Malware not detected by Malwarebytes, Spybot and Adw cleaner!

**Juliet** · 2017-01-10, 21:58

one program that wouldn't start up yesterday is starting up now.

Which one is that?

If you want me to use the scan again in english, just tell me and I will see what I can do.

Thats up to you. At the end of the scan it said Quarantäne 22
German or English I know what that means

~~~~
if you would, I'd like to see a new FRST scan log.

Search for these below logs, if found right click and select delete.
FRST.txt & Addition.txt and Fixlog.txt

This will probably be our last scan to do but just want to check and make sure all that I can see is gone. Then I'll send you on your way.
~~~

Right-Click FRST.exe / FRST64.exe and select Run as administrator to run the programme.
Click Yes to the disclaimer.
Ensure the Addition.txt box is checked.
Click the Scan button and let the programme run.
Upon completion, click OK, then OK on the Addition.txt pop up screen.
Two logs (FRST.txt & Addition.txt) will now be open on your Desktop. Copy the contents of both logs and paste in your next reply.

**SargeP** · 2017-01-11, 09:18

Origin was the program in question.

Here is the FRST log:

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 08-01-2017
Ran by Marvin (administrator) on MARVINS_PC (11-01-2017 09:15:21)
Running from C:\Users\Marvin\Desktop\Fixing things
Loaded Profiles: Marvin (Available Profiles: Marvin)
Platform: Windows 7 Ultimate Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 8 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic...ery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(Logitech Inc.) C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe
(Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(Binary Fortress Software) C:\Program Files (x86)\DisplayFusion\DisplayFusionService.exe
(Scarlet.Crush Productions) C:\Program Files\PS3 Controllers\bin\ScpService.exe
(M-Audio) C:\Program Files (x86)\M-Audio\MIDISPORT\AudioDevMon.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
(Microsoft Corporation) C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Spotify Ltd) C:\Users\Marvin\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Dolby Laboratories Inc.) C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
() C:\Windows\USB Vibration\7906\USB Gamepad.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\Windows\System32\PnkBstrA.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(MAGIX AG) C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe

==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13213840 2012-10-26] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1234064 2012-10-29] (Realtek Semiconductor)
HKLM\...\Run: [StartCN] => C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe [6625672 2016-08-11] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [XboxStat] => C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [825184 2009-09-30] (Microsoft Corporation)
HKLM-x32\...\Run: [Dolby Home Theater v4] => C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe [508256 2012-04-23] (Dolby Laboratories Inc.)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [91520 2010-01-21] (Microsoft Corporation)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Raptr] => C:\Program Files (x86)\Raptr\raptrstub.exe [56080 2015-12-02] (Raptr, Inc)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [25779624 2016-12-21] (Dropbox, Inc.)
HKLM-x32\...\Run: [USB Gamepad] => C:\Windows\USB Vibration\7906\USB Gamepad.exe [796784 2008-12-10] ()
HKLM-x32\...\Run: [PWRISOVM.EXE] => C:\Program Files\PowerISO\PWRISOVM.EXE [454792 2016-05-25] (Power Software Ltd)
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-19\...\Run: [Sidebar] => %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
HKU\S-1-5-20\...\Run: [Sidebar] => %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
HKU\S-1-5-21-4016113358-843845156-2686539769-1000\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2876704 2016-12-20] (Valve Corporation)
HKU\S-1-5-21-4016113358-843845156-2686539769-1000\...\Run: [Spotify Web Helper] => C:\Users\Marvin\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1444976 2016-12-31] (Spotify Ltd)
HKU\S-1-5-21-4016113358-843845156-2686539769-1000\...\Run: [Upmedia] => C:\Users\Marvin\AppData\Local\Upmedia\gdks34.exe
HKU\S-1-5-21-4016113358-843845156-2686539769-1000\...\Run: [Ozmics] => C:\Windows\SysWOW64\regsvr32.exe C:\Users\Marvin\AppData\Local\Upmedia\gdiServices54.dll
HKU\S-1-5-21-4016113358-843845156-2686539769-1000\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.)
HKU\S-1-5-21-4016113358-843845156-2686539769-1000\...\Run: [WTVLR6FR20] => "C:\Program Files\IJD61O2L61\IJD61O2L6.exe"
HKU\S-1-5-21-4016113358-843845156-2686539769-1000\...\Run: [HV1V03D1C9] => "C:\Program Files\LAT8TQJDDX\LAT8TQJDD.exe"
HKU\S-1-5-21-4016113358-843845156-2686539769-1000\...\MountPoints2: F - F:\setup.exe
HKU\S-1-5-18\...\Run: [AOPEMA7LGO] => "C:\Program Files\C5XOWA3WK3\C5XOWA3WK.exe"
HKU\S-1-5-18\...\Run: [CH6JD6R59R] => "C:\Program Files\CD0CMV632N\CD0CMV632.exe"
HKU\S-1-5-18\...\Run: [71KFQTEHQA] => "C:\Program Files\EET2FMBFLG\EET2FMBFL.exe"
HKU\S-1-5-18\...\Run: [64QMH4ZJYD] => "C:\Program Files\91D5JJKT93\71KFQTEHQ.exe"
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2015-09-18] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.3.0.dll [2016-12-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.3.0.dll [2016-12-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.3.0.dll [2016-12-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.3.0.dll [2016-12-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.3.0.dll [2016-12-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.3.0.dll [2016-12-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.3.0.dll [2016-12-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.3.0.dll [2016-12-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.3.0.dll [2016-12-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt9] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.3.0.dll [2016-12-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.3.0.dll [2016-12-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.3.0.dll [2016-12-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.3.0.dll [2016-12-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.3.0.dll [2016-12-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.3.0.dll [2016-12-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.3.0.dll [2016-12-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.3.0.dll [2016-12-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.3.0.dll [2016-12-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.3.0.dll [2016-12-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt9] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.3.0.dll [2016-12-21] (Dropbox, Inc.)
Startup: C:\Users\Marvin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Monitor Ink Alerts - HP Deskjet 2540 series.lnk [2017-01-11]
ShortcutTarget: Monitor Ink Alerts - HP Deskjet 2540 series.lnk -> C:\Program Files\HP\HP Deskjet 2540 series\Bin\HPStatusBL.dll (Hewlett-Packard Co.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 192.168.2.1
Tcpip\..\Interfaces\{EB100C81-CB83-4438-99D2-8059C3A5BDFC}: [DhcpNameServer] 192.168.2.1 192.168.2.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
HKU\S-1-5-21-4016113358-843845156-2686539769-1000\Software\Microsoft\Internet Explorer\Main,Start Page =
SearchScopes: HKU\S-1-5-21-4016113358-843845156-2686539769-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: SteadyVideoBHO Class -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> C:\Program Files\AMD\SteadyVideo\SteadyVideo.dll [2012-02-14] (Advanced Micro Devices)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2010-01-21] (Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-01-16] (Microsoft Corporation)
BHO-x32: SteadyVideoBHO Class -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> C:\Program Files (x86)\amd\SteadyVideo\SteadyVideo.dll [2012-02-14] (Advanced Micro Devices)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2010-01-21] (Microsoft Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2010-01-16] (Microsoft Corporation)
Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2010-11-20] (Microsoft Corporation)
Filter-x32: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2010-11-20] (Microsoft Corporation)
Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2010-11-20] (Microsoft Corporation)
Filter-x32: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2010-11-20] (Microsoft Corporation)
Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll [2011-06-08] (Advanced Micro Devices)
Filter-x32: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll [2011-06-08] (Advanced Micro Devices)
Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll [2011-06-08] (Advanced Micro Devices)
Filter-x32: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll [2011-06-08] (Advanced Micro Devices)

FireFox:
========
FF DefaultProfile: 5954ldyi.default
FF ProfilePath: C:\Users\Marvin\AppData\Roaming\Mozilla\Firefox\Profiles\5954ldyi.default [2017-01-10]
FF NetworkProxy: Mozilla\Firefox\Profiles\5954ldyi.default -> autoconfig_url", "data:text/javascript,function FindProxyForURL(url, host) {if ((host == "www.abc.net.au")
(host == "iview.abc.net.au")
(host == "iviewmetered-vh.akamaihd.net")
(url.indexOf("proxmate=au") != -1)
(host == "livestream.com")
(host == "www.livestream.com")
(host == "api.new.livestream.com")
(host == "player.ooyala.com")
(host == "xnewsvidhd-vh.akamaihd.net")
(host == "www.animelab.com")
(host == "dcgm6i50yfgtk.cloudfront.net")) { return 'PROXY au-node.proxmate.me:8008' } else if ((url.indexOf("proxmate=ca") != -1)
(host == "ici.tou.tv")
(host == "toutvuniver1-vh.akamaihd.net")
(host == "geoip.radio-canada.ca")
(host == "api.radio-canada.ca")
(host == "images.tou.tv")
(host == "player.siriusxm.ca")
(host == "primary.hls-streaming.production.streaming.siriusxm.ca")
(host == "now.sportsnet.ca")
(host == "watch.sportsnet.ca")
(host == "player.9c9media.com")
(host == "metrics.ctv.ca")
(host == "capi.9c9media.com")
(host == "www.ctv.ca")) { return 'PROXY ca-node.proxmate.me:8008' } else if ((host == "arte.tv")
(host == "www.arte.tv")
(host == "geoftv-a.akamaihd.net")
(host == "hdfauthftv-a.akamaihd.net")
(host == "replayftv-vh.akamaihd.net")
(host == "ftvingest-vh.akamaihd.net")
(host == "live.francetv.fr")
(host == "d8.tv")
(host == "www.d8.tv")
(host == "us-cplus-aka.canal-plus.com")
(host == "hds_live_d8_aka-lh.akamaihd.net")
(host == "d17.tv")
(host == "www.d17.tv")
(host == "hds_live_d17_aka-lh.akamaihd.net")
(url.indexOf("proxmate=fr") != -1)
(host == "www.6play.fr")
(host == "geo.6cloud.fr")
(host == "proxy-021.dc3.dailymotion.com")
(host == "proxy-67.dailymotion.com")
(host == "prof.estat.com")
(host == "metrics.dailymotion.com")
(host == "www.dailymotion.com")
(host == "vmap.snappytv.com")) { return 'PROXY fr-node.proxmate.me:8008' } else if ((host == "vod-akamai-psd-hds.p7s1digital.de")
(host == "vas.sim-technik.de")
(url.indexOf("proxmate=de") != -1)
(host == "nightclub.de")
(host == "zdf.de")
(host == "www.zdf.de")
(host == "zdf_hds_de-f.akamaihd.net")
(host == "api.nowtv.de")
(host == "delivestream-lh.akamaihd.net")
(host == "cdnapi.kaltura.com")
(host == "disneychannel.de")
(host == "www.southpark.de")) { return 'PROXY de-node.proxmate.me:8008' } else if ((host == "www.tg4.ie")
(url.indexOf("proxmate=ie") != -1)) { return 'PROXY ie-node.proxmate.me:8008' } else if ((host == "rai.tv")
(host == "www.rai.tv")
(host == "mediapolis.rai.it")
(host == "www.rai.it")
(host == "stream5.rai.it")
(host == "stream6.rai.it")
(host == "stream7.rai.it")
(host == "sspushrai1-s.akamaihd.net")
(host == "sspushrai2-s.akamaihd.net")
(host == "sspushraisport2-s.akamaihd.net")
(host == "sspushrai3-s.akamaihd.net")
(host == "secondary.adaptiveedge.rai.it")
(host == "rai-italia01.wt-eu02.net")
(host == "download.rai.tv")
(host == "mediapolisvod.rai.it")
(host == "ww.rai.tv")
(host == ".xuniplay.fdnames.com")
(url.indexOf("xuniplay.fdnames.com") != -1)
(host == "se-to1-8.se.live3.msf.ticdn.it")
(host == "live.shinystat.com")
(host == "lic.mediaset.net")
(host == "cssr.video.mediaset.it")
(url.indexOf("proxmate=it") != -1)
(host == "www.vvvvid.it")) { return 'PROXY it-node.proxmate.me:8008' } else if ((host == "telecinco.es")
(host == "telecinco1-vh.akamaihd.net")
(host == "www.telecinco.es")
(url.indexOf("proxmate=es") != -1)
(host == "antena3.com")
(host == "www.antena3.com")
(host == "geodesprogresiva.antena3.com")
(host == "rtve.es")
(host == "www.rtve.es")
(host == "ztnr.rtve.es")
(host == "mvodt.lvlt.rtve.es")
(host == "swf.rtve.es")
(host == "cuatro.com")
(host == "www.cuatro.com")
(host == "cuatro1-vh.akamaihd.net")
(host == "peliculas-online.atresplayer.com")
(host == "servicios.atresplayer.com")
(host == "atresplayer.com")
(host == "www.atresplayer.com")
(host == "k.uecdn.es")
(host == "v.uecdn.es")
(host == "as.com")
(host == "ep00.epimg.net")) { return 'PROXY es-node.proxmate.me:8008' } else if ((host == "prosieben.ch")
(host == "www.prosieben.ch")
(host == "s1tv.ch")
(host == "www.s1tv.ch")
(host == "zba2-0-hds-live.zahs.tv")
(host == "embed-zattoo.com")
(host == "chtv.ch")
(host == "www.chtv.ch")
(host == "zba2-1-hds-live.zahs.tv")
(host == "sat1.ch")
(host == "www.sat1.ch")
(host == "rsi.ch")
(host == "www.rsi.ch")
(host == "codch-vh.akamaihd.net")
(host == "il.srgssr.ch")
(host == "ch.viva.tv")
(host == "intl.esperanto.mtvi.com")
(url.indexOf("proxmate=ch") != -1)
(host == "zattoo.com")
(host == "www.srf.ch")
(host == "srgssruni1ch-lh.akamaihd.net")
(host == "srgssruni2ch-lh.akamaihd.net")
(host == "srgssruni3ch-lh.akamaihd.net")
(host == "www.teleboy.ch")
(host == "aka-cdn-ns.adtech.de")
(host == "teleboy.customers.cdn.iptv.ch")) { return 'PROXY ch-node.proxmate.me:8008' } else if ((host == "www.bbc.co.uk")
(host == "open.live.bbc.co.uk")
(host == "fig.bbc.co.uk")
(host == "vod-hds-uk-live.edgesuite.net")
(host == "vod-hds-uk-live.bbcfmt.vo.llnwd.net")
(host == "www.bbc.co.uk")
(host == "vs-hds-uk-live.bbcfmt.vo.llnwd.net")
(host == "vs-hds-uk-live.edgesuite.net")
(host == "c.brightcove.com")
(host == "secure.brightcove.com")
(host == "metrics.brightcove.com")
(host == "stv-ak.cds1.yospace.com")
(host == "core.stvfiles.com")
(host == "player.stv.tv")
(host == "stv.brightcove.com.edgesuite.net")
(host == "uk-dev-stv.cdn.videoplaza.tv")
(host == "mercury.itv.com")
(host == "www.itv.com")
(host == "itv.com")
(host == "llnw.live.btv.simplestream.com")
(host == "players.simplestream.com")
(host == "uapi.simplestream.com")
(host == "channel5.com")
(host == "wwwcdn.channel5.com")
(host == "cassie.channel5.com")
(host == "player.channel5.com")
(host == "deliver-hls.channel5.com")
(host == "akahls.channel5.com")
(host == "llnwhls.channel5.com")
(host == "milkshake.tv")
(host == "www.milkshake.tv")
(host == "trk-euwest.tidaltv.com")
(host == "mp.adverts.itv.com")
(host == "req.tidaltv.com")
(host == "s1.2mdn.net")
(host == "pes.itv.com")
(host == "ned.itv.com")
(host == "itvdotcom.2cnt.net")
(host == "tom.itv.com")
(host == "dave.uktv.co.uk")
(host == "uktvplay.uktv.co.uk")
(host == "uktvhdse.brightcove.com.edgesuite.net")
(host == "admin.brightcove.com")
(host == "really.uktv.co.uk")
(host == "yesterday.uktv.co.uk")
(host == "drama.uktv.co.uk")
(host == "live.tvplayer.com")
(host == "tvplayer.com")
(host == "sapi.tvplayer.com")
(host == "api.tvplayer.com")
(host == "www.gamefront.com")
(url.indexOf("proxmate=uk") != -1)
(host == "channel4.com")
(host == "ais.channel4.com")
(host == "pandr.my.channel4.com")
(host == "all4nav.channel4.com")
(host == "4id.channel4.com")) { return 'PROXY uk-node.proxmate.me:8008' } else if ((host == "link.theplatform.com")
(host == "discidevflash-f.akamaihd.net")
(host == "api.geoip.dp.discovery.com")
(host == "vidtech.cbsinteractive.com")
(host == "vidtech.cbsima.com")
(host == "om.cbsi.com")
(host == "media.mtvnservices.com")
(host == "api-manga.crunchyroll.com")
(host == "crunchyroll.com")
(host == "www.crunchyroll.com")
(host == "cdn.wwtv.warnerbros.com")
(host == "hlsioscwtv.warnerbros.com")
(host == "media.cwtv.com")
(host == "servicesaetn-a.akamaihd.net")
(host == "live.mlssoccer.com")
(host == "tvewnbc-i.akamaihd.net")
(host == "tvenbceast-i.akamaihd.net")
(host == "nbcmpx-vh.akamaihd.net")
(host == "www.pandora.com")
(host == "video.pbs.org")
(host == "ga.video.cdn.pbs.org")
(host == "urs.pbs.org")
(host == "play.spotify.com")
(host == "www.spotify.com")
(host == "play.spotify.edgekey.net")
(host == "www.iheart.com")
(host == "api2.iheart.com")
(host == "api.iheart.com")
(host == "iheart.com")
(host == "nick.mtvnimages.com")
(host == "sni-vh.akamaihd.net")
(host == "api.segment.io")
(host == "www.vevo.com")
(host == "vevo.com")
(host == "apiv2.vevo.com")
(host == "songza.com")
(host == "new.songza.com")
(host == "www.daisuki.net")
(host == "bngn-vh.akamaihd.net")
(host == "bngnwww.b-ch.com")
(host == "www.hbogo.com")
(host == "catalog.lv3.hbogo.com")
(host == "profile.lv3.hbogo.com")
(host == "profile.hbogo.com")
(url.indexOf(".lv3.hbogo.com") != -1)
(host == "register.hbogo.com")
(host == "play.hbogo.com")
(host == "smetrics.hbogo.com")
(url.indexOf(".lv3.cdn.hbo.com") != -1)
(host == "comet.api.hbo.com")
(host == "play.google.com")
(host == "checkout.google.com")
(host == "store.google.com")
(host == "apis.google.com")
(host == "amc350888def-vh.akamaihd.net")
(host == "a564avoddashnsus-a.akamaihd.net")
(host == "atv-ps.amazon.com")
(host == "www.amazon.com")
(host == "amazon.com")
(host == "fls-na.amazon.com")
(host == "phds-vod.cdn.turner.com")
(host == "token.vgtf.net")
(host == "www.ondemandkorea.com")
(host == "www.fxnetworks.com")
(host == "fxvcms-f.akamaihd.net")
(host == "tvetelemundo-vh.akamaihd.net")
(host == "feed.theplatform.com")
(host == "fsvideohds-vh.akamaihd.net")
(host == "watchable.com")
(host == "cilhlsvod-f.akamaihd.net")
(host == "oxygenvod-vh.akamaihd.net")
(host == "tvesyfy-vh.akamaihd.net")
(host == "www.smithsonianchannel.com")
(host == "brightcove01.brightcove.com")
(host == "edge.api.brightcove.com")
(host == "www.eonline.com")
(host == "link.theplatform.com")
(host == "api.listenlive.co")
(host == "playerservices.streamtheworld.com")
(host == "player.listenlive.co")
(url.indexOf("live.streamtheworld.com") != -1)
(host == "www.cartoonnetwork.com")
(host == "www.viki.com")
(host == "\\"www.viki.com")
(host == "www.origin.com")
(host == "ht.cdn.turner.com")
(host == "aolvideoshd-vh.akamaihd.net")
(host == "syn.5min.com")
(host == "stvideos.5min.com")
(host == "www.showtime.com")
(host == "secure.showtime.com")
(url.indexOf(".vgtf.net") != -1)
(host == "phds-live.cdn.turner.com")) { return 'PROXY us-node.proxmate.me:8008' } else if ((host == "livestreams.omroep.nl")
(host == ".npostreaming.nl")
(host == "ida.omroep.nl")
(host == "npoplayer.omroep.nl")
(host == "www.zapp.nl")
(host == "tellerapi.omroep.nl")
(host == "e.omroep.nl")
(url.indexOf("proxmate=nl") != -1)) { return 'PROXY nl-node.proxmate.me:8008' } else if ((host == "tvthek.orf.at")
(host == "apasfiisl.apa.at")
(host == "orf.oewabox.at")
(host == "atvplus.oewabox.at")
(host == "cdn.atv.at")
(url.indexOf("proxmate=at") != -1)
(host == "hdsvodsportsman-vh.akamaihd.net")
(host == "streamaccess.unas.tv")
(host == "www.laola1.tv")
(host == "www.livestation.com")
(host == "livestation.com")
(url.indexOf(".emigrantas.tv") != -1)) { return 'PROXY at-node.proxmate.me:8008' } else if ((host == "netflix.com")
(host == "www.netflix.com")
(host == "cbp-us.nccp.netflix.com")
(host == "secure.netflix.com")
(host == "api-global.netflix.com")
(host == "ichnaea.netflix.com")
(host == "customerevents.netflix.com")
(host == "s.thebrighttag.com")
(url.indexOf("proxmate=us") != -1)
(url.indexOf("proxmate=us") != -1)) { return 'PROXY usnet-node.proxmate.me:8008' } else if ((host == "s.hulu.com")
(host == "www.funimation.com")
(host == "wpc.8c48.edgecastcdn.net")
(host == "southpark.cc.com")
(host == "api.utils.watchabc.go.com")
(host == "www.dramafever.com")
(host == "www.logotv.com")
(host == "api.watchabc.go.com")
(host == "theanimenetwork.com")
(host == "huluim.com")
(host == "www.hulu.com")
(host == "t2.hulu.com")
(host == "urlcheck.hulu.com")
(host == "t.hulu.com")
(host == "s.hulu.com")
(host == "play.hulu.com")
(host == "t2.huluim.com")) { return 'PROXY ush-node.proxmate.me:8008' } else if ((host == "player.ooyala.com")
(host == "l.ooyala.com")) { return 'PROXY auv-node.proxmate.me:8008' } else if ((host == "web-api-us.crackle.com")
(host == "legacyweb-us.crackle.com")) { return 'PROXY us2-node.proxmate.me:8000' } else if ((host == "counter.yadro.ru")
(host == "turbik.tv")
(host == "player.rutv.ru")
(host == "api.rutv.ru")
(host == "cdnng.v.rtr-vesti.ru")
(host == "player.vgtrk.com")
(url.indexOf("proxmate=ru") != -1)
(host == "stream.1tv.ru")
(host == "mobdrm.1tv.ru")) { return 'PROXY ru-node.proxmate.me:8008' } else if ((host == "security.video.globo.com")
(host == "api.globovideos.com")
(host == "s.videos.globo.com")
(host == "gshow.globo.com")
(host == "voddownload02.video.globo.com")
(host == "secure.nuuvem.com")) { return 'PROXY br-node.proxmate.me:8008' } else { return 'DIRECT'; }}"
FF Extension: (MEGA) - C:\Users\Marvin\AppData\Roaming\Mozilla\Firefox\Profiles\5954ldyi.default\Extensions\firefox@mega.co.nz.xpi [2017-01-08]
FF Extension: (Proxmate) - C:\Users\Marvin\AppData\Roaming\Mozilla\Firefox\Profiles\5954ldyi.default\Extensions\jid1-QpHD8URtZWJC2A@jetpack.xpi [2016-04-17]
FF Extension: (Adblock Plus) - C:\Users\Marvin\AppData\Roaming\Mozilla\Firefox\Profiles\5954ldyi.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-04-28]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_24_0_0_194.dll [2017-01-10] ()
FF Plugin: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelogx64.dll [2015-04-30] (EA Digital Illusions CE AB)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_24_0_0_194.dll [2017-01-10] ()
FF Plugin-x32: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelog.dll [2015-04-30] (EA Digital Illusions CE AB)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-02-11] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-02-11] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-02-11] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-02-11] (Foxit Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2017-01-08] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2017-01-08] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)

