• Hi there and welcome to PC Help Forum (PCHF), a more effective way to get the Tech Support you need!
    We have Experts in all areas of Tech, including Malware Removal, Crash Fixing and BSOD's , Microsoft Windows, Computer DIY and PC Hardware, Networking, Gaming, Tablets and iPads, General and Specific Software Support and so much more.

    Why not Click Here To Sign Up and start enjoying great FREE Tech Support.

    This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.
  • Hello everyone We want to personally apologize to everyone for the downtime that we've experienced. We are working to get everything back up as quickly as possible. Due to the issues we've had, your password will need to be reset. Please click the button that says "Forgot Your Password" and change it. We are working to have things back to normal. Emails are fixed and should now send properly. Thank you all for your patience. Thanks, PCHF Management
Status
Not open for further replies.

srkzzzi

PCHF Member
Feb 16, 2017
22
7
24
Here are the logs once again

FRST.txt

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 15-02-2017 02
Ran by Tuf Tuf (administrator) on DESKTOP-HFQ2I7A (16-02-2017 16:31:26)
Running from C:\Users\Tuf Tuf\Desktop\New folder (2)
Loaded Profiles: Tuf Tuf (Available Profiles: Tuf Tuf)
Platform: Windows 10 Pro Version 1607 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Edge)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare\ASCService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(IObit) C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
() C:\Program Files (x86)\ASRock Utility\A-Tuning\Bin\IOMonitorSrv.exe
(cFos Software GmbH) C:\Program Files\ASRock\XFast LAN\spd.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare\Monitor.exe
(AVAST Software s.r.o.) C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleCrashHandler64.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.11.105.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Flux Software LLC) C:\Users\Tuf Tuf\AppData\Local\FluxSoftware\Flux\flux.exe
(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare\ASCTray.exe
(Skillbrains) C:\Program Files (x86)\Skillbrains\lightshot\5.4.0.1\Lightshot.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(IObit) C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare\ASC.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13513288 2013-03-29] (Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2014-05-28] (Intel Corporation)
HKLM\...\Run: [XFast LAN] => C:\Program Files\ASRock\XFast LAN\cFosSpeed.exe [2009952 2013-05-31] (cFos Software GmbH)
HKLM\...\Run: [Malwarebytes TrayApp] => C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [2780112 2017-01-20] (Malwarebytes)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [5565960 2016-11-11] (LogMeIn Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2016-12-12] (Oracle Corporation)
HKLM-x32\...\Run: [Lightshot] => C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe [225944 2016-07-11] ()
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [205512 2017-02-16] (AVAST Software)
HKU\S-1-5-21-4011794534-997363082-2150810316-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2881824 2017-01-19] (Valve Corporation)
HKU\S-1-5-21-4011794534-997363082-2150810316-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27427808 2017-01-23] (Skype Technologies S.A.)
HKU\S-1-5-21-4011794534-997363082-2150810316-1001\...\Run: [f.lux] => C:\Users\Tuf Tuf\AppData\Local\FluxSoftware\Flux\flux.exe [1024240 2016-12-06] (Flux Software LLC)
HKU\S-1-5-21-4011794534-997363082-2150810316-1001\...\Run: [Advanced SystemCare 9] => C:\Program Files (x86)\IObit\Advanced SystemCare\ASCTray.exe [2023712 2016-07-27] (IObit)
HKU\S-1-5-18\...\Run: [] => 0
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-02-16] (AVAST Software)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-02-16] (AVAST Software)
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-02-16] (AVAST Software)
ShellIconOverlayIdentifiers: [KzShlobj] -> {AAA0C5B8-933F-4200-93AD-B143D7FFF9F2} => -> No File
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\GIGABYTE OC_GURU.lnk [2016-11-12]
ShortcutTarget: GIGABYTE OC_GURU.lnk -> C:\Program Files (x86)\GIGABYTE\GIGABYTE OC_GURU II\OC_GURU.exe (GIGABYTE Technology Co.,Ltd.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\..\Interfaces\{171eca01-cdb5-47fd-9764-235f42fe1124}: [DhcpNameServer] 172.18.11.1
Tcpip\..\Interfaces\{1d312508-3044-4cd2-b2d9-aa93aceb5006}: [DhcpNameServer] 172.18.13.1
Tcpip\..\Interfaces\{6acb4502-f8d6-4a8b-abee-2c7aba76975a}: [DhcpNameServer] 89.216.1.40 89.216.1.50

Internet Explorer:
==================
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer.dll [2015-11-12] (IObit)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-11-12] (Google Inc.)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office16\GROOVEEX.DLL [2016-07-13] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\ssv.dll [2017-01-18] (Oracle Corporation)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-11-12] (Google Inc.)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office16\GROOVEEX.DLL [2016-07-13] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\jp2ssv.dll [2017-01-18] (Oracle Corporation)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-11-12] (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-11-12] (Google Inc.)
Handler: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2016-07-12] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2016-07-12] (Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2016-07-12] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2016-07-12] (Microsoft Corporation)

FireFox:
========
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.121.2 -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\dtplugin\npDeployJava1.dll [2017-01-18] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.121.2 -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\plugin2\npjp2.dll [2017-01-18] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll [2013-05-13] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2017-02-09] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2017-02-09] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-16] (Google Inc.)
FF Plugin HKU\S-1-5-21-4011794534-997363082-2150810316-1001: @nsroblox.roblox.com/launcher -> C:\Users\Tuf Tuf\AppData\Local\Roblox\Versions\version-934c86ec4aa148f0\\NPRobloxProxy.dll [2013-01-01] ( ROBLOX Corporation)
FF Plugin HKU\S-1-5-21-4011794534-997363082-2150810316-1001: @nsroblox.roblox.com/launcher64 -> C:\Users\Tuf Tuf\AppData\Local\Roblox\Versions\version-934c86ec4aa148f0\\NPRobloxProxy64.dll [2013-01-01] ( ROBLOX Corporation)

