Additional scan result of Farbar Recovery Scan Tool (x64) Version:04-10-2015 Ran by Hunter Cutbush (2017-02-03 11:18:26) Running from C:\Users\Hunter Cutbush\Desktop\New folder Windows 10 Home (X64) (2016-09-06 11:26:45) Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-2812841368-160768024-1615238598-500 - Administrator - Disabled) DefaultAccount (S-1-5-21-2812841368-160768024-1615238598-503 - Limited - Disabled) Guest (S-1-5-21-2812841368-160768024-1615238598-501 - Limited - Disabled) Hunter Cutbush (S-1-5-21-2812841368-160768024-1615238598-1001 - Administrator - Enabled) => C:\Users\Hunter Cutbush ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AV: McAfee Anti-Virus and Anti-Spyware (Enabled - Up to date) {B10D5953-051E-97F6-F53B-3839EFD98259} AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B} AS: McAfee Anti-Virus and Anti-Spyware (Enabled - Up to date) {0A6CB8B7-2324-9878-CF8B-034B945EC8E4} AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} FW: McAfee Firewall (Enabled) {8936D876-4F71-96AE-DE64-910C110AC522} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) µTorrent (HKU\S-1-5-21-2812841368-160768024-1615238598-1001\...\uTorrent) (Version: 3.4.5.41865 - BitTorrent Inc.) 12 Labours of Hercules III: Girl Power (x32 Version: 3.0.2.118 - WildTangent) Hidden abDocs (HKLM-x32\...\{CA4FE8B0-298C-4E5D-A486-F33B126D6A0A}) (Version: 1.10.2001 - Acer Incorporated) abDocs Office AddIn (HKLM-x32\...\{DCBF3379-246B-47E1-8173-639B63940838}) (Version: 3.02.2001 - Acer Incorporated) abFiles (HKLM-x32\...\{13885028-098C-4799-9B71-27DAC96502D5}) (Version: 2.03.2003 - Acer Incorporated) abMusic (HKLM-x32\...\{E9AF1707-3F3A-49E2-8345-4F2D629D0876}) (Version: 3.01.2002.1 - Acer Incorporated) abPhoto (HKLM-x32\...\{B5AD89F2-03D3-4206-8487-018298007DD0}) (Version: 3.08.2003.3 - Acer Incorporated) Acer Drive (HKLM-x32\...\{5D45E67C-B04E-411F-93BB-947DAAF355D5}) (Version: 1.00.3009 - Acer Incorporated) Acer Portal (HKLM-x32\...\{A5AD0B17-F34D-49BE-A157-C8B3D52ACD13}) (Version: 3.12.2004 - Acer Incorporated) Acer Quick Access (HKLM\...\{E3678E72-78E3-4F91-A9FB-913876FF6DA2}) (Version: 2.00.3005 - Acer Incorporated) Acer UEIP Framework (HKLM\...\{12A718F2-2357-4D41-9E1F-18583A4745F7}) (Version: 2.01.3002 - Acer Incorporated) ACP Application (Version: 2015.1204.1152.59 - Advanced Micro Devices, Inc.) Hidden Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 3.9.5.353 - Adobe Systems Incorporated) Adobe Flash Player 24 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 24.0.0.194 - Adobe Systems Incorporated) Adobe Flash Player 24 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 24.0.0.194 - Adobe Systems Incorporated) Adobe Photoshop CC 2017 (HKLM-x32\...\PHSP_18_0_1) (Version: 18.0.1 - Adobe Systems Incorporated) Amazon Assistant (HKLM-x32\...\{CFCB3B71-2A0F-4E91-8B8E-A9DF809DEF6A}) (Version: 10.17.0201 - Amazon) AMD Install Manager (HKLM\...\AMD Catalyst Install Manager) (Version: 9.0.000.4 - Advanced Micro Devices, Inc.) AMD Quick Stream (HKLM\...\{E9EED4AE-682B-4501-9574-D09A21717599}_is1) (Version: 4.0.0.0 - AppEx Networks) Ansel (Version: 378.49 - NVIDIA Corporation) Hidden AOP Framework (HKLM-x32\...\{4A37A114-702F-4055-A4B6-16571D4A5353}) (Version: 3.22.2001.0 - Acer Incorporated) Audacity 2.1.0 (HKLM-x32\...\Audacity_is1) (Version: 2.1.0 - Audacity Team) Avast SecureLine (HKLM\...\{2CD3C92F-EDC5-4B02-9B0A-9C1D37C58EF5}_is1) (Version: 1.0.239.4 - AVAST Software) Battle Realms Demo (HKLM-x32\...\{61D6D0CD-3EC3-4240-8895-DF63C40B607E}) (Version: 0.99.0000 - Liquid Entertainment) Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment) Battlefield™ 1 Open Beta (HKLM-x32\...\{F9E19363-7B10-4F8A-8640-945C36D4B504}) (Version: 1.0.8.10777 - Electronic Arts) Black Ops 2 - GSC Studio (HKLM-x32\...\{909C0DF9-6BBE-42BD-8FB2-0ADEBA3459B6}_is1) (Version: 16.2.15.0 - iMCS Productions) Blender (HKLM\...\{D593042C-8739-488D-93B8-E6B202013E57}) (Version: 2.76.1 - Blender Foundation) Call of Duty: Black Ops II - Multiplayer (HKLM\...\Steam App 202990) (Version: - Treyarch) Call of Duty: Black Ops II - Zombies (HKLM\...\Steam App 212910) (Version: - ) Call of Duty: Black Ops II (HKLM\...\Steam App 202970) (Version: - Treyarch) CAM (HKLM-x32\...\{901BE06B-D6EA-42BD-9345-3E51BEEAD9CF}) (Version: 3.3.0 - NZXT) CameraHelperMsi (x32 Version: 13.51.815.0 - Logitech) Hidden Catalyst Control Center Next Localization BR (Version: 2015.1204.1216.22046 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization CHS (Version: 2015.1204.1216.22046 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization CHT (Version: 2015.1204.1216.22046 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization CS (Version: 2015.1204.1216.22046 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization DA (Version: 2015.1204.1216.22046 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization DE (Version: 2015.1204.1216.22046 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization EL (Version: 2015.1204.1216.22046 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization ES (Version: 2015.1204.1216.22046 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization FI (Version: 2015.1204.1216.22046 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization FR (Version: 2015.1204.1216.22046 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization HU (Version: 2015.1204.1216.22046 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization IT (Version: 2015.1204.1216.22046 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization JA (Version: 2015.1204.1216.22046 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization KO (Version: 2015.1204.1216.22046 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization NL (Version: 2015.1204.1216.22046 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization NO (Version: 2015.1204.1216.22046 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization PL (Version: 2015.1204.1216.22046 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization RU (Version: 2015.1204.1216.22046 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization SV (Version: 2015.1204.1216.22046 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization TH (Version: 2015.1204.1216.22046 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization TR (Version: 2015.1204.1216.22046 - Advanced Micro Devices, Inc.) Hidden CCleaner (HKLM\...\CCleaner) (Version: 5.23 - Piriform) Citra Edge (HKU\S-1-5-21-2812841368-160768024-1615238598-1001\...\citra) (Version: 0.1.136 - Citra Development Team) Curse (HKLM-x32\...\{DEE70742-F4E9-44CA-B2B9-EE95DCF37295}) (Version: 6.0.0.0 - Curse) CyberLink PhotoDirector 5 (HKLM-x32\...\InstallShield_{5A454EC5-217A-42a5-8CE1-2DDEC4E70E01}) (Version: 5.0.6623.01 - CyberLink Corp.) CyberLink PowerDirector 12 (HKLM-x32\...\InstallShield_{E1646825-D391-42A0-93AA-27FA810DA093}) (Version: 12.0.3602.01 - CyberLink Corp.) CyberLink PowerDVD 12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.4609.01 - CyberLink Corp.) D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden Dashlane (HKU\S-1-5-21-2812841368-160768024-1615238598-1001\...\Dashlane) (Version: 4.6.1.18109 - Dashlane, Inc.) Dashlane Upgrade Service (HKLM-x32\...\Dashlane Upgrade Service) (Version: 1.2.3.5 - Dashlane SAS) Dino Storm (x32 Version: 13.0.0.6 - WildTangent) Hidden Discord (HKU\S-1-5-21-2812841368-160768024-1615238598-1001\...\Discord) (Version: 0.0.297 - Hammer & Chisel, Inc.) Dxtory version 2.0.127 (HKLM-x32\...\Dxtory2.0_is1) (Version: 2.0.127 - ExKode Co. Ltd.) eBay Worldwide (HKLM-x32\...\{3DC26EA7-03E3-4353-9424-EEB7A34A7504}) (Version: 2.5.0427 - OEM) erLT (x32 Version: 1.20.138.34 - Logitech, Inc.) Hidden Euro Truck Simulator 2 (HKLM-x32\...\{1B705E8F-9893-4486-B5D7-4F7FEB9C871E}_is1) (Version: 1.22.2 - SCS Software) Evolve Stage 2 (HKLM\...\Steam App 273350) (Version: - Turtle Rock Studios) FireStorm version V1.0.45.000 (HKLM-x32\...\FireStorm_is1) (Version: V1.0.45.000 - ) Fraps (remove only) (HKLM-x32\...\Fraps) (Version: - ) Free FLV to MP4 Converter 1.0.28 (HKLM-x32\...\{B00D1F02-C556-48eb-9DC2-32C778B71CE2}_is1) (Version: 1.0.28 - free-videoconverter) Game Explorer Categories - genres (HKLM-x32\...\WildTangentGameProvider-acer-genres) (Version: 13.0.0.6 - WildTangent, Inc.) Game Explorer Categories - main (HKLM-x32\...\WildTangentGameProvider-acer-main) (Version: 13.0.0.6 - WildTangent, Inc.) Garry's Mod (HKLM\...\Steam App 4000) (Version: - Facepunch Studios) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 55.0.2883.87 - Google Inc.) Google Update Helper (x32 Version: 1.3.32.7 - Google Inc.) Hidden HandBrake 0.10.5 (HKLM-x32\...\HandBrake) (Version: 0.10.5 - ) Heroes of the Storm (HKLM-x32\...\Heroes of the Storm) (Version: - Blizzard Entertainment) HiPatch (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF000}) (Version: 5.0.3.9 - Hi-Rez Studios) Hi-Rez Studios Authenticate and Update Service (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}) (Version: 3.0.0.0 - Hi-Rez Studios) Home Makeover (x32 Version: 3.0.2.59 - WildTangent) Hidden IObit Unlocker (HKLM-x32\...\IObit Unlocker_is1) (Version: 1.1 - IObit) Java 8 Update 71 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418071F0}) (Version: 8.0.710.15 - Oracle Corporation) Java 8 Update 71 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218071F0}) (Version: 8.0.710.15 - Oracle Corporation) Jewel Match 3 (x32 Version: 2.2.0.97 - WildTangent) Hidden Jewel Match Snowscapes (x32 Version: 3.0.2.118 - WildTangent) Hidden Lagarith Lossless Codec (1.3.27) (HKLM-x32\...