Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

Firefox is hijacked, windows defender is disabled too

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

Firefox is hijacked, windows defender is disabled too

Unread postby Jakegently » March 10th, 2017, 6:46 am

I'm running Windows 10

As of lately, Mozilla Firefox has been completely hijacked. it will open new windows and tabs at random, even tuning the whole page into some kind of link where no matter where I click, it opens a new tab and takes me to some site. I've come here on Microsoft Edge, and so far I haven't seen any interference.

The second issue I noticed when I tried to use windows defender to scan my computer, after noticing the firefox issue. I get a window saying that windows defender is disabled due to group policy. I haven't figured out how to get it to run again. I downloaded bitdefender and that has issues running as well.

Also, I get notifications about a potential threat in my windows update folder, "windowsupdate.exe" not sure what that means, but I haven't noticed any windows updates since these issues started happening. could be that no updates have been pushed since all this. my FRST logs are as follows:

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 08-03-2017
Ran by jakeg (administrator) on DESKTOP-PHRHDSR (10-03-2017 05:27:18)
Running from C:\Users\jakeg\Downloads
Loaded Profiles: jakeg (Available Profiles: jakeg & OVRLibraryService)
Platform: Windows 10 Home Version 1607 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Intel(R) Corporation) C:\Program Files\Intel\BCA\pabeSvc64.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
() C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Bitdefender) C:\Program Files\Bitdefender Antivirus Free\vsserv.exe
(Bitdefender) C:\Program Files\Bitdefender Antivirus Free\vsservppl.exe
(McAfee, Inc.) C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe
() C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Oculus VR) C:\Program Files\Oculus\Support\oculus-runtime\OVRServiceLauncher.exe
(Bitdefender) C:\Program Files\Bitdefender Agent\ProductAgentService.exe
Failed to access process -> rundll32.exe
Failed to access process -> rundll32.exe
Failed to access process -> rundll32.exe
Failed to access process -> rundll32.exe
() C:\Program Files (x86)\ViveSetup\PCClient\ViveportService.exe
(HTC Corporation) C:\Program Files\HTC Account\Htc.Identity.Service.exe
(McAfee, Inc.) C:\Program Files\TrueKey\McTkSchedulerService.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(MSI) C:\Windows\SysWOW64\muachost.exe
() C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe
(Oculus VR) C:\Program Files\Oculus\Support\oculus-runtime\OVRServer_x64.exe
(Bitdefender) C:\Program Files\Bitdefender Antivirus Free\bdagent.exe
(Microsoft Corporation) C:\Windows\System32\Speech_OneCore\Common\SpeechRuntime.exe
(Microsoft Corporation) C:\Windows\System32\CastSrv.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
() C:\Program Files (x86)\ViveSetup\PCClient\HTCVRMarketplaceUserContextHelper.exe
() C:\Program Files (x86)\ViveSetup\PCClient\HTCVRMarketplaceUserContextHelper.exe
() C:\Program Files (x86)\ViveSetup\PCClient\web\apps\phone\nw.exe
(Microsoft Corporation) C:\Windows\System32\InstallAgent.exe
(Microsoft Corporation) C:\Windows\System32\InstallAgentUserBroker.exe
() C:\Program Files (x86)\ViveSetup\PCClient\web\apps\phone\nw.exe
() C:\Program Files (x86)\ViveSetup\PCClient\web\apps\phone\nw.exe
() C:\Program Files (x86)\ViveSetup\PCClient\web\apps\phone\nw.exe
(HTC) C:\Program Files (x86)\Steam\steamapps\common\SteamVR\tools\lighthouse\bin\win64\vivelink.exe
(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe

==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8495320 2015-06-23] (Realtek Semiconductor)
HKLM\...\Run: [WindowsDefender] => C:\Program Files\Windows Defender\MSASCuiL.exe [631808 2016-09-06] (Microsoft Corporation)
HKLM\...\Run: [ShadowPlay] => "C:\WINDOWS\system32\rundll32.exe" C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [WindowsUpdate] => C:\Users\Default\WindowsUpdate\WindowsUpdate.exe [27648 2017-02-16] ()
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [595480 2016-03-20] (Oracle Corporation)
HKLM-x32\...\Run: [PlaysTV] => C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv_launcher.exe [71440 2016-03-25] (Plays.tv, LLC)
HKLM-x32\...\Run: [Raptr] => C:\Program Files (x86)\Raptr Inc\Raptr\raptrstub.exe [58640 2016-03-25] (Raptr, Inc)
HKLM-x32\...\Run: [amd_dc_opt] => C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe
HKLM-x32\...\Run: [GammingApp] => C:\Program Files (x86)\MSI\Gaming APP\SGamingApp.exe --min
HKLM-x32\...\Run: [HTC Store User Content Helper] => C:\Program Files (x86)\ViveSetup\PCClient\HTCVRMarketplaceUserContextHelper.exe [112464 2017-02-24] ()
HKU\S-1-5-21-2362767239-1170048716-167344883-1002\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3019552 2017-03-09] (Valve Corporation)
HKU\S-1-5-21-2362767239-1170048716-167344883-1002\...\Run: [Spotify Web Helper] => C:\Users\jakeg\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1524336 2016-02-18] (Spotify Ltd)
HKU\S-1-5-21-2362767239-1170048716-167344883-1002\...\Run: [GameJoltClient] => C:\Users\jakeg\AppData\Local\GameJoltClient\GameJoltClient.exe [46705152 2016-03-10] ()
HKU\S-1-5-21-2362767239-1170048716-167344883-1002\...\Run: [VivePCClient] => C:\Program Files (x86)\ViveSetup\PCClient\Vive.exe [3613520 2017-02-24] (HTC Corp.)
HKU\S-1-5-21-2362767239-1170048716-167344883-1002\...\Run: [Gaijin.Net Agent] => "C:\Users\jakeg\AppData\Local\Gaijin\Program Files (x86)\NetAgent\gjagent.exe"
HKU\S-1-5-18\...\Run: [script_fcbd] => C:\Users\jakeg\Far Cry 3 Blood Dragon\fcbd.bat [307 2016-12-07] ()
Lsa: [Notification Packages] scecli C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\start_swu.lnk [2017-01-30]
ShortcutTarget: start_swu.lnk -> C:\Program Files\devnullnull2017\SWU\start.vbs ()

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\..\Interfaces\{35e8f816-6cc9-49ba-8ec3-fb8fff532b1d}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{e60e1757-83b3-407b-bf50-9bfddfddc44c}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{f51feabd-2c2c-42a4-b229-b0629e97d160}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-2362767239-1170048716-167344883-1002\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/?ocid=iehp
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_77\bin\ssv.dll [2016-03-29] (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_77\bin\jp2ssv.dll [2016-03-29] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_77\bin\ssv.dll [2016-03-29] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_77\bin\jp2ssv.dll [2016-03-29] (Oracle Corporation)

FireFox:
========
FF DefaultProfile: u7rl4wfp.default
FF ProfilePath: C:\Users\jakeg\AppData\Roaming\Mozilla\Firefox\Profiles\u7rl4wfp.default [2017-03-09]
FF DefaultSearchEngine.US: Mozilla\Firefox\Profiles\u7rl4wfp.default -> Bing
FF Homepage: Mozilla\Firefox\Profiles\u7rl4wfp.default -> hxxp://www.nexusmods.com/skyrimspecialedition/?
FF Extension: (Adguard AdBlocker) - C:\Users\jakeg\AppData\Roaming\Mozilla\Firefox\Profiles\u7rl4wfp.default\Extensions\adguardadblocker@adguard.com.xpi [2017-01-13]
FF Extension: (Fast search) - C:\Users\jakeg\AppData\Roaming\Mozilla\Firefox\Profiles\u7rl4wfp.default\Extensions\amcontextmenu@loucypher [2017-02-25]
FF Extension: (MEGA) - C:\Users\jakeg\AppData\Roaming\Mozilla\Firefox\Profiles\u7rl4wfp.default\Extensions\firefox@mega.co.nz.xpi [2017-03-09]
FF Extension: (Reddit Enhancement Suite) - C:\Users\jakeg\AppData\Roaming\Mozilla\Firefox\Profiles\u7rl4wfp.default\Extensions\jid1-xUfzOsOFlzSOXg@jetpack.xpi [2017-02-19]
FF Extension: (uBlock Origin) - C:\Users\jakeg\AppData\Roaming\Mozilla\Firefox\Profiles\u7rl4wfp.default\Extensions\uBlock0@raymondhill.net.xpi [2017-03-04]
FF Extension: (Video DownloadHelper) - C:\Users\jakeg\AppData\Roaming\Mozilla\Firefox\Profiles\u7rl4wfp.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2017-01-01]
FF Extension: (SHA-1 deprecation staged rollout) - C:\Users\jakeg\AppData\Roaming\Mozilla\Firefox\Profiles\u7rl4wfp.default\features\{01cf2deb-67a4-4cf5-ac22-4c29fa9423d9}\disableSHA1rollout@mozilla.org.xpi [2017-03-05]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_22_0_0_192.dll [2016-06-28] ()
FF Plugin: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelogx64.dll [No File]
FF Plugin: @java.com/DTPlugin,version=11.77.2 -> C:\Program Files\Java\jre1.8.0_77\bin\dtplugin\npDeployJava1.dll [2016-03-29] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.77.2 -> C:\Program Files\Java\jre1.8.0_77\bin\plugin2\npjp2.dll [2016-03-29] (Oracle Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_22_0_0_192.dll [2016-06-28] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [No File]
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 -> C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll [No File]
FF Plugin-x32: @esn/esnlaunch,version=2.3.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll [No File]
FF Plugin-x32: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelog.dll [No File]
FF Plugin-x32: @java.com/DTPlugin,version=11.77.2 -> C:\Program Files (x86)\Java\jre1.8.0_77\bin\dtplugin\npDeployJava1.dll [2016-03-29] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.77.2 -> C:\Program Files (x86)\Java\jre1.8.0_77\bin\plugin2\npjp2.dll [2016-03-29] (Oracle Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2017-02-09] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2017-02-09] (NVIDIA Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin HKU\S-1-5-21-2362767239-1170048716-167344883-1002: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2016-12-17] ()

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2013-06-04] (Advanced Micro Devices, Inc.) [File not signed]
S2 AODService; C:\Program Files (x86)\AMD\OverDrive\AODAssist.exe [136616 2011-10-13] ()
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77104 2015-10-07] (Apple Inc.)
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe [936728 2014-07-22] ()
R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe [1360016 2014-07-22] () [File not signed]
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1465352 2017-01-14] ()
S2 DisplayFusionService; C:\Program Files (x86)\DisplayFusion\DisplayFusionService.exe [4646440 2015-09-14] (Binary Fortress Software)
S3 EasyAntiCheat; C:\WINDOWS\SysWOW64\EasyAntiCheat.exe [395024 2016-12-27] (EasyAntiCheat Ltd)
S3 Futuremark SystemInfo Service; C:\Program Files (x86)\Futuremark\SystemInfo\FMSISvc.exe [342456 2016-08-11] (Futuremark)
R2 HTC Account Service; C:\Program Files\HTC Account\Htc.Identity.Service.exe [20712 2016-12-15] (HTC Corporation)
R2 IntelBCAsvc; C:\Program Files\Intel\BCA\pabeSvc64.exe [3026584 2016-05-06] (Intel(R) Corporation)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [462784 2017-01-20] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [462784 2017-01-20] (NVIDIA Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [462784 2017-02-09] (NVIDIA Corporation)
R2 NvTelemetryContainer; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [425408 2017-01-20] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2122248 2017-02-14] (Electronic Arts)
S2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [2184208 2017-02-14] (Electronic Arts)
S3 OVRLibraryService; C:\Program Files\Oculus\Support\oculus-librarian\OVRLibraryService.exe [185640 2017-02-24] (Oculus VR, LLC)
R2 OVRService; C:\Program Files\Oculus\Support\oculus-runtime\OVRServiceLauncher.exe [474064 2017-02-24] (Oculus VR)
S2 PlaysService; C:\Program Files (x86)\Raptr Inc\PlaysTV\plays_service.exe [32528 2016-03-25] (Plays.tv, LLC)
R2 ProductAgentService; C:\Program Files\Bitdefender Agent\ProductAgentService.exe [1100392 2016-10-28] (Bitdefender)
R2 TrueKey; C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe [908256 2016-07-22] (McAfee, Inc.)
R2 TrueKeyScheduler; C:\Program Files\TrueKey\McTkSchedulerService.exe [15736 2016-07-22] (McAfee, Inc.)
S3 TrueKeyServiceHelper; C:\Program Files\TrueKey\McAfee.TrueKey.ServiceHelper.exe [86864 2016-07-22] (McAfee, Inc.)
R2 Viveport; C:\Program Files (x86)\ViveSetup\PCClient\ViveportService.exe [72016 2017-02-24] ()
R2 vsserv; C:\Program Files\Bitdefender Antivirus Free\vsserv.exe [100392 2016-11-30] (Bitdefender)
R2 vsservppl; C:\Program Files\Bitdefender Antivirus Free\vsservppl.exe [100392 2016-11-30] (Bitdefender)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation)
S3 iPod Service; "C:\Program Files\iPod\bin\iPodService.exe" [X]
S2 MSI_ActiveX_Service; "C:\Program Files (x86)\MSI\MSI OC Kit\ActiveX_Service\MSI_ActiveX_Service.exe" [X]
S2 NVIDIA Wireless Controller Service; "C:\Program Files\NVIDIA Corporation\GeForce Experience Service\nvwirelesscontroller.exe" [X]