Chrome:
=======
CHR DefaultProfile: Default
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\55.0.2883.87\ppGoogleNaClPluginChrome.dll => No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\55.0.2883.87\pdf.dll => No File
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\55.0.2883.87\gcswf32.dll => No File
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.99\npGoogleUpdate3.dll => No File
CHR Profile: C:\Users\Marvin\AppData\Local\Google\Chrome\User Data\Default [2017-01-11]
CHR Extension: (YouTube) - C:\Users\Marvin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-04]
CHR Extension: (uBlock Origin) - C:\Users\Marvin\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2016-12-20]
CHR Extension: (Google Search) - C:\Users\Marvin\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-05]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Marvin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-04]
CHR Extension: (Gmail) - C:\Users\Marvin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-09-07]
CHR Extension: (Chrome Media Router) - C:\Users\Marvin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-12-18]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AMD FUEL Service; C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe [351944 2015-09-30] (Advanced Micro Devices, Inc.)
S3 AppleChargerSrv; C:\Windows\System32\AppleChargerSrv.exe [31272 2010-04-06] ()
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-04-06] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-04-06] (Dropbox, Inc.)
R2 DbxSvc; C:\Windows\system32\DbxSvc.exe [42096 2016-12-21] (Dropbox, Inc.)
R2 DisplayFusionService; C:\Program Files (x86)\DisplayFusion\DisplayFusionService.exe [4649000 2015-09-16] (Binary Fortress Software)
R2 Ds3Service; C:\Program Files\PS3 Controllers\bin\ScpService.exe [388352 2013-05-05] (Scarlet.Crush Productions)
R2 Fabs; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [1858048 2012-01-23] (MAGIX AG) [File not signed]
S3 FirebirdServerMAGIXInstance; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [2702848 2011-04-26] (MAGIX®) [File not signed]
S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4317648 2016-12-14] (Malwarebytes)
R2 MIDISPORTAudioDevMon; C:\Program Files (x86)\M-Audio\MIDISPORT\AudioDevMon.exe [1638704 2012-02-24] (M-Audio)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2119176 2017-01-10] (Electronic Arts)
S2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [2181648 2017-01-10] (Electronic Arts)
R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76152 2016-09-05] ()
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [75064 2016-09-05] ()
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [235984 2016-11-24] (Safer-Networking Ltd.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 WinSnare; C:\Users\Marvin\AppData\Roaming\WinSnare\WinSnare.dll [775168 2017-01-10] (InterSect Alliance Pty Ltd) [File not signed]
S2 Chikiing; C:\Program Files (x86)\Mapadomcoaveck\BmsSch.dll [X]
S3 EasyAntiCheat; C:\Windows\system32\EasyAntiCheat.exe [X]