\{F59AC46C-10C3-4023-882C-4212A92283B3}_is1) (Version: - ) League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games) League of Legends (x32 Version: 3.0.1 - Riot Games) Hidden Left 4 Dead 2 (HKLM\...\Steam App 550) (Version: - Valve) Logitech Webcam Software (HKLM-x32\...\{D40EB009-0499-459c-A8AF-C9C110766215}) (Version: 2.80 - Logitech Inc.) Magic Academy (x32 Version: 2.2.0.97 - WildTangent) Hidden Malwarebytes version 3.0.6.1469 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.0.6.1469 - Malwarebytes) McAfee Internet Security (HKLM-x32\...\MSC) (Version: 15.0.2063 - McAfee, Inc.) McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.11.500.3 - McAfee, Inc.) McAfee Virtual Technician (HKLM-x32\...\McAfee Virtual Technician) (Version: 8.1.0.135 - McAfee, Inc.) McAfee WebAdvisor (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.0.209 - McAfee, Inc.) Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation) Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4693.1005 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-2812841368-160768024-1615238598-1001\...\OneDriveSetup.exe) (Version: 17.3.6743.1212 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50901.0 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23918 (HKLM-x32\...\{dab68466-3a7d-41a8-a5cf-415e3ff8ef71}) (Version: 14.0.23918.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24212 (HKLM-x32\...\{462f63a8-6347-4894-a1b3-dbfe3a4c981d}) (Version: 14.0.24212.0 - Microsoft Corporation) Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Mozilla Firefox 50.1.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 50.1.0 (x86 en-US)) (Version: 50.1.0 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 50.1.0 - Mozilla) MSI Afterburner 4.2.0 (HKLM-x32\...\Afterburner) (Version: 4.2.0 - MSI Co., LTD) MSI Kombustor 3.5.1 (HKLM\...\{9598DA62-2AE8-426D-9C86-BEA96AC6721E}_is1) (Version: - MSI Co., LTD) Need for Speed™ Most Wanted (HKLM-x32\...\{FB0127F3-985B-44CE-AE29-378CAF60B361}) (Version: 1.5.0.0 - Electronic Arts) NVIDIA 3D Vision Controller Driver 369.04 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 369.04 - NVIDIA Corporation) NVIDIA 3D Vision Driver 378.49 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 378.49 - NVIDIA Corporation) NVIDIA GeForce Experience 3.3.0.95 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.3.0.95 - NVIDIA Corporation) NVIDIA Graphics Driver 378.49 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 378.49 - NVIDIA Corporation) NVIDIA HD Audio Driver 1.3.34.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.21 - NVIDIA Corporation) NVIDIA Miracast Virtual Audio 347.88 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Miracast.VirtualAudio) (Version: 347.88 - NVIDIA Corporation) NVIDIA PhysX System Software 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation) NvNodejs (Version: 3.3.0.95 - NVIDIA Corporation) Hidden NvTelemetry (Version: 2.3.5.0 - NVIDIA Corporation) Hidden NvvHci (Version: 2.02.0.5 - NVIDIA Corporation) Hidden Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version: - ) Origin (HKLM-x32\...\Origin) (Version: 10.4.2.12697 - Electronic Arts, Inc.) Overwatch (HKLM-x32\...\Overwatch) (Version: - Blizzard Entertainment) Overwatch Test (HKLM-x32\...\Overwatch Test) (Version: - Blizzard Entertainment) paint.net (HKLM\...\{A1D05314-DC32-4668-A97E-51060EC8BCCE}) (Version: 4.0.12 - dotPDN LLC) Paladins (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF402}) (Version: 0.34.1311.2 - Hi-Rez Studios) PAYDAY 2 (HKLM\...\Steam App 218620) (Version: - OVERKILL - a Starbreeze Studio.) Plants vs Zombies GW2 (HKLM-x32\...\{C4F00C98-13B4-4313-8152-50EE0B04ABE2}) (Version: 1.0.7.0 - Electronic Arts) PlaysTV (HKLM-x32\...\PlaysTV) (Version: 1.18.0-r120084-release - Plays.tv, LLC) Polar Bowler 1st Frame (x32 Version: 3.0.2.59 - WildTangent) Hidden PVZ Garden Warfare (HKLM-x32\...\{A5AC7D7B-C1D5-4AF9-8829-993DA335BE1B}) (Version: 1.0.3.0 - Electronic Arts) Raptr (HKLM-x32\...\Raptr) (Version: 5.2.7-r116720-release - Raptr, Inc) Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.10125.31214 - Realtek Semiconductor Corp.) Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.1.505.2015 - Realtek) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7525 - Realtek Semiconductor Corp.) Revo Uninstaller Pro 3.1.5 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 3.1.5 - VS Revo Group, Ltd.) RivaTuner Statistics Server 6.4.1 (HKLM-x32\...\RTSS) (Version: 6.4.1 - Unwinder) ROBLOX Player for Hunter Cutbush (HKU\S-1-5-21-2812841368-160768024-1615238598-1001\...\{373B1718-8CC5-4567-8EE2-9033AD08A680}) (Version: - ROBLOX Corporation) Rocket League (HKLM\...\Steam App 252950) (Version: - Psyonix, Inc.) Rory's Restaurant (x32 Version: 3.0.2.126 - WildTangent) Hidden Runefall (x32 Version: 3.0.2.126 - WildTangent) Hidden SHIELD Streaming (Version: 7.1.0351 - NVIDIA Corporation) Hidden SHIELD Wireless Controller Driver (Version: 3.3.0.95 - NVIDIA Corporation) Hidden Skype™ 7.30 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.30.105 - Skype Technologies S.A.) STAR WARS™ Battlefront™ (HKLM-x32\...\{E402D891-4E45-4ce9-B41F-DD35864EF170}) (Version: 1.0.7.36460 - Electronic Arts) Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) Trove (HKLM\...\Steam App 304050) (Version: - Trion Worlds) Unturned (HKLM\...\Steam App 304930) (Version: - Smartly Dressed Games) Update Installer for WildTangent Games App (x32 Version: - WildTangent) Hidden Vegas Pro 13.0 (64-bit) (HKLM\...\{D0360940-CCC6-11E3-B9C6-F04DA23A5C58}) (Version: 13.0.310 - Sony) Vegas World (x32 Version: 13.0.0.6 - WildTangent) Hidden Villagers and Heroes (x32 Version: 13.0.0.6 - WildTangent) Hidden Vulkan Run Time Libraries 1.0.3.0 (HKLM\...\VulkanRT1.0.3.0) (Version: 1.0.3.0 - LunarG, Inc.) Vulkan Run Time Libraries 1.0.37.0 (HKLM\...\VulkanRT1.0.37.0) (Version: 1.0.37.0 - LunarG, Inc.) WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.4.0 - WildTangent) WildTangent Games App (x32 Version: 4.0.11.16 - WildTangent) Hidden Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation) WinRAR 5.40 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH) WPS Office (10.2.0.5811) (HKLM-x32\...\Kingsoft Office) (Version: 10.2.0.5811 - Kingsoft Corp.) ZOTAC FireStorm (HKLM-x32\...\ZOTAC FireStorm) (Version: - ) ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) CustomCLSID: HKU\S-1-5-21-2812841368-160768024-1615238598-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Hunter Cutbush\AppData\Local\Microsoft\OneDrive\17.3.6743.1212\FileCoAuth.exe (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-2812841368-160768024-1615238598-1001_Classes\CLSID\{DEE03C2B-0C0C-41A9-9877-FD4B4D7B6EA3}\InprocServer32 -> C:\Users\Hunter Cutbush\AppData\Local\Roblox\Versions\version-f7131a583a8d4ea7\RobloxProxy64.dll (ROBLOX Corporation) CustomCLSID: HKU\S-1-5-21-2812841368-160768024-1615238598-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems) ==================== Restore Points ========================= 25-01-2017 17:28:11 Windows Update ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2015-07-10 06:04 - 2017-01-30 15:54 - 00001327 ____A C:\WINDOWS\system32\Drivers\etc\hosts 127.0.0.1 down.baidu2016.com 127.0.0.1 123.sogou.com 127.0.0.1 www.czzsyzgm.com 127.0.0.1 www.czzsyzxl.com 127.0.0.1 down.baidu2016.com 127.0.0.1 123.sogou.com 127.0.0.1 www.czzsyzgm.com 127.0.0.1 www.czzsyzxl.com 127.0.0.1 down.baidu2016.com 127.0.0.1 123.sogou.com 127.0.0.1 www.czzsyzgm.com 127.0.0.1 www.czzsyzxl.com 127.0.0.1 union.baidu2019.com 0.0.0.1 mssplus.mcafee.com ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {03896D04-23AB-4F74-A27D-B1B71EE41E2C} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\MDMMaintenenceTask => C:\Windows\system32\MDMAgent.exe [2016-07-16] (Microsoft Corporation) Task: {11EF8237-224D-4CF9-9039-61D08754EA5D} - System32\Tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater => C:\Windows\system32\compattelrunner.exe [2016-10-14] (Microsoft Corporation) Task: {15082F96-B4AE-4502-8BC3-4B41D05CE06B} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWoW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-01-11] (Adobe Systems Incorporated) Task: {159002A2-86FE-4DB6-A792-1B51383E3CBB} - System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-hunter.pegasus@yahoo.ca => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2016-07-01] (Adobe Systems Incorporated) Task: {16DEA092-FB0C-40D0-AE20-0536BECC21D9} - System32\Tasks\Microsoft\Windows\EDP\EDP App Launch Task Task: {184784E2-6ACB-4154-BD0F-A955BE13F177} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterDevicePolicyChange Task: {1AB611DE-C556-4C1E-B283-59FC2505599E} - System32\Tasks\CAM => C:\Program Files (x86)\NZXT\CAM\CAM_V3.exe [2017-01-17] () Task: {1B5BA28E-E77B-4976-905F-E2524CB961DF} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-01-20] (NVIDIA Corporation) Task: {1B65DD58-D16B-45E8-BEB4-94D7E4D64DF7} - System32\Tasks\Microsoft\Windows\EDP\EDP Auth Task Task: {1E37CC54-F23B-4964-B78A-37D0D79CA83F} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-01-20] (NVIDIA Corporation) Task: {1E5BE4D9-BCF6-482E-9F07-D1BB3BC72E50} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-01-20] (NVIDIA