Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

99% Sure I'm infected with a rootkit of some sort


  • Please log in to reply
2 replies to this topic

#1 camaraderie

camaraderie

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:11:45 PM

Posted 28 March 2018 - 10:25 PM

Windows 10 Pro, i5 7600K, 16GB RAM, 250GB SSD C: drive, 2 x 1TB WD drives (G: and T:), 1 x 3TB Seagate Drive (X:)

 

So my PC started acting weird the other day, running lots of background processes. Before this started, I had Malwarebytes (free) and Bitdefender (free) but I was upgrading to the premium 2018 bitdefender version and I needed to turn off protection while I did. All the sudden, I was getting weird permission and registry errors and now the presumed rootkit has taken over so much of my PC that I can't properly:

1. Start into safe mode at all (no option)

2. Can't boot into BIOs with regular settings, I'm not given options, just 'boot'

3. Can't turn kill Malwarebytes or Bitdefender, so they've gone rogue.

4. I can't start Windows Defender as that also seems to have been compromised

5. I was fishing through my Teamviewer logs and discovered I've probably had the virus or some virus for at least a year as I've basically been remoted into for the past year despite having remote disabled and AV software running.

 

I had just recently deleted almost all of my File History backups as well besides the past month-- and I don't trust those recent ones at all. From what I can tell, it seems limited to affecting my C drive.

 

I have no idea what to do so if anyone can help me, I'd be glad to try anything. Otherwise I'll just wipe it all and start again. I have done some preliminary security checks based on what I've seen posted on other posts so I will attach those. They look somewhat limited though in what they can tell me because of the chaos inside this PC.

 

----------------------------------------

 

Thanks.

 