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S0 amdkmafd; C:\WINDOWS\System32\drivers\amdkmafd.sys [23240 2016-03-21] (Advanced Micro Devices, Inc.)
R2 AODDriver4.1; C:\Program Files (x86)\AMD\OverDrive\amd64\AODDriver2.sys [55936 2011-10-13] (Advanced Micro Devices)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2014-07-22] ()
R0 avc3; C:\WINDOWS\System32\DRIVERS\avc3.sys [1605376 2016-09-20] (BitDefender)
R3 avckf; C:\WINDOWS\System32\DRIVERS\avckf.sys [878072 2016-09-20] (BitDefender)
S0 bdelam; C:\WINDOWS\System32\drivers\bdelam.sys [23672 2016-03-14] (Bitdefender)
R1 bdfwfpf; C:\Program Files\Bitdefender Antivirus Free\bdfwfpf.sys [127312 2016-02-22] (BitDefender LLC)
R3 BTWUSB; C:\WINDOWS\System32\Drivers\btwusb.sys [66184 2017-03-07] (Broadcom Corporation.)
R1 dokan1; C:\WINDOWS\System32\DRIVERS\dokan1.sys [108608 2016-09-24] (Dokan Project)
S3 edrsensor; C:\WINDOWS\System32\DRIVERS\edrsensor.sys [342016 2016-12-13] (BitDefender S.R.L. Bucharest, ROMANIA)
S3 GVTDrv64; C:\WINDOWS\GVTDrv64.sys [30528 2016-10-23] ()
R0 gzflt; C:\WINDOWS\System32\drivers\gzflt.sys [182944 2016-10-29] (BitDefender LLC)
S3 I2cHkBurn; C:\WINDOWS\system32\drivers\I2cHkBurn.sys [41760 2015-07-27] (FINTEK Corp.)
S3 IOMap; C:\WINDOWS\system32\drivers\IOMap64.sys [24824 2013-07-02] (ASUSTeK Computer Inc.)
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
S3 NTIOLib_MB; C:\Program Files (x86)\MSI\Gaming APP\Lib\NTIOLib_X64.sys [13808 2014-03-13] (MSI)
S3 NVFLASH; C:\WINDOWS\system32\drivers\nvflash.sys [15648 2014-01-06] ()
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_0cc477a6fec64d8c\nvlddmkm.sys [14516664 2017-02-10] (NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [27584 2017-01-20] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [46016 2017-01-20] (NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [57792 2017-01-20] (NVIDIA Corporation)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [589824 2016-07-16] (Realtek )
R3 RTCore64; C:\Program Files (x86)\MSI Afterburner\RTCore64.sys [13512 2015-12-09] ()
R3 RtlWlanu; C:\WINDOWS\System32\drivers\rtwlanu.sys [3042520 2014-01-16] (Realtek Semiconductor Corporation )
S3 RtlWlanu_OldIC; C:\WINDOWS\System32\drivers\rtwlanu_oldIC.sys [3814400 2016-07-16] (Realtek Semiconductor Corporation )
R0 trufos; C:\WINDOWS\System32\drivers\trufos.sys [520032 2016-06-22] (BitDefender S.R.L.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
S3 xhunter1; C:\WINDOWS\xhunter1.sys [36808 2017-01-30] (Wellbia.com Co., Ltd.)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-03-10 05:27 - 2017-03-10 05:28 - 00020490 _____ C:\Users\jakeg\Downloads\FRST.txt
2017-03-10 05:26 - 2017-03-10 05:27 - 00000000 ____D C:\FRST
2017-03-10 05:26 - 2017-03-10 05:26 - 02423808 _____ (Farbar) C:\Users\jakeg\Downloads\FRST64.exe
2017-03-10 04:48 - 2017-03-10 04:48 - 00000000 ___HD C:\OneDriveTemp
2017-03-09 00:52 - 2017-03-09 00:52 - 02025886 _____ C:\Users\jakeg\Downloads\vivecraft-1.7.10-jrbudda-38pre-installer.exe
2017-03-09 00:42 - 2017-03-09 00:42 - 03378021 _____ C:\Users\jakeg\Downloads\forge-1.7.10-10.13.4.1614-1.7.10-installer.jar
2017-03-07 19:01 - 2017-03-07 19:02 - 00547556 _____ C:\WINDOWS\Minidump\030717-25453-01.dmp
2017-03-07 17:59 - 2017-03-07 17:59 - 00000000 ____D C:\Users\jakeg\AppData\Local\CAPCOM
2017-03-07 17:58 - 2017-03-07 17:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ultimate Marvel vs. Capcom 3
2017-03-07 17:27 - 2017-03-07 17:27 - 00000000 ____D C:\Users\jakeg\AppData\Local\THQ
2017-03-07 17:25 - 2017-03-07 17:25 - 00000000 ____D C:\WINDOWS\System32\Tasks\saints row 2
2017-03-07 05:10 - 2017-03-07 05:10 - 00000000 ____D C:\WINDOWS\System32\Tasks\break time!
2017-03-07 05:10 - 2017-03-07 05:10 - 00000000 ____D C:\Users\jakeg\AppData\LocalLow\Space Toast Games
2017-03-07 04:44 - 2017-03-07 04:44 - 00000000 ____D C:\WINDOWS\LastGood
2017-03-07 04:43 - 2017-03-07 04:43 - 00000000 ____D C:\Users\jakeg\AppData\Roaming\matzman666
2017-03-06 04:51 - 2017-03-06 04:51 - 00000000 ____D C:\WINDOWS\System32\Tasks\my summer car
2017-03-06 04:34 - 2017-03-06 04:34 - 00945664 _____ (VIA Soft) C:\Users\jakeg\Desktop\UnityAssetsExplorer.exe
2017-03-05 18:20 - 2017-03-05 18:20 - 00000000 ____D C:\Program Files\OpenVR-AdvancedSettings
2017-03-05 18:19 - 2017-03-05 18:20 - 24273669 _____ C:\Users\jakeg\Downloads\OpenVR-AdvancedSettings-Installer-v2.3.exe
2017-03-05 17:22 - 2017-03-05 17:22 - 00000000 ____D C:\WINDOWS\System32\Tasks\steamvrperformancetest
2017-03-05 01:37 - 2017-03-05 01:37 - 00000000 ____D C:\WINDOWS\System32\Tasks\broomball vr
2017-03-05 00:29 - 2017-03-05 00:29 - 00000000 ____D C:\WINDOWS\System32\Tasks\wakeup
2017-03-05 00:29 - 2017-03-05 00:29 - 00000000 ____D C:\Users\jakeg\AppData\Local\WakeUpProject
2017-03-04 22:21 - 2017-03-04 22:21 - 00000000 ____D C:\WINDOWS\System32\Tasks\9347a360-c6ea-4e35-aaf1-9fab4f41cb79
2017-03-04 22:17 - 2017-03-04 22:17 - 00000000 ____D C:\WINDOWS\System32\Tasks\inmind
2017-03-04 22:17 - 2017-03-04 22:17 - 00000000 ____D C:\Users\jakeg\AppData\LocalLow\Nival VR
2017-03-04 20:29 - 2017-03-04 20:29 - 00000000 ____D C:\WINDOWS\System32\Tasks\pcars
2017-03-04 18:58 - 2017-03-04 18:58 - 00000000 ____D C:\Users\jakeg\AppData\Local\Pavlov
2017-03-04 18:57 - 2017-03-04 18:58 - 00000000 ____D C:\WINDOWS\System32\Tasks\pavlovvr
2017-03-04 18:44 - 2017-03-04 18:44 - 00000000 ____D C:\WINDOWS\System32\Tasks\drunkn bar fight
2017-03-04 18:11 - 2017-03-04 18:11 - 00000000 ____D C:\WINDOWS\System32\Tasks\the cubicle
2017-03-04 02:01 - 2017-03-04 02:01 - 00000000 ____D C:\Users\jakeg\AppData\LocalLow\Free Lives
2017-03-04 02:00 - 2017-03-04 02:00 - 00000000 ____D C:\Users\jakeg\Desktop\GORN
2017-03-04 01:58 - 2017-03-04 01:59 - 142284460 _____ C:\Users\jakeg\Downloads\GORN.zip
2017-03-03 23:23 - 2017-03-03 23:23 - 00000000 ____D C:\WINDOWS\System32\Tasks\runtime
2017-03-01 19:39 - 2017-03-01 19:39 - 00016830 _____ C:\WINDOWS\System32\Tasks\minecraftlauncher
2017-03-01 05:10 - 2017-03-01 05:11 - 00000000 ____D C:\Users\jakeg\AppData\Local\FindIp
2017-03-01 04:43 - 2017-03-01 04:43 - 00016818 _____ C:\WINDOWS\System32\Tasks\x64launcher
2017-03-01 04:43 - 2017-03-01 04:43 - 00000000 ____D C:\WINDOWS\System32\Tasks\nvidia vr funhouse
2017-03-01 04:36 - 2017-03-01 04:36 - 00000000 ____D C:\Users\jakeg\AppData\LocalLow\4iLab
2017-03-01 03:57 - 2017-03-01 03:58 - 00000000 ____D C:\Users\jakeg\Documents\SportsBarVR
2017-03-01 03:56 - 2017-03-01 03:56 - 00000000 ____D C:\Users\jakeg\AppData\Local\PoolNationVR
2017-03-01 00:15 - 2017-03-01 00:15 - 00000844 _____ C:\Users\Public\Desktop\Dolphin VR.lnk
2017-02-28 23:40 - 2017-02-28 23:40 - 00000000 ____D C:\Users\jakeg\AppData\LocalLow\SLR
2017-02-28 23:25 - 2017-02-28 23:25 - 00003248 _____ C:\WINDOWS\System32\Tasks\{B4A3957B-F72D-4631-9143-F0F9F3857609}
2017-02-28 23:13 - 2017-02-28 23:13 - 00000000 ____D C:\Users\Default\WindowsUpdate
2017-02-28 23:13 - 2017-02-28 23:13 - 00000000 ____D C:\Users\Default\windiskutility
2017-02-28 06:44 - 2017-02-28 06:54 - 05251682 _____ C:\Users\jakeg\Downloads\89203_VRBANGERS_naughty_dreams_UHD_180x180_3dh.mp4.part
2017-02-28 04:40 - 2017-02-28 04:40 - 00497316 _____ C:\WINDOWS\Minidump\022817-27375-01.dmp
2017-02-28 04:15 - 2017-02-28 04:15 - 00000000 ____D C:\WINDOWS\System32\Tasks\ark
2017-02-27 19:13 - 2017-02-27 19:13 - 00000000 ____D C:\Users\jakeg\ansel
2017-02-27 19:02 - 2017-02-27 19:02 - 00000000 ____D C:\Users\jakeg\AppData\Local\Gaijin
2017-02-27 19:01 - 2017-02-28 05:21 - 00000000 ____D C:\WINDOWS\System32\Tasks\war thunder
2017-02-27 19:01 - 2017-02-27 19:01 - 00000000 ____D C:\ProgramData\Gaijin
2017-02-27 16:15 - 2017-02-27 16:15 - 00016824 _____ C:\WINDOWS\System32\Tasks\systemsettings
2017-02-27 06:50 - 2017-02-27 06:50 - 00000000 ____D C:\WINDOWS\System32\Tasks\nevrosa prelude
2017-02-27 06:50 - 2017-02-27 06:50 - 00000000 ____D C:\Users\jakeg\AppData\LocalLow\GexagonVR
2017-02-27 06:43 - 2017-02-27 06:43 - 00000000 ____D C:\WINDOWS\System32\Tasks\acan's call
2017-02-27 06:43 - 2017-02-27 06:43 - 00000000 ____D C:\Users\jakeg\AppData\LocalLow\Cyberith
2017-02-27 06:02 - 2017-03-07 06:16 - 00000000 ____D C:\WINDOWS\System32\Tasks\h3vr
2017-02-27 05:45 - 2017-03-02 00:43 - 00000000 ____D C:\WINDOWS\System32\Tasks\updater
2017-02-27 05:45 - 2017-02-27 05:46 - 00000000 ____D C:\WINDOWS\System32\Tasks\cef
2017-02-27 05:45 - 2017-02-27 05:45 - 00016836 _____ C:\WINDOWS\System32\Tasks\76f3774w1994G186-dll
2017-02-27 05:44 - 2017-03-02 00:45 - 00000000 ____D C:\WINDOWS\System32\Tasks\pcclient
2017-02-27 05:43 - 2017-02-27 05:43 - 00028751 _____ C:\ProgramData\agent.1488192165.bdinstall.bin
2017-02-27 00:30 - 2017-02-27 00:30 - 00000000 ____D C:\Users\jakeg\AppData\LocalLow\Outer Brain Studios
2017-02-26 23:54 - 2017-02-26 23:54 - 00000000 ____D C:\Users\jakeg\AppData\LocalLow\Aldin
2017-02-26 22:23 - 2017-02-26 22:23 - 00000000 ____D C:\Users\jakeg\AppData\LocalLow\Sunshine
2017-02-26 19:27 - 2017-02-26 19:27 - 00001199 _____ C:\Users\jakeg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bitdefender Antivirus Free.lnk
2017-02-26 19:27 - 2017-02-26 19:27 - 00000000 ____D C:\Users\jakeg\AppData\Local\Bitdefender Antivirus Free
2017-02-26 19:18 - 2016-03-14 22:04 - 00023672 _____ (Bitdefender) C:\WINDOWS\system32\Drivers\bdelam.sys
2017-02-26 19:16 - 2017-02-26 19:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bitdefender Antivirus Free
2017-02-26 19:16 - 2017-02-26 19:16 - 00000000 ____D C:\ProgramData\Bitdefender
2017-02-26 18:44 - 2016-12-13 18:18 - 00342016 _____ (BitDefender S.R.L. Bucharest, ROMANIA) C:\WINDOWS\system32\Drivers\edrsensor.sys
2017-02-26 18:44 - 2016-10-29 09:54 - 00182944 _____ (BitDefender LLC) C:\WINDOWS\system32\Drivers\gzflt.sys
2017-02-26 18:43 - 2016-09-20 04:17 - 01605376 _____ (BitDefender) C:\WINDOWS\system32\Drivers\avc3.sys
2017-02-26 18:43 - 2016-09-20 04:16 - 00878072 _____ (BitDefender) C:\WINDOWS\system32\Drivers\avckf.sys
2017-02-26 18:36 - 2016-06-22 15:40 - 00520032 _____ (BitDefender S.R.L.) C:\WINDOWS\system32\Drivers\trufos.sys
2017-02-26 18:35 - 2017-03-10 05:27 - 00000000 ____D C:\Program Files\Bitdefender Antivirus Free
2017-02-26 18:35 - 2017-02-26 18:35 - 00003794 _____ C:\WINDOWS\System32\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864
2017-02-26 18:35 - 2017-02-26 18:35 - 00000000 ____D C:\Users\jakeg\AppData\Roaming\QuickScan
2017-02-26 18:33 - 2017-03-10 04:47 - 00000000 ____D C:\Program Files\Bitdefender Agent
2017-02-26 18:33 - 2017-02-26 18:33 - 08459976 _____ C:\Users\jakeg\Downloads\bitdefender_online.exe
2017-02-26 18:33 - 2017-02-26 18:33 - 00047225 _____ C:\ProgramData\agent.1488152019.bdinstall.bin
2017-02-26 18:33 - 2017-02-26 18:33 - 00000000 ____D C:\ProgramData\Bitdefender Agent
2017-02-26 18:33 - 2017-02-26 18:33 - 00000000 ____D C:\ProgramData\BDLogging
2017-02-26 18:15 - 2017-02-26 18:15 - 00000000 ____D C:\Users\jakeg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AnonymizerGadget
2017-02-26 18:15 - 2017-02-26 18:15 - 00000000 ____D C:\Users\jakeg\AppData\Local\AnonymizerLauncher
2017-02-26 18:15 - 2017-02-26 18:15 - 00000000 ____D C:\Users\jakeg\.proxycheck
2017-02-26 18:15 - 2017-02-26 18:15 - 00000000 ____D C:\Users\jakeg\.AnonymizerLauncher
2017-02-26 18:14 - 2017-02-28 04:06 - 00000000 ____D C:\Users\jakeg\AppData\Local\AppTrailers
2017-02-26 18:13 - 2017-02-26 18:13 - 00016828 _____ C:\WINDOWS\System32\Tasks\76f3774w1994G186
2017-02-26 18:13 - 2017-02-26 18:13 - 00002048 _____ C:\Users\jakeg\AppData\Local\uninstallro.exe
2017-02-26 18:13 - 2017-02-26 18:13 - 00000000 ___HD C:\ProgramData\76f3774w1994G186
2017-02-26 18:13 - 2017-02-26 18:13 - 00000000 ____D C:\Users\jakeg\AppData\Roaming\InstantSupport
2017-02-26 18:12 - 2017-03-01 05:10 - 00000000 ____D C:\ProgramData\vCore
2017-02-26 18:12 - 2017-02-26 18:13 - 00000000 ____D C:\Program Files (x86)\PreparedFolder
2017-02-26 17:59 - 2017-02-26 18:00 - 09742576 _____ C:\Users\jakeg\Downloads\PlayClubVR_0.9.6.zip
2017-02-26 01:22 - 2017-02-26 01:22 - 00000000 ____D C:\Users\jakeg\AppData\LocalLow\KeithKurby
2017-02-25 23:44 - 2017-02-25 23:44 - 00000000 ____D C:\Users\jakeg\AppData\Local\EverestVR
2017-02-25 23:42 - 2017-02-25 23:42 - 00000000 ____D C:\Users\jakeg\AppData\LocalLow\HTC
2017-02-25 23:42 - 2017-02-25 23:42 - 00000000 ____D C:\ProgramData\boost_interprocess
2017-02-25 22:39 - 2017-02-25 22:39 - 00000000 ____D C:\Users\jakeg\AppData\Local\Lift
2017-02-25 22:12 - 2017-02-25 22:12 - 00000000 ____D C:\Users\jakeg\AppData\Local\TouchNUX
2017-02-25 22:11 - 2017-02-25 22:11 - 00000000 ____D C:\Users\jakeg\AppData\Local\Dreamdeck
2017-02-25 22:10 - 2017-02-25 22:11 - 00000000 ____D C:\Users\jakeg\AppData\Roaming\Revive
2017-02-25 22:10 - 2017-02-25 22:10 - 00000000 ____D C:\Users\jakeg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Revive
2017-02-25 22:06 - 2017-02-25 22:06 - 00000000 ____D C:\Users\jakeg\AppData\Roaming\OculusClient
2017-02-25 22:05 - 2017-02-25 22:06 - 00000000 ____D C:\Users\jakeg\AppData\Roaming\Oculus
2017-02-25 22:05 - 2017-02-25 22:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Oculus
2017-02-25 22:01 - 2017-02-25 22:01 - 00000020 ___SH C:\Users\OVRLibraryService\ntuser.ini
2017-02-25 22:01 - 2017-02-25 22:01 - 00000000 _SHDL C:\Users\OVRLibraryService\My Documents
2017-02-25 22:01 - 2017-02-25 22:01 - 00000000 _SHDL C:\Users\OVRLibraryService\Documents\My Videos
2017-02-25 22:01 - 2017-02-25 22:01 - 00000000 _SHDL C:\Users\OVRLibraryService\Documents\My Pictures
2017-02-25 22:01 - 2017-02-25 22:01 - 00000000 _SHDL C:\Users\OVRLibraryService\Documents\My Music
2017-02-25 22:01 - 2017-02-25 22:01 - 00000000 ____D C:\Users\OVRLibraryService
2017-02-25 22:00 - 2017-02-28 23:11 - 00000000 ____D C:\Program Files\Oculus
2017-02-25 21:31 - 2017-02-25 21:31 - 49549402 _____ C:\Users\jakeg\Downloads\ReviveInstaller.exe
2017-02-25 21:30 - 2017-03-10 04:47 - 00000000 ____D C:\Users\jakeg\AppData\Local\Oculus
2017-02-25 21:30 - 2017-02-25 21:30 - 03567912 _____ (Oculus VR, LLC) C:\Users\jakeg\Downloads\OculusSetup.exe
2017-02-25 21:27 - 2017-02-09 17:39 - 00134592 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvStreaming.exe
2017-02-25 21:22 - 2017-02-25 21:22 - 00000000 ____D C:\WINDOWS\LastGood.Tmp
2017-02-25 21:18 - 2017-02-09 21:33 - 40192056 _____ C:\WINDOWS\system32\nvcompiler.dll
2017-02-25 21:18 - 2017-02-09 21:33 - 35272760 _____ C:\WINDOWS\SysWOW64\nvcompiler.dll
2017-02-25 21:18 - 2017-02-09 21:33 - 34979384 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2017-02-25 21:18 - 2017-02-09 21:33 - 19007016 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2017-02-25 21:18 - 2017-02-09 21:33 - 14674896 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2017-02-25 21:18 - 2017-02-09 21:33 - 11122728 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2017-02-25 21:18 - 2017-02-09 21:33 - 11019704 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvptxJitCompiler.dll
2017-02-25 21:18 - 2017-02-09 21:33 - 09305984 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2017-02-25 21:18 - 2017-02-09 21:33 - 08990072 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll
2017-02-25 21:18 - 2017-02-09 21:33 - 03168192 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2017-02-25 21:18 - 2017-02-09 21:33 - 02717752 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2017-02-25 21:18 - 2017-02-09 21:33 - 01983424 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6437866.dll
2017-02-25 21:18 - 2017-02-09 21:33 - 01589696 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6437866.dll
2017-02-25 21:18 - 2017-02-09 21:33 - 01052096 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2017-02-25 21:18 - 2017-02-09 21:33 - 00959424 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2017-02-25 21:18 - 2017-02-09 21:33 - 00946456 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFTH264.dll
2017-02-25 21:18 - 2017-02-09 21:33 - 00944224 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFThevc.dll
2017-02-25 21:18 - 2017-02-09 21:33 - 00910784 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2017-02-25 21:18 - 2017-02-09 21:33 - 00721952 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFTH264.dll
2017-02-25 21:18 - 2017-02-09 21:33 - 00719856 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFThevc.dll
2017-02-25 21:18 - 2017-02-09 21:33 - 00687224 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvfatbinaryLoader.dll
2017-02-25 21:18 - 2017-02-09 21:33 - 00618416 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmcumd.dll
2017-02-25 21:18 - 2017-02-09 21:33 - 00609728 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2017-02-25 21:18 - 2017-02-09 21:33 - 00605120 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvDecMFTMjpeg.dll
2017-02-25 21:18 - 2017-02-09 21:33 - 00576192 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll
2017-02-25 21:18 - 2017-02-09 21:33 - 00573448 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2017-02-25 21:18 - 2017-02-09 21:33 - 00499136 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2017-02-25 21:18 - 2017-02-09 21:33 - 00483384 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvDecMFTMjpeg.dll
2017-02-25 21:18 - 2017-02-09 21:33 - 00447984 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2017-02-25 21:09 - 2017-02-25 21:09 - 00000030 _____ C:\Users\jakeg\AppData\Roaming\alsoft.ini
2017-02-25 21:07 - 2017-02-25 21:07 - 02277272 _____ C:\Users\jakeg\Downloads\vivecraft-1.11.2-jrbudda-7r1-installer.exe
2017-02-25 20:19 - 2017-02-25 20:19 - 00000000 ____D C:\Users\jakeg\AppData\LocalLow\Acceleroto
2017-02-25 19:37 - 2017-03-05 00:32 - 00000000 ____D C:\Users\jakeg\AppData\LocalLow\DefaultCompany
2017-02-25 19:05 - 2017-02-25 19:05 - 00000000 ____D C:\Users\jakeg\AppData\Roaming\Whirligig
2017-02-25 19:05 - 2017-02-25 19:05 - 00000000 ____D C:\Users\jakeg\AppData\LocalLow\phileday
2017-02-25 17:57 - 2017-02-25 17:57 - 00000000 ____D C:\Users\jakeg\AppData\LocalLow\Cloudhead Games LTD
2017-02-25 17:43 - 2017-02-25 17:43 - 00000000 ____D C:\Users\jakeg\AppData\Local\Google
2017-02-25 17:43 - 2017-02-25 17:43 - 00000000 ____D C:\ProgramData\Google
2017-02-25 16:19 - 2017-02-25 16:19 - 00000000 ____D C:\Users\jakeg\Documents\Rec Room
2017-02-25 16:05 - 2017-02-25 16:05 - 00000000 ____D C:\Users\jakeg\AppData\LocalLow\AgainstGravity
2017-02-25 16:01 - 2017-02-25 16:01 - 00000000 ____D C:\Users\jakeg\AppData\LocalLow\RUST LTD
2017-02-25 15:45 - 2017-02-28 04:15 - 00000000 ____D C:\Users\jakeg\AppData\LocalLow\Valve
2017-02-25 15:20 - 2017-02-25 15:20 - 00000000 ____D C:\Users\jakeg\AppData\Local\VRFunhouse
2017-02-25 15:13 - 2017-02-25 15:13 - 00000000 ____D C:\Users\jakeg\AppData\LocalLow\Bigscreen, Inc_
2017-02-25 15:13 - 2017-02-25 15:13 - 00000000 ____D C:\Users\jakeg\AppData\Local\Crashpad
2017-02-25 15:13 - 2017-02-25 15:13 - 00000000 ____D C:\Users\jakeg\AppData\Local\Bigscreen
2017-02-25 14:27 - 2017-02-25 17:30 - 00000000 ____D C:\Users\jakeg\AppData\Local\ViveDashboard
2017-02-25 14:27 - 2017-02-25 14:27 - 00000000 ____D C:\Users\jakeg\AppData\Roaming\HTC
2017-02-25 11:30 - 2017-02-25 11:30 - 05652480 _____ C:\Users\jakeg\Downloads\Tilt_Brush_v9_0_VR.iso
2017-02-25 11:30 - 2017-02-25 11:30 - 05652480 _____ C:\Users\jakeg\Downloads\Tilt_Brush_v9_0_VR(1).iso
2017-02-24 06:57 - 2017-03-10 04:49 - 00000000 ____D C:\Users\jakeg\AppData\Local\HTC_Neo
2017-02-24 06:40 - 2017-03-01 00:14 - 00000000 ____D C:\Users\jakeg\Desktop\VR
2017-02-24 06:33 - 2017-02-24 06:33 - 00000000 ____D C:\Program Files\Common Files\HTC
2017-02-24 06:33 - 2016-09-24 17:24 - 00108608 _____ (Dokan Project) C:\WINDOWS\system32\Drivers\dokan1.sys
2017-02-24 06:10 - 2017-02-24 06:56 - 00000000 ____D C:\Users\jakeg\AppData\Local\HTC
2017-02-24 06:10 - 2017-02-24 06:33 - 00000000 ____D C:\ProgramData\HTC
2017-02-24 06:10 - 2017-02-24 06:10 - 00000000 ____D C:\Program Files\HTC Account
2017-02-24 06:09 - 2017-03-07 04:44 - 00066184 _____ (Broadcom Corporation.) C:\WINDOWS\system32\Drivers\btwusb.sys
2017-02-24 06:09 - 2017-02-24 06:09 - 00122112 _____ (Broadcom Corporation.) C:\WINDOWS\system32\btw_ci.dll
2017-02-24 06:09 - 2017-02-24 06:09 - 00109252 _____ C:\WINDOWS\system32\Drivers\BCM20703A1_001.001.005.0214.0481.hex
2017-02-24 06:09 - 2017-02-24 06:09 - 00073984 _____ (Broadcom Corporation.) C:\WINDOWS\system32\Drivers\btwsecfl.sys
2017-02-24 06:07 - 2017-03-02 00:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VIVE Software
2017-02-24 06:07 - 2017-02-24 06:52 - 00000000 ____D C:\Program Files (x86)\ViveSetup
2017-02-24 06:06 - 2017-02-24 06:06 - 00000000 ____D C:\Users\jakeg\AppData\Local\VIVE_Setup
2017-02-24 05:59 - 2017-02-24 06:02 - 64443232 _____ (HTC Corp.) C:\Users\jakeg\Downloads\ViveSetup.exe
2017-02-24 05:32 - 2017-02-24 05:32 - 00001251 _____ C:\Users\Public\Desktop\ROCCAT Power-Grid.lnk
2017-02-24 05:32 - 2017-02-24 05:32 - 00000000 ____D C:\Users\jakeg\Documents\ROCCAT
2017-02-24 05:32 - 2017-02-24 05:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ROCCAT
2017-02-24 05:31 - 2017-02-24 05:31 - 00000000 ____D C:\Program Files (x86)\ROCCAT
2017-02-24 05:29 - 2017-02-24 05:30 - 40787128 _____ (ROCCAT GmbH ) C:\Users\jakeg\Downloads\ROCCAT_Power_Grid_setup-0461.exe
2017-02-19 17:24 - 2017-03-04 00:21 - 00000000 ____D C:\Users\jakeg\AppData\Roaming\vlc
2017-02-19 17:23 - 2017-02-19 17:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2017-02-19 17:23 - 2017-02-19 17:23 - 00000000 ____D C:\Program Files (x86)\VideoLAN
2017-02-19 17:21 - 2017-02-19 17:21 - 30533688 _____ C:\Users\jakeg\Downloads\vlc-2.2.4-win32.exe
2017-02-19 06:04 - 2017-02-19 06:04 - 00000000 ____D C:\Users\jakeg\AppData\Local\Kona
2017-02-16 17:00 - 2017-02-16 17:00 - 00000545 _____ C:\Users\Public\Desktop\Fallout 4.lnk
2017-02-16 05:42 - 2017-02-16 05:59 - 00000000 ____D C:\Users\jakeg\Documents\Lords of the Fallen
2017-02-16 00:24 - 2017-02-16 00:24 - 00000000 ____D C:\Users\jakeg\AppData\LocalLow\SUPERHOT_Team
2017-02-16 00:24 - 2017-02-16 00:24 - 00000000 ____D C:\Users\jakeg\AppData\Local\SUPERHOT_Sp_z_o.o
2017-02-15 23:54 - 2017-02-15 23:54 - 00367750 _____ C:\Users\jakeg\Downloads\8D093136AC0D2183A850FC9D2AA69A3349D74739.torrent
2017-02-15 23:13 - 2017-02-15 23:14 - 14710036 _____ C:\Users\jakeg\Downloads\Star_Wars_Battlefront_Graphic_Mod__Without_Movie_Border_.rar
2017-02-14 18:58 - 2017-02-15 23:17 - 00000000 ____D C:\Users\jakeg\Documents\STAR WARS Battlefront
2017-02-14 18:42 - 2017-02-14 18:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\STAR WARS Battlefront
2017-02-14 17:41 - 2017-02-14 17:41 - 00000000 ____D C:\Users\jakeg\AppData\LocalLow\Unknown Worlds
2017-02-13 20:46 - 2017-02-13 20:46 - 00001098 _____ C:\Users\jakeg\Downloads\MagicLauncher_1.3.4.exe - Shortcut (2).lnk
2017-02-13 20:45 - 2017-02-13 20:45 - 00397996 _____ (hxxp://magiclauncher.com) C:\Users\jakeg\Downloads\MagicLauncher_1.3.4.exe
2017-02-13 20:23 - 2017-02-13 20:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dovetail Games - Flight
2017-02-13 18:59 - 2017-03-04 22:54 - 00000000 ____D C:\Users\jakeg\Documents\American Truck Simulator
2017-02-12 18:58 - 2017-02-12 18:58 - 00003483 _____ C:\Users\jakeg\AppData\Local\recently-used.xbel
2017-02-11 23:58 - 2017-02-11 23:58 - 00692743 _____ C:\Users\jakeg\Downloads\1224_desktop.rar
2017-02-10 19:12 - 2017-02-10 19:12 - 00000000 ____D C:\Users\jakeg\Desktop\MSCeditor1.02
2017-02-09 15:19 - 2017-02-09 15:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Sims 3 Complete Collection

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-03-10 05:18 - 2016-02-18 19:30 - 00000000 ____D C:\Users\jakeg\AppData\Local\CrashDumps
2017-03-10 05:12 - 2016-08-05 19:54 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2017-03-10 05:00 - 2016-02-17 22:16 - 00000000 ____D C:\Program Files (x86)\Steam
2017-03-10 04:56 - 2016-11-20 23:08 - 00000000 ____D C:\Users\jakeg\Desktop\Everything
2017-03-10 04:56 - 2016-07-16 06:47 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-03-10 04:54 - 2016-08-10 02:56 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-03-10 04:54 - 2016-08-05 19:56 - 00000000 ____D C:\ProgramData\NVIDIA
2017-03-10 04:53 - 2016-07-16 06:47 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2017-03-10 04:51 - 2017-01-28 04:08 - 00003204 _____ C:\WINDOWS\System32\Tasks\FRAPS
2017-03-10 04:51 - 2017-01-28 04:07 - 00000000 ____D C:\Fraps
2017-03-10 04:51 - 2016-08-26 14:43 - 00000000 ____D C:\Program Files (x86)\MSI Afterburner
2017-03-10 04:48 - 2016-02-17 16:41 - 00000000 ___RD C:\Users\jakeg\OneDrive
2017-03-10 04:46 - 2016-08-05 20:00 - 00000000 ____D C:\Users\jakeg
2017-03-09 04:36 - 2016-08-10 02:56 - 00003142 _____ C:\WINDOWS\System32\Tasks\MSIAfterburner
2017-03-09 01:15 - 2016-02-20 19:27 - 00000000 ____D C:\Users\jakeg\AppData\Roaming\.minecraft
2017-03-09 01:00 - 2016-11-20 13:35 - 00000000 ____D C:\Users\jakeg\AppData\LocalLow\Mozilla
2017-03-09 00:42 - 2016-07-16 06:47 - 00000000 ___HD C:\Program Files\WindowsApps
2017-03-08 05:25 - 2016-07-12 03:33 - 00000000 ____D C:\Users\jakeg\AppData\Local\Frontier_Developments
2017-03-08 05:01 - 2016-06-24 21:30 - 00000000 ____D C:\Users\jakeg\Documents\BeamNG.drive
2017-03-07 19:24 - 2016-02-18 12:07 - 00000000 ____D C:\Users\jakeg\Documents\my games
2017-03-07 19:05 - 2016-07-16 06:47 - 00000000 ____D C:\WINDOWS\Registration
2017-03-07 19:01 - 2016-10-29 03:53 - 00000000 ____D C:\WINDOWS\Minidump
2017-03-07 19:00 - 2016-06-29 17:20 - 913346354 _____ C:\WINDOWS\MEMORY.DMP
2017-03-07 06:16 - 2016-01-27 08:57 - 00000000 ____D C:\ProgramData\Package Cache
2017-03-07 04:44 - 2016-07-16 06:45 - 00000000 ____D C:\WINDOWS\INF
2017-03-06 04:22 - 2015-07-20 12:07 - 01836844 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-03-05 18:22 - 2016-07-16 01:04 - 01572864 _____ C:\WINDOWS\system32\config\BBI
2017-03-05 00:29 - 2016-11-12 00:43 - 00466456 _____ (Creative Labs) C:\WINDOWS\system32\wrap_oal.dll
2017-03-05 00:29 - 2016-11-12 00:43 - 00444952 _____ (Creative Labs) C:\WINDOWS\SysWOW64\wrap_oal.dll
2017-03-05 00:29 - 2016-11-12 00:43 - 00122904 _____ (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\WINDOWS\system32\OpenAL32.dll
2017-03-05 00:29 - 2016-11-12 00:43 - 00109080 _____ (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\WINDOWS\SysWOW64\OpenAL32.dll
2017-03-04 18:58 - 2016-03-02 12:28 - 00000000 ____D C:\Users\jakeg\AppData\Local\UnrealEngine
2017-03-04 03:55 - 2016-02-17 23:14 - 00000000 ____D C:\Users\jakeg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2017-03-01 05:16 - 2016-11-13 02:11 - 00000000 ____D C:\Users\jakeg\AppData\LocalLow\uTorrent
2017-03-01 05:16 - 2016-02-21 17:37 - 00000000 ____D C:\Users\jakeg\AppData\Roaming\uTorrent
2017-03-01 00:16 - 2016-03-14 03:06 - 00000000 ____D C:\Program Files\Dolphin
2017-02-27 19:02 - 2016-12-13 05:07 - 00003290 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task v2
2017-02-27 19:01 - 2016-02-17 16:41 - 00002370 _____ C:\Users\jakeg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-02-26 19:31 - 2016-01-27 08:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2017-02-26 19:29 - 2016-08-05 19:53 - 00197720 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-02-26 18:12 - 2016-04-05 15:47 - 00000000 ____D C:\Users\jakeg\AppData\Local\Downloaded Installations
2017-02-26 04:50 - 2017-02-01 04:22 - 00000000 ____D C:\Users\jakeg\Documents\Project CARS
2017-02-25 21:57 - 2016-03-14 04:09 - 00000000 ____D C:\Users\jakeg\Documents\Dolphin Emulator
2017-02-25 21:31 - 2016-08-05 19:56 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2017-02-25 21:27 - 2016-03-07 22:32 - 00000000 ____D C:\Program Files (x86)\VulkanRT
2017-02-24 05:52 - 2016-01-27 08:55 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2017-02-24 05:50 - 2016-02-17 16:39 - 00000000 ____D C:\Users\jakeg\AppData\Local\Packages
2017-02-24 05:35 - 2016-03-29 18:16 - 00000000 ____D C:\Temp
2017-02-22 23:46 - 2016-07-16 06:36 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-02-22 23:46 - 2016-02-18 15:36 - 00000000 ____D C:\WINDOWS\system32\MRT
2017-02-22 23:43 - 2016-02-18 15:36 - 138020592 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-02-19 18:59 - 2016-04-22 15:52 - 00000000 ____D C:\Users\jakeg\AppData\Roaming\Warner Bros. Interactive Entertainment
2017-02-19 06:57 - 2016-03-14 03:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dolphin
2017-02-19 05:45 - 2016-02-26 07:22 - 00000000 ____D C:\Users\jakeg\AppData\Roaming\Origin
2017-02-19 05:45 - 2016-02-26 07:15 - 00000000 ____D C:\ProgramData\Origin
2017-02-16 20:20 - 2016-03-16 02:53 - 00000000 ____D C:\Users\jakeg\AppData\Local\Fallout4
2017-02-14 16:56 - 2016-02-26 07:14 - 00000000 ____D C:\Program Files (x86)\Origin
2017-02-13 20:54 - 2016-02-20 19:23 - 00000000 ____D C:\Program Files (x86)\Minecraft
2017-02-13 20:38 - 2016-03-11 01:23 - 00000000 ____D C:\Users\jakeg\AppData\Local\ElevatedDiagnostics
2017-02-12 18:58 - 2016-02-19 17:10 - 00000000 ____D C:\Users\jakeg\AppData\Local\gtk-2.0
2017-02-12 18:58 - 2016-02-19 17:08 - 00000000 ____D C:\Users\jakeg\.gimp-2.8
2017-02-12 17:50 - 2016-03-16 00:59 - 00000000 ____D C:\Users\jakeg\AppData\Roaming\SmartSteamEmu
2017-02-10 10:50 - 2017-01-29 05:13 - 00000000 ____D C:\Users\jakeg\AppData\Local\BlackDesertOnline
2017-02-10 00:29 - 2016-11-28 14:58 - 00000000 ____D C:\BethINI
2017-02-09 21:33 - 2017-01-26 00:19 - 28242488 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2017-02-09 21:33 - 2017-01-26 00:19 - 00991288 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2017-02-09 21:33 - 2016-11-28 14:44 - 00043556 _____ C:\WINDOWS\system32\nvinfo.pb
2017-02-09 21:33 - 2016-06-28 02:33 - 04078008 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2017-02-09 21:33 - 2016-06-28 02:33 - 03597128 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2017-02-09 18:13 - 2016-10-13 16:31 - 00001951 _____ C:\WINDOWS\NvContainerRecovery.bat
2017-02-09 17:57 - 2016-08-05 19:56 - 07791217 _____ C:\WINDOWS\system32\nvcoproc.bin
2017-02-09 17:57 - 2016-08-05 19:56 - 06403640 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2017-02-09 17:57 - 2016-08-05 19:56 - 02477504 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2017-02-09 17:57 - 2016-08-05 19:56 - 01764408 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2017-02-09 17:57 - 2016-08-05 19:56 - 00548288 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2017-02-09 17:57 - 2016-08-05 19:56 - 00393784 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2017-02-09 17:57 - 2016-08-05 19:56 - 00083512 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2017-02-09 17:57 - 2016-08-05 19:56 - 00071224 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2017-02-09 11:32 - 2016-07-16 06:47 - 00000000 ____D C:\WINDOWS\system32\NDF
2017-02-08 13:42 - 2016-12-15 15:05 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-02-08 13:42 - 2016-02-18 01:39 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service