Corporation) Task: {2CBE07F4-1D87-4820-9250-9A905F25A0D3} - System32\Tasks\Uninstaller_SkipUac_Hunter_Cutbush => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe Task: {30CC34AD-7475-440E-B3E2-B9EF879D9885} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-01-19] (Google Inc.) Task: {32F8F67F-4AFD-46EF-A624-1EB2A259D9E8} - System32\Tasks\Microsoft\Windows\Management\Provisioning\Logon => C:\Windows\system32\ProvTool.exe [2016-09-06] (Microsoft Corporation) Task: {3ECA8F14-F938-4845-8A01-FDE871A610C6} - System32\Tasks\AcerDriveTrayLauncher => C:\Program Files (x86)\Acer\Acer Drive\AcerDriveTray.exe [2015-09-30] (Acer Incorporated) Task: {40BEC4BA-2383-44D9-BBDF-74FB1FF59555} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-01-20] (NVIDIA Corporation) Task: {43DF67E8-D733-48FA-98F2-4E6D341E4A79} - System32\Tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser => C:\Windows\system32\compattelrunner.exe [2016-10-14] (Microsoft Corporation) Task: {51B7FB15-4DCB-400E-9A98-10E802F21FB3} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterDeviceScreenOnOff Task: {53A45977-FCF8-47FC-AEA6-F33B9E3D2555} - System32\Tasks\FUBTrackingByPLD => C:\OEM\Preload\FubTracking\FubTracking.exe [2015-05-14] () Task: {546C6232-8D79-4981-827B-09CB81B94891} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2017-01-20] (NVIDIA Corporation) Task: {5654DFBB-E797-4758-B9A0-8BAE94A91F1D} - System32\Tasks\Microsoft\Windows\DUSM\dusmtask => C:\Windows\System32\dusmtask.exe [2016-07-16] (Microsoft Corporation) Task: {5705010F-508D-442D-84BD-E58508187F3B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-01-19] (Google Inc.) Task: {572C3B55-A634-4EF2-A068-39D0E98176F1} - System32\Tasks\WpsKtpcntrQingTask_Hunter Cutbush => C:\Program Files (x86)\Kingsoft\WPS Office\10.1.0.5657\office6\ktpcntr.exe Task: {5FAAF530-ED1B-4F7B-AD7B-1694AA0B202B} - System32\Tasks\Microsoft\Windows\CertificateServicesClient\CryptoPolicyTask Task: {6232090F-3BD0-4E1F-960B-78CBA797F685} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\HandleWnsCommand Task: {637D0D8D-0B77-4164-B14F-C83B7E461723} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-01-20] (NVIDIA Corporation) Task: {671B6EC5-744F-4C72-8A19-12A4AD3D0F0C} - System32\Tasks\OneDrive Standalone Update Task v2 => %localappdata%\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe Task: {6B1AE720-1359-4B9E-9C0F-60167361EF01} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyRefreshTask Task: {6C688560-E16B-423C-A5E3-EC1ECEA49257} - System32\Tasks\Microsoft\Windows\ErrorDetails\ErrorDetailsUpdate Task: {6D1C0035-5CAD-4340-A533-D63C9853BCC9} - System32\Tasks\Microsoft\Windows\Storage Tiers Management\Storage Tiers Management Initialization Task: {6E8AE752-C5D2-4B34-B351-338B4370A342} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\HandleCommand Task: {733213F5-604B-4015-9157-1367F69ABDF4} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-09-28] (Piriform Ltd) Task: {73A94C43-2F07-4F0D-8EAE-E879B187DD5F} - System32\Tasks\WpsUpdateTask_Hunter Cutbush => C:\Program Files (x86)\Kingsoft\WPS Office\10.2.0.5811\wtoolex\wpsupdate.exe [2017-01-06] (Zhuhai Kingsoft Office Software Co.,Ltd) Task: {761E8DD3-0C77-4FAB-BA21-EBE0AC4EA6A8} - System32\Tasks\Intel Security DAT Reputation (AMCore) periodic endpoint safety pulse => C:\Program Files\Common Files\McAfee\AMContent\scanners\x86_64\datrep\54.0\mcdatrep.exe [2016-01-27] (McAfee, Inc.) Task: {766EE874-5A73-4D0A-8C40-9673F77D8F97} - System32\Tasks\WpsExternal_Hunter Cutbush_20170106054029 => C:\Program Files (x86)\Kingsoft\WPS Office\ksolaunch.exe [2017-01-06] (Zhuhai Kingsoft Office Software Co.,Ltd) Task: {78788ECC-847A-486A-81F1-6229F48BD528} - System32\Tasks\AcerCloud => C:\Program Files (x86)\Acer\Acer Portal\AcerPortal.exe [2016-09-09] (Acer) Task: {7AA89059-85EA-4383-9D13-0756630AC551} - System32\Tasks\McAfee\McAfee Auto Maintenance Task Agent Task: {7AC5E1E2-2FD3-40CD-8842-88CE53A3609C} - System32\Tasks\Microsoft\Windows\DiskFootprint\StorageSense Task: {83C33D7C-5D7D-45C3-B587-973CC0EA27FD} - System32\Tasks\AcerDriveProxyLauncher => C:\Program Files (x86)\Acer\Acer Drive\AcerDriveProxy.exe [2015-09-30] (Acer Incorporated) Task: {883B168E-DB3F-4455-8696-D57D958B4876} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2017-01-11] (Microsoft Corporation) Task: {8D791FAA-0257-4EBC-A6DD-74E842528806} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterDeviceSettingChange Task: {94D90CD2-C9BB-455E-94C5-0D1FF4842344} - System32\Tasks\Microsoft\XblGameSave\XblGameSaveTask => C:\Windows\System32\XblGameSaveTask.exe [2016-07-16] (Microsoft Corporation) Task: {94E723FC-55CD-4038-AE42-204F340EFB81} - System32\Tasks\httpnewsfor24smocomhotsmartm => Chrome.exe http://newsfor24smo.com/hotsmartm Task: {9671A4CB-366F-43C3-ABC3-7C81A9F57151} - System32\Tasks\Microsoft\Windows\ErrorDetails\EnableErrorDetailsUpdate Task: {9851188E-AC07-4F36-BA28-6D00BB2C9C46} - System32\Tasks\Microsoft\Windows\Device Information\Device => C:\Windows\system32\devicecensus.exe [2016-10-14] (Microsoft Corporation) Task: {9E055DBE-F67B-47B7-B007-82F3A30A4256} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWoW64\Macromed\Flash\FlashUtil32_24_0_0_194_pepper.exe [2017-01-11] (Adobe Systems Incorporated) Task: {9E75BD59-7994-4D72-BC54-76D05F541D60} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\WINDOWS\explorer.exe [2016-11-11] (Microsoft Corporation) Task: {A190FBFF-4592-484A-B429-C6FDB5C982F3} - System32\Tasks\Microsoft\Windows\License Manager\TempSignedLicenseExchange Task: {A2D6EEC4-BA54-4E06-AE3F-FA03211BE241} - System32\Tasks\Microsoft\XblGameSave\XblGameSaveTaskLogon => C:\Windows\System32\XblGameSaveTask.exe [2016-07-16] (Microsoft Corporation) Task: {A6A5C263-1D4C-46A8-81F8-CFE5860E9935} - System32\Tasks\avast! SL Update => C:\Program Files\AVAST Software\SecureLine\SLUpdate.exe [2016-02-29] (AVAST Software) Task: {AAA1A1DE-6B86-4059-AD99-4B53B5005BDC} - System32\Tasks\Quick Access => C:\Program Files\Acer\Acer Quick Access\QALauncher.exe [2015-07-09] (Acer Incorporated) Task: {ABB2B89B-5CF5-4181-B117-17D107615DEB} - System32\Tasks\AcerDriveUpdateChecker => C:\Program Files (x86)\Acer\Acer Drive\CheckUpdate.exe [2015-08-05] (Acer Incorporated) Task: {B320E058-C6FA-413F-876B-0C9B4428AE66} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterDevicePeriodic6 Task: {B3503EDC-00FB-4E62-9A49-220DF8B99792} - System32\Tasks\Microsoft\Office\Microsoft Office Touchless Attach Notification => C:\Program Files (x86)\Microsoft Office\Office15\FirstRun.exe [2015-03-14] (Microsoft Corporation) Task: {B6EE76B2-4F82-4E15-9345-C867A29CBAD0} - System32\Tasks\Microsoft\Windows\Speech\SpeechModelDownloadTask => C:\Windows\system32\speech_onecore\common\SpeechModelDownload.exe [2016-08-05] (Microsoft Corporation) Task: {BDDEF317-2692-422F-AEA2-FFD67DC7CEA3} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterUserDevice Task: {C0D3D32F-A7C6-488A-87B0-DFF9762F938D} - System32\Tasks\McAfeeLogon => C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe [2016-10-11] (McAfee, Inc.) Task: {C125018F-0B81-4B64-B7DC-0E01220E5D0E} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterDeviceAccountChange Task: {C57530F8-8431-4116-80DB-41E4C1AF1CEF} - System32\Tasks\Intel Security DAT Reputation (AMCore) Post DAT update endpoint safety pulse => C:\Program Files\Common Files\McAfee\AMContent\scanners\x86_64\datrep\54.0\mcdatrep.exe [2016-01-27] (McAfee, Inc.) Task: {C6B2579B-4962-4D12-883D-BBD420573A6C} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterDevicePeriodic1 Task: {C72E5854-8D53-4C20-A33A-2BF000CEE412} - System32\Tasks\abDocsDllLoader => C:\Program Files (x86)\Acer\abDocs\abDocsDllLoaderMonitor.exe [2016-08-15] () Task: {C92CE8D2-2CB6-4977-96E7-FB39FD7E3323} - System32\Tasks\OneDrive Standalone Update Task => C:\Users\Hunter Cutbush\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\OneDriveStandaloneUpdater.exe Task: {CC636E49-0109-402B-A40B-A37C29069A95} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\LocateCommandUserSession Task: {CCECD8BF-2644-4577-9BE5-3E932D084224} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2017-01-20] (NVIDIA Corporation) Task: {D0781852-D637-4E2A-B8C3-DFD0C25B4297} - System32\Tasks\McAfee\McAfee Idle Detection Task Task: {D19A2726-897E-4F7D-9CE4-0773B449CE9E} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterDeviceConnectedToNetwork Task: {D2858055-50A8-46B8-A66C-621BB04E80BF} - System32\Tasks\UbtFrameworkService => C:\Program Files\Acer\User Experience Improvement Program\Framework\TriggerFramework.exe [2014-03-12] (TODO: ) Task: {D37DD280-028E-4B43-8EFA-9C2E8E13903F} - System32\Tasks\Avast SecureLine => C:\Program Files\AVAST Software\SecureLine\SecureLine.exe [2016-05-23] (AVAST Software) Task: {D394BE25-2E16-45D4-AAB2-3E8861A09351} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyMonitorToastTask Task: {D3C4106A-D511-42C6-9716-465644534C87} - System32\Tasks\microsoft\windows\applicationdata\appuriverifierinstall => C:\Windows\system32\AppHostRegistrationVerifier.exe [2016-07-16] (Microsoft Corporation) Task: {D941F53F-7907-4FBE-B1E7-69EBD5B3A5D8} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterDeviceLocationRightsChange Task: {DDAECFC0-67E3-4062-BF25-CD685F73B394} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\IntegrityCheck Task: {E7B04252-97CA-42C6-9920-F58B76B2C3E1} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterDevicePeriodic24 Task: {EA9BAA00-6604-4A27-8A73-AFA65F0EE1B3} - System32\Tasks\Microsoft\Windows\SharedPC\Account Cleanup => Rundll32.exe %windir%\System32\Windows.SharedPC.AccountManager.dll,StartMaintenance Task: {ECEDC57D-8965-4EB1-BD6F-84791D928E23} - System32\Tasks\microsoft\windows\applicationdata\appuriverifierdaily => C:\Windows\system32\AppHostRegistrationVerifier.exe [2016-07-16] (Microsoft Corporation) Task: {F37A89C8-4D2A-47C3-8D30-D2B32EDD1F62} - System32\Tasks\Microsoft\Windows\SpacePort\SpaceManagerTask => C:\Windows\system32\spaceman.exe [2016-09-15] (Microsoft Corporation) Task: {FE8AF846-F0CE-47A9-9870-98D0254A0F29} - System32\Tasks\AMD Updater => C:\Program Files\AMD\CIM\\Bin64\InstallManagerApp.exe [2016-03-21] (Advanced Micro Devices, Inc.) Task: {FF8BA7A7-ADF5-48A6-892B-7F88D0543B75} - System32\Tasks\BacKGroundAgent => C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe [2016-08-30] (Acer Incorporated) (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\WINDOWS\Tasks\Adobe Flash Player PPAPI Notifier.job => C:\WINDOWS\SysWoW64\Macromed\Flash\FlashUtil32_24_0_0_194_pepper.exe Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWoW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\WINDOWS\Tasks\Uninstaller_SkipUac_Hunter_Cutbush.job => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe Task: C:\WINDOWS\Tasks\WpsExternal_Hunter Cutbush_20170106054029.job => C:\Program Files (x86)\Kingsoft\WPS Office\ksolaunch.exe~/wpscloudlaunch /run_plugin /plugin_name=ktaskschdtool /plugin_entry=ktaskschdtool.dll Task: C:\WINDOWS\Tasks\WpsKtpcntrQingTask_Hunter Cutbush.job => C:\Program Files (x86)\Kingsoft\WPS Office\10.2.0.5811\office6\ktpcntr.exeÃqing 10.2.0.5811 xxx server_url=http:/kdl1.cache.wps.com/ksodl/wpscfg/client/____client____html____service____bubble.html ic_server_url=http:/info.kingsoftstore.com/wpsv6internet/infos.ads Task: C:\WINDOWS\Tasks\WpsUpdateTask_Hunter Cutbush.job => C:\Program Files (x86)\Kingsoft\WPS Office\10.2.0.5811\wtoolex\wpsupdate.exe ==================== Loaded Modules (Whitelisted) ============== 2017-01-03 11:58 - 2017-01-03 11:58 - 00027760 _____ () C:\Program Files (x86)\NZXT\CAM\Service\CAMService.exe 2015-08-04 00:25 - 2015-08-04 00:25 - 00214528 _____ () C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Container.PerformanceTuning.dll 2014-02-11 07:08 - 2014-02-11 07:08 - 00817152 _____ () C:\Program Files\AMD\ATI.ACE\Fuel\Device.dll 2014-02-11 07:08 - 2014-02-11 07:08 - 03650560 _____ () C:\Program Files\AMD\ATI.ACE\Fuel\Platform.dll 2015-08-04 00:25 - 2015-08-04 00:25 - 00127488 _____ () C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Container.Wlan.dll 2015-07-16 04:29 - 2014-10-07 20:27 - 00253776 ____N () C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe 2017-01-29 15:16 - 2017-01-20 07:47 - 02264352 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\PoliciesControllerImpl.dll 2017-01-29 15:16 - 2017-01-20 07:47 - 02829776 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\arwlib.dll 2016-10-10 10:11 - 2017-01-20 13:39 - 04489152 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\Poco.dll 2016-10-10 10:11 - 2017-01-20 13:39 - 01147328 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll 2016-05-23 10:08 - 2016-05-23 10:07 - 00592392 _____ () C:\Program Files\AVAST Software\SecureLine\VpnSvc.exe 2017-02-01 12:41 - 2017-02-01 12:41 - 00100528 _____ () C:\Program Files (x86)\Amazon\Amazon Assistant\amazonAssistantService.exe 2016-07-16 06:42 - 2016-07-16 06:42 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll 2016-12-14 04:42 - 2016-12-09 05:29 - 02681200 _____ () C:\WINDOWS\System32\CoreUIComponents.dll 2016-09-06 05:50 - 2017-01-20 10:13 - 00134712 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll 2016-12-14 04:42 - 2016-12-09 05:29 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll 2016-12-14 04:42 - 2016-12-09 05:29 - 02681200 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll 2016-10-25 09:57 - 2016-10-25 09:57 - 00491184 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll 2016-09-16 05:27 - 2016-09-06 23:56 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll 2017-01-11 07:02 - 2016-12-21 02:09 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll 2017-01-11 07:02 - 2016-12-21 01:54 - 09760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll 2017-01-11 07:02 - 2016-12-21 01:48 - 01401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll 2017-01-11 07:02 - 2016-12-21 01:48 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll 2017-01-11 07:02 - 2016-12-21 01:48 - 01033216 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll 2017-01-11 07:02 - 2016-12-21 01:48 - 02424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll 2017-01-11 07:02 - 2016-12-21 01:53 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll 2015-07-16 04:38 - 2015-05-08 12:41 - 00111872 _____ () C:\Program Files (x86)\Acer\clear.fi plug-in\Clearfishellext_x64.dll 2012-09-12 23:38 - 2012-09-12 23:38 - 00264040 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\CameraHelperShell.exe 2017-01-17 17:49 - 2017-01-17 17:49 - 07818864 _____ () C:\Program Files (x86)\NZXT\CAM\CAM_V3.exe 2016-08-15 14:24 - 2016-08-15 14:24 - 01769312 _____ () C:\Program Files (x86)\Acer\abDocs\abDocsDllLoaderMonitor.exe 2016-10-25 09:57 - 2016-10-25 09:57 - 31723696 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe 2017-02-01 13:25 - 2017-02-01 13:25 - 00020184 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\QtWebEngineProcess.exe 2017-01-23 05:27 - 2017-01-23 05:28 - 00072192 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.10.152.0_x64__kzf8qxf38zg5c\SkypeHost.exe 2017-01-23 05:27 - 2017-01-23 05:28 - 00179712 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.10.152.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll 2016-11-23 04:04 - 2016-11-23 06:25 - 00019456 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.1118.10000.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe 2016-11-23 04:04 - 2016-11-23 06:25 - 20433408 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.1118.10000.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll 2016-06-05 19:20 - 2016-06-05 19:21 - 00680448 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.1118.10000.0_x64__8wekyb3d8bbwe\Microsoft.DesignCore.dll 2016-11-23 04:04 - 2016-11-23 06:25 - 01046528 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.1118.10000.0_x64__8wekyb3d8bbwe\Microsoft.Sharing.dll 2016-11-23 04:04 - 2016-11-23 06:25 - 00353792 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.1118.10000.0_x64__8wekyb3d8bbwe\Photos.Inking.dll 2017-01-20 05:49 - 2017-01-20 05:49 - 01448936 _____ () C:\Program Files (x86)\Battle.net\Battle.net.8293\Battle.net Helper.exe 2016-09-12 15:27 - 2017-01-12 13:30 - 00022024 _____ () C:\Program Files (x86)\Origin\QtWebEngineProcess.exe 2016-09-12 15:27 - 2017-01-12 06:54 - 02493440 _____ () C:\Program Files (x86)\Origin\libGLESv2.dll 2016-01-19 17:37 - 2015-12-23 16:27 - 00629536 _____ () C:\Program Files (x86)\IObit\LiveUpdate\ProductStatistics.dll 2017-02-01 13:25 - 2017-02-01 13:25 - 00033280 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\cx_Logging.cp35-win32.pyd 2017-02-01 13:25 - 2017-02-01 13:25 - 00103424 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\win32api.pyd 2017-02-01 13:25 - 2017-02-01 13:25 - 00111616 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\pywintypes35.dll 2017-02-01 13:25 - 2017-02-01 13:25 - 00041984 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\win32process.pyd 2017-02-01 13:25 - 2017-02-01 13:25 - 00405504 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\pythoncom35.dll 2017-02-01 13:25 - 2017-02-01 13:25 - 00173568 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\win32gui.pyd 2017-02-01 13:25 - 2017-02-01 13:25 - 01934336 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\PyQt5.QtGui.pyd 2017-02-01 13:25 - 2017-02-01 13:25 - 00077824 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\sip.pyd 2017-02-01 13:25 - 2017-02-01 13:25 - 01780736 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\PyQt5.QtCore.pyd 2017-02-01 13:25 - 2017-02-01 13:25 - 00505856 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\PyQt5.QtNetwork.pyd 2017-02-01 13:25 - 2017-02-01 13:25 - 03812864 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\PyQt5.QtWidgets.pyd 2015-12-29 11:49 - 2017-01-20 13:39 - 00018880 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll 2016-10-10 10:11 - 2017-01-20 13:39 - 03774400 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\Poco.dll 2016-10-10 10:11 - 2017-01-20 13:39 - 00900032 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll 2015-09-25 14:50 - 2015-09-25 14:50 - 00194048 _____ () C:\Program Files (x86)\Acer\Acer Drive\curllib.dll 2015-09-25 14:50 - 2015-09-25 14:50 - 00110592 _____ () C:\Program Files (x86)\Acer\Acer Drive\OpenLDAP.dll 2016-10-10 10:12 - 2017-01-20 13:38 - 64245184 _____ () C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\libcef.dll 2012-09-12 23:38 - 2012-09-12 23:38 - 02144104 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtCore4.dll 2012-09-12 23:38 - 2012-09-12 23:38 - 07955304 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtGui4.dll 2012-09-12 23:38 - 2012-09-12 23:38 - 00341352 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtXml4.dll 2012-09-12 23:38 - 2012-09-12 23:38 - 00028008 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\imageformats\QGif4.dll 2012-09-12 23:38 - 2012-09-12 23:38 - 00127336 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\imageformats\QJpeg4.dll 2012-09-12 23:39 - 2012-09-12 23:39 - 00336232 _____ () C:\Program Files (x86)\Common Files\logishrd\LWSPlugins\LWS\Applets\CameraHelper\DevManagerCore.dll 2016-12-09 15:09 - 2016-12-09 15:09 - 52051544 _____ () C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\CEF\libcef.dll 2016-12-07 18:28 - 2016-12-07 18:28 - 00282112 _____ () C:\Program Files (x86)\NZXT\CAM\GSyncLib.dll 2016-11-11 18:37 - 2017-02-03 10:08 - 00308736 _____ () C:\Program Files (x86)\NZXT\CAM\NVAPIHelper.dll 2016-10-10 10:12 - 2017-01-20 08:36 - 00338488 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVAccountAPINode.node 2016-10-10 10:12 - 2017-01-20 08:36 - 00254008 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\DriverInstall.node 2016-10-10 10:12 - 2017-01-20 08:36 - 02808888 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\Downloader.node 2016-10-10 10:12 - 2017-01-20 08:36 - 00384568 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvGameShareAPINode.node 2016-10-10 10:12 - 2017-01-20 08:36 - 00537656 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvSpCapsAPINode.node 2016-10-10 10:12 - 2017-01-20 08:36 - 00468024 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvGalleryAPINode.node 2016-10-10 10:12 - 2017-01-20 08:36 - 01066552 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvCameraAPINode.node 2017-01-25 16:05 - 2017-01-20 08:36 - 01014840 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvSDKAPINode.node 2010-11-22 17:56 - 2010-11-22 17:56 - 00087040 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\_ctypes.pyd 2010-11-22 17:56 - 2010-11-22 17:56 - 00043008 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\_socket.pyd 2010-11-22 17:56 - 2010-11-22 17:56 - 00805376 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\_ssl.pyd 2014-05-13 18:26 - 2014-05-13 18:26 - 05812736 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\PyQt4.QtGui.pyd 2014-05-13 18:26 - 2014-05-13 18:26 - 00067584 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\sip.pyd 2014-05-13 18:26 - 2014-05-13 18:26 - 01662464 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\PyQt4.QtCore.pyd 2014-05-13 18:26 - 2014-05-13 18:26 - 00494592 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\PyQt4.QtNetwork.pyd 2010-11-22 17:57 - 2010-11-22 17:57 - 00096256 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\win32api.pyd 2010-11-22 17:56 - 2010-11-22 17:56 - 00110592 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\pywintypes26.dll 2010-11-22 17:56 - 2010-11-22 17:56 - 00010240 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\select.pyd 2010-11-22 17:56 - 2010-11-22 17:56 - 00356864 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\_hashlib.pyd 2010-11-22 17:57 - 2010-11-22 17:57 - 00036352 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\win32process.pyd 2010-11-22 17:57 - 2010-11-22 17:57 - 00111104 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\win32file.pyd 2010-11-22 17:56 - 2010-11-22 17:56 - 00044544 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\_sqlite3.pyd 2011-02-15 13:17 - 2011-02-15 13:17 - 00417501 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\sqlite3.dll 2010-11-22 17:57 - 2010-11-22 17:57 - 00167936 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\win32gui.pyd 2014-05-13 18:26 - 2014-05-13 18:26 - 00313856 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\PyQt4.QtWebKit.pyd 2010-11-22 17:56 - 2010-11-22 17:56 - 00127488 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\pyexpat.pyd 2010-11-22 17:56 - 2010-11-22 17:56 - 00009216 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\winsound.pyd 2015-10-21 15:29 - 2015-10-21 15:29 - 00113171 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\libvlc.dll 2015-10-21 15:29 - 2015-10-21 15:29 - 02396691 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\libvlccore.dll 2010-11-22 17:56 - 2010-11-22 17:56 - 00583680 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\unicodedata.pyd 2017-02-01 13:25 - 2017-02-01 13:25 - 00021504 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\win32event.pyd 2017-02-01 13:25 - 2017-02-01 13:25 - 00152064 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\PyQt5.QtWebEngineWidgets.pyd 2017-02-01 13:25 - 2017-02-01 13:25 - 00033792 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\PyQt5.QtWebEngineCore.pyd 2017-02-01 13:25 - 2017-02-01 13:25 - 00032256 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\PyQt5.QtWebChannel.pyd 2017-02-01 13:25 - 2017-02-01 13:25 - 00113171 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\libvlc.dll 2017-02-01 13:25 - 2017-02-01 13:25 - 02396691 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\libvlccore.dll 2017-02-01 13:25 - 2017-02-01 13:25 - 00124416 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\win32file.pyd 2017-02-01 13:25 - 2017-02-01 13:25 - 00035328 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\simplejson._speedups.pyd 2017-02-01 13:25 - 2017-02-01 13:25 - 00372736 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\win32com.shell.shell.pyd 2017-02-01 13:25 - 2017-02-01 13:25 - 00013824 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\libEGL.dll 2017-02-01 13:25 - 2017-02-01 13:25 - 01983488 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\libGLESv2.dll 2017-02-01 13:25 - 2017-02-01 13:25 - 02620112 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\ltc_host_ex.DLL 2017-02-01 13:25 - 2017-02-01 13:25 - 00090112 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\PyQt5.QtWinExtras.pyd 2017-02-01 13:25 - 2017-02-01 13:25 - 00027667 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\plugins\audio_output\libdirectsound_plugin.dll 2017-02-01 13:25 - 2017-02-01 13:25 - 00031251 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\plugins\audio_output\libwaveout_plugin.dll 2017-02-01 13:25 - 2017-02-01 13:25 - 00066579 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\plugins\video_output\libdirectdraw_plugin.dll 2010-11-22 17:57 - 2010-11-22 17:57 - 00141312 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\gobject._gobject.pyd 2016-04-19 12:08 - 2016-04-19 12:08 - 02717595 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\heliotrope._purple.pyd 2011-02-15 13:17 - 2011-02-15 13:17 - 01213633 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\libxml2-2.dll 2010-11-22 18:06 - 2010-11-22 18:06 - 00055808 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\zlib1.dll 2013-05-09 18:52 - 2013-05-09 18:52 - 00495680 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\plugins\libaim.dll 2013-05-09 18:52 - 2013-05-09 18:52 - 01183699 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\liboscar.dll 2013-05-09 18:52 - 2013-05-09 18:52 - 00483306 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\plugins\libicq.dll 2013-05-03 13:57 - 2013-05-03 13:57 - 00655356 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\plugins\libirc.dll 2013-05-03 13:56 - 2013-05-03 13:56 - 01306387 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\plugins\libmsn.dll 2013-05-03 13:56 - 2013-05-03 13:56 - 00565461 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\plugins\libxmpp.dll 2013-05-03 13:57 - 2013-05-03 13:57 - 01640221 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\libjabber.dll 2013-05-03 13:56 - 2013-05-03 13:56 - 00506276 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\plugins\libyahoo.dll 2013-05-03 13:57 - 2013-05-03 13:57 - 01053730 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\libymsg.dll 2013-05-03 13:57 - 2013-05-03 13:57 - 00497782 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\plugins\libyahoojp.dll 2013-05-03 13:57 - 2013-05-03 13:57 - 00603326 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\plugins\ssl-nss.dll 2013-05-03 13:57 - 2013-05-03 13:57 - 00474199 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\plugins\ssl.dll 2016-05-23 10:09 - 2016-05-23 10:09 - 38907672 _____ () C:\Program Files\AVAST Software\SecureLine\libcef.dll 2016-09-09 09:51 - 2016-09-09 09:51 - 00202456 _____ () C:\Program Files (x86)\Acer\Acer Portal\curllib.dll 2016-09-09 09:51 - 2016-09-09 09:51 - 00119000 _____ () C:\Program Files (x86)\Acer\Acer Portal\OpenLDAP.dll 2016-08-15 17:03 - 2016-08-15 17:03 - 00202456 _____ () C:\Program Files (x86)\Acer\abPhoto\curllib.dll 2016-08-15 17:05 - 2016-08-15 17:05 - 00654000 _____ () C:\Program Files (x86)\Acer\abPhoto\sqlite3.dll 2016-08-15 17:05 - 2016-08-15 17:05 - 00641240 _____ () C:\Program Files (x86)\Acer\abPhoto\tag.dll 2016-08-15 17:04 - 2016-08-15 17:04 - 00119000 _____ () C:\Program Files (x86)\Acer\abPhoto\OpenLDAP.dll 2016-09-20 05:27 - 2016-09-20 05:27 - 00015064 _____ () C:\WINDOWS\assembly\GAC_MSIL\MyService\1.0.0.1__2dfa3f50f0bed57d\MyService.dll 2016-08-30 14:09 - 2016-08-30 14:09 - 00013016 _____ () C:\Program Files (x86)\Acer\AOP Framework\ServiceInterface.dll 2016-08-30 14:05 - 2016-08-30 14:05 - 00277856 _____ () C:\Program Files (x86)\Acer\AOP Framework\libcurl.dll 2016-12-02 01:54 - 2016-12-02 01:54 - 00118272 