Checkup.txt

 Results of screen317's Security Check version 1.014 --- 12/23/15 
   x64 (UAC is enabled) 
 Internet Explorer 11 
``````````````Antivirus/Firewall Check:``````````````
 Windows Firewall Enabled! 
Windows Defender                    
Malwarebytes                        
Bitdefender Antivirus Free Edition  
 Antivirus up to date!  
`````````Anti-malware/Other Utilities Check:`````````
 Java 8 Update 161 
 Java™ SE Development Kit 6 Update 45
 Visual Studio Extensions for Windows Library for JavaScript
 Java version 32-bit out of Date!
 Google Chrome (65.0.3325.181)
 Google Chrome (SetupMetrics...)
````````Process Check: objlist.exe by Laurent```````` 
 Malwarebytes Anti-Malware mbamservice.exe 
 Malwarebytes Anti-Malware mbam.exe 
 Malwarebytes Anti-Malware mbamtray.exe 
 Bitdefender Bitdefender Security vsserv.exe 
 Bitdefender Bitdefender Device Management DevMgmtService.exe 
 Bitdefender Bitdefender Security updatesrv.exe 
 Bitdefender Agent ProductAgentService.exe  
 Windows Defender MSASCuiL.exe  
 Bitdefender Bitdefender Security bdagent.exe 
 Bitdefender Bitdefender Security odscanui.exe 
 Bitdefender Bitdefender Security seccenter.exe 
 Common Files Bitdefender SetupInformation Bitdefender RedLine\bdredline.exe
 Bitdefender Bitdefender Security bdwtxag.exe 
`````````````````System Health check`````````````````
 Total Fragmentation on Drive C:  %
````````````````````End of Log``````````````````````

 

 

 

 

FSS.txt

 

 
Farbar Service Scanner Version: 27-01-2016
Ran by Chris (administrator) on 28-03-2018 at 21:45:47
Running from "C:\Users\Chris\Desktop"
Microsoft Windows 10 Pro  (X64)
Boot Mode: Normal
****************************************************************
Internet Services:
============
Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo.com is accessible.

Windows Firewall:
=============
Firewall Disabled Policy:
==================

System Restore:
============
System Restore Policy:
========================

Security Center:
============

Windows Update:
============
wuauserv Service is not running. Checking service configuration:
The start type of wuauserv service is set to Demand. The default start type is Auto.
The ImagePath of wuauserv service is OK.
The ServiceDll of wuauserv service is OK.

Windows Autoupdate Disabled Policy:
============================

Windows Defender:
==============
Other Services:
==============

File Check:
========
C:\Windows\System32\nsisvc.dll => File is digitally signed
C:\Windows\System32\drivers\nsiproxy.sys => File is digitally signed
C:\Windows\System32\drivers\afd.sys => File is digitally signed
C:\Windows\System32\drivers\tdx.sys => File is digitally signed
C:\Windows\System32\Drivers\tcpip.sys => File is digitally signed
C:\Windows\System32\dnsrslvr.dll => File is digitally signed
C:\Windows\System32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\System32\mpssvc.dll => File is digitally signed
C:\Windows\System32\bfe.dll => File is digitally signed
C:\Windows\System32\drivers\mpsdrv.sys => File is digitally signed
C:\Windows\System32\SDRSVC.dll => File is digitally signed
C:\Windows\System32\vssvc.exe => File is digitally signed
C:\Windows\System32\wscsvc.dll => File is digitally signed
C:\Windows\System32\wbem\WMIsvc.dll => File is digitally signed
C:\Windows\System32\wuaueng.dll => File is digitally signed
C:\Windows\System32\qmgr.dll => File is digitally signed
C:\Windows\System32\es.dll => File is digitally signed
C:\Windows\System32\cryptsvc.dll => File is digitally signed
C:\Program Files\Windows Defender\MpSvc.dll => File is digitally signed
C:\Windows\System32\ipnathlp.dll => File is digitally signed
C:\Windows\System32\iphlpsvc.dll => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed

**** End of log ****

 

 

 

 

 

MTB.txt

 

 

MiniToolBox by Farbar  Version: 17-06-2016
Ran by Chris (administrator) on 28-03-2018 at 21:53:35
Running from "C:\Users\Chris\Desktop"
Microsoft Windows 10 Pro  (X64)
Model: Z270-HD3 Manufacturer: Gigabyte Technology Co., Ltd.
Boot Mode: Normal
***************************************************************************
========================= IE Proxy Settings: ==============================
Proxy is not enabled.
No Proxy Server is set.
========================= Hosts content: =================================
127.0.0.1 
127.0.0.1 
127.0.0.1 
127.0.0.1 
127.0.0.1   
127.0.0.1 
========================= IP Configuration: ================================
Intel® Ethernet Connection (2) I219-V = Ethernet 8 (Connected)
Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64 = Ethernet 3 (Hardware not present)
TAP-Windows Adapter V9 = Ethernet (Media disconnected)
TP-LINK 802.11ac Network Adapter = Wi-Fi (Media disconnected)
Bluetooth Device (Personal Area Network) = Bluetooth Network Connection (Media disconnected)

# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4
reset
set global icmpredirects=enabled
add route prefix=0.0.0.0/0 interface="Ethernet 2" nexthop=192.168.0.1 metric=1 publish=Yes
set interface interface="Local Area Connection* 3" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Local Area Connection* 11" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Ethernet 8" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Wi-Fi 2" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Local Area Connection* 1" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Bluetooth Network Connection" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Ethernet 2" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Wi-Fi" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Local Area Connection* 14" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Ethernet 3" forwarding=enabled advertise=enabled metric=1 nud=enabled ignoredefaultroutes=disabled
set interface interface="other_0" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="ethernet_0" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="other_1" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="ethernet_36" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Ethernet" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set subinterface interface=???c?? subinterface=ethernet_6 mtu=1477
add address name="Ethernet 2" address=192.168.0.150 mask=255.255.255.0

popd
# End of IPv4 configuration
 
Windows IP Configuration
   Host Name . . . . . . . . . . . . : TheRetina
   Primary Dns Suffix  . . . . . . . :
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
Ethernet adapter Ethernet 8:
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Intel® Ethernet Connection (2) I219-V
   Physical Address. . . . . . . . . : 1C-1B-0D-9F-D3-A9
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   IPv6 Address. . . . . . . . . . . : 2605:a601:2c0:1500:a00a:a32e:57fc:88bb(Preferred)
   Temporary IPv6 Address. . . . . . : 2605:a601:2c0:1500:b9a4:33bc:61d6:9840(Preferred)
   Link-local IPv6 Address . . . . . : fe80::a00a:a32e:57fc:88bb%6(Preferred)
   IPv4 Address. . . . . . . . . . . : 192.168.1.141(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : Wednesday, March 28, 2018 8:55:25 PM
   Lease Expires . . . . . . . . . . : Thursday, March 29, 2018 8:55:26 PM
   Default Gateway . . . . . . . . . : fe80::f6f5:e8ff:fe85:718d%6
                                       192.168.1.1
   DHCP Server . . . . . . . . . . . : 192.168.1.1
   DHCPv6 IAID . . . . . . . . . . . : 119282445
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-22-03-5F-4B-1C-1B-0D-9F-D3-A9
   DNS Servers . . . . . . . . . . . : 2605:a601:2c0:1500::1
                                       192.168.1.1
   Primary WINS Server . . . . . . . : 192.168.1.1
   NetBIOS over Tcpip. . . . . . . . : Enabled
Wireless LAN adapter Wi-Fi:
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : TP-LINK 802.11ac Network Adapter #2
   Physical Address. . . . . . . . . : 30-B5-C2-28-A2-B6
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
Wireless LAN adapter Local Area Connection* 11:
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft Wi-Fi Direct Virtual Adapter
   Physical Address. . . . . . . . . : 32-B5-C2-28-A2-B6
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
Ethernet adapter Ethernet:
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : TAP-Windows Adapter V9
   Physical Address. . . . . . . . . : 00-FF-9A-A1-87-E8
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
Ethernet adapter Bluetooth Network Connection:
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Bluetooth Device (Personal Area Network)
   Physical Address. . . . . . . . . : 5C-F3-70-71-9B-A8
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
Server:  UnKnown
Address:  2605:a601:2c0:1500::1
Name:    google.com
Addresses:  2607:f8b0:4009:806::200e
   172.217.6.110

Pinging google.com [2607:f8b0:4009:806::200e] with 32 bytes of data:
Request timed out.
Reply from 2607:f8b0:4009:806::200e: time=11ms
Ping statistics for 2607:f8b0:4009:806::200e:
    Packets: Sent = 2, Received = 1, Lost = 1 (50% loss),
Approximate round trip times in milli-seconds:
    Minimum = 11ms, Maximum = 11ms, Average = 11ms
Server:  UnKnown
Address:  2605:a601:2c0:1500::1
Name:    yahoo.com
Addresses:  2001:4998:c:1023::5
   2001:4998:44:41d::3
   2001:4998:c:1023::4
   2001:4998:58:1836::11
   2001:4998:44:41d::4
   2001:4998:58:1836::10
   98.137.246.8
   98.138.219.231
   72.30.35.10
   72.30.35.9
   98.138.219.232
   98.137.246.7

Pinging yahoo.com [2001:4998:58:1836::10] with 32 bytes of data:
Request timed out.
Reply from 2001:4998:58:1836::10: time=31ms
Ping statistics for 2001:4998:58:1836::10:
    Packets: Sent = 2, Received = 1, Lost = 1 (50% loss),
Approximate round trip times in milli-seconds:
    Minimum = 31ms, Maximum = 31ms, Average = 31ms
Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
  6...1c 1b 0d 9f d3 a9 ......Intel® Ethernet Connection (2) I219-V
 13...30 b5 c2 28 a2 b6 ......TP-LINK 802.11ac Network Adapter #2
  5...32 b5 c2 28 a2 b6 ......Microsoft Wi-Fi Direct Virtual Adapter
 15...00 ff 9a a1 87 e8 ......TAP-Windows Adapter V9
 10...5c f3 70 71 9b a8 ......Bluetooth Device (Personal Area Network)
  1...........................Software Loopback Interface 1
===========================================================================
IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0      192.168.1.1    192.168.1.141     25
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    331
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    331
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    331