==================== Files in the root of some directories =======

2017-02-25 21:09 - 2017-02-25 21:09 - 0000030 _____ () C:\Users\jakeg\AppData\Roaming\alsoft.ini
2017-02-12 18:58 - 2017-02-12 18:58 - 0003483 _____ () C:\Users\jakeg\AppData\Local\recently-used.xbel
2016-02-19 01:34 - 2017-01-19 22:55 - 0007609 _____ () C:\Users\jakeg\AppData\Local\resmon.resmoncfg
2017-02-26 18:13 - 2017-02-26 18:13 - 0002048 _____ () C:\Users\jakeg\AppData\Local\uninstallro.exe
2017-02-26 18:33 - 2017-02-26 18:33 - 0047225 _____ () C:\ProgramData\agent.1488152019.bdinstall.bin
2017-02-27 05:43 - 2017-02-27 05:43 - 0028751 _____ () C:\ProgramData\agent.1488192165.bdinstall.bin
2016-08-05 19:55 - 2016-08-05 19:55 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2016-12-29 17:44 - 2017-01-25 23:53 - 0016772 _____ () C:\ProgramData\NvTelemetryContainer.log
2016-12-29 17:44 - 2017-01-18 14:36 - 0004188 _____ () C:\ProgramData\NvTelemetryContainer.log_backup1

Files to move or delete:
====================
C:\Users\jakeg\Superior Installer.exe


Some files in TEMP:
====================
2017-03-01 05:10 - 2017-03-01 05:10 - 2037434 _____ ( ) C:\Users\jakeg\AppData\Local\Temp\4f3d4284-fe67-11e6-9c4f-408d5c74bb85.exe
2017-01-30 04:30 - 2017-01-30 04:30 - 0000512 _____ () C:\Users\jakeg\AppData\Local\Temp\6699d3ee8dd9cf775caae782c8f44f03.dll
2016-08-21 17:24 - 2016-08-21 17:24 - 1138176 _____ () C:\Users\jakeg\AppData\Local\Temp\AMDCleanupUtility.exe
2017-02-26 18:13 - 2017-02-26 18:13 - 0889024 _____ () C:\Users\jakeg\AppData\Local\Temp\AnonymizerGadgetSetup.1.000.1680.exe
2017-02-26 18:12 - 2017-02-26 18:13 - 29136048 _____ (AppTrailers) C:\Users\jakeg\AppData\Local\Temp\AppTrailers.9.1.10amt.exe
2017-01-30 04:31 - 2017-01-30 04:31 - 0000069 _____ () C:\Users\jakeg\AppData\Local\Temp\cfc6e1877a0eccbf5f7c8d5a2a656bff.dll
2016-08-21 17:24 - 2016-08-21 17:24 - 0232960 _____ () C:\Users\jakeg\AppData\Local\Temp\Cleanup.dll
2017-02-25 11:31 - 2017-02-25 11:31 - 0065535 _____ () C:\Users\jakeg\AppData\Local\Temp\component.exe
2016-08-21 17:24 - 2016-08-21 17:24 - 0065536 _____ (Windows (R) Server 2003 DDK provider) C:\Users\jakeg\AppData\Local\Temp\ddu.exe
2016-08-21 17:24 - 2016-08-21 17:24 - 0414152 _____ (Microsoft Corporation) C:\Users\jakeg\AppData\Local\Temp\difxapi.dll
2016-10-19 13:16 - 2016-10-19 13:16 - 0204800 _____ (Sony DADC Austria AG) C:\Users\jakeg\AppData\Local\Temp\drm_dyndata_7380012.dll
2016-12-01 22:49 - 2017-01-21 03:27 - 0204800 _____ (Sony DADC Austria AG) C:\Users\jakeg\AppData\Local\Temp\drm_dyndata_7380014.dll
2017-02-26 18:15 - 2017-02-26 18:15 - 0294912 _____ () C:\Users\jakeg\AppData\Local\Temp\gC84D.tmp.exe
2017-02-26 18:15 - 2017-02-26 18:15 - 0191488 _____ () C:\Users\jakeg\AppData\Local\Temp\gC928.tmp.exe
2017-02-26 18:12 - 2017-02-26 18:12 - 0387036 _____ ( ) C:\Users\jakeg\AppData\Local\Temp\global_installer.exe
2017-02-26 18:12 - 2017-02-26 18:12 - 2387665 _____ () C:\Users\jakeg\AppData\Local\Temp\Install.exe
2017-02-26 18:12 - 2017-02-26 18:12 - 0098384 _____ (Installer Technology © 2015) C:\Users\jakeg\AppData\Local\Temp\installer.exe
2017-01-28 03:48 - 2017-01-28 03:48 - 0549376 _____ () C:\Users\jakeg\AppData\Local\Temp\is-JVNML.tmpsetup.exe
2016-08-21 17:24 - 2016-08-21 17:24 - 0516096 _____ (Microsoft Corporation) C:\Users\jakeg\AppData\Local\Temp\msvcm80.dll
2016-08-21 17:24 - 2016-08-21 17:24 - 1061376 _____ (Microsoft Corporation) C:\Users\jakeg\AppData\Local\Temp\msvcp80.dll
2016-08-21 17:24 - 2016-08-21 17:24 - 0796672 _____ (Microsoft Corporation) C:\Users\jakeg\AppData\Local\Temp\msvcr80.dll
2017-02-26 18:12 - 2017-02-26 18:12 - 0380928 _____ (Oracle ) C:\Users\jakeg\AppData\Local\Temp\netstream.exe
2016-08-14 14:46 - 2016-08-14 14:46 - 6359496 _____ (Black Tree Gaming ) C:\Users\jakeg\AppData\Local\Temp\Nexus Mod Manager-0.61.23.exe
2016-10-31 05:43 - 2016-10-31 05:43 - 6449992 _____ (Black Tree Gaming ) C:\Users\jakeg\AppData\Local\Temp\Nexus Mod Manager-0.63.5.exe
2016-11-12 01:37 - 2016-11-12 01:38 - 6452312 _____ (Black Tree Gaming ) C:\Users\jakeg\AppData\Local\Temp\Nexus Mod Manager-0.63.7.exe
2016-11-17 23:37 - 2016-11-17 23:38 - 6453608 _____ (Black Tree Gaming ) C:\Users\jakeg\AppData\Local\Temp\Nexus Mod Manager-0.63.9.exe
2016-06-28 02:36 - 2017-01-20 09:07 - 0757240 _____ (NVIDIA Corporation) C:\Users\jakeg\AppData\Local\Temp\nvSCPAPI.dll
2016-06-28 02:36 - 2017-01-20 09:07 - 0872088 _____ (NVIDIA Corporation) C:\Users\jakeg\AppData\Local\Temp\nvSCPAPI64.dll
2017-01-26 00:22 - 2017-01-20 09:07 - 0390072 _____ (NVIDIA Corporation) C:\Users\jakeg\AppData\Local\Temp\nvStereoApiI.dll
2016-08-22 21:17 - 2017-01-20 09:07 - 0352704 _____ (NVIDIA Corporation) C:\Users\jakeg\AppData\Local\Temp\nvStInst.exe
2016-10-13 16:31 - 2016-11-17 08:45 - 1135552 _____ (NVIDIA Corporation) C:\Users\jakeg\AppData\Local\Temp\NvTelemetry.dll
2016-10-13 16:31 - 2016-12-12 18:36 - 0253376 _____ (NVIDIA Corporation) C:\Users\jakeg\AppData\Local\Temp\NvTelemetryAPI32.dll
2016-10-13 16:31 - 2016-12-12 18:36 - 0334272 _____ (NVIDIA Corporation) C:\Users\jakeg\AppData\Local\Temp\NvTelemetryAPI64.dll
2011-11-03 09:13 - 2011-11-03 09:13 - 1786688 _____ () C:\Users\jakeg\AppData\Local\Temp\sonarinst.exe
2017-02-26 18:12 - 2017-02-26 18:12 - 1199825 _____ () C:\Users\jakeg\AppData\Local\Temp\unins000.exe
2017-02-26 18:12 - 2017-02-26 18:12 - 1239469 _____ (VideoBox ) C:\Users\jakeg\AppData\Local\Temp\videobox.exe

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2017-03-10 05:12

==================== End of FRST.txt ============================
Jakegently
Active Member
 
Posts: 3
Joined: March 10th, 2017, 6:22 am
Advertisement
Register to Remove

Re: Firefox is hijacked, windows defender is disabled too

Unread postby Jakegently » March 10th, 2017, 6:48 am

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 08-03-2017
Ran by jakeg (10-03-2017 05:28:25)
Running from C:\Users\jakeg\Downloads
Windows 10 Home Version 1607 (X64) (2016-08-10 08:11:00)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-2362767239-1170048716-167344883-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2362767239-1170048716-167344883-503 - Limited - Disabled)
Guest (S-1-5-21-2362767239-1170048716-167344883-501 - Limited - Disabled)
jakeg (S-1-5-21-2362767239-1170048716-167344883-1002 - Administrator - Enabled) => C:\Users\jakeg