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AODDriver4.3; C:\Program Files\AMD\ATI.ACE\Fuel\amd64\AODDriver2.sys [59616 2014-02-11] (Advanced Micro Devices)
R1 AppleCharger; C:\Windows\System32\DRIVERS\AppleCharger.sys [22680 2012-10-25] ()
S3 cdrombus; C:\Windows\System32\Drivers\cdrombus.sys [25088 2012-08-22] (Windows (R) Codename Longhorn DDK provider)
S3 h647906; C:\Windows\System32\drivers\h647906.sys [62576 2008-12-01] (Your Corporation)
S3 hid7906; C:\Windows\SysWOW64\drivers\hid7906.sys [41096 2008-12-01] (Your Corporation)
S3 MADFUMIDISPORT2010; C:\Windows\System32\DRIVERS\MAudioMIDISPORT_DFU.sys [30512 2012-02-24] (M-Audio)
S3 MAUSBMIDISPORT; C:\Windows\System32\DRIVERS\MAudioMIDISPORT.sys [201008 2012-02-24] (M-Audio)
R0 MBAMSwissArmy; C:\Windows\System32\drivers\MBAMSwissArmy.sys [250816 2017-01-10] (Malwarebytes)
R3 ScpVBus; C:\Windows\System32\DRIVERS\ScpVBus.sys [39168 2013-05-05] (Scarlet.Crush Productions)
S3 wdm_usb; C:\Windows\System32\DRIVERS\usb2ser.sys [151184 2016-03-10] (MBB)
S3 xb1usb; C:\Windows\System32\DRIVERS\xb1usb.sys [42760 2016-02-21] (Microsoft Corporation)
S3 dbx; system32\DRIVERS\dbx.sys [X]
S3 gdrv; \??\C:\Windows\gdrv.sys [X]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-01-10 18:18 - 2017-01-10 18:18 - 00000548 _____ C:\Users\Marvin\Desktop\Scan_170110-181758.txt
2017-01-10 18:00 - 2017-01-10 18:22 - 00000000 ____D C:\EEK
2017-01-10 15:49 - 2017-01-10 15:49 - 00007995 _____ C:\Users\Marvin\Desktop\Response.txt
2017-01-10 13:43 - 2017-01-10 13:43 - 00003184 _____ C:\Users\Marvin\Desktop\JRT.txt
2017-01-10 13:41 - 2017-01-10 13:41 - 01663040 _____ (Malwarebytes) C:\Users\Marvin\Desktop\JRT.exe
2017-01-10 13:29 - 2017-01-10 13:29 - 03988944 _____ C:\Users\Marvin\Desktop\AdwCleaner.exe
2017-01-10 12:56 - 2017-01-10 12:56 - 00000000 ____D C:\Users\Marvin\AppData\Roaming\WinSnare
2017-01-10 12:56 - 2017-01-10 12:56 - 00000000 ____D C:\Program Files (x86)\WinSnare(4.0.4)
2017-01-10 12:56 - 2017-01-10 12:56 - 00000000 ____D C:\Program Files (x86)\dnw8sjuw
2017-01-10 12:53 - 2017-01-10 12:53 - 00000000 ____D C:\Windows\system32\appmgmt
2017-01-09 13:29 - 2017-01-10 14:04 - 00000000 ____D C:\Program Files (x86)\Origin
2017-01-09 13:29 - 2017-01-09 13:29 - 00000993 _____ C:\Users\Public\Desktop\Origin.lnk
2017-01-09 13:29 - 2017-01-09 13:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin
2017-01-09 13:28 - 2017-01-10 14:04 - 00000000 ____D C:\Users\Marvin\AppData\Local\Origin
2017-01-09 13:20 - 2017-01-09 13:20 - 55364064 _____ (Electronic Arts) C:\Users\Marvin\Downloads\OriginThinSetup.exe
2017-01-08 20:50 - 2017-01-11 09:15 - 00000000 ____D C:\FRST
2017-01-08 20:49 - 2017-01-08 20:49 - 00019582 _____ C:\Windows\Tweaking.com - Registry Backup Setup Log.txt
2017-01-08 20:49 - 2017-01-08 20:49 - 00000207 _____ C:\Windows\tweaking.com-regbackup-MARVINS_PC-Windows-7-Ultimate-(64-bit).dat
2017-01-08 20:49 - 2017-01-08 20:49 - 00000000 ____D C:\RegBackup
2017-01-08 20:49 - 2017-01-08 20:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tweaking.com
2017-01-08 20:49 - 2017-01-08 20:49 - 00000000 ____D C:\Program Files (x86)\Tweaking.com
2017-01-08 20:48 - 2017-01-08 20:49 - 05766144 _____ (Tweaking.com) C:\Users\Marvin\Downloads\tweaking.com_registry_backup_setup.exe
2017-01-08 20:36 - 2017-01-08 20:36 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-01-08 16:49 - 2017-01-09 01:14 - 00001290 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-01-08 16:49 - 2017-01-09 01:14 - 00001278 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2017-01-08 16:49 - 2017-01-08 16:56 - 00003330 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2017-01-08 16:49 - 2017-01-08 16:56 - 00003202 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2017-01-08 16:48 - 2017-01-08 16:48 - 01065376 _____ (Google Inc.) C:\Users\Marvin\Downloads\ChromeSetup.exe
2017-01-08 16:17 - 2017-01-10 18:07 - 00000000 ____D C:\Program Files\LAT8TQJDDX
2017-01-08 16:17 - 2017-01-10 18:06 - 00000000 ____D C:\Users\Marvin\AppData\Local\UVFmedia
2017-01-08 16:16 - 2017-01-10 18:07 - 00000000 ____D C:\Program Files\IJD61O2L61
2017-01-08 15:50 - 2017-01-11 09:15 - 00000000 ____D C:\Users\Marvin\Desktop\Fixing things
2017-01-08 15:43 - 2017-01-10 13:33 - 00000000 ____D C:\AdwCleaner
2017-01-08 15:29 - 2017-01-08 15:29 - 00000000 ____D C:\Program Files\Common Files\AV
2017-01-08 15:25 - 2017-01-10 15:52 - 00250816 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2017-01-08 15:23 - 2017-01-08 19:08 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2017-01-08 15:23 - 2017-01-08 15:32 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2017-01-08 15:23 - 2017-01-08 15:23 - 00001391 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2017-01-08 15:23 - 2017-01-08 15:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2017-01-08 15:23 - 2013-09-20 10:49 - 00021040 _____ (Safer Networking Limited) C:\Windows\system32\sdnclean64.exe
2017-01-08 15:22 - 2017-01-08 15:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2017-01-08 15:22 - 2017-01-08 15:22 - 00000000 ____D C:\ProgramData\Malwarebytes
2017-01-08 15:22 - 2017-01-08 15:22 - 00000000 ____D C:\Program Files\Malwarebytes
2017-01-08 15:22 - 2016-12-14 12:55 - 00077416 _____ C:\Windows\system32\Drivers\mbae64.sys
2017-01-08 15:21 - 2017-01-08 15:21 - 00000000 ____D C:\Windows\system32\SSL
2017-01-08 15:21 - 2017-01-08 15:21 - 00000000 ____D C:\Users\Marvin\AppData\Local\Downloaded Installations
2017-01-08 15:20 - 2017-01-08 15:20 - 00000000 ____D C:\Users\Marvin\AppData\Roaming\Ergickmidution
2017-01-08 14:14 - 2017-01-10 18:07 - 00000000 ____D C:\Users\Marvin\AppData\Local\Upmedia
2017-01-08 14:14 - 2017-01-10 18:07 - 00000000 ____D C:\Program Files (x86)\Mapadomcoaveck
2017-01-08 14:14 - 2017-01-10 18:06 - 00000000 ____D C:\Program Files\EET2FMBFLG
2017-01-08 14:14 - 2017-01-08 14:14 - 00006056 _____ C:\Windows\System32\Tasks\Wuzapyfuqerch Update
2017-01-08 14:14 - 2017-01-08 14:14 - 00000000 ____D C:\Windows\SysWOW64\sstmp
2017-01-08 14:14 - 2017-01-08 14:14 - 00000000 ____D C:\Windows\system32\sstmp
2017-01-08 14:14 - 2017-01-08 14:14 - 00000000 _____ C:\TOSTACK
2017-01-05 20:48 - 2017-01-05 22:26 - 01445154 _____ C:\Users\Marvin\Desktop\Die Einführung des Mindestlohns.pptx
2017-01-02 13:54 - 2017-01-02 20:11 - 04767777 _____ C:\Users\Marvin\Downloads\Virtual-Reality-Präsentation (1).pptx
2017-01-02 13:10 - 2017-01-02 14:52 - 00000000 ____D C:\Users\Marvin\Documents\Darkest
2017-01-02 13:09 - 2017-01-02 13:09 - 00003332 _____ C:\Windows\System32\Tasks\SessionControlAgent
2017-01-02 13:09 - 2017-01-02 13:09 - 00000937 _____ C:\Users\Marvin\Desktop\Darkest Dungeon.lnk
2017-01-02 12:56 - 2017-01-02 12:56 - 04510004 _____ C:\Users\Marvin\Downloads\Virtual-Reality-Präsentation.pptx
2016-12-29 18:19 - 2016-12-29 18:19 - 00069878 _____ C:\Users\Marvin\Downloads\15696174_10210872013973089_1280108056_o.jpg
2016-12-29 18:18 - 2016-12-29 18:18 - 00520288 _____ C:\Users\Marvin\Downloads\Neue-Dimensionen-der-Realität-KPMG (2).PDF
2016-12-29 18:12 - 2017-01-03 00:44 - 00000000 ____D C:\Users\Marvin\Desktop\Virtual Reality Präsentation
2016-12-29 13:47 - 2016-12-29 13:47 - 00000000 ____D C:\Users\Marvin\AppData\Roaming\SmartSteamEmu
2016-12-29 13:42 - 2016-12-29 13:42 - 00000000 ____D C:\Users\Marvin\AppData\LocalLow\Monomi Park
2016-12-28 19:51 - 2016-12-28 19:51 - 00077824 _____ ( ) C:\Users\Marvin\Downloads\guiformat.exe
2016-12-28 19:19 - 2016-12-28 19:19 - 00188133 _____ C:\Users\Marvin\Downloads\Fat32FormatterEN.zip
2016-12-22 19:56 - 2016-12-22 19:56 - 00000000 ____D C:\Users\Marvin\AppData\Roaming\AMD
2016-12-22 19:11 - 2016-12-22 19:11 - 00001627 _____ C:\Users\Marvin\Downloads\American_Dad_S12E01_HDTV_x264-KILLERS[ettv] (1).torrent
2016-12-22 19:09 - 2016-12-22 19:09 - 00001627 _____ C:\Users\Marvin\Downloads\American_Dad_S12E01_HDTV_x264-KILLERS[ettv].torrent
2016-12-22 14:02 - 2016-12-22 14:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2016-12-21 19:42 - 2016-12-21 19:54 - 82345072 _____ C:\Users\Marvin\Downloads\Ace_Stream_Media_3.1.12.1.exe
2016-12-21 19:15 - 2016-12-21 19:15 - 00075888 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-stable.sys
2016-12-21 19:15 - 2016-12-21 19:15 - 00075888 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-dev.sys
2016-12-21 19:15 - 2016-12-21 19:15 - 00075888 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-canary.sys
2016-12-21 19:15 - 2016-12-21 19:15 - 00042096 _____ (Dropbox, Inc.) C:\Windows\system32\DbxSvc.exe
2016-12-18 23:46 - 2016-12-18 23:46 - 11273864 _____ C:\Users\Marvin\Downloads\AerialTraining.zip
2016-12-18 19:02 - 2016-12-18 19:02 - 00000000 ____D C:\Users\Marvin\AppData\Local\UnrealEngine
2016-12-18 19:02 - 2016-12-18 19:02 - 00000000 ____D C:\Users\Marvin\AppData\Local\DeadByDaylight
2016-12-17 14:51 - 2016-12-17 19:28 - 00000000 ___RD C:\Users\Marvin\Desktop\Drum Rack DnB Project
2016-12-16 13:54 - 2016-12-16 13:54 - 00000000 ____D C:\Users\Marvin\Desktop\.midi files
2016-12-15 16:05 - 2016-12-15 16:41 - 00000000 ____D C:\Users\Marvin\AppData\Roaming\discord
2016-12-15 16:05 - 2016-12-15 16:05 - 00000000 ____D C:\Users\Marvin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Hammer & Chisel, Inc
2016-12-15 16:05 - 2016-12-15 16:05 - 00000000 ____D C:\Users\Marvin\AppData\Local\Discord
2016-12-15 16:04 - 2016-12-15 16:05 - 50343608 _____ (Hammer & Chisel, Inc.) C:\Users\Marvin\Downloads\DiscordSetup.exe
2016-12-14 14:36 - 2016-11-21 19:16 - 00154856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2016-12-14 14:36 - 2016-11-21 19:16 - 00095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2016-12-14 14:36 - 2016-11-21 19:12 - 01462272 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-12-14 14:36 - 2016-11-21 19:12 - 01212928 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2016-12-14 14:36 - 2016-11-21 19:12 - 00730624 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-12-14 14:36 - 2016-11-21 19:12 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2016-12-14 14:36 - 2016-11-21 19:12 - 00463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2016-12-14 14:36 - 2016-11-21 19:12 - 00345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2016-12-14 14:36 - 2016-11-21 19:12 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2016-12-14 14:36 - 2016-11-21 19:12 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2016-12-14 14:36 - 2016-11-21 19:12 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2016-12-14 14:36 - 2016-11-21 19:12 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2016-12-14 14:36 - 2016-11-21 19:12 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2016-12-14 14:36 - 2016-11-21 19:12 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2016-12-14 14:36 - 2016-11-21 19:12 - 00123904 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
2016-12-14 14:36 - 2016-11-21 19:12 - 00109568 _____ (Microsoft Corporation) C:\Windows\system32\hlink.dll
2016-12-14 14:36 - 2016-11-21 19:12 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2016-12-14 14:36 - 2016-11-21 19:12 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2016-12-14 14:36 - 2016-11-21 19:12 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2016-12-14 14:36 - 2016-11-21 19:12 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2016-12-14 14:36 - 2016-11-21 19:12 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2016-12-14 14:36 - 2016-11-21 19:12 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2016-12-14 14:36 - 2016-11-20 17:20 - 00666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2016-12-14 14:36 - 2016-11-20 17:20 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2016-12-14 14:36 - 2016-11-20 17:20 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2016-12-14 14:36 - 2016-11-20 17:20 - 00082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcrypt.dll
2016-12-14 14:36 - 2016-11-20 17:20 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2016-12-14 14:36 - 2016-11-20 17:19 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2016-12-14 14:36 - 2016-11-20 17:19 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2016-12-14 14:36 - 2016-11-20 17:19 - 00342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2016-12-14 14:36 - 2016-11-20 17:19 - 00261120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2016-12-14 14:36 - 2016-11-20 17:19 - 00254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2016-12-14 14:36 - 2016-11-20 17:19 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2016-12-14 14:36 - 2016-11-20 17:19 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2016-12-14 14:36 - 2016-11-20 17:19 - 00141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2016-12-14 14:36 - 2016-11-20 17:19 - 00084992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hlink.dll
2016-12-14 14:36 - 2016-11-20 17:19 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2016-12-14 14:36 - 2016-11-20 17:19 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2016-12-14 14:36 - 2016-11-20 17:19 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2016-12-14 14:36 - 2016-11-20 17:04 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2016-12-14 14:36 - 2016-11-20 16:58 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2016-12-14 14:36 - 2016-11-20 16:57 - 00291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2016-12-14 14:36 - 2016-11-20 16:57 - 00129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2016-12-14 14:36 - 2016-11-20 16:57 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2016-12-14 14:36 - 2016-11-20 16:57 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2016-12-14 14:36 - 2016-11-20 16:52 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2016-12-14 14:36 - 2016-11-20 15:07 - 00467392 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2016-12-14 14:36 - 2016-11-17 17:41 - 00370920 _____ (Microsoft Corporation) C:\Windows\system32\clfs.sys
2016-12-14 14:36 - 2016-11-10 17:32 - 01009152 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
2016-12-14 14:36 - 2016-11-10 17:19 - 00833024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
2016-12-14 14:36 - 2016-11-09 17:41 - 00114408 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2016-12-14 14:36 - 2016-11-09 17:33 - 03244032 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2016-12-14 14:36 - 2016-11-09 17:33 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2016-12-14 14:36 - 2016-11-09 17:33 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2016-12-14 14:36 - 2016-11-09 17:33 - 00070144 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2016-12-14 14:36 - 2016-11-09 17:33 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\msimsg.dll
2016-12-14 14:36 - 2016-11-09 17:33 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2016-12-14 14:36 - 2016-11-09 17:17 - 02365440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2016-12-14 14:36 - 2016-11-09 17:17 - 01806848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2016-12-14 14:36 - 2016-11-09 17:17 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2016-12-14 14:36 - 2016-11-09 17:17 - 00025088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimsg.dll
2016-12-14 14:36 - 2016-11-09 17:17 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2016-12-14 14:36 - 2016-11-09 17:02 - 00128512 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2016-12-14 14:36 - 2016-11-09 16:55 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe
2016-12-14 14:36 - 2016-11-06 17:33 - 00404992 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2016-12-14 14:36 - 2016-11-06 17:16 - 00312832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2016-12-14 14:36 - 2016-11-06 17:01 - 03219456 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-12-14 14:36 - 2016-10-27 16:33 - 00802304 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2016-12-14 14:36 - 2016-10-27 16:20 - 00627712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2016-12-14 14:36 - 2016-10-11 16:40 - 00631176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2016-12-14 14:36 - 2016-10-11 16:37 - 05547752 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-12-14 14:36 - 2016-10-11 16:37 - 00706792 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2016-12-14 14:36 - 2016-10-11 16:34 - 01732864 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2016-12-14 14:36 - 2016-10-11 16:32 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2016-12-14 14:36 - 2016-10-11 16:32 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2016-12-14 14:36 - 2016-10-11 16:32 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2016-12-14 14:36 - 2016-10-11 16:32 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2016-12-14 14:36 - 2016-10-11 16:32 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\nlsbres.dll
2016-12-14 14:36 - 2016-10-11 16:32 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2016-12-14 14:36 - 2016-10-11 16:32 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2016-12-14 14:36 - 2016-10-11 16:32 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2016-12-14 14:36 - 2016-10-11 16:32 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2016-12-14 14:36 - 2016-10-11 16:31 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2016-12-14 14:36 - 2016-10-11 16:31 - 00880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2016-12-14 14:36 - 2016-10-11 16:31 - 00419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2016-12-14 14:36 - 2016-10-11 16:31 - 00059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2016-12-14 14:36 - 2016-10-11 16:31 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2016-12-14 14:36 - 2016-10-11 16:31 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2016-12-14 14:36 - 2016-10-11 16:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2016-12-14 14:36 - 2016-10-11 16:31 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-12-14 14:36 - 2016-10-11 16:31 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-12-14 14:36 - 2016-10-11 16:31 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-12-14 14:36 - 2016-10-11 16:31 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-12-14 14:36 - 2016-10-11 16:31 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-12-14 14:36 - 2016-10-11 16:31 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-12-14 14:36 - 2016-10-11 16:31 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-12-14 14:36 - 2016-10-11 16:31 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-12-14 14:36 - 2016-10-11 16:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-12-14 14:36 - 2016-10-11 16:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-12-14 14:36 - 2016-10-11 16:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-12-14 14:36 - 2016-10-11 16:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-12-14 14:36 - 2016-10-11 16:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-12-14 14:36 - 2016-10-11 16:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-12-14 14:36 - 2016-10-11 16:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-12-14 14:36 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-12-14 14:36 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-12-14 14:36 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-12-14 14:36 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-12-14 14:36 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-12-14 14:36 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-12-14 14:36 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-12-14 14:36 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-12-14 14:36 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-12-14 14:36 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-12-14 14:36 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-12-14 14:36 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-12-14 14:36 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-12-14 14:36 - 2016-10-11 16:24 - 04000488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2016-12-14 14:36 - 2016-10-11 16:24 - 03944680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2016-12-14 14:36 - 2016-10-11 16:21 - 01314112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2016-12-14 14:36 - 2016-10-11 16:18 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2016-12-14 14:36 - 2016-10-11 16:18 - 00644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2016-12-14 14:36 - 2016-10-11 16:18 - 00275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2016-12-14 14:36 - 2016-10-11 16:18 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlsbres.dll
2016-12-14 14:36 - 2016-10-11 16:18 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2016-12-14 14:36 - 2016-10-11 16:18 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2016-12-14 14:36 - 2016-10-11 16:18 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2016-12-14 14:36 - 2016-10-11 16:18 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2016-12-14 14:36 - 2016-10-11 16:18 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2016-12-14 14:36 - 2016-10-11 16:18 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-12-14 14:36 - 2016-10-11 16:18 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-12-14 14:36 - 2016-10-11 16:18 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-12-14 14:36 - 2016-10-11 16:18 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-12-14 14:36 - 2016-10-11 16:18 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-12-14 14:36 - 2016-10-11 16:18 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-12-14 14:36 - 2016-10-11 16:18 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-12-14 14:36 - 2016-10-11 16:18 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-12-14 14:36 - 2016-10-11 16:18 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-12-14 14:36 - 2016-10-11 16:18 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-12-14 14:36 - 2016-10-11 16:18 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-12-14 14:36 - 2016-10-11 16:18 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-12-14 14:36 - 2016-10-11 16:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2016-12-14 14:36 - 2016-10-11 16:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-12-14 14:36 - 2016-10-11 16:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-12-14 14:36 - 2016-10-11 16:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2016-12-14 14:36 - 2016-10-11 16:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-12-14 14:36 - 2016-10-11 16:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-12-14 14:36 - 2016-10-11 16:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-12-14 14:36 - 2016-10-11 16:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-12-14 14:36 - 2016-10-11 16:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-12-14 14:36 - 2016-10-11 16:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-12-14 14:36 - 2016-10-11 16:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2016-12-14 14:36 - 2016-10-11 16:03 - 00148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2016-12-14 14:36 - 2016-10-11 16:03 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2016-12-14 14:36 - 2016-10-11 16:03 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2016-12-14 14:36 - 2016-10-11 15:59 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2016-12-14 14:36 - 2016-10-11 15:59 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2016-12-14 14:36 - 2016-10-11 15:55 - 00346112 _____ (Microsoft Corporation) C:\Windows\system32\bcdedit.exe
2016-12-14 14:36 - 2016-10-11 15:55 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2016-12-14 14:36 - 2016-10-11 15:51 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2016-12-14 14:36 - 2016-10-11 15:51 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2016-12-14 14:36 - 2016-10-11 15:51 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2016-12-14 14:36 - 2016-10-11 15:51 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2016-12-14 14:36 - 2016-10-11 15:50 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2016-12-14 14:36 - 2016-10-11 15:50 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-12-14 14:36 - 2016-10-11 15:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-12-14 14:36 - 2016-10-11 15:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2016-12-14 14:36 - 2016-10-11 14:18 - 00419648 _____ C:\Windows\SysWOW64\locale.nls
2016-12-14 14:36 - 2016-10-11 14:17 - 00419648 _____ C:\Windows\system32\locale.nls
2016-12-14 14:36 - 2016-10-08 14:06 - 00633296 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2016-12-14 14:36 - 2016-10-04 16:31 - 01483264 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2016-12-14 14:36 - 2016-10-04 16:31 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2016-12-14 14:36 - 2016-10-04 16:31 - 00190976 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2016-12-14 14:36 - 2016-10-04 16:31 - 00141824 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2016-12-14 14:36 - 2016-10-04 16:13 - 01176064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2016-12-14 14:36 - 2016-10-04 16:13 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2016-12-14 14:36 - 2016-10-04 16:13 - 00145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2016-12-14 14:36 - 2016-10-04 16:13 - 00106496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2016-12-13 12:59 - 2016-12-13 12:59 - 00000000 ____D C:\Users\Marvin\AppData\Local\Chromium

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-01-11 09:15 - 2015-09-05 14:52 - 00000000 ____D C:\Program Files (x86)\Steam
2017-01-11 09:10 - 2016-04-06 17:26 - 00000000 ___RD C:\Users\Marvin\Dropbox
2017-01-11 09:09 - 2016-04-06 17:24 - 00000904 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job
2017-01-11 09:09 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2017-01-11 00:26 - 2016-08-31 12:44 - 00065536 _____ C:\Windows\system32\spu_storage.bin
2017-01-11 00:25 - 2015-09-07 00:08 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2017-01-11 00:25 - 2015-09-05 22:31 - 00000000 ____D C:\Users\Marvin\AppData\Roaming\TS3Client
2017-01-11 00:21 - 2015-09-28 17:56 - 00000000 ____D C:\Users\Marvin\AppData\Roaming\Origin
2017-01-10 23:47 - 2016-04-06 17:24 - 00000908 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job
2017-01-10 23:25 - 2015-09-07 00:08 - 00802904 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2017-01-10 23:25 - 2015-09-07 00:08 - 00144472 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2017-01-10 23:25 - 2015-09-07 00:08 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2017-01-10 23:25 - 2015-09-07 00:08 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2017-01-10 23:25 - 2015-09-07 00:08 - 00000000 ____D C:\Windows\system32\Macromed
2017-01-10 23:17 - 2015-09-18 23:51 - 00000000 ____D C:\Users\Marvin\AppData\Local\Battle.net
2017-01-10 22:47 - 2015-09-18 23:49 - 00000000 ____D C:\Program Files (x86)\Battle.net
2017-01-10 20:51 - 2015-09-28 17:52 - 00000000 ____D C:\ProgramData\Origin
2017-01-10 18:30 - 2015-09-18 23:27 - 00000000 ____D C:\Users\Marvin\AppData\Local\Spotify
2017-01-10 18:30 - 2015-09-18 23:25 - 00000000 ____D C:\Users\Marvin\AppData\Roaming\Spotify
2017-01-10 18:16 - 2009-07-14 05:45 - 00010016 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-01-10 18:16 - 2009-07-14 05:45 - 00010016 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-01-10 18:14 - 2009-07-14 06:13 - 00743506 _____ C:\Windows\system32\PerfStringBackup.INI
2017-01-10 18:14 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\inf
2017-01-10 18:06 - 2016-05-06 13:41 - 00000000 ____D C:\Users\Marvin\Desktop\install_patch
2017-01-10 17:39 - 2015-09-05 16:23 - 00000000 ____D C:\ProgramData\Package Cache
2017-01-10 12:53 - 2015-10-17 15:06 - 00000000 ____D C:\Program Files\Java
2017-01-09 13:36 - 2015-09-23 20:31 - 00000000 ____D C:\Users\Marvin\AppData\Local\CrashDumps
2017-01-09 01:15 - 2015-09-05 14:54 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-01-09 01:14 - 2015-09-05 14:54 - 00001061 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2017-01-09 01:08 - 2009-07-14 06:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2017-01-08 20:09 - 2015-09-18 13:58 - 00000000 ____D C:\Users\Marvin\AppData\Roaming\vlc
2017-01-08 19:12 - 2015-09-13 14:16 - 00000000 ____D C:\Windows\system32\MRT
2017-01-08 19:10 - 2015-09-13 14:16 - 135632432 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2017-01-08 16:49 - 2015-09-05 14:40 - 00000000 ____D C:\Program Files (x86)\Google
2017-01-08 16:17 - 2009-07-14 04:20 - 00000000 ____D C:\Program Files (x86)\Windows NT
2017-01-08 14:31 - 2015-09-05 22:16 - 00000000 ____D C:\Users\Marvin\AppData\Local\ElevatedDiagnostics
2017-01-02 22:20 - 2015-09-10 15:32 - 00000000 ____D C:\Program Files\PeerBlock
2016-12-30 22:17 - 2015-10-01 18:39 - 00226168 _____ C:\Windows\SysWOW64\PnkBstrB.exe
2016-12-29 13:46 - 2015-10-14 10:10 - 00466456 _____ (Creative Labs) C:\Windows\system32\wrap_oal.dll
2016-12-29 13:46 - 2015-10-14 10:10 - 00444952 _____ (Creative Labs) C:\Windows\SysWOW64\wrap_oal.dll
2016-12-29 13:46 - 2015-10-14 10:10 - 00122904 _____ (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\Windows\system32\OpenAL32.dll
2016-12-29 13:46 - 2015-10-14 10:10 - 00109080 _____ (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\Windows\SysWOW64\OpenAL32.dll
2016-12-28 20:17 - 2016-04-18 17:44 - 00000000 ____D C:\Users\Marvin\AppData\Local\Windows Live
2016-12-22 16:13 - 2015-10-01 18:39 - 00226168 _____ C:\Windows\SysWOW64\PnkBstrB.ex0
2016-12-22 14:02 - 2016-04-06 17:24 - 00000000 ____D C:\Program Files (x86)\Dropbox
2016-12-19 20:48 - 2016-08-11 17:53 - 00000000 ____D C:\Windows\rescache
2016-12-17 21:14 - 2016-07-22 10:14 - 00000000 ____D C:\Users\Marvin\Documents\ManiaPlanet
2016-12-17 21:06 - 2016-07-22 10:14 - 00000000 ____D C:\ProgramData\ManiaPlanet
2016-12-15 16:49 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\Microsoft.NET
2016-12-15 16:48 - 2009-07-14 04:20 - 00000000 __RSD C:\Windows\assembly
2016-12-15 16:05 - 2016-01-04 18:31 - 00000000 ____D C:\Users\Marvin\AppData\Local\SquirrelTemp
2016-12-15 08:19 - 2009-07-14 03:34 - 00189440 ____H C:\Users\Default\NTUSER.DAT.LOG1
2016-12-15 08:18 - 2009-07-14 05:45 - 00509392 _____ C:\Windows\system32\FNTCACHE.DAT
2016-12-15 08:18 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\SysWOW64\en-US
2016-12-15 08:18 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\en-US
2016-12-15 08:18 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\Boot
2016-12-15 08:18 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\AppPatch
2016-12-15 00:17 - 2015-09-05 14:41 - 00734476 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2016-12-14 14:44 - 2015-09-06 20:15 - 00013553 _____ C:\Users\Marvin\Desktop\Pushups Crunches.xlsx
2016-12-14 14:37 - 2015-09-07 11:30 - 00000000 ____D C:\ProgramData\Microsoft Help
2016-12-14 14:35 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\catroot2
2016-12-13 12:59 - 2015-09-05 14:57 - 00000000 ____D C:\Users\Marvin\AppData\Local\Steam
2016-12-12 23:52 - 2015-12-29 19:00 - 00000000 ____D C:\Users\Marvin\AppData\Roaming\Skype