      192.168.1.0    255.255.255.0         On-link     192.168.1.141    281
    192.168.1.141  255.255.255.255         On-link     192.168.1.141    281
    192.168.1.255  255.255.255.255         On-link     192.168.1.141    281
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    331
        224.0.0.0        240.0.0.0         On-link     192.168.1.141    281
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    331
  255.255.255.255  255.255.255.255         On-link     192.168.1.141    281
===========================================================================
Persistent Routes:
  Network Address          Netmask  Gateway Address  Metric
          0.0.0.0          0.0.0.0      192.168.0.1       1
===========================================================================
IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
  6    281 ::/0                     fe80::f6f5:e8ff:fe85:718d
  1    331 ::1/128                  On-link
  6    281 2605:a601:2c0:1500::/64  On-link
  6    281 2605:a601:2c0:1500:a00a:a32e:57fc:88bb/128
                                    On-link
  6    281 2605:a601:2c0:1500:b9a4:33bc:61d6:9840/128
                                    On-link
  6    281 fe80::/64                On-link
  6    281 fe80::a00a:a32e:57fc:88bb/128
                                    On-link
  1    331 ff00::/8                 On-link
  6    281 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================
Catalog5 01 C:\WINDOWS\SysWOW64\napinsp.dll [54784] (Microsoft Corporation)
Catalog5 02 C:\WINDOWS\SysWOW64\pnrpnsp.dll [70656] (Microsoft Corporation)
Catalog5 03 C:\WINDOWS\SysWOW64\pnrpnsp.dll [70656] (Microsoft Corporation)
Catalog5 04 C:\WINDOWS\SysWOW64\NLAapi.dll [63488] (Microsoft Corporation)
Catalog5 05 C:\WINDOWS\SysWOW64\mswsock.dll [334744] (Microsoft Corporation)
Catalog5 06 C:\WINDOWS\SysWOW64\winrnr.dll [24064] (Microsoft Corporation)
Catalog5 07 C:\WINDOWS\SysWOW64\wshbth.dll [50688] (Microsoft Corporation)
Catalog5 08 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [122128] (Apple Inc.)
Catalog9 01 C:\WINDOWS\SysWOW64\mswsock.dll [334744] (Microsoft Corporation)
Catalog9 02 C:\WINDOWS\SysWOW64\mswsock.dll [334744] (Microsoft Corporation)
Catalog9 03 C:\WINDOWS\SysWOW64\mswsock.dll [334744] (Microsoft Corporation)
Catalog9 04 C:\WINDOWS\SysWOW64\mswsock.dll [334744] (Microsoft Corporation)
Catalog9 05 C:\WINDOWS\SysWOW64\mswsock.dll [334744] (Microsoft Corporation)
Catalog9 06 C:\WINDOWS\SysWOW64\mswsock.dll [334744] (Microsoft Corporation)
Catalog9 07 C:\WINDOWS\SysWOW64\mswsock.dll [334744] (Microsoft Corporation)
Catalog9 08 C:\WINDOWS\SysWOW64\mswsock.dll [334744] (Microsoft Corporation)
Catalog9 09 C:\WINDOWS\SysWOW64\mswsock.dll [334744] (Microsoft Corporation)
Catalog9 10 C:\WINDOWS\SysWOW64\mswsock.dll [334744] (Microsoft Corporation)
Catalog9 11 C:\WINDOWS\SysWOW64\mswsock.dll [334744] (Microsoft Corporation)
Catalog9 12 C:\WINDOWS\SysWOW64\mswsock.dll [334744] (Microsoft Corporation)
Catalog9 13 C:\WINDOWS\SysWOW64\mswsock.dll [334744] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\napinsp.dll [67072] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\pnrpnsp.dll [84992] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [84992] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\NLAapi.dll [79872] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [402992] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [31232] (Microsoft Corporation)
x64-Catalog5 07 C:\Windows\System32\wshbth.dll [63488] (Microsoft Corporation)
x64-Catalog5 08 C:\Program Files\Bonjour\mdnsNSP.dll [133392] (Apple Inc.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [402992] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [402992] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [402992] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [402992] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [402992] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [402992] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [402992] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [402992] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [402992] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [402992] (Microsoft Corporation)
x64-Catalog9 11 C:\Windows\System32\mswsock.dll [402992] (Microsoft Corporation)
x64-Catalog9 12 C:\Windows\System32\mswsock.dll [402992] (Microsoft Corporation)
x64-Catalog9 13 C:\Windows\System32\mswsock.dll [402992] (Microsoft Corporation)
========================= Event log errors: ===============================
Application errors:
==================
Error: (03/28/2018 08:55:28 PM) (Source: OVRServiceLauncher) (User: )
Description: [LauncherService] Unable to launch: There is no active interactive user session.
Error: (03/28/2018 08:54:27 PM) (Source: OVRServiceLauncher) (User: )
Description: [ProcessAsUser] CreateProcessAsUser failed with err=740 attempting to launch process as active user: C:\Program Files\Oculus\Support\oculus-runtime\OVRRedir.exe
Error: (03/28/2018 08:54:11 PM) (Source: COM) (User: )
Description: {41FD88F7-F295-4D39-91AC-A85F3149A05B}
Error: (03/28/2018 08:54:11 PM) (Source: COM) (User: )
Description: {95CABCC9-BC57-4C12-B8DF-BA193232AA01}
Error: (03/28/2018 08:54:09 PM) (Source: COM) (User: )
Description: {95CABCC9-BC57-4C12-B8DF-BA193232AA01}
Error: (03/28/2018 08:53:36 PM) (Source: OVRServiceLauncher) (User: )
Description: [LauncherService] Unable to launch: There is no active interactive user session.
Error: (03/28/2018 08:50:41 PM) (Source: OVRServiceLauncher) (User: )
Description: [ProcessAsUser] CreateProcessAsUser failed with err=740 attempting to launch process as active user: C:\Program Files\Oculus\Support\oculus-runtime\OVRRedir.exe
Error: (03/28/2018 08:49:38 PM) (Source: OVRServiceLauncher) (User: )
Description: [ProcessAsUser] CreateProcessAsUser failed with err=740 attempting to launch process as active user: C:\Program Files\Oculus\Support\oculus-runtime\OVRRedir.exe
Error: (03/28/2018 08:49:02 PM) (Source: OVRServiceLauncher) (User: )
Description: [LauncherService] Unable to launch: There is no active interactive user session.
Error: (03/28/2018 08:30:26 PM) (Source: Office 2016 Licensing Service) (User: )
Description: Subscription licensing service failed: -1073422333

System errors:
=============
Error: (03/28/2018 09:52:41 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: 577vsservp{B548B6A5-B4C1-4DE2-8DB2-B60C1E80387E}
Error: (03/28/2018 09:52:41 PM) (Source: Service Control Manager) (User: )
Description: The Bitdefender Protected Service service failed to start due to the following error:
%%577 = Windows cannot verify the digital signature for this file. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Error: (03/28/2018 09:47:52 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: 577vsservp{B548B6A5-B4C1-4DE2-8DB2-B60C1E80387E}
Error: (03/28/2018 09:47:52 PM) (Source: Service Control Manager) (User: )
Description: The Bitdefender Protected Service service failed to start due to the following error:
%%577 = Windows cannot verify the digital signature for this file. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Error: (03/28/2018 09:45:36 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: 577vsservp{B548B6A5-B4C1-4DE2-8DB2-B60C1E80387E}
Error: (03/28/2018 09:45:36 PM) (Source: Service Control Manager) (User: )
Description: The Bitdefender Protected Service service failed to start due to the following error:
%%577 = Windows cannot verify the digital signature for this file. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Error: (03/28/2018 09:42:13 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: 577vsservp{B548B6A5-B4C1-4DE2-8DB2-B60C1E80387E}
Error: (03/28/2018 09:42:13 PM) (Source: Service Control Manager) (User: )
Description: The Bitdefender Protected Service service failed to start due to the following error:
%%577 = Windows cannot verify the digital signature for this file. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Error: (03/28/2018 09:37:15 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: 577vsservp{B548B6A5-B4C1-4DE2-8DB2-B60C1E80387E}
Error: (03/28/2018 09:37:15 PM) (Source: Service Control Manager) (User: )
Description: The Bitdefender Protected Service service failed to start due to the following error:
%%577 = Windows cannot verify the digital signature for this file. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
Microsoft Office Sessions:
=========================
Error: (03/28/2018 08:55:28 PM) (Source: OVRServiceLauncher)(User: )
Description: [LauncherService] Unable to launch: There is no active interactive user session.
Error: (03/28/2018 08:54:27 PM) (Source: OVRServiceLauncher)(User: )
Description: [ProcessAsUser] CreateProcessAsUser failed with err=740 attempting to launch process as active user: C:\Program Files\Oculus\Support\oculus-runtime\OVRRedir.exe
Error: (03/28/2018 08:54:11 PM) (Source: COM)(User: )
Description: {41FD88F7-F295-4D39-91AC-A85F3149A05B}
Error: (03/28/2018 08:54:11 PM) (Source: COM)(User: )
Description: {95CABCC9-BC57-4C12-B8DF-BA193232AA01}
Error: (03/28/2018 08:54:09 PM) (Source: COM)(User: )
Description: {95CABCC9-BC57-4C12-B8DF-BA193232AA01}
Error: (03/28/2018 08:53:36 PM) (Source: OVRServiceLauncher)(User: )
Description: [LauncherService] Unable to launch: There is no active interactive user session.
Error: (03/28/2018 08:50:41 PM) (Source: OVRServiceLauncher)(User: )
Description: [ProcessAsUser] CreateProcessAsUser failed with err=740 attempting to launch process as active user: C:\Program Files\Oculus\Support\oculus-runtime\OVRRedir.exe
Error: (03/28/2018 08:49:38 PM) (Source: OVRServiceLauncher)(User: )
Description: [ProcessAsUser] CreateProcessAsUser failed with err=740 attempting to launch process as active user: C:\Program Files\Oculus\Support\oculus-runtime\OVRRedir.exe
Error: (03/28/2018 08:49:02 PM) (Source: OVRServiceLauncher)(User: )
Description: [LauncherService] Unable to launch: There is no active interactive user session.
Error: (03/28/2018 08:30:26 PM) (Source: Office 2016 Licensing Service)(User: )
Description: Subscription licensing service failed: -1073422333

CodeIntegrity Errors:
===================================
  Date: 2018-03-28 21:52:41.187
  Description: Code Integrity determined that a process (\Device\HarddiskVolume6\Windows\System32\services.exe) attempted to load \Device\HarddiskVolume6\Program Files\Bitdefender\Bitdefender Security\vsservp.exe that did not meet the Custom 3 / Antimalware signing level requirements.