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Bitdefender Antivirus Free Antimalware (Enabled - Out of date) {3FB17364-4FCC-0FA7-6BBF-973897395371}
AS: Bitdefender Antivirus Free Antimalware (Enabled - Out of date) {84D09280-69F6-0029-510F-AC4AECBE19CC}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-2362767239-1170048716-167344883-1002\...\uTorrent) (Version: 3.4.5.41865 - BitTorrent Inc.)
3dSunshine (HKLM\...\Steam App 513760) (Version: - Vain Media LLC)
7-Zip 15.14 (x64) (HKLM\...\7-Zip) (Version: 15.14 - Igor Pavlov)
Acan's Call: Act 1 (HKLM\...\Steam App 501180) (Version: - Cyberith GmbH)
Accounting (HKLM\...\Steam App 518580) (Version: - Crows Crows Crows)
ACE COMBAT™ ASSAULT HORIZON Enhanced Edition (HKLM\...\Steam App 228400) (Version: - NAMCO)
Adobe Flash Player 22 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 22.0.0.192 - Adobe Systems Incorporated)
ADR1FT (HKLM\...\Steam App 300060) (Version: - THREE ONE ZERO)
AMD OverDrive Beta (HKLM-x32\...\{375B0ACB-49BA-463E-96D0-E95F994DF594}) (Version: 4.0.5.0534 - Advanced Micro Devices, Inc.)
Android SDK Tools (HKLM-x32\...\Android SDK Tools) (Version: 1.16 - Google Inc.)
Ansel (Version: 378.66 - NVIDIA Corporation) Hidden
Apple Application Support (32-bit) (HKLM-x32\...\{7FA9ECCF-A2DE-4DA1-BFF3-81260DBDA68F}) (Version: 4.1.2 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{691F30EB-9009-475A-B8A9-E1BF39598FD5}) (Version: 4.1.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{3540181E-340A-4E7A-B409-31663472B2F7}) (Version: 9.1.0.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{FFD1F7F1-1AC9-4BC4-A908-0686D635ABAF}) (Version: 2.1.4.131 - Apple Inc.)
ARK: Survival Evolved (HKLM\...\Steam App 346110) (Version: - Studio Wildcard)
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.11 Beta2 - Michael Tippach)
Assassin's Creed III (HKLM-x32\...\Uplay Install 54) (Version: - Ubisoft)
ASUS Product Register Program (HKLM-x32\...\{C87D79F6-F813-4812-B7A9-CCCAAB8B1188}) (Version: 1.0.026 - ASUSTek Computer Inc.)
Back to Dinosaur Island (HKLM\...\Steam App 412940) (Version: - Crytek)
Battleborn (HKLM\...\Steam App 394230) (Version: - Gearbox Software)
Battlefield 4™ (HKLM-x32\...\{ABADE36E-EC37-413B-8179-B432AD3FACE7}) (Version: 1.7.2.45672 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.3.0 - EA Digital Illusions CE AB)
BeamNG.drive (HKLM\...\Steam App 284160) (Version: - BeamNG)
Belko VR: An Escape Room Experiment (HKLM\...\Steam App 600140) (Version: - Top Right Corner)
Bigscreen Beta (HKLM\...\Steam App 457550) (Version: - Bigscreen, Inc.)
Bitdefender Agent (HKLM\...\Bitdefender Agent) (Version: 1.0.1 - Bitdefender)
Bitdefender Antivirus Free (HKLM\...\{1FCCF41D-5F00-4FE2-9653-162D0486C8B4}) (Version: 1.0.5.14 - Bitdefender)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Borderlands (HKLM\...\Steam App 8980) (Version: - Gearbox Software)
Borderlands 2 GOTY version 1.8.2.0 (HKLM-x32\...\Borderlands 2 GOTY_is1) (Version: 1.8.2.0 - Mr DJ)
Borderlands: The Pre-Sequel (HKLM\...\Steam App 261640) (Version: - 2K Australia)
Break Time! (HKLM\...\Steam App 578470) (Version: - Space Toast Games)
Broomball (HKLM\...\Steam App 504630) (Version: - Rushil Reddy)
Call of Duty - Advanced Warfare (HKLM-x32\...\Call of Duty - Advanced Warfare_R.G. Mechanics_is1) (Version: - R.G. Mechanics, markfiter)
Dead Rising 3 (HKLM\...\Steam App 265550) (Version: - Capcom Game Studio Vancouver)
Debloater (HKLM-x32\...\{2045C97A-8D9A-47E2-A76A-E6A69CB7030B}) (Version: 3.90 - Gatesjunior Developer)
DisplayFusion 7.3 (HKLM-x32\...\B076073A-5527-4f4f-B46B-B10692277DA2_is1) (Version: 7.3.0.0 - Binary Fortress Software)
Dokan Driver (x64) (Version: 1.1.0.2 - HTC Corp.) Hidden
Dolphin (HKLM-x32\...\Dolphin) (Version: 4.0.2 - Dolphin Development Team)
Dolphin VR (HKLM-x32\...\Dolphin VR) (Version: 5.0 - Dolphin VR Team)
DOOM (HKLM-x32\...\DOOM_is1) (Version: - )
Drunk or Dead (HKLM\...\Steam App 577290) (Version: - 4 I Lab)
Drunkn Bar Fight (HKLM\...\Steam App 528550) (Version: - The Munky)
Dual-Core Optimizer (HKLM-x32\...\{9FD6F1A8-5550-46AF-8509-271DF0E768B5}) (Version: 1.1.4.0169 - AMD)
Elite Dangerous (HKLM\...\Steam App 359320) (Version: - Frontier Developments)
Endless Night - Alpha (HKLM\...\Steam App 547750) (Version: - Yerawizard LLC)
ESN Sonar (HKLM-x32\...\ESN Sonar-0.70.4) (Version: 0.70.4 - ESN Social Software AB)
ET6 B15.0210.1 (HKLM-x32\...\InstallShield_{35D86AE6-EC16-4C56-8CE7-B85F0E5EFFA4}) (Version: 1.00.0000 - GIGABYTE)
ET6 B15.0210.1 (x32 Version: 1.00.0000 - GIGABYTE) Hidden
EZdrummer 2 64-bit (HKLM\...\{B9217824-0EBE-49C7-98A0-A76CC46BBB7D}) (Version: 2.0.0 - Toontrack)
EZdrummer 2 64-bit Update (HKLM\...\{11CC8964-9CB0-46E6-9218-CD39ED4A554D}) (Version: 2.0.1 - Toontrack)
EZdrummer 2 Demo 64-bit (HKLM\...\{6295E976-C840-452E-A176-68D10AEE8624}) (Version: 2.1.1 - Toontrack)
EZXDfh (HKLM-x32\...\{DB1299AF-9EE0-422B-959E-F4171B2AE0F7}) (Version: 1.0 - Toontrack)
EZXMetalHeads (HKLM-x32\...\{F4F365AB-BD66-4775-A36A-E3D8055873FD}) (Version: 1.0.0 - Toontrack)
EZXMetalMachine (HKLM-x32\...\{88A1D1DA-4327-4CAF-BA74-00D85D9353E8}) (Version: 1.0.0 - Toontrack)
EZXTwisted (HKLM-x32\...\{D1EBF11E-8CE3-4EF5-8E2D-FD5B8D6BD294}) (Version: 1.0 - Toontrack)
Fable Anniversary (HKLM\...\Steam App 288470) (Version: - Lionhead Studios)
Fable III (HKLM-x32\...\GFWL_{4D53090A-9B45-437B-A66A-831000008300}) (Version: 1.0.0000.131 - Microsoft Game Studios)
Fable III (x32 Version: 1.0.0000.131 - Microsoft Game Studios) Hidden
Fable III (x32 Version: 1.0.0001.131 - Microsoft Game Studios) Hidden
Fallout 4 (HKLM-x32\...\Fallout 4_is1) (Version: - )
Far Cry 3 Blood Dragon (HKLM-x32\...\Uplay Install 205) (Version: - Ubisoft)
FL Studio 11 (HKLM-x32\...\FL Studio 11) (Version: - Image-Line)
FlowStone FL 3.0 (HKLM-x32\...\FlowStone) (Version: - )
Fraps (HKLM-x32\...\Fraps) (Version: - )
Free MKV to MP4 Converter (HKU\S-1-5-21-2362767239-1170048716-167344883-1002\...\Free MKV to MP4 Converter) (Version: 1.0 - Conversion Helper)
Futuremark SystemInfo (HKLM-x32\...\{E540B871-3230-4C5B-AAD5-A30F64398275}) (Version: 4.48.599.0 - Futuremark)
Game Jolt Client version 0.3.3 (HKU\S-1-5-21-2362767239-1170048716-167344883-1002\...\game-jolt-client_is1) (Version: 0.3.3 - Lucen Web Creative, LLC)
GIMP 2.8.18 (HKLM\...\GIMP-2_is1) (Version: 2.8.18 - The GIMP Team)
Google Earth VR (HKLM\...\Steam App 348250) (Version: - Google)
GPUTweakStreaming (HKLM-x32\...\InstallShield_{D2A41AA7-4313-43D5-AA39-7E3FBBE0556D}) (Version: 1.0.3.5 - ASUS)
GPUTweakStreaming (x32 Version: 1.0.3.5 - ASUS) Hidden
Grand Theft Auto IV (HKLM\...\Steam App 12210) (Version: - Rockstar North)
Grand Theft Auto V (HKLM\...\Steam App 271590) (Version: - Rockstar North)
Grand Theft Auto V (HKLM-x32\...\{E01FA564-2094-4833-8F2F-1FFEC6AFCC46}) (Version: "1.00.0000" - Rockstar Games)
Guitar Pro 6 (HKLM-x32\...\{14A487F2-1259-4E6C-AE3C-3C888DDBCB60}_is1) (Version: - Arobas Music)
Hot Dogs, Horseshoes & Hand Grenades (HKLM\...\Steam App 450540) (Version: - RUST LTD.)
HTC Account (Version: 1.1.2.6 - HTC Corporation) Hidden
IL Download Manager (HKLM-x32\...\IL Download Manager) (Version: - Image-Line)
IL Shared Libraries (HKLM-x32\...\IL Shared Libraries) (Version: - Image-Line)
InMind VR (HKLM\...\Steam App 343740) (Version: - Luden.io)
Intel Security True Key (HKLM\...\TrueKey) (Version: 4.4.135.1 - Intel Security)
iTunes (HKLM\...\{FBEB98F8-64E4-4FA3-A15E-4A9F42FF962E}) (Version: 12.3.2.35 - Apple Inc.)
Java 8 Update 77 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418077F0}) (Version: 8.0.770.3 - Oracle Corporation)
Java 8 Update 77 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218077F0}) (Version: 8.0.770.3 - Oracle Corporation)
LAV Filters 0.62.0 (HKLM-x32\...\lavfilters_is1) (Version: 0.62.0 - Hendrik Leppkes)
Layers of Fear (HKLM-x32\...\Layers of Fear_is1) (Version: - )
Lego Harry Potter (HKLM\...\Steam App 21130) (Version: - TT Games)
LEGO Harry Potter: Years 5-7 (HKLM\...\Steam App 204120) (Version: - Traveller's Tales)
LEGO Marvel's Avengers (HKLM-x32\...\LEGO Marvel's Avengers_is1) (Version: - )
LEGO® Worlds (HKLM\...\Steam App 332310) (Version: - TT Games)
Life Is Strange™ (HKLM\...\Steam App 319630) (Version: - DONTNOD Entertainment)
LOOT version 0.8.1 (HKLM-x32\...\{BF634210-A0D4-443F-A657-0DCE38040374}_is1) (Version: 0.8.1 - LOOT Team)
Lords Of The Fallen (HKLM\...\Steam App 265300) (Version: - CI Games)
Metal Gear Solid V: TPP (HKLM-x32\...\Metal Gear Solid V: TPP_is1) (Version: - )
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{42AA4CA8-DCD8-4308-BCAB-0B6D75856A9D}) (Version: 3.5.95.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{67F42018-F647-4D3C-BE62-F8CB4FE2FCD5}) (Version: 3.5.67.0 - Microsoft Corporation)
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4693.1005 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2362767239-1170048716-167344883-1002\...\OneDriveSetup.exe) (Version: 17.3.6798.0207 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Middle-earth: Shadow of Mordor (HKLM\...\Steam App 241930) (Version: - Monolith Productions, Inc.)
Minecraft (HKLM-x32\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang)
MKV to MP4 Converter Express 3.0.1 (HKLM-x32\...\MKV to MP4 Converter Express) (Version: 3.0.1 - Motorola Video Converter Team)
Mozilla Firefox 51.0.1 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 51.0.1 (x86 en-US)) (Version: 51.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 51.0.1.6234 - Mozilla)
MSI Afterburner 4.2.0 (HKLM-x32\...\Afterburner) (Version: 4.2.0 - MSI Co., LTD)
My Summer Car (HKLM\...\Steam App 516750) (Version: - Amistech Games)
Nevrosa: Prelude (HKLM\...\Steam App 598070) (Version: - GexagonVR)
Nexus Mod Manager (HKLM\...\6af12c54-643b-4752-87d0-8335503010de_is1) (Version: 0.63.9 - Black Tree Gaming)
NVIDIA 3D Vision Controller Driver 369.04 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 369.04 - NVIDIA Corporation)
NVIDIA 3D Vision Driver 378.66 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 378.66 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.3.0.95 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.3.0.95 - NVIDIA Corporation)
NVIDIA Graphics Driver 378.66 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 378.66 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.34.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.21 - NVIDIA Corporation)
NVIDIA PhysX (HKLM-x32\...\{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}) (Version: 9.10.0513 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation)
NVIDIA® VR Funhouse (HKLM\...\Steam App 468700) (Version: - Lightspeed Studios™)
NvNodejs (Version: 3.3.0.95 - NVIDIA Corporation) Hidden
NvTelemetry (Version: 2.3.5.0 - NVIDIA Corporation) Hidden
NvvHci (Version: 2.02.0.5 - NVIDIA Corporation) Hidden
Oculus (HKLM\...\Oculus) (Version: <3 - Oculus VR, LLC)
Oculus Rift DK2 Sensor Driver (Version: 1.0.0.0 - Oculus VR, LLC) Hidden
Oculus Rift Monitor Driver (Version: 1.0.1.0 - Oculus VR, LLC) Hidden
Oculus Rift Sensor Driver (Version: 1.0.20.0 - Oculus VR, LLC) Hidden
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
OpenIV (HKU\S-1-5-21-2362767239-1170048716-167344883-1002\...\OpenIV) (Version: 2.8.703 - .black/OpenIV Team)
OpenVR Advanced Settings (HKLM-x32\...\OpenVRAdvancedSettings) (Version: - )
Organ Quarter Pre-Alpha Demo (HKLM\...\Steam App 544510) (Version: - Outer Brain Studios)
Origin (HKLM-x32\...\Origin) (Version: 10.4.3.15631 - Electronic Arts, Inc.)
Outlast (HKLM\...\Steam App 238320) (Version: - Red Barrels)
Pavlov VR (HKLM\...\Steam App 555160) (Version: - davevillz)
Planet Coaster (HKLM\...\Steam App 493340) (Version: - Frontier Developments)
PlaysTV (HKLM-x32\...\PlaysTV) (Version: 1.9.0-r111025-release - Plays.tv, LLC)
Portal (HKLM-x32\...\Steam App 400) (Version: - Valve)
Portal 2 (HKLM-x32\...\Steam App 620) (Version: - Valve)
Portal Stories: VR (HKLM\...\Steam App 446750) (Version: - Prism Studios)
Project CARS (HKLM\...\Steam App 234630) (Version: - Slightly Mad Studios)
RaceRoom Racing Experience (HKLM\...\Steam App 211500) (Version: - Sector3 Studios)
RaceRoom Racing Experience Launcher (HKLM-x32\...\{1FD9F07F-7BBF-4C91-B3F0-A23714A3A913}_is1) (Version: 1.0 - Sector3 Studios)
Raptr (HKLM-x32\...\Raptr) (Version: 5.1.0-r111062-release - Raptr, Inc)
Rapture3D 2.4.11 Game (HKLM-x32\...\{D2FCA41E-AC01-4DCD-B3A7-DC9E32363065}}_is1) (Version: - Blue Ripple Sound)
Rayman Origins (HKLM-x32\...\Uplay Install 80) (Version: - Ubisoft)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7543 - Realtek Semiconductor Corp.)
REAPER (x64) (HKLM\...\REAPER) (Version: - )
Rec Room (HKLM\...\Steam App 471710) (Version: - Against Gravity)
REOptimizer (HKU\S-1-5-21-2362767239-1170048716-167344883-1002\...\REOptimizer) (Version: - ) <==== ATTENTION
Resident Evil 7 Biohazard (HKLM-x32\...\{1ECBF8F3-7079-44CA-AD32-B2AECBCF636F}_is1) (Version: - Capcom)
ReValver HPSE x64 (HKLM\...\ReValver HPSE x64_is1) (Version: - )
Revive Dashboard (HKLM-x32\...\Revive) (Version: - )
ROCCAT Power-Grid version 0.461 (HKLM-x32\...\{953CF6E6-4EC8-4E55-A263-720CEBD591FE}_is1) (Version: 0.461 - ROCCAT GmbH)
Rocket League (HKLM\...\Steam App 252950) (Version: - Psyonix)
Rocksmith 2014 (HKLM-x32\...\Steam App 221680) (Version: - Ubisoft - San Francisco)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.2.1.0 - Rockstar Games)
RollerCoaster Tycoon 3: Platinum! (HKLM-x32\...\Steam App 2700) (Version: - Frontier)
Saints Row 2 (HKLM\...\Steam App 9480) (Version: - Volition)
SHIELD Streaming (Version: 7.1.0351 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 3.3.0.95 - NVIDIA Corporation) Hidden
SimplePlanes (HKLM\...\Steam App 397340) (Version: - Jundroo, LLC)
Space Engineers (HKLM\...\Steam App 244850) (Version: - Keen Software House)
Splash PRO (HKLM-x32\...\Mirillis Splash PRO) (Version: 1.13.2 - Mirillis)
SportsBar VR (HKLM\...\Steam App 269170) (Version: - Cherry Pop Games)
Spotify (HKU\S-1-5-21-2362767239-1170048716-167344883-1002\...\Spotify) (Version: 1.0.23.90.g42187855 - Spotify AB)
Star Wars - Rebellion (HKLM\...\{2d3cc3d0-a527-4e0f-8fb6-2abde2b0540e}.sdb) (Version: - )
Star Wars X-Wing vs. TIE Fighter (HKLM\...\{63bcc211-7260-461d-bcfe-15a2288825e4}.sdb) (Version: - )
STAR WARS™ Battlefront™ (HKLM-x32\...\{E402D891-4E45-4ce9-B41F-DD35864EF170}) (Version: 1.0.7.64833 - Electronic Arts)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
SteamVR (HKLM\...\Steam App 250820) (Version: - )
SteamVR Performance Test (HKLM\...\Steam App 323910) (Version: - Valve)
Subnautica (HKLM\...\Steam App 264710) (Version: - Unknown Worlds Entertainment)
SUPERHOT (HKLM\...\Steam App 322500) (Version: - SUPERHOT Team)
Superior Drummer Installer (HKLM-x32\...\{009AC76E-1A66-4682-82B7-417E77F3C648}) (Version: 2.2.1 - Toontrack)
SWU (HKLM\...\{67A9AF0B-8AF4-40C5-9772-661152DBECE1}) (Version: 2.0.0 - devnullnull2017)
The Crew (Worldwide) (HKLM-x32\...\Uplay Install 413) (Version: - Ubisoft)
The Cubicle. (HKLM\...\Steam App 452490) (Version: - Roel van Beek)
The Elder Scrolls V: Skyrim (HKLM\...\Steam App 72850) (Version: - Bethesda Game Studios)
The Elder Scrolls V: Skyrim Special Edition (HKLM\...\Steam App 489830) (Version: - Bethesda Game Studios)
The Forest (HKLM\...\Steam App 242760) (Version: - Endnight Games Ltd)
The Gallery - Episode 1: Call of the Starseed (HKLM\...\Steam App 270130) (Version: - Cloudhead Games ltd.)
The Lab (HKLM\...\Steam App 450390) (Version: - Valve)
The Sims 3 Complete Collection version 1.67.2 (HKLM-x32\...\The Sims 3 Complete Collection_is1) (Version: 1.67.2 - Mr DJ)
The Sims(TM) 3 (HKLM-x32\...\Steam App 47890) (Version: - The Sims Studio)
The Vanishing of Ethan Carter Redux (HKLM\...\Steam App 400430) (Version: - The Astronauts)
The Witcher 3: GotY Edition (HKLM-x32\...\The Witcher 3: GotY Edition_is1) (Version: - )
Titanfall™ (HKLM-x32\...\{347EE0C3-0690-48F6-A231-53853C2A80D6}) (Version: 1.0.10.1 - Electronic Arts)
TP-LINK TL-WN821N(C)_TL-WN822N_TL-WN823N Driver (HKLM-x32\...\{852E893E-E4FD-45BB-8B17-72ADDF686974}) (Version: 1.3.1 - TP-LINK)
Trials on Tatooine (HKLM\...\Steam App 381940) (Version: - ILMxLAB)
TuxGuitar (HKLM-x32\...\TuxGuitar 1.3.1) (Version: 1.3.1 - Name of your company)
Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)
UE4 Prerequisites (x64) (Version: 1.0.11.0 - Epic Games, Inc.) Hidden
UE4 Prerequisites (x64) (x32 Version: 1.0.13.0 - Epic Games, Inc.) Hidden
Ultimate Marvel vs. Capcom 3 (HKLM-x32\...\Ultimate Marvel vs. Capcom 3_is1) (Version: - )
Uplay (HKLM-x32\...\Uplay) (Version: 22.2 - Ubisoft)
Vive (x32 Version: 1.0.8889.1000 - HTC Corp.) Hidden
Vive Diagnosis (HKLM-x32\...\{3a2fbb45-ffeb-4ade-96e1-d1eea735e0f1}) (Version: 1.0.1.13 - HTC Corp.)
VIVE Software (HKLM-x32\...\VIVE Software) (Version: 1.0.1.108 - HTC)
ViveDiag (x32 Version: 1.0.1.13 - HTC Corp.) Hidden
ViveDriver (HKLM-x32\...\{8ff389b7-122a-494c-9d04-cb3165b8738d}) (Version: 1.1.0.8 - HTC Corp.)
ViveDummy (x32 Version: 0.9.0.4 - HTC) Hidden
VivePhoneServices (x32 Version: 1.1.0.4 - HTC Corp.) Hidden
Viveport DirectX 9.0 (HKLM-x32\...\{be57836a-f280-46c1-ac84-5292ef323e92}) (Version: 1.1.0.3 - HTC Corp.)
Viveport DirectX 9.0 (x86/x64) (x32 Version: 1.1.0.3 - HTC Corp.) Hidden
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.4 - VideoLAN)
Vulkan Run Time Libraries 1.0.11.1 (HKLM\...\VulkanRT1.0.11.1) (Version: 1.0.11.1 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.3.0 (HKLM\...\VulkanRT1.0.3.0) (Version: 1.0.3.0 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.3.1 (HKLM\...\VulkanRT1.0.3.1) (Version: 1.0.3.1 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.39.1 (HKLM\...\VulkanRT1.0.39.1) (Version: 1.0.39.1 - LunarG, Inc.)
Wake Up (HKLM\...\Steam App 499540) (Version: - Black Cell OG)
Waltz of the Wizard (HKLM\...\Steam App 436820) (Version: - Aldin Dynamics)
War Thunder (HKLM\...\Steam App 236390) (Version: - Gaijin Entertainment)
Warcraft DOS Colection Final (HKLM-x32\...\Warcraft DOS Colection Final) (Version: Final - Blizzard Entertainment)
Whirligig (HKLM\...\Steam App 451650) (Version: - Philip Day)
Yu-Gi-Oh! Legacy of the Duelist (HKLM-x32\...\Yu-Gi-Oh! Legacy of the Duelist_is1) (Version: - )
Zombie Training Simulator (HKLM\...\Steam App 446620) (Version: - Acceleroto, Inc.)
Zynewave Podium Free 3.2.1 (x64) (HKLM\...\{EFA46A5D-4ACD-4665-A074-1B7CF713A9BB}) (Version: 3.2.1 - Zynewave)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {00A4FEF1-8BA3-4AFF-A247-9D81ED07542B} - System32\Tasks\pcclient\viveportservice => Rundll32.exe "C:\ProgramData\76f3774w1994G186\76f3774w1994G186.dll",fwGVURDKs
Task: {0207C3CE-F376-4568-9494-C3CC177C26D9} - System32\Tasks\acan's call\acanscall => Rundll32.exe "C:\ProgramData\76f3774w1994G186\76f3774w1994G186.dll",fwGVURDKs
Task: {098E717B-D342-4608-8016-5113AD841253} - System32\Tasks\updater\progressdialog => Rundll32.exe "C:\ProgramData\76f3774w1994G186\76f3774w1994G186.dll",fwGVURDKs
Task: {1811D722-EDEA-4596-8937-47D47A6EEA58} - System32\Tasks\my summer car\mysummercar => Rundll32.exe "C:\ProgramData\76f3774w1994G186\76f3774w1994G186.dll",fwGVURDKs
Task: {1C7ACBB0-A27B-4277-931B-B89103EE0C73} - System32\Tasks\wakeup\wakeupproject\binaries\win64\wakeupproject-win64-shipping => Rundll32.exe "C:\ProgramData\76f3774w1994G186\76f3774w1994G186.dll",fwGVURDKs
Task: {1D1AB59F-25D3-44BA-B774-2A9F29CC9542} - System32\Tasks\{B4A3957B-F72D-4631-9143-F0F9F3857609} => pcalua.exe -a C:\Users\jakeg\AppData\Local\uninstallro.exe
Task: {2554C6C4-1559-49F0-B04B-4AD50A6F1E2E} - System32\Tasks\pcclient\web\apps\phone\vivephoneinit\vivephoneinit-exe => Rundll32.exe "C:\ProgramData\76f3774w1994G186\76f3774w1994G186.dll",fwGVURDKs
Task: {263ADEDC-FCDE-4BC6-A764-642F69CA79CC} - System32\Tasks\pcclient\cefsharp => Rundll32.exe "C:\ProgramData\76f3774w1994G186\76f3774w1994G186.dll",fwGVURDKs
Task: {269C89C9-77A5-43A1-BDD7-EA3BB9185865} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2017-01-20] (NVIDIA Corporation)
Task: {2937707F-E93D-4B8E-A201-B7559234ED4D} - System32\Tasks\FRAPS => C:\Fraps\fraps.exe [2015-09-05] (Beepa P/L)
Task: {29F5C9A9-6977-4B6C-8D5E-89B6A66E9A7B} - System32\Tasks\cef\cef => Rundll32.exe "C:\ProgramData\76f3774w1994G186\76f3774w1994G186.dll",fwGVURDKs
Task: {2CC45FB1-27BA-4304-B922-2E67D95D5246} - System32\Tasks\updater\updater => Rundll32.exe "C:\ProgramData\76f3774w1994G186\76f3774w1994G186.dll",fwGVURDKs
Task: {2DE34AAE-A1FD-4F03-9F81-BEDDC07329E3} - System32\Tasks\pcars\pcars64 => Rundll32.exe "C:\ProgramData\76f3774w1994G186\76f3774w1994G186.dll",fwGVURDKs
Task: {32DEDC4F-081B-48A4-A11A-34F7AA938E69} - System32\Tasks\cef\cef-win7\steamwebhelper-exe => Rundll32.exe "C:\ProgramData\76f3774w1994G186\76f3774w1994G186.dll",fwGVURDKs <==== ATTENTION
Task: {3367D102-D854-4C24-A097-ECE2DC3D2688} - System32\Tasks\76f3774w1994G186 => Rundll32.exe "C:\ProgramData\76f3774w1994G186\76f3774w1994G186.dll",fwGVURDKs <==== ATTENTION
Task: {35F03173-417F-40B0-A863-F73E9795048E} - System32\Tasks\war thunder\run => Rundll32.exe "C:\ProgramData\76f3774w1994G186\76f3774w1994G186.dll",fwGVURDKs
Task: {36308F9F-17CC-4348-8891-73731EF51378} - System32\Tasks\MSIOSDx64_Host => C:\Program Files (x86)\MSI\Gaming APP\OSD\x64\MsiGamingOSD_x64.exe
Task: {3A3442C1-E13E-4524-B79D-3B2EDDE56376} - System32\Tasks\{DB533BD0-39B8-435F-9E70-60621D79633D} => pcalua.exe -a "C:\Users\jakeg\Desktop\World at War\Setup\Data\CoDWaW.exe" -d "C:\Users\jakeg\Desktop\World at War\Setup\Data"
Task: {3BFBA0E9-F067-45D9-95CF-18BA26B624E8} - System32\Tasks\MSIOSDx86_Host => C:\Program Files (x86)\MSI\Gaming APP\OSD\x86\MsiGamingOSD_x86.exe
Task: {47B75AC8-6A39-42A5-9A2D-23BA328F56A2} - System32\Tasks\updater\app\btdriverupdater\autodriver => Rundll32.exe "C:\ProgramData\76f3774w1994G186\76f3774w1994G186.dll",fwGVURDKs
Task: {4EA53209-076A-4C5D-95EA-7AEF5FD96A53} - System32\Tasks\war thunder\win64\aces => Rundll32.exe "C:\ProgramData\76f3774w1994G186\76f3774w1994G186.dll",fwGVURDKs
Task: {4FDA44AA-2319-41C4-ACCA-43057D1CB6A1} - System32\Tasks\h3vr\h3vr => Rundll32.exe "C:\ProgramData\76f3774w1994G186\76f3774w1994G186.dll",fwGVURDKs
Task: {57DE71AC-A598-43E5-B8EB-2F61368263C9} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-01-20] (NVIDIA Corporation)
Task: {5965EF7B-6A5C-4D12-B9A5-62F965E90A3D} - System32\Tasks\war thunder\run-exe => Rundll32.exe "C:\ProgramData\76f3774w1994G186\76f3774w1994G186.dll",fwGVURDKs
Task: {5C5766F7-ACBA-4EF1-8BA4-06B3B7048B89} - System32\Tasks\runtime\jre-x64\1-8-0_25\bin\javaw => Rundll32.exe "C:\ProgramData\76f3774w1994G186\76f3774w1994G186.dll",fwGVURDKs
Task: {5DC5B0CA-FA7D-4862-84DE-2605A7D95727} - System32\Tasks\saints row 2\directx\dxsetup => Rundll32.exe "C:\ProgramData\76f3774w1994G186\76f3774w1994G186.dll",fwGVURDKs
Task: {65B8F933-6A7B-466F-BF24-E1E350545596} - System32\Tasks\h3vr\_commonredist\vcredist\2015\vc_redist-x86 => Rundll32.exe "C:\ProgramData\76f3774w1994G186\76f3774w1994G186.dll",fwGVURDKs
Task: {67B2B918-DA15-487E-A9DE-07FF6C8E02FC} - System32\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864 => C:\Program Files\Bitdefender Agent\WatchDog.exe [2016-10-21] (Bitdefender)
Task: {6ACA75B7-E822-46A7-9FC3-6BB749D627CE} - System32\Tasks\pcclient\htcvrmarketplaceusercontexthelper-exe => Rundll32.exe "C:\ProgramData\76f3774w1994G186\76f3774w1994G186.dll",fwGVURDKs
Task: {6B6C1B8C-E0A7-438F-9689-CEBF8AA477A0} - System32\Tasks\pcclient\cefsharp-browsersubprocess => Rundll32.exe "C:\ProgramData\76f3774w1994G186\76f3774w1994G186.dll",fwGVURDKs
Task: {6F17739B-16C3-4A76-96D7-69861BF8C2CA} - System32\Tasks\pcclient\web\apps\phone\nw => Rundll32.exe "C:\ProgramData\76f3774w1994G186\76f3774w1994G186.dll",fwGVURDKs
Task: {70159932-65EB-4200-A626-29C0F52491D3} - System32\Tasks\inmind\inmind => Rundll32.exe "C:\ProgramData\76f3774w1994G186\76f3774w1994G186.dll",fwGVURDKs
Task: {72C31135-EA7B-4193-BDAD-8FC426E70962} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-01-20] (NVIDIA Corporation)
Task: {7566D950-DEFB-41A8-90D3-061C1473E223} - System32\Tasks\pcclient\web\apps\phone\vivephoneinit\vivephoneinit => Rundll32.exe "C:\ProgramData\76f3774w1994G186\76f3774w1994G186.dll",fwGVURDKs
Task: {768D767C-2B3F-40D8-AD17-4041CC19542F} - System32\Tasks\pavlovvr\pavlov\binaries\win64\pavlov-win64-shipping => Rundll32.exe "C:\ProgramData\76f3774w1994G186\76f3774w1994G186.dll",fwGVURDKs
Task: {7889BB4B-BB83-4E45-A605-FD10B76C5BAE} - System32\Tasks\nevrosa prelude\nevrosa => Rundll32.exe "C:\ProgramData\76f3774w1994G186\76f3774w1994G186.dll",fwGVURDKs
Task: {800A44E2-A9EC-47B2-A0D9-6D8D439174C2} - System32\Tasks\pavlovvr\engine\extras\redist\en-us\ue4prereqsetup_x64 => Rundll32.exe "C:\ProgramData\76f3774w1994G186\76f3774w1994G186.dll",fwGVURDKs
Task: {80164837-69D1-4EDA-A3C7-919C7CFB95F2} - System32\Tasks\updater\app\dashboard\win32\qtwebengineprocess => Rundll32.exe "C:\ProgramData\76f3774w1994G186\76f3774w1994G186.dll",fwGVURDKs
Task: {814FED81-DBAB-4260-8C47-776BDFCE24E1} - System32\Tasks\9347a360-c6ea-4e35-aaf1-9fab4f41cb79\1487041090\richie's plank experience 1 => Rundll32.exe "C:\ProgramData\76f3774w1994G186\76f3774w1994G186.dll",fwGVURDKs
Task: {82F3F4D7-2604-40BB-9325-C1B2917DFA02} - System32\Tasks\ark\shootergame\binaries\win64\shootergame => Rundll32.exe "C:\ProgramData\76f3774w1994G186\76f3774w1994G186.dll",fwGVURDKs
Task: {870DCF9F-EF10-4586-A695-740C92237AF5} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-01-20] (NVIDIA Corporation)
Task: {8B67D67F-D03C-4479-86EC-5B1AC7376235} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2017-01-20] (NVIDIA Corporation)
Task: {90F365ED-A85B-4013-A1A9-EDBB787F6F79} - System32\Tasks\ASUS\ASUS Product Register Service => C:\Program Files (x86)\ASUS\APRP\aprp.exe [2014-03-25] (ASUSTek Computer Inc.)
Task: {917852A7-DC7B-4466-94CB-E13DB4366D44} - System32\Tasks\9347a360-c6ea-4e35-aaf1-9fab4f41cb79\1487041090\richie's plank experience 1-23\richiesplankexperience => Rundll32.exe "C:\ProgramData\76f3774w1994G186\76f3774w1994G186.dll",fwGVURDKs
Task: {92CA23C0-DAA5-4A19-832D-5C06339D4D41} - System32\Tasks\cef\cef-win7\steamwebhelper => Rundll32.exe "C:\ProgramData\76f3774w1994G186\76f3774w1994G186.dll",fwGVURDKs <==== ATTENTION
Task: {931A7F4D-DC30-41AF-AA20-15E419316C15} - System32\Tasks\Microsoft\Windows\Media Center\VCore => C:\\ProgramData\\vCore\\VCore.exe [2017-02-21] () <==== ATTENTION
Task: {94D43ED3-7C7C-4376-8AE9-052D71901A4E} - System32\Tasks\systemsettings => Rundll32.exe "C:\ProgramData\76f3774w1994G186\76f3774w1994G186.dll",fwGVURDKs
Task: {9CAE9A22-35BD-4DB6-AF1C-1BE6848A744F} - System32\Tasks\pcclient\vive => Rundll32.exe "C:\ProgramData\76f3774w1994G186\76f3774w1994G186.dll",fwGVURDKs
Task: {A1E56C38-3D29-4056-B575-F7FDE3393473} - System32\Tasks\the cubicle\the cubicle => Rundll32.exe "C:\ProgramData\76f3774w1994G186\76f3774w1994G186.dll",fwGVURDKs
Task: {A35E73A4-F39F-4426-A2EB-060543314DA5} - System32\Tasks\h3vr\h3vr-exe => Rundll32.exe "C:\ProgramData\76f3774w1994G186\76f3774w1994G186.dll",fwGVURDKs
Task: {A5BE3277-BFE5-44F1-B1F3-EC38361FB698} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-01-20] (NVIDIA Corporation)
Task: {A9E0D369-9A68-4666-8D7E-B7C40B077A78} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-01-20] (NVIDIA Corporation)
Task: {AA1AE9D1-7AA2-4C6A-B218-B53CD35F1BE4} - System32\Tasks\updater\app\home\win32\vivehome => Rundll32.exe "C:\ProgramData\76f3774w1994G186\76f3774w1994G186.dll",fwGVURDKs
Task: {AF56E8A1-6739-40F8-9092-C22FEBEE5083} - System32\Tasks\updater\app\biflush\biflush => Rundll32.exe "C:\ProgramData\76f3774w1994G186\76f3774w1994G186.dll",fwGVURDKs
Task: {B5DAC195-F358-4704-A066-EBBC046B79F6} - System32\Tasks\ark\shootergame\binaries\win64\shootergame_be => Rundll32.exe "C:\ProgramData\76f3774w1994G186\76f3774w1994G186.dll",fwGVURDKs
Task: {B8AE412A-FF8A-4B79-88F9-9CD6A913ED09} - System32\Tasks\MSISW_Host => C:\WINDOWS\SysWoW64\muachost.exe [2015-08-18] (MSI)
Task: {BBCDE45F-97E6-4EA2-9688-590C631FD914} - System32\Tasks\nvidia vr funhouse\engine\binaries\win64\ue4game-win64-shipping => Rundll32.exe "C:\ProgramData\76f3774w1994G186\76f3774w1994G186.dll",fwGVURDKs
Task: {C6360FF0-A8A1-40D8-B3E8-666896236C39} - System32\Tasks\updater\app\home\win32\7zip\7za => Rundll32.exe "C:\ProgramData\76f3774w1994G186\76f3774w1994G186.dll",fwGVURDKs
Task: {CF22E016-400D-4474-92F1-C1ABA9BB686C} - System32\Tasks\MSIAfterburner => C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe [2015-12-09] ()
Task: {D3AE44CF-1F68-40FA-96BB-968EA04B8B50} - System32\Tasks\pcclient\htcvrmarketplaceusercontexthelper => Rundll32.exe "C:\ProgramData\76f3774w1994G186\76f3774w1994G186.dll",fwGVURDKs
Task: {D91A57DE-067E-4BA4-A1E7-A77F4D1E556F} - System32\Tasks\76f3774w1994G186-dll => Rundll32.exe "C:\ProgramData\76f3774w1994G186\76f3774w1994G186.dll",fwGVURDKs
Task: {DEAB8513-1E93-45C7-BF40-BDA4386F466E} - System32\Tasks\broomball vr\broomball => Rundll32.exe "C:\ProgramData\76f3774w1994G186\76f3774w1994G186.dll",fwGVURDKs
Task: {E9E6BE8E-F873-4455-B526-F88BBE8197F3} - System32\Tasks\x64launcher => Rundll32.exe "C:\ProgramData\76f3774w1994G186\76f3774w1994G186.dll",fwGVURDKs
Task: {F2C5AD1E-095B-4E0E-8DF1-34B554F061F4} - System32\Tasks\war thunder\launcher => Rundll32.exe "C:\ProgramData\76f3774w1994G186\76f3774w1994G186.dll",fwGVURDKs
Task: {F3BC8CF2-2ADF-4D40-AE49-60FF19927F96} - System32\Tasks\minecraftlauncher => Rundll32.exe "C:\ProgramData\76f3774w1994G186\76f3774w1994G186.dll",fwGVURDKs
Task: {F6D51526-273F-4B60-909C-CFB1AF407EA7} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2017-02-22] (Microsoft Corporation)
Task: {F9D6B06B-5F25-480E-93A9-80B666FF1142} - System32\Tasks\steamvrperformancetest\bin\win64\vr => Rundll32.exe "C:\ProgramData\76f3774w1994G186\76f3774w1994G186.dll",fwGVURDKs <==== ATTENTION
Task: {FAB4D2D8-428E-41EE-91E5-F866EC872772} - System32\Tasks\break time!\breaktimevr => Rundll32.exe "C:\ProgramData\76f3774w1994G186\76f3774w1994G186.dll",fwGVURDKs
Task: {FE7DC4F9-4EB6-4516-B166-F26B89D797B2} - System32\Tasks\h3vr\_commonredist\vcredist\2015\vc_redist => Rundll32.exe "C:\ProgramData\76f3774w1994G186\76f3774w1994G186.dll",fwGVURDKs
Task: {FFA6A3AE-20B6-473A-9751-1BDAC2066F16} - System32\Tasks\drunkn bar fight\dbf => Rundll32.exe "C:\ProgramData\76f3774w1994G186\76f3774w1994G186.dll",fwGVURDKs