==================== Files in the root of some directories =======

2015-09-17 00:20 - 2015-09-17 00:20 - 0000037 ___SH () C:\Users\Marvin\AppData\Local\20986331705021ca58edc424.96250074
2016-02-19 10:56 - 2016-02-19 10:56 - 0000036 _____ () C:\Users\Marvin\AppData\Local\housecall.guid.cache
2016-01-03 00:59 - 2016-01-05 23:07 - 0007600 _____ () C:\Users\Marvin\AppData\Local\Resmon.ResmonCfg
2015-09-18 16:55 - 2015-09-18 16:55 - 0000057 _____ () C:\ProgramData\Ament.ini
2015-09-05 14:45 - 2015-09-05 14:45 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2017-01-07 21:48

==================== End of FRST.txt ============================

Up next the Addition log:

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 08-01-2017
Ran by Marvin (11-01-2017 09:15:47)
Running from C:\Users\Marvin\Desktop\Fixing things
Windows 7 Ultimate Service Pack 1 (X64) (2015-09-05 13:38:00)
Boot Mode: Normal
==========================================================

==================== Accounts: =============================

Administrator (S-1-5-21-4016113358-843845156-2686539769-500 - Administrator - Disabled)
Guest (S-1-5-21-4016113358-843845156-2686539769-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-4016113358-843845156-2686539769-1002 - Limited - Enabled)
Marvin (S-1-5-21-4016113358-843845156-2686539769-1000 - Administrator - Enabled) => C:\Users\Marvin

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AS: Spybot - Search and Destroy (Enabled - Up to date) {A16C3F68-9280-E053-1818-342707FECF4D}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Ableton Live 9 Suite (HKLM\...\{48EC4E57-1D04-4831-90A7-151DA2269495}) (Version: 9.0.0.0 - Ableton)
Ableton Live 9 Suite (HKLM\...\{F6BA3E9F-8637-4DCE-BBA8-75A6A57A9D0B}) (Version: 9.0.0.0 - Ableton)
Adobe Flash Player 24 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 24.0.0.194 - Adobe Systems Incorporated)
Age of Empires II: HD Edition (HKLM\...\Steam App 221380) (Version: - Skybox Labs)
AMD Install Manager (HKLM\...\AMD Catalyst Install Manager) (Version: 9.0.000.4 - Advanced Micro Devices, Inc.)
Analog Lab 1.2.3 (HKLM-x32\...\Analog Lab_is1) (Version: 1.2.3 - Arturia)
Arturia Software Center 1.2.1 (HKLM-x32\...\Arturia Software Center_is1) (Version: 1.2.1 - Arturia)
AVM FRITZ!Box Dokumentation (HKLM-x32\...\AVMFBox) (Version: - AVM Berlin)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Battlefield 4™ (HKLM-x32\...\{ABADE36E-EC37-413B-8179-B432AD3FACE7}) (Version: 1.7.2.45672 - Electronic Arts)
Battlefield™ 1 (HKLM-x32\...\{335B50BC-6130-4BAF-9A6A-F1561270587B}) (Version: 1.0.47.30570 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.7.1 - EA Digital Illusions CE AB)
Bionic Dues (HKLM-x32\...\Steam App 238910) (Version: - Arcen Games, LLC)
Borderless Gaming (HKLM-x32\...\Borderless Gaming_is1) (Version: 8.4 - Codeusa Software)
Brawlhalla (HKLM-x32\...\Steam App 291550) (Version: - Blue Mammoth Games)
Burnout™ Paradise: The Ultimate Box (HKLM-x32\...\{9A996B6A-846E-4A89-B9C4-17546B7BE49F}) (Version: 1.1.0.0 - Electronic Arts)
Call of Duty: Modern Warfare 3 - Multiplayer (HKLM-x32\...\Steam App 42690) (Version: - Infinity Ward)
Catalyst Control Center Next Localization BR (Version: 2016.0811.443.6667 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (Version: 2016.0811.443.6667 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (Version: 2016.0811.443.6667 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (Version: 2016.0811.443.6667 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (Version: 2016.0811.443.6667 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (Version: 2016.0811.443.6667 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (Version: 2016.0811.443.6667 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (Version: 2016.0811.443.6667 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (Version: 2016.0811.443.6667 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (Version: 2016.0811.443.6667 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (Version: 2016.0811.443.6667 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (Version: 2016.0811.443.6667 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (Version: 2016.0811.443.6667 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (Version: 2016.0811.443.6667 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (Version: 2016.0811.443.6667 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (Version: 2016.0811.443.6667 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (Version: 2016.0811.443.6667 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (Version: 2016.0811.443.6667 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (Version: 2016.0811.443.6667 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (Version: 2016.0811.443.6667 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (Version: 2016.0811.443.6667 - Advanced Micro Devices, Inc.) Hidden
Counter-Strike (HKLM-x32\...\Steam App 10) (Version: - Valve)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version: - Valve)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DARK SOULS II - Scholar of the First Sin (HKLM-x32\...\DARK SOULS II - Scholar of the First Sin_is1) (Version: - )
Dark Souls III (HKLM-x32\...\Dark Souls III_is1) (Version: - )
DARK SOULS™ II: Scholar of the First Sin (HKLM\...\Steam App 335300) (Version: - FromSoftware, Inc)
Darkest Dungeon (HKLM-x32\...\Darkest Dungeon_is1) (Version: - )
Darksiders II: Deathinitive Edition (HKLM\...\Steam App 388410) (Version: - Gunfire Games)
Darksiders Warmastered Edition (HKLM\...\Steam App 462780) (Version: - KAIKO)
Dead by Daylight (HKLM\...\Steam App 381210) (Version: - Behaviour Digital Inc.)
Discord (HKU\S-1-5-21-4016113358-843845156-2686539769-1000\...\Discord) (Version: 0.0.296 - Hammer & Chisel, Inc.)
Dishonored (HKLM\...\Steam App 205100) (Version: - Arkane Studios)
DisplayFusion 7.3 (HKLM-x32\...\B076073A-5527-4f4f-B46B-B10692277DA2_is1) (Version: 7.3.0.0 - Binary Fortress Software)
Distance (HKLM-x32\...\Steam App 233610) (Version: - Refract)
Dolby Home Theater v4 (HKLM-x32\...\{B26438B4-BF51-49C3-9567-7F14A5E40CB9}) (Version: 7.2.8000.13 - Dolby Laboratories Inc)
Don't Starve (HKLM-x32\...\Steam App 219740) (Version: - Klei Entertainment)
Don't Starve Together Beta (HKLM-x32\...\Steam App 322330) (Version: - Klei Entertainment)
Dr. Langeskov, The Tiger, and The Terribly Cursed Emerald: A Whirlwind Heist (HKLM-x32\...\Steam App 409160) (Version: - Crows Crows Crows)
Dropbox (HKLM-x32\...\Dropbox) (Version: 16.4.30 - Dropbox, Inc.)
Dropbox Update Helper (x32 Version: 1.3.59.1 - Dropbox, Inc.) Hidden
DuelystLauncher (HKU\S-1-5-21-4016113358-843845156-2686539769-1000\...\launcher) (Version: 0.0.9 - Counterplay Games Inc.)
Enter the Gungeon (HKLM-x32\...\1456912569_is1) (Version: 2.0.0.2 - GOG.com)
Etron USB3.0 Host Controller (HKLM-x32\...\InstallShield_{DFBB738C-71D8-4DC5-B8D2-D65C37680E27}) (Version: 0.118 - Etron Technology)
Etron USB3.0 Host Controller (x32 Version: 0.118 - Etron Technology) Hidden
Evolve Stage 2 (HKLM\...\Steam App 273350) (Version: - Turtle Rock Studios)
Fallout 4 (HKLM-x32\...\Fallout 4_is1) (Version: - )
FIFA 17 (HKLM-x32\...\{8C0DD062-B659-409C-9AB7-8EBD1D64D2EB}) (Version: 1.0.46.21015 - Electronic Arts)
Firebird SQL Server - MAGIX Edition (HKLM-x32\...\{39AB2E37-1A55-4292-A5D3-971E9F70D0F8}) (Version: 2.1.32.0 - MAGIX AG)
FlatOut 2 (HKLM\...\Steam App 2990) (Version: - Bugbear Entertainment)
Fotogalerie (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Foxit Cloud (HKLM-x32\...\{41914D8B-9D6E-4764-A1F9-BC43FB6782C1}_is1) (Version: 3.7.139.918 - Foxit Software Inc.)
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 7.2.0.722 - Foxit Software Inc.)
GameRanger (HKU\S-1-5-21-4016113358-843845156-2686539769-1000\...\GameRanger) (Version: - GameRanger Technologies)
Gaming Mouse Editor (HKLM-x32\...\GamingMouseEditor) (Version: 13.04.0002 - )
Golf With Your Friends (HKLM\...\Steam App 431240) (Version: - Blacklight Interactive)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 55.0.2883.87 - Google Inc.)
Google Update Helper (x32 Version: 1.3.21.99 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.32.7 - Google Inc.) Hidden
Gunpoint (HKLM-x32\...\Steam App 206190) (Version: - Suspicious Developments)
Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment)
HP Deskjet 2540 series Basic Device Software (HKLM\...\{7AF1A318-2914-41CC-9B24-041C2D4AAAD7}) (Version: 32.0.1180.44630 - Hewlett-Packard Co.)
HP FWUpdateEDO2 (HKLM-x32\...\{415FA9AD-DA10-4ABE-97B6-5051D4795C90}) (Version: 1.2.0.0 - Hewlett-Packard)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPDiagnosticAlert (x32 Version: 1.00.0001 - Microsoft) Hidden
Industry Giant 2 (HKLM\...\aW5kdXN0cnlnaWFudDI_is1) (Version: 1 - )
Mafia II (HKLM\...\Steam App 50130) (Version: - 2K Czech)
Mafia III (HKLM-x32\...\Mafia III_is1) (Version: - )
MAGIX Common Components 1 (HKLM-x32\...\{38BF501B-F285-4A3B-99E2-09F58A130A59}) (Version: 1.7.0.0 - MAGIX Software GmbH)
MAGIX Content and Soundpools (HKLM-x32\...\MAGIX_GlobalContent) (Version: 1.0.0.0 - MAGIX Software GmbH)
MAGIX Fonts Package 2 (x32 Version: 1.0.0.0 - MAGIX Software GmbH) Hidden
MAGIX Speed burnR (MSI) (HKLM-x32\...\MX.{B396DA26-0959-44BA-812B-2E6AF4F678E1}) (Version: 7.0.2.6 - MAGIX Software GmbH)
MAGIX Speed burnR (MSI) (Version: 7.0.2.6 - MAGIX Software GmbH) Hidden
Malwarebytes version 3.0.5.1299 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.0.5.1299 - Malwarebytes)
marvell 91xx driver (HKLM-x32\...\MagniDriver) (Version: 1.2.0.1020 - Marvell)
M-Audio MIDISPORT 6.1.3 (x64) (HKLM\...\{AED2A1D4-19B4-4692-8004-E1A3E8A9E85B}) (Version: 6.1.3 - M-Audio)
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.4734.1000 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{14297226-E0A0-3781-8911-E9D529552663}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24210 (HKLM-x32\...\{f144e08f-9cbe-4f09-9a8c-f2b858b7ee7f}) (Version: 14.0.24210.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24210 (HKLM-x32\...\{23658c02-145e-483d-ba6b-1eb82c580529}) (Version: 14.0.24210.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Xbox 360 Accessories 1.2 (HKLM\...\{D9C50188-12D5-4D3E-8F00-682346C2AA5F}) (Version: 1.20.146.0 - Microsoft)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
MIDI Control Center 1.2.2 (HKLM-x32\...\MIDI Control Center_is1) (Version: 1.2.2 - Arturia)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 47.0.2 (x86 de) (HKLM-x32\...\Mozilla Firefox 47.0.2 (x86 de)) (Version: 47.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 47.0.2.6148 - Mozilla)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
Native Instruments Guitar Rig 3 (HKLM-x32\...\Native Instruments Guitar Rig 3) (Version: - )
Native Instruments Massive (HKLM-x32\...\Native Instruments Massive) (Version: - Native Instruments)
Native Instruments Service Center (HKLM-x32\...\Native Instruments Service Center) (Version: - Native Instruments)
Need For Speed Most Wanted Black Edition version 1.3.0.0 (HKLM-x32\...\Need For Speed Most Wanted Black Edition_is1) (Version: 1.3.0.0 - Mr DJ)
Need for Speed™ The Run (HKLM-x32\...\{0EDC9BA0-016E-406a-86DA-04FC1BE00C21}) (Version: 1.1.0.0 - Electronic Arts)
NVIDIA PhysX (HKLM-x32\...\{B455E95A-B804-439F-B533-336B1635AE97}) (Version: 9.14.0702 - NVIDIA Corporation)
ON_OFF Charge B12.1025.1 (HKLM-x32\...\{3DECD372-76A1-4483-BF10-B547790A3261}) (Version: 1.00.0001 - GIGABYTE)
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
OpenOffice 4.1.1 (HKLM-x32\...\{9395F41D-0F80-432E-9A59-B8E477E7E163}) (Version: 4.11.9775 - Apache Software Foundation)
Origin (HKLM-x32\...\Origin) (Version: 10.3.5.6379 - Electronic Arts, Inc.)
Overwatch (HKLM-x32\...\Overwatch) (Version: - Blizzard Entertainment)
Pazera Free MKV to AVI Converter 1.4 (HKLM-x32\...\{EDFA6B29-7667-4FD2-86F3-9835AFCE837A}_is1) (Version: 1.4 - Jacek Pazera)
PeerBlock 1.2 (r693) (HKLM\...\{015C5B35-B678-451C-9AEE-821E8D69621C}_is1) (Version: 1.2.0.693 - PeerBlock, LLC)
Portal 2 (HKLM-x32\...\Steam App 620) (Version: - Valve)
PowerISO (HKLM-x32\...\PowerISO) (Version: 6.6 - Power Software Ltd)
Prison Architect (HKLM-x32\...\Steam App 233450) (Version: - Introversion Software)
Project Highrise (HKLM-x32\...\2018730457_is1) (Version: 2.0.0.4 - GOG.com)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.988 - Even Balance, Inc.)
Rainmeter (HKLM-x32\...\Rainmeter) (Version: 3.3 beta r2461 - )
Raptr (HKLM-x32\...\Raptr) (Version: - )
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.48.823.2011 - Realtek)
Realtek HDMI Audio Driver for ATI (HKLM-x32\...\{5449FB4F-1802-4D5B-A6D8-087DB1142147}) (Version: 6.0.1.6650 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6767 - Realtek Semiconductor Corp.)
Reus (HKLM\...\Steam App 222730) (Version: - Abbey Games)
Rise of Nations: Extended Edition (HKLM-x32\...\Rise of Nations: Extended Edition_is1) (Version: - Microsoft Studios)
Rocket League (HKLM-x32\...\Steam App 252950) (Version: - Psyonix)
Shadow Tactics - Blades of the Shogun 1.1.2 (HKLM-x32\...\{BB762706-65FA-44C1-B2BB-EF29CA88D7CE}_is1) (Version: 1.1.2 - Daedalic Entertainment GmbH)
Sid Meier's Civilization V (HKLM-x32\...\Sid Meier's Civilization V_is1) (Version: - )
Skyborn (HKLM-x32\...\Steam App 278460) (Version: - Dancing Dragon Games)
Skype™ 7.22 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.22.109 - Skype Technologies S.A.)
SNOW (HKLM\...\Steam App 244930) (Version: - Poppermost Productions)
SONAR 8.0 Producer Edition (HKLM-x32\...\SONAR8Producer_x64_is1) (Version: 17.0 - Cakewalk Music Software)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version: - )
Spotify (HKU\S-1-5-21-4016113358-843845156-2686539769-1000\...\Spotify) (Version: 1.0.45.186.g3b5036d6 - Spotify AB)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Stronghold (HKLM-x32\...\{97A19679-4C07-4B34-8ACB-D5565C3440FC}) (Version: - )
Stronghold Crusader Extreme HD (HKLM\...\Steam App 16700) (Version: - Firefly Studios)
Stronghold Crusader HD (HKLM\...\Steam App 40970) (Version: - FireFly Studios)
Sunless Sea (HKLM-x32\...\1421064427_is1) (Version: 2.4.0.5 - GOG.com)
Super Meat Boy (HKLM\...\Steam App 40800) (Version: - Team Meat)
TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: 3.0.17 - TeamSpeak Systems GmbH)
Terraria (HKLM\...\Steam App 105600) (Version: - Re-Logic)
Text-To-Speech-Runtime (HKLM-x32\...\{7B3F0113-E63C-4D6D-AF19-111A3165CCA2}) (Version: 1.0.0.0 - Magix Development GmbH)
The Binding of Isaac (HKLM-x32\...\Steam App 113200) (Version: - Edmund McMillen and Florian Himsl)
The Binding of Isaac: Rebirth (HKLM-x32\...\Steam App 250900) (Version: - Nicalis, Inc.)
The Room (HKLM-x32\...\The Room_is1) (Version: - Fireproof Games)
The Room Two (HKLM\...\Steam App 425580) (Version: - Fireproof Games)
The Ship (HKLM-x32\...\Steam App 2400) (Version: - Outerlight Ltd.)
The Ship Single Player (HKLM-x32\...\Steam App 2420) (Version: - Outerlight Ltd.)
The Talos Principle (HKLM-x32\...\Steam App 257510) (Version: - Croteam)
This Is the Police (HKLM-x32\...\This Is the Police_is1) (Version: - )
TOXIKK (HKLM\...\Steam App 324810) (Version: - Reakktor Studios)
Trine 2 (HKLM\...\Steam App 35720) (Version: - Frozenbyte)
Tweaking.com - Registry Backup (HKLM-x32\...\Tweaking.com - Registry Backup) (Version: 3.5.3 - Tweaking.com)
Unreal Development Kit: 2015-01 (HKLM\...\UDK-5e1b7663-0639-46c5-882c-a64cefc97f4d) (Version: - Epic Games, Inc.)
Uplay (HKLM-x32\...\Uplay) (Version: 3.0 - Ubisoft)
USB Network Joystick (HKLM-x32\...\{2A558A06-A44E-400D-95AD-D9FAA89AFD36}) (Version: V3.70a - )
Velocibox (HKLM-x32\...\Steam App 317710) (Version: - Shawn Beck)
Vita 2 (Version: 1.0.0.0 - MAGIX Software GmbH) Hidden
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.4 - VideoLAN)
White Night (HKLM-x32\...\White Night_is1) (Version: - )
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
WinRAR 5.21 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
WinSnare (HKLM-x32\...\{2D7A9DE0-A61B-4555-9E44-8485AE3DB8A8}) (Version: 4.0.4 - WinSnare)
World of Goo (HKLM\...\Steam App 22000) (Version: - 2D BOY)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {015D408D-BFF6-437D-86FD-B4E1CD58743B} - System32\Tasks\Wuzapyfuqerch Update => C:\Program Files (x86)\Mapadomcoaveck\vazering.exe [2017-01-08] (Glarysoft Ltd)
Task: {2075174D-DA69-43F3-B9AC-DB550763ABAF} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-01-10] (Adobe Systems Incorporated)
Task: {476E2E3D-7994-4604-83C4-054AF01BD337} - System32\Tasks\SessionControlAgent => C:\windows\mfdvdec.exe
Task: {4F0AE84A-66A1-4265-A761-E8A418FA8722} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-01-08] (Google Inc.)
Task: {72D72D62-605D-4038-8B0D-BA0D4EEC48EE} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-04-06] (Dropbox, Inc.)
Task: {A6ECCEEE-5AEE-416B-8968-7A0D124938D0} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-04-06] (Dropbox, Inc.)
Task: {BD6F6ECA-881B-4477-8788-59E26BCE7DBC} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-01-08] (Google Inc.)
Task: {FAC70300-0CF5-4A75-A198-4F098D1518F3} - System32\Tasks\AMD Updater => C:\Program Files\AMD\CIM\\Bin64\InstallManagerApp.exe [2016-08-11] (Advanced Micro Devices, Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