  Date: 2018-03-28 21:52:03.578
  Description: Code Integrity determined that a process (\Device\HarddiskVolume6\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume6\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.
  Date: 2018-03-28 21:49:45.066
  Description: Code Integrity determined that a process (\Device\HarddiskVolume6\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume6\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.
  Date: 2018-03-28 21:49:45.065
  Description: Code Integrity determined that a process (\Device\HarddiskVolume6\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume6\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.
  Date: 2018-03-28 21:47:52.428
  Description: Code Integrity determined that a process (\Device\HarddiskVolume6\Windows\System32\services.exe) attempted to load \Device\HarddiskVolume6\Program Files\Bitdefender\Bitdefender Security\vsservp.exe that did not meet the Custom 3 / Antimalware signing level requirements.
  Date: 2018-03-28 21:47:23.870
  Description: Code Integrity determined that a process (\Device\HarddiskVolume6\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume6\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.
  Date: 2018-03-28 21:47:23.869
  Description: Code Integrity determined that a process (\Device\HarddiskVolume6\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume6\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.
  Date: 2018-03-28 21:47:22.370
  Description: Code Integrity determined that a process (\Device\HarddiskVolume6\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume6\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.
  Date: 2018-03-28 21:47:22.369
  Description: Code Integrity determined that a process (\Device\HarddiskVolume6\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume6\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.
  Date: 2018-03-28 21:45:36.436
  Description: Code Integrity determined that a process (\Device\HarddiskVolume6\Windows\System32\services.exe) attempted to load \Device\HarddiskVolume6\Program Files\Bitdefender\Bitdefender Security\vsservp.exe that did not meet the Custom 3 / Antimalware signing level requirements.

=========================== Installed Programs ============================
${{arpDisplayName}} (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_cufft_9.1) (Version: 9.1 - NVIDIA Corporation) Hidden
@BIOS (HKLM-x32\...\{C9D46F25-5F9D-4E25-B24F-BC00E9EDF529}) (Version: 3.17.0915.1 - GIGABYTE) Hidden
@BIOS (HKLM-x32\...\InstallShield_{C9D46F25-5F9D-4E25-B24F-BC00E9EDF529}) (Version: 3.17.0915.1 - GIGABYTE)
µTorrent (HKCU\...\uTorrent) (Version: 3.5.1.44332 - BitTorrent Inc.)
7-Zip 15.10 beta (x64) (HKLM\...\7-Zip) (Version: 15.10 - Igor Pavlov)
A Chair in a Room: Greenwater (HKLM\...\Steam App 427760) (Version:  - Wolf &amp; Wood Interactive Ltd)
A Fear Of Heights, And Other Things (HKLM\...\Steam App 535460) (Version:  - Fulby Technologies)
Accounting (HKLM\...\Steam App 518580) (Version:  - Crows Crows Crows)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 23.0.0.257 - Adobe Systems Incorporated)
Adobe Audition CC 2015 (HKLM-x32\...\{839A3566-AED6-4787-A849-5CBE2B1DC6AE}) (Version: 8.1.0 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 4.3.0.256 - Adobe Systems Incorporated)
Adobe Lightroom (HKLM-x32\...\{8048A5DF-8A70-5BE1-954B-E0FDE1BD0D0D}) (Version: 6.12 - Adobe Systems Incorporated)
Adobe Lightroom CC (HKLM-x32\...\LRCC_1_0) (Version: 1.0 - Adobe Systems Incorporated)
Adobe Photoshop CC 2015 (HKLM-x32\...\{793C2BF7-A4FE-4608-91C9-9282C5801C21}) (Version: 16.0 - Adobe Systems Incorporated)
Adobe Touch App Plugins (HKLM-x32\...\{1EC083EE-5B76-4A2A-B95A-CAF460AA29D6}) (Version: 1.0 - Adobe Systems Incorporated)
AirPort (HKLM-x32\...\{AA68AAAE-41F0-40B5-8896-5947F5FD6889}) (Version: 5.6.1.2 - Apple Inc.)
Allegorithmic Substance Designer 5.4.0 (HKLM-x32\...\Substance Designer_5) (Version: 5.4.0 build 17854 (2016-05-04) - Allegorithmic)
AltspaceVR (HKLM\...\Steam App 407060) (Version:  - AltspaceVR, Inc.)
AmbiBox (HKLM-x32\...\{EBC9D10B-7560-4CA0-9492-8928CED133EA}_is1) (Version: 2.1.7 - AmbiBox)
Anki (HKLM-x32\...\Anki) (Version:  - )
AnyDVD (HKLM-x32\...\AnyDVD) (Version: 7.6.4.0 - SlySoft)
APP Center (HKLM-x32\...\{D50BEE9A-0EC6-4A58-BF90-35BDC6D6495D}) (Version: 3.18.0129.1 - GIGABYTE) Hidden
APP Center (HKLM-x32\...\InstallShield_{D50BEE9A-0EC6-4A58-BF90-35BDC6D6495D}) (Version: 3.18.0129.1 - GIGABYTE)
Apple Application Support (32-bit) (HKLM-x32\...\{3D1290E6-1F77-46D5-A715-A56679C8D4E3}) (Version: 6.0.2 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{D0E45DEC-F4B9-4370-A9DF-66837789C2EF}) (Version: 6.0.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{E3C4B99B-BE71-4C27-8E3C-4FAE3C46E1D5}) (Version: 11.0.0.30 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{C1BBFD2A-BCDD-45B3-8C0B-66BD434970A8}) (Version: 2.4.8.1 - Apple Inc.)
Application Insights Tools for Visual Studio 2013 (HKLM-x32\...\{873F2D30-973B-415E-9BCA-E465AF816CCF}) (Version: 2.5 - Microsoft Corporation) Hidden
ARK: Survival Evolved (HKLM\...\Steam App 346110) (Version:  - Studio Wildcard)
ARK: Survival Of The Fittest (HKLM\...\Steam App 407530) (Version:  - Studio Wildcard)
ASTRONEER (HKLM\...\Steam App 361420) (Version:  - System Era Softworks)
ASUS Bluetooth Software (HKLM\...\{C6D9ED03-6FCF-4410-9CB7-45CA285F9E11}) (Version: 12.0.1.170 - ASUS)
Audible Download Manager (HKLM-x32\...\AudibleDownloadManager) (Version: 6.6.0.19 - Audible, Inc.)
AzureTools.Notifications (HKLM-x32\...\{3FBFCF2C-392A-4632-9442-14C305B44D5E}) (Version: 2.1.10731.1602 - Microsoft Corporation) Hidden
Backup and Sync from Google (HKLM\...\{4B7277C7-9CEE-45FC-B36B-19AD28281B9C}) (Version: 3.40.8921.5350 - Google, Inc.)
Bamboo Dock (HKLM-x32\...\{90DFD61B-8224-00C6-3D69-A983B60A394E}) (Version: 4.1.0 - Wacom Europe GmbH) Hidden
Bamboo Dock (HKLM-x32\...\Bamboo Dock) (Version: 4.1 - Wacom Co., Ltd.)
Bamboo Dock (HKLM-x32\...\wacomid-desktop-launcher.DCFD4B89A63EE70BC162777F06D4B93B6397AEC7.1) (Version: 4.1.0 - Wacom Europe GmbH) Hidden
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Battlestate Games Launcher 0.4.1.267 (HKLM-x32\...\{B0FDA062-7581-4D67-B085-C4E7C358037F}_is1) (Version: 0.4.1.267 - Battlestate Games)
BeerSmith 2 (HKLM-x32\...\BeerSmith 2) (Version:  - )
Behaviors SDK (Windows Phone) for Visual Studio 2013 (HKLM-x32\...\{594DB57D-58D1-4AA3-AE6C-BF99484F52F8}) (Version: 12.0.50716.0 - Microsoft Corporation) Hidden
Behaviors SDK (Windows) for Visual Studio 2013 (HKLM-x32\...\{28C7344F-E894-4CF5-8D05-EDC7ED71796C}) (Version: 12.0.50429.0 - Microsoft Corporation) Hidden
BigScreen Beta (HKLM\...\Steam App 457550) (Version:  - BigScreen, Inc.)
Bitdefender Agent (HKLM\...\Bitdefender Agent) (Version: 22.0.10.78 - Bitdefender)
Bitdefender Antivirus Plus (HKLM\...\Bitdefender) (Version: 22.0.19.242 - Bitdefender)
Bitdefender Device Management (HKLM\...\Bitdefender Device Management) (Version: 22.0.18.224 - Bitdefender)
bl (HKLM-x32\...\{2A075BB4-E976-4278-BF3F-E5C6945D84C0}) (Version: 1.0.0 - Your Company Name) Hidden
Blend for Visual Studio 2013 (HKLM-x32\...\{EBC890A6-DE7C-44B4-AA03-119B6190D3E1}) (Version: 12.0.41002.1 - Microsoft Corporation) Hidden
Blend for Visual Studio 2013 ENU resources (HKLM-x32\...\{9ED1634C-4E71-4992-A1BA-7C4BE6EE39E1}) (Version: 12.0.41002.1 - Microsoft Corporation) Hidden
Blend for Visual Studio SDK for .NET 4.5 (HKLM-x32\...\{37E53780-3944-4A6A-842F-727128E8616E}) (Version: 3.0.40218.0 - Microsoft Corporation) Hidden
Blend for Visual Studio SDK for Silverlight 5 (HKLM-x32\...\{0C03A66F-1FF0-45F9-8D67-0D806EBFFBA1}) (Version: 3.0.40218.0 - Microsoft Corporation) Hidden
Blender (HKLM\...\{B1DF3793-1651-4AE5-9CA0-E845DD8B526B}) (Version: 2.79.0 - Blender Foundation)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Budget Cuts Demo (HKLM\...\Steam App 459860) (Version:  - Neat Corporation)
Build Tools - amd64 (HKLM\...\{DE293220-4F3A-40C8-B825-E151A231455A}) (Version: 12.0.40629 - Microsoft Corporation) Hidden
Build Tools - x86 (HKLM-x32\...\{20C6C9E5-B5B0-40A2-8ACD-EF08A9562A5B}) (Version: 12.0.40629 - Microsoft Corporation) Hidden
Build Tools Language Resources - amd64 (HKLM\...\{ACE05087-00E9-480F-A955-1C3D7B977A7D}) (Version: 12.0.40629 - Microsoft Corporation) Hidden
Build Tools Language Resources - x86 (HKLM-x32\...\{2F2A7D0D-C28D-4953-A59A-A5EF1171E03F}) (Version: 12.0.40629 - Microsoft Corporation) Hidden
Call of Duty: WWII - Multiplayer (HKLM\...\Steam App 476620) (Version:  - Sledgehammer Games)
CameraHelperMsi (HKLM-x32\...\{15634701-BACE-4449-8B25-1567DA8C9FD3}) (Version: 13.51.815.0 - Logitech) Hidden
Canon Utilities EOS Lens Registration Tool (HKLM-x32\...\EOS Lens Registration Tool) (Version: 1.1.0.6 - Canon Inc.)
Canon Utilities EOS Sample Music (HKLM-x32\...\EOS Sample Music) (Version: 1.0.1.1 - Canon Inc.)
Canon Utilities EOS Utility 2 (HKLM-x32\...\EOS Utility 2) (Version: 2.14.10.2 - Canon Inc.)
Canon Utilities EOS Web Service Registration Tool (HKLM-x32\...\EOS Web Service Registration Tool) (Version: 1.0.1.3 - Canon Inc.)
Canon Utilities ImageBrowser EX (HKLM-x32\...\ImageBrowser EX) (Version: 1.5.2.8 - Canon Inc.)
Canon Utilities PhotoStitch (HKLM-x32\...\PhotoStitch) (Version: 3.1.23.47 - Canon Inc.)
Canon Utilities Picture Style Editor (HKLM-x32\...\Picture Style Editor) (Version: 1.14.20.0 - Canon Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.41 - Piriform)
Cisco AnyConnect Secure Mobility Client  (HKLM-x32\...\Cisco AnyConnect Secure Mobility Client) (Version: 4.4.03034 - Cisco Systems, Inc.)
Cisco AnyConnect Secure Mobility Client (HKLM-x32\...\{EB629A98-5E69-40E8-BA9E-C393899F959D}) (Version: 4.4.03034 - Cisco Systems, Inc.) Hidden
Citrix Receiver (Enterprise) (HKLM-x32\...\CitrixOnlinePluginFull) (Version: 13.1.200.22 - Citrix Systems, Inc.)
Citrix Receiver (HKLM-x32\...\CitrixOnlinePluginPackWeb) (Version: 14.4.1000.16 - Citrix Systems, Inc.)
CMake (HKLM\...\{C656D1EB-8E45-4351-84DA-6DE9D74ED68B}) (Version: 3.9.0 - Kitware)
Code (HKCU\...\Code) (Version: 0.7.10 - Microsoft Corporation)
Conan Exiles (HKLM\...\Steam App 440900) (Version:  - Funcom)
Core Temp 1.11 (HKLM\...\{086D343F-8E78-4AFC-81AC-D6D414AFD8AC}_is1) (Version: 1.11 - ALCPU)
Cosmic Trip (HKLM\...\Steam App 427240) (Version:  - Funktronic Labs)
CouchPotato (HKLM-x32\...\CouchPotato_is1) (Version: 2 - Your Mom)
Counter-Strike: Global Offensive (HKLM\...\Steam App 730) (Version:  - Valve)
CPUID CPU-Z G1 1.72.1 (HKLM\...\CPUID CPU-Z G1_is1) (Version: 1.72.1 - CPUID, Inc.)