Chrome:
=======
CHR HomePage: Default -> hxxps://www.youtube.com/
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR Profile: C:\Users\Tuf Tuf\AppData\Local\Google\Chrome\User Data\Default [2017-02-16]
CHR Extension: (Google Slides) - C:\Users\Tuf Tuf\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-02-16]
CHR Extension: (BetterTTV) - C:\Users\Tuf Tuf\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajopnjidmegmdimjlfnijceegpefgped [2017-02-16]
CHR Extension: (Google Docs) - C:\Users\Tuf Tuf\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-02-16]
CHR Extension: (Google Drive) - C:\Users\Tuf Tuf\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-02-16]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Tuf Tuf\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2017-02-16]
CHR Extension: (Tree Branches) - C:\Users\Tuf Tuf\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgdeemcfmmabkdhbnhmkhpadancpkgol [2017-02-16]
CHR Extension: (Poper Blocker) - C:\Users\Tuf Tuf\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkkbcggnhapdmkeljlodobbkopceiche [2017-02-16]
CHR Extension: (YouTube) - C:\Users\Tuf Tuf\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-02-16]
CHR Extension: (Adblock Plus) - C:\Users\Tuf Tuf\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2017-02-16]
CHR Extension: (FrankerFaceZ) - C:\Users\Tuf Tuf\AppData\Local\Google\Chrome\User Data\Default\Extensions\fadndhdgpmmaapbmfcknlfgcflmmmieb [2017-02-16]
CHR Extension: (Google Sheets) - C:\Users\Tuf Tuf\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-02-16]
CHR Extension: (Stylish - Custom themes for any website) - C:\Users\Tuf Tuf\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjnbnpbmkenffdnngjfgmeleoegfcffe [2017-02-16]
CHR Extension: (Google Docs Offline) - C:\Users\Tuf Tuf\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-02-16]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Tuf Tuf\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-02-16]
CHR Extension: (Gmail) - C:\Users\Tuf Tuf\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-02-16]
CHR Extension: (Chrome Media Router) - C:\Users\Tuf Tuf\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-02-16]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdvancedSystemCareService9; C:\Program Files (x86)\IObit\Advanced SystemCare\ASCService.exe [452384 2016-07-25] (IObit)
R2 ASRockIOMon; C:\Program Files (x86)\ASRock Utility\A-Tuning\Bin\IOMonitorSrv.exe [463112 2014-07-31] ()
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7142136 2017-02-16] (AVAST Software s.r.o.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [262736 2017-02-16] (AVAST Software)
R2 cFosSpeedS; C:\Program Files\ASRock\XFast LAN\spd.exe [652640 2013-05-31] (cFos Software GmbH)
S3 EasyAntiCheat; C:\WINDOWS\SysWOW64\EasyAntiCheat.exe [392976 2017-02-09] (EasyAntiCheat Ltd)
R2 Hamachi2Svc; C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe [2627080 2016-11-11] (LogMeIn Inc.)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [16232 2014-05-28] (Intel Corporation)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation) [File not signed]
R2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2960672 2016-07-20] (IObit)
R3 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe [419248 2016-11-11] (LogMeIn, Inc.)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4355024 2017-01-20] (Malwarebytes)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [462784 2017-01-20] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [462784 2017-01-20] (NVIDIA Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [462784 2017-02-10] (NVIDIA Corporation)
R2 NvTelemetryContainer; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [425408 2017-01-20] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2119688 2017-01-07] (Electronic Arts)
R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [2180624 2017-01-07] (Electronic Arts)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [2889896 2016-12-03] (Microsoft Corporation)
R3 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [10216688 2016-11-28] (TeamViewer GmbH)
S3 TunnelBearMaintenance; C:\Program Files (x86)\TunnelBear\TBear.Maintenance.exe [38272 2016-11-28] (TunnelBear)
S3 VSStandardCollectorService140; C:\Program Files (x86)\Microsoft Visual Studio 14.0\Team Tools\DiagnosticsHub\Collector\StandardCollector.Service.exe [108776 2016-09-06] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AsrDrv101; C:\Windows\SysWOW64\Drivers\AsrDrv101.sys [22280 2016-11-12] (ASRock Incorporation)
R0 AsrRamDisk; C:\WINDOWS\System32\drivers\AsrRamDisk.sys [40200 2013-08-02] (ASRock Inc.)
R1 aswbidsdriver; C:\WINDOWS\system32\drivers\aswbidsdrivera.sys [309784 2017-02-16] (AVAST Software s.r.o.)
R0 aswbidsh; C:\WINDOWS\system32\drivers\aswbidsha.sys [189768 2017-02-16] (AVAST Software s.r.o.)
R0 aswblog; C:\WINDOWS\system32\drivers\aswbloga.sys [334600 2017-02-16] (AVAST Software s.r.o.)
R0 aswbuniv; C:\WINDOWS\system32\drivers\aswbuniva.sys [48528 2017-02-16] (AVAST Software s.r.o.)
S3 aswHwid; C:\WINDOWS\system32\drivers\aswHwid.sys [38296 2017-02-16] (AVAST Software)
R1 aswKbd; C:\WINDOWS\system32\drivers\aswKbd.sys [32088 2017-02-16] (AVAST Software)
R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [126088 2017-02-16] (AVAST Software)
R1 aswRdr; C:\WINDOWS\system32\drivers\aswRdr2.sys [100640 2017-02-16] (AVAST Software)
R0 aswRvrt; C:\WINDOWS\system32\drivers\aswRvrt.sys [74680 2017-02-16] (AVAST Software)
R1 aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [991496 2017-02-16] (AVAST Software)
R1 aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [547904 2017-02-16] (AVAST Software)
R2 aswStm; C:\WINDOWS\system32\drivers\aswStm.sys [162528 2017-02-16] (AVAST Software)
R0 aswVmm; C:\WINDOWS\system32\drivers\aswVmm.sys [337080 2017-02-16] (AVAST Software)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [77416 2017-01-20] ()
S3 GPCIDrv; C:\Program Files (x86)\GIGABYTE\GIGABYTE OC_GURU II\GPCIDrv64.sys [14376 2014-08-28] ()
R3 Hamachi; C:\WINDOWS\system32\DRIVERS\Hamdrv.sys [45680 2016-11-11] (LogMeIn Inc.)
R1 HWiNFO32; C:\WINDOWS\SysWoW64\drivers\HWiNFO64A.SYS [27552 2017-02-05] (REALiX(tm))
R2 MBAMChameleon; C:\WINDOWS\system32\drivers\MBAMChameleon.sys [176584 2017-02-16] (Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\system32\drivers\farflt.sys [110536 2017-02-16] (Malwarebytes)
S3 MBAMProtection; C:\WINDOWS\system32\drivers\mbam.sys [43968 2017-02-16] (Malwarebytes)
R0 MBAMSwissArmy; C:\WINDOWS\System32\drivers\MBAMSwissArmy.sys [251848 2017-02-16] (Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\drivers\mwac.sys [91584 2017-02-16] (Malwarebytes)
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_0cc477a6fec64d8c\nvlddmkm.sys [14516664 2017-02-10] (NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [27584 2017-01-20] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [46016 2017-01-06] (NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [57792 2017-01-20] (NVIDIA Corporation)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [946696 2017-02-05] (Realtek )
R3 SensorsSimulatorDriver; C:\WINDOWS\System32\drivers\WUDFRd.sys [216064 2016-07-16] (Microsoft Corporation)
R0 SmartDefragDriver; C:\WINDOWS\System32\Drivers\SmartDefragDriver.sys [21360 2016-03-22] (IObit)
S3 tap-tb-0901; C:\WINDOWS\System32\drivers\tap-tb-0901.sys [38656 2016-10-17] (The OpenVPN Project)
R1 ucdrv; C:\Program Files (x86)\UCBrowser\Security:ucdrv-x64.sys [25444 ] (UC Web Inc.) <==== ATTENTION
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-02-16 16:24 - 2017-02-16 16:24 - 00002272 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-02-16 16:24 - 2017-02-16 16:24 - 00002260 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2017-02-16 16:23 - 2017-02-16 16:23 - 01622528 _____ C:\Users\Tuf Tuf\Downloads\ResetBrowser.exe
2017-02-16 16:13 - 2017-02-16 16:13 - 00000000 ____D C:\ProgramData\SWCUTemp
2017-02-16 15:43 - 2017-02-16 15:43 - 00013429 _____ C:\Users\Tuf Tuf\Downloads\fixlist (1).txt
2017-02-16 15:19 - 2017-02-16 15:19 - 00000138 _____ C:\Users\Tuf Tuf\Downloads\fixlist.txt
2017-02-16 15:12 - 2017-02-16 16:31 - 00000000 ____D C:\Users\Tuf Tuf\Desktop\New folder (2)
2017-02-16 15:03 - 2017-02-16 16:31 - 00000000 ____D C:\FRST
2017-02-16 14:56 - 2017-02-16 14:57 - 04015056 _____ C:\Users\Tuf Tuf\Downloads\AdwCleaner (1).exe
2017-02-16 14:54 - 2017-02-16 14:54 - 00000000 ___HD C:\$AV_ASW
2017-02-16 14:50 - 2017-02-16 14:50 - 00000000 ____D C:\Program Files (x86)\VulkanRT
2017-02-16 14:50 - 2017-02-09 23:39 - 00134592 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvStreaming.exe
2017-02-16 14:50 - 2017-01-26 01:13 - 00103936 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2017-02-16 14:50 - 2017-01-26 01:12 - 00326656 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2017-02-16 14:50 - 2017-01-26 01:09 - 00322560 _____ C:\WINDOWS\system32\vulkan-1.dll
2017-02-16 14:50 - 2017-01-26 01:09 - 00118272 _____ C:\WINDOWS\system32\vulkaninfo.exe
2017-02-16 14:48 - 2017-02-16 14:48 - 00000000 ____D C:\WINDOWS\LastGood
2017-02-16 14:46 - 2017-02-10 03:33 - 40192056 _____ C:\WINDOWS\system32\nvcompiler.dll
2017-02-16 14:46 - 2017-02-10 03:33 - 35272760 _____ C:\WINDOWS\SysWOW64\nvcompiler.dll
2017-02-16 14:46 - 2017-02-10 03:33 - 34979384 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2017-02-16 14:46 - 2017-02-10 03:33 - 28242488 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2017-02-16 14:46 - 2017-02-10 03:33 - 19007016 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2017-02-16 14:46 - 2017-02-10 03:33 - 14674896 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2017-02-16 14:46 - 2017-02-10 03:33 - 11122728 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2017-02-16 14:46 - 2017-02-10 03:33 - 11019704 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvptxJitCompiler.dll
2017-02-16 14:46 - 2017-02-10 03:33 - 09305984 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2017-02-16 14:46 - 2017-02-10 03:33 - 08990072 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll
2017-02-16 14:46 - 2017-02-10 03:33 - 03168192 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2017-02-16 14:46 - 2017-02-10 03:33 - 02717752 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2017-02-16 14:46 - 2017-02-10 03:33 - 01983424 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6437866.dll
2017-02-16 14:46 - 2017-02-10 03:33 - 01589696 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6437866.dll
2017-02-16 14:46 - 2017-02-10 03:33 - 01052096 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2017-02-16 14:46 - 2017-02-10 03:33 - 00991288 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2017-02-16 14:46 - 2017-02-10 03:33 - 00959424 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2017-02-16 14:46 - 2017-02-10 03:33 - 00946456 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFTH264.dll
2017-02-16 14:46 - 2017-02-10 03:33 - 00944224 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFThevc.dll
2017-02-16 14:46 - 2017-02-10 03:33 - 00910784 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2017-02-16 14:46 - 2017-02-10 03:33 - 00721952 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFTH264.dll
2017-02-16 14:46 - 2017-02-10 03:33 - 00719856 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFThevc.dll
2017-02-16 14:46 - 2017-02-10 03:33 - 00687224 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvfatbinaryLoader.dll
2017-02-16 14:46 - 2017-02-10 03:33 - 00618416 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmcumd.dll
2017-02-16 14:46 - 2017-02-10 03:33 - 00609728 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2017-02-16 14:46 - 2017-02-10 03:33 - 00605120 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvDecMFTMjpeg.dll
2017-02-16 14:46 - 2017-02-10 03:33 - 00576192 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll
2017-02-16 14:46 - 2017-02-10 03:33 - 00573448 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2017-02-16 14:46 - 2017-02-10 03:33 - 00499136 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2017-02-16 14:46 - 2017-02-10 03:33 - 00483384 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvDecMFTMjpeg.dll
2017-02-16 14:46 - 2017-02-10 03:33 - 00447984 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2017-02-16 14:33 - 2017-02-16 14:33 - 00004022 _____ C:\WINDOWS\System32\Tasks\SafeZone scheduled Autoupdate 1487252000
2017-02-16 14:33 - 2017-02-16 14:33 - 00001088 _____ C:\Users\Public\Desktop\Avast SafeZone Browser.lnk
2017-02-16 14:33 - 2017-02-16 14:33 - 00001088 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast SafeZone Browser.lnk
2017-02-16 14:32 - 2017-02-16 14:32 - 00032088 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2017-02-16 14:31 - 2017-02-16 14:31 - 00000000 ____D C:\Users\Tuf Tuf\AppData\Roaming\AVAST Software
2017-02-16 14:30 - 2017-02-16 14:30 - 00337080 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswvmm.sys
2017-02-16 14:30 - 2017-02-16 14:30 - 00003994 _____ C:\WINDOWS\System32\Tasks\Avast Emergency Update
2017-02-16 14:30 - 2017-02-16 14:30 - 00001979 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Free Antivirus.lnk
2017-02-16 14:30 - 2017-02-16 14:30 - 00001967 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2017-02-16 14:30 - 2017-02-16 14:30 - 00000000 ____D C:\WINDOWS\System32\Tasks\AVAST Software
2017-02-16 14:30 - 2017-02-16 14:30 - 00000000 ____D C:\Program Files\Common Files\AV
2017-02-16 14:30 - 2017-02-16 14:29 - 00991496 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2017-02-16 14:30 - 2017-02-16 14:29 - 00547904 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2017-02-16 14:30 - 2017-02-16 14:29 - 00334600 _____ (AVAST Software s.r.o.) C:\WINDOWS\system32\Drivers\aswbloga.sys
2017-02-16 14:30 - 2017-02-16 14:29 - 00309784 _____ (AVAST Software s.r.o.) C:\WINDOWS\system32\Drivers\aswbidsdrivera.sys
2017-02-16 14:30 - 2017-02-16 14:29 - 00189768 _____ (AVAST Software s.r.o.) C:\WINDOWS\system32\Drivers\aswbidsha.sys
2017-02-16 14:30 - 2017-02-16 14:29 - 00162528 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2017-02-16 14:30 - 2017-02-16 14:29 - 00126088 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2017-02-16 14:30 - 2017-02-16 14:29 - 00100640 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2017-02-16 14:30 - 2017-02-16 14:29 - 00074680 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2017-02-16 14:30 - 2017-02-16 14:29 - 00048528 _____ (AVAST Software s.r.o.) C:\WINDOWS\system32\Drivers\aswbuniva.sys
2017-02-16 14:30 - 2017-02-16 14:29 - 00038296 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHwid.sys
2017-02-16 14:29 - 2017-02-16 14:29 - 00398408 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2017-02-16 14:28 - 2017-02-16 14:32 - 00000000 ____D C:\Program Files\AVAST Software
2017-02-16 14:27 - 2017-02-16 14:27 - 06654960 _____ (AVAST Software) C:\Users\Tuf Tuf\Downloads\avast_free_antivirus_setup_online_cnet2.exe
2017-02-16 14:16 - 2017-02-16 14:16 - 00007628 _____ C:\Users\Tuf Tuf\AppData\Local\Resmon.ResmonCfg
2017-02-16 13:54 - 2017-02-16 16:22 - 00091584 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2017-02-16 13:54 - 2017-02-16 16:12 - 00251848 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2017-02-16 13:54 - 2017-02-16 16:12 - 00110536 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2017-02-16 13:54 - 2017-02-16 15:44 - 00043968 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2017-02-16 13:54 - 2017-02-16 13:54 - 00176584 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMChameleon.sys
2017-02-16 13:54 - 2017-02-16 13:54 - 00001912 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2017-02-16 13:54 - 2017-02-16 13:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2017-02-16 13:54 - 2017-02-16 13:54 - 00000000 ____D C:\ProgramData\Malwarebytes
2017-02-16 13:54 - 2017-02-16 13:54 - 00000000 ____D C:\Program Files\Malwarebytes
2017-02-16 13:54 - 2017-01-20 07:47 - 00077416 _____ C:\WINDOWS\system32\Drivers\mbae64.sys
2017-02-16 13:53 - 2017-02-16 13:53 - 55566792 _____ (Malwarebytes ) C:\Users\Tuf Tuf\Downloads\mb3-setup-consumer-3.0.6.1469.exe
2017-02-16 13:45 - 2017-02-16 16:15 - 00000000 ____D C:\AdwCleaner
2017-02-16 13:45 - 2017-02-16 13:45 - 04015056 _____ C:\Users\Tuf Tuf\Downloads\AdwCleaner.exe
2017-02-16 13:33 - 2017-02-16 13:57 - 00000000 ____D C:\Program Files (x86)\UCBrowser
2017-02-16 13:33 - 2017-02-16 13:33 - 00000882 _____ C:\Users\Tuf Tuf\AppData\Roaming\Microsoft\Windows\Start Menu\żěŃą.lnk
2017-02-16 13:33 - 2017-02-16 13:33 - 00000000 ____D C:\Users\Tuf Tuf\AppData\Local\UCBrowser
2017-02-16 13:33 - 2017-02-16 13:33 - 00000000 ____D C:\Users\Tuf Tuf\AppData\Local\NoxInsPackFileder
2017-02-16 13:33 - 2017-02-16 13:33 - 00000000 ____D C:\Users\Tuf Tuf\AppData\Local\Nox
2017-02-16 13:32 - 2017-02-16 14:00 - 00000000 ____D C:\Users\Tuf Tuf\AppData\Roaming\Fuweskiish
2017-02-16 13:32 - 2017-02-16 13:59 - 00000000 ____D C:\Program Files (x86)\Rewity
2017-02-16 13:32 - 2017-02-16 13:32 - 00000000 ____D C:\Users\Tuf Tuf\AppData\Local\Reodeght
2017-02-16 13:32 - 2017-02-16 13:32 - 00000000 ____D C:\Users\Tuf Tuf\AppData\Local\Himergh
2017-02-16 13:32 - 2017-02-16 13:32 - 00000000 ____D C:\Program Files (x86)\xxx
2017-02-16 13:32 - 2017-02-16 13:32 - 00000000 ____D C:\Program Files (x86)\Miqoshzesetion
2017-02-16 13:31 - 2017-02-16 13:31 - 00000000 ____D C:\Users\Default\AppData\Local\AdvinstAnalytics
2017-02-16 13:31 - 2017-02-16 13:31 - 00000000 ____D C:\Users\Default User\AppData\Local\AdvinstAnalytics
2017-02-16 13:27 - 2017-02-16 13:27 - 00000677 _____ C:\Users\Public\Desktop\F1 2016.lnk
2017-02-16 13:27 - 2017-02-16 13:27 - 00000677 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\F1 2016.lnk
2017-02-14 18:04 - 2017-02-14 18:04 - 00001129 _____ C:\Users\Tuf Tuf\Desktop\iw5sp - Shortcut.lnk
2017-02-14 16:15 - 2017-02-16 13:48 - 00000424 _____ C:\WINDOWS\Tasks\update-sys.job
2017-02-14 16:15 - 2017-02-16 13:48 - 00000424 _____ C:\WINDOWS\Tasks\update-S-1-5-21-4011794534-997363082-2150810316-1001.job
2017-02-14 16:15 - 2017-02-16 13:36 - 00003598 _____ C:\WINDOWS\System32\Tasks\update-S-1-5-21-4011794534-997363082-2150810316-1001
2017-02-14 16:15 - 2017-02-16 13:36 - 00003440 _____ C:\WINDOWS\System32\Tasks\update-sys
2017-02-14 16:15 - 2017-02-14 16:15 - 02551888 _____ (Skillbrains ) C:\Users\Tuf Tuf\Downloads\setup-lightshot.exe
2017-02-14 16:15 - 2017-02-14 16:15 - 00000424 _____ C:\Users\Tuf Tuf\AppData\Local\UserProducts.xml
2017-02-14 16:15 - 2017-02-14 16:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lightshot
2017-02-14 16:15 - 2017-02-14 16:15 - 00000000 ____D C:\Program Files (x86)\Skillbrains
2017-02-11 19:53 - 2017-02-11 19:53 - 04681905 _____ C:\Users\Tuf Tuf\Downloads\rayshud-master.zip
2017-02-09 18:04 - 2017-02-12 19:16 - 00542248 _____ C:\WINDOWS\system32\Drivers\EasyAntiCheat.sys
2017-02-09 18:04 - 2017-02-09 18:04 - 00000000 ____D C:\ProgramData\For Honor
2017-02-09 18:03 - 2017-02-09 17:41 - 00392976 _____ (EasyAntiCheat Ltd) C:\WINDOWS\SysWOW64\EasyAntiCheat.exe
2017-02-08 14:19 - 2017-02-08 14:19 - 00917714 _____ C:\Users\Tuf Tuf\Downloads\toonhud__8-5.zip
2017-02-08 08:27 - 2017-02-08 08:27 - 00001244 _____ C:\Users\Tuf Tuf\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Smart Defrag.lnk
2017-02-07 19:58 - 2017-02-07 19:58 - 02534712 _____ C:\Users\Tuf Tuf\Downloads\FlawHUD-master.zip
2017-02-07 07:02 - 2017-02-07 07:02 - 00002904 _____ C:\WINDOWS\System32\Tasks\AVGPCTuneUp_Task_BkGndMaintenance
2017-02-05 17:12 - 2017-02-16 13:36 - 00003158 _____ C:\WINDOWS\System32\Tasks\IObitSelfCheckTask
2017-02-05 17:12 - 2017-02-05 17:12 - 00003272 _____ C:\WINDOWS\System32\Tasks\SmartDefrag_AutoAnalyze
2017-02-05 17:12 - 2017-02-05 17:12 - 00003112 _____ C:\WINDOWS\System32\Tasks\SmartDefrag_Startup
2017-02-05 17:12 - 2017-02-05 17:12 - 00003108 _____ C:\WINDOWS\System32\Tasks\SmartDefrag_Update
2017-02-05 17:12 - 2017-02-05 17:12 - 00001229 _____ C:\Users\Public\Desktop\Smart Defrag 5.lnk
2017-02-05 17:12 - 2017-02-05 17:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Smart Defrag
2017-02-05 17:12 - 2016-03-25 14:33 - 00128288 _____ (IObit) C:\WINDOWS\system32\IObitSmartDefragExtension.dll
2017-02-05 17:12 - 2016-03-22 11:02 - 00036824 _____ (IObit) C:\WINDOWS\system32\SmartDefragBootTime.exe
2017-02-05 17:12 - 2016-03-22 11:02 - 00021360 _____ (IObit) C:\WINDOWS\system32\Drivers\SmartDefragDriver.sys
2017-02-05 17:06 - 2017-02-05 17:06 - 00946696 _____ (Realtek ) C:\WINDOWS\system32\Drivers\rt640x64.sys
2017-02-05 17:06 - 2017-02-05 17:06 - 00082544 _____ (Realtek Semiconductor Corporation) C:\WINDOWS\system32\RtNicProp64.dll
2017-02-05 17:03 - 2017-02-16 16:17 - 00003046 _____ C:\WINDOWS\System32\Tasks\Driver Booster SkipUAC (Tuf Tuf)
2017-02-05 17:03 - 2017-02-05 17:06 - 00002351 _____ C:\Users\Public\Desktop\Driver Booster 4.lnk
2017-02-05 17:03 - 2017-02-05 17:03 - 00027552 _____ (REALiX(tm)) C:\WINDOWS\SysWOW64\Drivers\HWiNFO64A.SYS
2017-02-05 17:03 - 2017-02-05 17:03 - 00003398 _____ C:\WINDOWS\System32\Tasks\Driver Booster Scheduler
2017-02-05 17:03 - 2017-02-05 17:03 - 00000000 ____D C:\WINDOWS\IObit
2017-02-05 17:03 - 2017-02-05 17:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster 4
2017-02-05 17:02 - 2017-02-12 09:26 - 00000000 ____D C:\ProgramData\ProductData
2017-02-05 17:02 - 2017-02-05 17:03 - 00000000 ____D C:\Users\Tuf Tuf\AppData\Roaming\ProductData
2017-02-05 17:02 - 2017-02-05 17:02 - 00002508 _____ C:\WINDOWS\System32\Tasks\Uninstaller_SkipUac_Tuf_Tuf
2017-02-05 17:02 - 2017-02-05 17:02 - 00001427 _____ C:\Users\Public\Desktop\IObit Uninstaller.lnk
2017-02-05 17:02 - 2017-02-05 17:02 - 00000314 _____ C:\WINDOWS\Tasks\Uninstaller_SkipUac_Tuf_Tuf.job
2017-02-05 17:02 - 2017-02-05 17:02 - 00000000 ____D C:\WINDOWS\Tasks\ImCleanDisabled
2017-02-05 17:02 - 2017-02-05 17:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Uninstaller
2017-02-05 17:01 - 2017-02-16 00:27 - 00002238 _____ C:\Users\Public\Desktop\Advanced SystemCare 9.lnk
2017-02-05 17:01 - 2017-02-05 17:12 - 00000000 ____D C:\Users\Tuf Tuf\AppData\Roaming\IObit
2017-02-05 17:01 - 2017-02-05 17:12 - 00000000 ____D C:\Program Files (x86)\IObit
2017-02-05 17:01 - 2017-02-05 17:03 - 00000000 ____D C:\ProgramData\IObit
2017-02-05 17:01 - 2017-02-05 17:02 - 00003322 _____ C:\WINDOWS\System32\Tasks\ASC9_PerformanceMonitor
2017-02-05 17:01 - 2017-02-05 17:02 - 00000000 ____D C:\Users\Tuf Tuf\AppData\LocalLow\IObit
2017-02-05 17:01 - 2017-02-05 17:01 - 00002454 _____ C:\WINDOWS\System32\Tasks\ASC9_SkipUac_Tuf Tuf
2017-02-05 17:01 - 2017-02-05 17:01 - 00000274 _____ C:\WINDOWS\Tasks\ASC9_SkipUac_Tuf Tuf.job
2017-02-05 17:01 - 2017-02-05 17:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare
2017-02-05 17:01 - 2017-02-05 17:01 - 00000000 ____D C:\ProgramData\{FD6F83C0-EC70-4581-8361-C70CD1AA4B98}
2017-02-04 02:37 - 2017-02-04 02:37 - 00003798 _____ C:\WINDOWS\System32\Tasks\Java Platform SE Auto Updater
2017-02-03 12:48 - 2017-02-03 12:48 - 00001160 _____ C:\Users\Tuf Tuf\Desktop\CodeBlocks.lnk
2017-02-03 12:48 - 2017-02-03 12:48 - 00000000 ____D C:\Users\Tuf Tuf\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CodeBlocks
2017-02-03 12:48 - 2017-02-03 12:48 - 00000000 ____D C:\Program Files (x86)\CodeBlocks
2017-02-03 12:32 - 2017-02-03 12:45 - 00000000 ____D C:\Users\Tuf Tuf\Desktop\vezba1kont
2017-02-02 13:43 - 2017-02-02 13:43 - 00000000 ____D C:\Users\Tuf Tuf\Desktop\cheese cake
2017-02-01 14:57 - 2017-02-01 14:57 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2017-02-01 12:52 - 2017-02-01 12:52 - 00000000 ____D C:\Users\Tuf Tuf\AppData\Local\orion
2017-02-01 12:50 - 2017-02-01 12:51 - 50917435 _____ ( ) C:\Users\Tuf Tuf\Downloads\Orion-1.4.0.exe
2017-02-01 12:30 - 2017-02-16 14:50 - 00000000 ____D C:\Users\Tuf Tuf\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome апликације
2017-02-01 12:28 - 2017-02-01 12:28 - 01065376 _____ (Google Inc.) C:\Users\Tuf Tuf\Downloads\ChromeSetup (1).exe
2017-02-01 12:17 - 2017-02-12 00:37 - 00000000 ____D C:\Program Files (x86)\AVG
2017-02-01 12:16 - 2017-02-12 00:37 - 00000000 ____D C:\ProgramData\Avg
2017-02-01 12:16 - 2017-02-12 00:35 - 00000000 ____D C:\Users\Tuf Tuf\AppData\Local\AvgSetupLog
2017-02-01 12:16 - 2017-02-04 02:34 - 00000000 ____D C:\Users\Tuf Tuf\AppData\Local\Avg
2017-02-01 12:16 - 2017-02-01 12:16 - 03449304 _____ (AVG Technologies CZ, s.r.o.) C:\Users\Tuf Tuf\Downloads\AVG_Protection_Free_1606.exe
2017-02-01 12:10 - 2017-02-15 10:54 - 00000892 _____ C:\WINDOWS\Tasks\Adobe Flash Player PPAPI Notifier.job
2017-02-01 12:10 - 2017-02-15 10:54 - 00000830 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2017-02-01 12:10 - 2017-02-15 01:56 - 00003986 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player PPAPI Notifier
2017-02-01 12:10 - 2017-02-15 01:56 - 00003816 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2017-02-01 12:09 - 2017-02-01 12:09 - 01200744 _____ (Adobe Systems Incorporated) C:\Users\Tuf Tuf\Downloads\flashplayer24pp_xa_install.exe
2017-02-01 12:08 - 2017-02-01 12:09 - 00000000 ____D C:\Users\Tuf Tuf\AppData\Local\Adobe
2017-01-31 10:36 - 2017-01-31 10:38 - 00000000 ____D C:\Users\Tuf Tuf\Programiranje
2017-01-31 10:36 - 2017-01-31 10:36 - 00819324 _____ C:\Users\Tuf Tuf\Downloads\Programski jezik C.pdf
2017-01-29 18:37 - 2017-01-29 18:39 - 00000000 ____D C:\WINDOWS\LastGood.Tmp
2017-01-29 18:36 - 2017-01-24 01:00 - 00047664 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdap64.dll
2017-01-29 18:36 - 2017-01-20 17:38 - 01985080 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6437849.dll
2017-01-29 18:36 - 2017-01-20 17:38 - 01591352 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6437849.dll
2017-01-29 18:36 - 2017-01-20 17:38 - 00000669 _____ C:\WINDOWS\SysWOW64\nv-vk32.json
2017-01-29 18:36 - 2017-01-20 17:38 - 00000669 _____ C:\WINDOWS\system32\nv-vk64.json
2017-01-29 17:13 - 2017-02-03 12:50 - 00003894 _____ C:\Users\Tuf Tuf\Desktop\prog.txt
2017-01-26 01:13 - 2017-01-26 01:13 - 00103936 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-1-0-39-1.exe
2017-01-26 01:12 - 2017-01-26 01:12 - 00326656 _____ C:\WINDOWS\SysWOW64\vulkan-1-1-0-39-1.dll
2017-01-26 01:09 - 2017-01-26 01:09 - 00322560 _____ C:\WINDOWS\system32\vulkan-1-1-0-39-1.dll
2017-01-26 01:09 - 2017-01-26 01:09 - 00118272 _____ C:\WINDOWS\system32\vulkaninfo-1-1-0-39-1.exe
2017-01-25 10:54 - 2016-12-21 08:08 - 00142848 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2017-01-25 10:54 - 2016-12-21 05:44 - 00120320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
2017-01-24 16:37 - 2017-01-24 16:37 - 00000000 ____D C:\Users\Tuf Tuf\Documents\WB Games
2017-01-24 16:35 - 2017-01-24 16:35 - 00000936 _____ C:\Users\Tuf Tuf\Desktop\Middle Earth - Shadow of Mordor.lnk
2017-01-24 16:35 - 2017-01-24 16:35 - 00000000 ____D C:\Users\Tuf Tuf\AppData\Roaming\Middle Earth - Shadow of Mordor
2017-01-21 14:40 - 2017-01-21 14:40 - 02131032 _____ (Safer-Networking Ltd. ) C:\Users\Tuf Tuf\Downloads\SpybotAntiBeacon-1.6-setup.exe
2017-01-21 14:40 - 2017-01-21 14:40 - 00000000 ____D C:\WINDOWS\SysWOW64\PolicyDefinitions
2017-01-21 14:40 - 2017-01-21 14:40 - 00000000 ____D C:\WINDOWS\System32\Tasks\Safer-Networking
2017-01-21 14:40 - 2017-01-21 14:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot Anti-Beacon
2017-01-21 14:40 - 2017-01-21 14:40 - 00000000 ____D C:\Program Files (x86)\Spybot Anti-Beacon
2017-01-19 12:56 - 2017-01-19 12:56 - 00000000 ____D C:\Users\Tuf Tuf\AppData\Local\Activision
2017-01-19 11:55 - 2017-01-19 11:55 - 00000891 _____ C:\Users\Public\Desktop\Call of Duty - Black Ops Call MP.lnk
2017-01-19 11:55 - 2017-01-19 11:55 - 00000879 _____ C:\Users\Public\Desktop\Call of Duty - Black Ops.lnk
2017-01-19 11:55 - 2017-01-19 11:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Activision
2017-01-19 02:13 - 2017-01-19 02:13 - 00000000 ____D C:\Users\Tuf Tuf\AppData\Local\AliensVsPredator
2017-01-19 02:11 - 2017-01-19 02:11 - 00000770 _____ C:\Users\Tuf Tuf\Desktop\Aliens vs. Predator.lnk