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\fs-ext\build\Release\fs-ext.node 2016-12-02 01:54 - 2016-12-02 01:54 - 00223232 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\node-vulcanjs\build\Release\VulcanJS.node 2016-12-02 01:54 - 2016-12-02 01:54 - 00117248 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\ref\build\Release\binding.node 2016-12-02 01:54 - 2016-12-02 01:54 - 00124928 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\ffi\build\Release\ffi_bindings.node 2016-12-09 15:09 - 2016-12-09 15:09 - 00099416 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\node-ProxyResolver\build\Release\ProxyResolverWin.dll 2016-12-02 01:54 - 2016-12-02 01:54 - 00086528 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\idle-gc\build\Release\idle-gc.node 2017-01-20 05:50 - 2017-01-20 05:50 - 37247976 _____ () C:\Program Files (x86)\Battle.net\Battle.net.8293\libcef.dll 2017-01-20 05:50 - 2017-01-20 05:50 - 00540336 _____ () C:\Program Files (x86)\Battle.net\Battle.net.8293\ortp.dll 2017-01-20 05:50 - 2017-01-20 05:50 - 00133632 _____ () C:\Program Files (x86)\Battle.net\Battle.net.8293\libEGL.dll 2017-01-20 05:50 - 2017-01-20 05:50 - 03384832 _____ () C:\Program Files (x86)\Battle.net\Battle.net.8293\libGLESv2.dll 2016-09-12 15:27 - 2017-01-12 06:54 - 00012288 _____ () C:\Program Files (x86)\Origin\libEGL.DLL 2015-11-07 19:26 - 2016-06-09 18:34 - 00266240 _____ () C:\Program Files (x86)\Origin\imageformats\qmng.dll 2015-11-07 19:26 - 2017-01-12 06:54 - 01086976 _____ () C:\Program Files (x86)\Origin\twitchsdk_32_release.dll 2015-11-07 19:26 - 2017-01-12 06:54 - 00113171 _____ () C:\Program Files (x86)\Origin\swresample-ttv-0.dll 2015-11-07 19:26 - 2017-01-12 06:54 - 00394810 _____ () C:\Program Files (x86)\Origin\libmp3lame-ttv.dll 2015-11-07 19:26 - 2017-01-12 06:54 - 00246332 _____ () C:\Program Files (x86)\Origin\avutil-ttv-51.dll 2015-07-16 04:38 - 2016-08-15 17:07 - 00965336 _____ () C:\Program Files (x86)\Acer\clear.fi plug-in\AcerSubtitle.dll 2016-06-27 06:01 - 2016-08-15 17:06 - 00373464 _____ () C:\Program Files (x86)\Acer\clear.fi plug-in\AcerFLVSplitter.ax 2016-06-27 06:01 - 2016-08-15 17:06 - 00518872 _____ () C:\Program Files (x86)\Acer\clear.fi plug-in\AcerMP4Splitter2.ax 2016-06-27 06:01 - 2016-08-15 17:06 - 00639704 _____ () C:\Program Files (x86)\Acer\clear.fi plug-in\AcerMP4Splitter.ax 2016-06-27 06:01 - 2016-08-15 17:06 - 00453848 _____ () C:\Program Files (x86)\Acer\clear.fi plug-in\AcerMKVSplitter.ax 2016-06-27 06:01 - 2016-08-15 17:06 - 00462040 _____ () C:\Program Files (x86)\Acer\clear.fi plug-in\AcerMpegAudioSplitter.ax 2016-06-27 06:01 - 2016-08-15 17:06 - 00384728 _____ () C:\Program Files (x86)\Acer\clear.fi plug-in\AcerMpegSplitter.ax 2017-01-20 05:50 - 2017-01-20 05:50 - 03384832 _____ () C:\Program Files (x86)\Battle.net\Battle.net.8293\libglesv2.dll 2017-01-20 05:50 - 2017-01-20 05:50 - 00133632 _____ () C:\Program Files (x86)\Battle.net\Battle.net.8293\libegl.dll 2017-01-11 17:49 - 2017-01-04 14:28 - 01958912 _____ () C:\Users\Hunter Cutbush\AppData\Local\Discord\app-0.0.297\ffmpeg.dll 2017-01-11 20:25 - 2017-01-11 20:25 - 01082880 _____ () \\?\C:\Users\Hunter Cutbush\AppData\Roaming\discord\0.0.297\modules\discord_voice\discord_voice.node 2017-01-11 20:25 - 2017-01-11 20:25 - 03750400 _____ () \\?\C:\Users\Hunter Cutbush\AppData\Roaming\discord\0.0.297\modules\discord_voice\libdiscord.dll 2017-01-11 20:25 - 2017-01-11 20:25 - 00914432 _____ () \\?\C:\Users\Hunter Cutbush\AppData\Roaming\discord\0.0.297\modules\discord_utils\discord_utils.node 2017-01-11 20:25 - 2017-01-11 20:25 - 01127424 _____ () \\?\C:\Users\Hunter Cutbush\AppData\Roaming\discord\0.0.297\modules\discord_toaster\discord_toaster.node 2017-01-20 05:49 - 2017-01-20 05:49 - 00990696 _____ () C:\Program Files (x86)\Battle.net\Battle.net.8293\ffmpegsumo.dll 2017-01-11 17:49 - 2017-01-04 14:28 - 02278912 _____ () C:\Users\Hunter Cutbush\AppData\Local\Discord\app-0.0.297\libglesv2.dll 2017-01-11 17:49 - 2017-01-04 14:28 - 00096768 _____ () C:\Users\Hunter Cutbush\AppData\Local\Discord\app-0.0.297\libegl.dll 2017-02-03 10:15 - 2017-02-03 10:15 - 00148992 _____ () \\?\C:\Users\Hunter Cutbush\AppData\Local\Temp\1ACC.tmp.node 2017-01-11 20:25 - 2017-01-11 20:25 - 02658304 _____ () \\?\C:\Users\Hunter Cutbush\AppData\Roaming\discord\0.0.297\modules\discord_rpc\discord_rpc.node 2017-01-11 20:26 - 2017-01-11 20:26 - 02130432 _____ () \\?\C:\Users\Hunter Cutbush\AppData\Roaming\discord\0.0.297\modules\discord_contact_import\discord_contact_import.node 2016-12-14 17:30 - 2016-12-08 02:29 - 01829208 _____ () C:\Program Files (x86)\Google\Chrome\Application\55.0.2883.87\libglesv2.dll 2016-12-14 17:30 - 2016-12-08 02:29 - 00085848 _____ () C:\Program Files (x86)\Google\Chrome\Application\55.0.2883.87\libegl.dll 2015-11-08 16:44 - 2016-12-23 13:28 - 00657184 _____ () C:\Program Files (x86)\Steam\SDL2.dll 2015-11-08 16:44 - 2016-08-31 20:02 - 04969248 _____ () C:\Program Files (x86)\Steam\v8.dll 2015-11-08 16:44 - 2017-01-18 20:30 - 02327840 _____ () C:\Program Files (x86)\Steam\video.dll 2015-11-08 16:44 - 2016-08-31 20:02 - 01563936 _____ () C:\Program Files (x86)\Steam\icui18n.dll 2015-11-08 16:44 - 2016-08-31 20:02 - 01195296 _____ () C:\Program Files (x86)\Steam\icuuc.dll 2015-11-08 16:44 - 2016-01-27 02:49 - 02549760 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll 2015-11-08 16:44 - 2016-01-27 02:49 - 00491008 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll 2015-11-08 16:44 - 2016-01-27 02:49 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll 2015-11-08 16:44 - 2016-01-27 02:49 - 00442880 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll 2015-11-08 16:44 - 2016-01-27 02:49 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll 2015-11-08 16:44 - 2017-01-18 20:30 - 00838432 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL 2016-03-09 06:45 - 2016-07-04 17:17 - 00266560 _____ () C:\Program Files (x86)\Steam\openvr_api.dll 2015-11-08 16:44 - 2017-01-18 20:30 - 00145696 _____ () C:\Program Files (x86)\Steam\bin\audio.dll 2015-11-08 16:44 - 2014-04-08 23:25 - 00071680 _____ () C:\Program Files (x86)\Steam\bin\mssmp3.asi 2015-11-08 16:44 - 2014-04-08 23:25 - 00153088 _____ () C:\Program Files (x86)\Steam\bin\mssvoice.asi 2016-12-21 20:45 - 2017-01-04 22:12 - 68813088 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.win7\libcef.dll 2015-11-08 16:44 - 2017-01-18 20:30 - 00383776 _____ () C:\Program Files (x86)\Steam\steam.dll 2015-11-08 16:44 - 2015-09-24 18:52 - 00119208 _____ () C:\Program Files (x86)\Steam\winh264.dll ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) AlternateDataStreams: C:\Program Files\Adobe:Win32App_1 AlternateDataStreams: C:\Program Files\AMD:Win32App_1 AlternateDataStreams: C:\Program Files\AMD Quick Stream:Win32App_1 AlternateDataStreams: C:\Program Files\CCleaner:Win32App_1 AlternateDataStreams: C:\Program Files\McAfee:Win32App_1 AlternateDataStreams: C:\Program Files\Microsoft Silverlight:Win32App_1 AlternateDataStreams: C:\Program Files\MSI Kombustor 3:Win32App_1 AlternateDataStreams: C:\Program Files\paint.net:Win32App_1 AlternateDataStreams: C:\Program Files\WinRAR:Win32App_1 AlternateDataStreams: C:\Program Files (x86)\AMD:Win32App_1 AlternateDataStreams: C:\Program Files (x86)\Audacity:Win32App_1 AlternateDataStreams: C:\Program Files (x86)\Battle.net:Win32App_1 AlternateDataStreams: C:\Program Files (x86)\Euro Truck Simulator 2:Win32App_1 AlternateDataStreams: C:\Program Files (x86)\Heroes of the Storm:Win32App_1 AlternateDataStreams: C:\Program Files (x86)\Hi-Rez Studios:Win32App_1 AlternateDataStreams: C:\Program Files (x86)\Malwarebytes Anti-Malware:Win32App_1 AlternateDataStreams: C:\Program Files (x86)\Microsoft Silverlight:Win32App_1 AlternateDataStreams: C:\Program Files (x86)\Microsoft SQL Server Compact Edition:Win32App_1 AlternateDataStreams: C:\Program Files (x86)\Mozilla Firefox:Win32App_1 AlternateDataStreams: C:\Program Files (x86)\Need for Speed Most Wanted 2012:Win32App_1 AlternateDataStreams: C:\Program Files (x86)\Origin:Win32App_1 AlternateDataStreams: C:\Program Files (x86)\Overwatch:Win32App_1 AlternateDataStreams: C:\Program Files (x86)\Overwatch Test:Win32App_1 AlternateDataStreams: C:\Program Files (x86)\WildGames:Win32App_1 AlternateDataStreams: C:\Program Files (x86)\Windows Live:Win32App_1 AlternateDataStreams: C:\Program Files (x86)\ZotacFireStorm:Win32App_1 AlternateDataStreams: C:\ProgramData\regid.1991-06.com.microsoft:Win32App_1 AlternateDataStreams: C:\Users\Hunter Cutbush\AppData\Roaming\Curse Client:Win32App_1 ==================== Safe Mode (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iai2c.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""="" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""="" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SpbCx.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\uefi.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52} => ""="Firmware" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcapexe => ""="" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McNaiAnn => ""="" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""="" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""="" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfemms => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeplk => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeplk.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SpbCx.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\uefi.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52} => ""="Firmware" ==================== EXE Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) IE trusted site: HKU\.DEFAULT\...\amazon.ca -> hxxps://amazon.ca ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-2812841368-160768024-1615238598-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Hunter Cutbush\Downloads\696859.jpg DNS Servers: 8.8.8.8 - 8.8.4.4 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Windows Firewall is enabled. ==================== MSCONFIG/TASK MANAGER disabled items == (Currently there is no automatic fix for this section.) HKLM\...\StartupApproved\Run32: => "FireStormStartUpAutoRun" HKU\S-1-5-21-2812841368-160768024-1615238598-1001\...\StartupApproved\StartupFolder: => "Curse.lnk" HKU\S-1-5-21-2812841368-160768024-1615238598-1001\...\StartupApproved\StartupFolder: => "Battle.net.lnk" HKU\S-1-5-21-2812841368-160768024-1615238598-1001\...\StartupApproved\Run: => "Skype" HKU\S-1-5-21-2812841368-160768024-1615238598-1001\...\StartupApproved\Run: => "Steam" HKU\S-1-5-21-2812841368-160768024-1615238598-1001\...\StartupApproved\Run: => "Dashlane" HKU\S-1-5-21-2812841368-160768024-1615238598-1001\...\StartupApproved\Run: => "DashlanePlugin" HKU\S-1-5-21-2812841368-160768024-1615238598-1001\...\StartupApproved\Run: => "Discord" HKU\S-1-5-21-2812841368-160768024-1615238598-1001\...\StartupApproved\Run: => "CCleaner Monitoring" HKU\S-1-5-21-2812841368-160768024-1615238598-1001\...\StartupApproved\Run: => "mailruhomesearch" ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139 FirewallRules: [WirelessDisplay-Infra-In-TCP] => (Allow) %systemroot%\system32\CastSrv.exe FirewallRules: [{F916AC40-52A0-4683-B6BB-2BA91D17D476}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 1 Open Beta\bf1.exe FirewallRules: [{B9E7D589-6EDC-4C38-ABF3-819FEE88EF80}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 1 Open Beta\bf1.exe FirewallRules: [{AD0C7DD9-5256-4853-A1A5-B41A2AA799D4}] => (Allow) LPort=1900 FirewallRules: [{A45CABD5-6C22-4ADC-A60E-1EC5C11A9F3A}] => (Allow) LPort=2869 FirewallRules: [{640DFE3E-A57D-4D17-A301-9704B81FFF00}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe FirewallRules: [{225C3F16-B486-4405-BE41-990136AAB61C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\PAYDAY 2\payday2_win32_release.exe FirewallRules: [{BDA1E793-08BE-4166-8A7C-F0AAA23C2982}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\PAYDAY 2\payday2_win32_release.exe FirewallRules: [{2A36C085-1BA5-4A8D-A5FD-679C0040E07D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Left 4 Dead 2\left4dead2.exe FirewallRules: [{FA2A4F1B-DF3B-4D3A-B91D-029CE74D7296}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Left 4 Dead 2\left4dead2.exe FirewallRules: [{79336672-1E58-4D78-B90C-DEE9B1227A52}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Call of Duty Black Ops II\t6zm.exe FirewallRules: [{EF9E5384-A7F8-4825-A366-58F04B2EB51D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Call of Duty Black Ops II\t6zm.exe FirewallRules: [{1B71D2B8-ACC6-412C-94BA-56DEBD3D09FF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Call of Duty Black Ops II\t6mp.exe FirewallRules: [{FB9D6628-347D-40EC-AE2B-16FE47356B48}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Call of Duty Black Ops II\t6mp.exe FirewallRules: [{15414221-C065-4FA7-8AE7-7AE66E976A06}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Call of Duty Black Ops II\t6sp.exe FirewallRules: [{6FC0B553-842A-4726-B36B-C758321E5487}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Call of Duty Black Ops II\t6sp.exe FirewallRules: [{E6767EED-2CB2-4EBE-881E-660C5B235323}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\GarrysMod\hl2.exe FirewallRules: [{167B496D-4D20-4BC8-BD1D-E6F8FFA9036D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\GarrysMod\hl2.exe FirewallRules: [{B10B1F78-7023-4A6D-9B0A-1F5A96434D6C}] => (Allow) C:\Program Files (x86)\Origin Games\Plants vs Zombies Garden Warfare\PVZ.Main_Win64_Retail.exe FirewallRules: [{CE2DB032-4557-43F0-8B98-78039D831072}] => (Allow) C:\Program Files (x86)\Origin Games\Plants vs Zombies Garden Warfare\PVZ.Main_Win64_Retail.exe FirewallRules: [{59488690-93A1-4577-AE82-AB435CD1FBD8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Unturned\Unturned.exe FirewallRules: [{FBB4DDFC-80A3-4579-A2D2-A93745EF6CBF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Unturned\Unturned.exe FirewallRules: [{EA10D8AB-6E4F-45B0-8F47-6D60D01BA4AD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Trove\GlyphClient.exe FirewallRules: [{81F04A11-7B18-45F1-85B1-FFAF62A19209}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Trove\GlyphClient.exe FirewallRules: [{2E97692C-A5A3-457A-9A37-2C9A40E29D4A}] => (Allow) C:\Program Files (x86)\Origin Games\STAR WARS Battlefront\starwarsbattlefront.exe FirewallRules: [{FF3EA3AA-0C01-47E3-8252-BCE6C5356C20}] => (Allow) C:\Program Files (x86)\Origin Games\STAR WARS Battlefront\starwarsbattlefront.exe FirewallRules: [{7A8517E6-A115-44EF-84EE-E71BC54AF2BE}] => (Allow) C:\Program Files (x86)\Acer\abMusic\WindowsUpnpMV.exe FirewallRules: [{C79AB36E-1F4C-4FFF-BCA3-926EE52AA760}] => (Allow) C:\Program Files (x86)\Acer\abMusic\WindowsUpnpMV.exe FirewallRules: [{CA3824F3-ABF0-454F-AE64-7155FCCC3435}] => (Allow) C:\Program Files (x86)\Acer\abMusic\DMCDaemon.exe FirewallRules: [{92FCCB62-4A45-40AF-9891-E59A0384CDC2}] => (Allow) C:\Program Files (x86)\Acer\abMusic\DMCDaemon.exe FirewallRules: [{3FC46AAE-0A89-4164-932C-DB49A8DE2B24}] => (Allow) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe FirewallRules: [{C9F35F28-3728-4A48-895E-B3229D060ED0}] => (Allow) C:\Program Files (x86)\McAfee\Supportability\MVT\MvtApp.exe FirewallRules: [{ED1492BC-E350-41D2-B7D2-7892F4C60D40}] => (Allow) C:\Program Files (x86)\McAfee\Supportability\MVT\MvtApp.exe FirewallRules: [{E15657BA-804C-4D50-BC87-387649CF7E56}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{5E2E827D-FDAD-4579-895A-7FE32B4BEF48}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{B6800481-106E-47D0-9BF4-ACF2D50E1CD9}] => (Allow) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe FirewallRules: [{E781A381-8910-4260-AFDA-702C1A1BFB3B}] => (Allow) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe FirewallRules: [{3A0C0369-0756-4942-BECE-2A6FFE0147F6}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe FirewallRules: [{CB7A78C2-785F-4FFA-BD9F-3BEC6B359CFB}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe FirewallRules: [{C43B470C-FCFF-406E-AF45-D54C5F584C56}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe FirewallRules: [{416B0EAA-CAE0-4B01-8B8B-214E5E984382}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe FirewallRules: [{2E527C9C-AD7E-46C4-ACC3-A339BDAF41A2}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12.exe FirewallRules: [{4C13CC53-241D-42EE-817B-621F567D35D9}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12ML.exe FirewallRules: [{3D93AA8A-CC84-4A25-9AD0-5250B90D94D8}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Movie\PowerDVD.exe FirewallRules: [{036E9FA4-B8A2-4181-B1E7-E6D364DB51ED}] => (Allow) C:\Program Files (x86)\Acer\Acer Drive\AcerDriveProxy.exe FirewallRules: [{D40A8563-221C-4F2A-A42F-9BF5733FA538}] => (Allow) C:\Program Files (x86)\Acer\Acer Drive\AcerDriveProxy.exe FirewallRules: [{0DCF499D-1389-4EE8-95DD-D0EFA0FDB3B5}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{6D03A694-E4AD-4F96-B296-521D2CAED429}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{32629F87-DE80-4D3C-A87D-220F5FE4DDB5}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe FirewallRules: [{A985272C-8799-44AA-9107-00E5F916A7A0}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe FirewallRules: [{A99095D1-A951-42B4-ADAC-6877909F020F}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe FirewallRules: [{131A3F93-A1D4-432C-9CE8-16C5CEF2CACF}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe FirewallRules: [{94C04969-7C5E-4B6F-A4EB-9C555307DB2F}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe FirewallRules: [{815D9929-6367-422E-8C07-A8B0827A7993}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\EvolveGame\bin64_SteamRetail\Evolve.exe FirewallRules: [{6EFE33AA-03FA-4FF1-B29F-9AA6DB4E6CBC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\EvolveGame\bin64_SteamRetail\Evolve.exe FirewallRules: [{33B874CD-251B-4BC8-BA16-7BB658992156}] => (Allow) LPort=9143 FirewallRules: [{6338E55F-666A-42D4-91FA-CB7B2D9DBF50}] => (Allow) LPort=2333 FirewallRules: [{B56F7BCB-8047-4EA3-8004-E1A9E1449AEF}] => (Allow) C:\Program Files (x86)\Origin Games\Need for Speed(TM) Most Wanted\NFS13.exe FirewallRules: [{EBC22460-8AB2-4EF1-BA7D-41573172A157}] => (Allow) C:\Program Files (x86)\Origin Games\Need for Speed(TM) Most Wanted\NFS13.exe FirewallRules: [{BE289E02-E5E9-4E9E-BCD5-149EDE2DAD3E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Unturned\Unturned_BE.exe FirewallRules: [{D67C09C4-D30D-4461-A907-64BE2D8FFCD6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Unturned\Unturned_BE.exe FirewallRules: [{6B67539E-D1CF-4BBF-BDF7-12744E1F0A0A}] => (Allow) C:\Program Files (x86)\Origin Games\Plants vs Zombies Garden Warfare 2\GW2.Main_Win64_Retail.exe FirewallRules: [{14B4977C-B099-46B5-9A43-1AB82A2F5FB3}] => (Allow) C:\Program