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

==================== Loaded Modules (Whitelisted) ==============

2015-12-17 18:38 - 2015-12-17 18:38 - 00085800 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-12-17 18:38 - 2015-12-17 18:38 - 01328912 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2016-01-27 08:55 - 2014-07-22 20:59 - 00936728 _____ () C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe
2013-06-04 17:40 - 2013-06-04 17:40 - 00210944 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.PerformanceTuning.dll
2012-09-23 12:53 - 2012-09-23 12:53 - 03645952 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Platform.dll
2012-09-23 12:53 - 2012-09-23 12:53 - 00748544 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Device.dll
2013-06-04 17:40 - 2013-06-04 17:40 - 00073728 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.Wlan.dll
2017-02-26 18:43 - 2016-04-16 21:07 - 00280576 _____ () C:\Program Files\Bitdefender Antivirus Free\txmlutil.dll
2017-02-26 18:43 - 2016-12-21 17:02 - 01008448 _____ () C:\Program Files\Bitdefender Antivirus Free\Signatures\OTEngines\OTEngines_000_000\ashttpbr.mdl
2017-02-26 18:43 - 2016-12-21 17:02 - 00541952 _____ () C:\Program Files\Bitdefender Antivirus Free\Signatures\OTEngines\OTEngines_000_000\ashttpdsp.mdl
2017-02-26 18:43 - 2016-12-21 17:02 - 03202816 _____ () C:\Program Files\Bitdefender Antivirus Free\Signatures\OTEngines\OTEngines_000_000\ashttpph.mdl
2017-02-26 18:43 - 2016-12-21 17:02 - 01542976 _____ () C:\Program Files\Bitdefender Antivirus Free\Signatures\OTEngines\OTEngines_000_000\ashttprbl.mdl
2016-01-27 08:55 - 2014-07-22 20:59 - 01360016 _____ () C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe
2016-10-13 16:31 - 2017-01-20 13:39 - 04489152 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\Poco.dll
2016-10-13 16:31 - 2017-01-20 13:39 - 01147328 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
2017-02-24 15:47 - 2017-02-24 15:47 - 00072016 _____ () C:\Program Files (x86)\ViveSetup\PCClient\ViveportService.exe
2016-07-16 06:42 - 2016-07-16 06:42 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-12-15 02:51 - 2016-12-09 05:29 - 02681200 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2016-08-05 19:56 - 2017-02-09 17:57 - 00134712 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2016-12-15 02:51 - 2016-12-09 05:29 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2015-12-09 02:59 - 2015-12-09 02:59 - 00580296 _____ () C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe
2016-12-15 02:51 - 2016-12-09 05:29 - 02681200 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll
2017-02-26 18:43 - 2014-08-28 16:57 - 00824376 _____ () C:\Program Files\Bitdefender Antivirus Free\bdmetrics.dll
2016-09-15 05:20 - 2016-09-06 23:56 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2017-01-11 01:41 - 2016-12-21 02:09 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2017-01-11 01:41 - 2016-12-21 01:54 - 09760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2017-01-11 01:41 - 2016-12-21 01:48 - 01401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-01-11 01:41 - 2016-12-21 01:48 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2017-01-11 01:41 - 2016-12-21 01:48 - 01033216 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll
2017-01-11 01:41 - 2016-12-21 01:48 - 02424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2017-01-11 01:41 - 2016-12-21 01:53 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2017-02-24 15:47 - 2017-02-24 15:47 - 00112464 _____ () C:\Program Files (x86)\ViveSetup\PCClient\HTCVRMarketplaceUserContextHelper.exe
2016-11-17 18:49 - 2016-11-17 18:49 - 87634880 _____ () C:\Program Files (x86)\ViveSetup\PCClient\web\apps\phone\nw.exe
2016-01-27 08:55 - 2014-07-22 20:59 - 00104448 _____ () C:\Program Files (x86)\ASUS\AXSP\1.02.00\ATKEX.dll
2017-02-24 15:44 - 2017-02-24 15:44 - 00624872 _____ () C:\Program Files (x86)\ViveSetup\PCClient\x86\vita_update_requester_api.dll
2017-02-24 15:44 - 2017-02-24 15:44 - 00402432 _____ () C:\Program Files (x86)\ViveSetup\PCClient\x86\vita_service_api.dll
2017-02-24 15:44 - 2017-02-24 15:44 - 01912832 _____ () C:\Program Files (x86)\ViveSetup\PCClient\x86\vita_store_api.dll
2017-02-24 15:44 - 2017-02-24 15:44 - 01639936 _____ () C:\Program Files (x86)\ViveSetup\PCClient\x86\vita_wkstore_api.dll
2017-02-24 15:44 - 2017-02-24 15:44 - 00378088 _____ () C:\Program Files (x86)\ViveSetup\PCClient\x86\vita_msg_proxy.dll
2016-01-27 08:58 - 2017-01-20 13:39 - 00018880 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2016-10-13 16:31 - 2017-01-20 13:39 - 03774400 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\Poco.dll
2016-10-13 16:31 - 2017-01-20 13:39 - 00900032 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll
2015-12-07 11:43 - 2015-12-07 11:43 - 00071680 _____ () C:\Program Files (x86)\MSI Afterburner\RTMUI.dll
2015-12-07 11:43 - 2015-12-07 11:43 - 00057856 _____ () C:\Program Files (x86)\MSI Afterburner\RTFC.dll
2015-12-07 11:44 - 2015-12-07 11:44 - 00225792 _____ () C:\Program Files (x86)\MSI Afterburner\RTCore.dll
2015-12-07 11:43 - 2015-12-07 11:43 - 00357888 _____ () C:\Program Files (x86)\MSI Afterburner\RTUI.dll
2015-12-07 11:44 - 2015-12-07 11:44 - 00657408 _____ () C:\Program Files (x86)\MSI Afterburner\RTHAL.dll
2017-02-24 15:44 - 2017-02-24 15:44 - 00262464 _____ () C:\Program Files (x86)\ViveSetup\PCClient\x86\openvr_api.dll
2016-11-17 18:48 - 2016-11-17 18:48 - 01481728 _____ () C:\Program Files (x86)\ViveSetup\PCClient\web\apps\phone\libglesv2.dll
2016-11-17 18:48 - 2016-11-17 18:48 - 00073728 _____ () C:\Program Files (x86)\ViveSetup\PCClient\web\apps\phone\libegl.dll
2017-03-10 04:49 - 2016-11-17 18:47 - 00201728 _____ () C:\Users\jakeg\AppData\Local\Temp\nw12664_7514\node_modules\node-vivelink\build\Release\vivelink.node
2017-03-10 04:49 - 2016-11-17 18:47 - 01070592 _____ () C:\Users\jakeg\AppData\Local\Temp\nw12664_7514\node_modules\node-bi\build\Release\bi.node
2017-03-10 04:49 - 2016-11-17 18:47 - 00074752 _____ () C:\Users\jakeg\AppData\Local\Temp\nw12664_7514\node_modules\node-auth\build\Release\auth.node
2016-10-13 16:32 - 2017-01-20 08:36 - 00338488 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVAccountAPINode.node
2016-10-13 16:32 - 2017-01-20 08:36 - 00254008 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\DriverInstall.node
2016-10-13 16:32 - 2017-01-20 08:36 - 02808888 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\Downloader.node
2016-10-13 16:32 - 2017-01-20 08:36 - 00384568 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvGameShareAPINode.node
2016-10-13 16:32 - 2017-01-20 08:36 - 00537656 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvSpCapsAPINode.node
2016-10-13 16:32 - 2017-01-20 08:36 - 00468024 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvGalleryAPINode.node
2016-10-13 16:32 - 2017-01-20 08:36 - 01066552 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvCameraAPINode.node
2016-12-29 17:43 - 2017-01-20 08:36 - 01014840 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvSDKAPINode.node
2016-02-17 23:04 - 2017-02-02 20:42 - 00668960 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2016-02-17 23:04 - 2016-08-31 20:02 - 04969248 _____ () C:\Program Files (x86)\Steam\v8.dll
2016-02-17 23:04 - 2017-03-09 17:37 - 02465056 _____ () C:\Program Files (x86)\Steam\video.dll
2016-02-17 23:04 - 2016-08-31 20:02 - 01563936 _____ () C:\Program Files (x86)\Steam\icui18n.dll
2016-02-17 23:04 - 2016-08-31 20:02 - 01195296 _____ () C:\Program Files (x86)\Steam\icuuc.dll
2016-02-17 23:04 - 2016-01-27 02:49 - 02549760 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll
2016-02-17 23:04 - 2016-01-27 02:49 - 00491008 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll
2016-02-17 23:04 - 2016-01-27 02:49 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll
2016-02-17 23:04 - 2016-01-27 02:49 - 00442880 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll
2016-02-17 23:04 - 2016-01-27 02:49 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll
2016-02-17 23:04 - 2017-03-09 17:37 - 00838432 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2016-03-08 23:24 - 2016-07-04 17:17 - 00266560 _____ () C:\Program Files (x86)\Steam\openvr_api.dll
2016-10-22 04:34 - 2017-03-07 00:24 - 02232096 _____ () C:\Program Files (x86)\Steam\steamapps\common\SteamVR\bin\vrclient.dll
2016-10-22 04:34 - 2017-03-07 00:24 - 01237280 _____ () C:\Program Files (x86)\Steam\steamapps\common\SteamVR\drivers\lighthouse\bin\win32\driver_lighthouse.dll
2016-10-22 04:36 - 2017-03-07 00:24 - 00045856 _____ () C:\Program Files (x86)\Steam\steamapps\common\SteamVR\drivers\lighthouse\bin\win32\aitcamlib.dll
2016-10-22 04:35 - 2016-10-22 04:36 - 00167936 _____ () C:\Program Files (x86)\Steam\steamapps\common\SteamVR\drivers\lighthouse\bin\win32\AitUVCExtApi.dll
2016-10-22 04:34 - 2016-10-22 04:36 - 00322560 _____ () C:\Program Files (x86)\Steam\steamapps\common\SteamVR\drivers\lighthouse\bin\win32\AitH264Capture.dll
2016-12-19 21:45 - 2017-01-30 16:41 - 68875552 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.win7\libcef.dll
2016-02-17 23:04 - 2017-03-09 17:37 - 00383776 _____ () C:\Program Files (x86)\Steam\steam.dll
2016-02-17 23:04 - 2015-09-24 18:52 - 00119208 _____ () C:\Program Files (x86)\Steam\winh264.dll
Jakegently
Active Member
 
Posts: 3
Joined: March 10th, 2017, 6:22 am

Re: Firefox is hijacked, windows defender is disabled too

Unread postby Jakegently » March 10th, 2017, 6:49 am

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Users\jakeg\Desktop\UnityAssetsExplorer.exe:BDU [0]
AlternateDataStreams: C:\Users\jakeg\Downloads\FRST64.exe:BDU [0]
AlternateDataStreams: C:\Users\jakeg\Downloads\OpenVR-AdvancedSettings-Installer-v2.3.exe:BDU [0]
AlternateDataStreams: C:\Users\jakeg\Downloads\vivecraft-1.7.10-jrbudda-38pre-installer.exe:BDU [0]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2015-07-10 06:04 - 2017-02-25 11:31 - 00000920 ____A C:\WINDOWS\system32\Drivers\etc\hosts

127.0.0.1 clients2.google.com
127.0.0.1 v1.ff.avast.com
127.0.0.1 vlcproxy.ff.avast.com

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2362767239-1170048716-167344883-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\jakeg\Pictures\Single Monitor Wallpapers\dethklok wallpaper.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