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-02-16 16:24 - 2016-11-12 13:25 - 00000000 ____D C:\Program Files (x86)\Google
2017-02-16 16:19 - 2016-12-31 12:35 - 00000000 ____D C:\Users\Tuf Tuf\AppData\Local\LogMeIn Hamachi
2017-02-16 16:19 - 2016-12-13 14:34 - 00000000 ____D C:\Program Files (x86)\Steam
2017-02-16 16:18 - 2016-11-12 13:19 - 01409268 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-02-16 16:14 - 2016-12-03 12:04 - 00000000 ____D C:\ProgramData\NVIDIA
2017-02-16 16:12 - 2016-12-03 12:08 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-02-16 16:12 - 2016-07-16 07:04 - 00262144 _____ C:\WINDOWS\system32\config\BBI
2017-02-16 15:51 - 2016-12-03 12:04 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2017-02-16 15:36 - 2016-11-12 16:41 - 00000000 ____D C:\Users\Tuf Tuf\AppData\Local\CrashDumps
2017-02-16 15:10 - 2016-11-12 16:39 - 00000000 ____D C:\Users\Tuf Tuf\AppData\Roaming\uTorrent
2017-02-16 14:52 - 2016-11-12 13:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2017-02-16 14:51 - 2016-12-03 12:04 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2017-02-16 14:51 - 2016-07-16 12:45 - 00000000 ____D C:\WINDOWS\INF
2017-02-16 14:32 - 2016-11-13 13:35 - 00000000 ____D C:\ProgramData\AVAST Software
2017-02-16 14:01 - 2016-11-13 00:25 - 00000000 ____D C:\Users\Tuf Tuf\AppData\Roaming\discord
2017-02-16 13:34 - 2016-12-03 12:05 - 00000000 ____D C:\Users\Tuf Tuf
2017-02-16 13:32 - 2016-12-14 17:38 - 00000000 ____D C:\Users\Tuf Tuf\AppData\Roaming\NVIDIA
2017-02-16 13:30 - 2016-11-12 14:40 - 00000000 ____D C:\Users\Tuf Tuf\AppData\Local\Battle.net
2017-02-16 13:20 - 2016-11-12 14:39 - 00000000 ____D C:\Program Files (x86)\Battle.net
2017-02-16 11:27 - 2016-07-16 12:47 - 00000000 ___HD C:\Program Files\WindowsApps
2017-02-16 11:27 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-02-15 17:03 - 2016-11-22 09:39 - 00004001 _____ C:\Users\Tuf Tuf\Desktop\New Text Document (2).txt
2017-02-15 01:56 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed
2017-02-15 01:56 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\Macromed
2017-02-12 23:21 - 2016-12-04 02:53 - 00000000 ____D C:\Users\Tuf Tuf\AppData\Local\Ubisoft Game Launcher
2017-02-12 15:31 - 2016-11-27 18:05 - 00000059 _____ C:\Users\Tuf Tuf\Desktop\miljan.txt
2017-02-12 12:53 - 2016-11-16 14:31 - 00000000 ____D C:\Users\Tuf Tuf\Documents\Euro Truck Simulator 2
2017-02-12 01:11 - 2017-01-08 19:20 - 00000000 ____D C:\Users\Tuf Tuf\AppData\Local\Bluestacks
2017-02-12 01:11 - 2016-07-16 12:47 - 00000000 __RHD C:\Users\Public\Libraries
2017-02-10 03:33 - 2016-11-12 14:34 - 04078008 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2017-02-10 03:33 - 2016-11-12 14:34 - 03597128 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2017-02-10 03:33 - 2016-11-12 14:34 - 00043556 _____ C:\WINDOWS\system32\nvinfo.pb
2017-02-10 00:13 - 2017-01-12 02:35 - 00001951 _____ C:\WINDOWS\NvContainerRecovery.bat
2017-02-09 23:57 - 2016-12-03 12:04 - 07791217 _____ C:\WINDOWS\system32\nvcoproc.bin
2017-02-09 23:57 - 2016-12-03 12:04 - 06403640 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2017-02-09 23:57 - 2016-12-03 12:04 - 02477504 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2017-02-09 23:57 - 2016-12-03 12:04 - 01764408 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2017-02-09 23:57 - 2016-12-03 12:04 - 00548288 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2017-02-09 23:57 - 2016-12-03 12:04 - 00393784 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2017-02-09 23:57 - 2016-12-03 12:04 - 00083512 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2017-02-09 23:57 - 2016-12-03 12:04 - 00071224 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2017-02-09 18:04 - 2016-11-17 15:42 - 00000000 ____D C:\Users\Tuf Tuf\Documents\My Games
2017-02-06 22:23 - 2017-01-05 12:10 - 00001930 _____ C:\Users\Tuf Tuf\Desktop\random.txt
2017-02-06 21:44 - 2016-11-29 16:23 - 00000000 ____D C:\Users\Tuf Tuf\AppData\Roaming\vlc
2017-02-06 07:49 - 2016-11-17 18:28 - 00000000 ____D C:\Program Files (x86)\TunnelBear
2017-02-05 17:07 - 2016-11-29 16:21 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2017-02-05 17:06 - 2014-05-28 10:10 - 01469952 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\iaStorA.sys
2017-02-05 17:04 - 2016-11-12 13:36 - 00204896 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\TeeDriverW8x64.sys
2017-02-04 02:37 - 2017-01-16 22:12 - 00000000 ____D C:\WINDOWS\Minidump
2017-02-04 02:37 - 2016-11-29 16:21 - 00000000 ____D C:\Users\Tuf Tuf\AppData\Roaming\TeamViewer
2017-02-04 02:37 - 2016-11-12 13:18 - 00000000 ____D C:\Users\Tuf Tuf\AppData\Roaming\Skype
2017-02-04 02:37 - 2016-07-16 07:04 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2017-02-04 02:35 - 2016-12-15 19:14 - 00000000 ___RD C:\Program Files (x86)\Skype
2017-02-04 02:35 - 2016-11-13 00:27 - 00000000 ____D C:\ProgramData\Skype
2017-02-03 12:48 - 2016-12-15 17:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CodeBlocks
2017-02-03 12:46 - 2016-12-15 18:41 - 00000000 ____D C:\Users\Tuf Tuf\AppData\Roaming\CodeBlocks
2017-02-01 12:29 - 2016-11-12 13:25 - 00000000 ____D C:\Users\Tuf Tuf\AppData\Local\Google
2017-02-01 12:13 - 2016-07-16 07:04 - 00032768 _____ C:\WINDOWS\system32\config\ELAM
2017-01-29 18:37 - 2016-12-03 12:04 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2017-01-27 14:21 - 2017-01-08 19:20 - 00000000 ____D C:\ProgramData\BlueStacksSetup
2017-01-27 13:50 - 2016-12-14 17:37 - 00000992 _____ C:\Users\Tuf Tuf\Desktop\nativelog.txt
2017-01-27 13:49 - 2016-12-14 17:28 - 00000000 ____D C:\Users\Tuf Tuf\AppData\Roaming\.minecraft
2017-01-26 14:10 - 2016-11-13 00:25 - 00002243 _____ C:\Users\Tuf Tuf\Desktop\Discord.lnk
2017-01-26 14:10 - 2016-11-13 00:25 - 00000000 ____D C:\Users\Tuf Tuf\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Hammer & Chisel, Inc
2017-01-26 14:09 - 2016-11-13 00:25 - 00000000 ____D C:\Users\Tuf Tuf\AppData\Local\Discord
2017-01-25 13:53 - 2017-01-12 02:35 - 00001485 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2017-01-25 13:52 - 2017-01-12 02:35 - 00004308 _____ C:\WINDOWS\System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-01-25 13:52 - 2017-01-12 02:35 - 00003894 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-01-25 13:52 - 2017-01-12 02:35 - 00003884 _____ C:\WINDOWS\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-01-25 13:52 - 2017-01-12 02:35 - 00003866 _____ C:\WINDOWS\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-01-25 13:52 - 2017-01-12 02:35 - 00003858 _____ C:\WINDOWS\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-01-25 13:52 - 2017-01-12 02:35 - 00003696 _____ C:\WINDOWS\System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-01-25 13:52 - 2017-01-12 02:35 - 00003654 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-01-25 13:52 - 2016-12-03 12:04 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2017-01-25 12:49 - 2016-07-16 12:36 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-01-24 16:35 - 2016-11-19 15:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\R.G. Mechanics
2017-01-24 16:35 - 2016-07-16 12:47 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2017-01-24 11:30 - 2016-11-12 13:17 - 00002369 _____ C:\Users\Tuf Tuf\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-01-24 11:30 - 2016-11-12 13:17 - 00000000 ___RD C:\Users\Tuf Tuf\OneDrive
2017-01-24 01:00 - 2016-11-25 12:34 - 01600056 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdagenco6420103.dll
2017-01-24 01:00 - 2016-11-25 12:34 - 00217528 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhda64v.sys
2017-01-23 23:56 - 2016-12-06 12:48 - 00000000 ____D C:\Users\Tuf Tuf\Documents\The Witcher 3
2017-01-20 19:39 - 2017-01-12 02:35 - 01872320 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll
2017-01-20 19:39 - 2017-01-12 02:35 - 01755072 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspbridge64.dll
2017-01-20 19:39 - 2017-01-12 02:35 - 01464768 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll
2017-01-20 19:39 - 2017-01-12 02:35 - 01317312 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspbridge.dll
2017-01-20 19:39 - 2017-01-12 02:35 - 00120256 _____ C:\WINDOWS\system32\NvRtmpStreamer64.dll
2017-01-20 19:39 - 2017-01-12 02:35 - 00057792 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvhci.sys
2017-01-20 17:38 - 2017-01-12 02:49 - 00514616 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2017-01-20 17:38 - 2016-07-16 15:29 - 00420408 _____ (Khronos Group) C:\WINDOWS\SysWOW64\opencl.dll
2017-01-20 14:45 - 2016-11-12 13:42 - 00000000 ____D C:\Users\Tuf Tuf\AppData\Local\NVIDIA Corporation
2017-01-20 14:36 - 2017-01-12 02:35 - 00001951 _____ C:\WINDOWS\NvTelemetryContainerRecovery.bat
2017-01-19 13:04 - 2017-01-16 10:55 - 00000000 ____D C:\Users\Tuf Tuf\Downloads\Gameforge Live
2017-01-18 12:35 - 2016-11-18 22:05 - 00000000 ____D C:\ProgramData\Oracle
2017-01-18 12:03 - 2016-11-18 22:05 - 00000000 ____D C:\Program Files (x86)\Java
2017-01-18 12:02 - 2016-11-18 22:06 - 00097856 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2017-01-18 12:02 - 2016-11-18 22:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java

==================== Files in the root of some directories =======

2017-02-16 14:16 - 2017-02-16 14:16 - 0007628 _____ () C:\Users\Tuf Tuf\AppData\Local\Resmon.ResmonCfg
2017-01-08 19:20 - 2016-11-23 14:37 - 0000570 _____ () C:\Users\Tuf Tuf\AppData\Local\TroubleshooterConfig.json
2017-02-14 16:15 - 2017-02-14 16:15 - 0000003 _____ () C:\Users\Tuf Tuf\AppData\Local\updater.log
2017-02-14 16:15 - 2017-02-14 16:15 - 0000424 _____ () C:\Users\Tuf Tuf\AppData\Local\UserProducts.xml