Files (x86)\Origin Games\Plants vs Zombies Garden Warfare 2\GW2.Main_Win64_Retail.exe FirewallRules: [{9B8A75C5-D49B-4E91-AC36-18887C88CB7A}] => (Allow) C:\Program Files (x86)\Origin Games\Plants vs Zombies Garden Warfare 2\GW2.Trial_Win64_Retail.exe FirewallRules: [{3315A661-B61A-438E-9EEA-CC02380D276C}] => (Allow) C:\Program Files (x86)\Origin Games\Plants vs Zombies Garden Warfare 2\GW2.Trial_Win64_Retail.exe FirewallRules: [{C5D975AA-A222-45E5-A03A-014390E2AE6A}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe FirewallRules: [{3A385C4E-06B9-4DA9-A607-3304222462AA}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe FirewallRules: [{4388B048-36E1-4527-8A5E-FCE6A4277168}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe FirewallRules: [TCP Query User{225C7B9A-43A8-4DCB-9A5B-38C1BD44EDAE}C:\program files (x86)\overwatch\overwatch.exe] => (Allow) C:\program files (x86)\overwatch\overwatch.exe FirewallRules: [UDP Query User{89D01E60-2A6D-4AD3-AB55-513C84FE3033}C:\program files (x86)\overwatch\overwatch.exe] => (Allow) C:\program files (x86)\overwatch\overwatch.exe FirewallRules: [{EA2AB10E-68F8-4B2B-B462-EEE823C25560}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe FirewallRules: [{815A9C86-BC03-42F1-A826-EAEC3D9B94C3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe FirewallRules: [{55312C77-6F14-4713-9F1D-0DE53D411DFE}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe FirewallRules: [{5C6F74E4-22DC-4ED4-B182-0B20465A0294}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe FirewallRules: [{428762D9-FD40-4D51-AD26-7CD0411232AB}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe FirewallRules: [{65E3F99C-01A6-4808-ABEE-556FC216F869}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{BB017FA0-ABAD-4044-8473-B6EFF5A7B204}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{B0CDA781-C8FC-4A7D-B841-DFF1922011AF}] => (Allow) C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv.exe FirewallRules: [{D487176A-64B3-462D-BACF-FA02B70BAEA4}] => (Allow) C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv.exe ==================== Faulty Device Manager Devices ============= Name: avast! SecureLine TAP Adapter v3 Description: avast! SecureLine TAP Adapter v3 Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: TAP-Windows Provider V9 Service: aswTap Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. Name: Ethernet Controller Description: Ethernet Controller Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. ==================== Event log errors: ========================= Application errors: ================== Error: (02/03/2017 10:23:46 AM) (Source: Perflib) (EventID: 1008) (User: ) Description: BITSC:\Windows\System32\bitsperf.dll8 Error: (02/03/2017 10:08:34 AM) (Source: Perflib) (EventID: 1023) (User: ) Description: rdyboost4 Error: (02/03/2017 10:07:14 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: cnext.exe, version: 10.1.1.1522, time stamp: 0x5661c9e1 Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000 Exception code: 0xc0000005 Fault offset: 0x0000000000000000 Faulting process id: 0x2208 Faulting application start time: 0xcnext.exe0 Faulting application path: cnext.exe1 Faulting module path: cnext.exe2 Report Id: cnext.exe3 Faulting package full name: cnext.exe4 Faulting package-relative application ID: cnext.exe5 Error: (02/02/2017 08:16:23 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: HUNTER) Description: Package Microsoft.Windows.Photos_16.1118.10000.0_x64__8wekyb3d8bbwe+App was terminated because it took too long to suspend. Error: (02/02/2017 06:58:11 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: cnext.exe, version: 10.1.1.1522, time stamp: 0x5661c9e1 Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000 Exception code: 0xc0000005 Fault offset: 0x0000000000000000 Faulting process id: 0x479c Faulting application start time: 0xcnext.exe0 Faulting application path: cnext.exe1 Faulting module path: cnext.exe2 Report Id: cnext.exe3 Faulting package full name: cnext.exe4 Faulting package-relative application ID: cnext.exe5 Error: (02/02/2017 06:57:16 AM) (Source: Perflib) (EventID: 1023) (User: ) Description: rdyboost4 Error: (02/01/2017 04:56:59 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: cnext.exe, version: 10.1.1.1522, time stamp: 0x5661c9e1 Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000 Exception code: 0xc0000005 Fault offset: 0x0000000000000000 Faulting process id: 0x218c Faulting application start time: 0xcnext.exe0 Faulting application path: cnext.exe1 Faulting module path: cnext.exe2 Report Id: cnext.exe3 Faulting package full name: cnext.exe4 Faulting package-relative application ID: cnext.exe5 Error: (02/01/2017 04:53:16 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: The program NVIDIA Share.exe version 55.2883.1519.2 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel. Process ID: 2784 Start Time: 01d27cd57c99300b Termination Time: 4294967295 Application Path: C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe Report Id: d4386616-e8c8-11e6-9ca5-c090b4339003 Faulting package full name: Faulting package-relative application ID: Error: (02/01/2017 04:48:04 PM) (Source: VSS) (EventID: 8193) (User: ) Description: Volume Shadow Copy Service error: Unexpected error calling routine QueryFullProcessImageNameW. hr = 0x8007001f, A device attached to the system is not functioning. . Operation: Executing Asynchronous Operation Context: Current State: DoSnapshotSet Error: (02/01/2017 04:47:32 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: ) Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object. Details: AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol. System Error: Access is denied. . System errors: ============= Error: (02/03/2017 10:01:25 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: application-specificLocalActivation{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}{F72671A9-012C-4725-9D2F-2A4D32D65169}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)UnavailableUnavailable Error: (02/02/2017 10:20:10 PM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: ) Description: 5 Error: (02/02/2017 10:19:44 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)UnavailableUnavailable Error: (02/02/2017 06:22:26 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)UnavailableUnavailable Error: (02/02/2017 08:17:55 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)UnavailableUnavailable Error: (02/02/2017 06:52:39 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: application-specificLocalActivation{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}{F72671A9-012C-4725-9D2F-2A4D32D65169}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)UnavailableUnavailable Error: (02/01/2017 07:53:26 PM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: ) Description: 5 Error: (02/01/2017 07:53:09 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)UnavailableUnavailable Error: (02/01/2017 04:50:59 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: application-specificLocalActivation{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}{F72671A9-012C-4725-9D2F-2A4D32D65169}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)UnavailableUnavailable Error: (02/01/2017 04:49:07 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)UnavailableUnavailable CodeIntegrity: =================================== Date: 2017-01-31 17:50:37.936 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements. Date: 2017-01-31 17:50:37.661 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Raptr Inc\Raptr\ltc_help64-116716.dll that did not meet the Store signing level requirements. Date: 2017-01-31 17:50:37.628 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Raptr Inc\PlaysTV\ltc_help64-119232.dll that did not meet the Store signing level requirements. Date: 2017-01-29 17:58:01.577 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements. Date: 2017-01-29 17:58:01.042 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Raptr Inc\Raptr\ltc_help64-116716.dll that did not meet the Store signing level requirements. Date: 2017-01-29 17:58:00.995 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Raptr Inc\PlaysTV\ltc_help64-119232.dll that did not meet the Store signing level requirements. Date: 2017-01-19 08:07:42.241 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements. Date: 2017-01-19 08:07:42.074 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Raptr Inc\Raptr\ltc_help64-116716.dll that did not meet the Store signing level requirements. Date: 2017-01-19 08:07:42.053 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Raptr Inc\PlaysTV\ltc_help64-119232.dll that did not meet the Store signing level requirements. Date: 2016-12-25 13:40:44.733 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements. ==================== Memory info =========================== Processor: AMD FX(tm)-8350 Eight-Core Processor Percentage of memory in use: 35% Total physical RAM: 16332.3 MB Available physical RAM: 10531.24 MB Total Virtual: 32716.3 MB Available Virtual: 24534.39 MB ==================== Drives ================================ Drive c: (Acer) (Fixed) (Total:930.91 GB) (Free:392.91 GB) NTFS ==================== MBR & Partition Table ================== ==================== End of Addition.txt ============================