HKLM\...\StartupApproved\StartupFolder: => "start_swu.lnk"
HKLM\...\StartupApproved\Run: => "ShadowPlay"
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run: => "StartCN"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "PlaysTV"
HKLM\...\StartupApproved\Run32: => "Raptr"
HKLM\...\StartupApproved\Run32: => "amd_dc_opt"
HKLM\...\StartupApproved\Run32: => "HTC Store User Content Helper"
HKLM\...\StartupApproved\Run32: => "GammingApp"
HKU\S-1-5-21-2362767239-1170048716-167344883-1002\...\StartupApproved\Run: => "Spotify Web Helper"
HKU\S-1-5-21-2362767239-1170048716-167344883-1002\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-2362767239-1170048716-167344883-1002\...\StartupApproved\Run: => "EADM"
HKU\S-1-5-21-2362767239-1170048716-167344883-1002\...\StartupApproved\Run: => "GameJoltClient"
HKU\S-1-5-21-2362767239-1170048716-167344883-1002\...\StartupApproved\Run: => "Gaijin.Net Agent"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [UDP Query User{98F39248-7277-4763-8A27-0B582740CF0D}C:\users\jakeg\appdata\local\gamejoltclient\gamejoltclient.exe] => (Allow) C:\users\jakeg\appdata\local\gamejoltclient\gamejoltclient.exe
FirewallRules: [TCP Query User{8BF61F35-B0C6-4E2D-B6F1-D403FB34C650}C:\users\jakeg\appdata\local\gamejoltclient\gamejoltclient.exe] => (Allow) C:\users\jakeg\appdata\local\gamejoltclient\gamejoltclient.exe
FirewallRules: [{2E016CCA-BD9D-47FB-BC0C-FE3E051A12BE}] => (Allow) D:\SteamLibrary\steamapps\common\BorderlandsPreSequel\Binaries\Win32\Launcher.exe
FirewallRules: [{4AD748E8-5EEF-4435-8DFF-15AF5DB689AB}] => (Allow) D:\SteamLibrary\steamapps\common\BorderlandsPreSequel\Binaries\Win32\Launcher.exe
FirewallRules: [{BD07F5BB-760D-40A3-95F2-035CFA442309}] => (Allow) D:\SteamLibrary\steamapps\common\Battleborn\Binaries\Win64\Battleborn.exe
FirewallRules: [{F454557A-9D24-46F1-99FA-957E6F7D84FC}] => (Allow) D:\SteamLibrary\steamapps\common\Battleborn\Binaries\Win64\Battleborn.exe
FirewallRules: [{08EE2B89-9A58-4A94-9FA4-6D82058FB6B3}] => (Allow) D:\SteamLibrary\steamapps\common\Railroad Tycoon 3\RT3.exe
FirewallRules: [{9E6D50A6-D05E-4A99-985A-5EBA210C1E53}] => (Allow) D:\SteamLibrary\steamapps\common\Railroad Tycoon 3\RT3.exe
FirewallRules: [UDP Query User{3E101288-2E79-4203-A26F-811437BC84E8}C:\program files (x86)\steam\steamapps\common\elite dangerous arena\products\elite-dangerous-64\elitedangerous64.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\elite dangerous arena\products\elite-dangerous-64\elitedangerous64.exe
FirewallRules: [TCP Query User{1AFF08FF-09B1-4D8B-8228-E1723FB53667}C:\program files (x86)\steam\steamapps\common\elite dangerous arena\products\elite-dangerous-64\elitedangerous64.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\elite dangerous arena\products\elite-dangerous-64\elitedangerous64.exe
FirewallRules: [UDP Query User{3072C356-72B6-4A95-A912-9EB082CCF49F}C:\users\jakeg\desktop\igg-scrap.mechanic.v0.1.28\igg-scrap.mechanic.v0.1.28\release\scrapmechanic.exe] => (Allow) C:\users\jakeg\desktop\igg-scrap.mechanic.v0.1.28\igg-scrap.mechanic.v0.1.28\release\scrapmechanic.exe
FirewallRules: [TCP Query User{49BC8E11-F75C-4A0A-B8F6-DCC7D9CD5084}C:\users\jakeg\desktop\igg-scrap.mechanic.v0.1.28\igg-scrap.mechanic.v0.1.28\release\scrapmechanic.exe] => (Allow) C:\users\jakeg\desktop\igg-scrap.mechanic.v0.1.28\igg-scrap.mechanic.v0.1.28\release\scrapmechanic.exe
FirewallRules: [{C027ED8A-A48B-4360-9C43-891C5FC8F495}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SpaceEngineers\Bin64\SpaceEngineers.exe
FirewallRules: [{44FFFB6C-C46E-4F11-AF98-F556E50C3B09}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SpaceEngineers\Bin64\SpaceEngineers.exe
FirewallRules: [{0F50BCB8-BF8E-4FE0-A721-ABC0EDBF097C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Far Cry 3\bin\FC3UpdaterSteam.exe
FirewallRules: [{39C584B8-E072-41AA-BC12-F6DB72757AB3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Far Cry 3\bin\FC3UpdaterSteam.exe
FirewallRules: [{94DFB735-B1B2-44C9-B105-98F38C72B7E6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dishonored\Binaries\Win32\Dishonored.exe
FirewallRules: [{4D2F2CB0-F81B-4BE4-B93B-A67213ECE634}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dishonored\Binaries\Win32\Dishonored.exe
FirewallRules: [{8C97B991-F4B7-4F13-9704-929D8D828934}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Fable Anniversary\Binaries\Win32\Fable Anniversary.exe
FirewallRules: [{919DC4DF-B60D-4780-9688-7E7777798AB2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Fable Anniversary\Binaries\Win32\Fable Anniversary.exe
FirewallRules: [{DC010F9D-9F16-474D-BB25-1103F5B33691}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\BeamNG.drive\BeamNG.drive.exe
FirewallRules: [{21ED0680-4745-4643-955F-1FB5F6A5E394}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\BeamNG.drive\BeamNG.drive.exe
FirewallRules: [{0341F0E4-206D-497C-9EBD-57D665D34106}] => (Allow) E:\Mr DJ\Assassins Creed II\AssassinsCreedIIGame.exe
FirewallRules: [{8FFE08E6-33CE-447D-B164-02834B8ED871}] => (Allow) E:\Mr DJ\Assassins Creed II\AssassinsCreedIIGame.exe
FirewallRules: [{21C04327-8324-45FC-8118-DF0FABBD2219}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe
FirewallRules: [{108B18FA-F024-41C6-A92B-81202BC84534}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe
FirewallRules: [UDP Query User{CDF32EA5-CB17-4710-8531-B47D42B95A73}E:\halo 2\halo2.exe] => (Block) E:\halo 2\halo2.exe
FirewallRules: [TCP Query User{7E9C639E-D98D-493F-A56D-5FA063A4AD2D}E:\halo 2\halo2.exe] => (Block) E:\halo 2\halo2.exe
FirewallRules: [{031FE859-2466-4FEC-BFC9-2DC4DAF6E594}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SimplePlanes\SimplePlanes.exe
FirewallRules: [{70A6FCCF-7934-44CE-AD91-9BA7C7AFA77F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SimplePlanes\SimplePlanes.exe
FirewallRules: [UDP Query User{CE0BF2CF-396A-4BF3-971A-63A3E6F89214}C:\program files\java\jre1.8.0_77\bin\java.exe] => (Allow) C:\program files\java\jre1.8.0_77\bin\java.exe
FirewallRules: [TCP Query User{A2A5EA13-A9CD-4C28-A859-28A68A678C11}C:\program files\java\jre1.8.0_77\bin\java.exe] => (Allow) C:\program files\java\jre1.8.0_77\bin\java.exe
FirewallRules: [UDP Query User{095AA410-C65A-4EC4-9D2F-650671E03EA0}C:\users\jakeg\desktop\game files\world at war\setup\data\codwaw.exe] => (Allow) C:\users\jakeg\desktop\game files\world at war\setup\data\codwaw.exe
FirewallRules: [TCP Query User{78FA2CDE-4A0E-4EAB-AF22-621E28933299}C:\users\jakeg\desktop\game files\world at war\setup\data\codwaw.exe] => (Allow) C:\users\jakeg\desktop\game files\world at war\setup\data\codwaw.exe
FirewallRules: [{153E2D8F-5D0C-4007-A9A8-E4E8A1B76306}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Renowned Explorers\win64\abbeycore_win32_steam.exe
FirewallRules: [{C7AF2EA2-B6FF-45A0-8CD2-E4AEBCC6F821}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Renowned Explorers\win64\abbeycore_win32_steam.exe
FirewallRules: [{B9B8B0F9-7D1A-402C-A12B-C6239130B43E}] => (Allow) C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv.exe
FirewallRules: [{F8F6C9AA-349A-442E-B8F9-E105E38B6220}] => (Allow) C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv.exe
FirewallRules: [{B6965E9C-9DFF-40FC-9DE4-401B5792FC8F}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe
FirewallRules: [{F3552726-2987-45E9-A05C-5E0BADF4506C}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe
FirewallRules: [{55E9F301-31BD-4F36-8DD5-457AF5F9764F}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe
FirewallRules: [{54198A7D-B035-411A-BCA1-E9ED19C10FDC}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe
FirewallRules: [{A29528B0-B9F2-40C2-B94F-953374C71AB2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warmachine Tactics\WarmachineGame\Binaries\Win64\WarmachineGame-Win64-Shipping.exe
FirewallRules: [{0EB5F05A-4CE5-4164-9E25-2E6C2DACF8C7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warmachine Tactics\WarmachineGame\Binaries\Win64\WarmachineGame-Win64-Shipping.exe
FirewallRules: [UDP Query User{A066316D-9EBB-4A05-B17F-33FFCBEC0518}C:\program files (x86)\origin games\battlefield 4\bf4.exe] => (Allow) C:\program files (x86)\origin games\battlefield 4\bf4.exe
FirewallRules: [TCP Query User{4DCAB478-EA7A-461D-9CDC-03E2C23D2E99}C:\program files (x86)\origin games\battlefield 4\bf4.exe] => (Allow) C:\program files (x86)\origin games\battlefield 4\bf4.exe
FirewallRules: [UDP Query User{2060FEE2-19D6-4AE3-B145-6C3E2211079A}C:\program files (x86)\origin games\battlefield 4\bf4_x86.exe] => (Allow) C:\program files (x86)\origin games\battlefield 4\bf4_x86.exe
FirewallRules: [TCP Query User{492125A7-5064-43E9-A330-224368C77178}C:\program files (x86)\origin games\battlefield 4\bf4_x86.exe] => (Allow) C:\program files (x86)\origin games\battlefield 4\bf4_x86.exe
FirewallRules: [{49BA4678-A6E6-4164-9F36-39C140D88648}] => (Allow) C:\Program Files (x86)\Remotr\RemotrServer.exe
FirewallRules: [UDP Query User{841C7D76-FEB9-4BF4-BED8-D35F46F947C3}C:\program files (x86)\trinusvr\tgserver.exe] => (Allow) C:\program files (x86)\trinusvr\tgserver.exe
FirewallRules: [TCP Query User{BFB8D431-15AF-43DF-9CB5-19F5AA6A48B6}C:\program files (x86)\trinusvr\tgserver.exe] => (Allow) C:\program files (x86)\trinusvr\tgserver.exe
FirewallRules: [UDP Query User{891E5937-8478-44C1-9BFA-B5990E33EFE9}C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe
FirewallRules: [TCP Query User{48EDD256-7850-46C1-928A-E910AE2407C8}C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe
FirewallRules: [{6987E012-610C-4164-9C83-A3505144434C}] => (Block) C:\Program Files\Rockstar Games\Grand Theft Auto V\GTA5.exe
FirewallRules: [{C7E201D1-7D93-4B3E-A444-D6253E05A6FC}] => (Allow) C:\Program Files\Rockstar Games\Grand Theft Auto V\GTA5.exe
FirewallRules: [{B95279C3-40CE-44A0-8F9B-2FA24E92FC1C}] => (Allow) C:\Program Files\Rockstar Games\Grand Theft Auto V\GTA5.exe
FirewallRules: [{742F092B-EBDB-4CC1-B8F4-9069D507F131}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{1694BBAF-C0E2-434D-88D2-FA35D02370CA}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{E7409EB3-3960-44AF-9686-85A56ECA44B4}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{07008CB7-3BEC-4AE5-8620-278149E0A351}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{436589DA-1287-4E99-BC8A-2196A194E0E5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Rollercoaster Tycoon 3 Gold\RCT3plus.exe
FirewallRules: [{4F285B25-818D-4C2C-B1E7-E9F05326B1CE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Rollercoaster Tycoon 3 Gold\RCT3plus.exe
FirewallRules: [{08CB5E17-566E-443F-A201-DF5B75EF7991}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{7AEBF477-7EFF-4F01-ABEB-7FAC27A78FC7}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{4B5D771A-1016-4EE0-A68F-6482F9FE36AB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Rocksmith2014\Rocksmith2014.exe
FirewallRules: [{BAD06A66-C2D4-4EE8-87F6-1E93721ECEFD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Rocksmith2014\Rocksmith2014.exe
FirewallRules: [{BBCB3356-258C-46C3-B3B1-07A59E0A98E3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Portal 2\portal2.exe
FirewallRules: [{A938BC81-9C36-4FD3-B2DE-78D502106A29}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Portal 2\portal2.exe
FirewallRules: [TCP Query User{7A12D226-BC88-4FEE-B861-9A1DCDD5F41B}C:\users\jakeg\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\jakeg\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{147FB9EA-C494-4208-9805-4DEE1CF37E57}C:\users\jakeg\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\jakeg\appdata\roaming\spotify\spotify.exe
FirewallRules: [{579CB57D-2EF6-4B52-B07F-6FD0826AD183}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Sims 3\Game\Bin\Sims3Launcher.exe
FirewallRules: [{B585D79B-60DD-4FB9-9714-DF2F37A139E2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Sims 3\Game\Bin\Sims3Launcher.exe
FirewallRules: [TCP Query User{FA47089D-6719-48DD-A260-EB09B617D061}C:\program files (x86)\steam\steamapps\common\grand theft auto iv\gtaiv\gtaiv.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\grand theft auto iv\gtaiv\gtaiv.exe
FirewallRules: [UDP Query User{7EEB8E3B-244B-4036-9745-A759B7F87A42}C:\program files (x86)\steam\steamapps\common\grand theft auto iv\gtaiv\gtaiv.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\grand theft auto iv\gtaiv\gtaiv.exe
FirewallRules: [{6F50AF06-E5D5-4388-A6A4-EBA627DA0DAC}] => (Allow) C:\Users\jakeg\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{5C13032D-CF8B-4DFE-A1CF-52DB3D8E974B}] => (Allow) C:\Users\jakeg\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{23EB982B-E7D5-42A8-BD9B-3BDEF870572B}] => (Allow) C:\Users\jakeg\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{4BEE0462-DF40-486B-8EB9-43B2F4317A8D}] => (Allow) C:\Users\jakeg\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{E4E59A96-751F-4D88-B3EE-2A994BC6D948}] => (Allow) C:\Users\jakeg\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{E1780D5C-B401-4E1C-AC11-836002E2B7CF}] => (Allow) C:\Users\jakeg\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{E5B92DCA-AE43-46D3-B67D-6B9BE0DD811B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Portal\hl2.exe
FirewallRules: [{91EE12F2-315A-46B4-B788-C21B73A842FC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Portal\hl2.exe
FirewallRules: [TCP Query User{7684A4E0-D19C-45B0-BFE7-0F5BF52580A0}C:\program files (x86)\steam\steamapps\common\outlast\binaries\win64\olgame.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\outlast\binaries\win64\olgame.exe
FirewallRules: [UDP Query User{640111FA-645E-4D4E-824B-6C1B51526AA3}C:\program files (x86)\steam\steamapps\common\outlast\binaries\win64\olgame.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\outlast\binaries\win64\olgame.exe
FirewallRules: [{5D2486DD-445E-4F36-A96D-9B7D8AB5E535}] => (Allow) C:\Program Files (x86)\Origin Games\Titanfall\Titanfall.exe
FirewallRules: [{FFCC1BAD-E9EF-45E7-8171-869255FD17A0}] => (Allow) C:\Program Files (x86)\Origin Games\Titanfall\Titanfall.exe
FirewallRules: [TCP Query User{B632932C-1C93-428C-989D-32F85AF99A88}C:\program files (x86)\steam\steamapps\common\medusa's labyrinth\medusa\binaries\win64\medusa-win64-shipping.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\medusa's labyrinth\medusa\binaries\win64\medusa-win64-shipping.exe
FirewallRules: [UDP Query User{5E2BABA2-B56A-4463-9D93-D8F7B37CD1C8}C:\program files (x86)\steam\steamapps\common\medusa's labyrinth\medusa\binaries\win64\medusa-win64-shipping.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\medusa's labyrinth\medusa\binaries\win64\medusa-win64-shipping.exe
FirewallRules: [TCP Query User{E56C9101-B662-4248-9A96-6D1572341BDC}C:\program files (x86)\steam\steamapps\common\war thunder\win64\aces.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\war thunder\win64\aces.exe
FirewallRules: [UDP Query User{97609AF2-469E-411A-86BE-51F2B041EA5C}C:\program files (x86)\steam\steamapps\common\war thunder\win64\aces.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\war thunder\win64\aces.exe
FirewallRules: [{2F7A5CA5-72CB-47AD-A182-9C64A6DB6026}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\STAR WARS X-Wing\remastered\XWING95.EXE
FirewallRules: [{B66697BF-2D61-46D5-AC8D-1C66DBA3B4F6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\STAR WARS X-Wing\remastered\XWING95.EXE
FirewallRules: [{C73ABE33-9643-49FD-A011-7BAEB31589FD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\STAR WARS X-Wing\classic\DOSBOX\DOSBox.exe
FirewallRules: [{39AAC928-004B-4CFE-B1C3-E041FC11F8A4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\STAR WARS X-Wing\classic\DOSBOX\DOSBox.exe
FirewallRules: [{82A7C134-7E72-41B4-B279-2FC04BCBF53A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\STAR WARS Tie Fighter\remastered\TIE95.EXE
FirewallRules: [{ACD4E346-F0AF-4A81-B233-274C89CA28EF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\STAR WARS Tie Fighter\remastered\TIE95.EXE
FirewallRules: [{FF892BD0-EA2F-46A5-925E-4C7FE09990FB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\STAR WARS Tie Fighter\classic\DOSBOX\dosbox.exe
FirewallRules: [{1A7A6647-81BE-4CDD-AA3F-6574AA8ECF63}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\STAR WARS Tie Fighter\classic\DOSBOX\dosbox.exe
FirewallRules: [{23DB5D7F-35C8-40DC-9DFA-E38233807B81}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\STAR WARS - Galactic Battlegrounds Saga\Game\player.exe
FirewallRules: [{C8E3693F-236E-4381-8481-873A60EA8B31}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\STAR WARS - Galactic Battlegrounds Saga\Game\player.exe
FirewallRules: [{7EB702CF-0ED5-4469-8239-9A7144655A89}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\American Truck Simulator Demo\bin\win_x64\amtrucks.exe
FirewallRules: [{97DCB4A1-2CFD-4D53-A487-B58022DAADA4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\American Truck Simulator Demo\bin\win_x64\amtrucks.exe
FirewallRules: [{2A188575-90EA-4933-A748-DCB3988EF8F5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Borderlands\Binaries\Borderlands.exe
FirewallRules: [{D49DE7B5-6864-45A4-AFE1-A0AE45CD9C96}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Borderlands\Binaries\Borderlands.exe
FirewallRules: [{5F7ED825-B140-472A-BF1E-F8BE8C777D68}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dark Forces\DosBox\dosbox.exe
FirewallRules: [{9580F2B6-22F6-4276-ADBA-E8B7606F0F17}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dark Forces\DosBox\dosbox.exe
FirewallRules: [{3908A971-A163-46AE-B848-D9B2FFB04088}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{A043E030-DC1D-40F2-9FCD-E082507AD3A3}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{C4B54ECE-69D2-493D-9716-74A77234DA86}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{C6F4DDF1-9CD5-4175-A02E-F132253CCCEA}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{25332309-A34C-4F60-AB94-FB76147F1236}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [TCP Query User{63F41471-406A-40BC-802E-B69F1C77FFEF}E:\setup\data\codwawmp.exe] => (Allow) E:\setup\data\codwawmp.exe
FirewallRules: [UDP Query User{6B4392D7-2341-4B18-993F-79AB2DC319F0}E:\setup\data\codwawmp.exe] => (Allow) E:\setup\data\codwawmp.exe
FirewallRules: [TCP Query User{1D52949C-7E38-4E86-9A30-F203024E53A8}C:\users\jakeg\desktop\world at war\setup\data\codwaw.exe] => (Allow) C:\users\jakeg\desktop\world at war\setup\data\codwaw.exe
FirewallRules: [UDP Query User{11A30E6C-A88B-4C62-91ED-FA6F3D149830}C:\users\jakeg\desktop\world at war\setup\data\codwaw.exe] => (Allow) C:\users\jakeg\desktop\world at war\setup\data\codwaw.exe
FirewallRules: [TCP Query User{A106B0B8-A4FE-4EBB-A4A3-27DEDE0DD4D9}C:\users\jakeg\desktop\world at war\setup\data\codwawmp.exe] => (Allow) C:\users\jakeg\desktop\world at war\setup\data\codwawmp.exe
FirewallRules: [UDP Query User{0E5F3196-A951-4330-8531-1C0176072BE2}C:\users\jakeg\desktop\world at war\setup\data\codwawmp.exe] => (Allow) C:\users\jakeg\desktop\world at war\setup\data\codwawmp.exe
FirewallRules: [{CE39B198-5C2A-451A-A955-01250C620EFA}] => (Allow) C:\Games\BioShock Infinite\Binaries\Win32\BioShockInfinite.exe
FirewallRules: [{0989AF4F-049D-42F9-953A-E905941C3C3A}] => (Allow) C:\Games\BioShock Infinite\Binaries\Win32\BioShockInfinite.exe
FirewallRules: [TCP Query User{CCA49645-DC2A-4A25-ADD6-9FF00941F4C5}C:\games\layers of fear\layers of fear.exe] => (Allow) C:\games\layers of fear\layers of fear.exe
FirewallRules: [UDP Query User{B9375734-4BD3-4903-8803-B8E3030472A0}C:\games\layers of fear\layers of fear.exe] => (Allow) C:\games\layers of fear\layers of fear.exe
FirewallRules: [TCP Query User{5B32316C-B9EE-483C-820E-19BC9459A434}C:\users\jakeg\desktop\left 4 dead 2\left4dead2.exe] => (Allow) C:\users\jakeg\desktop\left 4 dead 2\left4dead2.exe
FirewallRules: [UDP Query User{617AFAA4-C6BA-4D27-A882-E7C06E61956E}C:\users\jakeg\desktop\left 4 dead 2\left4dead2.exe] => (Allow) C:\users\jakeg\desktop\left 4 dead 2\left4dead2.exe
FirewallRules: [TCP Query User{AE5B4D2F-30F3-4F1A-8318-F447AD3E8573}D:\games\dying light\dyinglightgame.exe] => (Allow) D:\games\dying light\dyinglightgame.exe
FirewallRules: [UDP Query User{CA26C530-518B-46D2-9422-510160D2B87D}D:\games\dying light\dyinglightgame.exe] => (Allow) D:\games\dying light\dyinglightgame.exe
FirewallRules: [{AF6BEC85-957B-4D58-9A3D-A297A83127D7}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{8B674477-C1F3-44C8-810C-EC30C58B82D4}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{0E2C0A8D-D163-48D3-BCAC-9F727CBEC127}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{A7BA8F90-6C3B-4FEF-BA97-001AF01BE35F}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{A0E91DDE-32C0-49FA-9375-0039F8F64FAE}] => (Allow) C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe
FirewallRules: [{3BC1A117-4FBE-4AC8-BBF7-40D8405A02C0}] => (Allow) C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe
FirewallRules: [{9BAABE76-B791-47B0-BBFA-D15D033973CB}] => (Allow) D:\Games\Battlefield 4\BF4WebHelper.exe
FirewallRules: [{86739BD5-62AA-4F69-ADD0-4FF681057BC6}] => (Allow) D:\Games\Battlefield 4\BF4WebHelper.exe
FirewallRules: [{5F83DC75-F2FD-4761-A3F8-6A98CAB57D10}] => (Allow) D:\Games\Battlefield 4\BF4X86WebHelper.exe
FirewallRules: [{E720041A-2282-4ED9-803B-05058635B4CD}] => (Allow) D:\Games\Battlefield 4\BF4X86WebHelper.exe
FirewallRules: [{4C4DDC96-6BA5-4D4D-B522-F0EDFDD1DDC5}] => (Allow) D:\SteamLibrary\steamapps\common\ShadowOfMordor\x64\ShadowOfMordor.exe
FirewallRules: [{654288C0-8AAB-4581-8C71-FC4CC21134FD}] => (Allow) D:\SteamLibrary\steamapps\common\ShadowOfMordor\x64\ShadowOfMordor.exe
FirewallRules: [TCP Query User{8FF41B59-422A-4468-A4C8-2AD4CD5A45E5}D:\games\battlefield 4\bf4.exe] => (Allow) D:\games\battlefield 4\bf4.exe
FirewallRules: [UDP Query User{797AA729-62A5-4D25-92DF-BBAF7DC5FD95}D:\games\battlefield 4\bf4.exe] => (Allow) D:\games\battlefield 4\bf4.exe
FirewallRules: [TCP Query User{3C8F4F68-F567-43E2-97C4-A4B684296186}D:\steamlibrary\steamapps\common\grand theft auto iv\gtaiv\gtaiv.exe] => (Allow) D:\steamlibrary\steamapps\common\grand theft auto iv\gtaiv\gtaiv.exe
FirewallRules: [UDP Query User{E1BB8B4E-A493-452C-805E-4199B5689B52}D:\steamlibrary\steamapps\common\grand theft auto iv\gtaiv\gtaiv.exe] => (Allow) D:\steamlibrary\steamapps\common\grand theft auto iv\gtaiv\gtaiv.exe
FirewallRules: [{7D434365-F20C-407E-9A96-AF06B473AE72}] => (Allow) D:\Games\The SIMS 4\Game\Bin\TS4_x64.exe
FirewallRules: [{6042FEFB-5A4D-4725-9161-78F1D9221FA2}] => (Allow) D:\Games\The SIMS 4\Game\Bin\TS4_x64.exe
FirewallRules: [{1F55B5F4-6352-4B90-98B9-E318479C0F5C}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\The Crew (Worldwide)\TheCrew.exe
FirewallRules: [{F3562C27-56CA-42F3-8F7A-32CDD3A9C40D}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\The Crew (Worldwide)\TheCrew.exe
FirewallRules: [{DD1F311A-F778-4E6A-AD69-83CFA922B762}] => (Allow) D:\SteamLibrary\steamapps\common\Euro Truck Simulator 2 Demo\bin\win_x86\eurotrucks2.exe
FirewallRules: [{4471BD6D-29A5-44C1-A454-25937D5CE096}] => (Allow) D:\SteamLibrary\steamapps\common\Euro Truck Simulator 2 Demo\bin\win_x86\eurotrucks2.exe
FirewallRules: [{7BE267C4-3A4A-4E0F-93FF-C6951093F364}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Grand Theft Auto V\GTAVLauncher.exe
FirewallRules: [{C0F13770-6F27-4BC3-95F0-4ADAD195DA5A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Grand Theft Auto V\GTAVLauncher.exe
FirewallRules: [{4AC6B741-3222-400F-A025-7FB211880685}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\LEGO Harry Potter\LEGOHarryPotter.exe
FirewallRules: [{0812952F-961E-43D9-B03D-D3FBA92B2066}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\LEGO Harry Potter\LEGOHarryPotter.exe
FirewallRules: [{4DD6A02C-A18E-403F-85E6-D58087381536}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\LEGO Harry Potter Years 5-7\harry2.exe
FirewallRules: [{E1554D18-47C8-48E2-9D21-246836D30B8C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\LEGO Harry Potter Years 5-7\harry2.exe
FirewallRules: [{27888FD5-6256-4B8F-8A23-5C67AD76D177}] => (Allow) C:\Program Files (x86)\Microsoft Games\Fable III\Fable3.exe
FirewallRules: [{8D6E6BEB-F6B6-45AA-AFC0-72F816F1D605}] => (Allow) C:\Program Files (x86)\Microsoft Games\Fable III\Fable3.exe
FirewallRules: [TCP Query User{CF2E36E5-8E4B-4B63-9E9D-85F8F9E1AEE3}D:\games\dead island definitive edition\deadislandgame.exe] => (Allow) D:\games\dead island definitive edition\deadislandgame.exe
FirewallRules: [UDP Query User{330BA67D-2AB9-48FC-A903-4599F89B70D8}D:\games\dead island definitive edition\deadislandgame.exe] => (Allow) D:\games\dead island definitive edition\deadislandgame.exe
FirewallRules: [{D849170E-A548-4269-B1C0-A39B91770896}] => (Allow) LPort=26789
FirewallRules: [{306B230A-AFAC-4A65-8893-022791FAE23A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SteamVR\tools\bin\win32\vrmonitor.exe
FirewallRules: [{DA97DC4A-B309-4193-A301-80A32E373424}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SteamVR\tools\bin\win32\vrmonitor.exe
FirewallRules: [{3D28CDDA-010F-40B3-A1AA-013B96926A03}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Skyrim Special Edition\SkyrimSELauncher.exe
FirewallRules: [{52D83E45-0708-44D6-A9F8-7CA24B93E44A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Skyrim Special Edition\SkyrimSELauncher.exe
FirewallRules: [{F3A9A33A-6055-4A7A-BA9E-B18F34A09346}] => (Allow) D:\SteamLibrary\steamapps\common\EvolveGame\bin64_SteamRetail\Evolve.exe
FirewallRules: [{D8570BD2-D2DF-4A83-B8EC-E74F37D25F7B}] => (Allow) D:\SteamLibrary\steamapps\common\EvolveGame\bin64_SteamRetail\Evolve.exe
FirewallRules: [{4E9DB327-09B4-42E2-8FC0-B68299D93353}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Vanishing of Ethan Carter Redux\EthanCarter.exe
FirewallRules: [{9A7ECEA2-7FDD-4F73-8D48-866914C8D14A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Vanishing of Ethan Carter Redux\EthanCarter.exe
FirewallRules: [TCP Query User{E227ECB5-D5B0-49E5-936E-4AA90C53E142}C:\program files (x86)\steam\steamapps\common\dangerous golf\orlando\binaries\win64\orlando-win64-shipping.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\dangerous golf\orlando\binaries\win64\orlando-win64-shipping.exe
FirewallRules: [UDP Query User{B3F9052A-7353-4969-8ABD-FE10120E9E72}C:\program files (x86)\steam\steamapps\common\dangerous golf\orlando\binaries\win64\orlando-win64-shipping.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\dangerous golf\orlando\binaries\win64\orlando-win64-shipping.exe
FirewallRules: [{1321F217-22AE-4AB8-AFC8-EFB40E46E023}] => (Allow) D:\SteamLibrary\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame_BE.exe
FirewallRules: [{FA6663E4-F7BB-4F50-B0A9-444B663B01B8}] => (Allow) D:\SteamLibrary\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame_BE.exe
FirewallRules: [{11EC8B9F-9BC0-4AF8-A6FD-E2F8F7C49724}] => (Allow) D:\SteamLibrary\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame.exe
FirewallRules: [{27D909B7-1E79-4B21-B245-FB6A0B2891C6}] => (Allow) D:\SteamLibrary\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame.exe
FirewallRules: [TCP Query User{15A222D1-F436-4D22-8DC2-D5BFE4D9F4BA}D:\steamlibrary\steamapps\common\borderlandspresequel\binaries\win32\borderlandspresequel.exe] => (Allow) D:\steamlibrary\steamapps\common\borderlandspresequel\binaries\win32\borderlandspresequel.exe
FirewallRules: [UDP Query User{ED8E803A-5DAD-44F3-8043-DCA57D01A518}D:\steamlibrary\steamapps\common\borderlandspresequel\binaries\win32\borderlandspresequel.exe] => (Allow) D:\steamlibrary\steamapps\common\borderlandspresequel\binaries\win32\borderlandspresequel.exe
FirewallRules: [TCP Query User{0214F97A-4016-419A-B579-F7DA98AFE327}D:\games\borderlands 2 goty repack mr dj\mr dj\borderlands 2 goty\binaries\win32\borderlands2.exe] => (Allow) D:\games\borderlands 2 goty repack mr dj\mr dj\borderlands 2 goty\binaries\win32\borderlands2.exe
FirewallRules: [UDP Query User{DFC93A62-6728-4C32-AD15-F4AAB468879E}D:\games\borderlands 2 goty repack mr dj\mr dj\borderlands 2 goty\binaries\win32\borderlands2.exe] => (Allow) D:\games\borderlands 2 goty repack mr dj\mr dj\borderlands 2 goty\binaries\win32\borderlands2.exe
FirewallRules: [TCP Query User{9D18AAFD-C171-4474-9214-BE5A8E7C4670}D:\games\7.days.to.die.alpha.15.steam.edition.x64\7daystodie.exe] => (Allow) D:\games\7.days.to.die.alpha.15.steam.edition.x64\7daystodie.exe
FirewallRules: [UDP Query User{9205457A-3921-4DC3-88AF-EDCB8FFD078B}D:\games\7.days.to.die.alpha.15.steam.edition.x64\7daystodie.exe] => (Allow) D:\games\7.days.to.die.alpha.15.steam.edition.x64\7daystodie.exe
FirewallRules: [{3D694605-1B49-4CB9-ADFD-2EB8AA28F7D9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Planet Coaster\PlanetCoaster.exe
FirewallRules: [{68946B9B-9512-4BE0-996D-6BA6A1CCCAD0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Planet Coaster\PlanetCoaster.exe
FirewallRules: [{9C10D191-D0E3-46C6-BA23-3ADACAFAEB67}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Grand Theft Auto IV\GTAIV\LaunchGTAIV.exe
FirewallRules: [{BA017D8F-5881-453B-94DD-1944D0DE151D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Grand Theft Auto IV\GTAIV\LaunchGTAIV.exe
FirewallRules: [{ED4CDD12-ABF0-479E-8579-0B52AA1D0EEB}] => (Allow) C:\Users\jakeg\Far Cry 3 Blood Dragon\bin\fc3_blooddragon.exe
FirewallRules: [{2B6B7EF6-3944-4089-BA08-B64C2241412D}] => (Allow) C:\Users\jakeg\Far Cry 3 Blood Dragon\bin\fc3_blooddragon.exe
FirewallRules: [{814BDC9F-4A4D-4D4E-A3F4-36389E8C6036}] => (Allow) C:\Users\jakeg\Far Cry 3 Blood Dragon\bin\fc3_blooddragon_d3d11_b.exe
FirewallRules: [{072C7D96-4108-471F-803E-FAE3E4357AE7}] => (Allow) C:\Users\jakeg\Far Cry 3 Blood Dragon\bin\fc3_blooddragon_d3d11_b.exe
FirewallRules: [{981563A9-4AFD-4631-8568-4FB6504B0510}] => (Allow) C:\Users\jakeg\Far Cry 3 Blood Dragon\bin\fc3_blooddragon_d3d11.exe
FirewallRules: [{0DA3F5BC-8A06-4D95-8474-A5FD8DEF05ED}] => (Allow) C:\Users\jakeg\Far Cry 3 Blood Dragon\bin\fc3_blooddragon_d3d11.exe
FirewallRules: [{8C16E565-ED2F-4087-B1DD-60BD5506F29C}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Assassin's Creed III\AC3SP.exe
FirewallRules: [{C4D078F7-0FC3-4171-9B7D-17AC5B86372A}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Assassin's Creed III\AC3SP.exe
FirewallRules: [{B533CE77-82CD-4331-A303-7BAB55845096}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Assassin's Creed III\AC3MP.exe
FirewallRules: [{3FBEF097-6AED-426D-A503-D87B53D28C29}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Assassin's Creed III\AC3MP.exe
FirewallRules: [{E239A74E-63CC-488E-8F32-BF0549E19A7E}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{AEAC183D-D790-477E-B2CC-72D79E1872D6}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{5C0BC72D-4E9A-47A5-868C-EB678FEF5411}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Rayman Origins\gu.exe
FirewallRules: [{DB1697CE-0F10-40EC-8222-DF978B23F98A}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Rayman Origins\gu.exe
FirewallRules: [{D7F8A9DE-7649-4727-92F9-18DD365CE581}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Rayman Origins\Rayman Origins.exe
FirewallRules: [{8D7CDE80-4672-48DE-B059-FE906711A172}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Rayman Origins\Rayman Origins.exe
FirewallRules: [{370C98BD-147F-4779-9B6C-E5BC25CE1294}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Tom Clancy's Splinter Cell\system\SplinterCell.exe
FirewallRules: [{06A6CC8F-3428-4FC8-9CEF-8CE7B169242A}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Tom Clancy's Splinter Cell\system\SplinterCell.exe