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2017-02-16 15:55

==================== End of FRST.txt ============================

Addition.txt

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 15-02-2017 02
Ran by Tuf Tuf (16-02-2017 16:32:03)
Running from C:\Users\Tuf Tuf\Desktop\New folder (2)
Windows 10 Pro Version 1607 (X64) (2016-12-03 11:10:12)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-4011794534-997363082-2150810316-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-4011794534-997363082-2150810316-503 - Limited - Disabled)
Guest (S-1-5-21-4011794534-997363082-2150810316-501 - Limited - Disabled)
Tuf Tuf (S-1-5-21-4011794534-997363082-2150810316-1001 - Administrator - Enabled) => C:\Users\Tuf Tuf

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Disabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Malwarebytes (Disabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-4011794534-997363082-2150810316-1001\...\uTorrent) (Version: 3.4.9.43295 - BitTorrent Inc.)
Active Directory Authentication Library for SQL Server (Version: 13.0.1601.5 - Microsoft Corporation) Hidden
Active Directory Authentication Library for SQL Server (x86) (x32 Version: 13.0.1601.5 - Microsoft Corporation) Hidden
Adobe Flash Player 24 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 24.0.0.221 - Adobe Systems Incorporated)
Advanced SystemCare 9 (HKLM-x32\...\Advanced SystemCare_is1) (Version: 9.4.0 - IObit)
Aliens vs. Predator (HKLM-x32\...\{2A086701-1EEE-43F5-A9DB-DE2D73DC543D}_is1) (Version: - )
Ansel (Version: 378.66 - NVIDIA Corporation) Hidden
APP Shop v1.0.13 (HKLM-x32\...\{90242E9B-BC60-46E3-8EE7-8E953F702280}_is1) (Version: 1.0.13 - ASRock Inc.)
Application Insights Tools for Visual Studio 2015 (HKLM-x32\...\{0E4C791E-B78E-477D-BD5A-CDD0985BA6EC}) (Version: 7.0.20622.1 - Microsoft Corporation)
ASRock App Charger v1.0.6 (HKLM\...\ASRock App Charger_is1) (Version: 1.0.6 - ASRock Inc.)
ASRock Restart to UEFI v1.0.3 (HKLM-x32\...\ASRock Restart to UEFI_is1) (Version: - )
ASRock XFast RAM v3.0.3 (HKLM\...\ASRock XFast RAM_is1) (Version: - ASRock Inc.)
Assassin's Creed III (HKLM-x32\...\Uplay Install 54) (Version: - Ubisoft)
A-Tuning v2.0.214 (HKLM-x32\...\A-Tuning_is1) (Version: 2.0.214 - )
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 17.1.2286 - AVAST Software)
Azure AD Authentication Connected Service (x32 Version: 14.0.25420 - Microsoft Corporation) Hidden
AzureTools.Notifications (x32 Version: 2.7.30611.1601 - Microsoft Corporation) Hidden
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Blend for Visual Studio SDK for .NET 4.5 (x32 Version: 3.0.40218.0 - Microsoft Corporation) Hidden
Call of Duty Black Ops 2 (HKLM-x32\...\{47D6F3E4-D158-4E47-84C4-0D6452DB2488}_is1) (Version: 1.0 - Treyarch)
Call of Duty: Black Ops (HKLM-x32\...\Call of Duty: Black Ops_is1) (Version: - )
Call of Duty: Modern Warfare 2 - Multiplayer (HKLM\...\Steam App 10190) (Version: - Infinity Ward)
Call of Duty: Modern Warfare 2 (HKLM\...\Steam App 10180) (Version: - Infinity Ward)
CodeBlocks (HKU\S-1-5-21-4011794534-997363082-2150810316-1001\...\CodeBlocks) (Version: 16.01 - The Code::Blocks Team)
CPUID CPU-Z 1.77 (HKLM\...\CPUID CPU-Z_is1) (Version: - )
Discord (HKU\S-1-5-21-4011794534-997363082-2150810316-1001\...\Discord) (Version: 0.0.297 - Hammer & Chisel, Inc.)
Dotfuscator and Analytics Community Edition 5.22.0 (x32 Version: 5.22.0.3788 - PreEmptive Solutions) Hidden
Driver Booster 4.2 (HKLM-x32\...\Driver Booster_is1) (Version: 4.2.0 - IObit)
Entity Framework 6.1.3 Tools for Visual Studio 2015 Update 1 (HKLM-x32\...\{2A56910C-69C8-495D-8ED8-9080F0A14E58}) (Version: 14.0.41103.0 - Microsoft Corporation)
Euro Truck Simulator 2 (HKLM-x32\...\Euro Truck Simulator 2_R.G. Mechanics_is1) (Version: - R.G. Mechanics, markfiter)
f.lux (HKU\S-1-5-21-4011794534-997363082-2150810316-1001\...\Flux) (Version: - )
F1 2016 version 1.0 (HKLM-x32\...\{9B939765-0B6B-48F5-8543-1FEDC09AE74D}_is1) (Version: 1.0 - SKIDROW)
Far Cry 3 (HKLM-x32\...\{E3B9C5A9-BD7A-4B56-B754-FAEA7DD6FA88}) (Version: 1.05 - Ubisoft)
Far Cry 3 (HKLM-x32\...\Far Cry 3_R.G. Mechanics_is1) (Version: - R.G. Mechanics, spider91)
ForHonorBETA (HKLM-x32\...\Uplay Install 2184) (Version: - Ubisoft)
Gameforge Live 2.0.12 (HKLM-x32\...\{9C98989A-3A15-42DA-A3B9-D20331437D67}}_is1) (Version: 2.0.12 - Gameforge)
Garry's Mod (HKLM\...\Steam App 4000) (Version: - Facepunch Studios)
GIGABYTE OC_GURU II (HKLM-x32\...\InstallShield_{EA298EC1-2B8F-4DA9-8C5B-BC1FCBBAD72F}) (Version: 1.84.0000 - GIGABYTE Technology Co.,Ltd.)
GIGABYTE OC_GURU II (x32 Version: 1.84.0000 - GIGABYTE Technology Co.,Ltd.) Hidden
Google Chrome (HKLM-x32\...\{742D8ED2-E248-3870-AFA1-F7A1166F217C}) (Version: 56.0.2924.87 - Google, Inc.)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.8231.2252 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.32.7 - Google Inc.) Hidden
Grand Theft Auto V (HKLM-x32\...\R3JhbmRUaGVmdEF1dG9W_is1) (Version: 1 - )
Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment)
Herramientas de corrección de Microsoft Office 2016: español (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
IIS 10.0 Express (HKLM\...\{13FD7E30-D2F1-498D-ABC2-A4242DB6610E}) (Version: 10.0.1736 - Microsoft Corporation)
IIS Express Application Compatibility Database for x64 (HKLM\...\{08274920-8908-45c2-9258-8ad67ff77b09}.sdb) (Version: - )
IIS Express Application Compatibility Database for x86 (HKLM\...\{ad846bae-d44b-4722-abad-f7420e08bcd9}.sdb) (Version: - )
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 13.1.0.1058 - Intel Corporation)
IObit Uninstaller (HKLM-x32\...\IObitUninstall) (Version: 5.4.0.125 - IObit)
Java 8 Update 121 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180121F0}) (Version: 8.0.1210.13 - Oracle Corporation)
League of Legends (HKLM-x32\...\League of Legends 4.1.2) (Version: 4.1.2 - Riot Games)
League of Legends (x32 Version: 4.1.2 - Riot Games) Hidden
Lightshot-5.4.0.1 (HKLM-x32\...\{30A5B3C9-2084-4063-A32A-628A98DE512B}_is1) (Version: 5.4.0.1 - Skillbrains)
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.541 - LogMeIn, Inc.)
LogMeIn Hamachi (x32 Version: 2.2.0.541 - LogMeIn, Inc.) Hidden
Malwarebytes version 3.0.6.1469 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.0.6.1469 - Malwarebytes)
Mass Effect™ 2 (HKLM-x32\...\{75D84EF7-0D8C-4e70-B3FA-7B42A5D4E0EB}) (Version: 1.2.1604.0 - Electronic Arts)
Microsoft .NET Framework 4.5 Multi-Targeting Pack (HKLM-x32\...\{56E962F0-4FB0-3C67-88DB-9EAA6EEFC493}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (ENU) (HKLM-x32\...\{D3517C62-68A5-37CF-92F7-93C029A89681}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (HKLM-x32\...\{6A0C6700-EA93-372C-8871-DCCF13D160A4}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 SDK (HKLM-x32\...\{19A5926D-66E1-46FC-854D-163AA10A52D3}) (Version: 4.5.51641 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 Multi-Targeting Pack (ENU) (HKLM-x32\...\{290FC320-2F5A-329E-8840-C4193BD7A9EE}) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 Multi-Targeting Pack (HKLM-x32\...\{19E8AE59-4D4A-3534-B567-6CC08FA4102E}) (Version: 4.5.51651 - Microsoft Corporation)
Microsoft .NET Framework 4.6 SDK (HKLM-x32\...\{B5915D37-0637-4A26-A3AA-C5DC9F856370}) (Version: 4.6.00081 - Microsoft Corporation)
Microsoft .NET Framework 4.6 Targeting Pack (ENU) (HKLM-x32\...\{034547E9-D8FA-49E7-8B9C-4C9861FB9146}) (Version: 4.6.00127 - Microsoft Corporation)
Microsoft .NET Framework 4.6 Targeting Pack (HKLM-x32\...\{2CC6A4A7-AAC2-46C9-9DBB-3727B5954F65}) (Version: 4.6.00081 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 SDK (HKLM-x32\...\{2F0ECC80-B9E4-4485-8083-CD32F22ABD92}) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 Targeting Pack (ENU) (HKLM-x32\...\{8EEB28EE-5141-411C-9CF0-9952264FE4AF}) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 Targeting Pack (HKLM-x32\...\{8BC3EEC9-090F-4C53-A8DA-1BEC913040F9}) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Version Manager (x64) 1.0.0-beta5 (HKLM\...\{c5a4aba3-1aba-3ef8-b2d5-c3fa37f59738}) (Version: 1.0.10609.0 - Microsoft Corporation)
Microsoft Help Viewer 2.2 (HKLM-x32\...\Microsoft Help Viewer 2.2) (Version: 2.2.25420 - Microsoft Corporation)
Microsoft Office Professional Plus 2016 (HKLM\...\Office16.PROPLUS) (Version: 16.0.4266.1001 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-4011794534-997363082-2150810316-1001\...\OneDriveSetup.exe) (Version: 17.3.6743.1212 - Microsoft Corporation)
Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.20513.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Command Line Utilities (HKLM\...\{9D573E71-1077-4C7E-B4DB-4E22A5D2B48B}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client (HKLM\...\{49D665A2-4C2A-476E-9AB8-FCC425F526FC}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2014 Management Objects (HKLM-x32\...\{2774595F-BC2A-4B12-A25B-0C37A37049B0}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 Management Objects (x64) (HKLM\...\{1F9EB3B6-AED7-4AA7-B8F1-8E314B74B2A5}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 Transact-SQL ScriptDom (HKLM\...\{020CDFE0-C127-4047-B571-37C82396B662}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 T-SQL Language Service (HKLM-x32\...\{47D08E7A-92A1-489B-B0BF-415516497BCE}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2016 LocalDB (HKLM\...\{E359515A-92E6-4FA3-A2C9-E1BA02D8DE6E}) (Version: 13.0.1601.5 - Microsoft Corporation)
Microsoft SQL Server 2016 Management Objects (HKLM-x32\...\{0F1C8E2F-199A-4946-B3BF-0906DACFD032}) (Version: 13.0.1601.5 - Microsoft Corporation)
Microsoft SQL Server 2016 Management Objects (x64) (HKLM\...\{20EA85AA-2A1D-4F11-B09F-4BA2BF3C8989}) (Version: 13.0.1601.5 - Microsoft Corporation)
Microsoft SQL Server 2016 T-SQL Language Service (HKLM-x32\...\{8BFDE775-C5B8-46DB-84EF-43FFC8A2E8AD}) (Version: 13.0.14500.10 - Microsoft Corporation)
Microsoft SQL Server 2016 T-SQL ScriptDom (HKLM\...\{D091DE8C-EA0F-49AF-8DE3-BD6C79737C6E}) (Version: 13.0.1601.5 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 SP1 x64 ENU (HKLM\...\{78909610-D229-459C-A936-25D92283D3FD}) (Version: 4.0.8876.1 - Microsoft Corporation)
Microsoft SQL Server Data Tools - enu (14.0.60519.0) (HKLM-x32\...\{4E27B0EF-7BAB-432A-AF3D-3FC8F3F7353F}) (Version: 14.0.60519.0 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2014 (HKLM\...\{FC3BB979-AA54-4B60-BBA3-2C4DA6E08D80}) (Version: 12.0.2402.29 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2014 (HKLM-x32\...\{091CE6AA-2753-4F6E-AD1C-0E875744EB54}) (Version: 12.0.2402.29 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2016 (HKLM\...\{96EB5054-C775-4BEF-B7B9-AA96A295EDCD}) (Version: 13.0.1601.5 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2016 (HKLM-x32\...\{84C23ECA-FE4D-494F-9247-3EBAD57E7F0C}) (Version: 13.0.1601.5 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010 Redistributable - x64 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 Redistributable - x86 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24210 (HKLM-x32\...\{f144e08f-9cbe-4f09-9a8c-f2b858b7ee7f}) (Version: 14.0.24210.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24210 (HKLM-x32\...\{23658c02-145e-483d-ba6b-1eb82c580529}) (Version: 14.0.24210.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual Studio Community 2015 with Updates (HKLM-x32\...\{79b486b9-c5f0-4096-a00c-8351f59587c2}) (Version: 14.0.25420.1 - Microsoft Corporation)
Microsoft Web Deploy 3.6 (HKLM\...\{94E1227C-08A9-4962-B388-1F05D89AEA75}) (Version: 3.1238.1962 - Microsoft Corporation)
Middle Earth - Shadow of Mordor (HKLM-x32\...\Middle Earth - Shadow of Mordor_R.G. Mechanics_is1) (Version: - R.G. Mechanics, spider91)
Minecraft (HKLM-x32\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang)
MSBuild/NuGet Integration 14.0 (x86) (x32 Version: 14.0.25420 - Microsoft Corporation) Hidden
Multi-Device Hybrid Apps using C# - Templates - ENU (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden
Nexus Mod Manager (HKLM\...\6af12c54-643b-4752-87d0-8335503010de_is1) (Version: 0.63.11 - Black Tree Gaming)
Notepad++ (64-bit x64) (HKLM\...\Notepad++) (Version: 7.2.2 - Notepad++ Team)
NVIDIA 3D Vision Controller Driver 369.04 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 369.04 - NVIDIA Corporation)
NVIDIA 3D Vision Driver 378.66 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 378.66 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.3.0.95 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.3.0.95 - NVIDIA Corporation)
NVIDIA Graphics Driver 378.66 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 378.66 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.34.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.21 - NVIDIA Corporation)
NVIDIA Miracast Virtual Audio 353.06 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Miracast.VirtualAudio) (Version: 353.06 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation)
NvNodejs (Version: 3.3.0.95 - NVIDIA Corporation) Hidden
NvTelemetry (Version: 2.3.5.0 - NVIDIA Corporation) Hidden
NvvHci (Version: 2.02.0.5 - NVIDIA Corporation) Hidden
Origin (HKLM-x32\...\Origin) (Version: 10.3.3.1921 - Electronic Arts, Inc.)
Outils de vérification linguistique 2016 de Microsoft Office - Français (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Overwatch (HKLM-x32\...\Overwatch) (Version: - Blizzard Entertainment)
Popcorn Time (HKLM-x32\...\Popcorn Time_is1) (Version: 5.5.1.2 - Popcorn Time) <==== ATTENTION
PowerISO (HKLM-x32\...\PowerISO) (Version: 6.7 - Power Software Ltd)
PreEmptive Analytics Visual Studio Components (x32 Version: 1.2.5134.1 - PreEmptive Solutions) Hidden
Prerequisites for SSDT (HKLM-x32\...\{21373064-AD95-48DB-A32E-0D9E08EF7355}) (Version: 12.0.2000.8 - Microsoft Corporation)
Prerequisites for SSDT (HKLM-x32\...\{B7E94916-7AE6-4F7F-A377-7A410A42BA19}) (Version: 13.0.1601.5 - Microsoft Corporation)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.25.108.2014 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6873 - Realtek Semiconductor Corp.)
ROBLOX Player for Tuf Tuf (HKU\S-1-5-21-4011794534-997363082-2150810316-1001\...\{373B1718-8CC5-4567-8EE2-9033AD08A680}) (Version: - ROBLOX Corporation)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.5.8 - Rockstar Games)
Roslyn Language Services - x86 (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden
Roslyn Language Services - x86 (x32 Version: 14.0.25431 - Microsoft Corporation) Hidden
SafeZone Stable 3.55.2393.527 (x32 Version: 3.55.2393.527 - Avast Software) Hidden
SHIELD Streaming (Version: 7.1.0351 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 3.3.0.95 - NVIDIA Corporation) Hidden
Skype™ 7.32 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.32.103 - Skype Technologies S.A.)
Smart Defrag 5 (HKLM-x32\...\Smart Defrag_is1) (Version: 5.4.0 - IObit)
Spybot Anti-Beacon (HKLM-x32\...\{419A7FCF-93E1-474D-BFE9-987CF3F90C88}_is1) (Version: 1.6 - Safer-Networking Ltd.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Team Explorer for Microsoft Visual Studio 2015 Update 3.1 (x32 Version: 14.102.25619 - Microsoft) Hidden
Team Fortress 2 (HKLM\...\Steam App 440) (Version: - Valve)
TeamViewer 12 (HKLM-x32\...\TeamViewer) (Version: 12.0.71503 - TeamViewer)
TERA (HKLM-x32\...\{A2F166A0-F031-4E27-A057-C69733219434}_is1) (Version: - Gameforge4d)
Test Tools for Microsoft Visual Studio 2015 (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden
The Elder Scrolls V Skyrim Special Edition (HKLM-x32\...\The Elder Scrolls V Skyrim Special Edition_is1) (Version: - )
The Witcher 3 - Wild Hunt (HKLM-x32\...\1495134320_is1) (Version: 2.0.0.51 - GOG.com)
TunnelBear (HKLM-x32\...\{999c6f10-ce15-4dce-bc57-5c6c89b2af84}) (Version: 3.0.32.0 - TunnelBear)
TunnelBear (x32 Version: 3.0.32.0 - TunnelBear) Hidden
TypeScript Power Tool (x32 Version: 1.8.34.0 - Microsoft Corporation) Hidden
TypeScript Tools for Microsoft Visual Studio 2015 (x32 Version: 1.8.36.0 - Microsoft Corporation) Hidden
Update for (KB2504637) (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}.KB2504637) (Version: 1 - Microsoft Corporation)
Update for Skype for Business 2016 (KB3115268) 64-Bit Edition (HKLM\...\{90160000-0011-0000-1000-0000000FF1CE}_Office16.PROPLUS_{5D633E34-0FA8-4C3F-8A16-D1A6C33C7015}) (Version: - Microsoft)
Update for Skype for Business 2016 (KB3115268) 64-Bit Edition (HKLM\...\{90160000-00C1-0000-1000-0000000FF1CE}_Office16.PROPLUS_{5D633E34-0FA8-4C3F-8A16-D1A6C33C7015}) (Version: - Microsoft)
Update for Skype for Business 2016 (KB3115268) 64-Bit Edition (HKLM\...\{90160000-012B-0409-1000-0000000FF1CE}_Office16.PROPLUS_{5D633E34-0FA8-4C3F-8A16-D1A6C33C7015}) (Version: - Microsoft)
Uplay (HKLM-x32\...\Uplay) (Version: 26.0 - Ubisoft)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
Visual Studio 2015 Update 3 (KB3022398) (HKLM-x32\...\{7a68448b-9cf2-4049-bd73-5875f1aa7ba2}) (Version: 14.0.25420 - Microsoft Corporation)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.4 - VideoLAN)
VS Update core components (x32 Version: 14.0.25431 - Microsoft Corporation) Hidden
vs_update3notification (x32 Version: 14.0.25431 - Microsoft Corporation) Hidden
Vulkan Run Time Libraries 1.0.39.1 (HKLM\...\VulkanRT1.0.39.1) (Version: 1.0.39.1 - LunarG, Inc.)
WCF Data Services 5.6.4 Runtime (x32 Version: 5.6.62175.4 - Microsoft Corporation) Hidden
WCF Data Services Tools for Microsoft Visual Studio 2015 (x32 Version: 5.6.62175.4 - Microsoft Corporation) Hidden
WinRAR 5.40 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH)
XFast LAN v9.05 (HKLM\...\XFast LAN) (Version: 9.05 - cFos Software GmbH, Bonn)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-4011794534-997363082-2150810316-1001_Classes\CLSID\{DEE03C2B-0C0C-41A9-9877-FD4B4D7B6EA3}\InprocServer32 -> C:\Users\Tuf Tuf\AppData\Local\Roblox\Versions\version-934c86ec4aa148f0\RobloxProxy64.dll (ROBLOX Corporation)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {02A4FC22-A19F-447E-81EF-9D63B1D55585} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-01-20] (NVIDIA Corporation)
Task: {1291329F-711E-4D79-BB39-81AB92FBEE16} - System32\Tasks\Uninstaller_SkipUac_Tuf_Tuf => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe [2016-06-24] (IObit)
Task: {22023BE7-EBDE-425D-A9BC-2B70B64CCF3C} - System32\Tasks\SmartDefrag_AutoAnalyze => C:\Program Files (x86)\IObit\Smart Defrag\AutoDefrag.exe [2016-06-06] (IObit)
Task: {26012E92-6591-4A9D-9B04-0BB5A4D3BD03} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2017-02-16] (AVAST Software)
Task: {32AE3796-6083-4057-8E41-F4CDE1ED45FC} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-01-20] (NVIDIA Corporation)
Task: {390A80DB-832D-4A79-BD12-B07C04C36B58} - System32\Tasks\SmartDefrag_Startup => C:\Program Files (x86)\IObit\Smart Defrag\SmartDefrag.exe [2016-11-21] (IObit)
Task: {4D35E975-DC8B-4611-B067-D21AFFCF7208} - System32\Tasks\IObitSelfCheckTask => C:\Program Files (x86)\IObit\Smart Defrag\IObitSelfCheck.exe [2016-10-18] (IObit)
Task: {4DB4F82B-1412-4545-A198-8252A8EB9481} - System32\Tasks\Driver Booster Scheduler => C:\Program Files (x86)\IObit\Driver Booster\4.2.0\Scheduler.exe [2016-12-14] (IObit)
Task: {5FB85A30-A764-41E6-8FB4-3519FD2DB576} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-11-12] (Google Inc.)
Task: {60801F80-19BA-4C89-A2F0-435DF4FBAF04} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-01-20] (NVIDIA Corporation)
Task: {6253A371-AAE5-4961-9AAD-DCE647056AFE} - System32\Tasks\update-sys => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [2016-07-11] ()
Task: {6FB5BC41-C743-4809-B490-D1BA4C6A5CE9} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2017-01-20] (NVIDIA Corporation)
Task: {71B56123-A5BB-4E90-8173-1CB799098B1D} - System32\Tasks\ASC9_SkipUac_Tuf Tuf => C:\Program Files (x86)\IObit\Advanced SystemCare\ASC.exe [2016-08-16] (IObit)
Task: {86B7B8F6-825B-4768-B737-4C766CB8B47F} - System32\Tasks\update-S-1-5-21-4011794534-997363082-2150810316-1001 => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [2016-07-11] ()
Task: {8B693347-00FC-4815-87A9-B3EF7C07FB32} - System32\Tasks\Driver Booster SkipUAC (Tuf Tuf) => C:\Program Files (x86)\IObit\Driver Booster\4.2.0\DriverBooster.exe [2017-01-10] (IObit)
Task: {9504E7A3-C661-48F9-9756-EF1E1D07FD37} - System32\Tasks\SafeZone scheduled Autoupdate 1487252000 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe [2017-02-03] (Avast Software)
Task: {96BC5691-4D9D-4F8E-B5DF-AF45E421F8AD} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2017-02-16] (AVAST Software)
Task: {A3070D69-C70E-430D-8980-B89C80978894} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2015-07-31] (Microsoft Corporation)
Task: {A8E606F2-4BF2-4125-A8B5-D475B95352D9} - System32\Tasks\SmartDefrag_Update => C:\Program Files (x86)\IObit\Smart Defrag\AutoUpdate.exe [2016-07-22] (IObit)
Task: {B9820FB9-7F95-4A1E-B3D9-6D711C33AB6A} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-01-20] (NVIDIA Corporation)
Task: {CDC13BD6-A046-40C3-BFC8-CD3BB24948FB} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWoW64\Macromed\Flash\FlashUtil32_24_0_0_221_pepper.exe [2017-02-15] (Adobe Systems Incorporated)
Task: {D04D623E-6997-49D0-9B63-A607FE1737F5} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-11-12] (Google Inc.)
Task: {D12B7047-5EB5-459D-92A0-61313FF46521} - System32\Tasks\ASC9_PerformanceMonitor => C:\Program Files (x86)\IObit\Advanced SystemCare\Monitor.exe [2016-07-20] (IObit)
Task: {D3F23C75-AFB2-41B8-99A6-A9D53E5F9D19} - System32\Tasks\Java Platform SE Auto Updater => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2016-12-12] (Oracle Corporation)
Task: {DC9FFCE8-C7B3-4344-B3F3-045BA88517B5} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-01-20] (NVIDIA Corporation)
Task: {E5132D00-AE66-409D-8A26-0302539F9284} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWoW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-02-15] (Adobe Systems Incorporated)
Task: {EDE4968C-42DB-4B8E-BD77-E42703B5ABF3} - System32\Tasks\AVGPCTuneUp_Task_BkGndMaintenance => C:\Program Files (x86)\AVG\AVG PC TuneUp\tuscanx.exe
Task: {EE9DB416-C040-4B80-9B9D-D2A201B3DC4F} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2017-01-20] (NVIDIA Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\Adobe Flash Player PPAPI Notifier.job => C:\WINDOWS\SysWoW64\Macromed\Flash\FlashUtil32_24_0_0_221_pepper.exe
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWoW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\ASC9_SkipUac_Tuf Tuf.job => C:\Program Files (x86)\IObit\Advanced SystemCare\ASC.exe
Task: C:\WINDOWS\Tasks\Uninstaller_SkipUac_Tuf_Tuf.job => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe
Task: C:\WINDOWS\Tasks\update-S-1-5-21-4011794534-997363082-2150810316-1001.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe
Task: C:\WINDOWS\Tasks\update-sys.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\Tuf Tuf\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome апликације\Sticky Notes.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=nbjdhgkkhefpifbifjiflpaajchdkhpg
ShortcutWithArgument: C:\Users\Tuf Tuf\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\360c22b137d62ce9\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=ChromeDefaultData