Crazybump (remove only) (HKLM-x32\...\Crazybump) (Version:  - )
CUBLAS Development (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_cublas_dev_9.1) (Version: 9.1 - NVIDIA Corporation) Hidden
CUBLAS Runtime (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_cublas_9.1) (Version: 9.1 - NVIDIA Corporation) Hidden
CUDA Documentation (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_documentation_9.1) (Version: 9.1 - NVIDIA Corporation) Hidden
CUDA Profiler Tools (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_nvprof_9.1) (Version: 9.1 - NVIDIA Corporation) Hidden
CUDA Toolkit (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_CUDAToolkit_9.1) (Version: 9.1 - NVIDIA Corporation) Hidden
CUDA Version (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_CUDAVersion_9.1) (Version: 9.1 - NVIDIA Corporation) Hidden
CUDART Runtime (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_cudart_9.1) (Version: 9.1 - NVIDIA Corporation) Hidden
CUFFT Development (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_cufft_dev_9.1) (Version: 9.1 - NVIDIA Corporation) Hidden
cuobjdump (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_cuobjdump_9.1) (Version: 9.1 - NVIDIA Corporation) Hidden
CUPTI (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_cupti_9.1) (Version: 9.1 - NVIDIA Corporation) Hidden
CURAND Development (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_curand_dev_9.1) (Version: 9.1 - NVIDIA Corporation) Hidden
CURAND Runtime (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_curand_9.1) (Version: 9.1 - NVIDIA Corporation) Hidden
CUSOLVER Development (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_cusolver_dev_9.1) (Version: 9.1 - NVIDIA Corporation) Hidden
CUSOLVER Runtime (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_cusolver_9.1) (Version: 9.1 - NVIDIA Corporation) Hidden
CUSPARSE Development (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_cusparse_dev_9.1) (Version: 9.1 - NVIDIA Corporation) Hidden
CUSPARSE Runtime (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_cusparse_9.1) (Version: 9.1 - NVIDIA Corporation) Hidden
Deisim (HKLM\...\Steam App 525680) (Version:  - )
Deluge 1.3.11 (HKLM-x32\...\Deluge) (Version:  - )
Demo Suite (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_demo_suite_9.1) (Version: 9.1 - NVIDIA Corporation) Hidden
DiRT 3 Complete Edition (HKLM\...\Steam App 321040) (Version:  - Codemasters Racing Studio)
Disassembler (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_nvdisasm_9.1) (Version: 9.1 - NVIDIA Corporation) Hidden
Discord (HKCU\...\Discord) (Version: 0.0.300 - Discord Inc.)
Divinity: Original Sin 2 (HKLM\...\Steam App 435150) (Version:  - Larian Studios)
Dokan Driver (x64) (HKLM\...\{C550A790-4D58-4918-824A-192461614F6B}) (Version: 1.1.0.2 - HTC Corp.) Hidden
Dotfuscator and Analytics Community Edition (HKLM-x32\...\{2386192E-D6DB-4AD2-9564-65586A0AE53E}) (Version: 5.5.4954.46574 - PreEmptive Solutions) Hidden
EaseUS Partition Master 12.9 (HKLM-x32\...\EaseUS Partition Master_is1) (Version:  - EaseUS)
EasyTune (HKLM-x32\...\{7F635314-EE21-4E4B-A68D-69AE70BA0E9B}) (Version: 1.15.0626 - GIGABYTE) Hidden
EasyTune (HKLM-x32\...\InstallShield_{7F635314-EE21-4E4B-A68D-69AE70BA0E9B}) (Version: 1.15.0626 - GIGABYTE)
EasyTuneEngineService (HKLM-x32\...\{964575C3-5820-4642-A89A-754255B5EFE1}) (Version: 1.18.0202.1 - GIGABYTE) Hidden
EasyTuneEngineService (HKLM-x32\...\InstallShield_{964575C3-5820-4642-A89A-754255B5EFE1}) (Version: 1.18.0202.1 - GIGABYTE)
Elite Dangerous (HKLM\...\Steam App 359320) (Version:  - Frontier Developments)
Entity Framework 6.1.3 Tools  for Visual Studio 2013 (HKLM-x32\...\{D5170452-84D1-4725-AD9C-F9ECFD0A9E9F}) (Version: 12.0.40302.0 - Microsoft Corporation)
Epic Games Launcher (HKLM-x32\...\{B2FF9400-A012-44F7-99CE-37C216A6CD70}) (Version: 1.1.131.0 - Epic Games, Inc.)
erLT (HKLM-x32\...\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}) (Version: 1.20.138.34 - Logitech, Inc.) Hidden
Escape from Tarkov (HKLM-x32\...\EscapeFromTarkov) (Version: 0.7.3.928 - Battlestate Games)
EVE Online (HKLM\...\Steam App 8500) (Version:  - CCP)
Exodus (HKCU\...\exodus) (Version: 1.44.1 - Exodus Movement Inc)
f.lux (HKCU\...\Flux) (Version:  - f.lux Software LLC)
Fallout 4 VR (HKLM\...\Steam App 611660) (Version:  - Bethesda Game Studios)
Fantastic Contraption (HKLM\...\Steam App 386690) (Version:  - Northway Games)
Flawless Widescreen version 1.0.15 (HKLM-x32\...\{7348D82E-8C68-48FF-BA2D-8C97B5B4B3D8}_is1) (Version: 1.0.15 - Flawless Widescreen)
FORTIFY (HKLM\...\Steam App 505040) (Version:  - RTK Entertainment)
Fortran Examples (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_fortran_examples_9.1) (Version: 9.1 - NVIDIA Corporation) Hidden
GameCtrl B15.0803.1 (HKLM-x32\...\{6BBE6CF2-84B2-4ECA-9ECA-C56925C1CCE2}) (Version: 1.00.0000 - GIGABYTE) Hidden
GameCtrl B15.0803.1 (HKLM-x32\...\InstallShield_{6BBE6CF2-84B2-4ECA-9ECA-C56925C1CCE2}) (Version: 1.00.0000 - GIGABYTE)
Git version 2.9.2 (HKLM\...\Git_is1) (Version: 2.9.2 - The Git Development Community)
git-cola - The highly caffeinated Git GUI 2.3 (HKLM-x32\...\git-cola - The highly caffeinated Git GUI_is1) (Version: 2.3 - )
GnuWin32: OpenSSL-0.9.8h-1 (HKLM-x32\...\OpenSSL-0.9.8h-1_is1) (Version: 0.9.8h-1 - GnuWin32)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 65.0.3325.181 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.7 - Google Inc.) Hidden
GPU Library Advisor (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_gpu-library-advisor_9.1) (Version: 9.1 - NVIDIA Corporation) Hidden
GridMove V1.19.62 (HKLM-x32\...\GridMove_is1) (Version:  - DonationCoder.com)
GService (HKLM-x32\...\{D9CB4282-7B2A-4840-AD1D-9DA72B973DD9}) (Version: 1.16.1202.1 - GIGABYTE)
Gtk# for .Net 2.12.26 (HKLM-x32\...\{BC25B808-A11C-4C9F-9C0A-6682E47AAB83}) (Version: 2.12.26 - Xamarin, Inc.)
Hot Dogs, Horseshoes & Hand Grenades (HKLM\...\Steam App 450540) (Version:  - RUST LTD.)
Hover Junkers (HKLM\...\Steam App 380220) (Version:  - Stress Level Zero)
HTC Account (HKLM\...\{D5CD92A7-8ECC-46C9-A478-421F79ECA36F}) (Version: 1.5.1.5 - HTC Corp.) Hidden
iExplorer 3.8.1.0 (HKLM-x32\...\{7FD8B0C1-CDDA-4B4D-A577-B2E3570EA3A3}_is1) (Version:  - Macroplant LLC)
iFunbox (v3.0.3109.1352) (HKLM-x32\...\iFunbox_is1) (Version: v3.0.3109.1352 - iFunbox DevTeam)
IIS 8.0 Express (HKLM\...\{7BF61FA9-BDFB-4563-98AD-FCB0DA28CCC7}) (Version: 8.0.1557 - Microsoft Corporation)
IIS Express Application Compatibility Database for x64 (HKLM\...\{9f4f4a9b-eec5-4906-92fe-d1f43ccf5c8d}.sdb) (Version:  - )
IIS Express Application Compatibility Database for x86 (HKLM\...\{fdfba1f3-74ae-4255-9c10-a0f552b4610f}.sdb) (Version:  - )
i-Menu version 4.3.6 (HKLM-x32\...\{0121C0BD-363C-4B1D-8B64-FE7681A37D0A}_is1) (Version: 4.3.6 - AOC)
inSSIDer Home (HKLM-x32\...\{9E54E4AE-B67A-4925-8E92-0E1F9817FD73}) (Version: 3.1.2.1 - MetaGeek, LLC)
Intel Driver Update Utility (HKLM-x32\...\{ca4bc3a8-b99c-4416-90d8-351a8ceab458}) (Version: 2.2.0.2 - Intel)
Intel® Chipset Device Software (HKLM-x32\...\{bb0592a7-5772-4736-9d55-2402740085db}) (Version: 10.1.1.38 - Intel® Corporation) Hidden
Intel® Driver Update Utility 2.2 (HKLM-x32\...\{3EE9923D-3045-46AB-9CAA-E375993AEB4A}) (Version: 2.2.0.1 - Intel) Hidden
Intel® Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 10.0.39.1003 - Intel Corporation)
Intel® Network Connections 22.10.3.0 (HKLM\...\PROSetDX) (Version: 22.10.3.0 - Intel)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.14.4264 - Intel Corporation)
iPhone Configuration Utility (HKLM-x32\...\{B90FCEB7-2B0C-4D27-95B5-54238DF059ED}) (Version: 3.6.2.300 - Apple Inc.)
iTunes (HKLM\...\{94E81D4F-FB5A-4B29-B385-33896CC9BE7E}) (Version: 12.7.0.166 - Apple Inc.)
Java 8 Update 161 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180161F0}) (Version: 8.0.1610.12 - Oracle Corporation)
Java™ SE Development Kit 6 Update 45 (HKLM-x32\...\{32A3A4F4-B792-11D6-A78A-00B0D0160450}) (Version: 1.6.0.450 - Oracle)
Job Simulator (HKLM\...\Steam App 448280) (Version:  - Owlchemy Labs)
Keep Talking and Nobody Explodes (HKLM\...\Steam App 341800) (Version:  - Steel Crate Games)
Kit SDK de vérification de Visual Studio 2012 - fra (HKLM-x32\...\{8A3862F9-F587-3DFA-AAFC-C1F0E116F05C}) (Version: 12.0.30501 - Microsoft Corporation) Hidden
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
League of Legends (HKLM-x32\...\League of Legends 1.0) (Version: 1.0 - Riot Games, Inc)
Lightblade VR (HKLM\...\Steam App 477270) (Version:  - Andreas Hager Gaming)
LocalESPC Dev12 (HKLM-x32\...\{492498A3-F88C-FE2F-755C-9B1B91724CA5}) (Version: 8.100.25984 - Microsoft Corporation) Hidden
LocalESPCui for en-us Dev12 (HKLM-x32\...\{B1C38F27-D377-8C98-D98D-29B67C0B978D}) (Version: 8.100.25984 - Microsoft) Hidden
Logitech Webcam Software (HKLM-x32\...\{D40EB009-0499-459c-A8AF-C9C110766215}) (Version: 2.80 - Logitech Inc.)
MakeMKV v1.9.4 (HKLM-x32\...\MakeMKV) (Version: v1.9.4 - GuinpinSoft inc)
Malwarebytes version 3.4.4.2398 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.4.4.2398 - Malwarebytes)
MathLM 11.3 (M-WIN-LM 11.3.0 5888691) (HKLM-x32\...\M-WIN-LM 11.3.0 5888691_is1) (Version: 11.3.0 - Wolfram Research, Inc.)
MEMCHECK (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_memcheck_9.1) (Version: 9.1 - NVIDIA Corporation) Hidden
Memory Profiler (HKLM-x32\...\{4522FE06-850C-4106-AB9E-B32C1462DF8B}) (Version: 12.0.40629 - Microsoft Corporation) Hidden
Memory Profiler (HKLM-x32\...\{57960F45-EDBA-4EFA-94D8-0C6FB5CCF11E}) (Version: 12.0.40629 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5 Multi-Targeting Pack (HKLM-x32\...\{56E962F0-4FB0-3C67-88DB-9EAA6EEFC493}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5 SDK (HKLM-x32\...\{4AE57014-05C4-4864-A13D-86517A7E1BA4}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (ENU) (HKLM-x32\...\{D3517C62-68A5-37CF-92F7-93C029A89681}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (HKLM-x32\...\{6A0C6700-EA93-372C-8871-DCCF13D160A4}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 SDK (HKLM-x32\...\{19A5926D-66E1-46FC-854D-163AA10A52D3}) (Version: 4.5.51641 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 SDK (HKLM-x32\...\{2F0ECC80-B9E4-4485-8083-CD32F22ABD92}) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 Targeting Pack (ENU) (HKLM-x32\...\{8EEB28EE-5141-411C-9CF0-9952264FE4AF}) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 Targeting Pack (HKLM-x32\...\{8BC3EEC9-090F-4C53-A8DA-1BEC913040F9}) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Help Viewer 2.1 (HKLM-x32\...\Microsoft Help Viewer 2.1) (Version: 2.1.21005 - Microsoft Corporation)