FirewallRules: [{CB81F98F-F460-4E39-8A66-92D1627CFA32}] => (Allow) C:\Users\jakeg\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{CD3F4F50-47D3-47D5-A4B1-C28B3269DC55}] => (Allow) C:\Users\jakeg\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{B3CC17FB-2A27-4981-A859-864A1080238C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe
FirewallRules: [{BC1D5674-ED1B-4B73-BE90-6FAB50AEEC20}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe
FirewallRules: [{17A691E8-DA38-4E0F-AB4F-6BD6247CC31E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{CAB83B9C-0A47-4316-824C-019932F51B5E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{A80A6280-C239-424F-B25B-C96F8FFB0289}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{C24BB670-82CC-4E3C-AA5F-4288F54E5C99}] => (Allow) D:\SteamLibrary\steamapps\common\Saints Row 2\SR2_pc.exe
FirewallRules: [{B46520D2-6689-4E61-AEBB-3621486EF1F2}] => (Allow) D:\SteamLibrary\steamapps\common\Saints Row 2\SR2_pc.exe
FirewallRules: [TCP Query User{37680EF3-E3B0-4F13-A470-34E8F860E91D}D:\games\doom\doomx64.exe] => (Block) D:\games\doom\doomx64.exe
FirewallRules: [UDP Query User{B8B6FC3D-A9A4-453F-83C9-A6AB1B55349E}D:\games\doom\doomx64.exe] => (Block) D:\games\doom\doomx64.exe
FirewallRules: [{83D73367-241C-4788-A126-ED7C8281F43A}] => (Allow) D:\SteamLibrary\steamapps\common\Life Is Strange\Binaries\Win32\LifeIsStrange.exe
FirewallRules: [{1568990F-5E08-499D-B18E-BBBCF91676AA}] => (Allow) D:\SteamLibrary\steamapps\common\Life Is Strange\Binaries\Win32\LifeIsStrange.exe
FirewallRules: [{F687013D-6884-40AC-A165-5E5D028786DB}] => (Allow) D:\SteamLibrary\steamapps\common\3DMark\bin\x86\3DMark.exe
FirewallRules: [{600F7D84-C32E-4F29-9B15-273A784A903C}] => (Allow) D:\SteamLibrary\steamapps\common\3DMark\bin\x86\3DMark.exe
FirewallRules: [{CA3A944F-71A4-432F-9D47-2040848A67B8}] => (Allow) D:\SteamLibrary\steamapps\common\3DMark\bin\x64\3DMark.exe
FirewallRules: [{432DB92B-9A0B-4D66-9549-0894ECD9EC41}] => (Allow) D:\SteamLibrary\steamapps\common\3DMark\bin\x64\3DMark.exe
FirewallRules: [TCP Query User{354FF56B-98E8-47D0-8255-F41EC270049D}C:\program files (x86)\far cry primal\bin\fcprimal.exe] => (Allow) C:\program files (x86)\far cry primal\bin\fcprimal.exe
FirewallRules: [UDP Query User{D79EB225-AA3F-4B8D-83FC-26C4208A5BF5}C:\program files (x86)\far cry primal\bin\fcprimal.exe] => (Allow) C:\program files (x86)\far cry primal\bin\fcprimal.exe
FirewallRules: [{ECF20BAB-EC63-480D-AB26-B0D1C44F5BEE}] => (Allow) D:\SteamLibrary\steamapps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [{C00EBD09-3B11-45FF-B3CF-E05FE1674D0E}] => (Allow) D:\SteamLibrary\steamapps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [TCP Query User{EF84D706-365B-4F8F-BD21-49598A5E5705}C:\users\jakeg\desktop\pikachuhairworks\windowsnoeditor\engine\binaries\win64\ue4game.exe] => (Block) C:\users\jakeg\desktop\pikachuhairworks\windowsnoeditor\engine\binaries\win64\ue4game.exe
FirewallRules: [UDP Query User{E47AC2D6-A968-4ADA-B4D9-F81494345F0F}C:\users\jakeg\desktop\pikachuhairworks\windowsnoeditor\engine\binaries\win64\ue4game.exe] => (Block) C:\users\jakeg\desktop\pikachuhairworks\windowsnoeditor\engine\binaries\win64\ue4game.exe
FirewallRules: [TCP Query User{C0E2113B-F618-4503-BDDA-9EF6D9B5B4C0}C:\users\jakeg\desktop\newsca demo\engine\binaries\win64\ue4game-win64-shipping.exe] => (Block) C:\users\jakeg\desktop\newsca demo\engine\binaries\win64\ue4game-win64-shipping.exe
FirewallRules: [UDP Query User{DD65F104-68F1-4547-8791-369719762692}C:\users\jakeg\desktop\newsca demo\engine\binaries\win64\ue4game-win64-shipping.exe] => (Block) C:\users\jakeg\desktop\newsca demo\engine\binaries\win64\ue4game-win64-shipping.exe
FirewallRules: [TCP Query User{5751ABEF-8A5D-4001-B03B-1DBD3C06CAF7}C:\users\jakeg\desktop\unreal interior\engine\binaries\win64\ue4game.exe] => (Allow) C:\users\jakeg\desktop\unreal interior\engine\binaries\win64\ue4game.exe
FirewallRules: [UDP Query User{A99F2D59-FB1D-4D6F-A7D0-DA15BF2EC17F}C:\users\jakeg\desktop\unreal interior\engine\binaries\win64\ue4game.exe] => (Allow) C:\users\jakeg\desktop\unreal interior\engine\binaries\win64\ue4game.exe
FirewallRules: [TCP Query User{4C8869F7-A14B-4877-B529-D54CC8EDFCCF}C:\users\jakeg\desktop\lucidarchdreams1.1\engine\binaries\win64\ue4game-win64-shipping.exe] => (Allow) C:\users\jakeg\desktop\lucidarchdreams1.1\engine\binaries\win64\ue4game-win64-shipping.exe
FirewallRules: [UDP Query User{A1D371D5-3B8A-485D-AAFD-56589BAA9756}C:\users\jakeg\desktop\lucidarchdreams1.1\engine\binaries\win64\ue4game-win64-shipping.exe] => (Allow) C:\users\jakeg\desktop\lucidarchdreams1.1\engine\binaries\win64\ue4game-win64-shipping.exe
FirewallRules: [TCP Query User{BDE3232A-C938-459B-AE31-DEB428C2F89D}C:\users\jakeg\desktop\paris\unrealparis1.4\engine\binaries\win64\ue4game-win64-shipping.exe] => (Allow) C:\users\jakeg\desktop\paris\unrealparis1.4\engine\binaries\win64\ue4game-win64-shipping.exe
FirewallRules: [UDP Query User{5C4C41D5-E493-40ED-BDC3-4E46E0AFB1E2}C:\users\jakeg\desktop\paris\unrealparis1.4\engine\binaries\win64\ue4game-win64-shipping.exe] => (Allow) C:\users\jakeg\desktop\paris\unrealparis1.4\engine\binaries\win64\ue4game-win64-shipping.exe
FirewallRules: [TCP Query User{E1E3B716-2786-4B37-9CD5-0555D6BCF56F}C:\users\jakeg\desktop\imv_1.0\windowsnoeditor\imv_complete\binaries\win64\imv_complete.exe] => (Allow) C:\users\jakeg\desktop\imv_1.0\windowsnoeditor\imv_complete\binaries\win64\imv_complete.exe
FirewallRules: [UDP Query User{1CE16C7A-E900-4E0F-9619-CD9376B65D24}C:\users\jakeg\desktop\imv_1.0\windowsnoeditor\imv_complete\binaries\win64\imv_complete.exe] => (Allow) C:\users\jakeg\desktop\imv_1.0\windowsnoeditor\imv_complete\binaries\win64\imv_complete.exe
FirewallRules: [TCP Query User{6F69195A-8159-4AEC-8AC3-C32E7C2C3B14}C:\users\jakeg\desktop\ssa_1.0\windowsnoeditor\ssa\binaries\win64\ssa.exe] => (Allow) C:\users\jakeg\desktop\ssa_1.0\windowsnoeditor\ssa\binaries\win64\ssa.exe
FirewallRules: [UDP Query User{701618CF-3677-434D-988A-77F07114E5A0}C:\users\jakeg\desktop\ssa_1.0\windowsnoeditor\ssa\binaries\win64\ssa.exe] => (Allow) C:\users\jakeg\desktop\ssa_1.0\windowsnoeditor\ssa\binaries\win64\ssa.exe
FirewallRules: [TCP Query User{6F8B2C3C-7A91-43ED-83A2-0B3A9367A6D0}D:\steamlibrary\steamapps\common\newz\thenewz.exe] => (Allow) D:\steamlibrary\steamapps\common\newz\thenewz.exe
FirewallRules: [UDP Query User{9FC6328F-EA2F-4C6A-8526-A6D00804ACDC}D:\steamlibrary\steamapps\common\newz\thenewz.exe] => (Allow) D:\steamlibrary\steamapps\common\newz\thenewz.exe
FirewallRules: [TCP Query User{1B26EC6B-317B-49B8-98F9-75EE486F8DCA}D:\games\mortal kombat xl\binaries\retail\mk10.exe] => (Allow) D:\games\mortal kombat xl\binaries\retail\mk10.exe
FirewallRules: [UDP Query User{335A1E9D-E3D8-4BB0-AB17-69807A03B5C3}D:\games\mortal kombat xl\binaries\retail\mk10.exe] => (Allow) D:\games\mortal kombat xl\binaries\retail\mk10.exe
FirewallRules: [{D24287C3-8C3C-4C48-88A9-6352EF736723}] => (Allow) D:\SteamLibrary\steamapps\common\deadrising3\deadrising3.exe
FirewallRules: [{12FF9FD2-F230-44B0-9FCF-15A3BBB62779}] => (Allow) D:\SteamLibrary\steamapps\common\deadrising3\deadrising3.exe
FirewallRules: [TCP Query User{1B810472-B217-4567-8733-7DE2558BF9A3}C:\users\jakeg\desktop\unreal demos\imv_1.0\windowsnoeditor\imv_complete\binaries\win64\imv_complete.exe] => (Allow) C:\users\jakeg\desktop\unreal demos\imv_1.0\windowsnoeditor\imv_complete\binaries\win64\imv_complete.exe
FirewallRules: [UDP Query User{1E21E98C-99E4-491F-B3BF-61AD8635DDAD}C:\users\jakeg\desktop\unreal demos\imv_1.0\windowsnoeditor\imv_complete\binaries\win64\imv_complete.exe] => (Allow) C:\users\jakeg\desktop\unreal demos\imv_1.0\windowsnoeditor\imv_complete\binaries\win64\imv_complete.exe
FirewallRules: [TCP Query User{45ED6C91-35CC-4EAA-AB35-72908ABFCEE9}C:\users\jakeg\desktop\unreal demos\lucidarchdreams1.1\engine\binaries\win64\ue4game-win64-shipping.exe] => (Allow) C:\users\jakeg\desktop\unreal demos\lucidarchdreams1.1\engine\binaries\win64\ue4game-win64-shipping.exe
FirewallRules: [UDP Query User{57646D76-3764-4E39-BEA2-F00A84059EF3}C:\users\jakeg\desktop\unreal demos\lucidarchdreams1.1\engine\binaries\win64\ue4game-win64-shipping.exe] => (Allow) C:\users\jakeg\desktop\unreal demos\lucidarchdreams1.1\engine\binaries\win64\ue4game-win64-shipping.exe
FirewallRules: [TCP Query User{6CE3F007-28FB-4169-B65F-9582857DB887}C:\users\jakeg\desktop\unreal demos\paris\unrealparis1.4\engine\binaries\win64\ue4game-win64-shipping.exe] => (Allow) C:\users\jakeg\desktop\unreal demos\paris\unrealparis1.4\engine\binaries\win64\ue4game-win64-shipping.exe
FirewallRules: [UDP Query User{F0B51917-F091-4DE4-A483-18FCA5A6072F}C:\users\jakeg\desktop\unreal demos\paris\unrealparis1.4\engine\binaries\win64\ue4game-win64-shipping.exe] => (Allow) C:\users\jakeg\desktop\unreal demos\paris\unrealparis1.4\engine\binaries\win64\ue4game-win64-shipping.exe
FirewallRules: [TCP Query User{5F433DEC-FC28-4428-AE51-19D2B814192A}D:\games\assetto corsa\acs.exe] => (Block) D:\games\assetto corsa\acs.exe
FirewallRules: [UDP Query User{66D4E68F-4E11-498A-BA69-95180431FEED}D:\games\assetto corsa\acs.exe] => (Block) D:\games\assetto corsa\acs.exe
FirewallRules: [{A93EC917-FF90-41E1-B17B-C2ECAB4C2964}] => (Allow) D:\SteamLibrary\steamapps\common\The Forest\TheForest.exe
FirewallRules: [{FFDCA570-6C37-4B22-8C09-2D3029646D58}] => (Allow) D:\SteamLibrary\steamapps\common\The Forest\TheForest.exe
FirewallRules: [{BA195E7A-64CB-401D-9A36-9636C06B34F4}] => (Allow) D:\SteamLibrary\steamapps\common\ADR1FT\ADR1FT.exe
FirewallRules: [{246C6050-8C78-4C17-817E-3987B0930EC1}] => (Allow) D:\SteamLibrary\steamapps\common\ADR1FT\ADR1FT.exe
FirewallRules: [TCP Query User{A56E45A2-64E6-4B63-B8F8-5E2BCACA0802}D:\steamlibrary\steamapps\common\adr1ft\adr1ft\binaries\win64\adr1ft-win64-shipping.exe] => (Allow) D:\steamlibrary\steamapps\common\adr1ft\adr1ft\binaries\win64\adr1ft-win64-shipping.exe
FirewallRules: [UDP Query User{232ADCED-127B-45BC-A96D-76C1CEE590B1}D:\steamlibrary\steamapps\common\adr1ft\adr1ft\binaries\win64\adr1ft-win64-shipping.exe] => (Allow) D:\steamlibrary\steamapps\common\adr1ft\adr1ft\binaries\win64\adr1ft-win64-shipping.exe
FirewallRules: [{7A897806-7723-4281-8728-02947D4E33E7}] => (Allow) C:\Users\jakeg\Downloads\bin\BlackDesert32.exe
FirewallRules: [{4219DE98-EC8F-4F71-B6C2-390346BE7D6A}] => (Allow) C:\Users\jakeg\Downloads\bin64\BlackDesert64.exe
FirewallRules: [{6D70EE32-F6FF-4787-B7E8-94A4E56CC17F}] => (Allow) C:\Users\jakeg\Downloads\BlackDesert_Launcher.exe
FirewallRules: [{ED39A649-16C2-4EE4-93D3-7E42656A28AA}] => (Allow) C:\Users\jakeg\Downloads\BlackDesert_Downloader.exe
FirewallRules: [TCP Query User{AC299978-6BC1-4E6E-9C17-6548CE893848}C:\program files\devnullnull2017\swu\swu.exe] => (Block) C:\program files\devnullnull2017\swu\swu.exe
FirewallRules: [UDP Query User{74B3DE8C-6925-4F7D-86B1-25BB3193A300}C:\program files\devnullnull2017\swu\swu.exe] => (Block) C:\program files\devnullnull2017\swu\swu.exe
FirewallRules: [{C62D4B04-915C-4123-8EDE-2AE7C0BC74B7}] => (Allow) D:\SteamLibrary\steamapps\common\pCars\pCARS64.exe
FirewallRules: [{66A0CB8D-93B6-4A5F-8037-EF7D8EC261AD}] => (Allow) D:\SteamLibrary\steamapps\common\pCars\pCARS64.exe
FirewallRules: [{482E47BC-4F78-4284-A151-27E69AB96FAE}] => (Allow) D:\SteamLibrary\steamapps\common\Ace Combat Assault Horizon\Ace Combat_AH.exe
FirewallRules: [{B8617D2A-B72A-4286-887E-299D9B7B05FB}] => (Allow) D:\SteamLibrary\steamapps\common\Ace Combat Assault Horizon\Ace Combat_AH.exe
FirewallRules: [TCP Query User{C250987C-B96C-4C16-A8F2-640E13E97327}C:\program files (x86)\steam\steamapps\common\the vanishing of ethan carter redux\ethancarter\binaries\win64\ethancarter-win64-shipping.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\the vanishing of ethan carter redux\ethancarter\binaries\win64\ethancarter-win64-shipping.exe
FirewallRules: [UDP Query User{FA1AFEB5-7AFA-493B-A542-12EEDD9F201E}C:\program files (x86)\steam\steamapps\common\the vanishing of ethan carter redux\ethancarter\binaries\win64\ethancarter-win64-shipping.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\the vanishing of ethan carter redux\ethancarter\binaries\win64\ethancarter-win64-shipping.exe
FirewallRules: [TCP Query User{85F4F0D2-99AB-4B44-8114-7382863AF932}D:\games\my.summer.car.v07.02.2017\mysummercar.exe] => (Allow) D:\games\my.summer.car.v07.02.2017\mysummercar.exe
FirewallRules: [UDP Query User{267D46B8-F6FD-40E8-9F04-155324C7B3E5}D:\games\my.summer.car.v07.02.2017\mysummercar.exe] => (Allow) D:\games\my.summer.car.v07.02.2017\mysummercar.exe
FirewallRules: [TCP Query User{7F8E88BC-764C-4058-9116-52A34A665B61}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{10389FE5-1419-4A97-B3C1-E69B926FAE61}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [{5CAA368A-03BF-4E5F-8AFE-3CCA5B3DF159}] => (Allow) D:\SteamLibrary\steamapps\common\My Summer Car\mysummercar.exe
FirewallRules: [{7DAEB060-28D7-424F-8726-E24687C3F5C1}] => (Allow) D:\SteamLibrary\steamapps\common\My Summer Car\mysummercar.exe
FirewallRules: [{7EA84EA1-AC88-46EA-B09E-F5EB32099DBA}] => (Allow) D:\SteamLibrary\steamapps\common\SUPERHOT\SUPERHOT.exe
FirewallRules: [{CA28F919-19AD-4043-A431-FDDE19EAD4C0}] => (Allow) D:\SteamLibrary\steamapps\common\SUPERHOT\SUPERHOT.exe
FirewallRules: [{9FEA79A4-A317-4268-87EF-669851242244}] => (Allow) D:\SteamLibrary\steamapps\common\Subnautica\Subnautica.exe
FirewallRules: [{22BD8F13-2702-4E60-B733-B8FB8BDE031B}] => (Allow) D:\SteamLibrary\steamapps\common\Subnautica\Subnautica.exe
FirewallRules: [TCP Query User{29535393-3BF5-4B82-B2BF-DCC7764A5578}D:\games\star wars battlefront\starwarsbattlefront.exe] => (Allow) D:\games\star wars battlefront\starwarsbattlefront.exe
FirewallRules: [UDP Query User{44F130B4-DC3F-4AE9-8871-50818B206DD1}D:\games\star wars battlefront\starwarsbattlefront.exe] => (Allow) D:\games\star wars battlefront\starwarsbattlefront.exe
FirewallRules: [{4C878CB1-3092-4200-ABBB-DD79FB876CAF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Lords Of The Fallen\bin\LordsOfTheFallen.exe
FirewallRules: [{C6F27EB0-1BB1-41DC-9903-3AC2A432E0A3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Lords Of The Fallen\bin\LordsOfTheFallen.exe
FirewallRules: [{3CA0F3C7-E0B1-475E-924B-B7C0641CB7C7}] => (Allow) D:\SteamLibrary\steamapps\common\Broomball VR\Broomball.exe
FirewallRules: [{B148DE96-7A9B-456C-84E0-96FCC7CC73A4}] => (Allow) D:\SteamLibrary\steamapps\common\Broomball VR\Broomball.exe
FirewallRules: [{5186DF91-1573-4CA6-8FC5-D7721DA9689D}] => (Allow) D:\SteamLibrary\steamapps\common\EarthVR\Earth.exe
FirewallRules: [{3BFEFE5D-92D0-4A13-89A5-BA045B33A887}] => (Allow) D:\SteamLibrary\steamapps\common\EarthVR\Earth.exe
FirewallRules: [{28CC33B6-7692-4174-9B5B-167ED6D16922}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Trials on Tatooine\Kona.exe
FirewallRules: [{0C770A10-D525-4A6E-9DC9-99C158C383BE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Trials on Tatooine\Kona.exe
FirewallRules: [{43593205-C742-4860-8861-F57B6556D43A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Lab\TheLab\win64\TheLab.exe
FirewallRules: [{AFCE250E-878B-4C9B-9219-5A6CC3E04375}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Lab\TheLab\win64\TheLab.exe
FirewallRules: [{6F1CB6D6-133F-45AB-9A94-3EEEEBDAD380}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Bigscreen\Bigscreen.exe
FirewallRules: [{F185B2CA-C5B0-441B-9B82-B4D57417643C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Bigscreen\Bigscreen.exe
FirewallRules: [{4BEC928A-3D45-4FAF-81D8-78F3F74F436B}] => (Allow) D:\SteamLibrary\steamapps\common\NVIDIA VR Funhouse\VRFunhouse.exe
FirewallRules: [{DE7BF991-22F8-49A7-8768-64171DE45DF6}] => (Allow) D:\SteamLibrary\steamapps\common\NVIDIA VR Funhouse\VRFunhouse.exe
FirewallRules: [{7DA18CA0-6709-4AD9-AEB3-8608F2F5D148}] => (Allow) D:\SteamLibrary\steamapps\common\RecRoom\Recroom_Release.exe
FirewallRules: [{218B89FE-C1D4-49FB-B1BB-B4786C855BCC}] => (Allow) D:\SteamLibrary\steamapps\common\RecRoom\Recroom_Release.exe
FirewallRules: [{4F1F090A-E5BF-4A9E-8B24-5E33439F8366}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Elite Dangerous\EDLaunch.exe
FirewallRules: [{C33F9EBD-708C-4EE9-9ED7-3EEFF073CBFE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Elite Dangerous\EDLaunch.exe
FirewallRules: [{7FBE2FBF-59DE-46BE-A2C5-69F7619F878A}] => (Allow) D:\SteamLibrary\steamapps\common\H3VR\h3vr.exe
FirewallRules: [{A7312E99-54C7-4945-9F25-934A563AC911}] => (Allow) D:\SteamLibrary\steamapps\common\H3VR\h3vr.exe
FirewallRules: [TCP Query User{BA4E4337-1025-470F-8F89-CF3C290F444E}C:\program files (x86)\roccat\power-grid\roccatpowergrid.exe] => (Allow) C:\program files (x86)\roccat\power-grid\roccatpowergrid.exe
FirewallRules: [UDP Query User{5C36A560-3830-430E-A982-20C3E5C372DC}C:\program files (x86)\roccat\power-grid\roccatpowergrid.exe] => (Allow) C:\program files (x86)\roccat\power-grid\roccatpowergrid.exe
FirewallRules: [{E8052E04-443E-4ACB-BA96-30A35D299234}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [{133A12F5-286C-4CDC-B4A5-92D979AF4651}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [{687B7238-BDFD-4481-AC82-EA77FD3A656E}] => (Allow) C:\Program Files (x86)\ViveSetup\PCClient\web\apps\phone\nw.exe
FirewallRules: [{3F97EC33-B682-40B3-857A-1B4C10F7344E}] => (Allow) C:\Program Files (x86)\ViveSetup\PCClient\web\apps\phone\vivephoneinit\VivePhoneInit.exe
FirewallRules: [{F20C33B8-4883-4333-92EA-738AA6321E73}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Zombie Training Simulator\zts.exe
FirewallRules: [{8B86140B-63AC-44E4-A5E5-C00707710738}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Zombie Training Simulator\zts.exe
FirewallRules: [{BA3498F9-2B1A-4E76-904D-FEA691DB0707}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Gallery Call of the Starseed\TheGallery_EP1\TheGallery_EP1.exe
FirewallRules: [{5D99152C-0B16-4124-BB9E-DEA444D49108}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Gallery Call of the Starseed\TheGallery_EP1\TheGallery_EP1.exe
FirewallRules: [TCP Query User{C6965E8A-1AAF-4C3C-A550-95E9ED48826F}C:\program files (x86)\steam\steamapps\common\bigscreen\bigscreen_data\helper\win64\bigscreen.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\bigscreen\bigscreen_data\helper\win64\bigscreen.exe
FirewallRules: [UDP Query User{66B2F12F-4689-49B4-A82D-3060D92EB879}C:\program files (x86)\steam\steamapps\common\bigscreen\bigscreen_data\helper\win64\bigscreen.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\bigscreen\bigscreen_data\helper\win64\bigscreen.exe
FirewallRules: [TCP Query User{5D2F7FD4-65A3-47ED-AE8C-2B40CF6DE2F0}D:\steamlibrary\steamapps\common\nvidia vr funhouse\engine\binaries\win64\ue4game-win64-shipping.exe] => (Allow) D:\steamlibrary\steamapps\common\nvidia vr funhouse\engine\binaries\win64\ue4game-win64-shipping.exe
FirewallRules: [UDP Query User{B8F8F18F-212F-45EB-9158-86DA61C09646}D:\steamlibrary\steamapps\common\nvidia vr funhouse\engine\binaries\win64\ue4game-win64-shipping.exe] => (Allow) D:\steamlibrary\steamapps\common\nvidia vr funhouse\engine\binaries\win64\ue4game-win64-shipping.exe
FirewallRules: [TCP Query User{272F731A-329C-44AD-B6D5-5694F765C840}C:\program files (x86)\steam\steamapps\common\trials on tatooine\kona\binaries\win64\kona-win64-shipping.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\trials on tatooine\kona\binaries\win64\kona-win64-shipping.exe
FirewallRules: [UDP Query User{0B351A3A-46DC-4BBC-9BD7-C46608299D5F}C:\program files (x86)\steam\steamapps\common\trials on tatooine\kona\binaries\win64\kona-win64-shipping.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\trials on tatooine\kona\binaries\win64\kona-win64-shipping.exe
FirewallRules: [TCP Query User{4E123E59-880E-43D1-A40B-6B99B68FAE67}C:\users\jakeg\desktop\vr\unreal demos\ssa_1.0\windowsnoeditor\ssa\binaries\win64\ssa.exe] => (Allow) C:\users\jakeg\desktop\vr\unreal demos\ssa_1.0\windowsnoeditor\ssa\binaries\win64\ssa.exe
FirewallRules: [UDP Query User{44B08574-D17D-4590-8AD9-4B690766EEE0}C:\users\jakeg\desktop\vr\unreal demos\ssa_1.0\windowsnoeditor\ssa\binaries\win64\ssa.exe] => (Allow) C:\users\jakeg\desktop\vr\unreal demos\ssa_1.0\windowsnoeditor\ssa\binaries\win64\ssa.exe
FirewallRules: [TCP Query User{9707ADFA-55C2-4DCE-AD81-C0A36E74B7F2}C:\users\jakeg\desktop\vr\unreal demos\lucidarchdreams1.1\engine\binaries\win64\ue4game-win64-shipping.exe] => (Allow) C:\users\jakeg\desktop\vr\unreal demos\lucidarchdreams1.1\engine\binaries\win64\ue4game-win64-shipping.exe
FirewallRules: [UDP Query User{D6FA9C56-CA68-4BD8-8F7E-101D2DAAFA60}C:\users\jakeg\desktop\vr\unreal demos\lucidarchdreams1.1\engine\binaries\win64\ue4game-win64-shipping.exe] => (Allow) C:\users\jakeg\desktop\vr\unreal demos\lucidarchdreams1.1\engine\binaries\win64\ue4game-win64-shipping.exe
FirewallRules: [TCP Query User{3288F20E-392B-46C7-B3FF-25E76E7E63AE}C:\program files (x86)\steam\steamapps\common\the lab\robotrepair\bin\win64\vr.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\the lab\robotrepair\bin\win64\vr.exe
FirewallRules: [UDP Query User{FA2C9752-69D1-41F7-8D8A-0EED8801AA88}C:\program files (x86)\steam\steamapps\common\the lab\robotrepair\bin\win64\vr.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\the lab\robotrepair\bin\win64\vr.exe
FirewallRules: [{03C858AA-38DC-4603-A7BA-1F2CD3F4A922}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Whirligig\Whirligig.exe
FirewallRules: [{848A79B7-1C53-4B2C-B0D3-0AC8A222ED56}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Whirligig\Whirligig.exe
FirewallRules: [{DEA10332-CD25-4E94-BFEE-2F48941E5599}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Accounting\Accounting.exe
FirewallRules: [{8586D82A-8720-40E7-9781-6672F98171DC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Accounting\Accounting.exe
FirewallRules: [{BEAFF0EC-7612-49C0-8D85-7F1429323A02}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Portal Stories VR\Lift.exe
FirewallRules: [{D392F978-CC85-4C55-9138-44C2CB6514BB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Portal Stories VR\Lift.exe
FirewallRules: [{F85A0E40-FEEA-4C29-ABE6-1F87F7089410}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Endless Night\EndlessNight.exe
FirewallRules: [{8093F4F1-F5F8-4AE6-A036-299D9405B80D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Endless Night\EndlessNight.exe
FirewallRules: [{00980EC5-9885-49C4-889D-5B7C0AD6B93A}] => (Allow) OVRServiceLauncher.exe
FirewallRules: [{FACAB1F8-1DE9-4F1B-8D5F-35481DF5ECB8}] => (Allow) OVRServiceLauncher.exe
FirewallRules: [{F3BA2734-D733-467C-B79A-8BDD71A70672}] => (Allow) DirectDisplayConfig.exe
FirewallRules: [{2DB6036D-D247-415D-B21D-CCF9911C3813}] => (Allow) DirectDisplayConfig.exe
FirewallRules: [{049F9147-1A2A-403B-9DA9-36F040DB2A14}] => (Allow) OVRServer_x64.exe
FirewallRules: [{463B0F59-4639-420B-8160-70F32BACA0CB}] => (Allow) OVRServer_x64.exe
FirewallRules: [{FB081A0F-8E2A-4584-8C86-E2246DB6A1CD}] => (Allow) OculusVR.exe
FirewallRules: [{F6B3E7B0-AC2A-4DE9-88C2-97C6F53C3787}] => (Allow) OculusVR.exe
FirewallRules: [{8BDFD808-9DEB-4268-B0D7-264BF699FCFF}] => (Allow) OculusClient.exe
FirewallRules: [{9453391F-276D-4907-B6E0-E35D74FDBA0A}] => (Allow) OculusClient.exe
FirewallRules: [TCP Query User{80F04F57-D601-4944-9C17-8FF9649CBA63}C:\program files (x86)\steam\steamapps\common\portal stories vr\lift\binaries\win64\lift-win64-shipping.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\portal stories vr\lift\binaries\win64\lift-win64-shipping.exe
FirewallRules: [UDP Query User{99C948D4-DD52-4843-9DBE-5E3294A16DAD}C:\program files (x86)\steam\steamapps\common\portal stories vr\lift\binaries\win64\lift-win64-shipping.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\portal stories vr\lift\binaries\win64\lift-win64-shipping.exe
FirewallRules: [{7B1C3CBF-3AC1-40D9-AC36-F551DAB0C5AF}] => (Allow) D:\SteamLibrary\steamapps\common\Drunkn Bar Fight\DBF.exe
FirewallRules: [{CC67C3D0-55AF-4ED9-9955-67CE6FE11406}] => (Allow) D:\SteamLibrary\steamapps\common\Drunkn Bar Fight\DBF.exe
FirewallRules: [{F5E51A1B-1255-4AC9-8A57-1DBB34127EDC}] => (Allow) D:\SteamLibrary\steamapps\common\Organ Quarter\OrganQuarterAlpha.exe
FirewallRules: [{05255953-96B0-405C-B049-22044A6717D7}] => (Allow) D:\SteamLibrary\steamapps\common\Organ Quarter\OrganQuarterAlpha.exe
FirewallRules: [{E03C54AE-30E6-44E6-A04D-7FC0D5314854}] => (Allow) C:\WINDOWS\system32\rundll32.exe
FirewallRules: [{A6BC76B0-175B-4402-9B82-C374947D1299}] => (Allow) C:\WINDOWS\system32\rundll32.exe
FirewallRules: [{23525E02-D344-4663-99D8-1D840B48B028}] => (Allow) D:\SteamLibrary\steamapps\common\Nevrosa Prelude\Nevrosa.exe
FirewallRules: [{5A763F17-2DE5-4E57-90EB-DE46ECD3B3AF}] => (Allow) D:\SteamLibrary\steamapps\common\Nevrosa Prelude\Nevrosa.exe
FirewallRules: [{F974722F-F552-4536-AC54-01E2414C534F}] => (Allow) D:\SteamLibrary\steamapps\common\Waltz of the Wizard\WaltzOfTheWizard.exe
FirewallRules: [{037E52A7-0600-4BD1-BA90-11F03EB6B599}] => (Allow) D:\SteamLibrary\steamapps\common\Waltz of the Wizard\WaltzOfTheWizard.exe
FirewallRules: [{7E655B47-4F45-45E3-BEE5-387F275AF877}] => (Allow) D:\SteamLibrary\steamapps\common\The Cubicle\The Cubicle.exe
FirewallRules: [{20274EDF-2D47-4DD4-B21E-000B667525EB}] => (Allow) D:\SteamLibrary\steamapps\common\The Cubicle\The Cubicle.exe
FirewallRules: [{69C2865C-EAAB-4915-AC9A-6C4839B226CE}] => (Allow) D:\SteamLibrary\steamapps\common\Acan's Call\AcansCall.exe
FirewallRules: [{80ECB77A-58CE-4028-9ED7-1AF85A8BB276}] => (Allow) D:\SteamLibrary\steamapps\common\Acan's Call\AcansCall.exe
FirewallRules: [{712F38FB-50FE-4D1C-AC9A-CA270B9BA505}] => (Allow) D:\SteamLibrary\steamapps\common\3dSunshine\3dSunshine.exe
FirewallRules: [{E7D780FA-7455-46DE-8717-E0F9D64619CA}] => (Allow) D:\SteamLibrary\steamapps\common\3dSunshine\3dSunshine.exe
FirewallRules: [{7DBAE777-A4BE-4603-B69D-2DC78508D8E2}] => (Allow) D:\SteamLibrary\steamapps\common\War Thunder\launcher.exe
FirewallRules: [{427B3335-CC1C-4D2F-820A-937E93099220}] => (Allow) D:\SteamLibrary\steamapps\common\War Thunder\launcher.exe
FirewallRules: [TCP Query User{73F2ABB4-8123-4762-B6B4-5EBF29B6C9DB}D:\steamlibrary\steamapps\common\war thunder\win64\aces.exe] => (Allow) D:\steamlibrary\steamapps\common\war thunder\win64\aces.exe
FirewallRules: [UDP Query User{A9C7CC29-F378-40C6-AD7D-B31D954D267F}D:\steamlibrary\steamapps\common\war thunder\win64\aces.exe] => (Allow) D:\steamlibrary\steamapps\common\war thunder\win64\aces.exe
FirewallRules: [TCP Query User{A774DD12-C132-486F-834A-9C2F70981BF7}C:\users\jakeg\desktop\vr\unreal demos\unreal interior\engine\binaries\win64\ue4game.exe] => (Allow) C:\users\jakeg\desktop\vr\unreal demos\unreal interior\engine\binaries\win64\ue4game.exe
FirewallRules: [UDP Query User{DFACBE64-03EA-46FC-8108-B8EBD289274E}C:\users\jakeg\desktop\vr\unreal demos\unreal interior\engine\binaries\win64\ue4game.exe] => (Allow) C:\users\jakeg\desktop\vr\unreal demos\unreal interior\engine\binaries\win64\ue4game.exe
FirewallRules: [{2BCCD8C2-9C34-4BC8-ACA8-D0512829C4F5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Drunk or Dead\Dod.exe
FirewallRules: [{DC179274-684F-4166-8BB6-84E4B203B55C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Drunk or Dead\Dod.exe
FirewallRules: [{316C3DB6-76AA-4FB7-84C7-1705504BA7A3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\PoolNationVR\PoolNationVR.exe
FirewallRules: [{BC24D45D-215D-4FE4-9C16-D3713604C723}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\PoolNationVR\PoolNationVR.exe
FirewallRules: [{E65DF8AA-D73D-4097-8965-6484DFA0627D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\B2DI\bin\win_x64_release\DinoIsland1.exe
FirewallRules: [{9D311F1B-7CAF-494A-8AA7-7AE336B84B10}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\B2DI\bin\win_x64_release\DinoIsland1.exe
FirewallRules: [TCP Query User{88C3A287-1F3D-4F5D-B281-AA4F8C1A8F30}C:\program files (x86)\steam\steamapps\common\poolnationvr\poolnationvr\binaries\win64\vrpooldemo-win64-shipping.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\poolnationvr\poolnationvr\binaries\win64\vrpooldemo-win64-shipping.exe
FirewallRules: [UDP Query User{EB7DEA60-70AE-4CC4-A25D-453A5B12562D}C:\program files (x86)\steam\steamapps\common\poolnationvr\poolnationvr\binaries\win64\vrpooldemo-win64-shipping.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\poolnationvr\poolnationvr\binaries\win64\vrpooldemo-win64-shipping.exe
FirewallRules: [{A10C769A-61E5-49CF-A4B9-FDFC62445E2D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Belko VR\BelkoVR.exe
FirewallRules: [{E8262724-3CBB-4DCA-9580-DB954ECB0D65}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Belko VR\BelkoVR.exe
FirewallRules: [{15A0248A-7479-4B39-945B-82CE303F2D20}] => (Allow) D:\SteamLibrary\steamapps\common\PavlovVR\Pavlov.exe
FirewallRules: [{D2C7A1F2-2C3B-4BEB-BCE8-DFB04BCAD2A7}] => (Allow) D:\SteamLibrary\steamapps\common\PavlovVR\Pavlov.exe
FirewallRules: [TCP Query User{2840438F-C68A-4F08-A815-BA432F286CB8}D:\steamlibrary\steamapps\common\pavlovvr\pavlov\binaries\win64\pavlov-win64-shipping.exe] => (Allow) D:\steamlibrary\steamapps\common\pavlovvr\pavlov\binaries\win64\pavlov-win64-shipping.exe
FirewallRules: [UDP Query User{3601E654-7F04-40C3-8C0B-D5A65A412043}D:\steamlibrary\steamapps\common\pavlovvr\pavlov\binaries\win64\pavlov-win64-shipping.exe] => (Allow) D:\steamlibrary\steamapps\common\pavlovvr\pavlov\binaries\win64\pavlov-win64-shipping.exe
FirewallRules: [{6B5C1F99-3C4B-43E5-BD44-2E8906F0CE3F}] => (Allow) D:\SteamLibrary\steamapps\common\WakeUp\WakeUpProject.exe
FirewallRules: [{13E3DA53-314E-481A-8BBE-506A5E0431D6}] => (Allow) D:\SteamLibrary\steamapps\common\WakeUp\WakeUpProject.exe
FirewallRules: [{5CD279EB-1F5A-49DE-9E8E-844CCA0267FC}] => (Allow) D:\SteamLibrary\steamapps\common\InMind\InMind.exe
FirewallRules: [{2F084322-11EE-4308-AB1F-DF971319DF82}] => (Allow) D:\SteamLibrary\steamapps\common\InMind\InMind.exe
FirewallRules: [TCP Query User{9D64FB91-8896-4CC7-8424-D441616A8E0A}D:\steamlibrary\steamapps\common\wakeup\wakeupproject\binaries\win64\wakeupproject-win64-shipping.exe] => (Allow) D:\steamlibrary\steamapps\common\wakeup\wakeupproject\binaries\win64\wakeupproject-win64-shipping.exe
FirewallRules: [UDP Query User{C9596B75-0786-4381-8366-BF2F946D4ECB}D:\steamlibrary\steamapps\common\wakeup\wakeupproject\binaries\win64\wakeupproject-win64-shipping.exe] => (Allow) D:\steamlibrary\steamapps\common\wakeup\wakeupproject\binaries\win64\wakeupproject-win64-shipping.exe
FirewallRules: [{A44D64FC-11E6-4D5B-A9BA-A818F84EA882}] => (Allow) D:\SteamLibrary\steamapps\common\Outlast\OutlastLauncher.exe
FirewallRules: [{F4740475-64DF-470F-BACC-0216ED1A4F19}] => (Allow) D:\SteamLibrary\steamapps\common\Outlast\OutlastLauncher.exe
FirewallRules: [{7C9B86C7-E760-4174-A017-CC6A14AAD4E0}] => (Allow) D:\SteamLibrary\steamapps\common\SteamVRPerformanceTest\bin\win64\vr.exe
FirewallRules: [{41C9D2E7-539F-4C54-A6DE-D006E8CDED71}] => (Allow) D:\SteamLibrary\steamapps\common\SteamVRPerformanceTest\bin\win64\vr.exe
FirewallRules: [{B2F26204-3314-4A64-9F7F-6182EE8BB98E}] => (Allow) C:\Windows\System32\rundll32.exe
FirewallRules: [{EF8A5AC4-1E8E-42B4-A93C-6BCCDBE1B391}] => (Allow) C:\Windows\System32\rundll32.exe
FirewallRules: [{90C710BB-5648-48B4-9CE2-ABEA0BEC209A}] => (Allow) D:\SteamLibrary\steamapps\common\Break Time!\breaktimevr.exe
FirewallRules: [{A8146874-E372-466C-83EB-A2009BB828BD}] => (Allow) D:\SteamLibrary\steamapps\common\Break Time!\breaktimevr.exe
FirewallRules: [{59C080EC-E785-46B1-B1F6-B7403FA8F72C}] => (Allow) D:\SteamLibrary\steamapps\common\raceroom racing experience\Game\RRRE.exe
FirewallRules: [{BF3BE2F7-787D-4AB2-B72F-D31CF2562A37}] => (Allow) D:\SteamLibrary\steamapps\common\raceroom racing experience\Game\RRRE.exe