==================== Loaded Modules (Whitelisted) ==============

2015-09-29 23:49 - 2015-09-29 23:49 - 00214528 _____ () C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Container.PerformanceTuning.dll
2014-02-11 06:08 - 2014-02-11 06:08 - 00817152 _____ () C:\Program Files\AMD\ATI.ACE\Fuel\Device.dll
2014-02-11 06:08 - 2014-02-11 06:08 - 03650560 _____ () C:\Program Files\AMD\ATI.ACE\Fuel\Platform.dll
2010-01-21 00:40 - 2010-01-21 00:40 - 08794464 _____ () C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll
2010-01-09 19:17 - 2010-01-09 19:17 - 04254560 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2015-06-25 16:34 - 2015-06-25 16:34 - 00014336 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll
2015-06-25 16:37 - 2015-06-25 16:37 - 00739840 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll
2015-06-25 16:35 - 2015-06-25 16:35 - 00014336 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll
2015-06-25 16:38 - 2015-06-25 16:38 - 00071168 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll
2015-06-25 15:53 - 2015-06-25 15:53 - 00011776 _____ () C:\Program Files\AMD\CNext\CNext\libEGL.dll
2015-06-25 15:51 - 2015-06-25 15:51 - 02013696 _____ () C:\Program Files\AMD\CNext\CNext\libGLESv2.dll
2016-06-22 13:09 - 2008-12-10 10:10 - 00796784 _____ () C:\Windows\USB Vibration\7906\USB Gamepad.exe
2015-10-01 21:19 - 2016-09-05 13:30 - 00076152 _____ () C:\Windows\system32\PnkBstrA.exe
2017-01-08 16:49 - 2016-12-08 09:03 - 02412888 _____ () C:\Program Files (x86)\Google\Chrome\Application\55.0.2883.87\libglesv2.dll
2017-01-08 16:49 - 2016-12-08 09:03 - 00099672 _____ () C:\Program Files (x86)\Google\Chrome\Application\55.0.2883.87\libegl.dll
2016-08-11 09:22 - 2016-08-11 09:22 - 00223744 _____ () C:\Windows\SysWOW64\GameManager32.dll
2015-09-05 14:57 - 2016-12-08 16:13 - 00656160 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2015-09-05 14:57 - 2016-09-01 02:02 - 04969248 _____ () C:\Program Files (x86)\Steam\v8.dll
2015-09-05 14:57 - 2016-09-01 02:02 - 01563936 _____ () C:\Program Files (x86)\Steam\icui18n.dll
2015-09-05 14:57 - 2016-09-01 02:02 - 01195296 _____ () C:\Program Files (x86)\Steam\icuuc.dll
2015-09-05 14:57 - 2016-12-20 03:25 - 02322720 _____ () C:\Program Files (x86)\Steam\video.dll
2015-09-05 14:57 - 2016-01-27 08:49 - 02549760 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll
2015-09-05 14:57 - 2016-01-27 08:49 - 00442880 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll
2015-09-05 14:57 - 2016-01-27 08:49 - 00491008 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll
2015-09-05 14:57 - 2016-01-27 08:49 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll
2015-09-05 14:57 - 2016-01-27 08:49 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll
2015-09-05 14:57 - 2016-12-20 03:25 - 00838944 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2016-03-09 13:13 - 2016-07-04 23:17 - 00266560 _____ () C:\Program Files (x86)\Steam\openvr_api.dll
2016-04-06 17:25 - 2016-11-11 21:36 - 00035792 _____ () C:\Program Files (x86)\Dropbox\Client\_multiprocessing.pyd
2016-04-06 17:25 - 2016-11-11 21:36 - 00100296 _____ () C:\Program Files (x86)\Dropbox\Client\_ctypes.pyd
2016-04-06 17:25 - 2016-11-11 21:36 - 00018888 _____ () C:\Program Files (x86)\Dropbox\Client\select.pyd
2016-04-06 17:25 - 2016-12-21 19:26 - 00019760 _____ () C:\Program Files (x86)\Dropbox\Client\tornado.speedups.pyd
2016-04-06 17:25 - 2016-11-11 21:36 - 00694224 _____ () C:\Program Files (x86)\Dropbox\Client\unicodedata.pyd
2016-12-22 14:02 - 2016-12-21 19:26 - 00020816 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._constant_time.pyd
2016-04-06 17:25 - 2016-11-11 21:37 - 00123856 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_backend.pyd
2016-12-22 14:02 - 2016-12-21 19:26 - 01682760 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._openssl.pyd
2016-12-22 14:02 - 2016-12-21 19:26 - 00020808 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._padding.pyd
2016-12-22 14:02 - 2016-11-11 21:36 - 00145864 _____ () C:\Program Files (x86)\Dropbox\Client\pyexpat.pyd
2016-12-22 14:02 - 2016-11-11 21:37 - 00019408 _____ () C:\Program Files (x86)\Dropbox\Client\faulthandler.pyd
2016-12-22 14:02 - 2016-11-11 21:36 - 00116688 _____ () C:\Program Files (x86)\Dropbox\Client\pywintypes27.dll
2016-04-06 17:25 - 2016-11-11 21:38 - 00105928 _____ () C:\Program Files (x86)\Dropbox\Client\win32api.pyd
2016-08-04 23:23 - 2016-12-21 19:26 - 00021312 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.crt.compiled._winffi_crt.pyd
2016-12-22 14:02 - 2016-12-21 19:26 - 00052024 _____ () C:\Program Files (x86)\Dropbox\Client\psutil._psutil_windows.pyd
2016-12-22 14:02 - 2016-12-21 19:26 - 00038696 _____ () C:\Program Files (x86)\Dropbox\Client\fastpath.pyd
2016-12-22 14:02 - 2016-11-11 21:36 - 00392144 _____ () C:\Program Files (x86)\Dropbox\Client\pythoncom27.dll
2016-12-22 14:02 - 2016-11-11 21:38 - 00020936 _____ () C:\Program Files (x86)\Dropbox\Client\mmapfile.pyd
2016-04-06 17:25 - 2016-11-11 21:38 - 00024528 _____ () C:\Program Files (x86)\Dropbox\Client\win32event.pyd
2016-04-06 17:25 - 2016-11-11 21:39 - 00116176 _____ () C:\Program Files (x86)\Dropbox\Client\win32security.pyd
2016-04-06 17:25 - 2016-12-21 19:26 - 00381752 _____ () C:\Program Files (x86)\Dropbox\Client\win32com.shell.shell.pyd
2016-04-06 17:25 - 2016-11-11 21:38 - 00124880 _____ () C:\Program Files (x86)\Dropbox\Client\win32file.pyd
2016-08-04 23:23 - 2016-12-21 19:26 - 00025424 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.kernel32.compiled._winffi_kernel32.pyd
2016-04-06 17:25 - 2016-11-11 21:38 - 00024016 _____ () C:\Program Files (x86)\Dropbox\Client\win32clipboard.pyd
2016-04-06 17:25 - 2016-11-11 21:38 - 00175560 _____ () C:\Program Files (x86)\Dropbox\Client\win32gui.pyd
2016-04-06 17:25 - 2016-11-11 21:38 - 00030160 _____ () C:\Program Files (x86)\Dropbox\Client\win32pipe.pyd
2016-04-06 17:25 - 2016-11-11 21:39 - 00043472 _____ () C:\Program Files (x86)\Dropbox\Client\win32process.pyd
2016-04-06 17:25 - 2016-11-11 21:39 - 00048592 _____ () C:\Program Files (x86)\Dropbox\Client\win32service.pyd
2016-04-06 17:25 - 2016-11-11 21:38 - 00057808 _____ () C:\Program Files (x86)\Dropbox\Client\win32evtlog.pyd
2016-04-06 17:25 - 2016-11-11 21:39 - 00024016 _____ () C:\Program Files (x86)\Dropbox\Client\win32profile.pyd
2016-12-22 14:02 - 2016-12-21 19:26 - 00246592 _____ () C:\Program Files (x86)\Dropbox\Client\breakpad.client.windows.handler.pyd
2016-12-22 14:02 - 2016-12-21 19:26 - 00026456 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox.infinite.win.compiled._driverinstallation.pyd
2016-08-04 23:23 - 2016-11-11 21:37 - 00241104 _____ () C:\Program Files (x86)\Dropbox\Client\_jpegtran.pyd
2016-12-22 14:02 - 2016-12-21 19:26 - 00020280 _____ () C:\Program Files (x86)\Dropbox\Client\cpuid.compiled._cpuid.pyd
2016-04-06 17:25 - 2016-11-11 21:39 - 00028616 _____ () C:\Program Files (x86)\Dropbox\Client\win32ts.pyd
2016-04-06 17:25 - 2016-12-21 19:26 - 00023376 _____ () C:\Program Files (x86)\Dropbox\Client\winscreenshot.compiled._CaptureScreenshot.pyd
2016-04-06 17:25 - 2016-12-21 19:26 - 00020800 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.iphlpapi._winffi_iphlpapi.pyd
2016-04-06 17:25 - 2016-12-21 19:26 - 00019776 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winerror._winffi_winerror.pyd
2016-04-06 17:25 - 2016-12-21 19:26 - 00020800 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.wininet._winffi_wininet.pyd
2016-04-06 17:25 - 2016-11-11 21:39 - 00350152 _____ () C:\Program Files (x86)\Dropbox\Client\winxpgui.pyd
2016-04-06 17:25 - 2016-12-21 19:26 - 00022352 _____ () C:\Program Files (x86)\Dropbox\Client\winverifysignature.compiled._VerifySignature.pyd
2016-12-22 14:02 - 2016-12-21 19:26 - 00024392 _____ () C:\Program Files (x86)\Dropbox\Client\librsyncffi.compiled._librsyncffi.pyd
2016-12-22 14:02 - 2016-11-11 21:35 - 00036296 _____ () C:\Program Files (x86)\Dropbox\Client\librsync.dll
2016-12-22 14:02 - 2016-12-21 19:26 - 00084280 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_sqlite_ext.DLL
2016-12-22 14:02 - 2016-12-21 19:26 - 01826096 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtCore.pyd
2016-04-06 17:25 - 2016-11-11 21:37 - 00083912 _____ () C:\Program Files (x86)\Dropbox\Client\sip.pyd
2016-12-22 14:02 - 2016-12-21 19:26 - 00531248 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtNetwork.pyd
2016-12-22 14:02 - 2016-12-21 19:26 - 03928880 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWidgets.pyd
2016-12-22 14:02 - 2016-12-21 19:26 - 01972528 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtGui.pyd
2016-12-22 14:02 - 2016-12-21 19:26 - 00133424 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKit.pyd
2016-12-22 14:02 - 2016-12-21 19:26 - 00224056 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKitWidgets.pyd
2016-12-22 14:02 - 2016-12-21 19:26 - 00207672 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtPrintSupport.pyd
2016-08-04 23:23 - 2016-12-21 19:26 - 00020288 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.user32._winffi_user32.pyd
2016-12-22 14:02 - 2016-11-11 21:42 - 00017864 _____ () C:\Program Files (x86)\Dropbox\Client\libEGL.dll
2016-12-22 14:02 - 2016-11-11 21:42 - 01631184 _____ () C:\Program Files (x86)\Dropbox\Client\libGLESv2.dll
2016-12-22 14:02 - 2016-12-21 19:26 - 00042808 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebChannel.pyd
2016-12-22 14:02 - 2016-12-21 19:26 - 00171320 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngineWidgets.pyd
2016-12-22 14:02 - 2016-12-21 19:26 - 00357680 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQml.pyd
2016-04-06 17:25 - 2016-11-11 21:39 - 00060880 _____ () C:\Program Files (x86)\Dropbox\Client\win32print.pyd
2016-08-04 23:23 - 2016-12-21 19:26 - 00024904 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winhttp.compiled._winffi_winhttp.pyd
2016-12-22 14:02 - 2016-12-21 19:26 - 00546096 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQuick.pyd
2017-01-08 15:23 - 2014-05-13 12:04 - 00109400 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2017-01-08 15:23 - 2014-05-13 12:04 - 00416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
2017-01-08 15:23 - 2014-05-13 12:04 - 00167768 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2016-12-13 12:59 - 2016-12-05 17:21 - 67304736 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.win7\libcef.dll
2015-09-05 14:57 - 2016-12-20 03:25 - 00388384 _____ () C:\Program Files (x86)\Steam\steam.dll
2015-09-05 14:57 - 2015-09-25 00:52 - 00119208 _____ () C:\Program Files (x86)\Steam\winh264.dll
2017-01-08 15:23 - 2012-08-23 10:38 - 00574840 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll
2017-01-08 15:23 - 2012-04-03 17:06 - 00565640 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\av\BDSmartDB.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2017-01-10 13:18 - 00000035 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-4016113358-843845156-2686539769-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Marvin\AppData\Local\DisplayFusion\Wallpaper_1
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{2C67024C-DC4B-4314-9C8B-057AE5ABCCE8}] => C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{52C9B7A2-64FC-4CE1-BE7D-258A25741A08}] => C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{AD82BC66-3211-4AFF-AB15-A20EE4F7E229}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{14E327E9-4066-49A2-8544-495618EE2CDE}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{129DBF11-1F8C-497C-AA60-16B561D33EEA}] => C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{169051FB-0C5F-4F54-BC54-4932336D2AB0}] => C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{078093FA-5DAE-4ED3-A4CF-F4E5E7D2CB26}] => C:\Program Files (x86)\Steam\steamapps\common\The Binding Of Isaac\Isaac.exe
FirewallRules: [{9FD1C2D6-7906-4318-A23C-E192FBD43156}] => C:\Program Files (x86)\Steam\steamapps\common\The Binding Of Isaac\Isaac.exe
FirewallRules: [{E553F81E-6859-4F48-8BD2-2B1027A62D75}] => C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{E930793D-DE5A-4CA0-B77B-EAF8F6F960D4}] => C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{C335B409-E9C8-4696-98D0-FDB4F87DDC36}] => D:\SteamLibrary2\steamapps\common\Fine Sweeper\Fine Sweeper.exe
FirewallRules: [{AE233376-CDF0-4D65-BA6A-D33D6365EDC9}] => D:\SteamLibrary2\steamapps\common\Fine Sweeper\Fine Sweeper.exe
FirewallRules: [{96230585-A1DA-4710-AF5C-1304C89991D5}] => D:\SteamLibrary2\steamapps\common\Team Fortress 2\hl2.exe
FirewallRules: [{009D2D9A-0A85-4A44-B40F-73A12D35D250}] => D:\SteamLibrary2\steamapps\common\Team Fortress 2\hl2.exe
FirewallRules: [{8C9891A1-1FA2-477C-BA45-A25FB9B92113}] => D:\SteamLibrary2\steamapps\common\Mad Max\MadMax.exe
FirewallRules: [{F93FD07B-352B-4010-B2CB-1839EFF573C7}] => D:\SteamLibrary2\steamapps\common\Mad Max\MadMax.exe
FirewallRules: [{520998B0-63E3-43A0-A903-3D21DF510F79}] => D:\SteamLibrary2\steamapps\common\Skyborn\Game.exe
FirewallRules: [{FD148EBC-ABAF-4294-9F3E-8C76090C81EF}] => D:\SteamLibrary2\steamapps\common\Skyborn\Game.exe
FirewallRules: [{7C44DA4A-40FB-4AD2-87D9-1CB8426EFED0}] => C:\Users\Marvin\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{F5D217C4-4EDB-4251-BC68-C42F3E0E8818}] => C:\Users\Marvin\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{C0457E1B-4D27-4302-9D5A-A67794A081CB}] => D:\SteamLibrary2\steamapps\common\tbs\win32\The Banner Saga.exe
FirewallRules: [{018665DB-381B-4249-8A7C-88C910A5A92F}] => D:\SteamLibrary2\steamapps\common\tbs\win32\The Banner Saga.exe
FirewallRules: [{54458FA4-6EB8-42CC-A80B-FADEAB620123}] => F:\FSetup.exe
FirewallRules: [{BEA043F3-AB1B-4988-85F0-4F6B06C4223E}] => F:\FSetup.exe
FirewallRules: [{14F65062-EB39-4798-9D8A-4D5A865F06B5}] => D:\SteamLibrary2\steamapps\common\Counter-Strike Source\hl2.exe
FirewallRules: [{F33CCFB0-60C6-4F2B-998D-0996993D8DD4}] => D:\SteamLibrary2\steamapps\common\Counter-Strike Source\hl2.exe
FirewallRules: [{F7270DDA-B899-4893-A56D-642AC3120C51}] => C:\Program Files\HP\HP Deskjet 2540 series\Bin\DeviceSetup.exe
FirewallRules: [{3D086A43-BE50-472F-A1C1-3C8D1E2960FC}] => LPort=5357
FirewallRules: [{22C31F31-C114-49DD-96E9-CE31BA4A42AD}] => C:\Program Files\HP\HP Deskjet 2540 series\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [TCP Query User{54FC33AE-AE9E-4ECF-8184-41857E10B6EA}C:\users\marvin\appdata\roaming\spotify\spotify.exe] => C:\users\marvin\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{BD5A772D-7E44-4759-88BA-48E4A5F96BB5}C:\users\marvin\appdata\roaming\spotify\spotify.exe] => C:\users\marvin\appdata\roaming\spotify\spotify.exe
FirewallRules: [{60D11025-A6F7-41DD-8791-AAB06D7F61A6}] => D:\Battle Net Games\Hearthstone\Hearthstone.exe
FirewallRules: [{007CC6DF-CC7F-4BA5-BA31-40B240518B72}] => D:\Battle Net Games\Hearthstone\Hearthstone.exe