Microsoft Help Viewer 2.2 (HKLM-x32\...\Microsoft Help Viewer 2.2) (Version: 2.2.25123 - Microsoft Corporation)
Microsoft Office 365 ProPlus - en-us (HKLM\...\O365ProPlusRetail - en-us) (Version: 16.0.8431.2236 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft OneDrive (HKCU\...\OneDriveSetup.exe) (Version: 18.025.0204.0009 - Microsoft Corporation)
Microsoft Server Speech Platform Runtime (x64) (HKLM\...\{3B433087-E62E-4BF5-97F9-4AF6E1C2409C}) (Version: 11.0.7400.345 - Microsoft Corporation)
Microsoft Server Speech Recognition Language - TELE (en-US) (HKLM-x32\...\{66D57636-BD4B-402F-9E7D-5E89C28C8136}) (Version: 11.0.7400.335 - Microsoft Corporation)
Microsoft Server Speech Text to Speech Voice (en-US, Helen) (HKLM-x32\...\{8466EAED-7024-4AEE-9D13-F3A55B98D114}) (Version: 11.0.7400.335 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
Microsoft Silverlight 5 SDK (HKLM-x32\...\{E1FBB3D4-ADB0-4949-B101-855DA061C735}) (Version: 5.0.61118.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Command Line Utilities  (HKLM\...\{58FED865-4F13-408D-A5BF-996019C4B936}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework  (HKLM-x32\...\{1B876496-B3A2-4D22-9B12-B608A3FD4B8B}) (Version: 11.1.2902.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework  (x64) (HKLM\...\{A6BA243E-85A3-4635-A269-32949C98AC7F}) (Version: 11.1.2902.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Express LocalDB  (HKLM\...\{6C026A91-640F-4A23-8B68-05D589CC6F18}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects  (HKLM-x32\...\{2F7DBBE6-8EBC-495C-9041-46A772F4E311}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects  (x64) (HKLM\...\{43A5C316-9521-49C3-B9B6-FCE5E1005DF0}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client  (HKLM\...\{D411E9C9-CE62-4DBF-9D92-4CB22B750ED5}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Transact-SQL ScriptDom  (HKLM\...\{54C5041B-0E91-4E92-8417-AAA12493C790}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 T-SQL Language Service  (HKLM-x32\...\{04DD7AF4-A6D3-4E30-9BB9-3B3670719234}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2014 Express LocalDB  (HKLM\...\{AB8DE9BA-19E1-446A-BCFA-6B3DA9751E21}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 Management Objects  (HKLM-x32\...\{2774595F-BC2A-4B12-A25B-0C37A37049B0}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 Management Objects  (x64) (HKLM\...\{1F9EB3B6-AED7-4AA7-B8F1-8E314B74B2A5}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 Transact-SQL ScriptDom  (HKLM\...\{020CDFE0-C127-4047-B571-37C82396B662}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 T-SQL Language Service  (HKLM-x32\...\{47D08E7A-92A1-489B-B0BF-415516497BCE}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 SP1 x64 ENU (HKLM\...\{78909610-D229-459C-A936-25D92283D3FD}) (Version: 4.0.8876.1 - Microsoft Corporation)
Microsoft SQL Server Data Tools - enu (12.0.41012.0) (HKLM-x32\...\{AC8E0CF4-42A1-4151-B684-97CF6FD726CF}) (Version: 12.0.41012.0 - Microsoft Corporation)
Microsoft SQL Server Data Tools Build Utilities - enu (12.0.30919.1) (HKLM-x32\...\{6781FF9B-E87D-4A03-9373-A55A288B83FA}) (Version: 12.0.30919.1 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (HKLM-x32\...\{A47FD1BF-A815-4A76-BE65-53A15BD5D25D}) (Version: 10.50.1600.1 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (x64) (HKLM\...\{4701DEDE-1888-49E0-BAE5-857875924CA2}) (Version: 10.50.1600.1 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2012 (HKLM-x32\...\{070C38AC-05CE-43DF-9A20-141332F6AB2B}) (Version: 11.1.3366.16 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2012 (x64) (HKLM\...\{05FF8209-C4F1-4C77-BC28-791653156D20}) (Version: 11.1.3366.16 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2014 (HKLM\...\{FC3BB979-AA54-4B60-BBA3-2C4DA6E08D80}) (Version: 12.0.2402.29 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2014 (HKLM-x32\...\{091CE6AA-2753-4F6E-AD1C-0E875744EB54}) (Version: 12.0.2402.29 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{d491dd9d-2eda-4d75-b504-1a201436e7fd}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{3994d355-238a-4612-af93-26d13deddef1}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664 (HKLM-x32\...\{042d26ef-3dbe-4c25-95d3-4c1b11b235a7}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.10.25008 (HKLM-x32\...\{f1e7e313-06df-4c56-96a9-99fdfd149c51}) (Version: 14.10.25008.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.10.25008 (HKLM-x32\...\{c239cea1-d49e-4e16-8e87-8c055765f7ec}) (Version: 14.10.25008.0 - Microsoft Corporation)
Microsoft Visual C++ Compiler Package for Python 2.7 (HKLM-x32\...\{692514A8-5484-45FC-B0AE-BE2DF7A75891}) (Version: 9.0.1.30729 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio Community 2013 with Update 5 (HKLM-x32\...\{693b15f4-4a52-402e-a7ea-862b20443883}) (Version: 12.0.40629 - Microsoft Corporation)
Microsoft Web Deploy 3.5 (HKLM\...\{69A998C5-00A9-42CA-AB4E-C31CFFCD9251}) (Version: 3.1237.1763 - Microsoft Corporation)
Minecraft (HKLM-x32\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang)
Node.js (HKLM\...\{EEF1F214-C6D4-4372-AA10-5DA4DAD5E4C5}) (Version: 4.0.0 - Node.js Foundation)
NPP Development (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_npp_dev_9.1) (Version: 9.1 - NVIDIA Corporation) Hidden
NPP Runtime (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_npp_9.1) (Version: 9.1 - NVIDIA Corporation) Hidden
nvcc (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_nvcc_9.1) (Version: 9.1 - NVIDIA Corporation) Hidden
NVGRAPH Development (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_nvgraph_dev_9.1) (Version: 9.1 - NVIDIA Corporation) Hidden
NVGRAPH Runtime (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_nvgraph_9.1) (Version: 9.1 - NVIDIA Corporation) Hidden
NVIDIA 3D Vision Controller Driver 369.04 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 369.04 - NVIDIA Corporation)
NVIDIA 3D Vision Driver 388.19 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 388.19 - NVIDIA Corporation)
NVIDIA CUDA Development 9.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_CUDADevelopment_9.1) (Version: 9.1 - NVIDIA Corporation)
NVIDIA CUDA Documentation 9.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_CUDADocument_9.1) (Version: 9.1 - NVIDIA Corporation)
NVIDIA CUDA Runtime 9.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_CUDARuntimes_9.1) (Version: 9.1 - NVIDIA Corporation)
NVIDIA CUDA Samples 9.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_samples_9.1) (Version: 9.1 - NVIDIA Corporation)
NVIDIA CUDA Visual Studio Integration 9.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_visual_studio_integration_9.1) (Version: 9.1 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.13.1.30 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.13.1.30 - NVIDIA Corporation)
NVIDIA Graphics Driver 388.19 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 388.19 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.35.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.35.1 - NVIDIA Corporation)
NVIDIA Nsight Visual Studio Edition 5.4.0.17229 (HKLM\...\{3C2B7A30-1441-4418-8222-2A647ECF1C07}) (Version: 5.4.0.17229 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.17.0524 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0524 - NVIDIA Corporation)
NVIDIA Tools Extension SDK (NVTX) - 64 bit (HKLM\...\{B56D2F88-8865-40FD-B7AC-F074EE4D201D}) (Version: 1.00.00.00 - NVIDIA Corporation)
NVML Development (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_nvml_dev_9.1) (Version: 9.1 - NVIDIA Corporation) Hidden
nvprune (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_nvprune_9.1) (Version: 9.1 - NVIDIA Corporation) Hidden
NVRTC Development (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_nvrtc_dev_9.1) (Version: 9.1 - NVIDIA Corporation) Hidden
NVRTC Runtime (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_nvrtc_9.1) (Version: 9.1 - NVIDIA Corporation) Hidden
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 21.0.1 - OBS Project)
Occupancy Calculator (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_occupancy_calculator_9.1) (Version: 9.1 - NVIDIA Corporation) Hidden
Oculus (HKLM\...\Oculus) (Version: <3 - Oculus VR, LLC)
Oculus Rift DK2 Sensor Driver (HKLM\...\{F786EF4E-73FE-4700-AC19-FFC0B2298F20}) (Version: 1.0.0.0 - Oculus VR, LLC) Hidden
Oculus Rift Monitor Driver (HKLM\...\{E932D5B4-547A-4959-B642-3816836283E3}) (Version: 1.0.1.0 - Oculus VR, LLC) Hidden
Oculus Rift Sensor Driver (HKLM\...\{E724ED40-8962-4987-901D-57AC8C9E41CD}) (Version: 1.0.20.0 - Oculus VR, LLC) Hidden
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.8431.2236 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.8431.2236 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0409-1000-0000000FF1CE}) (Version: 16.0.8326.2076 - Microsoft Corporation) Hidden
Online Plug-in (HKLM-x32\...\{2AB290A4-6B1F-4591-AF1B-73153F10D362}) (Version: 14.4.1000.16 - Citrix Systems, Inc.) Hidden
Onward (HKLM\...\Steam App 496240) (Version:  - Downpour Interactive)
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
OpenSSL 1.0.2d (64-bit) (HKLM\...\OpenSSL (64-bit)_is1) (Version:  - OpenSSL Win64 Installer Team)
OSC Third Party Libraries (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_OSCLib) (Version: 1.1 - NVIDIA Corporation) Hidden
Outils de vérification linguistique 2013 de Microsoft Office - Français (HKLM\...\{90150000-001F-040C-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Overwatch (HKLM-x32\...\Overwatch) (Version:  - Blizzard Entertainment)
Overwolf (HKLM-x32\...\Overwolf) (Version: 0.112.1.21 - Overwolf Ltd.)
PACE License Support Win64 (HKLM\...\{83E92696-D92D-4c7e-B094-0BE853B191FE}) (Version: 2.5.2.1034 - PACE Anti-Piracy, Inc.) Hidden
PACE License Support Win64 (HKLM-x32\...\InstallShield_{83E92696-D92D-4c7e-B094-0BE853B191FE}) (Version: 2.5.2.1034 - PACE Anti-Piracy, Inc.)
Pavlov VR (HKLM\...\Steam App 555160) (Version:  - davevillz)
ph (HKLM-x32\...\{185F9795-9663-4F13-9EF9-307A282ADB5A}) (Version: 1.0.0 - Your Company Name) Hidden
Ping Pong Waves VR (HKLM\...\Steam App 488310) (Version:  - Hamzeh Alsalhi)
PingPlotter 5 (HKLM-x32\...\{E615D7C2-2D2D-47A1-9908-D1E5C80040F0}) (Version: 5.5.9.4251 - Pingman Tools, LLC) Hidden
PingPlotter 5 (HKLM-x32\...\PingPlotter 5 5.5.9.4251) (Version: 5.5.9.4251 - Pingman Tools, LLC)
PIXELA AAC LC CODEC (HKLM-x32\...\PIXELA AAC LC CODEC) (Version: 1.1.0.1 - Canon Inc.)