==================== Restore Points =========================

06-03-2017 09:25:33 Scheduled Checkpoint

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (03/10/2017 05:18:23 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: microsoftedgecp.exe, version: 11.0.14393.82, time stamp: 0x57a55786
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000604
Fault offset: 0x0000000000000000
Faulting process id: 0x2dc
Faulting application start time: 0x01d299877ffd1a49
Faulting application path: C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\microsoftedgecp.exe
Faulting module path: unknown
Report Id: d11280a8-7d3e-48c4-868f-012b6ebf997d
Faulting package full name: Microsoft.MicrosoftEdge_38.14393.0.0_neutral__8wekyb3d8bbwe
Faulting package-relative application ID: MicrosoftEdge

Error: (03/10/2017 05:18:20 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: microsoftedgecp.exe, version: 11.0.14393.82, time stamp: 0x57a55786
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000604
Fault offset: 0x0000000000000000
Faulting process id: 0x2dc
Faulting application start time: 0x01d299877ffd1a49
Faulting application path: C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\microsoftedgecp.exe
Faulting module path: unknown
Report Id: c07bf1ad-a7b5-4ab2-9d0b-29f8a6a7aca5
Faulting package full name: Microsoft.MicrosoftEdge_38.14393.0.0_neutral__8wekyb3d8bbwe
Faulting package-relative application ID: MicrosoftEdge

Error: (03/10/2017 05:14:26 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: The Open Procedure for service "BITS" in DLL "C:\Windows\System32\bitsperf.dll" failed. Performance data for this service will not be available. The first four bytes (DWORD) of the Data section contains the error code.

Error: (03/10/2017 05:05:44 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Vive.exe, version: 1.0.8889.1000, time stamp: 0x58afe498
Faulting module name: KERNELBASE.dll, version: 10.0.14393.479, time stamp: 0x58256d37
Exception code: 0xe0434352
Fault offset: 0x000da832
Faulting process id: 0x29c8
Faulting application start time: 0x01d299835b91d1bf
Faulting application path: C:\Program Files (x86)\ViveSetup\PCClient\Vive.exe
Faulting module path: C:\WINDOWS\System32\KERNELBASE.dll
Report Id: 53921c5e-770e-44ce-9638-bf67330c7031
Faulting package full name:
Faulting package-relative application ID:

Error: (03/10/2017 05:05:43 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: Vive.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.Runtime.InteropServices.COMException
at System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32, IntPtr)
at System.Management.SinkForEventQuery.Cancel()
at System.Management.ManagementEventWatcher.Stop()
at System.Management.ManagementEventWatcher.Finalize()

Error: (03/10/2017 05:00:09 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: rundll32.exe_76f3774w1994G186.dll, version: 10.0.14393.0, time stamp: 0x57899977
Faulting module name: KERNELBASE.dll, version: 10.0.14393.479, time stamp: 0x582588e6
Exception code: 0x20474343
Fault offset: 0x0000000000017788
Faulting process id: 0x2544
Faulting application start time: 0x01d2998515234c33
Faulting application path: C:\WINDOWS\system32\rundll32.exe
Faulting module path: C:\WINDOWS\System32\KERNELBASE.dll
Report Id: a23b545b-4718-4666-bbbb-02dbf9a8d015
Faulting package full name:
Faulting package-relative application ID:

Error: (03/10/2017 05:00:09 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: rundll32.exe_76f3774w1994G186.dll, version: 10.0.14393.0, time stamp: 0x57899977
Faulting module name: KERNELBASE.dll, version: 10.0.14393.479, time stamp: 0x582588e6
Exception code: 0x20474343
Fault offset: 0x0000000000017788
Faulting process id: 0x1900
Faulting application start time: 0x01d29985152497a1
Faulting application path: C:\WINDOWS\system32\rundll32.exe
Faulting module path: C:\WINDOWS\System32\KERNELBASE.dll
Report Id: 5c20edb9-a86f-43cf-9f89-2c5744686a00
Faulting package full name:
Faulting package-relative application ID:

Error: (03/10/2017 05:00:09 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: rundll32.exe_76f3774w1994G186.dll, version: 10.0.14393.0, time stamp: 0x57899977
Faulting module name: KERNELBASE.dll, version: 10.0.14393.479, time stamp: 0x582588e6
Exception code: 0x20474343
Fault offset: 0x0000000000017788
Faulting process id: 0x19e8
Faulting application start time: 0x01d299851599963f
Faulting application path: C:\WINDOWS\system32\rundll32.exe
Faulting module path: C:\WINDOWS\System32\KERNELBASE.dll
Report Id: 8a904f58-4402-4271-a188-c1790dcd783c
Faulting package full name:
Faulting package-relative application ID:

Error: (03/10/2017 05:00:09 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: rundll32.exe_76f3774w1994G186.dll, version: 10.0.14393.0, time stamp: 0x57899977
Faulting module name: KERNELBASE.dll, version: 10.0.14393.479, time stamp: 0x582588e6
Exception code: 0x20474343
Fault offset: 0x0000000000017788
Faulting process id: 0x2f94
Faulting application start time: 0x01d2998515112cd1
Faulting application path: C:\WINDOWS\system32\rundll32.exe
Faulting module path: C:\WINDOWS\System32\KERNELBASE.dll
Report Id: ae166441-3e9d-4910-a5d7-c539591f5939
Faulting package full name:
Faulting package-relative application ID:

Error: (03/10/2017 04:51:25 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: svchost.exe_wuauserv, version: 10.0.14393.0, time stamp: 0x57899b1c
Faulting module name: ntdll.dll, version: 10.0.14393.479, time stamp: 0x5825887f
Exception code: 0xc0000409
Fault offset: 0x000000000009648f
Faulting process id: 0x460
Faulting application start time: 0x01d2979f131e19d5
Faulting application path: C:\WINDOWS\system32\svchost.exe
Faulting module path: C:\WINDOWS\SYSTEM32\ntdll.dll
Report Id: 2dd18302-fc42-452c-88af-cd383c8f5736
Faulting package full name:
Faulting package-relative application ID:


System errors:
=============
Error: (03/10/2017 05:04:58 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
and APPID
{F72671A9-012C-4725-9D2F-2A4D32D65169}
to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (03/10/2017 04:56:46 AM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Windows Management Instrumentation service, but this action failed with the following error:
An instance of the service is already running.

Error: (03/10/2017 04:56:46 AM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the User Profile Service service, but this action failed with the following error:
An instance of the service is already running.

Error: (03/10/2017 04:55:16 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Steam Client Service service failed to start due to the following error:
The service did not respond to the start or control request in a timely fashion.

Error: (03/10/2017 04:55:16 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (60000 milliseconds) while waiting for the Steam Client Service service to connect.

Error: (03/10/2017 04:55:08 AM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-PHRHDSR)
Description: The machine-default permission settings do not grant Local Activation permission for the COM Server application with CLSID
{C2F03A33-21F5-47FA-B4BB-156362A2F239}
and APPID
{316CDED5-E4AE-4B15-9113-7055D84DCC97}
to the user DESKTOP-PHRHDSR\jakeg SID (S-1-5-21-2362767239-1170048716-167344883-1002) from address LocalHost (Using LRPC) running in the application container Microsoft.Windows.Cortana_1.7.0.14393_neutral_neutral_cw5n1h2txyewy SID (S-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742). This security permission can be modified using the Component Services administrative tool.

Error: (03/10/2017 04:54:46 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Windows Update service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.

Error: (03/10/2017 04:54:46 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Windows Push Notifications System Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.

Error: (03/10/2017 04:54:46 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Microsoft Account Sign-in Assistant service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 0 milliseconds: Restart the service.

Error: (03/10/2017 04:54:46 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Windows Insider Service service terminated unexpectedly. It has done this 1 time(s).


CodeIntegrity:
===================================
Date: 2017-03-10 05:26:16.849
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.

Date: 2017-03-10 05:17:20.547
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.

Date: 2017-03-10 05:17:20.147
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.

Date: 2017-03-05 17:58:49.284
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\nvspcap64.dll because the set of per-page image hashes could not be found on the system.

Date: 2017-03-05 17:58:49.269
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\nvspcap64.dll because the set of per-page image hashes could not be found on the system.

Date: 2017-03-04 01:15:06.174
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.

Date: 2016-12-29 18:58:39.281
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\nvspcap64.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-11-28 19:05:57.218
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\nvspcap64.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-11-28 19:05:57.202
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\nvspcap64.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-11-28 19:05:57.074
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\nvspcap64.dll because the set of per-page image hashes could not be found on the system.


==================== Memory info ===========================

Processor: AMD FX(tm)-8350 Eight-Core Processor
Percentage of memory in use: 37%
Total physical RAM: 8173.55 MB
Available physical RAM: 5125.81 MB
Total Virtual: 32749.28 MB
Available Virtual: 28733.06 MB

==================== Drives ================================

Drive c: (Windows) (Fixed) (Total:930.73 GB) (Free:69.24 GB) NTFS
Drive d: (750GB 7200) (Fixed) (Total:698.63 GB) (Free:172.57 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: DD0E7A7A)
Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=930.7 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=450 MB) - (Type=27)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 698.6 GB) (Disk ID: A9D70C27)
Partition 1: (Not Active) - (Size=698.6 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================

id like to apologize for any posting errors, I believe I did everything right here. and thank you to anyone who takes the time to help me out!
Jakegently
Active Member
 
Posts: 3
Joined: March 10th, 2017, 6:22 am

Re: Firefox is hijacked, windows defender is disabled too

Unread postby pgmigg » March 10th, 2017, 1:17 pm

Unfortunately, as you have opened your topic with multiple posts, the topic must be closed as it would likely go unnoticed by helpers who are looking for topics that have only a single post.

May I draw your attention to the topic: ALL USERS OF THIS FORUM MUST READ THIS FIRST, which you should have read before posting for help.

The section here explains why you should not reply to your topic before a helper replies.

Please start a new topic with just a single post with more detailed description of problems or symptoms, and this time attach your logs, then wait for a helper to reply. Thank you for your understanding.

This topic is now closed.
User avatar
pgmigg
Admin/Teacher
Admin/Teacher
 
Posts: 3828
Joined: July 8th, 2008, 1:25 pm
Location: GMT-05:00
Advertisement
Register to Remove


  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 74 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware