:53 - 2017-09-29 03:26 - 000045056 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBrokerUI.dll
2017-10-11 19:53 - 2017-09-29 03:25 - 008199168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2017-10-11 19:53 - 2017-09-29 03:25 - 004175872 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2017-10-11 19:53 - 2017-09-29 03:25 - 002760704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.UnifiedTile.CuratedTileCollections.dll
2017-10-11 19:53 - 2017-09-29 03:25 - 000586240 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll
2017-10-11 19:53 - 2017-09-29 03:24 - 003307008 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2017-10-11 19:53 - 2017-09-29 03:24 - 002503680 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2017-10-11 19:53 - 2017-09-29 03:24 - 001886208 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2017-10-11 19:53 - 2017-09-29 03:24 - 001628672 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataService.dll
2017-10-11 19:53 - 2017-09-29 03:24 - 001307648 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2017-10-11 19:53 - 2017-09-29 03:24 - 001201664 _____ (Microsoft Corporation) C:\WINDOWS\system32\AgentService.exe
2017-10-11 19:53 - 2017-09-29 03:24 - 000684032 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2017-10-11 19:53 - 2017-09-29 03:23 - 005557760 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2017-10-11 19:53 - 2017-09-29 03:23 - 004730368 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2017-10-11 19:53 - 2017-09-29 03:23 - 003140096 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2017-10-11 19:53 - 2017-09-29 03:23 - 002730496 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreen.exe
2017-10-11 19:53 - 2017-09-29 03:23 - 002446336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2017-10-11 19:53 - 2017-09-29 03:23 - 002195968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.ModernAppAgent.dll
2017-10-11 19:53 - 2017-09-29 03:23 - 002055680 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2017-10-11 19:53 - 2017-09-29 03:23 - 001887744 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2017-10-11 19:53 - 2017-09-29 03:23 - 001605632 _____ (Microsoft Corporation) C:\WINDOWS\system32\quartz.dll
2017-10-11 19:53 - 2017-09-29 03:23 - 001460224 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2017-10-11 19:53 - 2017-09-29 03:23 - 001398784 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2017-10-11 19:53 - 2017-09-29 03:23 - 001052672 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2017-10-11 19:53 - 2017-09-29 03:23 - 000986624 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2017-10-11 19:53 - 2017-09-29 03:23 - 000972288 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2017-10-11 19:53 - 2017-09-29 03:23 - 000841216 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2017-10-11 19:53 - 2017-09-29 03:23 - 000756224 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2017-10-11 19:53 - 2017-09-29 03:23 - 000647168 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2017-10-11 19:53 - 2017-09-29 03:23 - 000512000 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.dll
2017-10-11 19:53 - 2017-09-29 03:22 - 002829824 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2017-10-11 19:53 - 2017-09-29 03:22 - 001802240 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2017-10-11 19:53 - 2017-09-29 03:22 - 001438208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Phone.dll
2017-10-11 19:53 - 2017-09-29 03:22 - 000407040 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2017-10-11 19:53 - 2017-09-29 03:21 - 003304448 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstsc.exe
2017-10-11 19:53 - 2017-09-29 03:21 - 000722944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2017-10-11 19:53 - 2017-09-29 03:21 - 000476160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2017-10-11 19:53 - 2017-09-29 03:21 - 000324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
2017-10-11 19:53 - 2017-09-29 03:21 - 000154624 _____ (Microsoft Corporation) C:\WINDOWS\system32\regsvc.dll
2017-10-11 19:53 - 2017-09-29 03:21 - 000147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\TabSvc.dll
2017-10-11 19:53 - 2017-09-29 03:21 - 000124928 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputLocaleManager.dll
2017-10-11 19:53 - 2017-09-29 03:20 - 001811456 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_health.dll
2017-10-11 19:53 - 2017-09-29 03:20 - 000804864 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvewiz.dll
2017-10-11 19:53 - 2017-09-29 03:20 - 000385536 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdesvc.dll
2017-10-11 19:53 - 2017-09-29 03:20 - 000194560 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpchttp.dll
2017-10-11 19:53 - 2017-09-29 03:20 - 000150016 _____ (Microsoft Corporation) C:\WINDOWS\system32\iscsiexe.dll
2017-10-11 19:53 - 2017-09-29 03:19 - 002088448 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_fs.dll
2017-10-11 19:53 - 2017-09-29 03:19 - 000325120 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvecpl.dll
2017-10-11 19:53 - 2017-09-29 03:19 - 000306176 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveui.dll
2017-10-11 19:53 - 2017-09-29 03:19 - 000208896 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscsvc.dll
2017-10-11 19:53 - 2017-09-29 03:18 - 002438656 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll
2017-10-11 19:53 - 2017-09-29 03:18 - 001527296 _____ (Microsoft Corporation) C:\WINDOWS\system32\RecoveryDrive.exe
2017-10-11 19:53 - 2017-09-29 03:18 - 000893440 _____ (Microsoft Corporation) C:\WINDOWS\system32\clusapi.dll
2017-10-11 19:53 - 2017-09-29 03:18 - 000603136 _____ (Microsoft Corporation) C:\WINDOWS\system32\resutils.dll
2017-10-11 19:53 - 2017-09-29 03:18 - 000364032 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdechangepin.exe
2017-10-11 19:53 - 2017-09-29 03:18 - 000347648 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcbuilder.exe
2017-10-11 19:53 - 2017-09-29 03:18 - 000215040 _____ (Microsoft Corporation) C:\WINDOWS\system32\manage-bde.exe
2017-10-11 19:53 - 2017-09-29 03:18 - 000141312 _____ (Microsoft Corporation) C:\WINDOWS\system32\BitLockerDeviceEncryption.exe
2017-10-11 19:53 - 2017-09-29 03:18 - 000130048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Robocopy.exe
2017-10-11 19:53 - 2017-09-29 03:18 - 000046592 _____ (Microsoft Corporation) C:\WINDOWS\system32\cipher.exe
2017-10-11 19:53 - 2017-09-18 19:20 - 001065104 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2017-10-11 19:53 - 2017-09-18 19:20 - 000900376 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2017-10-11 19:53 - 2017-09-18 19:18 - 000965024 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.efi
2017-10-11 19:53 - 2017-09-18 19:17 - 001395664 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2017-10-11 19:53 - 2017-09-18 19:17 - 001186464 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2017-10-11 19:53 - 2017-09-18 19:17 - 000821664 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.exe
2017-10-11 19:53 - 2017-09-18 19:11 - 001018272 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2017-10-11 19:53 - 2017-09-18 18:26 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringclient.dll
2017-10-11 19:53 - 2017-09-18 18:25 - 000117248 _____ (Microsoft Corporation) C:\WINDOWS\system32\eShims.dll
2017-10-11 19:53 - 2017-09-18 18:23 - 000210432 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringservice.dll
2017-10-11 19:53 - 2017-09-18 18:20 - 000831488 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApiPublic.dll
2017-10-11 16:02 - 2015-03-02 00:54 - 000011776 _____ C:\Users\Xnitro67\Desktop\SFSfix.exe
2017-10-11 15:33 - 2017-10-11 15:33 - 000012269 _____ C:\Users\Xnitro67\Downloads\[katcr.co]Truecaller - Caller ID SMS Spam blocking & Dialer v8.50 Pro Apk [CracksMInd].torrent
2017-10-11 02:36 - 2017-10-11 02:36 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Plex Media Server
2017-10-10 21:33 - 2017-10-10 21:33 - 126925120 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT-KB890830.exe
2017-10-10 20:37 - 2017-10-10 20:37 - 000019758 _____ C:\Users\Xnitro67\Downloads\[katcr.co]Rick.and.Morty.Virtual.Rick.ality.rar.torrent
2017-10-10 20:35 - 2017-10-10 20:35 - 000015164 _____ C:\Users\Xnitro67\Downloads\[katcr.co]Rick and Morty Season 3 Complete 720p HDTV x264 [i_c].torrent
2017-10-10 00:49 - 2017-10-10 00:49 - 000100395 _____ C:\Users\Xnitro67\Downloads\[katcr.co]War.for.the.Planet.of.the.Apes.2017.1080p.WEB-DL.DD5.1.H264-FGT-[rarbg.to].torrent
2017-10-08 15:35 - 2017-10-08 15:35 - 000000750 _____ C:\Users\Xnitro67\Downloads\[katcr.co]Wifi WPS Unlocker v2.2.3 [Unlocked]-[android] - MrCracks.com.apk.zip.torrent
2017-10-05 14:58 - 2017-11-01 20:51 - 000045504 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2017-10-05 14:58 - 2017-11-01 19:23 - 000252232 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2017-10-05 14:58 - 2017-10-10 05:21 - 000192952 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2017-10-03 17:27 - 2017-10-03 17:45 - 068180675 _____ C:\Users\Xnitro67\Downloads\Facebook-144.0.0.0.26-Mod.apk
2017-10-02 13:42 - 2017-10-03 17:18 - 000000000 ____D C:\Users\Xnitro67\Downloads\Top Paid  Android Apps Of September
2017-10-02 13:33 - 2017-10-02 13:33 - 000024141 _____ C:\Users\Xnitro67\Downloads\[katcr.co]Top Paid  Android Apps Of September.torrent
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2017-11-01 20:56 - 2017-03-18 07:40 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2017-11-01 20:54 - 2017-04-14 23:38 - 000076504 _____ (AppWork GmbH) C:\Users\Xnitro67\Downloads\JDownloader2_Clean_Installer.exe
2017-11-01 20:54 - 2017-02-14 00:27 - 001180736 _____ (Microsoft Corporation) C:\Users\Xnitro67\Downloads\sdksetup.exe
2017-11-01 20:52 - 2016-10-27 09:40 - 000000000 ____D C:\Users\Xnitro67\AppData\Roaming\discord
2017-11-01 20:52 - 2016-10-26 21:07 - 000000000 ____D C:\Users\Xnitro67\AppData\Local\Sidebar7
2017-11-01 20:51 - 2017-09-27 23:55 - 000110016 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2017-11-01 20:51 - 2017-08-11 19:00 - 000000000 ____D C:\ProgramData\NVIDIA
2017-11-01 20:51 - 2017-07-19 14:51 - 000000000 ____D C:\Users\Xnitro67\Desktop\bin
2017-11-01 20:51 - 2017-03-18 07:40 - 001572864 _____ C:\WINDOWS\system32\config\BBI
2017-11-01 20:51 - 2016-11-08 20:07 - 000026192 ____N (Windows ® Server 2003 DDK provider) C:\WINDOWS\gdrv.sys
2017-11-01 20:50 - 2016-10-27 09:34 - 000000000 ____D C:\Users\Xnitro67\AppData\Roaming\DMCache
2017-11-01 20:48 - 2017-08-11 18:59 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2017-11-01 19:35 - 2016-10-27 09:34 - 000000000 ____D C:\Users\Xnitro67\Downloads\Compressed
2017-11-01 19:33 - 2017-03-15 02:44 - 002500096 _____ (rejetto) C:\Users\Xnitro67\Desktop\hfs.exe
2017-11-01 19:32 - 2017-08-19 00:41 - 000000000 ____D C:\Users\Xnitro67\AppData\LocalLow\Mozilla
2017-11-01 19:32 - 2017-08-11 19:06 - 000003416 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2017-11-01 19:32 - 2017-08-11 19:06 - 000003292 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2017-11-01 19:31 - 2017-08-11 19:06 - 000002876 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2017-11-01 19:31 - 2016-10-27 08:41 - 000000000 ____D C:\Users\Xnitro67\AppData\Local\CrashDumps
2017-11-01 19:29 - 2017-08-11 19:06 - 001593184 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-11-01 19:29 - 2017-07-05 13:12 - 000130048 _____ C:\Users\Xnitro67\Desktop\x64launcher.exe
2017-11-01 19:28 - 2017-03-18 17:03 - 000000000 ____D C:\WINDOWS\AppReadiness
2017-11-01 19:28 - 2017-03-18 17:01 - 000000000 ____D C:\WINDOWS\INF
2017-11-01 19:22 - 2016-10-26 21:14 - 000000000 ____D C:\Users\Xnitro67\AppData\Roaming\BitTorrent
2017-11-01 19:11 - 2016-10-27 08:56 - 000000000 ____D C:\ProgramData\Package Cache
2017-11-01 18:34 - 2017-08-19 00:41 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-11-01 18:18 - 2016-10-27 09:34 - 000000000 ____D C:\Users\Xnitro67\AppData\Roaming\IDM
2017-11-01 18:13 - 2016-10-27 08:16 - 000000000 ____D C:\Users\Xnitro67\AppData\Roaming\MPC-HC
2017-11-01 17:54 - 2017-08-19 00:41 - 000000000 ____D C:\Program Files\Mozilla Firefox
2017-11-01 17:13 - 2017-04-06 23:43 - 000000000 ____D C:\Users\Xnitro67\AppData\Roaming\TS3Client
2017-11-01 15:50 - 2017-08-11 19:06 - 000003148 _____ C:\WINDOWS\System32\Tasks\MSIAfterburner
2017-11-01 15:47 - 2017-01-05 19:00 - 000204534 _____ C:\Users\Xnitro67\Documents\Update_v5.0.3.4.exe
2017-11-01 14:11 - 2016-10-27 09:43 - 000000000 ____D C:\Users\Xnitro67\AppData\Local\Nox
2017-11-01 14:05 - 2017-08-11 10:45 - 000000000 ____D C:\Users\Xnitro67\.BigNox
2017-11-01 14:05 - 2016-10-27 09:49 - 000000000 ____D C:\Users\Xnitro67\.android
2017-11-01 14:05 - 2016-10-27 09:43 - 000000000 ____D C:\Users\Xnitro67\vmlogs
2017-10-31 22:52 - 2017-03-18 17:03 - 000000000 ___HD C:\Program Files\WindowsApps
2017-10-31 18:02 - 2016-10-27 09:12 - 000000000 ____D C:\Program Files (x86)\Origin
2017-10-31 03:09 - 2016-10-27 08:52 - 000000000 ____D C:\Program Files (x86)\Google
2017-10-30 11:10 - 2016-12-01 16:06 - 000000000 ____D C:\Users\Xnitro67\AppData\Roaming\Mp3tag
2017-10-29 19:18 - 2017-08-11 19:00 - 000000000 ____D C:\Users\Xnitro67
2017-10-29 14:09 - 2016-10-27 09:12 - 000000000 ____D C:\Users\Xnitro67\AppData\Local\Battle.net
2017-10-28 23:17 - 2016-10-27 09:19 - 000000000 ____D C:\Users\Xnitro67\AppData\Local\NVIDIA
2017-10-28 01:41 - 2016-10-27 09:12 - 000000000 ____D C:\Users\Xnitro67\AppData\Local\Blizzard Entertainment
2017-10-27 23:28 - 2017-01-05 18:43 - 000000000 ____D C:\Users\Xnitro67\GT-GH3
2017-10-27 23:08 - 2016-10-27 09:11 - 000000000 ____D C:\Program Files (x86)\Battle.net
2017-10-27 21:03 - 2017-03-18 16:51 - 000000000 ____D C:\WINDOWS\CbsTemp
2017-10-27 19:47 - 2017-09-26 02:35 - 000000000 ____D C:\temp
2017-10-27 19:47 - 2016-10-27 09:20 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2017-10-27 19:46 - 2017-08-11 19:00 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2017-10-27 19:46 - 2017-08-11 19:00 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2017-10-27 19:46 - 2017-08-11 19:00 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2017-10-27 19:46 - 2016-10-27 09:49 - 000000000 ____D C:\Users\Xnitro67\AppData\Roaming\NVIDIA
2017-10-27 19:25 - 2016-10-27 16:59 - 000000000 ____D C:\Users\Xnitro67\AppData\Roaming\obs-studio
2017-10-27 19:02 - 2016-10-27 17:21 - 000001489 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2017-10-27 19:01 - 2017-08-11 19:06 - 000004308 _____ C:\WINDOWS\System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-10-27 19:01 - 2017-08-11 19:06 - 000004000 _____ C:\WINDOWS\System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-10-27 19:01 - 2017-08-11 19:06 - 000003940 _____ C:\WINDOWS\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-10-27 19:01 - 2017-08-11 19:06 - 000003894 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-10-27 19:01 - 2017-08-11 19:06 - 000003866 _____ C:\WINDOWS\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-10-27 19:01 - 2017-08-11 19:06 - 000003858 _____ C:\WINDOWS\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-10-27 19:01 - 2017-08-11 19:06 - 000003696 _____ C:\WINDOWS\System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-10-27 19:01 - 2017-08-11 19:06 - 000003654 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-10-26 20:56 - 2016-11-13 00:48 - 000000000 ____D C:\Users\Xnitro67\AppData\Local\ElevatedDiagnostics
2017-10-25 19:48 - 2017-04-06 23:43 - 000000000 ____D C:\Program Files\TeamSpeak 3 Client
2017-10-24 04:58 - 2016-10-27 08:28 - 000000000 ____D C:\Users\Xnitro67\AppData\Local\Packages
2017-10-23 14:50 - 2017-08-04 00:09 - 000000000 ____D C:\Program Files (x86)\Net Tools
2017-10-23 14:33 - 2017-03-18 17:03 - 000000000 ____D C:\WINDOWS\security
2017-10-22 21:06 - 2016-11-21 22:45 - 000000000 ____D C:\Users\Xnitro67\AppData\Roaming\Audacity
2017-10-22 14:35 - 2017-07-27 22:52 - 000000000 ___DC C:\WINDOWS\Panther
2017-10-21 14:57 - 2016-10-27 09:14 - 000000000 ____D C:\Users\Xnitro67\AppData\Roaming\Origin
2017-10-21 14:57 - 2016-10-27 09:12 - 000000000 ____D C:\ProgramData\Origin
2017-10-15 21:50 - 2017-03-18 17:03 - 000000000 ____D C:\WINDOWS\rescache
2017-10-15 18:30 - 2016-10-02 16:27 - 000000000 __RHD C:\Users\Public\AccountPictures
2017-10-15 17:16 - 2017-08-11 18:59 - 005069656 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-10-15 17:15 - 2017-03-18 17:03 - 000230400 _____ (Microsoft Corporation) C:\WINDOWS\system32\msclmd.dll
2017-10-15 17:15 - 2017-03-18 17:03 - 000207872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msclmd.dll
2017-10-15 17:15 - 2017-03-18 17:03 - 000000000 ____D C:\WINDOWS\ShellExperiences
2017-10-15 17:15 - 2017-03-18 17:03 - 000000000 ____D C:\WINDOWS\Provisioning
2017-10-15 17:15 - 2017-03-18 17:03 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2017-10-12 20:21 - 2017-03-18 17:06 - 000835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2017-10-12 20:21 - 2017-03-18 17:06 - 000177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2017-10-12 17:38 - 2017-06-15 08:05 - 000057792 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvhci.sys
2017-10-12 17:38 - 2017-05-19 18:03 - 001615472 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdagenco6420103.dll
2017-10-12 17:38 - 2017-05-19 18:03 - 000225208 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhda64v.sys
2017-10-12 17:38 - 2017-05-19 17:47 - 004482792 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2017-10-12 17:38 - 2017-05-19 17:47 - 003816560 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2017-10-12 17:38 - 2017-05-19 14:22 - 000048442 _____ C:\WINDOWS\system32\nvinfo.pb
2017-10-12 17:38 - 2017-03-18 22:31 - 000437696 _____ (Khronos Group) C:\WINDOWS\SysWOW64\opencl.dll
2017-10-12 16:25 - 2017-08-11 19:00 - 000001951 _____ C:\WINDOWS\NvContainerRecovery.bat
2017-10-12 15:55 - 2017-08-11 19:00 - 005960824 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2017-10-12 15:55 - 2017-08-11 19:00 - 002587584 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2017-10-12 15:55 - 2017-08-11 19:00 - 001766520 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2017-10-12 15:55 - 2017-08-11 19:00 - 000607352 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2017-10-12 15:55 - 2017-08-11 19:00 - 000449472 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2017-10-12 15:55 - 2017-08-11 19:00 - 000122816 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2017-10-12 15:55 - 2017-08-11 19:00 - 000081856 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2017-10-12 15:54 - 2017-08-11 19:00 - 007799931 _____ C:\WINDOWS\system32\nvcoproc.bin
2017-10-10 21:35 - 2016-10-26 23:08 - 000000000 ____D C:\WINDOWS\system32\MRT
2017-10-10 21:33 - 2016-10-26 23:08 - 126925120 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-10-10 21:32 - 2016-07-16 07:47 - 000000264 _____ C:\WINDOWS\win.ini
2017-10-10 21:05 - 2017-06-15 08:05 - 000186304 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvaudcap64v.dll
2017-10-10 21:05 - 2017-06-15 08:05 - 000152512 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvaudcap32v.dll
2017-10-10 21:05 - 2017-06-15 08:05 - 000050624 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvad64v.sys
2017-10-10 21:05 - 2016-10-27 17:21 - 001796032 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll
2017-10-10 21:05 - 2016-10-27 17:21 - 001577920 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll
2017-10-10 21:05 - 2016-10-27 17:21 - 000918976 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvRtmpStreamer64.dll
2017-10-10 19:26 - 2017-02-14 21:26 - 000001951 _____ C:\WINDOWS\NvTelemetryContainerRecovery.bat
2017-10-10 05:21 - 2017-09-27 23:54 - 000077440 _____ C:\WINDOWS\system32\Drivers\mbae64.sys
 