==================== Loaded Modules (Whitelisted) ==============

2016-07-16 12:42 - 2016-07-16 12:42 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-12-13 19:48 - 2016-12-09 11:29 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-12-03 12:04 - 2017-02-09 23:57 - 00134712 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2016-11-12 13:54 - 2014-07-31 16:17 - 00463112 _____ () C:\Program Files (x86)\ASRock Utility\A-Tuning\Bin\IOMonitorSrv.exe
2017-01-12 02:35 - 2017-01-20 19:39 - 04489152 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\Poco.dll
2017-01-12 02:35 - 2017-01-20 19:39 - 01147328 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
2017-02-16 13:54 - 2017-01-20 07:47 - 02264352 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\PoliciesControllerImpl.dll
2017-02-16 13:54 - 2017-01-20 07:47 - 02829776 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\arwlib.dll
2017-02-16 13:54 - 2017-01-20 07:47 - 02254800 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll
2016-12-13 19:48 - 2016-12-09 11:29 - 02681200 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll
2016-07-12 06:21 - 2016-07-12 06:21 - 08911552 _____ () C:\Program Files\Microsoft Office\Office16\1033\GrooveIntlResource.dll
2016-11-27 18:55 - 2016-11-27 18:55 - 00230064 _____ () C:\Program Files\Notepad++\NppShell_06.dll
2016-12-03 20:58 - 2016-12-03 20:58 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2017-01-10 22:50 - 2016-12-21 08:09 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2017-02-07 06:53 - 2017-02-07 06:53 - 00073728 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.11.105.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2017-02-07 06:53 - 2017-02-07 06:53 - 00179712 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.11.105.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2017-02-07 06:53 - 2017-02-07 06:53 - 42895872 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.11.105.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2017-02-07 06:53 - 2017-02-07 06:53 - 02215424 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.11.105.0_x64__kzf8qxf38zg5c\roottools.dll
2017-01-10 22:49 - 2016-12-21 07:54 - 09760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2017-01-10 22:49 - 2016-12-21 07:48 - 01401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-01-10 22:49 - 2016-12-21 07:48 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2017-01-10 22:49 - 2016-12-21 07:48 - 02424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2017-01-10 22:49 - 2016-12-21 07:53 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2017-02-05 17:01 - 2015-12-28 13:49 - 00629536 _____ () C:\Program Files (x86)\IObit\LiveUpdate\ProductStatistics.dll
2017-01-07 14:27 - 2017-01-07 14:27 - 02493440 _____ () C:\Program Files (x86)\Origin\libGLESv2.dll
2017-01-12 02:35 - 2017-01-20 19:39 - 00018880 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2017-01-12 02:35 - 2017-01-20 19:39 - 03774400 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\Poco.dll
2017-01-12 02:35 - 2017-01-20 19:39 - 00900032 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll
2017-02-05 17:01 - 2015-12-23 18:32 - 00355616 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare\madExcept_.bpl
2017-02-05 17:01 - 2015-12-23 18:32 - 00190240 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare\madBasic_.bpl
2017-02-05 17:01 - 2015-12-23 18:32 - 00057632 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare\madDisAsm_.bpl
2017-02-05 17:01 - 2015-12-28 13:50 - 00899872 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare\webres.dll
2017-02-05 17:01 - 2015-12-28 13:49 - 00629536 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare\ProductStatistics.dll
2017-02-16 14:29 - 2017-02-16 14:29 - 00170216 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2017-02-16 14:29 - 2017-02-16 14:29 - 48936448 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2017-02-16 14:29 - 2017-02-16 14:29 - 00289328 _____ () C:\Program Files\AVAST Software\Avast\gaming_mode_ui.dll
2017-02-16 14:29 - 2017-02-16 14:29 - 00655056 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll
2017-02-05 17:02 - 2015-12-23 18:32 - 00190240 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\madBasic_.bpl
2017-02-05 17:02 - 2015-12-23 18:32 - 00057632 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\madDisAsm_.bpl
2017-02-05 17:01 - 2015-12-28 13:50 - 01293088 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare\Scan.dll
2017-01-12 02:35 - 2017-01-20 14:36 - 00338488 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVAccountAPINode.node
2017-01-12 02:35 - 2017-01-20 14:36 - 00254008 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\DriverInstall.node
2017-01-12 02:35 - 2017-01-20 14:36 - 02808888 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\Downloader.node
2017-01-12 02:35 - 2017-01-20 14:36 - 00384568 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvGameShareAPINode.node
2017-01-12 02:35 - 2017-01-20 14:36 - 00537656 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvSpCapsAPINode.node
2017-01-12 02:35 - 2017-01-20 14:36 - 00468024 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvGalleryAPINode.node
2017-01-12 02:35 - 2017-01-20 14:36 - 01066552 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvCameraAPINode.node
2017-01-12 02:35 - 2017-01-20 14:36 - 01014840 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvSDKAPINode.node
2017-02-16 16:24 - 2017-02-01 10:01 - 01870168 _____ () C:\Program Files (x86)\Google\Chrome\Application\56.0.2924.87\libglesv2.dll
2017-02-16 16:24 - 2017-02-01 10:01 - 00085848 _____ () C:\Program Files (x86)\Google\Chrome\Application\56.0.2924.87\libegl.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\WINDOWS\system32\drivers:ucdrv-x64.sys [25444]
AlternateDataStreams: C:\WINDOWS\system32\drivers:x64 [371912]
AlternateDataStreams: C:\WINDOWS\system32\drivers:x86 [1213218]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2015-07-10 12:04 - 2017-02-16 13:32 - 00008909 ____A C:\WINDOWS\system32\Drivers\etc\hosts

127.0.0.1 down.baidu2016.com
127.0.0.1 123.sogou.com
127.0.0.1 www.czzsyzgm.com
127.0.0.1 www.czzsyzxl.com
127.0.0.1 union.baidu2019.com
127.0.0.1 down.baidu2016.com
127.0.0.1 123.sogou.com
127.0.0.1 www.czzsyzgm.com
127.0.0.1 www.czzsyzxl.com
127.0.0.1 union.baidu2019.com
104.131.26.227 469ba60d9681f961064c-3cca6631dac1b4997db921c060b712f6.r30.cf2.rackcdn.com
104.131.26.227 a.bf-ad.net
104.131.26.227 a.visualrevenue.com
104.131.26.227 a1.vdna-assets.com
104.131.26.227 a248.e.akamai.net
104.131.26.227 aax.amazon-adsystem.com
104.131.26.227 ad.crwdcntrl.net
104.131.26.227 ad.mail.ru
104.131.26.227 ade.clmbtech.com
104.131.26.227 ads.adfox.ru
104.131.26.227 ads.pubmatic.com
104.131.26.227 apis.google.com
104.131.26.227 asset.pagefair.net
104.131.26.227 assets.adobedtm.com
104.131.26.227 assets.flocktory.com
104.131.26.227 autocontext.begun.ru
104.131.26.227 b.grvcdn.com
104.131.26.227 b.ns1p.net
104.131.26.227 b.scorecardresearch.com
104.131.26.227 b.wal.co
104.131.26.227 babator-stg-cdn.babator.com
104.131.26.227 beacon.krxd.net
104.131.26.227 beacon.walmart.com
104.131.26.227 c.amazon-adsystem.com
104.131.26.227 c.vepxl1.net
104.131.26.227 c2.taboola.com
104.131.26.227 cdn.3lift.com
104.131.26.227 cdn.admixer.net
104.131.26.227 cdn.brcdn.com
104.131.26.227 cdn.cxense.com
104.131.26.227 cdn.interactivemedia.ne
104.131.26.227 cdn.krxd.net
104.131.26.227 cdn.lenmit.com
104.131.26.227 cdn.livefyre.com
104.131.26.227 cdn.m-pathy.com
104.131.26.227 cdn.mathjax.org
104.131.26.227 cdn.mxpnl.com
104.131.26.227 cdn.onthe.io
104.131.26.227 cdn.optimizely.com
104.131.26.227 cdn.prom.st
104.131.26.227 cdn.pushwoosh.com
104.131.26.227 cdn.scarabresearch.com
104.131.26.227 cdn.taboola.com
104.131.26.227 cdn.taplytics.com
104.131.26.227 cdn.tt.omtrdc.net
104.131.26.227 cdn.unid.go.com
104.131.26.227 cdn1.graphiq.com
104.131.26.227 cdn3.optimizely.com
104.131.26.227 cdnjs.cloudflare.com
104.131.26.227 cdnssl.clicktale.net
104.131.26.227 comet.yahoo.com
104.131.26.227 consent.truste.com
104.131.26.227 content.adriver.ru
104.131.26.227 contextual.media.net
104.131.26.227 cstatic.weborama.fr
104.131.26.227 d134l0cdryxgwa.cloudfront.net
104.131.26.227 d2oh4tlt9mrke9.cloudfront.net
104.131.26.227 dpm.demdex.net
104.131.26.227 e.monetate.net
104.131.26.227 edge.quantserve.com
104.131.26.227 edx-uk.s3ae.com
104.131.26.227 eu-services.babator.com
104.131.26.227 fc.yahoo.com
104.131.26.227 gaua.hit.gemius.pl
104.131.26.227 gde-default.hit.gemius.pl
104.131.26.227 go.flx1.com
104.131.26.227 googleadservices.com
104.131.26.227 hpr.outbrain.com
104.131.26.227 i.cricketcb.com
104.131.26.227 i.tfag.de
104.131.26.227 ib.adnxs.com
104.131.26.227 imagesrv.adition.com
104.131.26.227 img.imgsmail.ru
104.131.26.227 img7.auto.ria.com
104.131.26.227 j.ophan.co.uk
104.131.26.227 js-agent.newrelic.com
104.131.26.227 js-sec.indexww.com
104.131.26.227 js.revsci.net
104.131.26.227 js.ui-portal.de
104.131.26.227 kamradamnaradost.ru
104.131.26.227 kpmediagaua.hit.gemius.pl
104.131.26.227 level1cdn.com
104.131.26.227 mc.yandex.ru
104.131.26.227 ml314.com
104.131.26.227 mtrx.go.sonobi.com
104.131.26.227 ninja.onap.io
104.131.26.227 o.aolcdn.com
104.131.26.227 odb.outbrain.com
104.131.26.227 ok-bar.love.mail.ru

There are 59 more lines.


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-4011794534-997363082-2150810316-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Tuf Tuf\Desktop\pozadine\P7ryMK.jpg
DNS Servers: 89.216.1.40 - 89.216.1.50
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

HKLM\...\StartupApproved\Run: => "XFast LAN"
HKLM\...\StartupApproved\Run: => "AvgUi"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "LogMeIn Hamachi Ui"
HKU\S-1-5-21-4011794534-997363082-2150810316-1001\...\StartupApproved\StartupFolder: => "Send to OneNote.lnk"
HKU\S-1-5-21-4011794534-997363082-2150810316-1001\...\StartupApproved\Run: => "Skype"
HKU\S-1-5-21-4011794534-997363082-2150810316-1001\...\StartupApproved\Run: => "BlueStacks Agent"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [UDP Query User{908EBAAA-254B-40D4-8CC2-4217A4960A06}E:\overwatch\overwatch.exe] => (Allow) E:\overwatch\overwatch.exe
FirewallRules: [TCP Query User{8C90C068-91F6-42E3-A247-57FED3059D72}E:\overwatch\overwatch.exe] => (Allow) E:\overwatch\overwatch.exe
FirewallRules: [{117DDE33-80D2-4CC7-87DB-EAA4754324A2}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{D23AAEC3-AC89-4E85-9332-350EF33EF909}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{51B67F46-DA53-4794-8121-B6A9449A4712}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{8F6BB5C4-B9D5-405B-BDF8-E44A9DEF76A3}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [UDP Query User{665E8D04-CBC9-4248-AC8F-F43AD779031A}E:\overwatch test\overwatch.exe] => (Allow) E:\overwatch test\overwatch.exe
FirewallRules: [TCP Query User{E0A9F19C-BBAA-45C5-A6E2-DD1D70B31A69}E:\overwatch test\overwatch.exe] => (Allow) E:\overwatch test\overwatch.exe
FirewallRules: [UDP Query User{8BA48494-0A2E-40D6-90E9-CE8554CE4D86}E:\far cry 3\bin\farcry3_d3d11.exe] => (Block) E:\far cry 3\bin\farcry3_d3d11.exe
FirewallRules: [TCP Query User{33737C00-AB04-4A2E-9C70-E6E10D9F9818}E:\far cry 3\bin\farcry3_d3d11.exe] => (Block) E:\far cry 3\bin\farcry3_d3d11.exe
FirewallRules: [UDP Query User{44810C89-566E-45B7-8C46-D7375833A192}E:\far cry 3\bin\farcry3.exe] => (Allow) E:\far cry 3\bin\farcry3.exe
FirewallRules: [TCP Query User{8B16382C-403D-46A8-B7F6-0881D0DDBBB6}E:\far cry 3\bin\farcry3.exe] => (Allow) E:\far cry 3\bin\farcry3.exe
FirewallRules: [{C7376B10-EECE-4A78-8231-5AFE7BBED84B}] => (Allow) E:\SteamLibrary\steamapps\common\Team Fortress 2\hl2.exe
FirewallRules: [{F68F919F-259F-4FCA-AB67-5FA0AD0C4B96}] => (Allow) E:\SteamLibrary\steamapps\common\Team Fortress 2\hl2.exe
FirewallRules: [{746CAFF2-619B-42A5-9429-6141B4CA05BF}] => (Allow) C:\Program Files (x86)\Popcorn Time\chromecast\node.exe
FirewallRules: [{D5C9B99C-A7CE-4083-AAB0-0E1B611F1BA1}] => (Allow) C:\Program Files (x86)\Popcorn Time\chromecast\node.exe
FirewallRules: [{DD6019F1-1730-4B14-9740-22E8900A772A}] => (Allow) C:\Program Files (x86)\Popcorn Time\PopcornTimeDesktop.exe
FirewallRules: [{7F9B4B35-D9D7-4A8E-AD6B-5F7CDF42229C}] => (Allow) C:\Program Files (x86)\Popcorn Time\PopcornTimeDesktop.exe
FirewallRules: [{D7A69F00-45C7-4690-A5F6-F8471D885D0E}] => (Allow) C:\Program Files (x86)\Popcorn Time\Updater.exe
FirewallRules: [{817565A8-49FC-4065-A658-03D7E5B48368}] => (Allow) C:\Program Files (x86)\Popcorn Time\Updater.exe
FirewallRules: [{9C5B52A0-CCBD-4B59-A353-F75EA8E34C68}] => (Allow) E:\SteamLibrary\steamapps\common\Call of Duty Modern Warfare 2\iw4sp.exe
FirewallRules: [{B3368FDC-5328-463B-A467-644F0F62CD07}] => (Allow) E:\SteamLibrary\steamapps\common\Call of Duty Modern Warfare 2\iw4sp.exe
FirewallRules: [UDP Query User{1FF03EF0-EE24-4670-8128-59533936493D}E:\hearthstone\hearthstone.exe] => (Allow) E:\hearthstone\hearthstone.exe
FirewallRules: [TCP Query User{1BE62CAD-FE37-4C15-99BB-9578019C7A10}E:\hearthstone\hearthstone.exe] => (Allow) E:\hearthstone\hearthstone.exe
FirewallRules: [{4FC889A7-64E0-4115-904B-329CD7A74D9F}] => (Allow) E:\SteamLibrary\steamapps\common\GarrysMod\hl2.exe
FirewallRules: [{15EC2C60-E7F1-4EDD-99FE-1A1D4DA44527}] => (Allow) E:\SteamLibrary\steamapps\common\GarrysMod\hl2.exe
FirewallRules: [{691354C0-6D6F-4814-BCE7-FBCEFA5A85F8}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{8E59C435-BE2A-428E-9612-2BB022417173}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{ACA6DDEC-8A0D-4B8C-A0EB-8B66870B04C5}] => (Allow) C:\Users\Tuf Tuf\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{BF020C9B-042E-494A-93CC-F90EBD80DEB3}] => (Allow) C:\Users\Tuf Tuf\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{1F35FCC1-5704-4C8A-8630-C3EA5A04AC74}] => (Allow) C:\Users\Tuf Tuf\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{E341B4A8-409A-47C3-8A6C-8E15E8FDC1A2}] => (Allow) C:\Users\Tuf Tuf\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{847ED828-987E-4B84-A87D-4409973094F2}] => (Allow) C:\Users\Tuf Tuf\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{A87CDB10-6524-4004-8485-59626B4A1512}] => (Allow) C:\Users\Tuf Tuf\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [UDP Query User{0FDAA535-34D0-4DB5-BE69-CED5729445C7}E:\overwatch\overwatch.exe] => (Allow) E:\overwatch\overwatch.exe
FirewallRules: [TCP Query User{992D90B4-0A1C-4CD4-A0B4-4C31A22FF74A}E:\overwatch\overwatch.exe] => (Allow) E:\overwatch\overwatch.exe
FirewallRules: [{A2F16403-772A-46BC-A891-ADA920A7EEF5}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{8613D87D-5922-4DDF-AEB4-35D71E25AB2D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{7CE1609A-C916-4927-9C0E-4CE00AE2F288}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{E1050135-CF1F-43D5-84A2-9D66E24D8A2E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe
FirewallRules: [{F85CFDB5-5C59-441D-86C9-13AF174536A3}] => (Allow) E:\SteamLibrary\steamapps\common\Call of Duty Modern Warfare 2\iw4mp.exe
FirewallRules: [{EBEB67F3-C30D-4E76-93B4-3C3A1C77C746}] => (Allow) E:\SteamLibrary\steamapps\common\Call of Duty Modern Warfare 2\iw4mp.exe
FirewallRules: [{03D994F6-F430-412D-A736-19597A72F657}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Assassin's Creed III\AC3SP.exe
FirewallRules: [{F25B5DA2-C960-44B1-96B0-CCD2F0BE5027}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Assassin's Creed III\AC3SP.exe
FirewallRules: [{DBAC37CE-0171-418E-9178-8A94BC0CA0AF}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Assassin's Creed III\AC3MP.exe
FirewallRules: [{267208AF-8E86-4470-8056-4527D6BDF345}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Assassin's Creed III\AC3MP.exe
FirewallRules: [TCP Query User{78B75887-66E6-4360-B45B-1BBE61E77676}E:\games\call of duty black ops 2\t6sp.exe] => (Block) E:\games\call of duty black ops 2\t6sp.exe
FirewallRules: [UDP Query User{FD22D4EF-B450-46B1-A12B-3BAF97CE2732}E:\games\call of duty black ops 2\t6sp.exe] => (Block) E:\games\call of duty black ops 2\t6sp.exe
FirewallRules: [TCP Query User{51241E9E-C383-46A3-9C13-7DA623A2670D}E:\games\call of duty black ops 2\t6sp.exe] => (Block) E:\games\call of duty black ops 2\t6sp.exe
FirewallRules: [UDP Query User{99907EA5-55CD-4C05-979B-DBE482257494}E:\games\call of duty black ops 2\t6sp.exe] => (Block) E:\games\call of duty black ops 2\t6sp.exe
FirewallRules: [{1432A323-66C0-46EF-BDF1-237F85852B1A}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{6789B913-B8B9-49B1-AB71-9034F6D202AB}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [TCP Query User{5CCCF258-E46F-4EE0-A640-4AEFE551DD2A}E:\games\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Block) E:\games\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{EC4C99FC-DC73-4E02-8ADF-4AB994104F26}E:\games\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Block) E:\games\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [{433DE43D-CA3E-40A3-A5C5-F6D42CBD90FE}] => (Allow) C:\Program Files (x86)\Microsoft Visual Studio 14.0\Common7\IDE\devenv.exe
FirewallRules: [{BFAED20D-D626-4B97-B582-846FED099DCC}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{8BC7A4C6-CA34-427A-9A0D-41863495ED6F}] => (Allow) C:\Program Files (x86)\Origin Games\Mass Effect 2\Binaries\MassEffect2.exe
FirewallRules: [{21AB6106-6F89-4EF8-A024-0945832262E6}] => (Allow) C:\Program Files (x86)\Origin Games\Mass Effect 2\Binaries\MassEffect2.exe
FirewallRules: [{DF49B3A2-5450-450B-A30E-D1AD88B5DDEC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe
FirewallRules: [TCP Query User{70C1ABBE-1A2C-4384-B390-0B396EB56B53}E:\games\grand theft auto v\gta5.exe] => (Allow) E:\games\grand theft auto v\gta5.exe
FirewallRules: [UDP Query User{CF1EB2C8-43D8-46C8-AD14-FACCE450779B}E:\games\grand theft auto v\gta5.exe] => (Allow) E:\games\grand theft auto v\gta5.exe
FirewallRules: [{F4931E0B-D907-45F3-BA3C-EAAF091C1913}] => (Allow) E:\GameforgeLive\gfl_client.exe
FirewallRules: [TCP Query User{6430AD40-D47B-4C92-B156-98A0C720D65A}E:\gameforgelive\games\gbr_eng\tera\tera-launcher.exe] => (Allow) E:\gameforgelive\games\gbr_eng\tera\tera-launcher.exe
FirewallRules: [UDP Query User{AD0DE92D-82C3-47A4-AF3D-D6CA89F0880A}E:\gameforgelive\games\gbr_eng\tera\tera-launcher.exe] => (Allow) E:\gameforgelive\games\gbr_eng\tera\tera-launcher.exe
FirewallRules: [{8198EF8A-5B2A-45F0-9248-8D51D7B99BF3}] => (Allow) E:\Games\Aliens vs. Predator\AvP.exe
FirewallRules: [{44597DC7-6769-4889-94C8-85489EE59AB2}] => (Allow) E:\Games\Aliens vs. Predator\AvP.exe
FirewallRules: [{56C6F8F5-BF03-4BD5-9692-4D8786DB7899}] => (Allow) E:\Games\Aliens vs. Predator\AvP_DX11.exe
FirewallRules: [{24B25AB0-8986-4B5A-ACD3-80FF5FB9E0F6}] => (Allow) E:\Games\Aliens vs. Predator\AvP_DX11.exe
FirewallRules: [TCP Query User{874775BF-B58D-4809-B908-68218D348400}E:\games\call of duty - black ops\blackops.exe] => (Allow) E:\games\call of duty - black ops\blackops.exe
FirewallRules: [UDP Query User{F6D2E699-D45F-4778-86E7-8E20A8E4E11A}E:\games\call of duty - black ops\blackops.exe] => (Allow) E:\games\call of duty - black ops\blackops.exe
FirewallRules: [{5DB5A30B-7FEF-4831-86B2-B1330F1839A7}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\4.2.0\DriverBooster.exe
FirewallRules: [{F3FE5563-F71F-4E4A-8959-6EFF8EFDC93F}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\4.2.0\DriverBooster.exe
FirewallRules: [{320B5E85-91C4-4A1B-B6D1-4CF5BD08EA5E}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\4.2.0\DBDownloader.exe
FirewallRules: [{B32A2D01-A020-4C67-AB09-350DF3E55370}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\4.2.0\DBDownloader.exe
FirewallRules: [{54BD2E01-F65A-4C8F-BC96-A95D5A8D0001}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\4.2.0\AutoUpdate.exe
FirewallRules: [{C1E03035-4125-42CB-974E-0BC6E63FCCD9}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\4.2.0\AutoUpdate.exe
FirewallRules: [TCP Query User{2E9DE111-15A8-41A4-A0C1-3412166426FC}E:\games\forhonorbeta\forhonor.exe] => (Allow) E:\games\forhonorbeta\forhonor.exe
FirewallRules: [UDP Query User{13728FBF-1E2C-4B33-B0F6-543F7516AF63}E:\games\forhonorbeta\forhonor.exe] => (Allow) E:\games\forhonorbeta\forhonor.exe
FirewallRules: [{F42004E8-1FCB-44A3-AD87-F63BDFC0BAB7}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Restore Points =========================

02-02-2017 12:44:06 Scheduled Checkpoint
05-02-2017 17:04:44 Driver Booster : Intel(R) 4th Gen Core processor DRAM Controller - 0C00
09-02-2017 18:03:00 Installed DirectX
16-02-2017 16:23:32 ResetBrowser

==================== Faulty Device Manager Devices =============

Name: TunnelBear Adapter V9
Description: TunnelBear Adapter V9
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: TunnelBear Provider V9
Service: tap-tb-0901
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (02/16/2017 04:23:34 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.

Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol.

System Error:
Access is denied.
.

Error: (02/16/2017 04:14:43 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: License Activation (slui.exe) failed with the following error code:
hr=0xC004F074
Command-line arguments:
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=NetworkAvailable

Error: (02/16/2017 04:13:47 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: License Activation (slui.exe) failed with the following error code:
hr=0xC004F074
Command-line arguments:
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=UserLogon;SessionId=1

Error: (02/16/2017 03:47:06 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: License Activation (slui.exe) failed with the following error code:
hr=0xC004F074
Command-line arguments:
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=NetworkAvailable

Error: (02/16/2017 03:46:35 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: License Activation (slui.exe) failed with the following error code:
hr=0xC004F074
Command-line arguments:
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=NetworkAvailable

Error: (02/16/2017 03:45:17 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: License Activation (slui.exe) failed with the following error code:
hr=0xC004F074
Command-line arguments:
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=NetworkAvailable

Error: (02/16/2017 03:45:04 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: License Activation (slui.exe) failed with the following error code:
hr=0xC004F074
Command-line arguments:
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=UserLogon;SessionId=1

Error: (02/16/2017 03:37:23 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: License Activation (slui.exe) failed with the following error code:
hr=0xC004F074
Command-line arguments:
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=NetworkAvailable

Error: (02/16/2017 03:37:02 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: License Activation (slui.exe) failed with the following error code:
hr=0xC004F074
Command-line arguments:
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=NetworkAvailable

Error: (02/16/2017 03:36:57 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Explorer.EXE, version: 10.0.14393.479, time stamp: 0x58258a90
Faulting module name: PWRISOSH.DLL, version: 6.7.0.0, time stamp: 0x57f0547b
Exception code: 0xc0000005
Fault offset: 0x0000000000026c1f
Faulting process id: 0xff4
Faulting application start time: 0x01d28861e0c0bd09
Faulting application path: C:\WINDOWS\Explorer.EXE
Faulting module path: C:\Program Files\PowerISO\PWRISOSH.DLL
Report Id: df815f59-934b-47b0-97fb-45c7dcb5c569
Faulting package full name:
Faulting package-relative application ID:


System errors:
=============
Error: (02/16/2017 04:12:01 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (02/16/2017 04:11:57 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Intel(R) Rapid Storage Technology service terminated unexpectedly. It has done this 1 time(s).

Error: (02/16/2017 04:11:57 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Steam Client Service service terminated unexpectedly. It has done this 1 time(s).

Error: (02/16/2017 04:11:57 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Windows Search service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.

Error: (02/16/2017 04:11:55 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Origin Web Helper Service service terminated unexpectedly. It has done this 1 time(s).

Error: (02/16/2017 04:11:55 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The LogMeIn Hamachi Tunneling Engine service terminated unexpectedly. It has done this 1 time(s).

Error: (02/16/2017 04:11:54 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The NVIDIA LocalSystem Container service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 1000 milliseconds: Restart the service.

Error: (02/16/2017 04:11:54 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The ASRock IO Monitor Service service terminated unexpectedly. It has done this 1 time(s).

Error: (02/16/2017 04:11:54 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The SQL Server VSS Writer service terminated unexpectedly. It has done this 1 time(s).

Error: (02/16/2017 04:11:54 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The NVIDIA Telemetry Container service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 1000 milliseconds: Restart the service.


CodeIntegrity:
===================================
Date: 2017-02-16 16:20:43.914
Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume1\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.

Date: 2017-02-16 16:20:39.933
Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume1\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.

Date: 2017-02-16 16:20:39.932
Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume1\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.

Date: 2017-02-16 16:12:51.457
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\winhttp.dll because the set of per-page image hashes could not be found on the system.

Date: 2017-02-16 16:12:51.433
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\winhttp.dll because the set of per-page image hashes could not be found on the system.

Date: 2017-02-15 18:13:05.567
Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Common Files\microsoft shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2017-02-14 18:26:24.306
Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Common Files\microsoft shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2017-02-14 13:48:17.639
Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Common Files\microsoft shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2017-02-13 09:39:02.015
Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Common Files\microsoft shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2017-02-12 08:26:49.273
Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Common Files\microsoft shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Memory info ===========================

Processor: Intel(R) Core(TM) i5-4460 CPU @ 3.20GHz
Percentage of memory in use: 45%
Total physical RAM: 8131.8 MB
Available physical RAM: 4422.34 MB
Total Virtual: 10563.8 MB
Available Virtual: 6554.29 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:223.13 GB) (Free:85.89 GB) NTFS
Drive e: (New Volume) (Fixed) (Total:931.02 GB) (Free:552.09 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 223.6 GB) (Disk ID: 7A05D2E9)
Partition 1: (Not Active) - (Size=223.1 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=450 MB) - (Type=27)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 7A05D2EE)
Partition 1: (Active) - (Size=500 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=931 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================
 

Attachments

Last edited by a moderator:
  • Like
Reactions: Malnutrition
Alright, It will take me a while to look these over.

Run this scan while you wait for me. :)

Zemana Scan.

Please download Zemana AntiMalware and save it to your Desktop.
  • Install the program and once the installation is complete it will start automatically.
  • Click the Cog/Sproket Wheel,
    upload_2017-1-29_21-3-19-png.1462
    at the top right of Zemana
  • Select Advanced - I have read the warning and wish to proceed.
  • Place a tick next to Detect Suspicious (Root CA) Certificates.
  • Then click the house icon in Zemana.
  • Then, press Scan to begin.
  • After the short scan is finished, if threats are detected press Next to remove them.
Note: If restart is required to finish the cleaning process, you should click Reboot. If reboot isn't required, please restart your computer manually.
  • Open Zemana AntiMalware again.
  • Click on
    4zu6vb.jpg
    icon and double click the latest report.
  • Now click File > Save As and choose your Desktop before pressing Save.
  • The only left thing is to Copy Paste saved report in your next message.
  • This will open a logfile, post that in your next reply
File Search With Everything Search Engine.

Download and install the Everything Search Engine
Right Click Run As Admin. Type or Copy Paste UCBrowser into search window.
Then Click Edit. >>>Select all.
Right Click highlighted items>>>>>>>> Copy full name to clipboard.
Paste content of clipboard, here in your next reply.
 
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\Config\Browsers\ucbrowser.browser
C:\Windows\Microsoft.NET\Framework\v4.0.30319\Config\Browsers\ucbrowser.browser
C:\Windows\WinSxS\amd64_netfx4-browser_files_b03f5f7f11d50a3a_4.0.14305.0_none_ca91f5e702314acf\ucbrowser.browser
C:\Windows\WinSxS\x86_netfx4-browser_files_b03f5f7f11d50a3a_4.0.14305.0_none_123f2cbe16ad73d5\ucbrowser.browser
C:\Windows\Prefetch\UCBROWSER.EXE-E739332C.pf
C:\Users\Tuf Tuf\AppData\Local\Temp\UCBrowserSecureUpdater.xml
C:\Windows\Temp\UCBrowserSecureUpdater.xml
 

Attachments

Remove the programs below with Geek Uninstaller. If something will not uninstall, then use Force Mode.


µTorrent (HKU\S-1-5-21-4011794534-997363082-2150810316-1001\...\uTorrent) (Version: 3.4.9.43295 - BitTorrent Inc.)
Advanced SystemCare 9 (HKLM-x32\...\Advanced SystemCare_is1) (Version: 9.4.0 - IObit)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.8231.2252 - Google Inc.)
IObit Uninstaller (HKLM-x32\...\IObitUninstall) (Version: 5.4.0.125 - IObit)
Smart Defrag 5 (HKLM-x32\...\Smart Defrag_is1) (Version: 5.4.0 - IObit)

FRST Fix.

Click Here to Download Fixlist.

Download attached fixlist.txt file and save it to the Desktop. NOTE. It's important that both files, FRST/FRST64 and fixlist.txt are in the same location or the fix will not work. NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system Run FRST/FRST64 and press the Fix button just once and wait. If for some reason the tool needs a restart, please make sure you let the system restart normally. After that let the tool complete its run. When finished FRST will generate a log on the Desktop (Fixlog.txt). Please post it to your reply.
 

Attachments

here's the log.

Fix result of Farbar Recovery Scan Tool (x64) Version: 15-02-2017 02
Ran by Tuf Tuf (16-02-2017 17:21:24) Run:3
Running from C:\Users\Tuf Tuf\Desktop\New folder (2)
Loaded Profiles: Tuf Tuf (Available Profiles: Tuf Tuf)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
Closeprocesses:
CreateRestorePoint:
Emptytemp:
HKU\S-1-5-21-4011794534-997363082-2150810316-1001\...\Run: [Advanced SystemCare 9] => C:\Program Files (x86)\IObit\Advanced SystemCare\ASCTray.exe [2023712 2016-07-27] (IObit)
HKU\S-1-5-18\...\Run: [] => 0
ShellIconOverlayIdentifiers: [KzShlobj] -> {AAA0C5B8-933F-4200-93AD-B143D7FFF9F2} => -> No File
Tcpip\..\Interfaces\{171eca01-cdb5-47fd-9764-235f42fe1124}: [DhcpNameServer] 172.18.11.1
Tcpip\..\Interfaces\{1d312508-3044-4cd2-b2d9-aa93aceb5006}: [DhcpNameServer] 172.18.13.1
Tcpip\..\Interfaces\{6acb4502-f8d6-4a8b-abee-2c7aba76975a}: [DhcpNameServer] 89.216.1.40 89.216.1.50
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer.dll [2015-11-12] (IObit)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-11-12] (Google Inc.)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office16\GROOVEEX.DLL [2016-07-13] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\ssv.dll [2017-01-18] (Oracle Corporation)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-11-12] (Google Inc.)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office16\GROOVEEX.DLL [2016-07-13] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\jp2ssv.dll [2017-01-18] (Oracle Corporation)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-11-12] (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-11-12] (Google Inc.)
Handler: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2016-07-12] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2016-07-12] (Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2016-07-12] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2016-07-12] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-16] (Google Inc.)
R1 ucdrv; C:\Program Files (x86)\UCBrowser\Security:ucdrv-x64.sys [25444 ] (UC Web Inc.) <==== ATTENTION
C:\Program Files (x86)\UCBrowser
2017-02-16 13:31 - 2017-02-16 13:31 - 00000000 ____D C:\Users\Default\AppData\Local\AdvinstAnalytics
2017-02-16 13:31 - 2017-02-16 13:31 - 00000000 ____D C:\Users\Default User\AppData\Local\AdvinstAnalytics
2017-02-14 16:15 - 2017-02-16 13:48 - 00000424 _____ C:\WINDOWS\Tasks\update-sys.job
2017-02-14 16:15 - 2017-02-16 13:48 - 00000424 _____ C:\WINDOWS\Tasks\update-S-1-5-21-4011794534-997363082-2150810316-1001.job
2017-02-14 16:15 - 2017-02-16 13:36 - 00003598 _____ C:\WINDOWS\System32\Tasks\update-S-1-5-21-4011794534-997363082-2150810316-1001
2017-02-14 16:15 - 2017-02-16 13:36 - 00003440 _____ C:\WINDOWS\System32\Tasks\update-sys
2017-02-07 07:02 - 2017-02-07 07:02 - 00002904 _____ C:\WINDOWS\System32\Tasks\AVGPCTuneUp_Task_BkGndMaintenance
2017-02-05 17:02 - 2017-02-05 17:02 - 00000000 ____D C:\WINDOWS\Tasks\ImCleanDisabled
2017-02-05 17:01 - 2017-02-05 17:01 - 00000000 ____D C:\ProgramData\{FD6F83C0-EC70-4581-8361-C70CD1AA4B98}
2017-02-04 02:37 - 2017-02-04 02:37 - 00003798 _____ C:\WINDOWS\System32\Tasks\Java Platform SE Auto Updater
2017-02-01 12:17 - 2017-02-12 00:37 - 00000000 ____D C:\Program Files (x86)\AVG
2017-02-01 12:16 - 2017-02-12 00:37 - 00000000 ____D C:\ProgramData\Avg
2017-02-01 12:16 - 2017-02-12 00:35 - 00000000 ____D C:\Users\Tuf Tuf\AppData\Local\AvgSetupLog
2017-02-01 12:16 - 2017-02-04 02:34 - 00000000 ____D C:\Users\Tuf Tuf\AppData\Local\Avg
2017-02-01 12:10 - 2017-02-15 10:54 - 00000892 _____ C:\WINDOWS\Tasks\Adobe Flash Player PPAPI Notifier.job
2017-02-01 12:10 - 2017-02-15 10:54 - 00000830 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\Config\Browsers\ucbrowser.browser
C:\Windows\Microsoft.NET\Framework\v4.0.30319\Config\Browsers\ucbrowser.browser
C:\Windows\WinSxS\amd64_netfx4-browser_files_b03f5f7f11d50a3a_4.0.14305.0_none_ca91f5e702314acf\ucbrowser.browser
C:\Windows\WinSxS\x86_netfx4-browser_files_b03f5f7f11d50a3a_4.0.14305.0_none_123f2cbe16ad73d5\ucbrowser.browser
C:\Windows\Prefetch\UCBROWSER.EXE-E739332C.pf
C:\Users\Tuf Tuf\AppData\Local\Temp\UCBrowserSecureUpdater.xml
C:\Windows\Temp\UCBrowserSecureUpdater.xml
2017-02-16 15:10 - 2016-11-12 16:39 - 00000000 ____D C:\Users\Tuf Tuf\AppData\Roaming\uTorrent
2017-02-16 14:16 - 2017-02-16 14:16 - 0007628 _____ () C:\Users\Tuf Tuf\AppData\Local\Resmon.ResmonCfg
2017-01-08 19:20 - 2016-11-23 14:37 - 0000570 _____ () C:\Users\Tuf Tuf\AppData\Local\TroubleshooterConfig.json
2017-02-14 16:15 - 2017-02-14 16:15 - 0000003 _____ () C:\Users\Tuf Tuf\AppData\Local\updater.log
2017-02-14 16:15 - 2017-02-14 16:15 - 0000424 _____ () C:\Users\Tuf Tuf\AppData\Local\UserProducts.xml
Task: {1291329F-711E-4D79-BB39-81AB92FBEE16} - System32\Tasks\Uninstaller_SkipUac_Tuf_Tuf => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe [2016-06-24] (IObit)
Task: {22023BE7-EBDE-425D-A9BC-2B70B64CCF3C} - System32\Tasks\SmartDefrag_AutoAnalyze => C:\Program Files (x86)\IObit\Smart Defrag\AutoDefrag.exe [2016-06-06] (IObit)
Task: {390A80DB-832D-4A79-BD12-B07C04C36B58} - System32\Tasks\SmartDefrag_Startup => C:\Program Files (x86)\IObit\Smart Defrag\SmartDefrag.exe [2016-11-21] (IObit)
Task: {4D35E975-DC8B-4611-B067-D21AFFCF7208} - System32\Tasks\IObitSelfCheckTask => C:\Program Files (x86)\IObit\Smart Defrag\IObitSelfCheck.exe [2016-10-18] (IObit)
Task: {4DB4F82B-1412-4545-A198-8252A8EB9481} - System32\Tasks\Driver Booster Scheduler => C:\Program Files (x86)\IObit\Driver Booster\4.2.0\Scheduler.exe [2016-12-14] (IObit)
Task: {5FB85A30-A764-41E6-8FB4-3519FD2DB576} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-11-12] (Google Inc.)
Task: {6253A371-AAE5-4961-9AAD-DCE647056AFE} - System32\Tasks\update-sys => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [2016-07-11] ()
Task: {71B56123-A5BB-4E90-8173-1CB799098B1D} - System32\Tasks\ASC9_SkipUac_Tuf Tuf => C:\Program Files (x86)\IObit\Advanced SystemCare\ASC.exe [2016-08-16] (IObit)
Task: {86B7B8F6-825B-4768-B737-4C766CB8B47F} - System32\Tasks\update-S-1-5-21-4011794534-997363082-2150810316-1001 => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [2016-07-11] ()
Task: {8B693347-00FC-4815-87A9-B3EF7C07FB32} - System32\Tasks\Driver Booster SkipUAC (Tuf Tuf) => C:\Program Files (x86)\IObit\Driver Booster\4.2.0\DriverBooster.exe [2017-01-10] (IObit)
Task: {A8E606F2-4BF2-4125-A8B5-D475B95352D9} - System32\Tasks\SmartDefrag_Update => C:\Program Files (x86)\IObit\Smart Defrag\AutoUpdate.exe [2016-07-22] (IObit)
Task: {CDC13BD6-A046-40C3-BFC8-CD3BB24948FB} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWoW64\Macromed\Flash\FlashUtil32_24_0_0_221_pepper.exe [2017-02-15] (Adobe Systems Incorporated)
Task: {D04D623E-6997-49D0-9B63-A607FE1737F5} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-11-12] (Google Inc.)
Task: {D12B7047-5EB5-459D-92A0-61313FF46521} - System32\Tasks\ASC9_PerformanceMonitor => C:\Program Files (x86)\IObit\Advanced SystemCare\Monitor.exe [2016-07-20] (IObit)
Task: {D3F23C75-AFB2-41B8-99A6-A9D53E5F9D19} - System32\Tasks\Java Platform SE Auto Updater => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2016-12-12] (Oracle Corporation)
Task: {EDE4968C-42DB-4B8E-BD77-E42703B5ABF3} - System32\Tasks\AVGPCTuneUp_Task_BkGndMaintenance => C:\Program Files (x86)\AVG\AVG PC TuneUp\tuscanx.exe
Task: C:\WINDOWS\Tasks\Adobe Flash Player PPAPI Notifier.job => C:\WINDOWS\SysWoW64\Macromed\Flash\FlashUtil32_24_0_0_221_pepper.exe
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWoW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\ASC9_SkipUac_Tuf Tuf.job => C:\Program Files (x86)\IObit\Advanced SystemCare\ASC.exe
Task: C:\WINDOWS\Tasks\Uninstaller_SkipUac_Tuf_Tuf.job => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe
Task: C:\WINDOWS\Tasks\update-S-1-5-21-4011794534-997363082-2150810316-1001.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe
Task: C:\WINDOWS\Tasks\update-sys.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe
ShortcutWithArgument: C:\Users\Tuf Tuf\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome апликације\Sticky Notes.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=nbjdhgkkhefpifbifjiflpaajchdkhpg
ShortcutWithArgument: C:\Users\Tuf Tuf\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\360c22b137d62ce9\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=ChromeDefaultData
AlternateDataStreams: C:\WINDOWS\system32\drivers:ucdrv-x64.sys [25444]
AlternateDataStreams: C:\WINDOWS\system32\drivers:x64 [371912]
AlternateDataStreams: C:\WINDOWS\system32\drivers:x86 [1213218]
C:\WINDOWS\system32\Drivers\etc\hosts
Hosts:
HKLM\...\StartupApproved\Run: => "XFast LAN"
HKLM\...\StartupApproved\Run: => "AvgUi"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "LogMeIn Hamachi Ui"
HKU\S-1-5-21-4011794534-997363082-2150810316-1001\...\StartupApproved\StartupFolder: => "Send to OneNote.lnk"
HKU\S-1-5-21-4011794534-997363082-2150810316-1001\...\StartupApproved\Run: => "Skype"
HKU\S-1-5-21-4011794534-997363082-2150810316-1001\...\StartupApproved\Run: => "BlueStacks Agent"
RemoveProxy:
CMD: ipconfig /flushdns
end
*****************

Processes closed successfully.
Restore point was successfully created.
HKU\S-1-5-21-4011794534-997363082-2150810316-1001\Software\Microsoft\Windows\CurrentVersion\Run\\Advanced SystemCare 9 => value not found.
HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run\\ => value removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\KzShlobj => key removed successfully
HKCR\CLSID\{AAA0C5B8-933F-4200-93AD-B143D7FFF9F2} => key not found.
HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{171eca01-cdb5-47fd-9764-235f42fe1124}\\DhcpNameServer => value removed successfully
HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{1d312508-3044-4cd2-b2d9-aa93aceb5006}\\DhcpNameServer => value removed successfully
HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{6acb4502-f8d6-4a8b-abee-2c7aba76975a}\\DhcpNameServer => value removed successfully
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{10921475-03CE-4E04-90CE-E2E7EF20C814} => key not found.
HKCR\CLSID\{10921475-03CE-4E04-90CE-E2E7EF20C814} => key not found.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7} => key not found.
HKCR\CLSID\{AA58ED58-01DD-4d91-8333-CF10577473F7} => key not found.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} => key removed successfully
HKCR\CLSID\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} => key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} => key removed successfully
HKCR\Wow6432Node\CLSID\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} => key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7} => key not found.
HKCR\Wow6432Node\CLSID\{AA58ED58-01DD-4d91-8333-CF10577473F7} => key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} => key removed successfully
HKCR\Wow6432Node\CLSID\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} => key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9} => key removed successfully
HKCR\Wow6432Node\CLSID\{DBC80044-A445-435b-BC74-9C25C1C588A9} => key not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{2318C2B1-4965-11d4-9B18-009027A5CD4F} => value not found.
HKCR\CLSID\{2318C2B1-4965-11d4-9B18-009027A5CD4F} => key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{2318C2B1-4965-11d4-9B18-009027A5CD4F} => value not found.
HKCR\Wow6432Node\CLSID\{2318C2B1-4965-11d4-9B18-009027A5CD4F} => key not found.
HKCR\PROTOCOLS\Handler\mso-minsb.16 => key not found.
HKCR\CLSID\{3459B272-CC19-4448-86C9-DDC3B4B2FAD3} => key not found.
HKCR\Wow6432Node\PROTOCOLS\Handler\mso-minsb.16 => key not found.
HKCR\Wow6432Node\CLSID\{3459B272-CC19-4448-86C9-DDC3B4B2FAD3} => key not found.
HKCR\PROTOCOLS\Handler\osf.16 => key not found.
HKCR\CLSID\{5504BE45-A83B-4808-900A-3A5C36E7F77A} => key not found.
HKCR\Wow6432Node\PROTOCOLS\Handler\osf.16 => key not found.
HKCR\Wow6432Node\CLSID\{5504BE45-A83B-4808-900A-3A5C36E7F77A} => key not found.
HKLM\Software\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3 => key removed successfully
C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll => moved successfully
HKLM\Software\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9 => key removed successfully
C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll => not found.
ucdrv => service not found.
"C:\Program Files (x86)\UCBrowser" => not found.
"C:\Users\Default\AppData\Local\AdvinstAnalytics" => not found.
"C:\Users\Default User\AppData\Local\AdvinstAnalytics" => not found.
C:\WINDOWS\Tasks\update-sys.job => moved successfully
C:\WINDOWS\Tasks\update-S-1-5-21-4011794534-997363082-2150810316-1001.job => moved successfully
C:\WINDOWS\System32\Tasks\update-S-1-5-21-4011794534-997363082-2150810316-1001 => moved successfully
C:\WINDOWS\System32\Tasks\update-sys => moved successfully
C:\WINDOWS\System32\Tasks\AVGPCTuneUp_Task_BkGndMaintenance => moved successfully
C:\WINDOWS\Tasks\ImCleanDisabled => moved successfully
C:\ProgramData\{FD6F83C0-EC70-4581-8361-C70CD1AA4B98} => moved successfully
C:\WINDOWS\System32\Tasks\Java Platform SE Auto Updater => moved successfully
C:\Program Files (x86)\AVG => moved successfully
C:\ProgramData\Avg => moved successfully
C:\Users\Tuf Tuf\AppData\Local\AvgSetupLog => moved successfully
C:\Users\Tuf Tuf\AppData\Local\Avg => moved successfully
C:\WINDOWS\Tasks\Adobe Flash Player PPAPI Notifier.job => moved successfully
C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => moved successfully
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\Config\Browsers\ucbrowser.browser => moved successfully
C:\Windows\Microsoft.NET\Framework\v4.0.30319\Config\Browsers\ucbrowser.browser => moved successfully
C:\Windows\WinSxS\amd64_netfx4-browser_files_b03f5f7f11d50a3a_4.0.14305.0_none_ca91f5e702314acf\ucbrowser.browser => moved successfully
C:\Windows\WinSxS\x86_netfx4-browser_files_b03f5f7f11d50a3a_4.0.14305.0_none_123f2cbe16ad73d5\ucbrowser.browser => moved successfully
C:\Windows\Prefetch\UCBROWSER.EXE-E739332C.pf => moved successfully
C:\Users\Tuf Tuf\AppData\Local\Temp\UCBrowserSecureUpdater.xml => moved successfully
C:\Windows\Temp\UCBrowserSecureUpdater.xml => moved successfully
"C:\Users\Tuf Tuf\AppData\Roaming\uTorrent" => not found.
C:\Users\Tuf Tuf\AppData\Local\Resmon.ResmonCfg => moved successfully
C:\Users\Tuf Tuf\AppData\Local\TroubleshooterConfig.json => moved successfully
C:\Users\Tuf Tuf\AppData\Local\updater.log => moved successfully
C:\Users\Tuf Tuf\AppData\Local\UserProducts.xml => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{1291329F-711E-4D79-BB39-81AB92FBEE16} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1291329F-711E-4D79-BB39-81AB92FBEE16} => key removed successfully
C:\WINDOWS\System32\Tasks\Uninstaller_SkipUac_Tuf_Tuf => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Uninstaller_SkipUac_Tuf_Tuf => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{22023BE7-EBDE-425D-A9BC-2B70B64CCF3C} => key not found.
C:\WINDOWS\System32\Tasks\SmartDefrag_AutoAnalyze => not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SmartDefrag_AutoAnalyze => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{390A80DB-832D-4A79-BD12-B07C04C36B58} => key not found.
C:\WINDOWS\System32\Tasks\SmartDefrag_Startup => not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SmartDefrag_Startup => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4D35E975-DC8B-4611-B067-D21AFFCF7208} => key not found.
C:\WINDOWS\System32\Tasks\IObitSelfCheckTask => not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\IObitSelfCheckTask => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{4DB4F82B-1412-4545-A198-8252A8EB9481} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4DB4F82B-1412-4545-A198-8252A8EB9481} => key removed successfully
C:\WINDOWS\System32\Tasks\Driver Booster Scheduler => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Driver Booster Scheduler => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5FB85A30-A764-41E6-8FB4-3519FD2DB576} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5FB85A30-A764-41E6-8FB4-3519FD2DB576} => key removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6253A371-AAE5-4961-9AAD-DCE647056AFE} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6253A371-AAE5-4961-9AAD-DCE647056AFE} => key removed successfully
C:\WINDOWS\System32\Tasks\update-sys => not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\update-sys => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{71B56123-A5BB-4E90-8173-1CB799098B1D} => key not found.
C:\WINDOWS\System32\Tasks\ASC9_SkipUac_Tuf Tuf => not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ASC9_SkipUac_Tuf Tuf => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{86B7B8F6-825B-4768-B737-4C766CB8B47F} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{86B7B8F6-825B-4768-B737-4C766CB8B47F} => key removed successfully
C:\WINDOWS\System32\Tasks\update-S-1-5-21-4011794534-997363082-2150810316-1001 => not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\update-S-1-5-21-4011794534-997363082-2150810316-1001 => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8B693347-00FC-4815-87A9-B3EF7C07FB32} => key not found.
C:\WINDOWS\System32\Tasks\Driver Booster SkipUAC (Tuf Tuf) => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Driver Booster SkipUAC (Tuf Tuf) => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A8E606F2-4BF2-4125-A8B5-D475B95352D9} => key not found.
C:\WINDOWS\System32\Tasks\SmartDefrag_Update => not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SmartDefrag_Update => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{CDC13BD6-A046-40C3-BFC8-CD3BB24948FB} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CDC13BD6-A046-40C3-BFC8-CD3BB24948FB} => key removed successfully
C:\WINDOWS\System32\Tasks\Adobe Flash Player PPAPI Notifier => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Adobe Flash Player PPAPI Notifier => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{D04D623E-6997-49D0-9B63-A607FE1737F5} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D04D623E-6997-49D0-9B63-A607FE1737F5} => key removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D12B7047-5EB5-459D-92A0-61313FF46521} => key not found.
C:\WINDOWS\System32\Tasks\ASC9_PerformanceMonitor => not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ASC9_PerformanceMonitor => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D3F23C75-AFB2-41B8-99A6-A9D53E5F9D19} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D3F23C75-AFB2-41B8-99A6-A9D53E5F9D19} => key removed successfully
C:\WINDOWS\System32\Tasks\Java Platform SE Auto Updater => not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Java Platform SE Auto Updater => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{EDE4968C-42DB-4B8E-BD77-E42703B5ABF3} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EDE4968C-42DB-4B8E-BD77-E42703B5ABF3} => key removed successfully
C:\WINDOWS\System32\Tasks\AVGPCTuneUp_Task_BkGndMaintenance => not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AVGPCTuneUp_Task_BkGndMaintenance => key removed successfully
C:\WINDOWS\Tasks\Adobe Flash Player PPAPI Notifier.job => not found.
C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => not found.
C:\WINDOWS\Tasks\ASC9_SkipUac_Tuf Tuf.job => not found.
C:\WINDOWS\Tasks\Uninstaller_SkipUac_Tuf_Tuf.job => moved successfully
C:\WINDOWS\Tasks\update-S-1-5-21-4011794534-997363082-2150810316-1001.job => not found.
C:\WINDOWS\Tasks\update-sys.job => not found.
C:\Users\Tuf Tuf\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome апликације\Sticky Notes.lnk => Shortcut argument removed successfully.
C:\Users\Tuf Tuf\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\360c22b137d62ce9\Google Chrome.lnk => Shortcut argument removed successfully.
C:\WINDOWS\system32\drivers => ":ucdrv-x64.sys" ADS removed successfully.
C:\WINDOWS\system32\drivers => ":x64" ADS removed successfully.
C:\WINDOWS\system32\drivers => ":x86" ADS removed successfully.
C:\WINDOWS\system32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run\\XFast LAN => value removed successfully
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\XFast LAN => value removed successfully
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run\\AvgUi => value removed successfully
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\AvgUi => value not found.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32\\SunJavaUpdateSched => value removed successfully
HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => value removed successfully
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32\\LogMeIn Hamachi Ui => value removed successfully
HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\LogMeIn Hamachi Ui => value removed successfully
C:\Users\Tuf Tuf\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Send to OneNote.lnk => not found.
HKU\S-1-5-21-4011794534-997363082-2150810316-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\StartupFolder\\Send to OneNote.lnk => value removed successfully
HKU\S-1-5-21-4011794534-997363082-2150810316-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run\\Skype => value removed successfully
HKU\S-1-5-21-4011794534-997363082-2150810316-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\Skype => value removed successfully
HKU\S-1-5-21-4011794534-997363082-2150810316-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run\\BlueStacks Agent => value removed successfully
HKU\S-1-5-21-4011794534-997363082-2150810316-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\BlueStacks Agent => value not found.

========= RemoveProxy: =========

HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value removed successfully
HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value removed successfully
HKU\S-1-5-21-4011794534-997363082-2150810316-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value removed successfully
HKU\S-1-5-21-4011794534-997363082-2150810316-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value removed successfully


========= End of RemoveProxy: =========


========= ipconfig /flushdns =========


Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========= End of CMD: =========


=========== EmptyTemp: ==========

BITS transfer queue => 0 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 18535544 B
Java, Flash, Steam htmlcache => 138240 B
Windows/system/drivers => 1439024 B
Edge => 2221043 B
Chrome => 141434092 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 128 B
systemprofile32 => 0 B
LocalService => 6562 B
NetworkService => 0 B
Tuf Tuf => 90068761 B

RecycleBin => 0 B
EmptyTemp: => 242.1 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 17:21:55 ====
 

Attachments

Last edited by a moderator:
Glad to have helped!! Please tell a friend ...... or two about us.
smile.png


Optimize your internet connection.

Click here for instructions.


suggest the following in place of adblock.
Alternate DNS Server. Ad Blocking DNS.
Ublock Origin.
Anti Ad Block Killer.



Also, keep your browsing private with these tools:

Self Destructing Cookies.
Self Destructing Cookies Chrome.





Some items to keep you safe on the internet.


VooDoo Shield. control of what is running on your machine
Qualys BrowserCheck
To update plugins.
Web Of Trust To Avoid Shady Websites.
Unchecky To Avoid Bundled Software.
Privazer To Clean up your mahcine.



Now Lets Clean up the tools we used and remove old restore points.



Download DelFix by "Xplode" to your Desktop.
Right Click the tool and Run as Admin ( Xp Users Double Click)
Put a check mark next the items below:


Remove disinfection tools
Create registry backup
Purge System Restore




Now click on "Run" button.
allow the program to complete its work.
all the tools we used will be removed.
Tool will create and open a log report (DelFix.txt)
Note: The report can be located at the following location C:\DelFix.txt
 
Status
Not open for further replies.