PlayClaw 5 (HKLM-x32\...\PlayClaw 5_is1) (Version: 5 - )
PlayClaw 5 fast codec (HKLM-x32\...\PlayClaw 5 fast codec_is1) (Version: 5 - )
PLAYERUNKNOWN'S BATTLEGROUNDS (HKLM\...\Steam App 578080) (Version:  - Bluehole, Inc.)
PLAYERUNKNOWN'S BATTLEGROUNDS (Test Server) (HKLM\...\Steam App 622590) (Version:  - )
Please State Your Name : A VR Animated Film (HKLM\...\Steam App 536210) (Version:  - Jak Wilmot)
Plex Media Server (HKLM-x32\...\{2fb84613-d20f-4778-8955-66178d5dee6f}) (Version: 1.10.1.4602 - Plex, Inc.)
Plex Media Server (HKLM-x32\...\{CB3C17B5-1DE6-4D78-9447-38C6F1277A2A}) (Version: 1.10.1602 - Plex, Inc.) Hidden
Pool Nation VR  (HKLM\...\Steam App 269170) (Version:  - Cherry Pop Games)
Port Forward Network Utilities (HKLM-x32\...\{88B1D36C-7B70-4C48-8D2F-AAB956ECF4C3}) (Version: 2.0.15 - Portforward, LLC)
Portal 2 (HKLM\...\Steam App 620) (Version:  - Valve)
PotPlayer-64 bit (HKLM\...\PotPlayer64) (Version: 1.7.5545 - Kakao Corp.)
PotPlayer-64 bit (HKLM-x32\...\PotPlayer64) (Version: 1.7.8557 - Kakao Corp.)
PowerShellIntegration.Notifications (HKLM-x32\...\{0B48F5AE-6A17-49C1-8C65-81C6F74E6CF2}) (Version: 2.6.0.0 - Microsoft Corporation) Hidden
PreEmptive Analytics Visual Studio Components (HKLM-x32\...\{943F3FB1-3F9C-4FB7-A4E2-6D53617068C3}) (Version: 1.2.3197.1 - PreEmptive Solutions) Hidden
Prerequisites for SSDT  (HKLM-x32\...\{21373064-AD95-48DB-A32E-0D9E08EF7355}) (Version: 12.0.2000.8 - Microsoft Corporation)
Prerequisites for SSDT  (HKLM-x32\...\{35C1D9D6-87C0-46A3-B1B4-EDBCC063221C}) (Version: 11.1.3000.0 - Microsoft Corporation)
Private Internet Access Support Files (HKLM-x32\...\{7D72DAFF-DCB2-437B-BC22-4B2ABF21462B}) (Version: 1.0.0.0 - Private Internet Access)
Private Internet Access v77 (HKLM-x32\...\{148169C2-5558-4C3E-B38A-7B1813A264CA}_is1) (Version: 77 - London Trust Media, Inc.)
Project64 version 2.3.0.210 (HKLM-x32\...\{BEB5FB69-4080-466F-96C4-F15DF271718B}_is1) (Version: 2.3.0.210 - )
PyQt GPL v4.11.4 for Python v2.7 (x64) (HKLM\...\PyQt GPL v4.11.4 for Python v2.7 (x64)) (Version: 4.11.4 - )
Python 2.7 pywin32-218 (HKCU\...\pywin32-py2.7) (Version:  - )
Python 2.7 Twisted-15.3.0 (HKCU\...\Twisted-py2.7) (Version:  - )
Python 2.7 WMI-1.4.9 (HKCU\...\WMI-py2.7) (Version:  - )
Python 2.7 zope.interface-3.8.0 (HKCU\...\zope.interface-py2.7) (Version:  - )
Python 2.7.10 (HKLM-x32\...\{E2B51919-207A-43EB-AE78-733F9C6797C2}) (Version: 2.7.10150 - Python Software Foundation)
Python 3.6.3 (32-bit) (HKCU\...\{1bb10b8c-6e63-4897-9fb2-3873ce30d7e1}) (Version: 3.6.3150.0 - Python Software Foundation)
Python 3.6.3 Core Interpreter (32-bit) (HKLM-x32\...\{52D39C34-E5F5-41AE-88CD-5DE66C9150B4}) (Version: 3.6.3150.0 - Python Software Foundation) Hidden
Python 3.6.3 Development Libraries (32-bit) (HKLM-x32\...\{F7D9BDE7-2C35-4F7E-AEBE-9F3028451087}) (Version: 3.6.3150.0 - Python Software Foundation) Hidden
Python 3.6.3 Documentation (32-bit) (HKLM-x32\...\{20EB04A7-B5EF-485E-9440-F36214C5501D}) (Version: 3.6.3150.0 - Python Software Foundation) Hidden
Python 3.6.3 Executables (32-bit) (HKLM-x32\...\{CA16E2AA-4499-4FE5-A88C-174612920734}) (Version: 3.6.3150.0 - Python Software Foundation) Hidden
Python 3.6.3 pip Bootstrap (32-bit) (HKLM-x32\...\{DA64A828-F7A9-4A19-97BD-3A9A63CEB972}) (Version: 3.6.3150.0 - Python Software Foundation) Hidden
Python 3.6.3 Standard Library (32-bit) (HKLM-x32\...\{14843392-E9B3-4031-BCF6-FC00D5791AA8}) (Version: 3.6.3150.0 - Python Software Foundation) Hidden
Python 3.6.3 Tcl/Tk Support (32-bit) (HKLM-x32\...\{AE89BB1E-1C06-4556-AA05-A6628DE07BA9}) (Version: 3.6.3150.0 - Python Software Foundation) Hidden
Python 3.6.3 Test Suite (32-bit) (HKLM-x32\...\{63208505-67AD-4AAC-BD7B-00DE5B83BAF0}) (Version: 3.6.3150.0 - Python Software Foundation) Hidden
Python 3.6.3 Utility Scripts (32-bit) (HKLM-x32\...\{6CF91DC2-CED3-410B-88BB-E048C994AA1A}) (Version: 3.6.3150.0 - Python Software Foundation) Hidden
Python Launcher (HKLM-x32\...\{C093353B-F9EE-4A06-923D-C1B340B82886}) (Version: 3.6.6119.0 - Python Software Foundation)
Python Tools Redirection Template (HKLM-x32\...\{2881CFB4-71F9-40C7-8228-6395117C0EDA}) (Version: 1.3 - Microsoft Corporation) Hidden
Qualcomm Atheros Bandwidth Control Filter Driver (HKLM\...\{ABFED5A0-7D10-4617-A816-DD2D3B85706D}) (Version: 1.0.30.1259 - Qualcomm Atheros) Hidden
Qualcomm Atheros Killer E220x Drivers (HKLM\...\{E970CE81-6F26-4274-8E4E-5AFC000FB888}) (Version: 1.0.30.1259 - Qualcomm Atheros) Hidden
Qualcomm Atheros Killer Network Manager Suite (HKLM-x32\...\{FE5DFB80-6937-4154-A2C7-EF845C1301F8}) (Version: 1.0.30.1259 - Qualcomm Atheros)
Qualcomm Atheros Network Manager (HKLM\...\{401FADAA-1C16-4721-9F02-19067E1A1CA8}) (Version: 1.0.30.1259 - Qualcomm Atheros) Hidden
QuiVr (HKLM\...\Steam App 489380) (Version:  - Blueteak)
RadiAnt DICOM Viewer (64-bit) (HKLM-x32\...\RadiAnt64) (Version: 3.0.2.12209 - Medixant)
Rainmeter (HKLM-x32\...\Rainmeter) (Version: 4.0 beta r2618 - )
Razer Synapse (HKLM-x32\...\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 2.20.17.413 - Razer Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8228 - Realtek Semiconductor Corp.)
Rec Room (HKLM\...\Steam App 471710) (Version:  - Against Gravity)
RenderManNC-Installer (HKLM\...\{DBD61261-3A3B-11E6-93DC-9C35EBEEE7A7}) (Version: 1.0.0 - Pixar)
Revive Dashboard (HKLM-x32\...\Revive) (Version:  - )
Roslyn Language Services - x86 (HKLM-x32\...\{E6CAD8B3-5682-31CA-A05E-79F6DBF81066}) (Version: 14.0.25132 - Microsoft Corporation) Hidden
SABnzbd 0.7.20 (HKLM-x32\...\SABnzbd) (Version: 0.7.20 - The SABnzbd Team)
Sante DICOM Viewer FREE (HKLM-x32\...\{37AAB741-0988-4994-A326-BE01D9A21B1B}) (Version: 5.0.4 - Santesoft)
ScreenBloom version 2.2 (HKLM-x32\...\{2C19336A-4E51-4068-A0A2-D3B0325D001B}_is1) (Version: 2.2 - Tyler Kershner)
SDFormatter (HKLM-x32\...\{179324FF-7B16-4BA8-9836-055CAAEE4F08}) (Version: 4.0.0 - SD Association)
SDK de comprobación de Visual Studio 2012 - esn (HKLM-x32\...\{90EF884E-5253-324C-9C11-63C9DA16BF0C}) (Version: 12.0.30501 - Microsoft Corporation) Hidden
Self-service Plug-in (HKLM-x32\...\{37C6BFE8-9345-4BE5-A807-9E427562958B}) (Version: 4.4.1000.13058 - Citrix Systems, Inc.) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D82063A8-7C8C-4C3B-A9BB-95138CA55D26}) (Version:  - Microsoft)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0015-0409-1000-0000000FF1CE}_Office15.PROPLUS_{6227D1A8-9E29-463F-8DE6-1CFA1FFF8ECE}) (Version:  - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0016-0409-1000-0000000FF1CE}_Office15.PROPLUS_{6227D1A8-9E29-463F-8DE6-1CFA1FFF8ECE}) (Version:  - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0018-0409-1000-0000000FF1CE}_Office15.PROPLUS_{6227D1A8-9E29-463F-8DE6-1CFA1FFF8ECE}) (Version:  - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0019-0409-1000-0000000FF1CE}_Office15.PROPLUS_{6227D1A8-9E29-463F-8DE6-1CFA1FFF8ECE}) (Version:  - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-001A-0409-1000-0000000FF1CE}_Office15.PROPLUS_{6227D1A8-9E29-463F-8DE6-1CFA1FFF8ECE}) (Version:  - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-001B-0409-1000-0000000FF1CE}_Office15.PROPLUS_{6227D1A8-9E29-463F-8DE6-1CFA1FFF8ECE}) (Version:  - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-001F-0409-1000-0000000FF1CE}_Office15.PROPLUS_{835E4BED-E265-4103-AE14-0B4C70CF3FE8}) (Version:  - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-001F-040C-1000-0000000FF1CE}_Office15.PROPLUS_{1F7000D3-A917-4AD2-BA55-59E6FDAF062A}) (Version:  - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-001F-0C0A-1000-0000000FF1CE}_Office15.PROPLUS_{4BF13B26-3A95-4E42-900A-DEB16FDA75A0}) (Version:  - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-002C-0409-1000-0000000FF1CE}_Office15.PROPLUS_{C5D14A1B-6E3E-491A-96C6-ABDEEEC4E97D}) (Version:  - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0044-0409-1000-0000000FF1CE}_Office15.PROPLUS_{6227D1A8-9E29-463F-8DE6-1CFA1FFF8ECE}) (Version:  - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-006E-0409-1000-0000000FF1CE}_Office15.PROPLUS_{D7E879E6-B505-4DA2-BFEE-53A55E7C8E38}) (Version:  - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0090-0409-1000-0000000FF1CE}_Office15.PROPLUS_{6227D1A8-9E29-463F-8DE6-1CFA1FFF8ECE}) (Version:  - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-00A1-0409-1000-0000000FF1CE}_Office15.PROPLUS_{6227D1A8-9E29-463F-8DE6-1CFA1FFF8ECE}) (Version:  - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-00BA-0409-1000-0000000FF1CE}_Office15.PROPLUS_{6227D1A8-9E29-463F-8DE6-1CFA1FFF8ECE}) (Version:  - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{1931508C-C004-4983-81E3-70BE6252904B}) (Version:  - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-00C1-0409-1000-0000000FF1CE}_Office15.PROPLUS_{E4F470B2-3601-4E1C-B291-D6B580F53136}) (Version:  - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-00E1-0409-1000-0000000FF1CE}_Office15.PROPLUS_{6227D1A8-9E29-463F-8DE6-1CFA1FFF8ECE}) (Version:  - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-00E2-0409-1000-0000000FF1CE}_Office15.PROPLUS_{6227D1A8-9E29-463F-8DE6-1CFA1FFF8ECE}) (Version:  - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0115-0409-1000-0000000FF1CE}_Office15.PROPLUS_{D7E879E6-B505-4DA2-BFEE-53A55E7C8E38}) (Version:  - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0117-0409-1000-0000000FF1CE}_Office15.PROPLUS_{6227D1A8-9E29-463F-8DE6-1CFA1FFF8ECE}) (Version:  - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-012B-0409-1000-0000000FF1CE}_Office15.PROPLUS_{6227D1A8-9E29-463F-8DE6-1CFA1FFF8ECE}) (Version:  - Microsoft) Hidden
SES Driver (HKLM\...\{D8CC254C-C671-4664-9A38-FA368D1E2C97}) (Version: 1.0.0 - Western Digital)
Shadow Beta 0.3.11 (only current user) (HKCU\...\f3568a48-2dbf-5949-9055-99d9148dfd32) (Version: 0.3.11 - Blade)
Simplify3D Software (HKLM\...\Simplify3D Software 3.1.1) (Version: 3.1.1 - Simplify3D)
Simplify3D Software (HKLM\...\Simplify3D Software 4.0.1) (Version: 4.0.1 - Simplify3D)
Skype Click to Call (HKLM-x32\...\{873F8E7C-10E6-449F-BD7E-5FBA7C8E1C9B}) (Version: 8.5.0.9167 - Microsoft Corporation)
Skype™ 7.29 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.29.102 - Skype Technologies S.A.)
Sonarr version 2.0 (HKLM-x32\...\{56C1065D-3523-4025-B76D-6F73F67F7F71}_is1) (Version: 2.0 - Team Sonarr)
Sound Blaster X-Fi MB3 (HKLM-x32\...\{3689CE39-3173-4952-B7AF-F1A9D6F9A288}) (Version: 1.00.03 - Creative Technology Limited)
SoundStage (HKLM\...\Steam App 485780) (Version:  - Hard Light Labs)
Spotify (HKCU\...\Spotify) (Version: 1.0.27.75.gdc223232 - Spotify AB)
StarCraft II (HKLM-x32\...\StarCraft II) (Version:  - Blizzard Entertainment)
SteamVR (HKLM\...\Steam App 250820) (Version:  - )
Stopping Plex (HKLM-x32\...\{5E4EA395-F2C2-4A16-A4C7-99897E1859F2}) (Version: 1.10.1602 - Plex, Inc.) Hidden
StreamLabels 0.2.8 (only current user) (HKCU\...\8000d50a-fcb7-5b38-8a3b-a02a0ec79daa) (Version: 0.2.8 - Streamlabs)
System Requirements Lab Detection (HKLM-x32\...\{825DBC5F-2A31-4039-87F3-84DB3D969550}) (Version: 6.1.6.0 - Husdawg, LLC)
Tabletop Simulator (HKLM\...\Steam App 286160) (Version:  - Berserk Games)
Team Explorer for Microsoft Visual Studio 2013 (HKLM-x32\...\{C9E7751E-88ED-36CF-B610-71A1D262E906}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.18 - TeamSpeak Systems GmbH)
TeamViewer 12 (HKLM-x32\...\TeamViewer) (Version: 12.0.95388 - TeamViewer)
The Body VR (HKLM\...\Steam App 451980) (Version:  - The Body VR LLC)
The Brookhaven Experiment Demo (HKLM\...\Steam App 445390) (Version:  - Phosphor Games)
The Lab (HKLM\...\Steam App 450390) (Version:  - Valve)
The Nest (HKLM\...\Steam App 473910) (Version:  - invrse studios)
The VR Museum of Fine Art (HKLM\...\Steam App 515020) (Version:  - Finn Sinclair)
Tilt Brush (HKLM\...\Steam App 327140) (Version:  - Google)
Tom Clancy's Rainbow Six Siege - Technical Test Server (HKLM\...\Steam App 623990) (Version:  - )
Tom Clancy's Rainbow Six Siege (HKLM\...\Steam App 359550) (Version:  - Ubisoft Montreal)
TP-LINK Archer T8E Driver (HKLM-x32\...\{3D8782AB-B2A0-4060-84C0-C49840DCE842}) (Version: 1.3.1 - TP-LINK)
TypeScript Power Tool (HKLM-x32\...\{6098D454-CB7B-44C2-8615-D869FD9655C7}) (Version: 1.0.5.0 - Microsoft Corporation) Hidden
TypeScript Tools for Microsoft Visual Studio 2013 (HKLM-x32\...\{0E4A9B1A-12D2-4827-BE61-44DBD72797FB}) (Version: 1.0.5.0 - Microsoft Corporation) Hidden
TypeScript Tools for Microsoft Visual Studio 2015 (HKLM-x32\...\{4AC64C61-A7EC-4E4E-8F28-F57EB3430334}) (Version: 1.8.31.0 - Microsoft Corporation) Hidden
UE4 Prerequisites (x64) (HKLM\...\{36EAD5CF-44EF-4FCF-8BE1-D96C4835D7A4}) (Version: 1.0.11.0 - Epic Games, Inc.) Hidden
UE4 Prerequisites (x64) (HKLM-x32\...\{2890ae6b-90e9-448d-b3e6-97e43c21e2fd}) (Version: 1.0.13.0 - Epic Games, Inc.) Hidden
Unity (HKLM-x32\...\Unity) (Version: 5.3.5f1 - Unity Technologies ApS)
Unity Web Player (HKCU\...\UnityWebPlayer) (Version: 5.3.5f1 - Unity Technologies ApS)
Update for  (KB2504637) (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}.KB2504637) (Version: 1 - Microsoft Corporation)
Update for Skype for Business 2015 (KB4018290) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{845EC284-26A3-46CA-9140-FA924FC134E0}) (Version:  - Microsoft)
Update for Skype for Business 2015 (KB4018290) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{845EC284-26A3-46CA-9140-FA924FC134E0}) (Version:  - Microsoft)
Update for Skype for Business 2015 (KB4018290) 64-Bit Edition (HKLM\...\{90150000-012B-0409-1000-0000000FF1CE}_Office15.PROPLUS_{845EC284-26A3-46CA-9140-FA924FC134E0}) (Version:  - Microsoft)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{AC0D130B-8809-4125-811F-667893B90644}) (Version: 2.11.0.0 - Microsoft Corporation)
Uplay (HKLM-x32\...\Uplay) (Version: 25.0 - Ubisoft)
UxStyle (HKLM\...\{86D24646-DAF6-4F5E-BCAD-CF7EF8E362E1}) (Version: 0.2.3.0 - The Within Network, LLC) Hidden
UxStyle (HKLM-x32\...\{05560347-3a9b-4644-a8ed-8b64cc947189}) (Version: 0.2.3.0 - The Within Network, LLC)
Virtual Desktop (HKLM\...\Steam App 382110) (Version:  - Guy Godin)
Visual Studio 2013 Update 5 (KB2829760) (HKLM-x32\...\{17551f85-1d1c-4142-a83f-bbd18a3522c2}) (Version: 12.0.40629 - Microsoft Corporation)
VIVE Software (HKLM-x32\...\VIVE Software) (Version: 1.0.4.124 - HTC)
ViveDriver (HKLM-x32\...\{8ff389b7-122a-494c-9d04-cb3165b8738d}) (Version: 1.1.0.8 - HTC Corp.)
ViveDummy (HKLM-x32\...\{1F9BDD9F-AB3D-4384-A080-80E713702ADE}) (Version: 0.9.0.4 - HTC) Hidden
Viveport Companion (HKLM-x32\...\{80dd7daf-17fb-4da8-baa9-d117f3a376b8}) (Version: 0.7.0.14 - HTC Corp.)
Viveport Companion (x86) (HKLM-x32\...\{94231B17-6C14-493B-A135-076B5F542109}) (Version: 0.7.0.14 - HTC Corp.) Hidden
Viveport Desktop (HKLM-x32\...\{4913dc96-c284-413d-aea1-83da3a84317d}) (Version: 1.1.5.35 - HTC Corp.) Hidden
Viveport Desktop (x86) (HKLM-x32\...\{1CD37D5D-A9E8-4006-A084-A707DC059C89}) (Version: 1.1.5.35 - HTC Corp.) Hidden
Viveport Diagnosis (HKLM-x32\...\{65524a09-f6cd-466c-a3d6-082080c7953b}) (Version: 1.2.0.38 - HTC Corp.)
Viveport Diagnosis (x86) (HKLM-x32\...\{672DE666-F6CF-4493-8D04-635CF75CE301}) (Version: 1.2.0.38 - HTC Corp.) Hidden
Viveport DirectX 9.0 (HKLM-x32\...\{be57836a-f280-46c1-ac84-5292ef323e92}) (Version: 1.1.0.3 - HTC Corp.)
Viveport DirectX 9.0 (x86/x64) (HKLM-x32\...\{58771A37-9B07-4B85-82D4-6189623F2255}) (Version: 1.1.0.3 - HTC Corp.) Hidden
VLC media player (HKLM\...\VLC media player) (Version: 2.2.1 - VideoLAN)
Voicemeeter, The Virtual Mixing Console (HKLM-x32\...\VB:Voicemeeter {17359A74-1236-5467}) (Version:  - VB-Audio Software)
vorpX (HKCU\...\{C136D0CC-9077-4979-801E-6B5A956EED6A}_is1) (Version: 16.2.0.0 - Animation Labs)
VS Update core components (HKLM-x32\...\{7CE8C6D0-6EA4-34C3-A4ED-8C28A1D67228}) (Version: 12.0.40629 - Microsoft Corporation) Hidden
Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1) (Version: 1.0.65.1 - LunarG, Inc.) Hidden
Wacom (HKLM\...\Pen Tablet Driver) (Version: 5.3.3-3 - Wacom Technology Corp.)
Waltz of the Wizard (HKLM\...\Steam App 436820) (Version:  - Aldin Dynamics)
WCF Data Services 5.6.0 Runtime (HKLM-x32\...\{46910786-E4AC-41E4-A4A0-C086EA85242D}) (Version: 5.6.61587.0 - Microsoft Corporation) Hidden
WCF Data Services Tools for Microsoft Visual Studio 2013 (HKLM-x32\...\{BF3E2194-F89B-44FB-A801-464BF787599F}) (Version: 5.6.61587.0 - Microsoft Corporation) Hidden
WCF RIA Services V1.0 SP2 (HKLM-x32\...\{5D8DD6A8-C4D7-4554-93F9-F1CC28C72600}) (Version: 4.1.62812.0 - Microsoft Corporation)
WebDrive (HKLM\...\{F08E87FD-F62B-4BAC-A2D6-A94755653F30}) (Version: 11.00.2835 - South River Technologies)
WebTablet FB Plugin 32 bit (HKLM-x32\...\Wacom WebTabletPlugin for Internet Explorer and Netscape) (Version: 2.1.0.3 - Wacom Technology Corp.)
WebTablet FB Plugin 64 bit (HKLM\...\Wacom WebTabletPlugin for Internet Explorer and Netscape) (Version: 2.1.0.3 - Wacom Technology Corp.)
Win32DiskImager version 0.9.5 (HKLM-x32\...\{D074CE74-912A-4AD3-A0BF-3937D9D01F17}_is1) (Version: 0.9.5 - ImageWriter Developers)
WinDirStat 1.1.2 (HKCU\...\WinDirStat) (Version:  - )
Windows Driver Package - Broadcom Corporation (bcbtums) Bluetooth  (07/14/2015 12.0.1.658) (HKLM\...\BABE4E18F2E0DA329C1139E5584082BBE6F64E5F) (Version: 07/14/2015 12.0.1.658 - Broadcom Corporation)
Windows Driver Package - Focusrite USB 2.0 Audio Driver (09/25/2013 2.5.128.1) (HKLM\...\CF1FC201D237269A9CD51A3A6B14ADBF67175C32) (Version: 09/25/2013 2.5.128.1 - Focusrite)
Windows Driver Package - Western Digital Technologies (WDC_SAM) WDC_SAM  (01/19/2011 1.0.0009.0) (HKLM\...\4CA7CFBB29889F25ACB3DF6E3A42BAE29EB43B20) (Version: 01/19/2011 1.0.0009.0 - Western Digital Technologies)
Windows Phone 8.1 Emulators - ENU (HKLM-x32\...\{166a69f6-6512-47ea-a342-17d954fc059a}) (Version: 12.0.31010.0 - Microsoft Corporation)
Wolfram Mathematica 11.3 (M-WIN-L 11.3.0 5944644) (HKLM\...\M-WIN-L 11.3.0 5944644_is1) (Version: 11.3.0 - Wolfram Research, Inc.)
WolframScript (A-WIN32-WolframScript 11.3.0 2018030401) (HKLM-x32\...\{F8D88AF3-43F1-4818-B6DB-0D38F8E42833}) (Version: 11.3.49 - Wolfram Research, Inc.)
Пакет Visual Studio 2012 Verification SDK - rus (HKLM-x32\...\{977CABC5-7B4B-3AE4-8E1B-56C673C1D638}) (Version: 12.0.30501 - Microsoft Corporation) Hidden
========================= Devices: ================================
Name: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Description: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Cisco Systems
Service: vpnva
Device ID: ROOT\NET\0006
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

========================= Memory info: ===================================
Percentage of memory in use: 55%
Total physical RAM: 16343.7 MB
Available physical RAM: 7328.19 MB
Total Virtual: 21335.7 MB
Available Virtual: 9514.34 MB
========================= Partitions: =====================================
1 Drive c: () (Fixed) (Total:231.9 GB) (Free:21.84 GB) NTFS
2 Drive g: (Games and More) (Fixed) (Total:929.87 GB) (Free:333.14 GB) NTFS
3 Drive t: (The TB) (Fixed) (Total:931.39 GB) (Free:112.04 GB) NTFS
4 Drive x: (The Triple) (Fixed) (Total:2794.39 GB) (Free:2478.47 GB) NTFS
========================= Users: ========================================
User accounts for \\THERETINA
4779E99925104DA6B05C     Administrator            Chris                   
DefaultAccount           Guest                    WDAGUtilityAccount      
========================= Restore Points ==================================
20-03-2018 08:39:15 Installed WolframScript (A-WIN32-WolframScript 11.3.0 2018030401)
24-03-2018 02:57:45 Installed DirectX
27-03-2018 00:05:35 Removed System Requirements Lab Detection
**** End of log ****

 

 


Edited by camaraderie, 28 March 2018 - 10:37 PM.


BC AdBot (Login to Remove)

 


#2 camaraderie

camaraderie
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:11:45 PM

Posted 29 March 2018 - 04:02 PM

I have a new copy of Windows 10 on a boot drive (from another computer) that I plan on using to reinstall windows as I get the feeling this is not salvageable. Correct me if I'm wrong, but it seems the roots are too deep. Unfortunately, my backups and file histories are all from times that I was likely already infected and the backups of the C: drive were stored on another drive on this PC, so I don't really trust the legitimacy of it anyway.

 

Most of the personally important things like photos have been backed up.

 

------

 

Now for the stupid questions: what do I do about things like my BIOS and my GPU's BIOS? Is the rootkit also embedded in those files? If I do a clean install of Windows, will I still be infected because of this? Or what if I can't even get into the BIOS when re-installing Windows because it has corrupted the BIOS?



#3 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,221 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:12:45 AM

Posted 03 April 2018 - 11:14 AM

First ... repost with an FRST log from guide so we can get a deep look.

Please follow this Preparation Guide and post in a new topic.
Let me know if all went well..
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users