==================== Files in the root of some directories =======
 
2017-04-21 22:02 - 2017-04-21 22:02 - 000000030 _____ () C:\Users\Xnitro67\AppData\Roaming\alsoft.ini
2016-11-10 20:49 - 2017-04-02 14:28 - 000003284 _____ () C:\Users\Xnitro67\AppData\Roaming\glide_wrapper.zbag.ini
2017-06-08 21:35 - 2017-06-08 21:35 - 000001167 _____ () C:\Users\Xnitro67\AppData\Roaming\trace_FilterInstaller.1.txt
2017-06-08 21:35 - 2017-07-18 19:13 - 000000905 _____ () C:\Users\Xnitro67\AppData\Roaming\trace_FilterInstaller.txt
2017-06-08 21:35 - 2017-07-18 19:13 - 000000000 _____ () C:\Users\Xnitro67\AppData\Roaming\trace_FilterInstaller.txt-CRT.txt
2017-04-26 21:08 - 2017-04-26 21:08 - 000001626 _____ () C:\Users\Xnitro67\AppData\Local\auto_install.bat
2017-02-03 16:38 - 2017-02-03 16:38 - 000001521 _____ () C:\Users\Xnitro67\AppData\Local\Ayuda.html
2017-04-26 21:08 - 2017-04-26 21:08 - 000001288 _____ () C:\Users\Xnitro67\AppData\Local\cc.bat
2017-04-26 21:08 - 2017-04-26 21:08 - 000001481 _____ () C:\Users\Xnitro67\AppData\Local\dc.bat
2016-10-27 09:00 - 2017-07-13 16:41 - 000000000 _____ () C:\Users\Xnitro67\AppData\Local\Driver_LOM_8171Present.flag
2017-02-03 16:38 - 2017-02-03 16:38 - 000213590 _____ () C:\Users\Xnitro67\AppData\Local\Instalaste_Java.jar
2017-05-13 23:32 - 2017-05-13 23:32 - 000000820 _____ () C:\Users\Xnitro67\AppData\Local\Nox_crash.log
2016-12-27 23:27 - 2016-12-27 23:27 - 000002453 _____ () C:\Users\Xnitro67\AppData\Local\settings.dat
2017-11-01 19:17 - 2017-11-01 19:17 - 000046860 _____ () C:\ProgramData\agent.1509578231.bdinstall.bin
2017-11-01 19:17 - 2017-11-01 19:17 - 000028401 _____ () C:\ProgramData\agent.1509578251.bdinstall.bin
2017-11-01 19:29 - 2017-11-01 19:29 - 000029983 _____ () C:\ProgramData\agent.update.1509578937.bdinstall.bin
2017-11-01 19:27 - 2017-11-01 19:27 - 000450951 _____ () C:\ProgramData\cl.1509578767.bdinstall.bin
2017-11-01 19:30 - 2017-11-01 19:30 - 000057196 _____ () C:\ProgramData\dm.1509579025.bdinstall.bin
2017-03-26 18:48 - 2017-03-26 18:48 - 000000016 _____ () C:\ProgramData\mntemp
2017-03-26 18:48 - 2017-03-26 18:48 - 000004159 _____ () C:\ProgramData\mudtcpaz.vzs
 
==================== Bamital & volsnap ======================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
 
LastRegBack: 2017-11-01 19:44
 
==================== End of FRST.txt ============================

 

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 01-11-2017

Ran by Xnitro67 (01-11-2017 20:56:43)
Running from C:\Users\Xnitro67\Desktop
Windows 10 Pro Version 1703 15063.674 (X64) (2017-08-12 07:13:02)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-3172090819-3694119697-3185588401-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3172090819-3694119697-3185588401-503 - Limited - Disabled)
defaultuser0 (S-1-5-21-3172090819-3694119697-3185588401-1001 - Limited - Disabled) => C:\Users\defaultuser0.DESKTOP-HVMKACA
fraye (S-1-5-21-3172090819-3694119697-3185588401-1003 - Administrator - Enabled) => C:\Users\fraye
Guest (S-1-5-21-3172090819-3694119697-3185588401-501 - Limited - Disabled)
Xnitro67 (S-1-5-21-3172090819-3694119697-3185588401-1002 - Administrator - Enabled) => C:\Users\Xnitro67
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AV: Bitdefender Antivirus (Enabled - Up to date) {3FB17364-4FCC-0FA7-6BBF-973897395371}
AS: Bitdefender Antispyware (Enabled - Up to date) {84D09280-69F6-0029-510F-AC4AECBE19CC}
AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Bitdefender Firewall (Enabled) {078AF241-05A3-0EFF-40E0-3E0D69EA140A}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
@BIOS B16.1205.1 (HKLM-x32\...\{C9D46F25-5F9D-4E25-B24F-BC00E9EDF529}) (Version: 3.00.0000 - GIGABYTE) Hidden
@BIOS B16.1205.1 (HKLM-x32\...\InstallShield_{C9D46F25-5F9D-4E25-B24F-BC00E9EDF529}) (Version: 3.00.0000 - GIGABYTE)
3DOSD (HKLM-x32\...\{F0D1FAA5-F9F8-4524-9B65-A5BFDDD5A29B}) (Version: 1.00.0023 - GIGABYTE) Hidden
3DOSD (HKLM-x32\...\InstallShield_{F0D1FAA5-F9F8-4524-9B65-A5BFDDD5A29B}) (Version: 1.00.0023 - GIGABYTE)
7-Zip 17.00 beta (x64) (HKLM\...\7-Zip) (Version: 17.00 beta - Igor Pavlov)
8GadgetPack (HKLM-x32\...\{35C86AEB-A4C6-49E3-90B7-245F2C7FDEC7}) (Version: 21.0.0 - 8GadgetPack.net)
Adobe After Effects CC 2017 (HKLM-x32\...\AEFT_14_1_0) (Version: 14.1.0 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 3.9.5.353 - Adobe Systems Incorporated)
Advanced BAT to EXE Converter PRO v2.91 (HKLM-x32\...\Advanced BAT to EXE Converter PRO v2.91) (Version:  - )
Advanced BAT to EXE Converter v4.07 (HKLM-x32\...\Advanced BAT to EXE Converter v4.07) (Version:  - )
AE CC x64 (HKLM\...\{672FEEBA-F29C-4363-A8D0-8EBA61265B88}) (Version: 1.0.0000 - Adobe Systems Incorporated) Hidden
After Dark (HKLM-x32\...\After Dark) (Version:  - )
AIDA64 Extreme v5.80 (HKLM-x32\...\AIDA64 Extreme_is1) (Version: 5.80 - FinalWire Ltd.)
Aiseesoft HD Video Converter 8.1.18 (HKLM-x32\...\{3039577D-975E-42fc-89FC-2F1FF42F3FCA}_is1) (Version: 8.1.18 - Aiseesoft Studio)
Aiseesoft Total Video Converter 9.0.6 (HKLM-x32\...\{E09CEBAA-4435-4404-8D82-4C029F6391E4}_is1) (Version: 9.0.6 - Aiseesoft Studio)
Ambient LED (HKLM-x32\...\{BEF97B38-D1B8-45B4-A60A-AF5C1556CC72}) (Version: 1.00.1605.1801 - GIGABYTE) Hidden
Ambient LED (HKLM-x32\...\InstallShield_{BEF97B38-D1B8-45B4-A60A-AF5C1556CC72}) (Version: 1.00.1605.1801 - GIGABYTE)
Ansel (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Ansel) (Version: 388.00 - NVIDIA Corporation) Hidden
Apache CouchDB (HKLM\...\{4CD776E0-FADF-4831-AF56-E80E39F34CFC}) (Version: 2.0.0.1 - The Apache Software Foundation)
APP Center (HKLM-x32\...\{D50BEE9A-0EC6-4A58-BF90-35BDC6D6495D}) (Version: 3.17.0913.1 - GIGABYTE) Hidden
APP Center (HKLM-x32\...\InstallShield_{D50BEE9A-0EC6-4A58-BF90-35BDC6D6495D}) (Version: 3.17.0913.1 - GIGABYTE)
Application Verifier x64 External Package (HKLM\...\{AB5E83C8-0175-0A1F-338A-EB8925AFC341}) (Version: 10.1.14393.795 - Microsoft) Hidden
Audacity 2.1.1 (HKLM-x32\...\Audacity®_is1) (Version: 2.1.1 - Audacity Team)
AutoPlay Menu Designer 4.4 (HKLM-x32\...\AutoPlay Menu Designer_is1) (Version:  - Visual Designing)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.3.0 - EA Digital Illusions CE AB)
Bitdefender Agent (HKLM\...\Bitdefender Agent) (Version: 21.0.21.970 - Bitdefender)
Bitdefender Device Management (HKLM\...\Bitdefender Device Management) (Version: 22.0.10.141 - Bitdefender)
Bitdefender Total Security 2017 (HKLM\...\Bitdefender) (Version: 21.0.25.92 - Bitdefender)
BitTorrent (HKU\S-1-5-21-3172090819-3694119697-3185588401-1002\...\BitTorrent) (Version: 7.9.9.42924 - BitTorrent Inc.)
Brutal Legend © Update 2 - Double Fine Production version 1 (HKLM-x32\...\QnJ1dGFsIExlZ2VuZCAoYykgVXBkYXRlIDIgLSBEb3VibGUg~17A98CC1_is1) (Version: 1 - )
Brutal Legend Update 14 © Double Fine Prod. version RLD! (HKLM-x32\...\QnJ1dGFsTGVnZW5k_is1) (Version: RLD! - )
Brutal Legend Update 3 © Double Fine Production version 1 (HKLM-x32\...\QnJ1dGFsIExlZ2VuZCBVcGRhdGUgMyAoYykgRG91YmxlIEZp~D5C821EC_is1) (Version: 1 - )
Brutal Legend Update 4 to 8 © Double Fine version 1 (HKLM-x32\...\QnJ1dGFsIExlZ2VuZCBVcGRhdGUgNCB0byA4IChjKSBEb3Vi~37651F7C_is1) (Version: 1 - )
Brutal Legend Update 9-13 © Double Fine Prod. version 1 (HKLM-x32\...\QnJ1dGFsIExlZ2VuZCBVcGRhdGUgOS0xMyAoYykgRG91Ymxl~0C227998_is1) (Version: 1 - )
Brutal Legend version 1 (HKLM-x32\...\QnJ1dGFsIExlZ2VuZA==_is1) (Version: 1 - )
BUSB (HKLM-x32\...\{0AADC50C-C4F8-49A7-8699-AFE46875CA67}) (Version: 1.16.1020.1 - GIGABYTE)
CameraHelperMsi (HKLM-x32\...\{15634701-BACE-4449-8B25-1567DA8C9FD3}) (Version: 13.51.815.0 - Logitech) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.25 - Piriform)
Chrome Remote Desktop Host (HKLM-x32\...\{3F95FA39-23FC-4570-86B3-E2057F5F7C3E}) (Version: 63.0.3239.17 - Google Inc.)
CloudStation (HKLM-x32\...\{6D8DA122-A40A-421B-9D95-FE4C806BCDBE}) (Version: 1.00.0021 - GIGABYTE) Hidden
CloudStation (HKLM-x32\...\InstallShield_{6D8DA122-A40A-421B-9D95-FE4C806BCDBE}) (Version: 1.00.0021 - GIGABYTE)
CM Storm Mizar Gaming Mouse (HKLM-x32\...\{9E070A33-9857-4A95-9F10-0C5EA92D6D9F}_is1) (Version: 1.0.8 - Cooler Master)
Combined Community Codec Pack 64bit 2015-10-18 (HKLM\...\Combined Community Codec Pack 64bit_is1) (Version: 2015.10.19.0 - CCCP Project)
Corsair Utility Engine (HKLM-x32\...\{B60C58CC-3953-4D65-A848-4B8EF4E301E0}) (Version: 2.18.81 - Corsair)
CPUID CPU-Z 1.78 (HKLM\...\CPUID CPU-Z_is1) (Version:  - )
Creatures of Darkness (HKLM-x32\...\{573F9269-A022-4C6F-97BD-CF1316A76369}) (Version: 3.3.1 - Screaming Bee)
Cuphead (HKLM-x32\...\Cuphead_is1) (Version:  - )
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.5.1.0230 - Disc Soft Ltd)
Discord (HKU\S-1-5-21-3172090819-3694119697-3185588401-1002\...\Discord) (Version: 0.0.298 - Discord Inc.)
erLT (HKLM-x32\...\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}) (Version: 1.20.138.34 - Logitech, Inc.) Hidden
ESN Sonar (HKLM-x32\...\ESN Sonar-0.70.4) (Version: 0.70.4 - ESN Social Software AB)
Exterminate It! (HKLM-x32\...\Exterminate It!) (Version: 2.12.06.06 - CURIOLAB S.M.B.A.)
FaceRig Virtual Video driver version 1.0.1.1000 (HKLM-x32\...\{7D6A1A0F-F57E-4C6B-9331-86CBC7D5C787}_is1) (Version: 1.0.1.1000 - Adoriasoft LLC)
Fast Boot (HKLM-x32\...\{FA8FB4F2-F524-48E1-A06C-45602FBF26CD}) (Version: 1.16.1017 - GIGABYTE) Hidden
Fast Boot (HKLM-x32\...\InstallShield_{FA8FB4F2-F524-48E1-A06C-45602FBF26CD}) (Version: 1.16.1017 - GIGABYTE)
FFmpeg (Windows) for Audacity version 2.2.2 (HKLM-x32\...\{9C7E31E3-017F-434C-AC40-24431A354A1E}_is1) (Version: 2.2.2 - )
FFmpeg v0.6.2 for Audacity (HKLM-x32\...\FFmpeg for Audacity_is1) (Version:  - )
FlashTBT_100s (HKLM-x32\...\{6DC28AFC-B2A2-456D-B71B-BB8A8F8A8253}) (Version: 1.00.1603.1501 - GIGABYTE) Hidden
FlashTBT_100s (HKLM-x32\...\InstallShield_{6DC28AFC-B2A2-456D-B71B-BB8A8F8A8253}) (Version: 1.00.1603.1501 - GIGABYTE)
Furry Voices for Second Life (HKLM-x32\...\{2032DA39-C844-43AE-B638-6A4F7496686E}) (Version: 1.3.1 - Screaming Bee)
GigabyteFirmwareUpdateUtility (HKLM-x32\...\{1CBA99CE-1AB3-4366-AFB4-7F7B75EBBE35}) (Version: 1.00.0000 - GIGABYTE) Hidden
GigabyteFirmwareUpdateUtility (HKLM-x32\...\InstallShield_{1CBA99CE-1AB3-4366-AFB4-7F7B75EBBE35}) (Version: 1.00.0000 - GIGABYTE)
GIMX version 6.3 (HKLM\...\{DCCE138F-C418-464F-BF07-FD69ED63D20E}_is1) (Version: 6.3 - MatLauLab)
Goat Simulator: GOATY Edition (HKLM-x32\...\Goat Simulator: GOATY Edition_is1) (Version:  - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 62.0.3202.75 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.5 - Google Inc.) Hidden
Guitar Hero 3 Manager Songs (HKLM-x32\...\GT-GH3) (Version: 5.0.3.5 - Je$u$ Hu@nc@/Kechu316)
Guitar Hero III (HKLM-x32\...\{0CE1A6C0-F3F7-49E6-8F9D-2431F9827441}) (Version: 1.3 - Aspyr)
Guitar Hero Three Control Panel (HKLM-x32\...\{FC7CCCFB-2081-4E9D-8F6D-CAAE87267E6C}) (Version: 2.0.4 - Sigma Production Inc.)
Herramientas de corrección de Microsoft Office 2016: español (HKLM-x32\...\{90160000-001F-0C0A-0000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Honey Select (HKLM-x32\...\Honey Select_is1) (Version:  - )
HWiNFO64 Version 5.36 (HKLM\...\HWiNFO64_is1) (Version: 5.36 - Martin Malík - REALiX)
IDM Crack 6.28 build 5 (HKLM-x32\...\IDM Crack 6.28 build 5) (Version: build 5 - Crackingpatching.com Team)
IDM Crack 6.28 build 7 (HKLM-x32\...\IDM Crack 6.28 build 7) (Version: build 8 - Crackingpatching.com Team)
IDM Crack 6.28 build 9 (HKLM-x32\...\IDM Crack 6.28 build 9) (Version: build 12 - Crackingpatching.com Team)
ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!)
InputMapper (HKLM-x32\...\{026D2025-A7FA-4F5C-AF8C-A6F7A9B917FC}) (Version: 1.6.10.19991 - DSDCS)
Intel® Chipset Device Software (HKLM-x32\...\{c7f54569-0018-439c-809a-48046a4d4ebc}) (Version: 10.1.1.9 - Intel® Corporation) Hidden
Intel® Network Connections 20.7.67.0 (HKLM\...\PROSetDX) (Version: 20.7.67.0 - Intel)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4364 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 14.8.0.1042 - Intel Corporation)
Intellisense Lang Pack Mobile Extension SDK 10.0.14393.0 (HKLM-x32\...\{FE250127-0DBB-47AA-8439-7A2FA145030F}) (Version: 10.1.14393.795 - Microsoft Corporation) Hidden
Internet Download Manager (HKLM-x32\...\Internet Download Manager) (Version:  - Tonec Inc.)
Java 8 Update 121 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180121F0}) (Version: 8.0.1210.13 - Oracle Corporation)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
Killer Bandwidth Control Filter Driver (HKLM\...\{89A9DA12-B6F1-4966-95B3-574EEB6DF07E}) (Version: 1.1.65.1357 - Rivet Networks) Hidden
Killer E240x Drivers (HKLM\...\{C2AAF672-E3A2-403A-942F-7B9C9B4E592E}) (Version: 1.1.65.1357 - Rivet Networks) Hidden
Killer Performance Suite (HKLM-x32\...\{75269D5A-2CE7-48D1-8169-5744C83C574F}) (Version: 1.1.65.1357 - Rivet Networks)
Kits Configuration Installer (HKLM-x32\...\{84645792-B4DC-8386-13D6-94810C42EF8A}) (Version: 10.1.14393.795 - Microsoft) Hidden
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version:  - )
League of Legends (HKLM-x32\...\{E80C09B5-A296-47E9-BD4B-BCCF2FDCA13E}) (Version: 4.1.2 - Riot Games) Hidden
League of Legends (HKLM-x32\...\League of Legends 4.1.2) (Version: 4.1.2 - Riot Games)
Logitech Gaming Software 5.10 (HKLM\...\{1444D2EE-C7AD-44A8-844F-2634B49353D1}) (Version: 5.10.127 - Logitech)
Logitech Gaming Software 8.88 (HKLM\...\Logitech Gaming Software) (Version: 8.88.30 - Logitech Inc.)
Logitech Webcam Software (HKLM-x32\...\{D40EB009-0499-459c-A8AF-C9C110766215}) (Version: 2.80 - Logitech Inc.)
Malwarebytes version 3.2.2.2029 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.2.2.2029 - Malwarebytes)
MEGAsync (HKLM-x32\...\MEGAsync) (Version:  - Mega Limited)
Microsoft .NET Framework 4.6.2 SDK (HKLM-x32\...\{39BEF607-44E6-472B-90C1-BD62AA2B7A3F}) (Version: 4.6.01586 - Microsoft Corporation)
Microsoft .NET Framework 4.6.2 Targeting Pack (HKLM-x32\...\{C07B4BC7-A37D-46A8-B2A3-620CC569D149}) (Version: 4.6.01586 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{67F42018-F647-4D3C-BE62-F8CB4FE2FCD5}) (Version: 3.5.67.0 - Microsoft Corporation)
Microsoft Office Standard 2016 (HKLM-x32\...\Office16.STANDARD) (Version: 16.0.4266.1001 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3172090819-3694119697-3185588401-1002\...\OneDriveSetup.exe) (Version: 17.3.6998.0830 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Xbox 360 Accessories 1.2 (HKLM\...\{D9C50188-12D5-4D3E-8F00-682346C2AA5F}) (Version: 1.20.146.0 - Microsoft)
Mozilla Firefox 56.0 (x64 en-US) (HKLM\...\Mozilla Firefox 56.0 (x64 en-US)) (Version: 56.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 55.0.2 - Mozilla)
Mp3tag v2.82 (HKLM-x32\...\Mp3tag) (Version: 2.82 - Florian Heidenreich)
MSI Afterburner 4.4.0 Beta 12 (HKLM-x32\...\Afterburner) (Version: 4.4.0 Beta 12 - MSI Co., LTD)
MSI Development Tools (HKLM-x32\...\{7FA1A25B-79CC-73D1-45C4-18420F205406}) (Version: 10.1.14393.795 - Microsoft Corporation) Hidden
NFS Underground - Night Breath version 2.0 (HKLM-x32\...\{9D5388EF-3B22-4DEA-8F66-AFFF5E9D82CA}_is1) (Version: 2.0 - Night Breath Series, Inc.)
Notepad++ (32-bit x86) (HKLM-x32\...\Notepad++) (Version: 7.4.2 - Notepad++ Team)
Nox APP Player (HKLM-x32\...\Nox) (Version: 5.0.0.1 - Duodian Technology Co. Ltd.)
NVIDIA 3D Vision Controller Driver 369.04 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 369.04 - NVIDIA Corporation)
NVIDIA 3D Vision Driver 388.00 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 388.00 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.10.0.95 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.10.0.95 - NVIDIA Corporation)
NVIDIA Graphics Driver 388.00 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 388.00 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.35.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.35.1 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.17.0524 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0524 - NVIDIA Corporation)
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 17.0.2 - OBS Project)
ON_OFF Charge 2 B15.0709.1 (HKLM-x32\...\{6B4ED6F7-BB88-4945-B0C6-01410E1BAC3A}) (Version: 1.00.0000 - GIGABYTE) Hidden
ON_OFF Charge 2 B15.0709.1 (HKLM-x32\...\InstallShield_{6B4ED6F7-BB88-4945-B0C6-01410E1BAC3A}) (Version: 1.00.0000 - GIGABYTE)
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
OpenIV (HKU\S-1-5-21-3172090819-3694119697-3185588401-1002\...\OpenIV) (Version: 2.9.907 - .black/OpenIV Team)
Origin (HKLM-x32\...\Origin) (Version: 10.5.5.5003 - Electronic Arts, Inc.)
Outils de vérification linguistique 2016 de Microsoft Office - Français (HKLM-x32\...\{90160000-001F-040C-0000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Overwatch (HKLM-x32\...\Overwatch) (Version:  - Blizzard Entertainment)
PlatformPowerManagement (HKLM-x32\...\{7A6EB543-522C-4784-9DB5-4FC87522EBDF}) (Version: 1.16.0331 - GIGABYTE) Hidden
PlatformPowerManagement (HKLM-x32\...\InstallShield_{7A6EB543-522C-4784-9DB5-4FC87522EBDF}) (Version: 1.16.0331 - GIGABYTE)
Plex Media Server (HKLM-x32\...\{66263041-84c1-4c6d-ad3f-70c1e5fd8c75}) (Version: 1.9.2.4285 - Plex, Inc.)
Plex Media Server (HKLM-x32\...\{EAE03C2C-C259-4609-B5AD-D3A8D2E6F604}) (Version: 1.9.4285 - Plex, Inc.) Hidden
PNY Drive Utility (HKLM-x32\...\{F7F0273F-68B7-44EA-AD7B-1C9F9C29C562}) (Version: 1.0.8 - PNY Technologies)
Project64 version 2.3.0.210 (HKLM-x32\...\{BEB5FB69-4080-466F-96C4-F15DF271718B}_is1) (Version: 2.3.0.210 - )
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7727 - Realtek Semiconductor Corp.)
Red Giant Link (HKLM-x32\...\{10F82E5B-B611-4C65-8F29-666A9EC5680A}_is1) (Version: 1.9.10.0 - Red Giant, LLC)
Riftcat (HKLM-x32\...\{8346dab5-9676-4878-9891-b24811bf4ce4}) (Version: 1.0.0 - Riftcat)
Riftcat Client (HKLM-x32\...\{B2C26ED3-33A6-4A0E-98EE-6ACEC22C5793}) (Version: 1.0.0.3 - Riftcat) Hidden
RivaTuner Statistics Server 7.0.0 Beta 26 (HKLM-x32\...\RTSS) (Version: 7.0.0 Beta 26 - Unwinder)
RoboForm 7-9-28-8 (All Users) (HKLM-x32\...\AI RoboForm) (Version: 7-9-28-8 - Siber Systems)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.2.1.9 - Rockstar Games)
RogueKiller version 12.11.22.0 (HKLM\...\8B3D7924-ED89-486B-8322-E8594065D5CB_is1) (Version: 12.11.22.0 - Adlice Software)
Samsung Magician (HKLM-x32\...\{29AE3F9F-7158-4ca7-B1ED-28A73ECDB215}_is1) (Version: 5.0.0.790 - Samsung Electronics)
SDK Debuggers (HKLM-x32\...\{905D1773-308E-B34B-7489-1E1557BF0AF4}) (Version: 10.1.14393.795 - Microsoft Corporation) Hidden
Security Task Manager 2.1j (HKLM-x32\...\Security Task Manager) (Version: 2.1j - Neuber Software)
Shivers 2 (HKLM-x32\...\{ED2B1ACA-EBB7-4C83-9BD3-996E34D1A6B4}) (Version: 1.0.51 - Sierra)
SimTheme Park (HKLM-x32\...\Theme Park World) (Version:  - )
SIV (HKLM-x32\...\{AAA057C3-10DC-4EB9-A3D6-8208C1BB7411}) (Version: 1.16.1221 - GIGABYTE) Hidden
SIV (HKLM-x32\...\InstallShield_{AAA057C3-10DC-4EB9-A3D6-8208C1BB7411}) (Version: 1.16.1221 - GIGABYTE)
Skype™ 7.35 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.35.103 - Skype Technologies S.A.)
SmartKeyboard (HKLM-x32\...\{75B74C36-A9C6-4912-B4BB-C461AA36D01E}) (Version: 1.00.0000 - GIGABYTE) Hidden
SmartKeyboard (HKLM-x32\...\InstallShield_{75B74C36-A9C6-4912-B4BB-C461AA36D01E}) (Version: 1.00.0000 - GIGABYTE)
Sophos Virus Removal Tool (HKLM-x32\...\{B829E117-D072-41EA-9606-9826A38D34C1}) (Version: 2.6.1 - Sophos Limited)
Sound Blaster X-Fi MB3 (HKLM-x32\...\{3689CE39-3173-4952-B7AF-F1A9D6F9A288}) (Version: 1.00.06 - Creative Technology Limited)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Stopping Plex (HKLM-x32\...\{22F64911-9B44-42E7-A3A5-43490846841F}) (Version: 1.9.4285 - Plex, Inc.) Hidden
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 6.0.1250 - SUPERAntiSpyware.com)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.1.3 - TeamSpeak Systems GmbH)
TeamViewer 12 (HKLM-x32\...\TeamViewer) (Version: 12.0.72365 - TeamViewer)
Theme Park World Fix (HKLM-x32\...\{42082D6A-7C60-4CD9-B6FC-81E6F1FA96EF}) (Version: 1.0.0 - Adam Hearn)
Thunderbolt™ Software (HKLM-x32\...\{146DE795-0B91-40E7-9991-5DC766EFB211}) (Version: 15.3.40.275 - Intel Corporation)
Trapcode Suite v13.1.1 (HKLM-x32\...\{DFD2DC6B-C634-4C1C-81CC-5EF852E71CEE}_is1) (Version: 13.1.1 - Red Giant, LLC)
TriDef 3D 7.4 (HKLM-x32\...\essentials-bundle) (Version: 7.4 - Dynamic Digital Depth Australia Pty Ltd)
TrinusVR version 2.1.4 (HKLM-x32\...\{A66AD08F-FC5B-4583-9A7D-4636F5637B2C}_is1) (Version: 2.1.4 - Odd Sheep SL)
Tunngle (HKLM-x32\...\Tunngle_is1) (Version: 5.8.8 - Tunngle.net GmbH)
UltraISO Premium V9.66 (HKLM-x32\...\UltraISO_is1) (Version:  - )
Universal CRT Extension SDK (HKLM-x32\...\{4E8F20FD-6BC7-B65C-D4F2-5D7CEDE3352E}) (Version: 10.1.14393.795 - Microsoft Corporation) Hidden
Universal CRT Headers Libraries and Sources (HKLM-x32\...\{233B73D9-650E-9CEC-1002-767C916C1B61}) (Version: 10.1.14393.795 - Microsoft Corporation) Hidden
Universal CRT Redistributable (HKLM-x32\...\{DA52B326-3A74-1EB4-A788-D812C2F100A8}) (Version: 10.1.14393.795 - Microsoft Corporation) Hidden
Universal CRT Tools x64 (HKLM\...\{BF8547E5-1066-30AE-F3CB-028DC61A7D01}) (Version: 10.1.14393.795 - Microsoft Corporation) Hidden
Universal CRT Tools x86 (HKLM-x32\...\{0C8D9D70-FA5A-4CA9-763F-D8D93BC099B5}) (Version: 10.1.14393.795 - Microsoft Corporation) Hidden
Universal General MIDI DLS Extension SDK (HKLM-x32\...\{F2EB74A7-148A-8DC9-82A5-B5A88093EEC4}) (Version: 10.1.14393.795 - Microsoft Corporation) Hidden
Unlocker 1.9.2 (HKLM\...\Unlocker) (Version: 1.9.2 - Cedrick Collomb)
Uplay (HKLM-x32\...\Uplay) (Version: 27.0 - Ubisoft)
UsbDk Runtime Libraries (HKLM\...\{73BF404E-1EA1-4476-8E8C-A51440E31D9D}) (Version: 1.0.15 - Red Hat, Inc.)
VEGAS Pro 13.0 (64-bit) (HKLM\...\{01584040-68BC-11E6-A59F-BB95F5A309BD}) (Version: 13.0.543 - VEGAS)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.4 - VideoLAN)
Vulkan Run Time Libraries 1.0.61.0 (HKLM\...\VulkanRT1.0.61.0) (Version: 1.0.61.0 - LunarG, Inc.) Hidden
WebM Project Directshow Filters (HKU\S-1-5-21-3172090819-3694119697-3185588401-1002\...\webmdshow) (Version:  - )
WinAppDeploy (HKLM-x32\...\{C9966D24-DB2F-8514-EAA3-BEED85F3E166}) (Version: 10.1.14393.795 - Microsoft Corporation) Hidden
Windows Driver Package - Google, Inc. (WinUSB) AndroidUsbDeviceClass  (08/28/2014 11.0.0000.00000) (HKLM\...\092555911492C6959D2596D612F52DCA71881CA2) (Version: 08/28/2014 11.0.0000.00000 - Google, Inc.)
Windows Driver Package - Silicon Laboratories Inc. (silabser) Ports  (03/28/2016 6.7.3.350) (HKLM\...\9437A0D535B29915072FCF153C7CA9B5FD547A24) (Version: 03/28/2016 6.7.3.350 - Silicon Laboratories Inc.)
Windows SDK AddOn (HKLM-x32\...\{3BE62AA1-60B9-42EA-99BC-1A46B31C7E0C}) (Version: 10.1.0.0 - Microsoft Corporation)
Windows Software Development Kit - Windows 10.0.14393.795 (HKLM-x32\...\{5eb6fbea-73ee-4a8e-9042-110704768d7f}) (Version: 10.1.14393.795 - Microsoft Corporation)
WinRAR 5.40 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH)
WinRT Intellisense Desktop - en-us (HKLM-x32\...\{A249F631-CEBC-EDCB-4C49-700E551E66CA}) (Version: 10.1.14393.795 - Microsoft Corporation) Hidden
WinRT Intellisense Desktop - Other Languages (HKLM-x32\...\{E71CB7F1-3E88-4450-1764-B3CC1E205C4A}) (Version: 10.1.14393.795 - Microsoft Corporation) Hidden
WinRT Intellisense IoT - en-us (HKLM-x32\...\{C49E6FDA-8196-0CAF-2CDD-CF1B0F4EA5AD}) (Version: 10.1.14393.795 - Microsoft Corporation) Hidden
WinRT Intellisense IoT - Other Languages (HKLM-x32\...\{33D11371-82A5-852B-CDE2-5528CE406151}) (Version: 10.1.14393.795 - Microsoft Corporation) Hidden
WinRT Intellisense PPI - en-us (HKLM-x32\...\{FB431EE2-C835-6DE9-8DC3-C8FCDE028FE0}) (Version: 10.1.14393.795 - Microsoft Corporation) Hidden
WinRT Intellisense PPI - Other Languages (HKLM-x32\...\{FB82399D-9C48-9AF5-DCA1-CFE61BCA70A6}) (Version: 10.1.14393.795 - Microsoft Corporation) Hidden
WinRT Intellisense UAP - en-us (HKLM-x32\...\{23909757-D6F0-7F7C-BD34-7E72BA9BD59C}) (Version: 10.1.14393.795 - Microsoft Corporation) Hidden
WinRT Intellisense UAP - Other Languages (HKLM-x32\...\{D3A337CD-EA32-F4BA-03FA-825903190C92}) (Version: 10.1.14393.795 - Microsoft Corporation) Hidden
WPT Redistributables (HKLM-x32\...\{02FCB4B3-4E38-2875-3C49-97DCE76BBFA9}) (Version: 10.1.14393.795 - Microsoft) Hidden
WPTx64 (HKLM-x32\...\{73CC63E2-295E-8012-133D-5643B92D30CC}) (Version: 10.1.14393.795 - Microsoft) Hidden
WRC 7 (HKLM-x32\...\WRC 7_is1) (Version:  - )
Xiph.Org Open Codecs 0.85.17777 (HKLM-x32\...\Open Codecs) (Version: 0.85.17777 - Xiph.Org)
YTD Video Downloader 5.8.6 (HKLM-x32\...\{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}) (Version: 5.8.6 - GreenTree Applications SRL) <==== ATTENTION
z3x shell 4.7.3 (HKLM-x32\...\z3x shell_is1) (Version:  - z3x-team)
zeckensack's Glide wrapper (remove only) (HKLM-x32\...\GlidewrapZbag) (Version:  - )
 
==================== Custom CLSID (Whitelisted): ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
CustomCLSID: HKU\S-1-5-21-3172090819-3694119697-3185588401-1002_Classes\CLSID\{00020420-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3172090819-3694119697-3185588401-1002_Classes\CLSID\{00020421-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3172090819-3694119697-3185588401-1002_Classes\CLSID\{00020422-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3172090819-3694119697-3185588401-1002_Classes\CLSID\{00020423-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3172090819-3694119697-3185588401-1002_Classes\CLSID\{00020424-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3172090819-3694119697-3185588401-1002_Classes\CLSID\{00020425-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3172090819-3694119697-3185588401-1002_Classes\CLSID\{0B7AD8D3-094A-44DE-A348-83C6C3FA347C}\InprocServer32 -> C:\Users\Xnitro67\AppData\Local\Microsoft\Windows Sidebar\Gadgets\Clipboarder.gadget\Release\Clipboarder64.dll (Helmut Buhler)
CustomCLSID: HKU\S-1-5-21-3172090819-3694119697-3185588401-1002_Classes\CLSID\{0E7BE950-4ACC-47CB-834B-41A8B96BBFF9}\InprocServer32 -> C:\Users\Xnitro67\AppData\Local\Microsoft\Windows Sidebar\Gadgets\Sidebar7.gadget\Release\Sidebar7.64.dll (Helmut Buhler)
ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Xnitro67\AppData\Local\MEGAsync\ShellExtX64.dll [2016-10-31] ()
ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Xnitro67\AppData\Local\MEGAsync\ShellExtX64.dll [2016-10-31] ()
ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Xnitro67\AppData\Local\MEGAsync\ShellExtX64.dll [2016-10-31] ()
ShellIconOverlayIdentifiers: [   IDM Shell Extension] -> {CDC95B92-E27C-4745-A8C5-64A52A78855D} => C:\Program Files (x86)\Internet Download Manager\IDMShellExt64.dll [2015-08-14] (Tonec Inc.)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-10-25] ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-10-25] ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-10-25] ()
ShellIconOverlayIdentifiers-x32: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Xnitro67\AppData\Local\MEGAsync\ShellExtX64.dll [2016-10-31] ()
ShellIconOverlayIdentifiers-x32: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Xnitro67\AppData\Local\MEGAsync\ShellExtX64.dll [2016-10-31] ()
ShellIconOverlayIdentifiers-x32: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Xnitro67\AppData\Local\MEGAsync\ShellExtX64.dll [2016-10-31] ()
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2017-04-29] (Igor Pavlov)
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-10-25] ()
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files (x86)\Notepad++\NppShell_06.dll [2017-06-18] ()
ContextMenuHandlers1: [BDFVCtxMenuExt] -> {9E96C1F5-0EFA-4348-9460-15D6802C70AA} => C:\Program Files\Bitdefender\Bitdefender 2017\bdfvsctx.dll [2017-11-01] (Bitdefender)
ContextMenuHandlers1: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Xnitro67\AppData\Local\MEGAsync\ShellExtX64.dll [2016-10-31] ()
ContextMenuHandlers1: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => C:\Program Files (x86)\Mp3tag\Mp3tagShell64.dll [2017-04-28] (Florian Heidenreich)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-15] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-15] (Alexander Roshal)
ContextMenuHandlers2: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => C:\Program Files (x86)\Mp3tag\Mp3tagShell64.dll [2017-04-28] (Florian Heidenreich)
ContextMenuHandlers2: [UltraISO] -> {AD392E40-428C-459F-961E-9B147782D099} => C:\Program Files (x86)\UltraISO\isoshl64.dll [2015-10-08] (EZB Systems, Inc.)
ContextMenuHandlers3: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Xnitro67\AppData\Local\MEGAsync\ShellExtX64.dll [2016-10-31] ()
ContextMenuHandlers3: [UnlockerShellExtension] -> {DDE4BEEB-DDE6-48fd-8EB5-035C09923F83} => C:\Program Files\Unlocker\UnlockerCOM.dll [2010-07-15] ()
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2017-04-29] (Igor Pavlov)
ContextMenuHandlers4: [BDFVCtxMenuExt] -> {9E96C1F5-0EFA-4348-9460-15D6802C70AA} => C:\Program Files\Bitdefender\Bitdefender 2017\bdfvsctx.dll [2017-11-01] (Bitdefender)
ContextMenuHandlers4: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Xnitro67\AppData\Local\MEGAsync\ShellExtX64.dll [2016-10-31] ()
ContextMenuHandlers4: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => C:\Program Files (x86)\Mp3tag\Mp3tagShell64.dll [2017-04-28] (Florian Heidenreich)
ContextMenuHandlers4: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} =>  -> No File
ContextMenuHandlers4: [UltraISO] -> {AD392E40-428C-459F-961E-9B147782D099} => C:\Program Files (x86)\UltraISO\isoshl64.dll [2015-10-08] (EZB Systems, Inc.)
ContextMenuHandlers5: [BDFVCtxMenuExt] -> {9E96C1F5-0EFA-4348-9460-15D6802C70AA} => C:\Program Files\Bitdefender\Bitdefender 2017\bdfvsctx.dll [2017-11-01] (Bitdefender)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} =>  -> No File
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2017-10-12] (NVIDIA Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2017-04-29] (Igor Pavlov)
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-10-25] ()
ContextMenuHandlers6: [BDFVCtxMenuExt] -> {9E96C1F5-0EFA-4348-9460-15D6802C70AA} => C:\Program Files\Bitdefender\Bitdefender 2017\bdfvsctx.dll [2017-11-01] (Bitdefender)
ContextMenuHandlers6: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} =>  -> No File
ContextMenuHandlers6: [UltraISO] -> {AD392E40-428C-459F-961E-9B147782D099} => C:\Program Files (x86)\UltraISO\isoshl64.dll [2015-10-08] (EZB Systems, Inc.)
ContextMenuHandlers6: [UnlockerShellExtension] -> {DDE4BEEB-DDE6-48fd-8EB5-035C09923F83} => C:\Program Files\Unlocker\UnlockerCOM.dll [2010-07-15] ()
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-15] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-15] (Alexander Roshal)
 
==================== Scheduled Tasks (Whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {105E7D02-2000-426D-BB79-F941BBB4EEC9} - System32\Tasks\MSIAfterburner => C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe [2017-11-01] ()
Task: {1392FB47-8493-4D31-810D-5CC21D99DE34} - System32\Tasks\Open URL by RoboForm => C:\WINDOWS\system32\rundll32.exe url.dll,FileProtocolHandler "hxxps://www.roboform.com/test-pass.html?aaa=KICMIMLJPMMJMMNMHMKJCNJMJMJJOMCNLMNJKJJMCNOJMMJMOJCNNJLMPMMJNJPMGMMMMJJJNJOMJNJICMIMCNGMCNNMHMFMOMOMCNLMHMMMCNOMKMPMJMMMFMPMCNPMCNOMKMPMJMMMCNNMJNPICMPMFMEKMICNJJCKFMOMLMKMJNHICMEKMICNJJCKJNBJCMHKBJGJLINIAJJMIMJNKJCMJNNICMJNDJC (the data entry has 56 more characters).
Task: {16EAAF32-34F5-4FE1-9509-7F63C3DCFF8B} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-11-01] (NVIDIA Corporation)
Task: {21796AA8-621D-4E20-B10C-EE5266410429} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [2015-07-31] (Microsoft Corporation)
Task: {25454C4E-0D07-4A0E-8339-C0B7DF555D41} - System32\Tasks\ExclusiveTool => C:\Program Files (x86)\DSDCS\InputMapper\ExclusiveModeTool.exe [2016-10-04] (InputMapper)
Task: {29DF3A9C-F7A8-479B-85E3-D337B68B8EDC} - System32\Tasks\Run RoboForm TaskBar Icon => C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe [2017-11-01] (Siber Systems)
Task: {303E70DB-AEDA-4A0C-9D0F-7A7FD0F56E85} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-11-01] (Google Inc.)
Task: {4A8CC442-26C1-4948-9758-06A3C62B09B6} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt service on boot if driver is up => tbtsvc.exe
Task: {4C82A567-8624-40F4-BB1C-08271C7CFF77} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe
Task: {4E4B1021-ACD3-414E-A90E-5EFE3896F062} - System32\Tasks\Red Giant Link => C:\Program Files\Red Giant Link\Red Giant Link.exe
Task: {571C2551-295A-4CCC-B9C2-E3948A960A5D} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2017-11-01] (NVIDIA Corporation)
Task: {59FB4E1D-41A6-4B45-89A8-FE00244DD222} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-11-01] (Google Inc.)
Task: {5A220143-4028-4B40-B4CA-8D258F15CF5A} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt application on login if service is up => Thunderbolt.exe
Task: {67328D15-93E9-4906-ABAA-F4736395D7A9} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-10-10] (NVIDIA Corporation)
Task: {71221511-1DFC-492F-95A2-7B2A716B2BC9} - System32\Tasks\SUPERAntiSpyware Scheduled Task e200a3b1-44ee-456f-9faa-c801766b9faf => C:\Program Files\SUPERAntiSpyware\SASTask.exe [2013-11-07] (SUPERAdBlocker.com)
Task: {7C6108DD-BE71-4A8C-A98A-439CA1ADC2A1} - \System\SystemCheck -> No File <==== ATTENTION
Task: {7C9C8C58-C777-4429-9AC6-20E714B7EA3B} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-10-10] (NVIDIA Corporation)
Task: {829FAD14-8701-459A-B03F-8A1A3BF2A101} - System32\Tasks\HWiNFO => C:\Program Files\HWiNFO64\HWiNFO64.EXE [2016-09-13] (REALiX)
Task: {84AE0076-B34A-4C44-83C6-34343C683249} - System32\Tasks\SUPERAntiSpyware Scheduled Task 1191ba73-0ad2-4860-9757-8a1ecd435da4 => C:\Program Files\SUPERAntiSpyware\SASTask.exe [2013-11-07] (SUPERAdBlocker.com)
Task: {8F0C7CC2-FDF5-43FB-B1F5-3A2B5C5A540E} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt service when hardware is detected => sc.exe start ThunderboltService
Task: {A0A20F83-40A9-473D-BE7D-92A4C402F8D3} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-12-06] (Piriform Ltd)
Task: {A51C1045-6B8F-44A3-BBB4-15CF08046C85} - System32\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864 => C:\Program Files\Bitdefender Agent\WatchDog.exe [2017-02-02] (Bitdefender)
Task: {A8BB2681-9CE9-4B22-9A58-0B2F24D268D0} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt application when hardware is detected => Thunderbolt.exe
Task: {B9EC49AC-CCB2-4EBB-8A89-E38C6CD59332} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2017-11-01] (NVIDIA Corporation)
Task: {BD0275F8-4E62-4535-BA69-C31C4E9B456C} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2017-11-01] (NVIDIA Corporation)
Task: {C8D38154-B83A-4DDC-ADE1-3AE473DE40BC} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-10-10] (NVIDIA Corporation)
Task: {E04375DC-F36E-4DB0-937F-4C8FE4E6BB4D} - System32\Tasks\SamsungMagician => C:\Program Files (x86)\Samsung\Samsung Magician\SamsungMagician.exe [2017-11-01] (Samsung Electronics Co. Ltd.)
Task: {EC4677DC-3A8C-4B41-94F3-9BF1148CFBA1} - System32\Tasks\Bitdefender AgentTask_AD394AE64E874073B10A89FEEC305A3C => C:\Program Files\Bitdefender\Bitdefender 2017\bdagent.exe [2017-11-01] (Bitdefender)
Task: {F1B0C9F5-AA6E-47FD-96CA-133A2F82976D} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-11-01] (NVIDIA Corporation)
Task: {F5D77F9D-5F3D-4316-BE3F-3B06883C7BA2} - System32\Tasks\{A2E3976B-D22B-48AF-9AD5-AAB62204572B} => C:\Windows\system32\pcalua.exe -a G:\SETUP\SETUP.EXE -d G:\SETUP
Task: {F9789361-CE81-4BDC-8BA6-2624053D367F} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [2015-07-31] (Microsoft Corporation)
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: C:\WINDOWS\Tasks\SUPERAntiSpyware Scheduled Task 1191ba73-0ad2-4860-9757-8a1ecd435da4.job => C:\Program Files\SUPERAntiSpyware\SASTask.exe C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
Task: C:\WINDOWS\Tasks\SUPERAntiSpyware Scheduled Task e200a3b1-44ee-456f-9faa-c801766b9faf.job => C:\Program Files\SUPERAntiSpyware\SASTask.exe C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
 
==================== Shortcuts & WMI ========================
 
(The entries could be listed to be restored or removed.)
 
 
Shortcut: C:\Users\Xnitro67\Nox_share\Other\TV.lnk -> E:\Nircmd\TV.bat ()
 
ShortcutWithArgument: C:\Users\Xnitro67\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Chrome Remote Desktop.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) ->  --profile-directory=Default --app-id=gbchcmhmhahfdphkhkmpfmihenigjmpp
 
==================== Loaded Modules (Whitelisted) ==============
 
2017-11-01 19:43 - 2017-11-01 19:43 - 000111832 _____ () C:\Program Files\Bitdefender\Bitdefender 2017\bdmetrics.dll
2017-11-01 19:26 - 2017-02-07 12:34 - 001008448 _____ () C:\Program Files\Bitdefender\Bitdefender 2017\otengines_001_001\ashttpbr.mdl
2017-11-01 19:26 - 2017-02-07 12:34 - 000541952 _____ () C:\Program Files\Bitdefender\Bitdefender 2017\otengines_001_001\ashttpdsp.mdl
2017-11-01 19:26 - 2017-02-07 12:34 - 003243920 _____ () C:\Program Files\Bitdefender\Bitdefender 2017\otengines_001_001\ashttpph.mdl
2017-11-01 19:26 - 2017-02-07 12:34 - 001544568 _____ () C:\Program Files\Bitdefender\Bitdefender 2017\otengines_001_001\ashttprbl.mdl
2015-06-25 09:45 - 2015-06-25 09:45 - 000017920 _____ () C:\Program Files (x86)\GIGABYTE\AppCenter\AdjustService.exe
2017-09-27 23:54 - 2017-10-10 05:21 - 002358728 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll
2017-09-27 23:54 - 2017-10-10 05:21 - 002289096 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\SelfProtectionSdk.dll
2016-10-27 17:21 - 2017-10-10 21:05 - 001267136 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
2017-08-24 00:47 - 2017-08-24 00:47 - 000066872 _____ () C:\WINDOWS\SysWOW64\PnkBstrA.exe
2016-07-19 09:06 - 2016-07-19 09:06 - 000331264 _____ () E:\CouchDB\bin\nssm.exe
2016-01-15 21:00 - 2016-01-15 21:00 - 000152136 ____R () C:\Program Files\Intel\NCS2\Agent\AdapterAgnt.DLL
2016-09-12 15:38 - 2016-09-12 15:38 - 000120320 _____ () E:\CouchDB\erts-6.4\bin\erl.exe
2016-09-12 15:38 - 2016-09-12 15:38 - 000160768 _____ () E:\CouchDB\erts-6.4\bin\erlexec.dll
2016-09-12 15:38 - 2016-09-12 15:38 - 002768896 _____ () E:\CouchDB\erts-6.4\bin\beam.smp.dll
2016-09-12 15:38 - 2016-09-12 15:38 - 001524736 _____ () e:\CouchDB\lib\crypto-3.5\priv\lib\crypto.dll
2016-09-12 15:38 - 2016-09-12 15:38 - 000007680 _____ () e:\CouchDB\lib\crypto-3.5\priv\lib\crypto_callback.dll
2016-09-12 15:38 - 2016-09-12 15:38 - 000087552 _____ () e:\CouchDB\lib\khash-7c6a9cd\priv\khash.dll
2016-09-12 15:38 - 2016-09-12 15:38 - 000081920 _____ () e:\CouchDB\lib\couch-2.0.0\priv\couch_icu_driver.dll
2016-09-12 15:38 - 2016-09-12 15:38 - 000148480 _____ () e:\CouchDB\lib\snappy-1.0.5\priv\snappy_nif.dll
2016-09-12 15:38 - 2016-09-12 15:38 - 000044032 _____ () E:\CouchDB\erts-6.4\bin\epmd.exe
2016-09-12 15:38 - 2016-09-12 15:38 - 000011264 _____ () e:\CouchDB\lib\os_mon-2.3.1\priv\bin\win32sysinfo.exe
2016-08-31 11:47 - 2017-06-28 12:26 - 000442568 _____ () C:\Program Files (x86)\RivaTuner Statistics Server\RTSSHooks64.dll
2017-06-28 15:06 - 2017-11-01 19:31 - 000632520 _____ () C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe
2017-03-18 16:58 - 2017-03-18 16:58 - 000138000 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2016-10-31 15:45 - 2016-10-31 15:45 - 000592384 _____ () C:\Users\Xnitro67\AppData\Local\MEGAsync\ShellExtX64.dll
2016-10-25 09:57 - 2016-10-25 09:57 - 000491184 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll
2017-02-22 23:49 - 2017-02-22 23:49 - 008911560 _____ () C:\Program Files\Microsoft Office\Office16\1033\GrooveIntlResource.dll
2017-03-18 16:59 - 2017-03-18 22:30 - 001731072 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-09-13 16:40 - 2017-11-01 19:34 - 002509744 _____ () C:\Program Files (x86)\GIGABYTE\AppCenter\ApCent.exe
2015-03-06 20:07 - 2015-03-06 20:07 - 000908568 _____ () C:\Program Files\Logitech Gaming Software\libGLESv2.dll
2016-09-29 17:13 - 2016-09-29 17:13 - 001096824 _____ () C:\Program Files\Logitech Gaming Software\platforms\qwindows.dll
2015-03-06 20:07 - 2015-03-06 20:07 - 000060184 _____ () C:\Program Files\Logitech Gaming Software\libEGL.dll
2016-09-29 17:13 - 2016-09-29 17:13 - 000241784 _____ () C:\Program Files\Logitech Gaming Software\imageformats\qjpeg.dll
2016-01-06 12:41 - 2016-01-06 12:41 - 000062168 _____ () C:\Program Files\CCleaner\branding.dll
2012-09-13 00:38 - 2017-11-01 19:37 - 000264040 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\CameraHelperShell.exe
2017-11-01 19:42 - 2017-11-01 19:42 - 000023328 _____ () C:\Program Files\Bitdefender\Bitdefender 2017\lang\en-US\bdsystray.txtui
2017-11-01 19:33 - 2017-10-26 02:30 - 004135768 _____ () C:\Program Files (x86)\Google\Chrome\Application\62.0.3202.75\libglesv2.dll
2017-11-01 19:33 - 2017-10-26 02:30 - 000100184 _____ () C:\Program Files (x86)\Google\Chrome\Application\62.0.3202.75\libegl.dll
2017-06-28 11:57 - 2017-11-01 19:31 - 000243712 _____ () C:\Program Files (x86)\RivaTuner Statistics Server\RTSS.exe
2017-06-28 11:57 - 2017-06-28 11:57 - 000032768 _____ () C:\Program Files (x86)\RivaTuner Statistics Server\EncoderServer64.exe
2017-06-28 11:57 - 2017-11-01 19:34 - 000088576 _____ () C:\Program Files (x86)\RivaTuner Statistics Server\RTSSHooksLoader64.exe
2017-09-25 04:50 - 2017-09-25 04:50 - 000083432 _____ () C:\Program Files (x86)\Plex\Plex Media Server\zlib.dll
2017-09-25 04:49 - 2017-09-25 04:49 - 000203240 _____ () C:\Program Files (x86)\Plex\Plex Media Server\libidn.dll
2016-08-31 11:46 - 2017-06-28 12:26 - 000409800 _____ () C:\Program Files (x86)\RivaTuner Statistics Server\RTSSHooks.dll
2017-06-28 14:55 - 2017-06-28 14:55 - 000071680 _____ () C:\Program Files (x86)\MSI Afterburner\RTMUI.dll
2017-06-28 14:55 - 2017-06-28 14:55 - 000056832 _____ () C:\Program Files (x86)\MSI Afterburner\RTFC.dll
2017-06-28 14:56 - 2017-06-28 14:56 - 000228864 _____ () C:\Program Files (x86)\MSI Afterburner\RTCore.dll
2017-06-28 14:56 - 2017-06-28 14:56 - 000357888 _____ () C:\Program Files (x86)\MSI Afterburner\RTUI.dll
2017-06-28 14:56 - 2017-06-28 14:56 - 000555520 _____ () C:\Program Files (x86)\MSI Afterburner\RTHAL.dll
2016-12-08 17:18 - 2016-12-08 17:18 - 001804800 _____ () C:\Program Files (x86)\GIGABYTE\AppCenter\BDR_info.dll
2017-04-14 14:39 - 2017-04-14 14:39 - 000133632 _____ () C:\Program Files (x86)\GIGABYTE\AppCenter\ycc.dll
2017-09-25 04:49 - 2017-09-25 04:49 - 001083368 _____ () C:\Program Files (x86)\Plex\Plex Media Server\libxml2.dll
2017-09-25 04:49 - 2017-09-25 04:49 - 000115688 _____ () C:\Program Files (x86)\Plex\Plex Media Server\soci_core-vc80-3_0.dll
2017-09-25 04:49 - 2017-09-25 04:49 - 000059880 _____ () C:\Program Files (x86)\Plex\Plex Media Server\soci_sqlite3-vc80-3_0.dll
2017-09-25 04:50 - 2017-09-25 04:50 - 000772072 _____ () C:\Program Files (x86)\Plex\Plex Media Server\tag.dll
2017-09-25 04:49 - 2017-09-25 04:49 - 001741288 _____ () C:\Program Files (x86)\Plex\Plex Media Server\opencv_imgproc2411.dll
2017-09-25 04:49 - 2017-09-25 04:49 - 001962984 _____ () C:\Program Files (x86)\Plex\Plex Media Server\opencv_core2411.dll
2017-09-25 04:49 - 2017-09-25 04:49 - 000025576 _____ () C:\Program Files (x86)\Plex\Plex Media Server\lyric_lite.dll
2017-09-25 04:49 - 2017-09-25 04:49 - 001549104 _____ () C:\Program Files (x86)\Plex\Plex Media Server\libstdc++-6.dll
2017-09-25 04:49 - 2017-09-25 04:49 - 000127136 _____ () C:\Program Files (x86)\Plex\Plex Media Server\libgcc_s_dw2-1.dll
2017-01-24 11:19 - 2017-01-04 15:28 - 001958912 _____ () C:\Users\Xnitro67\AppData\Local\Discord\app-0.0.297\ffmpeg.dll
2017-11-01 20:52 - 2017-11-01 20:52 - 001082880 _____ () \\?\C:\Users\Xnitro67\AppData\Roaming\discord\0.0.297\modules\discord_voice\discord_voice.node
2017-11-01 20:52 - 2017-11-01 20:52 - 003750400 _____ () \\?\C:\Users\Xnitro67\AppData\Roaming\discord\0.0.297\modules\discord_voice\libdiscord.dll
2017-11-01 20:52 - 2017-11-01 20:52 - 000914432 _____ () \\?\C:\Users\Xnitro67\AppData\Roaming\discord\0.0.297\modules\discord_utils\discord_utils.node
2017-11-01 20:52 - 2017-11-01 20:52 - 001127424 _____ () \\?\C:\Users\Xnitro67\AppData\Roaming\discord\0.0.297\modules\discord_toaster\discord_toaster.node
2017-11-01 20:52 - 2017-11-01 20:52 - 001385976 _____ () \\?\C:\Users\Xnitro67\AppData\Roaming\discord\0.0.297\modules\discord_overlay\discord_overlay.node
2017-09-25 04:50 - 2017-09-25 04:50 - 000050152 _____ () C:\Program Files (x86)\Plex\Plex Media Server\DLLs\_socket.pyd
2017-09-25 04:50 - 2017-09-25 04:50 - 000071656 _____ () C:\Program Files (x86)\Plex\Plex Media Server\DLLs\_ssl.pyd
2017-09-25 04:50 - 2017-09-25 04:50 - 000024552 _____ () C:\Program Files (x86)\Plex\Plex Media Server\DLLs\_hashlib.pyd
2017-09-25 04:50 - 2017-09-25 04:50 - 000041448 _____ () C:\Program Files (x86)\Plex\Plex Media Server\Exts\simplejson\_speedups.pyd
2017-09-25 04:50 - 2017-09-25 04:50 - 000930280 _____ () C:\Program Files (x86)\Plex\Plex Media Server\Exts\lxml\etree.pyd
2017-09-25 04:49 - 2017-09-25 04:49 - 000074728 _____ () C:\Program Files (x86)\Plex\Plex Media Server\libexslt.dll
2017-09-25 04:49 - 2017-09-25 04:49 - 000190952 _____ () C:\Program Files (x86)\Plex\Plex Media Server\libxslt.dll
2017-09-25 04:50 - 2017-09-25 04:50 - 000218088 _____ () C:\Program Files (x86)\Plex\Plex Media Server\Exts\lxml\objectify.pyd
2017-09-25 04:50 - 2017-09-25 04:50 - 000018920 _____ () C:\Program Files (x86)\Plex\Plex Media Server\DLLs\select.pyd
2017-09-25 04:50 - 2017-09-25 04:50 - 000095720 _____ () C:\Program Files (x86)\Plex\Plex Media Server\DLLs\_ctypes.pyd
2017-09-25 04:50 - 2017-09-25 04:50 - 000143336 _____ () C:\Program Files (x86)\Plex\Plex Media Server\DLLs\pyexpat.pyd
2017-09-25 04:50 - 2017-09-25 04:50 - 000694248 _____ () C:\Program Files (x86)\Plex\Plex Media Server\DLLs\unicodedata.pyd
2017-01-24 11:19 - 2017-01-04 15:28 - 002278912 _____ () C:\Users\Xnitro67\AppData\Local\Discord\app-0.0.297\libglesv2.dll
2017-01-24 11:19 - 2017-01-04 15:28 - 000096768 _____ () C:\Users\Xnitro67\AppData\Local\Discord\app-0.0.297\libegl.dll
2017-11-01 20:52 - 2017-11-01 20:52 - 000148992 _____ () \\?\C:\Users\Xnitro67\AppData\Local\Temp\FF01.tmp.node
2017-11-01 20:52 - 2017-11-01 20:52 - 002658296 _____ () \\?\C:\Users\Xnitro67\AppData\Roaming\discord\0.0.297\modules\discord_rpc\discord_rpc.node
2017-09-25 04:50 - 2017-09-25 04:50 - 000064488 _____ () C:\Program Files (x86)\Plex\Plex Media Server\TeVii.dll
2012-09-13 00:38 - 2012-09-13 00:38 - 002144104 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtCore4.dll
2012-09-13 00:38 - 2012-09-13 00:38 - 007955304 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtGui4.dll
2012-09-13 00:38 - 2012-09-13 00:38 - 000341352 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtXml4.dll
2012-09-13 00:38 - 2012-09-13 00:38 - 000028008 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\imageformats\QGif4.dll
2012-09-13 00:38 - 2012-09-13 00:38 - 000127336 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\imageformats\QJpeg4.dll
2012-09-13 00:39 - 2012-09-13 00:39 - 000336232 _____ () C:\Program Files (x86)\Common Files\logishrd\LWSPlugins\LWS\Applets\CameraHelper\DevManagerCore.dll
2017-09-15 19:01 - 2017-09-15 19:01 - 000199680 _____ () C:\Program Files (x86)\Corsair\Corsair Utility Engine\quazip.dll
2017-09-15 18:59 - 2017-09-15 18:59 - 000044544 _____ () C:\Program Files (x86)\Corsair\Corsair Utility Engine\MacroRecording.dll
2017-09-15 19:13 - 2017-09-15 19:13 - 000151040 _____ () C:\Program Files (x86)\Corsair\Corsair Utility Engine\CorsairAudioDevice.dll
2017-09-15 18:59 - 2017-09-15 18:59 - 000097280 _____ () C:\Program Files (x86)\Corsair\Corsair Utility Engine\zlib.dll
2016-12-01 13:28 - 2016-12-01 13:28 - 001983488 _____ () C:\Program Files (x86)\Corsair\Corsair Utility Engine\libGLESv2.dll
2016-12-01 13:28 - 2016-12-01 13:28 - 000013824 _____ () C:\Program Files (x86)\Corsair\Corsair Utility Engine\libEGL.DLL
2017-06-28 11:56 - 2017-06-28 11:56 - 000055808 _____ () C:\Program Files (x86)\RivaTuner Statistics Server\RTFC.dll
2017-06-28 11:56 - 2017-06-28 11:56 - 000353792 _____ () C:\Program Files (x86)\RivaTuner Statistics Server\RTUI.dll
2017-06-28 11:57 - 2017-06-28 11:57 - 000071680 _____ () C:\Program Files (x86)\RivaTuner Statistics Server\RTMUI.dll
 
==================== Alternate Data Streams (Whitelisted) =========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 
AlternateDataStreams: C:\Users\Xnitro67\Downloads\ChromeSetup.exe:BDU [0]
 
==================== Safe Mode (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\38691373.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\38691373.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
 
==================== Association (Whitelisted) ===============
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
 
 
==================== Internet Explorer trusted/restricted ===============
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
 
==================== Hosts content: ===============================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2016-07-16 07:47 - 2017-11-01 20:51 - 000000864 _____ C:\WINDOWS\system32\Drivers\etc\hosts
 
0.0.0.0            keystone.mwbsys.com
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-3172090819-3694119697-3185588401-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\Xnitro67\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\cachedimage_1920_1080_pos2.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
HKLM\...\StartupApproved\Run: => "IAStorIcon"
HKLM\...\StartupApproved\Run: => "tvncontrol"
HKLM\...\StartupApproved\Run32: => "UpdReg"
HKLM\...\StartupApproved\Run32: => "Sound Blaster X-Fi MB 3"
HKLM\...\StartupApproved\Run32: => "WindowsDefender"
HKLM\...\StartupApproved\Run32: => "After Dark QuickAccess"
HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud"
HKLM\...\StartupApproved\Run32: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "Discord"
HKU\S-1-5-21-3172090819-3694119697-3185588401-1002\...\StartupApproved\StartupFolder: => "MEGAsync.lnk"
HKU\S-1-5-21-3172090819-3694119697-3185588401-1002\...\StartupApproved\Run: => "EADM"
HKU\S-1-5-21-3172090819-3694119697-3185588401-1002\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-3172090819-3694119697-3185588401-1002\...\StartupApproved\Run: => "World of Tanks"
HKU\S-1-5-21-3172090819-3694119697-3185588401-1002\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-3172090819-3694119697-3185588401-1002\...\StartupApproved\Run: => "DAEMON Tools Lite Automount"
HKU\S-1-5-21-3172090819-3694119697-3185588401-1002\...\StartupApproved\Run: => "TeamSpeak 3 Client"
 
==================== FirewallRules (Whitelisted) ===============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [{F7041925-0C70-4889-9234-2BE57528A210}] => (Allow) C:\Program Files (x86)\Bignox\BigNoxVM\RT\NoxVMHandle.exe
FirewallRules: [{50D74184-1E86-439B-BEA8-B3B543DD3259}] => (Allow) C:\Users\Xnitro67\AppData\Roaming\Nox\bin\Nox.exe
FirewallRules: [UDP Query User{2C091278-E0B5-471E-B33D-A322C37FA9FD}C:\users\xnitro67\desktop\server_2\fxserver.exe] => (Allow) C:\users\xnitro67\desktop\server_2\fxserver.exe
FirewallRules: [TCP Query User{C5F91948-2089-4E8E-AD30-E26842B2082B}C:\users\xnitro67\desktop\server_2\fxserver.exe] => (Allow) C:\users\xnitro67\desktop\server_2\fxserver.exe
FirewallRules: [{5C670CF2-F0B9-4633-94FA-24918399F32B}] => (Allow) D:\Steam\steamapps\common\Grand Theft Auto V\GTAVLauncher.exe
FirewallRules: [{109DED21-259F-4C45-A88D-F2180B2639B0}] => (Allow) D:\Steam\steamapps\common\Grand Theft Auto V\GTAVLauncher.exe
FirewallRules: [{85BED3C2-45CA-4602-A4A0-B3B1C19EC9BC}] => (Allow) D:\Steam\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame.exe
FirewallRules: [{376862E1-DBBF-47B5-96C5-E3D503E28B60}] => (Allow) D:\Steam\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame.exe
FirewallRules: [{3659B07E-9BE9-4A52-AC84-108A7DA47341}] => (Allow) D:\Steam\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame_BE.exe
FirewallRules: [{6CBFB614-F01A-4EC1-AA48-E1F41067E4A0}] => (Allow) D:\Steam\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame_BE.exe
FirewallRules: [UDP Query User{E2E15A14-2749-4E8F-AC68-E8D23433373A}D:\steam\steamapps\common\ark\shootergame\binaries\win64\shootergameserver.exe] => (Allow) D:\steam\steamapps\common\ark\shootergame\binaries\win64\shootergameserver.exe
FirewallRules: [TCP Query User{6F554FBB-F525-4D7F-AEFA-BCCDC9191EDD}D:\steam\steamapps\common\ark\shootergame\binaries\win64\shootergameserver.exe] => (Allow) D:\steam\steamapps\common\ark\shootergame\binaries\win64\shootergameserver.exe
FirewallRules: [UDP Query User{50F7B78C-88D3-476F-BB5D-F5FCC2448AD4}C:\users\xnitro67\desktop\fivem_server\fxserver.exe] => (Allow) C:\users\xnitro67\desktop\fivem_server\fxserver.exe
FirewallRules: [TCP Query User{6018F714-D555-4A60-A129-2B3D72CB1C00}C:\users\xnitro67\desktop\fivem_server\fxserver.exe] => (Allow) C:\users\xnitro67\desktop\fivem_server\fxserver.exe
FirewallRules: [{C8AE5D4E-233A-4478-9A6C-9026094B1BAD}] => (Allow) E:\SteamLibrary\SteamApps\common\Call of Duty Modern Warfare 2\iw4mp.exe
FirewallRules: [{95A10AA5-A8B2-4980-930D-62684160FF10}] => (Allow) E:\SteamLibrary\SteamApps\common\Call of Duty Modern Warfare 2\iw4mp.exe
FirewallRules: [UDP Query User{C95A55E9-473B-4480-9C29-61510EFA12D8}E:\goat simulator\binaries\win32\goatgame-win32-shipping.exe] => (Block) E:\goat simulator\binaries\win32\goatgame-win32-shipping.exe
FirewallRules: [TCP Query User{D351D9FB-BC58-4641-92EB-7C0F04D16E69}E:\goat simulator\binaries\win32\goatgame-win32-shipping.exe] => (Block) E:\goat simulator\binaries\win32\goatgame-win32-shipping.exe
FirewallRules: [{B20ED9B6-804D-4871-A2FA-E336069295E3}] => (Allow) C:\Program Files (x86)\GIGABYTE\AppCenter\gcupd.exe
FirewallRules: [{7FCEB4C5-4E01-4CD1-A62C-69B5C8282079}] => (Allow) C:\Program Files (x86)\GIGABYTE\AppCenter\ApCent.exe
FirewallRules: [{A8D13D4E-449A-46D4-A5DB-DBB8F5353744}] => (Allow) D:\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{F0EB0217-8A09-4287-877A-D6F74AE09DAC}] => (Allow) D:\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [UDP Query User{C98327A7-EE43-4955-9983-A48302EE10F9}C:\program files\combined community codec pack 64bit\mpc\mpc-hc64.exe] => (Allow) C:\program files\combined community codec pack 64bit\mpc\mpc-hc64.exe
FirewallRules: [TCP Query User{8A0D1458-3E24-4F6C-9111-877D6B7A95FC}C:\program files\combined community codec pack 64bit\mpc\mpc-hc64.exe] => (Allow) C:\program files\combined community codec pack 64bit\mpc\mpc-hc64.exe
FirewallRules: [UDP Query User{3A72FDE8-5F1A-4A66-B5F1-98489D547DB2}D:\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) D:\steam\steamapps\common\grand theft auto v\gta5.exe
FirewallRules: [TCP Query User{CA3308D7-14AB-4585-A3AE-EA391B41990D}D:\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) D:\steam\steamapps\common\grand theft auto v\gta5.exe
FirewallRules: [{695E947E-7858-4A07-ADAB-6D88E8C6253C}] => (Allow) D:\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{CC3156CA-EF47-418F-965C-2DC15F5983E5}] => (Allow) D:\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{E229FD90-F36F-48D5-85AA-99DC96F89AFF}] => (Allow) D:\Steam\Steam.exe
FirewallRules: [{65102B56-9EC9-4586-9B94-0C3C2720D45F}] => (Allow) D:\Steam\Steam.exe
FirewallRules: [UDP Query User{21D5A754-7F2A-4187-AE56-EC26BDA2BE46}C:\users\xnitro67\desktop\cfx-server\citizenmp.server.exe] => (Allow) C:\users\xnitro67\desktop\cfx-server\citizenmp.server.exe
FirewallRules: [TCP Query User{86BF111B-75F5-4024-A64F-3E87F424C6D9}C:\users\xnitro67\desktop\cfx-server\citizenmp.server.exe] => (Allow) C:\users\xnitro67\desktop\cfx-server\citizenmp.server.exe
FirewallRules: [UDP Query User{DF81130F-9735-447F-90FC-8DF3E09EF64F}C:\users\xnitro67\desktop\fivem\fivem.exe] => (Allow) C:\users\xnitro67\desktop\fivem\fivem.exe
FirewallRules: [TCP Query User{6FDDF93D-0AC6-4EA8-BC54-87EB90773DAE}C:\users\xnitro67\desktop\fivem\fivem.exe] => (Allow) C:\users\xnitro67\desktop\fivem\fivem.exe
FirewallRules: [UDP Query User{7E99FC01-FEFC-4E31-9CBE-09E47CAEC8C4}E:\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) E:\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [TCP Query User{1CAF7E3A-84D4-41D9-82CE-A4E4286ADB2D}E:\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) E:\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [{AE2E6C36-77C9-4456-A685-509076F5B3A1}] => (Allow) C:\Program Files (x86)\GIGABYTE\AppCenter\gcupd.exe
FirewallRules: [{5612D177-FD2D-4475-8A3E-DE033BC5C189}] => (Allow) C:\Program Files (x86)\GIGABYTE\AppCenter\ApCent.exe
FirewallRules: [{8AB32011-7DC7-4273-A71F-E2EAF4865A15}] => (Allow) E:\SteamLibrary\SteamApps\common\ManiaPlanet_TMLagoon\ManiaPlanetLauncher.exe
FirewallRules: [{BDD2C2C8-33A5-4EF4-A09B-93F4CFD9BCCC}] => (Allow) E:\SteamLibrary\SteamApps\common\ManiaPlanet_TMLagoon\ManiaPlanetLauncher.exe
FirewallRules: [UDP Query User{3C3A70A1-6DAE-4F12-AF04-D5A3876BEE72}C:\program files (x86)\trinusvr\tgserver.exe] => (Allow) C:\program files (x86)\trinusvr\tgserver.exe
FirewallRules: [TCP Query User{4AE77CD3-2A84-4AE3-925C-D072CD6B71F7}C:\program files (x86)\trinusvr\tgserver.exe] => (Allow) C:\program files (x86)\trinusvr\tgserver.exe
FirewallRules: [{D0DAC6EA-D816-4FE5-B545-A05D18C9C36B}] => (Allow) E:\SteamLibrary\SteamApps\common\BioShock Infinite\Binaries\Win32\BioShockInfinite.exe
FirewallRules: [{644E3234-DB12-4C93-9F08-AE824436D2FA}] => (Allow) E:\SteamLibrary\SteamApps\common\BioShock Infinite\Binaries\Win32\BioShockInfinite.exe
FirewallRules: [UDP Query User{CCC99D6D-AE0D-48F2-BAD5-82F1246AD8E6}E:\halo 2\halo2.exe] => (Allow) E:\halo 2\halo2.exe
FirewallRules: [TCP Query User{CDF10A94-68FC-4FBD-83C2-AB1EDF5AEC15}E:\halo 2\halo2.exe] => (Allow) E:\halo 2\halo2.exe
FirewallRules: [UDP Query User{3008134C-41A2-4A60-B8A6-4E2B726EDE66}E:\halo ce no install needed by xgamer24\halo\haloce.exe] => (Block) E:\halo ce no install needed by xgamer24\halo\haloce.exe
FirewallRules: [TCP Query User{D539DAC7-D2B2-4300-B4E6-DC528E4BBB27}E:\halo ce no install needed by xgamer24\halo\haloce.exe] => (Block) E:\halo ce no install needed by xgamer24\halo\haloce.exe
FirewallRules: [UDP Query User{722B1B24-03E1-4687-BD7E-33FC7E08821D}C:\program files (x86)\trinusvr\tgserver.exe] => (Allow) C:\program files (x86)\trinusvr\tgserver.exe
FirewallRules: [TCP Query User{A85FEC03-2FE3-4164-B424-4879B0ACAE6F}C:\program files (x86)\trinusvr\tgserver.exe] => (Allow) C:\program files (x86)\trinusvr\tgserver.exe
FirewallRules: [UDP Query User{02342879-9A68-4A0B-BD25-BF6501367ACE}C:\program files (x86)\riftcat\content\death simulator halloween\engine\binaries\win64\ue4game-win64-shipping.exe] => (Allow) C:\program files (x86)\riftcat\content\death simulator halloween\engine\binaries\win64\ue4game-win64-shipping.exe
FirewallRules: [TCP Query User{A66D2533-333F-456F-B35B-0F998AE1B63A}C:\program files (x86)\riftcat\content\death simulator halloween\engine\binaries\win64\ue4game-win64-shipping.exe] => (Allow) C:\program files (x86)\riftcat\content\death simulator halloween\engine\binaries\win64\ue4game-win64-shipping.exe
FirewallRules: [{1E5956EE-6DB9-4262-BEB2-712A37C90A96}] => (Allow) C:\Program Files (x86)\Riftcat\VRidge.exe
FirewallRules: [{03FD773B-0647-472D-81D7-65E46C4D57E6}] => (Allow) C:\Program Files (x86)\Riftcat\VRidge.exe
FirewallRules: [{D9BF2BDD-FE7F-43BE-A8C7-44EA6A75F0CA}] => (Allow) C:\Program Files (x86)\Riftcat\Riftcat.exe
FirewallRules: [{738AE8BC-3E5C-4207-BB6E-29B589B554B1}] => (Allow) C:\Program Files (x86)\Riftcat\Riftcat.exe
FirewallRules: [{44B2C5A9-A14E-4007-A48C-8DB03C0BC6A2}] => (Allow) E:\SteamLibrary\SteamApps\common\TrialsPC\datapack\trialsFMX.exe
FirewallRules: [{8A28D43B-FCA6-455D-A914-C4AFE6F83AC2}] => (Allow) E:\SteamLibrary\SteamApps\common\TrialsPC\datapack\trialsFMX.exe
FirewallRules: [UDP Query User{4A0E8B4F-6567-456B-8CDE-A64BFB554897}C:\program files\adobe\adobe after effects cc 2017\support files\afterfx.exe] => (Allow) C:\program files\adobe\adobe after effects cc 2017\support files\afterfx.exe
FirewallRules: [TCP Query User{EC3D633A-F969-49A2-95DC-09F28423485C}C:\program files\adobe\adobe after effects cc 2017\support files\afterfx.exe] => (Allow) C:\program files\adobe\adobe after effects cc 2017\support files\afterfx.exe
FirewallRules: [{DFDECB8E-9444-4D98-BC22-976A032DCC4C}] => (Allow) C:\Program Files (x86)\GIGABYTE\AppCenter\gcupd.exe
FirewallRules: [{600F61F4-9240-4681-86F1-0DE6D53C2261}] => (Allow) C:\Program Files (x86)\GIGABYTE\AppCenter\ApCent.exe
FirewallRules: [{9592A11F-614D-49E9-9510-DAB9DAEA700D}] => (Allow) E:\SteamLibrary\SteamApps\common\Borderlands 2\Binaries\Win32\Launcher.exe
FirewallRules: [{68A5A632-FCB6-4465-BDB4-311565F9C387}] => (Allow) E:\SteamLibrary\SteamApps\common\Borderlands 2\Binaries\Win32\Launcher.exe
FirewallRules: [{1D9D544A-7CF0-403F-A881-11C5B7D05379}] => (Allow) E:\SteamLibrary\SteamApps\common\H1Z1\LaunchPad.exe
FirewallRules: [{FB263700-2EAF-44C9-9B17-6049AF0B50BA}] => (Allow) E:\SteamLibrary\SteamApps\common\H1Z1\LaunchPad.exe
FirewallRules: [{9D7FFE78-D30A-4A2D-BD85-F2A36C4495B5}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{E30A6084-DACB-4DC9-9F6F-CC0FDFA8F143}] => (Allow) C:\Program Files (x86)\Tunngle\Tunngle.exe
FirewallRules: [{571755E4-A0E8-4C2E-A772-BCBD4942C6B8}] => (Allow) C:\Program Files (x86)\Tunngle\Tunngle.exe
FirewallRules: [{4EBBED1F-1549-4009-8378-19CE8BADD88B}] => (Allow) C:\Program Files (x86)\Tunngle\Tunngle.exe
FirewallRules: [{AA299D74-3C4F-44E1-93C8-A38B593FE370}] => (Allow) C:\Program Files (x86)\Tunngle\Tunngle.exe
FirewallRules: [{6680FA63-E0AF-4F42-80D8-2855F64927CB}] => (Allow) C:\Program Files (x86)\Tunngle\TnglCtrl.exe
FirewallRules: [{58C23F60-C2D0-4682-AFB6-36DA5137D682}] => (Allow) C:\Program Files (x86)\Tunngle\TnglCtrl.exe
FirewallRules: [{5F94841F-5266-45EA-8D4C-43438CD44189}] => (Allow) C:\Program Files (x86)\Tunngle\TnglCtrl.exe
FirewallRules: [{3706717B-3B86-49D5-9CE2-94A5AD9FAC2D}] => (Allow) C:\Program Files (x86)\Tunngle\TnglCtrl.exe
FirewallRules: [{EACB74D9-63FA-473B-B8AC-771618DE3F3E}] => (Block) C:\users\xnitro67\desktop\hfs.exe
FirewallRules: [{914E98B1-2C60-45E7-9C83-3EF1D42FEDFB}] => (Block) C:\users\xnitro67\desktop\hfs.exe
FirewallRules: [UDP Query User{3ACEDDC8-CD58-42E9-A6AC-DC3177AAD57A}C:\users\xnitro67\desktop\hfs.exe] => (Allow) C:\users\xnitro67\desktop\hfs.exe
FirewallRules: [TCP Query User{1C544685-CFF0-402E-A281-54866CEF8F58}C:\users\xnitro67\desktop\hfs.exe] => (Allow) C:\users\xnitro67\desktop\hfs.exe
FirewallRules: [{9F9DCD88-A8AA-4518-B390-86244E172013}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [UDP Query User{7AC4D58B-4C9D-4ED3-9BD3-C38C75CB6334}E:\blur nosteam\blur.exe] => (Allow) E:\blur nosteam\blur.exe
FirewallRules: [TCP Query User{207D4F07-BA96-4170-A289-DD56717D9A1E}E:\blur nosteam\blur.exe] => (Allow) E:\blur nosteam\blur.exe
FirewallRules: [UDP Query User{2BB06F6B-6E4C-40AF-A93D-20910995B112}E:\ghiii\gh3.exe] => (Allow) E:\ghiii\gh3.exe
FirewallRules: [TCP Query User{65311391-34AD-4661-BF54-C61DD4DDFC64}E:\ghiii\gh3.exe] => (Allow) E:\ghiii\gh3.exe
FirewallRules: [UDP Query User{D6233BC3-0A0C-42FE-BBBB-0593971569B3}D:\blizzard\overwatch\overwatch.exe] => (Allow) D:\blizzard\overwatch\overwatch.exe
FirewallRules: [TCP Query User{98A0E88B-4363-4E09-9083-49551A0EEE38}D:\blizzard\overwatch\overwatch.exe] => (Allow) D:\blizzard\overwatch\overwatch.exe
FirewallRules: [UDP Query User{EADA52BB-E65D-4630-8382-A08EE509B0E7}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe
FirewallRules: [TCP Query User{E35C91FB-9DA6-431D-A29C-94B50C83849F}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe
FirewallRules: [{DEFF7623-D01C-418F-96D9-45FEC6A5C33E}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{96D47C23-8073-4DB8-8479-1658D8552F10}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{A05A46BA-78AF-419C-A90C-571A4683A197}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{3D02D09A-2BD1-4DEC-AC31-47E8278A3F42}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{7B495DB8-BF00-4E8B-96EB-6EC958F836C6}] => (Allow) E:\SteamLibrary\SteamApps\common\Call of Duty Black Ops II\t6mp.exe
FirewallRules: [{DC4F2676-8B78-48C7-A1E4-1021363211E8}] => (Allow) E:\SteamLibrary\SteamApps\common\Call of Duty Black Ops II\t6mp.exe
FirewallRules: [{5542D09B-3745-419E-BCD0-B0A7126885FB}] => (Allow) E:\SteamLibrary\SteamApps\common\Call of Duty Black Ops\BlackOps.exe
FirewallRules: [{59D99D06-9556-42BC-8B2B-5F4C13003D6E}] => (Allow) E:\SteamLibrary\SteamApps\common\Call of Duty Black Ops\BlackOps.exe
FirewallRules: [{952AD686-24E2-4F06-A60E-DA6D8199958C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{2827693D-B5C2-401B-8ED1-471BAB1B47A1}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{32267747-DE4A-444C-B3FE-0EA0FE58A1EC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{D375D64E-23B2-4E22-AEBD-6527BBA7479A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{F9C14A8E-1A62-40E9-AFF5-8579A2F4A7C2}] => (Allow) E:\SteamLibrary\SteamApps\common\Super Meat Boy\SuperMeatBoy.exe
FirewallRules: [{E1F453A4-D738-413E-A46B-0C06AD268225}] => (Allow) E:\SteamLibrary\SteamApps\common\Super Meat Boy\SuperMeatBoy.exe
FirewallRules: [{3F23178D-D88C-478B-8B01-17386A590214}] => (Allow) C:\Program Files (x86)\GIGABYTE\AppCenter\gcupd.exe
FirewallRules: [{179351D9-FAD6-4128-81EE-4E5988339689}] => (Allow) C:\Program Files (x86)\GIGABYTE\AppCenter\ApCent.exe
FirewallRules: [{5ED0F9F6-79D9-4C56-9361-EE9E12C35391}] => (Allow) E:\SteamLibrary\SteamApps\common\BioShock 2 Remastered\Build\Final\Bioshock2HD.exe
FirewallRules: [{58E3688B-2620-4EB3-B524-062027D3C30F}] => (Allow) E:\SteamLibrary\SteamApps\common\BioShock 2 Remastered\Build\Final\Bioshock2HD.exe
FirewallRules: [{F5856300-B082-4669-BF70-551F62243C9E}] => (Allow) E:\SteamLibrary\SteamApps\common\BioShock Remastered\Build\Final\BioshockHD.exe
FirewallRules: [{1AC6C1CF-1EDC-476F-9CB5-1375BD168ED0}] => (Allow) E:\SteamLibrary\SteamApps\common\BioShock Remastered\Build\Final\BioshockHD.exe
FirewallRules: [UDP Query User{8025570D-57AD-4E4C-9F3B-4C04A33C38BA}E:\steamlibrary\steamapps\common\portal 2\portal2.exe] => (Allow) E:\steamlibrary\steamapps\common\portal 2\portal2.exe
FirewallRules: [TCP Query User{8F75DD29-778D-4E0E-B6A9-D0E3FB6A6BA9}E:\steamlibrary\steamapps\common\portal 2\portal2.exe] => (Allow) E:\steamlibrary\steamapps\common\portal 2\portal2.exe
FirewallRules: [UDP Query User{F2A39366-108A-48D3-AA11-B08445F46F64}E:\steamlibrary\steamapps\common\call of duty black ops ii\t6zm.exe] => (Allow) E:\steamlibrary\steamapps\common\call of duty black ops ii\t6zm.exe
FirewallRules: [TCP Query User{B282BBDD-EEFA-4938-B333-8DF2D00DCBD2}E:\steamlibrary\steamapps\common\call of duty black ops ii\t6zm.exe] => (Allow) E:\steamlibrary\steamapps\common\call of duty black ops ii\t6zm.exe
FirewallRules: [{314730DD-5380-4E49-AB56-1D8307F8C54F}] => (Allow) E:\SteamLibrary\SteamApps\common\Pinball FX2\Pinball FX2.exe
FirewallRules: [{AF491FC4-647C-41E5-AAC3-E3619CDD2B75}] => (Allow) E:\SteamLibrary\SteamApps\common\Pinball FX2\Pinball FX2.exe
FirewallRules: [UDP Query User{47DB28A5-0897-4825-B0E4-6E9ED3A4A3EF}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe
FirewallRules: [TCP Query User{6AEF1079-E7A8-416E-BB49-6A84F8AA7610}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe
FirewallRules: [UDP Query User{CC16E088-3FCA-4504-BBF2-673570E6D2AB}E:\steamlibrary\steamapps\common\geometry wars 3 - dimensions\gw3.exe] => (Allow) E:\steamlibrary\steamapps\common\geometry wars 3 - dimensions\gw3.exe
FirewallRules: [TCP Query User{58B89591-2B4B-4E59-8534-5C2E70008E52}E:\steamlibrary\steamapps\common\geometry wars 3 - dimensions\gw3.exe] => (Allow) E:\steamlibrary\steamapps\common\geometry wars 3 - dimensions\gw3.exe
FirewallRules: [{87D7FAEC-E13D-42C8-9939-31BFCE7DB697}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{EE499C7B-70F3-436F-B343-447A0BA7828A}] => (Allow) C:\Users\Xnitro67\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{1BCBC825-5F39-4D36-A32D-805D182A481F}] => (Allow) C:\Users\Xnitro67\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{D21D16A3-1B45-44E6-AEBC-CF1E3FA931AA}] => (Allow) C:\Users\Xnitro67\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{D5F3E93B-2FA3-43AE-A02F-0D236386B549}] => (Allow) C:\Users\Xnitro67\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{D57BA675-5828-4D95-9666-BB1505E14F9A}] => (Allow) C:\Users\Xnitro67\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{DB4DC002-B579-42BD-A79A-8BACD4794C34}] => (Allow) C:\Users\Xnitro67\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{1D824965-27A6-4A81-9321-5CD3ADB48BE9}] => (Allow) E:\SteamLibrary\SteamApps\common\FaceRig\Bin\FaceRig.exe
FirewallRules: [{DFF44EA7-7C55-4DAA-8444-DD945999C155}] => (Allow) E:\SteamLibrary\SteamApps\common\FaceRig\Bin\FaceRig.exe
FirewallRules: [{A14E749B-2479-4474-9C7F-03AC6E4A60CA}] => (Allow) E:\SteamLibrary\SteamApps\common\FaceRig\Bin\Launcher.exe
FirewallRules: [{95CC98C1-7C07-47AA-8579-795648297D88}] => (Allow) E:\SteamLibrary\SteamApps\common\FaceRig\Bin\Launcher.exe
FirewallRules: [UDP Query User{10204574-9E47-421B-88D5-A760AEB3EFED}E:\ghiii\gh3.exe] => (Allow) E:\ghiii\gh3.exe
FirewallRules: [TCP Query User{EC966A8E-48F9-4451-9238-5CB94035329B}E:\ghiii\gh3.exe] => (Allow) E:\ghiii\gh3.exe
FirewallRules: [{FDC0C728-3FC5-4728-9322-F548746AA9EE}] => (Allow) C:\Program Files (x86)\GIGABYTE\AppCenter\gcupd.exe
FirewallRules: [{25937A9E-8A0E-46C4-A559-BCFFACDF76BC}] => (Allow) C:\Program Files (x86)\GIGABYTE\AppCenter\ApCent.exe
FirewallRules: [{7B06D93C-8693-4C4E-A192-759959EA2234}] => (Allow) E:\SteamLibrary\SteamApps\common\Rocksmith2014\Rocksmith2014.exe
FirewallRules: [{B9DD76B5-29C2-4871-BC1F-E25FC922CECC}] => (Allow) E:\SteamLibrary\SteamApps\common\Rocksmith2014\Rocksmith2014.exe
FirewallRules: [UDP Query User{C8CB9DD3-4CF7-4378-8AC6-4019AB3A7290}E:\steamlibrary\steamapps\common\call of duty black ops\blackopsmp.exe] => (Allow) E:\steamlibrary\steamapps\common\call of duty black ops\blackopsmp.exe
FirewallRules: [TCP Query User{87F85208-3EDA-4518-AD5B-56BBE9A41A61}E:\steamlibrary\steamapps\common\call of duty black ops\blackopsmp.exe] => (Allow) E:\steamlibrary\steamapps\common\call of duty black ops\blackopsmp.exe
FirewallRules: [UDP Query User{98266205-117C-472D-9E87-2E384ACE7429}E:\steamlibrary\steamapps\common\alien isolation\ai.exe] => (Allow) E:\steamlibrary\steamapps\common\alien isolation\ai.exe
FirewallRules: [TCP Query User{665E70F8-C14D-488D-98C7-69E0BAE08ECD}E:\steamlibrary\steamapps\common\alien isolation\ai.exe] => (Allow) E:\steamlibrary\steamapps\common\alien isolation\ai.exe
FirewallRules: [UDP Query User{3BE35D2B-264F-4273-BF47-57BFDEB13BBE}D:\halo\eldewrito_0.5.1.1_release\eldorado.exe] => (Allow) D:\halo\eldewrito_0.5.1.1_release\eldorado.exe
FirewallRules: [TCP Query User{24D3208F-914C-46D0-A671-AF3C970DD0F3}D:\halo\eldewrito_0.5.1.1_release\eldorado.exe] => (Allow) D:\halo\eldewrito_0.5.1.1_release\eldorado.exe
FirewallRules: [{2AD7A576-115C-4A46-8C60-E3E58900AF9E}] => (Allow) E:\SteamLibrary\SteamApps\common\Batman Arkham Knight\Binaries\Win64\BatmanAK.exe
FirewallRules: [{C6A0F3BB-F4A2-4E3A-B7DE-7F3FE3761973}] => (Allow) E:\SteamLibrary\SteamApps\common\Batman Arkham Knight\Binaries\Win64\BatmanAK.exe
FirewallRules: [{D7762AC1-3BFD-4CD4-A181-3E7BB13E8C1A}] => (Allow) C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe
FirewallRules: [{62F3F3B4-EBA2-4348-B5A2-C2B0C48CCA6D}] => (Allow) C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe
FirewallRules: [UDP Query User{4FFFFC6B-7D4A-470D-ADF1-0E35B57276C9}D:\blizzard\overwatch\overwatch.exe] => (Allow) D:\blizzard\overwatch\overwatch.exe
FirewallRules: [TCP Query User{DB5EA701-9904-48FD-A0BD-D1CC24F1AD03}D:\blizzard\overwatch\overwatch.exe] => (Allow) D:\blizzard\overwatch\overwatch.exe
FirewallRules: [UDP Query User{B04517BC-1C82-4F81-BFE4-FF9AB9BE83F8}E:\steamlibrary\steamapps\common\dying light\dyinglightgame.exe] => (Allow) E:\steamlibrary\steamapps\common\dying light\dyinglightgame.exe
FirewallRules: [TCP Query User{6DCB557B-0DC5-4E32-A08C-6C2EFEA24A93}E:\steamlibrary\steamapps\common\dying light\dyinglightgame.exe] => (Allow) E:\steamlibrary\steamapps\common\dying light\dyinglightgame.exe
FirewallRules: [{D8207856-5A38-4D22-8B00-C76F2F0034A6}] => (Allow) E:\SteamLibrary\SteamApps\common\EasyAntiCheat\EasyAntiCheat.exe
FirewallRules: [{45785FF7-9996-43CE-A641-4319E6C43C5A}] => (Allow) E:\SteamLibrary\SteamApps\common\EasyAntiCheat\EasyAntiCheat.exe
FirewallRules: [{AF6E0A11-E910-4684-AFD8-A5D57DD7F2E5}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{E3478829-2D71-4AD7-B566-CC64EECB722C}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{3F432714-88DC-4A8E-A75E-2EB5FA365C37}] => (Allow) D:\Steam\steamapps\common\Call of Duty World at War\CoDWaW.exe
FirewallRules: [{F4889209-4B81-41AE-B4B8-EB958A5762D6}] => (Allow) D:\Steam\steamapps\common\Call of Duty World at War\CoDWaW.exe
FirewallRules: [{C8EA0387-537B-4FAB-9740-4DBE2FC13CA9}] => (Allow) D:\Steam\steamapps\common\Call of Duty World at War\CoDWaWmp.exe
FirewallRules: [{1494D3C8-5290-4356-8F04-FDEE0529E801}] => (Allow) D:\Steam\steamapps\common\Call of Duty World at War\CoDWaWmp.exe
FirewallRules: [{89283F05-1531-48C1-9406-3BDBEC6407E3}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{DC08E62C-6BB4-4EB1-A4B3-44EBD294D29B}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{F0A823E7-6496-49C4-A765-3938EC511929}] => (Allow) C:\Program Files (x86)\GIGABYTE\AppCenter\ApCent.exe
FirewallRules: [{B9B2CE04-5771-4CB9-89AB-FD2F95E2773B}] => (Allow) C:\Program Files (x86)\GIGABYTE\AppCenter\gcupd.exe
FirewallRules: [{323BEDB1-9C4E-48C9-95C3-089513333776}] => (Allow) E:\SteamLibrary\SteamApps\common\Fishing Planet\FishingPlanet.exe
FirewallRules: [{C9F44C0D-2C63-40BF-B99F-89F1E342B4A0}] => (Allow) E:\SteamLibrary\SteamApps\common\Fishing Planet\FishingPlanet.exe
FirewallRules: [{CC24A0B0-BD17-40A5-B162-66F764F0FCE6}] => (Allow) D:\Steam\steamapps\common\SteamVR\bin\win32\vrstartup.exe
FirewallRules: [{9BC861E7-5DA2-4C86-B23F-112FE870EB19}] => (Allow) D:\Steam\steamapps\common\SteamVR\bin\win32\vrstartup.exe
FirewallRules: [{3FCD2220-294E-4807-95B6-A1CC591BBB8E}] => (Allow) D:\Steam\steamapps\common\SteamVR\tools\steamvr_environments\game\bin\win64\steamtours.exe
FirewallRules: [{ADDDAEE0-F2FB-4A04-854A-18924B40573B}] => (Allow) D:\Steam\steamapps\common\SteamVR\tools\steamvr_environments\game\bin\win64\steamtours.exe
FirewallRules: [{C82F99CD-00A5-4E80-B8DE-4E587BA94E96}] => (Allow) D:\Steam\steamapps\common\SteamVR\tools\steamvr_environments\game\bin\win64\steamtourscfg.exe
FirewallRules: [{BB89BA6C-5407-49BE-8C75-803D02847981}] => (Allow) D:\Steam\steamapps\common\SteamVR\tools\steamvr_environments\game\bin\win64\steamtourscfg.exe
FirewallRules: [{8A0BC53A-818A-4D2C-A3BB-AE75452DD6AE}] => (Allow) C:\Program Files (x86)\GIGABYTE\AppCenter\ApCent.exe
FirewallRules: [{913DEF26-C0BA-44DD-A13B-3C5CFA5E0787}] => (Allow) C:\Program Files (x86)\GIGABYTE\AppCenter\gcupd.exe
FirewallRules: [{5970ECC9-B21C-4A82-80B1-17E00EDEBE7A}] => (Allow) C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe
FirewallRules: [{B32E38F2-6475-4B10-B9E9-D57CEE3F1C31}] => (Allow) C:\Program Files (x86)\Plex\Plex Media Server\PlexScriptHost.exe
FirewallRules: [{C38FD183-76A2-4829-ABE9-4C371501D676}] => (Allow) C:\Program Files (x86)\Plex\Plex Media Server\Plex DLNA Server.exe
FirewallRules: [{588B5ED2-E76B-4A82-B834-4696ADBF1BB4}] => (Allow) C:\Program Files (x86)\Plex\Plex Media Server\Plex Tuner Service.exe
FirewallRules: [{2EDF5098-54EC-4527-AB45-1937B25752AE}] => (Allow) D:\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [{5A46BD02-C418-4C8C-9C6F-0725D540CA6C}] => (Allow) D:\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [{F6CF5736-F809-49F7-8F1C-7ADE76F5B51E}] => (Allow) C:\Users\Xnitro67\Downloads\Programs\Windows_Password_Recovery_Tool_Ult_Trial.exe
FirewallRules: [{DEAFF8DC-79F1-48E8-AC56-9981A8FA2988}] => (Allow) C:\Users\Xnitro67\Downloads\Programs\Windows_Password_Recovery_Tool_Ult_Trial.exe
FirewallRules: [{DF89328B-FAF7-423F-92F8-16B46AD50F1F}] => (Allow) E:\SteamLibrary\SteamApps\common\Dying Light\DevTools\DyingLightPlayer.exe
FirewallRules: [{36E457CD-6776-45B4-948F-64527FB144EA}] => (Allow) E:\SteamLibrary\SteamApps\common\Dying Light\DevTools\DyingLightPlayer.exe
FirewallRules: [{E8D3FB0F-6EC1-41DA-AB5E-DDDC5C961E68}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{9A14B780-97E9-458F-8B40-388278055877}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{84950687-D0A7-434B-9468-1D8EB1EC18BB}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{59B2D3BE-6B8B-494F-A133-28200B6634C7}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{9D0B49E8-F52D-4FF1-95FF-20B7253CF314}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [TCP Query User{54DE3DA6-D6E3-4457-AB23-A8E26AE3801E}D:\steam\steamapps\common\rocketleague\binaries\win32\rocketleague.exe] => (Allow) D:\steam\steamapps\common\rocketleague\binaries\win32\rocketleague.exe
FirewallRules: [UDP Query User{8B10B92E-0767-453E-8721-864AD8157C46}D:\steam\steamapps\common\rocketleague\binaries\win32\rocketleague.exe] => (Allow) D:\steam\steamapps\common\rocketleague\binaries\win32\rocketleague.exe
FirewallRules: [TCP Query User{E8A4FFA2-72C8-463C-89F2-EAC8C25244AC}C:\program files\combined community codec pack 64bit\mpc\mpc-hc64.exe] => (Allow) C:\program files\combined community codec pack 64bit\mpc\mpc-hc64.exe
FirewallRules: [UDP Query User{744F6CBF-16FE-4697-BE32-75C0BA2580C4}C:\program files\combined community codec pack 64bit\mpc\mpc-hc64.exe] => (Allow) C:\program files\combined community codec pack 64bit\mpc\mpc-hc64.exe
FirewallRules: [TCP Query User{68877224-EA2E-42C9-A75B-28DE7FDAD400}E:\call of duty 2\call of duty 2\cod2mp_s.exe] => (Allow) E:\call of duty 2\call of duty 2\cod2mp_s.exe
FirewallRules: [UDP Query User{94FE19AF-A23D-4294-9B4F-EFAFCD4F8243}E:\call of duty 2\call of duty 2\cod2mp_s.exe] => (Allow) E:\call of duty 2\call of duty 2\cod2mp_s.exe
FirewallRules: [{8F6E87AF-7934-4DBF-B9C0-8368BF00418C}] => (Allow) C:\Program Files (x86)\Google\Chrome Remote Desktop\63.0.3239.17\remoting_host.exe
FirewallRules: [TCP Query User{71B5E9EF-88CE-48E4-9693-59DB86FD95FA}C:\users\xnitro67\appdata\local\temp\3582-490\plex dlna server.exe] => (Allow) C:\users\xnitro67\appdata\local\temp\3582-490\plex dlna server.exe
FirewallRules: [UDP Query User{B8AA3D3A-ED94-4E9E-B516-10C9CE763BB8}C:\users\xnitro67\appdata\local\temp\3582-490\plex dlna server.exe] => (Allow) C:\users\xnitro67\appdata\local\temp\3582-490\plex dlna server.exe
FirewallRules: [{60B725AB-0C1A-498B-BA38-BD6194B9F7BF}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\TriDef\TriDef\TriDefMediaPlayer\TriDefMediaPlayer.exe] => Enabled:TriDef 3D Media Player
 