FirewallRules: [{681930F8-C1C6-429C-A186-9A2F769D7D63}] => D:\SteamLibrary2\steamapps\common\Monaco\MONACO.exe
FirewallRules: [{FE48D0CF-EC49-4097-A142-ED3C5547BC19}] => D:\SteamLibrary2\steamapps\common\Monaco\MONACO.exe
FirewallRules: [TCP Query User{647A6EFE-B391-4B64-8951-4EEF599154A4}D:\origin games\battlefield 4\bf4.exe] => D:\origin games\battlefield 4\bf4.exe
FirewallRules: [UDP Query User{A5F2208D-30E9-49D1-B908-5C959896B1CA}D:\origin games\battlefield 4\bf4.exe] => D:\origin games\battlefield 4\bf4.exe
FirewallRules: [{2B504F76-0490-4133-BCBF-5675D3CF0D13}] => D:\SteamLibrary2\steamapps\common\Bionic_Dues\Bionic.exe
FirewallRules: [{B6657BBB-6EBE-4FBA-AADC-973EFEE18990}] => D:\SteamLibrary2\steamapps\common\Bionic_Dues\Bionic.exe
FirewallRules: [{30DA0CC5-6031-49A7-8478-6D4423165B57}] => D:\Origin Games\STAR WARS Battlefront Beta\starwarsbattlefront.exe
FirewallRules: [{61AEC935-F92E-4BC0-B732-594F00592BF5}] => D:\Origin Games\STAR WARS Battlefront Beta\starwarsbattlefront.exe
FirewallRules: [{FF174677-EDC1-4CE9-94C4-CBEF8A5C2F81}] => C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{014B0979-388C-4777-91AC-801E0E6F89AA}] => C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{CCA7CDEB-C500-460E-AE48-A3A68DA060A9}] => C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{311DD911-DC6B-4259-A70B-97694993B5D7}] => C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{40F1223A-5435-4EB0-90A7-7D74F4EB51F5}] => D:\Origin Games\Battlefield Bad Company 2\BFBC2Game.exe
FirewallRules: [{A742BC14-4049-4014-BA4D-F3B48792F747}] => D:\Origin Games\Battlefield Bad Company 2\BFBC2Game.exe
FirewallRules: [TCP Query User{01352EF0-7CB0-49BE-8589-EF386A74FFB5}D:\battle net games\starcraft ii - legacy of the void beta\versions\base37164\sc2_x64.exe] => D:\battle net games\starcraft ii - legacy of the void beta\versions\base37164\sc2_x64.exe
FirewallRules: [UDP Query User{75D3C9EB-9B38-4358-94E5-4C62D5A6A767}D:\battle net games\starcraft ii - legacy of the void beta\versions\base37164\sc2_x64.exe] => D:\battle net games\starcraft ii - legacy of the void beta\versions\base37164\sc2_x64.exe
FirewallRules: [{06291B2E-0FB5-4483-B9F0-1D6387714701}] => D:\SteamLibrary2\steamapps\common\Gunpoint\Gunpoint.exe
FirewallRules: [{22583C7A-FB6E-47B6-A2ED-9DCAD531BD51}] => D:\SteamLibrary2\steamapps\common\Gunpoint\Gunpoint.exe
FirewallRules: [{198581A9-1D51-4E9B-AF2A-F55FC1A06106}] => D:\SteamLibrary2\steamapps\common\The Ship Single Player\ship.exe
FirewallRules: [{DB0FA115-A0AC-44B0-BFFC-CE32C388E04F}] => D:\SteamLibrary2\steamapps\common\The Ship Single Player\ship.exe
FirewallRules: [{5756E919-A02F-42FA-8DA2-3C58C9988CCD}] => D:\SteamLibrary2\steamapps\common\The Ship\ship.exe
FirewallRules: [{A6481242-7297-4090-BD13-1775ADD7A08B}] => D:\SteamLibrary2\steamapps\common\The Ship\ship.exe
FirewallRules: [{E1B3C425-7A16-4AEF-86A9-FFA6FE518590}] => D:\Origin Games\Need for Speed The Run\Need For Speed The Run.exe
FirewallRules: [{07E23BBF-B0AC-4D8E-9E9B-9EB78818554D}] => D:\Origin Games\Need for Speed The Run\Need For Speed The Run.exe
FirewallRules: [{0A1D96D5-3C6F-43FB-B3E5-4C229AE224C5}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{E1B76222-696E-4889-8692-D1A2F162E6E3}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{945393B7-0AB3-4867-A835-CFDA8A5D9CA5}] => D:\SteamLibrary2\steamapps\common\Call of Duty Modern Warfare 3\iw5mp.exe
FirewallRules: [{6800929E-6C93-4D0C-B46D-89C7C172F8E3}] => D:\SteamLibrary2\steamapps\common\Call of Duty Modern Warfare 3\iw5mp.exe
FirewallRules: [{2681F1A1-F6F4-4CF0-ADE4-591E5C281A3E}] => D:\SteamLibrary2\steamapps\common\Velocibox\Velocibox.exe
FirewallRules: [{C18C9176-B8B6-47FF-A573-A35925CF04A1}] => D:\SteamLibrary2\steamapps\common\Velocibox\Velocibox.exe
FirewallRules: [{AF66DE81-46C8-4BC0-A8E0-4DCBA79747CA}] => D:\SteamLibrary2\steamapps\common\Distance\Distance.exe
FirewallRules: [{B0852FD9-1130-4FC4-8A6E-2FFF291AE5D1}] => D:\SteamLibrary2\steamapps\common\Distance\Distance.exe
FirewallRules: [{69A0E37D-3266-45B2-BBCA-DA7312B41049}] => C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{9AF6C141-AF24-4985-A26E-FFA0149C8E60}] => C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{2C340C38-0B26-4BA8-8449-50F45EF51956}] => C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [{E6620324-6937-4A32-9DCF-FD5AA0EC06F3}] => C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [{6C67B8D7-6D29-46E7-8C9F-C5CA4A2AA24E}] => C:\Program Files (x86)\Steam\steamapps\common\Half-Life\hl.exe
FirewallRules: [{C1C44579-42E9-45DE-8718-75E7555A834B}] => C:\Program Files (x86)\Steam\steamapps\common\Half-Life\hl.exe
FirewallRules: [{49D0AF96-8BA0-498D-82F0-6BED639B3F00}] => D:\SteamLibrary2\steamapps\common\Dr Langeskov The Tiger and The Terribly Cursed Emerald A Whirlwind Heist\DrLangeskov.exe
FirewallRules: [{43E90CDC-71DE-463D-B12D-1A75D722412D}] => D:\SteamLibrary2\steamapps\common\Dr Langeskov The Tiger and The Terribly Cursed Emerald A Whirlwind Heist\DrLangeskov.exe
FirewallRules: [{12BAE19A-1AA1-44FB-BE77-8960E239E938}] => D:\SteamLibrary2\steamapps\common\Brawlhalla\Brawlhalla.exe
FirewallRules: [{16E8671D-B9D1-4115-861C-4C167191E8D2}] => D:\SteamLibrary2\steamapps\common\Brawlhalla\Brawlhalla.exe
FirewallRules: [TCP Query User{C19518B1-FB8E-4656-8B09-36379EDBAB17}D:\steamlibrary2\steamapps\common\portal stories mel\portal2.exe] => D:\steamlibrary2\steamapps\common\portal stories mel\portal2.exe
FirewallRules: [UDP Query User{9C3F3F23-32BA-4B53-AED4-671063BE47DD}D:\steamlibrary2\steamapps\common\portal stories mel\portal2.exe] => D:\steamlibrary2\steamapps\common\portal stories mel\portal2.exe
FirewallRules: [TCP Query User{0D50C0B1-AE55-4CDC-A8E2-83FE8CCA1A40}D:\steamlibrary2\steamapps\common\alien isolation\ai.exe] => D:\steamlibrary2\steamapps\common\alien isolation\ai.exe
FirewallRules: [UDP Query User{600D271E-D530-45C6-BDA2-5BD835F3CBCC}D:\steamlibrary2\steamapps\common\alien isolation\ai.exe] => D:\steamlibrary2\steamapps\common\alien isolation\ai.exe
FirewallRules: [{DF9637FE-9271-4755-83CA-64EC22124DCC}] => D:\SteamLibrary2\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [{A4640C5F-93EF-475F-A849-544277DA8FBD}] => D:\SteamLibrary2\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [{BC065E74-9DFB-44F7-9093-3E8B5D901608}] => C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [TCP Query User{9C45B3AC-4CB2-459A-8422-778B25383CB9}C:\program files (x86)\java\jre1.8.0_66\bin\javaw.exe] => C:\program files (x86)\java\jre1.8.0_66\bin\javaw.exe
FirewallRules: [UDP Query User{5E83E391-249A-4DB4-BE6C-F854329B3442}C:\program files (x86)\java\jre1.8.0_66\bin\javaw.exe] => C:\program files (x86)\java\jre1.8.0_66\bin\javaw.exe
FirewallRules: [TCP Query User{2FF6C920-B74A-4E0D-819E-D56337F2EB23}C:\program files (x86)\java\jre1.8.0_66\bin\java.exe] => C:\program files (x86)\java\jre1.8.0_66\bin\java.exe
FirewallRules: [UDP Query User{E27BAD56-AB74-4D21-A893-336DD260CACE}C:\program files (x86)\java\jre1.8.0_66\bin\java.exe] => C:\program files (x86)\java\jre1.8.0_66\bin\java.exe
FirewallRules: [{2CABC0C9-2329-4A54-823E-E74629960D96}] => D:\SteamLibrary2\steamapps\common\The Talos Principle\Bin\Talos.exe
FirewallRules: [{4A2ED845-1DBE-4666-9E54-CFDE0337583A}] => D:\SteamLibrary2\steamapps\common\The Talos Principle\Bin\Talos.exe
FirewallRules: [{763DE35C-D07C-4A62-B596-91BE2DAA1FFD}] => D:\SteamLibrary2\steamapps\common\The Talos Principle\Bin\Talos_Unrestricted.exe
FirewallRules: [{7F45ABBA-92AF-4F8D-8BF8-27270D43A9C1}] => D:\SteamLibrary2\steamapps\common\The Talos Principle\Bin\Talos_Unrestricted.exe
FirewallRules: [{6003E9CD-A138-4031-B09D-9D65D7BAAFF1}] => D:\SteamLibrary2\steamapps\common\The Talos Principle\Bin\x64\Talos.exe
FirewallRules: [{A79D523A-6610-4CE5-9EF4-0C43F9F0B3DD}] => D:\SteamLibrary2\steamapps\common\The Talos Principle\Bin\x64\Talos.exe
FirewallRules: [{6D24357E-B5EE-42E2-A7BF-ED36973295EB}] => D:\SteamLibrary2\steamapps\common\The Talos Principle\Bin\x64\Talos_Unrestricted.exe
FirewallRules: [{9D9F7801-388C-49AB-82A7-74FFD38BDC4D}] => D:\SteamLibrary2\steamapps\common\The Talos Principle\Bin\x64\Talos_Unrestricted.exe
FirewallRules: [{CC3BEC4B-F9EA-4A41-A74B-DBE5B5ADFE0A}] => D:\Origin Games\Battlefield 4\BF4WebHelper.exe
FirewallRules: [{DF06961E-9960-4F51-B55F-47624BEEB7DA}] => D:\Origin Games\Battlefield 4\BF4WebHelper.exe
FirewallRules: [{F15ED7ED-329F-4608-9F58-C420C07DE427}] => D:\Origin Games\Battlefield 4\BF4X86WebHelper.exe
FirewallRules: [{E5B1B159-E816-460F-BF5C-8BB6AC88CA6F}] => D:\Origin Games\Battlefield 4\BF4X86WebHelper.exe
FirewallRules: [{B443FBA7-2848-4CFC-812E-5151B025666F}] => D:\Origin Games\Titanfall\Titanfall.exe
FirewallRules: [{05950F9F-92DE-40E3-B8F0-D5F0B7FED4FF}] => D:\Origin Games\Titanfall\Titanfall.exe
FirewallRules: [{8992FF96-67B3-4CAB-BB72-ADE46920965C}] => D:\SteamLibrary2\steamapps\common\Cities_Skylines\Cities.exe
FirewallRules: [{B4E7D120-3B2C-4175-B5A8-0BDDB77B3DF5}] => D:\SteamLibrary2\steamapps\common\Cities_Skylines\Cities.exe
FirewallRules: [{0AF7D012-5356-4BEA-A25D-A8A5F5525E3D}] => D:\SteamLibrary2\steamapps\common\Prison Architect\Prison Architect.exe
FirewallRules: [{23FCFBDE-AFA6-4D7D-AD8E-58F54863334F}] => D:\SteamLibrary2\steamapps\common\Prison Architect\Prison Architect.exe
FirewallRules: [{B34222C4-CF8D-4912-828B-98D66889BDB0}] => D:\SteamLibrary2\steamapps\common\Portal 2\portal2.exe
FirewallRules: [{08313B4B-831B-4D22-89C7-A2446F2DC868}] => D:\SteamLibrary2\steamapps\common\Portal 2\portal2.exe
FirewallRules: [{6EA2A39E-D5CE-4E6F-97B1-FC72AA45D541}] => E:\Files\StarCraft II 2\Versions\Base39576\SC2_x64.exe
FirewallRules: [{625DD56D-7837-4399-A13C-8988BBACBB28}] => E:\Files\StarCraft II 2\Versions\Base39576\SC2_x64.exe
FirewallRules: [{40891563-B988-46EA-9820-B7C5E464B166}] => D:\SteamLibrary2\steamapps\common\Don't Starve Together\bin\dontstarve_steam.exe
FirewallRules: [{50E31DE1-BCEB-43B2-A993-F186683BB640}] => D:\SteamLibrary2\steamapps\common\Don't Starve Together\bin\dontstarve_steam.exe
FirewallRules: [{3D9C6597-B922-4202-B955-03224C20A984}] => D:\SteamLibrary2\steamapps\common\Prison Architect\Prison Architect Safe Mode.exe
FirewallRules: [{190A8C82-862C-4A73-B3BD-1F951E22AAF2}] => D:\SteamLibrary2\steamapps\common\Prison Architect\Prison Architect Safe Mode.exe
FirewallRules: [{7219BC4D-3E4F-4576-988B-00DBABE989E7}] => D:\SteamLibrary2\steamapps\common\dont_starve\bin\dontstarve_steam.exe
FirewallRules: [{0694F81E-A89C-4A66-977E-7F5CF48BE772}] => D:\SteamLibrary2\steamapps\common\dont_starve\bin\dontstarve_steam.exe
FirewallRules: [{7CA5FEF0-87EA-4438-9DD0-17B73E15EAE5}] => E:\Files\StarCraft II 2\Versions\Base41743\SC2_x64.exe
FirewallRules: [{D636D9FA-939C-4B65-A172-66F716596E13}] => E:\Files\StarCraft II 2\Versions\Base41743\SC2_x64.exe
FirewallRules: [{3CDF4703-E5D5-4713-8862-17CA78560788}] => E:\Files\StarCraft II 2\Versions\Base41743\SC2_x64.exe
FirewallRules: [{EAFF5FFF-7F7C-46CD-BAD7-84E1011B35AF}] => E:\Files\StarCraft II 2\Versions\Base41743\SC2_x64.exe
FirewallRules: [TCP Query User{55482BD3-AA22-4146-AA31-442043D5DDF9}C:\gog games\enter the gungeon\etg.exe] => C:\gog games\enter the gungeon\etg.exe
FirewallRules: [UDP Query User{CE7A66C2-99D4-4A01-9C2E-DA0E4D070019}C:\gog games\enter the gungeon\etg.exe] => C:\gog games\enter the gungeon\etg.exe
FirewallRules: [{BD410568-C2D8-4E75-B531-B9981040E885}] => C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{C6C5A191-9C82-4C67-B429-EA617663A79F}] => LPort=2869
FirewallRules: [{20479539-82B1-413E-8E2E-9FDE981C278A}] => LPort=1900
FirewallRules: [{21CC8884-23C9-440F-B3FC-8054362CEF46}] => E:\Files\StarCraft II 2\Versions\Base42253\SC2_x64.exe
FirewallRules: [{58D02992-1E07-43F8-86BD-440A307566FF}] => E:\Files\StarCraft II 2\Versions\Base42253\SC2_x64.exe
FirewallRules: [TCP Query User{DC6D1EED-0862-4BA2-B3CF-13D041B47EB2}D:\battle net games\overwatch\overwatch.exe] => D:\battle net games\overwatch\overwatch.exe
FirewallRules: [UDP Query User{541CC553-77EB-40FE-A7EE-350BD99116AA}D:\battle net games\overwatch\overwatch.exe] => D:\battle net games\overwatch\overwatch.exe
FirewallRules: [{5A52CCD4-9F08-4721-BC33-33143B7BF968}] => E:\Files\StarCraft II 2\Versions\Base42932\SC2_x64.exe
FirewallRules: [{D5E5EEFD-2B94-4B86-9B43-19569D6E6218}] => E:\Files\StarCraft II 2\Versions\Base42932\SC2_x64.exe
FirewallRules: [{A0B1201F-2DEA-4133-904A-9A3E134C56BA}] => D:\SteamLibrary2\steamapps\common\Terraria\Terraria.exe
FirewallRules: [{3FB5DB0B-A1E0-48EF-A7F9-1E11620B88BA}] => D:\SteamLibrary2\steamapps\common\Terraria\Terraria.exe
FirewallRules: [{604CA1CF-3DA8-4987-AE2D-8F1AC569A4FE}] => D:\SteamLibrary2\steamapps\common\Age2HD\Launcher.exe
FirewallRules: [{3F247AF4-BCCE-4598-AF4B-F570DDE0DC4F}] => D:\SteamLibrary2\steamapps\common\Age2HD\Launcher.exe
FirewallRules: [{C780D536-056F-46C2-89F9-C75A4AD8D85E}] => D:\SteamLibrary2\steamapps\common\Stronghold Crusader Extreme\Stronghold_Crusader_Extreme.exe
FirewallRules: [{44BE9D03-20AF-4F1E-9C20-C00BB9F15CF8}] => D:\SteamLibrary2\steamapps\common\Stronghold Crusader Extreme\Stronghold_Crusader_Extreme.exe
FirewallRules: [{C3F8211B-A747-4C36-8FA7-BCD51262422F}] => D:\SteamLibrary2\steamapps\common\Stronghold Crusader Extreme\Stronghold Crusader.exe
FirewallRules: [{50D7A03F-AAB7-4D14-9B3C-F7CB78BAC7CB}] => D:\SteamLibrary2\steamapps\common\Stronghold Crusader Extreme\Stronghold Crusader.exe
FirewallRules: [{C813053E-85C3-4FCE-A98F-F64AB377515C}] => D:\Program Files (x86)\Mr DJ\Need For Speed Most Wanted Black Edition\speed.exe
FirewallRules: [{02AEF83E-A419-4848-9A95-BF8F65230AB4}] => D:\Program Files (x86)\Mr DJ\Need For Speed Most Wanted Black Edition\speed.exe
FirewallRules: [{A6270AD3-B51A-4767-B29E-5230302EBC74}] => D:\SteamLibrary2\steamapps\common\FlatOut2\FlatOut2.exe
FirewallRules: [{BB18A7A7-A6AE-41F9-A3D2-3BA26932ABF8}] => D:\SteamLibrary2\steamapps\common\FlatOut2\FlatOut2.exe
FirewallRules: [{62E27FF0-8270-41AE-A1AA-61425B2814CA}] => D:\SteamLibrary2\steamapps\common\Trine 2\trine2_launcher.exe
FirewallRules: [{E2AA4C60-776A-478C-884C-4277DDCB44C5}] => D:\SteamLibrary2\steamapps\common\Trine 2\trine2_launcher.exe
FirewallRules: [TCP Query User{B36987E6-DA30-41C1-B78F-88FEB396BA37}D:\steamlibrary2\steamapps\common\trine 2\trine2_32bit.exe] => D:\steamlibrary2\steamapps\common\trine 2\trine2_32bit.exe
FirewallRules: [UDP Query User{F0EA91A2-71BF-492F-8A89-D459AAA35E2A}D:\steamlibrary2\steamapps\common\trine 2\trine2_32bit.exe] => D:\steamlibrary2\steamapps\common\trine 2\trine2_32bit.exe
FirewallRules: [{985B2F18-0DA9-4BE0-9519-79F679DAF809}] => D:\SteamLibrary2\steamapps\common\Company of Heroes 2\RelicCoH2.exe
FirewallRules: [{6496500F-62C6-4B53-B07B-F5A3A211FC46}] => D:\SteamLibrary2\steamapps\common\Company of Heroes 2\RelicCoH2.exe
FirewallRules: [{3DC9802E-1254-43AA-ACA9-ED0848637A91}] => D:\SteamLibrary2\steamapps\common\TheRoomTwo\TheRoomTwo.exe