==================== Restore Points =========================
 
17-10-2017 19:57:37 Windows Update
23-10-2017 14:35:13 Installed Corsair Utility Engine
31-10-2017 19:38:16 Scheduled Checkpoint
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (11/01/2017 07:31:08 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: bootoptimizer.exe, version: 22.0.10.127, time stamp: 0x5995567c
Faulting module name: sciter.dll, version: 4.0.0.7, time stamp: 0x59146bc0
Exception code: 0xc0000005
Fault offset: 0x000000000018da1b
Faulting process id: 0x22bc
Faulting application start time: 0x01d353696d45dc6c
Faulting application path: C:\Program Files\Bitdefender\Bitdefender Device Management\bootoptimizer.exe
Faulting module path: C:\Program Files\Bitdefender\Bitdefender Device Management\sciter.dll
Report Id: 26df0f4d-99fa-4db6-82c5-3df782ec7deb
Faulting package full name: 
Faulting package-relative application ID:
 
Error: (11/01/2017 07:27:23 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: seccenter.exe, version: 21.0.25.92, time stamp: 0x5926cdd0
Faulting module name: intermsec.dll_unloaded, version: 21.0.25.92, time stamp: 0x5926cd0a
Exception code: 0xc0000005
Fault offset: 0x00000000000015e5
Faulting process id: 0x290
Faulting application start time: 0x01d35368f73d83fc
Faulting application path: C:\Program Files\Bitdefender\Bitdefender 2017\seccenter.exe
Faulting module path: intermsec.dll
Report Id: fd0ed14f-aea5-4f07-98a6-3c1c858cbcd9
Faulting package full name: 
Faulting package-relative application ID:
 
Error: (11/01/2017 07:27:09 PM) (Source: SecurityCenter) (EventID: 16) (User: )
Description: Error while updating  status to SECURITY_PRODUCT_STATE_ON.
 
Error: (11/01/2017 07:27:09 PM) (Source: SecurityCenter) (EventID: 16) (User: )
Description: Error while updating  status to SECURITY_PRODUCT_STATE_ON.
 
Error: (11/01/2017 07:27:09 PM) (Source: SecurityCenter) (EventID: 16) (User: )
Description: Error while updating  status to SECURITY_PRODUCT_STATE_OFF.
 
Error: (11/01/2017 06:57:11 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "C:\Users\Xnitro67\AppData\Local\Temp\3582-490\chrome.exe".
Dependent Assembly 61.0.3163.100,language="&#x2a;",type="win32",version="61.0.3163.100" could not be found.
Please use sxstrace.exe for detailed diagnosis.
 
Error: (11/01/2017 06:56:52 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "C:\Users\Xnitro67\AppData\Local\Temp\3582-490\chrome.exe".
Dependent Assembly 61.0.3163.100,language="&#x2a;",type="win32",version="61.0.3163.100" could not be found.
Please use sxstrace.exe for detailed diagnosis.
 
Error: (11/01/2017 06:47:32 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "C:\Users\Xnitro67\AppData\Local\Temp\3582-490\chrome.exe".
Dependent Assembly 61.0.3163.100,language="&#x2a;",type="win32",version="61.0.3163.100" could not be found.
Please use sxstrace.exe for detailed diagnosis.
 
Error: (11/01/2017 06:47:00 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "C:\Users\Xnitro67\AppData\Local\Temp\3582-490\chrome.exe".
Dependent Assembly 61.0.3163.100,language="&#x2a;",type="win32",version="61.0.3163.100" could not be found.
Please use sxstrace.exe for detailed diagnosis.
 
Error: (11/01/2017 06:45:55 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program IDMan.exe version 6.28.12.2 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.
 
Process ID: 1a90
 
Start Time: 01d35362efe650c4
 
Termination Time: 3
 
Application Path: C:\Users\Xnitro67\AppData\Local\Temp\3582-490\IDMan.exe
 
Report Id: 5d995d24-8719-44f1-b140-d44754e67831
 
Faulting package full name: 
 
Faulting package-relative application ID:
 
 
System errors:
=============
Error: (11/01/2017 08:51:47 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 and APPID 
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
 
Error: (11/01/2017 08:51:47 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 and APPID 
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
 
Error: (11/01/2017 08:51:22 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The CldFlt service failed to start due to the following error: 
The request is not supported.
 
Error: (11/01/2017 08:50:54 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the VSSERV service.
 
Error: (11/01/2017 08:49:01 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 and APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
 
Error: (11/01/2017 07:25:37 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Google Update Service (gupdate) service failed to start due to the following error: 
The service did not respond to the start or control request in a timely fashion.
 
Error: (11/01/2017 07:25:37 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Google Update Service (gupdate) service to connect.
 
Error: (11/01/2017 07:23:37 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Origin Web Helper Service service failed to start due to the following error: 
The service did not respond to the start or control request in a timely fashion.
 
Error: (11/01/2017 07:23:37 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Origin Web Helper Service service to connect.
 
Error: (11/01/2017 07:23:37 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the SkypeUpdate service to connect.
 
 
CodeIntegrity:
===================================
  Date: 2017-11-01 20:51:24.054
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Bitdefender\Bitdefender 2017\vsservp.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bitdefender\Bitdefender 2017\dbghelp.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2017-11-01 19:26:50.617
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Bitdefender\Bitdefender 2017\vsservp.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bitdefender\Bitdefender 2017\dbghelp.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2017-11-01 18:58:39.435
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.
 
  Date: 2017-11-01 18:58:39.272
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.
 
  Date: 2017-11-01 17:37:30.956
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2017-11-01 03:23:31.966
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Red Giant Link\tools\update_installer\USERENV.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2017-10-31 04:55:21.478
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Red Giant Link\tools\update_installer\USERENV.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2017-10-30 04:19:34.777
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Red Giant Link\tools\update_installer\USERENV.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2017-10-29 04:56:30.399
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Red Giant Link\tools\update_installer\USERENV.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2017-10-28 04:55:23.802
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Red Giant Link\tools\update_installer\USERENV.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
 
==================== Memory info =========================== 
 
Processor: Intel® Core™ i7-6700K CPU @ 4.00GHz
Percentage of memory in use: 36%
Total physical RAM: 16317.81 MB
Available physical RAM: 10348.64 MB
Total Virtual: 18749.81 MB
Available Virtual: 12303.29 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:231.5 GB) (Free:60.31 GB) NTFS
Drive d: (PNY SSD) (Fixed) (Total:447.13 GB) (Free:71.63 GB) NTFS
Drive e: (HDD) (Fixed) (Total:931.51 GB) (Free:198.55 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive f: (HDD 2) (Fixed) (Total:931.51 GB) (Free:101.46 GB) NTFS ==>[system with boot components (obtained from drive)]
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 232.9 GB) (Disk ID: 2763A274)
Partition 1: (Active) - (Size=500 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=231.5 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=912 MB) - (Type=27)
 
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 447.1 GB) (Disk ID: 41DC4DEF)
Partition 1: (Not Active) - (Size=447.1 GB) - (Type=07 NTFS)
 
========================================================
Disk: 2 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: B1479FE6)
Partition 1: (Active) - (Size=931.5 GB) - (Type=07 NTFS)
 
========================================================
Disk: 3 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: F5465541)
Partition 1: (Active) - (Size=931.5 GB) - (Type=07 NTFS)
 
==================== End of Addition.txt ============================

 



#4 Xnitro67

Xnitro67
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:11:50 PM

Posted 01 November 2017 - 10:01 PM

Right now im able to open programs but some will just not open and the svchost.com file comes back and the reg file gets changed



#5 JSntgRvr

JSntgRvr

    Master Surgeon General


  • Malware Response Team
  • 11,198 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto Rico
  • Local time:12:50 AM

Posted 02 November 2017 - 01:20 PM

  • Highlight the entire content of the quote box below.

Start
Folder: C:\Windows\System32\Drivers
Reg: Reg query "HKEY_LOCAL_MACHINE\SYSTEM\Select"
Reg: Reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services" /s /v Start
Reg: Reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\PendingFileRenameOperations"
HOSTS:
Removeproxy:
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: ipconfig /flushdns
CMD: netsh winsock reset catalog
CMD: netsh int ip reset C:\resettcpip.txt
CMD: FOR /F "usebackq delims==" %i IN (`wevtutil el`) DO wevtutil cl "%i"
CMD: Bitsadmin /Reset /Allusers
EMPTYTEMP:
Reboot:
End::

  • Right click on the highlighted text and select Copy.
  • Start FRST (FRST64) with Administrator privileges
  • Press the Fix button. FRST will process the lines copied above from the clipboard.
  • When finished, a log file (Fixlog.txt) will pop up and saved in the same location the tool was ran from.

Please copy and paste its contents in your next reply.
 


No request for help throughout private messaging will be attended.

If I have helped you, consider making a donation to help me continue the fight against Malware!
btn_donate_SM.gif


#6 Xnitro67

Xnitro67
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:11:50 PM

Posted 02 November 2017 - 02:30 PM

i have moments where i cant wait sorry i reinstalled windows but where the heck was this virus looks from what you were looking like it was in my services. also should i worry about files on other hard drives?


Edited by Xnitro67, 02 November 2017 - 02:31 PM.


#7 JSntgRvr

JSntgRvr

    Master Surgeon General


  • Malware Response Team
  • 11,198 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto Rico
  • Local time:12:50 AM

Posted 02 November 2017 - 05:02 PM

In most occasions, rootkits lay hidden as a service.

 

Thanks for the feedback. I will have this topic closed.


No request for help throughout private messaging will be attended.

If I have helped you, consider making a donation to help me continue the fight against Malware!
btn_donate_SM.gif





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users