FirewallRules: [{04B5B5DA-723A-4013-AD21-D79F57877A2C}] => D:\SteamLibrary2\steamapps\common\TheRoomTwo\TheRoomTwo.exe
FirewallRules: [TCP Query User{A3BA3E4F-10F1-4871-B872-8D0FBFA3BE0D}D:\steamlibrary2\steamapps\common\trackmania nations forever\tmforever.exe] => D:\steamlibrary2\steamapps\common\trackmania nations forever\tmforever.exe
FirewallRules: [UDP Query User{4C132067-F08A-42B9-AF92-79749DDC6A03}D:\steamlibrary2\steamapps\common\trackmania nations forever\tmforever.exe] => D:\steamlibrary2\steamapps\common\trackmania nations forever\tmforever.exe
FirewallRules: [{130362D6-B9CE-4064-897B-2F85AB365F5E}] => D:\SteamLibrary2\steamapps\common\FreeStyle2\LauncherSteam.exe
FirewallRules: [{BACF3C9F-C771-40FB-9B3C-5A2BE79A8076}] => D:\SteamLibrary2\steamapps\common\FreeStyle2\LauncherSteam.exe
FirewallRules: [TCP Query User{6DC74B46-5DE6-4DEE-99F0-2ECE7EEEDBF6}C:\users\marvin\appdata\roaming\spotify\spotify.exe] => C:\users\marvin\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{27DDE796-950E-4045-AD88-DDFD83D9AE2A}C:\users\marvin\appdata\roaming\spotify\spotify.exe] => C:\users\marvin\appdata\roaming\spotify\spotify.exe
FirewallRules: [{6CAFCF52-E329-419A-A260-16B830758CFE}] => D:\SteamLibrary2\steamapps\common\ManiaPlanet_TMCanyon\ManiaPlanet.exe
FirewallRules: [{E2141F5F-AE7B-4B46-9164-7B97AF28B215}] => D:\SteamLibrary2\steamapps\common\ManiaPlanet_TMCanyon\ManiaPlanet.exe
FirewallRules: [{157414F4-28E8-414E-8121-BF5BE1627F46}] => D:\SteamLibrary2\steamapps\common\Dishonored\Binaries\Win32\Dishonored.exe
FirewallRules: [{13CED9B7-DE2A-4F03-8652-2487A048341E}] => D:\SteamLibrary2\steamapps\common\Dishonored\Binaries\Win32\Dishonored.exe
FirewallRules: [{790B1BDF-25FA-454E-9D64-D9487D636CF2}] => D:\SteamLibrary2\steamapps\common\Super Meat Boy\SuperMeatBoy.exe
FirewallRules: [{F4AE393F-F1BF-497F-8EED-ED76D40F316F}] => D:\SteamLibrary2\steamapps\common\Super Meat Boy\SuperMeatBoy.exe
FirewallRules: [TCP Query User{11F1608C-BFF3-47F3-929A-7DD7C89EF38D}D:\origin games\battlefield 4\bf4.exe] => D:\origin games\battlefield 4\bf4.exe
FirewallRules: [UDP Query User{C9965CC4-661C-4F6F-B4B3-7DD71C96796C}D:\origin games\battlefield 4\bf4.exe] => D:\origin games\battlefield 4\bf4.exe
FirewallRules: [TCP Query User{2841BF19-E797-4C58-B406-40F14C5F83F3}D:\origin games\battlefield bad company 2\bfbc2game.exe] => D:\origin games\battlefield bad company 2\bfbc2game.exe
FirewallRules: [UDP Query User{75B87E49-279D-481E-AB57-53A5FB1F2833}D:\origin games\battlefield bad company 2\bfbc2game.exe] => D:\origin games\battlefield bad company 2\bfbc2game.exe
FirewallRules: [{7EC9ED00-0873-4C75-98C7-8B1B633473B1}] => C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{FB6F2570-1429-41C0-8DDC-22EC64725726}] => C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{FB7D1C11-C2EA-4466-A264-DB2CBC34A0AD}] => C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{D2784565-EED7-413F-A033-4C79CC252477}] => C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{03D858A8-891C-45F4-9ADE-6B03801E9B72}] => C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{58A2C62B-3121-4CCF-B5B8-A724C6D8ABC8}] => C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{6931E6E7-A38E-415A-9A10-475B778FD92A}] => C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{D18B0565-4C37-4AB0-997F-9215093FDC82}] => C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{68E05207-A717-49D8-B227-6B575701B61C}] => D:\SteamLibrary2\steamapps\common\Dark Souls II Scholar of the First Sin\Game\DarkSoulsII.exe
FirewallRules: [{9267A602-1433-435C-AF13-D703F9C957BA}] => D:\SteamLibrary2\steamapps\common\Dark Souls II Scholar of the First Sin\Game\DarkSoulsII.exe
FirewallRules: [{A4A353D7-A425-41D6-BFC4-3A085F8808BA}] => D:\SteamLibrary2\steamapps\common\Tom Clancy's Splinter Cell Blacklist\Blacklist_Launcher.exe
FirewallRules: [{A301EB7D-7BD7-4C8E-A414-F5FA3B226930}] => D:\SteamLibrary2\steamapps\common\Tom Clancy's Splinter Cell Blacklist\Blacklist_Launcher.exe
FirewallRules: [{0B217961-2D9E-4F00-A7BD-E6F72648CFD9}] => D:\SteamLibrary2\steamapps\common\Tom Clancy's Splinter Cell Blacklist\src\SYSTEM\Blacklist_game.exe
FirewallRules: [{8B98E7E3-1C8A-465E-BE5E-83412440DD24}] => D:\SteamLibrary2\steamapps\common\Tom Clancy's Splinter Cell Blacklist\src\SYSTEM\Blacklist_game.exe
FirewallRules: [{3ABD7847-D2A9-4274-9D03-FBF5F09D0EA6}] => D:\SteamLibrary2\steamapps\common\Tom Clancy's Splinter Cell Blacklist\src\SYSTEM\Blacklist_DX11_game.exe
FirewallRules: [{BDBE934F-3142-416F-B96F-CB24F1C31F67}] => D:\SteamLibrary2\steamapps\common\Tom Clancy's Splinter Cell Blacklist\src\SYSTEM\Blacklist_DX11_game.exe
FirewallRules: [{15FB6868-48F4-4F51-A837-A87160D1B72C}] => D:\SteamLibrary2\steamapps\common\Tom Clancy's Splinter Cell Blacklist\src\SYSTEM\gu.exe
FirewallRules: [{A8B4C5E4-3156-45B5-8468-6F7629C8CDAC}] => D:\SteamLibrary2\steamapps\common\Tom Clancy's Splinter Cell Blacklist\src\SYSTEM\gu.exe
FirewallRules: [TCP Query User{978249A7-E3CA-4254-AA17-FD7FFC4EDF3D}D:\origin games\fifa 17 demo\fifa17_demo.exe] => D:\origin games\fifa 17 demo\fifa17_demo.exe
FirewallRules: [UDP Query User{972369D7-BF66-41B7-ADFC-FCBCF9908D7D}D:\origin games\fifa 17 demo\fifa17_demo.exe] => D:\origin games\fifa 17 demo\fifa17_demo.exe
FirewallRules: [{C8D576DD-9C55-467F-A9F1-A20256AB7B27}] => D:\SteamLibrary2\steamapps\common\Mafia II\pc\mafia2.exe
FirewallRules: [{E1AE626D-105E-479C-9708-7663599A4724}] => D:\SteamLibrary2\steamapps\common\Mafia II\pc\mafia2.exe
FirewallRules: [TCP Query User{2130A400-1A75-4E97-8252-B394C98186F0}D:\origin games\fifa 17\fifa17.exe] => D:\origin games\fifa 17\fifa17.exe
FirewallRules: [UDP Query User{A94C4A47-B01E-426C-9D8F-33E75F426213}D:\origin games\fifa 17\fifa17.exe] => D:\origin games\fifa 17\fifa17.exe
FirewallRules: [{AFD55FF9-6C2C-4514-AD82-63B8C7BEF230}] => D:\Origin Games\Burnout Paradise\BurnoutParadise.exe
FirewallRules: [{75750E89-6CEA-44E1-8327-B37BDF9F380B}] => D:\Origin Games\Burnout Paradise\BurnoutParadise.exe
FirewallRules: [{EB0573A6-634F-42A9-8DC3-015C818D0BAF}] => D:\SteamLibrary2\steamapps\common\EvolveGame\bin64_SteamRetail\Evolve.exe
FirewallRules: [{C29F4CB3-CF7E-4909-946B-BE24CE91E86C}] => D:\SteamLibrary2\steamapps\common\EvolveGame\bin64_SteamRetail\Evolve.exe
FirewallRules: [TCP Query User{8CDAEB39-36B6-4964-ABD1-84DAF026AE3C}D:\battle net games\hearthstone\hearthstone.exe] => D:\battle net games\hearthstone\hearthstone.exe
FirewallRules: [UDP Query User{9FF1126F-CE84-46F0-97CF-B283362D70CA}D:\battle net games\hearthstone\hearthstone.exe] => D:\battle net games\hearthstone\hearthstone.exe
FirewallRules: [{2A41F4F2-B79A-4047-BE74-9EFA19E292EC}] => D:\SteamLibrary2\steamapps\common\BlockNLoad\Win64\BlockNLoad.exe
FirewallRules: [{3370B26E-1739-400F-A0BC-04D343CA49D1}] => D:\SteamLibrary2\steamapps\common\BlockNLoad\Win64\BlockNLoad.exe
FirewallRules: [{0E1EF994-DE8D-4AF9-B260-D3EB90382EE0}] => D:\SteamLibrary2\steamapps\common\dont_starve\bin\dontstarve_steam.exe
FirewallRules: [{E8FFAB56-AC8A-40C5-AC11-2A37607C0D90}] => D:\SteamLibrary2\steamapps\common\dont_starve\bin\dontstarve_steam.exe
FirewallRules: [{A2E6A700-BF36-4C8D-B0AC-44DBE087EB4E}] => D:\SteamLibrary2\steamapps\common\Darksiders II Deathinitive Edition\Darksiders2.exe
FirewallRules: [{499F64A3-381C-49E2-AF09-F10230E83B6D}] => D:\SteamLibrary2\steamapps\common\Darksiders II Deathinitive Edition\Darksiders2.exe
FirewallRules: [{3983C252-EAC3-4D0E-A37D-01EC41D8474E}] => D:\SteamLibrary2\steamapps\common\Reus\Reus.exe
FirewallRules: [{F3FBB721-9D63-4EA8-A938-4C97538C2143}] => D:\SteamLibrary2\steamapps\common\Reus\Reus.exe
FirewallRules: [{46398286-1FEA-426F-9352-7C75E07C02CB}] => D:\SteamLibrary2\steamapps\common\World of Goo\WorldOfGoo.exe
FirewallRules: [{60436BA4-6FAE-4446-8D67-FFC7E56952BC}] => D:\SteamLibrary2\steamapps\common\World of Goo\WorldOfGoo.exe
FirewallRules: [{D684CC3E-1515-4DA8-9E90-BF08D90E7934}] => D:\SteamLibrary2\steamapps\common\Darksiders Warmastered Edition\darksiders1.exe
FirewallRules: [{77435157-5E03-47C1-8472-50EACA04C981}] => D:\SteamLibrary2\steamapps\common\Darksiders Warmastered Edition\darksiders1.exe
FirewallRules: [{8B18436B-95F7-4998-A0BF-1F102B9AE7D8}] => D:\SteamLibrary2\steamapps\common\TOXIKK\Binaries\Win32\TOXIKK.exe
FirewallRules: [{C09F3631-6BD3-4F25-B747-521A6F57618E}] => D:\SteamLibrary2\steamapps\common\TOXIKK\Binaries\Win32\TOXIKK.exe
FirewallRules: [{1B759394-8789-4751-838D-11F65701AFA4}] => D:\SteamLibrary2\steamapps\common\Golf With Your Friends\Golf With Your Friends.exe
FirewallRules: [{C7F5C3B3-76DF-4300-9BE1-5013C9DB4CEE}] => D:\SteamLibrary2\steamapps\common\Golf With Your Friends\Golf With Your Friends.exe
FirewallRules: [TCP Query User{0A88EE2A-FF4E-46CA-BF41-0E2EB85B0486}C:\users\marvin\appdata\local\amazon music\amazon music helper.exe] => C:\users\marvin\appdata\local\amazon music\amazon music helper.exe
FirewallRules: [UDP Query User{DE40AC2E-F40D-4C27-B630-A191B1DE905B}C:\users\marvin\appdata\local\amazon music\amazon music helper.exe] => C:\users\marvin\appdata\local\amazon music\amazon music helper.exe
FirewallRules: [{B5DDBC43-4B11-4512-805A-E775531D17EB}] => D:\SteamLibrary2\steamapps\common\TrialsPC\datapack\trialsFMX.exe
FirewallRules: [{FD8FBE4C-B561-4F5C-B6F0-14CE5AD0CA56}] => D:\SteamLibrary2\steamapps\common\TrialsPC\datapack\trialsFMX.exe
FirewallRules: [{7118BBCB-A4F8-466B-93C7-5FB3BA2A4C90}] => D:\Program Files (x86)\Daedalic Entertainment GmbH\Shadow Tactics - Blades of the Shogun\Shadow Tactics.exe
FirewallRules: [{1CFF5713-B412-4B15-A9EC-CF7AAF69D257}] => D:\Program Files (x86)\Daedalic Entertainment GmbH\Shadow Tactics - Blades of the Shogun\Shadow Tactics.exe
FirewallRules: [{114858E4-0739-48E6-94B8-BC3213F24CD0}] => C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{F10342DA-92E9-4D88-8D51-61B9267D1D36}] => C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{5EAEC0EA-C0BB-4E3E-8832-4E544D909F05}] => D:\Origin Games\Battlefield 1\bf1Trial.exe
FirewallRules: [{3F29D248-1DC4-4EFC-8560-0E340DCDDD10}] => D:\Origin Games\Battlefield 1\bf1Trial.exe
FirewallRules: [{CA1C2292-723D-4293-86B5-29BF865C588F}] => D:\Origin Games\Battlefield 1\bf1.exe
FirewallRules: [{B89451EE-ADF6-4063-8614-6B0863BA77C6}] => D:\Origin Games\Battlefield 1\bf1.exe
FirewallRules: [{A5C03161-B532-48BB-82BE-5AC252B0FD34}] => D:\SteamLibrary2\steamapps\common\SNOW\Bin64\playSNOW.exe
FirewallRules: [{F4C26E9B-1BD7-4740-A63B-3F93CCAFA520}] => D:\SteamLibrary2\steamapps\common\SNOW\Bin64\playSNOW.exe
FirewallRules: [{2830D4EF-D390-4440-AC61-38F232CBFD10}] => D:\SteamLibrary2\steamapps\common\The Talos Principle\Bin\Talos.exe
FirewallRules: [{865F1A64-5F18-4C6F-A842-5EA3237CCC24}] => D:\SteamLibrary2\steamapps\common\The Talos Principle\Bin\Talos.exe
FirewallRules: [{EBBE5780-1B68-47F0-A938-798E0644DD1A}] => D:\SteamLibrary2\steamapps\common\The Talos Principle\Bin\Talos_Unrestricted.exe
FirewallRules: [{125EDD41-CEB4-4BE6-BB51-17AA8DFFC594}] => D:\SteamLibrary2\steamapps\common\The Talos Principle\Bin\Talos_Unrestricted.exe
FirewallRules: [{13D6559F-0FE8-472D-9E34-FB3D6212F4CE}] => D:\SteamLibrary2\steamapps\common\The Talos Principle\Bin\x64\Talos.exe
FirewallRules: [{9F978A16-3502-4FBD-8D72-F5D58AC5B7BF}] => D:\SteamLibrary2\steamapps\common\The Talos Principle\Bin\x64\Talos.exe
FirewallRules: [{5AD4D3F5-4002-4E09-AE84-477A49FBBF61}] => D:\SteamLibrary2\steamapps\common\The Talos Principle\Bin\x64\Talos_Unrestricted.exe
FirewallRules: [{43C1460F-374A-4D44-A2FB-DD2470405923}] => D:\SteamLibrary2\steamapps\common\The Talos Principle\Bin\x64\Talos_Unrestricted.exe
FirewallRules: [{3B5F0660-1479-4781-8580-F69A0CE5D620}] => D:\SteamLibrary2\steamapps\common\Dead by Daylight\DeadByDaylight.exe
FirewallRules: [{C118E5A3-1C55-462B-9785-C4C8C6553341}] => D:\SteamLibrary2\steamapps\common\Dead by Daylight\DeadByDaylight.exe
FirewallRules: [TCP Query User{1154AE4E-08F0-4B7B-98A2-03DCD8E16BBA}D:\steamlibrary2\steamapps\common\dead by daylight\deadbydaylight\binaries\win64\deadbydaylight-win64-shipping.exe] => D:\steamlibrary2\steamapps\common\dead by daylight\deadbydaylight\binaries\win64\deadbydaylight-win64-shipping.exe
FirewallRules: [UDP Query User{7CD7D6B1-C654-4A9B-8B5E-93A93FA368DB}D:\steamlibrary2\steamapps\common\dead by daylight\deadbydaylight\binaries\win64\deadbydaylight-win64-shipping.exe] => D:\steamlibrary2\steamapps\common\dead by daylight\deadbydaylight\binaries\win64\deadbydaylight-win64-shipping.exe
FirewallRules: [{8AD68C55-30F1-4739-8CB2-9359FB15CF9D}] => C:\Users\Marvin\AppData\Roaming\ACEStream\engine\ace_engine.exe
FirewallRules: [{9A92B0CA-3BBA-4D42-8613-1ECB0DD15BFB}] => C:\Users\Marvin\AppData\Roaming\ACEStream\engine\ace_engine.exe
FirewallRules: [{3988CA20-3C73-4F09-A1EA-DEC8F707F0CD}] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
FirewallRules: [TCP Query User{51425A23-ADBF-464E-9D46-8AEA57E1BB88}D:\tros\slime rnacher\slime.rancher.v0.4.1\x64\slimerancher.exe] => D:\tros\slime rnacher\slime.rancher.v0.4.1\x64\slimerancher.exe
FirewallRules: [UDP Query User{8CD45599-0FE4-44C4-AB50-7D61AD418F4A}D:\tros\slime rnacher\slime.rancher.v0.4.1\x64\slimerancher.exe] => D:\tros\slime rnacher\slime.rancher.v0.4.1\x64\slimerancher.exe
FirewallRules: [TCP Query User{E221ACA7-1FBF-444A-AD79-DD9CAB0F49CE}D:\tros\slime rancher\slime.rancher.v0.4.1\x64\slimerancher.exe] => D:\tros\slime rancher\slime.rancher.v0.4.1\x64\slimerancher.exe
FirewallRules: [UDP Query User{F999516F-69B3-4131-8DF3-CAB98992EB7A}D:\tros\slime rancher\slime.rancher.v0.4.1\x64\slimerancher.exe] => D:\tros\slime rancher\slime.rancher.v0.4.1\x64\slimerancher.exe
FirewallRules: [{F44EE477-681E-4B9F-92FF-1F98466C034F}] => D:\SteamLibrary2\steamapps\common\Don't Starve Together\bin\dontstarve_steam.exe
FirewallRules: [{E750B4EC-C8E4-41B5-9240-8F0EDFFC5BBD}] => D:\SteamLibrary2\steamapps\common\Don't Starve Together\bin\dontstarve_steam.exe
FirewallRules: [{122BFDFA-1959-4CAA-93F3-DDA9DC4B5F6D}] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{4E929476-67EE-46A7-B76E-5D116182B0E7}] => C:\Windows\system32\config\systemprofile\AppData\Local\BrowserAir\Application\BrowserairExec.exe
FirewallRules: [{52EBB30D-A239-49E2-B034-3B922953CD98}] => D:\SteamLibrary2\steamapps\common\TOXIKK\Binaries\ToxikkLauncher.exe
FirewallRules: [{F6E87014-1351-4E4D-BFCC-66660ED284B3}] => D:\SteamLibrary2\steamapps\common\TOXIKK\Binaries\ToxikkLauncher.exe
FirewallRules: [{33125EE8-BC3A-4799-8732-40F7483D6B4D}] => D:\SteamLibrary2\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [{F5206AB4-DBF3-4024-9F1A-32E3E4EDC161}] => D:\SteamLibrary2\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [{BA143414-48AC-4681-9ADF-07E7D762377D}] => D:\Origin Games\FIFA 17\FIFASetup\fifaconfig.exe
FirewallRules: [{7DFB1AFB-9049-4773-AFBD-105D1A9D1667}] => D:\Origin Games\FIFA 17\FIFASetup\fifaconfig.exe
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service

==================== Restore Points =========================

==================== Faulty Device Manager Devices =============

Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft Teredo Tunneling Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

==================== Event log errors: =========================

Application errors:
==================
Error: (01/11/2017 09:09:49 AM) (Source: DbxSvc) (EventID: 320) (User: )
Description: Failed to connect to the driver: (-2147024894) The system cannot find the file specified.

Error: (01/10/2017 06:08:18 PM) (Source: DbxSvc) (EventID: 320) (User: )
Description: Failed to connect to the driver: (-2147024894) The system cannot find the file specified.

Error: (01/10/2017 03:50:06 PM) (Source: DbxSvc) (EventID: 320) (User: )
Description: Failed to connect to the driver: (-2147024894) The system cannot find the file specified.

Error: (01/10/2017 03:36:32 PM) (Source: ATIeRecord) (EventID: 16387) (User: )
Description: ATI EEU Service event error

Error: (01/10/2017 03:09:19 PM) (Source: ATIeRecord) (EventID: 16387) (User: )
Description: ATI EEU Service event error

Error: (01/10/2017 03:08:43 PM) (Source: ATIeRecord) (EventID: 16387) (User: )
Description: ATI EEU Service event error

Error: (01/10/2017 03:08:29 PM) (Source: ATIeRecord) (EventID: 16387) (User: )
Description: ATI EEU Service event error

Error: (01/10/2017 03:08:24 PM) (Source: ATIeRecord) (EventID: 16387) (User: )
Description: ATI EEU Service event error

Error: (01/10/2017 03:03:38 PM) (Source: ATIeRecord) (EventID: 16387) (User: )
Description: ATI EEU Service event error

Error: (01/10/2017 02:26:38 PM) (Source: ATIeRecord) (EventID: 16387) (User: )
Description: ATI EEU Service event error

System errors:
=============
Error: (01/11/2017 09:10:21 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
cdrom

Error: (01/11/2017 09:10:20 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Origin Web Helper Service service failed to start due to the following error:
The service did not respond to the start or control request in a timely fashion.

Error: (01/11/2017 09:10:20 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Origin Web Helper Service service to connect.

Error: (01/11/2017 09:09:49 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Chikiing service terminated with the following error:
The specified module could not be found.

Error: (01/10/2017 11:21:51 PM) (Source: volsnap) (EventID: 36) (User: )
Description: The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.

Error: (01/10/2017 06:08:51 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
cdrom

Error: (01/10/2017 06:08:49 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Origin Web Helper Service service failed to start due to the following error:
The service did not respond to the start or control request in a timely fashion.

Error: (01/10/2017 06:08:49 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Origin Web Helper Service service to connect.

Error: (01/10/2017 06:08:18 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Chikiing service terminated with the following error:
The specified module could not be found.

Error: (01/10/2017 03:50:39 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
cdrom

==================== Memory info ===========================

Processor: AMD FX(tm)-8320 Eight-Core Processor
Percentage of memory in use: 33%
Total physical RAM: 12254.28 MB
Available physical RAM: 8154.14 MB
Total Virtual: 24506.75 MB
Available Virtual: 20329.59 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:111.69 GB) (Free:18.93 GB) NTFS
Drive d: (New Volume) (Fixed) (Total:931.51 GB) (Free:15.57 GB) NTFS
Drive e: (Data) (Fixed) (Total:465.76 GB) (Free:2.42 GB) NTFS ==>[system with boot components (obtained from drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 118BED4E)
Partition 1: (Active) - (Size=465.8 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 111.8 GB) (Disk ID: 1B2569FF)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=111.7 GB) - (Type=07 NTFS)

========================================================
Disk: 2 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 255B7F54)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================

**Juliet** · 2017-01-11, 15:52

I don't know if the fix is going to work since you named FRST
Running from C:\Users\Marvin\Desktop\Fixing things

We'll give it a try.

Please open Notepad *Do Not Use Wordpad!* or use any other text editor than Notepad or the script will fail. (Start -> Run -> type notepad in the Open field -> OK) and copy and paste the text present inside the quote box below:
To do this highlight the contents of the box and right click on it and select copy.
Paste this into the open notepad. save it to the Desktop as fixlist.txt
NOTE. It's important that both files, FRST/FRST64 and fixlist.txt are in the same location or the fix will not work.
It needs to be saved Next to the "Farbar Recovery Scan Tool" (If asked to overwrite existing one please allow)

start
CreateRestorePoint:
CloseProcesses:
HKU\S-1-5-21-4016113358-843845156-2686539769-1000\...\Run: [Upmedia] => C:\Users\Marvin\AppData\Local\Upmedia\gdks34.exe
HKU\S-1-5-21-4016113358-843845156-2686539769-1000\...\Run: [Ozmics] => C:\Windows\SysWOW64\regsvr32.exe C:\Users\Marvin\AppData\Local\Upmedia\gdiServices54.dll
HKU\S-1-5-21-4016113358-843845156-2686539769-1000\...\Run: [WTVLR6FR20] => "C:\Program Files\IJD61O2L61\IJD61O2L6.exe"
HKU\S-1-5-21-4016113358-843845156-2686539769-1000\...\Run: [HV1V03D1C9] => "C:\Program Files\LAT8TQJDDX\LAT8TQJDD.exe"
HKU\S-1-5-18\...\Run: [AOPEMA7LGO] => "C:\Program Files\C5XOWA3WK3\C5XOWA3WK.exe"
HKU\S-1-5-18\...\Run: [CH6JD6R59R] => "C:\Program Files\CD0CMV632N\CD0CMV632.exe"
HKU\S-1-5-18\...\Run: [71KFQTEHQA] => "C:\Program Files\EET2FMBFLG\EET2FMBFL.exe"
HKU\S-1-5-18\...\Run: [64QMH4ZJYD] => "C:\Program Files\91D5JJKT93\71KFQTEHQ.exe"
SearchScopes: HKU\S-1-5-21-4016113358-843845156-2686539769-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\55.0.2883.87\ppGoogleNaClPluginChrome.dll => No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\55.0.2883.87\pdf.dll => No File
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\55.0.2883.87\gcswf32.dll => No File
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.99\npGoogleUpdate3.dll => No File
2 Chikiing; C:\Program Files (x86)\Mapadomcoaveck\BmsSch.dll [X]
S3 EasyAntiCheat; C:\Windows\system32\EasyAntiCheat.exe [X]
C:\Program Files\LAT8TQJDDX
C:\Program Files\IJD61O2L61
C:\Users\Marvin\AppData\Local\Upmedia
EmptyTemp:
End

Open FRST/FRST64 and press the > Fix < button just once and wait.
If for some reason the tool needs a restart, please make sure you let the system restart normally. After that let the tool complete its run.
When finished FRST will generate a log on the Desktop (Fixlog.txt). Please post it to your reply.

**SargeP** · 2017-01-11, 18:05

Fixlog:

Fix result of Farbar Recovery Scan Tool (x64) Version: 11-01-2017
Ran by Marvin (11-01-2017 17:56:48) Run:2
Running from C:\Users\Marvin\Desktop\Fixing things
Loaded Profiles: Marvin (Available Profiles: Marvin)
Boot Mode: Normal
==============================================

fixlist content:
*****************
start
CreateRestorePoint:
CloseProcesses:
HKU\S-1-5-21-4016113358-843845156-2686539769-1000\...\Run: [Upmedia] => C:\Users\Marvin\AppData\Local\Upmedia\gdks34.exe
HKU\S-1-5-21-4016113358-843845156-2686539769-1000\...\Run: [Ozmics] => C:\Windows\SysWOW64\regsvr32.exe C:\Users\Marvin\AppData\Local\Upmedia\gdiServices54.dll
HKU\S-1-5-21-4016113358-843845156-2686539769-1000\...\Run: [WTVLR6FR20] => "C:\Program Files\IJD61O2L61\IJD61O2L6.exe"
HKU\S-1-5-21-4016113358-843845156-2686539769-1000\...\Run: [HV1V03D1C9] => "C:\Program Files\LAT8TQJDDX\LAT8TQJDD.exe"
HKU\S-1-5-18\...\Run: [AOPEMA7LGO] => "C:\Program Files\C5XOWA3WK3\C5XOWA3WK.exe"
HKU\S-1-5-18\...\Run: [CH6JD6R59R] => "C:\Program Files\CD0CMV632N\CD0CMV632.exe"
HKU\S-1-5-18\...\Run: [71KFQTEHQA] => "C:\Program Files\EET2FMBFLG\EET2FMBFL.exe"
HKU\S-1-5-18\...\Run: [64QMH4ZJYD] => "C:\Program Files\91D5JJKT93\71KFQTEHQ.exe"
SearchScopes: HKU\S-1-5-21-4016113358-843845156-2686539769-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\55.0.2883.87\ppGoogleNaClPluginChrome.dll => No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\55.0.2883.87\pdf.dll => No File
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\55.0.2883.87\gcswf32.dll => No File
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.99\npGoogleUpdate3.dll => No File
2 Chikiing; C:\Program Files (x86)\Mapadomcoaveck\BmsSch.dll [X]
S3 EasyAntiCheat; C:\Windows\system32\EasyAntiCheat.exe [X]
C:\Program Files\LAT8TQJDDX
C:\Program Files\IJD61O2L61
C:\Users\Marvin\AppData\Local\Upmedia
EmptyTemp:
End
*****************

Restore point was successfully created.
Processes closed successfully.
HKU\S-1-5-21-4016113358-843845156-2686539769-1000\Software\Microsoft\Windows\CurrentVersion\Run\\Upmedia => value removed successfully
HKU\S-1-5-21-4016113358-843845156-2686539769-1000\Software\Microsoft\Windows\CurrentVersion\Run\\Ozmics => value removed successfully
HKU\S-1-5-21-4016113358-843845156-2686539769-1000\Software\Microsoft\Windows\CurrentVersion\Run\\WTVLR6FR20 => value removed successfully
HKU\S-1-5-21-4016113358-843845156-2686539769-1000\Software\Microsoft\Windows\CurrentVersion\Run\\HV1V03D1C9 => value removed successfully
HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run\\AOPEMA7LGO => value removed successfully
HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run\\CH6JD6R59R => value removed successfully
HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run\\71KFQTEHQA => value removed successfully
HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run\\64QMH4ZJYD => value removed successfully
HKU\S-1-5-21-4016113358-843845156-2686539769-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
C:\Program Files (x86)\Google\Chrome\Application\55.0.2883.87\ppGoogleNaClPluginChrome.dll => not found.
C:\Program Files (x86)\Google\Chrome\Application\55.0.2883.87\pdf.dll => not found.
C:\Program Files (x86)\Google\Chrome\Application\55.0.2883.87\gcswf32.dll => not found.
C:\Program Files (x86)\Google\Update\1.3.21.99\npGoogleUpdate3.dll => not found.
2 Chikiing; C:\Program Files (x86)\Mapadomcoaveck\BmsSch.dll [X] => Error: No automatic fix found for this entry.
HKLM\System\CurrentControlSet\Services\EasyAntiCheat => key removed successfully
EasyAntiCheat => service removed successfully
C:\Program Files\LAT8TQJDDX => moved successfully
C:\Program Files\IJD61O2L61 => moved successfully
C:\Users\Marvin\AppData\Local\Upmedia => moved successfully

=========== EmptyTemp: ==========

BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 21147321 B
Java, Flash, Steam htmlcache => 45683293 B
Windows/system/drivers => 5320 B
Edge => 0 B
Chrome => 478116424 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 0 B
Public => 0 B
ProgramData => 0 B
systemprofile => 759 B
systemprofile32 => 33192 B
LocalService => 0 B
NetworkService => 0 B
Marvin => 24124115 B

RecycleBin => 2286 B
EmptyTemp: => 550.7 MB temporary data Removed.

================================

The system needed a reboot.

==== End of Fixlog 17:57:01 ====

**Juliet** · 2017-01-11, 18:18

How's the computer now?

**SargeP** · 2017-01-11, 19:22

Ever since we did the Emisoft Scan the popups have stopped. Or at least I think that's when they stopped. Everything seems fine right now. All programs open properly, all websites are displayed correctly. I'll let you know if something comes up in the next few days.

**Juliet** · 2017-01-11, 21:42

Be aware if you run a virus scan with your onboard antivirus you might get an alert or two, from the tools used and their quarantine folders.

**Juliet** · 2017-01-14, 12:15

Ready to remove tools and quarantine folders?

**SargeP** · 2017-01-15, 17:44

Everything seems fine. So, yes!

**Juliet** · 2017-01-15, 21:57

Please download DelFix or from Here and save the file to your Desktop.
Double-click DelFix.exe to run the programme.
Place a checkmark next to the following items:
Activate UAC
Remove disinfection tools
Click the Run button.
-- This will remove the specialized tools we used to disinfect your system.
Any leftover logs, files, folders or tools remaining on your Desktop which were not removed can be deleted manually (right-click the file + delete).

*************

Answers to common security questions - Best Practices by quietman7, MVP
How Malware Spreads - How did I get infected? by quietman7, MVP
Simple and easy ways to keep your computer safe and secure on the Internet by Lawrence Abrams, MVP
How to Prevent Malware by miekiemoes, MVP
How to backup and restore your data using Cobian Backup by YourHighness
Slow Computer/browser? It May Not Be Malwareby quietman7, MVP

AdBlock is a browser add-on that blocks annoying banners, pop-ups and video ads.
CryptoPrevent places policy restrictions on loading points for ransomware (eg. CryptoWall), helping prevent the execution of malware.
Malwarebytes Anti-Exploit (MBAE) is designed to prevent zero-day malware from exploiting vulnerable software.
Malwarebytes Anti-Malware Premium (MBAM) works in real-time along side your Anti-Virus to prevent malware execution.
NoScript is a Firefox add-on that blocks the actions of malicious scripts by using whitelisting and other technology.
Sandboxie isolates programmes of your choice, preventing files from being written to your HDD unless approved by you.
Secunia PSI will scan your computer for vulnerable softwarethat is outdated, and automatically find the latest update for you.
SpywareBlaster is a form of passive protection, designed to block the actions of malicious websites and tracking cookies.
Unchecky automatically removes checkmarks for bunlded software in programme installers; helping you avoid adware and PUPs.
Web of Trust (WOT) is a browser add-on designed to alert you before interacting with a potentially malicious website.

Want to help others? Join the ClassRoom and learn how.

Thread: Malware not detected by Malwarebytes, Spybot and Adw cleaner!

Thread Tools

Display

Posting Permissions